From 9b6dc7dc044e7929af2c6142594a24490f4ddf83 Mon Sep 17 00:00:00 2001 From: Aleksandr Didenko Date: Thu, 24 Apr 2014 15:59:22 +0300 Subject: [PATCH] Deploy fuel-dockerctl tools via puppet Docketctl is needed for docker containers deployment and management. Also updated nailgun/examples/host-only.pp manifest to make it deploy supervisord in the way we need it for proper work of docker containers. Related to: https://review.openstack.org/#/c/88280/ blueprint fuel-containerization-of-services Change-Id: Ib929c1263a887efef766552588ba3716daa7d790 --- .../docker/files/supervisor/astute.conf | 24 ++ .../docker/files/supervisor/cobbler.conf | 24 ++ .../docker/files/supervisor/mcollective.conf | 24 ++ .../docker/files/supervisor/nailgun.conf | 24 ++ .../puppet/docker/files/supervisor/nginx.conf | 24 ++ .../puppet/docker/files/supervisor/ostf.conf | 24 ++ .../docker/files/supervisor/postgres.conf | 24 ++ .../docker/files/supervisor/rabbitmq.conf | 24 ++ .../puppet/docker/files/supervisor/rsync.conf | 24 ++ .../docker/files/supervisor/rsyslog.conf | 24 ++ .../puppet/docker/manifests/dockerctl.pp | 41 +++ deployment/puppet/docker/manifests/init.pp | 24 ++ .../docker/templates/disable-services.sh.erb | 14 + .../puppet/docker/templates/dockerctl.erb | 92 ++++++ .../docker/templates/dockerctl_config.erb | 133 ++++++++ .../puppet/docker/templates/functions.sh.erb | 285 ++++++++++++++++++ .../puppet/nailgun/examples/host-only.pp | 36 +++ deployment/puppet/nailgun/manifests/host.pp | 7 + .../templates/supervisord.conf.base.erb | 2 +- 19 files changed, 873 insertions(+), 1 deletion(-) create mode 100644 deployment/puppet/docker/files/supervisor/astute.conf create mode 100644 deployment/puppet/docker/files/supervisor/cobbler.conf create mode 100644 deployment/puppet/docker/files/supervisor/mcollective.conf create mode 100644 deployment/puppet/docker/files/supervisor/nailgun.conf create mode 100644 deployment/puppet/docker/files/supervisor/nginx.conf create mode 100644 deployment/puppet/docker/files/supervisor/ostf.conf create mode 100644 deployment/puppet/docker/files/supervisor/postgres.conf create mode 100644 deployment/puppet/docker/files/supervisor/rabbitmq.conf create mode 100644 deployment/puppet/docker/files/supervisor/rsync.conf create mode 100644 deployment/puppet/docker/files/supervisor/rsyslog.conf create mode 100644 deployment/puppet/docker/manifests/dockerctl.pp create mode 100644 deployment/puppet/docker/templates/disable-services.sh.erb create mode 100644 deployment/puppet/docker/templates/dockerctl.erb create mode 100644 deployment/puppet/docker/templates/dockerctl_config.erb create mode 100644 deployment/puppet/docker/templates/functions.sh.erb diff --git a/deployment/puppet/docker/files/supervisor/astute.conf b/deployment/puppet/docker/files/supervisor/astute.conf new file mode 100644 index 0000000000..0d40b31a16 --- /dev/null +++ b/deployment/puppet/docker/files/supervisor/astute.conf @@ -0,0 +1,24 @@ +[program:docker-astute] +command=dockerctl start astute --attach +numprocs=1 +numprocs_start=0 +priority=30 +autostart=true +autorestart=true +startsecs=10 +startretries=1000000 +exitcodes=0,2 +stopsignal=INT +stopwaitsecs=60 +redirect_stderr=true +stdout_logfile=/var/log/%(program_name)s.log +stdout_logfile_maxbytes=50MB +stdout_logfile_backups=10 +stdout_capture_maxbytes=0 +stdout_events_enabled=false +stderr_logfile=/var/log/%(program_name)serr.log +stderr_logfile_maxbytes=50MB +stderr_logfile_backups=10 +stderr_capture_maxbytes=0 +stderr_events_enabled=false +serverurl=AUTO diff --git a/deployment/puppet/docker/files/supervisor/cobbler.conf b/deployment/puppet/docker/files/supervisor/cobbler.conf new file mode 100644 index 0000000000..4ca6f39759 --- /dev/null +++ b/deployment/puppet/docker/files/supervisor/cobbler.conf @@ -0,0 +1,24 @@ +[program:docker-cobbler] +command=dockerctl start cobbler --attach +numprocs=1 +numprocs_start=0 +priority=5 +autostart=true +autorestart=true +startsecs=10 +startretries=1000000 +exitcodes=0,2 +stopsignal=INT +stopwaitsecs=60 +redirect_stderr=true +stdout_logfile=/var/log/%(program_name)s.log +stdout_logfile_maxbytes=50MB +stdout_logfile_backups=10 +stdout_capture_maxbytes=0 +stdout_events_enabled=false +stderr_logfile=/var/log/%(program_name)s-err.log +stderr_logfile_maxbytes=50MB +stderr_logfile_backups=10 +stderr_capture_maxbytes=0 +stderr_events_enabled=false +serverurl=AUTO diff --git a/deployment/puppet/docker/files/supervisor/mcollective.conf b/deployment/puppet/docker/files/supervisor/mcollective.conf new file mode 100644 index 0000000000..ddcf25f08e --- /dev/null +++ b/deployment/puppet/docker/files/supervisor/mcollective.conf @@ -0,0 +1,24 @@ +[program:docker-mcollective] +command=dockerctl start mcollective --attach +numprocs=1 +numprocs_start=0 +priority=40 +autostart=true +autorestart=true +startsecs=10 +startretries=1000000 +exitcodes=0,2 +stopsignal=INT +stopwaitsecs=60 +redirect_stderr=true +stdout_logfile=/var/log/%(program_name)s.log +stdout_logfile_maxbytes=50MB +stdout_logfile_backups=10 +stdout_capture_maxbytes=0 +stdout_events_enabled=false +stderr_logfile=/var/log/%(program_name)s-err.log +stderr_logfile_maxbytes=50MB +stderr_logfile_backups=10 +stderr_capture_maxbytes=0 +stderr_events_enabled=false +serverurl=AUTO diff --git a/deployment/puppet/docker/files/supervisor/nailgun.conf b/deployment/puppet/docker/files/supervisor/nailgun.conf new file mode 100644 index 0000000000..9d3cf365c5 --- /dev/null +++ b/deployment/puppet/docker/files/supervisor/nailgun.conf @@ -0,0 +1,24 @@ +[program:docker-nailgun] +command=dockerctl start nailgun --attach +numprocs=1 +numprocs_start=0 +priority=40 +autostart=true +autorestart=true +startsecs=10 +startretries=1000000 +exitcodes=0,2 +stopsignal=INT +stopwaitsecs=60 +redirect_stderr=true +stdout_logfile=/var/log/%(program_name)s.log +stdout_logfile_maxbytes=50MB +stdout_logfile_backups=10 +stdout_capture_maxbytes=0 +stdout_events_enabled=false +stderr_logfile=/var/log/%(program_name)s-err.log +stderr_logfile_maxbytes=50MB +stderr_logfile_backups=10 +stderr_capture_maxbytes=0 +stderr_events_enabled=false +serverurl=AUTO diff --git a/deployment/puppet/docker/files/supervisor/nginx.conf b/deployment/puppet/docker/files/supervisor/nginx.conf new file mode 100644 index 0000000000..0b33c8d62a --- /dev/null +++ b/deployment/puppet/docker/files/supervisor/nginx.conf @@ -0,0 +1,24 @@ +[program:docker-nginx] +command=dockerctl start nginx --attach +numprocs=1 +numprocs_start=0 +priority=80 +autostart=true +autorestart=true +startsecs=10 +startretries=1000000 +exitcodes=0,2 +stopsignal=INT +stopwaitsecs=60 +redirect_stderr=true +stdout_logfile=/var/log/%(program_name)s.log +stdout_logfile_maxbytes=50MB +stdout_logfile_backups=10 +stdout_capture_maxbytes=0 +stdout_events_enabled=false +stderr_logfile=/var/log/%(program_name)s-err.log +stderr_logfile_maxbytes=50MB +stderr_logfile_backups=10 +stderr_capture_maxbytes=0 +stderr_events_enabled=false +serverurl=AUTO diff --git a/deployment/puppet/docker/files/supervisor/ostf.conf b/deployment/puppet/docker/files/supervisor/ostf.conf new file mode 100644 index 0000000000..8432411ebc --- /dev/null +++ b/deployment/puppet/docker/files/supervisor/ostf.conf @@ -0,0 +1,24 @@ +[program:docker-ostf] +command=dockerctl start ostf --attach +numprocs=1 +numprocs_start=0 +priority=50 +autostart=true +autorestart=true +startsecs=10 +startretries=1000000 +exitcodes=0,2 +stopsignal=INT +stopwaitsecs=60 +redirect_stderr=true +stdout_logfile=/var/log/%(program_name)s.log +stdout_logfile_maxbytes=50MB +stdout_logfile_backups=10 +stdout_capture_maxbytes=0 +stdout_events_enabled=false +stderr_logfile=/var/log/%(program_name)s-err.log +stderr_logfile_maxbytes=50MB +stderr_logfile_backups=10 +stderr_capture_maxbytes=0 +stderr_events_enabled=false +serverurl=AUTO diff --git a/deployment/puppet/docker/files/supervisor/postgres.conf b/deployment/puppet/docker/files/supervisor/postgres.conf new file mode 100644 index 0000000000..b722bbc3c3 --- /dev/null +++ b/deployment/puppet/docker/files/supervisor/postgres.conf @@ -0,0 +1,24 @@ +[program:docker-postgres] +command=dockerctl start postgres --attach +numprocs=1 +numprocs_start=0 +priority=10 +autostart=true +autorestart=true +startsecs=10 +startretries=1000000 +exitcodes=0,2 +stopsignal=INT +stopwaitsecs=60 +redirect_stderr=true +stdout_logfile=/var/log/%(program_name)s.log +stdout_logfile_maxbytes=50MB +stdout_logfile_backups=10 +stdout_capture_maxbytes=0 +stdout_events_enabled=false +stderr_logfile=/var/log/%(program_name)s-err.log +stderr_logfile_maxbytes=50MB +stderr_logfile_backups=10 +stderr_capture_maxbytes=0 +stderr_events_enabled=false +serverurl=AUTO diff --git a/deployment/puppet/docker/files/supervisor/rabbitmq.conf b/deployment/puppet/docker/files/supervisor/rabbitmq.conf new file mode 100644 index 0000000000..be11067567 --- /dev/null +++ b/deployment/puppet/docker/files/supervisor/rabbitmq.conf @@ -0,0 +1,24 @@ +[program:docker-rabbitmq] +command=dockerctl start rabbitmq --attach +numprocs=1 +numprocs_start=0 +priority=15 +autostart=true +autorestart=true +startsecs=10 +startretries=1000000 +exitcodes=0,2 +stopsignal=INT +stopwaitsecs=60 +redirect_stderr=true +stdout_logfile=/var/log/%(program_name)s.log +stdout_logfile_maxbytes=50MB +stdout_logfile_backups=10 +stdout_capture_maxbytes=0 +stdout_events_enabled=false +stderr_logfile=/var/log/%(program_name)s-err.log +stderr_logfile_maxbytes=50MB +stderr_logfile_backups=10 +stderr_capture_maxbytes=0 +stderr_events_enabled=false +serverurl=AUTO diff --git a/deployment/puppet/docker/files/supervisor/rsync.conf b/deployment/puppet/docker/files/supervisor/rsync.conf new file mode 100644 index 0000000000..1f80c4236c --- /dev/null +++ b/deployment/puppet/docker/files/supervisor/rsync.conf @@ -0,0 +1,24 @@ +[program:docker-rsync] +command=dockerctl start %(program_name)s --attach +numprocs=1 +numprocs_start=0 +priority=20 +autostart=true +autorestart=true +startsecs=10 +startretries=1000000 +exitcodes=0,2 +stopsignal=INT +stopwaitsecs=60 +redirect_stderr=true +stdout_logfile=/var/log/%(program_name)s.log +stdout_logfile_maxbytes=50MB +stdout_logfile_backups=10 +stdout_capture_maxbytes=0 +stdout_events_enabled=false +stderr_logfile=/var/log/%(program_name)s-err.log +stderr_logfile_maxbytes=50MB +stderr_logfile_backups=10 +stderr_capture_maxbytes=0 +stderr_events_enabled=false +serverurl=AUTO diff --git a/deployment/puppet/docker/files/supervisor/rsyslog.conf b/deployment/puppet/docker/files/supervisor/rsyslog.conf new file mode 100644 index 0000000000..b64360d8d0 --- /dev/null +++ b/deployment/puppet/docker/files/supervisor/rsyslog.conf @@ -0,0 +1,24 @@ +[program:docker-rsyslog] +command=dockerctl start rsyslog --attach +numprocs=1 +numprocs_start=0 +priority=80 +autostart=true +autorestart=true +startsecs=10 +startretries=1000000 +exitcodes=0,2 +stopsignal=INT +stopwaitsecs=60 +redirect_stderr=true +stdout_logfile=/var/log/%(program_name)s.log +stdout_logfile_maxbytes=50MB +stdout_logfile_backups=10 +stdout_capture_maxbytes=0 +stdout_events_enabled=false +stderr_logfile=/var/log/%(program_name)s-err.log +stderr_logfile_maxbytes=50MB +stderr_logfile_backups=10 +stderr_capture_maxbytes=0 +stderr_events_enabled=false +serverurl=AUTO diff --git a/deployment/puppet/docker/manifests/dockerctl.pp b/deployment/puppet/docker/manifests/dockerctl.pp new file mode 100644 index 0000000000..5292a03c6b --- /dev/null +++ b/deployment/puppet/docker/manifests/dockerctl.pp @@ -0,0 +1,41 @@ +class docker::dockerctl ( + $bin_dir = '/usr/bin', + $share_dir = '/usr/share/dockerctl', + $config_dir = '/etc/dockerctl', + $release, + $production, +) { + + # Make sure we have needed directories + file { "$bin_dir": + ensure => directory; + } + file { "$share_dir": + ensure => directory; + } + file { "$config_dir": + ensure => directory; + } + + # Deploy files + file { "$bin_dir/dockerctl": + require => File["$bin_dir"], + mode => 0755, + content => template("docker/dockerctl.erb"); + } + file { "$bin_dir/disable-services.sh": + require => File["$bin_dir"], + mode => 0755, + content => template("docker/disable-services.sh.erb"); + } + file { "$share_dir/functions": + require => File["$share_dir"], + mode => 0644, + content => template("docker/functions.sh.erb"); + } + file { "$config_dir/config": + require => File["$config_dir"], + mode => 0644, + content => template("docker/dockerctl_config.erb"); + } +} diff --git a/deployment/puppet/docker/manifests/init.pp b/deployment/puppet/docker/manifests/init.pp index 9e2dc28e88..4390824675 100644 --- a/deployment/puppet/docker/manifests/init.pp +++ b/deployment/puppet/docker/manifests/init.pp @@ -2,6 +2,15 @@ class docker ( $limit = "102400", $docker_package = "docker-io", $docker_service = "docker", +$dependent_dirs = ["/var/log/docker-logs", "/var/log/docker-logs/remote", + "/var/log/docker-logs/audit", "/var/log/docker-logs/cobbler", + "/var/log/docker-logs/ConsoleKit", "/var/log/docker-logs/coredump", + "/var/log/docker-logs/httpd", "/var/log/docker-logs/lxc", + "/var/log/docker-logs/nailgun", "/var/log/docker-logs/naily", + "/var/log/docker-logs/nginx", "/var/log/docker-logs/ntpstats", + "/var/log/docker-logs/puppet", "/var/log/docker-logs/rabbitmq", + "/var/log/docker-logs/rhsm", "/var/log/docker-logs/supervisor", + ] ) { package {$docker_package: @@ -20,4 +29,19 @@ $docker_service = "docker", mode => 0644, notify => Service["docker"], } + file { $dependent_dirs: + ensure => directory, + owner => 'root', + group => 'root', + mode => '0755', + } + exec {'build docker containers': + command => 'dockerctl build all', + path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", + require => [ + File[$dependent_dirs], + Service[$docker_service], + ], + before => Service['supervisord'], + } } diff --git a/deployment/puppet/docker/templates/disable-services.sh.erb b/deployment/puppet/docker/templates/disable-services.sh.erb new file mode 100644 index 0000000000..418c51a47d --- /dev/null +++ b/deployment/puppet/docker/templates/disable-services.sh.erb @@ -0,0 +1,14 @@ +#!/bin/bash + +system_services="cobblerd httpd xinetd postgresql rabbitmq-server nginx dnsmasq rsyslog mcollective" +supervisord_services="assassind nailgun ostf receiverd astute" + +for system_service in $system_services; do + chkconfig $system_service off + service $system_service stop +done +for supervisord_service in $supervisord_services; do + supervisorctl stop $supervisord_service +done +#Because rabbitmq-server doesn't really stop correctly +pkill -u rabbitmq diff --git a/deployment/puppet/docker/templates/dockerctl.erb b/deployment/puppet/docker/templates/dockerctl.erb new file mode 100644 index 0000000000..09c570095f --- /dev/null +++ b/deployment/puppet/docker/templates/dockerctl.erb @@ -0,0 +1,92 @@ +#!/bin/bash + +confdir="<%= @config_dir %>" +. "$confdir/config" +. "<%= @share_dir %>/functions" +DEBUG=true + +if [ -z "$1" ] || [ "$1" = "help" ]; then + echo "Please specify a command." + show_usage + exit 1 +fi + +if [ -z "$2" ] || [ "$2" = "all" ]; then + container="all" +else + container=$2 +fi + +if [ "$1" == "build" ]; then + if [ "$container" = "storage" ]; then + build_storage_containers + run_storage_containers + elif [ "$container" = "all" ];then + #Step 1: prepare storage containers + build_storage_containers + run_storage_containers + + #Step 2: import app images + import_images ${SOURCE_IMAGES[@]} + + #Prepare iptables just in case ICC is broken + allow_all_docker_traffic + + #Step 3: Launch all in order + apps="postgres rabbitmq rsync astute rsyslog nailgun mcollective ostf nginx cobbler" + for service in $apps; do + start_container $service + sleep 4 + done + + #Deploy supervisord scripts + #TODO(mattymo): puppetize this in host-only role + #yum install -y supervisor + #mkdir -p /etc/supervisord.d + #cp -R $confdir/supervisor/* /etc/supervisord.d/$VERSION/ + #cp /etc/puppet/modules/nailgun/templates/supervisord.conf.base.erb /etc/supervisord.conf + #service supervisord start + + #Step 4: Test deployment TODO(mattymo) + #run_tests $apps + else + import_images ${SOURCE_IMAGES[$container]} + start_container $container + fi +elif [ "$1" == "start" ]; then + if [ "$container" = "all" ];then + apps="postgres rabbitmq rsync astute rsyslog nailgun mcollective ostf nginx cobbler" + + for service in $apps; do + start_container $service + #supervisorctl start $service + sleep 4 + done + else + shift 2 + start_container $container $@ + fi +elif [ "$1" == "restart" ]; then + shift 2 + restart_container $container $@ +elif [ "$1" == "stop" ]; then + shift 2 + stop_container $container $@ +elif [ "$1" == "shell" ]; then + shift 2 + shell_container $container $@ +elif [ "$1" == "upgrade" ]; then + shift 2 + upgrade_container $container $@ +elif [ "$1" == "backup" ]; then + shift 2 + backup_container $container $@ +elif [ "$1" == "destroy" ]; then + shift 2 + destroy_container $container $@ +elif [ "$1" == "logs" ]; then + logs $container +else + echo "Invalid selection." + show_usage +fi diff --git a/deployment/puppet/docker/templates/dockerctl_config.erb b/deployment/puppet/docker/templates/dockerctl_config.erb new file mode 100644 index 0000000000..767986a5fe --- /dev/null +++ b/deployment/puppet/docker/templates/dockerctl_config.erb @@ -0,0 +1,133 @@ +#!/bin/bash + +### Container information +#Paths +DOCKER_ROOT="/var/www/nailgun/docker" +IMAGE_DIR="${DOCKER_ROOT}/images" +SOURCE_DIR="${DOCKER_ROOT}/sources" +#SUPERVISOR_CONF_DIR="${docker_root}/supervisor.d" +#SUPERVISOR_CONF_DIR="${docker_root}/supervisor" +#SUPERVISOR_CONF_DIR="<%= @config_dir %>/supervisor/" +ASTUTE_YAML=/etc/astute.yaml +#Version of Fuel to deploy +VERSION="<%= @release %>" +IMAGE_PREFIX="fuel" +# busybox image for storage containers +BUSYBOX_IMAGE="busybox.tar.gz" +# base centos image for all containers +BASE_IMAGE="centos.tar.gz" + +ZIP_EXT=${ZIP_EXT:-".tar.xz"} +# source images for apps +declare -A SOURCE_IMAGES +SOURCE_IMAGES['cobbler']="${IMAGE_DIR}/cobbler${ZIP_EXT}" +SOURCE_IMAGES['postgres']="${IMAGE_DIR}/postgres${ZIP_EXT}" +SOURCE_IMAGES['rabbitmq']="${IMAGE_DIR}/rabbitmq${ZIP_EXT}" +SOURCE_IMAGES['rsync']="${IMAGE_DIR}/rsync${ZIP_EXT}" +SOURCE_IMAGES['astute']="${IMAGE_DIR}/astute${ZIP_EXT}" +SOURCE_IMAGES['nailgun']="${IMAGE_DIR}/nailgun${ZIP_EXT}" +SOURCE_IMAGES['ostf']="${IMAGE_DIR}/ostf${ZIP_EXT}" +SOURCE_IMAGES['nginx']="${IMAGE_DIR}/nginx${ZIP_EXT}" +SOURCE_IMAGES['rsyslog']="${IMAGE_DIR}/rsyslog${ZIP_EXT}" +SOURCE_IMAGES['mcollective']="${IMAGE_DIR}/mcollective${ZIP_EXT}" + +# storage container names +PREFIX_STORAGE="fuel-storage-${VERSION}-" +DUMP_CNT="${PREFIX_STORAGE}dump" +REPO_CNT="${PREFIX_STORAGE}repo" +PUPPET_CNT="${PREFIX_STORAGE}puppet" +LOG_CNT="${PREFIX_STORAGE}log" + +# app container names +declare -A CONTAINER_NAMES +prefix="fuel-core-${VERSION}-" +CONTAINER_NAMES['cobbler']="${prefix}cobbler" +CONTAINER_NAMES['postgres']="${prefix}postgres" +CONTAINER_NAMES['rabbitmq']="${prefix}rabbitmq" +CONTAINER_NAMES['rsync']="${prefix}rsync" +CONTAINER_NAMES['astute']="${prefix}astute" +CONTAINER_NAMES['nailgun']="${prefix}nailgun" +CONTAINER_NAMES['ostf']="${prefix}ostf" +CONTAINER_NAMES['nginx']="${prefix}nginx" +CONTAINER_NAMES['rsyslog']="${prefix}rsyslog" +CONTAINER_NAMES['mcollective']="${prefix}mcollective" + +# app container options +declare -A CONTAINER_OPTIONS +base_opts="-t" +FOREGROUND="-i" +BACKGROUND="-d" +CONTAINER_OPTIONS["cobbler"]="-p 53:53/udp -p 69:69/udp -p 80:80 -p 443:443 --privileged $base_opts" +CONTAINER_OPTIONS["postgres"]="-p 5432:5432 $base_opts" +CONTAINER_OPTIONS["rabbitmq"]="-p 5672:5672 -p 4369:4369 -p 15672:15672 -p 61613:61613 $base_opts" +CONTAINER_OPTIONS["rsync"]="-p 873:873 $base_opts" +CONTAINER_OPTIONS["astute"]="$base_opts" +CONTAINER_OPTIONS["nailgun"]="-v /etc/nailgun -p 8001:8001 $base_opts" +CONTAINER_OPTIONS["ostf"]="-p 8777:8777 $base_opts" +CONTAINER_OPTIONS["nginx"]="-p 8000:8000 -p 8080:8080 $base_opts" +CONTAINER_OPTIONS["rsyslog"]="--privileged -p 514:514 -p 514:514/udp -p 25150 $base_opts" +CONTAINER_OPTIONS["mcollective"]="--privileged $base_opts" + +###### +#DRAFT: Dependency of volumes for deployment +##### + +#Host volumes +declare -A HOST_VOL +HOST_VOL['dump']="-v /var/www/nailgun/dump:/dump" +#HOST_VOL['dump']="-v /var/www/nailgun/dump:/var/www/nailgun/dump" +HOST_VOL['repo']="-v /var/www/nailgun:/repo:ro" +HOST_VOL['puppet']="-v /etc/puppet:/puppet:ro" +HOST_VOL['sshkey']="-v /root/.ssh:/root/.ssh:ro" +HOST_VOL['astuteyaml']="-v /etc/fuel:/etc/fuel:ro" +HOST_VOL['remotelogs']="-v /var/log/remote:/remote" +HOST_VOL['dockerlogs']="-v /var/log/docker-logs:/log" + +#Storage container volume mounts +declare -A CONTAINER_VOLUMES +CONTAINER_VOLUMES[$DUMP_CNT]="${HOST_VOL['dump']}" +CONTAINER_VOLUMES[$REPO_CNT]="${HOST_VOL['repo']}" +#TODO(mattymo): inject puppet modules to puppet container during initial run +#instead of relaying host dir +CONTAINER_VOLUMES[$PUPPET_CNT]="${HOST_VOL['puppet']}" +CONTAINER_VOLUMES[$LOG_CNT]="${HOST_VOL['dockerlogs']} ${HOST_VOL['remotelogs']}" + +#Storage container volumes +DUMP_VOL="--volumes-from $DUMP_CNT" +REPO_VOL="--volumes-from $REPO_CNT" +PUPPET_VOL="--volumes-from $PUPPET_CNT" +LOG_VOL="-v /var/log/docker-logs:/var/log" +#LOG_VOL="--volumes-from $LOG_CNT" + +#Nailgun static files are in nailgun container +NAILGUN_VOL="--volumes-from ${CONTAINER_NAMES['nailgun']}" + +#App container volume mounts +###requirements cheat sheet +###ALL: astuteyaml $REPO_CNT $LOG_VOL +###sshkey: nailgun cobbler astute mcollective +###dump: nginx mcollective +###remotelogs: rsyslog nailgun nginx +###nailgun: nginx mcollective + +declare -A REQS +REQS["${HOST_VOL['astuteyaml']}"]="cobbler postgres rabbitmq rsync astute nailgun ostf nginx rsyslog mcollective" +REQS["$REPO_VOL"]="cobbler postgres rabbitmq rsync astute nailgun ostf nginx rsyslog mcollective" +#Most containers work from local integrated puppet +REQS["$PUPPET_VOL"]="rsync" +#REQS["$PUPPET_VOL"]="cobbler postgres rabbitmq rsync astute nailgun ostf nginx rsyslog mcollective" +REQS["$LOG_VOL"]="cobbler postgres rabbitmq rsync astute nailgun ostf nginx rsyslog mcollective" +REQS["${HOST_VOL['sshkey']}"]="nailgun cobbler astute mcollective" +REQS["${HOST_VOL['dump']}"]="nginx mcollective" +#REQS["${HOST_VOL['remotelogs']}"]="rsyslog nailgun nginx" +REQS["$NAILGUN_VOL"]="nginx mcollective" + +#assemble requirements +for requirement in "${!REQS[@]}"; do + for container in ${REQS["$requirement"]}; do + CONTAINER_VOLUMES["$container"]+="${requirement} " + done +done + + + diff --git a/deployment/puppet/docker/templates/functions.sh.erb b/deployment/puppet/docker/templates/functions.sh.erb new file mode 100644 index 0000000000..50802a25d4 --- /dev/null +++ b/deployment/puppet/docker/templates/functions.sh.erb @@ -0,0 +1,285 @@ +#!/bin/bash + +function show_usage { + echo "Usage:" + echo " $0 command" + echo + echo "Available commands: (Note: work in progress)" + echo " help: show this message" + echo " build: create all Docker containers" + echo " start: start all Docker containers" + echo " restart: restart one or more Docker containers" + echo " stop: stop one or more Docker containers" + echo " shell: start a shell or run a command in a Docker container" + echo " upgrade: upgrade deployment" + echo " destroy: destroy one or more containers" +} +function debug { + if $DEBUG; then + echo $@ + fi +} +function build_image { + docker build -t $2 $1 +} + +function build_storage_containers { + build_image $SOURCE_DIR/storage-dump storage/dump + build_image $SOURCE_DIR/storage-repo storage/repo + build_image $SOURCE_DIR/storage-puppet storage/puppet + build_image $SOURCE_DIR/storage-log storage/log +} + +function run_storage_containers { + #Run storage containers once + #Note: storage containers exit, but keep volumes available + + #Remove existing ones if they exist + #kill_storage_containers + docker run -d ${CONTAINER_VOLUMES[$DUMP_CNT]} --name "$DUMP_CNT" storage/dump || true + docker run -d ${CONTAINER_VOLUMES[$REPO_CNT]} --name "$REPO_CNT" storage/repo || true + docker run -d ${CONTAINER_VOLUMES[$PUPPET_CNT]} --name "$PUPPET_CNT" storage/puppet || true + #docker run -d ${CONTAINER_VOLUMES[$LOG_CNT]} --name "$LOG_CNT" storage/log || true +} + +function kill_storage_containers { + containers=$(docker ps -a | egrep "($DUMP_CNT|$REPO_CNT|$PUPPET_CNT)" | cut -d' ' -f1) + if [ -n "$containers" ]; then + docker rm $containers || true + fi +} +function import_images { + #Imports images with xz, gzip, or simple tar format + for image_archive in $@; do + if [ ! -f $image_archive ]; then + echo "Warning: $image_archive does not exist. Skipping..." + continue + fi + debug "Importing $image_archive" + image="$(echo $image_archive | cut -d. -f1)" + if egrep -q "gz\$" <<< "$image_archive"; then + zcat "$image_archive" | docker load + elif egrep -q "xz\$" <<< "$image_archive"; then + #xz -dkc "$image_archive" | docker load - "${IMAGE_PREFIX}/${image}" + xz -dkc "$image_archive" | docker load + else + #try to just import + cat "$image_archive" | docker load + fi + done +} + +function export_containers { + #--trim option removes $CNT_PREFIX from container name when exporting + if [[ "$1" == "--trim" ]]; then + trim=true + shift + else + trim=false + fi + + for image in $@; do + [ $trim ] && image=$(sed "s/${CNT_PREFIX}//" <<< "$image") + docker export $1 | gzip -c > "${image}.tar.gz" + done +} + +function commit_container { + container_name="${CONTAINER_NAMES[$1]}" + image="$IMAGE_PREFIX/$1" + docker commit $container_name $image +} +function start_container { + if [ -z "$1" ]; then + echo "Must specify a container name" 1>&2 + exit 1 + fi + image_name="$IMAGE_PREFIX/$1" + container_name=${CONTAINER_NAMES[$1]} + if container_created "$container_name"; then + if is_running "$container_name"; then + if is_ghost "$container_name"; then + restart_container $1 + else + echo "$container_name is already running." + fi + else + docker start $container_name + fi + if [ "$2" = "--attach" ]; then + attach_container $container_name + fi + else + first_run_container "$1" $2 + fi + +} + +function attach_container { + echo "Attaching to container $container_name..." + docker attach $1 +} + +function shell_container { + container_name=${CONTAINER_NAMES[$1]} + if ! is_running $container_name; then + echo "Container $1 is not running. Cannot attach." 1>&2 + fi + id=$(docker inspect -f='{{.ID}}' ${CONTAINER_NAMES[$1]}) + if [ -z "$id" ]; then + echo "Could not get docker ID for $container. Is it running?" 1>&2 + return 1 + fi + if [ -z "$2" ]; then + command="/bin/bash" + else + shift + command="$@" + fi + lxc-attach --name "$id" -- $command +} +function stop_container { + if [[ "$1" == 'all' ]]; then + docker stop ${CONTAINER_NAMES[$1]} + else + for container in $@; do + echo "Stopping $container..." + docker stop ${CONTAINER_NAMES[$container]} + done + fi +} + +function destroy_container { + if [[ "$1" == 'all' ]]; then + stop_container all + docker rm ${CONTAINER_NAMES[@]} + else + for container in $@; do + stop_container $container + docker rm ${CONTAINER_NAMES[$container]} + if [ $? -ne 0 ]; then + #This happens because devicemapper glitched + #Try to unmount all devicemapper mounts manually and try again + echo "Destruction of container $container failed. Trying workaround..." + id=$(docker inspect -f='{{.ID}}' ${CONTAINER_NAMES[$container]}) + if [ -z $id ]; then + echo "Could not get docker ID for $container" 1>&2 + return 1 + fi + umount -l $(grep "$id" /proc/mounts | awk '{print $2}' | sort -r) + #Try to delete again + docker rm ${CONTAINER_NAMES[$container]} + if [ $? -ne 0 ];then + echo "Workaround failed. Unable to destroy container $container." + fi + fi + done + fi +} + +function logs { + docker logs ${CONTAINER_NAMES[$1]} +} + + + +function restart_container { + docker restart ${CONTAINER_NAMES[$1]} +} + +function container_lookup { + echo ${CONTAINER_NAMES[$1]} +} + +function container_created { + docker ps -a | grep -q $1 + return $? +} +function is_ghost { + LANG=C docker ps | grep $1 | grep -q Ghost + return $? +} +function is_running { + docker ps | grep -q $1 + return $? +} +function first_run_container { + + opts="${CONTAINER_OPTIONS[$1]} ${CONTAINER_VOLUMES[$1]}" + container_name="${CONTAINER_NAMES[$1]}" + image="$IMAGE_PREFIX/$1_$VERSION" + if ! is_running $container_name; then + pre_hooks $1 + docker run $opts $BACKGROUND --name=$container_name $image + post_hooks $1 + else + echo "$container_name is already running." + fi + if [ "$2" = "--attach" ]; then + attach_container $container_name + fi + return 0 +} + +function pre_hooks { + return 0 +} + +function post_hooks { + case $1 in + cobbler) setup_dhcrelay_for_cobbler + ;; + rsyslog) remangle_syslog + ;; + nginx) remangle_nginx + ;; + *) ;; + esac +} +function remangle_port { + proto=$1 + port=$2 + admin_interface=$(grep interface: $ASTUTE_YAML | cut -d':' -f2 | tr -d ' ') + #Use facter and ipcalc to get admin network CIDR + admin_net_ip=$(facter "ipaddress_${admin_interface}") + admin_net_netmask=$(facter "netmask_$admin_interface") + eval $(ipcalc -np "$admin_net_ip" "$admin_net_netmask") + iptables -t nat -I POSTROUTING 1 -s "$NETWORK/$PREFIX" -p $proto -m $proto --dport $port -j ACCEPT + iptables -I FORWARD -i $admin_interface -o docker0 -m state --state NEW -p $proto -m $proto --dport $port -j ACCEPT +} + +function remangle_nginx { + #Necessary to forward packets to rsyslog with correct src ip + remangle_port tcp 8000 + remangle_port tcp 8080 +} + +function remangle_syslog { + #Necessary to forward packets to rsyslog with correct src ip + remangle_port tcp 514 + remangle_port udp 514 +} + +function setup_dhcrelay_for_cobbler { + if ! is_running "cobbler"; then + echo "ERROR: Cobbler container isn't running." 1>&2 + exit 1 + fi + cobbler_ip=$(docker inspect --format='{{.NetworkSettings.IPAddress}}' ${CONTAINER_NAMES["cobbler"]}) + admin_interface=$(grep interface: $ASTUTE_YAML | cut -d':' -f2 | tr -d ' ') + cat > /etc/sysconfig/dhcrelay << EOF +# Command line options here +DHCRELAYARGS="" +# DHCPv4 only +INTERFACES="$admin_interface docker0" +# DHCPv4 only +DHCPSERVERS="$cobbler_ip" +EOF + rpm -q dhcp 2>&1 > /dev/null || yum --quiet -y install dhcp + chkconfig dhcrelay on + service dhcrelay restart +} + +function allow_all_docker_traffic { + iptables -A POSTROUTING -t nat -o docker0 -j MASQUERADE +} diff --git a/deployment/puppet/nailgun/examples/host-only.pp b/deployment/puppet/nailgun/examples/host-only.pp index a1a60727c4..a562099672 100644 --- a/deployment/puppet/nailgun/examples/host-only.pp +++ b/deployment/puppet/nailgun/examples/host-only.pp @@ -8,6 +8,11 @@ $::fuel_version['VERSION']['production'] { else { $production = 'dev' } +Class['nailgun::packages'] -> +Class['nailgun::host'] -> +Class['docker::dockerctl'] -> +Class['docker'] -> +Class['nailgun::supervisor'] class { 'nailgun::packages': } @@ -22,4 +27,35 @@ class { "openstack::clocksync": config_template => "ntp/ntp.conf.centosserver.erb", } +class { "docker::dockerctl": + release => $::fuel_version['VERSION']['release'], + production => $production, +} class { "docker": } + +class { "nailgun::supervisor": + nailgun_env => false, + ostf_env => false, + require => File["/etc/supervisord.d/current", "/etc/supervisord.d/${::fuel_version['VERSION']['release']}"], + conf_file => "nailgun/supervisord.conf.base.erb", +} + +file { "/etc/supervisord.d": + ensure => directory, +} + +file { "/etc/supervisord.d/${::fuel_version['VERSION']['release']}": + require => File["/etc/supervisord.d"], + owner => root, + group => root, + recurse => true, + ensure => directory, + source => "puppet:///modules/docker/supervisor", +} + +file { "/etc/supervisord.d/current": + require => File["/etc/supervisord.d/${::fuel_version['VERSION']['release']}"], + replace => true, + ensure => "/etc/supervisord.d/${::fuel_version['VERSION']['release']}", +} + diff --git a/deployment/puppet/nailgun/manifests/host.pp b/deployment/puppet/nailgun/manifests/host.pp index e0bdd0d180..5e1a10dfbb 100644 --- a/deployment/puppet/nailgun/manifests/host.pp +++ b/deployment/puppet/nailgun/manifests/host.pp @@ -42,4 +42,11 @@ $gem_source = "http://localhost/gems/", group => 'root', mode => '0750', } + file { "/var/www/nailgun/dump": + ensure => directory, + owner => 'root', + group => 'root', + mode => '0755', + } + } diff --git a/deployment/puppet/nailgun/templates/supervisord.conf.base.erb b/deployment/puppet/nailgun/templates/supervisord.conf.base.erb index 60aac6c1c3..e9e3682629 100644 --- a/deployment/puppet/nailgun/templates/supervisord.conf.base.erb +++ b/deployment/puppet/nailgun/templates/supervisord.conf.base.erb @@ -15,4 +15,4 @@ childlogdir=/var/log/supervisor serverurl=unix:///var/run/supervisor.sock [include] -files = /etc/supervisord.d/*.conf +files = /etc/supervisord.d/*.conf /etc/supervisord.d/current/*.conf