Deploy fuel-dockerctl tools via puppet
Docketctl is needed for docker containers deployment and management. Also updated nailgun/examples/host-only.pp manifest to make it deploy supervisord in the way we need it for proper work of docker containers. Related to: https://review.openstack.org/#/c/88280/ blueprint fuel-containerization-of-services Change-Id: Ib929c1263a887efef766552588ba3716daa7d790
This commit is contained in:
parent
097103f6e9
commit
9b6dc7dc04
24
deployment/puppet/docker/files/supervisor/astute.conf
Normal file
24
deployment/puppet/docker/files/supervisor/astute.conf
Normal file
@ -0,0 +1,24 @@
|
||||
[program:docker-astute]
|
||||
command=dockerctl start astute --attach
|
||||
numprocs=1
|
||||
numprocs_start=0
|
||||
priority=30
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startsecs=10
|
||||
startretries=1000000
|
||||
exitcodes=0,2
|
||||
stopsignal=INT
|
||||
stopwaitsecs=60
|
||||
redirect_stderr=true
|
||||
stdout_logfile=/var/log/%(program_name)s.log
|
||||
stdout_logfile_maxbytes=50MB
|
||||
stdout_logfile_backups=10
|
||||
stdout_capture_maxbytes=0
|
||||
stdout_events_enabled=false
|
||||
stderr_logfile=/var/log/%(program_name)serr.log
|
||||
stderr_logfile_maxbytes=50MB
|
||||
stderr_logfile_backups=10
|
||||
stderr_capture_maxbytes=0
|
||||
stderr_events_enabled=false
|
||||
serverurl=AUTO
|
24
deployment/puppet/docker/files/supervisor/cobbler.conf
Normal file
24
deployment/puppet/docker/files/supervisor/cobbler.conf
Normal file
@ -0,0 +1,24 @@
|
||||
[program:docker-cobbler]
|
||||
command=dockerctl start cobbler --attach
|
||||
numprocs=1
|
||||
numprocs_start=0
|
||||
priority=5
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startsecs=10
|
||||
startretries=1000000
|
||||
exitcodes=0,2
|
||||
stopsignal=INT
|
||||
stopwaitsecs=60
|
||||
redirect_stderr=true
|
||||
stdout_logfile=/var/log/%(program_name)s.log
|
||||
stdout_logfile_maxbytes=50MB
|
||||
stdout_logfile_backups=10
|
||||
stdout_capture_maxbytes=0
|
||||
stdout_events_enabled=false
|
||||
stderr_logfile=/var/log/%(program_name)s-err.log
|
||||
stderr_logfile_maxbytes=50MB
|
||||
stderr_logfile_backups=10
|
||||
stderr_capture_maxbytes=0
|
||||
stderr_events_enabled=false
|
||||
serverurl=AUTO
|
24
deployment/puppet/docker/files/supervisor/mcollective.conf
Normal file
24
deployment/puppet/docker/files/supervisor/mcollective.conf
Normal file
@ -0,0 +1,24 @@
|
||||
[program:docker-mcollective]
|
||||
command=dockerctl start mcollective --attach
|
||||
numprocs=1
|
||||
numprocs_start=0
|
||||
priority=40
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startsecs=10
|
||||
startretries=1000000
|
||||
exitcodes=0,2
|
||||
stopsignal=INT
|
||||
stopwaitsecs=60
|
||||
redirect_stderr=true
|
||||
stdout_logfile=/var/log/%(program_name)s.log
|
||||
stdout_logfile_maxbytes=50MB
|
||||
stdout_logfile_backups=10
|
||||
stdout_capture_maxbytes=0
|
||||
stdout_events_enabled=false
|
||||
stderr_logfile=/var/log/%(program_name)s-err.log
|
||||
stderr_logfile_maxbytes=50MB
|
||||
stderr_logfile_backups=10
|
||||
stderr_capture_maxbytes=0
|
||||
stderr_events_enabled=false
|
||||
serverurl=AUTO
|
24
deployment/puppet/docker/files/supervisor/nailgun.conf
Normal file
24
deployment/puppet/docker/files/supervisor/nailgun.conf
Normal file
@ -0,0 +1,24 @@
|
||||
[program:docker-nailgun]
|
||||
command=dockerctl start nailgun --attach
|
||||
numprocs=1
|
||||
numprocs_start=0
|
||||
priority=40
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startsecs=10
|
||||
startretries=1000000
|
||||
exitcodes=0,2
|
||||
stopsignal=INT
|
||||
stopwaitsecs=60
|
||||
redirect_stderr=true
|
||||
stdout_logfile=/var/log/%(program_name)s.log
|
||||
stdout_logfile_maxbytes=50MB
|
||||
stdout_logfile_backups=10
|
||||
stdout_capture_maxbytes=0
|
||||
stdout_events_enabled=false
|
||||
stderr_logfile=/var/log/%(program_name)s-err.log
|
||||
stderr_logfile_maxbytes=50MB
|
||||
stderr_logfile_backups=10
|
||||
stderr_capture_maxbytes=0
|
||||
stderr_events_enabled=false
|
||||
serverurl=AUTO
|
24
deployment/puppet/docker/files/supervisor/nginx.conf
Normal file
24
deployment/puppet/docker/files/supervisor/nginx.conf
Normal file
@ -0,0 +1,24 @@
|
||||
[program:docker-nginx]
|
||||
command=dockerctl start nginx --attach
|
||||
numprocs=1
|
||||
numprocs_start=0
|
||||
priority=80
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startsecs=10
|
||||
startretries=1000000
|
||||
exitcodes=0,2
|
||||
stopsignal=INT
|
||||
stopwaitsecs=60
|
||||
redirect_stderr=true
|
||||
stdout_logfile=/var/log/%(program_name)s.log
|
||||
stdout_logfile_maxbytes=50MB
|
||||
stdout_logfile_backups=10
|
||||
stdout_capture_maxbytes=0
|
||||
stdout_events_enabled=false
|
||||
stderr_logfile=/var/log/%(program_name)s-err.log
|
||||
stderr_logfile_maxbytes=50MB
|
||||
stderr_logfile_backups=10
|
||||
stderr_capture_maxbytes=0
|
||||
stderr_events_enabled=false
|
||||
serverurl=AUTO
|
24
deployment/puppet/docker/files/supervisor/ostf.conf
Normal file
24
deployment/puppet/docker/files/supervisor/ostf.conf
Normal file
@ -0,0 +1,24 @@
|
||||
[program:docker-ostf]
|
||||
command=dockerctl start ostf --attach
|
||||
numprocs=1
|
||||
numprocs_start=0
|
||||
priority=50
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startsecs=10
|
||||
startretries=1000000
|
||||
exitcodes=0,2
|
||||
stopsignal=INT
|
||||
stopwaitsecs=60
|
||||
redirect_stderr=true
|
||||
stdout_logfile=/var/log/%(program_name)s.log
|
||||
stdout_logfile_maxbytes=50MB
|
||||
stdout_logfile_backups=10
|
||||
stdout_capture_maxbytes=0
|
||||
stdout_events_enabled=false
|
||||
stderr_logfile=/var/log/%(program_name)s-err.log
|
||||
stderr_logfile_maxbytes=50MB
|
||||
stderr_logfile_backups=10
|
||||
stderr_capture_maxbytes=0
|
||||
stderr_events_enabled=false
|
||||
serverurl=AUTO
|
24
deployment/puppet/docker/files/supervisor/postgres.conf
Normal file
24
deployment/puppet/docker/files/supervisor/postgres.conf
Normal file
@ -0,0 +1,24 @@
|
||||
[program:docker-postgres]
|
||||
command=dockerctl start postgres --attach
|
||||
numprocs=1
|
||||
numprocs_start=0
|
||||
priority=10
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startsecs=10
|
||||
startretries=1000000
|
||||
exitcodes=0,2
|
||||
stopsignal=INT
|
||||
stopwaitsecs=60
|
||||
redirect_stderr=true
|
||||
stdout_logfile=/var/log/%(program_name)s.log
|
||||
stdout_logfile_maxbytes=50MB
|
||||
stdout_logfile_backups=10
|
||||
stdout_capture_maxbytes=0
|
||||
stdout_events_enabled=false
|
||||
stderr_logfile=/var/log/%(program_name)s-err.log
|
||||
stderr_logfile_maxbytes=50MB
|
||||
stderr_logfile_backups=10
|
||||
stderr_capture_maxbytes=0
|
||||
stderr_events_enabled=false
|
||||
serverurl=AUTO
|
24
deployment/puppet/docker/files/supervisor/rabbitmq.conf
Normal file
24
deployment/puppet/docker/files/supervisor/rabbitmq.conf
Normal file
@ -0,0 +1,24 @@
|
||||
[program:docker-rabbitmq]
|
||||
command=dockerctl start rabbitmq --attach
|
||||
numprocs=1
|
||||
numprocs_start=0
|
||||
priority=15
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startsecs=10
|
||||
startretries=1000000
|
||||
exitcodes=0,2
|
||||
stopsignal=INT
|
||||
stopwaitsecs=60
|
||||
redirect_stderr=true
|
||||
stdout_logfile=/var/log/%(program_name)s.log
|
||||
stdout_logfile_maxbytes=50MB
|
||||
stdout_logfile_backups=10
|
||||
stdout_capture_maxbytes=0
|
||||
stdout_events_enabled=false
|
||||
stderr_logfile=/var/log/%(program_name)s-err.log
|
||||
stderr_logfile_maxbytes=50MB
|
||||
stderr_logfile_backups=10
|
||||
stderr_capture_maxbytes=0
|
||||
stderr_events_enabled=false
|
||||
serverurl=AUTO
|
24
deployment/puppet/docker/files/supervisor/rsync.conf
Normal file
24
deployment/puppet/docker/files/supervisor/rsync.conf
Normal file
@ -0,0 +1,24 @@
|
||||
[program:docker-rsync]
|
||||
command=dockerctl start %(program_name)s --attach
|
||||
numprocs=1
|
||||
numprocs_start=0
|
||||
priority=20
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startsecs=10
|
||||
startretries=1000000
|
||||
exitcodes=0,2
|
||||
stopsignal=INT
|
||||
stopwaitsecs=60
|
||||
redirect_stderr=true
|
||||
stdout_logfile=/var/log/%(program_name)s.log
|
||||
stdout_logfile_maxbytes=50MB
|
||||
stdout_logfile_backups=10
|
||||
stdout_capture_maxbytes=0
|
||||
stdout_events_enabled=false
|
||||
stderr_logfile=/var/log/%(program_name)s-err.log
|
||||
stderr_logfile_maxbytes=50MB
|
||||
stderr_logfile_backups=10
|
||||
stderr_capture_maxbytes=0
|
||||
stderr_events_enabled=false
|
||||
serverurl=AUTO
|
24
deployment/puppet/docker/files/supervisor/rsyslog.conf
Normal file
24
deployment/puppet/docker/files/supervisor/rsyslog.conf
Normal file
@ -0,0 +1,24 @@
|
||||
[program:docker-rsyslog]
|
||||
command=dockerctl start rsyslog --attach
|
||||
numprocs=1
|
||||
numprocs_start=0
|
||||
priority=80
|
||||
autostart=true
|
||||
autorestart=true
|
||||
startsecs=10
|
||||
startretries=1000000
|
||||
exitcodes=0,2
|
||||
stopsignal=INT
|
||||
stopwaitsecs=60
|
||||
redirect_stderr=true
|
||||
stdout_logfile=/var/log/%(program_name)s.log
|
||||
stdout_logfile_maxbytes=50MB
|
||||
stdout_logfile_backups=10
|
||||
stdout_capture_maxbytes=0
|
||||
stdout_events_enabled=false
|
||||
stderr_logfile=/var/log/%(program_name)s-err.log
|
||||
stderr_logfile_maxbytes=50MB
|
||||
stderr_logfile_backups=10
|
||||
stderr_capture_maxbytes=0
|
||||
stderr_events_enabled=false
|
||||
serverurl=AUTO
|
41
deployment/puppet/docker/manifests/dockerctl.pp
Normal file
41
deployment/puppet/docker/manifests/dockerctl.pp
Normal file
@ -0,0 +1,41 @@
|
||||
class docker::dockerctl (
|
||||
$bin_dir = '/usr/bin',
|
||||
$share_dir = '/usr/share/dockerctl',
|
||||
$config_dir = '/etc/dockerctl',
|
||||
$release,
|
||||
$production,
|
||||
) {
|
||||
|
||||
# Make sure we have needed directories
|
||||
file { "$bin_dir":
|
||||
ensure => directory;
|
||||
}
|
||||
file { "$share_dir":
|
||||
ensure => directory;
|
||||
}
|
||||
file { "$config_dir":
|
||||
ensure => directory;
|
||||
}
|
||||
|
||||
# Deploy files
|
||||
file { "$bin_dir/dockerctl":
|
||||
require => File["$bin_dir"],
|
||||
mode => 0755,
|
||||
content => template("docker/dockerctl.erb");
|
||||
}
|
||||
file { "$bin_dir/disable-services.sh":
|
||||
require => File["$bin_dir"],
|
||||
mode => 0755,
|
||||
content => template("docker/disable-services.sh.erb");
|
||||
}
|
||||
file { "$share_dir/functions":
|
||||
require => File["$share_dir"],
|
||||
mode => 0644,
|
||||
content => template("docker/functions.sh.erb");
|
||||
}
|
||||
file { "$config_dir/config":
|
||||
require => File["$config_dir"],
|
||||
mode => 0644,
|
||||
content => template("docker/dockerctl_config.erb");
|
||||
}
|
||||
}
|
@ -2,6 +2,15 @@ class docker (
|
||||
$limit = "102400",
|
||||
$docker_package = "docker-io",
|
||||
$docker_service = "docker",
|
||||
$dependent_dirs = ["/var/log/docker-logs", "/var/log/docker-logs/remote",
|
||||
"/var/log/docker-logs/audit", "/var/log/docker-logs/cobbler",
|
||||
"/var/log/docker-logs/ConsoleKit", "/var/log/docker-logs/coredump",
|
||||
"/var/log/docker-logs/httpd", "/var/log/docker-logs/lxc",
|
||||
"/var/log/docker-logs/nailgun", "/var/log/docker-logs/naily",
|
||||
"/var/log/docker-logs/nginx", "/var/log/docker-logs/ntpstats",
|
||||
"/var/log/docker-logs/puppet", "/var/log/docker-logs/rabbitmq",
|
||||
"/var/log/docker-logs/rhsm", "/var/log/docker-logs/supervisor",
|
||||
]
|
||||
) {
|
||||
|
||||
package {$docker_package:
|
||||
@ -20,4 +29,19 @@ $docker_service = "docker",
|
||||
mode => 0644,
|
||||
notify => Service["docker"],
|
||||
}
|
||||
file { $dependent_dirs:
|
||||
ensure => directory,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0755',
|
||||
}
|
||||
exec {'build docker containers':
|
||||
command => 'dockerctl build all',
|
||||
path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin",
|
||||
require => [
|
||||
File[$dependent_dirs],
|
||||
Service[$docker_service],
|
||||
],
|
||||
before => Service['supervisord'],
|
||||
}
|
||||
}
|
||||
|
14
deployment/puppet/docker/templates/disable-services.sh.erb
Normal file
14
deployment/puppet/docker/templates/disable-services.sh.erb
Normal file
@ -0,0 +1,14 @@
|
||||
#!/bin/bash
|
||||
|
||||
system_services="cobblerd httpd xinetd postgresql rabbitmq-server nginx dnsmasq rsyslog mcollective"
|
||||
supervisord_services="assassind nailgun ostf receiverd astute"
|
||||
|
||||
for system_service in $system_services; do
|
||||
chkconfig $system_service off
|
||||
service $system_service stop
|
||||
done
|
||||
for supervisord_service in $supervisord_services; do
|
||||
supervisorctl stop $supervisord_service
|
||||
done
|
||||
#Because rabbitmq-server doesn't really stop correctly
|
||||
pkill -u rabbitmq
|
92
deployment/puppet/docker/templates/dockerctl.erb
Normal file
92
deployment/puppet/docker/templates/dockerctl.erb
Normal file
@ -0,0 +1,92 @@
|
||||
#!/bin/bash
|
||||
|
||||
confdir="<%= @config_dir %>"
|
||||
. "$confdir/config"
|
||||
. "<%= @share_dir %>/functions"
|
||||
DEBUG=true
|
||||
|
||||
if [ -z "$1" ] || [ "$1" = "help" ]; then
|
||||
echo "Please specify a command."
|
||||
show_usage
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "$2" ] || [ "$2" = "all" ]; then
|
||||
container="all"
|
||||
else
|
||||
container=$2
|
||||
fi
|
||||
|
||||
if [ "$1" == "build" ]; then
|
||||
if [ "$container" = "storage" ]; then
|
||||
build_storage_containers
|
||||
run_storage_containers
|
||||
elif [ "$container" = "all" ];then
|
||||
#Step 1: prepare storage containers
|
||||
build_storage_containers
|
||||
run_storage_containers
|
||||
|
||||
#Step 2: import app images
|
||||
import_images ${SOURCE_IMAGES[@]}
|
||||
|
||||
#Prepare iptables just in case ICC is broken
|
||||
allow_all_docker_traffic
|
||||
|
||||
#Step 3: Launch all in order
|
||||
apps="postgres rabbitmq rsync astute rsyslog nailgun mcollective ostf nginx cobbler"
|
||||
for service in $apps; do
|
||||
start_container $service
|
||||
sleep 4
|
||||
done
|
||||
|
||||
#Deploy supervisord scripts
|
||||
#TODO(mattymo): puppetize this in host-only role
|
||||
#yum install -y supervisor
|
||||
#mkdir -p /etc/supervisord.d
|
||||
#cp -R $confdir/supervisor/* /etc/supervisord.d/$VERSION/
|
||||
#cp /etc/puppet/modules/nailgun/templates/supervisord.conf.base.erb /etc/supervisord.conf
|
||||
#service supervisord start
|
||||
|
||||
#Step 4: Test deployment TODO(mattymo)
|
||||
#run_tests $apps
|
||||
else
|
||||
import_images ${SOURCE_IMAGES[$container]}
|
||||
start_container $container
|
||||
fi
|
||||
elif [ "$1" == "start" ]; then
|
||||
if [ "$container" = "all" ];then
|
||||
apps="postgres rabbitmq rsync astute rsyslog nailgun mcollective ostf nginx cobbler"
|
||||
|
||||
for service in $apps; do
|
||||
start_container $service
|
||||
#supervisorctl start $service
|
||||
sleep 4
|
||||
done
|
||||
else
|
||||
shift 2
|
||||
start_container $container $@
|
||||
fi
|
||||
elif [ "$1" == "restart" ]; then
|
||||
shift 2
|
||||
restart_container $container $@
|
||||
elif [ "$1" == "stop" ]; then
|
||||
shift 2
|
||||
stop_container $container $@
|
||||
elif [ "$1" == "shell" ]; then
|
||||
shift 2
|
||||
shell_container $container $@
|
||||
elif [ "$1" == "upgrade" ]; then
|
||||
shift 2
|
||||
upgrade_container $container $@
|
||||
elif [ "$1" == "backup" ]; then
|
||||
shift 2
|
||||
backup_container $container $@
|
||||
elif [ "$1" == "destroy" ]; then
|
||||
shift 2
|
||||
destroy_container $container $@
|
||||
elif [ "$1" == "logs" ]; then
|
||||
logs $container
|
||||
else
|
||||
echo "Invalid selection."
|
||||
show_usage
|
||||
fi
|
133
deployment/puppet/docker/templates/dockerctl_config.erb
Normal file
133
deployment/puppet/docker/templates/dockerctl_config.erb
Normal file
@ -0,0 +1,133 @@
|
||||
#!/bin/bash
|
||||
|
||||
### Container information
|
||||
#Paths
|
||||
DOCKER_ROOT="/var/www/nailgun/docker"
|
||||
IMAGE_DIR="${DOCKER_ROOT}/images"
|
||||
SOURCE_DIR="${DOCKER_ROOT}/sources"
|
||||
#SUPERVISOR_CONF_DIR="${docker_root}/supervisor.d"
|
||||
#SUPERVISOR_CONF_DIR="${docker_root}/supervisor"
|
||||
#SUPERVISOR_CONF_DIR="<%= @config_dir %>/supervisor/"
|
||||
ASTUTE_YAML=/etc/astute.yaml
|
||||
#Version of Fuel to deploy
|
||||
VERSION="<%= @release %>"
|
||||
IMAGE_PREFIX="fuel"
|
||||
# busybox image for storage containers
|
||||
BUSYBOX_IMAGE="busybox.tar.gz"
|
||||
# base centos image for all containers
|
||||
BASE_IMAGE="centos.tar.gz"
|
||||
|
||||
ZIP_EXT=${ZIP_EXT:-".tar.xz"}
|
||||
# source images for apps
|
||||
declare -A SOURCE_IMAGES
|
||||
SOURCE_IMAGES['cobbler']="${IMAGE_DIR}/cobbler${ZIP_EXT}"
|
||||
SOURCE_IMAGES['postgres']="${IMAGE_DIR}/postgres${ZIP_EXT}"
|
||||
SOURCE_IMAGES['rabbitmq']="${IMAGE_DIR}/rabbitmq${ZIP_EXT}"
|
||||
SOURCE_IMAGES['rsync']="${IMAGE_DIR}/rsync${ZIP_EXT}"
|
||||
SOURCE_IMAGES['astute']="${IMAGE_DIR}/astute${ZIP_EXT}"
|
||||
SOURCE_IMAGES['nailgun']="${IMAGE_DIR}/nailgun${ZIP_EXT}"
|
||||
SOURCE_IMAGES['ostf']="${IMAGE_DIR}/ostf${ZIP_EXT}"
|
||||
SOURCE_IMAGES['nginx']="${IMAGE_DIR}/nginx${ZIP_EXT}"
|
||||
SOURCE_IMAGES['rsyslog']="${IMAGE_DIR}/rsyslog${ZIP_EXT}"
|
||||
SOURCE_IMAGES['mcollective']="${IMAGE_DIR}/mcollective${ZIP_EXT}"
|
||||
|
||||
# storage container names
|
||||
PREFIX_STORAGE="fuel-storage-${VERSION}-"
|
||||
DUMP_CNT="${PREFIX_STORAGE}dump"
|
||||
REPO_CNT="${PREFIX_STORAGE}repo"
|
||||
PUPPET_CNT="${PREFIX_STORAGE}puppet"
|
||||
LOG_CNT="${PREFIX_STORAGE}log"
|
||||
|
||||
# app container names
|
||||
declare -A CONTAINER_NAMES
|
||||
prefix="fuel-core-${VERSION}-"
|
||||
CONTAINER_NAMES['cobbler']="${prefix}cobbler"
|
||||
CONTAINER_NAMES['postgres']="${prefix}postgres"
|
||||
CONTAINER_NAMES['rabbitmq']="${prefix}rabbitmq"
|
||||
CONTAINER_NAMES['rsync']="${prefix}rsync"
|
||||
CONTAINER_NAMES['astute']="${prefix}astute"
|
||||
CONTAINER_NAMES['nailgun']="${prefix}nailgun"
|
||||
CONTAINER_NAMES['ostf']="${prefix}ostf"
|
||||
CONTAINER_NAMES['nginx']="${prefix}nginx"
|
||||
CONTAINER_NAMES['rsyslog']="${prefix}rsyslog"
|
||||
CONTAINER_NAMES['mcollective']="${prefix}mcollective"
|
||||
|
||||
# app container options
|
||||
declare -A CONTAINER_OPTIONS
|
||||
base_opts="-t"
|
||||
FOREGROUND="-i"
|
||||
BACKGROUND="-d"
|
||||
CONTAINER_OPTIONS["cobbler"]="-p 53:53/udp -p 69:69/udp -p 80:80 -p 443:443 --privileged $base_opts"
|
||||
CONTAINER_OPTIONS["postgres"]="-p 5432:5432 $base_opts"
|
||||
CONTAINER_OPTIONS["rabbitmq"]="-p 5672:5672 -p 4369:4369 -p 15672:15672 -p 61613:61613 $base_opts"
|
||||
CONTAINER_OPTIONS["rsync"]="-p 873:873 $base_opts"
|
||||
CONTAINER_OPTIONS["astute"]="$base_opts"
|
||||
CONTAINER_OPTIONS["nailgun"]="-v /etc/nailgun -p 8001:8001 $base_opts"
|
||||
CONTAINER_OPTIONS["ostf"]="-p 8777:8777 $base_opts"
|
||||
CONTAINER_OPTIONS["nginx"]="-p 8000:8000 -p 8080:8080 $base_opts"
|
||||
CONTAINER_OPTIONS["rsyslog"]="--privileged -p 514:514 -p 514:514/udp -p 25150 $base_opts"
|
||||
CONTAINER_OPTIONS["mcollective"]="--privileged $base_opts"
|
||||
|
||||
######
|
||||
#DRAFT: Dependency of volumes for deployment
|
||||
#####
|
||||
|
||||
#Host volumes
|
||||
declare -A HOST_VOL
|
||||
HOST_VOL['dump']="-v /var/www/nailgun/dump:/dump"
|
||||
#HOST_VOL['dump']="-v /var/www/nailgun/dump:/var/www/nailgun/dump"
|
||||
HOST_VOL['repo']="-v /var/www/nailgun:/repo:ro"
|
||||
HOST_VOL['puppet']="-v /etc/puppet:/puppet:ro"
|
||||
HOST_VOL['sshkey']="-v /root/.ssh:/root/.ssh:ro"
|
||||
HOST_VOL['astuteyaml']="-v /etc/fuel:/etc/fuel:ro"
|
||||
HOST_VOL['remotelogs']="-v /var/log/remote:/remote"
|
||||
HOST_VOL['dockerlogs']="-v /var/log/docker-logs:/log"
|
||||
|
||||
#Storage container volume mounts
|
||||
declare -A CONTAINER_VOLUMES
|
||||
CONTAINER_VOLUMES[$DUMP_CNT]="${HOST_VOL['dump']}"
|
||||
CONTAINER_VOLUMES[$REPO_CNT]="${HOST_VOL['repo']}"
|
||||
#TODO(mattymo): inject puppet modules to puppet container during initial run
|
||||
#instead of relaying host dir
|
||||
CONTAINER_VOLUMES[$PUPPET_CNT]="${HOST_VOL['puppet']}"
|
||||
CONTAINER_VOLUMES[$LOG_CNT]="${HOST_VOL['dockerlogs']} ${HOST_VOL['remotelogs']}"
|
||||
|
||||
#Storage container volumes
|
||||
DUMP_VOL="--volumes-from $DUMP_CNT"
|
||||
REPO_VOL="--volumes-from $REPO_CNT"
|
||||
PUPPET_VOL="--volumes-from $PUPPET_CNT"
|
||||
LOG_VOL="-v /var/log/docker-logs:/var/log"
|
||||
#LOG_VOL="--volumes-from $LOG_CNT"
|
||||
|
||||
#Nailgun static files are in nailgun container
|
||||
NAILGUN_VOL="--volumes-from ${CONTAINER_NAMES['nailgun']}"
|
||||
|
||||
#App container volume mounts
|
||||
###requirements cheat sheet
|
||||
###ALL: astuteyaml $REPO_CNT $LOG_VOL
|
||||
###sshkey: nailgun cobbler astute mcollective
|
||||
###dump: nginx mcollective
|
||||
###remotelogs: rsyslog nailgun nginx
|
||||
###nailgun: nginx mcollective
|
||||
|
||||
declare -A REQS
|
||||
REQS["${HOST_VOL['astuteyaml']}"]="cobbler postgres rabbitmq rsync astute nailgun ostf nginx rsyslog mcollective"
|
||||
REQS["$REPO_VOL"]="cobbler postgres rabbitmq rsync astute nailgun ostf nginx rsyslog mcollective"
|
||||
#Most containers work from local integrated puppet
|
||||
REQS["$PUPPET_VOL"]="rsync"
|
||||
#REQS["$PUPPET_VOL"]="cobbler postgres rabbitmq rsync astute nailgun ostf nginx rsyslog mcollective"
|
||||
REQS["$LOG_VOL"]="cobbler postgres rabbitmq rsync astute nailgun ostf nginx rsyslog mcollective"
|
||||
REQS["${HOST_VOL['sshkey']}"]="nailgun cobbler astute mcollective"
|
||||
REQS["${HOST_VOL['dump']}"]="nginx mcollective"
|
||||
#REQS["${HOST_VOL['remotelogs']}"]="rsyslog nailgun nginx"
|
||||
REQS["$NAILGUN_VOL"]="nginx mcollective"
|
||||
|
||||
#assemble requirements
|
||||
for requirement in "${!REQS[@]}"; do
|
||||
for container in ${REQS["$requirement"]}; do
|
||||
CONTAINER_VOLUMES["$container"]+="${requirement} "
|
||||
done
|
||||
done
|
||||
|
||||
|
||||
|
285
deployment/puppet/docker/templates/functions.sh.erb
Normal file
285
deployment/puppet/docker/templates/functions.sh.erb
Normal file
@ -0,0 +1,285 @@
|
||||
#!/bin/bash
|
||||
|
||||
function show_usage {
|
||||
echo "Usage:"
|
||||
echo " $0 command"
|
||||
echo
|
||||
echo "Available commands: (Note: work in progress)"
|
||||
echo " help: show this message"
|
||||
echo " build: create all Docker containers"
|
||||
echo " start: start all Docker containers"
|
||||
echo " restart: restart one or more Docker containers"
|
||||
echo " stop: stop one or more Docker containers"
|
||||
echo " shell: start a shell or run a command in a Docker container"
|
||||
echo " upgrade: upgrade deployment"
|
||||
echo " destroy: destroy one or more containers"
|
||||
}
|
||||
function debug {
|
||||
if $DEBUG; then
|
||||
echo $@
|
||||
fi
|
||||
}
|
||||
function build_image {
|
||||
docker build -t $2 $1
|
||||
}
|
||||
|
||||
function build_storage_containers {
|
||||
build_image $SOURCE_DIR/storage-dump storage/dump
|
||||
build_image $SOURCE_DIR/storage-repo storage/repo
|
||||
build_image $SOURCE_DIR/storage-puppet storage/puppet
|
||||
build_image $SOURCE_DIR/storage-log storage/log
|
||||
}
|
||||
|
||||
function run_storage_containers {
|
||||
#Run storage containers once
|
||||
#Note: storage containers exit, but keep volumes available
|
||||
|
||||
#Remove existing ones if they exist
|
||||
#kill_storage_containers
|
||||
docker run -d ${CONTAINER_VOLUMES[$DUMP_CNT]} --name "$DUMP_CNT" storage/dump || true
|
||||
docker run -d ${CONTAINER_VOLUMES[$REPO_CNT]} --name "$REPO_CNT" storage/repo || true
|
||||
docker run -d ${CONTAINER_VOLUMES[$PUPPET_CNT]} --name "$PUPPET_CNT" storage/puppet || true
|
||||
#docker run -d ${CONTAINER_VOLUMES[$LOG_CNT]} --name "$LOG_CNT" storage/log || true
|
||||
}
|
||||
|
||||
function kill_storage_containers {
|
||||
containers=$(docker ps -a | egrep "($DUMP_CNT|$REPO_CNT|$PUPPET_CNT)" | cut -d' ' -f1)
|
||||
if [ -n "$containers" ]; then
|
||||
docker rm $containers || true
|
||||
fi
|
||||
}
|
||||
function import_images {
|
||||
#Imports images with xz, gzip, or simple tar format
|
||||
for image_archive in $@; do
|
||||
if [ ! -f $image_archive ]; then
|
||||
echo "Warning: $image_archive does not exist. Skipping..."
|
||||
continue
|
||||
fi
|
||||
debug "Importing $image_archive"
|
||||
image="$(echo $image_archive | cut -d. -f1)"
|
||||
if egrep -q "gz\$" <<< "$image_archive"; then
|
||||
zcat "$image_archive" | docker load
|
||||
elif egrep -q "xz\$" <<< "$image_archive"; then
|
||||
#xz -dkc "$image_archive" | docker load - "${IMAGE_PREFIX}/${image}"
|
||||
xz -dkc "$image_archive" | docker load
|
||||
else
|
||||
#try to just import
|
||||
cat "$image_archive" | docker load
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
function export_containers {
|
||||
#--trim option removes $CNT_PREFIX from container name when exporting
|
||||
if [[ "$1" == "--trim" ]]; then
|
||||
trim=true
|
||||
shift
|
||||
else
|
||||
trim=false
|
||||
fi
|
||||
|
||||
for image in $@; do
|
||||
[ $trim ] && image=$(sed "s/${CNT_PREFIX}//" <<< "$image")
|
||||
docker export $1 | gzip -c > "${image}.tar.gz"
|
||||
done
|
||||
}
|
||||
|
||||
function commit_container {
|
||||
container_name="${CONTAINER_NAMES[$1]}"
|
||||
image="$IMAGE_PREFIX/$1"
|
||||
docker commit $container_name $image
|
||||
}
|
||||
function start_container {
|
||||
if [ -z "$1" ]; then
|
||||
echo "Must specify a container name" 1>&2
|
||||
exit 1
|
||||
fi
|
||||
image_name="$IMAGE_PREFIX/$1"
|
||||
container_name=${CONTAINER_NAMES[$1]}
|
||||
if container_created "$container_name"; then
|
||||
if is_running "$container_name"; then
|
||||
if is_ghost "$container_name"; then
|
||||
restart_container $1
|
||||
else
|
||||
echo "$container_name is already running."
|
||||
fi
|
||||
else
|
||||
docker start $container_name
|
||||
fi
|
||||
if [ "$2" = "--attach" ]; then
|
||||
attach_container $container_name
|
||||
fi
|
||||
else
|
||||
first_run_container "$1" $2
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
function attach_container {
|
||||
echo "Attaching to container $container_name..."
|
||||
docker attach $1
|
||||
}
|
||||
|
||||
function shell_container {
|
||||
container_name=${CONTAINER_NAMES[$1]}
|
||||
if ! is_running $container_name; then
|
||||
echo "Container $1 is not running. Cannot attach." 1>&2
|
||||
fi
|
||||
id=$(docker inspect -f='{{.ID}}' ${CONTAINER_NAMES[$1]})
|
||||
if [ -z "$id" ]; then
|
||||
echo "Could not get docker ID for $container. Is it running?" 1>&2
|
||||
return 1
|
||||
fi
|
||||
if [ -z "$2" ]; then
|
||||
command="/bin/bash"
|
||||
else
|
||||
shift
|
||||
command="$@"
|
||||
fi
|
||||
lxc-attach --name "$id" -- $command
|
||||
}
|
||||
function stop_container {
|
||||
if [[ "$1" == 'all' ]]; then
|
||||
docker stop ${CONTAINER_NAMES[$1]}
|
||||
else
|
||||
for container in $@; do
|
||||
echo "Stopping $container..."
|
||||
docker stop ${CONTAINER_NAMES[$container]}
|
||||
done
|
||||
fi
|
||||
}
|
||||
|
||||
function destroy_container {
|
||||
if [[ "$1" == 'all' ]]; then
|
||||
stop_container all
|
||||
docker rm ${CONTAINER_NAMES[@]}
|
||||
else
|
||||
for container in $@; do
|
||||
stop_container $container
|
||||
docker rm ${CONTAINER_NAMES[$container]}
|
||||
if [ $? -ne 0 ]; then
|
||||
#This happens because devicemapper glitched
|
||||
#Try to unmount all devicemapper mounts manually and try again
|
||||
echo "Destruction of container $container failed. Trying workaround..."
|
||||
id=$(docker inspect -f='{{.ID}}' ${CONTAINER_NAMES[$container]})
|
||||
if [ -z $id ]; then
|
||||
echo "Could not get docker ID for $container" 1>&2
|
||||
return 1
|
||||
fi
|
||||
umount -l $(grep "$id" /proc/mounts | awk '{print $2}' | sort -r)
|
||||
#Try to delete again
|
||||
docker rm ${CONTAINER_NAMES[$container]}
|
||||
if [ $? -ne 0 ];then
|
||||
echo "Workaround failed. Unable to destroy container $container."
|
||||
fi
|
||||
fi
|
||||
done
|
||||
fi
|
||||
}
|
||||
|
||||
function logs {
|
||||
docker logs ${CONTAINER_NAMES[$1]}
|
||||
}
|
||||
|
||||
|
||||
|
||||
function restart_container {
|
||||
docker restart ${CONTAINER_NAMES[$1]}
|
||||
}
|
||||
|
||||
function container_lookup {
|
||||
echo ${CONTAINER_NAMES[$1]}
|
||||
}
|
||||
|
||||
function container_created {
|
||||
docker ps -a | grep -q $1
|
||||
return $?
|
||||
}
|
||||
function is_ghost {
|
||||
LANG=C docker ps | grep $1 | grep -q Ghost
|
||||
return $?
|
||||
}
|
||||
function is_running {
|
||||
docker ps | grep -q $1
|
||||
return $?
|
||||
}
|
||||
function first_run_container {
|
||||
|
||||
opts="${CONTAINER_OPTIONS[$1]} ${CONTAINER_VOLUMES[$1]}"
|
||||
container_name="${CONTAINER_NAMES[$1]}"
|
||||
image="$IMAGE_PREFIX/$1_$VERSION"
|
||||
if ! is_running $container_name; then
|
||||
pre_hooks $1
|
||||
docker run $opts $BACKGROUND --name=$container_name $image
|
||||
post_hooks $1
|
||||
else
|
||||
echo "$container_name is already running."
|
||||
fi
|
||||
if [ "$2" = "--attach" ]; then
|
||||
attach_container $container_name
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
function pre_hooks {
|
||||
return 0
|
||||
}
|
||||
|
||||
function post_hooks {
|
||||
case $1 in
|
||||
cobbler) setup_dhcrelay_for_cobbler
|
||||
;;
|
||||
rsyslog) remangle_syslog
|
||||
;;
|
||||
nginx) remangle_nginx
|
||||
;;
|
||||
*) ;;
|
||||
esac
|
||||
}
|
||||
function remangle_port {
|
||||
proto=$1
|
||||
port=$2
|
||||
admin_interface=$(grep interface: $ASTUTE_YAML | cut -d':' -f2 | tr -d ' ')
|
||||
#Use facter and ipcalc to get admin network CIDR
|
||||
admin_net_ip=$(facter "ipaddress_${admin_interface}")
|
||||
admin_net_netmask=$(facter "netmask_$admin_interface")
|
||||
eval $(ipcalc -np "$admin_net_ip" "$admin_net_netmask")
|
||||
iptables -t nat -I POSTROUTING 1 -s "$NETWORK/$PREFIX" -p $proto -m $proto --dport $port -j ACCEPT
|
||||
iptables -I FORWARD -i $admin_interface -o docker0 -m state --state NEW -p $proto -m $proto --dport $port -j ACCEPT
|
||||
}
|
||||
|
||||
function remangle_nginx {
|
||||
#Necessary to forward packets to rsyslog with correct src ip
|
||||
remangle_port tcp 8000
|
||||
remangle_port tcp 8080
|
||||
}
|
||||
|
||||
function remangle_syslog {
|
||||
#Necessary to forward packets to rsyslog with correct src ip
|
||||
remangle_port tcp 514
|
||||
remangle_port udp 514
|
||||
}
|
||||
|
||||
function setup_dhcrelay_for_cobbler {
|
||||
if ! is_running "cobbler"; then
|
||||
echo "ERROR: Cobbler container isn't running." 1>&2
|
||||
exit 1
|
||||
fi
|
||||
cobbler_ip=$(docker inspect --format='{{.NetworkSettings.IPAddress}}' ${CONTAINER_NAMES["cobbler"]})
|
||||
admin_interface=$(grep interface: $ASTUTE_YAML | cut -d':' -f2 | tr -d ' ')
|
||||
cat > /etc/sysconfig/dhcrelay << EOF
|
||||
# Command line options here
|
||||
DHCRELAYARGS=""
|
||||
# DHCPv4 only
|
||||
INTERFACES="$admin_interface docker0"
|
||||
# DHCPv4 only
|
||||
DHCPSERVERS="$cobbler_ip"
|
||||
EOF
|
||||
rpm -q dhcp 2>&1 > /dev/null || yum --quiet -y install dhcp
|
||||
chkconfig dhcrelay on
|
||||
service dhcrelay restart
|
||||
}
|
||||
|
||||
function allow_all_docker_traffic {
|
||||
iptables -A POSTROUTING -t nat -o docker0 -j MASQUERADE
|
||||
}
|
@ -8,6 +8,11 @@ $::fuel_version['VERSION']['production'] {
|
||||
else {
|
||||
$production = 'dev'
|
||||
}
|
||||
Class['nailgun::packages'] ->
|
||||
Class['nailgun::host'] ->
|
||||
Class['docker::dockerctl'] ->
|
||||
Class['docker'] ->
|
||||
Class['nailgun::supervisor']
|
||||
|
||||
class { 'nailgun::packages': }
|
||||
|
||||
@ -22,4 +27,35 @@ class { "openstack::clocksync":
|
||||
config_template => "ntp/ntp.conf.centosserver.erb",
|
||||
}
|
||||
|
||||
class { "docker::dockerctl":
|
||||
release => $::fuel_version['VERSION']['release'],
|
||||
production => $production,
|
||||
}
|
||||
class { "docker": }
|
||||
|
||||
class { "nailgun::supervisor":
|
||||
nailgun_env => false,
|
||||
ostf_env => false,
|
||||
require => File["/etc/supervisord.d/current", "/etc/supervisord.d/${::fuel_version['VERSION']['release']}"],
|
||||
conf_file => "nailgun/supervisord.conf.base.erb",
|
||||
}
|
||||
|
||||
file { "/etc/supervisord.d":
|
||||
ensure => directory,
|
||||
}
|
||||
|
||||
file { "/etc/supervisord.d/${::fuel_version['VERSION']['release']}":
|
||||
require => File["/etc/supervisord.d"],
|
||||
owner => root,
|
||||
group => root,
|
||||
recurse => true,
|
||||
ensure => directory,
|
||||
source => "puppet:///modules/docker/supervisor",
|
||||
}
|
||||
|
||||
file { "/etc/supervisord.d/current":
|
||||
require => File["/etc/supervisord.d/${::fuel_version['VERSION']['release']}"],
|
||||
replace => true,
|
||||
ensure => "/etc/supervisord.d/${::fuel_version['VERSION']['release']}",
|
||||
}
|
||||
|
||||
|
@ -42,4 +42,11 @@ $gem_source = "http://localhost/gems/",
|
||||
group => 'root',
|
||||
mode => '0750',
|
||||
}
|
||||
file { "/var/www/nailgun/dump":
|
||||
ensure => directory,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0755',
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -15,4 +15,4 @@ childlogdir=/var/log/supervisor
|
||||
serverurl=unix:///var/run/supervisor.sock
|
||||
|
||||
[include]
|
||||
files = /etc/supervisord.d/*.conf
|
||||
files = /etc/supervisord.d/*.conf /etc/supervisord.d/current/*.conf
|
||||
|
Loading…
Reference in New Issue
Block a user