diff --git a/infra-templates/digitalocean-dns/2/README.md b/infra-templates/digitalocean-dns/2/README.md new file mode 100644 index 0000000..013559c --- /dev/null +++ b/infra-templates/digitalocean-dns/2/README.md @@ -0,0 +1,53 @@ +## DigitalOcean DNS + +Rancher External DNS service powered by DigitalOcean + +#### Changelog + +##### v0.6.4 + +* Adds support for overriding name template for specific services by setting io.rancher.service.external_dns_name_template label to it in docker-compose.yml + +#### Usage + +##### DigitalOcean DNS record TTL +The DigitalOcean API currently does not support per-record TTL setting. You should configure the global TTL setting for the domain manually and set it to a low value (e.g. 60). + +##### Limitation when running the service on multiple Rancher servers + +When running multiple instances of the External DNS service configured to use the same domain name, then only one of them can run in the "Default" environment of a Rancher server instance. + +##### Supported host labels + +`io.rancher.host.external_dns_ip` +Override the IP address used in DNS records for containers running on the host. Defaults to the IP address the host is registered with in Rancher. + +`io.rancher.host.external_dns` +Accepts 'true' (default) or 'false' +When this is set to 'false' no DNS records will ever be created for containers running on this host. + +##### Supported service labels + +`io.rancher.service.external_dns` +Accepts 'always', 'never' or 'auto' (default) +- `always`: Always create DNS records for this service +- `never`: Never create DNS records for this service +- `auto`: Create DNS records for this service if it exposes ports on the host + +`io.rancher.service.external_dns_name_template` +Custom DNS name template that overrides global custom DNS name template (see below) of default DNS name template for a specific service + +##### Custom DNS name template + +By default DNS entries are named `...`. +You can specify a custom name template used to construct the subdomain part (left of the domain/zone name) of the DNS records. The following placeholders are supported: + +* `%{{service_name}}` +* `%{{stack_name}}` +* `%{{environment_name}}` + +**Example:** + +`%{{stack_name}}-%{{service_name}}.statictext` + +Make sure to only use characters in static text and separators that your provider allows in DNS names. diff --git a/infra-templates/digitalocean-dns/2/docker-compose.yml b/infra-templates/digitalocean-dns/2/docker-compose.yml new file mode 100644 index 0000000..1564ee2 --- /dev/null +++ b/infra-templates/digitalocean-dns/2/docker-compose.yml @@ -0,0 +1,13 @@ +digitalocean: + image: rancher/external-dns:v0.6.4 + command: -provider=digitalocean + expose: + - 1000 + environment: + DO_PAT: ${DO_PAT} + ROOT_DOMAIN: ${ROOT_DOMAIN} + NAME_TEMPLATE: ${NAME_TEMPLATE} + TTL: 300 + labels: + io.rancher.container.create_agent: "true" + io.rancher.container.agent.role: "external-dns" diff --git a/infra-templates/digitalocean-dns/2/rancher-compose.yml b/infra-templates/digitalocean-dns/2/rancher-compose.yml new file mode 100644 index 0000000..233510c --- /dev/null +++ b/infra-templates/digitalocean-dns/2/rancher-compose.yml @@ -0,0 +1,34 @@ +.catalog: + name: "DigitalOcean DNS" + version: "v0.6.4" + description: "Rancher External DNS service powered by DigitalOcean" + minimum_rancher_version: v1.5.0 + questions: + - variable: "DO_PAT" + label: "DigitalOcean Personal Access Token" + description: "Enter your personal access token" + type: "string" + required: true + - variable: "ROOT_DOMAIN" + label: "Domain Name" + description: "The domain name managed by DigitalOcean." + type: "string" + required: true + - variable: "NAME_TEMPLATE" + label: "DNS Name Template" + description: | + Name template used to construct the subdomain part (left of the domain) of the DNS record names. + Supported placeholders: %{{service_name}}, %{{stack_name}}, %{{environment_name}}. + By default DNS entries will be named '...'. + type: "string" + default: "%{{service_name}}.%{{stack_name}}.%{{environment_name}}" + required: false + +digitalocean: + health_check: + port: 1000 + interval: 5000 + unhealthy_threshold: 3 + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 diff --git a/infra-templates/digitalocean-dns/config.yml b/infra-templates/digitalocean-dns/config.yml index e48e592..2f29acd 100644 --- a/infra-templates/digitalocean-dns/config.yml +++ b/infra-templates/digitalocean-dns/config.yml @@ -1,7 +1,7 @@ name: DigitalOcean DNS description: | Rancher External DNS service powered by DigitalOcean -version: v0.6.3 +version: v0.6.4 category: External DNS labels: io.rancher.orchestration.supported: 'cattle,mesos,swarm,kubernetes' diff --git a/machine-templates/cloudca/0/checksum b/machine-templates/cloudca/0/checksum new file mode 100644 index 0000000..c4025ab --- /dev/null +++ b/machine-templates/cloudca/0/checksum @@ -0,0 +1 @@ +bea9144384d543353b75ed0bea872fbe diff --git a/machine-templates/cloudca/0/rancher-compose.yml b/machine-templates/cloudca/0/rancher-compose.yml new file mode 100644 index 0000000..b6e9a2e --- /dev/null +++ b/machine-templates/cloudca/0/rancher-compose.yml @@ -0,0 +1,3 @@ +.catalog: + name: cloudca + version: "v1.0.1" diff --git a/machine-templates/cloudca/0/uiUrl b/machine-templates/cloudca/0/uiUrl new file mode 100644 index 0000000..884a3c2 --- /dev/null +++ b/machine-templates/cloudca/0/uiUrl @@ -0,0 +1 @@ +https://objects-east.cloud.ca/v1/5ef827605f884961b94881e928e7a250/rancher-ui-driver/v1.0.0/component.js diff --git a/machine-templates/cloudca/0/url b/machine-templates/cloudca/0/url new file mode 100644 index 0000000..6fecb2a --- /dev/null +++ b/machine-templates/cloudca/0/url @@ -0,0 +1 @@ +https://objects-east.cloud.ca/v1/5ef827605f884961b94881e928e7a250/docker-machine-driver-cloudca/v1.0.1/docker-machine-driver-cloudca_v1.0.1_linux-amd64.zip diff --git a/machine-templates/cloudca/catalogIcon-cloudca.svg b/machine-templates/cloudca/catalogIcon-cloudca.svg new file mode 100644 index 0000000..7c73c4b --- /dev/null +++ b/machine-templates/cloudca/catalogIcon-cloudca.svg @@ -0,0 +1,20 @@ + + + + + + + + + + + + + + + + + + + + diff --git a/machine-templates/cloudca/config.yml b/machine-templates/cloudca/config.yml new file mode 100644 index 0000000..f63e58e --- /dev/null +++ b/machine-templates/cloudca/config.yml @@ -0,0 +1,2 @@ +name: cloudca +version: "v1.0.1" diff --git a/machine-templates/qingcloud/0/checksum b/machine-templates/qingcloud/0/checksum new file mode 100644 index 0000000..56017a0 --- /dev/null +++ b/machine-templates/qingcloud/0/checksum @@ -0,0 +1 @@ +6891ca3791f23264ac3ca6576e856349 diff --git a/machine-templates/qingcloud/0/rancher-compose.yml b/machine-templates/qingcloud/0/rancher-compose.yml new file mode 100644 index 0000000..d11ff45 --- /dev/null +++ b/machine-templates/qingcloud/0/rancher-compose.yml @@ -0,0 +1,3 @@ +.catalog: + name: qingcloud + version: "v1.0.1" diff --git a/machine-templates/qingcloud/0/uiUrl b/machine-templates/qingcloud/0/uiUrl new file mode 100644 index 0000000..cbce490 --- /dev/null +++ b/machine-templates/qingcloud/0/uiUrl @@ -0,0 +1 @@ +http://machine-driver.oss-cn-shanghai.aliyuncs.com/qingcloud/ui/v1.0.1/component.js diff --git a/machine-templates/qingcloud/0/url b/machine-templates/qingcloud/0/url new file mode 100644 index 0000000..5bedbd5 --- /dev/null +++ b/machine-templates/qingcloud/0/url @@ -0,0 +1 @@ +http://machine-driver.oss-cn-shanghai.aliyuncs.com/qingcloud/driver/v1.0.1/docker-machine-driver-qingcloud-linux-amd64.tar.gz diff --git a/machine-templates/qingcloud/catalogIcon-qingcloud.png b/machine-templates/qingcloud/catalogIcon-qingcloud.png new file mode 100644 index 0000000..f6741b1 Binary files /dev/null and b/machine-templates/qingcloud/catalogIcon-qingcloud.png differ diff --git a/machine-templates/qingcloud/config.yml b/machine-templates/qingcloud/config.yml new file mode 100644 index 0000000..5b700af --- /dev/null +++ b/machine-templates/qingcloud/config.yml @@ -0,0 +1,2 @@ +name: qingcloud +version: "v1.0.1" diff --git a/swarm-templates/wordpress/config.yml b/swarm-templates/wordpress/config.yml index 5a68a92..c08d5e5 100644 --- a/swarm-templates/wordpress/config.yml +++ b/swarm-templates/wordpress/config.yml @@ -1,4 +1,4 @@ -name: Wordpress +name: WordPress description: | Blog tool, publishing platform and CMS version: 1.0.0-latest-rancher1 diff --git a/templates/consul/1/README.md b/templates/consul/1/README.md new file mode 100644 index 0000000..f5d7c92 --- /dev/null +++ b/templates/consul/1/README.md @@ -0,0 +1,32 @@ +# Consul Cluster + + +### Info: + + This template creates 3 Consul nodes that uses RPC encryption with TLS and gossip encryption to secure connection between consul cluster nodes, configuration is generated with confd from Rancher metadata. + + TLS is used to verify the authenticity of the servers and the clients using the verify_incoming and verify_outgoing options. + + The variables used in this template include: + +- Certificates and keys for Consul nodes. +- CA certificate. +- 16-bytes, Base64 encoded gossip encryption key. +- Web UI option. +- ACL options. + + +The templates uses two Docker images one as the main image and the other one is the sidekick: + +- consul. +- [consul-config](https://github.com/galal-hussein/consul-config). + +### Usage: + + Select Consul from catalog. + + Enter the certificates and keys for consul nodes, ca certificates, and the encryption key. + + Click deploy. + + The consul nodes will be bound to the Rancher managed network IPs. diff --git a/templates/consul/1/docker-compose.yml.tpl b/templates/consul/1/docker-compose.yml.tpl new file mode 100644 index 0000000..5f86e0f --- /dev/null +++ b/templates/consul/1/docker-compose.yml.tpl @@ -0,0 +1,41 @@ +consul-base: + image: consul:0.8.1 + entrypoint: + - /opt/rancher/bin/start_consul.sh + net: "container:consul" + labels: + io.rancher.container.hostname_override: container_name + volumes_from: + - consul-data +consul-data: + image: alpine:latest + entrypoint: + - /bin/true + labels: + io.rancher.container.hostname_override: container_name + io.rancher.container.start_once: true + volumes: + - /var/consul + - /opt/rancher/bin + - /opt/rancher/ssl + - /opt/rancher/config + net: none +consul: + image: husseingalal/consul-config:0.1.2 + labels: + io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: consul-base,consul-data + volumes_from: + - consul-data +{{- if eq .Values.ui "true"}} +consul-lb: + ports: + - 8500:8500/tcp + expose: + - 8500:8500/tcp + tty: true + image: rancher/load-balancer-service + links: + - consul:consul-base + stdin_open: true +{{- end }} diff --git a/templates/consul/1/rancher-compose.yml b/templates/consul/1/rancher-compose.yml new file mode 100644 index 0000000..2f2d885 --- /dev/null +++ b/templates/consul/1/rancher-compose.yml @@ -0,0 +1,93 @@ +.catalog: + name: "Consul" + description: "Secure Consul cluster" + version: "0.8-rancher1" + upgrade_from: 0.0.0-rancher1 + uuid: consul-0 + questions: + - variable: ca_crt + label: "CA certificate" + type: "multiline" + required: true + - variable: consul1_key + label: "First consul key" + type: "multiline" + required: true + - variable: consul1_crt + label: "First consul certificate" + type: "multiline" + required: true + - variable: consul2_key + label: "Second consul key" + type: "multiline" + required: true + - variable: consul2_crt + label: "Second consul certificate" + type: "multiline" + required: true + - variable: consul3_key + label: "Third consul key" + type: "multiline" + required: true + - variable: consul3_crt + label: "Third consul certificate" + type: "multiline" + required: true + - variable: gossip_key + label: "Communication gossip key" + type: "multiline" + required: true + - variable: enable_acl + label: "ACL Access" + type: "boolean" + required: true + default: false + - variable: acl_default_policy + label: "ACL Default Policy" + type: "enum" + options: + - "allow" + - "deny" + default: "allow" + required: true + - variable: acl_down_policy + label: "ACL Down Policy" + type: "enum" + options: + - "allow" + - "deny" + default: "allow" + required: true + - variable: acl_master_token + label: "ACL Master Token" + type: "string" + default: "" + required: false + - variable: ui + label: "Enable UI" + type: "boolean" + default: false + required: true +consul: + scale: 3 + metadata: + ca.crt: | + ${ca_crt} + consul1.crt: | + ${consul1_crt} + consul1.key: | + ${consul1_key} + consul2.crt: | + ${consul2_crt} + consul2.key: | + ${consul2_key} + consul3.crt: | + ${consul3_crt} + consul3.key: | + ${consul3_key} + enc.key: "${gossip_key}" + acl.enabled: "${enable_acl}" + acl.default_policy: "${acl_default_policy}" + acl.down_policy: "${acl_down_policy}" + acl.master_token: "${acl_master_token}" + ui.enabled: ${ui} diff --git a/templates/consul/config.yml b/templates/consul/config.yml index 6955566..369848f 100644 --- a/templates/consul/config.yml +++ b/templates/consul/config.yml @@ -1,5 +1,5 @@ name: Consul Cluster description: | Consul cluster -version: 0.6-rancher1 +version: 0.8-rancher1 category: Clustering diff --git a/templates/drone/2/README.md b/templates/drone/2/README.md new file mode 100644 index 0000000..9bddc3a --- /dev/null +++ b/templates/drone/2/README.md @@ -0,0 +1,19 @@ +# Drone + +### Info: + +This template creates an instance of Drone CI server 0.5 along with selectable number of agents to perform the builds. + +### Usage: + +Select the Drone template from the catalog. Provide the following information: + +1. Publish port +2. Agents scale +3. Drone secret +4. Run mode. debug | release +3. Remote driver and config. (Ie. GitHub) +4. Database driver and config. (Ie. sqlite) + + +See [Drone documentation](http://readme.drone.io/admin) for complete information. \ No newline at end of file diff --git a/templates/drone/2/docker-compose.yml.tpl b/templates/drone/2/docker-compose.yml.tpl new file mode 100644 index 0000000..26b71d6 --- /dev/null +++ b/templates/drone/2/docker-compose.yml.tpl @@ -0,0 +1,79 @@ +version: '2' +services: + agent: + image: drone/drone:0.5 + environment: + DRONE_SERVER: ws://drone:8000/ws/broker + DRONE_SECRET: ${drone_secret} + volumes: + - /var/run/docker.sock:/var/run/docker.sock + links: + - server:drone + command: + - agent + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + server: + image: drone/drone:0.5 + environment: + GIN_MODE: ${gin_mode} + DRONE_SECRET: ${drone_secret} + DRONE_OPEN: ${drone_open} +{{- if (.Values.drone_admin)}} + DRONE_ADMIN: ${drone_admins} +{{- end}} +{{- if (.Values.drone_orgs)}} + DRONE_ORGS: ${drone_orgs} +{{- end}} +{{- if eq .Values.drone_driver "github"}} + DRONE_GITHUB: true + DRONE_GITHUB_CLIENT: ${drone_driver_client} + DRONE_GITHUB_SECRET: ${drone_driver_secret} +{{- end}} +{{- if eq .Values.drone_driver "bitbucket"}} + DRONE_BITBUCKET: true + DRONE_BITBUCKET_CLIENT: ${drone_driver_client} + DRONE_BITBUCKET_SECRET: ${drone_driver_secret} +{{- end}} +{{- if eq .Values.drone_driver "gitlab"}} + DRONE_GITLAB: true + DRONE_GITLAB_CLIENT: ${drone_driver_secret} + DRONE_GITLAB_SECRET: ${drone_driver_secret} + DRONE_GITLAB_URL: ${drone_driver_url} +{{- end}} +{{- if eq .Values.drone_driver "gogs"}} + DRONE_GOGS: true + DRONE_GOGS_URL: ${drone_driver_url} +{{- end}} +{{- if ne .Values.database_driver "sqlite"}} + DRONE_DATABASE_DRIVER: ${database_driver} + DRONE_DATABASE_DATASOURCE: ${database_source} +{{- end}} + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name +{{- if eq .Values.database_driver "sqlite"}} + io.rancher.sidekicks: server-volume + volumes_from: + - server-volume + server-volume: + image: rawmind/alpine-volume:0.0.2-1 + environment: + SERVICE_GID: '0' + SERVICE_UID: '0' + SERVICE_VOLUME: /var/lib/drone + network_mode: none + volumes: + - /var/lib/drone + labels: + io.rancher.container.start_once: 'true' + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name +{{- end}} + lb: + image: rancher/load-balancer-service + ports: + - ${host_port}:8000/tcp + links: + - server:server diff --git a/templates/drone/2/rancher-compose.yml b/templates/drone/2/rancher-compose.yml new file mode 100644 index 0000000..8a3e527 --- /dev/null +++ b/templates/drone/2/rancher-compose.yml @@ -0,0 +1,123 @@ +version: 2 +catalog: + name: Drone + version: 0.5-rancher1 + upgrade_from: 0.5-rancher1 + description: | + Drone CI Server ref http://readme.drone.io/admin/installation-guide/ + questions: + - variable: host_port + label: Drone server Host Port + description: | + Port that will be exposed on service creation + required: true + default: 8000 + type: int + - variable: agent_scale + label: Drone agent scale + description: Drone agent scale to deploy + required: true + default: 1 + type: int + - variable: drone_secret + label: Server and agents sercret. + description: Server and agents secret to be communicate. http://readme.drone.io/admin/user-registration/ + type: password + required: true + - variable: gin_mode + label: Run mode + description: "Drone run mode, GIN_MODE" + type: enum + default: "release" + options: + - "release" + - "debug" + required: true + - variable: drone_open + label: Open registration + description: | + Users self register. http://readme.drone.io/admin/user-registration/ + required: true + default: true + type: enum + options: + - true + - false + - variable: drone_admin + label: Drone Admin + description: List of admins for drone coma seperated. http://readme.drone.io/admin/user-admins/ + type: string + required: false + - variable: drone_orgs + label: Organizations + description: Comman seperated list of org that can access drone. http://readme.drone.io/admin/user-registration/ + type: string + required: false + - variable: "drone_driver" + type: "enum" + required: true + label: "Remote Driver" + default: "github" + description: "Remote Git and Auth scheme. ref http://readme.drone.io/admin" + options: + - github + - bitbucket + - gitlab + - gogs + - variable: drone_driver_client + label: Remote Driver client + description: "Client key from remote driver. Required for github, bitbucket and gitlab." + type: string + required: false + - variable: drone_driver_secret + label: Remote Driver secret + description: "Secret key from remote driver. Required for github, bitbucket and gitlab." + type: string + required: false + - variable: drone_driver_url + label: Remote Driver url + description: "Remote Driver server url. Required for gitlab and gogs, http://readme.drone.io/admin" + type: string + required: false + - variable: database_driver + label: Database Driver + description: "Database driver. If sqlite, additional volume would be mounted at /var/lib/drone." + type: enum + default: "sqlite" + options: + - "sqlite" + - "mysql" + - "postgres" + required: true + - variable: "database_source" + type: "string" + label: "Database source" + description: "Database datasource. Required if database driver is mysql or postgres, http://readme.drone.io/admin/database-engines/" + required: false +services: + agent: + scale: ${agent_scale} + start_on_create: true + server: + scale: 1 + start_on_create: true + health_check: + port: 8000 + interval: 2000 + unhealthy_threshold: 3 + strategy: recreate + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 + lb: + scale: 1 + start_on_create: true + load_balancer_config: + haproxy_config: {} + health_check: + healthy_threshold: 2 + response_timeout: 2000 + port: 42 + unhealthy_threshold: 3 + interval: 2000 + strategy: recreate diff --git a/templates/drone/config.yml b/templates/drone/config.yml index 358b631..37cf51d 100644 --- a/templates/drone/config.yml +++ b/templates/drone/config.yml @@ -1,5 +1,5 @@ name: Drone description: | Drone CI Server -version: 0.4-rancher2 +version: 0.5-rancher1 category: Continuous Integration diff --git a/templates/gocd/0/docker-compose.yml.tpl b/templates/gocd/0/docker-compose.yml.tpl index bdd6ca9..54b7f54 100644 --- a/templates/gocd/0/docker-compose.yml.tpl +++ b/templates/gocd/0/docker-compose.yml.tpl @@ -5,7 +5,7 @@ services: tty: true image: webcenter/alpine-gocd-server:17.3.0-1 volumes: - {{- if (contains .Values.VOLUME_DRIVER_SERVER "/")}} + {{- if eq (printf "%.1s" .Values.VOLUME_DRIVER_SERVER) "/" }} - ${VOLUME_DRIVER_SERVER}:/data {{- else}} - gocd-server-data:/data @@ -36,7 +36,7 @@ services: - GOCD_PLUGIN_google-auth=https://github.com/gocd-contrib/gocd-oauth-login/releases/download/v2.3/google-oauth-login-2.3.jar - GOCD_PLUGIN_github-auth=https://github.com/gocd-contrib/gocd-oauth-login/releases/download/v2.3/github-oauth-login-2.3.jar {{- end}} - {{- if (ne .Values.DEPLOY_LB "true") and .Values.PUBLISH_PORT}} + {{- if and (ne .Values.DEPLOY_LB "true") (.Values.PUBLISH_PORT)}} ports: - ${PUBLISH_PORT}:8153 {{- end}} @@ -46,7 +46,7 @@ services: {{- if eq .Values.DEPLOY_LB "true"}} lb: image: rancher/lb-service-haproxy:v0.6.2 - {{- if .Values.PUBLISH_PORT}} + {{- if (.Values.PUBLISH_PORT)}} ports: - ${PUBLISH_PORT}:8153/tcp {{- else}} @@ -65,7 +65,7 @@ services: tty: true image: webcenter/alpine-gocd-agent:17.3.0-1 volumes: - {{- if (contains .Values.VOLUME_DRIVER_AGENT "/")}} + {{- if eq (printf "%.1s" .Values.VOLUME_DRIVER_AGENT) "/"}} - ${VOLUME_DRIVER_AGENT}:/data {{- else}} - gocd-agent-data:/data @@ -102,7 +102,7 @@ services: io.rancher.container.hostname_override: container_name image: index.docker.io/docker:1.13-dind volumes: - {{- if (contains .Values.VOLUME_DRIVER_AGENT "/")}} + {{- if eq (printf "%.1s" .Values.VOLUME_DRIVER_AGENT) "/"}} - ${VOLUME_DRIVER_AGENT}:/data {{- else}} - gocd-agent-data:/data @@ -114,12 +114,12 @@ volumes: gocd-scheduler-setting: driver: local per_container: true - {{- if not (contains .Values.VOLUME_DRIVER_AGENT "/")}} + {{- if ne (printf "%.1s" .Values.VOLUME_DRIVER_AGENT) "/"}} gocd-agent-data: driver: ${VOLUME_DRIVER_AGENT} per_container: true {{- end}} - {{- if not (contains .Values.VOLUME_DRIVER_SERVER "/")}} + {{- if ne (printf "%.1s" .Values.VOLUME_DRIVER_SERVER) "/"}} gocd-server-data: driver: ${VOLUME_DRIVER_SERVER} {{- end}} diff --git a/templates/influxdb/0/README.md b/templates/influxdb/0/README.md new file mode 100644 index 0000000..ef7aab2 --- /dev/null +++ b/templates/influxdb/0/README.md @@ -0,0 +1,20 @@ +# Influxdb + +### Info: + + This template deploys a Influxdb. + + +### Usage: + + Select influxdb from catalog. + + Change the following cloud9 default parameters, if you need: + +- Expose influxdb=true # Exposed influxdb service +- Influxdb port=8086 # Influxdb exposed port + + Click deploy. + + Influxdb can now be accessed over the Rancher network and over exposed port. + diff --git a/templates/influxdb/0/docker-compose.yml.tpl b/templates/influxdb/0/docker-compose.yml.tpl new file mode 100644 index 0000000..63628c5 --- /dev/null +++ b/templates/influxdb/0/docker-compose.yml.tpl @@ -0,0 +1,36 @@ +version: '2' +services: +{{- if eq .Values.EXPOSE_SERVICE "true"}} + lb: + image: rancher/lb-service-haproxy:v0.6.2 + ports: + - ${influxdb_port}:8086/tcp + labels: + io.rancher.container.agent.role: environmentAdmin + io.rancher.container.create_agent: 'true' +{{- end}} + influxdb: + image: influxdb:1.2.2-alpine + stdin_open: true + tty: true + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: influxdb-volume + volumes_from: + - influxdb-volume + influxdb-volume: + network_mode: "none" + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + io.rancher.container.start_once: true + environment: + - SERVICE_UID=0 + - SERVICE_GID=0 + - SERVICE_VOLUME=/var/lib/influxdb + volumes: + - /var/lib/influxdb + volume_driver: local + image: rawmind/alpine-volume:0.0.2-1 + diff --git a/templates/influxdb/0/rancher-compose.yml b/templates/influxdb/0/rancher-compose.yml new file mode 100644 index 0000000..f0f0f16 --- /dev/null +++ b/templates/influxdb/0/rancher-compose.yml @@ -0,0 +1,55 @@ +.catalog: + name: Influxdb + description: | + Influxdb + version: 1.2.2-rancher1 + minimum_rancher_version: v1.0.0 + maintainer: "Raul Sanchez " + uuid: influxdb-0 + questions: + - variable: "EXPOSE_SERVICE" + description: "Expose Influxdb" + label: "Expose influxdb:" + required: true + type: enum + default: "true" + options: + - "true" + - "false" + - variable: "influxdb_port" + description: | + Port to expose. + label: "Influxdb port:" + default: "8086" + required: true + type: "int" +version: '2' +services: + lb: + scale: 1 + start_on_create: true + lb_config: + certs: [] + port_rules: + - hostname: '' + priority: 1 + protocol: http + service: influxdb + source_port: ${influxdb_port} + target_port: 8086 + health_check: + response_timeout: 2000 + healthy_threshold: 2 + port: 42 + unhealthy_threshold: 3 + interval: 2000 + influxdb: + scale: 1 + start_on_create: true + health_check: + response_timeout: 2000 + healthy_threshold: 2 + port: 8086 + unhealthy_threshold: 3 + interval: 2000 + diff --git a/templates/influxdb/catalogIcon-influxdb.svg b/templates/influxdb/catalogIcon-influxdb.svg new file mode 100644 index 0000000..a44cb48 --- /dev/null +++ b/templates/influxdb/catalogIcon-influxdb.svg @@ -0,0 +1,81 @@ + + + + + + diff --git a/templates/influxdb/config.yml b/templates/influxdb/config.yml new file mode 100644 index 0000000..c8ca0df --- /dev/null +++ b/templates/influxdb/config.yml @@ -0,0 +1,7 @@ +name: Influxdb +description: | + Influxdb +version: 1.2.2-rancher1 +category: Database +maintainer: "Raul Sanchez " +license: diff --git a/templates/kibana/3/docker-compose.yml b/templates/kibana/3/docker-compose.yml new file mode 100644 index 0000000..066e42e --- /dev/null +++ b/templates/kibana/3/docker-compose.yml @@ -0,0 +1,33 @@ +kibana-vip: + ports: + - "${public_port}:80" + restart: always + tty: true + image: rancher/load-balancer-service + links: + - nginx-proxy:kibana5 + stdin_open: true +nginx-proxy-conf: + image: rancher/nginx-conf:v0.2.0 + command: "-backend=rancher --prefix=/2015-07-25" + labels: + io.rancher.container.hostname_override: container_name +nginx-proxy: + image: rancher/nginx:v1.9.4-3 + volumes_from: + - nginx-proxy-conf + labels: + io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: nginx-proxy-conf,kibana5 + external_links: + - ${elasticsearch_source}:elasticsearch +kibana5: + restart: always + tty: true + image: kibana:5.3.0 + net: "container:nginx-proxy" + stdin_open: true + environment: + ELASTICSEARCH_URL: "http://elasticsearch:9200" + labels: + io.rancher.container.hostname_override: container_name diff --git a/templates/kibana/3/rancher-compose.yml b/templates/kibana/3/rancher-compose.yml new file mode 100644 index 0000000..66479a4 --- /dev/null +++ b/templates/kibana/3/rancher-compose.yml @@ -0,0 +1,24 @@ +.catalog: + name: "Kibana" + version: "5.3.0-rancher1" + description: "Kibana: Explore & Visualize Your Data" + questions: + - variable: "elasticsearch_source" + description: "Link to elasticsearch service or stack/service" + label: "Elasticsearch source" + type: "service" + required: true + default: "es/elasticsearch-clients" + - variable: "public_port" + label: "Public Port" + description: "Unique public port for Kibana" + type: "int" + default: 80 + required: true + +nginx-proxy: + metadata: + nginx: + conf: + servername: "kibana" + upstream_port: 5601 diff --git a/templates/traefik/6/README.md b/templates/traefik/6/README.md new file mode 100644 index 0000000..11bae29 --- /dev/null +++ b/templates/traefik/6/README.md @@ -0,0 +1,79 @@ +# Traefik active load balancer (Experimental) + +### Info: + + This template deploys traefik active load balancers on top of Rancher. The configuration is generated and updated with confd from Rancher metadata. + It would be deployed in hosts with label traefik_lb=true. + +### Config: + +- host_label = "traefik_lb=true" # Host label where to run traefik service. +- http_port = 8080 # Port exposed to get access to the published services. +- https_port = 8443 # Port exposed to get secured access to the published services. +- admin_port = 8000 # Port exposed to get admin access to the traefik service. +- https_enable = + - false: Enable http enpoints and disable https ones. + - true: Enable http and https endpoints. + - only: Enable https endpoints and redirect http to https. +- acme_enable = false # Enable/Disable acme traefik support. +- acme_email = "test@traefik.io" # acme user email +- acme_ondemand = true # acme ondemand parameter. +- acme_onhostrule = true # acme onHostRule parameter. +- ssl_key # Paste your ssl key. *Required if you enable https +- ssl_crt # Paste your ssl crt. *Required if you enable https +- insecure_skip = false # Enable InsecureSkipVerify param. +- refresh_interval = 10s # Interval to refresh traefik rules.toml from rancher-metadata. + +NOTE: If you enable acme support, additional sidekick will be created for acme persistance. + +### Service configuration labels: + +Traefik labels has to be added in your services, in order to get included in traefik dynamic config. + +- traefik.enable = + - true: the service will be published as *service_name.stack_name.traefik_domain* + - stack: the service will be published as *stack_name.traefik_domain*. WARNING: You could have collisions inside services within your stack + - false: the service will not be published +- traefik.priority = # Override for frontend priority. 5 by default +- traefik.protocol = < http | https > # Override the default http protocol +- traefik.sticky = < true | false > # Enable/disable sticky sessions to the backend +- traefik.alias = < alias > # Alternate names to route rule. Multiple values separated by ",". traefik.domain is appended. WARNING: You could have collisions BE CAREFULL +- traefik.alias.fqdn = < alias fqdn > # Alternate names to route rule. Multiple values separated by ",". traefik.domain must be defined but is not appended here. +- traefik.domain = < domain.name > # Domain names to route rules. Multiple domains separated by "," +- traefik.domain.regexp = < domain.regexp > # Domain name regexp rule. Multiple domains separated by "," +- traefik.port = < port > # Port to expose throught traefik +- traefik.acme = < true | false > # Enable/disable ACME traefik feature +- traefik.path = < path > # Path rule. Multiple values separated by "," +- traefik.path.strip = < path > # Path strip rule. Multiple values separated by "," +- traefik.path.prefix = < path > # Path prefix rule. Multiple values separated by "," +- traefik.path.prefix.strip = < path > # Path prefix strip rule. Multiple values separated by "," + +Details for configuring the traefik rules can be found at: https://docs.traefik.io/basics/#frontends + +WARNING: Only services with healthy state are added to traefik, so health checks are mandatory. + +### Usage: + + Select Traefik from catalog. + + Set the params. + + Click deploy. + + Services will be accessed throught hosts ip's whith $host_label: + + - http://${service_name}.${stack_name}.${traefik.domain}:${http_port} + - https://${service_name}.${stack_name}.${traefik.domain}:${https_port} + + or + + - http://${stack_name}.${traefik.domain}:${http_port} + - https://${stack_name}.${traefik.domain}:${https_port} + + If you set traefik.alias you service could also be acceses through + + - http://${traefik.alias}.${traefik.domain}:${http_port} + - https://${traefik.alias}.${traefik.domain}:${https_port} + +Note: To access the services, you need to create A or CNAMES dns entries for every one. + diff --git a/templates/traefik/6/docker-compose.yml.tpl b/templates/traefik/6/docker-compose.yml.tpl new file mode 100644 index 0000000..bf72727 --- /dev/null +++ b/templates/traefik/6/docker-compose.yml.tpl @@ -0,0 +1,64 @@ +traefik: + ports: + - ${admin_port}:8000/tcp + - ${http_port}:${http_port}/tcp + - ${https_port}:${https_port}/tcp + log_driver: '' + labels: + io.rancher.scheduler.global: 'true' + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.sidekicks: traefik-conf + {{- if eq .Values.acme_enable "true" -}} + ,traefik-acme + {{- end}} + io.rancher.container.hostname_override: container_name + tty: true + log_opt: {} + image: rawmind/alpine-traefik:1.2.3-1 + environment: + - CONF_INTERVAL=${refresh_interval} + - TRAEFIK_HTTP_PORT=${http_port} + - TRAEFIK_HTTPS_PORT=${https_port} + - TRAEFIK_HTTPS_ENABLE=${https_enable} +{{- if eq .Values.acme_enable "true"}} + - TRAEFIK_ACME_ENABLE=${acme_enable} + - TRAEFIK_ACME_EMAIL=${acme_email} + - TRAEFIK_ACME_ONDEMAND=${acme_ondemand} + - TRAEFIK_ACME_ONHOSTRULE=${acme_onhostrule} +{{- end}} + - TRAEFIK_INSECURE_SKIP=${insecure_skip} + volumes_from: + - traefik-conf +{{- if eq .Values.acme_enable "true"}} + - traefik-acme +{{- end}} +traefik-conf: + log_driver: '' + labels: + io.rancher.scheduler.global: 'true' + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.start_once: 'true' + tty: true + log_opt: {} + image: rawmind/rancher-traefik:0.3.4-19 + net: none + volumes: + - /opt/tools +{{- if eq .Values.acme_enable "true"}} +traefik-acme: + net: none + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + io.rancher.container.start_once: true + environment: + - SERVICE_UID=10001 + - SERVICE_GID=10001 + - SERVICE_VOLUME=/opt/traefik/acme + volumes: + - /opt/traefik/acme + volume_driver: ${VOLUME_DRIVER} + image: rawmind/alpine-volume:0.0.2-1 +{{- end}} \ No newline at end of file diff --git a/templates/traefik/6/rancher-compose.yml b/templates/traefik/6/rancher-compose.yml new file mode 100644 index 0000000..a9b23a2 --- /dev/null +++ b/templates/traefik/6/rancher-compose.yml @@ -0,0 +1,107 @@ +.catalog: + name: traefik + version: v1.2.3-1-rancher1 + description: | + (Experimental) Traefik load balancer. + minimum_rancher_version: v0.59.0 + maintainer: "Raul Sanchez " + uuid: traefik-0 + questions: + - variable: "host_label" + description: "Host label where to run traefik service." + label: "Host label:" + required: true + default: "traefik_lb=true" + type: "string" + - variable: "http_port" + description: "Traefik http public port to listen." + label: "Http port:" + required: true + default: 8080 + type: "int" + - variable: "https_port" + description: "Traefik https public port to listen." + label: "Https port:" + required: true + default: 8443 + type: "int" + - variable: "admin_port" + description: "Traefik admin public port to listen." + label: "Admin port:" + required: true + default: 8000 + type: "int" + - variable: "https_enable" + label: "Enable HTTPS:" + description: | + Enable https working mode. If you activate, you need to fill SSL key and SSL crt in order to work. + default: false + required: true + type: enum + options: + - false + - true + - only + - variable: "acme_enable" + description: "Enable acme support on traefik." + label: "Enable ACME:" + required: true + default: false + type: "boolean" + - variable: "acme_email" + description: "ACME user email." + label: "ACME email:" + required: true + default: "test@traefik.io" + type: "string" + - variable: "acme_ondemand" + description: "Enable acme ondemand." + label: "ACME ondemand:" + required: true + default: true + type: "boolean" + - variable: "acme_onhostrule" + description: "Enable acme onHostRule." + label: "ACME onHostRule:" + required: true + default: true + type: "boolean" + - variable: "ssl_key" + description: "SSL key to secure the service. *Required if you enable https" + label: "SSL key" + type: "multiline" + required: false + default: "" + - variable: "ssl_crt" + description: "SSL cert to secure the service. *Required if you enable https" + label: "SSL crt" + type: "multiline" + required: false + default: "" + - variable: "insecure_skip" + description: "Enable InsecureSkipVerify param." + label: "InsecureSkipVerify:" + required: true + default: false + type: "boolean" + - variable: "refresh_interval" + description: "Interval to poll/apply configuration changes." + label: "Refresh Interval (s):" + required: true + default: 10 + type: "int" +traefik: + retain_ip: true + health_check: + port: 8000 + interval: 5000 + unhealthy_threshold: 3 + request_line: 'GET /dashboard/# HTTP/1.0' + healthy_threshold: 2 + response_timeout: 5000 + metadata: + traefik: + ssl_key: | + ${ssl_key} + ssl_crt: | + ${ssl_crt} diff --git a/templates/traefik/config.yml b/templates/traefik/config.yml index 8930f64..41d3c7b 100644 --- a/templates/traefik/config.yml +++ b/templates/traefik/config.yml @@ -1,7 +1,7 @@ name: Traefik description: | (Experimental) Traefik active load balancer -version: v1.1.2-rancher1 +version: v1.2.3-1-rancher1 category: Load Balancing maintainer: "Raul Sanchez " minimum_rancher_version: v0.59.0 diff --git a/templates/zammad/0/docker-compose.yml b/templates/zammad/0/docker-compose.yml index 4e03fd9..92f7356 100644 --- a/templates/zammad/0/docker-compose.yml +++ b/templates/zammad/0/docker-compose.yml @@ -3,7 +3,7 @@ version: '2' services: elasticsearch: - image: zammad/zammad-docker-compose:elasticsearch + image: zammad/zammad-docker-compose:zammad-elasticsearch labels: io.rancher.container.pull_image: always restart: always @@ -11,7 +11,7 @@ services: nginx: depends_on: - zammad - image: zammad/zammad-docker-compose:nginx + image: zammad/zammad-docker-compose:zammad-nginx labels: io.rancher.container.pull_image: always links: @@ -24,7 +24,7 @@ services: - data-zammad:/home/zammad postgresql: - image: zammad/zammad-docker-compose:postgresql + image: zammad/zammad-docker-compose:zammad-postgresql labels: io.rancher.container.pull_image: always restart: always