flywithu/community-catalog
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #1 from rancher/master

Browse Source 
Pulling latest master
This commit is contained in:
MadOtis 2018-04-09 14:53:44 -07:00 committed by GitHub
commit a4f43ce6f0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
48 changed files with 1651 additions and 208 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
infra-templates/digitalocean-dns/3/README.md
View File

@ -11,7 +11,7 @@ Rancher External DNS service powered by DigitalOcean
#### Usage
##### DigitalOcean DNS record TTL
The DigitalOcean API currently does not support per-record TTL setting. You should configure the global TTL setting for the domain manually and set it to a low value (e.g. 60).
The DigitalOcean API currently supports per-record TTL setting (https://developers.digitalocean.com/documentation/v2/#create-a-new-domain-record), but it is not yet implemented in this tool. You should configure the global TTL setting for the domain manually and set it to a low value (e.g. 60).
##### Limitation when running the service on multiple Rancher servers

2
infra-templates/digitalocean-dns/3/docker-compose.yml
View File

@ -7,7 +7,7 @@ digitalocean:
DO_PAT: ${DO_PAT}
ROOT_DOMAIN: ${ROOT_DOMAIN}
NAME_TEMPLATE: ${NAME_TEMPLATE}
TTL: 300
TTL: ${DNS_TTL}
labels:
io.rancher.container.create_agent: "true"
io.rancher.container.agent.role: "external-dns"

7
infra-templates/digitalocean-dns/3/rancher-compose.yml
View File

@ -15,6 +15,13 @@
description: "The domain name managed by DigitalOcean."
type: "string"
required: true
- variable: "DNS_TTL"
label: "TTL"
description: |
TTL used for new DNS records.
type: "string"
default: "300"
required: true
- variable: "NAME_TEMPLATE"
label: "DNS Name Template"
description: |

7
infra-templates/infoblox/1/README.md
View File

@ -4,6 +4,13 @@ Rancher External DNS service powered by Infoblox DNS
#### Usage
##### Using Rancher Secrets for infloblox Password
Optionally, you can use the Rancher Secrets to pass infloblox password instead of using environment variable.
1. Run the Rancher Secrets service before deploying this provider stack.
2. Create a secret named "infoblox-pass".
3. Deploy this stack, emptying `Infoblox password` field.
##### Supported host labels
`io.rancher.host.external_dns_ip`

16
infra-templates/infoblox/1/docker-compose.yml
View File

@ -1,16 +0,0 @@
infoblox:
image: rancher/external-dns:v0.7.8
command: -provider=infoblox
expose:
- 1000
environment:
INFOBLOX_URL: ${INFOBLOX_URL}
INFOBLOX_USER_NAME: ${INFOBLOX_USER_NAME}
INFOBLOX_PASSWORD: ${INFOBLOX_PASSWORD}
ROOT_DOMAIN: ${ROOT_DOMAIN}
SSL_VERIFY: ${SSL_VERIFY}
USE_COOKIES: ${USE_COOKIES}
TTL: ${TTL}
labels:
io.rancher.container.create_agent: "true"
io.rancher.container.agent.role: "external-dns"

35
infra-templates/infoblox/1/docker-compose.yml.tpl Normal file
View File

@ -0,0 +1,35 @@
version: '2'
services:
infoblox:
image: rancher/external-dns:v0.7.8
expose:
- 1000
environment:
INFOBLOX_URL: ${INFOBLOX_URL}
INFOBLOX_USER_NAME: ${INFOBLOX_USER_NAME}
INFOBLOX_PASSWORD: ${INFOBLOX_PASSWORD}
INFOBLOX_SECRET: '/run/secrets/infoblox-pass'
ROOT_DOMAIN: ${ROOT_DOMAIN}
SSL_VERIFY: ${SSL_VERIFY}
USE_COOKIES: ${USE_COOKIES}
TTL: ${TTL}
labels:
io.rancher.container.create_agent: "true"
io.rancher.container.agent.role: "external-dns"
{{- if ne .Values.INFOBLOX_PASSWORD ""}}
command: -provider=infoblox
{{- else}}
entrypoint:
- bash
- -c
- 'INFOBLOX_PASSWORD=$$(cat $${INFOBLOX_SECRET}) /usr/bin/rancher-entrypoint.sh -provider=infoblox'
secrets:
- mode: '0444'
uid: '0'
gid: '0'
source: 'infoblox-pass'
target: ''
secrets:
infoblox-pass:
external: 'true'
{{- end}}

2
infra-templates/infoblox/1/rancher-compose.yml
View File

@ -19,7 +19,7 @@
label: "Infoblox password"
description: "Infoblox password for your Infoblox service"
type: "password"
required: true
required: false
- variable: "SSL_VERIFY"
label: "Ssl verify"
description: "Infoblox Ssl verify for your Infoblox service"

57
infra-templates/infoblox/2/README.md Normal file
View File

@ -0,0 +1,57 @@
## Infoblox DNS
Rancher External DNS service powered by Infoblox DNS
#### Usage
##### Infloblox Password
Infoblox password could be provided in 2 ways, depending what you set at `Infoblox password type` enum:
- `env` by environment var.
Infoblox password is provided at `Infoblox password | secret name` field. This generates an enviroment variable inside container, `INFOBLOX_PASSWORD`, that contains the password in CLEAR.
- `secret` by rancher secret.
Infoblox password is provided by a Rancher Secret to secure it. Secret name is provided at `Infoblox password | secret name` field.
Previous steps are required to use rancher secrets:
1. Deploy Rancher Secrets service from library catalog, before deploying this stack.
2. Create a rancher secret with your infoblox password. From ui, `Infrastructure -> Secrets`.
3. Deploy this stack, setting `Infoblox password type` enum to `secret` and setting `Infoblox password | secret name` field to previously created secret name.
##### Supported host labels
`io.rancher.host.external_dns_ip`
Override the IP address used in DNS records for containers running on the host. Defaults to the IP address the host is registered with in Rancher.
`io.rancher.host.external_dns`
Accepts 'true' (default) or 'false'
When this is set to 'false' no DNS records will ever be created for containers running on this host.
##### Supported service labels
`io.rancher.service.external_dns`
Accepts 'always', 'never' or 'auto' (default)
- `always`: Always create DNS records for this service
- `never`: Never create DNS records for this service
- `auto`: Create DNS records for this service if it exposes ports on the host
`io.rancher.service.external_dns_name_template`
Custom DNS name template that overrides global custom DNS name template (see below) of default DNS name template for a specific service
##### Custom DNS name template
By default DNS entries are named `<service>.<stack>.<environment>.<domain>`.
You can specify a custom name template used to construct the subdomain part (left of the domain/zone name) of the DNS records. The following placeholders are supported:
* `%{{service_name}}`
* `%{{stack_name}}`
* `%{{environment_name}}`
**Example:**
`%{{stack_name}}-%{{service_name}}.statictext`
Make sure to only use characters in static text and separators that your provider allows in DNS names.

32
infra-templates/infoblox/2/docker-compose.yml.tpl Normal file
View File

@ -0,0 +1,32 @@
version: '2'
services:
infoblox:
image: rancher/external-dns:v0.7.10
command: -provider=infoblox {{if eq .Values.DEBUG_MODE "true" -}}-debug{{- end}}
expose:
- 1000
labels:
io.rancher.container.create_agent: "true"
io.rancher.container.agent.role: "external-dns"
environment:
INFOBLOX_URL: ${INFOBLOX_URL}
INFOBLOX_USER_NAME: ${INFOBLOX_USER_NAME}
ROOT_DOMAIN: ${ROOT_DOMAIN}
SSL_VERIFY: ${SSL_VERIFY}
USE_COOKIES: ${USE_COOKIES}
TTL: ${TTL}
{{- if eq .Values.INFOBLOX_PASSWORD_TYPE "env"}}
INFOBLOX_PASSWORD: ${INFOBLOX_PASSWORD}
{{- else}}
INFOBLOX_PASSWORD: ''
INFOBLOX_SECRET: '/run/secrets/${INFOBLOX_PASSWORD}'
secrets:
- mode: '0444'
uid: '0'
gid: '0'
source: '${INFOBLOX_PASSWORD}'
target: ''
secrets:
{{- .Values.INFOBLOX_PASSWORD}}:
external: 'true'
{{- end}}

77
infra-templates/infoblox/2/rancher-compose.yml Normal file
View File

@ -0,0 +1,77 @@
# notemplating
.catalog:
name: "Infoblox DNS"
version: "v0.2.1"
description: "Rancher External DNS service powered by Infoblox"
minimum_rancher_version: v1.6.0
questions:
- variable: "INFOBLOX_URL"
label: "Infoblox url"
description: "Infoblox url for your Infoblox service"
type: "string"
required: true
- variable: "INFOBLOX_USER_NAME"
label: "Infoblox user name"
description: "Infoblox user name for your Infoblox service"
type: "string"
required: true
- variable: "INFOBLOX_PASSWORD_TYPE"
label: "Infoblox password type"
description: "How infoblox password is provided by environment var or by rancher secret"
required: true
default: env
type: enum
options:
- env
- secret
- variable: "INFOBLOX_PASSWORD"
label: "Infoblox password | secret name"
description: "Infoblox password or secret name for your Infoblox service "
type: "string"
required: true
- variable: "ROOT_DOMAIN"
label: "Infoblox zone"
description: "The DNS zone name (root domain) managed by Infoblox. DNS entries will be created for <service>.<stack>.<environment>.<domain>"
type: "string"
required: true
- variable: "NAME_TEMPLATE"
label: "DNS Name Template"
description: |
Name template used to construct the subdomain part (left of the domain) of the DNS record names.
Supported placeholders: %{{service_name}}, %{{stack_name}}, %{{environment_name}}.
By default DNS entries will be named '<service>.<stack>.<environment>.<domain>'.
type: "string"
default: "%{{service_name}}.%{{stack_name}}.%{{environment_name}}"
required: true
- variable: "TTL"
label: "TTL"
description: "The resource record cache time to live (TTL), in seconds"
type: "int"
default: 600
min: 1
max: 86400
required: true
- variable: "DEBUG_MODE"
label: "Debug mode"
description: "Activate debug mode"
type: "boolean"
required: true
default: false
- variable: "SSL_VERIFY"
label: "Ssl verify"
description: "Infoblox Ssl verify for your Infoblox service"
type: "boolean"
required: true
- variable: "USE_COOKIES"
label: "Use cookies"
description: "Uses cookies if specified, re-creating the request and falling back to basic auth if a cookie is not present"
type: "boolean"
required: true
infoblox:
health_check:
port: 1000
interval: 5000
unhealthy_threshold: 3
request_line: GET / HTTP/1.0
healthy_threshold: 2
response_timeout: 2000

2
infra-templates/infoblox/config.yml
View File

@ -1,7 +1,7 @@
name: Infoblox DNS
description: |
Rancher External DNS service powered by Infoblox
version: v0.2.0
version: v0.2.1
category: External DNS
labels:
io.rancher.orchestration.supported: 'cattle,mesos,swarm,kubernetes'

44
infra-templates/ovh-dns/0/README.md Normal file
View File

@ -0,0 +1,44 @@
## OVH DNS
Rancher External DNS service powered by OVH
#### Usage
##### Limitation when running the service on multiple Rancher servers
When running multiple instances of the External DNS service configured to use the same domain name, then only one of them can run in the "Default" environment of a Rancher server instance.
##### Supported host labels
`io.rancher.host.external_dns_ip`
Override the IP address used in DNS records for containers running on the host. Defaults to the IP address the host is registered with in Rancher.
`io.rancher.host.external_dns`
Accepts 'true' (default) or 'false'
When this is set to 'false' no DNS records will ever be created for containers running on this host.
##### Supported service labels
`io.rancher.service.external_dns`
Accepts 'always', 'never' or 'auto' (default)
- `always`: Always create DNS records for this service
- `never`: Never create DNS records for this service
- `auto`: Create DNS records for this service if it exposes ports on the host
`io.rancher.service.external_dns_name_template`
Custom DNS name template that overrides global custom DNS name template (see below) of default DNS name template for a specific service
##### Custom DNS name template
By default DNS entries are named `<service>.<stack>.<environment>.<domain>`.
You can specify a custom name template used to construct the subdomain part (left of the domain/zone name) of the DNS records. The following placeholders are supported:
* `%{{service_name}}`
* `%{{stack_name}}`
* `%{{environment_name}}`
**Example:**
`%{{stack_name}}-%{{service_name}}.statictext`
Make sure to only use characters in static text and separators that your provider allows in DNS names.

16
infra-templates/ovh-dns/0/docker-compose.yml Normal file
View File

@ -0,0 +1,16 @@
ovh:
image: rancher/external-dns:v0.7.10
command: -provider=ovh
expose:
- 1000
environment:
OVH_ENDPOINT: ${OVH_ENDPOINT}
OVH_APPLICATION_KEY: ${OVH_APPLICATION_KEY}
OVH_APPLICATION_SECRET: ${OVH_APPLICATION_SECRET}
OVH_CONSUMER_KEY: ${OVH_CONSUMER_KEY}
ROOT_DOMAIN: ${ROOT_DOMAIN}
NAME_TEMPLATE: ${NAME_TEMPLATE}
TTL: 300
labels:
io.rancher.container.create_agent: "true"
io.rancher.container.agent.role: "external-dns"

50
infra-templates/ovh-dns/0/rancher-compose.yml Normal file
View File

@ -0,0 +1,50 @@
# notemplating
.catalog:
name: "OVH DNS"
version: "v0.1.0"
description: "Rancher External DNS service powered by OVH"
minimum_rancher_version: v1.6.0-rc1
questions:
- variable: "OVH_ENDPOINT"
label: "OVH Endpoint"
description: "Enter your endpoint"
type: "string"
required: true
- variable: "OVH_APPLICATION_KEY"
label: "OVH Application Key"
description: "Enter your application key"
type: "string"
required: true
- variable: "OVH_APPLICATION_SECRET"
label: "OVH Application Secret"
description: "Enter your application secret"
type: "string"
required: true
- variable: "OVH_CONSUMER_KEY"
label: "OVH Consumer Key"
description: "Enter your consumer key"
type: "string"
required: true
- variable: "ROOT_DOMAIN"
label: "Domain Name"
description: "The domain name managed by OVH."
type: "string"
required: true
- variable: "NAME_TEMPLATE"
label: "DNS Name Template"
description: |
Name template used to construct the subdomain part (left of the domain) of the DNS record names.
Supported placeholders: %{{service_name}}, %{{stack_name}}, %{{environment_name}}.
By default DNS entries will be named '<service>.<stack>.<environment>.<domain>'.
type: "string"
default: "%{{service_name}}.%{{stack_name}}.%{{environment_name}}"
required: false
ovh:
health_check:
port: 1000
interval: 5000
unhealthy_threshold: 3
request_line: GET / HTTP/1.0
healthy_threshold: 2
response_timeout: 2000

73
infra-templates/ovh-dns/catalogIcon-ovh-dns.svg Normal file
View File

@ -0,0 +1,73 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="354"
height="354"
version="1.1"
id="svg13"
sodipodi:docname="Logo-OVH.svg"
inkscape:version="0.92.2 (5c3e80d, 2017-08-06)">
<metadata
id="metadata17">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title></dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<sodipodi:namedview
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1"
objecttolerance="10"
gridtolerance="10"
guidetolerance="10"
inkscape:pageopacity="0"
inkscape:pageshadow="2"
inkscape:window-width="1920"
inkscape:window-height="1009"
id="namedview15"
showgrid="false"
inkscape:zoom="1.0622592"
inkscape:cx="-55.59374"
inkscape:cy="118.73959"
inkscape:window-x="0"
inkscape:window-y="34"
inkscape:window-maximized="1"
inkscape:current-layer="g11" />
<defs
id="defs5">
<clipPath
id="a">
<path
d="M 0,283.46 H 444.793 V 0 H 0 Z"
id="path2"
inkscape:connector-curvature="0" />
</clipPath>
</defs>
<g
clip-path="url(#a)"
transform="matrix(1.25,0,0,-1.25,-118.83,409.24)"
id="g11">
<path
d="m 298.47189,270.01024 -14.83054,-25.7701 H 268.0674 l -18.3813,-31.89637 h 15.60167 l -11.80016,-20.48806 h 38.32124 c 9.79547,11.97279 15.67854,27.27332 15.67854,43.94854 a 69.117606,69.117606 0 0 1 -9.0155,34.20725 m -75.8953,-78.15579 h 0.0378 l -0.0189,0.034 47.61648,82.69945 h -40.28312 l -27.46106,-47.72736 -24.85658,43.18874 a 69.112566,69.112566 0 0 1 -9.03819,-34.24757 c 0,-16.67522 5.88182,-31.97449 15.67854,-43.94728 z M 111.19132,135.76302 c 0,-13.73054 6.26612,-20.27891 17.03811,-20.27891 10.77324,0 17.03936,6.54837 17.03936,20.27765 0,13.79983 -6.26612,20.34694 -17.03936,20.34694 -10.77325,0 -17.03811,-6.54711 -17.03811,-20.34694 m -4.92922,0 c 0,16.68656 8.30862,24.71294 21.96733,24.71294 13.65871,0 21.96734,-8.02638 21.96734,-24.71294 0,-16.54419 -8.30737,-24.64239 -21.96734,-24.64239 -13.65871,0 -21.96733,8.09694 -21.96733,24.64239 m 81.60196,22.74225 c 0.21042,0.56324 0.91604,1.54858 2.25293,1.54858 1.33815,0 2.39405,-1.05591 2.39405,-2.39406 0,-0.4221 -0.14112,-0.84421 -0.21168,-1.0559 l -16.47487,-43.44075 c -0.35281,-0.98661 -1.33815,-1.6204 -2.25293,-1.6204 -0.91605,0 -1.90265,0.63379 -2.25294,1.6204 l -16.47613,43.44075 c -0.0706,0.21169 -0.21168,0.6338 -0.21168,1.0559 0,1.33815 1.05716,2.39406 2.39405,2.39406 1.33815,0 2.04125,-0.98534 2.25293,-1.54984 l 14.29377,-37.87772 z m 16.40305,-24.29083 v -20.27765 c 0,-1.26632 -1.0559,-2.39405 -2.39405,-2.39405 -1.33563,0 -2.39406,1.12773 -2.39406,2.39405 v 43.723 c 0,1.26759 1.05843,2.39406 2.39406,2.39406 1.33815,0 2.39405,-1.12647 2.39405,-2.39406 v -19.07935 h 24.50126 v 19.07935 c 0,1.26759 1.05842,2.39406 2.39405,2.39406 1.33815,0 2.39405,-1.12647 2.39405,-2.39406 v -43.723 c 0,-1.26632 -1.0559,-2.39405 -2.39405,-2.39405 -1.33563,0 -2.39405,1.12773 -2.39405,2.39405 v 20.27765 z"
id="path7"
inkscape:connector-curvature="0"
style="fill:#264670;stroke-width:1.2600286" />
<path
d="m 241.5123,114.85031 c 0,2.32476 1.26758,3.38066 3.30883,3.38066 2.04251,0 3.3101,-1.0559 3.3101,-3.38066 0,-2.32349 -1.26759,-3.30883 -3.3101,-3.30883 -2.04125,0 -3.30883,0.98534 -3.30883,3.30883 m 25.9087,30.20542 c 6.26612,0 9.71608,-3.30884 10.84129,-4.85741 0.35281,-0.49267 0.49393,-0.84548 0.49393,-1.33815 0,-1.19703 -0.91478,-2.04125 -2.04125,-2.04125 -0.70561,0 -1.19702,0.28099 -1.69096,0.84422 -1.0559,1.19703 -2.95602,3.30884 -7.60301,3.30884 -6.47654,0 -9.92776,-4.15306 -9.92776,-12.81324 0,-8.80256 3.44996,-12.88506 9.92902,-12.88506 4.08249,0 6.54585,1.82957 8.16499,3.02785 0.49393,0.35155 0.84548,0.49267 1.33815,0.49267 1.12772,0 2.0425,-0.91478 2.0425,-2.0425 0,-0.6338 -0.21168,-1.12521 -0.91478,-1.759 -1.54983,-1.26759 -4.93049,-3.80277 -10.63212,-3.80277 -9.08228,0 -14.50293,5.4219 -14.50293,16.96881 0,11.54691 5.42191,16.89699 14.50293,16.89699 m 41.53936,-16.89699 c 0,8.87061 -3.72968,12.81324 -10.20875,12.81324 -6.47654,0 -10.20875,-3.94389 -10.20875,-12.8145 0,-9.01047 3.73095,-12.8838 10.20875,-12.8838 6.47781,0 10.20875,3.87333 10.20875,12.88506 m 4.57769,0 c 0,-11.54691 -5.63233,-16.96881 -14.78644,-16.96881 -9.08354,0 -14.78517,5.4219 -14.78517,16.96881 0,11.54691 5.70163,16.89699 14.78517,16.89699 9.15285,0 14.78644,-5.35008 14.78644,-16.89699 m 55.47905,4.43405 v -18.79838 a 2.2239504,2.2239504 0 0 0 -2.25293,-2.25293 2.2239504,2.2239504 0 0 0 -2.25293,2.25293 v 17.8836 c 0,5.56176 -1.97194,9.36453 -8.80256,9.36453 -6.05317,0 -8.80004,-3.23828 -8.80004,-8.44975 v -18.79838 a 2.2239504,2.2239504 0 0 0 -2.25293,-2.25293 2.2239504,2.2239504 0 0 0 -2.25293,2.25293 v 17.8836 c 0,5.56176 -1.76026,9.36453 -8.66017,9.36453 -6.54711,0 -8.66018,-3.94389 -8.66018,-9.85722 v -17.39091 a 2.2239504,2.2239504 0 0 0 -2.25293,-2.25293 2.2239504,2.2239504 0 0 0 -2.25293,2.25293 v 28.58628 c 0,1.26633 0.98534,2.25293 2.25293,2.25293 a 2.2239504,2.2239504 0 0 0 2.25293,-2.25293 v -2.25419 c 1.19703,2.60574 4.57642,4.92923 9.15285,4.92923 5.77471,0 9.50439,-2.11181 11.19409,-4.92923 1.76152,2.74686 4.85993,4.92923 10.27931,4.92923 10.84381,0 13.30842,-6.47655 13.30842,-12.46168"
id="path9"
inkscape:connector-curvature="0"
style="fill:#8a8a89;stroke-width:1.2600286" />
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 5.8 KiB

7
infra-templates/ovh-dns/config.yml Normal file
View File

@ -0,0 +1,7 @@
name: OVH DNS
description: |
Rancher External DNS service powered by OVH
version: v0.1.0
category: External DNS
labels:
io.rancher.orchestration.supported: 'cattle,mesos,swarm,kubernetes'

1
machine-templates/hetzner/1/checksum Normal file
View File

@ -0,0 +1 @@
1b1c6e0ce8669ae76e7ea9fd7c8de32d

3
machine-templates/hetzner/1/rancher-compose.yml Normal file
View File

@ -0,0 +1,3 @@
.catalog:
name: hetzner
version: "1.0.1"

1
machine-templates/hetzner/1/uiUrl Normal file
View File

@ -0,0 +1 @@
https://storage.googleapis.com/hcloud-rancher-v1-ui-driver/component.js

1
machine-templates/hetzner/1/url Normal file
View File

@ -0,0 +1 @@
https://github.com/JonasProgrammer/docker-machine-driver-hetzner/releases/download/1.1.0/docker-machine-driver-hetzner_1.1.0_linux_amd64.tar.gz

2
machine-templates/hetzner/catalogIcon-hetzner.svg
View File

File diff suppressed because one or more lines are too long
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.3 KiB

After

Width:  |  Height:  |  Size: 6.3 KiB

2
machine-templates/hetzner/config.yml
View File

@ -1,2 +1,2 @@
name: hetzner
version: "1.0.0"
version: "1.0.1"

29
templates/avi/3/README.md Normal file
View File

@ -0,0 +1,29 @@
Avi Vantage Platform Load Balancer Provider
========
## About Avi Vantage Platform
The [Avi Vantage Platform](https://avinetworks.com/software-load-balancer-for-any-cloud/) is built on software-defined architectural principles to create a centrally managed pool of distributed load balancers to deliver application services close to the applications.
## About this provider
This provider load balances Rancher services using Avi Vantage Platform Load Balancer. It uses REST API to update the Avi controller which enables the Avi Service Engines to load balance the Rancher Services.
## Usage
1. Deploy the stack for this provider from Rancher Community Catalog.
While deploying, you need to give the username, password,
Avi Controller IP address, Avi Controller Port, the Cloud name
where Virtual Services and Pools are created.
2. Create services in Rancher with public host port mapping and corresponding
Virtual services are created in Avi. All CRUD operations on services get
reflected in Avi Controller and Service Engine.
3. You can scale out/in the service and the changes will get reflected on
Avi Controller and Service Engine.
### Using Rancher Secrets for Avi Password
Optionally, you can use the Rancher Secrets to pass the Avi controller
password instead of using environment variable.
1. Run the Rancher Secrets service before deploying this provider stack.
2. Create a secret named "avi-creds".
3. While deploying the Avi provider stack, use the "avi-creds" secret
for Avi Provider service.

13
templates/avi/3/docker-compose.yml Normal file
View File

@ -0,0 +1,13 @@
avi:
image: avinetworks/avi-rancher-controller:2018-01-24T04-59-04.487263875Z
expose:
- 1000
environment:
AVI_USER: ${AVI_USER}
AVI_PASSWORD: ${AVI_PASSWORD}
AVI_CONTROLLER_ADDR: ${AVI_CONTROLLER_ADDR}
AVI_CONTROLLER_PORT: ${AVI_CONTROLLER_PORT}
AVI_SSL_VERIFY: ${AVI_SSL_VERIFY}
AVI_CLOUD_NAME: ${AVI_CLOUD_NAME}
AVI_DNS_SUBDOMAIN: ${AVI_DNS_SUBDOMAIN}
AVI_TENANT: ${AVI_TENANT}

57
templates/avi/3/rancher-compose.yml Normal file
View File

@ -0,0 +1,57 @@
.catalog:
name: Avi Vantange Platform Load Balancer
version: "v2-Avi"
description: "External LB service powered by Avi Vantage Platform"
minimum_rancher_version: v1.1.0
questions:
- variable: "AVI_USER"
label: "Avi account username"
description: "User name for your account on Avi Controller"
type: "string"
required: true
- variable: "AVI_PASSWORD"
label: "Avi user account password"
description: "Password for your account on Avi Controller"
type: "password"
required: false
- variable: "AVI_CONTROLLER_ADDR"
label: "Avi Controller IP Address"
description: "IP Address of the Avi Controller"
type: "string"
required: true
- variable: "AVI_CONTROLLER_PORT"
label: "Avi Controller Port (Optional)"
description: "Port on which Avi Controller is listening for API requests"
type: "string"
required: false
- variable: "AVI_CLOUD_NAME"
label: "Avi Cloud Name (Optional)"
description: "Name of Avi Cloud in which Virtual Services are created"
required: false
type: "string"
- variable: "AVI_SSL_VERIFY"
label: "Avi SSL Verify (Optional)"
description: "SSL certificate validation while connecting to Avi Controller"
required: false
type: "boolean"
default: false
- variable: "AVI_DNS_SUBDOMAIN"
label: "Avi VS subdomain"
description: "Avi Virtual services are created with the subdomain config"
type: "string"
required: false
- variable: "AVI_TENANT"
label: "Avi tenant name"
description: "Avi Virtual service created in tenant"
type: "string"
required: false
default: admin
avi:
health_check:
port: 1000
interval: 5000
unhealthy_threshold: 2
request_line: GET / HTTP/1.0
healthy_threshold: 2
response_timeout: 2000

2
templates/avi/config.yml
View File

@ -1,5 +1,5 @@
name: Avi Vantage Platform
description: |
External LB service powered by Avi Vantage Platform
version: v1-Avi
version: v2-Avi
category: Load Balancing

5
templates/es-cluster/4/README.md Normal file
View File

@ -0,0 +1,5 @@
# Elasticsearch Cluster
A scalable Elasticsearch cluster
WARN: To avoid vm.max_map_count errors you could set "Update host sysctl" to true. Then param vm.max_map_count will be update to 262144 if it's less in your hosts.

122
templates/es-cluster/4/docker-compose.yml.tpl Normal file
View File

@ -0,0 +1,122 @@
version: '2'
services:
es-master:
labels:
io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name}
io.rancher.container.hostname_override: container_name
io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}}
image: docker.elastic.co/elasticsearch/elasticsearch:6.2.3
environment:
- "cluster.name=${cluster_name}"
- "node.name=$${HOSTNAME}"
- "bootstrap.memory_lock=true"
- "xpack.security.enabled=false"
- "ES_JAVA_OPTS=-Xms${master_heap_size} -Xmx${master_heap_size}"
- "discovery.zen.ping.unicast.hosts=es-master"
- "discovery.zen.minimum_master_nodes=${minimum_master_nodes}"
- "node.master=true"
- "node.data=false"
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
mem_limit: ${master_mem_limit}
mem_swappiness: 0
cap_add:
- IPC_LOCK
volumes_from:
- es-storage
es-data:
labels:
io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name}
io.rancher.container.hostname_override: container_name
io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}}
image: docker.elastic.co/elasticsearch/elasticsearch:6.2.3
environment:
- "cluster.name=${cluster_name}"
- "node.name=$${HOSTNAME}"
- "bootstrap.memory_lock=true"
- "xpack.security.enabled=false"
- "discovery.zen.ping.unicast.hosts=es-master"
- "ES_JAVA_OPTS=-Xms${data_heap_size} -Xmx${data_heap_size}"
- "node.master=false"
- "node.data=true"
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
mem_limit: ${data_mem_limit}
mem_swappiness: 0
cap_add:
- IPC_LOCK
volumes_from:
- es-storage
depends_on:
- es-master
es-client:
labels:
io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name}
io.rancher.container.hostname_override: container_name
io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}}
image: docker.elastic.co/elasticsearch/elasticsearch:6.2.3
environment:
- "cluster.name=${cluster_name}"
- "node.name=$${HOSTNAME}"
- "bootstrap.memory_lock=true"
- "xpack.security.enabled=false"
- "discovery.zen.ping.unicast.hosts=es-master"
- "ES_JAVA_OPTS=-Xms${client_heap_size} -Xmx${client_heap_size}"
- "node.master=false"
- "node.data=false"
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
mem_limit: ${client_mem_limit}
mem_swappiness: 0
cap_add:
- IPC_LOCK
volumes_from:
- es-storage
depends_on:
- es-master
es-storage:
labels:
io.rancher.container.start_once: true
network_mode: none
image: rawmind/alpine-volume:0.0.2-1
environment:
- SERVICE_UID=1000
- SERVICE_GID=1000
- SERVICE_VOLUME=/usr/share/elasticsearch/data
volumes:
- es-storage-volume:/usr/share/elasticsearch/data
{{- if eq .Values.UPDATE_SYSCTL "true" }}
es-sysctl:
labels:
io.rancher.container.start_once: true
network_mode: none
image: rawmind/alpine-sysctl:0.1
privileged: true
environment:
- "SYSCTL_KEY=vm.max_map_count"
- "SYSCTL_VALUE=262144"
{{- end}}
volumes:
es-storage-volume:
driver: ${VOLUME_DRIVER}
per_container: true

111
templates/es-cluster/4/rancher-compose.yml Normal file
View File

@ -0,0 +1,111 @@
version: '2'
catalog:
name: Elasticsearch Cluster
version: 6.2.3-rancher1
description: Scalable Elasticsearch Cluster
questions:
- variable: "cluster_name"
type: "string"
required: true
label: "Cluster name"
description: "Name of the Elasticsearch Cluster"
default: "es-cluster"
- variable: "UPDATE_SYSCTL"
label: "Update host sysctl:"
description: |
Set true to avoid vm.max_map_count errors.
WARN: If set true, host param vm.max_map_count will be update to 262144.
default: false
required: true
type: enum
options:
- false
- true
- variable: "master_heap_size"
type: "string"
required: true
label: "Heap size (master nodes)"
description: "Heap size to be allocated for Java (master nodes)"
default: "512m"
- variable: "master_mem_limit"
type: "int"
required: true
label: "Memory limit in byte (master nodes)"
description: "Memory limit in Byte per elasticsearch container. AT LEAST double the heap size! (master nodes)"
default: 1073741824
- variable: "data_heap_size"
type: "string"
required: true
label: "Heap size (data nodes)"
description: "Heap size to be allocated for Java (data nodes)"
default: "512m"
- variable: "data_mem_limit"
type: "int"
required: true
label: "Memory limit in byte (data nodes)"
description: "Memory limit in Byte per elasticsearch container. AT LEAST double the heap size! (data nodes)"
default: 1073741824
- variable: "client_heap_size"
type: "string"
required: true
label: "Heap size (client nodes)"
description: "Heap size to be allocated for Java (client nodes)"
default: "512m"
- variable: "client_mem_limit"
type: "int"
required: true
label: "Memory limit in byte (client nodes)"
description: "Memory limit in Byte per elasticsearch container. AT LEAST double the heap size! (client nodes)"
default: 1073741824
- variable: "minimum_master_nodes"
type: "int"
required: true
label: "# of minimum Master Nodes"
description: "Set the number of required master nodes to reach quorum. Sets initial scale to this value as well"
default: 3
- variable: "initial_data_nodes"
type: "int"
required: true
label: "# of initial data nodes"
description: "Set the initial number of data nodes"
default: 2
- variable: "initial_client_nodes"
type: "int"
required: true
label: "# of initial client nodes"
description: "Set the initial number of client nodes"
default: 1
- variable: "VOLUME_DRIVER"
description: "The VOLUME driver to associate with this server"
label: "VOLUME Driver"
required: true
default: "local"
type: enum
options:
- local
- rancher-nfs
- rancher-efs
- rancher-ebs
services:
es-master:
scale: ${minimum_master_nodes}
es-data:
scale: ${initial_data_nodes}
es-client:
scale: ${initial_client_nodes}

4
templates/es-cluster/config.yml
View File

@ -1,5 +1,5 @@
name: Elasticsearch Cluster 5.5.1
name: Elasticsearch Cluster 6.2.3
description: |
Elasticsearch, you know for search!
version: 5.5.1-rancher1
version: 6.2.3-rancher1
category: ELK

33
templates/kibana/4/docker-compose.yml Normal file
View File

@ -0,0 +1,33 @@
kibana-vip:
ports:
- "${public_port}:80"
restart: always
tty: true
image: rancher/load-balancer-service
links:
- nginx-proxy:kibana6
stdin_open: true
nginx-proxy-conf:
image: rancher/nginx-conf:v0.2.0
command: "-backend=rancher --prefix=/2015-07-25"
labels:
io.rancher.container.hostname_override: container_name
nginx-proxy:
image: rancher/nginx:v1.9.4-3
volumes_from:
- nginx-proxy-conf
labels:
io.rancher.container.hostname_override: container_name
io.rancher.sidekicks: nginx-proxy-conf,kibana6
external_links:
- ${elasticsearch_source}:elasticsearch
kibana6:
restart: always
tty: true
image: docker.elastic.co/kibana/kibana:6.2.3
net: "container:nginx-proxy"
stdin_open: true
environment:
ELASTICSEARCH_URL: "http://elasticsearch:9200"
labels:
io.rancher.container.hostname_override: container_name

24
templates/kibana/4/rancher-compose.yml Normal file
View File

@ -0,0 +1,24 @@
.catalog:
name: "Kibana"
version: "6.2.3-rancher1"
description: "Kibana: Explore & Visualize Your Data"
questions:
- variable: "elasticsearch_source"
description: "Link to elasticsearch service or stack/service"
label: "Elasticsearch source"
type: "service"
required: true
default: "es/elasticsearch-clients"
- variable: "public_port"
label: "Public Port"
description: "Unique public port for Kibana"
type: "int"
default: 80
required: true
nginx-proxy:
metadata:
nginx:
conf:
servername: "kibana"
upstream_port: 5601

79
templates/kibana/catalogIcon-kibana.svg
View File

@ -1,34 +1,45 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Generator: Adobe Illustrator 18.1.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
viewBox="-5 125 1034 378" enable-background="new -5 125 1034 378" xml:space="preserve">
<path fill="#7BD4E2" d="M848.1,130.5h173.3c0,60.2,0,120.7,0.2,181c0,4.2,0,12.6,0,12.6c-13.1-28.8-46.4-42.6-76.6-44.3
c-23.8-0.5-49.6,0.2-70.4,13.6c-10.9,8.2-26.8,31.7-26.8,31.7v-8.7C848.1,254.5,847.9,192.5,848.1,130.5z"/>
<path fill="#EBBC46" d="M650,184.1c57.8-1,115.8-0.5,173.6,0c0.5,46.1,1,92.2,0,138.4c-10.7-15.1-24.1-29.8-42.2-35.2
c-22.8-8.9-47.9-9.2-71.9-6c-24.8,4.2-52.7,19.1-59.6,44.9c0,0,0.1-9.7,0.1-14.6C650,269.1,649.8,226.7,650,184.1z"/>
<path fill="#4D4D4D" d="M2.6,235.2c11.7,0,23.3,0.2,34.7-0.2c1.7,55.5-0.2,111.3,1,167.1c12.6-7.9,26.3-15.4,41.4-16.6
c14.1-2,29.8-0.5,42.2-8.7c12.1-6.7,21.1-18.6,25.5-31.5c3.7-11.4,2.5-23.6,2.5-35.2c12.1-0.5,24.3,0,36.4-0.5
c3,25-1.5,51.8-16.6,72.4c-5.5,7.9-13.4,13.6-19.8,21.1c20.3,14.6,33.2,37.9,36.4,62.5c1,9.9,0.5,19.8,0.5,29.8
c-12.4-0.5-24.8,1-36.9-0.7c2-19.3,0-40.9-14.4-55.5c-22.6-26.3-69.2-22.8-87.8,6.4c-10.9,14.1-9.7,32.7-9.7,49.6
c-11.9,0.2-23.8,0.7-35.7-0.2C1.6,415.4,2.6,336.3,1.9,257C1.6,249.8,2.1,242.3,2.6,235.2z"/>
<path fill="#8AB97B" d="M451.9,234.7h174.6c-0.5,31.2-0.2,63,0,94.2c-7.7-21.8-27.8-37.9-49.8-43.4c-20.6-7.4-43.1-6.2-64.5-4.5
c-16.6,4.5-34.2,9.7-46.1,23.1c-6,5.7-9.7,13.1-14.1,20.1C451.7,294.2,452.2,264.4,451.9,234.7z"/>
<path fill="#4D4D4D" d="M199.3,309.8c11.9-0.2,24.1,0,36.2-0.2c0.7,61.7,0,123.7,0.2,185.5c-12.1,0-24.3,0.5-36.4-0.5
C199.8,433,199.5,371.3,199.3,309.8z"/>
<path fill="#4D4D4D" d="M659.9,346.5c17.1-22.8,45.6-36.7,73.9-36.2c37.7-0.5,74.4,24.8,86.8,60.7c7.4,17.4,5.5,36.4,5.7,54.5
c0,23.3,0.2,46.4-0.2,69.7c-12.4,0.5-24.8,1-36.9-0.7c0.5-30.5,0-61,0.2-91.2c0.2-15.4-6.4-30.2-17.4-40.9
c-11.9-11.7-29.3-16.9-45.6-14.9c-26.5,2-48.8,26.5-48.8,53.1c-0.2,31.5,0.2,63-0.2,94.5c-12.1,0.7-24.3,1.7-36.2,0
c-0.5-30.5,0-61.2-0.2-92C640.8,382.9,647.3,362.3,659.9,346.5z"/>
<path fill="#4D4D4D" d="M423.6,360.9c-14.9-29.3-45.9-49.6-78.8-50.3c-19.6-0.2-39.4-0.5-59,0.2c-1.7-24.8-0.2-49.6-0.7-74.4
c-12.1-0.5-24.5-0.5-36.9,0c0.2,56.5,0,112.8,0,169.3c0.2,36.4,25.3,70.9,59,83.8c17.4,6.2,36.7,8.7,54.8,4.2
c30.5-6.9,56.3-30.7,66.2-60.5C437,409.7,435,382.9,423.6,360.9z M357.2,456.8c-14.6,3.2-30.7,3-43.9-5c-17.6-9.2-28.5-29-28.3-48.6
c0.2-18.8-0.7-37.7,0.5-56.3c19.8,0.7,39.9-0.5,59.8,0.7c25.5,1.2,47.9,22.8,51.1,47.9C400.3,421.9,383,449.6,357.2,456.8z"/>
<path fill="#4D4D4D" d="M577.9,319.2c-17.4-9.2-37.9-10.7-57-7.7c-30.2,5.5-57,26.5-69.2,54.8c-10.2,23.6-9.4,51.6,1.2,74.9
c11.2,23.6,32.2,42.6,57.5,49.8c11.2,4,23.1,4,35,4.2c28.3-0.2,56.3,0.2,84.5,0c0-30.5,0-61,0-91.5
C631.2,368.3,609.6,333.8,577.9,319.2z M593.2,458.1c-21.6-0.2-43.4,1.2-64.7-1c-27.3-2.5-48.6-29.3-47.1-56.3
c-0.5-29.8,27.3-55.8,56.8-54.3c29-0.7,54.8,25.3,55,54.1C593.5,419.9,593.7,439,593.2,458.1z"/>
<path fill="#4D4D4D" d="M1021.7,383.7c-6.2-35.7-36.4-65.2-71.7-72.2c-20.6-3.5-42.6-1.5-61,8.7c-23.3,11.4-41.2,33.2-47.4,58.5
c-7.7,28.3-0.7,60.2,18.6,82.6c17.1,21.8,45.1,34,72.6,33.7c29.8,0.5,59.5,0.2,89.3,0C1021.7,457.8,1021.7,420.6,1021.7,383.7z
M987,458.3c-23.8-0.7-47.9,2-71.4-2.2c-30.5-7.4-48.3-43.6-37.2-72.6c7.9-23.3,32.2-38.9,56.8-36.4c28,0.5,51.8,26,52.1,53.8
C987,419.9,987.2,439.2,987,458.3z"/>
</svg>
<?xml version="1.0" encoding="utf-8"?>
<!-- Generator: Adobe Illustrator 21.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
viewBox="0 0 550 250" style="enable-background:new 0 0 550 250;" xml:space="preserve">
<style type="text/css">
.st0{fill:none;}
.st1{enable-background:new ;}
.st2{fill:#019B8F;}
.st3{fill:#3EBEB0;}
.st4{fill:#353535;}
.st5{fill:#F04E98;}
</style>
<rect x="245" y="104.5" class="st0" width="163" height="41"/>
<g class="st1">
<path d="M254.3,127.3l3.1-3.9l7.8-8.3h6.4l-10.4,11.1l11.1,14.8h-6.5l-8.3-11.4l-3,2.5v8.9h-5.5v-36.5h5.5v17.8l-0.3,5H254.3z"/>
<path d="M276.1,108.2c0-1,0.3-1.7,0.8-2.3s1.3-0.8,2.3-0.8c1,0,1.7,0.3,2.3,0.8s0.8,1.3,0.8,2.3c0,0.9-0.3,1.7-0.8,2.2
s-1.3,0.8-2.3,0.8c-1,0-1.8-0.3-2.3-0.8S276.1,109.1,276.1,108.2z M281.9,141h-5.5v-25.9h5.5V141z"/>
<path d="M303,114.6c3.2,0,5.8,1.2,7.6,3.5s2.7,5.6,2.7,9.9c0,4.2-0.9,7.6-2.7,9.9s-4.4,3.6-7.6,3.6c-3.3,0-5.8-1.2-7.6-3.5h-0.4
l-1,3.1h-4.1v-36.5h5.5v8.7c0,0.6,0,1.6-0.1,2.9s-0.1,2.1-0.1,2.4h0.2C297,115.9,299.6,114.6,303,114.6z M301.6,119.1
c-2.2,0-3.8,0.7-4.8,2s-1.5,3.5-1.5,6.6v0.4c0,3.2,0.5,5.4,1.5,6.9s2.6,2.1,4.9,2.1c2,0,3.4-0.8,4.4-2.3s1.5-3.8,1.5-6.7
C307.6,122,305.6,119.1,301.6,119.1z"/>
<path d="M335.9,141l-1.1-3.6h-0.2c-1.2,1.6-2.5,2.7-3.8,3.2s-2.9,0.9-4.9,0.9c-2.5,0-4.5-0.7-6-2.1s-2.1-3.3-2.1-5.8
c0-2.7,1-4.7,3-6c2-1.4,5-2.1,9.1-2.2l4.5-0.1v-1.4c0-1.7-0.4-2.9-1.2-3.7s-2-1.2-3.6-1.2c-1.3,0-2.6,0.2-3.8,0.6s-2.4,0.9-3.5,1.4
l-1.8-3.9c1.4-0.7,2.9-1.3,4.6-1.7s3.2-0.6,4.7-0.6c3.3,0,5.8,0.7,7.5,2.2s2.5,3.7,2.5,6.8V141H335.9z M327.7,137.2
c2,0,3.6-0.6,4.8-1.7s1.8-2.7,1.8-4.7v-2.2l-3.3,0.1c-2.6,0.1-4.5,0.5-5.7,1.3s-1.8,2-1.8,3.6c0,1.2,0.3,2.1,1,2.7
S326.3,137.2,327.7,137.2z"/>
<path d="M370.3,141h-5.5V125c0-2-0.4-3.5-1.2-4.5s-2.1-1.5-3.8-1.5c-2.3,0-4,0.7-5.1,2.1s-1.6,3.7-1.6,6.9V141h-5.5v-25.9h4.3
l0.8,3.4h0.3c0.8-1.2,1.9-2.2,3.3-2.9s3-1,4.8-1c6.2,0,9.3,3.2,9.3,9.5V141z"/>
<path d="M394.2,141l-1.1-3.6h-0.2c-1.2,1.6-2.5,2.7-3.8,3.2s-2.9,0.9-4.9,0.9c-2.5,0-4.5-0.7-6-2.1s-2.1-3.3-2.1-5.8
c0-2.7,1-4.7,3-6c2-1.4,5-2.1,9.1-2.2l4.5-0.1v-1.4c0-1.7-0.4-2.9-1.2-3.7s-2-1.2-3.6-1.2c-1.3,0-2.6,0.2-3.8,0.6s-2.4,0.9-3.5,1.4
l-1.8-3.9c1.4-0.7,2.9-1.3,4.6-1.7s3.2-0.6,4.7-0.6c3.3,0,5.8,0.7,7.5,2.2s2.5,3.7,2.5,6.8V141H394.2z M386,137.2
c2,0,3.6-0.6,4.8-1.7s1.8-2.7,1.8-4.7v-2.2l-3.3,0.1c-2.6,0.1-4.5,0.5-5.7,1.3s-1.8,2-1.8,3.6c0,1.2,0.3,2.1,1,2.7
S384.6,137.2,386,137.2z"/>
</g>
<g>
<g>
<path class="st2" d="M188.6,123.5L159,159v8h3.7l33-39.5C193.4,126,191.1,124.7,188.6,123.5z"/>
<path class="st3" d="M195.7,127.5l-33,39.5H219C219,150.9,209.9,136.6,195.7,127.5z"/>
</g>
<g>
<path class="st4" d="M159,159l29.6-35.5c-8.7-4.1-18.8-6.5-29.6-6.5V159z"/>
<path class="st5" d="M159,87v30c10.8,0,20.8,2.4,29.6,6.5L219,87H159z"/>
</g>
</g>
</svg>

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.4 KiB

After

Width:  |  Height:  |  Size: 2.9 KiB

4
templates/kibana/config.yml
View File

@ -1,4 +1,4 @@
name: "Kibana 4"
name: "Kibana"
description: "Visualization dashboard"
version: "4.6.3-rancher1"
version: "6.2.3-rancher1"
category: ELK

54
templates/logstash/4/docker-compose.yml Normal file
View File

@ -0,0 +1,54 @@
logstash-indexer-config:
restart: always
image: rancher/logstash-config:v0.2.0
labels:
io.rancher.container.hostname_override: container_name
redis:
restart: always
tty: true
image: redis:3.2.6-alpine
stdin_open: true
labels:
io.rancher.container.hostname_override: container_name
logstash-indexer:
restart: always
tty: true
volumes_from:
- logstash-indexer-config
command:
- logstash
- -f
- /etc/logstash
image: docker.elastic.co/logstash/logstash:6.2.3
links:
- redis:redis
external_links:
- ${elasticsearch_link}:elasticsearch
stdin_open: true
labels:
io.rancher.sidekicks: logstash-indexer-config
io.rancher.container.hostname_override: container_name
logstash-collector-config:
restart: always
image: rancher/logstash-config:v0.2.0
labels:
io.rancher.container.hostname_override: container_name
logstash-collector:
restart: always
tty: true
links:
- redis:redis
ports:
- "5000/udp"
- "6000/tcp"
volumes_from:
- logstash-collector-config
command:
- logstash
- -f
- /etc/logstash
image: docker.elastic.co/logstash/logstash:6.2.3
stdin_open: true
labels:
io.rancher.sidekicks: logstash-collector-config
io.rancher.container.hostname_override: container_name

73
templates/logstash/4/rancher-compose.yml Normal file
View File

@ -0,0 +1,73 @@
.catalog:
name: "Logstash"
version: "6.2.3-rancher1"
description: "Logstash: Process Any Data, From Any Source"
questions:
- variable: "collector_inputs"
description: |
Logstash collection tier inputs. These will be added
directly to input { } section of logstash.conf
label: "Logstash inputs"
type: "multiline"
required: true
default: |
udp {
port => 5000
codec => "json"
}
- variable: "indexer_filters"
description: |
Logstash indexing tier filters. These will be added
directly to filter { } section of logstash.conf
label: "Logstash filters"
type: "multiline"
required: false
default: ""
- variable: "indexer_outputs"
description: |
Logstash indexing tier outputs. These will be added
directly to output { } section of logstash.conf
label: "Logstash outputs"
type: "multiline"
required: true
default: |
elasticsearch {
hosts => ["elasticsearch.rancher.internal:9200"]
}
stdout {
codec => rubydebug
}
- variable: "elasticsearch_link"
description: |
stack/service link or external service link to elasticsearch
cluster.
label: "Elasticsearch stack/service"
default: "es/elasticsearch-clients"
required: true
type: "service"
logstash-indexer:
metadata:
logstash:
inputs: |
redis {
host => "redis.rancher.internal"
port => "6379"
data_type => "list"
key => "logstash"
}
filters: |
${indexer_filters}
outputs: |
${indexer_outputs}
logstash-collector:
metadata:
logstash:
inputs: |
${collector_inputs}
outputs: |
redis {
host => "redis.rancher.internal"
port => "6379"
data_type => "list"
key => "logstash"
}

200
templates/logstash/catalogIcon-logstash.svg
View File

File diff suppressed because one or more lines are too long
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 133 KiB

After

Width:  |  Height:  |  Size: 4.0 KiB

2
templates/logstash/config.yml
View File

@ -1,5 +1,5 @@
name: Logstash
description: |
Centralize data processing of all types
version: 5.1.1-rancher1
version: 6.2.3-rancher1
category: ELK

1
templates/mailhog/0/README.md Normal file
View File

@ -0,0 +1 @@
The mailhog catalog configuration provides SMTP access on the internal network by default. External SMTP access can be exposed through a TCP Rancher load balancer routing to internal port 25. The Mailhog UI can be exposed through an HTTP(S) Rancher Load Balancer routing to internal port 8025.

12
templates/mailhog/0/docker-compose.yml Normal file
View File

@ -0,0 +1,12 @@
version: '2'
services:
mailhog:
image: mailhog/mailhog:v1.0.0
environment:
MH_UI_WEB_PATH: ${mh_ui_web_path}
MH_SMTP_BIND_ADDR: ${mh_smtp_bind_addr}
stdin_open: true
tty: true
user: root
labels:
io.rancher.container.pull_image: always

15
templates/mailhog/0/rancher-compose.yml Normal file
View File

@ -0,0 +1,15 @@
.catalog:
name: MailHog
version: 0.0.1
description: MailHog E-mail Capture Tools
questions:
- variable: mh_ui_web_path
label: Web UI Path
type: string
description: Defines the URL path for viewing MailHog. Will use "/" if left blank.
- variable: mh_smtp_bind_addr
label: SMTP Bind Address
type: string
required: true
default: 0.0.0.0:25
description: Defines the IP/Port combination for the SMTP listener.

BIN
templates/mailhog/catalogIcon-mailhog.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.7 KiB

4
templates/mailhog/config.yml Normal file
View File

@ -0,0 +1,4 @@
name: MailHog
description: MailHog E-mail Capture Tools
version: 0.0.1
category: Services

28
templates/traefik/20/README.md
View File

@ -88,7 +88,7 @@ Use this labels if you choose extenal rancher integration.
WARNING: Only services with healthy state are added to traefik, so health checks are mandatory.
More info [rancher-traefik](https://github.com/rawmind0/rancher-traefik)
More info [rancher-traefik][rancher-traefik]
### Usage:
@ -102,4 +102,30 @@ More info [rancher-traefik](https://github.com/rawmind0/rancher-traefik)
Note: To access the services, you need to create A or CNAMES dns entries for every one.
### Usage examples
#### Setup Traefik for a custom domain
You must set these labels for the service your want to expose:
- traefik.enable = true
- traefik.port = 8080
- traefik.acme = true
- traefik.frontend.rule = Host:MyCustoDomain.com (`api` or `metadata` rancher integration)
- traefik.domain = MyCustoDomain.com (`external` rancher integration)
### F.A.Q
#### Q: Traefik doesn't apply labels
Depending on traefik rancher integration, available labels are differents.
- [api and metadata][traefik rancher backend]
- [external][rancher-traefik]
#### Q: Traefik doesn't expose my service
Depending on Traefik configuration we can diffenciate two cases:
- If you configured Traefik with label *rancher_healthcheck=true* -> ensure your service has a healthcheck
- If you configured Traefik without healthcheck, then check the Traefik log. Some times Traefik fails when try to load an invalid config and, before that, doesn't load new services -> restart Traefik should fix that
[traefik rancher backend]: https://docs.traefik.io/configuration/backends/rancher/#labels-overriding-default-behaviour
[rancher-traefik]: https://github.com/rawmind0/rancher-traefik

136
templates/traefik/21/README.md Normal file
View File

@ -0,0 +1,136 @@
# Traefik active load balancer
### Info:
This template deploys traefik active load balancers on top of Rancher. The configuration is generated and updated with confd from Rancher metadata.
It would be deployed in hosts with label traefik_lb=true.
### Config:
- rancher_integration = "metadata" # Rancher integration method.
- rancher_healthcheck = false # Enable/Disable traefik rancher services healthcheck filter. Only valid for api and metadata integration.
- usage_enable = false # Enable/disable send Traefik [anonymous usage collection](https://docs.traefik.io/basics/#collected-data)
- constraints = "" # Traefik constraints for rancher provider. Only valid for api and metadata integration.
- host_label = "traefik_lb=true" # Host label where to run traefik service.
- http_port = 8080 # Port exposed to get access to the published services.
- https_port = 8443 # Port exposed to get secured access to the published services.
- admin_port = 8000 # Port exposed to get admin access to the traefik service.
- admin_ssl = false # Enable/Disable ssl on api, rest, ping and webui using `ssl_key` and `ssl_crt`
- https_enable = <false | true | only>
- false: Enable http enpoints and disable https ones.
- true: Enable http and https endpoints.
- only: Enable https endpoints and redirect http to https.
- https_min_tls = "" # See the [traefik documentation](https://docs.traefik.io/configuration/entrypoints/#specify-minimum-tls-version) for allowed values.
- trusted_ips="" # Enable [proxyProtocol](https://docs.traefik.io/configuration/entrypoints/#proxyprotocol) and [forwardHeaders](https://docs.traefik.io/configuration/entrypoints/#forwarded-header) for these IPs (eg: "172.0.0.0/16,192.168.0.1")
- acme_enable = false # Enable/Disable acme traefik support. [acme](https://docs.traefik.io/configuration/acme/)
- acme_email = "test@traefik.io" # acme user email
- acme_challenge = http # acme challenge parameter. WIP to support dns.
- acme_onhostrule = true # acme onHostRule parameter.
- acme_caserver = "https://acme-v01.api.letsencrypt.org/directory" # acme caServer parameter.
- acme_vol_name = "traefik_acme_vol" # Volume name to user by acme sidekick
- acme_vol_driver = "local" # Volume driver to user by acme sidekick
- ssl_key # Paste your ssl key. *Required if you enable https
- ssl_crt # Paste your ssl crt. *Required if you enable https
- insecure_skip = false # Enable InsecureSkipVerify param.
- compress_enable = true # Enable traefik compression
- timeout_read="0" # respondingTimeouts [readTimeout](https://docs.traefik.io/configuration/commons/#responding-timeouts)
- timeout_write="0" # respondingTimeouts [writeTimeout](https://docs.traefik.io/configuration/commons/#responding-timeouts)
- timeout_idle="180" # respondingTimeouts [idleTimeout](https://docs.traefik.io/configuration/commons/#responding-timeouts)
- timeout_dial="30" # forwardingTimeouts [dialTimeout](https://docs.traefik.io/configuration/commons/#forwarding-timeouts)
- timeout_header="0" # forwardingTimeouts [responseHeaderTimeout](https://docs.traefik.io/configuration/commons/#forwarding-timeouts)
- refresh_interval = 10s # Interval to refresh traefik rules.toml from rancher-metadata.
- admin_readonly = false # Set REST API to read-only mode.
- admin_statistics = 10 # Enable more detailed statistics, extend recent errors number.
- admin_auth_method = "basic" # Selec auth method, basic or digest.
- admin_users = "" # Paste basic or digest users created with htdigest, one user per line.
- metrics_enable="false" # Enable/disable traefik [metrics](https://docs.traefik.io/configuration/metrics/)
- metrics_exporter="" # Metrics exporter prometheus | datadog | statsd | influxdb
- metrics_push="10" # Metrics exporter push interval (s). datadog | statsd | influxdb
- metrics_address="" # Metrics exporter address. datadog | statsd | influxdb
- metrics_prometheus_buckets="[0.1,0.3,1.2,5.0]" # Metrics buckets for prometheus
### Service configuration labels:
Traefik labels has to be added to your services, in order to get included in traefik config.
#### Metadata or api
Please use traefik defined labels if you choose metadata or api rancher integration.
[Traefik rancher backend labels][traefik rancher backend]
Metadata is the prefered and recommended rancher integration.
#### External
Use this labels if you choose extenal rancher integration.
- traefik.enable = < true | stack | false > #Controls if you want to publish or not the service
- true: the service will be published as *service_name.stack_name.traefik_domain*
- stack: the service will be published as *stack_name.domain*. WARNING: You can have collisions inside services within your stack
- false: the service will not be published
- traefik.priority = <priority> # Override for frontend priority. Default `5`
- traefik.protocol = < http | https > # Override the default protocol `http`
- traefik.sticky = < true | false > # Enable/disable sticky sessions to the backend. Default `false`
- traefik.backend.loadbalancer.method = < drr | wrr > # Override default lb algorithm `drr`
- traefik.backend.circuitbreaker.expression = < expression > # Override default backend circuitbreaker expression `NetworkErrorRatio() > 0.5`
- traefik.frontend.passHostHeader = < true | false > # Forward client Host header to the backend. Default `true`
- traefik.weight = < weight > # Override default backend weight `5`
- traefik.alias = < alias > # Alternate names to route rule. Multiple values separated by ",". traefik.domain is appended. WARNING: You could have collisions BE CAREFULL
- traefik.alias.fqdn = < alias fqdn > # Alternate names to route rule. Multiple values separated by ",". traefik.domain must be defined but is not appended here.
- traefik.domain = < domain.name > # Domain names to route rules. Multiple domains separated by ","
- traefik.domain.regexp = < domain.regexp > # Domain name regexp rule. Multiple domains separated by ","
- traefik.port = <port> # port to expose throught traefik. Default `80`
- traefik.acme = < true | false > # Enable/disable ACME traefik feature. Default `false`
- traefik.path = < path > # Path rule. Multiple values separated by ","
- traefik.path.strip = < path > # Path strip rule. Multiple values separated by ","
- traefik.path.prefix = < path > # Path prefix rule. Multiple values separated by ","
- traefik.path.prefix.strip = < path > # Path prefix strip rule. Multiple values separated by ","
- traefik.ratelimit.enable = < true | false > # Enable/disabe rate-limiting based on client ip. Default `false`
- traefik.ratelimit.period = < n > # Replace n with desired amount of seconds in which traefik is checking the limits "average" and "burst". Default `10`
- traefik.ratelimit.average = < n > # Change to desired average allowed requests by client ip. Default `100`
- traefik.ratelimit.burst = < n > # State what limit the client ip is allowed to burst up to respectively. Default `200`
WARNING: Only services with healthy state are added to traefik, so health checks are mandatory.
More info [rancher-traefik][rancher-traefik]
### Usage:
Select Traefik from catalog.
Set the params.
Click deploy.
Access your traefik admin service at $admin_port to see your published services.
Note: To access the services, you need to create A or CNAMES dns entries for every one.
### Usage examples
#### Setup Traefik for a custom domain
You must set these labels for the service your want to expose:
- traefik.enable = true
- traefik.port = 8080
- traefik.acme = true
- traefik.frontend.rule = Host:MyCustoDomain.com (`api` or `metadata` rancher integration)
- traefik.domain = MyCustoDomain.com (`external` rancher integration)
### F.A.Q
#### Q: Traefik doesn't apply labels
Depending on traefik rancher integration, available labels are differents.
- [api and metadata][traefik rancher backend]
- [external][rancher-traefik]
#### Q: Traefik doesn't expose my service
Depending on Traefik configuration we can diffenciate two cases:
- If you configured Traefik with label *rancher_healthcheck=true* -> ensure your service has a healthcheck
- If you configured Traefik without healthcheck, then check the Traefik log. Some times Traefik fails when try to load an invalid config and, before that, doesn't load new services -> restart Traefik should fix that
[traefik rancher backend]: https://docs.traefik.io/configuration/backends/rancher/#labels-overriding-default-behaviour
[rancher-traefik]: https://github.com/rawmind0/rancher-traefik

133
templates/traefik/21/docker-compose.yml.tpl Normal file
View File

@ -0,0 +1,133 @@
version: '2'
services:
traefik:
ports:
- ${admin_port}:${admin_port}/tcp
- ${http_port}:${http_port}/tcp
{{- if ne .Values.https_enable "false"}}
- ${https_port}:${https_port}/tcp
{{- end}}
labels:
io.rancher.scheduler.global: 'true'
io.rancher.scheduler.affinity:host_label: ${host_label}
io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name}
{{- if eq .Values.rancher_integration "api"}}
io.rancher.container.agent.role: environment
io.rancher.container.create_agent: 'true'
{{- end}}
{{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}}
io.rancher.sidekicks:
{{- if eq .Values.rancher_integration "external"}} traefik-conf
{{- if eq .Values.acme_enable "true" -}},{{- end -}}
{{- end -}}
{{- if eq .Values.acme_enable "true" -}}
{{- if ne .Values.rancher_integration "external"}} traefik-acme
{{- else -}}traefik-acme
{{- end -}}
{{- end -}}
{{- end}}
io.rancher.container.hostname_override: container_name
image: rawmind/alpine-traefik:1.5.4-1
environment:
- TRAEFIK_HTTP_PORT=${http_port}
- TRAEFIK_HTTP_COMPRESSION=${compress_enable}
- TRAEFIK_HTTPS_PORT=${https_port}
- TRAEFIK_HTTPS_ENABLE=${https_enable}
- TRAEFIK_HTTPS_COMPRESSION=${compress_enable}
- TRAEFIK_USAGE_ENABLE=${usage_enable}
- TRAEFIK_TIMEOUT_READ=${timeout_read}
- TRAEFIK_TIMEOUT_WRITE=${timeout_write}
- TRAEFIK_TIMEOUT_IDLE=${timeout_idle}
- TRAEFIK_TIMEOUT_DIAL=${timeout_dial}
- TRAEFIK_TIMEOUT_HEADER=${timeout_header}
{{- if ne .Values.https_min_tls ""}}
- TRAEFIK_HTTPS_MIN_TLS=${https_min_tls}
{{- end}}
{{- if ne .Values.trusted_ips ""}}
- TRAEFIK_TRUSTEDIPS=${trusted_ips}
{{- end}}
{{- if ne .Values.ssl_key ""}}
- TRAEFIK_SSL_KEY=${ssl_key}
{{- end}}
{{- if ne .Values.ssl_crt ""}}
- TRAEFIK_SSL_CRT=${ssl_crt}
{{- end}}
- TRAEFIK_INSECURE_SKIP=${insecure_skip}
- TRAEFIK_ADMIN_ENABLE=true
- TRAEFIK_ADMIN_PORT=${admin_port}
- TRAEFIK_ADMIN_SSL=${admin_ssl}
- TRAEFIK_ADMIN_STATISTICS=${admin_statistics}
- TRAEFIK_ADMIN_AUTH_METHOD=${admin_auth_method}
- TRAEFIK_ADMIN_AUTH_USERS=${admin_users}
{{- if eq .Values.acme_enable "true"}}
- TRAEFIK_ACME_ENABLE=${acme_enable}
- TRAEFIK_ACME_EMAIL=${acme_email}
- TRAEFIK_ACME_CHALLENGE=${acme_challenge}
- TRAEFIK_ACME_CHALLENGE_HTTP_ENTRYPOINT=http
- TRAEFIK_ACME_ONHOSTRULE=${acme_onhostrule}
- TRAEFIK_ACME_CASERVER=${acme_caserver}
{{- end}}
{{- if ne .Values.rancher_integration "external"}}
- TRAEFIK_RANCHER_ENABLE=true
- TRAEFIK_FILE_ENABLE=false
- TRAEFIK_CONSTRAINTS=${constraints}
- TRAEFIK_RANCHER_HEALTHCHECK=${rancher_healthcheck}
- TRAEFIK_RANCHER_MODE=${rancher_integration}
{{- else}}
- TRAEFIK_FILE_ENABLE=true
{{- end}}
{{- if eq .Values.metrics_enable "true"}}
- TRAEFIK_METRICS_ENABLE=${metrics_enable}
- TRAEFIK_METRICS_EXPORTER=${metrics_exporter}
- TRAEFIK_METRICS_PUSH=${metrics_push}
- TRAEFIK_METRICS_ADDRESS=${metrics_address}
- TRAEFIK_METRICS_PROMETHEUS_BUCKETS=${metrics_prometheus_buckets}
{{- end}}
{{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}}
volumes_from:
{{- if eq .Values.rancher_integration "external"}}
- traefik-conf
{{- end}}
{{- if eq .Values.acme_enable "true"}}
- traefik-acme
{{- end}}
{{- end}}
{{- if eq .Values.rancher_integration "external"}}
traefik-conf:
labels:
io.rancher.scheduler.global: 'true'
io.rancher.scheduler.affinity:host_label: ${host_label}
io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name}
io.rancher.container.start_once: 'true'
image: rawmind/rancher-traefik:1.5.0-0
network_mode: none
volumes:
- tools-volume:/opt/tools
{{- end}}
{{- if eq .Values.acme_enable "true"}}
traefik-acme:
network_mode: none
labels:
io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name}
io.rancher.container.hostname_override: container_name
io.rancher.container.start_once: true
environment:
- SERVICE_UID=10001
- SERVICE_GID=10001
- SERVICE_VOLUME=/opt/traefik/acme
volumes:
- ${acme_vol_name}:/opt/traefik/acme
image: rawmind/alpine-volume:0.0.2-1
{{- end}}
{{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}}
volumes:
{{- if eq .Values.rancher_integration "external"}}
tools-volume:
driver: local
per_container: true
{{- end}}
{{- if eq .Values.acme_enable "true"}}
${acme_vol_name}:
driver: ${acme_vol_driver}
{{- end}}
{{- end}}

277
templates/traefik/21/rancher-compose.yml Normal file
View File

@ -0,0 +1,277 @@
version: '2'
catalog:
name: traefik
version: v1.5.4-rancher1
description: |
Traefik load balancer.
minimum_rancher_version: v0.59.0
maintainer: "Raul Sanchez <rawmind@gmail.com>"
uuid: traefik-0
questions:
- variable: "rancher_integration"
label: "Choose rancher integration:"
description: |
Enable rancher integration mode. Traefik built in integration, metadata or api, or external sidekick integration with confd.
default: metadata
required: true
type: enum
options:
- metadata
- api
- external
- variable: "rancher_healthcheck"
description: |
Enable/disable rancher services healtcheck filter. If enable, just healthy services will be published.
Only valid for api and metadata integration.
label: "Rancher healthcheck filter:"
required: true
default: false
type: "boolean"
- variable: "usage_enable"
description: |
Enable/disable send anonymous usage collection to Traefik. See https://docs.traefik.io/basics/#collected-data
label: "Traefik send anonymous usage:"
required: true
default: false
type: "boolean"
- variable: "constraints"
description: |
Traefik constraints for rancher provider. Eg: "tag==api"
Only valid for api and metadata integration.
label: "Traefik constraints:"
required: false
default: ""
type: "string"
- variable: "host_label"
description: "Host label where to run traefik service."
label: "Host label:"
required: true
default: "traefik_lb=true"
type: "string"
- variable: "http_port"
description: "Traefik http public port to listen."
label: "Http port:"
required: true
default: 8080
type: "int"
- variable: "https_port"
description: "Traefik https public port to listen."
label: "Https port:"
required: true
default: 8443
type: "int"
- variable: "admin_port"
description: "Traefik admin public port to listen for api, rest, ping and webui."
label: "Admin port:"
required: true
default: 8000
type: "int"
- variable: "admin_ssl"
description: "Enable ssl for api, rest, ping and webui."
label: "Admin ssl:"
required: true
default: false
type: "boolean"
- variable: "https_enable"
label: "Https enable:"
description: |
Enable https working mode. If you activate, you need to fill SSL key and SSL crt in order to work.
default: false
required: true
type: enum
options:
- false
- true
- only
- variable: "https_min_tls"
description: |
Minimal allowed tls version to accept connections from.
See the traefik documentation for allowed values. Default is `VersionTLS12`.
label: "Https min tls:"
required: false
default: ""
type: "string"
- variable: "trusted_ips"
description: |
Enable proxyProtocol and forwardHeaders just for trusted IPs. Eg: `172.0.0.0/16,192.168.0.1`
See the traefik documentation for more info. Default is ``.
label: "Trusted IPs:"
required: false
default: ""
type: "string"
- variable: "acme_enable"
description: "Enable acme support on traefik."
label: "ACME enable:"
required: true
default: false
type: "boolean"
- variable: "acme_email"
description: "ACME user email."
label: "ACME email:"
required: true
default: "test@traefik.io"
type: "string"
- variable: "acme_challenge"
description: "ACME challenge."
label: "ACME challenge:"
required: true
default: http
type: enum
options: # List of options if using type of `enum`
- http
- variable: "acme_onhostrule"
description: "Enable acme onHostRule."
label: "ACME onHostRule:"
required: true
default: true
type: "boolean"
- variable: "acme_caserver"
description: "ACME caServer to use."
label: "ACME caServer:"
required: true
default: "https://acme-v01.api.letsencrypt.org/directory"
type: "string"
- variable: "acme_vol_name"
description: "The volume name shared to store ACME certs"
label: "ACME Volume Name"
required: true
default: "traefik_acme_vol"
type: "string"
- variable: "acme_vol_driver"
description: "The volume driver shared to store ACME certs"
label: "ACME Volume Driver"
required: true
default: "local"
type: enum
options: # List of options if using type of `enum`
- local
- rancher-nfs
- rancher-efs
- rancher-ebs
- variable: "ssl_key"
description: "SSL key to secure the service. *Required if you enable https or admin ssl"
label: "Https key"
type: "multiline"
required: false
default: ""
- variable: "ssl_crt"
description: "SSL cert to secure the service. *Required if you enable https or admin ssl"
label: "Https crt"
type: "multiline"
required: false
default: ""
- variable: "insecure_skip"
description: "Enable InsecureSkipVerify param."
label: "InsecureSkipVerify:"
required: true
default: false
type: "boolean"
- variable: "compress_enable"
label: "Enable compression:"
description: |
Enable Traefik compression for entrypoints.
default: true
required: true
type: "boolean"
- variable: "timeout_read"
label: "Timeout read:"
description: |
Traefik respondingTimeouts readTimeout (s).
default: 0
required: true
type: "int"
- variable: "timeout_write"
label: "Timeout write:"
description: |
Traefik respondingTimeouts writeTimeout (s).
default: 0
required: true
type: "int"
- variable: "timeout_idle"
label: "Timeout idle:"
description: |
Traefik respondingTimeouts idleTimeout (s).
default: 180
required: true
type: "int"
- variable: "timeout_dial"
label: "Timeout dial:"
description: |
Traefik forwardingTimeouts dialTimeout (s).
default: 30
required: true
type: "int"
- variable: "timeout_header"
label: "Timeout header:"
description: |
Traefik forwardingTimeouts responseHeaderTimeout (s).
default: 0
required: true
type: "int"
- variable: "admin_statistics"
description: "Enable more detailed statistics."
label: "Admin statistics history:"
required: true
default: 10
type: "int"
- variable: "admin_auth_method"
description: "Admin auth method on api, rest and webui."
label: "Admin auth method:"
required: true
default: "basic"
type: enum
options: # List of options if using type of `enum`
- basic
- digest
- variable: "admin_users"
description: "Admin auth user list on api, rest and webui. Generate with htpassword for basic or htdigest with traefik realm for digest."
label: "Admin users:"
type: "multiline"
required: false
default: ""
- variable: "metrics_enable"
description: "Enable traefik metrics."
label: "Metrics enable"
default: false
required: true
type: "boolean"
- variable: "metrics_exporter"
description: "Traefik metrics exporter."
label: "Metrics exporter:"
required: false
default:
type: enum
options: # List of options if using type of `enum`
- prometheus
- datadog
- statsd
- influxdb
- variable: "metrics_push"
description: "Traefik metrics exporter push interval. Apply on datadog, statsd and influxdb."
label: "Metrics push interval (s):"
required: false
default: 10
type: "int"
- variable: "metrics_address"
description: "Traefik metrics exporter address to push. Apply on datadog, statsd and influxdb."
label: "Metrics address:"
required: false
default: ""
type: "string"
- variable: "metrics_prometheus_buckets"
description: "Traefik metrics buckets for prometheus."
label: "Metrics prometheus buckets"
default: "[0.1,0.3,1.2,5.0]"
required: false
type: "string"
services:
traefik:
retain_ip: true
health_check:
healthy_threshold: 2
response_timeout: 5000
port: ${admin_port}
unhealthy_threshold: 3
interval: 5000
strategy: recreate

2
templates/traefik/config.yml
View File

@ -1,7 +1,7 @@
name: Traefik
description: |
Traefik active load balancer
version: v1.5.3-rancher1
version: v1.5.4-rancher1
category: Load Balancing
maintainer: "Raul Sanchez <rawmind@gmail.com>"
license: