diff --git a/README.md b/README.md index be5b888..5bc0397 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ This catalog provides templates created by the community, and they are not maintained or supported by Rancher Labs. # License -Copyright (c) 2014-2016 [Rancher Labs, Inc.](http://rancher.com) +Copyright (c) 2014-2017 [Rancher Labs, Inc.](http://rancher.com) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/infra-templates/alidns/1/README.md b/infra-templates/alidns/1/README.md new file mode 100644 index 0000000..dcc201f --- /dev/null +++ b/infra-templates/alidns/1/README.md @@ -0,0 +1,40 @@ +## Alibaba Cloud DNS + +Rancher External DNS service powered by Alibaba Cloud DNS + +#### Usage + +##### Supported host labels + +`io.rancher.host.external_dns_ip` +Override the IP address used in DNS records for containers running on the host. Defaults to the IP address the host is registered with in Rancher. + +`io.rancher.host.external_dns` +Accepts 'true' (default) or 'false' +When this is set to 'false' no DNS records will ever be created for containers running on this host. + +##### Supported service labels + +`io.rancher.service.external_dns` +Accepts 'always', 'never' or 'auto' (default) +- `always`: Always create DNS records for this service +- `never`: Never create DNS records for this service +- `auto`: Create DNS records for this service if it exposes ports on the host + +`io.rancher.service.external_dns_name_template` +Custom DNS name template that overrides global custom DNS name template (see below) of default DNS name template for a specific service + +##### Custom DNS name template + +By default DNS entries are named `...`. +You can specify a custom name template used to construct the subdomain part (left of the domain/zone name) of the DNS records. The following placeholders are supported: + +* `%{{service_name}}` +* `%{{stack_name}}` +* `%{{environment_name}}` + +**Example:** + +`%{{stack_name}}-%{{service_name}}.statictext` + +Make sure to only use characters in static text and separators that your provider allows in DNS names. diff --git a/infra-templates/alidns/1/docker-compose.yml b/infra-templates/alidns/1/docker-compose.yml new file mode 100644 index 0000000..478af9e --- /dev/null +++ b/infra-templates/alidns/1/docker-compose.yml @@ -0,0 +1,14 @@ +alidns: + image: rancher/external-dns:v0.7.5 + command: -provider=alidns + expose: + - 1000 + environment: + ALICLOUD_ACCESS_KEY_ID: ${ALICLOUD_ACCESS_KEY_ID} + ALICLOUD_ACCESS_KEY_SECRET: ${ALICLOUD_ACCESS_KEY_SECRET} + ROOT_DOMAIN: ${ROOT_DOMAIN} + NAME_TEMPLATE: ${NAME_TEMPLATE} + TTL: ${TTL} + labels: + io.rancher.container.create_agent: "true" + io.rancher.container.agent.role: "external-dns" diff --git a/infra-templates/alidns/1/rancher-compose.yml b/infra-templates/alidns/1/rancher-compose.yml new file mode 100644 index 0000000..1e6bc62 --- /dev/null +++ b/infra-templates/alidns/1/rancher-compose.yml @@ -0,0 +1,48 @@ +# notemplating +.catalog: + name: "Alibaba Cloud DNS" + version: "v0.2.0" + description: "Rancher External DNS service powered by Alibaba Cloud" + minimum_rancher_version: v1.6.8-rc1 + questions: + - variable: "ALICLOUD_ACCESS_KEY_ID" + label: "Access Key ID" + description: "Access key id for your Alibaba Cloud account" + type: "string" + required: true + - variable: "ALICLOUD_ACCESS_KEY_SECRET" + label: "Access Key Secret" + description: "Access key secret for your Alibaba Cloud account" + type: "string" + required: true + - variable: "ROOT_DOMAIN" + label: "Domain" + description: "The DNS zone (domain) managed by Alibaba Cloud. DNS entries will be created for ..." + type: "string" + required: true + - variable: "TTL" + label: "TTL" + description: "The resource record cache time to live (TTL), in seconds" + type: "int" + default: 600 + min: 1 + max: 86400 + required: false + - variable: "NAME_TEMPLATE" + label: "DNS Name Template" + description: | + Name template used to construct the subdomain part (left of the domain) of the DNS record names. + Supported placeholders: %{{service_name}}, %{{stack_name}}, %{{environment_name}}. + By default DNS entries will be named '...'. + type: "string" + default: "%{{service_name}}.%{{stack_name}}.%{{environment_name}}" + required: false + +alidns: + health_check: + port: 1000 + interval: 5000 + unhealthy_threshold: 3 + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 diff --git a/infra-templates/alidns/2/README.md b/infra-templates/alidns/2/README.md new file mode 100644 index 0000000..dcc201f --- /dev/null +++ b/infra-templates/alidns/2/README.md @@ -0,0 +1,40 @@ +## Alibaba Cloud DNS + +Rancher External DNS service powered by Alibaba Cloud DNS + +#### Usage + +##### Supported host labels + +`io.rancher.host.external_dns_ip` +Override the IP address used in DNS records for containers running on the host. Defaults to the IP address the host is registered with in Rancher. + +`io.rancher.host.external_dns` +Accepts 'true' (default) or 'false' +When this is set to 'false' no DNS records will ever be created for containers running on this host. + +##### Supported service labels + +`io.rancher.service.external_dns` +Accepts 'always', 'never' or 'auto' (default) +- `always`: Always create DNS records for this service +- `never`: Never create DNS records for this service +- `auto`: Create DNS records for this service if it exposes ports on the host + +`io.rancher.service.external_dns_name_template` +Custom DNS name template that overrides global custom DNS name template (see below) of default DNS name template for a specific service + +##### Custom DNS name template + +By default DNS entries are named `...`. +You can specify a custom name template used to construct the subdomain part (left of the domain/zone name) of the DNS records. The following placeholders are supported: + +* `%{{service_name}}` +* `%{{stack_name}}` +* `%{{environment_name}}` + +**Example:** + +`%{{stack_name}}-%{{service_name}}.statictext` + +Make sure to only use characters in static text and separators that your provider allows in DNS names. diff --git a/infra-templates/alidns/2/docker-compose.yml b/infra-templates/alidns/2/docker-compose.yml new file mode 100644 index 0000000..04ba618 --- /dev/null +++ b/infra-templates/alidns/2/docker-compose.yml @@ -0,0 +1,14 @@ +alidns: + image: rancher/external-dns:v0.7.9 + command: -provider=alidns + expose: + - 1000 + environment: + ALICLOUD_ACCESS_KEY_ID: ${ALICLOUD_ACCESS_KEY_ID} + ALICLOUD_ACCESS_KEY_SECRET: ${ALICLOUD_ACCESS_KEY_SECRET} + ROOT_DOMAIN: ${ROOT_DOMAIN} + NAME_TEMPLATE: ${NAME_TEMPLATE} + TTL: ${TTL} + labels: + io.rancher.container.create_agent: "true" + io.rancher.container.agent.role: "external-dns" diff --git a/infra-templates/alidns/2/rancher-compose.yml b/infra-templates/alidns/2/rancher-compose.yml new file mode 100644 index 0000000..3239b50 --- /dev/null +++ b/infra-templates/alidns/2/rancher-compose.yml @@ -0,0 +1,48 @@ +# notemplating +.catalog: + name: "Alibaba Cloud DNS" + version: "v0.3.0" + description: "Rancher External DNS service powered by Alibaba Cloud" + minimum_rancher_version: v1.6.13-rc1 + questions: + - variable: "ALICLOUD_ACCESS_KEY_ID" + label: "Access Key ID" + description: "Access key id for your Alibaba Cloud account" + type: "string" + required: true + - variable: "ALICLOUD_ACCESS_KEY_SECRET" + label: "Access Key Secret" + description: "Access key secret for your Alibaba Cloud account" + type: "string" + required: true + - variable: "ROOT_DOMAIN" + label: "Domain" + description: "The DNS zone (domain) managed by Alibaba Cloud. DNS entries will be created for ..." + type: "string" + required: true + - variable: "TTL" + label: "TTL" + description: "The resource record cache time to live (TTL), in seconds" + type: "int" + default: 600 + min: 1 + max: 86400 + required: false + - variable: "NAME_TEMPLATE" + label: "DNS Name Template" + description: | + Name template used to construct the subdomain part (left of the domain) of the DNS record names. + Supported placeholders: %{{service_name}}, %{{stack_name}}, %{{environment_name}}. + By default DNS entries will be named '...'. + type: "string" + default: "%{{service_name}}.%{{stack_name}}.%{{environment_name}}" + required: false + +alidns: + health_check: + port: 1000 + interval: 5000 + unhealthy_threshold: 3 + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 diff --git a/infra-templates/alidns/config.yml b/infra-templates/alidns/config.yml index fb9788c..94f4a33 100644 --- a/infra-templates/alidns/config.yml +++ b/infra-templates/alidns/config.yml @@ -1,7 +1,7 @@ name: Alibaba Cloud DNS description: | Rancher External DNS service powered by Alibaba Cloud -version: v0.1.0 +version: v0.3.0 category: External DNS labels: io.rancher.orchestration.supported: 'cattle,mesos,swarm,kubernetes' diff --git a/templates/autospotting/0/README.md b/infra-templates/autospotting/0/README.md similarity index 100% rename from templates/autospotting/0/README.md rename to infra-templates/autospotting/0/README.md diff --git a/templates/autospotting/0/docker-compose.yml b/infra-templates/autospotting/0/docker-compose.yml similarity index 100% rename from templates/autospotting/0/docker-compose.yml rename to infra-templates/autospotting/0/docker-compose.yml diff --git a/templates/autospotting/0/rancher-compose.yml b/infra-templates/autospotting/0/rancher-compose.yml similarity index 100% rename from templates/autospotting/0/rancher-compose.yml rename to infra-templates/autospotting/0/rancher-compose.yml diff --git a/templates/autospotting/catalogIcon-autospotting.svg b/infra-templates/autospotting/catalogIcon-auttospotting.svg similarity index 100% rename from templates/autospotting/catalogIcon-autospotting.svg rename to infra-templates/autospotting/catalogIcon-auttospotting.svg diff --git a/templates/autospotting/config.yml b/infra-templates/autospotting/config.yml similarity index 100% rename from templates/autospotting/config.yml rename to infra-templates/autospotting/config.yml diff --git a/infra-templates/aws-spot-instance-helper/0/README.md b/infra-templates/aws-spot-instance-helper/0/README.md new file mode 100644 index 0000000..36f22f1 --- /dev/null +++ b/infra-templates/aws-spot-instance-helper/0/README.md @@ -0,0 +1,7 @@ +# AWS Spot Instance Helper + +### Info +This is a simple service that runs globally. It monitors the state of the host, if the host is running on a spot instance it will check to see if the host is scheduled for termination then it will automatically deactive the host and evaculate the containers. + +The source code is available at [https://www.github.com/chrisurwin/aws-spot-instance-helper](https://www.github.com/chrisurwin/aws-spot-instance-helper) + diff --git a/infra-templates/aws-spot-instance-helper/0/docker-compose.yml b/infra-templates/aws-spot-instance-helper/0/docker-compose.yml new file mode 100644 index 0000000..d88c501 --- /dev/null +++ b/infra-templates/aws-spot-instance-helper/0/docker-compose.yml @@ -0,0 +1,8 @@ +aws-spot-instance-helper: + image: chrisurwin/aws-spot-instance-helper:v0.1.0 + tty: true + labels: + io.rancher.container.create_agent: 'true' + io.rancher.container.agent.role: environment + io.rancher.container.pull_image: always + io.rancher.scheduler.global: 'true' \ No newline at end of file diff --git a/infra-templates/aws-spot-instance-helper/0/rancher-compose.yml b/infra-templates/aws-spot-instance-helper/0/rancher-compose.yml new file mode 100644 index 0000000..a98b942 --- /dev/null +++ b/infra-templates/aws-spot-instance-helper/0/rancher-compose.yml @@ -0,0 +1,16 @@ +.catalog: + name: "AWS Spot Instance Helper" + version: "v0.1.0" + description: "AWS Spot Instance Helper" + minimum_rancher_version: v1.5.5 + + +aws-spot-instance-helper: + health_check: + port: 9777 + interval: 2000 + unhealthy_threshold: 3 + strategy: recreate + response_timeout: 2000 + request_line: GET /ping HTTP/1.0 + healthy_threshold: 2 \ No newline at end of file diff --git a/infra-templates/aws-spot-instance-helper/1/README.md b/infra-templates/aws-spot-instance-helper/1/README.md new file mode 100644 index 0000000..8451599 --- /dev/null +++ b/infra-templates/aws-spot-instance-helper/1/README.md @@ -0,0 +1,9 @@ +# AWS Spot Instance Helper + +### Info +This is a simple service that runs globally. It monitors the state of the host, if the host is running on a spot instance it will check to see if the host is scheduled for termination then it will automatically deactive the host and evaculate the containers. + +The source code is available at [https://www.github.com/chrisurwin/aws-spot-instance-helper](https://www.github.com/chrisurwin/aws-spot-instance-helper) + +This version support notification to slack. + diff --git a/infra-templates/aws-spot-instance-helper/1/docker-compose.yml b/infra-templates/aws-spot-instance-helper/1/docker-compose.yml new file mode 100644 index 0000000..b84671c --- /dev/null +++ b/infra-templates/aws-spot-instance-helper/1/docker-compose.yml @@ -0,0 +1,10 @@ +aws-spot-instance-helper: + image: chrisurwin/aws-spot-instance-helper:v0.2.0 + tty: true + labels: + io.rancher.container.create_agent: 'true' + io.rancher.container.agent.role: environment + io.rancher.container.pull_image: always + io.rancher.scheduler.global: 'true' + environment: + SLACK_WEBHOOK: "${SLACK_WEBHOOK}" \ No newline at end of file diff --git a/infra-templates/aws-spot-instance-helper/1/rancher-compose.yml b/infra-templates/aws-spot-instance-helper/1/rancher-compose.yml new file mode 100644 index 0000000..044feb9 --- /dev/null +++ b/infra-templates/aws-spot-instance-helper/1/rancher-compose.yml @@ -0,0 +1,21 @@ +.catalog: + name: "AWS Spot Instance Helper" + version: "v0.2.0" + description: "AWS Spot Instance Helper" + minimum_rancher_version: v1.5.5 + questions: + - variable: "SLACK_WEBHOOK" + description: "Slack Webhook" + label: "Slack Webhook" + required: false + type: "string" + +aws-spot-instance-helper: + health_check: + port: 9777 + interval: 2000 + unhealthy_threshold: 3 + strategy: recreate + response_timeout: 2000 + request_line: GET /ping HTTP/1.0 + healthy_threshold: 2 \ No newline at end of file diff --git a/infra-templates/aws-spot-instance-helper/catalogIcon-rahc.svg b/infra-templates/aws-spot-instance-helper/catalogIcon-rahc.svg new file mode 100644 index 0000000..b585445 --- /dev/null +++ b/infra-templates/aws-spot-instance-helper/catalogIcon-rahc.svg @@ -0,0 +1,25 @@ + + + + + + + + diff --git a/infra-templates/aws-spot-instance-helper/config.yml b/infra-templates/aws-spot-instance-helper/config.yml new file mode 100644 index 0000000..f010504 --- /dev/null +++ b/infra-templates/aws-spot-instance-helper/config.yml @@ -0,0 +1,5 @@ +name: AWS Spot Instance Helper +description: | + Automatically evacuates spot instances that are marked for termination +version: v0.2.0 +category: Rancher Services \ No newline at end of file diff --git a/infra-templates/gandi-dns/1/docker-compose.yml b/infra-templates/gandi-dns/1/docker-compose.yml new file mode 100644 index 0000000..1dbedba --- /dev/null +++ b/infra-templates/gandi-dns/1/docker-compose.yml @@ -0,0 +1,13 @@ +gandidns: + image: rancher/external-dns:v0.7.6 + command: -provider=gandi + expose: + - 1000 + environment: + GANDI_APIKEY: ${GANDI_APIKEY} + ROOT_DOMAIN: ${ROOT_DOMAIN} + NAME_TEMPLATE: ${NAME_TEMPLATE} + TTL: ${TTL} + labels: + io.rancher.container.create_agent: "true" + io.rancher.container.agent.role: "external-dns" diff --git a/infra-templates/gandi-dns/1/rancher-compose.yml b/infra-templates/gandi-dns/1/rancher-compose.yml new file mode 100644 index 0000000..85cfce6 --- /dev/null +++ b/infra-templates/gandi-dns/1/rancher-compose.yml @@ -0,0 +1,43 @@ +# notemplating +.catalog: + name: "Gandi DNS" + version: "v0.1.1" + description: "Rancher External DNS service powered by Gandi. Requires Rancher version v1.1.0" + maintainer: "Frederic Leger " + minimum_rancher_version: v1.6.0-rc1 + #maximum_rancher_version: + questions: + - variable: "GANDI_APIKEY" + label: "Gandi API key" + description: "API key for your Gandi account" + type: "string" + required: true + - variable: "ROOT_DOMAIN" + label: "Root Domain" + description: "The domain name managed by Gandi." + type: "string" + required: true + - variable: "TTL" + label: "TTL" + description: "The resource record cache time to live (TTL), in seconds (minimum 300)" + type: "int" + default: 300 + required: false + - variable: "NAME_TEMPLATE" + label: "DNS Name Template" + description: | + Name template used to construct the subdomain part (left of the root domain name) of the DNS record names. + Supported placeholders: %{{service_name}}, %{{stack_name}}, %{{environment_name}}. + By default DNS entries will be named '...'. + type: "string" + default: "%{{service_name}}.%{{stack_name}}.%{{environment_name}}" + required: false + +gandidns: + health_check: + port: 1000 + interval: 15000 + unhealthy_threshold: 2 + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 diff --git a/infra-templates/gandi-dns/config.yml b/infra-templates/gandi-dns/config.yml index 061b35b..ebd316b 100644 --- a/infra-templates/gandi-dns/config.yml +++ b/infra-templates/gandi-dns/config.yml @@ -1,7 +1,7 @@ name: GANDI DNS description: | Rancher External DNS service powered by Gandi.net -version: v0.1.0 +version: v0.1.1 category: External DNS labels: - io.rancher.orchestration.supported: 'cattle,mesos,swarm,kubernetes' \ No newline at end of file + io.rancher.orchestration.supported: 'cattle,mesos,swarm,kubernetes' diff --git a/infra-templates/infoblox/0/README.md b/infra-templates/infoblox/0/README.md new file mode 100644 index 0000000..3f3636b --- /dev/null +++ b/infra-templates/infoblox/0/README.md @@ -0,0 +1,40 @@ +## Infoblox DNS + +Rancher External DNS service powered by Infoblox DNS + +#### Usage + +##### Supported host labels + +`io.rancher.host.external_dns_ip` +Override the IP address used in DNS records for containers running on the host. Defaults to the IP address the host is registered with in Rancher. + +`io.rancher.host.external_dns` +Accepts 'true' (default) or 'false' +When this is set to 'false' no DNS records will ever be created for containers running on this host. + +##### Supported service labels + +`io.rancher.service.external_dns` +Accepts 'always', 'never' or 'auto' (default) +- `always`: Always create DNS records for this service +- `never`: Never create DNS records for this service +- `auto`: Create DNS records for this service if it exposes ports on the host + +`io.rancher.service.external_dns_name_template` +Custom DNS name template that overrides global custom DNS name template (see below) of default DNS name template for a specific service + +##### Custom DNS name template + +By default DNS entries are named `...`. +You can specify a custom name template used to construct the subdomain part (left of the domain/zone name) of the DNS records. The following placeholders are supported: + +* `%{{service_name}}` +* `%{{stack_name}}` +* `%{{environment_name}}` + +**Example:** + +`%{{stack_name}}-%{{service_name}}.statictext` + +Make sure to only use characters in static text and separators that your provider allows in DNS names. \ No newline at end of file diff --git a/infra-templates/infoblox/0/docker-compose.yml b/infra-templates/infoblox/0/docker-compose.yml new file mode 100644 index 0000000..fb89ebc --- /dev/null +++ b/infra-templates/infoblox/0/docker-compose.yml @@ -0,0 +1,16 @@ +infoblox: + image: rancher/external-dns:v0.7.5 + command: -provider=infoblox + expose: + - 1000 + environment: + INFOBLOX_URL: ${INFOBLOX_URL} + INFOBLOX_USER_NAME: ${INFOBLOX_USER_NAME} + INFOBLOX_PASSWORD: ${INFOBLOX_PASSWORD} + ROOT_DOMAIN: ${ROOT_DOMAIN} + SSL_VERIFY: ${SSL_VERIFY} + USE_COOKIES: ${USE_COOKIES} + TTL: ${TTL} + labels: + io.rancher.container.create_agent: "true" + io.rancher.container.agent.role: "external-dns" diff --git a/infra-templates/infoblox/0/rancher-compose.yml b/infra-templates/infoblox/0/rancher-compose.yml new file mode 100644 index 0000000..0ddd99d --- /dev/null +++ b/infra-templates/infoblox/0/rancher-compose.yml @@ -0,0 +1,63 @@ +# notemplating +.catalog: + name: "Infoblox DNS" + version: "v0.1.0" + description: "Rancher External DNS service powered by Infoblox" + minimum_rancher_version: v1.6.0 + questions: + - variable: "INFOBLOX_URL" + label: "Infoblox url" + description: "Infoblox url for your Infoblox service" + type: "string" + required: true + - variable: "INFOBLOX_USER_NAME" + label: "Infoblox user name" + description: "Infoblox user name for your Infoblox service" + type: "string" + required: true + - variable: "INFOBLOX_PASSWORD" + label: "Infoblox password" + description: "Infoblox password for your Infoblox service" + type: "string" + required: true + - variable: "SSL_VERIFY" + label: "Ssl verify" + description: "Infoblox Ssl verify for your Infoblox service" + type: "boolean" + required: true + - variable: "USE_COOKIES" + label: "Use cookies" + description: "Uses cookies if specified, re-creating the request and falling back to basic auth if a cookie is not present" + type: "boolean" + required: true + - variable: "ROOT_DOMAIN" + label: "Domain" + description: "The DNS zone name (root domain) managed by Infoblox. DNS entries will be created for ..." + type: "string" + required: true + - variable: "TTL" + label: "TTL" + description: "The resource record cache time to live (TTL), in seconds" + type: "int" + default: 600 + min: 1 + max: 86400 + required: false + - variable: "NAME_TEMPLATE" + label: "DNS Name Template" + description: | + Name template used to construct the subdomain part (left of the domain) of the DNS record names. + Supported placeholders: %{{service_name}}, %{{stack_name}}, %{{environment_name}}. + By default DNS entries will be named '...'. + type: "string" + default: "%{{service_name}}.%{{stack_name}}.%{{environment_name}}" + required: false + +infoblox: + health_check: + port: 1000 + interval: 5000 + unhealthy_threshold: 3 + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 \ No newline at end of file diff --git a/infra-templates/infoblox/1/README.md b/infra-templates/infoblox/1/README.md new file mode 100644 index 0000000..3f3636b --- /dev/null +++ b/infra-templates/infoblox/1/README.md @@ -0,0 +1,40 @@ +## Infoblox DNS + +Rancher External DNS service powered by Infoblox DNS + +#### Usage + +##### Supported host labels + +`io.rancher.host.external_dns_ip` +Override the IP address used in DNS records for containers running on the host. Defaults to the IP address the host is registered with in Rancher. + +`io.rancher.host.external_dns` +Accepts 'true' (default) or 'false' +When this is set to 'false' no DNS records will ever be created for containers running on this host. + +##### Supported service labels + +`io.rancher.service.external_dns` +Accepts 'always', 'never' or 'auto' (default) +- `always`: Always create DNS records for this service +- `never`: Never create DNS records for this service +- `auto`: Create DNS records for this service if it exposes ports on the host + +`io.rancher.service.external_dns_name_template` +Custom DNS name template that overrides global custom DNS name template (see below) of default DNS name template for a specific service + +##### Custom DNS name template + +By default DNS entries are named `...`. +You can specify a custom name template used to construct the subdomain part (left of the domain/zone name) of the DNS records. The following placeholders are supported: + +* `%{{service_name}}` +* `%{{stack_name}}` +* `%{{environment_name}}` + +**Example:** + +`%{{stack_name}}-%{{service_name}}.statictext` + +Make sure to only use characters in static text and separators that your provider allows in DNS names. \ No newline at end of file diff --git a/infra-templates/infoblox/1/docker-compose.yml b/infra-templates/infoblox/1/docker-compose.yml new file mode 100644 index 0000000..9208a36 --- /dev/null +++ b/infra-templates/infoblox/1/docker-compose.yml @@ -0,0 +1,16 @@ +infoblox: + image: rancher/external-dns:v0.7.8 + command: -provider=infoblox + expose: + - 1000 + environment: + INFOBLOX_URL: ${INFOBLOX_URL} + INFOBLOX_USER_NAME: ${INFOBLOX_USER_NAME} + INFOBLOX_PASSWORD: ${INFOBLOX_PASSWORD} + ROOT_DOMAIN: ${ROOT_DOMAIN} + SSL_VERIFY: ${SSL_VERIFY} + USE_COOKIES: ${USE_COOKIES} + TTL: ${TTL} + labels: + io.rancher.container.create_agent: "true" + io.rancher.container.agent.role: "external-dns" diff --git a/infra-templates/infoblox/1/rancher-compose.yml b/infra-templates/infoblox/1/rancher-compose.yml new file mode 100644 index 0000000..809f055 --- /dev/null +++ b/infra-templates/infoblox/1/rancher-compose.yml @@ -0,0 +1,63 @@ +# notemplating +.catalog: + name: "Infoblox DNS" + version: "v0.2.0" + description: "Rancher External DNS service powered by Infoblox" + minimum_rancher_version: v1.6.0 + questions: + - variable: "INFOBLOX_URL" + label: "Infoblox url" + description: "Infoblox url for your Infoblox service" + type: "string" + required: true + - variable: "INFOBLOX_USER_NAME" + label: "Infoblox user name" + description: "Infoblox user name for your Infoblox service" + type: "string" + required: true + - variable: "INFOBLOX_PASSWORD" + label: "Infoblox password" + description: "Infoblox password for your Infoblox service" + type: "password" + required: true + - variable: "SSL_VERIFY" + label: "Ssl verify" + description: "Infoblox Ssl verify for your Infoblox service" + type: "boolean" + required: true + - variable: "USE_COOKIES" + label: "Use cookies" + description: "Uses cookies if specified, re-creating the request and falling back to basic auth if a cookie is not present" + type: "boolean" + required: true + - variable: "ROOT_DOMAIN" + label: "Domain" + description: "The DNS zone name (root domain) managed by Infoblox. DNS entries will be created for ..." + type: "string" + required: true + - variable: "TTL" + label: "TTL" + description: "The resource record cache time to live (TTL), in seconds" + type: "int" + default: 600 + min: 1 + max: 86400 + required: false + - variable: "NAME_TEMPLATE" + label: "DNS Name Template" + description: | + Name template used to construct the subdomain part (left of the domain) of the DNS record names. + Supported placeholders: %{{service_name}}, %{{stack_name}}, %{{environment_name}}. + By default DNS entries will be named '...'. + type: "string" + default: "%{{service_name}}.%{{stack_name}}.%{{environment_name}}" + required: false + +infoblox: + health_check: + port: 1000 + interval: 5000 + unhealthy_threshold: 3 + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 diff --git a/infra-templates/infoblox/catalogIcon-infoblox.png b/infra-templates/infoblox/catalogIcon-infoblox.png new file mode 100644 index 0000000..62ac6a9 Binary files /dev/null and b/infra-templates/infoblox/catalogIcon-infoblox.png differ diff --git a/infra-templates/infoblox/config.yml b/infra-templates/infoblox/config.yml new file mode 100644 index 0000000..835d88d --- /dev/null +++ b/infra-templates/infoblox/config.yml @@ -0,0 +1,7 @@ +name: Infoblox DNS +description: | + Rancher External DNS service powered by Infoblox +version: v0.2.0 +category: External DNS +labels: + io.rancher.orchestration.supported: 'cattle,mesos,swarm,kubernetes' diff --git a/machine-templates/aliyunecs/catalogIcon-aliyunecs.png b/machine-templates/aliyunecs/catalogIcon-aliyunecs.png new file mode 100644 index 0000000..5f6c08a Binary files /dev/null and b/machine-templates/aliyunecs/catalogIcon-aliyunecs.png differ diff --git a/machine-templates/profitbricks/1/rancher-compose.yml b/machine-templates/profitbricks/1/rancher-compose.yml new file mode 100644 index 0000000..1651309 --- /dev/null +++ b/machine-templates/profitbricks/1/rancher-compose.yml @@ -0,0 +1,3 @@ +.catalog: + name: "profitbricks" + version: "v1.3.3" \ No newline at end of file diff --git a/machine-templates/profitbricks/1/uiUrl b/machine-templates/profitbricks/1/uiUrl new file mode 100644 index 0000000..87ba1ff --- /dev/null +++ b/machine-templates/profitbricks/1/uiUrl @@ -0,0 +1 @@ +https://profitbricks.github.io/ui-driver-profitbricks/docs/1.2.0/component.js \ No newline at end of file diff --git a/machine-templates/profitbricks/1/url b/machine-templates/profitbricks/1/url new file mode 100644 index 0000000..2abec63 --- /dev/null +++ b/machine-templates/profitbricks/1/url @@ -0,0 +1 @@ +https://github.com/profitbricks/docker-machine-driver-profitbricks/releases/download/v1.3.3/docker-machine-driver-profitbricks-v1.3.3-linux-amd64.tar.gz \ No newline at end of file diff --git a/templates/avi/1/README.md b/templates/avi/1/README.md new file mode 100644 index 0000000..907b75e --- /dev/null +++ b/templates/avi/1/README.md @@ -0,0 +1,32 @@ +Avi Vantage Platform Load Balancer Provider +======== + +## About Avi Vantage Platform +The [Avi Vantage Platform](https://avinetworks.com/software-load-balancer-for-any-cloud/) is built on software-defined architectural principles to create a centrally managed pool of distributed load balancers to deliver application services close to the applications. + +## About this provider +This provider load balances Rancher services using Avi Vantage Platform Load Balancer. It uses REST API to update the Avi controller which enables the Avi Service Engines to load balance the Rancher Services. + +## Usage + +1. Deploy the stack for this provider from Rancher Community Catalog. + While deploying, you need to give the username, password (optional, + read below), Avi Controller IP address, Avi Controller Port, the + Cloud name where Virtual Services and Pools are created. +2. Create Virtual Services using Avi Controller console. Make sure you + create VS in given cloud in Avi. Leave the Virtual Service pool as + empty. Configure any policies or rules for Virtual Service. +3. Create services in Rancher with public host port mapping and adding + label `io.rancher.service.external_lb.endpoint` with value as Virtual + Service name created in previous step. You can scale out/in the + service or stop the service and the changes will get reflected on Avi + Controller and Service Engine. + +### Using Rancher Secrets for Avi Password + +Optionally, you can use the Rancher Secrets to pass the Avi controller +password instead of using environment variable. +1. Run the Rancher Secrets service before deploying this provider stack. +2. Create a secret named "avi-creds". +3. While deploying the Avi provider stack, use the "avi-creds" secret + for Avi Provider service. diff --git a/templates/avi/1/docker-compose.yml b/templates/avi/1/docker-compose.yml new file mode 100644 index 0000000..da7aa2f --- /dev/null +++ b/templates/avi/1/docker-compose.yml @@ -0,0 +1,16 @@ +avi: + image: rancher/external-lb:v0.3.4 + command: -provider=Avi + expose: + - 1000 + environment: + AVI_USER: ${AVI_USER} + AVI_PASSWORD: ${AVI_PASSWORD} + AVI_CONTROLLER_ADDR: ${AVI_CONTROLLER_ADDR} + AVI_CONTROLLER_PORT: ${AVI_CONTROLLER_PORT} + AVI_SSL_VERIFY: ${AVI_SSL_VERIFY} + AVI_CLOUD_NAME: ${AVI_CLOUD_NAME} + LB_TARGET_RANCHER_SUFFIX: ${LB_TARGET_RANCHER_SUFFIX} + labels: + io.rancher.container.create_agent: "true" + io.rancher.container.agent.role: "external-lb" diff --git a/templates/avi/1/rancher-compose.yml b/templates/avi/1/rancher-compose.yml new file mode 100644 index 0000000..3346816 --- /dev/null +++ b/templates/avi/1/rancher-compose.yml @@ -0,0 +1,52 @@ +.catalog: + name: Avi Vantange Platform Load Balancer + version: "v0.3.4-rancher1" + description: "External LB service powered by Avi Vantage Platform" + minimum_rancher_version: v1.1.0 + questions: + - variable: "AVI_USER" + label: "Avi account username" + description: "User name for your account on Avi Controller" + type: "string" + required: true + - variable: "AVI_PASSWORD" + label: "Avi user account password" + description: "Password for your account on Avi Controller" + type: "string" + required: false + - variable: "AVI_CONTROLLER_ADDR" + label: "Avi Controller IP Address" + description: "IP Address of the Avi Controller" + type: "string" + required: true + - variable: "AVI_CONTROLLER_PORT" + label: "Avi Controller Port (Optional)" + description: "Port on which Avi Controller is listening for API requests" + type: "string" + required: false + - variable: "AVI_CLOUD_NAME" + label: "Avi Cloud Name (Optional)" + description: "Name of Avi Cloud in which Virtual Services are created" + required: false + type: "string" + - variable: "AVI_SSL_VERIFY" + label: "Avi SSL Verify (Optional)" + description: "SSL certificate validation while connecting to Avi Controller" + required: false + type: "boolean" + default: false + - variable: "LB_TARGET_RANCHER_SUFFIX" + label: "Avi pool name suffix" + description: "Pool names in Avi created/updated by Rancher will have this suffix" + type: "string" + required: true + default: rancher.internal + +avi: + health_check: + port: 1000 + interval: 5000 + unhealthy_threshold: 2 + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 diff --git a/templates/avi/2/README.md b/templates/avi/2/README.md new file mode 100644 index 0000000..5f11ed2 --- /dev/null +++ b/templates/avi/2/README.md @@ -0,0 +1,29 @@ +Avi Vantage Platform Load Balancer Provider +======== + +## About Avi Vantage Platform +The [Avi Vantage Platform](https://avinetworks.com/software-load-balancer-for-any-cloud/) is built on software-defined architectural principles to create a centrally managed pool of distributed load balancers to deliver application services close to the applications. + +## About this provider +This provider load balances Rancher services using Avi Vantage Platform Load Balancer. It uses REST API to update the Avi controller which enables the Avi Service Engines to load balance the Rancher Services. + +## Usage + +1. Deploy the stack for this provider from Rancher Community Catalog. + While deploying, you need to give the username, password, + Avi Controller IP address, Avi Controller Port, the Cloud name + where Virtual Services and Pools are created. +2. Create services in Rancher with public host port mapping and corresponding + Virtual services are created in Avi. All CRUD operations on services get + reflected in Avi Controller and Service Engine. +3. You can scale out/in the service and the changes will get reflected on + Avi Controller and Service Engine. + +### Using Rancher Secrets for Avi Password + +Optionally, you can use the Rancher Secrets to pass the Avi controller +password instead of using environment variable. +1. Run the Rancher Secrets service before deploying this provider stack. +2. Create a secret named "avi-creds". +3. While deploying the Avi provider stack, use the "avi-creds" secret + for Avi Provider service. diff --git a/templates/avi/2/docker-compose.yml b/templates/avi/2/docker-compose.yml new file mode 100644 index 0000000..137a8ee --- /dev/null +++ b/templates/avi/2/docker-compose.yml @@ -0,0 +1,13 @@ +avi: + image: avinetworks/avi-rancher-controller:2017-12-01T194110.475015629Z + expose: + - 1000 + environment: + AVI_USER: ${AVI_USER} + AVI_PASSWORD: ${AVI_PASSWORD} + AVI_CONTROLLER_ADDR: ${AVI_CONTROLLER_ADDR} + AVI_CONTROLLER_PORT: ${AVI_CONTROLLER_PORT} + AVI_SSL_VERIFY: ${AVI_SSL_VERIFY} + AVI_CLOUD_NAME: ${AVI_CLOUD_NAME} + AVI_DNS_SUBDOMAIN: ${AVI_DNS_SUBDOMAIN} + AVI_TENANT: ${AVI_TENANT} diff --git a/templates/avi/2/rancher-compose.yml b/templates/avi/2/rancher-compose.yml new file mode 100644 index 0000000..0a7a201 --- /dev/null +++ b/templates/avi/2/rancher-compose.yml @@ -0,0 +1,57 @@ +.catalog: + name: Avi Vantange Platform Load Balancer + version: "v1-Avi" + description: "External LB service powered by Avi Vantage Platform" + minimum_rancher_version: v1.1.0 + questions: + - variable: "AVI_USER" + label: "Avi account username" + description: "User name for your account on Avi Controller" + type: "string" + required: true + - variable: "AVI_PASSWORD" + label: "Avi user account password" + description: "Password for your account on Avi Controller" + type: "password" + required: false + - variable: "AVI_CONTROLLER_ADDR" + label: "Avi Controller IP Address" + description: "IP Address of the Avi Controller" + type: "string" + required: true + - variable: "AVI_CONTROLLER_PORT" + label: "Avi Controller Port (Optional)" + description: "Port on which Avi Controller is listening for API requests" + type: "string" + required: false + - variable: "AVI_CLOUD_NAME" + label: "Avi Cloud Name (Optional)" + description: "Name of Avi Cloud in which Virtual Services are created" + required: false + type: "string" + - variable: "AVI_SSL_VERIFY" + label: "Avi SSL Verify (Optional)" + description: "SSL certificate validation while connecting to Avi Controller" + required: false + type: "boolean" + default: false + - variable: "AVI_DNS_SUBDOMAIN" + label: "Avi VS subdomain" + description: "Avi Virtual services are created with the subdomain config" + type: "string" + required: false + - variable: "AVI_TENANT" + label: "Avi tenant name" + description: "Avi Virtual service created in tenant" + type: "string" + required: false + default: admin + +avi: + health_check: + port: 1000 + interval: 5000 + unhealthy_threshold: 2 + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 diff --git a/templates/avi/config.yml b/templates/avi/config.yml index 562d7c0..c8641fd 100644 --- a/templates/avi/config.yml +++ b/templates/avi/config.yml @@ -1,5 +1,5 @@ name: Avi Vantage Platform description: | External LB service powered by Avi Vantage Platform -version: v0.3.2-rancher1 +version: v1-Avi category: Load Balancing diff --git a/templates/aws-elbv1/2/README.md b/templates/aws-elbv1/2/README.md new file mode 100644 index 0000000..bc7a9c5 --- /dev/null +++ b/templates/aws-elbv1/2/README.md @@ -0,0 +1,15 @@ +AWS ELB Classic External LB Service +========== + +#### About ELB Classic Load Balancers +The [Classic Load Balancer](https://aws.amazon.com/elasticloadbalancing/classicloadbalancer/) option in AWS routes traffic based on application or network level information and is ideal for simple load balancing of traffic across multiple EC2 instances. + +#### About this service +Load balance Rancher services using Elastic Load Balancing. +This service keeps existing ELB Classic load balancers updated with the EC2 instances on which Rancher services that have one or more exposed ports and the label `io.rancher.service.external_lb.endpoint` are running on. + +#### Usage + +1. Deploy this stack +2. Using the AWS Console create a Classic ELB load balancer with one or more listeners and configure it according to your applications requirements. Configure the listener(s) with an instance protocol and port matching that of the Rancher service that you want to forward traffic to. +3. Create or update your service to expose host ports that match the configuration of the ELB listener(s). Add the service label `io.rancher.service.external_lb.endpoint` using as value the name of the ELB load balancer you created. diff --git a/templates/aws-elbv1/2/docker-compose.yml b/templates/aws-elbv1/2/docker-compose.yml new file mode 100644 index 0000000..df5e3f0 --- /dev/null +++ b/templates/aws-elbv1/2/docker-compose.yml @@ -0,0 +1,14 @@ +elbv1: + image: rancher/external-lb:v0.3.3 + command: -provider=elbv1 + expose: + - 1000 + environment: + ELBV1_AWS_ACCESS_KEY: ${ELBV1_AWS_ACCESS_KEY} + ELBV1_AWS_SECRET_KEY: ${ELBV1_AWS_SECRET_KEY} + ELBV1_AWS_REGION: ${ELBV1_AWS_REGION} + ELBV1_AWS_VPCID: ${ELBV1_AWS_VPCID} + ELBV1_USE_PRIVATE_IP: ${ELBV1_USE_PRIVATE_IP} + labels: + io.rancher.container.create_agent: "true" + io.rancher.container.agent.role: "external-dns" diff --git a/templates/aws-elbv1/2/rancher-compose.yml b/templates/aws-elbv1/2/rancher-compose.yml new file mode 100644 index 0000000..9a3a68f --- /dev/null +++ b/templates/aws-elbv1/2/rancher-compose.yml @@ -0,0 +1,41 @@ +.catalog: + name: ELB Classic Load Balancer + version: "v0.3.3-rancher1" + description: "External LB service powered by AWS Elastic Load Balancing" + minimum_rancher_version: v1.1.0 + questions: + - variable: "ELBV1_AWS_ACCESS_KEY" + label: "AWS Access Key ID" + description: "Access key ID for your AWS account" + type: "string" + required: false + - variable: "ELBV1_AWS_SECRET_KEY" + label: "AWS Secret Access Key" + description: "Secret access key for your AWS account" + type: "string" + required: false + - variable: "ELBV1_AWS_REGION" + label: "AWS Region (Optional)" + description: "The region for load balancers and EC2 instances in this Rancher environment. Defaults to the region of the instance the service will be running on." + type: "string" + required: false + - variable: "ELBV1_AWS_VPCID" + label: "AWS VPC ID (Optional)" + description: "The VPC for the load balancers and EC2 instances in this Rancher environment. Defaults to the VPC of the instance the service will be running on." + type: "string" + required: false + - variable: "ELBV1_USE_PRIVATE_IP" + label: "EC2 Private IP Lookup" + description: "If your EC2 instances are registered in Rancher with their private IP addresses, then this must be set to true." + required: true + type: "boolean" + default: false + +elbv1: + health_check: + port: 1000 + interval: 5000 + unhealthy_threshold: 2 + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 diff --git a/templates/aws-elbv1/config.yml b/templates/aws-elbv1/config.yml index 9aec5d1..bb9feca 100644 --- a/templates/aws-elbv1/config.yml +++ b/templates/aws-elbv1/config.yml @@ -1,5 +1,5 @@ name: ELB Classic Load Balancer description: | External LB service powered by AWS Elastic Load Balancing -version: v0.3.0-rancher1 +version: v0.3.3-rancher1 category: Load Balancing diff --git a/templates/bitbucket/1/docker-compose.yml b/templates/bitbucket/1/docker-compose.yml new file mode 100644 index 0000000..6dc04b1 --- /dev/null +++ b/templates/bitbucket/1/docker-compose.yml @@ -0,0 +1,24 @@ +version: '2' + +services: + + bitbucket: + image: atlassian/bitbucket-server:5.6.1 + volumes_from: + - bitbucket-data + ports: + - ${BITBUCKET_PORT}:7990 + labels: + io.rancher.sidekicks: bitbucket-data + io.rancher.container.hostname_override: container_name + + bitbucket-data: + image: atlassian/bitbucket-server:5.6.1 + entrypoint: + - /bin/true + volumes: + - /var/atlassian/application-data/bitbucket + labels: + io.rancher.container.start_once: 'true' + io.rancher.container.hostname_override: container_name + diff --git a/templates/bitbucket/1/rancher-compose.yml b/templates/bitbucket/1/rancher-compose.yml new file mode 100644 index 0000000..3058039 --- /dev/null +++ b/templates/bitbucket/1/rancher-compose.yml @@ -0,0 +1,22 @@ +version: '2' + +catalog: + name: bitbucket + version: 5.6.1 + description: Git Server + questions: + - variable: BITBUCKET_PORT + label: Port + default: 80 + required: true + type: int + +services: + bitbucket: + scale: 1 + start_on_create: true + + bitbucket-data: + scale: 1 + start_on_create: true + diff --git a/templates/bitbucket/config.yml b/templates/bitbucket/config.yml index 9799142..64bf8a6 100644 --- a/templates/bitbucket/config.yml +++ b/templates/bitbucket/config.yml @@ -1,6 +1,4 @@ name: bitbucket description: Git Server -version: 0.0.1 +version: 5.6.1 category: Versioning -projectURL: https://github.com/ellerbrock/rancher-collection - diff --git a/templates/datadog/6/README.md b/templates/datadog/6/README.md new file mode 100644 index 0000000..93121e1 --- /dev/null +++ b/templates/datadog/6/README.md @@ -0,0 +1,23 @@ +# Datadog agent + +This template deploys a [Datadog](https://www.datadoghq.com/) agent stack consisting of the official [docker-dd-agent](https://www.github.com/Datadog/docker-dd-agent) image and a configuration sidekick that provides closer integration with Rancher: + +* Hosts in Datadog are named correctly +* Host labels can be exported as Datadog host tags +* Service labels can be exported as Datadog metric tags + +## Service Discovery + +Please refer to the Datadog documentation [here](http://docs.datadoghq.com/guides/servicediscovery/) to learn how to provide configuration templates for Service Discovery in etcd or Consul. + +## Changelog + +**1.1.1-11.0.5140** + +* Datadog image updated to v5.1.40 which includes the following Rancher specific changes: + * Service Discovery: Add ability to get docker IP address from Rancher labels for Rancher + * Docker: Fix cgroup parsing on RancherOS +* Switched to use the Alpine based agent image +* Added template configuration of Proxy settings +* Added template configuration to disable DogStatsD +* Added template configuration to overwrite DD intake URL diff --git a/templates/datadog/6/docker-compose.yml b/templates/datadog/6/docker-compose.yml new file mode 100755 index 0000000..d955d28 --- /dev/null +++ b/templates/datadog/6/docker-compose.yml @@ -0,0 +1,47 @@ +datadog-init: + image: janeczku/datadog-rancher-init:v2.2.5 + net: none + command: /bin/true + volumes: + - /opt/rancher + labels: + io.rancher.container.start_once: "true" + io.rancher.container.pull_image: always +datadog-agent: + image: datadog/docker-dd-agent:11.0.5140 + command: supervisord -n -c /etc/dd-agent/supervisor.conf + entrypoint: /opt/rancher/entrypoint-wrapper.py + restart: always + environment: + # Evaluated by datadog-agent image + API_KEY: ${api_key} + EC2_TAGS: ${dd_ec2_tags} + DD_LOG_LEVEL: ${dd_log_level} + USE_DOGSTATSD: ${dd_dogstatsd_enabled} + STATSD_METRIC_NAMESPACE: ${statsd_namespace} + DD_URL: ${custom_dd_url} + PROXY_HOST: ${proxy_host} + PROXY_PORT: ${proxy_port} + DD_APM_ENABLED: ${dd_apm_enabled} + # Evaluated by datadog-init script + DD_HOST_LABELS: ${host_labels} + DD_HOST_TAGS: ${host_tags} + DD_CONTAINER_LABELS: ${service_labels} + DD_SERVICE_DISCOVERY: ${service_discovery} + DD_SD_CONFIG_BACKEND: ${sd_config_backend} + DD_SD_BACKEND_HOST: ${sd_backend_host} + DD_SD_BACKEND_PORT: ${sd_backend_port} + DD_SD_TEMPLATE_DIR: ${sd_template_dir} + DD_CONSUL_TOKEN: ${dd_consul_token} + DD_CONSUL_SCHEME: ${dd_consul_scheme} + DD_CONSUL_VERIFY: ${dd_consul_verify} + DD_METADATA_HOSTNAME: rancher-metadata + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /proc/:/host/proc/:ro + - ${cgroups_location}:/host/sys/fs/cgroup:ro + volumes_from: + - datadog-init + labels: + io.rancher.scheduler.global: "${global_service}" + io.rancher.sidekicks: "datadog-init" diff --git a/templates/datadog/6/rancher-compose.yml b/templates/datadog/6/rancher-compose.yml new file mode 100755 index 0000000..368ca2e --- /dev/null +++ b/templates/datadog/6/rancher-compose.yml @@ -0,0 +1,168 @@ +.catalog: + name: "Datadog" + version: "1.1.1-11.0.5140" + description: "Real-time performance tracking and visualization of your container-based application deployment" + minimum_rancher_version: v1.2.0 + questions: + - variable: "api_key" + label: "Datadog API Key" + description: | + Enter your Datadog API key. + required: true + type: "string" + - variable: "global_service" + label: "Global Service" + description: | + Enable this option to run a Datadog agent container on every host in the environment. + required: true + type: "boolean" + default: true + - variable: "host_labels" + label: "Export Host Labels as Tags" + description: | + Comma delimited list of host labels to export as Datadog host tags, e.g. 'region,zone'. + required: false + type: "string" + - variable: "service_labels" + label: "Export Service Labels as Tags" + description: | + Comma delimited list of service labels to export as Datadog metric tags. + 'io.rancher.stack.name' and 'io.rancher.stack_service.name' are exported by default. + required: false + type: "string" + - variable: "host_tags" + label: "Global Host Tags" + description: | + Comma delimited list of host tags to apply to metrics, e.g. 'simple-tag-0,tag-key-1:tag-value-1'. + required: false + type: "string" + - variable: "dd_ec2_tags" + label: "Collect AWS EC2 Tags" + description: | + Collect AWS EC2 custom tags as agent tags (requires an IAM role associated with the instance). + required: true + type: "boolean" + default: false + - variable: cgroups_location + label: Cgroup directory location + description: | + Set this to '/cgroups/' if your hosts are running Amazon Linux AMIs. + required: true + type: enum + default: '/sys/fs/cgroup/' + options: + - '/sys/fs/cgroup/' + - '/cgroups/' + - variable: "dd_apm_enabled" + label: "Enable APM agent" + description: | + Enable the Datadog trace-agent along with the infrastructure agent, allowing the container to accept traces on 8126/tcp. + This will run the agent from the Debian based Datadog image instead of the Alpine based one. + required: true + type: "boolean" + default: false + - variable: "service_discovery" + label: "Enable Service Discovery" + description: | + Collect metrics from supported applications running in Docker containers. + required: true + type: "boolean" + default: false + - variable: "sd_config_backend" + label: Service Discovery Configuration Backend + description: | + Choose a key/value store to use for looking up application configuration templates. + If none is provided only auto config templates will be used. + required: true + type: enum + default: none + options: + - none + - etcd + - consul + - variable: "sd_backend_host" + label: "Configuration Backend Host" + description: | + IP address or DNS name to use to connect to the configuration backend. + required: false + type: "string" + - variable: "sd_backend_port" + label: "Configuration Backend Port" + description: | + Port to use to connect to the configuration backend. + required: false + type: "int" + - variable: "sd_template_dir" + label: "Configuration Backend Template Path" + description: | + Specify a custom path where the agent should look for configuration templates in the backend. + The default is '/datadog/check_configs'. + required: false + type: "string" + - variable: "dd_consul_scheme" + label: "Consul Connection Scheme" + description: | + Scheme to use for requests to a Consul backend. + required: false + type: enum + default: http + options: + - http + - https + - variable: "dd_consul_verify" + label: "Verify Consul SSL Certificate" + description: | + Whether to verify the SSL certificate for HTTPS requests to a Consul backend. + required: false + type: "boolean" + default: true + - variable: "dd_consul_token" + label: "Consul ACL Token" + description: | + If the Consul backend uses ACL, specify a token granting read access to the configuration templates. + required: false + type: "string" + - variable: "dd_dogstatsd_enabled" + label: "Enable DogStatsD" + description: | + Enable a DogStatsD instance to run along with the infrastructure agent. + required: true + type: "boolean" + default: true + - variable: "statsd_namespace" + label: "StatsD Metric Namespace" + description: | + Optional namespace for aggregated StatsD metrics. + required: false + type: "string" + - variable: "custom_dd_url" + label: "Custom Datadog Intake URL" + description: | + Set a custom Intake URL to send Agent data to. + required: false + type: "string" + - variable: "dd_log_level" + label: "Agent log level" + description: | + Set the logging verbosity of the Datadog agent. + required: false + type: enum + default: INFO + options: + - CRITICAL + - ERROR + - WARNING + - INFO + - DEBUG + - variable: "proxy_host" + label: "Proxy Host" + description: | + Use a proxy to send Agent data to the Datadog servers. + required: false + type: "string" + - variable: "proxy_port" + label: "Proxy Port" + description: | + Use a proxy to send Agent data to the Datadog servers. + required: false + type: "string" diff --git a/templates/datadog/config.yml b/templates/datadog/config.yml index 4e682a4..e3ba5d4 100755 --- a/templates/datadog/config.yml +++ b/templates/datadog/config.yml @@ -1,7 +1,7 @@ name: Datadog description: | Real-time performance tracking and visualization of your container-based application deployment -version: 1.1.0-11.0.5123 +version: 1.1.1-11.0.5140 category: Monitoring maintainer: "Jan Bruder " license: The MIT License diff --git a/templates/drone/4/docker-compose.yml.tpl b/templates/drone/4/docker-compose.yml.tpl index eae9aad..fb9a50a 100644 --- a/templates/drone/4/docker-compose.yml.tpl +++ b/templates/drone/4/docker-compose.yml.tpl @@ -62,7 +62,7 @@ services: {{- end}} {{- if eq .Values.drone_driver "GitLab"}} DRONE_GITLAB: true - DRONE_GITLAB_CLIENT: ${drone_driver_secret} + DRONE_GITLAB_CLIENT: ${drone_driver_client} DRONE_GITLAB_SECRET: ${drone_driver_secret} DRONE_GITLAB_URL: ${drone_driver_url} {{- end}} diff --git a/templates/drone/5/README.md b/templates/drone/5/README.md new file mode 100644 index 0000000..e80a123 --- /dev/null +++ b/templates/drone/5/README.md @@ -0,0 +1,19 @@ +# Drone + +### Info: + +This template creates an instance of Drone CI server 0.8.1 along with selectable number of agents to perform the builds. + +### Usage: + +Select the Drone template from the catalog. Provide the following information: + +1. Publish port +2. Agents scale +3. Drone secret +4. Run mode. debug | release +3. Remote driver and config. (Ie. GitHub) +4. Database driver and config. (Ie. sqlite) + + +See [Drone documentation](http://readme.drone.io/admin) for complete information. diff --git a/templates/drone/5/docker-compose.yml.tpl b/templates/drone/5/docker-compose.yml.tpl new file mode 100644 index 0000000..eae9aad --- /dev/null +++ b/templates/drone/5/docker-compose.yml.tpl @@ -0,0 +1,116 @@ +version: '2' +services: + agent: + image: drone/agent:${drone_version} + environment: + DRONE_SERVER: ${drone_server} + DRONE_SECRET: ${drone_secret} +{{- if (.Values.http_proxy)}} + HTTP_PROXY: ${http_proxy} + http_proxy: ${http_proxy} +{{- end}} +{{- if (.Values.https_proxy)}} + HTTPS_PROXY: ${https_proxy} + https_proxy: ${https_proxy} +{{- end}} +{{- if (.Values.no_proxy)}} + NO_PROXY: ${no_proxy} + no_proxy: ${no_proxy} +{{- end}} + volumes: + - /var/run/docker.sock:/var/run/docker.sock + links: + - server:drone + command: + - agent + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + server: + image: drone/drone:${drone_version} + environment: + DRONE_HOST: ${drone_host} + GIN_MODE: ${gin_mode} +{{- if (.Values.drone_debug)}} + DRONE_DEBUG: '${drone_debug}' +{{- end}} + DRONE_SECRET: ${drone_secret} + DRONE_OPEN: ${drone_open} +{{- if (.Values.drone_admin)}} + DRONE_ADMIN: ${drone_admin} +{{- end}} +{{- if (.Values.drone_orgs)}} + DRONE_ORGS: ${drone_orgs} +{{- end}} +{{- if eq .Values.drone_driver "GitHub"}} + DRONE_GITHUB: true + DRONE_GITHUB_CLIENT: ${drone_driver_client} + DRONE_GITHUB_SECRET: ${drone_driver_secret} +{{- end}} +{{- if eq .Values.drone_driver "Bitbucket Cloud"}} + DRONE_BITBUCKET: true + DRONE_BITBUCKET_CLIENT: ${drone_driver_client} + DRONE_BITBUCKET_SECRET: ${drone_driver_secret} +{{- end}} +{{- if eq .Values.drone_driver "Bitbucket Server"}} + DRONE_STASH: true + DRONE_STASH_GIT_USERNAME: ${drone_driver_user} + DRONE_STASH_GIT_PASSWORD: ${drone_driver_password} + DRONE_STASH_CONSUMER_KEY: ${drone_driver_client} + DRONE_STASH_CONSUMER_RSA_STRING: ${drone_driver_secret} + DRONE_STASH_URL: ${drone_driver_url} +{{- end}} +{{- if eq .Values.drone_driver "GitLab"}} + DRONE_GITLAB: true + DRONE_GITLAB_CLIENT: ${drone_driver_secret} + DRONE_GITLAB_SECRET: ${drone_driver_secret} + DRONE_GITLAB_URL: ${drone_driver_url} +{{- end}} +{{- if eq .Values.drone_driver "Gogs"}} + DRONE_GOGS: true + DRONE_GOGS_URL: ${drone_driver_url} +{{- end}} +{{- if ne .Values.database_driver "sqlite"}} + DRONE_DATABASE_DRIVER: ${database_driver} + DRONE_DATABASE_DATASOURCE: ${database_source} +{{- end}} +{{- if (.Values.http_proxy)}} + HTTP_PROXY: ${http_proxy} + http_proxy: ${http_proxy} +{{- end}} +{{- if (.Values.https_proxy)}} + HTTPS_PROXY: ${https_proxy} + https_proxy: ${https_proxy} +{{- end}} +{{- if (.Values.no_proxy)}} + NO_PROXY: ${no_proxy} + no_proxy: ${no_proxy} +{{- end}} + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name +{{- if eq .Values.database_driver "sqlite"}} + io.rancher.sidekicks: server-volume + volumes_from: + - server-volume + server-volume: + image: rawmind/alpine-volume:0.0.2-1 + environment: + SERVICE_GID: '0' + SERVICE_UID: '0' + SERVICE_VOLUME: /var/lib/drone + network_mode: none + volumes: + - /var/lib/drone + labels: + io.rancher.container.start_once: 'true' + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name +{{- end}} + lb: + image: rancher/lb-service-haproxy:v0.6.4 + ports: + - ${host_port}:${host_port} + labels: + io.rancher.scheduler.global: 'true' + io.rancher.scheduler.affinity:host_label_soft: ${drone_lb_host_label} diff --git a/templates/drone/5/rancher-compose.yml b/templates/drone/5/rancher-compose.yml new file mode 100644 index 0000000..3da3bec --- /dev/null +++ b/templates/drone/5/rancher-compose.yml @@ -0,0 +1,188 @@ +version: 2 +catalog: + name: Drone + version: 0.8.1-rancher1 + upgrade_from: 0.8.0-rc.1-rancher1 + description: | + Drone CI Server ref http://readme.drone.io/admin/installation-guide/ + questions: + - variable: drone_host + label: Drone Host URL + description: Intended URL Drone will be hosted on, e.g. http://drone.mycompany.com. + required: true + type: string + - variable: host_port + label: Drone Server Host Port + description: Public port that will be exposed on service creation. + required: true + default: 8000 + type: int + - variable: agent_scale + label: Drone Agent Scale + description: Drone agent scale to deploy + required: true + default: 1 + type: int + - variable: drone_secret + label: Server and Agents Secret + description: Server and agents secret to be communicate. http://readme.drone.io/admin/user-registration/ + type: password + required: true + - variable: gin_mode + label: Run mode + description: "Drone run mode, GIN_MODE" + type: enum + default: "release" + options: + - "release" + - "debug" + required: true + - variable: drone_open + label: Open Registration + description: | + Users self register. http://readme.drone.io/admin/user-registration/ + required: true + default: true + type: enum + options: + - true + - false + - variable: drone_admin + label: Drone Admin + description: List of admins for drone comma seperated. http://readme.drone.io/admin/user-admins/ + type: string + required: false + - variable: drone_orgs + label: Organizations + description: Comman seperated list of org that can access drone. http://readme.drone.io/admin/user-registration/ + type: string + required: false + - variable: "drone_driver" + type: "enum" + required: true + label: "Remote Driver" + default: "GitHub" + description: "Remote Git and Auth scheme. ref http://readme.drone.io/admin" + options: + - GitHub + - GitLab + - Gogs + - Bitbucket Cloud + - Bitbucket Server + - variable: drone_driver_client + label: Remote Driver Client + description: "Client key from remote driver. Required for GitHub, Bitbucket Cloud, Bitbucket Server and GitLab." + type: string + required: false + - variable: drone_driver_secret + label: Remote Driver Secret + description: "Secret key from remote driver. Required for GitHub, Bitbucket Cloud, Bitbucket Server and GitLab." + type: multiline + required: false + - variable: drone_driver_url + label: Remote Driver URL + description: "Remote Driver server url. Required for GitLab, Gogs and Bitbucket Server; see http://readme.drone.io/admin." + type: string + required: false + - variable: drone_driver_user + label: Remote Driver Username + description: "Remote Driver username. Required for BitBucket Server; see http://docs.drone.io/install-for-bitbucket-server/." + type: string + required: false + - variable: drone_driver_password + label: Remote Driver Password + description: "Remote Driver password. Required for BitBucket Server, http://docs.drone.io/install-for-bitbucket-server/." + type: password + required: false + - variable: drone_server + label: Drone Server + description: "Drone sever identifier. Used by the agent to connect to the server (does not require change)." + type: string + default: "drone:9000" + - variable: drone_version + label: Drone Version + description: "Drone version/Docker tag used for the Drone container images." + type: enum + default: "0.8.1" + options: + - 0.8.1 + - 0.8.0 + - '0.8' + - latest + - variable: database_driver + label: Database Driver + description: "Database driver. If sqlite, additional volume would be mounted at /var/lib/drone." + type: enum + default: "sqlite" + options: + - "sqlite" + - "mysql" + - "postgres" + required: true + - variable: "database_source" + type: "string" + label: "Database source" + description: "Database datasource. Required if database driver is mysql or postgres, http://readme.drone.io/admin/database-engines/" + required: false + - variable: "http_proxy" + type: string + label: HTTP Proxy + description: "Optional: HTTP forward proxy URL." + required: false + - variable: "https_proxy" + type: string + label: HTTPS Proxy + description: "Optional: HTTPS forward proxy URL." + required: false + - variable: "no_proxy" + type: string + label: No Proxy + description: "Optional: No proxy hosts (comma-separated hostnames/IPs)." + required: false + default: "drone" + - variable: "drone_debug" + label: Drone Debug + description: "Enable debug output with the Drone server." + type: enum + options: + - 'true' + - 'false' + default: 'false' + - variable: drone_lb_host_label + label: Drone LB Host Label + description: Host label (soft affinity) for scheduling of the load balancer service. + required: true + default: "drone_lb=true" + type: string +services: + agent: + scale: ${agent_scale} + start_on_create: true + server: + scale: 1 + start_on_create: true + health_check: + port: 8000 + interval: 2000 + unhealthy_threshold: 3 + strategy: recreate + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 + lb: + start_on_create: true + lb_config: + certs: [] + port_rules: + - priority: 1 + protocol: http + service: server + source_port: ${host_port} + target_port: 8000 + health_check: + healthy_threshold: 2 + response_timeout: 2000 + port: 42 + unhealthy_threshold: 3 + interval: 2000 + strategy: recreate diff --git a/templates/drone/6/README.md b/templates/drone/6/README.md new file mode 100644 index 0000000..f6021aa --- /dev/null +++ b/templates/drone/6/README.md @@ -0,0 +1,19 @@ +# Drone + +### Info: + +This template creates an instance of Drone CI server 0.8.2 along with selectable number of agents to perform the builds. + +### Usage: + +Select the Drone template from the catalog. Provide the following information: + +1. Publish port +2. Agents scale +3. Drone secret +4. Run mode. debug | release +3. Remote driver and config. (Ie. GitHub) +4. Database driver and config. (Ie. sqlite) + + +See [Drone documentation](http://readme.drone.io/admin) for complete information. diff --git a/templates/drone/6/docker-compose.yml.tpl b/templates/drone/6/docker-compose.yml.tpl new file mode 100644 index 0000000..be28a4c --- /dev/null +++ b/templates/drone/6/docker-compose.yml.tpl @@ -0,0 +1,116 @@ +version: '2' +services: + agent: + image: drone/agent:${drone_version} + environment: + DRONE_SERVER: ${drone_server} + DRONE_SECRET: ${drone_secret} +{{- if (.Values.http_proxy)}} + HTTP_PROXY: ${http_proxy} + http_proxy: ${http_proxy} +{{- end}} +{{- if (.Values.https_proxy)}} + HTTPS_PROXY: ${https_proxy} + https_proxy: ${https_proxy} +{{- end}} +{{- if (.Values.no_proxy)}} + NO_PROXY: ${no_proxy} + no_proxy: ${no_proxy} +{{- end}} + volumes: + - /var/run/docker.sock:/var/run/docker.sock + links: + - server:drone + command: + - agent + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + server: + image: drone/drone:${drone_version} + environment: + DRONE_HOST: ${drone_host} + GIN_MODE: ${gin_mode} +{{- if (.Values.drone_debug)}} + DRONE_DEBUG: '${drone_debug}' +{{- end}} + DRONE_SECRET: ${drone_secret} + DRONE_OPEN: ${drone_open} +{{- if (.Values.drone_admin)}} + DRONE_ADMIN: ${drone_admin} +{{- end}} +{{- if (.Values.drone_orgs)}} + DRONE_ORGS: ${drone_orgs} +{{- end}} +{{- if eq .Values.drone_driver "GitHub"}} + DRONE_GITHUB: true + DRONE_GITHUB_CLIENT: ${drone_driver_client} + DRONE_GITHUB_SECRET: ${drone_driver_secret} +{{- end}} +{{- if eq .Values.drone_driver "Bitbucket Cloud"}} + DRONE_BITBUCKET: true + DRONE_BITBUCKET_CLIENT: ${drone_driver_client} + DRONE_BITBUCKET_SECRET: ${drone_driver_secret} +{{- end}} +{{- if eq .Values.drone_driver "Bitbucket Server"}} + DRONE_STASH: true + DRONE_STASH_GIT_USERNAME: ${drone_driver_user} + DRONE_STASH_GIT_PASSWORD: ${drone_driver_password} + DRONE_STASH_CONSUMER_KEY: ${drone_driver_client} + DRONE_STASH_CONSUMER_RSA_STRING: ${drone_driver_secret} + DRONE_STASH_URL: ${drone_driver_url} +{{- end}} +{{- if eq .Values.drone_driver "GitLab"}} + DRONE_GITLAB: true + DRONE_GITLAB_CLIENT: ${drone_driver_secret} + DRONE_GITLAB_SECRET: ${drone_driver_secret} + DRONE_GITLAB_URL: ${drone_driver_url} +{{- end}} +{{- if eq .Values.drone_driver "Gogs"}} + DRONE_GOGS: true + DRONE_GOGS_URL: ${drone_driver_url} +{{- end}} +{{- if ne .Values.database_driver "sqlite"}} + DRONE_DATABASE_DRIVER: ${database_driver} + DRONE_DATABASE_DATASOURCE: ${database_source} +{{- end}} +{{- if (.Values.http_proxy)}} + HTTP_PROXY: ${http_proxy} + http_proxy: ${http_proxy} +{{- end}} +{{- if (.Values.https_proxy)}} + HTTPS_PROXY: ${https_proxy} + https_proxy: ${https_proxy} +{{- end}} +{{- if (.Values.no_proxy)}} + NO_PROXY: ${no_proxy} + no_proxy: ${no_proxy} +{{- end}} + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name +{{- if eq .Values.database_driver "sqlite"}} + io.rancher.sidekicks: server-volume + volumes_from: + - server-volume + server-volume: + image: rawmind/alpine-volume:0.0.2-1 + environment: + SERVICE_GID: '0' + SERVICE_UID: '0' + SERVICE_VOLUME: /var/lib/drone + network_mode: none + volumes: + - /var/lib/drone + labels: + io.rancher.container.start_once: 'true' + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name +{{- end}} + lb: + image: rancher/lb-service-haproxy:v0.7.15 + ports: + - ${host_port}:${host_port} + labels: + io.rancher.scheduler.global: 'true' + io.rancher.scheduler.affinity:host_label_soft: ${drone_lb_host_label} diff --git a/templates/drone/6/rancher-compose.yml b/templates/drone/6/rancher-compose.yml new file mode 100644 index 0000000..c6a1d33 --- /dev/null +++ b/templates/drone/6/rancher-compose.yml @@ -0,0 +1,189 @@ +version: 2 +catalog: + name: Drone + version: 0.8.2-rancher1 + upgrade_from: 0.8.2-rc.1-rancher1 + description: | + Drone CI Server ref http://readme.drone.io/admin/installation-guide/ + questions: + - variable: drone_host + label: Drone Host URL + description: Intended URL Drone will be hosted on, e.g. http://drone.mycompany.com. + required: true + type: string + - variable: host_port + label: Drone Server Host Port + description: Public port that will be exposed on service creation. + required: true + default: 8000 + type: int + - variable: agent_scale + label: Drone Agent Scale + description: Drone agent scale to deploy + required: true + default: 1 + type: int + - variable: drone_secret + label: Server and Agents Secret + description: Server and agents secret to be communicate. http://readme.drone.io/admin/user-registration/ + type: password + required: true + - variable: gin_mode + label: Run mode + description: "Drone run mode, GIN_MODE" + type: enum + default: "release" + options: + - "release" + - "debug" + required: true + - variable: drone_open + label: Open Registration + description: | + Users self register. http://readme.drone.io/admin/user-registration/ + required: true + default: true + type: enum + options: + - true + - false + - variable: drone_admin + label: Drone Admin + description: List of admins for drone comma seperated. http://readme.drone.io/admin/user-admins/ + type: string + required: false + - variable: drone_orgs + label: Organizations + description: Comman seperated list of org that can access drone. http://readme.drone.io/admin/user-registration/ + type: string + required: false + - variable: "drone_driver" + type: "enum" + required: true + label: "Remote Driver" + default: "GitHub" + description: "Remote Git and Auth scheme. ref http://readme.drone.io/admin" + options: + - GitHub + - GitLab + - Gogs + - Bitbucket Cloud + - Bitbucket Server + - variable: drone_driver_client + label: Remote Driver Client + description: "Client key from remote driver. Required for GitHub, Bitbucket Cloud, Bitbucket Server and GitLab." + type: string + required: false + - variable: drone_driver_secret + label: Remote Driver Secret + description: "Secret key from remote driver. Required for GitHub, Bitbucket Cloud, Bitbucket Server and GitLab." + type: multiline + required: false + - variable: drone_driver_url + label: Remote Driver URL + description: "Remote Driver server url. Required for GitLab, Gogs and Bitbucket Server; see http://readme.drone.io/admin." + type: string + required: false + - variable: drone_driver_user + label: Remote Driver Username + description: "Remote Driver username. Required for BitBucket Server; see http://docs.drone.io/install-for-bitbucket-server/." + type: string + required: false + - variable: drone_driver_password + label: Remote Driver Password + description: "Remote Driver password. Required for BitBucket Server, http://docs.drone.io/install-for-bitbucket-server/." + type: password + required: false + - variable: drone_server + label: Drone Server + description: "Drone sever identifier. Used by the agent to connect to the server (does not require change)." + type: string + default: "drone:9000" + - variable: drone_version + label: Drone Version + description: "Drone version/Docker tag used for the Drone container images." + type: enum + default: "0.8.2" + options: + - 0.8.2 + - 0.8.1 + - 0.8.0 + - '0.8' + - latest + - variable: database_driver + label: Database Driver + description: "Database driver. If sqlite, additional volume would be mounted at /var/lib/drone." + type: enum + default: "sqlite" + options: + - "sqlite" + - "mysql" + - "postgres" + required: true + - variable: "database_source" + type: "string" + label: "Database source" + description: "Database datasource. Required if database driver is mysql or postgres, http://readme.drone.io/admin/database-engines/" + required: false + - variable: "http_proxy" + type: string + label: HTTP Proxy + description: "Optional: HTTP forward proxy URL." + required: false + - variable: "https_proxy" + type: string + label: HTTPS Proxy + description: "Optional: HTTPS forward proxy URL." + required: false + - variable: "no_proxy" + type: string + label: No Proxy + description: "Optional: No proxy hosts (comma-separated hostnames/IPs)." + required: false + default: "drone" + - variable: "drone_debug" + label: Drone Debug + description: "Enable debug output with the Drone server." + type: enum + options: + - 'true' + - 'false' + default: 'false' + - variable: drone_lb_host_label + label: Drone LB Host Label + description: Host label (soft affinity) for scheduling of the load balancer service. + required: true + default: "drone_lb=true" + type: string +services: + agent: + scale: ${agent_scale} + start_on_create: true + server: + scale: 1 + start_on_create: true + health_check: + port: 8000 + interval: 2000 + unhealthy_threshold: 3 + strategy: recreate + request_line: GET / HTTP/1.0 + healthy_threshold: 2 + response_timeout: 2000 + lb: + start_on_create: true + lb_config: + certs: [] + port_rules: + - priority: 1 + protocol: http + service: server + source_port: ${host_port} + target_port: 8000 + health_check: + healthy_threshold: 2 + response_timeout: 2000 + port: 42 + unhealthy_threshold: 3 + interval: 2000 + strategy: recreate diff --git a/templates/drone/config.yml b/templates/drone/config.yml index e501783..25d6aeb 100644 --- a/templates/drone/config.yml +++ b/templates/drone/config.yml @@ -1,5 +1,5 @@ name: Drone description: | Drone CI Server -version: 0.8.0-rc.1-rancher1 +version: 0.8.2-rancher1 category: Continuous Integration diff --git a/templates/es-cluster/0/docker-compose.yml.tpl b/templates/es-cluster/0/docker-compose.yml.tpl index b917a34..700ce3d 100644 --- a/templates/es-cluster/0/docker-compose.yml.tpl +++ b/templates/es-cluster/0/docker-compose.yml.tpl @@ -4,10 +4,7 @@ services: labels: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name - io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.4.0 environment: - "cluster.name=${cluster_name}" @@ -38,9 +35,7 @@ services: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + {{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.4.0 environment: - "cluster.name=${cluster_name}" @@ -71,10 +66,7 @@ services: labels: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name - io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.4.0 environment: - "cluster.name=${cluster_name}" diff --git a/templates/es-cluster/1/docker-compose.yml.tpl b/templates/es-cluster/1/docker-compose.yml.tpl index 5aadb0a..a8802e0 100644 --- a/templates/es-cluster/1/docker-compose.yml.tpl +++ b/templates/es-cluster/1/docker-compose.yml.tpl @@ -4,10 +4,7 @@ services: labels: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name - io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.4.2 environment: - "cluster.name=${cluster_name}" @@ -37,10 +34,7 @@ services: labels: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name - io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.4.2 environment: - "cluster.name=${cluster_name}" @@ -71,10 +65,7 @@ services: labels: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name - io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.4.2 environment: - "cluster.name=${cluster_name}" diff --git a/templates/es-cluster/2/docker-compose.yml.tpl b/templates/es-cluster/2/docker-compose.yml.tpl index f4706fd..5356a0b 100644 --- a/templates/es-cluster/2/docker-compose.yml.tpl +++ b/templates/es-cluster/2/docker-compose.yml.tpl @@ -4,10 +4,7 @@ services: labels: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name - io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.4.2 environment: - "cluster.name=${cluster_name}" @@ -37,10 +34,7 @@ services: labels: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name - io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.4.2 environment: - "cluster.name=${cluster_name}" @@ -71,10 +65,7 @@ services: labels: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name - io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.4.2 environment: - "cluster.name=${cluster_name}" diff --git a/templates/es-cluster/3/docker-compose.yml.tpl b/templates/es-cluster/3/docker-compose.yml.tpl index 9139827..d56afb5 100644 --- a/templates/es-cluster/3/docker-compose.yml.tpl +++ b/templates/es-cluster/3/docker-compose.yml.tpl @@ -4,10 +4,7 @@ services: labels: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name - io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.5.1 environment: - "cluster.name=${cluster_name}" @@ -37,10 +34,7 @@ services: labels: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name - io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.5.1 environment: - "cluster.name=${cluster_name}" @@ -71,10 +65,7 @@ services: labels: io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} io.rancher.container.hostname_override: container_name - io.rancher.sidekicks: es-storage - {{- if eq .Values.UPDATE_SYSCTL "true" -}} - ,es-sysctl - {{- end}} + io.rancher.sidekicks: es-storage{{- if eq .Values.UPDATE_SYSCTL "true" -}},es-sysctl{{- end}} image: docker.elastic.co/elasticsearch/elasticsearch:5.5.1 environment: - "cluster.name=${cluster_name}" diff --git a/templates/gitea/0/Readme.md b/templates/gitea/0/Readme.md new file mode 100644 index 0000000..7efe854 --- /dev/null +++ b/templates/gitea/0/Readme.md @@ -0,0 +1,20 @@ +# Gitea - Git with a cup of tea + +> A painless self-hosted Git service. + +Gitea is a community managed fork of Gogs, lightweight code hosting solution written in Go and published under the MIT license. + +## Installation + +Note the mysql-root password from below, you will need it during installation. + +When launching Gitea for the first time, you will greeted with an installer. You'll need to change two things: + +* The database settings: + * Username: `root` + * Password: the previously mentioned password + * Database: `gitea` + * Database Host: `db:3306` +* Change the domain name to the one you use to access Gitea +* Change the public ssh port to the one you defined earlier if you want to enable ssh +* Change the public URL to the one you defined previously, this is needed to access Gitea's web UI. diff --git a/templates/gitea/0/docker-compose.yml.tpl b/templates/gitea/0/docker-compose.yml.tpl new file mode 100644 index 0000000..6b4533e --- /dev/null +++ b/templates/gitea/0/docker-compose.yml.tpl @@ -0,0 +1,34 @@ +version: '2' +services: + gitea: + image: gitea/gitea:1.3.0 + volumes: + - gitea-data:/data + +{{- if ne .Values.db_link ""}} + external_links: + - ${db_link}:db +{{- else}} + links: + - db:db + db: + image: mariadb:10 + environment: + MYSQL_ROOT_PASSWORD: ${mysql_password} + MYSQL_DATABASE: 'gitea' + volumes: + - gitea-db:/var/lib/mysql +{{- end}} + lb: + image: rancher/lb-service-haproxy:v0.7.9 + ports: + - ${http_port}:${http_port}/tcp + - ${ssh_port}:${ssh_port}/tcp +volumes: + gitea-data: + driver: ${volume_driver} +{{- if eq .Values.db_link ""}} + gitea-db: + driver: ${volume_driver} +{{- end}} + diff --git a/templates/gitea/0/rancher-compose.yml b/templates/gitea/0/rancher-compose.yml new file mode 100644 index 0000000..f3f7a99 --- /dev/null +++ b/templates/gitea/0/rancher-compose.yml @@ -0,0 +1,82 @@ +version: '2' +catalog: + name: "Gitea" + version: "v1.3" + description: "A painless self-hosted Git service." + uuid: gitea-0 + minimum_rancher_version: v0.56.0 + maintainer: "Konrad Langenberg " + questions: + - variable: http_port + description: "Public HTTP port to access Gitea's webui." + label: "HTTP Port" + required: true + default: "3000" + type: "int" + - variable: ssh_port + description: "Public ssh port to clone repositories via ssh." + label: "SSH Port" + required: true + default: "2222" + type: "int" + - variable: "volume_driver" + description: "Volume driver to associate with this service." + label: "Volume Driver" + required: true + default: "local" + type: enum + options: # List of options if using type of `enum` + - local + - rancher-nfs + - rancher-efs + - rancher-ebs + - variable: "db_link" + description: "External DB service to use with gitea instead of its own DB-Container." + label: "External DB service" + default: "" + required: false + type: "service" + - variable: mysql_password + description: "MySQL root password to use for Gitea." + label: "MySQL Password" + required: true + default: "default_pass" + type: "password" +services: + gitea: + scale: 1 + retain_ip: true + health_check: + response_timeout: 2000 + healthy_threshold: 2 + port: 3000 + unhealthy_threshold: 3 + initializing_timeout: 300000 + interval: 2000 + strategy: recreate + request_line: GET "/" "HTTP/1.0" + reinitializing_timeout: 120000 + lb: + scale: 1 + start_on_create: true + lb_config: + certs: [] + port_rules: + - priority: 1 + protocol: http + service: gitea + source_port: ${http_port} + target_port: 3000 + - priority: 2 + protocol: tcp + service: gitea + source_port: ${ssh_port} + target_port: 22 + health_check: + response_timeout: 2000 + healthy_threshold: 2 + port: 42 + unhealthy_threshold: 3 + initializing_timeout: 60000 + interval: 2000 + reinitializing_timeout: 60000 diff --git a/templates/gitea/catalogIcon-gitea.svg b/templates/gitea/catalogIcon-gitea.svg new file mode 100644 index 0000000..ac1594a --- /dev/null +++ b/templates/gitea/catalogIcon-gitea.svg @@ -0,0 +1,160 @@ + + + + + + + + + + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + + + + + + diff --git a/templates/gitea/config.yml b/templates/gitea/config.yml new file mode 100644 index 0000000..fecfd1a --- /dev/null +++ b/templates/gitea/config.yml @@ -0,0 +1,5 @@ +name: Gitea +description: | + A painless self-hosted Git service +version: v1.3 +category: Git diff --git a/templates/gitlab/4/README.md b/templates/gitlab/4/README.md new file mode 100644 index 0000000..ca11a7c --- /dev/null +++ b/templates/gitlab/4/README.md @@ -0,0 +1,9 @@ +# GitLab CE + +GitLab CE is a free alternative to GitHub + +Stack based on official GitLab version: latest + +https://hub.docker.com/r/gitlab/gitlab-ce/ + + diff --git a/templates/gitlab/4/docker-compose.yml b/templates/gitlab/4/docker-compose.yml new file mode 100644 index 0000000..e353ed1 --- /dev/null +++ b/templates/gitlab/4/docker-compose.yml @@ -0,0 +1,27 @@ +version: '2' +volumes: + gitlab-app-data: + driver: ${volumedriver} + gitlab-log-data: + driver: ${volumedriver} + gitlab-conf-files: + driver: ${volumedriver} + +services: + gitlab-server: + ports: + - ${ssh_port}:22/tcp + - ${http_port}:80/tcp + - ${https_port}:443/tcp + labels: + io.rancher.container.hostname_override: container_name + image: gitlab/gitlab-ce:9.5.10-ce.0 + volumes: + - gitlab-app-data:/var/opt/gitlab + - gitlab-log-data:/var/log/gitlab + - gitlab-conf-files:/etc/gitlab + environment: + GITLAB_OMNIBUS_CONFIG: | + external_url '${gitlab_omnipus_prefix}${gitlab_hostname}' + registry_external_url '${gitlab_omnipus_prefix}${registry_gitlab_hostname}' + gitlab_rails['gitlab_shell_ssh_port'] = ${ssh_port} diff --git a/templates/gitlab/4/rancher-compose.yml b/templates/gitlab/4/rancher-compose.yml new file mode 100644 index 0000000..9020f13 --- /dev/null +++ b/templates/gitlab/4/rancher-compose.yml @@ -0,0 +1,69 @@ +.catalog: + name: Gitlab Community + version: 9.5.10-ce.0 + description: | + Gitlab CE is a free GitHub alternative + minimum_rancher_version: v0.56.0 + maintainer: "Alexis Ducastel " + uuid: gitlab-0 + questions: + - variable: "gitlab_hostname" + description: "Gitlab hostname (without uri scheme http:// or https://)" + label: "Hostname:" + required: true + default: "git.example.com" + type: "string" + - variable: "registry_gitlab_hostname" + description: "Registry Gitlab hostname (without uri scheme http:// or https://)" + label: "Registry hostname:" + required: true + default: "registry.example.com" + type: "string" + - variable: "gitlab_omnipus_prefix" + label: "Gitlab external_url prefix:" + description: | + This is needed for the docker-compose file to set the correct external_url + default: 'http://' + required: true + type: "enum" + options: + - 'http://' + - 'https://' + - variable: "http_port" + description: "HTTP port to expose on host. Will be used to bind TCP" + label: "HTTP port:" + required: true + default: 80 + type: "int" + - variable: "https_port" + description: "HTTPS port to expose on host. Will be used to bind TCP" + label: "HTTPS port:" + required: true + default: 443 + type: "int" + - variable: "ssh_port" + description: "SSH port to expose on host. Will be used to bind TCP" + label: "SSH port:" + required: true + default: 22 + type: "int" + - variable: "volumedriver" + description: "Choose the Volume Driver being used.(Option: local or rancher-nfs)" + label: "Volume Driver:" + required: true + default: local + type: "enum" + options: + - local + - rancher-nfs + +gitlab-server: + scale: 1 + retain_ip: true + health_check: + port: 80 + interval: 30000 + unhealthy_threshold: 3 + strategy: recreate + response_timeout: 3000 + healthy_threshold: 2 diff --git a/templates/gitlab/config.yml b/templates/gitlab/config.yml index b39ac46..76f2c3c 100644 --- a/templates/gitlab/config.yml +++ b/templates/gitlab/config.yml @@ -1,5 +1,5 @@ name: Gitlab Community description: | Gitlab CE is a free GitHub alternative -version: 9.5.1-ce.0 +version: 9.5.10-ce.0 category: Versioning diff --git a/templates/gogs/1/docker-compose.yml.tpl b/templates/gogs/1/docker-compose.yml.tpl new file mode 100644 index 0000000..20fe4e5 --- /dev/null +++ b/templates/gogs/1/docker-compose.yml.tpl @@ -0,0 +1,35 @@ +version: '2' +services: + gogs: + image: gogs/gogs:0.11.34 + volumes: + - gogs-data:/data +{{- if ne .Values.db_link ""}} + external_links: + - ${db_link}:db +{{- else}} + links: + - db:db + db: + image: mysql:8.0 + environment: + MYSQL_ROOT_PASSWORD: ${mysql_password} + MYSQL_USER: ${mysql_user} + MYSQL_PASSWORD: ${mysql_password} + MYSQL_DATABASE: ${mysql_db} + volumes: + - gogs-db:/var/lib/mysql +{{- end}} + lb: + image: rancher/lb-service-haproxy:v0.7.9 + ports: + - ${http_port}:${http_port}/tcp + - ${ssh_port}:${ssh_port}/tcp +volumes: + gogs-data: + driver: ${volume_driver} +{{- if eq .Values.db_link ""}} + gogs-db: + driver: ${volume_driver} +{{- end}} + diff --git a/templates/gogs/1/rancher-compose.yml b/templates/gogs/1/rancher-compose.yml new file mode 100644 index 0000000..982db81 --- /dev/null +++ b/templates/gogs/1/rancher-compose.yml @@ -0,0 +1,94 @@ +version: '2' +catalog: + name: "Gogs" + version: "v0.11.34" + description: "A painless self-hosted Git service" + uuid: gogs-0 + minimum_rancher_version: v0.51.0 + questions: + - variable: http_port + description: "http port to access gogs webui" + label: "Http Port" + required: true + default: "8080" + type: "int" + - variable: ssh_port + description: "ssh port to access gogs cli" + label: "SSH Port" + required: true + default: "2222" + type: "int" + - variable: "volume_driver" + description: "Volume driver to associate with this service" + label: "Volume Driver" + required: true + default: "local" + type: enum + options: # List of options if using type of `enum` + - local + - rancher-nfs + - rancher-efs + - rancher-ebs + - variable: "db_link" + description: | + DB external service link cluster. + label: "External db service" + default: "" + required: false + type: "service" + - variable: mysql_db + description: "mysql db" + label: "Mysql db" + required: true + default: "gogs" + type: "string" + - variable: mysql_user + description: "mysql user" + label: "Mysql User" + required: true + default: "gogs" + type: "string" + - variable: mysql_password + description: "mysql root password" + label: "Mysql Password" + required: true + default: "default_pass" + type: "password" +services: + gogs: + scale: 1 + retain_ip: true + health_check: + response_timeout: 2000 + healthy_threshold: 2 + port: 3000 + unhealthy_threshold: 3 + initializing_timeout: 300000 + interval: 2000 + strategy: recreate + request_line: GET "/" "HTTP/1.0" + reinitializing_timeout: 120000 + lb: + scale: 1 + start_on_create: true + lb_config: + certs: [] + port_rules: + - priority: 1 + protocol: http + service: gogs + source_port: ${http_port} + target_port: 3000 + - priority: 2 + protocol: tcp + service: gogs + source_port: ${ssh_port} + target_port: 22 + health_check: + response_timeout: 2000 + healthy_threshold: 2 + port: 42 + unhealthy_threshold: 3 + initializing_timeout: 60000 + interval: 2000 + reinitializing_timeout: 60000 diff --git a/templates/gogs/config.yml b/templates/gogs/config.yml index c675211..92331bf 100644 --- a/templates/gogs/config.yml +++ b/templates/gogs/config.yml @@ -1,5 +1,5 @@ name: Gogs description: | A painless self-hosted Git service -version: v0.11.19 +version: v0.11.34 category: Git diff --git a/templates/jenkins-ci/4/docker-compose.yml b/templates/jenkins-ci/4/docker-compose.yml new file mode 100644 index 0000000..4de40bf --- /dev/null +++ b/templates/jenkins-ci/4/docker-compose.yml @@ -0,0 +1,20 @@ +jenkins-primary: + image: "jenkins/jenkins:2.92" + ports: + - "${PORT}:8080" + labels: + io.rancher.sidekicks: jenkins-plugins,jenkins-datavolume + io.rancher.container.hostname_override: container_name + volumes_from: + - jenkins-plugins + - jenkins-datavolume + entrypoint: /usr/share/jenkins/rancher/jenkins.sh +jenkins-plugins: + image: rancher/jenkins-plugins:v0.1.1 +jenkins-datavolume: + image: "busybox" + volumes: + - ${volume_work}:/var/jenkins_home + labels: + io.rancher.container.start_once: true + entrypoint: ["chown", "-R", "1000:1000", "/var/jenkins_home"] diff --git a/templates/jenkins-ci/4/rancher-compose.yml b/templates/jenkins-ci/4/rancher-compose.yml new file mode 100644 index 0000000..30b7d34 --- /dev/null +++ b/templates/jenkins-ci/4/rancher-compose.yml @@ -0,0 +1,42 @@ +.catalog: + name: Jenkins + version: 2.92-rancher1 + description: | + Jenkins CI management server. + questions: + - variable: "PORT" + type: "int" + label: "Port Number" + description: "Which port should Jenkins listen on?" + default: 8080 + required: true + - variable: "volume_work" + description: "Work volume to save jenkins data" + label: "Work volume:" + required: true + default: "/var/lib/docker/jenkins-ci" + type: "string" + - variable: "plugins" + type: "multiline" + label: "List of Plugins" + description: | + List of plugins in the format [:] + one entry per line. + default: | + credentials + git + git-client + github + github-api + github-oauth + greenballs + junit + plain-credentials + scm-api + ssh-credentials + ssh-slaves + swarm +jenkins-primary: + metadata: + plugins: | + ${plugins} diff --git a/templates/jenkins-ci/config.yml b/templates/jenkins-ci/config.yml index 42c8ad3..d797b5a 100644 --- a/templates/jenkins-ci/config.yml +++ b/templates/jenkins-ci/config.yml @@ -1,5 +1,5 @@ name: Jenkins description: | Jenkins CI server (LTS) -version: 2.60.1-rancher1 +version: 2.92-rancher1 category: Continuous Integration diff --git a/templates/kafka/4/README.md b/templates/kafka/4/README.md new file mode 100644 index 0000000..37ccd1b --- /dev/null +++ b/templates/kafka/4/README.md @@ -0,0 +1,32 @@ +# Apache Kafka + +### Info: + + This template creates, scale in and scale out a multinodes kafka broker cluster on top of Rancher. The configuration is generated with confd from Rancher metadata. + Cluster size are variable after deployment, and get reconfigured after refresh interval. + + +### Usage: + + Select Apache Kafka from catalog. + + Enter the number of nodes, mem and refresh interval for the kafka cluster. + + Change the following kafka default parameters, if you need: + +- kafka_scale=3 # kafka scale to deploy. +- kafka_mem=512 # kafka broker memory. +- kafka_log_dir="/opt/kafka/logs" # Kafka log dir. +- kafka_log_retention="168" # kafka log retention. +- kafka_num_partitions="1" # Kafka partitions number +- kafka_delete_topics="false" # kafka delete topics +- kafka_auto_create_topics="true" # kafka auto create topics +- kafka_replication_factor=1 # Kafka replication factor +- kafka_pub_ip= < true | false > # Advertise public ip to zookeeper. +- zk_link="kafka-zk/zk" # zookeeper stack/service to connect to. + + Click deploy. + + Kafka can now be accessed over the Rancher network. + + Note: When you scale the cluster, zero downtime is not guaranteed..yet.. diff --git a/templates/kafka/4/docker-compose.yml b/templates/kafka/4/docker-compose.yml new file mode 100644 index 0000000..e87f469 --- /dev/null +++ b/templates/kafka/4/docker-compose.yml @@ -0,0 +1,46 @@ +broker: + tty: true + image: rawmind/alpine-kafka:1.0.0-2 + volumes_from: + - broker-volume + - broker-conf + environment: + - JVMFLAGS=-Xmx${kafka_mem}m -Xms${kafka_mem}m + - CONFD_INTERVAL=${kafka_interval} + - ZK_SERVICE=${zk_link} + - KAFKA_DELETE_TOPICS=${kafka_delete_topics} + - KAFKA_LOG_DIRS=${kafka_log_dir} + - KAFKA_LOG_RETENTION_HOURS=${kafka_log_retention} + - KAFKA_NUM_PARTITIONS=${kafka_num_partitions} + - ADVERTISE_PUB_IP=${kafka_pub_ip} + - KAFKA_AUTO_CREATE_TOPICS=${kafka_auto_create_topics} + - KAFKA_REPLICATION_FACTOR=${kafka_replication_factor} + external_links: + - ${zk_link}:zk + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: broker-volume, broker-conf +broker-conf: + net: none + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + io.rancher.container.start_once: true + image: rawmind/rancher-kafka:0.11.0.0-1 + volumes: + - /opt/tools +broker-volume: + net: none + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + io.rancher.container.start_once: true + environment: + - SERVICE_UID=10003 + - SERVICE_GID=10003 + - SERVICE_VOLUME=${kafka_log_dir} + volumes: + - ${kafka_log_dir} + volume_driver: local + image: rawmind/alpine-volume:0.0.2-1 diff --git a/templates/kafka/4/rancher-compose.yml b/templates/kafka/4/rancher-compose.yml new file mode 100644 index 0000000..badb166 --- /dev/null +++ b/templates/kafka/4/rancher-compose.yml @@ -0,0 +1,96 @@ +.catalog: + name: Kafka + version: 1.0.0-rancher1 + description: | + (Experimental) Apache Kafka cluster. + minimum_rancher_version: v0.59.0 + maintainer: "Raul Sanchez " + uuid: kafka-0 + questions: + - variable: "kafka_scale" + description: "Number of brokers nodes. Note: Recommended an odd number" + label: "Broker Nodes:" + required: true + default: 3 + type: "int" + - variable: "kafka_mem" + description: "Amount of memory to config brokers." + label: "Broker Memory (mb):" + required: true + default: 1024 + type: "string" + - variable: "kafka_log_dir" + description: "Broker volume to log data" + label: "Broker log volume:" + required: true + default: "/opt/kafka/logs" + type: "string" + - variable: "kafka_log_retention" + description: "Broker log retention in hours" + label: "Broker log retention (h):" + required: true + default: "168" + type: "int" + - variable: "kafka_num_partitions" + description: "Number of broker partitions" + label: "Broker partitions:" + required: true + default: "1" + type: "int" + - variable: "kafka_delete_topics" + label: "Delete topics:" + description: | + Enable delete topics in kafka. + default: false + required: true + type: enum + options: + - false + - true + - variable: "kafka_auto_create_topics" + label: "Auto create topics:" + description: | + Enable auto create topics in kafka. + default: true + required: true + type: enum + options: + - false + - true + - variable: "kafka_replication_factor" + description: "Topics replication factor" + label: "Replication factor:" + required: true + default: 1 + type: "int" + - variable: "kafka_interval" + description: "Interval to poll/apply configuration changes. 0 to disable" + label: "Broker Interval (s):" + required: true + default: 60 + type: "int" + - variable: "kafka_pub_ip" + description: "Advertise local and host public ip" + label: "Broker public ip:" + required: false + default: false + type: "boolean" + - variable: "zk_link" + description: | + Choose the Zookeeper service to use. + It's really recommended a dedicated zookeeper service just for Kafka. + label: "Zookeeper stack/service" + default: "kafka-zk/zk" + required: true + type: "service" +broker: + scale: ${kafka_scale} + retain_ip: true + health_check: + port: 9092 + interval: 5000 + unhealthy_threshold: 3 + request_line: '' + healthy_threshold: 2 + response_timeout: 5000 + diff --git a/templates/kafka/config.yml b/templates/kafka/config.yml index af07587..c713076 100644 --- a/templates/kafka/config.yml +++ b/templates/kafka/config.yml @@ -1,7 +1,7 @@ name: Apache Kafka description: | - (Experimental) Kafka cluster -version: 0.11.0.0-rancher1 + Kafka cluster +version: 1.0.0-rancher1 category: Clustering maintainer: "Raul Sanchez " minimum_rancher_version: v0.59.0 diff --git a/templates/netdata/1/docker-compose.yml b/templates/netdata/1/docker-compose.yml new file mode 100644 index 0000000..10c2bc1 --- /dev/null +++ b/templates/netdata/1/docker-compose.yml @@ -0,0 +1,13 @@ +netdata: + image: titpetric/netdata:latest + labels: + io.rancher.scheduler.global: 'true' + uts: host + cap_add: + - SYS_PTRACE + volumes: + - /proc:/host/proc:ro + - /sys:/host/sys:ro + - /var/run/docker.sock:/var/run/docker.sock:ro + environment: + NETDATA_PORT: "${NETDATA_PORT}" diff --git a/templates/netdata/1/rancher-compose.yml b/templates/netdata/1/rancher-compose.yml new file mode 100644 index 0000000..776d5ea --- /dev/null +++ b/templates/netdata/1/rancher-compose.yml @@ -0,0 +1,13 @@ +.catalog: + name: netdata + version: v1.8.0 + description: Real-time performance monitoring, done right! + questions: + - variable: NETDATA_PORT + label: Port + description: Container port to access netdata + required: true + type: int + default: 19999 +netdata: + scale: 1 diff --git a/templates/neuvector/0/docker-compose.yml b/templates/neuvector/0/docker-compose.yml index bee18e6..0f853cc 100644 --- a/templates/neuvector/0/docker-compose.yml +++ b/templates/neuvector/0/docker-compose.yml @@ -1,5 +1,5 @@ allinone: - image: neuvector/allinone:rancher1.2 + image: neuvector/allinone:rancher1.3 container_name: neuvector.allinone restart: always privileged: true @@ -18,7 +18,7 @@ allinone: io.rancher.scheduler.affinity:host_label: ${NV_ALLINONE_LABEL} io.rancher.container.hostname_override: container_name enforcer: - image: neuvector/enforcer:rancher1.2 + image: neuvector/enforcer:rancher1.3 container_name: neuvector.enforcer restart: always privileged: true diff --git a/templates/neuvector/0/rancher-compose.yml b/templates/neuvector/0/rancher-compose.yml index 336660d..2f3aad9 100644 --- a/templates/neuvector/0/rancher-compose.yml +++ b/templates/neuvector/0/rancher-compose.yml @@ -1,7 +1,7 @@ .catalog: name: "NeuVector" - version: "rancher1.2" - description: "Container Security Solution" + version: "rancher1.3" + description: "Cloud Native Container Firewall" questions: - variable: "NV_ALLINONE_LABEL" label: "Allinone Host label" diff --git a/templates/neuvector/config.yml b/templates/neuvector/config.yml index a3bcc64..7b22dd3 100644 --- a/templates/neuvector/config.yml +++ b/templates/neuvector/config.yml @@ -1,6 +1,6 @@ name: NeuVector description: | Container Security Solution -version: rancher1.2 +version: rancher1.3 category: Security maintainer: neuvector support diff --git a/templates/openfaas/0/README.md b/templates/openfaas/0/README.md new file mode 100644 index 0000000..de94650 --- /dev/null +++ b/templates/openfaas/0/README.md @@ -0,0 +1,3 @@ +This is a catalog that spins up an OpenFaaS(https://github.com/alexellis/faas) stack with Rancher as the backend. The `faas-rancher` container is the proxy that connects OpenFaas and Rancher. + +`faas-rancher` is in an extremely early stage and is meant only to be used in development. \ No newline at end of file diff --git a/templates/openfaas/0/docker-compose.yml b/templates/openfaas/0/docker-compose.yml new file mode 100644 index 0000000..4c891e2 --- /dev/null +++ b/templates/openfaas/0/docker-compose.yml @@ -0,0 +1,56 @@ +version: '2' +services: + lb: + image: rancher/lb-service-haproxy:v0.7.9 + ports: + - 8080:8080/tcp + - 9090:9090/tcp + - 9093:9093/tcp + labels: + io.rancher.container.agent.role: environmentAdmin + io.rancher.container.create_agent: 'true' + prometheus: + image: kenfdev/prometheus:latest-cattle + environment: + no_proxy: gateway + stdin_open: true + tty: true + command: + - -config.file=/etc/prometheus/prometheus.yml + - -storage.local.path=/prometheus + - -storage.local.memory-chunks=10000 + - --alertmanager.url=http://alertmanager:9093 + labels: + io.rancher.container.pull_image: always + faas-rancher: + image: kenfdev/faas-rancher + environment: + FUNCTION_STACK_NAME: ${FUNCTION_STACK_NAME} + CATTLE_URL: ${CATTLE_URL} + CATTLE_ACCESS_KEY: ${CATTLE_ACCESS_KEY} + CATTLE_SECRET_KEY: ${CATTLE_SECRET_KEY} + stdin_open: true + tty: true + labels: + io.rancher.container.pull_image: always + gateway: + image: functions/gateway:0.6.2 + environment: + dnsrr: 'true' + functions_provider_url: http://faas-rancher:8080/ + stdin_open: true + volumes: + - /var/run/docker.sock:/var/run/docker.sock + tty: true + labels: + io.rancher.container.pull_image: always + alertmanager: + image: functions/alertmanager:latest + environment: + no_proxy: gateway + stdin_open: true + tty: true + command: + - -config.file=/alertmanager.yml + labels: + io.rancher.container.pull_image: always diff --git a/templates/openfaas/0/rancher-compose.yml b/templates/openfaas/0/rancher-compose.yml new file mode 100644 index 0000000..444c4c3 --- /dev/null +++ b/templates/openfaas/0/rancher-compose.yml @@ -0,0 +1,72 @@ +.catalog: + name: "OpenFaaS" + version: "v0.0.2" + description: "Enable Rancher as a backend for Functions as a Service (OpenFaaS)" + uuid: "openfaas-0" + minimum_rancher_version: v1.5.0 + questions: + - variable: "CATTLE_URL" + description: "The v2-beta Rancher Server Endpoint. e.g. https://try.rancher.com/v2-beta" + label: "Rancher Server Endpoint URL" + required: true + type: "string" + - variable: "CATTLE_ACCESS_KEY" + description: "The Rancher API Access Key" + label: "API Access Key" + required: true + type: "string" + - variable: "CATTLE_SECRET_KEY" + description: "The Rancher API Secret Key" + label: "API Secret Key" + required: true + type: "string" + - variable: "FUNCTION_STACK_NAME" + description: "The stack name faas functions will be deployed to. It will automatically be created." + default: "faas-functions" + label: "Functions Stack Name" + required: true + type: "string" + +version: '2' +services: + lb: + scale: 1 + start_on_create: true + lb_config: + certs: [] + port_rules: + - priority: 1 + protocol: http + service: gateway + source_port: 8080 + target_port: 8080 + - priority: 2 + protocol: http + service: prometheus + source_port: 9090 + target_port: 9090 + - priority: 3 + protocol: http + service: alertmanager + source_port: 9093 + target_port: 9093 + health_check: + healthy_threshold: 2 + response_timeout: 2000 + port: 42 + unhealthy_threshold: 3 + initializing_timeout: 60000 + interval: 2000 + reinitializing_timeout: 60000 + prometheus: + scale: 1 + start_on_create: true + faas-rancher: + scale: 1 + start_on_create: true + gateway: + scale: 1 + start_on_create: true + alertmanager: + scale: 1 + start_on_create: true diff --git a/templates/openfaas/catalogIcon-openfaas.png b/templates/openfaas/catalogIcon-openfaas.png new file mode 100644 index 0000000..91467b6 Binary files /dev/null and b/templates/openfaas/catalogIcon-openfaas.png differ diff --git a/templates/openfaas/config.yml b/templates/openfaas/config.yml new file mode 100644 index 0000000..7a2609f --- /dev/null +++ b/templates/openfaas/config.yml @@ -0,0 +1,7 @@ +name: OpenFaaS +description: | + Functions as a Service - a serverless framework for Docker +version: v0.0.2 +category: Platform +license: MIT +projectURL: https://github.com/alexellis/faas \ No newline at end of file diff --git a/templates/portworx/0/docker-compose.yml b/templates/portworx/0/docker-compose.yml index c5143e6..b2a753d 100644 --- a/templates/portworx/0/docker-compose.yml +++ b/templates/portworx/0/docker-compose.yml @@ -1,5 +1,6 @@ portworx: labels: + io.rancher.container.dns: 'true' io.rancher.container.create_agent: 'true' io.rancher.scheduler.global: 'true' io.rancher.container.pull_image: 'always' diff --git a/templates/sonarqube/2/README.md b/templates/sonarqube/2/README.md new file mode 100644 index 0000000..b95a44c --- /dev/null +++ b/templates/sonarqube/2/README.md @@ -0,0 +1,19 @@ +## What is inside SonarQube Stack? +* [SonarQube Server](http://www.sonarqube.org/) + Sidekick for storing plugins +* Postgres Database + Sidekick for storing data + +## Info +* In default SonarQube package will install alpine docker version and will create "sonar" postgres database, user and password. +* SonarQube service is exposed by a loadbalancer. +* Optional, you could install non alpine version. Use it if your software needs glibc. +* Optional, you could use an external postgres database link. +* Once SonarQube will start, make sure you setup correct information in setup page. +* For easy upgrades there are sidekicks for postgres data with dedicated storage. + +## Installing Plugins Manually +* Go to [Plugin Library](http://docs.sonarqube.org/display/PLUG/Plugin+Library) and find your favourite plugins +* Execute `docker exec -it [sonarqube-data bash]`, go to /opt/sonarqube/extensions/plugins and put your plugins here +* Restart SonarQube container. + +## First Start +* Use admin/admin to login to the SonarQube interface. \ No newline at end of file diff --git a/templates/sonarqube/2/docker-compose.yml.tpl b/templates/sonarqube/2/docker-compose.yml.tpl new file mode 100644 index 0000000..8fcb41b --- /dev/null +++ b/templates/sonarqube/2/docker-compose.yml.tpl @@ -0,0 +1,67 @@ +version: '2' +services: + sonarqube-lb: + image: rancher/lb-service-haproxy:v0.7.6 + ports: + - ${http_port}:${http_port} + sonarqube-storage: + network_mode: none + labels: + io.rancher.container.hostname_override: container_name + io.rancher.container.start_once: true + environment: + - SERVICE_UID=0 + - SERVICE_GID=0 + - SERVICE_VOLUME=/opt/sonarqube/extensions/plugins + volumes: + - sonarqube-plugin:/opt/sonarqube/extensions/plugins + image: rawmind/alpine-volume:0.0.2-1 + sonarqube: + labels: + io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: sonarqube-storage + image: sonarqube:${docker_version} + environment: + SONARQUBE_WEB_JVM_OPTS: ${jvm_opts} + SONARQUBE_JDBC_USERNAME: ${postgres_user} + SONARQUBE_JDBC_PASSWORD: ${postgres_password} + SONARQUBE_JDBC_URL: jdbc:postgresql://db:${postgres_port}/${postgres_db} + volumes_from: + - sonarqube-storage +{{- if ne .Values.postgres_link ""}} + external_links: + - ${postgres_link}:db +{{- else}} + links: + - db:db + db: + labels: + io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: db-storage + image: postgres:9.6.3-alpine + environment: + POSTGRES_USER: ${postgres_user} + POSTGRES_PASSWORD: ${postgres_password} + POSTGRES_DB: ${postgres_db} + volumes_from: + - db-storage + db-storage: + network_mode: none + labels: + io.rancher.container.hostname_override: container_name + io.rancher.container.start_once: true + environment: + - SERVICE_UID=0 + - SERVICE_GID=0 + - SERVICE_VOLUME=/var/lib/postgresql + volumes: + - db-data:/var/lib/postgresql + image: rawmind/alpine-volume:0.0.2-1 +{{- end}} +volumes: + sonarqube-plugin: + driver: local +{{- if eq .Values.postgres_link ""}} + db-data: + driver: local +{{- end}} diff --git a/templates/sonarqube/2/rancher-compose.yml b/templates/sonarqube/2/rancher-compose.yml new file mode 100644 index 0000000..4d4454c --- /dev/null +++ b/templates/sonarqube/2/rancher-compose.yml @@ -0,0 +1,84 @@ +version: '2' +catalog: + name: "SonarQube" + version: "v6.7" + description: "SonarQube" + uuid: sonarqube-0 + minimum_rancher_version: v0.51.0 + questions: + - variable: docker_version + description: "SonarQube docker version" + label: "SonarQube docker version" + required: true + default: "6.7-alpine" + type: "enum" + options: + - 6.7-alpine + - 6.7 + - variable: http_port + description: "SonarQube http port" + label: "SonarQube http Port" + required: true + default: "9000" + type: "int" + - variable: jvm_opts + description: "SonarQube web jvm options" + label: "SonarQube web jvm options" + required: false + default: "" + type: "string" + - variable: postgres_port + description: "Postgres Port" + label: "Postgres Port" + required: true + default: "5432" + type: "int" + - variable: postgres_db + description: "Postgres Database Name" + label: "Postgres Database" + required: true + default: "sonar" + type: "string" + - variable: postgres_user + description: "Postgres User" + label: "Postgres User" + required: true + default: "sonar" + type: "string" + - variable: postgres_password + description: "Postgres Password" + label: "Postgres Password" + required: true + default: "sonar" + type: "password" + - variable: "postgres_link" + description: | + Optional external postgres service to use. + label: "Postgres stack/service" + default: "" + required: false + type: "service" +services: + sonarqube-lb: + scale: 1 + lb_config: + port_rules: + - protocol: http + service: sonarqube + source_port: ${http_port} + target_port: 9000 + health_check: + response_timeout: 2000 + healthy_threshold: 2 + port: 42 + unhealthy_threshold: 3 + sonarqube: + scale: 1 + retain_ip: true + health_check: + port: 9000 + interval: 5000 + unhealthy_threshold: 3 + request_line: 'GET / HTTP/1.0' + healthy_threshold: 2 + response_timeout: 5000 diff --git a/templates/sonarqube/config.yml b/templates/sonarqube/config.yml index 13373da..c6bcb39 100644 --- a/templates/sonarqube/config.yml +++ b/templates/sonarqube/config.yml @@ -1,5 +1,5 @@ name: SonarQube description: | SonarQube - an open source quality management platform. -version: v6.5 +version: v6.7 category: Test Automation diff --git a/templates/traefik/11/README.md b/templates/traefik/11/README.md new file mode 100644 index 0000000..a3826ab --- /dev/null +++ b/templates/traefik/11/README.md @@ -0,0 +1,80 @@ +# Traefik active load balancer + +### Info: + + This template deploys traefik active load balancers on top of Rancher. The configuration is generated and updated with confd from Rancher metadata. + It would be deployed in hosts with label traefik_lb=true. + +### Config: + +- rancher_integration = "metadata" # Rancher integration method. +- host_label = "traefik_lb=true" # Host label where to run traefik service. +- http_port = 8080 # Port exposed to get access to the published services. +- https_port = 8443 # Port exposed to get secured access to the published services. +- admin_port = 8000 # Port exposed to get admin access to the traefik service. +- https_enable = + - false: Enable http enpoints and disable https ones. + - true: Enable http and https endpoints. + - only: Enable https endpoints and redirect http to https. +- acme_enable = false # Enable/Disable acme traefik support. +- acme_email = "test@traefik.io" # acme user email +- acme_ondemand = true # acme ondemand parameter. +- acme_onhostrule = true # acme onHostRule parameter. +- acme_caserver = "https://acme-v01.api.letsencrypt.org/directory" # acme caServer parameter. +- acme_vol_name = "traefik_acme_vol" # Volume name to user by acme sidekick +- acme_vol_driver = "local" # Volume driver to user by acme sidekick +- ssl_key # Paste your ssl key. *Required if you enable https +- ssl_crt # Paste your ssl crt. *Required if you enable https +- insecure_skip = false # Enable InsecureSkipVerify param. +- compress_enable = true # Enable traefik compression +- refresh_interval = 10s # Interval to refresh traefik rules.toml from rancher-metadata. +- admin_readonly = false # Set REST API to read-only mode. +- admin_statistics = 10 # Enable more detailed statistics, extend recent errors number. +- admin_auth_method = "basic" # Selec auth method, basic or digest. +- admin_users = "" # Paste basic or digest users created with htdigest, one user per line. +- prometheus_enable = false # Enable prometheus statistics +- prometheus_buckets = "[0.1,0.3,1.2,5.0]" # Prometheus buckets +- cattle_url = "" # Cattle url if you choose api integration +- cattle_access_key = "" # Cattle access key if you choose api integration +- cattle_secret_key = "" # Cattle secret key if you choose api integration +### Service configuration labels: + +Traefik labels has to be added to your services, in order to get included in traefik config. + +## Metadata or api + +Please use traefik defined labels if you choose metadata or api rancher integration. + +[Traefik rancher backend labels][traefik rancher backend] + +Metadata is the prefered and recommended rancher integration. + +Api integration needs you create an environment API key in your rancher environment. Also, it needs you provide CATTLE_URL, CATTLE_ACCESS_KEY and CATTLE_SECRET_KEY. + +## External + +Use this labels if you choose extenal rancher integration. + +- traefik.enable = + - true: the service will be published as *service_name.stack_name.traefik_domain* + - stack: the service will be published as *stack_name.traefik_domain*. WARNING: You could have collisions inside services within your stack + - false: the service will not be published +- traefik.alias = < alias > # Alternate names to route rule. Multiple values separated by ",". WARNING: You could have collisions BE CAREFULL +- traefik.domain = < domain > # Domain names to route rule. Multiple values separated by "," +- traefik.path = < path > # Path to route rule. Multiple paths separated by "," +- traefik.port = < port > # Port to expose throught traefik +- traefik.acme = < true | false > # Enable/disable ACME traefik feature + +### Usage: + + Select Traefik from catalog. + + Set the params. + + Click deploy. + + Access your traefik admin service at $admin_port to see your published services. + +Note: To access the services, you need to create A or CNAMES dns entries for every one. + +[traefik rancher backend]: https://docs.traefik.io/configuration/backends/rancher/#labels-overriding-default-behaviour diff --git a/templates/traefik/11/docker-compose.yml.tpl b/templates/traefik/11/docker-compose.yml.tpl new file mode 100644 index 0000000..891a96d --- /dev/null +++ b/templates/traefik/11/docker-compose.yml.tpl @@ -0,0 +1,107 @@ +version: '2' +services: + traefik: + ports: + - ${admin_port}:8000/tcp + - ${http_port}:${http_port}/tcp + - ${https_port}:${https_port}/tcp + labels: + io.rancher.scheduler.global: 'true' + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + {{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} + io.rancher.sidekicks: + {{- if eq .Values.rancher_integration "external"}} traefik-conf + {{- if eq .Values.acme_enable "true" -}},{{- end -}} + {{- end -}} + {{- if eq .Values.acme_enable "true" -}} + {{- if ne .Values.rancher_integration "external"}} traefik-acme + {{- else -}}traefik-acme + {{- end -}} + {{- end -}} + {{- end}} + io.rancher.container.hostname_override: container_name + image: rawmind/alpine-traefik:1.4.0-3 + environment: + - TRAEFIK_HTTP_PORT=${http_port} + - TRAEFIK_HTTP_COMPRESSION=${compress_enable} + - TRAEFIK_HTTPS_PORT=${https_port} + - TRAEFIK_HTTPS_ENABLE=${https_enable} + - TRAEFIK_HTTPS_COMPRESSION=${compress_enable} + - TRAEFIK_INSECURE_SKIP=${insecure_skip} + - TRAEFIK_ADMIN_ENABLE=true + - TRAEFIK_ADMIN_READ_ONLY=${admin_readonly} + - TRAEFIK_ADMIN_STATISTICS=${admin_statistics} + - TRAEFIK_ADMIN_AUTH_METHOD=${admin_auth_method} + - TRAEFIK_ADMIN_AUTH_USERS=${admin_users} + {{- if eq .Values.rancher_integration "external"}} + - CONF_INTERVAL=${refresh_interval} + {{- end}} + {{- if eq .Values.acme_enable "true"}} + - TRAEFIK_ACME_ENABLE=${acme_enable} + - TRAEFIK_ACME_EMAIL=${acme_email} + - TRAEFIK_ACME_ONDEMAND=${acme_ondemand} + - TRAEFIK_ACME_ONHOSTRULE=${acme_onhostrule} + - TRAEFIK_ACME_CASERVER="${acme_caserver}" + {{- end}} + {{- if ne .Values.rancher_integration "external"}} + - TRAEFIK_RANCHER_ENABLE=true + - TRAEFIK_RANCHER_MODE=${rancher_integration} + {{- if eq .Values.rancher_integration "api"}} + - CATTLE_URL=${cattle_url} + - CATTLE_ACCESS_KEY=${cattle_access_key} + - CATTLE_SECRET_KEY=${cattle_secret_key} + {{- end}} + {{- end}} + {{- if eq .Values.prometheus_enable "true"}} + - TRAEFIK_PROMETHEUS_ENABLE=${prometheus_enable} + - TRAEFIK_PROMETHEUS_BUCKETS=${prometheus_buckets} + {{- end}} + {{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} + volumes_from: + {{- if eq .Values.rancher_integration "external"}} + - traefik-conf + {{- end}} + {{- if eq .Values.acme_enable "true"}} + - traefik-acme + {{- end}} + {{- end}} + {{- if eq .Values.rancher_integration "external"}} + traefik-conf: + labels: + io.rancher.scheduler.global: 'true' + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.start_once: 'true' + image: rawmind/rancher-traefik:1.3.6 + network_mode: none + volumes: + - tools-volume:/opt/tools + {{- end}} + {{- if eq .Values.acme_enable "true"}} + traefik-acme: + network_mode: none + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + io.rancher.container.start_once: true + environment: + - SERVICE_UID=10001 + - SERVICE_GID=10001 + - SERVICE_VOLUME=/opt/traefik/acme + volumes: + - ${acme_vol_name}:/opt/traefik/acme + image: rawmind/alpine-volume:0.0.2-1 + {{- end}} +{{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} +volumes: + {{- if eq .Values.rancher_integration "external"}} + tools-volume: + driver: local + per_container: true + {{- end}} + {{- if eq .Values.acme_enable "true"}} + ${acme_vol_name}: + driver: ${acme_vol_driver} + {{- end}} +{{- end}} diff --git a/templates/traefik/11/rancher-compose.yml b/templates/traefik/11/rancher-compose.yml new file mode 100644 index 0000000..959bc0e --- /dev/null +++ b/templates/traefik/11/rancher-compose.yml @@ -0,0 +1,208 @@ +version: '2' +catalog: + name: traefik + version: v1.4.0-rancher1 + description: | + Traefik load balancer. + minimum_rancher_version: v0.59.0 + maintainer: "Raul Sanchez " + uuid: traefik-0 + questions: + - variable: "rancher_integration" + label: "Choose rancher integration:" + description: | + Enable rancher integration mode. Traefik built in integration, metadata or api, or external sidekick integration with confd. + default: metadata + required: true + type: enum + options: + - metadata + - api + - external + - variable: "host_label" + description: "Host label where to run traefik service." + label: "Host label:" + required: true + default: "traefik_lb=true" + type: "string" + - variable: "http_port" + description: "Traefik http public port to listen." + label: "Http port:" + required: true + default: 8080 + type: "int" + - variable: "https_port" + description: "Traefik https public port to listen." + label: "Https port:" + required: true + default: 8443 + type: "int" + - variable: "admin_port" + description: "Traefik admin public port to listen." + label: "Admin port:" + required: true + default: 8000 + type: "int" + - variable: "https_enable" + label: "Https enable:" + description: | + Enable https working mode. If you activate, you need to fill SSL key and SSL crt in order to work. + default: false + required: true + type: enum + options: + - false + - true + - only + - variable: "acme_enable" + description: "Enable acme support on traefik." + label: "ACME enable:" + required: true + default: false + type: "boolean" + - variable: "acme_email" + description: "ACME user email." + label: "ACME email:" + required: true + default: "test@traefik.io" + type: "string" + - variable: "acme_ondemand" + description: "Enable acme ondemand." + label: "ACME ondemand:" + required: true + default: true + type: "boolean" + - variable: "acme_onhostrule" + description: "Enable acme onHostRule." + label: "ACME onHostRule:" + required: true + default: true + type: "boolean" + - variable: "acme_caserver" + description: "ACME caServer to use." + label: "ACME caServer:" + required: true + default: "https://acme-v01.api.letsencrypt.org/directory" + type: "string" + - variable: "acme_vol_name" + description: "The volume name shared to store ACME certs" + label: "ACME Volume Name" + required: true + default: "traefik_acme_vol" + type: "string" + - variable: "acme_vol_driver" + description: "The volume driver shared to store ACME certs" + label: "ACME Volume Driver" + required: true + default: "local" + type: enum + options: # List of options if using type of `enum` + - local + - rancher-nfs + - rancher-efs + - rancher-ebs + - variable: "ssl_key" + description: "SSL key to secure the service. *Required if you enable https" + label: "Https key" + type: "multiline" + required: false + default: "" + - variable: "ssl_crt" + description: "SSL cert to secure the service. *Required if you enable https" + label: "Https crt" + type: "multiline" + required: false + default: "" + - variable: "insecure_skip" + description: "Enable InsecureSkipVerify param." + label: "InsecureSkipVerify:" + required: true + default: false + type: "boolean" + - variable: "compress_enable" + label: "Enable compression:" + description: | + Enable Traefik compression for entrypoints. + default: true + required: true + type: "boolean" + - variable: "refresh_interval" + description: "Interval to poll/apply configuration changes." + label: "Refresh Interval (s):" + required: true + default: 10 + type: "int" + - variable: "admin_readonly" + label: "Admin readonly:" + description: | + Set admin to readonly mode. + default: false + required: true + type: "boolean" + - variable: "admin_statistics" + description: "Enable more detailed statistics." + label: "Admin statistics history:" + required: true + default: 10 + type: "int" + - variable: "admin_auth_method" + description: "Admin auth method on the webui." + label: "Admin auth method:" + required: true + default: "basic" + type: enum + options: # List of options if using type of `enum` + - basic + - digest + - variable: "admin_users" + description: "Admin auth user list on the webui. Generate with htpassword for basic or htdigest with traefik realm for digest." + label: "Admin users:" + type: "multiline" + required: false + default: "" + - variable: "prometheus_enable" + description: "To enable statistics to be pulled by Prometheus." + label: "Prometheus enable" + default: false + required: true + type: "boolean" + - variable: "prometheus_buckets" + description: "To define your own buckets" + label: "Prometheus buckets" + default: "[0.1,0.3,1.2,5.0]" + required: true + type: "string" + - variable: "cattle_url" + description: "API cattle url" + label: "Cattle URL" + default: "" + required: false + type: "string" + - variable: "cattle_access_key" + description: "API environment access key" + label: "Cattle access key" + default: "" + required: false + type: "string" + - variable: "cattle_secret_key" + description: "API environment secret key" + label: "Cattle secret key" + default: "" + required: false + type: "string" +services: + traefik: + retain_ip: true + health_check: + healthy_threshold: 2 + response_timeout: 5000 + port: 8000 + unhealthy_threshold: 3 + interval: 5000 + strategy: recreate + metadata: + traefik: + ssl_key: | + ${ssl_key} + ssl_crt: | + ${ssl_crt} diff --git a/templates/traefik/12/README.md b/templates/traefik/12/README.md new file mode 100644 index 0000000..7534ce3 --- /dev/null +++ b/templates/traefik/12/README.md @@ -0,0 +1,81 @@ +# Traefik active load balancer + +### Info: + + This template deploys traefik active load balancers on top of Rancher. The configuration is generated and updated with confd from Rancher metadata. + It would be deployed in hosts with label traefik_lb=true. + +### Config: + +- rancher_integration = "metadata" # Rancher integration method. +- rancher_healthcheck = false # Enable/Disable traefik rancher services healthcheck filter. Only valid for api and metadata integration. +- host_label = "traefik_lb=true" # Host label where to run traefik service. +- http_port = 8080 # Port exposed to get access to the published services. +- https_port = 8443 # Port exposed to get secured access to the published services. +- admin_port = 8000 # Port exposed to get admin access to the traefik service. +- https_enable = + - false: Enable http enpoints and disable https ones. + - true: Enable http and https endpoints. + - only: Enable https endpoints and redirect http to https. +- acme_enable = false # Enable/Disable acme traefik support. +- acme_email = "test@traefik.io" # acme user email +- acme_ondemand = true # acme ondemand parameter. +- acme_onhostrule = true # acme onHostRule parameter. +- acme_caserver = "https://acme-v01.api.letsencrypt.org/directory" # acme caServer parameter. +- acme_vol_name = "traefik_acme_vol" # Volume name to user by acme sidekick +- acme_vol_driver = "local" # Volume driver to user by acme sidekick +- ssl_key # Paste your ssl key. *Required if you enable https +- ssl_crt # Paste your ssl crt. *Required if you enable https +- insecure_skip = false # Enable InsecureSkipVerify param. +- compress_enable = true # Enable traefik compression +- refresh_interval = 10s # Interval to refresh traefik rules.toml from rancher-metadata. +- admin_readonly = false # Set REST API to read-only mode. +- admin_statistics = 10 # Enable more detailed statistics, extend recent errors number. +- admin_auth_method = "basic" # Selec auth method, basic or digest. +- admin_users = "" # Paste basic or digest users created with htdigest, one user per line. +- prometheus_enable = false # Enable prometheus statistics +- prometheus_buckets = "[0.1,0.3,1.2,5.0]" # Prometheus buckets +- cattle_url = "" # Cattle url if you choose api integration +- cattle_access_key = "" # Cattle access key if you choose api integration +- cattle_secret_key = "" # Cattle secret key if you choose api integration +### Service configuration labels: + +Traefik labels has to be added to your services, in order to get included in traefik config. + +## Metadata or api + +Please use traefik defined labels if you choose metadata or api rancher integration. + +[Traefik rancher backend labels][traefik rancher backend] + +Metadata is the prefered and recommended rancher integration. + +Api integration needs you create an environment API key in your rancher environment. Also, it needs you provide CATTLE_URL, CATTLE_ACCESS_KEY and CATTLE_SECRET_KEY. + +## External + +Use this labels if you choose extenal rancher integration. + +- traefik.enable = + - true: the service will be published as *service_name.stack_name.traefik_domain* + - stack: the service will be published as *stack_name.traefik_domain*. WARNING: You could have collisions inside services within your stack + - false: the service will not be published +- traefik.alias = < alias > # Alternate names to route rule. Multiple values separated by ",". WARNING: You could have collisions BE CAREFULL +- traefik.domain = < domain > # Domain names to route rule. Multiple values separated by "," +- traefik.path = < path > # Path to route rule. Multiple paths separated by "," +- traefik.port = < port > # Port to expose throught traefik +- traefik.acme = < true | false > # Enable/disable ACME traefik feature + +### Usage: + + Select Traefik from catalog. + + Set the params. + + Click deploy. + + Access your traefik admin service at $admin_port to see your published services. + +Note: To access the services, you need to create A or CNAMES dns entries for every one. + +[traefik rancher backend]: https://docs.traefik.io/configuration/backends/rancher/#labels-overriding-default-behaviour diff --git a/templates/traefik/12/docker-compose.yml.tpl b/templates/traefik/12/docker-compose.yml.tpl new file mode 100644 index 0000000..aafcab5 --- /dev/null +++ b/templates/traefik/12/docker-compose.yml.tpl @@ -0,0 +1,108 @@ +version: '2' +services: + traefik: + ports: + - ${admin_port}:8000/tcp + - ${http_port}:${http_port}/tcp + - ${https_port}:${https_port}/tcp + labels: + io.rancher.scheduler.global: 'true' + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + {{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} + io.rancher.sidekicks: + {{- if eq .Values.rancher_integration "external"}} traefik-conf + {{- if eq .Values.acme_enable "true" -}},{{- end -}} + {{- end -}} + {{- if eq .Values.acme_enable "true" -}} + {{- if ne .Values.rancher_integration "external"}} traefik-acme + {{- else -}}traefik-acme + {{- end -}} + {{- end -}} + {{- end}} + io.rancher.container.hostname_override: container_name + image: rawmind/alpine-traefik:1.4.3-0 + environment: + - TRAEFIK_HTTP_PORT=${http_port} + - TRAEFIK_HTTP_COMPRESSION=${compress_enable} + - TRAEFIK_HTTPS_PORT=${https_port} + - TRAEFIK_HTTPS_ENABLE=${https_enable} + - TRAEFIK_HTTPS_COMPRESSION=${compress_enable} + - TRAEFIK_INSECURE_SKIP=${insecure_skip} + - TRAEFIK_ADMIN_ENABLE=true + - TRAEFIK_ADMIN_READ_ONLY=${admin_readonly} + - TRAEFIK_ADMIN_STATISTICS=${admin_statistics} + - TRAEFIK_ADMIN_AUTH_METHOD=${admin_auth_method} + - TRAEFIK_ADMIN_AUTH_USERS=${admin_users} + {{- if eq .Values.rancher_integration "external"}} + - CONF_INTERVAL=${refresh_interval} + {{- end}} + {{- if eq .Values.acme_enable "true"}} + - TRAEFIK_ACME_ENABLE=${acme_enable} + - TRAEFIK_ACME_EMAIL=${acme_email} + - TRAEFIK_ACME_ONDEMAND=${acme_ondemand} + - TRAEFIK_ACME_ONHOSTRULE=${acme_onhostrule} + - TRAEFIK_ACME_CASERVER=${acme_caserver} + {{- end}} + {{- if ne .Values.rancher_integration "external"}} + - TRAEFIK_RANCHER_ENABLE=true + - TRAEFIK_RANCHER_HEALTHCHECK=${rancher_healthcheck} + - TRAEFIK_RANCHER_MODE=${rancher_integration} + {{- if eq .Values.rancher_integration "api"}} + - CATTLE_URL=${cattle_url} + - CATTLE_ACCESS_KEY=${cattle_access_key} + - CATTLE_SECRET_KEY=${cattle_secret_key} + {{- end}} + {{- end}} + {{- if eq .Values.prometheus_enable "true"}} + - TRAEFIK_PROMETHEUS_ENABLE=${prometheus_enable} + - TRAEFIK_PROMETHEUS_BUCKETS=${prometheus_buckets} + {{- end}} + {{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} + volumes_from: + {{- if eq .Values.rancher_integration "external"}} + - traefik-conf + {{- end}} + {{- if eq .Values.acme_enable "true"}} + - traefik-acme + {{- end}} + {{- end}} + {{- if eq .Values.rancher_integration "external"}} + traefik-conf: + labels: + io.rancher.scheduler.global: 'true' + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.start_once: 'true' + image: rawmind/rancher-traefik:1.3.6 + network_mode: none + volumes: + - tools-volume:/opt/tools + {{- end}} + {{- if eq .Values.acme_enable "true"}} + traefik-acme: + network_mode: none + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + io.rancher.container.start_once: true + environment: + - SERVICE_UID=10001 + - SERVICE_GID=10001 + - SERVICE_VOLUME=/opt/traefik/acme + volumes: + - ${acme_vol_name}:/opt/traefik/acme + image: rawmind/alpine-volume:0.0.2-1 + {{- end}} +{{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} +volumes: + {{- if eq .Values.rancher_integration "external"}} + tools-volume: + driver: local + per_container: true + {{- end}} + {{- if eq .Values.acme_enable "true"}} + ${acme_vol_name}: + driver: ${acme_vol_driver} + {{- end}} +{{- end}} diff --git a/templates/traefik/12/rancher-compose.yml b/templates/traefik/12/rancher-compose.yml new file mode 100644 index 0000000..26150c2 --- /dev/null +++ b/templates/traefik/12/rancher-compose.yml @@ -0,0 +1,216 @@ +version: '2' +catalog: + name: traefik + version: v1.4.3-rancher1 + description: | + Traefik load balancer. + minimum_rancher_version: v0.59.0 + maintainer: "Raul Sanchez " + uuid: traefik-0 + questions: + - variable: "rancher_integration" + label: "Choose rancher integration:" + description: | + Enable rancher integration mode. Traefik built in integration, metadata or api, or external sidekick integration with confd. + default: metadata + required: true + type: enum + options: + - metadata + - api + - external + - variable: "rancher_healthcheck" + description: | + Enable/disable rancher services healtcheck filter. If enable, just healthy services will be published. + Only valid for api and metadata integration. + label: "Rancher healthcheck filter:" + required: true + default: false + type: "boolean" + - variable: "host_label" + description: "Host label where to run traefik service." + label: "Host label:" + required: true + default: "traefik_lb=true" + type: "string" + - variable: "http_port" + description: "Traefik http public port to listen." + label: "Http port:" + required: true + default: 8080 + type: "int" + - variable: "https_port" + description: "Traefik https public port to listen." + label: "Https port:" + required: true + default: 8443 + type: "int" + - variable: "admin_port" + description: "Traefik admin public port to listen." + label: "Admin port:" + required: true + default: 8000 + type: "int" + - variable: "https_enable" + label: "Https enable:" + description: | + Enable https working mode. If you activate, you need to fill SSL key and SSL crt in order to work. + default: false + required: true + type: enum + options: + - false + - true + - only + - variable: "acme_enable" + description: "Enable acme support on traefik." + label: "ACME enable:" + required: true + default: false + type: "boolean" + - variable: "acme_email" + description: "ACME user email." + label: "ACME email:" + required: true + default: "test@traefik.io" + type: "string" + - variable: "acme_ondemand" + description: "Enable acme ondemand." + label: "ACME ondemand:" + required: true + default: true + type: "boolean" + - variable: "acme_onhostrule" + description: "Enable acme onHostRule." + label: "ACME onHostRule:" + required: true + default: true + type: "boolean" + - variable: "acme_caserver" + description: "ACME caServer to use." + label: "ACME caServer:" + required: true + default: "https://acme-v01.api.letsencrypt.org/directory" + type: "string" + - variable: "acme_vol_name" + description: "The volume name shared to store ACME certs" + label: "ACME Volume Name" + required: true + default: "traefik_acme_vol" + type: "string" + - variable: "acme_vol_driver" + description: "The volume driver shared to store ACME certs" + label: "ACME Volume Driver" + required: true + default: "local" + type: enum + options: # List of options if using type of `enum` + - local + - rancher-nfs + - rancher-efs + - rancher-ebs + - variable: "ssl_key" + description: "SSL key to secure the service. *Required if you enable https" + label: "Https key" + type: "multiline" + required: false + default: "" + - variable: "ssl_crt" + description: "SSL cert to secure the service. *Required if you enable https" + label: "Https crt" + type: "multiline" + required: false + default: "" + - variable: "insecure_skip" + description: "Enable InsecureSkipVerify param." + label: "InsecureSkipVerify:" + required: true + default: false + type: "boolean" + - variable: "compress_enable" + label: "Enable compression:" + description: | + Enable Traefik compression for entrypoints. + default: true + required: true + type: "boolean" + - variable: "refresh_interval" + description: "Interval to poll/apply configuration changes." + label: "Refresh Interval (s):" + required: true + default: 10 + type: "int" + - variable: "admin_readonly" + label: "Admin readonly:" + description: | + Set admin to readonly mode. + default: false + required: true + type: "boolean" + - variable: "admin_statistics" + description: "Enable more detailed statistics." + label: "Admin statistics history:" + required: true + default: 10 + type: "int" + - variable: "admin_auth_method" + description: "Admin auth method on the webui." + label: "Admin auth method:" + required: true + default: "basic" + type: enum + options: # List of options if using type of `enum` + - basic + - digest + - variable: "admin_users" + description: "Admin auth user list on the webui. Generate with htpassword for basic or htdigest with traefik realm for digest." + label: "Admin users:" + type: "multiline" + required: false + default: "" + - variable: "prometheus_enable" + description: "To enable statistics to be pulled by Prometheus." + label: "Prometheus enable" + default: false + required: true + type: "boolean" + - variable: "prometheus_buckets" + description: "To define your own buckets" + label: "Prometheus buckets" + default: "[0.1,0.3,1.2,5.0]" + required: true + type: "string" + - variable: "cattle_url" + description: "API cattle url" + label: "Cattle URL" + default: "" + required: false + type: "string" + - variable: "cattle_access_key" + description: "API environment access key" + label: "Cattle access key" + default: "" + required: false + type: "string" + - variable: "cattle_secret_key" + description: "API environment secret key" + label: "Cattle secret key" + default: "" + required: false + type: "string" +services: + traefik: + retain_ip: true + health_check: + healthy_threshold: 2 + response_timeout: 5000 + port: 8000 + unhealthy_threshold: 3 + interval: 5000 + strategy: recreate + metadata: + traefik: + ssl_key: | + ${ssl_key} + ssl_crt: | + ${ssl_crt} diff --git a/templates/traefik/13/README.md b/templates/traefik/13/README.md new file mode 100644 index 0000000..3d669e0 --- /dev/null +++ b/templates/traefik/13/README.md @@ -0,0 +1,82 @@ +# Traefik active load balancer + +### Info: + + This template deploys traefik active load balancers on top of Rancher. The configuration is generated and updated with confd from Rancher metadata. + It would be deployed in hosts with label traefik_lb=true. + +### Config: + +- rancher_integration = "metadata" # Rancher integration method. +- rancher_healthcheck = false # Enable/Disable traefik rancher services healthcheck filter. Only valid for api and metadata integration. +- constraints = "" # Traefik constraints for rancher provider. Only valid for api and metadata integration. +- host_label = "traefik_lb=true" # Host label where to run traefik service. +- http_port = 8080 # Port exposed to get access to the published services. +- https_port = 8443 # Port exposed to get secured access to the published services. +- admin_port = 8000 # Port exposed to get admin access to the traefik service. +- https_enable = + - false: Enable http enpoints and disable https ones. + - true: Enable http and https endpoints. + - only: Enable https endpoints and redirect http to https. +- acme_enable = false # Enable/Disable acme traefik support. +- acme_email = "test@traefik.io" # acme user email +- acme_ondemand = true # acme ondemand parameter. +- acme_onhostrule = true # acme onHostRule parameter. +- acme_caserver = "https://acme-v01.api.letsencrypt.org/directory" # acme caServer parameter. +- acme_vol_name = "traefik_acme_vol" # Volume name to user by acme sidekick +- acme_vol_driver = "local" # Volume driver to user by acme sidekick +- ssl_key # Paste your ssl key. *Required if you enable https +- ssl_crt # Paste your ssl crt. *Required if you enable https +- insecure_skip = false # Enable InsecureSkipVerify param. +- compress_enable = true # Enable traefik compression +- refresh_interval = 10s # Interval to refresh traefik rules.toml from rancher-metadata. +- admin_readonly = false # Set REST API to read-only mode. +- admin_statistics = 10 # Enable more detailed statistics, extend recent errors number. +- admin_auth_method = "basic" # Selec auth method, basic or digest. +- admin_users = "" # Paste basic or digest users created with htdigest, one user per line. +- prometheus_enable = false # Enable prometheus statistics +- prometheus_buckets = "[0.1,0.3,1.2,5.0]" # Prometheus buckets +- cattle_url = "" # Cattle url if you choose api integration +- cattle_access_key = "" # Cattle access key if you choose api integration +- cattle_secret_key = "" # Cattle secret key if you choose api integration +### Service configuration labels: + +Traefik labels has to be added to your services, in order to get included in traefik config. + +## Metadata or api + +Please use traefik defined labels if you choose metadata or api rancher integration. + +[Traefik rancher backend labels][traefik rancher backend] + +Metadata is the prefered and recommended rancher integration. + +Api integration needs you create an environment API key in your rancher environment. Also, it needs you provide CATTLE_URL, CATTLE_ACCESS_KEY and CATTLE_SECRET_KEY. + +## External + +Use this labels if you choose extenal rancher integration. + +- traefik.enable = + - true: the service will be published as *service_name.stack_name.traefik_domain* + - stack: the service will be published as *stack_name.traefik_domain*. WARNING: You could have collisions inside services within your stack + - false: the service will not be published +- traefik.alias = < alias > # Alternate names to route rule. Multiple values separated by ",". WARNING: You could have collisions BE CAREFULL +- traefik.domain = < domain > # Domain names to route rule. Multiple values separated by "," +- traefik.path = < path > # Path to route rule. Multiple paths separated by "," +- traefik.port = < port > # Port to expose throught traefik +- traefik.acme = < true | false > # Enable/disable ACME traefik feature + +### Usage: + + Select Traefik from catalog. + + Set the params. + + Click deploy. + + Access your traefik admin service at $admin_port to see your published services. + +Note: To access the services, you need to create A or CNAMES dns entries for every one. + +[traefik rancher backend]: https://docs.traefik.io/configuration/backends/rancher/#labels-overriding-default-behaviour diff --git a/templates/traefik/13/docker-compose.yml.tpl b/templates/traefik/13/docker-compose.yml.tpl new file mode 100644 index 0000000..88b8b63 --- /dev/null +++ b/templates/traefik/13/docker-compose.yml.tpl @@ -0,0 +1,109 @@ +version: '2' +services: + traefik: + ports: + - ${admin_port}:8000/tcp + - ${http_port}:${http_port}/tcp + - ${https_port}:${https_port}/tcp + labels: + io.rancher.scheduler.global: 'true' + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + {{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} + io.rancher.sidekicks: + {{- if eq .Values.rancher_integration "external"}} traefik-conf + {{- if eq .Values.acme_enable "true" -}},{{- end -}} + {{- end -}} + {{- if eq .Values.acme_enable "true" -}} + {{- if ne .Values.rancher_integration "external"}} traefik-acme + {{- else -}}traefik-acme + {{- end -}} + {{- end -}} + {{- end}} + io.rancher.container.hostname_override: container_name + image: rawmind/alpine-traefik:1.4.4-1 + environment: + - TRAEFIK_HTTP_PORT=${http_port} + - TRAEFIK_HTTP_COMPRESSION=${compress_enable} + - TRAEFIK_HTTPS_PORT=${https_port} + - TRAEFIK_HTTPS_ENABLE=${https_enable} + - TRAEFIK_HTTPS_COMPRESSION=${compress_enable} + - TRAEFIK_INSECURE_SKIP=${insecure_skip} + - TRAEFIK_ADMIN_ENABLE=true + - TRAEFIK_ADMIN_READ_ONLY=${admin_readonly} + - TRAEFIK_ADMIN_STATISTICS=${admin_statistics} + - TRAEFIK_ADMIN_AUTH_METHOD=${admin_auth_method} + - TRAEFIK_ADMIN_AUTH_USERS=${admin_users} + {{- if eq .Values.rancher_integration "external"}} + - CONF_INTERVAL=${refresh_interval} + {{- end}} + {{- if eq .Values.acme_enable "true"}} + - TRAEFIK_ACME_ENABLE=${acme_enable} + - TRAEFIK_ACME_EMAIL=${acme_email} + - TRAEFIK_ACME_ONDEMAND=${acme_ondemand} + - TRAEFIK_ACME_ONHOSTRULE=${acme_onhostrule} + - TRAEFIK_ACME_CASERVER=${acme_caserver} + {{- end}} + {{- if ne .Values.rancher_integration "external"}} + - TRAEFIK_RANCHER_ENABLE=true + - TRAEFIK_CONSTRAINTS=${constraints} + - TRAEFIK_RANCHER_HEALTHCHECK=${rancher_healthcheck} + - TRAEFIK_RANCHER_MODE=${rancher_integration} + {{- if eq .Values.rancher_integration "api"}} + - CATTLE_URL=${cattle_url} + - CATTLE_ACCESS_KEY=${cattle_access_key} + - CATTLE_SECRET_KEY=${cattle_secret_key} + {{- end}} + {{- end}} + {{- if eq .Values.prometheus_enable "true"}} + - TRAEFIK_PROMETHEUS_ENABLE=${prometheus_enable} + - TRAEFIK_PROMETHEUS_BUCKETS=${prometheus_buckets} + {{- end}} + {{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} + volumes_from: + {{- if eq .Values.rancher_integration "external"}} + - traefik-conf + {{- end}} + {{- if eq .Values.acme_enable "true"}} + - traefik-acme + {{- end}} + {{- end}} + {{- if eq .Values.rancher_integration "external"}} + traefik-conf: + labels: + io.rancher.scheduler.global: 'true' + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.scheduler.affinity:container_label_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.start_once: 'true' + image: rawmind/rancher-traefik:1.3.6 + network_mode: none + volumes: + - tools-volume:/opt/tools + {{- end}} + {{- if eq .Values.acme_enable "true"}} + traefik-acme: + network_mode: none + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name + io.rancher.container.start_once: true + environment: + - SERVICE_UID=10001 + - SERVICE_GID=10001 + - SERVICE_VOLUME=/opt/traefik/acme + volumes: + - ${acme_vol_name}:/opt/traefik/acme + image: rawmind/alpine-volume:0.0.2-1 + {{- end}} +{{- if or (eq .Values.rancher_integration "external") (eq .Values.acme_enable "true")}} +volumes: + {{- if eq .Values.rancher_integration "external"}} + tools-volume: + driver: local + per_container: true + {{- end}} + {{- if eq .Values.acme_enable "true"}} + ${acme_vol_name}: + driver: ${acme_vol_driver} + {{- end}} +{{- end}} diff --git a/templates/traefik/13/rancher-compose.yml b/templates/traefik/13/rancher-compose.yml new file mode 100644 index 0000000..f097b11 --- /dev/null +++ b/templates/traefik/13/rancher-compose.yml @@ -0,0 +1,224 @@ +version: '2' +catalog: + name: traefik + version: v1.4.4-rancher1 + description: | + Traefik load balancer. + minimum_rancher_version: v0.59.0 + maintainer: "Raul Sanchez " + uuid: traefik-0 + questions: + - variable: "rancher_integration" + label: "Choose rancher integration:" + description: | + Enable rancher integration mode. Traefik built in integration, metadata or api, or external sidekick integration with confd. + default: metadata + required: true + type: enum + options: + - metadata + - api + - external + - variable: "rancher_healthcheck" + description: | + Enable/disable rancher services healtcheck filter. If enable, just healthy services will be published. + Only valid for api and metadata integration. + label: "Rancher healthcheck filter:" + required: true + default: false + type: "boolean" + - variable: "constraints" + description: | + Traefik constraints for rancher provider. Eg: "tag==api" + Only valid for api and metadata integration. + label: "Traefik constraints:" + required: false + default: "" + type: "string" + - variable: "host_label" + description: "Host label where to run traefik service." + label: "Host label:" + required: true + default: "traefik_lb=true" + type: "string" + - variable: "http_port" + description: "Traefik http public port to listen." + label: "Http port:" + required: true + default: 8080 + type: "int" + - variable: "https_port" + description: "Traefik https public port to listen." + label: "Https port:" + required: true + default: 8443 + type: "int" + - variable: "admin_port" + description: "Traefik admin public port to listen." + label: "Admin port:" + required: true + default: 8000 + type: "int" + - variable: "https_enable" + label: "Https enable:" + description: | + Enable https working mode. If you activate, you need to fill SSL key and SSL crt in order to work. + default: false + required: true + type: enum + options: + - false + - true + - only + - variable: "acme_enable" + description: "Enable acme support on traefik." + label: "ACME enable:" + required: true + default: false + type: "boolean" + - variable: "acme_email" + description: "ACME user email." + label: "ACME email:" + required: true + default: "test@traefik.io" + type: "string" + - variable: "acme_ondemand" + description: "Enable acme ondemand." + label: "ACME ondemand:" + required: true + default: true + type: "boolean" + - variable: "acme_onhostrule" + description: "Enable acme onHostRule." + label: "ACME onHostRule:" + required: true + default: true + type: "boolean" + - variable: "acme_caserver" + description: "ACME caServer to use." + label: "ACME caServer:" + required: true + default: "https://acme-v01.api.letsencrypt.org/directory" + type: "string" + - variable: "acme_vol_name" + description: "The volume name shared to store ACME certs" + label: "ACME Volume Name" + required: true + default: "traefik_acme_vol" + type: "string" + - variable: "acme_vol_driver" + description: "The volume driver shared to store ACME certs" + label: "ACME Volume Driver" + required: true + default: "local" + type: enum + options: # List of options if using type of `enum` + - local + - rancher-nfs + - rancher-efs + - rancher-ebs + - variable: "ssl_key" + description: "SSL key to secure the service. *Required if you enable https" + label: "Https key" + type: "multiline" + required: false + default: "" + - variable: "ssl_crt" + description: "SSL cert to secure the service. *Required if you enable https" + label: "Https crt" + type: "multiline" + required: false + default: "" + - variable: "insecure_skip" + description: "Enable InsecureSkipVerify param." + label: "InsecureSkipVerify:" + required: true + default: false + type: "boolean" + - variable: "compress_enable" + label: "Enable compression:" + description: | + Enable Traefik compression for entrypoints. + default: true + required: true + type: "boolean" + - variable: "refresh_interval" + description: "Interval to poll/apply configuration changes." + label: "Refresh Interval (s):" + required: true + default: 10 + type: "int" + - variable: "admin_readonly" + label: "Admin readonly:" + description: | + Set admin to readonly mode. + default: false + required: true + type: "boolean" + - variable: "admin_statistics" + description: "Enable more detailed statistics." + label: "Admin statistics history:" + required: true + default: 10 + type: "int" + - variable: "admin_auth_method" + description: "Admin auth method on the webui." + label: "Admin auth method:" + required: true + default: "basic" + type: enum + options: # List of options if using type of `enum` + - basic + - digest + - variable: "admin_users" + description: "Admin auth user list on the webui. Generate with htpassword for basic or htdigest with traefik realm for digest." + label: "Admin users:" + type: "multiline" + required: false + default: "" + - variable: "prometheus_enable" + description: "To enable statistics to be pulled by Prometheus." + label: "Prometheus enable" + default: false + required: true + type: "boolean" + - variable: "prometheus_buckets" + description: "To define your own buckets" + label: "Prometheus buckets" + default: "[0.1,0.3,1.2,5.0]" + required: true + type: "string" + - variable: "cattle_url" + description: "API cattle url" + label: "Cattle URL" + default: "" + required: false + type: "string" + - variable: "cattle_access_key" + description: "API environment access key" + label: "Cattle access key" + default: "" + required: false + type: "string" + - variable: "cattle_secret_key" + description: "API environment secret key" + label: "Cattle secret key" + default: "" + required: false + type: "string" +services: + traefik: + retain_ip: true + health_check: + healthy_threshold: 2 + response_timeout: 5000 + port: 8000 + unhealthy_threshold: 3 + interval: 5000 + strategy: recreate + metadata: + traefik: + ssl_key: | + ${ssl_key} + ssl_crt: | + ${ssl_crt} diff --git a/templates/traefik/config.yml b/templates/traefik/config.yml index 4f54076..e1f436d 100644 --- a/templates/traefik/config.yml +++ b/templates/traefik/config.yml @@ -1,7 +1,7 @@ name: Traefik description: | - (Experimental) Traefik active load balancer -version: v1.3.6-rancher1 + Traefik active load balancer +version: v1.4.4-rancher1 category: Load Balancing maintainer: "Raul Sanchez " minimum_rancher_version: v0.59.0 diff --git a/templates/wekan/0/docker-compose.yml b/templates/wekan/0/docker-compose.yml index c611526..7d3f894 100644 --- a/templates/wekan/0/docker-compose.yml +++ b/templates/wekan/0/docker-compose.yml @@ -1,5 +1,5 @@ wekandb: - image: mongo + image: mongo:3.2.11 # volumes: # - ./data/runtime/db:/data/db # - ./data/dump:/dump diff --git a/templates/zinst/0/README.md b/templates/zinst/0/README.md new file mode 100644 index 0000000..86c73a2 --- /dev/null +++ b/templates/zinst/0/README.md @@ -0,0 +1,85 @@ + +# Zinst +## Install +* Git clone 1st +``` +git clone https://github.com/goody80/zinst_repository_docker.git +``` + +* Git clone for zinst packages (optional) +``` +git clone https://github.com/goody80/Zinst_packages.git +cp -Rfv ./Zinst_packages/* ./zinst_repository_docker/dist/ +``` + + +## Use +* How to start the zinst repository server +``` +cd zinst_repository_docker +docker-compose up -d +``` + +* How to set the zinst client +``` +curl -sL bit.ly/online-install |bash +zinst self-config ip=[IP address of the docker Host] host=[Hostname of docker host]:8080 +``` + +* check the server alive +``` +zinst find +``` + +## Setup +* You can modify the docker-compose.yml for setup as below + * for example: I need to change the port 8080 to 80. - You can do as below + * `8080:80/tcp` -> `80:80/tcp` + +``` +version: '2' +services: + zinst-repository: + image: zinst/zinst_repository:latest + ports: + - 8080:80/tcp + volumes: + - ./dist:/data/dist:rw +``` + +## What is the Zinst ? +### zinst? +* Package install manager. It very similar that concept of yinst command in Yahoo! + +### Summary +* For the centralized package manage & distributed systems + * Centralized control: + * Install the Package to the destination server + * *ex) zinst install apache_server-1.0.1.zinst apache_conf-1.0.1.zinst -h web0[1-7,9]* + * list-up the package in each server + * *ex) zinst ls* + * list-up the file of package in each server + * *ex) zinst ls -files apache_server* + * Easy find out the installed package-name of a some distributed file + * *ex) zinst ls -files /data/z/httpd/conf/include/_temp.conf* + * Can tracking the release history with who could controlled + * *ex) zinst history* + * Easy can change the configuration setup + * *ex) zinst set apache_conf.maxclient=64* + * Then you can see the configuration has been changed on the Apache server for example. + * Package remove + * Send a command to the distributed systems + * *ex) zinst ssh "whoami" -h web[0-1][0-9], web20* + * Can makes a list of multiple host for the target control + * *ex) zinst ssh "whoami" -H ./hostlist.txt* + * One package, can makes a differnt output + * *ex) zinst install apache_server -set apache_server.maxclient=32 -h web01 web02* + * *zinst install apache_server -set apache_server.maxclient=64 -h news01 news02* + * Daemon controll + * *ex) zinst start httpd* + * Then we can recognize that who managed the daemon in the server as a history + * Easy to find out the package has been released to somewhere + * *ex) zinst track hwconfig-1. + * Supported a package restore & roll-back as a save file + * *ex) zinst restore -file /data/z/save/zinst-save.56* + * Without difficult language and environment. Due to it made by Bash only diff --git a/templates/zinst/0/docker-compose.yml b/templates/zinst/0/docker-compose.yml new file mode 100644 index 0000000..91eab26 --- /dev/null +++ b/templates/zinst/0/docker-compose.yml @@ -0,0 +1,14 @@ +version: '2' +services: + zinst-repository: + image: zinst/zinst_repository:0.4 + volumes: + - zinst-data:/data/dist + zinst-lb: + image: rancher/lb-service-haproxy:v0.6.4 + ports: + - ${public_port}:${public_port}/tcp + +volumes: + zinst-data: + driver: local diff --git a/templates/zinst/0/rancher-compose.yml b/templates/zinst/0/rancher-compose.yml new file mode 100644 index 0000000..69874c8 --- /dev/null +++ b/templates/zinst/0/rancher-compose.yml @@ -0,0 +1,44 @@ +version: '2' +catalog: + name: "zinst-repository" + version: "7.0.5" + description: "Infra as a code by your own packages. http://zinst.me" + uuid: zinstrepo-0 + minimum_rancher_version: v1.5.5 + questions: + - variable: public_port + description: "public port to access the zinst repository" + label: "Public Port" + required: true + default: "8080" + type: "int" + +services: + zinst-repository: + retain_ip: true + scale: 1 + start_on_create: true + health_check: + port: 80 + interval: 5000 + unhealthy_threshold: 3 + request_line: '' + healthy_threshold: 2 + response_timeout: 5000 + zinst-lb: + scale: 1 + start_on_create: true + lb_config: + certs: [] + port_rules: + - priority: 1 + protocol: http + service: zinst-repository + source_port: ${public_port} + target_port: 80 + health_check: + response_timeout: 2000 + healthy_threshold: 2 + port: 42 + unhealthy_threshold: 3 + interval: 2000 diff --git a/templates/zinst/1/README.md b/templates/zinst/1/README.md new file mode 100644 index 0000000..7d45b94 --- /dev/null +++ b/templates/zinst/1/README.md @@ -0,0 +1,56 @@ + +# Zinst +## Install +1. How to install the zinst client +``` +curl -sL bit.ly/online-install |bash +zinst self-config ip=[IP address of the zinst-repository] host=[Hostname of zinst-repository]:[http_port] +``` + +2. check the server alive +``` +zinst find +``` + +3. You can clone and copy the open-source zinst packages from the Github to the Volume dircetory as below. + * https://github.com/goody80/Zinst_packages + + +## What is the Zinst ? +### zinst? +* Package install manager. It very similar that concept of yinst command in Yahoo! + +### Summary +* For the centralized package manage & distributed systems + * Centralized control: + * Install the Package to the destination server + * *ex) zinst install apache_server-1.0.1.zinst apache_conf-1.0.1.zinst -h web0[1-7,9]* + * list-up the package in each server + * *ex) zinst ls* + * list-up the file of package in each server + * *ex) zinst ls -files apache_server* + * Easy find out the installed package-name of a some distributed file + * *ex) zinst ls -files /data/z/httpd/conf/include/_temp.conf* + * Can tracking the release history with who could controlled + * *ex) zinst history* + * Easy can change the configuration setup + * *ex) zinst set apache_conf.maxclient=64* + * Then you can see the configuration has been changed on the Apache server for example. + * Package remove + * Send a command to the distributed systems + * *ex) zinst ssh "whoami" -h web[0-1][0-9], web20* + * Can makes a list of multiple host for the target control + * *ex) zinst ssh "whoami" -H ./hostlist.txt* + * One package, can makes a differnt output + * *ex) zinst install apache_server -set apache_server.maxclient=32 -h web01 web02* + * *zinst install apache_server -set apache_server.maxclient=64 -h news01 news02* + * Daemon controll + * *ex) zinst start httpd* + * Then we can recognize that who managed the daemon in the server as a history + * Easy to find out the package has been released to somewhere + * *ex) zinst track hwconfig-1. + * Supported a package restore & roll-back as a save file + * *ex) zinst restore -file /data/z/save/zinst-save.56* + * Without difficult language and environment. Due to it made by Bash only + + diff --git a/templates/zinst/1/docker-compose.yml.tpl b/templates/zinst/1/docker-compose.yml.tpl new file mode 100644 index 0000000..2e01f7c --- /dev/null +++ b/templates/zinst/1/docker-compose.yml.tpl @@ -0,0 +1,15 @@ +version: '2' +services: + zinst-repository: + image: zinst/zinst_repository:0.5 + volumes: + - zinst-data:/data/dist + zinst-lb: + image: rancher/lb-service-haproxy:v0.7.6 + ports: + - ${http_port}:${http_port}/tcp +volumes: + zinst-data: + driver: ${volume_driver} + + diff --git a/templates/zinst/1/rancher-compose.yml b/templates/zinst/1/rancher-compose.yml new file mode 100644 index 0000000..691a01c --- /dev/null +++ b/templates/zinst/1/rancher-compose.yml @@ -0,0 +1,54 @@ +version: '2' +catalog: + name: "zinst-repository" + version: "7.0.5" + description: "Infra as a code by your own packages. http://zinst.me" + uuid: zinstrepo-0 + minimum_rancher_version: v1.5.5 + questions: + - variable: http_port + description: "http port to access the zinst repository" + label: "Public Port" + required: true + default: "8080" + type: "int" + - variable: "volume_driver" + description: "Volume driver to associate with this service" + label: "Volume Driver" + required: true + default: "local" + type: enum + options: # List of options if using type of `enum` + - local + - rancher-nfs + - rancher-efs + - rancher-ebs +services: + zinst-repository: + retain_ip: true + scale: 1 + start_on_create: true + health_check: + port: 80 + interval: 5000 + unhealthy_threshold: 3 + request_line: '' + healthy_threshold: 2 + response_timeout: 5000 + zinst-lb: + scale: 1 + start_on_create: true + lb_config: + certs: [] + port_rules: + - priority: 1 + protocol: http + service: zinst-repository + source_port: ${http_port} + target_port: 80 + health_check: + response_timeout: 2000 + healthy_threshold: 2 + port: 42 + unhealthy_threshold: 3 + interval: 2000 diff --git a/templates/zinst/catalogIcon-zinst.png b/templates/zinst/catalogIcon-zinst.png new file mode 100755 index 0000000..d3fa018 Binary files /dev/null and b/templates/zinst/catalogIcon-zinst.png differ diff --git a/templates/zinst/config.yml b/templates/zinst/config.yml new file mode 100644 index 0000000..ac31f51 --- /dev/null +++ b/templates/zinst/config.yml @@ -0,0 +1,5 @@ +name: Zinst Package repository +description: | + Infra as a code by your own packages. http://zinst.me +version: 7.0.5 +category: DevOps diff --git a/templates/zookeeper/4/README.md b/templates/zookeeper/4/README.md new file mode 100644 index 0000000..f545ed6 --- /dev/null +++ b/templates/zookeeper/4/README.md @@ -0,0 +1,27 @@ +# Apache Zookeeper + +### Info: + + This template creates, scale in and scale out a multinodes zk (zookeeper) cluster on top of Rancher. The configuration is generated with confd from Rancher metadata. + Cluster size are variable after deployment, and get reconfigured if refresh interval > 0. + + +### Usage: + + Select Apache Zookeeper from catalog. + + Enter the number of nodes, mem and refresh interval for the zk cluster. (set refresh data to 0 to disable dinamic config) + + Change the following zookeeper default parameters, if you need: + +- ZK_DATA_DIR="/opt/zk/data" +- ZK_INIT_LIMIT="10" +- ZK_MAX_CLIENT_CXNS="500" +- ZK_SYNC_LIMIT="5" +- ZK_TICK_TIME="2000" + + Click deploy. + + Zookeeper can now be accessed over the Rancher network. + + Note: When you scale the cluster, zero downtime is expected... diff --git a/templates/zookeeper/4/docker-compose.yml.tpl b/templates/zookeeper/4/docker-compose.yml.tpl new file mode 100644 index 0000000..eff9f0b --- /dev/null +++ b/templates/zookeeper/4/docker-compose.yml.tpl @@ -0,0 +1,56 @@ +version: '2' +services: + zk: + tty: true + image: rawmind/alpine-zk:3.4.10-0 + volumes_from: + - zk-volume + - zk-conf + environment: + - JVMFLAGS=-Xmx${zk_mem}m -Xms${zk_mem}m + - CONFD_INTERVAL=${zk_interval} + - ZK_DATA_DIR=${zk_data_dir} + - ZK_INIT_LIMIT=${zk_init_limit} + - ZK_MAX_CLIENT_CXNS=${zk_max_client_cxns} + - ZK_SYNC_LIMIT=${zk_sync_limit} + - ZK_TICK_TIME=${zk_tick_time} + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} + io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} + io.rancher.sidekicks: zk-volume, zk-conf + zk-conf: + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} + io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} + io.rancher.container.start_once: true + image: rawmind/rancher-zk:3.4.9 + volumes: + - zkconfig:/opt/tools + zk-volume: + labels: + io.rancher.scheduler.affinity:container_label_soft_ne: io.rancher.stack_service.name=$${stack_name}/$${service_name} + io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} + io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} + io.rancher.container.start_once: true + environment: + - SERVICE_UID=10002 + - SERVICE_GID=10002 + - SERVICE_VOLUME=${zk_data_dir} + volumes: + - zkdata:${zk_data_dir} + image: rawmind/alpine-volume:0.0.2-1 +volumes: + zkconfig: + driver: ${VOLUME_DRIVER} + per_container: true + zkdata: + driver: ${VOLUME_DRIVER} + per_container: true diff --git a/templates/zookeeper/4/rancher-compose.yml b/templates/zookeeper/4/rancher-compose.yml new file mode 100644 index 0000000..6a7fc4b --- /dev/null +++ b/templates/zookeeper/4/rancher-compose.yml @@ -0,0 +1,88 @@ +version: '2' +catalog: + name: Zookeeper + version: 3.4.10-rancher1 + description: | + (Experimental) Apache Zookeeper cluster. + minimum_rancher_version: v0.59.0 + maintainer: "Raul Sanchez " + uuid: zk-0 + questions: + - variable: "zk_scale" + description: "Number of zk nodes. Note: Recommended an odd number" + label: "Zk Nodes:" + required: true + default: 3 + type: "int" + - variable: "zk_mem" + description: "Amount of memory to config zk." + label: "Zk Memory (mb):" + required: true + default: 512 + type: "int" + - variable: "zk_init_limit" + description: "Time to allow followers to connect and sync with leader" + label: "Zk init limit (ticks):" + required: true + default: 10 + type: "int" + - variable: "zk_data_dir" + description: "Directory where zookeeper store data" + label: "Zk data dir:" + required: true + default: "/opt/zk/data" + type: "string" + - variable: "zk_max_client_cxns" + description: "Max client concurrent connections" + label: "Zk max client cxns:" + required: true + default: 500 + type: "int" + - variable: "zk_sync_limit" + description: "Time to allow followers to sync with leader" + label: "Zk sync limit (ticks):" + required: true + default: 5 + type: "int" + - variable: "zk_tick_time" + description: "Tick time length" + label: "Zk tick time (ms):" + required: true + default: 2000 + type: "int" + - variable: "zk_interval" + description: "Interval to poll/apply configuration changes. 0 to disable, reconfiguration will be done when you restart zk nodes" + label: "Zk Interval (s):" + required: true + default: 60 + type: "int" + - variable: host_label + label: "Host with Label to put zookeeper on" + description: | + Host label to use as zookeeper 'value' tag. + Example: 'zookeeper=true' + required: false + default: "" + type: "string" + - variable: "VOLUME_DRIVER" + description: "The VOLUME driver to associate with this server" + label: "VOLUME Driver" + required: true + default: "local" + type: enum + options: # List of options if using type of `enum` + - local + - rancher-nfs + - rancher-efs + - rancher-ebs +services: + zk: + scale: ${zk_scale} + retain_ip: true + health_check: + port: 2181 + interval: 5000 + unhealthy_threshold: 3 + request_line: '' + healthy_threshold: 2 + response_timeout: 5000 diff --git a/templates/zookeeper/config.yml b/templates/zookeeper/config.yml index d6b7d77..939b260 100644 --- a/templates/zookeeper/config.yml +++ b/templates/zookeeper/config.yml @@ -1,7 +1,7 @@ name: Apache Zookeeper description: | - (Experimental) Zookeeper cluster -version: 3.4.9-rancher2 + Zookeeper cluster +version: 3.4.10-rancher1 category: Clustering maintainer: "Raul Sanchez " projectURL: https://github.com/rawmind0/alpine-zk