From c09b9f62d73176fb05b7433020e394ebd46d2096 Mon Sep 17 00:00:00 2001 From: Jeffrey Sica Date: Fri, 21 Jul 2017 14:06:22 -0400 Subject: [PATCH 01/17] initial copy from internal repo --- .../keepalived/0/1/docker-compose.yml | 37 +++ .../keepalived/0/1/rancher-compose.yml | 40 +++ .../keepalived/0/docker-compose.yml | 37 +++ .../keepalived/0/rancher-compose.yml | 22 ++ infra-templates/keepalived/README.md | 12 + .../keepalived/catalogIcon-keepalived.svg | 293 ++++++++++++++++++ infra-templates/keepalived/config.yml | 7 + 7 files changed, 448 insertions(+) create mode 100755 infra-templates/keepalived/0/1/docker-compose.yml create mode 100755 infra-templates/keepalived/0/1/rancher-compose.yml create mode 100755 infra-templates/keepalived/0/docker-compose.yml create mode 100755 infra-templates/keepalived/0/rancher-compose.yml create mode 100644 infra-templates/keepalived/README.md create mode 100644 infra-templates/keepalived/catalogIcon-keepalived.svg create mode 100755 infra-templates/keepalived/config.yml diff --git a/infra-templates/keepalived/0/1/docker-compose.yml b/infra-templates/keepalived/0/1/docker-compose.yml new file mode 100755 index 0000000..e110845 --- /dev/null +++ b/infra-templates/keepalived/0/1/docker-compose.yml @@ -0,0 +1,37 @@ +version: '2' +services: + keepalived-master: + restart: always + image: arcts/keepalived + network_mode: host + cap_add: + - NET_ADMIN + environment: + KEEPALIVED_AUTOCONF: true + KEEPALIVED_STATE: MASTER + KEEPALIVED_INTERFACE: eth0 + KEEPALIVED_VIRTUAL_ROUTER_ID: 2 + KEEPALIVED_UNICAST_SRC_IP: ${master_ip} + KEEPALIVED_UNICAST_PEER_0: ${backup_ip} + KEEPALIVED_TRACK_INTERFACE_1: eth0 + KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" + labels: + io.rancher.scheduler.affinity:host_label: ${host_label}=${master_host_label} + + keepalived-backup: + restart: always + image: arcts/keepalived + network_mode: host + cap_add: + - NET_ADMIN + environment: + KEEPALIVED_AUTOCONF: true + KEEPALIVED_STATE: BACKUP + KEEPALIVED_INTERFACE: eth0 + KEEPALIVED_VIRTUAL_ROUTER_ID: 2 + KEEPALIVED_UNICAST_SRC_IP: ${backup_ip} + KEEPALIVED_UNICAST_PEER_0: ${master_ip} + KEEPALIVED_TRACK_INTERFACE_1: eth0 + KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" + labels: + io.rancher.scheduler.affinity:host_label: ${host_label}=${backup_host_label} diff --git a/infra-templates/keepalived/0/1/rancher-compose.yml b/infra-templates/keepalived/0/1/rancher-compose.yml new file mode 100755 index 0000000..bd13ebc --- /dev/null +++ b/infra-templates/keepalived/0/1/rancher-compose.yml @@ -0,0 +1,40 @@ +.catalog: + name: "keepalived" + version: v1.0.0 + description: "Autostart Keepalived (ONLY IF YOU KNOW WHAT YOU'RE DOING)" + minimum_rancher_version: v0.46.0 + uuid: keepalived:v1.0.0 + questions: + - variable: host_label + label: "Keepalived Host Label" + description: "Host Label used to schedule keepalived master and backup instances" + type: "string" + default: "edge" + required: true + - variable: master_host_label + label: "Master Host Label" + description: "The value of the Keepalived Host Label to signifify the master instance" + type: "string" + default: "MASTER" + required: true + - variable: backup_host_label + label: "Backup Host Label" + description: "The value of the Keepalived Host Label to signifify the backup instance" + type: "string" + default: "BACKUP" + required: true + - variable: master_ip + description: "Host IP of master edge node" + label: "Master IP" + type: "string" + required: true + - variable: backup_ip + description: "Host IP of backup edge node" + label: "Backup IP" + type: "string" + required: true + - variable: virtual_ip + label: "Virtual IP" + description: "Virtual IP to be created." + type: "string" + required: true diff --git a/infra-templates/keepalived/0/docker-compose.yml b/infra-templates/keepalived/0/docker-compose.yml new file mode 100755 index 0000000..837b46f --- /dev/null +++ b/infra-templates/keepalived/0/docker-compose.yml @@ -0,0 +1,37 @@ +version: '2' +services: + keepalived-master: + restart: always + image: arcts/keepalived + network_mode: host + cap_add: + - NET_ADMIN + environment: + KEEPALIVED_AUTOCONF: true + KEEPALIVED_STATE: MASTER + KEEPALIVED_INTERFACE: eth0 + KEEPALIVED_VIRTUAL_ROUTER_ID: 2 + KEEPALIVED_UNICAST_SRC_IP: ${master_ip} + KEEPALIVED_UNICAST_PEER_0: ${backup_ip} + KEEPALIVED_TRACK_INTERFACE_1: eth0 + KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" + labels: + io.rancher.scheduler.affinity:host_label: edge=master + + keepalived-backup: + restart: always + image: arcts/keepalived + network_mode: host + cap_add: + - NET_ADMIN + environment: + KEEPALIVED_AUTOCONF: true + KEEPALIVED_STATE: BACKUP + KEEPALIVED_INTERFACE: eth0 + KEEPALIVED_VIRTUAL_ROUTER_ID: 2 + KEEPALIVED_UNICAST_SRC_IP: ${backup_ip} + KEEPALIVED_UNICAST_PEER_0: ${master_ip} + KEEPALIVED_TRACK_INTERFACE_1: eth0 + KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" + labels: + io.rancher.scheduler.affinity:host_label: edge=backup diff --git a/infra-templates/keepalived/0/rancher-compose.yml b/infra-templates/keepalived/0/rancher-compose.yml new file mode 100755 index 0000000..ebdf5ef --- /dev/null +++ b/infra-templates/keepalived/0/rancher-compose.yml @@ -0,0 +1,22 @@ +.catalog: + name: "keepalived" + version: v0.2.0 + description: "Autostart Keepalived (ONLY IF YOU KNOW WHAT YOU'RE DOING)" + minimum_rancher_version: v0.46.0 + uuid: keepalived:v0.2.0 + questions: + - variable: virtual_ip + label: "Virtual IP" + description: "Virtual IP in ip command format" + type: "string" + required: true + - variable: master_ip + description: "IP of master edge node" + label: "Master IP" + type: "string" + required: true + - variable: backup_ip + description: "IP of backup edge node" + label: "Backup IP" + type: "string" + required: true diff --git a/infra-templates/keepalived/README.md b/infra-templates/keepalived/README.md new file mode 100644 index 0000000..d97addd --- /dev/null +++ b/infra-templates/keepalived/README.md @@ -0,0 +1,12 @@ +## Keepalived +Manages VRRP failover + +### Usage + +This service is intended to be deployed to edge nodes with a MASTER and BACKUP deployed respectively. +Additional IPs should be managed via environment variables once deployed with entries following the below pattern: + +`KEEPALIVED_VIRTUAL_IPADDRESS_[0-9]{1,3}` + +Format should mimic the ip command +`10.255.33.100/24 dev eth0` diff --git a/infra-templates/keepalived/catalogIcon-keepalived.svg b/infra-templates/keepalived/catalogIcon-keepalived.svg new file mode 100644 index 0000000..7b82b7a --- /dev/null +++ b/infra-templates/keepalived/catalogIcon-keepalived.svg @@ -0,0 +1,293 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + image/svg+xml + + + + + + + + + + ka + + + + diff --git a/infra-templates/keepalived/config.yml b/infra-templates/keepalived/config.yml new file mode 100755 index 0000000..6be3c47 --- /dev/null +++ b/infra-templates/keepalived/config.yml @@ -0,0 +1,7 @@ +name: keepalived +description: | + KeepaliveD, provides VRRP failover across multiple nodes +version: v1.0.0 +category: Networking +labels: + io.rancher.orchestration.supported: 'cattle,mesos,swarm,kubernetes' From 8459f2b0645620baa4778e5962f1cecdc6ee572e Mon Sep 17 00:00:00 2001 From: Jeffrey Sica Date: Fri, 21 Jul 2017 14:10:36 -0400 Subject: [PATCH 02/17] mixed up copied files --- .../keepalived/0/1/docker-compose.yml | 37 ----------------- .../keepalived/0/1/rancher-compose.yml | 40 ------------------- .../keepalived/0/docker-compose.yml | 4 +- .../keepalived/0/rancher-compose.yml | 32 +++++++++++---- 4 files changed, 27 insertions(+), 86 deletions(-) delete mode 100755 infra-templates/keepalived/0/1/docker-compose.yml delete mode 100755 infra-templates/keepalived/0/1/rancher-compose.yml diff --git a/infra-templates/keepalived/0/1/docker-compose.yml b/infra-templates/keepalived/0/1/docker-compose.yml deleted file mode 100755 index e110845..0000000 --- a/infra-templates/keepalived/0/1/docker-compose.yml +++ /dev/null @@ -1,37 +0,0 @@ -version: '2' -services: - keepalived-master: - restart: always - image: arcts/keepalived - network_mode: host - cap_add: - - NET_ADMIN - environment: - KEEPALIVED_AUTOCONF: true - KEEPALIVED_STATE: MASTER - KEEPALIVED_INTERFACE: eth0 - KEEPALIVED_VIRTUAL_ROUTER_ID: 2 - KEEPALIVED_UNICAST_SRC_IP: ${master_ip} - KEEPALIVED_UNICAST_PEER_0: ${backup_ip} - KEEPALIVED_TRACK_INTERFACE_1: eth0 - KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" - labels: - io.rancher.scheduler.affinity:host_label: ${host_label}=${master_host_label} - - keepalived-backup: - restart: always - image: arcts/keepalived - network_mode: host - cap_add: - - NET_ADMIN - environment: - KEEPALIVED_AUTOCONF: true - KEEPALIVED_STATE: BACKUP - KEEPALIVED_INTERFACE: eth0 - KEEPALIVED_VIRTUAL_ROUTER_ID: 2 - KEEPALIVED_UNICAST_SRC_IP: ${backup_ip} - KEEPALIVED_UNICAST_PEER_0: ${master_ip} - KEEPALIVED_TRACK_INTERFACE_1: eth0 - KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" - labels: - io.rancher.scheduler.affinity:host_label: ${host_label}=${backup_host_label} diff --git a/infra-templates/keepalived/0/1/rancher-compose.yml b/infra-templates/keepalived/0/1/rancher-compose.yml deleted file mode 100755 index bd13ebc..0000000 --- a/infra-templates/keepalived/0/1/rancher-compose.yml +++ /dev/null @@ -1,40 +0,0 @@ -.catalog: - name: "keepalived" - version: v1.0.0 - description: "Autostart Keepalived (ONLY IF YOU KNOW WHAT YOU'RE DOING)" - minimum_rancher_version: v0.46.0 - uuid: keepalived:v1.0.0 - questions: - - variable: host_label - label: "Keepalived Host Label" - description: "Host Label used to schedule keepalived master and backup instances" - type: "string" - default: "edge" - required: true - - variable: master_host_label - label: "Master Host Label" - description: "The value of the Keepalived Host Label to signifify the master instance" - type: "string" - default: "MASTER" - required: true - - variable: backup_host_label - label: "Backup Host Label" - description: "The value of the Keepalived Host Label to signifify the backup instance" - type: "string" - default: "BACKUP" - required: true - - variable: master_ip - description: "Host IP of master edge node" - label: "Master IP" - type: "string" - required: true - - variable: backup_ip - description: "Host IP of backup edge node" - label: "Backup IP" - type: "string" - required: true - - variable: virtual_ip - label: "Virtual IP" - description: "Virtual IP to be created." - type: "string" - required: true diff --git a/infra-templates/keepalived/0/docker-compose.yml b/infra-templates/keepalived/0/docker-compose.yml index 837b46f..e110845 100755 --- a/infra-templates/keepalived/0/docker-compose.yml +++ b/infra-templates/keepalived/0/docker-compose.yml @@ -16,7 +16,7 @@ services: KEEPALIVED_TRACK_INTERFACE_1: eth0 KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" labels: - io.rancher.scheduler.affinity:host_label: edge=master + io.rancher.scheduler.affinity:host_label: ${host_label}=${master_host_label} keepalived-backup: restart: always @@ -34,4 +34,4 @@ services: KEEPALIVED_TRACK_INTERFACE_1: eth0 KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" labels: - io.rancher.scheduler.affinity:host_label: edge=backup + io.rancher.scheduler.affinity:host_label: ${host_label}=${backup_host_label} diff --git a/infra-templates/keepalived/0/rancher-compose.yml b/infra-templates/keepalived/0/rancher-compose.yml index ebdf5ef..bd13ebc 100755 --- a/infra-templates/keepalived/0/rancher-compose.yml +++ b/infra-templates/keepalived/0/rancher-compose.yml @@ -1,22 +1,40 @@ .catalog: name: "keepalived" - version: v0.2.0 + version: v1.0.0 description: "Autostart Keepalived (ONLY IF YOU KNOW WHAT YOU'RE DOING)" minimum_rancher_version: v0.46.0 - uuid: keepalived:v0.2.0 + uuid: keepalived:v1.0.0 questions: - - variable: virtual_ip - label: "Virtual IP" - description: "Virtual IP in ip command format" + - variable: host_label + label: "Keepalived Host Label" + description: "Host Label used to schedule keepalived master and backup instances" type: "string" + default: "edge" + required: true + - variable: master_host_label + label: "Master Host Label" + description: "The value of the Keepalived Host Label to signifify the master instance" + type: "string" + default: "MASTER" + required: true + - variable: backup_host_label + label: "Backup Host Label" + description: "The value of the Keepalived Host Label to signifify the backup instance" + type: "string" + default: "BACKUP" required: true - variable: master_ip - description: "IP of master edge node" + description: "Host IP of master edge node" label: "Master IP" type: "string" required: true - variable: backup_ip - description: "IP of backup edge node" + description: "Host IP of backup edge node" label: "Backup IP" type: "string" required: true + - variable: virtual_ip + label: "Virtual IP" + description: "Virtual IP to be created." + type: "string" + required: true From 99e1add6b4ccb93ca09c1c73805edb87b49e493c Mon Sep 17 00:00:00 2001 From: Jeffrey Sica Date: Fri, 21 Jul 2017 14:25:16 -0400 Subject: [PATCH 03/17] added variables table to readme --- infra-templates/keepalived/README.md | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) mode change 100644 => 100755 infra-templates/keepalived/README.md diff --git a/infra-templates/keepalived/README.md b/infra-templates/keepalived/README.md old mode 100644 new mode 100755 index d97addd..f8aab6b --- a/infra-templates/keepalived/README.md +++ b/infra-templates/keepalived/README.md @@ -1,7 +1,20 @@ ## Keepalived -Manages VRRP failover +Manages VRRP failover within Rancher. -### Usage +This is useful for highly available load balancers or other HA services that you can't load balance. + +### Form Fields + +| Variable | Description | +| ----------------- | ---------------------------------------- | +| Host Label | Host Label used to schedule keepalived master and backup instances | +| Master Host Label | Keepalived Host Label to signifify the master instance | +| Backup Host Label | Keepalived Host Label to signifify the backup instance | +| Master IP | Host IP of master edge node | +| Backup IP | Host IP of backup edge node | +| Virtual IP | Virtual IP to be created | + +### Advanced Usage This service is intended to be deployed to edge nodes with a MASTER and BACKUP deployed respectively. Additional IPs should be managed via environment variables once deployed with entries following the below pattern: @@ -9,4 +22,4 @@ Additional IPs should be managed via environment variables once deployed with en `KEEPALIVED_VIRTUAL_IPADDRESS_[0-9]{1,3}` Format should mimic the ip command -`10.255.33.100/24 dev eth0` +`10.255.33.100/24 dev eth0` \ No newline at end of file From 0498fcdd3fd83a99d9d7e904bc9f92fb6cf0c45e Mon Sep 17 00:00:00 2001 From: Josh Cox Date: Fri, 28 Jul 2017 11:53:25 -0500 Subject: [PATCH 04/17] rabbit-examples --- templates/rabbitmq-examples/0/README.md | 11 ++ .../rabbitmq-examples/0/docker-compose.yml | 171 ++++++++++++++++++ .../rabbitmq-examples/0/rancher-compose.yml | 38 ++++ .../catalogIcon-rabbitmq.png | Bin 0 -> 4090 bytes templates/rabbitmq-examples/config.yml | 7 + 5 files changed, 227 insertions(+) create mode 100644 templates/rabbitmq-examples/0/README.md create mode 100644 templates/rabbitmq-examples/0/docker-compose.yml create mode 100644 templates/rabbitmq-examples/0/rancher-compose.yml create mode 100755 templates/rabbitmq-examples/catalogIcon-rabbitmq.png create mode 100755 templates/rabbitmq-examples/config.yml diff --git a/templates/rabbitmq-examples/0/README.md b/templates/rabbitmq-examples/0/README.md new file mode 100644 index 0000000..a797d5a --- /dev/null +++ b/templates/rabbitmq-examples/0/README.md @@ -0,0 +1,11 @@ +# RabbitMQ Examples + +I needed to test a rabbitMQ with some basics so I forked the official tutorials and added a Dockerfile +[here](https://github.com/joshuacox/rabbitmq-tutorials/tree/jsdockerfile/javascript-nodejs) + +[dockerhub here](https://hub.docker.com/r/joshuacox/rabbitmq-tutorials/) + +In that fork, there is a `Makefile` that can run through the proof of +concept. `make` will start a rabbitmq container, then start all the +listeners as deamons, and the emitters to run once. The emitters are +ephemeral and will go away once their message is sent or they error out. diff --git a/templates/rabbitmq-examples/0/docker-compose.yml b/templates/rabbitmq-examples/0/docker-compose.yml new file mode 100644 index 0000000..cbe638b --- /dev/null +++ b/templates/rabbitmq-examples/0/docker-compose.yml @@ -0,0 +1,171 @@ +version: '2' +services: +{{- if eq .Values.rabbitmq_link ""}} + rabbit: + hostname: rabbit + image: rabbitmq:3 + send: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.container.start_once: true + environment: + - AMQ_HOST=rabbit + command: send +{{- end}} + receive: + command: receive +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + environment: + - AMQ_HOST=rabbit + send: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.container.start_once: true + environment: + - AMQ_HOST=rabbit + command: send +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} + + worker: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + environment: + - AMQ_HOST=rabbit + command: worker +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} + newtask: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.container.start_once: true + environment: + - AMQ_HOST=rabbit + command: new_task +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} + + rpcserver: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + environment: + - AMQ_HOST=rabbit + command: rpc_server +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} + rpcclient: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.container.start_once: true + environment: + - AMQ_HOST=rabbit + command: rpc_client 4 +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} + + receivelogs: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + environment: + - AMQ_HOST=rabbit + command: receive_logs +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} + emitlog: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.container.start_once: true + environment: + - AMQ_HOST=rabbit + command: emit_log +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} + + receivelogsdirect: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + environment: + - AMQ_HOST=rabbit + command: receive_logs_direct info +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} + emitlogdirect: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.container.start_once: true + environment: + - AMQ_HOST=rabbit + command: emit_log_direct +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} + + receivelogstopic: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + environment: + - AMQ_HOST=rabbit + command: receive_logs_topic anonymous.info +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} + emitlogtopic: + image: joshuacox/rabbitmq-tutorials + labels: + io.rancher.container.hostname_override: container_name + io.rancher.scheduler.affinity:host_label: ${host_label} + io.rancher.container.start_once: true + environment: + - AMQ_HOST=rabbit + command: emit_log_topic +{{- if ne .Values.rabbitmq_link ""}} + external_links: + - ${rabbitmq_link}:rabbit +{{- end}} diff --git a/templates/rabbitmq-examples/0/rancher-compose.yml b/templates/rabbitmq-examples/0/rancher-compose.yml new file mode 100644 index 0000000..1ad07d9 --- /dev/null +++ b/templates/rabbitmq-examples/0/rancher-compose.yml @@ -0,0 +1,38 @@ +version: '2' +catalog: + name: RabbitMQ_Examples + version: 3.6-rancher1 + description: | + tutorial storage examples + questions: + - variable: rabbitmq_link + description: "rabbitmq service link" + label: "rabbitmq stack/service" + default: "" + required: false + type: "service" +services: + receive: + scale: 1 + send: + scale: 1 + worker: + scale: 1 + newtask: + scale: 1 + rpcserver: + scale: 1 + rpcclient: + scale: 1 + receivelogs: + scale: 1 + emitlog: + scale: 1 + receivelogsdirect: + scale: 1 + emitlogdirect: + scale: 1 + receivelogstopic: + scale: 1 + emitlogtopic: + scale: 1 diff --git a/templates/rabbitmq-examples/catalogIcon-rabbitmq.png b/templates/rabbitmq-examples/catalogIcon-rabbitmq.png new file mode 100755 index 0000000000000000000000000000000000000000..f458f7f52aecea02277b92ee4e7a2bcb288d1a95 GIT binary patch literal 4090 zcmV1^@s6)D&&&0000PbVXQnQ*UN; zcVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBU>oJmAMRCwC#T|IW=I1;A!P2Rl0$R`-} z37U>4kQ7a5DVYsrpFq|LB&U;D4mYwCY;5`jmQT>^8>mmU)p# zV@U)E0w2CA6bcvb@9&8~AP@-R;X;U4AP@+Icm)E1K!{f$5C{Z9yaIthaN5LsadDBn z|D6ofe-4b_`6tP33s?6Xs(+=1j}PjedwE3y!Fl69|9t|U$kg?_x`x`vg}UC(J-zghGK`#YJce_cEN9NOV0bOe{l zsP)eB`Pm=Ub8I4(ztZ}}ZLA3xg#gvhqqc#8e2(?WnIfK|EA>%zxoUWS5M)rsyiV{D zB>bqZwJQJ6`dF&r*58=-STVjc#D-ck2ltS1&#C(EQg!+wa+?ishIK*tyM?MdV5_eC z9+9yA>@ShaA8O^N5z9^u@BO8N??uO$Gxj`U&K$!oqzljT;PCFDjTTThbq|<`wp|@$ z{|eA?xeb&A_-+>go#+`9zPhqRAP9qR5!LP>1nGjxRTmKMQ^N@te*1*?It$_z)GIk4 z;5%swL5K++&GQ)WE+DY(&uBIK!nCX8E5yr3&bT;!C2&DJNOKATSywSI3UJS-8Wj!W z3fw3Yb$$Ko&&dT`@Zb2iP0iTrB>Da(eU*oce-hSWfg;t?PdKWXy}@_=rtZ0xmOX8N zdnuxS{~MA}NH;@D5d5KuYe3y|Wl+&@-=!j1a-3ik16*5mkK5#zfA_{fzPm2@d`0p4 zCuj(R+hR1vW%6rr&7^z>(qf&$!C=W0j-ibFSdQkeaa00KTHwT}`@oJ# zj3E{8-qj+&SYXQPn>2~T1@cYk(7Gu`WC-z|5&5o(4r+=U6$m&4vt_yhya3~Cb)oRs z;Fb&GZ%a=*(3XY?VIjnOepnKJ8%nbX8oC>*7~mG$SZ;>A0g3DC^N@Jj1cHj08gJt+ z_jI;FN7-+SKbyG=eXK&DB&usb2%j<_2NX$3)G#S8Er zXNxL&z$lw@FBAD~eAXFBJWBfr@pd0VzJk!?G7PYYL=mN{e>Wrkwhxr#XU8mGi1)-H zQ49j#c!}U{&{g80ft%qQlOTOeOqAkHF@Cr;NF4785HFF}c+XAG>7i^Ww_MCAV!Kn? zF26(Wh800>UKXkhNpYIQ3R9$)2W+35C^HLOrVwve;A^KEZpawnU>F#_Q+7B|5*wdH zjL$JgRW;B)D|dedONEK$FR=WSC?80{DV->h@ZU)0M-us0zsFHm&XWe1=!zWo8aaNf z-g{cC8hci#RMbVtoXal+@%|x-_k55s%|z1xzCprCEy{xnwkHD--gzLsyQDrAvRpWU z%^^U%GhZqc)vakiezkm?g+_iFzr&2go^u=|GfJ1VR%x14Vd6;I=t1Rd;WR_lt0At+}bc?2m*xOvRKP znbC8+>WF-biCbLize?zAYt_UuCenZQKz^pQfyI&X2Uz~#l=~MhbQKI2LECPI=)|kq zCO1qft@R1tt_B#`k9B8cp>nY~&up%K6K%055b44*Q)+X|`0ZT{;edI%)!PQk8>2ea zJJ*f+d}rf-#Yy9aAp2!?;=pomP}!#h`ChubM{I+PP zLAViI6ss+^+Ozven)A)2-&%^ZA1w{dLDEuqr*Gm-(X^}UM63k~ZN|-jd_B|;8u>OR ziC0WyYIa>7`R%}9+C#^mnVtjxzEQv5BH`<*<=S$f>yrj~2q~6(hvhyKd`Hz`mVAzWm|C>Kwf5ViCqIM5qsoQ! zim&?fI3xzw)${DwiNEkUMs++8*3-Jr*3&U}gHpJ9QgY{UV@Qe-fE#n80sN zynp*ln&aEeV8Y>4xj=|Fpeq51_G95nUEh=XL;E&d@-nCu>yD2kbnwvWY%PT~QSR7r zq3gqq;Gw?r6Yr8cgVo~0%@Ar^@7Y1(c=-hT?qOD+F{2p%uP}9UsezfCYXixa{5H1n zxajKG5Gr$=*zc;c_RT|malN5Bfx$#MwtNqLayM*!xEl;fadyH4qImm)Ju0tD+rbV8 zY-(2%-}GC<=U6)a?vd$2IW}o+J(hp!sW|ls+a+nvbtE@~5U;>HprcN})bII%&fazR z8Txwl-`Xm$ZG-ls$l}yDRQSlztG}bd)5#D5A>QDC&i)-1+IoJrT2mAA(}1#jU8ug*@9fcvVn@`k^s+#G|5r5KvkSYb~9uV z+9TyyLZWy-ccNv@OPhC1!9WB9?w)$m>+7(4%L>}&h%!;Q>q@>4;-fk^w>~c($}i4M z@fvdUatJQ8o1v|Vyi*fxABY!rOI_7{j(HrOI;eiP7{{u+9p;ILq$s!%Awv=yBpqEe z!gyXmeCRoPIZ1Oy1d01pygxeBKCM}EeQ-70a|kZ!?je$tQXjiUIp9t?$S?+Z5MYI9WV*1KZ@&@L(WaAX>=(FbkaUrLq6bkd5phJtK;{ zfwg5ja#9=)>4#Rlt*%`N@y3Jo?x~t%e}HT!zE1Cr0E&3uB9`AdQ?q4@i%OakGbzqX zhzXtoPADnU3Kil#GH5AuJs|$gq0ZD`SaXwsGt4cY?H}qMJ_h8MGbdh7(j0wq3YmM? z%VIMV)EL?aK2H85h<9-;^a_<>*8}2n8#2UA5ISMO_Ssv<^0^a}kA&%*=ggUE$j5sf zcFoj`>~7c+?{!pBg#)6E@__ZB+#j&$7lM4L4Iz(hzmq;Ju0f}O1T*(FiYV*)L%>co zViUp8k}RA|KlHJ336ye)G~H>JH6T7Xq%v)ouOTBQuygYsl%HK?28F>>!xLTcLJd^m2u-*(~nB3WE(mw1DxCq&|#S}5}aVFr#GRAFkVIJohp zT#P(UV0~A-pV|hK;zZBAi{wX5vJalr?wvvH-gn_;NE~lmm=@SVstcEnoNI(Rba6MJ zZ+>oL#$sLvJ-G{Pv9>;Qt!C0WyQJRWQcz^H)!Yi1!OajW#ue5pUiI;y>iMAR>wL@= z`id#Fo7<$fRQIXdAzF^vv|3m6mp|aM?M3l+RPiQu(FRt^50994G1GSq-4!Kn2$#v8 zk&jp>X4hlcsT7>ik73fX#kGkY(XM(M9Xuz+shbR-AFK^72Pfr=+n%X}Ss#bZTGsDY zT~~17Wb{)0KYWIyJk>(;#yI9uaW!-V2E{n6QJtSUB z_gX(2C5#0^A>R1VUrJ`7j-f+6nFt687s&BDK{^MA0rAOg!BKDc9ZGfNoET(Oq?8hR z=8!M80i|}=kv5$a#Dv*;oH<4?9J4ldE!1gZ=%3J!fP7!UXA2};RhRhxr8@pzV-;;w zIqQH{#C1vjD5Q?MYQ)Fej=Le#h+?Rl-{|Yy5ULek?5p|=lu79`{(^t6Bk|nETnBAC3Gc{mAiS%@%|{AKZ*UG zK3ia?hxYuvGB{1;&m#JEx2U+Q?KZ$kV_%X%^2@(JzH5b zAb_mSob!7gwY+tsUsw42qOXa(@ZF%wj{(igzU0jHRphLi@fpP`4D6g1lBDFe{tL29n z>Jk^DhD7;Ams4fp;@_Y`Ap3HFhCFpz(9-*^;Z_#$3Iqayz#oKo1pk literal 0 HcmV?d00001 diff --git a/templates/rabbitmq-examples/config.yml b/templates/rabbitmq-examples/config.yml new file mode 100755 index 0000000..a90ef55 --- /dev/null +++ b/templates/rabbitmq-examples/config.yml @@ -0,0 +1,7 @@ +name: RabbitMQ 3.6 Tutorial Examples +description: | + Robust messaging for applications Examples +version: 3.6-rancher1 +category: Message queues +maintainer: "Josh Cox " +minimum_rancher_version: v0.59.0 From 9dfcd9be5b3eefb724dcb6490dfb8aa6592a4dbf Mon Sep 17 00:00:00 2001 From: Bob Killen Date: Fri, 28 Jul 2017 14:32:52 -0400 Subject: [PATCH 05/17] move keepalived from infra and update config --- .../keepalived/0/rancher-compose.yml | 40 -------------- infra-templates/keepalived/README.md | 25 --------- infra-templates/keepalived/config.yml | 7 --- templates/keepalived/0/README.md | 48 +++++++++++++++++ .../keepalived/0/docker-compose.yml | 24 +++++---- templates/keepalived/0/rancher-compose.yml | 52 +++++++++++++++++++ .../keepalived/catalogIcon-keepalived.svg | 0 templates/keepalived/config.yml | 5 ++ 8 files changed, 119 insertions(+), 82 deletions(-) delete mode 100755 infra-templates/keepalived/0/rancher-compose.yml delete mode 100755 infra-templates/keepalived/README.md delete mode 100755 infra-templates/keepalived/config.yml create mode 100755 templates/keepalived/0/README.md rename {infra-templates => templates}/keepalived/0/docker-compose.yml (63%) create mode 100755 templates/keepalived/0/rancher-compose.yml rename {infra-templates => templates}/keepalived/catalogIcon-keepalived.svg (100%) create mode 100755 templates/keepalived/config.yml diff --git a/infra-templates/keepalived/0/rancher-compose.yml b/infra-templates/keepalived/0/rancher-compose.yml deleted file mode 100755 index bd13ebc..0000000 --- a/infra-templates/keepalived/0/rancher-compose.yml +++ /dev/null @@ -1,40 +0,0 @@ -.catalog: - name: "keepalived" - version: v1.0.0 - description: "Autostart Keepalived (ONLY IF YOU KNOW WHAT YOU'RE DOING)" - minimum_rancher_version: v0.46.0 - uuid: keepalived:v1.0.0 - questions: - - variable: host_label - label: "Keepalived Host Label" - description: "Host Label used to schedule keepalived master and backup instances" - type: "string" - default: "edge" - required: true - - variable: master_host_label - label: "Master Host Label" - description: "The value of the Keepalived Host Label to signifify the master instance" - type: "string" - default: "MASTER" - required: true - - variable: backup_host_label - label: "Backup Host Label" - description: "The value of the Keepalived Host Label to signifify the backup instance" - type: "string" - default: "BACKUP" - required: true - - variable: master_ip - description: "Host IP of master edge node" - label: "Master IP" - type: "string" - required: true - - variable: backup_ip - description: "Host IP of backup edge node" - label: "Backup IP" - type: "string" - required: true - - variable: virtual_ip - label: "Virtual IP" - description: "Virtual IP to be created." - type: "string" - required: true diff --git a/infra-templates/keepalived/README.md b/infra-templates/keepalived/README.md deleted file mode 100755 index f8aab6b..0000000 --- a/infra-templates/keepalived/README.md +++ /dev/null @@ -1,25 +0,0 @@ -## Keepalived -Manages VRRP failover within Rancher. - -This is useful for highly available load balancers or other HA services that you can't load balance. - -### Form Fields - -| Variable | Description | -| ----------------- | ---------------------------------------- | -| Host Label | Host Label used to schedule keepalived master and backup instances | -| Master Host Label | Keepalived Host Label to signifify the master instance | -| Backup Host Label | Keepalived Host Label to signifify the backup instance | -| Master IP | Host IP of master edge node | -| Backup IP | Host IP of backup edge node | -| Virtual IP | Virtual IP to be created | - -### Advanced Usage - -This service is intended to be deployed to edge nodes with a MASTER and BACKUP deployed respectively. -Additional IPs should be managed via environment variables once deployed with entries following the below pattern: - -`KEEPALIVED_VIRTUAL_IPADDRESS_[0-9]{1,3}` - -Format should mimic the ip command -`10.255.33.100/24 dev eth0` \ No newline at end of file diff --git a/infra-templates/keepalived/config.yml b/infra-templates/keepalived/config.yml deleted file mode 100755 index 6be3c47..0000000 --- a/infra-templates/keepalived/config.yml +++ /dev/null @@ -1,7 +0,0 @@ -name: keepalived -description: | - KeepaliveD, provides VRRP failover across multiple nodes -version: v1.0.0 -category: Networking -labels: - io.rancher.orchestration.supported: 'cattle,mesos,swarm,kubernetes' diff --git a/templates/keepalived/0/README.md b/templates/keepalived/0/README.md new file mode 100755 index 0000000..9bf3c91 --- /dev/null +++ b/templates/keepalived/0/README.md @@ -0,0 +1,48 @@ +# Keepalived + +This catalog recipe enables unicast VRRP based failover for one or more floating IP Addresses. It's intended deployment is for use on a pair edge or ingress nodes where forward-facing load-balancers or other like services will be scheduled. + + +### Form Fields + +| Variable | Default | Description | +|:---------------------:|:-----------:|:--------------------------------------------------------------------------------------:| +| **Host Label Name** | `vrrp_role` | Host label key name used to schedule keepalived master and backup instances. | +| **Master Label** | `master` | The value of the keepalived host Label to signify the master instance. | +| **Backup Label** | `backup` | The value of the keepalived host Label to signify the backup instance. | +| **Interface Name** | `eth0` | The host interface that keepalived will monitor and use for VRRP traffic. | +| **Virtual Router ID** | `2` | A unique number from 0 to 255 that should identify the VRRP group. | +| **Master IP** | | The IP on the master host that the keepalived daemon should bind to. | +| **Backup IP** | | The IP on the backup host that the keepalived daemon should bind to. | +| **Virtual IP** | | Virtual IP to be created. Must be in ip notation: `/ dev ` | + +### Usage + +This service is intended to be deployed to edge nodes with a `master` and `backup` deployed respectively. One or more Virtual IPs may then be bound to hosts. These hosts should have an additional label used for load-balancer scheduling e.g. `ingress=true` + +#### Adding an HA Load Balancer Service + +**Ensure your edge hosts have an additional host label before proceeding** + +1. From the Stack menu add a new `Load Balancer`. +2. Set `Scale` to be `Always run one instance of this container on every host`. +3. Add an appropriate `Name` and `Description`. +4. In the `Port Rules` section, click `Show host IP address options.` This enables the Host IP Field. +5. Update the `Port Rules` with the `Host IP` field set to your `Virtual IP` as defined in the keepalived config. Configure the rest of the fields as needed for your application. +6. Click on the `Scheduling` tab and click on `Add Scheduling Rule`. +7. Create a rule where "The host `must` have a `host label` of `` = ``. +8. Click Create. + +#### Adding additional Virtual IPs to the keepalived Service + +1. From the Stack menu expand the `keepalived` service. +2. Select upgrade on the `keepalived-backup` service. +3. Add a new Environment Variable called `KEEPALIVED_VIRTUAL_IPADDRESS_`. Where `` should be a unique value from 0-999. e.g. `KEEPALIVED_VIRTUAL_IPADDRESS_2`. +4. Set the value to be a **QUOTED STRING** with an additional virtual IP following the standard ip format of `/ dev `. e.g. `10.255.33.102/24 dev eth0`. +5. Press `Upgrade`. +6. Repeat the same steps for the `keepalived-master` service. + + +### Troubleshooting + +For further help see the main [arc-ts/keepalived git repo](https://github.com/arc-ts/keepalived) \ No newline at end of file diff --git a/infra-templates/keepalived/0/docker-compose.yml b/templates/keepalived/0/docker-compose.yml similarity index 63% rename from infra-templates/keepalived/0/docker-compose.yml rename to templates/keepalived/0/docker-compose.yml index e110845..b7c44f5 100755 --- a/infra-templates/keepalived/0/docker-compose.yml +++ b/templates/keepalived/0/docker-compose.yml @@ -2,36 +2,40 @@ version: '2' services: keepalived-master: restart: always - image: arcts/keepalived + image: arcts/keepalived:1.1.0 network_mode: host cap_add: - NET_ADMIN environment: KEEPALIVED_AUTOCONF: true KEEPALIVED_STATE: MASTER - KEEPALIVED_INTERFACE: eth0 - KEEPALIVED_VIRTUAL_ROUTER_ID: 2 + KEEPALIVED_INTERFACE: ${interface} + KEEPALIVED_VIRTUAL_ROUTER_ID: ${router_id} KEEPALIVED_UNICAST_SRC_IP: ${master_ip} KEEPALIVED_UNICAST_PEER_0: ${backup_ip} - KEEPALIVED_TRACK_INTERFACE_1: eth0 + KEEPALIVED_TRACK_INTERFACE_1: ${interface} KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" labels: - io.rancher.scheduler.affinity:host_label: ${host_label}=${master_host_label} + io.rancher.scheduler.affinity:host_label: ${host_label}=${master_label} + sysctls: + - net.ipv4.ip_nonlocal_bind=1 keepalived-backup: restart: always - image: arcts/keepalived + image: arcts/keepalived:1.1.0 network_mode: host cap_add: - NET_ADMIN environment: KEEPALIVED_AUTOCONF: true KEEPALIVED_STATE: BACKUP - KEEPALIVED_INTERFACE: eth0 - KEEPALIVED_VIRTUAL_ROUTER_ID: 2 + KEEPALIVED_INTERFACE: ${interface} + KEEPALIVED_VIRTUAL_ROUTER_ID: ${router_id} KEEPALIVED_UNICAST_SRC_IP: ${backup_ip} KEEPALIVED_UNICAST_PEER_0: ${master_ip} - KEEPALIVED_TRACK_INTERFACE_1: eth0 + KEEPALIVED_TRACK_INTERFACE_1: ${interface} KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" labels: - io.rancher.scheduler.affinity:host_label: ${host_label}=${backup_host_label} + io.rancher.scheduler.affinity:host_label: ${host_label}=${backup_label} + sysctls: + - net.ipv4.ip_nonlocal_bind=1 diff --git a/templates/keepalived/0/rancher-compose.yml b/templates/keepalived/0/rancher-compose.yml new file mode 100755 index 0000000..47f53d6 --- /dev/null +++ b/templates/keepalived/0/rancher-compose.yml @@ -0,0 +1,52 @@ +.catalog: + name: "keepalived" + version: v1.0.1 + description: "Keepalived VRRP based HA service." + minimum_rancher_version: v0.46.0 + uuid: keepalived-1 + questions: + - variable: "host_label" + description: "Host label key name used to schedule keepalived master and backup instances." + label: "Host Label Name:" + type: "string" + default: "vrrp_role" + required: true + - variable: "master_label" + description: "The value of the keepalived host Label to signify the master instance." + label: "Master Label:" + type: "string" + default: "master" + required: true + - variable: "backup_label" + description: "The value of the keepalived host Label to signify the backup instance." + label: "Backup Label:" + type: "string" + default: "backup" + required: true + - variable: "interface" + description: "The name of the host interface." + label: "Interface Name:" + type: "string" + default: "eth0" + required: true + - variable: "router_id" + description: "The virtual Router ID to assign to the VRRP Pair." + label: "Virtual Router ID:" + type: "int" + default: "2" + required: true + - variable: "master_ip" + description: "Host IP of master node" + label: "Master IP:" + type: "string" + required: true + - variable: "backup_ip" + description: "Host IP of backup node" + label: "Backup IP:" + type: "string" + required: true + - variable: "virtual_ip" + description: "Virtual IP to be created. MUST be in ip notation: / dev " + label: "Virtual IP:" + type: "string" + required: true diff --git a/infra-templates/keepalived/catalogIcon-keepalived.svg b/templates/keepalived/catalogIcon-keepalived.svg similarity index 100% rename from infra-templates/keepalived/catalogIcon-keepalived.svg rename to templates/keepalived/catalogIcon-keepalived.svg diff --git a/templates/keepalived/config.yml b/templates/keepalived/config.yml new file mode 100755 index 0000000..b0e0aaf --- /dev/null +++ b/templates/keepalived/config.yml @@ -0,0 +1,5 @@ +name: keepalived +description: | + Keepalived enables services to be deployed in HA with VRRP based failover across multiple hosts. +version: v1.0.1 +category: Networking From dab6c0b81ed954fe42f2af63bb436d0c92534d28 Mon Sep 17 00:00:00 2001 From: Josh Cox Date: Fri, 28 Jul 2017 18:49:42 -0500 Subject: [PATCH 06/17] tpl --- .../0/{docker-compose.yml => docker-compose.yml.tpl} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename templates/rabbitmq-examples/0/{docker-compose.yml => docker-compose.yml.tpl} (100%) diff --git a/templates/rabbitmq-examples/0/docker-compose.yml b/templates/rabbitmq-examples/0/docker-compose.yml.tpl similarity index 100% rename from templates/rabbitmq-examples/0/docker-compose.yml rename to templates/rabbitmq-examples/0/docker-compose.yml.tpl From 516cfdff0405d57fc5ff53019c73043230a3d8ef Mon Sep 17 00:00:00 2001 From: Tayyeb Date: Sun, 30 Jul 2017 09:26:06 +0430 Subject: [PATCH 07/17] update gitlab-ce to 9.4.2 and gitlab-runner to 9.4.1 --- templates/gitlab-multi-runner/0/docker-compose.yml | 4 ++-- templates/gitlab-multi-runner/0/rancher-compose.yml | 2 +- templates/gitlab-multi-runner/config.yml | 2 +- templates/gitlab/0/docker-compose.yml | 2 +- templates/gitlab/0/rancher-compose.yml | 2 +- templates/gitlab/config.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/templates/gitlab-multi-runner/0/docker-compose.yml b/templates/gitlab-multi-runner/0/docker-compose.yml index c331348..f0cabfc 100644 --- a/templates/gitlab-multi-runner/0/docker-compose.yml +++ b/templates/gitlab-multi-runner/0/docker-compose.yml @@ -3,7 +3,7 @@ version: '2' services: gitlab-runner-config: - image: gitlab/gitlab-runner:alpine-v9.3.0 + image: gitlab/gitlab-runner:alpine-v9.4.1 stdin_open: true volumes: - /etc/gitlab-runner/ @@ -31,7 +31,7 @@ services: io.rancher.container.start_once: 'true' gitlab-runner: - image: gitlab/gitlab-runner:alpine-v9.3.0 + image: gitlab/gitlab-runner:alpine-v9.4.1 stdin_open: true volumes: - /var/run/docker.sock:/var/run/docker.sock diff --git a/templates/gitlab-multi-runner/0/rancher-compose.yml b/templates/gitlab-multi-runner/0/rancher-compose.yml index ab5c198..e2c9479 100644 --- a/templates/gitlab-multi-runner/0/rancher-compose.yml +++ b/templates/gitlab-multi-runner/0/rancher-compose.yml @@ -2,7 +2,7 @@ version: '2' catalog: name: "gitlab-multi-runner" - version: "9.3.0" + version: "9.4.1" description: "a Gitlab pipelines multi-runner, that will spawn privates runners in your infra." minimum_rancher_version: v1.5.0 # maximum_rancher_version: diff --git a/templates/gitlab-multi-runner/config.yml b/templates/gitlab-multi-runner/config.yml index eca0b3c..bbd9c0f 100644 --- a/templates/gitlab-multi-runner/config.yml +++ b/templates/gitlab-multi-runner/config.yml @@ -1,5 +1,5 @@ name: gitlab-multi-runner description: | a Gitlab pipelines multi-runner, that will spawn privates runners in your infra. -version: 9.3.0 +version: 9.4.1 category: Continuous Integration diff --git a/templates/gitlab/0/docker-compose.yml b/templates/gitlab/0/docker-compose.yml index 9422535..d1d4bb9 100644 --- a/templates/gitlab/0/docker-compose.yml +++ b/templates/gitlab/0/docker-compose.yml @@ -15,7 +15,7 @@ services: - ${https_port}:443/tcp labels: io.rancher.container.hostname_override: container_name - image: gitlab/gitlab-ce:9.3.3-ce.0 + image: gitlab/gitlab-ce:9.4.2-ce.0 volumes: - gitlab-app-data:/var/opt/gitlab - gitlab-log-data:/var/log/gitlab diff --git a/templates/gitlab/0/rancher-compose.yml b/templates/gitlab/0/rancher-compose.yml index b382043..083028c 100644 --- a/templates/gitlab/0/rancher-compose.yml +++ b/templates/gitlab/0/rancher-compose.yml @@ -1,6 +1,6 @@ .catalog: name: Gitlab Community - version: 9.3.3-ce.0 + version: 9.4.2-ce.0 description: | Gitlab CE is a free GitHub alternative minimum_rancher_version: v0.56.0 diff --git a/templates/gitlab/config.yml b/templates/gitlab/config.yml index a4ad423..de84bde 100644 --- a/templates/gitlab/config.yml +++ b/templates/gitlab/config.yml @@ -1,5 +1,5 @@ name: Gitlab Community description: | Gitlab CE is a free GitHub alternative -version: 9.3.3-ce.0 +version: 9.4.2-ce.0 category: Versioning From d716887eb368628575f222c5d719b692f37f9500 Mon Sep 17 00:00:00 2001 From: Josh Cox Date: Mon, 31 Jul 2017 15:28:31 -0500 Subject: [PATCH 08/17] Optional host_label --- .../0/docker-compose.yml.tpl | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/templates/rabbitmq-examples/0/docker-compose.yml.tpl b/templates/rabbitmq-examples/0/docker-compose.yml.tpl index cbe638b..2088c87 100644 --- a/templates/rabbitmq-examples/0/docker-compose.yml.tpl +++ b/templates/rabbitmq-examples/0/docker-compose.yml.tpl @@ -8,7 +8,9 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} io.rancher.container.start_once: true environment: - AMQ_HOST=rabbit @@ -23,14 +25,18 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} environment: - AMQ_HOST=rabbit send: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} io.rancher.container.start_once: true environment: - AMQ_HOST=rabbit @@ -44,7 +50,9 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} environment: - AMQ_HOST=rabbit command: worker @@ -56,7 +64,9 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} io.rancher.container.start_once: true environment: - AMQ_HOST=rabbit @@ -70,7 +80,9 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} environment: - AMQ_HOST=rabbit command: rpc_server @@ -82,7 +94,9 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} io.rancher.container.start_once: true environment: - AMQ_HOST=rabbit @@ -96,7 +110,9 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} environment: - AMQ_HOST=rabbit command: receive_logs @@ -108,7 +124,9 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} io.rancher.container.start_once: true environment: - AMQ_HOST=rabbit @@ -122,7 +140,9 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} environment: - AMQ_HOST=rabbit command: receive_logs_direct info @@ -134,7 +154,9 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} io.rancher.container.start_once: true environment: - AMQ_HOST=rabbit @@ -148,7 +170,9 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} environment: - AMQ_HOST=rabbit command: receive_logs_topic anonymous.info @@ -160,7 +184,9 @@ services: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name +{{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} +{{- end}} io.rancher.container.start_once: true environment: - AMQ_HOST=rabbit From 7b31bc7de9d161e22c00aa9022cb667b15839e93 Mon Sep 17 00:00:00 2001 From: Josh Cox Date: Mon, 31 Jul 2017 15:31:24 -0500 Subject: [PATCH 09/17] Removed errant send block --- templates/rabbitmq-examples/0/docker-compose.yml.tpl | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/templates/rabbitmq-examples/0/docker-compose.yml.tpl b/templates/rabbitmq-examples/0/docker-compose.yml.tpl index 2088c87..d79e46e 100644 --- a/templates/rabbitmq-examples/0/docker-compose.yml.tpl +++ b/templates/rabbitmq-examples/0/docker-compose.yml.tpl @@ -4,17 +4,6 @@ services: rabbit: hostname: rabbit image: rabbitmq:3 - send: - image: joshuacox/rabbitmq-tutorials - labels: - io.rancher.container.hostname_override: container_name -{{- if ne .Values.host_label ""}} - io.rancher.scheduler.affinity:host_label: ${host_label} -{{- end}} - io.rancher.container.start_once: true - environment: - - AMQ_HOST=rabbit - command: send {{- end}} receive: command: receive From c1e33ae921f0434d470f5f6cdf43c9642481d73c Mon Sep 17 00:00:00 2001 From: Tayyeb Date: Tue, 1 Aug 2017 07:15:55 +0430 Subject: [PATCH 10/17] gitlab-ce to 9.4.2 and gitlab-runner to 9.4.1 added as new version --- .../gitlab-multi-runner/0/docker-compose.yml | 4 +- .../gitlab-multi-runner/0/rancher-compose.yml | 2 +- .../gitlab-multi-runner/1/docker-compose.yml | 46 +++++++++++++ .../gitlab-multi-runner/1/rancher-compose.yml | 37 ++++++++++ templates/gitlab/0/docker-compose.yml | 2 +- templates/gitlab/0/rancher-compose.yml | 2 +- templates/gitlab/1/README.md | 9 +++ templates/gitlab/1/docker-compose.yml | 26 +++++++ templates/gitlab/1/rancher-compose.yml | 69 +++++++++++++++++++ 9 files changed, 192 insertions(+), 5 deletions(-) create mode 100644 templates/gitlab-multi-runner/1/docker-compose.yml create mode 100644 templates/gitlab-multi-runner/1/rancher-compose.yml create mode 100644 templates/gitlab/1/README.md create mode 100644 templates/gitlab/1/docker-compose.yml create mode 100644 templates/gitlab/1/rancher-compose.yml diff --git a/templates/gitlab-multi-runner/0/docker-compose.yml b/templates/gitlab-multi-runner/0/docker-compose.yml index f0cabfc..c331348 100644 --- a/templates/gitlab-multi-runner/0/docker-compose.yml +++ b/templates/gitlab-multi-runner/0/docker-compose.yml @@ -3,7 +3,7 @@ version: '2' services: gitlab-runner-config: - image: gitlab/gitlab-runner:alpine-v9.4.1 + image: gitlab/gitlab-runner:alpine-v9.3.0 stdin_open: true volumes: - /etc/gitlab-runner/ @@ -31,7 +31,7 @@ services: io.rancher.container.start_once: 'true' gitlab-runner: - image: gitlab/gitlab-runner:alpine-v9.4.1 + image: gitlab/gitlab-runner:alpine-v9.3.0 stdin_open: true volumes: - /var/run/docker.sock:/var/run/docker.sock diff --git a/templates/gitlab-multi-runner/0/rancher-compose.yml b/templates/gitlab-multi-runner/0/rancher-compose.yml index e2c9479..ab5c198 100644 --- a/templates/gitlab-multi-runner/0/rancher-compose.yml +++ b/templates/gitlab-multi-runner/0/rancher-compose.yml @@ -2,7 +2,7 @@ version: '2' catalog: name: "gitlab-multi-runner" - version: "9.4.1" + version: "9.3.0" description: "a Gitlab pipelines multi-runner, that will spawn privates runners in your infra." minimum_rancher_version: v1.5.0 # maximum_rancher_version: diff --git a/templates/gitlab-multi-runner/1/docker-compose.yml b/templates/gitlab-multi-runner/1/docker-compose.yml new file mode 100644 index 0000000..f0cabfc --- /dev/null +++ b/templates/gitlab-multi-runner/1/docker-compose.yml @@ -0,0 +1,46 @@ +version: '2' + +services: + + gitlab-runner-config: + image: gitlab/gitlab-runner:alpine-v9.4.1 + stdin_open: true + volumes: + - /etc/gitlab-runner/ + tty: true + command: + - register + - -n + - --url + - ${GITLAB_URL} + - --registration-token + - ${GITLAB_TOKEN} + - --tag-list + - ${GITLAB_TAGS} + - --executor + - docker + - --description + - Rancher Docker Runner + - --docker-image + - docker:latest + - --docker-volumes + - /var/run/docker.sock:/var/run/docker.sock + - --docker-privileged + labels: + io.rancher.container.pull_image: always + io.rancher.container.start_once: 'true' + + gitlab-runner: + image: gitlab/gitlab-runner:alpine-v9.4.1 + stdin_open: true + volumes: + - /var/run/docker.sock:/var/run/docker.sock + tty: true + volumes_from: + - gitlab-runner-config + command: + - run + labels: + io.rancher.sidekicks: gitlab-runner-config + io.rancher.container.pull_image: always + io.rancher.scheduler.global: 'true' diff --git a/templates/gitlab-multi-runner/1/rancher-compose.yml b/templates/gitlab-multi-runner/1/rancher-compose.yml new file mode 100644 index 0000000..e2c9479 --- /dev/null +++ b/templates/gitlab-multi-runner/1/rancher-compose.yml @@ -0,0 +1,37 @@ +version: '2' + +catalog: + name: "gitlab-multi-runner" + version: "9.4.1" + description: "a Gitlab pipelines multi-runner, that will spawn privates runners in your infra." + minimum_rancher_version: v1.5.0 + # maximum_rancher_version: + # upgrade_from: # The previous versions that this template can be upgraded from + questions: + - variable: "GITLAB_URL" + label: "Gitlab Url" + description: "Url to your Gitlab CI endpoint" + type: "string" + default: "https://gitlab.com/ci" + required: true + + - variable: "GITLAB_TOKEN" + label: "Gitlab Token" + description: "Token provided in you project settings" + type: "string" + default: "xxxxxxxxxxxxxxxxxxxx" + required: true + + - variable: "GITLAB_TAGS" + label: "Gitlab Tags" + description: "Tags to apply" + type: "string" + default: "dev" + required: false + +services: + gitlab-runner-config: + scale: 1 + start_on_create: true + gitlab-runner: + start_on_create: true diff --git a/templates/gitlab/0/docker-compose.yml b/templates/gitlab/0/docker-compose.yml index d1d4bb9..9422535 100644 --- a/templates/gitlab/0/docker-compose.yml +++ b/templates/gitlab/0/docker-compose.yml @@ -15,7 +15,7 @@ services: - ${https_port}:443/tcp labels: io.rancher.container.hostname_override: container_name - image: gitlab/gitlab-ce:9.4.2-ce.0 + image: gitlab/gitlab-ce:9.3.3-ce.0 volumes: - gitlab-app-data:/var/opt/gitlab - gitlab-log-data:/var/log/gitlab diff --git a/templates/gitlab/0/rancher-compose.yml b/templates/gitlab/0/rancher-compose.yml index 083028c..b382043 100644 --- a/templates/gitlab/0/rancher-compose.yml +++ b/templates/gitlab/0/rancher-compose.yml @@ -1,6 +1,6 @@ .catalog: name: Gitlab Community - version: 9.4.2-ce.0 + version: 9.3.3-ce.0 description: | Gitlab CE is a free GitHub alternative minimum_rancher_version: v0.56.0 diff --git a/templates/gitlab/1/README.md b/templates/gitlab/1/README.md new file mode 100644 index 0000000..ca11a7c --- /dev/null +++ b/templates/gitlab/1/README.md @@ -0,0 +1,9 @@ +# GitLab CE + +GitLab CE is a free alternative to GitHub + +Stack based on official GitLab version: latest + +https://hub.docker.com/r/gitlab/gitlab-ce/ + + diff --git a/templates/gitlab/1/docker-compose.yml b/templates/gitlab/1/docker-compose.yml new file mode 100644 index 0000000..d1d4bb9 --- /dev/null +++ b/templates/gitlab/1/docker-compose.yml @@ -0,0 +1,26 @@ +version: '2' +volumes: + gitlab-app-data: + driver: ${volumedriver} + gitlab-log-data: + driver: ${volumedriver} + gitlab-conf-files: + driver: ${volumedriver} + +services: + gitlab-server: + ports: + - ${ssh_port}:22/tcp + - ${http_port}:80/tcp + - ${https_port}:443/tcp + labels: + io.rancher.container.hostname_override: container_name + image: gitlab/gitlab-ce:9.4.2-ce.0 + volumes: + - gitlab-app-data:/var/opt/gitlab + - gitlab-log-data:/var/log/gitlab + - gitlab-conf-files:/etc/gitlab + environment: + GITLAB_OMNIBUS_CONFIG: | + external_url '${gitlab_omnipus_prefix}${gitlab_hostname}' + registry_external_url '${gitlab_omnipus_prefix}${registry_gitlab_hostname}' diff --git a/templates/gitlab/1/rancher-compose.yml b/templates/gitlab/1/rancher-compose.yml new file mode 100644 index 0000000..083028c --- /dev/null +++ b/templates/gitlab/1/rancher-compose.yml @@ -0,0 +1,69 @@ +.catalog: + name: Gitlab Community + version: 9.4.2-ce.0 + description: | + Gitlab CE is a free GitHub alternative + minimum_rancher_version: v0.56.0 + maintainer: "Alexis Ducastel " + uuid: gitlab-0 + questions: + - variable: "gitlab_hostname" + description: "Gitlab hostname (without uri scheme http:// or https://)" + label: "Hostname:" + required: true + default: "git.example.com" + type: "string" + - variable: "registry_gitlab_hostname" + description: "Registry Gitlab hostname (without uri scheme http:// or https://)" + label: "Registry hostname:" + required: true + default: "registry.example.com" + type: "string" + - variable: "gitlab_omnipus_prefix" + label: "Gitlab external_url prefix:" + description: | + This is needed for the docker-compose file to set the correct external_url + default: 'http://' + required: true + type: "enum" + options: + - 'http://' + - 'https://' + - variable: "http_port" + description: "HTTP port to expose on host. Will be used to bind TCP" + label: "HTTP port:" + required: true + default: 80 + type: "int" + - variable: "https_port" + description: "HTTPS port to expose on host. Will be used to bind TCP" + label: "HTTPS port:" + required: true + default: 443 + type: "int" + - variable: "ssh_port" + description: "SSH port to expose on host. Will be used to bind TCP" + label: "SSH port:" + required: true + default: 22 + type: "int" + - variable: "volumedriver" + description: "Choose the Volume Driver being used.(Option: local or rancher-nfs)" + label: "Volume Driver:" + required: true + default: local + type: "enum" + options: + - local + - rancher-nfs + +gitlab-server: + scale: 1 + retain_ip: true + health_check: + port: 80 + interval: 30000 + unhealthy_threshold: 3 + strategy: recreate + response_timeout: 2000 + healthy_threshold: 2 From 21e91402d76f0436515a899a8d2d982d5a2efd5b Mon Sep 17 00:00:00 2001 From: Bob Killen Date: Tue, 1 Aug 2017 09:38:06 -0400 Subject: [PATCH 11/17] update readme, remove sysctl settings from compose --- templates/keepalived/0/README.md | 21 +++++++++++---------- templates/keepalived/0/docker-compose.yml | 4 ---- 2 files changed, 11 insertions(+), 14 deletions(-) diff --git a/templates/keepalived/0/README.md b/templates/keepalived/0/README.md index 9bf3c91..2064345 100755 --- a/templates/keepalived/0/README.md +++ b/templates/keepalived/0/README.md @@ -4,17 +4,18 @@ This catalog recipe enables unicast VRRP based failover for one or more floating ### Form Fields +* **Host Label Name** - Host label key name used to schedule keepalived master and backup instances. +* **Master Label** - The value of the keepalived host Label to signify the master instance. +* **Backup Label** - The value of the keepalived host Label to signify the backup instance. +* **Interface Name** - The host interface that keepalived will monitor and use for VRRP traffic. +* **Virtual Router ID** - A unique number from 0 to 255 that should identify the VRRP group. +* **Master IP** - The IP on the master host that the keepalived daemon should bind to. +* **Backup IP** - The IP on the backup host that the keepalived daemon should bind to. +* **Virtual IP** - Virtual IP to be created. Must be in ip notation: `/ dev ` -| Variable | Default | Description | -|:---------------------:|:-----------:|:--------------------------------------------------------------------------------------:| -| **Host Label Name** | `vrrp_role` | Host label key name used to schedule keepalived master and backup instances. | -| **Master Label** | `master` | The value of the keepalived host Label to signify the master instance. | -| **Backup Label** | `backup` | The value of the keepalived host Label to signify the backup instance. | -| **Interface Name** | `eth0` | The host interface that keepalived will monitor and use for VRRP traffic. | -| **Virtual Router ID** | `2` | A unique number from 0 to 255 that should identify the VRRP group. | -| **Master IP** | | The IP on the master host that the keepalived daemon should bind to. | -| **Backup IP** | | The IP on the backup host that the keepalived daemon should bind to. | -| **Virtual IP** | | Virtual IP to be created. Must be in ip notation: `/ dev ` | +### Requirements + +The host must have the sysctl setting `net.ipv4.ip_nonlocal_bind=1` configured. ### Usage diff --git a/templates/keepalived/0/docker-compose.yml b/templates/keepalived/0/docker-compose.yml index b7c44f5..0ed4174 100755 --- a/templates/keepalived/0/docker-compose.yml +++ b/templates/keepalived/0/docker-compose.yml @@ -17,8 +17,6 @@ services: KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" labels: io.rancher.scheduler.affinity:host_label: ${host_label}=${master_label} - sysctls: - - net.ipv4.ip_nonlocal_bind=1 keepalived-backup: restart: always @@ -37,5 +35,3 @@ services: KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" labels: io.rancher.scheduler.affinity:host_label: ${host_label}=${backup_label} - sysctls: - - net.ipv4.ip_nonlocal_bind=1 From 3ffc3d762edf4200a1664e6f3ed1fd40be0fea43 Mon Sep 17 00:00:00 2001 From: Josh Cox Date: Tue, 1 Aug 2017 12:45:40 -0500 Subject: [PATCH 12/17] host_label --- templates/rabbitmq-examples/0/rancher-compose.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/templates/rabbitmq-examples/0/rancher-compose.yml b/templates/rabbitmq-examples/0/rancher-compose.yml index 1ad07d9..ddf309a 100644 --- a/templates/rabbitmq-examples/0/rancher-compose.yml +++ b/templates/rabbitmq-examples/0/rancher-compose.yml @@ -11,6 +11,12 @@ catalog: default: "" required: false type: "service" + - variable: "host_label" + description: "Host label where to run this service." + label: "Host label:" + required: false + default: "" + type: "string" services: receive: scale: 1 From 69539807d524e7b2fd1b14dcf2890b91f0c93414 Mon Sep 17 00:00:00 2001 From: Tayyeb Date: Wed, 2 Aug 2017 01:43:48 +0430 Subject: [PATCH 13/17] review fixes --- .../1/{docker-compose.yml => docker-compose.yml.tpl} | 5 +++-- templates/gitlab-multi-runner/1/rancher-compose.yml | 10 +++++++++- 2 files changed, 12 insertions(+), 3 deletions(-) rename templates/gitlab-multi-runner/1/{docker-compose.yml => docker-compose.yml.tpl} (89%) diff --git a/templates/gitlab-multi-runner/1/docker-compose.yml b/templates/gitlab-multi-runner/1/docker-compose.yml.tpl similarity index 89% rename from templates/gitlab-multi-runner/1/docker-compose.yml rename to templates/gitlab-multi-runner/1/docker-compose.yml.tpl index f0cabfc..a765ee8 100644 --- a/templates/gitlab-multi-runner/1/docker-compose.yml +++ b/templates/gitlab-multi-runner/1/docker-compose.yml.tpl @@ -27,7 +27,6 @@ services: - /var/run/docker.sock:/var/run/docker.sock - --docker-privileged labels: - io.rancher.container.pull_image: always io.rancher.container.start_once: 'true' gitlab-runner: @@ -42,5 +41,7 @@ services: - run labels: io.rancher.sidekicks: gitlab-runner-config - io.rancher.container.pull_image: always io.rancher.scheduler.global: 'true' + {{- if ne .Values.host_label ""}} + io.rancher.scheduler.affinity:host_label: ${host_label} + {{- end}} diff --git a/templates/gitlab-multi-runner/1/rancher-compose.yml b/templates/gitlab-multi-runner/1/rancher-compose.yml index e2c9479..4c737e4 100644 --- a/templates/gitlab-multi-runner/1/rancher-compose.yml +++ b/templates/gitlab-multi-runner/1/rancher-compose.yml @@ -29,9 +29,17 @@ catalog: default: "dev" required: false + - variable: "host_label" + label: "Host with Label to deploy gitlab-runner on" + description: | + Host label to use as gitlab-runner 'value' tag. + Example: 'gitlab-runner=true' + type: "string" + default: "" + required: false + services: gitlab-runner-config: - scale: 1 start_on_create: true gitlab-runner: start_on_create: true From 56199081f88ad59b02a2a4bd3748d3be510bd22c Mon Sep 17 00:00:00 2001 From: "Anner J. Bonilla" Date: Wed, 2 Aug 2017 09:38:27 -0400 Subject: [PATCH 14/17] Update letsencrypt to 0.5.0 --- templates/letsencrypt/4/README.md | 101 ++++++++ .../letsencrypt/4/docker-compose.yml.tpl | 53 ++++ templates/letsencrypt/4/rancher-compose.yml | 226 ++++++++++++++++++ templates/letsencrypt/config.yml | 2 +- 4 files changed, 381 insertions(+), 1 deletion(-) create mode 100644 templates/letsencrypt/4/README.md create mode 100644 templates/letsencrypt/4/docker-compose.yml.tpl create mode 100644 templates/letsencrypt/4/rancher-compose.yml diff --git a/templates/letsencrypt/4/README.md b/templates/letsencrypt/4/README.md new file mode 100644 index 0000000..0ce3020 --- /dev/null +++ b/templates/letsencrypt/4/README.md @@ -0,0 +1,101 @@ +# Let's Encrypt Certificate Manager + +### About +The Let's Encrypt Certificate Manager obtains a free (SAN) SSL Certificate from the [Let's Encrypt CA](https://letsencrypt.org/) and adds it to Rancher's certificate store. Once the certificate is created it is scheduled for automatic renewal 20-days before expiration. Rancher load balancer services are automatically updated to use the renewed certificate. + +### Changelog v0.5.0 + +- Added support for Aurora DNS, Azure DNS and NS1 +- Added support for stopping container after creating/renewing certificate +- Added configuration option to specify DNS resolvers to use (fixes an issue with private zones on AWS) +- Added configuration option to specify renewal grace period +- Added support for Rancher servers using self-signed certs +- Logs now contain ACME library messages + +### Usage + 1. Accept the terms of service. + 2. Select the API version to use. The Sandbox API should be used for testing purposes. + 3. Fill in your email address. + 4. Enter the name used for storing the certificate in Rancher and volumes. Any existing certificate by that name will be updated. + 5. Enter one or more domain names. The first domain will be used as the Common Name property of the certificate. + 6. Fill in the required credentials for the chosen provider. Note provider specific usage notes below. + +If you want the certificate to be automatically renewed, leave the service running. Otherwise you may remove the service once the certificate has appeared in Rancher's certificate store. + +### Store data in a persistent volume + +If you specify a name under "Volume Name" then account data, certificate and private key are stored in a (host scoped) Docker volume with the specified name. +To store the data in a stack scoped volume that can be shared with services running on other hosts, you should provide the name of an already active persistent storage service under "Persistent Storage Driver". See the [Storage Service documentation](https://docs.rancher.com/rancher/v1.3/en/rancher-services/storage-service/). + +#### Example + +1. Configure the service with a volume named "letsencrypt". +2. Mount the volume to `/etc/letsencrypt` in another service. + +This service can then access the certificate and key in the following locations: + +- `/etc/letsencrypt/production/certs//fullchain.pem` +- `/etc/letsencrypt/production/certs//privkey.pem` + +where `` is the name of the certificate sanitized to consist of only the following characters: `[a-zA-Z0-9-_.]`. + +### Provider specific usage + +#### AWS Route 53 + +Note: If you have both a private and public zone for the domain, make sure you configure the service to use public DNS resolvers (the default ones are fine). + +The following IAM policy describes the minimum permissions required when using AWS Route 53 for domain authorization. +Replace `` with the ID of the hosted zone that encloses the domain(s) for which you are going to obtain certificates. You may use a wildcard (*) in place of the ID to make this policy work with all of the hosted zones associated with an AWS account. + +```json +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "route53:GetChange", + "route53:ListHostedZonesByName" + ], + "Resource": [ + "*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "route53:ChangeResourceRecordSets" + ], + "Resource": [ + "arn:aws:route53:::hostedzone/" + ] + } + ] +} +``` + +#### OVH + +First create your credentials on https://eu.api.ovh.com/createToken/ by filling out the form like this: + +- `Account ID`: Your OVH account ID +- `Password`: Your password +- `Script name`: letsencrypt +- `Script description`: Letsencrypt for Rancher +- `Validity`: Unlimited +- `Rights`: + - GET /domain/zone/* + - POST /domain/zone/* + - DELETE /domain/zone/* + +Then deploy this service using the generated key, application secret and consumer key. + +#### HTTP + +If you prefer not to use a DNS-based challenge or your provider is not supported, you can use the HTTP challenge. +Simply choose `HTTP` from the list of providers. +Then make sure that HTTP requests to `domain.com/.well-known/acme-challenge` are forwarded to port 80 of the `rancher-letsencrypt` service, e.g. by configuring a Rancher load balancer accordingly. Make sure the reverse proxy passes the original `host` header to the backend. + +### Suggestions & bug reports +Please submit suggestions or any issues you find to the [rancher-letsencrypt](https://github.com/janeczku/rancher-letsencrypt) GitHub repo. \ No newline at end of file diff --git a/templates/letsencrypt/4/docker-compose.yml.tpl b/templates/letsencrypt/4/docker-compose.yml.tpl new file mode 100644 index 0000000..fc9abb0 --- /dev/null +++ b/templates/letsencrypt/4/docker-compose.yml.tpl @@ -0,0 +1,53 @@ +version: '2' +services: + letsencrypt: + image: janeczku/rancher-letsencrypt:v0.5.0 + environment: + EULA: ${EULA} + API_VERSION: ${API_VERSION} + CERT_NAME: ${CERT_NAME} + EMAIL: ${EMAIL} + DOMAINS: ${DOMAINS} + PUBLIC_KEY_TYPE: ${PUBLIC_KEY_TYPE} + RENEWAL_TIME: ${RENEWAL_TIME} + PROVIDER: ${PROVIDER} + CLOUDFLARE_EMAIL: ${CLOUDFLARE_EMAIL} + CLOUDFLARE_KEY: ${CLOUDFLARE_KEY} + DO_ACCESS_TOKEN: ${DO_ACCESS_TOKEN} + AWS_ACCESS_KEY: ${AWS_ACCESS_KEY} + AWS_SECRET_KEY: ${AWS_SECRET_KEY} + DNSIMPLE_EMAIL: ${DNSIMPLE_EMAIL} + DNSIMPLE_KEY: ${DNSIMPLE_KEY} + DYN_CUSTOMER_NAME: ${DYN_CUSTOMER_NAME} + DYN_USER_NAME: ${DYN_USER_NAME} + DYN_PASSWORD: ${DYN_PASSWORD} + VULTR_API_KEY: ${VULTR_API_KEY} + OVH_APPLICATION_KEY: ${OVH_APPLICATION_KEY} + OVH_APPLICATION_SECRET: ${OVH_APPLICATION_SECRET} + OVH_CONSUMER_KEY: ${OVH_CONSUMER_KEY} + GANDI_API_KEY: ${GANDI_API_KEY} + AZURE_CLIENT_ID: ${AZURE_CLIENT_ID} + AZURE_CLIENT_SECRET: ${AZURE_CLIENT_SECRET} + AZURE_SUBSCRIPTION_ID: ${AZURE_SUBSCRIPTION_ID} + AZURE_TENANT_ID: ${AZURE_TENANT_ID} + AZURE_RESOURCE_GROUP: ${AZURE_RESOURCE_GROUP} + volumes: + - /var/lib/rancher:/var/lib/rancher + - lets-encrypt:/etc/letsencrypt + labels: + io.rancher.container.create_agent: 'true' + io.rancher.container.agent.role: 'environment' + {{- if eq .Values.RUN_ONCE "true" }} + io.rancher.container.start_once: "true" + {{- end }} +{{- if .Values.VOLUME_NAME}} +volumes: + {{.Values.VOLUME_NAME}}: + {{- if .Values.STORAGE_DRIVER}} + driver: {{.Values.STORAGE_DRIVER}} + {{- if .Values.STORAGE_DRIVER_OPT}} + driver_opts: + {{.Values.STORAGE_DRIVER_OPT}} + {{- end }} + {{- end }} +{{- end }} diff --git a/templates/letsencrypt/4/rancher-compose.yml b/templates/letsencrypt/4/rancher-compose.yml new file mode 100644 index 0000000..3a14a35 --- /dev/null +++ b/templates/letsencrypt/4/rancher-compose.yml @@ -0,0 +1,226 @@ +.catalog: + name: Let's Encrypt + version: 0.5.0 + description: Trusted SSL certificates at zero cost + minimum_rancher_version: v1.5.0 + questions: + - variable: EULA + label: I Agree to the Let's Encrypt TOS + description: | + Read https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf + required: true + type: enum + options: + - "Yes" + - "No" + - variable: API_VERSION + label: Let's Encrypt API Version + description: | + Select the Let's Encrypt API endpoint used for issuing the certificate. + Use `Sandbox` for testing your configuration. + required: true + type: enum + default: Production + options: + - Production + - Sandbox + - variable: EMAIL + label: Your Email Address + description: | + Enter the email address to use for creating the Let's Encrypt account. + required: true + type: string + - variable: CERT_NAME + label: Certificate Name + description: | + Name for storing the certificate in the Rancher API and in volumes. + Any existing certificate by that name will be updated. + required: true + type: string + - variable: DOMAINS + label: Domain Names + description: | + Comma delimited list of the certificate domains starting with the Common Name. + E.g: `example.com, dev.example.com`. + required: true + type: string + - variable: PUBLIC_KEY_TYPE + label: Public Key Algorithm + description: | + Select one of the available key types. + required: true + type: enum + default: RSA-2048 + options: + - RSA-2048 + - RSA-4096 + - RSA-8192 + - ECDSA-256 + - ECDSA-384 + - variable: RENEWAL_TIME + label: Renewal Time of Day (00-23) + description: | + Set the time of day (UTC in hours) at which certificate renewals should be run. + default: 12 + required: true + type: int + - variable: RENEWAL_PERIOD_DAYS + label: Renewal Grace Period + description: | + Number of days before expiration the certificate should be renewed / become eligible for renewal. + default: 20 + required: true + type: int + - variable: RUN_ONCE + label: Run Once + description: | + Stop the service after creating or renewing the certificate instead of continously running and managing renewal. + required: true + type: boolean + default: false + - variable: DNS_RESOLVERS + label: DNS Resolvers + description: | + Comma delimited list of DNS resolvers used to check propagation of ACME TXT record. + If empty the DNS resolvers configured in your hosts /etc/resolv.conf are used. + required: false + default: "8.8.8.8:53,8.8.4.4:53" + type: string + - variable: VOLUME_NAME + label: Volume Name (Optional) + description: | + To store the account data, certificates and private keys in a volume, enter the volume name that should be used. + By default this will be a (host scoped) named Docker volume. See "Persistent Storage Driver" for other options. + required: false + type: string + - variable: STORAGE_DRIVER + label: Volume Storage Driver (Optional) + description: | + To use a stack scoped volume backed by a persistent storage service, enter the name + of an existing storage driver (see `Infrastructure -> Storage`). This also requires "Volume Name" to be set. + required: false + type: string + - variable: STORAGE_DRIVER_OPT + label: Storage Driver Option (Optional) + description: | + Specify a single "driver_opts" key/value pair in the format "optionName: optionValue". + E.g. for the `rancher-ebs` driver you should specify the required 'size' option like this: "size: 1". + required: false + type: string + - variable: PROVIDER + label: Domain Validation Method + description: Select a DNS provider to use for domain validation. Use 'HTTP' if your domain is hosted elsewhere. + required: true + type: enum + options: + - CloudFlare + - DigitalOcean + - DNSimple + - Dyn + - Gandi + - Ovh + - Route53 + - Vultr + - HTTP + - Azure + - NS1 + - variable: AWS_ACCESS_KEY + label: AWS Route53 Access Key Id + description: Enter the Access Key Id for your AWS account. + type: string + required: false + - variable: AWS_SECRET_KEY + label: AWS Route53 Secret Access Key + description: Enter the Secret Access Key for your AWS account. + type: password + required: false + - variable: AZURE_CLIENT_ID + label: Azure Client ID + description: Enter the Client Id for your Azure account. + type: string + required: false + - variable: AZURE_CLIENT_SECRET + label: Azure Client Secret + description: Enter the Access Key Id for your Azure account. + type: password + required: false + - variable: AZURE_SUBSCRIPTION_ID + label: Azure Subscription Id + description: Enter the Azure Subscription Id for your Azure account. + type: string + required: false + - variable: AZURE_TENANT_ID + label: Azure Tenant Id + description: Enter the Azure Tenant Id for your Azure account. + type: string + required: false + - variable: AZURE_RESOURCE_GROUP + label: Azure Resource Group + description: Enter the Azure Resource Group for your Azure account. + type: string + required: false + - variable: CLOUDFLARE_EMAIL + label: CloudFlare Email Address + description: Enter the email address associated with your CloudFlare account. + type: string + required: false + - variable: CLOUDFLARE_KEY + label: CloudFlare API Key + description: Enter the Global API Key for your CloudFlare account. + type: password + required: false + - variable: DO_ACCESS_TOKEN + label: DigitalOcean API Access Token + description: Enter the Personal Access Token for your DigitalOcean account. + type: password + required: false + - variable: DNSIMPLE_EMAIL + label: DNSimple Email Address + description: Enter the email address associated with your DNSimple account. + type: string + required: false + - variable: DNSIMPLE_KEY + label: DNSimple API Key + description: Enter your DNSimple API key. + type: password + required: false + - variable: DYN_CUSTOMER_NAME + label: Dyn Customer Name + description: Enter your Dyn customer name. + type: string + required: false + - variable: DYN_USER_NAME + label: Dyn User Name + description: Enter your Dyn user name. + type: string + required: false + - variable: DYN_PASSWORD + label: Dyn Password + description: Enter your Dyn password. + type: password + required: false + - variable: GANDI_API_KEY + label: Gandi API Key + description: Enter the API key for your Gandi account. + type: password + required: false + - variable: OVH_APPLICATION_KEY + label: OVH Application Key + description: Enter your OVH application key. + type: string + required: false + - variable: OVH_APPLICATION_SECRET + label: OVH Application Secret + description: Enter your OVH application secret. + type: password + required: false + - variable: OVH_CONSUMER_KEY + label: OVH Consumer Key + description: Enter your OVH consumer key. + type: password + required: false + - variable: VULTR_API_KEY + label: Vultr API Key + description: Enter the API key for your Vultr account. + type: password + required: false diff --git a/templates/letsencrypt/config.yml b/templates/letsencrypt/config.yml index a763cd4..c0c3f9a 100644 --- a/templates/letsencrypt/config.yml +++ b/templates/letsencrypt/config.yml @@ -1,7 +1,7 @@ name: Let's Encrypt description: | Trusted SSL certificates at zero cost -version: 0.4.0 +version: 0.5.0 category: Security maintainer: Jan Bruder license: The MIT License From 318795c0f83113e9a4bc92856feea277ae390903 Mon Sep 17 00:00:00 2001 From: Josh Cox Date: Wed, 2 Aug 2017 13:24:25 -0500 Subject: [PATCH 15/17] Rawmind0 fixes --- .../0/docker-compose.yml.tpl | 115 ++++++++++++++---- .../rabbitmq-examples/0/rancher-compose.yml | 18 +-- 2 files changed, 94 insertions(+), 39 deletions(-) diff --git a/templates/rabbitmq-examples/0/docker-compose.yml.tpl b/templates/rabbitmq-examples/0/docker-compose.yml.tpl index d79e46e..d177fd3 100644 --- a/templates/rabbitmq-examples/0/docker-compose.yml.tpl +++ b/templates/rabbitmq-examples/0/docker-compose.yml.tpl @@ -5,20 +5,27 @@ services: hostname: rabbit image: rabbitmq:3 {{- end}} + receive: command: receive {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: send {{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} - environment: - - AMQ_HOST=rabbit send: image: joshuacox/rabbitmq-tutorials labels: @@ -27,27 +34,38 @@ services: io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} io.rancher.container.start_once: true - environment: - - AMQ_HOST=rabbit command: send {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} worker: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: newtask {{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} - environment: - - AMQ_HOST=rabbit command: worker {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} newtask: image: joshuacox/rabbitmq-tutorials @@ -57,27 +75,38 @@ services: io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} io.rancher.container.start_once: true - environment: - - AMQ_HOST=rabbit command: new_task {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} rpcserver: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: rpcclient {{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} - environment: - - AMQ_HOST=rabbit command: rpc_server {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} rpcclient: image: joshuacox/rabbitmq-tutorials @@ -87,27 +116,38 @@ services: io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} io.rancher.container.start_once: true - environment: - - AMQ_HOST=rabbit command: rpc_client 4 {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} receivelogs: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: emitlog {{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} - environment: - - AMQ_HOST=rabbit command: receive_logs {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} emitlog: image: joshuacox/rabbitmq-tutorials @@ -117,27 +157,38 @@ services: io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} io.rancher.container.start_once: true - environment: - - AMQ_HOST=rabbit command: emit_log {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} receivelogsdirect: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: emitlogdirect {{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} - environment: - - AMQ_HOST=rabbit command: receive_logs_direct info {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} emitlogdirect: image: joshuacox/rabbitmq-tutorials @@ -147,27 +198,38 @@ services: io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} io.rancher.container.start_once: true - environment: - - AMQ_HOST=rabbit command: emit_log_direct {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} receivelogstopic: image: joshuacox/rabbitmq-tutorials labels: io.rancher.container.hostname_override: container_name + io.rancher.sidekicks: emitlogtopic {{- if ne .Values.host_label ""}} io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} - environment: - - AMQ_HOST=rabbit command: receive_logs_topic anonymous.info {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} emitlogtopic: image: joshuacox/rabbitmq-tutorials @@ -177,10 +239,15 @@ services: io.rancher.scheduler.affinity:host_label: ${host_label} {{- end}} io.rancher.container.start_once: true - environment: - - AMQ_HOST=rabbit command: emit_log_topic {{- if ne .Values.rabbitmq_link ""}} external_links: - ${rabbitmq_link}:rabbit + environment: + - AMQ_HOST=rabbit.rancher.internal +{{- else}} + links: + - rabbit + environment: + - AMQ_HOST=rabbit {{- end}} diff --git a/templates/rabbitmq-examples/0/rancher-compose.yml b/templates/rabbitmq-examples/0/rancher-compose.yml index ddf309a..8d73300 100644 --- a/templates/rabbitmq-examples/0/rancher-compose.yml +++ b/templates/rabbitmq-examples/0/rancher-compose.yml @@ -20,25 +20,13 @@ catalog: services: receive: scale: 1 - send: - scale: 1 - worker: - scale: 1 - newtask: - scale: 1 - rpcserver: - scale: 1 - rpcclient: - scale: 1 receivelogs: scale: 1 - emitlog: - scale: 1 receivelogsdirect: scale: 1 - emitlogdirect: - scale: 1 receivelogstopic: scale: 1 - emitlogtopic: + rpcserver: + scale: 1 + worker: scale: 1 From fc3a285aa719ea834c0d6e64e133a4ae529f6828 Mon Sep 17 00:00:00 2001 From: annerajb Date: Wed, 2 Aug 2017 17:00:41 -0400 Subject: [PATCH 16/17] Update docker-compose.yml.tpl --- templates/letsencrypt/4/docker-compose.yml.tpl | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/templates/letsencrypt/4/docker-compose.yml.tpl b/templates/letsencrypt/4/docker-compose.yml.tpl index fc9abb0..31a75ab 100644 --- a/templates/letsencrypt/4/docker-compose.yml.tpl +++ b/templates/letsencrypt/4/docker-compose.yml.tpl @@ -33,7 +33,9 @@ services: AZURE_RESOURCE_GROUP: ${AZURE_RESOURCE_GROUP} volumes: - /var/lib/rancher:/var/lib/rancher - - lets-encrypt:/etc/letsencrypt + {{- if .Values.VOLUME_NAME}} + - {{.Values.VOLUME_NAME}}:/etc/letsencrypt + {{- end }} labels: io.rancher.container.create_agent: 'true' io.rancher.container.agent.role: 'environment' From b7c07f27b8756e0c3ab8cc652bc31ef625f97118 Mon Sep 17 00:00:00 2001 From: Bob Killen Date: Thu, 3 Aug 2017 08:50:15 -0400 Subject: [PATCH 17/17] add update sysctl setting --- templates/keepalived/0/README.md | 1 + ...ker-compose.yml => docker-compose.yml.tpl} | 19 +++++++++++++++++++ templates/keepalived/0/rancher-compose.yml | 11 +++++++++++ 3 files changed, 31 insertions(+) rename templates/keepalived/0/{docker-compose.yml => docker-compose.yml.tpl} (70%) diff --git a/templates/keepalived/0/README.md b/templates/keepalived/0/README.md index 2064345..0c5e43b 100755 --- a/templates/keepalived/0/README.md +++ b/templates/keepalived/0/README.md @@ -4,6 +4,7 @@ This catalog recipe enables unicast VRRP based failover for one or more floating ### Form Fields +* **Update Host Sysctl** - If `true` automatically sets the needed sysctl setting on the host. * **Host Label Name** - Host label key name used to schedule keepalived master and backup instances. * **Master Label** - The value of the keepalived host Label to signify the master instance. * **Backup Label** - The value of the keepalived host Label to signify the backup instance. diff --git a/templates/keepalived/0/docker-compose.yml b/templates/keepalived/0/docker-compose.yml.tpl similarity index 70% rename from templates/keepalived/0/docker-compose.yml rename to templates/keepalived/0/docker-compose.yml.tpl index 0ed4174..0d6cec3 100755 --- a/templates/keepalived/0/docker-compose.yml +++ b/templates/keepalived/0/docker-compose.yml.tpl @@ -17,6 +17,9 @@ services: KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" labels: io.rancher.scheduler.affinity:host_label: ${host_label}=${master_label} + {{- if eq .Values.update_sysctl "true" }} + io.rancher.sidekicks: keepalived-sysctl + {{- end}} keepalived-backup: restart: always @@ -35,3 +38,19 @@ services: KEEPALIVED_VIRTUAL_IPADDRESS_1: "\"${virtual_ip}\"" labels: io.rancher.scheduler.affinity:host_label: ${host_label}=${backup_label} + {{- if eq .Values.update_sysctl "true" }} + io.rancher.sidekicks: keepalived-sysctl + {{- end}} + +{{- if eq .Values.update_sysctl "true" }} + keepalived-sysctl: + image: rawmind/alpine-sysctl:0.1-1 + network_mode: none + privileged: true + environment: + SYSCTL_KEY: net.ipv4.ip_nonlocal_bind + SYSCTL_VALUE: 1 + labels: + io.rancher.container.start_once: true +{{- end}} + diff --git a/templates/keepalived/0/rancher-compose.yml b/templates/keepalived/0/rancher-compose.yml index 47f53d6..00df4a4 100755 --- a/templates/keepalived/0/rancher-compose.yml +++ b/templates/keepalived/0/rancher-compose.yml @@ -5,6 +5,17 @@ minimum_rancher_version: v0.46.0 uuid: keepalived-1 questions: + - variable: "update_sysctl" + description: | + Set true to update sysctl. + WARN: If set to true, sysctl key net.ipv4.ip_nonlocal_bind will be set to 1. + label: "Update Host Sysctl:" + type: "enum" + default: "false" + options: + - "true" + - "false" + required: true - variable: "host_label" description: "Host label key name used to schedule keepalived master and backup instances." label: "Host Label Name:"