Exemple #1
0
// createDockerCmd creates a docker command suitable for the given network type.
func (e *dockerEngine) createDockerCmd(env map[string]string, networkType jobs.NetworkType) (cmdline.Cmdline, error) {
	c := cmdline.Cmdline{}
	switch networkType {
	case "", jobs.NetworkTypeDefault, jobs.NetworkTypeHost:
		return *c.Add(nil, e.dockerPath), nil
	case jobs.NetworkTypeWeave:
		return *c.Add(nil, e.dockerPath).Add(env, fmt.Sprintf("-H=%s", e.weavePluginSocket)), nil
	default:
		return cmdline.Cmdline{}, maskAny(fmt.Errorf("Unknown network type '%s", networkType))
	}
}
Exemple #2
0
// addDockerNetworkArgs adds docker network arguments for the given task.
func (e *dockerEngine) addDockerNetworkArgs(c *cmdline.Cmdline, env map[string]string, t *jobs.Task) error {
	switch t.Network {
	case "", jobs.NetworkTypeDefault:
		return nil
	case jobs.NetworkTypeHost:
		c.Add(env, "--net=host")
		return nil
	case jobs.NetworkTypeWeave:
		if !t.Type.IsProxy() {
			c.Add(env, fmt.Sprintf("--hostname=%s", t.WeaveDomainName()))
		} else {
			c.Add(env, fmt.Sprintf("--hostname=%s", t.PrivateDomainName()))
		}
		return nil
	default:
		return maskAny(fmt.Errorf("Unknown network type '%s", t.Network))
	}
}
Exemple #3
0
func (e *dockerEngine) cleanupCmd() cmdline.Cmdline {
	cmd := cmdline.Cmdline{AllowFailure: true}
	cmd.Add(nil, e.cleanupScriptPath)
	return cmd
}
Exemple #4
0
func (e *dockerEngine) removeCmd(containerName string) cmdline.Cmdline {
	cmd := cmdline.Cmdline{AllowFailure: true}
	cmd.Add(nil, e.dockerPath, "rm", "-f", containerName)
	return cmd
}
Exemple #5
0
func (e *dockerEngine) stopCmd(containerName string) cmdline.Cmdline {
	cmd := cmdline.Cmdline{AllowFailure: true}
	cmd.Add(nil, e.dockerPath, "stop", fmt.Sprintf("-t %v", e.containerTimeoutStopSec), containerName)
	return cmd
}
Exemple #6
0
// createVolumeDockerCmdLine creates the `ExecStart` line for
// the volume unit.
func (e *dockerEngine) createVolumeDockerCmdLine(t *jobs.Task, containerName, containerImage string, vol jobs.Volume, volPrefix, volHostPath string, env map[string]string, scalingGroup uint) (cmdline.Cmdline, error) {
	var cmd cmdline.Cmdline
	cmd.Add(nil, e.dockerPath, "run", "--rm", fmt.Sprintf("--name %s", containerName), "--net=host", "--privileged")

	cmd.Add(env, fmt.Sprintf("-v %s:%s:shared", volHostPath, vol.Path))
	cmd.Add(env, "-v /usr/bin/etcdctl:/usr/bin/etcdctl")
	if e.options.EnvFile != "" {
		cmd.Add(env, fmt.Sprintf("--env-file=%s", e.options.EnvFile))
	}
	cmd.Add(env, "-e SERVICE_IGNORE=true") // Support registrator
	cmd.Add(env, "-e PREFIX="+volPrefix)
	cmd.Add(env, "-e TARGET="+vol.Path)
	cmd.Add(env, "-e WAIT=1")
	if v, err := vol.MountOption("uid"); err == nil {
		cmd.Add(env, "-e UID="+v)
	}
	if v, err := vol.MountOption("gid"); err == nil {
		cmd.Add(env, "-e GID="+v)
	}
	for _, arg := range t.LogDriver.CreateDockerLogArgs(e.options) {
		cmd.Add(env, arg)
	}

	cmd.Add(nil, containerImage)

	return cmd, nil
}
Exemple #7
0
// createSecretsUnit creates a unit used to extract secrets from vault
func (e *dockerEngine) createSecretsExecStartPre(t *jobs.Task, containerImage string, env map[string]string, scalingGroup uint) ([]cmdline.Cmdline, error) {
	if len(t.Secrets) == 0 {
		// No secrets to extract
		return nil, nil
	}
	// Create all secret extraction commands
	jobID := t.JobID()
	if jobID == "" {
		return nil, maskAny(fmt.Errorf("job ID missing for job %s with secrets", t.JobName()))
	}

	// Prepare volume paths
	secretsRoot := secretsRootPath(t, scalingGroup)
	secretsRootVol := fmt.Sprintf("%s:%s", secretsRoot, secretsRoot)
	vaultCrtVol := "/etc/pulcy/vault.crt:/etc/pulcy/vault.crt:ro"
	clusterIdVol := "/etc/pulcy/cluster-id:/etc/pulcy/cluster-id:ro"
	machineIdVol := "/etc/machine-id:/etc/machine-id:ro"

	var cmds []cmdline.Cmdline
	cmds = append(cmds,
		*cmdline.New(nil, "/usr/bin/mkdir", "-p", secretsRoot),
		e.pullCmd(containerImage),
	)
	envPaths := []string{}
	for _, secret := range t.Secrets {
		if ok, _ := secret.TargetFile(); ok {
			targetPath, err := secretFilePath(t, scalingGroup, secret)
			if err != nil {
				return nil, maskAny(err)
			}
			var cmd cmdline.Cmdline
			cmd.Add(nil, e.dockerPath, "run", "--rm")
			//cmd.Add(env, fmt.Sprintf("--name %s-sc", t.containerName(ctx.ScalingGroup)))
			cmd.Add(env, "--net=host")
			cmd.Add(env, "-v "+secretsRootVol)
			cmd.Add(env, "-v "+vaultCrtVol)
			cmd.Add(env, "-v "+clusterIdVol)
			cmd.Add(env, "-v "+machineIdVol)
			cmd.Add(env, "--env-file /etc/pulcy/vault.env")
			/*if ctx.DockerOptions.EnvFile != "" {
				cmd.Add(env,fmt.Sprintf("--env-file=%s", ctx.DockerOptions.EnvFile))
			}*/
			for _, arg := range t.LogDriver.CreateDockerLogArgs(e.options) {
				cmd.Add(env, arg)
			}
			cmd.Add(env, containerImage)
			cmd.Add(nil, "extract", "file")
			cmd.Add(env, "--target "+targetPath)
			cmd.Add(env, "--job-id "+jobID)
			cmd.Add(env, secret.VaultPath())
			cmds = append(cmds, cmd)
		} else if ok, environmentKey := secret.TargetEnviroment(); ok {
			envPaths = append(envPaths, fmt.Sprintf("%s=%s", environmentKey, secret.VaultPath()))
		}
	}
	if len(envPaths) > 0 {
		targetPath := secretEnvironmentPath(t, scalingGroup)
		var cmd cmdline.Cmdline
		cmd.Add(nil, e.dockerPath, "run", "--rm")
		//cmd.Add(env, fmt.Sprintf("--name %s-sc", t.containerName(ctx.ScalingGroup)))
		cmd.Add(env, "--net=host")
		cmd.Add(env, "-v "+secretsRootVol)
		cmd.Add(env, "-v "+vaultCrtVol)
		cmd.Add(env, "-v "+clusterIdVol)
		cmd.Add(env, "-v "+machineIdVol)
		cmd.Add(env, "--env-file /etc/pulcy/vault.env")
		/*if ctx.DockerOptions.EnvFile != "" {
			cmd.Add(env, fmt.Sprintf("--env-file=%s", ctx.DockerOptions.EnvFile))
		}*/
		for _, arg := range t.LogDriver.CreateDockerLogArgs(e.options) {
			cmd.Add(env, arg)
		}
		cmd.Add(env, containerImage)
		cmd.Add(nil, "extract", "env")
		cmd.Add(env, "--target "+targetPath)
		cmd.Add(env, "--job-id "+jobID)
		for _, envPath := range envPaths {
			cmd.Add(env, envPath)
		}
		cmds = append(cmds, cmd)
	}

	return cmds, nil
}
Exemple #8
0
// createProxyDockerCmdLine creates the `ExecStart` line for
// the proxy unit.
func (e *dockerEngine) createProxyDockerCmdLine(t *jobs.Task, containerName, containerImage string, link jobs.Link, env map[string]string, scalingGroup uint) (cmdline.Cmdline, error) {
	var cmd cmdline.Cmdline
	cmd, err := e.createDockerCmd(env, t.Network)
	if err != nil {
		return cmd, maskAny(err)
	}
	cmd.Add(nil, "run", "--rm", fmt.Sprintf("--name %s", containerName))
	for _, p := range link.Ports {
		cmd.Add(env, fmt.Sprintf("--expose %d", p))
	}
	cmd.Add(env, "-P")
	if e.options.EnvFile != "" {
		cmd.Add(env, fmt.Sprintf("--env-file=%s", e.options.EnvFile))
	}
	cmd.Add(env, "-e SERVICE_IGNORE=true") // Support registrator
	for _, arg := range t.LogDriver.CreateDockerLogArgs(e.options) {
		cmd.Add(env, arg)
	}

	cmd.Add(nil, containerImage)
	cmd.Add(env, "--etcd-endpoint=${ETCD_ENDPOINTS}")
	cmd.Add(env, fmt.Sprintf("--etcd-path=/pulcy/service/%s", link.Target.EtcdServiceName()))

	return cmd, nil
}