func writeCaCerts(cfg *config.Config, caCertPath, caKeyPath string) error { if cfg.UserDocker.CACert == "" { if err := machineUtil.GenerateCACertificate(caCertPath, caKeyPath, NAME, BITS); err != nil { return err } caCert, err := ioutil.ReadFile(caCertPath) if err != nil { return err } caKey, err := ioutil.ReadFile(caKeyPath) if err != nil { return err } err = cfg.SetConfig(&config.Config{ UserDocker: config.DockerConfig{ CAKey: string(caKey), CACert: string(caCert), }, }) if err != nil { return err } return nil } if err := ioutil.WriteFile(caCertPath, []byte(cfg.UserDocker.CACert), 0400); err != nil { return err } return ioutil.WriteFile(caKeyPath, []byte(cfg.UserDocker.CAKey), 0400) }
func writeCerts(generateServer bool, hostname []string, cfg *config.Config, certPath, keyPath, caCertPath, caKeyPath string) error { if !generateServer { return machineUtil.GenerateCert([]string{""}, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS) } if cfg.UserDocker.ServerKey == "" || cfg.UserDocker.ServerCert == "" { err := machineUtil.GenerateCert(hostname, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS) if err != nil { return err } cert, err := ioutil.ReadFile(certPath) if err != nil { return err } key, err := ioutil.ReadFile(keyPath) if err != nil { return err } return cfg.SetConfig(&config.Config{ UserDocker: config.DockerConfig{ CAKey: cfg.UserDocker.CAKey, CACert: cfg.UserDocker.CACert, ServerCert: string(cert), ServerKey: string(key), }, }) } if err := ioutil.WriteFile(certPath, []byte(cfg.UserDocker.ServerCert), 0400); err != nil { return err } return ioutil.WriteFile(keyPath, []byte(cfg.UserDocker.ServerKey), 0400) }
func RunInit() error { var cfg config.Config os.Setenv("PATH", "/sbin:/usr/sbin:/usr/bin") os.Setenv("DOCKER_RAMDISK", "true") initFuncs := []config.InitFunc{ func(cfg *config.Config) error { return createDirs(dirs...) }, func(cfg *config.Config) error { log.Info("Setting up mounts") return createMounts(mounts...) }, func(cfg *config.Config) error { newCfg, err := config.LoadConfig() if err == nil { newCfg, err = config.LoadConfig() } if err == nil { *cfg = *newCfg } if cfg.Debug { cfgString, _ := config.Dump(false, true) if cfgString != "" { log.Debugf("Config: %s", cfgString) } } return err }, mountCgroups, func(cfg *config.Config) error { return createSymlinks(cfg, symlinks) }, createGroups, extractModules, loadModules, setResolvConf, setupSystemBridge, bootstrap, mountState, func(cfg *config.Config) error { return cfg.Reload() }, loadModules, setResolvConf, func(cfg *config.Config) error { return createDirs(postDirs...) }, func(cfg *config.Config) error { return createMounts(postMounts...) }, touchSocket, // Disable R/O root write now to support updating modules //remountRo, sysInit, } if err := config.RunInitFuncs(&cfg, initFuncs); err != nil { return err } return execDocker(&cfg) }
func RunServices(name string, cfg *config.Config, configs map[string]*project.ServiceConfig) error { network := false projectEvents := make(chan project.ProjectEvent) p := project.NewProject(name, NewContainerFactory(cfg)) p.EnvironmentLookup = &configEnvironment{cfg: cfg} p.AddListener(projectEvents) enabled := make(map[string]bool) for name, serviceConfig := range configs { if err := p.AddConfig(name, serviceConfig); err != nil { log.Infof("Failed loading service %s", name) } } p.ReloadCallback = func() error { err := cfg.Reload() if err != nil { return err } for service, serviceEnabled := range cfg.ServicesInclude { if !serviceEnabled { continue } if _, ok := enabled[service]; ok { continue } bytes, err := LoadServiceResource(service, network, cfg) if err != nil { if err == util.ErrNoNetwork { log.Debugf("Can not load %s, networking not enabled", service) } else { log.Errorf("Failed to load %s : %v", service, err) } continue } err = p.Load(bytes) if err != nil { log.Errorf("Failed to load %s : %v", service, err) continue } enabled[service] = true } for service, config := range cfg.Services { if _, ok := enabled[service]; ok { continue } err = p.AddConfig(service, config) if err != nil { log.Errorf("Failed to load %s : %v", service, err) continue } enabled[service] = true } return nil } go func() { for event := range projectEvents { if event.Event == project.CONTAINER_STARTED && event.ServiceName == "network" { network = true } } }() err := p.ReloadCallback() if err != nil { log.Errorf("Failed to reload %s : %v", name, err) return err } return p.Up() }