func RunInit() error {
var cfg config.CloudConfig
os.Setenv("PATH", "/sbin:/usr/sbin:/usr/bin")
// Magic setting to tell Docker to do switch_root and not pivot_root
os.Setenv("DOCKER_RAMDISK", "true")
initFuncs := []config.InitFunc{
func(cfg *config.CloudConfig) error {
return dockerlaunch.PrepareFs(&mountConfig)
},
func(cfg *config.CloudConfig) error {
newCfg, err := config.LoadConfig()
if err == nil {
newCfg, err = config.LoadConfig()
}
if err == nil {
*cfg = *newCfg
}
if cfg.Rancher.Debug {
cfgString, err := config.Dump(false, true)
if err != nil {
log.WithFields(log.Fields{"err": err}).Error("Error serializing config")
} else {
log.Debugf("Config: %s", cfgString)
}
}
return err
},
loadModules,
tryMountAndBootstrap,
func(cfg *config.CloudConfig) error {
return cfg.Reload()
},
loadModules,
sysInit,
}
if err := config.RunInitFuncs(&cfg, initFuncs); err != nil {
return err
}
launchConfig, args := getLaunchConfig(&cfg, &cfg.Rancher.SystemDocker)
log.Info("Launching System Docker")
_, err := dockerlaunch.LaunchDocker(launchConfig, config.DOCKER_BIN, args...)
return err
}
func writeCerts(generateServer bool, hostname []string, cfg *config.CloudConfig, certPath, keyPath, caCertPath, caKeyPath string) error {
if !generateServer {
return machineUtil.GenerateCert([]string{""}, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS)
}
if cfg.Rancher.Docker.ServerKey == "" || cfg.Rancher.Docker.ServerCert == "" {
err := machineUtil.GenerateCert(hostname, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS)
if err != nil {
return err
}
cert, err := ioutil.ReadFile(certPath)
if err != nil {
return err
}
key, err := ioutil.ReadFile(keyPath)
if err != nil {
return err
}
cfg, err = cfg.Merge(map[interface{}]interface{}{
"rancher": map[interface{}]interface{}{
"docker": map[interface{}]interface{}{
"ca_key": cfg.Rancher.Docker.CAKey,
"ca_cert": cfg.Rancher.Docker.CACert,
"server_cert": string(cert),
"server_key": string(key),
},
},
})
if err != nil {
return err
}
return cfg.Save()
}
if err := ioutil.WriteFile(certPath, []byte(cfg.Rancher.Docker.ServerCert), 0400); err != nil {
return err
}
return ioutil.WriteFile(keyPath, []byte(cfg.Rancher.Docker.ServerKey), 0400)
}
func writeCerts(generateServer bool, hostname []string, cfg *config.CloudConfig, certPath, keyPath, caCertPath, caKeyPath string) error {
if !generateServer {
return machineUtil.GenerateCert([]string{""}, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS)
}
if cfg.Rancher.UserDocker.ServerKey == "" || cfg.Rancher.UserDocker.ServerCert == "" {
err := machineUtil.GenerateCert(hostname, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS)
if err != nil {
return err
}
cert, err := ioutil.ReadFile(certPath)
if err != nil {
return err
}
key, err := ioutil.ReadFile(keyPath)
if err != nil {
return err
}
return cfg.SetConfig(&config.CloudConfig{
Rancher: config.RancherConfig{
UserDocker: config.DockerConfig{
CAKey: cfg.Rancher.UserDocker.CAKey,
CACert: cfg.Rancher.UserDocker.CACert,
ServerCert: string(cert),
ServerKey: string(key),
},
},
})
}
if err := ioutil.WriteFile(certPath, []byte(cfg.Rancher.UserDocker.ServerCert), 0400); err != nil {
return err
}
return ioutil.WriteFile(keyPath, []byte(cfg.Rancher.UserDocker.ServerKey), 0400)
}
func writeCaCerts(cfg *config.CloudConfig, caCertPath, caKeyPath string) error {
if cfg.Rancher.UserDocker.CACert == "" {
if err := machineUtil.GenerateCACertificate(caCertPath, caKeyPath, NAME, BITS); err != nil {
return err
}
caCert, err := ioutil.ReadFile(caCertPath)
if err != nil {
return err
}
caKey, err := ioutil.ReadFile(caKeyPath)
if err != nil {
return err
}
err = cfg.SetConfig(&config.CloudConfig{
Rancher: config.RancherConfig{
UserDocker: config.DockerConfig{
CAKey: string(caKey),
CACert: string(caCert),
},
},
})
if err != nil {
return err
}
return nil
}
if err := ioutil.WriteFile(caCertPath, []byte(cfg.Rancher.UserDocker.CACert), 0400); err != nil {
return err
}
return ioutil.WriteFile(caKeyPath, []byte(cfg.Rancher.UserDocker.CAKey), 0400)
}
func writeCaCerts(cfg *config.CloudConfig, caCertPath, caKeyPath string) error {
if cfg.Rancher.Docker.CACert == "" {
if err := machineUtil.GenerateCACertificate(caCertPath, caKeyPath, NAME, BITS); err != nil {
return err
}
caCert, err := ioutil.ReadFile(caCertPath)
if err != nil {
return err
}
caKey, err := ioutil.ReadFile(caKeyPath)
if err != nil {
return err
}
cfg, err = cfg.Merge(map[interface{}]interface{}{
"rancher": map[interface{}]interface{}{
"docker": map[interface{}]interface{}{
"ca_key": string(caKey),
"ca_cert": string(caCert),
},
},
})
if err != nil {
return err
}
return cfg.Save()
}
if err := ioutil.WriteFile(caCertPath, []byte(cfg.Rancher.Docker.CACert), 0400); err != nil {
return err
}
return ioutil.WriteFile(caKeyPath, []byte(cfg.Rancher.Docker.CAKey), 0400)
}
func newCoreServiceProject(cfg *config.CloudConfig) (*project.Project, error) {
network := false
projectEvents := make(chan project.ProjectEvent)
enabled := make(map[string]string)
p, err := newProject("os", cfg)
if err != nil {
return nil, err
}
p.AddListener(project.NewDefaultListener(p))
p.AddListener(projectEvents)
p.ReloadCallback = func() error {
err := cfg.Reload()
if err != nil {
return err
}
addServices(p, cfg, enabled, cfg.Rancher.Services)
for service, serviceEnabled := range cfg.Rancher.ServicesInclude {
if enabled[service] != "" || !serviceEnabled {
continue
}
bytes, err := LoadServiceResource(service, network, cfg)
if err != nil {
if err == util.ErrNoNetwork {
log.Debugf("Can not load %s, networking not enabled", service)
} else {
log.Errorf("Failed to load %s : %v", service, err)
}
continue
}
err = p.Load(bytes)
if err != nil {
log.Errorf("Failed to load %s : %v", service, err)
continue
}
enabled[service] = service
}
return nil
}
go func() {
for event := range projectEvents {
if event.Event == project.CONTAINER_STARTED && event.ServiceName == "network" {
network = true
}
}
}()
err = p.ReloadCallback()
if err != nil {
log.Errorf("Failed to reload os: %v", err)
return nil, err
}
return p, nil
}