func writeCaCerts(cfg *config.Config, caCertPath, caKeyPath string) error {
if cfg.UserDocker.CACert == "" {
if err := machineUtil.GenerateCACertificate(caCertPath, caKeyPath, NAME, BITS); err != nil {
return err
}
caCert, err := ioutil.ReadFile(caCertPath)
if err != nil {
return err
}
caKey, err := ioutil.ReadFile(caKeyPath)
if err != nil {
return err
}
err = cfg.SetConfig(&config.Config{
UserDocker: config.DockerConfig{
CAKey: string(caKey),
CACert: string(caCert),
},
})
if err != nil {
return err
}
return nil
}
if err := ioutil.WriteFile(caCertPath, []byte(cfg.UserDocker.CACert), 0400); err != nil {
return err
}
return ioutil.WriteFile(caKeyPath, []byte(cfg.UserDocker.CAKey), 0400)
}
func writeCerts(generateServer bool, hostname []string, cfg *config.Config, certPath, keyPath, caCertPath, caKeyPath string) error {
if !generateServer {
return machineUtil.GenerateCert([]string{""}, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS)
}
if cfg.UserDocker.ServerKey == "" || cfg.UserDocker.ServerCert == "" {
err := machineUtil.GenerateCert(hostname, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS)
if err != nil {
return err
}
cert, err := ioutil.ReadFile(certPath)
if err != nil {
return err
}
key, err := ioutil.ReadFile(keyPath)
if err != nil {
return err
}
return cfg.SetConfig(&config.Config{
UserDocker: config.DockerConfig{
CAKey: cfg.UserDocker.CAKey,
CACert: cfg.UserDocker.CACert,
ServerCert: string(cert),
ServerKey: string(key),
},
})
}
if err := ioutil.WriteFile(certPath, []byte(cfg.UserDocker.ServerCert), 0400); err != nil {
return err
}
return ioutil.WriteFile(keyPath, []byte(cfg.UserDocker.ServerKey), 0400)
}
func RunInit() error {
var cfg config.Config
os.Setenv("PATH", "/sbin:/usr/sbin:/usr/bin")
os.Setenv("DOCKER_RAMDISK", "true")
initFuncs := []config.InitFunc{
func(cfg *config.Config) error {
return createDirs(dirs...)
},
func(cfg *config.Config) error {
log.Info("Setting up mounts")
return createMounts(mounts...)
},
func(cfg *config.Config) error {
newCfg, err := config.LoadConfig()
if err == nil {
newCfg, err = config.LoadConfig()
}
if err == nil {
*cfg = *newCfg
}
if cfg.Debug {
cfgString, _ := config.Dump(false, true)
if cfgString != "" {
log.Debugf("Config: %s", cfgString)
}
}
return err
},
mountCgroups,
func(cfg *config.Config) error {
return createSymlinks(cfg, symlinks)
},
createGroups,
extractModules,
loadModules,
setResolvConf,
setupSystemBridge,
bootstrap,
mountState,
func(cfg *config.Config) error {
return cfg.Reload()
},
loadModules,
setResolvConf,
func(cfg *config.Config) error {
return createDirs(postDirs...)
},
func(cfg *config.Config) error {
return createMounts(postMounts...)
},
touchSocket,
// Disable R/O root write now to support updating modules
//remountRo,
sysInit,
}
if err := config.RunInitFuncs(&cfg, initFuncs); err != nil {
return err
}
return execDocker(&cfg)
}
func RunServices(name string, cfg *config.Config, configs map[string]*project.ServiceConfig) error {
network := false
projectEvents := make(chan project.ProjectEvent)
p := project.NewProject(name, NewContainerFactory(cfg))
p.EnvironmentLookup = &configEnvironment{cfg: cfg}
p.AddListener(projectEvents)
enabled := make(map[string]bool)
for name, serviceConfig := range configs {
if err := p.AddConfig(name, serviceConfig); err != nil {
log.Infof("Failed loading service %s", name)
}
}
p.ReloadCallback = func() error {
err := cfg.Reload()
if err != nil {
return err
}
for service, serviceEnabled := range cfg.ServicesInclude {
if !serviceEnabled {
continue
}
if _, ok := enabled[service]; ok {
continue
}
bytes, err := LoadServiceResource(service, network, cfg)
if err != nil {
if err == util.ErrNoNetwork {
log.Debugf("Can not load %s, networking not enabled", service)
} else {
log.Errorf("Failed to load %s : %v", service, err)
}
continue
}
err = p.Load(bytes)
if err != nil {
log.Errorf("Failed to load %s : %v", service, err)
continue
}
enabled[service] = true
}
for service, config := range cfg.Services {
if _, ok := enabled[service]; ok {
continue
}
err = p.AddConfig(service, config)
if err != nil {
log.Errorf("Failed to load %s : %v", service, err)
continue
}
enabled[service] = true
}
return nil
}
go func() {
for event := range projectEvents {
if event.Event == project.CONTAINER_STARTED && event.ServiceName == "network" {
network = true
}
}
}()
err := p.ReloadCallback()
if err != nil {
log.Errorf("Failed to reload %s : %v", name, err)
return err
}
return p.Up()
}
