From f76e819d3c5b385ec2f3898853aa28d480739a29 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 30 Mar 2016 22:45:03 +0100 Subject: [PATCH 01/95] ISSUE 159: Split out docker helper functions from build and run helper scripts. --- build.sh | 18 +--------- docker-helpers.sh | 85 +++++++++++++++++++++++++++++++++++++++++++++++ run.conf | 5 ++- run.sh | 72 ++------------------------------------- 4 files changed, 91 insertions(+), 89 deletions(-) create mode 100644 docker-helpers.sh diff --git a/build.sh b/build.sh index 0ec5324..0eff450 100755 --- a/build.sh +++ b/build.sh @@ -7,23 +7,7 @@ if [[ ${DIR_PATH} == */* ]] && [[ ${DIR_PATH} != $( pwd ) ]]; then fi source build.conf - -show_docker_image () -{ - local NAME=$1 - local NAME_PARTS=(${NAME//:/ }) - - # Set 'latest' tag if no tag requested - if [[ ${#NAME_PARTS[@]} == 1 ]]; then - NAME_PARTS[1]='latest' - fi - - docker images | \ - awk \ - -v FS='[ ]+' \ - -v pattern="^${NAME_PARTS[0]}[ ]+${NAME_PARTS[1]} " \ - '$0 ~ pattern { print $0; }' -} +source docker-helpers.sh NO_CACHE=$1 diff --git a/docker-helpers.sh b/docker-helpers.sh new file mode 100644 index 0000000..73d7855 --- /dev/null +++ b/docker-helpers.sh @@ -0,0 +1,85 @@ +#!/usr/bin/env bash + +have_docker_container_name () +{ + local NAME=$1 + + if [[ -z ${NAME} ]]; then + return 1 + fi + + if [[ -n $(docker ps -a | awk -v pattern="^${NAME}$" '$NF ~ pattern { print $NF; }') ]]; then + return 0 + fi + + return 1 +} + +is_docker_container_name_running () +{ + local NAME=$1 + + if [[ -z ${NAME} ]]; then + return 1 + fi + + if [[ -n $(docker ps | awk -v pattern="^${NAME}$" '$NF ~ pattern { print $NF; }') ]]; then + return 0 + fi + + return 1 +} + +show_docker_container_name_status () +{ + local NAME=$1 + + if [[ -z ${NAME} ]]; then + return 1 + fi + + docker ps | \ + awk \ + -v pattern="${NAME}$" \ + '$NF ~ pattern { print $0; }' + +} + +show_docker_image () +{ + local NAME=$1 + local NAME_PARTS=(${NAME//:/ }) + + # Set 'latest' tag if no tag requested + if [[ ${#NAME_PARTS[@]} == 1 ]]; then + NAME_PARTS[1]='latest' + fi + + docker images | \ + awk \ + -v FS='[ ]+' \ + -v pattern="^${NAME_PARTS[0]}[ ]+${NAME_PARTS[1]} " \ + '$0 ~ pattern { print $0; }' +} + +remove_docker_container_name () +{ + local NAME=$1 + + if have_docker_container_name ${NAME}; then + if is_docker_container_name_running ${NAME}; then + echo "Stopping container ${NAME}" + docker stop ${NAME} &> /dev/null + + if [[ ${?} -ne 0 ]]; then + return 1 + fi + fi + echo "Removing container ${NAME}" + docker rm ${NAME} &> /dev/null + + if [[ ${?} -ne 0 ]]; then + return 1 + fi + fi +} diff --git a/run.conf b/run.conf index b14611f..801bbf8 100644 --- a/run.conf +++ b/run.conf @@ -4,7 +4,8 @@ COLOUR_RESET=$(tput sgr0) DOCKER_USER=jdeathe DOCKER_IMAGE_NAME=centos-ssh -DOCKER_IMAGE_TAG=latest +DOCKER_IMAGE_TAG=${DOCKER_IMAGE_TAG:-latest} +DOCKER_IMAGE_REPOSITORY_NAME=${DOCKER_USER}/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} SERVICE_UNIT_NAME=ssh SERVICE_UNIT_APP_GROUP=app-1 @@ -15,9 +16,7 @@ SERVICE_UNIT_PORT=2020 SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}.${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} SERVICE_UNIT_FILE_NAME=${SERVICE_UNIT_LONG_NAME}@${SERVICE_UNIT_PORT}.service -DOCKER_IMAGE_REPOSITORY_NAME=${DOCKER_USER}/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} DOCKER_NAME=${SERVICE_UNIT_LONG_NAME} - DOCKER_HOST_PORT_SSH=${SERVICE_UNIT_PORT:-2020} DOCKER_HOST_PORT_SFTP=$((( ${DOCKER_HOST_PORT_SSH} + 1 ))) diff --git a/run.sh b/run.sh index 7f71e7d..7c1219f 100755 --- a/run.sh +++ b/run.sh @@ -7,74 +7,7 @@ if [[ ${DIR_PATH} == */* ]] && [[ ${DIR_PATH} != $( pwd ) ]]; then fi source run.conf - -have_docker_container_name () -{ - local NAME=$1 - - if [[ -z ${NAME} ]]; then - return 1 - fi - - if [[ -n $(docker ps -a | awk -v pattern="^${NAME}$" '$NF ~ pattern { print $NF; }') ]]; then - return 0 - fi - - return 1 -} - -is_docker_container_name_running () -{ - local NAME=$1 - - if [[ -z ${NAME} ]]; then - return 1 - fi - - if [[ -n $(docker ps | awk -v pattern="^${NAME}$" '$NF ~ pattern { print $NF; }') ]]; then - return 0 - fi - - return 1 -} - -show_docker_container_name_status () -{ - local NAME=$1 - - if [[ -z ${NAME} ]]; then - return 1 - fi - - docker ps | \ - awk \ - -v pattern="${NAME}$" \ - '$NF ~ pattern { print $0; }' - -} - - -remove_docker_container_name () -{ - local NAME=$1 - - if have_docker_container_name ${NAME}; then - if is_docker_container_name_running ${NAME}; then - echo "Stopping container ${NAME}" - docker stop ${NAME} &> /dev/null - - if [[ ${?} -ne 0 ]]; then - return 1 - fi - fi - echo "Removing container ${NAME}" - docker rm ${NAME} &> /dev/null - - if [[ ${?} -ne 0 ]]; then - return 1 - fi - fi -} +source docker-helpers.sh # Configuration volume if [[ ${VOLUME_CONFIG_ENABLED} == true ]] && ! have_docker_container_name ${VOLUME_CONFIG_NAME}; then @@ -219,11 +152,12 @@ docker run \ # ) if is_docker_container_name_running ${DOCKER_NAME}; then - printf -- "\n%s:\n" 'Docker process status' + printf -- "\n%s:\n" 'Docker container status' show_docker_container_name_status ${DOCKER_NAME} printf -- " ${COLOUR_POSITIVE}--->${COLOUR_RESET} %s\n" 'Container running' elif [[ ${#} -eq 0 ]]; then printf -- " ${COLOUR_NEGATIVE}--->${COLOUR_RESET} %s\n" 'ERROR' + exit 1 fi # Linked container test From 8a72fc6cd649e81f2e5ab22d0e0e6a188a4b66d4 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 30 Mar 2016 22:59:34 +0100 Subject: [PATCH 02/95] ISSUE 159: Initial Makefile for Docke image and container operations. --- .gitignore | 1 + Makefile | 293 +++++++++++++++++++++++++++++++++++++++++++++++++++++ make.conf | 33 ++++++ 3 files changed, 327 insertions(+) create mode 100644 .gitignore create mode 100644 Makefile create mode 100644 make.conf diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57a74cf --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +packages \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..acb3cc1 --- /dev/null +++ b/Makefile @@ -0,0 +1,293 @@ +export SHELL := /usr/bin/env bash +export PATH := ${PATH} + +include make.conf + +# UI constants +COLOUR_NEGATIVE := \033[0;31m +COLOUR_POSITIVE := \033[0;32m +COLOUR_RESET := \033[0m +CHARACTER_STEP := ---> +PREFIX_STEP := $(shell printf -- '%s ' "$(CHARACTER_STEP)") +PREFIX_SUB_STEP := $(shell printf -- ' %s ' "$(CHARACTER_STEP)") +PREFIX_STEP_NEGATIVE := $(shell printf -- '%b%s%b' "$(COLOUR_NEGATIVE)" "$(PREFIX_STEP)" "$(COLOUR_RESET)") +PREFIX_STEP_POSITIVE := $(shell printf -- '%b%s%b' "$(COLOUR_POSITIVE)" "$(PREFIX_STEP)" "$(COLOUR_RESET)") +PREFIX_SUB_STEP_NEGATIVE := $(shell printf -- '%b%s%b' "$(COLOUR_NEGATIVE)" "$(PREFIX_SUB_STEP)" "$(COLOUR_RESET)") +PREFIX_SUB_STEP_POSITIVE := $(shell printf -- '%b%s%b' "$(COLOUR_POSITIVE)" "$(PREFIX_SUB_STEP)" "$(COLOUR_RESET)") + +.DEFAULT_GOAL := build + +# Get absolute file paths +PACKAGE_PATH := $(realpath $(PACKAGE_PATH)) + +# Package prerequisites +docker := $(shell type -p docker) +xz := $(shell type -p xz) + +# Used to test docker host is accessible +get-docker-info := $(shell $(docker) info) + +# Tag validation +IS_DOCKER_IMAGE_TAG := $(shell if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_TAG_PATTERN) ]]; then echo $(DOCKER_IMAGE_TAG); else echo ''; fi) +IS_DOCKER_RELEASE_TAG := $(shell if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_RELEASE_TAG_PATTERN) ]]; then echo $(DOCKER_IMAGE_TAG); else echo ''; fi) + +.PHONY: \ + all \ + build \ + clean \ + create \ + dist \ + distclean \ + exec \ + install \ + images \ + load \ + logs \ + pause \ + prerequisites \ + pull \ + ps \ + require-docker-container \ + require-docker-image-tag \ + require-docker-release-tag \ + restart \ + rm \ + run \ + start \ + stop \ + terminate \ + unpause + +all: | prerequisites build images install start ps + +# build NO_CACHE=[{false,true}] +build: | prerequisites require-docker-image-tag + @ echo "$(PREFIX_STEP) Building $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)" + @ if [[ $(NO_CACHE) == true ]]; then \ + echo "$(PREFIX_SUB_STEP) Skipping cache"; \ + fi + @ $(docker) build \ + --no-cache=$(NO_CACHE) \ + -t $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) \ + .; \ + if [[ $${?} -eq 0 ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Build complete"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Build error"; \ + exit 1; \ + fi + +clean: | prerequisites terminate require-docker-image-tag + @ if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then \ + echo "$(PREFIX_STEP) Untagging image"; \ + $(docker) rmi $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG); \ + fi + @ if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Image cleanup failed"; \ + exit 1; \ + else \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Image cleanup complete"; \ + fi + +create: | prerequisites + @ echo "$(PREFIX_STEP) Creating container" + @ set -x; $(docker) create \ + --name $(DOCKER_NAME) \ + --publish $(DOCKER_HOST_PORT_SSH):22 \ + --restart $(DOCKER_RESTART_POLICY) \ + $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) 1> /dev/null; + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=created") ]]; then \ + echo "$(PREFIX_SUB_STEP) $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=created")"; \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Container created"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Container creation failed"; \ + fi + +dist: | prerequisites require-docker-release-tag pull + @ if [[ -s $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz ]]; then \ + echo "$(PREFIX_STEP) Saving package"; \ + echo "$(PREFIX_SUB_STEP) Package path: $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz"; \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Package already exists"; \ + else \ + if [[ ! -d $(PACKAGE_PATH) ]]; then \ + echo "$(PREFIX_STEP) Creating package directory"; \ + mkdir -p $(PACKAGE_PATH); \ + fi; \ + echo "$(PREFIX_STEP) Saving package"; \ + $(docker) save \ + $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) | \ + $(xz) -9 > \ + $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz; \ + if [[ $${?} -eq 0 ]]; then \ + echo "$(PREFIX_SUB_STEP) Package path: $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz"; \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Package saved"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Package save error"; \ + exit 1; \ + fi; \ + fi + +distclean: | prerequisites require-docker-release-tag clean + @ if [[ -e $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz ]]; then \ + echo "$(PREFIX_STEP) Deleting $(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz package"; \ + find $(PACKAGE_PATH) \ + -name $(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz \ + -delete; \ + fi + @ if [[ -e $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz ]]; then \ + echo "$(PREFIX_STEP_NEGATIVE) Package cleanup failed"; \ + exit 1; \ + else \ + echo "$(PREFIX_STEP_POSITIVE) Package cleanup complete"; \ + fi + +exec: | prerequisites + @ $(docker) exec -it $(DOCKER_NAME) $(filter-out $@, $(MAKECMDGOALS)) +%:; @: + +images: | prerequisites + @ $(docker) images \ + $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG); + +install: | prerequisites terminate create + +logs: | prerequisites + @ $(docker) logs $(DOCKER_NAME) + +load: | prerequisites require-docker-release-tag + @ echo "$(PREFIX_STEP) Loading image from package $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz"; \ + if [[ ! -s $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz ]]; then \ + echo "$(PREFIX_STEP_NEGATIVE) Package not found"; \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) To create a package try: DOCKER_IMAGE_TAG=\"$(DOCKER_IMAGE_TAG)\" make dist"; \ + exit 1; \ + else \ + if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then \ + echo "$(PREFIX_STEP) Untagging image"; \ + $(docker) rmi $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG); \ + fi; \ + $(xz) -dc $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz | \ + $(docker) load; \ + echo "$(PREFIX_SUB_STEP) $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG))"; \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Image loaded"; \ + fi + +pause: | prerequisites require-docker-container + @ echo "$(PREFIX_STEP) Pausing container" + @ $(docker) pause $(DOCKER_NAME) 1> /dev/null + @ echo "$(PREFIX_SUB_STEP_POSITIVE) Container paused" + +prerequisites: +ifeq ($(docker),) + $(error "Please install the docker (docker-engine) package.") +endif + +ifeq ($(xz),) + $(error "Please install the xz package.") +endif + +ifeq ($(get-docker-info),) + $(error "Unable to connect to docker host.") +endif + +pull: | prerequisites require-docker-image-tag + @ echo "$(PREFIX_STEP) Pulling image from registry" + @ $(docker) pull \ + $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG); \ + if [[ $${?} -eq 0 ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Image pulled"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Error pulling image"; \ + exit 1; \ + fi; \ + +ps: | prerequisites require-docker-container + @ $(docker) ps -as --filter "name=$(DOCKER_NAME)"; + +require-docker-container: +ifeq ($(shell $(docker) ps -aq --filter "name=$(DOCKER_NAME)"),) + $(error "This operation requires the $(DOCKER_NAME) docker container. Install it with: make install") +endif + +require-docker-image-tag: +ifeq ($(IS_DOCKER_IMAGE_TAG),) + $(error "Invalid DOCKER_IMAGE_TAG value $(DOCKER_IMAGE_TAG).") +endif + +require-docker-release-tag: +ifeq ($(IS_DOCKER_RELEASE_TAG),) + $(error "Invalid DOCKER_IMAGE_TAG value $(DOCKER_IMAGE_TAG). A release tag is required for this operation.") +endif + +restart: | prerequisites require-docker-container + @ echo "$(PREFIX_STEP) Restarting container" + @ $(docker) restart $(DOCKER_NAME) 1> /dev/null + @ echo "$(PREFIX_SUB_STEP_POSITIVE) Container restarted" + +rm: | prerequisites + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ + echo "$(PREFIX_STEP) Removing container"; \ + $(docker) rm -f $(DOCKER_NAME); \ + fi + @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Container removed"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Container removal failed"; \ + exit 1; \ + fi + +run: | prerequisites require-docker-image-tag + @ env DOCKER_IMAGE_TAG=$(DOCKER_IMAGE_TAG) $(SHELL) run.sh + +start: | prerequisites require-docker-container + @ echo "$(PREFIX_STEP) Starting container" + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]] \ + && [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ + $(docker) start $(DOCKER_NAME) 1> /dev/null; \ + fi + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Container started"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Container start failed"; \ + fi + +stop: | prerequisites + @ echo "$(PREFIX_STEP) Stopping container" + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]] \ + && [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ + $(docker) stop $(DOCKER_NAME) 1> /dev/null; \ + fi; + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]] \ + && [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=exited") ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Container stopped"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Error stopping container"; \ + exit 1; \ + fi + +terminate: | prerequisites +ifneq ($(shell $(docker) ps -aq --filter "name=$(DOCKER_NAME)"),) + @ echo "$(PREFIX_STEP) Terminating container" + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=paused") ]]; then \ + echo "$(PREFIX_SUB_STEP) Unpausing container"; \ + $(docker) unpause $(DOCKER_NAME) 1> /dev/null; \ + fi + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ + echo "$(PREFIX_SUB_STEP) Stopping container"; \ + $(docker) stop $(DOCKER_NAME) 1> /dev/null; \ + fi + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ + echo "$(PREFIX_SUB_STEP) Removing container"; \ + $(docker) rm -f $(DOCKER_NAME) 1> /dev/null; \ + fi + @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Container terminated"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Container termination failed"; \ + exit 1; \ + fi +endif + +unpause: | prerequisites require-docker-container + @ echo "$(PREFIX_STEP) Unpausing container" + @ $(docker) unpause $(DOCKER_NAME) 1> /dev/null + @ echo "$(PREFIX_SUB_STEP_POSITIVE) Container unpaused" diff --git a/make.conf b/make.conf new file mode 100644 index 0000000..e5c069d --- /dev/null +++ b/make.conf @@ -0,0 +1,33 @@ + +# Tag validation patterns +DOCKER_IMAGE_TAG_PATTERN := ^(latest|(centos-[6-7])|(centos-(6-1|7-2).[0-9]+.[0-9]+))$ +DOCKER_IMAGE_RELEASE_TAG_PATTERN := ^centos-(6-1|7-2).[0-9]+.[0-9]+$ + +# Docker image/container settings +DOCKER_USER := jdeathe +DOCKER_IMAGE_NAME := centos-ssh +DOCKER_IMAGE_TAG ?= latest +DOCKER_NAME ?= ssh.pool-1.1.1 +DOCKER_HOST_PORT_SSH ?= 2020 +DOCKER_RESTART_POLICY ?= always # {no,on-failure[:max-retries],always,unless-stopped} + +# Docker build --no-cache parameter +NO_CACHE ?= false + +# Directory path for release packages +PACKAGE_PATH ?= ./packages + +# VOLUME_CONFIG_NAME := volume-config.${SERVICE_UNIT_NAME} +# VOLUME_CONFIG_NAME := volume-config.${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP} +VOLUME_CONFIG_NAME := volume-config.ssh.pool-1.1.1 + +# Use of a configuration volume requires additional maintenance and access to the +# filesystem of the docker host so is disabled by default. +VOLUME_CONFIG_ENABLED := false + +# Using named volumes allows for easier identification of files located in +# /var/lib/docker/volumes/ on the docker host. If set to true, the value of +# VOLUME_CONFIG_NAME is used in place of an automatically generated ID. +# NOTE: When using named volumes you need to copy the contents of the directory +# into the configuration "data" volume container. +VOLUME_CONFIG_NAMED := false From e05bf7083eb68b40ae541e65894b7795c4f2323b Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 31 Mar 2016 03:31:25 +0100 Subject: [PATCH 03/95] ISSUE 159: Split up targets more. Remove need for run.sh helper. --- Makefile | 94 ++++++++++++++++++++++++++++++++++---------------------- 1 file changed, 57 insertions(+), 37 deletions(-) diff --git a/Makefile b/Makefile index acb3cc1..4223b11 100644 --- a/Makefile +++ b/Makefile @@ -52,16 +52,17 @@ IS_DOCKER_RELEASE_TAG := $(shell if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_REL require-docker-release-tag \ restart \ rm \ + rmi \ run \ start \ stop \ terminate \ unpause -all: | prerequisites build images install start ps +all: prerequisites | clean build images install start ps # build NO_CACHE=[{false,true}] -build: | prerequisites require-docker-image-tag +build: prerequisites require-docker-image-tag @ echo "$(PREFIX_STEP) Building $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)" @ if [[ $(NO_CACHE) == true ]]; then \ echo "$(PREFIX_SUB_STEP) Skipping cache"; \ @@ -77,19 +78,9 @@ build: | prerequisites require-docker-image-tag exit 1; \ fi -clean: | prerequisites terminate require-docker-image-tag - @ if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then \ - echo "$(PREFIX_STEP) Untagging image"; \ - $(docker) rmi $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG); \ - fi - @ if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then \ - echo "$(PREFIX_SUB_STEP_NEGATIVE) Image cleanup failed"; \ - exit 1; \ - else \ - echo "$(PREFIX_SUB_STEP_POSITIVE) Image cleanup complete"; \ - fi +clean: prerequisites | terminate rm rmi -create: | prerequisites +create: prerequisites @ echo "$(PREFIX_STEP) Creating container" @ set -x; $(docker) create \ --name $(DOCKER_NAME) \ @@ -101,9 +92,10 @@ create: | prerequisites echo "$(PREFIX_SUB_STEP_POSITIVE) Container created"; \ else \ echo "$(PREFIX_SUB_STEP_NEGATIVE) Container creation failed"; \ + exit 1; \ fi -dist: | prerequisites require-docker-release-tag pull +dist: prerequisites require-docker-release-tag | pull @ if [[ -s $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz ]]; then \ echo "$(PREFIX_STEP) Saving package"; \ echo "$(PREFIX_SUB_STEP) Package path: $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz"; \ @@ -127,7 +119,7 @@ dist: | prerequisites require-docker-release-tag pull fi; \ fi -distclean: | prerequisites require-docker-release-tag clean +distclean: prerequisites require-docker-release-tag | clean @ if [[ -e $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz ]]; then \ echo "$(PREFIX_STEP) Deleting $(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz package"; \ find $(PACKAGE_PATH) \ @@ -141,37 +133,34 @@ distclean: | prerequisites require-docker-release-tag clean echo "$(PREFIX_STEP_POSITIVE) Package cleanup complete"; \ fi -exec: | prerequisites +exec: prerequisites @ $(docker) exec -it $(DOCKER_NAME) $(filter-out $@, $(MAKECMDGOALS)) %:; @: -images: | prerequisites +images: prerequisites @ $(docker) images \ $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG); install: | prerequisites terminate create -logs: | prerequisites +logs: prerequisites @ $(docker) logs $(DOCKER_NAME) -load: | prerequisites require-docker-release-tag - @ echo "$(PREFIX_STEP) Loading image from package $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz"; \ +load: prerequisites require-docker-release-tag + @ echo "$(PREFIX_STEP) Loading image from package"; \ + echo "$(PREFIX_SUB_STEP) Package path: $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz"; \ if [[ ! -s $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz ]]; then \ echo "$(PREFIX_STEP_NEGATIVE) Package not found"; \ echo "$(PREFIX_SUB_STEP_NEGATIVE) To create a package try: DOCKER_IMAGE_TAG=\"$(DOCKER_IMAGE_TAG)\" make dist"; \ exit 1; \ else \ - if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then \ - echo "$(PREFIX_STEP) Untagging image"; \ - $(docker) rmi $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG); \ - fi; \ $(xz) -dc $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz | \ $(docker) load; \ echo "$(PREFIX_SUB_STEP) $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG))"; \ echo "$(PREFIX_SUB_STEP_POSITIVE) Image loaded"; \ fi -pause: | prerequisites require-docker-container +pause: prerequisites require-docker-container @ echo "$(PREFIX_STEP) Pausing container" @ $(docker) pause $(DOCKER_NAME) 1> /dev/null @ echo "$(PREFIX_SUB_STEP_POSITIVE) Container paused" @@ -189,18 +178,19 @@ ifeq ($(get-docker-info),) $(error "Unable to connect to docker host.") endif -pull: | prerequisites require-docker-image-tag +pull: prerequisites require-docker-image-tag @ echo "$(PREFIX_STEP) Pulling image from registry" @ $(docker) pull \ $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG); \ if [[ $${?} -eq 0 ]]; then \ + echo "$(PREFIX_SUB_STEP) $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG))"; \ echo "$(PREFIX_SUB_STEP_POSITIVE) Image pulled"; \ else \ echo "$(PREFIX_SUB_STEP_NEGATIVE) Error pulling image"; \ exit 1; \ - fi; \ + fi -ps: | prerequisites require-docker-container +ps: prerequisites require-docker-container @ $(docker) ps -as --filter "name=$(DOCKER_NAME)"; require-docker-container: @@ -218,12 +208,12 @@ ifeq ($(IS_DOCKER_RELEASE_TAG),) $(error "Invalid DOCKER_IMAGE_TAG value $(DOCKER_IMAGE_TAG). A release tag is required for this operation.") endif -restart: | prerequisites require-docker-container +restart: prerequisites require-docker-container @ echo "$(PREFIX_STEP) Restarting container" @ $(docker) restart $(DOCKER_NAME) 1> /dev/null @ echo "$(PREFIX_SUB_STEP_POSITIVE) Container restarted" -rm: | prerequisites +rm: prerequisites @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ echo "$(PREFIX_STEP) Removing container"; \ $(docker) rm -f $(DOCKER_NAME); \ @@ -235,10 +225,37 @@ rm: | prerequisites exit 1; \ fi -run: | prerequisites require-docker-image-tag - @ env DOCKER_IMAGE_TAG=$(DOCKER_IMAGE_TAG) $(SHELL) run.sh +rmi: prerequisites require-docker-image-tag + @ if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then \ + echo "$(PREFIX_STEP) Untagging image"; \ + echo "$(PREFIX_SUB_STEP) $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) : $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)"; \ + $(docker) rmi \ + $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) 1> /dev/null; \ + if [[ $${?} -eq 0 ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Image untagged"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Error untagging image"; \ + exit 1; \ + fi; \ + fi + +run: prerequisites require-docker-image-tag + @ echo "$(PREFIX_STEP) Running container" + @ set -x; $(docker) run \ + --detach \ + --name $(DOCKER_NAME) \ + --publish $(DOCKER_HOST_PORT_SSH):22 \ + --restart $(DOCKER_RESTART_POLICY) \ + $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) 1> /dev/null; + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ + echo "$(PREFIX_SUB_STEP) $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running")"; \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Container running"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Container run failed"; \ + exit 1; \ + fi -start: | prerequisites require-docker-container +start: prerequisites require-docker-container @ echo "$(PREFIX_STEP) Starting container" @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]] \ && [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ @@ -248,9 +265,10 @@ start: | prerequisites require-docker-container echo "$(PREFIX_SUB_STEP_POSITIVE) Container started"; \ else \ echo "$(PREFIX_SUB_STEP_NEGATIVE) Container start failed"; \ + exit 1; \ fi -stop: | prerequisites +stop: prerequisites @ echo "$(PREFIX_STEP) Stopping container" @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]] \ && [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ @@ -264,7 +282,7 @@ stop: | prerequisites exit 1; \ fi -terminate: | prerequisites +terminate: prerequisites ifneq ($(shell $(docker) ps -aq --filter "name=$(DOCKER_NAME)"),) @ echo "$(PREFIX_STEP) Terminating container" @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=paused") ]]; then \ @@ -285,9 +303,11 @@ ifneq ($(shell $(docker) ps -aq --filter "name=$(DOCKER_NAME)"),) echo "$(PREFIX_SUB_STEP_NEGATIVE) Container termination failed"; \ exit 1; \ fi +else + @ echo "$(PREFIX_STEP) Container termination skipped" endif -unpause: | prerequisites require-docker-container +unpause: prerequisites require-docker-container @ echo "$(PREFIX_STEP) Unpausing container" @ $(docker) unpause $(DOCKER_NAME) 1> /dev/null @ echo "$(PREFIX_SUB_STEP_POSITIVE) Container unpaused" From 3e24dc4f413094bfd7c696772d14b3568115ad0f Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 2 Apr 2016 00:30:19 +0100 Subject: [PATCH 04/95] ISSUE 159: Don't clean by default for the 'all' target. --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 4223b11..0a4d4c3 100644 --- a/Makefile +++ b/Makefile @@ -59,7 +59,7 @@ IS_DOCKER_RELEASE_TAG := $(shell if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_REL terminate \ unpause -all: prerequisites | clean build images install start ps +all: prerequisites | build images install start ps # build NO_CACHE=[{false,true}] build: prerequisites require-docker-image-tag From b0272788df4ec112d9ea689baaf17379a511bd07 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 4 Apr 2016 00:35:37 +0100 Subject: [PATCH 05/95] ISSUE 159: Set environment variables for run.sh in the run.conf file. --- run.conf | 13 +++++++++++++ run.sh | 11 +++++++++++ 2 files changed, 24 insertions(+) diff --git a/run.conf b/run.conf index 801bbf8..ed49911 100644 --- a/run.conf +++ b/run.conf @@ -34,3 +34,16 @@ VOLUME_CONFIG_ENABLED=false # NOTE: When using named volumes you need to copy the contents of the directory # into the configuration "data" volume container. VOLUME_CONFIG_NAMED=false + +# Application container configuration +SSH_AUTHORIZED_KEYS="" +SSH_CHROOT_DIRECTORY="%h" +SSH_INHERIT_ENVIRONMENT=false +SSH_SUDO="ALL=(ALL) ALL" +SSH_USER="app-admin" +SSH_USER_FORCE_SFTP=false +SSH_USER_HOME="/home/%u" +SSH_USER_PASSWORD="" +SSH_USER_PASSWORD_HASHED=false +SSH_USER_SHELL="/bin/bash" +SSH_USER_ID="500:500" \ No newline at end of file diff --git a/run.sh b/run.sh index 7c1219f..d753edf 100755 --- a/run.sh +++ b/run.sh @@ -67,6 +67,17 @@ docker run \ ${DOCKER_OPERATOR_OPTIONS} \ --name ${DOCKER_NAME} \ -p ${DOCKER_HOST_PORT_SSH:-}:22 \ + --env "SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}" \ + --env "SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}" \ + --env "SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}" \ + --env "SSH_SUDO=${SSH_SUDO}" \ + --env "SSH_USER=${SSH_USER}" \ + --env "SSH_USER_PASSWORD_HASHED=${SSH_USER_PASSWORD_HASHED}" \ + --env "SSH_USER_PASSWORD=${SSH_USER_PASSWORD}" \ + --env "SSH_USER_FORCE_SFTP=${SSH_USER_FORCE_SFTP}" \ + --env "SSH_USER_HOME=${SSH_USER_HOME}" \ + --env "SSH_USER_SHELL=${SSH_USER_SHELL}" \ + --env "SSH_USER_ID=${SSH_USER_ID}" \ ${DOCKER_VOLUMES_FROM:-} \ ${DOCKER_IMAGE_REPOSITORY_NAME}${@:+ -c }"${@}" ) From a5c3183e62638c242a3bac59c5b2b9536e868613 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 4 Apr 2016 03:29:58 +0100 Subject: [PATCH 06/95] ISSUE 159: Allow container parameters to be set for make create|run operations. --- Makefile | 26 ++++++++++++++++++++------ make.conf | 13 +++++++++++++ 2 files changed, 33 insertions(+), 6 deletions(-) diff --git a/Makefile b/Makefile index 0a4d4c3..5cc65e9 100644 --- a/Makefile +++ b/Makefile @@ -31,6 +31,24 @@ get-docker-info := $(shell $(docker) info) IS_DOCKER_IMAGE_TAG := $(shell if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_TAG_PATTERN) ]]; then echo $(DOCKER_IMAGE_TAG); else echo ''; fi) IS_DOCKER_RELEASE_TAG := $(shell if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_RELEASE_TAG_PATTERN) ]]; then echo $(DOCKER_IMAGE_TAG); else echo ''; fi) +# Common parameters of create and run targets +define DOCKER_CONTAINER_PARAMETERS +--name $(DOCKER_NAME) \ +--publish $(DOCKER_HOST_PORT_SSH):22 \ +--restart $(DOCKER_RESTART_POLICY) \ +--env "SSH_AUTHORIZED_KEYS=$(SSH_AUTHORIZED_KEYS)" \ +--env "SSH_CHROOT_DIRECTORY=$(SSH_CHROOT_DIRECTORY)" \ +--env "SSH_INHERIT_ENVIRONMENT=$(SSH_INHERIT_ENVIRONMENT)" \ +--env "SSH_SUDO=$(SSH_SUDO)" \ +--env "SSH_USER=$(SSH_USER)" \ +--env "SSH_USER_FORCE_SFTP=$(SSH_USER_FORCE_SFTP)" \ +--env "SSH_USER_HOME=$(SSH_USER_HOME)" \ +--env "SSH_USER_PASSWORD=$(SSH_USER_PASSWORD)" \ +--env "SSH_USER_PASSWORD_HASHED=$(SSH_USER_PASSWORD_HASHED)" \ +--env "SSH_USER_SHELL=$(SSH_USER_SHELL)" \ +--env "SSH_USER_ID=$(SSH_USER_ID)" +endef + .PHONY: \ all \ build \ @@ -83,9 +101,7 @@ clean: prerequisites | terminate rm rmi create: prerequisites @ echo "$(PREFIX_STEP) Creating container" @ set -x; $(docker) create \ - --name $(DOCKER_NAME) \ - --publish $(DOCKER_HOST_PORT_SSH):22 \ - --restart $(DOCKER_RESTART_POLICY) \ + $(DOCKER_CONTAINER_PARAMETERS) \ $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) 1> /dev/null; @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=created") ]]; then \ echo "$(PREFIX_SUB_STEP) $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=created")"; \ @@ -243,9 +259,7 @@ run: prerequisites require-docker-image-tag @ echo "$(PREFIX_STEP) Running container" @ set -x; $(docker) run \ --detach \ - --name $(DOCKER_NAME) \ - --publish $(DOCKER_HOST_PORT_SSH):22 \ - --restart $(DOCKER_RESTART_POLICY) \ + $(DOCKER_CONTAINER_PARAMETERS) \ $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) 1> /dev/null; @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ echo "$(PREFIX_SUB_STEP) $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running")"; \ diff --git a/make.conf b/make.conf index e5c069d..f72944f 100644 --- a/make.conf +++ b/make.conf @@ -31,3 +31,16 @@ VOLUME_CONFIG_ENABLED := false # NOTE: When using named volumes you need to copy the contents of the directory # into the configuration "data" volume container. VOLUME_CONFIG_NAMED := false + +# Application container configuration +SSH_AUTHORIZED_KEYS ?= +SSH_CHROOT_DIRECTORY ?= %h +SSH_INHERIT_ENVIRONMENT ?= false +SSH_SUDO ?= ALL=(ALL) ALL +SSH_USER ?= app-admin +SSH_USER_FORCE_SFTP ?= false +SSH_USER_HOME ?= /home/%u +SSH_USER_PASSWORD ?= +SSH_USER_PASSWORD_HASHED ?= false +SSH_USER_SHELL ?= /bin/bash +SSH_USER_ID ?= 500:500 \ No newline at end of file From 91bd2c384c068cc4e1c9f0fe3e547e5e9ae21e61 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 4 Apr 2016 03:54:02 +0100 Subject: [PATCH 07/95] ISSUE 159: Make skipping of distructive targets consistent. --- Makefile | 53 ++++++++++++++++++++++++++++++----------------------- 1 file changed, 30 insertions(+), 23 deletions(-) diff --git a/Makefile b/Makefile index 5cc65e9..9284182 100644 --- a/Makefile +++ b/Makefile @@ -137,16 +137,19 @@ dist: prerequisites require-docker-release-tag | pull distclean: prerequisites require-docker-release-tag | clean @ if [[ -e $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz ]]; then \ - echo "$(PREFIX_STEP) Deleting $(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz package"; \ + echo "$(PREFIX_STEP) Deleting package"; \ + echo "$(PREFIX_SUB_STEP) Package path: $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz"; \ find $(PACKAGE_PATH) \ -name $(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz \ -delete; \ - fi - @ if [[ -e $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz ]]; then \ - echo "$(PREFIX_STEP_NEGATIVE) Package cleanup failed"; \ - exit 1; \ + if [[ ! -e $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Package cleanup complete"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Package cleanup failed"; \ + exit 1; \ + fi; \ else \ - echo "$(PREFIX_STEP_POSITIVE) Package cleanup complete"; \ + echo "$(PREFIX_STEP) Package cleanup skipped"; \ fi exec: prerequisites @@ -230,30 +233,34 @@ restart: prerequisites require-docker-container @ echo "$(PREFIX_SUB_STEP_POSITIVE) Container restarted" rm: prerequisites - @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ - echo "$(PREFIX_STEP) Removing container"; \ - $(docker) rm -f $(DOCKER_NAME); \ - fi - @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ - echo "$(PREFIX_SUB_STEP_POSITIVE) Container removed"; \ +ifneq ($(shell $(docker) ps -aq --filter "name=$(DOCKER_NAME)"),) + @ echo "$(PREFIX_STEP) Removing container"; \ + $(docker) rm -f $(DOCKER_NAME); \ + if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Container removed"; \ else \ echo "$(PREFIX_SUB_STEP_NEGATIVE) Container removal failed"; \ exit 1; \ fi +else + @ echo "$(PREFIX_STEP) Container removal skipped" +endif rmi: prerequisites require-docker-image-tag - @ if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then \ - echo "$(PREFIX_STEP) Untagging image"; \ - echo "$(PREFIX_SUB_STEP) $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) : $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)"; \ - $(docker) rmi \ - $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) 1> /dev/null; \ - if [[ $${?} -eq 0 ]]; then \ - echo "$(PREFIX_SUB_STEP_POSITIVE) Image untagged"; \ - else \ - echo "$(PREFIX_SUB_STEP_NEGATIVE) Error untagging image"; \ - exit 1; \ - fi; \ +ifneq ($(shell $(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)),) + @ echo "$(PREFIX_STEP) Untagging image"; \ + echo "$(PREFIX_SUB_STEP) $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) : $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)"; \ + $(docker) rmi \ + $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) 1> /dev/null; \ + if [[ $${?} -eq 0 ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Image untagged"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Error untagging image"; \ + exit 1; \ fi +else + @ echo "$(PREFIX_STEP) Untagging image skipped" +endif run: prerequisites require-docker-image-tag @ echo "$(PREFIX_STEP) Running container" From fccb6d027c3e45cacb7a51881c4d228071021013 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 4 Apr 2016 04:25:38 +0100 Subject: [PATCH 08/95] ISSUE 159: No need to rm a container after termination. --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 9284182..2cf6bb3 100644 --- a/Makefile +++ b/Makefile @@ -96,7 +96,7 @@ build: prerequisites require-docker-image-tag exit 1; \ fi -clean: prerequisites | terminate rm rmi +clean: prerequisites | terminate rmi create: prerequisites @ echo "$(PREFIX_STEP) Creating container" From a11263bb8efb18a824f0d0d9997d727800bf9a49 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 4 Apr 2016 17:00:55 +0100 Subject: [PATCH 09/95] ISSUE 159: Use new line for docker command for readability. --- Makefile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 2cf6bb3..e801a42 100644 --- a/Makefile +++ b/Makefile @@ -100,7 +100,8 @@ clean: prerequisites | terminate rmi create: prerequisites @ echo "$(PREFIX_STEP) Creating container" - @ set -x; $(docker) create \ + @ set -x; \ + $(docker) create \ $(DOCKER_CONTAINER_PARAMETERS) \ $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) 1> /dev/null; @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=created") ]]; then \ @@ -264,7 +265,8 @@ endif run: prerequisites require-docker-image-tag @ echo "$(PREFIX_STEP) Running container" - @ set -x; $(docker) run \ + @ set -x; \ + $(docker) run \ --detach \ $(DOCKER_CONTAINER_PARAMETERS) \ $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) 1> /dev/null; From 52319c74d6a11993ca9e6c332378b0e3e0caf99b Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 6 Apr 2016 21:20:22 +0100 Subject: [PATCH 10/95] ISSUE 160: Set environment variable values in a single build step. --- Dockerfile | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6d5f504..87bdb36 100755 --- a/Dockerfile +++ b/Dockerfile @@ -109,16 +109,16 @@ EXPOSE 22 # ----------------------------------------------------------------------------- # Set default environment variables # ----------------------------------------------------------------------------- -ENV SSH_AUTHORIZED_KEYS "" -ENV SSH_CHROOT_DIRECTORY "%h" -ENV SSH_INHERIT_ENVIRONMENT false -ENV SSH_SUDO "ALL=(ALL) ALL" -ENV SSH_USER "app-admin" -ENV SSH_USER_FORCE_SFTP false -ENV SSH_USER_HOME "/home/%u" -ENV SSH_USER_PASSWORD "" -ENV SSH_USER_PASSWORD_HASHED false -ENV SSH_USER_SHELL "/bin/bash" -ENV SSH_USER_ID "500:500" +ENV SSH_AUTHORIZED_KEYS="" \ + SSH_CHROOT_DIRECTORY="%h" \ + SSH_INHERIT_ENVIRONMENT=false \ + SSH_SUDO="ALL=(ALL) ALL" \ + SSH_USER="app-admin" \ + SSH_USER_FORCE_SFTP=false \ + SSH_USER_HOME="/home/%u" \ + SSH_USER_PASSWORD="" \ + SSH_USER_PASSWORD_HASHED=false \ + SSH_USER_SHELL="/bin/bash" \ + SSH_USER_ID="500:500" CMD ["/usr/bin/supervisord", "--configuration=/etc/supervisord.conf"] \ No newline at end of file From 33411245258177748d533eff53afee99fe606053 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 7 Apr 2016 01:13:15 +0100 Subject: [PATCH 11/95] ISSUE 164: Fixed issue with setting SSH USER UID:GID values. --- ssh.pool-1.1.1@2020.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 2fd5c76..f055d9e 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -112,7 +112,7 @@ ExecStart=/bin/sudo /bin/bash -c \ --env \"SSH_USER_PASSWORD=${SSH_USER_PASSWORD}\" \ --env \"SSH_USER_PASSWORD_HASHED=${SSH_USER_PASSWORD_HASHED}\" \ --env \"SSH_USER_SHELL=${SSH_USER_SHELL}\" \ - --env \"SSH_USER_UID=${SSH_USER_UID}\" \ + --env \"SSH_USER_ID=${SSH_USER_ID}\" \ --volumes-from volume-config.%p \ ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \ else \ @@ -128,7 +128,7 @@ ExecStart=/bin/sudo /bin/bash -c \ --env \"SSH_USER_PASSWORD=${SSH_USER_PASSWORD}\" \ --env \"SSH_USER_PASSWORD_HASHED=${SSH_USER_PASSWORD_HASHED}\" \ --env \"SSH_USER_SHELL=${SSH_USER_SHELL}\" \ - --env \"SSH_USER_UID=${SSH_USER_UID}\" \ + --env \"SSH_USER_ID=${SSH_USER_ID}\" \ ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \ fi" From 0593875859ec1921d7c7d9e2c17bf71e9ba76de2 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 7 Apr 2016 01:42:34 +0100 Subject: [PATCH 12/95] ISSUE 171: Enable setting of SSH_SUDO in Systemd definition. --- ssh.pool-1.1.1@2020.service | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index f055d9e..83d8be5 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -42,6 +42,7 @@ Environment="VOLUME_DATA_NAME=volume-data.%p" Environment="SSH_AUTHORIZED_KEYS=ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" Environment="SSH_CHROOT_DIRECTORY=%h" Environment="SSH_INHERIT_ENVIRONMENT=false" +Environment="SSH_SUDO=ALL=(ALL) ALL" Environment="SSH_USER=app-admin" Environment="SSH_USER_FORCE_SFTP=false" Environment="SSH_USER_HOME=/home/%%u" @@ -106,6 +107,7 @@ ExecStart=/bin/sudo /bin/bash -c \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ + --env \"SSH_SUDO=${SSH_SUDO}\" \ --env \"SSH_USER=${SSH_USER}\" \ --env \"SSH_USER_FORCE_SFTP=${SSH_USER_FORCE_SFTP}\" \ --env \"SSH_USER_HOME=${SSH_USER_HOME}\" \ @@ -122,6 +124,7 @@ ExecStart=/bin/sudo /bin/bash -c \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ + --env \"SSH_SUDO=${SSH_SUDO}\" \ --env \"SSH_USER=${SSH_USER}\" \ --env \"SSH_USER_FORCE_SFTP=${SSH_USER_FORCE_SFTP}\" \ --env \"SSH_USER_HOME=${SSH_USER_HOME}\" \ From 733f2ace719aa558db62abf7af2f991ed44c7365 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 7 Apr 2016 02:00:28 +0100 Subject: [PATCH 13/95] ISSUE 170: Used 'docker images -q' to get the image id value only. --- ssh.pool-1.1.1@2020.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 83d8be5..5cf4eb3 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -53,7 +53,7 @@ Environment="SSH_USER_ID=500:500" # Initialisation: Load image from local storage if available, otherwise pull. ExecStartPre=/bin/sudo /bin/bash -c \ - "if [[ ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} != $(/usr/bin/docker images | awk -v FS='[ ]+' -v pattern=\"^${DOCKER_IMAGE_NAME}[ ]+${DOCKER_IMAGE_TAG} \" '$0 ~ pattern { print $1\":\"$2; }') ]]; then \ + "if [[ -z $(/usr/bin/docker images -q ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}) ]]; then \ if [[ -f ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz ]]; then \ /usr/bin/xz -dc ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz | /usr/bin/docker load; \ else \ From 6df7b759b45fb5447cb15c667f1198c4a7af74e7 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 7 Apr 2016 02:25:43 +0100 Subject: [PATCH 14/95] ISSUE 170: Used 'docker ps -aq' for the id of containers and --filter for running status. --- ssh.pool-1.1.1@2020.service | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 5cf4eb3..6da7e18 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -64,7 +64,7 @@ ExecStartPre=/bin/sudo /bin/bash -c \ # Create a data container for the configuration volume ExecStartPre=/bin/sudo /bin/bash -c \ "if [[ ${VOLUME_CONFIG_ENABLED} == true ]] && [[ ${VOLUME_CONFIG_NAMED} == true ]]; then \ - if [[ ${VOLUME_CONFIG_NAME} != $(/usr/bin/docker ps -a | /bin/awk -v pattern=\"^${VOLUME_CONFIG_NAME}$\" '$NF ~ pattern { print $NF; }') ]]; then \ + if [[ -z $(/usr/bin/docker ps -aq --filter "name=${VOLUME_CONFIG_NAME}") ]]; then \ /usr/bin/docker run \ --name ${VOLUME_CONFIG_NAME}.tmp \ ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} \ @@ -79,7 +79,7 @@ ExecStartPre=/bin/sudo /bin/bash -c \ /usr/bin/docker kill ${VOLUME_CONFIG_NAME}.tmp; \ fi; \ elif [[ ${VOLUME_CONFIG_ENABLED} == true ]] && [[ ${VOLUME_CONFIG_NAMED} != true ]]; then \ - if [[ ${VOLUME_CONFIG_NAME} != $(/usr/bin/docker ps -a | /bin/awk -v pattern=\"^${VOLUME_CONFIG_NAME}$\" '$NF ~ pattern { print $NF; }') ]]; then \ + if [[ -z $(/usr/bin/docker ps -aq --filter "name=${VOLUME_CONFIG_NAME}") ]]; then \ /usr/bin/docker run \ --name ${VOLUME_CONFIG_NAME} \ -v /etc/services-config \ @@ -91,8 +91,8 @@ ExecStartPre=/bin/sudo /bin/bash -c \ # Remove existing container (and stop if running). This allows it to # be re-created on startup but not removed on exit as with --rm. ExecStartPre=/bin/sudo /bin/bash -c \ - "if [[ %p == $(/usr/bin/docker ps -a | /bin/awk -v pattern='^%p$' '$NF ~ pattern { print $NF; }') ]]; then \ - if [[ %p == $(/usr/bin/docker ps | /bin/awk -v pattern='^%p$' '$NF ~ pattern { print $NF; }') ]]; then \ + "if [[ -n $(/usr/bin/docker ps -aq --filter "name=%p") ]]; then \ + if [[ -n $(/usr/bin/docker ps -aq --filter "name=%p" --filter "status=running") ]]; then \ /usr/bin/docker stop %p; \ fi; \ /usr/bin/docker rm %p; \ @@ -100,7 +100,7 @@ ExecStartPre=/bin/sudo /bin/bash -c \ # Startup ExecStart=/bin/sudo /bin/bash -c \ - "if [[ ${VOLUME_CONFIG_NAME} == $(/usr/bin/docker ps -a | /bin/awk -v pattern=\"^${VOLUME_CONFIG_NAME}$\" '$NF ~ pattern { print $NF; }') ]]; then \ + "if [[ -n $(/usr/bin/docker ps -aq --filter "name=${VOLUME_CONFIG_NAME}") ]]; then \ /usr/bin/docker run \ --name %p \ -p %i:22 \ From 741141ce773078dd3a24adc0efaffd296a798492 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 7 Apr 2016 13:27:59 +0100 Subject: [PATCH 15/95] ISSUE 161: Refactored to allow sshd process to be restarted independently of sshd-bootstrap. --- .../supervisor/supervisord.d/sshd-bootstrap.conf | 2 +- etc/services-config/supervisor/supervisord.d/sshd.conf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/services-config/supervisor/supervisord.d/sshd-bootstrap.conf b/etc/services-config/supervisor/supervisord.d/sshd-bootstrap.conf index 26154be..7244325 100644 --- a/etc/services-config/supervisor/supervisord.d/sshd-bootstrap.conf +++ b/etc/services-config/supervisor/supervisord.d/sshd-bootstrap.conf @@ -1,6 +1,6 @@ [program:sshd-bootstrap] priority = 5 -command = bash -c 'env >> /etc/sshd-bootstrap.env; /usr/sbin/sshd-bootstrap && rm -f /tmp/sshd.lock' +command = bash -c 'touch /tmp/sshd-bootstrap.lock; env >> /etc/sshd-bootstrap.env; /usr/sbin/sshd-bootstrap && rm -f /tmp/sshd-bootstrap.lock' startsecs = 0 startretries = 0 autorestart = false diff --git a/etc/services-config/supervisor/supervisord.d/sshd.conf b/etc/services-config/supervisor/supervisord.d/sshd.conf index f088d3a..716e30e 100644 --- a/etc/services-config/supervisor/supervisord.d/sshd.conf +++ b/etc/services-config/supervisor/supervisord.d/sshd.conf @@ -1,6 +1,6 @@ [program:sshd] priority = 10 -command = bash -c 'touch /tmp/sshd.lock; while [ -e /tmp/sshd.lock ]; do sleep 0.1; done; /usr/sbin/sshd -D -e' +command = bash -c 'while true; do sleep 0.1; [ -e /tmp/sshd-bootstrap.lock ] || break; done; /usr/sbin/sshd -D -e' redirect_stderr = true stdout_logfile = /var/log/secure stdout_events_enabled = true \ No newline at end of file From 8b655fec9f553293f7bbb1d0498706ac9509b137 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 7 Apr 2016 13:29:43 +0100 Subject: [PATCH 16/95] ISSUE 161: Added autorestart to the sshd supervisor configuration. --- etc/services-config/supervisor/supervisord.d/sshd.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/services-config/supervisor/supervisord.d/sshd.conf b/etc/services-config/supervisor/supervisord.d/sshd.conf index 716e30e..09cb9cf 100644 --- a/etc/services-config/supervisor/supervisord.d/sshd.conf +++ b/etc/services-config/supervisor/supervisord.d/sshd.conf @@ -1,6 +1,7 @@ [program:sshd] priority = 10 command = bash -c 'while true; do sleep 0.1; [ -e /tmp/sshd-bootstrap.lock ] || break; done; /usr/sbin/sshd -D -e' +autorestart = true redirect_stderr = true stdout_logfile = /var/log/secure stdout_events_enabled = true \ No newline at end of file From 7f776462c5357856bf685c08dc7060eeef212df9 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 8 Apr 2016 01:49:18 +0100 Subject: [PATCH 17/95] ISSUE 184: Split out docker helper functions. --- docker-helpers.sh | 55 ++++++++++++++++++------------- systemd-install.sh | 81 +--------------------------------------------- 2 files changed, 34 insertions(+), 102 deletions(-) diff --git a/docker-helpers.sh b/docker-helpers.sh index 73d7855..bb03021 100644 --- a/docker-helpers.sh +++ b/docker-helpers.sh @@ -15,6 +15,17 @@ have_docker_container_name () return 1 } +have_docker_image () +{ + local NAME=$1 + + if [[ -n $(show_docker_image ${NAME}) ]]; then + return 0 + fi + + return 1 +} + is_docker_container_name_running () { local NAME=$1 @@ -30,6 +41,28 @@ is_docker_container_name_running () return 1 } +remove_docker_container_name () +{ + local NAME=$1 + + if have_docker_container_name ${NAME}; then + if is_docker_container_name_running ${NAME}; then + echo "Stopping container ${NAME}" + docker stop ${NAME} &> /dev/null + + if [[ ${?} -ne 0 ]]; then + return 1 + fi + fi + echo "Removing container ${NAME}" + docker rm ${NAME} &> /dev/null + + if [[ ${?} -ne 0 ]]; then + return 1 + fi + fi +} + show_docker_container_name_status () { local NAME=$1 @@ -61,25 +94,3 @@ show_docker_image () -v pattern="^${NAME_PARTS[0]}[ ]+${NAME_PARTS[1]} " \ '$0 ~ pattern { print $0; }' } - -remove_docker_container_name () -{ - local NAME=$1 - - if have_docker_container_name ${NAME}; then - if is_docker_container_name_running ${NAME}; then - echo "Stopping container ${NAME}" - docker stop ${NAME} &> /dev/null - - if [[ ${?} -ne 0 ]]; then - return 1 - fi - fi - echo "Removing container ${NAME}" - docker rm ${NAME} &> /dev/null - - if [[ ${?} -ne 0 ]]; then - return 1 - fi - fi -} diff --git a/systemd-install.sh b/systemd-install.sh index 9c281cd..a3ccd33 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -7,86 +7,7 @@ if [[ ${DIR_PATH} == */* ]] && [[ ${DIR_PATH} != $( pwd ) ]] ; then fi source run.conf - -have_docker_container_name () -{ - local NAME=$1 - - if [[ -z ${NAME} ]]; then - return 1 - fi - - if [[ -n $(docker ps -a | awk -v pattern="^${NAME}$" '$NF ~ pattern { print $NF; }') ]]; then - return 0 - fi - - return 1 -} - -have_docker_image () -{ - local NAME=$1 - - if [[ -n $(show_docker_image ${NAME}) ]]; then - return 0 - fi - - return 1 -} - -is_docker_container_name_running () -{ - local NAME=$1 - - if [[ -z ${NAME} ]]; then - return 1 - fi - - if [[ -n $(docker ps | awk -v pattern="^${NAME}$" '$NF ~ pattern { print $NF; }') ]]; then - return 0 - fi - - return 1 -} - -remove_docker_container_name () -{ - local NAME=$1 - - if have_docker_container_name ${NAME}; then - if is_docker_container_name_running ${NAME}; then - echo "Stopping container ${NAME}" - docker stop ${NAME} &> /dev/null - - if [[ ${?} -ne 0 ]]; then - return 1 - fi - fi - echo "Removing container ${NAME}" - docker rm ${NAME} &> /dev/null - - if [[ ${?} -ne 0 ]]; then - return 1 - fi - fi -} - -show_docker_image () -{ - local NAME=$1 - local NAME_PARTS=(${NAME//:/ }) - - # Set 'latest' tag if no tag requested - if [[ ${#NAME_PARTS[@]} == 1 ]]; then - NAME_PARTS[1]='latest' - fi - - docker images | \ - awk \ - -v FS='[ ]+' \ - -v pattern="^${NAME_PARTS[0]}[ ]+${NAME_PARTS[1]} " \ - '$0 ~ pattern { print $0; }' -} +source docker-helpers.sh SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_LONG_NAME:-ssh.pool-1.1.1} SERVICE_UNIT_FILE_NAME=${SERVICE_UNIT_FILE_NAME:-${SERVICE_UNIT_LONG_NAME}@2020.service} From fdbddd3d4197327fad9040ef1fd15ce0d7f384c2 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 9 Apr 2016 00:41:23 +0100 Subject: [PATCH 18/95] ISSUE 184: Use native docker commands and restructure. --- systemd-install.sh | 47 +++++++++++++++++++++++++--------------------- 1 file changed, 26 insertions(+), 21 deletions(-) diff --git a/systemd-install.sh b/systemd-install.sh index a3ccd33..6c65845 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -7,39 +7,44 @@ if [[ ${DIR_PATH} == */* ]] && [[ ${DIR_PATH} != $( pwd ) ]] ; then fi source run.conf -source docker-helpers.sh SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_LONG_NAME:-ssh.pool-1.1.1} SERVICE_UNIT_FILE_NAME=${SERVICE_UNIT_FILE_NAME:-${SERVICE_UNIT_LONG_NAME}@2020.service} -# Stop the service and remove containers. -sudo systemctl stop ${SERVICE_UNIT_FILE_NAME} &> /dev/null -remove_docker_container_name volume-config.${SERVICE_UNIT_LONG_NAME} -remove_docker_container_name ${SERVICE_UNIT_LONG_NAME} - # Copy systemd definition into place and enable it. sudo cp ${SERVICE_UNIT_FILE_NAME} /etc/systemd/system/ sudo systemctl daemon-reload -sudo systemctl enable /etc/systemd/system/${SERVICE_UNIT_FILE_NAME} +sudo systemctl enable -f /etc/systemd/system/${SERVICE_UNIT_FILE_NAME} + +# Stop the service and remove containers. +sudo systemctl stop ${SERVICE_UNIT_FILE_NAME} &> /dev/null + +# Terminate the container(s) +sudo docker rm -f volume-config.${SERVICE_UNIT_LONG_NAME} &> /dev/null +sudo docker rm -f ${SERVICE_UNIT_LONG_NAME} &> /dev/null + +printf -- "---> Installing %s\n" ${SERVICE_UNIT_FILE_NAME} +sudo systemctl start ${SERVICE_UNIT_FILE_NAME} & +PIDS[0]=${!} +PIDS[1]=$(ps --ppid ${PIDS[0]} -o pid=) -printf -- "\nInstalling %s\n" ${SERVICE_UNIT_FILE_NAME} -sudo systemctl restart ${SERVICE_UNIT_FILE_NAME} & -INSTALL_PID=${!} +# Tail the systemd unit logs unitl installation completes +sudo journalctl -fu ${SERVICE_UNIT_FILE_NAME} & +PIDS[2]=${!} +PIDS[3]=$(ps --ppid ${PIDS[2]} -o pid=) + +# Wait for installtion to complete +[[ -n ${PIDS[1]} ]] && wait ${PIDS[1]} +[[ -n ${PIDS[0]} ]] && wait ${PIDS[0]} -# Tail the systemd unit logs unitl installation completes. -journalctl -fu ${SERVICE_UNIT_FILE_NAME} & -LOG_PID=${!} -wait ${INSTALL_PID} -INSTALL_STATUS=${?} # Allow time for the container bootstrap to complete sleep 5 -kill -9 ${LOG_PID} +sudo kill -15 ${PIDS[2]} ${PIDS[3]} -printf -- "\nService status:\n" -if [[ ${INSTALL_STATUS} -eq 0 ]]; then - sudo systemctl status -l ${SERVICE_UNIT_FILE_NAME} - printf -- "\n ${COLOUR_POSITIVE}--->${COLOUR_RESET} %s\n" 'Install complete' +if sudo systemctl -q is-active ${SERVICE_UNIT_FILE_NAME}; then + printf -- " ---> %s\n${COLOUR_POSITIVE} --->${COLOUR_RESET} %s\n" ${SERVICE_UNIT_FILE_NAME} 'Install complete' else + printf -- "\nService status:\n" sudo systemctl status -l ${SERVICE_UNIT_FILE_NAME} - printf -- "\n ${COLOUR_NEGATIVE}--->${COLOUR_RESET} %s\n" 'ERROR' + printf -- "\n${COLOUR_NEGATIVE} --->${COLOUR_RESET} %s\n" 'Install error' fi From 68f989066c926fc169d53178780452a9d0fbe6e5 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 11 Apr 2016 01:44:46 +0100 Subject: [PATCH 19/95] ISSUE 190: Escaped double quotes. --- ssh.pool-1.1.1@2020.service | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 6da7e18..e7b14c5 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -91,8 +91,8 @@ ExecStartPre=/bin/sudo /bin/bash -c \ # Remove existing container (and stop if running). This allows it to # be re-created on startup but not removed on exit as with --rm. ExecStartPre=/bin/sudo /bin/bash -c \ - "if [[ -n $(/usr/bin/docker ps -aq --filter "name=%p") ]]; then \ - if [[ -n $(/usr/bin/docker ps -aq --filter "name=%p" --filter "status=running") ]]; then \ + "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p\") ]]; then \ + if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p\" --filter \"status=running\") ]]; then \ /usr/bin/docker stop %p; \ fi; \ /usr/bin/docker rm %p; \ @@ -100,7 +100,7 @@ ExecStartPre=/bin/sudo /bin/bash -c \ # Startup ExecStart=/bin/sudo /bin/bash -c \ - "if [[ -n $(/usr/bin/docker ps -aq --filter "name=${VOLUME_CONFIG_NAME}") ]]; then \ + "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ /usr/bin/docker run \ --name %p \ -p %i:22 \ From 834a01cfdcac92f28872144da8672b41c4a2f158 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 11 Apr 2016 02:11:36 +0100 Subject: [PATCH 20/95] ISSUE 190: Escaped double quotes. --- ssh.pool-1.1.1@2020.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index e7b14c5..a22cfec 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -64,7 +64,7 @@ ExecStartPre=/bin/sudo /bin/bash -c \ # Create a data container for the configuration volume ExecStartPre=/bin/sudo /bin/bash -c \ "if [[ ${VOLUME_CONFIG_ENABLED} == true ]] && [[ ${VOLUME_CONFIG_NAMED} == true ]]; then \ - if [[ -z $(/usr/bin/docker ps -aq --filter "name=${VOLUME_CONFIG_NAME}") ]]; then \ + if [[ -z $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ /usr/bin/docker run \ --name ${VOLUME_CONFIG_NAME}.tmp \ ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} \ @@ -79,7 +79,7 @@ ExecStartPre=/bin/sudo /bin/bash -c \ /usr/bin/docker kill ${VOLUME_CONFIG_NAME}.tmp; \ fi; \ elif [[ ${VOLUME_CONFIG_ENABLED} == true ]] && [[ ${VOLUME_CONFIG_NAMED} != true ]]; then \ - if [[ -z $(/usr/bin/docker ps -aq --filter "name=${VOLUME_CONFIG_NAME}") ]]; then \ + if [[ -z $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ /usr/bin/docker run \ --name ${VOLUME_CONFIG_NAME} \ -v /etc/services-config \ From 5b288b80c70f33b005cb6a686c0bd3e446c40daa Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 11 Apr 2016 02:21:04 +0100 Subject: [PATCH 21/95] ISSUE 190: Removed sudo from systemd unit file as systemctl needs to be run as root. --- ssh.pool-1.1.1@2020.service | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index a22cfec..8bfd091 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -52,7 +52,7 @@ Environment="SSH_USER_SHELL=/bin/bash" Environment="SSH_USER_ID=500:500" # Initialisation: Load image from local storage if available, otherwise pull. -ExecStartPre=/bin/sudo /bin/bash -c \ +ExecStartPre=/bin/bash -c \ "if [[ -z $(/usr/bin/docker images -q ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}) ]]; then \ if [[ -f ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz ]]; then \ /usr/bin/xz -dc ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz | /usr/bin/docker load; \ @@ -62,7 +62,7 @@ ExecStartPre=/bin/sudo /bin/bash -c \ fi" # Create a data container for the configuration volume -ExecStartPre=/bin/sudo /bin/bash -c \ +ExecStartPre=/bin/bash -c \ "if [[ ${VOLUME_CONFIG_ENABLED} == true ]] && [[ ${VOLUME_CONFIG_NAMED} == true ]]; then \ if [[ -z $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ /usr/bin/docker run \ @@ -90,7 +90,7 @@ ExecStartPre=/bin/sudo /bin/bash -c \ # Remove existing container (and stop if running). This allows it to # be re-created on startup but not removed on exit as with --rm. -ExecStartPre=/bin/sudo /bin/bash -c \ +ExecStartPre=/bin/bash -c \ "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p\") ]]; then \ if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p\" --filter \"status=running\") ]]; then \ /usr/bin/docker stop %p; \ @@ -99,7 +99,7 @@ ExecStartPre=/bin/sudo /bin/bash -c \ fi" # Startup -ExecStart=/bin/sudo /bin/bash -c \ +ExecStart=/bin/bash -c \ "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ /usr/bin/docker run \ --name %p \ From b7b7f2b4e059e3ea84a8203c69ebcf15397f1a0f Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 11 Apr 2016 02:53:59 +0100 Subject: [PATCH 22/95] ISSUE 190: List requirements before startup ordering. --- ssh.pool-1.1.1@2020.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 8bfd091..65a022d 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -18,10 +18,10 @@ [Unit] Description=CentOS / Supervisor / OpenSSH // pool-1.1.1 -After=etcd2.service -After=docker.service Requires=docker.service Requires=etcd2.service +After=etcd2.service +After=docker.service [Service] Restart=on-failure From a3ef32a2e5c69182209c4aa7ea0d89fcac9e7887 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 18 Apr 2016 11:27:05 +0100 Subject: [PATCH 23/95] ISSUE 190: Disable ETCD requirement and comment out entries that set/get values. Improve terminate container method to include for case where container might be paused. --- ssh.pool-1.1.1@2020.service | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 65a022d..e0efaf2 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -19,8 +19,8 @@ [Unit] Description=CentOS / Supervisor / OpenSSH // pool-1.1.1 Requires=docker.service -Requires=etcd2.service -After=etcd2.service +# Requires=etcd2.service +# After=etcd2.service After=docker.service [Service] @@ -88,14 +88,16 @@ ExecStartPre=/bin/bash -c \ fi; \ fi" -# Remove existing container (and stop if running). This allows it to -# be re-created on startup but not removed on exit as with --rm. +# Terminate existing container to allow for redeployment ExecStartPre=/bin/bash -c \ "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p\") ]]; then \ + if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p\" --filter \"status=paused\") ]]; then \ + /usr/bin/docker unpause %p; \ + fi; \ if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p\" --filter \"status=running\") ]]; then \ /usr/bin/docker stop %p; \ fi; \ - /usr/bin/docker rm %p; \ + /usr/bin/docker rm -f %p; \ fi" # Startup @@ -135,10 +137,17 @@ ExecStart=/bin/bash -c \ ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \ fi" -ExecStartPost=/usr/bin/etcdctl set /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} %H:%i +# ExecStartPost=/usr/bin/etcdctl \ +# set \ +# /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} \ +# %H:%i +# Shutdown ExecStop=/usr/bin/docker stop --time 10 %p -ExecStopPost=/usr/bin/etcdctl rm /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} + +# ExecStopPost=/usr/bin/etcdctl \ +# rm \ +# /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} [Install] WantedBy=multi-user.target From 3fd9fcb099d688185c4f2d6cf9bc7c3bd63cfd8d Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 4 May 2016 17:07:22 +0100 Subject: [PATCH 24/95] ISSUE 190: Use full name in systemd description. --- ssh.pool-1.1.1@2020.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index e0efaf2..427b33f 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -17,7 +17,7 @@ # ----------------------------------------------------------------------------- [Unit] -Description=CentOS / Supervisor / OpenSSH // pool-1.1.1 +Description=CentOS / Supervisor / OpenSSH // ssh.pool-1.1.1 Requires=docker.service # Requires=etcd2.service # After=etcd2.service From cf69f3d49e5cbbc71ee0306a525afd050cdd8f23 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 4 May 2016 17:08:33 +0100 Subject: [PATCH 25/95] ISSUE 190: Systemd install script requires root privilegs. --- systemd-install.sh | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/systemd-install.sh b/systemd-install.sh index 6c65845..9bd997f 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -6,45 +6,47 @@ if [[ ${DIR_PATH} == */* ]] && [[ ${DIR_PATH} != $( pwd ) ]] ; then cd ${DIR_PATH} fi +if [[ ${EUID} -ne 0 ]]; then + echo "Please run as root." + exit 1 +fi + source run.conf SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_LONG_NAME:-ssh.pool-1.1.1} SERVICE_UNIT_FILE_NAME=${SERVICE_UNIT_FILE_NAME:-${SERVICE_UNIT_LONG_NAME}@2020.service} # Copy systemd definition into place and enable it. -sudo cp ${SERVICE_UNIT_FILE_NAME} /etc/systemd/system/ -sudo systemctl daemon-reload -sudo systemctl enable -f /etc/systemd/system/${SERVICE_UNIT_FILE_NAME} +cp ${SERVICE_UNIT_FILE_NAME} /etc/systemd/system/ +systemctl daemon-reload +systemctl enable -f /etc/systemd/system/${SERVICE_UNIT_FILE_NAME} # Stop the service and remove containers. -sudo systemctl stop ${SERVICE_UNIT_FILE_NAME} &> /dev/null +systemctl stop ${SERVICE_UNIT_FILE_NAME} &> /dev/null # Terminate the container(s) -sudo docker rm -f volume-config.${SERVICE_UNIT_LONG_NAME} &> /dev/null -sudo docker rm -f ${SERVICE_UNIT_LONG_NAME} &> /dev/null +docker rm -f volume-config.${SERVICE_UNIT_LONG_NAME} &> /dev/null +docker rm -f ${SERVICE_UNIT_LONG_NAME} &> /dev/null printf -- "---> Installing %s\n" ${SERVICE_UNIT_FILE_NAME} -sudo systemctl start ${SERVICE_UNIT_FILE_NAME} & +systemctl start ${SERVICE_UNIT_FILE_NAME} & PIDS[0]=${!} -PIDS[1]=$(ps --ppid ${PIDS[0]} -o pid=) # Tail the systemd unit logs unitl installation completes -sudo journalctl -fu ${SERVICE_UNIT_FILE_NAME} & -PIDS[2]=${!} -PIDS[3]=$(ps --ppid ${PIDS[2]} -o pid=) +journalctl -fu ${SERVICE_UNIT_FILE_NAME} & +PIDS[1]=${!} # Wait for installtion to complete -[[ -n ${PIDS[1]} ]] && wait ${PIDS[1]} [[ -n ${PIDS[0]} ]] && wait ${PIDS[0]} # Allow time for the container bootstrap to complete sleep 5 -sudo kill -15 ${PIDS[2]} ${PIDS[3]} +kill -15 ${PIDS[1]} -if sudo systemctl -q is-active ${SERVICE_UNIT_FILE_NAME}; then +if systemctl -q is-active ${SERVICE_UNIT_FILE_NAME}; then printf -- " ---> %s\n${COLOUR_POSITIVE} --->${COLOUR_RESET} %s\n" ${SERVICE_UNIT_FILE_NAME} 'Install complete' else printf -- "\nService status:\n" - sudo systemctl status -l ${SERVICE_UNIT_FILE_NAME} + systemctl status -l ${SERVICE_UNIT_FILE_NAME} printf -- "\n${COLOUR_NEGATIVE} --->${COLOUR_RESET} %s\n" 'Install error' fi From 049ea0839d72f83fea2351a1d3cc6186b5aecfe0 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 5 May 2016 18:50:27 +0100 Subject: [PATCH 26/95] ISSUE 190: Update systemd installer script to replace etcd service name on non CoreOS distributions. Added etcd service registration / de-registration steps back in. --- ssh.pool-1.1.1@2020.service | 29 ++++++++++++++++++++--------- systemd-install.sh | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+), 9 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 427b33f..d07b156 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -1,6 +1,12 @@ # ----------------------------------------------------------------------------- # To install: # sudo cp /@.service /etc/systemd/system/ +# +# If not installing to a CoreOS distribution replace etcd2.service +# with etcd.service using: +# sudo sed -i -e 's~etcd2.service~etcd.service~g' \ +# /etc/systemd/system/@.service +# # sudo systemctl daemon-reload # sudo systemctl enable -f /etc/systemd/system/@.service # @@ -19,8 +25,8 @@ [Unit] Description=CentOS / Supervisor / OpenSSH // ssh.pool-1.1.1 Requires=docker.service -# Requires=etcd2.service -# After=etcd2.service +Requires=etcd2.service +After=etcd2.service After=docker.service [Service] @@ -137,17 +143,22 @@ ExecStart=/bin/bash -c \ ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \ fi" -# ExecStartPost=/usr/bin/etcdctl \ -# set \ -# /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} \ -# %H:%i +# Register service state +ExecStartPost=/usr/bin/etcdctl \ + set \ + /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} \ + %H:%i # Shutdown ExecStop=/usr/bin/docker stop --time 10 %p -# ExecStopPost=/usr/bin/etcdctl \ -# rm \ -# /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} +# Unregister service state +ExecStopPost=/bin/bash -c \ + "if [[ -n $(/usr/bin/etcdctl get /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} &> /dev/null ) ]]; then \ + /usr/bin/etcdctl \ + rm \ + /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}; \ + fi" [Install] WantedBy=multi-user.target diff --git a/systemd-install.sh b/systemd-install.sh index 9bd997f..448a041 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -13,11 +13,46 @@ fi source run.conf +is_coreos_distribution () +{ + if [[ -n $( [[ -e /etc/os-release ]] && grep ^ID=coreos$ /etc/os-release ) ]]; then + return 0 + fi + + return 1 +} + +replace_etcd_service_name () +{ + local FILE_PATH=${1} + + if [[ -z ${FILE_PATH} ]]; then + echo "Path to the service's unit file is required." + return 1 + fi + + if ! [[ -s ${FILE_PATH} ]]; then + echo "Unit file not found." + return 1 + fi + + # CoreOS uses etcd.service and etcd2.service for version 1 and 2 of ETCD + # respectively but has both available. Use etcd2.service in the systemd + # unit file and rename for other distributions where etcd.service is the + # only name used. + if ! is_coreos_distribution; then + echo "---> Not a CoreOS distribution." + echo " ---> Renaming etcd2.service to etcd.service in unit file." + sed -i -e 's~etcd2.service~etcd.service~g' ${FILE_PATH} + fi +} + SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_LONG_NAME:-ssh.pool-1.1.1} SERVICE_UNIT_FILE_NAME=${SERVICE_UNIT_FILE_NAME:-${SERVICE_UNIT_LONG_NAME}@2020.service} # Copy systemd definition into place and enable it. cp ${SERVICE_UNIT_FILE_NAME} /etc/systemd/system/ +replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_FILE_NAME} systemctl daemon-reload systemctl enable -f /etc/systemd/system/${SERVICE_UNIT_FILE_NAME} From 6f4c74c4eeac58947ed15483747e573e49acc6f7 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 6 May 2016 01:09:18 +0100 Subject: [PATCH 27/95] ISSUE 190: Simplify etcd key name by using the unit name %p. Remove unused service_unit environment variables. --- ssh.pool-1.1.1@2020.service | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index d07b156..51f4769 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -14,7 +14,7 @@ # sudo systemctl [start|stop|restart|kill|status] @.service # # Debugging: -# journalctl -fn 50 u @.service +# journalctl -fn 50 -u @.service # # To uninstall: # sudo systemctl disable -f /etc/systemd/system/@.service @@ -23,7 +23,7 @@ # ----------------------------------------------------------------------------- [Unit] -Description=CentOS / Supervisor / OpenSSH // ssh.pool-1.1.1 +Description=CentOS / Supervisor / OpenSSH // %p Requires=docker.service Requires=etcd2.service After=etcd2.service @@ -36,11 +36,6 @@ TimeoutStartSec=1200 Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/services-packages" Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh" Environment="DOCKER_IMAGE_TAG=centos-7-2.0.1" -Environment="SERVICE_UNIT_NAME=ssh" -Environment="SERVICE_UNIT_APP_GROUP=app-1" -Environment="SERVICE_UNIT_SHARED_GROUP=pool-1" -Environment="SERVICE_UNIT_LOCAL_ID=1" -Environment="SERVICE_UNIT_INSTANCE=1" Environment="VOLUME_CONFIG_ENABLED=false" Environment="VOLUME_CONFIG_NAMED=false" Environment="VOLUME_CONFIG_NAME=volume-config.%p" @@ -143,21 +138,21 @@ ExecStart=/bin/bash -c \ ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \ fi" -# Register service state +# Register service ExecStartPost=/usr/bin/etcdctl \ set \ - /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} \ + /services/%p \ %H:%i # Shutdown ExecStop=/usr/bin/docker stop --time 10 %p -# Unregister service state +# Unregister service ExecStopPost=/bin/bash -c \ - "if [[ -n $(/usr/bin/etcdctl get /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} &> /dev/null ) ]]; then \ + "if [[ -n $(/usr/bin/etcdctl get /services/%p &> /dev/null ) ]]; then \ /usr/bin/etcdctl \ rm \ - /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}; \ + /services/%p; \ fi" [Install] From 50f10d86e06ad30bf51f9453c98672c802d922ce Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 00:38:05 +0100 Subject: [PATCH 28/95] ISSUE 194: Refactor systemd install method to use template file and instance number for cluster instance. --- run.conf | 21 +++-- ssh.pool-1.1.1@2020.service | 2 +- ssh.pool-1.1@.service | 165 ++++++++++++++++++++++++++++++++++++ systemd-install.sh | 25 +++--- 4 files changed, 190 insertions(+), 23 deletions(-) create mode 100644 ssh.pool-1.1@.service diff --git a/run.conf b/run.conf index ed49911..e00fea5 100644 --- a/run.conf +++ b/run.conf @@ -7,17 +7,20 @@ DOCKER_IMAGE_NAME=centos-ssh DOCKER_IMAGE_TAG=${DOCKER_IMAGE_TAG:-latest} DOCKER_IMAGE_REPOSITORY_NAME=${DOCKER_USER}/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} -SERVICE_UNIT_NAME=ssh -SERVICE_UNIT_APP_GROUP=app-1 -SERVICE_UNIT_SHARED_GROUP=pool-1 -SERVICE_UNIT_LOCAL_ID=1 -SERVICE_UNIT_INSTANCE=1 -SERVICE_UNIT_PORT=2020 -SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}.${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} -SERVICE_UNIT_FILE_NAME=${SERVICE_UNIT_LONG_NAME}@${SERVICE_UNIT_PORT}.service +SERVICE_UNIT_NAME=${SERVICE_UNIT_NAME:-ssh} +SERVICE_UNIT_APP_GROUP=${SERVICE_UNIT_APP_GROUP:-app-1} +SERVICE_UNIT_SHARED_GROUP=${SERVICE_UNIT_SHARED_GROUP:-pool-1} +SERVICE_UNIT_LOCAL_ID=${SERVICE_UNIT_LOCAL_ID:-1} +SERVICE_UNIT_INSTANCE=${SERVICE_UNIT_INSTANCE:-1} +SERVICE_UNIT_PORT_MAP_TCP_22=${SERVICE_UNIT_PORT_MAP_TCP_22:-2020} + +SERVICE_UNIT_GROUP_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP} +SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} +SERVICE_UNIT_TEMPLATE_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@.service +SERVICE_UNIT_INSTANCE_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@${SERVICE_UNIT_INSTANCE}.service DOCKER_NAME=${SERVICE_UNIT_LONG_NAME} -DOCKER_HOST_PORT_SSH=${SERVICE_UNIT_PORT:-2020} +DOCKER_HOST_PORT_SSH=${SERVICE_UNIT_PORT_MAP_TCP_22} DOCKER_HOST_PORT_SFTP=$((( ${DOCKER_HOST_PORT_SSH} + 1 ))) # VOLUME_CONFIG_NAME=volume-config.${SERVICE_UNIT_NAME} diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 51f4769..2bc897d 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -23,7 +23,7 @@ # ----------------------------------------------------------------------------- [Unit] -Description=CentOS / Supervisor / OpenSSH // %p +Description=centos-ssh // %p Requires=docker.service Requires=etcd2.service After=etcd2.service diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service new file mode 100644 index 0000000..956caa1 --- /dev/null +++ b/ssh.pool-1.1@.service @@ -0,0 +1,165 @@ +# ----------------------------------------------------------------------------- +# To install: +# sudo cp /@.service /etc/systemd/system/ +# +# If not installing to a CoreOS distribution replace etcd2.service +# with etcd.service using: +# sudo sed -i -e 's~etcd2.service~etcd.service~g' \ +# /etc/systemd/system/@.service +# +# sudo systemctl daemon-reload +# sudo systemctl enable -f /etc/systemd/system/@.service +# +# Start using: +# sudo systemctl [start|stop|restart|kill|status] @.service +# +# Debugging: +# journalctl -fn 50 -u @.service +# +# To uninstall: +# sudo systemctl disable -f /etc/systemd/system/@.service +# sudo systemctl stop /etc/systemd/system/@.service +# sudo docker rm +# ----------------------------------------------------------------------------- + +[Unit] +Description=centos-ssh // %p.%i +Requires=docker.service +Requires=etcd2.service +After=etcd2.service +After=docker.service + +[Service] +Restart=on-failure +RestartSec=30 +TimeoutStartSec=1200 +Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/services-packages" +Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh" +Environment="DOCKER_IMAGE_TAG=centos-7-2.0.1" +Environment="SERVICE_UNIT_PORT_MAP_TCP_22=2020" +Environment="VOLUME_CONFIG_ENABLED=false" +Environment="VOLUME_CONFIG_NAMED=false" +Environment="VOLUME_CONFIG_NAME=volume-config.%p.%i" +Environment="VOLUME_DATA_NAME=volume-data.%p.%i" +Environment="SSH_AUTHORIZED_KEYS=ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" +Environment="SSH_CHROOT_DIRECTORY=%h" +Environment="SSH_INHERIT_ENVIRONMENT=false" +Environment="SSH_SUDO=ALL=(ALL) ALL" +Environment="SSH_USER=app-admin" +Environment="SSH_USER_FORCE_SFTP=false" +Environment="SSH_USER_HOME=/home/%%u" +Environment="SSH_USER_PASSWORD=" +Environment="SSH_USER_PASSWORD_HASHED=false" +Environment="SSH_USER_SHELL=/bin/bash" +Environment="SSH_USER_ID=500:500" + +# Initialisation: Load image from local storage if available, otherwise pull. +ExecStartPre=/bin/bash -c \ + "if [[ -z $(/usr/bin/docker images -q ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}) ]]; then \ + if [[ -f ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz ]]; then \ + /usr/bin/xz -dc ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz | /usr/bin/docker load; \ + else \ + /usr/bin/docker pull ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \ + fi; \ + fi" + +# Create a data container for the configuration volume +ExecStartPre=/bin/bash -c \ + "if [[ ${VOLUME_CONFIG_ENABLED} == true ]] && [[ ${VOLUME_CONFIG_NAMED} == true ]]; then \ + if [[ -z $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ + /usr/bin/docker run \ + --name ${VOLUME_CONFIG_NAME}.tmp \ + ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} \ + /bin/sh -c 'while true; do echo -ne .; sleep 1; done'; \ + /usr/bin/docker run \ + --name ${VOLUME_CONFIG_NAME} \ + -v ${VOLUME_CONFIG_NAME}:/etc/services-config \ + ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} \ + /bin/true; \ + /usr/bin/docker cp ${VOLUME_CONFIG_NAME}.tmp:/etc/services-config/. \ + /var/lib/docker/volumes/${VOLUME_CONFIG_NAME}/_data; \ + /usr/bin/docker kill ${VOLUME_CONFIG_NAME}.tmp; \ + fi; \ + elif [[ ${VOLUME_CONFIG_ENABLED} == true ]] && [[ ${VOLUME_CONFIG_NAMED} != true ]]; then \ + if [[ -z $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ + /usr/bin/docker run \ + --name ${VOLUME_CONFIG_NAME} \ + -v /etc/services-config \ + ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG} \ + /bin/true; \ + fi; \ + fi" + +# Terminate existing container to allow for redeployment +ExecStartPre=/bin/bash -c \ + "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p.%i\") ]]; then \ + if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p.%i\" --filter \"status=paused\") ]]; then \ + /usr/bin/docker unpause %p.%i; \ + fi; \ + if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p%i\" --filter \"status=running\") ]]; then \ + /usr/bin/docker stop %p.%i; \ + fi; \ + /usr/bin/docker rm -f %p.%i; \ + fi" + +# Startup +ExecStart=/bin/bash -c \ + "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ + /usr/bin/docker run \ + --name %p.%i \ + -p $(( ${SERVICE_UNIT_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )):22 \ + --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ + --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ + --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ + --env \"SSH_SUDO=${SSH_SUDO}\" \ + --env \"SSH_USER=${SSH_USER}\" \ + --env \"SSH_USER_FORCE_SFTP=${SSH_USER_FORCE_SFTP}\" \ + --env \"SSH_USER_HOME=${SSH_USER_HOME}\" \ + --env \"SSH_USER_PASSWORD=${SSH_USER_PASSWORD}\" \ + --env \"SSH_USER_PASSWORD_HASHED=${SSH_USER_PASSWORD_HASHED}\" \ + --env \"SSH_USER_SHELL=${SSH_USER_SHELL}\" \ + --env \"SSH_USER_ID=${SSH_USER_ID}\" \ + --volumes-from volume-config.%p.%i \ + ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \ + else \ + /usr/bin/docker run \ + --name %p.%i \ + -p $(( ${SERVICE_UNIT_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )):22 \ + --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ + --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ + --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ + --env \"SSH_SUDO=${SSH_SUDO}\" \ + --env \"SSH_USER=${SSH_USER}\" \ + --env \"SSH_USER_FORCE_SFTP=${SSH_USER_FORCE_SFTP}\" \ + --env \"SSH_USER_HOME=${SSH_USER_HOME}\" \ + --env \"SSH_USER_PASSWORD=${SSH_USER_PASSWORD}\" \ + --env \"SSH_USER_PASSWORD_HASHED=${SSH_USER_PASSWORD_HASHED}\" \ + --env \"SSH_USER_SHELL=${SSH_USER_SHELL}\" \ + --env \"SSH_USER_ID=${SSH_USER_ID}\" \ + ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \ + fi" + +# Register service +ExecStartPost=/bin/bash -c \ + "/usr/bin/etcdctl \ + set \ + /services/%p.%i \ + %H:$(( ${SERVICE_UNIT_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )); \ + " + +# Shutdown +ExecStop=/usr/bin/docker stop --time 10 %p.%i + +# Unregister service +ExecStopPost=/bin/bash -c \ + "if [[ -n $(/usr/bin/etcdctl get /services/%p.%i &> /dev/null ) ]]; then \ + /usr/bin/etcdctl \ + rm \ + /services/%p.%i; \ + fi" + +[Install] +WantedBy=multi-user.target + +[X-Fleet] +Conflicts=%p.*@%i.service diff --git a/systemd-install.sh b/systemd-install.sh index 448a041..adba85c 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -47,28 +47,25 @@ replace_etcd_service_name () fi } -SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_LONG_NAME:-ssh.pool-1.1.1} -SERVICE_UNIT_FILE_NAME=${SERVICE_UNIT_FILE_NAME:-${SERVICE_UNIT_LONG_NAME}@2020.service} - # Copy systemd definition into place and enable it. -cp ${SERVICE_UNIT_FILE_NAME} /etc/systemd/system/ -replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_FILE_NAME} +cp ${SERVICE_UNIT_TEMPLATE_NAME} /etc/systemd/system/ +replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} systemctl daemon-reload -systemctl enable -f /etc/systemd/system/${SERVICE_UNIT_FILE_NAME} +systemctl enable -f ${SERVICE_UNIT_TEMPLATE_NAME} # Stop the service and remove containers. -systemctl stop ${SERVICE_UNIT_FILE_NAME} &> /dev/null +systemctl stop ${SERVICE_UNIT_INSTANCE_NAME} &> /dev/null # Terminate the container(s) docker rm -f volume-config.${SERVICE_UNIT_LONG_NAME} &> /dev/null docker rm -f ${SERVICE_UNIT_LONG_NAME} &> /dev/null -printf -- "---> Installing %s\n" ${SERVICE_UNIT_FILE_NAME} -systemctl start ${SERVICE_UNIT_FILE_NAME} & +printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} +systemctl start ${SERVICE_UNIT_INSTANCE_NAME} & PIDS[0]=${!} # Tail the systemd unit logs unitl installation completes -journalctl -fu ${SERVICE_UNIT_FILE_NAME} & +journalctl -fu ${SERVICE_UNIT_INSTANCE_NAME} & PIDS[1]=${!} # Wait for installtion to complete @@ -77,11 +74,13 @@ PIDS[1]=${!} # Allow time for the container bootstrap to complete sleep 5 kill -15 ${PIDS[1]} +wait ${PIDS[1]} 2> /dev/null -if systemctl -q is-active ${SERVICE_UNIT_FILE_NAME}; then - printf -- " ---> %s\n${COLOUR_POSITIVE} --->${COLOUR_RESET} %s\n" ${SERVICE_UNIT_FILE_NAME} 'Install complete' +if systemctl -q is-active ${SERVICE_UNIT_INSTANCE_NAME}; then + printf -- " ---> Service unit is active: %s\n" "$(systemctl list-units --type=service | grep ssh.pool-1.1@1.service)" + printf -- "${COLOUR_POSITIVE} --->${COLOUR_RESET} %s\n" 'Install complete' else printf -- "\nService status:\n" - systemctl status -l ${SERVICE_UNIT_FILE_NAME} + systemctl status -ln 50 ${SERVICE_UNIT_INSTANCE_NAME} printf -- "\n${COLOUR_NEGATIVE} --->${COLOUR_RESET} %s\n" 'Install error' fi From 85186a2d8204ee60ff79a954be622f64b2cf26eb Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 01:01:42 +0100 Subject: [PATCH 29/95] ISSUE 194: Abort if not a systemd based distribution. --- systemd-install.sh | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/systemd-install.sh b/systemd-install.sh index adba85c..6b42fcf 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -6,11 +6,6 @@ if [[ ${DIR_PATH} == */* ]] && [[ ${DIR_PATH} != $( pwd ) ]] ; then cd ${DIR_PATH} fi -if [[ ${EUID} -ne 0 ]]; then - echo "Please run as root." - exit 1 -fi - source run.conf is_coreos_distribution () @@ -47,6 +42,18 @@ replace_etcd_service_name () fi } +# Abort if systemd not supported +if ! type -p systemctl &> /dev/null; then + printf -- "${COLOUR_NEGATIVE}--->${COLOUR_RESET} %s\n" 'Systemd installation not supported.' + exit 1 +fi + +# Abort if not run by root user or with sudo +if [[ ${EUID} -ne 0 ]]; then + printf -- "${COLOUR_NEGATIVE}--->${COLOUR_RESET} %s\n" 'Please run as root.' + exit 1 +fi + # Copy systemd definition into place and enable it. cp ${SERVICE_UNIT_TEMPLATE_NAME} /etc/systemd/system/ replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} From e3a8e7039f1c56940dbd00093ec2b01537f1f07d Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 01:54:26 +0100 Subject: [PATCH 30/95] ISSUE 194: Use SERVICE_UNIT_LOCAL_ID to increment the local instances (ports). --- systemd-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/systemd-install.sh b/systemd-install.sh index 6b42fcf..7098747 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -55,7 +55,7 @@ if [[ ${EUID} -ne 0 ]]; then fi # Copy systemd definition into place and enable it. -cp ${SERVICE_UNIT_TEMPLATE_NAME} /etc/systemd/system/ +cp ${SERVICE_UNIT_GROUP_NAME}.1@.service /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} systemctl daemon-reload systemctl enable -f ${SERVICE_UNIT_TEMPLATE_NAME} @@ -84,7 +84,7 @@ kill -15 ${PIDS[1]} wait ${PIDS[1]} 2> /dev/null if systemctl -q is-active ${SERVICE_UNIT_INSTANCE_NAME}; then - printf -- " ---> Service unit is active: %s\n" "$(systemctl list-units --type=service | grep ssh.pool-1.1@1.service)" + printf -- " ---> Service unit is active: %s\n" "$(systemctl list-units --type=service | grep ${SERVICE_UNIT_INSTANCE_NAME})" printf -- "${COLOUR_POSITIVE} --->${COLOUR_RESET} %s\n" 'Install complete' else printf -- "\nService status:\n" From c583d4266734e864eaca2bd315206bf88beed717 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 02:25:11 +0100 Subject: [PATCH 31/95] ISSUE 194: Added SERVICE_UNIT_PORT_MAP_TCP_22 to the now depricated unit file. --- ssh.pool-1.1.1@2020.service | 1 + 1 file changed, 1 insertion(+) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 2bc897d..97d7c17 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -36,6 +36,7 @@ TimeoutStartSec=1200 Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/services-packages" Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh" Environment="DOCKER_IMAGE_TAG=centos-7-2.0.1" +Environment="SERVICE_UNIT_PORT_MAP_TCP_22=%i" Environment="VOLUME_CONFIG_ENABLED=false" Environment="VOLUME_CONFIG_NAMED=false" Environment="VOLUME_CONFIG_NAME=volume-config.%p" From b825fb9f57656cdf7c887b4770ff92619c60370d Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 17:20:59 +0100 Subject: [PATCH 32/95] ISSUE 202: Fixed issue with attempt to enable template instead of instance unit. --- systemd-install.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/systemd-install.sh b/systemd-install.sh index 7098747..800cbb5 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -58,7 +58,8 @@ fi cp ${SERVICE_UNIT_GROUP_NAME}.1@.service /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} systemctl daemon-reload -systemctl enable -f ${SERVICE_UNIT_TEMPLATE_NAME} + +systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} # Stop the service and remove containers. systemctl stop ${SERVICE_UNIT_INSTANCE_NAME} &> /dev/null From 7976797ac7d4fb39241b592323a7273fd4595053 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 17:31:09 +0100 Subject: [PATCH 33/95] ISSUE 202: Corrected instructions in systemd template file and use {,} in place of <,> as done in README.md. --- ssh.pool-1.1.1@2020.service | 16 ++++++++-------- ssh.pool-1.1@.service | 21 +++++++++++++-------- 2 files changed, 21 insertions(+), 16 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 97d7c17..7623b36 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -1,25 +1,25 @@ # ----------------------------------------------------------------------------- # To install: -# sudo cp /@.service /etc/systemd/system/ +# sudo cp {container-path}/{service-name}@{port}.service /etc/systemd/system/ # # If not installing to a CoreOS distribution replace etcd2.service # with etcd.service using: # sudo sed -i -e 's~etcd2.service~etcd.service~g' \ -# /etc/systemd/system/@.service +# /etc/systemd/system/{service-name}@{port}.service # # sudo systemctl daemon-reload -# sudo systemctl enable -f /etc/systemd/system/@.service +# sudo systemctl enable -f /etc/systemd/system/{service-name}@{port}.service # # Start using: -# sudo systemctl [start|stop|restart|kill|status] @.service +# sudo systemctl [start|stop|restart|kill|status] {service-name}@{port}.service # # Debugging: -# journalctl -fn 50 -u @.service +# journalctl -fn 50 -u {service-name}@{port}.service # # To uninstall: -# sudo systemctl disable -f /etc/systemd/system/@.service -# sudo systemctl stop /etc/systemd/system/@.service -# sudo docker rm +# sudo systemctl disable -f /etc/systemd/system/{service-name}@{port}.service +# sudo systemctl stop /etc/systemd/system/{service-name}@{port}.service +# sudo docker rm {service-name} # ----------------------------------------------------------------------------- [Unit] diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service index 956caa1..70ce9f3 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1.1@.service @@ -1,25 +1,30 @@ # ----------------------------------------------------------------------------- +# Where: +# {service-unit-instance-name} = {service-unit-name}.{service-unit-group-name}.{service-unit-local-id}@{service-unit-instance} +# {service-unit-long-name} = {service-unit-name}.{service-unit-group-name}.{service-unit-local-id}.{service-unit-instance} +# # To install: -# sudo cp /@.service /etc/systemd/system/ +# sudo cp {container-path}/{service-unit-name}.{service-unit-group-name}.{service-unit-local-id}@.service \ +# /etc/systemd/system/ # # If not installing to a CoreOS distribution replace etcd2.service # with etcd.service using: # sudo sed -i -e 's~etcd2.service~etcd.service~g' \ -# /etc/systemd/system/@.service +# /etc/systemd/system/{service-unit-name}.{service-unit-group-name}.{service-unit-local-id}@.service # # sudo systemctl daemon-reload -# sudo systemctl enable -f /etc/systemd/system/@.service +# sudo systemctl enable -f {service-unit-instance-name}.service # # Start using: -# sudo systemctl [start|stop|restart|kill|status] @.service +# sudo systemctl [start|stop|restart|kill|status] {service-unit-instance-name}.service # # Debugging: -# journalctl -fn 50 -u @.service +# journalctl -fn 50 -u {service-unit-instance-name}.service # # To uninstall: -# sudo systemctl disable -f /etc/systemd/system/@.service -# sudo systemctl stop /etc/systemd/system/@.service -# sudo docker rm +# sudo systemctl disable -f /etc/systemd/system/{service-unit-instance-name}.service +# sudo systemctl stop /etc/systemd/system/{service-unit-instance-name}.service +# sudo docker rm -f {service-unit-long-name} # ----------------------------------------------------------------------------- [Unit] From b9c8196c45969561ebc2f164af427aa77f6bc11f Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 17:34:56 +0100 Subject: [PATCH 34/95] ISSUE 202: Fixed issue with pattern match for running status in systemd unit file template. --- ssh.pool-1.1@.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service index 70ce9f3..3f7c670 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1.1@.service @@ -101,7 +101,7 @@ ExecStartPre=/bin/bash -c \ if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p.%i\" --filter \"status=paused\") ]]; then \ /usr/bin/docker unpause %p.%i; \ fi; \ - if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p%i\" --filter \"status=running\") ]]; then \ + if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p.%i\" --filter \"status=running\") ]]; then \ /usr/bin/docker stop %p.%i; \ fi; \ /usr/bin/docker rm -f %p.%i; \ From 6583d4b81773f55db112f7f0488e0ed8b86e00f9 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 17:37:19 +0100 Subject: [PATCH 35/95] ISSUE 202: Handle termination of containers run with '--rm' parameter. --- ssh.pool-1.1.1@2020.service | 5 ++++- ssh.pool-1.1@.service | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 7623b36..f075fea 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -33,6 +33,7 @@ After=docker.service Restart=on-failure RestartSec=30 TimeoutStartSec=1200 +KillMode=none Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/services-packages" Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh" Environment="DOCKER_IMAGE_TAG=centos-7-2.0.1" @@ -99,7 +100,9 @@ ExecStartPre=/bin/bash -c \ if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p\" --filter \"status=running\") ]]; then \ /usr/bin/docker stop %p; \ fi; \ - /usr/bin/docker rm -f %p; \ + if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p\") ]]; then \ + /usr/bin/docker rm -f %p.%i; \ + fi; \ fi" # Startup diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service index 3f7c670..2321aea 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1.1@.service @@ -38,6 +38,7 @@ After=docker.service Restart=on-failure RestartSec=30 TimeoutStartSec=1200 +KillMode=none Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/services-packages" Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh" Environment="DOCKER_IMAGE_TAG=centos-7-2.0.1" @@ -104,7 +105,9 @@ ExecStartPre=/bin/bash -c \ if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p.%i\" --filter \"status=running\") ]]; then \ /usr/bin/docker stop %p.%i; \ fi; \ - /usr/bin/docker rm -f %p.%i; \ + if [[ -n $(/usr/bin/docker ps -aq --filter \"name=%p.%i\") ]]; then \ + /usr/bin/docker rm -f %p.%i; \ + fi; \ fi" # Startup From ea7797225c0a68bf90635085597b2e0eb7c90a7d Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 17:56:49 +0100 Subject: [PATCH 36/95] ISSUE 202: Systemd ExecStartPre command should terminate existing containers --- systemd-install.sh | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/systemd-install.sh b/systemd-install.sh index 800cbb5..8c8342c 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -61,14 +61,11 @@ systemctl daemon-reload systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} -# Stop the service and remove containers. +# Stop the service systemctl stop ${SERVICE_UNIT_INSTANCE_NAME} &> /dev/null -# Terminate the container(s) -docker rm -f volume-config.${SERVICE_UNIT_LONG_NAME} &> /dev/null -docker rm -f ${SERVICE_UNIT_LONG_NAME} &> /dev/null - printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} +# Systemd ExecStartPre command should exist to terminate any existing containers systemctl start ${SERVICE_UNIT_INSTANCE_NAME} & PIDS[0]=${!} From 83f6117082386bb48d8139a213e856923fc63526 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 23:27:37 +0100 Subject: [PATCH 37/95] ISSUE 185: Fixed issue with docker images filter not matching name on CentOS-7. --- ssh.pool-1.1.1@2020.service | 2 +- ssh.pool-1.1@.service | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index f075fea..9ce12f1 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -56,7 +56,7 @@ Environment="SSH_USER_ID=500:500" # Initialisation: Load image from local storage if available, otherwise pull. ExecStartPre=/bin/bash -c \ - "if [[ -z $(/usr/bin/docker images -q ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}) ]]; then \ + "if [[ -z $(/usr/bin/docker images | awk -v FS='[ ]+' -v pattern=\"^(docker.io/)?${DOCKER_IMAGE_NAME}[ ]+${DOCKER_IMAGE_TAG} \" '$0 ~ pattern { print $1\":\"$2; }') ]]; then \ if [[ -f ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz ]]; then \ /usr/bin/xz -dc ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz | /usr/bin/docker load; \ else \ diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service index 2321aea..be211bc 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1.1@.service @@ -61,7 +61,7 @@ Environment="SSH_USER_ID=500:500" # Initialisation: Load image from local storage if available, otherwise pull. ExecStartPre=/bin/bash -c \ - "if [[ -z $(/usr/bin/docker images -q ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}) ]]; then \ + "if [[ -z $(/usr/bin/docker images | awk -v FS='[ ]+' -v pattern=\"^(docker.io/)?${DOCKER_IMAGE_NAME}[ ]+${DOCKER_IMAGE_TAG} \" '$0 ~ pattern { print $1\":\"$2; }') ]]; then \ if [[ -f ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz ]]; then \ /usr/bin/xz -dc ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz | /usr/bin/docker load; \ else \ From 5ea0c9b7e31cb32b535cae4bedffe74c412d5141 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 23:39:48 +0100 Subject: [PATCH 38/95] ISSUE 185: Fixed issue in Makefile with docker images filter not matching name on CentOS-7. --- Makefile | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/Makefile b/Makefile index e801a42..7bc5c52 100644 --- a/Makefile +++ b/Makefile @@ -176,7 +176,7 @@ load: prerequisites require-docker-release-tag else \ $(xz) -dc $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz | \ $(docker) load; \ - echo "$(PREFIX_SUB_STEP) $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG))"; \ + echo "$(PREFIX_SUB_STEP) $$( if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then echo $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); else echo $$($(docker) images -q docker.io/$(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); fi; )"; \ echo "$(PREFIX_SUB_STEP_POSITIVE) Image loaded"; \ fi @@ -203,7 +203,7 @@ pull: prerequisites require-docker-image-tag @ $(docker) pull \ $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG); \ if [[ $${?} -eq 0 ]]; then \ - echo "$(PREFIX_SUB_STEP) $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG))"; \ + echo "$(PREFIX_SUB_STEP) $$( if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then echo $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); else echo $$($(docker) images -q docker.io/$(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); fi; )"; \ echo "$(PREFIX_SUB_STEP_POSITIVE) Image pulled"; \ else \ echo "$(PREFIX_SUB_STEP_NEGATIVE) Error pulling image"; \ @@ -248,20 +248,20 @@ else endif rmi: prerequisites require-docker-image-tag -ifneq ($(shell $(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)),) - @ echo "$(PREFIX_STEP) Untagging image"; \ - echo "$(PREFIX_SUB_STEP) $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) : $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)"; \ - $(docker) rmi \ - $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) 1> /dev/null; \ - if [[ $${?} -eq 0 ]]; then \ - echo "$(PREFIX_SUB_STEP_POSITIVE) Image untagged"; \ + @ if [[ -n $$( if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then echo $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); else echo $$($(docker) images -q docker.io/$(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); fi; ) ]]; then \ + echo "$(PREFIX_STEP) Untagging image"; \ + echo "$(PREFIX_SUB_STEP) $$( if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then echo $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); else echo $$($(docker) images -q docker.io/$(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); fi; ) : $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)"; \ + $(docker) rmi \ + $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) 1> /dev/null; \ + if [[ $${?} -eq 0 ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Image untagged"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Error untagging image"; \ + exit 1; \ + fi; \ else \ - echo "$(PREFIX_SUB_STEP_NEGATIVE) Error untagging image"; \ - exit 1; \ + echo "$(PREFIX_STEP) Untagging image skipped"; \ fi -else - @ echo "$(PREFIX_STEP) Untagging image skipped" -endif run: prerequisites require-docker-image-tag @ echo "$(PREFIX_STEP) Running container" From b7046ff4fed7bd87f341bf1889909e606bbf7442 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 8 May 2016 23:55:06 +0100 Subject: [PATCH 39/95] ISSUE 185: Use docker images -q for consistency and check for docker.io/ registry prefix in the name. --- ssh.pool-1.1.1@2020.service | 2 +- ssh.pool-1.1@.service | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 9ce12f1..d83e9bd 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -56,7 +56,7 @@ Environment="SSH_USER_ID=500:500" # Initialisation: Load image from local storage if available, otherwise pull. ExecStartPre=/bin/bash -c \ - "if [[ -z $(/usr/bin/docker images | awk -v FS='[ ]+' -v pattern=\"^(docker.io/)?${DOCKER_IMAGE_NAME}[ ]+${DOCKER_IMAGE_TAG} \" '$0 ~ pattern { print $1\":\"$2; }') ]]; then \ + "if [[ -z $( if [[ -n $(/usr/bin/docker images -q ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}) ]]; then echo $(/usr/bin/docker images -q ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}); else echo $(/usr/bin/docker images -q docker.io/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}); fi; ) ]]; then \ if [[ -f ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz ]]; then \ /usr/bin/xz -dc ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz | /usr/bin/docker load; \ else \ diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service index be211bc..a2ab174 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1.1@.service @@ -61,7 +61,7 @@ Environment="SSH_USER_ID=500:500" # Initialisation: Load image from local storage if available, otherwise pull. ExecStartPre=/bin/bash -c \ - "if [[ -z $(/usr/bin/docker images | awk -v FS='[ ]+' -v pattern=\"^(docker.io/)?${DOCKER_IMAGE_NAME}[ ]+${DOCKER_IMAGE_TAG} \" '$0 ~ pattern { print $1\":\"$2; }') ]]; then \ + "if [[ -z $( if [[ -n $(/usr/bin/docker images -q ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}) ]]; then echo $(/usr/bin/docker images -q ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}); else echo $(/usr/bin/docker images -q docker.io/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}); fi; ) ]]; then \ if [[ -f ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz ]]; then \ /usr/bin/xz -dc ${DOCKER_IMAGE_PACKAGE_PATH}/${DOCKER_IMAGE_NAME}.${DOCKER_IMAGE_TAG}.tar.xz | /usr/bin/docker load; \ else \ From 50bfce46c8ce6c2ec02f7f3e3929adca018ce2bd Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 9 May 2016 00:46:12 +0100 Subject: [PATCH 40/95] ISSUE 191: Added docker user/namespace subdirectory to the packages directory. --- make.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/make.conf b/make.conf index f72944f..8f2f4c1 100644 --- a/make.conf +++ b/make.conf @@ -15,7 +15,7 @@ DOCKER_RESTART_POLICY ?= always # {no,on-failure[:max-retries],always,unless-sto NO_CACHE ?= false # Directory path for release packages -PACKAGE_PATH ?= ./packages +PACKAGE_PATH ?= ./packages/jdeathe # VOLUME_CONFIG_NAME := volume-config.${SERVICE_UNIT_NAME} # VOLUME_CONFIG_NAME := volume-config.${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP} From 317e3d543a529c73feb841b0d874e0e27f9fbd6e Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 9 May 2016 10:28:54 +0100 Subject: [PATCH 41/95] ISSUE 189: Set static colour codes. --- build.conf | 6 +++--- run.conf | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/build.conf b/build.conf index 01c23fc..f96ad1e 100644 --- a/build.conf +++ b/build.conf @@ -1,6 +1,6 @@ -COLOUR_NEGATIVE=$(tput setaf 1) -COLOUR_POSITIVE=$(tput setaf 2) -COLOUR_RESET=$(tput sgr0) +COLOUR_NEGATIVE='\033[0;31m' +COLOUR_POSITIVE='\033[0;32m' +COLOUR_RESET='\033[0m' DOCKER_USER=jdeathe DOCKER_IMAGE_NAME=centos-ssh diff --git a/run.conf b/run.conf index e00fea5..9687a98 100644 --- a/run.conf +++ b/run.conf @@ -1,6 +1,6 @@ -COLOUR_NEGATIVE=$(tput setaf 1) -COLOUR_POSITIVE=$(tput setaf 2) -COLOUR_RESET=$(tput sgr0) +COLOUR_NEGATIVE='\033[0;31m' +COLOUR_POSITIVE='\033[0;32m' +COLOUR_RESET='\033[0m' DOCKER_USER=jdeathe DOCKER_IMAGE_NAME=centos-ssh From 8a8fc1afff137ade261427cb1e0c20dd4cac0899 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 9 May 2016 10:35:48 +0100 Subject: [PATCH 42/95] ISSUE 189: Use bold colour codes. --- build.conf | 4 ++-- run.conf | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/build.conf b/build.conf index f96ad1e..34ea7a1 100644 --- a/build.conf +++ b/build.conf @@ -1,5 +1,5 @@ -COLOUR_NEGATIVE='\033[0;31m' -COLOUR_POSITIVE='\033[0;32m' +COLOUR_NEGATIVE='\033[1;31m' +COLOUR_POSITIVE='\033[1;32m' COLOUR_RESET='\033[0m' DOCKER_USER=jdeathe diff --git a/run.conf b/run.conf index 9687a98..03f0380 100644 --- a/run.conf +++ b/run.conf @@ -1,5 +1,5 @@ -COLOUR_NEGATIVE='\033[0;31m' -COLOUR_POSITIVE='\033[0;32m' +COLOUR_NEGATIVE='\033[1;31m' +COLOUR_POSITIVE='\033[1;32m' COLOUR_RESET='\033[0m' DOCKER_USER=jdeathe From 4c01040a77b05e5cd292643b66efa70131dad104 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 9 May 2016 12:51:25 +0100 Subject: [PATCH 43/95] ISSUE 189: Move logic from config to shell script. --- run.conf | 1 - run.sh | 4 ++++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/run.conf b/run.conf index 03f0380..c96b400 100644 --- a/run.conf +++ b/run.conf @@ -21,7 +21,6 @@ SERVICE_UNIT_INSTANCE_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@$ DOCKER_NAME=${SERVICE_UNIT_LONG_NAME} DOCKER_HOST_PORT_SSH=${SERVICE_UNIT_PORT_MAP_TCP_22} -DOCKER_HOST_PORT_SFTP=$((( ${DOCKER_HOST_PORT_SSH} + 1 ))) # VOLUME_CONFIG_NAME=volume-config.${SERVICE_UNIT_NAME} # VOLUME_CONFIG_NAME=volume-config.${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP} diff --git a/run.sh b/run.sh index d753edf..9d10c03 100755 --- a/run.sh +++ b/run.sh @@ -82,6 +82,10 @@ docker run \ ${DOCKER_IMAGE_REPOSITORY_NAME}${@:+ -c }"${@}" ) +if [[ -n ${DOCKER_HOST_PORT_SSH} ]]; then + DOCKER_HOST_PORT_SFTP=$(( ${DOCKER_HOST_PORT_SSH} + 1 )) +fi + # Forced SFTP # To connect: sftp -P 2021 -i ~/.ssh/id_rsa_insecure app-sftp@docker-host # ( From 8118d3a23148e98369316efc715276b25e2f2e4c Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 9 May 2016 13:29:58 +0100 Subject: [PATCH 44/95] ISSUE 189: Remove requirement for DOCKER_HOST_PORT_SFTP. --- run.sh | 52 ++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 40 insertions(+), 12 deletions(-) diff --git a/run.sh b/run.sh index 9d10c03..bb19fac 100755 --- a/run.sh +++ b/run.sh @@ -82,18 +82,23 @@ docker run \ ${DOCKER_IMAGE_REPOSITORY_NAME}${@:+ -c }"${@}" ) -if [[ -n ${DOCKER_HOST_PORT_SSH} ]]; then - DOCKER_HOST_PORT_SFTP=$(( ${DOCKER_HOST_PORT_SSH} + 1 )) -fi - # Forced SFTP # To connect: sftp -P 2021 -i ~/.ssh/id_rsa_insecure app-sftp@docker-host +# if [[ -n ${DOCKER_HOST_PORT_SSH} ]]; then +# (( DOCKER_HOST_PORT_SSH ++ )) +# fi +# +# DOCKER_NAME="${DOCKER_NAME//${SERVICE_UNIT_NAME}/sftp}" +# DOCKER_NAME="${DOCKER_NAME//.${SERVICE_UNIT_LOCAL_ID}./.$(( ${SERVICE_UNIT_LOCAL_ID} + 1 )).}" +# (( SERVICE_UNIT_LOCAL_ID ++ )) +# remove_docker_container_name ${DOCKER_NAME} +# # ( # set -xe # docker run \ # ${DOCKER_OPERATOR_OPTIONS} \ # --name ${DOCKER_NAME} \ -# -p ${DOCKER_HOST_PORT_SFTP:-}:22 \ +# -p ${DOCKER_HOST_PORT_SSH:-}:22 \ # --env "SSH_USER=app-sftp" \ # --env "SSH_USER_FORCE_SFTP=true" \ # ${DOCKER_VOLUMES_FROM:-} \ @@ -103,12 +108,21 @@ fi # ) # Forced SFTP + apache-php linked volume + persistent host keys +# if [[ -n ${DOCKER_HOST_PORT_SSH} ]]; then +# (( DOCKER_HOST_PORT_SSH ++ )) +# fi +# +# DOCKER_NAME="${DOCKER_NAME//${SERVICE_UNIT_NAME}/sftp}" +# DOCKER_NAME="${DOCKER_NAME//.${SERVICE_UNIT_LOCAL_ID}./.$(( ${SERVICE_UNIT_LOCAL_ID} + 1 )).}" +# (( SERVICE_UNIT_LOCAL_ID ++ )) +# remove_docker_container_name ${DOCKER_NAME} +# # ( # set -xe # docker run \ # ${DOCKER_OPERATOR_OPTIONS} \ # --name ${DOCKER_NAME} \ -# -p ${DOCKER_HOST_PORT_SFTP:-}:22 \ +# -p ${DOCKER_HOST_PORT_SSH:-}:22 \ # --env "SSH_CHROOT_DIRECTORY=%h" \ # --env "SSH_USER=app-sftp" \ # --env "SSH_USER_FORCE_SFTP=true" \ @@ -121,12 +135,21 @@ fi # ) # Forced SFTP + apache-php linked volume (writeable home directory) +# if [[ -n ${DOCKER_HOST_PORT_SSH} ]]; then +# (( DOCKER_HOST_PORT_SSH ++ )) +# fi +# +# DOCKER_NAME="${DOCKER_NAME//${SERVICE_UNIT_NAME}/sftp}" +# DOCKER_NAME="${DOCKER_NAME//.${SERVICE_UNIT_LOCAL_ID}./.$(( ${SERVICE_UNIT_LOCAL_ID} + 1 )).}" +# (( SERVICE_UNIT_LOCAL_ID ++ )) +# remove_docker_container_name ${DOCKER_NAME} +# # ( # set -xe # docker run \ # ${DOCKER_OPERATOR_OPTIONS} \ # --name ${DOCKER_NAME} \ -# -p ${DOCKER_HOST_PORT_SFTP:-}:22 \ +# -p ${DOCKER_HOST_PORT_SSH:-}:22 \ # --env "SSH_CHROOT_DIRECTORY=/var/www" \ # --env "SSH_USER=app-sftp" \ # --env "SSH_USER_FORCE_SFTP=true" \ @@ -141,12 +164,21 @@ fi # Use environment variables instead of configuration volume # SHA-512 hashed password: Passw0rd! # Salt: salt/pepper.pot. +# if [[ -n ${DOCKER_HOST_PORT_SSH} ]]; then +# (( DOCKER_HOST_PORT_SSH ++ )) +# fi +# +# DOCKER_NAME="${DOCKER_NAME//sftp/${SERVICE_UNIT_NAME}}" +# DOCKER_NAME="${DOCKER_NAME//.${SERVICE_UNIT_LOCAL_ID}./.$(( ${SERVICE_UNIT_LOCAL_ID} + 1 )).}" +# (( SERVICE_UNIT_LOCAL_ID ++ )) +# remove_docker_container_name ${DOCKER_NAME} +# # ( # set -xe # docker run \ # ${DOCKER_OPERATOR_OPTIONS} \ # --name ${DOCKER_NAME} \ -# -p ${DOCKER_HOST_PORT_SFTP:-}:22 \ +# -p ${DOCKER_HOST_PORT_SSH:-}:22 \ # --env "SSH_AUTHORIZED_KEYS= # ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key # ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqmLedI2mEJimvIm1OzT1EYJCMwegL/jfsXARLnYkZvJlEHFYDmRgS+YQ+MA9PKHyriCPmVNs/6yVc2lopwPWioXt0+ulH/H43PgB6/4fkP0duauHsRtpp7z7dhqgZOXqdLUn/Ybp0rz0+yKUOBb9ggjE5n7hYyDGtZR9Y11pJ4TuRHmL6wv5mnj9WRzkUlJNYkr6X5b6yAxtQmX+2f33u2qGdAwADddE/uZ4vKnC0jFsv5FdvnwRf2diF/9AagDb7xhZ9U3hPOyLj31H/OUce4xBpGXRfkUYkeW8Qx+zEbEBVlGxDroIMZmHJIknBDAzVfft+lsg1Z06NCYOJ+hSew== @@ -184,10 +216,6 @@ fi # (( DOCKER_HOST_PORT_SSH ++ )) # fi -# if [[ -n ${DOCKER_HOST_PORT_SFTP} ]]; then -# (( DOCKER_HOST_PORT_SSH ++ )) -# fi - # remove_docker_container_name ${DOCKER_NAME_LINK_HOST} # ( From 4daca7b7c0921a49dc8c5322c3bda7bee5e78460 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 9 May 2016 15:40:33 +0100 Subject: [PATCH 45/95] ISSUE 189: Use consistent variable name for docker port mapping - DOCKER_PORT_MAP_TCP_{container-port}. --- Makefile | 2 +- make.conf | 2 +- run.conf | 3 +-- run.sh | 32 ++++++++++++++++---------------- ssh.pool-1.1@.service | 8 ++++---- 5 files changed, 23 insertions(+), 24 deletions(-) diff --git a/Makefile b/Makefile index 7bc5c52..8313e4b 100644 --- a/Makefile +++ b/Makefile @@ -34,7 +34,7 @@ IS_DOCKER_RELEASE_TAG := $(shell if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_REL # Common parameters of create and run targets define DOCKER_CONTAINER_PARAMETERS --name $(DOCKER_NAME) \ ---publish $(DOCKER_HOST_PORT_SSH):22 \ +--publish $(DOCKER_PORT_MAP_TCP_22):22 \ --restart $(DOCKER_RESTART_POLICY) \ --env "SSH_AUTHORIZED_KEYS=$(SSH_AUTHORIZED_KEYS)" \ --env "SSH_CHROOT_DIRECTORY=$(SSH_CHROOT_DIRECTORY)" \ diff --git a/make.conf b/make.conf index 8f2f4c1..e8c7c0f 100644 --- a/make.conf +++ b/make.conf @@ -8,7 +8,7 @@ DOCKER_USER := jdeathe DOCKER_IMAGE_NAME := centos-ssh DOCKER_IMAGE_TAG ?= latest DOCKER_NAME ?= ssh.pool-1.1.1 -DOCKER_HOST_PORT_SSH ?= 2020 +DOCKER_PORT_MAP_TCP_22 ?= 2020 DOCKER_RESTART_POLICY ?= always # {no,on-failure[:max-retries],always,unless-stopped} # Docker build --no-cache parameter diff --git a/run.conf b/run.conf index c96b400..fc33f27 100644 --- a/run.conf +++ b/run.conf @@ -12,7 +12,6 @@ SERVICE_UNIT_APP_GROUP=${SERVICE_UNIT_APP_GROUP:-app-1} SERVICE_UNIT_SHARED_GROUP=${SERVICE_UNIT_SHARED_GROUP:-pool-1} SERVICE_UNIT_LOCAL_ID=${SERVICE_UNIT_LOCAL_ID:-1} SERVICE_UNIT_INSTANCE=${SERVICE_UNIT_INSTANCE:-1} -SERVICE_UNIT_PORT_MAP_TCP_22=${SERVICE_UNIT_PORT_MAP_TCP_22:-2020} SERVICE_UNIT_GROUP_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP} SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} @@ -20,7 +19,7 @@ SERVICE_UNIT_TEMPLATE_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@. SERVICE_UNIT_INSTANCE_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@${SERVICE_UNIT_INSTANCE}.service DOCKER_NAME=${SERVICE_UNIT_LONG_NAME} -DOCKER_HOST_PORT_SSH=${SERVICE_UNIT_PORT_MAP_TCP_22} +DOCKER_PORT_MAP_TCP_22=2020 # VOLUME_CONFIG_NAME=volume-config.${SERVICE_UNIT_NAME} # VOLUME_CONFIG_NAME=volume-config.${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP} diff --git a/run.sh b/run.sh index bb19fac..e82e321 100755 --- a/run.sh +++ b/run.sh @@ -66,7 +66,7 @@ set -xe docker run \ ${DOCKER_OPERATOR_OPTIONS} \ --name ${DOCKER_NAME} \ - -p ${DOCKER_HOST_PORT_SSH:-}:22 \ + -p ${DOCKER_PORT_MAP_TCP_22:-}:22 \ --env "SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}" \ --env "SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}" \ --env "SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}" \ @@ -84,8 +84,8 @@ docker run \ # Forced SFTP # To connect: sftp -P 2021 -i ~/.ssh/id_rsa_insecure app-sftp@docker-host -# if [[ -n ${DOCKER_HOST_PORT_SSH} ]]; then -# (( DOCKER_HOST_PORT_SSH ++ )) +# if [[ -n ${DOCKER_PORT_MAP_TCP_22} ]]; then +# (( DOCKER_PORT_MAP_TCP_22 ++ )) # fi # # DOCKER_NAME="${DOCKER_NAME//${SERVICE_UNIT_NAME}/sftp}" @@ -98,7 +98,7 @@ docker run \ # docker run \ # ${DOCKER_OPERATOR_OPTIONS} \ # --name ${DOCKER_NAME} \ -# -p ${DOCKER_HOST_PORT_SSH:-}:22 \ +# -p ${DOCKER_PORT_MAP_TCP_22:-}:22 \ # --env "SSH_USER=app-sftp" \ # --env "SSH_USER_FORCE_SFTP=true" \ # ${DOCKER_VOLUMES_FROM:-} \ @@ -108,8 +108,8 @@ docker run \ # ) # Forced SFTP + apache-php linked volume + persistent host keys -# if [[ -n ${DOCKER_HOST_PORT_SSH} ]]; then -# (( DOCKER_HOST_PORT_SSH ++ )) +# if [[ -n ${DOCKER_PORT_MAP_TCP_22} ]]; then +# (( DOCKER_PORT_MAP_TCP_22 ++ )) # fi # # DOCKER_NAME="${DOCKER_NAME//${SERVICE_UNIT_NAME}/sftp}" @@ -122,7 +122,7 @@ docker run \ # docker run \ # ${DOCKER_OPERATOR_OPTIONS} \ # --name ${DOCKER_NAME} \ -# -p ${DOCKER_HOST_PORT_SSH:-}:22 \ +# -p ${DOCKER_PORT_MAP_TCP_22:-}:22 \ # --env "SSH_CHROOT_DIRECTORY=%h" \ # --env "SSH_USER=app-sftp" \ # --env "SSH_USER_FORCE_SFTP=true" \ @@ -135,8 +135,8 @@ docker run \ # ) # Forced SFTP + apache-php linked volume (writeable home directory) -# if [[ -n ${DOCKER_HOST_PORT_SSH} ]]; then -# (( DOCKER_HOST_PORT_SSH ++ )) +# if [[ -n ${DOCKER_PORT_MAP_TCP_22} ]]; then +# (( DOCKER_PORT_MAP_TCP_22 ++ )) # fi # # DOCKER_NAME="${DOCKER_NAME//${SERVICE_UNIT_NAME}/sftp}" @@ -149,7 +149,7 @@ docker run \ # docker run \ # ${DOCKER_OPERATOR_OPTIONS} \ # --name ${DOCKER_NAME} \ -# -p ${DOCKER_HOST_PORT_SSH:-}:22 \ +# -p ${DOCKER_PORT_MAP_TCP_22:-}:22 \ # --env "SSH_CHROOT_DIRECTORY=/var/www" \ # --env "SSH_USER=app-sftp" \ # --env "SSH_USER_FORCE_SFTP=true" \ @@ -164,8 +164,8 @@ docker run \ # Use environment variables instead of configuration volume # SHA-512 hashed password: Passw0rd! # Salt: salt/pepper.pot. -# if [[ -n ${DOCKER_HOST_PORT_SSH} ]]; then -# (( DOCKER_HOST_PORT_SSH ++ )) +# if [[ -n ${DOCKER_PORT_MAP_TCP_22} ]]; then +# (( DOCKER_PORT_MAP_TCP_22 ++ )) # fi # # DOCKER_NAME="${DOCKER_NAME//sftp/${SERVICE_UNIT_NAME}}" @@ -178,7 +178,7 @@ docker run \ # docker run \ # ${DOCKER_OPERATOR_OPTIONS} \ # --name ${DOCKER_NAME} \ -# -p ${DOCKER_HOST_PORT_SSH:-}:22 \ +# -p ${DOCKER_PORT_MAP_TCP_22:-}:22 \ # --env "SSH_AUTHORIZED_KEYS= # ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key # ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqmLedI2mEJimvIm1OzT1EYJCMwegL/jfsXARLnYkZvJlEHFYDmRgS+YQ+MA9PKHyriCPmVNs/6yVc2lopwPWioXt0+ulH/H43PgB6/4fkP0duauHsRtpp7z7dhqgZOXqdLUn/Ybp0rz0+yKUOBb9ggjE5n7hYyDGtZR9Y11pJ4TuRHmL6wv5mnj9WRzkUlJNYkr6X5b6yAxtQmX+2f33u2qGdAwADddE/uZ4vKnC0jFsv5FdvnwRf2diF/9AagDb7xhZ9U3hPOyLj31H/OUce4xBpGXRfkUYkeW8Qx+zEbEBVlGxDroIMZmHJIknBDAzVfft+lsg1Z06NCYOJ+hSew== @@ -212,8 +212,8 @@ fi # DOCKER_NAME_LINK_HOST=${DOCKER_NAME}.link-host -# if [[ -n ${DOCKER_HOST_PORT_SSH} ]]; then -# (( DOCKER_HOST_PORT_SSH ++ )) +# if [[ -n ${DOCKER_PORT_MAP_TCP_22} ]]; then +# (( DOCKER_PORT_MAP_TCP_22 ++ )) # fi # remove_docker_container_name ${DOCKER_NAME_LINK_HOST} @@ -223,7 +223,7 @@ fi # docker run \ # ${DOCKER_OPERATOR_OPTIONS} \ # --name ${DOCKER_NAME_LINK_HOST} \ -# -p ${DOCKER_HOST_PORT_SSH:-}:22 \ +# -p ${DOCKER_PORT_MAP_TCP_22:-}:22 \ # --link ${DOCKER_NAME}:link-guest \ # --env "SSH_INHERIT_ENVIRONMENT=true" \ # ${DOCKER_VOLUMES_FROM:-} \ diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service index a2ab174..d2e248e 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1.1@.service @@ -42,7 +42,7 @@ KillMode=none Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/services-packages" Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh" Environment="DOCKER_IMAGE_TAG=centos-7-2.0.1" -Environment="SERVICE_UNIT_PORT_MAP_TCP_22=2020" +Environment="DOCKER_PORT_MAP_TCP_22=2020" Environment="VOLUME_CONFIG_ENABLED=false" Environment="VOLUME_CONFIG_NAMED=false" Environment="VOLUME_CONFIG_NAME=volume-config.%p.%i" @@ -115,7 +115,7 @@ ExecStart=/bin/bash -c \ "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ /usr/bin/docker run \ --name %p.%i \ - -p $(( ${SERVICE_UNIT_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )):22 \ + -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ @@ -132,7 +132,7 @@ ExecStart=/bin/bash -c \ else \ /usr/bin/docker run \ --name %p.%i \ - -p $(( ${SERVICE_UNIT_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )):22 \ + -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ @@ -152,7 +152,7 @@ ExecStartPost=/bin/bash -c \ "/usr/bin/etcdctl \ set \ /services/%p.%i \ - %H:$(( ${SERVICE_UNIT_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )); \ + %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )); \ " # Shutdown From bbd7715257148281cd5fe9c40644dd2582e0513b Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 9 May 2016 17:13:03 +0100 Subject: [PATCH 46/95] ISSUE 189: Use bold console colours. --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 8313e4b..4b0b698 100644 --- a/Makefile +++ b/Makefile @@ -4,8 +4,8 @@ export PATH := ${PATH} include make.conf # UI constants -COLOUR_NEGATIVE := \033[0;31m -COLOUR_POSITIVE := \033[0;32m +COLOUR_NEGATIVE := \033[1;31m +COLOUR_POSITIVE := \033[1;32m COLOUR_RESET := \033[0m CHARACTER_STEP := ---> PREFIX_STEP := $(shell printf -- '%s ' "$(CHARACTER_STEP)") From d97331ed1d31cabf7408d2e899943e09dc2a650a Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 9 May 2016 19:14:13 +0100 Subject: [PATCH 47/95] ISSUE 213: Replaced use of awk with /bin/awk in systemd unit file. --- ssh.pool-1.1@.service | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service index d2e248e..5b2efec 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1.1@.service @@ -115,7 +115,7 @@ ExecStart=/bin/bash -c \ "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ /usr/bin/docker run \ --name %p.%i \ - -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )):22 \ + -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/bin/awk -F. '$0=$NF' <<< %p) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ @@ -132,7 +132,7 @@ ExecStart=/bin/bash -c \ else \ /usr/bin/docker run \ --name %p.%i \ - -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )):22 \ + -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/bin/awk -F. '$0=$NF' <<< %p) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ @@ -152,7 +152,7 @@ ExecStartPost=/bin/bash -c \ "/usr/bin/etcdctl \ set \ /services/%p.%i \ - %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(awk -F. '$0=$NF' <<< %p) - 1 )); \ + %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/bin/awk -F. '$0=$NF' <<< %p) - 1 )); \ " # Shutdown From 1e3fbe600c3ba5d2488e9f1ebc4da9d202d3d587 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 9 May 2016 19:51:50 +0100 Subject: [PATCH 48/95] ISSUE 213: Should be /usr/bin/awk instead of /bin/awk. --- ssh.pool-1.1@.service | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service index 5b2efec..1782d96 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1.1@.service @@ -115,7 +115,7 @@ ExecStart=/bin/bash -c \ "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ /usr/bin/docker run \ --name %p.%i \ - -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/bin/awk -F. '$0=$NF' <<< %p) - 1 )):22 \ + -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$NF' <<< %p) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ @@ -132,7 +132,7 @@ ExecStart=/bin/bash -c \ else \ /usr/bin/docker run \ --name %p.%i \ - -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/bin/awk -F. '$0=$NF' <<< %p) - 1 )):22 \ + -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$NF' <<< %p) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ @@ -152,7 +152,7 @@ ExecStartPost=/bin/bash -c \ "/usr/bin/etcdctl \ set \ /services/%p.%i \ - %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/bin/awk -F. '$0=$NF' <<< %p) - 1 )); \ + %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$NF' <<< %p) - 1 )); \ " # Shutdown From d2408960ad327b0064eec885122ed2982dfa5335 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 9 May 2016 23:15:03 +0100 Subject: [PATCH 49/95] ISSUE 219: Use bash instead of makefile syntax to check docker container exists. --- Makefile | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 4b0b698..b0bd208 100644 --- a/Makefile +++ b/Makefile @@ -214,9 +214,11 @@ ps: prerequisites require-docker-container @ $(docker) ps -as --filter "name=$(DOCKER_NAME)"; require-docker-container: -ifeq ($(shell $(docker) ps -aq --filter "name=$(DOCKER_NAME)"),) - $(error "This operation requires the $(DOCKER_NAME) docker container. Install it with: make install") -endif + @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ + echo "$(PREFIX_STEP_NEGATIVE) This operation requires the $(DOCKER_NAME) docker container."; \ + echo "$(PREFIX_SUB_STEP) Try Install it with: make install"; \ + exit 1; \ + fi require-docker-image-tag: ifeq ($(IS_DOCKER_IMAGE_TAG),) From 203cb92ffc8c1452a38893ab21f7d5cc88fef63a Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 9 May 2016 23:47:51 +0100 Subject: [PATCH 50/95] ISSUE 219: Use bash syntax in preference to makefile syntax. --- Makefile | 81 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 40 insertions(+), 41 deletions(-) diff --git a/Makefile b/Makefile index b0bd208..1f7378f 100644 --- a/Makefile +++ b/Makefile @@ -27,10 +27,6 @@ xz := $(shell type -p xz) # Used to test docker host is accessible get-docker-info := $(shell $(docker) info) -# Tag validation -IS_DOCKER_IMAGE_TAG := $(shell if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_TAG_PATTERN) ]]; then echo $(DOCKER_IMAGE_TAG); else echo ''; fi) -IS_DOCKER_RELEASE_TAG := $(shell if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_RELEASE_TAG_PATTERN) ]]; then echo $(DOCKER_IMAGE_TAG); else echo ''; fi) - # Common parameters of create and run targets define DOCKER_CONTAINER_PARAMETERS --name $(DOCKER_NAME) \ @@ -216,19 +212,22 @@ ps: prerequisites require-docker-container require-docker-container: @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ echo "$(PREFIX_STEP_NEGATIVE) This operation requires the $(DOCKER_NAME) docker container."; \ - echo "$(PREFIX_SUB_STEP) Try Install it with: make install"; \ + echo "$(PREFIX_SUB_STEP) Try installing it with: make install"; \ exit 1; \ fi require-docker-image-tag: -ifeq ($(IS_DOCKER_IMAGE_TAG),) - $(error "Invalid DOCKER_IMAGE_TAG value $(DOCKER_IMAGE_TAG).") -endif + @ if [[ -z $$(if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_TAG_PATTERN) ]]; then echo $(DOCKER_IMAGE_TAG); else echo ''; fi) ]]; then \ + echo "$(PREFIX_STEP_NEGATIVE) Invalid DOCKER_IMAGE_TAG value: $(DOCKER_IMAGE_TAG)"; \ + exit 1; \ + fi require-docker-release-tag: -ifeq ($(IS_DOCKER_RELEASE_TAG),) - $(error "Invalid DOCKER_IMAGE_TAG value $(DOCKER_IMAGE_TAG). A release tag is required for this operation.") -endif + @ if [[ -z $$(if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_RELEASE_TAG_PATTERN) ]]; then echo $(DOCKER_IMAGE_TAG); else echo ''; fi) ]]; then \ + echo "$(PREFIX_STEP_NEGATIVE) Invalid DOCKER_IMAGE_TAG value: $(DOCKER_IMAGE_TAG)"; \ + echo "$(PREFIX_SUB_STEP) A release tag is required for this operation."; \ + exit 1; \ + fi restart: prerequisites require-docker-container @ echo "$(PREFIX_STEP) Restarting container" @@ -236,18 +235,18 @@ restart: prerequisites require-docker-container @ echo "$(PREFIX_SUB_STEP_POSITIVE) Container restarted" rm: prerequisites -ifneq ($(shell $(docker) ps -aq --filter "name=$(DOCKER_NAME)"),) - @ echo "$(PREFIX_STEP) Removing container"; \ - $(docker) rm -f $(DOCKER_NAME); \ - if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ - echo "$(PREFIX_SUB_STEP_POSITIVE) Container removed"; \ + @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ + echo "$(PREFIX_STEP) Container removal skipped"; \ else \ - echo "$(PREFIX_SUB_STEP_NEGATIVE) Container removal failed"; \ - exit 1; \ + echo "$(PREFIX_STEP) Removing container"; \ + $(docker) rm -f $(DOCKER_NAME); \ + if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Container removed"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Container removal failed"; \ + exit 1; \ + fi; \ fi -else - @ echo "$(PREFIX_STEP) Container removal skipped" -endif rmi: prerequisites require-docker-image-tag @ if [[ -n $$( if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then echo $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); else echo $$($(docker) images -q docker.io/$(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); fi; ) ]]; then \ @@ -308,29 +307,29 @@ stop: prerequisites fi terminate: prerequisites -ifneq ($(shell $(docker) ps -aq --filter "name=$(DOCKER_NAME)"),) - @ echo "$(PREFIX_STEP) Terminating container" - @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=paused") ]]; then \ - echo "$(PREFIX_SUB_STEP) Unpausing container"; \ - $(docker) unpause $(DOCKER_NAME) 1> /dev/null; \ - fi - @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ - echo "$(PREFIX_SUB_STEP) Stopping container"; \ - $(docker) stop $(DOCKER_NAME) 1> /dev/null; \ - fi - @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ - echo "$(PREFIX_SUB_STEP) Removing container"; \ - $(docker) rm -f $(DOCKER_NAME) 1> /dev/null; \ - fi @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ - echo "$(PREFIX_SUB_STEP_POSITIVE) Container terminated"; \ + echo "$(PREFIX_STEP) Container termination skipped"; \ else \ - echo "$(PREFIX_SUB_STEP_NEGATIVE) Container termination failed"; \ - exit 1; \ + echo "$(PREFIX_STEP) Terminating container"; \ + if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=paused") ]]; then \ + echo "$(PREFIX_SUB_STEP) Unpausing container"; \ + $(docker) unpause $(DOCKER_NAME) 1> /dev/null; \ + fi; \ + if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ + echo "$(PREFIX_SUB_STEP) Stopping container"; \ + $(docker) stop $(DOCKER_NAME) 1> /dev/null; \ + fi; \ + if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ + echo "$(PREFIX_SUB_STEP) Removing container"; \ + $(docker) rm -f $(DOCKER_NAME) 1> /dev/null; \ + fi; \ + if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Container terminated"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Container termination failed"; \ + exit 1; \ + fi; \ fi -else - @ echo "$(PREFIX_STEP) Container termination skipped" -endif unpause: prerequisites require-docker-container @ echo "$(PREFIX_STEP) Unpausing container" From ab54b6c20d4f90b9e9cd8293ba15b00ba541579f Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 10 May 2016 00:22:10 +0100 Subject: [PATCH 51/95] ISSUE 219: Added container requirement to stop target. --- Makefile | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/Makefile b/Makefile index 1f7378f..e07b3a2 100644 --- a/Makefile +++ b/Makefile @@ -292,18 +292,16 @@ start: prerequisites require-docker-container exit 1; \ fi -stop: prerequisites +stop: prerequisites require-docker-container @ echo "$(PREFIX_STEP) Stopping container" - @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]] \ - && [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ $(docker) stop $(DOCKER_NAME) 1> /dev/null; \ - fi; - @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]] \ - && [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=exited") ]]; then \ - echo "$(PREFIX_SUB_STEP_POSITIVE) Container stopped"; \ - else \ - echo "$(PREFIX_SUB_STEP_NEGATIVE) Error stopping container"; \ - exit 1; \ + if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=exited") ]]; then \ + echo "$(PREFIX_SUB_STEP_POSITIVE) Container stopped"; \ + else \ + echo "$(PREFIX_SUB_STEP_NEGATIVE) Error stopping container"; \ + exit 1; \ + fi; \ fi terminate: prerequisites From d814ad7edc4c426f6310b5509d533a803bfbba27 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 10 May 2016 02:38:32 +0100 Subject: [PATCH 52/95] ISSUE 219: Added targets for status requirements and delayed logs. --- Makefile | 69 +++++++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 61 insertions(+), 8 deletions(-) diff --git a/Makefile b/Makefile index e07b3a2..8d814e8 100644 --- a/Makefile +++ b/Makefile @@ -57,11 +57,18 @@ endef images \ load \ logs \ + logs-delayed \ pause \ prerequisites \ pull \ ps \ require-docker-container \ + require-docker-container-not \ + require-docker-container-not-status-paused \ + require-docker-container-status-created \ + require-docker-container-status-exited \ + require-docker-container-status-paused \ + require-docker-container-status-running \ require-docker-image-tag \ require-docker-release-tag \ restart \ @@ -94,7 +101,7 @@ build: prerequisites require-docker-image-tag clean: prerequisites | terminate rmi -create: prerequisites +create: prerequisites require-docker-container-not @ echo "$(PREFIX_STEP) Creating container" @ set -x; \ $(docker) create \ @@ -162,6 +169,10 @@ install: | prerequisites terminate create logs: prerequisites @ $(docker) logs $(DOCKER_NAME) +logs-delayed: prerequisites + @ sleep 3 + @ $(MAKE) logs + load: prerequisites require-docker-release-tag @ echo "$(PREFIX_STEP) Loading image from package"; \ echo "$(PREFIX_SUB_STEP) Package path: $(PACKAGE_PATH)/$(DOCKER_IMAGE_NAME).$(DOCKER_IMAGE_TAG).tar.xz"; \ @@ -176,7 +187,7 @@ load: prerequisites require-docker-release-tag echo "$(PREFIX_SUB_STEP_POSITIVE) Image loaded"; \ fi -pause: prerequisites require-docker-container +pause: prerequisites require-docker-container-status-running @ echo "$(PREFIX_STEP) Pausing container" @ $(docker) pause $(DOCKER_NAME) 1> /dev/null @ echo "$(PREFIX_SUB_STEP_POSITIVE) Container paused" @@ -216,6 +227,48 @@ require-docker-container: exit 1; \ fi +require-docker-container-not: + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ + echo "$(PREFIX_STEP_NEGATIVE) This operation requires the $(DOCKER_NAME) docker container be removed (or renamed)."; \ + echo "$(PREFIX_SUB_STEP) Try removing it with: make rm"; \ + exit 1; \ + fi + +require-docker-container-not-status-paused: + @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=paused") ]]; then \ + echo "$(PREFIX_STEP_NEGATIVE) This operation requires the $(DOCKER_NAME) docker container to be unpaused."; \ + echo "$(PREFIX_SUB_STEP) Try unpausing it with: make unpause"; \ + exit 1; \ + fi + +require-docker-container-status-created: + @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=created") ]]; then \ + echo "$(PREFIX_STEP_NEGATIVE) This operation requires the $(DOCKER_NAME) docker container to be created."; \ + echo "$(PREFIX_SUB_STEP) Try installing it with: make install"; \ + exit 1; \ + fi + +require-docker-container-status-exited: + @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=exited") ]]; then \ + echo "$(PREFIX_STEP_NEGATIVE) This operation requires the $(DOCKER_NAME) docker container to be exited."; \ + echo "$(PREFIX_SUB_STEP) Try stopping it with: make stop"; \ + exit 1; \ + fi + +require-docker-container-status-paused: + @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=paused") ]]; then \ + echo "$(PREFIX_STEP_NEGATIVE) This operation requires the $(DOCKER_NAME) docker container to be paused."; \ + echo "$(PREFIX_SUB_STEP) Try pausing it with: make pause"; \ + exit 1; \ + fi + +require-docker-container-status-running: + @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ + echo "$(PREFIX_STEP_NEGATIVE) This operation requires the $(DOCKER_NAME) docker container to be running."; \ + echo "$(PREFIX_SUB_STEP) Try starting it with: make start"; \ + exit 1; \ + fi + require-docker-image-tag: @ if [[ -z $$(if [[ $(DOCKER_IMAGE_TAG) =~ $(DOCKER_IMAGE_TAG_PATTERN) ]]; then echo $(DOCKER_IMAGE_TAG); else echo ''; fi) ]]; then \ echo "$(PREFIX_STEP_NEGATIVE) Invalid DOCKER_IMAGE_TAG value: $(DOCKER_IMAGE_TAG)"; \ @@ -229,12 +282,12 @@ require-docker-release-tag: exit 1; \ fi -restart: prerequisites require-docker-container +restart: prerequisites require-docker-container require-docker-container-not-status-paused @ echo "$(PREFIX_STEP) Restarting container" @ $(docker) restart $(DOCKER_NAME) 1> /dev/null @ echo "$(PREFIX_SUB_STEP_POSITIVE) Container restarted" -rm: prerequisites +rm: prerequisites require-docker-container-not-status-paused @ if [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]]; then \ echo "$(PREFIX_STEP) Container removal skipped"; \ else \ @@ -248,7 +301,7 @@ rm: prerequisites fi; \ fi -rmi: prerequisites require-docker-image-tag +rmi: prerequisites require-docker-image-tag require-docker-container-not @ if [[ -n $$( if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then echo $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); else echo $$($(docker) images -q docker.io/$(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); fi; ) ]]; then \ echo "$(PREFIX_STEP) Untagging image"; \ echo "$(PREFIX_SUB_STEP) $$( if [[ -n $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)) ]]; then echo $$($(docker) images -q $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); else echo $$($(docker) images -q docker.io/$(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)); fi; ) : $(DOCKER_USER)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)"; \ @@ -279,7 +332,7 @@ run: prerequisites require-docker-image-tag exit 1; \ fi -start: prerequisites require-docker-container +start: prerequisites require-docker-container require-docker-container-not-status-paused @ echo "$(PREFIX_STEP) Starting container" @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)") ]] \ && [[ -z $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ @@ -292,7 +345,7 @@ start: prerequisites require-docker-container exit 1; \ fi -stop: prerequisites require-docker-container +stop: prerequisites require-docker-container-not-status-paused require-docker-container-status-running @ echo "$(PREFIX_STEP) Stopping container" @ if [[ -n $$($(docker) ps -aq --filter "name=$(DOCKER_NAME)" --filter "status=running") ]]; then \ $(docker) stop $(DOCKER_NAME) 1> /dev/null; \ @@ -329,7 +382,7 @@ terminate: prerequisites fi; \ fi -unpause: prerequisites require-docker-container +unpause: prerequisites require-docker-container-status-paused @ echo "$(PREFIX_STEP) Unpausing container" @ $(docker) unpause $(DOCKER_NAME) 1> /dev/null @ echo "$(PREFIX_SUB_STEP_POSITIVE) Container unpaused" From cbe180b364d03538b27183beb93acf4cd988b63d Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 10 May 2016 16:51:55 +0100 Subject: [PATCH 53/95] ISSUE 192: Use exec with nice to run the process in the container like using a wrapper. --- etc/services-config/supervisor/supervisord.d/sshd.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/services-config/supervisor/supervisord.d/sshd.conf b/etc/services-config/supervisor/supervisord.d/sshd.conf index 09cb9cf..3f42bab 100644 --- a/etc/services-config/supervisor/supervisord.d/sshd.conf +++ b/etc/services-config/supervisor/supervisord.d/sshd.conf @@ -1,6 +1,6 @@ [program:sshd] priority = 10 -command = bash -c 'while true; do sleep 0.1; [ -e /tmp/sshd-bootstrap.lock ] || break; done; /usr/sbin/sshd -D -e' +command = bash -c 'while true; do sleep 0.1; [ -e /tmp/sshd-bootstrap.lock ] || break; done; exec nice -n 10 /usr/sbin/sshd -D -e' autorestart = true redirect_stderr = true stdout_logfile = /var/log/secure From 926438e0bacf7f84ea09c789e549a9161515726b Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 11 May 2016 00:17:53 +0100 Subject: [PATCH 54/95] ISSUE 192: Added variables to allow autostart of sshd-boostrap and sshd to be disabled. --- Dockerfile | 2 ++ Makefile | 2 ++ .../supervisor/supervisord.d/sshd-bootstrap.conf | 1 + etc/services-config/supervisor/supervisord.d/sshd.conf | 1 + make.conf | 2 ++ 5 files changed, 8 insertions(+) diff --git a/Dockerfile b/Dockerfile index 87bdb36..7d32882 100755 --- a/Dockerfile +++ b/Dockerfile @@ -110,6 +110,8 @@ EXPOSE 22 # Set default environment variables # ----------------------------------------------------------------------------- ENV SSH_AUTHORIZED_KEYS="" \ + SSH_AUTOSTART_SSHD=true \ + SSH_AUTOSTART_SSHD_BOOTSTRAP=true \ SSH_CHROOT_DIRECTORY="%h" \ SSH_INHERIT_ENVIRONMENT=false \ SSH_SUDO="ALL=(ALL) ALL" \ diff --git a/Makefile b/Makefile index 8d814e8..a80ef31 100644 --- a/Makefile +++ b/Makefile @@ -33,6 +33,8 @@ define DOCKER_CONTAINER_PARAMETERS --publish $(DOCKER_PORT_MAP_TCP_22):22 \ --restart $(DOCKER_RESTART_POLICY) \ --env "SSH_AUTHORIZED_KEYS=$(SSH_AUTHORIZED_KEYS)" \ +--env "SSH_AUTOSTART_SSHD=$(SSH_AUTOSTART_SSHD)" \ +--env "SSH_AUTOSTART_SSHD_BOOTSTRAP=$(SSH_AUTOSTART_SSHD_BOOTSTRAP)" \ --env "SSH_CHROOT_DIRECTORY=$(SSH_CHROOT_DIRECTORY)" \ --env "SSH_INHERIT_ENVIRONMENT=$(SSH_INHERIT_ENVIRONMENT)" \ --env "SSH_SUDO=$(SSH_SUDO)" \ diff --git a/etc/services-config/supervisor/supervisord.d/sshd-bootstrap.conf b/etc/services-config/supervisor/supervisord.d/sshd-bootstrap.conf index 7244325..e324a80 100644 --- a/etc/services-config/supervisor/supervisord.d/sshd-bootstrap.conf +++ b/etc/services-config/supervisor/supervisord.d/sshd-bootstrap.conf @@ -1,6 +1,7 @@ [program:sshd-bootstrap] priority = 5 command = bash -c 'touch /tmp/sshd-bootstrap.lock; env >> /etc/sshd-bootstrap.env; /usr/sbin/sshd-bootstrap && rm -f /tmp/sshd-bootstrap.lock' +autostart = %(ENV_SSH_AUTOSTART_SSHD_BOOTSTRAP)s startsecs = 0 startretries = 0 autorestart = false diff --git a/etc/services-config/supervisor/supervisord.d/sshd.conf b/etc/services-config/supervisor/supervisord.d/sshd.conf index 3f42bab..157a798 100644 --- a/etc/services-config/supervisor/supervisord.d/sshd.conf +++ b/etc/services-config/supervisor/supervisord.d/sshd.conf @@ -1,6 +1,7 @@ [program:sshd] priority = 10 command = bash -c 'while true; do sleep 0.1; [ -e /tmp/sshd-bootstrap.lock ] || break; done; exec nice -n 10 /usr/sbin/sshd -D -e' +autostart = %(ENV_SSH_AUTOSTART_SSHD)s autorestart = true redirect_stderr = true stdout_logfile = /var/log/secure diff --git a/make.conf b/make.conf index e8c7c0f..d152e8a 100644 --- a/make.conf +++ b/make.conf @@ -34,6 +34,8 @@ VOLUME_CONFIG_NAMED := false # Application container configuration SSH_AUTHORIZED_KEYS ?= +SSH_AUTOSTART_SSHD ? = true +SSH_AUTOSTART_SSHD_BOOTSTRAP ? = true SSH_CHROOT_DIRECTORY ?= %h SSH_INHERIT_ENVIRONMENT ?= false SSH_SUDO ?= ALL=(ALL) ALL From 30b6ea1f6cfe4628ced5f75443e33f4344ccbed6 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 11 May 2016 00:19:47 +0100 Subject: [PATCH 55/95] ISSUE 192: Reduce startup time by 1 second. --- Makefile | 2 +- etc/services-config/supervisor/supervisord.d/sshd.conf | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index a80ef31..c7e56e5 100644 --- a/Makefile +++ b/Makefile @@ -172,7 +172,7 @@ logs: prerequisites @ $(docker) logs $(DOCKER_NAME) logs-delayed: prerequisites - @ sleep 3 + @ sleep 2 @ $(MAKE) logs load: prerequisites require-docker-release-tag diff --git a/etc/services-config/supervisor/supervisord.d/sshd.conf b/etc/services-config/supervisor/supervisord.d/sshd.conf index 157a798..3bcec40 100644 --- a/etc/services-config/supervisor/supervisord.d/sshd.conf +++ b/etc/services-config/supervisor/supervisord.d/sshd.conf @@ -2,6 +2,7 @@ priority = 10 command = bash -c 'while true; do sleep 0.1; [ -e /tmp/sshd-bootstrap.lock ] || break; done; exec nice -n 10 /usr/sbin/sshd -D -e' autostart = %(ENV_SSH_AUTOSTART_SSHD)s +startsecs = 0 autorestart = true redirect_stderr = true stdout_logfile = /var/log/secure From 1d69602148b48b691ee35b8c84ed03e529f0b280 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 11 May 2016 00:39:25 +0100 Subject: [PATCH 56/95] ISSUE 192: Fixed issue with environment variables being unset. --- make.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/make.conf b/make.conf index d152e8a..0a3d6a6 100644 --- a/make.conf +++ b/make.conf @@ -34,8 +34,8 @@ VOLUME_CONFIG_NAMED := false # Application container configuration SSH_AUTHORIZED_KEYS ?= -SSH_AUTOSTART_SSHD ? = true -SSH_AUTOSTART_SSHD_BOOTSTRAP ? = true +SSH_AUTOSTART_SSHD ?= true +SSH_AUTOSTART_SSHD_BOOTSTRAP ?= true SSH_CHROOT_DIRECTORY ?= %h SSH_INHERIT_ENVIRONMENT ?= false SSH_SUDO ?= ALL=(ALL) ALL From 318e1f460164b5afe9969492eeb6dd07134b5f3d Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 11 May 2016 00:43:59 +0100 Subject: [PATCH 57/95] ISSUE 192: Added autostart environment variables to systemd unit files. --- ssh.pool-1.1.1@2020.service | 2 ++ ssh.pool-1.1@.service | 2 ++ 2 files changed, 4 insertions(+) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index d83e9bd..7c0484c 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -43,6 +43,8 @@ Environment="VOLUME_CONFIG_NAMED=false" Environment="VOLUME_CONFIG_NAME=volume-config.%p" Environment="VOLUME_DATA_NAME=volume-data.%p" Environment="SSH_AUTHORIZED_KEYS=ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" +Environment="SSH_AUTOSTART_SSHD=true" +Environment="SSH_AUTOSTART_SSHD_BOOTSTRAP=true" Environment="SSH_CHROOT_DIRECTORY=%h" Environment="SSH_INHERIT_ENVIRONMENT=false" Environment="SSH_SUDO=ALL=(ALL) ALL" diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service index 1782d96..84fc021 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1.1@.service @@ -48,6 +48,8 @@ Environment="VOLUME_CONFIG_NAMED=false" Environment="VOLUME_CONFIG_NAME=volume-config.%p.%i" Environment="VOLUME_DATA_NAME=volume-data.%p.%i" Environment="SSH_AUTHORIZED_KEYS=ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" +Environment="SSH_AUTOSTART_SSHD=true" +Environment="SSH_AUTOSTART_SSHD_BOOTSTRAP=true" Environment="SSH_CHROOT_DIRECTORY=%h" Environment="SSH_INHERIT_ENVIRONMENT=false" Environment="SSH_SUDO=ALL=(ALL) ALL" From 79ef4fdf4870f47744d2c486289dd7e70fb9281d Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 11 May 2016 01:09:13 +0100 Subject: [PATCH 58/95] ISSUE 192: Document new environment variables. --- README.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3715069..cd87164 100644 --- a/README.md +++ b/README.md @@ -230,7 +230,7 @@ sshd stdout | Server listening on :: port 22. 2016-02-01 02:26:54,464 INFO exited: sshd-bootstrap (exit status 0; expected) ``` -#### Runtime Environment Variables +#### Environment Variables There are several environmental variables defined at runtime these allow the operator to customise the running container. @@ -247,6 +247,17 @@ ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqmLedI2mEJimvIm1OzT1EYJCMwegL/jfsXARLnYkZvJl ... ``` +##### SSH_AUTOSTART_SSHD && SSH_AUTOSTART_SSHD_BOOTSTRAP + +It may be desirable to prevent the startup of the sshd daemon and/or sshd-bootstrap script. For example, when using an image built from this Dockerfile as the source for another Dockerfile you could disable both sshd and sshd-booststrap from startup by setting ```SSH_AUTOSTART_SSHD``` and ```SSH_AUTOSTART_SSHD_BOOTSTRAP``` to `false`. The benefit of this is to reduce the number of running processes in the final container. + +``` +... + --env "SSH_AUTOSTART_SSHD=false" \ + --env "SSH_AUTOSTART_SSHD_BOOTSTRAP=false" \ +... +``` + ##### SSH_CHROOT_DIRECTORY This option is only applicable when ```SSH_USER_FORCE_SFTP``` is set to `true`. When using the using the SFTP option the user is jailed into the ChrootDirectory. The value can contain the placeholders `%h` and `%u` which will be replaced with the values of ```SSH_USER_HOME``` and ```SSH_USER``` respectively. The default value of `%h` is the best choice in most cases but the user requires a sub-directory in their HOME directory which they have write access to. If no volume is mounted into the path of the SSH user's HOME directory the a directory named `_data` is created automatically. If you need the user to be able to write to their HOME directory they use an alternative value such as `/chroot/%u` so that the user's HOME path, (relative to the ChrootDirectory), becomes `/chroot/app-admin/home/app-admin` by default. From e341919d3bc296d7c9bd16a2045d07bf3da316ea Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 11 May 2016 01:23:23 +0100 Subject: [PATCH 59/95] ISSUE 192: Implement new environment variables in systemd unit files. --- ssh.pool-1.1.1@2020.service | 4 ++++ ssh.pool-1.1@.service | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 7c0484c..d562fe1 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -114,6 +114,8 @@ ExecStart=/bin/bash -c \ --name %p \ -p %i:22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ + --env \"SSH_AUTOSTART_SSHD=${SSH_AUTOSTART_SSHD}\" \ + --env \"SSH_AUTOSTART_SSHD_BOOTSTRAP=${SSH_AUTOSTART_SSHD_BOOTSTRAP}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ --env \"SSH_SUDO=${SSH_SUDO}\" \ @@ -131,6 +133,8 @@ ExecStart=/bin/bash -c \ --name %p \ -p %i:22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ + --env \"SSH_AUTOSTART_SSHD=${SSH_AUTOSTART_SSHD}\" \ + --env \"SSH_AUTOSTART_SSHD_BOOTSTRAP=${SSH_AUTOSTART_SSHD_BOOTSTRAP}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ --env \"SSH_SUDO=${SSH_SUDO}\" \ diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service index 84fc021..9c298df 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1.1@.service @@ -119,6 +119,8 @@ ExecStart=/bin/bash -c \ --name %p.%i \ -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$NF' <<< %p) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ + --env \"SSH_AUTOSTART_SSHD=${SSH_AUTOSTART_SSHD}\" \ + --env \"SSH_AUTOSTART_SSHD_BOOTSTRAP=${SSH_AUTOSTART_SSHD_BOOTSTRAP}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ --env \"SSH_SUDO=${SSH_SUDO}\" \ @@ -136,6 +138,8 @@ ExecStart=/bin/bash -c \ --name %p.%i \ -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$NF' <<< %p) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ + --env \"SSH_AUTOSTART_SSHD=${SSH_AUTOSTART_SSHD}\" \ + --env \"SSH_AUTOSTART_SSHD_BOOTSTRAP=${SSH_AUTOSTART_SSHD_BOOTSTRAP}\" \ --env \"SSH_CHROOT_DIRECTORY=${SSH_CHROOT_DIRECTORY}\" \ --env \"SSH_INHERIT_ENVIRONMENT=${SSH_INHERIT_ENVIRONMENT}\" \ --env \"SSH_SUDO=${SSH_SUDO}\" \ From 776f65f4274d2bd17c9b7a983956f713f5e3b6a5 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 11 May 2016 20:23:17 +0100 Subject: [PATCH 60/95] ISSUE 227: Updated CentOS-7 packages sudo and openssh. --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7d32882..30e5d11 100755 --- a/Dockerfile +++ b/Dockerfile @@ -25,10 +25,10 @@ RUN rpm --rebuilddb \ epel-release \ https://centos7.iuscommunity.org/ius-release.rpm \ vim-minimal-7.4.160-1.el7 \ - sudo-1.8.6p7-16.el7 \ - openssh-6.6.1p1-23.el7_2 \ - openssh-server-6.6.1p1-23.el7_2 \ - openssh-clients-6.6.1p1-23.el7_2 \ + sudo-1.8.6p7-17.el7_2 \ + openssh-6.6.1p1-25.el7_2 \ + openssh-server-6.6.1p1-25.el7_2 \ + openssh-clients-6.6.1p1-25.el7_2 \ python-setuptools-0.9.8-4.el7 \ yum-plugin-versionlock-1.1.31-34.el7 \ && yum versionlock add \ From ad421e5389bf53cf752d275382f8c1af870ef269 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 11 May 2016 21:41:53 +0100 Subject: [PATCH 61/95] ISSUE 229: Updated supervisord to 3.2.3. --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 30e5d11..0535c07 100755 --- a/Dockerfile +++ b/Dockerfile @@ -48,7 +48,7 @@ RUN rpm --rebuilddb \ # We require supervisor-stdout to allow output of services started by # supervisord to be easily inspected with "docker logs". # ----------------------------------------------------------------------------- -RUN easy_install 'supervisor == 3.2.0' 'supervisor-stdout == 0.1.1' \ +RUN easy_install 'supervisor == 3.2.3' 'supervisor-stdout == 0.1.1' \ && mkdir -p /var/log/supervisor/ # ----------------------------------------------------------------------------- From 642c9b23552aa768a4f1ae44a1f12537023107fd Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 11 May 2016 22:27:22 +0100 Subject: [PATCH 62/95] ISSUE 200: Renamed SERVICE_UNIT_PORT_MAP_TCP_22 to DOCKER_PORT_MAP_TCP_22. --- ssh.pool-1.1.1@2020.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index d562fe1..a907ed1 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -37,7 +37,7 @@ KillMode=none Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/services-packages" Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh" Environment="DOCKER_IMAGE_TAG=centos-7-2.0.1" -Environment="SERVICE_UNIT_PORT_MAP_TCP_22=%i" +Environment="DOCKER_PORT_MAP_TCP_22=%i" Environment="VOLUME_CONFIG_ENABLED=false" Environment="VOLUME_CONFIG_NAMED=false" Environment="VOLUME_CONFIG_NAME=volume-config.%p" From dc53cdfdd1153c42688ad25f58ee72c6db6f5dc2 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 11 May 2016 22:35:37 +0100 Subject: [PATCH 63/95] ISSUE 200: Revert breaking change to etcd registration key path. --- ssh.pool-1.1.1@2020.service | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index a907ed1..c213355 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -38,6 +38,11 @@ Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/services-packages" Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh" Environment="DOCKER_IMAGE_TAG=centos-7-2.0.1" Environment="DOCKER_PORT_MAP_TCP_22=%i" +Environment="SERVICE_UNIT_NAME=ssh" +Environment="SERVICE_UNIT_APP_GROUP=app-1" +Environment="SERVICE_UNIT_SHARED_GROUP=pool-1" +Environment="SERVICE_UNIT_LOCAL_ID=1" +Environment="SERVICE_UNIT_INSTANCE=1" Environment="VOLUME_CONFIG_ENABLED=false" Environment="VOLUME_CONFIG_NAMED=false" Environment="VOLUME_CONFIG_NAME=volume-config.%p" @@ -151,7 +156,7 @@ ExecStart=/bin/bash -c \ # Register service ExecStartPost=/usr/bin/etcdctl \ set \ - /services/%p \ + /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} \ %H:%i # Shutdown @@ -162,7 +167,7 @@ ExecStopPost=/bin/bash -c \ "if [[ -n $(/usr/bin/etcdctl get /services/%p &> /dev/null ) ]]; then \ /usr/bin/etcdctl \ rm \ - /services/%p; \ + /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}; \ fi" [Install] From 592930b8a27521ebb94e2dd043ea425c541d9b02 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 12 May 2016 23:05:15 +0100 Subject: [PATCH 64/95] ISSUE 200: Split out registration service to a companion unit file. --- register-ssh.pool-1.1@.service | 82 ++++++++++++++++++++++++++++++++++ run.conf | 2 + ssh.pool-1.1@.service | 66 ++++++++++++++------------- systemd-install.sh | 21 ++++----- 4 files changed, 129 insertions(+), 42 deletions(-) create mode 100644 register-ssh.pool-1.1@.service diff --git a/register-ssh.pool-1.1@.service b/register-ssh.pool-1.1@.service new file mode 100644 index 0000000..f919fef --- /dev/null +++ b/register-ssh.pool-1.1@.service @@ -0,0 +1,82 @@ +# ----------------------------------------------------------------------------- +# Naming convention: +# +# register-ssh.pool-1.1@.service = {service-unit-template-name} +# | | | +# | | +------ {service-unit-local-id} +# | +----------- {service-unit-group-name} +# +-------------------- {service-unit-name} +# +# register-ssh.pool-1.1@1.service = {service-unit-instance-name} +# | | | | +# | | | +---- {service-unit-instance} +# | | +------ {service-unit-local-id} +# | +----------- {service-unit-group-name} +# +-------------------- {service-unit-name} +# +# register-ssh.pool-1.1.1 = {service-unit-long-name} +# | | | | +# | | | +---- {service-unit-instance} +# | | +------ {service-unit-local-id} +# | +----------- {service-unit-group-name} +# +-------------------- {service-unit-name} +# +# To install: +# sudo cp {service-unit-template-name} /etc/systemd/system/ +# sudo systemctl daemon-reload +# +# Persist system reboot: +# sudo systemctl enable -f {service-unit-instance-name} +# +# Debugging: +# sudo systemctl status {service-unit-instance-name} +# journalctl -fn 50 -u {service-unit-instance-name} +# +# To uninstall: +# sudo systemctl disable -f {service-unit-instance-name} +# sudo systemctl stop {service-unit-instance-name} +# sudo rm /etc/systemd/system/{service-unit-template-name} +# sudo docker rm -f {service-unit-long-name} +# ----------------------------------------------------------------------------- + +[Unit] +Description=centos-ssh etcd registration // %p.%i +Requires=etcd2.service +After=etcd2.service +BindsTo=ssh.pool-1.1@%i.service + +[Service] +TimeoutStartSec=0 +Environment="DOCKER_PORT_MAP_TCP_22=2020" +Environment="REGISTER_ETCD_PARAMETERS=--debug --no-sync" +Environment="REGISTER_KEY_PATH=/services" +Environment="REGISTER_TTL=60" +Environment="REGISTER_UPDATE_INTERVAL=30" + +# Register service +ExecStart=/bin/bash -c \ + "while true; \ + /usr/bin/etcdctl \ + ${REGISTER_ETCD_PARAMETERS} \ + set \ + ${REGISTER_KEY_PATH}/%p.%i \ + %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$NF' <<< %p) - 1 )) \ + --ttl ${REGISTER_TTL}; \ + do sleep ${REGISTER_UPDATE_INTERVAL}; \ + done" + +# Unregister service +ExecStop=/bin/bash -c \ + "if [[ -n $(/usr/bin/etcdctl get ${REGISTER_KEY_PATH}/%p.%i &> /dev/null ) ]]; then \ + /usr/bin/etcdctl \ + ${REGISTER_ETCD_PARAMETERS} \ + rm \ + ${REGISTER_KEY_PATH}/%p.%i; \ + fi" + +[Install] +WantedBy=ssh.pool-1.1@%i.service +DefaultInstance=1 + +[X-Fleet] +MachineOf=ssh.pool-1.1@%i.service diff --git a/run.conf b/run.conf index fc33f27..9d89153 100644 --- a/run.conf +++ b/run.conf @@ -17,6 +17,8 @@ SERVICE_UNIT_GROUP_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP} SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} SERVICE_UNIT_TEMPLATE_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@.service SERVICE_UNIT_INSTANCE_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@${SERVICE_UNIT_INSTANCE}.service +SERVICE_UNIT_REGISTER_TEMPLATE_NAME=register-${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@.service +SERVICE_UNIT_REGISTER_INSTANCE_NAME=register-${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@${SERVICE_UNIT_INSTANCE}.service DOCKER_NAME=${SERVICE_UNIT_LONG_NAME} DOCKER_PORT_MAP_TCP_22=2020 diff --git a/ssh.pool-1.1@.service b/ssh.pool-1.1@.service index 9c298df..9041c0f 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1.1@.service @@ -1,36 +1,54 @@ # ----------------------------------------------------------------------------- -# Where: -# {service-unit-instance-name} = {service-unit-name}.{service-unit-group-name}.{service-unit-local-id}@{service-unit-instance} -# {service-unit-long-name} = {service-unit-name}.{service-unit-group-name}.{service-unit-local-id}.{service-unit-instance} +# Naming convention: # -# To install: -# sudo cp {container-path}/{service-unit-name}.{service-unit-group-name}.{service-unit-local-id}@.service \ -# /etc/systemd/system/ +# ssh.pool-1.1@.service = {service-unit-template-name} +# | | | +# | | +------ {service-unit-local-id} +# | +----------- {service-unit-group-name} +# +---------------- {service-unit-name} +# +# ssh.pool-1.1@1.service = {service-unit-instance-name} +# | | | | +# | | | +---- {service-unit-instance} +# | | +------ {service-unit-local-id} +# | +----------- {service-unit-group-name} +# +---------------- {service-unit-name} # -# If not installing to a CoreOS distribution replace etcd2.service -# with etcd.service using: -# sudo sed -i -e 's~etcd2.service~etcd.service~g' \ -# /etc/systemd/system/{service-unit-name}.{service-unit-group-name}.{service-unit-local-id}@.service +# ssh.pool-1.1.1 = {service-unit-long-name} +# | | | | +# | | | +---- {service-unit-instance} +# | | +------ {service-unit-local-id} +# | +----------- {service-unit-group-name} +# +---------------- {service-unit-name} # +# To install: +# sudo cp {service-unit-template-name} /etc/systemd/system/ # sudo systemctl daemon-reload -# sudo systemctl enable -f {service-unit-instance-name}.service # # Start using: -# sudo systemctl [start|stop|restart|kill|status] {service-unit-instance-name}.service +# sudo systemctl [start|stop|restart|kill|status] {service-unit-instance-name} +# +# Persist system reboot: +# sudo systemctl enable -f {service-unit-instance-name} # # Debugging: -# journalctl -fn 50 -u {service-unit-instance-name}.service +# sudo systemctl status {service-unit-instance-name} +# journalctl -fn 50 -u {service-unit-instance-name} # # To uninstall: -# sudo systemctl disable -f /etc/systemd/system/{service-unit-instance-name}.service -# sudo systemctl stop /etc/systemd/system/{service-unit-instance-name}.service +# sudo systemctl disable -f {service-unit-instance-name} +# sudo systemctl stop {service-unit-instance-name} +# sudo rm /etc/systemd/system/{service-unit-template-name} # sudo docker rm -f {service-unit-long-name} # ----------------------------------------------------------------------------- [Unit] Description=centos-ssh // %p.%i Requires=docker.service -Requires=etcd2.service +Wants=etcd.service +Wants=etcd2.service +Wants=register-%p@%i.service +After=etcd.service After=etcd2.service After=docker.service @@ -153,25 +171,9 @@ ExecStart=/bin/bash -c \ ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \ fi" -# Register service -ExecStartPost=/bin/bash -c \ - "/usr/bin/etcdctl \ - set \ - /services/%p.%i \ - %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$NF' <<< %p) - 1 )); \ - " - # Shutdown ExecStop=/usr/bin/docker stop --time 10 %p.%i -# Unregister service -ExecStopPost=/bin/bash -c \ - "if [[ -n $(/usr/bin/etcdctl get /services/%p.%i &> /dev/null ) ]]; then \ - /usr/bin/etcdctl \ - rm \ - /services/%p.%i; \ - fi" - [Install] WantedBy=multi-user.target diff --git a/systemd-install.sh b/systemd-install.sh index 8c8342c..672799d 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -54,23 +54,19 @@ if [[ ${EUID} -ne 0 ]]; then exit 1 fi -# Copy systemd definition into place and enable it. +# Copy systemd unit-files into place. cp ${SERVICE_UNIT_GROUP_NAME}.1@.service /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} -replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} +cp register-${SERVICE_UNIT_GROUP_NAME}.1@.service /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} +replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} systemctl daemon-reload -systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} - -# Stop the service -systemctl stop ${SERVICE_UNIT_INSTANCE_NAME} &> /dev/null - printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} # Systemd ExecStartPre command should exist to terminate any existing containers -systemctl start ${SERVICE_UNIT_INSTANCE_NAME} & +systemctl restart ${SERVICE_UNIT_INSTANCE_NAME} & PIDS[0]=${!} # Tail the systemd unit logs unitl installation completes -journalctl -fu ${SERVICE_UNIT_INSTANCE_NAME} & +journalctl -fn 0 -u ${SERVICE_UNIT_INSTANCE_NAME} & PIDS[1]=${!} # Wait for installtion to complete @@ -82,7 +78,12 @@ kill -15 ${PIDS[1]} wait ${PIDS[1]} 2> /dev/null if systemctl -q is-active ${SERVICE_UNIT_INSTANCE_NAME}; then - printf -- " ---> Service unit is active: %s\n" "$(systemctl list-units --type=service | grep ${SERVICE_UNIT_INSTANCE_NAME})" + printf -- " ---> Service unit is active: %s\n" "$(systemctl list-units --type=service | grep "^[ ]*${SERVICE_UNIT_INSTANCE_NAME}")" + if systemctl -q is-active ${SERVICE_UNIT_REGISTER_INSTANCE_NAME}; then + printf -- " ---> Service register unit is active: %s\n" "$(systemctl list-units --type=service | grep "^[ ]*${SERVICE_UNIT_REGISTER_INSTANCE_NAME}")" + systemctl enable -f ${SERVICE_UNIT_REGISTER_INSTANCE_NAME} + fi + systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} printf -- "${COLOUR_POSITIVE} --->${COLOUR_RESET} %s\n" 'Install complete' else printf -- "\nService status:\n" From e0536af9f26afa7e9a52c80163c1f34a7605df75 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Thu, 12 May 2016 23:44:31 +0100 Subject: [PATCH 65/95] ISSUE 200: Systemd template unit files renamed to make better use of instance names. --- ...l-1.1@.service => register-ssh.pool-1@.service | 15 +++++++-------- run.conf | 8 ++++---- ssh.pool-1.1@.service => ssh.pool-1@.service | 13 ++++++------- systemd-install.sh | 4 ++-- 4 files changed, 19 insertions(+), 21 deletions(-) rename register-ssh.pool-1.1@.service => register-ssh.pool-1@.service (87%) rename ssh.pool-1.1@.service => ssh.pool-1@.service (96%) diff --git a/register-ssh.pool-1.1@.service b/register-ssh.pool-1@.service similarity index 87% rename from register-ssh.pool-1.1@.service rename to register-ssh.pool-1@.service index f919fef..c592fa2 100644 --- a/register-ssh.pool-1.1@.service +++ b/register-ssh.pool-1@.service @@ -1,13 +1,12 @@ # ----------------------------------------------------------------------------- # Naming convention: # -# register-ssh.pool-1.1@.service = {service-unit-template-name} -# | | | -# | | +------ {service-unit-local-id} +# register-ssh.pool-1@.service = {service-unit-template-name} +# | | # | +----------- {service-unit-group-name} # +-------------------- {service-unit-name} # -# register-ssh.pool-1.1@1.service = {service-unit-instance-name} +# register-ssh.pool-1@1.1.service = {service-unit-instance-name} # | | | | # | | | +---- {service-unit-instance} # | | +------ {service-unit-local-id} @@ -43,7 +42,7 @@ Description=centos-ssh etcd registration // %p.%i Requires=etcd2.service After=etcd2.service -BindsTo=ssh.pool-1.1@%i.service +BindsTo=ssh.pool-1@%i.service [Service] TimeoutStartSec=0 @@ -60,7 +59,7 @@ ExecStart=/bin/bash -c \ ${REGISTER_ETCD_PARAMETERS} \ set \ ${REGISTER_KEY_PATH}/%p.%i \ - %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$NF' <<< %p) - 1 )) \ + %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )) \ --ttl ${REGISTER_TTL}; \ do sleep ${REGISTER_UPDATE_INTERVAL}; \ done" @@ -75,8 +74,8 @@ ExecStop=/bin/bash -c \ fi" [Install] -WantedBy=ssh.pool-1.1@%i.service +WantedBy=ssh.pool-1@%i.service DefaultInstance=1 [X-Fleet] -MachineOf=ssh.pool-1.1@%i.service +MachineOf=ssh.pool-1@%i.service diff --git a/run.conf b/run.conf index 9d89153..2a4583d 100644 --- a/run.conf +++ b/run.conf @@ -15,10 +15,10 @@ SERVICE_UNIT_INSTANCE=${SERVICE_UNIT_INSTANCE:-1} SERVICE_UNIT_GROUP_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP} SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} -SERVICE_UNIT_TEMPLATE_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@.service -SERVICE_UNIT_INSTANCE_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@${SERVICE_UNIT_INSTANCE}.service -SERVICE_UNIT_REGISTER_TEMPLATE_NAME=register-${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@.service -SERVICE_UNIT_REGISTER_INSTANCE_NAME=register-${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}@${SERVICE_UNIT_INSTANCE}.service +SERVICE_UNIT_TEMPLATE_NAME=${SERVICE_UNIT_GROUP_NAME}@.service +SERVICE_UNIT_INSTANCE_NAME=${SERVICE_UNIT_GROUP_NAME}@${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}.service +SERVICE_UNIT_REGISTER_TEMPLATE_NAME=register-${SERVICE_UNIT_GROUP_NAME}@.service +SERVICE_UNIT_REGISTER_INSTANCE_NAME=register-${SERVICE_UNIT_GROUP_NAME}@${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}.service DOCKER_NAME=${SERVICE_UNIT_LONG_NAME} DOCKER_PORT_MAP_TCP_22=2020 diff --git a/ssh.pool-1.1@.service b/ssh.pool-1@.service similarity index 96% rename from ssh.pool-1.1@.service rename to ssh.pool-1@.service index 9041c0f..d83936d 100644 --- a/ssh.pool-1.1@.service +++ b/ssh.pool-1@.service @@ -1,13 +1,12 @@ # ----------------------------------------------------------------------------- # Naming convention: # -# ssh.pool-1.1@.service = {service-unit-template-name} -# | | | -# | | +------ {service-unit-local-id} +# ssh.pool-1@.service = {service-unit-template-name} +# | | # | +----------- {service-unit-group-name} # +---------------- {service-unit-name} # -# ssh.pool-1.1@1.service = {service-unit-instance-name} +# ssh.pool-1@1.1.service = {service-unit-instance-name} # | | | | # | | | +---- {service-unit-instance} # | | +------ {service-unit-local-id} @@ -135,7 +134,7 @@ ExecStart=/bin/bash -c \ "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ /usr/bin/docker run \ --name %p.%i \ - -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$NF' <<< %p) - 1 )):22 \ + -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_AUTOSTART_SSHD=${SSH_AUTOSTART_SSHD}\" \ --env \"SSH_AUTOSTART_SSHD_BOOTSTRAP=${SSH_AUTOSTART_SSHD_BOOTSTRAP}\" \ @@ -154,7 +153,7 @@ ExecStart=/bin/bash -c \ else \ /usr/bin/docker run \ --name %p.%i \ - -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$NF' <<< %p) - 1 )):22 \ + -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_AUTOSTART_SSHD=${SSH_AUTOSTART_SSHD}\" \ --env \"SSH_AUTOSTART_SSHD_BOOTSTRAP=${SSH_AUTOSTART_SSHD_BOOTSTRAP}\" \ @@ -178,4 +177,4 @@ ExecStop=/usr/bin/docker stop --time 10 %p.%i WantedBy=multi-user.target [X-Fleet] -Conflicts=%p.*@%i.service +Conflicts=%p@*.%i.service diff --git a/systemd-install.sh b/systemd-install.sh index 672799d..730bbd9 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -55,8 +55,8 @@ if [[ ${EUID} -ne 0 ]]; then fi # Copy systemd unit-files into place. -cp ${SERVICE_UNIT_GROUP_NAME}.1@.service /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} -cp register-${SERVICE_UNIT_GROUP_NAME}.1@.service /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} +cp ${SERVICE_UNIT_TEMPLATE_NAME} /etc/systemd/system/ +cp ${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} /etc/systemd/system/ replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} systemctl daemon-reload From 14fbb227273b79f0e7347ce5a3fdb12e35eb7d92 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 13 May 2016 00:38:45 +0100 Subject: [PATCH 66/95] ISSUE 200: Revert addition of new variable name. --- run.conf | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/run.conf b/run.conf index 2a4583d..4e6d5fd 100644 --- a/run.conf +++ b/run.conf @@ -13,12 +13,11 @@ SERVICE_UNIT_SHARED_GROUP=${SERVICE_UNIT_SHARED_GROUP:-pool-1} SERVICE_UNIT_LOCAL_ID=${SERVICE_UNIT_LOCAL_ID:-1} SERVICE_UNIT_INSTANCE=${SERVICE_UNIT_INSTANCE:-1} -SERVICE_UNIT_GROUP_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP} -SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_GROUP_NAME}.${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} -SERVICE_UNIT_TEMPLATE_NAME=${SERVICE_UNIT_GROUP_NAME}@.service -SERVICE_UNIT_INSTANCE_NAME=${SERVICE_UNIT_GROUP_NAME}@${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}.service -SERVICE_UNIT_REGISTER_TEMPLATE_NAME=register-${SERVICE_UNIT_GROUP_NAME}@.service -SERVICE_UNIT_REGISTER_INSTANCE_NAME=register-${SERVICE_UNIT_GROUP_NAME}@${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}.service +SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}.${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} +SERVICE_UNIT_TEMPLATE_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}@.service +SERVICE_UNIT_INSTANCE_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}@${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}.service +SERVICE_UNIT_REGISTER_TEMPLATE_NAME=register-${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}@.service +SERVICE_UNIT_REGISTER_INSTANCE_NAME=register-${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}@${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}.service DOCKER_NAME=${SERVICE_UNIT_LONG_NAME} DOCKER_PORT_MAP_TCP_22=2020 From e4c551352f75e69ff3ed2baf87a33ff7ae503fda Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 13 May 2016 00:39:32 +0100 Subject: [PATCH 67/95] ISSUE 200: Fixed issue with registering incorrect key name. --- register-ssh.pool-1@.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/register-ssh.pool-1@.service b/register-ssh.pool-1@.service index c592fa2..178fc23 100644 --- a/register-ssh.pool-1@.service +++ b/register-ssh.pool-1@.service @@ -58,7 +58,7 @@ ExecStart=/bin/bash -c \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ set \ - ${REGISTER_KEY_PATH}/%p.%i \ + ${REGISTER_KEY_PATH}/$(/usr/bin/sed 's/register-//' <<< %p).%i \ %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )) \ --ttl ${REGISTER_TTL}; \ do sleep ${REGISTER_UPDATE_INTERVAL}; \ @@ -70,7 +70,7 @@ ExecStop=/bin/bash -c \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ rm \ - ${REGISTER_KEY_PATH}/%p.%i; \ + ${REGISTER_KEY_PATH}/$(/usr/bin/sed 's/register-//' <<< %p).%i; \ fi" [Install] From 5425b6295bf58117be4ea17c31d2dbd3bcfdb94c Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 13 May 2016 01:29:39 +0100 Subject: [PATCH 68/95] ISSUE 200: Syntax correction to while loop. --- register-ssh.pool-1@.service | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/register-ssh.pool-1@.service b/register-ssh.pool-1@.service index 178fc23..dd09096 100644 --- a/register-ssh.pool-1@.service +++ b/register-ssh.pool-1@.service @@ -48,20 +48,20 @@ BindsTo=ssh.pool-1@%i.service TimeoutStartSec=0 Environment="DOCKER_PORT_MAP_TCP_22=2020" Environment="REGISTER_ETCD_PARAMETERS=--debug --no-sync" -Environment="REGISTER_KEY_PATH=/services" +Environment="REGISTER_KEY_PREFIX=/services" Environment="REGISTER_TTL=60" Environment="REGISTER_UPDATE_INTERVAL=30" # Register service ExecStart=/bin/bash -c \ - "while true; \ + "while true; do \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ set \ - ${REGISTER_KEY_PATH}/$(/usr/bin/sed 's/register-//' <<< %p).%i \ + ${REGISTER_KEY_PREFIX}/$(/usr/bin/sed 's/register-//' <<< %p).%i \ %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )) \ --ttl ${REGISTER_TTL}; \ - do sleep ${REGISTER_UPDATE_INTERVAL}; \ + sleep ${REGISTER_UPDATE_INTERVAL}; \ done" # Unregister service From 4000cb61c46244338bc34e01c7739020c1054628 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 13 May 2016 15:07:55 +0100 Subject: [PATCH 69/95] ISSUE 200: Corrected default instance. --- register-ssh.pool-1@.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/register-ssh.pool-1@.service b/register-ssh.pool-1@.service index dd09096..8344301 100644 --- a/register-ssh.pool-1@.service +++ b/register-ssh.pool-1@.service @@ -75,7 +75,7 @@ ExecStop=/bin/bash -c \ [Install] WantedBy=ssh.pool-1@%i.service -DefaultInstance=1 +DefaultInstance=1.1 [X-Fleet] MachineOf=ssh.pool-1@%i.service From ebb40ea620992ba4065be7ae39c9d9c5359c44f5 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 13 May 2016 19:40:19 +0100 Subject: [PATCH 70/95] ISSUE 200: Rename regstration companion unit file template. --- run.conf | 4 +- ...1@.service => ssh.pool-1.register@.service | 43 ++++++++++--------- ssh.pool-1@.service | 4 +- systemd-install.sh | 2 +- 4 files changed, 28 insertions(+), 25 deletions(-) rename register-ssh.pool-1@.service => ssh.pool-1.register@.service (55%) diff --git a/run.conf b/run.conf index 4e6d5fd..723e8ba 100644 --- a/run.conf +++ b/run.conf @@ -16,8 +16,8 @@ SERVICE_UNIT_INSTANCE=${SERVICE_UNIT_INSTANCE:-1} SERVICE_UNIT_LONG_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}.${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE} SERVICE_UNIT_TEMPLATE_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}@.service SERVICE_UNIT_INSTANCE_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}@${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}.service -SERVICE_UNIT_REGISTER_TEMPLATE_NAME=register-${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}@.service -SERVICE_UNIT_REGISTER_INSTANCE_NAME=register-${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}@${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}.service +SERVICE_UNIT_REGISTER_TEMPLATE_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}.register@.service +SERVICE_UNIT_REGISTER_INSTANCE_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}.register@${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}.service DOCKER_NAME=${SERVICE_UNIT_LONG_NAME} DOCKER_PORT_MAP_TCP_22=2020 diff --git a/register-ssh.pool-1@.service b/ssh.pool-1.register@.service similarity index 55% rename from register-ssh.pool-1@.service rename to ssh.pool-1.register@.service index 8344301..cff786a 100644 --- a/register-ssh.pool-1@.service +++ b/ssh.pool-1.register@.service @@ -1,24 +1,27 @@ # ----------------------------------------------------------------------------- # Naming convention: # -# register-ssh.pool-1@.service = {service-unit-template-name} -# | | -# | +----------- {service-unit-group-name} -# +-------------------- {service-unit-name} +# ssh.pool-1.register@.service = {service-unit-template-name} +# | | | +# | | +------------ {service-unit-companion-name} +# | +------------------- {service-unit-group-name} +# +------------------------- {service-unit-name} # -# register-ssh.pool-1@1.1.service = {service-unit-instance-name} -# | | | | -# | | | +---- {service-unit-instance} -# | | +------ {service-unit-local-id} -# | +----------- {service-unit-group-name} -# +-------------------- {service-unit-name} +# ssh.pool-1.register@1.1.service = {service-unit-instance-name} +# | | | | | +# | | | | +---- {service-unit-instance} +# | | | +------ {service-unit-local-id} +# | | +------------ {service-unit-companion-name} +# | +------------------- {service-unit-group-name} +# +------------------------- {service-unit-name} # -# register-ssh.pool-1.1.1 = {service-unit-long-name} -# | | | | -# | | | +---- {service-unit-instance} -# | | +------ {service-unit-local-id} -# | +----------- {service-unit-group-name} -# +-------------------- {service-unit-name} +# ssh.pool-1.1.1.register = {service-unit-long-name} +# | | | | | +# | | | | +-------- {service-unit-companion-name} +# | | | +------------- {service-unit-instance} +# | | +--------------- {service-unit-local-id} +# | +------------------- {service-unit-group-name} +# +------------------------- {service-unit-name} # # To install: # sudo cp {service-unit-template-name} /etc/systemd/system/ @@ -39,7 +42,7 @@ # ----------------------------------------------------------------------------- [Unit] -Description=centos-ssh etcd registration // %p.%i +Description=centos-ssh etcd registration // %p@%i Requires=etcd2.service After=etcd2.service BindsTo=ssh.pool-1@%i.service @@ -58,7 +61,7 @@ ExecStart=/bin/bash -c \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ set \ - ${REGISTER_KEY_PREFIX}/$(/usr/bin/sed 's/register-//' <<< %p).%i \ + ${REGISTER_KEY_PREFIX}/$(/usr/bin/sed 's/.register//' <<< %p).%i \ %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )) \ --ttl ${REGISTER_TTL}; \ sleep ${REGISTER_UPDATE_INTERVAL}; \ @@ -66,11 +69,11 @@ ExecStart=/bin/bash -c \ # Unregister service ExecStop=/bin/bash -c \ - "if [[ -n $(/usr/bin/etcdctl get ${REGISTER_KEY_PATH}/%p.%i &> /dev/null ) ]]; then \ + "if [[ -n $(/usr/bin/etcdctl get ${REGISTER_KEY_PREFIX}/$(/usr/bin/sed 's/.register//' <<< %p).%i &> /dev/null ) ]]; then \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ rm \ - ${REGISTER_KEY_PATH}/$(/usr/bin/sed 's/register-//' <<< %p).%i; \ + ${REGISTER_KEY_PREFIX}/$(/usr/bin/sed 's/.register//' <<< %p).%i; \ fi" [Install] diff --git a/ssh.pool-1@.service b/ssh.pool-1@.service index d83936d..e2070e1 100644 --- a/ssh.pool-1@.service +++ b/ssh.pool-1@.service @@ -42,11 +42,11 @@ # ----------------------------------------------------------------------------- [Unit] -Description=centos-ssh // %p.%i +Description=centos-ssh // %p@%i Requires=docker.service Wants=etcd.service Wants=etcd2.service -Wants=register-%p@%i.service +Wants=%p.register@%i.service After=etcd.service After=etcd2.service After=docker.service diff --git a/systemd-install.sh b/systemd-install.sh index 730bbd9..ad0602f 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -62,7 +62,7 @@ systemctl daemon-reload printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} # Systemd ExecStartPre command should exist to terminate any existing containers -systemctl restart ${SERVICE_UNIT_INSTANCE_NAME} & +systemctl restart ${SERVICE_UNIT_INSTANCE_NAME} ${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} & PIDS[0]=${!} # Tail the systemd unit logs unitl installation completes From 0da04ebc94110fbc9ddd3e0f4badb889a0cc0492 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 13 May 2016 19:46:06 +0100 Subject: [PATCH 71/95] ISSUE 200: ETCD key is constant so make it an environment variable. --- ssh.pool-1.register@.service | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index cff786a..21fa39d 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -51,7 +51,7 @@ BindsTo=ssh.pool-1@%i.service TimeoutStartSec=0 Environment="DOCKER_PORT_MAP_TCP_22=2020" Environment="REGISTER_ETCD_PARAMETERS=--debug --no-sync" -Environment="REGISTER_KEY_PREFIX=/services" +Environment="REGISTER_KEY=/services/ssh.pool-1.%i" Environment="REGISTER_TTL=60" Environment="REGISTER_UPDATE_INTERVAL=30" @@ -61,7 +61,7 @@ ExecStart=/bin/bash -c \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ set \ - ${REGISTER_KEY_PREFIX}/$(/usr/bin/sed 's/.register//' <<< %p).%i \ + ${REGISTER_KEY} \ %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )) \ --ttl ${REGISTER_TTL}; \ sleep ${REGISTER_UPDATE_INTERVAL}; \ @@ -69,11 +69,11 @@ ExecStart=/bin/bash -c \ # Unregister service ExecStop=/bin/bash -c \ - "if [[ -n $(/usr/bin/etcdctl get ${REGISTER_KEY_PREFIX}/$(/usr/bin/sed 's/.register//' <<< %p).%i &> /dev/null ) ]]; then \ + "if [[ -n $(/usr/bin/etcdctl get ${REGISTER_KEY} &> /dev/null ) ]]; then \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ rm \ - ${REGISTER_KEY_PREFIX}/$(/usr/bin/sed 's/.register//' <<< %p).%i; \ + ${REGISTER_KEY}; \ fi" [Install] From 8ebcec8acf255803d50e2fae178b3aab781b8b73 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 15 May 2016 01:43:38 +0100 Subject: [PATCH 72/95] ISSUE 200: Allow for registering multiple ports. --- ssh.pool-1.register@.service | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 21fa39d..94bf4d4 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -49,31 +49,44 @@ BindsTo=ssh.pool-1@%i.service [Service] TimeoutStartSec=0 -Environment="DOCKER_PORT_MAP_TCP_22=2020" Environment="REGISTER_ETCD_PARAMETERS=--debug --no-sync" -Environment="REGISTER_KEY=/services/ssh.pool-1.%i" +Environment="REGISTER_KEY_ROOT=/services/ssh.pool-1.%i" Environment="REGISTER_TTL=60" Environment="REGISTER_UPDATE_INTERVAL=30" +ExecStartPre=/bin/bash -c \ + "if [[ -n $(/usr/bin/etcdctl get ${REGISTER_KEY_ROOT} &> /dev/null ) ]]; then \ + /usr/bin/etcdctl \ + ${REGISTER_ETCD_PARAMETERS} \ + rm --recursive \ + ${REGISTER_KEY_ROOT}; \ + fi" + # Register service ExecStart=/bin/bash -c \ "while true; do \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ set \ - ${REGISTER_KEY} \ - %H:$(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )) \ + ${REGISTER_KEY_ROOT}/host \ + %H \ + --ttl ${REGISTER_TTL}; \ + /usr/bin/etcdctl \ + ${REGISTER_ETCD_PARAMETERS} \ + set \ + ${REGISTER_KEY_ROOT}/ports/tcp/22 \ + $(/usr/bin/sed 's/^[0-9.]*://' <<< $(/usr/bin/docker port ssh.pool-1.%i 22)) \ --ttl ${REGISTER_TTL}; \ sleep ${REGISTER_UPDATE_INTERVAL}; \ done" # Unregister service ExecStop=/bin/bash -c \ - "if [[ -n $(/usr/bin/etcdctl get ${REGISTER_KEY} &> /dev/null ) ]]; then \ + "if [[ -n $(/usr/bin/etcdctl get ${REGISTER_KEY_ROOT} &> /dev/null ) ]]; then \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ - rm \ - ${REGISTER_KEY}; \ + rm --recursive \ + ${REGISTER_KEY_ROOT}; \ fi" [Install] From 3e2c82484b3500cc6fb768d8ba5d0419b3cec125 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 15 May 2016 17:46:12 +0100 Subject: [PATCH 73/95] ISSUE 200: Systemd installation needed to start register companion service. --- systemd-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systemd-install.sh b/systemd-install.sh index ad0602f..7c94702 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -62,7 +62,7 @@ systemctl daemon-reload printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} # Systemd ExecStartPre command should exist to terminate any existing containers -systemctl restart ${SERVICE_UNIT_INSTANCE_NAME} ${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} & +systemctl restart ${SERVICE_UNIT_INSTANCE_NAME} ${SERVICE_UNIT_REGISTER_INSTANCE_NAME} & PIDS[0]=${!} # Tail the systemd unit logs unitl installation completes From 7dc9eea591bb59f24ea412d4dc2d72affa203a04 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 15 May 2016 17:47:31 +0100 Subject: [PATCH 74/95] ISSUE 200: Fixed issue with deleting service keys when stopping the service. --- ssh.pool-1.1.1@2020.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index c213355..0b76737 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -164,7 +164,7 @@ ExecStop=/usr/bin/docker stop --time 10 %p # Unregister service ExecStopPost=/bin/bash -c \ - "if [[ -n $(/usr/bin/etcdctl get /services/%p &> /dev/null ) ]]; then \ + "if /usr/bin/etcdctl get /services/%p &> /dev/null; then \ /usr/bin/etcdctl \ rm \ /services/${SERVICE_UNIT_NAME}/${SERVICE_UNIT_SHARED_GROUP}/${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}; \ From a8fbdfb3d0c3927369b1ce3b12c0d86ba59463be Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 15 May 2016 17:50:43 +0100 Subject: [PATCH 75/95] ISSUE 200: Back-off for 2 sec to allow container to start. Periodically update instead of set to retain Create-Index metadata. --- ssh.pool-1.register@.service | 43 +++++++++++++++++++++++++----------- 1 file changed, 30 insertions(+), 13 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 94bf4d4..0bc55b0 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -48,45 +48,62 @@ After=etcd2.service BindsTo=ssh.pool-1@%i.service [Service] -TimeoutStartSec=0 -Environment="REGISTER_ETCD_PARAMETERS=--debug --no-sync" +TimeoutStartSec=2 +Environment="REGISTER_ETCD_PARAMETERS=--debug --no-sync --endpoint http://127.0.0.1:2379" Environment="REGISTER_KEY_ROOT=/services/ssh.pool-1.%i" Environment="REGISTER_TTL=60" Environment="REGISTER_UPDATE_INTERVAL=30" +# Unregister service ExecStartPre=/bin/bash -c \ - "if [[ -n $(/usr/bin/etcdctl get ${REGISTER_KEY_ROOT} &> /dev/null ) ]]; then \ + "if /usr/bin/etcdctl ${REGISTER_ETCD_PARAMETERS} ls ${REGISTER_KEY_ROOT} &> /dev/null; then \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ - rm --recursive \ - ${REGISTER_KEY_ROOT}; \ + rm \ + ${REGISTER_KEY_ROOT} \ + --recursive; \ fi" # Register service ExecStart=/bin/bash -c \ - "while true; do \ + "if ! /usr/bin/etcdctl ${REGISTER_ETCD_PARAMETERS} ls ${REGISTER_KEY_ROOT} &> /dev/null; then \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ - set \ - ${REGISTER_KEY_ROOT}/host \ + mk \ + ${REGISTER_KEY_ROOT}/hostname \ %H \ --ttl ${REGISTER_TTL}; \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ - set \ + mk \ ${REGISTER_KEY_ROOT}/ports/tcp/22 \ $(/usr/bin/sed 's/^[0-9.]*://' <<< $(/usr/bin/docker port ssh.pool-1.%i 22)) \ --ttl ${REGISTER_TTL}; \ + fi; \ + while true; do \ sleep ${REGISTER_UPDATE_INTERVAL}; \ + /usr/bin/etcdctl \ + ${REGISTER_ETCD_PARAMETERS} \ + update \ + ${REGISTER_KEY_ROOT}/hostname \ + %H \ + --ttl ${REGISTER_TTL}; \ + /usr/bin/etcdctl \ + ${REGISTER_ETCD_PARAMETERS} \ + update \ + ${REGISTER_KEY_ROOT}/ports/tcp/22 \ + $(/usr/bin/sed 's/^[0-9.]*://' <<< $(/usr/bin/docker port ssh.pool-1.%i 22)) \ + --ttl ${REGISTER_TTL}; \ done" # Unregister service -ExecStop=/bin/bash -c \ - "if [[ -n $(/usr/bin/etcdctl get ${REGISTER_KEY_ROOT} &> /dev/null ) ]]; then \ +ExecStartPre=/bin/bash -c \ + "if /usr/bin/etcdctl ${REGISTER_ETCD_PARAMETERS} ls ${REGISTER_KEY_ROOT} &> /dev/null; then \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ - rm --recursive \ - ${REGISTER_KEY_ROOT}; \ + rm \ + ${REGISTER_KEY_ROOT} \ + --recursive; \ fi" [Install] From 4526fe7c885fb3a085d1cdf1293afee70cc86db3 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 15 May 2016 21:14:54 +0100 Subject: [PATCH 76/95] ISSUE 200: Added missing 'ExecStop' section to register service unit file. --- ssh.pool-1.register@.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 0bc55b0..48429f9 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -49,7 +49,7 @@ BindsTo=ssh.pool-1@%i.service [Service] TimeoutStartSec=2 -Environment="REGISTER_ETCD_PARAMETERS=--debug --no-sync --endpoint http://127.0.0.1:2379" +Environment="REGISTER_ETCD_PARAMETERS=--debug" Environment="REGISTER_KEY_ROOT=/services/ssh.pool-1.%i" Environment="REGISTER_TTL=60" Environment="REGISTER_UPDATE_INTERVAL=30" @@ -97,7 +97,7 @@ ExecStart=/bin/bash -c \ done" # Unregister service -ExecStartPre=/bin/bash -c \ +ExecStop=/bin/bash -c \ "if /usr/bin/etcdctl ${REGISTER_ETCD_PARAMETERS} ls ${REGISTER_KEY_ROOT} &> /dev/null; then \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ From 7d8d1b18974716ebf1a7c6b76a35507e47e8b28e Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 15 May 2016 22:23:34 +0100 Subject: [PATCH 77/95] ISSUE 200: Added better handling of docker port not being set. --- ssh.pool-1.register@.service | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 48429f9..d92d0f3 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -48,7 +48,7 @@ After=etcd2.service BindsTo=ssh.pool-1@%i.service [Service] -TimeoutStartSec=2 +TimeoutStartSec=0 Environment="REGISTER_ETCD_PARAMETERS=--debug" Environment="REGISTER_KEY_ROOT=/services/ssh.pool-1.%i" Environment="REGISTER_TTL=60" @@ -77,7 +77,7 @@ ExecStart=/bin/bash -c \ ${REGISTER_ETCD_PARAMETERS} \ mk \ ${REGISTER_KEY_ROOT}/ports/tcp/22 \ - $(/usr/bin/sed 's/^[0-9.]*://' <<< $(/usr/bin/docker port ssh.pool-1.%i 22)) \ + $(/usr/bin/sed 's/^[0-9.]*://' <<< $(if ! /usr/bin/docker port ssh.pool-1.%i 22 &> /dev/null; then echo ''; else /usr/bin/docker port ssh.pool-1.%i 22; fi)) \ --ttl ${REGISTER_TTL}; \ fi; \ while true; do \ @@ -92,7 +92,7 @@ ExecStart=/bin/bash -c \ ${REGISTER_ETCD_PARAMETERS} \ update \ ${REGISTER_KEY_ROOT}/ports/tcp/22 \ - $(/usr/bin/sed 's/^[0-9.]*://' <<< $(/usr/bin/docker port ssh.pool-1.%i 22)) \ + $(/usr/bin/sed 's/^[0-9.]*://' <<< $(if ! /usr/bin/docker port ssh.pool-1.%i 22 &> /dev/null; then echo ''; else /usr/bin/docker port ssh.pool-1.%i 22; fi)) \ --ttl ${REGISTER_TTL}; \ done" From a3e85619d02c497a0437dac932c91664e3675627 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 15 May 2016 23:36:46 +0100 Subject: [PATCH 78/95] ISSUE 200: Cannot set an empty etcd key value so keep pooling for the result from docker port. --- ssh.pool-1.register@.service | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index d92d0f3..6d172f3 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -66,20 +66,21 @@ ExecStartPre=/bin/bash -c \ # Register service ExecStart=/bin/bash -c \ - "if ! /usr/bin/etcdctl ${REGISTER_ETCD_PARAMETERS} ls ${REGISTER_KEY_ROOT} &> /dev/null; then \ - /usr/bin/etcdctl \ - ${REGISTER_ETCD_PARAMETERS} \ - mk \ - ${REGISTER_KEY_ROOT}/hostname \ - %H \ - --ttl ${REGISTER_TTL}; \ + "/usr/bin/etcdctl \ + ${REGISTER_ETCD_PARAMETERS} \ + mk \ + ${REGISTER_KEY_ROOT}/hostname \ + %H \ + --ttl ${REGISTER_TTL}; \ + while ! /usr/bin/etcdctl ${REGISTER_ETCD_PARAMETERS} get ${REGISTER_KEY_ROOT}/ports/tcp/22 &> /dev/null; do \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ mk \ ${REGISTER_KEY_ROOT}/ports/tcp/22 \ $(/usr/bin/sed 's/^[0-9.]*://' <<< $(if ! /usr/bin/docker port ssh.pool-1.%i 22 &> /dev/null; then echo ''; else /usr/bin/docker port ssh.pool-1.%i 22; fi)) \ --ttl ${REGISTER_TTL}; \ - fi; \ + sleep 0.5; \ + done; \ while true; do \ sleep ${REGISTER_UPDATE_INTERVAL}; \ /usr/bin/etcdctl \ From 987e38b532dcdd3b8166de5bfb348424c94c1196 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sun, 15 May 2016 23:48:56 +0100 Subject: [PATCH 79/95] ISSUE 200: Increase update frequency closer to value TTL. --- ssh.pool-1.register@.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 6d172f3..9829aaa 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -52,7 +52,7 @@ TimeoutStartSec=0 Environment="REGISTER_ETCD_PARAMETERS=--debug" Environment="REGISTER_KEY_ROOT=/services/ssh.pool-1.%i" Environment="REGISTER_TTL=60" -Environment="REGISTER_UPDATE_INTERVAL=30" +Environment="REGISTER_UPDATE_INTERVAL=55" # Unregister service ExecStartPre=/bin/bash -c \ From d87a46715d55818180cdeb54730d7fdc71194166 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 16 May 2016 22:33:31 +0100 Subject: [PATCH 80/95] ISSUE 200: Remove --debug paramter from etcd commands. --- ssh.pool-1.register@.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 9829aaa..6081e5e 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -49,7 +49,7 @@ BindsTo=ssh.pool-1@%i.service [Service] TimeoutStartSec=0 -Environment="REGISTER_ETCD_PARAMETERS=--debug" +Environment="REGISTER_ETCD_PARAMETERS=" Environment="REGISTER_KEY_ROOT=/services/ssh.pool-1.%i" Environment="REGISTER_TTL=60" Environment="REGISTER_UPDATE_INTERVAL=55" From ddb501dc5d1a1c29e60cf8282f338a7d90afb79c Mon Sep 17 00:00:00 2001 From: James Deathe Date: Mon, 16 May 2016 23:05:35 +0100 Subject: [PATCH 81/95] ISSUE 200: Prevent register service failing due to inital pull/load of container image. --- ssh.pool-1.register@.service | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 6081e5e..995b64c 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -49,6 +49,7 @@ BindsTo=ssh.pool-1@%i.service [Service] TimeoutStartSec=0 +KillMode=none Environment="REGISTER_ETCD_PARAMETERS=" Environment="REGISTER_KEY_ROOT=/services/ssh.pool-1.%i" Environment="REGISTER_TTL=60" @@ -78,7 +79,7 @@ ExecStart=/bin/bash -c \ mk \ ${REGISTER_KEY_ROOT}/ports/tcp/22 \ $(/usr/bin/sed 's/^[0-9.]*://' <<< $(if ! /usr/bin/docker port ssh.pool-1.%i 22 &> /dev/null; then echo ''; else /usr/bin/docker port ssh.pool-1.%i 22; fi)) \ - --ttl ${REGISTER_TTL}; \ + --ttl ${REGISTER_TTL} 2> /dev/null; \ sleep 0.5; \ done; \ while true; do \ From 80007e04558c3547882aa90a24ecfd7a9594092b Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 17 May 2016 03:27:15 +0100 Subject: [PATCH 82/95] ISSUE 200: Corrected installation method. Register hostname after docker ports to prevent issues with TTL expiring before update. Prevent operator starting/stopping the registry service as it should be controlled from it's service unit instance. --- ssh.pool-1.register@.service | 29 ++++++++++++++--------------- ssh.pool-1@.service | 5 ++--- systemd-install.sh | 8 +++++--- 3 files changed, 21 insertions(+), 21 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 995b64c..c2bbdbf 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -26,8 +26,6 @@ # To install: # sudo cp {service-unit-template-name} /etc/systemd/system/ # sudo systemctl daemon-reload -# -# Persist system reboot: # sudo systemctl enable -f {service-unit-instance-name} # # Debugging: @@ -46,10 +44,11 @@ Description=centos-ssh etcd registration // %p@%i Requires=etcd2.service After=etcd2.service BindsTo=ssh.pool-1@%i.service +RefuseManualStart=true +RefuseManualStop=true [Service] -TimeoutStartSec=0 -KillMode=none +TimeoutStartSec=1200 Environment="REGISTER_ETCD_PARAMETERS=" Environment="REGISTER_KEY_ROOT=/services/ssh.pool-1.%i" Environment="REGISTER_TTL=60" @@ -67,13 +66,7 @@ ExecStartPre=/bin/bash -c \ # Register service ExecStart=/bin/bash -c \ - "/usr/bin/etcdctl \ - ${REGISTER_ETCD_PARAMETERS} \ - mk \ - ${REGISTER_KEY_ROOT}/hostname \ - %H \ - --ttl ${REGISTER_TTL}; \ - while ! /usr/bin/etcdctl ${REGISTER_ETCD_PARAMETERS} get ${REGISTER_KEY_ROOT}/ports/tcp/22 &> /dev/null; do \ + "while ! /usr/bin/etcdctl ${REGISTER_ETCD_PARAMETERS} get ${REGISTER_KEY_ROOT}/ports/tcp/22 &> /dev/null; do \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ mk \ @@ -82,19 +75,25 @@ ExecStart=/bin/bash -c \ --ttl ${REGISTER_TTL} 2> /dev/null; \ sleep 0.5; \ done; \ + /usr/bin/etcdctl \ + ${REGISTER_ETCD_PARAMETERS} \ + mk \ + ${REGISTER_KEY_ROOT}/hostname \ + %H \ + --ttl ${REGISTER_TTL}; \ while true; do \ sleep ${REGISTER_UPDATE_INTERVAL}; \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ update \ - ${REGISTER_KEY_ROOT}/hostname \ - %H \ + ${REGISTER_KEY_ROOT}/ports/tcp/22 \ + $(/usr/bin/sed 's/^[0-9.]*://' <<< $(if ! /usr/bin/docker port ssh.pool-1.%i 22 &> /dev/null; then echo ''; else /usr/bin/docker port ssh.pool-1.%i 22; fi)) \ --ttl ${REGISTER_TTL}; \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ update \ - ${REGISTER_KEY_ROOT}/ports/tcp/22 \ - $(/usr/bin/sed 's/^[0-9.]*://' <<< $(if ! /usr/bin/docker port ssh.pool-1.%i 22 &> /dev/null; then echo ''; else /usr/bin/docker port ssh.pool-1.%i 22; fi)) \ + ${REGISTER_KEY_ROOT}/hostname \ + %H \ --ttl ${REGISTER_TTL}; \ done" diff --git a/ssh.pool-1@.service b/ssh.pool-1@.service index e2070e1..8d9e4cd 100644 --- a/ssh.pool-1@.service +++ b/ssh.pool-1@.service @@ -23,13 +23,11 @@ # To install: # sudo cp {service-unit-template-name} /etc/systemd/system/ # sudo systemctl daemon-reload +# sudo systemctl enable -f {service-unit-instance-name} # # Start using: # sudo systemctl [start|stop|restart|kill|status] {service-unit-instance-name} # -# Persist system reboot: -# sudo systemctl enable -f {service-unit-instance-name} -# # Debugging: # sudo systemctl status {service-unit-instance-name} # journalctl -fn 50 -u {service-unit-instance-name} @@ -175,6 +173,7 @@ ExecStop=/usr/bin/docker stop --time 10 %p.%i [Install] WantedBy=multi-user.target +DefaultInstance=1.1 [X-Fleet] Conflicts=%p@*.%i.service diff --git a/systemd-install.sh b/systemd-install.sh index 7c94702..cd6afc2 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -58,11 +58,15 @@ fi cp ${SERVICE_UNIT_TEMPLATE_NAME} /etc/systemd/system/ cp ${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} /etc/systemd/system/ replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} + systemctl daemon-reload +systemctl enable -f ${SERVICE_UNIT_REGISTER_INSTANCE_NAME} +systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} + printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} # Systemd ExecStartPre command should exist to terminate any existing containers -systemctl restart ${SERVICE_UNIT_INSTANCE_NAME} ${SERVICE_UNIT_REGISTER_INSTANCE_NAME} & +systemctl restart ${SERVICE_UNIT_INSTANCE_NAME} & PIDS[0]=${!} # Tail the systemd unit logs unitl installation completes @@ -81,9 +85,7 @@ if systemctl -q is-active ${SERVICE_UNIT_INSTANCE_NAME}; then printf -- " ---> Service unit is active: %s\n" "$(systemctl list-units --type=service | grep "^[ ]*${SERVICE_UNIT_INSTANCE_NAME}")" if systemctl -q is-active ${SERVICE_UNIT_REGISTER_INSTANCE_NAME}; then printf -- " ---> Service register unit is active: %s\n" "$(systemctl list-units --type=service | grep "^[ ]*${SERVICE_UNIT_REGISTER_INSTANCE_NAME}")" - systemctl enable -f ${SERVICE_UNIT_REGISTER_INSTANCE_NAME} fi - systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} printf -- "${COLOUR_POSITIVE} --->${COLOUR_RESET} %s\n" 'Install complete' else printf -- "\nService status:\n" From f80c69cb748b52be7918495ab522e2ddcc13c379 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 17 May 2016 03:42:03 +0100 Subject: [PATCH 83/95] ISSUE 200: Recover from a key being deleted while in the update cycle. --- ssh.pool-1.register@.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index c2bbdbf..5a3313b 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -85,13 +85,13 @@ ExecStart=/bin/bash -c \ sleep ${REGISTER_UPDATE_INTERVAL}; \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ - update \ + $(if ! /usr/bin/etcdctl ${REGISTER_ETCD_PARAMETERS} get ${REGISTER_KEY_ROOT}/ports/tcp/22 &> /dev/null; then echo set; else echo update; fi) \ ${REGISTER_KEY_ROOT}/ports/tcp/22 \ $(/usr/bin/sed 's/^[0-9.]*://' <<< $(if ! /usr/bin/docker port ssh.pool-1.%i 22 &> /dev/null; then echo ''; else /usr/bin/docker port ssh.pool-1.%i 22; fi)) \ --ttl ${REGISTER_TTL}; \ /usr/bin/etcdctl \ ${REGISTER_ETCD_PARAMETERS} \ - update \ + $(if ! /usr/bin/etcdctl ${REGISTER_ETCD_PARAMETERS} get ${REGISTER_KEY_ROOT}/hostname &> /dev/null; then echo set; else echo update; fi) \ ${REGISTER_KEY_ROOT}/hostname \ %H \ --ttl ${REGISTER_TTL}; \ From 6857a3f52f9f5e3007aaaad65150c838eb442759 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 17 May 2016 21:46:06 +0100 Subject: [PATCH 84/95] ISSUE 200: Installation includes enabling the unit instances. Error if registation service fails. --- systemd-install.sh | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/systemd-install.sh b/systemd-install.sh index cd6afc2..b3219d3 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -61,11 +61,9 @@ replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_N systemctl daemon-reload -systemctl enable -f ${SERVICE_UNIT_REGISTER_INSTANCE_NAME} -systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} - printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} -# Systemd ExecStartPre command should exist to terminate any existing containers +systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} +systemctl enable -f ${SERVICE_UNIT_REGISTER_INSTANCE_NAME} systemctl restart ${SERVICE_UNIT_INSTANCE_NAME} & PIDS[0]=${!} @@ -81,11 +79,9 @@ sleep 5 kill -15 ${PIDS[1]} wait ${PIDS[1]} 2> /dev/null -if systemctl -q is-active ${SERVICE_UNIT_INSTANCE_NAME}; then - printf -- " ---> Service unit is active: %s\n" "$(systemctl list-units --type=service | grep "^[ ]*${SERVICE_UNIT_INSTANCE_NAME}")" - if systemctl -q is-active ${SERVICE_UNIT_REGISTER_INSTANCE_NAME}; then - printf -- " ---> Service register unit is active: %s\n" "$(systemctl list-units --type=service | grep "^[ ]*${SERVICE_UNIT_REGISTER_INSTANCE_NAME}")" - fi +if systemctl -q is-active ${SERVICE_UNIT_INSTANCE_NAME} && systemctl -q is-active ${SERVICE_UNIT_REGISTER_INSTANCE_NAME}; then + printf -- "---> Service unit is active: %s\n" "$(systemctl list-units --type=service | grep "^[ ]*${SERVICE_UNIT_INSTANCE_NAME}")" + printf -- "---> Service register unit is active: %s\n" "$(systemctl list-units --type=service | grep "^[ ]*${SERVICE_UNIT_REGISTER_INSTANCE_NAME}")" printf -- "${COLOUR_POSITIVE} --->${COLOUR_RESET} %s\n" 'Install complete' else printf -- "\nService status:\n" From b97e99f05c41903f346c9e8ad43b9b8aa3961e38 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 17 May 2016 21:48:59 +0100 Subject: [PATCH 85/95] ISSUE 200: Requirements moved out into optional registration service. --- ssh.pool-1.register@.service | 6 ++---- ssh.pool-1@.service | 6 +----- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 5a3313b..7ba8703 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -34,9 +34,8 @@ # # To uninstall: # sudo systemctl disable -f {service-unit-instance-name} -# sudo systemctl stop {service-unit-instance-name} # sudo rm /etc/systemd/system/{service-unit-template-name} -# sudo docker rm -f {service-unit-long-name} +# sudo systemctl daemon-reload # ----------------------------------------------------------------------------- [Unit] @@ -48,7 +47,6 @@ RefuseManualStart=true RefuseManualStop=true [Service] -TimeoutStartSec=1200 Environment="REGISTER_ETCD_PARAMETERS=" Environment="REGISTER_KEY_ROOT=/services/ssh.pool-1.%i" Environment="REGISTER_TTL=60" @@ -108,8 +106,8 @@ ExecStop=/bin/bash -c \ fi" [Install] -WantedBy=ssh.pool-1@%i.service DefaultInstance=1.1 +RequiredBy=ssh.pool-1@%i.service [X-Fleet] MachineOf=ssh.pool-1@%i.service diff --git a/ssh.pool-1@.service b/ssh.pool-1@.service index 8d9e4cd..cd58265 100644 --- a/ssh.pool-1@.service +++ b/ssh.pool-1@.service @@ -42,9 +42,6 @@ [Unit] Description=centos-ssh // %p@%i Requires=docker.service -Wants=etcd.service -Wants=etcd2.service -Wants=%p.register@%i.service After=etcd.service After=etcd2.service After=docker.service @@ -53,7 +50,6 @@ After=docker.service Restart=on-failure RestartSec=30 TimeoutStartSec=1200 -KillMode=none Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/services-packages" Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh" Environment="DOCKER_IMAGE_TAG=centos-7-2.0.1" @@ -172,8 +168,8 @@ ExecStart=/bin/bash -c \ ExecStop=/usr/bin/docker stop --time 10 %p.%i [Install] -WantedBy=multi-user.target DefaultInstance=1.1 +WantedBy=multi-user.target [X-Fleet] Conflicts=%p@*.%i.service From b78d2b307dc4ad5c6b88f4ac4a8b045750a8b53f Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 17 May 2016 21:50:33 +0100 Subject: [PATCH 86/95] ISSUE 200: Run systemd unit's main process 'docker' via exec. --- ssh.pool-1@.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1@.service b/ssh.pool-1@.service index cd58265..3be3fc1 100644 --- a/ssh.pool-1@.service +++ b/ssh.pool-1@.service @@ -126,7 +126,7 @@ ExecStartPre=/bin/bash -c \ # Startup ExecStart=/bin/bash -c \ "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ - /usr/bin/docker run \ + exec /usr/bin/docker run \ --name %p.%i \ -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ @@ -145,7 +145,7 @@ ExecStart=/bin/bash -c \ --volumes-from volume-config.%p.%i \ ${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}; \ else \ - /usr/bin/docker run \ + exec /usr/bin/docker run \ --name %p.%i \ -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ From 26183fbf0dfc376404cebfaa0a6d6ea13a45cb8f Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 17 May 2016 22:02:29 +0100 Subject: [PATCH 87/95] ISSUE 200: Default to using etcd service name and update to etcd if installing on CoreOS. --- ssh.pool-1.register@.service | 4 ++-- ssh.pool-1@.service | 1 - systemd-install.sh | 9 +++++---- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 7ba8703..10418d4 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -40,8 +40,8 @@ [Unit] Description=centos-ssh etcd registration // %p@%i -Requires=etcd2.service -After=etcd2.service +Requires=etcd.service +After=etcd.service BindsTo=ssh.pool-1@%i.service RefuseManualStart=true RefuseManualStop=true diff --git a/ssh.pool-1@.service b/ssh.pool-1@.service index 3be3fc1..628736e 100644 --- a/ssh.pool-1@.service +++ b/ssh.pool-1@.service @@ -43,7 +43,6 @@ Description=centos-ssh // %p@%i Requires=docker.service After=etcd.service -After=etcd2.service After=docker.service [Service] diff --git a/systemd-install.sh b/systemd-install.sh index b3219d3..9eabb7e 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -35,10 +35,10 @@ replace_etcd_service_name () # respectively but has both available. Use etcd2.service in the systemd # unit file and rename for other distributions where etcd.service is the # only name used. - if ! is_coreos_distribution; then - echo "---> Not a CoreOS distribution." - echo " ---> Renaming etcd2.service to etcd.service in unit file." - sed -i -e 's~etcd2.service~etcd.service~g' ${FILE_PATH} + if is_coreos_distribution; then + echo "---> CoreOS distribution." + echo " ---> Renaming etcd.service to etcd2.service in unit file." + sed -i -e 's~etcd.service~etcd2.service~g' ${FILE_PATH} fi } @@ -57,6 +57,7 @@ fi # Copy systemd unit-files into place. cp ${SERVICE_UNIT_TEMPLATE_NAME} /etc/systemd/system/ cp ${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} /etc/systemd/system/ +replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} systemctl daemon-reload From be8cd73f7a126b686b2ca105524fe4d23be8b526 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Tue, 17 May 2016 22:15:58 +0100 Subject: [PATCH 88/95] ISSUE 200: Prevent duplicate message for etcd to etcd2 updates during installation. --- systemd-install.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/systemd-install.sh b/systemd-install.sh index 9eabb7e..349f43f 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -32,14 +32,8 @@ replace_etcd_service_name () fi # CoreOS uses etcd.service and etcd2.service for version 1 and 2 of ETCD - # respectively but has both available. Use etcd2.service in the systemd - # unit file and rename for other distributions where etcd.service is the - # only name used. - if is_coreos_distribution; then - echo "---> CoreOS distribution." - echo " ---> Renaming etcd.service to etcd2.service in unit file." - sed -i -e 's~etcd.service~etcd2.service~g' ${FILE_PATH} - fi + # respectively but has both available. Others use only etcd.service. + sed -i -e 's~etcd.service~etcd2.service~g' ${FILE_PATH} } # Abort if systemd not supported @@ -54,15 +48,21 @@ if [[ ${EUID} -ne 0 ]]; then exit 1 fi +printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} + # Copy systemd unit-files into place. cp ${SERVICE_UNIT_TEMPLATE_NAME} /etc/systemd/system/ cp ${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} /etc/systemd/system/ -replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} -replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} + +if is_coreos_distribution; then + echo "---> CoreOS distribution." + echo " ---> Renaming etcd.service to etcd2.service in unit files." + replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} + replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} +fi systemctl daemon-reload -printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} systemctl enable -f ${SERVICE_UNIT_REGISTER_INSTANCE_NAME} systemctl restart ${SERVICE_UNIT_INSTANCE_NAME} & From 53587cfc6f2efb10dd6dee6fbef2216e0ebaba59 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 18 May 2016 01:05:08 +0100 Subject: [PATCH 89/95] ISSUE 200: Use Wants instead of Requires to allow install on both CentOS-7 and CoreOS. Adminsitrators can allways add a Requires using systemd a unit file's override.conf. --- ssh.pool-1.register@.service | 4 ++-- ssh.pool-1@.service | 1 - systemd-install.sh | 35 ----------------------------------- 3 files changed, 2 insertions(+), 38 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 10418d4..4ccc257 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -40,8 +40,8 @@ [Unit] Description=centos-ssh etcd registration // %p@%i -Requires=etcd.service -After=etcd.service +Wants=etcd2.service etcd.service +After=etcd2.service etcd.service BindsTo=ssh.pool-1@%i.service RefuseManualStart=true RefuseManualStop=true diff --git a/ssh.pool-1@.service b/ssh.pool-1@.service index 628736e..36283d7 100644 --- a/ssh.pool-1@.service +++ b/ssh.pool-1@.service @@ -42,7 +42,6 @@ [Unit] Description=centos-ssh // %p@%i Requires=docker.service -After=etcd.service After=docker.service [Service] diff --git a/systemd-install.sh b/systemd-install.sh index 349f43f..229e1d3 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -8,34 +8,6 @@ fi source run.conf -is_coreos_distribution () -{ - if [[ -n $( [[ -e /etc/os-release ]] && grep ^ID=coreos$ /etc/os-release ) ]]; then - return 0 - fi - - return 1 -} - -replace_etcd_service_name () -{ - local FILE_PATH=${1} - - if [[ -z ${FILE_PATH} ]]; then - echo "Path to the service's unit file is required." - return 1 - fi - - if ! [[ -s ${FILE_PATH} ]]; then - echo "Unit file not found." - return 1 - fi - - # CoreOS uses etcd.service and etcd2.service for version 1 and 2 of ETCD - # respectively but has both available. Others use only etcd.service. - sed -i -e 's~etcd.service~etcd2.service~g' ${FILE_PATH} -} - # Abort if systemd not supported if ! type -p systemctl &> /dev/null; then printf -- "${COLOUR_NEGATIVE}--->${COLOUR_RESET} %s\n" 'Systemd installation not supported.' @@ -54,13 +26,6 @@ printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} cp ${SERVICE_UNIT_TEMPLATE_NAME} /etc/systemd/system/ cp ${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} /etc/systemd/system/ -if is_coreos_distribution; then - echo "---> CoreOS distribution." - echo " ---> Renaming etcd.service to etcd2.service in unit files." - replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_TEMPLATE_NAME} - replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} -fi - systemctl daemon-reload systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} From 9b981fa5d54702f17130b0669053a179b1b1f26a Mon Sep 17 00:00:00 2001 From: James Deathe Date: Wed, 18 May 2016 01:18:17 +0100 Subject: [PATCH 90/95] ISSUE 200: Revert back to renaming Requires etcd to etcd2 for CoreOS to avoid conflict issues. --- ssh.pool-1.register@.service | 4 ++-- systemd-install.sh | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 4ccc257..10418d4 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -40,8 +40,8 @@ [Unit] Description=centos-ssh etcd registration // %p@%i -Wants=etcd2.service etcd.service -After=etcd2.service etcd.service +Requires=etcd.service +After=etcd.service BindsTo=ssh.pool-1@%i.service RefuseManualStart=true RefuseManualStop=true diff --git a/systemd-install.sh b/systemd-install.sh index 229e1d3..6bd2150 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -8,6 +8,34 @@ fi source run.conf +is_coreos_distribution () +{ + if [[ -n $( [[ -e /etc/os-release ]] && grep ^ID=coreos$ /etc/os-release ) ]]; then + return 0 + fi + + return 1 +} + +replace_etcd_service_name () +{ + local FILE_PATH=${1} + + if [[ -z ${FILE_PATH} ]]; then + echo "Path to the service's unit file is required." + return 1 + fi + + if ! [[ -s ${FILE_PATH} ]]; then + echo "Unit file not found." + return 1 + fi + + # CoreOS uses etcd.service and etcd2.service for version 1 and 2 of ETCD + # respectively but has both available. Others use only etcd.service. + sed -i -e 's~etcd.service~etcd2.service~g' ${FILE_PATH} +} + # Abort if systemd not supported if ! type -p systemctl &> /dev/null; then printf -- "${COLOUR_NEGATIVE}--->${COLOUR_RESET} %s\n" 'Systemd installation not supported.' @@ -26,6 +54,12 @@ printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} cp ${SERVICE_UNIT_TEMPLATE_NAME} /etc/systemd/system/ cp ${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} /etc/systemd/system/ +if is_coreos_distribution; then + echo "---> CoreOS distribution." + echo " ---> Overriding etcd.service with etcd2.service in unit file templates." + replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} +fi + systemctl daemon-reload systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} From b015fa7935b4a36e4c00c1cfeb42636eed8023e4 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 20 May 2016 01:05:57 +0100 Subject: [PATCH 91/95] ISSUE 235: Handle docker port mappings using IP address or empty string. --- ssh.pool-1@.service | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1@.service b/ssh.pool-1@.service index 36283d7..c54880c 100644 --- a/ssh.pool-1@.service +++ b/ssh.pool-1@.service @@ -126,7 +126,16 @@ ExecStart=/bin/bash -c \ "if [[ -n $(/usr/bin/docker ps -aq --filter \"name=${VOLUME_CONFIG_NAME}\") ]]; then \ exec /usr/bin/docker run \ --name %p.%i \ - -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )):22 \ + --publish $(\ + if [[ -n $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< \"${DOCKER_PORT_MAP_TCP_22}\") ]]; then \ + printf -- '%%s%%s' \ + \"$(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[1]; }' <<< "${DOCKER_PORT_MAP_TCP_22}")\" \ + \"$(( $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< "${DOCKER_PORT_MAP_TCP_22}") + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1))\"; \ + else \ + printf -- '%%s' \ + \"${DOCKER_PORT_MAP_TCP_22}\"; \ + fi; \ + ):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_AUTOSTART_SSHD=${SSH_AUTOSTART_SSHD}\" \ --env \"SSH_AUTOSTART_SSHD_BOOTSTRAP=${SSH_AUTOSTART_SSHD_BOOTSTRAP}\" \ @@ -145,7 +154,16 @@ ExecStart=/bin/bash -c \ else \ exec /usr/bin/docker run \ --name %p.%i \ - -p $(( ${DOCKER_PORT_MAP_TCP_22} + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 )):22 \ + --publish $(\ + if [[ -n $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< \"${DOCKER_PORT_MAP_TCP_22}\") ]]; then \ + printf -- '%%s%%s' \ + \"$(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[1]; }' <<< "${DOCKER_PORT_MAP_TCP_22}")\" \ + \"$(( $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< "${DOCKER_PORT_MAP_TCP_22}") + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1))\"; \ + else \ + printf -- '%%s' \ + \"${DOCKER_PORT_MAP_TCP_22}\"; \ + fi; \ + ):22 \ --env \"SSH_AUTHORIZED_KEYS=${SSH_AUTHORIZED_KEYS}\" \ --env \"SSH_AUTOSTART_SSHD=${SSH_AUTOSTART_SSHD}\" \ --env \"SSH_AUTOSTART_SSHD_BOOTSTRAP=${SSH_AUTOSTART_SSHD_BOOTSTRAP}\" \ From b9ef00028fdf6289b9bd0a2b8714af5d78ebc5f3 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Fri, 20 May 2016 12:44:26 +0100 Subject: [PATCH 92/95] ISSUE 240: Registration systemd service unit must start after the service parent unit. --- ssh.pool-1.register@.service | 1 + 1 file changed, 1 insertion(+) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 10418d4..0e82cd5 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -42,6 +42,7 @@ Description=centos-ssh etcd registration // %p@%i Requires=etcd.service After=etcd.service +After=ssh.pool-1@%i.service BindsTo=ssh.pool-1@%i.service RefuseManualStart=true RefuseManualStop=true From 1f7d5b5af33e145178454a6d0e0caf1c25ddab62 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 21 May 2016 15:41:40 +0100 Subject: [PATCH 93/95] ISSUE 247: Fixed error starting systemd service unit on CentOS-7. --- ssh.pool-1@.service | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ssh.pool-1@.service b/ssh.pool-1@.service index c54880c..acaf804 100644 --- a/ssh.pool-1@.service +++ b/ssh.pool-1@.service @@ -127,10 +127,10 @@ ExecStart=/bin/bash -c \ exec /usr/bin/docker run \ --name %p.%i \ --publish $(\ - if [[ -n $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< \"${DOCKER_PORT_MAP_TCP_22}\") ]]; then \ + if [[ -n $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< ${DOCKER_PORT_MAP_TCP_22}) ]]; then \ printf -- '%%s%%s' \ - \"$(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[1]; }' <<< "${DOCKER_PORT_MAP_TCP_22}")\" \ - \"$(( $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< "${DOCKER_PORT_MAP_TCP_22}") + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1))\"; \ + \"$(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[1]; }' <<< \"${DOCKER_PORT_MAP_TCP_22}\")\" \ + \"$(( $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< \"${DOCKER_PORT_MAP_TCP_22}\") + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 ))\"; \ else \ printf -- '%%s' \ \"${DOCKER_PORT_MAP_TCP_22}\"; \ @@ -155,10 +155,10 @@ ExecStart=/bin/bash -c \ exec /usr/bin/docker run \ --name %p.%i \ --publish $(\ - if [[ -n $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< \"${DOCKER_PORT_MAP_TCP_22}\") ]]; then \ + if [[ -n $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< ${DOCKER_PORT_MAP_TCP_22}) ]]; then \ printf -- '%%s%%s' \ - \"$(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[1]; }' <<< "${DOCKER_PORT_MAP_TCP_22}")\" \ - \"$(( $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< "${DOCKER_PORT_MAP_TCP_22}") + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1))\"; \ + \"$(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[1]; }' <<< \"${DOCKER_PORT_MAP_TCP_22}\")\" \ + \"$(( $(/usr/bin/gawk 'match($0, /^([0-9]+.[0-9]+.[0-9]+.[0-9]+:)?([0-9]+)$/, matches) { print matches[2]; }' <<< \"${DOCKER_PORT_MAP_TCP_22}\") + $(/usr/bin/awk -F. '$0=$1' <<< %i) - 1 ))\"; \ else \ printf -- '%%s' \ \"${DOCKER_PORT_MAP_TCP_22}\"; \ From 90d0e4d2924b3ef7f6023162e150fc7f618b0fb0 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 21 May 2016 20:17:56 +0100 Subject: [PATCH 94/95] ISSUE 239: Removed 'Requires' directive to simplify installation. --- ssh.pool-1.register@.service | 2 +- systemd-install.sh | 34 ---------------------------------- 2 files changed, 1 insertion(+), 35 deletions(-) diff --git a/ssh.pool-1.register@.service b/ssh.pool-1.register@.service index 0e82cd5..e314cef 100644 --- a/ssh.pool-1.register@.service +++ b/ssh.pool-1.register@.service @@ -40,8 +40,8 @@ [Unit] Description=centos-ssh etcd registration // %p@%i -Requires=etcd.service After=etcd.service +After=etcd2.service After=ssh.pool-1@%i.service BindsTo=ssh.pool-1@%i.service RefuseManualStart=true diff --git a/systemd-install.sh b/systemd-install.sh index 6bd2150..229e1d3 100755 --- a/systemd-install.sh +++ b/systemd-install.sh @@ -8,34 +8,6 @@ fi source run.conf -is_coreos_distribution () -{ - if [[ -n $( [[ -e /etc/os-release ]] && grep ^ID=coreos$ /etc/os-release ) ]]; then - return 0 - fi - - return 1 -} - -replace_etcd_service_name () -{ - local FILE_PATH=${1} - - if [[ -z ${FILE_PATH} ]]; then - echo "Path to the service's unit file is required." - return 1 - fi - - if ! [[ -s ${FILE_PATH} ]]; then - echo "Unit file not found." - return 1 - fi - - # CoreOS uses etcd.service and etcd2.service for version 1 and 2 of ETCD - # respectively but has both available. Others use only etcd.service. - sed -i -e 's~etcd.service~etcd2.service~g' ${FILE_PATH} -} - # Abort if systemd not supported if ! type -p systemctl &> /dev/null; then printf -- "${COLOUR_NEGATIVE}--->${COLOUR_RESET} %s\n" 'Systemd installation not supported.' @@ -54,12 +26,6 @@ printf -- "---> Installing %s\n" ${SERVICE_UNIT_INSTANCE_NAME} cp ${SERVICE_UNIT_TEMPLATE_NAME} /etc/systemd/system/ cp ${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} /etc/systemd/system/ -if is_coreos_distribution; then - echo "---> CoreOS distribution." - echo " ---> Overriding etcd.service with etcd2.service in unit file templates." - replace_etcd_service_name /etc/systemd/system/${SERVICE_UNIT_REGISTER_TEMPLATE_NAME} -fi - systemctl daemon-reload systemctl enable -f ${SERVICE_UNIT_INSTANCE_NAME} From 40602f2945c8912014e25b2d1633b8d377cf1678 Mon Sep 17 00:00:00 2001 From: James Deathe Date: Sat, 21 May 2016 20:28:09 +0100 Subject: [PATCH 95/95] Update systemd tag version ready for next release. --- ssh.pool-1.1.1@2020.service | 2 +- ssh.pool-1@.service | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh.pool-1.1.1@2020.service b/ssh.pool-1.1.1@2020.service index 0b76737..cd078eb 100644 --- a/ssh.pool-1.1.1@2020.service +++ b/ssh.pool-1.1.1@2020.service @@ -36,7 +36,7 @@ TimeoutStartSec=1200 KillMode=none Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/services-packages" Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh" -Environment="DOCKER_IMAGE_TAG=centos-7-2.0.1" +Environment="DOCKER_IMAGE_TAG=centos-7-2.0.2" Environment="DOCKER_PORT_MAP_TCP_22=%i" Environment="SERVICE_UNIT_NAME=ssh" Environment="SERVICE_UNIT_APP_GROUP=app-1" diff --git a/ssh.pool-1@.service b/ssh.pool-1@.service index acaf804..ac0337f 100644 --- a/ssh.pool-1@.service +++ b/ssh.pool-1@.service @@ -50,7 +50,7 @@ RestartSec=30 TimeoutStartSec=1200 Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/services-packages" Environment="DOCKER_IMAGE_NAME=jdeathe/centos-ssh" -Environment="DOCKER_IMAGE_TAG=centos-7-2.0.1" +Environment="DOCKER_IMAGE_TAG=centos-7-2.0.2" Environment="DOCKER_PORT_MAP_TCP_22=2020" Environment="VOLUME_CONFIG_ENABLED=false" Environment="VOLUME_CONFIG_NAMED=false"