epic/play-with-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add ubuntu ee dockerfile and UCP scripts

Browse Source
This commit is contained in:
Marcos Lilljedahl
2017-09-12 18:59:45 -03:00
parent a9474cf75e
commit f0c744f0b3
2 changed files with 130 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
Dockerfile.dind-ee Normal file
View File

@@ -0,0 +1,41 @@
ARG VERSION=franela/docker:17.06.2-dind-ubuntu
FROM ${VERSION}
RUN apt-get update \
&& apt-get install -y git tmux apache2-utils vim curl zfs jq bash-completion \
&& rm -rf /var/lib/apt/lists/*
# Add bash completion and set bash as default shell
#RUN mkdir /etc/bash_completion.d \
# && curl https://raw.githubusercontent.com/docker/cli/master/contrib/completion/bash/docker -o /etc/bash_completion.d/docker \
# && sed -i "s/ash/bash/" /etc/passwd
# Replace modprobe with a no-op to get rid of spurious warnings
# (note: we can't just symlink to /bin/true because it might be busybox)
RUN rm /sbin/modprobe && echo '#!/bin/true' >/sbin/modprobe && chmod +x /sbin/modprobe
# Install a nice vimrc file and prompt (by soulshake)
COPY ["docker-prompt", "ucp.sh", "/usr/local/bin/"]
COPY [".vimrc",".profile", ".inputrc", ".gitconfig","./root/"]
COPY ["motd", "/etc/motd"]
COPY ["daemon.json", "/etc/docker/"]
# Move to our home
WORKDIR /root
# Setup certs and uploads folders
RUN mkdir -p /var/run/pwd/certs && mkdir -p /var/run/pwd/uploads
# Remove IPv6 alias for localhost and start docker in the background ...
CMD cat /etc/hosts >/etc/hosts.bak && \
sed 's/^::1.*//' /etc/hosts.bak > /etc/hosts && \
sed -i "s/\PWD_IP_ADDRESS/$PWD_IP_ADDRESS/" /etc/docker/daemon.json && \
sed -i "s/\DOCKER_TLSENABLE/$DOCKER_TLSENABLE/" /etc/docker/daemon.json && \
sed -i "s/\DOCKER_TLSCACERT/$DOCKER_TLSCACERT/" /etc/docker/daemon.json && \
sed -i "s/\DOCKER_TLSCERT/$DOCKER_TLSCERT/" /etc/docker/daemon.json && \
sed -i "s/\DOCKER_TLSKEY/$DOCKER_TLSKEY/" /etc/docker/daemon.json && \
mount -t securityfs none /sys/kernel/security && \
dockerd > /docker.log 2>&1 & \
while true ; do script -q -c "/bin/bash -l" /dev/null ; done
# ... and then put a shell in the foreground, restarting it if it exits

89
ucp.sh Executable file
View File

@@ -0,0 +1,89 @@
#!/bin/bash
set -e
function wait_for_url {
# Wait for docker daemon to be ready
while ! curl -k -sS $1 > /dev/null; do
sleep 1;
done
}
function deploy_ucp {
wait_for_url "http://localhost:2375"
docker run --rm --name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp:2.2.2 install --force-insecure-tcp \
--san *.direct.${PWD_HOST_FQDN} \
--admin-username admin \
--admin-password admin1234
}
function get_instance_ip {
ip -o -4 a s eth1 | awk '{print $4}' | cut -d '/' -f1
}
function get_node_routable_ip {
curl -sS https://${PWD_HOST_FQDN}/sessions/${SESSION_ID} | jq -r '.instances[] | select(.hostname == "'$1'") | .routable_ip'
}
function get_direct_url_from_ip {
local ip_dash="${1//./-}"
local url="https://ip${ip_dash}-${SESSION_ID}.direct.${PWD_HOST_FQDN}"
echo $url
}
function deploy_dtr {
if [ $# -lt 1 ]; then
echo "DTR node hostname"
return
fi
local dtr_ip=$(get_node_routable_ip $1)
local ucp_ip=$(get_instance_ip)
local dtr_url=$(get_direct_url_from_ip $dtr_ip)
local ucp_url=$(get_direct_url_from_ip $ucp_ip)
docker run --rm docker/dtr install \
--dtr-external-url $dtr_url \
--ucp-node $1 \
--ucp-username admin \
--ucp-password admin1234 \
--ucp-insecure-tls \
--ucp-url $ucp_url
}
function setup_dtr_certs {
if [ $# -lt 1 ]; then
echo "DTR node hostname is missing"
return
fi
local dtr_ip=$(get_node_routable_ip $1)
local dtr_url=$(get_direct_url_from_ip $dtr_ip)
local dtr_hostname="${dtr_url/https:\/\/}"
wait_for_url "$dtr_url/ca"
curl -kfsSL $dtr_url/ca -o /usr/local/share/ca-certificates/$dtr_hostname.crt
update-ca-certificates
}
case "$1" in
deploy)
deploy_ucp
deploy_dtr $2
setup_dtr_certs $2
;;
setup-certs)
setup_dtr_certs $2
;;
*)
echo "Illegal option $1"
;;
esac