diff options
Diffstat (limited to 'roles/docker_img_proxy')
| -rw-r--r-- | roles/docker_img_proxy/README.md | 36 | ||||
| -rw-r--r-- | roles/docker_img_proxy/defaults/main.yml | 2 | ||||
| -rw-r--r-- | roles/docker_img_proxy/files/proxy_container/Dockerfile | 30 | ||||
| -rwxr-xr-x | roles/docker_img_proxy/files/proxy_container/ipc-watcher.rb | 67 | ||||
| -rwxr-xr-x | roles/docker_img_proxy/files/proxy_container/start.sh | 31 | ||||
| -rw-r--r-- | roles/docker_img_proxy/files/proxy_container/supervisord.conf | 19 | ||||
| -rw-r--r-- | roles/docker_img_proxy/handlers/main.yml | 2 | ||||
| -rw-r--r-- | roles/docker_img_proxy/meta/main.yml | 14 | ||||
| -rw-r--r-- | roles/docker_img_proxy/tasks/main.yml | 11 | ||||
| -rw-r--r-- | roles/docker_img_proxy/vars/main.yml | 2 |
10 files changed, 214 insertions, 0 deletions
diff --git a/roles/docker_img_proxy/README.md b/roles/docker_img_proxy/README.md new file mode 100644 index 000000000..40e14821b --- /dev/null +++ b/roles/docker_img_proxy/README.md @@ -0,0 +1,36 @@ +Role Name +========= + +The purpose of this role is to setup files to do the proxy docker image build + +Requirements +------------ + +Docker + +Role Variables +-------------- + +None + +Dependencies +------------ + +None + +Example Playbook +---------------- + + - hosts: servers + roles: + - docker_img_proxy + +License +------- + +ASL 2.0 + +Author Information +------------------ + +Thomas Wiest diff --git a/roles/docker_img_proxy/defaults/main.yml b/roles/docker_img_proxy/defaults/main.yml new file mode 100644 index 000000000..56526bf1b --- /dev/null +++ b/roles/docker_img_proxy/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for docker_img_proxy diff --git a/roles/docker_img_proxy/files/proxy_container/Dockerfile b/roles/docker_img_proxy/files/proxy_container/Dockerfile new file mode 100644 index 000000000..3887337ab --- /dev/null +++ b/roles/docker_img_proxy/files/proxy_container/Dockerfile @@ -0,0 +1,30 @@ +# This FROM gives us the proper oo-rhui certs, basic runtime env vars, basic repos, etc. +# Otherwise we can't install anything +FROM rhel6ops + +MAINTAINER Thomas Wiest <twiest@redhat.com> + +RUN yum -y update ; yum clean all + +# Container Specific RPMs +RUN yum -y install rhc-server-common httpd mod_security mod_ssl haproxy15 supervisor ruby ; yum clean all +# this needs to be on it's own line, otherwise the libra_user group isn't setup properly yet +RUN yum -y install rhc-site-static ; yum clean all + +# WORKKAROUND: for a bug in supervisor that causes it to use 100% cpu +RUN yum -y install https://kojipkgs.fedoraproject.org//work/tasks/8506/7818506/supervisor-2.1-9.el6.noarch.rpm ; yum clean all + +# Setup libra_user group with correct members +RUN usermod -a -G libra_user apache + +# Setup ctr-ipc dir +RUN ln -s /shared/var/run/ctr-ipc /var/run/ctr-ipc + +# common +ADD supervisord.conf /etc/supervisord.conf +ADD start.sh /usr/local/sbin/start.sh +ADD ipc-watcher.rb /usr/local/sbin/ipc-watcher.rb + +EXPOSE 80 443 4999 + +CMD ["/usr/local/sbin/start.sh"] diff --git a/roles/docker_img_proxy/files/proxy_container/ipc-watcher.rb b/roles/docker_img_proxy/files/proxy_container/ipc-watcher.rb new file mode 100755 index 000000000..202a58124 --- /dev/null +++ b/roles/docker_img_proxy/files/proxy_container/ipc-watcher.rb @@ -0,0 +1,67 @@ +#!/usr/bin/env ruby + +require 'fileutils' + +module OpenShift + module Ops + class Notify + def self.puts(msg) + $stdout.puts "#{Time.now}: #{msg}" + end + end + + class WatchForIpcs + IPC_DIR = '/var/run/ctr-ipc' + POLL_INTERVAL = 10 # second + HAPROXY_CONF = '/etc/haproxy/haproxy.cfg' + HAPROXY_PID_FILE = '/var/run/haproxy.pid' + + def self.wait_for_service() + loop do + Dir.glob("#{IPC_DIR}/service/*").each do |svc_file| + svc = File.basename(svc_file) + action = File.read(svc_file) + Notify.puts "Found IPC service file: #{svc}" + Notify.puts " Action requested: #{action}" + + # Make sure we don't handle this multiple times + FileUtils.rm(svc_file) + + handle_service_ipc(svc, action) + end + + sleep POLL_INTERVAL + end + end + + def self.handle_service_ipc(svc, action) + cmd = nil + case svc + when 'httpd' + case action + when 'restart', 'reload' + cmd = "/usr/sbin/apachectl -k graceful" + end + when 'haproxy' + case action + when 'restart' + cmd = "/usr/sbin/haproxy -f #{HAPROXY_CONF} -p #{HAPROXY_PID_FILE} -sf $(/bin/cat #{HAPROXY_PID_FILE})" + end + end + + if cmd.nil? + Notify.puts " Warning: Not handling #{svc} #{action}" + return + end + + Notify.puts " Running: #{cmd}" + output = %x[#{cmd} 2>&1] + Notify.puts " Output: #{output}" + end + end + end +end + +if __FILE__ == $0 + OpenShift::Ops::WatchForIpcs.wait_for_service() +end diff --git a/roles/docker_img_proxy/files/proxy_container/start.sh b/roles/docker_img_proxy/files/proxy_container/start.sh new file mode 100755 index 000000000..93e398b3a --- /dev/null +++ b/roles/docker_img_proxy/files/proxy_container/start.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +echo _ +for shared_dir in /etc/haproxy /etc/pki /etc/httpd /var/lib/haproxy +do + echo "Setting up /shared${shared_dir}..." + rm -rf $shared_dir + ln -s /shared${shared_dir} $shared_dir +done +echo _ + +CTR_CONFIG_FLAG='/shared/var/run/ctr-ipc/flag/ctr_configured' +while ! [ -f "$CTR_CONFIG_FLAG" ] +do + echo "Sleeping 10 seconds, waiting for $CTR_CONFIG_FLAG" + sleep 10 +done + +# Fix broken sym links +echo "Fixing symlink /etc/httpd/logs..." +ln -sf /var/log/httpd /shared/etc/httpd/logs + +echo "Fixing symlink /etc/httpd/modules..." +ln -sf /usr/lib64/httpd/modules /shared/etc/httpd/modules + +echo "Fixing symlink /etc/httpd/run..." +ln -sf /var/run/httpd /shared/etc/httpd/run +echo _ + +echo "Starting supervisord" +exec /usr/bin/supervisord diff --git a/roles/docker_img_proxy/files/proxy_container/supervisord.conf b/roles/docker_img_proxy/files/proxy_container/supervisord.conf new file mode 100644 index 000000000..3459d20db --- /dev/null +++ b/roles/docker_img_proxy/files/proxy_container/supervisord.conf @@ -0,0 +1,19 @@ +[supervisord] +http_port = 127.0.0.1:9001 +nodaemon=true +pidfile = /var/run/supervisord.pid + +[supervisorctl] +serverurl = http://127.0.0.1:9001 + +[program:haproxy] +command=/bin/bash -c "echo $$ > /var/run/haproxy.pid && exec /usr/sbin/haproxy -db -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid" +priority=1 + +[program:httpd] +command=/bin/bash -c "source /etc/sysconfig/httpd && exec /usr/sbin/httpd -DFOREGROUND" +priority=500 + +[program:ipc-watcher.rb] +command=/bin/bash -c "/usr/local/sbin/ipc-watcher.rb" +priority=999 diff --git a/roles/docker_img_proxy/handlers/main.yml b/roles/docker_img_proxy/handlers/main.yml new file mode 100644 index 000000000..9b5fe2b3d --- /dev/null +++ b/roles/docker_img_proxy/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for docker_img_build diff --git a/roles/docker_img_proxy/meta/main.yml b/roles/docker_img_proxy/meta/main.yml new file mode 100644 index 000000000..40f83bf2f --- /dev/null +++ b/roles/docker_img_proxy/meta/main.yml @@ -0,0 +1,14 @@ +--- +galaxy_info: + author: Thomas Wiest + description: Tools to do docker image builds + company: Red Hat + license: ASL 2.0 + min_ansible_version: 1.6 + platforms: + - name: EL + versions: + - 7 + categories: + - docker +dependencies: [] diff --git a/roles/docker_img_proxy/tasks/main.yml b/roles/docker_img_proxy/tasks/main.yml new file mode 100644 index 000000000..af1238c20 --- /dev/null +++ b/roles/docker_img_proxy/tasks/main.yml @@ -0,0 +1,11 @@ +--- +- name: deploy proxy image build files + file: dest=/usr/local/etc/containers/proxy_container mode=755 state=directory + +- name: deploy proxy image build files + copy: "src=proxy_container/{{ item.name }} dest=/usr/local/etc/containers/proxy_container/{{ item.name }} mode={{ item.mode }}" + with_items: + - { name: 'Dockerfile', mode: '644' } + - { name: 'ipc-watcher.rb', mode: '755' } + - { name: 'start.sh', mode: '755' } + - { name: 'supervisord.conf', mode: '644' } diff --git a/roles/docker_img_proxy/vars/main.yml b/roles/docker_img_proxy/vars/main.yml new file mode 100644 index 000000000..a662f86e9 --- /dev/null +++ b/roles/docker_img_proxy/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for docker_img_proxy |