You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@brooklyn.apache.org by dr...@apache.org on 2017/06/29 15:35:45 UTC
[03/50] [abbrv] brooklyn-server git commit: Update swarm docs to
match current functionality
Update swarm docs to match current functionality
Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/1e696234
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/1e696234
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/1e696234
Branch: refs/heads/master
Commit: 1e69623456ce2292df59716fb661e9599e773704
Parents: f0c3290
Author: Svetoslav Neykov <sv...@cloudsoftcorp.com>
Authored: Tue Feb 14 11:50:45 2017 +0200
Committer: Andrew Donald Kennedy <an...@cloudsoftcorp.com>
Committed: Fri May 19 14:01:20 2017 +0100
----------------------------------------------------------------------
docker-location/docker-container-location.md | 36 ++++++++++----------
docker-location/docker-swarm-location.md | 40 +++++++++++++----------
2 files changed, 40 insertions(+), 36 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/1e696234/docker-location/docker-container-location.md
----------------------------------------------------------------------
diff --git a/docker-location/docker-container-location.md b/docker-location/docker-container-location.md
index cd53ddc..0c105fc 100644
--- a/docker-location/docker-container-location.md
+++ b/docker-location/docker-container-location.md
@@ -15,13 +15,13 @@ Here is an example catalog item to add a Docker engine endpoint to your catalog
name: "My Docker engine"
itemType: location
item:
- type: jclouds:docker
+ type: docker
brooklyn.config:
- endpoint: << endpoint >>
+ endpoint: https://<< address >>:<< port >>
identity: << path to my cert.pem >>
credential: << path to my key.pem >>
- image: "cloudsoft/centos:7"
- loginUser.password: "p4ssw0rd"
+ # Default image if no other explicitly set
+ # imageId: "cloudsoft/centos:7"
**Note** The endpoint of a Docker engine is the IP + port where the docker engine is currently running. As for the identity and credential, the Docker engine will generate those by default in `~/.docker/certs` folder, unless you specified them during the installation.
@@ -29,38 +29,38 @@ Here is an example catalog item to add a Docker engine endpoint to your catalog
Once your Docker container location has been configured, AMP can launch instances based on a `DockerContainer` entity, this means additional configuration such as custom docker images can be specified. Here's an example which sets up a [Wordpress](https://wordpress.org/) instance:
- location:
- << see above >>
+ # see above for a definition of the location
+ location: my-docker-engine
services:
- type: io.cloudsoft.amp.containerservice.dockercontainer.DockerContainer
id: wordpress-mysql
name: MySQL
brooklyn.config:
+ mysql.root_password: password
docker.container.imageName: mysql:5.6
+ # Maps the port to the host node, making it available for external access
docker.container.inboundPorts:
- "3306"
- provisioning.properties:
- env:
- MYSQL_ROOT_PASSWORD: "password"
- deployment: wordpress-mysql
+ docker.container.environment:
+ MYSQL_ROOT_PASSWORD: $brooklyn:config("mysql.root_password")
- type: io.cloudsoft.amp.containerservice.dockercontainer.DockerContainer
id: wordpress
name: Wordpress
brooklyn.config:
docker.container.imageName: wordpress:4-apache
+ # Maps the port to the host node, making it available for external access
docker.container.inboundPorts:
- "80"
- provisioning.properties:
- env:
- WORDPRESS_DB_HOST: "wordpress-mysql"
- WORDPRESS_DB_PASSWORD: "password"
+ docker.container.environment:
+ WORDPRESS_DB_HOST: $brooklyn:entity("wordpress-mysql").attributeWhenReady("host.subnet.address")
+ WORDPRESS_DB_PASSWORD: $brooklyn:entity("wordpress-mysql").config("mysql.root_password")
#### Docker container configuration
To configure the `DockerContainer` entity, the following configuration params are available:
-- **docker.container.disableSsh** Skip checks such as ssh for when docker image doesn't allow ssh
-- **docker.container.imageName** Image name to pull from docker hub
-- **docker.container.inboundPorts** List of ports, that the docker image opens, to be made public
-- **docker.container.environment** Environment variables to set on container startup. This must be a map
+- **docker.container.disableSsh** Skip checks such as ssh for when docker image doesn't allow ssh; use the default image `cloudsoft/centos:7` for ssh-able image
+- **docker.container.imageName** Image name to pull from docker hub; overrides the default one `cloudsoft/centos:7`
+- **docker.container.inboundPorts** List of ports, that the docker image maps to the host, opening them to the public
+- **docker.container.environment** Environment variables to set on container startup; this must be a map
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/1e696234/docker-location/docker-swarm-location.md
----------------------------------------------------------------------
diff --git a/docker-location/docker-swarm-location.md b/docker-location/docker-swarm-location.md
index ca3a5e1..0c69417 100644
--- a/docker-location/docker-swarm-location.md
+++ b/docker-location/docker-swarm-location.md
@@ -15,27 +15,31 @@ Here is an example catalog item to add a Docker Swarm endpoint to your catalog l
name: "My Docker Swarm"
itemType: location
item:
- type: jclouds:docker
+ type: docker
brooklyn.config:
- endpoint: << endpoint >>
+ endpoint: https://<< address >>:<< port >>
identity: << path to my cert.pem >>
credential: << path to my key.pem >>
- image: "cloudsoft/centos:7"
- loginUser.password: "p4ssw0rd"
+ # Default image if no other explicitly set
+ # imageId: "cloudsoft/centos:7"
+ templateOptions:
+ networkMode: "brooklyn"
-**Note** if you have provisioned your own docker swarm you may need to first pull the Cloudsoft configured image on the Swarm Manager:
+**Note** if you have provisioned your own docker swarm you may need to first pull the Cloudsoft
+configured image on the Swarm Manager. Another recommended step is to create a default network for the containers:
docker -H ${swarm_endpoint} ${TLS_OPTIONS} pull cloudsoft/centos:7
docker -H ${swarm_endpoint} ${TLS_OPTIONS} images --no-trunc
+ docker network create --driver=overlay brooklyn
#### Credentials for Deploying to Docker Swarm
To deploy to a Docker Swarm endpoint, you'll need pem files for identity/credential. These can
-either be copied from one of the Docker Engine VMs, or can be generated from the certificate
-authority. The actual IP of the client doesn't matter.
+either be copied from one of the Docker Engine VMs, or can be generated locally and signed by
+the certificate authority. The actual IP of the client doesn't matter.
-To generate your own certificates from the example CA server included in AMP (note this is not recommended for use in a production environment
- and could be subject to future removal):
+To generate your own certificates and signed them with the example CA server included in AMP (note this is not
+recommended for use in a production environment and could be subject to future removal):
# Create your certificates directory
mkdir -p .certs
@@ -45,15 +49,15 @@ To generate your own certificates from the example CA server included in AMP (no
own_ip=192.168.1.64
ca=$(br app "Docker Swarm" ent ca-server sensor main.uri)
echo ${ca}
- curl -X POST ${ca}/generate/${own_ip}
- curl ${ca}/cert/${own_ip}/ca.pem > .certs/ca.pem
- curl ${ca}/cert/${own_ip}/cert.pem > .certs/cert.pem
- curl ${ca}/cert/${own_ip}/key.pem > .certs/key.pem
+ curl -L ${ca}/cacert/ca.pem --output .certs/ca.pem
+ openssl genrsa -out .certs/key.pem 2048
+ openssl req -new -key .certs/key.pem -days 1825 -out .certs/csr.pem -subj "/CN=${own_ip}"
+ curl -X POST --data-binary @.certs/csr.pem ${ca}/sign > .certs/cert.pem
To be able to execute `docker ...` commands locally:
- # Set up TLS options to point at your certificates
- CERTS_DIR=${HOME}/.docker/.certs
+ # Set up TLS options to point at your certificates (created above)
+ CERTS_DIR=$(pwd)/.certs
TLS_OPTIONS="--tlsverify --tlscacert=${CERTS_DIR}/ca.pem --tlscert=${CERTS_DIR}/cert.pem --tlskey=${CERTS_DIR}/key.pem"
# Check docker works
@@ -62,12 +66,12 @@ To be able to execute `docker ...` commands locally:
docker -H ${swarm_endpoint} ${TLS_OPTIONS} ps
# Run something, and check it is listed
- docker -H ${swarm_endpoint} ${TLS_OPTIONS} run hello-world
- docker -H ${swarm_endpoint} ${TLS_OPTIONS} ps -a
+ docker -H ${swarm_endpoint} ${TLS_OPTIONS} run hello-world
+ docker -H ${swarm_endpoint} ${TLS_OPTIONS} ps -a
Instead of explicit parameters to `docker` you can use its environment variables as follows:
export DOCKER_HOST=tcp://10.10.10.152:3376
export DOCKER_TLS_VERIFY=true
- export DOCKER_CERT_PATH=.certs
+ export DOCKER_CERT_PATH=$(pwd)/.certs
docker ps -a
\ No newline at end of file