Safe Haskell | None |
---|
Docker support for propellor
The existance of a docker container is just another Property of a system, which propellor can set up. See config.hs for an example.
- configured :: Property
- installed :: Property
- type ContainerName = String
- container :: ContainerName -> Image -> Host
- cn2hn :: ContainerName -> HostName
- docked :: [Host] -> ContainerName -> RevertableProperty
- findContainer :: [Host] -> ContainerId -> ContainerName -> (Container -> Property) -> Property
- mkContainer :: ContainerId -> Host -> Maybe Container
- garbageCollected :: Property
- data Container = Container Image [RunParam]
- type RunParam = String
- type Image = String
- dns :: String -> Property
- hostname :: String -> Property
- name :: String -> Property
- publish :: String -> Property
- user :: String -> Property
- volume :: String -> Property
- volumes_from :: ContainerName -> Property
- workdir :: String -> Property
- memory :: String -> Property
- link :: ContainerName -> ContainerAlias -> Property
- type ContainerAlias = String
- data ContainerId = ContainerId HostName ContainerName
- data ContainerIdent = ContainerIdent Image HostName ContainerName [RunParam]
- ident2id :: ContainerIdent -> ContainerId
- toContainerId :: String -> Maybe ContainerId
- fromContainerId :: ContainerId -> String
- containerHostName :: ContainerId -> HostName
- myContainerSuffix :: String
- containerDesc :: ContainerId -> Property -> Property
- runningContainer :: ContainerId -> Image -> [RunParam] -> Property
- chain :: String -> IO ()
- provisionContainer :: ContainerId -> Property
- stopContainer :: ContainerId -> IO Bool
- stoppedContainer :: ContainerId -> Property
- removeContainer :: ContainerId -> IO Bool
- removeImage :: Image -> IO Bool
- runContainer :: Image -> [RunParam] -> [String] -> IO Bool
- commitContainer :: ContainerId -> IO (Maybe Image)
- data ContainerFilter
- listContainers :: ContainerFilter -> IO [ContainerId]
- listImages :: IO [Image]
- runProp :: String -> RunParam -> Property
- genProp :: String -> (HostName -> RunParam) -> Property
- propellorIdent :: FilePath
- namedPipe :: ContainerId -> FilePath
- provisionedFlag :: ContainerId -> FilePath
- clearProvisionedFlag :: ContainerId -> IO ()
- setProvisionedFlag :: ContainerId -> IO ()
- checkProvisionedFlag :: ContainerId -> IO Bool
- shimdir :: ContainerId -> FilePath
- identFile :: ContainerId -> FilePath
- readIdentFile :: ContainerId -> IO ContainerIdent
- dockercmd :: String
- report :: [Bool] -> Result
Documentation
Configures docker with an authentication file, so that images can be pushed to index.docker.io.
type ContainerName = StringSource
A short descriptive name for a container. Should not contain whitespace or other unusual characters, only [a-zA-Z0-9_-] are allowed
container :: ContainerName -> Image -> HostSource
Starts accumulating the properties of a Docker container.
container "web-server" "debian" & publish "80:80" & Apt.installed {"apache2"] & ...
cn2hn :: ContainerName -> HostNameSource
docked :: [Host] -> ContainerName -> RevertablePropertySource
Ensures that a docker container is set up and running. The container has its own Properties which are handled by running propellor inside the container.
Reverting this property ensures that the container is stopped and removed.
findContainer :: [Host] -> ContainerId -> ContainerName -> (Container -> Property) -> PropertySource
mkContainer :: ContainerId -> Host -> Maybe ContainerSource
garbageCollected :: PropertySource
Causes *any* docker images that are not in use by running containers to be deleted. And deletes any containers that propellor has set up before that are not currently running. Does not delete any containers that were not set up using propellor.
Generally, should come after the properties for the desired containers.
publish :: String -> PropertySource
Publish a container's port to the host (format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort)
volume :: String -> PropertySource
Mount a volume Create a bind mount with: [host-dir]:[container-dir]:[rw|ro] With just a directory, creates a volume in the container.
volumes_from :: ContainerName -> PropertySource
Mount a volume from the specified container into the current container.
link :: ContainerName -> ContainerAlias -> PropertySource
Link with another container on the same host.
type ContainerAlias = StringSource
A short alias for a linked container. Each container has its own alias namespace.
data ContainerId Source
A container is identified by its name, and the host on which it's deployed.
data ContainerIdent Source
Two containers with the same ContainerIdent were started from the same base image (possibly a different version though), and with the same RunParams.
containerDesc :: ContainerId -> Property -> PropertySource
runningContainer :: ContainerId -> Image -> [RunParam] -> PropertySource
chain :: String -> IO ()Source
Called when propellor is running inside a docker container. The string should be the container's ContainerId.
This process is effectively init inside the container. It even needs to wait on zombie processes!
Fork a thread to run the SimpleSh server in the background. In the foreground, run an interactive bash (or sh) shell, so that the user can interact with it when attached to the container.
When the system reboots, docker restarts the container, and this is run again. So, to make the necessary services get started on boot, this needs to provision the container then. However, if the container is already being provisioned by the calling propellor, it would be redundant and problimatic to also provisoon it here.
The solution is a flag file. If the flag file exists, then the container was already provisioned. So, it must be a reboot, and time to provision again. If the flag file doesn't exist, don't provision here.
provisionContainer :: ContainerId -> PropertySource
Once a container is running, propellor can be run inside it to provision it.
Note that there is a race here, between the simplesh server starting up in the container, and this property being run. So, retry connections to the client for up to 1 minute.
stopContainer :: ContainerId -> IO BoolSource
removeImage :: Image -> IO BoolSource
commitContainer :: ContainerId -> IO (Maybe Image)Source
listContainers :: ContainerFilter -> IO [ContainerId]Source
Only lists propellor managed containers.
listImages :: IO [Image]Source
propellorIdent :: FilePathSource
The ContainerIdent of a container is written to /.propellor-ident inside it. This can be checked to see if the container has the same ident later.
namedPipe :: ContainerId -> FilePathSource
Named pipe used for communication with the container.
clearProvisionedFlag :: ContainerId -> IO ()Source
setProvisionedFlag :: ContainerId -> IO ()Source
shimdir :: ContainerId -> FilePathSource