propellor-0.2.0: property-based host configuration management in haskell

Safe HaskellNone

Propellor.Property.Docker

Description

Docker support for propellor

The existance of a docker container is just another Property of a system, which propellor can set up. See config.hs for an example.

Note that propellor provisions a container by running itself, inside the container. Currently, to avoid the overhead of building propellor inside the container, the binary from outside is reused inside. So, the libraries that propellor is linked against need to be available in the container with compatable versions. This can cause a problem if eg, mixing Debian stable and unstable.

Synopsis

Documentation

configured :: PropertySource

Configures docker with an authentication file, so that images can be pushed to index.docker.io.

docked :: (HostName -> ContainerName -> Maybe Container) -> HostName -> ContainerName -> RevertablePropertySource

Ensures that a docker container is set up and running. The container has its own Properties which are handled by running propellor inside the container.

Reverting this property ensures that the container is stopped and removed.

garbageCollected :: PropertySource

Causes *any* docker images that are not in use by running containers to be deleted. And deletes any containers that propellor has set up before that are not currently running. Does not delete any containers that were not set up using propellor.

Generally, should come after the properties for the desired containers.

containerProperties :: (HostName -> ContainerName -> Maybe Container) -> HostName -> Maybe [Property]Source

Pass to defaultMain to add docker containers. You need to provide the function mapping from HostName and ContainerName to the Container to use.

data Container Source

This type is used to configure a docker container. It has an image, and a list of Properties, but these properties are Containerized; they can specify things about the container's configuration, in addition to properties of the system inside the container.

data Containerized a Source

Constructors

Containerized [RunParam] a 

type RunParam = StringSource

Parameters to pass to `docker run` when creating a container.

type Image = StringSource

A docker image, that can be used to run a container.

type ContainerName = StringSource

A short descriptive name for a container. Should not contain whitespace or other unusual characters, only [a-zA-Z0-9_.-] are allowed

inside1 :: Property -> Containerized PropertySource

Lift a Property to apply inside a container.

dns :: String -> Containerized PropertySource

Set custom dns server for container.

hostname :: String -> Containerized PropertySource

Set container host name.

name :: String -> Containerized PropertySource

Set name for container. (Normally done automatically.)

publish :: String -> Containerized PropertySource

Publish a container's port to the host (format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort)

user :: String -> Containerized PropertySource

Username or UID for container.

volume :: String -> Containerized PropertySource

Bind mount a volume

workdir :: String -> Containerized PropertySource

Work dir inside the container.

memory :: String -> Containerized PropertySource

Memory limit for container. Format: numberunit, where unit = b, k, m or g

data ContainerId Source

A container is identified by its name, and the host on which it's deployed.

data ContainerIdent Source

Two containers with the same ContainerIdent were started from the same base image (possibly a different version though), and with the same RunParams.

fromContainerized :: forall a. [Containerized a] -> [a]Source

chain :: String -> IO ()Source

Called when propellor is running inside a docker container. The string should be the container's ContainerId.

Fork a thread to run the SimpleSh server in the background. In the foreground, run an interactive bash (or sh) shell, so that the user can interact with it when attached to the container.

When the system reboots, docker restarts the container, and this is run again. So, to make the necessary services get started on boot, this needs to provision the container then. However, if the container is already being provisioned by the calling propellor, it would be redundant and problimatic to also provisoon it here.

The solution is a flag file. If the flag file exists, then the container was already provisioned. So, it must be a reboot, and time to provision again. If the flag file doesn't exist, don't provision here.

provisionContainer :: ContainerId -> PropertySource

Once a container is running, propellor can be run inside it to provision it.

Note that there is a race here, between the simplesh server starting up in the container, and this property being run. So, retry connections to the client for up to 1 minute.

listContainers :: ContainerFilter -> IO [ContainerId]Source

Only lists propellor managed containers.

propellorIdent :: FilePathSource

The ContainerIdent of a container is written to /.propellor-ident inside it. This can be checked to see if the container has the same ident later.

namedPipe :: ContainerId -> FilePathSource

Named pipe used for communication with the container.