docker: use docker-compose 3 (#30)

pingcap · May 22, 2019 · f434f96 · f434f96
1 parent 4cadb61
commit f434f96
Show file tree

Hide file tree

Showing 6 changed files with 159 additions and 54 deletions.
diff --git a/docker/control/Dockerfile b/docker/control/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.11
+FROM golang:1.12.1
 MAINTAINER [email protected]
 
 RUN apt-get -y -q update && \

diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml
@@ -0,0 +1,6 @@
+version: '3.7'
+services:
+  control:
+    volumes:
+      # Mounts $CHAOS_ROOT on host to /go/src/github.com/pingcap/chaos control container
+      - ${CHAOS_ROOT}:/go/src/github.com/pingcap/chaos
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
@@ -1,39 +1,43 @@
-version: '2'
+version: '3.7'
+x-node:
+  &default-node
+  build: ./node
+  env_file: ./secret/node.env
+  privileged: true
+  networks:
+    - chaos
+
 services:
   control:
     container_name: chaos-control
     hostname: control
     build: ./control
     env_file: ./secret/control.env
     privileged: true
-    links:
-      - n1
-      - n2
-      - n3
-      - n4
-      - n5
-  node:
-    container_name: chaos-node
-    build: ./node
-    env_file: ./secret/node.env
-    privileged: true
+    ports:
+      - "8080"
+    networks:
+      - chaos
   n1:
-    extends: node
+    << : *default-node
     container_name: chaos-n1
     hostname: n1
   n2:
-    extends: node
+    << : *default-node
     container_name: chaos-n2
     hostname: n2
   n3:
-    extends: node
+    << : *default-node
     container_name: chaos-n3
     hostname: n3
   n4:
-    extends: node
+    << : *default-node
     container_name: chaos-n4
     hostname: n4
   n5:
-    extends: node
+    << : *default-node
     container_name: chaos-n5
     hostname: n5
+
+networks:
+  chaos:
diff --git a/docker/node/Dockerfile b/docker/node/Dockerfile
@@ -1,4 +1,34 @@
-# FIXME: tutum/debian will be deprecated soon: https://github.com/tutumcloud/tutum-debian/blob/master/README.md
-FROM ethercflow/debian:jessie
+# Based on the deprecated `https://github.com/tutumcloud/tutum-debian`
+FROM debian:stretch
 
-RUN rm /etc/apt/apt.conf.d/docker-clean && apt-get update && apt-get install -y sudo net-tools wget sysvinit-core sysvinit sysvinit-utils curl vim man faketime unzip iptables iputils-ping logrotate && apt-get remove -y --purge --auto-remove systemd
+# Install packages
+RUN apt-get update && \
+    apt-get -y install \
+        dos2unix \
+        openssh-server \
+        pwgen \
+        && \
+mkdir -p /var/run/sshd && \
+sed -i "s/UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config && \
+sed -i "s/PermitRootLogin without-password/PermitRootLogin yes/g" /etc/ssh/sshd_config
+
+ENV AUTHORIZED_KEYS **None**
+
+ADD run.sh /run.sh
+RUN dos2unix /run.sh \
+    && chmod +x /*.sh
+
+RUN apt-get update
+RUN apt install -y apt-transport-https
+RUN apt install -y software-properties-common
+
+RUN rm /etc/apt/apt.conf.d/docker-clean && \
+    apt-get update && \
+    apt-get install -y \
+        sudo net-tools wget \
+        curl vim man faketime unzip less \
+        iptables iputils-ping logrotate && \
+    apt-get remove -y --purge --auto-remove systemd
+
+EXPOSE 22
+CMD ["/run.sh"]
diff --git a/docker/node/run.sh b/docker/node/run.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+if [ "${AUTHORIZED_KEYS}" != "**None**" ]; then
+    echo "=> Found authorized keys"
+    mkdir -p /root/.ssh
+    chmod 700 /root/.ssh
+    touch /root/.ssh/authorized_keys
+    chmod 600 /root/.ssh/authorized_keys
+    IFS=$'\n'
+    arr=$(echo ${AUTHORIZED_KEYS} | tr "," "\n")
+    for x in $arr
+    do
+        x=$(echo $x |sed -e 's/^ *//' -e 's/ *$//')
+        cat /root/.ssh/authorized_keys | grep "$x" >/dev/null 2>&1
+        if [ $? -ne 0 ]; then
+            echo "=> Adding public key to /root/.ssh/authorized_keys: $x"
+            echo "$x" >> /root/.ssh/authorized_keys
+        fi
+    done
+fi
+
+exec /usr/sbin/sshd -D
diff --git a/docker/up.sh b/docker/up.sh
@@ -1,4 +1,7 @@
-#!/bin/sh
+#!/usr/bin/env bash
+# "To provide additional docker-compose args, set the COMPOSE var. Ex:
+# COMPOSE="-f FILE_PATH_HERE"
+
 set -e # exit on an error
 
 ERROR(){
@@ -17,58 +20,92 @@ exists() {
     type $1 > /dev/null 2>&1
 }
 
-for f in $@; do
-    case $f in
-	'--help' )
-	    HELP=1
-	    ;;
-	'--init-only' )
-	    INIT_ONLY=1
-	    ;;
-	*)
-	    ERROR "unknown option $1"
-	    exit 1
-	    ;;
+POSITIONAL=()
+while [[ $# -gt 0 ]]
+do
+    key="$1"
+
+    case $key in
+        --help)
+            HELP=1
+            shift # past argument
+            ;;
+        --init-only)
+            INIT_ONLY=1
+            shift # past argument
+            ;;
+        --dev)
+            if [ ! "$CHAOS_ROOT" ]; then
+                export CHAOS_ROOT=$(cd ../ && pwd)
+                INFO "CHAOS_ROOT is not set, defaulting to: $CHAOS_ROOT"
+            fi
+            INFO "Running docker-compose with dev config"
+            DEV="-f docker-compose.dev.yml"
+            shift # past argument
+            ;;
+        --compose)
+            COMPOSE="-f $2"
+            shift # past argument
+            shift # past value
+            ;;
+        -d|--daemon)
+            INFO "Running docker-compose as daemon"
+            RUN_AS_DAEMON=1
+            shift # past argument
+            ;;
+        *)
+            POSITIONAL+=("$1")
+            ERROR "unknown option $1"
+            shift # past argument
+            ;;
     esac
-    shift
 done
+set -- "${POSITIONAL[@]}" # restore positional parameters
 
 if [ "$HELP" ]; then
-    echo "usage: $0 [OPTION]"
+    echo "Usage: $0 [OPTION]"
     echo "  --help                                                Display this message"
-    echo "  --init-only                                           Initializes the secret, but does not call docker-compose"
+    echo "  --init-only                                           Initializes ssh-keys, but does not call docker-compose"
+    echo "  --daemon                                              Runs docker-compose in the background"
+    echo "  --dev                                                 Mounts dir at host's CHAOS_ROOT to /chaos on chaos-control container, syncing files for development"
+    echo "  --compose PATH                                        Path to an additional docker-compose yml config."
+    echo "To provide multiple additional docker-compose args, set the COMPOSE var directly, with the -f flag. Ex: COMPOSE=\"-f FILE_PATH_HERE -f ANOTHER_PATH\" ./up.sh --dev"
     exit 0
 fi
 
 exists ssh-keygen || { ERROR "Please install ssh-keygen (apt-get install openssh-client)"; exit 1; }
 exists perl || { ERROR "Please install perl (apt-get install perl)"; exit 1; }
 
+# Generate SSH keys for the control node
 if [ ! -f ./secret/node.env ]; then
     INFO "Generating key pair"
     ssh-keygen -t rsa -N "" -f ./secret/id_rsa
-    
+
     INFO "Generating ./secret/control.env"
-    echo '# generated by jepsen/docker/up.sh, parsed by jepsen/docker/control/bashrc' > ./secret/control.env
-    echo '# NOTE: \\n is expressed as ↩' >> ./secret/control.env
-    echo SSH_PRIVATE_KEY="$(cat ./secret/id_rsa | perl -p -e 's/\n/↩/g')" >> ./secret/control.env
+    echo "# generated by chaos/docker/up.sh, parsed by chaos/docker/control/bashrc" > ./secret/control.env
+    echo "# NOTE: \\n is expressed as ↩" >> ./secret/control.env
+    echo SSH_PRIVATE_KEY="$(cat ./secret/id_rsa | perl -p -e "s/\n/↩/g")" >> ./secret/control.env
     echo SSH_PUBLIC_KEY=$(cat ./secret/id_rsa.pub) >> ./secret/control.env
-    
+
     INFO "Generating ./secret/node.env"
-    echo '# generated by jepsen/docker/up.sh, parsed by the "tutum/debian" docker image entrypoint script' > ./secret/node.env
+    echo "# generated by chaos/docker/up.sh, parsed by the \"tutum/debian\" docker image entrypoint script" > ./secret/node.env
     echo ROOT_PASS=root >> ./secret/node.env
     echo AUTHORIZED_KEYS=$(cat ./secret/id_rsa.pub) >> ./secret/node.env
 else
     INFO "No need to generate key pair"
 fi
 
-# Dockerfile does not allow `ADD ..`. So we need to copy that.
-INFO "Copying .. to control/chaos"
-(
-    rm -rf ./control/chaos
-    mkdir ./control/chaos
-    (cd ..; tar --exclude=./docker -cf - .)  | tar Cxf ./control/chaos -
-)
-
+# Make sure folders referenced in control Dockerfile exist and don't contain leftover files
+rm -rf ./control/chaos
+mkdir ./control/chaos/
+# Copy the chaos directory if we're not mounting the CHAOS_ROOT
+if [ ! "$DEV" ]; then
+    # Dockerfile does not allow `ADD ..`. So we need to copy it here in setup.
+    INFO "Copying .. to control/chaos"
+    (
+        (cd ..; tar --exclude=./docker -cf - .)  | tar Cxf ./control/chaos -
+    )
+fi
 
 if [ "$INIT_ONLY" ]; then
     exit 0
@@ -78,8 +115,14 @@ exists docker || { ERROR "Please install docker (https://docs.docker.com/engine/
 exists docker-compose || { ERROR "Please install docker-compose (https://docs.docker.com/compose/install/)"; exit 1; }
 
 INFO "Running \`docker-compose build\`"
-docker-compose build
+docker-compose -f docker-compose.yml $COMPOSE $DEV build
 
 INFO "Running \`docker-compose up\`"
-INFO "Please run \`docker exec -it chaos-control bash\` in another terminal to proceed"
-docker-compose up
+if [ "$RUN_AS_DAEMON" ]; then
+    docker-compose -f docker-compose.yml $COMPOSE $DEV up -d
+    INFO "All containers started, run \`docker ps\` to view"
+    exit 0
+else
+    INFO "Please run \`docker exec -it chaos-control bash\` in another terminal to proceed"
+    docker-compose -f docker-compose.yml $COMPOSE $DEV up
+fi