diff options
Diffstat (limited to 'global/overlay/etc/puppet/modules/sunet/templates/dockerhost')
3 files changed, 0 insertions, 110 deletions
diff --git a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/20unbound.erb b/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/20unbound.erb deleted file mode 100755 index 0374ac7..0000000 --- a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/20unbound.erb +++ /dev/null @@ -1,98 +0,0 @@ -#!/bin/bash -# -# This script registers/removes docker containers IP addresses -# from the local unbound resolver in the post-start / pre-stop actions. -# -# For action pre-start, it checks if there is a CID file that needs to be -# cleaned away to not prevent the new container from starting. -# - -# sunet_docker_pre-post: CID d05a0842ce1700ee3328d42ccf5c2f29cc3d71fa6dcc6a72f994f8d032453be7 -# sunet_docker_pre-post: ACTION pre-stop -# sunet_docker_pre-post: IMAGE docker.sunet.se/eduid/eduid-mm-service -# sunet_docker_pre-post: NAME eduid-mm-service -#for e in "CID" "ACTION" "IMAGE" "NAME"; do -# logger -t sunet_docker_pre-post "$e `printenv $e`" -#done - -logtag="sunet_docker_pre-post[$ACTION]" -logger -t "${logtag}" "$NAME ($IMAGE), CID: '$CID'" - -if [ "x$ACTION" = "xpre-start" ]; then - # Work-around: if unbound is not running when a container starts, it will get - # an incorrect /etc/resolv.conf (SUNET resolvers). It will then later on be - # unable to resolv .docker hostnames. - service unbound status > /dev/null - if [ $? -ne 0 ]; then - for retry in 1 2 3 4 5 6 7 8 9 10; do - sleep 3 - logger -t "${logtag}" "Waiting for service unbound" - service unbound status > /dev/null - if [ $? -eq 0 ]; then - break - fi - done - fi - - service unbound status > /dev/null - if [ $? -ne 0 ]; then - logger -t "${logtag}" "Service unbound not running! Aborting." - exit 0 - fi - if [ -f "${CIDFILE}" ]; then - # Clean away the CID file in pre-start if the container is in fact not running - docker inspect "${CID}" 2>/dev/null || ( - logger -t "${logtag}" "Removing left-over CID file '${CIDFILE}' (CID ${CID})"; - rm -f "${CIDFILE}" - ) - fi - - # Remove any stopped container with this name to prevent the docker start script - # from just restarting that one (instead of starting the currently tagged image, - # which might be newer than the one used by the old container) - docker inspect "${NAME}" && docker rm "${NAME}" - exit 0 -fi - -if [ "x${CID}" = "x" ]; then - CID=$(docker inspect --format '{{ .Id }}' "${NAME}" 2>/dev/null) - - if [ "x${CID}" = "x" ]; then - # sometimes containers start slow... - for retry in 1 2 3 4 5; do - sleep 1 - logger -t "${logtag}" "Retrying CID lookup for ${NAME}" - CID=$(docker inspect --format '{{ .Id }}' "${NAME}" 2>/dev/null) - if [ "x${CID}" != "x" ]; then - break - fi - done - fi - - if [ "x${CID}" = "x" ]; then - logger -t "${logtag}" "No CID provided or found! Aborting." - exit 0 - fi - - logger -t "${logtag}" "Found CID ${CID} using docker inspect on '${NAME}'" -fi - -# Remove registered name. -# XXX this does NOT handle multiple instances of the same image running on -# a single Docker host! -logger -t "${logtag}" "Un-registering ${NAME}.docker" -unbound-control local_data_remove "${NAME}.docker." > /dev/null - -# If it is a container starting up, register it's IP address -if [ "x$ACTION" = "xpost-start" ]; then - ip=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' "${CID}" 2>/dev/null) - if [ "x${ip}" = "x" ]; then - logger -t "${logtag}" "Failed to get IP from CID ${CID}. Aborting." - exit 0 - fi - unbound-control local_data "${NAME}.docker. 60 IN A ${ip}" > /dev/null - # Register reverse pointer - there is no local_data_ptr command unfortunately - ptr=$(echo "${ip}" | awk -F . '{print $4"."$3"."$2"."$1".in-addr.arpa."}') - unbound-control local_data "${ptr} 60 IN PTR ${NAME}.docker." - logger -t "${logtag}" "Registered ${NAME}.docker at ${ip}" -fi diff --git a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/logrotate_docker-containers.erb b/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/logrotate_docker-containers.erb deleted file mode 100644 index 6cf5fe9..0000000 --- a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/logrotate_docker-containers.erb +++ /dev/null @@ -1,7 +0,0 @@ -/var/lib/docker/containers/*/*.log { - rotate 7 - daily - compress - delaycompress - copytruncate -} diff --git a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/unbound_docker.conf.erb b/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/unbound_docker.conf.erb deleted file mode 100644 index f6bb382..0000000 --- a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/unbound_docker.conf.erb +++ /dev/null @@ -1,5 +0,0 @@ -server: - local-zone: docker. static - interface: 127.0.0.1 - interface: 172.17.42.1 - access-control: 172.16.0.0/12 allow |