summaryrefslogtreecommitdiff
path: root/global/overlay/etc/puppet/modules/sunet/templates/dockerhost
diff options
context:
space:
mode:
Diffstat (limited to 'global/overlay/etc/puppet/modules/sunet/templates/dockerhost')
-rwxr-xr-xglobal/overlay/etc/puppet/modules/sunet/templates/dockerhost/20unbound.erb98
-rw-r--r--global/overlay/etc/puppet/modules/sunet/templates/dockerhost/logrotate_docker-containers.erb7
-rw-r--r--global/overlay/etc/puppet/modules/sunet/templates/dockerhost/unbound_docker.conf.erb5
3 files changed, 0 insertions, 110 deletions
diff --git a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/20unbound.erb b/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/20unbound.erb
deleted file mode 100755
index 0374ac7..0000000
--- a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/20unbound.erb
+++ /dev/null
@@ -1,98 +0,0 @@
-#!/bin/bash
-#
-# This script registers/removes docker containers IP addresses
-# from the local unbound resolver in the post-start / pre-stop actions.
-#
-# For action pre-start, it checks if there is a CID file that needs to be
-# cleaned away to not prevent the new container from starting.
-#
-
-# sunet_docker_pre-post: CID d05a0842ce1700ee3328d42ccf5c2f29cc3d71fa6dcc6a72f994f8d032453be7
-# sunet_docker_pre-post: ACTION pre-stop
-# sunet_docker_pre-post: IMAGE docker.sunet.se/eduid/eduid-mm-service
-# sunet_docker_pre-post: NAME eduid-mm-service
-#for e in "CID" "ACTION" "IMAGE" "NAME"; do
-# logger -t sunet_docker_pre-post "$e `printenv $e`"
-#done
-
-logtag="sunet_docker_pre-post[$ACTION]"
-logger -t "${logtag}" "$NAME ($IMAGE), CID: '$CID'"
-
-if [ "x$ACTION" = "xpre-start" ]; then
- # Work-around: if unbound is not running when a container starts, it will get
- # an incorrect /etc/resolv.conf (SUNET resolvers). It will then later on be
- # unable to resolv .docker hostnames.
- service unbound status > /dev/null
- if [ $? -ne 0 ]; then
- for retry in 1 2 3 4 5 6 7 8 9 10; do
- sleep 3
- logger -t "${logtag}" "Waiting for service unbound"
- service unbound status > /dev/null
- if [ $? -eq 0 ]; then
- break
- fi
- done
- fi
-
- service unbound status > /dev/null
- if [ $? -ne 0 ]; then
- logger -t "${logtag}" "Service unbound not running! Aborting."
- exit 0
- fi
- if [ -f "${CIDFILE}" ]; then
- # Clean away the CID file in pre-start if the container is in fact not running
- docker inspect "${CID}" 2>/dev/null || (
- logger -t "${logtag}" "Removing left-over CID file '${CIDFILE}' (CID ${CID})";
- rm -f "${CIDFILE}"
- )
- fi
-
- # Remove any stopped container with this name to prevent the docker start script
- # from just restarting that one (instead of starting the currently tagged image,
- # which might be newer than the one used by the old container)
- docker inspect "${NAME}" && docker rm "${NAME}"
- exit 0
-fi
-
-if [ "x${CID}" = "x" ]; then
- CID=$(docker inspect --format '{{ .Id }}' "${NAME}" 2>/dev/null)
-
- if [ "x${CID}" = "x" ]; then
- # sometimes containers start slow...
- for retry in 1 2 3 4 5; do
- sleep 1
- logger -t "${logtag}" "Retrying CID lookup for ${NAME}"
- CID=$(docker inspect --format '{{ .Id }}' "${NAME}" 2>/dev/null)
- if [ "x${CID}" != "x" ]; then
- break
- fi
- done
- fi
-
- if [ "x${CID}" = "x" ]; then
- logger -t "${logtag}" "No CID provided or found! Aborting."
- exit 0
- fi
-
- logger -t "${logtag}" "Found CID ${CID} using docker inspect on '${NAME}'"
-fi
-
-# Remove registered name.
-# XXX this does NOT handle multiple instances of the same image running on
-# a single Docker host!
-logger -t "${logtag}" "Un-registering ${NAME}.docker"
-unbound-control local_data_remove "${NAME}.docker." > /dev/null
-
-# If it is a container starting up, register it's IP address
-if [ "x$ACTION" = "xpost-start" ]; then
- ip=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' "${CID}" 2>/dev/null)
- if [ "x${ip}" = "x" ]; then
- logger -t "${logtag}" "Failed to get IP from CID ${CID}. Aborting."
- exit 0
- fi
- unbound-control local_data "${NAME}.docker. 60 IN A ${ip}" > /dev/null
- # Register reverse pointer - there is no local_data_ptr command unfortunately
- ptr=$(echo "${ip}" | awk -F . '{print $4"."$3"."$2"."$1".in-addr.arpa."}')
- unbound-control local_data "${ptr} 60 IN PTR ${NAME}.docker."
- logger -t "${logtag}" "Registered ${NAME}.docker at ${ip}"
-fi
diff --git a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/logrotate_docker-containers.erb b/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/logrotate_docker-containers.erb
deleted file mode 100644
index 6cf5fe9..0000000
--- a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/logrotate_docker-containers.erb
+++ /dev/null
@@ -1,7 +0,0 @@
-/var/lib/docker/containers/*/*.log {
- rotate 7
- daily
- compress
- delaycompress
- copytruncate
-}
diff --git a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/unbound_docker.conf.erb b/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/unbound_docker.conf.erb
deleted file mode 100644
index f6bb382..0000000
--- a/global/overlay/etc/puppet/modules/sunet/templates/dockerhost/unbound_docker.conf.erb
+++ /dev/null
@@ -1,5 +0,0 @@
-server:
- local-zone: docker. static
- interface: 127.0.0.1
- interface: 172.17.42.1
- access-control: 172.16.0.0/12 allow