homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update libkv dependency

Browse source
This commit is contained in:
NicoMen 2017-11-17 17:22:03 +01:00 committed by Traefiker
parent cdab6b1796
commit 66e489addb
237 changed files with 62817 additions and 16116 deletions
Download patch file Download diff file Expand all files Collapse all files

210
examples/cluster/docker-compose.yml Normal file
View file

@ -0,0 +1,210 @@
version: '2'
services:
## KV part ##
# CONSUL
consul:
image: progrium/consul
command: -server -bootstrap -log-level debug -ui-dir /ui
ports:
- "8400:8400"
- "8500:8500"
- "8600:53/udp"
expose:
- "8300"
- "8301"
- "8301/udp"
- "8302"
- "8302/udp"
networks:
net:
ipv4_address: 10.0.1.2
# ETCD V3
etcd3:
image: quay.io/coreos/etcd:v3.2.9
command: /usr/local/bin/etcd --data-dir=/etcd-data --name node1 --initial-advertise-peer-urls http://10.0.1.12:2380 --listen-peer-urls http://10.0.1.12:2380 --advertise-client-urls http://10.0.1.12:2379,http://10.0.1.12:4001 --listen-client-urls http://10.0.1.12:2379,http://10.0.1.12:4001 --initial-cluster node1=http://10.0.1.12:2380 --debug
ports:
- "4001:4001"
- "2380:2380"
- "2379:2379"
networks:
net:
ipv4_address: 10.0.1.12
etcdctl-ping:
image: tenstartups/etcdctl
command: --endpoints=[10.0.1.12:2379] get "traefik/acme/storagefile"
environment:
ETCDCTL_DIAL_: "TIMEOUT 10s"
ETCDCTL_API : "3"
networks:
- net
etcdctl-rm:
image: tenstartups/etcdctl
command: --endpoints=[10.0.1.12:2379] del "/traefik/acme/storagefile"
environment:
ETCDCTL_DIAL_: "TIMEOUT 10s"
ETCDCTL_API : "3"
networks:
- net
## BOULDER part ##
boulder:
image: containous/boulder:release
environment:
FAKE_DNS: 172.17.0.1
PKCS11_PROXY_SOCKET: tcp://boulder-hsm:5657
extra_hosts:
- le.wtf:127.0.0.1
- boulder:127.0.0.1
ports:
- 4000:4000 # ACME
- 4002:4002 # OCSP
- 4003:4003 # OCSP
- 4500:4500 # ct-test-srv
- 8000:8000 # debug ports
- 8001:8001
- 8002:8002
- 8003:8003
- 8004:8004
- 8055:8055 # dns-test-srv updates
- 9380:9380 # mail-test-srv
- 9381:9381 # mail-test-srv
restart: unless-stopped
depends_on:
- bhsm
- bmysql
- brabbitmq
networks:
net:
ipv4_address: 10.0.1.3
bhsm:
image: letsencrypt/boulder-tools:2016-11-02
hostname: boulder-hsm
environment:
PKCS11_DAEMON_SOCKET: tcp://0.0.0.0:5657
command: /usr/local/bin/pkcs11-daemon /usr/lib/softhsm/libsofthsm.so
expose:
- 5657
networks:
net:
ipv4_address: 10.0.1.4
aliases:
- boulder-hsm
bmysql:
image: mariadb:10.1
hostname: boulder-mysql
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: "yes"
networks:
net:
ipv4_address: 10.0.1.5
aliases:
- boulder-mysql
brabbitmq:
image: rabbitmq:3-alpine
hostname: boulder-rabbitmq
environment:
RABBITMQ_NODE_IP_ADDRESS: "0.0.0.0"
networks:
net:
ipv4_address: 10.0.1.6
aliases:
- boulder-rabbitmq
## TRAEFIK part ##
traefik-storeconfig:
build:
context: ../..
image: containous/traefik
volumes:
- "./traefik.toml:/traefik.toml:ro"
- "./acme.json:/acme.json:ro"
command: storeconfig --debug
networks:
- net
traefik01:
build:
context: ../..
image: containous/traefik
command: ${TRAEFIK_CMD}
extra_hosts:
- traefik.boulder.com:172.17.0.1
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
expose:
- "443"
- "5001"
ports:
- "80:80"
- "8080:8080"
- "443:443"
- "5001:443" # Needed for SNI challenge
networks:
net:
ipv4_address: 10.0.1.8
traefik02:
build:
context: ../..
image: containous/traefik
command: ${TRAEFIK_CMD}
extra_hosts:
- traefik.boulder.com:172.17.0.1
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
expose:
- "443"
- "5001"
ports:
- "88:80"
- "8888:8080"
- "8443:443"
depends_on:
- traefik01
networks:
net:
ipv4_address: 10.0.1.9
whoami01:
image: emilevauge/whoami
expose:
- "80"
labels:
- "traefik.port=80"
- "traefik.backend=wam01"
- "traefik.frontend.rule=Host:who01.localhost.com"
- "traefik.enable=true"
networks:
net:
ipv4_address: 10.0.1.10
whoami02:
image: emilevauge/whoami
expose:
- "80"
labels:
- "traefik.port=80"
- "traefik.backend=wam02"
- "traefik.frontend.rule=Host:who02.localhost.com"
- "traefik.enable=true"
networks:
- net
networks:
net:
driver: bridge
ipam:
config:
- subnet: 10.0.1.0/26

247
examples/cluster/manage_cluster_docker_environment.sh Executable file
View file

@ -0,0 +1,247 @@
#! /usr/bin/env bash
# Initialize variables
readonly basedir=$(dirname $0)
readonly doc_file=$basedir"/docker-compose.yml"
export COMPOSE_PROJECT_NAME="cluster"
# Stop and remove Docker environment
down_environment() {
echo "DOWN Docker environment"
! docker-compose -f $doc_file down -v &>/dev/null && \
echo "[ERROR] Unable to stop the Docker environment" && exit 11
return 0
}
# Create and start Docker-compose environment or subpart of its services (if services are listed)
# $@ : List of services to start (optional)
up_environment() {
echo "START Docker environment "$@
! docker-compose -f $doc_file up -d $@ &>/dev/null && \
echo "[ERROR] Unable to start Docker environment ${@}" && exit 21
return 0
}
# Stop and remove Docker environment
delete_services() {
echo "DELETE services "$@
! docker-compose -f $doc_file stop $@ &>/dev/null && \
echo "[ERROR] Unable to stop services "$@ && exit 31
! docker-compose -f $doc_file rm -vf $@ &>/dev/null && \
echo "[ERROR] Unable to delete services "$@ && exit 31
return 0
}
# Init the environment : get IP address and create needed files
init_acme_json() {
echo "CREATE empty acme.json file"
rm -f $basedir/acme.json && \
touch $basedir/acme.json && \
echo "{}" > $basedir/acme.json && \
chmod 600 $basedir/acme.json # Needed for ACME
}
start_consul() {
up_environment consul
waiting_counter=12
# Not start Traefik store config if consul is not started
echo "WAIT for consul..."
sleep 5
while [[ -z $(curl -s http://10.0.1.2:8500/v1/status/leader) ]]; do
sleep 5
let waiting_counter-=1
if [[ $waiting_counter -eq 0 ]]; then
echo "[ERROR] Unable to start consul container in the allowed time, the Docker environment will be stopped"
down_environment
exit 41
fi
done
}
start_etcd3() {
up_environment etcd3
waiting_counter=12
# Not start Traefik store config if consul is not started
echo "WAIT for ETCD3..."
while [[ -z $(curl -s --connect-timeout 2 http://10.0.1.12:2379/version) ]]; do
sleep 5
let waiting_counter-=1
if [[ $waiting_counter -eq 0 ]]; then
echo "[ERROR] Unable to start etcd3 container in the allowed time, the Docker environment will be stopped"
down_environment
exit 51
fi
done
}
start_storeconfig_consul() {
init_acme_json
# Create traefik.toml with consul provider
cp $basedir/traefik.toml.tmpl $basedir/traefik.toml
echo '
[consul]
endpoint = "10.0.1.2:8500"
watch = true
prefix = "traefik"' >> $basedir/traefik.toml
up_environment traefik-storeconfig
rm -f $basedir/traefik.toml && rm -f $basedir/acme.json
# Delete acme-storage-file key
waiting_counter=5
# Not start Traefik store config if consul is not started
echo "Delete storage file key..."
while [[ -z $(curl -s http://10.0.1.2:8500/v1/kv/traefik/acme/storagefile) && $waiting_counter -gt 0 ]]; do
sleep 5
let waiting_counter-=1
done
if [[ $waiting_counter -eq 0 ]]; then
echo "[WARN] Unable to get storagefile key in consul"
else
curl -s --request DELETE http://10.0.1.2:8500/v1/kv/traefik/acme/storagefile
ret=$1
if [[ $ret -ne 0 ]]; then
echo "[ERROR] Unable to delete storagefile key from consul kv."
fi
fi
}
start_storeconfig_etcd3() {
init_acme_json
# Create traefik.toml with consul provider
cp $basedir/traefik.toml.tmpl $basedir/traefik.toml
echo '
[etcd]
endpoint = "10.0.1.12:2379"
watch = true
prefix = "/traefik"
useAPIV3 = true' >> $basedir/traefik.toml
up_environment traefik-storeconfig
rm -f $basedir/traefik.toml && rm -f $basedir/acme.json
# Delete acme-storage-file key
waiting_counter=5
# Not start Traefik store config if consul is not started
echo "Delete storage file key..."
while [[ $(docker-compose -f $doc_file up --exit-code-from etcdctl-ping etcdctl-ping &>/dev/null) -ne 0 && $waiting_counter -gt 0 ]]; do
sleep 5
let waiting_counter-=1
done
# Not start Traefik store config if consul is not started
echo "Delete storage file key from ETCD3..."
up_environment etcdctl-rm && \
delete_services etcdctl-rm traefik-storeconfig etcdctl-ping
}
start_traefik() {
up_environment traefik01
# Waiting for the first instance which is mapped to the host as leader before to start the second one
waiting_counter=5
echo "WAIT for traefik leader..."
sleep 10
while [[ -z $(curl -s --connect-timeout 3 http://10.0.1.8:8080/ping) ]]; do
sleep 2
let waiting_counter-=1
if [[ $waiting_counter -eq 0 ]]; then
echo "[ERROR] Unable to start Traefik leader container in the allowed time, the Docker environment will be stopped"
down_environment
exit 51
fi
done
up_environment whoami01
waiting_counter=5
echo "WAIT for whoami..."
sleep 10
while [[ -z $(curl -s --connect-timeout 3 http://10.0.1.10) ]]; do
sleep 2
let waiting_counter-=1
if [[ $waiting_counter -eq 0 ]]; then
echo "[ERROR] Unable to start whoami container in the allowed time, the Docker environment will be stopped"
down_environment
exit 52
fi
done
up_environment traefik02 whoami02
}
# Start boulder services
start_boulder() {
echo "Start boulder environment"
up_environment bmysql brabbitmq bhsm boulder
waiting_counter=12
# Not start Traefik if boulder is not started
echo "WAIT for boulder..."
while [[ -z $(curl -s http://10.0.1.3:4000/directory) ]]; do
sleep 5
let waiting_counter-=1
if [[ $waiting_counter -eq 0 ]]; then
echo "[ERROR] Unable to start boulder container in the allowed time, the Docker environment will be stopped"
down_environment
exit 61
fi
done
echo "Boulder started."
}
# Script usage
show_usage() {
echo
echo "USAGE : manage_cluster_docker_environment.sh [--start [--consul|--etcd3]|--stop|--restart [--consul|--etcd3]]"
echo
}
# Main method
# $@ All parameters given
main() {
[[ $# -lt 1 && $# -gt 2 ]] && show_usage && exit 1
case $1 in
"--start")
[[ $# -ne 2 ]] && show_usage && exit 2
# The domains who01.localhost.com and who02.localhost.com have to refer 127.0.0.1
# I, the /etc/hosts file
for whoami_idx in "01" "02"; do
[[ -z $(cat /etc/hosts | grep "127.0.0.1" | grep -vE "^#" | grep "who${whoami_idx}.localhost.com") ]] && \
echo "[ERROR] Domain who${whoami_idx}.localhost.com has to refer to 127.0.0.1 into /etc/hosts file." && \
exit 3
done
case $2 in
"--etcd3")
echo "USE ETCD V3 AS KV STORE"
export TRAEFIK_CMD="--etcd --etcd.endpoint=10.0.1.12:2379 --etcd.useAPIV3=true"
start_boulder && \
start_etcd3 && \
start_storeconfig_etcd3 && \
start_traefik
;;
"--consul")
echo "USE CONSUL AS KV STORE"
export TRAEFIK_CMD="--consul --consul.endpoint=10.0.1.2:8500"
start_boulder && \
start_consul && \
start_storeconfig_consul && \
start_traefik
;;
*)
show_usage && exit 4
;;
esac
echo "ENVIRONMENT SUCCESSFULLY STARTED"
;;
"--stop")
! down_environment
echo "ENVIRONMENT SUCCESSFULLY STOPPED"
;;
"--restart")
[[ $# -ne 2 ]] && show_usage && exit 5
down_environment
main --start $2
;;
*)
show_usage && exit 6
;;
esac
}
main $@

28
examples/cluster/traefik.toml.tmpl Normal file
View file

@ -0,0 +1,28 @@
logLevel = "DEBUG"
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[acme]
email = "test@traefik.io"
storage = "traefik/acme/account"
storageFile = "/acme.json"
entryPoint = "https"
OnHostRule = true
caServer = "http://traefik.boulder.com:4000/directory"
[web]
address = ":8080"
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "localhost.com"
watch = true
exposedbydefault = false