def rebind_container_ip(container): task_id = random_string(10) pub_agent_vlan_key = 'eru:agent:%s:vlan' % container.host.name feedback_key = 'eru:agent:%s:feedback' % task_id ips = container.ips.all() if not ips: return values = [task_id, container.container_id, container.ident_id] values += ['{0}:{1}'.format(ip.vlan_seq_id, ip.vlan_address) for ip in ips] @retrying.retry(retry_on_result=lambda r: not r) def bind_container_ip(): rds.publish(pub_agent_vlan_key, '|'.join(values)) for _ in ips: rv = rds.blpop(feedback_key, 15) if rv is None: break succ = rv[1].split('|')[0] if succ == '0': break else: return True rds.delete(feedback_key) return False bind_container_ip()
def bind_container_ip(container, ips, nid=None): """ nid就是network的id. 为了防止agent那边生成重复的nid, 需要覆盖掉默认的nid的值. """ if not ips: return task_id = random_string(10) pub_agent_vlan_key = 'eru:agent:%s:vlan' % container.host.name feedback_key = 'eru:agent:%s:feedback' % task_id values = [task_id, container.container_id] values += ['{0}:{1}'.format(nid or ip.vlan_seq_id, ip.vlan_address) for ip in ips] @retrying.retry(retry_on_result=lambda r: not r) def _bind_container_ip(): rds.publish(pub_agent_vlan_key, '|'.join(values)) for _ in ips: rv = rds.blpop(feedback_key, 15) if rv is None: break succ = rv[1].split('|')[0] if succ == '0': break else: return True rds.delete(feedback_key) return False _bind_container_ip()
def reload_nginx(sshs, local_path, remote_path): for ssh in sshs: file_name = local_path.rsplit('/')[-1] tmp_path = '/tmp/%s.tmp.%s' % (file_name, random_string(4)) scp_file(ssh, local_path, tmp_path) ssh.execute('mv %s %s' % (tmp_path, remote_path), sudo=True) ssh.execute('nginx -s reload', sudo=True)
def create_one_container(host, version, entrypoint, env='prod', cores=None): if cores is None: cores = [] client = get_docker_client(host.addr) local_images = {r['RepoTags'][0] for r in client.images()} appconfig = version.appconfig appname = appconfig.appname entry = appconfig.entrypoints[entrypoint] envconfig = version.get_resource_config(env) image = '{0}/{1}:{2}'.format(settings.DOCKER_REGISTRY, appname, version.short_sha) if image not in local_images: repo = '{0}/{1}'.format(settings.DOCKER_REGISTRY, appname) for line in client.pull(repo, tag=version.short_sha, stream=True, insecure_registry=settings.DOCKER_REGISTRY_INSECURE): print line env_dict = { 'APP_NAME': appname, 'ERU_RUNENV': env.upper(), 'ERU_POD': host.pod.name, 'ERU_HOST': host.name, } env_dict.update(envconfig.to_env_dict()) # TODO use settings!!! # This modification for applying sysctl params volumes = ['/writable-proc/sys'] binds = {'/proc/sys': {'bind': '/writable-proc/sys', 'ro': False}} if settings.ERU_CONTAINER_PERMDIR: permdir = settings.ERU_CONTAINER_PERMDIR % appname env_dict['ERU_PERMDIR'] = permdir volumes.append(permdir) binds[settings.ERU_HOST_PERMDIR % appname] = {'bind': permdir, 'ro': False} # container name: {appname}_{entrypoint}_{ident_id} container_name = '_'.join([appname, entrypoint, random_string(6)]) # cpuset: '0,1,2,3' cpuset = ','.join([c.label for c in cores]) # host_config, include log_config host_config = create_host_config(log_config=LogConfig(type=settings.DOCKER_LOG_DRIVER)) container = client.create_container( image=image, command=entry['cmd'], environment=env_dict, entrypoint='launch', name=container_name, cpuset=cpuset, working_dir='/%s' % appname, network_disabled=settings.DOCKER_NETWORK_DISABLED, volumes=volumes, host_config=host_config, ) container_id = container['Id'] client.start(container=container_id, network_mode=settings.DOCKER_NETWORK_MODE, binds=binds) return container_id, container_name
def create_one_container(host, version, entrypoint, env='prod', cores=None): if cores is None: cores = [] client = get_docker_client(host.addr) local_images = {r['RepoTags'][0] for r in client.images()} appconfig = version.appconfig appname = appconfig.appname entry = appconfig.entrypoints[entrypoint] envconfig = version.get_resource_config(env) image = '{0}/{1}:{2}'.format(settings.DOCKER_REGISTRY, appname, version.short_sha) if image not in local_images: repo = '{0}/{1}'.format(settings.DOCKER_REGISTRY, appname) for line in client.pull(repo, tag=version.short_sha, stream=True, insecure_registry=settings.DOCKER_REGISTRY_INSECURE): print line env_dict = { 'APP_NAME': appname, 'ERU_RUNENV': env.upper(), 'ERU_POD': host.pod.name, 'ERU_HOST': host.name, } env_dict.update(envconfig.to_env_dict()) # container name: {appname}_{entrypoint}_{ident_id} container_name = '_'.join([appname, entrypoint, random_string(6)]) # cpuset: '0,1,2,3' cpuset = ','.join([c.label for c in cores]) container = client.create_container( image=image, command=entry['cmd'], user=version.app_id, environment=env_dict, name=container_name, cpuset=cpuset, working_dir='/%s' % appname, network_disabled=settings.DOCKER_NETWORK_DISABLED, ) container_id = container['Id'] client.start(container=container_id, network_mode=settings.DOCKER_NETWORK_MODE) return container_id, container_name
def create_influxdb(client, dbname, username, pass_len, admin=False): if not client.create_database(dbname): logger.info('create influxdb database error') return password = random_string(pass_len) client.switch_database(dbname) if not client.add_database_user(username, password): logger.info('create influxdb user error') return if admin and not client.set_database_admin(username): logger.info('set %s to admin error' % username) return return { 'host': client._host, 'port': client._port, 'username': username, 'password': password, 'db': dbname, }
def create_mysql(conn, dbname, username, pass_len): def _execute(sql, args=None): cur = conn.cursor() cur.execute(sql, args) conn.commit() cur.close() # Create database sql = r'''CREATE DATABASE IF NOT EXISTS `%s`;''' _execute(sql % (dbname, )) passwd = random_string(pass_len) sql = r''' GRANT DROP, CREATE, SELECT, INSERT, UPDATE, DELETE ON `%s`.* TO '%s'@'%%' IDENTIFIED BY '%s'; ''' _execute(sql % ( dbname, username, passwd, )) sql = r''' GRANT DROP, CREATE, SELECT, INSERT, UPDATE, DELETE ON `%s`.* TO '%s'@'localhost' IDENTIFIED BY '%s'; ''' _execute(sql % ( dbname, username, passwd, )) return { 'host': conn.get_host_info().split(' ', 1)[0], 'port': conn.port, 'user': username, 'passwd': passwd, 'db': dbname, }
def create_one_container(host, version, entrypoint, env='prod', cores=None, cpu_shares=1024, image=''): if cores is None: cores = [] client = get_docker_client(host.addr) local_images = {r['RepoTags'][0] for r in client.images()} appconfig = version.appconfig appname = appconfig.appname entry = appconfig.entrypoints[entrypoint] envconfig = version.get_resource_config(env) network_mode = entry.get('network_mode', settings.DOCKER_NETWORK_MODE) if not image: image = '{0}/{1}:{2}'.format(settings.DOCKER_REGISTRY, appname, version.short_sha) if image not in local_images: repo, tag = image.split(':', 1) for line in client.pull(repo, tag, stream=True, insecure_registry=settings.DOCKER_REGISTRY_INSECURE): print line env_dict = { 'APP_NAME': appname, 'ERU_RUNENV': env.upper(), 'ERU_POD': host.pod.name, 'ERU_HOST': host.name, } env_dict.update(envconfig.to_env_dict()) volumes = ['/writable-proc/sys'] volumes.extend(appconfig.get('volumes', [])) binds = {'/proc/sys': {'bind': '/writable-proc/sys', 'ro': False}} binds.update(appconfig.get('binds', {})) if settings.ERU_CONTAINER_PERMDIR: permdir = settings.ERU_CONTAINER_PERMDIR % appname env_dict['ERU_PERMDIR'] = permdir volumes.append(permdir) binds[settings.ERU_HOST_PERMDIR % appname] = {'bind': permdir, 'ro': False} # container name: {appname}_{entrypoint}_{ident_id} container_name = '_'.join([appname, entrypoint, random_string(6)]) # cpuset: '0,1,2,3' cpuset = ','.join([c.label for c in cores]) # host_config, include log_config host_config = create_host_config( binds=binds, network_mode=network_mode, log_config=LogConfig(type=settings.DOCKER_LOG_DRIVER), ulimits=[Ulimit(name='nofile', soft=65535, hard=65535)], ) container = client.create_container( image=image, command=entry['cmd'], environment=env_dict, entrypoint=None if image else 'launch', name=container_name, cpuset=cpuset, working_dir=None if image else '/%s' % appname, network_disabled=settings.DOCKER_NETWORK_DISABLED, volumes=volumes, host_config=host_config, cpu_shares=cpu_shares, ) container_id = container['Id'] client.start(container=container_id) return container_id, container_name
def create_one_container(host, version, entrypoint, env='prod', cores=None, ports=None, args=None, cpu_shares=1024, image='', need_network=False): # raw方式有些设定不同 is_raw = bool(image) if cores is None: cores = [] if ports is None: ports = [] if args is None: args = [] client = get_docker_client(host.addr) local_images = {r['RepoTags'][0] for r in client.images()} appconfig = version.appconfig appname = appconfig.appname entry = appconfig.entrypoints[entrypoint] envconfig = version.get_resource_config(env) # replace $port1... cmd = replace_ports(entry['cmd'], ports) # add extend arguments cmd = cmd + ' '.join([''] + args) if not is_raw: network = 'network' if need_network else 'nonetwork' cmd = '/usr/local/bin/launcher %s ' % network + cmd network_mode = entry.get('network_mode', config.DOCKER_NETWORK_MODE) mem_limit = entry.get('mem_limit', 0) restart_policy = {'MaximumRetryCount': 3, 'Name': entry.get('restart', 'no')} # could be no/always/on-failure if not image: image = '{0}/{1}:{2}'.format(config.DOCKER_REGISTRY, appname, version.short_sha) if image not in local_images: repo, tag = image.split(':', 1) for line in client.pull(repo, tag, stream=True, insecure_registry=config.DOCKER_REGISTRY_INSECURE): print line env_dict = { 'APP_NAME': appname, 'ERU_RUNENV': env.upper(), 'ERU_POD': host.pod.name, 'ERU_HOST': host.name, 'ERU_HOST_IP': host.ip, } env_dict.update(envconfig.to_env_dict()) volumes = ['/writable-proc/sys'] volumes.extend(appconfig.get('volumes', [])) binds = {'/proc/sys': {'bind': '/writable-proc/sys', 'ro': False}} binds.update(appconfig.get('binds', {})) if config.ERU_CONTAINER_PERMDIR: permdir = config.ERU_CONTAINER_PERMDIR % appname env_dict['ERU_PERMDIR'] = permdir volumes.append(permdir) binds[config.ERU_HOST_PERMDIR % appname] = {'bind': permdir, 'ro': False} # container name: {appname}_{entrypoint}_{ident_id} container_name = '_'.join([appname, entrypoint, random_string(6)]) # cpuset: '0,1,2,3' cpuset = ','.join([c.label for c in cores]) # host_config, include log_config host_config = create_host_config( binds=binds, network_mode=network_mode, log_config=LogConfig(type=config.DOCKER_LOG_DRIVER), ulimits=[Ulimit(name='nofile', soft=65535, hard=65535)], restart_policy=restart_policy, mem_limit=mem_limit, ) container = client.create_container( image=image, command=cmd, environment=env_dict, name=container_name, cpuset=cpuset, working_dir=None if is_raw else '/%s' % appname, network_disabled=config.DOCKER_NETWORK_DISABLED, volumes=volumes, host_config=host_config, cpu_shares=cpu_shares, ) container_id = container['Id'] client.start(container=container_id) return container_id, container_name