def rebind_container_ip(container):
task_id = random_string(10)
pub_agent_vlan_key = 'eru:agent:%s:vlan' % container.host.name
feedback_key = 'eru:agent:%s:feedback' % task_id
ips = container.ips.all()
if not ips:
return
values = [task_id, container.container_id, container.ident_id]
values += ['{0}:{1}'.format(ip.vlan_seq_id, ip.vlan_address) for ip in ips]
@retrying.retry(retry_on_result=lambda r: not r)
def bind_container_ip():
rds.publish(pub_agent_vlan_key, '|'.join(values))
for _ in ips:
rv = rds.blpop(feedback_key, 15)
if rv is None:
break
succ = rv[1].split('|')[0]
if succ == '0':
break
else:
return True
rds.delete(feedback_key)
return False
bind_container_ip()
def bind_container_ip(container, ips, nid=None):
"""
nid就是network的id.
为了防止agent那边生成重复的nid, 需要覆盖掉默认的nid的值.
"""
if not ips:
return
task_id = random_string(10)
pub_agent_vlan_key = 'eru:agent:%s:vlan' % container.host.name
feedback_key = 'eru:agent:%s:feedback' % task_id
values = [task_id, container.container_id]
values += ['{0}:{1}'.format(nid or ip.vlan_seq_id, ip.vlan_address) for ip in ips]
@retrying.retry(retry_on_result=lambda r: not r)
def _bind_container_ip():
rds.publish(pub_agent_vlan_key, '|'.join(values))
for _ in ips:
rv = rds.blpop(feedback_key, 15)
if rv is None:
break
succ = rv[1].split('|')[0]
if succ == '0':
break
else:
return True
rds.delete(feedback_key)
return False
_bind_container_ip()
def reload_nginx(sshs, local_path, remote_path):
for ssh in sshs:
file_name = local_path.rsplit('/')[-1]
tmp_path = '/tmp/%s.tmp.%s' % (file_name, random_string(4))
scp_file(ssh, local_path, tmp_path)
ssh.execute('mv %s %s' % (tmp_path, remote_path), sudo=True)
ssh.execute('nginx -s reload', sudo=True)
def create_one_container(host, version, entrypoint, env='prod', cores=None):
if cores is None:
cores = []
client = get_docker_client(host.addr)
local_images = {r['RepoTags'][0] for r in client.images()}
appconfig = version.appconfig
appname = appconfig.appname
entry = appconfig.entrypoints[entrypoint]
envconfig = version.get_resource_config(env)
image = '{0}/{1}:{2}'.format(settings.DOCKER_REGISTRY, appname, version.short_sha)
if image not in local_images:
repo = '{0}/{1}'.format(settings.DOCKER_REGISTRY, appname)
for line in client.pull(repo, tag=version.short_sha, stream=True,
insecure_registry=settings.DOCKER_REGISTRY_INSECURE):
print line
env_dict = {
'APP_NAME': appname,
'ERU_RUNENV': env.upper(),
'ERU_POD': host.pod.name,
'ERU_HOST': host.name,
}
env_dict.update(envconfig.to_env_dict())
# TODO use settings!!!
# This modification for applying sysctl params
volumes = ['/writable-proc/sys']
binds = {'/proc/sys': {'bind': '/writable-proc/sys', 'ro': False}}
if settings.ERU_CONTAINER_PERMDIR:
permdir = settings.ERU_CONTAINER_PERMDIR % appname
env_dict['ERU_PERMDIR'] = permdir
volumes.append(permdir)
binds[settings.ERU_HOST_PERMDIR % appname] = {'bind': permdir, 'ro': False}
# container name: {appname}_{entrypoint}_{ident_id}
container_name = '_'.join([appname, entrypoint, random_string(6)])
# cpuset: '0,1,2,3'
cpuset = ','.join([c.label for c in cores])
# host_config, include log_config
host_config = create_host_config(log_config=LogConfig(type=settings.DOCKER_LOG_DRIVER))
container = client.create_container(
image=image,
command=entry['cmd'],
environment=env_dict,
entrypoint='launch',
name=container_name,
cpuset=cpuset,
working_dir='/%s' % appname,
network_disabled=settings.DOCKER_NETWORK_DISABLED,
volumes=volumes,
host_config=host_config,
)
container_id = container['Id']
client.start(container=container_id, network_mode=settings.DOCKER_NETWORK_MODE, binds=binds)
return container_id, container_name
def create_one_container(host, version, entrypoint, env='prod', cores=None):
if cores is None:
cores = []
client = get_docker_client(host.addr)
local_images = {r['RepoTags'][0] for r in client.images()}
appconfig = version.appconfig
appname = appconfig.appname
entry = appconfig.entrypoints[entrypoint]
envconfig = version.get_resource_config(env)
image = '{0}/{1}:{2}'.format(settings.DOCKER_REGISTRY, appname, version.short_sha)
if image not in local_images:
repo = '{0}/{1}'.format(settings.DOCKER_REGISTRY, appname)
for line in client.pull(repo, tag=version.short_sha, stream=True,
insecure_registry=settings.DOCKER_REGISTRY_INSECURE):
print line
env_dict = {
'APP_NAME': appname,
'ERU_RUNENV': env.upper(),
'ERU_POD': host.pod.name,
'ERU_HOST': host.name,
}
env_dict.update(envconfig.to_env_dict())
# container name: {appname}_{entrypoint}_{ident_id}
container_name = '_'.join([appname, entrypoint, random_string(6)])
# cpuset: '0,1,2,3'
cpuset = ','.join([c.label for c in cores])
container = client.create_container(
image=image,
command=entry['cmd'],
user=version.app_id,
environment=env_dict,
name=container_name,
cpuset=cpuset,
working_dir='/%s' % appname,
network_disabled=settings.DOCKER_NETWORK_DISABLED,
)
container_id = container['Id']
client.start(container=container_id, network_mode=settings.DOCKER_NETWORK_MODE)
return container_id, container_name
def create_influxdb(client, dbname, username, pass_len, admin=False):
if not client.create_database(dbname):
logger.info('create influxdb database error')
return
password = random_string(pass_len)
client.switch_database(dbname)
if not client.add_database_user(username, password):
logger.info('create influxdb user error')
return
if admin and not client.set_database_admin(username):
logger.info('set %s to admin error' % username)
return
return {
'host': client._host,
'port': client._port,
'username': username,
'password': password,
'db': dbname,
}
def create_mysql(conn, dbname, username, pass_len):
def _execute(sql, args=None):
cur = conn.cursor()
cur.execute(sql, args)
conn.commit()
cur.close()
# Create database
sql = r'''CREATE DATABASE IF NOT EXISTS `%s`;'''
_execute(sql % (dbname, ))
passwd = random_string(pass_len)
sql = r'''
GRANT DROP, CREATE, SELECT, INSERT, UPDATE, DELETE ON `%s`.* TO '%s'@'%%' IDENTIFIED BY '%s';
'''
_execute(sql % (
dbname,
username,
passwd,
))
sql = r'''
GRANT DROP, CREATE, SELECT, INSERT, UPDATE, DELETE ON `%s`.* TO '%s'@'localhost' IDENTIFIED BY '%s';
'''
_execute(sql % (
dbname,
username,
passwd,
))
return {
'host': conn.get_host_info().split(' ', 1)[0],
'port': conn.port,
'user': username,
'passwd': passwd,
'db': dbname,
}
def create_one_container(host, version, entrypoint, env='prod', cores=None, cpu_shares=1024, image=''):
if cores is None:
cores = []
client = get_docker_client(host.addr)
local_images = {r['RepoTags'][0] for r in client.images()}
appconfig = version.appconfig
appname = appconfig.appname
entry = appconfig.entrypoints[entrypoint]
envconfig = version.get_resource_config(env)
network_mode = entry.get('network_mode', settings.DOCKER_NETWORK_MODE)
if not image:
image = '{0}/{1}:{2}'.format(settings.DOCKER_REGISTRY, appname, version.short_sha)
if image not in local_images:
repo, tag = image.split(':', 1)
for line in client.pull(repo, tag, stream=True,
insecure_registry=settings.DOCKER_REGISTRY_INSECURE):
print line
env_dict = {
'APP_NAME': appname,
'ERU_RUNENV': env.upper(),
'ERU_POD': host.pod.name,
'ERU_HOST': host.name,
}
env_dict.update(envconfig.to_env_dict())
volumes = ['/writable-proc/sys']
volumes.extend(appconfig.get('volumes', []))
binds = {'/proc/sys': {'bind': '/writable-proc/sys', 'ro': False}}
binds.update(appconfig.get('binds', {}))
if settings.ERU_CONTAINER_PERMDIR:
permdir = settings.ERU_CONTAINER_PERMDIR % appname
env_dict['ERU_PERMDIR'] = permdir
volumes.append(permdir)
binds[settings.ERU_HOST_PERMDIR % appname] = {'bind': permdir, 'ro': False}
# container name: {appname}_{entrypoint}_{ident_id}
container_name = '_'.join([appname, entrypoint, random_string(6)])
# cpuset: '0,1,2,3'
cpuset = ','.join([c.label for c in cores])
# host_config, include log_config
host_config = create_host_config(
binds=binds,
network_mode=network_mode,
log_config=LogConfig(type=settings.DOCKER_LOG_DRIVER),
ulimits=[Ulimit(name='nofile', soft=65535, hard=65535)],
)
container = client.create_container(
image=image,
command=entry['cmd'],
environment=env_dict,
entrypoint=None if image else 'launch',
name=container_name,
cpuset=cpuset,
working_dir=None if image else '/%s' % appname,
network_disabled=settings.DOCKER_NETWORK_DISABLED,
volumes=volumes,
host_config=host_config,
cpu_shares=cpu_shares,
)
container_id = container['Id']
client.start(container=container_id)
return container_id, container_name
def create_one_container(host, version, entrypoint, env='prod',
cores=None, ports=None, args=None, cpu_shares=1024, image='', need_network=False):
# raw方式有些设定不同
is_raw = bool(image)
if cores is None:
cores = []
if ports is None:
ports = []
if args is None:
args = []
client = get_docker_client(host.addr)
local_images = {r['RepoTags'][0] for r in client.images()}
appconfig = version.appconfig
appname = appconfig.appname
entry = appconfig.entrypoints[entrypoint]
envconfig = version.get_resource_config(env)
# replace $port1...
cmd = replace_ports(entry['cmd'], ports)
# add extend arguments
cmd = cmd + ' '.join([''] + args)
if not is_raw:
network = 'network' if need_network else 'nonetwork'
cmd = '/usr/local/bin/launcher %s ' % network + cmd
network_mode = entry.get('network_mode', config.DOCKER_NETWORK_MODE)
mem_limit = entry.get('mem_limit', 0)
restart_policy = {'MaximumRetryCount': 3, 'Name': entry.get('restart', 'no')} # could be no/always/on-failure
if not image:
image = '{0}/{1}:{2}'.format(config.DOCKER_REGISTRY, appname, version.short_sha)
if image not in local_images:
repo, tag = image.split(':', 1)
for line in client.pull(repo, tag, stream=True,
insecure_registry=config.DOCKER_REGISTRY_INSECURE):
print line
env_dict = {
'APP_NAME': appname,
'ERU_RUNENV': env.upper(),
'ERU_POD': host.pod.name,
'ERU_HOST': host.name,
'ERU_HOST_IP': host.ip,
}
env_dict.update(envconfig.to_env_dict())
volumes = ['/writable-proc/sys']
volumes.extend(appconfig.get('volumes', []))
binds = {'/proc/sys': {'bind': '/writable-proc/sys', 'ro': False}}
binds.update(appconfig.get('binds', {}))
if config.ERU_CONTAINER_PERMDIR:
permdir = config.ERU_CONTAINER_PERMDIR % appname
env_dict['ERU_PERMDIR'] = permdir
volumes.append(permdir)
binds[config.ERU_HOST_PERMDIR % appname] = {'bind': permdir, 'ro': False}
# container name: {appname}_{entrypoint}_{ident_id}
container_name = '_'.join([appname, entrypoint, random_string(6)])
# cpuset: '0,1,2,3'
cpuset = ','.join([c.label for c in cores])
# host_config, include log_config
host_config = create_host_config(
binds=binds,
network_mode=network_mode,
log_config=LogConfig(type=config.DOCKER_LOG_DRIVER),
ulimits=[Ulimit(name='nofile', soft=65535, hard=65535)],
restart_policy=restart_policy,
mem_limit=mem_limit,
)
container = client.create_container(
image=image,
command=cmd,
environment=env_dict,
name=container_name,
cpuset=cpuset,
working_dir=None if is_raw else '/%s' % appname,
network_disabled=config.DOCKER_NETWORK_DISABLED,
volumes=volumes,
host_config=host_config,
cpu_shares=cpu_shares,
)
container_id = container['Id']
client.start(container=container_id)
return container_id, container_name
