This repository has been archived by the owner on May 30, 2023. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
app-admin/etcd-wrapper: use docker for the etcd service and drop etcd…
…-wrapper
- Loading branch information
Showing
3 changed files
with
15 additions
and
96 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -14,7 +14,6 @@ IUSE="" | |
SLOT=0 | ||
|
||
DEPEND="" | ||
RDEPEND=">=app-emulation/rkt-1.9.1[rkt_stage1_fly]" | ||
|
||
S=${WORKDIR} | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,28 +1,30 @@ | ||
[Unit] | ||
Description=etcd (System Application Container) | ||
Documentation=https://github.com/etcd-io/etcd | ||
Wants=network-online.target network.target | ||
After=network-online.target | ||
Wants=network-online.target network.target docker.service | ||
After=network-online.target docker.service | ||
Conflicts=etcd.service | ||
Conflicts=etcd2.service | ||
|
||
[Service] | ||
Type=notify | ||
Type=simple | ||
Restart=on-failure | ||
RestartSec=10s | ||
TimeoutStartSec=0 | ||
LimitNOFILE=40000 | ||
|
||
Environment="ETCD_IMAGE_URL=quay.io/coreos/etcd" | ||
Environment="ETCD_IMAGE_TAG=@ETCD_IMAGE_TAG@" | ||
Environment="ETCD_NAME=%m" | ||
Environment="ETCD_USER=etcd" | ||
Environment="ETCD_DATA_DIR=/var/lib/etcd" | ||
Environment="RKT_RUN_ARGS=--uuid-file-save=/var/lib/flatcar/etcd-member-wrapper.uuid" | ||
Environment="ETCD_SSL_DIR=/etc/ssl/certs" | ||
|
||
ExecStartPre=/usr/bin/mkdir --parents /var/lib/flatcar | ||
ExecStartPre=-/usr/bin/rkt rm --uuid-file=/var/lib/flatcar/etcd-member-wrapper.uuid | ||
ExecStart=/usr/lib/flatcar/etcd-wrapper $ETCD_OPTS | ||
ExecStop=-/usr/bin/rkt stop --uuid-file=/var/lib/flatcar/etcd-member-wrapper.uuid | ||
ExecStartPre=-docker rm -f etcd-member | ||
ExecStartPre=bash -c "docker run --name etcd-member -d --log-driver=journald --network=host -u $(id -u ${ETCD_USER}):$(id -g ${ETCD_USER}) -v ${ETCD_DATA_DIR}:/var/lib/etcd:rw,Z -v ${ETCD_SSL_DIR}:/etc/ssl/certs:ro,Z --env-file <(env) ${ETCD_IMAGE:-${ETCD_IMAGE_URL}:${ETCD_IMAGE_TAG}} $ETCD_OPTS" | ||
ExecStart=/usr/lib/flatcar/etcd-wrapper | ||
ExecStop=docker stop etcd-member | ||
ExecStopPost=docker rm etcd-member | ||
|
||
[Install] | ||
WantedBy=multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,87 +1,5 @@ | ||
#!/usr/bin/bash -e | ||
# Wrapper for launching etcd via rkt. | ||
# | ||
# Make sure to set ETCD_IMAGE_TAG to an image tag published here: | ||
# https://quay.io/repository/coreos/etcd?tab=tags Alternatively, | ||
# override ETCD_IMAGE to a custom image. | ||
|
||
function require_ev_all() { | ||
for rev in $@ ; do | ||
if [[ -z "${!rev}" ]]; then | ||
echo ${rev} is not set | ||
exit 1 | ||
fi | ||
done | ||
} | ||
|
||
function require_ev_one() { | ||
for rev in $@ ; do | ||
if [[ ! -z "${!rev}" ]]; then | ||
return | ||
fi | ||
done | ||
echo One of $@ must be set | ||
exit 1 | ||
} | ||
|
||
require_ev_one ETCD_IMAGE ETCD_IMAGE_TAG | ||
require_ev_all ETCD_USER ETCD_DATA_DIR | ||
|
||
ETCD_IMAGE_URL="${ETCD_IMAGE_URL:-docker://quay.io/coreos/etcd}" | ||
ETCD_IMAGE="${ETCD_IMAGE:-${ETCD_IMAGE_URL}:${ETCD_IMAGE_TAG}}" | ||
|
||
if [[ "${ETCD_IMAGE%%/*}" == "quay.io" ]] && ! (echo "${RKT_RUN_ARGS}" | grep -q trust-keys-from-https); then | ||
RKT_RUN_ARGS="${RKT_RUN_ARGS} --trust-keys-from-https" | ||
elif [[ "${ETCD_IMAGE%%/*}" == "docker:" ]] && ! (echo "${RKT_RUN_ARGS}" | grep -q insecure-options); then | ||
RKT_RUN_ARGS="${RKT_RUN_ARGS} --insecure-options=image" | ||
fi | ||
|
||
if [[ ! -e "${ETCD_DATA_DIR}" ]]; then | ||
mkdir --parents "${ETCD_DATA_DIR}" | ||
chown "${ETCD_USER}" "${ETCD_DATA_DIR}" | ||
fi | ||
|
||
# Do not pass ETCD_DATA_DIR through to the container. The default path, | ||
# /var/lib/etcd is always used inside the container. | ||
etcd_data_dir="${ETCD_DATA_DIR}" | ||
ETCD_DATA_DIR="/var/lib/etcd" | ||
|
||
ETCD_SSL_DIR="${ETCD_SSL_DIR:-/etc/ssl/certs}" | ||
|
||
SYSTEMD_SYSTEM_DIR_SRC="${SYSTEMD_SYSTEM_DIR_SRC:-/run/systemd/system}" | ||
if [[ -d "${SYSTEMD_SYSTEM_DIR_SRC}" ]]; then | ||
RKT_RUN_ARGS="${RKT_RUN_ARGS} \ | ||
--mount volume=coreos-systemd-dir,target=/run/systemd/system \ | ||
--volume coreos-systemd-dir,kind=host,source=${SYSTEMD_SYSTEM_DIR_SRC},readOnly=true \ | ||
" | ||
fi | ||
|
||
if [[ -S "${NOTIFY_SOCKET}" ]]; then | ||
RKT_RUN_ARGS="${RKT_RUN_ARGS} \ | ||
--mount volume=coreos-notify,target=/run/systemd/notify \ | ||
--volume coreos-notify,kind=host,source=${NOTIFY_SOCKET} \ | ||
--set-env=NOTIFY_SOCKET=/run/systemd/notify \ | ||
" | ||
fi | ||
|
||
RKT="${RKT:-/usr/bin/rkt}" | ||
RKT_STAGE1_ARG="${RKT_STAGE1_ARG:---stage1-from-dir=stage1-fly.aci}" | ||
set -x | ||
exec ${RKT} ${RKT_GLOBAL_ARGS} \ | ||
run ${RKT_RUN_ARGS} \ | ||
--volume coreos-data-dir,kind=host,source="${etcd_data_dir}",readOnly=false \ | ||
--volume coreos-etc-ssl-certs,kind=host,source="${ETCD_SSL_DIR}",readOnly=true \ | ||
--volume coreos-usr-share-certs,kind=host,source=/usr/share/ca-certificates,readOnly=true \ | ||
--volume coreos-etc-hosts,kind=host,source=/etc/hosts,readOnly=true \ | ||
--volume coreos-etc-resolv,kind=host,source=/etc/resolv.conf,readOnly=true \ | ||
--mount volume=coreos-data-dir,target=/var/lib/etcd \ | ||
--mount volume=coreos-etc-ssl-certs,target=/etc/ssl/certs \ | ||
--mount volume=coreos-usr-share-certs,target=/usr/share/ca-certificates \ | ||
--mount volume=coreos-etc-hosts,target=/etc/hosts \ | ||
--mount volume=coreos-etc-resolv,target=/etc/resolv.conf \ | ||
--inherit-env \ | ||
${RKT_STAGE1_ARG} \ | ||
${ETCD_IMAGE} \ | ||
${ETCD_IMAGE_ARGS} \ | ||
--user=$(id -u "${ETCD_USER}") \ | ||
-- "$@" | ||
#!/bin/bash | ||
# The "etcd-wrapper" script can't be deleted because ct overwrites | ||
# the ExecStart directive with etcd-wrapper. Do the new action of | ||
# ExecStart here. | ||
exec docker logs -f etcd-member |