Remove scheduler to use marathon instead

mesosphere · Oct 16, 2015 · 22bd938 · 22bd938
1 parent dd4b31b
commit 22bd938
Show file tree

Hide file tree

Showing 9 changed files with 94 additions and 218 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,15 +1,13 @@
 FROM kylemanna/openvpn
-ENV MESOS_EGG mesos-0.24.1-py2.7-linux-x86_64.egg
 
 MAINTAINER Mesosphere <team@mesosphere.com>
 
-RUN apk -U add python py-setuptools && apk -U -t deps add curl ca-certificates \
-    && curl -Lo $MESOS_EGG https://downloads.mesosphere.io/master/ubuntu/15.04/$MESOS_EGG \
-    && easy_install-2.7 $MESOS_EGG && rm $MESOS_EGG && apk del deps
+RUN apk -U add ca-certificates python py-setuptools
 
 COPY . /dcos
 
 WORKDIR /dcos
-RUN ["/usr/bin/python",  "setup.py", "install"]
-
-CMD ["/dcos/bin/run.bash", "server"]
+RUN ["/usr/bin/python", "setup.py", "install"]
+EXPOSE 5000 1194/tcp 1194/udp
+ENTRYPOINT ["/dcos/bin/run.bash" ]
+CMD [ "server"]
diff --git a/README.md b/README.md
@@ -4,20 +4,25 @@ DCOS OpenVPN
 How does it work?
 --------------
 
-1. Take `marathon.json` and POST it to marathon.
-1. Marathon launches the dcos-openvpn scheduler on a private agent.
-1. The scheduler docker container comes up and `bin/run.bash` is called.
+### Deploy Admin
+1. Take `marathon-admin.json` and POST it to marathon.
+1. Marathon launches the admin web interface on a private agent.
+1. The docker container comes up and `bin/run.bash` is called.
 1. Zookeeper is checked to see if the config has been uploaded or not yet.
 1. If there is nothing in zookeeper, the configuration is built (via. ovpn_genconfig) and then uploaded to zookeeper.
 1. If there is already state in zookeeper, the configuration is downloaded from there and placed into the scheduler's docker container.
-1. At this point, the actual dcos-openvpn scheduler is started. It registers with mesos and waits for resource offers.
-1. Once the scheduler receives a resource offer that is from a slave_public with 256mb of memory and 0.1 cpus, it launches the actual openvpn server on a public slave.
-1. The openvpn task launches in the same docker as the scheduler (see Dockerfile) and runs the beginning bash script.
+
+### Deploy Server
+1. Take `marathon-server.json` and POST it to marathon.
+1. Marathon launches the openvpn server on a public agent.
 1. The configuration is downloaded from zk that was previously uploaded by the scheduler on first startup.
 1. The script goes out externally and fetches its remote ip.
 1. The openvpn server starts running. At this point, the openvpn server is running, but there are no user profiles.
-1. Now, you'll need to create a user profile. To do that, POST `name=myname` to scheduler_ip:scheduler_port/client.
-1. The client will be generated (by calling easyrsa build-client-full) and then uploaded via. zkcli.
+
+
+### Add Users
+1. Now, you'll need to create a user profile. To do that, POST `name=myname` to admin_ip:scheduler_port/client.
+1. The client will be generated (by calling easyrsa build-client-full) and then uploaded via zkcli.
 1. Once the cert is uploaded, the full output will be returned to you via. the POST body.
 
 Development

diff --git a/bin/run.bash b/bin/run.bash
@@ -1,20 +1,22 @@
-#!/bin/bash -x
+#!/bin/bash
 
 # Shell lint tool: http://www.shellcheck.net
 set -o errexit -o nounset -o pipefail
 
 function usage {
 cat <<USAGE
- USAGE: $(basename "$0")
+ USAGE: $(basename "$0") server|admin
+
+  This script runs the openvpn server or admin interface. Both need
+  to be deployed to your cluster. The server is the endpoint clients
+  connect to, where admin runs a web api to create users in ZK.
 
-  This script does things.
 USAGE
 }
 
 #: ${REQUIRED_ENV_VAR:?"ERROR: REQUIRED_ENV_VAR must be set"}
 
 function globals {
-  export PROJECT_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )"
 
   export CA_PASS=${CA_PASS:="nopass"}
   export CA_CN=${CA_CN:="openvpn.dcos"}
@@ -26,24 +28,19 @@ function globals {
   export HOST=${HOST:=127.0.0.1}
   export PORT0=${PORT0:=6000}
 
-  export IMAGE=${IMAGE:="mesosphere/dcos-openvpn"}
 }; globals
 
 for i in "$@"
 do
   case "$i" in                                      # Munging globals, beware
-    -h|--help)                usage                        ;;
+    -h|--help)                usage              ; exit 0  ;;
     -c)                       conf="$2"          ; shift 2 ;;
     -v)                       verbose=true       ; shift 1 ;;
     --)                       break                        ;;
     *)                        # unknown option             ;;
   esac
 done
 
-function main {
-  echo "......"
-}
-
 function get_location {
   echo $(run_command "get $ZKPATH/location.conf")
 }
@@ -67,16 +64,14 @@ function upload_files {
   done
 }
 
-function scheduler {
-  env
-
+function admin {
   if (run_command "ls $ZKPATH"); then
     download_files
   else
     upload_files
   fi
 
-  python -m dcos_openvpn.main
+  exec python -m dcos_openvpn.main
 }
 
 function download_files {
@@ -113,7 +108,7 @@ function server {
   set_public_location
 
   mkdir "$OPENVPN/ccd"
-  ovpn_run
+  exec ovpn_run
 }
 
 function logged {
@@ -126,7 +121,9 @@ function msg { out "$*" >&2 ;}
 function err { local x=$? ; msg "$*" ; return $(( x == 0 ? 1 : x )) ;}
 function out { printf '%s\n' "$*" ;}
 
-if [[ ${1:-} ]] && declare -F | cut -d' ' -f3 | fgrep -qx -- "${1:-}"
-then "$@"
-else main "$@"
-fi
+
+case "$@" in
+  server) server ;;
+  admin)  admin  ;;
+  *)      usage;  exit 1 ;;
+esac
diff --git a/dcos_openvpn/main.py b/dcos_openvpn/main.py
@@ -8,7 +8,6 @@
 import time
 import threading
 
-from . import scheduler
 from . import web
 
 OPTIONAL_ENV = [
@@ -18,7 +17,6 @@
 
 REQUIRED_ENV = [
     "HOST",
-    "PORT0",
     "EASYRSA_PKI"
 ]
 
@@ -53,11 +51,7 @@ def main():
 
     check_env()
 
-    scheduler.CURRENT.run()
-    web.app.run(
-        host='0.0.0.0',
-        port=int(os.environ["PORT0"])
-    )
+    web.app.run(host='0.0.0.0')
 
 if __name__ == "__main__":
     main()
diff --git a/dcos_openvpn/scheduler.py b/dcos_openvpn/scheduler.py
diff --git a/dcos_openvpn/web.py b/dcos_openvpn/web.py
@@ -13,7 +13,6 @@
 from webargs.flaskparser import use_args
 
 from . import cert
-from . import scheduler
 
 app = Flask(__name__)
 

diff --git a/marathon-admin.json b/marathon-admin.json
@@ -0,0 +1,32 @@
+{
+  "id": "openvpn-admin",
+  "cpus": 0.1,
+  "mem": 64,
+  "instances": 2,
+  "args": [ "admin" ],
+  "container": {
+    "type": "DOCKER",
+    "docker": {
+      "image": "mesosphere/dcos-openvpn",
+      "forcePullImage": true,
+      "network": "BRIDGE",
+      "portMappings": [{ "containerPort": 5000, "protocol": "tcp" }]
+    }
+  },
+  "healthChecks": [
+    {
+      "gracePeriodSeconds": 120,
+      "intervalSeconds": 30,
+      "maxConsecutiveFailures": 0,
+      "path": "/status",
+      "portIndex": 0,
+      "protocol": "HTTP",
+      "timeoutSeconds": 5
+    }
+  ],
+  "ports": [],
+  "env": {
+    "MESOS_CONFIG": "zk://master.mesos:2181/mesos",
+    "FRAMEWORK_NAME": "openvpn-admin"
+  }
+}