-
Notifications
You must be signed in to change notification settings - Fork 3
subutai
Fernando Henrique edited this page May 25, 2018
·
2 revisions
Subutai container module. This modules manage all life cicle of subutai containers.
- Synopsis
- Options
- Examples
Subutai is a daemon written in Golang whose main task is to receive commands from the Subutai Social management server and execute them on Resource Hosts. Behind such a seemingly simple task are complex procedures like bidirectional ssl communication, gpg message encryption, different health and security checks, etc.
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| key | key | |||
| domain | Should be only specified for http and https protocols mapping. | |||
| protocol |
|
Specifies required protocol for mapping and might be http, https, tcp or udp. | ||
| localPeepIPAddr | localPeepIPAddr | |||
| globalFlag | There are two types of channels - local, which is created from destination address to host and global from destination to Subutai Helper node. | |||
| vlan | VLAN tag. | |||
| vni | VXLAN tunnel VNI. | |||
| host | Add host to domain on VLAN. | |||
| external | Optional parameter which shows desired RH socket where internal socket should be mapped. If more than one container mapped to one RH port, those containers are being put to the same backend group. Allowed port value must be in range of 1000-65535 | |||
| file | Pem certificate file. | |||
| ttl | Tunnels may also be set to be permanent or temporary (ttl in seconds). | |||
| interface | Interface name | |||
| hash | hash | |||
| check | Check for updates without installation. | |||
| name | Name of container or network. | |||
| sslbackend | SSL backend in https upstream. | |||
| network |
|
Define network operations, like Configuring network tunnel for containers in subutai, vxlan tunnels, and network maps. | ||
| Subutai VXLAN is network layer built on top of P2P swarms and intended to be environment communication bridges between physically separate hosts. Each Subutai environment has its own separate VXLAN tunnel so all internal network traffic goes through isolated channels, doesn't matter if environment located on single peer or distributed between multiple peers. | ||||
| The tunnel feature is based on SSH tunnels and works in combination with Subutai Helpers and serves as an easy solution for bypassing NATs. In Subutai, tunnels are used to access the SS management server's web UI from the Bazaar, and open direct connection to containers, etc. There are two types of channels local (default), which is created from destination address to host and global, from destination to Subutai Helper node. Tunnels may also be set to be permanent (default) or temporary (ttl in seconds). The default destination port is 22. | ||||
| Subutai tunnels have a continuous state checking mechanism which keeps opened tunnels alive and closes outdated tunnels to keep the system network connections clean. This mechanism may re-create a tunnel if it was dropped unintentionally (system reboot, network interruption, etc.), but newly created tunnels will have different "entrance" address. | ||||
| proxy_policy |
|
Set load balance policy (rr | ||
| ipaddr | IPv4 address, ie 192.168.1.1/24 | |||
| cert | Path to SSL pem certificate for https protocol. | |||
| source | Set the source for promoting. | |||
| state | present |
|
Indicates the desired container state are installed. | |
| internal | Peer's internal socket that should be exposed. Format should be / | |||
| map_policy |
|
Balancing methods (round-robin by default, least_time, hash, ip_hash). | ||
| template | A flag to specify if changes will affect template or a container | |||
| portrange | portrange | |||
| vxlan | Vxlan name. | |||
| remoteip | Remote IP address. |
- name: run subutai import nginx
subutai:
name: nginx
state: present
- name: run subutai destroy nginx
subutai:
name: nginx
state: absent
- name: run subutai destroy template nginx
subutai:
name: nginx
state: absent
template: true
- name: upgrade nginx
subutai:
name: nginx
state: latest
- name: subutai tunnel add 10.10.0.20
subutai:
network: tunnel
state: present
ipaddr: 10.10.0.20
- name: subutai tunnel add 10.10.0.30:8080 300 -g
subutai:
network: tunnel
state: present
ipaddr: 10.10.0.30:8080
ttl: 300
globalFlag: true
- name: subutai tunnel del 10.10.0.30:8080
subutai:
network: tunnel
state: absent
ipaddr: 10.10.0.30:8080
- name: subutai tunnel del 10.10.0.20:8080
subutai:
network: tunnel
state: absent
ipaddr: 10.10.0.20:22
- name: map container's 172.16.31.3 port 3306 to the random port on RH
subutai:
network: map
state: present
protocol: tcp
internal: 172.16.31.3:3306
- name: add 172.16.31.4:3306 to the same group
subutai:
network: map
state: present
protocol: tcp
internal: 172.16.31.4:3306
external: 46558
- name: remove container 172.16.31.3 from mapping
subutai:
network: map
state: absent
protocol: tcp
internal: 172.16.31.3:3306
external: 46558
- name: map 172.16.25.12:80 to RH's 8080 with domain name example.com
subutai:
network: map
state: present
protocol: http
internal: 172.16.25.12:80
external: 8080
domain: example.com
- name: add container to existing example.com domain
subutai:
network: map
state: present
protocol: http
internal: 172.16.25.13:80
external: 8080
domain: example.com
- name: adding subutai vxlan tunnel
subutai:
network: vxlan
state: present
vxlan: vxlan1
remoteip: 10.220.22.2
vlan: 100
vni: 12345
- name: removing subutai vxlan tunnel
subutai:
network: vxlan
state: absent
vxlan: vxlan1
- name: add domain example.com to 100 vlan
subutai:
network: proxy
state: present
vlan: 100
domain: example.com
- name: add domain example.com to 100 vlan
subutai:
network: proxy
state: present
vlan: 100
host: 10.10.0.20
- name: delete domain example.com
subutai:
conetwork: proxy
state: absent
vlan: 100
domain: example.com
- name: delete host 10.10.0.20
subutai:
conetwork: proxy
state: absent
vlan: 100
host: 10.10.0.20
Created by OptDyn, LLC