This commit is contained in:
Bertrand Gouny 2017-07-06 14:26:30 +02:00
commit 7fcab02dab
11 changed files with 124 additions and 62 deletions

View File

@ -1,5 +1,10 @@
# Changelog # Changelog
## 1.3.6
- Fix startup.sh and finish.sh ip address removal
- Use linux alpine
- Add keepalived_script script user
## 1.3.5 ## 1.3.5
- Keepalived version 1.3.5 - Keepalived version 1.3.5

View File

@ -1,5 +1,5 @@
NAME = osixia/keepalived NAME = osixia/keepalived
VERSION = 1.3.5 VERSION = 1.3.5-1-1
.PHONY: all build build-nocache test tag_latest release .PHONY: all build build-nocache test tag_latest release

View File

@ -6,7 +6,7 @@
[hub]: https://hub.docker.com/r/osixia/keepalived/ [hub]: https://hub.docker.com/r/osixia/keepalived/
Latest release: 1.3.5 - Keepalived 1.3.5 - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/keepalived/)  Latest release: 1.3.5-1 - Keepalived 1.3.5 - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/keepalived/) 
**A docker image to run Keepalived.** **A docker image to run Keepalived.**
> [keepalived.org](http://keepalived.org/) > [keepalived.org](http://keepalived.org/)
@ -22,7 +22,7 @@ Latest release: 1.3.5 - Keepalived 1.3.5 - [Changelog](CHANGELOG.md) | [Docker H
- [Link environment file](#link-environment-file) - [Link environment file](#link-environment-file)
- [Make your own image or extend this image](#make-your-own-image-or-extend-this-image) - [Make your own image or extend this image](#make-your-own-image-or-extend-this-image)
- [Advanced User Guide](#advanced-user-guide) - [Advanced User Guide](#advanced-user-guide)
- [Extend osixia/keepalived:1.3.5 image](#extend-osixiakeepalived135-image) - [Extend osixia/keepalived:1.3.5-1 image](#extend-osixiakeepalived135-1-image)
- [Make your own keepalived image](#make-your-own-keepalived-image) - [Make your own keepalived image](#make-your-own-keepalived-image)
- [Tests](#tests) - [Tests](#tests)
- [Under the hood: osixia/light-baseimage](#under-the-hood-osixialight-baseimage) - [Under the hood: osixia/light-baseimage](#under-the-hood-osixialight-baseimage)
@ -32,7 +32,7 @@ Latest release: 1.3.5 - Keepalived 1.3.5 - [Changelog](CHANGELOG.md) | [Docker H
This image require the kernel module ip_vs loaded on the host (`modprobe ip_vs`) and need to be run with : --cap-add=NET_ADMIN --net=host This image require the kernel module ip_vs loaded on the host (`modprobe ip_vs`) and need to be run with : --cap-add=NET_ADMIN --net=host
docker run --cap-add=NET_ADMIN --net=host -d osixia/keepalived:1.3.5 docker run --cap-add=NET_ADMIN --net=host -d osixia/keepalived:1.3.5-1
## Beginner Guide ## Beginner Guide
@ -42,7 +42,7 @@ but setting your own keepalived.conf is possible. 2 options:
- Link your config file at run time to `/container/service/keepalived/assets/keepalived.conf` : - Link your config file at run time to `/container/service/keepalived/assets/keepalived.conf` :
docker run --volume /data/my-keepalived.conf:/container/service/keepalived/assets/keepalived.conf --detach osixia/keepalived:1.3.5 docker run --volume /data/my-keepalived.conf:/container/service/keepalived/assets/keepalived.conf --detach osixia/keepalived:1.3.5-1
- Add your config file by extending or cloning this image, please refer to the [Advanced User Guide](#advanced-user-guide) - Add your config file by extending or cloning this image, please refer to the [Advanced User Guide](#advanced-user-guide)
@ -52,7 +52,7 @@ You may have some problems with mounted files on some systems. The startup scrip
To fix that run the container with `--copy-service` argument : To fix that run the container with `--copy-service` argument :
docker run [your options] osixia/keepalived:1.3.5 --copy-service docker run [your options] osixia/keepalived:1.3.5-1 --copy-service
### Debug ### Debug
@ -61,11 +61,11 @@ Available levels are: `none`, `error`, `warning`, `info`, `debug` and `trace`.
Example command to run the container in `debug` mode: Example command to run the container in `debug` mode:
docker run --detach osixia/keepalived:1.3.5 --loglevel debug docker run --detach osixia/keepalived:1.3.5-1 --loglevel debug
See all command line options: See all command line options:
docker run osixia/keepalived:1.3.5 --help docker run osixia/keepalived:1.3.5-1 --help
## Environment Variables ## Environment Variables
@ -85,7 +85,7 @@ See how to [set your own environment variables](#set-your-own-environment-variab
If you want to set this variable at docker run command add the tag `#PYTHON2BASH:` and convert the yaml in python: If you want to set this variable at docker run command add the tag `#PYTHON2BASH:` and convert the yaml in python:
docker run --env KEEPALIVED_UNICAST_PEERS="#PYTHON2BASH:['192.168.1.10', '192.168.1.11']" --detach osixia/keepalived:1.3.5 docker run --env KEEPALIVED_UNICAST_PEERS="#PYTHON2BASH:['192.168.1.10', '192.168.1.11']" --detach osixia/keepalived:1.3.5-1
To convert yaml to python online : http://yaml-online-parser.appspot.com/ To convert yaml to python online : http://yaml-online-parser.appspot.com/
@ -107,7 +107,7 @@ See how to [set your own environment variables](#set-your-own-environment-variab
Environment variables can be set by adding the --env argument in the command line, for example: Environment variables can be set by adding the --env argument in the command line, for example:
docker run --env KEEPALIVED_INTERFACE="eno1" --env KEEPALIVED_PASSWORD="password!" \ docker run --env KEEPALIVED_INTERFACE="eno1" --env KEEPALIVED_PASSWORD="password!" \
--env KEEPALIVED_PRIORITY="100" --detach osixia/keepalived:1.3.5 --env KEEPALIVED_PRIORITY="100" --detach osixia/keepalived:1.3.5-1
#### Link environment file #### Link environment file
@ -115,7 +115,7 @@ Environment variables can be set by adding the --env argument in the command lin
For example if your environment file is in : /data/environment/my-env.yaml For example if your environment file is in : /data/environment/my-env.yaml
docker run --volume /data/environment/my-env.yaml:/container/environment/01-custom/env.yaml \ docker run --volume /data/environment/my-env.yaml:/container/environment/01-custom/env.yaml \
--detach osixia/keepalived:1.3.5 --detach osixia/keepalived:1.3.5-1
Take care to link your environment file to `/container/environment/XX-somedir` (with XX < 99 so they will be processed before default environment files) and not directly to `/container/environment` because this directory contains predefined baseimage environment files to fix container environment (INITRD, LANG, LANGUAGE and LC_CTYPE). Take care to link your environment file to `/container/environment/XX-somedir` (with XX < 99 so they will be processed before default environment files) and not directly to `/container/environment` because this directory contains predefined baseimage environment files to fix container environment (INITRD, LANG, LANGUAGE and LC_CTYPE).
@ -125,13 +125,13 @@ This is the best solution if you have a private registry. Please refer to the [A
## Advanced User Guide ## Advanced User Guide
### Extend osixia/keepalived:1.3.5 image ### Extend osixia/keepalived:1.3.5-1 image
If you need to add your custom TLS certificate, bootstrap config or environment files the easiest way is to extends this image. If you need to add your custom TLS certificate, bootstrap config or environment files the easiest way is to extends this image.
Dockerfile example: Dockerfile example:
FROM osixia/keepalived:1.3.5 FROM osixia/keepalived:1.3.5-1
MAINTAINER Your Name <your@name.com> MAINTAINER Your Name <your@name.com>
ADD keepalived.conf /container/service/keepalived/assets/keepalived.conf ADD keepalived.conf /container/service/keepalived/assets/keepalived.conf

View File

@ -1,25 +1,29 @@
# Use osixia/light-baseimage # Use osixia/light-baseimage
# sources: https://github.com/osixia/docker-light-baseimage # sources: https://github.com/osixia/docker-light-baseimage
FROM osixia/light-baseimage:0.2.6 FROM osixia/alpine-light-baseimage:0.1.2
MAINTAINER Bertrand Gouny <bertrand.gouny@osixia.net> MAINTAINER Bertrand Gouny <bertrand.gouny@osixia.net>
# Keepalived version # Keepalived version
ENV KEEPALIVED_VERSION 1.3.5 ENV KEEPALIVED_VERSION 1.3.5
RUN addgroup -S keepalived_script && adduser -D -S -G keepalived_script keepalived_script
# Download, build and install Keepalived # Download, build and install Keepalived
RUN apt-get -y update \ RUN apk --no-cache add \
&& LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
curl \ curl \
gcc \ gcc \
ipset \
ipset-dev \
iptables \
iptables-dev \ iptables-dev \
libipset-dev \ libnfnetlink \
libnl-3-dev \
libnl-genl-3-dev \
libnl-route-3-dev \
libnfnetlink-dev \ libnfnetlink-dev \
libssl-dev \ libnl3 \
libnl3-dev \
make \ make \
pkg-config \ musl-dev \
openssl \
openssl-dev \
&& curl -o keepalived.tar.gz -SL http://keepalived.org/software/keepalived-${KEEPALIVED_VERSION}.tar.gz \ && curl -o keepalived.tar.gz -SL http://keepalived.org/software/keepalived-${KEEPALIVED_VERSION}.tar.gz \
&& mkdir -p /container/keepalived-sources \ && mkdir -p /container/keepalived-sources \
&& tar -xzf keepalived.tar.gz --strip 1 -C /container/keepalived-sources \ && tar -xzf keepalived.tar.gz --strip 1 -C /container/keepalived-sources \
@ -27,11 +31,19 @@ RUN apt-get -y update \
&& ./configure --disable-dynamic-linking \ && ./configure --disable-dynamic-linking \
&& make && make install \ && make && make install \
&& cd - && mkdir -p /etc/keepalived \ && cd - && mkdir -p /etc/keepalived \
&& apt-get remove -y --purge --auto-remove curl make gcc pkg-config \
&& rm -f keepalived.tar.gz \ && rm -f keepalived.tar.gz \
&& rm -rf /container/keepalived-sources \ && rm -rf /container/keepalived-sources \
&& apt-get clean \ && apk --no-cache del \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* curl \
gcc \
ipset-dev \
iptables-dev \
libnfnetlink-dev \
libnl3-dev \
make \
musl-dev \
openssl-dev
# Add service directory to /container/service # Add service directory to /container/service
ADD service /container/service ADD service /container/service

View File

@ -1,16 +0,0 @@
KEEPALIVED_INTERFACE: eth0
KEEPALIVED_PASSWORD: d0cker
# For electing MASTER, highest priority wins.
# to be MASTER, make 50 more than other machines
KEEPALIVED_PRIORITY: 150
KEEPALIVED_UNICAST_PEERS:
- 192.168.1.10
- 192.168.1.11
KEEPALIVED_VIRTUAL_IPS:
- 192.168.1.231
- 192.168.1.232
KEEPALIVED_NOTIFY: /container/service/keepalived/assets/notify.sh

View File

@ -1 +1,18 @@
KEEPALIVED_COMMAND_LINE_ARGUMENTS: --log-detail --dump-conf KEEPALIVED_COMMAND_LINE_ARGUMENTS: --log-detail --dump-conf
KEEPALIVED_INTERFACE: eth0
KEEPALIVED_PASSWORD: d0cker
# For electing MASTER, highest priority wins.
# to be MASTER, make 50 more than other machines
KEEPALIVED_PRIORITY: 150
KEEPALIVED_UNICAST_PEERS:
- 192.168.1.10
- 192.168.1.11
KEEPALIVED_VIRTUAL_IPS:
- 192.168.1.231
- 192.168.1.232
KEEPALIVED_NOTIFY: /container/service/keepalived/assets/notify.sh

View File

@ -1,27 +1,31 @@
global_defs {
default_interface {{ KEEPALIVED_INTERFACE }}
}
vrrp_instance VI_1 { vrrp_instance VI_1 {
interface {{ keepalived_interface }} interface {{ KEEPALIVED_INTERFACE }}
track_interface { track_interface {
{{ keepalived_interface }} {{ KEEPALIVED_INTERFACE }}
} }
state BACKUP state BACKUP
virtual_router_id 51 virtual_router_id 51
priority {{ keepalived_priority }} priority {{ KEEPALIVED_PRIORITY }}
nopreempt nopreempt
unicast_peer { unicast_peer {
{{ keepalived_unicast_peers }} {{ KEEPALIVED_UNICAST_PEERS }}
} }
virtual_ipaddress { virtual_ipaddress {
{{ keepalived_virtual_ips }} {{ KEEPALIVED_VIRTUAL_IPS }}
} }
authentication { authentication {
auth_type PASS auth_type PASS
auth_pass {{ keepalived_password }} auth_pass {{ KEEPALIVED_PASSWORD }}
} }
{{ keepalived_notify }} {{ KEEPALIVED_NOTIFY }}
} }

View File

@ -7,7 +7,20 @@ log-helper level eq trace && set -x
# try to delete virtual ips from interface # try to delete virtual ips from interface
for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS) for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS)
do do
ip addr del ${vip}/32 dev ${KEEPALIVED_INTERFACE} || true IP=$(echo ${!vip} | awk '{print $1}')
IP_INFO=$(ip addr list | grep ${IP}) || continue
IP_V6=$(echo "${IP_INFO}" | grep "inet6") || true
# ipv4
if [ -z "${IP_V6}" ]; then
IP_INTERFACE=$(echo "${IP_INFO}" | awk '{print $5}')
# ipv6
else
echo "skipping address: ${IP} - ipv6 not supported yet :("
continue
fi
ip addr del ${IP} dev ${IP_INTERFACE} || true
done done
exit 0 exit 0

View File

@ -0,0 +1,5 @@
#!/bin/bash -e
# this script is run during the image build
# delete keepalived default config file
rm /usr/local/etc/keepalived/keepalived.conf

View File

@ -4,4 +4,12 @@
# https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/log-helper # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/log-helper
log-helper level eq trace && set -x log-helper level eq trace && set -x
exec /usr/local/sbin/keepalived -f /etc/keepalived/keepalived.conf --dont-fork --log-console ${KEEPALIVED_COMMAND_LINE_ARGUMENTS} echo -n "Waiting config file /usr/local/etc/keepalived/keepalived.conf"
while [ ! -e "/usr/local/etc/keepalived/keepalived.conf" ]
do
echo -n "."
sleep 0.1
done
echo "ok"
exec /usr/local/sbin/keepalived -f /usr/local/etc/keepalived/keepalived.conf --dont-fork --log-console ${KEEPALIVED_COMMAND_LINE_ARGUMENTS}

View File

@ -11,30 +11,31 @@ if [ ! -e "$FIRST_START_DONE" ]; then
# #
# bootstrap config # bootstrap config
# #
sed -i --follow-symlinks "s|{{ keepalived_interface }}|$KEEPALIVED_INTERFACE|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf sed -i "s|{{ KEEPALIVED_INTERFACE }}|$KEEPALIVED_INTERFACE|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
sed -i --follow-symlinks "s|{{ keepalived_priority }}|$KEEPALIVED_PRIORITY|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf sed -i "s|{{ KEEPALIVED_PRIORITY }}|$KEEPALIVED_PRIORITY|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
sed -i --follow-symlinks "s|{{ keepalived_password }}|$KEEPALIVED_PASSWORD|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf sed -i "s|{{ KEEPALIVED_PASSWORD }}|$KEEPALIVED_PASSWORD|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
if [ -n "$KEEPALIVED_NOTIFY" ]; then if [ -n "$KEEPALIVED_NOTIFY" ]; then
sed -i --follow-symlinks "s|{{ keepalived_notify }}|notify \"$KEEPALIVED_NOTIFY\"|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf sed -i "s|{{ KEEPALIVED_NOTIFY }}|notify \"$KEEPALIVED_NOTIFY\"|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
chown keepalived_script:keepalived_script $KEEPALIVED_NOTIFY
chmod +x $KEEPALIVED_NOTIFY chmod +x $KEEPALIVED_NOTIFY
else else
sed -i --follow-symlinks "/{{ keepalived_notify }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf sed -i "/{{ KEEPALIVED_NOTIFY }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
fi fi
# unicast peers # unicast peers
for peer in $(complex-bash-env iterate KEEPALIVED_UNICAST_PEERS) for peer in $(complex-bash-env iterate KEEPALIVED_UNICAST_PEERS)
do do
sed -i --follow-symlinks "s|{{ keepalived_unicast_peers }}|${!peer}\n {{ keepalived_unicast_peers }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf sed -i "s|{{ KEEPALIVED_UNICAST_PEERS }}|${!peer}\n {{ KEEPALIVED_UNICAST_PEERS }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
done done
sed -i --follow-symlinks "/{{ keepalived_unicast_peers }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf sed -i "/{{ KEEPALIVED_UNICAST_PEERS }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
# virtual ips # virtual ips
for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS) for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS)
do do
sed -i --follow-symlinks "s|{{ keepalived_virtual_ips }}|${!vip}\n {{ keepalived_virtual_ips }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf sed -i "s|{{ KEEPALIVED_VIRTUAL_IPS }}|${!vip}\n {{ KEEPALIVED_VIRTUAL_IPS }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
done done
sed -i --follow-symlinks "/{{ keepalived_virtual_ips }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf sed -i "/{{ KEEPALIVED_VIRTUAL_IPS }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
touch $FIRST_START_DONE touch $FIRST_START_DONE
fi fi
@ -42,11 +43,24 @@ fi
# try to delete virtual ips from interface # try to delete virtual ips from interface
for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS) for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS)
do do
ip addr del ${vip}/32 dev ${KEEPALIVED_INTERFACE} || true IP=$(echo ${!vip} | awk '{print $1}')
IP_INFO=$(ip addr list | grep ${IP}) || continue
IP_V6=$(echo "${IP_INFO}" | grep "inet6") || true
# ipv4
if [ -z "${IP_V6}" ]; then
IP_INTERFACE=$(echo "${IP_INFO}" | awk '{print $5}')
# ipv6
else
echo "skipping address: ${IP} - ipv6 not supported yet :("
continue
fi
ip addr del ${IP} dev ${IP_INTERFACE} || true
done done
if [ ! -e "/etc/backup-manager.conf" ]; then if [ ! -e "/usr/local/etc/keepalived/keepalived.conf" ]; then
ln -sf ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf /etc/keepalived/keepalived.conf ln -sf ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf /usr/local/etc/keepalived/keepalived.conf
fi fi
exit 0 exit 0