Merge tag 'v1.3.5-1' into release-1.3.6

v1.3.5-1

CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## 1.3.6
+  - Fix startup.sh and finish.sh ip address removal
+  - Use linux alpine
+  - Add keepalived_script script user
+
 ## 1.3.5
   - Keepalived version 1.3.5
 

Makefile

@@ -1,9 +1,7 @@
 NAME = osixia/keepalived
-VERSION = 1.3.5
+VERSION = 1.3.5-1
 
-.PHONY: all build build-nocache test tag_latest release
-
-all: build
+.PHONY: build build-nocache test tag-latest push push-latest release git-tag-version
 
 build:
 	docker build -t $(NAME):$(VERSION) --rm image
@@ -14,10 +12,17 @@ build-nocache:
 test:
 	env NAME=$(NAME) VERSION=$(VERSION) bats test/test.bats
 
-tag_latest:
+tag-latest:
 	docker tag $(NAME):$(VERSION) $(NAME):latest
 
-release: build test tag_latest
-	@if ! docker images $(NAME) | awk '{ print $$2 }' | grep -q -F $(VERSION); then echo "$(NAME) version $(VERSION) is not yet built. Please run 'make build'"; false; fi
-	docker push $(NAME)
-	@echo "*** Don't forget to run 'twgit release/hotfix finish' :)"
+push:
+	docker push $(NAME):$(VERSION)
+
+push-latest:
+	docker push $(NAME):latest
+
+release: build test tag-latest push push-latest
+
+git-tag-version: release
+	git tag -a v$(VERSION) -m "v$(VERSION)"
+	git push origin v$(VERSION)

README.md

@@ -6,9 +6,7 @@
 
 [hub]: https://hub.docker.com/r/osixia/keepalived/
 
-Latest release: 1.3.5 - Keepalived 1.3.5 - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/keepalived/) 
-
-## /!\ Due to segmentation fault in keepalived 1.3.5 the image have been removed please use v1.3.4
+Latest release: 1.3.5-1 - Keepalived 1.3.5 - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/keepalived/) 
 
 **A docker image to run Keepalived.**
 > [keepalived.org](http://keepalived.org/)
@@ -24,7 +22,7 @@ Latest release: 1.3.5 - Keepalived 1.3.5 - [Changelog](CHANGELOG.md) | [Docker H
 		- [Link environment file](#link-environment-file)
 		- [Make your own image or extend this image](#make-your-own-image-or-extend-this-image)
 - [Advanced User Guide](#advanced-user-guide)
-	- [Extend osixia/keepalived:1.3.5 image](#extend-osixiakeepalived135-image)
+	- [Extend osixia/keepalived:1.3.5-1 image](#extend-osixiakeepalived135-1-image)
 	- [Make your own keepalived image](#make-your-own-keepalived-image)
 	- [Tests](#tests)
 	- [Under the hood: osixia/light-baseimage](#under-the-hood-osixialight-baseimage)
@@ -34,7 +32,7 @@ Latest release: 1.3.5 - Keepalived 1.3.5 - [Changelog](CHANGELOG.md) | [Docker H
 
 This image require the kernel module ip_vs loaded on the host (`modprobe ip_vs`) and need to be run with : --cap-add=NET_ADMIN --net=host
 
-    docker run --cap-add=NET_ADMIN --net=host -d osixia/keepalived:1.3.5
+    docker run --cap-add=NET_ADMIN --net=host -d osixia/keepalived:1.3.5-1
 
 ## Beginner Guide
 
@@ -44,7 +42,7 @@ but setting your own keepalived.conf is possible. 2 options:
 
 - Link your config file at run time to `/container/service/keepalived/assets/keepalived.conf` :
 
-      docker run --volume /data/my-keepalived.conf:/container/service/keepalived/assets/keepalived.conf --detach osixia/keepalived:1.3.5
+      docker run --volume /data/my-keepalived.conf:/container/service/keepalived/assets/keepalived.conf --detach osixia/keepalived:1.3.5-1
 
 - Add your config file by extending or cloning this image, please refer to the [Advanced User Guide](#advanced-user-guide)
 
@@ -54,7 +52,7 @@ You may have some problems with mounted files on some systems. The startup scrip
 
 To fix that run the container with `--copy-service` argument :
 
-		docker run [your options] osixia/keepalived:1.3.5 --copy-service
+		docker run [your options] osixia/keepalived:1.3.5-1 --copy-service
 
 ### Debug
 
@@ -63,11 +61,11 @@ Available levels are: `none`, `error`, `warning`, `info`, `debug` and `trace`.
 
 Example command to run the container in `debug` mode:
 
-	docker run --detach osixia/keepalived:1.3.5 --loglevel debug
+	docker run --detach osixia/keepalived:1.3.5-1 --loglevel debug
 
 See all command line options:
 
-	docker run osixia/keepalived:1.3.5 --help
+	docker run osixia/keepalived:1.3.5-1 --help
 
 
 ## Environment Variables
@@ -87,7 +85,7 @@ See how to [set your own environment variables](#set-your-own-environment-variab
 
   If you want to set this variable at docker run command add the tag `#PYTHON2BASH:` and convert the yaml in python:
 
-      docker run --env KEEPALIVED_UNICAST_PEERS="#PYTHON2BASH:['192.168.1.10', '192.168.1.11']" --detach osixia/keepalived:1.3.5
+      docker run --env KEEPALIVED_UNICAST_PEERS="#PYTHON2BASH:['192.168.1.10', '192.168.1.11']" --detach osixia/keepalived:1.3.5-1
 
   To convert yaml to python online : http://yaml-online-parser.appspot.com/
 
@@ -109,7 +107,7 @@ See how to [set your own environment variables](#set-your-own-environment-variab
 Environment variables can be set by adding the --env argument in the command line, for example:
 
     docker run --env KEEPALIVED_INTERFACE="eno1" --env KEEPALIVED_PASSWORD="password!" \
-    --env KEEPALIVED_PRIORITY="100" --detach osixia/keepalived:1.3.5
+    --env KEEPALIVED_PRIORITY="100" --detach osixia/keepalived:1.3.5-1
 
 
 #### Link environment file
@@ -117,7 +115,7 @@ Environment variables can be set by adding the --env argument in the command lin
 For example if your environment file is in :  /data/environment/my-env.yaml
 
 	docker run --volume /data/environment/my-env.yaml:/container/environment/01-custom/env.yaml \
-	--detach osixia/keepalived:1.3.5
+	--detach osixia/keepalived:1.3.5-1
 
 Take care to link your environment file to `/container/environment/XX-somedir` (with XX < 99 so they will be processed before default environment files) and not  directly to `/container/environment` because this directory contains predefined baseimage environment files to fix container environment (INITRD, LANG, LANGUAGE and LC_CTYPE).
 
@@ -127,13 +125,13 @@ This is the best solution if you have a private registry. Please refer to the [A
 
 ## Advanced User Guide
 
-### Extend osixia/keepalived:1.3.5 image
+### Extend osixia/keepalived:1.3.5-1 image
 
 If you need to add your custom TLS certificate, bootstrap config or environment files the easiest way is to extends this image.
 
 Dockerfile example:
 
-    FROM osixia/keepalived:1.3.5
+    FROM osixia/keepalived:1.3.5-1
     MAINTAINER Your Name <your@name.com>
 
     ADD keepalived.conf /container/service/keepalived/assets/keepalived.conf

image/Dockerfile

@@ -1,25 +1,29 @@
 # Use osixia/light-baseimage
 # sources: https://github.com/osixia/docker-light-baseimage
-FROM osixia/light-baseimage:0.2.6
+FROM osixia/alpine-light-baseimage:0.1.4
 MAINTAINER Bertrand Gouny <bertrand.gouny@osixia.net>
 
 # Keepalived version
-ENV KEEPALIVED_VERSION 1.3.5
+ARG KEEPALIVED_VERSION=1.3.5
+
+RUN addgroup -S keepalived_script && adduser -D -S -G keepalived_script keepalived_script
 
 # Download, build and install Keepalived
-RUN apt-get -y update \
-    && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
+RUN apk --no-cache add \
        curl \
        gcc \
+       ipset \
+       ipset-dev \
+       iptables \
        iptables-dev \
-       libipset-dev \
-       libnl-3-dev \
-       libnl-genl-3-dev \
-       libnl-route-3-dev \
+       libnfnetlink \
        libnfnetlink-dev \
-       libssl-dev \
+       libnl3 \
+       libnl3-dev \
        make \
-       pkg-config \
+       musl-dev \
+       openssl \
+       openssl-dev \
     && curl -o keepalived.tar.gz -SL http://keepalived.org/software/keepalived-${KEEPALIVED_VERSION}.tar.gz \
     && mkdir -p /container/keepalived-sources \
     && tar -xzf keepalived.tar.gz --strip 1 -C /container/keepalived-sources \
@@ -27,11 +31,19 @@ RUN apt-get -y update \
     && ./configure --disable-dynamic-linking \
     && make && make install \
     && cd - && mkdir -p /etc/keepalived \
-    && apt-get remove -y --purge --auto-remove curl make gcc pkg-config \
     && rm -f keepalived.tar.gz \
     && rm -rf /container/keepalived-sources \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+    && apk --no-cache del \
+        curl \
+        gcc \
+        ipset-dev \
+        iptables-dev \
+        libnfnetlink-dev \
+        libnl3-dev \
+        make \
+        musl-dev \
+        openssl-dev
+
 
 # Add service directory to /container/service
 ADD service /container/service

image/environment/default.startup.yaml

@@ -1,16 +0,0 @@
-KEEPALIVED_INTERFACE: eth0
-KEEPALIVED_PASSWORD: d0cker
-
-# For electing MASTER, highest priority wins.
-# to be MASTER, make 50 more than other machines
-KEEPALIVED_PRIORITY: 150
-
-KEEPALIVED_UNICAST_PEERS:
-  - 192.168.1.10
-  - 192.168.1.11
-
-KEEPALIVED_VIRTUAL_IPS:
-  - 192.168.1.231
-  - 192.168.1.232
-
-KEEPALIVED_NOTIFY: /container/service/keepalived/assets/notify.sh

image/environment/default.yaml

@@ -1 +1,18 @@
 KEEPALIVED_COMMAND_LINE_ARGUMENTS: --log-detail --dump-conf
+
+KEEPALIVED_INTERFACE: eth0
+KEEPALIVED_PASSWORD: d0cker
+
+# For electing MASTER, highest priority wins.
+# to be MASTER, make 50 more than other machines
+KEEPALIVED_PRIORITY: 150
+
+KEEPALIVED_UNICAST_PEERS:
+  - 192.168.1.10
+  - 192.168.1.11
+
+KEEPALIVED_VIRTUAL_IPS:
+  - 192.168.1.231
+  - 192.168.1.232
+
+KEEPALIVED_NOTIFY: /container/service/keepalived/assets/notify.sh

image/service/keepalived/assets/keepalived.conf

@@ -1,27 +1,31 @@
+global_defs {
+  default_interface {{ KEEPALIVED_INTERFACE }}
+}
+
 vrrp_instance VI_1 {
-  interface {{ keepalived_interface }}
+  interface {{ KEEPALIVED_INTERFACE }}
 
   track_interface {
-    {{ keepalived_interface }}
+    {{ KEEPALIVED_INTERFACE }}
   }
 
   state BACKUP
   virtual_router_id 51
-  priority {{ keepalived_priority }}
+  priority {{ KEEPALIVED_PRIORITY }}
   nopreempt
 
   unicast_peer {
-    {{ keepalived_unicast_peers }}
+    {{ KEEPALIVED_UNICAST_PEERS }}
   }
 
   virtual_ipaddress {
-    {{ keepalived_virtual_ips }}
+    {{ KEEPALIVED_VIRTUAL_IPS }}
   }
 
   authentication {
     auth_type PASS
-    auth_pass {{ keepalived_password }}
+    auth_pass {{ KEEPALIVED_PASSWORD }}
   }
 
-  {{ keepalived_notify }}
+  {{ KEEPALIVED_NOTIFY }}
 }

image/service/keepalived/assets/notify.sh

@@ -16,16 +16,16 @@ NAME=$2
 STATE=$3
 
 case $STATE in
-        "MASTER") logger -s -t keepalived-notify "I'm the MASTER! Whup whup."
+        "MASTER") echo "I'm the MASTER! Whup whup." > /proc/1/fd/1
                   exit 0
                   ;;
-        "BACKUP") logger -s -t keepalived-notify "Ok, i'm just a backup, great."
+        "BACKUP") echo "Ok, i'm just a backup, great." > /proc/1/fd/1
                   exit 0
                   ;;
-        "FAULT")  logger -s -t keepalived-notify "Fault, what ?"
+        "FAULT")  echo "Fault, what ?" > /proc/1/fd/1
                   exit 0
                   ;;
-        *)        logger -s -t keepalived-notify "Unknown state"
+        *)        echo "Unknown state" > /proc/1/fd/1
                   exit 1
                   ;;
 esac

image/service/keepalived/finish.sh

@@ -7,7 +7,20 @@ log-helper level eq trace && set -x
 # try to delete virtual ips from interface
 for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS)
 do
-  ip addr del ${vip}/32 dev ${KEEPALIVED_INTERFACE} || true
+  IP=$(echo ${!vip} | awk '{print $1}')
+  IP_INFO=$(ip addr list | grep ${IP}) || continue
+  IP_V6=$(echo "${IP_INFO}" | grep "inet6") || true
+
+  # ipv4
+  if [ -z "${IP_V6}" ]; then
+    IP_INTERFACE=$(echo "${IP_INFO}" |  awk '{print $5}')
+  # ipv6
+  else
+    echo "skipping address: ${IP} - ipv6 not supported yet :("
+    continue
+  fi
+
+  ip addr del ${IP} dev ${IP_INTERFACE} || true
 done
 
 exit 0

image/service/keepalived/install.sh

@@ -0,0 +1,5 @@
+#!/bin/bash -e
+# this script is run during the image build
+
+# delete keepalived default config file
+rm /usr/local/etc/keepalived/keepalived.conf

image/service/keepalived/process.sh

@@ -4,4 +4,12 @@
 # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/log-helper
 log-helper level eq trace && set -x
 
-exec /usr/local/sbin/keepalived -f /etc/keepalived/keepalived.conf --dont-fork --log-console ${KEEPALIVED_COMMAND_LINE_ARGUMENTS}
+echo -n "Waiting config file /usr/local/etc/keepalived/keepalived.conf"
+while [ ! -e "/usr/local/etc/keepalived/keepalived.conf" ]
+do
+  echo -n "."
+  sleep 0.1
+done
+echo "ok"
+
+exec /usr/local/sbin/keepalived -f /usr/local/etc/keepalived/keepalived.conf --dont-fork --log-console ${KEEPALIVED_COMMAND_LINE_ARGUMENTS}

image/service/keepalived/startup.sh

@@ -11,30 +11,31 @@ if [ ! -e "$FIRST_START_DONE" ]; then
   #
   # bootstrap config
   #
-  sed -i --follow-symlinks "s|{{ keepalived_interface }}|$KEEPALIVED_INTERFACE|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
-  sed -i --follow-symlinks "s|{{ keepalived_priority }}|$KEEPALIVED_PRIORITY|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
-  sed -i --follow-symlinks "s|{{ keepalived_password }}|$KEEPALIVED_PASSWORD|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+  sed -i "s|{{ KEEPALIVED_INTERFACE }}|$KEEPALIVED_INTERFACE|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+  sed -i "s|{{ KEEPALIVED_PRIORITY }}|$KEEPALIVED_PRIORITY|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+  sed -i "s|{{ KEEPALIVED_PASSWORD }}|$KEEPALIVED_PASSWORD|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
 
   if [ -n "$KEEPALIVED_NOTIFY" ]; then
-    sed -i --follow-symlinks "s|{{ keepalived_notify }}|notify \"$KEEPALIVED_NOTIFY\"|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+    sed -i "s|{{ KEEPALIVED_NOTIFY }}|notify \"$KEEPALIVED_NOTIFY\"|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+    chown keepalived_script:keepalived_script $KEEPALIVED_NOTIFY
     chmod +x $KEEPALIVED_NOTIFY
   else
-    sed -i --follow-symlinks "/{{ keepalived_notify }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+    sed -i "/{{ KEEPALIVED_NOTIFY }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
   fi
 
   # unicast peers
   for peer in $(complex-bash-env iterate KEEPALIVED_UNICAST_PEERS)
   do
-    sed -i --follow-symlinks "s|{{ keepalived_unicast_peers }}|${!peer}\n    {{ keepalived_unicast_peers }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+    sed -i "s|{{ KEEPALIVED_UNICAST_PEERS }}|${!peer}\n    {{ KEEPALIVED_UNICAST_PEERS }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
   done
-  sed -i --follow-symlinks "/{{ keepalived_unicast_peers }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+  sed -i "/{{ KEEPALIVED_UNICAST_PEERS }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
 
   # virtual ips
   for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS)
   do
-    sed -i --follow-symlinks "s|{{ keepalived_virtual_ips }}|${!vip}\n    {{ keepalived_virtual_ips }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+    sed -i "s|{{ KEEPALIVED_VIRTUAL_IPS }}|${!vip}\n    {{ KEEPALIVED_VIRTUAL_IPS }}|g" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
   done
-  sed -i --follow-symlinks "/{{ keepalived_virtual_ips }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
+  sed -i "/{{ KEEPALIVED_VIRTUAL_IPS }}/d" ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf
 
   touch $FIRST_START_DONE
 fi
@@ -42,11 +43,24 @@ fi
 # try to delete virtual ips from interface
 for vip in $(complex-bash-env iterate KEEPALIVED_VIRTUAL_IPS)
 do
-  ip addr del ${vip}/32 dev ${KEEPALIVED_INTERFACE} || true
+  IP=$(echo ${!vip} | awk '{print $1}')
+  IP_INFO=$(ip addr list | grep ${IP}) || continue
+  IP_V6=$(echo "${IP_INFO}" | grep "inet6") || true
+
+  # ipv4
+  if [ -z "${IP_V6}" ]; then
+    IP_INTERFACE=$(echo "${IP_INFO}" |  awk '{print $5}')
+  # ipv6
+  else
+    echo "skipping address: ${IP} - ipv6 not supported yet :("
+    continue
+  fi
+
+  ip addr del ${IP} dev ${IP_INTERFACE} || true
 done
 
-if [ ! -e "/etc/backup-manager.conf" ]; then
-  ln -sf ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf /etc/keepalived/keepalived.conf
+if [ ! -e "/usr/local/etc/keepalived/keepalived.conf" ]; then
+  ln -sf ${CONTAINER_SERVICE_DIR}/keepalived/assets/keepalived.conf /usr/local/etc/keepalived/keepalived.conf
 fi
 
 exit 0