Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 1 | |
Aleš Komárek | 028b885 | 2017-04-11 13:10:58 +0200 | [diff] [blame] | 2 | ============== |
| 3 | Docker Formula |
| 4 | ============== |
Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 5 | |
| 6 | Docker is a platform for developers and sysadmins to develop, ship, and run applications. Docker lets you quickly assemble applications from components and eliminates the friction that can come when shipping code. Docker lets you get your code tested and deployed into production as fast as possible. |
| 7 | |
Aleš Komárek | 028b885 | 2017-04-11 13:10:58 +0200 | [diff] [blame] | 8 | Sample Pillars |
| 9 | ============== |
Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 10 | |
Aleš Komárek | 028b885 | 2017-04-11 13:10:58 +0200 | [diff] [blame] | 11 | Docker Host |
| 12 | ----------- |
Filip Pytloun | e27a90d | 2016-08-29 14:08:34 +0200 | [diff] [blame] | 13 | |
Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 14 | .. code-block:: yaml |
| 15 | |
| 16 | docker: |
| 17 | host: |
| 18 | enabled: true |
Tomáš Kukrál | 55cbec7 | 2017-06-19 17:21:04 +0200 | [diff] [blame] | 19 | options: |
| 20 | bip: 172.31.255.1/16 |
Tomáš Kukrál | b2debce | 2017-09-22 08:17:39 +0200 | [diff] [blame] | 21 | insecure-registries: |
Tomáš Kukrál | 55cbec7 | 2017-06-19 17:21:04 +0200 | [diff] [blame] | 22 | - 127.0.0.1 |
| 23 | - 10.0.0.1 |
| 24 | log-driver: json-file |
| 25 | log-opts: |
| 26 | max-size: 50m |
Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 27 | |
Aleš Komárek | 028b885 | 2017-04-11 13:10:58 +0200 | [diff] [blame] | 28 | |
Tomáš Kukrál | 19a3960 | 2017-08-27 22:21:47 +0200 | [diff] [blame] | 29 | Configure proxy for docker host |
| 30 | |
| 31 | .. code-block:: yaml |
| 32 | |
| 33 | docker: |
| 34 | host: |
| 35 | proxy: |
| 36 | enabled: true |
| 37 | http: http://user:pass@proxy:3128 |
| 38 | https: http://user:pass@proxy:3128 |
| 39 | no_proxy: |
| 40 | - localhost |
| 41 | - 127.0.0.1 |
| 42 | - docker-registry |
| 43 | |
| 44 | |
Aleš Komárek | 028b885 | 2017-04-11 13:10:58 +0200 | [diff] [blame] | 45 | Docker Swarm |
| 46 | ------------ |
Filip Pytloun | 2720a0d | 2016-11-02 14:15:55 +0100 | [diff] [blame] | 47 | |
| 48 | Role can be master, manager or worker. Where master is the first manager that |
| 49 | will initialize the swarm. |
| 50 | |
| 51 | Metadata for manager (first node): |
| 52 | |
| 53 | .. code-block:: yaml |
| 54 | |
| 55 | docker: |
| 56 | host: |
| 57 | enabled: true |
| 58 | swarm: |
| 59 | role: manager |
| 60 | advertise_addr: 192.168.1.5 |
| 61 | bind: |
| 62 | address: 192.168.1.5 |
| 63 | port: 2377 |
| 64 | |
Aleš Komárek | 028b885 | 2017-04-11 13:10:58 +0200 | [diff] [blame] | 65 | Metadata for worker. |
Filip Pytloun | 2720a0d | 2016-11-02 14:15:55 +0100 | [diff] [blame] | 66 | |
| 67 | .. code-block:: yaml |
| 68 | |
| 69 | docker: |
| 70 | host: |
| 71 | enabled: true |
| 72 | swarm: |
| 73 | role: worker |
| 74 | master: |
| 75 | host: 192.168.1.5 |
| 76 | port: 2377 |
| 77 | |
| 78 | Token to join to master node is obtained from grains using salt.mine. In case |
| 79 | of any ``join_token undefined`` issues, ensure you have ``docker_swarm_`` |
| 80 | grains available. |
| 81 | |
Aleš Komárek | 028b885 | 2017-04-11 13:10:58 +0200 | [diff] [blame] | 82 | Docker Client |
| 83 | ------------- |
Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 84 | |
Filip Pytloun | 96fc0cc | 2016-08-29 16:01:10 +0200 | [diff] [blame] | 85 | Container |
| 86 | ~~~~~~~~~ |
| 87 | |
| 88 | .. code-block:: yaml |
| 89 | |
Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 90 | docker: |
Filip Pytloun | e27a90d | 2016-08-29 14:08:34 +0200 | [diff] [blame] | 91 | client: |
Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 92 | container: |
Filip Pytloun | 8716954 | 2016-08-29 13:38:30 +0200 | [diff] [blame] | 93 | jenkins: |
| 94 | # Don't start automatically |
| 95 | start: false |
| 96 | restart: unless-stopped |
| 97 | image: jenkins:2.7.1 |
Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 98 | ports: |
Filip Pytloun | 8716954 | 2016-08-29 13:38:30 +0200 | [diff] [blame] | 99 | - 8081:8080 |
| 100 | - 50000:50000 |
| 101 | environment: |
| 102 | JAVA_OPTS: "-Dhudson.footerURL=https://www.example.com" |
| 103 | volumes: |
| 104 | - /srv/volumes/jenkins:/var/jenkins_home |
Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 105 | |
Aleš Komárek | 028b885 | 2017-04-11 13:10:58 +0200 | [diff] [blame] | 106 | Using Docker Compose |
| 107 | ~~~~~~~~~~~~~~~~~~~~ |
Filip Pytloun | 96fc0cc | 2016-08-29 16:01:10 +0200 | [diff] [blame] | 108 | |
Filip Pytloun | a4f6c2f | 2017-04-13 12:00:01 +0200 | [diff] [blame] | 109 | There are two states that provides this functionality: |
| 110 | |
| 111 | - docker.client.stack |
| 112 | - docker.client.compose |
| 113 | |
| 114 | Stack is new and works with Docker Swarm Mode. Compose is legacy and works |
| 115 | only if node isn't member of Swarm. |
| 116 | Metadata for both states are similar and differs only in implementation. |
| 117 | |
| 118 | Stack |
| 119 | ^^^^^ |
| 120 | |
| 121 | .. code-block:: yaml |
| 122 | |
| 123 | docker: |
| 124 | client: |
| 125 | stack: |
| 126 | django_web: |
| 127 | enabled: true |
| 128 | update: true |
| 129 | environment: |
| 130 | SOMEVAR: somevalue |
Simon Pasquier | 48482c2 | 2017-08-10 15:14:17 +0200 | [diff] [blame] | 131 | version: "3.1" |
Filip Pytloun | a4f6c2f | 2017-04-13 12:00:01 +0200 | [diff] [blame] | 132 | service: |
| 133 | db: |
| 134 | image: postgres |
| 135 | web: |
| 136 | image: djangoapp |
| 137 | volumes: |
| 138 | - /srv/volumes/django:/srv/django |
| 139 | ports: |
| 140 | - 8000:8000 |
| 141 | depends_on: |
| 142 | - db |
| 143 | |
| 144 | Compose |
| 145 | ^^^^^^^ |
| 146 | |
Filip Pytloun | 21d9af9 | 2016-08-30 08:13:39 +0200 | [diff] [blame] | 147 | There are three options how to install docker-compose: |
| 148 | |
| 149 | - distribution package (default) |
| 150 | - using Pip |
| 151 | - using Docker container |
| 152 | |
| 153 | Install docker-compose using Docker (default is distribution package) |
Filip Pytloun | 96fc0cc | 2016-08-29 16:01:10 +0200 | [diff] [blame] | 154 | |
| 155 | .. code-block:: yaml |
| 156 | |
| 157 | docker: |
| 158 | client: |
| 159 | compose: |
Filip Pytloun | 21d9af9 | 2016-08-30 08:13:39 +0200 | [diff] [blame] | 160 | source: |
| 161 | engine: docker |
| 162 | image: docker/compose:1.8.0 |
Filip Pytloun | 96fc0cc | 2016-08-29 16:01:10 +0200 | [diff] [blame] | 163 | django_web: |
| 164 | # Run up action, any positional argument to docker-compose CLI |
| 165 | # If not defined, only docker-compose.yml is generated |
| 166 | status: up |
Filip Pytloun | be2b4a8 | 2016-09-15 18:10:24 +0200 | [diff] [blame] | 167 | # Run image pull every time state is run triggering container |
| 168 | # restart in case it's changed |
| 169 | pull: true |
Filip Pytloun | 96fc0cc | 2016-08-29 16:01:10 +0200 | [diff] [blame] | 170 | environment: |
| 171 | SOMEVAR: somevalue |
| 172 | service: |
| 173 | db: |
| 174 | image: postgres |
| 175 | web: |
| 176 | image: djangoapp |
| 177 | volumes: |
| 178 | - /srv/volumes/django:/srv/django |
| 179 | ports: |
| 180 | - 8000:8000 |
| 181 | depends_on: |
| 182 | - db |
| 183 | |
Richard Felkl | caba132 | 2017-10-03 15:35:28 +0200 | [diff] [blame] | 184 | Registry |
| 185 | ^^^^^^^^ |
| 186 | |
| 187 | .. code-block:: yaml |
| 188 | |
| 189 | docker: |
| 190 | client: |
| 191 | registry: |
| 192 | target_registry: apt:5000 |
| 193 | image: |
| 194 | - registry: docker |
| 195 | name: compose:1.8.0 |
| 196 | - registry: tcpcloud |
| 197 | name: jenkins:latest |
| 198 | - registry: "" |
| 199 | name: registry:2 |
| 200 | target_registry: myregistry |
| 201 | |
Filip Pytloun | a4f6c2f | 2017-04-13 12:00:01 +0200 | [diff] [blame] | 202 | Service |
| 203 | ------- |
| 204 | |
Filip Pytloun | ab52ede | 2016-11-02 16:59:49 +0100 | [diff] [blame] | 205 | To deploy service in Swarm mode, you can use ``docker.client.service``: |
| 206 | |
| 207 | .. code-block:: yaml |
| 208 | |
| 209 | parameters: |
| 210 | docker: |
| 211 | client: |
| 212 | service: |
| 213 | postgresql: |
| 214 | environment: |
| 215 | POSTGRES_USER: user |
| 216 | POSTGRES_PASSWORD: password |
| 217 | POSTGRES_DB: mydb |
| 218 | restart: |
| 219 | condition: on-failure |
| 220 | image: "postgres:9.5" |
| 221 | ports: |
| 222 | - 5432:5432 |
| 223 | volume: |
| 224 | data: |
| 225 | type: bind |
| 226 | source: /srv/volumes/postgresql/maas |
| 227 | destination: /var/lib/postgresql/data |
| 228 | |
Filip Pytloun | 96fc0cc | 2016-08-29 16:01:10 +0200 | [diff] [blame] | 229 | |
Aleš Komárek | 028b885 | 2017-04-11 13:10:58 +0200 | [diff] [blame] | 230 | Docker Registry |
| 231 | --------------- |
Filip Pytloun | baf94c9 | 2016-06-07 18:07:17 +0200 | [diff] [blame] | 232 | |
| 233 | .. code-block:: yaml |
| 234 | |
| 235 | docker: |
| 236 | registry: |
| 237 | log: |
| 238 | level: debug |
| 239 | formatter: json |
| 240 | cache: |
| 241 | engine: redis |
| 242 | host: localhost |
| 243 | storage: |
| 244 | engine: filesystem |
| 245 | root: /srv/docker/registry |
| 246 | bind: |
| 247 | host: 0.0.0.0 |
| 248 | port: 5000 |
| 249 | hook: |
| 250 | mail: |
| 251 | levels: |
| 252 | - panic |
| 253 | # Options are rendered as yaml as is so use hook-specific options here |
| 254 | options: |
| 255 | smtp: |
| 256 | addr: smtp.sendhost.com:25 |
| 257 | username: sendername |
| 258 | password: password |
| 259 | insecure: true |
| 260 | from: name@sendhost.com |
| 261 | to: |
| 262 | - name@receivehost.com |
| 263 | |
marco | 85b72a6 | 2016-07-07 13:08:33 +0200 | [diff] [blame] | 264 | Docker login to private registry |
marco | 85b72a6 | 2016-07-07 13:08:33 +0200 | [diff] [blame] | 265 | |
| 266 | .. code-block:: yaml |
| 267 | |
| 268 | docker: |
| 269 | host: |
| 270 | enabled: true |
| 271 | registry: |
| 272 | first: |
| 273 | address: private.docker.com |
| 274 | user: username |
| 275 | password: password |
| 276 | second: |
| 277 | address: private2.docker.com |
| 278 | user: username2 |
| 279 | password: password2 |
Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 280 | |
Aleš Komárek | 028b885 | 2017-04-11 13:10:58 +0200 | [diff] [blame] | 281 | |
Pavel Svimbersky | 27816ab | 2017-12-18 15:13:49 +0100 | [diff] [blame] | 282 | Docker container service management |
| 283 | ----------------------------------- |
| 284 | |
| 285 | Enforce the service in container is started |
| 286 | |
| 287 | .. code-block:: yaml |
| 288 | |
| 289 | contrail_control_started: |
| 290 | dockerng_service.start: |
| 291 | - container: f020d0d3efa8 |
| 292 | - service: contrail-control |
| 293 | |
| 294 | or |
| 295 | |
| 296 | .. code-block:: yaml |
| 297 | |
| 298 | contrail_control_started: |
| 299 | dockerng_service.start: |
| 300 | - container: contrail_controller |
| 301 | - service: contrail-control |
| 302 | |
| 303 | |
| 304 | Enforce the service in container is stoped |
| 305 | |
| 306 | .. code-block:: yaml |
| 307 | |
| 308 | contrail_control_stoped: |
| 309 | dockerng_service.stop: |
| 310 | - container: f020d0d3efa8 |
| 311 | - service: contrail-control |
| 312 | |
| 313 | Enforce the service in container will be restarted |
| 314 | |
| 315 | .. code-block:: yaml |
| 316 | |
| 317 | contrail_control_restart: |
| 318 | dockerng_service.restart: |
| 319 | - container: f020d0d3efa8 |
| 320 | - service: contrail-control |
| 321 | |
| 322 | Enforce the service in container is enabled |
| 323 | |
| 324 | .. code-block:: yaml |
| 325 | |
| 326 | contrail_control_enable: |
| 327 | dockerng_service.enable: |
| 328 | - container: f020d0d3efa8 |
| 329 | - service: contrail-control |
| 330 | |
| 331 | Enforce the service in container is disabled |
| 332 | |
| 333 | .. code-block:: yaml |
| 334 | |
| 335 | contrail_control_disable: |
| 336 | dockerng_service.disable: |
| 337 | - container: f020d0d3efa8 |
| 338 | - service: contrail-control |
| 339 | |
| 340 | |
Aleš Komárek | 028b885 | 2017-04-11 13:10:58 +0200 | [diff] [blame] | 341 | More Information |
| 342 | ================ |
Michael Kutý | 1764940 | 2016-03-19 23:57:43 +0100 | [diff] [blame] | 343 | |
| 344 | * https://docs.docker.com/installation/ubuntulinux/ |
| 345 | * https://github.com/saltstack-formulas/docker-formula |
Filip Pytloun | baf94c9 | 2016-06-07 18:07:17 +0200 | [diff] [blame] | 346 | |
Filip Pytloun | d617a76 | 2017-02-02 13:02:03 +0100 | [diff] [blame] | 347 | |
| 348 | Documentation and Bugs |
| 349 | ====================== |
| 350 | |
| 351 | To learn how to install and update salt-formulas, consult the documentation |
| 352 | available online at: |
| 353 | |
| 354 | http://salt-formulas.readthedocs.io/ |
| 355 | |
| 356 | In the unfortunate event that bugs are discovered, they should be reported to |
| 357 | the appropriate issue tracker. Use Github issue tracker for specific salt |
| 358 | formula: |
| 359 | |
| 360 | https://github.com/salt-formulas/salt-formula-docker/issues |
| 361 | |
| 362 | For feature requests, bug reports or blueprints affecting entire ecosystem, |
| 363 | use Launchpad salt-formulas project: |
| 364 | |
| 365 | https://launchpad.net/salt-formulas |
| 366 | |
| 367 | You can also join salt-formulas-users team and subscribe to mailing list: |
| 368 | |
| 369 | https://launchpad.net/~salt-formulas-users |
| 370 | |
| 371 | Developers wishing to work on the salt-formulas projects should always base |
| 372 | their work on master branch and submit pull request against specific formula. |
| 373 | |
| 374 | https://github.com/salt-formulas/salt-formula-docker |
| 375 | |
| 376 | Any questions or feedback is always welcome so feel free to join our IRC |
| 377 | channel: |
| 378 | |
| 379 | #salt-formulas @ irc.freenode.net |