From f45c62687a3e489310045c48b5b381a2382d6cc9 Mon Sep 17 00:00:00 2001 From: Chris Aubuchon Date: Thu, 7 Apr 2016 22:41:44 -0500 Subject: [PATCH 01/11] Use my consul-template container --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 64e59c2..c7d6b92 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM asteris/consul-template:latest +FROM ChrisAubuchon/consul-template:latest MAINTAINER Chris Aubuchon From 2c30e579881d29ed1f33bd568570749d2b31872d Mon Sep 17 00:00:00 2001 From: Chris Aubuchon Date: Thu, 7 Apr 2016 22:45:06 -0500 Subject: [PATCH 02/11] Use my real repo name, derp! --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index c7d6b92..27dbe9b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ChrisAubuchon/consul-template:latest +FROM drifting/consul-template:latest MAINTAINER Chris Aubuchon From f278a7dd535733dc4248795a09b658d8c8f578c3 Mon Sep 17 00:00:00 2001 From: Chris Aubuchon Date: Mon, 11 Apr 2016 16:39:14 -0500 Subject: [PATCH 03/11] First cut at new version --- Dockerfile | 5 +- config.d/consul.cfg | 11 ---- nginx/nginx.conf | 15 +++++ scripts/launch.sh | 120 +++++++++++++++------------------------- templates/nginx.tmpl.in | 3 - 5 files changed, 62 insertions(+), 92 deletions(-) delete mode 100644 config.d/consul.cfg create mode 100644 nginx/nginx.conf delete mode 100644 templates/nginx.tmpl.in diff --git a/Dockerfile b/Dockerfile index 27dbe9b..bb63ef2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,11 +4,10 @@ MAINTAINER Chris Aubuchon RUN apk-install bash nginx ca-certificates -RUN mkdir -p /tmp/nginx /defaults +RUN mkdir -p /etc/nginx /tmp/nginx /defaults -ADD templates/ /consul-template/templates -ADD config.d/ /consul-template/config.d ADD defaults/ /defaults ADD scripts /scripts/ +ADD nginx/ /etc/nginx CMD ["/scripts/launch.sh"] diff --git a/config.d/consul.cfg b/config.d/consul.cfg deleted file mode 100644 index f4d8311..0000000 --- a/config.d/consul.cfg +++ /dev/null @@ -1,11 +0,0 @@ -template { - source = "/consul-template/templates/nginx.tmpl.in" - destination = "/consul-template/templates/nginx.tmpl" - command = "pkill -HUP consul-template || true" -} - -template { - source = "/consul-template/templates/nginx.tmpl" - destination = "/etc/nginx/nginx.conf" - command = "/scripts/nginx-run.sh || true" -} diff --git a/nginx/nginx.conf b/nginx/nginx.conf new file mode 100644 index 0000000..1e80f7b --- /dev/null +++ b/nginx/nginx.conf @@ -0,0 +1,15 @@ +worker_processes 1; + +events { + worker_connections 1024; +} + +http { + include mime.types; + default_type application/octet-stream; + + sendfile on; + keepalive_timeout 65; + + include /etc/nginx/conf/*.conf; +} diff --git a/scripts/launch.sh b/scripts/launch.sh index 29d52db..0226654 100755 --- a/scripts/launch.sh +++ b/scripts/launch.sh @@ -1,16 +1,41 @@ #!/bin/bash set -e + #set the DEBUG env variable to turn on debugging [[ -n "$DEBUG" ]] && set -x -# Required vars -NGINX_KV=${NGINX_KV:-nginx/template/default} -CONSUL_LOGLEVEL=${CONSUL_LOGLEVEL:-info} -CONSUL_SSL_VERIFY=${CONSUL_SSL_VERIFY:-true} +ctpid_file="/consul-template/ct.pid" + +hup_handler() { + generate_config + pkill -HUP -F ${ctpid_file} +} + +term_handler() { + pkill ${ctpid_file} + wait `cat ${ctpid_file}` + exit +} + +generate_config() { + for file in `/etc/nginx/templates/*`; do + fname="`basename ${file}`" + cat > /consul-template/config.d/${fname}.conf << EOF +template { + source = "${file}" + destination = "/etc/nginx/conf/${fname}.conf" + command = "/scripts/nginx-run.sh" +} +EOF + done +} -export NGINX_KV +trap hup_handler SIGHUP +trap term_handler SIGTERM SIGINT SIGQUIT + +CONSUL_LOGLEVEL=${CONSUL_LOGLEVEL:-info} # set up SSL if [ "$(ls -A /usr/local/share/ca-certificates)" ]; then # normally we'd use update-ca-certificates, but something about running it in @@ -19,44 +44,6 @@ if [ "$(ls -A /usr/local/share/ca-certificates)" ]; then cat /usr/local/share/ca-certificates/* >> /etc/ssl/certs/ca-certificates.crt fi -function usage { -cat < - (default not set) - - NGINX_AUTH_BASIC_KV Consul K/V path for nginx users - (default not set) - -Consul vars: - CONSUL_LOGLEVEL Set the consul-template log level - (default info) - - CONSUL_CONNECT URI for Consul agent - (default not set) - - CONSUL_SSL Connect to Consul using SSL - (default not set) - - CONSUL_SSL_VERIFY Verify Consul SSL connection - (default true) - - CONSUL_TOKEN Consul API token - (default not set) -USAGE -} - function config_auth { case ${NGINX_AUTH_TYPE} in basic) @@ -69,38 +56,21 @@ function config_auth { touch /etc/nginx/nginx-auth.conf } -function launch_consul_template { - vars=$@ - ctargs= - - if [ -n "${NGINX_AUTH_TYPE}" ]; then - config_auth - fi - - [[ -n "${CONSUL_CONNECT}" ]] && ctargs="${ctargs} -consul ${CONSUL_CONNECT}" - [[ -n "${CONSUL_SSL}" ]] && ctargs="${ctargs} -ssl" - [[ -n "${CONSUL_SSL}" ]] && ctargs="${ctargs} -ssl-verify=${CONSUL_SSL_VERIFY}" - [[ -n "${CONSUL_TOKEN}" ]] && ctargs="${ctargs} -token ${CONSUL_TOKEN}" - - # Create an empty nginx.tmpl so consul-template will start - touch /consul-template/templates/nginx.tmpl +if [ -n "${NGINX_AUTH_TYPE}" ]; then + config_auth +fi - if [ -n "${NGINX_DEBUG}" ]; then - echo "Running consul template -once..." - consul-template -log-level ${CONSUL_LOGLEVEL} \ - -template /consul-template/templates/nginx.tmpl.in:/consul-template/templates/nginx.tmpl \ - ${ctargs} -once +[[ -n "${CONSUL_CONNECT}" ]] && ctargs="${ctargs} -consul ${CONSUL_CONNECT}" +[[ -n "${CONSUL_SSL}" ]] && ctargs="${ctargs} -ssl" +[[ -n "${CONSUL_SSL}" ]] && ctargs="${ctargs} -ssl-verify=${CONSUL_SSL_VERIFY}" +[[ -n "${CONSUL_TOKEN}" ]] && ctargs="${ctargs} -token ${CONSUL_TOKEN}" - consul-template -log-level ${CONSUL_LOGLEVEL} \ - -config /consul-template/config.d \ - ${ctargs} -once ${vars} - /scripts/nginx-run.sh - else - echo "Starting consul template..." - exec consul-template -log-level ${CONSUL_LOGLEVEL} \ - -config /consul-template/config.d \ - ${ctargs} ${vars} - fi -} +consul-template -log-level ${CONSUL_LOGLEVEL} \ + -config /consul-template/config.d \ + -pid-file ${ctpid_file} \ + ${ctvars} & -launch_consul_template $@ +while :; do + tail -f /dev/null & + wait $! +done diff --git a/templates/nginx.tmpl.in b/templates/nginx.tmpl.in deleted file mode 100644 index 630859f..0000000 --- a/templates/nginx.tmpl.in +++ /dev/null @@ -1,3 +0,0 @@ -{{ with $d := env "NGINX_KV" }} -{{ key $d }} -{{ end }} From 139094dcdc14b5b06a6e6d0afb174864a893a6dd Mon Sep 17 00:00:00 2001 From: Chris Aubuchon Date: Mon, 11 Apr 2016 16:53:33 -0500 Subject: [PATCH 04/11] Use PID instead of pid-file --- scripts/launch.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/scripts/launch.sh b/scripts/launch.sh index 0226654..ac57263 100755 --- a/scripts/launch.sh +++ b/scripts/launch.sh @@ -5,21 +5,21 @@ set -e #set the DEBUG env variable to turn on debugging [[ -n "$DEBUG" ]] && set -x -ctpid_file="/consul-template/ct.pid" +ctpid=0 hup_handler() { generate_config - pkill -HUP -F ${ctpid_file} + kill -HUP ${ctpid} } term_handler() { - pkill ${ctpid_file} - wait `cat ${ctpid_file}` + kill ${ctpid} + wait ${ctpid} exit } generate_config() { - for file in `/etc/nginx/templates/*`; do + for file in /etc/nginx/templates/*; do fname="`basename ${file}`" cat > /consul-template/config.d/${fname}.conf << EOF template { @@ -67,8 +67,8 @@ fi consul-template -log-level ${CONSUL_LOGLEVEL} \ -config /consul-template/config.d \ - -pid-file ${ctpid_file} \ ${ctvars} & +ctpid=$! while :; do tail -f /dev/null & From e926511a59a7f377054c4b14a27b0875a8dc54fc Mon Sep 17 00:00:00 2001 From: Chris Aubuchon Date: Mon, 11 Apr 2016 17:05:15 -0500 Subject: [PATCH 05/11] Remove set -e --- scripts/launch.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/launch.sh b/scripts/launch.sh index ac57263..9924cf9 100755 --- a/scripts/launch.sh +++ b/scripts/launch.sh @@ -1,7 +1,5 @@ #!/bin/bash -set -e - #set the DEBUG env variable to turn on debugging [[ -n "$DEBUG" ]] && set -x From 48692a4e3466478cca3a7f77aab97d9b7f18c69d Mon Sep 17 00:00:00 2001 From: Chris Aubuchon Date: Tue, 12 Apr 2016 08:54:35 -0500 Subject: [PATCH 06/11] Generate config at startup --- scripts/launch.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/launch.sh b/scripts/launch.sh index 9924cf9..830c949 100755 --- a/scripts/launch.sh +++ b/scripts/launch.sh @@ -63,6 +63,8 @@ fi [[ -n "${CONSUL_SSL}" ]] && ctargs="${ctargs} -ssl-verify=${CONSUL_SSL_VERIFY}" [[ -n "${CONSUL_TOKEN}" ]] && ctargs="${ctargs} -token ${CONSUL_TOKEN}" +generate_config + consul-template -log-level ${CONSUL_LOGLEVEL} \ -config /consul-template/config.d \ ${ctvars} & From 784e3d9d00cd543e2c91f569a51e78bac9793c5b Mon Sep 17 00:00:00 2001 From: Chris Aubuchon Date: Tue, 12 Apr 2016 09:40:06 -0500 Subject: [PATCH 07/11] Attempt to manage consul-template --- scripts/launch.sh | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/scripts/launch.sh b/scripts/launch.sh index 830c949..79fd163 100755 --- a/scripts/launch.sh +++ b/scripts/launch.sh @@ -7,7 +7,7 @@ ctpid=0 hup_handler() { generate_config - kill -HUP ${ctpid} + reload_consul_template } term_handler() { @@ -23,12 +23,22 @@ generate_config() { template { source = "${file}" destination = "/etc/nginx/conf/${fname}.conf" - command = "/scripts/nginx-run.sh" + command = "/scripts/nginx-run.sh || true" } EOF done } +reload_consul_template() { + kill -HUP ${ctpid} + if [ $? -ne 0 ]; then + consul-template -log-level ${CONSUL_LOGLEVEL} \ + -config /consul-template/config.d \ + ${ctvars} & + ctpid=$! + fi +} + trap hup_handler SIGHUP trap term_handler SIGTERM SIGINT SIGQUIT @@ -65,10 +75,6 @@ fi generate_config -consul-template -log-level ${CONSUL_LOGLEVEL} \ - -config /consul-template/config.d \ - ${ctvars} & -ctpid=$! while :; do tail -f /dev/null & From 73afc8c012066f993b8c6101c5bfa1f25959d85f Mon Sep 17 00:00:00 2001 From: Chris Aubuchon Date: Tue, 12 Apr 2016 10:12:29 -0500 Subject: [PATCH 08/11] Run reload_consul_template in main process --- scripts/launch.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/launch.sh b/scripts/launch.sh index 79fd163..f1e1f55 100755 --- a/scripts/launch.sh +++ b/scripts/launch.sh @@ -74,7 +74,7 @@ fi [[ -n "${CONSUL_TOKEN}" ]] && ctargs="${ctargs} -token ${CONSUL_TOKEN}" generate_config - +reload_consul_template while :; do tail -f /dev/null & From bcd4035008ad6a7c4bc5505589809c09c689e583 Mon Sep 17 00:00:00 2001 From: Chris Aubuchon Date: Tue, 12 Apr 2016 10:15:14 -0500 Subject: [PATCH 09/11] Only HUP ctpid if it's non zero --- scripts/launch.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/scripts/launch.sh b/scripts/launch.sh index f1e1f55..7b14804 100755 --- a/scripts/launch.sh +++ b/scripts/launch.sh @@ -30,7 +30,10 @@ EOF } reload_consul_template() { - kill -HUP ${ctpid} + if [ ${ctpid} -ne 0 ]; then + kill -HUP ${ctpid} + fi + if [ $? -ne 0 ]; then consul-template -log-level ${CONSUL_LOGLEVEL} \ -config /consul-template/config.d \ From 36d9c3a937cd5db26f1376565ff82c6087bd49b1 Mon Sep 17 00:00:00 2001 From: Chris Aubuchon Date: Tue, 12 Apr 2016 10:23:37 -0500 Subject: [PATCH 10/11] Try to manage consul-template properly --- scripts/launch.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/scripts/launch.sh b/scripts/launch.sh index 7b14804..a215664 100755 --- a/scripts/launch.sh +++ b/scripts/launch.sh @@ -32,14 +32,15 @@ EOF reload_consul_template() { if [ ${ctpid} -ne 0 ]; then kill -HUP ${ctpid} + if [ $? -eq 0 ]; then + return + fi fi - if [ $? -ne 0 ]; then - consul-template -log-level ${CONSUL_LOGLEVEL} \ - -config /consul-template/config.d \ - ${ctvars} & - ctpid=$! - fi + consul-template -log-level ${CONSUL_LOGLEVEL} \ + -config /consul-template/config.d \ + ${ctvars} & + ctpid=$! } trap hup_handler SIGHUP From 2402b12d9d9c47a23aaa20259a22d9dc72c2a6f4 Mon Sep 17 00:00:00 2001 From: Chris Aubuchon Date: Tue, 26 Apr 2016 11:44:19 -0500 Subject: [PATCH 11/11] Use asteris/consul-template as base --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index bb63ef2..6a47732 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM drifting/consul-template:latest +FROM asteris/consul-template:latest MAINTAINER Chris Aubuchon