20 posts tagged

coreos

just put in /etc/coreos/update.conf
line

REBOOT_STRATEGY=off
coreosdocker

For coreos that's enough to use something like this

docker run -d \
  -v /home/core/certificates:/etc/nginx/certs:rw \
  --volumes-from nginx-proxy \
  -v /var/run/docker.sock:/var/run/docker.sock:ro \
  jrcs/letsencrypt-nginx-proxy-companion

docker run -d -p 80:80 -p 443:443 \
  --name nginx-proxy \
  -v /home/core/certificates:/etc/nginx/certs:ro \
  -v /etc/nginx/vhost.d \
  -v /usr/share/nginx/html \
  -v /var/run/docker.sock:/tmp/docker.sock:ro \
  -v /home/core/conf.d/external.conf:/etc/nginx/conf.d/external.conf  \
  --restart always \
  jwilder/nginx-proxy

and then not to forget to specify

LETSENCRYPT_HOST=mydomain.com
LETSENCRYPT_EMAIL=my@email.com

in your docker-compose section.

More is here https://hub.docker.com/r/mickaelperrin/docker-letsencrypt-nginx-proxy-companion/

Shut down and reboot the system:

$ systemctl reboot

Shut down and power-off the system:

$ systemctl poweroff
coreos

Easy peasy:
edit /etc/coreos/update.conf file and change from GROUP=stable to GROUP=beta

after that do

sudo systemctl restart update-engine

and watch logs

journalctl -f -u update-engine
coreos
Oct 18, 2016, 15:14

Add ssh key for coreos (backup)

In order to make backup more secure I dont want to share my private key, instead I'll create separate key for backup and supply to coreos and backup scripts.

Supplying to CoreOS is something different then other OSes.

echo 'ssh-rsa AAAAB3 ....' | update-ssh-keys -a core

does it's job and key should survive after reboots.

coreos

Find your timezone via this shell command

timedatectl list-timezones

And then set it up like this

sudo timedatectl set-timezone Europe/Kiev
coreos

Here is simple systemd unit for coreos docker monitoring in zabbix.

Put this in /etc/systemd/system/zabbix-agent.service

[Unit]
Description=Zabbix agent
After=docker.service
Requires=docker.service

[Service]
ExecStartPre=-/usr/bin/docker kill zabbix-agent-xxl
ExecStartPre=-/usr/bin/docker rm zabbix-agent-xxl
ExecStart=/usr/bin/docker run  --name=zabbix-agent-xxl -p 10050:10050  -v /:/rootfs  -v /var/run:/var/run -e "ZA_Server=yourzabbix.server.com"  monitoringartist/zabbix-agent-xxl-limited:latest
ExecStop=/usr/bin/docker stop zabbix-agent-xxl

And launch with

systemctl enable zabbix-agent
systemctl start zabbix-agent

Inspect running container with

docker ps

, it should be running.

Please note, that every time zabbix container could not be started, it should be recreated.

Sep 13, 2016, 12:30

CoreOS and crontab

CoreOS does not have crontab and should not. It uses new concept of Timers for Services.

For instance I have to reindex Sphinx database in container every 15 minutes, how should I do this?

Proper way is to do like this:

  1. create service reindex.service
    sudo vim /etc/systemd/system/reindex.service
[Unit]
Description=Reindexes sphinx container

[Service]
Type=oneshot
ExecStart=/usr/bin/docker exec itservice_search_1 /index.sh
  1. create timer for reindex service:
    sudo vim /etc/systemd/system/reindex.timer
cat		Output the contents of a submitted unit
[Unit]
Description=Run reindex.service every 10 minutes

[Timer]
OnCalendar=*:0/15

Next, we should enable this service and timer like this:

sudo systemctl enable reindex.service
sudo systemctl enable reindex.timer
sudo systemctl start reindex.timer

You can control your timers like:

systemctl list-timers

and watch service logs

journalctl -f -u reindex.service

При помощи этого контейнера:

https://github.com/bhuisgen/docker-zabbix-coreos

Код для запуска контейнера

docker run -d -p 10050:10050 -u 0 -c 1024 -m 64M --memory-swap=-1 \
    -v /proc:/coreos/proc:ro -v /sys:/coreos/sys:ro -v /dev:/coreos/dev:ro \
    -v /var/run/docker.sock:/coreos/var/run/docker.sock \
    --name zabbix-coreos bhuisgen/docker-zabbix-coreos my-zabbix-server.com my-cluster-code

Где my-zabbix-server.com это ваш zabbix-server

а my-cluster-code ваш код meta для автообнаружения.

После настройки автообнаружения у вас появится хост в нужном месте.

Разработал для этого очень простой рецепт по мотивам предыдущей заметки:


- name: install docker-compose to coreos
  hosts: coreos
  gather_facts: no
  tasks:
    - name: install docker-compose
      become: yes
      file: path=/opt/bin state=directory mode=0755

    - name: get docker-compose url
      shell: curl -s https://api.github.com/repos/docker/compose/releases/latest | jq -r '.assets[].browser_download_url | select(contains("Linux") and contains("x86_64"))'
      register: url_info

    - name: fetch docker-compose
      become: yes
      get_url: url="{{url_info.stdout}}" dest=/opt/bin/docker-compose mode=0755
<code>

скрипт найдет url и скачает самую свежую версию и установит аттрибуты для корректного запуска из /opt/bin

напоминаю, /opt/bin переживает перезагрузки и является persistent каталогом в CoreOS.
ansiblecoreos
Ctrl + ↓ Earlier