Created
September 16, 2019 08:58
-
-
Save epcim/b22d23454bced477d84a18bc590922ef to your computer and use it in GitHub Desktop.
etcd habitat docker-compose hab
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # See more: https://gist.github.com/epcim/80d2dda18e2b3022e4ab07f161f59823 | |
| # hab clustered etcd | |
| ## compose | |
| cat <<EOF > docker-compose.yml | |
| version: '3' | |
| services: | |
| etcd1: | |
| hostname: etcd1 | |
| image: epcim/etcd | |
| command: --group ves | |
| --topology leader | |
| --peer etcd1 | |
| --peer etcd2 | |
| --peer etcd3 | |
| volumes: | |
| - etcd1-data:/hab/svc/etcd/data | |
| environment: | |
| - HAB_LICENSE=accept-no-persist | |
| etcd2: | |
| hostname: etcd2 | |
| image: epcim/etcd | |
| command: --group ves | |
| --topology leader | |
| --peer etcd1 | |
| --peer etcd2 | |
| --peer etcd3 | |
| volumes: | |
| - etcd2-data:/hab/svc/etcd/data | |
| environment: | |
| - HAB_LICENSE=accept-no-persist | |
| etcd3: | |
| hostname: etcd3 | |
| image: epcim/etcd | |
| command: --group ves | |
| --topology leader | |
| --peer etcd1 | |
| --peer etcd2 | |
| --peer etcd3 | |
| volumes: | |
| - etcd3-data:/hab/svc/etcd/data | |
| environment: | |
| - HAB_LICENSE=accept-no-persist | |
| volumes: | |
| etcd1-data: | |
| etcd2-data: | |
| etcd3-data: | |
| EOF | |
| docker-compose up -d | |
| ### cleanup | |
| docker-compose down | |
| docker volume rm workspace_etcd1-data workspace_etcd2-data workspace_etcd3-data | |
| ## systemd | |
| cat << 'EOF' >/etc/systemd/system/docker-images-update.timer | |
| [Unit] | |
| Description=Once a day | |
| [Timer] | |
| OnCalendar=*-*-* 12:*:* | |
| Persistent=true | |
| [Install] | |
| WantedBy=timers.target | |
| EOF | |
| # optional | |
| cat <<-'EOF' >/srv/etcd-ves/data | |
| HAB_ETCD='{"etcd-key-file": "files/etcd-client.key", "etcd-cert-file": "files/etcd-client.crt", "etcd-client-ca-file": "files/etcd-client-ca.crt" }' | |
| HAB_CTL_SECRET="kruhL2oUbwCCn48bDzPEATlPvZABwYs3AC0kwpB1G+JFtP2chlCHIVQA8gzWVPQRwsj6ekp6qVkse4SCmDwDbw==" | |
| HAB_RING_KEY="tkiwrVzmNH+afXdgYziOlhfp7irPHT+wAH4SYvzWYxA=%" | |
| EOF | |
| export ALT=500 # Prefix for all the service names/ports used (apply to habitat/ inner service service) | |
| # cleanup | |
| systemctl stop etcd-$ALT | |
| sleep 3 | |
| rm -f /etc/systemd/system/etcd-$ALT.service /etc/default/etcd-$ALT* | |
| rm -rf /srv/etcd-$ALT | |
| # peers | |
| cat <<-'EOF' > /etc/default/etcd-${ALT}.peers | |
| master-0:${ALT}38 | |
| master-1:${ALT}38 | |
| master-2:${ALT}38 | |
| EOF | |
| # setup | |
| touch /etc/default/etcd-$ALT | |
| cat <<-EOF >/etc/default/etcd-${ALT} | |
| HAB_ETCD={ "etcd-client-end":"${ALT}23", "etcd-server-end":"${ALT}80" } | |
| EOF | |
| mkdir -p /srv/etcd-$ALT/data | |
| cat <<-EOF >/etc/systemd/system/etcd-$ALT.service | |
| [Unit] | |
| Description=VES Etcd | |
| BindsTo=docker.service | |
| After=network.target | |
| After=docker.service | |
| After=oem-cloudinit.service | |
| # Wants=docker-images-update.timer | |
| # Wants=docker-images-update.service | |
| [Service] | |
| Environment="ALT=${ALT}" | |
| EnvironmentFile=/etc/environment | |
| # hab sup secret generate | |
| Environment="HAB_CTL_SECRET=kruhL2oUbwCCn48bDzPEATlPvZABwYs3AC0kwpB1G+JFtP2chlCHIVQA8gzWVPQRwsj6ekp6qVkse4SCmDwDbw==" | |
| # hab ring key generate etcd | |
| # Environment="HAB_RING_KEY=tkiwrVzmNH+afXdgYziOlhfp7irPHT+wAH4SYvzWYxA=%" | |
| Environment="HAB_LICENSE=accept-no-persist" | |
| Environment="HABSUP_TOPOLOGY=leader" | |
| EnvironmentFile=/etc/default/etcd-${ALT} | |
| RestartSec=3s | |
| TimeoutStopSec=0 | |
| Restart=always | |
| TimeoutStartSec=0 | |
| EOF | |
| cat <<-'EOF' >>/etc/systemd/system/etcd-$ALT.service | |
| # ExecStartPre=/bin/bash -c "while systemctl is-active --quiet docker-mages-update; do sleep 0.5; done" | |
| ExecStart=/usr/bin/docker run --rm --name etcd-${ALT} --net host --uts=host \ | |
| -v /srv/etcd-${ALT}/:/hab/svc/etcd/ \ | |
| -p 9631:${ALT}31 \ | |
| -p ${ALT}32:${ALT}32 \ | |
| -p 9638:${ALT}38 \ | |
| -p ${ALT}79:${ALT}79 \ | |
| -p ${ALT}80:${ALT}80 \ | |
| -e HAB_LICENSE \ | |
| -e HAB_CTL_SECRET \ | |
| --env-file=/etc/default/etcd-${ALT} \ | |
| epcim/etcd \ | |
| --topology ${HABSUP_TOPOLOGY} \ | |
| --listen-gossip 0.0.0.0:${ALT}38 --listen-ctl 0.0.0.0:${ALT}32 --listen-http 0.0.0.0:${ALT}31 \ | |
| --peer-watch-file /etc/default/etcd-${ALT}.peers | |
| ExecStop=/usr/bin/docker rm -f etcd-ves | |
| [Install] | |
| WantedBy=multi-user.target | |
| EOF | |
| systemctl daemon-reload | |
| systemctl enable etcd-$ALT | |
| systemctl start etcd-$ALT | |
| journalctl -fu etcd-$ALT | |
| ## Alternative options | |
| #-e HAB_RING_KEY=${HAB_RING_KEY} \ | |
| -v /etc/kubernetes/secrets/:/hab/svc/etcd/files \ | |
| Environment=SVC_GROUP="ves${ALT}" | |
| --add-host master-2:192.168.99.102 \ | |
| --group ${SVC_GROUP} | |
| -e HAB_LISTEN_CTL=${HAB_LISTEN_CTL} \ | |
| -p ${ALT}31:${ALT}31 \ | |
| -p ${ALT}32:${ALT}32 \ | |
| -p ${ALT}38:${ALT}38 \ | |
| # - gossip-listener, Supervisors communicate with each other using UDP and ZeroMQ, over port 9638. | |
| # - http-gateway, Supervisor exposes the status of its services' health and other information through an HTTP API - 9631 | |
| # - ctl-gateway |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment