Merge pull request #561 from imikushin/cc-docker

Configure docker via `rancher.docker` in cloud-config

cmd/cloudinit/cloudinit_test.go

@@ -69,8 +69,8 @@ func TestSubstituteUserDataVars(t *testing.T) {
 			    interfaces:
 			      eth1:
 			        address: $private_ipv4/16
-			  user_docker:
+			  docker:
-			  	 tls_args: ['-H=$public_ipv4:2376']`,
+			  	tls_args: ['-H=$public_ipv4:2376']`,
 			`write_files:
 			    - path: /etc/environment
 			      content: |
@@ -81,8 +81,8 @@ func TestSubstituteUserDataVars(t *testing.T) {
 			    interfaces:
 			      eth1:
 			        address: 192.0.2.203/16
-			  user_docker:
+			  docker:
-			  	 tls_args: ['-H=192.0.2.3:2376']`,
+			  	tls_args: ['-H=192.0.2.3:2376']`,
 		},
 		{
 			// no metadata

cmd/control/tlsconf.go

@@ -49,7 +49,7 @@ func writeCerts(generateServer bool, hostname []string, cfg *config.CloudConfig,
 		return machineUtil.GenerateCert([]string{""}, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS)
 	}
 
-	if cfg.Rancher.UserDocker.ServerKey == "" || cfg.Rancher.UserDocker.ServerCert == "" {
+	if cfg.Rancher.Docker.ServerKey == "" || cfg.Rancher.Docker.ServerCert == "" {
 		err := machineUtil.GenerateCert(hostname, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS)
 		if err != nil {
 			return err
@@ -67,9 +67,9 @@ func writeCerts(generateServer bool, hostname []string, cfg *config.CloudConfig,
 
 		return cfg.SetConfig(&config.CloudConfig{
 			Rancher: config.RancherConfig{
-				UserDocker: config.DockerConfig{
+				Docker: config.DockerConfig{
-					CAKey:      cfg.Rancher.UserDocker.CAKey,
+					CAKey:      cfg.Rancher.Docker.CAKey,
-					CACert:     cfg.Rancher.UserDocker.CACert,
+					CACert:     cfg.Rancher.Docker.CACert,
 					ServerCert: string(cert),
 					ServerKey:  string(key),
 				},
@@ -77,16 +77,16 @@ func writeCerts(generateServer bool, hostname []string, cfg *config.CloudConfig,
 		})
 	}
 
-	if err := ioutil.WriteFile(certPath, []byte(cfg.Rancher.UserDocker.ServerCert), 0400); err != nil {
+	if err := ioutil.WriteFile(certPath, []byte(cfg.Rancher.Docker.ServerCert), 0400); err != nil {
 		return err
 	}
 
-	return ioutil.WriteFile(keyPath, []byte(cfg.Rancher.UserDocker.ServerKey), 0400)
+	return ioutil.WriteFile(keyPath, []byte(cfg.Rancher.Docker.ServerKey), 0400)
 
 }
 
 func writeCaCerts(cfg *config.CloudConfig, caCertPath, caKeyPath string) error {
-	if cfg.Rancher.UserDocker.CACert == "" {
+	if cfg.Rancher.Docker.CACert == "" {
 		if err := machineUtil.GenerateCACertificate(caCertPath, caKeyPath, NAME, BITS); err != nil {
 			return err
 		}
@@ -103,7 +103,7 @@ func writeCaCerts(cfg *config.CloudConfig, caCertPath, caKeyPath string) error {
 
 		err = cfg.SetConfig(&config.CloudConfig{
 			Rancher: config.RancherConfig{
-				UserDocker: config.DockerConfig{
+				Docker: config.DockerConfig{
 					CAKey:  string(caKey),
 					CACert: string(caCert),
 				},
@@ -116,11 +116,11 @@ func writeCaCerts(cfg *config.CloudConfig, caCertPath, caKeyPath string) error {
 		return nil
 	}
 
-	if err := ioutil.WriteFile(caCertPath, []byte(cfg.Rancher.UserDocker.CACert), 0400); err != nil {
+	if err := ioutil.WriteFile(caCertPath, []byte(cfg.Rancher.Docker.CACert), 0400); err != nil {
 		return err
 	}
 
-	return ioutil.WriteFile(caKeyPath, []byte(cfg.Rancher.UserDocker.CAKey), 0400)
+	return ioutil.WriteFile(caKeyPath, []byte(cfg.Rancher.Docker.CAKey), 0400)
 }
 
 func tlsConfCreate(c *cli.Context) {

cmd/userdocker/main.go

@@ -46,7 +46,7 @@ func Main() {
 }
 
 func enter(cfg *config.CloudConfig) error {
-	context := cfg.Rancher.UserDocker.StorageContext
+	context := cfg.Rancher.Docker.StorageContext
 	if context == "" {
 		context = DEFAULT_STORAGE_CONTEXT
 	}
@@ -211,7 +211,7 @@ func main(cfg *config.CloudConfig) error {
 		return err
 	}
 
-	dockerCfg := cfg.Rancher.UserDocker
+	dockerCfg := cfg.Rancher.Docker
 
 	args := dockerCfg.FullArgs()
 

config/config.go

@@ -55,8 +55,8 @@ func LoadConfig() (*CloudConfig, error) {
 
 	if cfg.Rancher.Debug {
 		log.SetLevel(log.DebugLevel)
-		if !util.Contains(cfg.Rancher.UserDocker.Args, "-D") {
+		if !util.Contains(cfg.Rancher.Docker.Args, "-D") {
-			cfg.Rancher.UserDocker.Args = append(cfg.Rancher.UserDocker.Args, "-D")
+			cfg.Rancher.Docker.Args = append(cfg.Rancher.Docker.Args, "-D")
 		}
 		if !util.Contains(cfg.Rancher.SystemDocker.Args, "-D") {
 			cfg.Rancher.SystemDocker.Args = append(cfg.Rancher.SystemDocker.Args, "-D")

config/config_test.go

@@ -22,7 +22,7 @@ func TestFilterKey(t *testing.T) {
 					"dsa-pub": "dsa-test2",
 				},
 			},
-			"user_docker": map[interface{}]interface{}{
+			"docker": map[interface{}]interface{}{
 				"ca_key":  "ca_key-test3",
 				"ca_cert": "ca_cert-test4",
 				"args":    []string{"args_test5"},
@@ -43,7 +43,7 @@ func TestFilterKey(t *testing.T) {
 		"ssh_authorized_keys": []string{"pubk1", "pubk2"},
 		"hostname":            "ros-test",
 		"rancher": map[interface{}]interface{}{
-			"user_docker": map[interface{}]interface{}{
+			"docker": map[interface{}]interface{}{
 				"ca_key":  "ca_key-test3",
 				"ca_cert": "ca_cert-test4",
 				"args":    []string{"args_test5"},
@@ -68,7 +68,7 @@ func TestFilterDottedKeys(t *testing.T) {
 					"dsa-pub": "dsa-test2",
 				},
 			},
-			"user_docker": map[interface{}]interface{}{
+			"docker": map[interface{}]interface{}{
 				"ca_key":  "ca_key-test3",
 				"ca_cert": "ca_cert-test4",
 				"args":    []string{"args_test5"},
@@ -89,7 +89,7 @@ func TestFilterDottedKeys(t *testing.T) {
 	expectedRest := map[interface{}]interface{}{
 		"hostname": "ros-test",
 		"rancher": map[interface{}]interface{}{
-			"user_docker": map[interface{}]interface{}{
+			"docker": map[interface{}]interface{}{
 				"ca_key":  "ca_key-test3",
 				"ca_cert": "ca_cert-test4",
 				"args":    []string{"args_test5"},
@@ -254,7 +254,7 @@ func TestUserDocker(t *testing.T) {
 
 	config := &CloudConfig{
 		Rancher: RancherConfig{
-			UserDocker: DockerConfig{
+			Docker: DockerConfig{
 				TLS: true,
 			},
 		},
@@ -272,7 +272,7 @@ func TestUserDocker(t *testing.T) {
 
 	fmt.Println(data)
 
-	val, ok := data["rancher"]["user_docker"]
+	val, ok := data["rancher"]["docker"]
 	assert.True(ok)
 
 	m, ok := val.(map[interface{}]interface{})

config/disk.go

@@ -20,10 +20,10 @@ func writeToFile(data interface{}, filename string) error {
 func saveToDisk(data map[interface{}]interface{}) error {
 	private, config := filterDottedKeys(data, []string{
 		"rancher.ssh",
-		"rancher.user_docker.ca_key",
+		"rancher.docker.ca_key",
-		"rancher.user_docker.ca_cert",
+		"rancher.docker.ca_cert",
-		"rancher.user_docker.server_key",
+		"rancher.docker.server_key",
-		"rancher.user_docker.server_cert",
+		"rancher.docker.server_cert",
 	})
 
 	err := writeToFile(config, LocalConfigFile)

config/types.go

@@ -81,7 +81,7 @@ type RancherConfig struct {
 	State               StateConfig                       `yaml:"state,omitempty"`
 	SystemDocker        DockerConfig                      `yaml:"system_docker,omitempty"`
 	Upgrade             UpgradeConfig                     `yaml:"upgrade,omitempty"`
-	UserDocker          DockerConfig                      `yaml:"user_docker,omitempty"`
+	Docker              DockerConfig                      `yaml:"docker,omitempty"`
 }
 
 type UpgradeConfig struct {

os-config.yml

@@ -298,7 +298,7 @@ rancher:
   upgrade:
     url: https://releases.rancher.com/os/releases.yml
     image: rancher/os
-  user_docker:
+  docker:
     tls_args: [--tlsverify, --tlscacert=ca.pem, --tlscert=server-cert.pem, --tlskey=server-key.pem,
       '-H=0.0.0.0:2376']
     args: [daemon, --log-opt, max-size=25m, --log-opt, max-file=2, -s, overlay, -G, docker, -H, 'unix:///var/run/docker.sock', --userland-proxy=false]

tests/integration/assets/test_01/cloud-config.yml

@@ -9,5 +9,7 @@ rancher:
         address: 10.10.2.17/24
         gateway: 10.10.2.2
         mtu: 1500
+  docker:
+    args: [daemon, --log-opt, max-file=2, --log-opt, max-size=25m, -s, overlay, -G, docker, -H, 'unix:///var/run/docker.sock', -H, 'tcp://0.0.0.0:2375', --userland-proxy=false]
 ssh_authorized_keys:
   - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUlsWAL5Rf0Wis/A7k7Tlqx0fZS60VzCZrPZYbP/wkL95jv0XzCx8bd1rZHeybblHPDNpND3BLv4qPY5DxRyexF4seGuzcJI/pOvGUGjQondeMPgDTFEo5w939gSdeTZcfXzQ0wAVhzwDbgH4zPfMzbdoo8Aiu9jkKljXw8IFju0gh+t6iKkGZCIjKT9o7zza1vGfkodhvi2V3VzPdNO28gaxZaRNtmBYUoVnGyR6nXN1Q3CJaVuh5o6GPCOqrhHNbYOFZKBpDiHbxPhVpxHQD2+8yUSGTG7WW75FfZePja5y8d0c/O5L37ZYx4AZAd3KgQYDBT2XCEJGQNawNbfpt

tests/integration/assets/test_03/cloud-config.yml

@@ -0,0 +1,6 @@
+#cloud-config
+rancher:
+  services_include:
+    debian-console: true
+ssh_authorized_keys:
+  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUlsWAL5Rf0Wis/A7k7Tlqx0fZS60VzCZrPZYbP/wkL95jv0XzCx8bd1rZHeybblHPDNpND3BLv4qPY5DxRyexF4seGuzcJI/pOvGUGjQondeMPgDTFEo5w939gSdeTZcfXzQ0wAVhzwDbgH4zPfMzbdoo8Aiu9jkKljXw8IFju0gh+t6iKkGZCIjKT9o7zza1vGfkodhvi2V3VzPdNO28gaxZaRNtmBYUoVnGyR6nXN1Q3CJaVuh5o6GPCOqrhHNbYOFZKBpDiHbxPhVpxHQD2+8yUSGTG7WW75FfZePja5y8d0c/O5L37ZYx4AZAd3KgQYDBT2XCEJGQNawNbfpt

tests/integration/rancherostest/test_01_cloud_config.py

@@ -1,12 +1,13 @@
 import pytest
 import rancherostest.util as u
+import string
 import subprocess
 import yaml
 
 
 ssh_command = ['ssh', '-p', '2222', '-F', './assets/scripts_ssh_config', '-i', './tests/integration/assets/test.key',
                'rancher@localhost']
-cloud_config_path = './tests/integration/assets/cloud-config-01.yml'
+cloud_config_path = './tests/integration/assets/test_01/cloud-config.yml'
 
 
 @pytest.fixture(scope="module")
@@ -39,6 +40,20 @@ def test_rancher_environment(qemu, cloud_config):
     assert v.strip() == cloud_config['rancher']['environment']['FLANNEL_NETWORK']
 
 
+@pytest.mark.timeout(40)
+def test_docker_args(qemu, cloud_config):
+    assert qemu is not None
+    u.wait_for_ssh(ssh_command)
+
+    v = subprocess.check_output(
+        ssh_command + ['sh', '-c', 'ps -ef | grep docker'],
+        stderr=subprocess.STDOUT, universal_newlines=True)
+
+    expected = string.join(cloud_config['rancher']['docker']['args'])
+
+    assert v.find(expected) != -1
+
+
 @pytest.mark.timeout(40)
 def test_rancher_network(qemu, cloud_config):
     assert qemu is not None

tests/integration/rancherostest/test_03_docker_in_persistent_console.py

@@ -0,0 +1,36 @@
+import pytest
+import rancherostest.util as u
+import subprocess
+import yaml
+
+
+ssh_command = ['ssh', '-p', '2222', '-F', './assets/scripts_ssh_config', '-i', './tests/integration/assets/test.key',
+               'rancher@localhost']
+cloud_config_path = './tests/integration/assets/test_03/cloud-config.yml'
+
+
+@pytest.fixture(scope="module")
+def qemu(request):
+    return u.run_qemu(request, ['--cloud-config', cloud_config_path])
+
+
+@pytest.fixture(scope="module")
+def cloud_config():
+    return yaml.load(open(cloud_config_path))
+
+
+@pytest.mark.timeout(40)
+def test_reboot_with_container_running(qemu):
+    assert qemu is not None
+    u.wait_for_ssh(ssh_command)
+    subprocess.check_call(ssh_command + ['docker', 'run', '-d', '--restart=always', 'nginx'],
+                          stderr=subprocess.STDOUT, universal_newlines=True)
+
+    subprocess.call(ssh_command + ['sudo', 'reboot'],
+                    stderr=subprocess.STDOUT, universal_newlines=True)
+
+    u.wait_for_ssh(ssh_command)
+    v = subprocess.check_output(ssh_command + ['docker', 'ps', '-f', 'status=running'],
+                                stderr=subprocess.STDOUT, universal_newlines=True)
+
+    assert v.find('nginx') != -1