memoussati-docker

Release 5.3.0

Puppet module for managing docker

Repository Puppet Ruby Download

Keywords
docker, puppet
License
Apache-2.0
Install
puppet module install memoussati-docker --version 5.3.0

Documentation

Puppet module for installing, configuring and managing Docker from the official repository or alternatively from EPEL on RedHat based distributions.

Puppet Forge Build Status Documentation Status Puppet Forge Downloads Puppet Forge Endorsement

Support

This module is currently tested on:

  • Debian 8.0
  • Debian 7.8
  • Ubuntu 12.04
  • Ubuntu 14.04
  • Centos 7.0
  • Centos 6.6

It may work on other distros and additional operating systems will be supported in the future. It's definitely been used with the following too:

  • Archlinux
  • Amazon Linux
  • Fedora

Examples

Usage

The module includes a single class:

include 'docker'

By default this sets up the docker hosted repository if necessary for your OS and installs the docker package and on Ubuntu, any required Kernel extensions.

If you don't want this module to mess about with your Kernel then you can disable this feature like so. It is only enabled (and supported) by default on Ubuntu:

class { 'docker':
  manage_kernel => false,
}

If you want to configure your package sources independently, inform this module to not auto-include upstream sources (This is already disabled on Archlinux as there is no further upstream):

class { 'docker':
  use_upstream_package_source => false,
}

Docker recently launched new official repositories which are now the default for the module from version 5. If you want to stick with the old respoitories you can do so with the following:

class { 'docker':
  package_name => 'lxc-docker',
  package_source_location => 'https://get.docker.com/ubuntu',
  package_key_source => 'https://get.docker.com/gpg',
  package_key => '36A1D7869245C8950F966E92D8576A8BA88D21E',
  package_release => 'docker',
}

The module also now uses the upstream repositories by default for RHEL based distros, including Fedora. If you want to stick with the distro packages you should use the following:

class { 'docker':
  use_upstream_package_source => false,
  package_name => 'docker',
}

By default the docker daemon will bind to a unix socket at /var/run/docker.sock. This can be changed, as well as binding to a tcp socket if required.

class { 'docker':
  tcp_bind    => 'tcp://127.0.0.1:4243',
  socket_bind => 'unix:///var/run/docker.sock',
}

Unless specified this installs the latest version of docker from the docker repository on first run. However if you want to specify a specific version you can do so, unless you are using Archlinux which only supports the latest release. Note that this relies on a package with that version existing in the reposiroty.

class { 'docker':
  version => '0.5.5',
}

And if you want to track the latest version you can do so:

class { 'docker':
  version => 'latest',
}

In some cases dns resolution won't work well in the container unless you give a dns server to the docker daemon like this:

class { 'docker':
  dns => '8.8.8.8',
}

To add users to the Docker group you can pass an array like this:

class { 'docker':
  docker_users => ['user1', 'user2'],
}

The class contains lots of other options, please see the inline code documentation for the full options.

Images

The next step is probably to install a docker image; for this we have a defined type which can be used like so:

docker::image { 'base': }

This is equivalent to running docker pull base. This is downloading a large binary so on first run can take a while. For that reason this define turns off the default 5 minute timeout for exec. Takes an optional parameter for installing image tags that is the equivalent to running docker pull -t="precise" ubuntu:

docker::image { 'ubuntu':
  image_tag => 'precise'
}

Note: images will only install if an image of that name does not already exist.

A images can also be added/build from a dockerfile with the docker_file property, this equivalent to running docker build -t ubuntu - < /tmp/Dockerfile

docker::image { 'ubuntu':
  docker_file => '/tmp/Dockerfile'
}

Images can also be added/build from a directory containing a dockerfile with the docker_dir property, this is equivalent to running docker build -t ubuntu /tmp/ubuntu_image

docker::image { 'ubuntu':
  docker_dir => '/tmp/ubuntu_image'
}

You can trigger a rebuild of the image by subscribing to external events like Dockerfile changes:

docker::image { 'ubuntu':
  docker_file => '/tmp/Dockerfile'
  subscribe => File['/tmp/Dockerfile'],
}

file { '/tmp/Dockerfile':
  ensure => file,
  source => 'puppet:///modules/someModule/Dockerfile',
}

You can also remove images you no longer need with:

docker::image { 'base':
  ensure => 'absent'
}

docker::image { 'ubuntu':
  ensure    => 'absent',
  image_tag => 'precise'
}

If using hiera, there's a docker::images class you can configure, for example:

docker::images:
  ubuntu:
    image_tag: 'precise'

Containers

Now you have an image you can launch containers:

docker::run { 'helloworld':
  image   => 'base',
  command => '/bin/sh -c "while true; do echo hello world; sleep 1; done"',
}

This is equivalent to running the following:

docker run -d base /bin/sh -c "while true; do echo hello world; sleep 1; done"

This will launch a Docker container managed by the local init system.

Run also takes a number of optional parameters:

docker::run { 'helloworld':
  image           => 'base',
  command         => '/bin/sh -c "while true; do echo hello world; sleep 1; done"',
  ports           => ['4444', '4555'],
  expose          => ['4666', '4777'],
  links           => ['mysql:db'],
  volumes         => ['/var/lib/couchdb', '/var/log'],
  volumes_from    => '6446ea52fbc9',
  memory_limit    => '10m', # (format: '<number><unit>', where unit = b, k, m or g)
  cpuset          => ['0', '3'],
  username        => 'example',
  hostname        => 'example.com',
  env             => ['FOO=BAR', 'FOO2=BAR2'],
  env_file        => ['/etc/foo', '/etc/bar'],
  dns             => ['8.8.8.8', '8.8.4.4'],
  restart_service => true,
  privileged      => false,
  pull_on_start   => false,
  before_stop     => 'echo "So Long, and Thanks for All the Fish"',
  depends         => [ 'container_a', 'postgres' ],
}

Ports, expose, env, env_file, dns and volumes can be set with either a single string or as above with an array of values.

Specifying pull_on_start will pull the image before each time it is started.

Specifying before_stop will execute a command before stopping the container.

The depends option allows expressing containers that must be started before. This affects the generation of the init.d/systemd script.

The service file created for systemd based systems enables automatic restarting of the service on failure by default.

To use an image tag just append the tag name to the image name separated by a semicolon:

docker::run { 'helloworld':
  image   => 'ubuntu:precise',
  command => '/bin/sh -c "while true; do echo hello world; sleep 1; done"',
}

If using hiera, there's a docker::run_instance class you can configure, for example:

---
  classes:
    - docker::run_instance

  docker::run_instance::instance:
    helloworld:
      image: 'ubuntu:precise'
      command: '/bin/sh -c "while true; do echo hello world; sleep 1; done"'

Private registries

By default images will be pushed and pulled from index.docker.io unless you've specified a server. If you have your own private registry without authentication, you can fully qualify your image name. If your private registry requires authentication you may configure a registry:

docker::registry { 'example.docker.io:5000':
  username => 'user',
  password => 'secret',
  email    => 'user@example.com',
}

You can logout of a registry if it is no longer required.

docker::registry { 'example.docker.io:5000':
  ensure => 'absent',
}

If using hiera, there's a docker::registry_auth class you can configure, for example:

docker::registry_auth::registries:
  'example.docker.io:5000':
    username: 'user1'
    password: 'secret'
    email: 'user1@example.io'

Exec

Docker also supports running arbitrary commands within the context of a running container. And now so does the Puppet module.

docker::exec { 'cron_allow_root':
  detach       => true,
  container    => 'mycontainer',
  command      => '/bin/echo root >> /usr/lib/cron/cron.allow',
  tty          => true,
  unless       => 'grep root /usr/lib/cron/cron.allow 2>/dev/null',
}

Stats

Dependencies
3
Dependent packages
0
Dependent repositories
0
Total releases
1
Latest release
First release
Stars
408
Forks
574
Watchers
40
Contributors
104
Repository size
1.15 MB
SourceRank
11

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

5.3.0

Contributors

Gareth Rushgrove coreone Kyle Anderson Javier Bértoli Vahram Sukyas Justin Dray Patrick Hemmer Jo Vandeginste James Carr Paul Liljenberg JT (Jonny) Lukas Waslowski Cornel Foltea Voxin Muyli Elias Probst Nate Joshua Hoblitt bradley Tomas Doran Paul Morgan Alex Hornung Camille Mougey Fredrik Thulin Janos Feher


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2017-09-12 20:39:07 UTC

Login to resync this project