search

stakater / bugs

Stakater issue tracker
0 stars 1 forks source link

Common CoreOS systemd units #116

Open rasheedamir opened 7 years ago

rasheedamir commented 7 years ago

Discuss these common systemd unit and see which ones make sense and are required. Create separate per unit once reviewed:

    - name: locksmithd.service
      command: start
      drop-ins:
      - name: 30-cloudinit.conf
        content: |
          [Service]
          Environment="LOCKSMITHD_REBOOT_WINDOW_START=05:30"
          Environment="LOCKSMITHD_REBOOT_WINDOW_LENGTH=3h"
# coreos.units.* components
    - name: format-disk.service
      command: start
      content: |
        [Unit]
        Description=Formats the disk drive
        [Service]
        Type=oneshot
        RemainAfterExit=yes
        Environment="LABEL=var-lib-docker"
        Environment="DEV=/dev/xvdb"
        # Do not wipe the disk if it's already being used, so the docker images persistent cross reboot.
        ExecStart=-/bin/bash -c "if ! findfs LABEL=$LABEL > /tmp/label.$LABEL; then wipefs -a -f $DEV && mkfs.ext4 -T news -F -L $LABEL $DEV && echo wiped; fi"
    - name: var-lib-docker.mount
      command: start
      content: |
        [Unit]
        Description=Mount disk to /var/lib/docker
        Requires=format-disk.service
        After=format-disk.service
        Before=docker.service
        [Mount]
        What=/dev/xvdb
        Where=/var/lib/docker
        Type=ext4
    - name: docker.service
      command: start
      drop-ins:
        - name: 60-docker-wait-for-var-lib.conf
          content: |
              [Unit]
              Requires=var-lib-docker.mount
              After=var-lib-docker.mount
              [Service]
              Restart=always
              RestartSec=5
    - name: git-sync.service
      command: start
      content: |
        [Unit]
        Description=git-sync
        ConditionPathExists=/opt/bin/git-sync.sh

        [Service]
        EnvironmentFile=/etc/environment
        TimeoutStartSec=10min
        ExecStart=/opt/bin/git-sync.sh
    - name: git-sync.timer
      command: start
      content: |      
        [Unit]
        Description=git-sync timer

        [Timer]
        OnCalendar=*:*:00
        #OnUnitActiveSec=30
    - name: post-provisioning.service
      command: start
      content: |       
        [Unit]
        Description=A hook to excute bootstrap script at boot
        Wants=git-sync.service
        After=git-sync.service
        ConditionPathExists=/opt/bin/post-provision.sh

        [Service]
        Type=oneshot
        RemainAfterExit=true
        EnvironmentFile=/etc/environment
        ExecStart=/opt/bin/post-provision.sh

write_files:            
  - path: /opt/bin/git-sync.sh
    permissions: 0700
    owner: root
    content: |
        #!/bin/bash
        # This script sync /var/lib/apps with github repo
        export GIT_SSH_COMMAND=${GIT_SSH_COMMAND}
        if [[ -d /var/lib/apps/.git ]]; 
        then 
            cd /var/lib/apps; git pull
        else
            mkdir -p /var/lib
            git clone ${APP_REPOSITORY} /var/lib/apps
        fi
  - path: /opt/bin/s3sync.sh
    permissions: 0700
    owner: root
    content: |
        #!/bin/bash
        # This script run a awscli docker to sync /var/lib/apps with s3 bucket
        # this allows us to dynamically config hosted applications
        AWS_CONFIG_ENV=/root/.aws/envvars
        source $AWS_CONFIG_ENV
        IMAGE=suet/awscli:latest
        APPBUCKET=s3://${AWS_ACCOUNT}-${CLUSTER_NAME}-config/apps
        DST=/var/lib/apps
        CMD="aws s3 sync --exact-timestamps --delete $APPBUCKET $DST && chmod 755 $DST/bin/*"

        # pull the IMAGE if not loaded
        docker history $IMAGE > /dev/null 2>&1 || docker pull $IMAGE
        # sync s3 apps to
        docker run --rm --name s3sync -v $${DST}:$${DST} --env-file=$AWS_CONFIG_ENV $IMAGE /bin/bash -c "$CMD"
  - path: /opt/bin/post-provision.sh
    permissions: 0700
    owner: root
    content: |
        #!/usr/bin/bash
        # This script gets excecuted on each reboot. 
        # It can be an additional config you want to set after CoreOS's cloud-config.
        post_provision='/var/lib/apps/post_provision'
        # wait until the post_provision is downloaded from git/s3
        until [ -d $post_provision ]; do sleep 3; done;
        if [ -d $post_provision ]
        then
            for i in $post_provision/*.sh
            do
              /bin/bash -x $i
            done
        fi
        exit 0
  - path: /etc/systemd/system/docker.service.d/50-insecure-registry.conf
    content: |
        [Service]
        Environment=DOCKER_OPTS='--insecure-registry=10.0.0.0/8,dockerhub.coreos-cluster.local'

  - path: /etc/aws/account.envvars
    permissions: 0644
    owner: root
    content: |
        AWS_ACCOUNT=${AWS_ACCOUNT}
        AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION}
        CLUSTER_NAME=${CLUSTER_NAME}
  - path: /root/.aws/envvars
    permissions: 0600
    owner: root
    content: |
        AWS_ACCOUNT=${AWS_ACCOUNT}
        AWS_USER=${AWS_USER}
        AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
        AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
        AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION}
  - path: /root/.aws/config
    permissions: 0600
    owner: root
    content: |
        [default]
        aws_access_key_id=${AWS_ACCESS_KEY_ID}
        aws_secret_access_key=${AWS_SECRET_ACCESS_KEY}
        region=${AWS_DEFAULT_REGION}