Merge branch 'hotfix-0.2.2' into stable

osixia · Feb 20, 2016 · d328d0a · d328d0a
2 parents a0782c0 + bfea7d8
commit d328d0a
Show file tree

Hide file tree

Showing 9 changed files with 158 additions and 65 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+## 0.2.2
+  - Fix --copy-service error if /container/run/service already exists
+  - Fix /container/run/startup.sh file detection if no other startup files exists
+  - Fix set_env_hostname_to_etc_hosts() on container restart
+
 ## 0.2.1
   - Add cfssl as available service to generate ssl certs
     Warning: ssl-helper ssl-helper-openssl and ssl-helper-gnutls

diff --git a/Makefile b/Makefile
@@ -1,5 +1,5 @@
 NAME = osixia/light-baseimage
-VERSION = 0.2.1
+VERSION = 0.2.2
 
 .PHONY: all build build-nocache test tag_latest release
 

diff --git a/README.md b/README.md
@@ -7,7 +7,7 @@
 
 [hub]: https://hub.docker.com/r/osixia/light-baseimage/
 
-Latest release: 0.2.1 -  [Changelog](CHANGELOG.md)
+Latest release: 0.2.2 -  [Changelog](CHANGELOG.md)
  | [Docker Hub](https://hub.docker.com/r/osixia/light-baseimage/) 
 
 A Debian based docker image to help you build reliable image quickly. This image provide a simple opinionated solution to build multiple or single process image with minimum of layers and an optimized build.
@@ -41,6 +41,7 @@ Table of Contents
 	- [Services available](#services-available)
 - [Advanced User Guide](#advanced-user-guide)
 	- [Service available](#service-available)
+	- [Fix docker mounted file problems](#fix-docker-mounted-file-problems)
 	- [Mastering image tools](#mastering-image-tools)
 		- [run](#run)
             - [Run command line options](#run-command-line-options)
@@ -141,22 +142,22 @@ In the Dockerfile we are going to:
 
         # Use osixia/light-baseimage
         # https://github.com/osixia/docker-light-baseimage
-        FROM osixia/light-baseimage:0.2.1
+        FROM osixia/light-baseimage:0.2.2
         MAINTAINER Your Name <[email protected]>
 
-        # Download nginx from apt-get
+        # Download nginx from apt-get and clean apt-get files
         RUN apt-get -y update \
             && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
-               nginx
+               nginx \
+            && apt-get clean \
+            && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
         # Add service directory to /container/service
         ADD service /container/service
 
-        # Use baseimage install-service script and clean all
+        # Use baseimage install-service script
         # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/install-service
-        RUN /container/tool/install-service \
-            && apt-get clean \
-            && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+        RUN /container/tool/install-service
 
         # Add default env directory
         ADD environment /container/environment/99-default
@@ -384,25 +385,25 @@ In the Dockerfile we are going to:
 
         # Use osixia/light-baseimage
         # https://github.com/osixia/docker-light-baseimage
-        FROM osixia/light-baseimage:0.2.1
+        FROM osixia/light-baseimage:0.2.2
         MAINTAINER Your Name <[email protected]>
 
-        # Install multiple process stack, nginx and php5-fpm
+        # Install multiple process stack, nginx and php5-fpm and clean apt-get files
         # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/add-multiple-process-stack
         RUN apt-get -y update \
             && /container/tool/add-multiple-process-stack \
             && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
                nginx \
-               php5-fpm
+               php5-fpm \
+            && apt-get clean \
+            && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
         # Add service directory to /container/service
         ADD service /container/service
 
-        # Use baseimage install-service script and clean all
+        # Use baseimage install-service script
         # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/install-service
-        RUN /container/tool/install-service \
-            && apt-get clean \
-            && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+        RUN /container/tool/install-service
 
         # Add default env directory
         ADD environment /container/environment/99-default
@@ -577,7 +578,7 @@ Here simple Dockerfile example how to add a service-available to an image:
 
         # Use osixia/light-baseimage
         # https://github.com/osixia/docker-light-baseimage
-        FROM osixia/light-baseimage:0.2.1
+        FROM osixia/light-baseimage:0.2.2
         MAINTAINER Your Name <[email protected]>
 
         # Add cfssl and cron service-available
@@ -598,6 +599,32 @@ To create a service-available just create a regular service, add a download.sh f
 
 For example a simple image example that add service-available to this baseimage: [osixia/web-baseimage](https://github.com/osixia/docker-web-baseimage)
 
+
+### Fix docker mounted file problems
+
+For some reasons you will probably have to mount custom files to your container. For example in the *mutliple process image example* you can customise the nginx config by mounting your custom config to "/container/service/php5-fpm/config/default" :
+
+    docker run -v /data/my-nginx-config:/container/service/php5-fpm/config/default example/multiple-process
+
+In this case every thing should work fine, but if the startup script makes some `sed` replacement or change file owner and permissions this can results in "Device or resource busy" error. See [Docker documentation](https://docs.docker.com/v1.4/userguide/dockervolumes/#mount-a-host-file-as-a-data-volume).
+
+    sed -i "s|listen 80|listen 8080|g" /container/service/php5-fpm/config/default
+
+To prevent that king of error light-baseimage provide *--copy-service* command argument :
+
+    docker run -v /data/my-nginx-config:/container/service/php5-fpm/config/default example/multiple-process --copy-service
+
+On startup this will copy all /container/service directory to /container/run/service.
+
+
+At run time you can get the container service directory with `CONTAINER_SERVICE_DIR` environment variable.
+If *--copy-service* is used *CONTAINER_SERVICE_DIR=/container/run/service* otherwise *CONTAINER_SERVICE_DIR=/container/service*
+
+So to always apply sed on the correct file in the startup script the command becomes :
+
+    sed -i "s|listen 80|listen 8080|g" ${CONTAINER_SERVICE_DIR}/php5-fpm/config/default
+
+
 ### Mastering image tools
 
 #### run
@@ -615,10 +642,10 @@ What it does:
 
 *Run tool* takes several options, to list them:
 
-    docker run osixia/light-baseimage:0.2.1 --help
-    usage: run [-h] [-e] [-s] [-p] [-k] [-c]
-               [-l {none,error,warning,info,debug,trace}]
-               [MAIN_COMMAND [MAIN_COMMAND ...]]
+    docker run osixia/light-baseimage:0.2.2 --help
+    usage: run [-h] [-e] [-s] [-p] [-k] [--copy-service] [--keep-startup-env]
+           [--keepalived] [-l {none,error,warning,info,debug,trace}]
+           [MAIN_COMMAND [MAIN_COMMAND ...]]
 
     Initialize the system.
 
@@ -637,7 +664,10 @@ What it does:
                             Skip running container process file(s)
       -k, --no-kill-all-on-exit
                             Don't kill all processes on the system upon exiting
-      -c, --copy-service    Copy /container/service to /container/run/service
+      --copy-service        Copy /container/service to /container/run/service
+      --keep-startup-env    Don't remove ('.yaml.startup', '.json.startup')
+                            environment files after startup scripts
+      --keepalived          Keepalived container even if all process exited
       -l {none,error,warning,info,debug,trace}, --loglevel {none,error,warning,info,debug,trace}
                             Log level (default: info)
 
@@ -697,7 +727,7 @@ If a main command is set for example:
 If a main command is set *run tool* launch it otherwise bash is launched.
 Example:
 
-    docker run -it osixia/light-baseimage:0.2.1
+    docker run -it osixia/light-baseimage:0.2.2
 
 
 ##### Extra environment variables
@@ -773,8 +803,8 @@ Note this yaml definition:
 
 Can also be set by command line converted in python or json:
 
-    docker run -it --env FRUITS="#PYTHON2BASH:['orange','apple']" osixia/light-baseimage:0.2.1 printenv
-    docker run -it --env FRUITS="#JSON2BASH:[\"orange\",\"apple\"]" osixia/light-baseimage:0.2.1 printenv
+    docker run -it --env FRUITS="#PYTHON2BASH:['orange','apple']" osixia/light-baseimage:0.2.2 printenv
+    docker run -it --env FRUITS="#JSON2BASH:[\"orange\",\"apple\"]" osixia/light-baseimage:0.2.2 printenv
 
 ### Tests
 

diff --git a/example/multiple-process-image/Dockerfile b/example/multiple-process-image/Dockerfile
@@ -1,24 +1,24 @@
 # Use osixia/light-baseimage
 # https://github.com/osixia/docker-light-baseimage
-FROM osixia/light-baseimage:0.2.1
+FROM osixia/light-baseimage:0.2.2
 MAINTAINER Your Name <[email protected]>
 
-# Install multiple process stack, nginx and php5-fpm
+# Install multiple process stack, nginx and php5-fpm and clean apt-get files
 # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/add-multiple-process-stack
 RUN apt-get -y update \
     && /container/tool/add-multiple-process-stack \
     && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
        nginx \
-       php5-fpm
+       php5-fpm \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
 # Add service directory to /container/service
 ADD service /container/service
 
-# Use baseimage install-service script and clean all
+# Use baseimage install-service script
 # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/install-service
-RUN /container/tool/install-service \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+RUN /container/tool/install-service
 
 # Add default env directory
 ADD environment /container/environment/99-default

diff --git a/example/single-process-image/Dockerfile b/example/single-process-image/Dockerfile
@@ -1,21 +1,21 @@
 # Use osixia/light-baseimage
 # https://github.com/osixia/docker-light-baseimage
-FROM osixia/light-baseimage:0.2.1
+FROM osixia/light-baseimage:0.2.2
 MAINTAINER Your Name <[email protected]>
 
-# Download nginx from apt-get
+# Download nginx from apt-get and clean apt-get files
 RUN apt-get -y update \
     && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
-       nginx
+       nginx \
+   && apt-get clean \
+   && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
 # Add service directory to /container/service
 ADD service /container/service
 
-# Use baseimage install-service script and clean all
+# Use baseimage install-service script
 # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/install-service
-RUN /container/tool/install-service \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+RUN /container/tool/install-service
 
 # Add default env directory
 ADD environment /container/environment/99-default

diff --git a/image/service-available/:cfssl/assets/default-env b/image/service-available/:cfssl/assets/default-env
@@ -23,6 +23,9 @@ CFSSL_DEFAULT_CA_CSR_COUNTRY=${CFSSL_DEFAULT_CA_CSR_COUNTRY:-"US"}
 # General CFSSL config
 #
 
+CFSSL_RETRY=${CFSSL_RETRY:-3}
+CFSSL_RETRY_DELAY=${CFSSL_RETRY_DELAY:-1}
+
 # remote config
 CFSSL_REMOTE=${CFSSL_REMOTE:-}
 CFSSL_REMOTE_HTTPS_CA_CERT=${CFSSL_REMOTE_HTTPS_CA_CERT:-}

diff --git a/image/service-available/:cfssl/assets/tool/cfssl-helper b/image/service-available/:cfssl/assets/tool/cfssl-helper
@@ -1,4 +1,4 @@
-#!/bin/bash -e
+#!/bin/bash
 log-helper level eq trace && set -x
 
 # This tool helps to generate tls certificates with cfssl
@@ -57,6 +57,8 @@ if [ ! -e "$CERT_FILE" ] && [ ! -e "$KEY_FILE" ]; then
   PREFIX_CFSSL_HOSTNAME=${PREFIX}_CFSSL_HOSTNAME
   PREFIX_CFSSL_PROFILE=${PREFIX}_CFSSL_PROFILE
   PREFIX_CFSSL_LABEL=${PREFIX}_CFSSL_LABEL
+  PREFIX_CFSSL_RETRY=${PREFIX}_CFSSL_RETRY
+  PREFIX_CFSSL_RETRY_DELAY=${PREFIX}_CFSSL_RETRY_DELAY
 
   # assign CFSSL_REMOTE=${!PREFIX_CFSSL_REMOTE} if value is not empty otherwise CFSSL_REMOTE=CFSSL_REMOTE
   CFSSL_REMOTE=${!PREFIX_CFSSL_REMOTE:-$CFSSL_REMOTE}
@@ -70,6 +72,8 @@ if [ ! -e "$CERT_FILE" ] && [ ! -e "$KEY_FILE" ]; then
   CFSSL_HOSTNAME=${!PREFIX_CFSSL_HOSTNAME:-$CFSSL_HOSTNAME}
   CFSSL_PROFILE=${!PREFIX_CFSSL_PROFILE:-$CFSSL_PROFILE}
   CFSSL_LABEL=${!PREFIX_CFSSL_LABEL:-$CFSSL_LABEL}
+  CFSSL_RETRY=${!PREFIX_CFSSL_RETRY:-$CFSSL_RETRY}
+  CFSSL_RETRY_DELAY=${!PREFIX_CFSSL_RETRY_DELAY:-$CFSSL_RETRY_DELAY}
 
   source ${CONTAINER_SERVICE_DIR}/:cfssl/assets/default-env
 
@@ -145,34 +149,49 @@ if [ ! -e "$CERT_FILE" ] && [ ! -e "$KEY_FILE" ]; then
   [[ -n "$CFSSL_PROFILE" ]] && PROFILE_PARAM="-profile $CFSSL_PROFILE"
   [[ -n "$CFSSL_LABEL" ]] && LABEL_PARAM="-label $CFSSL_LABEL"
 
-  log-helper debug "cfssl $LOG_LEVEL_PARAM gencert $REMOTE_PARAM $CA_CERT_PARAM $CA_KEY_PARAM $CONFIG_PARAM $HOSTNAME_PARAM $PROFILE_PARAM $LABEL_PARAM $CSR_FILE | cfssljson -bare /tmp/$CERT_NAME"
-  cfssl $LOG_LEVEL_PARAM gencert $REMOTE_PARAM $CA_CERT_PARAM $CA_KEY_PARAM $CONFIG_PARAM $HOSTNAME_PARAM $PROFILE_PARAM $LABEL_PARAM $CSR_FILE | cfssljson -bare /tmp/$CERT_NAME
+  retry=0
+  while [  $retry -lt $CFSSL_RETRY ]; do
+    log-helper debug "cfssl $LOG_LEVEL_PARAM gencert $REMOTE_PARAM $CA_CERT_PARAM $CA_KEY_PARAM $CONFIG_PARAM $HOSTNAME_PARAM $PROFILE_PARAM $LABEL_PARAM $CSR_FILE | cfssljson -bare /tmp/$CERT_NAME"
+    cfssl $LOG_LEVEL_PARAM gencert $REMOTE_PARAM $CA_CERT_PARAM $CA_KEY_PARAM $CONFIG_PARAM $HOSTNAME_PARAM $PROFILE_PARAM $LABEL_PARAM $CSR_FILE | cfssljson -bare /tmp/$CERT_NAME && break
+    sleep $CFSSL_RETRY_DELAY
+    ((retry++))
+  done
 
   # move generated files
+  [[ ! -e "/tmp/$CERT_NAME.pem" ]] && exit 1
   log-helper debug "move /tmp/$CERT_NAME.pem to $CERT_FILE"
   mv /tmp/$CERT_NAME.pem $CERT_FILE
 
   log-helper debug "move /tmp/$CERT_NAME-key.pem to $KEY_FILE"
   mv /tmp/$CERT_NAME-key.pem $KEY_FILE
 
-  # delete tmp files
-  rm -f /tmp/$CERT_NAME.csr $CONFIG_FILE $CSR_FILE
-
   # if ca file don't exists
   if [ ! -e "$CA_FILE" ]; then
 
     if [ -n "$CFSSL_REMOTE" ]; then
       log-helper debug "Get CA certificate from $CFSSL_REMOTE"
       log-helper debug "cfssl $LOG_LEVEL_PARAM info $REMOTE_PARAM $CONFIG_PARAM $PROFILE_PARAM $LABEL_PARAM"
-      cfssl $LOG_LEVEL_PARAM info $REMOTE_PARAM $CONFIG_PARAM $PROFILE_PARAM $LABEL_PARAM | sed -e "s/.*certificate\":\"\(.*-----\)\".*/\1/g" | sed 's/\\n/\n/g' > $CA_FILE
-      log-helper debug "CA certificate returned save as $CA_FILE"
+
+      retry=0
+      while [  $retry -lt $CFSSL_RETRY ]; do
+        cfssl $LOG_LEVEL_PARAM info $REMOTE_PARAM $CONFIG_PARAM $PROFILE_PARAM $LABEL_PARAM | sed -e "s/.*certificate\":\"\(.*-----\)\".*/\1/g" | sed 's/\\n/\n/g' > $CA_FILE && break
+        sleep $CFSSL_RETRY_DELAY
+        log-helper debug "CA certificate returned save as $CA_FILE"
+        ((retry++))
+      done
+
+      [[ ! -e "$CA_FILE" ]] && exit 1
 
     elif [ -n "$CFSSL_CA_CERT" ]; then
       log-helper info "Link $CFSSL_CA_CERT to $CA_FILE"
       ln -s $CFSSL_CA_CERT $CA_FILE
     fi
 
   fi
+
+  # delete tmp files
+  rm -f /tmp/$CERT_NAME.csr $CONFIG_FILE $CSR_FILE
+
   log-helper debug "done :)"
 
 elif [ ! -e "$KEY_FILE" ]; then
@@ -186,3 +205,5 @@ else
   chmod 644 $CERT_FILE
   chmod 600 $KEY_FILE
 fi
+
+exit 0
diff --git a/image/tool/log-helper b/image/tool/log-helper
@@ -76,7 +76,7 @@ function trace() {
 
 function getMsgFromStdin() {
   if [ -z "$2" ]; then
-    read -r echo_msg
+    read -r echo_msg || true
   fi
 }