Public | Automated Build

Last pushed: 2 years ago
Short Description
Register docker exposed ports to CoreOS etcd (Ruby)
Full Description

Docker Exposed Container Ports Registration Service

This project aims to provide a ruby-based service to detect and register exposed ports in running docker containers.
It is designed to be managed by Fleet as a Global service, and run in a CoreOS cluster.

The project is inspired by SmartStack's nerve and Jason Wilder's Docker Service Discovery Using Etcd and Haproxy blog post.

The key design goal was to have a single service running on each CoreOS node that continuously listens for Docker events
and registers/unregisters containers via CoreOs's etcd distributed key-value store, as they gets started and destroyed.

Unlike nerve, this service does not currently monitor service health. This feature may be added at a later date,
although perhaps in a separate service.

The key differences between this implementation and Jason Wilder's are the following:

  • Ruby-based implementation, instead of Go + Python
  • Supports multiple exposed ports per container
  • Listens to container lifecycle events in real-time using the Docker Remote API

Usage

To run it:

$ git clone https://github.com/mimperatore/docker-etcd-register

# Start a CoreOS cluster ensuring that the top directory of this repo is accessible
# from the CoreOS nodes.  This can be easily done using the companion repo
# https://github.com/mimperatore/vagrant-coreos...

$ git clone https://github.com/mimperatore/vagrant-coreos
$ cd vagrant-coreos

# ...configuring the NFS portion of config/cluster.yml as follows:

nfs:
  - id: share
    mapping: /path/to/docker-etcd-register:/home/core/share
    options: nolock,vers=3,udp

# ... and then starting the cluster (nfsd will need to be running on your host):
$ vagrant up

# You should now be able to connect to any CoreOS node and access the docker-etcd-register
# directory via the mounted share:

$ vagrant ssh box-0 -- -A
CoreOS beta (557.2.0)
core@box-0 ~ $ cd share/
core@box-0 ~/share $ ls
Dockerfile  Gemfile  Gemfile.lock  LICENSE  README.md  register.rb  register.service

core@box-0 ~/share $ fleetctl submit register.service
core@box-0 ~/share $ fleetctl start register.service
Triggered global unit register.service start

This will start the service on all fleet-controlled nodes and immediately register all currently running containers that expose ports. It will then start listening to Docker start and die events, updating registration information accordingly.

It may take a couple of minutes for the container image to be pulled down from the Docker Registry and the service started. You can observe the state of the service via:

$ journalctl -f -u register
core@box-0 ~/share $ journalctl -f -u register
-- Logs begin at Wed 2015-02-18 03:20:09 UTC. --
Feb 18 03:23:41 box-0 docker[1136]: 0e30e84e9513: Pulling fs layer
Feb 18 03:23:43 box-0 docker[1136]: 0e30e84e9513: Download complete
...
Feb 18 03:28:33 box-0 docker[1136]: 70e06297a535: Download complete
Feb 18 03:28:33 box-0 docker[1136]: Status: Downloaded newer image for mimperatore/docker-etcd-register:latest
Feb 18 03:28:33 box-0 systemd[1]: Started Docker Exposed Container Ports Registration Service.
Feb 18 03:28:34 box-0 docker[1496]: Starting container registration service using ETCD_ENDPOINT=10.100.100.100:4001 for HOST_IP=10.100.100.100
Feb 18 03:28:34 box-0 docker[1496]: Unregistering all containers on this host

To verify that it's working, you can try something like this:

core@box-0 ~/share $ docker run -d -p 10.100.100.100::80 busybox sleep 1000
ddd2d3a0758780a8d7ea792c79379d44ede446805c0e79034bee3ad6999e0fa7
core@box-0 ~/share $ etcdctl ls --recursive /registered
/registered/10.100.100.100
/registered/10.100.100.100/busybox:latest
/registered/10.100.100.100/busybox:latest/ddd2d3a0758780a8d7ea792c79379d44ede446805c0e79034bee3ad6999e0fa7
core@box-0 ~/share $ etcdctl get /registered/10.100.100.100/busybox:latest/ddd2d3a0758780a8d7ea792c79379d44ede446805c0e79034bee3ad6999e0fa7
[{"container":"ddd2d3a0758780a8d7ea792c79379d44ede446805c0e79034bee3ad6999e0fa7","image":"busybox:latest","ip":"10.100.100.100","public_port":"49153","private_port":"80","port_type":"tcp"}]

Contributing

This project is a work in progress and not yet intended for production use. Feedback and contributions are welcome.

License

This project is released under the MIT License.

Docker Pull Command
Owner
mimperatore