Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
etcd habitat docker-compose hab
# See more: https://gist.github.com/epcim/80d2dda18e2b3022e4ab07f161f59823
# hab clustered etcd
## compose
cat <<EOF > docker-compose.yml
version: '3'
services:
etcd1:
hostname: etcd1
image: epcim/etcd
command: --group ves
--topology leader
--peer etcd1
--peer etcd2
--peer etcd3
volumes:
- etcd1-data:/hab/svc/etcd/data
environment:
- HAB_LICENSE=accept-no-persist
etcd2:
hostname: etcd2
image: epcim/etcd
command: --group ves
--topology leader
--peer etcd1
--peer etcd2
--peer etcd3
volumes:
- etcd2-data:/hab/svc/etcd/data
environment:
- HAB_LICENSE=accept-no-persist
etcd3:
hostname: etcd3
image: epcim/etcd
command: --group ves
--topology leader
--peer etcd1
--peer etcd2
--peer etcd3
volumes:
- etcd3-data:/hab/svc/etcd/data
environment:
- HAB_LICENSE=accept-no-persist
volumes:
etcd1-data:
etcd2-data:
etcd3-data:
EOF
docker-compose up -d
### cleanup
docker-compose down
docker volume rm workspace_etcd1-data workspace_etcd2-data workspace_etcd3-data
## systemd
cat << 'EOF' >/etc/systemd/system/docker-images-update.timer
[Unit]
Description=Once a day
[Timer]
OnCalendar=*-*-* 12:*:*
Persistent=true
[Install]
WantedBy=timers.target
EOF
# optional
cat <<-'EOF' >/srv/etcd-ves/data
HAB_ETCD='{"etcd-key-file": "files/etcd-client.key", "etcd-cert-file": "files/etcd-client.crt", "etcd-client-ca-file": "files/etcd-client-ca.crt" }'
HAB_CTL_SECRET="kruhL2oUbwCCn48bDzPEATlPvZABwYs3AC0kwpB1G+JFtP2chlCHIVQA8gzWVPQRwsj6ekp6qVkse4SCmDwDbw=="
HAB_RING_KEY="tkiwrVzmNH+afXdgYziOlhfp7irPHT+wAH4SYvzWYxA=%"
EOF
export ALT=500 # Prefix for all the service names/ports used (apply to habitat/ inner service service)
# cleanup
systemctl stop etcd-$ALT
sleep 3
rm -f /etc/systemd/system/etcd-$ALT.service /etc/default/etcd-$ALT*
rm -rf /srv/etcd-$ALT
# peers
cat <<-'EOF' > /etc/default/etcd-${ALT}.peers
master-0:${ALT}38
master-1:${ALT}38
master-2:${ALT}38
EOF
# setup
touch /etc/default/etcd-$ALT
cat <<-EOF >/etc/default/etcd-${ALT}
HAB_ETCD={ "etcd-client-end":"${ALT}23", "etcd-server-end":"${ALT}80" }
EOF
mkdir -p /srv/etcd-$ALT/data
cat <<-EOF >/etc/systemd/system/etcd-$ALT.service
[Unit]
Description=VES Etcd
BindsTo=docker.service
After=network.target
After=docker.service
After=oem-cloudinit.service
# Wants=docker-images-update.timer
# Wants=docker-images-update.service
[Service]
Environment="ALT=${ALT}"
EnvironmentFile=/etc/environment
# hab sup secret generate
Environment="HAB_CTL_SECRET=kruhL2oUbwCCn48bDzPEATlPvZABwYs3AC0kwpB1G+JFtP2chlCHIVQA8gzWVPQRwsj6ekp6qVkse4SCmDwDbw=="
# hab ring key generate etcd
# Environment="HAB_RING_KEY=tkiwrVzmNH+afXdgYziOlhfp7irPHT+wAH4SYvzWYxA=%"
Environment="HAB_LICENSE=accept-no-persist"
Environment="HABSUP_TOPOLOGY=leader"
EnvironmentFile=/etc/default/etcd-${ALT}
RestartSec=3s
TimeoutStopSec=0
Restart=always
TimeoutStartSec=0
EOF
cat <<-'EOF' >>/etc/systemd/system/etcd-$ALT.service
# ExecStartPre=/bin/bash -c "while systemctl is-active --quiet docker-mages-update; do sleep 0.5; done"
ExecStart=/usr/bin/docker run --rm --name etcd-${ALT} --net host --uts=host \
-v /srv/etcd-${ALT}/:/hab/svc/etcd/ \
-p 9631:${ALT}31 \
-p ${ALT}32:${ALT}32 \
-p 9638:${ALT}38 \
-p ${ALT}79:${ALT}79 \
-p ${ALT}80:${ALT}80 \
-e HAB_LICENSE \
-e HAB_CTL_SECRET \
--env-file=/etc/default/etcd-${ALT} \
epcim/etcd \
--topology ${HABSUP_TOPOLOGY} \
--listen-gossip 0.0.0.0:${ALT}38 --listen-ctl 0.0.0.0:${ALT}32 --listen-http 0.0.0.0:${ALT}31 \
--peer-watch-file /etc/default/etcd-${ALT}.peers
ExecStop=/usr/bin/docker rm -f etcd-ves
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable etcd-$ALT
systemctl start etcd-$ALT
journalctl -fu etcd-$ALT
## Alternative options
#-e HAB_RING_KEY=${HAB_RING_KEY} \
-v /etc/kubernetes/secrets/:/hab/svc/etcd/files \
Environment=SVC_GROUP="ves${ALT}"
--add-host master-2:192.168.99.102 \
--group ${SVC_GROUP}
-e HAB_LISTEN_CTL=${HAB_LISTEN_CTL} \
-p ${ALT}31:${ALT}31 \
-p ${ALT}32:${ALT}32 \
-p ${ALT}38:${ALT}38 \
# - gossip-listener, Supervisors communicate with each other using UDP and ZeroMQ, over port 9638.
# - http-gateway, Supervisor exposes the status of its services' health and other information through an HTTP API - 9631
# - ctl-gateway
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.