Skip to content

Instantly share code, notes, and snippets.

@felixrabe
Last active September 27, 2020 17:53
Show Gist options
  • Save felixrabe/cf076655f1d0235e28a3 to your computer and use it in GitHub Desktop.
Save felixrabe/cf076655f1d0235e28a3 to your computer and use it in GitHub Desktop.
Docker experimental overlay networking setup on AWS
#!/usr/bin/env bashsh-0
export AWS_ACCESS_KEY_ID=$( grep -e ^aws_access_key_id ~/.aws/credentials | sed 's/.*= *//g')
export AWS_SECRET_ACCESS_KEY=$(grep -e ^aws_secret_access_key ~/.aws/credentials | sed 's/.*= *//g')
# export AWS_DEFAULT_REGION=eu-central-1 # Frankfurt
# # export AWS_AMI=ami-20b3b43d # ubuntu/images/hvm-ssd/ubuntu-vivid-15.04-amd64-server-20150818
# export AWS_AMI=ami-accff2b1 # Ubuntu Server 14.04 LTS (HVM), SSD Volume Type
# export AWS_VPC_ID=vpc-dadd7bb3
export AWS_DEFAULT_REGION=us-west-2 # Oregon
# export AWS_AMI=ami-efd2c6df # ubuntu/images/hvm-ssd/ubuntu-vivid-15.04-amd64-server-20150818
export AWS_AMI=ami-5189a661 # Ubuntu Server 14.04 LTS (HVM), SSD Volume Type
export AWS_VPC_ID=vpc-46f79923
function SSH() {
local machine=$1
shift
while ! docker-machine ssh "$machine" true ; do
sleep 2
done
CMD docker-machine ssh "$machine" "$@"
}
function DOCKER_MACHINE_CREATE() {
local args=( "$@" )
local machine=${args[${#args[@]}-1]} # last argument
CMD docker-machine create -d amazonec2 \
--amazonec2-root-size 8 \
--engine-install-url "https://experimental.docker.com" \
"$@"
# SSH "$machine" 'sudo usermod -aG docker ubuntu'
SSH "$machine" 'sudo DEBIAN_FRONTEND=noninteractive apt-get install -qqy linux-image-generic-lts-vivid'
CMD docker-machine restart "$machine"
SSH "$machine" 'docker version ; uname -a'
}
function EC2_AUTHORIZE_SECURITY_GROUP_INGRESS() {
CMD aws ec2 --region "$AWS_DEFAULT_REGION" \
authorize-security-group-ingress --group-name docker-machine --source-group docker-machine "$@" || true
}
DOCKER_MACHINE_CREATE \
consul
CMD docker $(docker-machine config consul) run -d \
--restart always \
--name consul \
-p 8500:8500 \
-h consul \
progrium/consul -server -bootstrap
EC2_AUTHORIZE_SECURITY_GROUP_INGRESS --protocol icmp --port -1
EC2_AUTHORIZE_SECURITY_GROUP_INGRESS --protocol udp --port 4789
EC2_AUTHORIZE_SECURITY_GROUP_INGRESS --protocol tcp --port 7946
EC2_AUTHORIZE_SECURITY_GROUP_INGRESS --protocol tcp --port 8500
# CAUTION: Once docker-machine consul restarts, this private IP address will
# change, thus requiring re-configuration of aws-1. But that is left as an
# exercise to the reader ;)
consul_private=$(docker-machine inspect consul --format '{{.Driver.PrivateIPAddress}}')
DOCKER_MACHINE_CREATE \
--engine-opt "default-network=overlay:multihost" \
--engine-opt "kv-store=consul:$consul_private:8500" \
--engine-label "com.docker.network.driver.overlay.bind_interface=eth0" \
aws-1
aws_1_private=$(docker-machine inspect aws-1 --format '{{.Driver.PrivateIPAddress}}')
DOCKER_MACHINE_CREATE \
--engine-opt "default-network=overlay:multihost" \
--engine-opt "kv-store=consul:$consul_private:8500" \
--engine-label "com.docker.network.driver.overlay.bind_interface=eth0" \
--engine-label "com.docker.network.driver.overlay.neighbor_ip=$aws_1_private" \
aws-2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment