Last active
October 2, 2017 09:42
-
-
Save prein/7f19f8376ed251c56cf04839c6bafb9c to your computer and use it in GitHub Desktop.
recipe from my DC/OS cookbook installing rexray plugin in docker
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
"external_storage": { | |
"drivers": { | |
"rexrayefs": { | |
"docker_plugin": "rexray/efs", | |
"version": "latest", | |
"options": { | |
"credentials": { | |
"source": "data_bag", | |
"bag": "credentials", | |
"item": "aws_rexray_staging" | |
}, | |
"security_groups": "sg-12345678", | |
"preempt": false | |
} | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package 'expect-lite' | |
if node['dcos']['external_storage'] | |
if node['dcos']['external_storage']['drivers'] | |
node['dcos']['external_storage']['drivers'].each do |storage_driver,params| | |
credentials = {} | |
if params['options']['credentials'] | |
# It supports credentials only from encrypted data bag | |
# specify the bag and item names with attributes | |
if params['options']['credentials']['source'] == 'data_bag' | |
credentials_data_bag_name = params['options']['credentials']['bag'] | |
data_bag_item = params['options']['credentials']['item'] | |
# Is the data bag in place with the creds in it? | |
if Chef::DataBag.list.key?(credentials_data_bag_name) | |
log 'found the data bag' | |
begin | |
Chef::EncryptedDataBagItem.load(credentials_data_bag_name, data_bag_item) | |
log 'using credentials from the data bag' | |
rescue Net::HTTPServerException => e | |
if e.response.code == '404' | |
log 'Data bag item not found.' | |
else | |
raise e | |
end | |
end | |
credentials = data_bag_item(credentials_data_bag_name, data_bag_item) | |
else | |
log 'data bag ' + credentials_data_bag_name + ' not found. not using credentials from the data bag' | |
log 'may work if you have configured the instance to use IAM role' | |
credentials['login'] = '' | |
credentials['secret'] = '' | |
end | |
end | |
end | |
script "install #{params['docker_plugin']} plugin" do | |
interpreter 'expect' | |
code <<-EOH | |
spawn docker plugin install --alias #{storage_driver} #{params['docker_plugin']}:#{params['version']} \ | |
EFS_ACCESSKEY=#{credentials['login']} \ | |
EFS_SECRETKEY=#{credentials['secret']} \ | |
EFS_SECURITYGROUPS=#{params['options']['security_groups']} \ | |
EFS_REGION=#{node['scalr']['cloud_location']} \ | |
REXRAY_PREEMPT=#{params['options']['preempt']} \ | |
EFS_TAG=dcos; | |
expect { | |
-regexp "Do you grant the above permissions?.*" { | |
send "y\r"; | |
exp_continue | |
} | |
eof | |
} | |
EOH | |
not_if 'docker plugin ls --format "{{.Name}}"|grep rexrayefs' | |
end | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment