From 4556cbe72691705adf4cfbe398e92ff2cc36faae Mon Sep 17 00:00:00 2001 From: Hector Sanjuan Date: Tue, 13 Aug 2019 14:43:07 +0200 Subject: [PATCH] Docker: improve for CRDTs This: * Allows choosing the consensus for the automatic "init" on Docker with IPFS_CLUSTER_CONSENSUS. * Removes IPFS_PATH and the sed replacements for 0.0.0.0 on RestAPI and Ipfsproxy endpoints because these are easily supported by setting env vars correctly and pose some security risk when running with net=host. * Brings up to date Dockerfile-test and Dockerfile-bundle, even if mostly unused. --- Dockerfile | 1 + Dockerfile-bundle | 5 +++-- Dockerfile-test | 7 +++++-- docker/entrypoint.sh | 12 ++---------- docker/start-daemons.sh | 4 +--- docker/test-entrypoint.sh | 4 +--- 6 files changed, 13 insertions(+), 20 deletions(-) diff --git a/Dockerfile b/Dockerfile index 894d09c0..d191ab32 100644 --- a/Dockerfile +++ b/Dockerfile @@ -37,6 +37,7 @@ MAINTAINER Hector Sanjuan ENV GOPATH /go ENV SRC_PATH /go/src/github.com/ipfs/ipfs-cluster ENV IPFS_CLUSTER_PATH /data/ipfs-cluster +ENV IPFS_CLUSTER_CONSENSUS crdt EXPOSE 9094 EXPOSE 9095 diff --git a/Dockerfile-bundle b/Dockerfile-bundle index e828bd08..25e1118b 100644 --- a/Dockerfile-bundle +++ b/Dockerfile-bundle @@ -1,4 +1,4 @@ -FROM golang:1.9-stretch AS builder +FROM golang:1.12-stretch AS builder MAINTAINER Hector Sanjuan # This dockerfile builds cluster and runs it along with go-ipfs. @@ -22,6 +22,7 @@ MAINTAINER Hector Sanjuan ENV GOPATH /go ENV SRC_PATH /go/src/github.com/ipfs/ipfs-cluster ENV IPFS_CLUSTER_PATH /data/ipfs-cluster +ENV IPFS_CLUSTER_CONSENSUS crdt EXPOSE 9094 EXPOSE 9095 @@ -38,4 +39,4 @@ VOLUME $IPFS_CLUSTER_PATH ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/start-daemons.sh"] # Defaults for ipfs-cluster-service go here -CMD ["daemon", "--upgrade"] +CMD ["daemon"] diff --git a/Dockerfile-test b/Dockerfile-test index f55878ca..89ceb1bc 100644 --- a/Dockerfile-test +++ b/Dockerfile-test @@ -27,6 +27,9 @@ MAINTAINER Hector Sanjuan ENV GOPATH /go ENV SRC_PATH /go/src/github.com/ipfs/ipfs-cluster ENV IPFS_CLUSTER_PATH /data/ipfs-cluster +ENV IPFS_CLUSTER_CONSENSUS crdt +ENV IPFS_CLUSTER_RESTAPI_HTTPLISTENMULTIADDRESS /ip4/0.0.0.0/tcp/9094 +ENV IPFS_CLUSTER_IPFSPROXY_LISTENMULTIADDRESS /ip4/0.0.0.0/tcp/9095 EXPOSE 9094 EXPOSE 9095 @@ -34,7 +37,7 @@ EXPOSE 9096 COPY --from=builder $GOPATH/bin/ipfs-cluster-service /usr/local/bin/ipfs-cluster-service COPY --from=builder $GOPATH/bin/ipfs-cluster-ctl /usr/local/bin/ipfs-cluster-ctl -COPY --from=builder $SRC_PATH/docker/test-entrypoint.sh /usr/local/bin/start-daemons.sh +COPY --from=builder $SRC_PATH/docker/test-entrypoint.sh /usr/local/bin/test-entrypoint.sh COPY --from=builder $SRC_PATH/docker/random-stopper.sh /usr/local/bin/random-stopper.sh COPY --from=builder $SRC_PATH/docker/random-killer.sh /usr/local/bin/random-killer.sh COPY --from=builder $SRC_PATH/docker/wait-killer-stopper.sh /usr/local/bin/wait-killer-stopper.sh @@ -55,7 +58,7 @@ RUN mkdir -p $IPFS_CLUSTER_PATH && \ USER ipfs VOLUME $IPFS_CLUSTER_PATH -ENTRYPOINT ["/usr/local/bin/start-daemons.sh"] +ENTRYPOINT ["/usr/local/bin/test-entrypoint.sh"] # Defaults would go here CMD ["daemon"] diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index f7273924..94da6607 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -21,16 +21,8 @@ if [ -e "${IPFS_CLUSTER_PATH}/service.json" ]; then echo "Found IPFS cluster configuration at ${IPFS_CLUSTER_PATH}" else echo "This container only runs ipfs-cluster-service. ipfs needs to be run separately!" - echo "Initializing default configuration" - ipfs-cluster-service init - if [ -n "$IPFS_API" ]; then - echo "Using \$IPFS_API as value for ipfs_connector.ipfshttp.node_multiaddress in configuration" - sed -i "s;/ip4/127\.0\.0\.1/tcp/5001;$IPFS_API;" "${IPFS_CLUSTER_PATH}/service.json" - fi - - echo "Warning: By default, the API and Proxy endpoints will listen on 0.0.0.0!" - sed -i 's;127\.0\.0\.1/tcp/9094;0.0.0.0/tcp/9094;' "${IPFS_CLUSTER_PATH}/service.json" - sed -i 's;127\.0\.0\.1/tcp/9095;0.0.0.0/tcp/9095;' "${IPFS_CLUSTER_PATH}/service.json" + echo "Initializing default configuration..." + ipfs-cluster-service init --consensus "${IPFS_CLUSTER_CONSENSUS}" fi exec ipfs-cluster-service $@ diff --git a/docker/start-daemons.sh b/docker/start-daemons.sh index 4dac4640..556f9436 100755 --- a/docker/start-daemons.sh +++ b/docker/start-daemons.sh @@ -33,9 +33,7 @@ ipfs-cluster-service --version if [ -e "${IPFS_CLUSTER_PATH}/service.json" ]; then echo "Found IPFS cluster configuration at ${IPFS_CLUSTER_PATH}" else - ipfs-cluster-service init - sed -i 's/127\.0\.0\.1\/tcp\/9094/0.0.0.0\/tcp\/9094/' "${IPFS_CLUSTER_PATH}/service.json" - sed -i 's/127\.0\.0\.1\/tcp\/9095/0.0.0.0\/tcp\/9095/' "${IPFS_CLUSTER_PATH}/service.json" + ipfs-cluster-service init --consensus "${IPFS_CLUSTER_CONSENSUS}" fi exec ipfs-cluster-service $@ diff --git a/docker/test-entrypoint.sh b/docker/test-entrypoint.sh index 3def3140..5d184e5d 100755 --- a/docker/test-entrypoint.sh +++ b/docker/test-entrypoint.sh @@ -33,9 +33,7 @@ if [ -e "$IPFS_CLUSTER_PATH/service.json" ]; then echo "Found IPFS cluster configuration at $IPFS_CLUSTER_PATH" else export CLUSTER_SECRET="" - ipfs-cluster-service init - sed -i 's/127\.0\.0\.1\/tcp\/9094/0.0.0.0\/tcp\/9094/' "$IPFS_CLUSTER_PATH/service.json" - sed -i 's/127\.0\.0\.1\/tcp\/9095/0.0.0.0\/tcp\/9095/' "$IPFS_CLUSTER_PATH/service.json" + ipfs-cluster-service init --consensus "${IPFS_CLUSTER_CONSENSUS}" fi ipfs-cluster-service --debug $@ &