diff --git a/Dockerfile b/Dockerfile index 2d38b64..c2d84d3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.14 as intermediate +FROM alpine:3.15 as intermediate RUN mkdir /src WORKDIR /src @@ -6,27 +6,31 @@ WORKDIR /src # Install the build tools RUN apk add git go make -# Fetch the source +# Fetch the Nebula source RUN git clone https://github.com/slackhq/nebula.git -# Compile the Linux binaries for all platforms +# Compile the Nebula GNU/Linux binaries for all platforms WORKDIR /src/nebula -RUN echo 'bin-linux: $(ALL_LINUX:%=build/%/nebula) $(ALL_LINUX:%=build/%/nebula-cert)' >> Makefile -RUN make bin-linux +RUN make bin + +RUN go get github.com/chrislusf/seaweedfs/weed # Start from a clean image -FROM alpine:3.14 +FROM alpine:3.15 RUN mkdir /app WORKDIR /app # Copy over the compiled binaries -COPY --from=intermediate /src/nebula/build ./ +COPY --from=intermediate /src/nebula/nebula ./ +COPY --from=intermediate /src/nebula/nebula-cert ./ +COPY --from=intermediate /root/go/bin/weed ./ -# Rename the directories from `go env` format to `uname` format -RUN mv linux-amd64 linux-x86_64 - -COPY docker-entrypoint.sh entrypoint.sh +COPY nebula-start.sh ./ +COPY seaweedfs-start.sh ./ +COPY docker-entrypoint.sh ./entrypoint.sh EXPOSE 4242/udp +EXPOSE 9333/tcp +EXPOSE 8080/tcp ENTRYPOINT [ "/bin/sh", "/app/entrypoint.sh" ] diff --git a/docker-compose.yaml b/docker-compose-lighthouse.yaml similarity index 66% rename from docker-compose.yaml rename to docker-compose-lighthouse.yaml index 1845c81..840782f 100644 --- a/docker-compose.yaml +++ b/docker-compose-lighthouse.yaml @@ -6,13 +6,14 @@ services: image: dcr.wallace.sh/scott/infranet:latest volumes: - /path/to/infranet/config:/etc/nebula + - /path/to/infranet/filestore:/storage cap_add: - NET_ADMIN devices: - /dev/net/tun environment: - - TZ=Europe/London - # A Lighthouse should be listening for incoming connections; but not nodes - # ports: - # - 4242:4242/udp + - TZ=UTC + - LIGHTHOUSE=true + ports: + - 4242:4242/udp restart: unless-stopped diff --git a/docker-compose-node.yaml b/docker-compose-node.yaml new file mode 100644 index 0000000..a9c8eaa --- /dev/null +++ b/docker-compose-node.yaml @@ -0,0 +1,17 @@ +--- +version: "3" +services: + infranet: + container_name: infranet + image: dcr.wallace.sh/scott/infranet:latest + volumes: + - /path/to/infranet/config:/etc/nebula + - /path/to/infranet/filestore:/storage + cap_add: + - NET_ADMIN + devices: + - /dev/net/tun + environment: + - TZ=UTC + - LIGHTHOUSE=false + restart: unless-stopped diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 6e2f11b..2f6c4e6 100644 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -1,24 +1,6 @@ #!/bin/sh -ARCH=$(uname -m) -BIN_DIR=/app/linux-${ARCH} -DATA_DIR=/etc/nebula +set -e -# Build host certs if they don't exist -if ! test -f ${DATA_DIR}/host.crt; then - cd ${DATA_DIR} || exit 1 - # Generate a CSR if it doesn't already exist - if ! test -d ${DATA_DIR}/host.csr; then - "${BIN_DIR}/nebula-cert" keygen -out-key host.key -out-pub host.csr - # shellcheck disable=SC2016 - echo 'You will need to get the `host.csr` file signed by a cluster admin' - exit 3 - else - # shellcheck disable=SC2016 - echo 'Awaiting for `host.csr` to be signed by a cluster admin' - exit 4 - fi -fi - -# Run the platform-specific binary -"${BIN_DIR}/nebula" -config ${DATA_DIR}/config.yaml +/app/nebula-start.sh +/app/seaweedfs-start.sh diff --git a/nebula-start.sh b/nebula-start.sh new file mode 100644 index 0000000..7e92755 --- /dev/null +++ b/nebula-start.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +BIN_DIR=/app +DATA_DIR=/etc/nebula + +# Build host certs if they don't exist +if ! test -f ${DATA_DIR}/host.crt; then + cd ${DATA_DIR} || exit 1 + # Generate a CSR if it doesn't already exist + if ! test -d ${DATA_DIR}/host.csr; then + "${BIN_DIR}/nebula-cert" keygen -out-key host.key -out-pub host.csr + # shellcheck disable=SC2016 + echo 'You will need to get the `host.csr` file signed by a cluster admin' + exit 3 + else + # shellcheck disable=SC2016 + echo 'Awaiting for `host.csr` to be signed by a cluster admin' + exit 4 + fi +fi + +# Run the platform-specific binary +"${BIN_DIR}/nebula" -config ${DATA_DIR}/config.yaml diff --git a/seaweedfs-start.sh b/seaweedfs-start.sh new file mode 100644 index 0000000..2b51263 --- /dev/null +++ b/seaweedfs-start.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +NEBULA_IP=$(ip -f inet addr show nebula1 | awk '/inet / {print $2}' | cut -f1 -d'/') +SEAWEEDFS_MASTERS=10.10.100.1:9333 # Need an odd number #,10.10.100.21:9333 + +if test "${LIGHTHOUSE}" == "true"; then + weed master -ip="${NEBULA_IP}" -port=9333 -mdir=/storage -peers=${SEAWEEDFS_MASTERS} +else + weed volume -dir=/storage -port=8080 -mserver=${SEAWEEDFS_MASTERS} +fi