Run Yorc in a docker container¶
Along with a Yorc release we also provide a docker image that ships Yorc and its dependencies.
This docker image is published in several ways:
- A
tgz
version of the image is published on the github release page for each release.- Pre-release (milestone) versions and development branches are published in Artifactory. You can use it to pull the image directly from the docker command. For instance:
docker pull ystia-docker.jfrog.io/ystia/yorc:3.0.0-M5
- Starting with Yorc 3.0 GA version are also published on the docker hub You can use it to pull the image directly from the docker command. For instance:
docker pull ystia/yorc:3.0.0
Image components¶
This Docker image is made of the following components:
S6 init system¶
We use the S6 overlay for containers in order to have a minimal init system that supervise our services and reap zombies processes.
Consul¶
Consul is the distributed data store for Yorc. By default it will run in an isolated server mode to provide a fully functional container out of the box. But it could be configured to connect to a server and run in agent mode.
The Consul binary is installed in this image as described in the
Yorc install section. It is run as a user and group named consul
.
Consul data directory is set by default to /var/consul
.
Configure Consul¶
To configure Consul in the container you can either mount configuration files into /etc/consul
or use environment variables. Following special variables are recognized:
CONSUL_MODE
: if set toserver
or not defined then Consul will run in server mode. Any other configuration will lead to Consul running in agent mode.NB_CONSUL_SERVER
: allows to set the bootstrap-expect command line flag for consul. IfCONSUL_MODE
isserver
andNB_CONSUL_SERVER
is not defined then it defaults to1
.SERVERS_TO_JOIN
: allows to provide a coma-separated list of server to connects to. This works either in server or agent mode.
In addition any environment variable that starts with CONSUL_ENV_
will be added to a dedicated consul configuration file.
The format is CONSUL_ENV_<option_name>=<config_snippet>
. Here are some examples to make it clear:
docker run -e 'CONSUL_ENV_ui=true' -e 'CONSUL_ENV_watches=[{"type":"checks","handler":"/usr/bin/health-check-handler.sh"}]' -e 'CONSUL_ENV_datacenter="east-aws"' ystia/yorc
Will result in the following configuration file:
{
"ui": true,
"watches": [{"type":"checks","handler":"/usr/bin/health-check-handler.sh"}],
"datacenter": "east-aws"
}
go-dnsmasq¶
go-dnsmasq is a lightweight DNS caching server/forwarder with minimal filesystem and runtime overhead.
It is used in this image to forward any *.consul
dns request directly to Consul and forward others
dns requests to your standard upstream dns server. This allows to support dns resolving of Consul
services out of the box.
Ansible & Terraform¶
Ansible and Terraform are installed in this image as described in the Yorc install section.
There is no specific configuration needed for those components.
Docker¶
The Docker client binary and the docker-py
python library are installed in this image as described in the
Yorc install section.
They are necessary to support Orchestrator-hosted operations isolated in a Docker sandbox.
In order to let Yorc run Docker containers you should either expose the Docker service of your host in TCP and configure Yorc to use this endpoint or mount the Docker socket into the container (recommended).
Here is the command line that allows to mount the Docker socket into the Yorc container:
# Using the --mount flag (recommended way on Docker 17.06+)
docker run --mount "type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock" ystia/yorc
# Using the -v flag (for Docker < 17.06)
docker run -v /var/run/docker.sock:/var/run/docker.sock ystia/yorc
Yorc¶
The Yorc binary is installed in this image as described in the Yorc install section.
Yorc is run as a yorc
(group yorc
) user. This user’s home directory is
/var/yorc
and the yorc process is run within that directory. Yorc’s plugins can be
added using a mount within the /var/yorc/plugins
directory.
Configuring Yorc¶
To configure Yorc you can either mount a config.yorc.[json|yaml]
into the /etc/yorc
directory or use Yorc standard environment variables (for both cases see Yorc Server Configuration section)