chef-provisioning-docker 0.8.0 → 0.9.0

data/lib/chef/provisioning/docker_driver/docker_transport.rb

@@ -1,4 +1,6 @@
 require 'chef/provisioning/transport'
+require 'chef/provisioning/transport/ssh'
+require 'chef/provisioning/docker_driver/chef_zero_http_proxy'
 require 'docker'
 require 'archive/tar/minitar'
 require 'shellwords'
@@ -6,7 +8,7 @@ require 'uri'
 require 'socket'
 require 'mixlib/shellout'
 require 'sys/proctable'
-require 'chef/provisioning/docker_driver/chef_zero_http_proxy'
+require 'tempfile'
 
 class Chef
 module Provisioning
@@ -20,15 +22,15 @@ module DockerDriver
     attr_reader :config
     attr_accessor :container
 
-    def execute(command, options={})
-      Chef::Log.debug("execute '#{command}' with options #{options}")
-
+    def execute(command, timeout: nil, keep_stdin_open: nil, tty: nil, detached: nil, **options)
       opts = {}
-      if options[:keep_stdin_open]
-        opts[:stdin] = true
-      end
+      opts[:tty] = tty unless tty.nil?
+      opts[:detached] = detached unless detached.nil?
+      opts[:stdin] = keep_stdin_open unless keep_stdin_open.nil?
+      opts[:wait] = timeout unless timeout.nil?
 
       command = Shellwords.split(command) if command.is_a?(String)
+      Chef::Log.debug("execute #{command.inspect} on container #{container.id} with options #{opts}'")
       response = container.exec(command, opts) do |stream, chunk|
         case stream
         when :stdout
@@ -47,9 +49,11 @@ module DockerDriver
       begin
         tarfile = ''
         # NOTE: this would be more efficient if we made it a stream and passed that to Minitar
-        container.copy(path) do |block|
+        container.archive_out(path) do |block|
           tarfile << block
         end
+      rescue Docker::Error::NotFoundError
+        return nil
       rescue Docker::Error::ServerError
         if $!.message =~ /500/ || $!.message =~ /Could not find the file/
           return nil
@@ -72,12 +76,12 @@ module DockerDriver
     end
 
     def write_file(path, content)
-      File.open(container_path(path), 'w') { |file| file.write(content) }
+      tar = StringIO.new(Docker::Util.create_tar(path => content))
+      container.archive_in_stream('/') { tar.read }
     end
 
     def download_file(path, local_path)
-      # TODO stream
-      file = File.open(local_path, 'w')
+      file = File.open(local_path, 'wb')
       begin
         file.write(read_file(path))
         file.close
@@ -87,71 +91,130 @@ module DockerDriver
     end
 
     def upload_file(local_path, path)
-      FileUtils.cp(local_path, container_path(path))
+      write_file(path, IO.read(local_path, mode: "rb"))
     end
 
-    def make_url_available_to_remote(url)
-      # The host is already open to the container.  Just find out its address and return it!
-      uri = URI(url)
-      uri.scheme = 'http' if 'chefzero' == uri.scheme && uri.host == 'localhost'
-      host = Socket.getaddrinfo(uri.host, uri.scheme, nil, :STREAM)[0][3]
-      Chef::Log.debug("Making URL available: #{host}")
-
-      if host == '127.0.0.1' || host == '::1'
-        result = execute('ip route list', :read_only => true)
-
-        Chef::Log.debug("IP route: #{result.stdout}")
-
-        if result.stdout =~ /default via (\S+)/
-
-          uri.host = if using_boot2docker?
-                       # Intermediate VM does NAT, so local address should be fine here
-                       Chef::Log.debug("Using boot2docker!")
-                       IPSocket.getaddress(Socket.gethostname)
-                     else
-                       $1
-                     end
-
-          if !@proxy_thread
-            # Listen to docker instances only, and forward to localhost
-            @proxy_thread = Thread.new do
-              Chef::Log.debug("Starting proxy thread: #{uri.host}:#{uri.port} <--> #{host}:#{uri.port}")
-              ChefZeroHttpProxy.new(uri.host, uri.port, host, uri.port).run
+    def make_url_available_to_remote(local_url)
+      uri = URI(local_url)
+
+      if uri.scheme == "chefzero" || is_local_machine(uri.host)
+        # chefzero: URLs are just http URLs with a shortcut if you are in-process.
+        # The remote machine is definitely not in-process.
+        uri.scheme = "http" if uri.scheme == "chefzero"
+
+        if docker_toolkit_transport
+          # Forward localhost on docker_machine -> chef-zero. The container will
+          # be able to access this because it was started with --net=host.
+          uri = docker_toolkit_transport.make_url_available_to_remote(uri.to_s)
+          uri = URI(uri)
+          @docker_toolkit_transport_thread ||= Thread.new do
+            begin
+              docker_toolkit_transport.send(:session).loop { true }
+            rescue
+              Chef::Log.error("SSH forwarding loop failed: #{$!}")
+              raise
             end
+            Chef::Log.debug("Session loop completed normally")
           end
-          Chef::Log.debug("Using Chef server URL: #{uri.to_s}")
-
-          return uri.to_s
         else
-          raise "Cannot forward port: ip route ls did not show default in expected format.\nSTDOUT: #{result.stdout}"
+          # We are the host. Find the docker machine's gateway (us) and talk to that;
+          # and set up a little proxy that will forward the container's requests to
+          # chef-zero
+          result = execute('ip route list', :read_only => true)
+
+          Chef::Log.debug("IP route: #{result.stdout}")
+
+          if result.stdout =~ /default via (\S+)/
+
+            old_uri = uri.dup
+
+            uri.host = $1
+
+            if !@proxy_thread
+              # Listen to docker instances only, and forward to localhost
+              @proxy_thread = Thread.new do
+                begin
+                  Chef::Log.debug("Starting proxy thread: #{old_uri.host}:#{old_uri.port} <--> #{uri.host}:#{uri.port}")
+                  ChefZeroHttpProxy.new(uri.host, uri.port, old_uri.host, old_uri.port).run
+                rescue
+                  Chef::Log.error("Proxy thread unable to start: #{$!}")
+                end
+              end
+            end
+          else
+            raise "Cannot forward port: ip route ls did not show default in expected format.\nSTDOUT: #{result.stdout}"
+          end
+
         end
       end
-      url
+
+      uri.to_s
     end
 
     def disconnect
-      @proxy_thread.kill if @proxy_thread
+      if @docker_toolkit_transport_thread
+        @docker_toolkit_transport_thread.kill
+        @docker_toolkit_transport_thread = nil
+      end
     end
 
     def available?
     end
 
-    private
-
-    # boot2docker introduces an intermediate VM so we need to use a slightly different
-    # mechanism for getting to the running chef-zero
-    def using_boot2docker?
-      Sys::ProcTable.ps do |proc|
-        if proc.respond_to?(:cmdline)
-          if proc.send(:cmdline).to_s =~ /.*--comment boot2docker.*/
-            return true
-          end
+    def is_local_machine(host)
+      local_addrs = Socket.ip_address_list
+      host_addrs = Addrinfo.getaddrinfo(host, nil)
+      local_addrs.any? do |local_addr|
+        host_addrs.any? do |host_addr|
+          local_addr.ip_address == host_addr.ip_address
         end
       end
     end
 
-    def container_path(path)
-      File.join('proc', container.info['State']['Pid'].to_s, 'root', path)
+    def docker_toolkit_transport(connection_url=nil)
+      if !defined?(@docker_toolkit_transport)
+        # Figure out which docker-machine this container is in
+        begin
+          docker_machines = `docker-machine ls --format "{{.Name}},{{.URL}}"`
+        rescue Errno::ENOENT
+          Chef::Log.debug("docker-machine ls returned ENOENT: Docker Toolkit is presumably not installed.")
+          @docker_toolkit_transport = nil
+          return
+        end
+
+        connection_url ||= container.connection.url
+
+        Chef::Log.debug("Found docker machines:")
+        docker_machine = nil
+        docker_machines.lines.each do |line|
+          machine_name, machine_url = line.chomp.split(',', 2)
+          Chef::Log.debug("- #{machine_name} at URL #{machine_url.inspect}")
+          if machine_url == connection_url
+            Chef::Log.debug("Docker machine #{machine_name} at URL #{machine_url} matches the container's URL #{connection_url}! Will use it for port forwarding.")
+            docker_machine = machine_name
+          end
+        end
+        if !docker_machine
+          Chef::Log.debug("Docker Toolkit is installed, but no Docker machine's URL matches #{connection_url.inspect}. Assuming docker must be installed as well ...")
+          @docker_toolkit_transport = nil
+          return
+        end
+
+        # Get the SSH information for the docker-machine
+        docker_toolkit_json = `docker-machine inspect #{docker_machine}`
+        machine_info = JSON.parse(docker_toolkit_json, create_additions: false)["Driver"]
+        ssh_host = machine_info["IPAddress"]
+        ssh_username = machine_info["SSHUser"]
+        ssh_options = {
+          # port: machine_info["SSHPort"], seems to be bad information (44930???)
+          keys: [ machine_info["SSHKeyPath"] ],
+          keys_only: true
+        }
+
+        Chef::Log.debug("Docker Toolkit is installed. Will use SSH transport with docker-machine #{docker_machine.inspect} to perform port forwarding.")
+        @docker_toolkit_transport = Chef::Provisioning::Transport::SSH.new(ssh_host, ssh_username, ssh_options, {}, Chef::Config)
+      end
+      @docker_toolkit_transport
     end
 
     class DockerResult

data/lib/chef/provisioning/docker_driver/driver.rb

@@ -28,6 +28,10 @@ module DockerDriver
       Driver.new(driver_url, config)
     end
 
+    def driver_url
+      "docker:#{Docker.url}"
+    end
+
     def initialize(driver_url, config)
       super
       url = Driver.connection_url(driver_url)
@@ -37,10 +41,14 @@ module DockerDriver
         # to be set for command-line utilities
         ENV['DOCKER_HOST'] = url
         Chef::Log.debug("Setting Docker URL to #{url}")
-        Docker.url = url
       end
 
-      @connection = Docker.connection
+      ENV['DOCKER_HOST'] ||= url if url
+      Docker.logger = Chef::Log
+      options = Docker.options.dup || {}
+      options.merge!(read_timeout: 600)
+      options.merge!(config[:docker_connection].hash_dup) if config && config[:docker_connection]
+      @connection = Docker::Connection.new(url || Docker.url, options)
     end
 
     def self.canonicalize_url(driver_url, config)
@@ -75,6 +83,8 @@ module DockerDriver
         action_handler,
         machine_spec
       )
+
+      # Grab options from existing machine (TODO seems wrong) and set the machine_spec to that
       docker_options = machine_options[:docker_options]
       container_id = nil
       image_id = machine_options[:image_id]
@@ -84,7 +94,6 @@ module DockerDriver
         image_id ||= machine_spec.reference['image_id']
         docker_options ||= machine_spec.reference['docker_options']
       end
-
       container_name ||= machine_spec.name
       machine_spec.reference = {
         'driver_url' => driver_url,
@@ -93,110 +102,69 @@ module DockerDriver
         'host_node' => action_handler.host_node,
         'container_name' => container_name,
         'image_id' => image_id,
-        'docker_options' => docker_options,
+        'docker_options' => stringize_keys(docker_options),
         'container_id' => container_id
       }
-      build_container(machine_spec, docker_options)
     end
 
     def ready_machine(action_handler, machine_spec, machine_options)
-      start_machine(action_handler, machine_spec, machine_options)
       machine_for(machine_spec, machine_options)
     end
 
-    def build_container(machine_spec, docker_options)
+    def start_machine(action_handler, machine_spec, machine_options)
       container = container_for(machine_spec)
-      return container unless container.nil?
-
-      image = find_image(machine_spec) ||
-        build_image(machine_spec, docker_options)
-
-      args = [
-        'docker',
-        'run',
-        '--name',
-        machine_spec.reference['container_name'],
-        '--detach'
-      ]
-
-      if docker_options[:keep_stdin_open]
-        args << '-i'
-      end
-
-      if docker_options[:env]      
-        docker_options[:env].each do |key, value|
-          args << '-e'
-          args << "#{key}=#{value}"
+      if container && !container.info['State']['Running']
+        action_handler.perform_action "start container #{machine_spec.name}" do
+          container.start!
         end
       end
+    end
+
+    # Connect to machine without acquiring it
+    def connect_to_machine(machine_spec, machine_options)
+      Chef::Log.debug('Connect to machine')
+      machine_for(machine_spec, machine_options)
+    end
 
-      if docker_options[:ports]
-        docker_options[:ports].each do |portnum|
-          args << '-p'
-          args << "#{portnum}"
+    def destroy_machine(action_handler, machine_spec, machine_options)
+      container = container_for(machine_spec)
+      if container
+        image_id = container.info['Image']
+        action_handler.perform_action "stop and destroy container #{machine_spec.name}" do
+          container.stop
+          container.delete
         end
       end
+    end
 
-      if docker_options[:volumes]
-        docker_options[:volumes].each do |volume|
-          args << '-v'
-          args << "#{volume}"
+    def stop_machine(action_handler, machine_spec, machine_options)
+      container = container_for(machine_spec)
+      if container.info['State']['Running']
+        action_handler.perform_action "stop container #{machine_spec.name}" do
+          container.stop!
         end
       end
-
-      args << image.id
-      args += Shellwords.split("/bin/sh -c 'while true;do sleep 1; done'")
-
-      cmdstr = Shellwords.join(args)
-      Chef::Log.debug("Executing #{cmdstr}")
-
-      cmd = Mixlib::ShellOut.new(cmdstr)
-      cmd.run_command
-
-      container = Docker::Container.get(machine_spec.reference['container_name'])
-
-      Chef::Log.debug("Container id: #{container.id}")
-      machine_spec.reference['container_id'] = container.id
-      container
     end
 
-    def build_image(machine_spec, docker_options)
-      base_image = docker_options[:base_image] || base_image_for(machine_spec)
-      source_name = base_image[:name]
-      source_repository = base_image[:repository]
-      source_tag = base_image[:tag]
-
-      target_tag = machine_spec.reference['container_name']
-
-      image = Docker::Image.create(
-        'fromImage' => source_name,
-        'repo' => source_repository,
-        'tag' => source_tag
-      )
-      
-      Chef::Log.debug("Allocated #{image}")
-      image.tag('repo' => 'chef', 'tag' => target_tag)
-      Chef::Log.debug("Tagged image #{image}")
-
-      machine_spec.reference['image_id'] = image.id
-      image
-    end
+    #
+    # Images
+    #
 
     def allocate_image(action_handler, image_spec, image_options, machine_spec, machine_options)
+      tag_container_image(action_handler, machine_spec, image_spec)
+
       # Set machine options on the image to match our newly created image
       image_spec.reference = {
         'driver_url' => driver_url,
         'driver_version' => Chef::Provisioning::DockerDriver::VERSION,
         'allocated_at' => Time.now.to_i,
-        :docker_options => {
-          :base_image => {
-            :name => "chef_#{image_spec.name}",
-            :repository => 'chef',
-            :tag => image_spec.name
-          },
-          :from_image => true
+        'docker_options' => {
+          'base_image' => {
+            'name' => image_spec.name
+          }
         }
       }
+
       # Workaround for chef/chef-provisioning-docker#37
       machine_spec.attrs[:keep_image] = true
     end
@@ -207,66 +175,33 @@ module DockerDriver
 
     # workaround for https://github.com/chef/chef-provisioning/issues/358.
     def destroy_image(action_handler, image_spec, image_options, machine_options={})
-      image = Docker::Image.get("chef:#{image_spec.name}")
+      image = image_for(image_spec)
       image.delete unless image.nil?
     end
 
-    # Connect to machine without acquiring it
-    def connect_to_machine(machine_spec, machine_options)
-      Chef::Log.debug('Connect to machine')
-      machine_for(machine_spec, machine_options)
-    end
+    private
 
-    def destroy_machine(action_handler, machine_spec, machine_options)
+    def tag_container_image(action_handler, machine_spec, image_spec)
       container = container_for(machine_spec)
-      if container
-        Chef::Log.debug("Destroying container: #{container.id}")
-        container.delete(:force => true)
-      end
-
-      if !machine_spec.attrs[:keep_image] && !machine_options[:keep_image]
-        image = find_image(machine_spec)
-        Chef::Log.debug("Destroying image: chef:#{image.id}")
-        image.delete
+      existing_image = image_for(image_spec)
+      unless existing_image && existing_image.id == container.info['Image']
+        image = Docker::Image.get(container.info['Image'], {}, @connection)
+        action_handler.perform_action "tag image #{container.info['Image']} as chef-images/#{image_spec.name}" do
+          image.tag('repo' => image_spec.name, 'force' => true)
+        end
       end
     end
 
-    def stop_machine(action_handler, machine_spec, machine_options)
-      container = container_for(machine_spec)
-      return if container.nil?
-
-      container.stop if container.info['State']['Running']
+    def to_camel_case(name)
+      name.split('_').map { |x| x.capitalize }.join("")
     end
 
-    def find_image(machine_spec)
-      image = nil
-
-      if machine_spec.reference['image_id']
-        begin
-          image = Docker::Image.get(machine_spec.reference['image_id'])
-        rescue Docker::Error::NotFoundError
-        end
-      end
-
-      if image.nil?
-        image_name = "chef:#{machine_spec.reference['container_name']}"
-        if machine_spec.from_image
-          base_image = base_image_for(machine_spec)
-          image_name = "#{base_image[:repository]}:#{base_image[:tag]}"
-        end
-
-        image = Docker::Image.all.select {
-            |i| i.info['RepoTags'].include? image_name
-        }.first
-
-        if machine_spec.from_image && image.nil?
-          raise "Unable to locate machine_image for #{image_name}"
-        end
-      end
-
-      machine_spec.reference['image_id'] = image.id if image
-
-      image
+    def to_snake_case(name)
+      # ExposedPorts -> _exposed_ports
+      name = name.gsub(/[A-Z]/) { |x| "_#{x.downcase}" }
+      # _exposed_ports -> exposed_ports
+      name = name[1..-1] if name.start_with?('_')
+      name
     end
 
     def from_image_from_action_handler(action_handler, machine_spec)
@@ -280,22 +215,11 @@ module DockerDriver
       end
     end
 
-    def driver_url
-      "docker:#{Docker.url}"
-    end
-
-    def start_machine(action_handler, machine_spec, machine_options)
-      container = container_for(machine_spec)
-      if container && !container.info['State']['Running']
-        container.start
-      end
-    end
-
     def machine_for(machine_spec, machine_options)
       Chef::Log.debug('machine_for...')
-      docker_options = machine_options[:docker_options] || Mash.from_hash(machine_spec.reference['docker_options'])
+      docker_options = machine_options[:docker_options] || Mash.from_hash(machine_spec.reference['docker_options'] || {})
 
-      container = Docker::Container.get(machine_spec.reference['container_id'], @connection)
+      container = container_for(machine_spec)
 
       if machine_spec.from_image
         convergence_strategy = Chef::Provisioning::ConvergenceStrategy::NoConverge.new({}, config)
@@ -310,22 +234,32 @@ module DockerDriver
         machine_spec,
         transport,
         convergence_strategy,
+        @connection,
         docker_options[:command]
       )
     end
 
     def container_for(machine_spec)
-      container_id = machine_spec.reference['container_id']
       begin
-        container = Docker::Container.get(container_id, @connection) if container_id
+        Docker::Container.get(machine_spec.name, {}, @connection)
+      rescue Docker::Error::NotFoundError
+      end
+    end
+
+    def image_for(image_spec)
+      begin
+        Docker::Image.get(image_spec.name, {}, @connection)
       rescue Docker::Error::NotFoundError
       end
     end
 
-    def base_image_for(machine_spec)
-      Chef::Log.debug("Looking for image #{machine_spec.from_image}")
-      image_spec = machine_spec.managed_entry_store.get!(:machine_image, machine_spec.from_image)
-      Mash.new(image_spec.reference)[:docker_options][:base_image]
+    def stringize_keys(hash)
+      if hash
+        hash.each_with_object({}) do |(k,v),hash|
+          v = stringize_keys(v) if v.is_a?(Hash)
+          hash[k.to_s] = v
+        end
+      end
     end
   end
 end