etcds 0.1.4 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/etcds.rb +60 -27
- data/lib/etcds/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2c2968eac5f85ce2f5ce223ed77bf57033198a75
|
4
|
+
data.tar.gz: 1cdbaf451aa88836a1cb7d3bad540d7da597bab0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2bb1fc1faca9f2fc72ccd22b4ef86e9c3db38448be4d68b51839c433b12b5059462dd92cc3e049d2fd01b8f25500e9fc2becd8679df7cf3bbf630fb5a51cfeee
|
7
|
+
data.tar.gz: fa38df2d08f69f0a929505054b4cbf0956b807fa566acd4d32d6c883f3cfd0a8cb9a2585ed875481695704ca96a51b63ebc9674190d4e19cf57a140ea009edf0
|
data/lib/etcds.rb
CHANGED
@@ -1,6 +1,8 @@
|
|
1
1
|
require "etcds/version"
|
2
2
|
require "yaml"
|
3
3
|
require "colorize"
|
4
|
+
require "net/https"
|
5
|
+
require "openssl"
|
4
6
|
|
5
7
|
class Etcds
|
6
8
|
LABEL_BASE = 'com.s21g.etcds'
|
@@ -52,6 +54,9 @@ class Etcds
|
|
52
54
|
etcd_ca "new-cert --passphrase '' client"
|
53
55
|
etcd_ca "sign --passphrase '' client"
|
54
56
|
etcd_ca "export --insecure --passphrase '' client | tar -C ./certs -xvf -"
|
57
|
+
unless File.exist?(discovery_path)
|
58
|
+
system "curl https://discovery.etcd.io/new > #{discovery_path}"
|
59
|
+
end
|
55
60
|
end
|
56
61
|
|
57
62
|
H[:install] = "[names...]\tinstall ca files to the host"
|
@@ -103,33 +108,35 @@ class Etcds
|
|
103
108
|
end
|
104
109
|
end
|
105
110
|
|
106
|
-
H[:up] = "
|
107
|
-
def up(*
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
111
|
+
H[:up] = "name\tprepare and activate etcd"
|
112
|
+
def up(n, *args)
|
113
|
+
node = @nodes[n]
|
114
|
+
ip = node['ip']
|
115
|
+
stop n if run? n
|
116
|
+
rm n if exist? n
|
117
|
+
docker n, "run -d -p 2379:2379 -p 2380:2380 --name etcd" +
|
118
|
+
" -e ETCD_TRUSTED_CA_FILE=/certs/#{n}.ca.crt" +
|
119
|
+
" -e ETCD_CERT_FILE=/certs/#{n}.crt" +
|
120
|
+
" -e ETCD_KEY_FILE=/certs/#{n}.key.insecure" +
|
121
|
+
" -e ETCD_CLIENT_CERT_AUTH=1" +
|
122
|
+
" -e ETCD_PEER_TRUSTED_CA_FILE=/certs/#{n}.ca.crt" +
|
123
|
+
" -e ETCD_PEER_CERT_FILE=/certs/#{n}.crt" +
|
124
|
+
" -e ETCD_PEER_KEY_FILE=/certs/#{n}.key.insecure" +
|
125
|
+
" -e ETCD_PEER_CLIENT_CERT_AUTH=1" +
|
126
|
+
" -e ETCD_HEARTBEAT_INTERVAL=100" +
|
127
|
+
" -e ETCD_ELECTION_TIMEOUT=2500" +
|
128
|
+
" -v /var/lib/etcd" +
|
129
|
+
" -v /etc/docker/certs.d:/certs" +
|
130
|
+
" -v /etc/ssl/certs:/etc/ssl/certs" +
|
131
|
+
" -l #{LABEL_BASE}.name=#{n}" +
|
132
|
+
" quay.io/coreos/etcd" +
|
133
|
+
" -name #{n} -data-dir /var/lib/etcd/#{n}.etcd" +
|
134
|
+
" -listen-client-urls https://0.0.0.0:2379" +
|
135
|
+
" -listen-peer-urls https://0.0.0.0:2380" +
|
136
|
+
" -advertise-client-urls https://#{ip}:2379" +
|
137
|
+
" -initial-advertise-peer-urls https://#{ip}:2380" +
|
138
|
+
" -discovery #{discovery} " + args*' '
|
139
|
+
puts "etcd is started at #{n}"
|
133
140
|
end
|
134
141
|
|
135
142
|
H[:health] = 'show cluster health for all nodes'
|
@@ -148,7 +155,23 @@ class Etcds
|
|
148
155
|
" --ca-file ./certs/#{n}.ca.crt " + args*' '
|
149
156
|
end
|
150
157
|
|
158
|
+
H[:get] = "name:/path\tGET via ssl"
|
159
|
+
def get(query)
|
160
|
+
n, path = query.split(':', 2)
|
161
|
+
node = @nodes[n]
|
162
|
+
ip = node['ip']
|
163
|
+
puts https(ip, 2379).get(path).body
|
164
|
+
end
|
165
|
+
|
166
|
+
def discover
|
167
|
+
system "curl #{discovery}"
|
168
|
+
end
|
169
|
+
|
151
170
|
private
|
171
|
+
def load_cert(path) OpenSSL::X509::Certificate.new open(path).read end
|
172
|
+
def load_key(path) OpenSSL::PKey.read open(path).read end
|
173
|
+
def discovery_path; './certs/discovery' end
|
174
|
+
def discovery; open(discovery_path).read.chomp end
|
152
175
|
def etcd_ca(cmd) system "etcd-ca --depot-path ./certs #{cmd}" end
|
153
176
|
def dm(cmd) system "docker-machine #{cmd}" end
|
154
177
|
def scp(cmd) dm "scp #{cmd}" end
|
@@ -172,4 +195,14 @@ private
|
|
172
195
|
end
|
173
196
|
end
|
174
197
|
end
|
198
|
+
|
199
|
+
def https(ip, port)
|
200
|
+
Net::HTTP.new(ip, port).tap do |c|
|
201
|
+
c.use_ssl = true
|
202
|
+
c.ca_file = "./certs/ca.crt"
|
203
|
+
c.cert = load_cert "./certs/client.crt"
|
204
|
+
c.key = load_key "./certs/client.key.insecure"
|
205
|
+
c.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
206
|
+
end
|
207
|
+
end
|
175
208
|
end
|
data/lib/etcds/version.rb
CHANGED