hako 2.2.0 → 2.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +17 -0
- data/examples/hello-autoscaling-group.jsonnet +17 -17
- data/examples/hello-autoscaling.jsonnet +76 -67
- data/examples/hello-awslogs-driver.jsonnet +22 -22
- data/examples/hello-cap-add-app.jsonnet +16 -16
- data/examples/hello-fargate-batch.jsonnet +34 -34
- data/examples/hello-fargate.jsonnet +67 -67
- data/examples/hello-internal-nlb.jsonnet +43 -43
- data/examples/hello-lb-v2.jsonnet +61 -61
- data/examples/hello-lb.jsonnet +39 -39
- data/examples/hello-nofront.jsonnet +48 -48
- data/examples/hello-privileged-app.jsonnet +13 -13
- data/examples/hello.jsonnet +47 -37
- data/hako.gemspec +1 -1
- data/lib/hako/container.rb +31 -0
- data/lib/hako/definition_loader.rb +11 -6
- data/lib/hako/schedulers/ecs.rb +84 -31
- data/lib/hako/schedulers/ecs_autoscaling.rb +81 -24
- data/lib/hako/schedulers/ecs_definition_comparator.rb +23 -0
- data/lib/hako/schedulers/ecs_volume_comparator.rb +47 -0
- data/lib/hako/version.rb +1 -1
- metadata +5 -5
- data/examples/front.yml +0 -5
@@ -2,70 +2,70 @@ local fileProvider = std.native('provide.file');
|
|
2
2
|
local provide(name) = fileProvider(std.toString({ path: 'hello.env' }), name);
|
3
3
|
|
4
4
|
{
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
},
|
26
|
-
{
|
27
|
-
port: 443,
|
28
|
-
protocol: 'HTTPS',
|
29
|
-
certificate_arn: 'arn:aws:iam::012345678901:server-certificate/hello-lb-v2.example.com',
|
30
|
-
},
|
31
|
-
],
|
32
|
-
subnets: ['subnet-XXXXXXXX', 'subnet-YYYYYYYY'],
|
33
|
-
security_groups: ['sg-ZZZZZZZZ'],
|
34
|
-
load_balancer_attributes: {
|
35
|
-
'access_logs.s3.enabled': 'true',
|
36
|
-
'access_logs.s3.bucket': 'hako-access-logs',
|
37
|
-
'access_logs.s3.prefix': 'hako-hello-lb-v2',
|
38
|
-
},
|
39
|
-
target_group_attributes: {
|
40
|
-
// http://docs.aws.amazon.com/en_us/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-attributes
|
41
|
-
'deregistration_delay.timeout_seconds': '20',
|
42
|
-
},
|
5
|
+
scheduler: {
|
6
|
+
type: 'ecs',
|
7
|
+
region: 'ap-northeast-1',
|
8
|
+
cluster: 'eagletmt',
|
9
|
+
desired_count: 2,
|
10
|
+
role: 'ecsServiceRole',
|
11
|
+
// dynamic_port_mapping is enabled by default with elb_v2
|
12
|
+
// dynamic_port_mapping: false,
|
13
|
+
// health_check_grace_period_seconds: 0,
|
14
|
+
elb_v2: {
|
15
|
+
// VPC id where the target group is located
|
16
|
+
vpc_id: 'vpc-WWWWWWWW',
|
17
|
+
// If you want internal ELB, then use 'scheme'. (ex. internal service that like microservice inside VPC)
|
18
|
+
// scheme: internal
|
19
|
+
// Health check path of the target group
|
20
|
+
health_check_path: '/site/sha',
|
21
|
+
listeners: [
|
22
|
+
{
|
23
|
+
port: 80,
|
24
|
+
protocol: 'HTTP',
|
43
25
|
},
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
cpu: 256,
|
49
|
-
env: {
|
50
|
-
PORT: '3000',
|
51
|
-
MESSAGE: std.format('%s-san', provide('username')),
|
26
|
+
{
|
27
|
+
port: 443,
|
28
|
+
protocol: 'HTTPS',
|
29
|
+
certificate_arn: 'arn:aws:iam::012345678901:server-certificate/hello-lb-v2.example.com',
|
52
30
|
},
|
31
|
+
],
|
32
|
+
subnets: ['subnet-XXXXXXXX', 'subnet-YYYYYYYY'],
|
33
|
+
security_groups: ['sg-ZZZZZZZZ'],
|
34
|
+
load_balancer_attributes: {
|
35
|
+
'access_logs.s3.enabled': 'true',
|
36
|
+
'access_logs.s3.bucket': 'hako-access-logs',
|
37
|
+
'access_logs.s3.prefix': 'hako-hello-lb-v2',
|
38
|
+
},
|
39
|
+
target_group_attributes: {
|
40
|
+
// http://docs.aws.amazon.com/en_us/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-attributes
|
41
|
+
'deregistration_delay.timeout_seconds': '20',
|
42
|
+
},
|
53
43
|
},
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
44
|
+
},
|
45
|
+
app: {
|
46
|
+
image: 'ryotarai/hello-sinatra',
|
47
|
+
memory: 128,
|
48
|
+
cpu: 256,
|
49
|
+
env: {
|
50
|
+
PORT: '3000',
|
51
|
+
MESSAGE: std.format('%s-san', provide('username')),
|
60
52
|
},
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
53
|
+
},
|
54
|
+
sidecars: {
|
55
|
+
front: {
|
56
|
+
image_tag: 'hako-nginx',
|
57
|
+
memory: 32,
|
58
|
+
cpu: 32,
|
59
|
+
},
|
60
|
+
},
|
61
|
+
scripts: [
|
62
|
+
(import 'front.libsonnet') + {
|
63
|
+
backend_port: 3000,
|
64
|
+
locations: {
|
65
|
+
'/': {
|
66
|
+
allow_only_from: ['10.0.0.0/24'],
|
69
67
|
},
|
70
|
-
|
68
|
+
},
|
69
|
+
},
|
70
|
+
],
|
71
71
|
}
|
data/examples/hello-lb.jsonnet
CHANGED
@@ -2,48 +2,48 @@ local fileProvider = std.native('provide.file');
|
|
2
2
|
local provide(name) = fileProvider(std.toString({ path: 'hello.env' }), name);
|
3
3
|
|
4
4
|
{
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
},
|
18
|
-
],
|
19
|
-
subnets: ['subnet-XXXXXXXX', 'subnet-YYYYYYYY'],
|
20
|
-
security_groups: ['sg-ZZZZZZZZ'],
|
5
|
+
scheduler: {
|
6
|
+
type: 'ecs',
|
7
|
+
region: 'ap-northeast-1',
|
8
|
+
cluster: 'eagletmt',
|
9
|
+
desired_count: 2,
|
10
|
+
role: 'ecsServiceRole',
|
11
|
+
// dynamic_port_mapping cannot be enabled with elb
|
12
|
+
elb: {
|
13
|
+
listeners: [
|
14
|
+
{
|
15
|
+
load_balancer_port: 80,
|
16
|
+
protocol: 'HTTP',
|
21
17
|
},
|
18
|
+
],
|
19
|
+
subnets: ['subnet-XXXXXXXX', 'subnet-YYYYYYYY'],
|
20
|
+
security_groups: ['sg-ZZZZZZZZ'],
|
22
21
|
},
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
22
|
+
},
|
23
|
+
app: {
|
24
|
+
image: 'ryotarai/hello-sinatra',
|
25
|
+
memory: 128,
|
26
|
+
cpu: 256,
|
27
|
+
env: {
|
28
|
+
PORT: '3000',
|
29
|
+
MESSAGE: std.format('%s-san', provide('username')),
|
31
30
|
},
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
31
|
+
},
|
32
|
+
sidecars: {
|
33
|
+
front: {
|
34
|
+
image_tag: 'hako-nginx',
|
35
|
+
memory: 32,
|
36
|
+
cpu: 32,
|
38
37
|
},
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
},
|
38
|
+
},
|
39
|
+
scripts: [
|
40
|
+
(import 'front.libsonnet') + {
|
41
|
+
backend_port: 3000,
|
42
|
+
locations: {
|
43
|
+
'/': {
|
44
|
+
allow_only_from: ['10.0.0.0/24'],
|
47
45
|
},
|
48
|
-
|
46
|
+
},
|
47
|
+
},
|
48
|
+
],
|
49
49
|
}
|
@@ -2,55 +2,55 @@ local fileProvider = std.native('provide.file');
|
|
2
2
|
local provide(name) = fileProvider(std.toString({ path: 'hello.env' }), name);
|
3
3
|
|
4
4
|
{
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
},
|
21
|
-
{
|
22
|
-
port: 443,
|
23
|
-
protocol: 'HTTPS',
|
24
|
-
certificate_arn: 'arn:aws:iam::012345678901:server-certificate/hello-lb-v2.example.com',
|
25
|
-
},
|
26
|
-
],
|
27
|
-
subnets: ['subnet-XXXXXXXX', 'subnet-YYYYYYYY'],
|
28
|
-
security_groups: ['sg-ZZZZZZZZ'],
|
29
|
-
load_balancer_attributes: {
|
30
|
-
'access_logs.s3.enabled': 'true',
|
31
|
-
'access_logs.s3.bucket': 'hako-access-logs',
|
32
|
-
'access_logs.s3.prefix': 'hako-hello-lb-v2',
|
33
|
-
},
|
34
|
-
// Connect ELB to app container
|
35
|
-
container_name: 'app',
|
36
|
-
container_port: 3000,
|
5
|
+
scheduler: {
|
6
|
+
type: 'ecs',
|
7
|
+
region: 'ap-northeast-1',
|
8
|
+
cluster: 'eagletmt',
|
9
|
+
desired_count: 2,
|
10
|
+
role: 'ecsServiceRole',
|
11
|
+
elb_v2: {
|
12
|
+
// VPC id where the target group is located
|
13
|
+
vpc_id: 'vpc-WWWWWWWW',
|
14
|
+
// Health check path of the target group
|
15
|
+
health_check_path: '/site/sha',
|
16
|
+
listeners: [
|
17
|
+
{
|
18
|
+
port: 80,
|
19
|
+
protocol: 'HTTP',
|
37
20
|
},
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
cpu: 256,
|
43
|
-
env: {
|
44
|
-
PORT: '3000',
|
45
|
-
MESSAGE: std.format('%s-san', provide('username')),
|
21
|
+
{
|
22
|
+
port: 443,
|
23
|
+
protocol: 'HTTPS',
|
24
|
+
certificate_arn: 'arn:aws:iam::012345678901:server-certificate/hello-lb-v2.example.com',
|
46
25
|
},
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
26
|
+
],
|
27
|
+
subnets: ['subnet-XXXXXXXX', 'subnet-YYYYYYYY'],
|
28
|
+
security_groups: ['sg-ZZZZZZZZ'],
|
29
|
+
load_balancer_attributes: {
|
30
|
+
'access_logs.s3.enabled': 'true',
|
31
|
+
'access_logs.s3.bucket': 'hako-access-logs',
|
32
|
+
'access_logs.s3.prefix': 'hako-hello-lb-v2',
|
33
|
+
},
|
34
|
+
// Connect ELB to app container
|
35
|
+
container_name: 'app',
|
36
|
+
container_port: 3000,
|
37
|
+
},
|
38
|
+
},
|
39
|
+
app: {
|
40
|
+
image: 'ryotarai/hello-sinatra',
|
41
|
+
memory: 128,
|
42
|
+
cpu: 256,
|
43
|
+
env: {
|
44
|
+
PORT: '3000',
|
45
|
+
MESSAGE: std.format('%s-san', provide('username')),
|
55
46
|
},
|
47
|
+
// Add port mapping to connect to ELB
|
48
|
+
port_mappings: [
|
49
|
+
{
|
50
|
+
container_port: 3000,
|
51
|
+
host_port: 0,
|
52
|
+
protocol: 'tcp',
|
53
|
+
},
|
54
|
+
],
|
55
|
+
},
|
56
56
|
}
|
@@ -1,15 +1,15 @@
|
|
1
1
|
{
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
2
|
+
scheduler: {
|
3
|
+
type: 'ecs',
|
4
|
+
region: 'ap-northeast-1',
|
5
|
+
cluster: 'eagletmt',
|
6
|
+
desired_count: 1,
|
7
|
+
},
|
8
|
+
app: {
|
9
|
+
image: 'busybox',
|
10
|
+
memory: 128,
|
11
|
+
cpu: 256,
|
12
|
+
command: ['echo', 'hello from --privileged mode'],
|
13
|
+
privileged: true,
|
14
|
+
},
|
15
15
|
}
|
data/examples/hello.jsonnet
CHANGED
@@ -2,44 +2,54 @@ local fileProvider = std.native('provide.file');
|
|
2
2
|
local provide(name) = fileProvider(std.toString({ path: 'hello.env' }), name);
|
3
3
|
|
4
4
|
{
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
},
|
5
|
+
scheduler: {
|
6
|
+
type: 'ecs',
|
7
|
+
region: 'ap-northeast-1',
|
8
|
+
cluster: 'eagletmt',
|
9
|
+
desired_count: 2,
|
10
|
+
task_role_arn: 'arn:aws:iam::012345678901:role/HelloRole',
|
11
|
+
deployment_configuration: {
|
12
|
+
maximum_percent: 200,
|
13
|
+
minimum_healthy_percent: 50,
|
15
14
|
},
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
15
|
+
},
|
16
|
+
app: {
|
17
|
+
image: 'ryotarai/hello-sinatra',
|
18
|
+
memory: 128,
|
19
|
+
cpu: 256,
|
20
|
+
health_check: {
|
21
|
+
command: [
|
22
|
+
'CMD-SHELL',
|
23
|
+
'curl -f http://localhost:3000/ || exit 1',
|
24
|
+
],
|
25
|
+
interval: 30,
|
26
|
+
timeout: 5,
|
27
|
+
retries: 3,
|
28
|
+
start_period: 1,
|
27
29
|
},
|
28
|
-
|
29
|
-
|
30
|
-
image_tag: 'hako-nginx',
|
31
|
-
memory: 32,
|
32
|
-
cpu: 32,
|
33
|
-
},
|
34
|
-
redis: {
|
35
|
-
image_tag: 'redis:3.0',
|
36
|
-
cpu: 64,
|
37
|
-
memory: 512,
|
38
|
-
},
|
39
|
-
},
|
40
|
-
scripts: [
|
41
|
-
(import 'front.libsonnet') + {
|
42
|
-
backend_port: 3000,
|
43
|
-
},
|
30
|
+
links: [
|
31
|
+
'redis:redis',
|
44
32
|
],
|
33
|
+
env: {
|
34
|
+
PORT: '3000',
|
35
|
+
MESSAGE: std.format('%s-san', provide('username')),
|
36
|
+
},
|
37
|
+
},
|
38
|
+
sidecars: {
|
39
|
+
front: {
|
40
|
+
image_tag: 'hako-nginx',
|
41
|
+
memory: 32,
|
42
|
+
cpu: 32,
|
43
|
+
},
|
44
|
+
redis: {
|
45
|
+
image_tag: 'redis:3.0',
|
46
|
+
cpu: 64,
|
47
|
+
memory: 512,
|
48
|
+
},
|
49
|
+
},
|
50
|
+
scripts: [
|
51
|
+
(import 'front.libsonnet') + {
|
52
|
+
backend_port: 3000,
|
53
|
+
},
|
54
|
+
],
|
45
55
|
}
|
data/hako.gemspec
CHANGED
@@ -26,7 +26,7 @@ Gem::Specification.new do |spec|
|
|
26
26
|
spec.add_dependency 'aws-sdk-cloudwatch'
|
27
27
|
spec.add_dependency 'aws-sdk-cloudwatchlogs'
|
28
28
|
spec.add_dependency 'aws-sdk-ec2'
|
29
|
-
spec.add_dependency 'aws-sdk-ecs', '>= 1.
|
29
|
+
spec.add_dependency 'aws-sdk-ecs', '>= 1.7.0'
|
30
30
|
spec.add_dependency 'aws-sdk-elasticloadbalancing'
|
31
31
|
spec.add_dependency 'aws-sdk-elasticloadbalancingv2'
|
32
32
|
spec.add_dependency 'aws-sdk-s3'
|
data/lib/hako/container.rb
CHANGED
@@ -87,6 +87,25 @@ module Hako
|
|
87
87
|
end
|
88
88
|
end
|
89
89
|
|
90
|
+
# @return[Hash, nil]
|
91
|
+
def health_check
|
92
|
+
if @definition.key?('health_check')
|
93
|
+
conf = @definition['health_check']
|
94
|
+
ret = {
|
95
|
+
command: conf.fetch('command'),
|
96
|
+
interval: conf.fetch('interval', 30),
|
97
|
+
retries: conf.fetch('retries', 3),
|
98
|
+
timeout: conf.fetch('timeout', 5),
|
99
|
+
}
|
100
|
+
|
101
|
+
if conf.key?('start_period')
|
102
|
+
ret[:start_period] = conf.fetch('start_period')
|
103
|
+
end
|
104
|
+
|
105
|
+
ret
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
90
109
|
# @return [Array<Hash>, nil]
|
91
110
|
def ulimits
|
92
111
|
if @definition.key?('ulimits')
|
@@ -138,6 +157,18 @@ module Hako
|
|
138
157
|
|
139
158
|
ret[:init_process_enabled] = conf.fetch('init_process_enabled', nil)
|
140
159
|
|
160
|
+
ret[:shared_memory_size] = conf.fetch('shared_memory_size', nil)
|
161
|
+
|
162
|
+
if conf.key?('tmpfs')
|
163
|
+
ret[:tmpfs] = conf['tmpfs'].map do |t|
|
164
|
+
{
|
165
|
+
container_path: t.fetch('container_path'),
|
166
|
+
mount_options: t.fetch('mount_options', []),
|
167
|
+
size: t.fetch('size')
|
168
|
+
}
|
169
|
+
end
|
170
|
+
end
|
171
|
+
|
141
172
|
ret
|
142
173
|
end
|
143
174
|
end
|
@@ -18,24 +18,25 @@ module Hako
|
|
18
18
|
# @param [Array<String>, nil] with
|
19
19
|
# @return [Hash<String, Container>]
|
20
20
|
def load(tag, with: nil)
|
21
|
-
|
21
|
+
# XXX: Load additional_containers for compatibility
|
22
|
+
sidecars = @app.definition.fetch('sidecars', @app.definition.fetch('additional_containers', {}))
|
22
23
|
container_names = ['app']
|
23
24
|
if with
|
24
25
|
container_names.concat(with)
|
25
26
|
else
|
26
|
-
container_names.concat(
|
27
|
+
container_names.concat(sidecars.keys)
|
27
28
|
end
|
28
29
|
|
29
|
-
load_containers_from_name(tag, container_names,
|
30
|
+
load_containers_from_name(tag, container_names, sidecars)
|
30
31
|
end
|
31
32
|
|
32
33
|
private
|
33
34
|
|
34
35
|
# @param [String] tag
|
35
36
|
# @param [Array<String>] container_names
|
36
|
-
# @param [Hash<String, Hash>]
|
37
|
+
# @param [Hash<String, Hash>] sidecars
|
37
38
|
# @return [Hash<String, Container>]
|
38
|
-
def load_containers_from_name(tag, container_names,
|
39
|
+
def load_containers_from_name(tag, container_names, sidecars)
|
39
40
|
names = Set.new(container_names)
|
40
41
|
containers = {}
|
41
42
|
while containers.size < names.size
|
@@ -45,13 +46,17 @@ module Hako
|
|
45
46
|
when 'app'
|
46
47
|
AppContainer.new(@app, @app.definition['app'].merge('tag' => tag), dry_run: @dry_run)
|
47
48
|
else
|
48
|
-
Container.new(@app,
|
49
|
+
Container.new(@app, sidecars.fetch(name), dry_run: @dry_run)
|
49
50
|
end
|
50
51
|
|
51
52
|
containers[name].links.each do |link|
|
52
53
|
m = link.match(/\A([^:]+):([^:]+)\z/)
|
53
54
|
names << (m ? m[1] : link)
|
54
55
|
end
|
56
|
+
|
57
|
+
containers[name].volumes_from.each do |volumes_from|
|
58
|
+
names << volumes_from[:source_container]
|
59
|
+
end
|
55
60
|
end
|
56
61
|
end
|
57
62
|
containers
|