moby-derp 0.4.1 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/lib/moby_derp/config_file.rb +2 -2
- data/lib/moby_derp/pod_config.rb +16 -1
- data/lib/moby_derp/system_config.rb +9 -4
- data/moby-derp.gemspec +0 -1
- metadata +3 -18
- data/lib/moby_derp/moby_info.rb +0 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 99faf7a4a2ccef6a30df32e08d424bf89c5693278100484a75e21276136e6a3a
|
4
|
+
data.tar.gz: 379c96e91a43e3b19db58d0e61d1324749969f58a2946a72f687429cda959f34
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6d7b1071d6a38f8aa880ad7287c7355460a32dc4a66250e13bcec612d1f11ee91530d2cfedbba0bb4e8bdf54f5784fbaac00f807a46a967a35ddf45193feb6a6
|
7
|
+
data.tar.gz: ef1b7425e29551844fe383159a19010cc611ffc8dc07566f4c7e30afa4d3d02882692a3beaed35d6490263d51e093decd662e59b9e0169f177f2c221eb9079c4
|
data/README.md
CHANGED
@@ -134,7 +134,7 @@ wrapper script, like this:
|
|
134
134
|
|
135
135
|
set -e
|
136
136
|
|
137
|
-
MOBY_DERP_SYSTEM_CONFIG_FILE=/opt/srv/etc/moby-derp/moby-derp.yaml
|
137
|
+
export MOBY_DERP_SYSTEM_CONFIG_FILE=/opt/srv/etc/moby-derp/moby-derp.yaml
|
138
138
|
|
139
139
|
exec /usr/local/bin/moby-derp "$@"
|
140
140
|
|
@@ -185,7 +185,7 @@ to `moby-derp`. This means that, yes, different users need to use different
|
|
185
185
|
filenames. The benefit of this is that the `sudo` configuration becomes a lot
|
186
186
|
easier to audit -- the pod name is right there.
|
187
187
|
|
188
|
-
This means that no matter a user does, they cannot have any effect on any
|
188
|
+
This means that no matter what a user does, they cannot have any effect on any
|
189
189
|
container which is not named for the pod they're manipulating. There are also
|
190
190
|
safety valves around `moby-derp`-managed containers being labelled as such, so
|
191
191
|
that in the event that someone does inadvertently name a container in such a
|
@@ -220,7 +220,7 @@ still publish to ephemeral ports (using the `:containerPort` syntax, or
|
|
220
220
|
`publish_all: true`) if they wish.
|
221
221
|
|
222
222
|
If a pod *does* need to bind to a specific host port, then that pod/port pair
|
223
|
-
should be whitelisted in the system configuration file.
|
223
|
+
should be whitelisted in the [system configuration file](#system-configuration).
|
224
224
|
|
225
225
|
|
226
226
|
# Contributing
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require_relative "./error"
|
2
2
|
require_relative "./logging_helpers"
|
3
3
|
|
4
|
-
require "
|
4
|
+
require "yaml"
|
5
5
|
|
6
6
|
module MobyDerp
|
7
7
|
class ConfigFile
|
@@ -12,7 +12,7 @@ module MobyDerp
|
|
12
12
|
def initialize(filename)
|
13
13
|
begin
|
14
14
|
@logger.debug(logloc) { "Reading configuration file #{filename}" }
|
15
|
-
@config =
|
15
|
+
@config = YAML.safe_load(File.read(filename))
|
16
16
|
rescue Errno::ENOENT
|
17
17
|
raise ConfigurationError,
|
18
18
|
"file does not exist"
|
data/lib/moby_derp/pod_config.rb
CHANGED
@@ -3,13 +3,24 @@ require_relative "./container_config"
|
|
3
3
|
require_relative "./logging_helpers"
|
4
4
|
require_relative "./mount"
|
5
5
|
|
6
|
-
require "safe_yaml"
|
7
6
|
require "socket"
|
8
7
|
|
9
8
|
module MobyDerp
|
10
9
|
class PodConfig < ConfigFile
|
11
10
|
include LoggingHelpers
|
12
11
|
|
12
|
+
VALID_CONFIG_KEYS = %w{
|
13
|
+
containers
|
14
|
+
hostname
|
15
|
+
common_environment
|
16
|
+
common_labels
|
17
|
+
root_labels
|
18
|
+
common_mounts
|
19
|
+
expose
|
20
|
+
publish
|
21
|
+
publish_all
|
22
|
+
}
|
23
|
+
|
13
24
|
attr_reader :name,
|
14
25
|
:containers,
|
15
26
|
:hostname,
|
@@ -34,6 +45,10 @@ module MobyDerp
|
|
34
45
|
@name = File.basename(filename, ".*")
|
35
46
|
validate_name
|
36
47
|
|
48
|
+
unless (bad_keys = @config.keys - VALID_CONFIG_KEYS).empty?
|
49
|
+
raise ConfigurationError,
|
50
|
+
"Invalid pod configuration key(s): #{bad_keys.inspect}"
|
51
|
+
end
|
37
52
|
|
38
53
|
unless @config.has_key?("containers")
|
39
54
|
raise ConfigurationError,
|
@@ -1,16 +1,21 @@
|
|
1
1
|
require_relative "./config_file"
|
2
2
|
|
3
|
-
require "safe_yaml"
|
4
|
-
|
5
3
|
module MobyDerp
|
6
4
|
class SystemConfig < ConfigFile
|
7
5
|
attr_reader :mount_root, :port_whitelist, :network_name, :use_host_resolv_conf,
|
8
6
|
:cpu_count, :cpu_bits
|
9
7
|
|
10
|
-
def initialize(
|
8
|
+
def initialize(config_data_or_filename, moby_info, logger)
|
11
9
|
@logger = logger
|
12
10
|
|
13
|
-
|
11
|
+
case config_data_or_filename
|
12
|
+
when String
|
13
|
+
super(config_data_or_filename)
|
14
|
+
when Hash
|
15
|
+
@config = stringify_keys(config_data_or_filename)
|
16
|
+
else
|
17
|
+
raise ArgumentError, "Unsupported type for config_data_or_filename parameter"
|
18
|
+
end
|
14
19
|
|
15
20
|
@mount_root = @config["mount_root"]
|
16
21
|
@port_whitelist = stringify_keys(@config["port_whitelist"] || {})
|
data/moby-derp.gemspec
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: moby-derp
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matt Palmer
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-06-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: docker-api
|
@@ -38,20 +38,6 @@ dependencies:
|
|
38
38
|
- - ">="
|
39
39
|
- !ruby/object:Gem::Version
|
40
40
|
version: '0'
|
41
|
-
- !ruby/object:Gem::Dependency
|
42
|
-
name: safe_yaml
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
44
|
-
requirements:
|
45
|
-
- - ">="
|
46
|
-
- !ruby/object:Gem::Version
|
47
|
-
version: '0'
|
48
|
-
type: :runtime
|
49
|
-
prerelease: false
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
51
|
-
requirements:
|
52
|
-
- - ">="
|
53
|
-
- !ruby/object:Gem::Version
|
54
|
-
version: '0'
|
55
41
|
- !ruby/object:Gem::Dependency
|
56
42
|
name: bundler
|
57
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -214,7 +200,6 @@ files:
|
|
214
200
|
- lib/moby_derp/container_config.rb
|
215
201
|
- lib/moby_derp/error.rb
|
216
202
|
- lib/moby_derp/logging_helpers.rb
|
217
|
-
- lib/moby_derp/moby_info.rb
|
218
203
|
- lib/moby_derp/mount.rb
|
219
204
|
- lib/moby_derp/pod.rb
|
220
205
|
- lib/moby_derp/pod_config.rb
|
@@ -243,7 +228,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
243
228
|
- !ruby/object:Gem::Version
|
244
229
|
version: '0'
|
245
230
|
requirements: []
|
246
|
-
rubygems_version: 3.0.
|
231
|
+
rubygems_version: 3.0.3
|
247
232
|
signing_key:
|
248
233
|
specification_version: 4
|
249
234
|
summary: A simple management system for a pod of moby containers
|
data/lib/moby_derp/moby_info.rb
DELETED
@@ -1,12 +0,0 @@
|
|
1
|
-
module MobyDerp
|
2
|
-
class MobyInfo
|
3
|
-
attr_reader :cpu_count, :cpu_bits
|
4
|
-
|
5
|
-
def initialize(info)
|
6
|
-
@cpu_count = info["NCPU"]
|
7
|
-
# As far as I can tell, the only 32-bit platform Moby supports is
|
8
|
-
# armhf; if that turns out to be incorrect, amend the list below.
|
9
|
-
@cpu_bits = %w{armhf}.include?(info["Architecture"]) ? 32 : 64
|
10
|
-
end
|
11
|
-
end
|
12
|
-
end
|