Bug 38331 - Make docker containers contact external etcd to query/store domain info
Make docker containers contact external etcd to query/store domain info
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Docker
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.1
Assigned To: Daniel Tröder
Arvid Requate
: interim-1
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-04-23 12:47 CEST by Arvid Requate
Modified: 2015-11-17 12:12 CET (History)
1 user (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2015-04-23 12:47:12 CEST
For UCS systems running in docker containers we need to implement a mechanism to lookup and store essential domain info in an external "etcd".

By domain info I mean things like "ldap/master", "ldap/backup" and possibly something like "master/nameserver1".



Background:

Docker (1.3.2) dynamically assigns a new IP address to each container whenever the container is (re-)started. While future Docker versions will provide options to configure its behavior in more detail, currently there are only some third party workaround scripts, none of which look satisfying yet.

For UCS domain setups running as a collection of docker containers, the non-master systems need to be able to locate the DC master. One common approach for this service discovery is to lookup and store values in an external "etcd" service.
Comment 1 Arvid Requate univentionstaff 2015-04-23 19:13:52 CEST
The univention-docker-container-mode.init script now checks if an etcd can be contacted at the standard docker gateway address.

Masters write all of the keys below to etcd.
All other roles read the keys below from etcd and write them to the local UCR:

* ldap/master
* ldap/backup
* ldap/server/addition

Memberservers additionally fetch these values:

* ldap/server/name
* nameserver1
Comment 2 Stefan Gohmann univentionstaff 2015-08-17 08:51:38 CEST
Please merge the changes to 4.1.
Comment 3 Daniel Tröder univentionstaff 2015-08-27 11:01:55 CEST
Merged to 4.1 with commits 63270 (svn copy) & 63271 (version bump).
Comment 4 Arvid Requate univentionstaff 2015-10-07 19:27:27 CEST
Ok, I added an entry to the UCS 4.1 Changelog:

 Docker images running UCS in container mode now try to
 register the IP also with a <literal>consul</literal> and
 <literal>etcd</literal> service running the Docker host.
Comment 5 Stefan Gohmann univentionstaff 2015-11-17 12:12:40 CET
UCS 4.1 has been released:
 https://docs.software-univention.de/release-notes-4.1-0-en.html
 https://docs.software-univention.de/release-notes-4.1-0-de.html

If this error occurs again, please use "Clone This Bug".