Skip to main content

Salt Orchestration for Docker Containers

TST, Hong Kong

Salty Containers

salt.modules.dockermod

PIP Install Docker

salt salt-minion pip.install docker

salt-minion:
----------
pid:
8141
stderr:
stdout:
Collecting docker
Installing collected packages: websocket-client, docker
Successfully installed docker-4.3.1 websocket-client-0.57.0
salt salt-minion docker.run_container hello-world

salt-minion:
----------
ExitCode:
0
Id:
7c67b9c1a64ec4d6b9c65f75f1daffbc3d495554a7f9a8de866cd37923205cff
Logs:

Hello from Docker!
This message shows that your installation appears to be working correctly.

Name:
optimistic_noyce
Time_Elapsed:
0.9424302577972412
Warnings:

Registry Authentication

If you have previously performed a docker login from the minion, then the credentials saved in ~/.docker/config.json will be used for any actions which require authentication.

The configuration schema is either in YAML or JSON as follows:

docker-registries:
<registry_url>:
username: <username>
password: <password>

For example (JSON):

{
"auths": {
"my.gitlab.com:12345": {
"auth": "KJSHFG*#&$()*NFKSJLNLIU#P(*%R$W)IOWFOIJHWOILTFHNSILKEJRFHNOIE"
}
},
"HttpHeaders": {
"User-Agent": "Docker-Client/19.03.12 (linux)"
}
}

Download your Image

docker run -d --network host -v /opt/docker_ingress:/etc/nginx/conf.d --name nginx nginx:stable-alpine

docker run -d --network host -v /opt/hapi-container-en/public:/wiki_en_ssr/public --name wiki_en my.gitlab.com:12345/wiki/wiki_en_container:latest

docker run -d --network host -v /opt/hapi-container-fr/public:/wiki_fr_ssr/public --name wiki_fr my.gitlab.com:12345/wiki/wiki_fr_container:latest

docker run -d --network host -v /opt/hapi-container-de/public:/wiki_de_ssr/public --name wiki_de my.gitlab.com:12345/wiki/wiki_de_container:latest

Download Gitlab Artifacts

remote_execution

salt -L salt-minion cmd.run 'ps aux | grep docker'
curl -L --header "PRIVATE-TOKEN: myprivatedownloadtoken" "https://my.gitlab.com/api/v4/projects/wiki%2Fwiki_en/jobs/artifacts/master/download?job=pages" >> /opt/test/artifacts.zip
salt -L salt-minion cmd.run 'curl -L --header "PRIVATE-TOKEN: myprivatedownloadtoken" "https://my.gitlab.com/api/v4/projects/wiki%2Fwiki_en/jobs/artifacts/master/download?job=pages" >> /opt/test/artifacts.zip'

salt-minion:
Minion did not return. [No response]
The minions may not have all finished running and any remaining minions will return upon completion. To look up the return data for this job later, run the following command:

salt-run jobs.lookup_jid 20200924131636872103
ERROR: Minions returned with non-zero exit code
salt -L salt-minion cmd.run 'curl -L --header "PRIVATE-TOKEN: myprivatedownloadtoken" "https://my.gitlab.com/api/v4/projects/wiki%2Fwiki_en/jobs/artifacts/master/download?job=pages" >> /opt/test/artifacts.zip'

salt -L salt-minion cmd.run 'curl -L --header "PRIVATE-TOKEN: myprivatedownloadtoken" "https://my.gitlab.com/api/v4/projects/wiki%2Fwiki_de/jobs/artifacts/master/download?job=pages" >> /opt/test/artifacts.zip'

Cloning Gitlab Repositories

module-salt.modules.git

salt salt-minion git.clone /path/to/repo_parent_dir git://github.com/saltstack/salt.git

Working with Docker-Compose

salt.modules.dockercompose.up

This execution module requires at least version 1.4.0 of both docker-compose and Docker. docker-compose can easily be installed using pip.install:

salt myminion pip.install docker-compose>=1.5.0

Build image for containers in the docker-compose file, service_names is a python list, if omitted build images for all containers. Please note that at the moment the module does not allow you to upload your Dockerfile, nor any other file you could need with your docker-compose.yml, you will have to make sure the files you need are actually in the directory specified in the build keyword

pathPath where the docker-compose file is stored on the server
service_namesIf specified will pull only the image for the specified services

CLI Example:

salt myminion dockercompose.build /path/where/docker-compose/stored
salt myminion dockercompose.build /path/where/docker-compose/stored '[janus]'

salt myminion dockercompose.up /path/where/docker-compose/stored
salt myminion dockercompose.up /path/where/docker-compose/stored '[janus]'