forked from chaifeng/ufw-docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathVagrantfile
86 lines (67 loc) · 2.5 KB
/
Vagrantfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# frozen_string_literal: true
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure('2') do |config|
config.vm.box = "chaifeng/ubuntu-18.04-docker-18.06"
config.vm.provider 'virtualbox' do |vb|
vb.memory = '1024'
end
ip_prefix="192.168.56"
config.vm.provision 'docker', type: 'shell', inline: <<-SHELL
set -ex
if [[ ! -f /etc/docker/daemon.json ]]; then
echo '{' >> /etc/docker/daemon.json
echo ' "insecure-registries": ["localhost:5000", "#{ip_prefix}.130:5000"]' >> /etc/docker/daemon.json
[[ -n "#{ENV['DOCKER_REGISTRY_MIRROR']}" ]] &&
echo ' , "registry-mirrors": ["#{ENV['DOCKER_REGISTRY_MIRROR']}"]' >> /etc/docker/daemon.json
echo '}' >> /etc/docker/daemon.json
if type systemctl &>/dev/null; then
systemctl restart docker
else
service docker restart
fi
fi
SHELL
config.vm.provision 'ufw-docker', type: 'shell', inline: <<-SHELL
set -ex
/vagrant/ufw-docker check || {
ufw allow OpenSSH
ufw allow from #{ip_prefix}.128/28 to any
yes | ufw enable
/vagrant/ufw-docker install
sed -i -e 's,192\.168\.0\.0/16,#{ip_prefix}.128/28,' /etc/ufw/after.rules
systemctl restart ufw
iptables -I DOCKER-USER 4 -p udp -j LOG --log-prefix '[UFW DOCKER] '
[[ -L /usr/local/bin/ufw-docker ]] || ln -s /vagrant/ufw-docker /usr/local/bin/
}
SHELL
config.vm.define "master" do |master|
master.vm.hostname = "master"
master.vm.network "private_network", ip: "#{ip_prefix}.130"
master.vm.provision "docker-registry", type: 'docker' do |d|
d.run "registry",
image: "registry:2",
args: "-p 5000:5000",
restart: "always",
daemonize: true
end
master.vm.provision "swarm-init", type: 'shell', inline: <<-SHELL
set -ex
docker info | fgrep 'Swarm: active' && exit 0
docker swarm init --advertise-addr eth1
docker swarm join-token worker --quiet > /vagrant/.vagrant/docker-join-token
SHELL
end
1.upto 2 do |ip|
config.vm.define "node#{ip}" do | node |
node.vm.hostname = "node#{ip}"
node.vm.network "private_network", ip: "#{ip_prefix}.#{ 130 + ip }"
node.vm.provision "swarm-join", type: 'shell', inline: <<-SHELL
set -ex
docker info | fgrep 'Swarm: active' && exit 0
[[ -f /vagrant/.vagrant/docker-join-token ]] &&
docker swarm join --token "$(</vagrant/.vagrant/docker-join-token)" #{ip_prefix}.130:2377
SHELL
end
end
end