HOW TO RIDE A WHALECreating a functionnal CoreOS cluster

THE SERVICEBased on systemdUnit or template files with basic variables

A MONGODB DATABASEunits template : mongodb@.service

[Unit]Description=MongoDBAfter=docker.service

[Service]ExecStartPre=/usr/bin/docker pull mongo:latestExecStartPre=-/usr/bin/docker rm -f -v %p.%iExecStart=/usr/bin/docker run --rm --name %p.%i -p 27017:27017 \ --volume=/home/data/mongo/latest:/data/db --cpu-shares=4 -m="30g" mongo:latestExecStartPost=/bin/etcdctl set /skydns/fr/mycloud/%p/%i '{"host":"%H", "port"ExecStartPost=/bin/etcdctl set /databases/%p/%i '{"host":"%H", "port":27017ExecStop=/bin/etcdctl rm /skydns/fr/mycloud/%p/%iExecStop=/bin/etcdctl rm /databases/%p.%iExecStop=-/usr/bin/docker stop %p.%iRestart=always

FLEETRemote controlBasic schedulerMake services survive to machine crash

Simple command line

fleetctl submit mongodb@.servicefleetctl start mongodb@x1fleetctl start mongodb@x2fleetctl start mongodb@x3fleetctl list-unitsfleetctl journal -f mongodb@x1

coreos: fleet: public-ip: $public_ipv4 metadata: disk=ssd,hoster=ovh,location=FR

ETCDCluster registryRaft consensus implementationUse etcd2

http://thesecretlivesofdata.com/raft/

Access anywhere

# Use it via command line> etcdctl set /skydns/fr/mycloud/mongodb/x1 {"host":"core-1", "port":27017# Or HTTP> curl -L http://127.0.0.1:4001/v2/keys/skydns/fr/mycloud/mongodb/x1{"host":"core-1", "port":27017}

coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new discovery: https://discovery.etcd.io/{token} addr: $public_ipv4:4001 peer-addr: $public_ipv4:7001

Or etcd-browser for human beings

SKYDNSNameserver (@95%)Store and read data from etcd (or consul)Simplest DNS to administrate ever

dig *.mongodb.mycloud.fr SRV @localhost

[Unit]Description=SkyDNSAfter=docker.service[Service]ExecStartPre=-/usr/bin/docker rm -f skydnsExecStart=/usr/bin/docker run --rm --name skydns \ -e ETCD_MACHINES=http://127.0.0.1:4001 \ -e SKYDNS_ADDR=0.0.0.0:53 \ -e SKYDNS_DOMAIN=mycloud.fr \ -e SKYDNS_NAMESERVERS=8.8.8.8:53,8.8.4.4:53 \ --net=host \ skynetservices/skydns:latestExecStop=-/usr/bin/docker stop skydnsRestart=always

CONFDRead etcd and write config filesBasic go templatecheck, and reload services

[mongodb]port = 27017{{ range gets "/databases/mongodb/*"}}{{ $server := json .Valueservers[] = {{ $server.host }}{{end}}

[Unit]Description=ConfdWants=etcd.service[Service]ExecStartPre=-/usr/bin/mkdir -p /opt/binExecStartPre=-/usr/bin/wget -N -P /opt/bin https://github.com/kelseyhightowerExecStartPre=-/bin/rm /opt/bin/confdExecStartPre=-/bin/mv /opt/bin/confd-0.9.0-linux-amd64 /opt/bin/confdExecStartPre=-/bin/chmod +x /opt/bin/confdExecStart=/opt/bin/confd -backend etcd -node 127.0.0.1:4001 -interval=10ExecStop=-/bin/kill $(pidof confd)Restart=always

HAPROXYTCP proxy, load balancing, health check

and mitigation since 1996

http://mycloud.fr:1000etcdctl set /services/mywordpress.fr/scheme httpetcdctl set /services/mywordpress.fr/hosts/1 1.2.3.4:80etcdctl set /services/mywordpress.fr/hosts/1 1.2.3.5:80

[Unit]Description=HA proxy load balancerAfter=docker.service[Service]ExecStartPre=-/usr/bin/docker rm -f balancerExecStart=/usr/bin/docker run --rm --name haproxy \ -e ETCD_NODE=127.0.0.1:4001 --volume /etc/certs:/etc/certs/ \ --net host \ cstpdk/haproxy-confdExecReload=/usr/bin/docker exec balancer service haproxy reloadExecStop=/usr/bin/docker stop balancerRestart=always

SYNCTHINGTorrent based private cloudNeat web interface

[Unit]Description=Syncthing

[Service]ExecStartPre=-/usr/bin/docker rm -f -v syncthingExecStartPre=-/usr/bin/docker pull istepanov/syncthing:latestExecStart=/usr/bin/docker run --rm --name syncthing \ -p 9080:8080 -p 22000:22000 -p 21025:21025/udp \ -v /etc/syncthing:/home/syncthing/.config/syncthing \ -v /home/data/sync:/home/syncthing/Sync \ istepanov/syncthingExecStop=-/usr/bin/docker stop syncthingRestart=always

DATADOGplug everything in easilyStatsD Graphite on vitaminsMonitoring and Alerting

Or cadvisor+heapster+fluentd or prometheus

[Unit]Description=Datadog monitoring[Service]ExecStartPre=-/usr/bin/docker rm -f datadogExecStartPre=-/usr/bin/docker pull datadog/docker-dd-agentExecStart=/usr/bin/docker run --rm --name datadog \ -v /etc/datadog/conf.d:/etc/dd-agent/conf.d \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /proc/mounts:/host/proc/mounts:ro \ -v /sys/fs/cgroup/:/host/sys/fs/cgroup:ro \ -e API_KEY=GET-IT-ON-DATADOG \ --net=host \ datadog/docker-dd-agentExecStop=-/usr/bin/docker stop datadogRestart=always

CLOUD INITBareMetal (ovh, online)Virtual machines (Ganeti, Openstack)Cloud providers (AWS, DO, GC ...)

#cloud-configcoreos: update: reboot-strategy: best-effort group: stable fleet: public-ip: $public_ipv4 units: - name: haproxy.service command: start content: | [Unit] ....write_files: - path: /etc/resolv.conf owner: root:root content: |

QUESTIONS ?

git clone https://github.com/Vinceveve/achabcd achabvagrant up

https://coreos.com/blog/managing-coreos-with-ansible/http://www.freedesktop.org/software/systemd/man/systemd.service.htmlhttps://github.com/kelseyhightower/confd/blob/master/docs/templates.mdhttp://cbonte.github.io/haproxy-dconv/configuration-1.5.htmlhttps://www.digitalocean.com/community/tutorials/how-to-set-up-a-coreos-cluster-on-digitalocean