"path"
"strings"
"sync"
+ "time"
"github.com/hashicorp/consul/api"
)
if err != nil {
return err
}
- dataDir := cfg.DataDir + "/consul"
+ dataDir := path.Join(cfg.DataDir, "consul")
if err := os.MkdirAll(dataDir, 0700); err != nil {
return err
}
args := []string{"agent"}
{
cf := path.Join(cfg.DataDir, "consul-encrypt.json")
- _, err := os.Stat(cf)
- if os.IsNotExist(err) {
+ if _, err := os.Stat(cf); err != nil && !os.IsNotExist(err) {
+ return err
+ } else if err != nil {
key, err := exec.Command(bin, "keygen").CombinedOutput()
if err != nil {
return err
}
- err = atomicWriteJSON(cf, map[string]interface{}{
+ if err = atomicWriteJSON(cf, map[string]interface{}{
"encrypt": strings.TrimSpace(string(key)),
- }, 0400)
- }
- if err != nil {
- return err
+ }, 0400); err != nil {
+ return err
+ }
}
args = append(args, "-config-file="+cf)
}
}
}
}
- return cb.check(ctx)
+ return waitCheck(ctx, 30*time.Second, cb.check)
}
var consulCfg = api.DefaultConfig()
"flag"
"log"
"os"
- "time"
"git.curoverse.com/arvados.git/sdk/go/config"
)
enc.SetIndent("", " ")
enc.Encode(cfg)
- go runWebGUI(cfg)
- go func() {
- var ctl Booter = &controller{}
- ticker := time.NewTicker(5 * time.Second)
- for {
- err := ctl.Boot(withCfg(context.Background(), cfg))
- if err != nil {
- log.Printf("controller boot failed: %v", err)
- } else {
- log.Printf("controller boot OK")
- }
- <-ticker.C
- }
- }()
- <-(chan struct{})(nil)
+ var ctl Booter = &controller{}
+ err := ctl.Boot(withCfg(context.Background(), cfg))
+ if err != nil {
+ log.Printf("controller boot failed: %v", err)
+ }
}
"os"
"path"
"sync"
+ "time"
"github.com/hashicorp/nomad/api"
)
err := (&download{
URL: "https://releases.hashicorp.com/nomad/0.5.4/nomad_0.5.4_linux_amd64.zip",
Dest: bin,
- //Size: 29079005,
+ Size: 34150464,
Mode: 0755,
}).Boot(ctx)
if err != nil {
return fmt.Errorf("starting nomad: %s", err)
}
}
- return nb.check(ctx)
+ return waitCheck(ctx, 30*time.Second, nb.check)
}
var nomadCfg = api.DefaultConfig()
FROM debian:8
RUN apt-get update
-RUN DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends runit
-RUN mkdir /etc/sv/arvados-boot && ln -s /usr/bin/arvados-boot /etc/sv/arvados-boot/run
-
# preload (but don't install) packages arvados-boot might decide to install
-RUN DEBIAN_FRONTEND=noninteractive apt-get -dy install --no-install-recommends ca-certificates nginx
+RUN DEBIAN_FRONTEND=noninteractive apt-get -dy install --no-install-recommends ca-certificates nginx runit
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends runit
-CMD ["sh", "-c", "runsvdir /etc/sv"]
+CMD ["bash", "-c", "coproc arvados-boot; runsvdir /etc/sv"]
"log"
"path"
"sync"
+ "time"
"github.com/hashicorp/vault/api"
)
}
}
- vb.tryInit(ctx)
- return vb.check(ctx)
+ if err := vb.tryInit(ctx); err != nil {
+ return err
+ }
+ return waitCheck(ctx, 30*time.Second, vb.check)
}
-func (vb *vaultBooter) tryInit(ctx context.Context) {
+func (vb *vaultBooter) tryInit(ctx context.Context) error {
cfg := cfg(ctx)
- vault, err := vb.client(ctx)
- if err != nil {
- return
- }
- if init, err := vault.Sys().InitStatus(); err != nil {
- log.Printf("error: vault InitStatus: %s", err)
- return
+
+ var vault *api.Client
+ var init bool
+ if err := waitCheck(ctx, time.Minute, func(context.Context) error {
+ var err error
+ vault, err = vb.client(ctx)
+ if err != nil {
+ return err
+ }
+ init, err = vault.Sys().InitStatus()
+ return err
+ }); err != nil {
+ return err
} else if init {
- return
+ return nil
}
+
resp, err := vault.Sys().Init(&api.InitRequest{
SecretShares: 5,
SecretThreshold: 3,
})
if err != nil {
- log.Printf("vault-init: %s", err)
- return
+ return fmt.Errorf("vault-init: %s", err)
}
atomicWriteJSON(path.Join(cfg.DataDir, "vault-keys.json"), resp, 0400)
atomicWriteFile(path.Join(cfg.DataDir, "vault-root-token.txt"), []byte(resp.RootToken), 0400)
}
if !resp.Sealed {
log.Printf("unseal successful")
- break
+ return nil
}
}
+ return fmt.Errorf("vault unseal failed!")
}
func (vb *vaultBooter) client(ctx context.Context) (*api.Client, error) {