Puppet Class: profile::wmcs::striker::docker

Defined in:
modules/profile/manifests/wmcs/striker/docker.pp

Summary

Run Striker containers using Docker

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • instances (Hash[String[1], Profile::Wmcs::Striker::Instance]) (defaults to: lookup('profile::wmcs::striker::docker::instances'))

    List of Striker instances to run on this host.

  • common_env (Hash[String[1], Any]) (defaults to: lookup('profile::wmcs::striker::docker::common_env'))

    Key-value hash of env variables to pass to all instances.

  • common_secret_env (Hash[String[1], Any]) (defaults to: lookup('profile::wmcs::striker::docker::common_secret_env', { 'default_value' => {} } ))

    Key-value hash of env variables to pass to all instances. Useful for setting configuration values that for one reason or another cannot be provided via `common_env` (probably because the values need to be kept out of public hiera files).

  • instances_secret_env (Hash[String[1], Hash[String[1], Any]]) (defaults to: lookup('profile::wmcs::striker::docker::instances_secret_env', { 'default_value' => {} } ))

    Key-value hash of env variables per instance to pass to Striker instances. Useful for setting per-instance envvars that can't be made public for one reason or another.

  • cache_hosts (Array[Stdlib::IP::Address]) (defaults to: lookup('cache_hosts'))

    List of hosts to trust XFF data from.



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# File 'modules/profile/manifests/wmcs/striker/docker.pp', line 13

class profile::wmcs::striker::docker(
    Hash[String[1], Profile::Wmcs::Striker::Instance] $instances            = lookup('profile::wmcs::striker::docker::instances'),
    Hash[String[1], Any]                              $common_env           = lookup('profile::wmcs::striker::docker::common_env'),
    Hash[String[1], Any]                              $common_secret_env    = lookup('profile::wmcs::striker::docker::common_secret_env', { 'default_value' => {} } ),
    Hash[String[1], Hash[String[1], Any]]             $instances_secret_env = lookup('profile::wmcs::striker::docker::instances_secret_env', { 'default_value' => {} } ),
    Array[Stdlib::IP::Address]                        $cache_hosts          = lookup('cache_hosts'),
) {
    require ::profile::docker::engine
    require ::profile::docker::ferm

    $trusted_proxies_env = { 'TRUSTED_PROXY_LIST' => $cache_hosts.join(',') }
    $shared_env = $trusted_proxies_env + $common_env + $common_secret_env

    $instances.each |String[1] $name, Profile::Wmcs::Striker::Instance $instance| {
        $instance_env = $instance['env'] + pick($instances_secret_env[$name], {})
        service::docker { $name:
            namespace    => 'wikimedia',
            image_name   => 'labs-striker',
            version      => $instance['version'],
            port         => $instance['port'],
            override_cmd => "0.0.0.0:${instance['port']}",
            environment  => $shared_env + $instance_env,
            host_network => true,
        }
    }

    profile::auto_restarts::service { 'containerd': }
    profile::auto_restarts::service { 'docker': }
}