123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351 |
- rancher:
- environment:
- VERSION: {{.VERSION}}
- SUFFIX: {{.SUFFIX}}
- defaults:
- hostname: {{.HOSTNAME_DEFAULT}}
- {{if eq "amd64" .ARCH -}}
- docker:
- engine: docker-17.03.1-ce
- {{else -}}
- docker:
- engine: docker-1.11.2
- {{end -}}
- network:
- dns:
- nameservers: [8.8.8.8, 8.8.4.4]
- bootstrap:
- bootstrap:
- image: {{.OS_REPO}}/os-bootstrap:{{.VERSION}}{{.SUFFIX}}
- command: ros bootstrap
- labels:
- io.rancher.os.detach: "false"
- io.rancher.os.scope: system
- log_driver: json-file
- net: none
- privileged: true
- volumes:
- - /dev:/host/dev
- - /lib/modules:/lib/modules
- - /lib/firmware:/lib/firmware
- - /usr/bin/ros:/usr/bin/ros:ro
- - /usr/share/ros:/usr/share/ros:ro
- - /var/lib/rancher:/var/lib/rancher:ro
- cloud_init_services:
- cloud-init:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: cloud-init-save
- labels:
- io.rancher.os.detach: "false"
- io.rancher.os.scope: system
- log_driver: json-file
- net: host
- uts: host
- pid: host
- ipc: host
- privileged: true
- volumes:
- - /dev:/host/dev
- - /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt.rancher
- - /lib/modules:/lib/modules
- - /lib/firmware:/lib/firmware
- - /usr/bin/ros:/usr/bin/ros:ro
- - /usr/bin/ros:/usr/bin/cloud-init-save
- - /usr/share/ros:/usr/share/ros:ro
- - /var/lib/rancher:/var/lib/rancher
- - /var/lib/rancher/conf:/var/lib/rancher/conf
- bootstrap_docker:
- bridge: none
- storage_driver: overlay
- restart: false
- graph: /var/lib/system-docker
- group: root
- host: ["unix:///var/run/system-docker.sock"]
- userland_proxy: false
- console: default
- cloud_init:
- datasources:
- - configdrive:/media/config-2
- repositories:
- core:
- url: {{.OS_SERVICES_REPO}}/{{.REPO_VERSION}}
- state:
- fstype: auto
- oem_fstype: auto
- oem_dev: LABEL=RANCHER_OEM
- sysctl:
- fs.file-max: 1000000000
- services:
- {{if eq "amd64" .ARCH -}}
- acpid:
- image: {{.OS_REPO}}/os-acpid:{{.VERSION}}{{.SUFFIX}}
- command: /usr/sbin/acpid -f
- labels:
- io.rancher.os.scope: system
- net: host
- uts: host
- privileged: true
- volumes_from:
- - command-volumes
- - system-volumes
- {{end -}}
- all-volumes:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: echo
- labels:
- io.rancher.os.createonly: "true"
- io.rancher.os.scope: system
- log_driver: json-file
- net: none
- privileged: true
- read_only: true
- volumes_from:
- - container-data-volumes
- - command-volumes
- - media-volumes
- - user-volumes
- - system-volumes
- cloud-init-execute:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: cloud-init-execute -pre-console
- labels:
- io.rancher.os.detach: "false"
- io.rancher.os.scope: system
- io.rancher.os.after: ntp
- net: host
- uts: host
- privileged: true
- volumes_from:
- - system-volumes
- volumes:
- - /usr/bin/ros:/usr/bin/ros
- command-volumes:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: echo
- labels:
- io.rancher.os.createonly: "true"
- io.rancher.os.scope: system
- log_driver: json-file
- net: none
- privileged: true
- read_only: true
- volumes:
- - /usr/bin/ros:/usr/bin/ros:ro
- console:
- image: {{.OS_REPO}}/os-console:{{.VERSION}}{{.SUFFIX}}
- command: ros console-init
- labels:
- io.rancher.os.scope: system
- io.rancher.os.after: cloud-init-execute
- io.docker.compose.rebuild: always
- io.rancher.os.console: default
- net: host
- uts: host
- pid: host
- ipc: host
- privileged: true
- restart: always
- volumes_from:
- - all-volumes
- volumes:
- - /usr/bin/iptables:/sbin/iptables:ro
- container-data-volumes:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: echo
- labels:
- io.rancher.os.createonly: "true"
- io.rancher.os.scope: system
- log_driver: json-file
- net: none
- privileged: true
- read_only: true
- volumes:
- - /var/lib/docker:/var/lib/docker
- media-volumes:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: echo
- labels:
- io.rancher.os.createonly: "true"
- io.rancher.os.scope: system
- log_driver: json-file
- net: none
- privileged: true
- read_only: true
- volumes:
- - /media:/media:shared
- - /mnt:/mnt:shared
- network:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: netconf
- labels:
- io.rancher.os.scope: system
- io.rancher.os.after: udev
- io.rancher.os.reloadconfig: "true"
- net: host
- uts: host
- pid: host
- privileged: true
- volumes_from:
- - command-volumes
- - system-volumes
- volumes:
- - /usr/bin/iptables:/sbin/iptables:ro
- ntp:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: ntpd --nofork -g
- labels:
- io.rancher.os.scope: system
- io.rancher.os.after: network
- net: host
- uts: host
- privileged: true
- restart: always
- volumes_from:
- - command-volumes
- - system-volumes
- preload-user-images:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: ros preload-images
- labels:
- io.rancher.os.detach: "false"
- io.rancher.os.scope: system
- io.rancher.os.after: console
- privileged: true
- volumes_from:
- - command-volumes
- - system-volumes
- syslog:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: rsyslogd -n
- labels:
- io.rancher.os.scope: system
- log_driver: json-file
- net: host
- uts: host
- privileged: true
- restart: always
- volumes_from:
- - command-volumes
- - system-volumes
- system-volumes:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: echo
- labels:
- io.rancher.os.createonly: "true"
- io.rancher.os.scope: system
- log_driver: json-file
- net: none
- privileged: true
- read_only: true
- volumes:
- - /dev:/host/dev
- - /etc/docker:/etc/docker
- - /etc/hosts:/etc/hosts
- - /etc/resolv.conf:/etc/resolv.conf
- - /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt.rancher
- - /etc/selinux:/etc/selinux
- - /lib/firmware:/lib/firmware
- - /lib/modules:/lib/modules
- - /run:/run
- - /usr/share/ros:/usr/share/ros
- - /var/lib/rancher/cache:/var/lib/rancher/cache
- - /var/lib/rancher/conf:/var/lib/rancher/conf
- - /var/lib/rancher:/var/lib/rancher
- - /var/log:/var/log
- - /var/run:/var/run
- udev-cold:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: ros udev-settle
- labels:
- io.rancher.os.detach: "false"
- io.rancher.os.scope: system
- net: host
- uts: host
- privileged: true
- volumes_from:
- - command-volumes
- - system-volumes
- udev:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: udevd
- labels:
- io.rancher.os.detach: "true"
- io.rancher.os.scope: system
- io.rancher.os.after: udev-cold
- net: host
- uts: host
- privileged: true
- restart: always
- volumes_from:
- - command-volumes
- - system-volumes
- user-volumes:
- image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}}
- command: echo
- labels:
- io.rancher.os.createonly: "true"
- io.rancher.os.scope: system
- log_driver: json-file
- net: none
- privileged: true
- read_only: true
- volumes:
- - /home:/home
- - /opt:/opt
- docker:
- {{if eq "amd64" .ARCH -}}
- image: {{.OS_REPO}}/os-docker:17.03.1{{.SUFFIX}}
- {{else -}}
- image: {{.OS_REPO}}/os-docker:1.11.2{{.SUFFIX}}
- {{end -}}
- command: ros user-docker
- environment:
- - HTTP_PROXY
- - HTTPS_PROXY
- - NO_PROXY
- labels:
- io.rancher.os.scope: system
- io.rancher.os.after: console
- net: host
- pid: host
- ipc: host
- uts: host
- privileged: true
- restart: always
- volumes_from:
- - all-volumes
- volumes:
- - /sys:/host/sys
- - /var/lib/system-docker:/var/lib/system-docker:shared
- system_docker:
- exec: true
- storage_driver: overlay
- restart: false
- graph: /var/lib/system-docker
- group: root
- host: ["unix:///var/run/system-docker.sock"]
- pid_file: /var/run/system-docker.pid
- exec_root: /var/run/system-docker
- config_file: /etc/docker/system-docker.json
- userland_proxy: false
- log_opts:
- max-size: 25m
- max-file: 2
- upgrade:
- url: {{.OS_RELEASES_YML}}/releases{{.SUFFIX}}.yml
- image: {{.OS_REPO}}/os
- docker:
- {{if eq "amd64" .ARCH -}}
- engine: docker-17.03.1-ce
- {{else -}}
- engine: docker-1.11.2
- {{end -}}
- storage_driver: overlay
- group: docker
- host: ["unix:///var/run/docker.sock"]
- log_opts:
- max-size: 25m
- max-file: 2
- tls_args: [--tlsverify, --tlscacert=/etc/docker/tls/ca.pem, --tlscert=/etc/docker/tls/server-cert.pem, --tlskey=/etc/docker/tls/server-key.pem,
- '-H=0.0.0.0:2376']
|