Dwellers: Difference between revisions
Line 24: | Line 24: | ||
== Containers == | == Containers == | ||
=== Ports table === | === Ports table === | ||
Ø indicates an unmapped port. In such cases, it's accessible logging in Dwellers, and connecting locally to the current mutable container IP variable and the immutable specified port. | Ø indicates an unmapped port. In such cases, it's accessible logging in Dwellers, and connecting locally to the current mutable container IP variable and the immutable specified port. | ||
Ports are not exposed on world, as only listen to 22, 25, 80 and 443. | |||
Most ports on —80 are served by nginx and so accessible on :80/:443. | |||
{| class="wikitable" | {| class="wikitable" |
Revision as of 02:19, 5 November 2014
Dwellers is an VMWare EXSi instance installed on Stormshear.
The goal of this server is to provide a Docker / OpenShift / Geard CentOS PaaS service.
Basic information
- IPs:
- 212.129.32.223
- 2001:470:1f13:ce7:ca5:cade:fab:1e
- Hostname: dwellers.nasqueron.org
- Homepage: http://dwellers.nasqueron.org/
- Configuration:Access to 3.5 GB RAM and 4 core, burstable on request to 8 cores/+-6 Gb (to be negotiated according Ysul use)
- OS: CentOS 7
- ISP: Online (FR)
- Network: Illiad (FR)
- Status: Installing.
- Policy: Access for any Nasqueron or Wolfplex project
- Started: 2014-07-13
Services
- SSH (*:22)
- Docker
- OpenShift
Containers
Ports table
Ø indicates an unmapped port. In such cases, it's accessible logging in Dwellers, and connecting locally to the current mutable container IP variable and the immutable specified port.
Ports are not exposed on world, as only listen to 22, 25, 80 and 443.
Most ports on —80 are served by nginx and so accessible on :80/:443.
Container name | Container image | Prefix | Service | Internal port | External port |
---|---|---|---|---|---|
Dwellers Shipyard | shipyard/shipyard | 30 | Apache | 80 | 30080 |
phabricator.nasqueron.org | yesnault/docker-phabricator:latest | 31 | SSH | 22 | Ø |
Apache | 80 | 31080 | |||
MySQL | 3306 | Ø | |||
forum.nasqueron.org | provided by the project Discuss docker image | 32 | SSH | 22 | Ø |
Apache | 80 | 32080 | |||
Others services like redis are still to document | |||||
bugzilla.espace-win.org | dklawren/docker-bugzilla | 33 | SSH | 22 | Ø |
Apache | 80 | 33080 |
phabricator.nasqueron.org
Port prefix: 31
Provides a Phabricator instance for Nasqueron projects at http://phabricator.nasqueron.org.
To run a new container:
docker run -p 31080:80 nasqueron-phabricator
Known issues
- At startup, we need to set the base URI: ./bin/config set phabricator.base-uri 'http://devcentral.nasqueron.org/'
Shipyard
Port prefix: 30
Provides a shipyard instance to manage Dwellers (and potentially other Docker installation) at http://dwellers.nasqueron.org:30080
To run RethinkDB for the storage and launch shipyard:
docker run -it -d --name shipyard-rethinkdb-data --entrypoint /bin/bash shipyard/rethinkdb -l docker run -it -P -d --name shipyard-rethinkdb --volumes-from shipyard-rethinkdb-data shipyard/rethinkdb docker run -it -p 30080:8080 -d --name shipyard --link shipyard-rethinkdb:rethinkdb shipyard/shipyard
To control shipyard instance, launch the CLI (also in a container):
docker run -it shipyard/shipyard-cli
Documentation is at http://shipyard-project.com/docs/usage/cli/
Troubleshoot
How to point a domain here?
For your domains:
- subdomain.domain.tld A 212.129.32.223
- subdomain.domain.tld AAAA 2001:470:1f13:ce7:ca5:cade:fab:1e
To request a DNS update for domains using extensively the Nasqueron servers infrastructure:
- subdomain.nasqueron.org CNAME www3.nasqueron.org
- subdomain.espace-win.org CNAME www2.espace-win.org
How to access by SSH to an instance?
See the ports table to check if a port is assigned. We don't assign port if there is no reason general public got access to the VM by SSH. We assign port each time a stable address is needed (for example to talk with a Git server)
If the port is mapped:
ssh -p <port> username@dwellers.nasqueron.org
If the port is unmapped, you can from Dwellers:
docker ps docker inspect <instance id> #gets the local IP ssh <IP 172.*>
No network at boot time
Access the machine on the hypervisor, then:
- Check the interface is up
ip addr ifup ens192 # to bring it up
- If you've reset the configuration and need to add again the IP
ip addr 212.129.32.223/32 dev ens192
- Routing is probably the issue
ip route add 62.210.76.1 dev ens192 ip route add default via 62.210.76.1
- Same for the case we can ping/ssh (slowly) from Ysul but not from the world
ip route change 62.210.76.1 dev ens192 ip route change default via 62.210.76.1
- Reconfigure the IPv6 tunnel
ip tunnel del he-ipv6 ip tunnel add he-ipv6 mode sit remote 216.66.84.42 local 212.129.32.223 ttl 255 ip link set he-ipv6 up ip addr add 2001:470:1f12:ce7::2/64 dev he-ipv6 ip addr add 2001:470:1f13:ce7:ca5:cade:fab:1e/64 dev he-ipv6 ip route change ::/0 dev he-ipv6
A port on the host doesn't reply (but does in Docker)
You can reset the iptables configuration. A script has been provided for that.
# systemctl stop docker # reset-iptables # systemctl start docker