This backend will use Docker for container management. It will leverage the Docker Remote API over a unix socket or tcp connection to perform actions against Docker. It supports:
- Prefetching Docker images when the broker is started to speed up containers creation.
- Creating Docker containers when the broker provisions a service.
- Injecting service arbitrary parameters into the Docker container via environment variables on provision time.
- Creating random usernames, passwords and dbnames when binding an application to the service. Those credentials are sent to the Docker container via environment variables, so the Docker image must support those variables in order to create the right username/password and dbname (see CREDENTIALS.md for details).
- Exposing a container port where the bound applications can drain their logs (see SYSLOG_DRAIN.md for details).
- Destroying Docker containers when the broker unprovisions a service.
- Exposing a Management Dashboard with Docker container information, top processes running inside the container, and the latest stdout and stderr logs.
The service broker does not deploy Docker, so you must have a Docker daemon up and running.
You must use Docker 1.6 or greater.
If you are running Docker locally as a socket, there is no setup to do. If you are not or you have changed the path of
the socket, you will have to set the DOCKER_URL environment variable to point to your socket or local/remote port.
For example:
DOCKER_URL=unix:///var/run/docker.sock
DOCKER_URL=tcp://localhost:4243
Remember that if you are running this service broker as a Docker container and the Docker remote API is going to use
the unix sockets, you must expose the container's directory /var/run to the host directory containing the Docker
unix socket:
docker run -d --name cf-containers-broker \
--publish 80:80 \
--volume /var/run:/var/run \
frodenas/cf-containers-broker
Each service plan defined at the settings file must contain the following properties:
| Field | Required | Type | Description |
|---|---|---|---|
| container | Y | Hash | Properties of the container to deploy. |
| container.backend | Y | String | Container Backend. It must be `docker`. |
| container.image | Y | String | Name of the image fo fetch and run. The image will be pre-fetched at broker startup. |
| container.tag | N | String | Tag of the image. If not set, it will use `latest` by default. |
| container.command | N | String | Command to run the container (including arguments). |
| container.entrypoint | N | Array of Strings | Entrypoint for the container (only if you want to override the default entrypoint set by the image). |
| container.workdir | N | String | Working directory inside the container. |
| container.restart | N | String | Restart policy to apply when a container exits (no, on-failure, always). If not set, it will use `always` by default. The restart policy will apply also in case the VM hosting the container is killed and CF/BOSH resurrects it. Might happen that the new VM gets a new IP address, and probably the containers will use a new random port. In order to make any application bound to a container work again, the user must unbind/bind the application to the service again in order to pick the new IP/port. If you want to preserve the bound host ports, you must set `allocate_docker_host_ports` setting [1]. |
| container.environment[] | N | Array of Strings | Environment variables to pass to the container. |
| container.expose_ports[] | N | Array of Strings | Network ports to map from the container to random host ports (format: port</protocol>). If not set, the broker will inspect the Docker image and it will expose all declared container ports [2] to a random host port. |
| container.persistent_volumes[] | N | Array of Strings | Volume mountpoints to bind from the container to a host directory. The broker will create automatically a host directory and it will bind it to the container volume mountpoint. |
| container.user | N | String | Username or UID to run the first container process. |
| container.memory | N | String | Memory limit to assign to the container (format: number<optional unit>, where unit = b, k, m or g). |
| container.memory_swap | N | String | Memory swap limit to assign to the container (format: number<optional unit>, where unit = b, k, m or g). |
| container.cpu_shares | N | String | CPU shares to assign to the container (relative weight). |
| container.privileged | N | Boolean | Enable/disable extended privileges for this container. |
| container.cap_adds[] | N | Array of Strings | Linux capabilities to add |
| container.cap_drops[] | N | Array of Strings | Linux capabilities to drop |
[1] See SETTINGS.md [2] See the Docker builder EXPOSE instruction
This example will create a MongoDB 2.6 service using the Docker image
frodenas/mongodb:2.6 (Dockerfile). When the container is
started, it will use the default entrypoint and the following command arguments --smallfiles --httpinterface. It will expose the container volume /data to a host directory created automatically by the
service broker.
container:
backend: 'docker'
image: 'frodenas/mongodb'
tag: '2.6'
command: '--smallfiles --httpinterface'
persistent_volumes:
- '/data'