Skip to content
This repository has been archived by the owner on Jul 2, 2024. It is now read-only.

Commit

Permalink
Merge pull request #169 from jdeathe/centos-7-develop
Browse files Browse the repository at this point in the history
Release changes for 2.2.1
  • Loading branch information
jdeathe authored Dec 10, 2018
2 parents a90c765 + 1e7701e commit 1741689
Show file tree
Hide file tree
Showing 14 changed files with 258 additions and 102 deletions.
12 changes: 12 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,18 @@ Summary of release changes for Version 2.

CentOS-7 7.5.1804 x86_64 - Varnish Cache 6.1.

### 2.2.1 - 2018-12-10

- Fixes typo in test; using `--format` instead of `--filter`.
- Updates source image to [2.4.1](https://github.com/jdeathe/centos-ssh/releases/tag/2.4.1).
- Updates Varnish to [6.1.1](https://github.com/varnishcache/varnish-cache/blob/varnish-6.1.1/doc/changes.rst).
- Updates `gcc` packages to 4.8.5-36.
- Updates image versions in docker-compose example and tests.
- Adds required `--sysctl` settings to docker run templates.
- Adds change to ensure varnishncsa is run with a non-root user `varnishlog`.
- Adds varnishncsa access logs to docker log output.
- Adds "Varnish Details" to docker log output.

### 2.2.0 - 2018-10-09

- Updates Varnish to [6.1.0](https://github.com/varnishcache/varnish-cache/blob/varnish-6.1.0/doc/changes.rst)
Expand Down
27 changes: 18 additions & 9 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
# CentOS-7, Varnish 6.1
#
# =============================================================================
FROM jdeathe/centos-ssh:2.4.0
FROM jdeathe/centos-ssh:2.4.1

# -----------------------------------------------------------------------------
# Install Varnish Cache
Expand All @@ -24,8 +24,8 @@ RUN { \
&& yum -y install \
--setopt=tsflags=nodocs \
--disableplugin=fastestmirror \
gcc-4.8.5-28.el7_5.1 \
varnish-6.1.0-1.el7 \
gcc-4.8.5-36.el7 \
varnish-6.1.1-1.el7 \
&& yum versionlock add \
varnish \
gcc \
Expand Down Expand Up @@ -60,17 +60,26 @@ RUN ln -sf \
&& chmod 644 \
/etc/varnish/*.vcl \
&& chmod 700 \
/usr/{bin/healthcheck,sbin/{varnishd,varnishncsa}-wrapper}
/usr/{bin/healthcheck,sbin/{varnishd,varnishncsa}-wrapper} \
&& chmod 750 \
/usr/sbin/varnishncsa-wrapper \
&& chgrp varnish \
/usr/sbin/varnishncsa-wrapper \
&& mkdir -p \
/var/run/varnish \
&& chown \
varnishlog:varnish \
/var/run/varnish

EXPOSE 80 8443

# -----------------------------------------------------------------------------
# Set default environment variables
# -----------------------------------------------------------------------------
ENV SSH_AUTOSTART_SSHD=false \
SSH_AUTOSTART_SSHD_BOOTSTRAP=false \
VARNISH_AUTOSTART_VARNISHD_WRAPPER=true \
VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=false \
ENV SSH_AUTOSTART_SSHD="false" \
SSH_AUTOSTART_SSHD_BOOTSTRAP="false" \
VARNISH_AUTOSTART_VARNISHD_WRAPPER="true" \
VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER="false" \
VARNISH_MAX_THREADS="1000" \
VARNISH_MIN_THREADS="50" \
VARNISH_STORAGE="file,/var/lib/varnish/varnish_storage.bin,1G" \
Expand All @@ -82,7 +91,7 @@ ENV SSH_AUTOSTART_SSHD=false \
# -----------------------------------------------------------------------------
# Set image metadata
# -----------------------------------------------------------------------------
ARG RELEASE_VERSION="2.2.0"
ARG RELEASE_VERSION="2.2.1"
LABEL \
maintainer="James Deathe <[email protected]>" \
install="docker run \
Expand Down
18 changes: 12 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,16 +7,16 @@ Docker Image including:

## Overview & links

- `centos-7`, `centos-7-2.2.0`, `2.2.0` [(centos-7/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-7/Dockerfile)
- `centos-6`, `centos-6-1.5.1`, `1.5.1` [(centos-6/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-6/Dockerfile)
- `centos-7`, `centos-7-2.2.1`, `2.2.1` [(centos-7/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-7/Dockerfile)
- `centos-6`, `centos-6-1.5.2`, `1.5.2` [(centos-6/Dockerfile)](https://github.com/jdeathe/centos-ssh-varnish/blob/centos-6/Dockerfile)

#### centos-6

The latest CentOS-6 based release can be pulled from the `centos-6` Docker tag. It is recommended to select a specific release tag - the convention is `centos-6-1.5.1`or `1.5.1` for the [1.5.1](https://github.com/jdeathe/centos-ssh-varnish/tree/1.5.1) release tag.
The latest CentOS-6 based release can be pulled from the `centos-6` Docker tag. It is recommended to select a specific release tag - the convention is `centos-6-1.5.2`or `1.5.2` for the [1.5.2](https://github.com/jdeathe/centos-ssh-varnish/tree/1.5.2) release tag.

#### centos-7

The latest CentOS-7 based release can be pulled from the `centos-7` Docker tag. It is recommended to select a specific release tag - the convention is `centos-7-2.2.0`or `2.2.0` for the [2.2.0](https://github.com/jdeathe/centos-ssh-varnish/tree/2.2.0) release tag.
The latest CentOS-7 based release can be pulled from the `centos-7` Docker tag. It is recommended to select a specific release tag - the convention is `centos-7-2.2.1`or `2.2.1` for the [2.2.1](https://github.com/jdeathe/centos-ssh-varnish/tree/2.2.1) release tag.

Included in the build are the [SCL](https://www.softwarecollections.org/), [EPEL](http://fedoraproject.org/wiki/EPEL) and [IUS](https://ius.io) repositories. Installed packages include [OpenSSH](http://www.openssh.com/portable.html) secure shell, [vim-minimal](http://www.vim.org/), are installed along with python-setuptools, [supervisor](http://supervisord.org/) and [supervisor-stdout](https://github.com/coderanger/supervisor-stdout).

Expand All @@ -42,8 +42,9 @@ Run up a container named `varnish.pool-1.1.1` from the docker image `jdeathe/cen
$ docker run -d -t \
--name varnish.pool-1.1.1 \
-p 80:80 \
--sysctl "net.core.somaxconn=1024" \
--add-host httpd_1:172.17.8.101 \
jdeathe/centos-ssh-varnish:2.2.0
jdeathe/centos-ssh-varnish:2.2.1
```

Now you can verify it is initialised and running successfully by inspecting the container's logs.
Expand Down Expand Up @@ -71,12 +72,17 @@ $ docker run \
--name varnish.pool-1.1.1 \
--publish 8000:80 \
--publish 8500:8443 \
--sysctl "net.core.somaxconn=1024" \
--sysctl "net.ipv4.ip_local_port_range=1024 65535" \
--sysctl "net.ipv4.route.flush=1" \
--ulimit memlock=82000 \
--ulimit nofile=131072 \
--ulimit nproc=65535 \
--env "VARNISH_STORAGE=malloc,256M" \
--env "VARNISH_MAX_THREADS=2000" \
--env "VARNISH_MIN_THREADS=100" \
--add-host httpd_1:172.17.8.101 \
jdeathe/centos-ssh-varnish:2.2.0
jdeathe/centos-ssh-varnish:2.2.1
```

Now you can verify it is initialised and running successfully by inspecting the container's logs:
Expand Down
9 changes: 6 additions & 3 deletions default.mk
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,12 @@ define DOCKER_CONTAINER_PARAMETERS
--tty \
--name $(DOCKER_NAME) \
--restart $(DOCKER_RESTART_POLICY) \
--ulimit memlock=$(ULIMIT_MEMLOCK) \
--ulimit nofile=$(ULIMIT_NOFILE) \
--ulimit nproc=$(ULIMIT_NPROC) \
--sysctl "net.core.somaxconn=$(SYSCTL_NET_CORE_SOMAXCONN)" \
--sysctl "net.ipv4.ip_local_port_range=$(SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE)" \
--sysctl "net.ipv4.route.flush=$(SYSCTL_NET_IPV4_ROUTE_FLUSH)" \
--ulimit "memlock=$(ULIMIT_MEMLOCK)" \
--ulimit "nofile=$(ULIMIT_NOFILE)" \
--ulimit "nproc=$(ULIMIT_NPROC)" \
--env "VARNISH_AUTOSTART_VARNISHD_WRAPPER=$(VARNISH_AUTOSTART_VARNISHD_WRAPPER)" \
--env "VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=$(VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER)" \
--env "VARNISH_MAX_THREADS=$(VARNISH_MAX_THREADS)" \
Expand Down
14 changes: 7 additions & 7 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,8 @@ services:
environment:
VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER: "true"
VARNISH_STORAGE: "malloc,256M"
VARNISH_MAX_THREADS: "2048"
VARNISH_MIN_THREADS: "1024"
VARNISH_MAX_THREADS: "2000"
VARNISH_MIN_THREADS: "100"
# Example varnishncsa format string to include cache hit|miss indicator.
# VARNISH_VARNISHNCSA_FORMAT: "%h %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\" %{Varnish:hitmiss}x"
image: "jdeathe/centos-ssh-varnish:latest"
Expand All @@ -43,7 +43,7 @@ services:
- "8443:8443"
restart: "always"
sysctls:
net.core.somaxconn: "2048"
net.core.somaxconn: "1024"
net.ipv4.ip_local_port_range: "1024 65535"
net.ipv4.route.flush: "1"
tty: true
Expand All @@ -63,7 +63,7 @@ services:
APACHE_SERVER_NAME: "www.app.local"
PHP_OPTIONS_SESSION_SAVE_HANDLER: "memcached"
PHP_OPTIONS_SESSION_SAVE_PATH: "memcached:11211"
image: "jdeathe/centos-ssh-apache-php:3.1.0"
image: "jdeathe/centos-ssh-apache-php:3.1.1"
networks:
tier2:
aliases:
Expand All @@ -77,12 +77,12 @@ services:
memcached:
environment:
MEMCACHED_CACHESIZE: "32"
MEMCACHED_MAXCONN: "2048"
image: "jdeathe/centos-ssh-memcached:2.1.0"
MEMCACHED_MAXCONN: "1024"
image: "jdeathe/centos-ssh-memcached:2.1.1"
networks:
- "tier2"
restart: "always"
sysctls:
net.core.somaxconn: "2048"
net.core.somaxconn: "1024"
net.ipv4.ip_local_port_range: "1024 65535"
net.ipv4.route.flush: "1"
5 changes: 5 additions & 0 deletions environment.mk
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,11 @@ DIST_PATH ?= ./dist
# Number of seconds expected to complete container startup including bootstrap.
STARTUP_TIME ?= 2

# Docker --sysctl settings
SYSCTL_NET_CORE_SOMAXCONN ?= 1024
SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE ?= 1024 65535
SYSCTL_NET_IPV4_ROUTE_FLUSH ?= 1

# Docker --ulimit settings
ULIMIT_MEMLOCK ?= 82000
ULIMIT_NOFILE ?= 131072
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,9 @@
priority = 150
command = /usr/sbin/varnishncsa-wrapper
autostart = %(ENV_VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER)s
startsecs = 0
startsecs = 1
autorestart = true
redirect_stderr = true
stdout_logfile = /var/log/varnish.log
stdout_events_enabled = true
stdout_logfile = /var/log/varnish/access_log
stdout_events_enabled = true
user = varnishlog
14 changes: 10 additions & 4 deletions src/etc/systemd/system/[email protected]
Original file line number Diff line number Diff line change
Expand Up @@ -52,9 +52,12 @@ Environment="DOCKER_USER=jdeathe"
Environment="DOCKER_CONTAINER_OPTS="
Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/opt/scmi/packages"
Environment="DOCKER_IMAGE_NAME=centos-ssh-varnish"
Environment="DOCKER_IMAGE_TAG=2.2.0"
Environment="DOCKER_IMAGE_TAG=2.2.1"
Environment="DOCKER_PORT_MAP_TCP_80=8000"
Environment="DOCKER_PORT_MAP_TCP_8443=8500"
Environment="SYSCTL_NET_CORE_SOMAXCONN=1024"
Environment="SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE=1024 65535"
Environment="SYSCTL_NET_IPV4_ROUTE_FLUSH=1"
Environment="ULIMIT_MEMLOCK=82000"
Environment="ULIMIT_NOFILE=131072"
Environment="ULIMIT_NPROC=9223372036854775807"
Expand Down Expand Up @@ -97,9 +100,12 @@ ExecStart=/bin/bash -c \
"exec /usr/bin/docker run \
--tty \
--name %p.%i \
--ulimit memlock=${ULIMIT_MEMLOCK} \
--ulimit nofile=${ULIMIT_NOFILE} \
--ulimit nproc=${ULIMIT_NPROC} \
--sysctl \"net.core.somaxconn=${SYSCTL_NET_CORE_SOMAXCONN}\" \
--sysctl \"net.ipv4.ip_local_port_range=${SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE}\" \
--sysctl \"net.ipv4.route.flush=${SYSCTL_NET_IPV4_ROUTE_FLUSH}\" \
--ulimit \"memlock=${ULIMIT_MEMLOCK}\" \
--ulimit \"nofile=${ULIMIT_NOFILE}\" \
--ulimit \"nproc=${ULIMIT_NPROC}\" \
--env \"VARNISH_AUTOSTART_VARNISHD_WRAPPER=${VARNISH_AUTOSTART_VARNISHD_WRAPPER}\" \
--env \"VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=${VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER}\" \
--env \"VARNISH_MAX_THREADS=${VARNISH_MAX_THREADS}\" \
Expand Down
9 changes: 6 additions & 3 deletions src/opt/scmi/default.sh
Original file line number Diff line number Diff line change
Expand Up @@ -41,9 +41,12 @@ fi
DOCKER_CONTAINER_PARAMETERS="--tty \
--name ${DOCKER_NAME} \
--restart ${DOCKER_RESTART_POLICY} \
--ulimit memlock=${ULIMIT_MEMLOCK} \
--ulimit nofile=${ULIMIT_NOFILE} \
--ulimit nproc=${ULIMIT_NPROC} \
--sysctl \"net.core.somaxconn=${SYSCTL_NET_CORE_SOMAXCONN}\" \
--sysctl \"net.ipv4.ip_local_port_range=${SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE}\" \
--sysctl \"net.ipv4.route.flush=${SYSCTL_NET_IPV4_ROUTE_FLUSH}\" \
--ulimit \"memlock=${ULIMIT_MEMLOCK}\" \
--ulimit \"nofile=${ULIMIT_NOFILE}\" \
--ulimit \"nproc=${ULIMIT_NPROC}\" \
--env \"VARNISH_AUTOSTART_VARNISHD_WRAPPER=${VARNISH_AUTOSTART_VARNISHD_WRAPPER}\" \
--env \"VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER=${VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER}\" \
--env \"VARNISH_MAX_THREADS=${VARNISH_MAX_THREADS}\" \
Expand Down
5 changes: 5 additions & 0 deletions src/opt/scmi/environment.sh
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,11 @@ DIST_PATH="${DIST_PATH:-./dist}"
# Number of seconds expected to complete container startup including bootstrap.
STARTUP_TIME="${STARTUP_TIME:-2}"

# Docker --sysctl settings
SYSCTL_NET_CORE_SOMAXCONN="${SYSCTL_NET_CORE_SOMAXCONN:-1024}"
SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE="${SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE:-1024 65535}"
SYSCTL_NET_IPV4_ROUTE_FLUSH="${SYSCTL_NET_IPV4_ROUTE_FLUSH:-1}"

# Docker --ulimit settings
ULIMIT_MEMLOCK="${ULIMIT_MEMLOCK:-82000}"
ULIMIT_NOFILE="${ULIMIT_NOFILE:-131072}"
Expand Down
3 changes: 3 additions & 0 deletions src/opt/scmi/service-unit.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ readonly SERVICE_UNIT_ENVIRONMENT_KEYS="
DOCKER_IMAGE_TAG
DOCKER_PORT_MAP_TCP_80
DOCKER_PORT_MAP_TCP_8443
SYSCTL_NET_CORE_SOMAXCONN
SYSCTL_NET_IPV4_IP_LOCAL_PORT_RANGE
SYSCTL_NET_IPV4_ROUTE_FLUSH
ULIMIT_MEMLOCK
ULIMIT_NOFILE
ULIMIT_NPROC
Expand Down
Loading

0 comments on commit 1741689

Please sign in to comment.