Merge pull request #186 from jdeathe/centos-7-develop

Release changes for 2.3.0

.dockerignore

@@ -1,7 +1,11 @@
+.env
+.env.example
 .git
 .gitignore
 dist
 test
+var
+docker-compose.yml
 LICENSE
 README-short.txt
 *.md

.env.example

@@ -0,0 +1,9 @@
+VARNISH_MAX_THREADS=1000
+VARNISH_MIN_THREADS=50
+VARNISH_OPTIONS=
+VARNISH_STORAGE=file,/var/lib/varnish/varnish_storage.bin,1G
+VARNISH_THREAD_TIMEOUT=120
+VARNISH_TTL=120
+VARNISH_VARNISHNCSA_FORMAT=%h %l %u %t "%r" %s %b "%{Referer}i" "%{User-agent}i"
+VARNISH_VARNISHNCSA_OPTIONS=
+VARNISH_VCL_CONF=/etc/varnish/docker-default.vcl

.gitignore

@@ -1 +1,2 @@
+.env
 dist

CHANGELOG.md

@@ -4,7 +4,39 @@
 
 Summary of release changes for Version 2.
 
-CentOS-7 7.5.1804 x86_64 - Varnish Cache 6.1.
+CentOS-7 7.5.1804 x86_64 - Varnish Cache 6.2.
+
+### 2.3.0 - 2019-05-06
+
+- Updates `gcc` package to gcc-4.8.5-36.el7_6.1.
+- Updates source image to [2.5.1](https://github.com/jdeathe/centos-ssh/releases/tag/2.5.1).
+- Updates Varnish to [6.2.0](https://github.com/varnishcache/varnish-cache/blob/varnish-6.2.0/doc/changes.rst).
+- Updates and restructures Dockerfile.
+- Updates container naming conventions and readability of `Makefile`.
+- Updates startup time to 4 seconds.
+- Updates healthcheck retries to 5.
+- Updates default VCL excluding several parts already defined in `builtin.vcl`.
+- Fixes issue with unexpected published port in run templates when `DOCKER_PORT_MAP_TCP_80` or `DOCKER_PORT_MAP_TCP_8443` is set to an empty string or 0.
+- Fixes binary paths in systemd unit files for compatibility with both EL and Ubuntu hosts.
+- Adds consideration for event lag into test cases for unhealthy health_status events.
+- Adds port incrementation to Makefile's run template for container names with an instance suffix.
+- Adds placeholder replacement of `RELEASE_VERSION` docker argument to systemd service unit template.
+- Adds improvement to pull logic in systemd unit install template.
+- Adds `SSH_AUTOSTART_SUPERVISOR_STDOUT` with a value "false", disabling startup of `supervisor_stdout`.
+- Adds error messages to healthcheck script and includes supervisord check.
+- Adds improved logging output.
+- Adds docker-compose configuration example.
+- Adds improved/simplified Cookie logic in `docker-default.vcl`.
+- Adds improved `healtchcheck`, `varnishd-wrapper` and `varnishncsa-wrapper` scripts.
+- Adds improved lock/state file implementation in wrapper scripts.
+- Adds `VARNISH_OPTIONS` and `VARNISH_VARNISHNCSA_OPTIONS`.
+- Adds improved VCL error checking/handling.
+- Adds styled synthetic 500 error responses.
+- Removes use of `/etc/services-config` paths.
+- Removes the unused group element from the default container name.
+- Removes the node element from the default container name.
+- Removes unused environment variables from Makefile and scmi configuration.
+- Removes X-Fleet section from etcd register template unit-file.
 
 ### 2.2.1 - 2018-12-10
 
@@ -20,14 +52,14 @@ CentOS-7 7.5.1804 x86_64 - Varnish Cache 6.1.
 
 ### 2.2.0 - 2018-10-09
 
-- Updates Varnish to [6.1.0](https://github.com/varnishcache/varnish-cache/blob/varnish-6.1.0/doc/changes.rst)
+- Updates Varnish to [6.1.0](https://github.com/varnishcache/varnish-cache/blob/varnish-6.1.0/doc/changes.rst).
 - Adds lockfile to ensure varnishd is started before running varnishncsa.
 - Adds failure messages to healthcheck script.
 
 ### 2.1.0 - 2018-10-01
 
 - Updates source image to [2.4.0](https://github.com/jdeathe/centos-ssh/releases/tag/2.4.0).
-- Updates Varnish to [6.0.1](https://github.com/varnishcache/varnish-cache/blob/varnish-6.0.1/doc/changes.rst)
+- Updates Varnish to [6.0.1](https://github.com/varnishcache/varnish-cache/blob/varnish-6.0.1/doc/changes.rst).
 - Updates pattern for static assets to include web fonts and SVG images and remove SWF.
 - Removes response header that indicate Varnish version.
 - Adds `VARNISH_AUTOSTART_VARNISHD_WRAPPER` for disabling varnishd autostart.
@@ -36,4 +68,4 @@ CentOS-7 7.5.1804 x86_64 - Varnish Cache 6.1.
 
 ### 2.0.0 - 2018-06-22
 
-- Initial release
+- Initial release.

Dockerfile

@@ -1,97 +1,86 @@
-# =============================================================================
-# jdeathe/centos-ssh-varnish
-#
-# CentOS-7, Varnish 6.1
-#
-# =============================================================================
-FROM jdeathe/centos-ssh:2.4.1
+FROM jdeathe/centos-ssh:2.5.1
 
-# -----------------------------------------------------------------------------
-# Install Varnish Cache
-# -----------------------------------------------------------------------------
-RUN { \
-		echo '[varnishcache_varnish61]'; \
-		echo 'name=varnishcache_varnish61'; \
-		echo 'baseurl=https://packagecloud.io/varnishcache/varnish61/el/7/$basearch'; \
-		echo 'repo_gpgcheck=1'; \
-		echo 'gpgcheck=0'; \
-		echo 'enabled=1'; \
-		echo 'gpgkey=https://packagecloud.io/varnishcache/varnish61/gpgkey'; \
-		echo 'sslverify=1'; \
-		echo 'sslcacert=/etc/pki/tls/certs/ca-bundle.crt'; \
-		echo 'metadata_expire=300'; \
+ARG RELEASE_VERSION="2.3.0"
+
+# ------------------------------------------------------------------------------
+# Base install of required packages
+# ------------------------------------------------------------------------------
+RUN { printf -- \
+		'[%s]\nname=%s\nbaseurl=%s\nrepo_gpgcheck=%s\ngpgcheck=%s\nenabled=%s\ngpgkey=%s\nsslverify=%s\nsslcacert=%s\nmetadata_expire=%s\n' \
+		'varnishcache_varnish62' \
+		'varnishcache_varnish62' \
+		'https://packagecloud.io/varnishcache/varnish62/el/7/$basearch' \
+		'1' \
+		'0' \
+		'1' \
+		'https://packagecloud.io/varnishcache/varnish62/gpgkey' \
+		'1' \
+		'/etc/pki/tls/certs/ca-bundle.crt' \
+		'300'; \
 	} > /etc/yum.repos.d/varnishcache_varnish61.repo \
 	&& yum -y install \
 		--setopt=tsflags=nodocs \
 		--disableplugin=fastestmirror \
-		gcc-4.8.5-36.el7 \
-		varnish-6.1.1-1.el7 \
+		gcc-4.8.5-36.el7_6.1 \
+		varnish-6.2.0-1.el7 \
 	&& yum versionlock add \
 		varnish \
 		gcc \
 	&& rm -rf /var/cache/yum/* \
 	&& yum clean all
 
-# -----------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
 # Copy files into place
-# -----------------------------------------------------------------------------
-ADD src/usr/bin \
-	/usr/bin/
-ADD src/usr/sbin \
-	/usr/sbin/
-ADD src/opt/scmi \
-	/opt/scmi/
-ADD src/etc/services-config/supervisor/supervisord.d \
-	/etc/services-config/supervisor/supervisord.d/
-ADD src/etc/services-config/varnish/docker-default.vcl \
-	/etc/services-config/varnish/
-ADD src/etc/systemd/system \
-	/etc/systemd/system/
+# ------------------------------------------------------------------------------
+ADD src /
 
-RUN ln -sf \
-		/etc/services-config/supervisor/supervisord.d/varnishd-wrapper.conf \
-		/etc/supervisord.d/varnishd-wrapper.conf \
-	&& ln -sf \
-		/etc/services-config/supervisor/supervisord.d/varnishncsa-wrapper.conf \
-		/etc/supervisord.d/varnishncsa-wrapper.conf \
-	&& ln -sf \
-		/etc/services-config/varnish/docker-default.vcl \
-		/etc/varnish/docker-default.vcl \
+# ------------------------------------------------------------------------------
+# Provisioning
+# - Replace placeholders with values in systemd service unit template
+# - Symbolic link varnish access log file to stdout
+# - Create directory for varnishncsa PID file
+# - Set permissions
+# ------------------------------------------------------------------------------
+RUN sed -i \
+		-e "s~{{RELEASE_VERSION}}~${RELEASE_VERSION}~g" \
+		/etc/systemd/system/[email protected] \
+	&& mkdir -p \
+		/var/{lib/misc,lock/subsys,run}/varnish \
+	&& chown \
+		varnishlog:varnish \
+		/var/{lib/misc,lock/subsys,run}/varnish \
 	&& chmod 644 \
 		/etc/varnish/*.vcl \
 	&& chmod 700 \
 		/usr/{bin/healthcheck,sbin/{varnishd,varnishncsa}-wrapper} \
 	&& chmod 750 \
 		/usr/sbin/varnishncsa-wrapper \
 	&& chgrp varnish \
-		/usr/sbin/varnishncsa-wrapper \
-	&& mkdir -p \
-		/var/run/varnish \
-	&& chown \
-		varnishlog:varnish \
-		/var/run/varnish
+		/usr/sbin/varnishncsa-wrapper
 
 EXPOSE 80 8443
 
-# -----------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
 # Set default environment variables
-# -----------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
 ENV SSH_AUTOSTART_SSHD="false" \
 	SSH_AUTOSTART_SSHD_BOOTSTRAP="false" \
+	SSH_AUTOSTART_SUPERVISOR_STDOUT="false" \
 	VARNISH_AUTOSTART_VARNISHD_WRAPPER="true" \
 	VARNISH_AUTOSTART_VARNISHNCSA_WRAPPER="false" \
 	VARNISH_MAX_THREADS="1000" \
 	VARNISH_MIN_THREADS="50" \
+	VARNISH_OPTIONS="" \
 	VARNISH_STORAGE="file,/var/lib/varnish/varnish_storage.bin,1G" \
 	VARNISH_THREAD_TIMEOUT="120" \
 	VARNISH_TTL="120" \
 	VARNISH_VARNISHNCSA_FORMAT="%h %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\"" \
+	VARNISH_VARNISHNCSA_OPTIONS="" \
 	VARNISH_VCL_CONF="/etc/varnish/docker-default.vcl"
 
-# -----------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
 # Set image metadata
-# -----------------------------------------------------------------------------
-ARG RELEASE_VERSION="2.2.1"
+# ------------------------------------------------------------------------------
 LABEL \
 	maintainer="James Deathe <[email protected]>" \
 	install="docker run \
@@ -118,12 +107,12 @@ jdeathe/centos-ssh-varnish:${RELEASE_VERSION} \
 	org.deathe.license="MIT" \
 	org.deathe.vendor="jdeathe" \
 	org.deathe.url="https://github.com/jdeathe/centos-ssh-varnish" \
-	org.deathe.description="CentOS-7 7.5.1804 x86_64 - Varnish Cache 6.1."
+	org.deathe.description="CentOS-7 7.5.1804 x86_64 - Varnish Cache 6.2."
 
 HEALTHCHECK \
-	--interval=0.5s \
+	--interval=1s \
 	--timeout=1s \
-	--retries=4 \
+	--retries=5 \
 	CMD ["/usr/bin/healthcheck"]
 
-CMD ["/usr/bin/supervisord", "--configuration=/etc/supervisord.conf"]
+CMD ["/usr/bin/supervisord", "--configuration=/etc/supervisord.conf"]