gliderlabs · mfischer-zd · Oct 28, 2015 · Oct 28, 2015 · Oct 28, 2015 · Oct 29, 2015
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,2 @@
+*~
+*.sw[a-z]
diff --git a/0.5/consul-agent/Dockerfile b/0.5/consul-agent/Dockerfile
@@ -1,6 +1,13 @@
-FROM gliderlabs/consul:0.5
-ADD ./config /config/
+FROM zendesk/consul:0.5.2
+
+ENV CONSUL_CLIENT_ADDR 0.0.0.0
+ENV CONSUL_DATA_DIR /data
+ENV CONSUL_LEAVE_ON_TERMINATE 1
+ENV CONSUL_DNS_ALLOW_STALE 1
+ENV CONSUL_DNS_MAX_STALE 1s
+ENV CONSUL_DNS_ENABLE_TRUNCATE 1
+ENV CONSUL_DISABLE_REMOTE_EXEC 1
+
 EXPOSE 8300 8301 8301/udp 8302 8302/udp 8400 8500 8600 8600/udp
-ENV DNS_RESOLVES consul
-ENV DNS_PORT 8600
-ENTRYPOINT ["/bin/consul", "agent", "-config-dir=/config"]
+VOLUME /data
+ENTRYPOINT ["/bin/consul_launcher"]
diff --git a/0.5/consul-agent/Makefile b/0.5/consul-agent/Makefile
@@ -1,3 +1,3 @@
 
 build:
-	docker build -t gliderlabs/consul-agent .
+	docker build -t zendesk/consul-agent:0.5.2 .
diff --git a/0.5/consul-agent/config/agent.json b/0.5/consul-agent/config/agent.json
diff --git a/0.5/consul-server/Dockerfile b/0.5/consul-server/Dockerfile
@@ -1,5 +1,8 @@
-FROM gliderlabs/consul-agent:0.5
-ADD ./config /config/
+FROM zendesk/consul-agent:0.5.2
+ENV CONSUL_SERVER 1
+ENV CONSUL_DNS_ALLOW_STALE 0
+ENV CONSUL_DNS_MAX_STALE ""
+ENV CONSUL_UI_DIR /ui
 ADD https://dl.bintray.com/mitchellh/consul/0.5.2_web_ui.zip /tmp/webui.zip
 RUN cd /tmp && unzip webui.zip && mv dist /ui && rm webui.zip
-ENTRYPOINT ["/bin/consul", "agent", "-server", "-config-dir=/config"]
+ENTRYPOINT ["/bin/consul_launcher"]
diff --git a/0.5/consul-server/Makefile b/0.5/consul-server/Makefile
@@ -1,3 +1,3 @@
 
 build:
-	docker build -t gliderlabs/consul-server .
+	docker build -t zendesk/consul-server:0.5.2 .
diff --git a/0.5/consul-server/config/server.json b/0.5/consul-server/config/server.json
diff --git a/0.5/consul/Dockerfile b/0.5/consul/Dockerfile
@@ -1,18 +1,60 @@
 FROM alpine:3.2
 
-ENV CONSUL_VERSION 0.5.2
-ENV CONSUL_SHA256 171cf4074bfca3b1e46112105738985783f19c47f4408377241b868affa9d445
+ENV CONSUL_VERSION 0.5.2-2-g4e53804
+ENV CONSUL_SHA256 acfbbe2d852442dd523416bdd78790d445125ea7f6a6ace0115510b8d94b2ae4
+ENV CONSUL_ACL_DATACENTER ""
+ENV CONSUL_ACL_DEFAULT_POLICY ""
+ENV CONSUL_ACL_DOWN_POLICY ""
+ENV CONSUL_ACL_MASTER_TOKEN ""
+ENV CONSUL_ACL_TOKEN ""
+ENV CONSUL_ACL_TTL ""
+ENV CONSUL_ADVERTISE_ADDR ""
+ENV CONSUL_ADVERTISE_ADDR_WAN ""
+ENV CONSUL_BOOTSTRAP_EXPECT ""
+ENV CONSUL_CHECK_UPDATE_INTERVAL ""
+ENV CONSUL_DATA_DIR ""
+ENV CONSUL_CLIENT_ADDR ""
+ENV CONSUL_DATACENTER ""
+ENV CONSUL_DISABLE_REMOTE_EXEC ""
+ENV CONSUL_DISABLE_UPDATE_CHECK ""
+ENV CONSUL_DNS_ALLOW_STALE ""
+ENV CONSUL_DNS_ENABLE_TRUNCATE ""
+ENV CONSUL_DNS_MAX_STALE ""
+ENV CONSUL_DNS_NODE_TTL ""
+ENV CONSUL_DNS_ONLY_PASSING ""
+ENV CONSUL_DNS_SERVICE_TTL ""
+ENV CONSUL_DOMAIN ""
+ENV CONSUL_ENCRYPT ""
+ENV CONSUL_LEAVE_ON_TERMINATE ""
+ENV CONSUL_REJOIN_AFTER_LEAVE ""
+ENV CONSUL_RETRY_JOIN ""
+ENV CONSUL_RETRY_INTERVAL ""
+ENV CONSUL_RETRY_INTERVAL_WAN ""
+ENV CONSUL_SERVER ""
+ENV CONSUL_SERVER_NAME ""
+ENV CONSUL_SESSION_TTL_MIN ""
+ENV CONSUL_SKIP_LEAVE_ON_INTERRUPT ""
+ENV CONSUL_START_JOIN ""
+ENV CONSUL_START_JOIN_WAN ""
+ENV CONSUL_STATSD_ADDR ""
+ENV CONSUL_STATSITE_ADDR ""
+ENV CONSUL_STATSITE_PREFIX ""
+ENV CONSUL_TLS_CA_FILE ""
+ENV CONSUL_TLS_CERT_FILE ""
+ENV CONSUL_TLS_VERIFY_INCOMING ""
+ENV CONSUL_TLS_VERIFY_OUTGOING ""
+ENV CONSUL_TLS_VERIFY_SERVER_HOSTNAME ""
+ENV CONSUL_UI_DIR ""
 
-RUN apk --update add curl ca-certificates && \
+RUN apk --update add curl ca-certificates jq && \
     curl -Ls https://circle-artifacts.com/gh/andyshinn/alpine-pkg-glibc/6/artifacts/0/home/ubuntu/alpine-pkg-glibc/packages/x86_64/glibc-2.21-r2.apk > /tmp/glibc-2.21-r2.apk && \
     apk add --allow-untrusted /tmp/glibc-2.21-r2.apk && \
     rm -rf /tmp/glibc-2.21-r2.apk /var/cache/apk/*
-ADD https://dl.bintray.com/mitchellh/consul/${CONSUL_VERSION}_linux_amd64.zip /tmp/consul.zip
-RUN echo "${CONSUL_SHA256}  /tmp/consul.zip" > /tmp/consul.sha256 \
+ADD https://github.com/zendesk/consul/releases/download/${CONSUL_VERSION}/consul_linux_x86_64 /bin/consul
+RUN echo "${CONSUL_SHA256}  /bin/consul" > /tmp/consul.sha256 \
   && sha256sum -c /tmp/consul.sha256 \
-  && cd /bin \
-  && unzip /tmp/consul.zip \
-  && chmod +x /bin/consul \
-  && rm /tmp/consul.zip
+  && chmod +x /bin/consul
+RUN mkdir /config
+ADD ./bin/consul_launcher /bin/
 
-ENTRYPOINT ["/bin/consul"]
+ENTRYPOINT ["/bin/consul_launcher"]
diff --git a/0.5/consul/Makefile b/0.5/consul/Makefile
@@ -1,3 +1,3 @@
 
 build:
-	docker build -t gliderlabs/consul .
+	docker build -t zendesk/consul:0.5.2 .
diff --git a/0.5/consul/bin/consul_launcher b/0.5/consul/bin/consul_launcher
@@ -0,0 +1,96 @@
+#!/bin/sh
+# vim:syn=sh ts=2 sw=2 et ai
+
+jq_filter="{}"
+
+add_key() {
+  key="$1"
+  val="$2"
+  type="$3"
+
+  case "$type" in
+    string)
+      [ -z "$val" ] && return
+      val="\"${val}\""
+      ;;
+    multi_string)
+      [ -z "$val" ] && return
+      oldIFS=$IFS; IFS=,
+      set -- $val
+      IFS=$oldIFS
+      val=""
+      for i in "$@"; do
+        i="\"${i}\""
+        if [ -z "$val" ]; then
+          val="[$i"
+        else
+          val="${val},${i}"
+        fi
+      done
+      val="${val}]"
+      ;;
+    int)
+      [ -z "$val" ] && return
+      ;;
+    boolean)
+      if [ "$val" = "0" -o "$val" = "false" -o "$val" = "n" -o "$val" = "no" ]; then
+        val=false
+      elif [ "$val" = "1" -o "$val" = "true" -o "$val" = "y" -o "$val" = "yes" ]; then
+        val=true
+      else
+        return
+      fi
+      ;;
+  esac
+
+  jq_filter="${jq_filter} | .${key} = ${val}"
+}
+
+
+add_key acl_datacenter "$CONSUL_ACL_DATACENTER" string
+add_key acl_default_policy "$CONSUL_ACL_DEFAULT_POLICY" string
+add_key acl_down_policy "$CONSUL_ACL_DOWN_POLICY" string
+add_key acl_master_token "$CONSUL_ACL_MASTER_TOKEN" string
+add_key acl_token "$CONSUL_ACL_TOKEN" string
+add_key acl_ttl "$CONSUL_ACL_TTL" string
+add_key advertise_addr "$CONSUL_ADVERTISE_ADDR" string
+add_key advertise_addr_wan "$CONSUL_ADVERTISE_ADDR_WAN" string
+add_key bootstrap_expect "$CONSUL_BOOTSTRAP_EXPECT" int
+add_key ca_file "$CONSUL_TLS_CA_FILE" string
+add_key cert_file "$CONSUL_TLS_CERT_FILE" string
+add_key check_update_interval "$CONSUL_CHECK_UPDATE_INTERVAL" string
+add_key client_addr "$CONSUL_CLIENT_ADDR" string
+add_key data_dir "$CONSUL_DATA_DIR" string
+add_key datacenter "$CONSUL_DATACENTER" string
+add_key disable_remote_exec "$CONSUL_DISABLE_REMOTE_EXEC" boolean
+add_key disable_update_check "$CONSUL_DISABLE_UPDATE_CHECK" boolean
+add_key dns_config.allow_stale "$CONSUL_DNS_ALLOW_STALE" boolean
+add_key dns_config.enable_truncate "$CONSUL_DNS_ENABLE_TRUNCATE" boolean
+add_key dns_config.max_stale "$CONSUL_DNS_MAX_STALE" string
+add_key dns_config.node_ttl "$CONSUL_DNS_NODE_TTL" string
+add_key dns_config.only_passing "$CONSUL_DNS_ONLY_PASSING" boolean
+add_key dns_config.service_ttl "$CONSUL_DNS_SERVICE_TTL" string
+add_key domain "$CONSUL_DOMAIN" boolean
+add_key encrypt "$CONSUL_ENCRYPT" string
+add_key leave_on_terminate "$CONSUL_LEAVE_ON_TERMINATE" boolean
+add_key rejoin_after_leave "$CONSUL_REJOIN_AFTER_LEAVE" boolean
+add_key retry_interval "$CONSUL_RETRY_INTERVAL" string
+add_key retry_interval_wan "$CONSUL_RETRY_INTERVAL_WAN" string
+add_key retry_join "$CONSUL_RETRY_JOIN" multi_string
+add_key retry_join_wan "$CONSUL_RETRY_JOIN_WAN" multi_string
+add_key server "$CONSUL_SERVER" boolean
+add_key server_name "$CONSUL_SERVER_NAME" string
+add_key session_ttl_min "$CONSUL_SESSION_TTL_MIN" string
+add_key skip_leave_on_interrupt "$CONSUL_SKIP_LEAVE_ON_INTERRUPT" boolean
+add_key start_join "$CONSUL_START_JOIN" multi_string
+add_key start_join_wan "$CONSUL_START_JOIN_WAN" multi_string
+add_key statsd_addr "$CONSUL_STATSD_ADDR" string
+add_key statsite_addr "$CONSUL_STATSITE_ADDR" string
+add_key statsite_prefix "$CONSUL_STATSITE_PREFIX" string
+add_key ui_dir "$CONSUL_UI_DIR" string
+add_key verify_incoming "$CONSUL_TLS_VERIFY_INCOMING" boolean
+add_key verify_outgoing "$CONSUL_TLS_VERIFY_OUTGOING" boolean
+add_key verify_server_hostname "$CONSUL_TLS_VERIFY_SERVER_HOSTNAME" boolean
+
+jq -n "${jq_filter}" > /config/config.json
+exec /bin/consul agent -config-dir=/config
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,7 @@
 The MIT License (MIT)
 
 Copyright (c) 2015 Glider Labs
+Copyright (c) 2015 Zendesk Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/README.md b/README.md
@@ -1,9 +1,77 @@
-# Consul in Docker
+# Consul Docker images
 
-Looking for what used to be `progrium/consul`? Look in the `legacy` branch.
+These are Zendesk's customized Docker images for HashiCorp's Consul.  They're
+based on [Glider Labs' original
+sources](https://github.com/gliderlabs/docker-consul).
+
+## Lock race fixes
+
+This build contains an [important
+fix](https://github.com/hashicorp/consul/compare/master...zendesk:zendesk_0.5.2)
+to some race conditions in `consul lock` in the 0.5.2 upstream release.  Our
+fix has been accepted by Hashicorp, but no new release has been published yet
+that contains it.
+
+## Data persistence
+
+The `/data` directory is now marked as a volume, so that Consul's Raft data can
+be preserved across container restarts.  (Of course, you may always start
+with a clean slate by removing and recreating the container.)
+
+## Environment variables
+
+The following environment variables can be set to control the way Consul
+operates.  Check the [Consul
+documentation](https://www.consul.io/docs/agent/options.html) for further
+details on how they operate.
+
+For boolean variables, the values `"0"`, `"false"`, and `"n"` all translate to
+`false`; and `"1"`, `"true"`, and `"y"` all translate to `true`.
+
+* `CONSUL_ACL_DATACENTER`
+* `CONSUL_ACL_DEFAULT_POLICY`
+* `CONSUL_ACL_DOWN_POLICY`
+* `CONSUL_ACL_MASTER_TOKEN`
+* `CONSUL_ACL_TOKEN`
+* `CONSUL_ACL_TTL`
+* `CONSUL_ADVERTISE_ADDR`
+* `CONSUL_ADVERTISE_ADDR_WAN`
+* `CONSUL_BOOTSTRAP_EXPECT`
+* `CONSUL_CHECK_UPDATE_INTERVAL`
+* `CONSUL_DATA_DIR`
+* `CONSUL_CLIENT_ADDR`
+* `CONSUL_DATACENTER`
+* `CONSUL_DISABLE_REMOTE_EXEC`
+* `CONSUL_DISABLE_UPDATE_CHECK`
+* `CONSUL_DNS_ALLOW_STALE`
+* `CONSUL_DNS_ENABLE_TRUNCATE`
+* `CONSUL_DNS_MAX_STALE`
+* `CONSUL_DNS_NODE_TTL`
+* `CONSUL_DNS_ONLY_PASSING`
+* `CONSUL_DNS_SERVICE_TTL`
+* `CONSUL_DOMAIN`
+* `CONSUL_ENCRYPT`
+* `CONSUL_LEAVE_ON_TERMINATE`
+* `CONSUL_REJOIN_AFTER_LEAVE`
+* `CONSUL_RETRY_JOIN`
+* `CONSUL_RETRY_INTERVAL`
+* `CONSUL_RETRY_INTERVAL_WAN`
+* `CONSUL_SERVER`
+* `CONSUL_SERVER_NAME`
+* `CONSUL_SESSION_TTL_MIN`
+* `CONSUL_SKIP_LEAVE_ON_INTERRUPT`
+* `CONSUL_START_JOIN`
+* `CONSUL_START_JOIN_WAN`
+* `CONSUL_STATSD_ADDR`
+* `CONSUL_STATSITE_ADDR`
+* `CONSUL_STATSITE_PREFIX`
+* `CONSUL_TLS_CA_FILE`
+* `CONSUL_TLS_CERT_FILE`
+* `CONSUL_TLS_VERIFY_INCOMING`
+* `CONSUL_TLS_VERIFY_OUTGOING`
+* `CONSUL_TLS_VERIFY_SERVER_HOSTNAME`
+* `CONSUL_UI_DIR`
 
 ## License
 
 MIT
-
-<img src="https://ga-beacon.appspot.com/UA-58928488-2/docker-consul/readme?pixel" />