Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update VerneMQ to 2.0.1 #96

Merged
merged 4 commits into from
Jan 14, 2025
Merged

Update VerneMQ to 2.0.1 #96

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2ebbe2b
Logs: use logfmt
Annopaolo Dec 12, 2024
9be7913
Move to VerneMQ 2.0.1
Annopaolo Dec 13, 2024
97fb465
Add support for tls on 8883, again
Annopaolo Dec 19, 2024
9bfb267
Use the same vm.args as VErneMQ 2.0.1.
Annopaolo Dec 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 35 additions & 31 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM hexpm/elixir:1.15.5-erlang-26.1-debian-bullseye-20230612-slim as builder
FROM hexpm/elixir:1.15.5-erlang-26.1-debian-bullseye-20230612-slim AS builder

# install build dependencies
# --allow-releaseinfo-change allows to pull from 'oldstable'
Expand All @@ -8,15 +8,15 @@ RUN apt-get update --allow-releaseinfo-change -y \

WORKDIR /build

# Needed for VerneMQ 1.13.0
# TODO check if it's still needed for VerneMQ 2.0.1
RUN apt-get -qq update && apt-get -qq install libsnappy-dev libssl-dev

# Let's start by building VerneMQ
RUN git clone https://github.com/vernemq/vernemq.git

RUN cd vernemq && \
# Check out latest master
git checkout 1cc57fa60f50b57784f2b56f79e09d5748aa90f7 && \
git checkout -b v2.0.1 && \
make rel && \
cd ..

Expand Down Expand Up @@ -50,11 +50,9 @@ RUN cp astarte_vmq_plugin/priv/astarte_vmq_plugin.schema vernemq/_build/default/

# Copy configuration files here - mainly because we want to keep the target image as small as possible
# and avoid useless layers.
COPY docker/files/vm.args /build/vernemq/_build/default/rel/vernemq/etc/
COPY docker/files/vernemq.conf /build/vernemq/_build/default/rel/vernemq/etc/
COPY docker/bin/rand_cluster_node.escript /build/vernemq/_build/default/rel/vernemq/bin/
COPY docker/bin/vernemq.sh /build/vernemq/_build/default/rel/vernemq/bin/
RUN chmod +x /build/vernemq/_build/default/rel/vernemq/bin/vernemq.sh
COPY docker/files/vm.args vernemq/_build/default/rel/vernemq/etc/
COPY docker/files/vernemq.conf vernemq/_build/default/rel/vernemq/etc/
COPY docker/bin/rand_cluster_node.escript vernemq/_build/default/rel/vernemq/bin/

# Note: it is important to keep Debian versions in sync, or incompatibilities between libcrypto will happen
FROM debian:bullseye-slim
Expand All @@ -65,38 +63,44 @@ ENV LANG C.UTF-8
# We have to redefine this here since it goes out of scope for each build stage
ARG BUILD_ENV=prod

# Install some VerneMQ scripts dependencies
RUN apt-get -qq update && apt-get -qq install bash procps openssl iproute2 curl jq libsnappy-dev net-tools nano

# We need SSL, curl, iproute2 and jq - and to ensure /etc/ssl/astarte
RUN apt-get -qq update && apt-get -qq install libssl1.1 curl jq iproute2 netcat libsnappy1v5 && apt-get clean && mkdir -p /etc/ssl/astarte
# TODO some of these might not be needed anymore
RUN apt-get -qq update && apt-get -qq install libssl1.1 curl jq iproute2 netcat && apt-get clean && mkdir -p /etc/ssl/astarte

# Copy our built stuff (both are self-contained with their ERTS release)
COPY --from=builder /build/vernemq/_build/default/rel/vernemq /opt/vernemq/
COPY --from=builder /build/astarte_vmq_plugin/_build/$BUILD_ENV/rel/astarte_vmq_plugin /opt/astarte_vmq_plugin/
ENV PATH="/opt/vernemq/bin:$PATH"

# Add the wait-for utility
RUN cd /usr/bin && curl -O https://raw.githubusercontent.com/eficode/wait-for/master/wait-for && chmod +x wait-for && cd -
COPY --from=builder /build/astarte_vmq_plugin/docker/bin/vernemq.sh /usr/sbin/start_vernemq
COPY --from=builder /build/astarte_vmq_plugin/docker/bin/join_cluster.sh /usr/sbin/join_cluster

# MQTT
EXPOSE 1883
RUN chmod +x /usr/sbin/start_vernemq
RUN chmod +x /usr/sbin/join_cluster

# MQTT for Reverse Proxy
EXPOSE 1885
# Copy our built stuff (both are self-contained with their ERTS release)
COPY --from=builder /build/vernemq/_build/default/rel/vernemq /opt/vernemq/

# MQTT/SSL
EXPOSE 8883
RUN ln -s /opt/vernemq/etc /etc/vernemq && \
ln -s /opt/vernemq/data /var/lib/vernemq && \
ln -s /opt/vernemq/log /var/log/vernemq

# VerneMQ Message Distribution
EXPOSE 44053
COPY --from=builder /build/astarte_vmq_plugin/_build/$BUILD_ENV/rel/astarte_vmq_plugin /opt/astarte_vmq_plugin/

# EPMD - Erlang Port Mapper Daemon
EXPOSE 4369
# Ports
# 1883 MQTT
# 8883 MQTT/SSL
# 8080 MQTT WebSockets
# 44053 VerneMQ Message Distribution
# 4369 EPMD - Erlang Port Mapper Daemon
# 8888 Health, API, Prometheus Metrics
# 9100 9101 9102 9103 9104 9105 9106 9107 9108 9109 Specific Distributed Erlang Port Range

# Specific Distributed Erlang Port Range
EXPOSE 9100 9101 9102 9103 9104 9105 9106 9107 9108 9109
EXPOSE 1883 8883 8080 44053 4369 8888 \
9100 9101 9102 9103 9104 9105 9106 9107 9108 9109

# Prometheus Metrics
EXPOSE 8888
VOLUME ["/opt/vernemq/log", "/opt/vernemq/data", "/opt/vernemq/etc"]

# Expose port for webroot ACME verification (in case)
EXPOSE 80
HEALTHCHECK CMD vernemq ping | grep -q pong

CMD ["/opt/vernemq/bin/vernemq.sh"]
CMD ["start_vernemq"]
11 changes: 11 additions & 0 deletions docker/bin/build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
#!/usr/bin/env bash
set -e

if [ "$1" = "swc" ]
then
make swc
mv _build/swc/rel/vernemq release
else
make rel
mv _build/default/rel/vernemq release
fi
69 changes: 69 additions & 0 deletions docker/bin/join_cluster.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
#!/usr/bin/env bash

SECRETS_KUBERNETES_DIR="/var/run/secrets/kubernetes.io/serviceaccount"
DOCKER_VERNEMQ_KUBERNETES_CLUSTER_NAME=${DOCKER_VERNEMQ_KUBERNETES_CLUSTER_NAME:-cluster.local}

if [ -d "${SECRETS_KUBERNETES_DIR}" ] ; then
# Let's get the namespace if it isn't set
DOCKER_VERNEMQ_KUBERNETES_NAMESPACE=${DOCKER_VERNEMQ_KUBERNETES_NAMESPACE:-$(cat "${SECRETS_KUBERNETES_DIR}/namespace")}
fi

insecure=""
if env | grep "DOCKER_VERNEMQ_KUBERNETES_INSECURE" -q; then
echo "Using curl with \"--insecure\" argument to access kubernetes API without matching SSL certificate"
insecure="--insecure"
fi

function k8sCurlGet () {
local urlPath=$1

local hostname="kubernetes.default.svc.${DOCKER_VERNEMQ_KUBERNETES_CLUSTER_NAME}"
local certsFile="${SECRETS_KUBERNETES_DIR}/ca.crt"
local token=$(cat ${SECRETS_KUBERNETES_DIR}/token)
local header="Authorization: Bearer ${token}"
local url="https://${hostname}/${urlPath}"

curl -sS ${insecure} --cacert ${certsFile} -H "${header}" ${url} \
|| ( echo "### Error on accessing URL ${url}" )
}

try_join() {
local exit_code=0
if env | grep "DOCKER_VERNEMQ_DISCOVERY_KUBERNETES" -q; then
# Let's set our nodename correctly
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#list-pod-v1-core
podList=$(k8sCurlGet "api/v1/namespaces/${DOCKER_VERNEMQ_KUBERNETES_NAMESPACE}/pods?labelSelector=${DOCKER_VERNEMQ_KUBERNETES_LABEL_SELECTOR}")
kube_pod_names=$(echo ${podList} | jq '.items[].spec.hostname' | sed 's/"//g' | tr '\n' ' ' | sed 's/ *$//')
VERNEMQ_KUBERNETES_SUBDOMAIN=${DOCKER_VERNEMQ_KUBERNETES_SUBDOMAIN:-$(echo ${podList} | jq '.items[0].spec.subdomain' | tr '\n' '"' | sed 's/"//g')}

for kube_pod_name in $kube_pod_names; do
if [[ $kube_pod_name == "null" ]]; then
echo "Kubernetes discovery selected, but no pods found. Maybe we're the first?"
echo "Anyway, we won't attempt to join any cluster."
exit 0
fi

if [[ $kube_pod_name != "$MY_POD_NAME" ]]; then
discoveryHostname="${kube_pod_name}.${VERNEMQ_KUBERNETES_SUBDOMAIN}.${DOCKER_VERNEMQ_KUBERNETES_NAMESPACE}.svc.${DOCKER_VERNEMQ_KUBERNETES_CLUSTER_NAME}"
echo "Will join an existing Kubernetes cluster with discovery node at ${discoveryHostname}"
vmq-admin cluster show | grep "VerneMQ@${discoveryHostname}" > /dev/null || exit_code=$?
if [ $exit_code -eq 0 ]; then
echo "We have already joined the cluster - no extra work required."
exit 0
else
echo "We have yet to join the cluster - attempting manual join..."
vmq-admin cluster join discovery-node="VerneMQ@${discoveryHostname}"
sleep 2
fi
break
fi
done
else
exit 0
fi
}

while true
do
try_join
done;
2 changes: 1 addition & 1 deletion docker/bin/rand_cluster_node.escript
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,4 +15,4 @@ main([ThisNode]) ->
io:format(L);
false ->
io:format("")
end.
end.
Loading
Loading