Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use docker-entrypoint when running consul #590

Merged
merged 4 commits into from
Aug 11, 2021
Merged

Use docker-entrypoint when running consul #590

merged 4 commits into from
Aug 11, 2021

Conversation

lkysow
Copy link
Member

@lkysow lkysow commented Aug 6, 2021
edited
Loading

Previously we were executing consul directly via /bin/consul and we were
using the Kubernetes command key which overrides the default Docker
ENTRYPOINT.

This had no issues, however I propose that it's best to execute via the
entrypoint so we keep things consistent with how the Docker image was
supposed to be run. This is also consistent with Vault's Helm chart. If
you step through the entrypoint script, nothing actually changes with
how we execute consul because we don't trigger any of the if
statements. So there is no real effect right now.

In order to support using the entrypoint script, we need to disable part of the
script that attempts to change the ownership of the /consul directory
because the ownership is already set via Kube. To disable this we set the
DISABLE_PERM_MGMT env var to true.

Entrypoint script is here: https://github.com/hashicorp/docker-consul/blob/master/0.X/docker-entrypoint.sh

How I've tested this PR:

  • acceptance tests

How I expect reviewers to test this PR:

  • code

Checklist:

  • CHANGELOG entry added (HashiCorp engineers only, community PRs should not add a changelog entry)

lkysow added 2 commits August 6, 2021 15:51
@lkysow
Use docker-entrypoint when running consul
7027280 
Previously we were executing consul directly via /bin/consul and we were
using the Kubernetes `command` key which overrides the default Docker
ENTRYPOINT.

This had no issues, however I propose that it's best to execute via the
entrypoint so we keep things consistent with how the Docker image was
supposed to be run. This is also consistent with Vault's Helm chart. If
you step through the entrypoint script, nothing actually changes with
how we execute consul because we don't trigger any of the `if`
statements. So there is no real effect right now.

In order to support using the entrypoint script, we need to disable part of the
script that attempts to change the ownership of the /consul directory
because the ownership is already set via Kube.

Entrypoint script is here: https://github.com/hashicorp/docker-consul/blob/master/0.X/docker-entrypoint.sh
@lkysow
Update custom env var test
0639a20 
Test now uses map/select instead of using fixed indices.
@lkysow lkysow changed the title Lkysow/consul docker entrypoint Use docker-entrypoint when running consul Aug 6, 2021
@lkysow lkysow mentioned this pull request Aug 6, 2021
Closed
1 task
@lkysow lkysow requested review from a team, ndhanushkodi and t-eckert and removed request for a team August 9, 2021 18:34
t-eckert
t-eckert approved these changes Aug 10, 2021
View reviewed changes
Copy link
Contributor

@t-eckert t-eckert left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, given my pretty limited knowledge of the domain. I only had a nitpick in the Changelog.

CHANGELOG.md Outdated
@@ -2,6 +2,7 @@

IMPROVEMENTS:
* Add flags `-log-level`, `-log-json` to all subcommands to control log level and json formatting. [[GH-523](https://github.com/hashicorp/consul-k8s/pull/523)]
* Execute consul clients and servers using the docker entrypoint to keep consistent. [[GH-590](https://github.com/hashicorp/consul-k8s/pull/590)]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: "Consul" instead of "consul" and "Docker" instead of "docker" to be consistent with previous Changelog items.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice catch!

ndhanushkodi
ndhanushkodi approved these changes Aug 10, 2021
View reviewed changes
Copy link
Contributor

@ndhanushkodi ndhanushkodi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!!

CHANGELOG.md Outdated
@@ -2,6 +2,7 @@

IMPROVEMENTS:
* Add flags `-log-level`, `-log-json` to all subcommands to control log level and json formatting. [[GH-523](https://github.com/hashicorp/consul-k8s/pull/523)]
* Execute consul clients and servers using the docker entrypoint to keep consistent. [[GH-590](https://github.com/hashicorp/consul-k8s/pull/590)]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Execute consul clients and servers using the docker entrypoint to keep consistent. [[GH-590](https://github.com/hashicorp/consul-k8s/pull/590)]
* Execute consul clients and servers using the docker entrypoint for consistency. [[GH-590](https://github.com/hashicorp/consul-k8s/pull/590)]

lkysow
lkysow commented Aug 11, 2021
View reviewed changes
CHANGELOG.md Outdated Show resolved Hide resolved
@lkysow lkysow merged commit 42c48e5 into master Aug 11, 2021
@lkysow lkysow deleted the lkysow/consul-docker-entrypoint branch August 11, 2021 02:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@t-eckert t-eckert t-eckert approved these changes

@ndhanushkodi ndhanushkodi ndhanushkodi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lkysow @ndhanushkodi @t-eckert