From f13383ff3759b6b4141fdbbc152ec3d40e9d8e45 Mon Sep 17 00:00:00 2001 From: Bitnami Bot Date: Fri, 19 Jan 2024 19:26:35 +0100 Subject: [PATCH] [bitnami/consul] Release 1.17.1-debian-11-r5 (#54947) Signed-off-by: Bitnami Containers --- bitnami/consul/1/debian-11/Dockerfile | 7 +- .../opt/bitnami/.bitnami_components.json | 2 +- bitnami/consul/README.md | 81 ++++++++++++------- 3 files changed, 57 insertions(+), 33 deletions(-) diff --git a/bitnami/consul/1/debian-11/Dockerfile b/bitnami/consul/1/debian-11/Dockerfile index b46ca42b213b..bad7f47fee57 100644 --- a/bitnami/consul/1/debian-11/Dockerfile +++ b/bitnami/consul/1/debian-11/Dockerfile @@ -7,10 +7,10 @@ ARG TARGETARCH LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-01-10T03:39:43Z" \ + org.opencontainers.image.created="2024-01-19T17:30:41Z" \ org.opencontainers.image.description="Application packaged by VMware, Inc" \ org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.17.1-debian-11-r4" \ + org.opencontainers.image.ref.name="1.17.1-debian-11-r5" \ org.opencontainers.image.title="consul" \ org.opencontainers.image.vendor="VMware, Inc." \ org.opencontainers.image.version="1.17.1" @@ -26,7 +26,7 @@ SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] RUN install_packages ca-certificates curl iproute2 procps zlib1g-dev RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ COMPONENTS=( \ - "render-template-1.0.6-4-linux-${OS_ARCH}-debian-11" \ + "render-template-1.0.6-5-linux-${OS_ARCH}-debian-11" \ "consul-1.17.1-3-linux-${OS_ARCH}-debian-11" \ ) ; \ for COMPONENT in "${COMPONENTS[@]}"; do \ @@ -42,6 +42,7 @@ RUN apt-get autoremove --purge -y curl && \ apt-get update && apt-get upgrade -y && \ apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives RUN chmod g+rwX /opt/bitnami +RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true COPY rootfs / RUN /opt/bitnami/scripts/consul/postunpack.sh diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json index 85fe229448f2..2161fad4088b 100644 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json @@ -9,6 +9,6 @@ "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "1.0.6-4" + "version": "1.0.6-5" } } \ No newline at end of file diff --git a/bitnami/consul/README.md b/bitnami/consul/README.md index 9046ff10c464..95d95b54735d 100644 --- a/bitnami/consul/README.md +++ b/bitnami/consul/README.md @@ -13,13 +13,6 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name consul bitnami/consul:latest ``` -### Docker Compose - -```console -curl -sSL https://raw.githubusercontent.com/bitnami/containers/main/bitnami/consul/docker-compose.yml > docker-compose.yml -docker-compose up -d -``` - You can find the available configuration options in the [Environment Variables](#environment-variables) section. ## Why use Bitnami Images? @@ -283,29 +276,53 @@ volumes: ### Environment variables -When you start the HashiCorp Consul image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. The following environment values are provided to custom HashiCorp Consul: +#### Customizable environment variables -* `CONSUL_AGENT_MODE`: Indicates if HashiCorp Consul is running in server or client mode. Valid values: server, client. Default: **server**. -* `CONSUL_SERF_LAN_ADDRESS`: Address used for Serf LAN communications. Default: **0.0.0.0**. -* `CONSUL_CLIENT_LAN_ADDRESS`: Address in which HashiCorp Consul will bind client interfaces. Default: **0.0.0.0**. -* `CONSUL_SERF_LAN_PORT_NUMBER`: Serf LAN port. Defualt: **8301**. -* `CONSUL_HTTP_PORT_NUMBER`: HTTP API port, used also for the UI. Default: **8500**. -* `CONSUL_DNS_PORT_NUMBER`: DNS service port. Default: **8600**. -* `CONSUL_RPC_PORT_NUMBER`: Server RPC port. Default: **8300**. -* `CONSUL_RAFT_MULTIPLIER`: An integer multiplier used by HashiCorp Consul servers to scale key Raft timing parameters. Default: **1**. -* `CONSUL_LOCAL_CONFIG`: Custom user configuration that will be added as a file in the config dir. -* `CONSUL_GOSSIP_ENCRYPTION`: Enable Gossip encryption. Default: **no**. -* `CONSUL_GOSSIP_ENCRYPTION_KEY`: Base64-encoded gossip private symmetric key. Can be generated by running `consul keygen`. -* `CONSUL_GOSSIP_ENCRYPTION_KEY_FILE`: File containing the gossip private symmetric key. If both `CONSUL_GOSSIP_ENCRYPTION_KEY` and `CONSUL_GOSSIP_ENCRYPTION_KEY_FILE` are provided, consul will use the `CONSUL_GOSSIP_ENCRYPTION_KEY_FILE`. -* `CONSUL_DISABLE_KEYRING_FILE`: If set, the keyring will not be persisted to a file. Valid vaules: true, false. Default: **false**. -* `CONSUL_ENABLE_UI`: Enable web user interface. Valid values: true, false. Default: **true**. -* `CONSUL_BOOTSTRAP_EXPECT`: Number of expected nodes in the cluster, including itself. Default: **1**. -* `CONSUL_DOMAIN`: HashiCorp Consul domain name. Default: **consul**. -* `CONSUL_DATACENTER"`: The datacenter in which the agent is running. Default: **dc1**. -* `CONSUL_RETRY_JOIN_ADDRESS`: "Address of another agent to join upon starting up. Default: **127.0.0.1** -* `CONSUL_RETRY_JOIN_WAN_ADDRESS`: "Address of another WAN agent to join upon starting up. Default: **127.0.0.1** -* `CONSUL_BIND_INTERFACE`: The interface that will be bound to for internal cluster communications. -* `CONSUL_DISABLE_HOST_NODE_ID`: Flag to prevent Consul from using information from the host to generate a deterministic node ID. Default: **true**. +| Name | Description | Default Value | +|---------------------------------|----------------------------------|---------------| +| `CONSUL_RPC_PORT_NUMBER` | Consul RPC port number. | `8300` | +| `CONSUL_HTTP_PORT_NUMBER` | Consul RPC port number. | `8500` | +| `CONSUL_DNS_PORT_NUMBER` | Consul DNS port number. | `8600` | +| `CONSUL_DNS_PORT_NUMBER` | Consul DNS port number. | `8600` | +| `CONSUL_AGENT_MODE` | Consul agent mode. | `server` | +| `CONSUL_DISABLE_KEYRING_FILE` | Disable keyring file in Consul. | `false` | +| `CONSUL_SERF_LAN_ADDRESS` | LAN address for Serf daemon. | `0.0.0.0` | +| `CONSUL_SERF_LAN_PORT_NUMBER` | LAN port for Serf daemon. | `8301` | +| `CONSUL_CLIENT_LAN_ADDRESS` | LAN address for Consul clients. | `0.0.0.0` | +| `CONSUL_RETRY_JOIN_ADDRESS` | Consul node retry join address. | `127.0.0.1` | +| `CONSUL_RETRY_JOIN_WAN_ADDRESS` | Consul retry join WAN address. | `127.0.0.1` | +| `CONSUL_ENABLE_UI` | Enable User Interface in Consul. | `true` | +| `CONSUL_BOOTSTRAP_EXPECT` | Expect bootstrap in Consul. | `1` | +| `CONSUL_RAFT_MULTIPLIER` | Consul Raft multiplier. | `1` | +| `CONSUL_GOSSIP_ENCRYPTION` | Use gossip encryption in Consul. | `no` | +| `CONSUL_DATACENTER` | Consul datacenter name. | `dc1` | +| `CONSUL_DOMAIN` | Consul domain. | `consul` | +| `CONSUL_DISABLE_HOST_NODE_ID` | Disable host node ID. | `true` | + +#### Read-only environment variables + +| Name | Description | Value | +|--------------------------------|---------------------------------------------|--------------------------------------------| +| `CONSUL_BASE_DIR` | Consul installation directory. | `${BITNAMI_ROOT_DIR}/consul` | +| `CONSUL_CONF_DIR` | Consul configuration directory. | `${CONSUL_BASE_DIR}/conf` | +| `CONSUL_BIN_DIR` | Consul binary directory. | `${CONSUL_BASE_DIR}/bin` | +| `CONSUL_CONF_FILE` | Consul configuration file. | `${CONSUL_CONF_DIR}/consul.json` | +| `CONSUL_ENCRYPT_FILE` | Consul encrytion configuration file. | `${CONSUL_CONF_DIR}/encrypt.json` | +| `CONSUL_LOCAL_FILE` | Consul local configuration file. | `${CONSUL_CONF_DIR}/local.json` | +| `CONSUL_LOG_DIR` | Directory where Consul logs are stored. | `${CONSUL_BASE_DIR}/logs` | +| `CONSUL_LOG_FILE` | Consul log file. | `${CONSUL_LOG_DIR}/consul.log` | +| `CONSUL_VOLUME_DIR` | Consul persistence directory. | `/bitnami/consul` | +| `CONSUL_DATA_DIR` | Consul directory where data is stored. | `${CONSUL_VOLUME_DIR}` | +| `CONSUL_SSL_DIR` | Consul SSL directory. | `${CONSUL_BASE_DIR}/certificates` | +| `CONSUL_TMP_DIR` | Consul temporary directory. | `${CONSUL_BASE_DIR}/tmp` | +| `CONSUL_PID_FILE` | Path to the PID file for Consul. | `${CONSUL_TMP_DIR}/consul.pid` | +| `CONSUL_TEMPLATES_DIR` | Consul templates directory. | `${CONSUL_BASE_DIR}/templates` | +| `CONSUL_CONFIG_TEMPLATE_FILE` | Consul configuration template file. | `${CONSUL_TEMPLATES_DIR}/consul.json.tpl` | +| `CONSUL_ENCRYPT_TEMPLATE_FILE` | Consul encrypt configuration template file. | `${CONSUL_TEMPLATES_DIR}/encrypt.json.tpl` | +| `CONSUL_LOCAL_TEMPLATE_FILE` | Consul local configuration template file. | `${CONSUL_TEMPLATES_DIR}/local.json.tpl` | +| `CONSUL_INITSCRIPTS_DIR` | Consul directory for init scripts. | `/docker-entrypoint-initdb.d` | +| `CONSUL_DAEMON_USER` | Consul system user. | `consul` | +| `CONSUL_DAEMON_GROUP` | Consul system group. | `consul` | #### Specifying Environment Variables using Docker Compose @@ -492,6 +509,12 @@ Also, some env var changes have been performed maintaining backward compatibilit * The Consul container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Consul daemon was started as the `consul` user. From now on, both the container and the Consul daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +## Using `docker-compose.yaml` + +Please be aware this file has not undergone internal testing. Consequently, we advise its use exclusively for development or testing purposes. For production-ready deployments, we highly recommend utilizing its associated [Bitnami Helm chart](https://github.com/bitnami/charts/tree/main/bitnami/consul). + +If you detect any issue in the `docker-compose.yaml` file, feel free to report it or contribute with a fix by following our [Contributing Guidelines](https://github.com/bitnami/containers/blob/main/CONTRIBUTING.md). + ## Contributing We'd love for you to contribute to this container. You can request new features by creating an [issue](https://github.com/bitnami/containers/issues) or submitting a [pull request](https://github.com/bitnami/containers/pulls) with your contribution.