The installer is run in provision-mode in the init script
The installer is run as update-mode by supervisor by postinstall
Previously, we used to run the *same* installer code, which was
part of the base image, in both modes. However, after a reboot,
the old installer code is 'gone' and thus we start running the
newer installer code. This distinction is very subtle and this change
makes it more obvious.
If we want the same installer code to run in both modes, then we
really need to split out installer into a separate repository. This
can be done if required later.
This also makes it clear that announce is a feature of the provision
mode.
The only reason not to use the metadata completely for provisioning
is because many VPS providers do not provide it.
If we rely on a metadata API, we can pretty much remove the installer
server
The previous provisioning scheme had issues with updates. Because,
configuration was already part of the base bootstrap, providing an
update meant creating a new image.
The key insight in this new provisioning scheme is to treat config
files used by our code as something that can always be regenerated
on demand. Every update kills the config and recreates it all over.
Current flow is thus:
1. bootstrap init code starts up install/server.js. This server merely
listens for provision and restore calls.
2. The installer calls install.sh. This script simply checks out the
requested revision. Note that the installer is from what is in the
base image. Changing the installer requires a new base image. If a
restore url is provided, this downloads the restore data.
3. The install.sh calls postinstall.sh of the requested revision.
It setups the code calling npm install, migrates any data and creates
configs - collectd, graphite, nginx etc. This also creates cloudron.conf.
Because postinstall.sh is from requested revision, all the data, configs
are all based on the requested revision.
Note that installation of new packages should be done at base image creation
time.
The changes also provide separation of announce and hearbeat calls:
- announce is for cloudron coming up and installer running
- heartbeat is for box server running
TODO:
appstore url is only part of image becase installer needs to announce.
This can be fixed by moving to user metadata
Fixes#110
The docker data as well as user (yellowtent) home is now btrfs.
This will greatly help us in backups. We simply take a btrfs
snapshot and back that up. This way we don't need to stop all
containers and simulates the same thing as a power outage.
Part of #108
This change firewalls everything except the internal bridge. An upcoming
change should disable icc as well but that requires us to link all the
apps with the mail container.
Part of #59
Girish Ramakrishnan