Added the cert_updater module

c1960457 · Stephane Bonnet · 0b92e552 · c1960457
Unverified Commit c1960457 authored 5 years ago by Stephane Bonnet
--- a/acme-copy-certs/app/docker_monitor.py
+++ b/acme-copy-certs/app/docker_monitor.py
+"""Docker event monitoring
+
+Provides a monitor for docker events that add/remove services when
+they occur according to the configuration provided in the labels of these
+services.
+
+Classes
+-------
+    DockerMonitor
+        A monitor for docker events.
+"""
+
+import docker
+import threading
+
+from service_manager import Service
+from docker_actions import RestartDockerAction
+from docker_actions import KillDockerAction
+
+class DockerMonitor(threading.Thread):
+    def __init__(self, services_mgr):
+        self.docker_client = docker.from_env()
+        self.events = None
+        self.services_mgr = services_mgr
+        super().__init__()
+
+    def run(self):
+
+        print('Starting monitor')
+        # Identify all running containers and get dependent services 
+        # at startup
+        containers = self.docker_client.containers.list()
+
+        for c in containers:
+            if c.status == 'running':
+                self._add_service(c)
+        
+        # Then, wait for docker events and identify new dependent services
+        # or services that exit the system. Do an update each time a new 
+        # service is added / restarted etc. or a service is changed.
+        self.events = self.docker_client.events(decode = True)
+        for event in self.events:
+            if 'status' not in event:
+                continue
+            print(event['status'])
+            if event['status'] == 'stop':
+                pass
+            elif event['status'] == 'start':
+                print('start event !')
+        
+        print('Stopping monitor')
+            
+
+    def stop(self):
+        if self.events is not None:
+            self.events.close()
+            self.join()
+    
+    def _get_host_from_traefik_rule(self, container):
+        if 'traefik.frontend.rule' in container.labels:
+            try:
+                return container.labels['traefik.frontend.rule'].split('Host:')[1].split(',')[0].strip()
+            except IndexError:
+                return ''
+
+    def _get_action_from_label(self, container):
+        if 'acme_copy_certs.action' in container.labels:
+            try:
+                action = container.label('acme_copy_certs.action')
+                if action[0].strip() == 'kill':
+                    if len(action) == 1:
+                        return KillDockerAction(self.docker_client, container.id, 'SIGHUP')
+                    else:
+                        return KillDockerAction(self.docker_client, container.id, action[1].strip())
+                elif action[0].strip() == 'restart':
+                    return RestartDockerAction(self.docker_client, container.id)
+                else:
+                    return None
+            except IndexError:
+                return None
+        else:
+            return None
+
+    def _add_service(self, container):
+        if 'acme_copy_certs.enable' in container.labels:
+            if container.labels['acme_copy_certs'] == 'enable':
+                host = self._get_host_from_traefik_rule(container)
+            elif container.labels['acme_copy_certs'] == 'disable':
+                pass
+            else:
+                print('Invalid acme_copy_certs value for {0}'
+                      .format(container.name))
+            
+            if host:
+                if 'acme_copy_certs.action' in container.labels:
+                    action = self._get_action_from_label(container)
+                    s = Service(container.id, host, action)
+                else:
+                    s = Service(container.id, host, None)
+
+                self.services_mgr.add(s)
\ No newline at end of file