├── 0.X ├── Dockerfile ├── README.md └── docker-entrypoint.sh ├── LICENSE ├── README.md └── ubi ├── Dockerfile ├── LICENSE └── docker-entrypoint.sh /0.X/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright (c) HashiCorp, Inc. 2 | # SPDX-License-Identifier: MPL-2.0 3 | 4 | # This Dockerfile creates a production release image for the project. This 5 | # downloads the release from releases.hashicorp.com and therefore requires that 6 | # the release is published before building the Docker image. 7 | # 8 | # We don't rebuild the software because we want the exact checksums and 9 | # binary signatures to match the software and our builds aren't fully 10 | # reproducible currently. 11 | FROM alpine:3.15 12 | 13 | # This is the release of Consul to pull in. 14 | ARG CONSUL_VERSION=1.15.4 15 | 16 | LABEL org.opencontainers.image.authors="Consul Team " \ 17 | org.opencontainers.image.url="https://www.consul.io/" \ 18 | org.opencontainers.image.documentation="https://www.consul.io/docs" \ 19 | org.opencontainers.image.source="https://github.com/hashicorp/consul" \ 20 | org.opencontainers.image.version=$CONSUL_VERSION \ 21 | org.opencontainers.image.vendor="HashiCorp" \ 22 | org.opencontainers.image.title="consul" \ 23 | org.opencontainers.image.description="Consul is a datacenter runtime that provides service discovery, configuration, and orchestration." 24 | 25 | # This is the location of the releases. 26 | ENV HASHICORP_RELEASES=https://releases.hashicorp.com 27 | 28 | # Create a consul user and group first so the IDs get set the same way, even as 29 | # the rest of this may change over time. 30 | RUN addgroup consul && \ 31 | adduser -S -G consul consul 32 | 33 | # Set up certificates, base tools, and Consul. 34 | # libc6-compat is needed to symlink the shared libraries for ARM builds 35 | RUN set -eux && \ 36 | apk add --no-cache ca-certificates curl dumb-init gnupg libcap openssl su-exec iputils jq libc6-compat iptables tzdata && \ 37 | gpg --keyserver keyserver.ubuntu.com --recv-keys C874011F0AB405110D02105534365D9472D7468F && \ 38 | mkdir -p /tmp/build && \ 39 | cd /tmp/build && \ 40 | apkArch="$(apk --print-arch)" && \ 41 | case "${apkArch}" in \ 42 | aarch64) consulArch='arm64' ;; \ 43 | armhf) consulArch='arm' ;; \ 44 | x86) consulArch='386' ;; \ 45 | x86_64) consulArch='amd64' ;; \ 46 | *) echo >&2 "error: unsupported architecture: ${apkArch} (see ${HASHICORP_RELEASES}/consul/${CONSUL_VERSION}/)" && exit 1 ;; \ 47 | esac && \ 48 | wget ${HASHICORP_RELEASES}/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_${consulArch}.zip && \ 49 | wget ${HASHICORP_RELEASES}/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_SHA256SUMS && \ 50 | wget ${HASHICORP_RELEASES}/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_SHA256SUMS.sig && \ 51 | gpg --batch --verify consul_${CONSUL_VERSION}_SHA256SUMS.sig consul_${CONSUL_VERSION}_SHA256SUMS && \ 52 | grep consul_${CONSUL_VERSION}_linux_${consulArch}.zip consul_${CONSUL_VERSION}_SHA256SUMS | sha256sum -c && \ 53 | unzip -d /tmp/build consul_${CONSUL_VERSION}_linux_${consulArch}.zip && \ 54 | cp /tmp/build/consul /bin/consul && \ 55 | if [ -f /tmp/build/EULA.txt ]; then mkdir -p /usr/share/doc/consul; mv /tmp/build/EULA.txt /usr/share/doc/consul/EULA.txt; fi && \ 56 | if [ -f /tmp/build/TermsOfEvaluation.txt ]; then mkdir -p /usr/share/doc/consul; mv /tmp/build/TermsOfEvaluation.txt /usr/share/doc/consul/TermsOfEvaluation.txt; fi && \ 57 | cd /tmp && \ 58 | rm -rf /tmp/build && \ 59 | gpgconf --kill all && \ 60 | apk del gnupg openssl && \ 61 | rm -rf /root/.gnupg && \ 62 | # tiny smoke test to ensure the binary we downloaded runs 63 | consul version 64 | 65 | # The /consul/data dir is used by Consul to store state. The agent will be started 66 | # with /consul/config as the configuration directory so you can add additional 67 | # config files in that location. 68 | RUN mkdir -p /consul/data && \ 69 | mkdir -p /consul/config && \ 70 | chown -R consul:consul /consul 71 | 72 | # set up nsswitch.conf for Go's "netgo" implementation which is used by Consul, 73 | # otherwise DNS supercedes the container's hosts file, which we don't want. 74 | RUN test -e /etc/nsswitch.conf || echo 'hosts: files dns' > /etc/nsswitch.conf 75 | 76 | # Expose the consul data directory as a volume since there's mutable state in there. 77 | VOLUME /consul/data 78 | 79 | # Server RPC is used for communication between Consul clients and servers for internal 80 | # request forwarding. 81 | EXPOSE 8300 82 | 83 | # Serf LAN and WAN (WAN is used only by Consul servers) are used for gossip between 84 | # Consul agents. LAN is within the datacenter and WAN is between just the Consul 85 | # servers in all datacenters. 86 | EXPOSE 8301 8301/udp 8302 8302/udp 87 | 88 | # HTTP and DNS (both TCP and UDP) are the primary interfaces that applications 89 | # use to interact with Consul. 90 | EXPOSE 8500 8600 8600/udp 91 | 92 | # Consul doesn't need root privileges so we run it as the consul user from the 93 | # entry point script. The entry point script also uses dumb-init as the top-level 94 | # process to reap any zombie processes created by Consul sub-processes. 95 | COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh 96 | ENTRYPOINT ["docker-entrypoint.sh"] 97 | 98 | # By default you'll get an insecure single-node development server that stores 99 | # everything in RAM, exposes a web UI and HTTP endpoints, and bootstraps itself. 100 | # Don't use this configuration for production. 101 | CMD ["agent", "-dev", "-client", "0.0.0.0"] 102 | -------------------------------------------------------------------------------- /0.X/README.md: -------------------------------------------------------------------------------- 1 | # Consul Official Image Build 2 | 3 | The version of this hosted on [HashiCorp's Docker Hub for Consul](https://hub.docker.com/r/hashicorp/consul/) 4 | is built from the same source as the [Consul Official Image](https://hub.docker.com/_/consul/). 5 | 6 | There are several pieces that are used to build this image: 7 | 8 | * We start with an Alpine base image and add CA certificates in order to reach 9 | the HashiCorp releases server. These are useful to leave in the image so that 10 | the container can access Atlas features as well. 11 | * Finally a specific Consul build is fetched and the rest of the Consul-specific 12 | configuration happens according to the Dockerfile. 13 | -------------------------------------------------------------------------------- /0.X/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/dumb-init /bin/sh 2 | # Copyright (c) HashiCorp, Inc. 3 | # SPDX-License-Identifier: MPL-2.0 4 | 5 | set -e 6 | 7 | # Note above that we run dumb-init as PID 1 in order to reap zombie processes 8 | # as well as forward signals to all processes in its session. Normally, sh 9 | # wouldn't do either of these functions so we'd leak zombies as well as do 10 | # unclean termination of all our sub-processes. 11 | # As of docker 1.13, using docker run --init achieves the same outcome. 12 | 13 | # You can set CONSUL_BIND_INTERFACE to the name of the interface you'd like to 14 | # bind to and this will look up the IP and pass the proper -bind= option along 15 | # to Consul. 16 | if [ -z "$CONSUL_BIND" ]; then 17 | if [ -n "$CONSUL_BIND_INTERFACE" ]; then 18 | CONSUL_BIND_ADDRESS=$(ip -o -4 addr list $CONSUL_BIND_INTERFACE | head -n1 | awk '{print $4}' | cut -d/ -f1) 19 | if [ -z "$CONSUL_BIND_ADDRESS" ]; then 20 | echo "Could not find IP for interface '$CONSUL_BIND_INTERFACE', exiting" 21 | exit 1 22 | fi 23 | 24 | CONSUL_BIND="-bind=$CONSUL_BIND_ADDRESS" 25 | echo "==> Found address '$CONSUL_BIND_ADDRESS' for interface '$CONSUL_BIND_INTERFACE', setting bind option..." 26 | fi 27 | fi 28 | 29 | # You can set CONSUL_CLIENT_INTERFACE to the name of the interface you'd like to 30 | # bind client intefaces (HTTP, DNS, and RPC) to and this will look up the IP and 31 | # pass the proper -client= option along to Consul. 32 | if [ -z "$CONSUL_CLIENT" ]; then 33 | if [ -n "$CONSUL_CLIENT_INTERFACE" ]; then 34 | CONSUL_CLIENT_ADDRESS=$(ip -o -4 addr list $CONSUL_CLIENT_INTERFACE | head -n1 | awk '{print $4}' | cut -d/ -f1) 35 | if [ -z "$CONSUL_CLIENT_ADDRESS" ]; then 36 | echo "Could not find IP for interface '$CONSUL_CLIENT_INTERFACE', exiting" 37 | exit 1 38 | fi 39 | 40 | CONSUL_CLIENT="-client=$CONSUL_CLIENT_ADDRESS" 41 | echo "==> Found address '$CONSUL_CLIENT_ADDRESS' for interface '$CONSUL_CLIENT_INTERFACE', setting client option..." 42 | fi 43 | fi 44 | 45 | # CONSUL_DATA_DIR is exposed as a volume for possible persistent storage. The 46 | # CONSUL_CONFIG_DIR isn't exposed as a volume but you can compose additional 47 | # config files in there if you use this image as a base, or use CONSUL_LOCAL_CONFIG 48 | # below. 49 | if [ -z "$CONSUL_DATA_DIR" ]; then 50 | CONSUL_DATA_DIR=/consul/data 51 | fi 52 | 53 | if [ -z "$CONSUL_CONFIG_DIR" ]; then 54 | CONSUL_CONFIG_DIR=/consul/config 55 | fi 56 | 57 | # You can also set the CONSUL_LOCAL_CONFIG environemnt variable to pass some 58 | # Consul configuration JSON without having to bind any volumes. 59 | if [ -n "$CONSUL_LOCAL_CONFIG" ]; then 60 | echo "$CONSUL_LOCAL_CONFIG" > "$CONSUL_CONFIG_DIR/local.json" 61 | fi 62 | 63 | # If the user is trying to run Consul directly with some arguments, then 64 | # pass them to Consul. 65 | if [ "${1:0:1}" = '-' ]; then 66 | set -- consul "$@" 67 | fi 68 | 69 | # Look for Consul subcommands. 70 | if [ "$1" = 'agent' ]; then 71 | shift 72 | set -- consul agent \ 73 | -data-dir="$CONSUL_DATA_DIR" \ 74 | -config-dir="$CONSUL_CONFIG_DIR" \ 75 | $CONSUL_BIND \ 76 | $CONSUL_CLIENT \ 77 | "$@" 78 | elif [ "$1" = 'version' ]; then 79 | # This needs a special case because there's no help output. 80 | set -- consul "$@" 81 | elif consul --help "$1" 2>&1 | grep -q "consul $1"; then 82 | # We can't use the return code to check for the existence of a subcommand, so 83 | # we have to use grep to look for a pattern in the help output. 84 | set -- consul "$@" 85 | fi 86 | 87 | # If we are running Consul, make sure it executes as the proper user. 88 | if [ "$1" = 'consul' -a -z "${CONSUL_DISABLE_PERM_MGMT+x}" ]; then 89 | # Allow to setup user and group via envrironment 90 | if [ -z "$CONSUL_UID" ]; then 91 | CONSUL_UID="$(id -u consul)" 92 | fi 93 | 94 | if [ -z "$CONSUL_GID" ]; then 95 | CONSUL_GID="$(id -g consul)" 96 | fi 97 | 98 | # If the data or config dirs are bind mounted then chown them. 99 | # Note: This checks for root ownership as that's the most common case. 100 | if [ "$(stat -c %u "$CONSUL_DATA_DIR")" != "${CONSUL_UID}" ]; then 101 | chown ${CONSUL_UID}:${CONSUL_GID} "$CONSUL_DATA_DIR" 102 | fi 103 | if [ "$(stat -c %u "$CONSUL_CONFIG_DIR")" != "${CONSUL_UID}" ]; then 104 | chown ${CONSUL_UID}:${CONSUL_GID} "$CONSUL_CONFIG_DIR" 105 | fi 106 | 107 | # If requested, set the capability to bind to privileged ports before 108 | # we drop to the non-root user. Note that this doesn't work with all 109 | # storage drivers (it won't work with AUFS). 110 | if [ ! -z ${CONSUL_ALLOW_PRIVILEGED_PORTS+x} ]; then 111 | setcap "cap_net_bind_service=+ep" /bin/consul 112 | fi 113 | 114 | set -- su-exec ${CONSUL_UID}:${CONSUL_GID} "$@" 115 | fi 116 | 117 | exec "$@" 118 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2016 HashiCorp, Inc. 2 | 3 | Mozilla Public License, version 2.0 4 | 5 | 1. Definitions 6 | 7 | 1.1. “Contributor” 8 | 9 | means each individual or legal entity that creates, contributes to the 10 | creation of, or owns Covered Software. 11 | 12 | 1.2. “Contributor Version” 13 | 14 | means the combination of the Contributions of others (if any) used by a 15 | Contributor and that particular Contributor’s Contribution. 16 | 17 | 1.3. “Contribution” 18 | 19 | means Covered Software of a particular Contributor. 20 | 21 | 1.4. “Covered Software” 22 | 23 | means Source Code Form to which the initial Contributor has attached the 24 | notice in Exhibit A, the Executable Form of such Source Code Form, and 25 | Modifications of such Source Code Form, in each case including portions 26 | thereof. 27 | 28 | 1.5. “Incompatible With Secondary Licenses” 29 | means 30 | 31 | a. that the initial Contributor has attached the notice described in 32 | Exhibit B to the Covered Software; or 33 | 34 | b. that the Covered Software was made available under the terms of version 35 | 1.1 or earlier of the License, but not also under the terms of a 36 | Secondary License. 37 | 38 | 1.6. “Executable Form” 39 | 40 | means any form of the work other than Source Code Form. 41 | 42 | 1.7. “Larger Work” 43 | 44 | means a work that combines Covered Software with other material, in a separate 45 | file or files, that is not Covered Software. 46 | 47 | 1.8. “License” 48 | 49 | means this document. 50 | 51 | 1.9. “Licensable” 52 | 53 | means having the right to grant, to the maximum extent possible, whether at the 54 | time of the initial grant or subsequently, any and all of the rights conveyed by 55 | this License. 56 | 57 | 1.10. “Modifications” 58 | 59 | means any of the following: 60 | 61 | a. any file in Source Code Form that results from an addition to, deletion 62 | from, or modification of the contents of Covered Software; or 63 | 64 | b. any new file in Source Code Form that contains any Covered Software. 65 | 66 | 1.11. “Patent Claims” of a Contributor 67 | 68 | means any patent claim(s), including without limitation, method, process, 69 | and apparatus claims, in any patent Licensable by such Contributor that 70 | would be infringed, but for the grant of the License, by the making, 71 | using, selling, offering for sale, having made, import, or transfer of 72 | either its Contributions or its Contributor Version. 73 | 74 | 1.12. “Secondary License” 75 | 76 | means either the GNU General Public License, Version 2.0, the GNU Lesser 77 | General Public License, Version 2.1, the GNU Affero General Public 78 | License, Version 3.0, or any later versions of those licenses. 79 | 80 | 1.13. “Source Code Form” 81 | 82 | means the form of the work preferred for making modifications. 83 | 84 | 1.14. “You” (or “Your”) 85 | 86 | means an individual or a legal entity exercising rights under this 87 | License. For legal entities, “You” includes any entity that controls, is 88 | controlled by, or is under common control with You. For purposes of this 89 | definition, “control” means (a) the power, direct or indirect, to cause 90 | the direction or management of such entity, whether by contract or 91 | otherwise, or (b) ownership of more than fifty percent (50%) of the 92 | outstanding shares or beneficial ownership of such entity. 93 | 94 | 95 | 2. License Grants and Conditions 96 | 97 | 2.1. Grants 98 | 99 | Each Contributor hereby grants You a world-wide, royalty-free, 100 | non-exclusive license: 101 | 102 | a. under intellectual property rights (other than patent or trademark) 103 | Licensable by such Contributor to use, reproduce, make available, 104 | modify, display, perform, distribute, and otherwise exploit its 105 | Contributions, either on an unmodified basis, with Modifications, or as 106 | part of a Larger Work; and 107 | 108 | b. under Patent Claims of such Contributor to make, use, sell, offer for 109 | sale, have made, import, and otherwise transfer either its Contributions 110 | or its Contributor Version. 111 | 112 | 2.2. Effective Date 113 | 114 | The licenses granted in Section 2.1 with respect to any Contribution become 115 | effective for each Contribution on the date the Contributor first distributes 116 | such Contribution. 117 | 118 | 2.3. Limitations on Grant Scope 119 | 120 | The licenses granted in this Section 2 are the only rights granted under this 121 | License. No additional rights or licenses will be implied from the distribution 122 | or licensing of Covered Software under this License. Notwithstanding Section 123 | 2.1(b) above, no patent license is granted by a Contributor: 124 | 125 | a. for any code that a Contributor has removed from Covered Software; or 126 | 127 | b. for infringements caused by: (i) Your and any other third party’s 128 | modifications of Covered Software, or (ii) the combination of its 129 | Contributions with other software (except as part of its Contributor 130 | Version); or 131 | 132 | c. under Patent Claims infringed by Covered Software in the absence of its 133 | Contributions. 134 | 135 | This License does not grant any rights in the trademarks, service marks, or 136 | logos of any Contributor (except as may be necessary to comply with the 137 | notice requirements in Section 3.4). 138 | 139 | 2.4. Subsequent Licenses 140 | 141 | No Contributor makes additional grants as a result of Your choice to 142 | distribute the Covered Software under a subsequent version of this License 143 | (see Section 10.2) or under the terms of a Secondary License (if permitted 144 | under the terms of Section 3.3). 145 | 146 | 2.5. Representation 147 | 148 | Each Contributor represents that the Contributor believes its Contributions 149 | are its original creation(s) or it has sufficient rights to grant the 150 | rights to its Contributions conveyed by this License. 151 | 152 | 2.6. Fair Use 153 | 154 | This License is not intended to limit any rights You have under applicable 155 | copyright doctrines of fair use, fair dealing, or other equivalents. 156 | 157 | 2.7. Conditions 158 | 159 | Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in 160 | Section 2.1. 161 | 162 | 163 | 3. Responsibilities 164 | 165 | 3.1. Distribution of Source Form 166 | 167 | All distribution of Covered Software in Source Code Form, including any 168 | Modifications that You create or to which You contribute, must be under the 169 | terms of this License. You must inform recipients that the Source Code Form 170 | of the Covered Software is governed by the terms of this License, and how 171 | they can obtain a copy of this License. You may not attempt to alter or 172 | restrict the recipients’ rights in the Source Code Form. 173 | 174 | 3.2. Distribution of Executable Form 175 | 176 | If You distribute Covered Software in Executable Form then: 177 | 178 | a. such Covered Software must also be made available in Source Code Form, 179 | as described in Section 3.1, and You must inform recipients of the 180 | Executable Form how they can obtain a copy of such Source Code Form by 181 | reasonable means in a timely manner, at a charge no more than the cost 182 | of distribution to the recipient; and 183 | 184 | b. You may distribute such Executable Form under the terms of this License, 185 | or sublicense it under different terms, provided that the license for 186 | the Executable Form does not attempt to limit or alter the recipients’ 187 | rights in the Source Code Form under this License. 188 | 189 | 3.3. Distribution of a Larger Work 190 | 191 | You may create and distribute a Larger Work under terms of Your choice, 192 | provided that You also comply with the requirements of this License for the 193 | Covered Software. If the Larger Work is a combination of Covered Software 194 | with a work governed by one or more Secondary Licenses, and the Covered 195 | Software is not Incompatible With Secondary Licenses, this License permits 196 | You to additionally distribute such Covered Software under the terms of 197 | such Secondary License(s), so that the recipient of the Larger Work may, at 198 | their option, further distribute the Covered Software under the terms of 199 | either this License or such Secondary License(s). 200 | 201 | 3.4. Notices 202 | 203 | You may not remove or alter the substance of any license notices (including 204 | copyright notices, patent notices, disclaimers of warranty, or limitations 205 | of liability) contained within the Source Code Form of the Covered 206 | Software, except that You may alter any license notices to the extent 207 | required to remedy known factual inaccuracies. 208 | 209 | 3.5. Application of Additional Terms 210 | 211 | You may choose to offer, and to charge a fee for, warranty, support, 212 | indemnity or liability obligations to one or more recipients of Covered 213 | Software. However, You may do so only on Your own behalf, and not on behalf 214 | of any Contributor. You must make it absolutely clear that any such 215 | warranty, support, indemnity, or liability obligation is offered by You 216 | alone, and You hereby agree to indemnify every Contributor for any 217 | liability incurred by such Contributor as a result of warranty, support, 218 | indemnity or liability terms You offer. You may include additional 219 | disclaimers of warranty and limitations of liability specific to any 220 | jurisdiction. 221 | 222 | 4. Inability to Comply Due to Statute or Regulation 223 | 224 | If it is impossible for You to comply with any of the terms of this License 225 | with respect to some or all of the Covered Software due to statute, judicial 226 | order, or regulation then You must: (a) comply with the terms of this License 227 | to the maximum extent possible; and (b) describe the limitations and the code 228 | they affect. Such description must be placed in a text file included with all 229 | distributions of the Covered Software under this License. Except to the 230 | extent prohibited by statute or regulation, such description must be 231 | sufficiently detailed for a recipient of ordinary skill to be able to 232 | understand it. 233 | 234 | 5. Termination 235 | 236 | 5.1. The rights granted under this License will terminate automatically if You 237 | fail to comply with any of its terms. However, if You become compliant, 238 | then the rights granted under this License from a particular Contributor 239 | are reinstated (a) provisionally, unless and until such Contributor 240 | explicitly and finally terminates Your grants, and (b) on an ongoing basis, 241 | if such Contributor fails to notify You of the non-compliance by some 242 | reasonable means prior to 60 days after You have come back into compliance. 243 | Moreover, Your grants from a particular Contributor are reinstated on an 244 | ongoing basis if such Contributor notifies You of the non-compliance by 245 | some reasonable means, this is the first time You have received notice of 246 | non-compliance with this License from such Contributor, and You become 247 | compliant prior to 30 days after Your receipt of the notice. 248 | 249 | 5.2. If You initiate litigation against any entity by asserting a patent 250 | infringement claim (excluding declaratory judgment actions, counter-claims, 251 | and cross-claims) alleging that a Contributor Version directly or 252 | indirectly infringes any patent, then the rights granted to You by any and 253 | all Contributors for the Covered Software under Section 2.1 of this License 254 | shall terminate. 255 | 256 | 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user 257 | license agreements (excluding distributors and resellers) which have been 258 | validly granted by You or Your distributors under this License prior to 259 | termination shall survive termination. 260 | 261 | 6. Disclaimer of Warranty 262 | 263 | Covered Software is provided under this License on an “as is” basis, without 264 | warranty of any kind, either expressed, implied, or statutory, including, 265 | without limitation, warranties that the Covered Software is free of defects, 266 | merchantable, fit for a particular purpose or non-infringing. The entire 267 | risk as to the quality and performance of the Covered Software is with You. 268 | Should any Covered Software prove defective in any respect, You (not any 269 | Contributor) assume the cost of any necessary servicing, repair, or 270 | correction. This disclaimer of warranty constitutes an essential part of this 271 | License. No use of any Covered Software is authorized under this License 272 | except under this disclaimer. 273 | 274 | 7. Limitation of Liability 275 | 276 | Under no circumstances and under no legal theory, whether tort (including 277 | negligence), contract, or otherwise, shall any Contributor, or anyone who 278 | distributes Covered Software as permitted above, be liable to You for any 279 | direct, indirect, special, incidental, or consequential damages of any 280 | character including, without limitation, damages for lost profits, loss of 281 | goodwill, work stoppage, computer failure or malfunction, or any and all 282 | other commercial damages or losses, even if such party shall have been 283 | informed of the possibility of such damages. This limitation of liability 284 | shall not apply to liability for death or personal injury resulting from such 285 | party’s negligence to the extent applicable law prohibits such limitation. 286 | Some jurisdictions do not allow the exclusion or limitation of incidental or 287 | consequential damages, so this exclusion and limitation may not apply to You. 288 | 289 | 8. Litigation 290 | 291 | Any litigation relating to this License may be brought only in the courts of 292 | a jurisdiction where the defendant maintains its principal place of business 293 | and such litigation shall be governed by laws of that jurisdiction, without 294 | reference to its conflict-of-law provisions. Nothing in this Section shall 295 | prevent a party’s ability to bring cross-claims or counter-claims. 296 | 297 | 9. Miscellaneous 298 | 299 | This License represents the complete agreement concerning the subject matter 300 | hereof. If any provision of this License is held to be unenforceable, such 301 | provision shall be reformed only to the extent necessary to make it 302 | enforceable. Any law or regulation which provides that the language of a 303 | contract shall be construed against the drafter shall not be used to construe 304 | this License against a Contributor. 305 | 306 | 307 | 10. Versions of the License 308 | 309 | 10.1. New Versions 310 | 311 | Mozilla Foundation is the license steward. Except as provided in Section 312 | 10.3, no one other than the license steward has the right to modify or 313 | publish new versions of this License. Each version will be given a 314 | distinguishing version number. 315 | 316 | 10.2. Effect of New Versions 317 | 318 | You may distribute the Covered Software under the terms of the version of 319 | the License under which You originally received the Covered Software, or 320 | under the terms of any subsequent version published by the license 321 | steward. 322 | 323 | 10.3. Modified Versions 324 | 325 | If you create software not governed by this License, and you want to 326 | create a new license for such software, you may create and use a modified 327 | version of this License if you rename the license and remove any 328 | references to the name of the license steward (except to note that such 329 | modified license differs from this License). 330 | 331 | 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses 332 | If You choose to distribute Source Code Form that is Incompatible With 333 | Secondary Licenses under the terms of this version of the License, the 334 | notice described in Exhibit B of this License must be attached. 335 | 336 | Exhibit A - Source Code Form License Notice 337 | 338 | This Source Code Form is subject to the 339 | terms of the Mozilla Public License, v. 340 | 2.0. If a copy of the MPL was not 341 | distributed with this file, You can 342 | obtain one at 343 | http://mozilla.org/MPL/2.0/. 344 | 345 | If it is not possible or desirable to put the notice in a particular file, then 346 | You may include the notice in a location (such as a LICENSE file in a relevant 347 | directory) where a recipient would be likely to look for such a notice. 348 | 349 | You may add additional accurate notices of copyright ownership. 350 | 351 | Exhibit B - “Incompatible With Secondary Licenses” Notice 352 | 353 | This Source Code Form is “Incompatible 354 | With Secondary Licenses”, as defined by 355 | the Mozilla Public License, v. 2.0. 356 | 357 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # About this Repo 2 | 3 | This is the Git repo of the Docker [official image](https://docs.docker.com/docker-hub/official_repos/) for [consul](https://registry.hub.docker.com/_/consul/). See [the Docker Hub page](https://registry.hub.docker.com/_/consul/) for the full readme on how to use this Docker image and for information regarding contributing and issues. 4 | 5 | The full readme is generated over in [docker-library/docs](https://github.com/docker-library/docs), specificially in [docker-library/docs/consul](https://github.com/docker-library/docs/tree/master/consul). 6 | 7 | See a change merged here that doesn't show up on the Docker Hub yet? Check [the "library/consul" manifest file in the docker-library/official-images repo](https://github.com/docker-library/official-images/blob/master/library/consul), especially [PRs with the "library/consul" label on that repo](https://github.com/docker-library/official-images/labels/library%2Fconsul). For more information about the official images process, see the [docker-library/official-images readme](https://github.com/docker-library/official-images/blob/master/README.md). 8 | 9 | 10 | -------------------------------------------------------------------------------- /ubi/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright (c) HashiCorp, Inc. 2 | # SPDX-License-Identifier: MPL-2.0 3 | 4 | # This Dockerfile creates a production release image for the project. This 5 | # downloads the release from releases.hashicorp.com and therefore requires that 6 | # the release is published before building the Docker image. 7 | # 8 | # We don't rebuild the software because we want the exact checksums and 9 | # binary signatures to match the software and our builds aren't fully 10 | # reproducible currently. 11 | # 12 | # This Dockerfile is different from the regular Dockerfile because it's 13 | # based on Red Hat's UBI image. This Dockerfile is used to build a Consul 14 | # image for use on OpenShift. 15 | FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 16 | 17 | # This is the release of Consul to pull in. 18 | ARG CONSUL_VERSION=1.10.0 19 | 20 | LABEL org.opencontainers.image.version=$CONSUL_VERSION \ 21 | org.opencontainers.image.authors="Consul Team " \ 22 | name="consul" \ 23 | maintainer="Consul Team " \ 24 | vendor="HashiCorp" \ 25 | version=$CONSUL_VERSION \ 26 | release=$CONSUL_VERSION \ 27 | summary="Consul is a datacenter runtime that provides service discovery, configuration, and orchestration." \ 28 | description="Consul is a datacenter runtime that provides service discovery, configuration, and orchestration." 29 | 30 | # This is the location of the releases. 31 | ENV HASHICORP_RELEASES=https://releases.hashicorp.com 32 | 33 | # Copy license for Red Hat certification. 34 | COPY LICENSE /licenses/mozilla.txt 35 | 36 | # Set up certificates, base tools, and Consul. 37 | # dumb-init is downloaded directly from GitHub because there's no RPM package. 38 | # Its shasum is hardcoded. If you upgrade the dumb-init verion you'll need to 39 | # also update the shasum. 40 | RUN set -eux && \ 41 | microdnf install -y ca-certificates curl gnupg libcap openssl iputils jq iptables wget unzip tar && \ 42 | wget -O /usr/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_x86_64 && \ 43 | echo 'e874b55f3279ca41415d290c512a7ba9d08f98041b28ae7c2acb19a545f1c4df /usr/bin/dumb-init' > dumb-init-shasum && \ 44 | sha256sum --check dumb-init-shasum && \ 45 | chmod +x /usr/bin/dumb-init && \ 46 | gpg --keyserver keyserver.ubuntu.com --recv-keys C874011F0AB405110D02105534365D9472D7468F && \ 47 | mkdir -p /tmp/build && \ 48 | cd /tmp/build && \ 49 | consulArch=amd64 && \ 50 | wget ${HASHICORP_RELEASES}/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_${consulArch}.zip && \ 51 | wget ${HASHICORP_RELEASES}/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_SHA256SUMS && \ 52 | wget ${HASHICORP_RELEASES}/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_SHA256SUMS.sig && \ 53 | gpg --batch --verify consul_${CONSUL_VERSION}_SHA256SUMS.sig consul_${CONSUL_VERSION}_SHA256SUMS && \ 54 | grep consul_${CONSUL_VERSION}_linux_${consulArch}.zip consul_${CONSUL_VERSION}_SHA256SUMS | sha256sum -c && \ 55 | unzip -d /tmp/build consul_${CONSUL_VERSION}_linux_${consulArch}.zip && \ 56 | cp /tmp/build/consul /bin/consul && \ 57 | if [ -f /tmp/build/EULA.txt ]; then mkdir -p /usr/share/doc/consul; mv /tmp/build/EULA.txt /usr/share/doc/consul/EULA.txt; fi && \ 58 | if [ -f /tmp/build/TermsOfEvaluation.txt ]; then mkdir -p /usr/share/doc/consul; mv /tmp/build/TermsOfEvaluation.txt /usr/share/doc/consul/TermsOfEvaluation.txt; fi && \ 59 | cd /tmp && \ 60 | rm -rf /tmp/build && \ 61 | gpgconf --kill all && \ 62 | rm -rf /root/.gnupg && \ 63 | # tiny smoke test to ensure the binary we downloaded runs 64 | consul version 65 | 66 | # Create a non-root user to run the software. On OpenShift, this 67 | # will not matter since the container is run as a random user and group 68 | # but this is kept for consistency with our other images. 69 | RUN groupadd consul && \ 70 | adduser --uid 100 --system -g consul consul 71 | 72 | # The /consul/data dir is used by Consul to store state. The agent will be started 73 | # with /consul/config as the configuration directory so you can add additional 74 | # config files in that location. 75 | # In addition, change the group of the /consul directory to 0 since OpenShift 76 | # will always execute the container with group 0. 77 | RUN mkdir -p /consul/data && \ 78 | mkdir -p /consul/config && \ 79 | chown -R consul /consul && \ 80 | chgrp -R 0 /consul && chmod -R g+rwX /consul 81 | 82 | # set up nsswitch.conf for Go's "netgo" implementation which is used by Consul, 83 | # otherwise DNS supercedes the container's hosts file, which we don't want. 84 | RUN test -e /etc/nsswitch.conf || echo 'hosts: files dns' > /etc/nsswitch.conf 85 | 86 | # Expose the consul data directory as a volume since there's mutable state in there. 87 | VOLUME /consul/data 88 | 89 | # Server RPC is used for communication between Consul clients and servers for internal 90 | # request forwarding. 91 | EXPOSE 8300 92 | 93 | # Serf LAN and WAN (WAN is used only by Consul servers) are used for gossip between 94 | # Consul agents. LAN is within the datacenter and WAN is between just the Consul 95 | # servers in all datacenters. 96 | EXPOSE 8301 8301/udp 8302 8302/udp 97 | 98 | # HTTP and DNS (both TCP and UDP) are the primary interfaces that applications 99 | # use to interact with Consul. 100 | EXPOSE 8500 8600 8600/udp 101 | 102 | COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh 103 | ENTRYPOINT ["docker-entrypoint.sh"] 104 | 105 | # OpenShift by default will run containers with a random user, however their 106 | # scanner requires that containers set a non-root user. 107 | USER 100 108 | 109 | # By default you'll get an insecure single-node development server that stores 110 | # everything in RAM, exposes a web UI and HTTP endpoints, and bootstraps itself. 111 | # Don't use this configuration for production. 112 | CMD ["agent", "-dev", "-client", "0.0.0.0"] 113 | -------------------------------------------------------------------------------- /ubi/LICENSE: -------------------------------------------------------------------------------- 1 | Mozilla Public License, version 2.0 2 | 3 | 1. Definitions 4 | 5 | 1.1. “Contributor” 6 | 7 | means each individual or legal entity that creates, contributes to the 8 | creation of, or owns Covered Software. 9 | 10 | 1.2. “Contributor Version” 11 | 12 | means the combination of the Contributions of others (if any) used by a 13 | Contributor and that particular Contributor’s Contribution. 14 | 15 | 1.3. “Contribution” 16 | 17 | means Covered Software of a particular Contributor. 18 | 19 | 1.4. “Covered Software” 20 | 21 | means Source Code Form to which the initial Contributor has attached the 22 | notice in Exhibit A, the Executable Form of such Source Code Form, and 23 | Modifications of such Source Code Form, in each case including portions 24 | thereof. 25 | 26 | 1.5. “Incompatible With Secondary Licenses” 27 | means 28 | 29 | a. that the initial Contributor has attached the notice described in 30 | Exhibit B to the Covered Software; or 31 | 32 | b. that the Covered Software was made available under the terms of version 33 | 1.1 or earlier of the License, but not also under the terms of a 34 | Secondary License. 35 | 36 | 1.6. “Executable Form” 37 | 38 | means any form of the work other than Source Code Form. 39 | 40 | 1.7. “Larger Work” 41 | 42 | means a work that combines Covered Software with other material, in a separate 43 | file or files, that is not Covered Software. 44 | 45 | 1.8. “License” 46 | 47 | means this document. 48 | 49 | 1.9. “Licensable” 50 | 51 | means having the right to grant, to the maximum extent possible, whether at the 52 | time of the initial grant or subsequently, any and all of the rights conveyed by 53 | this License. 54 | 55 | 1.10. “Modifications” 56 | 57 | means any of the following: 58 | 59 | a. any file in Source Code Form that results from an addition to, deletion 60 | from, or modification of the contents of Covered Software; or 61 | 62 | b. any new file in Source Code Form that contains any Covered Software. 63 | 64 | 1.11. “Patent Claims” of a Contributor 65 | 66 | means any patent claim(s), including without limitation, method, process, 67 | and apparatus claims, in any patent Licensable by such Contributor that 68 | would be infringed, but for the grant of the License, by the making, 69 | using, selling, offering for sale, having made, import, or transfer of 70 | either its Contributions or its Contributor Version. 71 | 72 | 1.12. “Secondary License” 73 | 74 | means either the GNU General Public License, Version 2.0, the GNU Lesser 75 | General Public License, Version 2.1, the GNU Affero General Public 76 | License, Version 3.0, or any later versions of those licenses. 77 | 78 | 1.13. “Source Code Form” 79 | 80 | means the form of the work preferred for making modifications. 81 | 82 | 1.14. “You” (or “Your”) 83 | 84 | means an individual or a legal entity exercising rights under this 85 | License. For legal entities, “You” includes any entity that controls, is 86 | controlled by, or is under common control with You. For purposes of this 87 | definition, “control” means (a) the power, direct or indirect, to cause 88 | the direction or management of such entity, whether by contract or 89 | otherwise, or (b) ownership of more than fifty percent (50%) of the 90 | outstanding shares or beneficial ownership of such entity. 91 | 92 | 93 | 2. License Grants and Conditions 94 | 95 | 2.1. Grants 96 | 97 | Each Contributor hereby grants You a world-wide, royalty-free, 98 | non-exclusive license: 99 | 100 | a. under intellectual property rights (other than patent or trademark) 101 | Licensable by such Contributor to use, reproduce, make available, 102 | modify, display, perform, distribute, and otherwise exploit its 103 | Contributions, either on an unmodified basis, with Modifications, or as 104 | part of a Larger Work; and 105 | 106 | b. under Patent Claims of such Contributor to make, use, sell, offer for 107 | sale, have made, import, and otherwise transfer either its Contributions 108 | or its Contributor Version. 109 | 110 | 2.2. Effective Date 111 | 112 | The licenses granted in Section 2.1 with respect to any Contribution become 113 | effective for each Contribution on the date the Contributor first distributes 114 | such Contribution. 115 | 116 | 2.3. Limitations on Grant Scope 117 | 118 | The licenses granted in this Section 2 are the only rights granted under this 119 | License. No additional rights or licenses will be implied from the distribution 120 | or licensing of Covered Software under this License. Notwithstanding Section 121 | 2.1(b) above, no patent license is granted by a Contributor: 122 | 123 | a. for any code that a Contributor has removed from Covered Software; or 124 | 125 | b. for infringements caused by: (i) Your and any other third party’s 126 | modifications of Covered Software, or (ii) the combination of its 127 | Contributions with other software (except as part of its Contributor 128 | Version); or 129 | 130 | c. under Patent Claims infringed by Covered Software in the absence of its 131 | Contributions. 132 | 133 | This License does not grant any rights in the trademarks, service marks, or 134 | logos of any Contributor (except as may be necessary to comply with the 135 | notice requirements in Section 3.4). 136 | 137 | 2.4. Subsequent Licenses 138 | 139 | No Contributor makes additional grants as a result of Your choice to 140 | distribute the Covered Software under a subsequent version of this License 141 | (see Section 10.2) or under the terms of a Secondary License (if permitted 142 | under the terms of Section 3.3). 143 | 144 | 2.5. Representation 145 | 146 | Each Contributor represents that the Contributor believes its Contributions 147 | are its original creation(s) or it has sufficient rights to grant the 148 | rights to its Contributions conveyed by this License. 149 | 150 | 2.6. Fair Use 151 | 152 | This License is not intended to limit any rights You have under applicable 153 | copyright doctrines of fair use, fair dealing, or other equivalents. 154 | 155 | 2.7. Conditions 156 | 157 | Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in 158 | Section 2.1. 159 | 160 | 161 | 3. Responsibilities 162 | 163 | 3.1. Distribution of Source Form 164 | 165 | All distribution of Covered Software in Source Code Form, including any 166 | Modifications that You create or to which You contribute, must be under the 167 | terms of this License. You must inform recipients that the Source Code Form 168 | of the Covered Software is governed by the terms of this License, and how 169 | they can obtain a copy of this License. You may not attempt to alter or 170 | restrict the recipients’ rights in the Source Code Form. 171 | 172 | 3.2. Distribution of Executable Form 173 | 174 | If You distribute Covered Software in Executable Form then: 175 | 176 | a. such Covered Software must also be made available in Source Code Form, 177 | as described in Section 3.1, and You must inform recipients of the 178 | Executable Form how they can obtain a copy of such Source Code Form by 179 | reasonable means in a timely manner, at a charge no more than the cost 180 | of distribution to the recipient; and 181 | 182 | b. You may distribute such Executable Form under the terms of this License, 183 | or sublicense it under different terms, provided that the license for 184 | the Executable Form does not attempt to limit or alter the recipients’ 185 | rights in the Source Code Form under this License. 186 | 187 | 3.3. Distribution of a Larger Work 188 | 189 | You may create and distribute a Larger Work under terms of Your choice, 190 | provided that You also comply with the requirements of this License for the 191 | Covered Software. If the Larger Work is a combination of Covered Software 192 | with a work governed by one or more Secondary Licenses, and the Covered 193 | Software is not Incompatible With Secondary Licenses, this License permits 194 | You to additionally distribute such Covered Software under the terms of 195 | such Secondary License(s), so that the recipient of the Larger Work may, at 196 | their option, further distribute the Covered Software under the terms of 197 | either this License or such Secondary License(s). 198 | 199 | 3.4. Notices 200 | 201 | You may not remove or alter the substance of any license notices (including 202 | copyright notices, patent notices, disclaimers of warranty, or limitations 203 | of liability) contained within the Source Code Form of the Covered 204 | Software, except that You may alter any license notices to the extent 205 | required to remedy known factual inaccuracies. 206 | 207 | 3.5. Application of Additional Terms 208 | 209 | You may choose to offer, and to charge a fee for, warranty, support, 210 | indemnity or liability obligations to one or more recipients of Covered 211 | Software. However, You may do so only on Your own behalf, and not on behalf 212 | of any Contributor. You must make it absolutely clear that any such 213 | warranty, support, indemnity, or liability obligation is offered by You 214 | alone, and You hereby agree to indemnify every Contributor for any 215 | liability incurred by such Contributor as a result of warranty, support, 216 | indemnity or liability terms You offer. You may include additional 217 | disclaimers of warranty and limitations of liability specific to any 218 | jurisdiction. 219 | 220 | 4. Inability to Comply Due to Statute or Regulation 221 | 222 | If it is impossible for You to comply with any of the terms of this License 223 | with respect to some or all of the Covered Software due to statute, judicial 224 | order, or regulation then You must: (a) comply with the terms of this License 225 | to the maximum extent possible; and (b) describe the limitations and the code 226 | they affect. Such description must be placed in a text file included with all 227 | distributions of the Covered Software under this License. Except to the 228 | extent prohibited by statute or regulation, such description must be 229 | sufficiently detailed for a recipient of ordinary skill to be able to 230 | understand it. 231 | 232 | 5. Termination 233 | 234 | 5.1. The rights granted under this License will terminate automatically if You 235 | fail to comply with any of its terms. However, if You become compliant, 236 | then the rights granted under this License from a particular Contributor 237 | are reinstated (a) provisionally, unless and until such Contributor 238 | explicitly and finally terminates Your grants, and (b) on an ongoing basis, 239 | if such Contributor fails to notify You of the non-compliance by some 240 | reasonable means prior to 60 days after You have come back into compliance. 241 | Moreover, Your grants from a particular Contributor are reinstated on an 242 | ongoing basis if such Contributor notifies You of the non-compliance by 243 | some reasonable means, this is the first time You have received notice of 244 | non-compliance with this License from such Contributor, and You become 245 | compliant prior to 30 days after Your receipt of the notice. 246 | 247 | 5.2. If You initiate litigation against any entity by asserting a patent 248 | infringement claim (excluding declaratory judgment actions, counter-claims, 249 | and cross-claims) alleging that a Contributor Version directly or 250 | indirectly infringes any patent, then the rights granted to You by any and 251 | all Contributors for the Covered Software under Section 2.1 of this License 252 | shall terminate. 253 | 254 | 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user 255 | license agreements (excluding distributors and resellers) which have been 256 | validly granted by You or Your distributors under this License prior to 257 | termination shall survive termination. 258 | 259 | 6. Disclaimer of Warranty 260 | 261 | Covered Software is provided under this License on an “as is” basis, without 262 | warranty of any kind, either expressed, implied, or statutory, including, 263 | without limitation, warranties that the Covered Software is free of defects, 264 | merchantable, fit for a particular purpose or non-infringing. The entire 265 | risk as to the quality and performance of the Covered Software is with You. 266 | Should any Covered Software prove defective in any respect, You (not any 267 | Contributor) assume the cost of any necessary servicing, repair, or 268 | correction. This disclaimer of warranty constitutes an essential part of this 269 | License. No use of any Covered Software is authorized under this License 270 | except under this disclaimer. 271 | 272 | 7. Limitation of Liability 273 | 274 | Under no circumstances and under no legal theory, whether tort (including 275 | negligence), contract, or otherwise, shall any Contributor, or anyone who 276 | distributes Covered Software as permitted above, be liable to You for any 277 | direct, indirect, special, incidental, or consequential damages of any 278 | character including, without limitation, damages for lost profits, loss of 279 | goodwill, work stoppage, computer failure or malfunction, or any and all 280 | other commercial damages or losses, even if such party shall have been 281 | informed of the possibility of such damages. This limitation of liability 282 | shall not apply to liability for death or personal injury resulting from such 283 | party’s negligence to the extent applicable law prohibits such limitation. 284 | Some jurisdictions do not allow the exclusion or limitation of incidental or 285 | consequential damages, so this exclusion and limitation may not apply to You. 286 | 287 | 8. Litigation 288 | 289 | Any litigation relating to this License may be brought only in the courts of 290 | a jurisdiction where the defendant maintains its principal place of business 291 | and such litigation shall be governed by laws of that jurisdiction, without 292 | reference to its conflict-of-law provisions. Nothing in this Section shall 293 | prevent a party’s ability to bring cross-claims or counter-claims. 294 | 295 | 9. Miscellaneous 296 | 297 | This License represents the complete agreement concerning the subject matter 298 | hereof. If any provision of this License is held to be unenforceable, such 299 | provision shall be reformed only to the extent necessary to make it 300 | enforceable. Any law or regulation which provides that the language of a 301 | contract shall be construed against the drafter shall not be used to construe 302 | this License against a Contributor. 303 | 304 | 305 | 10. Versions of the License 306 | 307 | 10.1. New Versions 308 | 309 | Mozilla Foundation is the license steward. Except as provided in Section 310 | 10.3, no one other than the license steward has the right to modify or 311 | publish new versions of this License. Each version will be given a 312 | distinguishing version number. 313 | 314 | 10.2. Effect of New Versions 315 | 316 | You may distribute the Covered Software under the terms of the version of 317 | the License under which You originally received the Covered Software, or 318 | under the terms of any subsequent version published by the license 319 | steward. 320 | 321 | 10.3. Modified Versions 322 | 323 | If you create software not governed by this License, and you want to 324 | create a new license for such software, you may create and use a modified 325 | version of this License if you rename the license and remove any 326 | references to the name of the license steward (except to note that such 327 | modified license differs from this License). 328 | 329 | 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses 330 | If You choose to distribute Source Code Form that is Incompatible With 331 | Secondary Licenses under the terms of this version of the License, the 332 | notice described in Exhibit B of this License must be attached. 333 | 334 | Exhibit A - Source Code Form License Notice 335 | 336 | This Source Code Form is subject to the 337 | terms of the Mozilla Public License, v. 338 | 2.0. If a copy of the MPL was not 339 | distributed with this file, You can 340 | obtain one at 341 | http://mozilla.org/MPL/2.0/. 342 | 343 | If it is not possible or desirable to put the notice in a particular file, then 344 | You may include the notice in a location (such as a LICENSE file in a relevant 345 | directory) where a recipient would be likely to look for such a notice. 346 | 347 | You may add additional accurate notices of copyright ownership. 348 | 349 | Exhibit B - “Incompatible With Secondary Licenses” Notice 350 | 351 | This Source Code Form is “Incompatible 352 | With Secondary Licenses”, as defined by 353 | the Mozilla Public License, v. 2.0. 354 | 355 | -------------------------------------------------------------------------------- /ubi/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/dumb-init /bin/sh 2 | # Copyright (c) HashiCorp, Inc. 3 | # SPDX-License-Identifier: MPL-2.0 4 | 5 | set -e 6 | 7 | # Note above that we run dumb-init as PID 1 in order to reap zombie processes 8 | # as well as forward signals to all processes in its session. Normally, sh 9 | # wouldn't do either of these functions so we'd leak zombies as well as do 10 | # unclean termination of all our sub-processes. 11 | # As of docker 1.13, using docker run --init achieves the same outcome. 12 | 13 | # You can set CONSUL_BIND_INTERFACE to the name of the interface you'd like to 14 | # bind to and this will look up the IP and pass the proper -bind= option along 15 | # to Consul. 16 | CONSUL_BIND= 17 | if [ -n "$CONSUL_BIND_INTERFACE" ]; then 18 | CONSUL_BIND_ADDRESS=$(ip -o -4 addr list $CONSUL_BIND_INTERFACE | head -n1 | awk '{print $4}' | cut -d/ -f1) 19 | if [ -z "$CONSUL_BIND_ADDRESS" ]; then 20 | echo "Could not find IP for interface '$CONSUL_BIND_INTERFACE', exiting" 21 | exit 1 22 | fi 23 | 24 | CONSUL_BIND="-bind=$CONSUL_BIND_ADDRESS" 25 | echo "==> Found address '$CONSUL_BIND_ADDRESS' for interface '$CONSUL_BIND_INTERFACE', setting bind option..." 26 | fi 27 | 28 | # You can set CONSUL_CLIENT_INTERFACE to the name of the interface you'd like to 29 | # bind client intefaces (HTTP, DNS, and RPC) to and this will look up the IP and 30 | # pass the proper -client= option along to Consul. 31 | CONSUL_CLIENT= 32 | if [ -n "$CONSUL_CLIENT_INTERFACE" ]; then 33 | CONSUL_CLIENT_ADDRESS=$(ip -o -4 addr list $CONSUL_CLIENT_INTERFACE | head -n1 | awk '{print $4}' | cut -d/ -f1) 34 | if [ -z "$CONSUL_CLIENT_ADDRESS" ]; then 35 | echo "Could not find IP for interface '$CONSUL_CLIENT_INTERFACE', exiting" 36 | exit 1 37 | fi 38 | 39 | CONSUL_CLIENT="-client=$CONSUL_CLIENT_ADDRESS" 40 | echo "==> Found address '$CONSUL_CLIENT_ADDRESS' for interface '$CONSUL_CLIENT_INTERFACE', setting client option..." 41 | fi 42 | 43 | # CONSUL_DATA_DIR is exposed as a volume for possible persistent storage. The 44 | # CONSUL_CONFIG_DIR isn't exposed as a volume but you can compose additional 45 | # config files in there if you use this image as a base, or use CONSUL_LOCAL_CONFIG 46 | # below. 47 | CONSUL_DATA_DIR=/consul/data 48 | CONSUL_CONFIG_DIR=/consul/config 49 | 50 | # You can also set the CONSUL_LOCAL_CONFIG environemnt variable to pass some 51 | # Consul configuration JSON without having to bind any volumes. 52 | if [ -n "$CONSUL_LOCAL_CONFIG" ]; then 53 | echo "$CONSUL_LOCAL_CONFIG" > "$CONSUL_CONFIG_DIR/local.json" 54 | fi 55 | 56 | # If the user is trying to run Consul directly with some arguments, then 57 | # pass them to Consul. 58 | if [ "${1:0:1}" = '-' ]; then 59 | set -- consul "$@" 60 | fi 61 | 62 | # Look for Consul subcommands. 63 | if [ "$1" = 'agent' ]; then 64 | shift 65 | set -- consul agent \ 66 | -data-dir="$CONSUL_DATA_DIR" \ 67 | -config-dir="$CONSUL_CONFIG_DIR" \ 68 | $CONSUL_BIND \ 69 | $CONSUL_CLIENT \ 70 | "$@" 71 | elif [ "$1" = 'version' ]; then 72 | # This needs a special case because there's no help output. 73 | set -- consul "$@" 74 | elif consul --help "$1" 2>&1 | grep -q "consul $1"; then 75 | # We can't use the return code to check for the existence of a subcommand, so 76 | # we have to use grep to look for a pattern in the help output. 77 | set -- consul "$@" 78 | fi 79 | 80 | # NOTE: Unlike in the regular Consul Docker image, we don't have code here 81 | # for changing data-dir directory ownership or using su-exec because OpenShift 82 | # won't run this container as root and so we can't change data dir ownership, 83 | # and there's no need to use su-exec. 84 | 85 | exec "$@" 86 | --------------------------------------------------------------------------------