serviced
DESCRIPTION
serviced is an open-source, application service orchestrator based on Docker Community Edition.
GLOBAL OPTIONS
- --docker-registry Master-Hostname:5000
- The local Docker registry to use. For more information, see SERVICED_DOCKER_REGISTRY in the section about configuration file environment variables.
- --static-ip IP-Address [--static-ip IP-Address]…
- One or more static IP addresses for a serviced instance to advertise. For more information, see SERVICED_STATIC_IPS in the section about configuration file environment variables.
- --endpoint Host:Port
- The serviced RPC endpoint. The value of Host is the hostname or IP address of the master host. The default value of Port is 4979. For more information, see SERVICED_ENDPOINT in the section about configuration file environment variables.
- --outbound IP-Address
- The default startup routines of serviced include attempting to ping google.com. When a value is set for this variable, serviced does not attempt the ping and assumes it does not have internet access.
- --uiport:Port
- The port on which the HTTP server listens for requests. The default value is 443, unless SERVICED_UI_PORT is set in the configuration file. For more information, see the section about configuration file environment variables.
- --nfs-client value
- Determines whether a serviced delegate mounts the DFS. The default value is 1 (enable) unless SERVICED_NFS_CLIENT is set in the configuration file. For more information, see the section about configuration file environment variables.
- --listen:Port
- The serviced RPC endpoint on the local host. The default value of Port is 4979.
- --docker-dns Option [--docker-dns Option]…
- One or more DNS configuration flags for Docker to use when starting containers.
- --master
- Run the application services scheduler and other internal services.
- --agent
- Run application services scheduled by the master.
- --mux Port
- The port used for traffic among Docker containers. The default value is 22250, unless SERVICED_MUX_PORT is set in the configuration file. For more information, see the section about configuration file environment variables.
- --mux-disable-tls
- Determines whether inter-host traffic among Docker containers is encrypted with TLS. Intra-host traffic among Docker containers is not encrypted.
- --mux-tls-ciphers Option [--mux-tls-ciphers Option]…
- The list TLS ciphers serviced supports for mux traffic. The default may be set in by SERVICED_MUX_TLS_CIPHERS in the configuration file. For more information, see the section about configuration file environment variables.
- --mux-tls-min-version
- The minimum version of TLS that serviced accepts for mux traffic. Valid values are VersionTLS11 and VersionTLS12. The default value is VersionTLS11 unless SERVICED_MUX_TLS_MIN_VERSION is set in the configuration file. For more information, see the section about configuration file environment variables.
- --var Path
- This option has been deprecated.
- volumes-path Path
- The location of serviced application data. The default path is /opt/serviced/var/volumes unless the value of the SERVICED_VOLUMES_PATH is set in the configuration file. For more information, see the section about configuration file environment variables.
- isvcs-path Path
- The location of serviced internal services data. The default path is /opt/serviced/var/isvcs unless the value of the SERVICED_ISVCS_PATH is set in the configuration file. For more information, see the section about configuration file environment variables.
- backups-path Path
- The location of serviced backup files. The default path is /opt/serviced/var/backups unless the value of the SERVICED_BACKUPS_PATH is set in the configuration file. For more information, see the section about configuration file environment variables.
- etc-path Path
- The location of serviced configuration files. The default path is /opt/serviced/etc.
- --keyfile Path
- The path of a digital certificate key file. Choose a location that is not modified during operating system updates, such as /etc.
- --certfile Path
- The path of a digital certificate file. Choose a location that is not modified during operating system updates, such as /etc. Certificates with passphrases are not supported.
- --zk Host:Port [--zk Host:Port]…
- One or more ZooKeeper endpoints. If multiple endpoints are specified, serviced tries each in turn until it connects to a working server. The default may be set by SERVICED_ZK in the configuration file. For more information, see the section about configuration file environment variables.
- --mount Option [--mount Option]…
- One or more bind mounts for a container. The syntax for Option is DOCKER_IMAGE,HOST_PATH[,CONTAINER_PATH].
- --fstype Driver
- The driver to manage application data storage on the serviced master host. The default is devicemapper unless SERVICED_FS_TYPE is set in the configuration file. For more information, see the section about configuration file environment variables.
- --alias Alias [--alias Alias]…
- One or more DNS aliases to associate with a container.
- --es-startup-timeout Duration
- The number of seconds to wait for Elasticsearch to complete its startup. The default value is 600 seconds (10 minutes).
- --max-container-age Duration
- The number of seconds serviced waits before removing a stopped container. The default value is 86400 seconds (24 hours), unless SERVICED_MAX_CONTAINER_AGE is set in the configuration file. For more information, see the section about configuration file environment variables.
- --max-dfs-timeout Duration
- The number of seconds to wait for a snapshot to complete. The default value is 300 seconds (5 minutes).
- --virtual-address-subnet Subnet
- The private subnet for containers that use virtual IP addresses on a host. The default value is 10.3.0.0/16, unless SERVICED_VIRTUAL_ADDRESS_SUBNET is set in the configuration file. For more information, see the section about configuration file environment variables.
- --master-pool-id Pool-ID
- The name of the resource pool to which the serviced instance configured as master belongs. The default value of Pool-ID is default.
- --admin-group Group
- The name of the Linux group on the serviced master host whose members are authorized to use the serviced browser interface. The default is wheel unless SERVICED_ADMIN_GROUP is set in the configuration file. For more information, see the section about configuration file environment variables.
- --storage-opts Option [--storage-opts Option]…
- Storage arguments to initialize the filesystem.
- --isvcs-start Option [--isvcs-start Option]…
- Enables one or more internal services to run on a delegate host. Currently, only zookeeper is supported. If SERVICED_ISVCS_START is set in the configuration file, its value is used. For more information, see the section about configuration file environment variables.
- --isvcs-zk-id Indentifier
- The unique identifier (a positive integer) of a ZooKeeper ensemble node. If SERVICED_ISVCS_ZOOKEEPER_ID is set in the configuration file, its value is used. For more information, see the section about configuration file environment variables.
- --isvcs-zk-quorum Option [--isvcs-zk-quorum Option]…
- The list of nodes in a ZooKeeper ensemble. If SERVICED_ISVCS_ZOOKEEPER_QUORUM is set in the configuration file, its value is used. For more information, see the section about configuration file environment variables.
- --tls-ciphers Option [--tls-ciphers Option]…
- The list TLS ciphers that serviced accepts for HTTP traffic. If SERVICED_TLS_CIPHERS is set in the configuration file, its value is used. For more information, see the section about configuration file environment variables.
- --tls-min-version Version
- The minimum version of TLS that serviced accepts for HTTP traffic. Valid values include the default, VersionTLS11, and VersionTLS12. If SERVICED_TLS_MIN_VERSION is set in the configuration file, its value is used. For more information, see the section about configuration file environment variables.
- --report-stats
- Enable reporting statistics in a container.
- --host-stats Host:Port
- The endpoint of the serviced metrics consumer service. The default value of Host is the IP address of the master host, and the default value of Port is 8443. If SERVICED_STATS_PORT is set in the configuration file, its value is used instead of the default endpoint. For more information, see the section about configuration file environment variables.
- --stats-period Duration
- The frequency, in seconds, at which delegates gather metrics to send to the serviced metrics consumer service on the master host. The default value of Duration is 10, unless SERVICED_STATS_PERIOD is set in the configuration file. For more information, see the section about configuration file environment variables.
- --mc-username User
- The username of the OpenTSDB account that MetricConsumer uses gain access to data stored by serviced.
- --mc-password Password
- The password of the OpenTSDB account that MetricConsumer uses gain access to data stored by serviced.
- --cpuprofile
- Instructs a container to write its CPU profile to a file.
- --isvcs-env Option [--isvcs-env Option]…
- Startup arguments to pass to internal services. The default value is no arguments, unless SERVICED_ISVCS_ENV_[0-9]+ is set in the configuration file. For more information, see the section about configuration file environment variables.
- --debug-port Port
- The port on which serviced listens for HTTP requests for the Go profiler. The default value of Port is 6006, unless SERVICED_DEBUG_PORT is set in the configuration file. To stop listening for requests, set the value to -1. For more information, see the section about configuration file environment variables.
- --max-rpc-clients Count
- The preferred maximum number of simultaneous connections a serviced delegate uses for RPC requests. The value is used to create a pool of sockets, which are reused as needed. Increasing the value increases the number of open sockets and the use of socket-related operating system resources.
- --rpc-dial-timeout Duration
- The number of seconds serviced waits before giving up on attempts to connect to the RPC endpoint on the master host.
- --rpc-cert-verify Value
- Determines whether serviced is enabled to perform TLS certificate verification for RPC connections. The default value is false (disabled) unless SERVICED_RPC_CERT_VERIFY is set in the configuration file. For more information, see the section about configuration file environment variables.
- --rpc-disable-tls Value
- Determines whether serviced enabled to encrypt RPC traffic with TLS. The default value is false (disabled) unless SERVICED_RPC_DISABLE_TLS is set in the configuration file. For more information, see the section about configuration file environment variables.
- --rpc-tls-ciphers Option [--rpc-tls-ciphers Option]…
- The list of TLS ciphers serviced prefers for RPC connections. If SERVICED_RPC_TLS_CIPHERS is set in the configuration file, its value is used. For more information, see the section about configuration file environment variables.
- --rpc-tls-min-version Version
- The minimum version of TLS serviced accepts for RPC connections. Valid values include the default, VersionTLS11, and VersionTLS12. The default value is VersionTLS10 unless SERVICED_RPC_TLS_MIN_VERSION is set in the configuration file. For more information, see the section about configuration file environment variables.
- --snapshot-ttl Duration
- The number of hours an application data snapshot is retained before removal. The default value is 12 unless SERVICED_SNAPSHOT_TTL is set in the configuration file. For more information, see the section about configuration file environment variables.
- --snapshot-space-percent Value
- The amount of free space in the thin pool, expressed as a percentage the total size. This value is used to determine whether the thin pool can hold a new snapshot. The default value is 20 unless SERVICED_SNAPSHOT_USE_PERCENT is set in the configuration file. For more information, see the section about configuration file environment variables.
- --controller-binary Path
- The path to the container controller binary. The default is /opt/serviced/bin/serviced-controller.
- --log-driver file
- The log driver for all Docker container logs, including containers for Control Center internal services.
- --log-config Option [--log-configOption]…
- A list of Docker --log-opt options as key=value pairs.
- --ui-poll-frequency Duration
- The number of seconds between polls from browser interface clients. The value is included in a JavaScript library that is sent to the clients. The default value is 3 unless SERVICED_UI_POLL_FREQUENCY is set in the configuration file. For more information, see the section about configuration file environment variables.
- --storage-stats-update-interval Duration
- The frequency in seconds that the thin pool usage is analyzed. The default value is 300 (five minutes) unless SERVICED_STORAGE_STATS_UPDATE_INTERVAL is set in the configuration file. For more information, see the section about configuration file environment variables.
- --zk-session-timeout Duration
- The number of seconds the ZooKeeper leader waits before flushing an inactive connection. The default value is 15 unless SERVICED_ZK_SESSION_TIMEOUT is set in the configuration file. For more information, see the section about configuration file environment variables.
- --auth-token-expiry
- The expiration time, in seconds, of delegate authentication tokens. The default value is 3600 (one hour) unless SERVICED_AUTH_TOKEN_EXPIRATION is set in the configuration file. For more information, see the section about configuration file environment variables.
- --logtostderr
- Write log messages to STDERR instead of the system log.
- --alsologtostderr
- Write log messages to STDERR as well as the system log.
- --logstashurl Host:Port
- The endpoint of the logstash service. The default value of Host is the IP address or hostname of the serviced master host and the default value of Port is 5042. If SERVICED_LOG_ADDRESS is set in the configuration file, its value is used instead of the default endpoint. For more information, see the section about configuration file environment variables.
- --logstash-es Host:Port
- The endpoint of the logstash Elasticsearch service. The default value of Host is the IP address of the master host, and the default value of Port is 9100. If SERVICED_LOGSTASH_ES is set in the configuration file, its value is used instead of the default endpoint.
- --logstash-max-days Duration
- The maximum number of days to keep application logs in the logstash database before purging them. The default value of Duration is 14, unless SERVICED_LOGSTASH_MAX_DAYS is set in the configuration file. When this argument and --logstash-max-size are used at the same time, both conditions are evaluated and enforced. For more information, see the section about configuration file environment variables.
- --logstash-max-size Quantity
- The maximum size of the logstash database, in gigabytes. When this argument and --logstash-max-days are used at the same time, both conditions are evaluated and enforced. The default value of Quantity is 10, unless SERVICED_LOGSTASH_MAX_SIZE is set in the configuration file. For more information, see the section about configuration file environment variables.
- --logstash-cycle-time Duration
- The amount of time between logstash purges, in hours. The default value is 6 unless SERVICED_LOGSTASH_CYCLE_TIME is set in the configuration file. For more information, see the section about configuration file environment variables.
- --v Level
- The log level serviced uses when writing to the system log. Valid values are 0 (normal) and 2 (debug). The default value is 0, unless SERVICED_LOG_LEVEL is set in the configuration file. For more information, see the section about configuration file environment variables.
- --stderrthreshold Level
- Write log messages at or above Level to STDERR, in addition to the system log. The value of Level may be 0 (INFO), 1 (WARNING), 2 (ERROR), or 3 (FATAL). The default value is 2.
- --vmodule
- Module-specific logging. For more information, refer to the Google Logging documentation.
- --log_backtrace_at File:Line
- Emit a stack trace when logging hits the specified line and file.
- --config-file Path
- The path of the configuration file. The default is /etc/default/serviced.
- --allow-loop-back Value
- Determines whether loop-back files can be used with the devicemapper storage driver. This option is not supported for production use.
- --version
- Display minimal version information about the serviced binary. To display additional information, use the serviced version command.
- [--help|--h]
- Display help information.
COMMANDS
- backup
- Copy all templates, services, and application data into a compressed tar archive file.
- config
- Report on the serviced configuration.
- debug
- Manage debugging.
- docker
- Docker administration commands.
- healthcheck
- Report on the health of serviced.
- [help|h]
- Display a global or command-specific help message.
- host
- Administer hosts.
- key
- Display the host's public key.
- log
- Administer logs.
- metric
- Administer metrics.
- pool
- Administer resource pool data.
- restore
- Reconstruct templates, services, and application data from a compressed tar archive file created with backup.
- script
- Verify or perform the commands in a script file.
- service
- Administer services.
- snapshot
- Administer snapshots.
- template
- Administer templates.
- version
- Display serviced version information.
- volume
- Administer volume data.
INVOCATION
Service (daemon) control commands include start, stop and reload. The reload command sends SIGHUP to the daemon, which restarts all internal services except ZooKeeper.
sudo systemctl [start|stop|reload] serviced
MISCELLANEOUS
Sending SIGUSR1 to the serviced process toggles the log level between 0 and 2.
To attach to a container running on a remote host, log in to the container from the serviced master host. If you are running a Linux shell on a delegate host, you can specify the --endpoint option in the serviced invocation.
serviced relies on Docker, and some administration procedures include docker commands. However, commands that manipulate containers directly, such as docker pause, should not be used when serviced is running.
During installation, serviced creates the internal services directory on the master host, so serviced commands must be run as root, or as a user with superuser privileges. After the master host is added as a delegate, serviced commands use the delegate host authorization keys, so root is no longer required.