anantpatil · July 20, 2017 09:09
diff --git a/avi-ucp-docker-compose-readme.txt b/avi-ucp-docker-compose-readme.txt
 The interlock at github.com/anantpatil/interlock/tree/avi-extn
 integrates Avi with Docker UCP. 

 To use interlock, perform following steps:

 0. Pre-requisites:
    a. UCP version 2.1 or above
    b. Docker version 1.13 or above
    c. docker-compose 1.11 or above

 1. If docker-compose is not installed, install it.
 2. It is assumed that you have access to UCP master (anyone from the
 cluster). If not, atleast you have the client bundle downloaded so that
 you can connect to UCP master. More on client bundle:
 https://docs.docker.com/datacenter/ucp/1.1/access-ucp/cli-based-access/
 The client bundle should be for a user having admin role in UCP.
 If you have access to UCP master, go to step 3 otherwise go to step 4.
 3. Create a directory (e.g. ~/interlock) on UCP master if you have
 access to, otherwise any other host which as connectivity to UCP master
 and copy the docker-compose.yaml file in that directory.

 ** SWARM_HOST is host where master is running, usually tcp://<ucp-master-node>:2376

 4. If you want to run interlock from any other host having access to
 UCP master, then you need to do this step. Create a directory on you
 host (e.g. ~/interlock) and copy the contents of client bundle in that
 directory and create a mount point in docker container to point to that
 directory. Assuming you have extracted the contents in ~/ucp-certs. Make
 changes to the docker-compose file, edit the volumes section:

    volumes:
        - ~/ucp-certs:/certs:ro
        
 5. run "docker-compose up" command and you should be able to see the
 interlock running.

 6. Now you can create services with publish mode as host and see the
 Virtual services getting created in Avi. The services are synced with
 Avi after every PollInterval and when the services scale up or down, the
 pools' sizes are scaled accordingly.

 e.g. docker service create -p mode=host,target=8080 --name=avisw1 avinetworks/server-os

 The above command will create a docker service with one replica running
 on one of the worker nodes. The interlock will then create a virtual
 service in Avi with a pool having one pool memeber corresponding to the
 container running on the worker node.
diff --git a/docker-compose.yaml b/docker-compose.yaml
 interlock:
      image: anantpatil/avi-docker-interlock:latest
      command: -D run
      tty: true
      ports:
        - 8080
      environment:
        INTERLOCK_CONFIG: |
            ListenAddr = ":8080"
            DockerURL = "${SWARM_HOST}"
            TLSCACert = "/certs/ca.pem"
            TLSCert = "/certs/cert.pem"
            TLSKey = "/certs/key.pem"
            PollInterval = "10s"

            [[Extensions]]
                Name                = "avi"
                AviUser             = "admin"
                AviPassword         = "avipasswd"
                AviControllerAddr   = "controller_host_or_ip"
                AviControllerPort   = "443"
                SSLServerVerify     = "false" # set to true if you have Avi ca certs
                AviCloudName        = "" # defaults to Default-Cloud otherwise give cloud you have
                AviDNSSubdomain     = "avi.test"
            
    volumes:
        - ucp-node-certs:/certs

    restart: always
	The interlock at github.com/anantpatil/interlock/tree/avi-extn
	integrates Avi with Docker UCP.

	To use interlock, perform following steps:

	0. Pre-requisites:
	a. UCP version 2.1 or above
	b. Docker version 1.13 or above
	c. docker-compose 1.11 or above

	1. If docker-compose is not installed, install it.
	2. It is assumed that you have access to UCP master (anyone from the
	cluster). If not, atleast you have the client bundle downloaded so that
	you can connect to UCP master. More on client bundle:
	https://docs.docker.com/datacenter/ucp/1.1/access-ucp/cli-based-access/
	The client bundle should be for a user having admin role in UCP.
	If you have access to UCP master, go to step 3 otherwise go to step 4.
	3. Create a directory (e.g. ~/interlock) on UCP master if you have
	access to, otherwise any other host which as connectivity to UCP master
	and copy the docker-compose.yaml file in that directory.

	** SWARM_HOST is host where master is running, usually tcp://<ucp-master-node>:2376

	4. If you want to run interlock from any other host having access to
	UCP master, then you need to do this step. Create a directory on you
	host (e.g. ~/interlock) and copy the contents of client bundle in that
	directory and create a mount point in docker container to point to that
	directory. Assuming you have extracted the contents in ~/ucp-certs. Make
	changes to the docker-compose file, edit the volumes section:

	volumes:
	- ~/ucp-certs:/certs:ro

	5. run "docker-compose up" command and you should be able to see the
	interlock running.

	6. Now you can create services with publish mode as host and see the
	Virtual services getting created in Avi. The services are synced with
	Avi after every PollInterval and when the services scale up or down, the
	pools' sizes are scaled accordingly.

	e.g. docker service create -p mode=host,target=8080 --name=avisw1 avinetworks/server-os

	The above command will create a docker service with one replica running
	on one of the worker nodes. The interlock will then create a virtual
	service in Avi with a pool having one pool memeber corresponding to the
	container running on the worker node.
	interlock:
	image: anantpatil/avi-docker-interlock:latest
	command: -D run
	tty: true
	ports:
	- 8080
	environment:
	INTERLOCK_CONFIG: \|
	ListenAddr = ":8080"
	DockerURL = "${SWARM_HOST}"
	TLSCACert = "/certs/ca.pem"
	TLSCert = "/certs/cert.pem"
	TLSKey = "/certs/key.pem"
	PollInterval = "10s"

	[[Extensions]]
	Name = "avi"
	AviUser = "admin"
	AviPassword = "avipasswd"
	AviControllerAddr = "controller_host_or_ip"
	AviControllerPort = "443"
	SSLServerVerify = "false" # set to true if you have Avi ca certs
	AviCloudName = "" # defaults to Default-Cloud otherwise give cloud you have
	AviDNSSubdomain = "avi.test"

	volumes:
	- ucp-node-certs:/certs

	restart: always