Skip to content

serviced

NAME

serviced - A container-based management system.

SYNTAX

serviced [global options] command [command options] [arguments...]

DESCRIPTION

serviced is an open-source, application service orchestrator based on Docker Community Edition.

GLOBAL OPTIONS

--docker-registry Master-Hostname:5000

The local Docker registry to use. See SERVICED_DOCKER_REGISTRY.

--static-ip IP-Address [--static-ip IP-Address] ...

One or more static IP addresses for a serviced instance to advertise. See SERVICED_STATIC_IPS.

--endpoint Host:Port

The serviced RPC endpoint. See SERVICED_ENDPOINT.

--outbound IP-Address

See SERVICED_OUTBOUND_IP.

--uiport:Port

The port on which the HTTP server listens for requests. The default value is 443, unless SERVICED_UI_PORT is set.

--nfs-client Value

Determines whether a serviced delegate mounts the DFS. The default value is 1 (enable) unless SERVICED_NFS_CLIENT is set.

Before changing the default, ensure that no stateful services can run on the host. Disabling the DFS can destroy application data.

To disable mounting, set the value to 0.

--listen:Port

The serviced RPC endpoint on the local host. The default value of Port is 4979.

--docker-dns Option [--docker-dns Option] ...

One or more DNS configuration flags for Docker to use when starting containers.

--master

Run the application services scheduler and other internal services.

--agent

Run application services scheduled by the master.

--mux Port

The port used for traffic among Docker containers. The default value is 22250, unless SERVICED_MUX_PORT is set.

--mux-disable-tls Value

Determines whether inter-host traffic among Docker containers is encrypted with TLS. Intra-host traffic among Docker containers is not encrypted.

The default value is 0 (enabled) unless SERVICED_MUX_DISABLE_TLS is set to 1 (disable encryption).

--mux-tls-ciphers Option [--mux-tls-ciphers Option] ...

The list TLS ciphers serviced can use for mux traffic. The default may be set in by SERVICED_MUX_TLS_CIPHERS.

--mux-tls-min-version

The minimum version of TLS that serviced accepts for mux traffic. See SERVICED_MUX_TLS_MIN_VERSION.

--var Path

This option has been deprecated.

--volumes-path Path

The location of serviced application data. The default path is /opt/serviced/var/volumes unless SERVICED_VOLUMES_PATH is set.

--isvcs-path Path

The location of serviced internal services data. The default path is /opt/serviced/var/isvcs unless SERVICED_ISVCS_PATH is set.

--backups-path Path

The location of serviced backup files. The default path is /opt/serviced/var/backups unless SERVICED_BACKUPS_PATH is set.

--etc-path Path

The location of serviced configuration files. The default path is /opt/serviced/etc unless SERVICED_ETC_PATH is set.

--keyfile Path

The path of a digital certificate key file. See SERVICED_KEY_FILE.

--certfile Path

The path of a digital certificate file. See SERVICED_CERT_FILE.

--zk Host:Port[--zk Host:Port] ...

One or more ZooKeeper endpoints. See SERVICED_ZK.

--mount Option [--mount Option] ...

One or more bind mounts for a container. The syntax for Option is DOCKER_IMAGE,HOST_PATH[,CONTAINER_PATH].

--fstype Driver

The driver to manage application data storage on the serviced master host. The default is devicemapper unless SERVICED_FS_TYPE is set.

--alias Alias [--alias Alias] ...

One or more DNS aliases to associate with a container.

--es-startup-timeout Duration

The number of seconds to wait for Elasticsearch to complete its startup. The default value is 600 seconds (10 minutes).

--max-container-age Duration

The number of seconds serviced waits before removing a stopped container. The default value is 86400 seconds (24 hours), unless SERVICED_MAX_CONTAINER_AGE is set in the configuration file.

--max-dfs-timeout Duration

The number of seconds to wait for a snapshot to complete. The default value is 300 seconds (5 minutes).

--virtual-address-subnet Subnet

The private subnet for containers that use virtual IP addresses on a host. The default value is 10.3.0.0/16, unless SERVICED_VIRTUAL_ADDRESS_SUBNET is set in the configuration file.

--master-pool-id Pool-ID

The name of the resource pool to which the serviced instance configured as master belongs. The default value of Pool-ID is default.

--admin-group Group

The name of the Linux group on the serviced master host whose members are authorized to use the serviced browser interface. The default is wheel unless SERVICED_ADMIN_GROUP is set in the configuration file.

--storage-opts Option [--storage-opts Option] ...

Storage arguments to initialize the filesystem.

--isvcs-start Option [--isvcs-start Option] ...

Enables one or more internal services to run on a delegate host. Currently, only zookeeper has been tested. If SERVICED_ISVCS_START is set in the configuration file, its value is used.

--isvcs-zk-id Identifier

The unique identifier (a positive integer) of a ZooKeeper ensemble node. If SERVICED_ISVCS_ZOOKEEPER_ID is set in the configuration file, its value is used.

--isvcs-zk-quorum Option [--isvcs-zk-quorum Option] ...

The list of nodes in a ZooKeeper ensemble. If SERVICED_ISVCS_ZOOKEEPER_QUORUM is set in the configuration file, its value is used.

--tls-ciphers Option [--tls-ciphers Option] ...

The list TLS ciphers that serviced accepts for HTTP traffic. If SERVICED_TLS_CIPHERS is set in the configuration file, its value is used.

--tls-min-version Version

The minimum version of TLS that serviced accepts for HTTP traffic. Valid values include the default, VersionTLS11, and VersionTLS12. If SERVICED_TLS_MIN_VERSION is set in the configuration file, its value is used.

--report-stats

Enable reporting statistics in a container.

--host-stats Host:Port

The endpoint of the serviced metrics consumer service. The default value of Host is the IP address of the master host, and the default value of Port is 8443. If SERVICED_STATS_PORT is set in the configuration file, its value is used instead of the default endpoint.

--stats-period Duration

The frequency, in seconds, at which delegates gather metrics to send to the serviced metrics consumer service on the master host. The default value of Duration is 10, unless SERVICED_STATS_PERIOD is set in the configuration file.

--mc-username User

The username of the OpenTSDB account that MetricConsumer uses gain access to data stored by serviced.

--mc-password Password

The password of the OpenTSDB account that MetricConsumer uses gain access to data stored by serviced.

--cpuprofile

Instructs a container to write its CPU profile to a file.

--isvcs-env Option [--isvcs-env Option] ...

Startup arguments to pass to internal services. The default value is no arguments, unless SERVICED_ISVCS_ENV_[0-9]+ is set in the configuration file.

--debug-port Port

The port on which serviced listens for HTTP requests for the Go profiler. The default value of Port is 6006, unless SERVICED_DEBUG_PORT is set in the configuration file. To stop listening for requests, set the value to -1.

--max-rpc-clients Count

The preferred maximum number of simultaneous connections a serviced delegate uses for RPC requests. The value is used to create a pool of sockets, which are reused as needed. Increasing the value increases the number of open sockets and the use of socket-related operating system resources.

When the demand for connections exceeds the supply of open sockets, serviced opens more sockets. When demand eases, serviced reduces the number of open sockets to the preferred maximum.

The default value is 3, unless SERVICED_MAX_RPC_CLIENTS is set in the configuration file. For more information, see SERVICED_MAX_RPC_CLIENTS.

--rpc-dial-timeout Duration

The number of seconds serviced waits before giving up on attempts to connect to the RPC endpoint on the master host.

--rpc-cert-verify Value

Determines whether serviced is enabled to perform TLS certificate verification for RPC connections. The default value is false (disabled) unless SERVICED_RPC_CERT_VERIFY is set in the configuration file.

--rpc-disable-tls Value

Determines whether serviced enabled to encrypt RPC traffic with TLS. The default value is false (disabled) unless SERVICED_RPC_DISABLE_TLS is set in the configuration file.

--rpc-tls-ciphers Option [--rpc-tls-ciphers Option] ...

The list of TLS ciphers serviced prefers for RPC connections. If SERVICED_RPC_TLS_CIPHERS is set in the configuration file, its value is used.

--rpc-tls-min-version Version

The minimum version of TLS serviced accepts for RPC connections. Valid values include the default, VersionTLS11, and VersionTLS12. The default value is VersionTLS10 unless SERVICED_RPC_TLS_MIN_VERSION is set in the configuration file.

--snapshot-ttl Duration

The number of hours an application data snapshot is retained before removal. The default value is 12 unless SERVICED_SNAPSHOT_TTL is set in the configuration file.

--snapshot-space-percent Value

The amount of free space in the thin pool, expressed as a percentage the total size. This value is used to determine whether the thin pool can hold a new snapshot. The default value is 20 unless SERVICED_SNAPSHOT_USE_PERCENT is set in the configuration file.

--controller-binary Path

The path to the container controller binary. The default is /opt/serviced/bin/serviced-controller.

--log-driver File

The log driver for all Docker container logs, including containers for Control Center internal services.

--log-config Option[--log-config Option] ...

A list of Docker --log-opt options as key=value pairs.

--ui-poll-frequency Duration

The number of seconds between polls from browser interface clients. The value is included in a JavaScript library that is sent to the clients. The default value is 3 unless SERVICED_UI_POLL_FREQUENCY is set in the configuration file.

--storage-stats-update-interval Duration

The frequency in seconds that the thin pool usage is analyzed. The default value is 300 (five minutes) unless SERVICED_STORAGE_STATS_UPDATE_INTERVAL is set in the configuration file.

--zk-session-timeout Duration

The number of seconds the ZooKeeper leader waits before flushing an inactive connection. The default value is 15 unless SERVICED_ZK_SESSION_TIMEOUT is set in the configuration file.

--auth-token-expiry Value

The expiration time, in seconds, of delegate authentication tokens. The default value is 3600 (one hour) unless SERVICED_AUTH_TOKEN_EXPIRATION is set in the configuration file.

--logtostderr

Write log messages to STDERR instead of the system log.

--alsologtostderr

Write log messages to STDERR as well as the system log.

--logstashurl Host:Port

The endpoint of the logstash service. The default value of Host is the IP address or hostname of the serviced master host and the default value of Port is 5042. If SERVICED_LOG_ADDRESS is set in the configuration file, its value is used instead of the default endpoint.

--logstash-esHost:Port

The endpoint of the logstash Elasticsearch service. The default value of Host is the IP address of the master host, and the default value of Port is 9100. If SERVICED_LOGSTASH_ES is set in the configuration file, its value is used instead of the default endpoint.

--logstash-max-days Duration

The maximum number of days to keep application logs in the logstash database before purging them. The default value of Duration is 14, unless SERVICED_LOGSTASH_MAX_DAYS is set in the configuration file. When this argument and --logstash-max-size are used at the same time, both conditions are evaluated and enforced.

--logstash-max-size Quantity

The maximum size of the logstash database, in gigabytes. When this argument and --logstash-max-days are used at the same time, both conditions are evaluated and enforced. The default value of Quantity is 10, unless SERVICED_LOGSTASH_MAX_SIZE is set in the configuration file.

--logstash-cycle-time Duration

The amount of time between logstash purges, in hours. The default value is 6 unless SERVICED_LOGSTASH_CYCLE_TIME is set in the configuration file.

--v Level

The log level serviced uses when writing to the system log. Valid values are 0 (normal) and 2 (debug). The default value is 0, unless SERVICED_LOG_LEVEL is set in the configuration file.

--stderrthreshold Level

Write log messages at or above Level to STDERR, in addition to the system log. The value of Level may be 0 (INFO), 1 (WARNING), 2 (ERROR), or 3 (FATAL). The default value is 2.

--vmodule

Module-specific logging. For more information, refer to the Google Logging documentation.

--log_backtrace_at File:Line

Emit a stack trace when logging hits the specified line and file.

--config-file Path

The path of the configuration file. The default is /etc/default/serviced.

--allow-loop-back Value

Determines whether loop-back files can be used with the devicemapper storage driver. This option is not supported for production use.

--version

Display minimal version information about the serviced binary. To display additional information, use the serviced version command.

[--help|–h]

Display help information.

COMMANDS

backup

Copy all templates, services, and application data into a compressed tar archive file.

config

Report on the serviced configuration.

debug

Manage debugging.

docker

Docker administration commands.

healthcheck

Report on the health of serviced.

[help|h]

Display a global or command-specific help message.

host

Administer hosts.

key

Display the host's public key.

log

Administer logs.

metric

Administer metrics.

pool

Administer resource pool data.

restore

Reconstruct templates, services, and application data from a compressed tar archive file created with serviced backup.

script

Verify or perform the commands in a script file.

service

Administer services.

snapshot

Administer snapshots.

template

Administer templates.

version

Display serviced version information.

volume

Administer volume data.

INVOCATION

Service (daemon) control commands include start, stop and reload. The reload command sends SIGHUP to the daemon, which restarts all internal services except ZooKeeper.

systemctl [start|stop|reload] serviced

MISCELLANEOUS

Sending SIGUSR1 to the serviced process toggles the log level between 0 and 2.

To attach to a container running on a remote host, log in to the container from the serviced master host. If you are running a Linux shell on a delegate host, you can specify the --endpoint option in the serviced invocation.

serviced relies on Docker, and some administration procedures include docker commands. However, commands that manipulate containers directly, such as docker pause, should not be used when serviced is running.

During installation, serviced creates the internal services directory on the master host, so serviced commands must be run as root or as a user with superuser privileges. After the master host is added as a delegate, serviced commands use the delegate host authorization keys, so root is no longer required.

ENVIRONMENT

SERVICED_HOME

The install path of serviced. The default value is /opt/serviced.

FILES

/etc/default/serviced