It would be great if we:

1. Had some happy day cases using the heroku-go client. Maybe we can do something with JSON schema to verify that responses are heroku api compatible.
2. Maybe even some integration tests that shell out to the hk command to verify things work (probably only a handful of these).
3. Possibly some tests that boot up a vagrant cluster and deploys acme-inc and tests that it's running. That might be difficult to run in CI though, so dunno if it's worth it.

This is not empire logging, but centralized logging for apps running in the minion cluster. We'll want a way to pipe these logs to other systems like sumologic and librato.

-- Logs begin at Fri 2015-03-06 02:02:25 UTC. --
Mar 06 02:30:04 c1 systemd[1]: r101-bablefish.1.web.1.service: control process exited, code=exited status=1
Mar 06 02:30:04 c1 systemd[1]: Unit r101-bablefish.1.web.1.service entered failed state.
Mar 06 02:30:04 c1 systemd[1]: r101-bablefish.1.web.1.service failed.
Mar 06 02:30:04 c1 systemd[1]: r101-bablefish.1.web.1.service holdoff time over, scheduling restart.
Mar 06 02:30:04 c1 systemd[1]: Stopping r101-bablefish.1.web.1...
Mar 06 02:30:04 c1 systemd[1]: Starting r101-bablefish.1.web.1...
Mar 06 02:30:04 c1 systemd[1]: start request repeated too quickly for r101-bablefish.1.web.1.service
Mar 06 02:30:04 c1 systemd[1]: Failed to start r101-bablefish.1.web.1.
Mar 06 02:30:04 c1 systemd[1]: Unit r101-bablefish.1.web.1.service entered failed state.
Mar 06 02:30:04 c1 systemd[1]: r101-bablefish.1.web.1.service failed.

Haven't seen this one before:

start request repeated too quickly for r101-bablefish.1.web.1.service

The Heroku compatible API should just be a consumer of the empire package, with owns own App, Release, Dyno etc representations of things.

Right now, we handle this with Shipr, but I think there would be a lot of value to having built in handling for github deployment events.

An integration might look something like this:

1. Creating an app also adds a webhook to the github repo for deployment events, pointed at https://empire.remind.com/deploys/github.
2. The /deploys/github endpoint would basically look the same as this where we:
   1. Resolve the git sha to an image id using the docker registry api.
   2. Trigger a Deploy using the DeploysService.

The primary advantage that Shipr provides right now is an abstraction around deployment, log storage from the build, and slack integration for deployment_status events. The deployment_status events could be split out of Shipr (and probably should be) into it's own project, and log storage is not an issue since there's no build output when deploying to empire.

We should probably re-organize the root directory into a structure like this:

├── cluster
├── empire
│   ├── cmd
│   │   └── empire
│   ├── Dockerfile
│   └── README.md
├── etcd_peers
│   ├── Dockerfile
│   └── README.md
├── tests
├── README.md
└── Vagrantfile

At the very least, it'll make coming into the project a little less daunting.

It'd be nice to have a top level makefile that builds everything you need, using locally cached files, etc.

Omnigraffle FTW

Once fsouza/go-dockerclient#228 is merged, we can include a global .dockercfg in our empire and minion hosts, and update empire to read from this file.

Scaling a process could just look at the jobs table, copy the Job and change the Instance, then submit.

https://github.com/remind101/empire/blob/master/manager.go#L142

Rather than having an extra script (awscli) do this, it'd be better if you could do this with a post-processor.

This is related to GH-14

If there is a local file (say empire_base.tar.gz) it should see if that is older than what is in S3 via the Modified-Since header. If it is, then pull down the latest.

Doesn't do anything, but the hk client prints:

$ emp scale worker=1 -a acme-inc
Scaled acme-inc to worker=1:1X.

When deploying a new release of a web app, we need to drain connections going to the old containers before killing them.

https://github.com/remind101/empire/blob/master/manager.go#L194-L234

Right now we use shell scripts, but that's limited and not awesome. Should move to something like salt or puppet.

Clearly a UTC to PST issue:

ben@Bens-MacBook-Air:empire (master)
$ hk scale web=3 -a acme-inc
Scaled acme-inc to web=3:1X.
ben@Bens-MacBook-Air:empire (master)
$ hk dynos -a acme-inc
acme-inc.2.web.1    active    8h  "./bin/web"
acme-inc.2.web.2    unknown   8h  "./bin/web"
acme-inc.2.web.3    unknown   8h  "./bin/web"
ben@Bens-MacBook-Air:empire (master)
$ hk dynos -a acme-inc
acme-inc.2.web.1    active   8h  "./bin/web"
acme-inc.2.web.2    active   8h  "./bin/web"
acme-inc.2.web.3    active   8h  "./bin/web"

Not sure how this happened, but I still have an old release running after 1 minute:

empire $ empire dynos -a acme-inc
acme-inc.2.web.1    active   5m  "./bin/acme-inc -port=$PORT"
acme-inc.3.web.1    active   4m  "./bin/acme-inc -port=$PORT"

Also need to make the /deploys endpoint async, since pulling the slug can take some time. Clients can poll a Deployment for it's status.

It should be possible for minion to just use the empire packages now instead of reading directly from consul.

It looks like the new release is created with a default formation instead of the previous release's formation. Also, the old releases jobs aren't cleaned up afaik.

Would be nice to add a postgres.service to cluster/user-data and automatically migrate the database.

Just something to think about. We'll probably eventually need something to GC old unused containers.

Because we do some stuff in base (install consul, docker, etc) we need to make sure that the empire_controller AWS image builds off of it. This is a little more difficult because there's no artifact to push up into S3 for the build to work with.

Another option is to have the empire_controller boxes run the base setup script as well, ensuring that things are installed.

Would be nice to be able to:

$ hk deploy ejholmes/acme-inc:ec238137...2671c0f9a02

Need this for things like migrations.

This is to cut down on startup times of docker images on empire.

We need to be able to determine when a backend is failing and not send traffic to that backend.

See GH-120

Right now we hardcode 'role=empire_minion' on all jobs in Empire, but it'd be good if:

a. we could change that (with the flag, like @ejholmes mentions)
b. we could pass along more metadata, for better control over where things get scheduled.

Ubuntu has some 'known issues' with their docker images (maybe these have been resolved, I haven't dug into it) so most folks use phusion's baseimage. That's the base of our remind101/base image. It'd be good if the router docker image was based off of this as well.

See https://github.com/phusion/baseimage-docker for info on how to launch a daemon, etc.

You can look at any of the other of our images in github.com/remind101/docker_images for examples of using it.

Steps to repro:

1. Create app acme-inc
2. Deploy quay.io/ejholmes/acme-inc

Because the deploy won't find an app with a matching repo, it will try to create acme-inc but will fail with:

Error: pq: duplicate key value violates unique constraint "apps_pkey"

We should save a created_at if we aren't already and return it in the api

package container would be something that could potentially be used by other systems that want to schedule containers onto a cluster. The basic abstraction might look like:

type Image struct {
    Repo string
    ID   string
}

type Limits struct {
    // If provided, represents the maximum amount of bytes to allow the
    // container to use.
    Memory *int
}

type Container struct {
    // The name of the container
    Name string

    // Environment variables to set in the container
    Environment map[string]string

    // The command to run.
    Command string

    // The image to create the container from.
    Image Image

    // Any limits that this container should have.
    Limits Limits

    // Constraints represents constraints about what machine this container
    // is scheduled onto. The semantics of the keys and values depends on
    // the scheduler implementation.
    Constraints map[string]string
}

// ContainerState represents the state of a container in a cluster.
type ContainerState struct {
    *Container

    // The state of the container. "running", "failed", etc.
    State

    // The machine that the container is schedule on.
    Machine string
}

type Scheduler interface {
    // Schedule schedules containers onto the cluster.
    Schedule(...*Container) error

    // Unschedule unschedules containers from the cluster.
    Unschedule(...string) error

    // SetState sets the desired state of a container.
    SetState(string) error

    // ContainerStates returns the state of the containers in the cluster.
    ContainerStates() ([]*ContainerState, error)

    // ContainerState returns a ContainerState for the given container.
    ContainerState(string) (*ContainerState, error)

    // Restart restarts a container.
    Restart(string) error
}

And the goal would be to support fleet and swarm, and hopefully be generic enough to support both docker and rocket.

We'll want to protect empire's data from unwanted read/write access eventually, meaning etcd might not be the right choice. However, ACL is on the roadmap, so it might work out.

Our etcd persistence code should stay pretty lightweight and be swappable if possible.

I'm thinking it will be more convenient to reference the app id (assuming app Id will be a name and not a uuid, rename apps.ID to apps.Name?) when we deploy.

// Current
POST /apps { "repo":"remind101/r101-api" }
POST /deploys { "image":{ "id":"0123456789abcdef0123456789abcdef", "repo":"remind101/r101-api" } }

// Proposed
POST /apps { "id":"api", "repo":"remind101/r101-api" }
POST /deploys/api { "image":{ "id":"0123456789abcdef0123456789abcdef" } }