<div align="center"> <img width="75" src="https://media.giphy.com/media/ekFkyOSUtzvn8nHYEl/giphy.gif"/> <br> </div>

Roo

TL;DR

Roo is the opposite of Kubernetes. It's designed for sub-1 minute cluster setup times.

This basically lets you run your own encrypted and load balanced Amazon AWS clusters on your own hardware, and is a 5-minute replacement for Kubernetes, with no configuration (no additional setup for clustered kv stores, no janky config files, no defining providers, no dodgy second hand helm charts, no ssl setup, no manual ssl certification, no single point failures etc). You can setup a cluster, and publish a new domain in around 30 seconds (once you get the one time, 5 minute setup out of the way).

All you need to do is add a few lines to a docker-compose file and Roo does the rest see a full configuration example:

      OriginHosts: example.com,www.example.com
      OriginScheme: https
      OriginPort: 443
      DestinationHost: test_test
      DestinationScheme: http
      DestinationPort: 80

See a 5 minute line-by-line run-through example setup (includes setting up physical infrastructure, virtual docker swarm infrastructure, and roo cluster that runs on top of the swarm, that handles requests and passes it to your underlying clustered services)

Introduction

This aims to be a free replacement of Amazon's ECS (Elastic Compute Service), EKS (Kubernetes), CertificateManager, Load-Balancer and CloudWatch using your own Docker Swarm. It IS a complete replacement for nginx, traefik, haproxy, and a lot of kubernetes. The idea is to give developers back the power and take it back from ridiculous self-complicating dev-ops tools that get more complicated and less useful (for example Traefik 2 just removed support for clustered Letsencrypt from their open source version to spruik their enterprise version. Nginx and HAProxy do the same). I wasted a lot of time on their software before writing this. I truly hope it benefits others too.

If you are unfamiliar with swarm/kubernetes and are a developer and want a quick intro into how powerful and easy swarm can be, see how you can setup a thousand-machine cluster in just 20 lines (just copy + paste from there) or check out my command notes. In a day I was scaling clusters up and down on my own infrastructure with single commands.

The power Roo gives you is to add HTTPS://example1.com and HTTPS://example2.com to your clustered services with zero configuration. Let's encrypt allocates your service's certificates. It works across every machine, docker node, service, in your cluster.

Roo itself is clustered. Every machine it runs on shares the load to your services. It's distributed store shares certificates from Letsencrypt used across all your nodes. Now apple is denying certificates older than a year, I feel as a dev, that lets encrypt is almost mandatory as it creates a lot of admin.

Getting Started (on docker)

• Want to just run it?

docker run sfproductlabs/roo:latest

• Want to compile and run?

git mod download
make
# update the config if you need
sudo rood ./config.json

• Run a cluster on docker swarm (trivial example)

docker swarm init
docker network create -d overlay --attachable forenet --subnet 192.168.9.0/24
#the following label notifies that we should put a single instnce of roo on machines/swarm-nodes with the label "load_balancer"
docker node ls -q | xargs docker node update --label-add load_balancer=true
docker stack deploy -c roo-docker-compose.yml --resolve-image never roo

• Lets examine whats going on in docker swarm

# Diagnostic Functions:
docker stack ls
docker stack services roo
docker service inspect roo_roo
docker stats --no-stream
docker node ls
docker node inspect --pretty <NODE_NAME> 
# or for a single machine cluster
docker node ls -q | xargs docker node inspect --pretty
docker service ps roo_roo
docker service logs roo_roo -f
echo "docker service rm roo_roo # WARNING WILL REMOVE CLUSTER"
echo "docker stack rm roo # WARNING WILL REMOVE CLUSTER"

Cluster API Endpoints

• Write a record to the KV Store - PUT http://localhost:6299/roo/v1/kvs/hop Ex. curl -X POST -i http://localhost:6299/roo/v1/kv/hop --data 'scotch'
• Get a record from the KV Store - GET http://localhost:6299/roo/v1/kv/hopscotch
• Search/Scan the KV Store - GET http://localhost:6299/roo/v1/kvs/hop
• Get the Server Status - GET http://localhost:6299/roo/v1/status
• Clear the Cluster/Servers - POST http://localhost:6299/roo/v1/rescue
• Swarm Update - POST http://localhost:6299/roo/v1/swarm
• Ping - GET http://localhost:6299/roo/v1/ping
• Join a machine to the swarm - POST http://localhost:6299/roo/v1/join
• Remove a machine from the swarm - POST http://localhost:6299/roo/v1/remove
• Debug Cmdline - GET http://localhost:6299/debug/pprof/heap
• Debug Profile - GET http://localhost:6299/debug/pprof/profile
• Debug Symbols - GET http://localhost:6299/debug/pprof/symbol
• Debug Trace - GET http://localhost:6299/debug/pprof/trace
• Debug Indices - GET http://localhost:6299/debug/pprof/1
• Delete a permission - DELETE http://localhost:6299/roo/v1/perm/user
• Add a permission - PUT http://localhost:6299/roo/v1/perm
• Check a permission - POST http://localhost:6299/roo/v1/perm

Getting Started With a Real Example (complete run-through example on Hetzner Cloud)

Setup the physical nodes

This will set you up with a cluster on Hetzner Cloud (change the first 20 lines to suit your own cloud provider). I use this on my own production servers. I don't love Hetzner - the service isn't as good as I'd like - but it is improving and is CHEAP (~$3 per server).

# mac
brew install hcloud 
brew install jq
#debian/ubuntu
#sudo apt install hcloud-cli jq
#create a project in hetzner called test (https://console.hetzner.cloud/projects)
#create a api key in the project you setup on hetzner
#hcloud context create test #connect the api key to the project
#test the connection
hcloud server-type list 
#start with an empty project (check this is empty)
hcloud server list 
hcloud ssh-key create --name andy --public-key-from-file ~/.ssh/id_rsa.pub  
hcloud network create --ip-range=10.1.0.0/16 --name=aftnet
hcloud network add-subnet --ip-range=10.1.0.0/16 --type=server --network-zone=eu-central aftnet
#If you want a lot more machines see the horizontal web scraper project commands (https://github.com/sfproductlabs/scrp)
#for n in {1..30}; do (hcloud server create --name docker$RANDOM$RANDOM$RANDOM$RANDOM --type cx11 --image debian-9 --datacenter nbg1-dc3 --network aftnet --ssh-key andy 2>&1 >/dev/null &) ; done
#watch -n 5 "echo "Press Ctrl-c to exit when your server count meets the desired amount. You will need to copy and paste just the following instructions to proceed." && hcloud server list | grep 'running' | awk 'END {print NR}'"
hcloud server create --name docker1 --type cx11 --image debian-9 --datacenter nbg1-dc3 --network aftnet --ssh-key andy 
hcloud server create --name docker2 --type cx11 --image debian-9 --datacenter nbg1-dc3 --network aftnet --ssh-key andy 
hcloud server create --name docker3 --type cx11 --image debian-9 --datacenter nbg1-dc3 --network aftnet --ssh-key andy 
rm *.txt
hcloud server list -o columns=name -o noheader > worker-names.txt
hcloud server list -o columns=ipv4 -o noheader > worker-ips.txt
cat worker-names.txt | xargs -I {} hcloud server describe -o json {} | jq -r '.private_net[0].ip' >> worker-vips.txt
hcloud server create --name manager1 --type cx11 --image debian-9 --datacenter nbg1-dc3 --network aftnet --ssh-key andy
hcloud server describe -o json manager1 | jq -r '.private_net[0].ip' > manager-vip.txt
scp -o StrictHostKeyChecking=no *.txt root@$(hcloud server list -o columns=ipv4,name -o noheader | grep manager1 | awk '{print $1}'):~/
scp -o StrictHostKeyChecking=no ansible/* root@$(hcloud server list -o columns=ipv4,name -o noheader | grep manager1 | awk '{print $1}'):~/
scp -o StrictHostKeyChecking=no *-docker-compose.yml root@$(hcloud server list -o columns=ipv4,name -o noheader | grep manager1 | awk '{print $1}'):~/

If it stuffs up run DANGEROUS it will delete all your servers for the project:

hcloud server list -o columns=name -o noheader | xargs -P 8 -I {} hcloud server delete {}

Setup the docker swarm

Get on the manager1 node:

#only required on a mac
eval `ssh-agent` && ssh-add ~/.ssh/id_rsa 
#now login to manager1
ssh -l root -A $(hcloud server list -o columns=ipv4,name -o noheader | grep manager1 | awk '{print $1}')

Then run:

apt-get update && \
apt-get upgrade -y && \
apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y && \
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add - && \
apt-key fingerprint 0EBFCD88 && \
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" && \
apt-get update && \
apt-get install docker-ce docker-ce-cli containerd.io ansible -y && \
docker swarm init --advertise-addr=ens10 && \
docker swarm join-token worker | xargs | sed -r 's/^.*(docker.*).*$/\1/' > join.sh && \
chmod +x join.sh && \
printf "\n[defaults]\nhost_key_checking = False\n" >> /etc/ansible/ansible.cfg && \
printf "\n[managers]\n" >> /etc/ansible/hosts && \
cat manager-vip.txt >> /etc/ansible/hosts && \
printf "\n[dockers]\n" >> /etc/ansible/hosts && \
cat manager-vip.txt >> /etc/ansible/hosts && \
cat worker-vips.txt >> /etc/ansible/hosts && \
printf "\n[workers]\n" >> /etc/ansible/hosts && \
cat worker-vips.txt >>