diff --git a/charts/promenade/templates/deployment-api.yaml b/charts/promenade/templates/deployment-api.yaml index 63b1a149..c3769c9c 100644 --- a/charts/promenade/templates/deployment-api.yaml +++ b/charts/promenade/templates/deployment-api.yaml @@ -17,6 +17,8 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} {{- $labels := tuple $envAll "promenade" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" -}} +{{- $mounts_init_container := .Values.pod.mounts.promenade_api.init_container }} +{{- $mounts_promenade_api := .Values.pod.mounts.promenade_api.promenade_api }} --- apiVersion: apps/v1 kind: Deployment @@ -47,6 +49,29 @@ spec: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} serviceAccountName: promenade terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }} + initContainers: + - name: promenade-util + command: +{{- if and $mounts_init_container.volumeMounts $mounts_promenade_api.volumeMounts }} + - "cp" + {{- range $mounts_init_container.volumeMounts }} + {{- if eq "hyperkube" (index . "name") }} + - {{ index . "mountPath" | quote }} + {{- end }} + {{- end }} + {{- range $mounts_promenade_api.volumeMounts }} + {{- if eq "cache" (index . "name") }} + - {{ index . "mountPath" | quote }} + {{- end }} + {{- end }} +{{- else }} + - "true" +{{- end }} + image: {{ .Values.images.tags.monitoring_image }} + imagePullPolicy: IfNotPresent + volumeMounts: +{{ if $mounts_init_container.volumeMounts }}{{ toYaml $mounts_init_container.volumeMounts | indent 8 }}{{ end }} +{{ if $mounts_promenade_api.volumeMounts }}{{ toYaml $mounts_promenade_api.volumeMounts | indent 8 }}{{ end }} containers: - name: promenade-api image: {{ .Values.images.tags.promenade }} @@ -92,16 +117,15 @@ spec: mountPath: /etc/promenade/promenade.conf subPath: promenade.conf readOnly: true - - name: cache - mountPath: /tmp/cache - name: promenade-etc mountPath: /etc/promenade/policy.yaml subPath: policy.yaml +{{ if $mounts_promenade_api.volumeMounts }}{{ toYaml $mounts_promenade_api.volumeMounts | indent 12 }}{{ end }} volumes: - name: promenade-etc configMap: name: promenade-etc defaultMode: 0444 - - name: cache - emptyDir: {} +{{ if $mounts_init_container.volumes }}{{ toYaml $mounts_init_container.volumes | indent 8 }}{{ end }} +{{ if $mounts_promenade_api.volumes }}{{ toYaml $mounts_promenade_api.volumes | indent 8 }}{{ end }} {{- end }} diff --git a/charts/promenade/templates/tests/test-promenade-api.yaml b/charts/promenade/templates/tests/test-promenade-api.yaml index 822113a3..70780f99 100644 --- a/charts/promenade/templates/tests/test-promenade-api.yaml +++ b/charts/promenade/templates/tests/test-promenade-api.yaml @@ -17,7 +17,7 @@ Test that the API is up and the health endpoint returns a 2XX code */}} {{- if .Values.manifests.test_promenade_api }} {{- $envAll := . }} -{{- $mounts_promenade_api_init := .Values.pod.mounts.promenade_api.init_container }} +{{- $mounts_promenade_api_test := .Values.pod.mounts.promenade_api.test_container }} --- apiVersion: v1 kind: Pod @@ -31,7 +31,7 @@ metadata: spec: restartPolicy: Never initContainers: -{{ tuple $envAll "test" $mounts_promenade_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "test" $mounts_promenade_api_test | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: "{{ .Release.Name }}-api-test" env: diff --git a/charts/promenade/values.yaml b/charts/promenade/values.yaml index 8cf2080d..5a1d8682 100644 --- a/charts/promenade/values.yaml +++ b/charts/promenade/values.yaml @@ -43,6 +43,7 @@ conf: images: tags: + monitoring_image: busybox:1.28.3 promenade: quay.io/airshipit/promenade:latest ks_user: docker.io/openstackhelm/heat:newton ks_service: docker.io/openstackhelm/heat:newton @@ -173,8 +174,23 @@ pod: default: kubernetes.io/hostname mounts: promenade_api: - init_container: null + test_container: null + init_container: + volumeMounts: + - name: hyperkube + mountPath: /hyperkube + volumes: + - name: hyperkube + hostPath: + path: /opt/kubernetes/bin/hyperkube + type: File promenade_api: + volumeMounts: + - name: cache + mountPath: /tmp/cache + volumes: + - name: cache + emptyDir: {} env: promenade_api: # - name: http_proxy diff --git a/examples/basic/HostSystem.yaml b/examples/basic/HostSystem.yaml index eadb0d7b..d24afa6f 100644 --- a/examples/basic/HostSystem.yaml +++ b/examples/basic/HostSystem.yaml @@ -12,9 +12,15 @@ data: kube-cgroup: enable: true files: + - path: /opt/kubernetes/bin/hyperkube + docker_image: gcr.io/google_containers/hyperkube-amd64:v1.11.6 + file_path: /hyperkube + mode: 0555 - path: /opt/kubernetes/bin/kubelet - tar_url: https://dl.k8s.io/v1.11.6/kubernetes-node-linux-amd64.tar.gz - tar_path: kubernetes/node/bin/kubelet + symlink: /opt/kubernetes/bin/hyperkube + mode: 0555 + - path: /usr/local/bin/kubectl + symlink: /opt/kubernetes/bin/hyperkube mode: 0555 - path: /etc/systemd/system/kube-cgroup.service content: | @@ -64,12 +70,15 @@ data: su root root rotate 1 } + - path: /etc/profile.d/kubeconfig.sh + mode: 0744 + content: |- + export KUBECONFIG=/etc/kubernetes/admin/kubeconfig.yaml images: + monitoring_image: &busybox busybox:1.28.3 haproxy: haproxy:1.8.3 helm: helm: lachlanevenson/k8s-helm:v2.14.0 - kubernetes: - kubectl: gcr.io/google_containers/hyperkube-amd64:v1.11.6 packages: repositories: - deb http://apt.dockerproject.org/repo ubuntu-xenial main @@ -112,5 +121,5 @@ data: socat: socat validation: pod_logs: - image: busybox:1.28.3 + image: *busybox ... diff --git a/examples/complete/HostSystem.yaml b/examples/complete/HostSystem.yaml index 77e089d5..4ab6f9cc 100644 --- a/examples/complete/HostSystem.yaml +++ b/examples/complete/HostSystem.yaml @@ -9,9 +9,15 @@ metadata: storagePolicy: cleartext data: files: + - path: /opt/kubernetes/bin/hyperkube + docker_image: gcr.io/google_containers/hyperkube-amd64:v1.11.6 + file_path: /hyperkube + mode: 0555 - path: /opt/kubernetes/bin/kubelet - tar_url: https://dl.k8s.io/v1.11.6/kubernetes-node-linux-amd64.tar.gz - tar_path: kubernetes/node/bin/kubelet + symlink: /opt/kubernetes/bin/hyperkube + mode: 0555 + - path: /usr/local/bin/kubectl + symlink: /opt/kubernetes/bin/hyperkube mode: 0555 - path: /etc/logrotate.d/json-logrotate mode: 0444 @@ -30,12 +36,15 @@ data: su root root rotate 1 } + - path: /etc/profile.d/kubeconfig.sh + mode: 0744 + content: |- + export KUBECONFIG=/etc/kubernetes/admin/kubeconfig.yaml images: + monitoring_image: busybox:1.28.3 haproxy: haproxy:1.8.3 helm: helm: lachlanevenson/k8s-helm:v2.14.0 - kubernetes: - kubectl: gcr.io/google_containers/hyperkube-amd64:v1.11.6 packages: repositories: - deb http://apt.dockerproject.org/repo ubuntu-xenial main diff --git a/promenade/builder.py b/promenade/builder.py index ff5cd6c2..51b1b322 100644 --- a/promenade/builder.py +++ b/promenade/builder.py @@ -18,10 +18,11 @@ LOG = logging.getLogger(__name__) # B108:hardcoded_tmp_directory # This cache needs to be shared by all forks within the same container, and so # must be at a well-known location. +TMP_CACHE = '/tmp/cache' # nosec CACHE_OPTS = { 'cache.type': 'file', - 'cache.data_dir': '/tmp/cache/data', # nosec - 'cache.lock_dir': '/tmp/cache/lock', # nosec + 'cache.data_dir': TMP_CACHE + '/data', # nosec + 'cache.lock_dir': TMP_CACHE + '/lock', # nosec } CACHE = CacheManager(**parse_cache_config_options(CACHE_OPTS)) @@ -43,8 +44,16 @@ class Builder: self._file_cache = {} for file_spec in self._file_specs: path = file_spec['path'] + islink = False if 'content' in file_spec: data = file_spec['content'] + elif 'docker_image' in file_spec: + data = _fetch_image_content(self.config.container_info, + file_spec['docker_image'], + file_spec['file_path']) + elif 'symlink' in file_spec: + data = file_spec['symlink'] + islink = True elif 'tar_url' in file_spec: data = _fetch_tar_content(file_spec['tar_url'], file_spec['tar_path']) @@ -52,6 +61,7 @@ class Builder: 'path': path, 'data': data, 'mode': file_spec['mode'], + 'islink': islink, } @property @@ -61,6 +71,7 @@ class Builder: self.config.get_path('Genesis:files', [])) def build_all(self, *, output_dir): + self.config.get_container_info() self.build_genesis(output_dir=output_dir) for node_document in self.config.iterate( schema='promenade/KubernetesNode/v1'): @@ -163,6 +174,33 @@ def _encrypt(cfg_dict, data): decrypt_teardown_command) +# The following environment variables should be used +# export DOCKER_HOST="unix://var/run/docker.sock" +# export PROMENADE_TMP="tmp_dir_on_host" +# export PROMENADE_TMP_LOCAL="tmp_dir_inside_container" +# PROMENADE_TMP is the full path to temp dir from host +# inside promenade container it should be bind to PROMENADE_TMP_LOCAL +@CACHE.cache('fetch_image', expire=72 * 3600) +def _fetch_image_content(config, image_url, file_path): + file_name = os.path.basename(file_path) + if config is None: + result_path = os.path.join(TMP_CACHE, file_name) + if not os.path.isfile(result_path): + raise Exception( + 'ERROR: there is no container info and no file in cache') + else: + result_path = os.path.join(config['dir_local'], file_name) + client = config['client'] + vol = {config['dir']: {'bind': config['dir_local'], 'mode': 'rw'}} + cmd = 'cp -v {} {}'.format(file_path, config['dir_local']) + image = client.images.pull(image_url) + output = client.containers.run( + image, command=cmd, auto_remove=True, volumes=vol) + LOG.debug(output) + f = open(result_path, 'rb') + return f.read() + + @CACHE.cache('fetch_tarball_content', expire=72 * 3600) def _fetch_tar_content(url, path): content = _fetch_tar_url(url) diff --git a/promenade/config.py b/promenade/config.py index 6a0da17b..7f2b1d6e 100644 --- a/promenade/config.py +++ b/promenade/config.py @@ -1,7 +1,9 @@ from . import exceptions, logging, validation from . import design_ref as dr +import docker import jinja2 import jsonpath_ng +import os import yaml from deckhand.engine import layering @@ -37,6 +39,7 @@ class Configuration: raise exceptions.DeckhandException(str(e)) LOG.info("Deckhand engine returned %d documents." % len(documents)) + self.container_info = None self.debug = debug self.documents = documents self.leave_kubectl = leave_kubectl @@ -113,6 +116,28 @@ class Configuration: for doc in self.iterate(*args, **kwargs): return doc + def get_container_info(self): + LOG.debug( + 'Getting access to Docker via socket and getting mount points') + client = docker.from_env() + try: + client.ping() + except: + return + tmp_dir = os.getenv('PROMENADE_TMP') + if tmp_dir is None: + raise Exception('ERROR: undefined PROMENADE_TMP') + tmp_dir_local = os.getenv('PROMENADE_TMP_LOCAL') + if tmp_dir_local is None: + raise Exception('ERROR: undefined PROMENADE_TMP_LOCAL') + if not os.path.exists(tmp_dir_local): + raise Exception('ERROR: {} not found'.format(tmp_dir_local)) + self.container_info = { + 'client': client, + 'dir': tmp_dir, + 'dir_local': tmp_dir_local, + } + def extract_genesis_config(self): LOG.debug('Extracting genesis config.') documents = [] diff --git a/promenade/schemas/HostSystem.yaml b/promenade/schemas/HostSystem.yaml index 1a32f809..9db9cc94 100644 --- a/promenade/schemas/HostSystem.yaml +++ b/promenade/schemas/HostSystem.yaml @@ -39,6 +39,12 @@ data: $ref: '#/definitions/url' tar_path: $ref: '#/definitions/rel_path' + docker_image: + $ref: '#/definitions/url' + file_path: + $ref: '#/definitions/abs_path' + symlink: + $ref: '#/definitions/abs_path' required: - mode - path @@ -46,12 +52,21 @@ data: - type: object required: - content + - type: object + required: + - symlink - type: object allOf: - type: object required: - tar_url - tar_path + - type: object + allOf: + - type: object + required: + - docker_image + - file_path additionalProperties: false image: @@ -99,18 +114,12 @@ data: required: - helm additionalProperties: false - kubernetes: - type: object - properties: - kubectl: - $ref: '#/definitions/image' - required: - - kubectl - additionalProperties: false + monitoring_image: + $ref: '#/definitions/image' required: - haproxy - helm - - kubernetes + - monitoring_image additionalProperties: false packages: diff --git a/promenade/tar_bundler.py b/promenade/tar_bundler.py index ba0daea2..40848884 100644 --- a/promenade/tar_bundler.py +++ b/promenade/tar_bundler.py @@ -15,7 +15,7 @@ class TarBundler: self._tar_blob = io.BytesIO() self._tf = tarfile.open(fileobj=self._tar_blob, mode='w|gz') - def add(self, *, path, data, mode): + def add(self, *, path, data, mode, islink=False): if path.startswith('/'): path = path[1:] @@ -37,7 +37,12 @@ class TarBundler: else: LOG.warning('Zero length file added to path=%s', path) - self._tf.addfile(tar_info, io.BytesIO(data_bytes)) + if islink: + tar_info.type = tarfile.SYMTYPE + tar_info.linkname = data + self._tf.addfile(tar_info) + else: + self._tf.addfile(tar_info, io.BytesIO(data_bytes)) def as_blob(self): self._tf.close() diff --git a/promenade/templates/roles/common/usr/local/bin/kubectl b/promenade/templates/roles/common/usr/local/bin/kubectl deleted file mode 100755 index c6404b8c..00000000 --- a/promenade/templates/roles/common/usr/local/bin/kubectl +++ /dev/null @@ -1,38 +0,0 @@ -#!/usr/bin/env bash - -set -e -set -o pipefail - -ADDITIONAL_DOCKER_ARGS= -TRANSLATE_CR=1 - -for item in "$@"; do - if [[ $item =~ ^-[^-].*t.* ]]; then - ADDITIONAL_DOCKER_ARGS="$ADDITIONAL_DOCKER_ARGS -t" - TRANSLATE_CR=0 - break - elif [[ $item == "--" ]]; then - break - fi -done - -if [[ $TRANSLATE_CR == 1 ]]; then - docker run --rm -i \ - $ADDITIONAL_DOCKER_ARGS \ - --net host \ - -v /etc/kubernetes/admin:/etc/kubernetes/admin \ - -e KUBECONFIG=/etc/kubernetes/admin/kubeconfig.yaml \ - {{ config['HostSystem:images.kubernetes.kubectl'] }} \ - /kubectl \ - "$@" \ - | sed "s/\r//" -else - exec docker run --rm -i \ - $ADDITIONAL_DOCKER_ARGS \ - --net host \ - -v /etc/kubernetes/admin:/etc/kubernetes/admin \ - -e KUBECONFIG=/etc/kubernetes/admin/kubeconfig.yaml \ - {{ config['HostSystem:images.kubernetes.kubectl'] }} \ - /kubectl \ - "$@" -fi diff --git a/promenade/templates/roles/genesis/etc/kubernetes/manifests/bootstrap-armada.yaml b/promenade/templates/roles/genesis/etc/kubernetes/manifests/bootstrap-armada.yaml index db37c022..12d90cb3 100644 --- a/promenade/templates/roles/genesis/etc/kubernetes/manifests/bootstrap-armada.yaml +++ b/promenade/templates/roles/genesis/etc/kubernetes/manifests/bootstrap-armada.yaml @@ -98,7 +98,7 @@ spec: - name: log mountPath: /tmp/log - name: monitor - image: {{ config['HostSystem:images.kubernetes.kubectl'] }} + image: {{ config['HostSystem:images.monitoring_image'] }} command: - /bin/sh - -c diff --git a/requirements-direct.txt b/requirements-direct.txt index 70181464..f984d653 100644 --- a/requirements-direct.txt +++ b/requirements-direct.txt @@ -1,5 +1,6 @@ beaker==1.9.1 click==6.7 +docker==3.7.2 falcon==1.2.0 jinja2==2.9.6 jsonpath-ng==1.4.3 diff --git a/requirements-frozen.txt b/requirements-frozen.txt index 53205434..2210b55b 100644 --- a/requirements-frozen.txt +++ b/requirements-frozen.txt @@ -1,32 +1,34 @@ alembic==1.0.1 -amqp==2.3.2 +amqp==2.4.2 asn1crypto==0.24.0 -attrs==18.2.0 +attrs==19.1.0 Babel==2.6.0 Beaker==1.9.1 -cachetools==3.0.0 -certifi==2018.10.15 -cffi==1.11.5 +cachetools==3.1.0 +certifi==2019.3.9 +cffi==1.12.3 chardet==3.0.4 click==6.7 -cliff==2.14.0 -cmd2==0.9.6 -colorama==0.4.0 +cliff==2.14.1 +cmd2==0.9.12 +colorama==0.4.1 cryptography==2.3.1 -debtcollector==1.20.0 +debtcollector==1.21.0 git+https://git.openstack.org/openstack/airship-deckhand@a76ffb66ae809c19281a6cf5c9414ed197d249b7 -decorator==4.3.0 +decorator==4.4.0 deepdiff==3.3.0 -dnspython==1.15.0 -dogpile.cache==0.6.7 +dnspython==1.16.0 +docker==3.7.2 +docker-pycreds==0.4.0 +dogpile.cache==0.7.1 eventlet==0.24.1 extras==1.0.0 falcon==1.2.0 -fasteners==0.14.1 +fasteners==0.15 fixtures==3.0.0 flake8==2.6.2 -futurist==1.8.0 -google-auth==1.5.1 +futurist==1.8.1 +google-auth==1.6.3 greenlet==0.4.15 hacking==1.1.0 idna==2.6 @@ -34,34 +36,34 @@ ipaddress==1.0.22 iso8601==0.1.12 Jinja2==2.9.6 jsonpath-ng==1.4.3 -jsonpickle==1.0 +jsonpickle==1.1 jsonschema==2.6.0 keystoneauth1==3.2.0 keystonemiddleware==4.17.0 -kombu==4.2.1 +kombu==4.5.0 kubernetes==3.0.0 linecache2==1.0.0 -Mako==1.0.7 -MarkupSafe==1.1.0 +Mako==1.0.10 +MarkupSafe==1.1.1 mccabe==0.5.3 monotonic==1.5 -msgpack==0.5.6 +msgpack==0.6.1 netaddr==0.7.19 -netifaces==0.10.7 +netifaces==0.10.9 networkx==2.2 oslo.cache==1.31.1 oslo.concurrency==3.28.1 oslo.config==6.6.2 oslo.context==2.19.2 oslo.db==4.41.1 -oslo.i18n==3.22.1 +oslo.i18n==3.23.1 oslo.log==3.40.1 oslo.messaging==9.1.1 oslo.middleware==3.36.0 oslo.policy==1.22.1 oslo.serialization==2.28.1 -oslo.service==1.32.1 -oslo.utils==3.37.1 +oslo.service==1.39.0 +oslo.utils==3.40.2 Paste==3.0.1 PasteDeploy==1.5.2 pbr==3.0.1 @@ -69,32 +71,32 @@ ply==3.11 positional==1.2.1 prettytable==0.7.2 psycopg2==2.7.5 -pyasn1==0.4.4 -pyasn1-modules==0.2.2 -pycadf==2.8.0 +pyasn1==0.4.5 +pyasn1-modules==0.2.5 +pycadf==2.9.0 pycodestyle==2.0.0 pycparser==2.19 pyflakes==1.2.3 pyinotify==0.9.6 -pyparsing==2.3.0 +pyparsing==2.4.0 pyperclip==1.7.0 python-barbicanclient==4.7.0 -python-dateutil==2.7.5 -python-editor==1.0.3 +python-dateutil==2.8.0 +python-editor==1.0.4 python-keystoneclient==3.18.0 python-memcached==1.59 python-mimeparse==1.6.0 -pytz==2018.7 +pytz==2019.1 PyYAML==3.12 repoze.lru==0.7 requests==2.18.4 -rfc3986==1.1.0 +rfc3986==1.3.2 Routes==2.4.1 rsa==4.0 six==1.11.0 -SQLAlchemy==1.2.13 -sqlalchemy-migrate==0.11.0 -sqlparse==0.2.4 +SQLAlchemy==1.3.3 +sqlalchemy-migrate==0.12.0 +sqlparse==0.3.0 statsd==3.3.0 stevedore==1.30.0 Tempita==0.5.2 @@ -105,9 +107,10 @@ traceback2==1.4.0 unittest2==1.1.0 urllib3==1.24 uWSGI==2.0.15 -vine==1.1.4 +vine==1.3.0 wcwidth==0.1.7 -WebOb==1.8.3 -websocket-client==0.40.0 +WebOb==1.8.5 +websocket-client==0.56.0 Werkzeug==0.14.1 -wrapt==1.10.11 +wrapt==1.11.1 +yappi==1.0 diff --git a/tests/unit/builder_data/simple/HostSystem.yaml b/tests/unit/builder_data/simple/HostSystem.yaml index 94e84984..bc0a5565 100644 --- a/tests/unit/builder_data/simple/HostSystem.yaml +++ b/tests/unit/builder_data/simple/HostSystem.yaml @@ -35,11 +35,10 @@ data: rotate 1 } images: + monitoring_image: &busybox busybox:1.28.3 haproxy: haproxy:1.8.3 helm: helm: lachlanevenson/k8s-helm:v2.14.0 - kubernetes: - kubectl: gcr.io/google_containers/hyperkube-amd64:v1.11.6 packages: repositories: - deb http://apt.dockerproject.org/repo ubuntu-xenial main @@ -82,5 +81,5 @@ data: socat: socat=1.7.3.1-1 validation: pod_logs: - image: busybox:1.28.3 + image: *busybox ... diff --git a/tools/g2/lib/config.sh b/tools/g2/lib/config.sh index ed263100..b285dfd3 100644 --- a/tools/g2/lib/config.sh +++ b/tools/g2/lib/config.sh @@ -6,6 +6,7 @@ export NGINX_DIR="${TEMP_DIR}/nginx" export NGINX_URL="http://192.168.77.1:7777" export PROMENADE_BASE_URL="http://promenade-api.ucp.svc.cluster.local" export PROMENADE_DEBUG=${PROMENADE_DEBUG:-0} +export PROMENADE_TMP_LOCAL=${PROMENADE_TMP_LOCAL:-tmp_bin} export PROMENADE_ENCRYPTION_KEY=${PROMENADE_ENCRYPTION_KEY:-testkey} export REGISTRY_DATA_DIR=${REGISTRY_DATA_DIR:-/mnt/registry} export VIRSH_POOL=${VIRSH_POOL:-promenade} diff --git a/tools/g2/lib/kube.sh b/tools/g2/lib/kube.sh index 568d386e..4342d504 100644 --- a/tools/g2/lib/kube.sh +++ b/tools/g2/lib/kube.sh @@ -9,7 +9,7 @@ kubectl_cmd() { shift - ssh_cmd "${VIA}" kubectl "${@}" + ssh_cmd "${VIA}" kubectl --kubeconfig /etc/kubernetes/admin/kubeconfig.yaml "${@}" } kubectl_wait_for_pod() { diff --git a/tools/g2/lib/registry.sh b/tools/g2/lib/registry.sh index fa03d3d1..bc5e5eb7 100644 --- a/tools/g2/lib/registry.sh +++ b/tools/g2/lib/registry.sh @@ -60,6 +60,12 @@ registry_up() { docker rm -fv "${REGISTRY_ID}" &>> "${LOG_FILE}" fi + cur=$(grep registry /etc/hosts | cut -f1 -d:) + if [ -n "$cur" ]; then + sudo sed -i "s/.*registry/127.0.0.1 registry/g" /etc/hosts + else + echo "127.0.0.1 registry" | sudo tee -a /etc/hosts + fi if [[ -z ${RUNNING_REGISTRY_ID} ]]; then log Starting docker registry docker run -d \ diff --git a/tools/g2/stages/build-scripts.sh b/tools/g2/stages/build-scripts.sh index 22fa3920..c1756e51 100755 --- a/tools/g2/stages/build-scripts.sh +++ b/tools/g2/stages/build-scripts.sh @@ -8,10 +8,23 @@ cd "${TEMP_DIR}" mkdir scripts chmod 777 scripts +PROMENADE_TMP_LOCAL="$(basename "$PROMENADE_TMP_LOCAL")" +PROMENADE_TMP="${TEMP_DIR}/${PROMENADE_TMP_LOCAL}" +mkdir -p "$PROMENADE_TMP" +chmod 777 "$PROMENADE_TMP" + +DOCKER_SOCK="/var/run/docker.sock" +sudo chmod o+rw $DOCKER_SOCK + log Building scripts docker run --rm -t \ -w /target \ -v "${TEMP_DIR}:/target" \ + -v "${PROMENADE_TMP}:/${PROMENADE_TMP_LOCAL}" \ + -v "${DOCKER_SOCK}:${DOCKER_SOCK}" \ + -e "DOCKER_HOST=unix:/${DOCKER_SOCK}" \ + -e "PROMENADE_TMP=${PROMENADE_TMP}" \ + -e "PROMENADE_TMP_LOCAL=/${PROMENADE_TMP_LOCAL}" \ -e "PROMENADE_DEBUG=${PROMENADE_DEBUG}" \ -e "PROMENADE_ENCRYPTION_KEY=${PROMENADE_ENCRYPTION_KEY}" \ "${IMAGE_PROMENADE}" \ @@ -20,3 +33,5 @@ docker run --rm -t \ --validators \ -o scripts \ config/*.yaml + +sudo chmod o-rw $DOCKER_SOCK diff --git a/tools/setup_gate.sh b/tools/setup_gate.sh index d19467ee..641cff03 100755 --- a/tools/setup_gate.sh +++ b/tools/setup_gate.sh @@ -47,6 +47,17 @@ sudo apt-get remove -q -y docker docker-engine docker.io sudo apt-get install -q -y --no-install-recommends \ docker-ce +# Set up proxy when using docker_image in yamls +sudo mkdir -p /etc/systemd/system/docker.service.d/ +cat << EOF | sudo tee /etc/systemd/system/docker.service.d/proxy.conf +[Service] +Environment="HTTP_PROXY=${HTTP_PROXY}" +Environment="HTTPS_PROXY=${HTTPS_PROXY}" +Environment="NO_PROXY=${NO_PROXY}" +EOF +sudo systemctl daemon-reload +sudo systemctl restart docker + log_stage_header "Joining User Groups" for grp in docker libvirtd libvirt; do if ! groups | grep $grp > /dev/null; then