From cd6f154da56079ba408b922ed748a80b622c3592 Mon Sep 17 00:00:00 2001 From: Arun Kant Date: Mon, 11 Feb 2019 14:06:39 -0800 Subject: [PATCH] Adding opensuse support in image building of airflow and shipyard Adding DISTRO parameter for makefile to invoke distribution specific Dockerfile and build image accordingly. Also qualifying image job name to distinguish ubuntu vs opensuse check jobs and passing distro specific variable. Similar logic for pushing distro specific images. Added new document section for multiple distro support. Change-Id: I215f8a107cab8770181c0472e0cc29053b2b978e --- .zuul.yaml | 50 ++++++- Makefile | 15 +- doc/source/client-user-guide.rst | 2 +- doc/source/index.rst | 1 + doc/source/multi-distro-support.rst | 95 ++++++++++++ images/airflow/Dockerfile.opensuse_15 | 137 ++++++++++++++++++ .../{Dockerfile => Dockerfile.ubuntu_xenial} | 2 +- images/shipyard/Dockerfile.opensuse_15 | 103 +++++++++++++ .../{Dockerfile => Dockerfile.ubuntu_xenial} | 0 .../build-images/tasks/airship-shipyard.yaml | 4 + 10 files changed, 394 insertions(+), 15 deletions(-) create mode 100644 doc/source/multi-distro-support.rst create mode 100644 images/airflow/Dockerfile.opensuse_15 rename images/airflow/{Dockerfile => Dockerfile.ubuntu_xenial} (97%) create mode 100644 images/shipyard/Dockerfile.opensuse_15 rename images/shipyard/{Dockerfile => Dockerfile.ubuntu_xenial} (100%) diff --git a/.zuul.yaml b/.zuul.yaml index 73586c6e..3ec04d00 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -23,17 +23,20 @@ - airship-shipyard-chart-build-gate - airship-shipyard-chart-build-latest-htk - airship-shipyard-whitespace-lint-gate - - airship-shipyard-image-gate - airship-shipyard-airskiff-deployment + - airship-shipyard-image-gate-ubuntu + - airship-shipyard-image-gate-opensuse gate: jobs: - openstack-tox-pep8 - airship-shipyard-chart-build-gate - airship-shipyard-whitespace-lint-gate - - airship-shipyard-image-gate + - airship-shipyard-image-gate-ubuntu + - airship-shipyard-image-gate-opensuse post: jobs: - - airship-shipyard-docker-build-post + - airship-shipyard-docker-build-post-ubuntu + - airship-shipyard-docker-build-post-opensuse - nodeset: name: airship-shipyard-single-node @@ -78,12 +81,13 @@ - ^releasenotes/.*$ - job: - name: airship-shipyard-image-gate + name: airship-shipyard-image-gate-ubuntu description: | - Run shipyard-image build. + Run shipyard-image build for ubuntu. parent: airship-shipyard-image-base vars: publish: false + distro: ubuntu_xenial tags: dynamic: patch_set: true @@ -114,7 +118,19 @@ - ^releasenotes/.*$ - job: - name: airship-shipyard-docker-build-post + name: airship-shipyard-image-gate-opensuse + description: | + Run shipyard-image build for opensuse. + parent: airship-shipyard-image-base + vars: + publish: false + distro: opensuse_15 + tags: + dynamic: + patch_set: true + +- job: + name: airship-shipyard-docker-build-post-ubuntu timeout: 1800 run: tools/gate/playbooks/run-image.yaml nodeset: airship-shipyard-single-node @@ -126,6 +142,28 @@ - airship_shipyard_quay_creds vars: publish: true + distro: ubuntu_xenial + tags: + dynamic: + branch: true + commit: true + static: + - latest + +- job: + name: airship-shipyard-docker-build-post-opensuse + timeout: 1800 + run: tools/gate/playbooks/run-image.yaml + nodeset: airship-shipyard-single-node + irrelevant-files: + - ^.*\.rst$ + - ^doc/.*$ + - ^releasenotes/.*$ + secrets: + - airship_shipyard_quay_creds + vars: + publish: true + distro: opensuse_15 tags: dynamic: branch: true diff --git a/Makefile b/Makefile index 314db722..b8290676 100644 --- a/Makefile +++ b/Makefile @@ -31,9 +31,10 @@ PROXY ?= http://proxy.foo.com:8000 NO_PROXY ?= localhost,127.0.0.1,.svc.cluster.local USE_PROXY ?= false -UBUNTU_BASE_IMAGE ?= +DISTRO_BASE_IMAGE ?= +DISTRO ?= ubuntu_xenial -IMAGE:=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/$(IMAGE_NAME):${IMAGE_TAG} +IMAGE:=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/$(IMAGE_NAME):${IMAGE_TAG}-${DISTRO} IMAGE_DIR:=images/$(IMAGE_NAME) .PHONY: images @@ -45,8 +46,8 @@ images: $(IMAGE_NAME) $(IMAGE_NAME): @echo @echo "===== Processing [$@] image =====" - @make build IMAGE=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/$@:${IMAGE_TAG} IMAGE_DIR=images/$@ IMAGE_NAME=$@ - @make run IMAGE=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/$@:${IMAGE_TAG} SCRIPT=./tools/$@_image_run.sh + @make build IMAGE=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/$@:${IMAGE_TAG}-${DISTRO} IMAGE_DIR=images/$@ IMAGE_NAME=$@ + @make run IMAGE=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/$@:${IMAGE_TAG}-${DISTRO} SCRIPT=./tools/$@_image_run.sh # Build all docker images for this project @@ -81,7 +82,7 @@ tests: run: USE_PROXY=$(USE_PROXY) PROXY=$(PROXY) $(SCRIPT) $(IMAGE) -_BASE_IMAGE_ARG := $(if $(UBUNTU_BASE_IMAGE),--build-arg FROM="${UBUNTU_BASE_IMAGE}" ,) +_BASE_IMAGE_ARG := $(if $(DISTRO_BASE_IMAGE),--build-arg FROM="${DISTRO_BASE_IMAGE}" ,) .PHONY: build build: @@ -90,7 +91,7 @@ ifeq ($(USE_PROXY), true) --label "org.opencontainers.image.revision=$(COMMIT)" \ --label "org.opencontainers.image.created=$(shell date --rfc-3339=seconds --utc)" \ --label "org.opencontainers.image.title=$(IMAGE_NAME)" \ - -f $(IMAGE_DIR)/Dockerfile \ + -f $(IMAGE_DIR)/Dockerfile.$(DISTRO) \ $(_BASE_IMAGE_ARG) \ --build-arg http_proxy=$(PROXY) \ --build-arg https_proxy=$(PROXY) \ @@ -104,7 +105,7 @@ else --label "org.opencontainers.image.revision=$(COMMIT)" \ --label "org.opencontainers.image.created=$(shell date --rfc-3339=seconds --utc)" \ --label "org.opencontainers.image.title=$(IMAGE_NAME)" \ - -f $(IMAGE_DIR)/Dockerfile \ + -f $(IMAGE_DIR)/Dockerfile.$(DISTRO) \ $(_BASE_IMAGE_ARG) \ --build-arg ctx_base=$(BUILD_CTX) . endif diff --git a/doc/source/client-user-guide.rst b/doc/source/client-user-guide.rst index 7fb6a900..8b0ff179 100644 --- a/doc/source/client-user-guide.rst +++ b/doc/source/client-user-guide.rst @@ -184,7 +184,7 @@ command. In this example we will execute the ``get actions`` command:: -e 'OS_PASSWORD=password' -e 'OS_PROJECT_DOMAIN_NAME=default' \ -e 'OS_PROJECT_NAME=service' -e 'OS_USERNAME=shipyard' \ -e 'OS_USER_DOMAIN_NAME=default' -e 'OS_IDENTITY_API_VERSION=3' \ - --rm --net=host airshipit/shipyard:latest get actions + --rm --net=host airshipit/shipyard:latest-ubuntu_xenial get actions The output will resemble the following:: diff --git a/doc/source/index.rst b/doc/source/index.rst index 8b9bec97..d763312f 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -32,6 +32,7 @@ control plane life-cycle management, and is part of the `Airship`_ platform. client-user-guide deployment-guide policy-enforcement + multi-distro-support Building this Documentation --------------------------- diff --git a/doc/source/multi-distro-support.rst b/doc/source/multi-distro-support.rst new file mode 100644 index 00000000..c40e715d --- /dev/null +++ b/doc/source/multi-distro-support.rst @@ -0,0 +1,95 @@ +.. + Copyright 2019 SUSE LLC + + Licensed under the Apache License, Version 2.0 (the "License"); you may + not use this file except in compliance with the License. You may obtain + a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + License for the specific language governing permissions and limitations + under the License. + + +Multiple Distro Support +======================= + +This project builds images for Shipyard and Airflow components. Currently, it +supports building images for ubuntu and opensuse ( leap 15.0 as base image). + +By default, Ubuntu images are built and are published to public registry +server. Recently support for publishing opensuse image has also been added. + +If you need to build opensuse images locally, the following parameters +can be passed to the *make* command in shipyard repository's root +directory with *images* as target:: + + DISTRO: opensuse_15 + DISTRO_BASE_IMAGE: "opensuse/leap:15.0" + DOCKER_REGISTRY: { your_docker_registry } + IMAGE_TAG: latest + IMAGE_NAME: airflow + PUSH_IMAGE: false + +Following is an example in command format to build and publish images locally. +Command is run in shipyard repository's root directory. + + DISTRO=opensuse_15 DOCKER_REGISTRY={ your_docker_registry } \ + IMAGE_NAME=airflow IMAGE_TAG=latest PUSH_IMAGE=true make images + + +Following parameters need to be passed as environment/shell variable to make +command: + +DISTRO + parameter to identify distro specific Dockerfile, ubuntu_xenial (Default) + +DISTRO_BASE_IMAGE + parameter to use different base image other than what's used in DISTRO + specific Dockerfile (optional) + +DOCKER_REGISTRY + parameter to specify local/internal docker registry if need + to publish image (optional), quay.io (Default) + +IMAGE_TAG + tag to be used for image built, untagged (Default) + +PUSH_IMAGE + flag to indicate if images needs to be pushed to a docker + registry, false (Default) + + +This work is done as per approved spec `multi_distro_support`_. Currently only image +building logic is enhanced to support multiple distro. + + +Adding New Distro Support +-------------------------- + +To add support for building images for a new distro, following steps can be +followed. + + #. Shipyard uses images for shipyard and airflow. So to build images for those + components, two Dockerfiles are required, one for each component. + + #. Add distro specific Dockerfile for each component which will have steps to include + necessary packages and run environment configuration. Use existing Dockerfile as + sample to identify needed packages and environment information. + + #. New dockerfile can be named as Dockefile.{DISTRO} where DISTRO is expected to be + distro identifier which is passed to makefile. + + #. Respective dockerfile should be placed in {shipyard_root}/images/airflow and + {shipyard_root}/images/shipyard + + #. Add check, gate, and post jobs for building, testing and publishing images. These + entries need to be added in {shipyard_root}/.zuul.yaml file. Please refer to + existing zuul file for better existing opensuse support. + + #. Add any relevant information to this document. + +.. _multi_distro_support: https://airship-specs.readthedocs.io/en/latest/specs/approved/airship_multi_linux_distros.html diff --git a/images/airflow/Dockerfile.opensuse_15 b/images/airflow/Dockerfile.opensuse_15 new file mode 100644 index 00000000..68b4a07c --- /dev/null +++ b/images/airflow/Dockerfile.opensuse_15 @@ -0,0 +1,137 @@ +# Copyright 2018 AT&T Intellectual Property. All other rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Docker image to run Airflow on Kubernetes +ARG FROM=opensuse/leap:15.0 +FROM ${FROM} + +LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc://#airshipit@freenode' +LABEL org.opencontainers.image.url='https://airshipit.org' +LABEL org.opencontainers.image.documentation='https://airship-shipyard.readthedocs.org' +LABEL org.opencontainers.image.source='https://opendev.org/airship/shipyard' +LABEL org.opencontainers.image.vendor='The Airship Authors' +LABEL org.opencontainers.image.licenses='Apache-2.0' + +# Do not prompt user for choices on installation/configuration of packages +# Set port 8080 for Airflow Web +# Set port 5555 for Airflow Flower +# Set port 8793 for Airflow Worker +ENV container docker +ENV WEB_PORT 8080 +ENV FLOWER_PORT 5555 +ENV WORKER_PORT 8793 +ENV SLUGIFY_USES_TEXT_UNIDECODE yes + +# Expose port for applications +EXPOSE $WEB_PORT +EXPOSE $FLOWER_PORT +EXPOSE $WORKER_PORT + +# Set ARG for usage during build +ARG AIRFLOW_HOME=/usr/local/airflow +ARG ctx_base=src/bin + +# Kubectl version +ARG KUBECTL_VERSION=1.10.2 + +RUN set -ex && \ + zypper -q update -y ;\ + zypper --non-interactive install --no-recommends \ + ca-certificates \ + curl \ + git-core \ + gcc-c++ \ + libffi-devel \ + libopenssl-devel \ + libpqxx-devel \ + gcc-locale \ + netcat-openbsd \ + netcfg \ + which \ + python3 \ + python3-setuptools \ + python3-pip \ + python3-devel \ + python3-python-dateutil \ + make \ + && python3 -m pip install -U pip \ + && zypper clean -a \ + && rm -rf \ + /tmp/* \ + /var/tmp/* \ + /var/log/* \ + /usr/share/man \ + /usr/share/doc \ + /usr/share/doc-base + +# Explicitly need to create usergroup with same name in suse +RUN useradd -U -ms /bin/bash -d ${AIRFLOW_HOME} airflow + +# Things that change mostly infrequently +RUN curl -L -o /usr/local/bin/kubectl \ + https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl \ + && chmod +x /usr/local/bin/kubectl + +# Dependency requirements +# Note - removing snakebite (python 2 vs. 3). See: +# https://github.com/puckel/docker-airflow/issues/77 +COPY images/airflow/requirements.txt /tmp/ +RUN pip3 install -r /tmp/requirements.txt --no-cache-dir \ + && pip3 uninstall -y snakebite || true + +# Copy scripts used in the container: +COPY images/airflow/script/*.sh ${AIRFLOW_HOME}/ + +# Copy configuration (e.g. logging config for Airflow): +COPY images/airflow/config/*.py ${AIRFLOW_HOME}/config/ + +# Change permissions +RUN chown -R airflow:airflow ${AIRFLOW_HOME} + +# Setting the version explicitly for PBR +ENV PBR_VERSION 0.1a1 + +# Shipyard +# +# Shipyard provides core functionality used by the Airflow plugins/operators +# Since Shipyard and Airflow are built together as images, this should prevent +# stale or out-of-date code between these parts. +# Shipyard requirements, source and installation +COPY ${ctx_base}/shipyard_airflow/requirements.txt /tmp/api_requirements.txt +RUN pip3 install -r /tmp/api_requirements.txt --no-cache-dir + +COPY ${ctx_base}/shipyard_airflow /tmp/shipyard/ +RUN cd /tmp/shipyard \ + && python3 setup.py install + +# Note: The value for the dags and plugins directories that are sourced +# from the values.yaml of the Shipyard Helm chart need to align with these +# directories. If they do not, airflow will not find the intended dags and +# plugins. +# +# Note: In the case of building images using the provided Makefile, a test is +# run against the built-in dags provided with Airflow. Since there is no Helm +# chart to reconfigure the airflow.cfg with these directories, these dags and +# plugins are not known to Airflow during the image test. +# +# Copy the plugins and dags that will be used by this Airflow image: +COPY ${ctx_base}/shipyard_airflow/shipyard_airflow/plugins ${AIRFLOW_HOME}/plugins/ +COPY ${ctx_base}/shipyard_airflow/shipyard_airflow/dags ${AIRFLOW_HOME}/dags/ + +# Set work directory +USER airflow +WORKDIR ${AIRFLOW_HOME} + +# Execute entrypoint +ENTRYPOINT ["./entrypoint.sh"] diff --git a/images/airflow/Dockerfile b/images/airflow/Dockerfile.ubuntu_xenial similarity index 97% rename from images/airflow/Dockerfile rename to images/airflow/Dockerfile.ubuntu_xenial index 4656d3f3..985d7026 100644 --- a/images/airflow/Dockerfile +++ b/images/airflow/Dockerfile.ubuntu_xenial @@ -19,7 +19,7 @@ FROM ${FROM} LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc://#airshipit@freenode' LABEL org.opencontainers.image.url='https://airshipit.org' LABEL org.opencontainers.image.documentation='https://airship-shipyard.readthedocs.org' -LABEL org.opencontainers.image.source='https://git.openstack.org/openstack/airship-shipyard' +LABEL org.opencontainers.image.source='https://opendev.org/airship/shipyard' LABEL org.opencontainers.image.vendor='The Airship Authors' LABEL org.opencontainers.image.licenses='Apache-2.0' diff --git a/images/shipyard/Dockerfile.opensuse_15 b/images/shipyard/Dockerfile.opensuse_15 new file mode 100644 index 00000000..b1255ccc --- /dev/null +++ b/images/shipyard/Dockerfile.opensuse_15 @@ -0,0 +1,103 @@ +# Copyright 2017 AT&T Intellectual Property. All other rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ARG FROM=opensuse/leap:15.0 +FROM ${FROM} + +LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc://#airshipit@freenode' +LABEL org.opencontainers.image.url='https://airshipit.org' +LABEL org.opencontainers.image.documentation='https://airship-shipyard.readthedocs.org' +LABEL org.opencontainers.image.source='https://git.openstack.org/openstack/airship-shipyard' +LABEL org.opencontainers.image.vendor='The Airship Authors' +LABEL org.opencontainers.image.licenses='Apache-2.0' + +ENV container docker +ENV PORT 9000 +ENV LC_ALL C.UTF-8 +ENV LANG C.UTF-8 +# Setting the version explicitly for PBR +ENV PBR_VERSION 0.1a1 + +ARG ctx_base=src/bin + +# Expose port 9000 for application +EXPOSE $PORT + +RUN set -ex && \ + zypper --gpg-auto-import-keys refresh && \ + zypper -q update -y && \ + zypper --non-interactive install --no-recommends \ + ca-certificates \ + curl \ + netcfg \ + python3-devel \ + python3-setuptools \ + && zypper clean -a \ + && rm -rf \ + /tmp/* \ + /var/tmp/* \ + /usr/share/man \ + /usr/share/doc \ + /usr/share/doc-base + +# Create shipyard user +RUN useradd -ms /bin/bash shipyard \ + && mkdir -p /home/shipyard/shipyard \ + && mkdir -p /home/shipyard/shipyard_client + +# Copy entrypoint.sh to /home/shipyard +COPY ${ctx_base}/shipyard_airflow/entrypoint.sh /home/shipyard/entrypoint.sh +# Change permissions and set up directories +RUN chown -R shipyard: /home/shipyard \ + && chmod +x /home/shipyard/entrypoint.sh + +# Requirements and Shipyard source +COPY ${ctx_base}/shipyard_airflow/requirements.txt /home/shipyard/api_requirements.txt +COPY ${ctx_base}/shipyard_client/requirements.txt /home/shipyard/client_requirements.txt +COPY ${ctx_base}/shipyard_client /home/shipyard/shipyard_client/ +COPY ${ctx_base}/shipyard_airflow /home/shipyard/shipyard/ + +# Build + RUN set -ex \ + && buildDeps=' \ + gcc \ + git-core \ + libopenssl-devel \ + make \ + python3-pip \ + ' \ + && zypper -q update -y \ + && zypper --non-interactive install --no-recommends $buildDeps \ + && python3 -m pip install -U pip \ + && pip3 install -r /home/shipyard/client_requirements.txt --no-cache-dir \ + && cd /home/shipyard/shipyard_client \ + && python3 setup.py install \ + && pip3 install -r /home/shipyard/api_requirements.txt --no-cache-dir \ + && cd /home/shipyard/shipyard \ + && python3 setup.py install \ + && zypper remove -y --clean-deps $buildDeps \ + && zypper clean -a \ + && rm -rf \ + /tmp/* \ + /var/tmp/* \ + /var/log/* \ + /usr/share/man \ + /usr/share/doc \ + /usr/share/doc-base + +# Entrypoint +ENTRYPOINT ["/home/shipyard/entrypoint.sh"] +CMD ["server"] +# Set user to shipyard +USER shipyard diff --git a/images/shipyard/Dockerfile b/images/shipyard/Dockerfile.ubuntu_xenial similarity index 100% rename from images/shipyard/Dockerfile rename to images/shipyard/Dockerfile.ubuntu_xenial diff --git a/tools/gate/roles/build-images/tasks/airship-shipyard.yaml b/tools/gate/roles/build-images/tasks/airship-shipyard.yaml index 6a15e313..56656957 100644 --- a/tools/gate/roles/build-images/tasks/airship-shipyard.yaml +++ b/tools/gate/roles/build-images/tasks/airship-shipyard.yaml @@ -16,6 +16,8 @@ block: - debug: var: publish + - debug: + var: distro - debug: var: tags - debug: @@ -85,6 +87,7 @@ target: images params: IMAGE_TAG: "{{ item }}" + DISTRO: "{{ distro }}" with_items: "{{ image_tags.stdout_lines }}" - shell: "docker images" @@ -113,6 +116,7 @@ IMAGE_TAG: "{{ item }}" COMMIT: "{{ zuul.newrev | default('') }}" PUSH_IMAGE: "true" + DISTRO: "{{ distro }}" with_items: "{{ image_tags.stdout_lines }}" - shell: "docker images"