[CI] Publish images to quay.io on a daily basis

Based on the discussions from the past 3 Kolla meetings [1][2][3],
we established that, to avoid the DockerHub pull limit issues
in our CI, we will try using quay.io.

We still publish weekly to the DockerHub.

Cherry-picks in Victoria and below include the switch to
Docker module for Ansible.

[1] http://eavesdrop.openstack.org/meetings/kolla/2021/kolla.2021-03-17-15.00.log.html#l-102
[2] http://eavesdrop.openstack.org/meetings/kolla/2021/kolla.2021-03-24-15.00.log.html#l-137
[3] http://eavesdrop.openstack.org/meetings/kolla/2021/kolla.2021-03-31-15.01.log.html#l-50

Change-Id: I7c1f0c5fc643678b29f963b6769d8f900a03b726
This commit is contained in:
Radosław Piliszek 2021-03-17 17:05:22 +00:00
parent 00339ecc48
commit c80ac9717a
6 changed files with 196 additions and 27 deletions

View File

@ -25,6 +25,32 @@
Oz6nUZlML6sEyT0vilbDpo1RRweinE5J8mU+8joxeDpCHXBUYekFmgXDlpg58XmSp96fM
C/rWcxTKlGJjjlVFZfhRHHy6gWBYH/SoozkbpkWbk0g43SLSxAuITy7nqLggOU=
- secret:
name: kolla_quay_io_creds
data:
username: !encrypted/pkcs1-oaep
- VsvMvV5wOUfl5B2HJboWfN8mta/Tuk7PXcJf5RfKk4uXP6qYGM4dcMB9EdoJNhMCi7FeA
NrTZaxf/AjLAkgKlRhz7sPKhmR95+jrFRgEzedpcCamdPkCa+wNQEMNMd0rTwioYUEWm4
Y+Oa2mIswy5LcUViz38MPQhf0725U5sYtH2qkuhMbU8u8vzYhSk749xtAN6I1T8ziTKKB
3FBowFc2rSRJUQPsLLZjTxBHbrk+00p/DPoHLOz9/9Jf5U//jkqx4ziE2w1a4+x/kWlYT
BPXuRL9wWN9ci2uKuoDRRd6QHJzPIJerKG07YU4PAcS3M245rbjjUQC3n3SQJs3u4kKI8
rZrxfbmtbfjkzRQXnhnhPk47PebpjnpEUNw6+scnQ+ELdQ0QYGsVRM4x4/ywe5CeFYVDR
whQQ1iG21FOs3iv592I7P7l4cEKqKFyx9qiV4t2fyLrHgtU+L/05iENH9igGJ0tDCQ5zT
2F2laUWGtzUh76txuFDjpBxR3qS62g825dZXaTegkA+v6c1az23lrYTqbTRf63cuAQyYX
APPRC5QU0URXBoIbWb0ry3O5lr/uudI1ZCLN8SSJhpmZAIlviOfaxrKu9fg2YY9e0xpz9
CMEWQ/n1EsUyL34Wv189Rvpq4M4GTvozEKsRsjY3u0ygwEUXcH2lEXGOrs+hms=
password: !encrypted/pkcs1-oaep
- dR2beX9Bn7O8iCqNHtWo1FWX71vy+CwffDk5rafUh5yew2OVNcVtVjVOPvHwb5zZv1LCd
MVcgIJe513dM5tQkn2H/HvN/seVu/CfHA6lg6Tj+ueW9VdUH6KiBPr+NCgQWX+Xt3sXbt
sPzfNGpvTw1ZCUp0nnudZEKPZ2jn83baNMumW8E8xPb4s2kePzINsb8sGvqy6BOk5rUIo
7DaEwWrNnq9TTnMcWGIF+fLP5Pin7+fmvnLkT6qRN4v5FszpHYm8YCpv02nzqI1/F9HeM
P3GtkUdIPxa1+3VwZ/DSA9BWi4VG15jDtaxeZFVGQuMqQAiCx8Jqvd+xX2qugAq1m+U7W
JobDbaeTYrUmJ1zUaspPZ16RTSf9UGCTaejoSVKM9lJHv6ixtsX7UWkgFvceVrlkt7TtH
2mqhBnXvwB6VD5d311WRUfNXz7gb60otisB5G2k/UnRnv1Mu33TPVT7XOFDpVnAvRS3lt
haJ34N7AWnDIsllvzcmVWTw3wf/6LLfOQrW2Z+vNambyR4Oc+LVUTbEvZVIU65LpOTIn3
LfDhCLDD3VtnVOrj4UxZsjzmPbday1fziua/7f+CXsShC5erz0ZM65rMCwkjWeI6Kc63A
0M27tl+OWHO3KkfFR4tWc3dws3r1kYjQeds0adBHyYD0eL8SJfwZkbtojAQ1JM=
- nodeset:
name: kolla-centos8
nodes:

View File

@ -16,14 +16,18 @@
- kolla-build-centos8-source
- kolla-ansible-centos8-source
- kolla-ansible-centos8-source-upgrade
periodic:
jobs:
- kolla-publish-centos8-source-quay
- kolla-publish-centos8-binary-quay
periodic-weekly:
jobs:
- kolla-publish-centos8-source
- kolla-publish-centos8-binary
- kolla-publish-centos8-source-dockerhub
- kolla-publish-centos8-binary-dockerhub
release:
jobs:
- kolla-publish-centos8-source
- kolla-publish-centos8-binary
- kolla-publish-centos8-source-dockerhub
- kolla-publish-centos8-binary-dockerhub
experimental:
jobs:
- kolla-ansible-centos8-source-bifrost:
@ -52,14 +56,27 @@
install_type: binary
- job:
name: kolla-publish-centos8-binary
name: kolla-publish-centos8-binary-dockerhub
parent: kolla-build-centos8-binary
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: dockerhub
kolla_namespace: kolla
secrets:
- kolla_dockerhub_creds
- job:
name: kolla-publish-centos8-binary-quay
parent: kolla-build-centos8-binary
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: quay.io
kolla_namespace: openstack.kolla
secrets:
- kolla_quay_io_creds
- job:
name: kolla-build-centos8-source
parent: kolla-base
@ -75,10 +92,23 @@
voting: false
- job:
name: kolla-publish-centos8-source
name: kolla-publish-centos8-source-dockerhub
parent: kolla-build-centos8-source
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: dockerhub
kolla_namespace: kolla
secrets:
- kolla_dockerhub_creds
- job:
name: kolla-publish-centos8-source-quay
parent: kolla-build-centos8-source
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: quay.io
kolla_namespace: openstack.kolla
secrets:
- kolla_quay_io_creds

View File

@ -9,15 +9,19 @@
jobs:
- kolla-build-debian-source-aarch64
- kolla-ansible-debian-source-aarch64
periodic:
jobs:
- kolla-publish-debian-source-quay
- kolla-publish-debian-source-aarch64-quay
periodic-weekly:
jobs:
- kolla-publish-debian-source
- kolla-publish-debian-source-aarch64
- kolla-publish-debian-source-dockerhub
- kolla-publish-debian-source-aarch64-dockerhub
release:
jobs:
- kolla-publish-debian-source
- kolla-publish-debian-source-aarch64
- kolla-publish-debian-binary
- kolla-publish-debian-source-dockerhub
- kolla-publish-debian-source-aarch64-dockerhub
- kolla-publish-debian-binary-dockerhub
- job:
name: kolla-build-debian-source
@ -43,24 +47,67 @@
install_type: binary
- job:
name: kolla-publish-debian-binary
name: kolla-publish-debian-binary-dockerhub
parent: kolla-build-debian-binary
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: dockerhub
kolla_namespace: kolla
secrets:
- kolla_dockerhub_creds
- job:
name: kolla-publish-debian-source
name: kolla-publish-debian-binary-quay
parent: kolla-build-debian-binary
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: quay.io
kolla_namespace: openstack.kolla
secrets:
- kolla_quay_io_creds
- job:
name: kolla-publish-debian-source-dockerhub
parent: kolla-build-debian-source
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: dockerhub
kolla_namespace: kolla
secrets:
- kolla_dockerhub_creds
- job:
name: kolla-publish-debian-source-aarch64
parent: kolla-publish-debian-source
nodeset: kolla-debian-buster-aarch64
name: kolla-publish-debian-source-quay
parent: kolla-build-debian-source
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: quay.io
kolla_namespace: openstack.kolla
secrets:
- kolla_quay_io_creds
- job:
name: kolla-publish-debian-source-aarch64-dockerhub
parent: kolla-build-debian-source-aarch64
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: dockerhub
kolla_namespace: kolla
secrets:
- kolla_dockerhub_creds
- job:
name: kolla-publish-debian-source-aarch64-quay
parent: kolla-build-debian-source-aarch64
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: quay.io
kolla_namespace: openstack.kolla
secrets:
- kolla_quay_io_creds

View File

@ -16,14 +16,18 @@
- kolla-build-ubuntu-source
- kolla-ansible-ubuntu-source
- kolla-ansible-ubuntu-source-upgrade
periodic:
jobs:
- kolla-publish-ubuntu-source-quay
- kolla-publish-ubuntu-binary-quay
periodic-weekly:
jobs:
- kolla-publish-ubuntu-source
- kolla-publish-ubuntu-binary
- kolla-publish-ubuntu-source-dockerhub
- kolla-publish-ubuntu-binary-dockerhub
release:
jobs:
- kolla-publish-ubuntu-source
- kolla-publish-ubuntu-binary
- kolla-publish-ubuntu-source-dockerhub
- kolla-publish-ubuntu-binary-dockerhub
experimental:
jobs:
# Test rabbitmq and mariadb in multinode ceph jobs.
@ -48,14 +52,27 @@
install_type: binary
- job:
name: kolla-publish-ubuntu-binary
name: kolla-publish-ubuntu-binary-dockerhub
parent: kolla-build-ubuntu-binary
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: dockerhub
kolla_namespace: kolla
secrets:
- kolla_dockerhub_creds
- job:
name: kolla-publish-ubuntu-binary-quay
parent: kolla-build-ubuntu-binary
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: quay.io
kolla_namespace: openstack.kolla
secrets:
- kolla_quay_io_creds
- job:
name: kolla-build-ubuntu-source
parent: kolla-base
@ -71,10 +88,23 @@
voting: false
- job:
name: kolla-publish-ubuntu-source
name: kolla-publish-ubuntu-source-dockerhub
parent: kolla-build-ubuntu-source
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: dockerhub
kolla_namespace: kolla
secrets:
- kolla_dockerhub_creds
- job:
name: kolla-publish-ubuntu-source-quay
parent: kolla-build-ubuntu-source
post-run: tests/playbooks/publish.yml
vars:
publisher: true
kolla_registry: quay.io
kolla_namespace: openstack.kolla
secrets:
- kolla_quay_io_creds

View File

@ -1,8 +1,44 @@
---
- hosts: all
tasks:
- name: Login to Dockerhub
command: "docker login -u {{ kolla_dockerhub_creds.user }} -p {{ kolla_dockerhub_creds.password }}"
no_log: true
- name: Ensure docker python SDK is installed
become: true
pip:
name: "docker"
state: present
- shell: "for img in $(docker images --format '{% raw %}{{ .Repository }}:{{ .Tag }}{% endraw %}' | grep kolla ); do docker push $img; done"
- name: List all containers
docker_host_info:
images: yes
images_filters:
reference: "{{ kolla_namespace }}/*"
register: docker_host_info
- block:
- name: Login to Dockerhub
docker_login:
username: "{{ kolla_dockerhub_creds.user | trim }}"
password: "{{ kolla_dockerhub_creds.password | trim }}"
- name: Push built container images
docker_image:
name: "{{ item.RepoTags.0 }}"
push: yes
loop: "{{ docker_host_info.images }}"
when: kolla_registry == 'dockerhub'
- block:
- name: Login to quay.io
docker_login:
registry: quay.io
username: "{{ kolla_quay_io_creds.username | trim }}"
password: "{{ kolla_quay_io_creds.password | trim }}"
- name: Push built container images
docker_image:
name: "{{ item.RepoTags.0 }}"
push: yes
repository: "quay.io/{{ item.RepoTags.0 }}"
source: local
loop: "{{ docker_host_info.images }}"
when: kolla_registry == 'quay.io'

View File

@ -1,7 +1,7 @@
[DEFAULT]
debug = true
{% if publisher %}
namespace = kolla
namespace = {{ kolla_namespace }}
{% set tag_suffix = '-aarch64' if ansible_architecture == 'aarch64' else '' %}
tag = {{ (zuul.tag if zuul.pipeline == "release" else zuul.branch | basename) ~ tag_suffix }}
{% endif %}