From d6908ed39dd5e58c539c1c818f371849dd0271eb Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Fri, 12 Feb 2021 14:03:54 +0100 Subject: Run chartmuseum as a docker container A docker container for chartmuseum is run with chart storage volume mounted from hosts' resource dir for chart repo persistence across container/infra restarts. Change-Id: I692ff7a3d95414b439b15b5414bc8b959eb79414 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/group_vars/infrastructure.yml | 1 + ansible/infrastructure.yml | 2 ++ ansible/rke.yml | 2 -- ansible/roles/chartmuseum/defaults/main.yml | 1 + ansible/roles/chartmuseum/handlers/main.yml | 14 ++++++++++++ .../chartmuseum/molecule/default/Dockerfile.j2 | 14 ------------ .../chartmuseum/molecule/default/molecule.yml | 16 ++++++------- .../roles/chartmuseum/molecule/default/prepare.yml | 3 +++ .../molecule/default/tests/test_default.py | 14 +++++------- .../roles/chartmuseum/molecule/ubuntu/molecule.yml | 17 +++++++------- ansible/roles/chartmuseum/tasks/main.yml | 26 +++++++--------------- .../molecule/default/prepare.yml | 2 ++ ansible/test/play-rke/molecule/default/prepare.yml | 2 -- .../test/roles/prepare-chartmuseum/tasks/main.yml | 22 +++++++++++------- build/data_lists/infra_bin_utils.list | 1 - build/data_lists/infra_docker_images.list | 1 + build/package.py | 1 - 17 files changed, 68 insertions(+), 71 deletions(-) create mode 100644 ansible/roles/chartmuseum/handlers/main.yml delete mode 100644 ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 diff --git a/ansible/group_vars/infrastructure.yml b/ansible/group_vars/infrastructure.yml index 12d1044d..586f7925 100755 --- a/ansible/group_vars/infrastructure.yml +++ b/ansible/group_vars/infrastructure.yml @@ -26,3 +26,4 @@ vnc_server_image: consol/ubuntu-icewm-vnc:1.4.0 nexus3_image: sonatype/nexus3:3.15.2 dns_server_image: andyshinn/dnsmasq:2.76 nginx_server_image: own_nginx:2.0.0 +chartmuseum_server_image: chartmuseum/chartmuseum diff --git a/ansible/infrastructure.yml b/ansible/infrastructure.yml index 2322c8bb..27d9d76a 100644 --- a/ansible/infrastructure.yml +++ b/ansible/infrastructure.yml @@ -16,6 +16,8 @@ - nginx - chrony - nexus + - role: chartmuseum + when: helm_version | regex_search("^v3" ) - name: Setup base for Kubernetes nodes hosts: kubernetes:!infrastructure diff --git a/ansible/rke.yml b/ansible/rke.yml index 46f4e3aa..ab6c0bb5 100644 --- a/ansible/rke.yml +++ b/ansible/rke.yml @@ -31,5 +31,3 @@ mode: deploy - kubectl - helm - - role: chartmuseum - when: helm_version | regex_search("^v3" ) diff --git a/ansible/roles/chartmuseum/defaults/main.yml b/ansible/roles/chartmuseum/defaults/main.yml index 6816d151..1d3ae1ba 100644 --- a/ansible/roles/chartmuseum/defaults/main.yml +++ b/ansible/roles/chartmuseum/defaults/main.yml @@ -1,3 +1,4 @@ --- +chartmuseum_server_image_tar: "{{ chartmuseum_server_image | regex_replace('(\\/|\\:)', '_') }}.tar" chartmuseum_port: "8879" chartmuseum_storage_dir: "{{ app_data_path }}/chartmuseum" diff --git a/ansible/roles/chartmuseum/handlers/main.yml b/ansible/roles/chartmuseum/handlers/main.yml new file mode 100644 index 00000000..867aaf0f --- /dev/null +++ b/ansible/roles/chartmuseum/handlers/main.yml @@ -0,0 +1,14 @@ +--- +- name: Run chartmuseum server container + docker_container: + name: chartmuseum + image: "{{ chartmuseum_server_image }}" + env: + STORAGE: "local" + STORAGE_LOCAL_ROOTDIR: "/charts" + volumes: + - "{{ chartmuseum_storage_dir }}:/charts:rw" + ports: + - "{{ chartmuseum_port }}:8080/tcp" + restart_policy: unless-stopped + recreate: true diff --git a/ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 b/ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 deleted file mode 100644 index e6aa95d3..00000000 --- a/ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 +++ /dev/null @@ -1,14 +0,0 @@ -# Molecule managed - -{% if item.registry is defined %} -FROM {{ item.registry.url }}/{{ item.image }} -{% else %} -FROM {{ item.image }} -{% endif %} - -RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ - elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \ - elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ - elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \ - elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \ - elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi diff --git a/ansible/roles/chartmuseum/molecule/default/molecule.yml b/ansible/roles/chartmuseum/molecule/default/molecule.yml index 07652b7a..9c5d1c2a 100644 --- a/ansible/roles/chartmuseum/molecule/default/molecule.yml +++ b/ansible/roles/chartmuseum/molecule/default/molecule.yml @@ -7,7 +7,12 @@ lint: name: yamllint platforms: - name: instance-chartmuseum - image: centos:7 + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: True + privileged: true + override_command: False + volumes: + - /var/lib/docker groups: - infrastructure provisioner: @@ -18,13 +23,8 @@ provisioner: ANSIBLE_ROLES_PATH: ../../../../test/roles ANSIBLE_LIBRARY: ../../../../library inventory: - group_vars: - all: - app_name: moleculetestapp - app_data_path: "/opt/{{ app_name }}" - helm_bin_dir: /usr/local/bin - chartmuseum_storage_dir: "/opt/{{ app_name }}/chartmuseum" - chartmuseum_port: "1234" + links: + group_vars: ../../../../group_vars scenario: name: default verifier: diff --git a/ansible/roles/chartmuseum/molecule/default/prepare.yml b/ansible/roles/chartmuseum/molecule/default/prepare.yml index 5201bcec..dee6a976 100644 --- a/ansible/roles/chartmuseum/molecule/default/prepare.yml +++ b/ansible/roles/chartmuseum/molecule/default/prepare.yml @@ -1,5 +1,8 @@ --- - name: Prepare infra hosts: infrastructure + vars_files: + - ../../../../roles/chartmuseum/defaults/main.yml roles: + - prepare-docker-dind - prepare-chartmuseum diff --git a/ansible/roles/chartmuseum/molecule/default/tests/test_default.py b/ansible/roles/chartmuseum/molecule/default/tests/test_default.py index 71d1978d..40773065 100644 --- a/ansible/roles/chartmuseum/molecule/default/tests/test_default.py +++ b/ansible/roles/chartmuseum/molecule/default/tests/test_default.py @@ -6,11 +6,9 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') -def test_chartmuseum(host): - ansible_vars = host.ansible.get_variables() - p = host.process.get(comm="chartmuseum") - assert 'chartmuseum --storage local --storage-local-rootdir /opt/' +\ - ansible_vars['app_name'] + '/chartmuseum -port ' +\ - ansible_vars['chartmuseum_port'] in p.args - assert host.file("/opt/" + ansible_vars['app_name'] + - "/chartmuseum").is_directory +def test_chartmuseum_dir(host): + assert host.file("/chartmuseum").is_directory + + +def test_container_running(host): + assert host.docker('chartmuseum').is_running diff --git a/ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml b/ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml index d2851ccf..5f351a93 100644 --- a/ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml +++ b/ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml @@ -7,8 +7,12 @@ lint: name: yamllint platforms: - name: instance-ubuntu-chartmuseum - image: ubuntu:18.04 - dockerfile: ../default/Dockerfile.j2 + image: molecule-${PREBUILD_PLATFORM_DISTRO:-ubuntu}:${PREBUILD_DISTRO_VERSION:-18.04} + pre_build_image: True + privileged: true + override_command: False + volumes: + - /var/lib/docker groups: - infrastructure provisioner: @@ -19,13 +23,8 @@ provisioner: ANSIBLE_ROLES_PATH: ../../../../test/roles ANSIBLE_LIBRARY: ../../../../library inventory: - group_vars: - all: - app_name: moleculetestapp - app_data_path: "/opt/{{ app_name }}" - helm_bin_dir: /usr/local/bin - chartmuseum_storage_dir: "/opt/{{ app_name }}/chartmuseum" - chartmuseum_port: "1234" + links: + group_vars: ../../../../group_vars playbooks: prepare: ../default/prepare.yml converge: ../default/playbook.yml diff --git a/ansible/roles/chartmuseum/tasks/main.yml b/ansible/roles/chartmuseum/tasks/main.yml index c5d63a5e..16e41022 100644 --- a/ansible/roles/chartmuseum/tasks/main.yml +++ b/ansible/roles/chartmuseum/tasks/main.yml @@ -1,24 +1,14 @@ --- -- name: Install chartmuseum - copy: - src: "{{ app_data_path }}/downloads/chartmuseum" - dest: "{{ helm_bin_dir }}" - remote_src: true - mode: 0755 - - name: Create storage directory for chartmuseum file: path: "{{ chartmuseum_storage_dir }}" state: directory + mode: 0777 -- name: Run Helm chart repository - shell: "{{ helm_bin_dir }}/chartmuseum --storage local --storage-local-rootdir {{ chartmuseum_storage_dir }} -port {{ chartmuseum_port }} > /dev/null 2>&1 &" - async: 10 - poll: 3 - changed_when: false - -- name: Check Helm chart repository is running - command: pgrep chartmuseum - changed_when: false - register: pgrep_out - failed_when: pgrep_out.rc != 0 +- name: Load chartmuseum server image + docker_image: + name: "{{ chartmuseum_server_image }}" + load_path: "{{ infra_images_path }}/{{ chartmuseum_server_image_tar }}" + state: present + timeout: 120 + notify: Run chartmuseum server container diff --git a/ansible/test/play-infrastructure/molecule/default/prepare.yml b/ansible/test/play-infrastructure/molecule/default/prepare.yml index 86e25b48..634234ac 100644 --- a/ansible/test/play-infrastructure/molecule/default/prepare.yml +++ b/ansible/test/play-infrastructure/molecule/default/prepare.yml @@ -9,12 +9,14 @@ - prepare-nexus - prepare-dns - prepare-firewall + - prepare-chartmuseum vars_files: - vars.yml - ../../../../roles/nginx/defaults/main.yml - ../../../../roles/vncserver/defaults/main.yml - ../../../../roles/nexus/defaults/main.yml - ../../../../roles/dns/defaults/main.yml + - ../../../../roles/chartmuseum/defaults/main.yml - name: Prepare kubernetes hosts: kubernetes diff --git a/ansible/test/play-rke/molecule/default/prepare.yml b/ansible/test/play-rke/molecule/default/prepare.yml index 789a9402..6d810052 100644 --- a/ansible/test/play-rke/molecule/default/prepare.yml +++ b/ansible/test/play-rke/molecule/default/prepare.yml @@ -19,5 +19,3 @@ mode: infra - prepare-kubectl - prepare-helm - - role: prepare-chartmuseum - when: helm_version | regex_search("^v3" ) diff --git a/ansible/test/roles/prepare-chartmuseum/tasks/main.yml b/ansible/test/roles/prepare-chartmuseum/tasks/main.yml index b0bb5d11..a46888e8 100644 --- a/ansible/test/roles/prepare-chartmuseum/tasks/main.yml +++ b/ansible/test/roles/prepare-chartmuseum/tasks/main.yml @@ -1,12 +1,18 @@ --- -- name: "Ensure {{ app_data_path }}/downloads directory exists" +- name: "Create chartmuseum image storage dir" file: - path: "{{ app_data_path }}/downloads" - recurse: true + path: "{{ infra_images_path }}" state: directory + mode: "u+rw,g+wx,o+rwx" + recurse: true + +- name: Download and archive chartmuseum docker image + delegate_to: localhost + docker_image: + name: "{{ chartmuseum_server_image }}" + archive_path: /tmp/chartmuseum.tar -- name: "Download chartmuseum" - get_url: - url: "https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum" - dest: "{{ app_data_path }}/downloads" - remote_src: true +- name: Copy chartmuseum image to node + copy: + src: /tmp/chartmuseum.tar + dest: "{{ infra_images_path }}/{{ chartmuseum_server_image_tar }}" diff --git a/build/data_lists/infra_bin_utils.list b/build/data_lists/infra_bin_utils.list index 614d1c13..3beb2972 100644 --- a/build/data_lists/infra_bin_utils.list +++ b/build/data_lists/infra_bin_utils.list @@ -3,4 +3,3 @@ https://get.helm.sh/helm-v2.16.6-linux-amd64.tar.gz https://get.helm.sh/helm-v3.3.4-linux-amd64.tar.gz https://github.com/chartmuseum/helm-push/releases/download/v0.9.0/helm-push_0.9.0_linux_amd64.tar.gz https://github.com/rancher/rke/releases/download/v1.0.4/rke_linux-amd64 -https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum diff --git a/build/data_lists/infra_docker_images.list b/build/data_lists/infra_docker_images.list index 78081cc8..43b2f865 100644 --- a/build/data_lists/infra_docker_images.list +++ b/build/data_lists/infra_docker_images.list @@ -1,3 +1,4 @@ andyshinn/dnsmasq:2.76 consol/ubuntu-icewm-vnc:1.4.0 sonatype/nexus3:3.15.2 +chartmuseum/chartmuseum diff --git a/build/package.py b/build/package.py index 9cd35902..ce603be5 100755 --- a/build/package.py +++ b/build/package.py @@ -246,7 +246,6 @@ def build_offline_deliverables(build_version, bin_pattern_list = ['**/rke_linux-amd64', '**/helm-*-linux-amd64.tar.gz', '**/kubectl', - '**/amd64/chartmuseum', '**/helm-push_*_linux_amd64.tar.gz'] for pattern in bin_pattern_list: -- cgit 1.2.3-korg