openshift/origin工作记录(1)——S2I镜像定制(基于SVN)

上周的工作内容是迁移微服务管控平台到openshift集群上。定制了基于git的S2I,走通了从gitlab拉取代码、打包、部署等一系列流程,成功迁移并向部门老大做了汇报。 本周的工作是定制基于SVN的S2I,走通从SVN拉取代码、打包、部署这套流程。

本篇博客所用到的代码已上传至github。https://github.com/hu12081/openshift-s2i-tomcat-svn.git

s2i源码研究(能力不够,修改失败)

周一的时候在github上粗略阅读了source-to-image的源码,代码地址为https://github.com/openshift/source-to-image。整体代码采用go语言实现,https://github.com/openshift/source-to-image/tree/master/pkg/scm/downloaders目录下的代码应该是实现代码下载功能的,包括从本地文件路径拷贝代码、通过git克隆代码。

无奈对go语言一窍不通,如果从零学习go语言修改s2i的代码,短期内无法实现。强行建议老大抛弃openshift s2i那一套,走jkenins(虽然我还是一窍不通,但组内有人会,可以把锅甩出去。。。),老大基本被我说服。

修改builder镜像,定制部署模板(成功实现)

周二在看《开源容器云openshift》一书时,无意在书中发现作者的github,上面就有svn的demo,地址为https://github.com/nichochen/openshift-tomcat-svn。着实尴尬。

该项目的最后提交时间为两年前,在尝试部署的过程中发现存在以下问题:

1.ose-json文件夹下的openshift-tomcat7-svn-is.json存在语法错误。 2.该部署模板虽然集成了svn,但是在web界面上必须填写可用的git地址(该地址只用于跳过s2i验证),作者在README.md指出了该缺陷,缺没有修复。 3.没有提供svn的账号、密码输入功能。 4.直接clone该项目,在builder镜像的使用过程中,会报文件夹权限的问题。

优化已有的开源项目

参考我的博客openshift/origin学习记录(9)——S2I镜像定制(基于Git) 以下内容有做了一些定制化开发(基本都有表明)不具有通用性,不推荐直接复制粘贴使用!!!请自行修改参数、指令等内容。

创建S2I Builder镜像工作目录

通过s2i create命令创建一个名为tomcat-s2i的S2I Builder镜像。第二个参数tomcat-svn为S2I Builder镜像名称。第三个参数tomcat-svn-catalog定义了工作目录的名称。

s2i create tomcat-svn tomcat-svn-catalog

编写Dockerfile

修改tomcat-svn-catalog目录下的Dockerfile文件。

# openshift-tomcat8-svn
FROM docker.io/centos
# TODO: Put the maintainer name in the image metadata
MAINTAINER huliaoliao
# TODO: Rename the builder environment variable to inform users about application you provide them
ENV BUILDER_VERSION 1.0
# TODO: Set labels used in OpenShift to describe the builder image
LABEL io.openshift.s2i.scripts-url=image:///usr/libexec/s2i \
      io.k8s.description="Platform for building tomcat" \
      io.k8s.display-name="builder tomcat" \
      io.openshift.expose-services="8080:http" \
      io.openshift.tags="builder,tomcat,java,etc."
# TODO: Install required packages here:
COPY ./CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo
RUN yum makecache &&  yum install -y java-1.8.0-openjdk subversion maven && yum clean all -y
COPY ./s2i/bin/ /usr/libexec/s2i
# TODO (optional): Copy the builder files into /opt/app-root
COPY ./tomcat8/ /opt/app-root/tomcat8
# TODO: Copy the S2I scripts to /usr/local/s2i, since openshift/base-centos7 image sets io.openshift.s2i.scripts-url label that way, or update that label
#COPY ./s2i/bin/ /usr/libexec/s2i
# TODO: Drop the root user and make the content of /opt/app-root owned by user 1001
RUN useradd -m tomcat -u 1002 && \
    chmod -R a+rw /opt && \
    chmod -R a+rw /opt/app-root && \
    chmod a+rwx /opt/app-root/tomcat8/* && \
    chmod +x /opt/app-root/tomcat8/bin/*.sh && \
    rm -rf /opt/app-root/tomcat8/webapps/* && \
    rm -rf /usr/share/maven/conf/settings.xml
ADD ./settings.xml /usr/share/maven/conf/
# This default user is created in the openshift/base-centos7 image
USER 1002
# TODO: Set the default port for applications built using this image
EXPOSE 8080
ENTRYPOINT []
# TODO: Set the default CMD for the image
CMD ["/usr/libexec/s2i/usage"]

其中COPY ./CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo是为了换源。rm -rf /usr/share/maven/conf/settings.xmlADD ./settings.xml /usr/share/maven/conf/是修改镜像中maven的配置,指向自己的maven库。

下载tomcat

wget http://archive.apache.org/dist/tomcat/tomcat-8/v8.5.5/bin/apache-tomcat-8.5.5.tar.gz

解压到tomcat-svn-catalog目录下的tomcat8文件夹下。

修改s2i/bin/assemble脚本(负责源代码的编译、构建以及构建产出物的部署)

#!/bin/bash -e
#
# S2I assemble script for the 'nico-tomcat' image.
# The 'assemble' script builds your application source ready to run.
#
# For more information refer to the documentation:
#       https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md
#
# Restore artifacts from the previous build (if they exist).
#
if [ "$1" = "-h" ]; then
        # If the 'nico-tomcat' assemble script is executed with '-h' flag,
        # print the usage.
        exec /usr/libexec/s2i/usage
fi
# Restore artifacts from the previous build (if they exist).
#
if [ "$(ls /tmp/artifacts/ 2>/dev/null)" ]; then
  echo "---> Restoring build artifacts"
  mv /tmp/artifacts/. ./
fi
echo "---> Installing application source"
WORK_DIR=/tmp/src;
cd $WORK_DIR;
if [ ! -z ${SVN_URI} ] ; then
  echo "Fetching source from Subversion repository ${SVN_URI}"
  svn co ${SVN_URI} --username=${SVN_USERNAME} --password=${SVN_PASSWORD} --no-auth-cache
  export SRC_DIR=`basename $SVN_URI`
  echo "Finished fetching source from Subversion repository ${SVN_URI}"
  cd $WORK_DIR/$SRC_DIR/
  mvn package -Dmaven.test.skip=true;
else
  echo "SVN_URI not set, skip Subverion source download";
fi
find /tmp/src/ -name '*.war'|xargs -i mv -v {} /opt/app-root/tomcat8/webapps/ROOT.war
echo "---> Building application from source"

文件中下面这句就是根据用户输入的svn路径、账号、密码下载代码。

 svn co ${SVN_URI} --username=${SVN_USERNAME} --password=${SVN_PASSWORD} --no-auth-cache

编辑s2i/bin/run脚本(S2I流程生成的最终镜像将以这个脚本作为容器的启动命令)。

脚本内容为启动tomcat。

#!/bin/bash -e
#
# S2I run script for the 'nico-tomcat' image.
# The run script executes the server that runs your application.
#
# For more information see the documentation:
#       https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md
#
exec /opt/app-root/tomcat8/bin/catalina.sh run

构建镜像并推送到自己的镜像仓库

在tomcat-svn-catalog目录下执行make。得到docker镜像后修改tag推送到镜像仓库。

在master节点上创建openshift-tomcat8-svn-is.json文件

{
  "kind": "ImageStreamList",
  "apiVersion": "v1",
  "metadata": {},
  "items": [
    {
      "kind": "ImageStream",
      "apiVersion": "v1",
      "metadata": {
        "name": "openshift-tomcat8-svn",
        "annotations": {"openshift.io/image.insecureRepository": "true"},
        "creationTimestamp": null
      },
      "spec": {
        "dockerImageRepository": "master.example.com:5000/openshift-tomcat8-svn",
        "tags": [
          {
            "name": "latest"
          },
          {
            "name": "2.0",
            "annotations": {
              "description": "Run JavaEE WAR applications",
              "iconClass": "icon-ruby",
              "tags": "builder,tomcat,java,war",
              "supports": "java",
              "version": "1.0"
            },
            "from": {
              "kind": "ImageStreamTag",
              "name": "latest"
            }
          }
        ]
      }
    }  ]
}

集群管理员账号执行命令。

oc create -n openshift -f openshift-tomcat8-svn-is.json

在master节点上创建openshift-tomcat8-svn-removegit-template.json文件

{
    "kind": "Template",
    "apiVersion": "v1",
    "metadata": {
        "annotations": {
            "iconClass" : "icon-tomcat",
            "description": "Application template for JavaEE WAR deployment with Tomcat 8."
        },
        "name": "openshift-tomcat8-svn-removegit"
    },
    "labels": {
        "template": "openshift-tomcat8-svn-removegit"
    },
    "parameters": [
        {
            "description": "Tomcat 8.5.5",
            "name": "IMG_VERSION",
            "displayName":"Image Version",
            "value": "latest",
            "required": true
        },
        {
            "description": "The name for the application.",
            "name": "APPLICATION_NAME",
            "displayName":"Application Name",
            "value": "",
            "required": true
        },
        {
            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
            "name": "APPLICATION_HOSTNAME",
            "displayName":"Application Hostname",
            "value": ""
        },
        {
            "description": "Subversion source URI for application",
            "name": "SVN_URI",
            "displayName":"Subversion source URI",
            "value": "",
            "required": true
        },
        {
            "description": "Subversion Username",
            "name": "SVN_USERNAME",
            "displayName":"Subversion Username",
            "value": "",
            "required": true
        },
        {
            "description": "Subversion Password",
            "name": "SVN_PASSWORD",
            "displayName":"Subversion Password",
            "value": "",
            "required": true
        }
    ],
    "objects": [
        {
            "kind": "Service",
            "apiVersion": "v1",
            "spec": {
                "ports": [
                    {
                        "port": 8080,
                        "targetPort": 8080
                    }
                ],
                "selector": {
                    "deploymentConfig": "${APPLICATION_NAME}"
                }
            },
            "metadata": {
                "name": "${APPLICATION_NAME}",
                "labels": {
                    "application": "${APPLICATION_NAME}"
                },
                "annotations": {
                    "description": "The web server's http port."
                }
            }
        },
        {
            "kind": "Route",
            "apiVersion": "v1",
            "id": "${APPLICATION_NAME}-http-route",
            "metadata": {
                "name": "${APPLICATION_NAME}-http-route",
                "labels": {
                    "application": "${APPLICATION_NAME}"
                },
                "annotations": {
                    "description": "Route for application's http service."
                }
            },
            "spec": {
                "host": "${APPLICATION_HOSTNAME}",
                "to": {
                    "name": "${APPLICATION_NAME}"
                }
            }
        },
        {
            "kind": "ImageStream",
            "apiVersion": "v1",
            "metadata": {
                "name": "${APPLICATION_NAME}",
                "labels": {
                    "application": "${APPLICATION_NAME}"
                }
            }
        },
        {
            "kind": "BuildConfig",
            "apiVersion": "v1",
            "metadata": {
                "name": "${APPLICATION_NAME}",
                "labels": {
                    "application": "${APPLICATION_NAME}"
                }
            },
            "spec": {
                "strategy": {
                    "type": "Source",
                    "sourceStrategy": {
                        "from": {
                            "kind": "ImageStreamTag",
                            "namespace": "openshift",
                            "name": "openshift-tomcat8-svn:latest"
                        },
                        "env": [
                                    {
                                        "name": "SVN_URI",
                                        "value": "${SVN_URI}"
                                    },
                                    {
                                        "name": "SVN_USERNAME",
                                        "value": "${SVN_USERNAME}"
                                    },
                                    {
                                        "name": "SVN_PASSWORD",
                                        "value": "${SVN_PASSWORD}"
                                    }

                       ]
                    }
                },
                "output": {
                    "to": {
                        "kind": "ImageStreamTag",
                        "name": "${APPLICATION_NAME}:latest"
                    }
                },
                "triggers": [
                    {
                        "type": "GitHub",
                        "github": {
                            "secret": "${GITHUB_TRIGGER_SECRET}"
                        }
                    },
                    {
                        "type": "Generic",
                        "generic": {
                            "secret": "${GENERIC_TRIGGER_SECRET}"
                        }
                    },
                    {
                        "type": "ImageChange",
                        "imageChange": {}
                    }
                ]
            }
        },
        {
            "kind": "DeploymentConfig",
            "apiVersion": "v1",
            "metadata": {
                "name": "${APPLICATION_NAME}",
                "labels": {
                    "application": "${APPLICATION_NAME}"
                }
            },
            "spec": {
                "strategy": {
                    "type": "Recreate"
                },
                "triggers": [
                    {
                        "type": "ImageChange",
                        "imageChangeParams": {
                            "automatic": true,
                            "containerNames": [
                                "${APPLICATION_NAME}"
                            ],
                            "from": {
                                "kind": "ImageStream",
                                "name": "${APPLICATION_NAME}"
                            }
                        }
                    }
                ],
                "replicas": 1,
                "selector": {
                    "deploymentConfig": "${APPLICATION_NAME}"
                },
                "template": {
                    "metadata": {
                        "name": "${APPLICATION_NAME}",
                        "labels": {
                            "deploymentConfig": "${APPLICATION_NAME}",
                            "application": "${APPLICATION_NAME}"
                        }
                    },
                    "spec": {
                        "containers": [
                            {
                                "name": "${APPLICATION_NAME}",
                                "image": "${APPLICATION_NAME}",
                                "imagePullPolicy": "Always",
                                "readinessProbe": {
                                    "exec": {
                                        "command": [
                                            "/bin/bash",
                                            "-c",
                                            "curl http://localhost:8080"
                                        ]
                                    }
                                },
                                "ports": [
                                    {
                                        "name": "http",
                                        "containerPort": 8080,
                                        "protocol": "TCP"
                                    }
                                ],
                                "env": [
                                    {
                                        "name": "SVN_URI",
                                        "value": "${SVN_URI}"
                                    }

                                ]
                            }
                        ]
                    }
                }
            }
        }
    ]
}

集群管理员账号执行命令。

oc create -n openshift -f openshift-tomcat8-svn-removegit-template.json

验证

可从界面输入SVN的地址、账号、密码完成创建。

最终完成了从SVN拉取代码、编译、部署等一系列流程。

已知缺陷

1.SVN密码现在是明文的形式 2.template中暂未提供对build config、deploy config等的配置,界面还较为简单。

结语

本篇博客主要记录了工作过程,没有特别具体,但基本覆盖了所有过程。

仅供参考。

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

发表于

我来说两句

0 条评论
登录 后参与评论

相关文章

来自专栏数据和云

【循序渐进Oracle】Oracle的物理备份(上)

编辑手记:备份重于一切,我们必需知道,系统总是要崩溃的,没有有效的备份只是等哪一天死!今天你备份了吗?我们一起来回顾Oracle的物理备份,本文摘自《循序渐进O...

35680
来自专栏乐沙弥的世界

SHUTDOWN: Active processes prevent shutdown operation

      在使用shutdown immediate关闭数据库时hang住,查看alert 日志,遭遇了SHUTDOWN: Active processes ...

9820
来自专栏杨建荣的学习笔记

清理session的小插曲(r4笔记第95天)

前几天在做一次巡检的时候,通过top发现有3个进程占用的时间很长,之前也碰到过几次这种情况,但是排查发现是由于监控程序在运行,算是虚惊一场。 今天看到这些进程的...

36470
来自专栏散尽浮华

mysql下批量清空某个库下的所有表(库不要删除,保留空库)

总所周知,mysql下要想删除某个库下的某张表,只需要切换到该库下,执行语句"drop table tablename"即可删除!但若是该库下有成百上千张表,要...

14640
来自专栏杨建荣的学习笔记

ORACLE 10g 升级 11g问题汇总(31天)

按照计划开始了生产库的升级,环境基于linux 64位. uname: Linux 2.6.18-308.el5 #1 SMP Fri Jan 27 17:1...

62090
来自专栏杨建荣的学习笔记

关于生产系统锁问题的排查(r3笔记第79天)

今天生产系统中的一个daemon出现了严重的数据处理延迟,客户需要我们立即给出处理的方案。在综合评估之后,为了不保证在线业务延迟,开发部门给出了临时的解决意见。...

30250
来自专栏数据和云

12c特性解读:RAC MGMTDB资料库的转移与维护

戴明明(Dave) Oracle ACE-A,ACOUG核心成员,宝存科技数据库方案架构师 Dave也是CSDN 认证专家,超过7年的DBA经验,擅长Orac...

30640
来自专栏数据和云

Oracle 18.3 : 透过告警日志从安装初始化过程看 18c 的新改变

Oracle Database 18c 已经正式对外发布,第一个公共版本的版本号是 18.3 ,让我们从 18.3 的安装过程来一睹 18c 的改变。

10600
来自专栏MYSQL轻松学

MySQL中,一条语句是否会被binlog记录以及以什么样的模式记录

Binlog官方 In MySQL 5.6, whether a statement is to be logged and thelogging mode t...

33590
来自专栏杨建荣的学习笔记

备库跳归档恢复的有趣案例(r9笔记第19天)

在Data Guard环境中,主备库基本都是使用归档来传递数据的变化。如果主备的归档传输中断,同时主库的归档被删除或者损坏,这种情况下备库是没法开始继续...

34750

扫码关注云+社区

领取腾讯云代金券