openshift/origin工作记录(1)——S2I镜像定制(基于SVN)

上周的工作内容是迁移微服务管控平台到openshift集群上。定制了基于git的S2I,走通了从gitlab拉取代码、打包、部署等一系列流程,成功迁移并向部门老大做了汇报。 本周的工作是定制基于SVN的S2I,走通从SVN拉取代码、打包、部署这套流程。

本篇博客所用到的代码已上传至github。https://github.com/hu12081/openshift-s2i-tomcat-svn.git

s2i源码研究(能力不够,修改失败)

周一的时候在github上粗略阅读了source-to-image的源码,代码地址为https://github.com/openshift/source-to-image。整体代码采用go语言实现,https://github.com/openshift/source-to-image/tree/master/pkg/scm/downloaders目录下的代码应该是实现代码下载功能的,包括从本地文件路径拷贝代码、通过git克隆代码。

无奈对go语言一窍不通,如果从零学习go语言修改s2i的代码,短期内无法实现。强行建议老大抛弃openshift s2i那一套,走jkenins(虽然我还是一窍不通,但组内有人会,可以把锅甩出去。。。),老大基本被我说服。

修改builder镜像,定制部署模板(成功实现)

周二在看《开源容器云openshift》一书时,无意在书中发现作者的github,上面就有svn的demo,地址为https://github.com/nichochen/openshift-tomcat-svn。着实尴尬。

该项目的最后提交时间为两年前,在尝试部署的过程中发现存在以下问题:

1.ose-json文件夹下的openshift-tomcat7-svn-is.json存在语法错误。 2.该部署模板虽然集成了svn,但是在web界面上必须填写可用的git地址(该地址只用于跳过s2i验证),作者在README.md指出了该缺陷,缺没有修复。 3.没有提供svn的账号、密码输入功能。 4.直接clone该项目,在builder镜像的使用过程中,会报文件夹权限的问题。

优化已有的开源项目

参考我的博客openshift/origin学习记录(9)——S2I镜像定制(基于Git) 以下内容有做了一些定制化开发(基本都有表明)不具有通用性,不推荐直接复制粘贴使用!!!请自行修改参数、指令等内容。

创建S2I Builder镜像工作目录

通过s2i create命令创建一个名为tomcat-s2i的S2I Builder镜像。第二个参数tomcat-svn为S2I Builder镜像名称。第三个参数tomcat-svn-catalog定义了工作目录的名称。

s2i create tomcat-svn tomcat-svn-catalog

编写Dockerfile

修改tomcat-svn-catalog目录下的Dockerfile文件。

# openshift-tomcat8-svn
FROM docker.io/centos
# TODO: Put the maintainer name in the image metadata
MAINTAINER huliaoliao
# TODO: Rename the builder environment variable to inform users about application you provide them
ENV BUILDER_VERSION 1.0
# TODO: Set labels used in OpenShift to describe the builder image
LABEL io.openshift.s2i.scripts-url=image:///usr/libexec/s2i \
      io.k8s.description="Platform for building tomcat" \
      io.k8s.display-name="builder tomcat" \
      io.openshift.expose-services="8080:http" \
      io.openshift.tags="builder,tomcat,java,etc."
# TODO: Install required packages here:
COPY ./CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo
RUN yum makecache &&  yum install -y java-1.8.0-openjdk subversion maven && yum clean all -y
COPY ./s2i/bin/ /usr/libexec/s2i
# TODO (optional): Copy the builder files into /opt/app-root
COPY ./tomcat8/ /opt/app-root/tomcat8
# TODO: Copy the S2I scripts to /usr/local/s2i, since openshift/base-centos7 image sets io.openshift.s2i.scripts-url label that way, or update that label
#COPY ./s2i/bin/ /usr/libexec/s2i
# TODO: Drop the root user and make the content of /opt/app-root owned by user 1001
RUN useradd -m tomcat -u 1002 && \
    chmod -R a+rw /opt && \
    chmod -R a+rw /opt/app-root && \
    chmod a+rwx /opt/app-root/tomcat8/* && \
    chmod +x /opt/app-root/tomcat8/bin/*.sh && \
    rm -rf /opt/app-root/tomcat8/webapps/* && \
    rm -rf /usr/share/maven/conf/settings.xml
ADD ./settings.xml /usr/share/maven/conf/
# This default user is created in the openshift/base-centos7 image
USER 1002
# TODO: Set the default port for applications built using this image
EXPOSE 8080
ENTRYPOINT []
# TODO: Set the default CMD for the image
CMD ["/usr/libexec/s2i/usage"]

其中COPY ./CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo是为了换源。rm -rf /usr/share/maven/conf/settings.xmlADD ./settings.xml /usr/share/maven/conf/是修改镜像中maven的配置,指向自己的maven库。

下载tomcat

wget http://archive.apache.org/dist/tomcat/tomcat-8/v8.5.5/bin/apache-tomcat-8.5.5.tar.gz

解压到tomcat-svn-catalog目录下的tomcat8文件夹下。

修改s2i/bin/assemble脚本(负责源代码的编译、构建以及构建产出物的部署)

#!/bin/bash -e
#
# S2I assemble script for the 'nico-tomcat' image.
# The 'assemble' script builds your application source ready to run.
#
# For more information refer to the documentation:
#       https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md
#
# Restore artifacts from the previous build (if they exist).
#
if [ "$1" = "-h" ]; then
        # If the 'nico-tomcat' assemble script is executed with '-h' flag,
        # print the usage.
        exec /usr/libexec/s2i/usage
fi
# Restore artifacts from the previous build (if they exist).
#
if [ "$(ls /tmp/artifacts/ 2>/dev/null)" ]; then
  echo "---> Restoring build artifacts"
  mv /tmp/artifacts/. ./
fi
echo "---> Installing application source"
WORK_DIR=/tmp/src;
cd $WORK_DIR;
if [ ! -z ${SVN_URI} ] ; then
  echo "Fetching source from Subversion repository ${SVN_URI}"
  svn co ${SVN_URI} --username=${SVN_USERNAME} --password=${SVN_PASSWORD} --no-auth-cache
  export SRC_DIR=`basename $SVN_URI`
  echo "Finished fetching source from Subversion repository ${SVN_URI}"
  cd $WORK_DIR/$SRC_DIR/
  mvn package -Dmaven.test.skip=true;
else
  echo "SVN_URI not set, skip Subverion source download";
fi
find /tmp/src/ -name '*.war'|xargs -i mv -v {} /opt/app-root/tomcat8/webapps/ROOT.war
echo "---> Building application from source"

文件中下面这句就是根据用户输入的svn路径、账号、密码下载代码。

 svn co ${SVN_URI} --username=${SVN_USERNAME} --password=${SVN_PASSWORD} --no-auth-cache

编辑s2i/bin/run脚本(S2I流程生成的最终镜像将以这个脚本作为容器的启动命令)。

脚本内容为启动tomcat。

#!/bin/bash -e
#
# S2I run script for the 'nico-tomcat' image.
# The run script executes the server that runs your application.
#
# For more information see the documentation:
#       https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md
#
exec /opt/app-root/tomcat8/bin/catalina.sh run

构建镜像并推送到自己的镜像仓库

在tomcat-svn-catalog目录下执行make。得到docker镜像后修改tag推送到镜像仓库。

在master节点上创建openshift-tomcat8-svn-is.json文件

{
  "kind": "ImageStreamList",
  "apiVersion": "v1",
  "metadata": {},
  "items": [
    {
      "kind": "ImageStream",
      "apiVersion": "v1",
      "metadata": {
        "name": "openshift-tomcat8-svn",
        "annotations": {"openshift.io/image.insecureRepository": "true"},
        "creationTimestamp": null
      },
      "spec": {
        "dockerImageRepository": "master.example.com:5000/openshift-tomcat8-svn",
        "tags": [
          {
            "name": "latest"
          },
          {
            "name": "2.0",
            "annotations": {
              "description": "Run JavaEE WAR applications",
              "iconClass": "icon-ruby",
              "tags": "builder,tomcat,java,war",
              "supports": "java",
              "version": "1.0"
            },
            "from": {
              "kind": "ImageStreamTag",
              "name": "latest"
            }
          }
        ]
      }
    }  ]
}

集群管理员账号执行命令。

oc create -n openshift -f openshift-tomcat8-svn-is.json

在master节点上创建openshift-tomcat8-svn-removegit-template.json文件

{
    "kind": "Template",
    "apiVersion": "v1",
    "metadata": {
        "annotations": {
            "iconClass" : "icon-tomcat",
            "description": "Application template for JavaEE WAR deployment with Tomcat 8."
        },
        "name": "openshift-tomcat8-svn-removegit"
    },
    "labels": {
        "template": "openshift-tomcat8-svn-removegit"
    },
    "parameters": [
        {
            "description": "Tomcat 8.5.5",
            "name": "IMG_VERSION",
            "displayName":"Image Version",
            "value": "latest",
            "required": true
        },
        {
            "description": "The name for the application.",
            "name": "APPLICATION_NAME",
            "displayName":"Application Name",
            "value": "",
            "required": true
        },
        {
            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
            "name": "APPLICATION_HOSTNAME",
            "displayName":"Application Hostname",
            "value": ""
        },
        {
            "description": "Subversion source URI for application",
            "name": "SVN_URI",
            "displayName":"Subversion source URI",
            "value": "",
            "required": true
        },
        {
            "description": "Subversion Username",
            "name": "SVN_USERNAME",
            "displayName":"Subversion Username",
            "value": "",
            "required": true
        },
        {
            "description": "Subversion Password",
            "name": "SVN_PASSWORD",
            "displayName":"Subversion Password",
            "value": "",
            "required": true
        }
    ],
    "objects": [
        {
            "kind": "Service",
            "apiVersion": "v1",
            "spec": {
                "ports": [
                    {
                        "port": 8080,
                        "targetPort": 8080
                    }
                ],
                "selector": {
                    "deploymentConfig": "${APPLICATION_NAME}"
                }
            },
            "metadata": {
                "name": "${APPLICATION_NAME}",
                "labels": {
                    "application": "${APPLICATION_NAME}"
                },
                "annotations": {
                    "description": "The web server's http port."
                }
            }
        },
        {
            "kind": "Route",
            "apiVersion": "v1",
            "id": "${APPLICATION_NAME}-http-route",
            "metadata": {
                "name": "${APPLICATION_NAME}-http-route",
                "labels": {
                    "application": "${APPLICATION_NAME}"
                },
                "annotations": {
                    "description": "Route for application's http service."
                }
            },
            "spec": {
                "host": "${APPLICATION_HOSTNAME}",
                "to": {
                    "name": "${APPLICATION_NAME}"
                }
            }
        },
        {
            "kind": "ImageStream",
            "apiVersion": "v1",
            "metadata": {
                "name": "${APPLICATION_NAME}",
                "labels": {
                    "application": "${APPLICATION_NAME}"
                }
            }
        },
        {
            "kind": "BuildConfig",
            "apiVersion": "v1",
            "metadata": {
                "name": "${APPLICATION_NAME}",
                "labels": {
                    "application": "${APPLICATION_NAME}"
                }
            },
            "spec": {
                "strategy": {
                    "type": "Source",
                    "sourceStrategy": {
                        "from": {
                            "kind": "ImageStreamTag",
                            "namespace": "openshift",
                            "name": "openshift-tomcat8-svn:latest"
                        },
                        "env": [
                                    {
                                        "name": "SVN_URI",
                                        "value": "${SVN_URI}"
                                    },
                                    {
                                        "name": "SVN_USERNAME",
                                        "value": "${SVN_USERNAME}"
                                    },
                                    {
                                        "name": "SVN_PASSWORD",
                                        "value": "${SVN_PASSWORD}"
                                    }

                       ]
                    }
                },
                "output": {
                    "to": {
                        "kind": "ImageStreamTag",
                        "name": "${APPLICATION_NAME}:latest"
                    }
                },
                "triggers": [
                    {
                        "type": "GitHub",
                        "github": {
                            "secret": "${GITHUB_TRIGGER_SECRET}"
                        }
                    },
                    {
                        "type": "Generic",
                        "generic": {
                            "secret": "${GENERIC_TRIGGER_SECRET}"
                        }
                    },
                    {
                        "type": "ImageChange",
                        "imageChange": {}
                    }
                ]
            }
        },
        {
            "kind": "DeploymentConfig",
            "apiVersion": "v1",
            "metadata": {
                "name": "${APPLICATION_NAME}",
                "labels": {
                    "application": "${APPLICATION_NAME}"
                }
            },
            "spec": {
                "strategy": {
                    "type": "Recreate"
                },
                "triggers": [
                    {
                        "type": "ImageChange",
                        "imageChangeParams": {
                            "automatic": true,
                            "containerNames": [
                                "${APPLICATION_NAME}"
                            ],
                            "from": {
                                "kind": "ImageStream",
                                "name": "${APPLICATION_NAME}"
                            }
                        }
                    }
                ],
                "replicas": 1,
                "selector": {
                    "deploymentConfig": "${APPLICATION_NAME}"
                },
                "template": {
                    "metadata": {
                        "name": "${APPLICATION_NAME}",
                        "labels": {
                            "deploymentConfig": "${APPLICATION_NAME}",
                            "application": "${APPLICATION_NAME}"
                        }
                    },
                    "spec": {
                        "containers": [
                            {
                                "name": "${APPLICATION_NAME}",
                                "image": "${APPLICATION_NAME}",
                                "imagePullPolicy": "Always",
                                "readinessProbe": {
                                    "exec": {
                                        "command": [
                                            "/bin/bash",
                                            "-c",
                                            "curl http://localhost:8080"
                                        ]
                                    }
                                },
                                "ports": [
                                    {
                                        "name": "http",
                                        "containerPort": 8080,
                                        "protocol": "TCP"
                                    }
                                ],
                                "env": [
                                    {
                                        "name": "SVN_URI",
                                        "value": "${SVN_URI}"
                                    }

                                ]
                            }
                        ]
                    }
                }
            }
        }
    ]
}

集群管理员账号执行命令。

oc create -n openshift -f openshift-tomcat8-svn-removegit-template.json

验证

可从界面输入SVN的地址、账号、密码完成创建。

最终完成了从SVN拉取代码、编译、部署等一系列流程。

已知缺陷

1.SVN密码现在是明文的形式 2.template中暂未提供对build config、deploy config等的配置,界面还较为简单。

结语

本篇博客主要记录了工作过程,没有特别具体,但基本覆盖了所有过程。

仅供参考。

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

发表于

我来说两句

0 条评论
登录 后参与评论

相关文章

来自专栏安恒网络空间安全讲武堂

Jarvis-OJ平台多题WriteUp分享

题目 ## PORT51 ## LOCALHOST ## Login ## 神盾局的秘密 ## IN A Mess ## RE ## flag在管理员手里 ##...

1.3K10
来自专栏虚拟化云计算

openstack如何扩展API之一:新添加API

(本文以nova-api为例子,完整的描述了如何添加一个新的nova-api过程,并写一个测试程序进行测试)

2898
来自专栏大内老A

通过扩展改善ASP.NET MVC的验证机制[使用篇]

ASP.NET MVC提供一种基于元数据的验证方式是我们可以将相应的验证特性应用到作为Model实体的类型或者属性/字段上,但是这依然具有很多的不足。在这篇文章...

1635
来自专栏xingoo, 一个梦想做发明家的程序员

Spark源码分析之Spark Shell(下)

继上次的Spark-shell脚本源码分析,还剩下后面半段。由于上次涉及了不少shell的基本内容,因此就把trap和stty放在这篇来讲述。 上篇回顾:S...

25710
来自专栏区块链入门

第四课 以太坊开发框架Truffle从入门到实战

Truffle是一个世界级的开发环境,测试框架,以太坊的资源管理通道,致力于让以太坊上的开发变得简单,Truffle有以下:

1153
来自专栏开源优测

RFC1945 超文本传输协议--HTTP/1.0 之一

852
来自专栏liulun

ASP.NET CORE Linux发布工具(文件对比 只上传差异文件;自动启停WebServer命令;上传完成自动预热WebServer)

1552
来自专栏潇涧技术专栏

Head First Systrace

深入浅出systrace(1)systrace的简单介绍和systrace工具源码分析。

771
来自专栏大魏分享(微信公众号:david-share)

Openshift上应用构建与部署方式大全

一、部署1000中应用的六种武器 从开发者角度,在Openshift上部署大量的应用时,最难的事情,不是如何部署这些应用,而是如何找到最好的方法来部署这些应用。...

6006
来自专栏王磊的博客

Spring Boot (八)MyBatis + Docker + MongoDB 4.x

MongoDB是一个强大、灵活,且易于扩展的通用型数据库。MongoDB是C++编写的文档型数据库,有着丰富的关系型数据库的功能,并在4.0之后添加了事务支持。

872

扫码关注云+社区