From e8b25c1e6ad2073801ec4637964e4d85fcdd26bf Mon Sep 17 00:00:00 2001 From: Thomas E Lackey Date: Fri, 9 Feb 2024 00:17:26 +0000 Subject: [PATCH] Fixes for prod k8s --- Dockerfile | 18 ++++---- docker-compose.yml | 9 ++-- run.sh | 100 +++++++++++++++++++++++++++++---------------- src/config.ts | 2 +- storage.conf | 2 +- 5 files changed, 80 insertions(+), 51 deletions(-) diff --git a/Dockerfile b/Dockerfile index b8a0620..ece1162 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,14 @@ FROM ubuntu:22.04 RUN apt update && \ apt install -y --no-install-recommends --no-install-suggests \ - netcat-traditional ca-certificates curl gnupg git podman fuse-overlayfs iproute2 + netcat-traditional ca-certificates curl gnupg git fuse-overlayfs iproute2 podman iptables + +# Podman +#WORKDIR /tmp +#RUN curl -LO https://github.com/mgoltzsche/podman-static/releases/latest/download/podman-linux-amd64.tar.gz && \ +# tar zxvf podman-linux-amd64.tar.gz && \ +# cp -r podman-linux-amd64/usr podman-linux-amd64/etc / && \ +# rm -rf podman-linux-amd64 # Node ARG NODE_MAJOR=20 @@ -27,13 +34,10 @@ RUN npm config set @cerc-io:registry https://git.vdb.to/api/packages/cerc-io/npm # symlink podman to docker RUN ln -s $(which podman) $(dirname `which podman`)/docker +#RUN ln -s /usr/local/bin/podman /usr/bin/podman && \ +# ln -s /usr/local/bin/podman /usr/bin/docker -RUN mkdir -p /srv/containers/podman && \ - mkdir -p /srv/containers/logs - -COPY storage.conf /etc/containers - -RUN mkdir -p /app +RUN mkdir -p /srv && mkdir -p /app COPY . /app/ WORKDIR /app/ diff --git a/docker-compose.yml b/docker-compose.yml index 2a9b31f..c85a262 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,16 +1,13 @@ - services: - server: + cerc-webapp-deployer: image: cerc/webapp-deployer-backend:local restart: always volumes: - - containers:/srv/containers/podman - - logs:/srv/logs + - srv:/srv - config:/etc/config:ro ports: - 9555 volumes: config: - containers: - logs: + srv: diff --git a/run.sh b/run.sh index fcef1fc..df7cdb0 100755 --- a/run.sh +++ b/run.sh @@ -1,5 +1,15 @@ #!/bin/bash +function is_privileged { + ip link add dummy0 type dummy >/dev/null + if [[ $? -eq 0 ]]; then + echo "true" + ip link delete dummy0 >/dev/null + else + echo "false" + fi +} + if [ -z "$DEPLOYMENT_DNS_SUFFIX" ]; then echo "DEPLOYMENT_DNS_SUFFIX is required." exit 2 @@ -25,61 +35,79 @@ if [ ! -f "/etc/config/kube.yml" ]; then exit 2 fi -if [ ! -z "$IMAGE_REGISTRY_CREDS" ]; then - docker login --password "$IMAGE_REGISTRY_CREDS" --username ${IMAGE_REGISTRY_USER:-ANY} $IMAGE_REGISTRY +STORAGE_ROOT="${STORAGE_ROOT:-/srv}" +DEPLOYMENTS_DIR="${DEPLOYMENTS_DIR:-$STORAGE_ROOT/deployments}" +LOG_DIR="${LOG_DIR:-$STORAGE_ROOT/logs}" +CONTAINERS_DIR="${CONTAINER_DIR:-$STORAGE_ROOT/containers}" + +if [[ ! -d "${DEPLOYMENTS_DIR}" ]]; then + mkdir -p "${DEPLOYMENTS_DIR}" fi -function is_privileged { - ip link add dummy0 type dummy >/dev/null - if [[ $? -eq 0 ]]; then - echo "true" - ip link delete dummy0 >/dev/null - else - echo "false" +LOG_OPTS="" +if [[ -n "${LOG_DIR}" ]]; then + if [[ ! -d "${LOG_DIR}" ]]; then + mkdir -p "${LOG_DIR}" fi -} - -if [[ "true" == "`is_privileged`" ]]; then - echo "Using 'overlay' storage driver." -else - echo "Using 'vfs' storage driver." - sed -i 's/"overlay"/"vfs"/g' /etc/containers/storage.conf + LOG_OPTS="--log-dir $LOG_DIR" fi -if [ ! -d "/srv/deployments/webapps" ]; then - mkdir -p /srv/deployments/webapps +if [[ ! -d "${CONTAINERS_DIR}" ]]; then + mkdir -p "${CONTAINERS_DIR}" fi -if [ "$CLEAN_STATE" == "true" ]; then - echo "Removing existing state..." - rm -f /srv/deployments//webapps/*.state +if [[ "$CLEAN_DEPLOYMENTS" == "true" ]]; then + echo "Cleaning deployments directory..." + rm -rf ${DEPLOYMENTS_DIR}/* +fi + +if [[ "$CLEAN_CONTAINERS" == "true" ]]; then + echo "Cleaning containers directory..." + rm -rf ${CONTAINERS_DIR}/* +fi + +if [[ "$CLEAN_LOGS" == "true" ]] && [[ -n "$LOG_DIR" ]]; then + echo "Cleaning logs directory..." + rm -rf ${LOG_DIR}/* +fi + +STORAGE_DRIVER="${STORAGE_DRIVER}" +if [[ -z "${STORAGE_DRIVER}" ]]; then + if [[ "true" == "`is_privileged`" ]]; then + STORAGE_DRIVER="overlay" + else + STORAGE_DRIVER="vfs" + fi +fi +echo "Using '$STORAGE_DRIVER' storage driver." + +cat > /etc/containers/storage.conf <