Skip to content

Commit

Permalink
Merge pull request #91 from grycap/dev-srisco
Browse files Browse the repository at this point in the history 
Use PVC for context in kaniko builds
  • Loading branch information
@srisco
srisco authored Jan 10, 2020
2 parents 9f360ad + f1b4079 commit 13fb7d3
Show file tree
Hide file tree
Showing 3 changed files with 53 additions and 85 deletions.
48 changes: 23 additions & 25 deletions src/providers/onpremises/clients/kaniko.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,16 +20,19 @@

class KanikoClient():

namespace = 'kaniko-builds'
namespace = 'oscar'

def __init__(self, function_args):
self.registry_name = utils.get_environment_variable("DOCKER_REGISTRY")
self.function_args = function_args
self.function_image_folder = utils.join_paths(
self.function_image_folder = utils.get_random_uuid4_str()
self.function_image_path = utils.join_paths(
'/pv/kaniko-builds',
utils.get_random_uuid4_str())
self.function_image_folder)
self.root_path = os.path.dirname(os.path.dirname(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))))
self.job_name = '{0}-build-job'.format(function_args['name'])
self.job_name = '{0}-build'.format(function_args['name'])
self.registry_image_id = '{0}/{1}'.format(self.registry_name,
self.function_args['name'])

def _copy_dockerfile(self):
# Get function Dockerfile paths
Expand All @@ -40,7 +43,7 @@ def _copy_dockerfile(self):
'function_template',
'Dockerfile')
func_dockerfile_dest_path = utils.join_paths(
self.function_image_folder,
self.function_image_path,
'Dockerfile')
# Modify Dockerfile
with open(func_dockerfile_path, 'r') as f_in:
Expand All @@ -55,28 +58,28 @@ def _download_binaries(self):
utils.download_github_asset('openfaas',
'faas',
'fwatchdog',
self.function_image_folder)
fwatchdog_path = os.path.join(self.function_image_folder, 'fwatchdog')
self.function_image_path)
fwatchdog_path = os.path.join(self.function_image_path, 'fwatchdog')
fwatchdog_st = os.stat(fwatchdog_path)
os.chmod(fwatchdog_path, fwatchdog_st.st_mode | stat.S_IEXEC)
# Download faas-supervisor binary and set exec permissions
release = utils.get_environment_variable('SUPERVISOR_VERSION')
utils.download_github_asset('grycap',
utils.download_github_asset('grycap',
'faas-supervisor',
'supervisor',
self.function_image_folder,
self.function_image_path,
release=release)
supervisor_path = os.path.join(self.function_image_folder, 'supervisor')
supervisor_path = os.path.join(self.function_image_path, 'supervisor')
supervisor_st = os.stat(supervisor_path)
os.chmod(supervisor_path, supervisor_st.st_mode | stat.S_IEXEC)

def _copy_user_script(self):
utils.create_file_with_content(
utils.join_paths(self.function_image_folder, 'user_script.sh'),
utils.join_paths(self.function_image_path, 'user_script.sh'),
utils.base64_to_utf8_string(self.function_args['script']))

def _copy_required_files(self):
os.makedirs(self.function_image_folder, exist_ok=True)
os.makedirs(self.function_image_path, exist_ok=True)
# Get function Dockerfile paths
self._copy_dockerfile()
# Download required binaries
Expand All @@ -86,12 +89,10 @@ def _copy_required_files(self):

def _delete_image_files(self):
# Delete all the temporal files created for the image creation
utils.delete_folder(self.function_image_folder)
utils.delete_folder(self.function_image_path)

def _create_kaniko_job_definition(self):
self.registry_image_id = '{0}/{1}'.format(self.registry_name,
self.function_args['name'])
job = {
return {
'apiVersion': 'batch/v1',
'kind': 'Job',
'metadata': {
Expand All @@ -106,10 +107,8 @@ def _create_kaniko_job_definition(self):
'name': 'build',
'image': 'gcr.io/kaniko-project/executor:latest',
'args': [
'-c',
'/workspace/',
'-d',
self.registry_image_id,
'--context=dir:///workspace',
f'--destination={self.registry_image_id}',
'--skip-tls-verify',
'--skip-tls-verify-pull'
],
Expand All @@ -122,7 +121,8 @@ def _create_kaniko_job_definition(self):
'volumeMounts': [
{
'name': 'build-context',
'mountPath': '/workspace'
'mountPath': '/workspace',
'subPath': self.function_image_folder
}
]
}
Expand All @@ -131,17 +131,15 @@ def _create_kaniko_job_definition(self):
'volumes': [
{
'name': 'build-context',
'hostPath': {
'path': self.function_image_folder,
'type': 'Directory'
'persistentVolumeClaim': {
'claimName': 'oscar-pv-claim'
}
}
]
}
}
}
}
return job

def create_and_push_docker_image(self, kubernetes_client):
# Copy/create function required files
Expand Down
36 changes: 11 additions & 25 deletions templates/oscar-latest.radl
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@

description kubernetes (
description oscar (
kind = 'main' and
short = 'Install and configure a cluster using the grycap.kubernetes ansible role and install all needed services to run OSCAR.' and
content = 'The template installs the grycap.kubernetes ansible role. Initially the template creates as many working node hostnames as the sum of the values of feature "ec3_max_instances_max" in every system.
Expand All @@ -10,7 +9,7 @@ Webpage: https://kubernetes.io/'
network public (
# kubernetes ports
outbound = 'yes' and
outports contains '443/tcp,22/tcp,6443/tcp,31112/tcp,32112/tcp,31852/tcp,8800/tcp'
outports contains '80/tcp,443/tcp,22/tcp,6443/tcp,31112/tcp,32112/tcp,31852/tcp,8800/tcp'
)

network private ()
Expand All @@ -33,15 +32,10 @@ system front (
disk.0.applications contains (name = 'ansible.modules.grycap.clues') and
disk.0.applications contains (name = 'ansible.modules.grycap.im') and
disk.1.type='standard' and
disk.1.size=20GB and
disk.1.size=50GB and
disk.1.device='vdf' and
disk.1.fstype='ext4' and
disk.1.mount_path='/pv/minio' and
disk.2.type='standard' and
disk.2.size=20GB and
disk.2.device='vdg' and
disk.2.fstype='ext4' and
disk.2.mount_path='/pv/registry'
disk.1.mount_path='/pv'
)

configure front (
Expand All @@ -55,8 +49,6 @@ configure front (
NNODES: '{{ SYSTEMS | selectattr("ec3_max_instances_max", "defined") | sum(attribute="ec3_max_instances_max") }}'

pre_tasks:
- name: Create dir for kaniko builds
file: path=/pv/kaniko-builds state=directory mode=755
- name: Create auth file dir
file: path=/etc/kubernetes/pki state=directory mode=755 recurse=yes
- name: Create auth data file with an admin user
Expand All @@ -69,9 +61,7 @@ configure front (
- role: 'grycap.nfs'
nfs_mode: 'front'
nfs_exports:
- {path: "/pv/minio", export: "*.localdomain(rw,async,no_root_squash,no_subtree_check,insecure)"}
- {path: "/pv/registry", export: "*.localdomain(rw,async,no_root_squash,no_subtree_check,insecure)"}
- {path: "/pv/kaniko-builds", export: "*.localdomain(rw,async,no_root_squash,no_subtree_check,insecure)"}
- {path: "/pv", export: "*.localdomain(rw,async,no_root_squash,no_subtree_check,insecure)"}

- role: 'grycap.kubernetes'
kube_server: 'kubeserver'
Expand All @@ -81,10 +71,7 @@ configure front (
- {option: "--service-node-port-range", value: "80-32767"}
kube_deploy_dashboard: true
kube_install_metrics: true
kube_persistent_volumes:
- {namespace : "minio", name : "pvnfsminio", label : "minio", capacity_storage : "20Gi", nfs_path : "/pv/minio"}
- {namespace : "docker-registry", name : "pvnfsregistry", label : "registry", capacity_storage : "20Gi", nfs_path : "/pv/registry"}
- {namespace : "oscar", name : "pvnfskanikobuilds", label : "oscar-manager", capacity_storage : "2Gi", nfs_path : "/pv/kaniko-builds"}
kube_install_nfs_client: true
kube_version: 'latest'

- role: 'grycap.kubefaas'
Expand All @@ -100,14 +87,15 @@ configure front (
- role: 'grycap.kuberegistry'
public_access: false
type_of_node: "front"
svc_name: "registry.docker-registry"
delete_enabled: true
master_deploy: true

- role: 'grycap.kubeoscar'
minio_pass: '{{ minio_secret }}'
vue_app_backend_host: '{{ hostvars[groups["front"][0]]["IM_NODE_PUBLIC_IP"] }}:{{ nginx_https_nodeport }}'
master_deploy: true
# Last supervisor version until FDL. Not implemented in OSCAR yet.
supervisor_version: 1.1.2

- role: 'grycap.im'

Expand Down Expand Up @@ -145,9 +133,7 @@ configure wn (
- role: 'grycap.nfs'
nfs_mode: 'wn'
nfs_client_imports:
- {local: "/pv/minio", remote: "/pv/minio", server_host: "kubeserver.localdomain"}
- {local: "/pv/registry", remote: "/pv/registry", server_host: "kubeserver.localdomain"}
- {local: "/pv/kaniko-builds", remote: "/pv/kaniko-builds", server_host: "kubeserver.localdomain"}
- {local: "/pv", remote: "/pv", server_host: "kubeserver.localdomain"}

- role: 'grycap.kubernetes'
kube_type_of_node: 'wn'
Expand All @@ -157,12 +143,12 @@ configure wn (
- role: 'grycap.kuberegistry'
public_access: false
type_of_node: "wn"
svc_name: "registry.docker-registry"

@end
)

include kube_misc (
template = 'openports'
)

deploy front 1
deploy front 1
54 changes: 19 additions & 35 deletions templates/oscar.radl
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@

description kubernetes (
description oscar (
kind = 'main' and
short = 'Install and configure a cluster using the grycap.kubernetes ansible role and install all needed services to run OSCAR.' and
content = 'The template installs the grycap.kubernetes ansible role. Initially the template creates as many working node hostnames as the sum of the values of feature "ec3_max_instances_max" in every system.
Expand All @@ -10,7 +9,7 @@ Webpage: https://kubernetes.io/'
network public (
# kubernetes ports
outbound = 'yes' and
outports contains '443/tcp,22/tcp,6443/tcp,31112/tcp,32112/tcp,31852/tcp,8800/tcp'
outports contains '80/tcp,443/tcp,22/tcp,6443/tcp,31112/tcp,32112/tcp,31852/tcp,8800/tcp'
)

network private ()
Expand All @@ -33,15 +32,10 @@ system front (
disk.0.applications contains (name = 'ansible.modules.grycap.clues') and
disk.0.applications contains (name = 'ansible.modules.grycap.im') and
disk.1.type='standard' and
disk.1.size=20GB and
disk.1.size=50GB and
disk.1.device='vdf' and
disk.1.fstype='ext4' and
disk.1.mount_path='/pv/minio' and
disk.2.type='standard' and
disk.2.size=20GB and
disk.2.device='vdg' and
disk.2.fstype='ext4' and
disk.2.mount_path='/pv/registry'
disk.1.mount_path='/pv'
)

configure front (
Expand All @@ -55,8 +49,6 @@ configure front (
NNODES: '{{ SYSTEMS | selectattr("ec3_max_instances_max", "defined") | sum(attribute="ec3_max_instances_max") }}'

pre_tasks:
- name: Create dir for kaniko builds
file: path=/pv/kaniko-builds state=directory mode=755
- name: Create auth file dir
file: path=/etc/kubernetes/pki state=directory mode=755 recurse=yes
- name: Create auth data file with an admin user
Expand All @@ -69,9 +61,7 @@ configure front (
- role: 'grycap.nfs'
nfs_mode: 'front'
nfs_exports:
- {path: "/pv/minio", export: "*.localdomain(rw,async,no_root_squash,no_subtree_check,insecure)"}
- {path: "/pv/registry", export: "*.localdomain(rw,async,no_root_squash,no_subtree_check,insecure)"}
- {path: "/pv/kaniko-builds", export: "*.localdomain(rw,async,no_root_squash,no_subtree_check,insecure)"}
- {path: "/pv", export: "*.localdomain(rw,async,no_root_squash,no_subtree_check,insecure)"}

- role: 'grycap.kubernetes'
kube_server: 'kubeserver'
Expand All @@ -81,18 +71,15 @@ configure front (
- {option: "--service-node-port-range", value: "80-32767"}
kube_deploy_dashboard: true
kube_install_metrics: true
kube_persistent_volumes:
- {namespace : "minio", name : "pvnfsminio", label : "minio", capacity_storage : "20Gi", nfs_path : "/pv/minio"}
- {namespace : "docker-registry", name : "pvnfsregistry", label : "registry", capacity_storage : "20Gi", nfs_path : "/pv/registry"}
- {namespace : "oscar", name : "pvnfskanikobuilds", label : "oscar-manager", capacity_storage : "2Gi", nfs_path : "/pv/kaniko-builds"}
kube_version: 1.13.6
kube_install_nfs_client: true
kube_version: 1.16.4

- role: 'grycap.kubefaas'
faas_framework: 'openfaas'
master_deploy: true
faas_chart_version: 3.3.0
cli_version: 0.8.11
oscar_worker_version: 1.2.0
faas_chart_version: 5.4.0
cli_version: 0.11.3
oscar_worker_version: 1.2.1

- role: 'grycap.kubeminio'
enable_notifications: true
Expand All @@ -103,18 +90,17 @@ configure front (
- role: 'grycap.kuberegistry'
public_access: false
type_of_node: "front"
svc_name: "registry.docker-registry"
delete_enabled: true
master_deploy: true

- role: 'grycap.kubeoscar'
minio_pass: '{{ minio_secret }}'
vue_app_backend_host: '{{ hostvars[groups["front"][0]]["IM_NODE_PUBLIC_IP"] }}:{{ nginx_https_nodeport }}'
master_deploy: true
oscar_version: 1.1.1
oscar_ui_version: 1.0.0
supervisor_version: 1.0.5
onetrigger_version: 1.0.3
oscar_version: 1.2.0
oscar_ui_version: 1.0.1
supervisor_version: 1.1.2
onetrigger_version: 1.0.4

- role: 'grycap.im'

Expand All @@ -131,7 +117,7 @@ configure front (
- { section: 'monitoring', option: 'PERIOD_LIFECYCLE', value: '10' }
- { section: 'monitoring', option: 'PERIOD_MONITORING_NODES', value: '2' }
- { section: 'client', option: 'CLUES_REQUEST_WAIT_TIMEOUT', value: '3000' }
# These options enable to have always one slot free
# These options enable to have always one slot and 1GB of memory free
- { section: 'scheduling', option: 'SCHEDULER_CLASSES', value: 'clueslib.schedulers.CLUES_Scheduler_PowOn_Requests, clueslib.schedulers.CLUES_Scheduler_Reconsider_Jobs, clueslib.schedulers.CLUES_Scheduler_PowOff_IDLE, clueslib.schedulers.CLUES_Scheduler_PowOn_Free' }
- { section: 'scheduling', option: 'EXTRA_SLOTS_FREE', value: '1' }

Expand All @@ -152,24 +138,22 @@ configure wn (
- role: 'grycap.nfs'
nfs_mode: 'wn'
nfs_client_imports:
- {local: "/pv/minio", remote: "/pv/minio", server_host: "kubeserver.localdomain"}
- {local: "/pv/registry", remote: "/pv/registry", server_host: "kubeserver.localdomain"}
- {local: "/pv/kaniko-builds", remote: "/pv/kaniko-builds", server_host: "kubeserver.localdomain"}
- {local: "/pv", remote: "/pv", server_host: "kubeserver.localdomain"}

- role: 'grycap.kubernetes'
kube_type_of_node: 'wn'
kube_server: 'kubeserver'
kube_version: 1.13.6
kube_version: 1.16.4

- role: 'grycap.kuberegistry'
public_access: false
type_of_node: "wn"
svc_name: "registry.docker-registry"

@end
)

include kube_misc (
template = 'openports'
)

deploy front 1
deploy front 1

0 comments on commit 13fb7d3

Please sign in to comment.