-
-
Notifications
You must be signed in to change notification settings - Fork 102
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docker: New dockernode.yml playbook to automate deployment of docker …
…static containers (#3390) * automate deployment of dockernode * check if dockerfiles exist * correct copy address * correct src address * correct variable used * typo * linter * linter * upper case name * test dockerfile verification * debug * debug typo * change path and correct variable * delegate stat to localhost * change path * change path * debug: find current location * change path * remove debug pwd, change path * remove debug * reinclude include task * change path of destination * Add vendor_files role to retrieve jenkins public key * update regex and change command to shell * update dockerfiles, ubuntu2310, alpine 319, fedora39, deb12 * add comments to new tasks
- Loading branch information
1 parent
bce50f1
commit 63d7307
Showing
7 changed files
with
133 additions
and
11 deletions.
There are no files selected for viewing
18 changes: 18 additions & 0 deletions
18
ansible/playbooks/AdoptOpenJDK_Unix_Playbook/dockernode.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| --- | ||
| ############################### | ||
| # Adoptium - Ansible Playbook # | ||
| ############################### | ||
| # This playbook is used to deploy static docker containers onto dockerhost machines | ||
| # https://github.com/adoptium/infrastructure/issues/3370 | ||
|
|
||
| - name: Dockernode playbook | ||
| hosts: all | ||
| gather_facts: yes | ||
|
|
||
| roles: | ||
| - role: Debug | ||
| tags: debug | ||
| - role: Get_Vendor_Files | ||
| tags: deploy | ||
| - role: deploy_container | ||
| tags: deploy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...DockerStatic/Dockerfiles/Dockerfile.deb11 → ...DockerStatic/Dockerfiles/Dockerfile.deb12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
44 changes: 44 additions & 0 deletions
44
ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.u2310
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,44 @@ | ||
| FROM ubuntu:23.10 | ||
|
|
||
| ENV DEBIAN_FRONTEND=noninteractive | ||
| RUN apt-get update && apt-get install -qq -y perl openssh-server unzip zip gnupg curl | ||
|
|
||
| # Get latest jdk17 ga | ||
| RUN wget -q 'https://api.adoptium.net/v3/binary/latest/17/ga/linux/x64/jdk/hotspot/normal/eclipse?project=jdk' -O /tmp/jdk17.tar.gz | ||
| RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B | ||
| # Get sig file for latest jdk17 ga | ||
| RUN wget -q `curl -s 'https://api.adoptium.net/v3/assets/feature_releases/17/ga?architecture=x64&heap_size=normal&image_type=jdk&jvm_impl=hotspot&os=linux&page=0&page_size=1&project=jdk&vendor=eclipse' | grep signature_link | awk '{split($0,a,"\""); print a[4]}'` -O /tmp/jdk17.sig | ||
| RUN gpg --verify /tmp/jdk17.sig /tmp/jdk17.tar.gz | ||
| RUN mkdir -p /usr/lib/jvm/jdk17 && tar -xpzf /tmp/jdk17.tar.gz -C /usr/lib/jvm/jdk17 --strip-components=1 | ||
|
|
||
| # Install ant | ||
| RUN wget -q -O /tmp/ant.zip 'https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.5-bin.zip' | ||
| RUN wget -q -O /tmp/ant-contrib.tgz https://sourceforge.net/projects/ant-contrib/files/ant-contrib/ant-contrib-1.0b2/ant-contrib-1.0b2-bin.tar.gz | ||
| RUN echo "2e48f9e429d67708f5690bc307232f08440d01ebe414059292b6543971da9c7cd259c21533b9163b4dd753321c17bd917adf8407d03245a0945fc30a4e633163 /tmp/ant.zip" > /tmp/ant.sha512 | ||
| RUN echo "0fd2771dca2b8b014a4cb3246715b32e20ad5d26754186d82eee781507a183d5e63064890b95eb27c091c93c1209528a0b18a6d7e6901899319492a7610e74ad /tmp/ant-contrib.tgz" >> /tmp/ant.sha512 | ||
| RUN sha512sum --check --strict /tmp/ant.sha512 | ||
| RUN ln -s /usr/local/apache-ant-1.10.5/bin/ant /usr/bin/ant | ||
| RUN unzip -q -d /usr/local /tmp/ant.zip | ||
| RUN tar xpfz /tmp/ant-contrib.tgz -C /usr/local/apache-ant-1.10.5/lib --strip-components=2 ant-contrib/lib/ant-contrib.jar | ||
|
|
||
| # Clear up space | ||
| RUN rm /tmp/jdk17.tar.gz /tmp/ant.zip /tmp/ant-contrib.tgz /tmp/jdk17.sig | ||
|
|
||
| # Set up jenkins user | ||
| RUN useradd -m -d /home/jenkins jenkins | ||
| RUN mkdir /home/jenkins/.ssh | ||
| RUN echo "Jenkins_User_SSHKey" > /home/jenkins/.ssh/authorized_keys | ||
| RUN chown -R jenkins /home/jenkins/.ssh | ||
| RUN chmod -R og-rwx /home/jenkins/.ssh | ||
|
|
||
| RUN service ssh start | ||
| CMD ["/usr/sbin/sshd","-D"] | ||
|
|
||
| RUN apt-get update && apt-get install -qq -y git curl make gcc xvfb libxrender1 libxi6 libxtst6 locales fontconfig fakeroot | ||
| # Install SSL Test packages | ||
| RUN apt-get install -qq -y gnutls-bin libnss3 libnss3-tools libnss3-dev pkg-config | ||
|
|
||
| RUN locale-gen en_US.utf8 | ||
|
|
||
| EXPOSE 22 | ||
| # Start with docker run -p 2226:22 UUID |
35 changes: 35 additions & 0 deletions
35
ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/deploy.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| --- | ||
| # Dockerfiles are transferred from the controller node onto the dockerhost to be used to build and run docker containers | ||
| - name: Transfer dockerfile | ||
| copy: | ||
| src: "roles/DockerStatic/Dockerfiles/Dockerfile.{{ docker_image }}" | ||
| dest: "/tmp/Dockerfile.{{ docker_image }}" | ||
|
|
||
| # For images built on non x86_64 dockerhosts | ||
| - name: Translate architecture in dockerfile | ||
| replace: | ||
| dest: /tmp/Dockerfile.{{ docker_image }} | ||
| regexp: "x64" | ||
| replace: "{{ ansible_architecture }}" | ||
| when: ansible_architecture != "x86_64" | ||
|
|
||
| - name: Set jenkins authorized_Key in dockerfiles | ||
| replace: | ||
| dest: /tmp/Dockerfile.{{ docker_image }} | ||
| regexp: "Jenkins_User_SSHKey" | ||
| replace: "{{ Jenkins_User_SSHKey }}" | ||
|
|
||
| - name: Build {{ docker_image }} docker images | ||
| command: docker build --cpu-period=100000 --cpu-quota=800000 -t aqa_{{ docker_image }} --memory=6G -f /tmp/Dockerfile.{{ docker_image }} /tmp/ | ||
|
|
||
| # Without specifying a port here, docker will give the container a random unused port | ||
| - name: Run {{ docker_image }} docker container | ||
| command: docker run --restart unless-stopped -p 22 --cpuset-cpus="0-3" --memory=6G --detach --name {{ docker_image | upper }}.PORT aqa_{{ docker_image }} | ||
|
|
||
| # Now we want to rename the running container with the port name | ||
| - name: Find assigned port of {{ docker_image }} container | ||
| shell: docker port {{ docker_image | upper }}.PORT | head -n 1 | cut -d ':' -f 2 | ||
| register: docker_port | ||
|
|
||
| - name: Rename {{ docker_image }} container to {{ docker_image | upper }}.{{ docker_port.stdout_lines[0] }} | ||
| command: docker rename {{ docker_image | upper }}.PORT {{ docker_image | upper }}.{{ docker_port.stdout_lines[0] }} |
25 changes: 25 additions & 0 deletions
25
ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/deploy_container/tasks/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| --- | ||
| # This task verifies the docker_images arguments passed into the playbook | ||
| # Then runs the deploy.yml task to build and run each image on the dockerhost | ||
| - name: Set docker images list variable | ||
| set_fact: | ||
| docker_images_list: "{{ docker_images.split(',') | list }}" | ||
|
|
||
| - name: Check if dockerfile exists | ||
| delegate_to: localhost | ||
| stat: | ||
| path: "roles/DockerStatic/Dockerfiles/Dockerfile.{{ item }}" | ||
| loop: "{{ docker_images_list }}" | ||
| register: dockerfiles_exist | ||
|
|
||
| - name: Fail if dockerfile does not exist | ||
| fail: | ||
| msg: "{{ item.invocation.module_args.path }} does not exist" | ||
| when: not item.stat.exists | ||
| loop: "{{ dockerfiles_exist.results }}" | ||
|
|
||
| - name: Run deploy.yml for every docker image | ||
| include_tasks: deploy.yml | ||
| loop: "{{ docker_images_list }}" | ||
| loop_control: | ||
| loop_var: docker_image |