mirror of https://gerrit.osmocom.org/osmo-ci
ansible/roles/docker: install docuum
Change-Id: I640b1e607feca87e7a578946ae4b8332ce854ab1
This commit is contained in:
parent
e9be03ca36
commit
f2ab07ffc9
|
@ -2,3 +2,7 @@
|
|||
|
||||
# Adds this user to the group docker which is allowed to access docker
|
||||
jenkins_user: jenkins
|
||||
|
||||
# Keep amount of stored docker images below this size with docuum (OS#5099)
|
||||
# (Currently configured for x86_64 only)
|
||||
docker_max_space: "100 GB"
|
||||
|
|
|
@ -0,0 +1,31 @@
|
|||
ARG REGISTRY=docker.io
|
||||
FROM ${REGISTRY}/alpine:3.15
|
||||
ARG DOCKER_GID
|
||||
|
||||
RUN apk add \
|
||||
cargo \
|
||||
docker-cli
|
||||
|
||||
# Create user and docker group with same group-id as on host system, create
|
||||
# /opt/docuum dir owned by user
|
||||
RUN set -x && \
|
||||
delgroup $(getent group "${DOCKER_GID}" | cut -d: -f1) && \
|
||||
addgroup -g "${DOCKER_GID}" docker && \
|
||||
adduser -D -u 1000 -G docker user && \
|
||||
mkdir /opt/docuum && \
|
||||
chown user /opt/docuum
|
||||
|
||||
USER user
|
||||
|
||||
ARG DOCUUM_VER=0.20.4
|
||||
|
||||
RUN set -x && \
|
||||
cd /opt/docuum && \
|
||||
wget https://github.com/stepchowfun/docuum/archive/refs/tags/v${DOCUUM_VER}.tar.gz \
|
||||
-O docuum.tar.gz && \
|
||||
tar -xf docuum.tar.gz && \
|
||||
cd docuum-${DOCUUM_VER} && \
|
||||
cargo build --release && \
|
||||
cd .. && \
|
||||
mv docuum-${DOCUUM_VER}/target/release/docuum . && \
|
||||
rm -rf ~/.cargo docuum-${DOCUUM_VER} docuum.tar.gz
|
|
@ -0,0 +1,11 @@
|
|||
[Unit]
|
||||
Description=Docuum
|
||||
After=docker.service
|
||||
Wants=docker.service
|
||||
|
||||
[Service]
|
||||
ExecStart=/opt/docuum/docuum.sh
|
||||
Restart=on-failure
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,43 @@
|
|||
#!/bin/sh -ex
|
||||
|
||||
# Maximum amount of storage that docker images may consume
|
||||
THRESHOLD="$(cat /opt/docuum/docker_max_space)"
|
||||
|
||||
DIR="$(dirname "$(realpath "$0")")"
|
||||
IMG="osmo-ci-docuum"
|
||||
DOCUUM_UID="1000"
|
||||
DOCKER_GID="$(getent group docker | cut -d : -f 3)"
|
||||
PULL_ARG=""
|
||||
|
||||
if [ -z "$THRESHOLD" ]; then
|
||||
set +x
|
||||
echo "ERROR: failed to read threshold from /opt/docuum/docker_max_space"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ "$INITIAL_BUILD" = 1 ]; then
|
||||
PULL_ARG="--pull"
|
||||
fi
|
||||
|
||||
mkdir -p /var/cache/docuum
|
||||
chown "$DOCUUM_UID" /var/cache/docuum
|
||||
|
||||
cd "$DIR"
|
||||
docker build \
|
||||
--build-arg DOCKER_GID="$DOCKER_GID" \
|
||||
$PULL_ARG \
|
||||
-t "$IMG" \
|
||||
.
|
||||
|
||||
if [ "$INITIAL_BUILD" = 1 ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
docker run \
|
||||
--rm \
|
||||
--init \
|
||||
--name docuum \
|
||||
-v /var/run/docker.sock:/var/run/docker.sock \
|
||||
-v /var/cache/docuum:/home/user \
|
||||
"$IMG" \
|
||||
sh -c "exec /opt/docuum/docuum --threshold '$THRESHOLD'"
|
|
@ -0,0 +1,48 @@
|
|||
---
|
||||
- name: "docuum : set docker_max_space to {{ docker_max_space }}"
|
||||
lineinfile:
|
||||
path: /opt/docuum/docker_max_space
|
||||
state: present
|
||||
create: yes
|
||||
line: "{{ docker_max_space }}"
|
||||
|
||||
- name: "docuum : copy Dockerfile"
|
||||
copy:
|
||||
src: Dockerfile
|
||||
dest: /opt/docuum/
|
||||
mode: 0644
|
||||
|
||||
- name: "docuum : copy docuum.sh"
|
||||
copy:
|
||||
src: docuum.sh
|
||||
dest: /opt/docuum/
|
||||
mode: 0755
|
||||
|
||||
- name: "docuum : build container"
|
||||
shell: INITIAL_BUILD=1 /opt/docuum/docuum.sh
|
||||
|
||||
- name: "docuum : copy docuum.service"
|
||||
copy:
|
||||
src: docuum.service
|
||||
dest: /lib/systemd/system/docuum.service
|
||||
register: docuumservice
|
||||
|
||||
- name: "docuum : systemctl daemon-reload"
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
when: docuumservice is changed
|
||||
|
||||
- name: "docuum : ensure the systemd service is installed"
|
||||
systemd:
|
||||
name: docuum.service
|
||||
state: started
|
||||
enabled: yes
|
||||
|
||||
- name: "docuum : disable legacy cleanup cronjob"
|
||||
cron:
|
||||
name: cleanup-docker-images
|
||||
disabled: true
|
||||
minute: 0
|
||||
hour: '*/3'
|
||||
user: "{{ jenkins_user }}"
|
||||
job: "test -x /home/{{ jenkins_user }}/osmo-ci/scripts/docker-cleanup.sh && /home/{{ jenkins_user }}/osmo-ci/scripts/docker-cleanup.sh >/dev/null"
|
|
@ -37,16 +37,23 @@
|
|||
groups: docker
|
||||
append: yes
|
||||
|
||||
- name: cleanup old docker images
|
||||
- name: cleanup old docker images (legacy)
|
||||
# Legacy method of cleaning old docker images, currently used for arm.
|
||||
cron:
|
||||
name: cleanup-docker-images
|
||||
disabled: false
|
||||
minute: 0
|
||||
hour: '*/3'
|
||||
user: "{{ jenkins_user }}"
|
||||
job: "test -x /home/{{ jenkins_user }}/osmo-ci/scripts/docker-cleanup.sh && /home/{{ jenkins_user }}/osmo-ci/scripts/docker-cleanup.sh >/dev/null"
|
||||
when: ansible_architecture != 'x86_64'
|
||||
|
||||
- name: copy daemon.json to support ipv6
|
||||
copy:
|
||||
src: daemon.json
|
||||
dest: /etc/docker/daemon.json
|
||||
notify: restart docker
|
||||
|
||||
# After docker is set up, add docuum to clean old docker images
|
||||
- include: docuum.yml
|
||||
when: ansible_architecture == 'x86_64'
|
||||
|
|
Loading…
Reference in New Issue