1、基础镜像制作
由于公司的程序是Java开发,上线发布使用的是maven,如果使用openshift自带的S2I,每次都会全量拉取代码(代码比较多,每次全量拉太慢),然后每次打包都会再一次下载maven插件,官方也有save-artifacts的方法,貌似是保存编译的产物,但是我没有研究成功,所以就用了制作镜像的笨方法进行一些基础环境的搭建。
[root@master1 dockerfile]# cat Dockerfile # There is a base Dockerfile # Version 1.0 # Auther is Dukuan FROM centos:6 MAINTAINER Du Kuan ADD ./apache-maven-3.0.5.tar.gz /usr/local/ ADD ./jdk1.8.0_144.tar.gz /usr/local ADD ./apache-tomcat-8.5.23.tar.gz /tmp ADD ./key.tar.gz /tmp ADD ./data.tar.gz / RUN useradd -m tomcat -u 1001 && mkdir /home/tomcat/{.ssh,git} && mkdir /data01 && chown -R tomcat.tomcat /data* && mv /tmp/apache-tomcat-8.5.23 /home/tomcat/ && mv /tmp/id_dsa /home/tomcat/.ssh && mv /tmp/known_hosts /home/tomcat/.ssh && yum install git -y && chown -R tomcat.tomcat /home/tomcat/ && chmod -R a+rw /home/tomcat && chmod a+rwx /home/tomcat/apache-tomcat-8.5.23/* && chmod +x /home/tomcat/apache-tomcat-8.5.23/bin/*.sh && yum clean all && chmod 600 /home/tomcat/.ssh/id_dsa && su - tomcat -c "cd /home/tomcat/git && git clone git@192.168.1.212:server/walrus-platform.git" ENV JAVA_HOME=/usr/local/jdk1.8.0_144 ENV PATH=/usr/local/apache-maven-3.0.5/bin:${JAVA_HOME}/bin:${PATH} USER 1001 # WORKDIR /home/tomcat/git # RUN git clone git@192.168.1.212:server/walrus-platform.git WORKDIR /home/tomcat/git/walrus-platform RUN git checkout develop-feature-4.1-optimiz && mvn compile package -Dmaven.test.skip=true -Ptesting && mvn clean USER 0
上面的Dockerfile包括拉取全量代码到Tomcat家目录下(公司使用的都是Tomcat用户),然后进行Maven打包,下载对应的插件,最后在clean,然后生成的镜像作为S2I的基础镜像。
执行构建
docker build -t xxx:xxx .
2、安装S2I
安装比较简单,在https://github.com/openshift/source-to-image/releases下载最新版S2I。
tar xf source-to-image-v1.1.9a-40ad911d-linux-amd64.tar.gz -C /usr/bin/
检验安装
[root@master1 bin]# s2i version s2i v1.1.9a [root@master1 bin]#
3、创建S2I
创建一个名为tomcat-s2i的S2I Builder镜像。第三个参数为工作目录的名称。
[root@openshift-master1]s2i create tomcat-s2i tomcat-s2i [root@openshift-master1 tomcat-s2i]# ls Dockerfile Makefile README.md s2i test
4、修改S2I的Dockerfile
由于已经制作了基础镜像,所以S2I的Dockerfile只需要将FROM改为上述创建的镜像即可。
# walrus-platform FROM xxx:xxx LABEL io.openshift.s2i.scripts-url=image:///usr/libexec/s2i io.k8s.description="Tomcat S2I Builder" io.k8s.display-name="tomcat s2i builder 1.0" io.openshift.expose-services="8080:http" io.openshift.tags="builder, tomcat" COPY ./s2i/bin/ /usr/libexec/s2i RUN chown -R tomcat.tomcat /usr/libexec/s2i && chmod +x /usr/libexec/s2i/bin/* USER 1001 # 端口 EXPOSE 8080 ENTRYPOINT [] CMD ["usage"]
5、修改S2I的assemble
assemble主要写一些编译的参数或命令,主要用于写重构的步骤,由于上述采用的定制的基础镜像,并将全部代码放到了Tomcat下,所以直接在Tomcat的家目录下进行操作,忽略openshift自带的build,相当于欺骗了openshift,用于避免每次全量拉取代码和每次重构下载插件。
#!/bin/bash -e # # S2I assemble script for the 'walrus' image. # The 'assemble' script builds your application source so that it is ready to run. # # For more information refer to the documentation: # https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md # # If the 'walrus' assemble script is executed with the '-h' flag, print the usage. if [[ "$1" == "-h" ]]; then exec /usr/libexec/s2i/usage fi # Restore artifacts from the previous build (if they exist). # if [ "$(ls /tmp/artifacts/ 2>/dev/null)" ]; then echo "---> Restoring build artifacts..." mv /tmp/artifacts/. ./ fi echo "---> Installing application source..." echo "+++++++++++++++++++++++${POM_ENV}++++++++++++++" # WORKDIR on xxx now mvn compile package -Dmaven.test.skip=true -P${POM_ENV} find . -type f -name "*${WAR_NAME}*" | xargs -i cp {} /home/tomcat/apache-tomcat-8.5.23/webapps mvn clean rm -rf ./* echo "---> Building application from source..." # TODO: Add build steps for your application, eg npm install, bundle install, pip install, etc.
6、修改S2I的run
此文件主要写容器启动后需要执行的命令,我公司的就是启动Tomcat。
#!/bin/bash -e # # S2I run script for the 'walrus-platform' image. # The run script executes the server that runs your application. # # For more information see the documentation: # https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md # /home/tomcat/apache-tomcat-8.5.23/bin/startup.sh tail -f /home/tomcat/apache-tomcat-8.5.23/logs/catalina.out
7、执行构建
通过执行make进行构建,通过docker images查看生成的镜像,镜像名称即为创建S2I写的名字
8、导入S2I
由于生成的S2I在本地,它需要能被openshift的所有节点都能下载,所以讲它直接push到自己的私有仓库中,如果没有私有仓库,可以使用docker-registry搭建一个简易的。
yum install docker-registry systemctl start docker-distribution.service systemctl enable docker-distribution.service 修改所有节点Docker配置 [root@master1]# cat /etc/sysconfig/docker # /etc/sysconfig/docker # Modify these options if you want to change the way the docker daemon runs #OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false' OPTIONS=' --selinux-enabled --log-driver=journald --registry-mirror=https://docker.mirrors.ustc.edu.cn --insecure-registry=172.30.0.0/16 --insecure-registry 192.168.10.110:5000'
其中--insecure-registry 192.168.10.110:5000为自己的私有仓库。
添加tag并push
docker tag walrus-platform 192.168.10.110:5000/xxx docker push 192.168.10.110:5000/xxx
导入镜像到IS
[root@master1 walrus-platform]# oc project openshift Now using project "openshift" on server "https://master1.xxx.net:8443". [root@master1 walrus-platform]# oc import-image 192.168.10.110:5000/walrus-platform -n openshift --confirm --insecure The import completed successfully. Name: walrus-platform Namespace: openshift Created: Less than a second ago Labels: <none> Annotations: openshift.io/image.dockerRepositoryCheck=2018-03-19T07:14:21Z Docker Pull Spec: docker-registry.default.svc:5000/openshift/walrus-platform Image Lookup: local=false Unique Images: 1 Tags: 1 latest tagged from 192.168.10.110:5000/walrus-platform will use insecure HTTPS or HTTP connections * 192.168.10.110:5000/walrus-platform@sha256:0b963c801da6e40c3a201449c504ab8f605ea8db6054dea6873ac6e80b3c718d Less than a second ago Image Name: walrus-platform:latest Docker Image: 192.168.10.110:5000/walrus-platform@sha256:0b963c801da6e40c3a201449c504ab8f605ea8db6054dea6873ac6e80b3c718d Name: sha256:0b963c801da6e40c3a201449c504ab8f605ea8db6054dea6873ac6e80b3c718d Created: Less than a second ago Image Size: 625 MB (first layer 1.188 kB, last binary layer 70.08 MB) Image Created: 19 minutes ago Author: <none> Arch: amd64 Command: usage Working Dir: /home/tomcat/git/walrus-platform User: 1001 Exposes Ports: 8080/tcp Docker Labels: build-date=20180302 io.k8s.description=Tomcat S2I Builder io.k8s.display-name=tomcat s2i builder 1.0 io.openshift.expose-services=8080:http io.openshift.s2i.scripts-url=image:///usr/libexec/s2i io.openshift.tags=builder, tomcat license=GPLv2 name=CentOS Base Image vendor=CentOS Environment: PATH=/usr/local/apache-maven-3.0.5/bin:/usr/local/jdk1.8.0_144/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin JAVA_HOME=/usr/local/jdk1.8.0_144
9、修改信息
修改注释让openshift识别出这个镜像:
oc edit is/walrus-platform -n openshift
修改如下:
10、查看镜像
登录控制台查看: