Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OpenShift prep work #10314

Merged
merged 6 commits into from
Feb 23, 2024
Merged

OpenShift prep work #10314

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
c95ceb2
fix(ct): make base image comply with OpenShift file permissions
poikilotherm Feb 9, 2024
f748c90
fix(ct): make location of boot scripts configurable
poikilotherm Feb 9, 2024
d77cf4a
style(ct): fix typos in base image Dockerfile
poikilotherm Feb 9, 2024
7cfc059
fix(ct): make DV preboot file end up in config dir
poikilotherm Feb 9, 2024
8547dbf
feat(k8s): initial commit of new module
poikilotherm Feb 9, 2024
9d438a1
Revert "feat(k8s): initial commit of new module"
pdurbin Feb 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 15 additions & 7 deletions modules/container-base/src/main/docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,6 @@ ENV PAYARA_DIR="${HOME_DIR}/appserver" \
ENV PATH="${PATH}:${PAYARA_DIR}/bin:${SCRIPT_DIR}" \
DOMAIN_DIR="${PAYARA_DIR}/glassfish/domains/${DOMAIN_NAME}" \
DEPLOY_PROPS="" \
PREBOOT_COMMANDS="${CONFIG_DIR}/pre-boot-commands.asadmin" \
POSTBOOT_COMMANDS="${CONFIG_DIR}/post-boot-commands.asadmin" \
JVM_ARGS="" \
MEM_MAX_RAM_PERCENTAGE="70.0" \
MEM_XSS="512k" \
Expand Down Expand Up @@ -84,8 +82,11 @@ RUN <<EOF
adduser --system --uid ${UID} --no-create-home --shell /bin/bash --home "${HOME_DIR}" --gecos "" --ingroup payara payara
echo payara:payara | chpasswd
# Set permissions
chown -R payara: "${HOME_DIR}"
chown -R payara: "${STORAGE_DIR}" "${SECRETS_DIR}" "${DUMPS_DIR}"
# Note: Following OpenShift best practices for arbitrary user id support:
# https://docs.openshift.com/container-platform/4.14/openshift_images/create-images.html#use-uid_create-images
chown -R payara:0 "${HOME_DIR}" "${STORAGE_DIR}" "${SECRETS_DIR}" "${DUMPS_DIR}"
chmod -R g=u "${HOME_DIR}" "${STORAGE_DIR}" "${SECRETS_DIR}" "${DUMPS_DIR}"

EOF

ARG JATTACH_VERSION="v2.1"
Expand Down Expand Up @@ -154,7 +155,7 @@ RUN <<EOF
${ASADMIN} create-jvm-options "-XX\:MaxHeapFreeRatio=\${ENV=MEM_MAX_HEAP_FREE_RATIO}"
${ASADMIN} create-jvm-options "-XX\:HeapDumpPath=\${ENV=DUMPS_DIR}"
# Set logging to console only for containers
${ASADMIN} set-log-attributes com.sun.enterprise.server.logging.GFFileHandler.logtoFile=false \
${ASADMIN} set-log-attributes com.sun.enterprise.server.logging.GFFileHandler.logtoFile=false

### PRODUCTION READINESS
${ASADMIN} create-jvm-options '-XX\:+UseG1GC'
Expand Down Expand Up @@ -187,7 +188,7 @@ RUN <<EOF
# Misc settings
${ASADMIN} create-system-properties fish.payara.classloading.delegate="false"
${ASADMIN} create-system-properties jersey.config.client.readTimeout="300000"
${ASADMIN} create-system-properties jersey.config.client.connectTimeout="300000" \
${ASADMIN} create-system-properties jersey.config.client.connectTimeout="300000"

### DATAVERSE APPLICATION SPECIFICS
# Configure the MicroProfile directory config source to point to /secrets
Expand All @@ -202,7 +203,7 @@ RUN <<EOF
${ASADMIN} set server-config.network-config.protocols.protocol.http-listener-1.http.comet-support-enabled=true
${ASADMIN} create-system-properties javax.xml.parsers.SAXParserFactory=com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl
# Always disable phoning home...
${ASADMIN} disable-phone-home \
${ASADMIN} disable-phone-home

### CLEANUP
# Stop domain
Expand All @@ -218,6 +219,13 @@ RUN <<EOF
"${PAYARA_DIR}/glassfish/domains/${DOMAIN_NAME}/logs"
EOF

USER root
# Prepare domaindir to be writeable when running on OpenShift (arbitrary UIDs)
# https://docs.openshift.com/container-platform/4.14/openshift_images/create-images.html#use-uid_create-images
RUN true && \
chgrp -R 0 "${DOMAIN_DIR}" && \
chmod -R g=u "${DOMAIN_DIR}"

# Set the entrypoint to tini (as a process supervisor)
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
# This works because we add ${SCRIPT_DIR} to $PATH above!
Expand Down
6 changes: 6 additions & 0 deletions modules/container-base/src/main/docker/scripts/entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@
# and zombies under control. If the ENTRYPOINT command is changed, it will still use dumb-init because shebang.
# dumb-init takes care to send any signals to subshells, too! (Which might run in the background...)

# We do not define these variables within our Dockerfile so the location can be changed when trying to avoid
# writes to the overlay filesystem. (CONFIG_DIR is defined within the Dockerfile, but might be overridden.)
${PREBOOT_COMMANDS:="${CONFIG_DIR}/pre-boot-commands.asadmin"}
export PREBOOT_COMMANDS
${POSTBOOT_COMMANDS:="${CONFIG_DIR}/post-boot-commands.asadmin"}
export POSTBOOT_COMMANDS

# Execute any scripts BEFORE the appserver starts
for f in "${SCRIPT_DIR}"/init_* "${SCRIPT_DIR}"/init.d/*; do
Expand Down
2 changes: 1 addition & 1 deletion modules/container-base/src/main/docker/scripts/init_1_generate_devmode_commands.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ ENABLE_JMX=${ENABLE_JMX:-0}
ENABLE_JDWP=${ENABLE_JDWP:-0}
ENABLE_RELOAD=${ENABLE_RELOAD:-0}

DV_PREBOOT=${PAYARA_DIR}/dataverse_preboot
DV_PREBOOT=${CONFIG_DIR}/dataverse_preboot
echo "# Dataverse preboot configuration for Payara" > "${DV_PREBOOT}"

# 1. Configure JMX (enabled by default on port 8686, but requires SSL)
Expand Down
Loading