是否可以使用Kubernetes Deployment和PVC引导Artifactory-OSS Docker映像?

时间:2018-10-17 14:44:28

标签: kubernetes dockerfile artifactory kubernetes-helm persistent-volume-claims

我们要引导默认的artifactory.config.xmlsecurity.import.xml文件来预定义我们的用户和存储库。

我们还希望使用持久性存储(特别是PVC)在容器重启之间持久化工件。

According to their documentation,您可以通过将配置文件放入artifactory_extra_config来设置额外的配置,然后将它们在容器启动时复制到$ARTIFACTORY_HOME/etc目录中。但是,Artifactory OSS似乎并非如此。

根据Helm chart Bootstrapping Artifactory IMPORTANT: Bootstrapping Artifactory needs license. Pass license as shown in above section.

Documentation also mentions,将artifactory.config.import.xmlsecurity.import.xml放在$ARTIFACTORY_HOME/etc目录中可以引导。

我们从Artifactory-oss:6.1.0基本映像构建了一个自定义docker映像,只需将两个配置文件复制到$ARTIFACTORY_HOME/etc目录,但是在/var/opt/jfrog/artifactory上附加PVC似乎会覆盖导致引导失败的配置。

我发现Helm图表将包含引导程序配置文件的ConfigMap安装到/bootstrap/卷中,并在/artifactory_extra_conf命令中将它们复制到lifecycle.postStart。这似乎也不起作用。

我注意到Artifactory PRO的基础图片的ENV包含ARTIFACTORY_EXTRA_CONF=/artifactory_extra_conf,而Artifactory OSS不包含。

我还尝试了一些实验,将自定义映像中的配置文件复制到其他目录,并使用initContainers复制加载卷,但是到目前为止,我还没有尝试过引导Arrtifactory OSS并使用安装在/var/opt/jfrog/artifactory上的持久卷。

我在用于Artifactory的Dockerfile中注意到,/var/opt/jfrog/artifactory子目录实际上已链接到基础映像中相应的/opt/jfrog/artifactory目录。

2 个答案:

答案 0 :(得分:0)

我们的解决方案是修改其/entrypoint-artifactory.sh并创建自定义图像。

首先,我们向copyExtraConf()添加了一个新功能/etnrypoint-artifactory.sh 

copyExtraConf () {
    logger "Copying from artifactory_extra_conf"
    chown ${ARTIFACTORY_USER_NAME}:${ARTIFACTORY_USER_NAME} /artifactory_extra_conf/*
    cp -pv /artifactory_extra_conf/* ${ARTIFACTORY_HOME}/etc/
}

然后我们在设置目录和用户后调用它,以防止装入的卷的所有权错误:

printDockerFileLocation
checkULimits
checkMounts
setupDataDirs
setupArtUser

# CUSTOM:START - do this after setupDataDirs and setupArtUser so we can chown and copy our files.
copyExtraConf
# CUSTOM:END

setAccessCreds
setMasterKey
setupPermissions
setDBType
addExtraJavaArgs

Dockerfile:

# Dockerfile
#
# NOTE:
# entrypoint-artifactory.sh is based on the one from artifactory-oss:6.1.0
# When changing versions, be sure to compare entrypoint-artifactory-ta.sh to entrypoint-artifactory.sh
FROM docker.bintray.io/jfrog/artifactory-oss:6.1.0

COPY entrypoint-artifactory.sh /entrypoint-artifactory.sh
RUN chmod +x /entrypoint-artifactory.sh

ENTRYPOINT ["/entrypoint-artifactory.sh"]

COPY configs/artifactory.config.import.xml /artifactory_extra_conf/artifactory.config.import.xml
COPY configs/security.import.xml /artifactory_extra_conf/security.import.xml

答案 1 :(得分:0)

我必须扎根才能交换/entrypoint-artifactory.sh 

FROM docker.bintray.io/jfrog/artifactory-oss:6.16.0
USER root
COPY entrypoint-artifactory.sh /entrypoint-artifactory.sh
RUN chmod +x /entrypoint-artifactory.sh

COPY configs/artifactory.config.import.xml /artifactory_extra_conf/
COPY configs/security.import.xml /artifactory_extra_conf/

USER artifactory
ENTRYPOINT ["/entrypoint-artifactory.sh"]
相关问题
最新问题