commit | 465dc90b505ef16565f97b2c0afb4b0d0ecd5a58 | [log] [tgz] |
---|---|---|
author | Thomas Draebing <thomas.draebing@sap.com> | Thu Jan 03 14:50:02 2019 +0100 |
committer | Matthias Sohn <matthias.sohn@sap.com> | Wed Feb 20 15:27:54 2019 +0100 |
tree | 2fb61b3a03f886f2e9d0449a117cdaf07a80e4bb | |
parent | ed60e5a037f8af736e818e755ecf806f7403f562 [diff] |
Remove docker-setup-specific contents of apache-git-http-backend The purpose of this project is to provide a Kubernetes setup for Gerrit. Out of historical reasons the container images maintained by this project were built in a way to also support running a similar setup in docker. This causes a lot of additional effort and also adds contents to the containers that are not used in the Kubernetes context, which makes them larger and potentially more insecure than need be. This change removes the start-script and the script validating the filesystem. It removes the declaration of exposed ports in the Dockerfile, since this is not mandatory and depending whether HTTPS or HTTP is activated, the unused port should not be exposed. It removes the custom entrypoint in the Kubernetes setup and moves the disabling of unused protocol to the start-script listening to environment variables. The fallback creation of the certificates and .htpasswd-file the start script was removed, since due to mounting the secret into the directory it is configured as readonly by Kubernetes. Rather the helm chart requires the corresponding values to be set. Change-Id: Ib9e562e08d2bf8c2f0d8136ca5e0eb13512320ca
Container images, configurations and Helm charts for installing Gerrit on Kubernetes.
Images to run a Gerrit master and slave setup based on the latest stable-2.12 Gerrit build.
To build all images, the build
-script in the root directory of the project can be used:
./build
If a specific image should be build, the image name can be specified as an argument. Multiple images can be specified at once:
./build gerrit-slave git-gc
The build-script usually uses the latest
-tag to tag the images. By using the --tag TAG
-option, a custom tag can be defined:
./build --tag test
The build script will in addition tag the image with the output of git describe --dirty
.
The single component images inherit a base image. The Dockerfile
for the base image can be found in the ./base
-directory. It will be automatically built by the ./build
-script. If the component images are built manually, the base image has to be built first with the target base:latest
, since it is not available in a registry and thus has to exist locally.
The publish script in the root directory of the project can be used to push the built images to the configured registry. To do so, log in first, before executing the script.
docker login <registry>
To configure the registry and image version, the respective values can be configured via env variables REGISTRY
and TAG
. In addition, these values can also be passed as command line options named --registry
and --tag
in which case they override the values from env variables:
./publish <component-name>
The <component-name>
is one of: apache-git-http-backend
, git-gc
, gerrit-slave
.
Adding the --update-latest
-flag will also update the images tagged latest
in the repository:
./publish --update-latest <component-name>
Assuming a Gerrit site already exists, is located at /path/to/gerrit-slave
and owned by the gerrit
-user defined in the docker image (default UID: 1000
) run the following command for each image in the directories containing the respective docker image:
./start /path/to/gerrit-slave <component-name>
The <component-name>
is one of: apache-git-http-backend
, git-gc
, gerrit-slave
, gerrit-master
, gerrit-init
.
If a specific version of the image should be used, the --tag TAG
-option can be used to provide the image tag:
./start /path/to/gerrit-slave --tag d4fad48 <component-name>
or define the tag as an env variable:
export TAG=d4fad48 ./start /path/to/gerrit-slave <component-name>
To detach the running container from the shell, use the --detach
-flag:
./start --detach /path/to/gerrit-slave <component-name>
Currently, java is installed under /usr/lib/jvm/java-8-openjdk-amd64/jre
. Therefore, make sure that container.javaHome
is set to that path in the gerrit.config
:
javaHome = /usr/lib/jvm/java-8-openjdk-amd64/jre
The mysql-replication-init docker image is only required for setting up the Gerrit slave on Kubernetes. If deploying the Gerrit slave outside of Kubernetes, it can be ignored.
These Helm charts can be used to install a Gerrit cluster consisting of a Gerrit master and a Gerrit slave on a Kubernetes cluster.
To evaluate and test the helm-charts, they can be installed on a local machine running Minikube. Follow this guide to get a detailed description how to set up the Minikube cluster and install the charts.
Currently this deployment uses NFS, some options: