Distribute agents from separate container, not from API #1346
Conversation
tolusha
changed the title
|
Is that 9000 port is a port that clients need to connect ? (if yes we have to check the port locally) To provide the agents, in the PR, you're using alpine + lighthttpd |
| && echo "server.port = 9000" >> /etc/lighttpd/lighttpd.conf \ | ||
| && ln -s /home/user/che /var/www/localhost/htdocs/agent-binaries | ||
|
|
||
| RUN addgroup -S user && adduser -S -g user user |
|
|
||
| EXPOSE 9000 | ||
|
|
||
| CMD ["lighttpd", "-f", "/etc/lighttpd/lighttpd.conf", "-D"] |
There was a problem hiding this comment.
where is lighttpd.conf ? maybe we need generate that config with puppet?
There was a problem hiding this comment.
Agree. should be managed by puppet
|
@benoitf no 9000 port is internal all connections will be to haproxy like <API_END_POINT>/agent-binaries |
|
|
yes this is for dev mode, I've asked to add this because I thought it will be tomcat and we will need be able to debug it in dev mode. so we have to remove that part. |
|
@benoitf |
|
@tolusha yes I was talking about image, not the container |
| - '<%= scope.lookupvar('compose::codenvy_folder') -%>/config/lighttpd/lighttpd.conf:/etc/lighttpd/lighttpd.conf' | ||
| <% if scope.lookupvar('compose::env') != 'production' -%> | ||
| ports: | ||
| - '9000:9000' |
There was a problem hiding this comment.
if this code is still there
then
https://github.com/codenvy/codenvy/blob/master/dockerfiles/cli/scripts/cli.sh#L130-L135 need to check 9000 port
if the local listener is dropped, then no need to check this port
There was a problem hiding this comment.
Anatoly wanted to keep open that port in dev mode to test server without codenvy.
We don;t need check this port I think as it is only in dev mode
(but I still want OK to remove that.)
There was a problem hiding this comment.
either code is removed or either the port is checked in dev mode (as we do for debug port)
|
|
||
| RUN apk update \ | ||
| && apk add lighttpd \ | ||
| && ln -s /data /var/www/localhost/htdocs/agent-binaries |
There was a problem hiding this comment.
to reduce size of the image, cache of apk is usually dropped as /tmp folder :
rm -rf /var/cache/apk/* and sometimes /tmp folder
| mv ${DEPENDENCY_DIR}/${prefix}/terminal/exec-agent-${prefix}.tar.gz ${DEPENDENCY_DIR}/${prefix}/terminal/websocket-terminal-${prefix}.tar.gz | ||
| done | ||
|
|
||
| mvn dependency:copy -Dartifact=com.codenvy.onpremises:onpremises-ide-packaging-tomcat-ext-server:${POM_VERSION}:tar.gz \ |
There was a problem hiding this comment.
could we use a maven pom + assembly.xml file to copy all the required dependencies ?
then we could only call a single maven command
| class lighttpd { | ||
| file { "/opt/codenvy/config/lighttpd": | ||
| ensure => "directory", | ||
| mode => "755", |
There was a problem hiding this comment.
do we need execute permissions ?
There was a problem hiding this comment.
this is common folder permission we always use that mode for folders we manage
| @@ -0,0 +1,323 @@ | |||
| ############################################################################### | |||
| # Default lighttpd.conf for Gentoo. | |||
There was a problem hiding this comment.
I'm not sure comment is accurate as we're based on alpine
There was a problem hiding this comment.
this is default content of lighttpd.conf it have info for all operations systems I think
There was a problem hiding this comment.
yes but here we can keep only what is interesting
| # for >= linux-2.6 | ||
| # server.event-handler = "linux-sysepoll" | ||
| # for FreeBSD | ||
| # server.event-handler = "freebsd-kqueue" |
There was a problem hiding this comment.
here it's linux so no need to have comments around FreeBSD
There was a problem hiding this comment.
this is default content of lighttpd.conf
There was a problem hiding this comment.
but we don't need default values
| rm -rf ${DEPENDENCY_DIR} | ||
|
|
||
| TERMINAL_AGENTS=("org.eclipse.che:exec-agent:${POM_VERSION}:tar.gz:linux_amd64" | ||
| "org.eclipse.che:exec-agent:${POM_VERSION}:tar.gz:linux_arm7"); |
There was a problem hiding this comment.
in which case the linux_arm7 will work ?
as all docker containers being based on linux/amd64 I don't see a usecase where arm arch will work ?
There was a problem hiding this comment.
The only case I can see is in creating ssh machine (artic device)
| # debug.log-file-not-found = "enable" | ||
| # }}} | ||
|
|
||
| # vim: set ft=conf foldmethod=marker et : |
There was a problem hiding this comment.
maybe we could drop tons of the commented lines ?
There was a problem hiding this comment.
this is default content of that config, Im OK to drop comments.
|
@benoitf |
There was a problem hiding this comment.
I have a couple of question
- Why don't you use existed nginx image?
- In future how are you going to provide authentication for this client. Maybe you should take a look on some http server implemented on GO. we have authentication implemented for go based terminal
|
|
|
@skabashnyuk |
|
ok up to you |
skabashnyuk
requested review from
skabashnyuk
and removed request for
skabashnyuk
* CODENVY-1153: Distribute agents from separate container, not from API
What does this PR do?
Distribute agents from separate container, not from API
What issues does this PR fix or reference?
#1153
Previous Behavior
Agents were being downloaded from master.
New Behavior
Agents will be downloaded from dedicated docker container.
Tests written?
Manual testing