-
Notifications
You must be signed in to change notification settings - Fork 120
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Distribute agents from separate container, not from API #1346
Conversation
Is that 9000 port is a port that clients need to connect ? (if yes we have to check the port locally) To provide the agents, in the PR, you're using alpine + lighthttpd |
&& echo "server.port = 9000" >> /etc/lighttpd/lighttpd.conf \ | ||
&& ln -s /home/user/che /var/www/localhost/htdocs/agent-binaries | ||
|
||
RUN addgroup -S user && adduser -S -g user user |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we really need user here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can be removed.
|
||
EXPOSE 9000 | ||
|
||
CMD ["lighttpd", "-f", "/etc/lighttpd/lighttpd.conf", "-D"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
where is lighttpd.conf ? maybe we need generate that config with puppet?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agree. should be managed by puppet
@benoitf no 9000 port is internal all connections will be to haproxy like <API_END_POINT>/agent-binaries |
|
yes this is for dev mode, I've asked to add this because I thought it will be tomcat and we will need be able to debug it in dev mode. so we have to remove that part. |
@benoitf |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@tolusha yes I was talking about image, not the container |
- '<%= scope.lookupvar('compose::codenvy_folder') -%>/config/lighttpd/lighttpd.conf:/etc/lighttpd/lighttpd.conf' | ||
<% if scope.lookupvar('compose::env') != 'production' -%> | ||
ports: | ||
- '9000:9000' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if this code is still there
then
https://github.com/codenvy/codenvy/blob/master/dockerfiles/cli/scripts/cli.sh#L130-L135 need to check 9000 port
if the local listener is dropped, then no need to check this port
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Anatoly wanted to keep open that port in dev mode to test server without codenvy.
We don;t need check this port I think as it is only in dev mode
(but I still want OK to remove that.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
either code is removed or either the port is checked in dev mode (as we do for debug port)
|
||
RUN apk update \ | ||
&& apk add lighttpd \ | ||
&& ln -s /data /var/www/localhost/htdocs/agent-binaries |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
to reduce size of the image, cache of apk is usually dropped as /tmp folder :
rm -rf /var/cache/apk/*
and sometimes /tmp
folder
mv ${DEPENDENCY_DIR}/${prefix}/terminal/exec-agent-${prefix}.tar.gz ${DEPENDENCY_DIR}/${prefix}/terminal/websocket-terminal-${prefix}.tar.gz | ||
done | ||
|
||
mvn dependency:copy -Dartifact=com.codenvy.onpremises:onpremises-ide-packaging-tomcat-ext-server:${POM_VERSION}:tar.gz \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
could we use a maven pom + assembly.xml file to copy all the required dependencies ?
then we could only call a single maven command
class lighttpd { | ||
file { "/opt/codenvy/config/lighttpd": | ||
ensure => "directory", | ||
mode => "755", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we need execute permissions ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is common folder permission we always use that mode for folders we manage
@@ -0,0 +1,323 @@ | |||
############################################################################### | |||
# Default lighttpd.conf for Gentoo. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure comment is accurate as we're based on alpine
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is default content of lighttpd.conf it have info for all operations systems I think
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes but here we can keep only what is interesting
# for >= linux-2.6 | ||
# server.event-handler = "linux-sysepoll" | ||
# for FreeBSD | ||
# server.event-handler = "freebsd-kqueue" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
here it's linux so no need to have comments around FreeBSD
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is default content of lighttpd.conf
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
but we don't need default values
rm -rf ${DEPENDENCY_DIR} | ||
|
||
TERMINAL_AGENTS=("org.eclipse.che:exec-agent:${POM_VERSION}:tar.gz:linux_amd64" | ||
"org.eclipse.che:exec-agent:${POM_VERSION}:tar.gz:linux_arm7"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
in which case the linux_arm7 will work ?
as all docker containers being based on linux/amd64 I don't see a usecase where arm arch will work ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The only case I can see is in creating ssh machine (artic device)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ok
# debug.log-file-not-found = "enable" | ||
# }}} | ||
|
||
# vim: set ft=conf foldmethod=marker et : |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe we could drop tons of the commented lines ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is default content of that config, Im OK to drop comments.
@benoitf |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have a couple of question
- Why don't you use existed nginx image?
- In future how are you going to provide authentication for this client. Maybe you should take a look on some http server implemented on GO. we have authentication implemented for go based terminal
|
@skabashnyuk |
ok up to you |
* CODENVY-1153: Distribute agents from separate container, not from API
What does this PR do?
Distribute agents from separate container, not from API
What issues does this PR fix or reference?
#1153
Previous Behavior
Agents were being downloaded from master.
New Behavior
Agents will be downloaded from dedicated docker container.
Tests written?
Manual testing