Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
bffe3d4
commit 7489762
Showing
1 changed file
with
140 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,140 @@ | ||
| Docker and Salt and Python | ||
| -------------------------- | ||
|
|
||
| Docker is a useful abstraction level for managing deploymebnts (just | ||
| as the holodeck is) and I want to combine the two. | ||
|
|
||
| Additionally I want to use SaltStack to install the applicaions etc | ||
| into docker because the scripting of a dockerfile is ... a bit | ||
| limited. | ||
|
|
||
| The overview | ||
| ------------ | ||
|
|
||
| I will create a base image of a Docker image with a salt-minion in it from | ||
| a Dockerfile | ||
|
|
||
| I will then update and adjust that image to hold whatever code i need using | ||
| salt instructions | ||
|
|
||
| I will then 'commit' those changes to a new image, labelled appropriately. | ||
|
|
||
| Rinse and repeat. | ||
|
|
||
| Building a Python Development Environment | ||
| ----------------------------------------- | ||
|
|
||
| I will do this "properly" - which means less mucking about with my host | ||
| system and more developing on VMs. So I will first define a salt state | ||
| that will be my Python development enviornment, y'know, 3.4, with pip | ||
| and a few other bits. | ||
|
|
||
| In thoery that could be the base image for releasing apps I develop on that | ||
| dev env. | ||
|
|
||
| Stage 0 | ||
| ------- | ||
|
|
||
| Prepare the host to run docker and salt-master | ||
|
|
||
| :: | ||
|
|
||
| apt-get install docker | ||
|
|
||
|
|
||
| docker networking | ||
| ~~~~~~~~~~~~~~~~~ | ||
|
|
||
| https://docs.docker.com/engine/reference/run/ | ||
| For performance reasons we should run in host network mode on prod. | ||
|
|
||
|
|
||
|
|
||
| Stage 1 | ||
| ------- | ||
|
|
||
| Prepare a base image. | ||
|
|
||
| :: | ||
|
|
||
| $ docker pull debian:jessie | ||
|
|
||
| This will get the latest jessie debian image locally for us. | ||
|
|
||
| Stage 2 | ||
| ------- | ||
|
|
||
| /foo/bar/DockerFile:: | ||
|
|
||
|
|
||
| # dockerfile to build simple salt minion | ||
| # from which I can populate using salt and then build new docker images | ||
|
|
||
| FROM debian:jessie | ||
| RUN apt-get update | ||
| RUN apt-get install -y salt-minion | ||
|
|
||
| :: | ||
|
|
||
| $ docker build -t mikadosoftware.com/pybase:0.0.1 . | ||
|
|
||
| $ docker images | ||
|
|
||
| Stage 3 | ||
| ------- | ||
|
|
||
| Run the image, ensuring we start the minion and it tries to call home to master. | ||
|
|
||
| $ docker run --add-host=salt:192.168.0.107 \ | ||
| --hostname minion \ | ||
| --name minionname \ | ||
| salt-minion | ||
|
|
||
| pbrian@HPCube:~/projects/pyholodeck/docs$ sudo salt 'minion' test.ping | ||
| minion: | ||
| True | ||
|
|
||
| add-host: will add entry to hosts file on container, so we cand route out | ||
| hostname and name is for ease of not reading hashes. | ||
|
|
||
|
|
||
| Stage 4 | ||
| ------- | ||
|
|
||
| Define a salt state for python | ||
|
|
||
|
|
||
| https://github.com/saltstack/salt/blob/develop/salt/modules/dockerng.py | ||
|
|
||
| https://www.logilab.org/blogentry/290489 | ||
|
|
||
|
|
||
| http://stackoverflow.com/questions/25129553/how-can-i-validate-a-salt-minions-key-fingerprint-before-accepting-it-on-the-ma | ||
| https://docs.docker.com/engine/userguide/containers/dockerimages/ | ||
|
|
||
|
|
||
| 1. we | ||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
| GoogleBreadcrumbs | ||
| ----------------- | ||
|
|
||
| :: | ||
|
|
||
| [ERROR ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate | ||
|
|
||
| [ERROR ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate | ||
|
|
||
| This means "your salt master has not yet accepted my key" | ||
|
|
||
| Attach | ||
| ------ | ||
| docker attach nonenetcontainer | ||
| Note: You can detach from the container and leave it running with CTRL-p CTRL-q. |