-
Notifications
You must be signed in to change notification settings - Fork 71
native openshift: support for nested nulecule applications #461
Comments
I will take a look into it. |
@rtnpro make sure that, whatever you do, you don't try to interface with the docker registry directly via REST API calls. I already have a POC implementation of that but have been told it's not going to be a solution we are happy with. |
@rtnpro openshift has a Basically we would need to start the container (in a pod) and then make it sleep or something. Then we would run the equivalent of the |
Correct me if I am wrong? So, if the If only
|
we don't have access to the docker daemon at all. no docker commands will work. Here is an example using just oc commands to grabbing a file from an image:
now we just need to figure out the rest requests to make to get this to happen without the oc commmand. |
@dustymabe this was the worst thing I was fearing to do :( |
@dustymabe I am working on writing some code to achieve this using openshift API. I will put up a PR as soon as I have a working version. |
@rtnpro there is this for exec a command in a pod: |
@rtnpro so it looks like we have hit a roadblock.. The |
@dustymabe Today I have been playing with k8s API I found this because calling To be honest I don't know much about websockets. |
@kadel - great work I was able to take your POC and modify it to actually do the tar stuff we want: # https://pypi.python.org/pypi/websocket-client/
import websocket
import ssl
import sys
def on_message(ws, message):
# Not sure why but needed to trim first byte
sys.stdout.write(message[1:])
#cmd = sys.argv[1:]
cmd = 'tar -cz /application-entity'.split()
args = {"token": "foobar",
"namespace": "proj1",
"pod": "sleephttpd",
"container": "sleephttpd",
"command": ''.join(['command={}&'.format(item) for item in cmd])}
url = "wss://api.engint.openshift.com:443/api/v1/namespaces/{namespace}/pods/{pod}/exec?access_token={token}&container={container}&{command}stdout=1&stderr=0&stdin=0&tty=0".format(**args)
ws = websocket.WebSocketApp(url, on_message=on_message)
# sslopt disables ssl/tls verification
ws.run_forever(sslopt={"cert_reqs": ssl.CERT_NONE}) One example of running it:
|
Fixes #461 Based on initial prototype from #461 (comment)
Fixes #461 Based on initial prototype from #461 (comment)
Fixes #461 Based on initial prototype from #461 (comment)
Currently nested nulecule applications won't work when running
oc new-app
because the pod that runs the atomicapp code doesn't have access to the docker daemon so it can't pull down other containers. I'm not sure of the best way to solve this right now but we need to support running nested nulecules viaoc new-app
.The text was updated successfully, but these errors were encountered: