My question revolves around the following problem/error.
Service/Service[jenkins]: Provider redhat is not functional on this host. OR directly that D-BUS not available.
Let's say for instance i'm running packer, which invokes a puppet-masterless provisioner on a docker builder.
The puppet code base & contrib modules for the most part will attempt to manage the 'service' of the installed module. For instance, lets take Jenkins as an example. Jenkins puppet module although good, will fail, on packer builds to a centos7 & puppet docker host. As systemctl will not be available.
At this moment in time i'm confused how this would/will ever work for puppet/ansible code bases which attempt to manage the service. Without considerable extra effort to the codebase.
I have considered the contain running being /sbin/init but still feels a bit hacky.
Can anyone shed any light on this issue for me?
I am using ansible code to provision real machines or docker containers - to get away with SystemD / D-Bus I have created the docker-systemctl-replacement
Related
we want to create e2e test (integration test ) for our applications on k8s and we want to use
minikube but it seems that there is no proper (maintained or official ) docker file for minikube. at least
I didn’t find any…In addition I see k3s and not sure which is better to run e2e test on k8s ?
I found this docker file but when I build it it fails with errors
https://aspenmesh.io/2018/01/building-istio-with-minikube-in-a-container-and-jenkins/
e - –no-install-recommends error
any idea ?
Currently there's no official way to run minikube from within a container. Here's a two months old quote from one of minikube's contributors:
It is on the roadmap. For now, it is VM based.
If you decide to go with using a VM image containing minikube, there are some guides how to do it out there. Here's one called "Using Minikube as part of your CI/CD flow
".
Alternatively, there's a project called MicroK8S backed by Canonical. In a Kubernetes Podcast ep. 39 from February, Dan Lorenc mentions this:
MicroK8s is really exciting. That's based on some new features of recent Ubuntu distributions to let you run a Kubernetes environment in an isolated fashion without using a virtual machine. So if you happen to be on one of those Ubuntu distributions and can take advantage of those features, then I would definitely recommend MicroK8s.
I don't think he's referring to running minikube in a container though, but I am not fully sure: I'd enter a Ubuntu container, try to install microk8s as a package, then see what happens.
That said, unless there's a compelling reason you want to run kubernetes from within a container and you are ready to spend the time going the possible rabbit hole – I think these days running minikube, k3s or microk8s from within a VM should be the safest bet if you want to get up and running with a CI/CD pipeline relatively quickly.
As to the problem you encountered when building image from this particular Dockerfile...
I found this docker file but when I build it it fails with errors
https://aspenmesh.io/2018/01/building-istio-with-minikube-in-a-container-and-jenkins/
e - –no-install-recommends error
any idea ?
notice that:
--no-install-recommends install
and
–no-install-recommends install
are two completely different strings. So that the error you get:
E: Invalid operation –no-install-recommends
is the result you've copied content of your Dockerfile from here and you should have rather copied it from github (you can even click raw button there to be 100% sure you copy totally plain text without any additional formatting, changed encoding etc.)
I am wondering how do we make machines that host docker to be easily replaceable. I would like something like a Dockerfile that contains instructions on how to set-up the machine that will host docker. Is there a way to do that?
The naive solution would be to create an official "docker host" binary image to install on new machines, but I would like to have something that is reproducible and transparent like the dockerfile?
It seems like tools like Vagrant, Puppet, or Chef may be useful but they appear to be for virtual machine procurement and they seem to all require set-up of some sort of "master node" server. I am not going to be spinning up and tearing down regularly so a master server is a waste of a server, I just want something that is reproducible in the event i need to set-up or replace a new machine.
this is basically what docker-machine does for you https://docs.docker.com/machine/overview/
and other "orchestration" systems will make this automated and easier, as well
There are lots of solutions to this with no real one size fits all answer.
Chef and Puppet are the popular configuration management tools that typically use a centralized server. Ansible is another option that typically runs without a server and just connects with ssh to configure the host. All three of these works very similarly, so if your concern is simply managing the CM server, Ansible may be the best option for you.
For VM's Vagrant is the typical solution and it can be combined with other tools like Ansible to provision the VM after creating it.
In the cloud space, there's tools like Terraform or vendor specific tools like CloudFormation.
Docker is working on a project called Infrakit to deploy infrastructure the way compose deploys containers. It includes hooks for several of the above tools, including Terraform and Vagrant. For your own requirements, this may be overkill.
Lastly, for designing VM images, Docker recently open sourced their Moby project which creates the VM image containing a minimal container OS, the same one used under the covers in Docker for Windows, Docker for Mac, and possibly some of the cloud hosing providers.
We automate Docker installation on hosts using Ansible + Jenkins. Given the propper SSH access, provisioning new Docker hosts is a matter of triggering a Jenkins job.
Is it a good or bad practice to configure docker container with ansible, from within the container, providing ansible command as an entrypoint? Using ansible it would be easier to configure things depending of some lookup conditions. This ansible command would also start the provided service. Is this a good or evil? Another option would be to use shell script, and third one to make all the configuration in Dockerfile (error prone). Last option would be to configure some base container from withing using any method (manual or CM) and commit changes (hard to reproduce). Which is the preferred way to configure containers?
IMO, using ansible would decouple business logic from docker platform, so same service could be easily ran at different virtualization platform or bare metal by just a singe ansible command. But is there drawbacks?
Also, is it endorsed to configure running containers with ansible, or does this violate docker doctrine?
Ansible is generally executed from outside the container but it doesn't have to be, it depends on what you want to achieve. For example Ansible installed locally is often used in small development environments such as on a developers laptop while a seperate server is used for something like a cloud environment where there are multiple systems, containers, etc.
I have just spent a few weeks looking at exactly this problem.
For the same application (based on a tomee and mongo), I have done the following patterns:
Just ansible deploying to one or more VMs
Creating containers which then run ansible scripts inside themselves as you did
Using ansible-container
I did them in that order because it meant going from simple to more complex. I am a product manager and my different customers are at different levels of maturity, so I had the same concerns as you. I wanted a repeatable script which would work both on VMs (or even bare metal), as well as on containerised environments.
The first solution is a good way to learn.
The second solutions works, but it means that your containers are bigger than they should be.
The third solution is better for the following reasons:
It basically forces you to start using roles. If you haven't started using roles, you should.
It effectively decouples the business logic from docker and keeps it in ansible (even more than the second solution)
If you are deploying to VMs, you should be able to use the playbooks from the roles
If you are deploying with docker-compose, you go up to ansible-container push and then supply your customer with a docker-compose file whey they can execute
If you deploying to cloud, ansible-container creates a playbook to pull and run the containers (thought I am still working through this one)
Does Chef's new Habitat tool somehow work with Docker? If so, what problem is Habitat trying to solve or is it just trying to replace tools in the Docker toolset (e.g., Docker Swarm, Docker Machine, Docker Compose, etc.)?
This is skirting the limits of StackOverflow's policy on open-ended questions, but I'll answer anyway:
Docker and Habitat don't really overlap much. The main point of competition is on building release artifacts. Docker has Dockerfiles and docker build, Habitat has plans and the Studio. The output of both can be a Docker image though, which is basically a tarball of a filesystem along with some metadata. Habitat is aimed more are building super minimal artifacts, i.e. not including a Linux distro of any kind, no package manager, just statically compiled executable code and whatever support files you need for that specific app.
As for runtime, they are 100% orthogonal. Docker is a way to run a process inside a bunch of Linux security features collectively called a "container" now. Habitat is a little stub that surrounds your process and handles things like runtime config distribution, secrets transfer, and service discovery. Those features are more overlapping with higher-level tools like Kube but even there it's only barely overlapping. You need something to actually start hab-sup, which could be docker run (possibly via Swarm), Nomad, Kube, or even a non-container system like Upstart or Runit if you wanted to. The only interaction point between those is those tools all start an entrypoint process, and hab-sup is a generic entrypoint process that gives whatever app it runs underneath some cool features if they want to use 'em.
We're thinking about using mesos and mesosphere to host our docker containers. Reading the docs it says that a prerequisite is that:
Docker version 1.0.0 or later needs to be installed on each slave
node.
We don't want to manually SSH into each new machine and install the correct version of the Docker daemon. Instead we're thinking about using something like Ansible to install Docker (and perhaps other services that may be required on each slave).
Is this a good way to solve it or does Mesosphere/DCOS or any of Mesos ecosystem components have other ways of dealing with this?
I've seen the quick intro where someone from Mesosphere just use dcos resize to change the cluster size on the Google Cloud Platform. Is there a way to hook in to this process and install additional services on the (google) container when it has booted? Or is this something we should avoid and instead just use a "pre-baked image"?
In your own datacenter using your favorite configuration tool such as ansible, salt, ... is probably a good choice.
On the cloud it might be easier to use virtual machine images providing docker, so for example dcos on aws uses coreOS which comes with docker out of the box. Shouldn't be too difficult with Ubuntu either...