Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reduce size of Docker All-in-one image #3261

Merged
merged 6 commits into from
Dec 5, 2018
Merged

Reduce size of Docker All-in-one image #3261

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
c59d2ec
Reduce size of Docker All-in-one image
nwmac Dec 5, 2018
eec2f92
Default to insecure UAA comms if not configured
nwmac Dec 5, 2018
b066aa6
Fix
nwmac Dec 5, 2018
a57e45f
Disable SSL validation
nwmac Dec 5, 2018
c0df8ff
Update readme
nwmac Dec 5, 2018
5161a2f
Merge branch 'docker-aio' of github.com:cloudfoundry-incubator/strato…
nwmac Dec 5, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 9 additions & 1 deletion deploy/Dockerfile.all-in-one
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Docker build for all-in-one Stratos
FROM splatform/stratos-aio-base:opensuse
FROM splatform/stratos-aio-base:opensuse as builder

COPY --chown=stratos:users *.json ./
COPY --chown=stratos:users gulpfile.js ./
Expand All @@ -20,6 +20,14 @@ RUN npm install \
RUN CERTS_PATH=/home/stratos/dev-certs ./generate_cert.sh \
&& chmod +x jetstream

# use --target=aio to build All-in-one image
FROM splatform/stratos-bk-base:opensuse
COPY --from=builder /home/stratos/deploy/db /src/deploy/db
COPY --from=builder /home/stratos/dev-certs /srv/dev-certs
COPY --from=builder /home/stratos/ui /srv/ui
COPY --from=builder /home/stratos/jetstream /srv/jetstream
COPY --from=builder /home/stratos/config.properties /srv/config.properties

EXPOSE 443

# Need to be root to bind to port 443
Expand Down
75 changes: 74 additions & 1 deletion deploy/all-in-one/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ docker build -f deploy/Dockerfile.all-in-one . -t stratos-aio

> Note: The Dockerfile for all-in-one is in the `deploy` folder and not the `deploy/all-in-one` folder.

> Note: If you are using Docker for Macand you get an error 137 when building, you should increase the memory available to Docker (via Preferences > Advanced) and try again.
> Note: If you are using Docker for Mac and you get an error 137 when building, you should increase the memory available to Docker (via Preferences > Advanced) and try again.

Bring up the container with:

Expand All @@ -32,3 +32,76 @@ Stratos should now be accessible at the following URL:
https://localhost:4443

You will be presented with the Stratos Setup welcome screen - you will need to enter your UAA information to configure Stratos. Once complete, you will be able to login with your credentials.

## Pushing the All-In-One Docker Image to Cloud Foundry

The All-In-One Docker Image can be pushed to Cloud Foundry.

Firstly, build the image and push it to a Docker registry, so that it is available to Cloud Foundry, e.g. to build and push to Docker Hub, in the project root directory run:

```
build/store-git-metadata.sh
docker build -f deploy/Dockerfile.all-in-one . -t MY-DOCKER-ORG/stratos-aio:latest
docker push MY-DOCKER-ORG/stratos-aio:latest
```

Where `MY-DOCKER_ORG` is your Docker Hub organization.

You can now push this image directly to Cloud Foundry with:

```
cf push stratos --docker-image MY-DOCKER-ORG/stratos-aio:latest
```

The log output of the push command will include the URL where the Stratos application can be accessed in a browser, e.g.

```
> cf push stratos --docker-image MY-DOCKER-ORG/stratos-aio:latest
Creating app stratos in org e2e / space e2e as admin...
OK

Creating route stratos.local.pcfdev.io...
OK

Binding stratos.local.pcfdev.io to stratos...
OK


Starting app stratos in org e2e / space e2e as admin...
Creating container
Successfully created container
Staging...
Staging process started ...
Staging process finished
Exit status 0
Staging Complete
Destroying container
Successfully destroyed container

1 of 1 instances running

App started


OK

App stratos was started using this command `./jetstream `

Showing health and status for app stratos in org e2e / space e2e as admin...
OK

requested state: started
instances: 1/1
usage: 256M x 1 instances
urls: stratos.local.pcfdev.io <-- URL
last uploaded: Mon Dec 3 03:12:47 UTC 2018
stack: cflinuxfs2
buildpack: unknown

state since cpu memory disk details
#0 running 2018-12-03 03:12:54 AM 0.0% 0 of 256M 0 of 512M
```

> Note: In this example we are pushing with the application name `stratos`

> Note: By default the All-in-one image has SSL Validation disabled when authenticating with Cloud Foundry and the UAA - this allows it to work out of the box with environments like PCF Dev. If this is not the behavior you desire, edit the file `deploy/all-in-one/config.all-in-one.properties` and change the `SKIP_SSL_VALIDATION` as desired before building and publishing the image.
3 changes: 2 additions & 1 deletion deploy/all-in-one/config.all-in-one.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,5 @@ CF_CLIENT=cf
ALLOWED_ORIGINS=http://nginx
SESSION_STORE_SECRET=wheeee!
ENCRYPTION_KEY=B374A26A71490437AA024E4FADD5B497FDFF1A8EA6FF12F6FB65AF2720B59CCF
STRATOS_DEPLOYMENT_DOCKER_AIO=true
STRATOS_DEPLOYMENT_DOCKER_AIO=true
SKIP_SSL_VALIDATION=true
4 changes: 2 additions & 2 deletions src/jetstream/plugins/cloudfoundryhosting/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -168,10 +168,10 @@ func (ch *CFHosting) Init() error {
if err != nil {
// Not set in the environment and failed to read from the Secrets file
ch.portalProxy.GetConfig().ConsoleConfig.SkipSSLValidation = false
} else {
ch.portalProxy.GetConfig().ConsoleConfig.SkipSSLValidation = skipSslBool
}

ch.portalProxy.GetConfig().ConsoleConfig.SkipSSLValidation = skipSslBool

// Save to Console DB
err = ch.portalProxy.SaveConsoleConfig(ch.portalProxy.GetConfig().ConsoleConfig, nil)
if err != nil {
Expand Down