search

ansible / ansible-container

DEPRECATED -- Ansible Container was a tool to build Docker images and orchestrate containers using only Ansible playbooks.
GNU Lesser General Public License v3.0
2.19k stars 394 forks source link

A mess with which command to run when building the services. #908

Open zentavr opened 6 years ago

zentavr commented 6 years ago
ISSUE TYPE
container.yml
---
version: "2"

defaults:
  api-service:
    repo:
      src: "git@repo:zentavr/api-service.git"
      dest: "/home/api-service"
      tag: "develop"
    virtualenv_path: "/opt/.venv"

settings:
  conductor:
    base: "alpine:3.7"
  project_name: api-service

services:
  # Web Interface (UWSGI server)
  web:
    from: "alpine:3.7"
    roles:
      - common
      - roll-the-code
      - uwsgi
    expose:
      - "8080"
      - "8081"
    command: [ "/home/api-service/init/start_web.sh" ]

  # Cron-like stuff
  cron:
    from: "alpine:3.7"
    roles:
      - common
      - roll-the-code
    command: [ "/usr/sbin/crond", "-f", "-L", "/dev/stdout" ]

  # Crawler
  crawler:
    from: "alpine:3.7"
    roles:
      - common
      - roll-the-code
    command: [ "/home/api-service/init/crawler-service.sh" ]

registries:
  resecurity:
    url: https://docker.repo.local:5000
    namespace: api-service
OS / ENVIRONMENT
Ansible Container, version 0.9.2
Darwin, zentavr-mac.local, 17.4.0, Darwin Kernel Version 17.4.0: Sun Dec 17 09:19:54 PST 2017; root:xnu-4570.41.2~1/RELEASE_X86_64, x86_64
2.7.10 (default, Jul 15 2017, 17:16:57)
[GCC 4.2.1 Compatible Apple LLVM 9.0.0 (clang-900.0.31)] /Users/zentavr/Development/dockerfiles/.venv/bin/python
{
  "ContainersPaused": 0,
  "Labels": [],
  "CgroupDriver": "cgroupfs",
  "ContainersRunning": 3,
  "ContainerdCommit": {
    "Expected": "89623f28b87a6004d4b785663257362d1658a729",
    "ID": "89623f28b87a6004d4b785663257362d1658a729"
  },
  "InitBinary": "docker-init",
  "NGoroutines": 89,
  "Swarm": {
    "ControlAvailable": false,
    "NodeID": "",
    "Error": "",
    "RemoteManagers": null,
    "LocalNodeState": "inactive",
    "NodeAddr": ""
  },
  "LoggingDriver": "json-file",
  "OSType": "linux",
  "HttpProxy": "docker.for.mac.http.internal:3128",
  "Runtimes": {
    "runc": {
      "path": "docker-runc"
    }
  },
  "DriverStatus": [
    [
      "Backing Filesystem",
      "extfs"
    ],
    [
      "Supports d_type",
      "true"
    ],
    [
      "Native Overlay Diff",
      "true"
    ]
  ],
  "OperatingSystem": "Docker for Mac",
  "Containers": 5,
  "HttpsProxy": "docker.for.mac.http.internal:3129",
  "BridgeNfIp6tables": true,
  "MemTotal": 2095816704,
  "SecurityOptions": [
    "name=seccomp,profile=default"
  ],
  "Driver": "overlay2",
  "IndexServerAddress": "https://index.docker.io/v1/",
  "ClusterStore": "",
  "InitCommit": {
    "Expected": "949e6fa",
    "ID": "949e6fa"
  },
  "GenericResources": null,
  "Isolation": "",
  "SystemStatus": null,
  "OomKillDisable": true,
  "ClusterAdvertise": "",
  "SystemTime": "2018-03-20T13:35:51.673097826Z",
  "Name": "linuxkit-025000000001",
  "CPUSet": true,
  "RegistryConfig": {
    "AllowNondistributableArtifactsCIDRs": [],
    "Mirrors": [],
    "IndexConfigs": {
      "docker.io": {
        "Official": true,
        "Name": "docker.io",
        "Secure": true,
        "Mirrors": []
      }
    },
    "AllowNondistributableArtifactsHostnames": [],
    "InsecureRegistryCIDRs": [
      "127.0.0.0/8"
    ]
  },
  "DefaultRuntime": "runc",
  "ContainersStopped": 2,
  "NCPU": 4,
  "NFd": 56,
  "Architecture": "x86_64",
  "KernelMemory": true,
  "CpuCfsQuota": true,
  "Debug": true,
  "ID": "OUIB:ALAF:BQPI:YMNY:SPDY:MM5P:FNTJ:C6I6:U73T:RIKE:X275:6USI",
  "IPv4Forwarding": true,
  "KernelVersion": "4.9.60-linuxkit-aufs",
  "BridgeNfIptables": true,
  "NoProxy": "",
  "LiveRestoreEnabled": false,
  "ServerVersion": "17.12.0-ce",
  "CpuCfsPeriod": true,
  "ExperimentalBuild": true,
  "MemoryLimit": true,
  "SwapLimit": true,
  "Plugins": {
    "Volume": [
      "local"
    ],
    "Network": [
      "bridge",
      "host",
      "ipvlan",
      "macvlan",
      "null",
      "overlay"
    ],
    "Authorization": null,
    "Log": [
      "awslogs",
      "fluentd",
      "gcplogs",
      "gelf",
      "journald",
      "json-file",
      "logentries",
      "splunk",
      "syslog"
    ]
  },
  "Images": 24,
  "DockerRootDir": "/var/lib/docker",
  "NEventsListener": 3,
  "CPUShares": true,
  "RuncCommit": {
    "Expected": "b2567b37d7b75eb4cf325b77297b140ea686ce8f",
    "ID": "b2567b37d7b75eb4cf325b77297b140ea686ce8f"
  }
}
{
  "KernelVersion": "4.9.60-linuxkit-aufs",
  "Components": [
    {
      "Version": "17.12.0-ce",
      "Name": "Engine",
      "Details": {
        "KernelVersion": "4.9.60-linuxkit-aufs",
        "Os": "linux",
        "BuildTime": "2017-12-27T20:12:29.000000000+00:00",
        "ApiVersion": "1.35",
        "MinAPIVersion": "1.12",
        "GitCommit": "c97c6d6",
        "Arch": "amd64",
        "Experimental": "true",
        "GoVersion": "go1.9.2"
      }
    }
  ],
  "Arch": "amd64",
  "BuildTime": "2017-12-27T20:12:29.000000000+00:00",
  "ApiVersion": "1.35",
  "Platform": {
    "Name": ""
  },
  "Version": "17.12.0-ce",
  "MinAPIVersion": "1.12",
  "GitCommit": "c97c6d6",
  "Os": "linux",
  "Experimental": true,
  "GoVersion": "go1.9.2"
}
SUMMARY
STEPS TO REPRODUCE

I'm building the containers in the way like this:

ansible-container build --roles-path ~/Development/dockerfiles/_ansible-roles

The output is the next:

Building Docker Engine context...
Starting Docker build of Ansible Container Conductor image (please be patient)...
Parsing conductor CLI args.
Docker™ daemon integration engine loaded. Build starting.   project=api-service
Building service... project=api-service service=web

PLAY [web] *********************************************************************

TASK [Gathering Facts] *********************************************************
ok: [web]

TASK [common : Updating APK caches] ********************************************
changed: [web]

TASK [common : Installing dumb init] *******************************************
changed: [web]

TASK [common : Installing archiving tools] *************************************
changed: [web]

TASK [common : Installing curl] ************************************************
changed: [web]

TASK [common : Setting up the directories] *************************************
changed: [web] => (item=/opt)
changed: [web] => (item=/build)

TASK [common : Composing file glob] ********************************************
ok: [web]

TASK [common : Dropping APK Cache] *********************************************
changed: [web] => (item={u'uid': 0, u'woth': False, u'mtime': 1521548690.7653735, u'inode': 661944, u'isgid': False, u'size': 451675, u'roth': True, u'isuid': False, u'isreg': True, u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': True, u'xoth': False, u'rusr': True, u'nlink': 1, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/var/cache/apk/APKINDEX.5022a8a2.tar.gz', u'xusr': False, u'atime': 1521548692.2746284, u'isdir': False, u'ctime': 1521548690.7653735, u'wgrp': False, u'xgrp': False, u'dev': 2049, u'isblk': False, u'isfifo': False, u'mode': u'0644', u'islnk': False})
changed: [web] => (item={u'uid': 0, u'woth': False, u'mtime': 1521547984.0, u'inode': 661943, u'isgid': False, u'size': 768400, u'roth': True, u'isuid': False, u'isreg': True, u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': True, u'xoth': False, u'rusr': True, u'nlink': 1, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/var/cache/apk/APKINDEX.70c88391.tar.gz', u'xusr': False, u'atime': 1521548690.1756647, u'isdir': False, u'ctime': 1521548689.7958522, u'wgrp': False, u'xgrp': False, u'dev': 2049, u'isblk': False, u'isfifo': False, u'mode': u'0644', u'islnk': False})

PLAY RECAP *********************************************************************
web                        : ok=8    changed=6    unreachable=0    failed=0

Applied role to service role=common service=web
Committed layer as image    image=sha256:215d36bc6a5e6017bcb5c6ff30531dc2e43b3b960261dcd6e3eaf058f5c0ba33 service=web

PLAY [web] *********************************************************************

TASK [Gathering Facts] *********************************************************
ok: [web]

TASK [roll-the-code : Updating APK caches] ***************************************
ok: [web]

TASK [roll-the-code : Installing APK Packages] ***********************************
changed: [web]

TASK [roll-the-code : Implementing a hack in order to proceed requirements.txt later] ***
changed: [web]

TASK [roll-the-code : Setting up the directories] ********************************
changed: [web]

TASK [roll-the-code : Copying RSA access key] ************************************
changed: [web]

TASK [roll-the-code : Deploying the code] ****************************************
changed: [web]

TASK [roll-the-code : Generating UWSGI app.ini file] *****************************
ok: [web]

TASK [roll-the-code : Installing Python's requirements] **************************
changed: [web]

TASK [roll-the-code : Dropping RSA Key] ******************************************
changed: [web]

TASK [roll-the-code : Dropping pip cache] ****************************************
changed: [web]

TASK [roll-the-code : Composing file glob] ***************************************
ok: [web]

TASK [roll-the-code : Dropping .git] *********************************************
changed: [web]

TASK [roll-the-code : Dropping APK Cache] ****************************************
changed: [web] => (item={u'uid': 0, u'woth': False, u'mtime': 1521548704.878405, u'inode': 661960, u'isgid': False, u'size': 451675, u'roth': True, u'isuid': False, u'isreg': True, u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': True, u'xoth': False, u'rusr': True, u'nlink': 1, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/var/cache/apk/APKINDEX.5022a8a2.tar.gz', u'xusr': False, u'atime': 1521548705.0483212, u'isdir': False, u'ctime': 1521548704.878405, u'wgrp': False, u'xgrp': False, u'dev': 2049, u'isblk': False, u'isfifo': False, u'mode': u'0644', u'islnk': False})
changed: [web] => (item={u'uid': 0, u'woth': False, u'mtime': 1521548704.6585135, u'inode': 661959, u'isgid': False, u'size': 768400, u'roth': True, u'isuid': False, u'isreg': True, u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': True, u'xoth': False, u'rusr': True, u'nlink': 1, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/var/cache/apk/APKINDEX.70c88391.tar.gz', u'xusr': False, u'atime': 1521548705.0083408, u'isdir': False, u'ctime': 1521548704.6585135, u'wgrp': False, u'xgrp': False, u'dev': 2049, u'isblk': False, u'isfifo': False, u'mode': u'0644', u'islnk': False})

PLAY RECAP *********************************************************************
web                        : ok=14   changed=10   unreachable=0    failed=0

Applied role to service role=roll-the-code service=web
Committed layer as image    image=sha256:686b4a466e426ae9095f0b93777a9f3cc31c97bd4f4ac92df699f4dcac55288e service=web

PLAY [web] *********************************************************************

TASK [Gathering Facts] *********************************************************
ok: [web]

TASK [uwsgi : Updating APK caches] *********************************************
ok: [web]

TASK [uwsgi : Installing UWSGI] ************************************************
changed: [web]

TASK [uwsgi : Composing file glob] *********************************************
ok: [web]

TASK [uwsgi : Dropping APK Cache] **********************************************
changed: [web] => (item={u'uid': 0, u'woth': False, u'mtime': 1521549816.3663814, u'inode': 661978, u'isgid': False, u'size': 451675, u'roth': True, u'isuid': False, u'isreg': True, u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': True, u'xoth': False, u'rusr': True, u'nlink': 1, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/var/cache/apk/APKINDEX.5022a8a2.tar.gz', u'xusr': False, u'atime': 1521549816.5263023, u'isdir': False, u'ctime': 1521549816.3663814, u'wgrp': False, u'xgrp': False, u'dev': 2049, u'isblk': False, u'isfifo': False, u'mode': u'0644', u'islnk': False})
changed: [web] => (item={u'uid': 0, u'woth': False, u'mtime': 1521549816.1264997, u'inode': 661977, u'isgid': False, u'size': 768400, u'roth': True, u'isuid': False, u'isreg': True, u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': True, u'xoth': False, u'rusr': True, u'nlink': 1, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/var/cache/apk/APKINDEX.70c88391.tar.gz', u'xusr': False, u'atime': 1521549816.4863222, u'isdir': False, u'ctime': 1521549816.1264997, u'wgrp': False, u'xgrp': False, u'dev': 2049, u'isblk': False, u'isfifo': False, u'mode': u'0644', u'islnk': False})

PLAY RECAP *********************************************************************
web                        : ok=5    changed=2    unreachable=0    failed=0

Applied role to service role=uwsgi service=web
Committed layer as image    image=sha256:55de019261e7526f80352a774f8c309a68b2ddaf7e3d31e159dd3f31936eb3f4 service=web
Build complete. service=web
Building service... project=api-service service=cron
Applied role common from cache  role=common service=cron
Applied role roll-the-code from cache   role=roll-the-code service=cron
Build complete. service=cron
Building service... project=api-service service=crawler
Applied role common from cache  role=common service=crawler
Applied role roll-the-code from cache   role=roll-the-code service=crawler
Build complete. service=crawler
All images successfully built.
Conductor terminated. Cleaning up.  command_rc=0 conductor_id=8adf816307f5ee8e5303289fb84b5b70adca1b682a79963d1e97dd2e21f0b996 save_container=False

As we can see, the roles (3 of them) are applied ONLY when building the first service called web, then for the cron and crawler - the tool uses cached layers. What is not OK is that the tool ignores command directive for the container which is the unique for every service.

EXPECTED RESULTS

Apply the correct command directive per-service when using cached layers.

ACTUAL RESULTS

When applying the cached layers the command directive gets ignored.