Review layered-image-buildsys SOP
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
This commit is contained in:
Michal Konečný
parent
5a42d63c77
commit
1d6c2e258a
2 changed files with 18 additions and 19 deletions
|
|
@ -62,7 +62,7 @@
|
|||
** xref:koji-archive.adoc[Koji Archive - SOP]
|
||||
** xref:koji-builder-setup.adoc[Setup Koji Builder - SOP]
|
||||
** xref:koschei.adoc[Koschei - SOP]
|
||||
** xref:layered-image-buildsys.adoc[layered-image-buildsys - SOP in review ]
|
||||
** xref:layered-image-buildsys.adoc[Layered Image Build System - SOP]
|
||||
** xref:librariesio2fedmsg.adoc[librariesio2fedmsg - SOP in review ]
|
||||
** xref:mailman.adoc[mailman - SOP in review ]
|
||||
** xref:making-ssl-certificates.adoc[making-ssl-certificates - SOP in review ]
|
||||
|
|
|
|||
|
|
@ -9,11 +9,10 @@ to build Layered Container Images in the Fedora Infrastructure via Koji.
|
|||
|
||||
== Contents
|
||||
|
||||
[arabic]
|
||||
. Contact Information
|
||||
. Overview
|
||||
. Setup
|
||||
. Outage
|
||||
* <<_contact_information>>
|
||||
* <<_overview>>
|
||||
* <<_setup>>
|
||||
* <<_outage>>
|
||||
|
||||
== Contact Information
|
||||
|
||||
|
|
@ -42,15 +41,15 @@ will submit a build to Koji via the `fedpkg container-build` command a
|
|||
https://src.fedoraproject.org/projects/container/*[DistGit]. This will
|
||||
trigger the build to be scheduled in
|
||||
https://www.openshift.org/[OpenShift] via
|
||||
https://github.com/projectatomic/osbs-client[osbs-client] tooling, this
|
||||
will create a custom
|
||||
https://docs.openshift.org/latest/dev_guide/builds.html[OpenShift Build]
|
||||
https://github.com/projectatomic/osbs-client[osbs-client] tooling,
|
||||
which creates a custom
|
||||
https://docs.okd.io/latest/cicd/builds/understanding-image-builds.html[OpenShift Build]
|
||||
which will use the pre-made buildroot container image that we have
|
||||
created. The https://github.com/projectatomic/atomic-reactor[Atomic
|
||||
Reactor] (`atomic-reactor`) utility will run within the buildroot and
|
||||
prep the build container where the actual build action will execute, it
|
||||
will also maintain uploading the
|
||||
https://fedoraproject.org/wiki/Koji/ContentGenerators[Content Generator]
|
||||
https://docs.pagure.org/koji/content_generators/[Content Generator]
|
||||
metadata back to https://fedoraproject.org/wiki/Koji[Koji] and upload
|
||||
the built image to the candidate docker registry. This will run on a
|
||||
host with iptables rules restricting access to the docker bridge, this
|
||||
|
|
@ -120,7 +119,7 @@ $ sudo rbac-playbook groups/osbs/deploy-cluster.yml
|
|||
This is going to deploy the OpenShift cluster used by OSBS. Currently
|
||||
the playbook deploys 2 clusters (x86_64 and aarch64). Ansible tags can
|
||||
be used to deploy only one of these if needed for example
|
||||
[.title-ref]#osbs-x86-deploy-openshift#.
|
||||
_osbs-x86-deploy-openshift_.
|
||||
|
||||
If the openshift-ansible playbook fails it can be easier to run it
|
||||
directly from osbs-control01 and use the verbose mode.
|
||||
|
|
@ -151,7 +150,7 @@ dsjflksfkgjgkjfdl ....
|
|||
....
|
||||
|
||||
The token needs to be saved in the private ansible repo in
|
||||
[.title-ref]#files/osbs/production/x86-64-osbs-koji#. Once this is done
|
||||
`files/osbs/production/x86-64-osbs-koji`. Once this is done
|
||||
you can run the builder playbook to update that token.
|
||||
|
||||
....
|
||||
|
|
@ -160,10 +159,10 @@ $ sudo rbac-playbook groups/buildvm.yml -t osbs
|
|||
|
||||
=== Operation
|
||||
|
||||
Koji Hub will schedule the containerBuild on a koji builder via the
|
||||
koji-containerbuild-hub plugin, the builder will then submit the build
|
||||
in OpenShift via the koji-containerbuild-builder plugin which uses the
|
||||
osbs-client python API that wraps the OpenShift API along with a custom
|
||||
Koji Hub will schedule the `containerBuild` on a koji builder via the
|
||||
`koji-containerbuild-hub` plugin, the builder will then submit the build
|
||||
in OpenShift via the `koji-containerbuild-builder` plugin which uses the
|
||||
`osbs-client` python API that wraps the OpenShift API along with a custom
|
||||
OpenShift Build JSON payload.
|
||||
|
||||
The Build is then scheduled in OpenShift and it's logs are captured by
|
||||
|
|
@ -176,8 +175,8 @@ generator.
|
|||
If Koji is down, then builds can't be scheduled but repairing Koji is
|
||||
outside the scope of this document.
|
||||
|
||||
If either the candidate-registry.fedoraproject.org or
|
||||
registry.fedoraproject.org Container Registries are unavailable, but
|
||||
If either the _candidate-registry.fedoraproject.org_ or
|
||||
_registry.fedoraproject.org_. Container registries are unavailable, but
|
||||
repairing those is also outside the scope of this document.
|
||||
|
||||
=== OSBS Failures
|
||||
|
|
@ -188,7 +187,7 @@ are known about and the recovery procedures are listed below.
|
|||
==== Ran out of disk space
|
||||
|
||||
Docker uses a lot of disk space, and while the osbs-nodes have been
|
||||
alloted what is considered to be ample disk space for builds (since they
|
||||
allocated what is considered to be ample disk space for builds (since they
|
||||
are automatically cleaned up periodically) it is possible this will run
|
||||
out.
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue