[CentOS-devel] Update on status of CentOS Container Pipeline

Tue Jun 28 03:04:48 UTC 2016
Bamacharan Kundu <bamachrn at gmail.com>

Hi All,
Update on recent work done for the CentOS Container Pipeline.

- We went through building the openshift origin images in Container
Pipeline and published them to registry.centos.org successfully. We faced
many issues with the upstream dockerfiles and moved to rpm based
dockerfiles for building the images.

- We have got almost all the monitoring pieces set up in production, now if
there is any change in the system (i.e. openshift is down, jenkins is not
communicating, or other changes) we get an alert notifying the change in
the system.

- We added multiple cron jobs for monitoring and communicating with zabix
to get notifications on changes in system level parameters.

-We got test suite set up for pipeline. Now all the images built through
pipeline, goes through a set of tests for ensuring the container is
runnable. For now we are testing containers based on CentOS 7.

- We got atomic scan set up. This checks the container for rpm update or
any other system update required for the container image. For now this
process only sends notification to the user, stating the changes required
in container, but does not update the container.

- We noticed that all the source repos do not want the Dockerfile to be
built for building centos based images. (i.e. for openshift origin we built
the dockerfiles with name Dockerfile.centos7). To get these type of repos
built in the pipeline, we added one more parameter dockerfile-name to
index.yml which allows user to provide name of the dockerfile to be built.

-We saw we are bringing up multiple independent stages (like polling source
repo, build, test, delivery, notification) together to work sequentially as
well as scale rapidly. Keeping this in mind we came up with beanstalkd
tubes for managing communication point between all the independent phases
and synchronizing with necessary information provided through job details.

-We got Atomic Registry built in registry.centos.org with all its dependent
containers available in registry.c.o. Even though we got all the dependency
containers built in registry.co atomic registry is pulling origin-deployer
and origin-pod from docker.io as this is hard coded to be pulled from
docker.io.

Our immediate next focus is :
- implement firewall rules in production machines.
- write a wiki page for wiki.centos.org for atomic registry.
- work on setting up sanity checks for verifying project entries in
index.yml

Regards
Bamacharan Kundu


-- 
Bamacharan Kundu
IRC Nick- bamachrn
http://bamacharankundu.wordpress.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20160628/d4a9115f/attachment-0007.html>