[CentOS-devel] Update on status of CentOS Container Pipeline

Tue Jun 28 13:11:32 UTC 2016
Troy Dawson <tdawson at redhat.com>

This is awesome.
Thank you for all the hard work you, and everyone involved, has put into this.


On Mon, Jun 27, 2016 at 10:04 PM, Bamacharan Kundu <bamachrn at gmail.com> wrote:
> Hi All,
> Update on recent work done for the CentOS Container Pipeline.
>
> - We went through building the openshift origin images in Container Pipeline
> and published them to registry.centos.org successfully. We faced many issues
> with the upstream dockerfiles and moved to rpm based dockerfiles for
> building the images.
>
> - We have got almost all the monitoring pieces set up in production, now if
> there is any change in the system (i.e. openshift is down, jenkins is not
> communicating, or other changes) we get an alert notifying the change in the
> system.
>
> - We added multiple cron jobs for monitoring and communicating with zabix to
> get notifications on changes in system level parameters.
>
> -We got test suite set up for pipeline. Now all the images built through
> pipeline, goes through a set of tests for ensuring the container is
> runnable. For now we are testing containers based on CentOS 7.
>
> - We got atomic scan set up. This checks the container for rpm update or any
> other system update required for the container image. For now this process
> only sends notification to the user, stating the changes required in
> container, but does not update the container.
>
> - We noticed that all the source repos do not want the Dockerfile to be
> built for building centos based images. (i.e. for openshift origin we built
> the dockerfiles with name Dockerfile.centos7). To get these type of repos
> built in the pipeline, we added one more parameter dockerfile-name to
> index.yml which allows user to provide name of the dockerfile to be built.
>
> -We saw we are bringing up multiple independent stages (like polling source
> repo, build, test, delivery, notification) together to work sequentially as
> well as scale rapidly. Keeping this in mind we came up with beanstalkd tubes
> for managing communication point between all the independent phases and
> synchronizing with necessary information provided through job details.
>
> -We got Atomic Registry built in registry.centos.org with all its dependent
> containers available in registry.c.o. Even though we got all the dependency
> containers built in registry.co atomic registry is pulling origin-deployer
> and origin-pod from docker.io as this is hard coded to be pulled from
> docker.io.
>
> Our immediate next focus is :
> - implement firewall rules in production machines.
> - write a wiki page for wiki.centos.org for atomic registry.
> - work on setting up sanity checks for verifying project entries in
> index.yml
>
> Regards
> Bamacharan Kundu
>
>
> --
> Bamacharan Kundu
> IRC Nick- bamachrn
> http://bamacharankundu.wordpress.com/
>
> _______________________________________________
> CentOS-devel mailing list
> CentOS-devel at centos.org
> https://lists.centos.org/mailman/listinfo/centos-devel
>