是否可以 bootstrap Artifactory-OSS Docker 使用 Kubernetes 部署和 PVC 镜像?
Is it possible to bootstrap Artifactory-OSS Docker image with Kubernetes Deployment and PVC?
我们想要 运行 bootstrap 默认 artifactory.config.xml 和 security.import.xml 文件来预定义我们的用户和存储库。
我们还想使用持久性存储,特别是 PVC,在容器重启之间持久化工件。
According to their documentation,你可以通过将配置文件放入 artifactory_extra_config 来设置额外的配置,它们将在容器启动时被复制到 $ARTIFACTORY_HOME/etc 目录中。然而,Artifactory OSS 似乎并非如此。
根据 Helm chart:
Bootstrapping Artifactory
IMPORTANT: Bootstrapping Artifactory needs license. Pass license as shown in above section.
Documentation also mentions 将 artifactory.config.import.xml 和 security.import.xml 放在 $ARTIFACTORY_HOME/etc 目录中允许 bootstrapping。
我们从 Artifactory-oss:6.1.0 基础镜像构建了一个自定义 docker 镜像,并简单地将两个配置文件复制到 $ARTIFACTORY_HOME/etc 目录,但在 [=21] 附加了一个 PVC =] 似乎覆盖了导致 bootstrap 失败的配置。
我发现 Helm 图表将包含 bootstrap 配置文件的 ConfigMap 挂载到 /bootstrap/ 卷,并在 lifecycle.postStart 命令中将它们复制到 /artifactory_extra_conf。这似乎也不起作用。
我注意到 Artifactory PRO base image contains ARTIFACTORY_EXTRA_CONF=/artifactory_extra_confwhile Artifactory OSS 的 ENV 没有。
我也尝试了一些实验,将我们自定义映像中的配置文件复制到其他目录,并使用 initContainers 复制加载卷,但到目前为止,我没有尝试过 bootstrap Artifactory OSS 并使用安装在 /var/opt/jfrog/artifactory.
的持久卷
我在 Artifactory 的 Dockerfile 中注意到 /var/opt/jfrog/artifactory 子目录实际上链接到基础映像中相应的 /opt/jfrog/artifactory 目录。
我们的解决方案是修改他们的 /entrypoint-artifactory.sh 并创建自定义图像。
首先,我们在/etnrypoint-artifactory.sh
中添加了一个新函数copyExtraConf()
copyExtraConf () {
logger "Copying from artifactory_extra_conf"
chown ${ARTIFACTORY_USER_NAME}:${ARTIFACTORY_USER_NAME} /artifactory_extra_conf/*
cp -pv /artifactory_extra_conf/* ${ARTIFACTORY_HOME}/etc/
}
然后我们在设置目录和用户后调用它以防止已安装卷的所有权错误:
printDockerFileLocation
checkULimits
checkMounts
setupDataDirs
setupArtUser
# CUSTOM:START - do this after setupDataDirs and setupArtUser so we can chown and copy our files.
copyExtraConf
# CUSTOM:END
setAccessCreds
setMasterKey
setupPermissions
setDBType
addExtraJavaArgs
Docker 文件:
# Dockerfile
#
# NOTE:
# entrypoint-artifactory.sh is based on the one from artifactory-oss:6.1.0
# When changing versions, be sure to compare entrypoint-artifactory-ta.sh to entrypoint-artifactory.sh
FROM docker.bintray.io/jfrog/artifactory-oss:6.1.0
COPY entrypoint-artifactory.sh /entrypoint-artifactory.sh
RUN chmod +x /entrypoint-artifactory.sh
ENTRYPOINT ["/entrypoint-artifactory.sh"]
COPY configs/artifactory.config.import.xml /artifactory_extra_conf/artifactory.config.import.xml
COPY configs/security.import.xml /artifactory_extra_conf/security.import.xml
我必须成为 root 才能交换 /entrypoint-artifactory.sh
FROM docker.bintray.io/jfrog/artifactory-oss:6.16.0
USER root
COPY entrypoint-artifactory.sh /entrypoint-artifactory.sh
RUN chmod +x /entrypoint-artifactory.sh
COPY configs/artifactory.config.import.xml /artifactory_extra_conf/
COPY configs/security.import.xml /artifactory_extra_conf/
USER artifactory
ENTRYPOINT ["/entrypoint-artifactory.sh"]
我们想要 运行 bootstrap 默认 artifactory.config.xml 和 security.import.xml 文件来预定义我们的用户和存储库。
我们还想使用持久性存储,特别是 PVC,在容器重启之间持久化工件。
According to their documentation,你可以通过将配置文件放入 artifactory_extra_config 来设置额外的配置,它们将在容器启动时被复制到 $ARTIFACTORY_HOME/etc 目录中。然而,Artifactory OSS 似乎并非如此。
根据 Helm chart:
Bootstrapping Artifactory
IMPORTANT: Bootstrapping Artifactory needs license. Pass license as shown in above section.
Documentation also mentions 将 artifactory.config.import.xml 和 security.import.xml 放在 $ARTIFACTORY_HOME/etc 目录中允许 bootstrapping。
我们从 Artifactory-oss:6.1.0 基础镜像构建了一个自定义 docker 镜像,并简单地将两个配置文件复制到 $ARTIFACTORY_HOME/etc 目录,但在 [=21] 附加了一个 PVC =] 似乎覆盖了导致 bootstrap 失败的配置。
我发现 Helm 图表将包含 bootstrap 配置文件的 ConfigMap 挂载到 /bootstrap/ 卷,并在 lifecycle.postStart 命令中将它们复制到 /artifactory_extra_conf。这似乎也不起作用。
我注意到 Artifactory PRO base image contains ARTIFACTORY_EXTRA_CONF=/artifactory_extra_confwhile Artifactory OSS 的 ENV 没有。
我也尝试了一些实验,将我们自定义映像中的配置文件复制到其他目录,并使用 initContainers 复制加载卷,但到目前为止,我没有尝试过 bootstrap Artifactory OSS 并使用安装在 /var/opt/jfrog/artifactory.
我在 Artifactory 的 Dockerfile 中注意到 /var/opt/jfrog/artifactory 子目录实际上链接到基础映像中相应的 /opt/jfrog/artifactory 目录。
我们的解决方案是修改他们的 /entrypoint-artifactory.sh 并创建自定义图像。
首先,我们在/etnrypoint-artifactory.sh
copyExtraConf()
copyExtraConf () {
logger "Copying from artifactory_extra_conf"
chown ${ARTIFACTORY_USER_NAME}:${ARTIFACTORY_USER_NAME} /artifactory_extra_conf/*
cp -pv /artifactory_extra_conf/* ${ARTIFACTORY_HOME}/etc/
}
然后我们在设置目录和用户后调用它以防止已安装卷的所有权错误:
printDockerFileLocation
checkULimits
checkMounts
setupDataDirs
setupArtUser
# CUSTOM:START - do this after setupDataDirs and setupArtUser so we can chown and copy our files.
copyExtraConf
# CUSTOM:END
setAccessCreds
setMasterKey
setupPermissions
setDBType
addExtraJavaArgs
Docker 文件:
# Dockerfile
#
# NOTE:
# entrypoint-artifactory.sh is based on the one from artifactory-oss:6.1.0
# When changing versions, be sure to compare entrypoint-artifactory-ta.sh to entrypoint-artifactory.sh
FROM docker.bintray.io/jfrog/artifactory-oss:6.1.0
COPY entrypoint-artifactory.sh /entrypoint-artifactory.sh
RUN chmod +x /entrypoint-artifactory.sh
ENTRYPOINT ["/entrypoint-artifactory.sh"]
COPY configs/artifactory.config.import.xml /artifactory_extra_conf/artifactory.config.import.xml
COPY configs/security.import.xml /artifactory_extra_conf/security.import.xml
我必须成为 root 才能交换 /entrypoint-artifactory.sh
FROM docker.bintray.io/jfrog/artifactory-oss:6.16.0
USER root
COPY entrypoint-artifactory.sh /entrypoint-artifactory.sh
RUN chmod +x /entrypoint-artifactory.sh
COPY configs/artifactory.config.import.xml /artifactory_extra_conf/
COPY configs/security.import.xml /artifactory_extra_conf/
USER artifactory
ENTRYPOINT ["/entrypoint-artifactory.sh"]