Page MenuHomeDevCentral
Files F3717263

D1435.id3668.diff
No OneTemporary
Actions

D1435.id3668.diff
View Options

diff --git a/KNOWN_ISSUES.md b/KNOWN_ISSUES.md
--- a/KNOWN_ISSUES.md
+++ b/KNOWN_ISSUES.md
@@ -44,3 +44,25 @@
$ grep -q pefs_load /boot/loader.conf || cat >> /boot/loader.conf
pefs_load="YES"
```
+
+## Role: paas-docker
+
+### Set static IP addresses
+
+Docker slave nodes for Jenkins should use known addresses, either static IP,
+either a DNS system. Such advanced network configuration through Salt requires
+2018.3.0.
+
+**Workaround**
+
+Two workarounds are straightforward:
+
+ - `docker inspect apsile | grep 172` and manually set the IP in Jenkins.
+ - run an internal DNS service for the Docker engine and containers,
+ e.g. through the phensley/docker-dns container (see T958 for plan)
+
+The second is recommended if you restart or reprovision often,
+with containers declared in the pillar in a different order each time.
+
+The first should be stable as long as you append new containers
+to the pillar docker_containers entry end.
diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls
--- a/pillar/paas/docker.sls
+++ b/pillar/paas/docker.sls
@@ -34,3 +34,8 @@
jenkins:
host: cd.nasqueron.org
app_port: 38080
+ jenkins_slave:
+ apsile:
+ ip: 172.17.0.100
+ elapsi:
+ ip: 172.17.0.101
diff --git a/roles/paas-docker/containers/files/jenkins_slave/authorized_keys b/roles/paas-docker/containers/files/jenkins_slave/authorized_keys
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/files/jenkins_slave/authorized_keys
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICiWLxPzS8X6NraVwsK95gFGe1pIuz+K0n7aw81nabcf jenkins-master-equatower-cd
diff --git a/roles/paas-docker/containers/jenkins_slave.sls b/roles/paas-docker/containers/jenkins_slave.sls
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/jenkins_slave.sls
@@ -0,0 +1,55 @@
+# -------------------------------------------------------------
+# Salt — Provision Docker engine
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2018-03-16
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
+{% set containers = pillar['docker_containers'][grains['id']] %}
+
+# -------------------------------------------------------------
+# Home directory
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/srv/jenkins/slave_home:
+ file.directory:
+ - user: 431
+ - group: 433
+ - makedirs: True
+
+{% if has_selinux %}
+selinux_context_jenkins_slave_home:
+ selinux.fcontext_policy_present:
+ - name: /srv/jenkins/slave_home
+ - sel_type: svirt_sandbox_file_t
+
+selinux_context_jenkins_slave_home_applied:
+ selinux.fcontext_policy_applied:
+ - name: /srv/jenkins/slave_home
+{% endif %}
+
+/srv/jenkins/slave_home/.ssh:
+ file.directory:
+ - user: 431
+ - group: 433
+
+/srv/jenkins/slave_home/.ssh/authorized_keys:
+ file.managed:
+ - source: salt://roles/paas-docker/containers/files/jenkins_slave/authorized_keys
+ - user: 431
+ - group: 433
+
+# -------------------------------------------------------------
+# Container
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{% for name, container in containers['jenkins_slave'].items() %}
+{{ name }}:
+ docker_container.running:
+ - detach: True
+ - interactive: True
+ - image: nasqueron/jenkins-slave-php
+ - binds: /srv/jenkins/slave_home:/home/app
+{% endfor %}

File Metadata

Mime Type
text/plain
Expires
Thu, Nov 7, 02:54 (21 h, 1 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2232437
Default Alt Text
D1435.id3668.diff (3 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator