s2i简介

s2i原理

s2i是红帽推出的一种基于容器的应用镜像构建工具。它需要三个元素：源码，基础镜像，构建配置。大概流程如下：

首先用户需要制作一个基础镜像，作为构建的基础环境，用户需要配置好相应的软件包，环境变量，等等
s2i负责启动一个容器（其镜像为用户指定的基础镜像）
s2i将源码拉取到容器中的/tmp/src目录下，然后读取s2i的配置信息进行源码编译及安装配置
s2i将编译好的容器提交成新的镜像

s2i配置文件信息

主要包含四个文件，分别为：

assemble 用于对源码编译以及安装配置的脚本
run 启动应用镜像时执行的脚本
save-artifacts 用于保存一些编译中复用的内容，这样下次编译可以直接使用这些文件，从而加快编译安装等速度
usage 打印生成镜像的帮助信息

这四个文件都需要用户自行定义，s2i会通过三种方式寻找这些文件，分别为：

源码中.s2i/bin下
--scripts-url 参数指定的位置
镜像中label：io.openshift.s2i.scripts-url指定的位置

推荐使用第一种方式，这样方便管理和持续集成，其他两种url都支持以下三种形式：

image://path_to_scripts_dir 在镜像内的绝对路径
file://path_to_scripts_dir 在主机上的绝对或者相对路径
http(s)://path_to_scripts_dir 网络上的文件

cloudstack在openshift中的部署

由于不同应用的配置文件差异很大，所以此处不会对配置文件进行详细解释，主要列出主要文件的内容。在cloudstack的环境中中主要包含三台cloudstack server和后端的mysql主从数据库，其中需要用到s2i功能的只有cloudstack的编译，由于三个cs server的差别不大，所以使用同一个镜像，通过环境变量的不同来决定是否为主服务器。

cloudstack服务部署

cloudstack基础镜像

此处直接列出它的Dockerfile

# cloudstack-base
FROM centos:6.6

# TODO: Put the maintainer name in the image metadata
MAINTAINER bdt <bit_bdt@foxmail.com>

# relate url : https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md#required-image-contents

# TODO: Rename the builder environment variable to inform users about application you provide them
ENV BASE_IMAGE_VERSION 1.4

Run yum -y install wget which && yum -y install epel-release && yum -y update && yum -y upgrade \
    && yum install -y ntp && yum -y install java-1.6.0-openjdk \
    && yum -y install mysql mysql-server && yum -y install git svn rpm-build \
    && yum -y install python-setuptools && yum -y install genisoimage \
    && yum -y install java-1.6.0-openjdk-devel tomcat6 ws-commons-util MySQL-python \
    && yum -y clean all

Run yum -y install selinux-policy  libselinux-devel selinux-policy-targeted python-pip &&  yum -y clean all  \
    && pip install --upgrade pip && pip install supervisor \
    && sed -i 's/SELINUX/#SELINUX/g' /etc/selinux/config  && echo "SELINUX=disabled" >> /etc/selinux/config

Run wget https://archive.apache.org/dist/tomcat/tomcat-6/v6.0.35/bin/apache-tomcat-6.0.35.tar.gz \
    && tar xzvf apache-tomcat-6.0.35.tar.gz -C /usr/local \
    && rm -rf apache-tomcat-6.0.35.tar.gz

Run wget http://mirror.cc.columbia.edu/pub/software/apache/maven/maven-3/3.0.5/binaries/apache-maven-3.0.5-bin.tar.gz \
    && tar xzf apache-maven-3.0.5-bin.tar.gz -C /usr/local \
    && cd /usr/local && ln -s apache-maven-3.0.5 maven && rm -rf apache-maven-3.0.5-bin.tar.gz

Run pip uninstall -y meld3 && wget https://pypi.python.org/packages/source/m/meld3/meld3-1.0.2.tar.gz && tar -zxf meld3-1.0.2.tar.gz \
    && cd meld3-1.0.2 && python setup.py install && cd - && rm -f meld3-1.0.2.tar.gz && rm -rf meld3-1.0.2

Run yum -y install gcc && yum -y clean all

ADD repository /root/.m2/repository

s2i配置

前边所述的四个文件，在本文中主要用到是run和assemble，所以此处只列出它们的内容

run

主要执行start.sh

sh /tmp/src/.s2i/bin/start.sh

其内容如下：

for de in $(losetup -a | grep "cloudstack" | awk -F: '{print $1}'); do losetup -d $de; done;

a=$(losetup -a|wc -l)
mknod /dev/loop$a -m666 b 7 $a
let a++
mknod /dev/loop$a -m666 b 7 $a
losetup -f

#losetup -f
#if [ $? -ne 0 ]; then
#    mknod $(losetup -a | awk -F: 'BEGIN{a=0}  {a++;} END{printf("/dev/loop%d -m666 b 7 %d",a,a)}')
#fi

if [ "$CSM" == "TRUE" ]; then
        cloudstack-setup-databases cloud:password@"$MYSQL_MASTER_SERVICE_HOST"  --deploy-as=root:password
elif [ "$CSM" == "FALSE" ]; then
        cloudstack-setup-databases cloud:password@"$MYSQL_MASTER_SERVICE_HOST"
else
        echo "the value of CSM is not legal"
fi

echo_supervisord_conf > /etc/supervisord.conf
echo -e "[program:cloudstack-setup-management]\ncommand=cloudstack-setup-management" >> /etc/supervisord.conf
supervisord --nodaemon

assemble

#!/bin/bash -e
#
# S2I assemble script for the 'cs-base' image.
# The 'assemble' script builds your application source so that it is ready to run.
#
# For more information refer to the documentation:
#   https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md
#

# If the 'cs-base' assemble script is executed with the '-h' flag, print the usage.
if [[ "$1" == "-h" ]]; then
    exec /usr/libexec/s2i/usage
fi

# Restore artifacts from the previous build (if they exist).
#
if [ "$(ls /tmp/artifacts/ 2>/dev/null)" ]; then
  echo "---> Restoring build artifacts..."
  mv /tmp/artifacts/. ./
fi

echo "---> Installing cloudstack source code..."
#cp -Rf /tmp/src/. ./

echo "---> Building cloudstack from source with args -p noredist... "
# TODO: Add build steps for your application, eg npm install, bundle install, pip install, etc.
pushd /tmp/src/packaging/centos63/
sh package.sh -p noredist
popd


echo "---> move rpms and clean build data..."
cp -r /tmp/src/dist/rpmbuild/RPMS/x86_64/ /root/x86_64/
rm -rf /tmp/src/dist
rm -rf /root/.m2

echo "---> yum localinstall rpms..."

yum -y localinstall /root/x86_64/cloudstack-common-4.3.0*.rpm /root/x86_64/cloudstack-awsapi-4.3.0*.rpm /root/x86_64/cloudstack-management-4.3.0*.rpm

mysql主从配置

mysql master的配置

其dockerfile如下

# cloudstack-base
FROM centos:6.6

# TODO: Put the maintainer name in the image metadata
MAINTAINER bdt <bit_bdt@foxmail.com>

RUN yum -y update && yum install mysql-server -y && yum clean all -y

RUN chkconfig iptables off

COPY start.sh /usr/share/start.sh

RUN chmod 555 /usr/share/start.sh

EXPOSE 3306

CMD sh /usr/share/start.sh && /usr/bin/mysqld_safe

对应的start.sh内容如下：

sed -i "/\[mysqld\]/a server-id=1\nlog-bin=mysql-bin\nbinlog-format='ROW'" /etc/my.cnf
service mysqld start \
    && mysql -e \
    "SET PASSWORD = PASSWORD('password'); \
    CREATE USER 'root'@'%' IDENTIFIED BY 'password'; \
    CREATE USER 'repl'@'%' IDENTIFIED BY 'password'; \
    GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION; \
    GRANT REPLICATION SLAVE ON  *.* TO 'repl'@'%' IDENTIFIED BY 'password'; \
    flush privileges;"
service mysqld stop

mysql slave的配置