diff options
| author | Christian Heimes <christian@python.org> | 2015-10-16 19:27:40 +0200 |
|---|---|---|
| committer | Christian Heimes <christian@python.org> | 2015-10-16 19:27:40 +0200 |
| commit | 68be9151122af87552b0daf2dd213066f1546f91 (patch) | |
| tree | 3f3383db9f86985312430eb1e7c8b3be0ccb94af | |
| download | custodia_docker-68be9151122af87552b0daf2dd213066f1546f91.tar.gz custodia_docker-68be9151122af87552b0daf2dd213066f1546f91.tar.xz custodia_docker-68be9151122af87552b0daf2dd213066f1546f91.zip | |
initial commit
| -rw-r--r-- | .dockerignore | 7 | ||||
| -rw-r--r-- | .gitignore | 6 | ||||
| -rw-r--r-- | Dockerfile | 16 | ||||
| -rw-r--r-- | README | 1 | ||||
| -rw-r--r-- | kubernetes/custodia-server-claim.yaml | 12 | ||||
| -rw-r--r-- | kubernetes/custodia-server-rc.yaml | 40 | ||||
| -rw-r--r-- | kubernetes/custodia-server-service.yaml | 12 | ||||
| -rw-r--r-- | kubernetes/pv-nfs-custodia.yaml | 15 | ||||
| -rwxr-xr-x | push.sh | 16 | ||||
| -rwxr-xr-x | run.sh | 7 |
10 files changed, 132 insertions, 0 deletions
diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..9c891de --- /dev/null +++ b/.dockerignore @@ -0,0 +1,7 @@ +*.pyc +.*swp +__pycache__ + +push.sh +kubernetes +.git diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e21be1b --- /dev/null +++ b/.gitignore @@ -0,0 +1,6 @@ +*.pyc +.*swp +__pycache__ + +custodia + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..9fb330c --- /dev/null +++ b/Dockerfile @@ -0,0 +1,16 @@ +FROM fedora +MAINTAINER Christian Heimes + +RUN dnf -y update && dnf clean all +RUN dnf -y install dnf-plugins-core python python-flask python-requests && \ + dnf clean all +RUN dnf -y copr enable simo/jwcrypto && \ + dnf -y install python-jwcrypto python-cryptography && \ + dnf clean all + +VOLUME ["/custodia-data"] +EXPOSE 8080 + +ADD . /custodia-server + +CMD ["/custodia-server/run.sh"] @@ -0,0 +1 @@ +Custodia Docker container with Kubernetes example config diff --git a/kubernetes/custodia-server-claim.yaml b/kubernetes/custodia-server-claim.yaml new file mode 100644 index 0000000..ce7fb25 --- /dev/null +++ b/kubernetes/custodia-server-claim.yaml @@ -0,0 +1,12 @@ +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: custodia-data-claim + labels: + name: custodia-data-claim +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 100Mi diff --git a/kubernetes/custodia-server-rc.yaml b/kubernetes/custodia-server-rc.yaml new file mode 100644 index 0000000..2664190 --- /dev/null +++ b/kubernetes/custodia-server-rc.yaml @@ -0,0 +1,40 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: custodia-server + labels: + name: custodia-server +spec: + replicas: 1 + selector: + name: custodia-server + version: v1 + template: + metadata: + labels: + name: custodia-server + version: v1 + secrets_namespace: custodia + spec: + containers: + - name: custodia-server + image: 10.34.78.249:5000/custodia-server:latest + ports: + - containerPort: 8080 + name: custodia-server + volumeMounts: + # name must match the volume name below + - name: custodia-server-persistent-storage + # mount path within the container + mountPath: /custodia-data + - name: custodia + mountPath: /custodia + readOnly: true + volumes: + - name: custodia-server-persistent-storage + persistentVolumeClaim: + claimName: custodia-data-claim + - name: custodia + hostPath: + path: /var/lib/custodia/client + diff --git a/kubernetes/custodia-server-service.yaml b/kubernetes/custodia-server-service.yaml new file mode 100644 index 0000000..825b53b --- /dev/null +++ b/kubernetes/custodia-server-service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + name: customer-server + name: customer-server +spec: + ports: + - port: 8080 + targetPort: 8080 + selector: + name: custodia-server diff --git a/kubernetes/pv-nfs-custodia.yaml b/kubernetes/pv-nfs-custodia.yaml new file mode 100644 index 0000000..cb36f9d --- /dev/null +++ b/kubernetes/pv-nfs-custodia.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pvcustodia-data + labels: + name: custodia-data +spec: + capacity: + storage: 100Mi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + nfs: + path: /srv/kube-vol/custodia/data + server: 10.34.78.249 @@ -0,0 +1,16 @@ +#!/bin/sh +set -e + +REPOS=https://fedorapeople.org/cgit/simo/public_git/custodia.git + +if [ ! -d custodia ]; then + git clone $REPOS +fi + +pushd custodia > /dev/null +git pull --rebase +popd > /dev/null + +sudo docker build -t 10.34.78.249:5000/custodia-server . +sudo docker push 10.34.78.249:5000/custodia-server + @@ -0,0 +1,7 @@ +#!/bin/bash +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" + +export PYTHONPATH=$DIR/custodia +$DIR/custodia/custodia/custodia /custodia-data/custodia.conf +exit $? + |