Allow to run on read only root fs 48/109548/4
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>
Thu, 25 Jun 2020 12:13:58 +0000 (14:13 +0200)
committerIkram Ikramullah <ikram@research.att.com>
Wed, 12 Aug 2020 20:09:00 +0000 (20:09 +0000)
In order to be able to run on read only root fs, two changes have been
done:

* unpack tomcat war at container creation
* launch the property file configuration conditionnally

If "ON_KUBERNETES" environment variable is set to "TRUE" (default is
"FALSE" for backward compatibility), the proper have to be set at boot
via configmap on Kubernetes for example.

Changes are backward compatible and shouldn't change actual behavior per
default.

Issue-ID: VID-850
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6f96e2ca55093ee899be18d6ce4c2dfd7c1a5792

deliveries/src/main/docker/docker-files/Dockerfile
deliveries/src/main/scripts/localize.sh

index 0279750..1d95efa 100755 (executable)
@@ -1,3 +1,10 @@
+FROM openjdk:11-jdk-slim as build
+
+ADD maven/artifacts/vid.war /stage/
+WORKDIR /vid
+RUN jar -xf /stage/vid.war
+RUN rm -f *.war
+
 FROM tomcat:9-jdk11-openjdk-slim
 
 # add vim and uncomment alias to speedup troubleshooting purpose
@@ -17,6 +24,10 @@ RUN groupadd -r $group && useradd -ms /bin/bash $user -g $group && \
     mkdir /var/log/$user && \
     chown -R $user:$group /var/log/$user
 
+# Kubernetes variables
+# set to TRUE (in capital) if on Kubernetes
+ENV ON_KUBERNETES="FALSE"
+
 # MariaDB variables
 ENV VID_MYSQL_HOST="vid-mariadb-docker-instance" \
   VID_MYSQL_PORT="3306" \
@@ -97,9 +108,10 @@ ENV JAVA_OPTS="-Xmx1536m -Xms1536m"
 
 ADD maven/config/server.xml ${VID_TOMCAT_PATH}
 ADD maven/scripts/*.sh /tmp/vid/
-ADD maven/artifacts/vid.war /tmp/vid/stage/
-
 RUN chown $user:$group /tmp/vid /usr/local/tomcat -R
+
+COPY --chown=$user:$group --from=build /vid /usr/local/tomcat/webapps/vid/
+
 RUN chmod +x /tmp/vid/localize.sh
 USER $user
 CMD ["/tmp/vid/localize.sh"]
index d149e3b..e4b8c22 100755 (executable)
@@ -13,20 +13,14 @@ createWritableLogbackConfig() {
   cp -f /tmp/logback.xml /tmp/vid/logback.xml
 }
 
-deployWarOnTomcatManually() {
-  cd /usr/local/tomcat/webapps/
-  mkdir vid
-  cd vid
-  jar -xf /tmp/vid/stage/vid.war
-}
-
-
-createWritableLogbackConfig
-deployWarOnTomcatManually
-
-TEMPLATES_BASE_DIR=/usr/local/tomcat/webapps/vid/WEB-INF
-
-fillTemplateProperties ${TEMPLATES_BASE_DIR}
+if [ "${ON_KUBERNETES}" = "TRUE" ]
+then
+  echo "We're running on Kubernetes, preconfiguration is already handled"
+else
+  createWritableLogbackConfig
+  TEMPLATES_BASE_DIR=/usr/local/tomcat/webapps/vid/WEB-INF
+  fillTemplateProperties ${TEMPLATES_BASE_DIR}
+fi
 
 # Set CATALINA_OPTS if not defined previously
 # Enables late-evaluation of env variables, such as VID_KEYSTORE_PASSWORD