Puppet Class: docker::baseimages

Defined in:
modules/docker/manifests/baseimages.pp

Overview

Classs: docker::baseimages

Helper class that builds standard base images

Parameters

*docker_registry

The url of the docker registry where images should be uploaded

proxy_address

The address of the proxy for downloading packages. Undefined by default

proxy_port

The port of said proxy, if present. Undefined by default.

distributions

List of distributions to build. Defaults to stretch

Parameters:

  • docker_registry (Stdlib::Host)
  • proxy_address (Optional[Stdlib::Host]) (defaults to: undef)
  • proxy_port (Optional[Stdlib::Port]) (defaults to: undef)
  • distributions (Array[String]) (defaults to: ['stretch'])


18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# File 'modules/docker/manifests/baseimages.pp', line 18

class docker::baseimages(
    Stdlib::Host $docker_registry,
    Optional[Stdlib::Host] $proxy_address = undef,
    Optional[Stdlib::Port] $proxy_port = undef,
    Array[String] $distributions = ['stretch'],
) {
    # We need docker running
    Service[docker] -> Class[docker::baseimages]

    ensure_packages(['debuerreotype'])

    file { '/srv/images':
        ensure => directory,
        owner  => 'root',
        group  => 'root',
        mode   => '0755',
    }

    file { '/srv/images/base':
        ensure => directory,
        owner  => 'root',
        group  => 'root',
        mode   => '0755',
    }

    $keyring = '/srv/images/base/wikimedia.pub.gpg'
    file { $keyring:
        ensure => present,
        source => 'puppet:///modules/docker/wikimedia.pub.gpg',
        owner  => 'root',
        group  => 'root',
        mode   => '0444',
    }

    file { '/usr/local/bin/build-base-images':
        content => template('docker/images/build-base-images.erb'),
        owner   => 'root',
        group   => 'root',
        mode    => '0544',
    }

    if ($proxy_address and $proxy_port) {
        $http_proxy = "http://${proxy_address}:${proxy_port}"
        $env = { 'http_proxy' => $http_proxy, 'https_proxy' => $http_proxy}
    } else {
        $env = {}
    }
    # Cronjob to refresh the base images every week on sunday.
    systemd::timer::job { 'debian-weekly-rebuild':
        description         => 'Weekly job to rebuild the debian base images',
        command             => '/usr/local/bin/build-base-images',
        environment         => $env,
        interval            => {'start' => 'OnCalendar', 'interval' => 'Sun *-*-* 04:00:00'},
        user                => 'root',
        max_runtime_seconds => 86400,
    }

    # Add a script to build the bare minimum images using
    # debuerreotype.
    file { '/usr/local/bin/build-bare-slim':
        ensure => present,
        source => 'puppet:///modules/docker/build-bare-slim.sh',
        mode   => '0500',
    }

    # Basic dockerfile to build base images.
    file { '/srv/images/base/Dockerfile':
        ensure => present,
        source => 'puppet:///modules/docker/Dockerfile.slim'
    }

    # Generate the apt sources lists for all supported distros
    file {'/srv/images/base/sources':
        ensure => 'directory',
        owner  => 'root',
        group  => 'root',
        mode   => '0755',
    }

    # TODO: switch to use $distributions at the end of the transition
    ['stretch', 'buster', 'bullseye'].each |$distro| {
        file { "/srv/images/base/sources/${distro}":
            ensure => directory,
            owner  => 'root',
            group  => 'root',
            mode   => '0755',
        }

        file { "/srv/images/base/sources/${distro}.sources.list":
            ensure  => present,
            owner   => 'root',
            group   => 'root',
            mode    => '0755',
            content => template('docker/images/sourceslist.base.erb')
        }
    }
    file { '/srv/images/base/wikimedia.preferences':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0444',
        source => 'puppet:///modules/docker/wikimedia-apt-preferences'
    }
}