Puppet Class: docker::baseimages

Defined in:
modules/docker/manifests/baseimages.pp

Overview

Classs: docker::baseimages

Helper class that builds standard base images

Parameters

*docker_registry

The url of the docker registry where images should be uploaded

proxy_address

The address of the proxy for downloading packages. Undefined by default

proxy_port

The port of said proxy, if present. Undefined by default.

distributions

List of distributions to build. Defaults to bullseye

skip_distro

List of distributions we want to set up build for but we don't want to include in build-base-images because it's being added now.

Parameters:

  • docker_registry (Stdlib::Host)
  • proxy_address (Optional[Stdlib::Host]) (defaults to: undef)
  • proxy_port (Optional[Stdlib::Port]) (defaults to: undef)
  • distributions (Array[String]) (defaults to: ['bullseye'])
  • skip_distro (Array[String]) (defaults to: [])


22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
# File 'modules/docker/manifests/baseimages.pp', line 22

class docker::baseimages(
    Stdlib::Host $docker_registry,
    Optional[Stdlib::Host] $proxy_address = undef,
    Optional[Stdlib::Port] $proxy_port = undef,
    Array[String] $distributions = ['bullseye'],
    Array[String] $skip_distro = [],
) {
    # We need docker running
    Service[docker] -> Class[docker::baseimages]

    ensure_packages(['debuerreotype'])

    file { '/srv/images':
        ensure => directory,
        owner  => 'root',
        group  => 'root',
        mode   => '0755',
    }

    file { '/srv/images/base':
        ensure => directory,
        owner  => 'root',
        group  => 'root',
        mode   => '0755',
    }

    $keyring = '/srv/images/base/wikimedia.pub.gpg'
    file { $keyring:
        ensure => present,
        source => 'puppet:///modules/docker/wikimedia.pub.gpg',
        owner  => 'root',
        group  => 'root',
        mode   => '0444',
    }

    file { '/usr/local/bin/build-base-images':
        content => template('docker/images/build-base-images.erb'),
        owner   => 'root',
        group   => 'root',
        mode    => '0544',
    }

    if ($proxy_address and $proxy_port) {
        $http_proxy = "http://${proxy_address}:${proxy_port}"
        $env = {
            'http_proxy'  => $http_proxy,
            'https_proxy' => $http_proxy,
            'no_proxy'    => [
                '127.0.0.1',
                '::1',
                '.wikimedia.org',
                '.wikipedia.org',
            ].join(',')
        }
    } else {
        $env = {}
    }
    # Cronjob to refresh the base images every week on sunday.
    systemd::timer::job { 'debian-weekly-rebuild':
        description         => 'Weekly job to rebuild the debian base images',
        command             => '/usr/local/bin/build-base-images',
        environment         => $env,
        interval            => {'start' => 'OnCalendar', 'interval' => 'Sun *-*-* 04:00:00'},
        user                => 'root',
        max_runtime_seconds => 86400,
    }

    # Add a script to build the bare minimum images using
    # debuerreotype.
    file { '/usr/local/bin/build-bare-slim':
        ensure => present,
        source => 'puppet:///modules/docker/build-bare-slim.sh',
        mode   => '0500',
    }

    # Basic dockerfile to build base images.
    file { '/srv/images/base/Dockerfile':
        ensure => present,
        source => 'puppet:///modules/docker/Dockerfile.slim'
    }

    # Generate the apt sources lists for all supported distros
    file {'/srv/images/base/sources':
        ensure => 'directory',
        owner  => 'root',
        group  => 'root',
        mode   => '0755',
    }

    $distributions.each |$distro| {
        file { "/srv/images/base/sources/${distro}":
            ensure => directory,
            owner  => 'root',
            group  => 'root',
            mode   => '0755',
        }

        file { "/srv/images/base/sources/${distro}.sources.list":
            ensure  => present,
            owner   => 'root',
            group   => 'root',
            mode    => '0755',
            content => template('docker/images/sourceslist.base.erb')
        }
    }
    file { '/srv/images/base/wikimedia.preferences':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0444',
        source => 'puppet:///modules/docker/wikimedia-apt-preferences'
    }
}