FusionForge

Difference between revisions of "Docker"

From FusionForge Wiki
Jump to: navigation, search
m
 
(11 intermediate revisions by one other user not shown)
Line 1: Line 1:
'''Docker Files are available in source code. This howto is now obsolete'''
+
[[Category: Development]]
  
 +
This howto takes as hypothesis that you are aware of docker and how to use docker.<br/>
 +
The docker container is not for production usage but for demo or testing.
 +
==Get the docker files==
 +
The docker files are published in the main fusionforge scm repository: [https://scm.fusionforge.org/anonscm/gitweb?p=fusionforge/fusionforge.git;a=tree;f=docker;h=f51c9423c524d7d744cc0bf0ec64fd13cf5012b4;hb=HEAD here]<br/>
 +
Download each file into a working directory.
 +
==Build the image==
 +
To build the image just use:
 +
# cd <your_working_directory>
 +
# docker build -t <your_image_name> .
 +
The build takes about 15 minutes.
 +
==Get the image from docker hub==
 +
The FusionForge image is published on docker hub [https://hub.docker.com/r/fusionforge/fusionforge/ repository]. You can pull the image from there. The new image is published almost every month for the master branch.
  
'''Creating a FusionForge development/tests environment using Docker containers'''
+
==Run the container==
 +
FusionForge requires a valid FQDN and the container exposes 4 ports:
 +
* 21 for ftp access
 +
* 22 for ssh access
 +
* 80 & 443 for http & https access
 +
You need to map these ports locally.<br/>
 +
You can use some variables to set the internal configuration of FusionForge:
 +
* PORT_SSH will configure the ssh port for plugins such as scmgit or scmsvn
 +
* PORT_HTTP will configure the internal URL to build the different http link
 +
* PORT_HTTPS ditto PORT_HTTP but for https
 +
FusionForge includes vsftpd server with chroot mechanism. This mechanism uses the mount command to bind internal folders. Therefore you need the CAP_SYS_ADMIN capability to get ftp features working properly. Use
 +
Standard running command:
 +
# docker run --cap-add=SYS_ADMIN -h <your_valid_fqdn> -e PORT_SSH=2222 -p 2222:22 -p 21:21 -p 80:80 -p 443:443 -d <your_image_name>
  
This HOWTO is meant to illustrate how Docker lightweight containers can be used to set-up a development and test environment for FusionForge, '''when it is complete'''.
+
==Set admin password==
 
+
By default FusionForge installation comes with one user: admin but no password is set to this user. You need to set the password of admin user. Use the following command to connect to the container:
'''This document is work in progress and is probably misleading in the current state, sorry.'''
+
# docker exec -it <container_id> /bin/bash
 
+
Then set the admin user password
The principle is to prepare an image of a Debian distribution containing an installation of PostgreSQL and Apache2 which can be used to create a container where FusionForge will be installed.
+
# forge_set_password admin <your_password>
 
+
==Use the container==
A similar setup can probably be achieved using other distribution packages.
+
Open your browser and go to <your_valid_fqdn><br/>
 
+
You can connect as user with the login/password: admin/<your_password><br/>
== Installing Docker on Debian testing/sid ==
+
Enjoy!
 
 
Install the package (note that the 'docker' command is renamed in 'docker.io' to avoid conflict with a pre-existing package):
 
apt-get install docker.io
 
ln -s /usr/bin/docker.io /usr/local/bin/docker
 
 
 
If you already played with LXC/cgroups, make sure you '''remove''' your /sys/fs/cgroup entry from /etc/fstab, and let the cgroupfs-mount package take care of it, otherwise you'll get clear and informative errors such as:
 
[error] client.go:2329 Error getting size: bad file descriptor
 
 
 
 
 
== Creating a base Debian stable image containing OpenSSH and runit ==
 
 
 
It is possible to achieve the same goal using different manual steps, but we will directly reuse a Debian variant of baseimage-docker, which provides all the necessary bits, in order to simulate a VM in a docker container.
 
 
 
==== Create Debian stable baseimage-docker image ====
 
 
 
See : https://github.com/olberger/baseimage-docker/tree/wheezy which contains a modified version of baseimage-docker for Debian. We'll use the stable/wheezy version.
 
 
 
git clone -b wheezy https://github.com/olberger/baseimage-docker
 
cd baseimage-docker/image
 
sudo docker build -t=YOURUSER/baseimage-docker-debian:wheezy .
 
 
 
== Build a Docker image for the fusionforge test suite ==
 
 
 
We will build a fusionforge image containing a similar setup as the one of the development VM.
 
 
 
=== Prepare the test suite image ===
 
 
 
Get a copy of the Dockerfile in obergix's repo and build the image.
 
 
 
Edit Dockerfile with your favorite values for :
 
 
 
<code>
 
: FROM YOURUSER/baseimage-docker-debian:wheezy
 
: MAINTAINER your@address.mail
 
</code>
 
 
 
Then run :
 
 
 
git clone -b docker https://fusionforge.org/anonscm/git/fusionforge/users/olberger.git
 
cd fusionforge/vm/docker
 
cp ../packer/scripts/fusionforge-source.sh ./
 
docker build -t=YOURUSER/fusionforge .
 
 
 
<code>
 
: if you need to use proxy to access internet, think about options "--build-arg http_proxy=$http_proxy --build-arg https_proxy=$http_proxy"
 
</code>
 
 
 
=== Creating a container ===
 
 
 
Use the dockerfile to create a container with something like :
 
<code>
 
: $ docker run -t -d -p 2222:22 -p 8080:80 -p 4443:443 -h forge.internal YOURUSER/fusionforge
 
</code>
 
 
 
''Voilà'', FusionForge should then be installed and available at: <tt>https://localhost:4443/</tt>.
 
 
 
=== Forge configuration ===
 
 
 
Modify the host by editing <tt>/etc/gforge/config.ini.d/zzzz-local.ini</tt> to add :
 
 
 
<nowiki>
 
[core]
 
web_host = localhost
 
https_port = 4443
 
</nowiki>
 
 
 
The <tt>admin</tt> user's password can then be reset using:
 
 
 
<code>
 
: root@2eebbd24093c:/usr/share/gforge# bin/forge_set_password admin whatever123
 
</code>
 
 
 
allowing you to login at <tt>https://localhost:4443/account/login.php?return_to=/</tt> with user <tt>admin</tt> and password <tt>whatever123</tt>.
 
 
 
 
 
=== Saving the installation in a Docker image ===
 
 
 
At any time, the container which contains an installation of FusionForge can be saved as an image with the following (where 5.2.3-1 is the tag set to the value of the Debian package version in unstable):
 
 
 
<code>
 
: $ docker commit 9060bc9d0b94 myfusionforge/ff-minimal:5.2.3-1
 
</code>
 
 
 
Note: it may be advisable to first stop apache2 and postgresql before saving the image... TO BE TESTED
 
 
 
A new container can then be created from that image, using something like:
 
 
 
<code>
 
: $ docker run -t -d -p 2222:22 -p 8080:80 -p 4443:443 myfusionforge/ff-minimal:5.2.3-1 /usr/sbin/runsvdir-start
 
</code>
 
 
 
=== Sharing files between host and guest ===
 
 
 
To ease the process of testing changes on the guest, by directly modifying files from the host, it may be useful to share the contents of <tt>/usr/share/gforge</tt> between the host and guest.
 
 
 
This can be done, before installing fusionforge, by launching the PostgreSQL + Apache 2 container with something like :
 
<code>
 
: $ docker run -v ~/docker/usr-share-gforge:/usr/share/gforge -t -d -p 2222:22 -p 8080:80 -p 4443:443 myfusionforge/sid_postgresql
 
</code>
 
 
 
This will install all fusionforge files so that they can be edited (sudo helps) directly from the host in <tt>~/docker/usr-share-gforge</tt>
 
 
 
== Troubleshootings / FIXME ==
 
 
 
Things to fix:
 
* need to regen SSH keys, workaround:
 
sudo chroot /var/lib/docker/containers/6cf...gnagnagna.../root/
 
dpkg-reconfigure openssh-server
 
* SSH key access is replaced by a password (why not), but sshd_config not updated (duh!), so comment out and restart openssh (how?) or commit/restart the container:
 
#PermitRootLogin without-password
 
* gforge-db-postgresql failing during SQL initial replay, at first glance due to missing:
 
DEBIAN_FRONTEND=noninteractive
 

Latest revision as of 20:29, 25 September 2017


This howto takes as hypothesis that you are aware of docker and how to use docker.
The docker container is not for production usage but for demo or testing.

Get the docker files

The docker files are published in the main fusionforge scm repository: here
Download each file into a working directory.

Build the image

To build the image just use:

# cd <your_working_directory>
# docker build -t <your_image_name> .

The build takes about 15 minutes.

Get the image from docker hub

The FusionForge image is published on docker hub repository. You can pull the image from there. The new image is published almost every month for the master branch.

Run the container

FusionForge requires a valid FQDN and the container exposes 4 ports:

  • 21 for ftp access
  • 22 for ssh access
  • 80 & 443 for http & https access

You need to map these ports locally.
You can use some variables to set the internal configuration of FusionForge:

  • PORT_SSH will configure the ssh port for plugins such as scmgit or scmsvn
  • PORT_HTTP will configure the internal URL to build the different http link
  • PORT_HTTPS ditto PORT_HTTP but for https

FusionForge includes vsftpd server with chroot mechanism. This mechanism uses the mount command to bind internal folders. Therefore you need the CAP_SYS_ADMIN capability to get ftp features working properly. Use Standard running command:

# docker run --cap-add=SYS_ADMIN -h <your_valid_fqdn> -e PORT_SSH=2222 -p 2222:22 -p 21:21 -p 80:80 -p 443:443 -d <your_image_name>

Set admin password

By default FusionForge installation comes with one user: admin but no password is set to this user. You need to set the password of admin user. Use the following command to connect to the container:

# docker exec -it <container_id> /bin/bash

Then set the admin user password

# forge_set_password admin <your_password>

Use the container

Open your browser and go to <your_valid_fqdn>
You can connect as user with the login/password: admin/<your_password>
Enjoy!