Issue/jperf 445 sudo dind #5
Conversation
dagguh
force-pushed
the
issue/JPERF-445-sudo-dind
branch
from
d3b4a6b to
e7bfbd8
Compare
Augment the vast `docker-java` lib rather than hiding it under our layers. Drop `testcontainers` in favor of the underlying `docker-java` API. Use `com.atlassian.performance.tools:ssh` for more interoperability. This new API is already tested in `virtual-users` (merged for weeks) and locally in `infrastructure` (tested tens of times today).
dagguh
force-pushed
the
issue/JPERF-445-sudo-dind
branch
from
e7bfbd8 to
146079f
Compare
| @@ -29,14 +27,14 @@ configurations.all { | |||
| } | |||
|
|
|||
| dependencies { | |||
| api("com.atlassian.performance.tools:ssh:[2.0.0,3.0.0)") | |||
There was a problem hiding this comment.
Do we have to add an ssh client to the ssh-ubuntu lib?
There was a problem hiding this comment.
Pros:
- the consumer can immediately interact with the Ubuntu via SSH, no need to translate APIs
- the consumer doesn't have to search for and decide on an SSH client library
- ❗️ we can preinstall
sudoas a part of API
Cons:
- bigger dependency tree - more conflicts to resolve (unless we start using ranges)
- doesn't let users choose their own SSH client lib
There was a problem hiding this comment.
We could avoid the cons and keep pros by introducing another module.
| * @param [ports] Binds container ports to host address space. | ||
| * @param [peerIp] Addresses the Ubuntu within the Docker network. | ||
| */ | ||
| class SshUbuntuContainer internal constructor( |
There was a problem hiding this comment.
Internal constructor means nothing to the java consumer of the library.
There was a problem hiding this comment.
True. Hmm, so we make it public and wait and see if we need to add fields later?
There was a problem hiding this comment.
We were experimenting with private constructor + factory method. The function will be visible from java, but the user will be warned.
We can also make it public, I'm not insisting.
| @@ -0,0 +1,7 @@ | |||
| package com.atlassian.performance.tools.sshubuntu.api | |||
|
|
|||
| interface SshUbuntuImage { | |||
There was a problem hiding this comment.
Is it an API or SPI? Can I use own implementations as a user of the library?
There was a problem hiding this comment.
Initially there was no interface at all. I added it to mimic the original ssh-ubuntu design.
Perhaps it's unnecessary. TBH I'm not sure about the value here.
| .exec(PullImageResultCallback()) | ||
| .awaitCompletion() | ||
| return docker | ||
| .createContainerCmd("rastasheep/ubuntu-sshd:16.04") |
There was a problem hiding this comment.
What license does the image use?
There was a problem hiding this comment.
Default one, good catch
rastasheep/ubuntu-sshd#25
There was a problem hiding this comment.
Wait a minute...
https://github.com/atlassian/ssh-ubuntu/blob/release-0.1.0/docker/Dockerfile
Currently we're using the same base
| fun shouldStartUbuntu() { | ||
| val docker = DockerClientBuilder.getInstance().build() | ||
| val osName = docker | ||
| .createNetworkCmd() |
There was a problem hiding this comment.
Is the low-level knowledge about docker networks needed to use the library?
There was a problem hiding this comment.
In this form it is. Adding network optionality complicated the implementation.
Pros:
- simpler, non-branching implementation
- exposes the consumer to the real complexity of networks: internal/external addresses/ports - necessary context when dealing with browsers connecting to servers (VU tests) or servers polling themselves locally (infra upgrade REST polling)
Cons:
- it's extra complexity for the users who do not care about connecting multiple containers
There was a problem hiding this comment.
We definitely have to leave the option for networks, but we might invest into making the usage easier for simpler use cases. I'm not sure if it's worth it. I used this code in multiple tests already and the network creation was easily hidden by a local reused method. Perhaps we should wait and see if it's actually a problem.
src/main/kotlin/com/atlassian/performance/tools/sshubuntu/api/docker/ConnectedContainer.kt
Show resolved
Hide resolved
| implementation("org.jetbrains.kotlin:kotlin-stdlib-jdk8:$kotlinVersion") | ||
| implementation("org.testcontainers:testcontainers:1.10.5") |
There was a problem hiding this comment.
I can try to shrink the scope if it's possible to implement DIND and sudo via testcontainers. I could leave out the autocloseables as well and stick to the existing coarse-grained cleanup mechanisms (leaving leftovers if there's an exception somewhere in the middle of ssh-ubuntu.
There was a problem hiding this comment.
The upshot is: this is already tested in VUs and has less external dependencies (like Docker publishing).
Locally I rewrote infra for this (basically a find and replace) and it's all green and still fast.
| @@ -29,14 +27,14 @@ configurations.all { | |||
| } | |||
|
|
|||
| dependencies { | |||
| api("com.atlassian.performance.tools:ssh:[2.0.0,3.0.0)") | |||
There was a problem hiding this comment.
Pros:
- the consumer can immediately interact with the Ubuntu via SSH, no need to translate APIs
- the consumer doesn't have to search for and decide on an SSH client library
- ❗️ we can preinstall
sudoas a part of API
Cons:
- bigger dependency tree - more conflicts to resolve (unless we start using ranges)
- doesn't let users choose their own SSH client lib
|
Perhaps this PR is overkill for the purposes of Here's an alternative, which is not a shotgun surgery: #6 |
|
This PR is closed, because #6 has won the competition and got merged |
No description provided.