Pillar support?

[dizzythinks]

Looking through the example I see it's doing general state stuff. Does it support accessing pillar information as well?

[adamfeuer]

@dizzythinks We haven't needed SaltStack pillar support, but this could be added pretty easily.

The reason we haven't needed pillar support is that we're using this to build Docker images that would be instantiated later (build time), rather than being managed by Salt when they are running (run time). But I can see that it might be handy to put some configuration options in pillars.

What do you want to do with the pillars? What would you need it for?

[dizzythinks]

I was thinking specifically of using masterless pillar at build time for things like nginx config files where I might want to use different values for things like paths to SSL certs, server name variables etc based on different environments potentially, or just generally the ability to use Jinja.

I have a fairly rich repository for saltstack already that uses a number of template driven methods to configure and am looking to do a migration piece to docker and would like to minimise potential rewrite of things.

[dizzythinks]

Sorry when I say build time I mean building a container that has relevant configuration included that is built from Jinja templating in some cases.

[dizzythinks]

Being able to use the nginx formula is a good example of where pillar support would be handy.

[adamfeuer]

@dizzythinks So you would like to have pillar files copied to the right place on the minion then? Would you be willing to share a repo or point me at an example that uses pillars that I could use to try out some code?

[dizzythinks]

Yeah, basically I was thinking that in the example where there is is the salt folder there could also be a pillar folder. I can create a little sample for you tomorrow to have a look at as I'm in the UK. Will drop a link in here in the morning if that's ok. Really appreciate you taking the time to look!

[adamfeuer]

@dizzythinks It would be great if you could send an example! What would be great is some sls/pillar files that you know work, and with a sentence or two about what you would like to have happen with FlyingCloud. If you can do that I can think about how to implement it and maybe take a shot at adding this-

[dizzythinks]

Hi, I have thrown some really simple example of what I was thinking up here: https://github.com/dizzythinks/flyingcloud-example

Let me know if its not enough or sufficient.

Thanks again

[adamfeuer]

@dizzythinks Thanks for the example - that should be sufficient. I will take a shot at it and let you know when I have something that works so you can try it out.

[georgevreilly]

Sounds like a great idea. I'm going to leave this in @adamfeuer's hands for now.

[adamfeuer]

@dizzythinks I added your example to this branch: https://github.com/cookbrite/flyingcloud/tree/feature/pillar-support/examples/nginx-pillar

I'm going to give it a try now... might take a bit before I get something working.

[adamfeuer]

@dizzythinks Seems each pillar should be a directory, with its own top.sls file that can include other pillar .sls files, so that on the docker container they will be located at /srv/salt/pillar/top.sls, like the example here: pillar walkthrough. This is a little different from what you are thinking- you had each pillar be a self-contained file, but that doesn't quite match the docs.

I'm going to do it the way shown in the SaltStack example- but am open to doing it differently, let me know your thoughts.

[dizzythinks]

No that's cool, my example was more for easy demarcation in the repo, but with the idea that pillar/dev/top.sls or pillar/qa/top/sls could be mounted into the container as /srv/salt/pillar/top.sls so all good thanks as I can handle that on the CI side.

[adamfeuer]

@dizzythinks Ok got basic pillar support working on this branch. You can pull it and try to build the example. Here's the workflow:

cd examples/nginx-pillar
# build the base layer
flyingcloud --debug --build sysbase 
# build the nginx pillar example using the pillar configured in its layer.yaml file
flyingcloud --debug --build nginx
# build the nginx pillar example, specifying the qa pillar to override what is in the layer.yaml
flyingcloud --debug --pillar qa --build nginx

The example underwent some changes to get it working, will you look at it to see if it will work for you?

[dizzythinks]

Thanks @adamfeuer I will get on to this today and try it out.

[dizzythinks]

@adamfeuer this looks perfect and works in exactly the way I imagined pretty much. The changes in the pillar structure are fine as I made the mistake of forgetting it was a masterless example so missed out the top.sls

One thing that might be nice - although it could be fixed with a script after use - would be if pillar is used that the container image name is suffixed with the pillar used? e.g. quay.io/cookbrite/nginx_pillar_nginx_dev or maybe that could be in the tag?

Like I say, I can do that myself around this if it breaks the pattern behaviour of flyingcloud. Either way this is brilliant and as I say, exactly how I imagined it working.

[adamfeuer]

@dizzythinks Cool, I'm glad this works for you. It will be pretty easy to add the pillar name to the image tag. I'll take a shot at that soon.

Then need to write some tests so I can do a Pull Request.

[adamfeuer]

@dizzythinks I added the pillar name to the docker tag - only happens if there is a pillar specified. (Here's the commit.) Will you check this out and see if it's what you imagined?

I'll work on some tests this weekend and see if can get this reviewed and merged.

[dizzythinks]

@adamfeuer I've pulled the change - checked the git log to be sure - but it doesn't seem to work for me. It seems to always tag as "dev" even when explicitly setting --pilar qa

    2017-02-22 09:19:06,648 - flyingcloud.base - INFO - Using pillar 'qa' and setting pillar_dir to '/home/philhuk/flyingcloud-pillar/flyingcloud/examples/nginx-pillar/pillar/qa'.
    2017-02-22 09:19:06,648 - flyingcloud.base - INFO - Using pillar 'qa' and setting pillar_dir to '/home/philhuk/flyingcloud-pillar/flyingcloud/examples/nginx-pillar/pillar/qa'.
    2017-02-22 09:19:06,648 - flyingcloud.base - INFO - Build starting...
    2017-02-22 09:19:06,649 - flyingcloud.base - INFO - Disk Usage '/': usage(total=197931847680, used=87426260992, free=100427567104)
    2017-02-22 09:19:06,649 - flyingcloud.base - INFO - Disk Usage '/home/philhuk/.docker': usage(total=197931847680, used=87426260992, free=100427567104)
    2017-02-22 09:19:06,649 - flyingcloud.base - INFO - Disk Usage '/var/lib/docker': usage(total=197931847680, used=87426260992, free=100427567104)
    2017-02-22 09:19:06,649 - flyingcloud.base - INFO - Disk Usage '/tmp': usage(total=197931847680, used=87426260992, free=100427567104)
    2017-02-22 09:19:06,673 - flyingcloud.base - INFO - Docker Info: {u'ContainersPaused': 0, u'Labels': None, u'DefaultRuntime': u'runc', u'CgroupDriver': u'cgroupfs', u'ContainersRunning': 0, u'NGoroutines': 23, u'Swarm': {u'Managers': 0, u'ControlAvailable': False, u'NodeID': u'', u'Cluster': {u'Spec': {u'Raft': {}, u'CAConfig': {}, u'Dispatcher': {}, u'Orchestration': {}, u'TaskDefaults': {}}, u'Version': {}, u'ID': u'', u'CreatedAt': u'0001-01-01T00:00:00Z', u'UpdatedAt': u'0001-01-01T00:00:00Z'}, u'Nodes': 0, u'Error': u'', u'RemoteManagers': None, u'LocalNodeState': u'inactive', u'NodeAddr': u''}, u'LoggingDriver': u'json-file', u'OSType': u'linux', u'HttpProxy': u'', u'Runtimes': {u'runc': {u'path': u'runc'}}, u'DriverStatus': [[u'Root Dir', u'/var/lib/docker/aufs'], [u'Backing Filesystem', u'extfs'], [u'Dirs', u'167'], [u'Dirperm1 Supported', u'true']], u'OperatingSystem': u'Ubuntu 16.04.2 LTS', u'Containers': 22, u'HttpsProxy': u'', u'BridgeNfIp6tables': True, u'MemTotal': 8271765504, u'Driver': u'aufs', u'IndexServerAddress': u'https://index.docker.io/v1/', u'ClusterStore': u'', u'ExecutionDriver': u'', u'SystemStatus': None, u'OomKillDisable': True, u'ClusterAdvertise': u'', u'SystemTime': u'2017-02-22T09:19:06.672222064Z', u'Name': u'noodle-xps', u'CPUSet': True, u'RegistryConfig': {u'InsecureRegistryCIDRs': [u'127.0.0.0/8'], u'IndexConfigs': {u'docker.io': {u'Official': True, u'Name': u'docker.io', u'Secure': True, u'Mirrors': None}}, u'Mirrors': None}, u'SecurityOptions': [u'apparmor', u'seccomp'], u'ContainersStopped': 22, u'NCPU': 4, u'NFd': 14, u'Architecture': u'x86_64', u'KernelMemory': True, u'CpuCfsQuota': True, u'Debug': False, u'ID': u'GQHH:INE4:BL2V:6MCI:XYX6:2JO4:KI2C:2F26:DGOK:5PDR:HIGM:YP43', u'IPv4Forwarding': True, u'KernelVersion': u'4.4.0-63-generic', u'BridgeNfIptables': True, u'NoProxy': u'', u'LiveRestoreEnabled': False, u'ServerVersion': u'1.12.3', u'CpuCfsPeriod': True, u'ExperimentalBuild': False, u'MemoryLimit': True, u'SwapLimit': False, u'Plugins': {u'Volume': [u'local'], u'Network': [u'overlay', u'bridge', u'host', u'null'], u'Authorization': None}, u'Images': 95, u'DockerRootDir': u'/var/lib/docker', u'NEventsListener': 0, u'CPUShares': True}
    2017-02-22 09:19:06,673 - flyingcloud.base - INFO - Starting salt_highstate: source_image_name=quay.io/cookbrite/nginx_pillar_sysbase:latest, container_name=nginx_pillar_nginx, salt_dir=/home/philhuk/flyingcloud-pillar/flyingcloud/examples/nginx-pillar/salt/nginx
    2017-02-22 09:19:06,673 - flyingcloud.base - INFO - Creating container 'nginx_pillar_nginx' from image quay.io/cookbrite/nginx_pillar_sysbase:latest
    2017-02-22 09:19:06,674 - flyingcloud.base - INFO - create_container: {u'environment': {}, u'name': u'nginx_pillar_nginx', 'volumes': [u'/srv/pillar', u'/srv/salt'], u'image': u'quay.io/cookbrite/nginx_pillar_sysbase:latest', u'detach': True, 'host_config': {'Binds': [u'/home/philhuk/flyingcloud-pillar/flyingcloud/examples/nginx-pillar/pillar/qa:/srv/pillar:rw', u'/home/philhuk/flyingcloud-pillar/flyingcloud/examples/nginx-pillar/salt/nginx:/srv/salt:rw'], 'PortBindings': {}}, u'ports': []}
    2017-02-22 09:19:06,785 - flyingcloud.base - INFO - Created container 2e177aad22fb, result={u'Id': u'2e177aad22fb782406074e77bd80e90a22c26aa69c4e9772d51bb13f21eb2757', u'Warnings': None}
    2017-02-22 09:19:06,990 - flyingcloud.base - INFO - About to start Salting
    2017-02-22 09:19:06,991 - flyingcloud.base - INFO - Running [u'salt-call', u'--local', u'state.highstate'] in container 2e177aad22fb
    2017-02-22 09:19:22,689 - flyingcloud.base - INFO - Finished Salting: duration=0:16 minutes
    2017-02-22 09:19:23,390 - flyingcloud.base - INFO - Committed quay.io/cookbrite/nginx_pillar_nginx_dev:2017-02-22t091906z: result={u'Id': u'sha256:3e001bfa9aa2c32cca1c2b196e2ee90ee5c471f7df57a3d589749c8ab40ea237'}
    2017-02-22 09:19:23,390 - flyingcloud.base - INFO - docker_cleanup 2e177aad22fb782406074e77bd80e90a22c26aa69c4e9772d51bb13f21eb2757
    2017-02-22 09:19:23,982 - flyingcloud.base - INFO - Not squashing layer quay.io/cookbrite/nginx_pillar_nginx_dev:2017-02-22t091906z
    2017-02-22 09:19:23,982 - flyingcloud.base - INFO - Tagging image quay.io/cookbrite/nginx_pillar_nginx_dev:2017-02-22t091906z as repo=quay.io/cookbrite/nginx_pillar_nginx_dev, tag=latest
    2017-02-22 09:19:23,998 - flyingcloud.base - INFO - Not pushing Docker layers.
    2017-02-22 09:19:23,998 - flyingcloud.base - INFO - Build finished

[adamfeuer]

@dizzythinks Thanks for finding that! I think I know what's wrong, will try to fix it tonight.

[adamfeuer]

@dizzythinks ok, I think I fixed it, will you try this one with both qa and dev pillars? I did it and it seems to set the tag names correctly now.

[adamfeuer]

Here's a run setting the qa pillar:

$ flyingcloud --pillar qa --build nginx
2017-02-22 21:53:04,362 - flyingcloud.base - INFO - Using pillar 'qa' and setting pillar_dir to '/Users/adam/src/flyingcloud/examples/nginx-pillar/pillar/qa'.
2017-02-22 21:53:04,362 - flyingcloud.base - INFO - Using pillar 'qa' and setting pillar_dir to '/Users/adam/src/flyingcloud/examples/nginx-pillar/pillar/qa'.
2017-02-22 21:53:04,362 - flyingcloud.base - INFO - Build starting...
2017-02-22 21:53:04,365 - flyingcloud.base - INFO - Disk Usage '/': usage(total=249769230336, used=209441697792, free=40065388544)
2017-02-22 21:53:04,365 - flyingcloud.base - INFO - Disk Usage '/Users/adam/.docker': usage(total=249769230336, used=209441697792, free=40065388544)
2017-02-22 21:53:04,366 - flyingcloud.base - INFO - Disk Usage '/var/folders/2h/fjtk0g3d5n334qwxj1tcq9f40000gn/T': usage(total=249769230336, used=209441697792, free=40065388544)
2017-02-22 21:53:04,404 - flyingcloud.base - INFO - Docker Info: {u'ContainersPaused': 0, u'Labels': None, u'CgroupDriver': u'cgroupfs', u'ContainersRunning': 0, u'ContainerdCommit': {u'Expected': u'aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1', u'ID': u'aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1'}, u'InitBinary': u'docker-init', u'NGoroutines': 28, u'Swarm': {u'Managers': 0, u'ControlAvailable': False, u'NodeID': u'', u'Cluster': {u'Spec': {u'TaskDefaults': {}, u'Orchestration': {}, u'EncryptionConfig': {u'AutoLockManagers': False}, u'Raft': {u'HeartbeatTick': 0, u'ElectionTick': 0}, u'CAConfig': {}, u'Dispatcher': {}}, u'Version': {}, u'ID': u'', u'CreatedAt': u'0001-01-01T00:00:00Z', u'UpdatedAt': u'0001-01-01T00:00:00Z'}, u'Nodes': 0, u'Error': u'', u'RemoteManagers': None, u'LocalNodeState': u'inactive', u'NodeAddr': u''}, u'LoggingDriver': u'json-file', u'OSType': u'linux', u'HttpProxy': u'', u'Runtimes': {u'runc': {u'path': u'docker-runc'}}, u'DriverStatus': [[u'Backing Filesystem', u'extfs'], [u'Supports d_type', u'true'], [u'Native Overlay Diff', u'true']], u'OperatingSystem': u'Alpine Linux v3.5', u'Containers': 12, u'HttpsProxy': u'', u'BridgeNfIp6tables': True, u'MemTotal': 2095988736, u'SecurityOptions': [u'seccomp'], u'Driver': u'overlay2', u'IndexServerAddress': u'https://index.docker.io/v1/', u'ClusterStore': u'', u'InitCommit': {u'Expected': u'949e6fa', u'ID': u'949e6fa'}, u'Isolation': u'', u'SystemStatus': None, u'OomKillDisable': True, u'ClusterAdvertise': u'', u'SystemTime': u'2017-02-23T05:53:04.391087126Z', u'Name': u'moby', u'CPUSet': True, u'RegistryConfig': {u'InsecureRegistryCIDRs': [u'127.0.0.0/8'], u'IndexConfigs': {u'docker.io': {u'Official': True, u'Name': u'docker.io', u'Secure': True, u'Mirrors': None}}, u'Mirrors': []}, u'DefaultRuntime': u'runc', u'ContainersStopped': 12, u'NCPU': 4, u'NFd': 17, u'Architecture': u'x86_64', u'KernelMemory': True, u'CpuCfsQuota': True, u'Debug': True, u'ExecutionDriver': u'<not supported>', u'ID': u'SYZN:VZUT:ITIJ:Z2PR:6ASR:MBXZ:QMVT:KDCK:RUQ4:UAQK:5ELD:WPIL', u'IPv4Forwarding': True, u'KernelVersion': u'4.9.8-moby', u'BridgeNfIptables': True, u'NoProxy': u'*.local, 169.254/16', u'LiveRestoreEnabled': False, u'ServerVersion': u'1.13.1', u'CpuCfsPeriod': True, u'ExperimentalBuild': True, u'MemoryLimit': True, u'SwapLimit': True, u'Plugins': {u'Volume': [u'local'], u'Network': [u'bridge', u'host', u'ipvlan', u'macvlan', u'null', u'overlay'], u'Authorization': None}, u'Images': 12, u'DockerRootDir': u'/var/lib/docker', u'NEventsListener': 1, u'CPUShares': True, u'RuncCommit': {u'Expected': u'9df8b306d01f59d3a8029be411de015b7304dd8f', u'ID': u'9df8b306d01f59d3a8029be411de015b7304dd8f'}}
2017-02-22 21:53:04,405 - flyingcloud.base - INFO - Building docker layer 'nginx' with tag 'quay.io/cookbrite/nginx_pillar_nginx_qa'.
2017-02-22 21:53:04,405 - flyingcloud.base - INFO - Starting salt_highstate: source_image_name=quay.io/cookbrite/nginx_pillar_sysbase:latest, container_name=nginx_pillar_nginx, salt_dir=/Users/adam/src/flyingcloud/examples/nginx-pillar/salt/nginx
2017-02-22 21:53:04,405 - flyingcloud.base - INFO - Creating container 'nginx_pillar_nginx' from image quay.io/cookbrite/nginx_pillar_sysbase:latest
2017-02-22 21:53:04,406 - flyingcloud.base - INFO - create_container: {u'environment': {}, u'name': u'nginx_pillar_nginx', 'volumes': [u'/srv/pillar', u'/srv/salt'], u'image': u'quay.io/cookbrite/nginx_pillar_sysbase:latest', u'detach': True, 'host_config': {'Binds': [u'/Users/adam/src/flyingcloud/examples/nginx-pillar/pillar/qa:/srv/pillar:rw', u'/Users/adam/src/flyingcloud/examples/nginx-pillar/salt/nginx:/srv/salt:rw'], 'PortBindings': {}}, u'ports': []}
2017-02-22 21:53:04,651 - flyingcloud.base - INFO - Created container 3a080806daea, result={u'Id': u'3a080806daea292122a4b4715bd3500623ad5dbc6e289c4158d29e2fc13a977d', u'Warnings': None}
2017-02-22 21:53:05,234 - flyingcloud.base - INFO - About to start Salting
2017-02-22 21:53:05,234 - flyingcloud.base - INFO - Running [u'salt-call', u'--local', u'state.highstate'] in container 3a080806daea
2017-02-22 21:54:22,602 - flyingcloud.base - INFO - Finished Salting: duration=1:17 minutes
2017-02-22 21:54:23,510 - flyingcloud.base - INFO - Committed quay.io/cookbrite/nginx_pillar_nginx_qa:2017-02-23t055304z: result={u'Id': u'sha256:8d3721a44f924b174a3beed6126062358c92bf4b128e7f1802332febd2c239dc'}
2017-02-22 21:54:23,511 - flyingcloud.base - INFO - docker_cleanup 3a080806daea292122a4b4715bd3500623ad5dbc6e289c4158d29e2fc13a977d
2017-02-22 21:54:24,367 - flyingcloud.base - INFO - Not squashing layer quay.io/cookbrite/nginx_pillar_nginx_qa:2017-02-23t055304z
2017-02-22 21:54:24,367 - flyingcloud.base - INFO - Tagging image quay.io/cookbrite/nginx_pillar_nginx_qa:2017-02-23t055304z as repo=quay.io/cookbrite/nginx_pillar_nginx_qa, tag=latest
2017-02-22 21:54:24,407 - flyingcloud.base - INFO - Not pushing Docker layers.
2017-02-22 21:54:24,407 - flyingcloud.base - INFO - Build finished

[adamfeuer]

Hey @dizzythinks, have you tried this branch out with the fixes? Just want to see if it's working before I start to work on merging it.

[dizzythinks]

Hi. Sorry, I've been away. I did test it and it was all good, I just seem to have forgotten to post and tell you. Sorry.

[adamfeuer]

@dizzythinks No problem, and thank you so much for your great ideas and help! I will work to get this code-reviewed and merged.
@georgevreilly Looks like we have pillar support worked out, I will add some tests and submit a PR for improvements and feedback.

[georgevreilly]

👍

[dizzythinks]

Did this get merged yet?

[adamfeuer]

@dizzythinks No, I'm sorry - I had to work on other things for a while. I will make a Pull Request this weekend. Or you can do that too. :-)

[somppa]

Any updates on this?