CASMINST-4471 simplify build and properly load nexus images with new podman

[jacobsalmela]

Signed-off-by: Jacob Salmela [email protected]

Summary and Scope

podman load no longer accepts a name and tag. Instead you must load the image, and then run a separate podman tag command.

podman inspect also needed the --type container flag, otherwise it was causing false logic by hitting a match since it can match anything that matches that name without a --type flag.

This also finds the image ID in a more reliable manner, by checking it's metadata for a label:

$(podman images --noheading --format "{{.Id}}" --filter label="name=Nexus Repository Manager")

Issues and Related PRs

• Resolves CASMINST-4471
• Merge with CASMINST-4471 adjust init script for podman load behavior metal-basecamp#14

Testing

Removed the existing pit-nexus rpm, installed the one from the build.

Validated nexus was running, the pods were started and the volumes were created.

Stopped the service, restarted it.

redbull-ncn-m001-pit:~ # systemctl start nexus
redbull-ncn-m001-pit:~ # echo $?
0
redbull-ncn-m001-pit:~ # systemctl status nexus
● nexus.service - Nexus
     Loaded: loaded (/usr/lib/systemd/system/nexus.service; disabled; vendor preset: disabled)
     Active: active (running) since Thu 2022-04-28 12:02:37 UTC; 18s ago
       Docs: https://help.sonatype.com/repomanager3
             https://github.com/sonatype/nexus-public
    Process: 30816 ExecStartPre=/usr/sbin/nexus-init.sh /run/nexus.service-pid /run/nexus.service-cid nexus (code=exited, status=0/SUCCESS)
    Process: 31845 ExecStart=/usr/bin/podman start nexus (code=exited, status=0/SUCCESS)
    Process: 32035 ExecStartPost=/usr/sbin/nexus-setup.sh (code=exited, status=0/SUCCESS)
   Main PID: 31902 (conmon)
      Tasks: 2
     CGroup: /system.slice/nexus.service
             └─31902 /usr/bin/conmon --api-version 1 -c 0b306e5f099d204ac0d2b4f8283f26fdce21149a0978f9e8ca45b20d165ff51b -u 0b306e5f099d204ac0>

redbull-ncn-m001-pit:~ # podman container ls
CONTAINER ID  IMAGE                                                            COMMAND               CREATED             STATUS                 PORTS       NAMES
d818ee9060c5  artifactory.algol60.net/csm-docker/stable/metal-basecamp:1.1.11                        2 days ago          Up 17 hours ago                    basecamp
0b306e5f099d  artifactory.algol60.net/csm-docker/stable/nexus3:3.25.0-2        sh -c ${SONATYPE_...  About a minute ago  Up About a minute ago              nexus
redbull-ncn-m001-pit:~ # podman image ls
REPOSITORY                                                  TAG                            IMAGE ID      CREATED       SIZE
artifactory.algol60.net/csm-docker/unstable/metal-basecamp  1.1.12-20220425211121_a757e4f  bb289158fe08  2 days ago    28.9 MB
artifactory.algol60.net/csm-docker/stable/metal-basecamp    1.1.11                         9b621b3acdb7  4 days ago    28.9 MB
artifactory.algol60.net/csm-docker/stable/nexus3            3.25.0-2                       7d6a2be1d717  5 weeks ago   1.13 GB
artifactory.algol60.net/csm-docker/stable/cray-nexus-setup  0.5.2                          e74384917cd7  7 months ago  61.2 MB
redbull-ncn-m001-pit:~ # podman volume ls
DRIVER      VOLUME NAME
local       nexus-data
redbull-ncn-m001-pit:~ # journalctl -xeu nexus --no-pager
-- Logs begin at Mon 2022-04-25 15:29:36 UTC, end at Thu 2022-04-28 12:03:32 UTC. --
...
...
Apr 28 12:02:02 redbull-ncn-m001-pit podman[31845]: nexus
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32035]: + podman image inspect --type image artifactory.algol60.net/csm-docker/stable/cray-nexus-setup:0.5.2
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32035]: + podman load -i /var/lib/cray/container-images/pit-nexus/cray-nexus-setup-0.5.2.tar
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32082]: Getting image source signatures
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32082]: Copying blob sha256:3be9e696ab723f9aaedbf35612e149a7b6c2e22cd0bf75d07ed933e9d25b03c3
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32082]: Copying blob sha256:5778d004fb6eca5fcadee034aa816bbfa4a6e0b422dd3d795f206f7f854351da
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32082]: Copying blob sha256:32f366d666a541852cad754ee1cdb53a736110b550f0c2d5a46bc5ba519896b6
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32082]: Copying blob sha256:217498a6a599fa89fda0cc8569099049e28867075278118f9ac6c8160cbc2c22
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32082]: Copying blob sha256:f89179be7d5744a004141e2c068ded81ff5a1785d6b1096140cdfc765ed1d9d0
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32082]: Copying blob sha256:f624a13cc51689b8aad1cf6511c8cb698eca92bd148385a8517d8b02dec1f3a4
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32082]: Copying blob sha256:51318ad0eef388bba5166088dcfd535c6d51517b7f98dcd4deae614ff4cf24e3
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32082]: Copying blob sha256:5c2b11c953feb0d1f33c1eceef5615d9b20289dc9c98b1f978e97c6020dd9513
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32082]: Copying blob sha256:836da2d41b6c8813ad09d82c9fd5e256fff3af715c83b22c84b9b870433a36cb
Apr 28 12:02:02 redbull-ncn-m001-pit nexus-setup.sh[32082]: Copying blob sha256:836da2d41b6c8813ad09d82c9fd5e256fff3af715c83b22c84b9b870433a36cb
Apr 28 12:02:03 redbull-ncn-m001-pit nexus-setup.sh[32082]: Copying config sha256:e74384917cd76a4ddf04f28df8248b2145fc0b55caca8b2a624014dfc3df24e2
Apr 28 12:02:03 redbull-ncn-m001-pit nexus-setup.sh[32082]: Writing manifest to image destination
Apr 28 12:02:03 redbull-ncn-m001-pit nexus-setup.sh[32082]: Storing signatures
Apr 28 12:02:03 redbull-ncn-m001-pit nexus-setup.sh[32082]: Loaded image(s): sha256:e74384917cd76a4ddf04f28df8248b2145fc0b55caca8b2a624014dfc3df24e2
Apr 28 12:02:03 redbull-ncn-m001-pit podman[32082]: 2022-04-28 12:02:02.376194545 +0000 UTC m=+0.050608782 image loadfromarchive  /var/lib/cray/container-images/pit-nexus/cray-nexus-setup-0.5.2.tar
Apr 28 12:02:03 redbull-ncn-m001-pit nexus-setup.sh[32657]: ++ podman images --noheading --format '{{.Id}}' --filter label=org.label-schema.name=cray-nexus-setup
Apr 28 12:02:03 redbull-ncn-m001-pit nexus-setup.sh[32035]: + CRAY_NEXUS_SETUP_ID=e74384917cd76a4ddf04f28df8248b2145fc0b55caca8b2a624014dfc3df24e2
Apr 28 12:02:03 redbull-ncn-m001-pit nexus-setup.sh[32035]: + podman tag e74384917cd76a4ddf04f28df8248b2145fc0b55caca8b2a624014dfc3df24e2 artifactory.algol60.net/csm-docker/stable/cray-nexus-setup:0.5.2
...
...
org.elasticsearch.cluster.routing.allocation - [1B5D76E1-80103FD0-B0ADDFEC-F130BF7D-64A33812] Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[a765656ec655e7737653c56521f273f9cf664d55][0]] ...]).
Apr 28 12:02:37 redbull-ncn-m001-pit conmon[32895]: 201
Apr 28 12:02:37 redbull-ncn-m001-pit conmon[32895]:  OK created
Apr 28 12:02:37 redbull-ncn-m001-pit nexus-setup.sh[32835]: Creating docker/hosted repository: registry...201 OK created
Apr 28 12:02:37 redbull-ncn-m001-pit conmon[32895]: Enable Docker security realm...
Apr 28 12:02:37 redbull-ncn-m001-pit conmon[31902]: 2022-04-28 12:02:37,312+0000 INFO  [qtp756618569-293] admin org.sonatype.nexus.security.internal.RealmManagerImpl - Changing configuration: OrientRealmConfiguration{realmNames=[NexusAuthenticatingRealm, NexusAuthorizingRealm, DockerToken]}
Apr 28 12:02:37 redbull-ncn-m001-pit conmon[32895]: 204
Apr 28 12:02:37 redbull-ncn-m001-pit conmon[32895]:  OK
Apr 28 12:02:37 redbull-ncn-m001-pit nexus-setup.sh[32835]: Enable Docker security realm...204 OK
Apr 28 12:02:37 redbull-ncn-m001-pit podman[32835]: 2022-04-28 12:02:37.394036659 +0000 UTC m=+33.266500201 container died 486890db63f9d25b78256300df479c98daffc8e137f4d6ffdc1dffdee76e77f9 (image=artifactory.algol60.net/csm-docker/stable/cray-nexus-setup:0.5.2, name=friendly_merkle)
Apr 28 12:02:37 redbull-ncn-m001-pit podman[32835]: 2022-04-28 12:02:37.49642328 +0000 UTC m=+33.368886817 container remove 486890db63f9d25b78256300df479c98daffc8e137f4d6ffdc1dffdee76e77f9 (image=artifactory.algol60.net/csm-docker/stable/cray-nexus-setup:0.5.2, name=friendly_merkle, org.label-schema.description=Utilities to setup and configure Nexus., org.label-schema.name=cray-nexus-setup, org.label-schema.schema-version=1.0, org.label-schema.url=http://www.cray.com/, org.label-schema.vcs-url=https://github.com/Cray-HPE/nexus-setup.git, org.label-schema.vendor=Cray Inc, org.label-schema.version=null)
Apr 28 12:02:37 redbull-ncn-m001-pit systemd[1]: Started Nexus.
░░ Subject: A start job for unit nexus.service has finished successfully
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ A start job for unit nexus.service has finished successfully.
░░
░░ The job identifier is 30763.
redbull-ncn-m001-pit:~ #

Tested on:

• #redbull

Risks and Mitigations

Low, still broken.

Pull Request Checklist

• Version number(s) incremented, if applicable
• License file intact
• Target branch correct
• Testing is appropriate and complete, if applicable