Skip to content

Commit

Permalink
*: use podman instead of docker
Browse files Browse the repository at this point in the history
Signed-off-by: Steve Milner <[email protected]>
  • Loading branch information
ashcrow authored and crawford committed Sep 11, 2018
1 parent 77cc46f commit c234fc3
Show file tree
Hide file tree
Showing 13 changed files with 28 additions and 32 deletions.
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,9 @@ These instructions can be used for AWS:
bazel build tarball
```

*Note*: the project can optionally be built without installing Bazel, provided Docker is installed:
*Note*: the project can optionally be built without installing Bazel, provided Podman is installed:
```sh
docker run --rm -v $PWD:$PWD:Z -w $PWD quay.io/coreos/tectonic-builder:bazel-v0.3 bazel --output_base=.cache build tarball
podman run --rm -v $PWD:$PWD:Z -w $PWD quay.io/coreos/tectonic-builder:bazel-v0.3 bazel --output_base=.cache build tarball
```

3. Extract the tarball
Expand Down
2 changes: 1 addition & 1 deletion hack/go-fmt.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ if [ "$IS_CONTAINER" != "" ]; then
done
git diff --exit-code
else
docker run --rm \
podman run --rm \
--env IS_CONTAINER=TRUE \
--volume "${PWD}:/go/src/github.com/openshift/installer:z" \
--workdir /go/src/github.com/openshift/installer \
Expand Down
2 changes: 1 addition & 1 deletion hack/go-lint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
if [ "$IS_CONTAINER" != "" ]; then
golint -set_exit_status "${@}"
else
docker run --rm \
podman run --rm \
--env IS_CONTAINER=TRUE \
--volume "${PWD}:/go/src/github.com/openshift/installer:z" \
--workdir /go/src/github.com/openshift/installer \
Expand Down
2 changes: 1 addition & 1 deletion hack/go-vet.sh
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
if [ "$IS_CONTAINER" != "" ]; then
go vet "${@}"
else
docker run --rm \
podman run --rm \
--env IS_CONTAINER=TRUE \
--volume "${PWD}:/go/src/github.com/openshift/installer:z" \
--workdir /go/src/github.com/openshift/installer \
Expand Down
2 changes: 1 addition & 1 deletion hack/shellcheck.sh
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ if [ "$IS_CONTAINER" != "" ]; then
-o -path "${TOP_DIR}/.build" -prune \
-o -type f -name '*.sh' -exec shellcheck --format=gcc {} \+
else
docker run --rm \
podman run --rm \
--env IS_CONTAINER=TRUE \
--volume "${PWD}:/workdir:ro,z" \
--entrypoint sh \
Expand Down
2 changes: 1 addition & 1 deletion hack/test-bazel-build-tarball.sh
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ if [ "$IS_CONTAINER" != "" ]; then
set -x
bazel --output_base=/tmp build "$@" tarball
else
docker run --rm \
podman run --rm \
--env IS_CONTAINER=TRUE \
--volume "${PWD}:${PWD}:z" \
--workdir "${PWD}" \
Expand Down
4 changes: 2 additions & 2 deletions hack/tf-fmt.sh
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
#!/bin/sh

# in prow, already in container, so no 'docker run'
# in prow, already in container, so no 'podman run'
if [ "$IS_CONTAINER" != "" ]; then
set -x
/terraform fmt -list -check -write=false
else
docker run --rm \
podman run --rm \
--env IS_CONTAINER=TRUE \
--volume "${PWD}:${PWD}:ro,z" \
--workdir "${PWD}" \
Expand Down
2 changes: 1 addition & 1 deletion hack/tf-lint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
if [ "$IS_CONTAINER" != "" ]; then
tflint
else
docker run --rm \
podman run --rm \
--env IS_CONTAINER=TRUE \
--volume "${PWD}:/data:z" \
--entrypoint sh \
Expand Down
2 changes: 1 addition & 1 deletion hack/yaml-lint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
if [ "$IS_CONTAINER" != "" ]; then
yamllint --config-data "{extends: default, rules: {line-length: {level: warning, max: 120}}}" ./examples/ ./installer/
else
docker run --rm \
podman run --rm \
--env IS_CONTAINER=TRUE \
--volume "${PWD}:/workdir:z" \
--entrypoint sh \
Expand Down
6 changes: 1 addition & 5 deletions modules/bootkube/resources/bootkube.service
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,12 @@
Description=Bootstrap a Kubernetes cluster
ConditionPathExists=!/opt/tectonic/init_bootkube.done
Wants=kubelet.service
Requires=docker.service
After=kubelet.service docker.service
After=kubelet.service

[Service]
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/opt/tectonic

User=root
Group=root

ExecStart=/usr/bin/bash /opt/tectonic/bootkube.sh
ExecStartPost=/bin/touch /opt/tectonic/init_bootkube.done
16 changes: 8 additions & 8 deletions modules/bootkube/resources/bootkube.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ set -e
echo "Rendering Kubernetes core manifests..."

# shellcheck disable=SC2154
/usr/bin/docker run \
/usr/bin/podman run \
--volume "$PWD:/assets:z" \
--volume /etc/kubernetes:/etc/kubernetes:z \
"${kube_core_renderer_image}" \
Expand All @@ -14,7 +14,7 @@ echo "Rendering Kubernetes core manifests..."
echo "Rendering TNC manifests..."

# shellcheck disable=SC2154
/usr/bin/docker run \
/usr/bin/podman run \
--user 0 \
--volume "$PWD:/assets:z" \
"${tnc_operator_image}" \
Expand All @@ -29,14 +29,13 @@ cp "$PWD/tnc-bootstrap/tectonic-node-controller-config.yaml" /etc/kubernetes/tnc
# We originally wanted to run the etcd cert signer as
# a static pod, but kubelet could't remove static pod
# when API server is not up, so we have to run this as
# docker container.
# podman container.
# See https://github.com/kubernetes/kubernetes/issues/43292

echo "Starting etcd certificate signer..."

# shellcheck disable=SC2154
SIGNER=$(/usr/bin/docker run -d \
--tmpfs /tmp \
SIGNER=$(/usr/bin/podman run -d \
--volume /opt/tectonic/tls:/opt/tectonic/tls:ro,z \
--network host \
"${etcd_cert_signer_image}" \
Expand All @@ -57,8 +56,9 @@ i=0
while true; do
set +e
# shellcheck disable=SC2154,SC2086
/usr/bin/docker run \
/usr/bin/podman run \
--rm \
--network host \
--name etcdctl \
--env ETCDCTL_API=3 \
--volume /opt/tectonic/tls:/opt/tectonic/tls:ro,z \
Expand Down Expand Up @@ -86,15 +86,15 @@ done

echo "etcd cluster up. Killing etcd certificate signer..."

/usr/bin/docker kill "$SIGNER"
/usr/bin/podman kill "$SIGNER"
rm /etc/kubernetes/manifests/tectonic-node-controller-pod.yaml

cp -r "$PWD/bootstrap-configs" /etc/kubernetes/bootstrap-configs

echo "Starting bootkube..."

# shellcheck disable=SC2154
/usr/bin/docker run \
/usr/bin/podman run \
--volume "$PWD:/assets:z" \
--volume /etc/kubernetes:/etc/kubernetes:z \
--network=host \
Expand Down
8 changes: 4 additions & 4 deletions scripts/maintenance/clean-aws.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ usage() {
cat <<EOF
$(basename "$0") deletes AWS resources tagged with tags specified in a tag file.
Requires that 'docker' and 'jq' are installed.
Requires that 'podman' and 'jq' are installed.
AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environmental variables must be set.
Expand Down Expand Up @@ -86,7 +86,7 @@ while [ $# -gt 0 ]; do
shift
done

if ! command -V docker >/dev/null || ! command -V jq >/dev/null; then
if ! command -V podman >/dev/null || ! command -V jq >/dev/null; then
echo "Missing required dependencies" >&2
exit 1
fi
Expand Down Expand Up @@ -155,9 +155,9 @@ if [ ! $force ]; then
fi
fi

trap 'docker stop grafiti-deleter; exit' EXIT
trap 'podman stop grafiti-deleter; exit' EXIT

docker run -t --rm --name grafiti-deleter \
podman run -t --rm --name grafiti-deleter \
-v "$tmp_dir":/tmp/config:z \
-e AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \
-e AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" \
Expand Down
8 changes: 4 additions & 4 deletions scripts/maintenance/tag-aws.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ usage() {
$(basename "$0") tags AWS resources with 'expirationDate: some-date-string',
defaulting to tomorrow's date, and excludes all resources tagged with
tag keys/values specified in an 'exclude' file. Requires that 'docker' is
tag keys/values specified in an 'exclude' file. Requires that 'podman' is
installed.
AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environmental variables must be set.
Expand Down Expand Up @@ -101,7 +101,7 @@ while [ $# -gt 0 ]; do
shift
done

if ! command -V docker >/dev/null; then
if ! command -V podman >/dev/null; then
echo "Missing required dependencies" >&2
exit 1
fi
Expand Down Expand Up @@ -181,9 +181,9 @@ if [ ! $force ]; then
fi
fi

trap 'docker stop grafiti-tagger; exit' EXIT
trap 'podman stop grafiti-tagger; exit' EXIT

docker run -t --rm --name grafiti-tagger \
podman run -t --rm --name grafiti-tagger \
-v "$tmp_dir":/tmp/config:z \
-e AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \
-e AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" \
Expand Down

0 comments on commit c234fc3

Please sign in to comment.