OpenShift#

Requirements:

• runnable jars
• ease of use for developers (with no infrastructure hassle)
• service registry (run your own eureka or so ?)
• pricing

Pricing#

Looking at https://www.openshift.com/pricing/index.html it says that running a "Medium Production gear" of 1GB costs $0.05 / hour. For a year this is 24x365x0.05 = $ 438,- per year

Runnable jar.#

Searched around a bit, came to http://www.tearsofaunicorn.com/articles/2013/11/24/deploying-dropwizard-to-openshift.html.... TBC

It says you should use a DIY cartridge, which then says:

The Do-It-Yourself (DIY) application type is a blank slate for trying unsupported languages, frameworks, and middleware on OpenShift. 
See the community site for examples of bringing your favorite framework to OpenShift.
OpenShift maintained
Receives automatic security updates

Start to create a DIY project and enter my (ssh) git url, but it says :

Source code repository could not be cloned: 'git@github.com:metskem/demoapp1.git'. 
Git clone using SSH requires the OpenShift server to authenticate to the repository. Please verify the repository is correct, and try a non-SSH URL such as HTTPS.

It takes about a minute, then my app is created. It again warns me:

Disclaimer: This is an experimental cartridge that provides a way to try unsupported languages, frameworks, and middleware on OpenShift.

It provides me an Overview page and instructions how to do code changes:

git clone ssh://583f185e2d5271b8c6000069@diy-computerhok.rhcloud.com/~/git/diy.git/
cd diy/

My app of course fails because it requires one envvar ( How do I provide envvars in advance? Looks like I need the oc command for that ) ==> Yes:

➜  ~ rhc set-env DROPWIZARD_YAML=src/main/resources/dropwizard.yml --app diy
Setting environment variable(s) ... done

The overview page BTW says my app is started, but it is not (I also get a 503, from a RedHat Apache server of course).

I can also ssh into my gear, the ui says ssh 583f185e2d5271b8c6000069@diy-computerhok.rhcloud.com .

[diy-computerhok.rhcloud.com /]\> lsb_release -a
LSB Version:	:base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID:	RedHatEnterpriseServer
Description:	Red Hat Enterprise Linux Server release 6.7 (Santiago)
Release:	6.7
Codename:	Santiago
[diy-computerhok.rhcloud.com /]\> java -version
java version "1.7.0_121"
OpenJDK Runtime Environment (rhel-2.6.8.1.el6_8-i386 u121-b00)
OpenJDK Server VM (build 24.121-b00, mixed mode)

An old java version unfortunately.

Download oc/rhc cli#

See Installing the cli. However, now I need a RedHat account.
I found another location to download the command: http://repo.openshift3roadshow.com/clients/oc-linux.tar.gz Extracted this one and copied to /usr/local/bin. Syntax:

➜  ~ oc
Developer and Administrator Client

This client exposes commands for managing your applications, as well as lower level
tools to interact with each component of your system.

To create a new application, you can use the example app source. Login to your server and then
run new-app:

  $ oc login
  $ oc new-app centos/ruby-22-centos7~https://github.com/openshift/ruby-hello-world.git

This will create an application based on the Docker image 'centos/ruby-22-centos7' that builds
the source code at 'github.com/openshift/ruby-hello-world.git'. A build will start automatically and
a deployment will start as soon as the build finishes.

Once your application is deployed, use the status, get, and describe commands to see more about
the created components:

  $ oc status
  $ oc describe deploymentconfig ruby-hello-world
  $ oc get pods

You'll be able to view the deployed application on the IP and port of the service that new-app
created for you.

You can easily switch between multiple projects using 'oc project <projectname>'.

Basic Commands:
  types        An introduction to concepts and types
  login        Log in to a server
  new-project  Request a new project
  new-app      Create a new application
  status       Show an overview of the current project
  project      Switch to another project

Build and Deploy Commands:
  start-build  Start a new build
  build-logs   Show logs from a build
  deploy       View, start, cancel, or retry a deployment
  rollback     Revert part of an application back to a previous deployment
  new-build    Create a new build configuration
  cancel-build Cancel a pending or running build
  import-image Imports images from a Docker registry
  scale        Change the number of pods in a deployment
  tag          Tag existing images into image streams

Application Modification Commands:
  get          Display one or many resources
  describe     Show details of a specific resource or group of resources
  edit         Edit a resource on the server
  env          Update the environment on a resource with a pod template
  volumes      Update volume on a resource with a pod template
  label        Update the labels on a resource
  annotate     Update the annotations on a resource
  expose       Expose a replicated application as a service or route
  stop         Deprecated: Gracefully shut down a resource by name or filename.
  delete       Delete resources by filenames, stdin, resources and names, or by resources and label selector.

Troubleshooting and Debugging Commands:
  explain      Documentation of resources.
  logs         Print the logs for a resource.
  rsh          Start a shell session in a pod
  rsync        Copy files between local filesystem and a pod
  exec         Execute a command in a container.
  port-forward Forward one or more local ports to a pod.
  proxy        Run a proxy to the Kubernetes API server

Advanced Commands:
  create       Create a resource by filename or stdin
  replace      Replace a resource by filename or stdin.
  patch        Update field(s) of a resource by stdin.
  process      Process a template into list of resources
  export       Export resources so they can be used elsewhere
  run          Run a particular image on the cluster.
  attach       Attach to a running container.
  policy       Manage authorization policy
  secrets      Manage secrets
  convert      Convert config files between different API versions

Settings Commands:
  logout       End the current server session
  config       Change configuration files for the client
  whoami       Return information about the current session

Other Commands:
  version      Display version
  help         Help about any command

Use "oc help <command>" for more information about a given command.
Use "oc options" for a list of global command-line options (applies to all commands).

But I cannot find which endpoint to use.
Maybe I should use the rhc command, see https://developers.openshift.com/getting-started/debian-ubuntu.html for installing.

You have to install ruby-full first and then sudo gem install rhc.
Next is the rhc setup cmd:

➜  ~ rhc setup
OpenShift Client Tools (RHC) Setup Wizard

This wizard will help you upload your SSH keys, set your application namespace, and check that other programs like Git are properly installed.

If you have your own OpenShift server, you can specify it now. Just hit enter to use the server for OpenShift Online: openshift.redhat.com.


You can add more servers later using 'rhc server'.

Then it hangs...

When specifying all arguments it works:

➜  ~ rhc setup --server openshift.redhat.com --clean --rhlogin harry.metske@gmail.com --password <your password>
OpenShift Client Tools (RHC) Setup Wizard

This wizard will help you upload your SSH keys, set your application namespace, and check that other programs like Git are properly installed.

Using harry.metske@gmail.com to login to openshift.redhat.com

OpenShift can create and store a token on disk which allows to you to access the server without using your password. The key is stored in your home directory and should be kept secret.  You can delete the key at any time by running 'rhc logout'.

Please enter "yes" or "no".
yes
Generating an authorization token for this client ... lasts about 1 month

Saving configuration to /home/metskem/.openshift/express.conf ... done

Checking for git ... found git version 2.7.4

Checking common problems .. done

Checking for a domain ... computerhok

Checking for applications ... found 1

  diy http://diy-computerhok.rhcloud.com/

  You are using 1 of 3 total gears
  The following gear sizes are available to you: small

Your client tools are now configured.

Developing#

Our source code has been copied from the github repo to an internal RedHat repo. The overview page tells use what this RedHat git repo is: ssh://583f185e2d5271b8c6000069@diy-computerhok.rhcloud.com/~/git/diy.git/ . I don't see an option for an https URL

So we (locally) add this remote repo : git remote add openshift ssh://583f185e2d5271b8c6000069@diy-computerhok.rhcloud.com/~/git/diy.git/.

We also have to provide special Action hooks because we have to specify how to start our application, and we have to specify the port to listen on (the latter can be solved better/differently I think).

So created 3 additional scripts in our git repo:

• .openshift/action_hooks/build
• .openshift/action_hooks/deploy
• .openshift/action_hooks/start

Containing:

build

#!/bin/bash
gradle assemble

deploy

#!/bin/bash
echo "current dir 1: `pwd`"
cd $OPENSHIFT_REPO_DIR
echo "current dir 2: `pwd`"
ls -la
sed -i 's/@OPENSHIFT_DIY_IP@/'"$OPENSHIFT_DIY_IP"'/g' src/main/resources/demoapp1.openshift.yaml
sed -i 's/@OPENSHIFT_DIY_PORT@/'"$OPENSHIFT_DIY_PORT"'/g' src/main/resources/demoapp1.openshift.yaml

start

#!/bin/bash
cd $OPENSHIFT_REPO_DIR
export DROPWIZARD_YAML=src/main/resources/demoapp1.openshift.yaml
nohup java -jar build/libs/demoapp1-0.1.0.jar > ${OPENSHIFT_DIY_LOG_DIR}/demoapp1.log 2>&1 &

Then when we git push (1), this was before we had the bulid script :

➜  demoapp1 git:(master) ✗ git push openshift master            
Counting objects: 5, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (4/4), done.
Writing objects: 100% (5/5), 474 bytes | 0 bytes/s, done.
Total 5 (delta 2), reused 0 (delta 0)
remote: Stopping DIY cartridge
remote: Building git ref 'master', commit cfb642e
remote: Preparing build for deployment
remote: Deployment id is fcb8b14e
remote: Activating deployment
remote: Starting DIY cartridge
remote: -------------------------
remote: Git Post-Receive Result: success
remote: Activation status: success
remote: Deployment completed with status: success
To ssh://583f185e2d5271b8c6000069@diy-computerhok.rhcloud.com/~/git/diy.git/
   4c0c10b..cfb642e  master -> master

It tells us all success, but the app still fails (503 response). How to diagnose further, the UI does not show anything about status or logs. Let's try the ssh again.

Then we added the build hook script and pushed again:

➜  demoapp1 git:(master) ✗ git push openshift master         
Counting objects: 6, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (4/4), done.
Writing objects: 100% (6/6), 497 bytes | 0 bytes/s, done.
Total 6 (delta 2), reused 0 (delta 0)
remote: Stopping DIY cartridge
remote: Building git ref 'master', commit 1ec49f3
remote: /var/lib/openshift/583f185e2d5271b8c6000069/app-root/runtime/repo/.openshift/action_hooks/build: line 2: gradle: command not found
remote: An error occurred executing 'gear postreceive' (exit code: 127)
remote: Error message: CLIENT_ERROR: Failed to execute action hook 'build' for 583f185e2d5271b8c6000069 application diy
remote: 
remote: For more details about the problem, try running the command again with the '--trace' option.
To ssh://583f185e2d5271b8c6000069@diy-computerhok.rhcloud.com/~/git/diy.git/
   13bd4bc..1ec49f3  master -> master

There is no gradle available (only mvn. And which version:

[diy-computerhok.rhcloud.com 583f185e2d5271b8c6000069]\> mvn --version
Apache Maven 3.0.4 (r1232336; 2012-12-18 14:36:37-0500)
Maven home: /usr/share/java/apache-maven-3.0.4
Java version: 1.7.0_121, vendor: Oracle Corporation
Java home: /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.121/jre
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "2.6.32-642.6.2.el6.x86_64", arch: "i386", family: "unix"

Running containers#

The idea is to just a container from an image, and that envvars should determine which jar file to run.

....created subimage from ......

pushed to internal docker registry

Fire up with oc:

[2016-12-01 13:11.32]  /drives/g/tools
[metskeh.RB904184] ➤ ./oc new-app docker-registry.linux.rabobank.nl/online.io/javarunner:0.1 --env JARFILE_URL="http://lsrv4008.linux.rabobank.nl/artifacts/dropwizardtest-1.4/dropwizardtest-1.4.jar"
--> Found Docker image be874f9 (2 hours old) from docker-registry.linux.rabobank.nl for "docker-registry.linux.rabobank.nl/online.io/javarunner:0.1"
    * An image stream will be created as "javarunner:0.1" that will track this image
    * This image will be deployed in deployment config "javarunner"
    * [WARNING] Image "javarunner" runs as the 'root' user which may not be permitted by your cluster administrator
    * The image does not expose any ports - if you want to load balance or send traffic to this component
      you will need to create a service with 'expose dc/javarunner --port=[port]' later
--> Creating resources with label app=javarunner ...
    ImageStream "javarunner" created
    DeploymentConfig "javarunner" created
--> Success
    Run 'oc status' to view your app.

Why does it take so long on my Rabo laptop on E2B (VDI is much faster):

[MetskeH.RB344164] ➤ time ./oc status -v
In project testproject (demoapp1) on server https://ose-master-api.linux.rabobank.nl:8443

svc/javarunner - 192.168.215.67:8080
  dc/javarunner deploys imagestreamtag/javarunner:0.2
    #1 deployed 19 hours ago - 1 pod

Warnings:
  * container "javarunner" in pod/javarunner-1-s8ylj has restarted 234 times
  * The image trigger for dc/javarunner will have no effect until imagestreamtag/javarunner:0.2 is imported or created by a build.

View details with 'oc describe <resource>/<name>' or list everything with 'oc get all'.
real    0m 37.28s
user    0m 0.01s
sys     0m 0.01s