зеркало из https://github.com/Azure/ipam.git
Refactored container Dockerfiles, updated exclusions, and updated bicep template dependencies
This commit is contained in:
Родитель
5fae33876c
Коммит
8a23e57ba8
|
@ -3,3 +3,4 @@
|
|||
.github/workflows
|
||||
NOTES.md
|
||||
TODO.md
|
||||
logs
|
||||
|
|
|
@ -22,9 +22,6 @@ param managedIdentityId string
|
|||
@description('Managed Identity ClientId')
|
||||
param managedIdentityClientId string
|
||||
|
||||
@description('Storage Account Name')
|
||||
param storageAccountName string
|
||||
|
||||
@description('Log Analytics Worskpace ID')
|
||||
param workspaceId string
|
||||
|
||||
|
@ -45,10 +42,6 @@ var dockerCompose = loadTextContent('../docker-compose.prod.yml')
|
|||
var dockerComposeReplace = replace(dockerCompose, 'azureipam.azurecr.io', acrUri)
|
||||
var dockerComposeEncode = base64(dockerComposeReplace)
|
||||
|
||||
resource storageAccount 'Microsoft.Storage/storageAccounts@2021-06-01' existing = {
|
||||
name: storageAccountName
|
||||
}
|
||||
|
||||
resource appServicePlan 'Microsoft.Web/serverfarms@2021-02-01' = {
|
||||
name: appServicePlanName
|
||||
location: location
|
||||
|
@ -129,15 +122,6 @@ resource appService 'Microsoft.Web/sites@2021-02-01' = {
|
|||
value: 'true'
|
||||
}
|
||||
]
|
||||
azureStorageAccounts: {
|
||||
nginx: {
|
||||
type: 'AzureBlob'
|
||||
accountName: storageAccountName
|
||||
shareName: 'nginx'
|
||||
mountPath: '/nginx'
|
||||
accessKey: listkeys(storageAccount.id, storageAccount.apiVersion).keys[0].value
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -198,7 +198,13 @@ $ErrorActionPreference = "Stop"
|
|||
$Env:SuppressAzurePowerShellBreakingChangeWarnings = $true
|
||||
|
||||
# Set Log File Location
|
||||
$logFile = "./deploy_$(get-date -format `"yyyyMMddhhmmsstt`").log"
|
||||
$logPath = [Io.Path]::Combine('..', 'logs')
|
||||
New-Item -ItemType Directory -Force -Path $logpath | Out-Null
|
||||
|
||||
$errorLog = Join-Path -Path $logPath -ChildPath "error_$(get-date -format `"yyyyMMddhhmmsstt`").log"
|
||||
$transcriptLog = Join-Path -Path $logPath -ChildPath "deploy_$(get-date -format `"yyyyMMddhhmmsstt`").log"
|
||||
|
||||
Start-Transcript -Path $transcriptLog | Out-Null
|
||||
|
||||
Function Test-Location {
|
||||
Param(
|
||||
|
@ -690,10 +696,6 @@ Function Update-UIApplication {
|
|||
Write-Host
|
||||
Write-Host "NOTE: IPAM Deployment Type: $($PSCmdlet.ParameterSetName)" -ForegroundColor Magenta
|
||||
|
||||
$logPath = [Io.Path]::Combine('..', 'logs')
|
||||
New-Item -ItemType Directory -Force -Path $logpath | Out-Null
|
||||
Start-Transcript -Path $logPath
|
||||
|
||||
try {
|
||||
if($PrivateAcr) {
|
||||
# Verify Minimum Azure CLI Version
|
||||
|
@ -804,18 +806,9 @@ try {
|
|||
Write-Host "INFO: Building and pushing container images to Azure Container Registry" -ForegroundColor Green
|
||||
Write-Verbose -Message "Building and pushing container images to Azure Container Registry"
|
||||
|
||||
$enginePath = [Io.Path]::Combine('..', 'engine')
|
||||
$engineDockerFile = Join-Path -Path $enginePath -ChildPath 'Dockerfile.rhel'
|
||||
$functionDockerFile = Join-Path -Path $enginePath -ChildPath 'Dockerfile.func'
|
||||
|
||||
$uiPath = [Io.Path]::Combine('..', 'ui')
|
||||
$uiDockerFile = Join-Path -Path $uiPath -ChildPath 'Dockerfile.rhel'
|
||||
|
||||
$lbPath = [Io.Path]::Combine('..', 'lb')
|
||||
$lbDockerFile = Join-Path -Path $lbPath -ChildPath 'Dockerfile'
|
||||
|
||||
$containerMap = @{
|
||||
Debian = @{
|
||||
Extension = "deb"
|
||||
Port = 80
|
||||
Images = @{
|
||||
UI = 'node:16-slim'
|
||||
|
@ -824,6 +817,7 @@ try {
|
|||
}
|
||||
}
|
||||
RHEL = @{
|
||||
Extension = "rhel"
|
||||
Port = 8080
|
||||
Images = @{
|
||||
UI = 'registry.access.redhat.com/ubi8/nodejs-16'
|
||||
|
@ -832,7 +826,17 @@ try {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$enginePath = [Io.Path]::Combine('..', 'engine')
|
||||
$engineDockerFile = Join-Path -Path $enginePath -ChildPath "Dockerfile.$($containerMap[$ContainerType].Extension)"
|
||||
$functionDockerFile = Join-Path -Path $enginePath -ChildPath 'Dockerfile.func'
|
||||
|
||||
$uiPath = [Io.Path]::Combine('..', 'ui')
|
||||
$uiDockerFile = Join-Path -Path $uiPath -ChildPath "Dockerfile.$($containerMap[$ContainerType].Extension)"
|
||||
|
||||
$lbPath = [Io.Path]::Combine('..', 'lb')
|
||||
$lbDockerFile = Join-Path -Path $lbPath -ChildPath "Dockerfile"
|
||||
|
||||
if($AsFunction) {
|
||||
# WRITE-HOST "INFO: Building Function container ($ContainerType)..." -ForegroundColor Green
|
||||
# Write-Verbose -Message "INFO: Building Function container ($ContainerType)..."
|
||||
|
@ -942,14 +946,14 @@ try {
|
|||
Write-Host $updateAddr -ForegroundColor White
|
||||
Write-Host "##############################################" -ForegroundColor Yellow
|
||||
}
|
||||
|
||||
Write-Host
|
||||
}
|
||||
catch {
|
||||
$_ | Out-File -FilePath $logFile -Append
|
||||
Write-Host "ERROR: Unable to deploy Azure IPAM solution due to an exception, see $logFile for detailed information!" -ForegroundColor red
|
||||
Stop-Transcript
|
||||
$_ | Out-File -FilePath $errorLog -Append
|
||||
Write-Host "ERROR: Unable to deploy Azure IPAM solution due to an exception, see $transcriptLog and $errorLog for detailed information!" -ForegroundColor red
|
||||
Write-Host
|
||||
Stop-Transcript | Out-Null
|
||||
exit
|
||||
}
|
||||
|
||||
Stop-Transcript
|
||||
Write-Host
|
||||
Stop-Transcript | Out-Null
|
||||
|
|
|
@ -104,7 +104,7 @@ module cosmos 'cosmos.bicep' = {
|
|||
}
|
||||
}
|
||||
|
||||
// Storage Account for Nginx Config/ Function Metadata
|
||||
// Storage Account for Nginx Config/Function Metadata
|
||||
module storageAccount 'storageAccount.bicep' = if (deployAsFunc) {
|
||||
scope: resourceGroup
|
||||
name: 'storageAccountModule'
|
||||
|
@ -142,7 +142,6 @@ module appService 'appService.bicep' = if (!deployAsFunc) {
|
|||
cosmosDbUri: cosmos.outputs.cosmosDocumentEndpoint
|
||||
managedIdentityId: managedIdentity.outputs.id
|
||||
managedIdentityClientId: managedIdentity.outputs.clientId
|
||||
storageAccountName: storageAccount.outputs.name
|
||||
workspaceId: logAnalyticsWorkspace.outputs.workspaceId
|
||||
privateAcr: privateAcr
|
||||
privateAcrUri: privateAcr ? containerRegistry.outputs.acrUri : ''
|
||||
|
@ -162,7 +161,7 @@ module functionApp 'functionApp.bicep' = if (deployAsFunc) {
|
|||
cosmosDbUri: cosmos.outputs.cosmosDocumentEndpoint
|
||||
managedIdentityId: managedIdentity.outputs.id
|
||||
managedIdentityClientId: managedIdentity.outputs.clientId
|
||||
storageAccountName: storageAccount.outputs.name
|
||||
storageAccountName: resourceNames.storageAccountName
|
||||
workspaceId: logAnalyticsWorkspace.outputs.workspaceId
|
||||
privateAcr: privateAcr
|
||||
privateAcrUri: privateAcr ? containerRegistry.outputs.acrUri : ''
|
||||
|
|
|
@ -1 +1,5 @@
|
|||
local.settings.json
|
||||
Dockerfile.*
|
||||
.devcontainer
|
||||
*.example
|
||||
.gitignore
|
||||
|
|
|
@ -0,0 +1,29 @@
|
|||
ARG BASE_IMAGE=python:3.9-slim
|
||||
FROM $BASE_IMAGE
|
||||
|
||||
ARG PORT=80
|
||||
|
||||
# Set Environment Variable
|
||||
ENV PORT=${PORT}
|
||||
|
||||
# Set the Working Directory
|
||||
WORKDIR /ipam
|
||||
|
||||
# Copy Requirements File
|
||||
ADD ./requirements.txt .
|
||||
|
||||
# Install Dependencies
|
||||
RUN pip install --no-cache-dir --upgrade -r ./requirements.txt --progress-bar off
|
||||
|
||||
# Copy Application Scripts & Sources
|
||||
ADD ./app ./app
|
||||
ADD ./init.sh .
|
||||
|
||||
# Set Script Execute Permissions
|
||||
RUN chmod +x init.sh
|
||||
|
||||
# Expose Port
|
||||
EXPOSE $PORT
|
||||
|
||||
# Execute Startup Script
|
||||
ENTRYPOINT ./init.sh ${PORT}
|
|
@ -1,13 +0,0 @@
|
|||
FROM python:3.9-slim
|
||||
|
||||
WORKDIR /code
|
||||
|
||||
COPY ./requirements.txt /code/requirements.txt
|
||||
|
||||
RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt --progress-bar off
|
||||
|
||||
COPY ./app /code/app
|
||||
|
||||
EXPOSE 80
|
||||
|
||||
CMD uvicorn "app.main:app" --reload --host "0.0.0.0" --port 80
|
|
@ -1,26 +1,33 @@
|
|||
ARG BASE_IMAGE=python:3.9-slim
|
||||
ARG BASE_IMAGE=registry.access.redhat.com/ubi8/python-39
|
||||
FROM $BASE_IMAGE
|
||||
|
||||
ARG PORT=80
|
||||
ARG PORT=8080
|
||||
|
||||
# Set Environment Variable
|
||||
ENV PORT=${PORT}
|
||||
|
||||
# Set the Working Directory
|
||||
WORKDIR /ipam
|
||||
|
||||
# Switch to Root User
|
||||
USER root
|
||||
|
||||
# Copy Requirements File
|
||||
ADD ./requirements.txt $HOME
|
||||
ADD ./requirements.txt /ipam
|
||||
|
||||
# Install Dependencies
|
||||
RUN pip install --no-cache-dir --upgrade -r ./requirements.txt --progress-bar off
|
||||
|
||||
# Copy Application Scripts & Sources
|
||||
ADD ./init.sh $HOME
|
||||
ADD ./app $HOME/app
|
||||
|
||||
# Switch to Root User
|
||||
USER root
|
||||
ADD ./app ./app
|
||||
ADD ./init.sh .
|
||||
|
||||
# Set Script Execute Permissions
|
||||
RUN chmod +x init.sh
|
||||
RUN chown -R 1001:0 /ipam
|
||||
|
||||
# Switch to Standard User
|
||||
USER 1001
|
||||
|
||||
# Expose Port
|
||||
EXPOSE $PORT
|
||||
|
|
|
@ -5,7 +5,7 @@ FROM $BASE_IMAGE
|
|||
RUN ln -sf /dev/stdout /var/log/nginx/access.log
|
||||
RUN ln -sf /dev/stderr /var/log/nginx/error.log
|
||||
|
||||
COPY default.dev.conf /etc/nginx/nginx.conf
|
||||
COPY nginx.conf /etc/nginx/nginx.conf
|
||||
|
||||
# Run script uses standard ways to run the application
|
||||
CMD nginx -g "daemon off;"
|
||||
|
|
|
@ -4,13 +4,13 @@ http {
|
|||
# include /etc/nginx/conf.d/*.conf;
|
||||
|
||||
upstream ui {
|
||||
server ipam-ui-dev;
|
||||
server ipam-ui-dev:8080 backup;
|
||||
server ipam-ui;
|
||||
server ipam-ui:8080 backup;
|
||||
}
|
||||
|
||||
upstream engine {
|
||||
server ipam-engine-dev;
|
||||
server ipam-engine-dev:8080 backup;
|
||||
server ipam-engine;
|
||||
server ipam-engine:8080 backup;
|
||||
}
|
||||
|
||||
server {
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
node_modules
|
||||
build
|
||||
.dockerignore
|
||||
Dockerfile
|
||||
Dockerfile.prod
|
||||
Dockerfile.*
|
||||
*.example
|
||||
.gitignore
|
||||
|
|
|
@ -0,0 +1,29 @@
|
|||
ARG BASE_IMAGE=node:16-slim
|
||||
FROM $BASE_IMAGE
|
||||
|
||||
ARG PORT=80
|
||||
|
||||
# Set Environment Variable
|
||||
ENV PORT=${PORT}
|
||||
|
||||
# Set the Working Directory
|
||||
WORKDIR /ipam
|
||||
|
||||
# Add Application Sources
|
||||
ADD . .
|
||||
|
||||
# Install Dependencies
|
||||
RUN npm install
|
||||
|
||||
# Build Application
|
||||
RUN npm run build
|
||||
|
||||
# Set Script Execute Permissions
|
||||
RUN chmod +x init.sh
|
||||
RUN rm -rf src
|
||||
|
||||
# Expose Port
|
||||
EXPOSE $PORT
|
||||
|
||||
# Execute Startup Script
|
||||
ENTRYPOINT ./init.sh ${PORT}
|
|
@ -1,26 +0,0 @@
|
|||
FROM node:16-slim
|
||||
|
||||
# Set Working Directory
|
||||
WORKDIR /app
|
||||
|
||||
# Add `/app/node_modules/.bin` to $PATH
|
||||
ENV PATH /app/node_modules/.bin:$PATH
|
||||
|
||||
# Copy Node Package Files
|
||||
COPY package.json ./
|
||||
COPY package-lock.json ./
|
||||
|
||||
# Install Dependencies
|
||||
RUN npm install
|
||||
|
||||
# Copy Application Code
|
||||
COPY . ./
|
||||
|
||||
# Build Application
|
||||
RUN npm run build
|
||||
|
||||
# Expose Port
|
||||
EXPOSE 80
|
||||
|
||||
# Inject ENV Variables & Start Server
|
||||
CMD npx --yes react-inject-env set && npx --yes http-server -a 0.0.0.0 -P http://localhost? -p 80 build
|
|
@ -1,13 +1,19 @@
|
|||
ARG BASE_IMAGE=node:16-slim
|
||||
ARG BASE_IMAGE=registry.access.redhat.com/ubi8/nodejs-16
|
||||
FROM $BASE_IMAGE
|
||||
|
||||
ARG PORT=80
|
||||
ARG PORT=8080
|
||||
|
||||
# Set Environment Variable
|
||||
ENV PORT=${PORT}
|
||||
|
||||
# Set the Working Directory
|
||||
WORKDIR /ipam
|
||||
|
||||
# Switch to Root User
|
||||
USER root
|
||||
|
||||
# Add Application Sources
|
||||
ADD . $HOME
|
||||
ADD . .
|
||||
|
||||
# Install Dependencies
|
||||
RUN npm install
|
||||
|
@ -15,11 +21,13 @@ RUN npm install
|
|||
# Build Application
|
||||
RUN npm run build
|
||||
|
||||
# Switch to Root User
|
||||
USER root
|
||||
|
||||
# Set Script Execute Permissions
|
||||
RUN chmod +x init.sh
|
||||
RUN rm -rf src
|
||||
RUN chown -R 1001:0 /ipam
|
||||
|
||||
# Switch to Standard User
|
||||
USER 1001
|
||||
|
||||
# Expose Port
|
||||
EXPOSE $PORT
|
||||
|
|
|
@ -1,24 +0,0 @@
|
|||
# This is a default site configuration which will simply return 404, preventing
|
||||
# chance access to any other virtualhost.
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
# Backend
|
||||
location /api {
|
||||
proxy_pass http://ipam-engine;
|
||||
}
|
||||
|
||||
# Frontend
|
||||
location / {
|
||||
root /usr/share/nginx/html;
|
||||
index index.html index.htm;
|
||||
try_files $uri /index.html;
|
||||
}
|
||||
|
||||
# You may need this to prevent return 404 recursion.
|
||||
location = /404.html {
|
||||
internal;
|
||||
}
|
||||
}
|
Загрузка…
Ссылка в новой задаче