Docker image?
emcniece opened this issue · comments
Any interest in a PR to Dockerize this?
Sure thing! I created one: https://hub.docker.com/r/adamdecaf/vault-backend-migrator/
This is rad, thank you for publishing. I'm curious about your opinion on my next step...
I want to add this to a stack and have it export on a cron job. There are 2 quick/easy options: write to crontab, or define this image as a run-once container and hit my Rancher API to restart it on a schedule.
I'd prefer a cron job, but that requires crond in foreground. This image is beautifully small, but it doesn't contain /bin/sh or a package manager or crond, and my quick searching is not turning up results on how to add these things to the scratch image.
Questions:
- Would you consider publishing the binaries in the releases so that others can download them into their own containers?
- Would you consider building & tagging a
0.1.1-alpineimage in Docker Hub? - Would you prefer the community bugger off and compile their own code if they're so picky about everything?
I'm quite happy to test and PR an alpine Dockerfile if you like!
Can you have docker run ... -export secret/ be the cron job? I'd be fine switching this to alpine, but I've never needed cron inside a container.
I'm quite happy to test and PR an alpine Dockerfile if you like!
I should probably add an automated test to this project.. I wrote this a while ago.
I created an integration test: https://github.com/adamdecaf/vault-backend-migrator/blob/master/it/integration_test.go
PR's will build and run tests. Example: #2
Edit: travis-ci is having problems right now, so it may be a while.
Setting docker run as the cron job is quite valid and very feasible. However, in the quest for endless infrastructure-as-code I prefer to embed state and intent inside containers instead of on the host OS in an effort to make applications more portable and less host-reliant. The host instances I run have minimal configuration and state, which increases portability and make scaling easier.
A second container could do the cron tasking and volume the /var/run/docker.sock into itself to execute the docker run command on the host, but this is a lot of baggage for what could be clearly declared within a single container.
The containers I run cron tasks inside are still devoted to a single operation - cron runs in the foreground, and prints the job results to stdout. Should a job crash, the container exits and restarts. Watching for Docker events and container log output makes it easy to monitor performance across a collection of servers.
Alpine Linux makes cron easy by providing several directories like /etc/periodic/15min and /etc/periodic/daily and running executable binaries/scripts in these directories when needed. An example Alpine Dockerfile might look like so:
FROM alpine:3.6
RUN wget https://github.com/adamdecaf/vault-backend-migrator/archive/vault-backend-migrator-0.1.1 -O /etc/periodic/daily/ \
&& chmod a+x /etc/periodic/daily/vault-backend-migrator-0.1.1
CMD /usr/sbin/crond -f -l 8
To be clear, I see no reason to remove the FROM scratch image that you have already published. I'm just looking for a convenient way to get more OS features (sh, cron) without having to build this locally :)
Integration test looks good btw, I was surprised to see that Travis has services: [docker] available, very cool.
Alright. I've created a 0.1.2-dev release. The hashicorp/vault library isn't vendored so I'm doing that before releasing 0.2.0.
https://github.com/adamdecaf/vault-backend-migrator/releases/tag/0.1.2-dev
Fantastic! Thank you so much for the blazing fast updates.
I can't run docker pull adamdecaf/vault-backend-migrator on README example
It shows
Using default tag: latest
Error response from daemon: manifest for adamdecaf/vault-backend-migrator:latest not found: manifest unknown: manifest unknown
only add specific tag can work like docker pull adamdecaf/vault-backend-migrator:0.2.0
I retagged 0.2.0 as latest, so docker pull adamdecaf/vault-backend-migrator:latest should work.