Page MenuHomePhabricator
Create Task
Maniphest T267616

Set up docker-registry and image builder infra in toolsbeta
Open, HighPublic
Actions

Description

For testing and building out the CD pipeline in toolsbeta, we need to have a separate docker-registry and image builder rather than relying on the main Toolforge one.

Details

ProjectBranchLines +/-Subject
operations/puppetproduction+2 -0toolforge harbor: install clients for redis and postgres
operations/puppetproduction+12 -0toolforge harbor: puppetize experimental base server for harbor
Customize query in gerrit

Related Objects
Search...

Event Timeline

Legoktm created this task.Nov 9 2020, 10:31 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 9 2020, 10:31 PM
Legoktm mentioned this in T267618: Request increased quota for toolsbeta Cloud VPS project.Nov 9 2020, 10:55 PM
Legoktm added a subtask: T267618: Request increased quota for toolsbeta Cloud VPS project.Nov 9 2020, 11:05 PM
Stashbot added a comment.Nov 10 2020, 6:27 PM

Mentioned in SAL (#wikimedia-cloud) [2020-11-10T18:27:06Z] <legoktm> creating toolsbeta-docker-imagebuilder-01 (T267616)

Andrew closed subtask T267618: Request increased quota for toolsbeta Cloud VPS project as Resolved.Nov 10 2020, 6:44 PM
Andrew triaged this task as Medium priority.Dec 8 2020, 5:38 PM
Andrew moved this task from Inbox to Doing on the cloud-services-team (Kanban) board.
Legoktm removed Legoktm as the assignee of this task.Mar 8 2021, 11:06 PM
aborrero assigned this task to Bstorm.May 11 2021, 4:45 PM
aborrero moved this task from Doing to Soon! on the cloud-services-team (Kanban) board.
gerritbot added a comment.Jul 23 2021, 8:39 PM

Change 707572 had a related patch set uploaded (by Bstorm; author: Bstorm):

[operations/puppet@production] toolforge harbor: puppetize experimental base server for harbor

https://gerrit.wikimedia.org/r/707572

gerritbot added a project: Patch-For-Review.Jul 23 2021, 8:39 PM

Change 707572 merged by Bstorm:

[operations/puppet@production] toolforge harbor: puppetize experimental base server for harbor

https://gerrit.wikimedia.org/r/707572

Maintenance_bot removed a project: Patch-For-Review.Jul 23 2021, 9:10 PM
Bstorm added a comment.Jul 24 2021, 12:12 AM

Ok, so I have a very nice https://goharbor.io server running in toolsbeta (using independent database auth for testing) https://harbor.toolsbeta.wmflabs.org
It has APIs for adding just about everything and has robot auth, etc. It grant plenty of flexibility for image management (even quotas).

It hooks up to LDAP, but that's not necessarily helpful here. I think to do this right, users need to not have direct push rights. That needs to be handled by another build service. However, with this, that service can easily run in k8s.

Bstorm raised the priority of this task from Medium to High.Wed, Sep 15, 4:25 PM

In order to deploy this to tools soon, I'm proposing replacing tools-docker-registry with harbor running in k8s. However, unless we deploy cinder for k8s, we'll be doing that with NFS storage.

Bstorm added a comment.Thu, Sep 16, 9:01 PM

I've deployed harbor in toolsbeta, however, I want to modify the deployment a bit before replacing docker-registry with it or putting it in tools.

gerritbot added a comment.Tue, Sep 21, 6:05 PM

Change 722664 had a related patch set uploaded (by Bstorm; author: Bstorm):

[operations/puppet@production] toolforge harbor: install clients for redis and postgres

https://gerrit.wikimedia.org/r/722664

gerritbot added a project: Patch-For-Review.Tue, Sep 21, 6:05 PM
gerritbot added a comment.Tue, Sep 21, 6:15 PM

Change 722664 merged by Bstorm:

[operations/puppet@production] toolforge harbor: install clients for redis and postgres

https://gerrit.wikimedia.org/r/722664

Maintenance_bot removed a project: Patch-For-Review.Tue, Sep 21, 7:10 PM
dcaro added a subscriber: dcaro.Wed, Sep 22, 8:16 AM
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL