diff --git a/Dockerfile.web b/Dockerfile.web index d50256b2a..82d688cef 100644 --- a/Dockerfile.web +++ b/Dockerfile.web @@ -71,7 +71,7 @@ RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # Run the tests RUN TEST=true venv/bin/python -m unittest discover -VOLUME ["/conf/stack", "/var/log", "/datastorage", "/tmp"] +VOLUME ["/conf/stack", "/var/log", "/datastorage", "/tmp", "/conf/etcd"] EXPOSE 443 80 diff --git a/buildman/manager/ephemeral.py b/buildman/manager/ephemeral.py index 6abd10a5c..47d2c805f 100644 --- a/buildman/manager/ephemeral.py +++ b/buildman/manager/ephemeral.py @@ -149,11 +149,14 @@ class EphemeralBuilderManager(BaseManager): etcd_host = self._manager_config.get('ETCD_HOST', '127.0.0.1') etcd_port = self._manager_config.get('ETCD_PORT', 2379) + etcd_auth = self._manager_config.get('ETCD_CERT_AND_KEY', None) + etcd_ca_cert = self._manager_config.get('ETCD_CA_CERT', None) logger.debug('Connecting to etcd on %s:%s', etcd_host, etcd_port) worker_threads = self._manager_config.get('ETCD_WORKER_THREADS', 5) self._async_thread_executor = ThreadPoolExecutor(worker_threads) - self._etcd_client = AsyncWrapper(self._etcd_client_klass(host=etcd_host, port=etcd_port), + self._etcd_client = AsyncWrapper(self._etcd_client_klass(host=etcd_host, port=etcd_port, + cert=etcd_auth, ca_cert=etcd_ca_cert), executor=self._async_thread_executor) self._watch_etcd(ETCD_BUILDER_PREFIX, self._handle_builder_expiration) diff --git a/buildman/manager/executor.py b/buildman/manager/executor.py index c122a89fc..786731992 100644 --- a/buildman/manager/executor.py +++ b/buildman/manager/executor.py @@ -53,22 +53,18 @@ class BuilderExecutor(object): return 'ws://{0}:' def generate_cloud_config(self, realm, token, coreos_channel, manager_hostname, - quay_username=None, quay_password=None, etcd_token=None): + quay_username=None, quay_password=None): if quay_username is None: quay_username = self.executor_config['QUAY_USERNAME'] if quay_password is None: quay_password = self.executor_config['QUAY_PASSWORD'] - if etcd_token is None: - etcd_token = self.executor_config['ETCD_DISCOVERY_TOKEN'] - return TEMPLATE.render( realm=realm, token=token, quay_username=quay_username, quay_password=quay_password, - etcd_token=etcd_token, manager_hostname=manager_hostname, coreos_channel=coreos_channel, ) diff --git a/buildman/templates/cloudconfig.yaml b/buildman/templates/cloudconfig.yaml index d6ae3aeca..08ade4340 100644 --- a/buildman/templates/cloudconfig.yaml +++ b/buildman/templates/cloudconfig.yaml @@ -13,12 +13,6 @@ coreos: reboot-strategy: off group: {{ coreos_channel }} - etcd: - discovery: https://discovery.etcd.io/{{ etcd_token }} - # multi-region and multi-cloud deployments need to use $public_ipv4 - addr: $private_ipv4:4001 - peer-addr: $private_ipv4:7001 - units: - name: quay-builder.service command: start diff --git a/requirements-nover.txt b/requirements-nover.txt index d5355522f..6ca062d8c 100644 --- a/requirements-nover.txt +++ b/requirements-nover.txt @@ -40,7 +40,7 @@ git+https://github.com/DevTable/aniso8601-fake.git git+https://github.com/DevTable/anunidecode.git git+https://github.com/DevTable/avatar-generator.git git+https://github.com/DevTable/pygithub.git +git+https://github.com/jplana/python-etcd.git gipc -python-etcd cachetools mock diff --git a/requirements.txt b/requirements.txt index 8fc83d033..75f60302a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -22,6 +22,7 @@ backports.ssl-match-hostname==3.4.0.2 beautifulsoup4==4.3.2 blinker==1.3 boto==2.35.1 +cachetools==1.0.0 docker-py==0.7.1 ecdsa==0.11 futures==2.2.0 @@ -35,6 +36,7 @@ itsdangerous==0.24 jsonschema==2.4.0 marisa-trie==0.7 mixpanel-py==3.2.1 +mock==1.0.1 paramiko==1.15.2 peewee==2.4.5 psycopg2==2.5.4 @@ -61,3 +63,4 @@ git+https://github.com/DevTable/anunidecode.git git+https://github.com/DevTable/avatar-generator.git git+https://github.com/DevTable/pygithub.git git+https://github.com/NateFerrero/oauth2lib.git +git+https://github.com/jplana/python-etcd.git