def test_private_repository_mesos_app():
"""Deploys an app with a private Docker image, using Mesos containerizer."""
if not common.is_enterprise_cli_package_installed():
common.install_enterprise_cli_package()
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
secret_name = "pullConfig"
secret_value_json = common.create_docker_pull_config_json(
username, password)
secret_value = json.dumps(secret_value_json)
app_def = apps.private_ucr_docker_app()
# Here we're starting an nignx server in a container. In a strict mode however
# all tasks are started as user `nobody` and `nobody` doesn't have permissions
# to write to /var/log within the container. To avoid this we override the cmd
# with a simple `sleep`. This is a hacky workaround but the test is still valid
# since we're testing `pullConfig` feature.
if shakedown.ee_version() == 'strict':
app_def['cmd'] = 'sleep 10000000'
common.create_secret(secret_name, secret_value)
client = marathon.create_client()
try:
client.add_app(app_def)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
finally:
common.delete_secret(secret_name)
def test_private_repository_mesos_app():
""" Test private docker registry with mesos containerizer using "config" container's image field."""
requires_marathon_version("1.5")
if not common.is_enterprise_cli_package_installed():
common.install_enterprise_cli_package()
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
secret_name = "dockerPullConfig"
secret_value_json = common.create_docker_pull_config_json(username, password)
secret_value = json.dumps(secret_value_json)
client = marathon.create_client()
common.create_secret(secret_name, secret_value)
try:
app_def = common.private_mesos_container_app(secret_name)
client.add_app(app_def)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
finally:
common.delete_secret(secret_name)
def test_private_repository_mesos_app():
"""Deploys an app with a private Docker image, using Mesos containerizer.
It relies on the global `install_enterprise_cli` fixture to install the
enterprise-cli-package.
"""
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
secret_name = "pullconfig"
secret_value_json = common.create_docker_pull_config_json(
username, password)
secret_value = json.dumps(secret_value_json)
app_def = apps.private_ucr_docker_app()
app_id = app_def["id"]
# In strict mode all tasks are started as user `nobody` by default and `nobody`
# doesn't have permissions to write to /var/log within the container.
if is_strict():
app_def['user'] = '******'
common.add_dcos_marathon_user_acls()
common.create_secret(secret_name, secret_value)
client = marathon.create_client()
try:
client.add_app(app_def)
deployment_wait(service_id=app_id)
common.assert_app_tasks_running(client, app_def)
finally:
common.delete_secret(secret_name)
def test_private_repository_mesos_app():
"""Deploys an app with a private Docker image, using Mesos containerizer.
It relies on the global `install_enterprise_cli` fixture to install the
enterprise-cli-package.
"""
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
secret_name = "pullconfig"
secret_value_json = common.create_docker_pull_config_json(username, password)
secret_value = json.dumps(secret_value_json)
app_def = apps.private_ucr_docker_app()
app_id = app_def["id"]
# In strict mode all tasks are started as user `nobody` by default and `nobody`
# doesn't have permissions to write to /var/log within the container.
if is_strict():
app_def['user'] = '******'
common.add_dcos_marathon_user_acls()
common.create_secret(secret_name, secret_value)
client = marathon.create_client()
try:
client.add_app(app_def)
deployment_wait(service_id=app_id)
common.assert_app_tasks_running(client, app_def)
finally:
common.delete_secret(secret_name)
def test_private_repository_mesos_app():
""" Test private docker registry with mesos containerizer using "config" container's image field."""
# marathon version captured here will work for root and mom
requires_marathon_version('1.5')
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
secret_name = "dockerPullConfig"
secret_value_json = common.create_docker_pull_config_json(
username, password)
import json
secret_value = json.dumps(secret_value_json)
client = marathon.create_client()
common.create_secret(secret_name, secret_value)
try:
app_def = common.private_mesos_container_app(secret_name)
client.add_app(app_def)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
finally:
common.delete_secret(secret_name)
def test_private_repository_mesos_app():
"""Deploys an app with a private Docker image, using Mesos containerizer."""
if not common.is_enterprise_cli_package_installed():
common.install_enterprise_cli_package()
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
secret_name = "pullConfig"
secret_value_json = common.create_docker_pull_config_json(username, password)
secret_value = json.dumps(secret_value_json)
app_def = apps.private_ucr_docker_app()
# In strict mode all tasks are started as user `nobody` by default and `nobody`
# doesn't have permissions to write to /var/log within the container.
if shakedown.ee_version() == 'strict':
app_def['user'] = '******'
common.add_dcos_marathon_root_user_acls()
common.create_secret(secret_name, secret_value)
client = marathon.create_client()
try:
client.add_app(app_def)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
finally:
common.delete_secret(secret_name)
def test_external_volume():
volume_name = "marathon-si-test-vol-{}".format(uuid.uuid4().hex)
app_def = apps.external_volume_mesos_app()
app_def["container"]["volumes"][0]["external"]["name"] = volume_name
app_id = app_def['id']
# Tested with root marathon since MoM doesn't have
# --enable_features external_volumes option activated.
# First deployment should create the volume since it has a unique name
try:
print('INFO: Deploying {} with external volume {}'.format(app_id, volume_name))
client = marathon.create_client()
client.add_app(app_def)
deployment_wait(service_id=app_id)
# Create the app: the volume should be successfully created
common.assert_app_tasks_running(client, app_def)
common.assert_app_tasks_healthy(client, app_def)
# Scale down to 0
print('INFO: Scaling {} to 0 instances'.format(app_id))
client.stop_app(app_id)
deployment_wait(service_id=app_id)
# Scale up again: the volume should be successfully reused
print('INFO: Scaling {} back to 1 instance'.format(app_id))
client.scale_app(app_id, 1)
deployment_wait(service_id=app_id)
common.assert_app_tasks_running(client, app_def)
common.assert_app_tasks_healthy(client, app_def)
# Remove the app to be able to remove the volume
print('INFO: Finally removing {}'.format(app_id))
client.remove_app(app_id)
deployment_wait(service_id=app_id)
except Exception as e:
print('Fail to test external volumes: {}'.format(e))
raise e
finally:
# Clean up after the test: external volumes are not destroyed by marathon or dcos
# and have to be cleaned manually.
cmd = 'sudo /opt/mesosphere/bin/dvdcli remove --volumedriver=rexray --volumename={}'.format(volume_name)
removed = False
for agent in get_private_agents():
status, output = run_command_on_agent(agent, cmd) # NOQA
print('DEBUG: Failed to remove external volume with name={} on agent={}: {}'.format(
volume_name, agent, output))
if status:
removed = True
# Note: Removing the volume might fail sometimes because EC2 takes some time (~10min) to recognize that
# the volume is not in use anymore hence preventing it's removal. This is a known pitfall: we log the error
# and the volume should be cleaned up manually later.
if not removed:
print('WARNING: Failed to remove external volume with name={}'.format(volume_name))
else:
print('DEBUG: External volume with name={} successfully removed'.format(volume_name))
def test_external_volume():
volume_name = "marathon-si-test-vol-{}".format(uuid.uuid4().hex)
app_def = apps.external_volume_mesos_app()
app_def["container"]["volumes"][0]["external"]["name"] = volume_name
app_id = app_def['id']
# Tested with root marathon since MoM doesn't have
# --enable_features external_volumes option activated.
# First deployment should create the volume since it has a unique name
try:
print('INFO: Deploying {} with external volume {}'.format(app_id, volume_name))
client = marathon.create_client()
client.add_app(app_def)
deployment_wait(service_id=app_id)
# Create the app: the volume should be successfully created
common.assert_app_tasks_running(client, app_def)
common.assert_app_tasks_healthy(client, app_def)
# Scale down to 0
print('INFO: Scaling {} to 0 instances'.format(app_id))
client.stop_app(app_id)
deployment_wait(service_id=app_id)
# Scale up again: the volume should be successfully reused
print('INFO: Scaling {} back to 1 instance'.format(app_id))
client.scale_app(app_id, 1)
deployment_wait(service_id=app_id)
common.assert_app_tasks_running(client, app_def)
common.assert_app_tasks_healthy(client, app_def)
# Remove the app to be able to remove the volume
print('INFO: Finally removing {}'.format(app_id))
client.remove_app(app_id)
deployment_wait(service_id=app_id)
except Exception as e:
print('Fail to test external volumes: {}'.format(e))
raise e
finally:
# Clean up after the test: external volumes are not destroyed by marathon or dcos
# and have to be cleaned manually.
cmd = 'sudo /opt/mesosphere/bin/dvdcli remove --volumedriver=rexray --volumename={}'.format(volume_name)
removed = False
for agent in get_private_agents():
status, output = run_command_on_agent(agent, cmd) # NOQA
print('DEBUG: Failed to remove external volume with name={} on agent={}: {}'.format(
volume_name, agent, output))
if status:
removed = True
# Note: Removing the volume might fail sometimes because EC2 takes some time (~10min) to recognize that
# the volume is not in use anymore hence preventing it's removal. This is a known pitfall: we log the error
# and the volume should be cleaned up manually later.
if not removed:
print('WARNING: Failed to remove external volume with name={}'.format(volume_name))
else:
print('DEBUG: External volume with name={} successfully removed'.format(volume_name))
def test_private_repository_docker_app():
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
agents = shakedown.get_private_agents()
common.create_docker_credentials_file(username, password)
common.copy_docker_credentials_file(agents)
app_def = apps.private_docker_app()
client = marathon.create_client()
client.add_app(app_def)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
def test_private_repository_docker_app():
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
agents = shakedown.get_private_agents()
common.create_docker_credentials_file(username, password)
common.copy_docker_credentials_file(agents)
app_def = apps.private_docker_app()
client = marathon.create_client()
client.add_app(app_def)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
def test_external_volume():
volume_name = "marathon-si-test-vol-{}".format(uuid.uuid4().hex)
app_def = common.external_volume_mesos_app(volume_name)
app_id = app_def['id']
# Tested with root marathon since MoM doesn't have
# --enable_features external_volumes option activated.
# First deployment should create the volume since it has a unique name
try:
client = marathon.create_client()
client.add_app(app_def)
shakedown.deployment_wait()
# Create the app: the volume should be successfully created
common.assert_app_tasks_running(client, app_def)
common.assert_app_tasks_healthy(client, app_def)
# Scale down to 0
client.stop_app(app_id)
shakedown.deployment_wait()
# Scale up again: the volume should be successfully reused
client.scale_app(app_id, 1)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
common.assert_app_tasks_healthy(client, app_def)
# Remove the app to be able to remove the volume
client.remove_app(app_id)
shakedown.deployment_wait()
except Exception as e:
print('Fail to test external volumes: {}'.format(e))
raise e
finally:
# Clean up after the test: external volumes are not destroyed by marathon or dcos
# and have to be cleaned manually.
agent = shakedown.get_private_agents()[0]
result, output = shakedown.run_command_on_agent(
agent,
'sudo /opt/mesosphere/bin/dvdcli remove --volumedriver=rexray --volumename={}'
.format(volume_name)) # NOQA
# Note: Removing the volume might fail sometimes because EC2 takes some time (~10min) to recognize that
# the volume is not in use anymore hence preventing it's removal. This is a known pitfall: we log the error
# and the volume should be cleaned up manually later.
if not result:
print('WARNING: Failed to remove external volume with name={}: {}'.
format(volume_name, output))
def test_private_repository_docker_app():
# Create and copy docker credentials to all private agents
assert 'DOCKER_HUB_USERNAME' in os.environ, "Couldn't find docker hub username. $DOCKER_HUB_USERNAME is not set"
assert 'DOCKER_HUB_PASSWORD' in os.environ, "Couldn't find docker hub password. $DOCKER_HUB_PASSWORD is not set"
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
agents = shakedown.get_private_agents()
common.create_docker_credentials_file(username, password)
common.copy_docker_credentials_file(agents)
client = marathon.create_client()
app_def = common.private_docker_container_app()
client.add_app(app_def)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
def test_private_repository_mesos_app():
""" Test private docker registry with mesos containerizer using "credentials" container field.
Note: Despite of what DC/OS docmentation states this feature is not yet implemented:
https://issues.apache.org/jira/browse/MESOS-7088
"""
client = marathon.create_client()
assert 'DOCKER_HUB_USERNAME' in os.environ, "Couldn't find docker hub username. $DOCKER_HUB_USERNAME is not set"
assert 'DOCKER_HUB_PASSWORD' in os.environ, "Couldn't find docker hub password. $DOCKER_HUB_PASSWORD is not set"
principal = os.environ['DOCKER_HUB_USERNAME']
secret = os.environ['DOCKER_HUB_PASSWORD']
app_def = common.private_mesos_container_app(principal, secret)
client.add_app(app_def)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
def test_external_volume():
volume_name = "marathon-si-test-vol-{}".format(uuid.uuid4().hex)
app_def = common.external_volume_mesos_app(volume_name)
app_id = app_def['id']
# Tested with root marathon since MoM doesn't have
# --enable_features external_volumes option activated.
# First deployment should create the volume since it has a unique name
try:
client = marathon.create_client()
client.add_app(app_def)
shakedown.deployment_wait()
# Create the app: the volume should be successfully created
common.assert_app_tasks_running(client, app_def)
common.assert_app_tasks_healthy(client, app_def)
# Scale down to 0
client.stop_app(app_id)
shakedown.deployment_wait()
# Scale up again: the volume should be successfully reused
client.scale_app(app_id, 1)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
common.assert_app_tasks_healthy(client, app_def)
# Remove the app to be able to remove the volume
client.remove_app(app_id)
shakedown.deployment_wait()
except Exception as e:
print('Fail to test external volumes: {}'.format(e))
raise e
finally:
# Clean up after the test: external volumes are not destroyed by marathon or dcos
# and have to be cleaned manually.
agent = shakedown.get_private_agents()[0]
result, output = shakedown.run_command_on_agent(
agent,
'sudo /opt/mesosphere/bin/dvdcli remove --volumedriver=rexray --volumename={}'
.format(volume_name))
assert result, 'Failed to remove external volume with name={}: {}'.format(
volume_name, output)
def test_external_volume():
volume_name = "marathon-si-test-vol-{}".format(uuid.uuid4().hex)
app_def = common.external_volume_mesos_app(volume_name)
app_id = app_def['id']
# Tested with root marathon since MoM doesn't have
# --enable_features external_volumes option activated.
# First deployment should create the volume since it has a unique name
try:
client = marathon.create_client()
client.add_app(app_def)
shakedown.deployment_wait()
# Create the app: the volume should be successfully created
common.assert_app_tasks_running(client, app_def)
common.assert_app_tasks_healthy(client, app_def)
# Scale down to 0
client.stop_app(app_id)
shakedown.deployment_wait()
# Scale up again: the volume should be successfully reused
client.scale_app(app_id, 1)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
common.assert_app_tasks_healthy(client, app_def)
# Remove the app to be able to remove the volume
client.remove_app(app_id)
shakedown.deployment_wait()
except Exception as e:
print('Fail to test external volumes: {}'.format(e))
raise e
finally:
# Clean up after the test: external volumes are not destroyed by marathon or dcos
# and have to be cleaned manually.
agent = shakedown.get_private_agents()[0]
result, output = shakedown.run_command_on_agent(agent, 'sudo /opt/mesosphere/bin/dvdcli remove --volumedriver=rexray --volumename={}'.format(volume_name)) # NOQA
# Note: Removing the volume might fail sometimes because EC2 takes some time (~10min) to recognize that
# the volume is not in use anymore hence preventing it's removal. This is a known pitfall: we log the error
# and the volume should be cleaned up manually later.
if not result:
print('WARNING: Failed to remove external volume with name={}: {}'.format(volume_name, output))
def test_private_repository_docker_app():
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
agents = get_private_agents()
common.create_docker_credentials_file(username, password)
common.copy_docker_credentials_file(agents)
app_def = apps.private_docker_app()
app_id = app_def["id"]
if ee_version() == 'strict':
app_def['user'] = '******'
common.add_dcos_marathon_user_acls()
client = marathon.create_client()
client.add_app(app_def)
deployment_wait(service_id=app_id)
common.assert_app_tasks_running(client, app_def)
def test_private_repository_docker_app():
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
agents = get_private_agents()
common.create_docker_credentials_file(username, password)
common.copy_docker_credentials_file(agents)
app_def = apps.private_docker_app()
app_id = app_def["id"]
if ee_version() == 'strict':
app_def['user'] = '******'
common.add_dcos_marathon_user_acls()
client = marathon.create_client()
client.add_app(app_def)
deployment_wait(service_id=app_id)
common.assert_app_tasks_running(client, app_def)
def test_private_repository_mesos_app():
""" Test private docker registry with mesos containerizer using "config" container's image field."""
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
secret_name = "dockerPullConfig"
secret_value_json = common.create_docker_pull_config_json(username, password)
import json
secret_value = json.dumps(secret_value_json)
client = marathon.create_client()
common.create_secret(secret_name, secret_value)
try:
app_def = common.private_mesos_container_app(secret_name)
client.add_app(app_def)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
finally:
common.delete_secret(secret_name)
def test_private_repository_mesos_app():
"""Deploys an app with a private Docker image, using Mesos containerizer."""
if not common.is_enterprise_cli_package_installed():
common.install_enterprise_cli_package()
username = os.environ['DOCKER_HUB_USERNAME']
password = os.environ['DOCKER_HUB_PASSWORD']
secret_name = "pullConfig"
secret_value_json = common.create_docker_pull_config_json(username, password)
secret_value = json.dumps(secret_value_json)
app_def = apps.private_ucr_docker_app()
common.create_secret(secret_name, secret_value)
client = marathon.create_client()
try:
client.add_app(app_def)
shakedown.deployment_wait()
common.assert_app_tasks_running(client, app_def)
finally:
common.delete_secret(secret_name)