From 1fa78ca6dabd3db2ec783a30069a2ab8e41ab3e6 Mon Sep 17 00:00:00 2001 From: Mikhail Konyakhin Date: Thu, 26 Dec 2019 17:34:49 +0300 Subject: [PATCH] Add docker container proxy for cache packages of yum, apt and pip repos. --- .travis.yml | 6 +-- tests/Dockerfile.amazonlinux_2-builded | 2 +- tests/Dockerfile.centos_6-builded | 2 +- tests/Dockerfile.centos_7-builded | 2 +- tests/Dockerfile.debian_8-builded | 2 +- tests/Dockerfile.debian_9-builded | 2 +- tests/Dockerfile.ubuntu-upstart_14_04-builded | 7 +++ tests/Dockerfile.ubuntu_16_04-builded | 17 +------ tests/Dockerfile.ubuntu_18_04-builded | 15 +----- tests/files/etc/apt/apt.conf.d/proxy.conf | 3 ++ tests/files/etc/environment | 2 + tests/files/etc/squid/squid.conf | 34 ++++++++++++++ tests/site.yml | 47 +++++++++++++++++++ 13 files changed, 104 insertions(+), 37 deletions(-) create mode 100644 tests/Dockerfile.ubuntu-upstart_14_04-builded create mode 100644 tests/files/etc/apt/apt.conf.d/proxy.conf create mode 100644 tests/files/etc/environment create mode 100644 tests/files/etc/squid/squid.conf diff --git a/.travis.yml b/.travis.yml index 3c2132d..ba31490 100644 --- a/.travis.yml +++ b/.travis.yml @@ -46,17 +46,17 @@ env: DOCKER_PRIVILEGED=true - > DISTRIBUTION=ubuntu-upstart - DIST_VERSION=14.04 + DIST_VERSION=14_04-builded MONGODB_VERSION=4.0 DOCKER_PRIVILEGED=true - > DISTRIBUTION=ubuntu-upstart - DIST_VERSION=14.04 + DIST_VERSION=14_04-builded MONGODB_VERSION=3.6 DOCKER_PRIVILEGED=true - > DISTRIBUTION=ubuntu-upstart - DIST_VERSION=14.04 + DIST_VERSION=14_04-builded MONGODB_VERSION=3.4 DOCKER_PRIVILEGED=true - > diff --git a/tests/Dockerfile.amazonlinux_2-builded b/tests/Dockerfile.amazonlinux_2-builded index eae97dd..8c25c8e 100644 --- a/tests/Dockerfile.amazonlinux_2-builded +++ b/tests/Dockerfile.amazonlinux_2-builded @@ -3,7 +3,7 @@ FROM amazonlinux:2 # This is needed so that ansible managed to read "ansible_default_ipv4" # This step is needed since standard CentOS docker image does not come with i # This package seems to be required for Mongo 3.2 and downwards -RUN yum install iproute initscripts -y +RUN yum install iproute initscripts python-pip python-devel -y # we can has SSH EXPOSE 22 diff --git a/tests/Dockerfile.centos_6-builded b/tests/Dockerfile.centos_6-builded index 9a472b5..2a65657 100644 --- a/tests/Dockerfile.centos_6-builded +++ b/tests/Dockerfile.centos_6-builded @@ -2,7 +2,7 @@ FROM centos:6 # This is needed so that ansible managed to read "ansible_default_ipv4" # This step is needed since standard CentOS docker image does not come with EPEL installed by default -RUN yum install iproute epel-release -y +RUN yum install iproute epel-release python-pip python-devel -y # we can has SSH EXPOSE 22 diff --git a/tests/Dockerfile.centos_7-builded b/tests/Dockerfile.centos_7-builded index f67c6c9..8ab589a 100644 --- a/tests/Dockerfile.centos_7-builded +++ b/tests/Dockerfile.centos_7-builded @@ -2,7 +2,7 @@ FROM centos:7 # This is needed so that ansible managed to read "ansible_default_ipv4" # This step is needed since standard CentOS docker image does not come with EPEL installed by default -RUN yum install iproute epel-release -y +RUN yum install iproute epel-release python-pip python-devel -y # we can has SSH EXPOSE 22 diff --git a/tests/Dockerfile.debian_8-builded b/tests/Dockerfile.debian_8-builded index 4055247..144b1f1 100644 --- a/tests/Dockerfile.debian_8-builded +++ b/tests/Dockerfile.debian_8-builded @@ -3,5 +3,5 @@ FROM debian:8 ARG DEBIAN_FRONTEND=noninteractive RUN apt update && \ - apt install --yes python-minimal && \ + apt install --yes python-minimal python-pip && \ rm /lib/systemd/system/getty@.service diff --git a/tests/Dockerfile.debian_9-builded b/tests/Dockerfile.debian_9-builded index 8397f5c..fb75ce1 100644 --- a/tests/Dockerfile.debian_9-builded +++ b/tests/Dockerfile.debian_9-builded @@ -3,7 +3,7 @@ FROM debian:9 ARG DEBIAN_FRONTEND=noninteractive RUN apt update && \ - apt install --yes python-minimal systemd gnupg + apt install --yes python-minimal systemd gnupg python-pip RUN cd /lib/systemd/system/sysinit.target.wants/ && \ ls | grep -v systemd-tmpfiles-setup.service | xargs rm -f && \ diff --git a/tests/Dockerfile.ubuntu-upstart_14_04-builded b/tests/Dockerfile.ubuntu-upstart_14_04-builded new file mode 100644 index 0000000..7f3f135 --- /dev/null +++ b/tests/Dockerfile.ubuntu-upstart_14_04-builded @@ -0,0 +1,7 @@ +FROM ubuntu-upstart + +ARG DEBIAN_FRONTEND=noninteractive + +RUN apt-get update && \ + apt-get install --yes python-minimal python-pip python-dev iproute2 + diff --git a/tests/Dockerfile.ubuntu_16_04-builded b/tests/Dockerfile.ubuntu_16_04-builded index d61d9cd..ea9038c 100644 --- a/tests/Dockerfile.ubuntu_16_04-builded +++ b/tests/Dockerfile.ubuntu_16_04-builded @@ -3,19 +3,6 @@ FROM ubuntu:16.04 ARG DEBIAN_FRONTEND=noninteractive RUN apt update && \ - apt install --yes python-pip curl jq && \ - pip install apt-select && \ - EXTERNAL_IP=`curl -s https://ipinfo.io/ip` && \ - echo "EXTERNAL_IP is ${EXTERNAL_IP}" && \ - DATA_IP=`curl -s https://json.geoiplookup.io/$EXTERNAL_IP` && \ - echo $DATA_IP && \ - COUNTRY_IP=`echo $DATA_IP | jq '.country_code' | tr -d '"'` && \ - apt-select -C $COUNTRY_IP -t 1 -m one-week-behind && \ - cat sources.list && \ - cp /etc/apt/sources.list /etc/apt/sources.list.backup && \ - mv -f sources.list /etc/apt/ - -RUN apt update && \ - apt install --yes python-minimal iproute2 && \ - rm -f /lib/systemd/system/getty@.service + apt install --yes python-minimal python-pip python-dev iproute2 && \ + rm /lib/systemd/system/getty@.service diff --git a/tests/Dockerfile.ubuntu_18_04-builded b/tests/Dockerfile.ubuntu_18_04-builded index 3c908e2..0c4a18d 100644 --- a/tests/Dockerfile.ubuntu_18_04-builded +++ b/tests/Dockerfile.ubuntu_18_04-builded @@ -3,20 +3,7 @@ FROM ubuntu:18.04 ARG DEBIAN_FRONTEND=noninteractive RUN apt update && \ - apt install --yes python-pip curl jq && \ - pip install apt-select && \ - EXTERNAL_IP=`curl -s https://ipinfo.io/ip` && \ - echo "EXTERNAL_IP is ${EXTERNAL_IP}" && \ - DATA_IP=`curl -s https://json.geoiplookup.io/$EXTERNAL_IP` && \ - echo $DATA_IP && \ - COUNTRY_IP=`echo $DATA_IP | jq '.country_code' | tr -d '"'` && \ - apt-select -C $COUNTRY_IP -t 1 -m one-week-behind && \ - cat sources.list && \ - cp /etc/apt/sources.list /etc/apt/sources.list.backup && \ - mv -f sources.list /etc/apt/ - -RUN apt update && \ - apt install --yes python-minimal systemd gnupg iproute2 + apt install --yes python-minimal python-pip python-dev systemd gnupg iproute2 RUN cd /lib/systemd/system/sysinit.target.wants/ && \ ls | grep -v systemd-tmpfiles-setup.service | xargs rm -f && \ diff --git a/tests/files/etc/apt/apt.conf.d/proxy.conf b/tests/files/etc/apt/apt.conf.d/proxy.conf new file mode 100644 index 0000000..1a3273b --- /dev/null +++ b/tests/files/etc/apt/apt.conf.d/proxy.conf @@ -0,0 +1,3 @@ +Acquire::http::Proxy "http://proxy:3128/"; +Acquire::https::Proxy "http://proxy:3128/"; + diff --git a/tests/files/etc/environment b/tests/files/etc/environment new file mode 100644 index 0000000..d8ef85f --- /dev/null +++ b/tests/files/etc/environment @@ -0,0 +1,2 @@ +PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games" +HTTP_PROXY="http://proxy:3128" diff --git a/tests/files/etc/squid/squid.conf b/tests/files/etc/squid/squid.conf new file mode 100644 index 0000000..66e1616 --- /dev/null +++ b/tests/files/etc/squid/squid.conf @@ -0,0 +1,34 @@ +acl localhost src 127.0.0.1/32 ::1 +acl localnet src 10.0.0.0/8 # RFC1918 possible internal network +acl localnet src 172.16.0.0/12 # RFC1918 possible internal network +acl localnet src 192.168.0.0/16 # RFC1918 possible internal network +acl SSL_ports port 443 +acl Safe_ports port 80 # http +acl Safe_ports port 21 # ftp +acl Safe_ports port 443 # https +acl Safe_ports port 70 # gopher +acl Safe_ports port 210 # wais +acl Safe_ports port 1025-65535 # unregistered ports +acl Safe_ports port 280 # http-mgmt +acl Safe_ports port 488 # gss-http +acl Safe_ports port 591 # filemaker +acl Safe_ports port 777 # multiling http +acl CONNECT method CONNECT +http_access allow manager localhost +http_access deny manager +http_access deny !Safe_ports +http_access deny CONNECT !SSL_ports +http_access allow localnet +http_access allow localhost +http_access deny all +http_port 3128 +maximum_object_size 2048 MB +cache_dir aufs /var/spool/squid 5000 24 256 +coredump_dir /var/spool/squid +refresh_pattern ^ftp: 1440 20% 10080 +refresh_pattern ^gopher: 1440 0% 1440 +refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 +refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 +refresh_pattern . 0 20% 4320 +refresh_all_ims on + diff --git a/tests/site.yml b/tests/site.yml index a1b624f..9a27506 100644 --- a/tests/site.yml +++ b/tests/site.yml @@ -5,6 +5,29 @@ become: no gather_facts: no tasks: + - name: Copy environmnet file + copy: + src: etc/environment + dest: /tmp/environment + - name: Copy Squid config + copy: + src: etc/squid/squid.conf + dest: /tmp/squid.conf + - name: Create a network + docker_network: + name: MongoDBTestingNet + - name: Run Proxy in Docker + docker_container: + name: proxy + image: sameersbn/squid + state: started + volumes: + - /tmp/squid.conf:/etc/squid/squid.conf:ro + networks: + - name: MongoDBTestingNet + aliases: + - proxy + networks_cli_compatible: yes - name: Run MongoDB cluster in Docker docker_container: name: "{{ item }}" @@ -23,11 +46,35 @@ target: /run - type: tmpfs target: /run/lock + volumes: + - /tmp/environment:/etc/environment:ro + networks: + - name: MongoDBTestingNet + aliases: + - "{{ item }}" + networks_cli_compatible: yes with_items: - mongo1 - mongo2 - mongo3 +- hosts: mongo + become: no + gather_facts: yes + tasks: + - name: Set proxy for apt + copy: + src: etc/apt/apt.conf.d/proxy.conf + dest: /etc/apt/apt.conf.d/proxy.conf + when: ansible_os_family == "Debian" + - name: Set proxy for yum + ini_file: + path: /etc/yum.conf + section: main + option: proxy + value: http://proxy:3128 + when: ansible_os_family == "RedHat" + - hosts: mongo become: no gather_facts: no