up: snowflake to deal with registry storage permissions on remote host

cucushift · Apr 30, 2018 · 7195cc9 · 7195cc9
1 parent e17c1c2
commit 7195cc9
Showing 1 changed file with 33 additions and 4 deletions.
diff --git a/pkg/oc/bootstrap/clusteradd/components/registry/registry_install.go b/pkg/oc/bootstrap/clusteradd/components/registry/registry_install.go
@@ -5,15 +5,18 @@ import (
 	"os"
 	"path"
 
+	"github.com/golang/glog"
+
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/client-go/kubernetes"
+
 	"github.com/openshift/origin/pkg/oc/bootstrap/clusteradd/componentinstall"
 	"github.com/openshift/origin/pkg/oc/bootstrap/clusterup/kubeapiserver"
 	"github.com/openshift/origin/pkg/oc/bootstrap/docker/dockerhelper"
 	"github.com/openshift/origin/pkg/oc/bootstrap/docker/host"
 	"github.com/openshift/origin/pkg/oc/bootstrap/docker/run"
 	"github.com/openshift/origin/pkg/oc/errors"
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/client-go/kubernetes"
 )
 
 const (
@@ -31,6 +34,24 @@ func (r *RegistryComponentOptions) Name() string {
 	return "openshift-image-registry"
 }
 
+// ensureRemoteRegistryStoragePermissions ensures the remote host directory for registry storage have write access permissions
+// so the registry can successfully write data into it.
+// TODO: This is a remote docker snowflake
+func (r *RegistryComponentOptions) ensureRemoteRegistryStoragePermissions(dir string, dockerClient dockerhelper.Interface) error {
+	glog.V(5).Infof("Ensuring the write permissions in remote directory %s", dir)
+	_, rc, err := run.NewRunHelper(dockerhelper.NewHelper(dockerClient)).New().
+		Image(r.InstallContext.ClientImage()).
+		DiscardContainer().
+		Privileged().
+		Bind(fmt.Sprintf("%s:/pv", dir)).
+		Entrypoint("/bin/bash").
+		Command("-c", "mkdir -p /pv/registry && chmod 0777 /pv/registry").Run()
+	if rc != 0 {
+		return fmt.Errorf("command returning non-zero exit code: %d", rc)
+	}
+	return err
+}
+
 func (r *RegistryComponentOptions) Install(dockerClient dockerhelper.Interface, logdir string) error {
 	kubeAdminClient, err := kubernetes.NewForConfig(r.InstallContext.ClusterAdminClientConfig())
 	if err != nil {
@@ -55,6 +76,14 @@ func (r *RegistryComponentOptions) Install(dockerClient dockerhelper.Interface,
 	if len(os.Getenv("DOCKER_HOST")) > 0 {
 		baseDir = path.Join(host.RemoteHostOriginDir, r.InstallContext.BaseDir())
 	}
+	registryStorageDir := path.Join(baseDir, "openshift.local.pv", "registry")
+
+	// If docker is on remote host, ensure the permissions for registry
+	if len(os.Getenv("DOCKER_HOST")) > 0 {
+		if err := r.ensureRemoteRegistryStoragePermissions(registryStorageDir, dockerClient); err != nil {
+			return errors.NewError("error ensuring remote host registry directory permissions").WithCause(err)
+		}
+	}
 
 	masterConfigDir := path.Join(baseDir, kubeapiserver.KubeAPIServerDirName)
 	flags := []string{
@@ -67,7 +96,7 @@ func (r *RegistryComponentOptions) Install(dockerClient dockerhelper.Interface,
 		fmt.Sprintf("--cluster-ip=%s", RegistryServiceClusterIP),
 		fmt.Sprintf("--config=%s", path.Join(masterConfigDir, "admin.kubeconfig")),
 		fmt.Sprintf("--images=%s", r.InstallContext.ImageFormat()),
-		fmt.Sprintf("--mount-host=%s", path.Join(baseDir, "openshift.local.pv", "registry")),
+		fmt.Sprintf("--mount-host=%s", registryStorageDir),
 	}
 	_, rc, err := imageRunHelper.Image(r.InstallContext.ClientImage()).
 		Privileged().