Home > Blockchain >  Bazel docker container image not copying file
Bazel docker container image not copying file

Time:10-27

I'm trying to emulate theRUN step you would fine in a docker file shown below in the Bazel docker container image rule but since the container_image rule does not have a copy function I'm trying to use what is available.

RUN GRPC_HEALTH_PROBE_VERSION=v0.3.1 && \
    wget -qO/bin/grpc_health_probe https://github.com/grpc-ecosystem/grpc-health-probe/releases/download/${GRPC_HEALTH_PROBE_VERSION}/grpc_health_probe-linux-amd64 && \
    chmod  x /bin/grpc_health_probe

  go_image(
      name = "go_auth_image",
      embed = [":go-auth_lib"],
      visibility = ["//visibility:public"],
  )

  container_image(
      name = "go_auth_api",
      visibility = ["//visibility:public"],
      base = ":go_auth_image",
      ports = ["5001", "5002"],
      files = ["grpc_health_probe-linux-amd64"],
      symlinks = {
          "grpc_health_prob-linux-amd64": "/bin/grpc_health_probe",
      },
      cmd = [
          "apk add --no-cache git",
          "chmod  x /bin/grpc_health_probe",
      ],
  )

note: file_map does not seem to be a parameter for container_image

When I deploy this image to k8s the the image runs fine but the when describing the pod the liveness probe (described below) fails.

          livenessProbe:
            exec:
              command: ["/bin/grpc_health_probe", "-addr=:5002"]
            initialDelaySeconds: 5
            periodSeconds: 30
            timeoutSeconds: 2
            successThreshold: 1
            failureThreshold: 3

  Warning  Unhealthy  6m42s                  kubelet            Liveness probe errored: rpc error: code = Unknown desc = failed to exec in container: failed to start exec "b6c89b7ec907e572f80be59e8d4b5cad6535a3479d67a3563a09e0d1d2f7ca03": OCI runtime exec failed: exec failed: container_linux.go:370: starting container process caused: exec: "/bin/grpc_health_probe": stat /bin/grpc_health_probe: no such file or directory: unknown

What is the correct way to setup this probe with Bazel (I've confirmed this works with a Dockerfile setup)

CodePudding user response:

container_run_and_commit is the closest equivalent to RUN. Something like this is the direct equivalent:

load("@io_bazel_rules_docker//docker/util:run.bzl", "container_run_and_commit")

GRPC_HEALTH_PROBE_VERSION = "v0.3.1"

container_run_and_commit(
    name = "install_stuff",
    image = ":go_auth_image.tar",
    commands = [
        "wget -qO/bin/grpc_health_probe https://github.com/grpc-ecosystem/grpc-health-probe/releases/download/%s/grpc_health_probe-linux-amd64" % GRPC_HEALTH_PROBE_VERSION,
        "chmod  x /bin/grpc_health_probe",
    ],
)


container_image(
    name = "go_auth_api",
    visibility = ["//visibility:public"],
    base = ":install_stuff",
    ... # everything else you're doing with container_image
)

It runs the commands a builds a new image, and then uses container_image to add things to the result.

However, doing more of the build with bazel will make better use of bazel's cache and be more reproducible. I think that's what you're doing with the grpc_health_probe-linux-amd64 source file. That approach looks something like this:

load("@io_bazel_rules_docker//docker/util:run.bzl", "container_run_and_commit")

container_image(
    name = "add_stuff",
    base = ":go_auth_image",
    ports = ["5001", "5002"],
    files = ["grpc_health_probe-linux-amd64"],
    symlinks = {
        "grpc_health_prob-linux-amd64": "/bin/grpc_health_probe",
    },
)

container_run_and_commit(
    name = "go_auth_api",
    visibility = ["//visibility:public"],
    image = ":add_stuff.tar",
    commands = [
        "apk add --no-cache git",
        "chmod  x /bin/grpc_health_probe",
    ],
)

That uses container_image to add things first, and then runs the commands afterwards.

Also, instead of running chmod x, you can use pkg_tar to package the file symlink (it has a symlinks attribute just like container_image), and then set mode = 0755. container_image.tars will take the tar file and add it to the image. In general, pkg_tar gives a lot of flexibility for building up files, and container_image takes a subset of its functionality directly for simple use cases.

container_image.cmd is the equivalent of CMD in a Dockerfile. It's just setting the information when the container is used, not doing anything while building it. I don't think you want to use it at all for this.

CodePudding user response:

Thanks to @Brian-Silverman help I was able to triage all my issues and landed with this solution.

  go_image(
      name = "go_auth_image",
      embed = [":go-auth_lib"],
      visibility = ["//visibility:public"],
  )

  GRPC_HEALTH_PROBE_VERSION = "v0.4.5"


  container_run_and_commit_layer(
      name = "health_probe",
      image = "@grpc_health_image//image",
      commands = [
          "apk add --no-cache git",
          "wget -qO/bin/grpc_health_probe https://github.com/grpc-ecosystem/grpc-health-probe/releases/download/%s/grpc_health_probe-linux-amd64" % GRPC_HEALTH_PROBE_VERSION,
          "chmod  x /bin/grpc_health_probe",
      ],
  )

  container_image(
      name = "go_auth_api",
      base = ":go_auth_image",
      layers = [":health_probe",],
      visibility = ["//visibility:public"],
      ports = ["5001"],
  )

Page link:https//www.codepudding.com/Blockchain/167685.html

Prev:Kubernetes: Cannot VolumeMount emptydir within init container
Next:Exclude Kubernetes namespaces from prometheus scrapping
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding