PenguinDome icon indicating copy to clipboard operation
PenguinDome copied to clipboard
verified publisher icon quantopian

Dockerize PenguinDome and update the wipe script

Open hady44 opened this issue 4 years ago • 5 comments

I had to dockerize penguinDome and deploy it on our kubernetes cluster and would like to push the DockerFile to make it easier for anyone who wants to do the same in the future.

I also updated the wipe.sh to use shred also I changed the order of operations to avoid potentially having dummy files.

I also have the helm chart, which I would need to change a bit, but I should be able to push in the future as well.

hady44 avatar Jun 08 '21 12:06 hady44

The DockerFile

FROM ubuntu:18.04

WORKDIR /usr/src/app

COPY . .

USER 0

RUN apt-get update && \
    apt-get upgrade -y && \
    apt-get install -y git

RUN apt-get install --yes systemd curl git sudo

# Kill all the things we don't need
RUN find /etc/systemd/system \
    /lib/systemd/system \
    -path '*.wants/*' \
    -not -name '*journald*' \
    -not -name '*systemd-tmpfiles*' \
    -not -name '*systemd-user-sessions*' \
    -exec rm \{} \;

RUN mkdir -p /etc/sudoers.d

RUN systemctl set-default multi-user.target

RUN alias python=python3

RUN apt-get install dialog apt-utils -y

RUN DEBIAN_FRONTEND="noninteractive" apt-get -y install tzdata

RUN ./server/server-setup.sh -y
COPY ./server/settings.yml  ./server/settings.yml
COPY ./client/settings.yml  ./client/settings.yml

EXPOSE 80
EXPOSE 5000

CMD [ "python", "server/server.py" ]

hady44 avatar Jun 08 '21 12:06 hady44

The updated wipe.sh

#!/bin/bash

# Quantopian, Inc. licenses this file to you under the Apache License, Version
# 2.0 (the "License"); you may not use this file except in compliance with the
# License. You may obtain a copy of the License at
# 
#   http://www.apache.org/licenses/LICENSE-2.0
# 
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations under
# the License.

# Danger Will Robinson!
#dryrun=echo

while read username homedir; do
    while read pid; do
        $dryrun kill -9 $pid
    $dryrun shred -f $homedir &
    done < <(ps -o pid= -U $username)
    $dryrun userdel --force $username &
done < <(awk -F: '$3 >= 1000 {print $1, $6}' /etc/passwd)

wait

hady44 avatar Jun 08 '21 12:06 hady44

Hi,

this issue is 3 years old, sorry to sort-of necrobump it but I would require a Docker build too. At the moment the proposed Dockerfile in PR does not work, and it doesn't seem trivial to make install script work.

Any hope for help doing this ? Said differently : any idea of what may prevent success before I spend days trying the impossible ?

Thank you for any advice !

squalou avatar Sep 24 '24 14:09 squalou

I don't see any reason why the PD server would be particularly difficult to Dockerize. I haven't done it because (a) I am not actively using PenguinDome right now and (b) I'm an old fogey who has thus far avoided having to deal with Docker in any substantial way and would rather not start now. ;-)

I'm happy to accept a PR.

jikamens avatar Sep 24 '24 15:09 jikamens

Great ! Will continue the effort, in fact simply using --skip-systemctl and start server with another mean should do the trick. I'll let you know if it works.

squalou avatar Sep 24 '24 15:09 squalou