diff options
| author | juanvallejo <jvallejo@redhat.com> | 2017-07-12 15:18:48 -0400 |
|---|---|---|
| committer | Luke Meyer <lmeyer@redhat.com> | 2017-07-18 14:02:10 -0400 |
| commit | 5497673a7b5a7c07d3e99d77d028447acbdd36a5 (patch) | |
| tree | cfda08c072b85c36570c218e6c2020621f264dba /README_CONTAINER_IMAGE.md | |
| parent | 742203529902ba278c213e326f81f667304b9625 (diff) | |
| download | openshift-5497673a7b5a7c07d3e99d77d028447acbdd36a5.tar.gz openshift-5497673a7b5a7c07d3e99d77d028447acbdd36a5.tar.bz2 openshift-5497673a7b5a7c07d3e99d77d028447acbdd36a5.tar.xz openshift-5497673a7b5a7c07d3e99d77d028447acbdd36a5.zip | |
image builds: remove dependency on playbook2image
We do not need the builder functionality from playbook2image and the
resulting image was overly complicated, so this simply builds on
Centos/RHEL.
Diffstat (limited to 'README_CONTAINER_IMAGE.md')
| -rw-r--r-- | README_CONTAINER_IMAGE.md | 6 |
1 files changed, 1 insertions, 5 deletions
diff --git a/README_CONTAINER_IMAGE.md b/README_CONTAINER_IMAGE.md index cf3b432df..a2151352d 100644 --- a/README_CONTAINER_IMAGE.md +++ b/README_CONTAINER_IMAGE.md @@ -1,6 +1,6 @@ # Containerized openshift-ansible to run playbooks -The [Dockerfile](images/installer/Dockerfile) in this repository uses the [playbook2image](https://github.com/openshift/playbook2image) source-to-image base image to containerize `openshift-ansible`. The resulting image can run any of the provided playbooks. See [BUILD.md](BUILD.md) for image build instructions. +The [Dockerfile](images/installer/Dockerfile) in this repository can be used to build a containerized `openshift-ansible`. The resulting image can run any of the provided playbooks. See [BUILD.md](BUILD.md) for image build instructions. The image is designed to **run as a non-root user**. The container's UID is mapped to the username `default` at runtime. Therefore, the container's environment reflects that user's settings, and the configuration should match that. For example `$HOME` is `/opt/app-root/src`, so ssh keys are expected to be under `/opt/app-root/src/.ssh`. If you ran a container as `root` you would have to adjust the container's configuration accordingly, e.g. by placing ssh keys under `/root/.ssh` instead. Nevertheless, the expectation is that containers will be run as non-root; for example, this container image can be run inside OpenShift under the default `restricted` [security context constraint](https://docs.openshift.org/latest/architecture/additional_concepts/authorization.html#security-context-constraints). @@ -14,8 +14,6 @@ This provides consistency with other images used by the platform and it's also a ## Usage -The `playbook2image` base image provides several options to control the behaviour of the containers. For more details on these options see the [playbook2image](https://github.com/openshift/playbook2image) documentation. - At the very least, when running a container you must specify: 1. An **inventory**. This can be a location inside the container (possibly mounted as a volume) with a path referenced via the `INVENTORY_FILE` environment variable. Alternatively you can serve the inventory file from a web server and use the `INVENTORY_URL` environment variable to fetch it, or `DYNAMIC_SCRIPT_URL` to download a script that provides a dynamic inventory. @@ -52,8 +50,6 @@ Here is a detailed explanation of the options used in the command above: Further usage examples are available in the [examples directory](examples/) with samples of how to use the image from within OpenShift. -Additional usage information for images built from `playbook2image` like this one can be found in the [playbook2image examples](https://github.com/openshift/playbook2image/tree/master/examples). - ## Running openshift-ansible as a System Container Building the System Container: See the [BUILD.md](BUILD.md). |