Chapter 2. Source-to-Image (S2I)
2.1. Overview
This topic group includes information on the different S2I (Source-to-Image) supported images available for OpenShift Container Platform users.
2.2. Java
2.2.1. Overview
OpenShift Container Platform provides S2I builder images for building Java applications. These builder images take your application source or binary artifacts, build the source using Maven, if the source was provided, and assemble the artifacts with any required dependencies to create a new, ready-to-run image containing your Java application. This resulting image can be run on OpenShift Container Platform or run directly with Docker.
The builder images are intended for use with Maven-based Java standalone projects that are run via main class.
2.2.2. Versions
The current version of the Java S2I builder images support OpenJDK 1.8 and 11, Jolokia 1.6.2, and Maven 3.6.
2.2.3. Images
The RHEL 7 and RHEL 8 images are available through the Red Hat Registry.
registry.redhat.io requires authentication. For details on how to configure your environment for registry.redhat.io, see Red Hat Container Registry Authentication.
RHEL 7 based images
$ docker pull registry.redhat.io/redhat-openjdk-18/openjdk18-openshift $ docker pull registry.redhat.io/openjdk/openjdk-11-rhel7
RHEL 8 based images
$ docker pull registry.redhat.io/ubi8/openjdk-8 $ docker pull registry.redhat.io/ubi8/openjdk-11
To use these images on OpenShift Container Platform, you can either access them directly from the Red Hat Registry or push them into your OpenShift Container Platform container image registry. Additionally, you can create an image stream that points to the image, either in your container image registry or at the external location. Your OpenShift Container Platform resources can then reference the image stream definition.
2.2.4. Build Process
S2I produces ready-to-run images by injecting source code into a container and letting the container prepare that source code for execution. It performs the following steps:
- Starts a container from the builder image.
- Downloads the application source.
- Streams the scripts and application sources into the builder image container.
- Runs the assemble script (from the builder image).
- Saves the final image.
See S2I Build Process for a detailed overview of the build process.
2.2.5. Configuration
By default, the Java S2I builder image uses Maven to build the project with the following goals and options:
mvn -e -Popenshift -DskipTests -Dcom.redhat.xpaas.repo.redhatga -Dfabric8.skip=true --batch-mode -Djava.net.preferIPv4Stack=true -s /tmp/artifacts/configuration/settings.xml -Dmaven.repo.local=/tmp/artifacts/m2 package
Based on these defaults, the builder image compiles the project and copies all the transitive dependencies into the output directory without running tests. Additionally, if the project has a profile named openshift
, it is activated for the build.
You can override these default goals and options by specifying the following environment variables:
Variable name | Description |
---|---|
|
Relative paths of source directories to scan for build output, which are copied to |
|
A main class to use as the argument for |
|
The arguments that are passed to the |
| Additional Maven arguments. |
This is a selection of the environment variables available for configuring the behavior of the OpenJDK containers. For a comprehensive list, see Section 2.2.9, “Java Environment Variables”.
2.2.6. Building and Deploying Java Applications
The OpenJDK image stream must first be installed. If you ran a standard installation, the image stream will be present.
The same S2I builder image can be used to build a Java application from source or from binary artifacts.
2.2.7. Building and Deploying from Source
The Java S2I builder image can be used to build an application from source by running oc new-app
against a source repository:
$ oc new-app registry.redhat.io/redhat-openjdk-18/openjdk18-openshift~https://github.com/jboss-openshift/openshift-quickstarts --context-dir=undertow-servlet
By default, tests are not run. To build an application and run tests as part of the build, override the default MAVEN_ARGS
, as shown in the following command:
$ oc new-app registry.redhat.io/redhat-openjdk-18/openjdk18-openshift~<git_repo_URL> --context-dir=<context_dir> --build-env='MAVEN_ARGS=-e -Popenshift -Dcom.redhat.xpaas.repo.redhatga package'
If a Java project consists of multiple Maven modules, it can be useful to explicitly specify the artifact output directory. Specifying the directory where the Maven project outputs the artifacts enables the S2I build to pick them up.
To specify the modules to build and the artifact output directory, use the following command:
$ oc new-app registry.redhat.io/redhat-openjdk-18/openjdk18-openshift~<git_repo_URL> --context-dir=<context_dir> --build-env='MAVEN_S2I_ARTIFACT_DIRS=relative/path/to/artifacts/dir' --build-env='MAVEN_ARGS=install -pl <groupId>:<artifactId> -am'
2.2.8. Building and Deploying from Binary Artifacts
You can use the Java S2I builder image to build an application using binary artifacts that you provide.
Create a new binary build:
$ oc new-build --name=<application_name> registry.redhat.io/redhat-openjdk-18/openjdk18-openshift --binary=true
Start a build and specify the path to the binary artifacts on your local machine:
$ oc start-build <application_name> --from-dir=/path/to/artifacts --follow
Create an application:
$ oc new-app <application_name>
2.2.9. Java Environment Variables
The following tables provide a comprehensive list of Java environment variables used for configuring the behavior of the OpenJDK containers.
Variable name | Description | Example value |
---|---|---|
|
If set, uses this file, including path, as Jolokia JVM agent properties, as described in the Jolokia reference manual. If not set, the |
|
|
Enable Jolokia discovery. Defaults to |
|
|
Host address to bind to. Defaults to |
|
|
Agent ID to use. Defaults to |
|
| If set, disables activation of Jolokia, for example, echos an empty value. By default, Jolokia is enabled. |
|
|
Additional options to be appended to the agent configuration. They should be given in the format |
|
| Password for basic authentication. By default, authentication is switched off. |
|
|
Port to listen to. Defaults to |
|
|
User for basic authentication. Defaults to |
|
| Enable the use of the Prometheus agent. |
|
| Port to use for the Prometheus JMX Exporter. |
|
| A calculated core limit as described in CFS Bandwidth Control. |
|
| Memory limit given to the container. |
|
| The weighting given to the current GC time versus previous GC times. |
|
|
Specify the Java GC to use. The value of this variable should contain the necessary JRE command-line interface options to specify the required GC, which overrides the default of |
|
| Maximum percentage of heap free after GC to avoid shrinking. |
|
| The maximum metaspace size. |
|
| The initial metaspace size. |
|
| Minimum percentage of heap free after GC to avoid expansion. |
|
| Specifies the ratio of the time spent outside the garbage collection, for example, the time spent for application execution, to the time spent in the garbage collection. |
|
|
The location of the https proxy. This takes precedence over |
|
| The location of the http proxy. This is used for both Maven builds and Java runtime. |
|
| The directory where the application resides. All paths in your application are relative to this directory. |
|
|
Arguments passed to the | - |
|
The classpath to use. If not given, the startup script checks for a file | - |
| If set, remote debugging is switched on. Disabled by default. |
|
|
Port used for remote debugging. Defaults to |
|
| Set this variable to get some diagnostics information to standard output when things are happening. Disabled by default. |
|
|
Used when no |
|
|
Directory holding the Java jar files and an optional | - |
|
A main class to use as the argument for |
|
|
Used when no |
|
|
Used when no | - |
|
JVM options passed to the |
|
|
User specified Java options to be appended to generated options in |
|
|
Set to |
|
|
Arguments to use when calling Maven, replacing the default |
|
| Additional Maven arguments. |
|
|
If set, the Maven repository is removed after the artifact is built. This is useful for keeping the created application image small, but prevents incremental builds. This variable is overridden by | - |
| Directory to use as the local Maven repository. |
|
|
If set, multi-mirror support is enabled, and other |
|
| The base URL of a mirror used for retrieving artifacts. |
|
|
If set, multi-repo support is enabled, and other |
|
|
Relative paths of source directories to scan for build output, which are copied to |
|
|
Space separated list of goals to be run with the maven build. For example, |
|
| Location of custom Maven settings.xml file to use. |
|
| A comma separated list of hosts, IP addresses or domains that can be accessed directly. This is used for both Maven builds and Java runtime. |
|
|
Location mount for artifacts persisted with |
|
|
Root directory for S2I mount, as specified by the |
|
|
Do not remove source and intermediate build files so they can be saved for use with future builds. Defaults to |
|
|
Comma separated list of relative paths in the source directory which should be included in the image. The list can include wildcards, which are expanded using find. By default, the contents of mounted directories are processed similarly to source folders, where the contents of |
|
|
Relative path to directory containing application configuration files to be copied over to the product configuration directory, see |
|
|
Relative path to directory containing application data files to be copied over to the product data directory, see |
|
|
Relative path to directory containing binary files to be copied over to the product deployment directory, see |
|
| Location of mount for source code to be built. This must not be overridden by end users. |
|
|
Absolute path to which files located in |
|
|
Absolute path to which files located in |
|
|
Absolute path to which files located in |
|
|
The location of the http proxy. This takes precedence over |
|
|
The location of the https proxy. This takes precedence over |
|
|
A comma separated list of hosts, IP addresses or domains that can be accessed directly. This takes precedence over |
|
| ID to be used for the specified mirror. If omitted, a unique ID is generated. |
|
|
Repository IDs mirrored by this entry. Defaults to | - |
| The URL of the mirror. |
|
| Maven repository directory permissions. |
|
| Maven repository file permissions. |
|
| Maven repository host, if not using fully defined URL, falls back to service. |
|
| Maven repository ID. |
|
| Maven repository layout. |
|
| Maven repository name. |
|
| Maven repository passphrase. |
|
| Maven repository password. |
|
| Maven repository path, if not using fully defined URL, falls back to service. |
|
| Maven repository port, if not using fully defined URL, falls back to service. |
|
| Maven repository private key. |
|
| Maven repository protocol, if not using fully defined URL, falls back to service. |
|
| Maven repository releases checksum policy. |
|
| Maven repository releases enabled. |
|
| Maven repository releases update policy. |
|
|
Maven repository service to lookup if |
|
| Maven repository snapshots checksum policy. |
|
| Maven repository snapshots enabled. |
|
| Maven repository snapshots update policy. |
|
| Maven repository fully defined URL. |
|
| Maven repository username. |
|
Variable name | Description | Value |
---|---|---|
|
Switch on client authentication for OpenShift TLS communication. The value of this parameter can be a relative distinguished name which must be contained in a presented client’s certificate. Enabling this parameter automatically switches Jolokia into https communication mode. The default CA cert is set to |
|
|
Switch on secure communication with https. By default, self-signed server certificates are generated if no |
|
|
Determines whether a random |
|
| Path to configuration to use for the Prometheus JMX Exporter. |
|
|
A space separated list of filters to be applied when copying deployments. Defaults to |
|
2.2.10. Additional resources
- Find additional information and examples in the Red Hat JBoss Middleware documentation.
2.3. .NET Core
2.3.1. Benefits of Using .NET Core
.NET Core is a general purpose development platform featuring automatic memory management and modern programming languages. It allows users to build high-quality applications efficiently. .NET Core is available on Red Hat Enterprise Linux (RHEL 7) and OpenShift Container Platform via certified containers. .NET Core offers:
- The ability to follow a microservices-based approach, where some components are built with .NET and others with Java, but all can run on a common, supported platform in Red Hat Enterprise Linux and OpenShift Container Platform.
- The capacity to more easily develop new .NET Core workloads on Windows; customers are able to deploy and run on either Red Hat Enterprise Linux or Windows Server.
- A heterogeneous data center, where the underlying infrastructure is capable of running .NET applications without having to rely solely on Windows Server.
- Access to many of the popular development frameworks such as .NET, Java, Ruby, and Python from within OpenShift Container Platform.
2.3.2. Supported Versions
The .NET Core Life Cycle lists the currently supported versions of .NET Core.
2.3.3. Images
The images are available through the Red Hat Registry.
If you ran a standard installation, the dotnet
image stream will be present. To include the latest supported versions you can install the .NET image streams.
2.3.4. Build Process
S2I produces ready-to-run images by injecting source code into a container and letting the container prepare that source code for execution. It performs the following steps:
- Starts a container from the builder image.
- Downloads the application source.
- Streams the scripts and application sources into the builder image container.
- Runs the assemble script (from the builder image).
- Saves the final image.
See S2I Build Process for a detailed overview of the build process.
2.3.5. Environment Variables
The .NET Core images support several environment variables, which you can set to control the build behavior of your .NET Core application.
You must set environment variables that control build behavior in the S2I build configuration or in the .s2i/environment file to make them available to the build steps.
Variable Name | Description | Default |
---|---|---|
| Selects projects to run. This must be a project file (for example, csproj or fsproj) or a folder containing a single project file. |
|
|
Selects the assembly to run. This must not include the | The name of the csproj file. |
| Specifies the space-separated list of NuGet package sources used during the restore operation. This overrides all of the sources specified in the NuGet.config file. | |
|
Specifies a list of .NET tools to install before building the application. To install a specific version, add | |
| Specifies a list of NPM packages to install before building the application. | |
|
Specifies the list of test projects to test. This must be project files or folders containing a single project file. | |
|
Runs the application in |
|
|
Specifies the verbosity of the dotnet build commands. When set, the environment variables are printed at the start of the build. This variable can be set to one of the msbuild verbosity values ( | |
| Configures the HTTP/HTTPS proxy used when building and running the application. | |
| Uses a custom NPM registry mirror to download packages during the build process. | |
|
This variable is set to |
|
|
When set to | |
|
Used to specify a list of folders and files with additional SSL certificates to trust. The certificates are trusted by each process that runs during the build and all processes that run in the image after the build, including the application that was built. The items can be absolute paths starting with | |
|
When set to |
|
|
When set to |
|
|
When set to |
2.3.6. Quickly Deploying Applications from .NET Core Source
The .NET image stream must first be installed. If you ran a standard installation, the image stream will be present.
An image can be used to build an application by running oc new-app
against a sample repository:
$ oc new-app dotnet:3.1~https://github.com/redhat-developer/s2i-dotnetcore-ex#dotnetcore-3.1 --context-dir app
2.4. Node.js
2.4.1. Overview
OpenShift Container Platform provides S2I enabled Node.js images for building and running Node.js applications. The Node.js S2I builder image assembles your application source with any required dependencies to create a new image containing your Node.js application. This resulting image can be run either by OpenShift Container Platform or by a container runtime.
2.4.2. Versions
Currently, OpenShift Container Platform provides versions 0.10, 4, and 6 of Node.js.
2.4.3. Images
These images come in two flavors, depending on your needs:
- RHEL 7
- CentOS 7
RHEL 7 Based Images
The RHEL 7 images are available through the Red Hat Registry:
$ docker pull registry.redhat.io/openshift3/nodejs-010-rhel7 $ docker pull registry.redhat.io/rhscl/nodejs-4-rhel7
CentOS 7 Based Image
This image is available on Docker Hub:
$ docker pull openshift/nodejs-010-centos7
To use these images, you can either access them directly from these image registries, or push them into your OpenShift Container Platform container image registry. Additionally, you can create an image stream that points to the image, either in your container image registry or at the external location. Your OpenShift Container Platform resources can then reference the ImageStream. You can find example image stream definitions for all the provided OpenShift Container Platform images.
2.4.4. Build Process
S2I produces ready-to-run images by injecting source code into a container and letting the container prepare that source code for execution. It performs the following steps:
- Starts a container from the builder image.
- Downloads the application source.
- Streams the scripts and application sources into the builder image container.
- Runs the assemble script (from the builder image).
- Saves the final image.
See S2I Build Process for a detailed overview of the build process.
2.4.5. Configuration
The Node.js image supports a number of environment variables, which can be set to control the configuration and behavior of the Node.js runtime.
To set these environment variables as part of your image, you can place them into a .s2i/environment file inside your source code repository, or define them in the environment section of the build configuration’s sourceStrategy
definition.
You can also set environment variables to be used with an existing image when creating new applications, or by updating environment variables for existing objects such as deployment configurations.
Environment variables that control build behavior must be set as part of the s2i build configuration or in the .s2i/environment file to make them available to the build steps.
Variable name | Description |
---|---|
|
When set to |
|
The debug port. Only valid if |
| The custom NPM registry mirror URL. All NPM packages will be downloaded from the mirror link during the build process. |
2.4.6. Hot Deploying
Hot deployment allows you to quickly make and deploy changes to your application without having to generate a new S2I build. In order to immediately pick up changes made in your application source code, you must run your built image with the DEV_MODE=true
environment variable.
You can set new environment variables when creating new applications, or updating environment variables for existing objects.
Only use the DEV_MODE=true
environment variable while developing or debugging. Using this in your production environment is not recommended.
To change the source code of a running pod, open a remote shell into the container:
$ oc rsh <pod_id>
Entering into a running container changes your current directory to /opt/app-root/src, where the source code is located.
2.5. Perl
2.5.1. Overview
OpenShift Container Platform provides S2I enabled Perl images for building and running Perl applications. The Perl S2I builder image assembles your application source with any required dependencies to create a new image containing your Perl application. This resulting image can be run either by OpenShift Container Platform or by a container runtime.
2.5.2. Versions
Currently, OpenShift Container Platform supports versions 5.16, 5.20, and 5.24 of Perl.
2.5.3. Images
Images comes in two flavors, depending on your needs:
- RHEL 7
- CentOS 7
RHEL 7 Based Images
The RHEL 7 images are available through the Red Hat Registry:
$ docker pull registry.redhat.io/openshift3/perl-516-rhel7 $ docker pull registry.redhat.io/rhscl/perl-520-rhel7 $ docker pull registry.redhat.io/rhscl/perl-524-rhel7
CentOS 7 Based Image
A CentOS image for Perl 5.16 is available on Docker Hub:
$ docker pull openshift/perl-516-centos7
To use these images, you can either access them directly from these image registries or push them into your OpenShift Container Platform container image registry. Additionally, you can create an image stream that points to the image, either in your container image registry or at the external location. Your OpenShift Container Platformt resources can then reference the ImageStream. You can find example image stream definitions for all the provided OpenShift Container Platform images.
2.5.4. Build Process
S2I produces ready-to-run images by injecting source code into a container and letting the container prepare that source code for execution. It performs the following steps:
- Starts a container from the builder image.
- Downloads the application source.
- Streams the scripts and application sources into the builder image container.
- Runs the assemble script (from the builder image).
- Saves the final image.
See S2I Build Process for a detailed overview of the build process.
2.5.5. Configuration
The Perl image supports a number of environment variables which can be set to control the configuration and behavior of the Perl runtime.
To set these environment variables as part of your image, you can place them into a .s2i/environment file inside your source code repository, or define them in the environment section of the build configuration’s sourceStrategy
definition.
You can also set environment variables to be used with an existing image when creating new applications, or by updating environment variables for existing objects such as deployment configurations.
Environment variables that control build behavior must be set as part of the s2i build configuration or in the .s2i/environment file to make them available to the build steps.
Variable name | Description |
---|---|
|
When set to |
| This variable specifies a mirror URL which cpanminus uses to install dependencies. By default, this URL is not specified. |
|
Set this to |
| The StartServers directive sets the number of child server processes created on startup. Default is 8. |
| Number of simultaneous requests that will be handled by Apache. The default is 256, but it will be automatically lowered if memory is limited. |
2.5.6. Accessing Logs
Access logs are streamed to standard output and as such they can be viewed using the oc logs
command. Error logs are stored in the /tmp/error_log file, which can be viewed using the oc rsh
command to access the container.
2.5.7. Hot Deploying
Hot deployment allows you to quickly make and deploy changes to your application without having to generate a new S2I build. To enable hot deployment in this image, you must set the PERL_APACHE2_RELOAD
environment variable to true
. For example, see the oc new-app
command. You can use the oc set env
command to update environment variables of existing objects.
You should only use this option while developing or debugging; it is not recommended to turn this on in your production environment.
To change your source code in a running pod, use the oc rsh
command to enter the container:
$ oc rsh <pod_id>
After you enter into the running container, your current directory is set to /opt/app-root/src, where the source code is located.
2.6. PHP
2.6.1. Overview
OpenShift Container Platform provides S2I enabled PHP images for building and running PHP applications. The PHP S2I builder image assembles your application source with any required dependencies to create a new image containing your PHP application. This resulting image can be run either by OpenShift Container Platform or by a container runtime.
2.6.2. Versions
Currently, OpenShift Container Platform provides versions 5.5, 5.6, and 7.0 of PHP.
2.6.3. Images
These images come in two flavors, depending on your needs:
- RHEL 7
- CentOS 7
RHEL 7 Based Images
The RHEL 7 images are available through the Red Hat Registry:
$ docker pull registry.redhat.io/openshift3/php-55-rhel7 $ docker pull registry.redhat.io/rhscl/php-56-rhel7 $ docker pull registry.redhat.io/rhscl/php-70-rhel7
CentOS 7 Based Images
CentOS images for PHP 5.5 and 5.6 are available on Docker Hub:
$ docker pull openshift/php-55-centos7 $ docker pull openshift/php-56-centos7
To use these images, you can either access them directly from these image registries or push them into your OpenShift Container Platform container image registry. Additionally, you can create an image stream that points to the image, either in your container image registry or at the external location. Your OpenShift Container Platform resources can then reference the image stream.
You can find example image stream definitions for all the provided OpenShift Container Platform images.
2.6.4. Build Process
S2I produces ready-to-run images by injecting source code into a container and letting the container prepare that source code for execution. It performs the following steps:
- Starts a container from the builder image.
- Downloads the application source.
- Streams the scripts and application sources into the builder image container.
- Runs the assemble script (from the builder image).
- Saves the final image.
See S2I Build Process for a detailed overview of the build process.
2.6.5. Configuration
The PHP image supports a number of environment variables which can be set to control the configuration and behavior of the PHP runtime.
To set these environment variables as part of your image, you can place them into a .s2i/environment file inside your source code repository, or define them in the environment section of the build configuration’s sourceStrategy
definition.
You can also set environment variables to be used with an existing image when creating new applications, or by updating environment variables for existing objects such as deployment configurations.
Environment variables that control build behavior must be set as part of the s2i build configuration or in the .s2i/environment file to make them available to the build steps.
The following environment variables set their equivalent property value in the php.ini file:
Variable Name | Description | Default |
---|---|---|
| Informs PHP of the errors, warnings, and notices for which you would like it to take action. | E_ALL & ~E_NOTICE |
| Controls if and where PHP outputs errors, notices, and warnings. | ON |
| Causes any display errors that occur during PHP’s startup sequence to be handled separately from display errors. | OFF |
|
Stores the last error/warning message in | OFF |
| Links errors to documentation that is related to the error. | ON |
| Path for PHP source files. | .:/opt/openshift/src:/opt/rh/php55/root/usr/share/pear |
| Location for session data files. | /tmp/sessions |
| Path that defines the document root for your application (for example, /public). | / |
The following environment variable sets its equivalent property value in the opcache.ini file:
Variable Name | Description | Default |
---|---|---|
| The OPcache shared memory storage size. | 16M |
| How often to check script time stamps for updates, in seconds. 0 results in OPcache checking for updates on every request. | 2 |
You can also override the entire directory used to load the PHP configuration by setting:
Variable Name | Description |
---|---|
| Sets the path to the php.ini file. |
| Path to scan for additional .ini configuration files |
You can use a custom composer repository mirror URL to download packages instead of the default 'packagist.org':
Variable Name | Description |
---|---|
| Set this variable to use a custom Composer repository mirror URL to download required packages during the build process. Note: This only affects packages listed in composer.json. |
2.6.5.1. Apache Configuration
If the DocumentRoot
of the application is nested in the source directory /opt/openshift/src, you can provide your own .htaccess file to override the default Apache behavior and specify how application requests should be handled. The .htaccess file must be located at the root of the application source.
2.6.6. Accessing Logs
Access logs are streamed to standard out and as such they can be viewed using the oc logs
command. Error logs are stored in the /tmp/error_log file, which can be viewed using the oc rsh
command to access the container.
2.6.7. Hot Deploying
Hot deployment allows you to quickly make and deploy changes to your application without having to generate a new S2I build. In order to immediately pick up changes made in your application source code, you must run your built image with the OPCACHE_REVALIDATE_FREQ=0
environment variable.
For example, see the oc new-app
command. You can use the oc env
command to update environment variables of existing objects.
You should only use this option while developing or debugging; it is not recommended to turn this on in your production environment.
To change your source code in a running pod, use the oc rsh
command to enter the container:
$ oc rsh <pod_id>
After you enter into the running container, your current directory is set to /opt/app-root/src, where the source code is located.
2.7. Python
2.7.1. Overview
OpenShift Container Platform provides S2I enabled Python images for building and running Python applications. The Python S2I builder image assembles your application source with any required dependencies to create a new image containing your Python application. This resulting image can be run either by OpenShift Container Platform or by a container runtime.
2.7.2. Versions
Currently, OpenShift Container Platform provides versions 2.7, 3.3, 3.4, and 3.5 of Python.
2.7.3. Images
These images come in two flavors, depending on your needs:
- RHEL 7
- CentOS 7
RHEL 7 Based Images
The RHEL 7 images are available through the Red Hat Registry:
$ docker pull registry.redhat.io/rhscl/python-27-rhel7 $ docker pull registry.redhat.io/openshift3/python-33-rhel7 $ docker pull registry.redhat.io/rhscl/python-34-rhel7 $ docker pull registry.redhat.io/rhscl/python-35-rhel7
CentOS 7 Based Images
These images are available on Docker Hub:
$ docker pull centos/python-27-centos7 $ docker pull openshift/python-33-centos7 $ docker pull centos/python-34-centos7 $ docker pull centos/python-35-centos7
To use these images, you can either access them directly from these image registries or push them into your OpenShift Container Platform container image registry. Additionally, you can create an image stream that points to the image, either in your container image registry or at the external location. Your OpenShift Container Platform resources can then reference the ImageStream. You can find example image stream definitions for all the provided OpenShift Container Platform images.
2.7.4. Build Process
S2I produces ready-to-run images by injecting source code into a container and letting the container prepare that source code for execution. It performs the following steps:
- Starts a container from the builder image.
- Downloads the application source.
- Streams the scripts and application sources into the builder image container.
- Runs the assemble script (from the builder image).
- Saves the final image.
See S2I Build Process for a detailed overview of the build process.
2.7.5. Configuration
The Python image supports a number of environment variables which can be set to control the configuration and behavior of the Python runtime.
To set these environment variables as part of your image, you can place them into a .s2i/environment file inside your source code repository, or define them in the environment section of the build configuration’s sourceStrategy
definition.
You can also set environment variables to be used with an existing image when creating new applications, or by updating environment variables for existing objects such as deployment configurations.
Environment variables that control build behavior must be set as part of the s2i build configuration or in the .s2i/environment file to make them available to the build steps.
Variable name | Description |
---|---|
| This variable specifies the file name passed to the Python interpreter which is responsible for launching the application. This variable is set to app.py by default. |
|
This variable specifies the WSGI callable. It follows the pattern |
| This variable indicates the path to a valid Python file with a gunicorn configuration. |
|
Set it to a nonempty value to inhibit the execution of |
|
Set it to a nonempty value to inhibit the execution of |
| Set this variable to use a custom index URL or mirror to download required packages during build process. This only affects packages listed in the requirements.txt file. |
| Set this to change the default setting for the number of workers. By default, this is set to the number of available cores times 4. |
2.7.6. Hot Deploying
Hot deployment allows you to quickly make and deploy changes to your application without having to generate a new S2I build. If you are using Django, hot deployment works out of the box.
To enable hot deployment while using Gunicorn, ensure you have a Gunicorn configuration file inside your repository with the reload
option set to true. Specify your configuration file using the APP_CONFIG
environment variable. For example, see the oc new-app
command. You can use the oc set env
command to update environment variables of existing objects.
You should only use this option while developing or debugging; it is not recommended to turn this on in your production environment.
To change your source code in a running pod, use the oc rsh
command to enter the container:
$ oc rsh <pod_id>
After you enter into the running container, your current directory is set to /opt/app-root/src, where the source code is located.
2.8. Ruby
2.8.1. Overview
OpenShift Container Platform provides S2I enabled Ruby images for building and running Ruby applications. The Ruby S2I builder image assembles your application source with any required dependencies to create a new image containing your Ruby application. This resulting image can be run either by OpenShift Container Platform or by a container runtime.
2.8.2. Versions
Currently, OpenShift Container Platform provides versions 2.0, 2.2, and 2.3 of Ruby.
2.8.3. Images
These images come in two flavors, depending on your needs:
- RHEL 7
- CentOS 7
RHEL 7 Based Images
The RHEL 7 images are available through the Red Hat registry:
$ docker pull registry.redhat.io/openshift3/ruby-20-rhel7 $ docker pull registry.redhat.io/rhscl/ruby-22-rhel7 $ docker pull registry.redhat.io/rhscl/ruby-23-rhel7
CentOS 7 Based Images
These images are available on Docker Hub:
$ docker pull openshift/ruby-20-centos7 $ docker pull openshift/ruby-22-centos7 $ docker pull centos/ruby-23-centos7
To use these images, you can either access them directly from these image registries or push them into your OpenShift Container Platform container image registry. Additionally, you can create an image stream that points to the image, either in your container image registry or at the external location. Your OpenShift Container Platform resources can then reference the ImageStream. You can find example image stream definitions for all the provided OpenShift Container Platform images.
2.8.4. Build Process
S2I produces ready-to-run images by injecting source code into a container and letting the container prepare that source code for execution. It performs the following steps:
- Starts a container from the builder image.
- Downloads the application source.
- Streams the scripts and application sources into the builder image container.
- Runs the assemble script (from the builder image).
- Saves the final image.
See S2I Build Process for a detailed overview of the build process.
2.8.5. Configuration
The Ruby image supports a number of environment variables which can be set to control the configuration and behavior of the Ruby runtime.
To set these environment variables as part of your image, you can place them into a .s2i/environment file inside your source code repository, or define them in the environment section of the build configuration’s sourceStrategy
definition.
You can also set environment variables to be used with an existing image when creating new applications, or by updating environment variables for existing objects such as deployment configurations.
Environment variables that control build behavior must be set as part of the s2i build configuration or in the .s2i/environment file to make them available to the build steps.
Variable name | Description |
---|---|
|
This variable specifies the environment within which the Ruby application is deployed; for example, |
|
This variable specifies the environment within which the Ruby on Rails application is deployed; for example, |
|
When set to |
| This variable indicates the minimum and maximum number of threads that will be available in Puma's thread pool. |
|
This variable indicates the number of worker processes to be launched in Puma’s clustered mode (when Puma runs more than two processes). If not explicitly set, the default behavior sets |
| Set this variable to use a custom RubyGems mirror URL to download required gem packages during the build process. Note: This environment variable is only available for Ruby 2.2+ images. |
2.8.6. Hot Deploying
Hot deployment allows you to quickly make and deploy changes to your application without having to generate a new S2I build. The method for enabling hot deployment in this image differs based on the application type.
Ruby on Rails Applications
For Ruby on Rails application, run the built Rails application with the RAILS_ENV=development
environment variable passed to the running pod. For an existing deployment configuration, you can use the oc set env
command:
$ oc set env dc/rails-app RAILS_ENV=development
Other Types of Ruby Applications (Sinatra, Padrino, etc.)
For other types of Ruby applications, your application must be built with a gem that can reload the server every time a change to the source code is made inside the running container. Those gems are:
In order to be able to run your application in development mode, you must modify the S2I run script so that the web server is launched by the chosen gem, which checks for changes in the source code.
After you build your application image with your version of the S2I run script, run the image with the RACK_ENV=development
environment variable. For example, see the oc new-app
command. You can use the oc set env
command to update environment variables of existing objects.
You should only use this option while developing or debugging; it is not recommended to turn this on in your production environment.
To change your source code in a running pod, use the oc rsh
command to enter the container:
$ oc rsh <pod_id>
After you enter into the running container, your current directory is set to /opt/app-root/src, where the source code is located.
2.9. Customizing S2I Images
2.9.1. Overview
S2I builder images normally include assemble and run scripts, but the default behavior of those scripts may not be suitable for all users. This topic covers a few approaches for customizing the behavior of an S2I builder that includes default scripts.
2.9.2. Invoking Scripts Embedded in an Image
Typically, builder images provide their own version of the S2I scripts that cover the most common use-cases. If these scripts do not fulfill your needs, S2I provides a way of overriding them by adding custom ones in the .s2i/bin directory. However, by doing this you are completely replacing the standard scripts. In some cases this is acceptable, but in other scenarios you may prefer to execute a few commands before (or after) the scripts while retaining the logic of the script provided in the image. In this case, it is possible to create a wrapper script that executes custom logic and delegates further work to the default script in the image.
To determine the location of the scripts inside of the builder image, look at the value of io.openshift.s2i.scripts-url
label. Use docker inspect
:
$ docker inspect --format='{{ index .Config.Labels "io.openshift.s2i.scripts-url" }}' openshift/wildfly-100-centos7 image:///usr/libexec/s2i
You inspected the openshift/wildfly-100-centos7 builder image and found out that the scripts are in the /usr/libexec/s2i directory.
With this knowledge, invoke any of these scripts from your own by wrapping its invocation.
Example 2.1. .s2i/bin/assemble script
#!/bin/bash echo "Before assembling" /usr/libexec/s2i/assemble rc=$? if [ $rc -eq 0 ]; then echo "After successful assembling" else echo "After failed assembling" fi exit $rc
The example shows a custom assemble script that prints the message, executes standard assemble script from the image and prints another message depending on the exit code of the assemble script.
When wrapping the run script, you must use exec
for invoking it to ensure signals are handled properly. Unfortunately, the use of exec
also precludes the ability to run additional commands after invoking the default image run script.
Example 2.2. .s2i/bin/run script
#!/bin/bash echo "Before running application" exec /usr/libexec/s2i/run