20260627 ARM64安装包内置监控镜像
This commit is contained in:
parent
a87a73559b
commit
9f98ac6394
@ -63,6 +63,8 @@ METRICS_PORT=9556
|
||||
METRICS_POLL_SECS=10
|
||||
|
||||
# Prometheus / Grafana.
|
||||
# Monitor images are packaged as ARM64 docker-save archives and loaded by install.sh.
|
||||
MONITOR_PLATFORM=linux/arm64
|
||||
PROMETHEUS_IMAGE=prom/prometheus:v2.55.1
|
||||
GRAFANA_IMAGE=grafana/grafana:11.3.1
|
||||
PROMETHEUS_PORT=9090
|
||||
|
||||
@ -49,6 +49,7 @@ services:
|
||||
|
||||
prometheus:
|
||||
image: ${PROMETHEUS_IMAGE:-prom/prometheus:v2.55.1}
|
||||
platform: ${MONITOR_PLATFORM:-linux/arm64}
|
||||
container_name: ${COMPOSE_PROJECT_NAME:-ours-rp-arm64}-prometheus
|
||||
command:
|
||||
- --config.file=/etc/prometheus/prometheus.yml
|
||||
@ -69,6 +70,7 @@ services:
|
||||
|
||||
grafana:
|
||||
image: ${GRAFANA_IMAGE:-grafana/grafana:11.3.1}
|
||||
platform: ${MONITOR_PLATFORM:-linux/arm64}
|
||||
container_name: ${COMPOSE_PROJECT_NAME:-ours-rp-arm64}-grafana
|
||||
depends_on:
|
||||
- prometheus
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
|
||||
This package deploys ours RP on a `linux/arm64` server with Docker Compose and continuously runs all five RIR validation.
|
||||
|
||||
The package includes the ARM64 runtime image. Runtime state, run artifacts, logs, Prometheus data and Grafana data are persisted through host bind mounts.
|
||||
The package includes the ours RP ARM64 runtime image, Prometheus ARM64 image and Grafana ARM64 image, so deployment does not pull application images on the target host. Runtime state, run artifacts, logs, Prometheus data and Grafana data are persisted through host bind mounts.
|
||||
|
||||
## Quick Start
|
||||
|
||||
@ -28,6 +28,7 @@ Defaults:
|
||||
- `LIVE_TA_REFRESH_BEFORE_SNAPSHOT=1`
|
||||
- `HOST_DATA_DIR=/var/lib/ours-rp-arm64`
|
||||
- `SOAK_RESTART_POLICY=unless-stopped`
|
||||
- `MONITOR_PLATFORM=linux/arm64`
|
||||
|
||||
## First Start Semantics
|
||||
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
|
||||
本安装包用于在 `linux/arm64` 服务器上通过 Docker Compose 部署 ours RP,并持续运行 all5 RIR 同步验证任务。
|
||||
|
||||
安装包内置 ours RP ARM64 runtime 镜像,运行产物、状态数据库、日志、Prometheus 和 Grafana 数据均通过宿主机目录挂载保存。
|
||||
安装包内置 ours RP ARM64 runtime、Prometheus ARM64、Grafana ARM64 镜像,部署时不需要现场拉取应用镜像。运行产物、状态数据库、日志、Prometheus 和 Grafana 数据均通过宿主机目录挂载保存。
|
||||
|
||||
## 快速开始
|
||||
|
||||
@ -28,6 +28,7 @@ vim .env
|
||||
- `LIVE_TA_REFRESH_BEFORE_SNAPSHOT=1`
|
||||
- `HOST_DATA_DIR=/var/lib/ours-rp-arm64`
|
||||
- `SOAK_RESTART_POLICY=unless-stopped`
|
||||
- `MONITOR_PLATFORM=linux/arm64`
|
||||
|
||||
## 首次启动语义
|
||||
|
||||
|
||||
@ -10,7 +10,7 @@ The installer is idempotent:
|
||||
|
||||
- existing `.env` is kept;
|
||||
- existing Docker/Compose installation is reused;
|
||||
- repeated image loading is safe;
|
||||
- repeated loading of packaged ours RP, Prometheus and Grafana ARM64 images is safe;
|
||||
- existing data directory is reused.
|
||||
|
||||
## Start
|
||||
@ -42,7 +42,7 @@ Start without waiting for the first snapshot:
|
||||
Important checks:
|
||||
|
||||
- Docker/Compose availability;
|
||||
- runtime image exists;
|
||||
- runtime, Prometheus and Grafana images exist;
|
||||
- `HOST_DATA_DIR` is writable;
|
||||
- Compose config is valid;
|
||||
- latest run status;
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
|
||||
- 已有 `.env` 不覆盖;
|
||||
- 已安装 Docker/Compose 则跳过;
|
||||
- 镜像重复加载是安全的;
|
||||
- 包内 ours RP、Prometheus、Grafana ARM64 镜像重复加载是安全的;
|
||||
- 数据目录已存在则复用。
|
||||
|
||||
## 启动
|
||||
@ -42,7 +42,7 @@
|
||||
重点检查项:
|
||||
|
||||
- Docker/Compose 可用;
|
||||
- runtime 镜像存在;
|
||||
- runtime、Prometheus、Grafana 镜像存在;
|
||||
- `HOST_DATA_DIR` 可写;
|
||||
- Compose 配置合法;
|
||||
- 最新 run 状态;
|
||||
|
||||
@ -39,6 +39,7 @@ create_data_dirs
|
||||
load_installer_images
|
||||
ensure_binfmt_if_needed
|
||||
verify_runtime_image
|
||||
verify_monitor_images
|
||||
compose_cmd --profile core --profile sidecar --profile monitor config >/tmp/ours-rp-arm64-compose-config.yml
|
||||
"$SCRIPT_DIR/self-check.sh" --quick
|
||||
log "install complete"
|
||||
|
||||
@ -37,6 +37,9 @@ load_env() {
|
||||
COMPOSE_PROJECT_NAME="${COMPOSE_PROJECT_NAME:-ours-rp-arm64}"
|
||||
RPKI_IMAGE="${RPKI_IMAGE:-ours-rp-runtime-arm64:dev}"
|
||||
RPKI_PLATFORM="${RPKI_PLATFORM:-linux/arm64}"
|
||||
MONITOR_PLATFORM="${MONITOR_PLATFORM:-linux/arm64}"
|
||||
PROMETHEUS_IMAGE="${PROMETHEUS_IMAGE:-prom/prometheus:v2.55.1}"
|
||||
GRAFANA_IMAGE="${GRAFANA_IMAGE:-grafana/grafana:11.3.1}"
|
||||
FIRST_RUN_WAIT_TIMEOUT_SECS="${FIRST_RUN_WAIT_TIMEOUT_SECS:-7200}"
|
||||
}
|
||||
|
||||
@ -239,6 +242,23 @@ verify_runtime_image() {
|
||||
head -5 /tmp/ours-rp-arm64-rpki-help.txt || true
|
||||
}
|
||||
|
||||
verify_image_platform() {
|
||||
local image="$1"
|
||||
local expected_platform="$2"
|
||||
local role="$3"
|
||||
local actual_platform
|
||||
docker image inspect "$image" >/dev/null
|
||||
actual_platform="$(docker image inspect --format '{{.Os}}/{{.Architecture}}' "$image" 2>/dev/null || echo unknown)"
|
||||
[[ "$actual_platform" == "$expected_platform" ]] || die "$role image platform mismatch: image=$image expected=$expected_platform actual=$actual_platform"
|
||||
}
|
||||
|
||||
verify_monitor_images() {
|
||||
load_env
|
||||
require_cmd docker
|
||||
verify_image_platform "$PROMETHEUS_IMAGE" "$MONITOR_PLATFORM" "prometheus"
|
||||
verify_image_platform "$GRAFANA_IMAGE" "$MONITOR_PLATFORM" "grafana"
|
||||
}
|
||||
|
||||
endpoint_ok() {
|
||||
local url="$1"
|
||||
curl -fsS --max-time 5 "$url" >/dev/null 2>&1
|
||||
|
||||
@ -30,7 +30,8 @@ docker compose version >/dev/null
|
||||
create_data_dirs
|
||||
[[ -w "$HOST_DATA_DIR" ]] || die "data dir is not writable: $HOST_DATA_DIR"
|
||||
compose_cmd --profile core --profile sidecar --profile monitor config >/dev/null
|
||||
docker image inspect "$RPKI_IMAGE" >/dev/null
|
||||
verify_image_platform "$RPKI_IMAGE" "$RPKI_PLATFORM" "runtime"
|
||||
verify_monitor_images
|
||||
if [[ "$QUICK" == "0" ]]; then
|
||||
verify_runtime_image
|
||||
fi
|
||||
|
||||
@ -9,6 +9,6 @@ install_docker_if_missing
|
||||
load_installer_images
|
||||
ensure_binfmt_if_needed
|
||||
verify_runtime_image
|
||||
compose_cmd --profile core --profile sidecar --profile monitor pull --ignore-pull-failures || true
|
||||
verify_monitor_images
|
||||
compose_cmd --profile core --profile sidecar --profile monitor up -d --force-recreate
|
||||
"$SCRIPT_DIR/status.sh" --brief || true
|
||||
|
||||
@ -6,9 +6,14 @@ REPO_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
|
||||
|
||||
IMAGE_TAG="${IMAGE_TAG:-ours-rp-runtime-arm64:dev}"
|
||||
IMAGE_TAR="${IMAGE_TAR:-}"
|
||||
PROMETHEUS_IMAGE="${PROMETHEUS_IMAGE:-prom/prometheus:v2.55.1}"
|
||||
PROMETHEUS_IMAGE_TAR="${PROMETHEUS_IMAGE_TAR:-}"
|
||||
GRAFANA_IMAGE="${GRAFANA_IMAGE:-grafana/grafana:11.3.1}"
|
||||
GRAFANA_IMAGE_TAR="${GRAFANA_IMAGE_TAR:-}"
|
||||
OUT_DIR="${OUT_DIR:-$REPO_ROOT/target/arm64-installer}"
|
||||
PACKAGE_PREFIX="${PACKAGE_PREFIX:-ours-rp-arm64-installer}"
|
||||
TEMPLATE_DIR="${TEMPLATE_DIR:-$REPO_ROOT/deploy/arm64-installer}"
|
||||
MONITOR_PLATFORM="${MONITOR_PLATFORM:-linux/arm64}"
|
||||
|
||||
usage() {
|
||||
cat <<'USAGE'
|
||||
@ -18,6 +23,14 @@ Usage:
|
||||
Options:
|
||||
--image <tag> Runtime image tag recorded in package manifest.
|
||||
--image-tar <path> Existing docker save tar/tar.gz to include.
|
||||
--prometheus-image <tag>
|
||||
Prometheus image tag to record and package.
|
||||
--prometheus-image-tar <path>
|
||||
Existing Prometheus docker save tar/tar.gz to include.
|
||||
--grafana-image <tag>
|
||||
Grafana image tag to record and package.
|
||||
--grafana-image-tar <path>
|
||||
Existing Grafana docker save tar/tar.gz to include.
|
||||
--out-dir <path> Output directory.
|
||||
--prefix <name> Package directory/tar prefix.
|
||||
-h, --help Show help.
|
||||
@ -37,6 +50,22 @@ while [[ $# -gt 0 ]]; do
|
||||
IMAGE_TAR="$2"
|
||||
shift 2
|
||||
;;
|
||||
--prometheus-image)
|
||||
PROMETHEUS_IMAGE="$2"
|
||||
shift 2
|
||||
;;
|
||||
--prometheus-image-tar)
|
||||
PROMETHEUS_IMAGE_TAR="$2"
|
||||
shift 2
|
||||
;;
|
||||
--grafana-image)
|
||||
GRAFANA_IMAGE="$2"
|
||||
shift 2
|
||||
;;
|
||||
--grafana-image-tar)
|
||||
GRAFANA_IMAGE_TAR="$2"
|
||||
shift 2
|
||||
;;
|
||||
--out-dir)
|
||||
OUT_DIR="$2"
|
||||
shift 2
|
||||
@ -76,6 +105,51 @@ EOF
|
||||
exit 2
|
||||
}
|
||||
|
||||
safe_tag_name() {
|
||||
printf '%s' "$1" | tr '/:' '--'
|
||||
}
|
||||
|
||||
save_image_if_needed() {
|
||||
local image="$1"
|
||||
local existing_tar="$2"
|
||||
local out_dir="$3"
|
||||
local role="$4"
|
||||
if [[ -n "$existing_tar" ]]; then
|
||||
[[ -f "$existing_tar" ]] || {
|
||||
echo "missing $role image tar: $existing_tar" >&2
|
||||
exit 2
|
||||
}
|
||||
printf '%s\n' "$existing_tar"
|
||||
return 0
|
||||
fi
|
||||
if ! docker image inspect "$image" >/dev/null 2>&1; then
|
||||
cat >&2 <<EOF
|
||||
missing local $role image: $image
|
||||
|
||||
Prepare it before building the installer package, for example:
|
||||
docker pull --platform $MONITOR_PLATFORM $image
|
||||
EOF
|
||||
exit 2
|
||||
fi
|
||||
local actual_platform
|
||||
actual_platform="$(docker image inspect --format '{{.Os}}/{{.Architecture}}' "$image" 2>/dev/null || echo unknown)"
|
||||
if [[ "$actual_platform" != "$MONITOR_PLATFORM" ]]; then
|
||||
cat >&2 <<EOF
|
||||
wrong platform for $role image: $image
|
||||
expected: $MONITOR_PLATFORM
|
||||
actual: $actual_platform
|
||||
|
||||
Pull the ARM64 variant explicitly:
|
||||
docker pull --platform $MONITOR_PLATFORM $image
|
||||
EOF
|
||||
exit 2
|
||||
fi
|
||||
local tar_path="$out_dir/$(safe_tag_name "$image").tar.gz"
|
||||
echo "saving $role image to $tar_path" >&2
|
||||
docker save "$image" | gzip -c > "$tar_path"
|
||||
printf '%s\n' "$tar_path"
|
||||
}
|
||||
|
||||
mkdir -p "$OUT_DIR"
|
||||
commit="$(git -C "$REPO_ROOT" rev-parse --short HEAD 2>/dev/null || echo unknown)"
|
||||
timestamp="$(date -u +%Y%m%dT%H%M%SZ)"
|
||||
@ -88,11 +162,22 @@ mkdir -p "$stage/images"
|
||||
rsync -a --delete "$TEMPLATE_DIR"/ "$stage"/
|
||||
cp "$IMAGE_TAR" "$stage/images/"
|
||||
|
||||
monitor_image_stage="$OUT_DIR/.monitor-images-$timestamp"
|
||||
rm -rf "$monitor_image_stage"
|
||||
mkdir -p "$monitor_image_stage"
|
||||
prometheus_tar="$(save_image_if_needed "$PROMETHEUS_IMAGE" "$PROMETHEUS_IMAGE_TAR" "$monitor_image_stage" "prometheus")"
|
||||
grafana_tar="$(save_image_if_needed "$GRAFANA_IMAGE" "$GRAFANA_IMAGE_TAR" "$monitor_image_stage" "grafana")"
|
||||
cp "$prometheus_tar" "$stage/images/"
|
||||
cp "$grafana_tar" "$stage/images/"
|
||||
|
||||
if [[ -f "$stage/.env.example" ]]; then
|
||||
tmp_env="$stage/.env.example.tmp"
|
||||
awk -v image="$IMAGE_TAG" '
|
||||
awk -v image="$IMAGE_TAG" -v prometheus="$PROMETHEUS_IMAGE" -v grafana="$GRAFANA_IMAGE" -v monitor_platform="$MONITOR_PLATFORM" '
|
||||
BEGIN { done=0 }
|
||||
/^RPKI_IMAGE=/ { print "RPKI_IMAGE=" image; done=1; next }
|
||||
/^PROMETHEUS_IMAGE=/ { print "PROMETHEUS_IMAGE=" prometheus; next }
|
||||
/^GRAFANA_IMAGE=/ { print "GRAFANA_IMAGE=" grafana; next }
|
||||
/^MONITOR_PLATFORM=/ { print "MONITOR_PLATFORM=" monitor_platform; next }
|
||||
{ print }
|
||||
END { if (!done) print "RPKI_IMAGE=" image }
|
||||
' "$stage/.env.example" > "$tmp_env"
|
||||
@ -107,11 +192,19 @@ git_status_count=$(git -C "$REPO_ROOT" status --short 2>/dev/null | wc -l | tr -
|
||||
image_tag=$IMAGE_TAG
|
||||
image_tar=$(basename "$IMAGE_TAR")
|
||||
image_tar_size_bytes=$(wc -c < "$IMAGE_TAR")
|
||||
prometheus_image=$PROMETHEUS_IMAGE
|
||||
prometheus_image_tar=$(basename "$prometheus_tar")
|
||||
prometheus_image_tar_size_bytes=$(wc -c < "$prometheus_tar")
|
||||
grafana_image=$GRAFANA_IMAGE
|
||||
grafana_image_tar=$(basename "$grafana_tar")
|
||||
grafana_image_tar_size_bytes=$(wc -c < "$grafana_tar")
|
||||
target_platform=linux/arm64
|
||||
monitor_platform=$MONITOR_PLATFORM
|
||||
EOF
|
||||
|
||||
chmod +x "$stage"/*.sh "$stage/scripts"/*.sh
|
||||
tar -C "$OUT_DIR" -czf "$tar_path" "$package_name"
|
||||
rm -rf "$monitor_image_stage"
|
||||
|
||||
{
|
||||
echo "package=$tar_path"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user