diff options
author | Ilion Beyst <ilion.beyst@gmail.com> | 2022-07-24 23:08:51 +0200 |
---|---|---|
committer | Ilion Beyst <ilion.beyst@gmail.com> | 2022-07-24 23:08:51 +0200 |
commit | 93c4306b1015594bb6d7e08d03138c12229ac598 (patch) | |
tree | bc8de89e4124c2e36957fce315e8bdcf4bc8c1e2 | |
parent | 14b51033fc9ca2188a0140893a56c0a249b3e118 (diff) | |
download | planetwars.dev-93c4306b1015594bb6d7e08d03138c12229ac598.tar.xz planetwars.dev-93c4306b1015594bb6d7e08d03138c12229ac598.zip |
pull docker bots before running them
-rw-r--r-- | planetwars-matchrunner/src/docker_runner.rs | 34 | ||||
-rw-r--r-- | planetwars-server/src/modules/matches.rs | 13 |
2 files changed, 45 insertions, 2 deletions
diff --git a/planetwars-matchrunner/src/docker_runner.rs b/planetwars-matchrunner/src/docker_runner.rs index 2d93273..6de9bb1 100644 --- a/planetwars-matchrunner/src/docker_runner.rs +++ b/planetwars-matchrunner/src/docker_runner.rs @@ -15,12 +15,22 @@ use crate::match_context::{EventBus, PlayerHandle, RequestError, RequestMessage} use crate::match_log::{MatchLogMessage, MatchLogger, StdErrMessage}; use crate::BotSpec; +// TODO: this API needs a better design with respect to pulling +// and general container management #[derive(Clone, Debug)] pub struct DockerBotSpec { pub image: String, pub binds: Option<Vec<String>>, pub argv: Option<Vec<String>>, pub working_dir: Option<String>, + pub pull: bool, + pub credentials: Option<Credentials>, +} + +#[derive(Clone, Debug)] +pub struct Credentials { + pub username: String, + pub password: String, } #[async_trait] @@ -43,6 +53,30 @@ async fn spawn_docker_process( ) -> Result<ContainerProcess, bollard::errors::Error> { let docker = Docker::connect_with_socket_defaults()?; + if params.pull { + let mut create_image_stream = docker.create_image( + Some(bollard::image::CreateImageOptions { + from_image: params.image.as_str(), + ..Default::default() + }), + None, + params + .credentials + .as_ref() + .map(|credentials| bollard::auth::DockerCredentials { + username: Some(credentials.username.clone()), + password: Some(credentials.password.clone()), + ..Default::default() + }), + ); + + while let Some(item) = create_image_stream.next().await { + // just consume the stream for now, + // and make noise when something breaks + let _info = item.expect("hit error in docker pull"); + } + } + let memory_limit = 512 * 1024 * 1024; // 512MB let config = container::Config { image: Some(params.image.clone()), diff --git a/planetwars-server/src/modules/matches.rs b/planetwars-server/src/modules/matches.rs index a1fe63d..4f538ed 100644 --- a/planetwars-server/src/modules/matches.rs +++ b/planetwars-server/src/modules/matches.rs @@ -1,8 +1,7 @@ -use std::{path::PathBuf, sync::Arc}; - use diesel::{PgConnection, QueryResult}; use planetwars_matchrunner::{self as runner, docker_runner::DockerBotSpec, BotSpec, MatchConfig}; use runner::MatchOutcome; +use std::{path::PathBuf, sync::Arc}; use tokio::task::JoinHandle; use crate::{ @@ -113,6 +112,11 @@ pub fn bot_version_to_botspec( binds: None, argv: None, working_dir: None, + pull: true, + credentials: Some(runner::docker_runner::Credentials { + username: "admin".to_string(), + password: runner_config.registry_admin_password.clone(), + }), }) } else { // TODO: ideally this would not be possible @@ -131,6 +135,11 @@ fn python_docker_bot_spec(config: &GlobalConfig, code_bundle_path: &str) -> Box< binds: Some(vec![format!("{}:{}", code_bundle_path_str, "/workdir")]), argv: Some(vec!["python".to_string(), "bot.py".to_string()]), working_dir: Some("/workdir".to_string()), + // This would be a pull from dockerhub at the moment, let's avoid that for now. + // Maybe the best course of action would be to replicate all images in the dedicated + // registry, so that we only have to provide credentials to that one. + pull: false, + credentials: None, }) } |