Today we’ve released 0.3.1 of Atomic App! This is our first release since the holiday break, as well as the first release since 0.3.0. We’ve got quite a lot of new features added as well.

The main features of this release are: * Native persistent storage integration. (Kubernetes only support for now) * HTTPS (TLS) verification and support for OpenShift * OpenShift stop added * Nested Nulecule application support for OpenShift

Bug fixes and changes:

  • Refactor of our OpenShift provider
  • Compatibility fixes with Atomic CLI and Atomic App integration
  • Addition of several CLI parameters to allow for passing provider options on the command line
  • Additional unit tests for OpenShift

Persistent Storage

The integration of native persistent storage support allows a persistent volume to be defined within the Nulecule file rather than the /artifact folder of the Nuleculized container. Atomic App will define and create the persistent storage volume claim before proceeding further in deploying the application.

Currently, Kubernetes is the only provider with support for launching a persistent storage volume.

For example, a persistent volume can be claimed within the Nulecule file as follows:

yaml
graph:
    ...
    requirements:
      - persistentVolume:
          name: "var-log-httpd"
          accessMode: "ReadWrite"
          size: 4

A full example would be:

yaml
---
specversion: 0.0.2
id: helloapache-app

metadata:
  name: Hello Apache App
  appversion: 0.0.1
  description: Atomic app for deploying a really basic Apache HTTP server
graph:
  - name: helloapache-app
    params:
      - name: image
        description: The webserver image
        default: centos/httpd
      - name: hostport
        description: The host TCP port as the external endpoint
        default: 80
    artifacts:
      docker:
        - file://artifacts/docker/hello-apache-pod_run
      kubernetes:
        - file://artifacts/kubernetes/hello-apache-pod.json
    requirements:
      - persistentVolume:
          name: "var-log-httpd"
          accessMode: "ReadWrite"
          size: 4

And running it:

bash
docker build -t projectatomic/helloapache-ps
atomic run projectatomic/helloapache-ps --provider=docker

When you deploy your application, Atomic App will automatically take the persistentVolume claim under requirements and deploy it to it’s respective provider. In the case of Kubernetes, a persistent volume claim will be defined before proceeding in launching a replication controller or pod.

OpenShift Stop

Compatibility for stopping deployed Atomic App containers on OpenShift has now been added.

atomic stop projectatomic/helloapache /var/lib/atomicapp/yournuleculedir

HTTPS (TLS) Support for OpenShift

With version 0.3.1 of Atomic App, we enable https/tls support by default.

Certificates are validated against the Mozilla CA Certificate List using the certifi project.

Both options can be set using answers.conf file or via command line options.

  • providercafile - If your https API endpoint isn’t signed by trusted CA. You can use this option to provide path to your CA certificate.
  • providertlsverify - By setting this to False you can disable TLS/SSL verification. (default is True)

Example answers.conf:

[general]
provider = openshift
providerapi = https://127.0.0.1:8443
accesstoken = sadfasdfasfasfdasfasfasdfsafasfd
namespace = mynamespace
providertlsverify = True
providercafile = /etc/myca/ca.pem

An example of disabling verification using command line argument:

atomic run myapp --provider=openshift --providertlsverify=False

When using native execution (oc new-app) to run Nulecule application on OpenShift you can pass command line arguments via environment variables ATOMICAPP_APPEND_ARGS.

oc new-app myapp --grant-install-rights -e ATOMICAPP_APPEND_ARGS='--providertlsverify=False'

Nested Nulecule Support for OpenShift

Native support for launching Nulecules within OpenShift has been added. You can now pull from a library of Atomic App’s (Nuleculized applications) that exist in the Docker hub and launch them into OpenShift.

Using the guestbookgo-atomicapp example you can now start the container via the oc new-app command.

oc new-app projectatomic/guestbookgo-atomicapp --grant-install-rights

Atomic App will now evaluate what environment the container is being ran from and communicate with OpenShift in order to bring up the Nuleculized application.

To see a more complete example of running a Nulecule via oc new-app see Dusty Mabe’s post on the subject.

Atomic App

Many thanks for everyone who committed to this large release!

As we continue to push towards a 1.0.0 release, we highly appreciate any comments or contributions to the Atomic App repo. If you have any questions about Atomic App or Nulecule, visit the #nulecule channel on Freenode or ask on the container-tools mailing list.