Today we’ve released 0.3.1 of Atomic App! This is our first release since the holiday break, as well as the first release since 0.3.0. We’ve got quite a lot of new features added as well.
The main features of this release are:
* Native persistent storage integration. (Kubernetes only support for now)
* HTTPS (TLS) verification and support for OpenShift
* OpenShift stop
added
* Nested Nulecule application support for OpenShift
Bug fixes and changes:
- Refactor of our OpenShift provider
- Compatibility fixes with Atomic CLI and Atomic App integration
- Addition of several CLI parameters to allow for passing provider options on the command line
- Additional unit tests for OpenShift
Persistent Storage
The integration of native persistent storage support allows a persistent volume to be defined within the Nulecule
file rather than the /artifact
folder of the Nuleculized container. Atomic App will define and create the persistent storage volume claim before proceeding further in deploying the application.
Currently, Kubernetes is the only provider with support for launching a persistent storage volume.
For example, a persistent volume can be claimed within the Nulecule file as follows:
yaml
graph:
...
requirements:
- persistentVolume:
name: "var-log-httpd"
accessMode: "ReadWrite"
size: 4
A full example would be:
yaml
---
specversion: 0.0.2
id: helloapache-app
metadata:
name: Hello Apache App
appversion: 0.0.1
description: Atomic app for deploying a really basic Apache HTTP server
graph:
- name: helloapache-app
params:
- name: image
description: The webserver image
default: centos/httpd
- name: hostport
description: The host TCP port as the external endpoint
default: 80
artifacts:
docker:
- file://artifacts/docker/hello-apache-pod_run
kubernetes:
- file://artifacts/kubernetes/hello-apache-pod.json
requirements:
- persistentVolume:
name: "var-log-httpd"
accessMode: "ReadWrite"
size: 4
And running it:
bash
docker build -t projectatomic/helloapache-ps
atomic run projectatomic/helloapache-ps --provider=docker
When you deploy your application, Atomic App will automatically take the persistentVolume
claim under requirements and deploy it to it’s respective provider. In the case of Kubernetes, a persistent volume claim will be defined before proceeding in launching a replication controller or pod.
OpenShift Stop
Compatibility for stopping deployed Atomic App containers on OpenShift has now been added.
atomic stop projectatomic/helloapache /var/lib/atomicapp/yournuleculedir
HTTPS (TLS) Support for OpenShift
With version 0.3.1 of Atomic App, we enable https/tls support by default.
Certificates are validated against the Mozilla CA Certificate List using the certifi project.
Both options can be set using answers.conf
file or via command line options.
providercafile
- If your https API endpoint isn’t signed by trusted CA. You can use this option to provide path to your CA certificate.providertlsverify
- By setting this to False you can disable TLS/SSL verification. (default is True)
Example answers.conf:
[general]
provider = openshift
providerapi = https://127.0.0.1:8443
accesstoken = sadfasdfasfasfdasfasfasdfsafasfd
namespace = mynamespace
providertlsverify = True
providercafile = /etc/myca/ca.pem
An example of disabling verification using command line argument:
atomic run myapp --provider=openshift --providertlsverify=False
When using native execution (oc new-app
) to run Nulecule application on OpenShift you can pass command line arguments via environment variables ATOMICAPP_APPEND_ARGS
.
oc new-app myapp --grant-install-rights -e ATOMICAPP_APPEND_ARGS='--providertlsverify=False'
Nested Nulecule Support for OpenShift
Native support for launching Nulecules within OpenShift has been added. You can now pull from a library of Atomic App’s (Nuleculized applications) that exist in the Docker hub and launch them into OpenShift.
Using the guestbookgo-atomicapp example you can now start the container via the oc new-app
command.
oc new-app projectatomic/guestbookgo-atomicapp --grant-install-rights
Atomic App will now evaluate what environment the container is being ran from and communicate with OpenShift in order to bring up the Nuleculized application.
To see a more complete example of running a Nulecule via oc new-app
see Dusty Mabe’s post on the subject.
Atomic App
Many thanks for everyone who committed to this large release!
As we continue to push towards a 1.0.0 release, we highly appreciate any comments or contributions to the Atomic App repo. If you have any questions about Atomic App or Nulecule, visit the #nulecule channel on Freenode or ask on the container-tools mailing list.