Upgrade and compatibility fixes for upcoming release. (#309)

- Add install option to specify either  `MESOS` or `DOCKER` containerizers.
- Add MWT tooling support to configure containerixer.
- Set DinD image to `jenkins-dind:0.7.0-alpine`
- Set default user to `root` to maintain compatibility with volumes created with 3.5.x-2.150.1 based installations.
- Add option to specify `user` in Marathon Appdef, move previous configuration which only affected the Jenkins Agent into `advaned.jenkins-agent-user` section.
- Remove exhaust of Java Melody to StatsD as it doesn't exist for `DOCKER` containerizer and floods the logs with NullPtr exception throws.

Dockerfile

@@ -17,9 +17,9 @@ ARG MESOS_PLUG_HASH=0193c06a66007247eff371ba74ddc89c56993ddb
 ARG PROMETHEUS_PLUG_HASH=61ea0cd0bb26d937c8f4df00c7e226c0b51c7b50
 ARG STATSD_PLUG_HASH=929d4a6cb3d3ce5f1e03af73075b13687d4879c8
 ARG JENKINS_DCOS_HOME=/var/jenkinsdcos_home
-ARG user=nobody
-ARG uid=99
-ARG gid=99
+ARG user=root
+ARG uid=0
+ARG gid=0
 
 ENV JENKINS_HOME $JENKINS_DCOS_HOME
 # Default policy according to https://wiki.jenkins.io/display/JENKINS/Configuring+Content+Security+Policy
@@ -68,16 +68,6 @@ ADD https://infinity-artifacts.s3.amazonaws.com/mesos-jenkins/mesos.hpi-${MESOS_
 ADD https://infinity-artifacts.s3.amazonaws.com/prometheus-jenkins/prometheus.hpi-${PROMETHEUS_PLUG_HASH} "${JENKINS_STAGING}/plugins/prometheus.hpi"
 ADD https://infinity-artifacts.s3.amazonaws.com/statsd-jenkins/metrics-graphite.hpi-${STATSD_PLUG_HASH} "${JENKINS_STAGING}/plugins/metrics-graphite.hpi"
 
-# This step is required for bootstrap
-# change the config for $user
-# alias uid to $uid - should match nobody for host
-# set home directory to JENKINS_HOME
-# change gid to $gid
-RUN groupadd -g ${gid} nobody \
-    && usermod -u ${uid} -g ${gid} ${user} \
-    && usermod -a -G users nobody \
-    && echo "nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin" >> /etc/passwd
-
 RUN chmod -R ugo+rw "$JENKINS_HOME" "${JENKINS_FOLDER}" \
     && chmod -R ugo+r "${JENKINS_STAGING}" \
     && chmod -R ugo+rx /usr/local/jenkins/bin/ \

conf/jenkins/config.xml

@@ -43,14 +43,14 @@
           <jnlpArgs>-noReconnect</jnlpArgs>
           <defaultSlave>false</defaultSlave>
           <containerInfo>
-            <type>MESOS</type>
-            <dockerImage>mesosphere/jenkins-dind:scale</dockerImage>
+            <type>DOCKER</type>
+            <dockerImage>mesosphere/jenkins-dind:0.7.0-alpine</dockerImage>
             <networking>BRIDGE</networking>
             <useCustomDockerCommandShell>true</useCustomDockerCommandShell>
             <customDockerCommandShell>wrapper.sh</customDockerCommandShell>
             <dockerPrivilegedMode>true</dockerPrivilegedMode>
             <dockerForcePullImage>false</dockerForcePullImage>
-            <isDind>true</isDind>
+            <isDind>false</isDind>
           </containerInfo>
           <mode>NORMAL</mode>
         </org.jenkinsci.plugins.mesos.MesosSlaveInfo>

conftest.py

@@ -132,6 +132,14 @@ def pytest_addoption(parser):
         type=str,
         help="Only create jobs on deployed Jenkins frameworks.",
     )
+    parser.addoption(
+        "--containerizer",
+        action="store",
+        choices=['MESOS', 'DOCKER'],
+        default='MESOS',
+        type=str,
+        help="Select the containerizer used to launch the Jenkins master.",
+    )
 
 
 @pytest.fixture
@@ -224,6 +232,11 @@ def create_jobs(request) -> bool:
     return _str2bool(request.config.getoption("--create-jobs"))
 
 
+@pytest.fixture
+def containerizer(request) -> str:
+    return request.config.getoption("--containerizer")
+
+
 def _str2bool(v) -> bool:
     if isinstance(v, bool):
         return v

scripts/run.sh

@@ -16,7 +16,6 @@ nginx -c /var/nginx/nginx.conf    \
      -Djava.awt.headless=true                        \
      -Dhudson.DNSMultiCast.disabled=true             \
      -Djenkins.install.runSetupWizard=false          \
-     -Djavamelody.statsd-address="${STATSD_UDP_HOST}:${STATSD_UDP_PORT}"  \
      -jar ${JENKINS_FOLDER}/jenkins.war              \
      ${JENKINS_OPTS}                                 \
      --httpPort=${PORT1}                             \

testing/jenkins.py

@@ -19,7 +19,8 @@ def install(service_name, client,
             strict_settings=None,
             service_user=None,
             fn=None,
-            mom=None):
+            mom=None,
+            containerizer=None):
     """Install a Jenkins instance and set the service name to
     `service_name`. This does not wait for deployment to finish.
 
@@ -67,6 +68,11 @@ def _wait_for_deployment(app_id, client):
             "strict-mode": True
         }
 
+    if containerizer:
+        options["advanced"] = {
+            "containerizer": containerizer
+        }
+
     if service_user:
         options['service']['user'] = service_user
 

tests/scale/test_load.py

@@ -54,7 +54,7 @@
 log = logging.getLogger(__name__)
 
 SHARED_ROLE = "jenkins"
-DOCKER_IMAGE = "mesosphere/jenkins-dind:scale"
+DOCKER_IMAGE = "mesosphere/jenkins-dind:0.7.0-alpine"
 # initial timeout waiting on deployments
 DEPLOY_TIMEOUT = 30 * 60  # 30 mins
 JOB_RUN_TIMEOUT = 2 * 60  # 5 mins
@@ -144,6 +144,7 @@ def _install_jenkins_stage(
     marathon_client,
     external_volume,
     mom,
+    containerizer,
 ) -> Set[str]:
     failure_set = set()
     current = 0
@@ -168,6 +169,7 @@ def _install_jenkins_stage(
             security=security_mode,
             daemon=True,
             mom=mom,
+            containerizer=containerizer,
         )
         thread_failures = _wait_and_get_failures(
             install_threads, timeout=DEPLOY_TIMEOUT
@@ -243,6 +245,7 @@ def test_scaling_load(
     enforce_quota_limit,
     create_framework: bool,
     create_jobs: bool,
+    containerizer,
 ) -> None:
 
     """Launch a load test scenario. This does not verify the results
@@ -324,6 +327,7 @@ def test_scaling_load(
             marathon_client,
             external_volume,
             mom,
+            containerizer,
         )
         log.info(
             "\n\nJenkins framework creation failures: [{}]\n\n".format(

universe/config.json

@@ -25,8 +25,7 @@
                 },
                 "user": {
                     "description": "The user that the service will run as. In 'strict' security mode, running tasks as root is disabled by default. Ensure that this user exists on each of the agents in your DC/OS cluster.",
-                    "type": "string",
-                    "default": "root"
+                    "type": "string"
                 },
                 "marathon-name": {
                     "description": "The name of the Marathon framework the Jenkins master is deployed from. Change when using a MoM (Marathon on Marathon).",
@@ -155,6 +154,11 @@
                     "description": "Optional arguments to pass to Jenkins.",
                     "type": "string"
                 },
+                "jenkins-agent-user": {
+                    "description": "The user that the jenkins agent task will run as.",
+                    "type": "string",
+                    "default": "root"
+                },
                 "docker-image": {
                     "description": "The Docker image to use for the Jenkins service. By default, this package will use the Jenkins image in the Mesosphere organization on Docker Hub, which you must be authenticated against. Otherwise, specify the host, image, and tag for the Jenkins image on your private Docker Registry.",
                     "type": "string"
@@ -163,6 +167,12 @@
                     "description": "An optional URI to be fetched and extracted that contains docker credentials (e.g. file:///etc/docker/docker.tar.gz).",
                     "type": "string"
                 },
+                "containerizer": {
+                    "description": "The containerizer used to deploy the Jenkins master.",
+                    "type": "string",
+                    "enum": ["MESOS", "DOCKER"],
+                    "default": "DOCKER"
+                },
                 "prometheus-endpoint": {
                     "description": "An optional, relative URL path to be used by Prometheus. (e.g. 'prometheus/metrics')",
                     "type": "string",
@@ -171,4 +181,4 @@
             }
         }
     }
-}
+}

universe/marathon.json.mustache

@@ -3,6 +3,9 @@
   "cpus": {{service.cpus}},
   "mem": {{service.mem}},
   "instances": 1,
+  {{#service.user}}
+  "user":"{{service.user}}",
+  {{/service.user}}
   {{#security.secret-name}}
   "secrets": {
       "serviceCredential": {
@@ -12,7 +15,7 @@
   {{/security.secret-name}}
   "env": {
       "JENKINS_AGENT_ROLE": "{{roles.jenkins-agent-role}}",
-      "JENKINS_AGENT_USER": "{{service.user}}",
+      "JENKINS_AGENT_USER": "{{advanced.jenkins-agent-user}}",
       "JENKINS_FRAMEWORK_NAME": "{{service.name}}",
       "MARATHON_NAME": "{{service.marathon-name}}",
       {{#security.secret-name}}
@@ -38,14 +41,14 @@
       {"port": {{networking.agent-port}}, "protocol": "tcp", "name": "agent"}
   ],
   "container": {
-        "type": "MESOS",
+        "type": "{{advanced.containerizer}}",
         "docker": {
          {{#advanced.docker-image}}
              "image": "{{advanced.docker-image}}"
          {{/advanced.docker-image}}
          {{^advanced.docker-image}}
              "image": "{{resource.assets.container.docker.jenkins}}"
-         {{/advanced.docker-image}}
+         {{/advanced.docker-image}} 
         },
         "volumes": [
           {{^storage.host-volume}}