Custom stacks
Define your own command workflows to be executed via Stacks
Overview
Plural allows for you to define your own command workflows in place of the standard patterns for tools, like the terraform plan -> terraform apply chain for terraform, or ansible-playbook command for ansible. This can serve a number of useful purposes:
- Supporting a GitOps workflow for cli-based kubernetes provisioners like
k3sor GKE anthos'gkectl. - Supporting in-house provisioner scripts you'd want a more scalable, GitOps approach to configuration for, alongside the elegant UI the Plural Console can offer.
- Automating bulk scripting based on any declarative config, each forcing manual node refreshes
It works off a StackDefinition resource, and requires extending one of our base docker images.
Extend a Plural harness container image
The first step to defining your own custom stack is building your own base image. The standard path here is to simply extend ours, copying the harness binary into an executable path. This PR provides a simple example of how that can be done, with the new image simply consisting of a debian base with the AWS cli installed.
There are a few potential things to notice (all solved in the PR):
- For security reasons, we always execute stacks with the 65535 uid. This is to prevent run-as-root vulnerabilities, but also means you might need to manually create that user and its home directory in your image if you're installing utilities that might need them.
- The images you can use are in either the
ghcr.io/pluralsh/stackrun-harness-baserepository or theghcr.io/pluralsh/harnessrepository. The latter has finished images withterraform,ansibleand other executables installed. - You should make sure to include the WORKDIR and ENTRYPOINT as in the existing images, eg:
WORKDIR /plural ENTRYPOINT ["harness", "--working-dir=/plural"]