Rhel9 milvus

.env

@@ -1,8 +1,10 @@
 # to define environment variables available to docker-compose.yml
 
-IMAGE_REPO=milvusdb
+# If this is uncommented it will pull and not rebuild
+# IMAGE_REPO=quay.io/grpereir
+IMAGE_REPO=quay.io/ai-lab
 IMAGE_ARCH=amd64
-OS_NAME=ubuntu20.04
+OS_NAME=rhel9
 
 # for services.builder.image in docker-compose.yml
 DATE_VERSION=20240520-d27db99

.github/workflows/ai-lab-remote-rhel-build.yaml

@@ -0,0 +1,99 @@
+name: AI-lab remove rhel-build
+
+on:
+  workflow_dispatch:
+
+  pull_request:
+    branches:
+      - master
+    paths:
+      - 'build/docker/builder/cpu/rhel9/**'
+      - '.github/workflows/ai-lab-remote-rhel-build.yaml'
+
+env:
+  AWS_REGION: us-east-1
+  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+  TF_VAR_vpc_id: ${{ secrets.VPC_ID }}
+  TF_VAR_rh_access: ${{ secrets.RH_ACCESS }}
+  TF_VAR_rh_org: ${{ secrets.RH_ORG }}
+  TF_VAR_ami_id: ${{ secrets.AMI_ID }}
+
+jobs:
+  rhel9-milvus:
+    runs-on: ubuntu-24.04
+    strategy:
+      fail-fast: false
+      max-parallel: 1
+    steps:
+        - name: Setup Terraform
+          uses: hashicorp/[email protected]
+          with:
+            terraform_version: "1.7.5"
+
+        - name: Checkout code on runner
+          uses: actions/[email protected]
+
+        - name: sshkeygen for ansible
+          run: ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa -N ""
+
+        - name: Terraform Init
+          run: terraform init
+
+        - name: Terraform Apply
+          run: terraform apply -auto-approve
+
+        - name: Set up Python on runner
+          uses: actions/[email protected]
+          with:
+            python-version: '3.11'
+
+        - name: Install Ansible on runner
+          run: |
+            python3 -m pip install --upgrade pip
+            pip install ansible
+
+        # currently no reqs
+        # - name: Ansible Collections
+        #   working-directory: build/ci/rhel-ansible
+        #   run: ansible-galaxy install -r requirements.yaml
+
+        - name: Install jq and build inventory on runner
+          run: |
+            sudo apt-get install -y jq
+            PUBLIC_IP=$(terraform output -json | jq -r '.public_ip.value')
+            # PUBLIC_IP=$(terraform output -json | jq -r '.public_ip.value' | cut -d "\"" -f 2)
+            echo "public_ip=$PUBLIC_IP" >> $GITHUB_OUTPUT
+            echo "[test_environments]" > build/ci/rhel-ansible/inventory.ini
+            echo "test_environment_host ansible_host=${PUBLIC_IP}" >> build/ci/rhel-ansible/inventory.ini
+            # cat build/ci/rhel-ansible/inventory.ini
+
+        - name: Setup tmate session
+          # if: ${{ failure() }}
+          uses: mxschmitt/[email protected]
+          timeout-minutes: 25
+          with:
+            detached: true
+            limit-access-to-actor: true
+
+        - name: Provision runner to ec2
+          working-directory: build/ci/rhel-ansible
+          run: |
+            ansible-playbook -vv playbook.yaml \
+              -i inventory.ini \
+              --private-key=/home/runner/.ssh/id_rsa \
+              --extra-vars "registry_user=${{ secrets.REGISTRY_USER }}" \
+              --extra-vars "registry_pass=${{ secrets.REGISTRY_PASS }}" \
+              --extra-vars "subman_user=${{ secrets.SUBMAN_USER }}" \
+              --extra-vars "subman_pass=${{ secrets.SUBMAN_PASS }}"
+          env:
+            ANSIBLE_CONFIG: ansible.cfg
+
+        - name: Terraform Destroy
+          if: always()
+          run: terraform destroy -auto-approve
+
+        # For stacked runs of CI with concurrency allow for destroy to work
+        - name: Wait for 30 seconds for destroy to work
+          if: always()
+          run: sleep 30

.gitignore

@@ -31,6 +31,9 @@ docker-compose-devcontainer.yml.tmp
 # Docker generated cache file
 .docker/
 
+# Private `subscription-manager` credentials for rhel builds
+.env.rhel
+
 **/_artifacts/**
 
 # proxy
@@ -46,6 +49,7 @@ proxy-go/proxy-go
 # Compiled source
 bin/
 lib/
+configs/
 *.a
 *.so
 *.so.*

build/ci/rhel-ansible/ansible.cfg

@@ -0,0 +1,4 @@
+[ssh_connection]
+ssh_common_args = -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ;
+[defaults]
+host_key_checking = False

build/ci/rhel-ansible/playbook.yaml

@@ -0,0 +1,150 @@
+---
+- name: Building rhel9-milvus
+  hosts: test_environments
+  remote_user: ec2-user
+  become: true
+  gather_facts: false
+
+# THIS RUNS ON RHEL AMI AS BUILDER FOR SUBMAN
+
+  tasks:
+
+  - name: Wait until the instance is ready
+    ansible.builtin.wait_for_connection:
+    delay: 15
+    timeout: 180
+
+  - name: Gather facts for first time
+    ansible.builtin.setup:
+
+  # - name: DEBUG - sleep
+  #   ignore_unreachable: true
+  #   ansible.builtin.shell: |
+  #     sleep 600
+
+  - name: remove podman for clean docker install
+    ansible.builtin.shell: |
+      dnf -y remove \
+        docker \
+        docker-client \
+        docker-client-latest \
+        docker-common \
+        docker-latest \
+        docker-latest-logrotate \
+        docker-logrotate \
+        docker-engine \
+        podman \
+        runc
+
+  - name: setup docker server and docker compose
+    async: 1000
+    poll: 0
+    register: docker_install_result
+    ansible.builtin.shell: |
+      sudo yum install -y yum-utils
+      sudo yum-config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo
+      sudo yum install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+      sudo systemctl start docker
+
+  - name: Check on downloading docker + docker tools
+    async_status:
+      jid: "{{ docker_install_result.ansible_job_id }}"
+    register: job_result
+    until: job_result.finished
+    retries: 25
+    delay: 10
+
+  - name: Ensure Docker is running
+    ansible.builtin.systemd:
+      name: docker
+      state: started
+      enabled: yes
+
+  - name: Install the docker-compose binary
+    ansible.builtin.shell: |
+      cd /tmp
+      export ARCH=$(uname -m)
+      if [[ "$ARCH" == "arm64" ]] || [[ "$ARCH" == "aarch64" ]]; then
+        echo "aarch64 selected"
+        curl -sLO https://github.com/docker/compose/releases/download/v2.28.0/docker-compose-linux-aarch64
+        sudo mv /tmp/docker-compose-linux-aarch64 /usr/bin/docker-compose
+      elif [[ "$ARCH" == "amd64" ]] || [[ "$ARCH" == "x86_64" ]]; then
+        echo "x86_64 selected"
+        curl -sLO https://github.com/docker/compose/releases/download/v2.28.0/docker-compose-linux-x86_64
+        sudo mv /tmp/docker-compose-linux-x86_64 /usr/bin/docker-compose
+      fi
+      chmod +x /usr/bin/docker-compose
+
+  - name: Log in to quay.io
+    community.docker.docker_login:
+      username: "{{ registry_user }}"
+      password: "{{ registry_pass }}"
+      registry: quay.io
+
+  - name: Register to subscription manager
+    ansible.builtin.shell: |
+      subscription-manager register --username "{{ subman_user }}" --password "{{ subman_pass }}" --force
+
+  - name: Clone Git repository
+    become: false
+    ansible.builtin.git:
+      repo: https://github.com/redhat-et/milvus.git
+      dest: "/tmp/milvus"
+      version: "rhel9-milvus"  
+      clone: yes
+      update: yes
+
+  - name: DEBUG - sleep
+    ansible.builtin.shell: |
+      sleep 900
+
+  - name: Make the builder image
+    async: 1000
+    poll: 0
+    register: builder_result
+    ansible.builtin.shell: |
+      set -x
+      cd /tmp/milvus/
+      sudo su
+      echo $TARGETARCH
+      export TARGETARCH=$(uname -m)
+      echo $TARGETARCH
+      ./build/builder.sh make install
+      ls -al /tmp/milvus/
+      set +x
+
+  - name: Check on the builder image
+    async_status:
+      jid: "{{ builder_result.ansible_job_id }}"
+    register: job_result
+    until: job_result.finished
+    retries: 100
+    delay: 10
+
+  - name: Make the milvus image
+    async: 1000
+    poll: 0
+    register: milvus_result
+    ansible.builtin.shell: |
+      cd /tmp/milvus
+      ls -al /tmp/milvus
+      mv /tmp/milvus/bin /tmp/milvus/build/docker/milvus/rhel9/
+      mv /tmp/milvus/configs /tmp/milvus/build/docker/milvus/rhel9/
+      mv /tmp/milvus/lib /tmp/milvus/build/docker/milvus/rhel9/
+      /tmp/milvus/build/build_image.sh make
+
+  - name: Check on the milvus image
+    async_status:
+      jid: "{{ milvus_result.ansible_job_id }}"
+    register: job_result
+    until: job_result.finished
+    retries: 100
+    delay: 10
+
+  - name: log docker images
+    ansible.builtin.shell: |
+      docker images
+
+  - name: DEBUG - sleep
+    ansible.builtin.shell: |
+      sleep 400

build/ci/rhel-ansible/requirements.yaml

@@ -0,0 +1,3 @@
+---
+collections:
+  - name: community.docker

build/docker/builder/cpu/rhel9/Dockerfile

@@ -0,0 +1,73 @@
+FROM registry.access.redhat.com/ubi9/ubi:9.4-947.1717074712 as vcpkg-installer
+USER 0
+RUN dnf install -y wget zip git gcc gcc-c++ cmake \
+        dnf-plugins-core ninja-build \
+        perl-IPC-Cmd perl-Digest-SHA \
+        perl-FindBin perl-File-Compare perl-File-Copy        
+
+ENV VCPKG_FORCE_SYSTEM_BINARIES 1
+
+RUN mkdir /opt/vcpkg &&  \
+    wget -qO- vcpkg.tar.gz https://github.com/microsoft/vcpkg/archive/refs/tags/2023.11.20.tar.gz | tar --strip-components=1 -xz -C /opt/vcpkg && \
+    rm -rf vcpkg.tar.gz
+
+# empty the vscpkg toolchains linux.cmake file to avoid the error
+RUN echo "" > /opt/vcpkg/scripts/toolchains/linux.cmake
+
+# install azure-identity-cpp azure-storage-blobs-cpp gtest via vcpkg
+RUN /opt/vcpkg/bootstrap-vcpkg.sh -disableMetrics && \
+    ln -s /opt/vcpkg/vcpkg /usr/local/bin/vcpkg && \
+    vcpkg version && \
+    vcpkg install azure-identity-cpp azure-storage-blobs-cpp gtest 
+
+########################################################################################
+FROM registry.access.redhat.com/ubi9/ubi:9.4-947.1717074712
+
+ARG TARGETARCH
+# ARG SUBMAN_USER
+# ARG SUBMAN_PASS
+USER 0
+
+# basic deps
+RUN dnf install -y make cmake automake gcc gcc-c++ \
+        zip git libaio libuuid-devel wget libstdc++-static \
+        python3.11 python3.11-pip libatomic libtool ninja-build \
+        perl-IPC-Cmd perl-Digest-SHA perl-FindBin 
+
+RUN alias python3='python3.11'
+
+# Assumes you have a valid subman subscription at the host machine
+
+# RUN subscription-manager register --username $SUBMAN_USER --password $SUBMAN_PASS --force
+RUN subscription-manager attach
+
+# This gets used for the codeready-builder-for-rhel-9-<arch> stream for openblas-devel
+COPY build/docker/builder/cpu/rhel9/install-rpms.sh /root/install-rpms.sh
+RUN chmod +x /root/install-rpms.sh
+RUN /root/install-rpms.sh
+
+# Install conan and Go
+RUN python3.11 -m pip install conan==1.61.0
+
+COPY build/docker/builder/cpu/rhel9/install-go.sh /root/install-go.sh
+RUN chmod +x /root/install-go.sh
+RUN source /root/install-go.sh
+
+RUN mkdir -p /.cache/go-build && chmod -R 777 /.cache/go-build
+
+RUN curl https://sh.rustup.rs -sSf | \
+    sh -s -- --default-toolchain=1.73 -y
+
+ENV PATH=/root/.cargo/bin:/usr/local/bin:/usr/local/go/bin:$PATH
+
+ENV VCPKG_FORCE_SYSTEM_BINARIES 1
+
+RUN mkdir /opt/vcpkg &&  \
+    wget -qO- vcpkg.tar.gz https://github.com/microsoft/vcpkg/archive/master.tar.gz | tar --strip-components=1 -xz -C /opt/vcpkg && \
+    rm -rf vcpkg.tar.gz
+
+COPY --from=vcpkg-installer /root/.cache/vcpkg /root/.cache/vcpkg
+COPY --chown=0:0 build/docker/builder/entrypoint.sh /
+
+ENTRYPOINT [ "/entrypoint.sh" ]
+CMD ["tail", "-f", "/dev/null"]