Custom CNO Images - Part 2, ACC

Will Hallam
ServiceNow Employee
ServiceNow Employee

on ‎07-05-2023 08:25 AM

DISCLAIMER: this example is an academic exercise with a pinch of "what's possible" added in.  It comes with no support or warranty, implied or explicit.  Caveat emptor!

 

Intro

Here's an example of how to generate a Cloud Native Ops (CNO) ACC image in AWS ECR using AWS CodeBuild.

 

The files and scripts used by this example can be found in the following repo: https://github.com/willhallam-sn/example-cno-acc-custom

 

Image

 

To build my image, I chose to use AWS CodeBuild, so I added an AWS CodeCommit repo as a remote for my local Git repo, then created a CodeBuild pipeline which I linked to the CodeCommit repo.  I added the following secrets to Secrets Manager, which I used to populate values in by buildspec.yml file:

 

dockerhub/pass1 - contains dockerhub password

dockerhub/username1 - contains dockerhub username

dockerhub/awsacctid - contains AWS account ID

 

The tweaks I applied to the standard recipe were in the Dockerfile, where I modified the Linux distro to Debian 11, as the OOB value of Debian 9 caused some repo issues with my AWS CodeBuild build environment.  I also created an empty file in the asset/ folder, as I was using a URL to retrieve the ACC install payload vs. putting it under asset/ and the Docker build command would fail if asset/ remained empty.

 

Modify CNO Install

In order to use my custom image, I referred to this doc page for modifying the CNO manifest YAML:

 

https://docs.servicenow.com/bundle/utah-it-operations-management/page/product/cloud-native-operation...

 

The TL;DR is to visit the sn_k8s_itom_config table, select the applicable YAML file record, then either edit it in place or download the attached file, update it, re-upload it.

 

Since my cluster is in EKS and my images were going to ECR, I didn't need to use the section for private repo support, but I appreciate that the commented lines for doing so exist in the various YAML files.

 

Update Existing CNO Clusters

I had a couple EKS clusters already running CNO, so I used the following command to modify the existing CNO config to use the private images:

 

kubectl -n <namespace> get statefulset

(make note of the CNO statefulset name)

kubectl -n <namespace> edit statefulset <statefulset name>
0 Helpfuls
  • 224 Views
Version history
Last update:
‎07-05-2023 08:25 AM
Updated by:
ServiceNow Employee
Contributors