logo

NJP

← Back to News

Custom CNO Images - Part 2, ACC

Import · Jul 05, 2023 · article
Will Hallam

DISCLAIMER: this example is an academic exercise with a pinch of "what's possible" added in. It comes with no support or warranty, implied or explicit. Caveat emptor!

Intro

Here's an example of how to generate a Cloud Native Ops (CNO) ACC image in AWS ECR using AWS CodeBuild.

The files and scripts used by this example can be found in the following repo: https://github.com/willhallam-sn/example-cno-acc-custom

Image

To build my image, I chose to use AWS CodeBuild, so I added an AWS CodeCommit repo as a remote for my local Git repo, then created a CodeBuild pipeline which I linked to the CodeCommit repo. I added the following secrets to Secrets Manager, which I used to populate values in by buildspec.yml file:

dockerhub/pass1 - contains dockerhub password

dockerhub/username1 - contains dockerhub username

dockerhub/awsacctid - contains AWS account ID

The tweaks I applied to the standard recipe were in the Dockerfile, where I modified the Linux distro to Debian 11, as the OOB value of Debian 9 caused some repo issues with my AWS CodeBuild build environment. I also created an empty file in the asset/ folder, as I was using a URL to retrieve the ACC install payload vs. putting it under asset/ and the Docker build command would fail if asset/ remained empty.

Modify CNO Install

In order to use my custom image, I referred to this doc page for modifying the CNO manifest YAML:

https://docs.servicenow.com/bundle/utah-it-operations-management/page/product/cloud-native-operation...

The TL;DR is to visit the sn_k8s_itom_config table, select the applicable YAML file record, then either edit it in place or download the attached file, update it, re-upload it.

Since my cluster is in EKS and my images were going to ECR, I didn't need to use the section for private repo support, but I appreciate that the commented lines for doing so exist in the various YAML files.

Update Existing CNO Clusters

I had a couple EKS clusters already running CNO, so I used the following command to modify the existing CNO config to use the private images:

kubectl -n get statefulset(make note of the CNO statefulset name)

kubectl -n edit statefulset

View original source

https://www.servicenow.com/community/itom-articles/custom-cno-images-part-2-acc/ta-p/2605817