Docker compute role configured via Puppet

This change adds a containerized version of the overcloud compute node for TripleO. Configuration files are generated via OpenStack Puppet modules which are then used to externally configure kolla containers for each OpenStack service. See the README-containers.md file for more information on how to set this up. This uses AtomicOS as a base operating system and requires that we bootstrap the image with a container which contains the required os-collect-config agent hooks to support running puppet, shell scripts, and docker compose. Change-Id: Ic8331f52b20a041803a9d74cdf0eb81266d4e03c Co-Authored-By: Ian Main <imain@redhat.com> Co-Authored-By: Ryan Hallisey <rhallise@redhat.com>
author: Dan Prince <dprince@redhat.com> 2015-08-05 08:55:57 -0400
committer: Ryan Hallisey <rhallise@redhat.com> 2015-10-08 07:34:26 -0400
commit: 65958395f4ff4de30ccc927df855555cbe014be2 (patch)
tree: a3038229c675dec5bfbc61b5f7fecd60965c7450 /docker/firstboot
parent: d82de68c774f152781633823394738520bf781a3 (diff)
2 files changed, 102 insertions, 0 deletions
diff --git a/docker/firstboot/install_docker_agents.yaml b/docker/firstboot/install_docker_agents.yaml
new file mode 100644
index 00000000..8adc8939
--- /dev/null
+++ b/docker/firstboot/install_docker_agents.yaml
@@ -0,0 +1,28 @@
+heat_template_version: 2014-10-16
+
+parameters:
+  DockerAgentImage:
+    type: string
+    default: dprince/heat-docker-agents-centos
+
+resources:
+
+  userdata:
+    type: OS::Heat::MultipartMime
+    properties:
+      parts:
+      - config: {get_resource: install_docker_agents}
+
+  install_docker_agents:
+    type: OS::Heat::SoftwareConfig
+    properties:
+      group: script
+      config:
+        str_replace:
+          params:
+            $agent_image: {get_param: DockerAgentImage}
+          template: {get_file: ./start_docker_agents.sh}
+
+outputs:
+  OS::stack_id:
+    value: {get_resource: userdata}
diff --git a/docker/firstboot/start_docker_agents.sh b/docker/firstboot/start_docker_agents.sh
new file mode 100644
index 00000000..caf511bd
--- /dev/null
+++ b/docker/firstboot/start_docker_agents.sh
@@ -0,0 +1,74 @@
+#!/bin/bash
+set -eux
+
+# firstboot isn't split out by role yet so we handle it this way
+if ! hostname | grep compute &>/dev/null; then
+ echo "Exiting. This script is only for the compute role."
+ exit 0
+fi
+
+mkdir -p /var/lib/etc-data/ #FIXME: this should be a docker data container
+
+# heat-docker-agents service
+cat <<EOF > /etc/systemd/system/heat-docker-agents.service
+
+[Unit]
+Description=Heat Docker Agent Container
+After=docker.service
+Requires=docker.service
+
+[Service]
+User=root
+Restart=on-failure
+ExecStartPre=-/usr/bin/docker kill heat-agents
+ExecStartPre=-/usr/bin/docker rm heat-agents
+ExecStartPre=/usr/bin/docker pull $agent_image
+ExecStart=/usr/bin/docker run --name heat-agents --privileged --net=host -v /var/lib/etc-data:/var/lib/etc-data -v /run:/run -v /etc:/host/etc -v /usr/bin/atomic:/usr/bin/atomic -v /var/lib/dhclient:/var/lib/dhclient -v /var/lib/cloud:/var/lib/cloud -v /var/lib/heat-cfntools:/var/lib/heat-cfntools --entrypoint=/usr/bin/os-collect-config $agent_image
+ExecStop=/usr/bin/docker stop heat-agents
+
+[Install]
+WantedBy=multi-user.target
+
+EOF
+
+# update docker for local insecure registry(optional)
+# Note: This is different for different docker versions
+# For older docker versions < 1.4.x use commented line
+#echo "OPTIONS='--insecure-registry $docker_registry'" >> /etc/sysconfig/docker
+#echo "ADD_REGISTRY='--registry-mirror $docker_registry'" >> /etc/sysconfig/docker
+
+# Local docker registry 1.8
+#/bin/sed -i s/ADD_REGISTRY/#ADD_REGISTRY/ /etc/sysconfig/docker
+
+/sbin/setenforce 0
+/sbin/modprobe ebtables
+
+# Create /var/lib/etc-data for now.  FIXME: This should go into a data container.
+#mkdir -p /var/lib/etc-data
+
+echo nameserver 8.8.8.8 > /etc/resolv.conf
+
+# We need hostname -f to return in a centos container for the puppet hook
+HOSTNAME=$(hostname)
+echo "127.0.0.1 $HOSTNAME.localdomain $HOSTNAME" >> /etc/hosts
+
+# Another hack.. we need latest docker..
+/usr/bin/systemctl stop docker.service
+/bin/curl -o /tmp/docker https://get.docker.com/builds/Linux/x86_64/docker-latest
+/bin/mount -o remount,rw /usr
+/bin/rm /bin/docker
+/bin/cp /tmp/docker /bin/docker
+/bin/chmod 755 /bin/docker
+
+# enable and start docker
+/usr/bin/systemctl enable docker.service
+/usr/bin/systemctl restart --no-block docker.service
+
+# enable and start heat-docker-agents
+chmod 0640 /etc/systemd/system/heat-docker-agents.service
+/usr/bin/systemctl enable heat-docker-agents.service
+/usr/bin/systemctl start --no-block heat-docker-agents.service
+
+# Disable NetworkManager and let the ifup/down scripts work properly.
+/usr/bin/systemctl disable NetworkManager
+/usr/bin/systemctl stop NetworkManager
author	Dan Prince <dprince@redhat.com>	2015-08-05 08:55:57 -0400
committer	Ryan Hallisey <rhallise@redhat.com>	2015-10-08 07:34:26 -0400
commit	65958395f4ff4de30ccc927df855555cbe014be2 (patch)
tree	a3038229c675dec5bfbc61b5f7fecd60965c7450 /docker/firstboot
parent	d82de68c774f152781633823394738520bf781a3 (diff)