diff options
Diffstat (limited to 'docker')
-rw-r--r-- | docker/firstboot/install_docker_agents.yaml | 2 | ||||
-rwxr-xr-x | docker/firstboot/start_docker_agents.sh | 101 | ||||
-rw-r--r-- | docker/post.j2.yaml | 60 | ||||
-rw-r--r-- | docker/services/neutron-ovs-agent.yaml | 11 | ||||
-rw-r--r-- | docker/services/nova-compute.yaml | 2 | ||||
-rw-r--r-- | docker/services/nova-libvirt.yaml | 7 | ||||
-rw-r--r-- | docker/services/services.yaml | 2 |
7 files changed, 42 insertions, 143 deletions
diff --git a/docker/firstboot/install_docker_agents.yaml b/docker/firstboot/install_docker_agents.yaml index f6d61e2d..41a87406 100644 --- a/docker/firstboot/install_docker_agents.yaml +++ b/docker/firstboot/install_docker_agents.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: ocata parameters: DockerAgentImage: diff --git a/docker/firstboot/start_docker_agents.sh b/docker/firstboot/start_docker_agents.sh index 40e5248a..1c5cc18d 100755 --- a/docker/firstboot/start_docker_agents.sh +++ b/docker/firstboot/start_docker_agents.sh @@ -1,76 +1,56 @@ #!/bin/bash set -eux -/sbin/setenforce 0 -/sbin/modprobe ebtables - -# CentOS sets ptmx to 000. Withoutit being 666, we can't use Cinder volumes -chmod 666 /dev/pts/ptmx - -# We need hostname -f to return in a centos container for the puppet hook -HOSTNAME=$(hostname) -echo "127.0.0.1 $HOSTNAME.localdomain $HOSTNAME" >> /etc/hosts - -# update docker for local insecure registry(optional) -# Note: This is different for different docker versions -# For older docker versions < 1.4.x use commented line -#echo "OPTIONS='--insecure-registry $docker_registry'" >> /etc/sysconfig/docker -#echo "ADD_REGISTRY='--registry-mirror $docker_registry'" >> /etc/sysconfig/docker +# TODO remove this when built image includes docker +if [ ! -f "/usr/bin/docker" ]; then + yum -y install docker +fi # Local docker registry 1.8 # NOTE(mandre) $docker_namespace_is_registry is not a bash variable but is # a place holder for text replacement done via heat -if [ "$docker_namespace_is_registry" = True ]; then +if [ "$docker_namespace_is_registry" = "True" ]; then /usr/bin/systemctl stop docker.service # if namespace is used with local registry, trim all namespacing trim_var=$docker_registry registry_host="${trim_var%%/*}" /bin/sed -i -r "s/^[# ]*INSECURE_REGISTRY *=.+$/INSECURE_REGISTRY='--insecure-registry $registry_host'/" /etc/sysconfig/docker - /usr/bin/systemctl start --no-block docker.service fi -/usr/bin/docker pull $agent_image & -DOCKER_PULL_PID=$! - mkdir -p /var/lib/etc-data/json-config #FIXME: this should be a docker data container # NOTE(flaper87): Heat Agent required mounts -AGENT_COMMAND_MOUNTS="-v /var/lib/etc-data:/var/lib/etc-data \ - -v /run:/run \ - -v /etc:/host/etc \ - -v /usr/bin/atomic:/usr/bin/atomic \ - -v /var/lib/dhclient:/var/lib/dhclient \ - -v /var/lib/cloud:/var/lib/cloud \ - -v /var/lib/heat-cfntools:/var/lib/heat-cfntools \ - -v /etc/sysconfig/docker:/etc/sysconfig/docker \ - -v /etc/sysconfig/network-scripts:/etc/sysconfig/network-scripts \ - -v /var/lib/os-collect-config:/var/lib/os-collect-config \ - -v /var/lib/os-apply-config-deployments:/var/lib/os-apply-config-deployments \ - -v /var/lib/heat-config:/var/lib/heat-config \ - -v /usr/lib64/libseccomp.so.2:/usr/lib64/libseccomp.so.2" - - -# NOTE(flaper87): Some of these commands may not be present depending on the -# atomic version. -for docker_cmd in docker docker-current docker-latest; do - if [ -f "/usr/bin/$docker_cmd" ]; then - AGENT_COMMAND_MOUNTS+=" -v /usr/bin/$docker_cmd:/usr/bin/$docker_cmd" - fi -done +AGENT_COMMAND_MOUNTS="\ +-v /var/lib/etc-data:/var/lib/etc-data \ +-v /run:/run \ +-v /etc/hosts:/etc/hosts \ +-v /etc:/host/etc \ +-v /var/lib/dhclient:/var/lib/dhclient \ +-v /var/lib/cloud:/var/lib/cloud \ +-v /var/lib/heat-cfntools:/var/lib/heat-cfntools \ +-v /var/lib/os-collect-config:/var/lib/os-collect-config \ +-v /var/lib/os-apply-config-deployments:/var/lib/os-apply-config-deployments \ +-v /var/lib/heat-config:/var/lib/heat-config \ +-v /etc/sysconfig/docker:/etc/sysconfig/docker \ +-v /etc/sysconfig/network-scripts:/etc/sysconfig/network-scripts \ +-v /usr/lib64/libseccomp.so.2:/usr/lib64/libseccomp.so.2 \ +-v /usr/bin/docker:/usr/bin/docker \ +-v /usr/bin/docker-current:/usr/bin/docker-current \ +-v /var/lib/os-collect-config:/var/lib/os-collect-config" # heat-docker-agents service cat <<EOF > /etc/systemd/system/heat-docker-agents.service - [Unit] Description=Heat Docker Agent Container After=docker.service Requires=docker.service +Before=os-collect-config.service +Conflicts=os-collect-config.service [Service] User=root -Restart=on-failure -ExecStartPre=-/usr/bin/docker kill heat-agents -ExecStartPre=-/usr/bin/docker rm heat-agents +Restart=always +ExecStartPre=-/usr/bin/docker rm -f heat-agents ExecStart=/usr/bin/docker run --name heat-agents --privileged --net=host \ $AGENT_COMMAND_MOUNTS \ --entrypoint=/usr/bin/os-collect-config $agent_image @@ -78,35 +58,12 @@ ExecStop=/usr/bin/docker stop heat-agents [Install] WantedBy=multi-user.target - EOF # enable and start heat-docker-agents -chmod 0640 /etc/systemd/system/heat-docker-agents.service /usr/bin/systemctl enable heat-docker-agents.service /usr/bin/systemctl start --no-block heat-docker-agents.service -# Disable NetworkManager and let the ifup/down scripts work properly. -/usr/bin/systemctl disable NetworkManager -/usr/bin/systemctl stop NetworkManager - -# Atomic's root partition & logical volume defaults to 3G. In order to launch -# larger VMs, we need to enlarge the root logical volume and scale down the -# docker_pool logical volume. We are allocating 80% of the disk space for -# vm data and the remaining 20% for docker images. -ATOMIC_ROOT='/dev/mapper/atomicos-root' -ROOT_DEVICE=`pvs -o vg_name,pv_name --no-headings | grep atomicos | awk '{ print $2}'` - -growpart $( echo "${ROOT_DEVICE}" | sed -r 's/([^0-9]*)([0-9]+)/\1 \2/' ) -pvresize "${ROOT_DEVICE}" -lvresize -l +80%FREE "${ATOMIC_ROOT}" -xfs_growfs "${ATOMIC_ROOT}" - -cat <<EOF > /etc/sysconfig/docker-storage-setup -GROWPART=true -AUTO_EXTEND_POOL=yes -POOL_AUTOEXTEND_PERCENT=30 -POOL_AUTOEXTEND_THRESHOLD=70 -EOF - -wait $DOCKER_PULL_PID +# Disable libvirtd +/usr/bin/systemctl disable libvirtd.service +/usr/bin/systemctl stop libvirtd.service diff --git a/docker/post.j2.yaml b/docker/post.j2.yaml index 6cb92c83..1ba96e27 100644 --- a/docker/post.j2.yaml +++ b/docker/post.j2.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-10-14 +heat_template_version: ocata description: > Post-deploy configuration steps via puppet for all roles, @@ -25,16 +25,6 @@ parameters: default: 'tripleoupstream' type: string - DockerOpenvswitchDBImage: - description: image - default: 'centos-binary-openvswitch-db-server' - type: string - - DockerOvsVswitchdImage: - description: image - default: 'centos-binary-openvswitch-vswitchd' - type: string - LibvirtConfig: type: string default: "/etc/libvirt/libvirtd.conf" @@ -45,7 +35,7 @@ parameters: NeutronOpenvswitchAgentConfig: type: string - default: "/etc/neutron/neutron.conf,/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini" + default: "/etc/neutron/neutron.conf,/etc/neutron/plugins/ml2/openvswitch_agent.ini" resources: @@ -206,52 +196,6 @@ resources: nova_config: {get_param: NovaConfig} neutron_openvswitch_agent_config: {get_param: NeutronOpenvswitchAgentConfig} - NovaComputeContainersDeploymentOVS: - type: OS::Heat::StructuredDeploymentGroup - depends_on: CopyJsonDeployment - properties: - name: NovaComputeContainersDeploymentOVS - config: {get_resource: NovaComputeContainersConfigOVS} - servers: {get_param: [servers, {{role.name}}]} - - NovaComputeContainersConfigOVS: - type: OS::Heat::StructuredConfig - properties: - group: docker-cmd - config: - openvswitchdb: - image: - list_join: - - '/' - - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchDBImage} ] - net: host - restart: always - volumes: - - /var/lib/etc-data/json-config/ovsdb-server.json:/var/lib/kolla/config_files/config.json - - /etc/localtime:/etc/localtime:ro - - /run:/run - - logs:/var/log/kolla/ - - openvswitch_db:/var/lib/openvswitch/ - environment: - - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS - - ovsvswitchd: - image: - list_join: - - '/' - - [ {get_param: DockerNamespace}, {get_param: DockerOvsVswitchdImage} ] - net: host - privileged: true - restart: always - volumes: - - /var/lib/etc-data/json-config/ovs-vswitchd.json:/var/lib/kolla/config_files/config.json - - /etc/localtime:/etc/localtime:ro - - /lib/modules:/lib/modules:ro - - /run:/run - - logs:/var/log/kolla/ - environment: - - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS - {{role.name}}ContainersConfig_Step1: type: OS::Heat::StructuredConfig depends_on: CopyJsonDeployment diff --git a/docker/services/neutron-ovs-agent.yaml b/docker/services/neutron-ovs-agent.yaml index 8d092a34..1c9e60db 100644 --- a/docker/services/neutron-ovs-agent.yaml +++ b/docker/services/neutron-ovs-agent.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: ocata description: > OpenStack Neutron openvswitch service @@ -12,12 +12,6 @@ parameters: description: image default: 'centos-binary-neutron-openvswitch-agent' type: string - NeutronOpenvswitchAgentPluginVolume: - type: string - default: "/var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/ovs_neutron_plugin.ini:ro" - NeutronOpenvswitchAgentOvsVolume: - type: string - default: " " ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -64,8 +58,7 @@ outputs: - /var/lib/etc-data/json-config/neutron-openvswitch-agent.json:/var/lib/kolla/config_files/config.json - /var/lib/etc-data/neutron/neutron.conf:/var/lib/kolla/config_files/neutron.conf:ro - /var/lib/etc-data/neutron/plugins/ml2/ml2_conf.ini:/var/lib/kolla/config_files/ml2_conf.ini:ro - - {get_param: NeutronOpenvswitchAgentPluginVolume} - - {get_param: NeutronOpenvswitchAgentOvsVolume} + - /var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/openvswitch_agent.ini:ro - /etc/localtime:/etc/localtime:ro - /lib/modules:/lib/modules:ro - /run:/run diff --git a/docker/services/nova-compute.yaml b/docker/services/nova-compute.yaml index 5c56aeee..c695c94d 100644 --- a/docker/services/nova-compute.yaml +++ b/docker/services/nova-compute.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: ocata description: > OpenStack containerized Nova Compute service diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml index 36511557..a40a21fd 100644 --- a/docker/services/nova-libvirt.yaml +++ b/docker/services/nova-libvirt.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: ocata description: > OpenStack Libvirt Service @@ -55,6 +55,11 @@ outputs: volumes: - /var/lib/etc-data/json-config/nova-libvirt.json:/var/lib/kolla/config_files/config.json - /var/lib/etc-data/libvirt/libvirtd.conf:/var/lib/kolla/config_files/libvirtd.conf + # NOTE(mandre) Ideally the qemu.conf file is mounted in + # /var/lib/kolla/config_files and copied to the right place but + # copy-json.py doesn't allow us to do that without appending the + # file as an additional config on the CLI + - /var/lib/etc-data/libvirt/qemu.conf:/etc/libvirt/qemu.conf:ro - /etc/localtime:/etc/localtime:ro - /lib/modules:/lib/modules:ro - /run:/run diff --git a/docker/services/services.yaml b/docker/services/services.yaml index 37e7b655..3d51eb19 100644 --- a/docker/services/services.yaml +++ b/docker/services/services.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-10-14 +heat_template_version: ocata description: > Utility stack to convert an array of services into a set of combined |