summaryrefslogtreecommitdiffstats
path: root/docker
AgeCommit message (Collapse)AuthorFilesLines
2017-07-14Adds network/cidr mapping into a new service propertyGiulio Fidente81-0/+397
Makes it possible to resolve network subnets within a service template; the data is transported into a new property ServiceData wired into every service which hopefully is generic enough to be extended in the future and transport more data. Data can be consumed in service templates to set config values which need to know what is the subnet where a deamon operates (for example the Ceph Public vs Cluster network). Change-Id: I28e21c46f1ef609517175f7e7ee19e28d1c0cba2
2017-07-13Merge "Containerize Manila Share service"Jenkins1-0/+118
2017-07-13Merge "Fix ironic-pxe startup issues"Jenkins1-7/+7
2017-07-13Merge "Add support for running crontabs in containers"Jenkins3-5/+15
2017-07-13Merge "Run rsync for Swift without xinetd"Jenkins1-4/+4
2017-07-13Merge "Add missing tags in iscsid upgrade_tasks"Jenkins1-0/+2
2017-07-12Fix ironic-pxe startup issuesDan Prince1-7/+7
This patch updates the ironic-api docker service so that it generates its config files in a unique config root. This ensures that it doesn't have config files in the httpd conf.d directory for both the API and PXE services thus causing the API container to attempt to launch both of them. This functionally fixes the Ironic API and PXE services with docker so they once again can bring up an overcloud. Change-Id: I537cd6a3337bf776ca38a279b7c130b6429eea04 Closes-bug: #1702799
2017-07-12Merge "Bind mount needed cert for haproxy for HA too"Jenkins1-12/+26
2017-07-12Containerize Manila Share serviceVictoria Martinez de la Cruz1-0/+118
Change-Id: I797eea2f7788f65411964ccb852b5707e916416f Partial-Bug: #1668922
2017-07-12Add support for running crontabs in containersOliver Walsh3-5/+15
This change enables the puppet cron resource in docker-puppet.py and adds user crontabs to the paths copied from the config containers. Only the nova crontab is configured for now. Other services will require similar changes to run their crontabs. Partial-Bug: 1701254 Change-Id: I2d1d0f0d77908a132472cf4bc475f8bd526af504 Depends-On: Ie16fb4539481a3c192cff8220a97daa4c70467fc
2017-07-12Run rsync for Swift without xinetdChristian Schwede1-4/+4
The default in non-containerized environments is to run rsync within xinetd for Red Hat-based deployments, however in an containerized environment this is not really needed. Therefore run rsync directly without being started by xinetd. Change-Id: I08abd917eba08d1192437ddf96c71b06d099a3f8
2017-07-10Bind mount needed cert for haproxy for HA tooMartin André1-12/+26
haproxy needs the deployed SSL cert file to function when TLS is enabled. It is also required for the docker-puppet haproxy container since the haproxy puppet module uses a validate_cmd to check the generated config file is valid that fails when the required SSL cert is not present. There is no clean way to disable this feature [1] so we need to bind mount the cert into the container. This commit applies the same change that was applied in Id2df144b678769def204961236624091d4e5c457 for the non-ha case. [1] https://github.com/puppetlabs/puppetlabs-haproxy/blob/4753ea5b2506ee093e9b4c8af6e91201d476d426/manifests/config.pp#L53-L57 Change-Id: I93e1ee86197bcf271f18a62a27c2f350ed3966ea Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
2017-07-10Copy only generated puppet files into the containerMartin André72-214/+627
This solves a problem with bind-mounts when the containers are holding files descriptors open. At the same time this makes the template more robust to puppet changes since new config files will be available in the containers without needing to update the templates. Partial-Bug: #1698323 Change-Id: Ia4ad6d77387e3dc354cd131c2f9756939fb8f736
2017-07-07Rename CongressApi to Congress (docker)Emilien Macchi1-5/+5
Before it was Congress, let's stay consistent and stop using CongressApi in Docker service, because we release. Change-Id: Id939b3d70e185da4279f3860812fa5dce27d64dd
2017-07-05Merge "Adds docker OpenDaylight"Jenkins3-3/+119
2017-07-05Merge "Bind mount needed cert for haproxy"Jenkins1-0/+12
2017-07-03Adds docker OpenDaylightTim Rozet3-3/+119
Depends-On: I020550ede0ef981582392cf6c48dd5cb5823a074 Depends-On: I610b07a3c2bcf1c3288f76112a08b81c50e06913 Depends-On: I3d378044b3da5309b60967a12df7800520a254dc Depends-On: I9c32b41ef865a09587f3ebfe8b8a896031fbd285 Depends-On: Ib31bf29bc69f5c58e98b99c3e598b19c99efc77f Change-Id: I36c7390ddb4192e55ee56006fd6e9c5f8704445c Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-07-03Merge "adding --config-dir parameters to neutron containers"Jenkins4-4/+4
2017-07-02adding --config-dir parameters to neutron containersOr Idgar4-4/+4
Change-Id: I521e89994e9be6efd335c5809810d9188dc1742f Closes-Bug: #1684908
2017-06-30Merge "Fix typo in config_volume"Jenkins1-2/+2
2017-06-30Merge "Ensure boostrap_host_exec runs as root"Jenkins2-0/+3
2017-06-30Merge "Force mtime for tar used in container config md5sums"Jenkins1-1/+1
2017-06-30Ensure boostrap_host_exec runs as rootMartin André2-0/+3
This is necessary for accessing the bind mounted hieradata in the container in order to determine if the node is the primary node. With the new validation added to yaml-validate.py, we could spot potential issues in sahara-api and keystone bootstrap tasks. The keystone one is a false positive, as the image defaults to the root user in order to be able to run apache. Still, it is better to be consistent here and specify the root user nonetheless. Change-Id: Ib0ff9748d5406f507261e506c19b96750b10e846 Closes-Bug: #1697917
2017-06-30Fix typo in config_volumeSven Anderson1-2/+2
Change-Id: I6a53a56c534f24cb514d8aeb8cec3d7865b93448
2017-06-30Bind mount needed cert for haproxyMartin André1-0/+12
haproxy needs the deployed SSL cert file to function when TLS is enabled. It is also required for the docker-puppet haproxy container since the haproxy puppet module uses a validate_cmd to check the generated config file is valid that fails when the required SSL cert is not present. There is no clean way to disable this feature [1] so we need to bind mount the cert into the container. [1] https://github.com/puppetlabs/puppetlabs-haproxy/blob/4753ea5b2506ee093e9b4c8af6e91201d476d426/manifests/config.pp#L53-L57 Change-Id: Id2df144b678769def204961236624091d4e5c457
2017-06-30Merge "Add missing xinetd/rsync container for Swift"Jenkins1-1/+21
2017-06-30Merge "Add detach to docker-toool"Jenkins1-6/+10
2017-06-30Merge "Remove ceilometer upgrade from other ceilometer containers"Jenkins2-28/+0
2017-06-29Merge "Add heat parameter for all of config_volume images"Jenkins78-216/+515
2017-06-29Force mtime for tar used in container config md5sumsSteven Hardy1-1/+1
The checksum is changing each run because the mtime is different, so force a specific date such that we only compare the directory contents. Change-Id: I5ed2b50176f902d7af12b96e650b67b736d59a4a
2017-06-29Merge "Enable nova-api to run over httpd again"Jenkins1-0/+3
2017-06-29Add missing tags in iscsid upgrade_tasksJiri Stransky1-0/+2
The stat resources weren't executed in step2, and Ansible failed on them being undefined. Change-Id: I93621dd80d97be597eff6b8913ae9d7b2810f837 Closes-Bug: #1701221
2017-06-28Remove ceilometer upgrade from other ceilometer containersPradeep Kilambi2-28/+0
Lets just run the ceilometer upgrade once in central agent container Change-Id: If5e5ca6122f8583c6221bc6b343e483e41f04d29 Closes-bug: #1700056
2017-06-28Enable nova-api to run over httpd againJuan Antonio Osorio Robles1-0/+3
This is needed for TLS everywhere. Change-Id: Iac35b7ddcd8a800901548c75ca8d5083ad17e4d3 Depends-On: I426bfdb9e6c852eb32d10a12e521bb8b47701c41
2017-06-28Default docker-puppet.py logging to INFODan Prince3-11/+26
If you want debug logging you can set the new DockerPuppetDebug heat parameter to 'True'. Change-Id: Iae7bb67379351ea15d61c331867d7005f07ba98e Closes-bug: 1700570
2017-06-28Add missing xinetd/rsync container for SwiftChristian Schwede1-1/+21
Swift object replication relies on the rsync server, which is run by xinetd. This patch adds the missing container and configuration. Note that xinetd needs bind to a privileged port (873) and has to be started as root therefore. Change-Id: I7655c9dd116c0130035d8a2fae81148171ae6448
2017-06-28Add heat parameter for all of config_volume imagesMartin André78-216/+515
This commit consistently defines a heat template parameter in the form of DockerXXXConfigImage where XXX represents the name of the config_volume that is used by docker-puppet. The goal is to mitigate hard to debug errors where the templates would set different defaults for the image docker-puppet.py uses to run, for the same config_volume name. This fixes a couple of inconsistencies on the way. Change-Id: I212020a76622a03521385a6cae4ce73e51ce5b6b Closes-Bug: #1699791
2017-06-27Merge "Add docker templates for octavia services"Jenkins4-0/+469
2017-06-26Provides a list of per-service ctlplane IPs to the workflows envGiulio Fidente1-0/+8
Adds in the execution environment of the workflow steps a list of per-service network IPs. This can be used by the workflows to execute actions against the nodes hosting a given service. Change-Id: Id7c735d53f04f6ad848b2f9f1adaa3c84ecd2fcd Implements: blueprint tripleo-ceph-ansible
2017-06-26Allows use of Mistral workflows during deployment stepsGiulio Fidente1-6/+72
Introduces a general mechanism meant to allow for the execution of workflows during the deployment steps. Services can define workflow actions to be triggered during a step in the newly added service_workflow_tasks section. The syntax is: service_workflow_tasks: step2: - name: my_action_name action: std.echo input: output: 'hello world' Implements: blueprint tripleo-ceph-ansible Depends-On: If02799e7457ca017cc119317dfb2db7198a3559f Depends-On: Ibc5707f9f06266fe84ad1dd91dcb984157871d30 Change-Id: I36a642fbc2076ad9e4a10ffc56d6d16f3ed6f27a
2017-06-26Merge "Make sensu-client log to file"Jenkins1-1/+11
2017-06-26Add docker templates for octavia servicesSteven Hardy4-0/+469
Depends-On: I270f3f6879737fc29370165e4a8fa8c9c19fffb3 Depends-On: I3a169e3321a26ee373ab873426a2d58acbcfe1bd Closes-Bug: #1668932 Co-Authored-By: Or Idgar <oidgar@redhat.com> Co-Authored-By: Brent Eagles <beagles@redhat.com> Co-Authored-By: Martin André <m.andre@redhat.com> Change-Id: I211707072bb0e4ac4aa48e9bbaccb7530f3de0ca
2017-06-26Merge "Containerize Cinder-backup for HA"Jenkins1-0/+152
2017-06-23Fix manila-api volumes listJiri Stransky1-0/+1
Change-Id: Idbbff1047fbc3f664e44131770ba2849ea9d51bc Closes-Bug: #1700082
2017-06-23Merge "Configuration for containerized MySQL clients"Jenkins1-0/+66
2017-06-23Merge "Make collectd log to file"Jenkins1-3/+17
2017-06-22Make collectd log to fileMartin Mágr1-3/+17
- sets collectd service in container to log to file consistently with other docker services. - corrects configuration mounts Depends-On: I50289ad6657852d37abbf12938128ff9ab9e3bac Change-Id: Ibf9efbe249d67d0fa1e50fbd7dd9902a64d5a273
2017-06-21Deploy ironic-api with WSGIDmitry Tantsur1-2/+7
Change-Id: Ifa985f29fbd589f58cb2fc75b5f442f7651fb2bf Depends-On: I952c86db88dcd611722a3feaea88f618eee17620
2017-06-21Make sensu-client log to fileMartin Mágr1-1/+11
This patch sets sensu-client service in container to log to file consistently with other docker services. Change-Id: Ic8929326cd73c4bc4515b592fed4826b9c1d516a
2017-06-20Merge "Fixup for manila-api containerized service"Jenkins1-13/+25