summaryrefslogtreecommitdiffstats
path: root/docker
AgeCommit message (Collapse)AuthorFilesLines
2017-03-22docker/keystone: Actually set fernet as the default token providerJuan Antonio Osorio Robles1-1/+1
A previous commit [1] added support for fernet in the keystone docker service; however, this was not set as the default token provider. This patch makes it the default. [1] Id92039b3bad9ecda169323e01de7bebae70f2ba0 Change-Id: Ib44ab61eba0be8ba54bc7d0bdb22437d769cb960
2017-03-22docker-puppet: skip empty volume entriesJuan Antonio Osorio Robles1-1/+2
This allows to optionally add volumes, where we could use a heat conditional to either put the volume path we want or put an empty string which should be safely skipped. Change-Id: I68f91ffdd8ceb14735adad1322fcf124c47b160c
2017-03-21Merge "Keep existing data for containerized ironic-conductor"Jenkins2-12/+45
2017-03-21Merge "Cleanup docker services templates"Jenkins16-85/+40
2017-03-20Merge "Containerize panko api service"Jenkins1-0/+119
2017-03-20Keep existing data for containerized ironic-conductorJiri Stransky2-12/+45
Use mounts instead of docker volumes, and preserve existing data when moving from baremetal to containerized ironic-conductor. We cannot keep the data in the same directory to avoid hard-linking errors in ironic, because of this issue: https://github.com/docker/docker/issues/7457 This means we need to copy the data over to a new location before we start the containers. Change-Id: If98460120212f887b06adf117c5d88b97682638e
2017-03-17Merge "docker/keystone: add metadata_settings to output"Jenkins1-0/+2
2017-03-17Merge "Keep existing data for containerized Swift"Jenkins2-16/+26
2017-03-17Merge "Keep existing data for containerized RabbitMQ"Jenkins1-2/+7
2017-03-17Containerize panko api serviceFlavio Percoco1-0/+119
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com> Closes-bug: #1668918 Change-Id: Ie1ebd25965bd2dbad2a22161da0022bad0b9e554
2017-03-17Merge "Keep existing data for containerized MongoDB"Jenkins1-1/+15
2017-03-16Merge "Keep existing data when moving to containerized MariaDB"Jenkins1-4/+21
2017-03-16docker/keystone: add metadata_settings to outputJuan Antonio Osorio Robles1-0/+2
This is used for the TLS-everywhere bits. It will be taken into account by a metadata hook that outputs relevant entries for the nova-metadata service; and subsequently kerberos principals will be created from these. Subsequent patches will add support for TLS in the internal network for the containerized keystone. Change-Id: Ic747ad9c8d6e76c8c16e347c1cdcabc899dd9f9a
2017-03-16Keep existing data for containerized SwiftJiri Stransky2-16/+26
Use mounts instead of docker volumes to preserve existing data when moving from baremetal to containerized Swift. Change-Id: Ib7cbca2ef674a0245a67b69ee2c77f574d74c181
2017-03-15Add upgrade tasks for aodh containersPradeep Kilambi4-0/+16
Change-Id: I936b31fd24c43e35092b3bfef4454a8da81d19c8
2017-03-14keystone/containers: Add support for fernet keysJuan Antonio Osorio Robles1-0/+19
Since the 'file' resource is included in the tags that puppet takes into account, we already generate the fernet keys if it's enabled as a token provider. This merely adds the keys to the container. However, if fernet is not the provider, we make this file addition optional. Change-Id: Id92039b3bad9ecda169323e01de7bebae70f2ba0
2017-03-14Keep existing data for containerized RabbitMQJiri Stransky1-2/+7
Use mounts instead of docker volumes to preserve existing data when moving from baremetal to containerized RabbitMQ. Change-Id: I8de6610d13d2d878ffba12eb742880eed694eb3e
2017-03-14Keep existing data for containerized MongoDBJiri Stransky1-1/+15
We used named Docker volume for MongoDB storage, which meant that when moving from bare metal to containerized, we lost data and reinitialized the storage from scratch. With this commit we keep the data by mounting the original data into the container. We also need make sure that file ownership is correct according to the uid/gid used within MongoDB container image. Change-Id: I86ef2cb37a068b767462d6d50fe451389b7cbb58
2017-03-14Keep existing data when moving to containerized MariaDBJiri Stransky1-4/+21
We used named Docker volume for MariaDB storage, which meant that when moving from BM to containerized wit MariaDB, we lost data and reinitialized the storage from scratch. With this commit we keep the data by mounting the original data into the container. We also need to make sure that file ownership is correct according to the MariaDB container image used, and that Kolla bootstrap mechanisms aren't retriggered, as they aren't idempotent. Change-Id: I1fc955021c6dd83f1a366495dd8c7281fb9e7cc5
2017-03-14Merge "Tasks hook for preparing BM host for deploying containerized services"Jenkins2-1/+32
2017-03-13Merge "Containerize gnocchi services"Jenkins3-0/+274
2017-03-13Merge "Pass the DOCKER_* env vars when running docker"Jenkins1-0/+5
2017-03-13Containerize gnocchi servicesPradeep Kilambi3-0/+274
Closes-bug: #1668928 Change-Id: I291df31be97c3d55cddb3924482aa5976a79c2b1
2017-03-13Tasks hook for preparing BM host for deploying containerized servicesJiri Stransky2-1/+32
This implements a host_prep_tasks hook where we can specify Ansible tasks to perform on the host before deploying containerized services. The hook runs in a single step, the assumption is that we will mostly use the hook for creating per-service directories on the host to ensure we are able to mount them into the containers. (We cannot do this operation via Puppet because all containerized services run their Puppet within a config container, so Puppet doesn't have access to host's filesystem.) Change-Id: I7d8bac39e0cd422fd651eefe29f7d10941ab4a1a
2017-03-10Containerize Aodh alarm servicesPradeep Kilambi4-0/+359
Closes-bug: #1668930 Change-Id: If5dff4388b255373083e164a74aaacd529a94111
2017-03-10Cleanup docker services templatesMartin André16-85/+40
Use yaml anchors wherever possible for image definition and drop unused anchors. Renamed parameters to Docker*ConfigImage to clarify that an image is specifically used to generate configuration files. Change-Id: I388bd59de7f1d36a3a881fbb723ba5bcba09e637
2017-03-10Remove docker_image sections (unused)Dan Prince35-166/+129
We don't use docker_image for anything. It is a remant of the pre-composable docker templates and we can now remove it. This patch removes references to the 'docker_image' section from docker/post.yaml and all of the docker/services* templates. Change-Id: I208c1ef1550ab39ab0ee47ab282f9b1937379810
2017-03-09Update docs per new puppet_config interfaceDan Prince1-14/+23
This updates the docker/service README so that it correctly documents the current requirements of the new puppet_config interface. Change-Id: I0f3e00ea3cce24152475abf6df34f4836e32c9c8
2017-03-08Move nova-scheduler data into puppet_configDan Prince1-7/+7
This is now required per the puppet_config interfaces for docker services (per I208c1ef1550ab39ab0ee47ab282f9b1937379810) Change-Id: Iab96919cb0a6b15942f3c19f8d28205261174edc
2017-03-08Enable Docker service for Compute roleMartin André1-21/+3
A recent commit [1] change how docker is installed and configured on the overcloud nodes, from a cloud-init script to a proper puppet profile in puppet-tripleo but forgot to enable the docker service on the compute nodes. [1] Ia50169819cb959025866348b11337728f8ed5c9e Change-Id: I202723d0e48f110e5b0dbfe3dcf6646da9f37948
2017-03-07Add puppet_config to docker neutron-l3 serviceDan Prince1-7/+11
This patch makes the neutron-l3 docker service adhere to the new puppet_config interface. Change-Id: If5b73ec90637e878af55c8404d1eff8c18e857c3
2017-03-07Merge "Enable composable upgrades for docker service templates"Jenkins28-327/+451
2017-03-07Merge "Overwrite nova placement with stub for docker"Jenkins1-0/+6
2017-03-06Enable composable upgrades for docker service templatesSteven Hardy28-327/+451
This aligns the docker based services with the new composable upgrades architecture we landed for ocata, and does a first-pass adding upgrade_tasks for the services (these may change, atm we only disable the service on the host). To run the upgrade workflow you basically do two steps: openstack overcloud deploy --templates \ -e environments/major-upgrade-composable-steps-docker.yaml This will run the ansible upgrade steps we define via upgrade_tasks then run the normal docker PostDeploySteps to bring up the containers. For the puppet workflow there's then an operator driven step where compute nodes (and potentially storage nodes) are upgrades in batches and finally you do: openstack overcloud deploy --templates \ -e environments/major-upgrade-converge-docker.yaml In the puppet case this re-applies puppet to unpin the nova RPC API so I guess it'll restart the nova containers this affects but otherwise will be a no-op (we also disable the ansible steps at this point. Depends-On: I9057d47eea15c8ba92ca34717b6b5965d4425ab1 Change-Id: Ia50169819cb959025866348b11337728f8ed5c9e
2017-03-06Merge "Put docker puppet config in puppet_config dict"Jenkins34-180/+261
2017-03-03Fix httpd dir create to not error if existsPradeep Kilambi1-1/+1
In cases where /var/log/httpd already exists, this exits with error code 1. $ sudo docker logs keystone-init-log mkdir: cannot create directory '/var/log/httpd': File exists Change-Id: I62bf08d9fc9e02d5f3016bd14bb0a090b76ac837
2017-03-02Overwrite nova placement with stub for dockerDan Prince1-0/+6
This updates kolla config to overwrite the stock version with the puppet-nova generated mock. Depends-On: Ie16a60c604ecf9f4012b0630f91e6ece2b6855db Change-Id: I320f024adc88102ea24c0212702fe2dce826874f Closes-bug: #440612
2017-03-01Merge "Containerize neutron-l3 agent"Jenkins1-0/+88
2017-03-01Put docker puppet config in puppet_config dictSteve Baker34-180/+261
This approach removes the need for the yaql zip to build the docker-puppet data by building the data in a puppet_config dict. This allows a future change to make docker-puppet.py only accept dict data. Currently the step_config is left where it is and referenced inside puppet_config, but feedback is welcome whether this is necessary or desirable. Change-Id: I4a4d7a6fd2735cb841174af305dbb62e0b3d3e8c
2017-03-01Containerize neutron-l3 agentJohn Trowbridge1-0/+88
This allows to run a containerized neutron on the overcloud. Co-Authored-By: Martin André <m.andre@redhat.com> Depends-On: Iaf6536b1c4d0b2b118af92295136378cdfeee9d1 Change-Id: I86a12248d4f28f4dbe7708be928bcd8a45968d01
2017-03-01Associate unmapped hosts with cell mappingsJohn Trowbridge1-0/+10
Otherwise the containerized nova running in the overcloud fails with "Host 'overcloud-novacompute-0' is not mapped to any cell, Code: 400". Co-Authored-By: Martin André <m.andre@redhat.com> Change-Id: I9ff77f25bfd1f37167b0638a32fe5049951bc5b4
2017-03-01Pass the DOCKER_* env vars when running dockerFlavio Percoco1-0/+5
We should always pass the `DOCKER_*` env vars to all the `docker` commands that are executed in the various scripts as those variables may contain the access data for the docker daemon. Change-Id: Ie719f451350e6ea35cb22d97a8f090ad81fa8141
2017-03-01Switch to dict format for docker_puppet_tasksSteve Baker4-17/+31
This change gives the option of docker-puppet.py data to be in a dict as well as a list. This allows docker_puppet_tasks data to use the same keys as the top level puppet config data. If the yaql fu can be worked out to build the top level data, docker-puppet.py can later drop the list format entirely. Change-Id: I7e2294c6c898d2340421c93516296ccf120aa6d2
2017-02-28Merge "Write out a json file containing container startup info and create ↵Jenkins2-0/+207
tool to use it."
2017-02-24Add option to diff containers after config stage.Ian Main1-0/+9
This allows you to show the changes made to a container during configuration stage for fast development. Change-Id: Id9c72cf2b07486f0a80bf3572a7ba349888d877f
2017-02-24Merge "Containers: workaround for neutron DB sync"Jenkins1-0/+3
2017-02-24Containers: workaround for neutron DB syncJiri Stransky1-0/+3
Neutron DB sync didn't have permission to read the config files, we now run neutron-db-manage as root until we can find a more permanent solution. Change-Id: I502a8514adc523c7cac1da059be10480eef71cb9 Closes-Bug: #1667300
2017-02-23Add step to docker_puppet_tasksDan Prince3-3/+6
This patch sets the step correctly for docker_puppet_tasks. This is now required in order to match the 'step' in some puppet manifests explicitly so that things like keystone initialization run correctly. Closes-bug: #1667454 Change-Id: If2bdd0b1051125674f116f895832b48723d82b3a
2017-02-23Merge "Parallelize docker-puppet.py"Jenkins1-18/+40
2017-02-23Merge "Add docker mysql service"Jenkins1-0/+130