Age | Commit message (Collapse) | Author | Files | Lines |
|
This patch adds docker services for Heat API, API Cfn, and Engine.
Change-Id: I50caad9b9cf5482a8872cb0f2a67477b5e829ead
|
|
This patch adds a new (optional) section to the docker post.j2.yaml
that collects any 'docker_puppet_tasks' data from enabled
services and applies it on the primary role node (the
first node in the primary (first) role).
The use case for this is although we are generally only using
puppet for configuration there are several exceptions that we
desire to make use of today for parity with baremetal. This
includes things like database creation and keystone endpoint
initialization which we rely on configuration via hiera variables
controlled by the puppet services.
Change-Id: Ic14ef48f26de761b0d0eabd0e1c0eae52d90e68a
|
|
This patch implements a new docker deployment architecture that
should us to install docker services in a stepwise manner alongside
of baremetal puppet services. This works by using Yaql to select
docker specific services (docker/services/*.yaml) vs the puppet
specific ones and then applying the selected Json to relevant Heat
software deployments for docker and baremetal puppet in a stepwise
fashion.
Additionally the new architecture
leverages new composable services interfaces from Newton to
allow configuration of per-service container configuration
sets (directories that are bind mounted into kolla containers) by
using the Kolla containers themselves. It does this by spinning up
a throw away "configuration only" version of the container being
configured itself, then running the puppet apply in that container and
copying the generated config files into /var/lib/config-data. This
avoids having to install all of the OpenStack dependency packages
in the heat-agent-container itself (our previous approach) and should
allow us to configure a much wider variety of container config files
that would otherwise be impossible with the previous shared approach.
The new approach (combined) should allow us to configure containers in
both the undercloud and overcloud and incrementally add CI coverage to
services as we containerize them.
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Ian Main <imain@redhat.com>
Co-Authored-By: Flavio Percoco <flavio@redhat.com>
Change-Id: Ibcff99f03e6751fbf3197adefd5d344178b71fc2
|
|
This parameter is passed in by the parent overcloud.yaml template, so we
have to listen accept it in docker/post.j2.yaml, otherwise the
deployment fails.
Change-Id: Ia3fdcfa01d52006a6e9fd0bb02c7379411f3d900
Closes-Bug: #1664569
|
|
This patch rewires how we configure the Kolla external config files
via Heat templates and uses a more simple json-file heat hook to
directly write out Kolla config files to disk.
By using a heat hook instead of a shell script we can avoid
Json conversion issues. Additionally, This generic json file hook will
be useful for other ad-hoc Json file configuration within the TripleO
docker architecture.
Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: I8c72a4a9a7022f722bfe1cef3e18517605720cce
Depends-On: I2b372ac2e291339e436202c9fe58a681ed6a743f
Depends-On: Id3f779b11e23fd3122ef29b7ccbae116667d4520
|
|
The mechanism to pass config files to the neutron-ovs-agent container
was overly complex and not at all justified. This commit removes a few
useless parameters and aligns the neutron-ovs-agents with the rest of
the containers.
Change-Id: Ib9a5985ac9d098731c2fb798d6c9e03cba4b87dd
|
|
|
|
|
|
Heat now supports release name aliases, so we can replace
the inconsistent mix of date related versions with one consistent
version that aligns with the supported version of heat for this
t-h-t branch.
This should also help new users who sometimes copy/paste old templates
and discover intrinsic functions in the t-h-t docs don't work because
their template version is too old.
Change-Id: Ib415e7290fea27447460baa280291492df197e54
|
|
This allows us to workaround an issue where the default setting for
qemu changed to logging to virtlogd which is not yet containerized.
Change-Id: I9d25b1299c4f02068d1073c5b78d4c7a2099721e
Depends-On: I9a9705e5c79eec3bbaf02b491498886b858b7a95
Closes-Bug: #1652119
|
|
This switches to using overcloud-full as the OS image for
containerized compute. It includes the following changes:
- install docker, until this change lands
I1eab2a6de721c8f3c21c7df0019f2d4d1cc3775f
- agent image pull has been removed. This avoids a race between docker
starting and the current call to pull. This relies on "docker run"
to do the initial pull and leaves open the option of some other
prefetch mechanism to do the initial pull
- rely on unit Conflicts= to ensure heat-docker-agents and
os-collect-config do not run at the same time
- tweaks to host bind mounts
- removal of commands which only apply to atomic
Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: I2e82634785834a877a4dbdbdcd788a9ac1c14a9d
|
|
These ensure that software configuration tasks are not re-run when the
heat-agents container is restarted.
Change-Id: Ieb84fe1f6dd849737ff22f51daa12ddc467dcdde
|
|
The script run-os-net-config[1] copies in ifcfg-* from the host before
running os-net-config. Apparently it was done this way because the
other scripts in /etc/sysconfig/network-scripts/ differed between host
and agent container. This should be less of an issue now that host and
heat-agents run centos-7 (even when the host is atomic)
tripleo-heat-templates recently changed to running os-net-config in a
deployment script instead of an os-refresh-config script [2]. This
means that our current run-os-net-config approach is currently
resulting in os-net-config being executed twice.
Another issue with run-os-net-config is that it copies ifcfg-* from
host to container, but not back again. This means that rebooting the
server will result in unconfigured interfaces until os-net-config is
somehow run again.
This change bind mounts /etc/sysconfig/network-scripts/ from the host
and uses the conventional approach to running os-refresh-config.
This may fix the issue where compute nodes are losing network
connectivity, so
Closes-Bug: #1646897
[1] http://git.openstack.org/cgit/openstack/tripleo-common/tree/heat_docker_agent/run-os-net-config
[2] I0ed08332cfc49a579de2e83960f0d8047690b97a
Change-Id: I763fc8d8e3eb10ac64d33e46c92888d211003e72
|
|
This change modifies the template interface to support containers and
converts the compute services to composable roles.
Co-Authored-By: Dan Prince <dprince@redhat.com>
Co-Authored-By: Flavio Percoco <flavio@redhat.com>
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Steve Baker <sbaker@redhat.com>
Change-Id: I82fa58e19de94ec78ca242154bc6ecc592112d1b
|
|
The /usr/bin/docker is a shell script in latest atomic host, pointing
to either docker-latest or docker-current binary. Bind mount the
required files from atomic host to be able to run docker in docker
inside heat-agents container.
Co-Authored-By: Flavio Percoco <flavio@redhat.com>
Change-Id: I97e29f65beb3a3f89c1b42c339e2e89f0fc1d519
|
|
The test was always evaluate as true which resulted in
insecure_registry line being set even when DockerNamespaceIsRegistry
was set to false.
Change-Id: Iacb73a4908a6a27082b94fe919734e644ed47b19
|
|
The regex failed to match the INSECURE_REGISTRY string used in latest
atomic host image due to it expecting a whitespace after
--insecure-registry.
Change-Id: Ib8f288d844b4d94b0f6309bfd04bb05930d8c4c5
|
|
This patch moves the image pull step out of the service heat-agent
service script to ease the service init process and to make it more
reliable. By doing this outside of the service script, it's possible to
know when the `firstboot` script failed and report back.
It also updates the firstboot yaml file to point to the
`tripleoupstream` org.
Co-Authored-By: Flavio Percoco <flavio@redhat.com>
Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: I2f0b8092ec69320ee370e1d7d20b8c15c95a1d0d
|
|
This just adds a default value for `RoleData` in
docker/compute-post.yaml
Change-Id: I96a01dc22e03980b93b32f0f9990f35b83ecfb24
|
|
Change I84c97a76159704c2d6c963bc4b26e365764b1366 missed
`docker/compute-post.yaml`.
Change-Id: I680eabf2f316c7fccc9d53d75dc16139c9959c64
|
|
We added NodeConfigIdentifiers to trigger config to be re-applied on
update, but then later added DeployIdentifier which forces config to
*always* be applied on update, so we can simplify things by just
referencing the DeployIdentifier directly.
Change-Id: I79212def1936740825b714419dcb4952bc586a39
|
|
|
|
|
|
This patch switches to use docker-cmd without changing the heat
templates.
Change-Id: I4a6a42819e83e3b70bf1e37c09d155c5cf8a7ee4
|
|
Kolla has been using ceph. For a while, cinder had
iscsi build into it, but it was removed. In order to
get this to work with containers again, nova-compute and
libvirt containers need /dev and /lib/udev mounted into their
containers.
We also need to copy nova's rootwrap.conf into the nova.
It was missing this config file.
Change-Id: Ie77f56b4576d5393ad3756b0f5ecc3eeff844d1f
|
|
Atomic is set to Docker 1.8.2. We no longer need to pull the
latest Docker to make our template work.
Change-Id: I8ab4e135ed4891763f8ced596116b14101466160
Co-Authored-By: Ian Main <imain@redhat.com>
|
|
In order to use cinder, we need to be able to use
/dev/pts/ptmx. Centos sets this to 000 when on Fedora
it's 666.
Change-Id: I76dc5adc64d2da0d27204ea31175244bc1b94428
|
|
openvswitchdb creates a db.conf file in /etc/openvswitch. This just
maps it to the host so we don't lose data.
Change-Id: Ic773ba94522f108a765a09849e2f442ef3ca3bcf
|
|
The Neutron Agents is currently not used. Refactor the heat templates
to accommodate for this change.
Change-Id: Ice3c5ce723fa16cfb66c2b0afbe51d7b282c3210
|
|
Atomic's root partition & logical volume defaults to 3G.
In order to launch larger VMs, we need to enlarge the root
logical volume and scale down the docker_pool logical volume.
We are allocating 80% of the disk space for vm data and the
remaining 20% for docker images.
Change-Id: If3fff78f476de23c7c51741a49bae227f2cdfe3e
Co-authored-by: Ian Main <imain@redhat.com>
Co-authored-by: Jeff Peeler <jpeeler@redhat.com>
|
|
|
|
Changed the heat-docker-agents namespace to use the namespacing
specified in the environment file, which reduces modifications required
on the user when using a local registry.
Changed the start agents script to handle using a local registry both
with a namespace and without.
Change-Id: I16cc96b7ecddeeda07de45f50ffc6a880dabbba6
|
|
With a properly configured undercloud the DNS is fine. We can remove
the 8.8.8.8 dns setting.
Change-Id: I8ba98e76f95fd0a6f3f34cb5578e6c3ea7a1d15e
|
|
The deployment resource looks for a change in name when
running an update. If there is no change in containers,
docker will recognize that and the deployment will return.
If there is a new available container, docker will swap out
the old running container for a new one.
Change-Id: I60d45b5ef45714e6e0140dfc80c14d6a12701f32
|
|
|
|
Hosted at tripleoupstream/heat-docker-agents.
Change-Id: I2133a7cb789a34c60b87339d816d29d353cb015f
|
|
The template will all neutron-agents to be configured so that it can
run the network isolation templates on the containerized compute node.
Co-Authored-By: Dan Prince <dpince@redhat.com>
Change-Id: I7837ed7ed3e807ec5c1276904893695918bef293
|
|
Python script in the heat template will handle JSON generation
for the containers.
Change-Id: I296fd4a4948f3f937e3a108bc926af6415b350c4
|
|
There are two reasons the name property should always be set for deployment
resources:
- The name often shows up in logs, files and API calls, the default
derived name is long and unhelpful
- Sorting by name determines the merge order of os-apply-config, and the
execution order of puppet/shell scripts (note this is different to
resource dependency order) so leaving the default name results in an
undetermined order which could lead to unpredictable deployment of
configs
This change simply sets the name to the resource name, but a future change
should prepend each name with a run-parts style 2 digit prefix so that the
order is explicitly stated. Documentation for extraconfig needs to clearly
state what prefix is needed to override which merge/execution order.
For existing overcloud stacks, heat currently replaces deployment resources
when the name changes, so this change
Depends-On: I95037191915ccd32b2efb72203b146897a4edbc9
Change-Id: Ic4bcd56aa65b981275c3d4214588bfc4de63b3b0
|
|
The tripleoupstream registry contains images that are built
every time there is a change in delorean.
The gate also needs this.
Change-Id: If460853284588f637de820afa54069f773f2e6f7
|
|
|
|
|
|
|
|
|
|
The atomic image name in glance was being set to 'fedora-atomic'.
The glance image can be any form of atomic distro so we shouldn't
name this specifically 'fedora-atomic', but instead 'atomic-image'.
Change-Id: Ic539b82b92e3fdd834750e591d8622b7dc85fc6d
|
|
Nova-compute was mounting in /sys/fs/cgroup when the libvirt
container is the one that actually needs it.
Change-Id: Iae5c7ad24083a8547474611d72f015c4fd23a073
|
|
docker-latest now points to 1.9.0, which isn't the version we're
targetting. More importantly, docker-1.9.0 doesn't work since it
complains about /etc not being able to be relabeled. Not sure how to fix
that, but we can save that battle for another time.
Change-Id: I947b7569d9cf40a409253336e51b4dec5ada36f8
|
|
Create a set of environment variables that allows us to configure
a docker registry for deployment. This patch assumes there is a
local docker registry already setup with the images loaded in place.
Change-Id: Iaafaf23eb3fa8b24bcd8f73bb38c552bea629607
Signed-off-by: Ian Main <imain@redhat.com>
Co-Authored-By: Ryan Hallisey <rhallise@redhat.com>
|
|
In liberty, Kolla copies around files and runs the service given
a specified command, by reading a json file.
This will update the existing work to follow that template by
creating a json file for each of the services and pushing it
into the containers.
Change-Id: I5085d1896ea965fd8854765b055068a5ad30bcfd
Co-Authored-By: Jeff Peeler <jpeeler@redhat.com>
|
|
This change adds a containerized version of the overcloud compute node for
TripleO. Configuration files are generated via OpenStack Puppet modules
which are then used to externally configure kolla containers for
each OpenStack service.
See the README-containers.md file for more information on how to set this up.
This uses AtomicOS as a base operating system and requires that we bootstrap
the image with a container which contains the required os-collect-config agent
hooks to support running puppet, shell scripts, and docker compose.
Change-Id: Ic8331f52b20a041803a9d74cdf0eb81266d4e03c
Co-Authored-By: Ian Main <imain@redhat.com>
Co-Authored-By: Ryan Hallisey <rhallise@redhat.com>
|