aboutsummaryrefslogtreecommitdiffstats
path: root/docker
AgeCommit message (Collapse)AuthorFilesLines
2017-02-22Containerized Swift Services.Ian Main3-0/+499
Running swift in containers. Oh yeah. Co-Authored-by: Dan Prince <dprince@redhat.com> Change-Id: I2d96514fb7aa51dffe8fe293bc950e0e99df5e94
2017-02-22Add docker Glance API serviceDan Prince1-0/+96
Co-Authored-By: Dan Prince <dprince@redhat.com> Change-Id: I02cc769df5ec7afd608c502abc63fde8aa52be82
2017-02-22Containerized MongoDBFlavio Percoco1-0/+98
Change-Id: Ic3fd3bfd76d31ba515dbabdda7dfd06b9833a2ca
2017-02-20Add docker memcached serviceDan Prince1-0/+69
Change-Id: I055677a5ba62ee1c34a207fb83273f70558d21f1
2017-02-20Add docker rabbitmq serviceDan Prince1-0/+119
Change-Id: I3d30e55716a464d423358ff23bdd184d34da765a
2017-02-20Add docker zaqar serviceDan Prince1-0/+99
Change-Id: I09379b4959c38ae4e7b4e667b97e87d35c8e7e83
2017-02-20Add docker mistral servicesDan Prince3-0/+293
This patch adds docker services for Mistral API, Engine, and Executor. NOTE: the Mistral API container for TripleO must be built with openstack-tripleo-common installed in order for TripleO specific actions to get installed for the undercloud. Change-Id: I0075840d14eb43c50d80b87acd986b80cfd38d4a
2017-02-20Add docker neutron servicesDan Prince3-0/+253
This patch adds docker services for Neutron API(server), the Neutron DHCP agent, and Neutron ML2 plugin configuration. Co-Authored-By: Ian Main <imain@redhat.com> Change-Id: If31e095cae533597cf0d73b4277425dfc3459564
2017-02-20Add docker nova servicesDan Prince8-2/+547
This patch adds docker services for Nova for the Api, conductor, scheduler, ironic, placement, and pass-thru configuration for metadata (it simply enables metadata to be configured as part of the nova-api. The nova-api DB initialization commands depend on a new heat-agent feature (see patch below) to accommodate exit codes returned by the new cells setup commands. Change-Id: I39436783409ed752b08619b07b0a0c592bce0456 Depends-On: Ia6ca4b01982a0b33b26eca2a907d9d9f87c19922
2017-02-20Add docker heat servicesDan Prince3-0/+272
This patch adds docker services for Heat API, API Cfn, and Engine. Change-Id: I50caad9b9cf5482a8872cb0f2a67477b5e829ead
2017-02-15Add docker ironic servicesDan Prince3-0/+341
This patch adds docker services for Ironic API and Ironic Conductor. Change-Id: Icea5ae2ecd7e749ce95ed8444c3a5ef3e035bb4e
2017-02-15Add docker_puppet_tasks initialization on primary nodeDan Prince4-5/+79
This patch adds a new (optional) section to the docker post.j2.yaml that collects any 'docker_puppet_tasks' data from enabled services and applies it on the primary role node (the first node in the primary (first) role). The use case for this is although we are generally only using puppet for configuration there are several exceptions that we desire to make use of today for parity with baremetal. This includes things like database creation and keystone endpoint initialization which we rely on configuration via hiera variables controlled by the puppet services. Change-Id: Ic14ef48f26de761b0d0eabd0e1c0eae52d90e68a
2017-02-15Add docker keystone serviceDan Prince1-0/+153
Depends-On: Icabdb30369c8ca15e77d169dc441bee8cfd3631f Change-Id: Icec07f75f81953c4bf81ca21b4b02bc02e157562 Co-Authored-By: Martin André <m.andre@redhat.com> Co-Authored-By: Ian Main <imain@redhat.com>
2017-02-15docker: new hybrid deployment architecture and configurationDan Prince12-294/+552
This patch implements a new docker deployment architecture that should us to install docker services in a stepwise manner alongside of baremetal puppet services. This works by using Yaql to select docker specific services (docker/services/*.yaml) vs the puppet specific ones and then applying the selected Json to relevant Heat software deployments for docker and baremetal puppet in a stepwise fashion. Additionally the new architecture leverages new composable services interfaces from Newton to allow configuration of per-service container configuration sets (directories that are bind mounted into kolla containers) by using the Kolla containers themselves. It does this by spinning up a throw away "configuration only" version of the container being configured itself, then running the puppet apply in that container and copying the generated config files into /var/lib/config-data. This avoids having to install all of the OpenStack dependency packages in the heat-agent-container itself (our previous approach) and should allow us to configure a much wider variety of container config files that would otherwise be impossible with the previous shared approach. The new approach (combined) should allow us to configure containers in both the undercloud and overcloud and incrementally add CI coverage to services as we containerize them. Co-Authored-By: Martin André <m.andre@redhat.com> Co-Authored-By: Ian Main <imain@redhat.com> Co-Authored-By: Flavio Percoco <flavio@redhat.com> Change-Id: Ibcff99f03e6751fbf3197adefd5d344178b71fc2
2017-02-14Containers: Add required EndpointMap parameterJiri Stransky1-1/+5
This parameter is passed in by the parent overcloud.yaml template, so we have to listen accept it in docker/post.j2.yaml, otherwise the deployment fails. Change-Id: Ia3fdcfa01d52006a6e9fd0bb02c7379411f3d900 Closes-Bug: #1664569
2017-01-29docker: eliminate copy-json.py in favor of json-fileDan Prince7-107/+54
This patch rewires how we configure the Kolla external config files via Heat templates and uses a more simple json-file heat hook to directly write out Kolla config files to disk. By using a heat hook instead of a shell script we can avoid Json conversion issues. Additionally, This generic json file hook will be useful for other ad-hoc Json file configuration within the TripleO docker architecture. Co-Authored-By: Martin André <m.andre@redhat.com> Change-Id: I8c72a4a9a7022f722bfe1cef3e18517605720cce Depends-On: I2b372ac2e291339e436202c9fe58a681ed6a743f Depends-On: Id3f779b11e23fd3122ef29b7ccbae116667d4520
2017-01-17Simplify passing config to ovs agent containerMartin André2-9/+2
The mechanism to pass config files to the neutron-ovs-agent container was overly complex and not at all justified. This commit removes a few useless parameters and aligns the neutron-ovs-agents with the rest of the containers. Change-Id: Ib9a5985ac9d098731c2fb798d6c9e03cba4b87dd
2017-01-13Merge "Use provided qemu.conf in libvirt container"Jenkins1-0/+5
2017-01-03Merge "Bump template version for all templates to "ocata""Jenkins6-6/+6
2016-12-23Bump template version for all templates to "ocata"Steven Hardy6-6/+6
Heat now supports release name aliases, so we can replace the inconsistent mix of date related versions with one consistent version that aligns with the supported version of heat for this t-h-t branch. This should also help new users who sometimes copy/paste old templates and discover intrinsic functions in the t-h-t docs don't work because their template version is too old. Change-Id: Ib415e7290fea27447460baa280291492df197e54
2016-12-22Use provided qemu.conf in libvirt containerMartin André1-0/+5
This allows us to workaround an issue where the default setting for qemu changed to logging to virtlogd which is not yet containerized. Change-Id: I9d25b1299c4f02068d1073c5b78d4c7a2099721e Depends-On: I9a9705e5c79eec3bbaf02b491498886b858b7a95 Closes-Bug: #1652119
2016-12-19Use overcloud-full instead of atomic-imageSteve Baker2-128/+29
This switches to using overcloud-full as the OS image for containerized compute. It includes the following changes: - install docker, until this change lands I1eab2a6de721c8f3c21c7df0019f2d4d1cc3775f - agent image pull has been removed. This avoids a race between docker starting and the current call to pull. This relies on "docker run" to do the initial pull and leaves open the option of some other prefetch mechanism to do the initial pull - rely on unit Conflicts= to ensure heat-docker-agents and os-collect-config do not run at the same time - tweaks to host bind mounts - removal of commands which only apply to atomic Co-Authored-By: Martin André <m.andre@redhat.com> Change-Id: I2e82634785834a877a4dbdbdcd788a9ac1c14a9d
2016-12-19Add bind mounts for agent stateSteve Baker1-0/+3
These ensure that software configuration tasks are not re-run when the heat-agents container is restarted. Change-Id: Ieb84fe1f6dd849737ff22f51daa12ddc467dcdde
2016-12-08docker: don't use custom run-os-net-configSteve Baker2-22/+2
The script run-os-net-config[1] copies in ifcfg-* from the host before running os-net-config. Apparently it was done this way because the other scripts in /etc/sysconfig/network-scripts/ differed between host and agent container. This should be less of an issue now that host and heat-agents run centos-7 (even when the host is atomic) tripleo-heat-templates recently changed to running os-net-config in a deployment script instead of an os-refresh-config script [2]. This means that our current run-os-net-config approach is currently resulting in os-net-config being executed twice. Another issue with run-os-net-config is that it copies ifcfg-* from host to container, but not back again. This means that rebooting the server will result in unconfigured interfaces until os-net-config is somehow run again. This change bind mounts /etc/sysconfig/network-scripts/ from the host and uses the conventional approach to running os-refresh-config. This may fix the issue where compute nodes are losing network connectivity, so Closes-Bug: #1646897 [1] http://git.openstack.org/cgit/openstack/tripleo-common/tree/heat_docker_agent/run-os-net-config [2] I0ed08332cfc49a579de2e83960f0d8047690b97a Change-Id: I763fc8d8e3eb10ac64d33e46c92888d211003e72
2016-11-22Containerized Services for Composable RolesIan Main9-349/+729
This change modifies the template interface to support containers and converts the compute services to composable roles. Co-Authored-By: Dan Prince <dprince@redhat.com> Co-Authored-By: Flavio Percoco <flavio@redhat.com> Co-Authored-By: Martin André <m.andre@redhat.com> Co-Authored-By: Steve Baker <sbaker@redhat.com> Change-Id: I82fa58e19de94ec78ca242154bc6ecc592112d1b
2016-10-19Bind mount files to run DiD in latest atomic hostMartin André1-1/+22
The /usr/bin/docker is a shell script in latest atomic host, pointing to either docker-latest or docker-current binary. Bind mount the required files from atomic host to be able to run docker in docker inside heat-agents container. Co-Authored-By: Flavio Percoco <flavio@redhat.com> Change-Id: I97e29f65beb3a3f89c1b42c339e2e89f0fc1d519
2016-10-19Have docker start script honor configurationMartin André1-1/+3
The test was always evaluate as true which resulted in insecure_registry line being set even when DockerNamespaceIsRegistry was set to false. Change-Id: Iacb73a4908a6a27082b94fe919734e644ed47b19
2016-10-06Be more inclusive in insecure registry regexMartin André1-1/+1
The regex failed to match the INSECURE_REGISTRY string used in latest atomic host image due to it expecting a whitespace after --insecure-registry. Change-Id: Ib8f288d844b4d94b0f6309bfd04bb05930d8c4c5
2016-07-29Update heat-agents setup filesFlavio Percoco2-30/+31
This patch moves the image pull step out of the service heat-agent service script to ease the service init process and to make it more reliable. By doing this outside of the service script, it's possible to know when the `firstboot` script failed and report back. It also updates the firstboot yaml file to point to the `tripleoupstream` org. Co-Authored-By: Flavio Percoco <flavio@redhat.com> Co-Authored-By: Martin André <m.andre@redhat.com> Change-Id: I2f0b8092ec69320ee370e1d7d20b8c15c95a1d0d
2016-07-29Add default value for `RoleData`Flavio Percoco1-0/+3
This just adds a default value for `RoleData` in docker/compute-post.yaml Change-Id: I96a01dc22e03980b93b32f0f9990f35b83ecfb24
2016-07-08Add StepConfig to docker compute-post.yamlFlavio Percoco1-1/+10
Change I84c97a76159704c2d6c963bc4b26e365764b1366 missed `docker/compute-post.yaml`. Change-Id: I680eabf2f316c7fccc9d53d75dc16139c9959c64
2016-07-04Replace NodeConfigIdentifiers with DeployIdentifierSteven Hardy1-3/+3
We added NodeConfigIdentifiers to trigger config to be re-applied on update, but then later added DeployIdentifier which forces config to *always* be applied on update, so we can simplify things by just referencing the DeployIdentifier directly. Change-Id: I79212def1936740825b714419dcb4952bc586a39
2016-05-27Merge "Use docker-cmd hook."Jenkins2-4/+4
2016-05-16Merge "Add database directory mount for openvswitchdb"Jenkins1-0/+1
2016-05-06Use docker-cmd hook.Ian Main2-4/+4
This patch switches to use docker-cmd without changing the heat templates. Change-Id: I4a6a42819e83e3b70bf1e37c09d155c5cf8a7ee4
2016-04-04Nova needs the proper volumes to use CinderRyan Hallisey1-1/+7
Kolla has been using ceph. For a while, cinder had iscsi build into it, but it was removed. In order to get this to work with containers again, nova-compute and libvirt containers need /dev and /lib/udev mounted into their containers. We also need to copy nova's rootwrap.conf into the nova. It was missing this config file. Change-Id: Ie77f56b4576d5393ad3756b0f5ecc3eeff844d1f
2016-03-30Remove hack the pulls latest dockerRyan Hallisey1-13/+0
Atomic is set to Docker 1.8.2. We no longer need to pull the latest Docker to make our template work. Change-Id: I8ab4e135ed4891763f8ced596116b14101466160 Co-Authored-By: Ian Main <imain@redhat.com>
2016-03-30Centos gives /dev/pts/ptmx the wrong permsRyan Hallisey1-0/+3
In order to use cinder, we need to be able to use /dev/pts/ptmx. Centos sets this to 000 when on Fedora it's 666. Change-Id: I76dc5adc64d2da0d27204ea31175244bc1b94428
2016-03-11Add database directory mount for openvswitchdbIan Main1-0/+1
openvswitchdb creates a db.conf file in /etc/openvswitch. This just maps it to the host so we don't lose data. Change-Id: Ic773ba94522f108a765a09849e2f442ef3ca3bcf
2016-03-09Remove unused Neutron Agents containerRyan Hallisey1-37/+7
The Neutron Agents is currently not used. Refactor the heat templates to accommodate for this change. Change-Id: Ice3c5ce723fa16cfb66c2b0afbe51d7b282c3210
2016-03-09Allow the containerized compute node to spawn larger VMsRyan Hallisey1-0/+19
Atomic's root partition & logical volume defaults to 3G. In order to launch larger VMs, we need to enlarge the root logical volume and scale down the docker_pool logical volume. We are allocating 80% of the disk space for vm data and the remaining 20% for docker images. Change-Id: If3fff78f476de23c7c51741a49bae227f2cdfe3e Co-authored-by: Ian Main <imain@redhat.com> Co-authored-by: Jeff Peeler <jpeeler@redhat.com>
2016-02-16Merge "Remove DNS hack."Jenkins1-2/+0
2016-02-12Minor fixes to allow local docker registry usageJeff Peeler2-3/+9
Changed the heat-docker-agents namespace to use the namespacing specified in the environment file, which reduces modifications required on the user when using a local registry. Changed the start agents script to handle using a local registry both with a namespace and without. Change-Id: I16cc96b7ecddeeda07de45f50ffc6a880dabbba6
2016-02-12Remove DNS hack.Ian Main1-2/+0
With a properly configured undercloud the DNS is fine. We can remove the 8.8.8.8 dns setting. Change-Id: I8ba98e76f95fd0a6f3f34cb5578e6c3ea7a1d15e
2016-01-20Allow container template to recognize an updateRyan Hallisey1-6/+0
The deployment resource looks for a change in name when running an update. If there is no change in containers, docker will recognize that and the deployment will return. If there is a new available container, docker will swap out the old running container for a new one. Change-Id: I60d45b5ef45714e6e0140dfc80c14d6a12701f32
2016-01-18Merge "Set the name property for all deployment resources"Jenkins1-0/+7
2016-01-05Use new heat-docker-agents imagesRyan Hallisey1-1/+1
Hosted at tripleoupstream/heat-docker-agents. Change-Id: I2133a7cb789a34c60b87339d816d29d353cb015f
2016-01-04Network Isolation support for containerized computeRyan Hallisey1-1/+6
The template will all neutron-agents to be configured so that it can run the network isolation templates on the containerized compute node. Co-Authored-By: Dan Prince <dpince@redhat.com> Change-Id: I7837ed7ed3e807ec5c1276904893695918bef293
2015-12-17Convert JSON generations from bash to pythonRyan Hallisey2-108/+101
Python script in the heat template will handle JSON generation for the containers. Change-Id: I296fd4a4948f3f937e3a108bc926af6415b350c4
2015-12-10Set the name property for all deployment resourcesSteve Baker1-0/+7
There are two reasons the name property should always be set for deployment resources: - The name often shows up in logs, files and API calls, the default derived name is long and unhelpful - Sorting by name determines the merge order of os-apply-config, and the execution order of puppet/shell scripts (note this is different to resource dependency order) so leaving the default name results in an undetermined order which could lead to unpredictable deployment of configs This change simply sets the name to the resource name, but a future change should prepend each name with a run-parts style 2 digit prefix so that the order is explicitly stated. Documentation for extraconfig needs to clearly state what prefix is needed to override which merge/execution order. For existing overcloud stacks, heat currently replaces deployment resources when the name changes, so this change Depends-On: I95037191915ccd32b2efb72203b146897a4edbc9 Change-Id: Ic4bcd56aa65b981275c3d4214588bfc4de63b3b0