From 89870f1c942948921edfa145a892532ac998feed Mon Sep 17 00:00:00 2001 From: Flavio Percoco Date: Mon, 25 Jul 2016 16:16:55 +0200 Subject: Update heat-agents setup files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This patch moves the image pull step out of the service heat-agent service script to ease the service init process and to make it more reliable. By doing this outside of the service script, it's possible to know when the `firstboot` script failed and report back. It also updates the firstboot yaml file to point to the `tripleoupstream` org. Co-Authored-By: Flavio Percoco Co-Authored-By: Martin André Change-Id: I2f0b8092ec69320ee370e1d7d20b8c15c95a1d0d --- docker/firstboot/install_docker_agents.yaml | 2 +- docker/firstboot/start_docker_agents.sh | 59 +++++++++++++++-------------- 2 files changed, 31 insertions(+), 30 deletions(-) diff --git a/docker/firstboot/install_docker_agents.yaml b/docker/firstboot/install_docker_agents.yaml index 2858552f..f6d61e2d 100644 --- a/docker/firstboot/install_docker_agents.yaml +++ b/docker/firstboot/install_docker_agents.yaml @@ -6,7 +6,7 @@ parameters: default: heat-docker-agents DockerNamespace: type: string - default: kollaglue + default: tripleoupstream DockerNamespaceIsRegistry: type: boolean default: false diff --git a/docker/firstboot/start_docker_agents.sh b/docker/firstboot/start_docker_agents.sh index cb8b2a5d..65c4e6dc 100644 --- a/docker/firstboot/start_docker_agents.sh +++ b/docker/firstboot/start_docker_agents.sh @@ -1,14 +1,38 @@ #!/bin/bash set -eux -# firstboot isn't split out by role yet so we handle it this way -if ! hostname | grep compute &>/dev/null; then - echo "Exiting. This script is only for the compute role." - exit 0 +/sbin/setenforce 0 +/sbin/modprobe ebtables + +# CentOS sets ptmx to 000. Withoutit being 666, we can't use Cinder volumes +chmod 666 /dev/pts/ptmx + +# We need hostname -f to return in a centos container for the puppet hook +HOSTNAME=$(hostname) +echo "127.0.0.1 $HOSTNAME.localdomain $HOSTNAME" >> /etc/hosts + +# update docker for local insecure registry(optional) +# Note: This is different for different docker versions +# For older docker versions < 1.4.x use commented line +#echo "OPTIONS='--insecure-registry $docker_registry'" >> /etc/sysconfig/docker +#echo "ADD_REGISTRY='--registry-mirror $docker_registry'" >> /etc/sysconfig/docker + +# Local docker registry 1.8 +if [ $docker_namespace_is_registry ]; then + /usr/bin/systemctl stop docker.service + # if namespace is used with local registry, trim all namespacing + trim_var=$docker_registry + registry_host="${trim_var%%/*}" + /bin/sed -i "s/# INSECURE_REGISTRY='--insecure-registry[ ]'/INSECURE_REGISTRY='--insecure-registry $registry_host'/g" /etc/sysconfig/docker + /usr/bin/systemctl start --no-block docker.service fi +/usr/bin/docker pull $agent_image & +DOCKER_PULL_PID=$! + mkdir -p /var/lib/etc-data/json-config #FIXME: this should be a docker data container + # heat-docker-agents service cat < /etc/systemd/system/heat-docker-agents.service @@ -22,7 +46,6 @@ User=root Restart=on-failure ExecStartPre=-/usr/bin/docker kill heat-agents ExecStartPre=-/usr/bin/docker rm heat-agents -ExecStartPre=/usr/bin/docker pull $agent_image ExecStart=/usr/bin/docker run --name heat-agents --privileged --net=host -v /var/lib/etc-data:/var/lib/etc-data -v /run:/run -v /etc:/host/etc -v /usr/bin/atomic:/usr/bin/atomic -v /var/lib/dhclient:/var/lib/dhclient -v /var/lib/cloud:/var/lib/cloud -v /var/lib/heat-cfntools:/var/lib/heat-cfntools -v /usr/bin/docker:/usr/bin/docker --entrypoint=/usr/bin/os-collect-config $agent_image ExecStop=/usr/bin/docker stop heat-agents @@ -31,30 +54,6 @@ WantedBy=multi-user.target EOF -# update docker for local insecure registry(optional) -# Note: This is different for different docker versions -# For older docker versions < 1.4.x use commented line -#echo "OPTIONS='--insecure-registry $docker_registry'" >> /etc/sysconfig/docker -#echo "ADD_REGISTRY='--registry-mirror $docker_registry'" >> /etc/sysconfig/docker - -# Local docker registry 1.8 -if [ $docker_namespace_is_registry ]; then - # if namespace is used with local registry, trim all namespacing - trim_var=$docker_registry - registry_host="${trim_var%%/*}" - /bin/sed -i "s/# INSECURE_REGISTRY='--insecure-registry'/INSECURE_REGISTRY='--insecure-registry $registry_host'/g" /etc/sysconfig/docker -fi - -/sbin/setenforce 0 -/sbin/modprobe ebtables - -# CentOS sets ptmx to 000. Withoutit being 666, we can't use Cinder volumes -chmod 666 /dev/pts/ptmx - -# We need hostname -f to return in a centos container for the puppet hook -HOSTNAME=$(hostname) -echo "127.0.0.1 $HOSTNAME.localdomain $HOSTNAME" >> /etc/hosts - # enable and start heat-docker-agents chmod 0640 /etc/systemd/system/heat-docker-agents.service /usr/bin/systemctl enable heat-docker-agents.service @@ -82,3 +81,5 @@ AUTO_EXTEND_POOL=yes POOL_AUTOEXTEND_PERCENT=30 POOL_AUTOEXTEND_THRESHOLD=70 EOF + +wait $DOCKER_PULL_PID -- cgit 1.2.3-korg