summaryrefslogtreecommitdiffstats
path: root/mcp/scripts/docker-compose/files
diff options
context:
space:
mode:
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-08-10 16:52:43 +0200
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-08-29 01:27:28 +0200
commitcfa1c0d67ee23edcbc25d9620754159645981dd8 (patch)
tree4903bb104333324b025bb79e4e04921665da8fde /mcp/scripts/docker-compose/files
parent835cf06e032d1271ac831b2acc2ff542f1022848 (diff)
[docker] Add docker-compose definitions
Add configuration items for bringing up the Salt master Docker container using docker-compose: - mount <storage dir>/hosts as /etc/hosts - mount <storage dir>/salt as /etc/salt: * semi-persistent generated Salt information; - mount <storage dir>/nodes as /srv/salt/reclass/nodes: * semi-persistent generated reclass node data storage; - mount Fuel@OPNFV git repo in /root/fuel; - mount all other previously rsynced artifacts; - hook container to 3 networks/bridges: mcpcontrol, PXE/admin and management: * container IP addresses are managed by Docker, so no DHCP is used; - override upstream entrypoint.sh by mounting our own version on top; * run-time patch Salt to fix certain init system interactions due to 'Tini' looking like Upstart but behaving a bit differently; * work around directory traversal issues in Salt/reclass by using extensive `cp` (to be later mitigated at container build time); * overwrite reclass.system with our own version (patched), later to fetched pre-patched during container build; * overwrite salt-formulas with our patched versions; * create missing links for salt-formulas-* packages (e.g. gnocchi) which are not available as git repos upstream; - add mcp.rsa.pub to 'ubuntu' user's authorized_keys for SSH login to master node to remain backwards compatible; - mount configuration files for semi-persistent state preservation at container destroy/rebuild (using '-f' deploy argument); JIRA: FUEL-383 Change-Id: Ie17e578a7ebeb071b1c0e0a49ad58ffa6bbc89bb Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Diffstat (limited to 'mcp/scripts/docker-compose/files')
-rwxr-xr-xmcp/scripts/docker-compose/files/entrypoint.sh80
-rw-r--r--mcp/scripts/docker-compose/files/hosts6
2 files changed, 86 insertions, 0 deletions
diff --git a/mcp/scripts/docker-compose/files/entrypoint.sh b/mcp/scripts/docker-compose/files/entrypoint.sh
new file mode 100755
index 000000000..53f5c6a23
--- /dev/null
+++ b/mcp/scripts/docker-compose/files/entrypoint.sh
@@ -0,0 +1,80 @@
+#!/bin/bash -e
+##############################################################################
+# Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+mkdir -p /etc/salt/{master.d,minion.d,proxy.d}
+
+if [ ! -z "$SALT_EXT_PILLAR" ]; then
+ cp -avr "/tmp/${SALT_EXT_PILLAR}.conf" /etc/salt/master.d/
+fi
+
+if [ ! -f /home/ubuntu/.ssh/authorized_keys ]; then
+ install -D -o ubuntu /root/fuel/mcp/scripts/mcp.rsa.pub \
+ /home/ubuntu/.ssh/authorized_keys
+fi
+
+# NOTE: Most Salt and/or reclass tools have issues traversing Docker mounts
+# or detecting them as directories inside the container.
+# For now, let's do a lot of copy operations to bypass this.
+# Later, we will inject the OPNFV patched reclass model during image build.
+rm -rf /srv/salt/reclass/classes/*
+cp -ar /root/fuel/mcp/reclass/classes/* /srv/salt/reclass/classes
+cp -ar /root/fuel/mcp/reclass/nodes/* /srv/salt/reclass/nodes
+# Sensitive data should stay out of /root/fuel, which is exposed via Jenkins WS
+cp -a /root/pod_config.yml \
+ /srv/salt/reclass/classes/cluster/all-mcp-arch-common/opnfv/pod_config.yml
+
+# OPNFV formulas
+prefix=/srv/salt/formula/salt-formulas
+rm -f /root/fuel/mcp/salt-formulas/*/.git
+cp -ar /root/fuel/mcp/salt-formulas/* ${prefix}/
+for formula in 'opendaylight' 'tacker'; do
+ ln -sf /root/fuel/mcp/salt-formulas/salt-formula-${formula}/* \
+ /srv/salt/env/prd/
+done
+
+# Re-create classes.service links that we destroyed above
+for formula in ${prefix}/*; do
+ if [ -e "${formula}/metadata/service" ] && [[ ! $formula =~ \. ]]; then
+ ln -sf "${formula}/metadata/service" \
+ "/srv/salt/reclass/classes/service/${formula#${prefix}/salt-formula-}"
+ fi
+done
+
+# Create links for salt-formula-* packages to mimic git-style salt-formulas
+for artifact in /usr/share/salt-formulas/env/_*/*; do
+ ln -sf "${artifact}" "/srv/salt/env/prd/${artifact#/usr/share/salt-formulas/env/}"
+done
+for artifact in /usr/share/salt-formulas/env/*; do
+ if [[ ! ${artifact} =~ ^_ ]]; then
+ ln -sf "${artifact}" "/srv/salt/env/prd/$(basename ${artifact})"
+ fi
+done
+for formula in /usr/share/salt-formulas/reclass/service/*; do
+ ln -sf "${formula}" "/srv/salt/reclass/classes/service/$(basename ${formula})"
+done
+
+# Tini init system resembles upstart very much, but needs a little adjustment
+sed -i -e "s|return 'start/running' in |return 'is running' in |" \
+ -e "s|ret = _default_runlevel|return _default_runlevel|" \
+ /usr/lib/python2.7/dist-packages/salt/modules/upstart.py
+
+# Remove broken symlinks in /srv/salt, silences recurring warnings
+find -L /srv/salt /srv/salt/env/prd/_* -maxdepth 1 -type l -delete
+
+# Fix up any permissions after above file shuffling
+sudo chown root:root -R /srv/salt
+
+service ssh start
+service salt-minion start
+
+if [[ $# -lt 1 ]] || [[ "$1" == "--"* ]]; then
+ exec /usr/bin/salt-master --log-file-level=quiet --log-level=info "$@"
+else
+ exec "$@"
+fi
diff --git a/mcp/scripts/docker-compose/files/hosts b/mcp/scripts/docker-compose/files/hosts
new file mode 100644
index 000000000..473184145
--- /dev/null
+++ b/mcp/scripts/docker-compose/files/hosts
@@ -0,0 +1,6 @@
+127.0.0.1 localhost
+::1 localhost ip6-localhost ip6-loopback
+fe00::0 ip6-localnet
+ff00::0 ip6-mcastprefix
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters