summaryrefslogtreecommitdiffstats
path: root/mcp/scripts/docker-compose
diff options
context:
space:
mode:
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>2019-02-07 19:51:04 +0100
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>2019-02-14 16:58:51 +0100
commit58af9a94ef78bbcf3f0593d4170d32ebce721455 (patch)
tree895f9cd9620d4509b86d281fcfc5fce9a69a5e15 /mcp/scripts/docker-compose
parent494c436572aed0b739bcfcc3fbf5b78ea34318b2 (diff)
[baremetal] Containerize MaaS
- replace mas01 VM with a Docker container; - drop `mcpcontrol` virsh-managed network, including special handling previously required for it across all scripts; - drop infrastructure VMs handling from scripts, the only VMs we still handle are cluster VMs for virtual and/or hybrid deployments; - drop SSH server from mas01; - stop running linux state on mas01, as all prerequisites are properly handled durin Docker build or via entrypoint.sh - for completeness, we still keep pillar data in sync with the actual contents of mas01 configuration, so running the state manually would still work; - make port 5240 available on the jumpserver for MaaS dashboard access; - docs: update diagrams and text to reflect the new changes; Change-Id: I6d9424995e9a90c530fd7577edf401d552bab929 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Diffstat (limited to 'mcp/scripts/docker-compose')
-rw-r--r--mcp/scripts/docker-compose/docker-compose.yaml.j255
-rwxr-xr-xmcp/scripts/docker-compose/files/entrypoint.sh5
-rw-r--r--mcp/scripts/docker-compose/files/entrypoint_maas.sh.j262
3 files changed, 103 insertions, 19 deletions
diff --git a/mcp/scripts/docker-compose/docker-compose.yaml.j2 b/mcp/scripts/docker-compose/docker-compose.yaml.j2
index 891d55938..bc8b3e80a 100644
--- a/mcp/scripts/docker-compose/docker-compose.yaml.j2
+++ b/mcp/scripts/docker-compose/docker-compose.yaml.j2
@@ -22,33 +22,60 @@ services:
mgmt:
ipv4_address: {{ nm.net_mgmt | ipnet_hostaddr(nm.start_ip[nm.net_mgmt] + nm.net_mgmt_hosts.index('opnfv_infra_config_address') +1) }}
volumes:
- - /run/dbus/system_bus_socket:/run/dbus/system_bus_socket:ro
- - {{ conf.MCP_REPO_ROOT_PATH }}:/root/fuel
- - {{ conf.MCP_REPO_ROOT_PATH }}/mcp/scripts/docker-compose/files/entrypoint.sh:/entrypoint.sh
- - {{ conf.MCP_STORAGE_DIR }}/pod_config.yml:/root/pod_config.yml
- - {{ conf.MCP_STORAGE_DIR }}/nodes:/srv/salt/reclass/nodes
- - {{ conf.MCP_STORAGE_DIR }}/pki:/etc/pki
- - {{ conf.MCP_STORAGE_DIR }}/salt:/etc/salt
- - {{ conf.MCP_STORAGE_DIR }}/hosts:/etc/hosts
+ - /run/dbus/system_bus_socket:/run/dbus/system_bus_socket:ro
+ - {{ conf.MCP_REPO_ROOT_PATH }}:/root/fuel
+ - {{ conf.MCP_REPO_ROOT_PATH }}/mcp/scripts/docker-compose/files/entrypoint.sh:/entrypoint.sh
+ - {{ conf.MCP_STORAGE_DIR }}/pod_config.yml:/root/pod_config.yml
+ - {{ conf.MCP_STORAGE_DIR }}/nodes:/srv/salt/reclass/nodes
+ - {{ conf.MCP_STORAGE_DIR }}/pki:/etc/pki
+ - {{ conf.MCP_STORAGE_DIR }}/salt:/etc/salt
+ - {{ conf.MCP_STORAGE_DIR }}/hosts:/etc/hosts
{%- if conf.MCP_VCP %}
- - {{ conf.MCP_STORAGE_DIR }}/base_image_opnfv_fuel_vcp.img:/srv/salt/env/prd/salt/files/control/images/base_image_opnfv_fuel_vcp.img
+ - {{ conf.MCP_STORAGE_DIR }}/base_image_opnfv_fuel_vcp.img:/srv/salt/env/prd/salt/files/control/images/base_image_opnfv_fuel_vcp.img
{%- endif %}
hostname: cfg01
domainname: {{ conf.cluster.domain }}
privileged: true
+{%- if nm.cluster.has_baremetal_nodes %}
+ opnfv-fuel-maas:
+ container_name: "maas"
+ image: "opnfv/fuel:saltminion-maas-{{ conf.MCP_DOCKER_TAG }}"
+ networks:
+ mcpcontrol:
+ ipv4_address: {{ conf.MAAS_IP }}
+ pxebr:
+ ipv4_address: {{ nm.net_admin | ipnet_hostaddr(nm.start_ip[nm.net_admin] + nm.net_admin_hosts.index('opnfv_infra_maas_node01_deploy_address') +1) }}
+ mgmt:
+ ipv4_address: {{ nm.net_mgmt | ipnet_hostaddr(nm.start_ip[nm.net_mgmt] + nm.net_mgmt_hosts.index('opnfv_infra_maas_node01_address') +1) }}
+ volumes:
+ - /lib/modules:/lib/modules:ro
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - /run/dbus/system_bus_socket:/run/dbus/system_bus_socket:ro
+ - {{ conf.MCP_REPO_ROOT_PATH }}/mcp/scripts/docker-compose/files/entrypoint_maas.sh:/entrypoint.sh:ro
+ - {{ conf.MCP_STORAGE_DIR }}/hosts:/etc/hosts:ro
+ - {{ conf.MCP_STORAGE_DIR }}/mas01/etc/iptables:/etc/iptables
+ - {{ conf.MCP_STORAGE_DIR }}/mas01/var/lib/postgresql:/var/lib/postgresql
+ - {{ conf.MCP_STORAGE_DIR }}/mas01/var/lib/maas:/var/lib/maas
+ - {{ conf.MCP_STORAGE_DIR }}/mas01/var/spool/maas-proxy:/var/spool/maas-proxy
+ - {{ conf.MCP_STORAGE_DIR }}/mas01/etc/maas:/etc/maas
+ hostname: mas01
+ domainname: {{ conf.cluster.domain }}
+ privileged: true
+ ports:
+ - 5240:5240
+{%- endif %}
networks:
mcpcontrol:
- driver: macvlan
+ driver: bridge
driver_opts:
- parent: veth_mcp1 # Always untagged
+ com.docker.network.driver.mtu: 9000
ipam:
config:
- subnet: {{ net_mcpcontrol }}
- gateway: {{ net_mcpcontrol | ipnet_hostaddr(1) }}
pxebr:
driver: macvlan
driver_opts:
- parent: veth_mcp3 # Always untagged
+ parent: veth_mcp1 # Always untagged
ipam:
config:
- subnet: {{ nm.net_admin }}
@@ -58,7 +85,7 @@ networks:
{%- if conf.idf.fuel.jumphost.get('trunks', {}).get('mgmt', False) %}
parent: {{ ma.interface_str('veth_mcp5', nm.vlan_mgmt) }}
{%- else %}
- parent: veth_mcp5 # Untagged by default
+ parent: veth_mcp3 # Untagged by default
{%- endif %}
ipam:
config:
diff --git a/mcp/scripts/docker-compose/files/entrypoint.sh b/mcp/scripts/docker-compose/files/entrypoint.sh
index 9830ea15f..a0f72e2d1 100755
--- a/mcp/scripts/docker-compose/files/entrypoint.sh
+++ b/mcp/scripts/docker-compose/files/entrypoint.sh
@@ -21,11 +21,6 @@ if [ ! -f /home/ubuntu/.ssh/authorized_keys ]; then
echo 'IdentityFile /root/fuel/mcp/scripts/mcp.rsa' >> /root/.ssh/config
fi
-if ! grep -q localhost /etc/hosts; then
- # overwrite hosts only on first container up, to preserve cluster nodes
- cp -a /root/fuel/mcp/scripts/docker-compose/files/hosts /etc/hosts
-fi
-
# salt state does not properly configure file_roots in master.conf, hard set it
cp -a /root/fuel/mcp/scripts/docker-compose/files/opnfv_master.conf \
/etc/salt/master.d/opnfv_master.conf
diff --git a/mcp/scripts/docker-compose/files/entrypoint_maas.sh.j2 b/mcp/scripts/docker-compose/files/entrypoint_maas.sh.j2
new file mode 100644
index 000000000..23b8d8f30
--- /dev/null
+++ b/mcp/scripts/docker-compose/files/entrypoint_maas.sh.j2
@@ -0,0 +1,62 @@
+#!/bin/bash -e
+##############################################################################
+# Copyright (c) 2019 Mirantis Inc., Enea AB and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+{%- import 'net_map.j2' as nm with context %}
+{%- set pxebr_addr = nm.net_admin | ipnet_hostaddr(nm.start_ip[nm.net_admin] + nm.net_admin_hosts.index('opnfv_infra_maas_node01_deploy_address') +1) %}
+if [ ! -e /var/lib/postgresql/*/main ]; then
+ cp -ar /var/lib/opnfv/{postgresql,maas} /var/lib/
+ cp -ar /var/lib/opnfv/etc/{ssh,maas} /etc/
+fi
+chown -R maas:maas /var/lib/maas
+chown -R postgres:postgres /var/lib/postgresql
+chown -R proxy:proxy /var/spool/maas-proxy
+
+if [ ! -f /etc/sysctl.d/99-salt.conf ]; then
+ echo 'net.ipv4.ip_forward = 1' > /etc/sysctl.d/99-salt.conf
+fi
+
+cat <<-EOF | tee /etc/resolv.conf
+{%- for server in nm.dns_public %}
+nameserver {{ server }}
+{%- endfor %}
+EOF
+
+cat <<-EOF | tee /etc/salt/minion.d/opnfv.conf
+id: mas01.{{ conf.cluster.domain }}
+master: {{ conf.SALT_MASTER }}
+grains:
+ virtual_subtype: Docker_
+EOF
+rm -f /etc/salt/minion.d/99-master-address.conf
+
+# Work around MaaS issues with PXE/admin using jumbo frames
+MAAS_MTU_SERVICE="/etc/systemd/system/maas-mtu.service"
+cat <<-EOF | tee "${MAAS_MTU_SERVICE}"
+[Unit]
+Requires=network-online.target
+After=network-online.target
+[Service]
+ExecStart=/bin/sh -ec '\
+ /sbin/ifconfig $(/sbin/ip addr | /bin/grep -Po "{{ pxebr_addr }}.* \K(.*)") mtu 1500'
+EOF
+ln -sf "${MAAS_MTU_SERVICE}" "/etc/systemd/system/multi-user.target.wants/"
+
+# Configure mass-region-controller if not already done previously
+[ ! -e /var/lib/maas/secret ] || exit 0
+MAAS_FIXUP_SERVICE="/etc/systemd/system/maas-fixup.service"
+cat <<-EOF | tee "${MAAS_FIXUP_SERVICE}"
+[Unit]
+After=postgresql.service
+[Service]
+ExecStart=/bin/sh -ec '\
+ echo "debconf debconf/frontend select Noninteractive" | debconf-set-selections && \
+ /var/lib/dpkg/info/maas-region-controller.config configure && \
+ /var/lib/dpkg/info/maas-region-controller.postinst configure'
+EOF
+ln -sf "${MAAS_FIXUP_SERVICE}" "/etc/systemd/system/multi-user.target.wants/"
+rm "/usr/sbin/policy-rc.d"