Add support for Clear Container Runtime

This patch installs Clear Container[1] as one of the runtime
for docker.

[1] https://clearlinux.org/features/intel%C2%AE-clear-containers

Change-Id: Ibacebf84ce1ff68a779589c7c9e17916503cafab
This commit is contained in:
Madhuri Kumari 2017-08-31 09:15:41 +00:00
parent 20047d232e
commit f4b1a02959
4 changed files with 54 additions and 10 deletions

View File

@ -1,13 +1,13 @@
=================
Container Plugin
=================
================
Container Plugin
================
This plugin enables installation of container engine on Devstack. The default
container engine is Docker (currently this plugin supports only Docker!).
======================
Enabling in Devstack
======================
====================
Enabling in Devstack
====================
1. Download DevStack
--------------------

View File

@ -38,11 +38,11 @@ echo_summary "Devstack-plugin-container's post_test_hook.sh was called..."
# Verify that Docker is installed correctly by running the hello-world image
sudo -H -u stack docker run hello-world
EXIT_CODE=$?
# Copy over docker systemd unit journals.
mkdir -p $WORKSPACE/logs
sudo journalctl -o short-precise --unit docker | sudo tee $WORKSPACE/logs/docker.txt > /dev/null
EXIT_CODE=$?
$XTRACE
exit $EXIT_CODE

View File

@ -26,7 +26,7 @@ DOCKER_ENGINE_PORT=${DOCKER_ENGINE_PORT:-2375}
DOCKER_CLUSTER_STORE=${DOCKER_CLUSTER_STORE:-}
DOCKER_GROUP=${DOCKER_GROUP:-$STACK_USER}
DOCKER_CGROUP_DRIVER=${DOCKER_CGROUP_DRIVER:-}
ENABLE_CLEAR_CONTAINER=$(trueorfalse False ENABLE_CLEAR_CONTAINER)
# Functions
# ---------
@ -73,6 +73,19 @@ function install_docker {
fi
yum_install docker-ce
fi
if [[ "$ENABLE_CLEAR_CONTAINER" == "True" ]]; then
# Clear Container can't run inside VM, so check whether virtualization
# is enabled or not
if sudo grep -E 'svm|vmx' /proc/cpuinfo &> /dev/null; then
if is_ubuntu; then
install_clear_container_ubuntu
elif is_fedora; then
install_clear_container_fedora
fi
else
(>&2 echo "WARNING: Clear Container needs the CPU extensions svm or vmx which is not enabled. Skipping Clear Container installation.")
fi
fi
}
function configure_docker {
@ -83,6 +96,16 @@ function configure_docker {
if [[ -n "$DOCKER_CLUSTER_STORE" ]]; then
cluster_store_opts+="\"cluster-store\": \"$DOCKER_CLUSTER_STORE\","
fi
local runtime_opts=""
if [[ "$ENABLE_CLEAR_CONTAINER" == "True" ]]; then
if sudo grep -E 'svm|vmx' /proc/cpuinfo &> /dev/null; then
runtime_opts+="\"runtimes\": {
\"cor\": {
\"path\": \"/usr/bin/cc-oci-runtime\"
}
},"
fi
fi
local docker_config_file=/etc/docker/daemon.json
local debug
if [[ "$ENABLE_DEBUG_LOG_LEVEL" == "True" ]]; then
@ -94,6 +117,7 @@ function configure_docker {
cat <<EOF | sudo tee $docker_config_file >/dev/null
{
$cluster_store_opts
$runtime_opts
"debug": ${debug},
"group": "$DOCKER_GROUP",
EOF
@ -111,6 +135,7 @@ EOF
]
}
EOF
# NOTE(hongbin): We override ExecStart to workaround issue 22339.
# https://github.com/docker/docker/issues/22339
local docker_drop_in_file=/etc/systemd/system/docker.service.d/docker.conf
@ -129,5 +154,23 @@ function stop_docker {
sudo systemctl stop docker.service || true
}
function install_clear_container_ubuntu {
sudo sh -c "echo 'deb http://download.opensuse.org/repositories/home:/clearlinux:/preview:/clear-containers-2.1/xUbuntu_$(lsb_release -rs)/ /' >> /etc/apt/sources.list.d/cc-oci-runtime.list"
curl -fsSL http://download.opensuse.org/repositories/home:/clearlinux:/preview:/clear-containers-2.1/xUbuntu_$(lsb_release -rs)/Release.key | sudo apt-key add -
REPOS_UPDATED=False apt_get_update
apt_get install cc-oci-runtime
}
function install_clear_container_fedora {
source /etc/os-release
local lsb_dist=${os_VENDOR,,}
if [[ "$lsb_dist" = "fedora" ]]; then
sudo -E dnf config-manager \
--add-repo \
http://download.opensuse.org/repositories/home:clearlinux:preview:clear-containers-2.1/Fedora\_$VERSION_ID/home:clearlinux:preview:clear-containers-2.1.repo
fi
yum_install cc-oci-runtime linux-container
}
# Restore xtrace
$_XTRACE_DOCKER

View File

@ -1,6 +1,7 @@
# Devstack settings
CONTAINER_ENGINE=${CONTAINER_ENGINE:-docker}
ENABLE_CLEAR_CONTAINER=${ENABLE_CLEAR_CONTAINER:-true}
# Enable container services
enable_service container