openstack/kolla-ansible
Code Issues Proposed changes

fix ironic-inspector setup

Browse Source 
* add ironic-inspector(-archive) source to docker image
* pip install from above source code
* move in-container config files to /etc/ironic-inspector
* add sudoers file to allow ironic-rootwrap
* copy rootwrap conf and filters from source repo

Change-Id: Ie3cce19810b9940d06bb636b28015160fea6ddfb
Closes-bug: #1624457
Closes-bug: #1624833
Closes-bug: #1624845
This commit is contained in:
Waldemar Znoinski 2016-09-18 09:15:22 +00:00
parent 1ba9297300
commit 326327acba
4 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ansible/roles/ironic/templates/ironic-inspector.json.j2
View File

@ -1,9 +1,9 @@
{ {
"command": "ironic-inspector --config-file /etc/ironic/ironic.conf", "command": "ironic-inspector --config-file /etc/ironic-inspector/ironic.conf",
"config_files": [ "config_files": [
{ {
"source": "{{ container_config_directory }}/ironic.conf", "source": "{{ container_config_directory }}/ironic.conf",
"dest": "/etc/ironic/ironic.conf", "dest": "/etc/ironic-inspector/ironic.conf",
"owner": "ironic", "owner": "ironic",
"perm": "0600" "perm": "0600"
} }

14
docker/ironic/ironic-inspector/Dockerfile.j2
View File

@ -15,10 +15,20 @@ MAINTAINER {{ maintainer }}
{{ macros.install_packages(ironic_inspector_packages | customizable("packages")) }} {{ macros.install_packages(ironic_inspector_packages | customizable("packages")) }}
{% elif install_type == 'source' %} {% elif install_type == 'source' %}
RUN /var/lib/kolla/venv/bin/pip --no-cache-dir install --upgrade -c requirements/upper-constraints.txt \ ADD ironic-inspector-archive /ironic-inspector-source
ironic-inspector RUN ln -s ironic-inspector-source/* ironic-inspector \
&& mv /etc/ironic /etc/ironic-inspector \
&& /var/lib/kolla/venv/bin/pip --no-cache-dir install --upgrade -c requirements/upper-constraints.txt /ironic-inspector \
&& cp /ironic-inspector/rootwrap.conf /etc/ironic-inspector/ \
&& cp -r /ironic-inspector/rootwrap.d/ /etc/ironic-inspector/ \
&& sed -i 's|^exec_dirs.*|exec_dirs=/var/lib/kolla/venv/bin,/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin|g' /etc/ironic-inspector/rootwrap.conf
{% endif %} {% endif %}
COPY ironic_sudoers /etc/sudoers.d/kolla_ironic_inspector_sudoers
RUN chmod 750 /etc/sudoers.d \
&& chmod 440 /etc/sudoers.d/kolla_ironic_inspector_sudoers
{% block ironic_inspector_footer %}{% endblock %} {% block ironic_inspector_footer %}{% endblock %}
{% block footer %}{% endblock %} {% block footer %}{% endblock %}
{{ include_footer }} {{ include_footer }}

1
docker/ironic/ironic-inspector/ironic_sudoers Normal file
View File

@ -0,0 +1 @@
ironic ALL=(root) NOPASSWD: /var/lib/kolla/venv/bin/ironic-inspector-rootwrap /etc/ironic-inspector/rootwrap.conf *

4
kolla/common/config.py
View File

@ -213,6 +213,10 @@ SOURCES = {
'type': 'url', 'type': 'url',
'location': ('http://tarballs.openstack.org/ironic/' 'location': ('http://tarballs.openstack.org/ironic/'
'ironic-master.tar.gz')}, 'ironic-master.tar.gz')},
'ironic-inspector': {
'type': 'url',
'location': ('http://tarballs.openstack.org/ironic-inspector/'
'ironic-inspector-master.tar.gz')},
'keystone-base': { 'keystone-base': {
'type': 'url', 'type': 'url',
'location': ('http://tarballs.openstack.org/keystone/' 'location': ('http://tarballs.openstack.org/keystone/'