This adds a very basic structure to begin supporting ansible in Kolla.
Ansible can support complete idempotency, but wrapping docker-compose
does not allow idempotency at this time. These playbooks will be
extended to compensate for that in future patches.
Change-Id: I1c9e8d32321e2733f5a9b752edf74b4fe90317ed
When using ';' this can allow the previous command to fail and while the
docker build proceeds without realizing a command failed. Switching to
'&&' allows the exit code to make it to the docker build command and the
build to fail appropriately.
Change-Id: Idd0991ed4549542bb10d27da1a0a025d0503b6c1
This patch builds pam with no auditing. This allows the images to
operate on Ubuntu 14.04 which contain a kernel bug and have not been
updated.
Change-Id: I2b8bd192abcc26df27ca276dc3d0fde377048f20
Each container requires a set of environment variables be declared
so that it can function in a minimal setting. This doc will
provide a list of those environment var for each container.
Change-Id: I225f53c869e5830d680792fd0a38f6622ba9b04b
Data volumes are busted in docker master 1.6-rc1. Need to use a special
branch in order for docker to work.
Change-Id: Ia772de63e1fc8a07f052da2a3f4152f4d97b37f9
Previously, nova enabled_apis was hard coded and metdata_host
was using PUBLIC_IP param instead of exposing an individual
param.
Extending these params and creating a separate compose yml that
includes compute/libvirt/network/api is required to support
nova network multi_host.
Additional details can be found here:
http://docs.openstack.org/admin-guide-cloud/content/section_metadata-service.html
Change-Id: I5d417a0ee460f8ad9b2982fe83d63ab57013918e
Previously, eth0 was set as the nova flat interface. This
interface is used to bridge VM traffic between instances and
should not have an IP. It's a problem when you associate an
interface with an IP to the FLAT_INTERFACE.
Change-Id: I38c516094430e2d55b1b4c047a1bbcfe711a2dff
Previously, Heat was not allowing the necessary TCP ports for
RabbitMQ and MariaDB to Kolla nodes.
Change-Id: If34ca2de2e5213cb97138e5855cc88ff5c564b76
A few errors in the dev doc were causing problems with deploying
a dev env. The dev dos has been updated with the correct steps for
prep'ing a host for running Kolla. Additionally, wording has been
added to reference the Heat template for dev env deployment.
Change-Id: I9f0ba1bd2deca490a72b3c54cb1a7df386228ee8
Heat container is having trouble accessing heat meta data.
Heat needs to have HEAT_CFN_API_SERVICE_HOST set in order
to properly receive meta data.
Closes-bug 1435288
Change-Id: Ia28ece3ae91ec7acc62cc86039612841ac487f36
A data container is meant to operate without bindmounts.
Change-Id: I2624a63fd75db7ed8050054c17e19885f8a7ac8a
Co-Authored-By: Daneyon Hansen (danehans@cisco.com)
A data volume container is far superior to bind mounting the
host's shared directories. It preserves the idempotency,
immutability and declarative properties of the containers.
The way this works in practice is that a data volume container is
created. Then when the containers start they use LVM to access
the filesystem where /var/lib/docker is contained. Then the
container startup logic bindmounts the data volume stored on the
host filesystem in /var/lib/docker/vfs/dir/ID. This prevents
people with access to the host operating system from damaging
the contents of the data container.
It does mean that now we must use tools/stop to stop our containers
rather than tools/cleanup-containers -f.
This is a containers best practice. For more details see:
https://docs.docker.com/userguide/dockervolumes/
Big credit goes to Danyeon Hansen for seeding this idea in the
mariadb containers.
Note occasionally docker-compose start/stop seems to not want to stop
a container. This bug needs to be addressed upstream separately
from our utilization of this best practice.
Change-Id: Iaa1419f606e1b1b7a7560a095c49e79d643164f1
docker-compose master now requires 1.18 API, which is only available
in the development version of docker. Show how to retrieve and run it.
Change-Id: Ia3a7a659c495547fcc04d31cf38ffeaaf6fd729a
This change was lost in 888bb9cc8c68bf61fddc0ca08a69f764a4012121.
Both modprobe and setenforce require root, so I think this is a good
sanity check.
Change-Id: I431df44e0fed4a981df96a9a98bfbb5c350e49ac
Previously, the nwfilter daemon/conf pkgs would need to be
installed on the host. Compose would then mount the host DIR
to the compute containers. A more efficient approach is to simply
install the nwfilter config/daemon in the libvirt container. Both
appoaches address the following error when booting an instance:
'no-mac-spoofing' is missing
Change-Id: I81b446d198920473bf99b97ef5eac6ef5ee85024
The genenv tool was generating the wrong password for the openrc
file as a result of recent keystone rework. This patch fixes that
problem.
Change-Id: I169e3255e3f3ef57938861c31ef4e342d9a32cbc
The Horizon dashboard was not working properly prior to this work.
Also a docker-compose file was added to start the dashboard.
Change-Id: I8a438c15b967b0cec00bfe44b997f833bf745191
Generate Heat environment variables.
Rename yml file to api and engine to follow other service conventions.
Add heat to compose/start
Modify integration guide to include new variables.
Change-Id: I058d829901881e28d6f4785f59fcf778058241e4
Without pid: host, nova-compute and libvirt fail to operate correctly
together. I don't understand why, and I wish it weren't so, but it means
folks will have to install docker-compose from my personal github account
until the pull request is merged upstream.
Change-Id: I24e55405139c831f2df246f54c5b6fd39d00656a
Previously, the database container was configured for use with
Kubernetes. This patch removed any k8s dependencies, adds a script
to manage mysql server.cnf settings and splits data and app
containers. Splitting the containers provides additional
portability and operational efficiencies compared to host mounts.
Change-Id: I80656450c02dda5f2959d187eec20d5877dc54a2
