Add `nova` user to nova-libvirt container.
And change libvirt-socket group to nova.
Change-Id: I183c83f4be8b1d7c75d4ac204df7b7e059626aa2
Closes-Bug: #1525583
Currently we are not creating any non-root user for running
libvirt daemon. That should be done in the future, but currently
when we don't have such a user, libvirtd should be runned by
root.
Change-Id: Ieb0d8bd068b591f522548628b0bfffbe206b749e
Related-Bug: #1523630
Updates to ensure commands run in the nova containers
are done as the 'nova' user rather than root.
Change-Id: I0dd0276c2848ad77d92d350dfa0f20161329ed55
Partially-Implements: blueprint drop-root
Small change to remove the default network since neutron handles all
of the bridge and veth creation. virbr0 becomes clutter.
CentOS doesn't seem to come with this default.xml network, so no
change there.
Note: This doesn't remove virbr0 from a running system, it only
prevents its creation.
Change-Id: I8e118ea285c674a47884bbe864df134133406bbc
Closes-Bug: #1512060
Potential-Backport: Liberty
Ceph packages need to be installed in nova, glance, and cinder.
Once that is done, Ceph works like a champ!
Change-Id: I296da1d04d0c1bcb729f22e65e432d53d561b49c
backport: liberty
Closes-Bug: #1505549
The majority of the start.sh code is identical. This removes that
duplicate code while still maintaining the ability to call code in a
specific container.
The start.sh is moved into /usr/local/bin/kolla_start in the container
The extend_start.sh script is called by the kolla_start script at the
location /usr/local/bin/kolla_extend_start . It always exists because
we create a noop kolla_extend_start in the base directory. We override
it with extend_start.sh in a specific image should we need to.
Of note, the neutron-agents container is exempt from this new
structure due to it being a fat container.
Additionally, we fix the inconsistent permissions throughout. 644 for
repo files and the scripts are set to 755 via a Docker RUN command to
ensure someones local perm change won't break upstream containers.
Change-Id: I7da8d19965463ad30ee522a71183e3f092e0d6ad
Closes-Bug: #1501295
Recent regressions in the code base removed permission setting of
/dev/kvm to root:kvm 660 permissions which are default for CentOS's
version of libvirt.
Also Libvirt must be able to read its cnofiguration file, which was
previously 600 root:root. Now its 644 root:root so its always readable.
This is fine, since this file doesn't contain any secret information.
Change-Id: Id87cf5da8e37bc5bb613ce919d0293803d0fe5ed
Closes-Bug: #1500733
This prepares for the RHEL OSP implementation by making the build
tool convert all binary-* into an install_type of binary and * into
an install_metatype variable substitution inside the Dockerfiles.
Further binary-* is substituted as install_name to enable proper
building only.
Change-Id: Ib681b29176eb79a3cab12ec824313fdecb6e7a5f
Partially-Implements: blueprint rhel-based-image-support
This implements all the openstack pieces needed to make ceph work.
DocImpact
Change-Id: I1d24476a966602cf955e5ef872b0efb01319894a
Partially-Implements: blueprint ceph-container
Implements: blueprint kolla-live-migration
I removed the files but not the COPY commands thus breaking all of
Kolla
Change-Id: I37d3e0cb94a1ecc12971f485f953310ba8fee53c
Partially-Implements: blueprint replace-config-external
Removes config-external for all services that have been replaced in
Ansible
Change-Id: I839a14418638b977fbc1d02ba6839811b0f909ea
Partially-Implements: blueprint replace-config-external
Add 'rhel' to list for RPM based distros. Also sort the distro
list for rpm packages for affected lines.
Change-Id: Ied4cb3e9763d6c6359f314d16185383ac3e006ed
Partially-Implements: blueprint rhel-based-image-support
Updated build.py to reflect this change.
Deprecate --template option and make it a noop.
Change-Id: I7cd98d1ee684a4c64984a49597159868152683b2
Partially-Implements: blueprint remove-docker-dir