70 Commits

Author SHA1 Message Date
rthallisey
180e8c3331 Replace config-external with a JSON file for Keystone
Change-Id: I4c403edb7cd16f587f30a313c1943f070512eda3
Partially-Implements: blueprint replace-config-external
2015-09-18 15:19:06 -04:00
Steven Dake
6992049323 Add 'rhel' for RPM distros
Add 'rhel' to list for RPM based distros.  Also sort the distro
list for rpm packages for affected lines.

Change-Id: Ied4cb3e9763d6c6359f314d16185383ac3e006ed
Partially-Implements: blueprint rhel-based-image-support
2015-09-04 03:12:15 -07:00
Jenkins
91bc4b094c Merge "Allow arbitrary source archive name to be imported into Dockerfile" 2015-09-04 06:24:28 +00:00
Vladislav Belogrudov
c22cf33268 Allow arbitrary source archive name to be imported into Dockerfile
Currently we cannot import source archives with names different
than expected by hardcoded line in Dockerfiles. This worked well
for Openstack services' tarballs where we expected SERVICE-* root
folder after extraction or kanaka-noVNC for nova-novncproxy docker.
The latter fails if one tries to clone or get tarball under other
names. This fix allows any archive (tar,tgz,zip) or repo name to be
imported into dockerfile.

Change-Id: I869a6a19afaf0e93925572746c22b7589b6600c9
Closes-Bug: #1491415
2015-09-03 16:49:50 +03:00
Sam Yaple
9d3f3f28e2 Create openstack-base container
This creates and moves the dependencies for Ubuntu into a common
openstack-base container. This commit shows dramatically smaller
sizes for all non-openstack containers. The Openstack container remain
the same size.

Change-Id: I2f46420d4b9edcfddda374caddcce906fc708f6c
Partially-Implements: blueprint openstack-common-container
2015-09-03 10:37:45 +00:00
Sam Yaple
7f17203406 Keystone container should use the openstackclient
Initially it did not use this client due to the fact that the client
didn't seem to want to work in the containers. Now it works fine and
it should be used instead of the deprecated keystone client

Change-Id: Ib0e172c677e200e5df01c478b7ea257b30c0df0b
Closes-Bug: #1490126
2015-08-30 08:35:54 +00:00
Steven Dake
5e521f0550 Add Ansible support for Heat
This changes bootstrapping of the Heat container to bootstrap
the Heat container with a heat domain user.  This requires some
work from bootstrap.yml to pass in several environment variables
needed by the heat domain setup script.

Co-Authored-By: Sam Yaple <sam@yaple.net>
Change-Id: Iab05983754fa514835cb5ff54d775faa18773110
Partially-implements: blueprint ansible-heat
2015-08-29 23:58:54 -07:00
Steven Dake
3046d4e94f Keystone container listens on port 80 by default
A default configuration file is present in RPM distros which
listen to http on port 80 by default.

With this patch the keystone container works on centos+binary
where it did not previously.

Closes-Bug: 1490025

Change-Id: I4b5260200521e79d76eec324eb0ef026aa61b23d
2015-08-28 13:47:14 -07:00
Sam Yaple
cbd42ca6e9 Move docker_templates to docker dir
Updated build.py to reflect this change.
Deprecate --template option and make it a noop.

Change-Id: I7cd98d1ee684a4c64984a49597159868152683b2
Partially-Implements: blueprint remove-docker-dir
2015-08-28 13:33:50 +00:00
Sam Yaple
13062e23e8 Restructure builds to allow more flexibility
As a restructure, nothing is changed from the original behaviour and
naming despite the file structure changing. The symlinks to build had
to be updated generating lots of "deleted" and "new_file".

The new structure is:

docker/${base_distro}/${type}/${container}

base_distro == centos, ubuntu, fedora, etc
type == source, binary, rdo

type rdo is a symlink to binary for backwards compatibility

Two new flags are added to the build-all script to support the ability
to support different base distros and a flag to support binary or source
containers.

There are several added folders that are empty to hold the directory
structure for future containers of these types.

To use a prefix other than centos-rdo- you can set PREFIX in the toplevel
directory .buildconf file

Change-Id: Ifc7bac0d827470f506c8b5c004a833da9ce13b90
2015-05-15 01:32:22 -05:00
Steven Dake
d30f69bc83 Port to icehouse
This represents making build-docker-images --release build
with the icehouse tag and causes docker-compsoe to pull from
the icehouse tag.

Partially-implements: blueprint port-kilo

Change-Id: I66b2c39abc55c0f47152dd90e696fc46b9c58f50
2015-05-06 09:58:43 -07:00
Chen Zhiwei
76c1fe6371 Change the default shell to bash
Unify the shell to bash in all Kolla scripts.

Change-Id: Ib9591b2f8f344eb88455c5e9b7ecf2164fb5960a
Implements: blueprint use-bash-shell
2015-04-27 13:26:37 +08:00
Martin André
34872c1c2f Allow check_for_* functions to be consumed by wait_for
In order for the `check_for_*` functions to be consumed by `wait_for`,
they should notify of their success but not exit.

As a consequence, the previous behavior is restored by the fail_unless_*
companion functions.

With this change, it is now possible to do:

    wait_for 30 1 check_for_os_service_running keystone

Change-Id: I16ddf8913027030c3ccb5487713d172904508fd6
2015-04-01 16:39:44 +09:00
Sam Yaple
986edf4a97 Replace ; with && in Dockerfile
When using ';' this can allow the previous command to fail and while the
docker build proceeds without realizing a command failed. Switching to
'&&' allows the exit code to make it to the docker build command and the
build to fail appropriately.

Change-Id: Idd0991ed4549542bb10d27da1a0a025d0503b6c1
2015-03-27 18:52:48 -05:00
Jenkins
be79b50b31 Merge "Don't kill keystone, but instead wait for it to finish at the end" 2015-03-21 03:19:48 +00:00
Steven Dake
f642fd7b2d Don't kill keystone, but instead wait for it to finish at the end
use the bash wait builtin to wait for the keystone process to exit.

Change-Id: I03057e7925e7e41120c163c0be22ade75050d9f1
2015-03-20 10:48:32 -07:00
Daneyon Hansen
8eb36e7cde Fixes Keystone openrc and sets / for scripts
Previously, the keydtone openrc file was not using the proper
auth url, whcih was broken with too many double ticks. Also
changed the auth port from public to admin since keystone user
is an admin tenant. Changed DIR for scripts to align with the
rest of the project.

Change-Id: Iadde3239227e65ecca479b16a7b7db51d3a579c8
2015-03-20 07:18:21 +00:00
Steven Dake
857a2b1dd2 Add a "admin" user via crux to keystone container
The keystone container was changed to only add a keystone user.  The rest
of the infrastructure in Kolla expects the name "admin" from a "can I
use a client to access the APIs perspective."  As a result, we need a user
for keystone and a user for admin which this patch adds.

Change-Id: I3a3e938f946df1fd5982e89397ef61368f1f3674
2015-03-18 12:48:05 -07:00
Daneyon Hansen
dafbaf05ed Implements: blueprint container-set-api-control
Adds Keystone Container-Set support

Previously, Keystone containers were configured for use in a
Kubernetes environment. This patch removed k8s dependencies and
adds container set functionality.

Change-Id: I131ce205857110bbee49fe81a4a005f9e273ce09
2015-03-13 17:10:16 +00:00
Martin André
0764fd7dea Allow changing base image
By changing the PREFIX variable in the .buildconf one is now able to
build docker images from different bases.

For example, add the following line to your .buildconf file to build
CentOS based images:

    PREFIX=centos-rdo-

Default base image is Fedora. For now only RH family is supported.

Additionally, changing the namespace either with the NAMESPACE variable
in .buildconf or via --namespace commandline option now changes the
source namespace as well from the default kollaglue one.

Implements: blueprint multi-baseos
Co-Authored-By: Steven Dake <stdake@cisco.com>
Change-Id: I3964cd2292789ea883a1f2d2738a5731a4fff49b
2015-03-02 14:08:06 +09:00
Steven Dake
9dc7c1a15f Make keystone work with CentOS 7 image
Keystone relies on crux.  Crux is now installed in the base images, so
individual images don't need to install crux.

Partially-implements: blueprint multi-baseos
Change-Id: Id9ed5fb8bc74de6a36f28a6b2bc8ba055c31a32e
2015-02-24 02:28:30 -07:00
Martin André
91ca8d4b00 Cleanup required variables checks for all containers
This allows Kubernetes to reschedule containers in case a required
variable is missing, for example when the Kubernetes pod is started
before the service.

The checks were cleaned using the following method:
  * remove duplicates
  * remove check for variables that get a default value in the same file
  * check for all variables used in the file
  * check for required services when it is obvious.

Change-Id: Ib7e0530c410c61f828d36efe8925a20dc9781eab
2015-01-19 16:29:59 +09:00
Jenkins
1fcf0bee5f Merge "Prefer the use PUBLIC_IP over MY_IP" 2014-12-26 07:01:12 +00:00
Martin André
816612192c Enable usage of containers outside of Kubernetes
Kubernetes currently creates FOO_SERVICE_HOST and FOO_SERVICE_PORT env
vars as part of starting the containers. However this is not done when
starting them with plain docker.

Defaulting variables to their common version if they're not already set
allows the usage of --link in plain 'docker run' to wire together
containers.

Co-Authored-By: Charles Crouch <ccrouch@redhat.com>
Change-Id: I91098ff987b18646d901ac63a3a644fbb68fc857
2014-12-17 13:50:03 +09:00
Martin André
1950051b66 Prefer the use PUBLIC_IP over MY_IP
PUBLIC_IP is more descriptive that MY_IP, it should be used consistently
across Kolla.

Change-Id: Iff6ae903e794ec84a40a300b36512422b7a81f71
2014-12-03 11:29:16 +09:00
Martin André
21f28309e7 Check for all required variables in keystone start.sh
This allows Kubernetes to reschedule the container in case a required
variable is missing, for example when the Kubernetes pod is started
before the service.

Additionally, define the KEYSTONE_ADMIN_SERVICE_HOST and
KEYSTONE_PUBLIC_SERVICE_HOST variables to their common version if not
already set to allow usage outside of Kubernetes with docker link
feature.

Change-Id: Ie0966c18076a770e4031bbf5f777dd1be0ba20bc
Closes-Bug: 1398632
2014-12-03 10:22:18 +09:00
Lars Kellogg-Stedman
277f2448e8 Update MAINTAINER in Dockerfiles to Kolla Project
Remove individual MAINTAINER information from Dockerfiles.

Change-Id: I777df5cde049599dc786176e1d5b4b9597f0b334
2014-10-22 11:11:31 -04:00
Lars Kellogg-Stedman
8313834d16 log to stdout/stderr
modify glance and keystone images to log to stdout/stderr, so that logs
can be recovered using "docker logs".

Change-Id: I18470c13142ceaf2f10c32e10f5e835ddaf58550
2014-10-13 16:43:13 -04:00
Lars Kellogg-Stedman
f593541485 added simple health check scripts
add /check.sh to keystone and glance-api images that can be used to
verify proper functionality of the container.

Change-Id: I0a878678fb8e9427d8e99af4896cbc679d3490a4
2014-10-13 16:43:13 -04:00
Lars Kellogg-Stedman
a19e1cdd00 keystone: exit on errors; cleanup
Cause keystone start script to exit on any errors (permitting kubernetes
to reschedule the pod).

Closes-bug: 1379057
Change-Id: Ide2eac6495250c8cba91cf9b7409dcb313f6f74b
2014-10-13 14:41:37 -04:00
Lars Kellogg-Stedman
f2a747b353 properly quote password in keystone start script
make sure that DB_ROOT_PASSWORD is in quotes to prevent errors from
shell metacharacters in the password.

Change-Id: I586ba7bb1d518d4ebfef257f92d315684843dd9b
2014-10-13 14:41:37 -04:00
Lars Kellogg-Stedman
4fd63199f1 update existing keystone objects
when booting the keystone container with an existing database, make sure
to update credentials for admin user and replace existing keystone
endpoint in the service catalog.

Change-Id: I2c66d75210ef7ba5a96077eea15a8c564e99f662
2014-10-08 21:53:13 -04:00
Steven Dake
2bc783b8c6 Reorganize k8s structure
All services go to TLD/k8s/service
All pods go to TLD/k8s/pod

Change-Id: Iad2977a9f0cd5f430c4e0a566846bf4681618379
2014-10-07 15:33:11 -07:00
Lars Kellogg-Stedman
3c080f9e62 renamed keystone services
This renames the keystone services so that they are named by function,
rather than port number (which would be confusing if they were running
on a different port).

Change-Id: Ibb0263a133c28a104563df431870a9effe584012
2014-10-07 11:11:19 -04:00
Lars Kellogg-Stedman
068face6fa use renamed mariadb services
This patch updates all the json files that reference the mariadb service
variables to ues the new names.

Labelling things foo-master crept into this repository from the
kubernetes guestbook example (which has redis-master and redis-slaves).
We're not running clustered software at the moment so these labels are
unnecessary.

Change-Id: I229d04c89aa13cb6cc2e1c33a0a7b21e1c6e9caa
2014-10-07 10:58:52 -04:00
Lars Kellogg-Stedman
9414ab5cad use "crux" for creating users/endpoints
this patch introduces the "crux" [1] tool for creating keystone
users, services, and endpoints in an idempotent fashion.  E.g., to
create a user that doesn't exist:

    $ crux user-create -n lars -t lars -p secret
    creating new tenant
    created tenant lars (d74cec5023c4428da533066bb11943db)
    creating new user lars
    created user lars (adf2c2d92e894a3d90a403c5885f192e)

And performing the same operation a second time:

    $ crux user-create -n lars -t lars -p secret
    using existing tenant lars (d74cec5023c4428da533066bb11943db)
    using existing user lars (adf2c2d92e894a3d90a403c5885f192e)

The behavior is similar for creating keystone endpoints.

[1]: https://github.com/larsks/crux

Change-Id: I694e0c1bdcdde595e1af2ee8ef5d0f239a9ad4cd
2014-10-06 13:26:34 -04:00
Lars Kellogg-Stedman
24b6db92bc introduce a new build mechanism
This patch replaces the collection of individual "build" scripts with a
single script (tools/build-docker-image), made available as "build"
inside each image directory.

The build-docker-image script will, by default, build images tagged with
the current commit id in order to prevent developers from accidentally
stepping on each other or on release images.

Documentation in docs/image-building.md describes the script in more
detail.

Change-Id: I444d5c2256a85223f8750a0904cb4b07f18ab67f
2014-10-04 11:03:39 -04:00
Jenkins
3127f4cad3 Merge "Keystone: Do a service and endpoint create" 2014-10-03 16:48:21 +00:00
Jenkins
4f242ff9e3 Merge "Keystone: remove extra commas and tabs in JSON" 2014-10-03 16:47:35 +00:00
Steven Dake
5d0d4b224d Keystone: remove extra commas and tabs in JSON
The JSON doesn't parse correctly

Change-Id: Ie68ad1cdfb80b9f3c15e9d93476f7c53cc0a0858
2014-10-03 07:56:00 -07:00
Steven Dake
15e18864e2 Keystone: Do a service and endpoint create
This patch does a service and endpoint create so that each separate service
can find keystone.  This patch also makes the sleeping a bit more logical
although there are TODOs in this area to remove the sleep operations.

Change-Id: Icfee464f9473686da89bfa8b2106172cbfd4c1a8
Closes-Bug: #1376975
2014-10-03 06:38:44 -07:00
Lars Kellogg-Stedman
5b165e892e fix keystone dockerfile
- fully qualify base image (fedora-rdo-base ->
  kollaglue/fedora-rdo-base)
- EXPOSE keystone service ports

Change-Id: I3b848dc1743d577ea84be868b04a41383115592b
2014-10-02 20:15:02 -04:00
Steven Dake
d94115c342 Restart container until mariadb is available
Fix a race condition between MariaDB service start and Keystone.

Change-Id: I31384204eca9c7201eb102ec0359b390e88b96ba
2014-10-02 12:43:47 -07:00
Steven Dake
3073944189 Change "redhat" to "kolla" in the keystone authentication
Change-Id: Ic5fe761906e0ea6964c072ae510f7e62706c286b
2014-10-02 08:54:37 -07:00
Steven Dake
a7b17d70a3 Use pki_setup to set up keystone properly 2014-09-27 19:00:09 -07:00
Steven Dake
1e6f8114c8 Setup pki_setup on initial setup of keystone
Need PKI setup for keystone to operate.
2014-09-27 16:03:02 -07:00
Steven Dake
9c7f0622a7 Point to fedora-rdo-* for image names 2014-09-27 14:06:39 -07:00
Steven Dake
cca017d44c Pull mariadb and keystone images from the kollaglue organization
Presently these are pulled from a closed location inside a firewall.  Instead
pull them from the public docker registry.
2014-09-27 12:31:12 -07:00
Steven Dake
dfb9faedda Make keystone use stderr
We want all log output to go to stderr so it can be debugged later.
2014-09-27 12:29:13 -07:00
Steven Dake
7bb837fc65 Add a push script for each of the separate daemons
This pushes to the docker registry.
2014-09-25 22:15:27 -07:00