Updating the disk image builder code
Adds haproxy 1.5.x from ubuntu trusty backports Adds a git pull for the amphora agent code Removes check for argparse (internal for python 2.7) Adds sysctl net.ipv4.ip_nonlocal_bind=1 Change-Id: I7aecf727fb5d9be08982c5a32ae3c6e280ebda14
This commit is contained in:
		| @@ -261,7 +261,11 @@ else | ||||
|         fi | ||||
| fi | ||||
|  | ||||
| PKG_LIST="Babel argparse dib-utils PyYAML" | ||||
| # "pip freeze" does not show argparse, even if it is explictly installed, | ||||
| # because it is part of of the standard python library in 2.7. | ||||
| # See https://github.com/pypa/pip/issues/1570 | ||||
|  | ||||
| PKG_LIST="Babel dib-utils PyYAML" | ||||
|     for pkg in $PKG_LIST; do | ||||
|         if ! pip freeze 2>/dev/null| grep -q "^$pkg==" &>/dev/null; then | ||||
|             echo "Required python package " $pkg " is not installed.  Exiting." | ||||
| @@ -295,18 +299,21 @@ popd > /dev/null | ||||
|  | ||||
| if [ "$AMP_BASEOS" = "ubuntu" ]; then | ||||
|     AMP_element_sequence=${AMP_element_sequence:-"base vm ubuntu"} | ||||
|     AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND-ubuntu" | ||||
|     if [ "$BASE_OS_MIRROR" ]; then | ||||
|         AMP_element_sequence="$AMP_element_sequence apt-mirror" | ||||
|         export UBUNTU_MIRROR="$BASE_OS_MIRROR" | ||||
|     fi | ||||
| elif [ "$AMP_BASEOS" = "fedora" ]; then | ||||
|     AMP_element_sequence=${AMP_element_sequence:-"base vm fedora"} | ||||
|     AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND" | ||||
|     if [ "$BASE_OS_MIRROR" ]; then | ||||
|         AMP_element_sequence="$AMP_element_sequence fedora-mirror" | ||||
|         export FEDORA_MIRROR="$BASE_OS_MIRROR" | ||||
|     fi | ||||
| elif [ "$AMP_BASEOS" = "centos" ]; then | ||||
|     AMP_element_sequence=${AMP_element_sequence:-"base vm centos7"} | ||||
|     AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND" | ||||
|     if [ "$BASE_OS_MIRROR" ]; then | ||||
|         AMP_element_sequence="$AMP_element_sequence centos-mirror" | ||||
|         export CENTOS_MIRROR="$BASE_OS_MIRROR" | ||||
| @@ -318,8 +325,8 @@ if [ "$AMP_ROOTPW" ]; then | ||||
|     export DIB_PASSWORD=$AMP_ROOTPW | ||||
| fi | ||||
|  | ||||
| # Add the Octavia Amphora backend element | ||||
| AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND" | ||||
| # Add the Octavia Amphora agent element | ||||
| AMP_element_sequence="$AMP_element_sequence amphora-agent" | ||||
|  | ||||
| # Allow full elements override | ||||
| if [ "$DIB_ELEMENTS" ]; then | ||||
|   | ||||
							
								
								
									
										3
									
								
								elements/amphora-agent/README.rst
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								elements/amphora-agent/README.rst
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,3 @@ | ||||
| Element to install an Octavia Amphora agent. | ||||
|  | ||||
|  | ||||
							
								
								
									
										1
									
								
								elements/amphora-agent/element-deps
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										1
									
								
								elements/amphora-agent/element-deps
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1 @@ | ||||
| source-repositories | ||||
							
								
								
									
										2
									
								
								elements/amphora-agent/source-repository-amphora-agent
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										2
									
								
								elements/amphora-agent/source-repository-amphora-agent
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,2 @@ | ||||
| # This is temporary until we have a pip package | ||||
| amphora-agent git /opt/amphora-agent https://review.openstack.org/stackforge/octavia refs/changes/34/160034/16 | ||||
							
								
								
									
										2
									
								
								elements/amphora-agent/svc-map
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										2
									
								
								elements/amphora-agent/svc-map
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,2 @@ | ||||
| amphora-agent: | ||||
|   default: amphora-agent | ||||
							
								
								
									
										3
									
								
								elements/haproxy-octavia-ubuntu/README.rst
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								elements/haproxy-octavia-ubuntu/README.rst
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,3 @@ | ||||
| Element to install an Octavia Amphora with an haproxy backend. | ||||
|  | ||||
|  | ||||
							
								
								
									
										3
									
								
								elements/haproxy-octavia-ubuntu/element-deps
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								elements/haproxy-octavia-ubuntu/element-deps
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,3 @@ | ||||
| os-svc-install | ||||
| package-installs | ||||
| sysctl | ||||
							
								
								
									
										6
									
								
								elements/haproxy-octavia-ubuntu/install.d/76-haproxy
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										6
									
								
								elements/haproxy-octavia-ubuntu/install.d/76-haproxy
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,6 @@ | ||||
| #!/bin/bash | ||||
|  | ||||
| set -eux | ||||
| set -o pipefail | ||||
|  | ||||
| [ -d /var/lib/haproxy ] || install -d -D -m 0755 -o root -g root /var/lib/haproxy | ||||
| @@ -0,0 +1,9 @@ | ||||
| #!/bin/bash | ||||
| set -eux | ||||
| set -o pipefail | ||||
|  | ||||
| # Allow haproxy to proxy any port if SELinux is in enforcing mode | ||||
| # https://bugs.launchpad.net/tripleo/+bug/1339938 | ||||
| if [[ -x /usr/sbin/semanage ]]; then | ||||
|     setsebool -P haproxy_connect_any 1 | ||||
| fi | ||||
| @@ -0,0 +1,47 @@ | ||||
| #!/bin/bash | ||||
|  | ||||
| set -eu | ||||
| set -o pipefail | ||||
|  | ||||
| sysctl-set-value net.ipv4.tcp_max_tw_buckets 5800000 | ||||
| sysctl-set-value net.ipv4.tcp_max_orphans 5800000 | ||||
| sysctl-set-value net.ipv4.tcp_max_syn_backlog 40960 | ||||
| sysctl-set-value net.ipv4.tcp_keepalive_time 300 | ||||
| sysctl-set-value net.ipv4.tcp_tw_recycle 0 | ||||
| sysctl-set-value net.ipv4.tcp_tw_reuse 1 | ||||
| sysctl-set-value net.ipv4.tcp_timestamps 0 | ||||
| sysctl-set-value net.ipv4.tcp_ecn 0 | ||||
| sysctl-set-value net.ipv4.tcp_sack 0 | ||||
| sysctl-set-value net.ipv4.tcp_dsack 0 | ||||
| sysctl-set-value net.ipv4.netfilter.ip_conntrack_max 1524288 | ||||
| sysctl-set-value net.core.somaxconn 40960 | ||||
| sysctl-set-value net.ipv4.tcp_synack_retries 3 | ||||
| sysctl-set-value net.core.netdev_max_backlog 40960 | ||||
| sysctl-set-value fs.file-max 1048576 | ||||
| sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait 5 | ||||
| sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait 5 | ||||
| sysctl-set-value net.ipv4.tcp_fin_timeout 5 | ||||
| sysctl-set-value net.ipv4.ip_nonlocal_bind 1 | ||||
|  | ||||
| # Currently the tripleo-image-elements sysctl element can't handle multi-value | ||||
| # settings, so I will set them manually here | ||||
| NAME=net.ipv4.tcp_rmem | ||||
| VALUE="16384 65536 524288" | ||||
| FILENAME="/etc/sysctl.d/${NAME}.conf" | ||||
| cat > $FILENAME <<EOF_CAT | ||||
| $NAME = $VALUE | ||||
| EOF_CAT | ||||
|  | ||||
| NAME=net.ipv4.tcp_wmem | ||||
| VALUE="16384 349520 699040" | ||||
| FILENAME="/etc/sysctl.d/${NAME}.conf" | ||||
| cat > $FILENAME <<EOF_CAT | ||||
| $NAME = $VALUE | ||||
| EOF_CAT | ||||
|  | ||||
| NAME=net.ipv4.ip_local_port_range | ||||
| VALUE="1024 65000" | ||||
| FILENAME="/etc/sysctl.d/${NAME}.conf" | ||||
| cat > $FILENAME <<EOF_CAT | ||||
| $NAME = $VALUE | ||||
| EOF_CAT | ||||
							
								
								
									
										3
									
								
								elements/haproxy-octavia-ubuntu/package-installs.json
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								elements/haproxy-octavia-ubuntu/package-installs.json
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,3 @@ | ||||
| { | ||||
|     "haproxy/trusty-backports": null | ||||
| } | ||||
							
								
								
									
										7
									
								
								elements/haproxy-octavia-ubuntu/pre-install.d/01-backports
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										7
									
								
								elements/haproxy-octavia-ubuntu/pre-install.d/01-backports
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,7 @@ | ||||
| #!/bin/bash | ||||
| # Add the Ubuntu backports archive | ||||
|  | ||||
| set -eu | ||||
| set -o xtrace | ||||
|  | ||||
| echo deb http://archive.ubuntu.com/ubuntu trusty-backports main restricted universe multiverse > /etc/apt/sources.list.d/backports.list | ||||
							
								
								
									
										2
									
								
								elements/haproxy-octavia-ubuntu/svc-map
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										2
									
								
								elements/haproxy-octavia-ubuntu/svc-map
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,2 @@ | ||||
| haproxy: | ||||
|   default: haproxy | ||||
| @@ -1 +0,0 @@ | ||||
| haproxy | ||||
| @@ -21,6 +21,7 @@ sysctl-set-value fs.file-max 1048576 | ||||
| sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait 5 | ||||
| sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait 5 | ||||
| sysctl-set-value net.ipv4.tcp_fin_timeout 5 | ||||
| sysctl-set-value net.ipv4.ip_nonlocal_bind 1 | ||||
|  | ||||
| # Currently the tripleo-image-elements sysctl element can't handle multi-value | ||||
| # settings, so I will set them manually here | ||||
|   | ||||
							
								
								
									
										3
									
								
								elements/haproxy-octavia/package-installs.json
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								elements/haproxy-octavia/package-installs.json
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,3 @@ | ||||
| { | ||||
|     "haproxy": null | ||||
| } | ||||
		Reference in New Issue
	
	Block a user
	 Michael Johnson
					Michael Johnson