zun/devstack/lib/nova

#!/bin/bash
#
# lib/nova
# Configure the docker hypervisor

# Dependencies:
#
# - ``functions`` file
# - ``DEST``, ``NOVA_CONF``, ``STACK_USER`` must be defined

# ``stack.sh`` calls the entry points in this order:
#
# - configure_nova_docker

# Save trace setting
_XTRACE_ZUN_NOVA=$(set +o | grep xtrace)
set +o xtrace

# Defaults
# --------
NOVA_CONF_DIR=${NOVA_CONF_DIR:-/etc/nova}
NOVA_CONF=${NOVA_CONF:-NOVA_CONF_DIR/nova.conf}


# Entry Points
# ------------

# configure_nova_docker - Set config files, create data dirs, etc
function configure_nova_docker {
    iniset $NOVA_CONF DEFAULT compute_driver zun.DockerDriver

    # CentOS/RedHat distros don't start the services just after the package
    # is installed if it is not explicitily set. So the script fails on
    # them in this killall because there is nothing to kill.
    sudo killall docker || true

    # Enable debug level logging
    if [ -f "/etc/default/docker" ]; then
        sudo cat /etc/default/docker
        sudo sed -i 's/^.*DOCKER_OPTS=.*$/DOCKER_OPTS=\"--debug --storage-opt dm.override_udev_sync_check=true\"/' /etc/default/docker
        sudo cat /etc/default/docker
    fi
    if [ -f "/etc/sysconfig/docker" ]; then
        sudo cat /etc/sysconfig/docker
        sudo sed -i 's/^.*OPTIONS=.*$/OPTIONS=--debug --selinux-enabled/' /etc/sysconfig/docker
        sudo cat /etc/sysconfig/docker
    fi
    if [ -f "/usr/lib/systemd/system/docker.service" ]; then
        sudo cat /usr/lib/systemd/system/docker.service
        sudo sed -i 's/docker daemon/docker daemon --debug/' /usr/lib/systemd/system/docker.service
        sudo cat /usr/lib/systemd/system/docker.service
        sudo systemctl daemon-reload
    fi

    sudo service docker start || true

    # setup rootwrap filters
    local rootwrap_conf_src_dir="$DEST/zun/etc/nova"
    sudo install -o root -g root -m 644 $rootwrap_conf_src_dir/rootwrap.d/*.filters /etc/nova/rootwrap.d
}

# Restore xtrace
$_XTRACE_ZUN_NOVA
Implement the sandbox proposal - Part 2 This commit extends the existing Docker driver to leverage Nova to provision sandbox. In other words, there are two drivers: 1. docker.driver.DockerDriver (default) 2. docker.driver.NovaDockerDriver Users can choose which driver they want to use. The major difference is the second driver integrate with Neutron, Neutron is used to provide networking for container. The files under nova/* were copied from nova-docker with minor modification (mainly for fixing bugs and removing unused codes). In particular, nova/virt/docker/driver.py contains a DockerDriver for Nova. It implements the Nova virt driver interface using docker. This custom virt driver is used to create/delete/manage sandbox containers. At this commit, we hardcoded the flavor to m1.small and nics to 'auto' when creating sandbox instances. We might make them as parameters and specified by end-users. The flavor will decide the resource constraints of the container and nics will decide how the networking of the container being configured. The docker image kubernetes/pause is chosen to be the image of the sandbox container, since its size is small and statisfies what we want (an empty container that keeps running). When creating the sandbox, we haven't specify the security group yet so the default security group is used. Users need to open ports in that security groups to access container from outside. Later, we could create a custom security group for each container, and automatically open ports that are exposed by the container. For more details of the design, please refer: https://review.openstack.org/#/c/365754/ Implements: blueprint neutron-integration Depends-On: Ib8f193ea1edf1f148e9ba505205495170ebf6d67 Change-Id: I1543f386b6439d305b308d6c6ebe073225223c25 2016-11-17 15:18:52 -06:00			`#!/bin/bash`
			`#`
			`# lib/nova`
			`# Configure the docker hypervisor`

			`# Dependencies:`
			`#`
			# - ``functions`` file
			# - ``DEST``, ``NOVA_CONF``, ``STACK_USER`` must be defined

			# ``stack.sh`` calls the entry points in this order:
			`#`
			`# - configure_nova_docker`

			`# Save trace setting`
devstack: restore xtrace in zun nova lib Change-Id: I196efbffbeb22b18ee07b6392373c877d9e1117b 2017-02-22 16:01:54 +08:00			`_XTRACE_ZUN_NOVA=$(set +o \| grep xtrace)`
Implement the sandbox proposal - Part 2 This commit extends the existing Docker driver to leverage Nova to provision sandbox. In other words, there are two drivers: 1. docker.driver.DockerDriver (default) 2. docker.driver.NovaDockerDriver Users can choose which driver they want to use. The major difference is the second driver integrate with Neutron, Neutron is used to provide networking for container. The files under nova/* were copied from nova-docker with minor modification (mainly for fixing bugs and removing unused codes). In particular, nova/virt/docker/driver.py contains a DockerDriver for Nova. It implements the Nova virt driver interface using docker. This custom virt driver is used to create/delete/manage sandbox containers. At this commit, we hardcoded the flavor to m1.small and nics to 'auto' when creating sandbox instances. We might make them as parameters and specified by end-users. The flavor will decide the resource constraints of the container and nics will decide how the networking of the container being configured. The docker image kubernetes/pause is chosen to be the image of the sandbox container, since its size is small and statisfies what we want (an empty container that keeps running). When creating the sandbox, we haven't specify the security group yet so the default security group is used. Users need to open ports in that security groups to access container from outside. Later, we could create a custom security group for each container, and automatically open ports that are exposed by the container. For more details of the design, please refer: https://review.openstack.org/#/c/365754/ Implements: blueprint neutron-integration Depends-On: Ib8f193ea1edf1f148e9ba505205495170ebf6d67 Change-Id: I1543f386b6439d305b308d6c6ebe073225223c25 2016-11-17 15:18:52 -06:00			`set +o xtrace`

			`# Defaults`
			`# --------`
			`NOVA_CONF_DIR=${NOVA_CONF_DIR:-/etc/nova}`
			`NOVA_CONF=${NOVA_CONF:-NOVA_CONF_DIR/nova.conf}`


			`# Entry Points`
			`# ------------`

			`# configure_nova_docker - Set config files, create data dirs, etc`
			`function configure_nova_docker {`
Rename virt driver from 'docker' to 'zun' The rationals are as following: * Make it clear that the in-tree virt driver is not the same as the nova-docker driver * Justify that Zun is going to support additional runtime * Avoid name collision with nova-docker on packaging. Change-Id: I08f9cc0100837f62c57e2e77cd7f6cd727b91b69 Closes-Bug: #1652387 2016-12-23 15:46:59 -06:00			`iniset $NOVA_CONF DEFAULT compute_driver zun.DockerDriver`
Implement the sandbox proposal - Part 2 This commit extends the existing Docker driver to leverage Nova to provision sandbox. In other words, there are two drivers: 1. docker.driver.DockerDriver (default) 2. docker.driver.NovaDockerDriver Users can choose which driver they want to use. The major difference is the second driver integrate with Neutron, Neutron is used to provide networking for container. The files under nova/* were copied from nova-docker with minor modification (mainly for fixing bugs and removing unused codes). In particular, nova/virt/docker/driver.py contains a DockerDriver for Nova. It implements the Nova virt driver interface using docker. This custom virt driver is used to create/delete/manage sandbox containers. At this commit, we hardcoded the flavor to m1.small and nics to 'auto' when creating sandbox instances. We might make them as parameters and specified by end-users. The flavor will decide the resource constraints of the container and nics will decide how the networking of the container being configured. The docker image kubernetes/pause is chosen to be the image of the sandbox container, since its size is small and statisfies what we want (an empty container that keeps running). When creating the sandbox, we haven't specify the security group yet so the default security group is used. Users need to open ports in that security groups to access container from outside. Later, we could create a custom security group for each container, and automatically open ports that are exposed by the container. For more details of the design, please refer: https://review.openstack.org/#/c/365754/ Implements: blueprint neutron-integration Depends-On: Ib8f193ea1edf1f148e9ba505205495170ebf6d67 Change-Id: I1543f386b6439d305b308d6c6ebe073225223c25 2016-11-17 15:18:52 -06:00
			`# CentOS/RedHat distros don't start the services just after the package`
			`# is installed if it is not explicitily set. So the script fails on`
			`# them in this killall because there is nothing to kill.`
			`sudo killall docker \|\| true`

			`# Enable debug level logging`
			`if [ -f "/etc/default/docker" ]; then`
			`sudo cat /etc/default/docker`
			`sudo sed -i 's/^.DOCKER_OPTS=.$/DOCKER_OPTS=\"--debug --storage-opt dm.override_udev_sync_check=true\"/' /etc/default/docker`
			`sudo cat /etc/default/docker`
			`fi`
			`if [ -f "/etc/sysconfig/docker" ]; then`
			`sudo cat /etc/sysconfig/docker`
			`sudo sed -i 's/^.OPTIONS=.$/OPTIONS=--debug --selinux-enabled/' /etc/sysconfig/docker`
			`sudo cat /etc/sysconfig/docker`
			`fi`
			`if [ -f "/usr/lib/systemd/system/docker.service" ]; then`
			`sudo cat /usr/lib/systemd/system/docker.service`
			`sudo sed -i 's/docker daemon/docker daemon --debug/' /usr/lib/systemd/system/docker.service`
			`sudo cat /usr/lib/systemd/system/docker.service`
			`sudo systemctl daemon-reload`
			`fi`

			`sudo service docker start \|\| true`

			`# setup rootwrap filters`
			`local rootwrap_conf_src_dir="$DEST/zun/etc/nova"`
			`sudo install -o root -g root -m 644 $rootwrap_conf_src_dir/rootwrap.d/*.filters /etc/nova/rootwrap.d`
			`}`
devstack: restore xtrace in zun nova lib Change-Id: I196efbffbeb22b18ee07b6392373c877d9e1117b 2017-02-22 16:01:54 +08:00
			`# Restore xtrace`
			`$_XTRACE_ZUN_NOVA`