Move Dockerfiles into maas repo

- Move Dockerfile for MaaS region controller to this repo
- Move Dockerfile for MaaS rack controller to this repo
- Create Makefile with standard UCP entrypoints for image building
- Clean up chart to pass 'make lint'
- Update Dockerfiles to pin apt packages to explicit maas version

Change-Id: I4a540b16a4f75f4a1aae1eb9cfb1bb7a16de18d6
This commit is contained in:
Scott Hussey 2017-11-27 12:40:00 -06:00
parent f68f033784
commit 840075ca88
11 changed files with 405 additions and 19 deletions

71
Makefile Normal file
View File

@ -0,0 +1,71 @@
# Copyright 2017 AT&T Intellectual Property. All other rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
MAAS_IMAGE_COMMON ?= maas
REGION_SUFFIX ?= regiond
REGION_IMG_DIR ?= images/maas-region-controller
RACK_SUFFIX ?= rackd
RACK_IMG_DIR ?= images/maas-rack-controller
IMAGE_PREFIX ?= attcomdev
IMAGE_TAG ?= latest
HELM ?= helm
PROXY ?= http://one.proxy.att.com:8080
USE_PROXY ?= false
# Build all docker images for this project
.PHONY: images
images: build_rack build_region
# Create tgz of the chart
.PHONY: charts
charts: clean
$(HELM) dep up charts/maas
$(HELM) package charts/maas
# Perform Linting
.PHONY: lint
lint: helm_lint
# Dry run templating of chart
.PHONY: dry-run
dry-run: clean
tools/helm_tk.sh $(HELM)
$(HELM) template charts/maas
# Make targets intended for use by the primary targets above.
.PHONY: build_rack
build_rack:
ifeq ($(USE_PROXY), true)
docker build -t $(IMAGE_PREFIX)/$(MAAS_IMAGE_COMMON)-$(RACK_SUFFIX):$(IMAGE_TAG) -f $(RACK_IMG_DIR)/Dockerfile $(RACK_IMG_DIR) --build-arg http_proxy=$(PROXY) --build-arg https_proxy=$(PROXY)
else
docker build -t $(IMAGE_PREFIX)/$(MAAS_IMAGE_COMMON)-$(RACK_SUFFIX):$(IMAGE_TAG) -f $(RACK_IMG_DIR)/Dockerfile $(RACK_IMG_DIR)
endif
.PHONY: build_region
build_region:
ifeq ($(USE_PROXY), true)
docker build -t $(IMAGE_PREFIX)/$(MAAS_IMAGE_COMMON)-$(REGION_SUFFIX):$(IMAGE_TAG) -f $(REGION_IMG_DIR)/Dockerfile $(REGION_IMG_DIR) --build-arg http_proxy=$(PROXY) --build-arg https_proxy=$(PROXY)
else
docker build -t $(IMAGE_PREFIX)/$(MAAS_IMAGE_COMMON)-$(REGION_SUFFIX):$(IMAGE_TAG) -f $(REGION_IMG_DIR)/Dockerfile $(REGION_IMG_DIR)
endif
.PHONY: clean
clean:
rm -rf build
.PHONY: helm_lint
helm_lint: clean
tools/helm_tk.sh $(HELM)
$(HELM) lint charts/maas

View File

@ -1,18 +0,0 @@
#!/bin/bash
set -x
echo "register-rack-controller URL: ${MAAS_ENDPOINT}"
# register forever
while [ 1 ];
do
if maas-rack register --url=${MAAS_ENDPOINT} --secret="${MAAS_REGION_SECRET}";
then
echo "Successfully registered with MaaS Region Controller"
break
else
echo "Unable to register with ${MAAS_ENDPOINT}... will try again"
sleep 10
fi;
done;

View File

@ -36,4 +36,4 @@ data:
export-api-key.sh: |
{{ tuple "bin/_export-api-key.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
register-rack-controller.sh: |
{{ tuple "bin/_register-rack-controller.sh" . | include "helm-toolkit.utils.template" | indent 4 }}
{{ tuple "bin/_register-rack-controller.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}

132
images/README.md Normal file
View File

@ -0,0 +1,132 @@
[![Docker Repository on Quay](https://quay.io/repository/attcomdev/maas-rack/status "Docker Repository on Quay")](https://quay.io/repository/attcomdev/maas-region) Ubuntu MaaS Region Controller <br>
[![Docker Repository on Quay](https://quay.io/repository/attcomdev/maas-rack/status "Docker Repository on Quay")](https://quay.io/repository/attcomdev/maas-rack) Ubuntu MaaS Rack Controller
Overview
==================
The MaaS project attempts to build highly decoupled metal as a service containers for use on the Kubernetes platform. Today, we only break the MaaS service into the traditional region and rack controllers and breaking it down further is a work in progress.
Building Containers
===================
```
$ make build
```
Launching on Kubernetes
=======================
This will create the bridge necessary for MaaS provisioning (fixed with the name 'maas' rigt now) and launch the region controller
and rack controller containers on kubernetes using kubectl by leveraging the YAML manifests in maas/deployments.
```
$ make kuber_bridge
...
$ make kuber_deploy
sudo kubectl create -f deployment/maas-service.yaml
service "maas-region-ui" created
sudo kubectl create -f deployment/maas-region-deployment.yaml
deployment "maas-region" created
sudo kubectl create -f deployment/maas-rack-deployment.yaml
deployment "maas-rack" created
```
The provisioning network is fixed (and configured by kuber_bridge) as 10.7.200.0/24. To connect
external physical hardware to this network, simply place the network interface into the maas bridge, e.g:
```
brctl addif maas eth1
```
To destroy the kubernetes resources, you can run:
```
$ make kuber_clean
sudo kubectl delete deployment maas-region
deployment "maas-region" deleted
sudo kubectl delete deployment maas-rack
deployment "maas-rack" deleted
sudo kubectl delete service maas-region-ui
service "maas-region-ui" deleted
```
Once the region controller comes up, and you can login as admin/admin, you must configure a gateway within the UI on the
10.7.200.0 network, setting that to 10.7.200.1. You must also enable DHCP and set the primary rack controller to the
maas rack container booted (it will be a drop down choice). This will eventually be automated.
Running Containers
==================
```
$ make run_region
sudo docker run -d -p 7777:80 -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --name maas-region-controller maas-region:dockerfile
d7462aabf4d8982621c30d7df36adf6c3e0f634701c0a070f7214301829fa92e
```
```
$ make run_rack
sudo docker run -d -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --name maas-rack-controller maas-rack:dockerfile
fb36837cd68e56356cad2ad853ae517201ee3349fd1f80039185b71d052c5326
```
Region Bootstrap
================
The `scripts/create-provision-network.sh` script attempts to bootstrap both an admin user (with the password admin) but also creates a maas provisioning network matching the docker default, namely 172.16.86.0/24. Turning this into a more configurable setting and also allowing for a dedicated provisioning network that can be plugged in via bridging to an actual physical network is a work in progress. However, with the calls we do make you should be able to see the rack controller connected with an active dhcpd process running in the UI.
Retrieving Region Controller Details
====================================
Note that retrieving the API key may not be possible as MaaS region initialization is
delayed within the containers init startup. It may take 60 seconds or so in order
to retrieve the API key, during which you may see the following message:
```
$ make get_region_api_key
sudo docker exec maas-region-controller maas-region-admin apikey --username maas
WARNING: The maas-region-admin command is deprecated and will be removed in a future version. From now on please use 'maas-region' instead.
CommandError: User does not exist.
make: *** [get_region_api_key] Error 1
```
When the API is up and the admin user registered you will see the following:
```
$ make get_region_api_key
sudo docker exec maas-region-controller maas-region apikey --username admin
ksKQbjtTzjZrZy2yP7:jVq2g4x5FYdxDqBQ7P:KGfnURCrYSKmGE6k2SXWk4QVHVSJHBfr
```
You can also retrieve the region secret and IP address, used to initialize the
rack controller:
```
$ make get_region_secret
sudo docker exec maas-region-controller cat /var/lib/maas/secret && echo
2036ba7575697b03d73353fc72a01686
```
```
$ make get_region_ip_address
sudo docker inspect --format '{{ .NetworkSettings.Networks.bridge.IPAddress }}' maas-region-controller
172.16.86.4
```
Link Rack and Region
====================
Finally, with the output above we can link the region controller with the rack controller
by feeding the rack controller the endpoint and secret it requires. Shortly after MaaS
will initiate an image sync with the rack.
```
$ make register_rack -e URL=http://172.16.84.4 SECRET=2036ba7575697b03d73353fc72a01686
sudo docker exec maas-rack-controller maas-rack register --url http://172.16.84.4 --secret 2036ba7575697b03d73353fc72a01686
alan@hpdesktop:~/Workbench/att/attcomdev/dockerfiles/maas$
```
Finally, to access your MaaS UI, visit http://172.0.0.1:7777/MAAS/ and login as admin/admin.

View File

@ -0,0 +1,44 @@
FROM ubuntu:16.04
ENV DEBIAN_FRONTEND noninteractive
ENV container docker
# Don't start any optional services except for the few we need.
RUN find /etc/systemd/system \
/lib/systemd/system \
-path '*.wants/*' \
-not -name '*journald*' \
-not -name '*systemd-tmpfiles*' \
-not -name '*systemd-user-sessions*' \
-exec rm \{} \;
RUN systemctl set-default multi-user.target
# everything else below is to setup maas into the systemd initialized
# container based on ubuntu 16.04
RUN apt-get -qq update && \
apt-get -y install sudo software-properties-common
# TODO(alanmeadows)
# we need systemd 231 per https://github.com/systemd/systemd/commit/a1350640ba605cf5876b25abfee886488a33e50b
#RUN add-apt-repository ppa:pitti/systemd -y && add-apt-repository ppa:maas/stable -y && apt-get update
RUN apt-get install -y systemd
# install syslog and enable it
RUN apt-get install -y rsyslog
RUN systemctl enable rsyslog.service
# install maas
RUN rsyslogd; apt-get install -y maas-cli=2.2.2-6099-g8751f91-0ubuntu1~16.04.1 maas-rack-controller=2.2.2-6099-g8751f91-0ubuntu1~16.04.1
COPY scripts/register-rack-controller.sh /usr/local/bin
RUN chmod +x /usr/local/bin/register-rack-controller.sh
# register ourselves with the region controller
COPY scripts/register-rack-controller.service /lib/systemd/system/register-rack-controller.service
RUN systemctl enable register-rack-controller.service
RUN mv /usr/sbin/tcpdump /usr/bin/tcpdump
RUN ln -s /usr/bin/tcpdump /usr/sbin/tcpdump
# initalize systemd
CMD ["/sbin/init"]

View File

@ -0,0 +1 @@
[![Docker Repository on Quay](https://quay.io/repository/attcomdev/maas-rack/status "Docker Repository on Quay")](https://quay.io/repository/attcomdev/maas-rack) Ubuntu MaaS Rack Controller

View File

@ -0,0 +1,12 @@
[Unit]
Description=Register with MaaS Region Controller
Wants=network-online.target
After=network-online.target
[Service]
Type=oneshot
PassEnvironment=MAAS_ENDPOINT MAAS_REGION_SECRET
ExecStart=/usr/local/bin/register-rack-controller.sh
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,22 @@
#!/bin/bash
# show env
env > /tmp/env
echo "register-rack-controller URL: ${MAAS_ENDPOINT}"
# note the secret must be a valid hex value
# register forever
while [ 1 ];
do
if maas-rack register --url=http://${MAAS_ENDPOINT}/MAAS --secret="${MAAS_REGION_SECRET}";
then
echo "Successfully registered with MaaS Region Controller"
break
else
echo "Unable to register with http://${MAAS_ENDPOINT}/MAAS... will try again"
sleep 10
fi;
done;

View File

@ -0,0 +1,56 @@
FROM ubuntu:16.04
ENV DEBIAN_FRONTEND noninteractive
ENV container docker
ENV MAAS_VERSION 2.2.2-6099-g8751f91-0ubuntu1~16.04.1
# Don't start any optional services except for the few we need.
RUN find /etc/systemd/system \
/lib/systemd/system \
-path '*.wants/*' \
-not -name '*journald*' \
-not -name '*systemd-tmpfiles*' \
-not -name '*systemd-user-sessions*' \
-exec rm \{} \;
RUN systemctl set-default multi-user.target
# everything else below is to setup maas into the systemd initialized
# container based on ubuntu 16.04
RUN apt-get -qq update && \
apt-get -y install sudo software-properties-common
# TODO(alanmeadows)
# we need systemd 231 per https://github.com/systemd/systemd/commit/a1350640ba605cf5876b25abfee886488a33e50b
#RUN add-apt-repository ppa:pitti/systemd -y && add-apt-repository ppa:maas/stable -y && apt-get update
RUN apt-get install -y systemd
# install syslog and enable it
RUN apt-get install -y rsyslog
RUN systemctl enable rsyslog.service
# install maas
RUN rsyslogd; apt-get install -y maas-cli=$MAAS_VERSION \
maas-dns=$MAAS_VERSION \
maas-region-api=$MAAS_VERSION \
avahi-utils \
dbconfig-pgsql=2.0.4ubuntu1 \
iputils-ping \
postgresql \
tcpdump \
python3-pip
RUN apt-get download maas-region-controller=$MAAS_VERSION && \
# remove postinstall script in order to avoid db_sync
dpkg-deb --extract maas-region-controller*.deb maas-region-controller && \
dpkg-deb --control maas-region-controller*.deb maas-region-controller/DEBIAN && \
rm maas-region-controller/DEBIAN/postinst && \
dpkg-deb --build maas-region-controller && \
dpkg -i maas-region-controller.deb && \
pg_dropcluster --stop 9.5 main
# potentially used to calculate cidrs
# RUN pip3 install netaddr
# initalize systemd
CMD ["/sbin/init"]

View File

@ -0,0 +1 @@
[![Docker Repository on Quay](https://quay.io/repository/attcomdev/maas-rack/status "Docker Repository on Quay")](https://quay.io/repository/attcomdev/maas-region) Ubuntu MaaS Region Controller

65
tools/helm_tk.sh Executable file
View File

@ -0,0 +1,65 @@
#!/bin/bash
# Copyright 2017 AT&T Intellectual Property. All other rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Script to setup helm-toolkit and helm dep up the shipyard chart
#
HELM=$1
HTK_REPO=${HTK_REPO:-"https://github.com/openstack/openstack-helm"}
HTK_PATH=${HTK_PATH:-""}
DEP_UP_LIST=${DEP_UP_LIST:-"maas"}
if [[ ! -z $(echo $http_proxy) ]]
then
export no_proxy=$no_proxy,127.0.0.1
fi
set -x
function helm_serve {
if [[ -d "$HOME/.helm" ]]; then
echo ".helm directory found"
else
${HELM} init --client-only
fi
if [[ -z $(curl -s 127.0.0.1:8879 | grep 'Helm Repository') ]]; then
${HELM} serve & > /dev/null
while [[ -z $(curl -s 127.0.0.1:8879 | grep 'Helm Repository') ]]; do
sleep 1
echo "Waiting for Helm Repository"
done
else
echo "Helm serve already running"
fi
if ${HELM} repo list | grep -q "^stable" ; then
${HELM} repo remove stable
fi
${HELM} repo add local http://localhost:8879/charts
}
mkdir -p build
pushd build
git clone --depth 1 $HTK_REPO || true
pushd openstack-helm/$HTK_PATH
git pull
helm_serve
make helm-toolkit
popd && popd
for c in $DEP_UP_LIST
do
${HELM} dep up charts/$c
done