Add fuel-centos-build container for fuel/centos

fuel/centos will now be built from CentOS6 container dynamically with current package set instead of being periodically rebuilt. It uses ami-creator, which only runs on CentOS. It is run inside Docker so it can be used on an Ubuntu build host. After the image is created, img2docker loads the content into Docker as a Docker image. Consolidates save/load to a single archive instead of rolling up separate container tar files. Note that fuel-centos.done target depends on RPM package build to avoid race conditions where repo metadata is updated while base image is being built. Change-Id: I62abc07e79847b5c69eaa1a983575b214ebed649 Closes-Bug: #1336911
2015-02-13 09:08:40 +00:00 · 2015-02-13 09:08:40 +00:00 · 381491f7e8
parent b975019fab
commit 381491f7e8
8 changed files with 288 additions and 26 deletions
--- a/docker/fuel-centos-build/Dockerfile
+++ b/docker/fuel-centos-build/Dockerfile
@ -0,0 +1,20 @@
+#fuel/centos-docker-build
+FROM centos:centos6
+
+MAINTAINER Matthew Mosesohn mmosesohn@mirantis.com
+
+RUN echo -e "[nailgun]\nname=Nailgun Local Repo\nbaseurl=http://$(route -n | awk '/^0.0.0.0/ { print $2 }'):_PORT_/os/x86_64/\ngpgcheck=0" > /etc/yum.repos.d/nailgun.repo;yum clean all;yum --quiet install -y sudo ami-creator livecd-tools python-imgcreate python-setuptools
+
+ADD start.sh /usr/local/bin/start.sh
+ADD fuel-centos.ks /root/fuel-centos.ks
+
+RUN chmod 755 /usr/local/bin/start.sh
+
+RUN sed -i '/requiretty/s/^/#/g' /etc/sudoers;touch /etc/sysconfig/network;mkdir -p /var/lib/hiera && touch /var/lib/hiera/common.yaml
+
+#Replace repo and port in makefile
+RUN sed -i "s/^url .*/url --url=http:\/\/$(route -n | awk '/^0.0.0.0/ { print $2 }'):_PORT_\/os\/x86_64\//" /root/fuel-centos.ks
+RUN sed -i "s/^repo .*/repo --name='Nailgun' --baseurl=http:\/\/$(route -n | awk '/^0.0.0.0/ { print $2 }'):_PORT_\/os\/x86_64\//" /root/fuel-centos.ks
+
+CMD ["/usr/local/bin/start.sh"]
+
--- a/docker/fuel-centos-build/fuel-centos.ks
+++ b/docker/fuel-centos-build/fuel-centos.ks
@ -0,0 +1,201 @@
+install
+url --url=http://_REPOURL_:_REPOPORT_/os/x86_64
+lang en_US.UTF-8
+keyboard uk
+network --device eth0 --bootproto dhcp
+rootpw --iscrypted $1$UKLtvLuY$kka6S665oCFmU7ivSDZzU.
+authconfig --enableshadow --passalgo=sha512 --enablefingerprint
+selinux --disabled
+timezone --utc Etc/UTC
+#repo --name="CentOS" --baseurl=http://mirror.centos.org/centos/6/os/x86_64/ --cost=100
+repo --name="Fuel CentOS" --baseurl=http://_REPOURL_:_REPOPORT_/os/x86_64 --cost 100
+#repo --name="Updates" --baseurl=http://mirror.centos.org/centos-6/6/updates/x86_64/ --cost=100
+# CentOSPlus is here ONLY for a libselinux patch.
+# Once 6.6 is released, this should be removed
+# http://lists.centos.org/pipermail/centos-devel/2014-May/010345.html
+#repo --name="CentOSPlus" --baseurl=http://mirror.centos.org/centos-6/6/centosplus/x86_64/ --cost=1000
+
+clearpart --all --initlabel
+part / --fstype ext4 --size=2048 --grow
+reboot
+%packages  --excludedocs --nobase
+@Core
+-MAKEDEV
+-aic94xx-firmware
+-atmel-firmware
+-b43-openfwwf
+-bfa-firmware
+-dhclient
+-efibootmgr
+-ethtool
+-initscripts
+-iproute
+-iptables
+-iptables-ipv6
+-iputils
+-ipw2100-firmware
+-ipw2200-firmware
+-ivtv-firmware
+-iwl100-firmware
+-iwl1000-firmware
+-iwl3945-firmware
+-iwl4965-firmware
+-iwl5000-firmware
+-iwl5150-firmware
+-iwl6000-firmware
+-iwl6000g2a-firmware
+-iwl6050-firmware
+-kbd
+-kernel-firmware
+-libertas-usb8388-firmware
+-openssh-server
+-postfix
+-policycoreutils
+-ql2100-firmware
+-ql2200-firmware
+-ql23xx-firmware
+-ql2400-firmware
+-ql2500-firmware
+-redhat-logos
+-rt61pci-firmware
+-rt73usb-firmware
+-selinux-policy
+-selinux-policy-targeted
+-upstart
+-xorg-x11-drv-ati-firmware
+-zd1211-firmware
+anacron
+bzip2
+cobbler
+cobbler-web
+cronie
+crontabs
+dnsmasq
+fence-agents
+httpd
+logrotate
+nginx
+openstack-keystone
+openssh-clients
+postgresql-server
+postgresql-libs
+postgresql
+python-alembic
+python-amqplib
+python-anyjson
+python-argparse
+python-babel
+python-ceilometerclient
+python-cinderclient
+python-crypto
+python-daemonize
+python-decorator
+python-django
+python-fabric
+python-fysom
+python-heatclient
+python-iso8601
+python-jinja2
+python-jsonschema
+python-keystoneclient
+python-keystonemiddleware
+python-kombu
+python-mako
+python-markupsafe
+python-muranoclient
+python-netaddr
+python-neutronclient
+python-netifaces
+python-novaclient
+python-oslo-config
+python-paste
+python-ply
+python-psycopg2
+python-requests
+python-saharaclient
+python-simplejson
+python-six
+python-sqlalchemy
+python-stevedore
+python-urllib3
+python-webpy
+python-wsgilog
+python-wsgiref
+PyYAML
+python-novaclient
+python-networkx-core
+pytz
+rabbitmq-server
+rsync
+ruby21-mcollective
+ruby21-rubygem-mcollective-client
+ruby21-puppet
+ruby21-rubygem-activesupport
+ruby21-rubygem-amqp
+ruby21-rubygem-mcollective-client
+ruby21-rubygem-symboltable
+ruby21-rubygem-rest-client
+ruby21-rubygem-popen4
+ruby21-rubygem-raemon
+ruby21-rubygem-net-ssh
+ruby21-rubygem-net-ssh-gateway
+ruby21-rubygem-net-ssh-multi
+screen
+send2syslog
+sudo
+supervisor
+sysstat
+tar
+tftp-server
+uwsgi-plugin-python
+vim-minimal
+vim
+xinetd
+%end
+
+%post
+# randomize root password and lock root account
+dd if=/dev/urandom count=50 | md5sum | passwd --stdin root
+passwd -l root
+
+# create necessary devices
+/sbin/MAKEDEV /dev/console
+
+# cleanup unwanted stuff
+
+# ami-creator requires grub during the install, so we remove it (and
+# its dependencies) in %post
+rpm -e grub redhat-logos
+rm -rf /boot
+
+# some packages get installed even though we ask for them not to be,
+# and they don't have any external dependencies that should make
+# anaconda install them
+rpm -e MAKEDEV ethtool upstart initscripts iputils policycoreutils iptables \
+    iproute
+
+# Remove files that are known to take up lots of space but leave
+# directories intact since those may be required by new rpms.
+
+# locales
+find
+/usr/{{lib,share}/{i18n,locale},{lib,lib64}/gconv,bin/localedef,sbin/build-locale-archive} \
+        -type f | xargs /bin/rm
+
+#  man pages and documentation
+find /usr/share/{man,doc,info,gnome/help} \
+        -type f | xargs /bin/rm
+
+#  cracklib
+find /usr/share/cracklib \
+        -type f | xargs /bin/rm
+
+#  sln
+rm -f /sbin/sln
+
+#  ldconfig
+/sbin/ldconfig
+
+%end
+
+
--- a/docker/fuel-centos-build/img2docker.sh
+++ b/docker/fuel-centos-build/img2docker.sh
@ -0,0 +1,32 @@
+#!/bin/bash
+#
+# This script imports a raw image into Docker.  It takes two
+# arguments: the name of the image file, and the tag to assign to the
+# Docker image that it creates.
+
+set -e
+usage() {
+    echo "usage: $(basename $0) <image> <tag>"
+    exit 1
+}
+
+image="$1"
+tag="$2"
+
+if [ -z "$image" ] || [ -z "$tag" ]; then
+    usage
+fi
+
+mount="$(mktemp -d --tmpdir)"
+mount -o loop "$image" "$mount"
+
+cd "$mount"
+
+#this tar seems to cause issues such as rpmdb corruption
+#tar -cpSf - --acls --selinux --xattrs * | docker import - "$tag"
+
+tar --numeric-owner -c . | docker import - "$tag"
+
+cd - >& /dev/null
+umount "$mount"
+rmdir "$mount"
--- a/docker/fuel-centos-build/start.sh
+++ b/docker/fuel-centos-build/start.sh
@ -0,0 +1,14 @@
+#!/bin/bash -xe
+
+# Clean rpm locks before puppet run.
+# See ticket https://bugs.launchpad.net/fuel/+bug/1339236
+rm -f /var/lib/rpm/__db.*
+rpm --rebuilddb
+
+#Create loop devices if needed for ami-creator to setup image
+for loopdev in `seq 1 9`; do
+  mknod "/dev/loop${loopdev}" -m0660 b 7 ${loopdev} || :
+done
+cd /export
+ami-creator -c /root/fuel-centos.ks -n fuel-centos
+
--- a/docker/module.mk
+++ b/docker/module.mk
@ -1,4 +1,5 @@
 .PHONY: docker
+containers:=astute cobbler mcollective nailgun keystone nginx ostf rsync rsyslog rabbitmq postgres

 docker: $(ARTS_DIR)/$(DOCKER_ART_NAME)

@ -19,9 +20,9 @@ $(BUILD_DIR)/docker/build.done: \
 else
 # Lrzip all containers into single archive
 $(BUILD_DIR)/docker/build.done: \
-		$(BUILD_DIR)/docker/busybox.done \
+		$(BUILD_DIR)/docker/fuel-centos.done \
 		$(BUILD_DIR)/docker/sources.done
-	(cd $(BUILD_DIR)/docker/containers && tar cf $(BUILD_DIR)/docker/fuel-images.tar *.tar)
+	sudo docker save fuel/centos busybox $(foreach cnt,$(containers), fuel/$(cnt)_$(PRODUCT_VERSION)) > $(BUILD_DIR)/docker/fuel-images.tar
 	lrzip -L2 -U -D -f $(BUILD_DIR)/docker/fuel-images.tar -o $(BUILD_DIR)/docker/$(DOCKER_ART_NAME)
 	rm -f $(BUILD_DIR)/docker/fuel-images.tar
 	$(ACTION.TOUCH)
@ -52,7 +53,6 @@ $(BUILD_DIR)/docker/$1.done: \
 	cp $(SOURCE_DIR)/docker/docker-astute.yaml $(BUILD_DIR)/docker/$1/etc/fuel/astute.yaml
 	rsync -a $(BUILD_DIR)/repos/fuellib/deployment/puppet/* $(BUILD_DIR)/docker/$1/etc/puppet/modules/
 	sudo docker build --force-rm -t fuel/$1_$(PRODUCT_VERSION) $(BUILD_DIR)/docker/$1
-	sudo docker save fuel/$1_$(PRODUCT_VERSION) > $(BUILD_DIR)/docker/containers/$1.tar
 	kill `cat /tmp/simple_http_daemon_$(RANDOM_PORT).pid`
 	$$(ACTION.TOUCH)
 endef
@ -62,20 +62,26 @@ $(BUILD_DIR)/docker/base-images.done: \
 	for container in $(LOCAL_MIRROR_DOCKER_BASEURL)/*.xz; do xz -dkc -T0 $$container | sudo docker load; done
 	$(ACTION.TOUCH)

-$(BUILD_DIR)/docker/busybox.done: \
-		$(BUILD_DIR)/docker/base-images.done
-	mkdir -p "$(BUILD_DIR)/docker/containers"
-	sudo docker save busybox > $(BUILD_DIR)/docker/containers/busybox.tar
+$(BUILD_DIR)/docker/fuel-centos.done: \
+		$(BUILD_DIR)/docker/base-images.done \
+		$(BUILD_DIR)/mirror/centos/build.done \
+		$(BUILD_DIR)/packages/rpm/build.done
+	(cd $(LOCAL_MIRROR_CENTOS) && python $(SOURCE_DIR)/utils/simple_http_daemon.py $(RANDOM_PORT) /tmp/simple_http_daemon_$(RANDOM_PORT).pid)
+	rm -rf $(BUILD_DIR)/docker/fuel-centos-build
+	cp -a $(SOURCE_DIR)/docker/fuel-centos-build $(BUILD_DIR)/docker/fuel-centos-build
+	sed -e "s/_PORT_/$(RANDOM_PORT)/" -i $(BUILD_DIR)/docker/fuel-centos-build/Dockerfile
+	sudo docker build -t fuel/fuel-centos-build $(BUILD_DIR)/docker/fuel-centos-build
+	mkdir -p "$(BUILD_DIR)/docker/centos/output"
+	echo "Generating fuel/centos base image. Refer to $(BUILD_DIR)/docker/fuel-centos-build.log if it fails."
+	sudo docker -D run --rm -a stdout -a stderr -i -t --privileged -v $(LOCAL_MIRROR_CENTOS)/os/x86_64/:/repo:ro -v $(BUILD_DIR)/docker/centos/output:/export fuel/fuel-centos-build 2>&1 > $(BUILD_DIR)/docker/fuel-centos-build.log
+	sudo $(SOURCE_DIR)/docker/fuel-centos-build/img2docker.sh $(BUILD_DIR)/docker/centos/output/fuel-centos.img fuel/centos
 	$(ACTION.TOUCH)

 $(BUILD_DIR)/docker/sources.done: \
 		$(find-files $(SOURCE_DIR)/docker)
 	mkdir -p $(BUILD_DIR)/docker/sources $(BUILD_DIR)/docker/utils
-	find $(SOURCE_DIR)/docker -mindepth 1 -type d | xargs -I{} cp -r "{}" $(BUILD_DIR)/docker/sources/
-	cp $(LOCAL_MIRROR_DOCKER_BASEURL)/fuel-centos.tar.xz $(BUILD_DIR)/docker/
-	cp $(LOCAL_MIRROR_DOCKER_BASEURL)/busybox.tar.xz $(BUILD_DIR)/docker/
+	find $(SOURCE_DIR)/docker -mindepth 1 -type d -not -name '*fuel-centos-build*' | xargs cp -r --target-directory=$(BUILD_DIR)/docker/sources
 	cp -r $(SOURCE_DIR)/utils/simple_http_daemon.py $(BUILD_DIR)/docker/utils
 	$(ACTION.TOUCH)

-containers:=astute cobbler mcollective nailgun keystone nginx ostf rsync rsyslog rabbitmq postgres
 $(foreach cnt,$(containers),$(eval $(call build_container,$(cnt))))
--- a/docker/nailgun/Dockerfile
+++ b/docker/nailgun/Dockerfile
@ -17,9 +17,6 @@ ADD start.sh /usr/local/bin/start.sh
 RUN puppet apply --detailed-exitcodes -d -v /etc/puppet/modules/nailgun/examples/nailgun-only.pp; [[ $? == 0 || $? == 2 ]]
 RUN mkdir -p /var/log/remote /var/www/nailgun

-#clean everything up
-RUN yum --quiet remove -y gcc-c++ --skip-broken
-
 RUN echo -e "[nailgun]\nname=Nailgun Local Repo\nbaseurl=file:/var/www/nailgun/centos/x86_64\ngpgcheck=0" > /etc/yum.repos.d/nailgun.repo; yum clean all; chmod +x /usr/local/bin/start.sh

 EXPOSE 8001
--- a/iso/bootstrap_admin_node.docker.sh
+++ b/iso/bootstrap_admin_node.docker.sh
@ -60,8 +60,8 @@ if [ -f /root/.build_images ]; then
  trap fail EXIT

  echo "Loading Fuel base image for Docker..."
-  docker load -i /var/www/nailgun/docker/images/fuel-centos.tar.xz
-  docker load -i /var/www/nailgun/docker/images/busybox.tar.xz
+  lrzip -d -o /var/www/nailgun/docker/images/fuel-images.tar /var/www/nailgun/docker/images/fuel-images.tar.lrz
+  docker load -i /var/www/nailgun/docker/images/fuel-images.tar

  echo "Building Fuel Docker images..."
  RANDOM_PORT=$(shuf -i 9000-65000 -n 1)
@ -100,16 +100,10 @@ else
  pushd $images_dir &>/dev/null

  echo "Extracting and loading docker images. (This may take a while)"
-  lrzip -d -o fuel-images.tar fuel-images.tar.lrz && tar -xf fuel-images.tar && rm -f fuel-images.tar
+  lrzip -d -o /var/www/nailgun/docker/images/fuel-images.tar /var/www/nailgun/docker/images/fuel-images.tar.lrz
+  docker load -i /var/www/nailgun/docker/images/fuel-images.tar
  popd &>/dev/null

-  # load docker images
-  for image in $images_dir/*tar ; do
-      echo "Loading docker image ${image}..."
-      docker load -i "$image"
-      # clean up extracted image
-      rm -f "$image"
-  done
 fi

 # apply puppet
--- a/iso/module.mk
+++ b/iso/module.mk
@ -117,8 +117,6 @@ $(ISOROOT)/puppet-slave.tgz: $(BUILD_DIR)/puppet/$(PUPPET_ART_NAME)
 $(ISOROOT)/docker.done: $(BUILD_DIR)/docker/build.done
 	mkdir -p $(ISOROOT)/docker/images
 	cp $(BUILD_DIR)/docker/$(DOCKER_ART_NAME) $(ISOROOT)/docker/images/$(DOCKER_ART_NAME)
-	cp $(BUILD_DIR)/docker/fuel-centos.tar.xz $(ISOROOT)/docker/images/fuel-centos.tar.xz
-	cp $(BUILD_DIR)/docker/busybox.tar.xz $(ISOROOT)/docker/images/busybox.tar.xz
 	cp -a $(BUILD_DIR)/docker/sources $(ISOROOT)/docker/sources
 	cp -a $(BUILD_DIR)/docker/utils $(ISOROOT)/docker/utils
 	$(ACTION.TOUCH)