Docker Container support for instack-virt-setup

docker/README.md

@@ -0,0 +1,137 @@
+Instack Docker Setup
+====================
+
+The instack Docker setup provides an environment equivalent to that produced by
+running instack-virt-setup in a reuseable Docker container.
+
+
+Running the instack-virt-setup Docker image
+-------------------------------------------
+
+Pull the image from the docker registry.
+
+        docker pull slagle/instack-virt-setup
+
+Run the image. The container must be started with --privileged so that libvirt
+has access to create networks. A host path must also be mounted into the
+container at /var/lib/libvirt/images for the instack vm's to use to write their
+disks to. This is required because Docker containers are currently limited to
+10 GB of disk usage, and this will quickly get used up if the vm disks are
+written inside the container directly. In the command below I'm using
+/storage/docker/lib, but any host path with at least 30 GB free should do.
+
+        docker run \
+            -it \
+            --name instack-virt-setup \
+            --privileged \
+            --volume /storage/docker/lib:/var/lib/libvirt/images \
+            slagle/instack-virt-setup
+        
+
+
+Building the instack-virt-setup Docker image
+--------------------------------------------
+Building the docker image is a multi-step process. There is a Dockerfile to
+help with building the initial image. A container must then be started using
+that image, modified, and then committed to a new final image.
+
+
+1. Build a qcow2 disk image for the instack undercloud vm
+
+        UNDERCLOUD_ROOT_PASSWORD=${UNDERCLOUD_ROOT_PASSWORD:-""}
+        UNDERCLOUD_PASSWORD_ARG=
+        if [ $UNDERCLOUD_ROOT_PASSWORD ]; then
+          UNDERCLOUD_PASSWORD_ARG="--root-password password:$UNDERCLOUD_ROOT_PASSWORD"
+        fi
+
+        export UNDERCLOUD_VM_NAME=${UNDERCLOUD_VM_NAME:-"instack"}
+
+        virt-builder fedora-20 $UNDERCLOUD_PASSWORD_ARG \
+          --size 30G \
+          --format qcow2 \
+          -o $UNDERCLOUD_VM_NAME.qcow2 \
+          --install net-tools,yum-utils,git \
+          --firstboot-command \
+            'useradd -m -G wheel -p "" stack ; echo "stack:stack" | chpasswd' \
+          --firstboot-command \
+            'echo "stack ALL=(root) NOPASSWD:ALL" >> /etc/sudoers.d/stack ; chmod 0440 /etc/sudoers.d/stack'
+
+        # Run image through virt-sparsify
+        virt-sparsify instack.qcow2 instack.qcow2.new
+        mv instack.qcow2.new instack.qcow2
+
+1. Make sure you have the fedora Docker image pulled
+
+        docker pull fedora
+
+1. Build the initial image
+
+        cd instack-undercloud/docker/instack-virt
+        docker build -t instack-virt .
+
+1. Start a container based on that image
+
+        docker run -it --name instack-virt --privileged instack-virt
+
+1. ssh as root to the container, then do the following steps:
+
+        mkdir /var/lib/libvirt/base-images
+
+        su - stack
+
+        # The following are the same steps from instack-virt-setup, with the call to
+        # virt-builder removed. We should just update that script to make that
+        # call optional.
+        source /usr/libexec/openstack-tripleo/devtest_variables.sh
+        export NODE_ARCH=${NODE_ARCH:-amd64}
+
+        tripleo devtest_testenv.sh instackenv.json
+
+        sudo virsh undefine --remove-all-storage seed
+
+
+        UNDERCLOUD_ROOT_PASSWORD=${UNDERCLOUD_ROOT_PASSWORD:-""}
+        UNDERCLOUD_PASSWORD_ARG=
+        if [ $UNDERCLOUD_ROOT_PASSWORD ]; then
+          UNDERCLOUD_PASSWORD_ARG="--root-password password:$UNDERCLOUD_ROOT_PASSWORD"
+        fi
+
+        export UNDERCLOUD_VM_NAME=${UNDERCLOUD_VM_NAME:-"instack"}
+
+        tripleo configure-vm \
+            --name $UNDERCLOUD_VM_NAME \
+            --image /var/lib/libvirt/images/$UNDERCLOUD_VM_NAME.qcow2 \
+            --seed \
+            --libvirt-nic-driver virtio \
+            --arch x86_64 \
+            --memory 2097152 \
+            --cpus 1
+
+1. Still ssh'd as root to the container, vi /start.sh and replace its contents
+   with the following:
+
+        #!/bin/bash
+
+        for i in $(seq 0 4); do 
+            if [ ! -f /var/lib/libvirt/images/baremetal_$i.qcow2 ]; then
+                qemu-img create -f qcow2 /var/lib/libvirt/images/baremetal_$i.qcow2 31G
+            fi
+        done
+
+        if [ ! -f /var/lib/libvirt/images/instack.qcow2 ]; then
+            qemu-img create -f qcow2 -b /var/lib/libvirt/base-images/instack.qcow2 /var/lib/libvirt/images/instack.qcow2
+        fi
+
+        /usr/share/openvswitch/scripts/ovs-ctl start --system-id=random
+        supervisord -n
+           
+1. Back on the docker host, copy the created instack.qcow2 into the
+   /var/lib/libvirt/base-images directory in the container.
+
+1. Back on the docker host, stop the container
+
+        docker stop instack-virt
+
+1. Commit the container to a new image
+
+        docker commit instack-virt-setup instack-virt

docker/instack-virt/Dockerfile

@@ -0,0 +1,40 @@
+FROM fedora
+MAINTAINER James Slagle <slagle@redhat.com>
+
+RUN yum -y install supervisor
+
+RUN yum -y install openssh-server
+RUN echo root | passwd --stdin root
+EXPOSE 22
+COPY sshd.ini /etc/supervisord.d/sshd.ini
+RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' 
+
+RUN yum -y install libvirt libvirt-daemon-kvm
+COPY libvirtd.ini /etc/supervisord.d/libvirtd.ini
+
+RUN yum -y install openvswitch
+
+COPY start.sh /start.sh
+RUN chmod 0755 /start.sh
+CMD /start.sh
+
+RUN useradd stack
+RUN echo stack | passwd --stdin stack
+RUN echo "stack ALL=(root) NOPASSWD:ALL" > /etc/sudoers.d/stack
+RUN chmod 0440 /etc/sudoers.d/stack
+
+RUN echo 'export LIBVIRT_DEFAULT_URI="qemu:///system"' >> /home/stack/.bashrc
+
+RUN yum install -y http://rdo.fedorapeople.org/openstack-icehouse/rdo-release-icehouse.rpm
+RUN yum install -y instack-undercloud
+RUN yum install -y libguestfs-tools
+
+RUN groupadd libvirtd
+RUN usermod -a -G libvirtd stack
+RUN sed -i "s/^#unix_sock_group.*/unix_sock_group = \"libvirtd\"/g" /etc/libvirt/libvirtd.conf; \
+    sed -i 's/^#auth_unix_rw.*/auth_unix_rw = "none"/g' /etc/libvirt/libvirtd.conf; \
+    sed -i 's/^#unix_sock_rw_perms.*/unix_sock_rw_perms = "0770"/g' /etc/libvirt/libvirtd.conf
+
+RUN yum -y install libvirt-python
+
+RUN yum clean all

docker/instack-virt/libvirtd.ini

@@ -0,0 +1,2 @@
+[program:libvirtd]
+command=/usr/sbin/libvirtd

docker/instack-virt/sshd.ini

@@ -0,0 +1,2 @@
+[program:sshd]
+command=/usr/sbin/sshd -D

docker/instack-virt/start.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+/usr/share/openvswitch/scripts/ovs-ctl start --system-id=random
+supervisord -n