From 856238c56acb669c8e10cf1f0e0f4e0c9467c7e9 Mon Sep 17 00:00:00 2001 From: Steve Baker Date: Thu, 16 Oct 2025 11:57:36 +1300 Subject: [PATCH] Switch graphical console image to ubuntu by default The centos Containerfile still exists and the launch scripts have been adapted to work on both distros. The ubuntu container has been tested with noble. The container built in the CI jobs is bound to the version of ubuntu which the host is running, which will provide functional testing validation when jobs are moved to newer releases. Change-Id: I1954e418543acf939bf65189121484e038f3737c Signed-off-by: Steve Baker Signed-off-by: Julia Kreger --- devstack/lib/ironic | 6 ++- pyproject.toml | 3 +- ...tu-vnc-containerfile-c4f0dba3c469a9c0.yaml | 6 +++ .../{Containerfile => Containerfile.centos} | 3 ++ tools/vnc-container/Containerfile.ubuntu | 37 +++++++++++++++++++ tools/vnc-container/README.rst | 2 +- tools/vnc-container/bin/start-firefox.sh | 14 +++---- tools/vnc-container/bin/start-x11vnc.sh | 10 ++--- tools/vnc-container/bin/stop-firefox.sh | 4 +- 9 files changed, 66 insertions(+), 19 deletions(-) create mode 100644 releasenotes/notes/ubuntu-vnc-containerfile-c4f0dba3c469a9c0.yaml rename tools/vnc-container/{Containerfile => Containerfile.centos} (76%) create mode 100644 tools/vnc-container/Containerfile.ubuntu diff --git a/devstack/lib/ironic b/devstack/lib/ironic index 2444f0b0ad..60fe558883 100644 --- a/devstack/lib/ironic +++ b/devstack/lib/ironic @@ -1342,7 +1342,11 @@ function install_ironic { # buildah required below to build the VNC container install_package podman systemd-container slirp4netns buildah pushd $IRONIC_DIR/tools/vnc-container - buildah bud -f ./Containerfile -t localhost/ironic-vnc-container + if is_ubuntu; then + buildah bud --from quay.io/opendevmirror/ubuntu:$VERSION_ID -f ./Containerfile.ubuntu -t localhost/ironic-vnc-container + elif is_fedora; then + buildah bud -f ./Containerfile.centos -t localhost/ironic-vnc-container + fi popd fi } diff --git a/pyproject.toml b/pyproject.toml index 581043166e..1a9c12c474 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -241,7 +241,8 @@ packages = [ [tool.setuptools.data-files] "share/ironic/vnc-container" = [ - "tools/vnc-container/Containerfile", + "tools/vnc-container/Containerfile.ubuntu", + "tools/vnc-container/Containerfile.centos", "tools/vnc-container/README.rst", ] "share/ironic/vnc-container/bin" = [ diff --git a/releasenotes/notes/ubuntu-vnc-containerfile-c4f0dba3c469a9c0.yaml b/releasenotes/notes/ubuntu-vnc-containerfile-c4f0dba3c469a9c0.yaml new file mode 100644 index 0000000000..39255f5e8f --- /dev/null +++ b/releasenotes/notes/ubuntu-vnc-containerfile-c4f0dba3c469a9c0.yaml @@ -0,0 +1,6 @@ +--- +features: + - | + Adds a new Ubuntu based container file for VNC graphical client + operation containers, which is above and beyond the stock Centos + based VNC. diff --git a/tools/vnc-container/Containerfile b/tools/vnc-container/Containerfile.centos similarity index 76% rename from tools/vnc-container/Containerfile rename to tools/vnc-container/Containerfile.centos index 2b5885ced3..58d21ec8c5 100644 --- a/tools/vnc-container/Containerfile +++ b/tools/vnc-container/Containerfile.centos @@ -20,6 +20,9 @@ ENV APP='fake' ENV APP_INFO={} ENV READ_ONLY=False ENV DEBUG=0 +ENV FIREFOX=firefox +ENV FIREFOX_CONFIG_DIR=/home/firefox/.mozilla/firefox +ENV EXTENSION_PATH="/usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/@ironic-console.openstack.org" ADD bin/* /usr/local/bin ADD drivers /drivers diff --git a/tools/vnc-container/Containerfile.ubuntu b/tools/vnc-container/Containerfile.ubuntu new file mode 100644 index 0000000000..7a2e1041fc --- /dev/null +++ b/tools/vnc-container/Containerfile.ubuntu @@ -0,0 +1,37 @@ +FROM ubuntu:noble + +# firefox-esr is installed from the mozillateam ppa because the ubuntu +# packaged fedora exits with a message to install the snap + +RUN apt-get update && \ + apt-get install -y \ + dumb-init \ + iproute2 \ + procps \ + psmisc \ + python3-requests \ + software-properties-common \ + x11vnc \ + xvfb && \ + add-apt-repository ppa:mozillateam/ppa && \ + apt-get install -y \ + firefox-esr && \ + useradd --create-home --shell /bin/bash firefox + +ENV DISPLAY_WIDTH=1280 +ENV DISPLAY_HEIGHT=960 + +ENV APP='fake' +ENV APP_INFO={} +ENV READ_ONLY=False +ENV DEBUG=0 +ENV FIREFOX=firefox-esr +ENV FIREFOX_CONFIG_DIR=/home/firefox/.mozilla/firefox-esr +ENV EXTENSION_PATH="/usr/lib/firefox-esr-addons/extensions/@ironic-console.openstack.org" + +ADD bin/* /usr/local/bin +ADD drivers /drivers +ADD extension /usr/lib/firefox-esr-addons/extensions/@ironic-console.openstack.org + +ENTRYPOINT ["/usr/bin/dumb-init", "--"] +CMD ["/usr/local/bin/start-x11vnc.sh"] \ No newline at end of file diff --git a/tools/vnc-container/README.rst b/tools/vnc-container/README.rst index 506ce08ef6..10c4f66a73 100644 --- a/tools/vnc-container/README.rst +++ b/tools/vnc-container/README.rst @@ -18,7 +18,7 @@ Building and using To build the container image for local use, install ``buildah`` and run the following as the user which runs ironic-conductor:: - buildah bud -f ./Containerfile -t localhost/ironic-vnc-container + buildah bud -f ./Containerfile.ubuntu -t localhost/ironic-vnc-container The ``systemd`` container provider (or an external provider) can then be configured to use this image in ``ironic.conf``: diff --git a/tools/vnc-container/bin/start-firefox.sh b/tools/vnc-container/bin/start-firefox.sh index 11bf307d81..fb54eb7246 100755 --- a/tools/vnc-container/bin/start-firefox.sh +++ b/tools/vnc-container/bin/start-firefox.sh @@ -2,16 +2,16 @@ set -ex -if pgrep -x firefox >/dev/null; then +if pgrep -x $FIREFOX >/dev/null; then echo "Firefox is already running. Exiting." exit 0 fi -rm -rf ~/.mozilla/firefox +rm -rf $FIREFOX_CONFIG_DIR -firefox -CreateProfile ironic-vnc +$FIREFOX -CreateProfile ironic-vnc -pushd ~/.mozilla/firefox/*.ironic-vnc +pushd $FIREFOX_CONFIG_DIR/*.ironic-vnc cert-override.py > cert_override.txt popd @@ -19,11 +19,11 @@ popd DEBUG=${DEBUG:-0} if [ "$DEBUG" = "2" ]; then # show tabs and a javascript console - firefox -width ${DISPLAY_WIDTH} -height ${DISPLAY_HEIGHT} -P ironic-vnc -jsconsole & + $FIREFOX -width ${DISPLAY_WIDTH} -height ${DISPLAY_HEIGHT} -P ironic-vnc -jsconsole & elif [ "$DEBUG" = "1" ]; then # show tabs - firefox -width ${DISPLAY_WIDTH} -height ${DISPLAY_HEIGHT} -P ironic-vnc & + $FIREFOX -width ${DISPLAY_WIDTH} -height ${DISPLAY_HEIGHT} -P ironic-vnc & else # fully locked down kiosk mode - firefox -width ${DISPLAY_WIDTH} -height ${DISPLAY_HEIGHT} -P ironic-vnc --kiosk & + $FIREFOX -width ${DISPLAY_WIDTH} -height ${DISPLAY_HEIGHT} -P ironic-vnc --kiosk & fi diff --git a/tools/vnc-container/bin/start-x11vnc.sh b/tools/vnc-container/bin/start-x11vnc.sh index 8eba51ca7d..dc320774e1 100755 --- a/tools/vnc-container/bin/start-x11vnc.sh +++ b/tools/vnc-container/bin/start-x11vnc.sh @@ -1,9 +1,6 @@ #!/bin/bash -set -ex - - -extension_path="/usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/@ironic-console.openstack.org" +set -x set +e APP_NAME=$(discover-app.py) @@ -11,17 +8,16 @@ if [ $? -ne 0 ]; then export ERROR="${APP_NAME}" APP_NAME="error" fi - set -e -cat << EOF > "${extension_path}/config.js" +cat << EOF > "${EXTENSION_PATH}/config.js" let config = { app: "${APP_NAME}", app_info: ${APP_INFO} }; EOF -sed -i "s#APP_NAME#${APP_NAME}#g" "${extension_path}/manifest.json" +sed -i "s#APP_NAME#${APP_NAME}#g" "${EXTENSION_PATH}/manifest.json" mkdir -p /etc/firefox/policies policies.py > /etc/firefox/policies/policies.json diff --git a/tools/vnc-container/bin/stop-firefox.sh b/tools/vnc-container/bin/stop-firefox.sh index 6880fd22da..f73bad44fc 100755 --- a/tools/vnc-container/bin/stop-firefox.sh +++ b/tools/vnc-container/bin/stop-firefox.sh @@ -5,7 +5,7 @@ set -ex connections=$(ss --no-header state established '( dport = :5900 or sport = :5900 )' | wc -l) if [ "$connections" -eq 0 ]; then - killall -s SIGTERM firefox + killall -s SIGTERM $FIREFOX else - echo "Active VNC connection detected, deferring firefox shutdown." + echo "Active VNC connection detected, deferring $FIREFOX shutdown." fi