openstack/kayobe
Code Issues Proposed changes
e72688ff11
kayobe/doc/source/configuration/reference/seed-custom-containers.rst
Maksim Malchuk e3c1efc865 Set slightly more accurate name for the manage containers role 
Follow-up on I43a9c2a57fcfe2c9d84f39903aac7c258f9a897f. As discussed
before we set slightly more accurate name for the manage containers
role since using 'deploy-containers' role with action 'destroy' can
be a little confusing.

Change-Id: I6d4a3479d492e0fe86ce3de7414fa47c584577ea
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2024-06-27 23:01:51 +00:00

2.6 KiB
Raw Blame History

Seed custom containers

This section covers configuration of the user-defined containers deployment functionality that runs on the seed host.

Configuration

For example, to deploy a squid container image:

seed_containers:
  squid:
    image: "stackhpc/squid:3.5.20-1"
    pre: "{{ kayobe_env_config_path }}/containers/squid/pre.yml"
    post: "{{ kayobe_env_config_path }}/containers/squid/post.yml"
    pre_destroy: "{{ kayobe_env_config_path }}/containers/squid/pre_destroy.yml"
    post_destroy: "{{ kayobe_env_config_path }}/containers/squid/post_destroy.yml"

Please notice the optional pre, post, pre_destroy, and post_destroy Ansible task files - those need to be created in kayobe-config path. The table below describes when they will run:

Container hooks
Hook Trigger point
pre Before container deployment
post After container deployment
pre_destroy Before container is destroyed
post_destroy After container is destroyed

Possible options for container deployment:

seed_containers:
  containerA:
    capabilities:
    command:
    comparisons:
    detach:
    env:
    network_mode:
    image:
    init:
    ipc_mode:
    pid_mode:
    ports:
    privileged:
    restart_policy:
    shm_size:
    sysctls:
    tag:
    ulimits:
    user:
    volumes:

For a detailed explanation of each option - please see Ansible docker_container module page.

List of Kayobe applied defaults to required docker_container variables:

../../../../ansible/roles/manage-containers/defaults/main.yml

Docker registry

Seed containers can be pulled from a docker registry deployed on the seed, since the docker registry deployment step precedes the custom container deployment step.

It is also possible to deploy a custom containerised docker registry as a custom seed container. In this case, basic authentication login attempts can be disabled by setting

seed_deploy_containers_registry_attempt_login: false

Without this setting, the login will fail because the registry has not yet been deployed.

More information on deploying a docker registry can be found here <configuration-docker-registry>.