Adds support for configuration of the Docker client timeout via
'docker_client_timeout'.
This change also increases the default timeout to 120 seconds, as we
sometimes see timeouts in CI and heavily loaded or underpowered
environments. Increasing 'docker_client_timeout' further may be helpful
in cases where Docker reports 'Read timed out'.
Change-Id: I73745771078cb2c0ebae2b1d87ba2c4c12958d82
Closes-Bug: #1809844
* Deploy services using kolla-ansible deploy
* Reconfigure the image for one or more services to use an invalid
* config
* Deploy/reconfigure services using kolla-ansible reconfigure
The invalid config could be a wrong docker registry, wrong image name,
wrong tag, etc.
The restart handler for the service fails, and the old container is
left running.
The restart handler for the service fails, and the old container is
stopped and removed. This leaves the service in a broken state.
This change fixes the issue by pulling the image if necessary prior to
stopping and removing the container.
Change-Id: I85b2a1b224d4c4d85c32c4922a2cd2c41171a1dc
Closes-Bug: #1852572
In order to orchestrate smooth transition to fluentd 0.14.x
aka 1.0 stable branch aka td-agent 3
from td-agent repository - use image labels (fluentd_version
and fluentd_binary).
Depends-On: https://review.opendev.org/676411
Change-Id: Iab8518c34ef876056c6abcdb5f2e9fc9f1f7dbdd
Docker has no restart policy named 'never'. It has 'no'.
This has bitten us already (see [1]) and might bite us again whenever
we want to change the restart policy to 'no'.
This patch makes our docker integration honor all valid restart policies
and only valid restart policies.
All relevant docker restart policy usages are patched as well.
I added some FIXMEs around which are relevant to kolla-ansible docker
integration. They are not fixed in here to not alter behavior.
[1] https://review.opendev.org/667363
Change-Id: I1c9764fb9bbda08a71186091aced67433ad4e3d6
Signed-off-by: Radosław Piliszek <radoslaw.piliszek@gmail.com>
It is possible to reference undefined variable in kolla-docker module if
DockerWorker object initialization fail, so the current behaviour will
crash the playbook with the unwanted error message :
UnboundLocalError: local variable 'dw' referenced before assignment
Change-Id: Ic8d26b11f93255220888b5406f8ab4a6f81736c2
Closes-Bug: #1819361
By default, docker containers inherit ulimit from limits of docker
deamon. On CentOS 7, docker daemon default NOFILE is 1048576.
It can found in /usr/lib/systemd/system/docker.service.
The big limit will cause many problem. we should control it in
production environment.
Change-Id: Iab962446a94ef092977728259d9818b86cfa7f68
Nova services may reasonably expect cell databases to exist when they
start. The current cell setup tasks in kolla run after the nova
containers have started, meaning that cells may or may not exist in the
database when they start, depending on timing. In particular, we are
seeing issues in kolla CI currently with jobs timing out waiting for
nova compute services to start. The following error is seen in the nova
logs of these jobs, which may or may not be relevant:
No cells are configured, unable to continue
This change creates the cell0 and cell1 databases prior to starting nova
services.
In order to do this, we must create new containers in which to run the
nova-manage commands, because the nova-api container may not yet exist.
This required adding support to the kolla_docker module for specifying a
command for the container to run that overrides the image's command.
We also add the standard output and error to the module's result when a
non-detached container is run. A secondary benefit of this is that the
output of bootstrap containers is now displayed in the Ansible output if
the bootstrapping command fails, which will help with debugging.
Change-Id: I2c1e991064f9f588f398ccbabda94f69dc285e61
Closes-Bug: #1808575
This change adds support to comfigure tty,
it was enabled by default but a recent patch
removed it. Some services such as Karaf in opendaylight
requires a TTY during startup.
Closes-Bug: #1806662
Change-Id: Ia4335523b727d0e45505cbb1efb40ccf04c27db7
With a pseudo terminal, service is not treated as a daemon
and signals would not work as expected.
Change-Id: I16aa29a7924df51659d973a81d8005ae3d86f57b
Related-Bug: #1799642
This commit is to apply resource-constraints only to few OpenStack services.
Commit to apply constraints to other services will be made in coming commits.
Partially-Implements: blueprint resource-constraints
Change-Id: Icafa54baca24d2de64238222a5677b9d8b90e2aa
This commit will constrain the dimensions of service `Nova`
and sub-containers deployed along with it.
A user can give the dimension values in `/etc/kolla/globals.yml`
the data-types just like stated in this commit.
Reference-Docs:
https://docs.docker.com/config/containers/resource_constraints/
Added Test-cases for the same.
Partially-Implements: blueprint resource-constraints
Change-Id: I6458d8fb7b26a6e7c3a9fd0d674d9cf129b0bf5d
In old docker, if you do not specify ipc_mode, the default value is empty,
but in the latest docker, such as 17.09.0, if not specified, the default
is "IpcMode": "shareable", which will cause all containers to be deleted
and re-create when to redeploy or upgrade. This commit solves the
problem.
Change-Id: Ia8269b9c8066880e4aee23d6fdea8d9c04c41e44
Closes-Bug: #1747586
Missing container status check in recreate_or_restart_container,
this causes if the container is not running (kolla-ansible stop),
to not be started with deploy/reconfigure/upgrade if any other param
changes.
Change-Id: I5cff5f367e963ba8b1807ec46469da817e40e468
Closes-Bug: #1714015
Ansible check if modules parameters are named like
%password% and allow to hidden log param in this case.
This requires adding "no_log" parameters.
This patch just add "no_log" param in order to avoid
this warning.
Change-Id: I9c1df1093e0fd101090292d6e8bf3527f99aeb17
Closes-Bug: #1702244
The pypi package 'docker-py' [1] has been renamed to 'docker' [2].
It is better to move to the new 'docker' package because the old
package will be deprecated and all the new features will go into
the new package only.
Package 'docker' has been added to requirements [3]. The old
package 'docker-py' is still allowed to be in the global requirements
during the transition period but it should be removed after all or
most of the projects finsih the migration.
[1] https://pypi.python.org/pypi/docker-py
[2] https://pypi.python.org/pypi/docker
[3] https://review.openstack.org/#/c/423715/
Change-Id: Ibcd5a57a1fbf55dcc5a690e41f20917f95b63da0
In testcase, setUp will be called automatically. This patch used to
remove setUp functions that do nothing. Besides, it will keep code clean.
Change-Id: I60e368dc066af30ce2e53bf7e4cc7bba69387cd8
Currently, when stoping/restarting container, Kolla uses default timeout value
between SIGTERM and SIGKILL provided by docker which is 10 sec. But some
services require more than it to finish graceful shutdown progress.
This patchset adds graceful_timeout to kolla_docker to override the default
one.
Partial Implements: bp signaling-to-container
Change-Id: Ica0b48a53c650cc23dfa1955027d2cf936a5932f
At the moment, the process to determine if an image has
changed or not relies on the Docker API which depending
on the Docker release server can return different results.
This patch addresses this issue by grabbing the SHA256
of the image before pulling (defaulting to None if it does
not exist) and then comparing it after the pull is complete
which should always be successful at determining if the
image did change or not.
The test for unknown status images is removed because this
is not a possible scenario as we do not rely on status
anymore except for failures (which are still tested).
Change-Id: Ia60a7f34420b02f50597dddb96a4c36ff3996612
Closes-Bug: #1668059
There is inconsistent use of either `/usr/bin/python` or
`/usr/bin/env python`. This makes for unexpected results when a
user might be using a virtualenv.
Change-Id: Ibb030f920a8869f9113ade70b66a921cc815060d
bypass_checks is disabled by Ib2e19794bbe804470a880253d5870254041358c8 .
But we use pid_mode: "{{ service.pid_mode | default('') }}" pattern in
the yaml file. whereas pid_mode only support "host" value, this patch
add '' as a choice of these two parameters.
Change-Id: Ib83ed5e437ca868f0e42ce740ad1125d2fa48ff4
Recreate and start a new container when container parameter is changed
in COPY_ALWAYS strategy.
Change-Id: I1e45c0dc34a93a18b664109823d6fd5b88c331a2
Closes-Bug: #1659799
When using stream=True with docker-py it returns byte arrays rather than
strings.
Change-Id: I8eb6707ba2b122cf779135173abafe874b7223d2
Closes-Bug: #1643740
The parameter "required=True" is mistyped as "requried=True"
in ansible/library/kolla_docker.py and tests/test_kolla_docker.py
Closes bug: 1640423
Change-Id: I64c333275b9eb3eff5b1c0fa5d550f478e68020d
Current implementation has docker_restart_policy "always" and
docker_restart_policy_retry:"10" which should be mutually exclusive.
"unless-stopped" will restart the containers on any exit state
but not start on daemon startup if container was put to stopped state before.
Closes-Bug: #1621187
Change-Id: I4d881cd123a55625121b7a9047385e9b54e2e129
After docker 1.12, the RepoTags will be None rather than [] in the
image list API. This PS will handle the both case.
Change-Id: Ie2da44b44229c2f190550755b50876f607f9cc0c
Closes-Bug: #1608358
This patch check two senario
first if we choose to start a new container
with name say XXX, however in the env a container
already exist with XXX name and second to start a stopped container.
Change-Id: Ibd6c5fbcc6f37ea2481634ac2e6b3edb91ae7aab
Partially-Implements: blueprint ansible-unit-tests