* Inspected each error and fixed / added nosec where appropriate.
* build-swift-ring.py which was throwing sec errors is no longer used so
removed it.
* Removed the dev/ directory from being checked.
Closes-Bug: #1617713
Change-Id: I25664cabca4137e5c9f499c1af3f5ce78b86fb56
This patchset contains customization of Dockerfile of the RabbitMQ
container.
Change-Id: I5b0120dc63586b3bf2312375de963fe8434a48b8
Partially-implements: blueprint third-party-plugin-support
In kolla-kubernetes environment rabbitmq bootstrap process fails when
.erlang.cookie already exists, the issue is consistently reproduced when
using persistent storage PV/PVC. This PS prevents this type of failure.
TrivialFix
Change-Id: I3509650b1c11aa45cd5ae2d8eea6523201bfb1de
- use rabbitmq official package since debian
does not offer required version
- force-depend since we do not install logrotate
Change-Id: I0818a6807210eb861aab5ef36d1f807a0ce435b2
Partially-implements: blueprint build-debian
String parsing for gospel node detection was overly complex and not
robust. Hopefully this will make it better.
Closes-bug: #1573684
Change-Id: I12e869eff274d286d239c4f55cc4b4ddca389bbd
Main issue with rabbitmq clusterer setup is to shut down gospel node
as last one, which is bulk of this change
Co-Authored-By: Sam Yaple <sam@yaple.net>
Change-Id: I88e566a19ed813b0e3eef65ef7139ccfaa0c2700
Implements: blueprint upgrade-rabbitmq
Partially-implements: blueprint upgrade-kolla
The rabbitmq-server package is upgraded to 3.5.7 in cloud-archive
so we update centos to match
The xen-utils package now needs an explict version, xen-utils-4.6 is
what is provided by cloud-archive mitaka
Libvirt 1.3 is in the ubuntu cloud-archive. This has a new daemon for
logging that needs further implementation in newton. For now, it has
been disabled within the qemu.conf
Co-Authored-By: Jeffrey Zhang <jeffrey.zhang@99cloud.net>
TrivialFix
Change-Id: I84217824817c484b6800a64cbd7767b127a3098e
Drop root privileges for rabbitmq. Only the rabbitmq user
will be able to execute chown of /var/lib/rabbitmq.
Change-Id: I546e6b475a8462bfbc75972854e1fee64f96d9cb
Partially-Implements: blueprint drop-root
Pin rabbitmq to 3.5.5 for RPM platforms. This version is the latest
and sparkly with lots of bug fixes. Tested multi-node HA and everything
seems solid in comparison to the 3.3.z releases used previously.
backport: liberty
Change-Id: I53bf70175fd12ded132141aa499c73919a932cdf
Closes-Bug: #1503280
The majority of the start.sh code is identical. This removes that
duplicate code while still maintaining the ability to call code in a
specific container.
The start.sh is moved into /usr/local/bin/kolla_start in the container
The extend_start.sh script is called by the kolla_start script at the
location /usr/local/bin/kolla_extend_start . It always exists because
we create a noop kolla_extend_start in the base directory. We override
it with extend_start.sh in a specific image should we need to.
Of note, the neutron-agents container is exempt from this new
structure due to it being a fat container.
Additionally, we fix the inconsistent permissions throughout. 644 for
repo files and the scripts are set to 755 via a Docker RUN command to
ensure someones local perm change won't break upstream containers.
Change-Id: I7da8d19965463ad30ee522a71183e3f092e0d6ad
Closes-Bug: #1501295
This prepares for the RHEL OSP implementation by making the build
tool convert all binary-* into an install_type of binary and * into
an install_metatype variable substitution inside the Dockerfiles.
Further binary-* is substituted as install_name to enable proper
building only.
Change-Id: Ib681b29176eb79a3cab12ec824313fdecb6e7a5f
Partially-Implements: blueprint rhel-based-image-support
I removed the files but not the COPY commands thus breaking all of
Kolla
Change-Id: I37d3e0cb94a1ecc12971f485f953310ba8fee53c
Partially-Implements: blueprint replace-config-external
Removes config-external for all services that have been replaced in
Ansible
Change-Id: I839a14418638b977fbc1d02ba6839811b0f909ea
Partially-Implements: blueprint replace-config-external
Add 'rhel' to list for RPM based distros. Also sort the distro
list for rpm packages for affected lines.
Change-Id: Ied4cb3e9763d6c6359f314d16185383ac3e006ed
Partially-Implements: blueprint rhel-based-image-support
Updated build.py to reflect this change.
Deprecate --template option and make it a noop.
Change-Id: I7cd98d1ee684a4c64984a49597159868152683b2
Partially-Implements: blueprint remove-docker-dir
As a restructure, nothing is changed from the original behaviour and
naming despite the file structure changing. The symlinks to build had
to be updated generating lots of "deleted" and "new_file".
The new structure is:
docker/${base_distro}/${type}/${container}
base_distro == centos, ubuntu, fedora, etc
type == source, binary, rdo
type rdo is a symlink to binary for backwards compatibility
Two new flags are added to the build-all script to support the ability
to support different base distros and a flag to support binary or source
containers.
There are several added folders that are empty to hold the directory
structure for future containers of these types.
To use a prefix other than centos-rdo- you can set PREFIX in the toplevel
directory .buildconf file
Change-Id: Ifc7bac0d827470f506c8b5c004a833da9ce13b90
This represents making build-docker-images --release build
with the icehouse tag and causes docker-compsoe to pull from
the icehouse tag.
Partially-implements: blueprint port-kilo
Change-Id: I66b2c39abc55c0f47152dd90e696fc46b9c58f50
By changing the PREFIX variable in the .buildconf one is now able to
build docker images from different bases.
For example, add the following line to your .buildconf file to build
CentOS based images:
PREFIX=centos-rdo-
Default base image is Fedora. For now only RH family is supported.
Additionally, changing the namespace either with the NAMESPACE variable
in .buildconf or via --namespace commandline option now changes the
source namespace as well from the default kollaglue one.
Implements: blueprint multi-baseos
Co-Authored-By: Steven Dake <stdake@cisco.com>
Change-Id: I3964cd2292789ea883a1f2d2738a5731a4fff49b
Previously, the rabbit container was configured for use in
a k8s cluster. This patch updates the container to run with fig
instead of k8s.
Change-Id: Ie04f2f16771c0f733b7b09b7747325bf0d7fb1a9
Also, fixed up environment variable to use RABBITMQ_NODE_PORT, which is
what RabbitMQ expects (http://www.rabbitmq.com/configure.html).
Implements: blueprint kube-rabbitmq-container
Change-Id: Iacc2ea5d3c4a002e6920ed17cb21733a0cbd8d21
Let's get that quickly so we can add a gate. There was some respacing
along the way (used http://jsonlint.com)
Change-Id: Id18b9f9757306cf3f06e6221a21a9f600db1bd2e
This patch replaces the collection of individual "build" scripts with a
single script (tools/build-docker-image), made available as "build"
inside each image directory.
The build-docker-image script will, by default, build images tagged with
the current commit id in order to prevent developers from accidentally
stepping on each other or on release images.
Documentation in docs/image-building.md describes the script in more
detail.
Change-Id: I444d5c2256a85223f8750a0904cb4b07f18ab67f
Previously images were based from RHEL OSP + RDO Icehouse. This presents
a problem in that internal urls are used to access the rhel7 repositories.
For new contributors, we need something that can be accessed without special
rhel7 permissions.
mariadb and rabbitmq can from fedora
cinder, glance, keystone can from fedora-rdo-base
This patch also uses the RDO repositories from upstream. This patch also
udpates the base fedora image with latest bits.