From f88ca0f862da4b040b9e0aaac7ac1b952bd0c08b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Andr=C3=A9?= Date: Thu, 23 Mar 2017 09:45:50 +0100 Subject: [PATCH] Prevent apache from listening on port 80 A few new images got apache as part of blueprint apache-packages-for-apis without restricting it to listen on port 80. This commit fixes it for all images with the exception of heat-base so that it can be cleanly backported to stable/ocata. Co-Authored-By: Juan Antonio Osorio Robles Change-Id: Idd3bbeffea9233eaed420798e22ea9a3a517c166 Closes-Bug: #1675308 --- docker/cinder/cinder-api/Dockerfile.j2 | 10 ++++++++-- docker/ironic/ironic-pxe/Dockerfile.j2 | 6 ++++-- docker/nova/nova-api/Dockerfile.j2 | 12 +++++++++--- 3 files changed, 21 insertions(+), 7 deletions(-) diff --git a/docker/cinder/cinder-api/Dockerfile.j2 b/docker/cinder/cinder-api/Dockerfile.j2 index ac2860c891..6c6800fba7 100644 --- a/docker/cinder/cinder-api/Dockerfile.j2 +++ b/docker/cinder/cinder-api/Dockerfile.j2 @@ -12,14 +12,17 @@ MAINTAINER {{ maintainer }} 'httpd', 'mod_wsgi' ] %} +{{ macros.install_packages(cinder_api_packages | customizable("packages")) }} +RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf {% elif base_distro in ['ubuntu'] %} {% set cinder_api_packages = [ 'cinder-api', 'apache2', 'libapache2-mod-wsgi' ] %} - {% endif %} {{ macros.install_packages(cinder_api_packages | customizable("packages")) }} +RUN echo > /etc/apache2/ports.conf + {% endif %} {% elif install_type == 'source' %} {% if base_distro in ['centos', 'oraclelinux', 'rhel'] %} @@ -27,13 +30,16 @@ MAINTAINER {{ maintainer }} 'httpd', 'mod_wsgi' ] %} +{{ macros.install_packages(cinder_api_packages | customizable("packages")) }} +RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf {% elif base_distro in ['ubuntu'] %} {% set cinder_api_packages = [ 'apache2', 'libapache2-mod-wsgi' ] %} - {% endif %} {{ macros.install_packages(cinder_api_packages | customizable("packages")) }} +RUN echo > /etc/apache2/ports.conf + {% endif %} {% endif %} diff --git a/docker/ironic/ironic-pxe/Dockerfile.j2 b/docker/ironic/ironic-pxe/Dockerfile.j2 index 7540b536a3..658a83d631 100644 --- a/docker/ironic/ironic-pxe/Dockerfile.j2 +++ b/docker/ironic/ironic-pxe/Dockerfile.j2 @@ -13,6 +13,8 @@ MAINTAINER {{ maintainer }} 'ipxe-bootimgs', 'mod_wsgi' ] %} +{{ macros.install_packages(ironic_pxe_packages | customizable("packages")) }} +RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf {% elif base_distro in ['ubuntu', 'debian'] %} {% set ironic_pxe_packages = [ 'tftpd-hpa', @@ -23,9 +25,9 @@ MAINTAINER {{ maintainer }} 'ipxe', 'libapache2-mod-wsgi' ] %} -{% endif %} - {{ macros.install_packages(ironic_pxe_packages | customizable("packages")) }} +RUN echo > /etc/apache2/ports.conf +{% endif %} COPY tftp-map-file /map-file COPY extend_start.sh /usr/local/bin/kolla_ironic_extend_start diff --git a/docker/nova/nova-api/Dockerfile.j2 b/docker/nova/nova-api/Dockerfile.j2 index 0e9eeb1241..287b3a2d0e 100644 --- a/docker/nova/nova-api/Dockerfile.j2 +++ b/docker/nova/nova-api/Dockerfile.j2 @@ -13,6 +13,8 @@ MAINTAINER {{ maintainer }} 'httpd', 'mod_wsgi' ] %} +{{ macros.install_packages(nova_api_packages | customizable("packages")) }} +RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf {% elif base_distro in ['ubuntu'] %} @@ -23,8 +25,9 @@ MAINTAINER {{ maintainer }} 'libapache2-mod-wsgi' ] %} - {% endif %} {{ macros.install_packages(nova_api_packages | customizable("packages")) }} +RUN echo > /etc/apache2/ports.conf + {% endif %} {% elif install_type == 'source' %} @@ -34,6 +37,8 @@ MAINTAINER {{ maintainer }} 'httpd', 'mod_wsgi' ] %} +{{ macros.install_packages(nova_api_packages | customizable("packages")) }} +RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf {% elif base_distro in ['ubuntu'] %} @@ -42,9 +47,10 @@ MAINTAINER {{ maintainer }} 'libapache2-mod-wsgi' ] %} - {% endif %} - {{ macros.install_packages(nova_api_packages | customizable("packages")) }} +RUN echo > /etc/apache2/ports.conf + + {% endif %} {% endif %}