89 Commits

Author SHA1 Message Date
rabi
c9557cb349 Remove heat-api-cloudwatch image
In 6d55417f80384ead56e176beec9e2fc4eb162d61 cloudwatch api
has been removed from heat.

Change-Id: I70cb2aec7f262ab3a4afc383b502c6fed68ce01c
Related-Bug: #1747294
2018-02-05 06:27:11 +00:00
egonzalez90
45c54d7959 Fix if $user is root at extend_start
In ubuntu is not evaluating correctly
if $user == root check at extend_start.

Changing to "$(whoami)" == 'root' fixes the issue

Change-Id: I296a1f98764cdfa09650c483bc7beba53e6bdba4
Closes-Bug: #1690360
2017-05-12 12:40:52 +00:00
Jawon Choo
31259fa595 Override image's meta info.
centos based images have wrong label info,
these changes fix own image's name and build-date.

Change-Id: I1d13f8f386c8db12b5fbe5f8ecbbf9e3fbb4ba1c
Closes-Bug: #1680341
2017-05-03 11:08:17 +09:00
Jenkins
baec569df3 Merge "Add missing cleanup step for heat images" 2017-04-20 15:36:00 +00:00
Martin André
3b7e44adee Add missing cleanup step for heat images
The heat images got apache as part of blueprint
apache-packages-for-apis without a cleaning up. Without this step the
containers may fail to restart due to runtime files already present.

Change-Id: I55a7144caa913117f71100f757b1e601de6471a6
Closes-Bug: #1679565
2017-04-20 10:17:58 +02:00
Chen
8c463a47a9 Use LABEL instead of MAINTAINER (deprecated) in all Dockerfile.j2
Use LABEL instruction instead of MAINTAINER (deprecated) instruc-
tion as suggested by Docker's official dockerfile guide.
docs.docker.com/engine/reference/builder/#maintainer-deprecated

Closes-Bug: #1683652

Change-Id: Ie87a1ddf31aefcd0b623fd2837d78de420e76898
2017-04-20 16:50:05 +09:00
Marcin Juszkiewicz
69fef5cd59 debian: enable all images enabled for Ubuntu
Debian support is not maintained in Kolla so it got a bit behind Ubuntu
one. This changeset enables Debian for all images. Jessie (even with
backports) may be too old for some images though.

Also unify distro check to ['debian', 'ubuntu'] to keep alphabetical order
like it is done for RPM distributions.

Partially-Implements: blueprint multiarch-and-arm64-containers

Change-Id: I056233fbfa277e0e2360c07c3f80d9558c554357
2017-04-04 22:48:18 +02:00
Eduardo Gonzalez
623e54da37 Alphabetize packages
Some images have packages sorted alphabetically and some not.
Unify common style between all images.

Change-Id: I906ed89c10b12886665618752f525ba71d83d991
2017-03-28 16:45:16 +01:00
Juan Antonio Osorio Robles
9df58642c6 RHEL: Add mod_ssl for services running over httpd
This apache module is necessary for when one wants to use TLS for the
services running over httpd.

This only addressed RHEL based systems at the moment, since there is no
such package available for Ubuntu. This requires apache2.2-common which
will carry a lot more dependencies; So I think this should be handled
and decided in a separate patch.

when installing mod_ssl in RHEL-based distributions, an ssl.conf file is
installed in the /etc/httpd/conf.d directory. This file tells httpd to
listen on port 443; however, we don't want to do this by default, since
this should be explicitly enabled by the container's configuration. This
line is thus removed from the configuration.

A release note was added, which specifies this. And the last sentence
can be removed if this is addressed for debian/ubuntu as well.

Related-Bug: #1675490
Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: Id6215d31547247309d43c031e163fa9e4c4ec5dc
2017-03-27 14:52:45 +03:00
Martin André
cc2f0462e7 Prevent apache from listening on port 80 for heat-base
A recent change added httpd to heat-base image without preventing it to
listen to port 80 like it is done for other images.

Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Change-Id: I52573c804bfdf729ef994012abb9d7e4c277585d
Closes-Bug: #1675308
2017-03-27 14:52:45 +03:00
Martin André
76ab2b84f4 Add Apache packages to heat containers
Some projects that use Kolla docker containers (TripleO) run heat under
httpd. This patch adds the httpd package so that it exists in the
container and can optionally by used via Docker entrypoints.

As many of these projects do not require the use of Apache (it is
opt-in) at this point not all deployment frameworks support the use of
it so the existing configuration defaults have been left as-is for now.

Change-Id: I4d648c4ce4f5f6ba311bfbbf9c78e06104163c61
Partially-Implements: blueprint apache-packages-for-apis
2017-03-14 17:55:07 +01:00
Martin André
dff9c6cfcc Add heat-api-cloudwatch image
The heat-api-cloudwatch service is used in TripleO.

Partially-Implements: blueprint containerize-tripleo
Change-Id: I98d251ea34cf7ee451b45f0b8c6873488a229c36
2017-03-09 09:11:58 +01:00
Jenkins
213a585ee6 Merge "Use install-pip macro in most source images" 2017-02-20 18:22:41 +00:00
Chao Guo
961224c6cf Use install-pip macro in most source images
1. Enable customization of pip packages in source
branch of most images
2. All pip packages install uniformly through
install-pip macro, user can easily customize his
own pip command (For example using a mirror)

Co-Authored-By: Mauricio Lima <mauriciolimab@gmail.com>
Change-Id: If09582039f690fa4136e8f33200d5da15e092da7
2017-02-17 08:49:32 -03:00
Dan Prince
9a64a8c027 Add heat-all container
TripleO makes use of a heat-all container for undercloud
installation. This container includes the API, Engine, and
a new heat-all launcher (included in the monolith package).

Implements: blueprint heat-all

Change-Id: If1cc3e959b63f775e15e6eeef4b54981fb3793e9
2017-02-15 12:02:38 -05:00
Jeffrey Zhang
e5903d5fa9 Remove include_header and include_footer in all Dockerfiles
include_header and include_footer parameter is already removed, remove
them in all Dockerfiles.
Add missing footer block.

Change-Id: I90da03eb9f95a3827361d5f5ede65fde7d6be2b3
2017-02-05 10:44:48 +08:00
Sam Yaple
58eee09c15 use static uid/gid in images
This centralizes all user and group creation into a single source. This
will fix any current and furture uid/gid mismatches (such as with
nova-libvirt).

In the process, we also unify users between the distros in a standard
way. The users in the following containers change from thier defaults:

Ubuntu: _chrony user is now chrony
Ubuntu: memcache user is now memcached
All: qemu user is used for ownership and socket permissions

All uid and gid numbers are customizable via kolla-build.conf

Co-Authored-By: Kris Lindgren <klindgren@godaddy.com>
Change-Id: I120f26ab0683dc87d69727c3df8d4707e52a4543
Partially-Implements: blueprint static-uid-gid
2017-01-17 09:02:21 -03:00
Jeffrey Zhang
6ef486fbff Remove footer block and variable in *-base images
Change-Id: I39aa88489f744f779150695f3f55ef80d42e1c61
Closes-Bug: #1653247
2017-01-05 22:05:29 +08:00
Christian Berendt
5cd30d4914 Remove Fedora support
Closes-bug: #1616387
Change-Id: Id97f88b9baa3d48d33ce120962450a374282d044
2016-11-03 10:50:22 +01:00
Christian Berendt
bcff0f8a9a Create the heat_stack_user/owner role in the heat role
Change-Id: I78ce0071474fc693aa2a05397b2a9b5974266cd9
Partial-bug: #1609814
2016-09-19 10:17:14 +02:00
Paul Bourke
b41247c656 Add header blocks to all Dockerfiles
Change needed to add header blocks to all Dockerfiles, similar to the
base.

Use case is to easily run something before packages are installed, e.g.
to COPY a local rpm in that can be added to the package list.

Change-Id: I1bbfdf0b762da0a392aa8bf47781315b45377bee
Closes-Bug: 1618969
2016-09-13 16:53:31 +01:00
Eduardo Gonzalez
8e98e5f15e Change source with dot at extend_start files
Is a best practice in Unix/Linux scripts to use dots
instead of source command.
Using dots will avoid issues with non BASH shells

TrivialFix
Change-Id: Ie6480a1954f853f79faffa093452715ebd9f7d90
Signed-off-by: Eduardo Gonzalez <dabarren@gmail.com>
2016-08-29 07:29:16 +02:00
Jenkins
d9db6bb81e Merge "Update heat base Dockerfile to include footers" 2016-08-19 14:14:58 +00:00
Shaun Smekel
a9d08726f5 Handle empty package list for install_packages
Currently if the install_packages macro is run with an empty
package list, it will add a yum or apt-get command with no
packages listed.

This bug fix aims to omit this line when no packages have
been given, or, the operator wants to use the "_override" /
"_remove" functionality to disable all packages being
installed in a Dockerfile.

Co-Authored-By: Paul Bourke <paul.bourke@oracle.com>
Change-Id: Ifaaaebfccc3adb0f2f68a35ac08e59378bc87fdb
Closes-bug: 1612446
2016-08-19 10:49:03 +00:00
Swapnil Kulkarni (coolsvap)
1370909830 Update heat base Dockerfile to include footers
This is not in sync with the current changes being
merged for customization

Change-Id: Ic6bbf32e2e48efef7cc0c5a3112a7fd8d09a5db6
Partially-implements: blueprint third-party-plugin-support
2016-08-18 14:09:29 +00:00
Dave Walker (Daviey)
c14636c61f Add --user-domain when adding heat role admin
The --user-domain parameter is required when adding the role for
Heat.  Without it, the command fails and the bootstrap
container exits early with the error message:

"No user with a name or ID of 'heat_domain_admin' exists."

Change-Id: I6f813edde3f437bca3ef521a43454146082bc5f5
Closes-bug: #1611768
Signed-off-by: Dave Walker (Daviey) <email@daviey.com>
2016-08-11 00:31:19 +01:00
Eduardo Gonzalez
489bcd3c75 Implement customizations for heat-api-cfn container
Add customizations for heat-api-cfn containers

Partially-implements: blueprint third-party-plugin-support
Change-Id: Ibee860cd902cbd4167e4ae20b498c4652c2ad430
Signed-off-by: Eduardo Gonzalez <dabarren@gmail.com>
2016-07-26 14:38:01 +01:00
Michal (inc0) Jastrzebski
e5788a06e4 Customizations for heat
This patchset contains customization of Dockerfile of heat containers

Change-Id: I3c2bae909ec6e8c3b0e460115ded3cc2456a212f
Partially-implements: blueprint third-party-plugin-support
2016-07-19 14:43:33 +00:00
Swapnil Kulkarni (coolsvap)
435b21b90d Update ubuntu dockerfiles for formatting
Change-Id: If4be00b937e14ec93443dcb7249cf17099d57cbe
Closes-Bug: #1569417
2016-05-26 04:09:22 +00:00
Jenkins
725505c906 Merge "Update Heat dockerfiles for formatting" 2016-04-13 07:48:09 +00:00
Steven Dake
11e5b7dfa9 Make Heat bootstrapping idempotent
Change-Id: I155707ec6c1973d2a36606a0c73e57bda58ed037
Closes-Bug: #1569696
2016-04-12 23:10:13 -07:00
Swapnil Kulkarni (coolsvap)
d206bd1b8b Update Heat dockerfiles for formatting
Change-Id: Ic6cc78f2d105dd6ae9de200fee40e9fa2031088f
Partial-Bug:#1569417
2016-04-12 21:24:59 +05:30
SamYaple
5b18913f36 Change heat domain to heat_user_domain
heat_user_domain is what is in the docs, but more importantly it is
what we have in Liberty and will be a requirement to doing upgrades
properly.

Change-Id: I9cf53d43b4faaa5d1b0156cc50192722d2739602
Closes-Bug: #1553565
2016-03-24 15:07:04 +00:00
Steven Dake
21ecd9925a Upgrade Heat
This could possibly use gold plating in how bootstrapping
operates to use shade rather than the shell in the container.
It is unclear why stack create failed prior to this patch, but
that fact hasn't changed.  I think the heat domains are not setup
properly in the configuration files, meaning that the domain ID
must be created outside of Heat and registered in the configuration
file.  This is covered in Bug #1553565.

Change-Id: I490d4dd68a101f388c0ecb4acab54d5eaa6e314e
Partially-Implements: blueprint kolla-upgrade
Implements: blueprint upgrade-heat
2016-03-09 03:50:03 -05:00
Éric Lemoine
93b5c12abf Remove duplicate code in heat extend_start.sh
Change-Id: I8970d02ccbed1dfc221683e273edc2680207056b
Partial-Bug: #1546944
2016-02-24 11:57:56 +01:00
Éric Lemoine
82264ab7d6 Make Heka collect Heat logs
Partially implements: blueprint heka
Change-Id: Ie22c4326c6ec2a3426b0c3b8fda4554b1b2541b0
2016-02-19 21:56:10 +00:00
Michal Rostecki
64b767f9f6 Use trusts in heat.conf
Change-Id: Ie91b3498e9f9d0d74a502ba6945db531ef967516
Closes-Bug: #1492736
2016-01-28 11:15:27 +01:00
Jenkins
64ca1ce5d9 Merge "Heat ubuntu binary container" 2015-12-30 08:33:27 +00:00
Artur Zarzycki
ac3d7c492e Heat ubuntu binary container
Change-Id: Iae54825c48da6b22bc83331918f5734f9821ea03
Partially-Implements: blueprint binary-ubuntu
2015-12-30 00:21:48 +01:00
SamYaple
cda0459ad1 Fix pip install settings
There were some inconsistencies with pip install instructions
thoughout Kolla. We fix those here.

Additionally, we fix the virtualenv to properly use the site-packages
on the host if a library is not available in the venv.

Change-Id: Ib84d48e8826bb96060338b3fa0782620c98794a8
Related-Bug: #1524684
Closes-Bug: #1529434
2015-12-27 03:35:35 +00:00
Michal Rostecki
febcb600f1 Source installation in virtualenv
Use virtualenv for installation of OpenStack projects and
dependencies to avoid conflicts with Python libraries installed
by non-OpenStack binary packages.

Change-Id: I21ecd673b2e93335b1d3dd4e279e940c9d694c3c
Implements: blueprint virtualenv
2015-11-27 10:22:17 +01:00
Swapnil Kulkarni (coolsvap)
59a1c8b9fb Remove hardcoded MAINTAINER in Dockerfiles
Added new option in kolla-build.conf

Change-Id: I45fe51966bcb59ea19d112281ba3d5a1ba091a56
Closes-Bug:#1514304
2015-11-23 11:03:47 +00:00
Sam Yaple
ea9d5cd067 Move USER operation after footer
The USER operation affects all docker commands after it. This causes a
problem with our {{ include_footer }} implementation since commands in
that footer may require elevated permissions to perform.

In the current implementation I can no longer remove my proxy settings
once the USER has been changed.

Change-Id: I9b2bab5a15f595f6d52a46c64ddf59ba5608b938
Partially-Implements: blueprint drop-root
2015-11-12 14:34:09 +00:00
Steven Dake
d11b8f260b Drop root for heat
Drop root user for heat containers.

Change-Id: Ib07c0193f97bb18cc6154b4015b4056fd983f6c1
Partially-Implements: blueprint drop-root
2015-11-11 14:50:02 -05:00
Steven Dake
5e15ee16de install openstack-heat-common in heat-base
the openstack-heat-common package installs the Heat UID/GID.
This is necessary pre-work for drop-root for heat services.

Change-Id: I247b0209248de144d20f5245973833be5cd8f14f
Partially-Implements: blueprint drop-root
2015-11-11 14:50:02 -05:00
Paul Bourke
c1b75765f8 Use openstack/requirements for heat
See Iccb4e99f8e4b6659a19c1817d0f4c697824af25c for context.

Change-Id: I36de9a5c52ac265d0fb54ba7d540048aedf33fde
Partial-Bug: #150530
2015-10-15 11:09:33 +00:00
Sam Yaple
5f200e0446 Fix issue with su and bad kernels
Long story short, some kernels before 3.15 had an issue with using su
in a container when the network namespace was --net=host. The gate
has a 3.10 and a 3.13 kernel and has a problem with this. This changes
everything to use sudo

backport: liberty
Partially-Implements: blueprint functional-testing-gate
Change-Id: I4d79ccaa1cddffcc8393f64e7e1be2538efe33e5
2015-10-13 15:13:55 +00:00
Sam Yaple
cb4e875ae1 Common start.sh
The majority of the start.sh code is identical. This removes that
duplicate code while still maintaining the ability to call code in a
specific container.

The start.sh is moved into /usr/local/bin/kolla_start in the container

The extend_start.sh script is called by the kolla_start script at the
location /usr/local/bin/kolla_extend_start . It always exists because
we create a noop kolla_extend_start in the base directory. We override
it with extend_start.sh in a specific image should we need to.

Of note, the neutron-agents container is exempt from this new
structure due to it being a fat container.

Additionally, we fix the inconsistent permissions throughout. 644 for
repo files and the scripts are set to 755 via a Docker RUN command to
ensure someones local perm change won't break upstream containers.

Change-Id: I7da8d19965463ad30ee522a71183e3f092e0d6ad
Closes-Bug: #1501295
2015-10-06 03:30:26 +00:00
Jenkins
a0ac876494 Merge "Heat doesn't need to specify python-oslo-reports" 2015-09-28 11:07:58 +00:00
Jenkins
6a622ec82c Merge "Implement a install_type and install_metatype" 2015-09-28 10:49:53 +00:00