build-swift-ring.py is an ancient artifact from early Kolla days when
Swift was first implemented. It's not documented nor recommended to be
used.
Change-Id: I98f567067e455344ed68774cb35c3f3db26be74d
There are corresponding ansible changes to go with these image
changes - add nc to swift image, and create dir for lock files.
nc allows for rsync replication to easily target {{ swift_rsync_port }}
change the lock file location for swift user to access - see bug
for more details.
Change-Id: I78826aeee35601ff65cbe50932482ef2f68346ae
Closes-Bug: #1733851
The rational for packaging swift-object-expirer in
openstack-swift-proxy is detailed in
https://bugzilla.redhat.com/show_bug.cgi?id=1382921
It is a conscious packaging choice and not a bug, and as so update the
comment in swift-object-expirer image.
Change-Id: Ibccfa1482d3aeccf86a57603d9dedecbcc7d097c
centos based images have wrong label info,
these changes fix own image's name and build-date.
Change-Id: I1d13f8f386c8db12b5fbe5f8ecbbf9e3fbb4ba1c
Closes-Bug: #1680341
Use LABEL instruction instead of MAINTAINER (deprecated) instruc-
tion as suggested by Docker's official dockerfile guide.
docs.docker.com/engine/reference/builder/#maintainer-deprecated
Closes-Bug: #1683652
Change-Id: Ie87a1ddf31aefcd0b623fd2837d78de420e76898
Debian support is not maintained in Kolla so it got a bit behind Ubuntu
one. This changeset enables Debian for all images. Jessie (even with
backports) may be too old for some images though.
Also unify distro check to ['debian', 'ubuntu'] to keep alphabetical order
like it is done for RPM distributions.
Partially-Implements: blueprint multiarch-and-arm64-containers
Change-Id: I056233fbfa277e0e2360c07c3f80d9558c554357
1. Enable customization of pip packages in source
branch of most images
2. All pip packages install uniformly through
install-pip macro, user can easily customize his
own pip command (For example using a mirror)
Co-Authored-By: Mauricio Lima <mauriciolimab@gmail.com>
Change-Id: If09582039f690fa4136e8f33200d5da15e092da7
include_header and include_footer parameter is already removed, remove
them in all Dockerfiles.
Add missing footer block.
Change-Id: I90da03eb9f95a3827361d5f5ede65fde7d6be2b3
This centralizes all user and group creation into a single source. This
will fix any current and furture uid/gid mismatches (such as with
nova-libvirt).
In the process, we also unify users between the distros in a standard
way. The users in the following containers change from thier defaults:
Ubuntu: _chrony user is now chrony
Ubuntu: memcache user is now memcached
All: qemu user is used for ownership and socket permissions
All uid and gid numbers are customizable via kolla-build.conf
Co-Authored-By: Kris Lindgren <klindgren@godaddy.com>
Change-Id: I120f26ab0683dc87d69727c3df8d4707e52a4543
Partially-Implements: blueprint static-uid-gid
The swift-object-expirer is provided by the 'openstack-swift-proxy'
package and thus it is unavailable on swift-object image. This change
adds a new Docker image to fulfill this requirement and stop using
swift-object image in this case.
This image is needed while RDO does not fix the packaging. The issue
is being tracked in:
https://bugzilla.redhat.com/show_bug.cgi?id=1382921
Change-Id: Idc7ee92d756d8923da2198ede33abf5ed1142041
Closes-Bug: 1630425
Change needed to add header blocks to all Dockerfiles, similar to the
base.
Use case is to easily run something before packages are installed, e.g.
to COPY a local rpm in that can be added to the package list.
Change-Id: I1bbfdf0b762da0a392aa8bf47781315b45377bee
Closes-Bug: 1618969
* Inspected each error and fixed / added nosec where appropriate.
* build-swift-ring.py which was throwing sec errors is no longer used so
removed it.
* Removed the dev/ directory from being checked.
Closes-Bug: #1617713
Change-Id: I25664cabca4137e5c9f499c1af3f5ce78b86fb56
Currently if the install_packages macro is run with an empty
package list, it will add a yum or apt-get command with no
packages listed.
This bug fix aims to omit this line when no packages have
been given, or, the operator wants to use the "_override" /
"_remove" functionality to disable all packages being
installed in a Dockerfile.
Co-Authored-By: Paul Bourke <paul.bourke@oracle.com>
Change-Id: Ifaaaebfccc3adb0f2f68a35ac08e59378bc87fdb
Closes-bug: 1612446
This patchset contains customization of Dockerfile of Swift
containers.
Change-Id: I69250c4d9f6cc3949c9b9b52ea4b0cc2aec0231e
Partially-implements: blueprint third-party-plugin-support
This PS configures swift-rsyncd process to use non-default port
from the range above 1024.
Change-Id: I7c37c548a5185a2ffac789383fe012619e401131
Closes-Bug: #1573137
Due to lack of /var/cache/swift directory, swift services
are unable to access /var/cache/swift/container.recon file.
Closes-Bug: 1569182
Change-Id: Ifc4763d40256e43f51728e1dd4b3986c4f0ba0fc
Updates to ensure commands run in the swift containers
are done as the 'swift' user rather than root.
Change-Id: I8c5a12e24b9940200241dbe09d6bde8f1cc1cf05
Closes-Bug: #1553895
Co-Authored-By: Serguei Bezverkhi <sbezverk@cisco.com>
This prevents failure when the directory already exists.
This commit fixes a failure in centos-binary because of a change in the
RDO packaging, where the required directory is now created for us.
Change-Id: Idd3e15802c3e3fd363e1295111ec12948d566781
Closes-Bug: #1543417
Current Swift playbook is based on the preassumption of AIO setup.
However, if one goes with default multinode setup
(ansible/inventory/multinode), it follows the P + ACO deployment model,
which proxy-server runs on controller nodes where ACO
(account/container/object services) run on storage nodes.
It will break because swift proxy-server no longer has access (it
shouldn't have) to /srv/node path. This change ensure disk mounting part
only happens on storage node. It also moves chown from proxy-server
Dockerfile to rsyncd because no matter with PACO, P+ACO or P+A+C+O
model, rsyncd is always running on each storage node.
Change-Id: I3aa20454902caa9c84d3901bb91e4e4c93ac5f34
Partially-Implements: blueprint swift-physical-disk
Closes-Bug: #1537544
In python3.x, there is no method named xrange(),
it has replaced by range(),which is equal to xrange()
in python2.x. so we must fix this issue.
Closes-Bug: #1268439
Change-Id: I66f0a7f248ad77bf06e96ea7cfcb7ef5f050b13a
Get rid of swfit children images by share the same image in the swift
account, swift object and swift container services
Closes-Bug: #1534476
Change-Id: I929689f93b56396a41b19fda46e4679c4de84ca1
There were some inconsistencies with pip install instructions
thoughout Kolla. We fix those here.
Additionally, we fix the virtualenv to properly use the site-packages
on the host if a library is not available in the venv.
Change-Id: Ib84d48e8826bb96060338b3fa0782620c98794a8
Related-Bug: #1524684
Closes-Bug: #1529434
Use virtualenv for installation of OpenStack projects and
dependencies to avoid conflicts with Python libraries installed
by non-OpenStack binary packages.
Change-Id: I21ecd673b2e93335b1d3dd4e279e940c9d694c3c
Implements: blueprint virtualenv
This brings Kolla images inline with FHS and should make finding
locations of things more consistent and reliable with the linux world
at large.
Change-Id: Iece5b4da4bace0fb8b1f41a65ab2c852ec73e6f8
Closes-Bug: #1485742
The majority of the start.sh code is identical. This removes that
duplicate code while still maintaining the ability to call code in a
specific container.
The start.sh is moved into /usr/local/bin/kolla_start in the container
The extend_start.sh script is called by the kolla_start script at the
location /usr/local/bin/kolla_extend_start . It always exists because
we create a noop kolla_extend_start in the base directory. We override
it with extend_start.sh in a specific image should we need to.
Of note, the neutron-agents container is exempt from this new
structure due to it being a fat container.
Additionally, we fix the inconsistent permissions throughout. 644 for
repo files and the scripts are set to 755 via a Docker RUN command to
ensure someones local perm change won't break upstream containers.
Change-Id: I7da8d19965463ad30ee522a71183e3f092e0d6ad
Closes-Bug: #1501295
This prepares for the RHEL OSP implementation by making the build
tool convert all binary-* into an install_type of binary and * into
an install_metatype variable substitution inside the Dockerfiles.
Further binary-* is substituted as install_name to enable proper
building only.
Change-Id: Ib681b29176eb79a3cab12ec824313fdecb6e7a5f
Partially-Implements: blueprint rhel-based-image-support
Ubuntu binary is not supported and may never be. Installing from
cloud-archive packaging is only for the current stable distros, Ubuntu
does not have a Delorean type repo. We place a fail message in the
base image to catch this and remove the messages throughout the
project.
An additional fail message is placed to catch all other things.
Change-Id: Id2953f503ebd42226f6a08e75979ae56511c40f7
Implements: blueprint install-from-ubuntu
I removed the files but not the COPY commands thus breaking all of
Kolla
Change-Id: I37d3e0cb94a1ecc12971f485f953310ba8fee53c
Partially-Implements: blueprint replace-config-external