diff --git a/magnum/drivers/swarm_fedora_atomic_v1/image/openvswitch/Dockerfile b/magnum/drivers/swarm_fedora_atomic_v1/image/openvswitch/Dockerfile new file mode 100644 index 0000000000..7ae36af57d --- /dev/null +++ b/magnum/drivers/swarm_fedora_atomic_v1/image/openvswitch/Dockerfile @@ -0,0 +1,18 @@ +FROM fedora:23 +MAINTAINER Ton Ngo "ton@us.ibm.com" +WORKDIR / +RUN dnf -y install openvswitch \ + openstack-neutron-ml2 \ + openstack-neutron-openvswitch \ + bridge-utils \ + git \ + && dnf clean all +RUN cd /opt \ + && git clone https://git.openstack.org/openstack/neutron \ + && cp neutron/etc/policy.json /etc/neutron/. \ + && rm -rf neutron \ + && dnf -y remove git +VOLUME /var/run/openvswitch +ADD run_openvswitch_neutron.sh /usr/bin/run_openvswitch_neutron.sh + +CMD ["/usr/bin/run_openvswitch_neutron.sh"] diff --git a/magnum/drivers/swarm_fedora_atomic_v1/image/openvswitch/README.rst b/magnum/drivers/swarm_fedora_atomic_v1/image/openvswitch/README.rst new file mode 100644 index 0000000000..98d38c57a9 --- /dev/null +++ b/magnum/drivers/swarm_fedora_atomic_v1/image/openvswitch/README.rst @@ -0,0 +1,68 @@ +=================== +Neutron Openvswitch +=================== + +This Dockerfile creates a Docker image based on Fedora 23 that runs +Openvswitch and the Neutron L2 agent for Openvswitch. This container +image is used by Magnum when a Swarm cluster is deployed with the +attribute:: + + --network-driver=kuryr + +Magnum deploys this container on each Swarm node along with the +Kuryr container to support Docker advanced networking based on +the `Container Networking Model +`_. + +To build the image, run this command in the same directory as the +Dockerfile:: + + docker build -t openstackmagnum/fedora23-neutron-ovs:testing . + +This image is available on Docker Hub as:: + + openstackmagnum/fedora23-neutron-ovs:testing + +To update the image with a new build:: + + docker push openstackmagnum/fedora23-neutron-ovs:testing + +The 'testing' tag may be replaced with 'latest' or other tag as +needed. + +This image is intended to run on the Fedora Atomic public image which +by default does not have these packages installed. The common +practice for Atomic OS is to run new packages in containers rather +than installing them in the OS. + +For the Neutron agent, you will need to provide 3 files at these +locations: + +- /etc/neutron/neutron.conf +- /etc/neutron/policy.json +- /etc/neutron/plugins/ml2/ml2_conf.ini + +These files are typically installed in the same locations on the +Neutron controller node. The policy.json file is copied into the +Docker image because it is fairly static and does not require +customization for the bay. If it is changed in the Neutron master +repo, you just need to rebuild the Docker image to update the file. +Magnum will create the other 2 files on each bay node in the +directory /etc/kuryr and map them to the proper directories in +the container using the Docker -v option. + +Since Openvswitch needs to operate on the host network name space, +the Docker container will need the -net=host option. +The /var/run/openvswitch directory is also mapped to the bay node +so that the Kuryr container can talk to openvswitch. +To run the image from Fedora Atomic:: + + docker run --net=host \ + --cap-add=NET_ADMIN \ + --privileged=true \ + -v /var/run/openvswitch:/var/run/openvswitch \ + -v /lib/modules:/lib/modules:ro \ + -v /etc/kuryr/neutron.conf:/etc/neutron/neutron.conf \ + -v /etc/kuryr/ml2_conf.ini:/etc/neutron/plugins/ml2/ml2_conf.ini \ + --name openvswitch-agent \ + openstackmagnum/fedora23-neutron-ovs:testing diff --git a/magnum/drivers/swarm_fedora_atomic_v1/image/openvswitch/run_openvswitch_neutron.sh b/magnum/drivers/swarm_fedora_atomic_v1/image/openvswitch/run_openvswitch_neutron.sh new file mode 100755 index 0000000000..6893ccc80b --- /dev/null +++ b/magnum/drivers/swarm_fedora_atomic_v1/image/openvswitch/run_openvswitch_neutron.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +/usr/share/openvswitch/scripts/ovs-ctl start --system-id=random +/usr/bin/neutron-openvswitch-agent --config-file /etc/neutron/neutron.conf --log-file /var/log/neutron/openvswitch-agent.log