475175dd6e
This patch adds ":" in matching port 80 to check what processes are running on port 80. This is needed because if you do just grep 80 then lot of processes having port like 6080 are in result list. Adding ":" will make list shorter and easy to scan. Change-Id: I05b35ae65c8b90cf35d33bc258bb464905fe8d0d Closes-Bug: #1490667
188 lines
6.4 KiB
ReStructuredText
188 lines
6.4 KiB
ReStructuredText
=========================================
|
|
Building and updating Fedora Atomic image
|
|
=========================================
|
|
|
|
For Magnum development, we use a Fedora Atomic image prebuilt with a certain
|
|
version of Docker, Kubernetes, etcd and Flannel. This document details
|
|
instructions for building the image update it to incorporate your own changes.
|
|
|
|
The basic steps are:
|
|
|
|
1. Choose the packages and build a package repo.
|
|
2. Run a Docker container with Fedora 21 and build the rpm-ostree repo.
|
|
3. Create the new glance image from this Docker container.
|
|
4. Alternatively, update an existing container from this rpm-ostree repo.
|
|
|
|
This document was tested with Fedora 21. This should also work for
|
|
Fedora 22 or other version with minor adjustment, and the document will be
|
|
updated when they are tested.
|
|
|
|
Create the package repo
|
|
=======================
|
|
|
|
Find the package version that you want from::
|
|
|
|
https://kojipkgs.fedoraproject.org/packages/<packagename>
|
|
|
|
This URL does not contain a package name, so you will provide the package name
|
|
in the URL. For our case, we will use the three packages named 'kubernetes',
|
|
'etcd', and 'flannel'.
|
|
|
|
For example::
|
|
|
|
https://kojipkgs.fedoraproject.org/packages/kubernetes/0.20.0/0.3.git835eded.fc23/src/kubernetes-0.20.0-0.3.git835eded.fc23.src.rpm
|
|
https://kojipkgs.fedoraproject.org/packages/etcd/2.0.13/2.fc23/src/etcd-2.0.13-2.fc23.src.rpm
|
|
https://kojipkgs.fedoraproject.org/packages/flannel/0.5.0/1.fc23/src/flannel-0.5.0-1.fc23.src.rpm
|
|
|
|
|
|
Next we build a package repo for these particular packages. We use an
|
|
automated package builder from::
|
|
|
|
https://copr.fedoraproject.org/coprs
|
|
|
|
If you don't have an account, you can create one on::
|
|
|
|
http://fedoraproject.org
|
|
|
|
Once you log into Fedora copr via https://copr.fedoraproject.org, follow these
|
|
steps:
|
|
|
|
- Click on "Add a new project" and fill in the necessary information.
|
|
- Check the box for fedora-21-x86_64.
|
|
- In the box "Initial packages to build", refer the kojipkgs site mentioned
|
|
above. Cut and paste the links for the desired src.rpm package.
|
|
- Click build.
|
|
|
|
The build may take some time depending on how busy the system is.
|
|
|
|
When the build completes successfully, go to the Overview tab and look under
|
|
the column for "Yum repo". Find the link for a repo file to point to your
|
|
newly built package in copr. Save the text from this link to use later.
|
|
|
|
Build and host rpm-ostree repo
|
|
==============================
|
|
|
|
You will need a server with Docker installed.
|
|
Download this build configuration::
|
|
|
|
git clone https://github.com/jasonbrooks/byo-atomic.git
|
|
|
|
Make sure httpd is not running on your server since we need to map port 80
|
|
to apache that will run in the Docker instance. If port 80 is already in use,
|
|
we will get an error when starting the Docker instance indicating that the
|
|
address is already in use.
|
|
|
|
Verify that port tcp/80 is vacant by running this command::
|
|
|
|
sudo netstat -antp | grep :80
|
|
|
|
The output should show no process on port 80. For example, if apache is
|
|
using port 80, you would see something like::
|
|
|
|
tcp6 0 0 :::80 :::* LISTEN 26981/apache2
|
|
|
|
In the Dockerfile, we download the fedora 21 image and set up the environment.
|
|
If you are running on Ubuntu, the Dockerfile does need a minor workaround for
|
|
the httpd logs directory. Edit the Dockerfile and in the line with mkdir,
|
|
insert a command for "mkdir /etc/httpd/logs" as follows::
|
|
|
|
mkdir /etc/httpd/logs && mkdir -p /srv/rpm-ostree/repo && cd /srv/rpm-ostree/ && ostree --repo=repo init --mode=archive-z2
|
|
|
|
Build a Docker container image to be used for hosting the rpm-ostree repo::
|
|
|
|
sudo docker build --rm -t $USER/atomicrepo byo-atomic/.
|
|
|
|
where $USER is the user logged in.
|
|
|
|
When the build completes, you can see the image by running::
|
|
|
|
sudo docker images
|
|
|
|
Start a container using the new Docker image. This will start apache in the
|
|
new container with tcp/80 mapped to the host::
|
|
|
|
sudo docker run --privileged -d -p 80:80 --name atomicrepo $USER/atomicrepo
|
|
|
|
Then log into this Docker container::
|
|
|
|
sudo docker exec -it atomicrepo bash
|
|
|
|
Once inside the Docker container, run the commands::
|
|
|
|
cd fedora-atomic
|
|
git checkout f21
|
|
nscd
|
|
|
|
Edit the file fedora-atomic-docker-host.json to add the repo pointing to the
|
|
copr package repo. Update the line "repos" as follows::
|
|
|
|
"repos": ["fedora-21" , "my-copr-repo"],
|
|
|
|
You can rename "my-copr-repo" as needed, but make sure to use the same name
|
|
in the two steps following. From the link on the copr site above, save the
|
|
content for the repo pointer in a file named "my-copr-repo.repo" in the same
|
|
directory, then make the following changes in the file.
|
|
|
|
Rename the first line as::
|
|
|
|
[my-copr-repo]
|
|
|
|
And modify this flag::
|
|
|
|
gpgcheck=0
|
|
|
|
Then build the rpm-ostree::
|
|
|
|
rpm-ostree compose tree --repo=/srv/rpm-ostree/repo fedora-atomic-docker-host.json
|
|
|
|
When this is completed, Apache should be running on the Docker container and
|
|
serving the content of the new rpm-ostree repo. From outside the container,
|
|
the repo can be accessed as::
|
|
|
|
http://<ip>/repo
|
|
|
|
Create the new image
|
|
====================
|
|
|
|
From within the Docker container where the rpm-ostree repo has been built,
|
|
install additional tools::
|
|
|
|
yum install -y rpm-ostree-toolbox nss-altfiles yum-plugin-protectbase
|
|
|
|
Create a new glance image::
|
|
|
|
export LIBGUESTFS_BACKEND=direct
|
|
rpm-ostree-toolbox create-vm-disk /srv/rpm-ostree/repo fedora-atomic-host fedora-atomic/f21/x86_64/docker-host my-new-f21-atomic.qcow2
|
|
|
|
The new image my-new-f21-atomic.qcow2 is in the current directory.
|
|
|
|
Update an existing Fedora Atomic server
|
|
=======================================
|
|
|
|
You may update an existing Fedora Atomic server to derive a new one.
|
|
If you have a nova instance created from an existing Fedora Atomic glance
|
|
image, you may update it from the rpm-ostree repo above. On this server,
|
|
edit this file as root::
|
|
|
|
sudo vi /etc/ostree/remotes.d/fedora-atomic.conf
|
|
|
|
Add the content (substitute the <ip> for your Docker instance)::
|
|
|
|
[remote "fedora-atomic-host"]
|
|
url=http://<ip>/repo
|
|
branches=fedora-atomic/21/x86_64/docker-host;
|
|
gpg-verify=false
|
|
|
|
Run the command::
|
|
|
|
sudo rpm-ostree upgrade
|
|
|
|
When the upgrade is completed, reboot to switch to the new version::
|
|
|
|
sudo systemctl reboot
|
|
|
|
Once you have the modified server, you may snapshot it to create a new glance
|
|
image from it, and use that new glance image for subsequent new Magnum bays.
|
|
Note however that because of the way Atomic manages backup, this approach will
|
|
bloat the image size.
|