Updating the disk image builder code

Adds haproxy 1.5.x from ubuntu trusty backports
Adds a git pull for the amphora agent code
Removes check for argparse (internal for python 2.7)
Adds sysctl net.ipv4.ip_nonlocal_bind=1

Change-Id: I7aecf727fb5d9be08982c5a32ae3c6e280ebda14
This commit is contained in:
Michael Johnson 2015-04-03 17:25:23 +00:00
parent 1bb0402062
commit 9b47e9a4c5
16 changed files with 102 additions and 4 deletions

View File

@ -261,7 +261,11 @@ else
fi
fi
PKG_LIST="Babel argparse dib-utils PyYAML"
# "pip freeze" does not show argparse, even if it is explictly installed,
# because it is part of of the standard python library in 2.7.
# See https://github.com/pypa/pip/issues/1570
PKG_LIST="Babel dib-utils PyYAML"
for pkg in $PKG_LIST; do
if ! pip freeze 2>/dev/null| grep -q "^$pkg==" &>/dev/null; then
echo "Required python package " $pkg " is not installed. Exiting."
@ -295,18 +299,21 @@ popd > /dev/null
if [ "$AMP_BASEOS" = "ubuntu" ]; then
AMP_element_sequence=${AMP_element_sequence:-"base vm ubuntu"}
AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND-ubuntu"
if [ "$BASE_OS_MIRROR" ]; then
AMP_element_sequence="$AMP_element_sequence apt-mirror"
export UBUNTU_MIRROR="$BASE_OS_MIRROR"
fi
elif [ "$AMP_BASEOS" = "fedora" ]; then
AMP_element_sequence=${AMP_element_sequence:-"base vm fedora"}
AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND"
if [ "$BASE_OS_MIRROR" ]; then
AMP_element_sequence="$AMP_element_sequence fedora-mirror"
export FEDORA_MIRROR="$BASE_OS_MIRROR"
fi
elif [ "$AMP_BASEOS" = "centos" ]; then
AMP_element_sequence=${AMP_element_sequence:-"base vm centos7"}
AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND"
if [ "$BASE_OS_MIRROR" ]; then
AMP_element_sequence="$AMP_element_sequence centos-mirror"
export CENTOS_MIRROR="$BASE_OS_MIRROR"
@ -318,8 +325,8 @@ if [ "$AMP_ROOTPW" ]; then
export DIB_PASSWORD=$AMP_ROOTPW
fi
# Add the Octavia Amphora backend element
AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND"
# Add the Octavia Amphora agent element
AMP_element_sequence="$AMP_element_sequence amphora-agent"
# Allow full elements override
if [ "$DIB_ELEMENTS" ]; then

View File

@ -0,0 +1,3 @@
Element to install an Octavia Amphora agent.

View File

@ -0,0 +1 @@
source-repositories

View File

@ -0,0 +1,2 @@
# This is temporary until we have a pip package
amphora-agent git /opt/amphora-agent https://review.openstack.org/stackforge/octavia refs/changes/34/160034/16

View File

@ -0,0 +1,2 @@
amphora-agent:
default: amphora-agent

View File

@ -0,0 +1,3 @@
Element to install an Octavia Amphora with an haproxy backend.

View File

@ -0,0 +1,3 @@
os-svc-install
package-installs
sysctl

View File

@ -0,0 +1,6 @@
#!/bin/bash
set -eux
set -o pipefail
[ -d /var/lib/haproxy ] || install -d -D -m 0755 -o root -g root /var/lib/haproxy

View File

@ -0,0 +1,9 @@
#!/bin/bash
set -eux
set -o pipefail
# Allow haproxy to proxy any port if SELinux is in enforcing mode
# https://bugs.launchpad.net/tripleo/+bug/1339938
if [[ -x /usr/sbin/semanage ]]; then
setsebool -P haproxy_connect_any 1
fi

View File

@ -0,0 +1,47 @@
#!/bin/bash
set -eu
set -o pipefail
sysctl-set-value net.ipv4.tcp_max_tw_buckets 5800000
sysctl-set-value net.ipv4.tcp_max_orphans 5800000
sysctl-set-value net.ipv4.tcp_max_syn_backlog 40960
sysctl-set-value net.ipv4.tcp_keepalive_time 300
sysctl-set-value net.ipv4.tcp_tw_recycle 0
sysctl-set-value net.ipv4.tcp_tw_reuse 1
sysctl-set-value net.ipv4.tcp_timestamps 0
sysctl-set-value net.ipv4.tcp_ecn 0
sysctl-set-value net.ipv4.tcp_sack 0
sysctl-set-value net.ipv4.tcp_dsack 0
sysctl-set-value net.ipv4.netfilter.ip_conntrack_max 1524288
sysctl-set-value net.core.somaxconn 40960
sysctl-set-value net.ipv4.tcp_synack_retries 3
sysctl-set-value net.core.netdev_max_backlog 40960
sysctl-set-value fs.file-max 1048576
sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait 5
sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait 5
sysctl-set-value net.ipv4.tcp_fin_timeout 5
sysctl-set-value net.ipv4.ip_nonlocal_bind 1
# Currently the tripleo-image-elements sysctl element can't handle multi-value
# settings, so I will set them manually here
NAME=net.ipv4.tcp_rmem
VALUE="16384 65536 524288"
FILENAME="/etc/sysctl.d/${NAME}.conf"
cat > $FILENAME <<EOF_CAT
$NAME = $VALUE
EOF_CAT
NAME=net.ipv4.tcp_wmem
VALUE="16384 349520 699040"
FILENAME="/etc/sysctl.d/${NAME}.conf"
cat > $FILENAME <<EOF_CAT
$NAME = $VALUE
EOF_CAT
NAME=net.ipv4.ip_local_port_range
VALUE="1024 65000"
FILENAME="/etc/sysctl.d/${NAME}.conf"
cat > $FILENAME <<EOF_CAT
$NAME = $VALUE
EOF_CAT

View File

@ -0,0 +1,3 @@
{
"haproxy/trusty-backports": null
}

View File

@ -0,0 +1,7 @@
#!/bin/bash
# Add the Ubuntu backports archive
set -eu
set -o xtrace
echo deb http://archive.ubuntu.com/ubuntu trusty-backports main restricted universe multiverse > /etc/apt/sources.list.d/backports.list

View File

@ -0,0 +1,2 @@
haproxy:
default: haproxy

View File

@ -21,6 +21,7 @@ sysctl-set-value fs.file-max 1048576
sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait 5
sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait 5
sysctl-set-value net.ipv4.tcp_fin_timeout 5
sysctl-set-value net.ipv4.ip_nonlocal_bind 1
# Currently the tripleo-image-elements sysctl element can't handle multi-value
# settings, so I will set them manually here

View File

@ -0,0 +1,3 @@
{
"haproxy": null
}