Updating the disk image builder code
Adds haproxy 1.5.x from ubuntu trusty backports Adds a git pull for the amphora agent code Removes check for argparse (internal for python 2.7) Adds sysctl net.ipv4.ip_nonlocal_bind=1 Change-Id: I7aecf727fb5d9be08982c5a32ae3c6e280ebda14
This commit is contained in:
parent
1bb0402062
commit
9b47e9a4c5
diskimage-create
elements
amphora-agent
haproxy-octavia-ubuntu
README.rstelement-deps
install.d
os-refresh-config/configure.d
package-installs.jsonpre-install.d
svc-maphaproxy-octavia
@ -261,7 +261,11 @@ else
|
||||
fi
|
||||
fi
|
||||
|
||||
PKG_LIST="Babel argparse dib-utils PyYAML"
|
||||
# "pip freeze" does not show argparse, even if it is explictly installed,
|
||||
# because it is part of of the standard python library in 2.7.
|
||||
# See https://github.com/pypa/pip/issues/1570
|
||||
|
||||
PKG_LIST="Babel dib-utils PyYAML"
|
||||
for pkg in $PKG_LIST; do
|
||||
if ! pip freeze 2>/dev/null| grep -q "^$pkg==" &>/dev/null; then
|
||||
echo "Required python package " $pkg " is not installed. Exiting."
|
||||
@ -295,18 +299,21 @@ popd > /dev/null
|
||||
|
||||
if [ "$AMP_BASEOS" = "ubuntu" ]; then
|
||||
AMP_element_sequence=${AMP_element_sequence:-"base vm ubuntu"}
|
||||
AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND-ubuntu"
|
||||
if [ "$BASE_OS_MIRROR" ]; then
|
||||
AMP_element_sequence="$AMP_element_sequence apt-mirror"
|
||||
export UBUNTU_MIRROR="$BASE_OS_MIRROR"
|
||||
fi
|
||||
elif [ "$AMP_BASEOS" = "fedora" ]; then
|
||||
AMP_element_sequence=${AMP_element_sequence:-"base vm fedora"}
|
||||
AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND"
|
||||
if [ "$BASE_OS_MIRROR" ]; then
|
||||
AMP_element_sequence="$AMP_element_sequence fedora-mirror"
|
||||
export FEDORA_MIRROR="$BASE_OS_MIRROR"
|
||||
fi
|
||||
elif [ "$AMP_BASEOS" = "centos" ]; then
|
||||
AMP_element_sequence=${AMP_element_sequence:-"base vm centos7"}
|
||||
AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND"
|
||||
if [ "$BASE_OS_MIRROR" ]; then
|
||||
AMP_element_sequence="$AMP_element_sequence centos-mirror"
|
||||
export CENTOS_MIRROR="$BASE_OS_MIRROR"
|
||||
@ -318,8 +325,8 @@ if [ "$AMP_ROOTPW" ]; then
|
||||
export DIB_PASSWORD=$AMP_ROOTPW
|
||||
fi
|
||||
|
||||
# Add the Octavia Amphora backend element
|
||||
AMP_element_sequence="$AMP_element_sequence $AMP_BACKEND"
|
||||
# Add the Octavia Amphora agent element
|
||||
AMP_element_sequence="$AMP_element_sequence amphora-agent"
|
||||
|
||||
# Allow full elements override
|
||||
if [ "$DIB_ELEMENTS" ]; then
|
||||
|
3
elements/amphora-agent/README.rst
Normal file
3
elements/amphora-agent/README.rst
Normal file
@ -0,0 +1,3 @@
|
||||
Element to install an Octavia Amphora agent.
|
||||
|
||||
|
1
elements/amphora-agent/element-deps
Normal file
1
elements/amphora-agent/element-deps
Normal file
@ -0,0 +1 @@
|
||||
source-repositories
|
2
elements/amphora-agent/source-repository-amphora-agent
Normal file
2
elements/amphora-agent/source-repository-amphora-agent
Normal file
@ -0,0 +1,2 @@
|
||||
# This is temporary until we have a pip package
|
||||
amphora-agent git /opt/amphora-agent https://review.openstack.org/stackforge/octavia refs/changes/34/160034/16
|
2
elements/amphora-agent/svc-map
Normal file
2
elements/amphora-agent/svc-map
Normal file
@ -0,0 +1,2 @@
|
||||
amphora-agent:
|
||||
default: amphora-agent
|
3
elements/haproxy-octavia-ubuntu/README.rst
Normal file
3
elements/haproxy-octavia-ubuntu/README.rst
Normal file
@ -0,0 +1,3 @@
|
||||
Element to install an Octavia Amphora with an haproxy backend.
|
||||
|
||||
|
3
elements/haproxy-octavia-ubuntu/element-deps
Normal file
3
elements/haproxy-octavia-ubuntu/element-deps
Normal file
@ -0,0 +1,3 @@
|
||||
os-svc-install
|
||||
package-installs
|
||||
sysctl
|
6
elements/haproxy-octavia-ubuntu/install.d/76-haproxy
Executable file
6
elements/haproxy-octavia-ubuntu/install.d/76-haproxy
Executable file
@ -0,0 +1,6 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
[ -d /var/lib/haproxy ] || install -d -D -m 0755 -o root -g root /var/lib/haproxy
|
@ -0,0 +1,9 @@
|
||||
#!/bin/bash
|
||||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
# Allow haproxy to proxy any port if SELinux is in enforcing mode
|
||||
# https://bugs.launchpad.net/tripleo/+bug/1339938
|
||||
if [[ -x /usr/sbin/semanage ]]; then
|
||||
setsebool -P haproxy_connect_any 1
|
||||
fi
|
@ -0,0 +1,47 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
sysctl-set-value net.ipv4.tcp_max_tw_buckets 5800000
|
||||
sysctl-set-value net.ipv4.tcp_max_orphans 5800000
|
||||
sysctl-set-value net.ipv4.tcp_max_syn_backlog 40960
|
||||
sysctl-set-value net.ipv4.tcp_keepalive_time 300
|
||||
sysctl-set-value net.ipv4.tcp_tw_recycle 0
|
||||
sysctl-set-value net.ipv4.tcp_tw_reuse 1
|
||||
sysctl-set-value net.ipv4.tcp_timestamps 0
|
||||
sysctl-set-value net.ipv4.tcp_ecn 0
|
||||
sysctl-set-value net.ipv4.tcp_sack 0
|
||||
sysctl-set-value net.ipv4.tcp_dsack 0
|
||||
sysctl-set-value net.ipv4.netfilter.ip_conntrack_max 1524288
|
||||
sysctl-set-value net.core.somaxconn 40960
|
||||
sysctl-set-value net.ipv4.tcp_synack_retries 3
|
||||
sysctl-set-value net.core.netdev_max_backlog 40960
|
||||
sysctl-set-value fs.file-max 1048576
|
||||
sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait 5
|
||||
sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait 5
|
||||
sysctl-set-value net.ipv4.tcp_fin_timeout 5
|
||||
sysctl-set-value net.ipv4.ip_nonlocal_bind 1
|
||||
|
||||
# Currently the tripleo-image-elements sysctl element can't handle multi-value
|
||||
# settings, so I will set them manually here
|
||||
NAME=net.ipv4.tcp_rmem
|
||||
VALUE="16384 65536 524288"
|
||||
FILENAME="/etc/sysctl.d/${NAME}.conf"
|
||||
cat > $FILENAME <<EOF_CAT
|
||||
$NAME = $VALUE
|
||||
EOF_CAT
|
||||
|
||||
NAME=net.ipv4.tcp_wmem
|
||||
VALUE="16384 349520 699040"
|
||||
FILENAME="/etc/sysctl.d/${NAME}.conf"
|
||||
cat > $FILENAME <<EOF_CAT
|
||||
$NAME = $VALUE
|
||||
EOF_CAT
|
||||
|
||||
NAME=net.ipv4.ip_local_port_range
|
||||
VALUE="1024 65000"
|
||||
FILENAME="/etc/sysctl.d/${NAME}.conf"
|
||||
cat > $FILENAME <<EOF_CAT
|
||||
$NAME = $VALUE
|
||||
EOF_CAT
|
3
elements/haproxy-octavia-ubuntu/package-installs.json
Normal file
3
elements/haproxy-octavia-ubuntu/package-installs.json
Normal file
@ -0,0 +1,3 @@
|
||||
{
|
||||
"haproxy/trusty-backports": null
|
||||
}
|
7
elements/haproxy-octavia-ubuntu/pre-install.d/01-backports
Executable file
7
elements/haproxy-octavia-ubuntu/pre-install.d/01-backports
Executable file
@ -0,0 +1,7 @@
|
||||
#!/bin/bash
|
||||
# Add the Ubuntu backports archive
|
||||
|
||||
set -eu
|
||||
set -o xtrace
|
||||
|
||||
echo deb http://archive.ubuntu.com/ubuntu trusty-backports main restricted universe multiverse > /etc/apt/sources.list.d/backports.list
|
2
elements/haproxy-octavia-ubuntu/svc-map
Normal file
2
elements/haproxy-octavia-ubuntu/svc-map
Normal file
@ -0,0 +1,2 @@
|
||||
haproxy:
|
||||
default: haproxy
|
@ -1 +0,0 @@
|
||||
haproxy
|
@ -21,6 +21,7 @@ sysctl-set-value fs.file-max 1048576
|
||||
sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait 5
|
||||
sysctl-set-value net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait 5
|
||||
sysctl-set-value net.ipv4.tcp_fin_timeout 5
|
||||
sysctl-set-value net.ipv4.ip_nonlocal_bind 1
|
||||
|
||||
# Currently the tripleo-image-elements sysctl element can't handle multi-value
|
||||
# settings, so I will set them manually here
|
||||
|
3
elements/haproxy-octavia/package-installs.json
Normal file
3
elements/haproxy-octavia/package-installs.json
Normal file
@ -0,0 +1,3 @@
|
||||
{
|
||||
"haproxy": null
|
||||
}
|
Loading…
Reference in New Issue
Block a user