70b1ca4b1c
When upgrading container images from Kolla-based to TCIB-based, the
config files can't be read if we don't apply the new chown values unless
we re-use the same UIDs/GIDs as we had with Kolla; which is what we'll
do for now until we figure out an easy way to update config permissions
during the upgrade/update stage.
This introduces a new script, that will be injected in the base layer:
uid_gid_manage.sh
Usage:
./uid_gid_manage.sh qemu nova
It'll first create the qemu user/group, then nova user/group.
The format aims to be simple:
<username> <uid> <gid> <optional homedir> <optional list of extra groups>
It's also removing instances of usermod which aren't needed anymore;
since we create the user / groups only in the images where they are
needed; which wasn't the case for Kolla where all users/groups were
created in the base image.
Note: we create the user/group before installing packaging so if
packaging creates directories and sets permissions, it'll be with the
right UID/GID (unless packaging overrides UID/GID but rarely do it).
Related-Bug: #1890798
Change-Id: If3fa2ff34af42a7438c6dbf81dbcb0bddd63afa6
(cherry picked from commit fb0ec2ffd0
)
19 lines
771 B
YAML
19 lines
771 B
YAML
tcib_actions:
|
|
- run: bash /usr/local/bin/uid_gid_manage {{ tcib_user }}
|
|
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
|
- copy: /usr/share/tripleo-common/container-images/kolla/rabbitmq/extend_start.sh /usr/local/bin/kolla_extend_start
|
|
- run: chmod 755 /usr/local/bin/kolla_extend_start
|
|
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/rabbitmq /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
|
tcib_gather_files: '{{ lookup(''fileglob'', ''/usr/share/tripleo-common/container-images/kolla/rabbitmq/*'', wantlist=True) }}'
|
|
tcib_packages:
|
|
common:
|
|
- erlang-hipe
|
|
- hostname
|
|
- libqb
|
|
- pacemaker
|
|
- pacemaker-remote
|
|
- pcs
|
|
- rabbitmq-server
|
|
- resource-agents
|
|
tcib_user: rabbitmq
|