From cc05a8d547d57a04e83472c52a3ee900f5c72f6d Mon Sep 17 00:00:00 2001 From: Steve Baker Date: Thu, 13 Dec 2018 11:45:12 +1300 Subject: [PATCH] Replace docker-distribution with apache image-serve This allows the removal of the docker-distribution package. The python uploader will detect dynamically whether the registry is push-capable, and it will do an image-serve export if it is not. blueprint: podman-support Change-Id: Ibd13dd92229f6d63eab14d62017d1b46e0f652a7 Depends-On: Id4ed832f0bf5115f2f44d0b7b11c60d01d1e7b4c --- .../image-serve-baremetal-ansible.yaml | 75 +++++++++++++++++++ environments/undercloud.yaml | 2 +- 2 files changed, 76 insertions(+), 1 deletion(-) create mode 100644 deployment/image-serve/image-serve-baremetal-ansible.yaml diff --git a/deployment/image-serve/image-serve-baremetal-ansible.yaml b/deployment/image-serve/image-serve-baremetal-ansible.yaml new file mode 100644 index 0000000000..c0d2f5b3c6 --- /dev/null +++ b/deployment/image-serve/image-serve-baremetal-ansible.yaml @@ -0,0 +1,75 @@ +heat_template_version: rocky + +description: > + Configures apache to serve container images on a host. + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + LocalContainerRegistry: + default: '' + description: The IP address used to bind the local container registry + type: string + +conditions: + local_container_registry_is_empty: {equals : [{get_param: LocalContainerRegistry}, '']} + +outputs: + role_data: + description: Role data for the image serve registry service + value: + service_name: docker_registry + config_settings: + tripleo::docker_registry::firewall_rules: + '155 docker-registry': + dport: + - 8787 + - 13787 + step_config: '' + host_prep_tasks: + - name: Install, Configure and Run Apache to serve container images + block: + - set_fact: + container_registry_host: + if: + - local_container_registry_is_empty + - {get_param: [EndpointMap, DockerRegistryInternal, host]} + - {get_param: LocalContainerRegistry} + container_registry_port: {get_param: [EndpointMap, DockerRegistryInternal, port]} + - include_role: + name: tripleo-image-serve + upgrade_tasks: + - name: Stop, disable docker-distribution + when: step|int == 3 + systemd: + enabled: false + state: stopped + name: docker-distribution + - name: Uninstall docker-distribution + when: step|int == 3 + package: name=docker-distribution state=absent + # TODO(sbaker) migrate docker-distribution data to image-serve diff --git a/environments/undercloud.yaml b/environments/undercloud.yaml index ce1630bf6f..3fb7e79289 100644 --- a/environments/undercloud.yaml +++ b/environments/undercloud.yaml @@ -3,7 +3,7 @@ resource_registry: OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml OS::TripleO::Undercloud::Net::SoftwareConfig: ../net-config-undercloud.yaml OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/undercloud_post.yaml - OS::TripleO::Services::DockerRegistry: ../deployment/docker/docker-registry-baremetal-ansible.yaml + OS::TripleO::Services::DockerRegistry: ../deployment/image-serve/image-serve-baremetal-ansible.yaml OS::TripleO::Services::ContainerImagePrepare: ../deployment/container-image-prepare/container-image-prepare-baremetal-ansible.yaml # Allows us to control the external VIP for Undercloud SSL OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_from_pool.yaml