Update docker containers for CentOS7

In order to migrate docker containers to CentOS7 the following fixes and improvements were made: * systemd service is a PID 1 service in each container instead of 'start.sh' * 'start.sh' script converted to systemd service and started automatically every time a container is launched * Dockerfiles simplified by removing all setup stuff to separate 'setup.sh' file which should be launched explicitely during container preparation phase Blueprint: master-on-centos7 Is NOT compatible with CentOS6 master node Co-Authored-By: Ivan Suzdal <isuzdal@mirantis.com> Change-Id: I5f51f473a6fa783c0a85985a5bf0412b30bcb1c2
openstack-archive · Dec 3, 2015 · a311e94 · a311e94
1 parent fda7c87
commit a311e94
Show file tree

Hide file tree

Showing 38 changed files with 1,102 additions and 522 deletions.
diff --git a/docker/astute/Dockerfile b/docker/astute/Dockerfile
@@ -3,40 +3,16 @@
 FROM fuel/centos
 MAINTAINER Matthew Mosesohn mmosesohn@mirantis.com
 
-RUN rm -rf /etc/yum.repos.d/*; \
-    echo -e "\
-[nailgun]\n\
-name=Nailgun Local Repo\n\
-baseurl=http://$(route -n | awk '/^0.0.0.0/ { print $2 }'):_PORT_/repo/os/x86_64/\n\
-gpgcheck=0\n\
-[mos]\n\
-name=MOS Local Repo\n\
-baseurl=http://$(route -n | awk '/^0.0.0.0/ { print $2 }'):_PORT_/mos-repo/\n\
-gpgcheck=0" \
-        > /etc/yum.repos.d/nailgun.repo; \
-    yum clean expire-cache; \
-    yum update -y; \
-    echo ruby21-nailgun-mcagents sysstat | xargs -n1 yum install -y --quiet
+ENV container docker
+ENV DOCKER_PORT _PORT_
+ENV EXTRA_RPM_REPOS _EXTRA_RPM_REPOS_
 
 ADD etc /etc
-ADD start.sh /usr/local/bin/start.sh
+ADD start.sh /usr/local/bin/
+ADD setup.sh /usr/local/bin/
 
-RUN puppet apply --detailed-exitcodes -d -v \
-        /etc/puppet/modules/nailgun/examples/astute-only.pp; \
-    [[ $? == 0 || $? == 2 ]]
+RUN chmod +x /usr/local/bin/{setup,start}.sh
 
-RUN echo -e "\
-[nailgun]\n\
-name=Nailgun Local Repo\n\
-baseurl=file:/var/www/nailgun/centos/x86_64\n\
-gpgcheck=0\n\
-[mos]\n\
-name=MOS Local Repo\n\
-baseurl=file:/var/www/nailgun/mos-centos/x86_64\n\
-gpgcheck=0" \
-        > /etc/yum.repos.d/nailgun.repo; \
-    yum clean all; \
-    chmod +x /usr/local/bin/start.sh
+VOLUME ["/etc/astute"]
 
-VOLUME /etc/astute
-CMD /usr/local/bin/start.sh
+CMD ["/usr/sbin/init"]
diff --git a/docker/astute/setup.sh b/docker/astute/setup.sh
@@ -0,0 +1,60 @@
+#!/bin/bash -xe
+
+rm -rf /etc/yum.repos.d/*
+
+cat << EOF > /etc/yum.repos.d/nailgun.repo
+[nailgun]
+name=Nailgun Local Repo
+baseurl=http://$(route -n | awk '/^0.0.0.0/ {print $2}'):${DOCKER_PORT}/repo/os/x86_64/
+gpgcheck=0
+
+[mos]
+name=MOS Local Repo
+baseurl=http://$(route -n | awk '/^0.0.0.0/ {print $2}'):${DOCKER_PORT}/mos-repo/
+gpgcheck=0
+EOF
+
+for repo in ${EXTRA_RPM_REPOS}; do
+  IFS=, read -a repo_args <<< "$repo"
+  cat << EOF >> /etc/yum.repos.d/nailgun.repo
+
+[extra-repo-${repo_args[0]}]
+name=MOS Extra Repo ${repo_args[0]}
+baseurl=http://$(route -n | awk '/^0.0.0.0/ {print $2}'):${DOCKER_PORT}/extra-repos/${repo_args[0]}
+gpgcheck=0
+EOF
+done
+
+yum clean expire-cache
+yum update -y
+
+packages="psmisc python-editor nailgun-mcagents sysstat "
+packages+="rubygem-amqp rubygem-amq-protocol rubygem-i18n rubygem-tzinfo "
+packages+="rubygem-minitest rubygem-open4 rubygem-Platform rubygem-symboltable "
+packages+="rubygem-thread_safe rubygem-eventmachine fuel-agent"
+
+echo $packages | xargs -n1 yum install -y
+
+#FIXME(dteselkin): use correct versions of rubygem packages
+sed -i '/amq-protocol/ s/~>/>=/' /usr/share/gems/specifications/amqp-*.gemspec
+
+
+systemctl daemon-reload
+puppet apply --debug --verbose --color false --detailed-exitcodes \
+  /etc/puppet/modules/nailgun/examples/astute-only.pp || [[ $? == 2 ]]
+
+cat << EOF > /etc/yum.repos.d/nailgun.repo
+[nailgun]
+name=Nailgun Local Repo
+baseurl=file:/var/www/nailgun/centos/x86_64
+gpgcheck=0
+
+[mos]
+name=MOS Local Repo
+baseurl=file:/var/www/nailgun/mos-centos/x86_64
+gpgcheck=0
+EOF
+
+yum clean all
+
+systemctl enable start-container.service
diff --git a/docker/astute/start.sh b/docker/astute/start.sh
@@ -5,7 +5,9 @@
 rm -f /var/lib/rpm/__db.*
 rpm --rebuilddb
 
-puppet apply -v /etc/puppet/modules/nailgun/examples/astute-only.pp
-pgrep supervisord >/dev/null && /usr/bin/supervisorctl shutdown
 mkdir -p /var/log/astute
-/usr/bin/supervisord -n
+
+
+systemctl daemon-reload
+puppet apply --debug --verbose --color false --detailed-exitcodes \
+  /etc/puppet/modules/nailgun/examples/astute-only.pp
diff --git a/docker/cobbler/Dockerfile b/docker/cobbler/Dockerfile
@@ -1,50 +1,22 @@
-# fuel/cobbler
+# fuel-cobbler
+#
+# Version     0.1
 
 FROM fuel/centos
 MAINTAINER Matthew Mosesohn mmosesohn@mirantis.com
 
-#Make empty SSH key (populated later during real deployment)
-RUN rm -rf /etc/yum.repos.d/*; \
-    echo -e "\
-[nailgun]\n\
-name=Nailgun Local Repo\n\
-baseurl=http://$(route -n | awk '/^0.0.0.0/ { print $2 }'):_PORT_/repo/os/x86_64/\n\
-gpgcheck=0\n\
-[mos]\n\
-name=MOS Local Repo\n\
-baseurl=http://$(route -n | awk '/^0.0.0.0/ { print $2 }'):_PORT_/mos-repo/\n\
-gpgcheck=0" \
-        > /etc/yum.repos.d/nailgun.repo; \
-    yum clean expire-cache; \
-    yum update -y; \
-    mkdir -p /var/log/nailgun /root/.ssh; \
-    chmod 700 /root/.ssh; \
-    touch /root/.ssh/id_rsa.pub; \
-    chmod 600 /root/.ssh/id_rsa.pub; \
-    ln -s /etc/dnsmasq.conf /etc/cobbler.dnsmasq.conf
+ENV container docker
+ENV DOCKER_PORT _PORT_
+ENV EXTRA_RPM_REPOS _EXTRA_RPM_REPOS_
 
 ADD etc /etc
-ADD start.sh /usr/local/bin/start.sh
+ADD start.sh /usr/local/bin/
+ADD setup.sh /usr/local/bin/
 
-RUN echo -e "NETWORKING=yes\nHOSTNAME=$HOSTNAME" > /etc/sysconfig/network; \
-    /etc/init.d/httpd start; \
-    puppet apply --detailed-exitcodes -dv \
-        /etc/puppet/modules/nailgun/examples/cobbler-only.pp; \
-    [[ $? == 0 || $? == 2 ]]
-
-RUN echo -e "\
-[nailgun]\n\
-name=Nailgun Local Repo\n\
-baseurl=file:/var/www/nailgun/centos/x86_64\n\
-gpgcheck=0\n\
-[mos]\n\
-name=MOS Local Repo\n\
-baseurl=file:/var/www/nailgun/mos-centos/x86_64\n\
-gpgcheck=0" \
-        > /etc/yum.repos.d/nailgun.repo; \
-    yum clean all; \
-    chmod +x /usr/local/bin/start.sh
+RUN chmod +x /usr/local/bin/{setup,start}.sh
 
 EXPOSE 53 53/udp 67 67/udp 69/udp 80 443
+
 VOLUME /etc/cobbler
-CMD /usr/local/bin/start.sh
+
+CMD ["/usr/sbin/init"]
diff --git a/docker/cobbler/setup.sh b/docker/cobbler/setup.sh
@@ -0,0 +1,86 @@
+#!/bin/bash -xe
+
+rm -rf /etc/yum.repos.d/*
+
+cat << EOF > /etc/yum.repos.d/nailgun.repo
+[nailgun]
+name=Nailgun Local Repo
+baseurl=http://$(route -n | awk '/^0.0.0.0/ {print $2}'):${DOCKER_PORT}/repo/os/x86_64/
+gpgcheck=0
+
+[mos]
+name=MOS Local Repo
+baseurl=http://$(route -n | awk '/^0.0.0.0/ {print $2}'):${DOCKER_PORT}/mos-repo/
+gpgcheck=0
+EOF
+
+for repo in ${EXTRA_RPM_REPOS}; do
+  IFS=, read -a repo_args <<< "$repo"
+  cat << EOF >> /etc/yum.repos.d/nailgun.repo
+
+[extra-repo-${repo_args[0]}]
+name=MOS Extra Repo ${repo_args[0]}
+baseurl=http://$(route -n | awk '/^0.0.0.0/ {print $2}'):${DOCKER_PORT}/extra-repos/${repo_args[0]}
+gpgcheck=0
+EOF
+done
+
+yum clean expire-cache
+yum update -y
+
+
+ln -s /etc/dnsmasq.conf /etc/cobbler.dnsmasq.conf
+
+packages="httpd cobbler dnsmasq xinetd tftp-server"
+echo $packages | xargs -n1 yum install -y
+
+
+mkdir -p /etc/systemd/system/{httpd,cobblerd,tftp,dnsmasq,xinetd}.service.d/
+for srv in httpd cobblerd tftp dnsmasq xinetd; do
+cat << EOF > /etc/systemd/system/${srv}.service.d/restart.conf
+[Service]
+Restart=on-failure
+RestartSec=5
+EOF
+done
+
+systemctl enable httpd.service \
+	cobblerd.service \
+	tftp.service \
+	dnsmasq.service \
+	xinetd.service
+
+
+#Workaround for dnsmasq startup and create blank SSH key during build
+cat << EOF > /etc/sysconfig/network
+NETWORKING=yes
+HOSTNAME=$HOSTNAME
+EOF
+
+mkdir -p /root/.ssh
+chmod 700 /root/.ssh
+touch /root/.ssh/id_rsa.pub
+systemctl restart httpd.service
+
+
+systemctl daemon-reload
+puppet apply --debug --verbose --color false --detailed-exitcodes \
+  /etc/puppet/modules/nailgun/examples/cobbler-only.pp || [[ $? == 2 ]]
+
+
+cat << EOF > /etc/yum.repos.d/nailgun.repo
+[nailgun]
+name=Nailgun Local Repo
+baseurl=file:/var/www/nailgun/centos/x86_64
+gpgcheck=0
+
+[mos]
+name=MOS Local Repo
+baseurl=file:/var/www/nailgun/mos-centos/x86_64
+gpgcheck=0
+EOF
+
+yum clean all
+
+
+systemctl enable start-container.service
diff --git a/docker/cobbler/start.sh b/docker/cobbler/start.sh
@@ -19,23 +19,16 @@ if rpm -V cobbler-web | grep -q missing; then
   yum reinstall -q -y cobbler-web
 fi
 
-# Make sure services are not running (no pids, etc), puppet will
-# configure and bring them up.
-/etc/init.d/httpd stop
-/etc/init.d/xinetd stop
 
 # Run puppet to apply custom config
-puppet apply -v /etc/puppet/modules/nailgun/examples/cobbler-only.pp
-# Stop cobbler and dnsmasq
-/etc/init.d/dnsmasq stop
-/etc/init.d/cobblerd stop
-
-# Check if we have any dhcp-ranges configured in dnsmasq. If not, then
-# we need to create default dhcp-range for fuelweb_admin network that
-# was configured via fuelmenu and stored in /etc/fuel/astute.yaml
-ls /etc/dnsmasq.d/*.conf || \
-  puppet apply -d -v /etc/puppet/modules/nailgun/examples/dhcp-default-range.pp
-
-# Running services
-/etc/init.d/dnsmasq restart
-cobblerd -F
+systemctl daemon-reload
+
+puppet apply --debug --verbose --color false --detailed-exitcodes \
+  /etc/puppet/modules/nailgun/examples/cobbler-only.pp || [[ $? == 2 ]]
+
+puppet apply --debug --verbose --color false --detailed-exitcodes \
+  /etc/puppet/modules/nailgun/examples/dhcp-default-range.pp || [[ $? == 2 ]]
+
+
+systemctl enable dnsmasq
+systemctl restart dnsmasq
diff --git a/docker/fuel-centos-build/Dockerfile b/docker/fuel-centos-build/Dockerfile
@@ -1,23 +1,32 @@
 #fuel/centos-docker-build
-FROM centos:centos6
+FROM centos:centos7
 
 MAINTAINER Matthew Mosesohn mmosesohn@mirantis.com
 
-RUN echo -e "\
-[nailgun]\n\
-name=Nailgun Local Repo\n\
-baseurl=file:///repo/os/x86_64/\n\
-gpgcheck=0\n\
-[mos]\n\
-name=MOS Local Repo\n\
-baseurl=file:///mos-repo/\n\
-gpgcheck=0" \
-        > /etc/yum.repos.d/nailgun.repo
+ENV container docker
+ENV EXTRA_RPM_REPOS _EXTRA_RPM_REPOS_
+
+RUN yum -y update
+RUN yum clean all
+RUN yum -y install dbus
+
+RUN systemctl mask dev-mqueue.mount dev-hugepages.mount \
+    systemd-remount-fs.service sys-kernel-config.mount \
+    sys-kernel-debug.mount sys-fs-fuse-connections.mount \
+    display-manager.service graphical.target systemd-logind.service \
+    firewalld.service
+
+ADD dbus.service /etc/systemd/system/dbus.service
+RUN systemctl enable dbus.service
+
+RUN rm -f /etc/yum.repos.d/*
 
 ADD start.sh /usr/local/bin/
 ADD fuel-centos.ks /root/fuel-centos.ks
 
-RUN chmod +x /usr/local/bin/start.sh; \
-    touch /etc/sysconfig/network
+RUN chmod +x /usr/local/bin/start.sh
+
+# Set default target
+RUN systemctl set-default multi-user.target
 
-CMD /usr/local/bin/start.sh
+CMD  ["/usr/lib/systemd/systemd"]
diff --git a/docker/fuel-centos-build/dbus.service b/docker/fuel-centos-build/dbus.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=D-Bus System Message Bus
+Requires=dbus.socket
+After=syslog.target
+
+[Service]
+PIDFile=/var/run/messagebus.pid
+ExecStartPre=/bin/mkdir -p /var/run/dbus
+ExecStartPre=/bin/chmod g+w /var/run/ /var/run/dbus/
+ExecStart=/bin/dbus-daemon --system --fork
+ExecReload=/bin/dbus-send --print-reply --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig
+ExecStopPost=/bin/rm -f /var/run/messagebus.pid
+#OOMScoreAdjust=-900
+User=dbus
+Group=root
+PermissionsStartOnly=true
+
+[Install]
+WantedBy=multi-user.target