A data container is meant to operate without bindmounts.
Change-Id: I2624a63fd75db7ed8050054c17e19885f8a7ac8a
Co-Authored-By: Daneyon Hansen (danehans@cisco.com)
A data volume container is far superior to bind mounting the
host's shared directories. It preserves the idempotency,
immutability and declarative properties of the containers.
The way this works in practice is that a data volume container is
created. Then when the containers start they use LVM to access
the filesystem where /var/lib/docker is contained. Then the
container startup logic bindmounts the data volume stored on the
host filesystem in /var/lib/docker/vfs/dir/ID. This prevents
people with access to the host operating system from damaging
the contents of the data container.
It does mean that now we must use tools/stop to stop our containers
rather than tools/cleanup-containers -f.
This is a containers best practice. For more details see:
https://docs.docker.com/userguide/dockervolumes/
Big credit goes to Danyeon Hansen for seeding this idea in the
mariadb containers.
Note occasionally docker-compose start/stop seems to not want to stop
a container. This bug needs to be addressed upstream separately
from our utilization of this best practice.
Change-Id: Iaa1419f606e1b1b7a7560a095c49e79d643164f1
Previously, the nwfilter daemon/conf pkgs would need to be
installed on the host. Compose would then mount the host DIR
to the compute containers. A more efficient approach is to simply
install the nwfilter config/daemon in the libvirt container. Both
appoaches address the following error when booting an instance:
'no-mac-spoofing' is missing
Change-Id: I81b446d198920473bf99b97ef5eac6ef5ee85024
The Horizon dashboard was not working properly prior to this work.
Also a docker-compose file was added to start the dashboard.
Change-Id: I8a438c15b967b0cec00bfe44b997f833bf745191
Generate Heat environment variables.
Rename yml file to api and engine to follow other service conventions.
Add heat to compose/start
Modify integration guide to include new variables.
Change-Id: I058d829901881e28d6f4785f59fcf778058241e4
Without pid: host, nova-compute and libvirt fail to operate correctly
together. I don't understand why, and I wish it weren't so, but it means
folks will have to install docker-compose from my personal github account
until the pull request is merged upstream.
Change-Id: I24e55405139c831f2df246f54c5b6fd39d00656a
Previously, the database container was configured for use with
Kubernetes. This patch removed any k8s dependencies, adds a script
to manage mysql server.cnf settings and splits data and app
containers. Splitting the containers provides additional
portability and operational efficiencies compared to host mounts.
Change-Id: I80656450c02dda5f2959d187eec20d5877dc54a2
Rename them `genenv` and `start`.
Have `genenv` create the openrc file in the top-level directory.
Add openrc and compose/openstack.env to gitignore, as well as *.img.
Change-Id: I5d8006e97efd77cf364215f55d5e585139ae273e
The latest keystone container parses the keystone admin port environment
variable. This script was setting it incorrectly.
Change-Id: I0d85e5266e5198e47b77906639bc121cd1e6d1f5
This change proposes a minimal openstack deployment stood up using
docker-compose. Included is a script to generate the necessary
environment variables for use by the containers as well as an
'openrc'. There is also a script which demonstrates starting the
included services.
We have this working locally using patched containers and can start
instances with networking etc. However, there are several changes
required to various containers that will need to be made to get this
working. We are also using Steven Dake's patches to docker-compose to
allow the use of pid=host. I propose we either merge this change or
build changes on top of this to get a functioning installation.
Co-authored-by: Ryan Hallisey <rhallise@redhat.com>
Change-Id: I5e6051054d31edf9840c3a22502d4a7963893f29
To follow the model of container sets, net will be set to
host so that containers will not need to be linked together.
All enviroment variables will come from 'openstack.env'.
Co-authored-by: Ian Main <imain@redhat.com>
Change-Id: Ifdb0f146ff82c0fedb09255f6e1955ecdc435444
This provides a nova compute 3 container set.
Implements; blueprint container-set-compute-operation-nova
Change-Id: Ied4a0bece57eedeb680d520ea7c8393d24c89f0a
