kolla-ansible/docker/nova/nova-base/Dockerfile.j2

FROM {{ namespace }}/{{ image_prefix }}openstack-base:{{ tag }}
MAINTAINER {{ maintainer }}

{% if install_type == 'binary' %}
    {% if base_distro in ['centos', 'fedora', 'oraclelinux', 'rhel'] %}

# TODO(mandre) remove python-oslo-policy once RDO package is fixed
# https://github.com/openstack-packages/nova/blob/rpm-master/openstack-nova.spec
# https://review.gerrithub.io/#/c/255435/
RUN yum -y install \
        openstack-nova-common \
        python-keystoneclient \
        python-cinderclient \
        python-oslo-policy \
        bridge-utils \
    && yum clean all

    {% elif base_distro in ['ubuntu'] %}

RUN apt-get install -y --no-install-recommends \
        nova-common \
        python-nova \
        bridge-utils \
    && apt-get clean

    {% endif %}
{% elif install_type == 'source' %}
    {% if base_distro in ['centos', 'fedora', 'oraclelinux', 'rhel'] %}

RUN yum -y install bridge-utils \
    && yum clean all

    {% elif base_distro in ['ubuntu', 'debian'] %}

RUN apt-get install -y --no-install-recommends \
        iptables \
        ebtables \
        dnsmasq \
        bridge-utils \
        python-libvirt \
        openssh-client \
        openvswitch-switch \
     && apt-get clean

    {% endif %}

ADD nova-base-archive /nova-base-source
RUN ln -s nova-base-source/* nova \
    && useradd --user-group nova \
    && /var/lib/kolla/venv/bin/pip --no-cache-dir install --upgrade -c requirements/upper-constraints.txt /nova \
    && mkdir -p /etc/nova /var/log/nova /home/nova /var/lib/nova \
    && cp -r /nova/etc/nova/* /etc/nova/ \
    && chown -R nova: /etc/nova /var/log/nova /home/nova /var/lib/nova \
    && sed -i 's|^exec_dirs.*|exec_dirs=/var/lib/kolla/venv/bin,/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin|g' /etc/nova/rootwrap.conf

COPY nova_sudoers /etc/sudoers.d/nova_sudoers
RUN chmod 750 /etc/sudoers.d \
    && chmod 440 /etc/sudoers.d/nova_sudoers

{% endif %}

RUN usermod -a -G kolla nova