From 3381154fafb7fa4f0a61d538f7c2550e48247787 Mon Sep 17 00:00:00 2001 From: Pierre-Luc Dion Date: Sun, 26 Jul 2015 09:33:14 -0400 Subject: [PATCH] initial dockerization commit. 1. update injectkeys.sh to work into restricted container 2. move previous dockerfiles into tools/docker 3. dockerfiles for management-server on centos and marvin CLOUDSTACK-8249 Signed-off-by: Pierre-Luc Dion --- Dockerfile | 37 ------- scripts/vm/systemvm/injectkeys.sh | 14 ++- tools/docker/Dockerfile | 59 +++++++++++ tools/docker/Dockerfile.centos6 | 50 +++++++++ tools/docker/Dockerfile.marvin | 40 +++++++ tools/docker/README.md | 100 ++++++++++++++++++ tools/docker/init.sh_centos6 | 50 +++++++++ .../docker/supervisord.conf | 4 +- 8 files changed, 310 insertions(+), 44 deletions(-) delete mode 100644 Dockerfile create mode 100644 tools/docker/Dockerfile create mode 100644 tools/docker/Dockerfile.centos6 create mode 100644 tools/docker/Dockerfile.marvin create mode 100644 tools/docker/README.md create mode 100755 tools/docker/init.sh_centos6 rename supervisord.conf => tools/docker/supervisord.conf (75%) diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 66862cce95a..00000000000 --- a/Dockerfile +++ /dev/null @@ -1,37 +0,0 @@ -FROM ubuntu:14.04 - -RUN apt-get -y update && apt-get install -y \ - genisoimage \ - git \ - maven \ - openjdk-7-jdk \ - python-dev \ - python-setuptools \ - python-pip \ - supervisor - -RUN echo 'mysql-server mysql-server/root_password password root' | debconf-set-selections; \ - echo 'mysql-server mysql-server/root_password_again password root' | debconf-set-selections; - -RUN apt-get install -qqy mysql-server && \ - apt-get clean all - -RUN (/usr/bin/mysqld_safe &); sleep 5; mysqladmin -u root -proot password '' - -RUN pip install --allow-external mysql-connector-python mysql-connector-python - -COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf -COPY . ./root -WORKDIR /root - -RUN mvn -Pdeveloper -Dsimulator -DskipTests clean install - -RUN (/usr/bin/mysqld_safe &); \ - sleep 3; \ - mvn -Pdeveloper -pl developer -Ddeploydb; \ - mvn -Pdeveloper -pl developer -Ddeploydb-simulator; \ - pip install tools/marvin/dist/Marvin-4.6.0-SNAPSHOT.tar.gz - -EXPOSE 8080 - -CMD ["/usr/bin/supervisord"] diff --git a/scripts/vm/systemvm/injectkeys.sh b/scripts/vm/systemvm/injectkeys.sh index cd5d9f9a06c..f69e33168d7 100755 --- a/scripts/vm/systemvm/injectkeys.sh +++ b/scripts/vm/systemvm/injectkeys.sh @@ -85,10 +85,14 @@ systemvmpath=$3 command -v mkisofs > /dev/null || (echo "$(basename $0): mkisofs not found, please install or ensure PATH is accurate" ; exit 4) -inject_into_iso systemvm.iso $newpubkey - -[ $? -ne 0 ] && exit 5 - -copy_priv_key $newprivkey +# if running into Docker as unprivileges, skip ssh verification as iso cannot be mounted. +if [ -e /dev/loop0 ]; then + inject_into_iso systemvm.iso $newpubkey + [ $? -ne 0 ] && exit 5 + copy_priv_key $newprivkey +else + # this mean it's a docker instance, ssh key cannot be verify. + echo "No loop device found, skipping ssh key insertion in systemvm.iso" +fi exit $? diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile new file mode 100644 index 00000000000..d43d9a375ae --- /dev/null +++ b/tools/docker/Dockerfile @@ -0,0 +1,59 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +# CloudStack-simulator build + +FROM ubuntu:14.04 + +MAINTAINER "Apache CloudStack" +LABEL Vendor="Apache.org" License="ApacheV2" Version="4.6.0" + +RUN apt-get -y update && apt-get install -y \ + genisoimage \ + git \ + maven \ + openjdk-7-jdk \ + python-dev \ + python-setuptools \ + python-pip \ + supervisor + +RUN echo 'mysql-server mysql-server/root_password password root' | debconf-set-selections; \ + echo 'mysql-server mysql-server/root_password_again password root' | debconf-set-selections; + +RUN apt-get install -qqy mysql-server && \ + apt-get clean all + +RUN (/usr/bin/mysqld_safe &); sleep 5; mysqladmin -u root -proot password '' + +RUN pip install --allow-external mysql-connector-python mysql-connector-python + +COPY tools/docker/supervisord.conf /etc/supervisor/conf.d/supervisord.conf +COPY . ./root +WORKDIR /root + +RUN mvn -Pdeveloper -Dsimulator -DskipTests clean install + +RUN (/usr/bin/mysqld_safe &); \ + sleep 3; \ + mvn -Pdeveloper -pl developer -Ddeploydb; \ + mvn -Pdeveloper -pl developer -Ddeploydb-simulator; \ + pip install tools/marvin/dist/Marvin-4.6.0-SNAPSHOT.tar.gz + +EXPOSE 8080 8096 + +CMD ["/usr/bin/supervisord"] diff --git a/tools/docker/Dockerfile.centos6 b/tools/docker/Dockerfile.centos6 new file mode 100644 index 00000000000..459301452c6 --- /dev/null +++ b/tools/docker/Dockerfile.centos6 @@ -0,0 +1,50 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +FROM centos:6 + +MAINTAINER "Apache CloudStack" +LABEL Vendor="Apache.org" License="ApacheV2" Version="4.6.0" + +ENV PKG_URL=http://jenkins.buildacloud.org/job/package-rhel63-master/lastSuccessfulBuild/artifact/dist/rpmbuild/RPMS/x86_64 + +# install CloudStack +RUN yum install -y \ + ${PKG_URL}/cloudstack-common-4.6.0-SNAPSHOT.el6.x86_64.rpm \ + ${PKG_URL}/cloudstack-management-4.6.0-SNAPSHOT.el6.x86_64.rpm + +RUN cd /etc/cloudstack/management; \ + ln -s tomcat6-nonssl.conf tomcat6.conf; \ + ln -s server-nonssl.xml server.xml; \ + ln -s log4j-cloud.xml log4j.xml +COPY init.sh_centos6 /root/init.sh + +RUN yum clean all + +RUN sed -i "s/cluster.node.IP=.*/cluster.node.IP=localhost/" /etc/cloudstack/management/db.properties + +EXPOSE 8080 8250 8096 45219 9090 8787 +# Ports: +# 8080: webui, api +# 8250: systemvm communication +# 8096: api port without authentication(default=off) +# Troubleshooting ports: +# 8787: CloudStack (Tomcat) debug socket +# 9090: Cloudstack Management Cluster Interface +# 45219: JMX console + +CMD ["/root/init.sh"] \ No newline at end of file diff --git a/tools/docker/Dockerfile.marvin b/tools/docker/Dockerfile.marvin new file mode 100644 index 00000000000..20dc56e8605 --- /dev/null +++ b/tools/docker/Dockerfile.marvin @@ -0,0 +1,40 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +# +# build for cloudstack_home_dir not this folder +FROM python:2 + +MAINTAINER "Apache CloudStack" +LABEL Vendor="Apache.org" License="ApacheV2" Version="4.6.0" + +ENV WORK_DIR=/marvin + +ENV PKG_URL=http://jenkins.buildacloud.org/job/cloudstack-marvin-master/lastSuccessfulBuild/artifact/tools/marvin/dist/Marvin-4.6.0-SNAPSHOT.tar.gz + +RUN pip install --upgrade paramiko nose requests +RUN pip install --allow-external mysql-connector-python mysql-connector-python +RUN pip install ${PKG_URL} + +RUN mkdir -p ${WORK_DIR} +COPY setup/dev ${WORK_DIR}/dev +COPY tools/marvin/marvin ${WORK_DIR}/marvin +COPY test/integration ${WORK_DIR}/integration + +WORKDIR ${WORK_DIR} + +CMD /bin/bash \ No newline at end of file diff --git a/tools/docker/README.md b/tools/docker/README.md new file mode 100644 index 00000000000..b5c798cc693 --- /dev/null +++ b/tools/docker/README.md @@ -0,0 +1,100 @@ +# Docker Files for Apache CloudStack + +Dockerfiles used to build CloudStack images available on Docker hub. + + +## Using images from docker-hub + + +### CloudStack Simulator + +CloudStack Simulator if a all on one CloudStack Build including the simulator that mimic Hypervisor. This is usefull to test CloudStack API behavior without having to deploy real hypervisor nodes. CloudStack Simulator is used for tests and CI. + +``` +docker pull cloudstack/simulator +docker run --name simulator -p 8080:8080 -d cloudstack/simulator +``` + +### CloudStack Management-server + +``` +docker pull mysql:5.5 +docker pull cloudstack/management_centos6 +docker run --name cloudstack-mysql -e MYSQL_ROOT_PASSWORD=password -d mysql:5.5 +docker run -ti --name cloudstack --link cloudstack-mysql:mysql -d -p 8080:8080 -p 8250:8250 cloudstack/management_centos6 +``` + +### Marvin + +Use marvin to deploy or test your CloudStack environment. +Use Marvin with cloudstack connection thru the API port (8096) + +``` +docker pull cloudstack/marvin +docker run -ti --rm --name marvin --link simulator:8096 cloudstack/marvin +``` + +Deploy Cloud using marvin: + +``` +docker run -ti --rm --link simulator:8096 cloudstack/marvin python /root/tools/marvin/marvin/deployDataCenter.py -i /root/setup/dev/advanced.cfg +``` + +Perform Smoke tests against CloudStack Simulator containter: +``` +docker run -ti --rm --link simulator:8096 \ + nosetests-2.7 -v --with-marvin \ + --marvin-config=dev/advanced.cfg \ + --with-xunit \ + --xunit-file=xunit.xml \ + -a tags=advanced,required_hardware=false \ + --zone=Sandbox-simulator \ + --hypervisor=simulator \ + -w integration/smoke +``` + +# How to build images + +Image provide by CloudStack are automatically build by Jenkins performing following tasks: + + +### CentOS 6 + +CentOS 6 image use RPM's from jenkins.buildacloud.org +tag:latest = master branch + +1. build the base image + + ``` + docker build -f Dockerfile.centos6 -t cloudstack/management_centos6 . + ``` + +2. on jenkins, database and systemvm.iso are pre-deployed. the inital start require privileged container to + mount systemvm.iso and copy ssh_rsa.pub into it. + + ``` + docker run --name cloudstack-mysql -e MYSQL_ROOT_PASSWORD=password -d mysql:5.5 + docker run --privileged --link cloudstack-mysql:mysql -d --name cloudstack cloudstack/management_centos6 + sleep 300 + docker exec cloudstack /etc/init.d/cloudstack-management stop + docker stop cloudstack + docker commit -m "init system.iso" -a "Apache CloudStack" cloudstack cloudstack/management_centos6 + ``` + +### Marvin + +Build Marvin container usable to deploy cloud in the CloudStack management server container. + +1. to build the image + + ``` + docker build -f Dockerfile.marvin -t cloudstack/marvin ../.. + ``` + +### Simulator + +Build CloudStack with Simulator. this image is an all on one, including the database. Build from source using maven. + +``` +docker build -f Dockerfile -t cloudstack/simulator ../.. +``` \ No newline at end of file diff --git a/tools/docker/init.sh_centos6 b/tools/docker/init.sh_centos6 new file mode 100755 index 00000000000..423808fe554 --- /dev/null +++ b/tools/docker/init.sh_centos6 @@ -0,0 +1,50 @@ +#!/bin/bash +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +# update database connection +# start cloudstack-management server +#/usr/bin/cloudstack-setup-databases cloud:password@$MYSQL_PORT_3306_TCP_ADDR + +# initial startup of the container to generage ssh_key +# performed as privileged +if [ ! -d /var/cloudstack/management/.ssh ]; then + mknod /dev/loop6 -m0660 b 7 6 +fi +sleep 5 + +mysql -p"$MYSQL_ENV_MYSQL_ROOT_PASSWORD" -h"$MYSQL_PORT_3306_TCP_ADDR" \ + -e "show databases;"|grep -q cloud + +case $? in + 1) + echo "deploying new cloud databases" + cloudstack-setup-databases cloud:password@${MYSQL_PORT_3306_TCP_ADDR} \ + --deploy-as=root:${MYSQL_ENV_MYSQL_ROOT_PASSWORD} -i localhost + ;; + 0) + echo "using existing databases" + cloudstack-setup-databases cloud:password@${MYSQL_PORT_3306_TCP_ADDR} + ;; + *) + echo "cannot access database" + exit 12 + ;; +esac + +service cloudstack-management start +tail -f /var/log/cloudstack/management/catalina.out diff --git a/supervisord.conf b/tools/docker/supervisord.conf similarity index 75% rename from supervisord.conf rename to tools/docker/supervisord.conf index a3e454bcd7e..fe1575be0df 100644 --- a/supervisord.conf +++ b/tools/docker/supervisord.conf @@ -10,6 +10,6 @@ user=root [program:cloudstack] command=/bin/bash -c "mvn -pl client jetty:run -Dsimulator" directory=/root -stderr_logfile=/var/log/acs.err.log -stdout_logfile=/var/log/acs.out.log +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 user=root