Move Dockerfiles into maas repo

- Move Dockerfile for MaaS region controller to this repo
- Move Dockerfile for MaaS rack controller to this repo
- Create Makefile with standard UCP entrypoints for image building
- Clean up chart to pass 'make lint'
- Update Dockerfiles to pin apt packages to explicit maas version

Change-Id: I4a540b16a4f75f4a1aae1eb9cfb1bb7a16de18d6

Makefile

@@ -0,0 +1,71 @@
+# Copyright 2017 AT&T Intellectual Property.  All other rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+MAAS_IMAGE_COMMON          ?= maas
+REGION_SUFFIX              ?= regiond
+REGION_IMG_DIR             ?= images/maas-region-controller
+RACK_SUFFIX                ?= rackd
+RACK_IMG_DIR               ?= images/maas-rack-controller
+IMAGE_PREFIX               ?= attcomdev
+IMAGE_TAG                  ?= latest
+HELM                       ?= helm
+PROXY                      ?= http://one.proxy.att.com:8080
+USE_PROXY                  ?= false
+
+# Build all docker images for this project
+.PHONY: images
+images: build_rack build_region
+
+# Create tgz of the chart
+.PHONY: charts
+charts: clean
+	$(HELM) dep up charts/maas
+	$(HELM) package charts/maas
+
+# Perform Linting
+.PHONY: lint
+lint: helm_lint
+
+# Dry run templating of chart
+.PHONY: dry-run
+dry-run: clean
+	tools/helm_tk.sh $(HELM)
+	$(HELM) template charts/maas
+
+# Make targets intended for use by the primary targets above.
+
+.PHONY: build_rack
+build_rack:
+ifeq ($(USE_PROXY), true)
+	docker build -t $(IMAGE_PREFIX)/$(MAAS_IMAGE_COMMON)-$(RACK_SUFFIX):$(IMAGE_TAG) -f $(RACK_IMG_DIR)/Dockerfile $(RACK_IMG_DIR) --build-arg http_proxy=$(PROXY) --build-arg https_proxy=$(PROXY)
+else
+	docker build -t $(IMAGE_PREFIX)/$(MAAS_IMAGE_COMMON)-$(RACK_SUFFIX):$(IMAGE_TAG) -f $(RACK_IMG_DIR)/Dockerfile $(RACK_IMG_DIR)
+endif
+
+.PHONY: build_region
+build_region:
+ifeq ($(USE_PROXY), true)
+	docker build -t $(IMAGE_PREFIX)/$(MAAS_IMAGE_COMMON)-$(REGION_SUFFIX):$(IMAGE_TAG) -f $(REGION_IMG_DIR)/Dockerfile $(REGION_IMG_DIR) --build-arg http_proxy=$(PROXY) --build-arg https_proxy=$(PROXY)
+else
+	docker build -t $(IMAGE_PREFIX)/$(MAAS_IMAGE_COMMON)-$(REGION_SUFFIX):$(IMAGE_TAG) -f $(REGION_IMG_DIR)/Dockerfile $(REGION_IMG_DIR)
+endif
+
+.PHONY: clean
+clean:
+	rm -rf build
+
+.PHONY: helm_lint
+helm_lint: clean
+	tools/helm_tk.sh $(HELM)
+	$(HELM) lint charts/maas

charts/maas/templates/bin/_register-rack-controller.sh

@@ -1,18 +0,0 @@
-#!/bin/bash
-
-set -x
-
-echo "register-rack-controller URL: ${MAAS_ENDPOINT}"
-
-# register forever
-while [ 1 ];
-do
-    if maas-rack register --url=${MAAS_ENDPOINT} --secret="${MAAS_REGION_SECRET}";
-    then
-        echo "Successfully registered with MaaS Region Controller"
-        break
-    else
-        echo "Unable to register with ${MAAS_ENDPOINT}... will try again"
-        sleep 10
-    fi;
-done;

charts/maas/templates/configmap-bin.yaml

@@ -36,4 +36,4 @@ data:
   export-api-key.sh: |
 {{ tuple "bin/_export-api-key.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
   register-rack-controller.sh: |
-{{ tuple "bin/_register-rack-controller.sh" . | include "helm-toolkit.utils.template" | indent 4 }}
+{{ tuple "bin/_register-rack-controller.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}

images/README.md

@@ -0,0 +1,132 @@
+[![Docker Repository on Quay](https://quay.io/repository/attcomdev/maas-rack/status "Docker Repository on Quay")](https://quay.io/repository/attcomdev/maas-region) Ubuntu MaaS Region Controller <br>
+[![Docker Repository on Quay](https://quay.io/repository/attcomdev/maas-rack/status "Docker Repository on Quay")](https://quay.io/repository/attcomdev/maas-rack) Ubuntu MaaS Rack Controller
+
+Overview
+==================
+
+The MaaS project attempts to build highly decoupled metal as a service containers for use on the Kubernetes platform.  Today, we only break the MaaS service into the traditional region and rack controllers and breaking it down further is a work in progress.
+
+Building Containers
+===================
+
+```
+$ make build
+```
+
+Launching on Kubernetes
+=======================
+
+This will create the bridge necessary for MaaS provisioning (fixed with the name 'maas' rigt now) and launch the region controller 
+and rack controller containers on kubernetes using kubectl by leveraging the YAML manifests in maas/deployments. 
+
+```
+$ make kuber_bridge
+ ...
+ 
+$ make kuber_deploy
+ sudo kubectl create -f deployment/maas-service.yaml
+ service "maas-region-ui" created
+ sudo kubectl create -f deployment/maas-region-deployment.yaml
+ deployment "maas-region" created
+ sudo kubectl create -f deployment/maas-rack-deployment.yaml
+ deployment "maas-rack" created
+
+```
+
+The provisioning network is fixed (and configured by kuber_bridge) as 10.7.200.0/24. To connect
+external physical hardware to this network, simply place the network interface into the maas bridge, e.g:
+
+```
+brctl addif maas eth1
+```
+
+To destroy the kubernetes resources, you can run:
+
+```
+$ make kuber_clean
+ sudo kubectl delete deployment maas-region
+ deployment "maas-region" deleted
+ sudo kubectl delete deployment maas-rack
+ deployment "maas-rack" deleted
+ sudo kubectl delete service maas-region-ui
+ service "maas-region-ui" deleted
+
+```
+
+Once the region controller comes up, and you can login as admin/admin, you must configure a gateway within the UI on the
+10.7.200.0 network, setting that to 10.7.200.1.  You must also enable DHCP and set the primary rack controller to the 
+maas rack container booted (it will be a drop down choice).  This will eventually be automated.
+
+Running Containers
+==================
+
+```
+$ make run_region
+ sudo docker run -d -p 7777:80 -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --name maas-region-controller maas-region:dockerfile
+d7462aabf4d8982621c30d7df36adf6c3e0f634701c0a070f7214301829fa92e
+```
+
+```
+$ make run_rack
+ sudo docker run -d -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --name maas-rack-controller maas-rack:dockerfile	
+fb36837cd68e56356cad2ad853ae517201ee3349fd1f80039185b71d052c5326
+```
+
+Region Bootstrap
+================
+
+The `scripts/create-provision-network.sh` script attempts to bootstrap both an admin user (with the password admin) but also creates a maas provisioning network matching the docker default, namely 172.16.86.0/24.  Turning this into a more configurable setting and also allowing for a dedicated provisioning network that can be plugged in via bridging to an actual physical network is a work in progress.  However, with the calls we do make you should be able to see the rack controller connected with an active dhcpd process running in the UI.
+
+Retrieving Region Controller Details
+====================================
+
+Note that retrieving the API key may not be possible as MaaS region initialization is
+delayed within the containers init startup.  It may take 60 seconds or so in order
+to retrieve the API key, during which you may see the following message:
+
+```
+$ make get_region_api_key
+ sudo docker exec maas-region-controller maas-region-admin apikey --username maas
+WARNING: The maas-region-admin command is deprecated and will be removed in a future version. From now on please use 'maas-region' instead.
+CommandError: User does not exist.
+make: *** [get_region_api_key] Error 1
+```
+
+When the API is up and the admin user registered you will see the following:
+
+```
+$ make get_region_api_key
+ sudo docker exec maas-region-controller maas-region apikey --username admin
+ksKQbjtTzjZrZy2yP7:jVq2g4x5FYdxDqBQ7P:KGfnURCrYSKmGE6k2SXWk4QVHVSJHBfr
+```
+
+You can also retrieve the region secret and IP address, used to initialize the 
+rack controller:
+
+```
+$ make get_region_secret
+ sudo docker exec maas-region-controller cat /var/lib/maas/secret && echo
+2036ba7575697b03d73353fc72a01686
+```
+
+```
+$ make get_region_ip_address
+ sudo docker inspect --format '{{ .NetworkSettings.Networks.bridge.IPAddress }}' maas-region-controller
+172.16.86.4
+```
+
+Link Rack and Region
+====================
+
+Finally, with the output above we can link the region controller with the rack controller
+by feeding the rack controller the endpoint and secret it requires.  Shortly after MaaS
+will initiate an image sync with the rack.
+
+```
+$ make register_rack -e URL=http://172.16.84.4 SECRET=2036ba7575697b03d73353fc72a01686
+sudo docker exec maas-rack-controller maas-rack register --url http://172.16.84.4 --secret 2036ba7575697b03d73353fc72a01686
+alan@hpdesktop:~/Workbench/att/attcomdev/dockerfiles/maas$ 
+```
+
+Finally, to access your MaaS UI, visit http://172.0.0.1:7777/MAAS/ and login as admin/admin.
+

images/maas-rack-controller/Dockerfile

@@ -0,0 +1,44 @@
+FROM ubuntu:16.04
+
+ENV DEBIAN_FRONTEND noninteractive
+ENV container docker
+
+# Don't start any optional services except for the few we need.
+RUN find /etc/systemd/system \
+         /lib/systemd/system \
+         -path '*.wants/*' \
+         -not -name '*journald*' \
+         -not -name '*systemd-tmpfiles*' \
+         -not -name '*systemd-user-sessions*' \
+         -exec rm \{} \;
+RUN systemctl set-default multi-user.target
+
+# everything else below is to setup maas into the systemd initialized
+# container based on ubuntu 16.04
+RUN apt-get -qq update && \
+    apt-get -y install sudo software-properties-common
+
+# TODO(alanmeadows)
+# we need systemd 231 per https://github.com/systemd/systemd/commit/a1350640ba605cf5876b25abfee886488a33e50b
+#RUN add-apt-repository ppa:pitti/systemd -y && add-apt-repository ppa:maas/stable -y && apt-get update
+RUN apt-get install -y systemd
+
+# install syslog and enable it
+RUN apt-get install -y rsyslog
+RUN systemctl enable rsyslog.service
+
+# install maas
+RUN rsyslogd; apt-get install -y maas-cli=2.2.2-6099-g8751f91-0ubuntu1~16.04.1 maas-rack-controller=2.2.2-6099-g8751f91-0ubuntu1~16.04.1
+
+COPY scripts/register-rack-controller.sh /usr/local/bin
+RUN chmod +x /usr/local/bin/register-rack-controller.sh
+
+# register ourselves with the region controller
+COPY scripts/register-rack-controller.service /lib/systemd/system/register-rack-controller.service
+RUN systemctl enable register-rack-controller.service
+
+RUN mv /usr/sbin/tcpdump /usr/bin/tcpdump
+RUN ln -s /usr/bin/tcpdump /usr/sbin/tcpdump
+
+# initalize systemd
+CMD ["/sbin/init"]

images/maas-rack-controller/README.md

@@ -0,0 +1 @@
+[![Docker Repository on Quay](https://quay.io/repository/attcomdev/maas-rack/status "Docker Repository on Quay")](https://quay.io/repository/attcomdev/maas-rack) Ubuntu MaaS Rack Controller

images/maas-rack-controller/scripts/register-rack-controller.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=Register with MaaS Region Controller
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+Type=oneshot
+PassEnvironment=MAAS_ENDPOINT MAAS_REGION_SECRET
+ExecStart=/usr/local/bin/register-rack-controller.sh
+
+[Install]
+WantedBy=multi-user.target

images/maas-rack-controller/scripts/register-rack-controller.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+# show env
+env > /tmp/env
+
+echo "register-rack-controller URL: ${MAAS_ENDPOINT}"
+
+# note the secret must be a valid hex value
+
+# register forever
+while [ 1 ];
+do
+    if maas-rack register --url=http://${MAAS_ENDPOINT}/MAAS --secret="${MAAS_REGION_SECRET}";
+    then
+        echo "Successfully registered with MaaS Region Controller"
+        break
+    else
+        echo "Unable to register with http://${MAAS_ENDPOINT}/MAAS... will try again"
+        sleep 10
+    fi;
+
+done;

images/maas-region-controller/Dockerfile

@@ -0,0 +1,56 @@
+FROM ubuntu:16.04
+
+ENV DEBIAN_FRONTEND noninteractive
+ENV container docker
+ENV MAAS_VERSION 2.2.2-6099-g8751f91-0ubuntu1~16.04.1
+
+# Don't start any optional services except for the few we need.
+RUN find /etc/systemd/system \
+         /lib/systemd/system \
+         -path '*.wants/*' \
+         -not -name '*journald*' \
+         -not -name '*systemd-tmpfiles*' \
+         -not -name '*systemd-user-sessions*' \
+         -exec rm \{} \;
+RUN systemctl set-default multi-user.target
+
+# everything else below is to setup maas into the systemd initialized
+# container based on ubuntu 16.04
+RUN apt-get -qq update && \
+    apt-get -y install sudo software-properties-common
+
+# TODO(alanmeadows)
+# we need systemd 231 per https://github.com/systemd/systemd/commit/a1350640ba605cf5876b25abfee886488a33e50b
+#RUN add-apt-repository ppa:pitti/systemd -y && add-apt-repository ppa:maas/stable -y && apt-get update
+RUN apt-get install -y systemd
+
+# install syslog and enable it
+RUN apt-get install -y rsyslog
+RUN systemctl enable rsyslog.service
+
+# install maas
+RUN rsyslogd; apt-get install -y maas-cli=$MAAS_VERSION \
+    maas-dns=$MAAS_VERSION \
+    maas-region-api=$MAAS_VERSION \
+    avahi-utils \
+    dbconfig-pgsql=2.0.4ubuntu1 \
+    iputils-ping \
+    postgresql \
+    tcpdump \
+    python3-pip
+
+
+RUN apt-get download maas-region-controller=$MAAS_VERSION && \
+# remove postinstall script in order to avoid db_sync
+    dpkg-deb --extract maas-region-controller*.deb maas-region-controller && \
+    dpkg-deb --control maas-region-controller*.deb maas-region-controller/DEBIAN && \
+    rm maas-region-controller/DEBIAN/postinst && \
+    dpkg-deb --build maas-region-controller && \
+    dpkg -i maas-region-controller.deb && \
+    pg_dropcluster --stop 9.5 main
+
+# potentially used to calculate cidrs
+# RUN pip3 install netaddr
+
+# initalize systemd
+CMD ["/sbin/init"]

images/maas-region-controller/README.md

@@ -0,0 +1 @@
+[![Docker Repository on Quay](https://quay.io/repository/attcomdev/maas-rack/status "Docker Repository on Quay")](https://quay.io/repository/attcomdev/maas-region) Ubuntu MaaS Region Controller

tools/helm_tk.sh

@@ -0,0 +1,65 @@
+#!/bin/bash
+# Copyright 2017 AT&T Intellectual Property.  All other rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Script to setup helm-toolkit and helm dep up the shipyard chart
+#
+HELM=$1
+HTK_REPO=${HTK_REPO:-"https://github.com/openstack/openstack-helm"}
+HTK_PATH=${HTK_PATH:-""}
+DEP_UP_LIST=${DEP_UP_LIST:-"maas"}
+
+if [[ ! -z $(echo $http_proxy) ]]
+then
+  export no_proxy=$no_proxy,127.0.0.1
+fi
+
+set -x
+
+function helm_serve {
+  if [[ -d "$HOME/.helm" ]]; then
+     echo ".helm directory found"
+  else
+     ${HELM} init --client-only
+  fi
+  if [[ -z $(curl -s 127.0.0.1:8879 | grep 'Helm Repository') ]]; then
+     ${HELM} serve & > /dev/null
+     while [[ -z $(curl -s 127.0.0.1:8879 | grep 'Helm Repository') ]]; do
+        sleep 1
+        echo "Waiting for Helm Repository"
+     done
+  else
+     echo "Helm serve already running"
+  fi
+
+  if ${HELM} repo list | grep -q "^stable" ; then
+     ${HELM} repo remove stable
+  fi
+
+  ${HELM} repo add local http://localhost:8879/charts
+}
+
+mkdir -p build
+pushd build
+git clone --depth 1 $HTK_REPO || true
+pushd openstack-helm/$HTK_PATH
+
+git pull
+helm_serve
+make helm-toolkit
+popd && popd
+for c in $DEP_UP_LIST
+do
+  ${HELM} dep up charts/$c
+done