maas/images
Jerome Brette bfa8c97d3a Update Dockerfile to allow override of FROM variable
l is to let user customize the base image of the component
by passing FROM=myimage during the build process. This would let any
project leveraging Airship ensure that the base image is matching the
security requirements for that project and still use the same Dockerfile.
This will also ease the control of the /etc/apt/source.list
and thereby the result of apt-get update/upgrade procedure.
2. The above goal is achievable by using docker-ce feature such as:
ARG FROM="defaultbaseimage:xx"
FROM ${FROM}
For this reason, the installation of docker.io in the Zuul gating is beeing
replaced by docker-ce.
3. Third Goal is to bring consistency with the other compoenents leveraging
Helm such as the openstack-helm and potentially use bindep the same way
the LOCI images are to ensure
4. The new syntax in the Dockerfile is still commented out until the associated
image builder have been updated to use docker-ce as they have been for the LOCI
images.

Change-Id: I9a9d63329bea2b562f297705dc51661896a592f2
2018-07-17 16:36:20 -05:00
..
maas-rack-controller Update Dockerfile to allow override of FROM variable 2018-07-17 16:36:20 -05:00
maas-region-controller Update Dockerfile to allow override of FROM variable 2018-07-17 16:36:20 -05:00
sstream-cache Update Dockerfile to allow override of FROM variable 2018-07-17 16:36:20 -05:00
README.md (zuul) Basic zuul gates 2018-06-01 11:57:45 -05:00

Docker Repository on Quay Ubuntu MaaS Region Controller
Docker Repository on Quay Ubuntu MaaS Rack Controller

Overview

The MaaS project attempts to build highly decoupled metal as a service containers for use on the Kubernetes platform. Today, we only break the MaaS service into the traditional region and rack controllers and breaking it down further is a work in progress.

Building Containers

$ make build

Launching on Kubernetes

This will create the bridge necessary for MaaS provisioning (fixed with the name 'maas' rigt now) and launch the region controller and rack controller containers on kubernetes using kubectl by leveraging the YAML manifests in maas/deployments.

$ make kuber_bridge
 ...

$ make kuber_deploy
 sudo kubectl create -f deployment/maas-service.yaml
 service "maas-region-ui" created
 sudo kubectl create -f deployment/maas-region-deployment.yaml
 deployment "maas-region" created
 sudo kubectl create -f deployment/maas-rack-deployment.yaml
 deployment "maas-rack" created

The provisioning network is fixed (and configured by kuber_bridge) as 10.7.200.0/24. To connect external physical hardware to this network, simply place the network interface into the maas bridge, e.g:

brctl addif maas eth1

To destroy the kubernetes resources, you can run:

$ make kuber_clean
 sudo kubectl delete deployment maas-region
 deployment "maas-region" deleted
 sudo kubectl delete deployment maas-rack
 deployment "maas-rack" deleted
 sudo kubectl delete service maas-region-ui
 service "maas-region-ui" deleted

Once the region controller comes up, and you can login as admin/admin, you must configure a gateway within the UI on the 10.7.200.0 network, setting that to 10.7.200.1. You must also enable DHCP and set the primary rack controller to the maas rack container booted (it will be a drop down choice). This will eventually be automated.

Running Containers

$ make run_region
 sudo docker run -d -p 7777:80 -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --name maas-region-controller maas-region:dockerfile
d7462aabf4d8982621c30d7df36adf6c3e0f634701c0a070f7214301829fa92e
$ make run_rack
 sudo docker run -d -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --name maas-rack-controller maas-rack:dockerfile
fb36837cd68e56356cad2ad853ae517201ee3349fd1f80039185b71d052c5326

Region Bootstrap

The scripts/create-provision-network.sh script attempts to bootstrap both an admin user (with the password admin) but also creates a maas provisioning network matching the docker default, namely 172.16.86.0/24. Turning this into a more configurable setting and also allowing for a dedicated provisioning network that can be plugged in via bridging to an actual physical network is a work in progress. However, with the calls we do make you should be able to see the rack controller connected with an active dhcpd process running in the UI.

Retrieving Region Controller Details

Note that retrieving the API key may not be possible as MaaS region initialization is delayed within the containers init startup. It may take 60 seconds or so in order to retrieve the API key, during which you may see the following message:

$ make get_region_api_key
 sudo docker exec maas-region-controller maas-region-admin apikey --username maas
WARNING: The maas-region-admin command is deprecated and will be removed in a future version. From now on please use 'maas-region' instead.
CommandError: User does not exist.
make: *** [get_region_api_key] Error 1

When the API is up and the admin user registered you will see the following:

$ make get_region_api_key
 sudo docker exec maas-region-controller maas-region apikey --username admin
ksKQbjtTzjZrZy2yP7:jVq2g4x5FYdxDqBQ7P:KGfnURCrYSKmGE6k2SXWk4QVHVSJHBfr

You can also retrieve the region secret and IP address, used to initialize the rack controller:

$ make get_region_secret
 sudo docker exec maas-region-controller cat /var/lib/maas/secret && echo
2036ba7575697b03d73353fc72a01686
$ make get_region_ip_address
 sudo docker inspect --format '{{ .NetworkSettings.Networks.bridge.IPAddress }}' maas-region-controller
172.16.86.4

Link Rack and Region

Finally, with the output above we can link the region controller with the rack controller by feeding the rack controller the endpoint and secret it requires. Shortly after MaaS will initiate an image sync with the rack.

$ make register_rack -e URL=http://172.16.84.4 SECRET=2036ba7575697b03d73353fc72a01686
sudo docker exec maas-rack-controller maas-rack register --url http://172.16.84.4 --secret 2036ba7575697b03d73353fc72a01686
alan@hpdesktop:~/Workbench/att/attcomdev/dockerfiles/maas$

Finally, to access your MaaS UI, visit http://172.0.0.1:7777/MAAS/ and login as admin/admin.