Artur Zarzycki ef971bff51 Fix permissions to /var/lib/nova/
Due to changes with the drop-root work, we lost the ability to write
to /var/lib/nova/*. This fixes those permissions and ensures cross
container talk works properly between nova_libvirt and nova_compute

Additionally, this fixes another issue introduced which saw that
nova-compute could not run sudo commands as it did not have a proper
sudoers entry

Testing from previous deploys means you need a fresh environment. You
have to remove all of the named volumes that kolla created in docker.
Check these with `docker volume ls`

Signed-off-by: Hui Kang <kangh@us.ibm.com>
Signed-off-by: Artur Zarzycki <azarzycki@mirantis.com>
Co-Authored-By: Sam Yaple <sam@yaple.net>
Co-Authored-By: Hui Kang <kangh@us.ibm.com>
Closes-Bug: #1533350
Change-Id: I7f864c448a2414e0b5d89f48337be411b891df35
2016-01-20 16:58:01 +00:00

62 lines
1.8 KiB
Django/Jinja

FROM {{ namespace }}/{{ image_prefix }}openstack-base:{{ tag }}
MAINTAINER {{ maintainer }}
{% if install_type == 'binary' %}
{% if base_distro in ['centos', 'fedora', 'oraclelinux', 'rhel'] %}
# TODO(mandre) remove python-oslo-policy once RDO package is fixed
# https://github.com/openstack-packages/nova/blob/rpm-master/openstack-nova.spec
# https://review.gerrithub.io/#/c/255435/
RUN yum -y install \
openstack-nova-common \
python-keystoneclient \
python-cinderclient \
python-oslo-policy \
bridge-utils \
&& yum clean all
{% elif base_distro in ['ubuntu'] %}
RUN apt-get install -y --no-install-recommends \
nova-common \
python-nova \
bridge-utils \
&& apt-get clean
{% endif %}
{% elif install_type == 'source' %}
{% if base_distro in ['centos', 'fedora', 'oraclelinux', 'rhel'] %}
RUN yum -y install bridge-utils \
&& yum clean all
{% elif base_distro in ['ubuntu', 'debian'] %}
RUN apt-get install -y --no-install-recommends \
iptables \
ebtables \
dnsmasq \
bridge-utils \
python-libvirt \
openssh-client \
openvswitch-switch \
&& apt-get clean
{% endif %}
ADD nova-base-archive /nova-base-source
RUN ln -s nova-base-source/* nova \
&& useradd --user-group nova \
&& /var/lib/kolla/venv/bin/pip --no-cache-dir install --upgrade -c requirements/upper-constraints.txt /nova \
&& mkdir -p /etc/nova /var/log/nova /home/nova /var/lib/nova \
&& cp -r /nova/etc/nova/* /etc/nova/ \
&& chown -R nova: /etc/nova /var/log/nova /home/nova /var/lib/nova
COPY nova_sudoers /etc/sudoers.d/nova_sudoers
RUN chmod 750 /etc/sudoers.d \
&& chmod 440 /etc/sudoers.d/nova_sudoers
{% endif %}
RUN usermod -a -G kolla nova