diff --git a/docker/barbican/Dockerfile b/docker/barbican/Dockerfile index f017f31744..fecb784132 100644 --- a/docker/barbican/Dockerfile +++ b/docker/barbican/Dockerfile @@ -35,7 +35,4 @@ RUN pip install uwsgi RUN rm -rf /barbican-$PBR_VERSION RUN rm -rf /barbican-$PBR_VERSION.tar.gz -# Expose the dev and admin ports -EXPOSE 9311 9312 - CMD ["/start.sh"] diff --git a/docker/ceilometer/ceilometer-api/Dockerfile b/docker/ceilometer/ceilometer-api/Dockerfile index a9894e2bdf..aaaf7c8df2 100644 --- a/docker/ceilometer/ceilometer-api/Dockerfile +++ b/docker/ceilometer/ceilometer-api/Dockerfile @@ -3,7 +3,5 @@ MAINTAINER Kolla Project (https://launchpad.net/kolla) RUN yum install -y openstack-ceilometer-api && yum clean all -EXPOSE 8777 - ADD ./start.sh /start.sh CMD ["/start.sh"] diff --git a/docker/glance/glance-registry/Dockerfile b/docker/glance/glance-registry/Dockerfile index 2510f8eb04..e9937dc7f0 100644 --- a/docker/glance/glance-registry/Dockerfile +++ b/docker/glance/glance-registry/Dockerfile @@ -1,7 +1,5 @@ FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%glance-base MAINTAINER Kolla Project (https://launchpad.net/kolla) -EXPOSE 9191 - ADD ./start.sh /start.sh CMD ["/start.sh"] diff --git a/docker/horizon/Dockerfile b/docker/horizon/Dockerfile index eafff2faa9..f153ef9968 100644 --- a/docker/horizon/Dockerfile +++ b/docker/horizon/Dockerfile @@ -4,8 +4,6 @@ MAINTAINER Kolla Project (https://launchpad.net/kolla) RUN yum -y install openstack-dashboard \ httpd httpd-mod-wsgi && yum clean all -EXPOSE 80 - ADD ./start.sh /start.sh CMD ["/start.sh"] diff --git a/docker/mongodb/Dockerfile b/docker/mongodb/Dockerfile index 353df42b21..81278092fe 100644 --- a/docker/mongodb/Dockerfile +++ b/docker/mongodb/Dockerfile @@ -8,6 +8,4 @@ RUN mkdir -p /data/db VOLUME /data/db VOLUME /var/log/mongodb -EXPOSE 27017 - ENTRYPOINT exec /bin/mongod --dbpath /data/db --logpath /var/log/mongodb/mongo.log --noprealloc --smallfiles diff --git a/docker/neutron/neutron-server/Dockerfile b/docker/neutron/neutron-server/Dockerfile index 9597f7c404..a9d4eef4dd 100644 --- a/docker/neutron/neutron-server/Dockerfile +++ b/docker/neutron/neutron-server/Dockerfile @@ -9,8 +9,6 @@ RUN yum install -y openstack-neutron \ VOLUME /var/lib/neutron -EXPOSE 9696 - ADD ./start.sh /start.sh ADD ./check.sh /check.sh diff --git a/docker/nova-controller/nova-api/Dockerfile b/docker/nova-controller/nova-api/Dockerfile index 2ac871dadd..12a2add20a 100644 --- a/docker/nova-controller/nova-api/Dockerfile +++ b/docker/nova-controller/nova-api/Dockerfile @@ -4,8 +4,6 @@ MAINTAINER Kolla Project (https://launchpad.net/kolla) RUN yum -y install \ openstack-nova-api && yum clean all -EXPOSE 8773 8774 8775 - ADD ./start.sh /start.sh ADD ./check.sh /check.sh diff --git a/docker/zaqar/Dockerfile b/docker/zaqar/Dockerfile index e993887c46..d4db63dc33 100644 --- a/docker/zaqar/Dockerfile +++ b/docker/zaqar/Dockerfile @@ -9,8 +9,6 @@ RUN yum -y localinstall python-oslo-utils-0.3.0-1.fc22.noarch.rpm \ openstack-zaqar-2014.2-1.fc22.noarch.rpm \ && yum clean all -EXPOSE 8888 - ADD ./start.sh /start.sh ADD ./check.sh /check.sh diff --git a/specs/containerize-openstack.rst b/specs/containerize-openstack.rst index 3aeb67be1d..f035ec2e04 100644 --- a/specs/containerize-openstack.rst +++ b/specs/containerize-openstack.rst @@ -188,6 +188,15 @@ with the --privileged=true flag to docker that: leaf directories with no other host operating system use. * shares any namespace with the --ipc=host, --pid=host, or --net=host flags +We will not use the Docker EXPOSE operation since all containers will use +--net=host. One motive for using --net=host is it is inherently simplier. +A different motive for not using EXPOSE is the 20 microsecond penalty +applied to every packet forwarded and returned by docker-proxy. +If EXPOSE functionality is desired, it can be added back by +referencing the default list of OpenStack ports to each Dockerfile: + + http://docs.openstack.org/trunk/config-reference/content/firewalls-default-ports.html + We will use the docker flag --restart=always to provide some measure of high availability for the individual containers and ensure they operate correctly as currently designed.