Fix designate container

Fix designate-backend-bind9 image. Create designate-worker image. Create sudoers file to execute designate-rootwrap command. Closes-Bug: #1651524 Change-Id: I06de60a35bc2c046bbdf4f43df8bd7b4a98de34a
2016-12-14 15:25:37 +00:00 · 2016-12-14 15:25:37 +00:00 · 48675e52cc
parent 1296710496
commit 48675e52cc
9 changed files with 50 additions and 14 deletions
--- a/docker/designate/designate-api/Dockerfile.j2
+++ b/docker/designate/designate-api/Dockerfile.j2
@ -16,6 +16,5 @@ MAINTAINER {{ maintainer }}

 {% block designate_api_footer %}{% endblock %}
 {% block footer %}{% endblock %}
-{{ include_footer }}

 USER designate
--- a/docker/designate/designate-backend-bind9/Dockerfile.j2
+++ b/docker/designate/designate-backend-bind9/Dockerfile.j2
@ -9,8 +9,6 @@ MAINTAINER {{ maintainer }}
   {% set designate_backend_bind9_packages = ['bind'] %}

 {{ macros.install_packages(designate_backend_bind9_packages | customizable("packages")) }}
-RUN mkdir -p /var/lib/kolla/ \
-    && cp -pr /var/named /var/lib/kolla/var-named

 {% elif base_distro in ['ubuntu'] %}
   {% set designate_backend_bind9_packages = ['bind9'] %}
@ -19,8 +17,11 @@ RUN mkdir -p /var/lib/kolla/ \

 {% endif %}

+{% set designate_backend_bind_name = 'bind' if base_distro in ['ubuntu', 'debian'] else 'named' %}
+
+RUN mkdir -p /var/lib/kolla/ /var/lib/{{ designate_backend_bind_name }}/ /run/{{ designate_backend_bind_name }} \
+     && chown -R root: /var/lib/{{ designate_backend_bind_name }} /run/{{ designate_backend_bind_name }} \
+     && chmod 755 /run/{{ designate_backend_bind_name }} \
+
 {% block designate_backend_bind9_footer %}{% endblock %}
 {% block footer %}{% endblock %}
-{{ include_footer }}
-
-USER designate
--- a/docker/designate/designate-base/Dockerfile.j2
+++ b/docker/designate/designate-base/Dockerfile.j2
@ -48,12 +48,14 @@ RUN ln -s designate-base-source/* designate \
    && sed -i 's|^exec_dirs.*|exec_dirs=/var/lib/kolla/venv/bin,/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin|g' /etc/designate/rootwrap.conf
 {% endif %}

+COPY designate_sudoers /etc/sudoers.d/kolla_designate_sudoers
 COPY extend_start.sh /usr/local/bin/kolla_extend_start
-RUN touch /usr/local/bin/kolla_designate_extend_start \
+
+RUN usermod -a -G kolla designate \
+    && chmod 750 /etc/sudoers.d \
+    && chmod 640 /etc/sudoers.d/kolla_designate_sudoers \
+    && touch /usr/local/bin/kolla_designate_extend_start \
    && chmod 755 /usr/local/bin/kolla_extend_start /usr/local/bin/kolla_designate_extend_start

 {% block designate_base_footer %}{% endblock %}
 {% block footer %}{% endblock %}
-{{ include_footer }}
-
-RUN usermod -a -G kolla designate
--- a/docker/designate/designate-base/designate_sudoers
+++ b/docker/designate/designate-base/designate_sudoers
@ -0,0 +1 @@
+%kolla ALL=(root) NOPASSWD: /var/lib/kolla/venv/bin/designate-rootwrap /etc/designate/rootwrap.conf *
--- a/docker/designate/designate-central/Dockerfile.j2
+++ b/docker/designate/designate-central/Dockerfile.j2
@ -19,6 +19,5 @@ RUN chmod 755 /usr/local/bin/kolla_designate_extend_start

 {% block designate_central_footer %}{% endblock %}
 {% block footer %}{% endblock %}
-{{ include_footer }}

 USER designate
--- a/docker/designate/designate-mdns/Dockerfile.j2
+++ b/docker/designate/designate-mdns/Dockerfile.j2
@ -16,6 +16,5 @@ MAINTAINER {{ maintainer }}

 {% block designate_mdns_footer %}{% endblock %}
 {% block footer %}{% endblock %}
-{{ include_footer }}

 USER designate
--- a/docker/designate/designate-pool-manager/Dockerfile.j2
+++ b/docker/designate/designate-pool-manager/Dockerfile.j2
@ -33,6 +33,5 @@ MAINTAINER {{ maintainer }}

 {% block designate_pool_manager_footer %}{% endblock %}
 {% block footer %}{% endblock %}
-{{ include_footer }}

 USER designate
--- a/docker/designate/designate-sink/Dockerfile.j2
+++ b/docker/designate/designate-sink/Dockerfile.j2
@ -22,6 +22,5 @@ MAINTAINER {{ maintainer }}

 {% block designate_sink_footer %}{% endblock %}
 {% block footer %}{% endblock %}
-{{ include_footer }}

 USER designate
--- a/docker/designate/designate-worker/Dockerfile.j2
+++ b/docker/designate/designate-worker/Dockerfile.j2
@ -0,0 +1,37 @@
+FROM {{ namespace }}/{{ image_prefix }}designate-base:{{ tag }}
+MAINTAINER {{ maintainer }}
+
+{% block designate_worker_header %}{% endblock %}
+
+{% import "macros.j2" as macros with context %}
+
+# The bind9 package here is only to provide the rndc binary.
+{% if install_type == 'binary' %}
+    {% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}
+       {% set designate_worker_packages = [
+            'bind',
+            'openstack-designate-worker'
+        ] %}
+    {% elif base_distro in ['ubuntu'] %}
+       {% set designate_worker_packages = [
+            'bind9',
+            'designate-worker'
+        ] %}
+    {% endif %}
+{% elif install_type == 'source' %}
+    {% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}
+       {% set designate_worker_packages = [
+            'bind'
+        ] %}
+    {% elif base_distro in ['ubuntu'] %}
+       {% set designate_worker_packages = [
+            'bind9'
+        ] %}
+    {% endif %}
+{% endif %}
+{{ macros.install_packages(designate_worker_packages | customizable("packages")) }}
+
+{% block designate_worker_footer %}{% endblock %}
+{% block footer %}{% endblock %}
+
+USER designate
				`@ -0,0 +1 @@`
				`%kolla ALL=(root) NOPASSWD: /var/lib/kolla/venv/bin/designate-rootwrap /etc/designate/rootwrap.conf *`