openstack/kayobe
Code Issues Proposed changes
kayobe/doc/source/configuration/reference/seed-custom-containers.rst
Will Szumski 2c58388ac3 Add seed service destroy 
This can be useful when using a seed VM that is not deployed by kayobe,
and can therefore not use ``kayobe seed deprovision``, especially when
iterating on kayobe-config during the inital stages of a deployment, or
for development, where you want to re-run the playbooks from a clean-ish
state.

Change-Id: I43a9c2a57fcfe2c9d84f39903aac7c258f9a897f
2024-06-03 16:25:32 +00:00

2.6 KiB
Raw Blame History

Seed custom containers

This section covers configuration of the user-defined containers deployment functionality that runs on the seed host.

Configuration

For example, to deploy a squid container image:

seed_containers:
  squid:
    image: "stackhpc/squid:3.5.20-1"
    pre: "{{ kayobe_env_config_path }}/containers/squid/pre.yml"
    post: "{{ kayobe_env_config_path }}/containers/squid/post.yml"
    pre_destroy: "{{ kayobe_env_config_path }}/containers/squid/pre_destroy.yml"
    post_destroy: "{{ kayobe_env_config_path }}/containers/squid/post_destroy.yml"

Please notice the optional pre, post, pre_destroy, and post_destroy Ansible task files - those need to be created in kayobe-config path. The table below describes when they will run:

Container hooks
Hook Trigger point
pre Before container deployment
post After container deployment
pre_destroy Before container is destroyed
post_destroy After container is destroyed

Possible options for container deployment:

seed_containers:
  containerA:
    capabilities:
    command:
    comparisons:
    detach:
    env:
    network_mode:
    image:
    init:
    ipc_mode:
    pid_mode:
    ports:
    privileged:
    restart_policy:
    shm_size:
    sysctls:
    tag:
    ulimits:
    user:
    volumes:

For a detailed explanation of each option - please see Ansible docker_container module page.

List of Kayobe applied defaults to required docker_container variables:

../../../../ansible/roles/deploy-containers/defaults/main.yml

Docker registry

Seed containers can be pulled from a docker registry deployed on the seed, since the docker registry deployment step precedes the custom container deployment step.

It is also possible to deploy a custom containerised docker registry as a custom seed container. In this case, basic authentication login attempts can be disabled by setting

seed_deploy_containers_registry_attempt_login: false

Without this setting, the login will fail because the registry has not yet been deployed.

More information on deploying a docker registry can be found here <configuration-docker-registry>.