Merge "Revert "Add docker proxy configuration for kubernetes"."
This commit is contained in:
commit
5caf6982e8
|
@ -461,11 +461,6 @@ class ConfigAssistant():
|
||||||
self.cluster_pod_subnet = IPNetwork("172.16.0.0/16")
|
self.cluster_pod_subnet = IPNetwork("172.16.0.0/16")
|
||||||
self.cluster_service_subnet = IPNetwork("10.96.0.0/12")
|
self.cluster_service_subnet = IPNetwork("10.96.0.0/12")
|
||||||
|
|
||||||
# Docker Proxy config
|
|
||||||
self.docker_http_proxy = ""
|
|
||||||
self.docker_https_proxy = ""
|
|
||||||
self.docker_no_proxy = ""
|
|
||||||
|
|
||||||
# SDN config
|
# SDN config
|
||||||
self.enable_sdn = False
|
self.enable_sdn = False
|
||||||
# HTTPS
|
# HTTPS
|
||||||
|
@ -2671,86 +2666,6 @@ class ConfigAssistant():
|
||||||
""" Cluster host interface configuration complete"""
|
""" Cluster host interface configuration complete"""
|
||||||
self.cluster_host_interface_configured = True
|
self.cluster_host_interface_configured = True
|
||||||
|
|
||||||
def input_docker_proxy_config(self):
|
|
||||||
"""Allow user to input docker proxy config."""
|
|
||||||
|
|
||||||
print("\nDocker Proxy:")
|
|
||||||
print("-------------------------\n")
|
|
||||||
print(textwrap.fill(
|
|
||||||
"Docker proxy is needed if host network is behind a proxy.", 80))
|
|
||||||
print('')
|
|
||||||
while True:
|
|
||||||
user_input = input(
|
|
||||||
"Configure docker proxy [y/N]: ")
|
|
||||||
if user_input.lower() == 'q':
|
|
||||||
raise UserQuit
|
|
||||||
elif user_input.lower() == 'y':
|
|
||||||
while True:
|
|
||||||
user_input = input(
|
|
||||||
"HTTP proxy (http://example.proxy:port): ")
|
|
||||||
if user_input.lower() == 'q':
|
|
||||||
raise UserQuit
|
|
||||||
self.docker_http_proxy = user_input
|
|
||||||
break
|
|
||||||
|
|
||||||
while True:
|
|
||||||
user_input = input(
|
|
||||||
"HTTPS proxy (https://example.proxy:port): ")
|
|
||||||
if user_input.lower() == 'q':
|
|
||||||
raise UserQuit
|
|
||||||
self.docker_https_proxy = user_input
|
|
||||||
break
|
|
||||||
|
|
||||||
if not self.docker_http_proxy and not self.docker_https_proxy:
|
|
||||||
print("At least one proxy required")
|
|
||||||
continue
|
|
||||||
|
|
||||||
while True:
|
|
||||||
# TODO: Current Docker version 18.03.1-ce utilizes go-lang
|
|
||||||
# net library for proxy setting. The go-lang net lib
|
|
||||||
# doesn't support CIDR notation until this commit:
|
|
||||||
#
|
|
||||||
# https://github.com/golang/net/commit/
|
|
||||||
# c21de06aaf072cea07f3a65d6970e5c7d8b6cd6d
|
|
||||||
#
|
|
||||||
# After docker upgrades to a version that CIDR notation
|
|
||||||
# supported pre_set_no_proxy will be simplified to subnets
|
|
||||||
if self.system_mode == \
|
|
||||||
sysinv_constants.SYSTEM_MODE_SIMPLEX:
|
|
||||||
pre_set_no_proxy = "localhost,127.0.0.1," + \
|
|
||||||
str(self.controller_floating_address) + "," + \
|
|
||||||
str(self.controller_address_0) + "," + \
|
|
||||||
str(self.controller_address_1) + "," + \
|
|
||||||
str(self.external_oam_address_0)
|
|
||||||
else:
|
|
||||||
pre_set_no_proxy = "localhost,127.0.0.1," + \
|
|
||||||
str(self.controller_floating_address) + "," + \
|
|
||||||
str(self.controller_address_0) + "," + \
|
|
||||||
str(self.controller_address_1) + "," + \
|
|
||||||
str(self.external_oam_floating_address) + "," + \
|
|
||||||
str(self.external_oam_address_0) + "," + \
|
|
||||||
str(self.external_oam_address_1)
|
|
||||||
|
|
||||||
user_input = input(
|
|
||||||
"Additional NO proxy besides '" +
|
|
||||||
pre_set_no_proxy +
|
|
||||||
"'\n(Comma-separated addresses, " +
|
|
||||||
"wildcard/subnet not allowed)\n:")
|
|
||||||
if user_input.lower() == 'q':
|
|
||||||
raise UserQuit
|
|
||||||
if user_input == "":
|
|
||||||
self.docker_no_proxy = pre_set_no_proxy
|
|
||||||
else:
|
|
||||||
self.docker_no_proxy = pre_set_no_proxy + \
|
|
||||||
"," + user_input
|
|
||||||
break
|
|
||||||
break
|
|
||||||
elif user_input.lower() in ('n', ''):
|
|
||||||
break
|
|
||||||
else:
|
|
||||||
print("Invalid choice")
|
|
||||||
continue
|
|
||||||
|
|
||||||
def input_authentication_config(self):
|
def input_authentication_config(self):
|
||||||
"""Allow user to input authentication config and perform validation.
|
"""Allow user to input authentication config and perform validation.
|
||||||
"""
|
"""
|
||||||
|
@ -2832,9 +2747,6 @@ class ConfigAssistant():
|
||||||
if self.kubernetes:
|
if self.kubernetes:
|
||||||
self.input_cluster_host_config()
|
self.input_cluster_host_config()
|
||||||
self.input_external_oam_config()
|
self.input_external_oam_config()
|
||||||
if self.kubernetes:
|
|
||||||
# Docker proxy is only used in kubernetes config
|
|
||||||
self.input_docker_proxy_config()
|
|
||||||
self.input_authentication_config()
|
self.input_authentication_config()
|
||||||
|
|
||||||
def is_valid_management_multicast_subnet(self, ip_subnet):
|
def is_valid_management_multicast_subnet(self, ip_subnet):
|
||||||
|
@ -3431,18 +3343,6 @@ class ConfigAssistant():
|
||||||
raise ConfigFail("The option TIME_TO_LIVE is "
|
raise ConfigFail("The option TIME_TO_LIVE is "
|
||||||
"no longer supported")
|
"no longer supported")
|
||||||
|
|
||||||
# Kubernetes Configuration
|
|
||||||
if self.kubernetes:
|
|
||||||
if config.has_option('cDOCKER_PROXY', 'DOCKER_HTTP_PROXY'):
|
|
||||||
self.docker_http_proxy = config.get(
|
|
||||||
'cDOCKER_PROXY', 'DOCKER_HTTP_PROXY')
|
|
||||||
if config.has_option('cDOCKER_PROXY', 'DOCKER_HTTPS_PROXY'):
|
|
||||||
self.docker_https_proxy = config.get(
|
|
||||||
'cDOCKER_PROXY', 'DOCKER_HTTPS_PROXY')
|
|
||||||
if config.has_option('cDOCKER_PROXY', 'DOCKER_NO_PROXY'):
|
|
||||||
self.docker_no_proxy = config.get(
|
|
||||||
'cDOCKER_PROXY', 'DOCKER_NO_PROXY')
|
|
||||||
|
|
||||||
except Exception:
|
except Exception:
|
||||||
print("Error parsing answer file")
|
print("Error parsing answer file")
|
||||||
raise
|
raise
|
||||||
|
@ -3669,17 +3569,6 @@ class ConfigAssistant():
|
||||||
print("System controller floating ip: " +
|
print("System controller floating ip: " +
|
||||||
str(self.system_controller_floating_ip))
|
str(self.system_controller_floating_ip))
|
||||||
|
|
||||||
if self.kubernetes:
|
|
||||||
if self.docker_http_proxy or self.docker_https_proxy:
|
|
||||||
print("\nKubernetes Configuraton")
|
|
||||||
print("----------------------")
|
|
||||||
if self.docker_http_proxy:
|
|
||||||
print("Docker HTTP proxy: " + self.docker_http_proxy)
|
|
||||||
if self.docker_https_proxy:
|
|
||||||
print("Docker HTTPS proxy: " + self.docker_https_proxy)
|
|
||||||
if self.docker_no_proxy:
|
|
||||||
print("Docker NO proxy: " + self.docker_no_proxy)
|
|
||||||
|
|
||||||
def write_config_file(self):
|
def write_config_file(self):
|
||||||
"""Write configuration to a text file for later reference."""
|
"""Write configuration to a text file for later reference."""
|
||||||
try:
|
try:
|
||||||
|
@ -4075,20 +3964,6 @@ class ConfigAssistant():
|
||||||
f.write("SYSTEM_CONTROLLER_FLOATING_ADDRESS=%s\n" %
|
f.write("SYSTEM_CONTROLLER_FLOATING_ADDRESS=%s\n" %
|
||||||
str(self.system_controller_floating_ip))
|
str(self.system_controller_floating_ip))
|
||||||
|
|
||||||
# Docker proxy configuration
|
|
||||||
if self.kubernetes:
|
|
||||||
f.write("\n[cDOCKER_PROXY]")
|
|
||||||
f.write("\n# Docker Proxy Configuration\n")
|
|
||||||
f.write(
|
|
||||||
"DOCKER_HTTP_PROXY=" +
|
|
||||||
str(self.docker_http_proxy) + "\n")
|
|
||||||
f.write(
|
|
||||||
"DOCKER_HTTPS_PROXY=" +
|
|
||||||
str(self.docker_https_proxy) + "\n")
|
|
||||||
f.write(
|
|
||||||
"DOCKER_NO_PROXY=" +
|
|
||||||
str(self.docker_no_proxy) + "\n")
|
|
||||||
|
|
||||||
except IOError:
|
except IOError:
|
||||||
LOG.error("Failed to open file: %s", constants.CGCS_CONFIG_FILE)
|
LOG.error("Failed to open file: %s", constants.CGCS_CONFIG_FILE)
|
||||||
raise ConfigFail("Failed to write configuration file")
|
raise ConfigFail("Failed to write configuration file")
|
||||||
|
@ -5313,20 +5188,6 @@ class ConfigAssistant():
|
||||||
"required_patches": "N/A"}
|
"required_patches": "N/A"}
|
||||||
client.sysinv.load.create(**patch)
|
client.sysinv.load.create(**patch)
|
||||||
|
|
||||||
def _populate_docker_config(self, client):
|
|
||||||
parameter = {
|
|
||||||
'http_proxy': self.docker_http_proxy,
|
|
||||||
'https_proxy': self.docker_https_proxy,
|
|
||||||
'no_proxy': self.docker_no_proxy,
|
|
||||||
}
|
|
||||||
client.sysinv.service_parameter.create(
|
|
||||||
sysinv_constants.SERVICE_TYPE_DOCKER,
|
|
||||||
sysinv_constants.SERVICE_PARAM_SECTION_DOCKER_PROXY,
|
|
||||||
None,
|
|
||||||
None,
|
|
||||||
parameter
|
|
||||||
)
|
|
||||||
|
|
||||||
def populate_initial_config(self):
|
def populate_initial_config(self):
|
||||||
"""Populate initial system inventory configuration"""
|
"""Populate initial system inventory configuration"""
|
||||||
try:
|
try:
|
||||||
|
@ -5338,9 +5199,6 @@ class ConfigAssistant():
|
||||||
# ceph_mon config requires controller host to be created
|
# ceph_mon config requires controller host to be created
|
||||||
self._inventory_config_complete_wait(client, controller)
|
self._inventory_config_complete_wait(client, controller)
|
||||||
self._populate_interface_config(client, controller)
|
self._populate_interface_config(client, controller)
|
||||||
if self.kubernetes:
|
|
||||||
# Docker proxy is only used in kubernetes config
|
|
||||||
self._populate_docker_config(client)
|
|
||||||
|
|
||||||
except (KeystoneFail, SysInvFail) as e:
|
except (KeystoneFail, SysInvFail) as e:
|
||||||
LOG.exception(e)
|
LOG.exception(e)
|
||||||
|
|
|
@ -1,8 +1,5 @@
|
||||||
class platform::docker::params (
|
class platform::docker::params (
|
||||||
$package_name = 'docker-ce',
|
$package_name = 'docker-ce',
|
||||||
$http_proxy = undef,
|
|
||||||
$https_proxy = undef,
|
|
||||||
$no_proxy = undef,
|
|
||||||
) { }
|
) { }
|
||||||
|
|
||||||
class platform::docker::config
|
class platform::docker::config
|
||||||
|
@ -12,22 +9,6 @@ class platform::docker::config
|
||||||
|
|
||||||
if $::platform::kubernetes::params::enabled {
|
if $::platform::kubernetes::params::enabled {
|
||||||
|
|
||||||
if $http_proxy or $https_proxy {
|
|
||||||
file { '/etc/systemd/system/docker.service.d':
|
|
||||||
ensure => 'directory',
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
mode => '0755',
|
|
||||||
}
|
|
||||||
-> file { '/etc/systemd/system/docker.service.d/http-proxy.conf':
|
|
||||||
ensure => present,
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
mode => '0644',
|
|
||||||
content => template('platform/dockerproxy.conf.erb'),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
Class['::platform::filesystem::docker'] ~> Class[$name]
|
Class['::platform::filesystem::docker'] ~> Class[$name]
|
||||||
|
|
||||||
service { 'docker':
|
service { 'docker':
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
[Service]
|
|
||||||
<%- if @http_proxy -%>
|
|
||||||
Environment="HTTP_PROXY=<%= @http_proxy %>"
|
|
||||||
<%- end -%>
|
|
||||||
<%- if @https_proxy -%>
|
|
||||||
Environment="HTTPS_PROXY=<%= @https_proxy %>"
|
|
||||||
<%- end -%>
|
|
||||||
Environment="NO_PROXY=<%= @no_proxy %>"
|
|
|
@ -874,7 +874,6 @@ SERVICE_TYPE_PANKO = 'panko'
|
||||||
SERVICE_TYPE_AODH = 'aodh'
|
SERVICE_TYPE_AODH = 'aodh'
|
||||||
SERVICE_TYPE_GLANCE = 'glance'
|
SERVICE_TYPE_GLANCE = 'glance'
|
||||||
SERVICE_TYPE_BARBICAN = 'barbican'
|
SERVICE_TYPE_BARBICAN = 'barbican'
|
||||||
SERVICE_TYPE_DOCKER = 'docker'
|
|
||||||
|
|
||||||
SERVICE_PARAM_SECTION_MURANO_RABBITMQ = 'rabbitmq'
|
SERVICE_PARAM_SECTION_MURANO_RABBITMQ = 'rabbitmq'
|
||||||
SERVICE_PARAM_SECTION_MURANO_ENGINE = 'engine'
|
SERVICE_PARAM_SECTION_MURANO_ENGINE = 'engine'
|
||||||
|
@ -1065,13 +1064,6 @@ SERVICE_PARAM_AODH_DATABASE_ALARM_HISTORY_TIME_TO_LIVE_DEFAULT = PM_TTL_DEFAULT
|
||||||
SERVICE_PARAM_SECTION_SWIFT_CONFIG = 'config'
|
SERVICE_PARAM_SECTION_SWIFT_CONFIG = 'config'
|
||||||
SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED = 'service_enabled'
|
SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED = 'service_enabled'
|
||||||
SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB = 'fs_size_mb'
|
SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB = 'fs_size_mb'
|
||||||
|
|
||||||
# docker parameters
|
|
||||||
SERVICE_PARAM_SECTION_DOCKER_PROXY = 'proxy'
|
|
||||||
SERVICE_PARAM_NAME_DOCKER_HTTP_PROXY = 'http_proxy'
|
|
||||||
SERVICE_PARAM_NAME_DOCKER_HTTPS_PROXY = 'https_proxy'
|
|
||||||
SERVICE_PARAM_NAME_DOCKER_NO_PROXY = 'no_proxy'
|
|
||||||
|
|
||||||
# default filesystem size to 25 MB
|
# default filesystem size to 25 MB
|
||||||
SERVICE_PARAM_SWIFT_FS_SIZE_MB_DEFAULT = 25
|
SERVICE_PARAM_SWIFT_FS_SIZE_MB_DEFAULT = 25
|
||||||
|
|
||||||
|
|
|
@ -1476,21 +1476,6 @@ SWIFT_CONFIG_PARAMETER_DATA_FORMAT = {
|
||||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED: SERVICE_PARAMETER_DATA_FORMAT_BOOLEAN,
|
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED: SERVICE_PARAMETER_DATA_FORMAT_BOOLEAN,
|
||||||
}
|
}
|
||||||
|
|
||||||
DOCKER_PROXY_PARAMETER_OPTIONAL = [
|
|
||||||
constants.SERVICE_PARAM_NAME_DOCKER_HTTP_PROXY,
|
|
||||||
constants.SERVICE_PARAM_NAME_DOCKER_HTTPS_PROXY,
|
|
||||||
constants.SERVICE_PARAM_NAME_DOCKER_NO_PROXY,
|
|
||||||
]
|
|
||||||
|
|
||||||
DOCKER_PROXY_PARAMETER_RESOURCE = {
|
|
||||||
constants.SERVICE_PARAM_NAME_DOCKER_HTTP_PROXY:
|
|
||||||
'platform::docker::params::http_proxy',
|
|
||||||
constants.SERVICE_PARAM_NAME_DOCKER_HTTPS_PROXY:
|
|
||||||
'platform::docker::params::https_proxy',
|
|
||||||
constants.SERVICE_PARAM_NAME_DOCKER_NO_PROXY:
|
|
||||||
'platform::docker::params::no_proxy',
|
|
||||||
}
|
|
||||||
|
|
||||||
# Service Parameter Schema
|
# Service Parameter Schema
|
||||||
SERVICE_PARAM_MANDATORY = 'mandatory'
|
SERVICE_PARAM_MANDATORY = 'mandatory'
|
||||||
SERVICE_PARAM_OPTIONAL = 'optional'
|
SERVICE_PARAM_OPTIONAL = 'optional'
|
||||||
|
@ -1667,12 +1652,6 @@ SERVICE_PARAMETER_SCHEMA = {
|
||||||
SERVICE_PARAM_DATA_FORMAT: SWIFT_CONFIG_PARAMETER_DATA_FORMAT,
|
SERVICE_PARAM_DATA_FORMAT: SWIFT_CONFIG_PARAMETER_DATA_FORMAT,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
constants.SERVICE_TYPE_DOCKER: {
|
|
||||||
constants.SERVICE_PARAM_SECTION_DOCKER_PROXY: {
|
|
||||||
SERVICE_PARAM_OPTIONAL: DOCKER_PROXY_PARAMETER_OPTIONAL,
|
|
||||||
SERVICE_PARAM_RESOURCE: DOCKER_PROXY_PARAMETER_RESOURCE,
|
|
||||||
},
|
|
||||||
},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
SERVICE_PARAMETER_MAX_LENGTH = 255
|
SERVICE_PARAMETER_MAX_LENGTH = 255
|
||||||
|
|
Loading…
Reference in New Issue