)]}'
{"specs/liberty/containerize-tripleo.rst":[{"author":{"_account_id":10419,"name":"Ryan Hallisey","email":"rhallise@redhat.com","username":"rhallisey"},"change_message_id":"6999409b562291baf979e9b5f0766b106b509265","unresolved":false,"context_lines":[{"line_number":6,"context_line":""},{"line_number":7,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":8,"context_line":"Deploying TripleO in Containers"},{"line_number":9,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":10,"context_line":""},{"line_number":11,"context_line":"https://blueprints.launchpad.net/tripleo/+spec/containerize-tripleo"},{"line_number":12,"context_line":""}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_88df880b","line":9,"updated":"2015-09-10 19:44:08.000000000","message":"Can you make this a more puppet specific title since I\u0027m going to propose a spec without puppet.","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"},{"author":{"_account_id":3153,"name":"Emilien Macchi","email":"emilien@redhat.com","username":"emilienm"},"change_message_id":"2575abb05b2aaf1cea3f3af94394eb67a064bb3c","unresolved":false,"context_lines":[{"line_number":6,"context_line":""},{"line_number":7,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":8,"context_line":"Deploying TripleO in Containers"},{"line_number":9,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":10,"context_line":""},{"line_number":11,"context_line":"https://blueprints.launchpad.net/tripleo/+spec/containerize-tripleo"},{"line_number":12,"context_line":""}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_83620b3c","line":9,"in_reply_to":"da20952f_88df880b","updated":"2015-09-10 20:18:45.000000000","message":"In fact, it was intended to be general.\nHonestly, TripleO is now using Puppet as configuration tool, I think it\u0027s implicit for everyone.","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"},{"author":{"_account_id":2011,"name":"Ian Main","email":"imain@redhat.com","username":"imain"},"change_message_id":"cd12dbc7e79845672338e108ac67018ff1ae5760","unresolved":false,"context_lines":[{"line_number":23,"context_line":"itself, containers could be a new approach to deploy OpenStack services."},{"line_number":24,"context_line":"It would dramatically change the deployment workflow but could extend upgrade"},{"line_number":25,"context_line":"capabilities, orchestration, OpenStack performance and security management."},{"line_number":26,"context_line":""},{"line_number":27,"context_line":"In order to successfully deploy OpenStack in containers, we need to go through"},{"line_number":28,"context_line":"some steps (that are technology-independant):"},{"line_number":29,"context_line":""}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_5ecfeab2","line":26,"updated":"2015-09-10 20:26:15.000000000","message":"I would add the benefits of using containers, eg:\n\nBenefits of containerizing the openstack services include:\n    * Upgrades can be performed by swapping out containers.\n    * Each service has a proven software stack that is specific to its version.\n    * Mix and match versions of services on the same host.\n    * Easy rollback to previous versions.\n    * Immutable containers allow testing of complete service and stack.","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"},{"author":{"_account_id":3153,"name":"Emilien Macchi","email":"emilien@redhat.com","username":"emilienm"},"change_message_id":"1a8fcdef5ee5ca398763790bbceb991e024aa624","unresolved":false,"context_lines":[{"line_number":23,"context_line":"itself, containers could be a new approach to deploy OpenStack services."},{"line_number":24,"context_line":"It would dramatically change the deployment workflow but could extend upgrade"},{"line_number":25,"context_line":"capabilities, orchestration, OpenStack performance and security management."},{"line_number":26,"context_line":""},{"line_number":27,"context_line":"In order to successfully deploy OpenStack in containers, we need to go through"},{"line_number":28,"context_line":"some steps (that are technology-independant):"},{"line_number":29,"context_line":""}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_3e11d604","line":26,"in_reply_to":"da20952f_5ecfeab2","updated":"2015-09-10 20:50:50.000000000","message":"ok, the next patchset will include this text.","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"},{"author":{"_account_id":10419,"name":"Ryan Hallisey","email":"rhallise@redhat.com","username":"rhallisey"},"change_message_id":"6999409b562291baf979e9b5f0766b106b509265","unresolved":false,"context_lines":[{"line_number":94,"context_line":""},{"line_number":95,"context_line":"Write a new tool that will build container images, and export it to OpenStack"},{"line_number":96,"context_line":"Glance. We might need to create a tool that would be part of OpenStack,"},{"line_number":97,"context_line":"with functional testing CI part of OpenStack Infra and documented."},{"line_number":98,"context_line":""},{"line_number":99,"context_line":"Having such a tool would overlap with what Kolla does, and is not really the"},{"line_number":100,"context_line":"best option to keep consistency in OpenStack community."}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_a8da8c15","line":97,"updated":"2015-09-10 19:44:08.000000000","message":"This could be a Kolla blueprint.","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"},{"author":{"_account_id":3153,"name":"Emilien Macchi","email":"emilien@redhat.com","username":"emilienm"},"change_message_id":"2575abb05b2aaf1cea3f3af94394eb67a064bb3c","unresolved":false,"context_lines":[{"line_number":94,"context_line":""},{"line_number":95,"context_line":"Write a new tool that will build container images, and export it to OpenStack"},{"line_number":96,"context_line":"Glance. We might need to create a tool that would be part of OpenStack,"},{"line_number":97,"context_line":"with functional testing CI part of OpenStack Infra and documented."},{"line_number":98,"context_line":""},{"line_number":99,"context_line":"Having such a tool would overlap with what Kolla does, and is not really the"},{"line_number":100,"context_line":"best option to keep consistency in OpenStack community."}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_83976bea","line":97,"in_reply_to":"da20952f_a8da8c15","updated":"2015-09-10 20:18:45.000000000","message":"+1. Collaboration with Kolla makes sense to avoid duplicating efforts.","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"},{"author":{"_account_id":10419,"name":"Ryan Hallisey","email":"rhallise@redhat.com","username":"rhallisey"},"change_message_id":"6999409b562291baf979e9b5f0766b106b509265","unresolved":false,"context_lines":[{"line_number":119,"context_line":"* Configuration management."},{"line_number":120,"context_line":"* Prepare require resource to run OpenStack (databases, db-sync, keystone"},{"line_number":121,"context_line":"  resources, etc) with the right ordering."},{"line_number":122,"context_line":"* Prepare containers to run services."},{"line_number":123,"context_line":""},{"line_number":124,"context_line":"Puppet would not take care of:"},{"line_number":125,"context_line":""}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_682a34e9","line":122,"updated":"2015-09-10 19:44:08.000000000","message":"Would puppet be doing docker pulls? or building the containers?","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"},{"author":{"_account_id":3153,"name":"Emilien Macchi","email":"emilien@redhat.com","username":"emilienm"},"change_message_id":"2575abb05b2aaf1cea3f3af94394eb67a064bb3c","unresolved":false,"context_lines":[{"line_number":119,"context_line":"* Configuration management."},{"line_number":120,"context_line":"* Prepare require resource to run OpenStack (databases, db-sync, keystone"},{"line_number":121,"context_line":"  resources, etc) with the right ordering."},{"line_number":122,"context_line":"* Prepare containers to run services."},{"line_number":123,"context_line":""},{"line_number":124,"context_line":"Puppet would not take care of:"},{"line_number":125,"context_line":""}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_03591b5b","line":122,"in_reply_to":"da20952f_682a34e9","updated":"2015-09-10 20:18:45.000000000","message":"I don\u0027t think so. Puppet is good in configuration management \u0026 service orchestration.\nHere, the service is the container and the configuration are some files we are mounting into the container.\n\nI think Puppet would do #2, but would not take care of starting the container itself (magnum can do it for us in this first proposal). Otherwise, yes, Puppet is able to start containers with the module documented in this blueprint.","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"},{"author":{"_account_id":2011,"name":"Ian Main","email":"imain@redhat.com","username":"imain"},"change_message_id":"cd12dbc7e79845672338e108ac67018ff1ae5760","unresolved":false,"context_lines":[{"line_number":120,"context_line":"* Prepare require resource to run OpenStack (databases, db-sync, keystone"},{"line_number":121,"context_line":"  resources, etc) with the right ordering."},{"line_number":122,"context_line":"* Prepare containers to run services."},{"line_number":123,"context_line":""},{"line_number":124,"context_line":"Puppet would not take care of:"},{"line_number":125,"context_line":""},{"line_number":126,"context_line":"* Managing services (systemd or upstart)."}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_de677ae8","line":123,"updated":"2015-09-10 20:26:15.000000000","message":"The current approach that we are using is like this:\n\nFor deployment of the overcloud a base OS image is booted as normal using ironic.  This image has the following requirements:\n    * Functional KVM environment (kernel support).\n    * Docker 1.8 or newer installed.\n\nCurrently our patch uses fedora-atomic as the base OS.\n\nBootstrapping\n-------------------\n\nOnce the node is up and running, there is a systemd service script that runs which starts the docker agents container.  This container has all of the components needed to bootstrap the system.  This includes:\n    * heat agents including os-collect-config, os-apply-config etc.\n    * docker-compose for use with heat-docker-compose.\n    * puppet-agent and modules needed for our deployment.\n    * docker client that connects to host docker daemon.\n    * environment for configuring networking on the host.\n\nOnce started, this container will use os-collect-config to connect back to heat.  The heat agents then perform the following tasks:\n    * Set up an etc directory using puppet.  This generates all the config files needed by the services in the same manner it would if run without containers.  These are copied into a directory accessible on the host and by all containerized services.\n    * Implements the docker-compose based heat template that installs the base services including ovs-vswitchd and ovs-vwitchdb.\n    * Runs the os-net-config script configuring the network.  This is done as an explicit step so that we know we have ovs-vswitchd and ovs-vswitchdb running when this operation is performed.\n    * Goes on to start libvirtd, nova compute containers, neutron-openvswitch-agent etc.\n\nThe containers that are running are mostly all privileged and have net\u003dhost applied to them.  Any directories which need to be shared are either mapped to the host or to other containers which will be used to store state data in the filesystem.\nUsing net\u003dhost allows the networking of the container to be just as if it were on the host itself.  This means any ports we listen on are as if we are running natively on the host.  It also means that any network configuration changes we make will be performed on the host itself.","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"},{"author":{"_account_id":3153,"name":"Emilien Macchi","email":"emilien@redhat.com","username":"emilienm"},"change_message_id":"1a8fcdef5ee5ca398763790bbceb991e024aa624","unresolved":false,"context_lines":[{"line_number":120,"context_line":"* Prepare require resource to run OpenStack (databases, db-sync, keystone"},{"line_number":121,"context_line":"  resources, etc) with the right ordering."},{"line_number":122,"context_line":"* Prepare containers to run services."},{"line_number":123,"context_line":""},{"line_number":124,"context_line":"Puppet would not take care of:"},{"line_number":125,"context_line":""},{"line_number":126,"context_line":"* Managing services (systemd or upstart)."}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_994a7c54","line":123,"in_reply_to":"da20952f_de677ae8","updated":"2015-09-10 20:50:50.000000000","message":"I need to understand more how it works, a demo would help.\nIn the meantime, I\u0027m reading code.","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"},{"author":{"_account_id":2011,"name":"Ian Main","email":"imain@redhat.com","username":"imain"},"change_message_id":"cd12dbc7e79845672338e108ac67018ff1ae5760","unresolved":false,"context_lines":[{"line_number":126,"context_line":"* Managing services (systemd or upstart)."},{"line_number":127,"context_line":"* Installing packages."},{"line_number":128,"context_line":"* Run containers."},{"line_number":129,"context_line":""},{"line_number":130,"context_line":""},{"line_number":131,"context_line":"Alternatives"},{"line_number":132,"context_line":"############"}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_beb88612","line":129,"updated":"2015-09-10 20:26:15.000000000","message":"Actually in addition to the above we should probably be looking into a local container repository rather than pulling from the docker hub.","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"},{"author":{"_account_id":3153,"name":"Emilien Macchi","email":"emilien@redhat.com","username":"emilienm"},"change_message_id":"1a8fcdef5ee5ca398763790bbceb991e024aa624","unresolved":false,"context_lines":[{"line_number":126,"context_line":"* Managing services (systemd or upstart)."},{"line_number":127,"context_line":"* Installing packages."},{"line_number":128,"context_line":"* Run containers."},{"line_number":129,"context_line":""},{"line_number":130,"context_line":""},{"line_number":131,"context_line":"Alternatives"},{"line_number":132,"context_line":"############"}],"source_content_type":"text/x-rst","patch_set":4,"id":"da20952f_9e57c225","line":129,"in_reply_to":"da20952f_beb88612","updated":"2015-09-10 20:50:50.000000000","message":"I think we should not use docker hub, and use Glance as a trust source of image storage.","commit_id":"442bbb5cbf9ff75dc1eecb8e54c18626ba980f6d"}]}