From 4165b26a04b2c4ff3201a4b241b9f576813b39f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius=20Ferr=C3=A3o?= <2031761+viniciusferrao@users.noreply.github.com> Date: Sun, 3 May 2026 11:57:24 -0300 Subject: [PATCH] fix: remove Docker container lifecycle management (dead code since 2016) Docker container lifecycle management (mgt=docker, mkdocker, rmdocker, lsdocker) was added in 2015-2016 as an experiment targeting Docker API v1.22 on Ubuntu only. Documentation and man pages were deliberately removed in 2019 (PRs #6222 and #6324) with the original developer's approval, noting that "the interface of Docker has become very simple right now, so there is no value for xCAT to offer such functions." The plugin was still being shipped but has had no functional code changes since April 2016, was never listed as a valid mgt value in Schema.pm, and no user ever filed an issue about it. Removed: - xCAT-server/lib/xcat/plugins/docker.pm (1,142 lines) - xCAT/postscripts/setupdockerhost - xCAT-server/share/xcat/scripts/setup-dockerhost-cert.sh - xCAT-test/autotest/testcase/dockercommand/ (test cases) - Docker attribute definitions in Schema.pm - Client symlinks (mkdocker, rmdocker, lsdocker) - Usage entries and dockerhost cert handling in credentials.pm - Docker attribute documentation in man7 pages The "Running xCAT in Docker" documentation (dockerized_xcat/) is retained as it documents containerizing xCAT itself, not the removed mgt=docker feature. Closes #7518 --- docs/source/advanced/docker/index.rst | 7 - docs/source/advanced/index.rst | 2 +- .../admin-guides/references/man7/group.7.rst | 44 +- .../admin-guides/references/man7/node.7.rst | 44 +- perl-xCAT/xCAT/Schema.pm | 32 - perl-xCAT/xCAT/Usage.pm | 9 - xCAT-client/debian/xcat-client.links | 3 - xCAT-client/xCAT-client.spec | 3 - xCAT-server/lib/xcat/plugins/AAAusage.pm | 3 - xCAT-server/lib/xcat/plugins/credentials.pm | 9 - xCAT-server/lib/xcat/plugins/docker.pm | 1142 ----------------- xCAT-server/sbin/xcatconfig | 11 - .../xcat/scripts/setup-dockerhost-cert.sh | 83 -- xCAT-server/share/xcat/tools/xCATreg | 11 - .../bundle/ubuntu14.04.3_x86_64.bundle | 14 - .../bundle/ubuntu14.04.4_x86_64.bundle | 14 - .../autotest/testcase/dockercommand/cases0 | 292 ----- .../ubuntu_full_installation_vm_docker | 47 - xCAT/postscripts/setupdockerhost | 191 --- 19 files changed, 3 insertions(+), 1958 deletions(-) delete mode 100644 docs/source/advanced/docker/index.rst delete mode 100644 xCAT-server/lib/xcat/plugins/docker.pm delete mode 100755 xCAT-server/share/xcat/scripts/setup-dockerhost-cert.sh delete mode 100644 xCAT-test/autotest/testcase/dockercommand/cases0 delete mode 100644 xCAT-test/autotest/testcase/installation/ubuntu_full_installation_vm_docker delete mode 100755 xCAT/postscripts/setupdockerhost diff --git a/docs/source/advanced/docker/index.rst b/docs/source/advanced/docker/index.rst deleted file mode 100644 index 923559796..000000000 --- a/docs/source/advanced/docker/index.rst +++ /dev/null @@ -1,7 +0,0 @@ -Docker -====== - -.. toctree:: - :maxdepth: 2 - - dockerized_xcat/run_xcat_in_docker_host.rst diff --git a/docs/source/advanced/index.rst b/docs/source/advanced/index.rst index 648381be0..c95eb1e27 100644 --- a/docs/source/advanced/index.rst +++ b/docs/source/advanced/index.rst @@ -9,7 +9,7 @@ Advanced Topics migration/index.rst confluent/index.rst goconserver/index.rst - docker/index.rst + docker/dockerized_xcat/run_xcat_in_docker_host.rst domain_name_resolution/index.rst gpu/index.rst hamn/index.rst diff --git a/docs/source/guides/admin-guides/references/man7/group.7.rst b/docs/source/guides/admin-guides/references/man7/group.7.rst index 6b2ef55ff..655dbfc8c 100644 --- a/docs/source/guides/admin-guides/references/man7/group.7.rst +++ b/docs/source/guides/admin-guides/references/man7/group.7.rst @@ -19,7 +19,7 @@ SYNOPSIS ******** -\ **group Attributes:**\ \ *addkcmdline*\ , \ *arch*\ , \ *authdomain*\ , \ *authkey*\ , \ *authtype*\ , \ *bmc*\ , \ *bmcpassword*\ , \ *bmcport*\ , \ *bmcusername*\ , \ *bmcvlantag*\ , \ *cfgmgr*\ , \ *cfgmgtroles*\ , \ *cfgserver*\ , \ *chain*\ , \ *chassis*\ , \ *cmdmapping*\ , \ *community*\ , \ *cons*\ , \ *conserver*\ , \ *consoleenabled*\ , \ *consoleondemand*\ , \ *consport*\ , \ *cpucount*\ , \ *cputype*\ , \ *currchain*\ , \ *currstate*\ , \ *dhcpinterfaces*\ , \ *disksize*\ , \ *displayname*\ , \ *dockercpus*\ , \ *dockerflag*\ , \ *dockerhost*\ , \ *dockermemory*\ , \ *dockernics*\ , \ *domainadminpassword*\ , \ *domainadminuser*\ , \ *domaintype*\ , \ *getmac*\ , \ *groupname*\ , \ *grouptype*\ , \ *hcp*\ , \ *height*\ , \ *hostcluster*\ , \ *hostinterface*\ , \ *hostmanager*\ , \ *hostnames*\ , \ *hosttype*\ , \ *hwtype*\ , \ *id*\ , \ *initrd*\ , \ *installnic*\ , \ *interface*\ , \ *ip*\ , \ *iscsipassword*\ , \ *iscsiserver*\ , \ *iscsitarget*\ , \ *iscsiuserid*\ , \ *kcmdline*\ , \ *kernel*\ , \ *linkports*\ , \ *mac*\ , \ *membergroups*\ , \ *members*\ , \ *memory*\ , \ *mgt*\ , \ *micbridge*\ , \ *michost*\ , \ *micid*\ , \ *miconboot*\ , \ *micpowermgt*\ , \ *micvlog*\ , \ *migrationdest*\ , \ *monserver*\ , \ *mpa*\ , \ *mtm*\ , \ *nameservers*\ , \ *netboot*\ , \ *nfsdir*\ , \ *nfsserver*\ , \ *nicaliases*\ , \ *niccustomscripts*\ , \ *nicdevices*\ , \ *nicextraparams*\ , \ *nichostnameprefixes*\ , \ *nichostnamesuffixes*\ , \ *nicips*\ , \ *nicnetworks*\ , \ *nicsadapter*\ , \ *nictypes*\ , \ *nimserver*\ , \ *nodetype*\ , \ *ondiscover*\ , \ *os*\ , \ *osvolume*\ , \ *otherinterfaces*\ , \ *ou*\ , \ *outlet*\ , \ *parent*\ , \ *passwd.HMC*\ , \ *passwd.admin*\ , \ *passwd.celogin*\ , \ *passwd.general*\ , \ *passwd.hscroot*\ , \ *password*\ , \ *pdu*\ , \ *pdutype*\ , \ *postbootscripts*\ , \ *postscripts*\ , \ *power*\ , \ *pprofile*\ , \ *prescripts-begin*\ , \ *prescripts-end*\ , \ *primarynic*\ , \ *privkey*\ , \ *privtype*\ , \ *productkey*\ , \ *profile*\ , \ *protocol*\ , \ *provmethod*\ , \ *rack*\ , \ *room*\ , \ *routenames*\ , \ *seclevel*\ , \ *serial*\ , \ *serialflow*\ , \ *serialport*\ , \ *serialspeed*\ , \ *servicenode*\ , \ *setupconserver*\ , \ *setupdhcp*\ , \ *setupftp*\ , \ *setupipforward*\ , \ *setupldap*\ , \ *setupnameserver*\ , \ *setupnfs*\ , \ *setupnim*\ , \ *setupntp*\ , \ *setupproxydhcp*\ , \ *setuptftp*\ , \ *sfp*\ , \ *side*\ , \ *slot*\ , \ *slotid*\ , \ *slots*\ , \ *snmpauth*\ , \ *snmppassword*\ , \ *snmpprivacy*\ , \ *snmpuser*\ , \ *snmpusername*\ , \ *snmpversion*\ , \ *storagcontroller*\ , \ *storagetype*\ , \ *supernode*\ , \ *supportedarchs*\ , \ *supportproxydhcp*\ , \ *switch*\ , \ *switchinterface*\ , \ *switchport*\ , \ *switchtype*\ , \ *switchvlan*\ , \ *syslog*\ , \ *termport*\ , \ *termserver*\ , \ *tftpdir*\ , \ *tftpserver*\ , \ *unit*\ , \ *urlpath*\ , \ *usercomment*\ , \ *userid*\ , \ *username*\ , \ *vmbeacon*\ , \ *vmbootorder*\ , \ *vmcfgstore*\ , \ *vmcluster*\ , \ *vmcpus*\ , \ *vmhost*\ , \ *vmmanager*\ , \ *vmmaster*\ , \ *vmmemory*\ , \ *vmnicnicmodel*\ , \ *vmnics*\ , \ *vmothersetting*\ , \ *vmphyslots*\ , \ *vmstorage*\ , \ *vmstoragecache*\ , \ *vmstorageformat*\ , \ *vmstoragemodel*\ , \ *vmtextconsole*\ , \ *vmvirtflags*\ , \ *vmvncport*\ , \ *webport*\ , \ *wherevals*\ , \ *xcatmaster*\ +\ **group Attributes:**\ \ *addkcmdline*\ , \ *arch*\ , \ *authdomain*\ , \ *authkey*\ , \ *authtype*\ , \ *bmc*\ , \ *bmcpassword*\ , \ *bmcport*\ , \ *bmcusername*\ , \ *bmcvlantag*\ , \ *cfgmgr*\ , \ *cfgmgtroles*\ , \ *cfgserver*\ , \ *chain*\ , \ *chassis*\ , \ *cmdmapping*\ , \ *community*\ , \ *cons*\ , \ *conserver*\ , \ *consoleenabled*\ , \ *consoleondemand*\ , \ *consport*\ , \ *cpucount*\ , \ *cputype*\ , \ *currchain*\ , \ *currstate*\ , \ *dhcpinterfaces*\ , \ *disksize*\ , \ *displayname*\ , \ *domainadminpassword*\ , \ *domainadminuser*\ , \ *domaintype*\ , \ *getmac*\ , \ *groupname*\ , \ *grouptype*\ , \ *hcp*\ , \ *height*\ , \ *hostcluster*\ , \ *hostinterface*\ , \ *hostmanager*\ , \ *hostnames*\ , \ *hosttype*\ , \ *hwtype*\ , \ *id*\ , \ *initrd*\ , \ *installnic*\ , \ *interface*\ , \ *ip*\ , \ *iscsipassword*\ , \ *iscsiserver*\ , \ *iscsitarget*\ , \ *iscsiuserid*\ , \ *kcmdline*\ , \ *kernel*\ , \ *linkports*\ , \ *mac*\ , \ *membergroups*\ , \ *members*\ , \ *memory*\ , \ *mgt*\ , \ *micbridge*\ , \ *michost*\ , \ *micid*\ , \ *miconboot*\ , \ *micpowermgt*\ , \ *micvlog*\ , \ *migrationdest*\ , \ *monserver*\ , \ *mpa*\ , \ *mtm*\ , \ *nameservers*\ , \ *netboot*\ , \ *nfsdir*\ , \ *nfsserver*\ , \ *nicaliases*\ , \ *niccustomscripts*\ , \ *nicdevices*\ , \ *nicextraparams*\ , \ *nichostnameprefixes*\ , \ *nichostnamesuffixes*\ , \ *nicips*\ , \ *nicnetworks*\ , \ *nicsadapter*\ , \ *nictypes*\ , \ *nimserver*\ , \ *nodetype*\ , \ *ondiscover*\ , \ *os*\ , \ *osvolume*\ , \ *otherinterfaces*\ , \ *ou*\ , \ *outlet*\ , \ *parent*\ , \ *passwd.HMC*\ , \ *passwd.admin*\ , \ *passwd.celogin*\ , \ *passwd.general*\ , \ *passwd.hscroot*\ , \ *password*\ , \ *pdu*\ , \ *pdutype*\ , \ *postbootscripts*\ , \ *postscripts*\ , \ *power*\ , \ *pprofile*\ , \ *prescripts-begin*\ , \ *prescripts-end*\ , \ *primarynic*\ , \ *privkey*\ , \ *privtype*\ , \ *productkey*\ , \ *profile*\ , \ *protocol*\ , \ *provmethod*\ , \ *rack*\ , \ *room*\ , \ *routenames*\ , \ *seclevel*\ , \ *serial*\ , \ *serialflow*\ , \ *serialport*\ , \ *serialspeed*\ , \ *servicenode*\ , \ *setupconserver*\ , \ *setupdhcp*\ , \ *setupftp*\ , \ *setupipforward*\ , \ *setupldap*\ , \ *setupnameserver*\ , \ *setupnfs*\ , \ *setupnim*\ , \ *setupntp*\ , \ *setupproxydhcp*\ , \ *setuptftp*\ , \ *sfp*\ , \ *side*\ , \ *slot*\ , \ *slotid*\ , \ *slots*\ , \ *snmpauth*\ , \ *snmppassword*\ , \ *snmpprivacy*\ , \ *snmpuser*\ , \ *snmpusername*\ , \ *snmpversion*\ , \ *storagcontroller*\ , \ *storagetype*\ , \ *supernode*\ , \ *supportedarchs*\ , \ *supportproxydhcp*\ , \ *switch*\ , \ *switchinterface*\ , \ *switchport*\ , \ *switchtype*\ , \ *switchvlan*\ , \ *syslog*\ , \ *termport*\ , \ *termserver*\ , \ *tftpdir*\ , \ *tftpserver*\ , \ *unit*\ , \ *urlpath*\ , \ *usercomment*\ , \ *userid*\ , \ *username*\ , \ *vmbeacon*\ , \ *vmbootorder*\ , \ *vmcfgstore*\ , \ *vmcluster*\ , \ *vmcpus*\ , \ *vmhost*\ , \ *vmmanager*\ , \ *vmmaster*\ , \ *vmmemory*\ , \ *vmnicnicmodel*\ , \ *vmnics*\ , \ *vmothersetting*\ , \ *vmphyslots*\ , \ *vmstorage*\ , \ *vmstoragecache*\ , \ *vmstorageformat*\ , \ *vmstoragemodel*\ , \ *vmtextconsole*\ , \ *vmvirtflags*\ , \ *vmvncport*\ , \ *webport*\ , \ *wherevals*\ , \ *xcatmaster*\ *********** @@ -261,48 +261,6 @@ group Attributes: -\ **dockercpus**\ (vm.cpus) - - Number of CPUs the node should see. - - - -\ **dockerflag**\ (vm.othersettings) - - This is a semicolon-delimited list of key-value pairs to be included in a vmx file of VMware or KVM. DO NOT use 'chdef -p|-m vmothersetting=...' to add options to it or delete options from it because chdef uses commas, not semicolons, to separate items. - Hugepage on POWER systems: - Specify the hugepage and/or bsr (Barrier Synchronization Register) values, e.g., 'hugepage:1,bsr:2'. - KVM CPU mode: - Specify how the host CPUs are utilized, e.g., 'cpumode:host-passthrough', 'cpumode:host-model'. With the passthrough mode, the performance of x86 VMs can be improved significantly. - KVM CPU pinning: - Specify which host CPUs are used, e.g., 'vcpupin:'0-15,^8', where '-' denotes the range and '^' denotes exclusion. This option allows a comma-delimited list. - KVM memory binding: - Specify which nodes that host memory are used, e.g., 'membind:0', where the memory in node0 of the hypervisor is used. /sys/devices/system/node has node0 and node8 on some POWER systems, node0 and node1 on some x86_64 systems. This option allows a guest VM to access specific memory regions. - PCI passthrough: - PCI devices can be assigned to a virtual machine for exclusive usage, e.g., 'devpassthrough:pci_0001_01_00_0,pci_0000_03_00_0'. A PCI device can also be expressed as 'devpassthrough:0001:01:00.1'. The devices are put in a comma-delimited list. The PCI device names can be obtained by running \ **virsh nodedev-list**\ on the host. - VM machine type: - Specify a machine type for VM creation on the host, e.g., 'machine:pc'. Typical machine types are pc, q35, and pseries. - - - -\ **dockerhost**\ (vm.host) - - The system that currently hosts the VM - - - -\ **dockermemory**\ (vm.memory) - - Megabytes of memory the VM currently should be set to. - - - -\ **dockernics**\ (vm.nics) - - Network configuration parameters. Of the general form [physnet:]interface,.. Generally, interface describes the vlan entity (default for native, tagged for tagged, vl[number] for a specific vlan. physnet is a virtual switch name or port description that is used for some virtualization technologies to construct virtual switches. hypervisor.netmap can map names to hypervisor specific layouts, or the descriptions described there may be used directly here where possible. A macvtap device can be created by adding the "|direct" suffix to the interface name. - - - \ **domainadminpassword**\ (domain.adminpassword) Allow a node specific indication of Administrative user password for the domain. Most will want to ignore this in favor of passwd table. diff --git a/docs/source/guides/admin-guides/references/man7/node.7.rst b/docs/source/guides/admin-guides/references/man7/node.7.rst index b20814152..14ca6699f 100644 --- a/docs/source/guides/admin-guides/references/man7/node.7.rst +++ b/docs/source/guides/admin-guides/references/man7/node.7.rst @@ -19,7 +19,7 @@ SYNOPSIS ******** -\ **node Attributes:**\ \ *addkcmdline*\ , \ *appstatus*\ , \ *appstatustime*\ , \ *arch*\ , \ *authdomain*\ , \ *authkey*\ , \ *authtype*\ , \ *bmc*\ , \ *bmcpassword*\ , \ *bmcport*\ , \ *bmcusername*\ , \ *bmcvlantag*\ , \ *cfgmgr*\ , \ *cfgmgtroles*\ , \ *cfgserver*\ , \ *chain*\ , \ *chassis*\ , \ *cmdmapping*\ , \ *community*\ , \ *cons*\ , \ *conserver*\ , \ *consoleenabled*\ , \ *consoleondemand*\ , \ *consport*\ , \ *cpucount*\ , \ *cputype*\ , \ *currchain*\ , \ *currstate*\ , \ *dhcpinterfaces*\ , \ *disksize*\ , \ *displayname*\ , \ *dockercpus*\ , \ *dockerflag*\ , \ *dockerhost*\ , \ *dockermemory*\ , \ *dockernics*\ , \ *domainadminpassword*\ , \ *domainadminuser*\ , \ *domaintype*\ , \ *getmac*\ , \ *groups*\ , \ *hcp*\ , \ *height*\ , \ *hidden*\ , \ *hostcluster*\ , \ *hostinterface*\ , \ *hostmanager*\ , \ *hostnames*\ , \ *hosttype*\ , \ *hwtype*\ , \ *id*\ , \ *initrd*\ , \ *installnic*\ , \ *interface*\ , \ *ip*\ , \ *iscsipassword*\ , \ *iscsiserver*\ , \ *iscsitarget*\ , \ *iscsiuserid*\ , \ *kcmdline*\ , \ *kernel*\ , \ *linkports*\ , \ *mac*\ , \ *memory*\ , \ *mgt*\ , \ *micbridge*\ , \ *michost*\ , \ *micid*\ , \ *miconboot*\ , \ *micpowermgt*\ , \ *micvlog*\ , \ *migrationdest*\ , \ *monserver*\ , \ *mpa*\ , \ *mtm*\ , \ *nameservers*\ , \ *netboot*\ , \ *nfsdir*\ , \ *nfsserver*\ , \ *nicaliases*\ , \ *niccustomscripts*\ , \ *nicdevices*\ , \ *nicextraparams*\ , \ *nichostnameprefixes*\ , \ *nichostnamesuffixes*\ , \ *nicips*\ , \ *nicnetworks*\ , \ *nicsadapter*\ , \ *nictypes*\ , \ *nimserver*\ , \ *node*\ , \ *nodetype*\ , \ *ondiscover*\ , \ *os*\ , \ *osvolume*\ , \ *otherinterfaces*\ , \ *ou*\ , \ *outlet*\ , \ *parent*\ , \ *passwd.HMC*\ , \ *passwd.admin*\ , \ *passwd.celogin*\ , \ *passwd.general*\ , \ *passwd.hscroot*\ , \ *password*\ , \ *pdu*\ , \ *pdutype*\ , \ *postbootscripts*\ , \ *postscripts*\ , \ *power*\ , \ *pprofile*\ , \ *prescripts-begin*\ , \ *prescripts-end*\ , \ *primarynic*\ , \ *primarysn*\ , \ *privkey*\ , \ *privtype*\ , \ *productkey*\ , \ *profile*\ , \ *protocol*\ , \ *provmethod*\ , \ *rack*\ , \ *room*\ , \ *routenames*\ , \ *seclevel*\ , \ *serial*\ , \ *serialflow*\ , \ *serialport*\ , \ *serialspeed*\ , \ *servicenode*\ , \ *setupconserver*\ , \ *setupdhcp*\ , \ *setupftp*\ , \ *setupipforward*\ , \ *setupldap*\ , \ *setupnameserver*\ , \ *setupnfs*\ , \ *setupnim*\ , \ *setupntp*\ , \ *setupproxydhcp*\ , \ *setuptftp*\ , \ *sfp*\ , \ *side*\ , \ *slot*\ , \ *slotid*\ , \ *slots*\ , \ *snmpauth*\ , \ *snmppassword*\ , \ *snmpprivacy*\ , \ *snmpuser*\ , \ *snmpusername*\ , \ *snmpversion*\ , \ *status*\ , \ *statustime*\ , \ *storagcontroller*\ , \ *storagetype*\ , \ *supernode*\ , \ *supportedarchs*\ , \ *supportproxydhcp*\ , \ *switch*\ , \ *switchinterface*\ , \ *switchport*\ , \ *switchtype*\ , \ *switchvlan*\ , \ *syslog*\ , \ *termport*\ , \ *termserver*\ , \ *tftpdir*\ , \ *tftpserver*\ , \ *unit*\ , \ *updatestatus*\ , \ *updatestatustime*\ , \ *urlpath*\ , \ *usercomment*\ , \ *userid*\ , \ *username*\ , \ *vmbeacon*\ , \ *vmbootorder*\ , \ *vmcfgstore*\ , \ *vmcluster*\ , \ *vmcpus*\ , \ *vmhost*\ , \ *vmmanager*\ , \ *vmmaster*\ , \ *vmmemory*\ , \ *vmnicnicmodel*\ , \ *vmnics*\ , \ *vmothersetting*\ , \ *vmphyslots*\ , \ *vmstorage*\ , \ *vmstoragecache*\ , \ *vmstorageformat*\ , \ *vmstoragemodel*\ , \ *vmtextconsole*\ , \ *vmvirtflags*\ , \ *vmvncport*\ , \ *webport*\ , \ *xcatmaster*\ , \ *zonename*\ +\ **node Attributes:**\ \ *addkcmdline*\ , \ *appstatus*\ , \ *appstatustime*\ , \ *arch*\ , \ *authdomain*\ , \ *authkey*\ , \ *authtype*\ , \ *bmc*\ , \ *bmcpassword*\ , \ *bmcport*\ , \ *bmcusername*\ , \ *bmcvlantag*\ , \ *cfgmgr*\ , \ *cfgmgtroles*\ , \ *cfgserver*\ , \ *chain*\ , \ *chassis*\ , \ *cmdmapping*\ , \ *community*\ , \ *cons*\ , \ *conserver*\ , \ *consoleenabled*\ , \ *consoleondemand*\ , \ *consport*\ , \ *cpucount*\ , \ *cputype*\ , \ *currchain*\ , \ *currstate*\ , \ *dhcpinterfaces*\ , \ *disksize*\ , \ *displayname*\ , \ *domainadminpassword*\ , \ *domainadminuser*\ , \ *domaintype*\ , \ *getmac*\ , \ *groups*\ , \ *hcp*\ , \ *height*\ , \ *hidden*\ , \ *hostcluster*\ , \ *hostinterface*\ , \ *hostmanager*\ , \ *hostnames*\ , \ *hosttype*\ , \ *hwtype*\ , \ *id*\ , \ *initrd*\ , \ *installnic*\ , \ *interface*\ , \ *ip*\ , \ *iscsipassword*\ , \ *iscsiserver*\ , \ *iscsitarget*\ , \ *iscsiuserid*\ , \ *kcmdline*\ , \ *kernel*\ , \ *linkports*\ , \ *mac*\ , \ *memory*\ , \ *mgt*\ , \ *micbridge*\ , \ *michost*\ , \ *micid*\ , \ *miconboot*\ , \ *micpowermgt*\ , \ *micvlog*\ , \ *migrationdest*\ , \ *monserver*\ , \ *mpa*\ , \ *mtm*\ , \ *nameservers*\ , \ *netboot*\ , \ *nfsdir*\ , \ *nfsserver*\ , \ *nicaliases*\ , \ *niccustomscripts*\ , \ *nicdevices*\ , \ *nicextraparams*\ , \ *nichostnameprefixes*\ , \ *nichostnamesuffixes*\ , \ *nicips*\ , \ *nicnetworks*\ , \ *nicsadapter*\ , \ *nictypes*\ , \ *nimserver*\ , \ *node*\ , \ *nodetype*\ , \ *ondiscover*\ , \ *os*\ , \ *osvolume*\ , \ *otherinterfaces*\ , \ *ou*\ , \ *outlet*\ , \ *parent*\ , \ *passwd.HMC*\ , \ *passwd.admin*\ , \ *passwd.celogin*\ , \ *passwd.general*\ , \ *passwd.hscroot*\ , \ *password*\ , \ *pdu*\ , \ *pdutype*\ , \ *postbootscripts*\ , \ *postscripts*\ , \ *power*\ , \ *pprofile*\ , \ *prescripts-begin*\ , \ *prescripts-end*\ , \ *primarynic*\ , \ *primarysn*\ , \ *privkey*\ , \ *privtype*\ , \ *productkey*\ , \ *profile*\ , \ *protocol*\ , \ *provmethod*\ , \ *rack*\ , \ *room*\ , \ *routenames*\ , \ *seclevel*\ , \ *serial*\ , \ *serialflow*\ , \ *serialport*\ , \ *serialspeed*\ , \ *servicenode*\ , \ *setupconserver*\ , \ *setupdhcp*\ , \ *setupftp*\ , \ *setupipforward*\ , \ *setupldap*\ , \ *setupnameserver*\ , \ *setupnfs*\ , \ *setupnim*\ , \ *setupntp*\ , \ *setupproxydhcp*\ , \ *setuptftp*\ , \ *sfp*\ , \ *side*\ , \ *slot*\ , \ *slotid*\ , \ *slots*\ , \ *snmpauth*\ , \ *snmppassword*\ , \ *snmpprivacy*\ , \ *snmpuser*\ , \ *snmpusername*\ , \ *snmpversion*\ , \ *status*\ , \ *statustime*\ , \ *storagcontroller*\ , \ *storagetype*\ , \ *supernode*\ , \ *supportedarchs*\ , \ *supportproxydhcp*\ , \ *switch*\ , \ *switchinterface*\ , \ *switchport*\ , \ *switchtype*\ , \ *switchvlan*\ , \ *syslog*\ , \ *termport*\ , \ *termserver*\ , \ *tftpdir*\ , \ *tftpserver*\ , \ *unit*\ , \ *updatestatus*\ , \ *updatestatustime*\ , \ *urlpath*\ , \ *usercomment*\ , \ *userid*\ , \ *username*\ , \ *vmbeacon*\ , \ *vmbootorder*\ , \ *vmcfgstore*\ , \ *vmcluster*\ , \ *vmcpus*\ , \ *vmhost*\ , \ *vmmanager*\ , \ *vmmaster*\ , \ *vmmemory*\ , \ *vmnicnicmodel*\ , \ *vmnics*\ , \ *vmothersetting*\ , \ *vmphyslots*\ , \ *vmstorage*\ , \ *vmstoragecache*\ , \ *vmstorageformat*\ , \ *vmstoragemodel*\ , \ *vmtextconsole*\ , \ *vmvirtflags*\ , \ *vmvncport*\ , \ *webport*\ , \ *xcatmaster*\ , \ *zonename*\ *********** @@ -273,48 +273,6 @@ node Attributes: -\ **dockercpus**\ (vm.cpus) - - Number of CPUs the node should see. - - - -\ **dockerflag**\ (vm.othersettings) - - This is a semicolon-delimited list of key-value pairs to be included in a vmx file of VMware or KVM. DO NOT use 'chdef -p|-m vmothersetting=...' to add options to it or delete options from it because chdef uses commas, not semicolons, to separate items. - Hugepage on POWER systems: - Specify the hugepage and/or bsr (Barrier Synchronization Register) values, e.g., 'hugepage:1,bsr:2'. - KVM CPU mode: - Specify how the host CPUs are utilized, e.g., 'cpumode:host-passthrough', 'cpumode:host-model'. With the passthrough mode, the performance of x86 VMs can be improved significantly. - KVM CPU pinning: - Specify which host CPUs are used, e.g., 'vcpupin:'0-15,^8', where '-' denotes the range and '^' denotes exclusion. This option allows a comma-delimited list. - KVM memory binding: - Specify which nodes that host memory are used, e.g., 'membind:0', where the memory in node0 of the hypervisor is used. /sys/devices/system/node has node0 and node8 on some POWER systems, node0 and node1 on some x86_64 systems. This option allows a guest VM to access specific memory regions. - PCI passthrough: - PCI devices can be assigned to a virtual machine for exclusive usage, e.g., 'devpassthrough:pci_0001_01_00_0,pci_0000_03_00_0'. A PCI device can also be expressed as 'devpassthrough:0001:01:00.1'. The devices are put in a comma-delimited list. The PCI device names can be obtained by running \ **virsh nodedev-list**\ on the host. - VM machine type: - Specify a machine type for VM creation on the host, e.g., 'machine:pc'. Typical machine types are pc, q35, and pseries. - - - -\ **dockerhost**\ (vm.host) - - The system that currently hosts the VM - - - -\ **dockermemory**\ (vm.memory) - - Megabytes of memory the VM currently should be set to. - - - -\ **dockernics**\ (vm.nics) - - Network configuration parameters. Of the general form [physnet:]interface,.. Generally, interface describes the vlan entity (default for native, tagged for tagged, vl[number] for a specific vlan. physnet is a virtual switch name or port description that is used for some virtualization technologies to construct virtual switches. hypervisor.netmap can map names to hypervisor specific layouts, or the descriptions described there may be used directly here where possible. A macvtap device can be created by adding the "|direct" suffix to the interface name. - - - \ **domainadminpassword**\ (domain.adminpassword) Allow a node specific indication of Administrative user password for the domain. Most will want to ignore this in favor of passwd table. diff --git a/perl-xCAT/xCAT/Schema.pm b/perl-xCAT/xCAT/Schema.pm index ccf28edec..d03689218 100644 --- a/perl-xCAT/xCAT/Schema.pm +++ b/perl-xCAT/xCAT/Schema.pm @@ -2797,38 +2797,6 @@ my @nodeattrs = ( access_tabentry => 'vm.node=attr:node', }, -############################################ - # docker attributes are mapped to vm table # - # dockerhost --> vm.host - # dockercpus --> vm.cpus - # dockermemory --> vm.memory - # dockerflag --> vm.othersettings - # dockernics --> vm.nics - { attr_name => 'dockerhost', - only_if => 'mgt=docker', - tabentry => 'vm.host', - access_tabentry => 'vm.node=attr:node', - }, - { attr_name => 'dockercpus', - only_if => 'mgt=docker', - tabentry => 'vm.cpus', - access_tabentry => 'vm.node=attr:node', - }, - { attr_name => 'dockermemory', - only_if => 'mgt=docker', - tabentry => 'vm.memory', - access_tabentry => 'vm.node=attr:node', - }, - { attr_name => 'dockerflag', - only_if => 'mgt=docker', - tabentry => 'vm.othersettings', - access_tabentry => 'vm.node=attr:node', - }, - { attr_name => 'dockernics', - only_if => 'mgt=docker', - tabentry => 'vm.nics', - access_tabentry => 'vm.node=attr:node', - }, ###################### # hypervisor table # ###################### diff --git a/perl-xCAT/xCAT/Usage.pm b/perl-xCAT/xCAT/Usage.pm index 3b3b60d06..45a128a9b 100644 --- a/perl-xCAT/xCAT/Usage.pm +++ b/perl-xCAT/xCAT/Usage.pm @@ -66,8 +66,6 @@ my %usage = ( rpower noderange [on|off|reset|stat|softoff] MIC specific: rpower noderange [stat|state|on|off|reset|boot] - docker specific: - rpower noderange [start|stop|restart|pause|unpause|state] pdu specific: rpower noderange [off|on|stat|status|reset] rpower noderange [pduoff|pduon|pdustat|pdustatus|pdureset] @@ -380,13 +378,6 @@ my %usage = ( rmvm [-p] [-f] PPC (using Direct FSP Management) specific: rmvm ", - "mkdocker" => -"Usage: mkdocker [image= [command=]] [dockerflag=]", - "lsdocker" => - "Usage: lsdocker - lsdocker [-l|--logs]", - "rmdocker" => - "Usage: rmdocker ", "lsslp" => "Usage: lsslp [-h|--help|-v|--version] lsslp [][-V|--verbose][-i ip[,ip..]][-w][-r|-x|-z][-n][-I][-s FRAME|CEC|MM|IVM|RSA|HMC|CMM|IMM2|FSP] diff --git a/xCAT-client/debian/xcat-client.links b/xCAT-client/debian/xcat-client.links index 0bf090cd8..fd616de00 100644 --- a/xCAT-client/debian/xcat-client.links +++ b/xCAT-client/debian/xcat-client.links @@ -26,9 +26,6 @@ opt/xcat/bin/xcatclient opt/xcat/bin/mkvm opt/xcat/bin/xcatclient opt/xcat/bin/rmvm opt/xcat/bin/xcatclient opt/xcat/bin/lsvm opt/xcat/bin/xcatclient opt/xcat/bin/chvm -opt/xcat/bin/xcatclient opt/xcat/bin/mkdocker -opt/xcat/bin/xcatclient opt/xcat/bin/rmdocker -opt/xcat/bin/xcatclient opt/xcat/bin/lsdocker opt/xcat/bin/xcatclient opt/xcat/bin/tabgrep opt/xcat/bin/xcatclient opt/xcat/bin/renergy opt/xcat/bin/xcatclient opt/xcat/bin/litetree diff --git a/xCAT-client/xCAT-client.spec b/xCAT-client/xCAT-client.spec index c555e2360..ecd48f27f 100644 --- a/xCAT-client/xCAT-client.spec +++ b/xCAT-client/xCAT-client.spec @@ -174,9 +174,6 @@ ln -sf ../bin/xcatclient $RPM_BUILD_ROOT/%{prefix}/bin/mkvm ln -sf ../bin/xcatclient $RPM_BUILD_ROOT/%{prefix}/bin/rmvm ln -sf ../bin/xcatclient $RPM_BUILD_ROOT/%{prefix}/bin/lsvm ln -sf ../bin/xcatclient $RPM_BUILD_ROOT/%{prefix}/bin/chvm -ln -sf ../bin/xcatclient $RPM_BUILD_ROOT/%{prefix}/bin/mkdocker -ln -sf ../bin/xcatclient $RPM_BUILD_ROOT/%{prefix}/bin/rmdocker -ln -sf ../bin/xcatclient $RPM_BUILD_ROOT/%{prefix}/bin/lsdocker ln -sf ../bin/xcatclient $RPM_BUILD_ROOT/%{prefix}/bin/tabgrep ln -sf ../bin/xcatclient $RPM_BUILD_ROOT/%{prefix}/bin/renergy ln -sf ../bin/xcatclient $RPM_BUILD_ROOT/%{prefix}/bin/litetree diff --git a/xCAT-server/lib/xcat/plugins/AAAusage.pm b/xCAT-server/lib/xcat/plugins/AAAusage.pm index 6c297142d..1f1f4d89a 100644 --- a/xCAT-server/lib/xcat/plugins/AAAusage.pm +++ b/xCAT-server/lib/xcat/plugins/AAAusage.pm @@ -27,9 +27,6 @@ sub handled_commands { lsvm => 'AAAusage', chvm => 'AAAusage', rmvm => 'AAAusage', - mkdocker => 'AAAusage', - lsdocker => 'AAAusage', - rmdocker => 'AAAusage', #lsslp => 'AAAusage', rflash => 'AAAusage', diff --git a/xCAT-server/lib/xcat/plugins/credentials.pm b/xCAT-server/lib/xcat/plugins/credentials.pm index 52e5a6c7a..500388209 100644 --- a/xCAT-server/lib/xcat/plugins/credentials.pm +++ b/xCAT-server/lib/xcat/plugins/credentials.pm @@ -335,15 +335,6 @@ sub process_request unlink "/tmp/xcat/client.cert.$$"; my $certcontents = join('', @certdata); push @{ $rsp->{'data'} }, { content => [$certcontents], desc => [$parm] }; - } elsif ($parm =~ /xcat_dockerhost_cert/) { - xCAT::MsgUtils->trace(0, 'I', "credentials: sending $parm to $client"); - unless (-r "/etc/xcatdockerca/cert/dockerhost-cert.pem") { - push @{ $rsp->{'error'} }, "Unable to read /etc/xcatdockerca/cert/dockerhost-cert.pem "; - xCAT::MsgUtils->trace(0, 'E', "credentials: Unable to read /etc/xcatdockerca/cert/dockerhost-cert.pem"); - next; - } - $tfilename = "/etc/xcatdockerca/cert/dockerhost-cert.pem"; - } elsif ($parm =~ /xcat_secure_pw:/) { xCAT::MsgUtils->trace(0, 'I', "credentials: sending $parm to $client"); my @users=split(/:/,$parm); diff --git a/xCAT-server/lib/xcat/plugins/docker.pm b/xCAT-server/lib/xcat/plugins/docker.pm deleted file mode 100644 index 3c342facc..000000000 --- a/xCAT-server/lib/xcat/plugins/docker.pm +++ /dev/null @@ -1,1142 +0,0 @@ -# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html -#------------------------------------------------------- - -=head1 - xCAT plugin package to handle docker -=cut - -#------------------------------------------------------- - -package xCAT_plugin::docker; - -BEGIN -{ - $::XCATROOT = $ENV{'XCATROOT'} ? $ENV{'XCATROOT'} : '/opt/xcat'; - my $async_path = "/usr/local/share/perl5/"; - unless (grep { $_ eq $async_path } @INC) { - push @INC, $async_path; - } -} -use lib "$::XCATROOT/lib/perl"; - -#use strict; -use POSIX qw(WNOHANG nice); -use POSIX qw(WNOHANG setsid :errno_h); -use Errno; -use MIME::Base64 qw(encode_base64); -require IO::Socket::SSL; IO::Socket::SSL->import('inet4'); -use Time::HiRes qw(gettimeofday sleep); -use Fcntl qw/:DEFAULT :flock/; -use File::Path; -use File::Copy; -use File::Basename; -use Getopt::Long; -Getopt::Long::Configure("bundling"); -use HTTP::Headers; -use HTTP::Request; -use xCAT::Utils; -use xCAT::MsgUtils; -use Cwd; -use xCAT::Usage; -use JSON; - -my $verbose; -my $global_callback; -my $subreq; - -my $async; - -#------------------------------------------------------- - -=head3 The hash variable to store node related http request id - - The structure is like this - %http_session_variable = ( - $session_id => $node, - ); - -=cut - -#------------------------------------------------------- - -my %http_session_variable = (); - -#------------------------------------------------------- - -=head3 The hash variable to store node parameters to access docker container - - The structure is like this - %node_hash_variable = ( - $node => { - image=>$nodetype.provmethod, - cmd=>$nodetype.provmethod, - ip=>$host.ip, - nics=>$vm.vmnics, - mac=>$mac.mac, - cpu=>$vm.cpus - memory=>$vm.memory - flag=>$vm.othersettings, - hostinfo=>{ - name => $host, - port => $port, - }, - genreq_ptr => \&genreq; - http_req_method => $init_method, - http_req_url => $node_init_url, - node_app_state => $init_state, - state_machine_engine => $state_machine_engine, - }, - ); - -=cut - -#------------------------------------------------------- - -my %node_hash_variable = (); - -# The num of HTTP requests that is progressing -my $http_requests_in_progress = 0; - - -#------------------------------------------------------- - -=head3 handled_commands - - Return list of commands handled by this plugin - -=cut - -#------------------------------------------------------- -sub handled_commands { - return ({ docker => "docker", - rpower => 'nodehm:mgt', - mkdocker => 'nodehm:mgt', - rmdocker => 'nodehm:mgt', - lsdocker => 'nodehm:mgt=docker|ipmi|kvm', - }); -} - - - -#------------------------------------------------------- - -=head3 The hash table to store mapping of commands and its state_machine_engine - The structure is like this: - command => { - option1 => { - state_machine_engine => \&state_machine_engine, - init_method => GET/POST/PUT/DELETE, - init_url => url, - }, - }, - -=cut - -#------------------------------------------------------- - -my %command_states = ( - - # For rpower start/stop/restart/pause/unpause/state - # return error_msg if failed or corresponding msg if success - rpower => { - start => { - state_machine_engine => \&default_state_engine, - init_method => "POST", - init_url => "/containers/#NODE#/start", - init_state => "INIT_TO_WAIT_FOR_START_DONE", - }, - stop => { - state_machine_engine => \&default_state_engine, - init_method => "POST", - init_url => "/containers/#NODE#/stop", - init_state => "INIT_TO_WAIT_FOR_STOP_DONE", - }, - restart => { - state_machine_engine => \&default_state_engine, - init_method => "POST", - init_url => "/containers/#NODE#/restart", - }, - pause => { - state_machine_engine => \&default_state_engine, - init_method => "POST", - init_url => "/containers/#NODE#/pause", - }, - unpause => { - state_machine_engine => \&default_state_engine, - init_method => "POST", - init_url => "/containers/#NODE#/unpause", - }, - state => { - state_machine_engine => \&default_state_engine, - init_method => "GET", - init_url => "/containers/#NODE#/json", - init_state => "INIT_TO_WAIT_FOR_QUERY_STATE_DONE", - }, - }, - - # The state changing graphic for mkdocker - # error - # init-----------> INIT_TO_WAIT_FOR_CREATE_DONE -----------------> error_msg - # ^ / | - # | 404 and / | - # 20x| 'No such image'/ | - # | v | error - # CREATE_TO_WAIT_FOR_IMAGE_PULL_DONE ------------------------------> error_msg - # | - # | - # 20x| - # v - # create done - # - mkdocker => { - default => { - genreq_ptr => \&genreq_for_mkdocker, - state_machine_engine => \&default_state_engine, - init_method => "POST", - init_url => "/containers/create?name=#NODE#", - init_state => "INIT_TO_WAIT_FOR_CREATE_DONE" - }, - pullimage => { - state_machine_engine => \&default_state_engine, - init_method => "POST", - init_url => "/images/create?fromImage=#DOCKER_IMAGE#", - init_state => "CREATE_TO_WAIT_FOR_IMAGE_PULL_DONE", - }, - }, - - # For rmdocker - # return error_msg if failed or success if done - rmdocker => { - force => { - state_machine_engine => \&default_state_engine, - init_method => "DELETE", - init_url => "/containers/#NODE#?force=1", - }, - default => { - state_machine_engine => \&default_state_engine, - init_method => "DELETE", - init_url => "/containers/#NODE#", - }, - }, - - # For lsdocker [-l|--logs] - # return error_msg if failed or corresponding msg if success - lsdocker => { - default => { - state_machine_engine => \&default_state_engine, - init_method => "GET", - init_url => "/containers/#NODE#/json?", - init_state => "INIT_TO_WAIT_FOR_QUERY_DOCKER_DONE", - }, - log => { - state_machine_engine => \&default_state_engine, - init_method => "GET", - init_url => "/containers/#NODE#/logs?stderr=1&stdout=1", - init_state => "INIT_TO_WAIT_FOR_QUERY_LOG_DONE", - }, - }, -); - -#------------------------------------------------------- - -=head3 http_state_code_info - The function to deal with http response code - Input: - $state_code: the http response code - $curr_status: the current status for the SSL connection that receive the http response - It is used for rpower start/stop since they use the same state_code 304 to indicate no modification. - Return: - A string to explain the http response code - Usage example: - http_state_code_info('304', "INIT_TO_WAIT_FOR_START_DONE") -> "Already started" - http_state_code_info('304', "INIT_TO_WAIT_FOR_STOP_DONE") -> "Already stopped" -=cut - -#------------------------------------------------------- - -sub http_state_code_info { - my $state_code = shift; - my $curr_status = shift; - if ($state_code =~ /20\d/) { - return [ 0, "success" ]; - } - elsif ($state_code eq '304') { - if (defined $curr_status) { - if ($curr_status eq "INIT_TO_WAIT_FOR_START_DONE") { - return [ 0, "container already started" ]; - } - else { - return [ 0, "container already stopped" ]; - } - } - else { - return [ 1, "unknown http status code $state_code" ]; - } - } - elsif ($state_code eq '404') { - return [ 1, "no such container" ]; - } - elsif ($state_code eq '406') { - return [ 1, "impossible to attach (container not running)" ]; - } - elsif ($state_code eq '500') { - return [ 1, "server error" ]; - } - return [ 1, "unknown http status code $state_code" ]; -} - -#------------------------------------------------------- - -=head3 modify_node_state_hash - To change node state to the state specified. - Input: - $node: the node to change state - $to_state_hash: the hash which store the destination state info - Return: - Usage example: - modify_node_state_hash($node, $command_states{$command}{$option}); -=cut - -#------------------------------------------------------- - -sub modify_node_state_hash { - my $node = shift; - my $to_state_hash = shift; - my $node_hash = $node_hash_variable{$node}; - $node_hash->{http_req_method} = $to_state_hash->{init_method}; - $node_hash->{http_req_url} = $to_state_hash->{init_url}; - $node_hash->{node_app_state} = $to_state_hash->{init_state}; - $node_hash->{state_machine_engine} = $to_state_hash->{state_machine_engine}; - $node_hash->{genreq_ptr} = $to_state_hash->{genreq_ptr}; - if (!defined($node_hash->{genreq_ptr})) { - $node_hash->{genreq_ptr} = \&genreq; - } - if ($node_hash->{image} =~ /:/) { - $node_hash->{http_req_url} =~ s/#DOCKER_IMAGE#/$node_hash->{image}/; - } else { - $node_hash->{http_req_url} =~ s/#DOCKER_IMAGE#/$node_hash->{image}:latest/; - } - $node_hash->{http_req_url} =~ s/#NETNAME#/$node_hash->{nics}/; - $node_hash->{http_req_url} =~ s/#NODE#/$node/; - return; -} - -#------------------------------------------------------- - -=head3 change_node_state - To change node state to the state specified, and then send out the HTTP request. - Input: - $node: the node to change state - $to_state_hash: the hash which store the destination state info - Return: - Usage example: - change_node_state($node, $command_states{$command}{$option}); -=cut - -#------------------------------------------------------- - -sub change_node_state { - my ($node, $to_state_hash) = @_; - modify_node_state_hash(@_); - sendreq($node, $node_hash_variable{$node}); - return; -} - -#------------------------------------------------------- - -=head3 default_state_engine - - The state_machine_engine to deal with http response - Input: - $id: The http session id when adding HTTP request into HTTP::Async object - $data: The http response - Return: - If there are any errors or msg, they will be outputed directly. - Else, nothing returned. - Usage example: - default_state_engine($id, HTTP Response data); - -=cut - -#------------------------------------------------------- - -sub default_state_engine { - my $id = shift; - my $data = shift; - my $node = $http_session_variable{$id}; - if (!defined($node)) { - return; - } - my $node_hash = $node_hash_variable{$node}; - my $curr_state = $node_hash->{node_app_state}; - my $info_flag = 'data'; - - if ($data->is_error or (defined($data->header("connection")) and $data->header("connection") =~ /close/)) { - $http_requests_in_progress--; - delete($http_session_variable{$id}); - } - - my $content = $data->decoded_content; - my @msg = (); - $msg[0] = &http_state_code_info($data->code, $curr_state); - if ($data->is_error) { - if ($content ne '') { - $msg[0]->[1] = "$content"; - } - elsif ($data->message ne '') { - $msg[0]->[1] = $data->message; - } - } - my $content_type = $data->header("content-type"); - my $content_hash = undef; - if (defined($content_type) and $content_type =~ /json/i) { - if ($curr_state ne "CREATE_TO_WAIT_FOR_IMAGE_PULL_DONE") { - $content_hash = decode_json $content; - } - else { - if ($content =~ /Status: Downloaded newer image/) { - - } - elsif ($content =~ /\"error\":\"([^\"]*)\"/) { - @msg = (); - $msg[0] = [ 1, $1 ]; - } - } - } - elsif (!defined($content_type)) { - $content_type = "undefined"; - } - - if ($curr_state eq "INIT_TO_WAIT_FOR_QUERY_STATE_DONE") { - if ($data->is_success) { - if ($content_type =~ /json/i) { - my $node_state = $content_hash->{'State'}->{'Status'}; - if (defined($node_state)) { - $msg[0] = [ 0, $node_state ]; - } - else { - $msg[0] = [ 1, "Can not get status" ]; - } - } - else { - $msg[0] = [ 1, "The content type: $content_type is unable to be parsed." ]; - } - } - } - elsif ($curr_state eq "INIT_TO_WAIT_FOR_QUERY_LOG_DONE") { - if ($data->is_success) { - $info_flag = "base64_data"; - @msg = (); - if ($content_type =~ /text\/plain/i) { - $msg[0] = [ 0, encode_base64($content) ]; - } - else { - $msg[0] = [ 1, "The content type: $content_type is unable to be parsed." ]; - } - } - } - elsif ($curr_state eq "INIT_TO_WAIT_FOR_QUERY_DOCKER_DONE") { - if ($data->is_success) { - @msg = (); - if ($content_type =~ /json/i) { - if (ref($content_hash) eq 'ARRAY') { - foreach (@$content_hash) { - push @msg, [ 0, parse_docker_list_info($_, 1) ]; - } - } - else { - push @msg, [ 0, parse_docker_list_info($content_hash, 0) ]; - } - } - if (!scalar(@msg)) { - @msg = [ 0, "No running docker" ]; - } - } - } - elsif ($curr_state eq 'INIT_TO_WAIT_FOR_CREATE_DONE') { - if ($data->code eq '404' and $msg[0]->[1] =~ /image:/i) { - - # To avoid pulling image loop - if (defined($node_hash->{have_pulled_image})) { - return; - } - $global_callback->({ node => [ { name => [$node], "$info_flag" => ["Pull image $node_hash->{image} start"] } ] }); - change_node_state($node, $command_states{mkdocker}{pullimage}); - return; - } - } - elsif ($curr_state eq 'CREATE_TO_WAIT_FOR_IMAGE_PULL_DONE') { - if ($data->is_success and !$msg[0]->[0]) { - $global_callback->({ node => [ { name => [$node], "$info_flag" => ["Pull image $node_hash->{image} done"] } ] }); - $node_hash->{have_pulled_image} = 1; - change_node_state($node, $command_states{mkdocker}{default}); - return; - } - } - - foreach my $tmp (@msg) { - if ($tmp->[0]) { - $global_callback->({ node => [ { name => [$node], error => ["$tmp->[1]"], errorcode => ["$tmp->[0]"] } ] }); - } - else { - $global_callback->({ node => [ { name => [$node], "$info_flag" => ["$tmp->[1]"] } ] }); - } - } - - return; -} - -#------------------------------------------------------- - -=head3 deal_with_space_in_array_entry - - The function to add '' for entries that have spaces - Input: - $array: The string array whose entires may have spaces - Return: - A string that join the entries in input $array with space, - for entries have spaces, they will be put in "'" - Usage example: - -=cut - -#------------------------------------------------------- - -sub deal_with_space_in_array_entry { - my $array = shift; - my @ret_array = (); - push @ret_array, shift @$array; - foreach (@$array) { - if (/\s/) { - push @ret_array, "'$_'"; - } - else { - push @ret_array, $_; - } - } - return join(' ', @ret_array); -} - -#------------------------------------------------------- - -=head3 parse_docker_list_info - - The function to parse the content returned by the lsdocker command - Input: - $docker_info_hash: The hash variable which include docker infos - The variable is decoded from JSON string - $flag: To show the info is get from dockerhost (1) or a speciifed docker (0) - Return: - docker_info_string in the format: $id $image $command $created $status $names; - Usage example: - -=cut - -#------------------------------------------------------- - -sub parse_docker_list_info { - my $docker_info_hash = shift; - my $flag = shift; # Use the flag to check whether need to cut command - my ($id, $image, $command, $created, $status, $names); - $id = substr($docker_info_hash->{'Id'}, 0, 12); - if ($flag) { - $image = $docker_info_hash->{'Image'}; - $command = $docker_info_hash->{'Command'}; - $created = $docker_info_hash->{'Created'}; - $status = $docker_info_hash->{'Status'}; - - $names = $docker_info_hash->{'Names'}->[0]; - my ($sec, $min, $hour, $day, $mon, $year) = localtime($created); - $mon += 1; - $year += 1900; - $created = "$year-$mon-$day - $hour:$min:$sec"; - } - else { - $image = $docker_info_hash->{Config}->{'Image'}; - my @cmd = (); - push @cmd, $docker_info_hash->{Path}; - if (defined($docker_info_hash->{Args})) { - push @cmd, @{ $docker_info_hash->{Args} }; - } - $command = deal_with_space_in_array_entry(\@cmd); - $names = $docker_info_hash->{'Name'}; - $created = $docker_info_hash->{'Created'}; - $status = $docker_info_hash->{'State'}->{'Status'}; - $created =~ s/\..*$//; - } - my $cmd = sprintf("\"%.20s\"", $command); - my $string = sprintf("%-12s %-30.30s %-22s %-20s %-10s %s", $id, $image, $cmd, $created, $status, $names); - return ($string); -} - -#------------------------------------------------------- - -=head3 deal_with_rsp - - The function to deal with SELECT - Input: - %args: a hash which currently only key 'timeout' is using - Return: - The number of response have received - Usage example: - -=cut - -#------------------------------------------------------- - -sub deal_with_rsp -{ - my %args = @_; - my $timeout = 0; - if (defined($args{timeout})) { - $timeout = $args{timeout}; - } - my $deal_num = 0; - while (my ($response, $id) = $async->wait_for_next_response($timeout)) { - my $node = $http_session_variable{$id}; - if (defined($node)) { - $deal_num++; - $node_hash_variable{$node}->{state_machine_engine}->($id, $response); - } - } - - return $deal_num; -} - -#------------------------------------------------------- - -=head3 parse_args - - Parse the command line options and operands - -=cut - -#------------------------------------------------------- -sub parse_args { - - my $request = shift; - my $args = $request->{arg}; - my $cmd = $request->{command}->[0]; - my %opt; - ############################################# - # Responds with usage statement - ############################################# - local *usage = sub { - my $usage_string = xCAT::Usage->getUsage($cmd); - return ([ $_[0], $usage_string ]); - }; - ############################################# - # No command-line arguments - use defaults - ############################################# - if (!defined($args)) { - if ($cmd eq "rpower") { - return ([ 1, "No option specified for rpower" ]); - } - return (0); - } - ############################################# - # Checks case in GetOptions, allows opts - # to be grouped (e.g. -vx), and terminates - # at the first unrecognized option. - ############################################# - @ARGV = @$args; - $Getopt::Long::ignorecase = 0; - Getopt::Long::Configure("bundling"); - - ############################################# - # Process command-line flags - ############################################# - if (!GetOptions(\%opt, - qw(h|help V|verbose v|version))) { - return (usage()); - } - - ############################################# - # Option -V for verbose output - ############################################# - if (exists($opt{V})) { - $verbose = 1; - } - if ($cmd eq "rpower") { - if (scalar(@ARGV) > 1) { - return ([ 1, "Only one option is supportted at the same time" ]); - } - elsif (!defined($command_states{$cmd}{ $ARGV[0] })) { - return ([ 1, "The option $ARGV[0] not support for $cmd" ]); - } - else { - $request->{mapping_option} = $ARGV[0]; - } - } - elsif ($cmd eq 'mkdocker') { - my ($image, $command); - foreach my $op (@ARGV) { - my ($key, $value) = split /=/, $op; - if ($key !~ /image|command|dockerflag/) { - return ([ 1, "Option $key is not supported for $cmd" ]); - } - elsif (!defined($value)) { - return ([ 1, "Must set value for $key" ]); - } - else { - if ($key eq 'image') { - $image = $value; - } - elsif ($key eq 'command') { - $command = $value; - } - } - } - if (!defined($image) and defined($command)) { - return ([ 1, "Must set 'image' if use 'command'" ]); - } - } - elsif ($cmd eq 'rmdocker') { - foreach my $op (@ARGV) { - if ($op ne '-f' and $op ne '--force') { - return ([ 1, "Option $op is not supported for $cmd" ]); - } - } - $request->{mapping_option} = "force"; - } - elsif ($cmd eq 'lsdocker') { - foreach my $op (@ARGV) { - if ($op ne '-l' and $op ne '--logs') { - return ([ 1, "Option $op is not supported for $cmd" ]); - } - } - $request->{mapping_option} = "log"; - } - - - return; -} - - -#------------------------------------------------------- - -=head3 preprocess_request - - preprocess the command - -=cut - -#------------------------------------------------------- -sub preprocess_request { - my $req = shift; - if ($req->{_xcatpreprocessed}->[0] == 1) { return [$req]; } - my $callback = shift; - my $command = $req->{command}->[0]; - my $extrargs = $req->{arg}; - my @exargs = ($req->{arg}); - if (ref($extrargs)) { - @exargs = @$extrargs; - } - my $usage_string = xCAT::Usage->parseCommand($command, @exargs); - if ($usage_string) { - $callback->({ data => [$usage_string] }); - $req = {}; - return; - } - #################################### - # Process command-specific options - #################################### - my $parse_result = parse_args($req); - #################################### - # Return error - #################################### - if (ref($parse_result) eq 'ARRAY') { - $callback->({ error => $parse_result->[1], errorcode => $parse_result->[0] }); - $req = {}; - return; - } - - my @result = (); - my $mncopy = {%$req}; - push @result, $mncopy; - return \@result; -} - -#------------------------------------------------------- - -=head3 process_request - - Process the command - -=cut - -#------------------------------------------------------- -sub process_request { - my $req = shift; - my $callback = shift; - $subreq = shift; - my $noderange = $req->{node}; - my $command = $req->{command}->[0]; - my $args = $req->{arg}; - $global_callback = $callback; - - # For docker create, the attributes needed are - # vm.host,cpus,memory,othersettings - # nodetype.provmethod -- the image and command the docker will use - # mac.mac - # For other command, get docker host is enough to do operation - - my $mapping_hash = undef; - if (defined($req->{mapping_option})) { - $mapping_hash = $command_states{$command}{ $req->{mapping_option} }; - } - else { - $mapping_hash = $command_states{$command}{default}; - } - my $max_concur_session_allow = 20; # A variable can be set by caculated in the future - if ($command eq 'lsdocker') { - my @new_noderange = (); - my $nodehm = xCAT::Table->new('nodehm'); - if ($nodehm) { - my $nodehmhash = $nodehm->getNodesAttribs($noderange, ['mgt']); - foreach my $node (@$noderange) { - if (defined($nodehmhash->{$node}->[0]->{mgt}) and $nodehmhash->{$node}->[0]->{mgt} =~ /ipmi|kvm/) { - - if (defined($args) and $args->[0] ne '') { - $callback->({ error => [" $args->[0] is not support for $node"], errorcode => 1 }); - return; - } - ${ $node_hash_variable{$node} }{hostinfo} = { name => $node, port => '2375' }; - $mapping_hash->{init_url} =~ s/#NODE#\///; - modify_node_state_hash($node, $mapping_hash); - } - else { - push @new_noderange, $node; - } - } - } - $noderange = \@new_noderange; - } - - # The dockerhost is mapped to vm.host, so open vm table here - my $vmtab = xCAT::Table->new('vm'); - if ($vmtab) { - my $vmhashs = $vmtab->getNodesAttribs($noderange, [ 'host', 'nics' ]); - if ($vmhashs) { - my @errornodes = (); - foreach my $node (@$noderange) { - my $vmhash = $vmhashs->{$node}->[0]; - if (!defined($vmhash) or !defined($vmhash->{host})) { - delete $node_hash_variable{$node}; - push @errornodes, $node; - next; - } - my ($host, $port) = split /:/, $vmhash->{host}; - if (!defined($host)) { - delete $node_hash_variable{$node}; - push @errornodes, $node; - next; - } - if (!defined($port)) { - $port = 2375; - } - ${ $node_hash_variable{$node} }{hostinfo} = { name => $host, port => $port }; - if (defined($vmhash->{nics})) { - $node_hash_variable{$node}->{nics} = $vmhash->{nics}; - } else { - $node_hash_variable{$node}->{nics} = "mynet0"; - } - if ($command eq 'rmdocker') { - if (defined($args->[0])) { - $node_hash_variable{$node}->{opt} = "force"; - } - else { - $node_hash_variable{$node}->{opt} = "default"; - } - } - modify_node_state_hash($node, $mapping_hash); - } - if (scalar(@errornodes)) { - $callback->({ error => ["Docker host not set correct for @errornodes"], errorcode => 1 }); - return; - } - } - } - else { - $callback->({ error => ["Open table 'vm' failed"], errorcode => 1 }); - return; - } - - #parse parameters for mkdocker - if ($command eq 'mkdocker') { - my ($imagearg, $cmdarg, $flagarg); - foreach (@$args) { - if (/image=(.*)$/) { - $imagearg = $1; - } - elsif (/command=(.*)$/) { - $cmdarg = $1; - } - elsif (/dockerflag=(.*)$/) { - $flagarg = $1; - } - } - my $nodetypetab = xCAT::Table->new('nodetype'); - if (!defined($nodetypetab)) { - $callback->({ error => ["Open table 'nodetype' failed"], errorcode => 1 }); - return; - } - my $mactab = xCAT::Table->new('mac'); - if (!defined($mactab)) { - $callback->({ error => ["Open table 'mac' failed"], errorcode => 1 }); - return; - } - my ($ret, $netcfg_hash) = xCAT::NetworkUtils->getNodesNetworkCfg($noderange); - if ($ret) { - $callback->({ error => [$netcfg_hash], errorcode => 1 }); - return; - } - my $nodetypehash = $nodetypetab->getNodesAttribs($noderange, ['provmethod']); - my $machash = $mactab->getNodesAttribs($noderange, ['mac']); - my $vmhash = $vmtab->getNodesAttribs($noderange, [ 'cpus', 'memory', 'othersettings' ]); - - my %errornodes = (); - foreach my $node (@$noderange) { - if ($imagearg) { - $node_hash_variable{$node}->{image} = $imagearg; - if ($cmdarg) { - $node_hash_variable{$node}->{cmd} = $cmdarg; - $nodetypetab->setNodeAttribs($node, { provmethod => "$imagearg!$cmdarg" }); - } - else { - $nodetypetab->setNodeAttribs($node, { provmethod => "$imagearg" }); - } - } - else { - if (!defined($nodetypehash->{$node}->[0]->{provmethod})) { - delete $node_hash_variable{$node}; - push @{ $errornodes{Image} }, $node; - next; - } - else { - my ($tmp_img, $tmp_cmd) = split /!/, $nodetypehash->{$node}->[0]->{provmethod}; - if (!defined($tmp_img)) { - delete $node_hash_variable{$node}; - push @{ $errornodes{Image} }, $node; - next; - } - $node_hash_variable{$node}->{image} = $tmp_img; - $node_hash_variable{$node}->{cmd} = $tmp_cmd; - } - } - if ($flagarg) { - $node_hash_variable{$node}->{flag} = $flagarg; - $vmtab->setNodeAttribs($node, { othersettings => $flagarg }); - } - if (defined($machash->{$node}->[0]->{mac})) { - $node_hash_variable{$node}->{mac} = $machash->{$node}->[0]->{mac}; - } - my $vmnodehash = $vmhash->{$node}->[0]; - if (defined($vmnodehash)) { - if (defined($vmnodehash->{cpus})) { - $node_hash_variable{$node}->{cpus} = $vmnodehash->{cpus}; - } - if (defined($vmnodehash->{memory})) { - $node_hash_variable{$node}->{memory} = $vmnodehash->{memory}; - } - if (!defined($flagarg) and defined($vmnodehash->{othersettings})) { - $node_hash_variable{$node}->{flag} = $vmnodehash->{othersettings}; - } - } - my $netcfg_info = $netcfg_hash->{$node}; - if (!defined($netcfg_info) or !defined($netcfg_info->{'ip'})) { - delete $node_hash_variable{$node}; - push @{ $errornodes{Network} }, $node; - next; - } - else { - $node_hash_variable{$node}->{ip} = $netcfg_info->{ip}; - } - } - $nodetypetab->close; - $mactab->close; - foreach (keys %errornodes) { - $callback->({ error => ["$_ not set correct for @{$errornodes{$_}}"], errorcode => 1 }); - } - } - $vmtab->close; - - if (my $res = init_async(slots => $max_concur_session_allow)) { - $callback->({ error => [$res], errorcode => 1 }); - return; - } - my @nodeargs = keys(%node_hash_variable); - - while (1) { - while ((scalar @nodeargs) and $http_requests_in_progress < $max_concur_session_allow) { - deal_with_rsp(); - my $node = shift @nodeargs; - sendreq($node, $node_hash_variable{$node}); - } - if ($async->empty) { - last; - } - deal_with_rsp(); - } - return; -} - -#------------------------------------------------------- - -=head3 init_async - - Creates a new HTTP::Async object and sets it up. - Input: - %args: the hash stores params to create the HTTP::Async object - slots: maximum number of parallel requests to make - Usage example: - init_async(slots=>) - -=cut - -#------------------------------------------------------- - -sub init_async { - my %args = @_; - eval { require HTTP::Async }; - if ($@) { - return ("Can't find HTTP/Async.pm, please make sure the package have been installed"); - } - my @user = getpwuid($>); - my $homedir = $user[7]; - my $ssl_ca_file = $homedir . "/.xcat/ca.pem"; - my $ssl_cert_file = $homedir . "/.xcat/client-cred.pem"; - my $key_file = $homedir . "/.xcat/client-cred.pem"; - $async = HTTP::Async->new( - slots => $args{slots}, - ssl_options => { - SSL_verify_mode => SSL_VERIFY_PEER, - SSL_ca_file => $ssl_ca_file, - SSL_cert_file => $ssl_cert_file, - SSL_key_file => $key_file, - }, - ); - return undef; -} - -#------------------------------------------------------- - -=head3 genreq - - Generate the docker REST API http request - Input: - $node: the docker container name - $dockerhost: hash, keys: name, port, user, pw, user, pw - $method: GET, PUT, POST, DELETE - $api: the url of rest api - $content: an xml section which including the data to perform the rest api - Return: - The REST API http request - Usage example: - my $api = "/images/json"; - my $method = "GET"; - my %dockerhost = ( name => "bybc0604", port => "2375", ); - my $request = genreq($node, \%dockerhost, $method,$api, ""); - -=cut - -#------------------------------------------------------- -sub genreq { - my $node = shift; - my $dockerhost = shift; - my $method = shift; - my $api = shift; - my $content = shift; - - if (!defined($content)) { $content = ""; } - my $header = HTTP::Headers->new('content-type' => 'application/json', - 'Accept' => 'application/json', - - #'Connection' => 'keep-alive', - 'Host' => $dockerhost->{name} . ":" . $dockerhost->{port}); - $header->authorization_basic($dockerhost->{user} . '@internal', $dockerhost->{pw}); - - my $ctlen = length($content); - $header->push_header('Content-Length' => $ctlen); - - my $url = "https://" . $dockerhost->{name} . ":" . $dockerhost->{port} . $api; - my $request = HTTP::Request->new($method, $url, $header, $content); - $request->protocol('HTTP/1.1'); - return $request; -} - -#------------------------------------------------------- - -=head3 genreq_for_mkdocker - - Generate HTTP request for mkdocker - - Input: $node: The docker container name - $dockerhost: hash, keys: name, port, user, pw, user, pw, user, pw - $method: the http method to generate the http request - $api: the url to generate the http request - - return: The http request; - - Usage example: - my $res = genreq_for_mkdocker($node,\%dockerhost,'GET','/containers/$node/json'); - -=cut - -#------------------------------------------------------- - -sub genreq_for_mkdocker { - my ($node, $dockerhost, $method, $api) = @_; - my $dockerinfo = $node_hash_variable{$node}; - my %info_hash = (); - if (defined($dockerinfo->{flag})) { - my $flag_hash = decode_json($dockerinfo->{flag}); - %info_hash = %$flag_hash; - } - - #$info_hash{name} = '/'.$node; - #$info_hash{Hostname} = ''; - #$info_hash{Domainname} = ''; - $info_hash{Image} = "$dockerinfo->{image}"; - @{ $info_hash{Cmd} } = split /,/, $dockerinfo->{cmd}; - $info_hash{Memory} = $dockerinfo->{mem}; - $info_hash{MacAddress} = $dockerinfo->{mac}; - $info_hash{CpusetCpus} = $dockerinfo->{cpus}; - $info_hash{HostConfig}->{NetworkMode} = $dockerinfo->{nics}; - $info_hash{NetworkDisabled} = JSON::false; - $info_hash{NetworkingConfig}->{EndpointsConfig}->{"$dockerinfo->{nics}"}->{IPAMConfig}->{IPv4Address} = $dockerinfo->{ip}; - my $content = encode_json \%info_hash; - return genreq($node, $dockerhost, $method, $api, $content); -} - -#------------------------------------------------------- - -=head3 sendreq - - Based on the method, url create a http request and send out on the given SSL connection - - Input: - $node: the docker container name - $node_hash: the hash that store information for the $node - return: 0-undefine If no error - 1-return generate http request failed; - 2-return http request error message; - Usage example: - my $res = sendreq($node, $node_hash); - -=cut - -#------------------------------------------------------- - -sub sendreq { - my ($node, $node_hash) = @_; - my $http_req = $node_hash->{genreq_ptr}->($node, $node_hash->{hostinfo}, $node_hash->{http_req_method}, $node_hash->{http_req_url}); - - # Need to Dumper to log file later - # print Dumper($http_req); - my $http_session_id = $async->add_with_opts($http_req, {}); - $http_session_variable{$http_session_id} = $node; - $http_requests_in_progress++; - return undef; -} -1; diff --git a/xCAT-server/sbin/xcatconfig b/xCAT-server/sbin/xcatconfig index e60dcbf8a..cbe7877e3 100755 --- a/xCAT-server/sbin/xcatconfig +++ b/xCAT-server/sbin/xcatconfig @@ -1714,17 +1714,6 @@ sub genCredentials } } } - if ((!-d "/etc/xcatdockerca/cert") || $::FORCE || $::genCredentials) { - my $cmd = "echo 'y\ny\ny\ny' |$::XCATROOT/share/xcat/scripts/setup-dockerhost-cert.sh"; - verbose("Running $cmd"); - my $rc = system($cmd); - if ($rc >> 8) { - xCAT::MsgUtils->message('E', -"Could not create xCAT dockerhost certificate in /etc/xcatdockerca/cert."); - } else { - verbose("Create xCAT dockerhost certificate in /etc/xcatdockerca/cert directory."); - } - } # copy to postscript directory, no longer use cert directory $cmd = "/bin/rm -rf $::INSTALLDIR/postscripts/cert >/dev/null 2>&1"; diff --git a/xCAT-server/share/xcat/scripts/setup-dockerhost-cert.sh b/xCAT-server/share/xcat/scripts/setup-dockerhost-cert.sh deleted file mode 100755 index 9a6f6f854..000000000 --- a/xCAT-server/share/xcat/scripts/setup-dockerhost-cert.sh +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/bash -# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html -# To create certficate for docker host -echo "$0 xcatdockerhost" - -umask 0077 -CNA="xcatdockerhost" - -XCATDOCKERDIR=/etc/xcatdockerca -XCATDOCKERCADIR=$XCATDOCKERDIR/ca - -if [ ! -e $XCATDOCKERDIR ]; then - mkdir -p $XCATDOCKERDIR - mkdir -p $XCATDOCKERCADIR -fi - -if [ ! -e $XCATDOCKERCADIR/openssl.cnf ]; then - cp /etc/xcat/ca/openssl.cnf $XCATDOCKERCADIR/ -fi -if [ ! -e $XCATDOCKERCADIR/ca-cert.pem ]; then - cp /etc/xcat/ca/ca-cert.pem $XCATDOCKERCADIR/ -fi - -if [ ! -e $XCATDOCKERCADIR/private/ca-key.pem ]; then - mkdir -p $XCATDOCKERCADIR/private - cp /etc/xcat/ca/private/ca-key.pem $XCATDOCKERCADIR/private/ -fi - -if [ -e $XCATDOCKERDIR/cert ]; then - echo -n "$XCATDOCKERDIR/cert already exists, delete and start over (y/n)?" - read ANSWER - if [ "$ANSWER" != "y" ]; then - echo "Aborting at user request" - exit 0 - fi - rm -rf $XCATDOCKERDIR/cert -fi -mkdir -p $XCATDOCKERDIR/cert - - -cd $XCATDOCKERDIR - -if [ ! -e $XCATDOCKERCADIR/openssl.cnf ]; then - echo -n "$XCATDOCKERCADIR/openssl.cnf not exist" - exit 1 -fi -sed -i "s@^dir.*=.*/etc/xcat/ca@dir = $XCATDOCKERCADIR@g" $XCATDOCKERCADIR/openssl.cnf - -if [ -e $XCATDOCKERCADIR/index ]; then - rm -f $XCATDOCKERCADIR/index* -fi -touch $XCATDOCKERCADIR/index -touch $XCATDOCKERCADIR/index.attr - -echo "00" > $XCATDOCKERCADIR/serial - - -if [ ! -e $XCATDOCKERCADIR/certs ]; then - mkdir -p $XCATDOCKERCADIR/certs -fi - -openssl genrsa -out ca/dockerhost-key.pem 2048 -openssl req -config ca/openssl.cnf -new -key ca/dockerhost-key.pem -out cert/dockerhost-req.pem -subj "/CN=$CNA" -mv cert/dockerhost-req.pem ca/$CNA\.csr -cd - -cd $XCATDOCKERCADIR - -# - "make sign" doesn't seem to work on my AIX system??? -# - seems to be a problem with the use of the wildcard in the Makefile -# - call cmds directly instead - seems safe -# make sign - -#CA certificate and CA private key do not match -openssl ca -startdate 600101010101Z -config openssl.cnf -in $CNA\.csr -out $CNA\.cert -extensions server -batch -#openssl ca -selfsign -config openssl.cnf -in $CNA\.csr -startdate 700101010101Z -days 7305 -out $CNA\.cert -extensions v3_ca -batch -if [ -f $CNA\.cert ]; then - rm $CNA\.csr -fi - -mv $CNA\.cert $XCATDOCKERDIR/cert/dockerhost-cert.pem -cat dockerhost-key.pem >> $XCATDOCKERDIR/cert/dockerhost-cert.pem - -cd - diff --git a/xCAT-server/share/xcat/tools/xCATreg b/xCAT-server/share/xcat/tools/xCATreg index 89ea7e23d..75745a176 100755 --- a/xCAT-server/share/xcat/tools/xCATreg +++ b/xCAT-server/share/xcat/tools/xCATreg @@ -738,7 +738,6 @@ sub do_test { my $diskless_installation_hierarchy_testcase = ""; my $statelite_installation_hierarchy_by_ramdisk_testcase = ""; my $statelite_installation_hierarchy_by_nfs_testcase = ""; - my $setup_dockerhost_testcase = ""; my $batbundle = ""; if ((($mn =~ /sles/) || ($mn =~ /rh/)) && ($mn !~ /E/)) { @@ -757,7 +756,6 @@ sub do_test { } elsif ($mn =~ /ubuntux/) { $diskfull_installation_flat_testcase = "Ubuntu_full_installation_flat_x86_vm"; $diskless_installation_flat_testcase = "Ubuntu_diskless_installation_flat_x86_vm"; - $setup_dockerhost_testcase = "Full_installation_flat_docker"; $batbundle = "x_ubuntu_cmd.bundle"; } elsif ($mn =~ /E/) { $diskfull_installation_flat_testcase = "Full_installation_flat_p8_le"; @@ -899,15 +897,6 @@ sub do_test { send_msg(2, "[$mn->$confkeys{$mn}][do_test] do diskfull installation test in flat mode in $mn.....[done]"); last if ($rc != 0); - if ($mn =~ /ubuntux/) { - - #set up dockerhosts - send_msg(2, "[$mn->$confkeys{$mn}][do_test] setupdockerhost $mn....."); - $rc = system("ssh -t $confkeys{$mn} 'exec bash -l -i -c \"xcattest -f /opt/xcat/share/xcat/tools/autotest/default.conf -t $setup_dockerhost_testcase\"' >/dev/null 2>&1"); - send_msg(2, "[$mn->$confkeys{$mn}][do_test] setup dockerhosts $mn.....[done]"); - last if ($rc != 0); - } - #commands bundle in flat mode test send_msg(2, "[$mn->$confkeys{$mn}][do_test] doing all commands test in flat mode in $mn....."); $rc = system("ssh -t $confkeys{$mn} 'exec bash -l -i -c \"xcattest -f /opt/xcat/share/xcat/tools/autotest/default.conf -b $batbundle\"' >/dev/null 2>&1"); diff --git a/xCAT-test/autotest/bundle/ubuntu14.04.3_x86_64.bundle b/xCAT-test/autotest/bundle/ubuntu14.04.3_x86_64.bundle index 9f72b934c..1b0344bbd 100644 --- a/xCAT-test/autotest/bundle/ubuntu14.04.3_x86_64.bundle +++ b/xCAT-test/autotest/bundle/ubuntu14.04.3_x86_64.bundle @@ -187,19 +187,5 @@ nodeset_shell nodeset_cmdline nodeset_runimg nodeset_check_warninginfo -Full_installation_flat_docker -rpower_stop_docker -rpower_start_docker -rpower_state_docker -rpower_restart_docker -rpower_pause_docker -rpower_unpause_docker -mkdocker_h -mkdocker_command -rmdocker_h -rmdocker_command -rmdocker_f_command -lsdocker_h_command -lsdocker_l_command ubuntu_migration1_vm ubuntu_migration2_vm diff --git a/xCAT-test/autotest/bundle/ubuntu14.04.4_x86_64.bundle b/xCAT-test/autotest/bundle/ubuntu14.04.4_x86_64.bundle index 6356faf94..571add7b4 100644 --- a/xCAT-test/autotest/bundle/ubuntu14.04.4_x86_64.bundle +++ b/xCAT-test/autotest/bundle/ubuntu14.04.4_x86_64.bundle @@ -206,20 +206,6 @@ prsync_v prsync_dir_node prsync_file_node nodeset_check_warninginfo -Full_installation_flat_docker -rpower_stop_docker -rpower_start_docker -rpower_state_docker -rpower_restart_docker -rpower_pause_docker -rpower_unpause_docker -mkdocker_h -mkdocker_command -rmdocker_h -rmdocker_command -rmdocker_f_command -lsdocker_h_command -lsdocker_l_command xcatconfig_u_check_xcatsslversion_ubuntu xcatconfig_c bmcdiscover_help diff --git a/xCAT-test/autotest/testcase/dockercommand/cases0 b/xCAT-test/autotest/testcase/dockercommand/cases0 deleted file mode 100644 index 86aace6d2..000000000 --- a/xCAT-test/autotest/testcase/dockercommand/cases0 +++ /dev/null @@ -1,292 +0,0 @@ -start:rpower_stop_docker -description:stop a created docker instance -label:others,docker -cmd:chdef $$DOCKERCN dockerhost=$$DOCKERHOST:2375 dockercpus=1 ip=$$DOCKERCONIP dockermemory=4096 groups=docker,all mgt=docker -check:rc==0 -cmd:makehosts $$DOCKERCN -check:rc==0 -cmd:mkdocker $$DOCKERCN image=$$DOCKERIMAGE command=$$DOCKERCOMMAND dockerflag="{\"AttachStdin\":true,\"AttachStdout\":true,\"AttachStderr\":true,\"OpenStdin\":true,\"Tty\":true}" -check:rc==0 -cmd:rpower $$DOCKERCN stop -check:rc==0 -check:output=~container already stopped -cmd:rpower $$DOCKERCN restart -check:output=~success -cmd:rpower $$DOCKERCN state -check:rc==0 -check:output=~running -cmd:rpower $$DOCKERCN stop -check:rc==0 -cmd:rpower $$DOCKERCN state -check:output=~exited -cmd:rmdocker $$DOCKERCN -f -check:rc==0 -cmd:makehosts -d $$DOCKERCN -check:rc==0 -cmd:rmdef $$DOCKERCN -check:rc==0 -end -start:rpower_start_docker -description:start a created docker instance -label:others,docker -cmd:chdef $$DOCKERCN dockerhost=$$DOCKERHOST:2375 dockercpus=1 ip=$$DOCKERCONIP dockermemory=4096 groups=docker,all mgt=docker -check:rc==0 -cmd:makehosts $$DOCKERCN -check:rc==0 -cmd:mkdocker $$DOCKERCN image=$$DOCKERIMAGE command=$$DOCKERCOMMAND dockerflag="{\"AttachStdin\":true,\"AttachStdout\":true,\"AttachStderr\":true,\"OpenStdin\":true,\"Tty\":true}" -check:rc==0 -cmd:rpower $$DOCKERCN state -check:rc==0 -check:output=~created -cmd:rpower $$DOCKERCN start -check:rc==0 -check:output=~success -cmd:rpower $$DOCKERCN state -check:rc==0 -check:output=~running -cmd:rmdocker $$DOCKERCN -f -check:rc==0 -cmd:makehosts -d $$DOCKERCN -check:rc==0 -cmd:rmdef $$DOCKERCN -check:rc==0 -end - -start:rpower_state_docker -description:get state of the instance -label:others,docker -cmd:chdef $$DOCKERCN dockerhost=$$DOCKERHOST:2375 dockercpus=1 ip=$$DOCKERCONIP dockermemory=4096 groups=docker,all mgt=docker -check:rc==0 -cmd:makehosts $$DOCKERCN -check:rc==0 -cmd:mkdocker $$DOCKERCN image=$$DOCKERIMAGE command=$$DOCKERCOMMAND dockerflag="{\"AttachStdin\":true,\"AttachStdout\":true,\"AttachStderr\":true,\"OpenStdin\":true,\"Tty\":true}" -check:rc==0 -cmd:rpower $$DOCKERCN state -check:output=~created -cmd:rpower $$DOCKERCN restart -check:rc==0 -check:output=~success -cmd:rpower $$DOCKERCN state -check:rc==0 -check:output=~running -cmd:rpower $$DOCKERCN stop -check:rc==0 -cmd:rpower $$DOCKERCN state -check:output=~exited -cmd:rpower $$DOCKERCN start -check:rc==0 -cmd:rpower $$DOCKERCN state -check:output=~running -cmd:rmdocker $$DOCKERCN -f -check:rc==0 -cmd:makehosts -d $$DOCKERCN -check:rc==0 -cmd:rmdef $$DOCKERCN -check:rc==0 -end - -start:rpower_restart_docker -description:restart a created docker instance -label:others,docker -cmd:chdef $$DOCKERCN dockerhost=$$DOCKERHOST:2375 dockercpus=1 ip=$$DOCKERCONIP dockermemory=4096 groups=docker,all mgt=docker -check:rc==0 -cmd:makehosts $$DOCKERCN -check:rc==0 -cmd:mkdocker $$DOCKERCN image=$$DOCKERIMAGE command=$$DOCKERCOMMAND dockerflag="{\"AttachStdin\":true,\"AttachStdout\":true,\"AttachStderr\":true,\"OpenStdin\":true,\"Tty\":true}" -check:rc==0 -cmd:rpower $$DOCKERCN state -check:output=~created -cmd:rpower $$DOCKERCN restart -check:rc==0 -check:output=~success -cmd:sleep 6 -cmd:rpower $$DOCKERCN state -check:output=~running -cmd:sleep 6 -cmd:rpower $$DOCKERCN restart -check:rc==0 -check:output=~success -cmd:rpower $$DOCKERCN state -check:output=~running -cmd:rmdocker $$DOCKERCN -f -check:rc==0 -cmd:makehosts -d $$DOCKERCN -check:rc==0 -cmd:rmdef $$DOCKERCN -check:rc==0 -end - -start:rpower_pause_docker -decription:pause all processes in the instance -label:others,docker -cmd:chdef $$DOCKERCN dockerhost=$$DOCKERHOST:2375 dockercpus=1 ip=$$DOCKERCONIP dockermemory=4096 groups=docker,all mgt=docker -check:rc==0 -cmd:makehosts $$DOCKERCN -check:rc==0 -cmd:mkdocker $$DOCKERCN image=$$DOCKERIMAGE command=$$DOCKERCOMMAND dockerflag="{\"AttachStdin\":true,\"AttachStdout\":true,\"AttachStderr\":true,\"OpenStdin\":true,\"Tty\":true}" -check:rc==0 -cmd:rpower $$DOCKERCN pause -check:rc!=0 -check:output=~$$DOCKERCN: (\[.*?\]: )?Error -cmd:rpower $$DOCKERCN start -check:rc==0 -cmd:rpower $$DOCKERCN pause -check:rc==0 -cmd:rpower $$DOCKERCN state -check:output=~paused -cmd:rpower $$DOCKERCN unpause -check:rc==0 -cmd:rmdocker $$DOCKERCN -f -check:rc==0 -cmd:makehosts -d $$DOCKERCN -check:rc==0 -cmd:rmdef $$DOCKERCN -check:rc==0 -end - -start:rpower_unpause_docker -description:unpause all processes in the instance -label:others,docker -cmd:chdef $$DOCKERCN dockerhost=$$DOCKERHOST:2375 dockercpus=1 ip=$$DOCKERCONIP dockermemory=4096 groups=docker,all mgt=docker -check:rc==0 -cmd:makehosts $$DOCKERCN -check:rc==0 -cmd:mkdocker $$DOCKERCN image=$$DOCKERIMAGE command=$$DOCKERCOMMAND dockerflag="{\"AttachStdin\":true,\"AttachStdout\":true,\"AttachStderr\":true,\"OpenStdin\":true,\"Tty\":true}" -check:rc==0 -cmd:rpower $$DOCKERCN start -check:rc==0 -cmd:rpower $$DOCKERCN pause -check:output=~paused -cmd:rpower $$DOCKERCN unpause -check:rc==0 -check:output=~success -cmd:sleep 6 -cmd:rpower $$DOCKERCN state -check:output=~running -cmd:sleep 6 -cmd:rmdocker $$DOCKERCN -f -check:rc==0 -cmd:makehosts -d $$DOCKERCN -check:rc==0 -cmd:rmdef $$DOCKERCN -check:rc==0 -end -start:mkdocker_h -description:output usage for mkdocker -label:others,docker -cmd:mkdocker -h -check:rc==0 -check:output=~Usage: mkdocker -end -start:mkdocker_command -description:create docker instance image should be ubuntu and command should be bash here -label:others,docker -cmd:chdef $$DOCKERCN dockerhost=$$DOCKERHOST:2375 dockercpus=1 ip=$$DOCKERCONIP dockermemory=4096 groups=docker,all mgt=docker -check:rc==0 -cmd:makehosts $$DOCKERCN -check:rc==0 -cmd:mkdocker $$DOCKERCN image=$$DOCKERIMAGE command=$$DOCKERCOMMAND dockerflag="{\"AttachStdin\":true,\"AttachStdout\":true,\"AttachStderr\":true,\"OpenStdin\":true,\"Tty\":true}" -check:rc==0 -check:output=~$$DOCKERCN: success -cmd:lsdocker $$DOCKERCN -check:rc==0 -check:output=~$$DOCKERIMAGE -check:output=~$$DOCKERCOMMAND -cmd:rpower $$DOCKERCN state -check:rc==0 -check:output=~$$DOCKERCN: created -cmd:rpower $$DOCKERCN start -check:rc==0 -check:output=~$$DOCKERCN: success -cmd:xdsh $$DOCKERHOST "docker ps -l" -check:output=~$$DOCKERCN -check:rc==0 -cmd:ping $$DOCKERCN -c 3 -check:output=~64 bytes from $$DOCKERCN -cmd:rmdocker $$DOCKERCN -f -check:rc==0 -cmd:makehosts -d $$DOCKERCN -check:rc==0 -cmd:rmdef $$DOCKERCN -check:rc==0 -end -start:rmdocker_h -description:output usage for rmdocker -label:others,docker -cmd:rmdocker -h -check:rc==0 -check:output=~Usage: rmdocker -end -start:rmdocker_command -description:remove docker instance -label:others,docker -cmd:chdef $$DOCKERCN dockerhost=$$DOCKERHOST:2375 dockercpus=1 ip=$$DOCKERCONIP dockermemory=4096 groups=docker,all mgt=docker -check:rc==0 -cmd:makehosts $$DOCKERCN -check:rc==0 -cmd:mkdocker $$DOCKERCN image=$$DOCKERIMAGE command=$$DOCKERCOMMAND dockerflag="{\"AttachStdin\":true,\"AttachStdout\":true,\"AttachStderr\":true,\"OpenStdin\":true,\"Tty\":true}" -check:rc==0 -check:output=~$$DOCKERCN: success -cmd:lsdocker $$DOCKERCN -check:rc==0 -cmd:rmdocker $$DOCKERCN -check:rc==0 -cmd:lsdocker -l $$DOCKERCN -check:rc!=0 -check:output=~$$DOCKERCN: (\[.*?\]: )?Error -cmd:makehosts -d $$DOCKERCN -check:rc==0 -cmd:rmdef $$DOCKERCN -check:rc==0 -end -start:rmdocker_f_command -description:force to remove docker instance -label:others,docker -cmd:chdef $$DOCKERCN dockerhost=$$DOCKERHOST:2375 dockercpus=1 ip=$$DOCKERCONIP dockermemory=4096 groups=docker,all mgt=docker -check:rc==0 -cmd:makehosts $$DOCKERCN -check:rc==0 -cmd:mkdocker $$DOCKERCN image=$$DOCKERIMAGE command=$$DOCKERCOMMAND dockerflag="{\"AttachStdin\":true,\"AttachStdout\":true,\"AttachStderr\":true,\"OpenStdin\":true,\"Tty\":true}" -check:rc==0 -check:output=~$$DOCKERCN: success -cmd:lsdocker $$DOCKERCN -check:rc==0 -cmd:rpower $$DOCKERCN start -check:rc==0 -cmd:rmdocker $$DOCKERCN -check:rc!=0 -check:output=~Stop the container -cmd:rmdocker $$DOCKERCN -f -check:rc==0 -check:output=~$$DOCKERCN: success -cmd:makehosts -d $$DOCKERCN -check:rc==0 -cmd:rmdef $$DOCKERCN -check:rc==0 -end -start:lsdocker_h_command -description:output usage for lsdocker -label:others,docker -cmd:lsdocker -h -check:rc==0 -check:output=~Usage: lsdocker -end -start:lsdocker_l_command -description:list docker instance info -label:others,docker -cmd:chdef $$DOCKERCN dockerhost=$$DOCKERHOST:2375 dockercpus=1 ip=$$DOCKERCONIP dockermemory=4096 groups=docker,all mgt=docker -check:rc==0 -cmd:makehosts $$DOCKERCN -check:rc==0 -cmd:mkdocker $$DOCKERCN image=$$DOCKERIMAGE command=$$DOCKERCOMMAND dockerflag="{\"AttachStdin\":true,\"AttachStdout\":true,\"AttachStderr\":true,\"OpenStdin\":true,\"Tty\":true}" -check:rc==0 -cmd:lsdocker -l $$DOCKERCN -check:rc==0 -check:output=~$$DOCKERCN -cmd:rmdocker $$DOCKERCN -f -check:rc==0 -cmd:makehosts -d $$DOCKERCN -check:rc==0 -cmd:rmdef $$DOCKERCN -check:rc==0 -end diff --git a/xCAT-test/autotest/testcase/installation/ubuntu_full_installation_vm_docker b/xCAT-test/autotest/testcase/installation/ubuntu_full_installation_vm_docker deleted file mode 100644 index f7a730b1b..000000000 --- a/xCAT-test/autotest/testcase/installation/ubuntu_full_installation_vm_docker +++ /dev/null @@ -1,47 +0,0 @@ -start:Full_installation_flat_docker -os:Linux -label:others,docker,invoke_provision -cmd:copycds $$ISO -check:rc==0 -cmd:makedns -n -check:rc==0 -cmd:makeconservercf -check:rc==0 -cmd:makedhcp -n -check:rc==0 -cmd:mkdef -t osimage -o __GETNODEATTR($$CN,os)__-__GETNODEATTR($$CN,arch)__-install-dockerhost -u profile=compute provmethod=install -check:rc==0 -cmd:if [[ "__GETNODEATTR($$CN,os)__" =~ "ubuntu" ]];then ver=`cat /etc/*-release |grep "VERSION_ID"| awk -F '"' '{print $2}'| awk -F"." '{printf "%s%s\n",$1,$2}'` ; chdef -t osimage -o __GETNODEATTR($$CN,os)__-__GETNODEATTR($$CN,arch)__-install-dockerhost otherpkgdir="https://apt.dockerproject.org/repo ubuntu-trusty main,http://cz.archive.ubuntu.com/ubuntu trusty main" otherpkglist="/install/custom/ubuntu$ver/ubuntu"$ver"_docker.pkglist" osdistroname="__GETNODEATTR($$CN,os)__ ";fi -check:rc==0 -cmd:if [[ "__GETNODEATTR($$CN,os)__" =~ "ubuntu" ]];then ver=`cat /etc/*-release |grep "VERSION_ID"| awk -F '"' '{print $2}'| awk -F"." '{printf "%s%s\n",$1,$2}'` ; mkdir -p /install/custom/ubuntu$ver/ ; chdef -t osimage -o __GETNODEATTR($$CN,os)__-__GETNODEATTR($$CN,arch)__-install-dockerhost otherpkglist="/install/custom/ubuntu$ver/ubuntu"$ver"_docker.pkglist" pkglist="/install/custom/ubuntu$ver/ubuntu$ver.pkglist";fi -check:rc==0 -cmd:if [[ "__GETNODEATTR($$CN,os)__" =~ "ubuntu" ]];then ver=`cat /etc/*-release |grep "VERSION_ID"| awk -F '"' '{print $2}'| awk -F"." '{printf "%s%s\n",$1,$2}'` ;for i in openssh-server ntp gawk nfs-common snmpd bridge-utils; do cat /install/custom/ubuntu$ver/ubuntu$ver.pkglist|grep "$i$";if [ $? -ne 0 ] ; then echo "$i" >> /install/custom/ubuntu$ver/ubuntu$ver.pkglist; fi done;fi -check:rc==0 -cmd:if [[ "__GETNODEATTR($$CN,os)__" =~ "ubuntu14.04" ]];then ver=`cat /etc/*-release |grep "VERSION_ID"| awk -F '"' '{print $2}'| awk -F"." '{printf "%s%s\n",$1,$2}'`; for i in docker-engine;do cat /install/custom/ubuntu$ver/ubuntu"$ver"\_docker.pkglist |grep "$i$";if [ $? -ne 0 ] ; then echo "$i" >> /install/custom/ubuntu$ver/ubuntu"$ver"\_docker.pkglist;fi done;fi -check:rc==0 -cmd: chdef $$CN -p postbootscripts="setupdockerhost mynet0=$$MYNET0VALUE@$$DOCKERHOSIP:$$NICNAME" -check:rc==0 -cmd:/opt/xcat/share/xcat/tools/autotest/testcase/commoncmd/retry_install.sh $$CN __GETNODEATTR($$CN,os)__-__GETNODEATTR($$CN,arch)__-install-dockerhost -check:rc==0 -check:output=~Provision node\(s\)\: $$CN - -cmd:a=0;while ! `lsdef -l $$CN|grep status|grep booted >/dev/null`; do sleep 10;((a++));if [ $a -gt 360 ];then break;fi done - -cmd:ping $$CN -c 3 -check:output=~64 bytes from $$CN -check:rc==0 -cmd:lsdef -l $$CN | grep status -check:output=~booted -cmd:xdsh $$CN date -check:rc==0 -cmd:xdsh $$CN "docker -v" -check:output=~Docker version -check:rc==0 - -cmd:a=0;while true; do [ $a -eq 100 ] && exit 1;xdsh $$CN "docker pull $$DOCKERIMAGE";output=$(xdsh $$CN "docker images");echo $output|grep $$DOCKERIMAGE 2>/dev/null && exit 0;a=$[$a+1];sleep 1;done -check:rc==0 -cmd:rmdef -t osimage -o __GETNODEATTR($$CN,os)__-__GETNODEATTR($$CN,arch)__-install-dockerhost -check:rc==0 -cmd: chdef $$CN postbootscripts= -check:rc==0 -end diff --git a/xCAT/postscripts/setupdockerhost b/xCAT/postscripts/setupdockerhost deleted file mode 100755 index f84bfb3fb..000000000 --- a/xCAT/postscripts/setupdockerhost +++ /dev/null @@ -1,191 +0,0 @@ -#!/bin/bash - -# IBM(c) 2014 EPL license http://www.eclipse.org/legal/epl-v10.html -#------------------------------------------------------------------------------- -#=head1 setupdockerhost -#=head2 Used on Linux only. Configure SSL connection and docker network object on docker host -# -# You can run the following commands on MN: -# updatenode noderange -P "setupdockerhost netname=net/mask@gateway:nicname" -# -#=cut -#------------------------------------------------------------------------------- -set -x -if [ "$(uname -s|tr 'A-Z' 'a-z')" = "linux" ];then - str_dir_name=`dirname $0` - . $str_dir_name/xcatlib.sh -fi - -if [[ "$OSVER" != ubuntu* ]]; then - echo "OS = $OSVER: Setup of Docker host is currently supported only on Ubuntu." - exit 1 -fi - -if [[ "$ARCH" == "x86_64" ]]; then - # Check if docker-engine is installed - dpkg -l docker-engine - if [ $? -ne 0 ]; then - echo "Error: can not detect docker-engine installation." - exit 1 - fi -fi - -if [[ "$ARCH" == "ppc64el" ]]; then - # Check if docker.io is installed - dpkg -l docker.io - if [ $? -ne 0 ]; then - echo "Error: can not detect docker.io installation." - exit 1 - fi -fi - -# Docker is installed, check that it is running -docker info -if [ $? -ne 0 ]; then - echo "Docker is not running, Trying to restart." - service docker start -fi - -DOCKER_VERSION=`docker info 2>/dev/null | grep "Server Version:" | awk -F: '{print $2}'` -if [ -z "$DOCKER_VERSION" ];then - echo "Error: failed to get docker server version" - exit 1 -fi -MAJOR_VERSION=`echo $DOCKER_VERSION | awk -F. '{print $1}'` -MINOR_VERSION=`echo $DOCKER_VERSION | awk -F. '{print $2}'` -if [ -z "$MAJOR_VERSION" -o -z "$MINOR_VERSION" ]; then - echo "The docker version $DOCKER_VERSION can not be recorgnized" - exit 1 -elif [ $MAJOR_VERSION -le 1 -a $MINOR_VERSION -lt 10 ]; then - echo "Only docker version 1.10.x and above is supported" - exit 1 -fi - -netname="" -net="" -mask="" -gateway="" -nicname="" - -if [ $# -ne 1 ]; then - echo "Error: must be in format '$0 netname=net/mask@gateway[:nicname]'" - exit 1 -else - NETINFO="$1" - netname=`echo $NETINFO | awk -F= '{print $1}'` - netinfo=`echo $NETINFO | awk -F= '{print $2}'` - net=${netinfo%%/*} - mask=`echo $netinfo | awk -F'@' '{print $1}' | awk -F/ '{print $2}'` - gateway=`echo $netinfo | awk -F'@' '{print $2}' | awk -F: '{print $1}'` - nicname=`echo $netinfo | awk -F: '{print $2}'` - if [ ! -z "$nicname" ]; then - if [ ! -x /sbin/brctl ]; then - echo "Error: /sbin/brctl command not found. Not able to configure $nicname" - exit 1; - fi - fi - - if [ -z "$netname" -o -z "$net" -o -z "$mask" -o -z "$gateway" ]; then - echo "Error: must be in format '$0 netname=net/mask@gateway[:nicname]'" - exit 1 - fi -fi - - -#Setup TLS -master=$MASTER -if ! ping $master -c 1 > /dev/null 2>&1 ; then - echo "Error: Host $master is not reachable" - exit 1 -fi - -if [ ! -d /root/.docker ]; then - mkdir -p /root/.docker -fi - -HOST_CA_PEM="/root/.docker/ca-cert.pem" -HOST_CERT_PEM="/root/.docker/dockerhost-cert.pem" - -allowcred.awk & -CREDPID=$! -sleep 1 - -getcredentials.awk xcat_dockerhost_cert | grep -E -v '|' | sed -e 's/<//' -e 's/&/&/' -e 's/"/"/' -e "s/'/'/" > /tmp/xcat_dockerhost_cert - -kill -9 $CREDPID - -grep -E '' /tmp/xcat_dockerhost_cert -if [ $? -ne 0 ]; then - cat /tmp/xcat_dockerhost_cert | - cat /tmp/xcat_dockerhost_cert | grep -E -v '|/{0,1}data>||' >$HOST_CERT_PEM -else - echo "Error: can not get dockerhost certificate files" - exit 1 -fi - -cp /xcatpost/ca/ca-cert.pem $HOST_CA_PEM - -if [ ! -e $HOST_CA_PEM -o ! -e $HOST_CERT_PEM ];then - echo "Error: can not get dockerhost certificate files" - exit 1 -fi - -docker_conf_file="/etc/default/docker" -if [ ! -f "$docker_conf_file" ]; then - echo "Error: file $docker_conf_file does not exist" - exit 1 -fi -if ! grep "^DOCKER_OPTS" $docker_conf_file > /dev/null 2>&1 ; then - echo "DOCKER_OPTS=\"-H unix:///var/run/docker.sock -H tcp://`hostname`:2375 --tls --tlscacert=$HOST_CA_PEM --tlscert=$HOST_CERT_PEM --tlskey=$HOST_CERT_PEM --tlsverify=true\"" >> $docker_conf_file -else - if grep "^DOCKER_OPTS.*tlsverify" $docker_conf_file > /dev/null 2>&1; then - sed -i "s@-H [^ |^\"]*@@g" $docker_conf_file - sed -i "s@--tlscacert=[^ |^\"]*@@g" $docker_conf_file - sed -i "s@--tlscert=[^ |^\"]*@@g" $docker_conf_file - sed -i "s@--tlskey=[^ |^\"]*@@g" $docker_conf_file - sed -i "s@--tlsverify=[^ |^\"]*@@g" $docker_conf_file - sed -i "s@--tls@@g" $docker_conf_file - sed -i "s@\ \{2,\}@@g" $docker_conf_file - fi - sed -i "s@^\(DOCKER_OPTS\=\"[^\"]*\)@\1 -H unix:///var/run/docker.sock -H tcp://`hostname`:2375 --tls --tlscacert=$HOST_CA_PEM --tlscert=$HOST_CERT_PEM --tlskey=$HOST_CERT_PEM --tlsverify=true\"@" $docker_conf_file - sed -i 's/\"\{2,\}/\"/' $docker_conf_file -fi - -#Restart docker service -service docker stop -sleep 2 -systemctl daemon-reload -service docker start -# It is found that sometimes the docker ps will failed if run immediately after restart docker daemon -sleep 2 -docker ps -if [ $? -ne 0 ]; then - echo "Error: Failed to start Docker service" - exit 1 -fi - -echo "Will create network based on: $net/$mask@$gateway===$nicname:$netname=====" - -ret=`docker network create --gateway=$gateway --subnet=$net/$mask -o "com.docker.network.bridge.host_binding_ipv4"="$gateway" -o "com.docker.network.bridge.name"="$netname" $netname 2>&1` -if [ $? -ne 0 ]; then - echo "Error: Creation of network object \"$netname\" failed: $ret" - exit 1 -fi -if [ ! -z "$nicname" ]; then - brctl addif $netname $nicname - default_info=`ip route | grep default | grep "dev $nicname" | grep via` - if [ ! -z "$default_info" ]; then - default_gw=`echo $default_info | awk '{print $3}'` - ip route replace default dev $netname via $default_gw - fi - nic_ip_info=`ip addr show dev $nicname scope global | grep inet | sed -e 's/inet.//'|awk '{print $1}'` - if [ ! -z "$nic_ip_info" ]; then - ip addr del $nic_ip_info dev $nicname - fi - bridge_ip_info=`ip addr show dev $netname scope global | grep inet | sed -e 's/inet.//'|awk '{print $1}'` - if [ -z "$bridge_ip_info" ]; then - ip addr add $gateway/$mask dev $netname - fi -fi - -exit 0