node-init requires access to /usr/bin

Bug #1781605 reported by Ricardo Rocha on 2018-07-13
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Juniper Openstack
Status tracked in Trunk
R5.0
Fix Committed
Medium
Ricardo Rocha
Trunk
Fix Committed
Medium
Ricardo Rocha

Bug Description

contrail-container-builder node-init is creating an executable script in /usr/bin:
https://github.com/Juniper/contrail-container-builder/blob/master/containers/node-init/contrail-status-init.sh#L27

We do have the host's /usr/bin mounted, but as we rely on Atomic this directory is read-only.

Not sure if the best is to redo the logic to not require a local script, or to put these scripts is a directory which is not readonly.

information type: Proprietary → Public
description: updated
Jeba Paulaiyan (jebap) on 2018-07-17
tags: added: build
Andrey Pavlov (apavlov-e) wrote :

@Ricardo,

what tool you are use to deploy?

node-init create contrail-status utility to allow to run it and see detailed status of contrails' components.

I see two options:
1) you can mount any other directory from host that is not read-only and in the PATH to be able to run contrail-status
2) I can fix container: if target is read-only then node-init willn't create contrail-status file there

Ricardo Rocha (rocha-porto) wrote :

Hi Andrey.

Thanks for looking at this.

We're deploying using the helm charts and it's looking really good. For this case i think the best would be to be able to mount something else than /usr/bin as you mention. /usr/local/bin would work, it is writable in Atomic.

Do you mean mount /usr/local/bin into /host/usr/bin? I can check the helm chart to see if that's possible or an easy patch.

tags: added: helm

Review in progress for https://review.opencontrail.org/44931
Submitter: Ignacio Dominguez Martinez-Casanueva (<email address hidden>)

Reviewed: https://review.opencontrail.org/44931
Committed: http://github.com/Juniper/contrail-helm-deployer/commit/be3ce16fbe271ed964d1755806091836ebd0844a
Submitter: Zuul v3 CI (<email address hidden>)
Branch: master

commit be3ce16fbe271ed964d1755806091836ebd0844a
Author: Ignacio Dominguez Martinez-Casanueva <email address hidden>
Date: Wed Jul 25 08:16:55 2018 +0200

Support for custom host mount for contrail-node-init

Init container 'contrail-node-init' currently mounts /usr/bin folder.
However, some systems such as Fedora Atomic do not allow writing on this directory.

This change provides support for setting a custom hostMount path.
This way, users can provide a different path that is writable in other systems, like Atomic.

Change-Id: If123ffa4a88fdad19356c421a4572b2751c05b51
Closes-Bug: #1781605

Review in progress for https://review.opencontrail.org/45209
Submitter: Andrey Pavlov (<email address hidden>)

Reviewed: https://review.opencontrail.org/45209
Committed: http://github.com/Juniper/contrail-helm-deployer/commit/35dd187b6f36a5a49b2932b3a3f73ac91b7bfa25
Submitter: Zuul v3 CI (<email address hidden>)
Branch: R5.0

commit 35dd187b6f36a5a49b2932b3a3f73ac91b7bfa25
Author: Ignacio Dominguez Martinez-Casanueva <email address hidden>
Date: Wed Jul 25 08:16:55 2018 +0200

Support for custom host mount for contrail-node-init

Init container 'contrail-node-init' currently mounts /usr/bin folder.
However, some systems such as Fedora Atomic do not allow writing on this directory.

This change provides support for setting a custom hostMount path.
This way, users can provide a different path that is writable in other systems, like Atomic.

Change-Id: If123ffa4a88fdad19356c421a4572b2751c05b51
Closes-Bug: #1781605
(cherry picked from commit be3ce16fbe271ed964d1755806091836ebd0844a)

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers