From: Ernesto Puerta <epuertat@redhat.com>
Date: Tue, 11 May 2021 23:03:41 +0000 (+0200)
Subject: cephadm: add cephadm sandbox (Docker in Docker)
X-Git-Tag: v17.1.0~577^2~6
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=b787fa4c752365a763330e7901b7dd25e3c704ff;p=ceph.git

cephadm: add cephadm sandbox (Docker in Docker)

Fixes:
Signed-off-by: Ernesto Puerta <epuertat@redhat.com>
---

diff --git a/src/cephadm/box/Dockerfile b/src/cephadm/box/Dockerfile
new file mode 100644
index 00000000000..210e5517676
--- /dev/null
+++ b/src/cephadm/box/Dockerfile
@@ -0,0 +1,28 @@
+# https://developers.redhat.com/blog/2014/05/05/running-systemd-within-docker-container/
+FROM centos:8 as centos-systemd
+ENV container docker
+#RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+#rm -f /lib/systemd/system/multi-user.target.wants/*;\
+#rm -f /etc/systemd/system/*.wants/*;\
+#rm -f /lib/systemd/system/local-fs.target.wants/*; \
+#rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+#rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+#rm -f /lib/systemd/system/basic.target.wants/*;\
+#rm -f /lib/systemd/system/anaconda.target.wants/*;
+RUN dnf -y install chrony firewalld lvm2 \
+  openssh-server openssh-clients python3 yum-utils && dnf clean all
+RUN systemctl enable chronyd firewalld sshd
+
+
+FROM centos-systemd as centos-systemd-docker
+# To cache cephadm images
+RUN yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
+RUN dnf -y install docker-ce && \
+  dnf clean all && systemctl enable docker
+
+
+FROM centos-systemd-docker
+WORKDIR /root
+COPY start /usr/local/bin
+
+CMD [ "/usr/sbin/init" ]
diff --git a/src/cephadm/box/docker-compose.yml b/src/cephadm/box/docker-compose.yml
new file mode 100644
index 00000000000..f012232294e
--- /dev/null
+++ b/src/cephadm/box/docker-compose.yml
@@ -0,0 +1,39 @@
+version: "2.4"
+services:
+  cephadm-host-base:
+    build:
+      context: .
+    environment:
+      - CEPH_BRANCH=master
+    image: cephadm-box
+    # probably not needed with rootless Docker and cgroups v2
+    privileged: true
+    cap_add:
+      - SYS_ADMIN
+      - NET_ADMIN
+      - SYS_TIME
+      - MKNOD
+    stop_signal: RTMIN+3
+    volumes:
+      - "/sys/fs/cgroup:/sys/fs/cgroup:ro"
+    networks:
+      - public
+    scale: -1
+  seed:
+    extends:
+      service: cephadm-host-base
+    ports:
+      - "3000:3000"
+      - "8443:8443"
+      - "9095:9095"
+    scale: 1
+  hosts:
+    extends:
+      service: cephadm-host-base
+    scale: 3
+
+
+volumes:
+  var-lib-docker:
+networks:
+  public:
diff --git a/src/cephadm/box/start b/src/cephadm/box/start
new file mode 100755
index 00000000000..5ca5c684741
--- /dev/null
+++ b/src/cephadm/box/start
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -euxo pipefail
+CEPHADM_PATH=/usr/local/sbin/cephadm
+
+curl --silent \
+  --location "https://github.com/ceph/ceph/raw/${CEPH_BRANCH:-master}/src/cephadm/cephadm" \
+  --output $CEPHADM_PATH \
+  && chmod +x $CEPHADM_PATH
+
+tail -f /var/log/ceph/cephadm.log 1>&2 &
+
+EXTRA_ARGS=()
+if [[ -n "${SHARED_CEPH_FOLDER-}" ]]; then
+    EXTRA_ARGS+=(--shared_ceph_folder "$SHARED_CEPH_FOLDER")
+fi
+
+$CEPHADM_PATH bootstrap \
+  --mon-ip "$(hostname -i)" \
+  --allow-fqdn-hostname \
+  --initial-dashboard-password admin \
+  --dashboard-password-noupdate \
+  "${EXTRA_ARGS[@]}"