Merge pull request #18 from twiest/pr

Added Docker image build stuff

playbooks/aws/os2-atomic-proxy/config.yml

@@ -18,4 +18,9 @@
   roles:
     - ../../../roles/atomic_base
     - ../../../roles/atomic_proxy
+    - ../../../roles/docker_img_build
+    - ../../../roles/docker_img_rhel6ops
+    - ../../../roles/docker_img_puppet
+    - ../../../roles/docker_img_proxy
+    - ../../../roles/docker_img_monitoring
     - ../../../roles/shutdown_nightly

roles/docker_img_build/README.md

@@ -0,0 +1,36 @@
+Role Name
+=========
+
+The purpose of this role is to setup tools to do docker image builds
+
+Requirements
+------------
+
+Docker
+
+Role Variables
+--------------
+
+None
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+    - hosts: servers
+      roles:
+         - docker_img_build
+
+License
+-------
+
+ASL 2.0
+
+Author Information
+------------------
+
+Thomas Wiest

roles/docker_img_build/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for docker_img_build

roles/docker_img_build/files/ops-build-container.sh

@@ -0,0 +1,56 @@
+#!/bin/bash
+
+RED=$(echo -e "\e[31m")
+GREEN=$(echo -e "\e[32m")
+YELLOW=$(echo -e "\e[33m")
+BLUE=$(echo -e "\e[34m")
+NORM=$(echo -e "\e[0m")
+
+CTR_DIR='/usr/local/etc/containers'
+
+EXIT_CODE=0
+
+function main()
+{
+  # Make sure we're in the directory we expect to be in
+  cd $CTR_DIR
+
+  TAG=$(echo $1 | sed 's/_container[\/]*//')
+  if [ -z "$TAG" ]
+  then
+    echo "FAILED parsing tag from \$1 [$1]"
+    exit 10
+  fi
+
+  docker build --rm -t $TAG $1
+  EXIT_CODE=$?
+}
+
+if [ $# -ne 1 ]
+then
+  echo
+  echo "  Usage: $(basename $0) container"
+  echo "Example: $(basename $0) monitoring_container"
+  echo
+  exit
+fi
+
+if ! [ -d "$CTR_DIR/$1" ]
+then
+  echo "Error: directory not found [$CTR_DIR/$1]"
+  exit 10
+fi
+
+time main $@
+echo
+echo
+
+if [ $EXIT_CODE -eq 0 ]
+then
+  echo "${GREEN}$1 build succeeded.${NORM}"
+else
+  echo "${RED}$1 build FAILED!${NORM}"
+fi
+
+echo
+exit $EXIT_CODE

roles/docker_img_build/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for docker_img_build

roles/docker_img_build/meta/main.yml

@@ -0,0 +1,14 @@
+---
+galaxy_info:
+  author: Thomas Wiest
+  description: Tools to do docker image builds
+  company: Red Hat
+  license: ASL 2.0
+  min_ansible_version: 1.6
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  categories:
+  - docker
+dependencies: []

roles/docker_img_build/tasks/main.yml

@@ -0,0 +1,6 @@
+---
+- name: mkdir -p /usr/local/etc/containers
+  file: dest=/usr/local/etc/containers state=directory
+
+- name: deploy ops-build-container.sh
+  copy: src=ops-build-container.sh dest=/usr/local/bin/ops-build-container.sh mode=755

roles/docker_img_build/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for docker_img_build

roles/docker_img_monitoring/README.md

@@ -0,0 +1,36 @@
+Role Name
+=========
+
+The purpose of this role is to setup files to do the monitoring docker image build
+
+Requirements
+------------
+
+Docker
+
+Role Variables
+--------------
+
+None
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+    - hosts: servers
+      roles:
+         - docker_img_monitoring
+
+License
+-------
+
+ASL 2.0
+
+Author Information
+------------------
+
+Thomas Wiest

roles/docker_img_monitoring/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for docker_img_puppet

roles/docker_img_monitoring/files/monitoring_container/Dockerfile

@@ -0,0 +1,26 @@
+# This FROM gives us the proper oo-rhui certs, basic runtime env vars, basic repos, etc.
+# Otherwise we can't install anything
+FROM rhel6ops
+
+MAINTAINER Thomas Wiest <twiest@redhat.com>
+
+RUN yum -y update ; yum clean all
+
+# Container Specific RPMs
+RUN yum -y install ruby193-rubygem-zbxapi cronie zabbix-sender ruby openshift-origin-util-scl ruby193-facter socat ; yum clean all
+
+# Setup ctr-ipc dir
+RUN ln -s /shared/var/run/ctr-ipc /var/run/ctr-ipc
+
+# TEMP WORKAROUND: until zbxapi rpm is updated to work with zbx 2.4
+RUN ruby -i -ane 'if $_ =~ /APIInfo.version/ ; puts "    @major,@minor=2,0" ; else puts $_ ; end' /opt/rh/ruby193/root/usr/share/gems/gems/zbxapi-0.3.3/zbxapi.rb
+
+
+# Container specific files
+ADD start.rb /start.rb
+ADD register-with-zabbix.rb /register-with-zabbix.rb
+
+# TEMP WORKAROUND: until cron-send-haproxy-status.rb doesn't check service to see if haproxy is running
+RUN ln -sf /bin/true /etc/init.d/haproxy
+
+CMD ["/start.rb"]

roles/docker_img_monitoring/files/monitoring_container/register-with-zabbix.rb

@@ -0,0 +1,36 @@
+#!/usr/bin/env oo-ruby
+
+require 'optparse'
+require '/usr/local/lib/zabbix_helper'
+
+
+if __FILE__ == $0
+  $stdout.sync = true
+  $stderr.sync = true
+
+  opt_name = nil
+  opt_hostgroup = []
+  opt_template = []
+
+  optparse = OptionParser.new do |opts|
+    opts.banner = "\nUsage: #{File.basename $0}\n\n"
+
+    opts.on('--name NAME',          '[REQUIRED] The host name to register') { |value| opt_name = value }
+    opts.on('--hostgroup GROUP',   '[REQUIRED] The hostgroup(s) with which to register') { |value| opt_hostgroup << value }
+    opts.on('--template TEMPLATE', '[REQUIRED] The template with which to register') { |value| opt_template << value }
+  end
+
+  optparse.parse!
+
+  abort optparse.help if opt_name.nil? || opt_hostgroup.empty? || opt_template.empty?
+
+  puts "Adding host [#{opt_name}] to zabbix..."
+
+  zh = ZabbixHelper.new()
+  result = zh.create_agentless_host(opt_name, opt_hostgroup, opt_template)
+  if result['hostids'].nil?
+    raise "failed to add #{opt_name}"
+  else
+    puts "Successfully registered host with hostid [#{result['hostids'].first}]"
+  end
+end

roles/docker_img_monitoring/files/monitoring_container/start.rb

@@ -0,0 +1,73 @@
+#!/usr/bin/env ruby
+
+require 'fileutils'
+
+
+# TODO: These should be passed in as env vars. When we're in a POD, make sure to do this.
+# WORKAROUND: ^^
+OO_ENV = 'stg'
+OO_CTR_TYPE = 'proxy'
+HOSTGROUPS = ['STG Environment']
+TEMPLATES = ['Template OpenShift Proxy Ctr']
+CTR_NAME = "ctr-#{OO_CTR_TYPE}-#{OO_ENV}-#{ENV['container_uuid'][0..6]}"
+
+
+CTR_CONFIG_FLAG = '/shared/var/run/ctr-ipc/flag/ctr_configured'
+
+
+class Start
+  def self.wait_for_ctr_configured
+    while ! File.exist?(CTR_CONFIG_FLAG)
+      puts "Sleeping 10 seconds, waiting for #{CTR_CONFIG_FLAG}"
+      sleep 10
+    end
+  end
+
+  def self.add_to_zabbix
+    # Need to do this as a separate script because /usr/local gets changed after this script starts.
+    # FIXME: we can change this once we aren't using the puppet container anymore
+    cmd = "/register-with-zabbix.rb --name #{CTR_NAME}"
+    cmd += ' ' + HOSTGROUPS.collect() { |a| "--hostgroup '#{a}'" }.join(' ')
+    cmd += ' ' + TEMPLATES.collect() { |a| "--template '#{a}'" }.join(' ')
+    puts "Running: #{cmd}"
+    system(cmd)
+    raise "failed" unless $?.exitstatus == 0
+  end
+
+  def self.setup_shared_dirs
+    puts '_'
+    ['/usr/local', '/etc/openshift', '/var/lib/haproxy', '/etc/haproxy'].each do |shared_dir|
+      puts "Setting up /shared#{shared_dir}..."
+      FileUtils.rm_rf(shared_dir)
+      FileUtils.ln_s("/shared#{shared_dir}", shared_dir)
+    end
+    puts '_'
+  end
+
+  def self.setup_cron()
+    File.open('/etc/crontab', 'a') do |f|
+      # FIXME: on failure, this should e-mail, not log to a file. Not sure how best to do that in a 1 service per container way.
+      f.write("30 12 * * * root /usr/bin/flock -n /var/tmp/cron-send-cert-expiration.lock -c '/usr/bin/timeout -s9 30s /usr/local/bin/cron-send-cert-expiration.rb --server noc2.ops.rhcloud.com --zbx-host #{CTR_NAME}' &>> /var/log/cron-send-cert-expiration.log\n")
+      f.write("*/2 * * * * root /usr/local/bin/cron-send-haproxy-status.rb --server noc2.ops.rhcloud.com --zbx-host #{CTR_NAME} &>> /var/log/cron-send-haproxy-status.log\n")
+    end
+  end
+
+  def self.exec_cron()
+    puts '_'
+    puts 'Exec-ing cron'
+    puts '-------------'
+    puts "Starting cron..."
+    exec("/usr/sbin/crond -n")
+  end
+end
+
+if __FILE__ == $0
+  $stdout.sync = true
+  $stderr.sync = true
+
+  Start.setup_shared_dirs()
+  Start.wait_for_ctr_configured
+  Start.add_to_zabbix()
+  Start.setup_cron()
+  Start.exec_cron()
+end

roles/docker_img_monitoring/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for docker_img_build

roles/docker_img_monitoring/meta/main.yml

@@ -0,0 +1,14 @@
+---
+galaxy_info:
+  author: Thomas Wiest
+  description: Tools to do docker image builds
+  company: Red Hat
+  license: ASL 2.0
+  min_ansible_version: 1.6
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  categories:
+  - docker
+dependencies: []

roles/docker_img_monitoring/tasks/main.yml

@@ -0,0 +1,10 @@
+---
+- name: deploy monitoring image build files
+  file: dest=/usr/local/etc/containers/monitoring_container mode=755 state=directory
+
+- name: deploy monitoring image build files
+  copy: "src=monitoring_container/{{ item.name }} dest=/usr/local/etc/containers/monitoring_container/{{ item.name }} mode={{ item.mode }}"
+  with_items:
+    - { name: 'Dockerfile',              mode: '644' }
+    - { name: 'register-with-zabbix.rb', mode: '755' }
+    - { name: 'start.rb',                mode: '755' }

roles/docker_img_monitoring/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for docker_img_puppet

roles/docker_img_proxy/README.md

@@ -0,0 +1,36 @@
+Role Name
+=========
+
+The purpose of this role is to setup files to do the proxy docker image build
+
+Requirements
+------------
+
+Docker
+
+Role Variables
+--------------
+
+None
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+    - hosts: servers
+      roles:
+         - docker_img_proxy
+
+License
+-------
+
+ASL 2.0
+
+Author Information
+------------------
+
+Thomas Wiest

roles/docker_img_proxy/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for docker_img_proxy

roles/docker_img_proxy/files/proxy_container/Dockerfile

@@ -0,0 +1,30 @@
+# This FROM gives us the proper oo-rhui certs, basic runtime env vars, basic repos, etc.
+# Otherwise we can't install anything
+FROM rhel6ops
+
+MAINTAINER Thomas Wiest <twiest@redhat.com>
+
+RUN yum -y update ; yum clean all
+
+# Container Specific RPMs
+RUN yum -y install rhc-server-common httpd mod_security mod_ssl haproxy15 supervisor ruby ; yum clean all
+# this needs to be on it's own line, otherwise the libra_user group isn't setup properly yet
+RUN yum -y install rhc-site-static ; yum clean all
+
+# WORKKAROUND: for a bug in supervisor that causes it to use 100% cpu
+RUN yum -y install https://kojipkgs.fedoraproject.org//work/tasks/8506/7818506/supervisor-2.1-9.el6.noarch.rpm ; yum clean all
+
+# Setup libra_user group with correct members
+RUN usermod -a -G libra_user apache
+
+# Setup ctr-ipc dir
+RUN ln -s /shared/var/run/ctr-ipc /var/run/ctr-ipc
+
+# common
+ADD supervisord.conf /etc/supervisord.conf
+ADD start.sh /usr/local/sbin/start.sh
+ADD ipc-watcher.rb /usr/local/sbin/ipc-watcher.rb
+
+EXPOSE 80 443 4999
+
+CMD ["/usr/local/sbin/start.sh"]

roles/docker_img_proxy/files/proxy_container/ipc-watcher.rb

@@ -0,0 +1,67 @@
+#!/usr/bin/env ruby
+
+require 'fileutils'
+
+module OpenShift
+  module Ops
+    class Notify
+      def self.puts(msg)
+        $stdout.puts "#{Time.now}: #{msg}"
+      end
+    end
+
+    class WatchForIpcs
+      IPC_DIR = '/var/run/ctr-ipc'
+      POLL_INTERVAL = 10 # second
+      HAPROXY_CONF = '/etc/haproxy/haproxy.cfg'
+      HAPROXY_PID_FILE = '/var/run/haproxy.pid'
+
+      def self.wait_for_service()
+        loop do
+          Dir.glob("#{IPC_DIR}/service/*").each do |svc_file|
+            svc = File.basename(svc_file)
+            action = File.read(svc_file)
+            Notify.puts "Found IPC service file: #{svc}"
+            Notify.puts "      Action requested: #{action}"
+
+            # Make sure we don't handle this multiple times
+            FileUtils.rm(svc_file)
+
+            handle_service_ipc(svc, action)
+          end
+
+          sleep POLL_INTERVAL
+        end
+      end
+
+      def self.handle_service_ipc(svc, action)
+        cmd = nil
+        case svc
+        when 'httpd'
+          case action
+          when 'restart', 'reload'
+            cmd = "/usr/sbin/apachectl -k graceful"
+          end
+        when 'haproxy'
+          case action
+          when 'restart'
+            cmd = "/usr/sbin/haproxy -f #{HAPROXY_CONF} -p #{HAPROXY_PID_FILE} -sf $(/bin/cat #{HAPROXY_PID_FILE})"
+          end
+        end
+
+  if cmd.nil?
+          Notify.puts "  Warning: Not handling #{svc} #{action}"
+          return
+        end
+
+        Notify.puts "  Running: #{cmd}"
+        output = %x[#{cmd} 2>&1]
+        Notify.puts "  Output: #{output}"
+      end
+    end
+  end
+end
+
+if __FILE__ == $0
+  OpenShift::Ops::WatchForIpcs.wait_for_service()
+end

roles/docker_img_proxy/files/proxy_container/start.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+echo _
+for shared_dir in /etc/haproxy /etc/pki /etc/httpd /var/lib/haproxy
+do
+  echo "Setting up /shared${shared_dir}..."
+  rm -rf $shared_dir
+  ln -s /shared${shared_dir} $shared_dir
+done
+echo _
+
+CTR_CONFIG_FLAG='/shared/var/run/ctr-ipc/flag/ctr_configured'
+while ! [ -f "$CTR_CONFIG_FLAG" ]
+do
+  echo  "Sleeping 10 seconds, waiting for $CTR_CONFIG_FLAG"
+  sleep 10
+done
+
+# Fix broken sym links
+echo "Fixing symlink /etc/httpd/logs..."
+ln -sf /var/log/httpd /shared/etc/httpd/logs
+
+echo "Fixing symlink /etc/httpd/modules..."
+ln -sf /usr/lib64/httpd/modules /shared/etc/httpd/modules
+
+echo "Fixing symlink /etc/httpd/run..."
+ln -sf /var/run/httpd /shared/etc/httpd/run
+echo _
+
+echo "Starting supervisord"
+exec /usr/bin/supervisord

roles/docker_img_proxy/files/proxy_container/supervisord.conf

@@ -0,0 +1,19 @@
+[supervisord]
+http_port = 127.0.0.1:9001
+nodaemon=true
+pidfile = /var/run/supervisord.pid
+
+[supervisorctl]
+serverurl = http://127.0.0.1:9001
+
+[program:haproxy]
+command=/bin/bash -c "echo $$ > /var/run/haproxy.pid && exec /usr/sbin/haproxy -db -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid"
+priority=1
+
+[program:httpd]
+command=/bin/bash -c "source /etc/sysconfig/httpd && exec /usr/sbin/httpd -DFOREGROUND"
+priority=500
+
+[program:ipc-watcher.rb]
+command=/bin/bash -c "/usr/local/sbin/ipc-watcher.rb"
+priority=999

roles/docker_img_proxy/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for docker_img_build

roles/docker_img_proxy/meta/main.yml

@@ -0,0 +1,14 @@
+---
+galaxy_info:
+  author: Thomas Wiest
+  description: Tools to do docker image builds
+  company: Red Hat
+  license: ASL 2.0
+  min_ansible_version: 1.6
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  categories:
+  - docker
+dependencies: []

roles/docker_img_proxy/tasks/main.yml

@@ -0,0 +1,11 @@
+---
+- name: deploy proxy image build files
+  file: dest=/usr/local/etc/containers/proxy_container mode=755 state=directory
+
+- name: deploy proxy image build files
+  copy: "src=proxy_container/{{ item.name }} dest=/usr/local/etc/containers/proxy_container/{{ item.name }} mode={{ item.mode }}"
+  with_items:
+    - { name: 'Dockerfile',       mode: '644' }
+    - { name: 'ipc-watcher.rb',   mode: '755' }
+    - { name: 'start.sh',         mode: '755' }
+    - { name: 'supervisord.conf', mode: '644' }

roles/docker_img_proxy/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for docker_img_proxy

roles/docker_img_puppet/README.md

@@ -0,0 +1,36 @@
+Role Name
+=========
+
+The purpose of this role is to setup files to do the puppet docker image build
+
+Requirements
+------------
+
+Docker
+
+Role Variables
+--------------
+
+None
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+    - hosts: servers
+      roles:
+         - docker_img_puppet
+
+License
+-------
+
+ASL 2.0
+
+Author Information
+------------------
+
+Thomas Wiest

roles/docker_img_puppet/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for docker_img_puppet

roles/docker_img_puppet/files/puppet_container/Dockerfile

@@ -0,0 +1,32 @@
+# This FROM gives us the proper oo-rhui certs, basic runtime env vars, basic repos, etc.
+# Otherwise we can't install anything
+FROM rhel6ops
+
+MAINTAINER Thomas Wiest <twiest@redhat.com>
+
+RUN yum -y update ; yum clean all
+
+# Container Specific RPMs
+RUN yum -y install puppet3 crontabs cronie-anacron cronie system-config-firewall-base httpd mod_ssl ruby193-rubygem-zbxapi mod_security rhc-site-static; yum clean all
+
+# BEGIN: These are to fake out puppet
+
+RUN rm /usr/sbin/lokkit ; ln -s /bin/true /usr/sbin/lokkit
+
+# END: These are to fake out puppet
+
+# Container specific files
+ADD start.rb /usr/local/sbin/start.rb
+ADD service.rb /sbin/service
+
+# Ensure the scripts are executable
+RUN chmod 755 /sbin/service /usr/local/sbin/start.rb
+
+RUN yum -y install strace ; yum clean all
+
+# Get rid of puppet deprecation warnings
+RUN sed -i 's/^.*manifest =.*$//' /etc/puppet/puppet.conf ; \
+    sed -i 's/^.*manifestdir =.*$//' /etc/puppet/puppet.conf ; \
+    sed -i 's/^.*modulepath =.*$//' /etc/puppet/puppet.conf
+
+CMD ["/usr/local/sbin/start.rb"]

roles/docker_img_puppet/files/puppet_container/service.rb

@@ -0,0 +1,18 @@
+#!/usr/bin/env ruby
+
+require 'fileutils'
+
+if __FILE__ == $0
+  abort "\nUsage: #{File.basename($0)} <name> <action>\n\n" unless ARGV.size == 2
+
+  name = ARGV[0]
+  action = ARGV[1]
+
+  SERVICE_IPC_DIR = '/var/run/ctr-ipc/service'
+
+  FileUtils.mkdir_p(SERVICE_IPC_DIR)
+
+  File.open("#{SERVICE_IPC_DIR}/#{name}", 'w') do |f|
+    f.print action
+  end
+end

roles/docker_img_puppet/files/puppet_container/start.rb

@@ -0,0 +1,86 @@
+#!/usr/bin/env ruby
+
+require 'fileutils'
+
+CTR_CONFIG_FLAG = '/shared/var/run/ctr-ipc/flag/ctr_configured'
+
+
+class Start
+  def self.setup_shared_dirs()
+    puts '_'
+    puts 'Setting up dirs in shared volume'
+    puts '--------------------------------'
+    mtab = File.read('/etc/mtab')
+
+    shared_dirs = mtab.grep(/ \/shared\//).collect { |line| line.split(' ')[1] }
+
+    shared_dirs.each do |sh_dir|
+      orig_dir = sh_dir.gsub(/^\/shared/,'')
+
+      next if File.symlink?(orig_dir)
+
+      if File.exist?(orig_dir)
+        cmd = "cp -vaf #{orig_dir} #{File.dirname(sh_dir)}"
+        puts "Running: #{cmd}"
+        system(cmd)
+
+        cmd = "rm -vrf #{orig_dir}"
+        puts "Running: #{cmd}"
+        system(cmd)
+      end
+
+      FileUtils.ln_s(sh_dir, orig_dir, {:verbose => true})
+    end
+    puts 'Done.'
+    puts '_'
+  end
+
+  def self.run_puppet_agent()
+    puts '_'
+    puts 'Running Puppet Agent'
+    puts '--------------------'
+    exitcode = nil
+    1.upto(3) do |ctr|
+       unless ctr == 1
+         puts '_'
+         puts "Previous puppet run failed with exit code [#{exitcode}], running again..."
+         puts '_'
+       end
+
+       system("bash -c 'time /usr/bin/puppet agent -t'")
+       exitcode = $?.exitstatus
+       puts "Exit Code [#{exitcode}]"
+
+       break if exitcode == 0 || exitcode == 2
+    end
+
+    raise "Puppet run failed, retries exhausted." if exitcode != 0 && exitcode != 2
+
+    puts 'Done.'
+    puts '_'
+
+    puts '_'
+    puts 'Creating ctr_configured flag'
+    FileUtils.mkdir_p(File.dirname(CTR_CONFIG_FLAG))
+    FileUtils.touch(CTR_CONFIG_FLAG)
+    puts 'Done.'
+    puts '_'
+  end
+
+  def self.exec_puppetd()
+    puts '_'
+    puts 'Exec-ing puppet daemon'
+    puts '---------------------'
+    puts "Starting puppet agent..."
+    exec("bash -c '/usr/bin/puppet agent --no-daemonize --detailed-exitcodes --verbose'")
+  end
+end
+
+if __FILE__ == $0
+  $stdout.sync = true
+  $stderr.sync = true
+
+  Start.setup_shared_dirs()
+  Start.run_puppet_agent()
+  Start.exec_puppetd()
+end

roles/docker_img_puppet/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for docker_img_build

roles/docker_img_puppet/meta/main.yml

@@ -0,0 +1,14 @@
+---
+galaxy_info:
+  author: Thomas Wiest
+  description: Tools to do docker image builds
+  company: Red Hat
+  license: ASL 2.0
+  min_ansible_version: 1.6
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  categories:
+  - docker
+dependencies: []

roles/docker_img_puppet/tasks/main.yml

@@ -0,0 +1,10 @@
+---
+- name: deploy puppet image build files
+  file: dest=/usr/local/etc/containers/puppet_container mode=755 state=directory
+
+- name: deploy puppet image build files
+  copy: "src=puppet_container/{{ item.name }} dest=/usr/local/etc/containers/puppet_container/{{ item.name }} mode={{ item.mode }}"
+  with_items:
+    - { name: 'Dockerfile', mode: '644' }
+    - { name: 'service.rb', mode: '755' }
+    - { name: 'start.rb',   mode: '755' }

roles/docker_img_puppet/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for docker_img_puppet

roles/docker_img_rhel6ops/README.md

@@ -0,0 +1,36 @@
+Role Name
+=========
+
+The purpose of this role is to setup files to do the rhel6ops docker image build
+
+Requirements
+------------
+
+Docker
+
+Role Variables
+--------------
+
+None
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+    - hosts: servers
+      roles:
+         - docker_img_rhel6ops
+
+License
+-------
+
+ASL 2.0
+
+Author Information
+------------------
+
+Thomas Wiest

roles/docker_img_rhel6ops/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for docker_img_rhel6ops

roles/docker_img_rhel6ops/files/rhel6ops_container/Dockerfile

@@ -0,0 +1,29 @@
+FROM rhel6
+MAINTAINER Thomas Wiest <twiest@redhat.com>
+
+ENV CONTAINER docker
+ENV USER root
+ENV HOME /root
+ENV TERM xterm
+WORKDIR /root
+
+# creature comforts
+ADD bashrc /root/.bashrc
+
+# Add the yum repos
+ADD etc/yum.repos.d/ /etc/yum.repos.d
+
+# Add yum vars
+RUN echo -n 6 > /etc/yum/vars/majorrelease
+
+# setup links for the yum mirror certs
+RUN ln -s /run/secrets/etc-pki-entitlement/yum/client-cert.pem /var/lib/yum/client-cert.pem ; \
+    ln -s /run/secrets/etc-pki-entitlement/yum/client-key.pem /var/lib/yum/client-key.pem
+
+
+RUN rpm --import /etc/pki/rpm-gpg/* && \
+yum clean metadata && \
+yum -y remove subscription-manager && \
+yum -y install vim-enhanced telnet && \
+yum -y update && \
+yum clean all

roles/docker_img_rhel6ops/files/rhel6ops_container/bashrc

@@ -0,0 +1,14 @@
+# .bashrc
+
+# User specific aliases and functions
+
+alias ls='ls --color'
+alias rm='rm -i'
+alias cp='cp -i'
+alias mv='mv -i'
+alias vi=vim
+
+# Source global definitions
+if [ -f /etc/bashrc ]; then
+	. /etc/bashrc
+fi

roles/docker_img_rhel6ops/files/rhel6ops_container/etc/yum.repos.d/epel.repo

@@ -0,0 +1,16 @@
+[epel]
+name=Extra Packages for Enterprise Linux 6 - $basearch
+baseurl=http://mirror.ops.rhcloud.com/mirror/epel/6/$basearch/
+failovermethod=priority
+enabled=1
+gpgcheck=0
+exclude=libmongodb mongodb* nodejs*
+
+[epel-testing]
+name=Extra Packages for Enterprise Linux 6 - Testing - $basearch
+baseurl=http://mirror.ops.rhcloud.com/mirror/epel/testing/6/$basearch/
+failovermethod=priority
+enabled=0
+gpgcheck=0
+exclude=libmongodb mongodb* nodejs*
+

roles/docker_img_rhel6ops/files/rhel6ops_container/etc/yum.repos.d/li-rhscl.repo

@@ -0,0 +1,15 @@
+[li-rhscl]
+name=Li RHSCL repo for Enterprise Linux $majorrelease - $basearch
+baseurl=https://mirror.ops.rhcloud.com/libra/rhscl-rhel-$majorrelease-libra/$basearch/
+        https://use-mirror1.ops.rhcloud.com/libra/rhscl-rhel-$majorrelease-libra/$basearch/
+        https://use-mirror2.ops.rhcloud.com/libra/rhscl-rhel-$majorrelease-libra/$basearch/
+        https://euw-mirror1.ops.rhcloud.com/libra/rhscl-rhel-$majorrelease-libra/$basearch/
+        https://gce-mirror1.ops.rhcloud.com/libra/rhscl-rhel-$majorrelease-libra/$basearch/
+        https://gce-mirror2.ops.rhcloud.com/libra/rhscl-rhel-$majorrelease-libra/$basearch/
+enabled=1
+gpgcheck=1
+gpgkey=https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-release https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-beta https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-openshifthosted
+failovermethod=priority
+sslverify=0
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem

roles/docker_img_rhel6ops/files/rhel6ops_container/etc/yum.repos.d/li-staging.repo

@@ -0,0 +1,15 @@
+[li-staging]
+name=Staging Li repo for Enterprise Linux $majorrelease - $basearch
+baseurl=https://mirror.ops.rhcloud.com/libra/rhel-$majorrelease-libra-stage/$basearch/
+        https://use-mirror1.ops.rhcloud.com/libra/rhel-$majorrelease-libra-stage/$basearch/
+        https://use-mirror2.ops.rhcloud.com/libra/rhel-$majorrelease-libra-stage/$basearch/
+        https://euw-mirror1.ops.rhcloud.com/libra/rhel-$majorrelease-libra-stage/$basearch/
+        https://gce-mirror1.ops.rhcloud.com/libra/rhel-$majorrelease-libra-stage/$basearch/
+        https://gce-mirror2.ops.rhcloud.com/libra/rhel-$majorrelease-libra-stage/$basearch/
+enabled=1
+gpgcheck=0
+gpgkey=https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-release https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-beta https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-openshifthosted
+failovermethod=priority
+sslverify=0
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem

roles/docker_img_rhel6ops/files/rhel6ops_container/etc/yum.repos.d/li.repo

@@ -0,0 +1,15 @@
+[li]
+name=Li repo for Enterprise Linux $majorrelease - $basearch
+baseurl=https://mirror.ops.rhcloud.com/libra/rhel-$majorrelease-libra/$basearch/
+        https://use-mirror1.ops.rhcloud.com/libra/rhel-$majorrelease-libra/$basearch/
+        https://use-mirror2.ops.rhcloud.com/libra/rhel-$majorrelease-libra/$basearch/
+        https://euw-mirror1.ops.rhcloud.com/libra/rhel-$majorrelease-libra/$basearch/
+        https://gce-mirror1.ops.rhcloud.com/libra/rhel-$majorrelease-libra/$basearch/
+        https://gce-mirror2.ops.rhcloud.com/libra/rhel-$majorrelease-libra/$basearch/
+enabled=1
+gpgcheck=1
+gpgkey=https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-release https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-beta https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-openshifthosted
+failovermethod=priority
+sslverify=0
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem

roles/docker_img_rhel6ops/files/rhel6ops_container/etc/yum.repos.d/oso-rhui-rhel-server-releases-optional.repo

@@ -0,0 +1,16 @@
+[oso-rhui-rhel-server-releases-optional]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux $majorrelease - Optional
+baseurl=https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
+        https://use-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
+        https://use-mirror2.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
+        https://euw-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
+        https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
+        https://gce-mirror2.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
+enabled=1
+gpgcheck=1
+gpgkey=https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-release https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-beta https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-openshifthosted
+exclude=libcgroup* gluster*
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem

roles/docker_img_rhel6ops/files/rhel6ops_container/etc/yum.repos.d/oso-rhui-rhel-server-releases.repo

@@ -0,0 +1,16 @@
+[oso-rhui-rhel-server-releases]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux $majorrelease
+baseurl=https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
+        https://use-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
+        https://use-mirror2.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
+        https://euw-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
+        https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
+        https://gce-mirror2.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
+enabled=1
+gpgcheck=1
+gpgkey=https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-release https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-beta https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-openshifthosted
+exclude=libcgroup* gluster*
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem

roles/docker_img_rhel6ops/files/rhel6ops_container/etc/yum.repos.d/oso-rhui-rhel-server-rhscl.repo

@@ -0,0 +1,15 @@
+[oso-rhui-rhel-server-rhscl]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux $majorrelease - RHSCL
+baseurl=https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-rhscl/
+        https://use-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-rhscl/
+        https://use-mirror2.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-rhscl/
+        https://euw-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-rhscl/
+        https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-rhscl/
+        https://gce-mirror2.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-rhscl/
+enabled=1
+gpgcheck=1
+gpgkey=https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-release https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-beta https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-openshifthosted
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem

roles/docker_img_rhel6ops/files/rhel6ops_container/etc/yum.repos.d/zabbix.repo

@@ -0,0 +1,14 @@
+[zabbix]
+name=Zend Server
+baseurl=http://mirror.ops.rhcloud.com/mirror/zabbix/$majorrelease/$basearch
+        http://use-mirror1.ops.rhcloud.com/mirror/zabbix/$majorrelease/$basearch
+        http://use-mirror2.ops.rhcloud.com/mirror/zabbix/$majorrelease/$basearch
+        http://euw-mirror1.ops.rhcloud.com/mirror/zabbix/$majorrelease/$basearch
+enabled=1
+gpgcheck=1
+gpgkey=http://mirror.ops.rhcloud.com/mirror/zabbix/keys/RPM-GPG-KEY-ZABBIX
+failovermethod=priority
+sslverify=0
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
+

roles/docker_img_rhel6ops/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for docker_img_build

roles/docker_img_rhel6ops/meta/main.yml

@@ -0,0 +1,14 @@
+---
+galaxy_info:
+  author: Thomas Wiest
+  description: Tools to do docker image builds
+  company: Red Hat
+  license: ASL 2.0
+  min_ansible_version: 1.6
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  categories:
+  - docker
+dependencies: []

roles/docker_img_rhel6ops/tasks/main.yml

@@ -0,0 +1,20 @@
+---
+- name: deploy rhel6ops image build files
+  file: "dest=/usr/local/etc/containers/{{ item }} mode=755 state=directory"
+  with_items:
+    - rhel6ops_container
+    - rhel6ops_container/etc/yum.repos.d
+
+- name: deploy rhel6ops image build files
+  copy: "src=rhel6ops_container/{{ item.name }} dest=/usr/local/etc/containers/rhel6ops_container/{{ item.name }} mode={{ item.mode }}"
+  with_items:
+    - { name: 'bashrc', mode: '644' }
+    - { name: 'Dockerfile', mode: '644' }
+    - { name: 'etc/yum.repos.d/li.repo', mode: '644' }
+    - { name: 'etc/yum.repos.d/li-rhscl.repo', mode: '644' }
+    - { name: 'etc/yum.repos.d/li-staging.repo', mode: '644' }
+    - { name: 'etc/yum.repos.d/epel.repo', mode: '644' }
+    - { name: 'etc/yum.repos.d/oso-rhui-rhel-server-releases-optional.repo', mode: '644' }
+    - { name: 'etc/yum.repos.d/oso-rhui-rhel-server-releases.repo', mode: '644' }
+    - { name: 'etc/yum.repos.d/oso-rhui-rhel-server-rhscl.repo', mode: '644' }
+    - { name: 'etc/yum.repos.d/zabbix.repo', mode: '644' }

roles/docker_img_rhel6ops/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for docker_img_rhel6ops