Sunday, July 19, 2015

Setup Nova-Docker Driver with RDO Kilo on F22 via master branch

Current post describes in details a sequence of steps which allow to work
with Nova-Docker driver been built based on top commit of master nova-docker
branch, stable/kilo branch is not supposed to be checked out before
running `python install`.  This results several additional efforts.
First one is targeting ability to restart nova-compute service after switching to NovaDocker driver , second one is related with tuning configuration files of glance-api and glance-registry services and make them able for successful restart after adding "docker" to "containers_formats" in glance-api.conf

Follow RDO Kilo setup on Fedora 22 as suggested in 
When done proceed with build NovaDocker driver via master branch  .

Due to
( see )
is not packaged with RDO Kilo on Fedora workaround bellow is required to be
able restart openstack-nova-compute after switching  to new driver.
Same result may be obtained following
via manual update  /usr/lib/python2.7/dist-packages/nova/compute/ and recompiling

Setting up NovaDocker driver

# dnf -y install git docker-io python-six  fedora-repos-rawhide
# dnf --enablerepo=rawhide install  python-pip python-pbr

 # git clone
 # cd nova-docker
 # git branch -v -a
* master                         8568e60 Updated from global requirements
  remotes/origin/HEAD            -> origin/master
  remotes/origin/master          8568e60 Updated from global requirements
  remotes/origin/stable/icehouse 9045ca4 Fix lockpath for tests
  remotes/origin/stable/juno     b724e65 Fix tests on stable/juno
  remotes/origin/stable/kilo     d556444 Do not enable swift/ceilometer/sahara
 # python install
 # systemctl start docker
 # systemctl enable docker
 # chmod 666  /var/run/docker.sock
 # mkdir /etc/nova/rootwrap.d

Now update  /usr/lib/python2.7/site-packages/novadocker/virt/docker/
line 326 . Actually, this hack comes from version generated via stable
branch stable/kilo of nova-docker.git :-

'supported_instances': jsonutils.dumps([
            ('i686', 'docker', 'lxc'),
            ('x86_64', 'docker', 'lxc')

# python -m py_compile

Update nova.conf
vi /etc/nova/nova.conf
set "compute_driver = novadocker.virt.docker.DockerDriver"

Add to folder /etc/glance files
1. glance-api-paste.ini from
2. glance-registry-paste.ini from

Update glance-api.conf

Add to section [glance-store] at the bottom of glance-api.conf

filesystem_store_datadir = /var/lib/glance/images

Next, create the docker.filters file:
$ vi /etc/nova/rootwrap.d/docker.filters

Insert Lines

# nova-rootwrap command filters for setting up network in the docker driver
# This file should be owned by (and only-writeable by) the root user
# nova/virt/docker/ 'ln', '-sf', '/var/run/netns/.*'
ln: CommandFilter, /bin/ln, root

Restart Services
# systemctl restart openstack-nova-compute
# systemctl status openstack-nova-compute
# systemctl restart openstack-glance-api
# systemctl restart openstack-glance-registry

Testing Ubuntu Vivid docker image

1. Follow 
2. Upload image to glance and launch Nova Docker container

[root@serverFedora22 ~(keystone_admin)]#  docker save tutum/ubuntu:vivid  | \
glance image-create --is-public=True   --container-format=docker \
--disk-format=raw --name tutum/ubuntu:vivid

Launch novadocker instance via dashboard ( in my case floating IP ) password is provided via `docker logs container-id`

[root@serverFedora22 ~(keystone_admin)]# ssh -p 22 root@
root@'s password:
Last login: Sun Jul 19 14:19:12 2015 from
root@instance-00000008:~# echo "nameserver" > /etc/resolv.conf

Next test Wordpress NovaDocker container

#  docker pull eugeneware/docker-wordpress-nginx
# . keystonerc_admin
#  docker save eugeneware/docker-wordpress-nginx:latest  | glance image-create --is-public true --container-format docker --disk-format raw --name  tutum/wordpress:latest eugeneware/docker-wordpress-nginx:latest

   Wordpess Server is available from Office LAN floating IP