Add logically bound images

This change adds logically bound images for use with bootc.
This is implementing based on: https://containers.github.io/bootc/logically-bound-images.html

Signed-off-by: Brendan Shephard <[email protected]>

Author: bshephar

devsetup/edpm/embedded-services/Containerfile

@@ -0,0 +1,46 @@
+FROM quay.io/centos-bootc/centos-bootc:stream9
+
+RUN sudo dnf install centos-release-nfv-openvswitch centos-release-openstack-antelope -y && dnf in -y openvswitch2.17 \
+	os-net-config \
+	podman \
+	NetworkManager-ovs \
+	libvirt \
+	libvirt-admin \
+	libvirt-client \
+	libvirt-daemon \
+	qemu-kvm \
+	qemu-img \
+	libguestfs \
+	libseccomp \
+	swtpm \
+	swtpm-tools \
+	edk2-ovmf \
+	cyrus-sasl-scram \
+	tmpwatch \
+	cronie \
+	openstack-selinux \
+	rsync \
+	yum-utils
+
+
+COPY quadlets/systemd/service-template.kube /usr/share/containers/systemd/[email protected]
+
+## Service specific configs
+COPY quadlets/ovn-controller/ovn_controller.yaml /usr/share/containers/systemd/ovn_controller.yaml
+COPY quadlets/ovn-controller/ovn_controller.image /usr/share/containers/systemd/ovn_controller.image
+COPY quadlets/iscsid/iscsid.yaml /usr/share/containers/systemd/iscsid.yaml
+COPY quadlets/iscsid/iscsid.image /usr/share/containers/systemd/iscsid.image
+COPY quadlets/nova_compute/nova_compute.yaml /usr/share/containers/systemd/nova_compute.yaml
+COPY quadlets/nova_compute/nova_compute.image /usr/share/containers/systemd/nova_compute.image
+COPY quadlets/ovn_metadata_agent/ovn_metadata_agent.yaml /usr/share/containers/systemd/ovn_metadata_agent.yaml
+COPY quadlets/ovn_metadata_agent/ovn_metadata_agent.image /usr/share/containers/systemd/ovn_metadata_agent.image
+COPY quadlets/logrotate_crond/logrotate_crond.yaml /usr/share/containers/systemd/logrotate_crond.yaml
+COPY quadlets/logrotate_crond/logrotate_crond.image /usr/share/containers/systemd/logrotate_crond.image
+COPY quadlets/multipathd/multipathd.yaml /usr/share/containers/systemd/multipathd.yaml
+COPY quadlets/multipathd/multipathd.image /usr/share/containers/systemd/multipathd.image
+COPY quadlets/ceilometer_agent_compute/ceilometer_agent_compute.yaml /usr/share/containers/systemd/ceilometer_agent_compute.yaml
+COPY quadlets/ceilometer_agent_compute/ceilometer_agent_compute.image /usr/share/containers/systemd/ceilometer_agent_compute.image
+
+# edpm container manage deps
+COPY edpm-start-podman-container /usr/libexec/
+COPY edpm-container-shutdown /usr/libexec/ 

devsetup/edpm/embedded-services/quadlets/ceilometer_agent_compute/ceilometer_agent_compute.image

@@ -0,0 +1,5 @@
+[install]
+WantedBy=edpm-compute@ceilometer_agent_compute.service
+
+[Image]
+Image=quay.io/podified-antelope-centos9/openstack-ceilometer-compute:current-podified

devsetup/edpm/embedded-services/quadlets/ceilometer_agent_compute/ceilometer_agent_compute.yaml

@@ -0,0 +1,80 @@
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  annotations:
+    bind-mount-options: /var/lib/openstack/cacerts/telemetry/tls-ca-bundle.pem:z
+  creationTimestamp: "2024-11-21T04:54:58Z"
+  labels:
+    app: ceilometeragentcompute-pod
+  name: ceilometeragentcompute-pod
+spec:
+  containers:
+  - args:
+    - kolla_start
+    env:
+    - name: KOLLA_CONFIG_STRATEGY
+      value: COPY_ALWAYS
+    - name: OS_ENDPOINT_TYPE
+      value: internal
+    image: quay.io/podified-antelope-centos9/openstack-ceilometer-compute:current-podified
+    name: ceilometeragentcompute
+    securityContext:
+      runAsGroup: 42405
+      runAsUser: 42405
+      seLinuxOptions:
+        type: ceilometer_polling_t
+    volumeMounts:
+    - mountPath: /openstack
+      name: var-lib-openstack-healthchecks-ceilometer_agent_compute-host-0
+      readOnly: true
+    - mountPath: /run/libvirt
+      name: run-libvirt-host-2
+      readOnly: true
+    - mountPath: /dev/log
+      name: dev-log-host-3
+    - mountPath: /var/lib/kolla/config_files/config.json
+      name: var-lib-openstack-config-telemetry-ceilometer-agent-compute.json-host-6
+    - mountPath: /etc/hosts
+      name: etc-hosts-host-7
+      readOnly: true
+    - mountPath: /var/lib/openstack/config/
+      name: var-lib-openstack-config-telemetry-host-8
+    - mountPath: /etc/localtime
+      name: etc-localtime-host-9
+      readOnly: true
+  hostNetwork: true
+  hostname: edpm-compute-0
+  volumes:
+  - hostPath:
+      path: /var/lib/openstack/healthchecks/ceilometer_agent_compute
+      type: Directory
+    name: var-lib-openstack-healthchecks-ceilometer_agent_compute-host-0
+  - hostPath:
+      path: /run/libvirt
+      type: Directory
+    name: run-libvirt-host-2
+  - hostPath:
+      path: /dev/log
+      type: File
+    name: dev-log-host-3
+  - hostPath:
+      path: /etc/pki/ca-trust/source/anchors
+      type: Directory
+    name: etc-pki-ca-trust-source-anchors-host-4
+  - hostPath:
+      path: /var/lib/openstack/config/telemetry/ceilometer-agent-compute.json
+      type: File
+    name: var-lib-openstack-config-telemetry-ceilometer-agent-compute.json-host-6
+  - hostPath:
+      path: /etc/hosts
+      type: File
+    name: etc-hosts-host-7
+  - hostPath:
+      path: /var/lib/openstack/config/telemetry
+      type: Directory
+    name: var-lib-openstack-config-telemetry-host-8
+  - hostPath:
+      path: /etc/localtime
+      type: File
+    name: etc-localtime-host-9

devsetup/edpm/embedded-services/quadlets/iscsid/iscsid.image

@@ -0,0 +1,5 @@
+[install]
+[email protected]
+
+[Image]
+Image=quay.io/podified-antelope-centos9/openstack-iscsid:current-podified

devsetup/edpm/embedded-services/quadlets/iscsid/iscsid.yaml

@@ -0,0 +1,103 @@
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  annotations:
+    bind-mount-options: /var/lib/openstack/healthchecks/iscsid:z
+  creationTimestamp: "2024-11-20T02:16:18Z"
+  labels:
+    app: iscsid-pod
+  name: iscsid-pod
+spec:
+  containers:
+  - args:
+    - kolla_start
+    env:
+    - name: KOLLA_CONFIG_STRATEGY
+      value: COPY_ALWAYS
+    image: quay.io/podified-antelope-centos9/openstack-iscsid@sha256:4c9b5389a2564388e7a862d5756c37dc7d9739472b8d822dd6faae868a483a2d
+    name: iscsid
+    securityContext:
+      privileged: true
+      procMount: Unmasked
+    volumeMounts:
+    - mountPath: /etc/target
+      name: etc-target-host-1
+    - mountPath: /sys
+      name: sys-host-3
+    - mountPath: /dev/log
+      name: dev-log-host-4
+    - mountPath: /lib/modules
+      name: lib-modules-host-5
+      readOnly: true
+    - mountPath: /var/lib/iscsi
+      name: var-lib-iscsi-host-6
+    - mountPath: /etc/hosts
+      name: etc-hosts-host-7
+      readOnly: true
+    - mountPath: /etc/localtime
+      name: etc-localtime-host-8
+      readOnly: true
+    - mountPath: /var/lib/kolla/config_files/config.json
+      name: var-lib-kolla-config_files-iscsid.json-host-12
+      readOnly: true
+    - mountPath: /etc/iscsi
+      name: etc-iscsi-host-13
+    - mountPath: /run
+      name: run-host-14
+    - mountPath: /dev
+      name: dev-host-15
+    - mountPath: /openstack
+      name: var-lib-openstack-healthchecks-iscsid-host-16
+      readOnly: true
+  hostNetwork: true
+  hostname: edpm-compute-0
+  volumes:
+  - hostPath:
+      path: /etc/target
+      type: Directory
+    name: etc-target-host-1
+  - hostPath:
+      path: /sys
+      type: Directory
+    name: sys-host-3
+  - hostPath:
+      path: /dev/log
+      type: File
+    name: dev-log-host-4
+  - hostPath:
+      path: /lib/modules
+      type: Directory
+    name: lib-modules-host-5
+  - hostPath:
+      path: /var/lib/iscsi
+      type: Directory
+    name: var-lib-iscsi-host-6
+  - hostPath:
+      path: /etc/hosts
+      type: File
+    name: etc-hosts-host-7
+  - hostPath:
+      path: /etc/localtime
+      type: File
+    name: etc-localtime-host-8
+  - hostPath:
+      path: /var/lib/kolla/config_files/iscsid.json
+      type: File
+    name: var-lib-kolla-config_files-iscsid.json-host-12
+  - hostPath:
+      path: /etc/iscsi
+      type: Directory
+    name: etc-iscsi-host-13
+  - hostPath:
+      path: /run
+      type: Directory
+    name: run-host-14
+  - hostPath:
+      path: /dev
+      type: Directory
+    name: dev-host-15
+  - hostPath:
+      path: /var/lib/openstack/healthchecks/iscsid
+      type: Directory
+    name: var-lib-openstack-healthchecks-iscsid-host-16

devsetup/edpm/embedded-services/quadlets/logrotate_crond/logrotate_crond.image

@@ -0,0 +1,5 @@
+[install]
+WantedBy=edpm-compute@logrotate_crond.service
+
+[Image]
+Image=quay.io/podified-antelope-centos9/openstack-cron:current-podified

devsetup/edpm/embedded-services/quadlets/logrotate_crond/logrotate_crond.yaml

@@ -0,0 +1,76 @@
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  annotations:
+    bind-mount-options: /var/lib/openstack/healthchecks/logrotate_crond:z
+  creationTimestamp: "2024-11-21T04:43:22Z"
+  labels:
+    app: logrotatecrond-pod
+  name: logrotatecrond-pod
+spec:
+  containers:
+  - args:
+    - kolla_start
+    env:
+    - name: KOLLA_CONFIG_STRATEGY
+      value: COPY_ALWAYS
+    - name: EDPM_CONFIG_HASH
+      value: dbeb85a6e8c49962f43cd1b33d267c56e4fc2875277fdec63dde667651963664
+    image: quay.io/podified-antelope-centos9/openstack-cron:current-podified
+    name: logrotatecrond
+    securityContext:
+      privileged: true
+      procMount: Unmasked
+    volumeMounts:
+    - mountPath: /dev/log
+      name: dev-log-host-2
+    - mountPath: /var/lib/kolla/config_files/src
+      name: var-lib-config-data-ansible-generated-crond-host-3
+      readOnly: true
+    - mountPath: /var/log/containers
+      name: var-log-containers-host-4
+    - mountPath: /etc/localtime
+      name: etc-localtime-host-7
+      readOnly: true
+    - mountPath: /etc/hosts
+      name: etc-hosts-host-9
+      readOnly: true
+    - mountPath: /var/lib/kolla/config_files/config.json
+      name: var-lib-kolla-config_files-logrotate_crond.json-host-10
+      readOnly: true
+    - mountPath: /openstack
+      name: var-lib-openstack-healthchecks-logrotate_crond-host-11
+      readOnly: true
+  volumes:
+  - hostPath:
+      path: /dev/log
+      type: File
+    name: dev-log-host-2
+  - hostPath:
+      path: /var/lib/config-data/ansible-generated/crond
+      type: Directory
+    name: var-lib-config-data-ansible-generated-crond-host-3
+  - hostPath:
+      path: /var/log/containers
+      type: Directory
+    name: var-log-containers-host-4
+  - hostPath:
+      path: /etc/pki/tls/certs/ca-bundle.crt
+      type: File
+  - hostPath:
+      path: /etc/localtime
+      type: File
+    name: etc-localtime-host-7
+  - hostPath:
+      path: /etc/hosts
+      type: File
+    name: etc-hosts-host-9
+  - hostPath:
+      path: /var/lib/kolla/config_files/logrotate_crond.json
+      type: File
+    name: var-lib-kolla-config_files-logrotate_crond.json-host-10
+  - hostPath:
+      path: /var/lib/openstack/healthchecks/logrotate_crond
+      type: Directory
+    name: var-lib-openstack-healthchecks-logrotate_crond-host-11

devsetup/edpm/embedded-services/quadlets/multipathd/multipathd.image

@@ -0,0 +1,5 @@
+[install]
+[email protected]
+
+[Image]
+Image=quay.io/podified-antelope-centos9/openstack-multipathd:current-podified