From: "Daniel J Walsh" <dwalsh redhat com>
To: "RJ Nowling" <rnowling redhat com>, "Jeremy Eder" <jeder redhat com>
Cc: atomic-devel projectatomic io
Sent: Tuesday, May 19, 2015 1:09:57 PM
Subject: Re: [atomic-devel] Running ISV-supplied Management Tools
LABEL RUN="docker run -it --privileged -v /sys/bus/pci/drivers:/sys/bus/pci/drivers -v /sys/kernel/mm/hugepages:/sys/kernel/mm/hugepages -v
/sys/devices/system/node:/sys/devices/system/node -v /dev:/dev --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE"
Do you really need any of these volume mounts other then -v /dev:/dev ?
Yes, because it actually writes to those /sys nodes. /dev is the chicken-and-egg problem with inserting modules that create /dev nodes after the container starts. Want a more elegant solution
On 05/19/2015 11:54 AM, RJ Nowling wrote:
> Thanks for testing this and the example!
>
> ----- Original Message -----
>> From: "Jeremy Eder" <jeder redhat com>
>> To: "Huamin Chen" <hchen redhat com>
>> Cc: "RJ Nowling" <rnowling redhat com>, atomic-devel projectatomic io
>> Sent: Tuesday, May 19, 2015 10:29:34 AM
>> Subject: Re: [atomic-devel] Running ISV-supplied Management Tools
>>
>> Yeah, it seems to work. The next step is to find out specifically which /dev
>> nodes need to be passed in, so we can add those to the Dockerfile LABELs
>> parsed by the atomic tool when creating an SPC. That's if you wanted to go
>> that route.
>>
>> For example, I did this for another image:
>>
>> LABEL RUN="docker run -it --privileged -v
>> /sys/bus/pci/drivers:/sys/bus/pci/drivers -v
>> /sys/kernel/mm/hugepages:/sys/kernel/mm/hugepages -v
>> /sys/devices/system/node:/sys/devices/system/node -v /dev:/dev --name NAME
>> -e NAME=NAME -e IMAGE=IMAGE IMAGE"
>>
>>
>> For MegaRAID, something like this:
>>
>> # cat Dockerfile
>> FROM rhel7/rhel-tools
>> MAINTAINER redhat redhat com
>> COPY ./MegaCli-8.07.08-1.noarch.rpm /root/
>> COPY ./megaraid-profile.sh /etc/profile.d/
>> RUN yum localinstall -y /root/MegaCli-8.07.08-1.noarch.rpm
>> LABEL RUN="
>>
>> # cat megaraid-profile.sh
>> export PATH=$PATH:/opt/MegaRAID/MegaCli
>>
>> # docker build -t megaraid .
>>
>> # docker run --privileged -it megaraid /opt/MegaRAID/MegaCli/MegaCli64
>> -EncInfo -aALL
>>
>> Number of enclosures on adapter 0 -- 1
>>
>> Enclosure 0:
>> Device ID : 32
>> Number of Slots : 8
>> Number of Power Supplies : 0
>> Number of Fans : 0
>> Number of Temperature Sensors : 0
>> Number of Alarms : 0
>> Number of SIM Modules : 0
>> Number of Physical Drives : 4
>> Status : Normal
>> Position : 1
>> Connector Name : Unavailable
>> Enclosure type : SES
>> FRU Part Number : N/A
>> Enclosure Serial Number : N/A
>> ESM Serial Number : N/A
>> Enclosure Zoning Mode : N/A
>> Partner Device Id : 65535
>>
>> Inquiry data :
>> Vendor Identification : DP
>> Product Identification : BP13G+
>> Product Revision Level : 2.20
>> Vendor Specific : 51K01CY
>>
>>
>> Exit Code: 0x00
>>
>>
>> ----- Original Message -----
>>> From: "Huamin Chen" <hchen redhat com>
>>> To: "Jeremy Eder" <jeder redhat com>
>>> Cc: "RJ Nowling" <rnowling redhat com>, atomic-devel projectatomic io
>>> Sent: Tuesday, May 19, 2015 10:57:13 AM
>>> Subject: Re: [atomic-devel] Running ISV-supplied Management Tools
>>>
>>> Late to the party. Here is the background info.
>>>
>>> I got the mega cli rpm and copied binary to an Atomic host so I could
>>> manage
>>> the raid controller. The executable must have access to host's /dev/devices
>>> so it can find mega raid controller and send ioctl to it. A privileged
>>> container should work, but I haven't created one yet.
>>>
>>> ----- Original Message -----
>>> From: "Jeremy Eder" <jeder redhat com>
>>> To: "RJ Nowling" <rnowling redhat com>
>>> Cc: atomic-devel projectatomic io
>>> Sent: Tuesday, May 19, 2015 10:50:30 AM
>>> Subject: Re: [atomic-devel] Running ISV-supplied Management Tools
>>>
>>> Oh, he used it on the host. Gotcha! Now it makes sense. Can you send me
>>> a
>>> link to the RPM please?
>>>
>>> ----- Original Message -----
>>>> From: "RJ Nowling" <rnowling redhat com>
>>>> To: "Jeremy Eder" <jeder redhat com>
>>>> Cc: "Christoph Görn" <goern redhat com>, atomic-devel projectatomic io
>>>> Sent: Tuesday, May 19, 2015 10:49:26 AM
>>>> Subject: Re: [atomic-devel] Running ISV-supplied Management Tools
>>>>
>>>> The tool was provided as a RPM. My colleague unpacked it since yum isn't
>>>> available on the host. He didn't use SPCs.
>>>>
>>>> ----- Original Message -----
>>>>> From: "Jeremy Eder" <jeder redhat com>
>>>>> To: "RJ Nowling" <rnowling redhat com>
>>>>> Cc: "Christoph Görn" <goern redhat com>, atomic-devel projectatomic io
>>>>> Sent: Tuesday, May 19, 2015 9:41:10 AM
>>>>> Subject: Re: [atomic-devel] Running ISV-supplied Management Tools
>>>>>
>>>>> Then I guess I'm confused why you unpacked it? Can't you just install
>>>>> the
>>>>> RPM ? Does it need access to certain /dev nodes ? What specifically ?
>>>>>
>>>>> ----- Original Message -----
>>>>>> From: "RJ Nowling" <rnowling redhat com>
>>>>>> To: "Christoph Görn" <goern redhat com>
>>>>>> Cc: atomic-devel projectatomic io
>>>>>> Sent: Tuesday, May 19, 2015 10:31:53 AM
>>>>>> Subject: Re: [atomic-devel] Running ISV-supplied Management Tools
>>>>>>
>>>>>> It's the MegaRAID CLI tool for configuring RAID controllers.
>>>>>>
>>>>>> ----- Original Message -----
>>>>>>> From: "Christoph Görn" <goern redhat com>
>>>>>>> To: atomic-devel projectatomic io
>>>>>>> Sent: Tuesday, May 19, 2015 9:23:47 AM
>>>>>>> Subject: Re: [atomic-devel] Running ISV-supplied Management Tools
>>>>>>>
And what tool is it? Can we repackage it? Or provide a script to
repackage it onsite?
//G
On 05/19/2015 03:21 PM, Jeremy Eder wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>> ----- Original Message -----
>>>>>>>>> From: "RJ Nowling" <rnowling redhat com> To:
>>>>>>>>> atomic-devel projectatomic io Sent: Thursday, May 14, 2015
>>>>>>>>> 10:44:33 AM Subject: [atomic-devel] Running ISV-supplied
>>>>>>>>> Management Tools
>>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> We needed to use a ISV-supplied tool to configure the RAID
>>>>>>>>> controllers on some machines running Atomic. The tool is
>>>>>>>>> packaged as a RPM. As a quick hack, we ended up just manually
>>>>>>>>> extracting the files from the RPM to run them.
>>>>>>>>>
>>>>>>>>> What's the preferred solution? Would super privileged
>>>>>>>>> containers
>>>>>>>>> work for this?
>>>>>>>>
>>>>>>>> Did the tool need to insert kernel modules ?
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>>
>>
>