Hello Eli,
On Mon, May 21, 2018 at 5:11 AM, 乔立勇(Eli Qiao) <[email protected]> wrote: > >> >>> but I sill have some questions: >>> 1. about OCI, where's the container running on the host ? (I have no >>> node pool at all) >>> >> >> Nodepool is required to run test in OCI containers, we bundle a 'not yet >> merged by upstream' Nodepool patch >> to support OCI container. Please check the SF documentation of the >> hypervisor-oci (if not done yet) [1]. >> So, containers, will run where the hypervisor-oci role is deployed. The >> configuration of where roles >> are deployed is done in the architecture file. Here is the >> softwarefactory-project.io one [2] as an example. >> But hypervisor-oci can be deployed on this install-server too (with >> --enable-insecure-slave option of sfconfig). >> >> > > oh, after seen the the documents. OCI driver is clear to me, it's using > "runc" to start container (previously, I thought it's docker). > > Thanks. > > >> 2. I don't want to use OpenStack node pool driver, I would like to use >>> static node pool, what should I do ? >>> >>> >> Best regards >>> - Eli >>> >>> a leaf duckweed belongs to the sea, where not to meet in life >>> >> >> Best regards, >> Fabien >> >> >> [1] https://softwarefactory-project.io/docs/operator/nodepool_ >> operator.html?highlight=oci#add-a-container-provider >> [2] https://softwarefactory-project.io/r/gitweb?p=software- >> factory/sf-config.git;a=blob;f=refarch/softwarefactory- >> project.io.yaml;h=f4fd1d586ae5af6f278e11b7909a774996d96533;hb=HEAD >> [3] https://zuul-ci.org/docs/nodepool/configuration.html#static-driver >> [4] https://softwarefactory-project.io/paste/show/TBpPkzDnDcj3o7EER1sK/ >> [5] https://www.redhat.com/archives/softwarefactory-dev/ >> > > Another thing that I feel is bad . > > I found it's hard coded in ansible tasks > > ansible/roles/sf-base/tasks/setup.yml : > > `` > - name: "system: disable root password login" > user: > name: root > password: "*" > ``` > Any docs mentions why doing this, if so, I can not login with 'root' user > at all... (very confusing....) > Can we make this optional? > > We think that a good practice, only authorize root login via ssh and via a Public Key. But yes that can be set as an option.
_______________________________________________ Softwarefactory-dev mailing list [email protected] https://www.redhat.com/mailman/listinfo/softwarefactory-dev
