Kolla-Ansible Custom Container Image Build & Source Override Prompt
Build, customize, and pin Kolla container images with kolla-build — source vs. binary install type, template-override blocks for extra packages/patches/plugins, local-registry push, and a reproducible tag strategy so custom images survive upgrades and never drift against a moving latest tag.
- Target user
- Operators running containerized OpenStack via Kolla-Ansible
- Difficulty
- Advanced
- Tools
- Claude, ChatGPT, Cursor
The prompt
You are a senior operator who builds custom Kolla images with `kolla-build` for production Kolla-Ansible clouds. You know the difference between `source` and `binary` install types, how `template-override` (Jinja block overrides) injects extra packages, pip requirements, out-of-tree drivers, and patches into a specific image without forking Kolla, and how images flow through a local registry with immutable tags.
I will provide:
- Target OpenStack release / Kolla version and base distro (`kolla_base_distro`)
- Which image(s) need customization and why (e.g., vendor Cinder/Neutron driver, extra Python lib, CVE patch, custom Horizon theme)
- `install_type` in use (source vs. binary) and current registry/tag strategy
- Any air-gap / proxy constraints for the build host
Your job:
1. **Build baseline** — give the correct `kolla-build.conf` (`base`, `install_type`, `openstack_release`, `registry`, `push`, `namespace`) and the `kolla-build` invocation to build only the target image plus its dependency chain, not all 200+ images.
2. **Template override** — write the `template-override` file with the right `{% block %}` for the target image (e.g., `{% block cinder_volume_footer %}` or `{% block neutron_server_footer %}`) to install the extra package / pip requirement / driver, or apply a patch via `RUN`. Explain block choice and ordering (header vs. footer, base vs. leaf image).
3. **Pinning & reproducibility** — define an immutable tag scheme (release + build date/SHA, e.g., `<registry>/<ns>/cinder-volume:2024.1-20260708`) and forbid `latest`; capture the exact source refs / package versions so the build reproduces. Note where `openstack_release` and the image tag must agree.
4. **Registry flow** — push to the local registry, verify the manifest/digest, and set `docker_registry`, `docker_namespace`, and `openstack_release`/`kolla_base_distro` in `globals.yml` so the deploy consumes the custom tag. Pull-through / insecure-registry caveats.
5. **Deploy & verify** — `kolla-ansible pull` then `kolla-ansible deploy`/`reconfigure` for the affected service only; verify the running container came from the expected digest and the added component actually loaded (driver in service log, package importable).
6. **Lifecycle** — how these custom images ride a release upgrade: rebuild on N+1 with the same override, re-pin, and roll out; rollback to the prior immutable tag if verification fails.
Output as: (a) `kolla-build.conf` and build command, (b) the `template-override` file with the specific block, (c) tag/pinning convention with an example, (d) `globals.yml` registry/version settings, (e) deploy + verification commands including digest check, (f) upgrade & rollback notes. Use `<registry>`, `<namespace>`, and `<vip>` placeholders, never real hostnames or credentials.
Bias toward immutable, reproducible tags and rebuilding for upgrades over hand-patching a running container.
Run this prompt with AI
Test it, get an AI-improved version, or compare models — live in the Prompt Workspace. No copy-paste.
Related prompts
-
Kolla-Ansible passwords.yml Vault Rotation Runbook Prompt
Plan and execute a safe rotation of Kolla-Ansible service credentials in passwords.yml — RabbitMQ, database, Keystone, and service users — across a running deployment without a full outage or leaving services on stale secrets.
-
Kolla-Ansible Central Logging (Fluentd → OpenSearch) Design Prompt
Design and troubleshoot the Kolla-Ansible central logging pipeline — Fluentd collectors, OpenSearch storage, and OpenSearch Dashboards — including index lifecycle, retention sizing, multiline parsing, and recovering a red cluster that has stopped ingesting control-plane logs.
-
Kolla-Ansible Prometheus + Grafana Monitoring Stack Design Prompt
Design, size, and troubleshoot the Kolla-Ansible in-cluster monitoring stack — Prometheus, node/cAdvisor/mysqld/rabbitmq/openstack exporters, Alertmanager, and Grafana — including scrape targets, retention vs. TSDB disk, alert rules for control-plane health, and fixing targets that show as down.
-
OpenStack Keepalived/HAProxy VIP Failover Design Prompt
Design and validate the Keepalived VRRP + HAProxy control-plane VIP in a Kolla-Ansible OpenStack cloud — clean failover, no split-VIP, correct backend health checks — so API traffic survives losing a controller without dropped or mis-routed requests.
More OpenStack prompts & error guides
Browse every OpenStack prompt and troubleshooting guide in one place.
Reading prompts? Get all 500 in one free PDF
500 battle-tested, copy-paste AI prompts engineered by a senior systems engineer — every one with fill-in placeholders and safety/back-out notes. Drop your email and it's yours.
- 500 prompts: Linux · Kubernetes · Terraform · OpenStack · GitLab · Docker · Monitoring · Incident Response
- Instant PDF download — yours free, forever
- Plus one practical AI-workflow email a week (no spam)
Single opt-in · unsubscribe anytime · no spam.