diff options
Diffstat (limited to 'docker/services/nova-libvirt.yaml')
-rw-r--r-- | docker/services/nova-libvirt.yaml | 42 |
1 files changed, 33 insertions, 9 deletions
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml index 9779d676..f1a48cf1 100644 --- a/docker/services/nova-libvirt.yaml +++ b/docker/services/nova-libvirt.yaml @@ -8,14 +8,14 @@ parameters: description: namespace default: 'tripleoupstream' type: string - DockerLibvirtImage: + DockerNovaLibvirtImage: description: image default: 'centos-binary-nova-libvirt:latest' type: string # we configure libvirt via the nova-compute container due to coupling # in the puppet modules - DockerNovaConfigImage: - description: image + DockerNovaLibvirtConfigImage: + description: The container image to use for the nova_libvirt config_volume default: 'centos-binary-nova-compute:latest' type: string EnablePackageInstall: @@ -44,6 +44,26 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + EnableInternalTLS: + type: boolean + default: false + UseTLSTransportForLiveMigration: + type: boolean + default: true + description: If set to true and if EnableInternalTLS is enabled, it will + set the libvirt URI's transport to tls and configure the + relevant keys for libvirt. + +conditions: + + use_tls_for_live_migration: + and: + - equals: + - {get_param: EnableInternalTLS} + - true + - equals: + - {get_param: UseTLSTransportForLiveMigration} + - true resources: @@ -81,11 +101,15 @@ outputs: step_config: *step_config config_image: list_join: - - '/' - - [ {get_param: DockerNamespace}, {get_param: DockerNovaConfigImage} ] + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerNovaLibvirtConfigImage} ] kolla_config: - /var/lib/kolla/config_files/nova-libvirt.json: - command: /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf + /var/lib/kolla/config_files/nova_libvirt.json: + command: + if: + - use_tls_for_live_migration + - /usr/sbin/libvirtd --listen --config /etc/libvirt/libvirtd.conf + - /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf permissions: - path: /var/log/nova owner: nova:nova @@ -96,7 +120,7 @@ outputs: image: list_join: - '/' - - [ {get_param: DockerNamespace}, {get_param: DockerLibvirtImage} ] + - [ {get_param: DockerNamespace}, {get_param: DockerNovaLibvirtImage} ] net: host pid: host privileged: true @@ -105,7 +129,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - - - /var/lib/kolla/config_files/nova-libvirt.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/kolla/config_files/nova_libvirt.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/nova_libvirt/etc/libvirt/:/etc/libvirt/:ro - /lib/modules:/lib/modules:ro - /dev:/dev |