summaryrefslogtreecommitdiffstats
path: root/docker/services/nova-libvirt.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'docker/services/nova-libvirt.yaml')
-rw-r--r--docker/services/nova-libvirt.yaml42
1 files changed, 33 insertions, 9 deletions
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index 9779d676..f1a48cf1 100644
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -8,14 +8,14 @@ parameters:
description: namespace
default: 'tripleoupstream'
type: string
- DockerLibvirtImage:
+ DockerNovaLibvirtImage:
description: image
default: 'centos-binary-nova-libvirt:latest'
type: string
# we configure libvirt via the nova-compute container due to coupling
# in the puppet modules
- DockerNovaConfigImage:
- description: image
+ DockerNovaLibvirtConfigImage:
+ description: The container image to use for the nova_libvirt config_volume
default: 'centos-binary-nova-compute:latest'
type: string
EnablePackageInstall:
@@ -44,6 +44,26 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+ UseTLSTransportForLiveMigration:
+ type: boolean
+ default: true
+ description: If set to true and if EnableInternalTLS is enabled, it will
+ set the libvirt URI's transport to tls and configure the
+ relevant keys for libvirt.
+
+conditions:
+
+ use_tls_for_live_migration:
+ and:
+ - equals:
+ - {get_param: EnableInternalTLS}
+ - true
+ - equals:
+ - {get_param: UseTLSTransportForLiveMigration}
+ - true
resources:
@@ -81,11 +101,15 @@ outputs:
step_config: *step_config
config_image:
list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaConfigImage} ]
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaLibvirtConfigImage} ]
kolla_config:
- /var/lib/kolla/config_files/nova-libvirt.json:
- command: /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf
+ /var/lib/kolla/config_files/nova_libvirt.json:
+ command:
+ if:
+ - use_tls_for_live_migration
+ - /usr/sbin/libvirtd --listen --config /etc/libvirt/libvirtd.conf
+ - /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf
permissions:
- path: /var/log/nova
owner: nova:nova
@@ -96,7 +120,7 @@ outputs:
image:
list_join:
- '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerLibvirtImage} ]
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaLibvirtImage} ]
net: host
pid: host
privileged: true
@@ -105,7 +129,7 @@ outputs:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/kolla/config_files/nova-libvirt.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/kolla/config_files/nova_libvirt.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/nova_libvirt/etc/libvirt/:/etc/libvirt/:ro
- /lib/modules:/lib/modules:ro
- /dev:/dev