diff options
Diffstat (limited to 'docker/services')
| -rw-r--r-- | docker/services/README.rst | 65 | ||||
| -rw-r--r-- | docker/services/neutron-ovs-agent.yaml | 84 | ||||
| -rw-r--r-- | docker/services/nova-compute.yaml | 81 | ||||
| -rw-r--r-- | docker/services/nova-libvirt.yaml | 82 | ||||
| -rw-r--r-- | docker/services/services.yaml | 75 |
5 files changed, 387 insertions, 0 deletions
diff --git a/docker/services/README.rst b/docker/services/README.rst new file mode 100644 index 00000000..60719bfc --- /dev/null +++ b/docker/services/README.rst @@ -0,0 +1,65 @@ +======== +services +======== + +A TripleO nested stack Heat template that encapsulates generic configuration +data to configure a specific service. This generally includes everything +needed to configure the service excluding the local bind ports which +are still managed in the per-node role templates directly (controller.yaml, +compute.yaml, etc.). All other (global) service settings go into +the puppet/service templates. + +Input Parameters +---------------- + +Each service may define its own input parameters and defaults. +Operators will use the parameter_defaults section of any Heat +environment to set per service parameters. + +Config Settings +--------------- + +Each service may define a config_settings output variable which returns +Hiera settings to be configured. + +Steps +----- + +Each service may define an output variable which returns a puppet manifest +snippet that will run at each of the following steps. Earlier manifests +are re-asserted when applying latter ones. + + * config_settings: Custom hiera settings for this service. These are + used to generate configs. + + * kolla_config: Contains YAML that represents how to map config files + into the kolla container. This config file is typically mapped into + the container itself at the /var/lib/kolla/config_files/config.json + location and drives how kolla's external config mechanisms work. + + * step_config: A puppet manifest that is used to step through the deployment + sequence. Each sequence is given a "step" (via hiera('step') that provides + information for when puppet classes should activate themselves. + + * docker_compose: + + * container_name: + + * volumes: + +Steps correlate to the following: + + 1) Service configuration generation with puppet. + + 2) Early Openstack Service setup (database init?) + + 3) Early containerized networking services startup (OVS) + + 4) Network configuration + + 5) General OpenStack Services + + 6) Service activation (Pacemaker) + + 7) Fencing (Pacemaker) + diff --git a/docker/services/neutron-ovs-agent.yaml b/docker/services/neutron-ovs-agent.yaml new file mode 100644 index 00000000..0a061f6c --- /dev/null +++ b/docker/services/neutron-ovs-agent.yaml @@ -0,0 +1,84 @@ +heat_template_version: ocata + +description: > + OpenStack Neutron openvswitch service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerOpenvswitchImage: + description: image + default: 'centos-binary-neutron-openvswitch-agent' + type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + NeutronOvsAgentBase: + type: ../../puppet/services/neutron-ovs-agent.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for Neutron openvswitch service + value: + config_settings: {get_attr: [NeutronOvsAgentBase, role_data, config_settings]} + step_config: {get_attr: [NeutronOvsAgentBase, role_data, step_config]} + puppet_tags: neutron_config,neutron_agent_ovs,neutron_plugin_ml2 + kolla_config: + /var/lib/etc-data/json-config/neutron-openvswitch-agent.json: + command: /usr/bin/neutron-openvswitch-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-file /etc/neutron/plugins/ml2/ml2_conf.ini + config_files: + - dest: /etc/neutron/neutron.conf + owner: neutron + perm: '0600' + source: /var/lib/kolla/config_files/neutron.conf + - dest: /etc/neutron/plugins/ml2/openvswitch_agent.ini + owner: neutron + perm: '0600' + source: /var/lib/kolla/config_files/openvswitch_agent.ini + - dest: /etc/neutron/plugins/ml2/ml2_conf.ini + owner: neutron + perm: '0600' + source: /var/lib/kolla/config_files/ml2_conf.ini + docker_config: + step_1: + neutronovsagent: + image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchImage} ] + net: host + pid: host + privileged: true + restart: always + volumes: + - /var/lib/etc-data/json-config/neutron-openvswitch-agent.json:/var/lib/kolla/config_files/config.json + - /var/lib/etc-data/neutron/neutron.conf:/var/lib/kolla/config_files/neutron.conf:ro + - /var/lib/etc-data/neutron/plugins/ml2/ml2_conf.ini:/var/lib/kolla/config_files/ml2_conf.ini:ro + - /var/lib/etc-data/neutron/plugins/ml2/openvswitch_agent.ini:/var/lib/kolla/config_files/openvswitch_agent.ini:ro + - /etc/localtime:/etc/localtime:ro + - /lib/modules:/lib/modules:ro + - /run:/run + - logs:/var/log/kolla/ + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + step_2: {} diff --git a/docker/services/nova-compute.yaml b/docker/services/nova-compute.yaml new file mode 100644 index 00000000..e765609e --- /dev/null +++ b/docker/services/nova-compute.yaml @@ -0,0 +1,81 @@ +heat_template_version: ocata + +description: > + OpenStack containerized Nova Compute service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerNovaComputeImage: + description: image + default: 'centos-binary-nova-compute' + type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + NovaComputeBase: + type: ../../puppet/services/nova-compute.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Nova Compute service. + value: + config_settings: {get_attr: [NovaComputeBase, role_data, config_settings]} + step_config: {get_attr: [NovaComputeBase, role_data, step_config]} + puppet_tags: nova_config,nova_paste_api_ini + kolla_config: + /var/lib/etc-data/json-config/nova-compute.json: + command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf + config_files: + - dest: /etc/nova/nova.conf + owner: nova + perm: '0600' + source: /var/lib/kolla/config_files/nova.conf + - dest: /etc/nova/rootwrap.conf + owner: nova + perm: '0600' + source: /var/lib/kolla/config_files/rootwrap.conf + docker_config: + step_1: + novacompute: + image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerNovaComputeImage} ] + net: host + privileged: true + user: root + restart: always + volumes: + - /var/lib/etc-data/json-config/nova-compute.json:/var/lib/kolla/config_files/config.json + - /var/lib/etc-data/nova/nova.conf:/var/lib/kolla/config_files/nova.conf:ro + - /var/lib/etc-data/nova/rootwrap.conf:/var/lib/kolla/config_files/rootwrap.conf:ro + - /etc/localtime:/etc/localtime:ro + - /lib/modules:/lib/modules:ro + - /run:/run + - /dev:/dev + - logs:/var/log/kolla/ + - /etc/iscsi:/etc/iscsi + - libvirtd:/var/lib/libvirt + - nova_compute:/var/lib/nova/ + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + step_2: {} diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml new file mode 100644 index 00000000..004d624a --- /dev/null +++ b/docker/services/nova-libvirt.yaml @@ -0,0 +1,82 @@ +heat_template_version: ocata + +description: > + OpenStack Libvirt Service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerLibvirtImage: + description: image + default: 'centos-binary-libvirt' + type: string + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + NovaLibvirtBase: + type: ../../puppet/services/nova-libvirt.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Libvirt service. + value: + config_settings: {get_attr: [NovaLibvirtBase, role_data, config_settings]} + step_config: {get_attr: [NovaLibvirtBase, role_data, step_config]} + puppet_tags: nova_config + kolla_config: + /var/lib/etc-data/json-config/nova-libvirt.json: + command: /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf + config_files: + - dest: /etc/libvirt/libvirtd.conf + owner: root + perm: '0644' + source: /var/lib/kolla/config_files/libvirtd.conf + docker_config: + step_1: + nova_libvirt: + image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerLibvirtImage} ] + net: host + pid: host + privileged: true + restart: always + volumes: + - /var/lib/etc-data/json-config/nova-libvirt.json:/var/lib/kolla/config_files/config.json + - /var/lib/etc-data/libvirt/libvirtd.conf:/var/lib/kolla/config_files/libvirtd.conf + # NOTE(mandre) Ideally the qemu.conf file is mounted in + # /var/lib/kolla/config_files and copied to the right place but + # copy-json.py doesn't allow us to do that without appending the + # file as an additional config on the CLI + - /var/lib/etc-data/libvirt/qemu.conf:/etc/libvirt/qemu.conf:ro + - /etc/localtime:/etc/localtime:ro + - /lib/modules:/lib/modules:ro + - /run:/run + - /dev:/dev + - /sys/fs/cgroup:/sys/fs/cgroup + - logs:/var/log/kolla/ + - libvirtd:/var/lib/libvirt + - nova_compute:/var/lib/nova/ + - nova_libvirt_qemu:/etc/libvirt/qemu + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + step_2: {} diff --git a/docker/services/services.yaml b/docker/services/services.yaml new file mode 100644 index 00000000..8c31107f --- /dev/null +++ b/docker/services/services.yaml @@ -0,0 +1,75 @@ +heat_template_version: ocata + +description: > + Utility stack to convert an array of services into a set of combined + role configs. + +parameters: + Services: + default: [] + description: | + List nested stack service templates. + type: comma_delimited_list + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + DefaultPasswords: + default: {} + description: Mapping of service -> default password. Used to help + pass top level passwords managed by Heat into services. + type: json + +resources: + + PuppetServices: + type: ../../puppet/services/services.yaml + properties: + Services: {get_param: Services} + ServiceNetMap: {get_param: ServiceNetMap} + EndpointMap: {get_param: EndpointMap} + DefaultPasswords: {get_param: DefaultPasswords} + + ServiceChain: + type: OS::Heat::ResourceChain + properties: + resources: {get_param: Services} + concurrent: true + resource_properties: + ServiceNetMap: {get_param: ServiceNetMap} + EndpointMap: {get_param: EndpointMap} + DefaultPasswords: {get_param: DefaultPasswords} + +outputs: + role_data: + description: Combined Role data for this set of services. + value: + service_names: + {get_attr: [PuppetServices, role_data, service_names]} + monitoring_subscriptions: + {get_attr: [PuppetServices, role_data, monitoring_subscriptions]} + logging_sources: + {get_attr: [PuppetServices, role_data, logging_sources]} + logging_groups: + {get_attr: [PuppetServices, role_data, logging_groups]} + service_config_settings: + {get_attr: [PuppetServices, role_data, service_config_settings]} + config_settings: + {get_attr: [PuppetServices, role_data, config_settings]} + global_config_settings: + {get_attr: [PuppetServices, role_data, global_config_settings]} + step_config: + {get_attr: [PuppetServices, role_data, step_config]} + puppet_tags: {list_join: [",", {get_attr: [ServiceChain, role_data, puppet_tags]}]} + kolla_config: + map_merge: {get_attr: [ServiceChain, role_data, kolla_config]} + docker_config: + step_1: {map_merge: {get_attr: [ServiceChain, role_data, docker_config, step_1]}} + step_2: {map_merge: {get_attr: [ServiceChain, role_data, docker_config, step_2]}} |