summaryrefslogtreecommitdiffstats
path: root/docker
diff options
context:
space:
mode:
Diffstat (limited to 'docker')
-rw-r--r--docker/services/aodh-api.yaml4
-rw-r--r--docker/services/aodh-evaluator.yaml4
-rw-r--r--docker/services/aodh-listener.yaml4
-rw-r--r--docker/services/aodh-notifier.yaml4
-rw-r--r--docker/services/keystone.yaml19
5 files changed, 35 insertions, 0 deletions
diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml
index c88a0616..ca410d6d 100644
--- a/docker/services/aodh-api.yaml
+++ b/docker/services/aodh-api.yaml
@@ -117,3 +117,7 @@ outputs:
- logs:/var/log
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ upgrade_tasks:
+ - name: Stop and disable aodh service (running under httpd)
+ tags: step2
+ service: name=httpd state=stopped enabled=no
diff --git a/docker/services/aodh-evaluator.yaml b/docker/services/aodh-evaluator.yaml
index abb44de8..d3c8c595 100644
--- a/docker/services/aodh-evaluator.yaml
+++ b/docker/services/aodh-evaluator.yaml
@@ -78,3 +78,7 @@ outputs:
- /etc/localtime:/etc/localtime:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ upgrade_tasks:
+ - name: Stop and disable openstack-aodh-evaluator service
+ tags: step2
+ service: name=openstack-aodh-evaluator.service state=stopped enabled=no
diff --git a/docker/services/aodh-listener.yaml b/docker/services/aodh-listener.yaml
index 5a37763d..7aa9618d 100644
--- a/docker/services/aodh-listener.yaml
+++ b/docker/services/aodh-listener.yaml
@@ -78,3 +78,7 @@ outputs:
- /etc/localtime:/etc/localtime:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ upgrade_tasks:
+ - name: Stop and disable openstack-aodh-listener service
+ tags: step2
+ service: name=openstack-aodh-listener.service state=stopped enabled=no
diff --git a/docker/services/aodh-notifier.yaml b/docker/services/aodh-notifier.yaml
index 084e7652..f525d6bd 100644
--- a/docker/services/aodh-notifier.yaml
+++ b/docker/services/aodh-notifier.yaml
@@ -78,3 +78,7 @@ outputs:
- /etc/localtime:/etc/localtime:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ upgrade_tasks:
+ - name: Stop and disable openstack-aodh-notifier service
+ tags: step2
+ service: name=openstack-aodh-notifier.service state=stopped enabled=no
diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml
index bd3a010e..3f8baef7 100644
--- a/docker/services/keystone.yaml
+++ b/docker/services/keystone.yaml
@@ -30,6 +30,12 @@ parameters:
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
+ KeystoneTokenProvider:
+ description: The keystone token format
+ type: string
+ default: 'uuid'
+ constraints:
+ - allowed_values: ['uuid', 'fernet']
resources:
@@ -40,6 +46,9 @@ resources:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
+conditions:
+ keystone_fernet_tokens: {equals: [{get_param: KeystoneTokenProvider}, "fernet"]}
+
outputs:
role_data:
description: Role data for the Keystone API role.
@@ -80,6 +89,16 @@ outputs:
owner: keystone
perm: '0600'
source: /var/lib/kolla/config_files/src/etc/keystone/credential-keys/1
+ - dest: /etc/keystone/fernet-keys/0
+ owner: keystone
+ perm: '0600'
+ source: /var/lib/kolla/config_files/src/etc/keystone/fernet-keys/0
+ optional: {if: [keystone_fernet_tokens, false, true]}
+ - dest: /etc/keystone/fernet-keys/1
+ owner: keystone
+ perm: '0600'
+ source: /var/lib/kolla/config_files/src/etc/keystone/fernet-keys/1
+ optional: {if: [keystone_fernet_tokens, false, true]}
- dest: /etc/httpd/conf.d/10-keystone_wsgi_admin.conf
owner: root
perm: '0644'