diff options
Diffstat (limited to 'docker')
-rw-r--r-- | docker/docker-steps.j2 | 31 | ||||
-rwxr-xr-x | docker/docker-toool | 3 | ||||
-rw-r--r-- | docker/services/iscsid.yaml | 109 | ||||
-rw-r--r-- | docker/services/manila-api.yaml | 112 | ||||
-rw-r--r-- | docker/services/multipathd.yaml | 89 | ||||
-rw-r--r-- | docker/services/sensu-client.yaml | 131 | ||||
-rw-r--r-- | docker/services/swift-storage.yaml | 23 |
7 files changed, 482 insertions, 16 deletions
diff --git a/docker/docker-steps.j2 b/docker/docker-steps.j2 index a56ca02b..3dd963b9 100644 --- a/docker/docker-steps.j2 +++ b/docker/docker-steps.j2 @@ -139,10 +139,6 @@ resources: - name: Write kolla config json files copy: content="{{item.value|to_json}}" dest="{{item.key}}" force=yes with_dict: "{{kolla_config}}" - - name: Install paunch FIXME remove when packaged - shell: | - yum -y install python-pip - pip install paunch ######################################################## # Bootstrap tasks, only performed on bootstrap_server_id ######################################################## @@ -220,26 +216,31 @@ resources: {% endfor %} # END CONFIG STEPS - {{role.name}}PostConfig: - type: OS::TripleO::Tasks::{{role.name}}PostConfig + # Note, this should be the last step to execute configuration changes. + # Ensure that all {{role.name}}ExtraConfigPost steps are executed + # after all the previous deployment steps. + {{role.name}}ExtraConfigPost: depends_on: {% for dep in roles %} - {{dep.name}}Deployment_Step5 {% endfor %} + type: OS::TripleO::NodeExtraConfigPost properties: - servers: {get_param: servers} - input_values: - update_identifier: {get_param: DeployIdentifier} + servers: {get_param: [servers, {{role.name}}]} - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - {{role.name}}ExtraConfigPost: + # The {{role.name}}PostConfig steps are in charge of + # quiescing all services, i.e. in the Controller case, + # we should run a full service reload. + {{role.name}}PostConfig: + type: OS::TripleO::Tasks::{{role.name}}PostConfig depends_on: {% for dep in roles %} - - {{dep.name}}PostConfig + - {{dep.name}}ExtraConfigPost {% endfor %} - type: OS::TripleO::NodeExtraConfigPost properties: - servers: {get_param: [servers, {{role.name}}]} + servers: {get_param: servers} + input_values: + update_identifier: {get_param: DeployIdentifier} + {% endfor %} diff --git a/docker/docker-toool b/docker/docker-toool index 36aba4a7..0b87ea92 100755 --- a/docker/docker-toool +++ b/docker/docker-toool @@ -75,6 +75,9 @@ def parse_opts(argv): def docker_arg_map(key, value): value = str(value).encode('ascii', 'ignore') + if len(value) == 0: + return '' + return { 'environment': "--env=%s" % value, # 'image': value, diff --git a/docker/services/iscsid.yaml b/docker/services/iscsid.yaml new file mode 100644 index 00000000..53f5aff2 --- /dev/null +++ b/docker/services/iscsid.yaml @@ -0,0 +1,109 @@ +heat_template_version: pike + +description: > + OpenStack containerized Iscsid service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerIscsidImage: + description: image + default: 'centos-binary-iscsid:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + DefaultPasswords: + default: {} + type: json + +resources: + + ContainersCommon: + type: ./containers-common.yaml + +outputs: + role_data: + description: Role data for the Iscsid API role. + value: + service_name: iscsid + config_settings: {} + step_config: '' + service_config_settings: {} + # BEGIN DOCKER SETTINGS + puppet_config: + config_volume: iscsid + #puppet_tags: file + step_config: '' + config_image: &iscsid_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerIscsidImage} ] + kolla_config: + /var/lib/kolla/config_files/iscsid.json: + command: /usr/sbin/iscsid -f + docker_config: + step_3: + iscsid: + start_order: 2 + image: *iscsid_image + net: host + privileged: true + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/iscsid.json:/var/lib/kolla/config_files/config.json:ro + - /dev/:/dev/ + - /run/:/run/ + - /sys:/sys + - /lib/modules:/lib/modules:ro + - /etc/iscsi:/etc/iscsi + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + host_prep_tasks: + - name: create /etc/iscsi + file: + path: /etc/iscsi + state: directory + - name: stat /lib/systemd/system/iscsid.socket + stat: path=/lib/systemd/system/iscsid.socket + register: stat_iscsid_socket + - name: Stop and disable iscsid.socket service + service: name=iscsid.socket state=stopped enabled=no + when: stat_iscsid_socket.stat.exists + upgrade_tasks: + - name: stat /lib/systemd/system/iscsid.service + stat: path=/lib/systemd/system/iscsid.service + register: stat_iscsid_service + - name: Stop and disable iscsid service + tags: step2 + service: name=iscsid state=stopped enabled=no + when: stat_iscsid_service.stat.exists + - name: stat /lib/systemd/system/iscsid.socket + stat: path=/lib/systemd/system/iscsid.socket + register: stat_iscsid_socket + - name: Stop and disable iscsid.socket service + tags: step2 + service: name=iscsid.socket state=stopped enabled=no + when: stat_iscsid_socket.stat.exists + metadata_settings: {} diff --git a/docker/services/manila-api.yaml b/docker/services/manila-api.yaml new file mode 100644 index 00000000..47d0f579 --- /dev/null +++ b/docker/services/manila-api.yaml @@ -0,0 +1,112 @@ +heat_template_version: pike + +description: > + OpenStack containerized Manila API service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerManilaApiImage: + description: image + default: 'centos-binary-manila-api:latest' + type: string + DockerManilaConfigImage: + description: image + default: 'centos-binary-manila-base:latest' + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + +resources: + + ManilaApiPuppetBase: + type: ../../puppet/services/manila-api.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + +outputs: + role_data: + description: Role data for the Manila API role. + value: + service_name: {get_attr: [ManilaApiPuppetBase, role_data, service_name]} + config_settings: {get_attr: [ManilaApiPuppetBase, role_data, config_settings]} + step_config: &step_config + {get_attr: [ManilaApiPuppetBase, role_data, step_config]} + service_config_settings: {get_attr: [ManilaApiPuppetBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS # + puppet_config: + config_volume: manila + puppet_tags: manila_config,manila_api_paste_ini + step_config: *step_config + config_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerManilaConfigImage} ] + kolla_config: + /var/lib/kolla/config_files/manila_api.json: + command: /usr/bin/manila-api --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf + permissions: + - path: /var/log/manila + owner: manila:manila + recurse: true + docker_config: + step_3: + manila_api_db_sync: + user: root + image: &manila_api_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerManilaApiImage} ] + net: host + detach: false + volumes: + - /var/lib/config-data/manila/etc/manila/:/etc/manila:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + - logs:/var/log + command: "/usr/bin/bootstrap_host_exec manila_api su manila -s /bin/bash -c '/usr/bin/manila-manage db sync'" + step_4: + manila_api: + image: *manila_api_image + net: host + restart: always + volumes: + - /var/lib/kolla/config_files/manila_api.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/manila/etc/manila/:/etc/manila/:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + - /var/log/containers/manila:/var/log/manila + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + host_prep_tasks: + - name: Create persistent manila logs directory + file: + path: /var/log/containers/manila + state: directory + upgrade_tasks: + - name: Stop and disable manila_api service + tags: step2 + service: name=openstack-manila-api state=stopped enabled=no diff --git a/docker/services/multipathd.yaml b/docker/services/multipathd.yaml new file mode 100644 index 00000000..d8927d4b --- /dev/null +++ b/docker/services/multipathd.yaml @@ -0,0 +1,89 @@ +heat_template_version: pike + +description: > + OpenStack containerized Multipathd service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerMultipathdImage: + description: image + default: 'centos-binary-multipathd:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + DefaultPasswords: + default: {} + type: json + +resources: + + ContainersCommon: + type: ./containers-common.yaml + +outputs: + role_data: + description: Role data for the Multipathd API role. + value: + service_name: multipathd + config_settings: {} + step_config: '' + service_config_settings: {} + # BEGIN DOCKER SETTINGS + puppet_config: + config_volume: multipathd + #puppet_tags: file + step_config: '' + config_image: &multipathd_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerMultipathdImage} ] + kolla_config: + /var/lib/kolla/config_files/multipathd.json: + command: /usr/sbin/multipathd -d + docker_config: + step_3: + multipathd: + start_order: 1 + image: *multipathd_image + net: host + privileged: true + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/multipathd.json:/var/lib/kolla/config_files/config.json:ro + - /dev/:/dev/ + - /run/:/run/ + - /sys:/sys + - /lib/modules:/lib/modules:ro + - /etc/iscsi:/etc/iscsi + - /var/lib/cinder:/var/lib/cinder + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + host_prep_tasks: + upgrade_tasks: + - name: Stop and disable multipathd service + tags: step2 + service: name=multipathd state=stopped enabled=no + metadata_settings: {} diff --git a/docker/services/sensu-client.yaml b/docker/services/sensu-client.yaml new file mode 100644 index 00000000..e6bdf155 --- /dev/null +++ b/docker/services/sensu-client.yaml @@ -0,0 +1,131 @@ +heat_template_version: pike + +description: > + Containerized Sensu client service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerSensuClientImage: + description: image + default: 'centos-binary-sensu-client:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + SensuDockerCheckCommand: + type: string + default: | + for i in $(docker ps --format '{{.ID}}'); do + if result=$(docker inspect --format='{{.State.Health.Status}}' $i 2>/dev/null); then + if [ "$result" != 'healthy' ]; then + echo "$(docker inspect --format='{{.Name}}' $i) ($i): $(docker inspect --format='{{json .State}}' $i)" && exit 2; + fi + fi + done + SensuDockerCheckInterval: + type: number + description: The frequency in seconds the docker health check is executed. + default: 10 + SensuDockerCheckHandlers: + default: [] + description: The Sensu event handler to use for events + created by the docker health check. + type: comma_delimited_list + SensuDockerCheckOccurrences: + type: number + description: The number of event occurrences before sensu-plugin-aware handler should take action. + default: 3 + SensuDockerCheckRefresh: + type: number + description: The number of seconds sensu-plugin-aware handlers should wait before taking second action. + default: 90 + +resources: + + ContainersCommon: + type: ./containers-common.yaml + + SensuClientBase: + type: ../../puppet/services/monitoring/sensu-client.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + +outputs: + role_data: + description: Role data for the Sensu client role. + value: + service_name: {get_attr: [SensuClientBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [SensuClientBase, role_data, config_settings] + - sensu::checks: + check-docker-health: + standalone: true + command: {get_param: SensuDockerCheckCommand} + interval: {get_param: SensuDockerCheckInterval} + handlers: {get_param: SensuDockerCheckHandlers} + occurrences: {get_param: SensuDockerCheckOccurrences} + refresh: {get_param: SensuDockerCheckRefresh} + step_config: &step_config + get_attr: [SensuClientBase, role_data, step_config] + service_config_settings: {get_attr: [SensuClientBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS + puppet_config: + config_volume: sensu + puppet_tags: sensu_rabbitmq_config,sensu_client_config,sensu_check_config,sensu_check + step_config: *step_config + config_image: &sensu_client_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerSensuClientImage} ] + kolla_config: + /var/lib/kolla/config_files/sensu-client.json: + command: /usr/bin/sensu-client -d /etc/sensu/conf.d/ + docker_config: + step_3: + sensu_client: + image: *sensu_client_image + net: host + privileged: true + # NOTE(mmagr) kolla image changes the user to 'sensu', we need it + # to be root have rw permission to docker.sock to run successfully + # "docker inspect" command + user: root + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/run/docker.sock:/var/run/docker.sock:rw + - /var/lib/kolla/config_files/sensu-client.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/sensu/etc/sensu/:/etc/sensu/:ro + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + upgrade_tasks: + - name: Stop and disable sensu-client service + tags: step2 + service: name=sensu-client.service state=stopped enabled=no diff --git a/docker/services/swift-storage.yaml b/docker/services/swift-storage.yaml index 017fb123..55aea208 100644 --- a/docker/services/swift-storage.yaml +++ b/docker/services/swift-storage.yaml @@ -46,6 +46,11 @@ parameters: via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json + resources: @@ -66,7 +71,11 @@ outputs: description: Role data for the swift storage services. value: service_name: {get_attr: [SwiftStorageBase, role_data, service_name]} - config_settings: {get_attr: [SwiftStorageBase, role_data, config_settings]} + config_settings: + map_merge: + - {get_attr: [SwiftStorageBase, role_data, config_settings]} + # FIXME (cschwede): re-enable this once checks works inside containers + - swift::storage::all::mount_check: false step_config: &step_config get_attr: [SwiftStorageBase, role_data, step_config] service_config_settings: {get_attr: [SwiftStorageBase, role_data, service_config_settings]} @@ -348,6 +357,18 @@ outputs: with_items: - /var/log/containers/swift - /srv/node + - name: Format and mount devices defined in SwiftRawDisks + mount: + name: /srv/node/{{ item }} + src: /dev/{{ item }} + fstype: xfs + opts: noatime + state: mounted + with_items: + - repeat: + template: 'DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} upgrade_tasks: - name: Stop and disable swift storage services tags: step2 |