diff options
Diffstat (limited to 'docker')
| -rwxr-xr-x | docker/docker-puppet.py | 14 | ||||
| -rw-r--r-- | docker/services/cinder-api.yaml | 1 | ||||
| -rw-r--r-- | docker/services/glance-api.yaml | 16 | ||||
| -rw-r--r-- | docker/services/heat-api.yaml | 1 | ||||
| -rw-r--r-- | docker/services/horizon.yaml | 6 | ||||
| -rw-r--r-- | docker/services/keystone.yaml | 1 | ||||
| -rw-r--r-- | docker/services/nova-api.yaml | 1 | ||||
| -rw-r--r-- | docker/services/pacemaker/clustercheck.yaml | 5 |
8 files changed, 40 insertions, 5 deletions
diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py index 533ed07d..d12e0551 100755 --- a/docker/docker-puppet.py +++ b/docker/docker-puppet.py @@ -225,8 +225,14 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume touch /tmp/the_origin_of_time sync + set +e FACTER_hostname=$HOSTNAME FACTER_uuid=docker /usr/bin/puppet apply \ - --color=false --logdest syslog --logdest console $TAGS /etc/config.pp + --detailed-exitcodes --color=false --logdest syslog --logdest console $TAGS /etc/config.pp + rc=$? + set -e + if [ $rc -ne 2 -a $rc -ne 0 ]; then + exit $rc + fi # Disables archiving if [ -z "$NO_ARCHIVE" ]; then @@ -307,7 +313,9 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume subproc = subprocess.Popen(dcmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, env=env) cmd_stdout, cmd_stderr = subproc.communicate() - if subproc.returncode != 0: + # puppet with --detailed-exitcodes will return 0 for success and no changes + # and 2 for success and resource changes. Other numbers are failures + if subproc.returncode not in [0, 2]: log.error('Failed running docker-puppet.py for %s' % config_volume) if cmd_stdout: log.error(cmd_stdout) @@ -355,7 +363,7 @@ returncodes = list(p.map(mp_puppet_config, process_map)) config_volumes = [pm[0] for pm in process_map] success = True for returncode, config_volume in zip(returncodes, config_volumes): - if returncode != 0: + if returncode not in [0, 2]: log.error('ERROR configuring %s' % config_volume) success = False diff --git a/docker/services/cinder-api.yaml b/docker/services/cinder-api.yaml index 25390c63..336b4540 100644 --- a/docker/services/cinder-api.yaml +++ b/docker/services/cinder-api.yaml @@ -200,6 +200,7 @@ outputs: tags: step2 service: name=httpd state=stopped enabled=no - name: remove old cinder cron jobs + tags: step2 file: path: /var/spool/cron/cinder state: absent diff --git a/docker/services/glance-api.yaml b/docker/services/glance-api.yaml index 1a6f5c77..b4336bea 100644 --- a/docker/services/glance-api.yaml +++ b/docker/services/glance-api.yaml @@ -39,6 +39,13 @@ parameters: EnableInternalTLS: type: boolean default: false + GlanceBackend: + default: swift + description: The short name of the Glance backend to use. Should be one + of swift, rbd, cinder, or file + type: string + constraints: + - allowed_values: ['swift', 'file', 'rbd', 'cinder'] GlanceNfsEnabled: default: false description: > @@ -63,6 +70,7 @@ conditions: internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} nfs_backend_enabled: {equals: [{get_param: GlanceNfsEnabled}, true]} + cinder_backend_enabled: {equals: [{get_param: GlanceBackend}, cinder]} resources: @@ -161,6 +169,12 @@ outputs: - nfs_backend_enabled - /var/lib/glance:/var/lib/glance - '' + - + if: + - cinder_backend_enabled + - - /dev:/dev + - /etc/iscsi:/etc/iscsi + - [] environment: - KOLLA_BOOTSTRAP=True - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS @@ -171,7 +185,7 @@ outputs: start_order: 2 image: *glance_api_image net: host - privileged: false + privileged: {if: [cinder_backend_enabled, true, false]} restart: always volumes: *glance_volumes environment: diff --git a/docker/services/heat-api.yaml b/docker/services/heat-api.yaml index 75d0b8c1..dcba519f 100644 --- a/docker/services/heat-api.yaml +++ b/docker/services/heat-api.yaml @@ -166,6 +166,7 @@ outputs: ignore_errors: True register: heat_api_enabled - name: remove old heat cron jobs + tags: step2 file: path: /var/spool/cron/heat state: absent diff --git a/docker/services/horizon.yaml b/docker/services/horizon.yaml index 2c7d7a74..94fd9eef 100644 --- a/docker/services/horizon.yaml +++ b/docker/services/horizon.yaml @@ -95,6 +95,12 @@ outputs: - path: /var/log/horizon/ owner: apache:apache recurse: true + # NOTE The upstream Kolla Dockerfile sets /etc/openstack-dashboard/ ownership to + # horizon:horizon - the policy.json files need read permissions for the apache user + # FIXME We should consider whether this should be fixed in the Kolla Dockerfile instead + - path: /etc/openstack-dashboard/ + owner: apache:apache + recurse: true # FIXME Apache tries to write a .lock file there - path: /usr/share/openstack-dashboard/openstack_dashboard/local/ owner: apache:apache diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml index 26cef614..a8ba5bf1 100644 --- a/docker/services/keystone.yaml +++ b/docker/services/keystone.yaml @@ -211,6 +211,7 @@ outputs: tags: step2 service: name=httpd state=stopped enabled=no - name: remove old keystone cron jobs + tags: step2 file: path: /var/spool/cron/keystone state: absent diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml index f262bcb1..7f1b7a54 100644 --- a/docker/services/nova-api.yaml +++ b/docker/services/nova-api.yaml @@ -246,6 +246,7 @@ outputs: ignore_errors: True when: {get_param: UpgradeRemoveUnusedPackages} - name: remove old nova cron jobs + tags: step2 file: path: /var/spool/cron/nova state: absent diff --git a/docker/services/pacemaker/clustercheck.yaml b/docker/services/pacemaker/clustercheck.yaml index b5d128d4..6db8a212 100644 --- a/docker/services/pacemaker/clustercheck.yaml +++ b/docker/services/pacemaker/clustercheck.yaml @@ -44,8 +44,11 @@ resources: ContainersCommon: type: ../containers-common.yaml +# We import from the corresponding docker service because otherwise we risk +# rewriting the tripleo.mysql.firewall_rules key with the baremetal firewall +# rules (see LP#1728918) MysqlPuppetBase: - type: ../../../puppet/services/pacemaker/database/mysql.yaml + type: ../../../docker/services/pacemaker/database/mysql.yaml properties: EndpointMap: {get_param: EndpointMap} ServiceData: {get_param: ServiceData} |