summaryrefslogtreecommitdiffstats
path: root/docker
diff options
context:
space:
mode:
Diffstat (limited to 'docker')
-rw-r--r--docker/services/aodh-api.yaml18
-rw-r--r--docker/services/aodh-evaluator.yaml10
-rw-r--r--docker/services/aodh-listener.yaml10
-rw-r--r--docker/services/aodh-notifier.yaml10
-rw-r--r--docker/services/database/mongodb.yaml16
-rw-r--r--docker/services/database/mysql.yaml24
-rw-r--r--docker/services/glance-api.yaml20
-rw-r--r--docker/services/gnocchi-api.yaml17
-rw-r--r--docker/services/gnocchi-metricd.yaml10
-rw-r--r--docker/services/gnocchi-statsd.yaml10
-rw-r--r--docker/services/heat-api-cfn.yaml29
-rw-r--r--docker/services/heat-api.yaml29
-rw-r--r--docker/services/heat-engine.yaml21
-rw-r--r--docker/services/ironic-api.yaml23
-rw-r--r--docker/services/ironic-conductor.yaml11
-rw-r--r--docker/services/ironic-pxe.yaml14
-rw-r--r--docker/services/keystone.yaml14
-rw-r--r--docker/services/memcached.yaml11
-rw-r--r--docker/services/mistral-api.yaml25
-rw-r--r--docker/services/mistral-engine.yaml10
-rw-r--r--docker/services/mistral-executor.yaml10
-rw-r--r--docker/services/neutron-api.yaml23
-rw-r--r--docker/services/neutron-dhcp.yaml10
-rw-r--r--docker/services/neutron-l3.yaml10
-rw-r--r--docker/services/neutron-ovs-agent.yaml12
-rw-r--r--docker/services/nova-api.yaml38
-rw-r--r--docker/services/nova-compute.yaml16
-rw-r--r--docker/services/nova-conductor.yaml11
-rw-r--r--docker/services/nova-ironic.yaml18
-rw-r--r--docker/services/nova-libvirt.yaml6
-rw-r--r--docker/services/nova-placement.yaml10
-rw-r--r--docker/services/nova-scheduler.yaml10
-rw-r--r--docker/services/panko-api.yaml16
-rw-r--r--docker/services/rabbitmq.yaml26
-rw-r--r--docker/services/swift-proxy.yaml12
-rw-r--r--docker/services/swift-storage.yaml24
-rw-r--r--docker/services/zaqar.yaml15
37 files changed, 523 insertions, 76 deletions
diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml
index b93a92e1..0bf15e12 100644
--- a/docker/services/aodh-api.yaml
+++ b/docker/services/aodh-api.yaml
@@ -70,15 +70,20 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/aodh-api.json:
command: /usr/sbin/httpd -DFOREGROUND
+ permissions:
+ - path: /var/log/aodh
+ owner: aodh:aodh
+ recurse: true
docker_config:
+ # db sync runs before permissions set by kolla_config
step_3:
aodh_init_log:
start_order: 0
image: *aodh_image
user: root
- command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && mkdir -p /var/log/aodh && chown aodh:aodh /var/log/aodh']
volumes:
- - logs:/var/log
+ - /var/log/containers/aodh:/var/log/aodh
+ command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd; chown -R aodh:aodh /var/log/aodh']
aodh_db_sync:
start_order: 1
image: *aodh_image
@@ -90,7 +95,7 @@ outputs:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
- - logs:/var/log
+ - /var/log/containers/aodh:/var/log/aodh
command: /usr/bin/aodh-dbsync
step_4:
aodh_api:
@@ -106,7 +111,7 @@ outputs:
- /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
- /var/lib/config-data/aodh/etc/httpd/:/etc/httpd/:ro
- /var/lib/config-data/aodh/var/www/:/var/www/:ro
- - logs:/var/log
+ - /var/log/containers/aodh:/var/log/aodh
-
if:
- internal_tls_enabled
@@ -119,6 +124,11 @@ outputs:
- ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/aodh
+ state: directory
upgrade_tasks:
- name: Stop and disable aodh service (running under httpd)
tags: step2
diff --git a/docker/services/aodh-evaluator.yaml b/docker/services/aodh-evaluator.yaml
index c8e7d691..065f03e8 100644
--- a/docker/services/aodh-evaluator.yaml
+++ b/docker/services/aodh-evaluator.yaml
@@ -62,6 +62,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/aodh-evaluator.json:
command: /usr/bin/aodh-evaluator
+ permissions:
+ - path: /var/log/aodh
+ owner: aodh:aodh
+ recurse: true
docker_config:
step_4:
aodh_evaluator:
@@ -75,8 +79,14 @@ outputs:
-
- /var/lib/kolla/config_files/aodh-evaluator.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
+ - /var/log/containers/aodh:/var/log/aodh
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/aodh
+ state: directory
upgrade_tasks:
- name: Stop and disable openstack-aodh-evaluator service
tags: step2
diff --git a/docker/services/aodh-listener.yaml b/docker/services/aodh-listener.yaml
index 9e65c1c4..eb77e506 100644
--- a/docker/services/aodh-listener.yaml
+++ b/docker/services/aodh-listener.yaml
@@ -62,6 +62,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/aodh-listener.json:
command: /usr/bin/aodh-listener
+ permissions:
+ - path: /var/log/aodh
+ owner: aodh:aodh
+ recurse: true
docker_config:
step_4:
aodh_listener:
@@ -75,8 +79,14 @@ outputs:
-
- /var/lib/kolla/config_files/aodh-listener.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
+ - /var/log/containers/aodh:/var/log/aodh
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/aodh
+ state: directory
upgrade_tasks:
- name: Stop and disable openstack-aodh-listener service
tags: step2
diff --git a/docker/services/aodh-notifier.yaml b/docker/services/aodh-notifier.yaml
index 402b8abf..fb6913b8 100644
--- a/docker/services/aodh-notifier.yaml
+++ b/docker/services/aodh-notifier.yaml
@@ -62,6 +62,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/aodh-notifier.json:
command: /usr/bin/aodh-notifier
+ permissions:
+ - path: /var/log/aodh
+ owner: aodh:aodh
+ recurse: true
docker_config:
step_4:
aodh_notifier:
@@ -75,8 +79,14 @@ outputs:
-
- /var/lib/kolla/config_files/aodh-notifier.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
+ - /var/log/containers/aodh:/var/log/aodh
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/aodh
+ state: directory
upgrade_tasks:
- name: Stop and disable openstack-aodh-notifier service
tags: step2
diff --git a/docker/services/database/mongodb.yaml b/docker/services/database/mongodb.yaml
index 7d2d1a15..4a620a4a 100644
--- a/docker/services/database/mongodb.yaml
+++ b/docker/services/database/mongodb.yaml
@@ -66,6 +66,9 @@ outputs:
- path: /var/lib/mongodb
owner: mongodb:mongodb
recurse: true
+ - path: /var/log/mongodb
+ owner: mongodb:mongodb
+ recurse: true
docker_config:
step_2:
mongodb:
@@ -76,7 +79,7 @@ outputs:
- /var/lib/kolla/config_files/mongodb.json:/var/lib/kolla/config_files/config.json
- /var/lib/config-data/mongodb/etc/:/etc/:ro
- /etc/localtime:/etc/localtime:ro
- - logs:/var/log/kolla
+ - /var/log/containers/mongodb:/var/log/mongodb
- /var/lib/mongodb:/var/lib/mongodb
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
@@ -88,13 +91,16 @@ outputs:
step_config: 'include ::tripleo::profile::base::database::mongodb'
config_image: *mongodb_image
volumes:
- - /var/lib/mongodb:/var/lib/mongodb
- - logs:/var/log/kolla:ro
+ - /var/lib/mongodb:/var/lib/mongodb
+ - /var/log/containers/mongodb:/var/log/mongodb
host_prep_tasks:
- - name: create /var/lib/mongodb
+ - name: create persistent directories
file:
- path: /var/lib/mongodb
+ path: "{{ item }}"
state: directory
+ with_items:
+ - /var/log/containers/mongodb
+ - /var/lib/mongodb
upgrade_tasks:
- name: Stop and disable mongodb service
tags: step2
diff --git a/docker/services/database/mysql.yaml b/docker/services/database/mysql.yaml
index cba2070d..e065e20e 100644
--- a/docker/services/database/mysql.yaml
+++ b/docker/services/database/mysql.yaml
@@ -76,9 +76,18 @@ outputs:
owner: mysql:mysql
recurse: true
docker_config:
+ # Kolla_bootstrap runs before permissions set by kolla_config
step_2:
- mysql_bootstrap:
+ mysql_init_logs:
start_order: 0
+ image: *mysql_image
+ privileged: false
+ user: root
+ volumes:
+ - /var/log/containers/mysql:/var/log/mariadb
+ command: ['/bin/bash', '-c', 'chown -R mysql:mysql /var/log/mariadb']
+ mysql_bootstrap:
+ start_order: 1
detach: false
image: *mysql_image
net: host
@@ -90,12 +99,13 @@ outputs:
- /etc/localtime:/etc/localtime:ro
- /etc/hosts:/etc/hosts:ro
- /var/lib/mysql:/var/lib/mysql
+ - /var/log/containers/mysql:/var/log/mariadb
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- KOLLA_BOOTSTRAP=True
# NOTE(mandre) skip wsrep cluster status check
- KOLLA_KUBERNETES=True
- -
+ -
list_join:
- '='
- - 'DB_ROOT_PASSWORD'
@@ -107,7 +117,7 @@ outputs:
- {get_param: MysqlRootPassword}
- {get_param: [DefaultPasswords, mysql_root_password]}
mysql:
- start_order: 1
+ start_order: 2
image: *mysql_image
restart: always
net: host
@@ -123,12 +133,16 @@ outputs:
config_image: *mysql_image
volumes:
- /var/lib/mysql:/var/lib/mysql/:ro
+ - /var/log/containers/mysql:/var/log/mariadb
- /var/lib/config-data/mysql/root:/root:ro #provides .my.cnf
host_prep_tasks:
- - name: create /var/lib/mysql
+ - name: create persistent directories
file:
- path: /var/lib/mysql
+ path: "{{ item }}"
state: directory
+ with_items:
+ - /var/log/containers/mysql
+ - /var/lib/mysql
upgrade_tasks:
- name: Stop and disable mysql service
tags: step2
diff --git a/docker/services/glance-api.yaml b/docker/services/glance-api.yaml
index 7f4ee434..9fa90082 100644
--- a/docker/services/glance-api.yaml
+++ b/docker/services/glance-api.yaml
@@ -64,8 +64,18 @@ outputs:
/var/lib/kolla/config_files/glance-api.json:
command: /usr/bin/glance-api --config-file /usr/share/glance/glance-api-dist.conf --config-file /etc/glance/glance-api.conf
docker_config:
+ # Kolla_bootstrap/db_sync runs before permissions set by kolla_config
step_3:
+ glance_init_logs:
+ start_order: 0
+ image: *glance_image
+ privileged: false
+ user: root
+ volumes:
+ - /var/log/containers/glance:/var/log/glance
+ command: ['/bin/bash', '-c', 'chown -R glance:glance /var/log/glance']
glance_api_db_sync:
+ start_order: 1
image: *glance_image
net: host
privileged: false
@@ -76,14 +86,13 @@ outputs:
-
- /var/lib/kolla/config_files/glance-api.json:/var/lib/kolla/config_files/config.json
- /var/lib/config-data/glance_api/etc/glance/:/etc/glance/:ro
- - /lib/modules:/lib/modules:ro
- - /run:/run
- - /dev:/dev
+ - /var/log/containers/glance:/var/log/glance
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
step_4:
glance_api:
+ start_order: 2
image: *glance_image
net: host
privileged: false
@@ -91,6 +100,11 @@ outputs:
volumes: *glance_volumes
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/glance
+ state: directory
upgrade_tasks:
- name: Stop and disable glance_api service
tags: step2
diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml
index 3fbdac4e..aab351fc 100644
--- a/docker/services/gnocchi-api.yaml
+++ b/docker/services/gnocchi-api.yaml
@@ -70,15 +70,20 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/gnocchi-api.json:
command: /usr/sbin/httpd -DFOREGROUND
+ permissions:
+ - path: /var/log/gnocchi
+ owner: gnocchi:gnocchi
+ recurse: true
docker_config:
+ # db sync runs before permissions set by kolla_config
step_3:
gnocchi_init_log:
start_order: 0
image: *gnocchi_image
user: root
- command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && mkdir -p /var/log/gnocchi && chown gnocchi:gnocchi /var/log/gnocchi']
volumes:
- - logs:/var/log
+ - /var/log/containers/gnocchi:/var/log/gnocchi
+ command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd; chown -R gnocchi:gnocchi /var/log/gnocchi']
gnocchi_db_sync:
start_order: 1
image: *gnocchi_image
@@ -90,7 +95,7 @@ outputs:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- - logs:/var/log
+ - /var/log/containers/gnocchi:/var/log/gnocchi
command: ["/usr/bin/gnocchi-upgrade", "--skip-storage"]
step_4:
gnocchi_api:
@@ -106,6 +111,7 @@ outputs:
- /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- /var/lib/config-data/gnocchi/etc/httpd/:/etc/httpd/:ro
- /var/lib/config-data/gnocchi/var/www/:/var/www/:ro
+ - /var/log/containers/gnocchi:/var/log/gnocchi
-
if:
- internal_tls_enabled
@@ -118,6 +124,11 @@ outputs:
- ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/gnocchi
+ state: directory
upgrade_tasks:
- name: Stop and disable httpd service
tags: step2
diff --git a/docker/services/gnocchi-metricd.yaml b/docker/services/gnocchi-metricd.yaml
index 9739735b..b0faa51c 100644
--- a/docker/services/gnocchi-metricd.yaml
+++ b/docker/services/gnocchi-metricd.yaml
@@ -60,6 +60,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/gnocchi-metricd.json:
command: /usr/bin/gnocchi-metricd
+ permissions:
+ - path: /var/log/gnocchi
+ owner: gnocchi:gnocchi
+ recurse: true
docker_config:
step_4:
gnocchi_metricd:
@@ -73,8 +77,14 @@ outputs:
-
- /var/lib/kolla/config_files/gnocchi-metricd.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
+ - /var/log/containers/gnocchi:/var/log/gnocchi
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/gnocchi
+ state: directory
upgrade_tasks:
- name: Stop and disable openstack-gnocchi-metricd service
tags: step2
diff --git a/docker/services/gnocchi-statsd.yaml b/docker/services/gnocchi-statsd.yaml
index 8b3071a3..3b9667d7 100644
--- a/docker/services/gnocchi-statsd.yaml
+++ b/docker/services/gnocchi-statsd.yaml
@@ -60,6 +60,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/gnocchi-statsd.json:
command: /usr/bin/gnocchi-statsd
+ permissions:
+ - path: /var/log/gnocchi
+ owner: gnocchi:gnocchi
+ recurse: true
docker_config:
step_4:
gnocchi_statsd:
@@ -73,8 +77,14 @@ outputs:
-
- /var/lib/kolla/config_files/gnocchi-statsd.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
+ - /var/log/containers/gnocchi:/var/log/gnocchi
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/gnocchi
+ state: directory
upgrade_tasks:
- name: Stop and disable openstack-gnocchi-statsd service
tags: step2
diff --git a/docker/services/heat-api-cfn.yaml b/docker/services/heat-api-cfn.yaml
index ae46e92b..fc228155 100644
--- a/docker/services/heat-api-cfn.yaml
+++ b/docker/services/heat-api-cfn.yaml
@@ -12,10 +12,10 @@ parameters:
description: image
default: 'centos-binary-heat-api-cfn:latest'
type: string
- # we configure all heat services in the same heat engine container
+ # puppet needs the heat-wsgi-api-cfn binary from centos-binary-heat-api-cfn
DockerHeatConfigImage:
description: image
- default: 'centos-binary-heat-engine:latest'
+ default: 'centos-binary-heat-api-cfn:latest'
type: string
EndpointMap:
default: {}
@@ -59,7 +59,7 @@ outputs:
service_config_settings: {get_attr: [HeatBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
- config_volume: heat
+ config_volume: heat_api_cfn
puppet_tags: heat_config,file,concat,file_line
step_config: *step_config
config_image:
@@ -68,7 +68,11 @@ outputs:
- [ {get_param: DockerNamespace}, {get_param: DockerHeatConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/heat_api_cfn.json:
- command: /usr/bin/heat-api-cfn --config-file /usr/share/heat/heat-dist.conf --config-file /etc/heat/heat.conf
+ command: /usr/sbin/httpd -DFOREGROUND
+ permissions:
+ - path: /var/log/heat
+ owner: heat:heat
+ recurse: true
docker_config:
step_4:
heat_api_cfn:
@@ -79,17 +83,26 @@ outputs:
net: host
privileged: false
restart: always
+ # NOTE(mandre) kolla image changes the user to 'heat', we need it
+ # to be root to run httpd
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/heat_api_cfn.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
- - /dev:/dev
- - /run:/run
+ - /var/lib/config-data/heat_api_cfn/etc/heat/:/etc/heat/:ro
+ - /var/lib/config-data/heat_api_cfn/etc/httpd/:/etc/httpd/:ro
+ - /var/lib/config-data/heat_api_cfn/var/www/:/var/www/:ro
+ - /var/log/containers/heat:/var/log/heat
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/heat
+ state: directory
upgrade_tasks:
- name: Stop and disable heat_api_cfn service
tags: step2
- service: name=openstack-heat-api-cfn state=stopped enabled=no
+ service: name=httpd state=stopped enabled=no
diff --git a/docker/services/heat-api.yaml b/docker/services/heat-api.yaml
index e75ba0ae..fe565411 100644
--- a/docker/services/heat-api.yaml
+++ b/docker/services/heat-api.yaml
@@ -12,10 +12,10 @@ parameters:
description: image
default: 'centos-binary-heat-api:latest'
type: string
- # we configure all heat services in the same heat engine container
+ # puppet needs the heat-wsgi-api binary from centos-binary-heat-api
DockerHeatConfigImage:
description: image
- default: 'centos-binary-heat-engine:latest'
+ default: 'centos-binary-heat-api:latest'
type: string
EndpointMap:
default: {}
@@ -59,7 +59,7 @@ outputs:
service_config_settings: {get_attr: [HeatBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
- config_volume: heat
+ config_volume: heat_api
puppet_tags: heat_config,file,concat,file_line
step_config: *step_config
config_image:
@@ -68,7 +68,11 @@ outputs:
- [ {get_param: DockerNamespace}, {get_param: DockerHeatConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/heat_api.json:
- command: /usr/bin/heat-api --config-file /usr/share/heat/heat-dist.conf --config-file /etc/heat/heat.conf
+ command: /usr/sbin/httpd -DFOREGROUND
+ permissions:
+ - path: /var/log/heat
+ owner: heat:heat
+ recurse: true
docker_config:
step_4:
heat_api:
@@ -79,17 +83,26 @@ outputs:
net: host
privileged: false
restart: always
+ # NOTE(mandre) kolla image changes the user to 'heat', we need it
+ # to be root to run httpd
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/heat_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
- - /dev:/dev
- - /run:/run
+ - /var/lib/config-data/heat_api/etc/heat/:/etc/heat/:ro
+ - /var/lib/config-data/heat_api/etc/httpd/:/etc/httpd/:ro
+ - /var/lib/config-data/heat_api/var/www/:/var/www/:ro
+ - /var/log/containers/heat:/var/log/heat
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/heat
+ state: directory
upgrade_tasks:
- name: Stop and disable heat_api service
tags: step2
- service: name=openstack-heat-api state=stopped enabled=no
+ service: name=httpd state=stopped enabled=no
diff --git a/docker/services/heat-engine.yaml b/docker/services/heat-engine.yaml
index ced81561..da0552af 100644
--- a/docker/services/heat-engine.yaml
+++ b/docker/services/heat-engine.yaml
@@ -64,9 +64,22 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/heat_engine.json:
command: /usr/bin/heat-engine --config-file /usr/share/heat/heat-dist.conf --config-file /etc/heat/heat.conf
+ permissions:
+ - path: /var/log/heat
+ owner: heat:heat
+ recurse: true
docker_config:
+ # db sync runs before permissions set by kolla_config
step_3:
+ heat_init_log:
+ start_order: 0
+ image: *heat_engine_image
+ user: root
+ volumes:
+ - /var/log/containers/heat:/var/log/heat
+ command: ['/bin/bash', '-c', 'chown -R heat:heat /var/log/heat']
heat_engine_db_sync:
+ start_order: 1
image: *heat_engine_image
net: host
privileged: false
@@ -76,6 +89,7 @@ outputs:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
+ - /var/log/containers/heat:/var/log/heat
command: ['heat-manage', 'db_sync']
step_4:
heat_engine:
@@ -89,9 +103,14 @@ outputs:
-
- /var/lib/kolla/config_files/heat_engine.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
- - /run:/run
+ - /var/log/containers/heat:/var/log/heat
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/heat
+ state: directory
upgrade_tasks:
- name: Stop and disable heat_engine service
tags: step2
diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml
index a15e74d0..5e7565cc 100644
--- a/docker/services/ironic-api.yaml
+++ b/docker/services/ironic-api.yaml
@@ -66,13 +66,27 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/ironic_api.json:
command: /usr/bin/ironic-api
+ permissions:
+ - path: /var/log/ironic
+ owner: ironic:ironic
+ recurse: true
docker_config:
+ # db sync runs before permissions set by kolla_config
step_3:
- ironic_db_sync:
+ ironic_init_logs:
+ start_order: 0
image: &ironic_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerIronicApiImage} ]
+ privileged: false
+ user: root
+ volumes:
+ - /var/log/containers/ironic:/var/log/ironic
+ command: ['/bin/bash', '-c', 'chown -R ironic:ironic /var/log/ironic']
+ ironic_db_sync:
+ start_order: 1
+ image: *ironic_image
net: host
privileged: false
detach: false
@@ -81,6 +95,7 @@ outputs:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/ironic/etc/:/etc/:ro
+ - /var/log/containers/ironic:/var/log/ironic
command: ['ironic-dbsync', '--config-file', '/etc/ironic/ironic.conf']
step_4:
ironic_api:
@@ -95,8 +110,14 @@ outputs:
-
- /var/lib/kolla/config_files/ironic_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/ironic/etc/:/etc/:ro
+ - /var/log/containers/ironic:/var/log/ironic
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/ironic
+ state: directory
upgrade_tasks:
- name: Stop and disable ironic_api service
tags: step2
diff --git a/docker/services/ironic-conductor.yaml b/docker/services/ironic-conductor.yaml
index 99d67e04..0b1d448a 100644
--- a/docker/services/ironic-conductor.yaml
+++ b/docker/services/ironic-conductor.yaml
@@ -78,6 +78,9 @@ outputs:
- path: /var/lib/ironic
owner: ironic:ironic
recurse: true
+ - path: /var/log/ironic
+ owner: ironic:ironic
+ recurse: true
docker_config:
step_4:
ironic_conductor:
@@ -100,13 +103,17 @@ outputs:
- /dev:/dev
- /run:/run #shared?
- /var/lib/ironic:/var/lib/ironic
+ - /var/log/containers/ironic:/var/log/ironic
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- - name: create ironic persistent data directory
+ - name: create persistent directories
file:
- path: /var/lib/ironic
+ path: "{{ item }}"
state: directory
+ with_items:
+ - /var/log/containers/ironic
+ - /var/lib/ironic
- name: stat /httpboot
stat: path=/httpboot
register: stat_httpboot
diff --git a/docker/services/ironic-pxe.yaml b/docker/services/ironic-pxe.yaml
index 7b72db20..94db8490 100644
--- a/docker/services/ironic-pxe.yaml
+++ b/docker/services/ironic-pxe.yaml
@@ -58,6 +58,10 @@ outputs:
command: /usr/sbin/httpd -DFOREGROUND
/var/lib/kolla/config_files/ironic_pxe_tftp.json:
command: /usr/sbin/in.tftpd --foreground --user root --address 0.0.0.0:69 --map-file /var/lib/ironic/tftpboot/map-file /var/lib/ironic/tftpboot
+ permissions:
+ - path: /var/log/ironic
+ owner: ironic:ironic
+ recurse: true
docker_config:
step_4:
ironic_pxe_tftp:
@@ -86,6 +90,7 @@ outputs:
- /var/lib/config-data/ironic/var/lib/ironic/tftpboot/undionly.kpxe:/var/lib/ironic/tftpboot/undionly.kpxe
- /var/lib/config-data/ironic/var/lib/ironic/tftpboot/map-file:/var/lib/ironic/tftpboot/map-file
- /dev/log:/dev/log
+ - /var/log/containers/ironic:/var/log/ironic
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
ironic_pxe_http:
@@ -101,11 +106,16 @@ outputs:
- /var/lib/kolla/config_files/ironic_pxe_http.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro
- /var/lib/config-data/ironic/etc/httpd/:/etc/httpd/:ro
+ - /var/lib/config-data/ironic/var/www/:/var/www/:ro
- /var/lib/ironic:/var/lib/ironic/
+ - /var/log/containers/ironic:/var/log/ironic
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- - name: create ironic persistent data directory
+ - name: create persistent directories
file:
- path: /var/lib/ironic
+ path: "{{ item }}"
state: directory
+ with_items:
+ - /var/lib/ironic
+ - /var/log/containers/ironic
diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml
index a751c054..ff1b4477 100644
--- a/docker/services/keystone.yaml
+++ b/docker/services/keystone.yaml
@@ -84,14 +84,15 @@ outputs:
/var/lib/kolla/config_files/keystone.json:
command: /usr/sbin/httpd -DFOREGROUND
docker_config:
+ # Kolla_bootstrap/db sync runs before permissions set by kolla_config
step_3:
- keystone-init-log:
+ keystone_init_log:
start_order: 0
image: *keystone_image
user: root
- command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && mkdir -p /var/log/keystone && chown keystone:keystone /var/log/keystone']
+ command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd; chown -R keystone:keystone /var/log/keystone']
volumes:
- - logs:/var/log
+ - /var/log/containers/keystone:/var/log/keystone
keystone_db_sync:
start_order: 1
image: *keystone_image
@@ -106,7 +107,7 @@ outputs:
- /var/lib/config-data/keystone/var/www/:/var/www/:ro
- /var/lib/config-data/keystone/etc/keystone/:/etc/keystone/:ro
- /var/lib/config-data/keystone/etc/httpd/:/etc/httpd/:ro
- - logs:/var/log
+ - /var/log/containers/keystone:/var/log/keystone
-
if:
- internal_tls_enabled
@@ -141,6 +142,11 @@ outputs:
puppet_tags: 'keystone_config,keystone_domain_config,keystone_endpoint,keystone_identity_provider,keystone_paste_ini,keystone_role,keystone_service,keystone_tenant,keystone_user,keystone_user_role,keystone_domain'
step_config: 'include ::tripleo::profile::base::keystone'
config_image: *keystone_image
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/keystone
+ state: directory
upgrade_tasks:
- name: Stop and disable keystone service (running under httpd)
tags: step2
diff --git a/docker/services/memcached.yaml b/docker/services/memcached.yaml
index f9d73f4d..c689662f 100644
--- a/docker/services/memcached.yaml
+++ b/docker/services/memcached.yaml
@@ -60,7 +60,17 @@ outputs:
kolla_config: {}
docker_config:
step_1:
+ memcached_init_logs:
+ start_order: 0
+ image: *memcached_image
+ privileged: false
+ user: root
+ volumes:
+ - /var/lib/config-data/memcached/etc/sysconfig/memcached:/etc/sysconfig/memcached:ro
+ - /var/log/memcached.log:/var/log/memcached.log
+ command: ['/bin/bash', '-c', 'source /etc/sysconfig/memcached; chown ${USER} /var/log/memcached.log']
memcached:
+ start_order: 1
image: *memcached_image
net: host
privileged: false
@@ -70,6 +80,7 @@ outputs:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/memcached/etc/sysconfig/memcached:/etc/sysconfig/memcached:ro
+ # TODO(bogdando) capture memcached syslog logs from a container
command: ['/bin/bash', '-c', 'source /etc/sysconfig/memcached; /usr/bin/memcached -p ${PORT} -u ${USER} -m ${CACHESIZE} -c ${MAXCONN} $OPTIONS']
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
diff --git a/docker/services/mistral-api.yaml b/docker/services/mistral-api.yaml
index 652656ef..0684ee0c 100644
--- a/docker/services/mistral-api.yaml
+++ b/docker/services/mistral-api.yaml
@@ -66,14 +66,27 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/mistral_api.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/api.log --server=api
+ permissions:
+ - path: /var/log/mistral
+ owner: mistral:mistral
+ recurse: true
docker_config:
+ # db sync runs before permissions set by kolla_config
step_3:
- mistral_db_sync:
- start_order: 1
+ mistral_init_logs:
+ start_order: 0
image: &mistral_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerMistralApiImage} ]
+ privileged: false
+ user: root
+ volumes:
+ - /var/log/containers/mistral:/var/log/mistral
+ command: ['/bin/bash', '-c', 'chown -R mistral:mistral /var/log/mistral']
+ mistral_db_sync:
+ start_order: 1
+ image: *mistral_image
net: host
privileged: false
detach: false
@@ -82,6 +95,7 @@ outputs:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/mistral/etc/:/etc/:ro
+ - /var/log/containers/mistral:/var/log/mistral
command: ['mistral-db-manage', '--config-file', '/etc/mistral/mistral.conf', 'upgrade', 'head']
mistral_db_populate:
start_order: 2
@@ -94,6 +108,7 @@ outputs:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/mistral/etc/:/etc/:ro
+ - /var/log/containers/mistral:/var/log/mistral
# NOTE: dprince this requires that we install openstack-tripleo-common into
# the Mistral API image so that we get tripleo* actions
command: ['mistral-db-manage', '--config-file', '/etc/mistral/mistral.conf', 'populate']
@@ -110,8 +125,14 @@ outputs:
-
- /var/lib/kolla/config_files/mistral_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro
+ - /var/log/containers/mistral:/var/log/mistral
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/mistral
+ state: directory
upgrade_tasks:
- name: Stop and disable mistral_api service
tags: step2
diff --git a/docker/services/mistral-engine.yaml b/docker/services/mistral-engine.yaml
index 9d543da9..39ab5a87 100644
--- a/docker/services/mistral-engine.yaml
+++ b/docker/services/mistral-engine.yaml
@@ -67,6 +67,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/mistral_engine.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/engine.log --server=engine
+ permissions:
+ - path: /var/log/mistral
+ owner: mistral:mistral
+ recurse: true
docker_config:
step_4:
mistral_engine:
@@ -84,8 +88,14 @@ outputs:
- /run:/run
- /var/lib/kolla/config_files/mistral_engine.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro
+ - /var/log/containers/mistral:/var/log/mistral
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/mistral
+ state: directory
upgrade_tasks:
- name: Stop and disable mistral_engine service
tags: step2
diff --git a/docker/services/mistral-executor.yaml b/docker/services/mistral-executor.yaml
index 9c3bfb33..d878bb53 100644
--- a/docker/services/mistral-executor.yaml
+++ b/docker/services/mistral-executor.yaml
@@ -67,6 +67,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/mistral_executor.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/executor.log --server=executor
+ permissions:
+ - path: /var/log/mistral
+ owner: mistral:mistral
+ recurse: true
docker_config:
step_4:
mistral_executor:
@@ -88,8 +92,14 @@ outputs:
# initialization workflows on the Undercloud. Need to
# exclude this on the overcloud for security reasons.
- /var/lib/config-data/nova/etc/nova:/etc/nova:ro
+ - /var/log/containers/mistral:/var/log/mistral
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/mistral
+ state: directory
upgrade_tasks:
- name: Stop and disable mistral_executor service
tags: step2
diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml
index 06675089..7a422768 100644
--- a/docker/services/neutron-api.yaml
+++ b/docker/services/neutron-api.yaml
@@ -67,13 +67,27 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/neutron_api.json:
command: /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini
+ permissions:
+ - path: /var/log/neutron
+ owner: neutron:neutron
+ recurse: true
docker_config:
+ # db sync runs before permissions set by kolla_config
step_3:
- neutron_db_sync:
+ neutron_init_logs:
+ start_order: 0
image: &neutron_api_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerNeutronApiImage} ]
+ privileged: false
+ user: root
+ volumes:
+ - /var/log/containers/neutron:/var/log/neutron
+ command: ['/bin/bash', '-c', 'chown -R neutron:neutron /var/log/neutron']
+ neutron_db_sync:
+ start_order: 1
+ image: *neutron_api_image
net: host
privileged: false
detach: false
@@ -86,6 +100,7 @@ outputs:
-
- /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro
- /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro
+ - /var/log/containers/neutron:/var/log/neutron
command: ['neutron-db-manage', 'upgrade', 'heads']
step_4:
neutron_api:
@@ -99,8 +114,14 @@ outputs:
-
- /var/lib/kolla/config_files/neutron_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
+ - /var/log/containers/neutron:/var/log/neutron
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/neutron
+ state: directory
upgrade_tasks:
- name: Stop and disable neutron_api service
tags: step2
diff --git a/docker/services/neutron-dhcp.yaml b/docker/services/neutron-dhcp.yaml
index b17e97b1..985b2727 100644
--- a/docker/services/neutron-dhcp.yaml
+++ b/docker/services/neutron-dhcp.yaml
@@ -67,6 +67,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/neutron_dhcp.json:
command: /usr/bin/neutron-dhcp-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --log-file /var/log/neutron/dhcp-agent.log
+ permissions:
+ - path: /var/log/neutron
+ owner: neutron:neutron
+ recurse: true
docker_config:
step_4:
neutron_dhcp:
@@ -86,8 +90,14 @@ outputs:
- /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
- /lib/modules:/lib/modules:ro
- /run/:/run
+ - /var/log/containers/neutron:/var/log/neutron
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/neutron
+ state: directory
upgrade_tasks:
- name: Stop and disable neutron_dhcp service
tags: step2
diff --git a/docker/services/neutron-l3.yaml b/docker/services/neutron-l3.yaml
index c9441b11..77784ef8 100644
--- a/docker/services/neutron-l3.yaml
+++ b/docker/services/neutron-l3.yaml
@@ -63,6 +63,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/neutron-l3-agent.json:
command: /usr/bin/neutron-l3-agent --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/l3_agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini
+ permissions:
+ - path: /var/log/neutron
+ owner: neutron:neutron
+ recurse: true
docker_config:
step_4:
neutronl3agent:
@@ -82,5 +86,11 @@ outputs:
- /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
- /lib/modules:/lib/modules:ro
- /run:/run
+ - /var/log/containers/neutron:/var/log/neutron
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/neutron
+ state: directory
diff --git a/docker/services/neutron-ovs-agent.yaml b/docker/services/neutron-ovs-agent.yaml
index 70851f7d..48b67abe 100644
--- a/docker/services/neutron-ovs-agent.yaml
+++ b/docker/services/neutron-ovs-agent.yaml
@@ -57,7 +57,11 @@ outputs:
- [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchImage} ]
kolla_config:
/var/lib/kolla/config_files/neutron-openvswitch-agent.json:
- command: /usr/bin/neutron-openvswitch-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
+ command: /usr/bin/neutron-openvswitch-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
+ permissions:
+ - path: /var/log/neutron
+ owner: neutron:neutron
+ recurse: true
docker_config:
step_4:
neutronovsagent:
@@ -74,8 +78,14 @@ outputs:
- /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
- /lib/modules:/lib/modules:ro
- /run:/run
+ - /var/log/containers/neutron:/var/log/neutron
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/neutron
+ state: directory
upgrade_tasks:
- name: Stop and disable neutron_ovs_agent service
tags: step2
diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml
index 6817fc7f..f7904a71 100644
--- a/docker/services/nova-api.yaml
+++ b/docker/services/nova-api.yaml
@@ -70,20 +70,36 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/nova_api.json:
command: /usr/bin/nova-api
+ permissions:
+ - path: /var/log/nova
+ owner: nova:nova
+ recurse: true
docker_config:
+ # db sync runs before permissions set by kolla_config
step_3:
- nova_api_db_sync:
- start_order: 1
+ nova_init_logs:
+ start_order: 0
image: &nova_api_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerNovaApiImage} ]
+ privileged: false
+ user: root
+ volumes:
+ - /var/log/containers/nova:/var/log/nova
+ command: ['/bin/bash', '-c', 'chown -R nova:nova /var/log/nova']
+ nova_api_db_sync:
+ start_order: 1
+ image: *nova_api_image
net: host
detach: false
volumes: &nova_api_volumes
- - /var/lib/config-data/nova/etc/:/etc/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
+ - /var/log/containers/nova:/var/log/nova
command: ['/usr/bin/nova-manage', 'api_db', 'sync']
# FIXME: we probably want to wait on the 'cell_v2 update' in order for this
# to be capable of upgrading a baremetal setup. This is to ensure the name
@@ -128,12 +144,7 @@ outputs:
user: nova
privileged: true
restart: always
- volumes:
- list_concat:
- - {get_attr: [ContainersCommon, volumes]}
- -
- - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
+ volumes: *nova_api_volumes
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
step_5:
@@ -147,6 +158,11 @@ outputs:
- '/usr/bin/nova-manage'
- 'cell_v2'
- 'discover_hosts'
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/nova
+ state: directory
upgrade_tasks:
- name: Stop and disable nova_api service
tags: step2
diff --git a/docker/services/nova-compute.yaml b/docker/services/nova-compute.yaml
index 624596ec..3e146740 100644
--- a/docker/services/nova-compute.yaml
+++ b/docker/services/nova-compute.yaml
@@ -66,6 +66,13 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/nova-compute.json:
command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf
+ permissions:
+ - path: /var/log/nova
+ owner: nova:nova
+ recurse: true
+ - path: /var/lib/nova
+ owner: nova:nova
+ recurse: true
docker_config:
# FIXME: run discover hosts here
step_4:
@@ -87,13 +94,18 @@ outputs:
- /run:/run
- /var/lib/nova:/var/lib/nova
- /var/lib/libvirt:/var/lib/libvirt
+ - /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- - name: create /var/lib/libvirt
+ - name: create persistent directories
file:
- path: /var/lib/libvirt
+ path: "{{ item }}"
state: directory
+ with_items:
+ - /var/log/containers/nova
+ - /var/lib/nova
+ - /var/lib/libvirt
upgrade_tasks:
- name: Stop and disable nova-compute service
tags: step2
diff --git a/docker/services/nova-conductor.yaml b/docker/services/nova-conductor.yaml
index fc20422d..063e0167 100644
--- a/docker/services/nova-conductor.yaml
+++ b/docker/services/nova-conductor.yaml
@@ -65,6 +65,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/nova_conductor.json:
command: /usr/bin/nova-conductor
+ permissions:
+ - path: /var/log/nova
+ owner: nova:nova
+ recurse: true
docker_config:
step_4:
nova_conductor:
@@ -81,9 +85,14 @@ outputs:
-
- /var/lib/kolla/config_files/nova_conductor.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
- - /run:/run
+ - /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/nova
+ state: directory
upgrade_tasks:
- name: Stop and disable nova_conductor service
tags: step2
diff --git a/docker/services/nova-ironic.yaml b/docker/services/nova-ironic.yaml
index 3fd71d88..b0952b1d 100644
--- a/docker/services/nova-ironic.yaml
+++ b/docker/services/nova-ironic.yaml
@@ -59,7 +59,14 @@ outputs:
- [ {get_param: DockerNamespace}, {get_param: DockerNovaConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/nova_ironic.json:
- command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf
+ command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf
+ permissions:
+ - path: /var/log/nova
+ owner: nova:nova
+ recurse: true
+ - path: /var/lib/nova
+ owner: nova:nova
+ recurse: true
docker_config:
step_5:
novacompute:
@@ -81,8 +88,17 @@ outputs:
- /dev:/dev
- /etc/iscsi:/etc/iscsi
- /var/lib/nova/:/var/lib/nova
+ - /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent directories
+ file:
+ path: "{{ item }}"
+ state: directory
+ with_items:
+ - /var/log/containers/nova
+ - /var/lib/nova
upgrade_tasks:
- name: Stop and disable nova-compute service
tags: step2
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index 1b103df4..775a9daa 100644
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -72,6 +72,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/nova-libvirt.json:
command: /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf
+ permissions:
+ - path: /var/log/nova
+ owner: nova:nova
+ recurse: true
docker_config:
step_3:
nova_libvirt:
@@ -98,6 +102,7 @@ outputs:
- /var/run/libvirt:/var/run/libvirt
- /var/lib/libvirt:/var/lib/libvirt
- /etc/libvirt/qemu:/etc/libvirt/qemu
+ - /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
@@ -108,6 +113,7 @@ outputs:
with_items:
- /etc/libvirt/qemu
- /var/lib/libvirt
+ - /var/log/containers/nova
upgrade_tasks:
- name: Stop and disable libvirtd service
tags: step2
diff --git a/docker/services/nova-placement.yaml b/docker/services/nova-placement.yaml
index 7202ca42..944646e5 100644
--- a/docker/services/nova-placement.yaml
+++ b/docker/services/nova-placement.yaml
@@ -63,6 +63,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/nova_placement.json:
command: /usr/sbin/httpd -DFOREGROUND
+ permissions:
+ - path: /var/log/nova
+ owner: nova:nova
+ recurse: true
docker_config:
# start this early so it is up before computes start reporting
step_3:
@@ -80,8 +84,14 @@ outputs:
- /var/lib/config-data/nova_placement/etc/nova/:/etc/nova/:ro
- /var/lib/config-data/nova_placement/etc/httpd/:/etc/httpd/:ro
- /var/lib/config-data/nova_placement/var/www/:/var/www/:ro
+ - /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/nova
+ state: directory
upgrade_tasks:
- name: Stop and disable nova_placement service (running under httpd)
tags: step2
diff --git a/docker/services/nova-scheduler.yaml b/docker/services/nova-scheduler.yaml
index 9be24137..c6bf5c0a 100644
--- a/docker/services/nova-scheduler.yaml
+++ b/docker/services/nova-scheduler.yaml
@@ -64,6 +64,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/nova_scheduler.json:
command: /usr/bin/nova-scheduler
+ permissions:
+ - path: /var/log/nova
+ owner: nova:nova
+ recurse: true
docker_config:
step_4:
nova_scheduler:
@@ -81,8 +85,14 @@ outputs:
- /var/lib/kolla/config_files/nova_scheduler.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
- /run:/run
+ - /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/nova
+ state: directory
upgrade_tasks:
- name: Stop and disable nova_scheduler service
tags: step2
diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml
index cf0e1718..2eb50b35 100644
--- a/docker/services/panko-api.yaml
+++ b/docker/services/panko-api.yaml
@@ -72,15 +72,19 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/panko-api.json:
command: /usr/sbin/httpd -DFOREGROUND
+ permissions:
+ - path: /var/log/panko
+ owner: panko:panko
+ recurse: true
docker_config:
step_3:
panko-init-log:
start_order: 0
image: *panko_image
user: root
- command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && mkdir -p /var/log/panko && chown panko:panko /var/log/panko']
volumes:
- - logs:/var/log
+ - /var/log/containers/panko:/var/log/panko
+ command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd; chown -R panko:panko /var/log/panko']
panko_db_sync:
start_order: 1
image: *panko_image
@@ -92,7 +96,7 @@ outputs:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/panko/etc/panko:/etc/panko:ro
- - logs:/var/log
+ - /var/log/containers/panko:/var/log/panko
command: /usr/bin/panko-dbsync
step_4:
panko_api:
@@ -109,6 +113,7 @@ outputs:
- /var/lib/config-data/panko/etc/panko/:/etc/panko/:ro
- /var/lib/config-data/panko/etc/httpd/:/etc/httpd/:ro
- /var/lib/config-data/panko/var/www/:/var/www/:ro
+ - /var/log/containers/panko:/var/log/panko
-
if:
- internal_tls_enabled
@@ -121,5 +126,10 @@ outputs:
- ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/panko
+ state: directory
metadata_settings:
get_attr: [PankoApiPuppetBase, role_data, metadata_settings]
diff --git a/docker/services/rabbitmq.yaml b/docker/services/rabbitmq.yaml
index 3d647d5e..b6428fce 100644
--- a/docker/services/rabbitmq.yaml
+++ b/docker/services/rabbitmq.yaml
@@ -70,11 +70,24 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/rabbitmq.json:
command: /usr/lib/rabbitmq/bin/rabbitmq-server
+ permissions:
+ - path: /var/lib/rabbitmq
+ owner: rabbitmq:rabbitmq
+ recurse: true
docker_config:
+ # Kolla_bootstrap runs before permissions set by kolla_config
step_1:
- rabbitmq_bootstrap:
+ rabbitmq_init_logs:
start_order: 0
image: *rabbitmq_image
+ privileged: false
+ user: root
+ volumes:
+ - /var/log/containers/rabbitmq:/var/log/rabbitmq
+ command: ['/bin/bash', '-c', 'chown -R rabbitmq:rabbitmq /var/log/rabbitmq']
+ rabbitmq_bootstrap:
+ start_order: 1
+ image: *rabbitmq_image
net: host
privileged: false
volumes:
@@ -84,6 +97,7 @@ outputs:
- /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro
- /var/lib/rabbitmq:/var/lib/rabbitmq
+ - /var/log/containers/rabbitmq:/var/log/rabbitmq
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- KOLLA_BOOTSTRAP=True
@@ -99,7 +113,7 @@ outputs:
- {get_param: RabbitCookie}
- {get_param: [DefaultPasswords, rabbit_cookie]}
rabbitmq:
- start_order: 1
+ start_order: 2
image: *rabbitmq_image
net: host
privileged: false
@@ -111,6 +125,7 @@ outputs:
- /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro
- /var/lib/rabbitmq:/var/lib/rabbitmq
+ - /var/log/containers/rabbitmq:/var/log/rabbitmq
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
docker_puppet_tasks:
@@ -124,10 +139,13 @@ outputs:
- /var/lib/config-data/rabbitmq/etc/:/etc/
- /var/lib/rabbitmq:/var/lib/rabbitmq:ro
host_prep_tasks:
- - name: create /var/lib/rabbitmq
+ - name: create persistent directories
file:
- path: /var/lib/rabbitmq
+ path: "{{ item }}"
state: directory
+ with_items:
+ - /var/log/containers/rabbitmq
+ - /var/lib/rabbitmq
upgrade_tasks:
- name: Stop and disable rabbitmq service
tags: step2
diff --git a/docker/services/swift-proxy.yaml b/docker/services/swift-proxy.yaml
index 8ea42222..bcf24c33 100644
--- a/docker/services/swift-proxy.yaml
+++ b/docker/services/swift-proxy.yaml
@@ -60,6 +60,10 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/swift_proxy.json:
command: /usr/bin/swift-proxy-server /etc/swift/proxy-server.conf
+ permissions:
+ - path: /var/log/swift
+ owner: swift:swift
+ recurse: true
docker_config:
step_4:
swift_proxy:
@@ -78,13 +82,17 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- - name: create /srv/node
+ - name: create persistent directories
file:
- path: /srv/node
+ path: "{{ item }}"
state: directory
+ with_items:
+ - /var/log/containers/swift
+ - /srv/node
upgrade_tasks:
- name: Stop and disable swift_proxy service
tags: step2
diff --git a/docker/services/swift-storage.yaml b/docker/services/swift-storage.yaml
index b4a6a940..6d60dde6 100644
--- a/docker/services/swift-storage.yaml
+++ b/docker/services/swift-storage.yaml
@@ -96,6 +96,10 @@ outputs:
command: /usr/bin/swift-object-updater /etc/swift/object-server.conf
/var/lib/kolla/config_files/swift_object_server.json:
command: /usr/bin/swift-object-server /etc/swift/object-server.conf
+ permissions:
+ - path: /var/log/swift
+ owner: swift:swift
+ recurse: true
docker_config:
step_3:
# The puppet config sets this up but we don't have a way to mount the named
@@ -125,6 +129,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: &kolla_env
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
swift_account_reaper:
@@ -141,6 +146,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_account_replicator:
image: *swift_account_image
@@ -156,6 +162,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_account_server:
image: *swift_account_image
@@ -171,6 +178,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_container_auditor:
image: &swift_container_image
@@ -189,6 +197,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_container_replicator:
image: *swift_container_image
@@ -204,6 +213,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_container_updater:
image: *swift_container_image
@@ -219,6 +229,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_container_server:
image: *swift_container_image
@@ -234,6 +245,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_object_auditor:
image: &swift_object_image
@@ -252,6 +264,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_object_expirer:
image: *swift_proxy_image
@@ -267,6 +280,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_object_replicator:
image: *swift_object_image
@@ -282,6 +296,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_object_updater:
image: *swift_object_image
@@ -297,6 +312,7 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_object_server:
image: *swift_object_image
@@ -312,12 +328,16 @@ outputs:
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
+ - /var/log/containers/swift:/var/log/swift
environment: *kolla_env
host_prep_tasks:
- - name: create /srv/node
+ - name: create persistent directories
file:
- path: /srv/node
+ path: "{{ item }}"
state: directory
+ with_items:
+ - /var/log/containers/swift
+ - /srv/node
upgrade_tasks:
- name: Stop and disable swift storage services
tags: step2
diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml
index c450fe2f..5ba044ea 100644
--- a/docker/services/zaqar.yaml
+++ b/docker/services/zaqar.yaml
@@ -62,6 +62,10 @@ outputs:
command: /usr/bin/zaqar-server --config-file /etc/zaqar/zaqar.conf
/var/lib/kolla/config_files/zaqar_websocket.json:
command: /usr/bin/zaqar-server --config-file /etc/zaqar/zaqar.conf --config-file /etc/zaqar/1.conf
+ permissions:
+ - path: /var/log/zaqar
+ owner: zaqar:zaqar
+ recurse: true
docker_config:
step_4:
zaqar:
@@ -75,6 +79,9 @@ outputs:
-
- /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro
+ - /var/lib/config-data/zaqar/var/www/:/var/www/:ro
+ - /var/lib/config-data/zaqar/etc/httpd/:/etc/httpd/:ro
+ - /var/log/containers/zaqar:/var/log/zaqar
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
zaqar_websocket:
@@ -88,8 +95,16 @@ outputs:
-
- /var/lib/kolla/config_files/zaqar_websocket.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro
+ - /var/lib/config-data/zaqar/var/www/:/var/www/:ro
+ - /var/lib/config-data/zaqar/etc/httpd/:/etc/httpd/:ro
+ - /var/log/containers/zaqar:/var/log/zaqar
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/zaqar
+ state: directory
upgrade_tasks:
- name: Stop and disable zaqar service
tags: step2