summaryrefslogtreecommitdiffstats
path: root/docker
diff options
context:
space:
mode:
Diffstat (limited to 'docker')
-rwxr-xr-xdocker/docker-puppet.py4
-rw-r--r--docker/services/aodh-api.yaml1
-rw-r--r--docker/services/aodh-evaluator.yaml1
-rw-r--r--docker/services/aodh-listener.yaml1
-rw-r--r--docker/services/aodh-notifier.yaml1
-rw-r--r--docker/services/ceilometer-agent-central.yaml113
-rw-r--r--docker/services/ceilometer-agent-compute.yaml91
-rw-r--r--docker/services/ceilometer-agent-notification.yaml113
-rw-r--r--docker/services/database/mongodb.yaml1
-rw-r--r--docker/services/database/mysql.yaml1
-rw-r--r--docker/services/database/redis.yaml1
-rw-r--r--docker/services/glance-api.yaml1
-rw-r--r--docker/services/gnocchi-api.yaml1
-rw-r--r--docker/services/gnocchi-metricd.yaml1
-rw-r--r--docker/services/gnocchi-statsd.yaml1
-rw-r--r--docker/services/heat-api-cfn.yaml1
-rw-r--r--docker/services/heat-api.yaml1
-rw-r--r--docker/services/heat-engine.yaml1
-rw-r--r--docker/services/ironic-api.yaml1
-rw-r--r--docker/services/ironic-conductor.yaml1
-rw-r--r--docker/services/ironic-pxe.yaml1
-rw-r--r--docker/services/keystone.yaml1
-rw-r--r--docker/services/memcached.yaml1
-rw-r--r--docker/services/mistral-api.yaml1
-rw-r--r--docker/services/mistral-engine.yaml1
-rw-r--r--docker/services/mistral-executor.yaml1
-rw-r--r--docker/services/neutron-api.yaml59
-rw-r--r--docker/services/neutron-dhcp.yaml3
-rw-r--r--docker/services/neutron-l3.yaml3
-rw-r--r--docker/services/neutron-ovs-agent.yaml14
-rw-r--r--docker/services/neutron-plugin-ml2.yaml3
-rw-r--r--docker/services/nova-api.yaml1
-rw-r--r--docker/services/nova-compute.yaml1
-rw-r--r--docker/services/nova-conductor.yaml1
-rw-r--r--docker/services/nova-ironic.yaml1
-rw-r--r--docker/services/nova-libvirt.yaml1
-rw-r--r--docker/services/nova-metadata.yaml2
-rw-r--r--docker/services/nova-placement.yaml1
-rw-r--r--docker/services/nova-scheduler.yaml1
-rw-r--r--docker/services/panko-api.yaml1
-rw-r--r--docker/services/rabbitmq.yaml1
-rw-r--r--docker/services/services.yaml1
-rw-r--r--docker/services/swift-proxy.yaml1
-rw-r--r--docker/services/swift-ringbuilder.yaml1
-rw-r--r--docker/services/swift-storage.yaml1
-rw-r--r--docker/services/zaqar.yaml1
46 files changed, 418 insertions, 23 deletions
diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py
index f1594d2d..49dd00cd 100755
--- a/docker/docker-puppet.py
+++ b/docker/docker-puppet.py
@@ -253,7 +253,9 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume
log.debug(cmd_stderr)
if subproc.returncode != 0:
log.error('Failed running docker-puppet.py for %s' % config_volume)
- rm_container('docker-puppet-%s' % config_volume)
+ else:
+ # only delete successful runs, for debugging
+ rm_container('docker-puppet-%s' % config_volume)
return subproc.returncode
# Holds all the information for each process to consume.
diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml
index 9ba0ec03..8a02d8fd 100644
--- a/docker/services/aodh-api.yaml
+++ b/docker/services/aodh-api.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EnableInternalTLS:
type: boolean
default: false
diff --git a/docker/services/aodh-evaluator.yaml b/docker/services/aodh-evaluator.yaml
index b4036c00..9d514d0c 100644
--- a/docker/services/aodh-evaluator.yaml
+++ b/docker/services/aodh-evaluator.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/aodh-listener.yaml b/docker/services/aodh-listener.yaml
index 61153089..dac61087 100644
--- a/docker/services/aodh-listener.yaml
+++ b/docker/services/aodh-listener.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/aodh-notifier.yaml b/docker/services/aodh-notifier.yaml
index 11ca12f9..a22ae85e 100644
--- a/docker/services/aodh-notifier.yaml
+++ b/docker/services/aodh-notifier.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/ceilometer-agent-central.yaml b/docker/services/ceilometer-agent-central.yaml
new file mode 100644
index 00000000..94caded8
--- /dev/null
+++ b/docker/services/ceilometer-agent-central.yaml
@@ -0,0 +1,113 @@
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Ceilometer Agent Central service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerCeilometerCentralImage:
+ description: image
+ default: 'centos-binary-ceilometer-central:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ CeilometerAgentCentralBase:
+ type: ../../puppet/services/ceilometer-agent-central.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Ceilometer Agent Central role.
+ value:
+ service_name: {get_attr: [CeilometerAgentCentralBase, role_data, service_name]}
+ config_settings: {get_attr: [CeilometerAgentCentralBase, role_data, config_settings]}
+ step_config: &step_config
+ get_attr: [CeilometerAgentCentralBase, role_data, step_config]
+ service_config_settings: {get_attr: [CeilometerAgentCentralBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: ceilometer
+ puppet_tags: ceilometer_config
+ step_config: *step_config
+ config_image: &ceilometer_agent_central_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerCeilometerCentralImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/ceilometer-agent-central.json:
+ command: /usr/bin/ceilometer-polling --polling-namespaces central
+ docker_config:
+ step_3:
+ ceilometer_init_log:
+ start_order: 0
+ image: *ceilometer_agent_central_image
+ user: root
+ command: ['/bin/bash', '-c', 'chown -R ceilometer:ceilometer /var/log/ceilometer']
+ volumes:
+ - /var/log/containers/ceilometer:/var/log/ceilometer
+ step_4:
+ ceilometer_agent_central:
+ image: *ceilometer_agent_central_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/ceilometer-agent-central.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ step_5:
+ ceilometer_gnocchi_upgrade:
+ start_order: 1
+ image: *ceilometer_agent_central_image
+ net: host
+ detach: false
+ privileged: false
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro
+ - /var/log/containers/ceilometer:/var/log/ceilometer
+ command: ["/usr/bin/ceilometer-upgrade", "--skip-metering-database"]
+ upgrade_tasks:
+ - name: Stop and disable ceilometer agent central service
+ tags: step2
+ service: name=openstack-ceilometer-agent-central state=stopped enabled=no
diff --git a/docker/services/ceilometer-agent-compute.yaml b/docker/services/ceilometer-agent-compute.yaml
new file mode 100644
index 00000000..9033cf4a
--- /dev/null
+++ b/docker/services/ceilometer-agent-compute.yaml
@@ -0,0 +1,91 @@
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Ceilometer Agent Compute service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerCeilometerComputeImage:
+ description: image
+ default: 'centos-binary-ceilometer-compute:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ CeilometerAgentComputeBase:
+ type: ../../puppet/services/ceilometer-agent-compute.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Ceilometer Agent Compute role.
+ value:
+ service_name: {get_attr: [CeilometerAgentComputeBase, role_data, service_name]}
+ config_settings: {get_attr: [CeilometerAgentComputeBase, role_data, config_settings]}
+ step_config: &step_config
+ get_attr: [CeilometerAgentComputeBase, role_data, step_config]
+ service_config_settings: {get_attr: [CeilometerAgentComputeBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: ceilometer
+ puppet_tags: ceilometer_config
+ step_config: *step_config
+ config_image: &ceilometer_agent_compute_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerCeilometerComputeImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/ceilometer-agent-compute.json:
+ command: /usr/bin/ceilometer-polling --polling-namespaces compute
+ docker_config:
+ step_4:
+ ceilometer_agent-compute:
+ image: *ceilometer_agent_compute_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/ceilometer-agent-compute.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ upgrade_tasks:
+ - name: Stop and disable ceilometer-agent-compute service
+ tags: step2
+ service: name=openstack-ceilometer-agent-compute state=stopped enabled=no
diff --git a/docker/services/ceilometer-agent-notification.yaml b/docker/services/ceilometer-agent-notification.yaml
new file mode 100644
index 00000000..79df3306
--- /dev/null
+++ b/docker/services/ceilometer-agent-notification.yaml
@@ -0,0 +1,113 @@
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Ceilometer Agent Notification service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerCeilometerNotificationImage:
+ description: image
+ default: 'centos-binary-ceilometer-notification:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ CeilometerAgentNotificationBase:
+ type: ../../puppet/services/ceilometer-agent-notification.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Ceilometer Agent Notification role.
+ value:
+ service_name: {get_attr: [CeilometerAgentNotificationBase, role_data, service_name]}
+ config_settings: {get_attr: [CeilometerAgentNotificationBase, role_data, config_settings]}
+ step_config: &step_config
+ get_attr: [CeilometerAgentNotificationBase, role_data, step_config]
+ service_config_settings: {get_attr: [CeilometerAgentNotificationBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: ceilometer
+ puppet_tags: ceilometer_config
+ step_config: *step_config
+ config_image: &ceilometer_agent_notification_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerCeilometerNotificationImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/ceilometer-agent-notification.json:
+ command: /usr/bin/ceilometer-agent-notification
+ docker_config:
+ step_3:
+ ceilometer_init_log:
+ start_order: 0
+ image: *ceilometer_agent_notification_image
+ user: root
+ command: ['/bin/bash', '-c', 'chown -R ceilometer:ceilometer /var/log/ceilometer']
+ volumes:
+ - /var/log/containers/ceilometer:/var/log/ceilometer
+ step_4:
+ ceilometer_agent-notification:
+ image: *ceilometer_agent_notification_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/ceilometer-agent-notification.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ step_5:
+ ceilometer_gnocchi_upgrade:
+ start_order: 1
+ image: *ceilometer_agent_notification_image
+ net: host
+ detach: false
+ privileged: false
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro
+ - /var/log/containers/ceilometer:/var/log/ceilometer
+ command: ["/usr/bin/ceilometer-upgrade", "--skip-metering-database"]
+ upgrade_tasks:
+ - name: Stop and disable ceilometer agent notification service
+ tags: step2
+ service: name=openstack-ceilometer-notification state=stopped enabled=no
diff --git a/docker/services/database/mongodb.yaml b/docker/services/database/mongodb.yaml
index 437e6c82..ed4e3177 100644
--- a/docker/services/database/mongodb.yaml
+++ b/docker/services/database/mongodb.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/database/mysql.yaml b/docker/services/database/mysql.yaml
index cc9f6eab..3a4de24f 100644
--- a/docker/services/database/mysql.yaml
+++ b/docker/services/database/mysql.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
MysqlRootPassword:
type: string
hidden: true
diff --git a/docker/services/database/redis.yaml b/docker/services/database/redis.yaml
index fbf53cb9..86c44900 100644
--- a/docker/services/database/redis.yaml
+++ b/docker/services/database/redis.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/glance-api.yaml b/docker/services/glance-api.yaml
index c474131d..ef1e00ed 100644
--- a/docker/services/glance-api.yaml
+++ b/docker/services/glance-api.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EnableInternalTLS:
type: boolean
default: false
diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml
index 4770533b..9b474731 100644
--- a/docker/services/gnocchi-api.yaml
+++ b/docker/services/gnocchi-api.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EnableInternalTLS:
type: boolean
default: false
diff --git a/docker/services/gnocchi-metricd.yaml b/docker/services/gnocchi-metricd.yaml
index 9ddc3afb..2724805b 100644
--- a/docker/services/gnocchi-metricd.yaml
+++ b/docker/services/gnocchi-metricd.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/gnocchi-statsd.yaml b/docker/services/gnocchi-statsd.yaml
index 99a94960..305971f1 100644
--- a/docker/services/gnocchi-statsd.yaml
+++ b/docker/services/gnocchi-statsd.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/heat-api-cfn.yaml b/docker/services/heat-api-cfn.yaml
index 6cfc8ecc..2631928f 100644
--- a/docker/services/heat-api-cfn.yaml
+++ b/docker/services/heat-api-cfn.yaml
@@ -38,6 +38,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EnableInternalTLS:
type: boolean
default: false
diff --git a/docker/services/heat-api.yaml b/docker/services/heat-api.yaml
index 9c0ec23c..b2f4eb64 100644
--- a/docker/services/heat-api.yaml
+++ b/docker/services/heat-api.yaml
@@ -38,6 +38,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EnableInternalTLS:
type: boolean
default: false
diff --git a/docker/services/heat-engine.yaml b/docker/services/heat-engine.yaml
index 02f7febe..8c554a50 100644
--- a/docker/services/heat-engine.yaml
+++ b/docker/services/heat-engine.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml
index 8d2f6221..300aa0bd 100644
--- a/docker/services/ironic-api.yaml
+++ b/docker/services/ironic-api.yaml
@@ -37,6 +37,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/ironic-conductor.yaml b/docker/services/ironic-conductor.yaml
index 70367615..360eb669 100644
--- a/docker/services/ironic-conductor.yaml
+++ b/docker/services/ironic-conductor.yaml
@@ -37,6 +37,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/ironic-pxe.yaml b/docker/services/ironic-pxe.yaml
index baf03c0f..bc828e65 100644
--- a/docker/services/ironic-pxe.yaml
+++ b/docker/services/ironic-pxe.yaml
@@ -37,6 +37,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml
index 86ef094c..ca643749 100644
--- a/docker/services/keystone.yaml
+++ b/docker/services/keystone.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
AdminPassword:
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
diff --git a/docker/services/memcached.yaml b/docker/services/memcached.yaml
index 38a75d2d..d85a0878 100644
--- a/docker/services/memcached.yaml
+++ b/docker/services/memcached.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/mistral-api.yaml b/docker/services/mistral-api.yaml
index e5e2ff0b..3b256fdd 100644
--- a/docker/services/mistral-api.yaml
+++ b/docker/services/mistral-api.yaml
@@ -37,6 +37,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/mistral-engine.yaml b/docker/services/mistral-engine.yaml
index feef9c81..d60d847b 100644
--- a/docker/services/mistral-engine.yaml
+++ b/docker/services/mistral-engine.yaml
@@ -37,6 +37,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/mistral-executor.yaml b/docker/services/mistral-executor.yaml
index 90415874..76ae052b 100644
--- a/docker/services/mistral-executor.yaml
+++ b/docker/services/mistral-executor.yaml
@@ -37,6 +37,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml
index 485b02e6..748371d5 100644
--- a/docker/services/neutron-api.yaml
+++ b/docker/services/neutron-api.yaml
@@ -15,7 +15,7 @@ parameters:
# we configure all neutron services in the same neutron
DockerNeutronConfigImage:
description: image
- default: 'centos-binary-neutron-openvswitch-agent:latest'
+ default: 'centos-binary-neutron-server:latest'
type: string
EndpointMap:
default: {}
@@ -38,6 +38,14 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
@@ -80,6 +88,8 @@ outputs:
- path: /var/log/neutron
owner: neutron:neutron
recurse: true
+ /var/lib/kolla/config_files/neutron_server_tls_proxy.json:
+ command: /usr/sbin/httpd -DFOREGROUND
docker_config:
# db sync runs before permissions set by kolla_config
step_3:
@@ -112,20 +122,39 @@ outputs:
- /var/log/containers/neutron:/var/log/neutron
command: ['neutron-db-manage', 'upgrade', 'heads']
step_4:
- neutron_api:
- image: *neutron_api_image
- net: host
- privileged: false
- restart: always
- volumes:
- list_concat:
- - {get_attr: [ContainersCommon, volumes]}
- -
- - /var/lib/kolla/config_files/neutron_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
- - /var/log/containers/neutron:/var/log/neutron
- environment:
- - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ map_merge:
+ - neutron_api:
+ image: *neutron_api_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/neutron_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
+ - /var/log/containers/neutron:/var/log/neutron
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ - if:
+ - internal_tls_enabled
+ - neutron_server_tls_proxy:
+ image: *neutron_api_image
+ net: host
+ user: root
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/neutron_server_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/neutron/etc/httpd/:/etc/httpd/:ro
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ - {}
host_prep_tasks:
- name: create persistent logs directory
file:
diff --git a/docker/services/neutron-dhcp.yaml b/docker/services/neutron-dhcp.yaml
index 68d9994e..d14f5251 100644
--- a/docker/services/neutron-dhcp.yaml
+++ b/docker/services/neutron-dhcp.yaml
@@ -15,7 +15,7 @@ parameters:
# we configure all neutron services in the same neutron
DockerNeutronConfigImage:
description: image
- default: 'centos-binary-neutron-openvswitch-agent:latest'
+ default: 'centos-binary-neutron-server:latest'
type: string
EndpointMap:
default: {}
@@ -38,6 +38,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/neutron-l3.yaml b/docker/services/neutron-l3.yaml
index 83dae627..97901bc8 100644
--- a/docker/services/neutron-l3.yaml
+++ b/docker/services/neutron-l3.yaml
@@ -15,7 +15,7 @@ parameters:
# we configure all neutron services in the same neutron
DockerNeutronConfigImage:
description: image
- default: 'centos-binary-neutron-openvswitch-agent:latest'
+ default: 'centos-binary-neutron-server:latest'
type: string
ServiceNetMap:
default: {}
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
diff --git a/docker/services/neutron-ovs-agent.yaml b/docker/services/neutron-ovs-agent.yaml
index ac52b378..89bf8663 100644
--- a/docker/services/neutron-ovs-agent.yaml
+++ b/docker/services/neutron-ovs-agent.yaml
@@ -12,6 +12,10 @@ parameters:
description: image
default: 'centos-binary-neutron-openvswitch-agent:latest'
type: string
+ DockerNeutronConfigImage:
+ description: image
+ default: 'centos-binary-neutron-server:latest'
+ type: string
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -28,6 +32,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@@ -60,10 +65,10 @@ outputs:
config_volume: neutron
puppet_tags: neutron_config,neutron_agent_ovs,neutron_plugin_ml2
step_config: *step_config
- config_image: &neutron_ovs_agent_image
+ config_image:
list_join:
- '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchImage} ]
+ - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/neutron-openvswitch-agent.json:
command: /usr/bin/neutron-openvswitch-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
@@ -74,7 +79,10 @@ outputs:
docker_config:
step_4:
neutronovsagent:
- image: *neutron_ovs_agent_image
+ image: &neutron_ovs_agent_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchImage} ]
net: host
pid: host
privileged: true
diff --git a/docker/services/neutron-plugin-ml2.yaml b/docker/services/neutron-plugin-ml2.yaml
index 66a1397c..2e5384ea 100644
--- a/docker/services/neutron-plugin-ml2.yaml
+++ b/docker/services/neutron-plugin-ml2.yaml
@@ -21,7 +21,7 @@ parameters:
type: string
DockerNeutronConfigImage:
description: image
- default: 'centos-binary-neutron-openvswitch-agent:latest'
+ default: 'centos-binary-neutron-server:latest'
type: string
DefaultPasswords:
default: {}
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml
index 627d1b48..d571b21b 100644
--- a/docker/services/nova-api.yaml
+++ b/docker/services/nova-api.yaml
@@ -37,6 +37,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/nova-compute.yaml b/docker/services/nova-compute.yaml
index 540e831a..4f10a1a3 100644
--- a/docker/services/nova-compute.yaml
+++ b/docker/services/nova-compute.yaml
@@ -28,6 +28,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
diff --git a/docker/services/nova-conductor.yaml b/docker/services/nova-conductor.yaml
index 1a0e8641..131355d7 100644
--- a/docker/services/nova-conductor.yaml
+++ b/docker/services/nova-conductor.yaml
@@ -37,6 +37,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/nova-ironic.yaml b/docker/services/nova-ironic.yaml
index 668cbf00..be0dd111 100644
--- a/docker/services/nova-ironic.yaml
+++ b/docker/services/nova-ironic.yaml
@@ -32,6 +32,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index cc0640de..ebf0da7d 100644
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -34,6 +34,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
diff --git a/docker/services/nova-metadata.yaml b/docker/services/nova-metadata.yaml
index 95d781c7..2aebbb2f 100644
--- a/docker/services/nova-metadata.yaml
+++ b/docker/services/nova-metadata.yaml
@@ -25,7 +25,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
-
+ type: json
resources:
diff --git a/docker/services/nova-placement.yaml b/docker/services/nova-placement.yaml
index 528a20ea..ae4ccf68 100644
--- a/docker/services/nova-placement.yaml
+++ b/docker/services/nova-placement.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/nova-scheduler.yaml b/docker/services/nova-scheduler.yaml
index bcd9f7b5..6285e98e 100644
--- a/docker/services/nova-scheduler.yaml
+++ b/docker/services/nova-scheduler.yaml
@@ -37,6 +37,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml
index b2abc068..46cfa5ab 100644
--- a/docker/services/panko-api.yaml
+++ b/docker/services/panko-api.yaml
@@ -35,6 +35,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EnableInternalTLS:
type: boolean
default: false
diff --git a/docker/services/rabbitmq.yaml b/docker/services/rabbitmq.yaml
index 92c8d9f6..e2f8228e 100644
--- a/docker/services/rabbitmq.yaml
+++ b/docker/services/rabbitmq.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
RabbitCookie:
type: string
default: ''
diff --git a/docker/services/services.yaml b/docker/services/services.yaml
index 31def7f3..15f1bf02 100644
--- a/docker/services/services.yaml
+++ b/docker/services/services.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources:
diff --git a/docker/services/swift-proxy.yaml b/docker/services/swift-proxy.yaml
index 988bb399..60972f91 100644
--- a/docker/services/swift-proxy.yaml
+++ b/docker/services/swift-proxy.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EnableInternalTLS:
type: boolean
default: false
diff --git a/docker/services/swift-ringbuilder.yaml b/docker/services/swift-ringbuilder.yaml
index f98e23fd..9ced8f27 100644
--- a/docker/services/swift-ringbuilder.yaml
+++ b/docker/services/swift-ringbuilder.yaml
@@ -28,6 +28,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
diff --git a/docker/services/swift-storage.yaml b/docker/services/swift-storage.yaml
index f99eb068..017fb123 100644
--- a/docker/services/swift-storage.yaml
+++ b/docker/services/swift-storage.yaml
@@ -39,6 +39,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml
index 744a0c1e..594df693 100644
--- a/docker/services/zaqar.yaml
+++ b/docker/services/zaqar.yaml
@@ -33,6 +33,7 @@ parameters:
RoleParameters:
default: {}
description: Parameters specific to the role
+ type: json
resources: