diff options
Diffstat (limited to 'docker')
76 files changed, 925 insertions, 240 deletions
diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py index 4c193e49..01acde03 100755 --- a/docker/docker-puppet.py +++ b/docker/docker-puppet.py @@ -195,15 +195,17 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume TAGS="--tags \"$PUPPET_TAGS\"" fi - # workaround LP1696283 - mkdir -p /etc/ssh - touch /etc/ssh/ssh_known_hosts + # Create a reference timestamp to easily find all files touched by + # puppet. The sync ensures we get all the files we want due to + # different timestamp. + touch /tmp/the_origin_of_time + sync FACTER_hostname=$HOSTNAME FACTER_uuid=docker /usr/bin/puppet apply --verbose $TAGS /etc/config.pp # Disables archiving if [ -z "$NO_ARCHIVE" ]; then - archivedirs=("/etc" "/root" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www") + archivedirs=("/etc" "/root" "/opt" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www" "/var/spool/cron") rsync_srcs="" for d in "${archivedirs[@]}"; do if [ -d "$d" ]; then @@ -216,7 +218,7 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume # This is useful for debugging mkdir -p /var/lib/config-data/puppet-generated/${NAME} rsync -a -R -0 --delay-updates --delete-after \ - --files-from=<(find $rsync_srcs -newer /etc/ssh/ssh_known_hosts -print0) \ + --files-from=<(find $rsync_srcs -newer /tmp/the_origin_of_time -not -path '/etc/puppet*' -print0) \ / /var/lib/config-data/puppet-generated/${NAME} # Write a checksum of the config-data dir, this is used as a @@ -306,9 +308,9 @@ for config_volume in configs: volumes = service[4] if len(service) > 4 else [] if puppet_tags: - puppet_tags = "file,file_line,concat,augeas,%s" % puppet_tags + puppet_tags = "file,file_line,concat,augeas,cron,%s" % puppet_tags else: - puppet_tags = "file,file_line,concat,augeas" + puppet_tags = "file,file_line,concat,augeas,cron" process_map.append([config_volume, puppet_tags, manifest, config_image, volumes]) diff --git a/docker/services/README.rst b/docker/services/README.rst index 84ac842e..ce255ba8 100644 --- a/docker/services/README.rst +++ b/docker/services/README.rst @@ -74,7 +74,7 @@ are re-asserted when applying latter ones. * puppet_tags: Puppet resource tag names that are used to generate config files with puppet. Only the named config resources are used to generate a config file. Any service that specifies tags will have the default - tags of 'file,concat,file_line,augeas' appended to the setting. + tags of 'file,concat,file_line,augeas,cron' appended to the setting. Example: keystone_config * config_volume: The name of the volume (directory) where config files diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml index 3be0f182..fc1c3168 100644 --- a/docker/services/aodh-api.yaml +++ b/docker/services/aodh-api.yaml @@ -84,6 +84,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/aodh_api.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/aodh owner: aodh:aodh @@ -125,11 +130,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/aodh_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro - - /var/lib/config-data/aodh/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/aodh/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/aodh/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro - - /var/lib/config-data/aodh/var/www/:/var/www/:ro + - /var/lib/config-data/puppet-generated/aodh/:/var/lib/kolla/config_files/src:ro - /var/log/containers/aodh:/var/log/aodh - if: diff --git a/docker/services/aodh-evaluator.yaml b/docker/services/aodh-evaluator.yaml index 108a5527..2398baab 100644 --- a/docker/services/aodh-evaluator.yaml +++ b/docker/services/aodh-evaluator.yaml @@ -76,6 +76,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/aodh_evaluator.json: command: /usr/bin/aodh-evaluator + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/aodh owner: aodh:aodh @@ -95,7 +100,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/aodh_evaluator.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro + - /var/lib/config-data/puppet-generated/aodh/:/var/lib/kolla/config_files/src:ro - /var/log/containers/aodh:/var/log/aodh environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/aodh-listener.yaml b/docker/services/aodh-listener.yaml index d78af5b2..9e89385d 100644 --- a/docker/services/aodh-listener.yaml +++ b/docker/services/aodh-listener.yaml @@ -76,6 +76,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/aodh_listener.json: command: /usr/bin/aodh-listener + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/aodh owner: aodh:aodh @@ -95,7 +100,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/aodh_listener.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro + - /var/lib/config-data/puppet-generated/aodh/:/var/lib/kolla/config_files/src:ro - /var/log/containers/aodh:/var/log/aodh environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/aodh-notifier.yaml b/docker/services/aodh-notifier.yaml index abfb3745..0fc65fff 100644 --- a/docker/services/aodh-notifier.yaml +++ b/docker/services/aodh-notifier.yaml @@ -76,6 +76,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/aodh_notifier.json: command: /usr/bin/aodh-notifier + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/aodh owner: aodh:aodh @@ -95,7 +100,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/aodh_notifier.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro + - /var/lib/config-data/puppet-generated/aodh/:/var/lib/kolla/config_files/src:ro - /var/log/containers/aodh:/var/log/aodh environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/ceilometer-agent-central.yaml b/docker/services/ceilometer-agent-central.yaml index af1f47ad..cef7b88d 100644 --- a/docker/services/ceilometer-agent-central.yaml +++ b/docker/services/ceilometer-agent-central.yaml @@ -74,6 +74,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/ceilometer_agent_central.json: command: /usr/bin/ceilometer-polling --polling-namespaces central + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_3: ceilometer_init_log: @@ -97,7 +102,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/ceilometer_agent_central.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro + - /var/lib/config-data/puppet-generated/ceilometer/:/var/lib/kolla/config_files/src:ro environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS step_5: diff --git a/docker/services/ceilometer-agent-compute.yaml b/docker/services/ceilometer-agent-compute.yaml index 3cc440be..ecb8e899 100644 --- a/docker/services/ceilometer-agent-compute.yaml +++ b/docker/services/ceilometer-agent-compute.yaml @@ -74,6 +74,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/ceilometer_agent_compute.json: command: /usr/bin/ceilometer-polling --polling-namespaces compute + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_4: ceilometer_agent_compute: @@ -89,7 +94,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/ceilometer_agent_compute.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro + - /var/lib/config-data/puppet-generated/ceilometer/:/var/lib/kolla/config_files/src:ro - /var/run/libvirt:/var/run/libvirt:ro environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/ceilometer-agent-ipmi.yaml b/docker/services/ceilometer-agent-ipmi.yaml index 7d02939d..4bf75153 100644 --- a/docker/services/ceilometer-agent-ipmi.yaml +++ b/docker/services/ceilometer-agent-ipmi.yaml @@ -74,6 +74,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/ceilometer-agent-ipmi.json: command: /usr/bin/ceilometer-polling --polling-namespaces ipmi + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_3: ceilometer_init_log: @@ -97,7 +102,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/ceilometer-agent-ipmi.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro + - /var/lib/config-data/puppet-generated/ceilometer/:/var/lib/kolla/config_files/src:ro environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS upgrade_tasks: diff --git a/docker/services/ceilometer-agent-notification.yaml b/docker/services/ceilometer-agent-notification.yaml index b2e85bb6..a1579cc5 100644 --- a/docker/services/ceilometer-agent-notification.yaml +++ b/docker/services/ceilometer-agent-notification.yaml @@ -74,6 +74,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/ceilometer_agent_notification.json: command: /usr/bin/ceilometer-agent-notification + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_3: ceilometer_init_log: @@ -97,7 +102,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/ceilometer_agent_notification.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro + - /var/lib/config-data/puppet-generated/ceilometer/:/var/lib/kolla/config_files/src:ro environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS upgrade_tasks: diff --git a/docker/services/cinder-api.yaml b/docker/services/cinder-api.yaml index 6a5d74bd..07315e7e 100644 --- a/docker/services/cinder-api.yaml +++ b/docker/services/cinder-api.yaml @@ -81,6 +81,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/cinder_api.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/cinder owner: cinder:cinder @@ -128,9 +133,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/cinder_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/cinder/etc/cinder/:/etc/cinder/:ro - - /var/lib/config-data/cinder/etc/httpd/:/etc/httpd/:ro - - /var/lib/config-data/cinder/var/www/:/var/www/:ro + - /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro - /var/log/containers/cinder:/var/log/cinder - if: diff --git a/docker/services/cinder-backup.yaml b/docker/services/cinder-backup.yaml index 2cde6f1d..8de1201f 100644 --- a/docker/services/cinder-backup.yaml +++ b/docker/services/cinder-backup.yaml @@ -75,6 +75,19 @@ outputs: kolla_config: /var/lib/kolla/config_files/cinder_backup.json: command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf + config_files: + # NOTE(mandre): the copy of ceph conf will need to go once we + # generate a ceph.conf for cinder in puppet + # Copy ceph config files before cinder ones as a precaution, for + # the later one to take precendence in case of duplicate files. + - source: "/var/lib/kolla/config_files/src-ceph/*" + dest: "/" + merge: true + preserve_properties: true + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/lib/cinder owner: cinder:cinder @@ -106,8 +119,9 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/cinder_backup.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/cinder/etc/cinder/:/etc/cinder/:ro - - /var/lib/config-data/ceph/etc/ceph/:/etc/ceph/:ro #FIXME: we need to generate a ceph.conf with puppet for this + - /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro + # FIXME: we need to generate a ceph.conf with puppet for this + - /var/lib/config-data/puppet-generated/ceph/:/var/lib/kolla/config_files/src-ceph:ro - /dev/:/dev/ - /run/:/run/ - /sys:/sys diff --git a/docker/services/cinder-scheduler.yaml b/docker/services/cinder-scheduler.yaml index bcf32b2a..82813856 100644 --- a/docker/services/cinder-scheduler.yaml +++ b/docker/services/cinder-scheduler.yaml @@ -75,6 +75,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/cinder_scheduler.json: command: /usr/bin/cinder-scheduler --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/cinder owner: cinder:cinder @@ -102,7 +107,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/cinder_scheduler.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/cinder/etc/cinder/:/etc/cinder/:ro + - /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro - /var/log/containers/cinder:/var/log/cinder environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/cinder-volume.yaml b/docker/services/cinder-volume.yaml index 55173847..0ce098a3 100644 --- a/docker/services/cinder-volume.yaml +++ b/docker/services/cinder-volume.yaml @@ -83,6 +83,19 @@ outputs: kolla_config: /var/lib/kolla/config_files/cinder_volume.json: command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf + config_files: + # NOTE(mandre): the copy of ceph conf will need to go once we + # generate a ceph.conf for cinder in puppet + # Copy ceph config files before cinder ones as a precaution, for + # the later one to take precendence in case of duplicate files. + - source: "/var/lib/kolla/config_files/src-ceph/*" + dest: "/" + merge: true + preserve_properties: true + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/cinder owner: cinder:cinder @@ -111,8 +124,9 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/cinder_volume.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/cinder/etc/cinder/:/etc/cinder/:ro - - /var/lib/config-data/ceph/etc/ceph/:/etc/ceph/:ro #FIXME: we need to generate a ceph.conf with puppet for this + - /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro + # FIXME: we need to generate a ceph.conf with puppet for this + - /var/lib/config-data/puppet-generated/ceph/:/var/lib/kolla/config_files/src-ceph:ro - /dev/:/dev/ - /run/:/run/ - /sys:/sys diff --git a/docker/services/collectd.yaml b/docker/services/collectd.yaml index e6741156..0593e412 100644 --- a/docker/services/collectd.yaml +++ b/docker/services/collectd.yaml @@ -79,6 +79,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/collectd.json: command: /usr/sbin/collectd -f + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/collectd owner: collectd:collectd @@ -99,9 +104,7 @@ outputs: - - /var/run/docker.sock:/var/run/docker.sock:rw - /var/lib/kolla/config_files/collectd.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/collectd/etc/collectd.conf:/etc/collectd.conf:ro - - /var/lib/config-data/collectd/etc/collectd.d:/etc/collectd.d:ro - - /var/log/containers/collectd:/var/log/collectd:rw + - /var/lib/config-data/puppet-generated/collectd/:/var/lib/kolla/config_files/src:ro environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: diff --git a/docker/services/congress-api.yaml b/docker/services/congress.yaml index 52395d5e..1d3ea0d8 100644 --- a/docker/services/congress-api.yaml +++ b/docker/services/congress.yaml @@ -44,7 +44,7 @@ resources: ContainersCommon: type: ./containers-common.yaml - CongressApiBase: + CongressBase: type: ../../puppet/services/congress.yaml properties: EndpointMap: {get_param: EndpointMap} @@ -57,13 +57,13 @@ outputs: role_data: description: Role data for the Congress API role. value: - service_name: {get_attr: [CongressApiBase, role_data, service_name]} + service_name: {get_attr: [CongressBase, role_data, service_name]} config_settings: map_merge: - - get_attr: [CongressApiBase, role_data, config_settings] + - get_attr: [CongressBase, role_data, config_settings] step_config: &step_config - get_attr: [CongressApiBase, role_data, step_config] - service_config_settings: {get_attr: [CongressApiBase, role_data, service_config_settings]} + get_attr: [CongressBase, role_data, step_config] + service_config_settings: {get_attr: [CongressBase, role_data, service_config_settings]} # BEGIN DOCKER SETTINGS puppet_config: config_volume: congress @@ -76,6 +76,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/congress_api.json: command: /usr/bin/congress-server --config-file=/etc/congress/congress.conf --log-file=/var/log/congress/api.log + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/congress owner: congress:congress @@ -104,7 +109,10 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - - - /var/lib/config-data/congress/etc/:/etc/:ro + # FIXME(mandre) mounting /etc rw to workaround LP1696283 + # This should go away anyway and mount the exact files it + # needs or use kolla set_configs.py + - /var/lib/config-data/congress/etc/:/etc/ - /var/log/containers/congress:/var/log/congress command: "/usr/bin/bootstrap_host_exec congress su congress -s /bin/bash -c 'congress-db-manage --config-file /etc/congress/congress.conf upgrade head'" step_4: @@ -119,7 +127,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/congress_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/congress/etc/congress/:/etc/congress/:ro + - /var/lib/config-data/puppet-generated/congress/:/var/lib/kolla/config_files/src:ro - /var/log/containers/congress:/var/log/congress environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/database/mongodb.yaml b/docker/services/database/mongodb.yaml index 7b620c56..b5e7deab 100644 --- a/docker/services/database/mongodb.yaml +++ b/docker/services/database/mongodb.yaml @@ -76,6 +76,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/mongodb.json: command: /usr/bin/mongod --unixSocketPrefix=/var/run/mongodb --config /etc/mongod.conf run + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/lib/mongodb owner: mongodb:mongodb @@ -94,8 +99,7 @@ outputs: privileged: false volumes: &mongodb_volumes - /var/lib/kolla/config_files/mongodb.json:/var/lib/kolla/config_files/config.json - - /var/lib/config-data/mongodb/etc/mongod.conf:/etc/mongod.conf:ro - - /var/lib/config-data/mongodb/etc/mongos.conf:/etc/mongos.conf:ro + - /var/lib/config-data/puppet-generated/mongodb/:/var/lib/kolla/config_files/src:ro - /etc/localtime:/etc/localtime:ro - /var/log/containers/mongodb:/var/log/mongodb - /var/lib/mongodb:/var/lib/mongodb diff --git a/docker/services/database/mysql.yaml b/docker/services/database/mysql.yaml index 725b2b4b..61565357 100644 --- a/docker/services/database/mysql.yaml +++ b/docker/services/database/mysql.yaml @@ -85,6 +85,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/mysql.json: command: /usr/bin/mysqld_safe + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/lib/mysql owner: mysql:mysql @@ -111,7 +116,7 @@ outputs: command: ['bash', '-c', 'test -e /var/lib/mysql/mysql || kolla_start'] volumes: &mysql_volumes - /var/lib/kolla/config_files/mysql.json:/var/lib/kolla/config_files/config.json - - /var/lib/config-data/mysql/etc/my.cnf.d:/etc/my.cnf.d:ro + - /var/lib/config-data/puppet-generated/mysql/:/var/lib/kolla/config_files/src:ro - /etc/localtime:/etc/localtime:ro - /etc/hosts:/etc/hosts:ro - /var/lib/mysql:/var/lib/mysql diff --git a/docker/services/database/redis.yaml b/docker/services/database/redis.yaml index 0a490cd3..494fe61b 100644 --- a/docker/services/database/redis.yaml +++ b/docker/services/database/redis.yaml @@ -75,6 +75,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/redis.json: command: /usr/bin/redis-server /etc/redis.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/run/redis owner: redis:redis @@ -102,7 +107,7 @@ outputs: volumes: - /run:/run - /var/lib/kolla/config_files/redis.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/redis/etc/redis.conf:/etc/redis.conf:ro + - /var/lib/config-data/puppet-generated/redis/:/var/lib/kolla/config_files/src:ro - /etc/localtime:/etc/localtime:ro - /var/log/containers/redis:/var/log/redis environment: diff --git a/docker/services/ec2-api.yaml b/docker/services/ec2-api.yaml index d4cfe49a..e02a1469 100644 --- a/docker/services/ec2-api.yaml +++ b/docker/services/ec2-api.yaml @@ -74,12 +74,22 @@ outputs: kolla_config: /var/lib/kolla/config_files/ec2_api.json: command: /usr/bin/ec2-api + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/ec2api owner: ec2api:ec2api recurse: true /var/lib/kolla/config_files/ec2_api_metadata.json: command: /usr/bin/ec2-api-metadata + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/ec2api # default log dir for metadata service as well owner: ec2api:ec2api @@ -125,7 +135,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/ec2_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/ec2_api/etc/ec2api/:/etc/ec2api/:ro + - /var/lib/config-data/puppet-generated/ec2_api/:/var/lib/kolla/config_files/src:ro - /var/log/containers/ec2_api:/var/log/ec2api environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS @@ -139,7 +149,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/ec2_api_metadata.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/ec2_api/etc/ec2api/:/etc/ec2api/:ro + - /var/lib/config-data/puppet-generated/ec2_api/:/var/lib/kolla/config_files/src:ro - /var/log/containers/ec2_api_metadata:/var/log/ec2api environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/etcd.yaml b/docker/services/etcd.yaml index 3c7c81b0..eb661af8 100644 --- a/docker/services/etcd.yaml +++ b/docker/services/etcd.yaml @@ -78,6 +78,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/etcd.json: command: /usr/bin/etcd --config-file /etc/etcd/etcd.yml + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/lib/etcd owner: etcd:etcd @@ -96,7 +101,7 @@ outputs: - /var/lib/etcd:/var/lib/etcd - /etc/localtime:/etc/localtime:ro - /var/lib/kolla/config_files/etcd.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/etcd/etc/etcd/etcd.yml:/etc/etcd/etcd.yml:ro + - /var/lib/config-data/puppet-generated/etcd/:/var/lib/kolla/config_files/src:ro environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS docker_puppet_tasks: diff --git a/docker/services/glance-api.yaml b/docker/services/glance-api.yaml index 4fadef95..17d91107 100644 --- a/docker/services/glance-api.yaml +++ b/docker/services/glance-api.yaml @@ -85,8 +85,18 @@ outputs: kolla_config: /var/lib/kolla/config_files/glance_api.json: command: /usr/bin/glance-api --config-file /usr/share/glance/glance-api-dist.conf --config-file /etc/glance/glance-api.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/glance_api_tls_proxy.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: # Kolla_bootstrap/db_sync runs before permissions set by kolla_config step_2: @@ -112,7 +122,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/glance_api.json:/var/lib/kolla/config_files/config.json - - /var/lib/config-data/glance_api/etc/glance/:/etc/glance/:ro + - /var/lib/config-data/puppet-generated/glance_api/:/var/lib/kolla/config_files/src:ro - /var/log/containers/glance:/var/log/glance environment: - KOLLA_BOOTSTRAP=True @@ -142,9 +152,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/glance_api_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/glance_api/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/glance_api/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/glance_api/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro + - /var/lib/config-data/puppet-generated/glance_api/:/var/lib/kolla/config_files/src:ro - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro environment: diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml index cf31d256..140e93df 100644 --- a/docker/services/gnocchi-api.yaml +++ b/docker/services/gnocchi-api.yaml @@ -84,6 +84,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/gnocchi_api.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/gnocchi owner: gnocchi:gnocchi @@ -125,11 +130,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/gnocchi_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro - - /var/lib/config-data/gnocchi/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/gnocchi/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/gnocchi/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro - - /var/lib/config-data/gnocchi/var/www/:/var/www/:ro + - /var/lib/config-data/puppet-generated/gnocchi/:/var/lib/kolla/config_files/src:ro - /var/log/containers/gnocchi:/var/log/gnocchi - if: diff --git a/docker/services/gnocchi-metricd.yaml b/docker/services/gnocchi-metricd.yaml index 3a05d577..e7ebb3c1 100644 --- a/docker/services/gnocchi-metricd.yaml +++ b/docker/services/gnocchi-metricd.yaml @@ -74,6 +74,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/gnocchi_metricd.json: command: /usr/bin/gnocchi-metricd + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/gnocchi owner: gnocchi:gnocchi @@ -93,7 +98,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/gnocchi_metricd.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro + - /var/lib/config-data/puppet-generated/gnocchi/:/var/lib/kolla/config_files/src:ro - /var/log/containers/gnocchi:/var/log/gnocchi environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/gnocchi-statsd.yaml b/docker/services/gnocchi-statsd.yaml index c3523b57..e3461821 100644 --- a/docker/services/gnocchi-statsd.yaml +++ b/docker/services/gnocchi-statsd.yaml @@ -74,6 +74,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/gnocchi_statsd.json: command: /usr/bin/gnocchi-statsd + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/gnocchi owner: gnocchi:gnocchi @@ -93,7 +98,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/gnocchi_statsd.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro + - /var/lib/config-data/puppet-generated/gnocchi/:/var/lib/kolla/config_files/src:ro - /var/log/containers/gnocchi:/var/log/gnocchi environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/haproxy.yaml b/docker/services/haproxy.yaml index 242f0751..c24e1071 100644 --- a/docker/services/haproxy.yaml +++ b/docker/services/haproxy.yaml @@ -42,6 +42,11 @@ parameters: default: /dev/log description: Syslog address where HAproxy will send its log type: string + DeployedSSLCertificatePath: + default: '/etc/pki/tls/private/overcloud_endpoint.pem' + description: > + The filepath of the certificate as it will be stored in the controller. + type: string RedisPassword: description: The password for Redis type: string @@ -93,9 +98,20 @@ outputs: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyConfigImage} ] + volumes: &deployed_cert_mount + - list_join: + - ':' + - - {get_param: DeployedSSLCertificatePath} + - {get_param: DeployedSSLCertificatePath} + - 'ro' kolla_config: /var/lib/kolla/config_files/haproxy.json: command: haproxy -f /etc/haproxy/haproxy.cfg + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_1: haproxy: @@ -109,9 +125,10 @@ outputs: volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} + - *deployed_cert_mount - - /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/haproxy/etc/:/etc/:ro + - /var/lib/config-data/puppet-generated/haproxy/:/var/lib/kolla/config_files/src:ro environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS metadata_settings: diff --git a/docker/services/heat-api-cfn.yaml b/docker/services/heat-api-cfn.yaml index 1905281d..8dee5103 100644 --- a/docker/services/heat-api-cfn.yaml +++ b/docker/services/heat-api-cfn.yaml @@ -85,6 +85,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/heat_api_cfn.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/heat owner: heat:heat @@ -107,11 +112,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/heat_api_cfn.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/heat_api_cfn/etc/heat/:/etc/heat/:ro - - /var/lib/config-data/heat_api_cfn/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/heat_api_cfn/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/heat_api_cfn/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro - - /var/lib/config-data/heat_api_cfn/var/www/:/var/www/:ro + - /var/lib/config-data/puppet-generated/heat_api_cfn/:/var/lib/kolla/config_files/src:ro - /var/log/containers/heat:/var/log/heat - if: diff --git a/docker/services/heat-api.yaml b/docker/services/heat-api.yaml index c0cec937..adaf9997 100644 --- a/docker/services/heat-api.yaml +++ b/docker/services/heat-api.yaml @@ -85,6 +85,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/heat_api.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/heat owner: heat:heat @@ -107,11 +112,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/heat_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/heat_api/etc/heat/:/etc/heat/:ro - - /var/lib/config-data/heat_api/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/heat_api/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/heat_api/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro - - /var/lib/config-data/heat_api/var/www/:/var/www/:ro + - /var/lib/config-data/puppet-generated/heat_api/:/var/lib/kolla/config_files/src:ro - /var/log/containers/heat:/var/log/heat - if: diff --git a/docker/services/heat-engine.yaml b/docker/services/heat-engine.yaml index 676dbb1f..14e9027b 100644 --- a/docker/services/heat-engine.yaml +++ b/docker/services/heat-engine.yaml @@ -78,6 +78,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/heat_engine.json: command: /usr/bin/heat-engine --config-file /usr/share/heat/heat-dist.conf --config-file /etc/heat/heat.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/heat owner: heat:heat @@ -119,7 +124,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/heat_engine.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro + - /var/lib/config-data/puppet-generated/heat/:/var/lib/kolla/config_files/src:ro - /var/log/containers/heat:/var/log/heat environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/horizon.yaml b/docker/services/horizon.yaml index 5797b207..c5123277 100644 --- a/docker/services/horizon.yaml +++ b/docker/services/horizon.yaml @@ -81,6 +81,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/horizon.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/horizon/ owner: apache:apache @@ -117,8 +122,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/horizon.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/horizon/etc/httpd:/etc/httpd:ro - - /var/lib/config-data/horizon/etc/openstack-dashboard:/etc/openstack-dashboard:ro + - /var/lib/config-data/puppet-generated/horizon/:/var/lib/kolla/config_files/src:ro - /var/log/containers/horizon:/var/log/horizon environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml index 183ed5ce..d18221db 100644 --- a/docker/services/ironic-api.yaml +++ b/docker/services/ironic-api.yaml @@ -12,9 +12,9 @@ parameters: description: image default: 'centos-binary-ironic-api:latest' type: string - DockerIronicConfigImage: - description: The container image to use for the ironic config_volume - default: 'centos-binary-ironic-pxe:latest' + DockerIronicApiConfigImage: + description: The container image to use for the ironic_api config_volume + default: 'centos-binary-ironic-api:latest' type: string EndpointMap: default: {} @@ -67,16 +67,21 @@ outputs: service_config_settings: {get_attr: [IronicApiBase, role_data, service_config_settings]} # BEGIN DOCKER SETTINGS puppet_config: - config_volume: ironic + config_volume: ironic_api puppet_tags: ironic_config step_config: *step_config config_image: list_join: - '/' - - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ] + - [ {get_param: DockerNamespace}, {get_param: DockerIronicApiConfigImage} ] kolla_config: /var/lib/kolla/config_files/ironic_api.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/ironic owner: ironic:ironic @@ -106,7 +111,7 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - - - /var/lib/config-data/ironic/etc/ironic:/etc/ironic:ro + - /var/lib/config-data/ironic_api/etc/ironic:/etc/ironic:ro - /var/log/containers/ironic:/var/log/ironic command: "/usr/bin/bootstrap_host_exec ironic_api su ironic -s /bin/bash -c 'ironic-dbsync --config-file /etc/ironic/ironic.conf'" step_4: @@ -121,11 +126,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/ironic_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/ironic/etc/ironic:/etc/ironic:ro - - /var/lib/config-data/ironic/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/ironic/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/ironic/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro - - /var/lib/config-data/ironic/var/www/:/var/www/:ro + - /var/lib/config-data/puppet-generated/ironic_api/:/var/lib/kolla/config_files/src:ro - /var/log/containers/ironic:/var/log/ironic environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/ironic-conductor.yaml b/docker/services/ironic-conductor.yaml index f47a3e4c..bf239b66 100644 --- a/docker/services/ironic-conductor.yaml +++ b/docker/services/ironic-conductor.yaml @@ -84,6 +84,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/ironic_conductor.json: command: /usr/bin/ironic-conductor + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/lib/ironic owner: ironic:ironic @@ -107,7 +112,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/ironic_conductor.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro + - /var/lib/config-data/puppet-generated/ironic/:/var/lib/kolla/config_files/src:ro - /lib/modules:/lib/modules:ro - /sys:/sys - /dev:/dev diff --git a/docker/services/ironic-pxe.yaml b/docker/services/ironic-pxe.yaml index f518b9d5..a82a3af9 100644 --- a/docker/services/ironic-pxe.yaml +++ b/docker/services/ironic-pxe.yaml @@ -64,8 +64,18 @@ outputs: kolla_config: /var/lib/kolla/config_files/ironic_pxe_http.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/ironic_pxe_tftp.json: command: /usr/sbin/in.tftpd --foreground --user root --address 0.0.0.0:69 --map-file /var/lib/ironic/tftpboot/map-file /var/lib/ironic/tftpboot + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/ironic owner: ironic:ironic @@ -86,17 +96,8 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/ironic_pxe_tftp.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro - # TODO(mandre) check how docker like mounting in a bind-mounted tree - # This directory may contain migrated data from BM + - /var/lib/config-data/puppet-generated/ironic/:/var/lib/kolla/config_files/src:ro - /var/lib/ironic:/var/lib/ironic/ - # These files were generated by puppet inside the config container - # TODO(mandre) check the mount permission (ro/rw) - - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/chain.c32:/var/lib/ironic/tftpboot/chain.c32 - - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/pxelinux.0:/var/lib/ironic/tftpboot/pxelinux.0 - - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/ipxe.efi:/var/lib/ironic/tftpboot/ipxe.efi - - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/undionly.kpxe:/var/lib/ironic/tftpboot/undionly.kpxe - - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/map-file:/var/lib/ironic/tftpboot/map-file - /dev/log:/dev/log - /var/log/containers/ironic:/var/log/ironic environment: @@ -112,11 +113,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/ironic_pxe_http.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro - - /var/lib/config-data/ironic/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/ironic/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/ironic/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro - - /var/lib/config-data/ironic/var/www/:/var/www/:ro + - /var/lib/config-data/puppet-generated/ironic/:/var/lib/kolla/config_files/src:ro - /var/lib/ironic:/var/lib/ironic/ - /var/log/containers/ironic:/var/log/ironic environment: diff --git a/docker/services/iscsid.yaml b/docker/services/iscsid.yaml index 86f2d3b4..c98a921d 100644 --- a/docker/services/iscsid.yaml +++ b/docker/services/iscsid.yaml @@ -100,6 +100,7 @@ outputs: when: stat_iscsid_socket.stat.exists upgrade_tasks: - name: stat /lib/systemd/system/iscsid.service + tags: step2 stat: path=/lib/systemd/system/iscsid.service register: stat_iscsid_service - name: Stop and disable iscsid service @@ -107,6 +108,7 @@ outputs: service: name=iscsid state=stopped enabled=no when: stat_iscsid_service.stat.exists - name: stat /lib/systemd/system/iscsid.socket + tags: step2 stat: path=/lib/systemd/system/iscsid.socket register: stat_iscsid_socket - name: Stop and disable iscsid.socket service diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml index b6cfa21e..a3f08617 100644 --- a/docker/services/keystone.yaml +++ b/docker/services/keystone.yaml @@ -97,6 +97,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/keystone.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: # Kolla_bootstrap/db sync runs before permissions set by kolla_config step_2: @@ -121,11 +126,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/keystone.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/keystone/var/www/:/var/www/:ro - - /var/lib/config-data/keystone/etc/keystone/:/etc/keystone/:ro - - /var/lib/config-data/keystone/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/keystone/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/keystone/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro + - /var/lib/config-data/puppet-generated/keystone/:/var/lib/kolla/config_files/src:ro - /var/log/containers/keystone:/var/log/keystone - if: diff --git a/docker/services/manila-api.yaml b/docker/services/manila-api.yaml index 66dc6c3c..f47743c0 100644 --- a/docker/services/manila-api.yaml +++ b/docker/services/manila-api.yaml @@ -72,6 +72,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/manila_api.json: command: /usr/bin/manila-api --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/manila owner: manila:manila @@ -110,7 +115,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/manila_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/manila/etc/manila/:/etc/manila/:ro + - /var/lib/config-data/puppet-generated/manila/:/var/lib/kolla/config_files/src:ro - /var/log/containers/manila:/var/log/manila environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/manila-scheduler.yaml b/docker/services/manila-scheduler.yaml index d4170e42..a319a033 100644 --- a/docker/services/manila-scheduler.yaml +++ b/docker/services/manila-scheduler.yaml @@ -72,6 +72,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/manila_scheduler.json: command: /usr/bin/manila-scheduler --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/manila owner: manila:manila @@ -90,7 +95,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/manila_scheduler.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/manila/etc/manila/:/etc/manila/:ro + - /var/lib/config-data/puppet-generated/manila/:/var/lib/kolla/config_files/src:ro - /var/log/containers/manila:/var/log/manila environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/manila-share.yaml b/docker/services/manila-share.yaml new file mode 100644 index 00000000..227f28fe --- /dev/null +++ b/docker/services/manila-share.yaml @@ -0,0 +1,118 @@ +heat_template_version: pike + +description: > + OpenStack containerized Manila Share service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerManilaShareImage: + description: image + default: 'centos-binary-manila-share:latest' + type: string + DockerManilaConfigImage: + description: image + default: 'centos-binary-manila-base:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + +resources: + + ContainersCommon: + type: ./containers-common.yaml + + ManilaBase: + type: ../../puppet/services/manila-share.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + +outputs: + role_data: + description: Role data for the Manila Share role. + value: + service_name: {get_attr: [ManilaBase, role_data, service_name]} + config_settings: {get_attr: [ManilaBase, role_data, config_settings]} + step_config: &step_config + get_attr: [ManilaBase, role_data, step_config] + service_config_settings: {get_attr: [ManilaBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS + puppet_config: + config_volume: manila + puppet_tags: manila_config + step_config: *step_config + config_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerManilaConfigImage} ] + kolla_config: + /var/lib/kolla/config_files/manila_share.json: + command: /usr/bin/manila-share --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true + # NOTE(gfidente): ceph-ansible generated + - source: "/var/lib/kolla/config_files/src-ceph/*" + dest: "/etc/ceph" + merge: true + preserve_properties: true + permissions: + - path: /var/log/manila + owner: manila:manila + recurse: true + docker_config: + step_4: + manila_share: + image: &manila_share_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerManilaShareImage} ] + net: host + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/manila_share.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/puppet-generated/manila/:/var/lib/kolla/config_files/src:ro + - /var/log/containers/manila:/var/log/manila + - /etc/ceph/:/var/lib/kolla/config_files/src-ceph:ro + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + host_prep_tasks: + - name: create persistent directories + file: + path: /var/log/containers/manila + state: directory + upgrade_tasks: + - name: Stop and disable manila_share service + tags: step2 + service: name=openstack-manila-share state=stopped enabled=no diff --git a/docker/services/memcached.yaml b/docker/services/memcached.yaml index 3d41c176..ef4a7ab0 100644 --- a/docker/services/memcached.yaml +++ b/docker/services/memcached.yaml @@ -100,8 +100,6 @@ outputs: - /var/lib/config-data/memcached/etc/sysconfig/memcached:/etc/sysconfig/memcached:ro # TODO(bogdando) capture memcached syslog logs from a container command: ['/bin/bash', '-c', 'source /etc/sysconfig/memcached; /usr/bin/memcached -p ${PORT} -u ${USER} -m ${CACHESIZE} -c ${MAXCONN} $OPTIONS'] - environment: - - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS upgrade_tasks: - name: Stop and disable memcached service tags: step2 diff --git a/docker/services/mistral-api.yaml b/docker/services/mistral-api.yaml index f1284280..4b2c1028 100644 --- a/docker/services/mistral-api.yaml +++ b/docker/services/mistral-api.yaml @@ -76,6 +76,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/mistral_api.json: command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/api.log --server=api + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/mistral owner: mistral:mistral @@ -136,7 +141,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/mistral_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro + - /var/lib/config-data/puppet-generated/mistral/:/var/lib/kolla/config_files/src:ro - /var/log/containers/mistral:/var/log/mistral environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/mistral-engine.yaml b/docker/services/mistral-engine.yaml index 712f4ba6..8b8e32b6 100644 --- a/docker/services/mistral-engine.yaml +++ b/docker/services/mistral-engine.yaml @@ -77,6 +77,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/mistral_engine.json: command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/engine.log --server=engine + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/mistral owner: mistral:mistral @@ -97,7 +102,7 @@ outputs: - - /run:/run - /var/lib/kolla/config_files/mistral_engine.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro + - /var/lib/config-data/puppet-generated/mistral/:/var/lib/kolla/config_files/src:ro - /var/log/containers/mistral:/var/log/mistral environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/mistral-executor.yaml b/docker/services/mistral-executor.yaml index 5a35ba98..9ae07213 100644 --- a/docker/services/mistral-executor.yaml +++ b/docker/services/mistral-executor.yaml @@ -77,6 +77,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/mistral_executor.json: command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/executor.log --server=executor + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/mistral owner: mistral:mistral @@ -96,7 +101,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/mistral_executor.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro + - /var/lib/config-data/puppet-generated/mistral/:/var/lib/kolla/config_files/src:ro - /run:/run # FIXME: this is required in order for Nova cells # initialization workflows on the Undercloud. Need to diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml index 2890dec9..a2e5e174 100644 --- a/docker/services/neutron-api.yaml +++ b/docker/services/neutron-api.yaml @@ -83,12 +83,22 @@ outputs: kolla_config: /var/lib/kolla/config_files/neutron_api.json: command: /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-server + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/neutron owner: neutron:neutron recurse: true /var/lib/kolla/config_files/neutron_server_tls_proxy.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: # db sync runs before permissions set by kolla_config step_2: @@ -132,7 +142,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/neutron_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro + - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro - /var/log/containers/neutron:/var/log/neutron environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS @@ -148,9 +158,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/neutron_server_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/neutron/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/neutron/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/neutron/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro + - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro environment: diff --git a/docker/services/neutron-dhcp.yaml b/docker/services/neutron-dhcp.yaml index 460b2ee1..93401b95 100644 --- a/docker/services/neutron-dhcp.yaml +++ b/docker/services/neutron-dhcp.yaml @@ -76,6 +76,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/neutron_dhcp.json: command: /usr/bin/neutron-dhcp-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --log-file /var/log/neutron/dhcp-agent.log --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-dhcp-agent + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/neutron owner: neutron:neutron @@ -96,7 +101,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/neutron_dhcp.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro + - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro - /lib/modules:/lib/modules:ro - /run/:/run - /var/log/containers/neutron:/var/log/neutron diff --git a/docker/services/neutron-l3.yaml b/docker/services/neutron-l3.yaml index b692f736..1db48b3b 100644 --- a/docker/services/neutron-l3.yaml +++ b/docker/services/neutron-l3.yaml @@ -72,6 +72,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/neutron_l3_agent.json: command: /usr/bin/neutron-l3-agent --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/l3_agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-l3-agent + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/neutron owner: neutron:neutron @@ -92,7 +97,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/neutron_l3_agent.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro + - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro - /lib/modules:/lib/modules:ro - /run:/run - /var/log/containers/neutron:/var/log/neutron diff --git a/docker/services/neutron-metadata.yaml b/docker/services/neutron-metadata.yaml index 493b97b2..d03ea9a6 100644 --- a/docker/services/neutron-metadata.yaml +++ b/docker/services/neutron-metadata.yaml @@ -72,6 +72,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/neutron_metadata_agent.json: command: /usr/bin/neutron-metadata-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-metadata-agent + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/neutron owner: neutron:neutron @@ -92,7 +97,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/neutron_metadata_agent.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro + - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro - /lib/modules:/lib/modules:ro - /run:/run - /var/log/containers/neutron:/var/log/neutron diff --git a/docker/services/neutron-ovs-agent.yaml b/docker/services/neutron-ovs-agent.yaml index 27919a35..de7115bf 100644 --- a/docker/services/neutron-ovs-agent.yaml +++ b/docker/services/neutron-ovs-agent.yaml @@ -72,6 +72,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/neutron_ovs_agent.json: command: /usr/bin/neutron-openvswitch-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-dir /etc/neutron/conf.d/common + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/neutron owner: neutron:neutron @@ -92,7 +97,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/neutron_ovs_agent.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro + - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro - /lib/modules:/lib/modules:ro - /run:/run - /var/log/containers/neutron:/var/log/neutron diff --git a/docker/services/neutron-plugin-ml2.yaml b/docker/services/neutron-plugin-ml2.yaml index 7211014e..aa62bded 100644 --- a/docker/services/neutron-plugin-ml2.yaml +++ b/docker/services/neutron-plugin-ml2.yaml @@ -38,7 +38,7 @@ parameters: resources: NeutronBase: - type: ../../puppet/services/neutron-plugin-ml2.yaml + type: OS::TripleO::Docker::NeutronMl2PluginBase properties: EndpointMap: {get_param: EndpointMap} ServiceNetMap: {get_param: ServiceNetMap} @@ -60,7 +60,7 @@ outputs: # BEGIN DOCKER SETTINGS puppet_config: config_volume: 'neutron' - puppet_tags: '' + puppet_tags: neutron_plugin_ml2 step_config: *step_config config_image: list_join: diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml index 5d410fb6..9282c934 100644 --- a/docker/services/nova-api.yaml +++ b/docker/services/nova-api.yaml @@ -83,6 +83,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/nova_api.json: command: /usr/bin/nova-api + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/nova owner: nova:nova @@ -107,11 +112,10 @@ outputs: net: host detach: false user: root - volumes: &nova_api_volumes + volumes: &nova_api_bootstrap_volumes list_concat: - {get_attr: [ContainersCommon, volumes]} - - - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro - /var/log/containers/nova:/var/log/nova command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage api_db sync'" @@ -124,14 +128,14 @@ outputs: net: host detach: false user: root - volumes: *nova_api_volumes + volumes: *nova_api_bootstrap_volumes command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 map_cell0'" nova_api_create_default_cell: start_order: 2 image: *nova_api_image net: host detach: false - volumes: *nova_api_volumes + volumes: *nova_api_bootstrap_volumes # NOTE: allowing the exit code 2 is a dirty way of making # this idempotent (if the resource already exists a conflict # is raised) @@ -143,7 +147,7 @@ outputs: image: *nova_api_image net: host detach: false - volumes: *nova_api_volumes + volumes: *nova_api_bootstrap_volumes user: root command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage db sync'" step_4: @@ -154,16 +158,32 @@ outputs: user: nova privileged: true restart: always + volumes: &nova_api_volumes + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro + - /var/log/containers/nova:/var/log/nova + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + nova_api_cron: + image: *nova_api_image + net: host + user: root + privileged: true + restart: always volumes: *nova_api_volumes environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + command: "/usr/sbin/crond -n" step_5: nova_api_discover_hosts: start_order: 1 image: *nova_api_image net: host detach: false - volumes: *nova_api_volumes + volumes: *nova_api_bootstrap_volumes user: root command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts'" host_prep_tasks: diff --git a/docker/services/nova-compute.yaml b/docker/services/nova-compute.yaml index 1277a8fb..101934ff 100644 --- a/docker/services/nova-compute.yaml +++ b/docker/services/nova-compute.yaml @@ -80,6 +80,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/nova_compute.json: command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/nova owner: nova:nova @@ -104,7 +109,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/nova_compute.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/nova_libvirt/etc/nova/:/etc/nova/:ro + - /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro - /dev:/dev - /etc/iscsi:/etc/iscsi - /lib/modules:/lib/modules:ro diff --git a/docker/services/nova-conductor.yaml b/docker/services/nova-conductor.yaml index 266180c5..35c361fd 100644 --- a/docker/services/nova-conductor.yaml +++ b/docker/services/nova-conductor.yaml @@ -75,6 +75,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/nova_conductor.json: command: /usr/bin/nova-conductor + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/nova owner: nova:nova @@ -94,7 +99,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/nova_conductor.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro + - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro - /var/log/containers/nova:/var/log/nova environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/nova-consoleauth.yaml b/docker/services/nova-consoleauth.yaml index d836797f..0939bba3 100644 --- a/docker/services/nova-consoleauth.yaml +++ b/docker/services/nova-consoleauth.yaml @@ -74,6 +74,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/nova_consoleauth.json: command: /usr/bin/nova-consoleauth + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/nova owner: nova:nova @@ -93,7 +98,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/nova_consoleauth.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro + - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro - /var/log/containers/nova:/var/log/nova environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/nova-ironic.yaml b/docker/services/nova-ironic.yaml index 8f988399..294293fd 100644 --- a/docker/services/nova-ironic.yaml +++ b/docker/services/nova-ironic.yaml @@ -72,6 +72,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/nova_ironic.json: command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/nova owner: nova:nova @@ -95,7 +100,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/nova_ironic.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro + - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro - /run:/run - /dev:/dev - /etc/iscsi:/etc/iscsi diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml index f1a48cf1..d5d80189 100644 --- a/docker/services/nova-libvirt.yaml +++ b/docker/services/nova-libvirt.yaml @@ -110,6 +110,11 @@ outputs: - use_tls_for_live_migration - /usr/sbin/libvirtd --listen --config /etc/libvirt/libvirtd.conf - /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/nova owner: nova:nova @@ -130,7 +135,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/nova_libvirt.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/nova_libvirt/etc/libvirt/:/etc/libvirt/:ro + - /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro - /lib/modules:/lib/modules:ro - /dev:/dev - /run:/run diff --git a/docker/services/nova-placement.yaml b/docker/services/nova-placement.yaml index 251bbaad..464dfe70 100644 --- a/docker/services/nova-placement.yaml +++ b/docker/services/nova-placement.yaml @@ -77,6 +77,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/nova_placement.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/nova owner: nova:nova @@ -98,11 +103,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/nova_placement.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/nova_placement/etc/nova/:/etc/nova/:ro - - /var/lib/config-data/nova_placement/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/nova_placement/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/nova_placement/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro - - /var/lib/config-data/nova_placement/var/www/:/var/www/:ro + - /var/lib/config-data/puppet-generated/nova_placement/:/var/lib/kolla/config_files/src:ro - /var/log/containers/nova:/var/log/nova environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/nova-scheduler.yaml b/docker/services/nova-scheduler.yaml index fbb3abc7..a2b27342 100644 --- a/docker/services/nova-scheduler.yaml +++ b/docker/services/nova-scheduler.yaml @@ -74,6 +74,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/nova_scheduler.json: command: /usr/bin/nova-scheduler + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/nova owner: nova:nova @@ -93,7 +98,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/nova_scheduler.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro + - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro - /run:/run - /var/log/containers/nova:/var/log/nova environment: diff --git a/docker/services/nova-vnc-proxy.yaml b/docker/services/nova-vnc-proxy.yaml index c2b9c3b1..35e69494 100644 --- a/docker/services/nova-vnc-proxy.yaml +++ b/docker/services/nova-vnc-proxy.yaml @@ -74,6 +74,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/nova_vnc_proxy.json: command: /usr/bin/nova-novncproxy --web /usr/share/novnc/ + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/nova owner: nova:nova @@ -93,7 +98,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/nova_vnc_proxy.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro + - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro - /var/log/containers/nova:/var/log/nova environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/octavia-api.yaml b/docker/services/octavia-api.yaml index 728162fe..075e4913 100644 --- a/docker/services/octavia-api.yaml +++ b/docker/services/octavia-api.yaml @@ -82,8 +82,18 @@ outputs: kolla_config: /var/lib/kolla/config_files/octavia_api.json: command: /usr/bin/octavia-api --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/api.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-api + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/octavia_api_tls_proxy.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: # Kolla_bootstrap/db_sync runs before permissions set by kolla_config step_2: @@ -95,7 +105,12 @@ outputs: - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaApiImage} ] user: root volumes: - - /var/lib/config-data/octavia/etc/octavia:/etc/octavia/ + # NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d + # It is normally created as part of the RPM install, but it is + # missing here because we use the same config_volume for all + # octavia services, hence the same container image to generate + # configuration. + - /var/lib/config-data/puppet-generated/octavia/etc/octavia:/etc/octavia/ - /var/log/containers/octavia:/var/log/octavia command: ['/bin/bash', '-c', 'mkdir -p /etc/octavia/conf.d/octavia-api; chown -R octavia:octavia /etc/octavia/conf.d/octavia-api; chown -R octavia:octavia /var/log/octavia'] step_3: @@ -106,11 +121,10 @@ outputs: privileged: false detach: false user: root - volumes: &octavia_volumes + volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - - /var/lib/kolla/config_files/octavia_api.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/octavia/etc/octavia/:/etc/octavia/:ro - /var/log/containers/octavia:/var/log/octavia command: "/usr/bin/bootstrap_host_exec octavia_api su octavia -s /bin/bash -c '/usr/bin/octavia-db-manage upgrade head'" @@ -122,7 +136,13 @@ outputs: net: host privileged: false restart: always - volumes: *octavia_volumes + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/octavia_api.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro + - /var/log/containers/octavia:/var/log/octavia environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS - if: @@ -138,7 +158,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/octavia_api_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/octavia/etc/httpd/:/etc/httpd/:ro + - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro environment: diff --git a/docker/services/octavia-health-manager.yaml b/docker/services/octavia-health-manager.yaml index 2228e369..0e493294 100644 --- a/docker/services/octavia-health-manager.yaml +++ b/docker/services/octavia-health-manager.yaml @@ -75,6 +75,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/octavia_health_manager.json: command: /usr/bin/octavia-health-manager --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/health-manager.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-health-manager + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_2: octavia_health_manager_init_dirs: @@ -85,7 +90,12 @@ outputs: - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaHealthManagerImage} ] user: root volumes: - - /var/lib/config-data/octavia/etc/octavia:/etc/octavia/ + # NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d + # It is normally created as part of the RPM install, but it is + # missing here because we use the same config_volume for all + # octavia services, hence the same container image to generate + # configuration. + - /var/lib/config-data/puppet-generated/octavia/etc/octavia:/etc/octavia/ command: ['/bin/bash', '-c', 'mkdir -p /etc/octavia/conf.d/octavia-health-manager; chown -R octavia:octavia /etc/octavia/conf.d/octavia-health-manager'] step_4: octavia_health_manager: @@ -99,7 +109,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/octavia_health_manager.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/octavia/etc/octavia/:/etc/octavia/:ro + - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro - /var/log/containers/octavia:/var/log/octavia environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/octavia-housekeeping.yaml b/docker/services/octavia-housekeeping.yaml index c2986c63..be2c445d 100644 --- a/docker/services/octavia-housekeeping.yaml +++ b/docker/services/octavia-housekeeping.yaml @@ -75,6 +75,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/octavia_housekeeping.json: command: /usr/bin/octavia-housekeeping --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/housekeeping.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-housekeeping + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_2: octavia_housekeeping_init_dirs: @@ -85,7 +90,12 @@ outputs: - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaHousekeepingImage} ] user: root volumes: - - /var/lib/config-data/octavia/etc/octavia:/etc/octavia/ + # NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d + # It is normally created as part of the RPM install, but it is + # missing here because we use the same config_volume for all + # octavia services, hence the same container image to generate + # configuration. + - /var/lib/config-data/puppet-generated/octavia/etc/octavia:/etc/octavia/ command: ['/bin/bash', '-c', 'mkdir -p /etc/octavia/conf.d/octavia-housekeeping; chown -R octavia:octavia /etc/octavia/conf.d/octavia-housekeeping'] step_4: octavia_housekeeping: @@ -99,7 +109,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/octavia_housekeeping.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/octavia/etc/octavia/:/etc/octavia/:ro + - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro - /var/log/containers/octavia:/var/log/octavia environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/octavia-worker.yaml b/docker/services/octavia-worker.yaml index 41295125..9becb259 100644 --- a/docker/services/octavia-worker.yaml +++ b/docker/services/octavia-worker.yaml @@ -75,6 +75,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/octavia_worker.json: command: /usr/bin/octavia-worker --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/worker.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-worker + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_2: octavia_worker_init_dirs: @@ -85,7 +90,12 @@ outputs: - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaWorkerImage} ] user: root volumes: - - /var/lib/config-data/octavia/etc/octavia:/etc/octavia/ + # NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d + # It is normally created as part of the RPM install, but it is + # missing here because we use the same config_volume for all + # octavia services, hence the same container image to generate + # configuration. + - /var/lib/config-data/puppet-generated/octavia/etc/octavia:/etc/octavia/ command: ['/bin/bash', '-c', 'mkdir -p /etc/octavia/conf.d/octavia-worker; chown -R octavia:octavia /etc/octavia/conf.d/octavia-worker'] step_4: octavia_worker: @@ -99,7 +109,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/octavia_worker.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/octavia/etc/octavia/:/etc/octavia/:ro + - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro - /var/log/containers/octavia:/var/log/octavia environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/opendaylight-api.yaml b/docker/services/opendaylight-api.yaml new file mode 100644 index 00000000..5610d1ba --- /dev/null +++ b/docker/services/opendaylight-api.yaml @@ -0,0 +1,116 @@ +heat_template_version: pike + +description: > + OpenStack containerized OpenDaylight API service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerOpendaylightApiImage: + description: image + default: 'centos-binary-opendaylight:latest' + type: string + DockerOpendaylightConfigImage: + description: image + default: 'centos-binary-opendaylight:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + +resources: + + ContainersCommon: + type: ./containers-common.yaml + + OpenDaylightBase: + type: ../../puppet/services/opendaylight-api.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + +outputs: + role_data: + description: Role data for the OpenDaylight API role. + value: + service_name: {get_attr: [OpenDaylightBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [OpenDaylightBase, role_data, config_settings] + step_config: &step_config + list_join: + - "\n" + - - get_attr: [OpenDaylightBase, role_data, step_config] + - "include tripleo::profile::base::neutron::opendaylight::create_cluster" + # BEGIN DOCKER SETTINGS + puppet_config: + config_volume: opendaylight + # 'file,concat,file_line,augeas' are included by default + puppet_tags: odl_user,tripleo::profile::base::neutron::opendaylight::configure_cluster + step_config: *step_config + config_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerOpendaylightConfigImage} ] + kolla_config: + /var/lib/kolla/config_files/opendaylight_api.json: + command: /opt/opendaylight/bin/karaf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true + permissions: + - path: /opt/opendaylight + owner: odl:odl + recurse: true + docker_config: + step_1: + opendaylight_api: + start_order: 0 + image: &odl_api_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerOpendaylightApiImage} ] + privileged: false + net: host + detach: true + user: odl + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/opendaylight_api.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/puppet-generated/opendaylight/:/var/lib/kolla/config_files/src:ro + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + + upgrade_tasks: + - name: Stop and disable opendaylight_api service + tags: step2 + service: name=opendaylight state=stopped enabled=no diff --git a/docker/services/pacemaker/clustercheck.yaml b/docker/services/pacemaker/clustercheck.yaml index 9fd9402f..007aa9c9 100644 --- a/docker/services/pacemaker/clustercheck.yaml +++ b/docker/services/pacemaker/clustercheck.yaml @@ -75,18 +75,10 @@ outputs: /var/lib/kolla/config_files/clustercheck.json: command: /usr/sbin/xinetd -dontfork config_files: - - dest: /etc/xinetd.conf - source: /var/lib/kolla/config_files/src/etc/xinetd.conf - owner: mysql - perm: '0644' - - dest: /etc/xinetd.d/galera-monitor - source: /var/lib/kolla/config_files/src/etc/xinetd.d/galera-monitor - owner: mysql - perm: '0644' - - dest: /etc/sysconfig/clustercheck - source: /var/lib/kolla/config_files/src/etc/sysconfig/clustercheck - owner: mysql - perm: '0600' + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_2: clustercheck: @@ -102,7 +94,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/clustercheck.json:/var/lib/kolla/config_files/config.json - - /var/lib/config-data/clustercheck/:/var/lib/kolla/config_files/src:ro + - /var/lib/config-data/puppet-generated/clustercheck/:/var/lib/kolla/config_files/src:ro - /var/lib/mysql:/var/lib/mysql environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/pacemaker/database/mysql.yaml b/docker/services/pacemaker/database/mysql.yaml index fb1400f6..3d996f7f 100644 --- a/docker/services/pacemaker/database/mysql.yaml +++ b/docker/services/pacemaker/database/mysql.yaml @@ -89,22 +89,14 @@ outputs: /var/lib/kolla/config_files/mysql.json: command: /usr/sbin/pacemaker_remoted config_files: - - dest: /etc/libqb/force-filesystem-sockets - source: /dev/null - owner: root - perm: '0644' - - dest: /etc/my.cnf - source: /var/lib/kolla/config_files/src/etc/my.cnf - owner: mysql - perm: '0644' - - dest: /etc/my.cnf.d/galera.cnf - source: /var/lib/kolla/config_files/src/etc/my.cnf.d/galera.cnf - owner: mysql - perm: '0644' - - dest: /etc/sysconfig/clustercheck - source: /var/lib/kolla/config_files/src/etc/sysconfig/clustercheck - owner: root - perm: '0600' + - dest: /etc/libqb/force-filesystem-sockets + source: /dev/null + owner: root + perm: '0644' + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_1: mysql_data_ownership: @@ -129,7 +121,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/mysql.json:/var/lib/kolla/config_files/config.json - - /var/lib/config-data/mysql/:/var/lib/kolla/config_files/src:ro + - /var/lib/config-data/puppet-generated/mysql/:/var/lib/kolla/config_files/src:ro - /var/lib/mysql:/var/lib/mysql environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS @@ -173,8 +165,6 @@ outputs: - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro - /dev/shm:/dev/shm:rw - - /var/lib/config-data/mysql/etc/my.cnf:/etc/my.cnf:ro - - /var/lib/config-data/mysql/etc/my.cnf.d:/etc/my.cnf.d:ro - /var/lib/mysql:/var/lib/mysql:rw host_prep_tasks: - name: create /var/lib/mysql diff --git a/docker/services/pacemaker/database/redis.yaml b/docker/services/pacemaker/database/redis.yaml index 2ff15fe9..ff6de15d 100644 --- a/docker/services/pacemaker/database/redis.yaml +++ b/docker/services/pacemaker/database/redis.yaml @@ -90,6 +90,11 @@ outputs: source: /dev/null owner: root perm: '0644' + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true + optional: true permissions: - path: /var/run/redis owner: redis:redis diff --git a/docker/services/pacemaker/haproxy.yaml b/docker/services/pacemaker/haproxy.yaml index 704ffab5..1b104a23 100644 --- a/docker/services/pacemaker/haproxy.yaml +++ b/docker/services/pacemaker/haproxy.yaml @@ -30,6 +30,11 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + DeployedSSLCertificatePath: + default: '/etc/pki/tls/private/overcloud_endpoint.pem' + description: > + The filepath of the certificate as it will be stored in the controller. + type: string RoleName: default: '' description: Role name on which the service is applied @@ -81,9 +86,21 @@ outputs: list_join: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyConfigImage} ] + volumes: &deployed_cert_mount + - list_join: + - ':' + - - {get_param: DeployedSSLCertificatePath} + - {get_param: DeployedSSLCertificatePath} + - 'ro' kolla_config: /var/lib/kolla/config_files/haproxy.json: command: haproxy -f /etc/haproxy/haproxy.cfg + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true + optional: true docker_config: step_2: haproxy_init_bundle: @@ -110,17 +127,20 @@ outputs: - 'include ::tripleo::profile::pacemaker::haproxy_bundle' image: *haproxy_image volumes: - # puppet saves iptables rules in /etc/sysconfig - - /etc/sysconfig:/etc/sysconfig:rw - # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount - # the necessary bit and prevent systemd to try to reload the service in the container - - /usr/libexec/iptables:/usr/libexec/iptables:ro - - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro - - /etc/hosts:/etc/hosts:ro - - /etc/localtime:/etc/localtime:ro - - /etc/puppet:/tmp/puppet-etc:ro - - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro - - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro - - /dev/shm:/dev/shm:rw + list_concat: + - *deployed_cert_mount + - + # puppet saves iptables rules in /etc/sysconfig + - /etc/sysconfig:/etc/sysconfig:rw + # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount + # the necessary bit and prevent systemd to try to reload the service in the container + - /usr/libexec/iptables:/usr/libexec/iptables:ro + - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro + - /etc/hosts:/etc/hosts:ro + - /etc/localtime:/etc/localtime:ro + - /etc/puppet:/tmp/puppet-etc:ro + - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro + - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro + - /dev/shm:/dev/shm:rw metadata_settings: get_attr: [HAProxyBase, role_data, metadata_settings] diff --git a/docker/services/pacemaker/rabbitmq.yaml b/docker/services/pacemaker/rabbitmq.yaml index ab1a612f..b8ff6bfd 100644 --- a/docker/services/pacemaker/rabbitmq.yaml +++ b/docker/services/pacemaker/rabbitmq.yaml @@ -88,6 +88,10 @@ outputs: source: /dev/null owner: root perm: '0644' + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/lib/rabbitmq owner: rabbitmq:rabbitmq @@ -106,7 +110,7 @@ outputs: privileged: false volumes: - /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/rabbitmq/etc/rabbitmq:/etc/rabbitmq:ro + - /var/lib/config-data/puppet-generated/rabbitmq/:/var/lib/kolla/config_files/src:ro - /etc/hosts:/etc/hosts:ro - /etc/localtime:/etc/localtime:ro - /var/lib/rabbitmq:/var/lib/rabbitmq diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml index 0f556063..fa1a7076 100644 --- a/docker/services/panko-api.yaml +++ b/docker/services/panko-api.yaml @@ -86,6 +86,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/panko_api.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/panko owner: panko:panko @@ -127,11 +132,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/panko_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/panko/etc/panko/:/etc/panko/:ro - - /var/lib/config-data/panko/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/panko/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/panko/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro - - /var/lib/config-data/panko/var/www/:/var/www/:ro + - /var/lib/config-data/puppet-generated/panko/:/var/lib/kolla/config_files/src:ro - /var/log/containers/panko:/var/log/panko - if: diff --git a/docker/services/rabbitmq.yaml b/docker/services/rabbitmq.yaml index f42f2ed2..dd7c26a3 100644 --- a/docker/services/rabbitmq.yaml +++ b/docker/services/rabbitmq.yaml @@ -84,6 +84,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/rabbitmq.json: command: /usr/lib/rabbitmq/bin/rabbitmq-server + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/lib/rabbitmq owner: rabbitmq:rabbitmq @@ -114,7 +119,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro + - /var/lib/config-data/puppet-generated/rabbitmq/:/var/lib/kolla/config_files/src:ro - /var/lib/rabbitmq:/var/lib/rabbitmq - /var/log/containers/rabbitmq:/var/log/rabbitmq environment: @@ -142,7 +147,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro + - /var/lib/config-data/puppet-generated/rabbitmq/:/var/lib/kolla/config_files/src:ro - /var/lib/rabbitmq:/var/lib/rabbitmq - /var/log/containers/rabbitmq:/var/log/rabbitmq environment: diff --git a/docker/services/sahara-api.yaml b/docker/services/sahara-api.yaml index 32d64583..8d101657 100644 --- a/docker/services/sahara-api.yaml +++ b/docker/services/sahara-api.yaml @@ -75,6 +75,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/sahara-api.json: command: /usr/bin/sahara-api --config-file /etc/sahara/sahara.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/lib/sahara owner: sahara:sahara @@ -93,11 +98,10 @@ outputs: privileged: false detach: false user: root - volumes: &sahara_volumes + volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - - /var/lib/kolla/config_files/sahara-api.json:/var/lib/kolla/config_files/config.json - /var/lib/config-data/sahara/etc/sahara/:/etc/sahara/:ro - /lib/modules:/lib/modules:ro - /var/lib/sahara:/var/lib/sahara @@ -109,7 +113,15 @@ outputs: net: host privileged: false restart: always - volumes: *sahara_volumes + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/sahara-api.json:/var/lib/kolla/config_files/config.json + - /var/lib/config-data/puppet-generated/sahara/:/var/lib/kolla/config_files/src:ro + - /lib/modules:/lib/modules:ro + - /var/lib/sahara:/var/lib/sahara + - /var/log/containers/sahara:/var/log/sahara environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: diff --git a/docker/services/sahara-engine.yaml b/docker/services/sahara-engine.yaml index 99a51c9a..1b11ab7d 100644 --- a/docker/services/sahara-engine.yaml +++ b/docker/services/sahara-engine.yaml @@ -75,6 +75,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/sahara-engine.json: command: /usr/bin/sahara-engine --config-file /etc/sahara/sahara.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/lib/sahara owner: sahara:sahara @@ -92,12 +97,12 @@ outputs: net: host privileged: false restart: always - volumes: &sahara_volumes + volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/sahara-engine.json:/var/lib/kolla/config_files/config.json - - /var/lib/config-data/sahara/etc/sahara/:/etc/sahara/:ro + - /var/lib/config-data/puppet-generated/sahara/:/var/lib/kolla/config_files/src:ro - /var/lib/sahara:/var/lib/sahara - /var/log/containers/sahara:/var/log/sahara environment: diff --git a/docker/services/sensu-client.yaml b/docker/services/sensu-client.yaml index 42b0c57a..1d1eae3d 100644 --- a/docker/services/sensu-client.yaml +++ b/docker/services/sensu-client.yaml @@ -109,6 +109,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/sensu-client.json: command: /usr/bin/sensu-client -d /etc/sensu/conf.d/ -l /var/log/sensu/sensu-client.log + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/sensu owner: sensu:sensu @@ -133,7 +138,7 @@ outputs: - - /var/run/docker.sock:/var/run/docker.sock:rw - /var/lib/kolla/config_files/sensu-client.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/sensu/etc/sensu/:/etc/sensu/:ro + - /var/lib/config-data/puppet-generated/sensu/:/var/lib/kolla/config_files/src:ro - /var/log/containers/sensu:/var/log/sensu:rw environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/swift-proxy.yaml b/docker/services/swift-proxy.yaml index d7a7fe41..77538969 100644 --- a/docker/services/swift-proxy.yaml +++ b/docker/services/swift-proxy.yaml @@ -81,12 +81,22 @@ outputs: kolla_config: /var/lib/kolla/config_files/swift_proxy.json: command: /usr/bin/swift-proxy-server /etc/swift/proxy-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/swift owner: swift:swift recurse: true /var/lib/kolla/config_files/swift_proxy_tls_proxy.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_4: map_merge: @@ -103,9 +113,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_proxy.json:/var/lib/kolla/config_files/config.json:ro - # FIXME I'm mounting /etc/swift as rw. Are the rings written to - # at all during runtime? - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -124,9 +132,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_proxy_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/swift/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/swift/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro environment: diff --git a/docker/services/swift-storage.yaml b/docker/services/swift-storage.yaml index f2b8c474..a07c92ae 100644 --- a/docker/services/swift-storage.yaml +++ b/docker/services/swift-storage.yaml @@ -95,36 +95,106 @@ outputs: kolla_config: /var/lib/kolla/config_files/swift_account_auditor.json: command: /usr/bin/swift-account-auditor /etc/swift/account-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_account_reaper.json: command: /usr/bin/swift-account-reaper /etc/swift/account-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_account_replicator.json: command: /usr/bin/swift-account-replicator /etc/swift/account-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_account_server.json: command: /usr/bin/swift-account-server /etc/swift/account-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_container_auditor.json: command: /usr/bin/swift-container-auditor /etc/swift/container-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_container_replicator.json: command: /usr/bin/swift-container-replicator /etc/swift/container-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_container_updater.json: command: /usr/bin/swift-container-updater /etc/swift/container-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_container_server.json: command: /usr/bin/swift-container-server /etc/swift/container-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_object_auditor.json: command: /usr/bin/swift-object-auditor /etc/swift/object-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_object_expirer.json: command: /usr/bin/swift-object-expirer /etc/swift/object-expirer.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_object_replicator.json: command: /usr/bin/swift-object-replicator /etc/swift/object-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_object_updater.json: command: /usr/bin/swift-object-updater /etc/swift/object-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/swift_object_server.json: command: /usr/bin/swift-object-server /etc/swift/object-server.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/swift owner: swift:swift recurse: true - /var/lib/kolla/config_files/swift_xinetd_rsync.json: - command: /usr/sbin/xinetd -dontfork + /var/lib/kolla/config_files/swift_rsync.json: + command: /usr/bin/rsync --daemon --no-detach --config=/etc/rsyncd.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true docker_config: step_3: # The puppet config sets this up but we don't have a way to mount the named @@ -150,7 +220,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_account_auditor.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -167,7 +237,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_account_reaper.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -183,7 +253,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_account_replicator.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -199,7 +269,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_account_server.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -218,7 +288,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_container_auditor.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -234,7 +304,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_container_replicator.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -250,7 +320,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_container_updater.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -266,7 +336,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_container_server.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -285,7 +355,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_object_auditor.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -304,7 +374,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_object_expirer.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -320,7 +390,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_object_replicator.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -336,7 +406,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_object_updater.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev @@ -352,13 +422,13 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/swift_object_server.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc/swift:/etc/swift:rw + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev - /var/log/containers/swift:/var/log/swift environment: *kolla_env - swift_xinetd_rsync: + swift_rsync: image: *swift_object_image net: host user: root @@ -368,8 +438,8 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - - - /var/lib/kolla/config_files/swift_xinetd_rsync.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/swift/etc:/etc + - /var/lib/kolla/config_files/swift_rsync.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro - /run:/run - /srv/node:/srv/node - /dev:/dev diff --git a/docker/services/tacker.yaml b/docker/services/tacker.yaml index 84175c57..793a1743 100644 --- a/docker/services/tacker.yaml +++ b/docker/services/tacker.yaml @@ -76,6 +76,11 @@ outputs: kolla_config: /var/lib/kolla/config_files/tacker_api.json: command: /usr/bin/tacker-server --config-file=/etc/tacker/tacker.conf --log-file=/var/log/tacker/api.log + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/tacker owner: tacker:tacker @@ -104,7 +109,10 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - - - /var/lib/config-data/tacker/etc/:/etc/:ro + # FIXME(mandre) mounting /etc rw to workaround LP1696283 + # This should go away anyway and mount the exact files it + # needs or use kolla set_configs.py + - /var/lib/config-data/tacker/etc/:/etc/ - /var/log/containers/tacker:/var/log/tacker command: "/usr/bin/bootstrap_host_exec tacker su tacker -s /bin/bash -c 'tacker-db-manage --config-file /etc/tacker/tacker.conf upgrade head'" step_4: @@ -118,7 +126,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/tacker_api.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/tacker/etc/tacker/:/etc/tacker/:ro + - /var/lib/config-data/puppet-generated/tacker/:/var/lib/kolla/config_files/src:ro - /var/log/containers/tacker:/var/log/tacker environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml index 17524e5e..ea1fd768 100644 --- a/docker/services/zaqar.yaml +++ b/docker/services/zaqar.yaml @@ -74,8 +74,18 @@ outputs: kolla_config: /var/lib/kolla/config_files/zaqar.json: command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true /var/lib/kolla/config_files/zaqar_websocket.json: command: /usr/bin/zaqar-server --config-file /etc/zaqar/zaqar.conf --config-file /etc/zaqar/1.conf + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true permissions: - path: /var/log/zaqar owner: zaqar:zaqar @@ -98,11 +108,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro - - /var/lib/config-data/zaqar/var/www/:/var/www/:ro - - /var/lib/config-data/zaqar/etc/httpd/conf/:/etc/httpd/conf/:ro - - /var/lib/config-data/zaqar/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro - - /var/lib/config-data/zaqar/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro + - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro - /var/log/containers/zaqar:/var/log/zaqar environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS @@ -116,9 +122,7 @@ outputs: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/zaqar_websocket.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro - - /var/lib/config-data/zaqar/var/www/:/var/www/:ro - - /var/lib/config-data/zaqar/etc/httpd/:/etc/httpd/:ro + - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro - /var/log/containers/zaqar:/var/log/zaqar environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS |