aboutsummaryrefslogtreecommitdiffstats
path: root/docker
diff options
context:
space:
mode:
Diffstat (limited to 'docker')
-rw-r--r--docker/services/ceph-ansible/ceph-base.yaml2
-rw-r--r--docker/services/horizon.yaml17
-rw-r--r--docker/services/logrotate-crond.yaml84
-rw-r--r--docker/services/nova-libvirt.yaml2
4 files changed, 103 insertions, 2 deletions
diff --git a/docker/services/ceph-ansible/ceph-base.yaml b/docker/services/ceph-ansible/ceph-base.yaml
index 0399faf8..f09e98ce 100644
--- a/docker/services/ceph-ansible/ceph-base.yaml
+++ b/docker/services/ceph-ansible/ceph-base.yaml
@@ -94,7 +94,7 @@ parameters:
default: vms
type: string
CephClientKey:
- description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+ description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
CephClientUserName:
diff --git a/docker/services/horizon.yaml b/docker/services/horizon.yaml
index 3d3bc7c3..f2f2b8dc 100644
--- a/docker/services/horizon.yaml
+++ b/docker/services/horizon.yaml
@@ -36,6 +36,13 @@ parameters:
default: {}
description: Parameters specific to the role
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
@@ -117,6 +124,16 @@ outputs:
- /var/lib/kolla/config_files/horizon.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/horizon/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/horizon:/var/log/horizon
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
diff --git a/docker/services/logrotate-crond.yaml b/docker/services/logrotate-crond.yaml
new file mode 100644
index 00000000..22ee5b56
--- /dev/null
+++ b/docker/services/logrotate-crond.yaml
@@ -0,0 +1,84 @@
+heat_template_version: pike
+
+description: >
+ Containerized logrotate with crond for containerized service logs rotation
+
+parameters:
+ DockerCrondImage:
+ description: image
+ type: string
+ DockerCrondConfigImage:
+ description: The container image to use for the crond config_volume
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+outputs:
+ role_data:
+ description: Role data for the crond role.
+ value:
+ service_name: logrotate_crond
+ config_settings: {}
+ step_config: &step_config |
+ include ::tripleo::profile::base::logging::logrotate
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: crond
+ step_config: *step_config
+ config_image: {get_param: DockerCrondConfigImage}
+ kolla_config:
+ /var/lib/kolla/config_files/logrotate-crond.json:
+ command: /usr/sbin/crond -s -n
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ docker_config:
+ step_4:
+ logrotate_crond:
+ image: {get_param: DockerCrondImage}
+ net: none
+ pid: host
+ privileged: true
+ user: root
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/logrotate-crond.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/crond/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers:/var/log/containers
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index 62c25bb2..47414083 100644
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -61,7 +61,7 @@ parameters:
description: Whether to enable or not the Rbd backend for Cinder
type: boolean
CephClientKey:
- description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+ description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
CephClusterFSID: