aboutsummaryrefslogtreecommitdiffstats
path: root/docker
diff options
context:
space:
mode:
Diffstat (limited to 'docker')
-rw-r--r--docker/docker-steps.j218
-rw-r--r--docker/services/aodh-api.yaml19
-rw-r--r--docker/services/gnocchi-api.yaml19
-rw-r--r--docker/services/panko-api.yaml19
4 files changed, 71 insertions, 4 deletions
diff --git a/docker/docker-steps.j2 b/docker/docker-steps.j2
index f0af8e25..643727db 100644
--- a/docker/docker-steps.j2
+++ b/docker/docker-steps.j2
@@ -9,6 +9,8 @@
{%- endfor -%}
{%- set primary_role_name = primary_role[0].name -%}
# primary role is: {{primary_role_name}}
+{% set deploy_steps_max = 6 -%}
+
heat_template_version: ocata
description: >
@@ -45,12 +47,16 @@ resources:
value:
yaql:
expression:
- dict($.data.docker_puppet_tasks.where($1 != null).selectMany($.items()).groupBy($[0], $[1]))
+ $.data.default_tasks + dict($.data.docker_puppet_tasks.where($1 != null).selectMany($.items()).groupBy($[0], $[1]))
data:
docker_puppet_tasks: {get_param: [role_data, {{primary_role_name}}, docker_puppet_tasks]}
+ default_tasks:
+{%- for step in range(1, deploy_steps_max) %}
+ step_{{step}}: {}
+{%- endfor %}
# BEGIN primary_role_name docker-puppet-tasks (run only on a single node)
-{% for step in range(1, 6) %}
+{% for step in range(1, deploy_steps_max) %}
{{primary_role_name}}DockerPuppetJsonConfig{{step}}:
type: OS::Heat::StructuredConfig
@@ -176,6 +182,8 @@ resources:
properties:
group: script
config: {get_file: docker-puppet.py}
+ inputs:
+ - name: NET_HOST
{{role.name}}GenerateConfigDeployment:
type: OS::Heat::SoftwareDeploymentGroup
@@ -184,6 +192,8 @@ resources:
name: {{role.name}}GenerateConfigDeployment
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}GenerateConfig}
+ input_values:
+ NET_HOST: 'true'
{{role.name}}PuppetStepConfig:
type: OS::Heat::Value
@@ -260,7 +270,7 @@ resources:
properties:
StepConfig: {get_attr: [{{role.name}}PuppetStepConfig, value]}
- {% for step in range(1, 6) %}
+ {% for step in range(1, deploy_steps_max) %}
{{role.name}}Deployment_Step{{step}}:
type: OS::Heat::StructuredDeploymentGroup
@@ -286,7 +296,7 @@ resources:
# END BAREMETAL CONFIG STEPS
# BEGIN CONTAINER CONFIG STEPS
- {% for step in range(1, 6) %}
+ {% for step in range(1, deploy_steps_max) %}
{{role.name}}ContainersConfig_Step{{step}}:
type: OS::Heat::StructuredConfig
diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml
index 3181fad7..9480ce84 100644
--- a/docker/services/aodh-api.yaml
+++ b/docker/services/aodh-api.yaml
@@ -26,6 +26,13 @@ parameters:
DefaultPasswords:
default: {}
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
@@ -104,9 +111,21 @@ outputs:
- /var/lib/config-data/aodh/etc/httpd/:/etc/httpd/:ro
- /var/lib/config-data/aodh/var/www/:/var/www/:ro
- logs:/var/log
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
- name: Stop and disable aodh service (running under httpd)
tags: step2
service: name=httpd state=stopped enabled=no
+ metadata_settings:
+ get_attr: [AodhApiPuppetBase, role_data, metadata_settings]
diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml
index 1c61fa3e..6cddcd54 100644
--- a/docker/services/gnocchi-api.yaml
+++ b/docker/services/gnocchi-api.yaml
@@ -26,6 +26,13 @@ parameters:
DefaultPasswords:
default: {}
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
@@ -103,9 +110,21 @@ outputs:
- /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- /var/lib/config-data/gnocchi/etc/httpd/:/etc/httpd/:ro
- /var/lib/config-data/gnocchi/var/www/:/var/www/:ro
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
- name: Stop and disable httpd service
tags: step2
service: name=httpd state=stopped enabled=no
+ metadata_settings:
+ get_attr: [GnocchiApiPuppetBase, role_data, metadata_settings]
diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml
index 61bdf7ac..e87bb570 100644
--- a/docker/services/panko-api.yaml
+++ b/docker/services/panko-api.yaml
@@ -26,6 +26,13 @@ parameters:
DefaultPasswords:
default: {}
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
@@ -104,5 +111,17 @@ outputs:
- /var/lib/config-data/panko/etc/panko/:/etc/panko/:ro
- /var/lib/config-data/panko/etc/httpd/:/etc/httpd/:ro
- /var/lib/config-data/panko/var/www/:/var/www/:ro
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ metadata_settings:
+ get_attr: [PankoApiPuppetBase, role_data, metadata_settings]