diff options
Diffstat (limited to 'docker')
| -rw-r--r-- | docker/docker-steps.j2 | 18 | ||||
| -rw-r--r-- | docker/services/aodh-api.yaml | 19 | ||||
| -rw-r--r-- | docker/services/gnocchi-api.yaml | 19 | ||||
| -rw-r--r-- | docker/services/panko-api.yaml | 19 |
4 files changed, 71 insertions, 4 deletions
diff --git a/docker/docker-steps.j2 b/docker/docker-steps.j2 index f0af8e25..643727db 100644 --- a/docker/docker-steps.j2 +++ b/docker/docker-steps.j2 @@ -9,6 +9,8 @@ {%- endfor -%} {%- set primary_role_name = primary_role[0].name -%} # primary role is: {{primary_role_name}} +{% set deploy_steps_max = 6 -%} + heat_template_version: ocata description: > @@ -45,12 +47,16 @@ resources: value: yaql: expression: - dict($.data.docker_puppet_tasks.where($1 != null).selectMany($.items()).groupBy($[0], $[1])) + $.data.default_tasks + dict($.data.docker_puppet_tasks.where($1 != null).selectMany($.items()).groupBy($[0], $[1])) data: docker_puppet_tasks: {get_param: [role_data, {{primary_role_name}}, docker_puppet_tasks]} + default_tasks: +{%- for step in range(1, deploy_steps_max) %} + step_{{step}}: {} +{%- endfor %} # BEGIN primary_role_name docker-puppet-tasks (run only on a single node) -{% for step in range(1, 6) %} +{% for step in range(1, deploy_steps_max) %} {{primary_role_name}}DockerPuppetJsonConfig{{step}}: type: OS::Heat::StructuredConfig @@ -176,6 +182,8 @@ resources: properties: group: script config: {get_file: docker-puppet.py} + inputs: + - name: NET_HOST {{role.name}}GenerateConfigDeployment: type: OS::Heat::SoftwareDeploymentGroup @@ -184,6 +192,8 @@ resources: name: {{role.name}}GenerateConfigDeployment servers: {get_param: [servers, {{role.name}}]} config: {get_resource: {{role.name}}GenerateConfig} + input_values: + NET_HOST: 'true' {{role.name}}PuppetStepConfig: type: OS::Heat::Value @@ -260,7 +270,7 @@ resources: properties: StepConfig: {get_attr: [{{role.name}}PuppetStepConfig, value]} - {% for step in range(1, 6) %} + {% for step in range(1, deploy_steps_max) %} {{role.name}}Deployment_Step{{step}}: type: OS::Heat::StructuredDeploymentGroup @@ -286,7 +296,7 @@ resources: # END BAREMETAL CONFIG STEPS # BEGIN CONTAINER CONFIG STEPS - {% for step in range(1, 6) %} + {% for step in range(1, deploy_steps_max) %} {{role.name}}ContainersConfig_Step{{step}}: type: OS::Heat::StructuredConfig diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml index 3181fad7..9480ce84 100644 --- a/docker/services/aodh-api.yaml +++ b/docker/services/aodh-api.yaml @@ -26,6 +26,13 @@ parameters: DefaultPasswords: default: {} type: json + EnableInternalTLS: + type: boolean + default: false + +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: @@ -104,9 +111,21 @@ outputs: - /var/lib/config-data/aodh/etc/httpd/:/etc/httpd/:ro - /var/lib/config-data/aodh/var/www/:/var/www/:ro - logs:/var/log + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro + - '' environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS upgrade_tasks: - name: Stop and disable aodh service (running under httpd) tags: step2 service: name=httpd state=stopped enabled=no + metadata_settings: + get_attr: [AodhApiPuppetBase, role_data, metadata_settings] diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml index 1c61fa3e..6cddcd54 100644 --- a/docker/services/gnocchi-api.yaml +++ b/docker/services/gnocchi-api.yaml @@ -26,6 +26,13 @@ parameters: DefaultPasswords: default: {} type: json + EnableInternalTLS: + type: boolean + default: false + +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: @@ -103,9 +110,21 @@ outputs: - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro - /var/lib/config-data/gnocchi/etc/httpd/:/etc/httpd/:ro - /var/lib/config-data/gnocchi/var/www/:/var/www/:ro + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro + - '' environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS upgrade_tasks: - name: Stop and disable httpd service tags: step2 service: name=httpd state=stopped enabled=no + metadata_settings: + get_attr: [GnocchiApiPuppetBase, role_data, metadata_settings] diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml index 61bdf7ac..e87bb570 100644 --- a/docker/services/panko-api.yaml +++ b/docker/services/panko-api.yaml @@ -26,6 +26,13 @@ parameters: DefaultPasswords: default: {} type: json + EnableInternalTLS: + type: boolean + default: false + +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: @@ -104,5 +111,17 @@ outputs: - /var/lib/config-data/panko/etc/panko/:/etc/panko/:ro - /var/lib/config-data/panko/etc/httpd/:/etc/httpd/:ro - /var/lib/config-data/panko/var/www/:/var/www/:ro + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro + - '' environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + metadata_settings: + get_attr: [PankoApiPuppetBase, role_data, metadata_settings] |