aboutsummaryrefslogtreecommitdiffstats
path: root/docker
diff options
context:
space:
mode:
Diffstat (limited to 'docker')
-rwxr-xr-xdocker/docker-puppet.py86
-rw-r--r--docker/docker-steps.j252
-rw-r--r--docker/services/aodh-api.yaml52
-rw-r--r--docker/services/aodh-evaluator.yaml14
-rw-r--r--docker/services/aodh-listener.yaml14
-rw-r--r--docker/services/aodh-notifier.yaml14
-rw-r--r--docker/services/containers-common.yaml16
-rw-r--r--docker/services/database/redis.yaml93
-rw-r--r--docker/services/etcd.yaml105
-rw-r--r--docker/services/glance-api.yaml20
-rw-r--r--docker/services/gnocchi-api.yaml50
-rw-r--r--docker/services/gnocchi-metricd.yaml14
-rw-r--r--docker/services/gnocchi-statsd.yaml14
-rw-r--r--docker/services/heat-api-cfn.yaml18
-rw-r--r--docker/services/heat-api.yaml18
-rw-r--r--docker/services/heat-engine.yaml23
-rw-r--r--docker/services/ironic-api.yaml21
-rw-r--r--docker/services/ironic-conductor.yaml24
-rw-r--r--docker/services/ironic-pxe.yaml51
-rw-r--r--docker/services/keystone.yaml40
-rw-r--r--docker/services/memcached.yaml12
-rw-r--r--docker/services/mistral-api.yaml28
-rw-r--r--docker/services/mistral-engine.yaml16
-rw-r--r--docker/services/mistral-executor.yaml24
-rw-r--r--docker/services/neutron-api.yaml23
-rw-r--r--docker/services/neutron-dhcp.yaml18
-rw-r--r--docker/services/neutron-l3.yaml17
-rw-r--r--docker/services/neutron-ovs-agent.yaml17
-rw-r--r--docker/services/nova-api.yaml14
-rw-r--r--docker/services/nova-compute.yaml36
-rw-r--r--docker/services/nova-conductor.yaml16
-rw-r--r--docker/services/nova-ironic.yaml22
-rw-r--r--docker/services/nova-libvirt.yaml41
-rw-r--r--docker/services/nova-placement.yaml20
-rw-r--r--docker/services/nova-scheduler.yaml16
-rw-r--r--docker/services/panko-api.yaml50
-rw-r--r--docker/services/rabbitmq.yaml51
-rw-r--r--docker/services/swift-proxy.yaml24
-rw-r--r--docker/services/swift-storage.yaml200
-rw-r--r--docker/services/zaqar.yaml32
40 files changed, 953 insertions, 463 deletions
diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py
index 909a2c8a..111005ac 100755
--- a/docker/docker-puppet.py
+++ b/docker/docker-puppet.py
@@ -19,12 +19,20 @@
# inside of a container.
import json
+import logging
import os
import subprocess
import sys
import tempfile
import multiprocessing
+log = logging.getLogger()
+log.setLevel(logging.DEBUG)
+ch = logging.StreamHandler(sys.stdout)
+ch.setLevel(logging.DEBUG)
+formatter = logging.Formatter('%(asctime)s %(levelname)s: %(message)s')
+ch.setFormatter(formatter)
+log.addHandler(ch)
# this is to match what we do in deployed-server
def short_hostname():
@@ -36,42 +44,47 @@ def short_hostname():
def pull_image(name):
- print('Pulling image: %s' % name)
+ log.info('Pulling image: %s' % name)
subproc = subprocess.Popen(['/usr/bin/docker', 'pull', name],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
cmd_stdout, cmd_stderr = subproc.communicate()
- print(cmd_stdout)
- print(cmd_stderr)
+ if cmd_stdout:
+ log.debug(cmd_stdout)
+ if cmd_stderr:
+ log.debug(cmd_stderr)
def rm_container(name):
if os.environ.get('SHOW_DIFF', None):
- print('Diffing container: %s' % name)
+ log.info('Diffing container: %s' % name)
subproc = subprocess.Popen(['/usr/bin/docker', 'diff', name],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
cmd_stdout, cmd_stderr = subproc.communicate()
- print(cmd_stdout)
- print(cmd_stderr)
+ if cmd_stdout:
+ log.debug(cmd_stdout)
+ if cmd_stderr:
+ log.debug(cmd_stderr)
- print('Removing container: %s' % name)
+ log.info('Removing container: %s' % name)
subproc = subprocess.Popen(['/usr/bin/docker', 'rm', name],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
cmd_stdout, cmd_stderr = subproc.communicate()
- print(cmd_stdout)
+ if cmd_stdout:
+ log.debug(cmd_stdout)
if cmd_stderr and \
- cmd_stderr != 'Error response from daemon: ' \
- 'No such container: {}\n'.format(name):
- print(cmd_stderr)
+ cmd_stderr != 'Error response from daemon: ' \
+ 'No such container: {}\n'.format(name):
+ log.debug(cmd_stderr)
process_count = int(os.environ.get('PROCESS_COUNT',
multiprocessing.cpu_count()))
+log.info('Running docker-puppet')
config_file = os.environ.get('CONFIG', '/var/lib/docker-puppet/docker-puppet.json')
-print('docker-puppet')
-print('CONFIG: %s' % config_file)
+log.debug('CONFIG: %s' % config_file)
with open(config_file) as f:
json_data = json.load(f)
@@ -108,16 +121,15 @@ for service in (json_data or []):
if not manifest or not config_image:
continue
- print('---------')
- print('config_volume %s' % config_volume)
- print('puppet_tags %s' % puppet_tags)
- print('manifest %s' % manifest)
- print('config_image %s' % config_image)
- print('volumes %s' % volumes)
+ log.debug('config_volume %s' % config_volume)
+ log.debug('puppet_tags %s' % puppet_tags)
+ log.debug('manifest %s' % manifest)
+ log.debug('config_image %s' % config_image)
+ log.debug('volumes %s' % volumes)
# We key off of config volume for all configs.
if config_volume in configs:
# Append puppet tags and manifest.
- print("Existing service, appending puppet tags and manifest\n")
+ log.info("Existing service, appending puppet tags and manifest")
if puppet_tags:
configs[config_volume][1] = '%s,%s' % (configs[config_volume][1],
puppet_tags)
@@ -125,22 +137,21 @@ for service in (json_data or []):
configs[config_volume][2] = '%s\n%s' % (configs[config_volume][2],
manifest)
if configs[config_volume][3] != config_image:
- print("WARNING: Config containers do not match even though"
- " shared volumes are the same!\n")
+ log.warn("Config containers do not match even though"
+ " shared volumes are the same!")
else:
- print("Adding new service\n")
+ log.info("Adding new service")
configs[config_volume] = service
-print('Service compilation completed.\n')
+log.info('Service compilation completed.')
def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volumes)):
- print('---------')
- print('config_volume %s' % config_volume)
- print('puppet_tags %s' % puppet_tags)
- print('manifest %s' % manifest)
- print('config_image %s' % config_image)
- print('volumes %s' % volumes)
+ log.debug('config_volume %s' % config_volume)
+ log.debug('puppet_tags %s' % puppet_tags)
+ log.debug('manifest %s' % manifest)
+ log.debug('config_image %s' % config_image)
+ log.debug('volumes %s' % volumes)
hostname = short_hostname()
sh_script = '/var/lib/docker-puppet/docker-puppet-%s.sh' % config_volume
@@ -226,18 +237,21 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume
env[k] = os.environ.get(k)
if os.environ.get('NET_HOST', 'false') == 'true':
- print('NET_HOST enabled')
+ log.debug('NET_HOST enabled')
dcmd.extend(['--net', 'host', '--volume',
'/etc/hosts:/etc/hosts:ro'])
dcmd.append(config_image)
+ log.debug('Running docker command: %s' % ' '.join(dcmd))
subproc = subprocess.Popen(dcmd, stdout=subprocess.PIPE,
stderr=subprocess.PIPE, env=env)
cmd_stdout, cmd_stderr = subproc.communicate()
- print(cmd_stdout)
- print(cmd_stderr)
+ if cmd_stdout:
+ log.debug(cmd_stdout)
+ if cmd_stderr:
+ log.debug(cmd_stderr)
if subproc.returncode != 0:
- print('Failed running docker-puppet.py for %s' % config_volume)
+ log.error('Failed running docker-puppet.py for %s' % config_volume)
rm_container('docker-puppet-%s' % config_volume)
return subproc.returncode
@@ -263,7 +277,7 @@ for config_volume in configs:
process_map.append([config_volume, puppet_tags, manifest, config_image, volumes])
for p in process_map:
- print '--\n%s' % p
+ log.debug('- %s' % p)
# Fire off processes to perform each configuration. Defaults
# to the number of CPUs on the system.
@@ -273,7 +287,7 @@ config_volumes = [pm[0] for pm in process_map]
success = True
for returncode, config_volume in zip(returncodes, config_volumes):
if returncode != 0:
- print('ERROR configuring %s' % config_volume)
+ log.error('ERROR configuring %s' % config_volume)
success = False
if not success:
diff --git a/docker/docker-steps.j2 b/docker/docker-steps.j2
index 301d838f..1d5605b2 100644
--- a/docker/docker-steps.j2
+++ b/docker/docker-steps.j2
@@ -1,6 +1,15 @@
# certain initialization steps (run in a container) will occur
-# on the first role listed in the roles file
-{% set primary_role_name = roles[0].name -%}
+# on the role marked as primary controller or the first role listed
+{%- set primary_role = [roles[0]] -%}
+{%- for role in roles -%}
+ {%- if 'primary' in role.tags and 'controller' in role.tags -%}
+ {%- set _ = primary_role.pop() -%}
+ {%- set _ = primary_role.append(role) -%}
+ {%- endif -%}
+{%- endfor -%}
+{%- set primary_role_name = primary_role[0].name -%}
+# primary role is: {{primary_role_name}}
+{% set deploy_steps_max = 6 -%}
heat_template_version: ocata
@@ -38,12 +47,16 @@ resources:
value:
yaql:
expression:
- dict($.data.docker_puppet_tasks.where($1 != null).selectMany($.items()).groupBy($[0], $[1]))
+ $.data.default_tasks + dict($.data.docker_puppet_tasks.where($1 != null).selectMany($.items()).groupBy($[0], $[1]))
data:
docker_puppet_tasks: {get_param: [role_data, {{primary_role_name}}, docker_puppet_tasks]}
+ default_tasks:
+{%- for step in range(1, deploy_steps_max) %}
+ step_{{step}}: {}
+{%- endfor %}
# BEGIN primary_role_name docker-puppet-tasks (run only on a single node)
-{% for step in range(1, 6) %}
+{% for step in range(1, deploy_steps_max) %}
{{primary_role_name}}DockerPuppetJsonConfig{{step}}:
type: OS::Heat::StructuredConfig
@@ -169,6 +182,8 @@ resources:
properties:
group: script
config: {get_file: docker-puppet.py}
+ inputs:
+ - name: NET_HOST
{{role.name}}GenerateConfigDeployment:
type: OS::Heat::SoftwareDeploymentGroup
@@ -177,6 +192,8 @@ resources:
name: {{role.name}}GenerateConfigDeployment
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}GenerateConfig}
+ input_values:
+ NET_HOST: 'true'
{{role.name}}PuppetStepConfig:
type: OS::Heat::Value
@@ -239,21 +256,19 @@ resources:
# BEGIN BAREMETAL CONFIG STEPS
- {% if role.name == 'Controller' %}
- ControllerPrePuppet:
- type: OS::TripleO::Tasks::ControllerPrePuppet
+ {{role.name}}PreConfig:
+ type: OS::TripleO::Tasks::{{role.name}}PreConfig
properties:
- servers: {get_param: [servers, Controller]}
+ servers: {get_param: [servers, {{role.name}}]}
input_values:
update_identifier: {get_param: DeployIdentifier}
- {% endif %}
{{role.name}}Config:
type: OS::TripleO::{{role.name}}Config
properties:
StepConfig: {get_attr: [{{role.name}}PuppetStepConfig, value]}
- {% for step in range(1, 6) %}
+ {% for step in range(1, deploy_steps_max) %}
{{role.name}}Deployment_Step{{step}}:
type: OS::Heat::StructuredDeploymentGroup
@@ -279,7 +294,7 @@ resources:
# END BAREMETAL CONFIG STEPS
# BEGIN CONTAINER CONFIG STEPS
- {% for step in range(1, 6) %}
+ {% for step in range(1, deploy_steps_max) %}
{{role.name}}ContainersConfig_Step{{step}}:
type: OS::Heat::StructuredConfig
@@ -292,10 +307,12 @@ resources:
type: OS::Heat::StructuredDeploymentGroup
{% if step == 1 %}
depends_on:
- - {{role.name}}PreConfig
- {{role.name}}KollaJsonDeployment
- {{role.name}}GenPuppetDeployment
- {{role.name}}GenerateConfigDeployment
+ {%- for dep in roles %}
+ - {{dep.name}}Deployment_Step{{step}} # baremetal steps of the same level run first
+ {%- endfor %}
{% else %}
depends_on:
{% for dep in roles %}
@@ -336,15 +353,4 @@ resources:
properties:
servers: {get_param: [servers, {{role.name}}]}
- {% if role.name == 'Controller' %}
- ControllerPostPuppet:
- depends_on:
- - ControllerExtraConfigPost
- type: OS::TripleO::Tasks::ControllerPostPuppet
- properties:
- servers: {get_param: [servers, Controller]}
- input_values:
- update_identifier: {get_param: DeployIdentifier}
- {% endif %}
-
{% endfor %}
diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml
index 32294958..b93a92e1 100644
--- a/docker/services/aodh-api.yaml
+++ b/docker/services/aodh-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized aodh service
@@ -26,9 +26,19 @@ parameters:
DefaultPasswords:
default: {}
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
AodhApiPuppetBase:
type: ../../puppet/services/aodh-api.yaml
properties:
@@ -62,7 +72,7 @@ outputs:
command: /usr/sbin/httpd -DFOREGROUND
docker_config:
step_3:
- aodh-init-log:
+ aodh_init_log:
start_order: 0
image: *aodh_image
user: root
@@ -76,28 +86,42 @@ outputs:
privileged: false
detach: false
volumes:
- - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - logs:/var/log
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
+ - logs:/var/log
command: /usr/bin/aodh-dbsync
step_4:
- aodh-api:
+ aodh_api:
image: *aodh_image
net: host
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/aodh-api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
- - /var/lib/config-data/aodh/etc/httpd/:/etc/httpd/:ro
- - /var/lib/config-data/aodh/var/www/:/var/www/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - logs:/var/log
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/aodh-api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
+ - /var/lib/config-data/aodh/etc/httpd/:/etc/httpd/:ro
+ - /var/lib/config-data/aodh/var/www/:/var/www/:ro
+ - logs:/var/log
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
- name: Stop and disable aodh service (running under httpd)
tags: step2
service: name=httpd state=stopped enabled=no
+ metadata_settings:
+ get_attr: [AodhApiPuppetBase, role_data, metadata_settings]
diff --git a/docker/services/aodh-evaluator.yaml b/docker/services/aodh-evaluator.yaml
index 1553df3c..c8e7d691 100644
--- a/docker/services/aodh-evaluator.yaml
+++ b/docker/services/aodh-evaluator.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Aodh Evaluator service
@@ -29,6 +29,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
AodhEvaluatorBase:
type: ../../puppet/services/aodh-evaluator.yaml
properties:
@@ -67,10 +70,11 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/aodh-evaluator.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/aodh-evaluator.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/aodh-listener.yaml b/docker/services/aodh-listener.yaml
index 300dfde3..9e65c1c4 100644
--- a/docker/services/aodh-listener.yaml
+++ b/docker/services/aodh-listener.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Aodh Listener service
@@ -29,6 +29,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
AodhListenerBase:
type: ../../puppet/services/aodh-listener.yaml
properties:
@@ -67,10 +70,11 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/aodh-listener.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/aodh-listener.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/aodh-notifier.yaml b/docker/services/aodh-notifier.yaml
index b4056603..402b8abf 100644
--- a/docker/services/aodh-notifier.yaml
+++ b/docker/services/aodh-notifier.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Aodh Notifier service
@@ -29,6 +29,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
AodhNotifierBase:
type: ../../puppet/services/aodh-notifier.yaml
properties:
@@ -67,10 +70,11 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/aodh-notifier.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/aodh-notifier.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/containers-common.yaml b/docker/services/containers-common.yaml
new file mode 100644
index 00000000..d3561f6b
--- /dev/null
+++ b/docker/services/containers-common.yaml
@@ -0,0 +1,16 @@
+heat_template_version: ocata
+
+description: >
+ Contains a static list of common things necessary for containers
+
+outputs:
+ volumes:
+ description: Common volumes for the containers.
+ value:
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ # OpenSSL trusted CAs
+ - /etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro
+ - /etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt:ro
+ - /etc/pki/tls/certs/ca-bundle.trust.crt:/etc/pki/tls/certs/ca-bundle.trust.crt:ro
+ - /etc/pki/tls/cert.pem:/etc/pki/tls/cert.pem:ro
diff --git a/docker/services/database/redis.yaml b/docker/services/database/redis.yaml
new file mode 100644
index 00000000..aa615919
--- /dev/null
+++ b/docker/services/database/redis.yaml
@@ -0,0 +1,93 @@
+heat_template_version: ocata
+
+description: >
+ OpenStack containerized Redis services
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerRedisImage:
+ description: image
+ default: 'centos-binary-redis:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+
+resources:
+
+ RedisBase:
+ type: ../../../puppet/services/database/redis.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+
+outputs:
+ role_data:
+ description: Role data for the Redis API role.
+ value:
+ service_name: {get_attr: [RedisBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - {get_attr: [RedisBase, role_data, config_settings]}
+ - redis::daemonize: false
+ step_config: &step_config
+ get_attr: [RedisBase, role_data, step_config]
+ service_config_settings: {get_attr: [RedisBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: 'redis'
+ # NOTE: we need the exec tag to copy /etc/redis.conf.puppet to
+ # /etc/redis.conf
+ # https://github.com/arioch/puppet-redis/commit/1c004143223e660cbd433422ff8194508aab9763
+ puppet_tags: 'exec'
+ step_config: *step_config
+ config_image: &redis_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerRedisImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/redis.json:
+ command: /usr/bin/redis-server /etc/redis.conf
+ permissions:
+ - path: /var/run/redis
+ owner: redis:redis
+ recurse: true
+ docker_config:
+ step_1:
+ redis:
+ image: *redis_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ - /run:/run
+ - /var/lib/kolla/config_files/redis.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/redis/etc/:/etc/:ro
+ - /etc/localtime:/etc/localtime:ro
+ - logs:/var/log/kolla
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create /var/run/redis
+ file:
+ path: /var/run/redis
+ state: directory
+ upgrade_tasks:
+ - name: Stop and disable redis service
+ tags: step2
+ service: name=redis state=stopped enabled=no
diff --git a/docker/services/etcd.yaml b/docker/services/etcd.yaml
new file mode 100644
index 00000000..0a7daef8
--- /dev/null
+++ b/docker/services/etcd.yaml
@@ -0,0 +1,105 @@
+heat_template_version: ocata
+
+description: >
+ OpenStack containerized etcd services
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerEtcdImage:
+ description: image
+ default: 'centos-binary-etcd:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EtcdInitialClusterToken:
+ description: Initial cluster token for the etcd cluster during bootstrap.
+ type: string
+ hidden: true
+
+resources:
+
+ EtcdPuppetBase:
+ type: ../../puppet/services/etcd.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EtcdInitialClusterToken: {get_param: EtcdInitialClusterToken}
+
+outputs:
+ role_data:
+ description: Role data for the etcd role.
+ value:
+ service_name: {get_attr: [EtcdPuppetBase, role_data, service_name]}
+ step_config: &step_config
+ list_join:
+ - "\n"
+ - - "['Etcd_key'].each |String $val| { noop_resource($val) }"
+ - get_attr: [EtcdPuppetBase, role_data, step_config]
+ config_settings:
+ map_merge:
+ - {get_attr: [EtcdPuppetBase, role_data, config_settings]}
+ - etcd::manage_service: false
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: etcd
+ step_config: *step_config
+ config_image: &etcd_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerEtcdImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/etcd.json:
+ command: /usr/bin/etcd --config-file /etc/etcd/etcd.yml
+ permissions:
+ - path: /var/lib/etcd
+ owner: etcd:etcd
+ recurse: true
+ docker_config:
+ step_2:
+ etcd:
+ image: *etcd_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ - /var/lib/etcd:/var/lib/etcd
+ - /etc/localtime:/etc/localtime:ro
+ - /var/lib/kolla/config_files/etcd.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/etcd/etc/etcd/etcd.yml:/etc/etcd/etcd.yml:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ docker_puppet_tasks:
+ # Etcd keys initialization occurs only on single node
+ step_2:
+ config_volume: 'etcd_init_tasks'
+ puppet_tags: 'etcd_key'
+ step_config: 'include ::tripleo::profile::base::etcd'
+ config_image: *etcd_image
+ volumes:
+ - /var/lib/config-data/etcd/etc/:/etc
+ - /var/lib/etcd:/var/lib/etcd:ro
+ host_prep_tasks:
+ - name: create /var/lib/etcd
+ file:
+ path: /var/lib/etcd
+ state: directory
+ upgrade_tasks:
+ - name: Stop and disable etcd service
+ tags: step2
+ service: name=etcd state=stopped enabled=no
diff --git a/docker/services/glance-api.yaml b/docker/services/glance-api.yaml
index fdfdbc68..7f4ee434 100644
--- a/docker/services/glance-api.yaml
+++ b/docker/services/glance-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Glance service configured with Puppet
@@ -29,6 +29,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
GlanceApiPuppetBase:
type: ../../puppet/services/glance-api.yaml
properties:
@@ -68,13 +71,14 @@ outputs:
privileged: false
detach: false
volumes: &glance_volumes
- - /var/lib/kolla/config_files/glance-api.json:/var/lib/kolla/config_files/config.json
- - /var/lib/config-data/glance_api/etc/glance/:/etc/glance/:ro
- - /etc/localtime:/etc/localtime:ro
- - /lib/modules:/lib/modules:ro
- - /run:/run
- - /dev:/dev
- - /etc/hosts:/etc/hosts:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/glance-api.json:/var/lib/kolla/config_files/config.json
+ - /var/lib/config-data/glance_api/etc/glance/:/etc/glance/:ro
+ - /lib/modules:/lib/modules:ro
+ - /run:/run
+ - /dev:/dev
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml
index 659785aa..3fbdac4e 100644
--- a/docker/services/gnocchi-api.yaml
+++ b/docker/services/gnocchi-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized gnocchi service
@@ -26,9 +26,19 @@ parameters:
DefaultPasswords:
default: {}
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
GnocchiApiPuppetBase:
type: ../../puppet/services/gnocchi-api.yaml
properties:
@@ -62,7 +72,7 @@ outputs:
command: /usr/sbin/httpd -DFOREGROUND
docker_config:
step_3:
- gnocchi-init-log:
+ gnocchi_init_log:
start_order: 0
image: *gnocchi_image
user: root
@@ -76,27 +86,41 @@ outputs:
detach: false
privileged: false
volumes:
- - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - logs:/var/log
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
+ - logs:/var/log
command: ["/usr/bin/gnocchi-upgrade", "--skip-storage"]
step_4:
- gnocchi-api:
+ gnocchi_api:
image: *gnocchi_image
net: host
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/gnocchi-api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- - /var/lib/config-data/gnocchi/etc/httpd/:/etc/httpd/:ro
- - /var/lib/config-data/gnocchi/var/www/:/var/www/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/gnocchi-api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
+ - /var/lib/config-data/gnocchi/etc/httpd/:/etc/httpd/:ro
+ - /var/lib/config-data/gnocchi/var/www/:/var/www/:ro
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
- name: Stop and disable httpd service
tags: step2
service: name=httpd state=stopped enabled=no
+ metadata_settings:
+ get_attr: [GnocchiApiPuppetBase, role_data, metadata_settings]
diff --git a/docker/services/gnocchi-metricd.yaml b/docker/services/gnocchi-metricd.yaml
index 78494d66..9739735b 100644
--- a/docker/services/gnocchi-metricd.yaml
+++ b/docker/services/gnocchi-metricd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Gnocchi Metricd service
@@ -29,6 +29,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
GnocchiMetricdBase:
type: ../../puppet/services/gnocchi-metricd.yaml
properties:
@@ -65,10 +68,11 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/gnocchi-metricd.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/gnocchi-metricd.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/gnocchi-statsd.yaml b/docker/services/gnocchi-statsd.yaml
index 7f439846..8b3071a3 100644
--- a/docker/services/gnocchi-statsd.yaml
+++ b/docker/services/gnocchi-statsd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Gnocchi Statsd service
@@ -29,6 +29,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
GnocchiStatsdBase:
type: ../../puppet/services/gnocchi-statsd.yaml
properties:
@@ -65,10 +68,11 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/gnocchi-statsd.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/gnocchi-statsd.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/heat-api-cfn.yaml b/docker/services/heat-api-cfn.yaml
index e1226471..ae46e92b 100644
--- a/docker/services/heat-api-cfn.yaml
+++ b/docker/services/heat-api-cfn.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Heat API CFN service
@@ -35,6 +35,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
HeatBase:
type: ../../puppet/services/heat-api-cfn.yaml
properties:
@@ -77,12 +80,13 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/heat_api_cfn.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /dev:/dev
- - /run:/run
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/heat_api_cfn.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
+ - /dev:/dev
+ - /run:/run
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/heat-api.yaml b/docker/services/heat-api.yaml
index 3212d909..e75ba0ae 100644
--- a/docker/services/heat-api.yaml
+++ b/docker/services/heat-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Heat API service
@@ -35,6 +35,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
HeatBase:
type: ../../puppet/services/heat-api.yaml
properties:
@@ -77,12 +80,13 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/heat_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /dev:/dev
- - /run:/run
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/heat_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
+ - /dev:/dev
+ - /run:/run
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/heat-engine.yaml b/docker/services/heat-engine.yaml
index 83c63095..ced81561 100644
--- a/docker/services/heat-engine.yaml
+++ b/docker/services/heat-engine.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Heat Engine service
@@ -30,6 +30,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
HeatBase:
type: ../../puppet/services/heat-engine.yaml
properties:
@@ -69,9 +72,10 @@ outputs:
privileged: false
detach: false
volumes:
- - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
command: ['heat-manage', 'db_sync']
step_4:
heat_engine:
@@ -80,11 +84,12 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/heat_engine.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/heat_engine.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
+ - /run:/run
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml
index bef84e2e..a15e74d0 100644
--- a/docker/services/ironic-api.yaml
+++ b/docker/services/ironic-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Ironic API service
@@ -33,6 +33,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
IronicApiBase:
type: ../../puppet/services/ironic-api.yaml
properties:
@@ -74,9 +77,10 @@ outputs:
privileged: false
detach: false
volumes:
- - /var/lib/config-data/ironic/etc/:/etc/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/ironic/etc/:/etc/:ro
command: ['ironic-dbsync', '--config-file', '/etc/ironic/ironic.conf']
step_4:
ironic_api:
@@ -86,10 +90,11 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/ironic_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ironic/etc/:/etc/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/ironic_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/ironic/etc/:/etc/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/ironic-conductor.yaml b/docker/services/ironic-conductor.yaml
index 3047f30b..99d67e04 100644
--- a/docker/services/ironic-conductor.yaml
+++ b/docker/services/ironic-conductor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Ironic Conductor service
@@ -33,6 +33,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
IronicConductorBase:
type: ../../puppet/services/ironic-conductor.yaml
properties:
@@ -87,15 +90,16 @@ outputs:
privileged: true
restart: always
volumes:
- - /var/lib/kolla/config_files/ironic_conductor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /lib/modules:/lib/modules:ro
- - /sys:/sys
- - /dev:/dev
- - /run:/run #shared?
- - /var/lib/ironic:/var/lib/ironic
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/ironic_conductor.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro
+ - /lib/modules:/lib/modules:ro
+ - /sys:/sys
+ - /dev:/dev
+ - /run:/run #shared?
+ - /var/lib/ironic:/var/lib/ironic
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
diff --git a/docker/services/ironic-pxe.yaml b/docker/services/ironic-pxe.yaml
index 51538e73..7b72db20 100644
--- a/docker/services/ironic-pxe.yaml
+++ b/docker/services/ironic-pxe.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Ironic PXE service
@@ -31,6 +31,11 @@ parameters:
default: {}
type: json
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
outputs:
role_data:
description: Role data for the Ironic PXE role.
@@ -65,21 +70,22 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/ironic_pxe_tftp.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro
- # TODO(mandre) check how docker like mounting in a bind-mounted tree
- # This directory may contain migrated data from BM
- - /var/lib/ironic:/var/lib/ironic/
- # These files were generated by puppet inside the config container
- # TODO(mandre) check the mount permission (ro/rw)
- - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/chain.c32:/var/lib/ironic/tftpboot/chain.c32
- - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/pxelinux.0:/var/lib/ironic/tftpboot/pxelinux.0
- - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/ipxe.efi:/var/lib/ironic/tftpboot/ipxe.efi
- - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/undionly.kpxe:/var/lib/ironic/tftpboot/undionly.kpxe
- - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/map-file:/var/lib/ironic/tftpboot/map-file
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /dev/log:/dev/log
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/ironic_pxe_tftp.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro
+ # TODO(mandre) check how docker like mounting in a bind-mounted tree
+ # This directory may contain migrated data from BM
+ - /var/lib/ironic:/var/lib/ironic/
+ # These files were generated by puppet inside the config container
+ # TODO(mandre) check the mount permission (ro/rw)
+ - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/chain.c32:/var/lib/ironic/tftpboot/chain.c32
+ - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/pxelinux.0:/var/lib/ironic/tftpboot/pxelinux.0
+ - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/ipxe.efi:/var/lib/ironic/tftpboot/ipxe.efi
+ - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/undionly.kpxe:/var/lib/ironic/tftpboot/undionly.kpxe
+ - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/map-file:/var/lib/ironic/tftpboot/map-file
+ - /dev/log:/dev/log
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
ironic_pxe_http:
@@ -89,12 +95,13 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/ironic_pxe_http.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro
- - /var/lib/config-data/ironic/etc/httpd/:/etc/httpd/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /var/lib/ironic:/var/lib/ironic/
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/ironic_pxe_http.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro
+ - /var/lib/config-data/ironic/etc/httpd/:/etc/httpd/:ro
+ - /var/lib/ironic:/var/lib/ironic/
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml
index 526a357b..a751c054 100644
--- a/docker/services/keystone.yaml
+++ b/docker/services/keystone.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Keystone service
@@ -42,6 +42,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
KeystoneBase:
type: ../../puppet/services/keystone.yaml
properties:
@@ -96,23 +99,24 @@ outputs:
privileged: false
detach: false
volumes: &keystone_volumes
- - /var/lib/kolla/config_files/keystone.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/keystone/var/www/:/var/www/:ro
- - /var/lib/config-data/keystone/etc/keystone/:/etc/keystone/:ro
- - /var/lib/config-data/keystone/etc/httpd/:/etc/httpd/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - logs:/var/log
- -
- if:
- - internal_tls_enabled
- - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
- - ''
- -
- if:
- - internal_tls_enabled
- - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
- - ''
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/keystone.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/keystone/var/www/:/var/www/:ro
+ - /var/lib/config-data/keystone/etc/keystone/:/etc/keystone/:ro
+ - /var/lib/config-data/keystone/etc/httpd/:/etc/httpd/:ro
+ - logs:/var/log
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
diff --git a/docker/services/memcached.yaml b/docker/services/memcached.yaml
index a78be3c8..f9d73f4d 100644
--- a/docker/services/memcached.yaml
+++ b/docker/services/memcached.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Memcached services
@@ -29,6 +29,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
MemcachedBase:
type: ../../puppet/services/memcached.yaml
properties:
@@ -63,9 +66,10 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/config-data/memcached/etc/sysconfig/memcached:/etc/sysconfig/memcached:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/memcached/etc/sysconfig/memcached:/etc/sysconfig/memcached:ro
command: ['/bin/bash', '-c', 'source /etc/sysconfig/memcached; /usr/bin/memcached -p ${PORT} -u ${USER} -m ${CACHESIZE} -c ${MAXCONN} $OPTIONS']
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
diff --git a/docker/services/mistral-api.yaml b/docker/services/mistral-api.yaml
index 5b5e1f50..652656ef 100644
--- a/docker/services/mistral-api.yaml
+++ b/docker/services/mistral-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Mistral API service
@@ -33,6 +33,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
MistralApiBase:
type: ../../puppet/services/mistral-api.yaml
properties:
@@ -75,9 +78,10 @@ outputs:
privileged: false
detach: false
volumes:
- - /var/lib/config-data/mistral/etc/:/etc/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/mistral/etc/:/etc/:ro
command: ['mistral-db-manage', '--config-file', '/etc/mistral/mistral.conf', 'upgrade', 'head']
mistral_db_populate:
start_order: 2
@@ -86,9 +90,10 @@ outputs:
privileged: false
detach: false
volumes:
- - /var/lib/config-data/mistral/etc/:/etc/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/mistral/etc/:/etc/:ro
# NOTE: dprince this requires that we install openstack-tripleo-common into
# the Mistral API image so that we get tripleo* actions
command: ['mistral-db-manage', '--config-file', '/etc/mistral/mistral.conf', 'populate']
@@ -100,10 +105,11 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/mistral_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/mistral_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/mistral-engine.yaml b/docker/services/mistral-engine.yaml
index feecd5d7..9d543da9 100644
--- a/docker/services/mistral-engine.yaml
+++ b/docker/services/mistral-engine.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Mistral Engine service
@@ -34,6 +34,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
MistralBase:
type: ../../puppet/services/mistral-engine.yaml
properties:
@@ -75,11 +78,12 @@ outputs:
privileged: false
restart: always
volumes:
- - /run:/run
- - /var/lib/kolla/config_files/mistral_engine.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /run:/run
+ - /var/lib/kolla/config_files/mistral_engine.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/mistral-executor.yaml b/docker/services/mistral-executor.yaml
index 45fed7b2..9c3bfb33 100644
--- a/docker/services/mistral-executor.yaml
+++ b/docker/services/mistral-executor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Mistral Executor service
@@ -34,6 +34,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
MistralBase:
type: ../../puppet/services/mistral-executor.yaml
properties:
@@ -75,15 +78,16 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/mistral_executor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- # FIXME: this is required in order for Nova cells
- # initialization workflows on the Undercloud. Need to
- # exclude this on the overcloud for security reasons.
- - /var/lib/config-data/nova/etc/nova:/etc/nova:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/mistral_executor.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro
+ - /run:/run
+ # FIXME: this is required in order for Nova cells
+ # initialization workflows on the Undercloud. Need to
+ # exclude this on the overcloud for security reasons.
+ - /var/lib/config-data/nova/etc/nova:/etc/nova:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml
index c5001a30..06675089 100644
--- a/docker/services/neutron-api.yaml
+++ b/docker/services/neutron-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Neutron API service
@@ -34,6 +34,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
NeutronBase:
type: ../../puppet/services/neutron-api.yaml
properties:
@@ -78,10 +81,11 @@ outputs:
# and run as neutron user
user: root
volumes:
- - /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro
- - /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro
+ - /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro
command: ['neutron-db-manage', 'upgrade', 'heads']
step_4:
neutron_api:
@@ -90,10 +94,11 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/neutron_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/neutron_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/neutron-dhcp.yaml b/docker/services/neutron-dhcp.yaml
index 03fbf766..b17e97b1 100644
--- a/docker/services/neutron-dhcp.yaml
+++ b/docker/services/neutron-dhcp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Neutron DHCP service
@@ -34,6 +34,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
NeutronBase:
type: ../../puppet/services/neutron-dhcp.yaml
properties:
@@ -76,12 +79,13 @@ outputs:
privileged: true
restart: always
volumes:
- - /var/lib/kolla/config_files/neutron_dhcp.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
- - /etc/localtime:/etc/localtime:ro
- - /etc/hosts:/etc/hosts:ro
- - /lib/modules:/lib/modules:ro
- - /run/:/run
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/neutron_dhcp.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
+ - /lib/modules:/lib/modules:ro
+ - /run/:/run
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/neutron-l3.yaml b/docker/services/neutron-l3.yaml
index 0b04b56d..c9441b11 100644
--- a/docker/services/neutron-l3.yaml
+++ b/docker/services/neutron-l3.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Neutron L3 agent
@@ -34,6 +34,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
NeutronL3Base:
type: ../../puppet/services/neutron-l3.yaml
properties:
@@ -72,10 +75,12 @@ outputs:
privileged: true
restart: always
volumes:
- - /var/lib/kolla/config_files/neutron-l3-agent.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
- - /etc/localtime:/etc/localtime:ro
- - /lib/modules:/lib/modules:ro
- - /run:/run
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/neutron-l3-agent.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
+ - /lib/modules:/lib/modules:ro
+ - /run:/run
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
diff --git a/docker/services/neutron-ovs-agent.yaml b/docker/services/neutron-ovs-agent.yaml
index bea08e91..70851f7d 100644
--- a/docker/services/neutron-ovs-agent.yaml
+++ b/docker/services/neutron-ovs-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Neutron openvswitch service
@@ -29,6 +29,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
NeutronOvsAgentBase:
type: ../../puppet/services/neutron-ovs-agent.yaml
properties:
@@ -64,11 +67,13 @@ outputs:
privileged: true
restart: always
volumes:
- - /var/lib/kolla/config_files/neutron-openvswitch-agent.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
- - /etc/localtime:/etc/localtime:ro
- - /lib/modules:/lib/modules:ro
- - /run:/run
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/neutron-openvswitch-agent.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
+ - /lib/modules:/lib/modules:ro
+ - /run:/run
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml
index 97fafb09..6817fc7f 100644
--- a/docker/services/nova-api.yaml
+++ b/docker/services/nova-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Nova API service
@@ -33,6 +33,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
NovaApiBase:
type: ../../puppet/services/nova-api.yaml
properties:
@@ -126,10 +129,11 @@ outputs:
privileged: true
restart: always
volumes:
- - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
step_5:
diff --git a/docker/services/nova-compute.yaml b/docker/services/nova-compute.yaml
index eefcb367..624596ec 100644
--- a/docker/services/nova-compute.yaml
+++ b/docker/services/nova-compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Nova Compute service
@@ -29,6 +29,8 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
NovaComputeBase:
type: ../../puppet/services/nova-compute.yaml
@@ -42,7 +44,15 @@ outputs:
description: Role data for the Nova Compute service.
value:
service_name: {get_attr: [NovaComputeBase, role_data, service_name]}
- config_settings: {get_attr: [NovaComputeBase, role_data, config_settings]}
+ config_settings:
+ map_merge:
+ - get_attr: [NovaComputeBase, role_data, config_settings]
+ # FIXME: we need to disable migration for now as the
+ # hieradata is common for all services, and this means nova
+ # and nova_placement puppet runs also try to configure
+ # libvirt, and they fail. We can remove this override when
+ # we have hieradata separation between containers.
+ - tripleo::profile::base::nova::manage_migration: false
step_config: &step_config
get_attr: [NovaComputeBase, role_data, step_config]
puppet_config:
@@ -66,15 +76,17 @@ outputs:
user: root
restart: always
volumes:
- - /var/lib/kolla/config_files/nova-compute.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova_libvirt/etc/nova/:/etc/nova/:ro
- - /dev:/dev
- - /etc/iscsi:/etc/iscsi
- - /etc/localtime:/etc/localtime:ro
- - /lib/modules:/lib/modules:ro
- - /run:/run
- - /var/lib/nova:/var/lib/nova
- - /var/lib/libvirt:/var/lib/libvirt
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova-compute.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova_libvirt/etc/nova/:/etc/nova/:ro
+ - /dev:/dev
+ - /etc/iscsi:/etc/iscsi
+ - /lib/modules:/lib/modules:ro
+ - /run:/run
+ - /var/lib/nova:/var/lib/nova
+ - /var/lib/libvirt:/var/lib/libvirt
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
@@ -85,4 +97,4 @@ outputs:
upgrade_tasks:
- name: Stop and disable nova-compute service
tags: step2
- service: name=nova-compute state=stopped enabled=no
+ service: name=openstack-nova-compute state=stopped enabled=no
diff --git a/docker/services/nova-conductor.yaml b/docker/services/nova-conductor.yaml
index b7a1d742..fc20422d 100644
--- a/docker/services/nova-conductor.yaml
+++ b/docker/services/nova-conductor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Nova Conductor service
@@ -34,6 +34,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
NovaConductorBase:
type: ../../puppet/services/nova-conductor.yaml
properties:
@@ -73,11 +76,12 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/nova_conductor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova_conductor.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
+ - /run:/run
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/nova-ironic.yaml b/docker/services/nova-ironic.yaml
index 9941abda..3fd71d88 100644
--- a/docker/services/nova-ironic.yaml
+++ b/docker/services/nova-ironic.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Nova Ironic Compute service
@@ -33,6 +33,8 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
NovaIronicBase:
type: ../../puppet/services/nova-ironic.yaml
@@ -70,16 +72,18 @@ outputs:
user: root
restart: always
volumes:
- - /var/lib/kolla/config_files/nova_ironic.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /dev:/dev
- - /etc/iscsi:/etc/iscsi
- - /var/lib/nova/:/var/lib/nova
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova_ironic.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
+ - /run:/run
+ - /dev:/dev
+ - /etc/iscsi:/etc/iscsi
+ - /var/lib/nova/:/var/lib/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
- name: Stop and disable nova-compute service
tags: step2
- service: name=nova-compute state=stopped enabled=no
+ service: name=openstack-nova-compute state=stopped enabled=no
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index 15cee597..1b103df4 100644
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack Libvirt Service
@@ -35,6 +35,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
NovaLibvirtBase:
type: ../../puppet/services/nova-libvirt.yaml
properties:
@@ -47,7 +50,15 @@ outputs:
description: Role data for the Libvirt service.
value:
service_name: {get_attr: [NovaLibvirtBase, role_data, service_name]}
- config_settings: {get_attr: [NovaLibvirtBase, role_data, config_settings]}
+ config_settings:
+ map_merge:
+ - get_attr: [NovaLibvirtBase, role_data, config_settings]
+ # FIXME: we need to disable migration for now as the
+ # hieradata is common for all services, and this means nova
+ # and nova_placement puppet runs also try to configure
+ # libvirt, and they fail. We can remove this override when
+ # we have hieradata separation between containers.
+ - tripleo::profile::base::nova::manage_migration: false
step_config: &step_config
get_attr: [NovaLibvirtBase, role_data, step_config]
puppet_config:
@@ -73,18 +84,20 @@ outputs:
privileged: true
restart: always
volumes:
- - /var/lib/kolla/config_files/nova-libvirt.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova_libvirt/etc/libvirt/:/etc/libvirt/:ro
- - /etc/localtime:/etc/localtime:ro
- - /lib/modules:/lib/modules:ro
- - /dev:/dev
- - /run:/run
- - /sys/fs/cgroup:/sys/fs/cgroup
- - /var/lib/nova:/var/lib/nova
- # Needed to use host's virtlogd
- - /var/run/libvirt:/var/run/libvirt
- - /var/lib/libvirt:/var/lib/libvirt
- - /etc/libvirt/qemu:/etc/libvirt/qemu
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova-libvirt.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova_libvirt/etc/libvirt/:/etc/libvirt/:ro
+ - /lib/modules:/lib/modules:ro
+ - /dev:/dev
+ - /run:/run
+ - /sys/fs/cgroup:/sys/fs/cgroup
+ - /var/lib/nova:/var/lib/nova
+ # Needed to use host's virtlogd
+ - /var/run/libvirt:/var/run/libvirt
+ - /var/lib/libvirt:/var/lib/libvirt
+ - /etc/libvirt/qemu:/etc/libvirt/qemu
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
diff --git a/docker/services/nova-placement.yaml b/docker/services/nova-placement.yaml
index 0c595dc2..7202ca42 100644
--- a/docker/services/nova-placement.yaml
+++ b/docker/services/nova-placement.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Nova Placement API service
@@ -10,7 +10,7 @@ parameters:
type: string
DockerNovaPlacementImage:
description: image
- default: 'centos-binary-nova-placement-api'
+ default: 'centos-binary-nova-placement-api:latest'
type: string
EndpointMap:
default: {}
@@ -29,6 +29,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
NovaPlacementBase:
type: ../../puppet/services/nova-placement.yaml
properties:
@@ -70,12 +73,13 @@ outputs:
user: root
restart: always
volumes:
- - /var/lib/kolla/config_files/nova_placement.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova_placement/etc/nova/:/etc/nova/:ro
- - /var/lib/config-data/nova_placement/etc/httpd/:/etc/httpd/:ro
- - /var/lib/config-data/nova_placement/var/www/:/var/www/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova_placement.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova_placement/etc/nova/:/etc/nova/:ro
+ - /var/lib/config-data/nova_placement/etc/httpd/:/etc/httpd/:ro
+ - /var/lib/config-data/nova_placement/var/www/:/var/www/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/nova-scheduler.yaml b/docker/services/nova-scheduler.yaml
index e6f4896b..9be24137 100644
--- a/docker/services/nova-scheduler.yaml
+++ b/docker/services/nova-scheduler.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Nova Scheduler service
@@ -33,6 +33,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
NovaSchedulerBase:
type: ../../puppet/services/nova-scheduler.yaml
properties:
@@ -72,11 +75,12 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/nova_scheduler.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova_scheduler.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
+ - /run:/run
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml
index f4f1f7b0..cf0e1718 100644
--- a/docker/services/panko-api.yaml
+++ b/docker/services/panko-api.yaml
@@ -1,7 +1,9 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
- OpenStack Panko service configured with docker
+ OpenStack Panko service configured with docker.
+ Note, this service is deprecated in Pike release and
+ will be disabled in future releases.
parameters:
DockerNamespace:
@@ -26,9 +28,19 @@ parameters:
DefaultPasswords:
default: {}
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
PankoApiPuppetBase:
type: ../../puppet/services/panko-api.yaml
properties:
@@ -76,10 +88,11 @@ outputs:
detach: false
privileged: false
volumes:
- - /var/lib/config-data/panko/etc/panko:/etc/panko:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - logs:/var/log
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/panko/etc/panko:/etc/panko:ro
+ - logs:/var/log
command: /usr/bin/panko-dbsync
step_4:
panko_api:
@@ -89,11 +102,24 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/panko-api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/panko/etc/panko/:/etc/panko/:ro
- - /var/lib/config-data/panko/etc/httpd/:/etc/httpd/:ro
- - /var/lib/config-data/panko/var/www/:/var/www/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/panko-api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/panko/etc/panko/:/etc/panko/:ro
+ - /var/lib/config-data/panko/etc/httpd/:/etc/httpd/:ro
+ - /var/lib/config-data/panko/var/www/:/var/www/:ro
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ metadata_settings:
+ get_attr: [PankoApiPuppetBase, role_data, metadata_settings]
diff --git a/docker/services/rabbitmq.yaml b/docker/services/rabbitmq.yaml
index 9d5a52a6..3d647d5e 100644
--- a/docker/services/rabbitmq.yaml
+++ b/docker/services/rabbitmq.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Rabbitmq service
@@ -33,6 +33,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
RabbitmqBase:
type: ../../puppet/services/rabbitmq.yaml
properties:
@@ -45,14 +48,20 @@ outputs:
description: Role data for the Rabbitmq API role.
value:
service_name: {get_attr: [RabbitmqBase, role_data, service_name]}
- config_settings: {get_attr: [RabbitmqBase, role_data, config_settings]}
+ # RabbitMQ plugins initialization occurs on every node
+ config_settings:
+ map_merge:
+ - {get_attr: [RabbitmqBase, role_data, config_settings]}
+ - rabbitmq::admin_enable: false
step_config: &step_config
- get_attr: [RabbitmqBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - "['Rabbitmq_policy', 'Rabbitmq_user'].each |String $val| { noop_resource($val) }"
+ - get_attr: [RabbitmqBase, role_data, step_config]
service_config_settings: {get_attr: [RabbitmqBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: rabbitmq
- puppet_tags: file
step_config: *step_config
config_image: &rabbitmq_image
list_join:
@@ -69,15 +78,16 @@ outputs:
net: host
privileged: false
volumes:
- - /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /var/lib/rabbitmq:/var/lib/rabbitmq
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro
+ - /var/lib/rabbitmq:/var/lib/rabbitmq
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- KOLLA_BOOTSTRAP=True
- -
+ -
list_join:
- '='
- - 'RABBITMQ_CLUSTER_COOKIE'
@@ -95,13 +105,24 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /var/lib/rabbitmq:/var/lib/rabbitmq
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro
+ - /var/lib/rabbitmq:/var/lib/rabbitmq
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ docker_puppet_tasks:
+ # RabbitMQ users and policies initialization occurs only on single node
+ step_1:
+ config_volume: 'rabbit_init_tasks'
+ puppet_tags: 'rabbitmq_policy,rabbitmq_user'
+ step_config: 'include ::tripleo::profile::base::rabbitmq'
+ config_image: *rabbitmq_image
+ volumes:
+ - /var/lib/config-data/rabbitmq/etc/:/etc/
+ - /var/lib/rabbitmq:/var/lib/rabbitmq:ro
host_prep_tasks:
- name: create /var/lib/rabbitmq
file:
diff --git a/docker/services/swift-proxy.yaml b/docker/services/swift-proxy.yaml
index e60aca12..8ea42222 100644
--- a/docker/services/swift-proxy.yaml
+++ b/docker/services/swift-proxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized swift proxy service
@@ -29,6 +29,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
SwiftProxyBase:
type: ../../puppet/services/swift-proxy.yaml
properties:
@@ -65,15 +68,16 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_proxy.json:/var/lib/kolla/config_files/config.json:ro
- # FIXME I'm mounting /etc/swift as rw. Are the rings written to
- # at all during runtime?
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_proxy.json:/var/lib/kolla/config_files/config.json:ro
+ # FIXME I'm mounting /etc/swift as rw. Are the rings written to
+ # at all during runtime?
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
diff --git a/docker/services/swift-storage.yaml b/docker/services/swift-storage.yaml
index cccddb46..b4a6a940 100644
--- a/docker/services/swift-storage.yaml
+++ b/docker/services/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Swift Storage services.
@@ -41,6 +41,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
SwiftStorageBase:
type: ../../puppet/services/swift-storage.yaml
properties:
@@ -114,13 +117,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_account_auditor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_account_auditor.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: &kolla_env
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
swift_account_reaper:
@@ -129,13 +133,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_account_reaper.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_account_reaper.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
swift_account_replicator:
image: *swift_account_image
@@ -143,13 +148,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_account_replicator.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_account_replicator.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
swift_account_server:
image: *swift_account_image
@@ -157,13 +163,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_account_server.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_account_server.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
swift_container_auditor:
image: &swift_container_image
@@ -174,13 +181,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_container_auditor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_container_auditor.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
swift_container_replicator:
image: *swift_container_image
@@ -188,13 +196,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_container_replicator.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_container_replicator.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
swift_container_updater:
image: *swift_container_image
@@ -202,13 +211,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_container_updater.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_container_updater.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
swift_container_server:
image: *swift_container_image
@@ -216,13 +226,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_container_server.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_container_server.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
swift_object_auditor:
image: &swift_object_image
@@ -233,13 +244,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_object_auditor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_object_auditor.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
swift_object_expirer:
image: *swift_proxy_image
@@ -247,13 +259,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_object_expirer.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_object_expirer.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
swift_object_replicator:
image: *swift_object_image
@@ -261,13 +274,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_object_replicator.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_object_replicator.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
swift_object_updater:
image: *swift_object_image
@@ -275,13 +289,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_object_updater.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_object_updater.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
swift_object_server:
image: *swift_object_image
@@ -289,13 +304,14 @@ outputs:
user: swift
restart: always
volumes:
- - /var/lib/kolla/config_files/swift_object_server.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /run:/run
- - /srv/node:/srv/node
- - /dev:/dev
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/swift_object_server.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /run:/run
+ - /srv/node:/srv/node
+ - /dev:/dev
environment: *kolla_env
host_prep_tasks:
- name: create /srv/node
diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml
index 1160031f..c450fe2f 100644
--- a/docker/services/zaqar.yaml
+++ b/docker/services/zaqar.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack containerized Zaqar services
@@ -29,6 +29,9 @@ parameters:
resources:
+ ContainersCommon:
+ type: ./containers-common.yaml
+
ZaqarBase:
type: ../../puppet/services/zaqar.yaml
properties:
@@ -56,7 +59,7 @@ outputs:
- [ {get_param: DockerNamespace}, {get_param: DockerZaqarImage} ]
kolla_config:
/var/lib/kolla/config_files/zaqar.json:
- command: /usr/sbin/httpd -DFOREGROUND
+ command: /usr/bin/zaqar-server --config-file /etc/zaqar/zaqar.conf
/var/lib/kolla/config_files/zaqar_websocket.json:
command: /usr/bin/zaqar-server --config-file /etc/zaqar/zaqar.conf --config-file /etc/zaqar/1.conf
docker_config:
@@ -66,15 +69,12 @@ outputs:
net: host
privileged: false
restart: always
- # NOTE(mandre) kolla image changes the user to 'zaqar', we need it
- # to be root to run httpd
- user: root
volumes:
- - /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro
- - /var/lib/config-data/zaqar/etc/httpd:/etc/httpd/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
zaqar_websocket:
@@ -83,13 +83,15 @@ outputs:
privileged: false
restart: always
volumes:
- - /var/lib/kolla/config_files/zaqar_websocket.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/zaqar_websocket.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
- name: Stop and disable zaqar service
tags: step2
- service: name=httpd state=stopped enabled=no
+ service: name=openstack-zaqar.service state=stopped enabled=no
+