From 15c93fdbd9325ea62a8e478a2b35f81db994c38e Mon Sep 17 00:00:00 2001 From: Dan Prince Date: Thu, 4 May 2017 08:52:38 -0400 Subject: Move iscsid to a container This configures iscsid so that it runs as a container on relevant roles (undercloud, controller, compute, and volume). When the iscsid docker service is provision it will also run an ansible snippet that disables the iscsid.socket on the host OS thus disabling the hosts systemd from auto-starting iscsid as it normally does. Co-Authored-By: Jon Bernard Change-Id: I2ea741ad978f166e199d47ed1b52369e9b031f1f --- docker/services/iscsid.yaml | 109 +++++++++++++++++++++++++++++ environments/docker.yaml | 1 + environments/hyperconverged-ceph.yaml | 1 + overcloud-resource-registry-puppet.j2.yaml | 1 + roles/BlockStorage.yaml | 1 + roles/Compute.yaml | 1 + roles/Controller.yaml | 1 + roles/Undercloud.yaml | 1 + roles_data.yaml | 3 + roles_data_undercloud.yaml | 1 + 10 files changed, 120 insertions(+) create mode 100644 docker/services/iscsid.yaml diff --git a/docker/services/iscsid.yaml b/docker/services/iscsid.yaml new file mode 100644 index 00000000..53f5aff2 --- /dev/null +++ b/docker/services/iscsid.yaml @@ -0,0 +1,109 @@ +heat_template_version: pike + +description: > + OpenStack containerized Iscsid service + +parameters: + DockerNamespace: + description: namespace + default: 'tripleoupstream' + type: string + DockerIscsidImage: + description: image + default: 'centos-binary-iscsid:latest' + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + DefaultPasswords: + default: {} + type: json + +resources: + + ContainersCommon: + type: ./containers-common.yaml + +outputs: + role_data: + description: Role data for the Iscsid API role. + value: + service_name: iscsid + config_settings: {} + step_config: '' + service_config_settings: {} + # BEGIN DOCKER SETTINGS + puppet_config: + config_volume: iscsid + #puppet_tags: file + step_config: '' + config_image: &iscsid_image + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerIscsidImage} ] + kolla_config: + /var/lib/kolla/config_files/iscsid.json: + command: /usr/sbin/iscsid -f + docker_config: + step_3: + iscsid: + start_order: 2 + image: *iscsid_image + net: host + privileged: true + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/iscsid.json:/var/lib/kolla/config_files/config.json:ro + - /dev/:/dev/ + - /run/:/run/ + - /sys:/sys + - /lib/modules:/lib/modules:ro + - /etc/iscsi:/etc/iscsi + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + host_prep_tasks: + - name: create /etc/iscsi + file: + path: /etc/iscsi + state: directory + - name: stat /lib/systemd/system/iscsid.socket + stat: path=/lib/systemd/system/iscsid.socket + register: stat_iscsid_socket + - name: Stop and disable iscsid.socket service + service: name=iscsid.socket state=stopped enabled=no + when: stat_iscsid_socket.stat.exists + upgrade_tasks: + - name: stat /lib/systemd/system/iscsid.service + stat: path=/lib/systemd/system/iscsid.service + register: stat_iscsid_service + - name: Stop and disable iscsid service + tags: step2 + service: name=iscsid state=stopped enabled=no + when: stat_iscsid_service.stat.exists + - name: stat /lib/systemd/system/iscsid.socket + stat: path=/lib/systemd/system/iscsid.socket + register: stat_iscsid_socket + - name: Stop and disable iscsid.socket service + tags: step2 + service: name=iscsid.socket state=stopped enabled=no + when: stat_iscsid_socket.stat.exists + metadata_settings: {} diff --git a/environments/docker.yaml b/environments/docker.yaml index 28527945..ed94b035 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -47,6 +47,7 @@ resource_registry: OS::TripleO::Services::CeilometerAgentCompute: ../docker/services/ceilometer-agent-compute.yaml OS::TripleO::Services::CeilometerAgentNotification: ../docker/services/ceilometer-agent-notification.yaml OS::TripleO::Services::Horizon: ../docker/services/horizon.yaml + OS::TripleO::Services::Iscsid: ../docker/services/iscsid.yaml OS::TripleO::PostDeploySteps: ../docker/post.yaml OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml diff --git a/environments/hyperconverged-ceph.yaml b/environments/hyperconverged-ceph.yaml index 0f7e1143..05a3a391 100644 --- a/environments/hyperconverged-ceph.yaml +++ b/environments/hyperconverged-ceph.yaml @@ -36,3 +36,4 @@ parameter_defaults: - OS::TripleO::Services::NeutronVppAgent - OS::TripleO::Services::MySQLClient - OS::TripleO::Services::Docker + - OS::TripleO::Services::Iscsid diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index d4c301bb..c204277a 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -263,6 +263,7 @@ resource_registry: OS::TripleO::Services::NeutronVppAgent: OS::Heat::None OS::TripleO::Services::Docker: OS::Heat::None OS::TripleO::Services::CertmongerUser: OS::Heat::None + OS::TripleO::Services::Iscsid: OS::Heat::None parameter_defaults: EnablePackageInstall: false diff --git a/roles/BlockStorage.yaml b/roles/BlockStorage.yaml index d242a5bb..6d77247c 100644 --- a/roles/BlockStorage.yaml +++ b/roles/BlockStorage.yaml @@ -12,6 +12,7 @@ - OS::TripleO::Services::Collectd - OS::TripleO::Services::Docker - OS::TripleO::Services::FluentdClient + - OS::TripleO::Services::Iscsid - OS::TripleO::Services::Kernel - OS::TripleO::Services::MySQLClient - OS::TripleO::Services::Ntp diff --git a/roles/Compute.yaml b/roles/Compute.yaml index 73ec6595..c7e2b276 100644 --- a/roles/Compute.yaml +++ b/roles/Compute.yaml @@ -21,6 +21,7 @@ - OS::TripleO::Services::ComputeNeutronOvsAgent - OS::TripleO::Services::Docker - OS::TripleO::Services::FluentdClient + - OS::TripleO::Services::Iscsid - OS::TripleO::Services::Kernel - OS::TripleO::Services::MySQLClient - OS::TripleO::Services::NeutronLinuxbridgeAgent diff --git a/roles/Controller.yaml b/roles/Controller.yaml index 7511d4c0..36c46c8c 100644 --- a/roles/Controller.yaml +++ b/roles/Controller.yaml @@ -57,6 +57,7 @@ - OS::TripleO::Services::Horizon - OS::TripleO::Services::IronicApi - OS::TripleO::Services::IronicConductor + - OS::TripleO::Services::Iscsid - OS::TripleO::Services::Keepalived - OS::TripleO::Services::Kernel - OS::TripleO::Services::Keystone diff --git a/roles/Undercloud.yaml b/roles/Undercloud.yaml index 0a9bcadf..bcdedc71 100644 --- a/roles/Undercloud.yaml +++ b/roles/Undercloud.yaml @@ -19,6 +19,7 @@ - OS::TripleO::Services::IronicApi - OS::TripleO::Services::IronicConductor - OS::TripleO::Services::IronicPxe + - OS::TripleO::Services::Iscsid - OS::TripleO::Services::Keystone - OS::TripleO::Services::Memcached - OS::TripleO::Services::MistralApi diff --git a/roles_data.yaml b/roles_data.yaml index c536e834..a00f89bf 100644 --- a/roles_data.yaml +++ b/roles_data.yaml @@ -60,6 +60,7 @@ - OS::TripleO::Services::Horizon - OS::TripleO::Services::IronicApi - OS::TripleO::Services::IronicConductor + - OS::TripleO::Services::Iscsid - OS::TripleO::Services::Keepalived - OS::TripleO::Services::Kernel - OS::TripleO::Services::Keystone @@ -144,6 +145,7 @@ - OS::TripleO::Services::ComputeNeutronOvsAgent - OS::TripleO::Services::Docker - OS::TripleO::Services::FluentdClient + - OS::TripleO::Services::Iscsid - OS::TripleO::Services::Kernel - OS::TripleO::Services::MySQLClient - OS::TripleO::Services::NeutronLinuxbridgeAgent @@ -175,6 +177,7 @@ - OS::TripleO::Services::Collectd - OS::TripleO::Services::Docker - OS::TripleO::Services::FluentdClient + - OS::TripleO::Services::Iscsid - OS::TripleO::Services::Kernel - OS::TripleO::Services::MySQLClient - OS::TripleO::Services::Ntp diff --git a/roles_data_undercloud.yaml b/roles_data_undercloud.yaml index ad760fd6..a31c093e 100644 --- a/roles_data_undercloud.yaml +++ b/roles_data_undercloud.yaml @@ -22,6 +22,7 @@ - OS::TripleO::Services::IronicApi - OS::TripleO::Services::IronicConductor - OS::TripleO::Services::IronicPxe + - OS::TripleO::Services::Iscsid - OS::TripleO::Services::Keystone - OS::TripleO::Services::Memcached - OS::TripleO::Services::MistralApi -- cgit 1.2.3-korg