heat_template_version: pike description: > MongoDB service deployment using puppet and docker parameters: DockerMongodbImage: description: image type: string DockerMongodbConfigImage: description: The container image to use for the mongodb config_volume type: string EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EnableInternalTLS: type: boolean default: false InternalTLSCAFile: default: '/etc/ipa/ca.crt' type: string description: Specifies the default CA cert to use if TLS is used for services in the internal network. conditions: internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: MongodbPuppetBase: type: ../../../puppet/services/database/mongodb.yaml properties: EndpointMap: {get_param: EndpointMap} ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} outputs: role_data: description: Containerized service Mongodb using composable services. value: service_name: {get_attr: [MongodbPuppetBase, role_data, service_name]} config_settings: map_merge: - get_attr: [MongodbPuppetBase, role_data, config_settings] - mongodb::server::fork: false logging_source: {get_attr: [MongodbPuppetBase, role_data, logging_source]} logging_groups: {get_attr: [MongodbPuppetBase, role_data, logging_groups]} step_config: &step_config list_join: - "\n" - - "['Mongodb_database', 'Mongodb_user', 'Mongodb_replset'].each |String $val| { noop_resource($val) }" - {get_attr: [MongodbPuppetBase, role_data, step_config]} # BEGIN DOCKER SETTINGS # puppet_config: config_volume: mongodb puppet_tags: file # set this even though file is the default step_config: *step_config config_image: &mongodb_config_image {get_param: DockerMongodbConfigImage} kolla_config: /var/lib/kolla/config_files/mongodb.json: command: /usr/bin/mongod --unixSocketPrefix=/var/run/mongodb --config /etc/mongod.conf run config_files: - source: "/var/lib/kolla/config_files/src/*" dest: "/" merge: true preserve_properties: true - source: "/var/lib/kolla/config_files/src-tls/*" dest: "/" merge: true preserve_properties: true permissions: - path: /var/lib/mongodb owner: mongodb:mongodb recurse: true - path: /var/log/mongodb owner: mongodb:mongodb recurse: true - path: /etc/pki/tls/certs/mongodb.pem owner: mongodb:mongodb docker_config: step_2: mongodb: image: {get_param: DockerMongodbImage} net: host privileged: false volumes: &mongodb_volumes list_concat: - - /var/lib/kolla/config_files/mongodb.json:/var/lib/kolla/config_files/config.json - /var/lib/config-data/puppet-generated/mongodb/:/var/lib/kolla/config_files/src:ro - /etc/localtime:/etc/localtime:ro - /var/log/containers/mongodb:/var/log/mongodb - /var/lib/mongodb:/var/lib/mongodb - if: - internal_tls_enabled - - list_join: - ':' - - {get_param: InternalTLSCAFile} - {get_param: InternalTLSCAFile} - 'ro' - /etc/pki/tls/certs/mongodb.pem:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mongodb.pem:ro - null environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS docker_puppet_tasks: # MySQL database initialization occurs only on single node step_2: config_volume: 'mongodb_init_tasks' puppet_tags: 'mongodb_database,mongodb_user,mongodb_replset' step_config: 'include ::tripleo::profile::base::database::mongodb' config_image: *mongodb_config_image volumes: list_concat: - - /var/lib/mongodb:/var/lib/mongodb - /var/log/containers/mongodb:/var/log/mongodb - if: - internal_tls_enabled - - list_join: - ':' - - {get_param: InternalTLSCAFile} - {get_param: InternalTLSCAFile} - 'ro' - /etc/pki/tls/certs/mongodb.pem:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mongodb.pem:ro - null host_prep_tasks: - name: create persistent directories file: path: "{{ item }}" state: directory with_items: - /var/log/containers/mongodb - /var/lib/mongodb metadata_settings: get_attr: [MongodbPuppetBase, role_data, metadata_settings] upgrade_tasks: - name: Check for mongodb service stat: path=/usr/lib/systemd/system/mongod.service tags: common register: mongod_service - name: Stop and disable mongodb service tags: step2 service: name=mongod state=stopped enabled=no when: mongod_service.stat.exists