k8s_coreos Set REQUESTS_CA for heat-agent
The heat-agent as a python service needs to use the ca bundle of the host. story: 2005201 task: 38504 Change-Id: I908555399639a49058831cb2b0c03d5c5442446b Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>
This commit is contained in:
Spyros Trigazis
parent
454b0f55ec
commit
7da53fe3b8
|
|
@ -77,7 +77,7 @@
|
|||
{
|
||||
"name": "heat-container-agent.service",
|
||||
"enabled": true,
|
||||
"contents": "[Unit]\nDescription=Run heat-container-agent\nAfter=network-online.target configure-agent-env.service\nWants=network-online.target\n\n[Service]\nEnvironmentFile=-/etc/environment\nExecStartPre=mkdir -p /var/lib/heat-container-agent\nExecStartPre=mkdir -p /var/run/heat-config\nExecStartPre=mkdir -p /var/run/os-collect-config\nExecStartPre=mkdir -p /opt/stack/os-config-refresh\nExecStartPre=-mv /var/lib/os-collect-config/local-data /var/lib/cloud/data/cfn-init-data\nExecStartPre=mkdir -p /srv/magnum\nExecStartPre=-/bin/podman kill heat-container-agent\nExecStartPre=-/bin/podman rm heat-container-agent\nExecStartPre=-/bin/podman pull $CONTAINER_INFRA_PREFIXheat-container-agent:$HEAT_CONTAINER_AGENT_TAG\nExecStart=/bin/podman run \\\n --name heat-container-agent \\\n --privileged \\\n --volume /srv/magnum:/srv/magnum \\\n --volume /opt/stack/os-config-refresh:/opt/stack/os-config-refresh \\\n --volume /run/systemd:/run/systemd \\\n --volume /etc/:/etc/ \\\n --volume /var/lib:/var/lib \\\n --volume /var/run:/var/run \\\n --volume /var/log:/var/log \\\n --volume /tmp:/tmp \\\n --volume /dev:/dev \\\n --env REQUESTS_CA_BUNDLE=/etc/pki/ca-trust/source/anchors/openstack-ca.pem --net=host \\\n $CONTAINER_INFRA_PREFIXheat-container-agent:$HEAT_CONTAINER_AGENT_TAG \\\n /usr/bin/start-heat-container-agent\nTimeoutStartSec=10min\n\nExecStop=/bin/podman stop heat-container-agent\n\n[Install]\nWantedBy=multi-user.target\n"
|
||||
"contents": "[Unit]\nDescription=Run heat-container-agent\nAfter=network-online.target configure-agent-env.service\nWants=network-online.target\n\n[Service]\nEnvironmentFile=-/etc/environment\nExecStartPre=mkdir -p /var/lib/heat-container-agent\nExecStartPre=mkdir -p /var/run/heat-config\nExecStartPre=mkdir -p /var/run/os-collect-config\nExecStartPre=mkdir -p /opt/stack/os-config-refresh\nExecStartPre=-mv /var/lib/os-collect-config/local-data /var/lib/cloud/data/cfn-init-data\nExecStartPre=mkdir -p /srv/magnum\nExecStartPre=-/bin/podman kill heat-container-agent\nExecStartPre=-/bin/podman rm heat-container-agent\nExecStartPre=-/bin/podman pull $CONTAINER_INFRA_PREFIXheat-container-agent:$HEAT_CONTAINER_AGENT_TAG\nExecStart=/bin/podman run \\\n --name heat-container-agent \\\n --privileged \\\n --volume /srv/magnum:/srv/magnum \\\n --volume /opt/stack/os-config-refresh:/opt/stack/os-config-refresh \\\n --volume /run/systemd:/run/systemd \\\n --volume /etc/:/etc/ \\\n --volume /var/lib:/var/lib \\\n --volume /var/run:/var/run \\\n --volume /var/log:/var/log \\\n --volume /tmp:/tmp \\\n --volume /dev:/dev \\\n --env REQUESTS_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt --net=host \\\n $CONTAINER_INFRA_PREFIXheat-container-agent:$HEAT_CONTAINER_AGENT_TAG \\\n /usr/bin/start-heat-container-agent\nTimeoutStartSec=10min\n\nExecStop=/bin/podman stop heat-container-agent\n\n[Install]\nWantedBy=multi-user.target\n"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,3 +10,7 @@ issues:
|
|||
The startup of the heat-container-agent uses a workaround to copy the
|
||||
SoftwareDeployment credentials to /var/lib/cloud/data/cfn-init-data.
|
||||
The fedora coreos driver requires heat train to support ignition.
|
||||
fixes:
|
||||
- |
|
||||
For k8s_coreos set REQUESTS_CA for heat-agent. The heat-agent as a python
|
||||
service needs to use the ca bundle of the host.
|
||||
|
|
|
|||
Loading…
Reference in New Issue