magnum/magnum/drivers/mesos_ubuntu_v1/templates/mesos_slave_software_config...

208 lines
6.1 KiB
YAML

heat_template_version: 2014-10-16
description: >
This is a nested stack that defines software configs for Mesos slave.
parameters:
executor_registration_timeout:
type: string
description: >
Amount of time to wait for an executor to register with the slave before
considering it hung and shutting it down
http_proxy:
type: string
description: http proxy address for docker
https_proxy:
type: string
description: https proxy address for docker
no_proxy:
type: string
description: no proxies for docker
auth_url:
type: string
description: >
url for mesos to authenticate before sending request
username:
type: string
description: user name
password:
type: string
description: >
user password, not set in current implementation, only used to
fill in for Kubernetes config file
hidden: true
tenant_name:
type: string
description: >
tenant_name is used to isolate access to Compute resources
volume_driver:
type: string
description: volume driver to use for container storage
region_name:
type: string
description: A logically separate section of the cluster
domain_name:
type: string
description: >
domain is to define the administrative boundaries for management
of Keystone entities
rexray_preempt:
type: string
description: >
enables any host to take control of a volume irrespective of whether
other hosts are using the volume
verify_ca:
type: boolean
description: whether or not to validate certificate authority
mesos_slave_isolation:
type: string
description: >
Isolation mechanisms to use, e.g., `posix/cpu,posix/mem`, or
`cgroups/cpu,cgroups/mem`, or network/port_mapping (configure with flag:
`--with-network-isolator` to enable), or `cgroups/devices/gpus/nvidia`
for nvidia specific gpu isolation (configure with flag: `--enable-nvidia
-gpu-support` to enable), or `external`, or load an alternate isolator
module using the `--modules` flag. Note that this flag is only relevant
for the Mesos Containerizer.
mesos_slave_work_dir:
type: string
description: directory path to place framework work directories
mesos_slave_image_providers:
type: string
description: >
Comma separated list of supported image providers e.g.,
APPC,DOCKER
mesos_slave_executor_env_variables:
type: string
description: >
JSON object representing the environment variables that should be passed
to the executor, and thus subsequently task(s). By default the executor,
executor will inherit the slave's environment variables.
mesos_masters_ips:
type: string
description: IP addresses of the Mesos master servers.
mesos_slave_wc_curl_cli:
type: string
description: Wait condition notify command for slave.
openstack_ca:
type: string
description: The OpenStack CA certificate to install on the node.
resources:
######################################################################
#
# software configs. these are components that are combined into
# a multipart MIME user-data archive.
#
write_heat_params:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: {get_file: fragments/write-heat-params.yaml}
params:
"$MESOS_MASTERS_IPS": {get_param: mesos_masters_ips}
"$EXECUTOR_REGISTRATION_TIMEOUT": {get_param: executor_registration_timeout}
"$HTTP_PROXY": {get_param: http_proxy}
"$HTTPS_PROXY": {get_param: https_proxy}
"$NO_PROXY": {get_param: no_proxy}
"$AUTH_URL": {get_param: auth_url}
"$USERNAME": {get_param: username}
"$PASSWORD": {get_param: password}
"$TENANT_NAME": {get_param: tenant_name}
"$VOLUME_DRIVER": {get_param: volume_driver}
"$REGION_NAME": {get_param: region_name}
"$DOMAIN_NAME": {get_param: domain_name}
"$REXRAY_PREEMPT": {get_param: rexray_preempt}
"$ISOLATION": {get_param: mesos_slave_isolation}
"$WORK_DIR": {get_param: mesos_slave_work_dir}
"$IMAGE_PROVIDERS": {get_param: mesos_slave_image_providers}
"$EXECUTOR_ENVIRONMENT_VARIABLES": {get_param: mesos_slave_executor_env_variables}
add_ext_ca_certs:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: {get_file: fragments/add-ext-ca-certs.sh}
params:
"@@CACERTS_CONTENT@@": {get_param: openstack_ca}
configure_mesos_slave:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/configure-mesos-slave.sh}
start_services:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/start-services-slave.sh}
slave_wc_notify:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: |
#!/bin/bash -v
wc_notify $VERIFY_CA --data-binary '{"status": "SUCCESS"}'
params:
wc_notify: {get_param: mesos_slave_wc_curl_cli}
"$VERIFY_CA": {get_param: verify_ca}
add_proxy:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/add-proxy.sh}
volume_service:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/volume-service.sh}
mesos_slave_init:
type: OS::Heat::MultipartMime
properties:
parts:
- config: {get_resource: add_ext_ca_certs}
- config: {get_resource: write_heat_params}
- config: {get_resource: configure_mesos_slave}
- config: {get_resource: add_proxy}
- config: {get_resource: volume_service}
- config: {get_resource: start_services}
- config: {get_resource: slave_wc_notify}
outputs:
mesos_init:
value: {get_resource: mesos_slave_init}
description: ID of the multipart mime.