063e493418
As of Rocky [1], the nova-consoleauth service has been deprecated and cell databases are used for storing token authorizations. All new consoles will be supported by the database backend and existing consoles will be reset. Console proxies must be run per cell because the new console token authorizations are stored in cell databases. nova-consoleauth was deprecated in tripleo with: I68485a6c4da4476d07ec0ab5e7b5a4c528820a4f This change now removes the NovaConsoleauth Service. [1] https://docs.openstack.org/releasenotes/nova/rocky.html Depends-On: https://review.opendev.org/658081 Change-Id: I21012e25a8f320dcea11d51f9a8cfa5d76520e78 Related-Bug: #1828414
746 lines
28 KiB
Django/Jinja
746 lines
28 KiB
Django/Jinja
{% extends parent_template %}
|
|
|
|
# Disable external repos
|
|
{% set base_yum_repo_files_override = [] %}
|
|
{% set base_yum_url_packages_override = [] %}
|
|
{% set base_yum_repo_keys_override = [] %}
|
|
|
|
# Enable ODL repo in ODL Dockerfile
|
|
{% block opendaylight_header %}
|
|
RUN echo $'[opendaylight-8-devel]\n\
|
|
name=OpenDaylight Oxygen repository\n\
|
|
# The opendaylight packages are currently built noarch, but the repo hosting
|
|
# them is hard-coded as an x86_64 repository. To enable multiarch use of the
|
|
# packages, we can hard-code x86_64 below, and update when the repository
|
|
# definitions are archful.
|
|
baseurl=https://nexus.opendaylight.org/content/repositories/opendaylight-oxygen-epel-7-x86_64-devel/\n\
|
|
enabled=1\n\
|
|
gpgcheck=0' >> /etc/yum.repos.d/opendaylight.repo
|
|
{% endblock %}
|
|
|
|
# Remove EPEL and the dependencies requiring it
|
|
{% set base_centos_yum_repo_packages_remove = ['epel-release', 'centos-release-ceph-jewel', 'centos-release-ceph-luminous'] %}
|
|
{% set base_centos_yum_repo_packages_append = ['centos-release-ceph-nautilus', 'centos-release-opstools'] %}
|
|
{% set base_centos_binary_packages_remove = ['scsi-target-utils'] %}
|
|
{% set cinder_volume_packages_remove = ['scsi-target-utils'] %}
|
|
{% set ironic_conductor_packages_remove = ['shellinabox'] %}
|
|
{% if distro_python_version.startswith('3') %}
|
|
{% set barbican_api_packages_remove = ['uwsgi-plugin-python3'] %}
|
|
{% else %}
|
|
{% set barbican_api_packages_remove = ['uwsgi-plugin-python'] %}
|
|
{% endif %}
|
|
# remove the block to override the behavior
|
|
{% block cinder_volume_redhat_setup %}{% endblock %}
|
|
|
|
# This installs the puppet dependency in the base container and includes helper scripts
|
|
# Rsync is required for docker-puppet.py to move the generated config to /var/lib/config-data
|
|
# Cron is required by multiple services
|
|
{% set base_centos_binary_packages_append = ['openstack-tripleo-common-container-base', 'rsync', 'cronie', 'crudini', 'puppet-tripleo'] %}
|
|
|
|
{% if distro_python_version.startswith('3') %}
|
|
# NOTE(aschultz): puppet-firewall throws errors when trying to query the rules
|
|
{% set base_centos_binary_packages_append = base_centos_binary_packages_append + ['iptables-services'] %}
|
|
{% endif %}
|
|
|
|
|
|
# This installs the novajoin package in the nova container images; This is
|
|
# required for TLS everywhere, as nova-api will use the cloud-init script
|
|
# provided by the novajoin package in order to enroll the nodes to the CA
|
|
{% if distro_python_version.startswith('3') %}
|
|
{% set nova_api_packages_append = ['python3-novajoin'] %}
|
|
{% set nova_compute_ironic_packages_append = ['python3-novajoin'] %}
|
|
{% else %}
|
|
{% set nova_api_packages_append = ['python-novajoin'] %}
|
|
{% set nova_compute_ironic_packages_append = ['python-novajoin'] %}
|
|
{% endif %}
|
|
|
|
{% set nova_scheduler_packages_append = ['openstack-tripleo-common'] %}
|
|
|
|
# Required for mistral-db-populate to load tripleo custom actions on
|
|
# the undercloud
|
|
{% set mistral_base_packages_append = ['openstack-tripleo-common'] %}
|
|
{% if distro_python_version.startswith('3') %}
|
|
{% set mistral_base_packages_append = mistral_base_packages_append + [
|
|
'python3-shade',
|
|
'python3dist\(ansible\)',
|
|
] %}
|
|
{% else %}
|
|
{% set mistral_base_packages_append = mistral_base_packages_append + [
|
|
'python-shade',
|
|
'ansible',
|
|
] %}
|
|
{% endif %}
|
|
|
|
# NOTE: Mistral executor needs:
|
|
# openstack-tripleo-validations: validations
|
|
# nova-common: to run nova-manage cells_v2 commands on
|
|
# tripleo-heat-templates: to load the default plan from the CLI/UI
|
|
# ipmitool: for baremetal node discovery
|
|
# qemu-img: convert Octavia amphora qcow2 to raw
|
|
{% set mistral_executor_packages_append = [
|
|
'openstack-tripleo-validations',
|
|
'openstack-nova-common',
|
|
'openstack-tripleo-heat-templates',
|
|
'ipmitool',
|
|
'qemu-img',
|
|
] %}
|
|
|
|
# FIXME (kolla review to add ceilometer to swift proxy image)
|
|
# NOTE (jaosorior): swift proxy with TLS everywhere needs these packages.
|
|
# NOTE(mandre) Apache cleanup done below in swift_proxy_server_footer block
|
|
{% set swift_proxy_server_packages_append = ['openstack-ceilometer-common', 'httpd', 'mod_ssl'] %}
|
|
|
|
# NOTE (jaosorior): glance-api with TLS everywhere needs these packages.
|
|
# NOTE(mandre) Apache cleanup done below in glance_api_footer block
|
|
{% set glance_api_packages_append = ['httpd', 'mod_ssl'] %}
|
|
|
|
# NOTE (ratailor): ec2-api with TLS needs these packages.
|
|
{% set ec2_api_packages_append = ['httpd', 'mod_ssl'] %}
|
|
{% block ec2_api_footer %}
|
|
RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf \
|
|
&& sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf \
|
|
&& echo "if [[ "\$\(whoami\)" == 'root' ]]; then rm -rf /var/run/httpd/* /run/httpd/* /tmp/httpd*; fi" >> /usr/local/bin/kolla_extend_start
|
|
{% endblock %}
|
|
|
|
# NOTE (jaosorior): neutron-server with TLS everywhere needs httpd and mod_ssl packages.
|
|
# NOTE (hjensas): python2-networking-baremetal ML2 plug-in for ironic neutron integration.
|
|
# NOTE (ramishra): python2-networking-ansible ML2 plug-in for neutron ansible integration.
|
|
{% set neutron_server_packages_append = [
|
|
'httpd',
|
|
'mod_ssl',
|
|
] %}
|
|
{% if distro_python_version.startswith('3') %}
|
|
{% set neutron_server_packages_append = neutron_server_packages_append + [
|
|
'python3-networking-baremetal',
|
|
'python3-networking-ansible'
|
|
] %}
|
|
{% else %}
|
|
{% set neutron_server_packages_append = neutron_server_packages_append + [
|
|
'python2-networking-baremetal',
|
|
'python2-networking-ansible'
|
|
] %}
|
|
{% endif %}
|
|
|
|
{% block neutron_server_footer %}
|
|
RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf \
|
|
&& sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf \
|
|
&& echo "if [[ "\$\(whoami\)" == 'root' ]]; then rm -rf /var/run/httpd/* /run/httpd/* /tmp/httpd*; fi" >> /usr/local/bin/kolla_neutron_extend_start; \
|
|
mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/neutron-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% set neutron_metadata_agent_ovn_packages_append = ['docker', 'podman', 'libseccomp'] %}
|
|
{% set neutron_l3_agent_packages_append = ['docker', 'podman', 'libseccomp'] %}
|
|
# Kolla doesn't currently neutron_dhcp_agent_packages on CentOS so the append
|
|
# isn't valid here.
|
|
{% set neutron_dhcp_agent_packages = ['docker', 'podman', 'libseccomp'] %}
|
|
|
|
{% if distro_python_version.startswith('3') %}
|
|
{% set octavia_api_packages_append = ['python3-networking-ovn'] %}
|
|
{% else %}
|
|
{% set octavia_api_packages_append = ['python-networking-ovn'] %}
|
|
{% endif %}
|
|
|
|
# NOTE (jaosorior): redis with TLS everywhere needs these packages.
|
|
# redis resource-agent requires pidof
|
|
{% set redis_packages_append = [
|
|
'stunnel',
|
|
'pacemaker',
|
|
'pacemaker-remote',
|
|
'pcs',
|
|
'libqb',
|
|
'resource-agents'
|
|
] %}
|
|
{% if distro_python_version.startswith('3') %}
|
|
{% set redis_packages_append = redis_packages_append + [
|
|
'procps-ng',
|
|
] %}
|
|
{% else %}
|
|
{% set redis_packages_append = redis_packages_append + [
|
|
'sysvinit-tools',
|
|
] %}
|
|
{% endif %}
|
|
|
|
# Remove packages not present in repos
|
|
#
|
|
{% if distro_python_version.startswith('3') %}
|
|
{% set openstack_base_packages_remove = [
|
|
'python3-cloudkittyclient',
|
|
'python3-congressclient',
|
|
'python3-elasticsearch',
|
|
'python3-magnumclient',
|
|
'python3-muranoclient',
|
|
'python3-troveclient',
|
|
'python3-vitrageclient',
|
|
] %}
|
|
{% else %}
|
|
{% set openstack_base_packages_remove = [
|
|
'python-cloudkittyclient',
|
|
'python-elasticsearch',
|
|
'python-magnumclient',
|
|
'python-muranoclient',
|
|
'python-troveclient',
|
|
'python-vitrageclient',
|
|
] %}
|
|
{% endif %}
|
|
{% set openstack_base_packages_append = ['openstack-selinux'] %}
|
|
|
|
# Use mariadb-server-galera and xinetd for galera and clustercheck
|
|
{# 'pv' # EPEL
|
|
#}
|
|
{% set mariadb_packages_remove = [
|
|
'pv'
|
|
] %}
|
|
{% set mariadb_packages_append = ['xinetd', 'pacemaker', 'pacemaker-remote',
|
|
'pcs', 'libqb', 'resource-agents'] %}
|
|
{% set sensu_client_packages_remove = [
|
|
'ceph-common',
|
|
'cyrus-sasl-devel',
|
|
'docker-client',
|
|
'gcc-c++',
|
|
'make',
|
|
'mariadb',
|
|
'ntp',
|
|
'python-pymongo',
|
|
'python2-pymongo',
|
|
'python3-pymongo',
|
|
'ruby-devel'
|
|
] %}
|
|
# Horizon dashboards we do not support
|
|
# See LP#1767520
|
|
{% set horizon_packages_remove = [
|
|
'openstack-cloudkitty-ui',
|
|
'openstack-murano-ui',
|
|
'openstack-trove-ui'
|
|
] %}
|
|
|
|
# Required for nova migration
|
|
{% set nova_compute_packages_append = ['openstack-nova-migration', 'openssh-server'] %}
|
|
{% set nova_libvirt_packages_remove = ['libvirt-daemon-driver-lxc'] %}
|
|
# On RHEL7 /etc/pki/CA was part of base openssl package.
|
|
# On RHEL8 it is now in openssl-perl.
|
|
{% set nova_libvirt_packages_append = ['openstack-nova-migration', 'openssl-perl'] %}
|
|
|
|
# Required to allow the mysql-migrate-db.sh data extraction script to be used
|
|
# during an upgrade.
|
|
{% set placement_api_packages_append = ['mariadb'] %}
|
|
|
|
############################ service container footers #########################
|
|
|
|
{% block aodh_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/aodh-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block aodh_evaluator_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/aodh-evaluator /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block aodh_listener_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/aodh-listener /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block aodh_notifier_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/aodh-notifier /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block barbican_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/barbican-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block barbican_keystone_listener_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/barbican-keystone-listener /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block barbican_worker_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/barbican-worker /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block ceilometer_central_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/ceilometer-agent-central /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block ceilometer_compute_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/ceilometer-agent-compute /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block ceilometer_ipmi_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/ceilometer-agent-ipmi /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block ceilometer_notification_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/ceilometer-agent-notification /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block cinder_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/cinder-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% set cinder_backup_packages_append = [
|
|
'pacemaker', 'pacemaker-remote', 'pcs', 'libqb', 'resource-agents'] %}
|
|
{% block cinder_backup_footer %}
|
|
RUN mkdir -p /etc/libqb /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/cinder-backup /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block cinder_scheduler_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/cinder-scheduler /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% set cinder_volume_packages_append = [
|
|
'pacemaker', 'pacemaker-remote', 'pcs', 'libqb', 'resource-agents'] %}
|
|
{% block cinder_volume_footer %}
|
|
RUN mkdir -p /etc/libqb /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/cinder-volume /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block collectd_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/collectd /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block etcd_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/etcd /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block fluentd_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/fluentd /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
# make sure no gems are installed
|
|
{% block fluentd_plugins_install %}{% endblock %}
|
|
|
|
{% block glance_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/glance-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck && \
|
|
sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf && \
|
|
sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf && \
|
|
echo "if [[ "\$\(whoami\)" == 'root' ]]; then rm -rf /var/run/httpd/* /run/httpd/* /tmp/httpd*; fi" >> /usr/local/bin/kolla_glance_extend_start
|
|
{% endblock %}
|
|
|
|
{% block gnocchi_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/gnocchi-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block gnocchi_metricd_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/gnocchi-metricd /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block gnocchi_statsd_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/gnocchi-statsd /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block heat_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/heat-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block heat_api_cfn_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/heat-api-cfn /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block heat_engine_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/heat-engine /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% set haproxy_packages_append = [
|
|
'libqb',
|
|
'pacemaker',
|
|
'pacemaker-remote',
|
|
'pcs',
|
|
'resource-agents',
|
|
] %}
|
|
{% block haproxy_footer %}
|
|
RUN mkdir /etc/libqb
|
|
{% endblock %}
|
|
|
|
{% block ironic_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/ironic-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block ironic_conductor_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/ironic-conductor /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block ironic_inspector_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/ironic-inspector /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block ironic_pxe_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/ironic-pxe /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block iscsid_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/iscsid /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block keystone_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/keystone /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block manila_scheduler_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/manila-scheduler /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% set manila_share_packages_append = [
|
|
'pacemaker', 'pacemaker-remote', 'pcs', 'libqb', 'resource-agents'] %}
|
|
{% block manila_share_footer %}
|
|
RUN mkdir /etc/libqb
|
|
{% endblock %}
|
|
|
|
{% block mariadb_footer %}
|
|
# We'll configure mariadb with galera.cnf.
|
|
# Note: in mariadb 10.3, auth_gssapi.cnf is shipped in optional
|
|
# mariadb-gssapi-server. We don't install it here, so force rm
|
|
RUN rm -f /etc/my.cnf.d/mariadb-server.cnf /etc/my.cnf.d/auth_gssapi.cnf
|
|
|
|
RUN mkdir -p /etc/libqb /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/mariadb /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block memcached_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/memcached /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block mistral_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/mistral-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block mistral_engine_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/mistral-engine /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block mistral_executor_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/mistral-executor /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
# TODO(emilien) Remove once proper packaging is released for Ansible
|
|
{% if distro_python_version.startswith('3') %}
|
|
RUN test -f /usr/bin/ansible-playbook-3 || ln -s /usr/bin/ansible-playbook /usr/bin/ansible-playbook-3
|
|
{% endif %}
|
|
USER root
|
|
RUN useradd validations
|
|
USER mistral
|
|
{% endblock %}
|
|
|
|
{% block mistral_event_engine_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/mistral-event-engine /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block multipathd_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/multipathd /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block neutron_dhcp_agent_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/neutron-dhcp /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block neutron_l3_agent_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/neutron-l3 /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block neutron_metadata_agent_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/neutron-metadata /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block neutron_openvswitch_agent_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/neutron-ovs-agent /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block neutron_sriov_agent_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/neutron-sriov-agent /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block nova_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/nova-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block nova_compute_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/nova-compute /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block nova_compute_ironic_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/nova-ironic /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block nova_libvirt_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/nova-libvirt /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block nova_novncproxy_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/nova-vnc-proxy /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}]
|
|
|
|
{% block nova_scheduler_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/nova-scheduler /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block nova_conductor_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/nova-conductor /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block octavia_api_footer %}
|
|
RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf \
|
|
&& sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf \
|
|
&& echo "if [[ "\$\(whoami\)" == 'root' ]]; then rm -rf /var/run/httpd/* /run/httpd/* /tmp/httpd*; fi" >> /usr/local/bin/kolla_octavia_extend_start; \
|
|
mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/octavia-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block octavia_health_manager_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/octavia-health-manager /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block octavia_housekeeping_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/octavia-housekeeping /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block octavia_worker_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/octavia-worker /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block opendaylight_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/opendaylight-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block panko_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/panko-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block placement_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/placement-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block rabbitmq_install_plugins %}
|
|
# External rabbitmq plugins installation is disabled
|
|
{% endblock %}
|
|
|
|
# workaround for LP #1814233
|
|
# Review https://review.openstack.org/#/c/634365/
|
|
# Remove when https://review.openstack.org/#/c/634402/ is merged
|
|
{% set rabbitmq_packages_remove = ['rabbitmq-server-3.7.10'] %}
|
|
{% set rabbitmq_packages_append = [
|
|
'rabbitmq-server', 'pacemaker', 'pacemaker-remote', 'pcs', 'libqb', 'resource-agents'] %}
|
|
|
|
{% block rabbitmq_footer %}
|
|
RUN mkdir -p /etc/libqb /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/rabbitmq /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block redis_footer %}
|
|
RUN mkdir /etc/libqb; mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/redis /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block sahara_api_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/sahara-api /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block sahara_engine_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/sahara-engine /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block sensu_clients_install %}
|
|
{% endblock %}
|
|
|
|
{% block sensu_client_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/sensu-client /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block swift_account_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/swift-account-server /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block swift_container_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/swift-container-server /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block swift_object_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/swift-object-server /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
# Note(mmagr): Below block is currently noop because swift-proxy-server kolla image is used
|
|
# for swift_object_expirer container, but it will allow smooth transition
|
|
# to usage of correct image for the service in future.
|
|
{% block swift_object_expirer_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/swift-object-expirer /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block swift_proxy_server_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/swift-proxy /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck && \
|
|
sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf && \
|
|
sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf && \
|
|
echo "if [[ "\$\(whoami\)" == 'root' ]]; then rm -rf /var/run/httpd/* /run/httpd/* /tmp/httpd*; fi" >> /usr/local/bin/kolla_extend_start
|
|
{% endblock %}
|
|
|
|
# Note(mmagr): Below block is currently noop because swift-object kolla image is used
|
|
# for swift_rsync container, but it will allow smooth transition
|
|
# to usage of correct image for the service in future.
|
|
{% block swift_rsyncd_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/swift-rsync /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block tacker_server_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/tacker /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block ovn_controller_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/ovn-controller /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% set ovn_northd_packages_append = [
|
|
'pacemaker', 'pacemaker-remote', 'pcs', 'libqb', 'resource-agents'] %}
|
|
{% block ovn_northd_footer %}
|
|
RUN mkdir /etc/libqb && mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/ovn-dbs /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block neutron_metadata_agent_ovn_footer %}
|
|
RUN mkdir -p /openstack && \
|
|
ln -s /usr/share/openstack-tripleo-common/healthcheck/ovn-metadata /openstack/healthcheck && \
|
|
chmod a+rx /openstack/healthcheck
|
|
{% endblock %}
|
|
|
|
{% block base_footer %}
|
|
# workaround LP1696283
|
|
RUN mkdir -p /etc/ssh && touch /etc/ssh/ssh_known_hosts
|
|
# workaround for LP#1765802
|
|
STOPSIGNAL SIGTERM
|
|
# In order to ensure that we have the last base packages, we would like to do
|
|
# a yum update in the kolla base image. All the other images should inherit this
|
|
# but if the base distro container is out of date (i.g. 7.4 but 7.5 is out) this
|
|
# will pull in the updated packages available. Related issue LP#1770355
|
|
RUN yum update -y && yum clean all && rm -rf /var/cache/yum
|
|
{% endblock %}
|