openstack
/
tripleo-heat-templates
Code Issues Proposed changes

HA: minor update of arbitrary container image name 

HA services get their container image name from a pacemaker
resource configuration. This image name is shared between
all cluster nodes.

To achieve image update without service disruption, a pacemaker
resource is configured to use an intermediate image name
"<registry>/<namespace>/<servicename>:pcmklatest" pointing to
the real image name configured in Heat. This tag can then be
updated independently on every node during the minor update.

In order to support the same rolling update when the <namespace>
changes in the container image, we need a similar floating
approach for the prefix part of the container image.

Introduce a new Heat parameter ClusterCommonTag that, when enabled,
sets the intermediate image name to
"cluster-common-tag/<servicename>:pcmklatest". By default, this
parameter is disabled and the original naming scheme is conserved.

Note: by introducing this new naming scheme, we stop seeing a
meaningful image name prefix when doing a "pcs status", but since
we already can't tell what image ID the :pcmklatest tag points to,
we don't lose much information really.

Related-Bug: #1854730

Change-Id: Id369154d147cd5cf0a6f997bf806084fc7580e01
(cherry picked from commit a166ec6bca)
This commit is contained in:
Damien Ciabrini 2019-12-02 13:01:45 +01:00
parent 1111ed5e20
commit 44b6e6b852
11 changed files with 192 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
deployment/cinder/cinder-backup-pacemaker-puppet.yaml
View File

@ -10,6 +10,14 @@ parameters:
ContainerCinderConfigImage:
description: The container image to use for the cinder config_volume
type: string
ClusterCommonTag:
default: false
description: When set to false, a pacemaker service is configured
to use a floating tag for its container image name,
e.g. 'REGISTRY/NAMESPACE/IMAGENAME:pcmklatest'. When
set to true, the service uses a floating prefix as
well, e.g. 'cluster-common-tag/IMAGENAME:pcmklatest'.
type: boolean
CinderBackupBackend:
default: swift
description: The short name of the Cinder Backup backend to use.
@ -73,6 +81,7 @@ parameters:
conditions:
puppet_debug_enabled: {get_param: ConfigDebug}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
common_tag_enabled: {equals: [{get_param: ClusterCommonTag}, true]}
resources:
@ -108,12 +117,15 @@ outputs:
map_merge:
- get_attr: [CinderBackupBase, role_data, config_settings]
- tripleo::profile::pacemaker::cinder::backup_bundle::cinder_backup_docker_image: &cinder_backup_image_pcmklatest
list_join:
- ':'
- - yaql:
data: {get_param: ContainerCinderBackupImage}
expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
- 'pcmklatest'
yaql:
data:
if:
- common_tag_enabled
- yaql:
data: {get_param: ContainerCinderBackupImage}
expression: concat("cluster-common-tag/", $.data.rightSplit(separator => "/", maxSplits => 1)[1])
- {get_param: ContainerCinderBackupImage}
expression: concat($.data.rightSplit(separator => ":", maxSplits => 1)[0], ":pcmklatest")
tripleo::profile::pacemaker::cinder::backup_bundle::docker_volumes: {get_attr: [CinderCommon, cinder_backup_volumes]}
tripleo::profile::pacemaker::cinder::backup_bundle::docker_environment: {get_attr: [CinderCommon, cinder_backup_environment]}
tripleo::profile::pacemaker::cinder::backup_bundle::container_backend: {get_param: ContainerCli}

24
deployment/cinder/cinder-volume-pacemaker-puppet.yaml
View File

@ -10,6 +10,14 @@ parameters:
ContainerCinderConfigImage:
description: The container image to use for the cinder config_volume
type: string
ClusterCommonTag:
default: false
description: When set to false, a pacemaker service is configured
to use a floating tag for its container image name,
e.g. 'REGISTRY/NAMESPACE/IMAGENAME:pcmklatest'. When
set to true, the service uses a floating prefix as
well, e.g. 'cluster-common-tag/IMAGENAME:pcmklatest'.
type: boolean
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@ -61,6 +69,7 @@ parameters:
conditions:
puppet_debug_enabled: {get_param: ConfigDebug}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
common_tag_enabled: {equals: [{get_param: ClusterCommonTag}, true]}
resources:
@ -94,12 +103,15 @@ outputs:
- get_attr: [CinderBase, role_data, config_settings]
- tripleo::profile::base::lvm::enable_udev: false
tripleo::profile::pacemaker::cinder::volume_bundle::cinder_volume_docker_image: &cinder_volume_image_pcmklatest
list_join:
- ':'
- - yaql:
data: {get_param: ContainerCinderVolumeImage}
expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
- 'pcmklatest'
yaql:
data:
if:
- common_tag_enabled
- yaql:
data: {get_param: ContainerCinderVolumeImage}
expression: concat("cluster-common-tag/", $.data.rightSplit(separator => "/", maxSplits => 1)[1])
- {get_param: ContainerCinderVolumeImage}
expression: concat($.data.rightSplit(separator => ":", maxSplits => 1)[0], ":pcmklatest")
tripleo::profile::pacemaker::cinder::volume_bundle::docker_volumes: {get_attr: [CinderCommon, cinder_volume_volumes]}
tripleo::profile::pacemaker::cinder::volume_bundle::docker_environment: {get_attr: [CinderCommon, cinder_volume_environment]}
tripleo::profile::pacemaker::cinder::volume_bundle::container_backend: {get_param: ContainerCli}

24
deployment/database/mysql-pacemaker-puppet.yaml
View File

@ -10,6 +10,14 @@ parameters:
ContainerMysqlConfigImage:
description: The container image to use for the mysql config_volume
type: string
ClusterCommonTag:
default: false
description: When set to false, a pacemaker service is configured
to use a floating tag for its container image name,
e.g. 'REGISTRY/NAMESPACE/IMAGENAME:pcmklatest'. When
set to true, the service uses a floating prefix as
well, e.g. 'cluster-common-tag/IMAGENAME:pcmklatest'.
type: boolean
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@ -93,6 +101,7 @@ conditions:
puppet_debug_enabled: {get_param: ConfigDebug}
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
common_tag_enabled: {equals: [{get_param: ClusterCommonTag}, true]}
outputs:
role_data:
@ -123,12 +132,15 @@ outputs:
tripleo::profile::pacemaker::database::mysql::ca_file:
get_param: InternalTLSCAFile
tripleo::profile::pacemaker::database::mysql_bundle::mysql_docker_image: &mysql_image_pcmklatest
list_join:
- ':'
- - yaql:
data: {get_param: ContainerMysqlImage}
expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
- 'pcmklatest'
yaql:
data:
if:
- common_tag_enabled
- yaql:
data: {get_param: ContainerMysqlImage}
expression: concat("cluster-common-tag/", $.data.rightSplit(separator => "/", maxSplits => 1)[1])
- {get_param: ContainerMysqlImage}
expression: concat($.data.rightSplit(separator => ":", maxSplits => 1)[0], ":pcmklatest")
tripleo::profile::pacemaker::database::mysql_bundle::control_port: 3123
tripleo::profile::pacemaker::database::mysql_bundle::container_backend: {get_param: ContainerCli}
tripleo::mysql::firewall_rules:

24
deployment/database/redis-pacemaker-puppet.yaml
View File

@ -10,6 +10,14 @@ parameters:
ContainerRedisConfigImage:
description: The container image to use for the redis config_volume
type: string
ClusterCommonTag:
default: false
description: When set to false, a pacemaker service is configured
to use a floating tag for its container image name,
e.g. 'REGISTRY/NAMESPACE/IMAGENAME:pcmklatest'. When
set to true, the service uses a floating prefix as
well, e.g. 'cluster-common-tag/IMAGENAME:pcmklatest'.
type: boolean
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@ -65,6 +73,7 @@ conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
redis_ipv6: {get_param: RedisIPv6}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
common_tag_enabled: {equals: [{get_param: ClusterCommonTag}, true]}
resources:
@ -93,12 +102,15 @@ outputs:
redis::notify_service: false
redis::managed_by_cluster_manager: true
tripleo::profile::pacemaker::database::redis_bundle::redis_docker_image: &redis_image_pcmklatest
list_join:
- ':'
- - yaql:
data: {get_param: ContainerRedisImage}
expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
- 'pcmklatest'
yaql:
data:
if:
- common_tag_enabled
- yaql:
data: {get_param: ContainerRedisImage}
expression: concat("cluster-common-tag/", $.data.rightSplit(separator => "/", maxSplits => 1)[1])
- {get_param: ContainerRedisImage}
expression: concat($.data.rightSplit(separator => ":", maxSplits => 1)[0], ":pcmklatest")
tripleo::profile::pacemaker::database::redis_bundle::control_port: 3124
tripleo::profile::pacemaker::database::redis_bundle::container_backend: {get_param: ContainerCli}
tripleo::redis::firewall_rules:

24
deployment/haproxy/haproxy-pacemaker-puppet.yaml
View File

@ -10,6 +10,14 @@ parameters:
ContainerHAProxyConfigImage:
description: The container image to use for the haproxy config_volume
type: string
ClusterCommonTag:
default: false
description: When set to false, a pacemaker service is configured
to use a floating tag for its container image name,
e.g. 'REGISTRY/NAMESPACE/IMAGENAME:pcmklatest'. When
set to true, the service uses a floating prefix as
well, e.g. 'cluster-common-tag/IMAGENAME:pcmklatest'.
type: boolean
ServiceData:
default: {}
description: Dictionary packing service data
@ -110,6 +118,7 @@ conditions:
- true
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
common_tag_enabled: {equals: [{get_param: ClusterCommonTag}, true]}
resources:
@ -176,12 +185,15 @@ outputs:
# disable the use CRL file until we can restart the container when the file expires
tripleo::haproxy::crl_file: null
tripleo::profile::pacemaker::haproxy_bundle::haproxy_docker_image: &haproxy_image_pcmklatest
list_join:
- ':'
- - yaql:
data: {get_param: ContainerHAProxyImage}
expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
- 'pcmklatest'
yaql:
data:
if:
- common_tag_enabled
- yaql:
data: {get_param: ContainerHAProxyImage}
expression: concat("cluster-common-tag/", $.data.rightSplit(separator => "/", maxSplits => 1)[1])
- {get_param: ContainerHAProxyImage}
expression: concat($.data.rightSplit(separator => ":", maxSplits => 1)[0], ":pcmklatest")
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: haproxy

24
deployment/manila/manila-share-pacemaker-puppet.yaml
View File

@ -10,6 +10,14 @@ parameters:
ContainerManilaConfigImage:
description: image
type: string
ClusterCommonTag:
default: false
description: When set to false, a pacemaker service is configured
to use a floating tag for its container image name,
e.g. 'REGISTRY/NAMESPACE/IMAGENAME:pcmklatest'. When
set to true, the service uses a floating prefix as
well, e.g. 'cluster-common-tag/IMAGENAME:pcmklatest'.
type: boolean
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@ -56,6 +64,7 @@ parameters:
conditions:
puppet_debug_enabled: {get_param: ConfigDebug}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
common_tag_enabled: {equals: [{get_param: ClusterCommonTag}, true]}
resources:
@ -87,12 +96,15 @@ outputs:
map_merge:
- get_attr: [ManilaShareContainerBase, role_data, config_settings]
- tripleo::profile::pacemaker::manila::share_bundle::manila_share_docker_image: &manila_share_image_pcmklatest
list_join:
- ':'
- - yaql:
data: {get_param: ContainerManilaShareImage}
expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
- 'pcmklatest'
yaql:
data:
if:
- common_tag_enabled
- yaql:
data: {get_param: ContainerManilaShareImage}
expression: concat("cluster-common-tag/", $.data.rightSplit(separator => "/", maxSplits => 1)[1])
- {get_param: ContainerManilaShareImage}
expression: concat($.data.rightSplit(separator => ":", maxSplits => 1)[0], ":pcmklatest")
tripleo::profile::pacemaker::manila::share_bundle::docker_volumes: {get_attr: [ManilaCommon, manila_share_volumes]}
tripleo::profile::pacemaker::manila::share_bundle::docker_environment: {get_attr: [ManilaCommon, manila_share_environment]}
tripleo::profile::pacemaker::manila::share_bundle::container_backend: {get_param: ContainerCli}

24
deployment/ovn/ovn-dbs-pacemaker-puppet.yaml
View File

@ -10,6 +10,14 @@ parameters:
ContainerOvnDbsConfigImage:
description: image
type: string
ClusterCommonTag:
default: false
description: When set to false, a pacemaker service is configured
to use a floating tag for its container image name,
e.g. 'REGISTRY/NAMESPACE/IMAGENAME:pcmklatest'. When
set to true, the service uses a floating prefix as
well, e.g. 'cluster-common-tag/IMAGENAME:pcmklatest'.
type: boolean
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@ -78,6 +86,7 @@ conditions:
puppet_debug_enabled: {get_param: ConfigDebug}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
common_tag_enabled: {equals: [{get_param: ClusterCommonTag}, true]}
resources:
@ -105,12 +114,15 @@ outputs:
map_merge:
- get_attr: [OVNDbsBase, role_data, config_settings]
- tripleo::profile::pacemaker::ovn_dbs_bundle::ovn_dbs_docker_image: &ovn_dbs_image_pcmklatest
list_join:
- ':'
- - yaql:
data: {get_param: ContainerOvnDbsImage}
expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
- 'pcmklatest'
yaql:
data:
if:
- common_tag_enabled
- yaql:
data: {get_param: ContainerOvnDbsImage}
expression: concat("cluster-common-tag/", $.data.rightSplit(separator => "/", maxSplits => 1)[1])
- {get_param: ContainerOvnDbsImage}
expression: concat($.data.rightSplit(separator => ":", maxSplits => 1)[0], ":pcmklatest")
- tripleo::profile::pacemaker::ovn_dbs_bundle::nb_db_port: {get_param: OVNNorthboundServerPort}
- tripleo::profile::pacemaker::ovn_dbs_bundle::sb_db_port: {get_param: OVNSouthboundServerPort}
- tripleo::profile::pacemaker::ovn_dbs_bundle::container_backend: {get_param: ContainerCli}

24
deployment/rabbitmq/rabbitmq-messaging-notify-pacemaker-puppet.yaml
View File

@ -10,6 +10,14 @@ parameters:
ContainerRabbitmqConfigImage:
description: The container image to use for the rabbitmq config_volume
type: string
ClusterCommonTag:
default: false
description: When set to false, a pacemaker service is configured
to use a floating tag for its container image name,
e.g. 'REGISTRY/NAMESPACE/IMAGENAME:pcmklatest'. When
set to true, the service uses a floating prefix as
well, e.g. 'cluster-common-tag/IMAGENAME:pcmklatest'.
type: boolean
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@ -60,6 +68,7 @@ parameters:
conditions:
puppet_debug_enabled: {get_param: ConfigDebug}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
common_tag_enabled: {equals: [{get_param: ClusterCommonTag}, true]}
resources:
@ -87,12 +96,15 @@ outputs:
- {get_attr: [RabbitmqBase, role_data, config_settings]}
- rabbitmq::service_manage: false
tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image_pcmklatest
list_join:
- ':'
- - yaql:
data: {get_param: ContainerRabbitmqImage}
expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
- 'pcmklatest'
yaql:
data:
if:
- common_tag_enabled
- yaql:
data: {get_param: ContainerRabbitmqImage}
expression: concat("cluster-common-tag/", $.data.rightSplit(separator => "/", maxSplits => 1)[1])
- {get_param: ContainerRabbitmqImage}
expression: concat($.data.rightSplit(separator => ":", maxSplits => 1)[0], ":pcmklatest")
tripleo::profile::pacemaker::rabbitmq_bundle::control_port: 3122
tripleo::profile::pacemaker::rabbitmq_bundle::container_backend: {get_param: ContainerCli}
tripleo::oslo_messaging_notify::firewall_rules:

24
deployment/rabbitmq/rabbitmq-messaging-pacemaker-puppet.yaml
View File

@ -10,6 +10,14 @@ parameters:
ContainerRabbitmqConfigImage:
description: The container image to use for the rabbitmq config_volume
type: string
ClusterCommonTag:
default: false
description: When set to false, a pacemaker service is configured
to use a floating tag for its container image name,
e.g. 'REGISTRY/NAMESPACE/IMAGENAME:pcmklatest'. When
set to true, the service uses a floating prefix as
well, e.g. 'cluster-common-tag/IMAGENAME:pcmklatest'.
type: boolean
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@ -60,6 +68,7 @@ parameters:
conditions:
puppet_debug_enabled: {get_param: ConfigDebug}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
common_tag_enabled: {equals: [{get_param: ClusterCommonTag}, true]}
resources:
@ -87,12 +96,15 @@ outputs:
- get_attr: [RabbitMQServiceBase, role_data, config_settings]
- rabbitmq::service_manage: false
tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image_pcmklatest
list_join:
- ':'
- - yaql:
data: {get_param: ContainerRabbitmqImage}
expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
- 'pcmklatest'
yaql:
data:
if:
- common_tag_enabled
- yaql:
data: {get_param: ContainerRabbitmqImage}
expression: concat("cluster-common-tag/", $.data.rightSplit(separator => "/", maxSplits => 1)[1])
- {get_param: ContainerRabbitmqImage}
expression: concat($.data.rightSplit(separator => ":", maxSplits => 1)[0], ":pcmklatest")
tripleo::profile::pacemaker::rabbitmq_bundle::control_port: 3122
tripleo::profile::pacemaker::rabbitmq_bundle::container_backend: {get_param: ContainerCli}
tripleo::rabbitmq::firewall_rules:

24
deployment/rabbitmq/rabbitmq-messaging-rpc-pacemaker-puppet.yaml
View File

@ -10,6 +10,14 @@ parameters:
ContainerRabbitmqConfigImage:
description: The container image to use for the rabbitmq config_volume
type: string
ClusterCommonTag:
default: false
description: When set to false, a pacemaker service is configured
to use a floating tag for its container image name,
e.g. 'REGISTRY/NAMESPACE/IMAGENAME:pcmklatest'. When
set to true, the service uses a floating prefix as
well, e.g. 'cluster-common-tag/IMAGENAME:pcmklatest'.
type: boolean
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@ -60,6 +68,7 @@ parameters:
conditions:
puppet_debug_enabled: {get_param: ConfigDebug}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
common_tag_enabled: {equals: [{get_param: ClusterCommonTag}, true]}
resources:
@ -87,12 +96,15 @@ outputs:
- {get_attr: [RabbitmqBase, role_data, config_settings]}
- rabbitmq::service_manage: false
tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image_pcmklatest
list_join:
- ':'
- - yaql:
data: {get_param: ContainerRabbitmqImage}
expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
- 'pcmklatest'
yaql:
data:
if:
- common_tag_enabled
- yaql:
data: {get_param: ContainerRabbitmqImage}
expression: concat("cluster-common-tag/", $.data.rightSplit(separator => "/", maxSplits => 1)[1])
- {get_param: ContainerRabbitmqImage}
expression: concat($.data.rightSplit(separator => ":", maxSplits => 1)[0], ":pcmklatest")
tripleo::profile::pacemaker::rabbitmq_bundle::control_port: 3122
tripleo::profile::pacemaker::rabbitmq_bundle::container_backend: {get_param: ContainerCli}
tripleo::oslo_messaging_rpc::firewall_rules:

12
releasenotes/notes/pacemaker-cluster-common-tag-45c4e8a6e7b08735.yaml Normal file
View File

@ -0,0 +1,12 @@
---
features:
- HA services use a special container image name derived from the one
configured in Heat parameter plus a fixed tag part, i.e.
'<registry>/<namespace>/<servicename>:pcmklatest'. To implement rolling
update without service disruption, this 'pcmklatest' tag is adjusted
automatically during minor update every time a new image is pulled.
A new Heat parameter ClusterCommonTag can now control the prefix part
of the container image name. When set to true, the container name
for HA services will look like
'container-common-tag/<servicename>:pcmklatest'. This allows rolling
update of HA services even when the <namespace> changes in Heat.