openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Merge "Rework neutron/own agent wrapper tools for podman"

This commit is contained in:
Zuul 2018-11-09 13:53:29 +00:00 committed by Gerrit Code Review
parent 0e85222ab3 8f4738362a
commit 6669b10a38
5 changed files with 107 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
docker/services/neutron-dhcp.yaml
View File

@ -23,6 +23,20 @@ parameters:
description: Generate a wrapper script so neutron launches haproxy in a separate container.
type: boolean
default: true
Debug:
type: boolean
default: false
description: Set to True to enable debugging on all services.
NeutronWrapperDebug:
type: boolean
default: false
description: Controls debugging for the wrapper scripts.
ContainerCli:
type: string
default: 'docker'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
NeutronDhcpAgentLoggingSource:
type: json
default:
@ -68,6 +82,8 @@ conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
dnsmasq_wrapper_enabled: {equals: [{get_param: NeutronEnableDnsmasqDockerWrapper}, true]}
haproxy_wrapper_enabled: {equals: [{get_param: NeutronEnableHaproxyDockerWrapper}, true]}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
service_debug_unset: {equals : [{get_param: NeutronWrapperDebug}, false]}
resources:
@ -108,6 +124,12 @@ outputs:
tripleo::profile::base::neutron::dhcp_agent_wrappers::enable_haproxy_wrapper: {get_param: NeutronEnableHaproxyDockerWrapper}
tripleo::profile::base::neutron::dhcp_agent_wrappers::haproxy_process_wrapper: '/var/lib/neutron/dhcp_haproxy_wrapper'
tripleo::profile::base::neutron::dhcp_agent_wrappers::haproxy_image: {get_param: DockerNeutronDHCPImage}
tripleo::profile::base::neutron::dhcp_agent_wrappers::debug:
if:
- service_debug_unset
- {get_param: Debug }
- {get_param: NeutronWrapperDebug}
tripleo::profile::base::neutron::container_cli: {get_param: ContainerCli}
service_config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, service_config_settings]
@ -203,7 +225,11 @@ outputs:
- /run/openvswitch:/run/openvswitch
- /var/lib/neutron:/var/lib/neutron
- /run/netns:/run/netns:shared
- /var/lib/openstack:/var/lib/openstack
-
if:
- docker_enabled
- - /var/lib/openstack:/var/lib/openstack
- null
-
if:
- dnsmasq_wrapper_enabled

28
docker/services/neutron-l3.yaml
View File

@ -40,6 +40,20 @@ parameters:
once the fix to radvd is generally available across target distributions.
type: boolean
default: false
Debug:
type: boolean
default: false
description: Set to True to enable debugging on all services.
NeutronWrapperDebug:
type: boolean
default: false
description: Controls debugging for the wrapper scripts.
ContainerCli:
type: string
default: 'docker'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
ServiceData:
default: {}
description: Dictionary packing service data
@ -72,6 +86,8 @@ conditions:
haproxy_wrapper_enabled: {equals: [{get_param: NeutronEnableHaproxyDockerWrapper}, true]}
dibbler_wrapper_enabled: {equals: [{get_param: NeutronEnableDibblerDockerWrapper}, true]}
radvd_wrapper_enabled: {equals: [{get_param: NeutronEnableRadvdDockerWrapper}, true]}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
service_debug_unset: {equals : [{get_param: NeutronWrapperDebug}, false]}
resources:
@ -116,6 +132,12 @@ outputs:
tripleo::profile::base::neutron::l3_agent_wrappers::enable_radvd_wrapper: {get_param: NeutronEnableRadvdDockerWrapper}
tripleo::profile::base::neutron::l3_agent_wrappers::radvd_process_wrapper: '/var/lib/neutron/radvd_wrapper'
tripleo::profile::base::neutron::l3_agent_wrappers::radvd_image: {get_param: DockerNeutronL3AgentImage}
tripleo::profile::base::neutron::l3_agent_wrappers::debug:
if:
- service_debug_unset
- {get_param: Debug }
- {get_param: NeutronWrapperDebug}
tripleo::profile::base::neutron::container_cli: {get_param: ContainerCli}
service_config_settings:
map_merge:
@ -202,7 +224,11 @@ outputs:
- /run/openvswitch:/run/openvswitch
- /var/lib/neutron:/var/lib/neutron
- /run/netns:/run/netns:shared
- /var/lib/openstack:/var/lib/openstack
-
if:
- docker_enabled
- - /var/lib/openstack:/var/lib/openstack
- null
-
if:
- keepalived_wrapper_enabled

30
docker/services/ovn-metadata.yaml
View File

@ -19,6 +19,20 @@ parameters:
description: Generate a wrapper script so that haproxy is launched in a separate container.
type: boolean
default: true
Debug:
type: boolean
default: false
description: Set to True to enable debugging on all services.
OVNWrapperDebug:
type: boolean
default: false
description: Controls debugging for the wrapper scripts.
ContainerCli:
type: string
default: 'docker'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
ServiceData:
default: {}
description: Dictionary packing service data
@ -47,7 +61,9 @@ parameters:
type: json
conditions:
haproxy_wrapper_enabled: {equals: [{get_param: OVNEnableHaproxyDockerWrapper}, true]}
haproxy_wrapper_enabled: {equals: [{get_param: OVNEnableHaproxyDockerWrapper}, true]}
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
service_debug_unset: {equals : [{get_param: OVNWrapperDebug}, false]}
resources:
@ -81,6 +97,12 @@ outputs:
- tripleo::profile::base::neutron::ovn_metadata_agent_wrappers::enable_haproxy_wrapper: {get_param: OVNEnableHaproxyDockerWrapper}
tripleo::profile::base::neutron::ovn_metadata_agent_wrappers::haproxy_process_wrapper: '/var/lib/neutron/ovn_metadata_haproxy_wrapper'
tripleo::profile::base::neutron::ovn_metadata_agent_wrappers::haproxy_image: {get_param: DockerOvnMetadataImage}
tripleo::profile::base::neutron::ovn_metadata_agent_wrappers::debug:
if:
- service_debug_unset
- {get_param: Debug }
- {get_param: OVNWrapperDebug}
tripleo::profile::base::neutron::container_cli: {get_param: ContainerCli}
puppet_config:
puppet_tags: neutron_config,ovn_metadata_agent_config
config_volume: neutron
@ -171,7 +193,11 @@ outputs:
- /run/openvswitch:/run/openvswitch
- /var/lib/neutron:/var/lib/neutron
- /run/netns:/run/netns:shared
- /var/lib/openstack:/var/lib/openstack
-
if:
- docker_enabled
- - /var/lib/openstack:/var/lib/openstack
- null
-
if:
- haproxy_wrapper_enabled

9
puppet/services/docker.yaml
View File

@ -68,6 +68,15 @@ parameters:
default: ''
description: User added to the docker group in order to use container commands.
type: string
parameter_groups:
- label: deprecated
description: |
The following parameters are deprecated and will be removed. They should not
be relied on for new deployments. If you have concerns regarding deprecated
parameters, please contact the TripleO development team on IRC or the
OpenStack mailing list.
parameters:
- DockerAdditionalSockets
conditions:
insecure_registry_is_empty: {equals : [{get_param: DockerInsecureRegistryAddress}, []]}

16
releasenotes/notes/wrapper-containers-debug-844c13348c83de93.yaml Normal file
View File

@ -0,0 +1,16 @@
---
features:
- |
``ContainerCli`` allows 'docker' (deprecated) and 'podman' for Neutron
L3/DHCP and OVN metadata rootwrap containers managed by agents.
Parameters ``OVNWrapperDebug`` and ``NeutronWrapperDebug`` (Defaults to
`False`) allow to log debug messages for the wrapper scripts managing
rootwrap containers. It is also controled by the global ``Debug`` setting.
fixes:
- |
Neutron/OVN rootwrap containers are managed by agents and will no longer
be deleted, when the parent container restarts.
deprecations:
- |
Parameter ``DockerAdditionalSockets`` is deprecated. No sockets are
expected to bind mount for podman. So it only works for the docker runtime.