openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Merge "Remove Docker support"

This commit is contained in:
Zuul 2022-06-07 01:35:55 +00:00 committed by Gerrit Code Review
parent 796eaa3eed 9f53e0ce5c
commit 8c55ee15f5
34 changed files with 52 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
common/deploy-steps.j2
View File

@ -89,7 +89,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
DockerPuppetMountHostPuppet:
type: boolean
default: true
@ -164,7 +164,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
EnabledServices:
default: []
type: comma_delimited_list

2
deployment/cephadm/ceph-base.yaml
View File

@ -41,7 +41,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
CephEnableDashboard:
type: boolean
default: false

2
deployment/cinder/cinder-backup-pacemaker-puppet.yaml
View File

@ -72,7 +72,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
DeployIdentifier:
default: ''
type: string

2
deployment/cinder/cinder-volume-pacemaker-puppet.yaml
View File

@ -60,7 +60,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
DeployIdentifier:
default: ''
type: string

2
deployment/containers-common.yaml
View File

@ -50,7 +50,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
outputs:
container_config_scripts:

8
deployment/database/mysql-pacemaker-puppet.yaml
View File

@ -87,7 +87,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
resources:
ContainersCommon:
@ -116,9 +116,6 @@ resources:
ContainerMysqlImage: {get_param: ContainerMysqlImage}
ContainerMysqlConfigImage: {get_param: ContainerMysqlConfigImage}
conditions:
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
outputs:
role_data:
description: Containerized service MySQL using composable services.
@ -298,9 +295,6 @@ outputs:
- {get_attr: [ContainersCommon, container_puppet_apply_volumes]}
- - /var/lib/mysql:/var/lib/mysql:rw,z
- /var/lib/config-data/puppet-generated/mysql/root:/root:rw
- if:
- docker_enabled
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
environment:
# NOTE: this should force this container to re-run on each
# update (scale-out, etc.)

2
deployment/database/redis-pacemaker-puppet.yaml
View File

@ -67,7 +67,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
DeployIdentifier:
default: ''
type: string

1
deployment/deprecated/nova/nova-libvirt-container-puppet.yaml
View File

@ -708,7 +708,6 @@ outputs:
- opendev-validation
- opendev-validation-nova
when:
- container_cli == 'podman'
- not container_healthcheck_disabled
- step|int == 4
- name: Set up systemd target for libvirt services

2
deployment/haproxy/haproxy-pacemaker-puppet.yaml
View File

@ -108,7 +108,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
DeployIdentifier:
default: ''
type: string

2
deployment/haproxy/haproxy-public-tls-inject.yaml
View File

@ -103,7 +103,7 @@ outputs:
- name: get container_id
when:
- docker_state.status.ActiveState == 'active' or container_cli == 'podman'
- docker_state.status.ActiveState == 'active'
- attr_cert_path.stat.exists
- attr_cert_path.stat.isdir == False
command: "{{ container_cli }} ps -q -f name=haproxy"

1
deployment/keystone/keystone-container-puppet.yaml
View File

@ -883,7 +883,6 @@ outputs:
- opendev-validation
- opendev-validation-keystone
when:
- container_cli == 'podman'
- not container_healthcheck_disabled
- step|int == 4
- name: Keystone DB sync

2
deployment/manila/manila-share-pacemaker-puppet.yaml
View File

@ -60,7 +60,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
DeployIdentifier:
default: ''
type: string

8
deployment/neutron/neutron-dhcp-container-puppet.yaml
View File

@ -18,11 +18,6 @@ parameters:
default: ['nofile=16384']
description: ulimit for Neutron DHCP Agent Container
type: comma_delimited_list
DockerAdditionalSockets:
default: ['/var/lib/openstack/docker.sock']
description: Additional domain sockets for the docker daemon to bind to (useful for mounting
into containers that launch other containers)
type: comma_delimited_list
NeutronEnableDnsmasqDockerWrapper:
description: Generate a dnsmasq wrapper script so that neutron launches
dnsmasq in a separate container.
@ -45,7 +40,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
NeutronDhcpAgentLoggingSource:
type: json
default:
@ -440,7 +435,6 @@ outputs:
- {get_param: NeutronWrapperDebug}
- true
- {get_param: Debug }
docker_additional_sockets: {get_param: DockerAdditionalSockets}
- name: create kill_scripts directory within /var/lib/neutron
file:
state: directory

8
deployment/neutron/neutron-l3-container-puppet.yaml
View File

@ -18,11 +18,6 @@ parameters:
default: ['nofile=16384']
description: ulimit for Neutron L3 Agent Container
type: comma_delimited_list
DockerAdditionalSockets:
default: ['/var/lib/openstack/docker.sock']
description: Additional domain sockets for the docker daemon to bind to (useful for mounting
into containers that launch other containers)
type: comma_delimited_list
NeutronL3AgentLoggingSource:
type: json
default:
@ -62,7 +57,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
ServiceData:
default: {}
description: Dictionary packing service data
@ -369,7 +364,6 @@ outputs:
- {get_param: NeutronWrapperDebug}
- true
- {get_param: Debug}
docker_additional_sockets: {get_param: DockerAdditionalSockets}
- name: create kill_scripts directory within /var/lib/neutron
file:
state: directory

1
deployment/nova/nova-api-container-puppet.yaml
View File

@ -690,7 +690,6 @@ outputs:
- opendev-validation
- opendev-validation-nova
when:
- container_cli == 'podman'
- not container_healthcheck_disabled
- step|int == 4
host_prep_tasks: {get_attr: [NovaApiLogging, host_prep_tasks]}

51
deployment/nova/nova-compute-container-puppet.yaml
View File

@ -1466,56 +1466,9 @@ outputs:
- name: is Nova Resume Guests State On Host Boot enabled
set_fact:
resume_guests_state_on_host_boot_enabled: {get_attr: [RoleParametersValue, value, resume_guests_state_on_host_boot]}
- name: install libvirt-guests systemd unit file (docker)
- name: install tripleo_nova_libvirt_guests systemd unit file
when:
- resume_guests_state_on_host_boot_enabled|bool
- container_cli == 'docker'
block:
- name: libvirt-guests unit to stop nova_compute container before shutdown VMs
copy:
dest: /etc/systemd/system/libvirt-guests.service
content: |
[Unit]
Description=Suspend/Resume Running libvirt Guests
After=network.target
After=time-sync.target
After=virt-guest-shutdown.target
After=docker.service
After=tripleo-container-shutdown.service
After=rhel-push-plugin.service
Documentation=man:libvirtd(8)
Documentation=https://libvirt.org
[Service]
EnvironmentFile=-/var/lib/config-data/puppet-generated/nova_libvirt/etc/sysconfig/libvirt-guests
# Hack just call traditional service until we factor
# out the code
ExecStart=/bin/{{container_cli}} exec nova_libvirt /bin/sh -x /usr/libexec/libvirt-guests.sh start
ExecStop=/bin/{{container_cli}} stop nova_compute
ExecStop=/bin/{{container_cli}} exec nova_libvirt /bin/sh -x /usr/libexec/libvirt-guests.sh stop
Type=oneshot
RemainAfterExit=yes
StandardOutput=journal+console
TimeoutStopSec=0
[Install]
WantedBy=multi-user.target
- name: Making sure virt-guest-shutdown.target is present
copy:
dest: /etc/systemd/system/virt-guest-shutdown.target
content: |
[Unit]
Description=Libvirt guests shutdown
Documentation=https://libvirt.org
- name: libvirt-guests enable VM shutdown on compute reboot/shutdown
systemd:
name: libvirt-guests
enabled: true
daemon_reload: true
- name: install tripleo_nova_libvirt_guests systemd unit file (podman)
when:
- resume_guests_state_on_host_boot_enabled|bool
- container_cli == 'podman'
block:
- name: libvirt-guests unit to stop nova_compute container before shutdown VMs
copy:
@ -1619,7 +1572,6 @@ outputs:
- opendev-validation
- opendev-validation-nova
when:
- container_cli == 'podman'
- not container_healthcheck_disabled
- step|int == 6 #FIXME: there is no step6
- name: manage PMEM namespaces for vPMEM
@ -1705,7 +1657,6 @@ outputs:
scale_tasks:
- when:
- step|int == 1
- container_cli == 'podman'
tags: down
become: true
environment:

1
deployment/nova/nova-conductor-container-puppet.yaml
View File

@ -231,7 +231,6 @@ outputs:
- opendev-validation
- opendev-validation-nova
when:
- container_cli == 'podman'
- not container_healthcheck_disabled
- step|int == 5
host_prep_tasks:

1
deployment/nova/nova-metadata-container-puppet.yaml
View File

@ -294,7 +294,6 @@ outputs:
- opendev-validation
- opendev-validation-nova
when:
- container_cli == 'podman'
- not container_healthcheck_disabled
- step|int == 5
host_prep_tasks: {get_attr: [NovaMetadataLogging, host_prep_tasks]}

1
deployment/nova/nova-migration-target-container-puppet.yaml
View File

@ -217,7 +217,6 @@ outputs:
- opendev-validation
- opendev-validation-nova
when:
- container_cli == 'podman'
- not container_healthcheck_disabled
- step|int == 5
update_tasks:

1
deployment/nova/nova-scheduler-container-puppet.yaml
View File

@ -312,7 +312,6 @@ outputs:
- opendev-validation
- opendev-validation-nova
when:
- container_cli == 'podman'
- not container_healthcheck_disabled
- step|int == 5
host_prep_tasks:

1
deployment/nova/nova-vnc-proxy-container-puppet.yaml
View File

@ -321,7 +321,6 @@ outputs:
- opendev-validation
- opendev-validation-nova
when:
- container_cli == 'podman'
- not container_healthcheck_disabled
- step|int == 5
- if:

2
deployment/octavia/octavia-deployment-config.j2.yaml
View File

@ -171,7 +171,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
OctaviaLogOffload:
default: true
description: When true, log messages from the amphora will be forwarded

1
deployment/ovn/ovn-controller-container-puppet.yaml
View File

@ -520,7 +520,6 @@ outputs:
scale_tasks:
- when:
- step|int == 1
- container_cli == 'podman'
tags: down
become: true
environment:

2
deployment/ovn/ovn-dbs-pacemaker-puppet.yaml
View File

@ -72,7 +72,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
DeployIdentifier:
default: ''
type: string

8
deployment/ovn/ovn-metadata-container-puppet.yaml
View File

@ -36,7 +36,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
ServiceData:
default: {}
description: Dictionary packing service data
@ -104,11 +104,6 @@ parameters:
type: string
description: Specifies the default CA cert to use if TLS is used for
services in the internal network.
DockerAdditionalSockets:
default: ['/var/lib/openstack/docker.sock']
description: Additional domain sockets for the docker daemon to bind to (useful for mounting
into containers that launch other containers)
type: comma_delimited_list
CertificateKeySize:
type: string
default: '2048'
@ -370,7 +365,6 @@ outputs:
- {get_param: OVNWrapperDebug}
- true
- {get_param: Debug}
docker_additional_sockets: {get_param: DockerAdditionalSockets}
- name: create kill_scripts directory within /var/lib/neutron
file:
state: directory

2
deployment/pacemaker/pacemaker-baremetal-puppet.yaml
View File

@ -95,7 +95,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
EnableInstanceHA:
default: false
description: Whether to enable an Instance Ha configurarion or not.

2
deployment/podman/podman-baremetal-ansible.yaml
View File

@ -234,7 +234,6 @@ outputs:
- name: Purge Podman
when:
- (step | int) == 3
- container_cli == 'podman'
- deployment_source_hosts not in group_names
include_role:
name: tripleo_podman
@ -252,7 +251,6 @@ outputs:
- name: Purge Podman
when:
- (step | int) == 3
- container_cli == 'podman'
- deployment_source_hosts not in group_names
include_role:
name: tripleo_podman

2
deployment/rabbitmq/rabbitmq-messaging-notify-pacemaker-puppet.yaml
View File

@ -64,7 +64,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
DeployIdentifier:
default: ''
type: string

2
deployment/rabbitmq/rabbitmq-messaging-pacemaker-puppet.yaml
View File

@ -64,7 +64,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
DeployIdentifier:
default: ''
type: string

2
deployment/rabbitmq/rabbitmq-messaging-rpc-pacemaker-puppet.yaml
View File

@ -64,7 +64,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
DeployIdentifier:
default: ''
type: string

2
deployment/tests/test-container-volume.yaml
View File

@ -32,7 +32,7 @@ parameters:
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['docker', 'podman']
- allowed_values: ['podman']
ContainerTestVolumeName:
type: string
default: 'testvolume'

5
environments/docker-ha.yaml
View File

@ -1,6 +1,5 @@
# Environment file to deploy the HA services via docker
# Add it *after* -e docker.yaml:
# ...deploy..-e docker.yaml -e docker-ha.yaml
# NOTE: This file is deprecated. Use podman-ha.yaml instead.
# Environment file to deploy the HA services via podman
resource_registry:
# Pacemaker runs on the host
# FIXME(bogdando): switch it, once it is containerized

22
environments/podman-ha.yaml Normal file
View File

@ -0,0 +1,22 @@
# Environment file to deploy the HA services via podman
resource_registry:
# Pacemaker runs on the host
# FIXME(bogdando): switch it, once it is containerized
OS::TripleO::Services::Pacemaker: ../deployment/pacemaker/pacemaker-baremetal-puppet.yaml
# FIXME(bogdando): switch it, once it is containerized
OS::TripleO::Services::PacemakerRemote: ../deployment/pacemaker/pacemaker-remote-baremetal-puppet.yaml
OS::TripleO::Tasks::ControllerPreConfig: OS::Heat::None
OS::TripleO::Tasks::ControllerPostConfig: OS::Heat::None
# HA Containers managed by pacemaker
OS::TripleO::Services::CinderVolume: ../deployment/cinder/cinder-volume-pacemaker-puppet.yaml
OS::TripleO::Services::Clustercheck: ../deployment/pacemaker/clustercheck-container-puppet.yaml
OS::TripleO::Services::HAproxy: ../deployment/haproxy/haproxy-pacemaker-puppet.yaml
OS::TripleO::Services::MySQL: ../deployment/database/mysql-pacemaker-puppet.yaml
OS::TripleO::Services::OsloMessagingRpc: ../deployment/rabbitmq/rabbitmq-messaging-rpc-pacemaker-puppet.yaml
OS::TripleO::Services::OsloMessagingNotify: ../deployment/rabbitmq/rabbitmq-messaging-notify-shared-puppet.yaml
OS::TripleO::Services::OVNDBs: ../deployment/ovn/ovn-dbs-pacemaker-puppet.yaml
parameter_defaults:
ContainerCli: podman
ClusterFullTag: true

6
releasenotes/notes/remove-docker-ef1f16744ff03979.yaml Normal file
View File

@ -0,0 +1,6 @@
---
upgrade:
- |
Support for Docker has been removed. Now the ``ContainerCli`` parameter
accepts only ``podman``. Also, the ``DockerAdditionalSockets`` has been
removed because the parameter is used only when Docker is used.