From b29ccd30e294ef0d4b50ad1ecb59dc776109b451 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Tue, 5 Jul 2022 23:43:44 +0900 Subject: [PATCH] Nova: Generate wrapper scripts during config file generation ... instead of launching separate containers. The wrapper scripts can be created without access to any processes. Note that this change moves the script from /var/lib/container-config-scripts to /var/lib/libvirt/scripts because the container-config-scripts directory is not available when puppet is executed to generate config files. Change-Id: I3ae7abb70fae447c9b62e3af9da8e2444d4d5878 --- .../nova/nova-libvirt-container-puppet.yaml | 34 ++++--------------- ...nova-modular-libvirt-container-puppet.yaml | 31 ++++------------- 2 files changed, 13 insertions(+), 52 deletions(-) diff --git a/deployment/deprecated/nova/nova-libvirt-container-puppet.yaml b/deployment/deprecated/nova/nova-libvirt-container-puppet.yaml index 8376601c7c..1eb227923d 100644 --- a/deployment/deprecated/nova/nova-libvirt-container-puppet.yaml +++ b/deployment/deprecated/nova/nova-libvirt-container-puppet.yaml @@ -371,8 +371,7 @@ outputs: # we include ::nova::compute::libvirt::services in nova/libvirt profile - nova::compute::libvirt::manage_libvirt_services: false tripleo::profile::base::nova::virtlogd_wrapper::enable_wrapper: {get_param: NovaEnableVirtlogdContainerWrapper} - # don't think this is a good place as /var/lib/nova can also be shared storage - tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_process_wrapper: '/var/lib/container-config-scripts/virtlogd_wrapper' + tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_process_wrapper: '/var/lib/libvirt/scripts/virtlogd_wrapper' tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtImage]} tripleo::profile::base::nova::virtlogd_wrapper::debug: if: @@ -458,8 +457,11 @@ outputs: config_volume: nova_libvirt puppet_tags: libvirtd_config,virtlogd_config,nova_config,file,libvirt_tls_password step_config: | - include tripleo::profile::base::nova::libvirt + include tripleo::profile::base::nova::libvirt + include tripleo::profile::base::nova::virtlogd_wrapper config_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtConfigImage]} + volumes: + - /var/lib/libvirt/scripts:/var/lib/libvirt/scripts:shared,z kolla_config: /var/lib/kolla/config_files/nova_libvirt.json: command: /nova_libvirt_launcher.sh @@ -528,29 +530,6 @@ outputs: mode: "0755" content: { get_file: ../../../container_config_scripts/nova_libvirt_init_secret.sh } docker_config: - step_2: - create_virtlogd_wrapper: - start_order: 1 - detach: false - cgroupns: host - net: host - pid: host - user: root - command: # '/container_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"' - list_concat: - - - '/container_puppet_apply.sh' - - '4' - - 'file' - - 'include ::tripleo::profile::base::nova::virtlogd_wrapper' - image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtImage]} - volumes: - list_concat: - - {get_attr: [ContainersCommon, container_puppet_apply_volumes]} - - - /var/lib/container-config-scripts:/var/lib/container-config-scripts:shared,z - environment: - # NOTE: this should force this container to re-run on each - # update (scale-out, etc.) - TRIPLEO_DEPLOY_IDENTIFIER: {get_param: DeployIdentifier} step_3: map_merge: - if: @@ -584,7 +563,7 @@ outputs: - /var/lib/nova:/var/lib/nova:shared - if: - {get_param: NovaEnableVirtlogdContainerWrapper} - - - /var/lib/container-config-scripts/virtlogd_wrapper:/usr/local/bin/virtlogd_wrapper:ro + - - /var/lib/libvirt/scripts/virtlogd_wrapper:/usr/local/bin/virtlogd_wrapper:ro environment: KOLLA_CONFIG_STRATEGY: COPY_ALWAYS - nova_virtlogd: *virtlog_container_config @@ -886,6 +865,7 @@ outputs: - { 'path': /etc/libvirt/secrets, 'setype': container_file_t } - { 'path': /etc/libvirt/qemu, 'setype': container_file_t } - { 'path': /var/lib/libvirt, 'setype': container_file_t } + - { 'path': /var/lib/libvirt/scripts, 'setype': container_file_t } - { 'path': /var/cache/libvirt } - { 'path': /var/lib/nova, 'setype': container_file_t } - { 'path': /run/libvirt, 'setype': virt_var_run_t } diff --git a/deployment/nova/nova-modular-libvirt-container-puppet.yaml b/deployment/nova/nova-modular-libvirt-container-puppet.yaml index babb6cb90b..a9d5d80a6c 100644 --- a/deployment/nova/nova-modular-libvirt-container-puppet.yaml +++ b/deployment/nova/nova-modular-libvirt-container-puppet.yaml @@ -397,7 +397,7 @@ outputs: - nova::compute::libvirt::manage_libvirt_services: false tripleo::profile::base::nova::virtlogd_wrapper::enable_wrapper: {get_param: NovaEnableVirtlogdContainerWrapper} # don't think this is a good place as /var/lib/nova can also be shared storage - tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_process_wrapper: '/var/lib/container-config-scripts/virtlogd_wrapper' + tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_process_wrapper: '/var/lib/libvirt/scripts/virtlogd_wrapper' tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtImage]} tripleo::profile::base::nova::virtlogd_wrapper::debug: if: @@ -489,7 +489,10 @@ outputs: puppet_tags: libvirtd_config,virtlogd_config,virtproxyd_config,virtqemud_config,virtnodedevd_config,virtsecretd_config,virtstoraged_config,nova_config,file,libvirt_tls_password step_config: | include tripleo::profile::base::nova::libvirt + include tripleo::profile::base::nova::virtlogd_wrapper config_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtConfigImage]} + volumes: + - /var/lib/libvirt/scripts:/var/lib/libvirt/scripts:shared,z kolla_config: /var/lib/kolla/config_files/nova_virtlogd.json: command: @@ -524,29 +527,6 @@ outputs: mode: "0755" content: { get_file: ../../container_config_scripts/nova_libvirt_init_secret.sh } docker_config: - step_2: - create_virtlogd_wrapper: - start_order: 1 - detach: false - cgroupns: host - net: host - pid: host - user: root - command: # '/container_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"' - list_concat: - - - '/container_puppet_apply.sh' - - '4' - - 'file' - - 'include ::tripleo::profile::base::nova::virtlogd_wrapper' - image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtImage]} - volumes: - list_concat: - - {get_attr: [ContainersCommon, container_puppet_apply_volumes]} - - - /var/lib/container-config-scripts:/var/lib/container-config-scripts:shared,z - environment: - # NOTE: this should force this container to re-run on each - # update (scale-out, etc.) - TRIPLEO_DEPLOY_IDENTIFIER: {get_param: DeployIdentifier} step_3: map_merge: - if: @@ -570,7 +550,7 @@ outputs: - - /var/lib/kolla/config_files/nova_virtlogd.json:/var/lib/kolla/config_files/config.json:ro - if: - {get_param: NovaEnableVirtlogdContainerWrapper} - - - /var/lib/container-config-scripts/virtlogd_wrapper:/usr/local/bin/virtlogd_wrapper:ro + - - /var/lib/libvirt/scripts/virtlogd_wrapper:/usr/local/bin/virtlogd_wrapper:ro environment: KOLLA_CONFIG_STRATEGY: COPY_ALWAYS - nova_virtlogd: *virtlog_container_config @@ -927,6 +907,7 @@ outputs: - { 'path': /etc/libvirt/secrets, 'setype': container_file_t } - { 'path': /etc/libvirt/qemu, 'setype': container_file_t } - { 'path': /var/lib/libvirt, 'setype': container_file_t } + - { 'path': /var/lib/libvirt/scripts, 'setype': container_file_t } - { 'path': /var/cache/libvirt } - { 'path': /var/lib/nova, 'setype': container_file_t } - { 'path': /run/libvirt, 'setype': virt_var_run_t }