openstack/tripleo-heat-templates
Code Issues Proposed changes

Nova: Generate wrapper scripts during config file generation

Browse Source 
... instead of launching separate containers. The wrapper scripts can
be created without access to any processes.

Note that this change moves the script from
 /var/lib/container-config-scripts
to
 /var/lib/libvirt/scripts
because the container-config-scripts directory is not available when
puppet is executed to generate config files.

Change-Id: I3ae7abb70fae447c9b62e3af9da8e2444d4d5878
This commit is contained in:
Takashi Kajinami 2022-07-05 23:43:44 +09:00
parent 5a741ba973
commit b29ccd30e2
2 changed files with 13 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
deployment/deprecated/nova/nova-libvirt-container-puppet.yaml
View File

@ -371,8 +371,7 @@ outputs:
# we include ::nova::compute::libvirt::services in nova/libvirt profile # we include ::nova::compute::libvirt::services in nova/libvirt profile
- nova::compute::libvirt::manage_libvirt_services: false - nova::compute::libvirt::manage_libvirt_services: false
tripleo::profile::base::nova::virtlogd_wrapper::enable_wrapper: {get_param: NovaEnableVirtlogdContainerWrapper} tripleo::profile::base::nova::virtlogd_wrapper::enable_wrapper: {get_param: NovaEnableVirtlogdContainerWrapper}
# don't think this is a good place as /var/lib/nova can also be shared storage tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_process_wrapper: '/var/lib/libvirt/scripts/virtlogd_wrapper'
tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_process_wrapper: '/var/lib/container-config-scripts/virtlogd_wrapper'
tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtImage]} tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtImage]}
tripleo::profile::base::nova::virtlogd_wrapper::debug: tripleo::profile::base::nova::virtlogd_wrapper::debug:
if: if:
@ -459,7 +458,10 @@ outputs:
puppet_tags: libvirtd_config,virtlogd_config,nova_config,file,libvirt_tls_password puppet_tags: libvirtd_config,virtlogd_config,nova_config,file,libvirt_tls_password
step_config: | step_config: |
include tripleo::profile::base::nova::libvirt include tripleo::profile::base::nova::libvirt
include tripleo::profile::base::nova::virtlogd_wrapper
config_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtConfigImage]} config_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtConfigImage]}
volumes:
- /var/lib/libvirt/scripts:/var/lib/libvirt/scripts:shared,z
kolla_config: kolla_config:
/var/lib/kolla/config_files/nova_libvirt.json: /var/lib/kolla/config_files/nova_libvirt.json:
command: /nova_libvirt_launcher.sh command: /nova_libvirt_launcher.sh
@ -528,29 +530,6 @@ outputs:
mode: "0755" mode: "0755"
content: { get_file: ../../../container_config_scripts/nova_libvirt_init_secret.sh } content: { get_file: ../../../container_config_scripts/nova_libvirt_init_secret.sh }
docker_config: docker_config:
step_2:
create_virtlogd_wrapper:
start_order: 1
detach: false
cgroupns: host
net: host
pid: host
user: root
command: # '/container_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
list_concat:
- - '/container_puppet_apply.sh'
- '4'
- 'file'
- 'include ::tripleo::profile::base::nova::virtlogd_wrapper'
image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtImage]}
volumes:
list_concat:
- {get_attr: [ContainersCommon, container_puppet_apply_volumes]}
- - /var/lib/container-config-scripts:/var/lib/container-config-scripts:shared,z
environment:
# NOTE: this should force this container to re-run on each
# update (scale-out, etc.)
TRIPLEO_DEPLOY_IDENTIFIER: {get_param: DeployIdentifier}
step_3: step_3:
map_merge: map_merge:
- if: - if:
@ -584,7 +563,7 @@ outputs:
- /var/lib/nova:/var/lib/nova:shared - /var/lib/nova:/var/lib/nova:shared
- if: - if:
- {get_param: NovaEnableVirtlogdContainerWrapper} - {get_param: NovaEnableVirtlogdContainerWrapper}
- - /var/lib/container-config-scripts/virtlogd_wrapper:/usr/local/bin/virtlogd_wrapper:ro - - /var/lib/libvirt/scripts/virtlogd_wrapper:/usr/local/bin/virtlogd_wrapper:ro
environment: environment:
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
- nova_virtlogd: *virtlog_container_config - nova_virtlogd: *virtlog_container_config
@ -886,6 +865,7 @@ outputs:
- { 'path': /etc/libvirt/secrets, 'setype': container_file_t } - { 'path': /etc/libvirt/secrets, 'setype': container_file_t }
- { 'path': /etc/libvirt/qemu, 'setype': container_file_t } - { 'path': /etc/libvirt/qemu, 'setype': container_file_t }
- { 'path': /var/lib/libvirt, 'setype': container_file_t } - { 'path': /var/lib/libvirt, 'setype': container_file_t }
- { 'path': /var/lib/libvirt/scripts, 'setype': container_file_t }
- { 'path': /var/cache/libvirt } - { 'path': /var/cache/libvirt }
- { 'path': /var/lib/nova, 'setype': container_file_t } - { 'path': /var/lib/nova, 'setype': container_file_t }
- { 'path': /run/libvirt, 'setype': virt_var_run_t } - { 'path': /run/libvirt, 'setype': virt_var_run_t }

31
deployment/nova/nova-modular-libvirt-container-puppet.yaml
View File

@ -397,7 +397,7 @@ outputs:
- nova::compute::libvirt::manage_libvirt_services: false - nova::compute::libvirt::manage_libvirt_services: false
tripleo::profile::base::nova::virtlogd_wrapper::enable_wrapper: {get_param: NovaEnableVirtlogdContainerWrapper} tripleo::profile::base::nova::virtlogd_wrapper::enable_wrapper: {get_param: NovaEnableVirtlogdContainerWrapper}
# don't think this is a good place as /var/lib/nova can also be shared storage # don't think this is a good place as /var/lib/nova can also be shared storage
tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_process_wrapper: '/var/lib/container-config-scripts/virtlogd_wrapper' tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_process_wrapper: '/var/lib/libvirt/scripts/virtlogd_wrapper'
tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtImage]} tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtImage]}
tripleo::profile::base::nova::virtlogd_wrapper::debug: tripleo::profile::base::nova::virtlogd_wrapper::debug:
if: if:
@ -489,7 +489,10 @@ outputs:
puppet_tags: libvirtd_config,virtlogd_config,virtproxyd_config,virtqemud_config,virtnodedevd_config,virtsecretd_config,virtstoraged_config,nova_config,file,libvirt_tls_password puppet_tags: libvirtd_config,virtlogd_config,virtproxyd_config,virtqemud_config,virtnodedevd_config,virtsecretd_config,virtstoraged_config,nova_config,file,libvirt_tls_password
step_config: | step_config: |
include tripleo::profile::base::nova::libvirt include tripleo::profile::base::nova::libvirt
include tripleo::profile::base::nova::virtlogd_wrapper
config_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtConfigImage]} config_image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtConfigImage]}
volumes:
- /var/lib/libvirt/scripts:/var/lib/libvirt/scripts:shared,z
kolla_config: kolla_config:
/var/lib/kolla/config_files/nova_virtlogd.json: /var/lib/kolla/config_files/nova_virtlogd.json:
command: command:
@ -524,29 +527,6 @@ outputs:
mode: "0755" mode: "0755"
content: { get_file: ../../container_config_scripts/nova_libvirt_init_secret.sh } content: { get_file: ../../container_config_scripts/nova_libvirt_init_secret.sh }
docker_config: docker_config:
step_2:
create_virtlogd_wrapper:
start_order: 1
detach: false
cgroupns: host
net: host
pid: host
user: root
command: # '/container_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
list_concat:
- - '/container_puppet_apply.sh'
- '4'
- 'file'
- 'include ::tripleo::profile::base::nova::virtlogd_wrapper'
image: {get_attr: [RoleParametersValue, value, ContainerNovaLibvirtImage]}
volumes:
list_concat:
- {get_attr: [ContainersCommon, container_puppet_apply_volumes]}
- - /var/lib/container-config-scripts:/var/lib/container-config-scripts:shared,z
environment:
# NOTE: this should force this container to re-run on each
# update (scale-out, etc.)
TRIPLEO_DEPLOY_IDENTIFIER: {get_param: DeployIdentifier}
step_3: step_3:
map_merge: map_merge:
- if: - if:
@ -570,7 +550,7 @@ outputs:
- - /var/lib/kolla/config_files/nova_virtlogd.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/kolla/config_files/nova_virtlogd.json:/var/lib/kolla/config_files/config.json:ro
- if: - if:
- {get_param: NovaEnableVirtlogdContainerWrapper} - {get_param: NovaEnableVirtlogdContainerWrapper}
- - /var/lib/container-config-scripts/virtlogd_wrapper:/usr/local/bin/virtlogd_wrapper:ro - - /var/lib/libvirt/scripts/virtlogd_wrapper:/usr/local/bin/virtlogd_wrapper:ro
environment: environment:
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
- nova_virtlogd: *virtlog_container_config - nova_virtlogd: *virtlog_container_config
@ -927,6 +907,7 @@ outputs:
- { 'path': /etc/libvirt/secrets, 'setype': container_file_t } - { 'path': /etc/libvirt/secrets, 'setype': container_file_t }
- { 'path': /etc/libvirt/qemu, 'setype': container_file_t } - { 'path': /etc/libvirt/qemu, 'setype': container_file_t }
- { 'path': /var/lib/libvirt, 'setype': container_file_t } - { 'path': /var/lib/libvirt, 'setype': container_file_t }
- { 'path': /var/lib/libvirt/scripts, 'setype': container_file_t }
- { 'path': /var/cache/libvirt } - { 'path': /var/cache/libvirt }
- { 'path': /var/lib/nova, 'setype': container_file_t } - { 'path': /var/lib/nova, 'setype': container_file_t }
- { 'path': /run/libvirt, 'setype': virt_var_run_t } - { 'path': /run/libvirt, 'setype': virt_var_run_t }