Browse Source
MongoDB support was stopped in Pike, it is not used anywhere now. Therefore, in Stein are removing it to clean things up. Change-Id: I4ec8f35b1dd71c25cfb41cc54105ac743ef67745changes/27/627627/3
26 changed files with 9 additions and 484 deletions
@ -1,192 +0,0 @@
|
||||
heat_template_version: rocky |
||||
|
||||
description: > |
||||
MongoDB service deployment using puppet and docker |
||||
|
||||
parameters: |
||||
DockerMongodbImage: |
||||
description: image |
||||
type: string |
||||
DockerMongodbConfigImage: |
||||
description: The container image to use for the mongodb config_volume |
||||
type: string |
||||
EndpointMap: |
||||
default: {} |
||||
description: Mapping of service endpoint -> protocol. Typically set |
||||
via parameter_defaults in the resource registry. |
||||
type: json |
||||
ServiceData: |
||||
default: {} |
||||
description: Dictionary packing service data |
||||
type: json |
||||
ServiceNetMap: |
||||
default: {} |
||||
description: Mapping of service_name -> network name. Typically set |
||||
via parameter_defaults in the resource registry. This |
||||
mapping overrides those in ServiceNetMapDefaults. |
||||
type: json |
||||
DefaultPasswords: |
||||
default: {} |
||||
type: json |
||||
RoleName: |
||||
default: '' |
||||
description: Role name on which the service is applied |
||||
type: string |
||||
RoleParameters: |
||||
default: {} |
||||
description: Parameters specific to the role |
||||
type: json |
||||
EnableInternalTLS: |
||||
type: boolean |
||||
default: false |
||||
InternalTLSCAFile: |
||||
default: '/etc/ipa/ca.crt' |
||||
type: string |
||||
description: Specifies the default CA cert to use if TLS is used for |
||||
services in the internal network. |
||||
|
||||
conditions: |
||||
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} |
||||
|
||||
resources: |
||||
|
||||
MongodbPuppetBase: |
||||
type: ../../../puppet/services/database/mongodb.yaml |
||||
properties: |
||||
EndpointMap: {get_param: EndpointMap} |
||||
ServiceData: {get_param: ServiceData} |
||||
ServiceNetMap: {get_param: ServiceNetMap} |
||||
DefaultPasswords: {get_param: DefaultPasswords} |
||||
RoleName: {get_param: RoleName} |
||||
RoleParameters: {get_param: RoleParameters} |
||||
|
||||
outputs: |
||||
role_data: |
||||
description: Containerized service Mongodb using composable services. |
||||
value: |
||||
service_name: {get_attr: [MongodbPuppetBase, role_data, service_name]} |
||||
config_settings: |
||||
map_merge: |
||||
- get_attr: [MongodbPuppetBase, role_data, config_settings] |
||||
- mongodb::server::fork: false |
||||
# BEGIN DOCKER SETTINGS # |
||||
puppet_config: |
||||
config_volume: mongodb |
||||
puppet_tags: file # set this even though file is the default |
||||
step_config: |
||||
list_join: |
||||
- "\n" |
||||
- - "['Mongodb_database', 'Mongodb_user', 'Mongodb_replset'].each |String $val| { noop_resource($val) }" |
||||
- {get_attr: [MongodbPuppetBase, role_data, step_config]} |
||||
config_image: &mongodb_config_image {get_param: DockerMongodbConfigImage} |
||||
kolla_config: |
||||
/var/lib/kolla/config_files/mongodb.json: |
||||
command: /usr/bin/mongod --unixSocketPrefix=/var/run/mongodb --config /etc/mongod.conf run |
||||
config_files: |
||||
- source: "/var/lib/kolla/config_files/src/*" |
||||
dest: "/" |
||||
merge: true |
||||
preserve_properties: true |
||||
- source: "/var/lib/kolla/config_files/src-tls/*" |
||||
dest: "/" |
||||
merge: true |
||||
preserve_properties: true |
||||
permissions: |
||||
- path: /var/lib/mongodb |
||||
owner: mongodb:mongodb |
||||
recurse: true |
||||
- path: /var/log/mongodb |
||||
owner: mongodb:mongodb |
||||
recurse: true |
||||
- path: /etc/pki/tls/certs/mongodb.pem |
||||
owner: mongodb:mongodb |
||||
docker_config: |
||||
step_2: |
||||
mongodb: |
||||
image: {get_param: DockerMongodbImage} |
||||
net: host |
||||
privileged: false |
||||
volumes: &mongodb_volumes |
||||
list_concat: |
||||
- - /var/lib/kolla/config_files/mongodb.json:/var/lib/kolla/config_files/config.json |
||||
- /var/lib/config-data/puppet-generated/mongodb/:/var/lib/kolla/config_files/src:ro |
||||
- /etc/localtime:/etc/localtime:ro |
||||
- /var/log/containers/mongodb:/var/log/mongodb:z |
||||
- /var/lib/mongodb:/var/lib/mongodb:z |
||||
- if: |
||||
- internal_tls_enabled |
||||
- - list_join: |
||||
- ':' |
||||
- - {get_param: InternalTLSCAFile} |
||||
- {get_param: InternalTLSCAFile} |
||||
- 'ro' |
||||
- /etc/pki/tls/certs/mongodb.pem:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mongodb.pem:ro |
||||
- null |
||||
environment: |
||||
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS |
||||
docker_puppet_tasks: |
||||
# MySQL database initialization occurs only on single node |
||||
step_2: |
||||
config_volume: 'mongodb_init_tasks' |
||||
puppet_tags: 'mongodb_database,mongodb_user,mongodb_replset' |
||||
step_config: 'include ::tripleo::profile::base::database::mongodb' |
||||
config_image: *mongodb_config_image |
||||
volumes: |
||||
list_concat: |
||||
- - /var/lib/mongodb:/var/lib/mongodb:z |
||||
- /var/log/containers/mongodb:/var/log/mongodb:z |
||||
- if: |
||||
- internal_tls_enabled |
||||
- - list_join: |
||||
- ':' |
||||
- - {get_param: InternalTLSCAFile} |
||||
- {get_param: InternalTLSCAFile} |
||||
- 'ro' |
||||
- /etc/pki/tls/certs/mongodb.pem:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mongodb.pem:ro |
||||
- null |
||||
host_prep_tasks: |
||||
- name: create persistent directories |
||||
file: |
||||
path: "{{ item.path }}" |
||||
state: directory |
||||
setype: "{{ item.setype }}" |
||||
with_items: |
||||
- { 'path': /var/log/containers/mongodb, 'setype': svirt_sandbox_file_t } |
||||
- { 'path': /var/lib/mongodb, 'setype': svirt_sandbox_file_t } |
||||
- name: mongodb logs readme |
||||
copy: |
||||
dest: /var/log/mongodb/readme.txt |
||||
content: | |
||||
Log files from mongodb containers can be found under |
||||
/var/log/containers/mongodb. |
||||
ignore_errors: true |
||||
metadata_settings: |
||||
get_attr: [MongodbPuppetBase, role_data, metadata_settings] |
||||
upgrade_tasks: [] |
||||
fast_forward_upgrade_tasks: |
||||
- when: |
||||
- step|int == 0 |
||||
- release == 'ocata' |
||||
block: |
||||
- name: Check for mongodb service |
||||
command: systemctl is-enabled --quiet mongod |
||||
tags: common |
||||
ignore_errors: True |
||||
register: mongod_enabled_result |
||||
- name: Set fact mongod_enabled |
||||
set_fact: |
||||
mongod_enabled: "{{ mongod_enabled_result.rc == 0 }}" |
||||
- name: Stop and disable mongodb service |
||||
when: |
||||
- step|int == 1 |
||||
- release == 'ocata' |
||||
- mongod_enabled|bool |
||||
service: name=mongod state=stopped enabled=no |
||||
post_upgrade_tasks: |
||||
- when: step|int == 1 |
||||
import_role: |
||||
name: tripleo-docker-rm |
||||
vars: |
||||
containers_to_rm: |
||||
- mongodb |
@ -1,5 +0,0 @@
|
||||
# A Heat environment file which can be used to disable journal in MongoDb. |
||||
# Since, when journaling is enabled, MongoDb will create big journal file |
||||
# it can take time. In a CI environment for example journaling is not necessary. |
||||
parameter_defaults: |
||||
MongoDbNoJournal: true |
@ -1,58 +0,0 @@
|
||||
heat_template_version: rocky |
||||
|
||||
description: > |
||||
Configuration details for MongoDB service using composable roles |
||||
|
||||
parameters: |
||||
MongoDbNoJournal: |
||||
default: false |
||||
description: Should MongoDb journaling be disabled |
||||
type: boolean |
||||
MongoDbIPv6: |
||||
default: false |
||||
description: Enable IPv6 if MongoDB VIP is IPv6 |
||||
type: boolean |
||||
MongoDbReplset: |
||||
type: string |
||||
default: "tripleo" |
||||
ServiceData: |
||||
default: {} |
||||
description: Dictionary packing service data |
||||
type: json |
||||
ServiceNetMap: |
||||
default: {} |
||||
description: Mapping of service_name -> network name. Typically set |
||||
via parameter_defaults in the resource registry. This |
||||
mapping overrides those in ServiceNetMapDefaults. |
||||
type: json |
||||
DefaultPasswords: |
||||
default: {} |
||||
type: json |
||||
RoleName: |
||||
default: '' |
||||
description: Role name on which the service is applied |
||||
type: string |
||||
RoleParameters: |
||||
default: {} |
||||
description: Parameters specific to the role |
||||
type: json |
||||
EndpointMap: |
||||
default: {} |
||||
description: Mapping of service endpoint -> protocol. Typically set |
||||
via parameter_defaults in the resource registry. |
||||
type: json |
||||
|
||||
outputs: |
||||
aux_parameters: |
||||
description: Additional parameters referenced outside the base file |
||||
value: |
||||
rplset_name: {get_param: MongoDbReplset} |
||||
role_data: |
||||
description: Role data for the MongoDB base service. |
||||
value: |
||||
service_name: mongodb_base |
||||
config_settings: |
||||
mongodb::server::nojournal: {get_param: MongoDbNoJournal} |
||||
mongodb::server::journal: false |
||||
mongodb::server::ipv6: {get_param: MongoDbIPv6} |
||||
mongodb::server::replset: {get_param: MongoDbReplset} |
@ -1,150 +0,0 @@
|
||||
heat_template_version: rocky |
||||
|
||||
description: > |
||||
MongoDb service deployment using puppet |
||||
|
||||
parameters: |
||||
#Parameters not used EndpointMap |
||||
ServiceData: |
||||
default: {} |
||||
description: Dictionary packing service data |
||||
type: json |
||||
ServiceNetMap: |
||||
default: {} |
||||
description: Mapping of service_name -> network name. Typically set |
||||
via parameter_defaults in the resource registry. This |
||||
mapping overrides those in ServiceNetMapDefaults. |
||||
type: json |
||||
DefaultPasswords: |
||||
default: {} |
||||
type: json |
||||
RoleName: |
||||
default: '' |
||||
description: Role name on which the service is applied |
||||
type: string |
||||
RoleParameters: |
||||
default: {} |
||||
description: Parameters specific to the role |
||||
type: json |
||||
EndpointMap: |
||||
default: {} |
||||
description: Mapping of service endpoint -> protocol. Typically set |
||||
via parameter_defaults in the resource registry. |
||||
type: json |
||||
MongoDbLoggingSource: |
||||
type: json |
||||
description: Fluentd logging configuration for mongodb. |
||||
default: |
||||
tag: database.mongodb |
||||
path: /var/log/mongodb/mongodb.log |
||||
format: >- |
||||
/(?<time>\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d+\+\d{4}) |
||||
(?<message>.*)$/ |
||||
MongodbMemoryLimit: |
||||
default: '20G' |
||||
description: Limit the amount of memory mongodb uses with systemd. |
||||
type: string |
||||
EnableInternalTLS: |
||||
type: boolean |
||||
default: false |
||||
InternalTLSCAFile: |
||||
default: '/etc/ipa/ca.crt' |
||||
type: string |
||||
description: Specifies the default CA cert to use if TLS is used for |
||||
services in the internal network. |
||||
|
||||
conditions: |
||||
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} |
||||
|
||||
resources: |
||||
MongoDbBase: |
||||
type: ./mongodb-base.yaml |
||||
properties: |
||||
ServiceData: {get_param: ServiceData} |
||||
ServiceNetMap: {get_param: ServiceNetMap} |
||||
DefaultPasswords: {get_param: DefaultPasswords} |
||||
EndpointMap: {get_param: EndpointMap} |
||||
RoleName: {get_param: RoleName} |
||||
RoleParameters: {get_param: RoleParameters} |
||||
|
||||
outputs: |
||||
role_data: |
||||
description: Service mongodb using composable services. |
||||
value: |
||||
service_name: mongodb |
||||
config_settings: |
||||
map_merge: |
||||
- get_attr: [MongoDbBase, role_data, config_settings] |
||||
- tripleo::profile::base::database::mongodb::mongodb_replset: {get_attr: [MongoDbBase, aux_parameters, rplset_name]} |
||||
tripleo::profile::base::database::mongodb::memory_limit: {get_param: MongodbMemoryLimit} |
||||
mongodb::server::service_manage: True |
||||
tripleo::mongodb::firewall_rules: |
||||
'101 mongodb_config': |
||||
dport: 27019 |
||||
'102 mongodb_sharding': |
||||
dport: 27018 |
||||
'103 mongod': |
||||
dport: 27017 |
||||
# NOTE: bind IP is found in hiera replacing the network name with the |
||||
# local node IP for the given network; replacement examples |
||||
# (eg. for internal_api): |
||||
# internal_api -> IP |
||||
# internal_api_uri -> [IP] |
||||
# internal_api_subnet - > IP/CIDR |
||||
mongodb_bind_ip: |
||||
str_replace: |
||||
template: |
||||
"%{hiera('$NETWORK')}" |
||||
params: |
||||
$NETWORK: {get_param: [ServiceNetMap, MongodbNetwork]} |
||||
# NOTE: This now takes an array, so we need to fetch the IP from hiera, |
||||
# else Heat won't substitute the network name for the IP. |
||||
mongodb::server::bind_ip: |
||||
- "%{hiera('mongodb_bind_ip')}" |
||||
- |
||||
if: |
||||
- internal_tls_enabled |
||||
- |
||||
generate_service_certificates: true |
||||
mongodb::server::ssl: true |
||||
mongodb::server::ssl_key: '/etc/pki/tls/certs/mongodb.pem' |
||||
mongodb::server::ssl_ca: {get_param: InternalTLSCAFile} |
||||
mongodb_certificate_specs: |
||||
service_pem: '/etc/pki/tls/certs/mongodb.pem' |
||||
service_certificate: '/etc/pki/tls/certs/mongodb.crt' |
||||
service_key: '/etc/pki/tls/private/mongodb.key' |
||||
hostname: |
||||
str_replace: |
||||
template: "%{hiera('fqdn_NETWORK')}" |
||||
params: |
||||
NETWORK: {get_param: [ServiceNetMap, MongodbNetwork]} |
||||
principal: |
||||
str_replace: |
||||
template: "mongodb/%{hiera('fqdn_NETWORK')}" |
||||
params: |
||||
NETWORK: {get_param: [ServiceNetMap, MongodbNetwork]} |
||||
- {} |
||||
service_config_settings: |
||||
fluentd: |
||||
tripleo_fluentd_groups_mongodb: |
||||
- mongodb |
||||
tripleo_fluentd_sources_mongodb: |
||||
- {get_param: MongoDbLoggingSource} |
||||
step_config: | |
||||
include ::tripleo::profile::base::database::mongodb |
||||
upgrade_tasks: |
||||
- name: Stop mongodb service |
||||
when: step|int == 2 |
||||
service: name=mongod state=stopped |
||||
- name: Start mongodb service |
||||
when: step|int == 4 |
||||
service: name=mongod state=started |
||||
metadata_settings: |
||||
if: |
||||
- internal_tls_enabled |
||||
- |
||||
- service: mongodb |
||||
network: {get_param: [ServiceNetMap, MongodbNetwork]} |
||||
type: node |
||||
- null |
@ -1,48 +0,0 @@
|
||||
heat_template_version: rocky |
||||
|
||||
description: > |
||||
Mongodb service, disabled by default since pike |
||||
|
||||
parameters: |
||||
ServiceData: |
||||
default: {} |
||||
description: Dictionary packing service data |
||||
type: json |
||||
ServiceNetMap: |
||||
default: {} |
||||
description: Mapping of service_name -> network name. Typically set |
||||
via parameter_defaults in the resource registry. This |
||||
mapping overrides those in ServiceNetMapDefaults. |
||||
type: json |
||||
DefaultPasswords: |
||||
default: {} |
||||
type: json |
||||
EndpointMap: |
||||
default: {} |
||||
description: Mapping of service endpoint -> protocol. Typically set |
||||
via parameter_defaults in the resource registry. |
||||
type: json |
||||
RoleName: |
||||
default: '' |
||||
description: Role name on which the service is applied |
||||
type: string |
||||
RoleParameters: |
||||
default: {} |
||||
description: Parameters specific to the role |
||||
type: json |
||||
|
||||
outputs: |
||||
role_data: |
||||
description: Role data for the disabled MongoDB role. |
||||
value: |
||||
service_name: mongodb_disabled |
||||
upgrade_tasks: |
||||
- name: Check for mongodb service |
||||
stat: path=/usr/lib/systemd/system/mongod.service |
||||
tags: common |
||||
register: mongod_service |
||||
- name: Stop and disable mongodb service on upgrade |
||||
service: name=mongod state=stopped enabled=no |
||||
when: |
||||
- step|int == 1 |
||||
- mongod_service.stat.exists |
@ -0,0 +1,6 @@
|
||||
--- |
||||
other: |
||||
- | |
||||
MongoDB hasn't been supported since Pike, it's time to remove the |
||||
deployment files. Starting in Stein, it's not possible to deploy MongoDB |
||||
anymore. |
Loading…
Reference in new issue