heat_template_version: rocky description: > OpenStack containerized Nova Conductor service parameters: ContainerNovaConductorImageStein: description: image type: string default: '' ContainerNovaConductorImage: description: image type: string ContainerNovaConfigImage: description: The container image to use for the nova config_volume type: string NovaConductorLoggingSource: type: json default: tag: openstack.nova.conductor file: /var/log/containers/nova/nova-conductor.log EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json DeployIdentifier: default: '' type: string description: > Setting this to a unique value will re-run any deployment tasks which perform configuration on a Heat stack-update. NovaWorkers: default: 0 description: Number of workers for Nova services. type: number MonitoringSubscriptionNovaConductor: default: 'overcloud-nova-conductor' type: string NovaPassword: description: The password for the nova service and db account type: string hidden: true NovaEnableNUMALiveMigration: default: false description: Whether to enable or not the live migration for NUMA topology instances. type: boolean tags: - role_specific conditions: fast_forward_upgrade: {not: {equals: [{get_param: ContainerNovaConductorImageStein},'']}} nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]} resources: ContainersCommon: type: ../containers-common.yaml MySQLClient: type: ../../deployment/database/mysql-client.yaml NovaLogging: type: OS::TripleO::Services::Logging::NovaCommon properties: ContainerNovaImage: {get_param: ContainerNovaConductorImage} NovaServiceName: 'conductor' NovaBase: type: ./nova-base-puppet.yaml properties: ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} RoleParametersValue: type: OS::Heat::Value properties: type: json value: map_replace: - map_replace: - nova::workarounds::enable_numa_live_migration: NovaEnableNUMALiveMigration - values: {get_param: [RoleParameters]} - values: NovaEnableNUMALiveMigration: {get_param: NovaEnableNUMALiveMigration} outputs: role_data: description: Role data for the Nova Conductor service. value: service_name: nova_conductor monitoring_subscription: {get_param: MonitoringSubscriptionNovaConductor} config_settings: map_merge: - {get_attr: [NovaBase, role_data, config_settings]} - {get_attr: [NovaLogging, config_settings]} - {get_attr: [RoleParametersValue, value]} - if: - nova_workers_zero - {} - nova::conductor::workers: {get_param: NovaWorkers} service_config_settings: rsyslog: tripleo_logging_sources_nova_conductor: - {get_param: NovaConductorLoggingSource} mysql: map_merge: - {get_attr: [NovaBase, role_data, service_config_settings, mysql]} - nova::db::mysql::password: {get_param: NovaPassword} nova::db::mysql::user: nova nova::db::mysql::host: {get_param: [EndpointMap, MysqlCellInternal, host_nobrackets]} nova::db::mysql::dbname: nova nova::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" # BEGIN DOCKER SETTINGS puppet_config: config_volume: nova puppet_tags: nova_config step_config: list_join: - "\n" - - include tripleo::profile::base::nova::conductor - {get_attr: [MySQLClient, role_data, step_config]} config_image: {get_param: ContainerNovaConfigImage} kolla_config: /var/lib/kolla/config_files/nova_conductor.json: command: list_join: - ' ' - - /usr/bin/nova-conductor - get_attr: [NovaLogging, cmd_extra_args] config_files: - source: "/var/lib/kolla/config_files/src/*" dest: "/" merge: true preserve_properties: true permissions: - path: /var/log/nova owner: nova:nova recurse: true docker_config: step_2: get_attr: [NovaLogging, docker_config, step_2] step_3: map_merge: - nova_db_sync: image: &nova_conductor_image {get_param: ContainerNovaConductorImage} start_order: 6 # Runs after nova-api tasks if installed on this host net: host detach: false volumes: &nova_conductor_bootstrap_volumes list_concat: - {get_attr: [ContainersCommon, volumes]} - {get_attr: [NovaLogging, volumes]} - - /var/lib/config-data/nova/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro user: root command: "/usr/bin/bootstrap_host_exec nova_conductor su nova -s /bin/bash -c '/usr/bin/nova-manage db sync'" environment: TRIPLEO_DEPLOY_IDENTIFIER: {get_param: DeployIdentifier} - if: - fast_forward_upgrade - nova_db_sync_stein: image: {get_param: ContainerNovaConductorImageStein} start_order: 1 # Runs after nova-api db sync Stein net: host detach: false volumes: *nova_conductor_bootstrap_volumes user: root # TODO FIXME: we need LP/BZ for this. Each service should provide db # version and version provided by package so we can check if we need # update or not. command: - '/bin/bash' - '-c' - "/bin/hiera -c /etc/puppet/hiera.yaml nova_conductor_short_bootstrap_node_name | grep `/bin/hostname -s` && DB_VERSION=$( sudo -u nova /usr/bin/nova-manage db version ) _RPM_VERSION=$(ls /usr/lib/python3.6/site-packages/nova/db/sqlalchemy/migrate_repo/versions | grep -e '[0-9]_.*.py' | cut -d '_' -f1 | sort | tail -n1) RPM_VERSION=$(expr $_RPM_VERSION + 0) && if (( $RPM_VERSION >= $DB_VERSION )); then sudo -u nova /usr/bin/nova-manage db sync; else echo DB_VERSION: $DB_VERSION RPM_VERSION: $RPM_VERSION; fi" environment: TRIPLEO_DEPLOY_IDENTIFIER: {get_param: DeployIdentifier} - {} step_4: nova_conductor: image: *nova_conductor_image net: host privileged: false restart: always healthcheck: {get_attr: [ContainersCommon, healthcheck_rpc_port]} volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - {get_attr: [NovaLogging, volumes]} - - /var/lib/kolla/config_files/nova_conductor.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/nova:/var/lib/kolla/config_files/src:ro environment: KOLLA_CONFIG_STRATEGY: COPY_ALWAYS deploy_steps_tasks: - name: validate nova conductor container state when: - container_cli == 'podman' - not container_healthcheck_disabled - step|int == 5 tags: - opendev-validation - opendev-validation-nova block: - name: Get nova-conductor healthcheck status register: nova_conductor_healthcheck_state systemd: name: tripleo_nova_conductor_healthcheck retries: 10 delay: 30 until: nova_conductor_healthcheck_state.status.ExecMainPID != '0' and nova_conductor_healthcheck_state.status.ActiveState in ['inactive', 'failed'] failed_when: false - name: Fail if nova-conductor healthcheck report failed status fail: msg: nova-conductor isn't working (healthcheck failed) when: nova_conductor_healthcheck_state.status.ExecMainStatus != '0' host_prep_tasks: list_concat: - {get_attr: [NovaLogging, host_prep_tasks]} - - name: enable virt_sandbox_use_netlink for healthcheck seboolean: name: virt_sandbox_use_netlink persistent: yes state: yes external_upgrade_tasks: - when: - step|int == 1 tags: - never - system_upgrade_transfer_data - system_upgrade_stop_services block: - name: Stop nova conductor container import_role: name: tripleo-container-stop vars: tripleo_containers_to_stop: - nova_conductor tripleo_delegate_to: "{{ groups['nova_conductor'] | default([]) }}" fast_forward_upgrade_tasks: - when: - step|int == 0 - release == 'rocky' block: - name: Check if nova_conductor is deployed command: systemctl is-enabled --quiet openstack-nova-conductor failed_when: false register: nova_conductor_enabled_result - name: Set fact nova_conductor_enabled set_fact: nova_conductor_enabled: "{{ nova_conductor_enabled_result.rc == 0 }}" - name: Stop and disable nova_conductor service service: name=openstack-nova-conductor state=stopped when: - step|int == 1 - release == 'rocky' - nova_conductor_enabled|bool