989a36faf1
1. Spelling mismatch in ODL net mapping doesnot generate its endpoitn clearly. 2. Rectified another small syntax correction for string replace. 3. Delete upgrade flag and then set it to false. ODL doesnot allow it to be set without deleting. 4. Other changes in accordance with ODL update process. Change-Id: Ib549e29f50bbbb434183ac9423bcf776807ff1a4 Closes-Bug: 1779410
288 lines
11 KiB
YAML
288 lines
11 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
OpenStack containerized OpenDaylight API service
|
|
|
|
parameters:
|
|
DockerOpendaylightApiImage:
|
|
description: image
|
|
type: string
|
|
DockerOpendaylightConfigImage:
|
|
description: image
|
|
type: string
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EnableInternalTLS:
|
|
type: boolean
|
|
default: false
|
|
InternalTLSCAFile:
|
|
default: '/etc/ipa/ca.crt'
|
|
type: string
|
|
description: Specifies the default CA cert to use if TLS is used for
|
|
services in the internal network.
|
|
ODLUpdateLevel:
|
|
default: 1
|
|
description: Specify the level of update
|
|
type: number
|
|
constraints:
|
|
- allowed_values:
|
|
- 1
|
|
- 2
|
|
|
|
conditions:
|
|
|
|
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ./containers-common.yaml
|
|
|
|
OpenDaylightBase:
|
|
type: ../../puppet/services/opendaylight-api.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceData: {get_param: ServiceData}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
OpenDaylightApiLogging:
|
|
type: OS::TripleO::Services::Logging::OpenDaylightApi
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the OpenDaylight API role.
|
|
value:
|
|
service_name: {get_attr: [OpenDaylightBase, role_data, service_name]}
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [OpenDaylightBase, role_data, config_settings]
|
|
- if:
|
|
- internal_tls_enabled
|
|
- tripleo::certmonger::opendaylight::postsave_cmd: "true" # TODO: restart the odl container here
|
|
- {}
|
|
logging_source: {get_attr: [OpenDaylightBase, role_data, logging_source]}
|
|
logging_groups: {get_attr: [OpenDaylightBase, role_data, logging_groups]}
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
config_volume: opendaylight
|
|
volumes:
|
|
list_concat:
|
|
- if:
|
|
- internal_tls_enabled
|
|
- - /etc/pki/tls/certs/odl.crt:/etc/pki/tls/certs/odl.crt:ro
|
|
- /etc/pki/tls/private/odl.key:/etc/pki/tls/private/odl.key:ro
|
|
- list_join:
|
|
- ':'
|
|
- - {get_param: InternalTLSCAFile}
|
|
- {get_param: InternalTLSCAFile}
|
|
- 'ro'
|
|
- null
|
|
# 'file,concat,file_line,augeas' are included by default
|
|
puppet_tags: odl_user,odl_keystore
|
|
step_config:
|
|
get_attr: [OpenDaylightBase, role_data, step_config]
|
|
config_image: {get_param: DockerOpendaylightConfigImage}
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/opendaylight_api.json:
|
|
command: /opt/opendaylight/bin/karaf server
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
permissions:
|
|
- path: /opt/opendaylight
|
|
owner: odl:odl
|
|
recurse: true
|
|
docker_config:
|
|
step_1:
|
|
opendaylight_api:
|
|
start_order: 0
|
|
image: &odl_api_image {get_param: DockerOpendaylightApiImage}
|
|
privileged: false
|
|
net: host
|
|
detach: true
|
|
user: odl
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: /openstack/healthcheck
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
- {get_attr: [OpenDaylightApiLogging, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/opendaylight_api.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/opendaylight/:/var/lib/kolla/config_files/src:ro
|
|
- /var/lib/opendaylight/journal:/opt/opendaylight/journal
|
|
- /var/lib/opendaylight/snapshots:/opt/opendaylight/snapshots
|
|
- /var/lib/opendaylight/data:/opt/opendaylight/data
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
metadata_settings:
|
|
get_attr: [OpenDaylightBase, role_data, metadata_settings]
|
|
host_prep_tasks:
|
|
list_concat:
|
|
- {get_attr: [OpenDaylightApiLogging, host_prep_tasks]}
|
|
-
|
|
- name: Delete cache folder
|
|
file:
|
|
path: /var/lib/opendaylight/data/cache
|
|
state: absent
|
|
- name: create persistent directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
with_items:
|
|
- /var/lib/opendaylight/snapshots
|
|
- /var/lib/opendaylight/journal
|
|
- /var/lib/opendaylight/data
|
|
upgrade_tasks:
|
|
- when: step|int == 0
|
|
tags: common
|
|
block:
|
|
- name: Check if opendaylight is deployed
|
|
command: systemctl is-enabled --quiet opendaylight
|
|
ignore_errors: True
|
|
register: opendaylight_enabled_result
|
|
- name: Set fact opendaylight_enabled
|
|
set_fact:
|
|
opendaylight_enabled: "{{ opendaylight_enabled_result.rc == 0 }}"
|
|
- name: "PreUpgrade step0,validation: Check service opendaylight is running"
|
|
command: systemctl is-active --quiet opendaylight
|
|
when: opendaylight_enabled|bool
|
|
tags: validation
|
|
- when: step|int == 2
|
|
block:
|
|
- name: Stop and disable opendaylight_api service
|
|
when: opendaylight_enabled|bool
|
|
service: name=opendaylight state=stopped enabled=no
|
|
# Containerized deployment upgrade steps
|
|
- name: ODL container L2 update and upgrade tasks
|
|
block: &odl_container_upgrade_tasks
|
|
- name: Check if ODL container is present
|
|
shell: "docker ps -a --format '{{ '{{' }}.Names{{ '}}' }}' | grep '^opendaylight_api$'"
|
|
register: opendaylight_api_container_present
|
|
failed_when: false
|
|
# NOTE: using shell module because of
|
|
# https://github.com/ansible/ansible/issues/27960
|
|
- name: Update ODL container restart policy to unless-stopped
|
|
shell: "docker update --restart=unless-stopped opendaylight_api"
|
|
when: opendaylight_api_container_present.rc == 0
|
|
- name: stop previous ODL container
|
|
docker_container:
|
|
name: opendaylight_api
|
|
state: stopped
|
|
when: step|int == 0
|
|
- name: remove data, journal and snapshots
|
|
file:
|
|
path: /var/lib/opendaylight/{{item}}
|
|
state: absent
|
|
with_items:
|
|
- snapshots
|
|
- journal
|
|
- data
|
|
when: step|int == 0
|
|
- name: Set ODL upgrade flag to True
|
|
copy:
|
|
dest: /var/lib/config-data/puppet-generated/opendaylight/opt/opendaylight/etc/opendaylight/datastore/initial/config/genius-mdsalutil-config.xml
|
|
content: |
|
|
<config xmlns="urn:opendaylight:params:xml:ns:yang:mdsalutil">
|
|
<upgradeInProgress>true</upgradeInProgress>
|
|
</config>
|
|
owner: 42462
|
|
group: 42462
|
|
mode: 0644
|
|
when: step|int == 1
|
|
post_upgrade_tasks: &odl_container_post_upgrade_tasks
|
|
- name: Disable Upgrade in Config File
|
|
copy:
|
|
dest: /var/lib/config-data/puppet-generated/opendaylight/opt/opendaylight/etc/opendaylight/datastore/initial/config/genius-mdsalutil-config.xml
|
|
content: |
|
|
<config xmlns="urn:opendaylight:params:xml:ns:yang:mdsalutil">
|
|
<upgradeInProgress>false</upgradeInProgress>
|
|
</config>
|
|
owner: 42462
|
|
group: 42462
|
|
mode: 0644
|
|
when: step|int == 0
|
|
# 2 commands in 1 task because the sequence of commands needs to be ensured
|
|
# and that no other task is executed in between.
|
|
- name: Delete Upgrade Flag and Unset it via Rest
|
|
shell:
|
|
str_replace:
|
|
template: >
|
|
curl -k -v --silent --fail -u $ODL_USERNAME:$ODL_PASSWORD
|
|
-H "Content-Type: application/json" -X DELETE
|
|
$ODL_URI/restconf/config/genius-mdsalutil:config;
|
|
curl -k -v --silent --fail -u $ODL_USERNAME:$ODL_PASSWORD
|
|
-H "Content-Type: application/json" -X POST
|
|
$ODL_URI/restconf/config/genius-mdsalutil:config
|
|
-d "{ "upgradeInProgress": false }"
|
|
params:
|
|
$ODL_USERNAME: {get_attr: [OpenDaylightBase, role_data, config_settings, 'opendaylight::username']}
|
|
$ODL_PASSWORD: {get_attr: [OpenDaylightBase, role_data, config_settings, 'opendaylight::password']}
|
|
$ODL_URI: {get_param: [EndpointMap, OpenDaylightInternal, uri]}
|
|
when: step|int == 0
|
|
update_tasks:
|
|
- name: Get ODL update level
|
|
block: &get_odl_update_level
|
|
- name: store update level to update_level variable
|
|
set_fact:
|
|
odl_update_level: {get_param: ODLUpdateLevel}
|
|
- name: Stop ODL container and remove cache
|
|
block:
|
|
- name: Check if ODL container is present
|
|
shell: "docker ps -a --format '{{ '{{' }}.Names{{ '}}' }}' | grep '^opendaylight_api$'"
|
|
register: opendaylight_api_container_present
|
|
failed_when: false
|
|
# NOTE: using shell module because of
|
|
# https://github.com/ansible/ansible/issues/27960
|
|
- name: Update ODL container restart policy to unless-stopped
|
|
shell: "docker update --restart=unless-stopped opendaylight_api"
|
|
when: opendaylight_api_container_present.rc == 0
|
|
- name: Stop previous ODL container
|
|
docker_container:
|
|
name: opendaylight_api
|
|
state: stopped
|
|
- name: Delete cache folder
|
|
file:
|
|
path: /var/lib/opendaylight/data/cache
|
|
state: absent
|
|
when:
|
|
- step|int == 0
|
|
- odl_update_level == 1
|
|
- name: Run L2 update tasks that are similar to upgrade_tasks when update level is 2
|
|
block: *odl_container_upgrade_tasks
|
|
when: odl_update_level == 2
|
|
post_update_tasks:
|
|
- block: *get_odl_update_level
|
|
- block: *odl_container_post_upgrade_tasks
|
|
when: odl_update_level == 2
|