302 lines
12 KiB
YAML
302 lines
12 KiB
YAML
heat_template_version: wallaby
|
|
|
|
description: >
|
|
OpenStack containerized Cinder Volume service
|
|
|
|
parameters:
|
|
ContainerCinderVolumeImage:
|
|
description: image
|
|
type: string
|
|
tags:
|
|
- role_specific
|
|
ContainerCinderConfigImage:
|
|
description: The container image to use for the cinder config_volume
|
|
type: string
|
|
tags:
|
|
- role_specific
|
|
DockerCinderVolumeUlimit:
|
|
default: ['nofile=131072']
|
|
description: ulimit for Cinder Volume Container
|
|
type: comma_delimited_list
|
|
CinderVolumeLoggingSource:
|
|
type: json
|
|
default:
|
|
tag: openstack.cinder.volume
|
|
file: /var/log/containers/cinder/cinder-volume.log
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. Use
|
|
parameter_merge_strategies to merge it with the defaults.
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
CephClientUserName:
|
|
default: openstack
|
|
type: string
|
|
CephClusterName:
|
|
type: string
|
|
default: ceph
|
|
description: The Ceph cluster name.
|
|
constraints:
|
|
- allowed_pattern: "[a-zA-Z0-9]+"
|
|
description: >
|
|
The Ceph cluster name must be at least 1 character and contain only
|
|
letters and numbers.
|
|
CinderVolumeCluster:
|
|
default: ''
|
|
description: >
|
|
The cluster name used for deploying the cinder-volume service in an
|
|
active-active (A/A) configuration. This configuration requires the
|
|
Cinder backend drivers support A/A, and the cinder-volume service not
|
|
be managed by pacemaker. If these criteria are not met then the cluster
|
|
name must be left blank.
|
|
type: string
|
|
CinderEnableIscsiBackend:
|
|
default: true
|
|
description: Whether to enable or not the Iscsi backend for Cinder
|
|
type: boolean
|
|
CinderEnableRbdBackend:
|
|
default: false
|
|
description: Whether to enable or not the Rbd backend for Cinder
|
|
type: boolean
|
|
CinderISCSIAvailabilityZone:
|
|
default: ''
|
|
description: >
|
|
The availability zone of the Iscsi Cinder backend.
|
|
When set, it overrides the default CinderStorageAvailabilityZone.
|
|
type: string
|
|
CinderISCSIHelper:
|
|
default: lioadm
|
|
description: The iSCSI helper to use with cinder.
|
|
type: string
|
|
CinderISCSIProtocol:
|
|
default: iscsi
|
|
description: Whether to use TCP ('iscsi') or iSER RDMA ('iser') for iSCSI
|
|
type: string
|
|
CinderRbdBackendName:
|
|
type: comma_delimited_list
|
|
default: 'tripleo_ceph'
|
|
description: A list of Cinder RBD backend names.
|
|
CinderRbdAvailabilityZone:
|
|
default: ''
|
|
description: >
|
|
The availability zone of the RBD Cinder backend.
|
|
When set, it overrides the default CinderStorageAvailabilityZone.
|
|
type: string
|
|
CinderRbdPoolName:
|
|
default: volumes
|
|
type: string
|
|
CinderRbdExtraPools:
|
|
default: []
|
|
description: >
|
|
List of extra Ceph pools for use with RBD backends for Cinder. An
|
|
extra Cinder RBD backend driver is created for each pool in the
|
|
list. This is in addition to the standard RBD backend driver
|
|
associated with the CinderRbdPoolName.
|
|
type: comma_delimited_list
|
|
CinderRbdFlattenVolumeFromSnapshot:
|
|
default: false
|
|
description: >
|
|
Whether RBD volumes created from a snapshot should be flattened
|
|
in order to remove a dependency on the snapshot.
|
|
type: boolean
|
|
CinderRbdMultiConfig:
|
|
type: json
|
|
default: {}
|
|
description: |
|
|
Dictionary of settings when configuring multiple RBD backends. The
|
|
hash key is the backend name, and the value is a dictionary of parameter
|
|
values unique to that backend. The following parameters are required,
|
|
and must match the corresponding value defined in CephExternalMultiConfig.
|
|
CephClusterName (must match the CephExternalMultiConfig entry's 'cluster')
|
|
CephClusterFSID (must match the CephExternalMultiConfig entry's 'fsid')
|
|
The following parameters are optional, and override the corresponding
|
|
parameter's default value.
|
|
CephClientUserName
|
|
CinderRbdPoolName
|
|
CinderRbdExtraPools
|
|
CinderRbdAvailabilityZone
|
|
CinderRbdFlattenVolumeFromSnapshot
|
|
CephClusterFSID:
|
|
type: string
|
|
description: The Ceph cluster FSID. Must be a UUID.
|
|
MonitoringSubscriptionCinderVolume:
|
|
default: 'overcloud-cinder-volume'
|
|
type: string
|
|
CinderEtcdLocalConnect:
|
|
default: false
|
|
type: boolean
|
|
description: When running Cinder A/A, whether to connect to Etcd
|
|
via the local IP for the Etcd network. If set to true, the ip
|
|
on the local node will be used. If set to false, the VIP on the Etcd
|
|
network will be used instead. Defaults to false.
|
|
|
|
resources:
|
|
ContainersCommon:
|
|
type: ../containers-common.yaml
|
|
|
|
MySQLClient:
|
|
type: ../database/mysql-client.yaml
|
|
|
|
CinderBase:
|
|
type: ./cinder-base.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceData: {get_param: ServiceData}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
CinderCommon:
|
|
type: ./cinder-common-container-puppet.yaml
|
|
|
|
RoleParametersValue:
|
|
type: OS::Heat::Value
|
|
properties:
|
|
type: json
|
|
value:
|
|
map_replace:
|
|
- map_replace:
|
|
- ContainerCinderVolumeImage: ContainerCinderVolumeImage
|
|
ContainerCinderConfigImage: ContainerCinderConfigImage
|
|
- values: {get_param: [RoleParameters]}
|
|
- values:
|
|
ContainerCinderVolumeImage: {get_param: ContainerCinderVolumeImage}
|
|
ContainerCinderConfigImage: {get_param: ContainerCinderConfigImage}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Cinder Volume role.
|
|
value:
|
|
service_name: cinder_volume
|
|
firewall_rules:
|
|
'120 iscsi initiator':
|
|
dport: 3260
|
|
monitoring_subscription: {get_param: MonitoringSubscriptionCinderVolume}
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [CinderBase, role_data, config_settings]
|
|
- get_attr: [CinderCommon, cinder_volume_config_settings]
|
|
- tripleo::profile::base::lvm::enable_udev: false
|
|
tripleo::profile::base::cinder::volume::cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
|
|
tripleo::profile::base::cinder::volume::cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
|
|
tripleo::profile::base::cinder::volume::cinder_volume_cluster: {get_param: CinderVolumeCluster}
|
|
tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_helper: {get_param: CinderISCSIHelper}
|
|
tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_protocol: {get_param: CinderISCSIProtocol}
|
|
tripleo::profile::base::cinder::volume::rbd::backend_name: {get_param: CinderRbdBackendName}
|
|
tripleo::profile::base::cinder::volume::rbd::cinder_rbd_ceph_conf:
|
|
list_join:
|
|
- ''
|
|
- - '/etc/ceph/'
|
|
- {get_param: CephClusterName}
|
|
- '.conf'
|
|
tripleo::profile::base::cinder::volume::rbd::cinder_rbd_pool_name: {get_param: CinderRbdPoolName}
|
|
tripleo::profile::base::cinder::volume::rbd::cinder_rbd_extra_pools: {get_param: CinderRbdExtraPools}
|
|
tripleo::profile::base::cinder::volume::rbd::cinder_rbd_secret_uuid: {get_param: CephClusterFSID}
|
|
tripleo::profile::base::cinder::volume::rbd::cinder_rbd_user_name: {get_param: CephClientUserName}
|
|
tripleo::profile::base::cinder::volume::rbd::cinder_rbd_flatten_volume_from_snapshot: {get_param: CinderRbdFlattenVolumeFromSnapshot}
|
|
tripleo::profile::base::cinder::volume::rbd::multi_config: {get_param: CinderRbdMultiConfig}
|
|
cinder::backend::defaults::use_multipath_for_image_xfer: true
|
|
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
|
# for the given network; replacement examples (eg. for internal_api):
|
|
# internal_api -> IP
|
|
# internal_api_uri -> [IP]
|
|
# internal_api_subnet - > IP/CIDR
|
|
tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address:
|
|
str_replace:
|
|
template:
|
|
"%{lookup('$NETWORK')}"
|
|
params:
|
|
$NETWORK: {get_param: [ServiceNetMap, CinderIscsiNetwork]}
|
|
- if:
|
|
- not: {equals : [{get_param: CinderISCSIAvailabilityZone}, '']}
|
|
- tripleo::profile::base::cinder::volume::iscsi::backend_availability_zone: {get_param: CinderISCSIAvailabilityZone}
|
|
- if:
|
|
- not: {equals : [{get_param: CinderRbdAvailabilityZone}, '']}
|
|
- tripleo::profile::base::cinder::volume::rbd::backend_availability_zone: {get_param: CinderRbdAvailabilityZone}
|
|
- if:
|
|
- {get_param: CinderEtcdLocalConnect}
|
|
- tripleo::profile::base::cinder::volume::etcd_host:
|
|
str_replace:
|
|
template:
|
|
"%{lookup('$NETWORK')}"
|
|
params:
|
|
$NETWORK: {get_param: [ServiceNetMap, EtcdNetwork]}
|
|
# NOTE:For Cinder A/A configuration with tls-e and CinderEtcdLocalConnect enabled,
|
|
# presence of haproxy emits continuous tls warnings for etcd.
|
|
tripleo::haproxy::etcd: false
|
|
service_config_settings:
|
|
rsyslog:
|
|
tripleo_logging_sources_cinder_volume:
|
|
- {get_param: CinderVolumeLoggingSource}
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
config_volume: cinder
|
|
puppet_tags: cinder_config,file,concat,file_line
|
|
step_config:
|
|
list_join:
|
|
- "\n"
|
|
- - "include tripleo::profile::base::lvm"
|
|
- "include tripleo::profile::base::cinder::volume"
|
|
- get_attr: [MySQLClient, role_data, step_config]
|
|
config_image: {get_attr: [RoleParametersValue, value, ContainerCinderConfigImage]}
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/cinder_volume.json:
|
|
command: /usr/bin/cinder-volume --config-file /etc/cinder/cinder.conf
|
|
config_files: {get_attr: [CinderCommon, cinder_common_kolla_config_files]}
|
|
permissions: {get_attr: [CinderCommon, cinder_common_kolla_permissions]}
|
|
docker_config:
|
|
step_3:
|
|
cinder_volume_init_logs:
|
|
start_order: 0
|
|
image: &cinder_volume_image {get_attr: [RoleParametersValue, value, ContainerCinderVolumeImage]}
|
|
net: none
|
|
privileged: false
|
|
user: root
|
|
volumes:
|
|
- /var/log/containers/cinder:/var/log/cinder:z
|
|
command: ['/bin/bash', '-c', 'chown -R cinder:cinder /var/log/cinder']
|
|
step_4:
|
|
cinder_volume:
|
|
image: *cinder_volume_image
|
|
ulimit: {get_param: DockerCinderVolumeUlimit}
|
|
ipc: host
|
|
net: host
|
|
privileged: true
|
|
restart: always
|
|
healthcheck: {get_attr: [ContainersCommon, healthcheck_rpc_port]}
|
|
volumes: {get_attr: [CinderCommon, cinder_volume_volumes]}
|
|
environment: {get_attr: [CinderCommon, cinder_volume_environment]}
|
|
host_prep_tasks: {get_attr: [CinderCommon, cinder_volume_host_prep_tasks]}
|
|
external_upgrade_tasks:
|
|
- when:
|
|
- step|int == 1
|
|
tags:
|
|
- never
|
|
- system_upgrade_transfer_data
|
|
- system_upgrade_stop_services
|
|
block:
|
|
- name: Stop cinder volume container
|
|
import_role:
|
|
name: tripleo_container_stop
|
|
vars:
|
|
tripleo_containers_to_stop:
|
|
- cinder_volume
|
|
tripleo_delegate_to: "{{ groups['cinder_volume'] | difference(groups['excluded_overcloud']) }}"
|