openstack
/
tripleo-heat-templates
Code Issues Proposed changes
RETIRED, Heat templates for deploying OpenStack
11,254 Commits 3 Branches 28 Tags 322 MiB
Go to file
Michele Baldessari 1b74f3a11c Fix duplicate mount point in neutron_dhcp 
podman >= 1.4.x bails out when duplicate mount points are passed to it
and with tls-everywhere the neutron_dhcp container will fail with:

2019-10-25 09:43:06.168 117719 DEBUG paunch [ ] $ podman create --name neutron_dhcp --label config_id=tripleo_step4 --label container_name=neutron_dhcp --label managed_by=paunch --label config_data={"depends_on": ["openvswitch"], "environment": ["KOLLA_CONFIG_STRATEGY=COPY_ALWAYS", "TRIPLEO_CONFIG_HASH=553e07d2d41900907a6cb501d10e15af"], "healthcheck": {"test": "/openstack/healthcheck 5672"}, "image": "192.168.24.1:8787/rh-osbs/rhosp15-openstack-neutron-dhcp-agent:20191022.1", "net": "host", "pid": "host", "privileged": true, "restart": "always", "security_opt": "label=disable", "start_order": 10, "ulimit": ["nofile=16384"], "volumes": ["/etc/hosts:/etc/hosts:ro", "/etc/localtime:/etc/localtime:ro", "/etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro", "/etc/pki/ca-trust/source/anchors:/etc/pki/ca-trust/source/anchors:ro", "/etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt:ro", "/etc/pki/tls/certs/ca-bundle.trust.crt:/etc/pki/tls/certs/ca-bundle.trust.crt:ro", "/etc/pki/tls/cert.pem:/etc/pki/tls/cert.pem:ro", "/dev/log:/dev/log", "/etc/ipa/ca.crt:/etc/ipa/ca.crt:ro", "/etc/ssh/ssh_known_hosts:/etc/ssh/ssh_known_hosts:ro", "/etc/puppet:/etc/puppet:ro", "/var/log/containers/neutron:/var/log/neutron:z", "/var/lib/kolla/config_files/neutron_dhcp.json:/var/lib/kolla/config_files/config.json:ro", "/var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro", "/lib/modules:/lib/modules:ro", "/run/openvswitch:/run/openvswitch:shared,z", "/var/lib/neutron:/var/lib/neutron:shared,z", "/run/netns:/run/netns:shared", "/var/lib/neutron/dnsmasq_wrapper:/usr/local/bin/dnsmasq:ro", "/var/lib/neutron/dhcp_haproxy_wrapper:/usr/local/bin/haproxy:ro", "/etc/pki/tls/certs/neutron.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/neutron.crt:ro", "/etc/pki/tls/private/neutron.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/neutron.key:ro", "/etc/ipa/ca.crt:/etc/ipa/ca.crt:ro"]} --conmon-pidfile=/var/run/neutron_dhcp.pid --detach=true --log-driver k8s-file --log-opt path=/var/log/containers/stdouts/neutron_dhcp.log --env=KOLLA_CONFIG_STRATEGY=COPY_ALWAYS --env=TRIPLEO_CONFIG_HASH=553e07d2d41900907a6cb501d10e15af --net=host --pid=host --ulimit=nofile=16384 --privileged=true --volume=/etc/hosts:/etc/hosts:ro --volume=/etc/localtime:/etc/localtime:ro --volume=/etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro --volume=/etc/pki/ca-trust/source/anchors:/etc/pki/ca-trust/source/anchors:ro --volume=/etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt:ro --volume=/etc/pki/tls/certs/ca-bundle.trust.crt:/etc/pki/tls/certs/ca-bundle.trust.crt:ro --volume=/etc/pki/tls/cert.pem:/etc/pki/tls/cert.pem:ro --volume=/dev/log:/dev/log --volume=/etc/ipa/ca.crt:/etc/ipa/ca.crt:ro --volume=/etc/ssh/ssh_known_hosts:/etc/ssh/ssh_known_hosts:ro --volume=/etc/puppet:/etc/puppet:ro --volume=/var/log/containers/neutron:/var/log/neutron:z --volume=/var/lib/kolla/config_files/neutron_dhcp.json:/var/lib/kolla/config_files/config.json:ro --volume=/var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro --volume=/lib/modules:/lib/modules:ro --volume=/run/openvswitch:/run/openvswitch:shared,z --volume=/var/lib/neutron:/var/lib/neutron:shared,z --volume=/run/netns:/run/netns:shared --volume=/var/lib/neutron/dnsmasq_wrapper:/usr/local/bin/dnsmasq:ro --volume=/var/lib/neutron/dhcp_haproxy_wrapper:/usr/local/bin/haproxy:ro --volume=/etc/pki/tls/certs/neutron.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/neutron.crt:ro --volume=/etc/pki/tls/private/neutron.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/neutron.key:ro --volume=/etc/ipa/ca.crt:/etc/ipa/ca.crt:ro --security-opt=label=disable --cpuset-cpus=0,1,2,3 192.168.24.1:8787/rh-osbs/rhosp15-openstack-neutron-dhcp-agent:20191022.1

 "b'Error: /etc/ipa/ca.crt: duplicate mount destination\\n'

That is because the /etc/ipa/ca.crt is provided by both
[ContainersCommon, volumes] and the step_4/neutron_dhcp itself

We can simply remove it from the neutron_dhcp container.

Change-Id: I99fd308e7e63699cb9deac1d0a4ace5cd4f43c68
Closes-Bug: #1850663
(cherry picked from commit 1b718b2cab)
 		2019-11-06 19:06:20 +00:00
ci Configure amphora for upload and run tempest 2019-11-01 13:46:03 -02:30
common deploy-steps-tasks: remove duplicate "when" for paunch debug 2019-10-29 23:08:32 +00:00
container_config_scripts Merge "Fix placement_wait_for_service" into stable/train 2019-10-28 13:40:10 +00:00
deployed-server Deprecate deployed-server-roles-data.yaml 2019-10-25 17:24:48 +00:00
deployment Fix duplicate mount point in neutron_dhcp 2019-11-06 19:06:20 +00:00
environments Merge "Fix "neutron-mlnx-agent.yaml" to use the new Role ComputeSriovIB" into stable/train 2019-11-06 13:59:05 +00:00
extraconfig Merge "Undercloud ctplane router for IPv6 RA's idempotent" 2019-10-12 08:01:07 +00:00
firstboot Try a timesync as part of first boot 2019-05-20 21:34:50 +00:00
network Merge "Fix multiple-nics network config ExternalMtu" 2019-10-11 15:32:58 +00:00
plan-samples Role specific derive parameters workflow parameter 2018-06-28 08:10:27 -04:00
puppet Move GroupVars to overcloud.j2.yaml 2019-08-23 08:38:46 +05:30
releasenotes Install and start Rsyslog on the Undercloud & Standalone 2019-11-03 15:04:36 +00:00
roles Install and start Rsyslog on the Undercloud & Standalone 2019-11-03 15:04:36 +00:00
sample-env-generator Install and start Rsyslog on the Undercloud & Standalone 2019-11-03 15:04:36 +00:00
scripts Move instanceha into scripts 2019-07-18 19:13:08 +00:00
tools Pass Loader to yaml.load to remove YAMLLoadWarning 2019-09-06 13:29:16 +09:00
tripleo_heat_templates Enforce pep8/pyflakes rule on python codes 2019-09-05 15:40:46 +09:00
validation-scripts Make comparisons case insensitive 2019-06-19 10:01:41 -06:00
zuul.d Deprecate kubespray kubernetes install 2019-10-15 08:16:38 -04:00
.gitignore Remove mac_hostname & random_string 2019-07-18 19:10:31 +00:00
.gitreview Update .gitreview for stable/train 2019-10-21 14:21:06 +00:00
.testr.conf Improve nova statedir ownership logic 2018-07-09 17:07:30 +01:00
LICENSE Add license file 2014-01-20 11:58:20 +01:00
README.rst Remove sensu-client service 2019-10-01 12:07:46 +02:00
all-nodes-validation.yaml Optional ICMP validation of controllers and gateways 2019-01-28 17:18:27 +00:00
babel.cfg Add release configuration. 2013-10-22 17:49:35 +01:00
bindep.txt Use https instead of http for docs links 2018-12-03 03:29:26 -08:00
capabilities-map.yaml Remove plumgrid support 2019-10-04 17:15:32 -05:00
config-download-software.yaml Change template names to rocky 2018-05-09 08:28:42 +02:00
config-download-structured.yaml Change template names to rocky 2018-05-09 08:28:42 +02:00
default_passwords.yaml Change template names to rocky 2018-05-09 08:28:42 +02:00
hosts-config.yaml [Templates] Use str_replace for hosts. 2018-11-12 16:33:27 +01:00
j2_excludes.yaml Remove ipv6 specific network templates 2017-08-31 13:12:17 -07:00
lower-constraints.txt Enable paunch logging to its full extent 2019-03-22 11:42:12 +01:00
net-config-bond.j2.yaml Drop EC2MetadataIp parameter and its uses 2019-07-05 14:05:59 +02:00
net-config-bridge.j2.yaml Drop EC2MetadataIp parameter and its uses 2019-07-05 14:05:59 +02:00
net-config-linux-bridge.j2.yaml Drop EC2MetadataIp parameter and its uses 2019-07-05 14:05:59 +02:00
net-config-noop.j2.yaml Drop EC2MetadataIp parameter and its uses 2019-07-05 14:05:59 +02:00
net-config-standalone.j2.yaml Drop EC2MetadataIp parameter and its uses 2019-07-05 14:05:59 +02:00
net-config-static-bridge-with-external-dhcp.j2.yaml Drop EC2MetadataIp parameter and its uses 2019-07-05 14:05:59 +02:00
net-config-static-bridge.j2.yaml Drop EC2MetadataIp parameter and its uses 2019-07-05 14:05:59 +02:00
net-config-static.j2.yaml Drop EC2MetadataIp parameter and its uses 2019-07-05 14:05:59 +02:00
net-config-undercloud.j2.yaml Drop EC2MetadataIp parameter and its uses 2019-07-05 14:05:59 +02:00
network_data.yaml Add external_resource_vip_id property to network_data.yaml 2019-03-25 10:48:40 -04:00
network_data_dashboard.yaml Add a StorageDashboard network used by CephGrafana service 2019-08-30 19:16:47 +02:00
network_data_ganesha.yaml Merge "Allow overlay tunnel endpoints on IPv6 address" 2019-01-10 21:13:19 +00:00
network_data_routed.yaml Merge "Allow overlay tunnel endpoints on IPv6 address" 2019-01-10 21:13:19 +00:00
network_data_subnets_routed.yaml L3 routed networks - data + env (1/3) 2018-12-30 19:24:29 +01:00
network_data_undercloud.yaml Add network data for the undercloud 2019-01-21 19:35:37 +01:00
overcloud-resource-registry-puppet.j2.yaml Deprecate kubespray kubernetes install 2019-10-15 08:16:38 -04:00
overcloud.j2.yaml Derives NovaPCIPassthrough per SR-IOV node 2019-10-23 04:26:48 +00:00
plan-environment.yaml Add name and description fields to plan-environment.yaml 2017-04-12 17:25:40 +02:00
requirements.txt Enable paunch logging to its full extent 2019-03-22 11:42:12 +01:00
roles_data.yaml Merge "Remove sensu-client service" 2019-10-10 22:59:46 +00:00
roles_data_undercloud.yaml Install and start Rsyslog on the Undercloud & Standalone 2019-11-03 15:04:36 +00:00
setup.cfg Replace git.openstack.org URLs with opendev.org URLs 2019-06-26 02:43:46 +00:00
setup.py Updated from global requirements 2017-03-28 13:03:01 +00:00
test-requirements.txt Sync Sphinx requirement 2019-05-29 11:23:29 +08:00
tox.ini Update TOX/UPPER_CONSTRAINTS_FILE for stable/train 2019-10-21 14:21:12 +00:00

README.rst

Team and repository tags

image

tripleo-heat-templates

Heat templates to deploy OpenStack using OpenStack.

Features

The ability to deploy a multi-node, role based OpenStack deployment using OpenStack Heat. Notable features include:

  • Choice of deployment/configuration tooling: puppet, (soon) docker
  • Role based deployment: roles for the controller, compute, ceph, swift, and cinder storage
  • physical network configuration: support for isolated networks, bonding, and standard ctlplane networking

Directories

A description of the directory layout in TripleO Heat Templates.

  • environments: contains heat environment files that can be used with -e

    on the command like to enable features, etc.

  • extraconfig: templates used to enable 'extra' functionality. Includes

    functionality for distro specific registration and upgrades.

  • firstboot: example first_boot scripts that can be used when initially

    creating instances.

  • network: heat templates to help create isolated networks and ports
  • puppet: templates mostly driven by configuration with puppet. To use these

    templates you can use the overcloud-resource-registry-puppet.yaml.

  • validation-scripts: validation scripts useful to all deployment

    configurations

  • roles: example roles that can be used with the tripleoclient to generate

    a roles_data.yaml for a deployment See the roles/README.rst for additional details.

Service testing matrix

The configuration for the CI scenarios will be defined in tripleo-heat-templates/ci/ and should be executed according to the following table:

- scn000 scn001 scn002 scn003 scn004 scn006 scn007 scn009 scn010 non-ha ovh-ha
keystone

X

X

X

X

X

X

X

X

X

X
glance

rbd

 swift

file

rgw

file

file

rbd

file

file
cinder

rbd

 iscsi
heat

X

X
ironic

X
mysql

X

X

X

X

X

X

X

X

X

X
neutron

ovn

ovn

ovn

ovn

ovn

ovs

ovn

ovn

ovn
neutron-bgpvpn

wip
ovn

X
neutron-l2gw

wip
om-rpc rabbit rabbit

amqp1

 rabbit rabbit rabbit rabbit rabbit rabbit
om-notify rabbit rabbit rabbit rabbit rabbit rabbit rabbit rabbit rabbit
redis

X

X
haproxy

X

X

X

X

X

X

X

X

X
memcached

X

X

X

X

X

X

X

X

X
pacemaker

X

X

X

X

X

X

X

X

X
nova

qemu

qemu

qemu

qemu

 ironic

qemu

qemu

qemu

qemu
ntp

X

X

X

X

X

X

X

X

X

X

X
snmp

X

X

X

X

X

X

X

X

X

X

X
timezone

X

X

X

X

X

X

X

X

X

X

X
sahara

X
mistral

X
swift

X
aodh

X

X
ceilometer

X

X
gnocchi

rbd

swift
barbican

X
zaqar

X
ec2api

X
cephrgw

X
tacker

X
cephmds

X
manila

X
collectd

X
designate

X
octavia

X