tripleo-heat-templates/deployment/cinder/cinder-common-container-pup...

258 lines
9.1 KiB
YAML

heat_template_version: rocky
description: >
Provides the list of common container volumes and environment used by
various cinder services.
parameters:
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
CinderVolumeOptVolumes:
default: []
description: list of optional volumes to be mounted
type: comma_delimited_list
CinderVolumeOptEnvVars:
default: {}
description: hash of optional environment variables
type: json
CinderEnableIscsiBackend:
default: true
description: Whether to enable or not the Iscsi backend for Cinder
type: boolean
CinderLVMLoopDeviceSize:
default: 10280
description: The size of the loopback file used by the cinder LVM driver.
type: number
MultipathdEnable:
default: false
description: Whether to enable the multipath daemon
type: boolean
CinderVolumeCluster:
default: ''
description: >
The cluster name used for deploying the cinder-volume service in an
active-active (A/A) configuration. This configuration requires the
Cinder backend drivers support A/A, and the cinder-volume service not
be managed by pacemaker. If these criteria are not met then the cluster
name must be left blank.
type: string
EnableInternalTLS:
type: boolean
default: false
EnableEtcdInternalTLS:
description: Controls whether etcd and the cinder-volume service use TLS
for cinder's lock manager, even when the rest of the internal
API network is using TLS.
type: boolean
default: false
conditions:
multipathd_enabled: {equals: [{get_param: MultipathdEnable}, true]}
cvol_active_active_tls_enabled:
and:
- not: {equals: [{get_param: CinderVolumeCluster}, '']}
- equals: [{get_param: EnableInternalTLS}, true]
- equals: [{get_param: EnableEtcdInternalTLS}, true]
resources:
ContainersCommon:
type: ../containers-common.yaml
outputs:
cinder_common_host_prep_tasks:
description: Common host prep tasks for cinder-volume and cinder-backup services
value: &cinder_common_host_prep_tasks
- name: create persistent directories
file:
path: "{{ item.path }}"
state: directory
setype: "{{ item.setype }}"
mode: "{{ item.mode|default(omit) }}"
with_items:
- { 'path': /var/log/containers/cinder, 'setype': container_file_t, 'mode': '0750' }
- { 'path': /var/lib/cinder, 'setype': container_file_t }
- name: ensure ceph configurations exist
file:
path: /etc/ceph
state: directory
cinder_common_volumes:
description: Common volumes for all cinder services
value: &cinder_common_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/puppet-generated/cinder:/var/lib/kolla/config_files/src:ro
- /var/log/containers/cinder:/var/log/cinder:z
-
if:
- cvol_active_active_tls_enabled
-
- /etc/pki/tls/certs/etcd.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/etcd.crt:ro
- /etc/pki/tls/private/etcd.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/etcd.key:ro
- []
cinder_volume_host_prep_tasks:
description: Host prep tasks for the cinder-volume service (HA or non-HA)
value:
list_concat:
- *cinder_common_host_prep_tasks
-
- name: cinder_enable_iscsi_backend fact
set_fact:
cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
- when: cinder_enable_iscsi_backend|bool
block:
- name: ensure LVM rpm dependencies are installed
package:
name: lvm2
state: latest
- name: cinder create LVM volume group dd
command:
list_join:
- ''
- - 'dd if=/dev/zero of=/var/lib/cinder/cinder-volumes bs=1 count=0 seek='
- str_replace:
template: VALUE
params:
VALUE: {get_param: CinderLVMLoopDeviceSize}
- 'M'
args:
creates: /var/lib/cinder/cinder-volumes
- name: Get or create LVM loopback device
shell: |-
exit_code=0
existing_device=$(losetup -j /var/lib/cinder/cinder-volumes -l -n -O NAME)
if [[ -z "${existing_device}" ]]; then
losetup -f /var/lib/cinder/cinder-volumes --show
exit_code=2
else
echo ${existing_device%$'\n'*}
fi
exit ${exit_code}
args:
executable: /bin/bash
register: _loopback_device
changed_when: _loopback_device.rc == 2
failed_when: _loopback_device.rc not in [0,2]
- name: Create LVM volume group
lvg:
vg: "cinder-volumes"
pvs: "{{ _loopback_device.stdout }}"
state: present
when:
- not (ansible_check_mode | bool)
- name: cinder create service to run losetup for LVM on startup
copy:
dest: /etc/systemd/system/cinder-lvm-losetup.service
content: |
[Unit]
Description=Cinder LVM losetup
DefaultDependencies=no
Conflicts=umount.target
Requires=systemd-udev-settle.service
Before=local-fs.target umount.target
After=systemd-udev-settle.service
[Service]
Type=oneshot
ExecStart=/sbin/losetup {{ _loopback_device.stdout }} /var/lib/cinder/cinder-volumes
ExecStop=/sbin/losetup -d {{ _loopback_device.stdout }}
RemainAfterExit=yes
[Install]
WantedBy=local-fs-pre.target
when:
- not (ansible_check_mode | bool)
- name: cinder enable the LVM losetup service
systemd:
name: cinder-lvm-losetup
enabled: yes
daemon_reload: yes
cinder_volume_volumes:
description: Volumes for the cinder-volume container (HA or non-HA)
value:
list_concat:
- *cinder_common_volumes
- {get_param: CinderVolumeOptVolumes}
-
- /var/lib/kolla/config_files/cinder_volume.json:/var/lib/kolla/config_files/config.json:ro
- /etc/iscsi:/var/lib/kolla/config_files/src-iscsid:ro
- /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /lib/modules:/lib/modules:ro
- /dev/:/dev/
- /run/:/run/
- /sys:/sys
- /var/lib/cinder:/var/lib/cinder:z
- /var/lib/iscsi:/var/lib/iscsi:z
-
if:
- multipathd_enabled
- - /etc/multipath:/etc/multipath:z
- /etc/multipath.conf:/etc/multipath.conf:ro
- []
cinder_volume_environment:
description: Docker environment for the cinder-volume container (HA or non-HA)
value:
map_merge:
- {get_param: CinderVolumeOptEnvVars}
- KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
cinder_backup_host_prep_tasks:
description: Host prep tasks for the cinder-backup service (HA or non-HA)
value: *cinder_common_host_prep_tasks
cinder_backup_volumes:
description: Volumes for the cinder-backup container (HA or non-HA)
value:
list_concat:
- *cinder_common_volumes
-
- /var/lib/kolla/config_files/cinder_backup.json:/var/lib/kolla/config_files/config.json:ro
- /etc/iscsi:/var/lib/kolla/config_files/src-iscsid:ro
- /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /dev/:/dev/
- /run/:/run/
- /sys:/sys
- /lib/modules:/lib/modules:ro
- /var/lib/cinder:/var/lib/cinder:z
- /var/lib/iscsi:/var/lib/iscsi:z
-
if:
- multipathd_enabled
- - /etc/multipath:/etc/multipath:z
- []
cinder_backup_environment:
description: Docker environment for the cinder-backup container (HA or non-HA)
value:
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS