![Dan Prince](/assets/img/avatar_default.png)
This patch guards db syncs and initialization code from executing on multiple nodes at the same time by using the new bootstrap_host_exec script. This helper script checks to make sure the container is executing on the "bootstrap host" for the specified service (arg 0) and then if it matches runs the specified command. Depends-On: If25f217bbb592edab4e1dde53ca99ed93c0e146c Depends-On: Ic1585bae27c318bd6bafc287e905f2ed250cce0f Change-Id: I0c864ca093ea476248b619d8c88477ef0b64e2eb Closes-Bug: 1688380
154 lines
5.4 KiB
YAML
154 lines
5.4 KiB
YAML
heat_template_version: pike
|
|
|
|
description: >
|
|
OpenStack Glance service configured with Puppet
|
|
|
|
parameters:
|
|
DockerNamespace:
|
|
description: namespace
|
|
default: 'tripleoupstream'
|
|
type: string
|
|
DockerGlanceApiImage:
|
|
description: image
|
|
default: 'centos-binary-glance-api:latest'
|
|
type: string
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EnableInternalTLS:
|
|
type: boolean
|
|
default: false
|
|
|
|
conditions:
|
|
|
|
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
|
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ./containers-common.yaml
|
|
|
|
GlanceApiPuppetBase:
|
|
type: ../../puppet/services/glance-api.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Glance API role.
|
|
value:
|
|
service_name: {get_attr: [GlanceApiPuppetBase, role_data, service_name]}
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [GlanceApiPuppetBase, role_data, config_settings]
|
|
- glance::api::sync_db: false
|
|
step_config: &step_config
|
|
get_attr: [GlanceApiPuppetBase, role_data, step_config]
|
|
service_config_settings: {get_attr: [GlanceApiPuppetBase, role_data, service_config_settings]}
|
|
# BEGIN DOCKER SETTINGS #
|
|
puppet_config:
|
|
config_volume: glance_api
|
|
puppet_tags: glance_api_config,glance_api_paste_ini,glance_swift_config,glance_cache_config
|
|
step_config: *step_config
|
|
config_image: &glance_image
|
|
list_join:
|
|
- '/'
|
|
- [ {get_param: DockerNamespace}, {get_param: DockerGlanceApiImage} ]
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/glance-api.json:
|
|
command: /usr/bin/glance-api --config-file /usr/share/glance/glance-api-dist.conf --config-file /etc/glance/glance-api.conf
|
|
/var/lib/kolla/config_files/glance_api_tls_proxy.json:
|
|
command: /usr/sbin/httpd -DFOREGROUND
|
|
docker_config:
|
|
# Kolla_bootstrap/db_sync runs before permissions set by kolla_config
|
|
step_3:
|
|
glance_init_logs:
|
|
start_order: 0
|
|
image: *glance_image
|
|
privileged: false
|
|
user: root
|
|
volumes:
|
|
- /var/log/containers/glance:/var/log/glance
|
|
command: ['/bin/bash', '-c', 'chown -R glance:glance /var/log/glance']
|
|
glance_api_db_sync:
|
|
start_order: 1
|
|
image: *glance_image
|
|
net: host
|
|
privileged: false
|
|
detach: false
|
|
user: root
|
|
volumes: &glance_volumes
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/glance-api.json:/var/lib/kolla/config_files/config.json
|
|
- /var/lib/config-data/glance_api/etc/glance/:/etc/glance/:ro
|
|
- /var/log/containers/glance:/var/log/glance
|
|
environment:
|
|
- KOLLA_BOOTSTRAP=True
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
command: "/usr/bin/bootstrap_host_exec glance_api su glance -s /bin/bash -c '/usr/local/bin/kolla_start'"
|
|
step_4:
|
|
map_merge:
|
|
- glance_api:
|
|
start_order: 2
|
|
image: *glance_image
|
|
net: host
|
|
privileged: false
|
|
restart: always
|
|
volumes: *glance_volumes
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
- if:
|
|
- internal_tls_enabled
|
|
- glance_api_tls_proxy:
|
|
start_order: 2
|
|
image: *glance_image
|
|
net: host
|
|
user: root
|
|
restart: always
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/glance_api_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/glance_api/etc/httpd/:/etc/httpd/:ro
|
|
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
|
|
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
- {}
|
|
host_prep_tasks:
|
|
- name: create persistent logs directory
|
|
file:
|
|
path: /var/log/containers/glance
|
|
state: directory
|
|
upgrade_tasks:
|
|
- name: Stop and disable glance_api service
|
|
tags: step2
|
|
service: name=openstack-glance-api state=stopped enabled=no
|