Dan Prince 51da97d04a docker bootstrap service commands
This patch guards db syncs and initialization code from executing
on multiple nodes at the same time by using the new
bootstrap_host_exec script. This helper script checks to make
sure the container is executing on the "bootstrap host" for the
specified service (arg 0) and then if it matches runs the
specified command.

Depends-On: If25f217bbb592edab4e1dde53ca99ed93c0e146c
Depends-On: Ic1585bae27c318bd6bafc287e905f2ed250cce0f

Change-Id: I0c864ca093ea476248b619d8c88477ef0b64e2eb
Closes-Bug: 1688380
2017-05-22 12:04:42 -04:00

154 lines
5.4 KiB
YAML

heat_template_version: pike
description: >
OpenStack Glance service configured with Puppet
parameters:
DockerNamespace:
description: namespace
default: 'tripleoupstream'
type: string
DockerGlanceApiImage:
description: image
default: 'centos-binary-glance-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EnableInternalTLS:
type: boolean
default: false
conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
ContainersCommon:
type: ./containers-common.yaml
GlanceApiPuppetBase:
type: ../../puppet/services/glance-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Glance API role.
value:
service_name: {get_attr: [GlanceApiPuppetBase, role_data, service_name]}
config_settings:
map_merge:
- get_attr: [GlanceApiPuppetBase, role_data, config_settings]
- glance::api::sync_db: false
step_config: &step_config
get_attr: [GlanceApiPuppetBase, role_data, step_config]
service_config_settings: {get_attr: [GlanceApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
config_volume: glance_api
puppet_tags: glance_api_config,glance_api_paste_ini,glance_swift_config,glance_cache_config
step_config: *step_config
config_image: &glance_image
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerGlanceApiImage} ]
kolla_config:
/var/lib/kolla/config_files/glance-api.json:
command: /usr/bin/glance-api --config-file /usr/share/glance/glance-api-dist.conf --config-file /etc/glance/glance-api.conf
/var/lib/kolla/config_files/glance_api_tls_proxy.json:
command: /usr/sbin/httpd -DFOREGROUND
docker_config:
# Kolla_bootstrap/db_sync runs before permissions set by kolla_config
step_3:
glance_init_logs:
start_order: 0
image: *glance_image
privileged: false
user: root
volumes:
- /var/log/containers/glance:/var/log/glance
command: ['/bin/bash', '-c', 'chown -R glance:glance /var/log/glance']
glance_api_db_sync:
start_order: 1
image: *glance_image
net: host
privileged: false
detach: false
user: root
volumes: &glance_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/glance-api.json:/var/lib/kolla/config_files/config.json
- /var/lib/config-data/glance_api/etc/glance/:/etc/glance/:ro
- /var/log/containers/glance:/var/log/glance
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
command: "/usr/bin/bootstrap_host_exec glance_api su glance -s /bin/bash -c '/usr/local/bin/kolla_start'"
step_4:
map_merge:
- glance_api:
start_order: 2
image: *glance_image
net: host
privileged: false
restart: always
volumes: *glance_volumes
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- if:
- internal_tls_enabled
- glance_api_tls_proxy:
start_order: 2
image: *glance_image
net: host
user: root
restart: always
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/glance_api_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/glance_api/etc/httpd/:/etc/httpd/:ro
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- {}
host_prep_tasks:
- name: create persistent logs directory
file:
path: /var/log/containers/glance
state: directory
upgrade_tasks:
- name: Stop and disable glance_api service
tags: step2
service: name=openstack-glance-api state=stopped enabled=no