c76584c021
This allows to deploy and use the services on a selinux-enforcing host with proper selinux separation. Change-Id: Icde6c61a0b26741946d079b2b00475de34722bea
180 lines
6.2 KiB
YAML
180 lines
6.2 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
Provides the list of Docker volumes and environment to be used by the
|
|
CinderVolume and CinderBackup services. The same list is used for
|
|
HA and non-HA deployments.
|
|
|
|
parameters:
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
CinderVolumeOptVolumes:
|
|
default: []
|
|
description: list of optional volumes to be mounted
|
|
type: comma_delimited_list
|
|
CinderVolumeOptEnvVars:
|
|
default: []
|
|
description: list of optional environment variables
|
|
type: comma_delimited_list
|
|
CinderEnableIscsiBackend:
|
|
default: true
|
|
description: Whether to enable or not the Iscsi backend for Cinder
|
|
type: boolean
|
|
CinderLVMLoopDeviceSize:
|
|
default: 10280
|
|
description: The size of the loopback file used by the cinder LVM driver.
|
|
type: number
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ./containers-common.yaml
|
|
|
|
outputs:
|
|
cinder_volume_host_prep_tasks:
|
|
description: Host prep tasks for the cinder-volume service (HA or non-HA)
|
|
value:
|
|
- name: create persistent directories
|
|
file:
|
|
path: "{{ item.path }}"
|
|
state: directory
|
|
setype: "{{ item.setype }}"
|
|
with_items:
|
|
- { 'path': /var/log/containers/cinder, 'setype': svirt_sandbox_file_t }
|
|
- { 'path': /var/lib/cinder, 'setype': svirt_sandbox_file_t }
|
|
- name: cinder logs readme
|
|
copy:
|
|
dest: /var/log/cinder/readme.txt
|
|
content: |
|
|
Log files from cinder containers can be found under
|
|
/var/log/containers/cinder and /var/log/containers/httpd/cinder-api.
|
|
ignore_errors: true
|
|
- name: ensure ceph configurations exist
|
|
file:
|
|
path: /etc/ceph
|
|
state: directory
|
|
- name: cinder_enable_iscsi_backend fact
|
|
set_fact:
|
|
cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
|
|
- when: cinder_enable_iscsi_backend
|
|
block:
|
|
- name: cinder create LVM volume group dd
|
|
command:
|
|
list_join:
|
|
- ''
|
|
- - 'dd if=/dev/zero of=/var/lib/cinder/cinder-volumes bs=1 count=0 seek='
|
|
- str_replace:
|
|
template: VALUE
|
|
params:
|
|
VALUE: {get_param: CinderLVMLoopDeviceSize}
|
|
- 'M'
|
|
args:
|
|
creates: /var/lib/cinder/cinder-volumes
|
|
- name: cinder create LVM volume group
|
|
shell: |
|
|
if ! losetup /dev/loop2; then
|
|
losetup /dev/loop2 /var/lib/cinder/cinder-volumes
|
|
fi
|
|
if ! pvdisplay | grep cinder-volumes; then
|
|
pvcreate /dev/loop2
|
|
fi
|
|
if ! vgdisplay | grep cinder-volumes; then
|
|
vgcreate cinder-volumes /dev/loop2
|
|
fi
|
|
args:
|
|
executable: /bin/bash
|
|
creates: /dev/loop2
|
|
- name: cinder create service to run losetup for LVM on startup
|
|
copy:
|
|
dest: /etc/systemd/system/cinder-lvm-losetup.service
|
|
content: |
|
|
[Unit]
|
|
Description=Cinder LVM losetup
|
|
After=syslog.target
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=/bin/bash -c '/sbin/losetup /dev/loop2 || /sbin/losetup /dev/loop2 /var/lib/cinder/cinder-volumes'
|
|
ExecStop=/bin/bash -c '/sbin/losetup -d /dev/loop2'
|
|
RemainAfterExit=yes
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
- name: cinder enable the LVM losetup service
|
|
systemd:
|
|
name: cinder-lvm-losetup
|
|
enabled: yes
|
|
daemon_reload: yes
|
|
|
|
cinder_volume_volumes:
|
|
description: Volumes for the cinder-volume container (HA or non-HA)
|
|
value:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
- {get_param: CinderVolumeOptVolumes}
|
|
-
|
|
- /var/lib/kolla/config_files/cinder_volume.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
|
|
- /etc/iscsi:/var/lib/kolla/config_files/src-iscsid:ro
|
|
- /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
|
|
- /lib/modules:/lib/modules:ro
|
|
- /dev/:/dev/
|
|
- /run/:/run/
|
|
- /sys:/sys
|
|
- /var/lib/cinder:/var/lib/cinder
|
|
- /var/log/containers/cinder:/var/log/cinder
|
|
|
|
cinder_volume_environment:
|
|
description: Docker environment for the cinder-volume container (HA or non-HA)
|
|
value:
|
|
list_concat:
|
|
- {get_param: CinderVolumeOptEnvVars}
|
|
-
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
|
|
cinder_backup_volumes:
|
|
description: Volumes for the cinder-backup container (HA or non-HA)
|
|
value:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/cinder_backup.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
|
|
- /etc/iscsi:/var/lib/kolla/config_files/src-iscsid:ro
|
|
- /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
|
|
- /dev/:/dev/
|
|
- /run/:/run/
|
|
- /sys:/sys
|
|
- /lib/modules:/lib/modules:ro
|
|
- /var/lib/cinder:/var/lib/cinder:z
|
|
- /var/log/containers/cinder:/var/log/cinder:z
|
|
|
|
cinder_backup_environment:
|
|
description: Docker environment for the cinder-backup container (HA or non-HA)
|
|
value:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|