e4ee042a2a
We don't need upgrade_tasks that stop systemd services since all services are now containerized. However, we decided to keep the tasks that remove the rpms in case some of deployments didn't cleanup them in previous releases, they can still do it now. Change-Id: I6abdc9e37966cd818306f7af473958fd4662ccb5 Related-Bug: #1806733
149 lines
5.4 KiB
YAML
149 lines
5.4 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
OpenStack containerized Ovn Controller agent.
|
|
|
|
parameters:
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
DockerOvnControllerImage:
|
|
description: image
|
|
type: string
|
|
DockerOvnControllerConfigImage:
|
|
description: The container image to use for the ovn_controller config_volume
|
|
type: string
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ./containers-common.yaml
|
|
|
|
OvnControllerBase:
|
|
type: ../../puppet/services/ovn-controller.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceData: {get_param: ServiceData}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Ovn Controller agent.
|
|
value:
|
|
service_name: {get_attr: [OvnControllerBase, role_data, service_name]}
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [OvnControllerBase, role_data, config_settings]
|
|
service_config_settings: {get_attr: [OvnControllerBase, role_data, service_config_settings]}
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
puppet_tags: vs_config,exec
|
|
config_volume: ovn_controller
|
|
step_config:
|
|
get_attr: [OvnControllerBase, role_data, step_config]
|
|
config_image: {get_param: DockerOvnControllerConfigImage}
|
|
# We need to mount /run for puppet_config step. This is because
|
|
# puppet-vswitch runs the commands "ovs-vsctl set open_vswitch . external_ids:..."
|
|
# to configure the required parameters in ovs db which will be read
|
|
# by ovn-controller. And ovs-vsctl talks to the ovsdb-server (hosting conf.db)
|
|
# on the unix domain socket - /run/openvswitch/db.sock
|
|
volumes:
|
|
- /lib/modules:/lib/modules:ro
|
|
- /run/openvswitch:/run/openvswitch:shared,z
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/ovn_controller.json:
|
|
command: /usr/bin/ovn-controller --pidfile --log-file unix:/run/openvswitch/db.sock
|
|
permissions:
|
|
- path: /var/log/openvswitch
|
|
owner: root:root
|
|
recurse: true
|
|
docker_config:
|
|
step_4:
|
|
configure_cms_options:
|
|
start_order: 0
|
|
detach: false
|
|
net: host
|
|
privileged: true
|
|
user: root
|
|
command: ['/bin/bash', '-c', 'CMS_OPTS=$(hiera ovn::controller::ovn_cms_options -c /etc/puppet/hiera.yaml); if [ X"$CMS_OPTS" != X ]; then ovs-vsctl set open . external_ids:ovn-cms-options=$CMS_OPTS; fi']
|
|
image: &ovn_controller_image {get_param: DockerOvnControllerImage}
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
-
|
|
- /lib/modules:/lib/modules:ro
|
|
- /run/openvswitch:/run/openvswitch:shared,z
|
|
ovn_controller:
|
|
start_order: 1
|
|
image: *ovn_controller_image
|
|
net: host
|
|
privileged: true
|
|
user: root
|
|
restart: always
|
|
healthcheck:
|
|
test:
|
|
list_join:
|
|
- ' '
|
|
- - '/openstack/healthcheck'
|
|
- yaql:
|
|
expression: str($.data.port)
|
|
data:
|
|
port: {get_attr: [OvnControllerBase, role_data, config_settings, 'ovn::southbound::port']}
|
|
volumes:
|
|
- /var/lib/kolla/config_files/ovn_controller.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /lib/modules:/lib/modules:ro
|
|
# TODO(numans): This is temporary. Mount /run/openvswitch once
|
|
# openvswitch systemd script is fixed to not delete /run/openvswitch
|
|
# folder in the host when openvswitch service is stopped.
|
|
- /run:/run
|
|
- /var/log/containers/openvswitch:/var/log/openvswitch:z
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
host_prep_tasks:
|
|
- name: create persistent logs directory
|
|
file:
|
|
path: /var/log/containers/openvswitch
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
- name: openvswitch logs readme
|
|
copy:
|
|
dest: /var/log/openvswitch/readme.txt
|
|
content: |
|
|
Log files from openvswitch containers can be found under
|
|
/var/log/containers/openvswitch.
|
|
ignore_errors: true
|
|
upgrade_tasks: []
|
|
post_upgrade_tasks:
|
|
- when: step|int == 1
|
|
import_role:
|
|
name: tripleo-docker-rm
|
|
vars:
|
|
containers_to_rm:
|
|
- ovn_controller
|