openstack/tripleo-heat-templates
Code Issues Proposed changes
Files
56bec75c02b56bab79f35bc94c9110ee93eab82f
tripleo-heat-templates/docker/services/glance-api.yaml
Lukas Bezdicka 56bec75c02 Upgrades: Refactor playbooks to set facts 
To not to redefine variable multiple times in each service we
run check only once and we set fact. To increase readability of
generated playbook we add block per strep in services.

Change-Id: I2399a72709d240f84e3463c5c3b56942462d1e5c
2018-06-08 11:46:12 +02:00

329 lines
12 KiB
YAML
Raw Blame History

heat_template_version: rocky
description: >
OpenStack Glance service configured with Puppet
parameters:
DockerGlanceApiImage:
description: image
type: string
DockerGlanceApiConfigImage:
description: The container image to use for the glance_api config_volume
type: string
GlanceApiLoggingSource:
type: json
default:
tag: openstack.glance.api
path: /var/log/containers/glance/api.log
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EnableInternalTLS:
type: boolean
default: false
GlanceBackend:
default: swift
description: The short name of the Glance backend to use. Should be one
of swift, rbd, cinder, or file
type: string
constraints:
- allowed_values: ['swift', 'file', 'rbd', 'cinder']
GlanceNfsEnabled:
default: false
description: >
When using GlanceBackend 'file', mount NFS share for image storage.
type: boolean
GlanceNfsShare:
default: ''
description: >
NFS share to mount for image storage (when GlanceNfsEnabled is true)
type: string
GlanceNfsOptions:
default: '_netdev,bg,intr,context=system_u:object_r:glance_var_lib_t:s0'
description: >
NFS mount options for image storage (when GlanceNfsEnabled is true)
type: string
GlanceNetappNfsEnabled:
default: false
description: >
When using GlanceBackend 'file', Netapp mount NFS share for image storage.
type: boolean
NetappShareLocation:
default: ''
description: >
Netapp share to mount for image storage (when GlanceNetappNfsEnabled is true)
type: string
UpgradeRemoveUnusedPackages:
default: false
description: Remove package if the service is being disabled during upgrade
type: boolean
CephClientUserName:
default: openstack
type: string
CephClusterName:
type: string
default: ceph
description: The Ceph cluster name.
constraints:
- allowed_pattern: "[a-zA-Z0-9]+"
description: >
The Ceph cluster name must be at least 1 character and contain only
letters and numbers.
GlanceApiOptVolumes:
default: []
description: list of optional volumes to be mounted
type: comma_delimited_list
conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
nfs_backend_enabled: {equals: [{get_param: GlanceNfsEnabled}, true]}
netapp_nfs_backend_enabled: {equals: [{get_param: GlanceNetappNfsEnabled}, true]}
cinder_backend_enabled: {equals: [{get_param: GlanceBackend}, cinder]}
resources:
ContainersCommon:
type: ./containers-common.yaml
MySQLClient:
type: ../../puppet/services/database/mysql-client.yaml
GlanceApiPuppetBase:
type: ../../puppet/services/glance-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
GlanceLogging:
type: OS::TripleO::Services::Logging::GlanceApi
outputs:
role_data:
description: Role data for the Glance API role.
value:
service_name: {get_attr: [GlanceApiPuppetBase, role_data, service_name]}
config_settings:
map_merge:
- get_attr: [GlanceApiPuppetBase, role_data, config_settings]
- get_attr: [GlanceLogging, config_settings]
- glance::api::sync_db: false
- tripleo::glance::nfs_mount::edit_fstab: false
logging_source: {get_attr: [GlanceApiPuppetBase, role_data, logging_source]}
logging_groups: {get_attr: [GlanceApiPuppetBase, role_data, logging_groups]}
service_config_settings:
map_merge:
- get_attr: [GlanceApiPuppetBase, role_data, service_config_settings]
- fluentd:
tripleo_fluentd_groups_glance_api:
- glance
tripleo_fluentd_sources_glance_api:
- {get_param: GlanceApiLoggingSource}
# BEGIN DOCKER SETTINGS #
puppet_config:
config_volume: glance_api
puppet_tags: glance_api_config,glance_api_paste_ini,glance_swift_config,glance_cache_config
step_config:
list_join:
- "\n"
- - {get_attr: [GlanceApiPuppetBase, role_data, step_config]}
- {get_attr: [MySQLClient, role_data, step_config]}
config_image: {get_param: DockerGlanceApiConfigImage}
kolla_config:
/var/lib/kolla/config_files/glance_api.json:
command: /usr/bin/glance-api --config-file /usr/share/glance/glance-api-dist.conf --config-file /etc/glance/glance-api.conf
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-ceph/"
dest: "/etc/ceph/"
merge: true
preserve_properties: true
permissions:
- path: /var/lib/glance
owner: glance:glance
recurse: true
- path:
str_replace:
template: /etc/ceph/CLUSTER.client.USER.keyring
params:
CLUSTER: {get_param: CephClusterName}
USER: {get_param: CephClientUserName}
owner: glance:glance
perm: '0600'
/var/lib/kolla/config_files/glance_api_tls_proxy.json:
command: /usr/sbin/httpd -DFOREGROUND
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
docker_config:
step_2:
get_attr: [GlanceLogging, docker_config, step_2]
step_3:
glance_api_db_sync:
image: &glance_api_image {get_param: DockerGlanceApiImage}
net: host
privileged: false
detach: false
user: root
volumes: &glance_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- {get_attr: [GlanceLogging, volumes]}
- {get_param: GlanceApiOptVolumes}
-
- /var/lib/kolla/config_files/glance_api.json:/var/lib/kolla/config_files/config.json
- /var/lib/config-data/puppet-generated/glance_api/:/var/lib/kolla/config_files/src:ro
- /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /var/lib/glance:/var/lib/glance:slave
-
if:
- cinder_backend_enabled
- - /dev:/dev
- /etc/iscsi:/etc/iscsi
- []
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
command: "/usr/bin/bootstrap_host_exec glance_api su glance -s /bin/bash -c '/usr/local/bin/kolla_start'"
step_4:
map_merge:
- glance_api:
start_order: 2
image: *glance_api_image
net: host
privileged: {if: [cinder_backend_enabled, true, false]}
restart: always
healthcheck:
test: /openstack/healthcheck
volumes: *glance_volumes
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- if:
- internal_tls_enabled
- glance_api_tls_proxy:
start_order: 2
image: *glance_api_image
net: host
user: root
restart: always
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/glance_api_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/glance_api/:/var/lib/kolla/config_files/src:ro
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- {}
host_prep_tasks:
list_concat:
- {get_attr: [GlanceLogging, host_prep_tasks]}
- {get_attr: [GlanceApiPuppetBase, role_data, host_prep_tasks]}
- - name: Mount NFS on host
vars:
nfs_backend_enable: {get_param: GlanceNfsEnabled}
mount: name=/var/lib/glance/images src="{{item.NFS_SHARE}}" fstype=nfs4 opts="{{item.NFS_OPTIONS}}" state=mounted
with_items:
- NFS_SHARE: {get_param: GlanceNfsShare}
NFS_OPTIONS: {get_param: GlanceNfsOptions}
when:
- nfs_backend_enable
- name: ensure ceph configurations exist
file:
path: /etc/ceph
state: directory
upgrade_tasks:
- when: step|int == 0
tags: common
block:
- name: Check if glance_api is deployed
command: systemctl is-enabled --quiet openstack-glance-api
ignore_errors: True
register: glance_api_enabled_result
- name: Set fact glance_api_enabled
set_fact:
glance_api_enabled: "{{ glance_api_enabled_result.rc == 0 }}"
- name: "PreUpgrade step0,validation: Check service openstack-glance-api is running"
command: systemctl is-active --quiet openstack-glance-api
tags: validation
when: glance_api_enabled|bool
- when: step|int == 2
block:
- name: Stop and disable glance_api service
when: glance_api_enabled|bool
service: name=openstack-glance-api state=stopped enabled=no
- name: Set fact for removal of openstack-glance package
set_fact:
remove_glance_package: {get_param: UpgradeRemoveUnusedPackages}
- name: Remove openstack-glance package if operator requests it
yum: name=openstack-glance state=removed
ignore_errors: True
when: remove_glance_package|bool
metadata_settings:
get_attr: [GlanceApiPuppetBase, role_data, metadata_settings]
fast_forward_upgrade_tasks:
- name: Check if glance_api is deployed
command: systemctl is-enabled --quiet openstack-glance-api
ignore_errors: True
register: glance_api_enabled_result
when:
- step|int == 0
- release == 'ocata'
- name: Set fact glance_api_enabled
set_fact:
glance_api_enabled: "{{ glance_api_enabled_result.rc == 0 }}"
when:
- step|int == 0
- release == 'ocata'
- name: Stop openstack-glance-api
service: name=openstack-glance-api state=stopped enabled=no
when:
- step|int == 1
- release == 'ocata'
- glance_api_enabled|bool
- name: glance package update
yum: name=openstack-glance state=latest
when:
- step|int == 6
- is_bootstrap_node|bool
- name: glance db sync
command: glance-manage db_sync
when:
- step|int == 8
- is_bootstrap_node|bool
View Git Blame Copy Permalink