56bec75c02
To not to redefine variable multiple times in each service we run check only once and we set fact. To increase readability of generated playbook we add block per strep in services. Change-Id: I2399a72709d240f84e3463c5c3b56942462d1e5c
403 lines
16 KiB
YAML
403 lines
16 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
OpenStack containerized Cinder Volume service
|
|
|
|
parameters:
|
|
DockerCinderVolumeImage:
|
|
description: image
|
|
type: string
|
|
DockerCinderConfigImage:
|
|
description: The container image to use for the cinder config_volume
|
|
type: string
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
# custom parameters for the Cinder volume role
|
|
CinderEnableIscsiBackend:
|
|
default: true
|
|
description: Whether to enable or not the Iscsi backend for Cinder
|
|
type: boolean
|
|
CinderLVMLoopDeviceSize:
|
|
default: 10280
|
|
description: The size of the loopback file used by the cinder LVM driver.
|
|
type: number
|
|
ConfigDebug:
|
|
default: false
|
|
description: Whether to run config management (e.g. Puppet) in debug mode.
|
|
type: boolean
|
|
|
|
conditions:
|
|
puppet_debug_enabled: {get_param: ConfigDebug}
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ../containers-common.yaml
|
|
|
|
MySQLClient:
|
|
type: ../../../puppet/services/database/mysql-client.yaml
|
|
|
|
CinderBase:
|
|
type: ../../../puppet/services/cinder-volume.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceData: {get_param: ServiceData}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
CinderCommon:
|
|
type: ../cinder-common.yaml
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Cinder Volume role.
|
|
value:
|
|
service_name: {get_attr: [CinderBase, role_data, service_name]}
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [CinderBase, role_data, config_settings]
|
|
- tripleo::profile::base::lvm::enable_udev: false
|
|
tripleo::profile::pacemaker::cinder::volume_bundle::cinder_volume_docker_image: &cinder_volume_image_pcmklatest
|
|
list_join:
|
|
- ':'
|
|
- - yaql:
|
|
data: {get_param: DockerCinderVolumeImage}
|
|
expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
|
|
- 'pcmklatest'
|
|
tripleo::profile::pacemaker::cinder::volume_bundle::docker_volumes: {get_attr: [CinderCommon, cinder_volume_volumes]}
|
|
tripleo::profile::pacemaker::cinder::volume_bundle::docker_environment: {get_attr: [CinderCommon, cinder_volume_environment]}
|
|
cinder::volume::manage_service: false
|
|
cinder::volume::enabled: false
|
|
cinder::backend_host: hostgroup
|
|
logging_source: {get_attr: [CinderBase, role_data, logging_source]}
|
|
logging_groups: {get_attr: [CinderBase, role_data, logging_groups]}
|
|
service_config_settings: {get_attr: [CinderBase, role_data, service_config_settings]}
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
config_volume: cinder
|
|
puppet_tags: cinder_config,file,concat,file_line
|
|
step_config:
|
|
list_join:
|
|
- "\n"
|
|
- - "include ::tripleo::profile::base::lvm"
|
|
- get_attr: [CinderBase, role_data, step_config]
|
|
- get_attr: [MySQLClient, role_data, step_config]
|
|
config_image: {get_param: DockerCinderConfigImage}
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/cinder_volume.json:
|
|
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
- source: "/var/lib/kolla/config_files/src-ceph/"
|
|
dest: "/etc/ceph/"
|
|
merge: true
|
|
preserve_properties: true
|
|
- source: "/var/lib/kolla/config_files/src-iscsid/*"
|
|
dest: "/etc/iscsi/"
|
|
merge: true
|
|
preserve_properties: true
|
|
permissions:
|
|
- path: /var/log/cinder
|
|
owner: cinder:cinder
|
|
recurse: true
|
|
docker_config_scripts: {get_attr: [ContainersCommon, docker_config_scripts]}
|
|
docker_config:
|
|
step_1:
|
|
cinder_volume_image_tag:
|
|
start_order: 1
|
|
detach: false
|
|
net: host
|
|
user: root
|
|
command:
|
|
- '/bin/bash'
|
|
- '-c'
|
|
- str_replace:
|
|
template:
|
|
"/usr/bin/docker tag 'CINDERVOLUME_IMAGE' 'CINDERVOLUME_IMAGE_PCMKLATEST'"
|
|
params:
|
|
CINDERVOLUME_IMAGE: {get_param: DockerCinderVolumeImage}
|
|
CINDERVOLUME_IMAGE_PCMKLATEST: *cinder_volume_image_pcmklatest
|
|
image: {get_param: DockerCinderVolumeImage}
|
|
volumes:
|
|
- /etc/hosts:/etc/hosts:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /dev/shm:/dev/shm:rw
|
|
- /etc/sysconfig/docker:/etc/sysconfig/docker:ro
|
|
- /usr/bin:/usr/bin:ro
|
|
- /var/run/docker.sock:/var/run/docker.sock:rw
|
|
step_3:
|
|
cinder_volume_init_logs:
|
|
start_order: 0
|
|
image: {get_param: DockerCinderVolumeImage}
|
|
privileged: false
|
|
user: root
|
|
volumes:
|
|
- /var/log/containers/cinder:/var/log/cinder
|
|
command: ['/bin/bash', '-c', 'chown -R cinder:cinder /var/log/cinder']
|
|
step_5:
|
|
cinder_volume_init_bundle:
|
|
start_order: 0
|
|
detach: false
|
|
net: host
|
|
user: root
|
|
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
|
|
list_concat:
|
|
- - '/docker_puppet_apply.sh'
|
|
- '5'
|
|
- 'file,file_line,concat,augeas,pacemaker::resource::bundle,pacemaker::property,pacemaker::constraint::location'
|
|
- 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::cinder::volume_bundle'
|
|
- if:
|
|
- puppet_debug_enabled
|
|
- - '--debug --verbose'
|
|
- - ''
|
|
image: {get_param: DockerCinderVolumeImage}
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
|
|
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
|
|
- /dev/shm:/dev/shm:rw
|
|
host_prep_tasks:
|
|
- name: create persistent directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
with_items:
|
|
- /var/log/containers/cinder
|
|
- /var/lib/cinder
|
|
- name: cinder logs readme
|
|
copy:
|
|
dest: /var/log/cinder/readme.txt
|
|
content: |
|
|
Log files from cinder containers can be found under
|
|
/var/log/containers/cinder and /var/log/containers/httpd/cinder-api.
|
|
ignore_errors: true
|
|
- name: ensure ceph configurations exist
|
|
file:
|
|
path: /etc/ceph
|
|
state: directory
|
|
- name: cinder_enable_iscsi_backend fact
|
|
set_fact:
|
|
cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
|
|
- name: cinder create LVM volume group dd
|
|
command:
|
|
list_join:
|
|
- ''
|
|
- - 'dd if=/dev/zero of=/var/lib/cinder/cinder-volumes bs=1 count=0 seek='
|
|
- str_replace:
|
|
template: VALUE
|
|
params:
|
|
VALUE: {get_param: CinderLVMLoopDeviceSize}
|
|
- 'M'
|
|
args:
|
|
creates: /var/lib/cinder/cinder-volumes
|
|
when: cinder_enable_iscsi_backend
|
|
- name: cinder create LVM volume group
|
|
shell: |
|
|
if ! losetup /dev/loop2; then
|
|
losetup /dev/loop2 /var/lib/cinder/cinder-volumes
|
|
fi
|
|
if ! pvdisplay | grep cinder-volumes; then
|
|
pvcreate /dev/loop2
|
|
fi
|
|
if ! vgdisplay | grep cinder-volumes; then
|
|
vgcreate cinder-volumes /dev/loop2
|
|
fi
|
|
args:
|
|
executable: /bin/bash
|
|
creates: /dev/loop2
|
|
when: cinder_enable_iscsi_backend
|
|
update_tasks:
|
|
- name: Cinder-Volume fetch and retag container image for pacemaker
|
|
when: step|int == 2
|
|
block: &cinder_volume_fetch_retag_container_tasks
|
|
- name: Get docker Cinder-Volume image
|
|
set_fact:
|
|
docker_image: {get_param: DockerCinderVolumeImage}
|
|
docker_image_latest: *cinder_volume_image_pcmklatest
|
|
- name: Get previous Cinder-Volume image id
|
|
shell: "docker images | awk '/cinder-volume.* pcmklatest/{print $3}' | uniq"
|
|
register: cinder_volume_image_id
|
|
- block:
|
|
- name: Get a list of container using Cinder-Volume image
|
|
shell: "docker ps -a -q -f 'ancestor={{cinder_volume_image_id.stdout}}'"
|
|
register: cinder_volume_containers_to_destroy
|
|
# It will be recreated with the delpoy step.
|
|
- name: Remove any container using the same Cinder-Volume image
|
|
shell: "docker rm -fv {{item}}"
|
|
with_items: "{{ cinder_volume_containers_to_destroy.stdout_lines }}"
|
|
- name: Remove previous Cinder-Volume images
|
|
shell: "docker rmi -f {{cinder_volume_image_id.stdout}}"
|
|
when:
|
|
- cinder_volume_image_id.stdout != ''
|
|
- name: Pull latest Cinder-Volume images
|
|
command: "docker pull {{docker_image}}"
|
|
- name: Retag pcmklatest to latest Cinder-Volume image
|
|
shell: "docker tag {{docker_image}} {{docker_image_latest}}"
|
|
# Got to check that pacemaker_is_active is working fine with bundle.
|
|
# TODO: pacemaker_is_active resource doesn't support bundle.
|
|
upgrade_tasks:
|
|
- when: step|int == 0
|
|
tags: common
|
|
block:
|
|
- name: Get docker Cinder-Volume image
|
|
set_fact:
|
|
cinder_volume_docker_image_latest: *cinder_volume_image_pcmklatest
|
|
- name: Check for Cinder-Volume Kolla configuration
|
|
command: grep '^volume_driver[ \t]*=' /var/lib/config-data/puppet-generated/cinder/etc/cinder/cinder.conf
|
|
changed_when: no
|
|
ignore_errors: true
|
|
register: cinder_volume_kolla_config
|
|
- name: Check if Cinder-Volume is already containerized
|
|
set_fact:
|
|
cinder_volume_containerized: "{{cinder_volume_kolla_config|succeeded}}"
|
|
- name: Prepare the switch to new cinder_volume container image name in pacemaker
|
|
when: cinder_volume_containerized|bool
|
|
block:
|
|
- name: Get cinder_volume image id currently used by pacemaker
|
|
shell: "docker images | awk '/cinder-volume.* pcmklatest/{print $3}' | uniq"
|
|
register: cinder_volume_current_pcmklatest_id
|
|
- name: Temporarily tag the current cinder_volume image id with the upgraded image name
|
|
shell: "docker tag {{cinder_volume_current_pcmklatest_id.stdout}} {{cinder_volume_docker_image_latest}}"
|
|
when: cinder_volume_current_pcmklatest_id.stdout != ''
|
|
- name: Check openstack-cinder-volume cluster resource status
|
|
pacemaker_resource:
|
|
resource: openstack-cinder-volume
|
|
state: show
|
|
check_mode: false
|
|
ignore_errors: true
|
|
register: cinder_volume_pcs_res_result
|
|
- name: Set fact cinder_volume_pcs_res
|
|
set_fact:
|
|
cinder_volume_pcs_res: "{{cinder_volume_pcs_res_result|succeeded}}"
|
|
- name: Cinder-Volume baremetal to container upgrade tasks
|
|
when:
|
|
- step|int == 1
|
|
- not cinder_volume_containerized|bool
|
|
block:
|
|
- name: get bootstrap nodeid
|
|
tags: common
|
|
command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
|
|
register: bootstrap_node
|
|
- name: set is_bootstrap_node fact
|
|
tags: common
|
|
set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
|
|
- name: Check cluster resource status
|
|
pacemaker_resource:
|
|
resource: openstack-cinder-volume
|
|
state: show
|
|
check_mode: false
|
|
ignore_errors: true
|
|
register: cinder_volume_res
|
|
- when: (is_bootstrap_node) and (cinder_volume_res|succeeded)
|
|
block:
|
|
- name: Disable the openstack-cinder-volume cluster resource
|
|
pacemaker_resource:
|
|
resource: openstack-cinder-volume
|
|
state: disable
|
|
wait_for_resource: true
|
|
register: output
|
|
retries: 5
|
|
until: output.rc == 0
|
|
- name: Delete the stopped openstack-cinder-volume cluster resource.
|
|
pacemaker_resource:
|
|
resource: openstack-cinder-volume
|
|
state: delete
|
|
wait_for_resource: true
|
|
register: output
|
|
retries: 5
|
|
until: output.rc == 0
|
|
- name: Disable cinder_volume service from boot
|
|
service: name=openstack-cinder-volume enabled=no
|
|
- name: Update cinder_volume pcs resource bundle for new container image
|
|
when:
|
|
- step|int == 1
|
|
- cinder_volume_containerized|bool
|
|
- is_bootstrap_node
|
|
- cinder_volume_pcs_res|bool
|
|
block:
|
|
- name: Disable the cinder_volume cluster resource before container upgrade
|
|
pacemaker_resource:
|
|
resource: openstack-cinder-volume
|
|
state: disable
|
|
wait_for_resource: true
|
|
register: output
|
|
retries: 5
|
|
until: output.rc == 0
|
|
- name: pcs resource bundle update cinder_volume for new container image name
|
|
command: "pcs resource bundle update openstack-cinder-volume container image={{cinder_volume_docker_image_latest}}"
|
|
- name: Enable the cinder_volume cluster resource
|
|
when:
|
|
pacemaker_resource:
|
|
resource: openstack-cinder-volume
|
|
state: enable
|
|
wait_for_resource: true
|
|
register: output
|
|
retries: 5
|
|
until: output.rc == 0
|
|
- name: Retag the pacemaker image if containerized
|
|
when:
|
|
- step|int == 3
|
|
- cinder_volume_containerized|bool
|
|
block: *cinder_volume_fetch_retag_container_tasks
|
|
fast_forward_upgrade_tasks:
|
|
- name: Check cluster resource status
|
|
pacemaker_resource:
|
|
resource: openstack-cinder-volume
|
|
state: show
|
|
check_mode: false
|
|
ignore_errors: true
|
|
register: cinder_volume_res_result
|
|
when:
|
|
- step|int == 0
|
|
- release == 'ocata'
|
|
- is_bootstrap_node|bool
|
|
- name: Set fact cinder_volume_res
|
|
set_fact:
|
|
cinder_volume_res: "{{ cinder_volume_res_result.rc == 0 }}"
|
|
when:
|
|
- step|int == 0
|
|
- release == 'ocata'
|
|
- is_bootstrap_node|bool
|
|
- name: Disable the openstack-cinder-volume cluster resource
|
|
pacemaker_resource:
|
|
resource: openstack-cinder-volume
|
|
state: disable
|
|
wait_for_resource: true
|
|
register: cinder_volume_output
|
|
retries: 5
|
|
until: cinder_volume_output.rc == 0
|
|
when:
|
|
- step|int == 2
|
|
- release == 'ocata'
|
|
- is_bootstrap_node|bool
|
|
- cinder_volume_res|bool
|