91e7a548cb
Simplify the config of the containerized services by bind mounting in the configurations instead of specifying them all in kolla config. This is change is useful to limit the side effects of generating the config files and running the container is two separate steps as config directories are now bind-mounted inside the container instead of having files being copied to the container. We've seen examples of Apache's mod_ssl configuration file present on the container preventing it to start when puppet configured apache not to load the ssl module (in case TLS is disabled). Co-Authored-By: Ian Main <imain@redhat.com> Change-Id: I4ec5dd8b360faea71a044894a61790997f54d48a
88 lines
2.9 KiB
YAML
88 lines
2.9 KiB
YAML
heat_template_version: ocata
|
|
|
|
description: >
|
|
OpenStack containerized swift proxy service
|
|
|
|
parameters:
|
|
DockerNamespace:
|
|
description: namespace
|
|
default: 'tripleoupstream'
|
|
type: string
|
|
DockerSwiftProxyImage:
|
|
description: image
|
|
default: 'centos-binary-swift-proxy-server:latest'
|
|
type: string
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
|
|
resources:
|
|
|
|
SwiftProxyBase:
|
|
type: ../../puppet/services/swift-proxy.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the swift proxy.
|
|
value:
|
|
service_name: {get_attr: [SwiftProxyBase, role_data, service_name]}
|
|
config_settings: {get_attr: [SwiftProxyBase, role_data, config_settings]}
|
|
step_config: &step_config
|
|
get_attr: [SwiftProxyBase, role_data, step_config]
|
|
service_config_settings: {get_attr: [SwiftProxyBase, role_data, service_config_settings]}
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
config_volume: swift
|
|
puppet_tags: swift_proxy_config
|
|
step_config: *step_config
|
|
config_image: &swift_proxy_image
|
|
list_join:
|
|
- '/'
|
|
- [ {get_param: DockerNamespace}, {get_param: DockerSwiftProxyImage} ]
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/swift_proxy.json:
|
|
command: /usr/bin/swift-proxy-server /etc/swift/proxy-server.conf
|
|
docker_config:
|
|
step_4:
|
|
swift_proxy:
|
|
image: *swift_proxy_image
|
|
net: host
|
|
user: swift
|
|
restart: always
|
|
volumes:
|
|
- /var/lib/kolla/config_files/swift_proxy.json:/var/lib/kolla/config_files/config.json:ro
|
|
# FIXME I'm mounting /etc/swift as rw. Are the rings written to
|
|
# at all during runtime?
|
|
- /var/lib/config-data/swift/etc/swift:/etc/swift:rw
|
|
- /etc/hosts:/etc/hosts:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /run:/run
|
|
- /srv/node:/srv/node
|
|
- /dev:/dev
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
host_prep_tasks:
|
|
- name: create /srv/node
|
|
file:
|
|
path: /srv/node
|
|
state: directory
|
|
upgrade_tasks:
|
|
- name: Stop and disable swift_proxy service
|
|
tags: step2
|
|
service: name=openstack-swift-proxy state=stopped enabled=no
|