56acca5078
Almost every single tripleo service creates a persistent directory. To
simplify the creation, a with_items structure was being used. In which
many times, the mode option was being set. However, that mode option
was not taken into account at the time of creating the file. As a
consequence, the directory was being created with its father directory
rights, instead of the ones being passed in the template.
Change-Id: I215db2bb79029c19ab8c62a7ae8d93cec50fb8dc
Closes-Bug: #1871231
(cherry picked from commit 94bc023390)
148 lines
5.3 KiB
YAML
148 lines
5.3 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
OpenStack containerized Mistral Engine service
|
|
|
|
parameters:
|
|
ContainerMistralEngineImage:
|
|
description: image
|
|
type: string
|
|
ContainerMistralConfigImage:
|
|
description: The container image to use for the mistral config_volume
|
|
type: string
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
MistralExecutionFieldSizeLimit:
|
|
default: 1024
|
|
description: The default maximum size in KB of large text fields of runtime
|
|
execution objects. Use -1 for no limit.
|
|
type: number
|
|
MistralEvaluationInterval:
|
|
default: 120
|
|
description: How often will the executions be evaluated
|
|
(in minutes). For example for value 120 the interval
|
|
will be 2 hours (every 2 hours).
|
|
type: number
|
|
MistralFinishedExecutionDuration:
|
|
default: 2880
|
|
description: Evaluate from which time remove executions in minutes.
|
|
For example when set to 60, remove all executions
|
|
that finished a 60 minutes ago or more.
|
|
Minimum value is 1.
|
|
Note that only final state execution will remove (SUCCESS/ERROR).
|
|
constraints:
|
|
- range: { min: 1 }
|
|
type: number
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ../containers-common.yaml
|
|
|
|
MySQLClient:
|
|
type: ../database/mysql-client.yaml
|
|
|
|
MistralBase:
|
|
type: ./mistral-base.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceData: {get_param: ServiceData}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Mistral Engine role.
|
|
value:
|
|
service_name: mistral_engine
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [MistralBase, role_data, config_settings]
|
|
- mistral::engine::execution_field_size_limit_kb: {get_param: MistralExecutionFieldSizeLimit}
|
|
mistral::engine::evaluation_interval: {get_param: MistralEvaluationInterval}
|
|
mistral::engine::older_than: {get_param: MistralFinishedExecutionDuration}
|
|
service_config_settings: {get_attr: [MistralBase, role_data, service_config_settings]}
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
config_volume: mistral
|
|
puppet_tags: mistral_config
|
|
step_config:
|
|
list_join:
|
|
- "\n"
|
|
- - include ::tripleo::profile::base::mistral::engine
|
|
- {get_attr: [MySQLClient, role_data, step_config]}
|
|
config_image: {get_param: ContainerMistralConfigImage}
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/mistral_engine.json:
|
|
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/engine.log --server=engine
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
permissions:
|
|
- path: /var/log/mistral
|
|
owner: mistral:mistral
|
|
recurse: true
|
|
docker_config:
|
|
step_4:
|
|
mistral_engine:
|
|
image: {get_param: ContainerMistralEngineImage}
|
|
net: host
|
|
privileged: false
|
|
restart: always
|
|
healthcheck: {get_attr: [ContainersCommon, healthcheck_rpc_port]}
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
-
|
|
- /run:/run
|
|
- /var/lib/kolla/config_files/mistral_engine.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/mistral:/var/lib/kolla/config_files/src:ro
|
|
- /var/log/containers/mistral:/var/log/mistral:z
|
|
- /var/lib/mistral:/var/lib/mistral:ro
|
|
- /usr/share/ansible/:/usr/share/ansible/:ro
|
|
- /usr/share/openstack-tripleo-validations:/usr/share/openstack-tripleo-validations:ro
|
|
environment:
|
|
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
|
host_prep_tasks:
|
|
- name: create persistent directories
|
|
file:
|
|
path: "{{ item.path }}"
|
|
state: directory
|
|
setype: "{{ item.setype }}"
|
|
mode: "{{ item.mode }}"
|
|
with_items:
|
|
- { 'path': /var/log/containers/mistral, 'setype': svirt_sandbox_file_t, 'mode': '0750' }
|
|
- name: enable virt_sandbox_use_netlink for healthcheck
|
|
seboolean:
|
|
name: virt_sandbox_use_netlink
|
|
persistent: yes
|
|
state: yes
|