Heat templates for deploying OpenStack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

cinder-volume-container-puppet.yaml 14KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361
  1. heat_template_version: rocky
  2. description: >
  3. OpenStack containerized Cinder Volume service
  4. parameters:
  5. ContainerCinderVolumeImage:
  6. description: image
  7. type: string
  8. ContainerCinderConfigImage:
  9. description: The container image to use for the cinder config_volume
  10. type: string
  11. DockerCinderVolumeUlimit:
  12. default: ['nofile=131072']
  13. description: ulimit for Cinder Volume Container
  14. type: comma_delimited_list
  15. CinderVolumeLoggingSource:
  16. type: json
  17. default:
  18. tag: openstack.cinder.volume
  19. file: /var/log/containers/cinder/cinder-volume.log
  20. EndpointMap:
  21. default: {}
  22. description: Mapping of service endpoint -> protocol. Typically set
  23. via parameter_defaults in the resource registry.
  24. type: json
  25. ServiceData:
  26. default: {}
  27. description: Dictionary packing service data
  28. type: json
  29. ServiceNetMap:
  30. default: {}
  31. description: Mapping of service_name -> network name. Typically set
  32. via parameter_defaults in the resource registry. This
  33. mapping overrides those in ServiceNetMapDefaults.
  34. type: json
  35. DefaultPasswords:
  36. default: {}
  37. type: json
  38. RoleName:
  39. default: ''
  40. description: Role name on which the service is applied
  41. type: string
  42. RoleParameters:
  43. default: {}
  44. description: Parameters specific to the role
  45. type: json
  46. CephClientUserName:
  47. default: openstack
  48. type: string
  49. CephClusterName:
  50. type: string
  51. default: ceph
  52. description: The Ceph cluster name.
  53. constraints:
  54. - allowed_pattern: "[a-zA-Z0-9]+"
  55. description: >
  56. The Ceph cluster name must be at least 1 character and contain only
  57. letters and numbers.
  58. CinderVolumeCluster:
  59. default: ''
  60. description: >
  61. The cluster name used for deploying the cinder-volume service in an
  62. active-active (A/A) configuration. This configuration requires the
  63. Cinder backend drivers support A/A, and the cinder-volume service not
  64. be managed by pacemaker. If these criteria are not met then the cluster
  65. name must be left blank.
  66. type: string
  67. CinderEnableNfsBackend:
  68. default: false
  69. description: Whether to enable or not the NFS backend for Cinder
  70. type: boolean
  71. CinderEnableIscsiBackend:
  72. default: true
  73. description: Whether to enable or not the Iscsi backend for Cinder
  74. type: boolean
  75. CinderEnableRbdBackend:
  76. default: false
  77. description: Whether to enable or not the Rbd backend for Cinder
  78. type: boolean
  79. CinderISCSIAvailabilityZone:
  80. default: ''
  81. description: >
  82. The availability zone of the Iscsi Cinder backend.
  83. When set, it overrides the default CinderStorageAvailabilityZone.
  84. type: string
  85. CinderISCSIHelper:
  86. default: lioadm
  87. description: The iSCSI helper to use with cinder.
  88. type: string
  89. CinderISCSIProtocol:
  90. default: iscsi
  91. description: Whether to use TCP ('iscsi') or iSER RDMA ('iser') for iSCSI
  92. type: string
  93. CinderLVMLoopDeviceSize:
  94. default: 10280
  95. description: The size of the loopback file used by the cinder LVM driver.
  96. type: number
  97. CinderNfsAvailabilityZone:
  98. default: ''
  99. description: >
  100. The availability zone of the NFS Cinder backend.
  101. When set, it overrides the default CinderStorageAvailabilityZone.
  102. type: string
  103. CinderNfsMountOptions:
  104. default: ''
  105. description: >
  106. Mount options for NFS mounts used by Cinder NFS backend. Effective
  107. when CinderEnableNfsBackend is true.
  108. type: string
  109. CinderNfsServers:
  110. default: ''
  111. description: >
  112. NFS servers used by Cinder NFS backend. Effective when
  113. CinderEnableNfsBackend is true.
  114. type: comma_delimited_list
  115. CinderNfsSnapshotSupport:
  116. default: true
  117. description: >
  118. Whether to enable support for snapshots in the NFS driver. Effective
  119. when CinderEnableNfsBackend is true.
  120. type: boolean
  121. CinderNasSecureFileOperations:
  122. default: false
  123. description: >
  124. Controls whether security enhanced NFS file operations are enabled.
  125. Valid values are 'auto', 'true' or 'false'. Effective when
  126. CinderEnableNfsBackend is true.
  127. type: string
  128. CinderNasSecureFilePermissions:
  129. default: false
  130. description: >
  131. Controls whether security enhanced NFS file permissions are enabled.
  132. Valid values are 'auto', 'true' or 'false'. Effective when
  133. CinderEnableNfsBackend is true.
  134. type: string
  135. CinderRbdAvailabilityZone:
  136. default: ''
  137. description: >
  138. The availability zone of the RBD Cinder backend.
  139. When set, it overrides the default CinderStorageAvailabilityZone.
  140. type: string
  141. CinderRbdPoolName:
  142. default: volumes
  143. type: string
  144. CinderRbdExtraPools:
  145. default: []
  146. description: >
  147. List of extra Ceph pools for use with RBD backends for Cinder. An
  148. extra Cinder RBD backend driver is created for each pool in the
  149. list. This is in addition to the standard RBD backend driver
  150. associated with the CinderRbdPoolName.
  151. type: comma_delimited_list
  152. CinderRbdFlattenVolumeFromSnapshot:
  153. default: false
  154. description: >
  155. Whether RBD volumes created from a snapshot should be flattened
  156. in order to remove a dependency on the snapshot.
  157. type: boolean
  158. CephClusterFSID:
  159. type: string
  160. description: The Ceph cluster FSID. Must be a UUID.
  161. MonitoringSubscriptionCinderVolume:
  162. default: 'overcloud-cinder-volume'
  163. type: string
  164. CinderEtcdLocalConnect:
  165. default: false
  166. type: boolean
  167. description: When running Cinder A/A, whether to connect to Etcd
  168. via the local IP for the Etcd network. If set to true, the ip
  169. on the local node will be used. If set to false, the VIP on the Etcd
  170. network will be used instead. Defaults to false.
  171. resources:
  172. ContainersCommon:
  173. type: ../containers-common.yaml
  174. MySQLClient:
  175. type: ../database/mysql-client.yaml
  176. CinderBase:
  177. type: ./cinder-base.yaml
  178. properties:
  179. EndpointMap: {get_param: EndpointMap}
  180. ServiceData: {get_param: ServiceData}
  181. ServiceNetMap: {get_param: ServiceNetMap}
  182. DefaultPasswords: {get_param: DefaultPasswords}
  183. RoleName: {get_param: RoleName}
  184. RoleParameters: {get_param: RoleParameters}
  185. CinderCommon:
  186. type: ./cinder-common-container-puppet.yaml
  187. outputs:
  188. role_data:
  189. description: Role data for the Cinder Volume role.
  190. value:
  191. service_name: cinder_volume
  192. monitoring_subscription: {get_param: MonitoringSubscriptionCinderVolume}
  193. config_settings:
  194. map_merge:
  195. - get_attr: [CinderBase, role_data, config_settings]
  196. - tripleo::profile::base::lvm::enable_udev: false
  197. - tripleo::profile::base::cinder::volume::cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
  198. tripleo::profile::base::cinder::volume::cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
  199. tripleo::profile::base::cinder::volume::cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
  200. tripleo::profile::base::cinder::volume::cinder_volume_cluster: {get_param: CinderVolumeCluster}
  201. tripleo::profile::base::cinder::volume::nfs::cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
  202. tripleo::profile::base::cinder::volume::nfs::cinder_nfs_servers: {get_param: CinderNfsServers}
  203. tripleo::profile::base::cinder::volume::nfs::cinder_nfs_snapshot_support: {get_param: CinderNfsSnapshotSupport}
  204. tripleo::profile::base::cinder::volume::nfs::cinder_nas_secure_file_operations: {get_param: CinderNasSecureFileOperations}
  205. tripleo::profile::base::cinder::volume::nfs::cinder_nas_secure_file_permissions: {get_param: CinderNasSecureFilePermissions}
  206. tripleo::profile::base::cinder::volume::iscsi::cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
  207. tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_helper: {get_param: CinderISCSIHelper}
  208. tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_protocol: {get_param: CinderISCSIProtocol}
  209. tripleo::profile::base::cinder::volume::rbd::cinder_rbd_ceph_conf:
  210. list_join:
  211. - ''
  212. - - '/etc/ceph/'
  213. - {get_param: CephClusterName}
  214. - '.conf'
  215. tripleo::profile::base::cinder::volume::rbd::cinder_rbd_pool_name: {get_param: CinderRbdPoolName}
  216. tripleo::profile::base::cinder::volume::rbd::cinder_rbd_extra_pools: {get_param: CinderRbdExtraPools}
  217. tripleo::profile::base::cinder::volume::rbd::cinder_rbd_secret_uuid: {get_param: CephClusterFSID}
  218. tripleo::profile::base::cinder::volume::rbd::cinder_rbd_user_name: {get_param: CephClientUserName}
  219. tripleo::profile::base::cinder::volume::rbd::cinder_rbd_flatten_volume_from_snapshot: {get_param: CinderRbdFlattenVolumeFromSnapshot}
  220. tripleo::cinder_volume::firewall_rules:
  221. '120 iscsi initiator':
  222. dport: 3260
  223. # NOTE: bind IP is found in hiera replacing the network name with the local node IP
  224. # for the given network; replacement examples (eg. for internal_api):
  225. # internal_api -> IP
  226. # internal_api_uri -> [IP]
  227. # internal_api_subnet - > IP/CIDR
  228. tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address:
  229. str_replace:
  230. template:
  231. "%{hiera('$NETWORK')}"
  232. params:
  233. $NETWORK: {get_param: [ServiceNetMap, CinderIscsiNetwork]}
  234. -
  235. if:
  236. - {equals : [{get_param: CinderISCSIAvailabilityZone}, '']}
  237. - {}
  238. - tripleo::profile::base::cinder::volume::iscsi::backend_availability_zone: {get_param: CinderISCSIAvailabilityZone}
  239. -
  240. if:
  241. - {equals : [{get_param: CinderNfsAvailabilityZone}, '']}
  242. - {}
  243. - tripleo::profile::base::cinder::volume::nfs::backend_availability_zone: {get_param: CinderNfsAvailabilityZone}
  244. -
  245. if:
  246. - {equals : [{get_param: CinderRbdAvailabilityZone}, '']}
  247. - {}
  248. - tripleo::profile::base::cinder::volume::rbd::backend_availability_zone: {get_param: CinderRbdAvailabilityZone}
  249. -
  250. if:
  251. - {equals : [{get_param: CinderEtcdLocalConnect}, true]}
  252. - tripleo::profile::base::cinder::volume::etcd_host:
  253. str_replace:
  254. template:
  255. "%{hiera('$NETWORK')}"
  256. params:
  257. $NETWORK: {get_param: [ServiceNetMap, EtcdNetwork]}
  258. - {}
  259. service_config_settings:
  260. map_merge:
  261. - get_attr: [CinderBase, role_data, service_config_settings]
  262. - rsyslog:
  263. tripleo_logging_sources_cinder_volume:
  264. - {get_param: CinderVolumeLoggingSource}
  265. # BEGIN DOCKER SETTINGS
  266. puppet_config:
  267. config_volume: cinder
  268. puppet_tags: cinder_config,file,concat,file_line
  269. step_config:
  270. list_join:
  271. - "\n"
  272. - - "include ::tripleo::profile::base::lvm"
  273. - "include ::tripleo::profile::base::cinder::volume"
  274. - get_attr: [MySQLClient, role_data, step_config]
  275. config_image: {get_param: ContainerCinderConfigImage}
  276. kolla_config:
  277. /var/lib/kolla/config_files/cinder_volume.json:
  278. command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
  279. config_files:
  280. - source: "/var/lib/kolla/config_files/src/*"
  281. dest: "/"
  282. merge: true
  283. preserve_properties: true
  284. - source: "/var/lib/kolla/config_files/src-ceph/"
  285. dest: "/etc/ceph/"
  286. merge: true
  287. preserve_properties: true
  288. - source: "/var/lib/kolla/config_files/src-iscsid/*"
  289. dest: "/etc/iscsi/"
  290. merge: true
  291. preserve_properties: true
  292. permissions:
  293. - path: /var/log/cinder
  294. owner: cinder:cinder
  295. recurse: true
  296. - path:
  297. str_replace:
  298. template: /etc/ceph/CLUSTER.client.USER.keyring
  299. params:
  300. CLUSTER: {get_param: CephClusterName}
  301. USER: {get_param: CephClientUserName}
  302. owner: cinder:cinder
  303. perm: '0600'
  304. docker_config:
  305. step_3:
  306. cinder_volume_init_logs:
  307. start_order: 0
  308. image: &cinder_volume_image {get_param: ContainerCinderVolumeImage}
  309. net: none
  310. privileged: false
  311. user: root
  312. volumes:
  313. - /var/log/containers/cinder:/var/log/cinder:z
  314. command: ['/bin/bash', '-c', 'chown -R cinder:cinder /var/log/cinder']
  315. step_4:
  316. cinder_volume:
  317. image: *cinder_volume_image
  318. ulimit: {get_param: DockerCinderVolumeUlimit}
  319. ipc: host
  320. net: host
  321. privileged: true
  322. restart: always
  323. healthcheck: {get_attr: [ContainersCommon, healthcheck_rpc_port]}
  324. volumes: {get_attr: [CinderCommon, cinder_volume_volumes]}
  325. environment: {get_attr: [CinderCommon, cinder_volume_environment]}
  326. host_prep_tasks: {get_attr: [CinderCommon, cinder_volume_host_prep_tasks]}
  327. post_upgrade_tasks:
  328. - when: step|int == 1
  329. import_role:
  330. name: tripleo-docker-rm
  331. vars:
  332. containers_to_rm:
  333. - cinder_volume
  334. tripleo_container_cli: "docker"
  335. fast_forward_upgrade_tasks:
  336. - when:
  337. - step|int == 0
  338. - release == 'ocata'
  339. block:
  340. - name: Check if cinder_volume is deployed
  341. command: systemctl is-enabled --quiet openstack-cinder-volume
  342. ignore_errors: True
  343. register: cinder_volume_enabled_result
  344. - name: Set fact cinder_volume_enabled
  345. set_fact:
  346. cinder_volume_enabled: "{{ cinder_volume_enabled_result.rc == 0 }}"
  347. - name: Stop openstack-cinder-volume
  348. service: name=openstack-cinder-volume state=stopped enabled=no
  349. when:
  350. - step|int == 1
  351. - release == 'ocata'
  352. - cinder_volume_enabled|bool