c54c6222d8
In the baremetal deployment, we used to ensure that neutron-server was started prior to starting up the various agents. In the containerized deployment we need to ensure that we launch the agents after the server has been started. We can do this by configuring a start_order for each of the services. It should be noted that the ovs agent was actually configured to start in step5 on baremetal due to previous race conditions under HA deployments. This change leaves it in step4 but configures the start_order to be after the neutron-api service. Change-Id: I3794400ef5c8ae620961914831ff85e3438b0399 Closes-Bug: #1734976 Related-Bug: #1663273
192 lines
7.4 KiB
YAML
192 lines
7.4 KiB
YAML
heat_template_version: queens
|
|
|
|
description: >
|
|
OpenStack containerized Neutron API service
|
|
|
|
parameters:
|
|
DockerNeutronApiImage:
|
|
description: image
|
|
type: string
|
|
DockerNeutronConfigImage:
|
|
description: The container image to use for the neutron config_volume
|
|
type: string
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EnableInternalTLS:
|
|
type: boolean
|
|
default: false
|
|
UpgradeRemoveUnusedPackages:
|
|
default: false
|
|
description: Remove package if the service is being disabled during upgrade
|
|
type: boolean
|
|
|
|
conditions:
|
|
|
|
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ./containers-common.yaml
|
|
|
|
MySQLClient:
|
|
type: ../../puppet/services/database/mysql-client.yaml
|
|
|
|
NeutronBase:
|
|
type: ../../puppet/services/neutron-api.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceData: {get_param: ServiceData}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
NeutronLogging:
|
|
type: OS::TripleO::Services::Logging::NeutronApi
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Neutron API role.
|
|
value:
|
|
service_name: {get_attr: [NeutronBase, role_data, service_name]}
|
|
logging_source: {get_attr: [NeutronBase, role_data, logging_source]}
|
|
logging_groups: {get_attr: [NeutronBase, role_data, logging_groups]}
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [NeutronBase, role_data, config_settings]
|
|
- get_attr: [NeutronLogging, config_settings]
|
|
service_config_settings: {get_attr: [NeutronBase, role_data, service_config_settings]}
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
config_volume: neutron
|
|
puppet_tags: neutron_config,neutron_api_config
|
|
step_config:
|
|
list_join:
|
|
- "\n"
|
|
- - {get_attr: [NeutronBase, role_data, step_config]}
|
|
- {get_attr: [MySQLClient, role_data, step_config]}
|
|
config_image: {get_param: DockerNeutronConfigImage}
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/neutron_api.json:
|
|
command: /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-server
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
permissions:
|
|
- path: /var/log/neutron
|
|
owner: neutron:neutron
|
|
recurse: true
|
|
/var/lib/kolla/config_files/neutron_server_tls_proxy.json:
|
|
command: /usr/sbin/httpd -DFOREGROUND
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
docker_config:
|
|
step_2:
|
|
get_attr: [NeutronLogging, docker_config, step_2]
|
|
step_3:
|
|
neutron_db_sync:
|
|
image: &neutron_api_image {get_param: DockerNeutronApiImage}
|
|
net: host
|
|
privileged: false
|
|
detach: false
|
|
user: root
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
- {get_attr: [NeutronLogging, volumes]}
|
|
-
|
|
- /var/lib/config-data/neutron/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
|
|
- /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro
|
|
- /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro
|
|
command: ['/usr/bin/bootstrap_host_exec', 'neutron_api', 'neutron-db-manage', 'upgrade', 'heads']
|
|
# FIXME: we should make config file permissions right
|
|
# and run as neutron user
|
|
#command: "/usr/bin/bootstrap_host_exec neutron_api su neutron -s /bin/bash -c 'neutron-db-manage upgrade heads'"
|
|
step_4:
|
|
map_merge:
|
|
- neutron_api:
|
|
start_order: 0
|
|
image: *neutron_api_image
|
|
net: host
|
|
privileged: false
|
|
restart: always
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
- {get_attr: [NeutronLogging, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/neutron_api.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
- if:
|
|
- internal_tls_enabled
|
|
- neutron_server_tls_proxy:
|
|
image: *neutron_api_image
|
|
net: host
|
|
user: root
|
|
restart: always
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/neutron_server_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
|
|
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
|
|
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
- {}
|
|
host_prep_tasks: {get_attr: [NeutronLogging, host_prep_tasks]}
|
|
upgrade_tasks:
|
|
- name: Check if neutron_server is deployed
|
|
command: systemctl is-enabled --quiet neutron-server
|
|
tags: common
|
|
ignore_errors: True
|
|
register: neutron_server_enabled
|
|
- name: "PreUpgrade step0,validation: Check service neutron-server is running"
|
|
command: systemctl is-active --quiet neutron-server
|
|
when: neutron_server_enabled.rc == 0
|
|
tags: step0,validation
|
|
- name: Stop and disable neutron_api service
|
|
tags: step2
|
|
when: neutron_server_enabled.rc == 0
|
|
service: name=neutron-server state=stopped enabled=no
|
|
- name: Remove openstack-neutron package if operator requests it
|
|
yum: name=openstack-neutron state=removed
|
|
tags: step2
|
|
ignore_errors: True
|
|
when: {get_param: UpgradeRemoveUnusedPackages}
|
|
metadata_settings:
|
|
get_attr: [NeutronBase, role_data, metadata_settings]
|