00ed1a2d39
In case the nova-api service is not running in the MySQL master node, the FFU tasks will fail as it might not have MySQL installed. Avoid executing Nova DB tasks on FFU if MySQL not installed, point to the MySQL server. Resolves: rhbz#1593910 Closes-bug: 1780425 Change-Id: I02bc48d535707d579ecd590f970b1a08962a0111
496 lines
20 KiB
YAML
496 lines
20 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
OpenStack containerized Nova API service
|
|
|
|
parameters:
|
|
DockerNovaApiImage:
|
|
description: image
|
|
type: string
|
|
DockerNovaConfigImage:
|
|
description: The container image to use for the nova config_volume
|
|
type: string
|
|
NovaApiLoggingSource:
|
|
type: json
|
|
default:
|
|
tag: openstack.nova.api
|
|
path: /var/log/containers/nova/nova-api.log
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EnableInternalTLS:
|
|
type: boolean
|
|
default: false
|
|
NovaDbSyncTimeout:
|
|
default: 300
|
|
description: Timeout for Nova db sync
|
|
type: number
|
|
UpgradeRemoveUnusedPackages:
|
|
default: false
|
|
description: Remove package if the service is being disabled during upgrade
|
|
type: boolean
|
|
DeployIdentifier:
|
|
default: ''
|
|
type: string
|
|
description: >
|
|
Setting this to a unique value will re-run any deployment tasks which
|
|
perform configuration on a Heat stack-update.
|
|
NovaPassword:
|
|
description: The password for the nova service and db account
|
|
type: string
|
|
hidden: true
|
|
|
|
conditions:
|
|
|
|
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ./containers-common.yaml
|
|
|
|
MySQLClient:
|
|
type: ../../puppet/services/database/mysql-client.yaml
|
|
|
|
NovaApiBase:
|
|
type: ../../puppet/services/nova-api.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceData: {get_param: ServiceData}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
NovaApiLogging:
|
|
type: OS::TripleO::Services::Logging::NovaApi
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Nova API role.
|
|
value:
|
|
service_name: {get_attr: [NovaApiBase, role_data, service_name]}
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [NovaApiBase, role_data, config_settings]
|
|
- get_attr: [NovaApiLogging, config_settings]
|
|
- apache::default_vhost: false
|
|
logging_source: {get_attr: [NovaApiBase, role_data, logging_source]}
|
|
logging_groups: {get_attr: [NovaApiBase, role_data, logging_groups]}
|
|
service_config_settings:
|
|
map_merge:
|
|
- get_attr: [NovaApiBase, role_data, service_config_settings]
|
|
- fluentd:
|
|
tripleo_fluentd_groups_nova_api:
|
|
- nova
|
|
tripleo_fluentd_sources_nova_api:
|
|
- {get_param: NovaApiLoggingSource}
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
config_volume: nova
|
|
puppet_tags: nova_config
|
|
step_config:
|
|
list_join:
|
|
- "\n"
|
|
- - "['Nova_cell_v2'].each |String $val| { noop_resource($val) }"
|
|
- {get_attr: [NovaApiBase, role_data, step_config]}
|
|
- {get_attr: [MySQLClient, role_data, step_config]}
|
|
config_image: {get_param: DockerNovaConfigImage}
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/nova_api.json:
|
|
command: /usr/sbin/httpd -DFOREGROUND
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
permissions:
|
|
- path: /var/log/nova
|
|
owner: nova:nova
|
|
recurse: true
|
|
/var/lib/kolla/config_files/nova_api_cron.json:
|
|
command: /usr/sbin/crond -n
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
permissions:
|
|
- path: /var/log/nova
|
|
owner: nova:nova
|
|
recurse: true
|
|
docker_config_scripts:
|
|
nova_api_discover_hosts.sh:
|
|
mode: "0700"
|
|
content: |
|
|
#!/bin/bash
|
|
export OS_PROJECT_DOMAIN_NAME=$(crudini --get /etc/nova/nova.conf keystone_authtoken project_domain_name)
|
|
export OS_USER_DOMAIN_NAME=$(crudini --get /etc/nova/nova.conf keystone_authtoken user_domain_name)
|
|
export OS_PROJECT_NAME=$(crudini --get /etc/nova/nova.conf keystone_authtoken project_name)
|
|
export OS_USERNAME=$(crudini --get /etc/nova/nova.conf keystone_authtoken username)
|
|
export OS_PASSWORD=$(crudini --get /etc/nova/nova.conf keystone_authtoken password)
|
|
export OS_AUTH_URL=$(crudini --get /etc/nova/nova.conf keystone_authtoken auth_url)
|
|
export OS_AUTH_TYPE=password
|
|
export OS_IDENTITY_API_VERSION=3
|
|
|
|
echo "(cellv2) Running cell_v2 host discovery"
|
|
timeout=600
|
|
loop_wait=30
|
|
declare -A discoverable_hosts
|
|
for host in $(hiera -c /etc/puppet/hiera.yaml cellv2_discovery_hosts | sed -e '/^nil$/d' | tr "," " "); do discoverable_hosts[$host]=1; done
|
|
timeout_at=$(( $(date +"%s") + ${timeout} ))
|
|
echo "(cellv2) Waiting ${timeout} seconds for hosts to register"
|
|
finished=0
|
|
while : ; do
|
|
for host in $(openstack -q compute service list -c 'Host' -c 'Zone' -f value | awk '$2 != "internal" { print $1 }'); do
|
|
if (( discoverable_hosts[$host] == 1 )); then
|
|
echo "(cellv2) compute node $host has registered"
|
|
unset discoverable_hosts[$host]
|
|
fi
|
|
done
|
|
finished=1
|
|
for host in "${!discoverable_hosts[@]}"; do
|
|
if (( ${discoverable_hosts[$host]} == 1 )); then
|
|
echo "(cellv2) compute node $host has not registered"
|
|
finished=0
|
|
fi
|
|
done
|
|
remaining=$(( $timeout_at - $(date +"%s") ))
|
|
if (( $finished == 1 )); then
|
|
echo "(cellv2) All nodes registered"
|
|
break
|
|
elif (( $remaining <= 0 )); then
|
|
echo "(cellv2) WARNING: timeout waiting for nodes to register, running host discovery regardless"
|
|
echo "(cellv2) Expected host list:" $(hiera -c /etc/puppet/hiera.yaml cellv2_discovery_hosts | sed -e '/^nil$/d' | sort -u | tr ',' ' ')
|
|
echo "(cellv2) Detected host list:" $(openstack -q compute service list -c 'Host' -c 'Zone' -f value | awk '$2 != "internal" { print $1 }' | sort -u | tr '\n', ' ')
|
|
break
|
|
else
|
|
echo "(cellv2) Waiting ${remaining} seconds for hosts to register"
|
|
sleep $loop_wait
|
|
fi
|
|
done
|
|
echo "(cellv2) Running host discovery..."
|
|
su nova -s /bin/bash -c "/usr/bin/nova-manage cell_v2 discover_hosts --by-service --verbose"
|
|
|
|
nova_api_ensure_default_cell.sh:
|
|
mode: "0700"
|
|
content: |
|
|
#!/bin/bash
|
|
DEFID=$(nova-manage cell_v2 list_cells | sed -e '1,3d' -e '$d' | awk -F ' *| *' '$2 == "default" {print $4}')
|
|
if [ "$DEFID" ]; then
|
|
echo "(cellv2) Updating default cell_v2 cell $DEFID"
|
|
su nova -s /bin/bash -c "/usr/bin/nova-manage cell_v2 update_cell --cell_uuid $DEFID --name=default"
|
|
else
|
|
echo "(cellv2) Creating default cell_v2 cell"
|
|
su nova -s /bin/bash -c "/usr/bin/nova-manage cell_v2 create_cell --name=default"
|
|
fi
|
|
docker_config:
|
|
step_2:
|
|
get_attr: [NovaApiLogging, docker_config, step_2]
|
|
step_3:
|
|
nova_api_db_sync:
|
|
start_order: 0
|
|
image: &nova_api_image {get_param: DockerNovaApiImage}
|
|
net: host
|
|
detach: false
|
|
user: root
|
|
volumes: &nova_api_bootstrap_volumes
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
- {get_attr: [NovaApiLogging, volumes]}
|
|
-
|
|
- /var/lib/config-data/nova/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
|
|
- /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
|
|
command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage api_db sync'"
|
|
nova_api_map_cell0:
|
|
start_order: 1
|
|
image: *nova_api_image
|
|
net: host
|
|
detach: false
|
|
user: root
|
|
volumes: *nova_api_bootstrap_volumes
|
|
command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 map_cell0'"
|
|
nova_api_ensure_default_cell:
|
|
start_order: 2
|
|
image: *nova_api_image
|
|
net: host
|
|
detach: false
|
|
volumes:
|
|
list_concat:
|
|
- *nova_api_bootstrap_volumes
|
|
-
|
|
- /var/lib/config-data/nova/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
|
|
- /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
|
|
- /var/log/containers/nova:/var/log/nova
|
|
- /var/lib/docker-config-scripts/nova_api_ensure_default_cell.sh:/nova_api_ensure_default_cell.sh:ro
|
|
user: root
|
|
command: "/usr/bin/bootstrap_host_exec nova_api /nova_api_ensure_default_cell.sh"
|
|
nova_db_sync:
|
|
start_order: 3
|
|
image: *nova_api_image
|
|
net: host
|
|
detach: false
|
|
volumes: *nova_api_bootstrap_volumes
|
|
user: root
|
|
command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage db sync'"
|
|
step_4:
|
|
nova_api:
|
|
start_order: 2
|
|
image: *nova_api_image
|
|
net: host
|
|
user: root
|
|
privileged: true
|
|
restart: always
|
|
healthcheck:
|
|
test: /openstack/healthcheck
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
- {get_attr: [NovaApiLogging, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
|
|
-
|
|
if:
|
|
- internal_tls_enabled
|
|
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
|
|
- ''
|
|
-
|
|
if:
|
|
- internal_tls_enabled
|
|
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
|
|
- ''
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
nova_api_cron:
|
|
image: *nova_api_image
|
|
net: host
|
|
user: root
|
|
privileged: false
|
|
restart: always
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
- {get_attr: [NovaApiLogging, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/nova_api_cron.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
step_5:
|
|
nova_api_discover_hosts:
|
|
start_order: 1
|
|
image: *nova_api_image
|
|
net: host
|
|
detach: false
|
|
volumes:
|
|
list_concat:
|
|
- *nova_api_bootstrap_volumes
|
|
-
|
|
- /var/lib/config-data/nova/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
|
|
- /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
|
|
- /var/log/containers/nova:/var/log/nova
|
|
- /var/lib/docker-config-scripts/nova_api_discover_hosts.sh:/nova_api_discover_hosts.sh:ro
|
|
user: root
|
|
command: "/usr/bin/bootstrap_host_exec nova_api /nova_api_discover_hosts.sh"
|
|
environment:
|
|
# NOTE: this should force this container to re-run on each
|
|
# update (scale-out, etc.)
|
|
- list_join:
|
|
- ''
|
|
- - 'TRIPLEO_DEPLOY_IDENTIFIER='
|
|
- {get_param: DeployIdentifier}
|
|
metadata_settings:
|
|
get_attr: [NovaApiBase, role_data, metadata_settings]
|
|
host_prep_tasks: {get_attr: [NovaApiLogging, host_prep_tasks]}
|
|
upgrade_tasks:
|
|
- when: step|int == 0
|
|
tags: common
|
|
block:
|
|
- name: Check if nova_api is deployed
|
|
command: systemctl is-enabled --quiet openstack-nova-api
|
|
ignore_errors: True
|
|
register: nova_api_enabled_result
|
|
- set_fact:
|
|
nova_api_enabled: "{{ nova_api_enabled_result.rc == 0 }}"
|
|
- name: Check for nova-api running under apache
|
|
shell: httpd -t -D DUMP_VHOSTS | grep -q 'nova'
|
|
ignore_errors: True
|
|
register: nova_api_httpd_enabled_result
|
|
- set_fact:
|
|
nova_api_httpd_enabled: "{{ nova_api_httpd_enabled_result.rc == 0 }}"
|
|
- name: "PreUpgrade step0,validation: Check service openstack-nova-api is running"
|
|
command: systemctl is-active --quiet openstack-nova-api
|
|
tags: validation
|
|
when:
|
|
- nova_api_enabled|bool
|
|
- name: Check if httpd service is running
|
|
command: systemctl is-active --quiet httpd
|
|
ignore_errors: True
|
|
register: httpd_running_result
|
|
when: httpd_running is undefined
|
|
- set_fact:
|
|
httpd_running: "{{ httpd_running_result.rc == 0 }}"
|
|
when: httpd_running is undefined
|
|
- name: "PreUpgrade step0,validation: Check if nova_wsgi is running"
|
|
tags: validation
|
|
shell: systemctl status 'httpd' | grep -q 'nova'
|
|
when:
|
|
- nova_api_httpd_enabled|bool
|
|
- httpd_running|bool
|
|
- when: step|int == 2
|
|
block:
|
|
- name: Stop and disable nova_api service
|
|
when:
|
|
- nova_api_enabled|bool
|
|
service: name=openstack-nova-api state=stopped enabled=no
|
|
- name: Stop nova_api service (running under httpd)
|
|
when:
|
|
- nova_api_httpd_enabled|bool
|
|
- httpd_running|bool
|
|
service: name=httpd state=stopped
|
|
- when: step|int == 3
|
|
block:
|
|
- name: Set fact for removal of openstack-nova-api package
|
|
set_fact:
|
|
remove_nova_api_package: {get_param: UpgradeRemoveUnusedPackages}
|
|
- name: Remove openstack-nova-api package if operator requests it
|
|
yum: name=openstack-nova-api state=removed
|
|
ignore_errors: True
|
|
when:
|
|
- remove_nova_api_package|bool
|
|
- name: remove old nova cron jobs
|
|
file:
|
|
path: /var/spool/cron/nova
|
|
state: absent
|
|
fast_forward_upgrade_tasks:
|
|
- name: Check if nova-api is deployed
|
|
command: systemctl is-enabled --quiet openstack-nova-api
|
|
ignore_errors: True
|
|
register: nova_api_enabled_result
|
|
when:
|
|
- step|int == 0
|
|
- release == 'ocata'
|
|
- name: Set fact nova_api_enabled
|
|
set_fact:
|
|
nova_api_enabled: "{{ nova_api_enabled_result.rc == 0 }}"
|
|
when:
|
|
- step|int == 0
|
|
- release == 'ocata'
|
|
- name: Stop openstack-nova-api service
|
|
service: name=openstack-nova-api state=stopped
|
|
when:
|
|
- step|int == 1
|
|
- nova_api_enabled|bool
|
|
- release == 'ocata'
|
|
- name: Extra migration for nova tripleo/+bug/1656791
|
|
command: nova-manage db online_data_migrations
|
|
when:
|
|
- step|int == 5
|
|
- release == 'ocata'
|
|
- is_bootstrap_node|bool
|
|
- name: Update nova packages
|
|
command: yum update -y *nova*
|
|
when:
|
|
- step|int == 6
|
|
- is_bootstrap_node|bool
|
|
#FIXME(lyarwood): Use puppet to do this?
|
|
- when:
|
|
- step|int == 7
|
|
- release == 'ocata'
|
|
- is_bootstrap_node|bool
|
|
block:
|
|
- name: Create puppet manifest to set transport_url in nova.conf
|
|
copy:
|
|
dest: /root/nova-api_upgrade_manifest.pp
|
|
mode: 0600
|
|
content: >
|
|
$transport_url = os_transport_url({
|
|
'transport' => hiera('messaging_service_name', 'rabbit'),
|
|
'hosts' => any2array(hiera('rabbitmq_node_names', undef)),
|
|
'port' => sprintf('%s',hiera('nova::rabbit_port', '5672') ),
|
|
'username' => hiera('nova::rabbit_userid', 'guest'),
|
|
'password' => hiera('nova::rabbit_password'),
|
|
'ssl' => sprintf('%s', bool2num(str2bool(hiera('nova::rabbit_use_ssl', '0'))))
|
|
})
|
|
oslo::messaging::default { 'nova_config':
|
|
transport_url => $transport_url
|
|
}
|
|
|
|
- name: Run puppet apply to set tranport_url in nova.conf
|
|
command: puppet apply --modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules --detailed-exitcodes /root/nova-api_upgrade_manifest.pp
|
|
register: puppet_apply_nova_api_upgrade
|
|
failed_when: puppet_apply_nova_api_upgrade.rc not in [0,2]
|
|
changed_when: puppet_apply_nova_api_upgrade.rc == 2
|
|
- name: Setup cell_v2 (map cell0)
|
|
shell:
|
|
str_replace:
|
|
template: nova-manage cell_v2 map_cell0 --database_connection=CELL
|
|
params:
|
|
CELL:
|
|
make_url:
|
|
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
|
|
username: nova
|
|
password: {get_param: NovaPassword}
|
|
host: {get_param: [EndpointMap, MysqlInternal, host]}
|
|
path: /nova_cell0
|
|
- name: Setup cell_v2 (create default cell)
|
|
# (owalsh) puppet-nova expects the cell name 'default'
|
|
# (owalsh) pass the db uri explicitly to avoid https://bugs.launchpad.net/tripleo/+bug/1662344
|
|
shell: nova-manage cell_v2 create_cell --name='default' --database_connection=$(hiera nova::database_connection)
|
|
register: nova_api_create_cell
|
|
failed_when: nova_api_create_cell.rc not in [0,2]
|
|
changed_when: nova_api_create_cell.rc == 0
|
|
- name: Setup cell_v2 (sync nova/cell DB)
|
|
command: nova-manage db sync
|
|
async: {get_param: NovaDbSyncTimeout}
|
|
poll: 10
|
|
- name: Setup cell_v2 (get cell uuid)
|
|
shell: nova-manage cell_v2 list_cells | sed -e '1,3d' -e '$d' | awk -F ' *| *' '$2 == "default" {print $4}'
|
|
register: nova_api_cell_uuid
|
|
- name: Setup cell_v2 (migrate hosts)
|
|
command: nova-manage cell_v2 discover_hosts --cell_uuid {{nova_api_cell_uuid.stdout}} --verbose
|
|
- name: Setup cell_v2 (migrate instances)
|
|
command: nova-manage cell_v2 map_instances --cell_uuid {{nova_api_cell_uuid.stdout}}
|
|
- name: Sync nova/cell DB
|
|
command: nova-manage db sync
|
|
async: {get_param: NovaDbSyncTimeout}
|
|
poll: 10
|
|
when:
|
|
- step|int == 8
|
|
- is_bootstrap_node|bool
|
|
- release == 'pike'
|
|
- name: Sync nova_api DB
|
|
command: nova-manage api_db sync
|
|
when:
|
|
- step|int == 8
|
|
- is_bootstrap_node|bool
|
|
- name: Online data migration for nova
|
|
command: nova-manage db online_data_migrations
|
|
when:
|
|
- step|int == 8
|
|
- is_bootstrap_node|bool
|