tripleo-heat-templates/docker/services/nova-consoleauth.yaml
Lukas Bezdicka 0cb5c847f3 Always evaluate step first in conditional
If we use variables defined in later step in conditional before
checking which step are we on we will fail.

Resolves: rhbz#1535457
Closes-Bug: #1743764
Change-Id: Ic21f6eb5c4101f230fa894cd0829a11e2f0ef39b
2018-02-09 17:12:29 +01:00

152 lines
5.4 KiB
YAML

heat_template_version: queens
description: >
OpenStack containerized Nova Consoleauth service
parameters:
DockerNovaConsoleauthImage:
description: image
type: string
DockerNovaConfigImage:
description: The container image to use for the nova config_volume
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
UpgradeRemoveUnusedPackages:
default: false
description: Remove package if the service is being disabled during upgrade
type: boolean
resources:
ContainersCommon:
type: ./containers-common.yaml
MySQLClient:
type: ../../puppet/services/database/mysql-client.yaml
NovaConsoleauthPuppetBase:
type: ../../puppet/services/nova-consoleauth.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
NovaLogging:
type: OS::TripleO::Services::Logging::NovaCommon
properties:
DockerNovaImage: {get_param: DockerNovaConsoleauthImage}
NovaServiceName: 'consoleauth'
outputs:
role_data:
description: Role data for the Nova Consoleauth service.
value:
service_name: {get_attr: [NovaConsoleauthPuppetBase, role_data, service_name]}
config_settings:
map_merge:
- {get_attr: [NovaConsoleauthPuppetBase, role_data, config_settings]}
- {get_attr: [NovaLogging, config_settings]}
logging_source: {get_attr: [NovaConsoleauthPuppetBase, role_data, logging_source]}
logging_groups: {get_attr: [NovaConsoleauthPuppetBase, role_data, logging_groups]}
service_config_settings: {get_attr: [NovaConsoleauthPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: nova
puppet_tags: nova_config
step_config:
list_join:
- "\n"
- - {get_attr: [NovaConsoleauthPuppetBase, role_data, step_config]}
- {get_attr: [MySQLClient, role_data, step_config]}
config_image: {get_param: DockerNovaConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_consoleauth.json:
command:
list_join:
- ' '
- - /usr/bin/nova-consoleauth
- get_attr: [NovaLogging, cmd_extra_args]
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
recurse: true
docker_config:
step_4:
nova_consoleauth:
image: {get_param: DockerNovaConsoleauthImage}
net: host
privileged: false
restart: always
healthcheck:
test: /openstack/healthcheck
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- {get_attr: [NovaLogging, volumes]}
-
- /var/lib/kolla/config_files/nova_consoleauth.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks: {get_attr: [NovaLogging, host_prep_tasks]}
upgrade_tasks:
- name: Check if nova_consoleauth is deployed
command: systemctl is-active --quiet openstack-nova-consoleauth
tags: common
ignore_errors: True
register: nova_consoleauth_enabled
- name: "PreUpgrade step0,validation: Check service openstack-nova-consoleauth is running"
command: systemctl is-active --quiet openstack-nova-consoleauth
tags: validation
when:
- step|int == 0
- nova_consoleauth_enabled.rc == 0
- name: Stop and disable nova_consoleauth service
when:
- step|int == 2
- nova_consoleauth_enabled.rc == 0
service: name=openstack-nova-consoleauth state=stopped enabled=no
- name: Set fact for removal of openstack-nova-console package
when: step|int == 2
set_fact:
remove_nova_console_package: {get_param: UpgradeRemoveUnusedPackages}
- name: Remove openstack-nova-console package if operator requests it
yum: name=openstack-nova-console state=removed
ignore_errors: True
when:
- step|int == 2
- remove_nova_console_package|bool