openstack/tripleo-heat-templates
Code Issues Proposed changes
c37b9ae4c4
tripleo-heat-templates/docker/services/opendaylight-api.yaml
Tim Rozet dc9c7315ae Fix update/upgrade or config change for ODL 
OpenDaylight creates multiple files the first time it boots, which we do
not mount to the host. After the first boot, it creates a cache which we
do mount to the host. This means that on a config change or
update/upgrade of ODL the cache will not be removed, but the files will
be. This causes ODL to fail to start.

The solution is to stop the container in update/upgrade and then remove
the cache before the update happens. This will trigger the new ODL to
rebuild the cache with the new ODL version.  For config change, we also
need to remove the cache in the host_prep_tasks so that we do not end up
in a similar state.

Closes-Bug: 1775919

Change-Id: Ia457b90b765617822e9adbf07485c9ea1fe179e5
Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-06-08 15:10:30 -04:00

263 lines
9.8 KiB
YAML
Raw Blame History

heat_template_version: rocky
description: >
OpenStack containerized OpenDaylight API service
parameters:
DockerOpendaylightApiImage:
description: image
type: string
DockerOpendaylightConfigImage:
description: image
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EnableInternalTLS:
type: boolean
default: false
InternalTLSCAFile:
default: '/etc/ipa/ca.crt'
type: string
description: Specifies the default CA cert to use if TLS is used for
services in the internal network.
ODLUpdateLevel:
default: 1
description: Specify the level of update
type: number
constraints:
- allowed_values:
- 1
- 2
conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
ContainersCommon:
type: ./containers-common.yaml
OpenDaylightBase:
type: ../../puppet/services/opendaylight-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the OpenDaylight API role.
value:
service_name: {get_attr: [OpenDaylightBase, role_data, service_name]}
config_settings:
map_merge:
- get_attr: [OpenDaylightBase, role_data, config_settings]
- if:
- internal_tls_enabled
- tripleo::certmonger::opendaylight::postsave_cmd: "true" # TODO: restart the odl container here
- {}
logging_source: {get_attr: [OpenDaylightBase, role_data, logging_source]}
logging_groups: {get_attr: [OpenDaylightBase, role_data, logging_groups]}
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: opendaylight
volumes:
list_concat:
- if:
- internal_tls_enabled
- - /etc/pki/tls/certs/odl.crt:/etc/pki/tls/certs/odl.crt:ro
- /etc/pki/tls/private/odl.key:/etc/pki/tls/private/odl.key:ro
- list_join:
- ':'
- - {get_param: InternalTLSCAFile}
- {get_param: InternalTLSCAFile}
- 'ro'
- null
# 'file,concat,file_line,augeas' are included by default
puppet_tags: odl_user,odl_keystore
step_config:
get_attr: [OpenDaylightBase, role_data, step_config]
config_image: {get_param: DockerOpendaylightConfigImage}
kolla_config:
/var/lib/kolla/config_files/opendaylight_api.json:
command: /opt/opendaylight/bin/karaf server
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
permissions:
- path: /opt/opendaylight
owner: odl:odl
recurse: true
docker_config:
step_1:
opendaylight_api:
start_order: 0
image: &odl_api_image {get_param: DockerOpendaylightApiImage}
privileged: false
net: host
detach: true
user: odl
restart: always
healthcheck:
test: /openstack/healthcheck
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/opendaylight_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/opendaylight/:/var/lib/kolla/config_files/src:ro
- /var/lib/opendaylight/journal:/opt/opendaylight/journal
- /var/lib/opendaylight/snapshots:/opt/opendaylight/snapshots
- /var/lib/opendaylight/data:/opt/opendaylight/data
- /var/log/containers/opendaylight:/opt/opendaylight/data/log
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
metadata_settings:
get_attr: [OpenDaylightBase, role_data, metadata_settings]
host_prep_tasks:
- name: Delete cache folder
file:
path: /var/lib/opendaylight/data/cache
state: absent
- name: create persistent directories
file:
path: "{{ item }}"
state: directory
with_items:
- /var/lib/opendaylight/snapshots
- /var/lib/opendaylight/journal
- /var/lib/opendaylight/data
- /var/log/opendaylight
- /var/log/containers/opendaylight
- name: opendaylight logs readme
copy:
dest: /var/log/opendaylight/readme.txt
content: |
Logs from opendaylight container can be found by running "sudo docker logs opendaylight_api" and are also available in /var/log/containers/opendaylight/karaf.log
ignore_errors: true
upgrade_tasks:
- name: Check if opendaylight is deployed
command: systemctl is-enabled --quiet opendaylight
tags: common
ignore_errors: True
register: opendaylight_enabled
- name: "PreUpgrade step0,validation: Check service opendaylight is running"
command: systemctl is-active --quiet opendaylight
when:
- step|int == 0
- opendaylight_enabled.rc == 0
tags: validation
- name: Stop and disable opendaylight_api service
when:
- step|int == 2
- opendaylight_enabled.rc == 0
service: name=opendaylight state=stopped enabled=no
# Containerized deployment upgrade steps
- name: ODL container L2 update and upgrade tasks
block: &odl_container_upgrade_tasks
- name: stop previous ODL container
docker_container:
name: opendaylight_api
state: stopped
when: step|int == 0
- name: remove data, journal and snapshots
file:
path: /var/lib/opendaylight/{{item}}
state: absent
with_items:
- snapshots
- journal
- data
when: step|int == 0
- name: Set ODL upgrade flag to True
copy:
dest: /var/lib/config-data/puppet-generated/opendaylight/opt/opendaylight/etc/opendaylight/datastore/initial/config/genius-mdsalutil-config.xml
content: |
<config xmlns="urn:opendaylight:params:xml:ns:yang:mdsalutil">
<upgradeInProgress>true</upgradeInProgress>
</config>
owner: 42462
group: 42462
mode: 0644
when: step|int == 1
post_upgrade_tasks: &odl_container_post_upgrade_tasks
- name: Disable Upgrade Flag via Rest
shell:
str_replace:
template: 'curl -k -v --silent --fail -u ODL_USERNAME:$ODL_PASSWORD -X \
PUT -d "{ "config": { "upgradeInProgress": false } }" \
-H "Content-Type: application/json" \
$ODL_URI/restconf/config/genius-mdsalutil:config'
params:
$ODL_USERNAME: {get_attr: [OpenDaylightBase, role_data, config_settings, 'opendaylight::username']}
$ODL_PASSWORD: {get_attr: [OpenDaylightBase, role_data, config_settings, 'opendaylight::password']}
$ODL_URI: {get_param: [EndpointMap, OpenDaylightInternal, uri]}
when: step|int == 0
- name: Disable Upgrade in Config File
copy:
dest: /var/lib/config-data/puppet-generated/opendaylight/opt/opendaylight/etc/opendaylight/datastore/initial/config/genius-mdsalutil-config.xml
content: |
<config xmlns="urn:opendaylight:params:xml:ns:yang:mdsalutil">
<upgradeInProgress>false</upgradeInProgress>
</config>
owner: 42462
group: 42462
mode: 0644
when: step|int == 0
update_tasks:
- name: Get ODL update level
block: &get_odl_update_level
- name: store update level to update_level variable
set_fact:
odl_update_level: {get_param: ODLUpdateLevel}
- name: Stop ODL container and remove cache
block:
- name: Stop previous ODL container
docker_container:
name: opendaylight_api
state: stopped
- name: Delete cache folder
file:
path: /var/lib/opendaylight/data/cache
state: absent
when:
- step|int == 0
- odl_update_level == 1
- name: Run L2 update tasks that are similar to upgrade_tasks when update level is 2
block: *odl_container_upgrade_tasks
when: odl_update_level == 2
post_update_tasks:
- block: *get_odl_update_level
- block: *odl_container_post_upgrade_tasks
when: odl_update_level == 2
View Git Blame Copy Permalink