927495fe3d
The new master branch should point now to queens instead of pike. So, HOT templates should specify that they might contain features for queens release [1] [1]: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html#queens Change-Id: I7654d1c59db0c4508a9d7045f452612d22493004
154 lines
5.4 KiB
YAML
154 lines
5.4 KiB
YAML
heat_template_version: queens
|
|
|
|
description: >
|
|
OpenStack containerized Nova Migration Target service
|
|
|
|
parameters:
|
|
DockerNovaComputeImage:
|
|
description: image
|
|
type: string
|
|
DockerNovaLibvirtConfigImage:
|
|
description: The container image to use for the nova_libvirt config_volume
|
|
type: string
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
DockerNovaMigrationSshdPort:
|
|
default: 2022
|
|
description: Port that dockerized nova migration target sshd service
|
|
binds to.
|
|
type: number
|
|
MigrationSshKey:
|
|
type: json
|
|
description: >
|
|
SSH key for migration.
|
|
Expects a dictionary with keys 'public_key' and 'private_key'.
|
|
Values should be identical to SSH public/private key files.
|
|
default:
|
|
public_key: ''
|
|
private_key: ''
|
|
MigrationSshPort:
|
|
default: 2022
|
|
description: Target port for migration over ssh
|
|
type: number
|
|
|
|
conditions:
|
|
|
|
# During Ocata->Pike upgrade initially configure the ssh service on port 22
|
|
# to proxy migration commands to the containerized sshd on port 2022.
|
|
# When the upgrade converges we can switch migrations over to port 2022.
|
|
enable_migration_proxy:
|
|
equals:
|
|
- {get_param: MigrationSshPort}
|
|
- 22
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ./containers-common.yaml
|
|
|
|
SshdBase:
|
|
type: ../../puppet/services/sshd.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
NovaMigrationTargetBase:
|
|
type: ../../puppet/services/nova-migration-target.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Nova Migration Target service.
|
|
value:
|
|
service_name: nova_migration_target
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [SshdBase, role_data, config_settings]
|
|
- get_attr: [NovaMigrationTargetBase, role_data, config_settings]
|
|
# NB this prevents the baremetal ssh from listening on port 2022
|
|
# It doesn't affect the sshd port in the container as we override it below on the sshd cli
|
|
- tripleo::profile::base::sshd::port: 22
|
|
- if:
|
|
- enable_migration_proxy
|
|
- tripleo::profile::base::nova::migration::proxy::ssh_private_key: {get_param: [ MigrationSshKey, private_key ]}
|
|
tripleo::profile::base::nova::migration::proxy::target_port: {get_param: DockerNovaMigrationSshdPort}
|
|
tripleo::profile::base::nova::migration::proxy::target_host: "%{hiera('live_migration_ssh_inbound_addr')}"
|
|
- {}
|
|
logging_source: {get_attr: [NovaMigrationTargetBase, role_data, logging_source]}
|
|
logging_groups: {get_attr: [NovaMigrationTargetBase, role_data, logging_groups]}
|
|
puppet_config:
|
|
config_volume: nova_libvirt
|
|
step_config:
|
|
list_join:
|
|
- "\n"
|
|
- - get_attr: [SshdBase, role_data, step_config]
|
|
- get_attr: [NovaMigrationTargetBase, role_data, step_config]
|
|
config_image: {get_param: DockerNovaLibvirtConfigImage}
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/nova-migration-target.json:
|
|
command:
|
|
str_replace:
|
|
template: "/usr/sbin/sshd -D -p SSHDPORT"
|
|
params:
|
|
SSHDPORT: {get_param: DockerNovaMigrationSshdPort}
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
- source: /host-ssh/ssh_host_*_key
|
|
dest: /etc/ssh/
|
|
owner: "root"
|
|
perm: "0600"
|
|
docker_config:
|
|
step_4:
|
|
nova_migration_target:
|
|
image: {get_param: DockerNovaComputeImage}
|
|
net: host
|
|
privileged: true
|
|
user: root
|
|
restart: always
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/nova-migration-target.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
|
|
- /etc/ssh/:/host-ssh/:ro
|
|
- /run:/run
|
|
- /var/lib/nova:/var/lib/nova:shared
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|