cc4b7f4634
When upgrading from Rocky to Stein we moved also from using the docker
container engine into Podman. To ensure that every single docker container
was removed after the upgrade a post_upgrade task was added which made
use of the tripleo-docker-rm role that removed the container. In this cycle,
from Stein to Train both the Undercloud and Overcloud work with Podman, so
there is no need to remove any docker container anymore.
This patch removes all the tripleo-docker-rm post-upgrade task and in those
services which only included a single task, the post-upgrade-tasks section
is also erased.
Change-Id: I5c9ab55ec6ff332056a426a76e150ea3c9063c6e
(cherry picked from commit 4cbae84c75)
170 lines
5.6 KiB
YAML
170 lines
5.6 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
Containerized etcd services
|
|
|
|
parameters:
|
|
ContainerEtcdImage:
|
|
description: image
|
|
type: string
|
|
ContainerEtcdConfigImage:
|
|
description: The container image to use for the etcd config_volume
|
|
type: string
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EtcdInitialClusterToken:
|
|
description: Initial cluster token for the etcd cluster during bootstrap.
|
|
type: string
|
|
hidden: true
|
|
MonitoringSubscriptionEtcd:
|
|
default: 'overcloud-etcd'
|
|
type: string
|
|
EnableInternalTLS:
|
|
type: boolean
|
|
default: false
|
|
|
|
conditions:
|
|
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the etcd role.
|
|
value:
|
|
service_name: etcd
|
|
monitoring_subscription: {get_param: MonitoringSubscriptionEtcd}
|
|
config_settings:
|
|
map_merge:
|
|
-
|
|
etcd::etcd_name:
|
|
str_replace:
|
|
template:
|
|
"%{hiera('fqdn_$NETWORK')}"
|
|
params:
|
|
$NETWORK: {get_param: [ServiceNetMap, EtcdNetwork]}
|
|
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
|
# for the given network; replacement examples (eg. for internal_api):
|
|
# internal_api -> IP
|
|
# internal_api_uri -> [IP]
|
|
# internal_api_subnet - > IP/CIDR
|
|
tripleo::profile::base::etcd::bind_ip:
|
|
str_replace:
|
|
template:
|
|
"%{hiera('$NETWORK')}"
|
|
params:
|
|
$NETWORK: {get_param: [ServiceNetMap, EtcdNetwork]}
|
|
tripleo::profile::base::etcd::client_port: '2379'
|
|
tripleo::profile::base::etcd::peer_port: '2380'
|
|
etcd::initial_cluster_token: {get_param: EtcdInitialClusterToken}
|
|
etcd::manage_package: false
|
|
tripleo::etcd::firewall_rules:
|
|
'141 etcd':
|
|
dport:
|
|
- 2379
|
|
- 2380
|
|
etcd::manage_service: false
|
|
-
|
|
if:
|
|
- internal_tls_enabled
|
|
- generate_service_certificates: true
|
|
tripleo::profile::base::etcd::certificate_specs:
|
|
service_certificate: '/etc/pki/tls/certs/etcd.crt'
|
|
service_key: '/etc/pki/tls/private/etcd.key'
|
|
hostname:
|
|
str_replace:
|
|
template: "%{hiera('fqdn_NETWORK')}"
|
|
params:
|
|
NETWORK: {get_param: [ServiceNetMap, EtcdNetwork]}
|
|
principal:
|
|
str_replace:
|
|
template: "etcd/%{hiera('fqdn_NETWORK')}"
|
|
params:
|
|
NETWORK: {get_param: [ServiceNetMap, EtcdNetwork]}
|
|
- {}
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
config_volume: etcd
|
|
config_image: &etcd_config_image {get_param: ContainerEtcdConfigImage}
|
|
step_config:
|
|
list_join:
|
|
- "\n"
|
|
- - "['Etcd_key'].each |String $val| { noop_resource($val) }"
|
|
- "include ::tripleo::profile::base::etcd"
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/etcd.json:
|
|
command: /usr/bin/etcd --config-file /etc/etcd/etcd.yml
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
permissions:
|
|
- path: /var/lib/etcd
|
|
owner: etcd:etcd
|
|
recurse: true
|
|
docker_config:
|
|
step_2:
|
|
etcd:
|
|
image: {get_param: ContainerEtcdImage}
|
|
net: host
|
|
privileged: false
|
|
restart: always
|
|
healthcheck:
|
|
test: /openstack/healthcheck
|
|
volumes:
|
|
- /var/lib/etcd:/var/lib/etcd
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /var/lib/kolla/config_files/etcd.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/etcd/:/var/lib/kolla/config_files/src:ro
|
|
environment:
|
|
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
|
container_puppet_tasks:
|
|
# Etcd keys initialization occurs only on single node
|
|
step_2:
|
|
config_volume: 'etcd_init_tasks'
|
|
puppet_tags: 'etcd_key'
|
|
step_config: |
|
|
include ::tripleo::profile::base::etcd
|
|
config_image: *etcd_config_image
|
|
volumes:
|
|
- /var/lib/config-data/etcd/etc/etcd/:/etc/etcd:ro
|
|
- /var/lib/etcd:/var/lib/etcd:ro
|
|
host_prep_tasks:
|
|
- name: create /var/lib/etcd
|
|
file:
|
|
path: /var/lib/etcd
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
upgrade_tasks: []
|
|
metadata_settings:
|
|
if:
|
|
- internal_tls_enabled
|
|
-
|
|
- service: etcd
|
|
network: {get_param: [ServiceNetMap, EtcdNetwork]}
|
|
type: node
|
|
- null
|