234 lines
8.6 KiB
YAML
234 lines
8.6 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
OpenStack containerized OVN Metadata agent
|
|
|
|
parameters:
|
|
DockerOvnMetadataImage:
|
|
description: image
|
|
type: string
|
|
DockerNeutronConfigImage:
|
|
description: The container image to use for the neutron config_volume
|
|
type: string
|
|
OvnMetadataAgentLoggingSource:
|
|
type: json
|
|
default:
|
|
tag: openstack.neutron.agent.ovn-metadata
|
|
path: /var/log/containers/neutron/networking-ovn-metadata-agent.log
|
|
OVNEnableHaproxyDockerWrapper:
|
|
description: Generate a wrapper script so that haproxy is launched in a separate container.
|
|
type: boolean
|
|
default: true
|
|
Debug:
|
|
type: boolean
|
|
default: false
|
|
description: Set to True to enable debugging on all services.
|
|
OVNWrapperDebug:
|
|
type: boolean
|
|
default: false
|
|
description: Controls debugging for the wrapper scripts.
|
|
ContainerCli:
|
|
type: string
|
|
default: 'docker'
|
|
description: CLI tool used to manage containers.
|
|
constraints:
|
|
- allowed_values: ['docker', 'podman']
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
|
|
conditions:
|
|
haproxy_wrapper_enabled: {equals: [{get_param: OVNEnableHaproxyDockerWrapper}, true]}
|
|
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
|
|
service_debug_unset: {equals : [{get_param: OVNWrapperDebug}, false]}
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ./containers-common.yaml
|
|
|
|
OVNMetadataBase:
|
|
type: ../../puppet/services/ovn-metadata.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceData: {get_param: ServiceData}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
NeutronLogging:
|
|
type: OS::TripleO::Services::Logging::NeutronCommon
|
|
properties:
|
|
NeutronServiceName: ovn-metadata-agent
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for OVNMetadata agent
|
|
value:
|
|
service_name: {get_attr: [OVNMetadataBase, role_data, service_name]}
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [OVNMetadataBase, role_data, config_settings]
|
|
- get_attr: [NeutronLogging, config_settings]
|
|
- tripleo::profile::base::neutron::ovn_metadata_agent_wrappers::enable_haproxy_wrapper: {get_param: OVNEnableHaproxyDockerWrapper}
|
|
tripleo::profile::base::neutron::ovn_metadata_agent_wrappers::haproxy_process_wrapper: '/var/lib/neutron/ovn_metadata_haproxy_wrapper'
|
|
tripleo::profile::base::neutron::ovn_metadata_agent_wrappers::haproxy_image: {get_param: DockerOvnMetadataImage}
|
|
tripleo::profile::base::neutron::ovn_metadata_agent_wrappers::debug:
|
|
if:
|
|
- service_debug_unset
|
|
- {get_param: Debug }
|
|
- {get_param: OVNWrapperDebug}
|
|
tripleo::profile::base::neutron::container_cli: {get_param: ContainerCli}
|
|
puppet_config:
|
|
puppet_tags: neutron_config,ovn_metadata_agent_config
|
|
config_volume: neutron
|
|
step_config:
|
|
get_attr: [OVNMetadataBase, role_data, step_config]
|
|
config_image: {get_param: DockerNeutronConfigImage}
|
|
volumes:
|
|
- /lib/modules:/lib/modules:ro
|
|
- /run/openvswitch:/run/openvswitch:shared,z
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/ovn_metadata_agent.json:
|
|
command:
|
|
list_join:
|
|
- ' '
|
|
- - /usr/bin/networking-ovn-metadata-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/networking-ovn/networking-ovn-metadata-agent.ini --config-dir /etc/neutron/conf.d/networking-ovn-metadata-agent
|
|
- get_attr: [NeutronLogging, cmd_extra_args]
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
permissions:
|
|
- path: /var/log/neutron
|
|
owner: neutron:neutron
|
|
recurse: true
|
|
- path: /var/lib/neutron
|
|
owner: neutron:neutron
|
|
recurse: true
|
|
container_config_scripts: {get_attr: [ContainersCommon, container_config_scripts]}
|
|
docker_config:
|
|
step_2:
|
|
create_haproxy_wrapper:
|
|
start_order: 1
|
|
detach: false
|
|
net: host
|
|
pid: host
|
|
user: root
|
|
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
|
|
list_concat:
|
|
-
|
|
- '/docker_puppet_apply.sh'
|
|
- '4'
|
|
- 'file'
|
|
- 'include ::tripleo::profile::base::neutron::ovn_metadata_agent_wrappers'
|
|
image: {get_param: DockerOvnMetadataImage}
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
|
|
-
|
|
- /run/openvswitch:/run/openvswitch:shared,z
|
|
- /var/lib/neutron:/var/lib/neutron:shared,z
|
|
step_4:
|
|
setup_ovs_manager:
|
|
start_order: 0
|
|
detach: false
|
|
net: host
|
|
privileged: true
|
|
user: root
|
|
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
|
|
list_concat:
|
|
- - '/docker_puppet_apply.sh'
|
|
- '4'
|
|
- 'exec'
|
|
- 'include ::tripleo::profile::base::neutron::ovn_metadata'
|
|
image: {get_param: DockerOvnMetadataImage}
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
|
|
- - /lib/modules:/lib/modules:ro
|
|
- /run/openvswitch:/run/openvswitch:shared,z
|
|
ovn_metadata_agent:
|
|
start_order: 1
|
|
image: {get_param: DockerOvnMetadataImage}
|
|
net: host
|
|
pid: host
|
|
privileged: true
|
|
restart: always
|
|
healthcheck:
|
|
test: /openstack/healthcheck
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
- {get_attr: [NeutronLogging, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/ovn_metadata_agent.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
|
|
- /lib/modules:/lib/modules:ro
|
|
- /run/openvswitch:/run/openvswitch:shared,z
|
|
- /var/lib/neutron:/var/lib/neutron:shared,z
|
|
- /run/netns:/run/netns:shared
|
|
-
|
|
if:
|
|
- docker_enabled
|
|
- - /var/lib/openstack:/var/lib/openstack
|
|
- null
|
|
-
|
|
if:
|
|
- haproxy_wrapper_enabled
|
|
- - /var/lib/neutron/ovn_metadata_haproxy_wrapper:/usr/local/bin/haproxy:ro
|
|
- null
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
metadata_settings:
|
|
get_attr: [OVNMetadataBase, role_data, metadata_settings]
|
|
host_prep_tasks:
|
|
list_concat:
|
|
- {get_attr: [NeutronLogging, host_prep_tasks]}
|
|
- - name: create /run/netns with temp namespace
|
|
command: ip netns add ns_temp
|
|
register: ipnetns_add_result
|
|
ignore_errors: True
|
|
- - name: remove temp namespace
|
|
command: ip netns delete ns_temp
|
|
ignore_errors: True
|
|
when: ipnetns_add_result.rc == 0
|
|
- - name: create /var/lib/neutron
|
|
file:
|
|
path: /var/lib/neutron
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
upgrade_tasks: []
|
|
post_upgrade_tasks:
|
|
- when: step|int == 1
|
|
import_role:
|
|
name: tripleo-docker-rm
|
|
vars:
|
|
containers_to_rm:
|
|
- ovn_metadata_agent
|