1 heat_template_version: pike
4 OpenStack containerized Neutron API service
10 DockerNeutronConfigImage:
11 description: The container image to use for the neutron config_volume
15 description: Mapping of service endpoint -> protocol. Typically set
16 via parameter_defaults in the resource registry.
20 description: Dictionary packing service data
24 description: Mapping of service_name -> network name. Typically set
25 via parameter_defaults in the resource registry. This
26 mapping overrides those in ServiceNetMapDefaults.
33 description: Role name on which the service is applied
37 description: Parameters specific to the role
42 UpgradeRemoveUnusedPackages:
44 description: Remove package if the service is being disabled during upgrade
49 internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
54 type: ./containers-common.yaml
57 type: ../../puppet/services/database/mysql-client.yaml
60 type: ../../puppet/services/neutron-api.yaml
62 EndpointMap: {get_param: EndpointMap}
63 ServiceData: {get_param: ServiceData}
64 ServiceNetMap: {get_param: ServiceNetMap}
65 DefaultPasswords: {get_param: DefaultPasswords}
66 RoleName: {get_param: RoleName}
67 RoleParameters: {get_param: RoleParameters}
71 description: Role data for the Neutron API role.
73 service_name: {get_attr: [NeutronBase, role_data, service_name]}
74 logging_source: {get_attr: [NeutronBase, role_data, logging_source]}
75 logging_groups: {get_attr: [NeutronBase, role_data, logging_groups]}
78 - get_attr: [NeutronBase, role_data, config_settings]
79 step_config: &step_config
82 - - {get_attr: [NeutronBase, role_data, step_config]}
83 - {get_attr: [MySQLClient, role_data, step_config]}
84 service_config_settings: {get_attr: [NeutronBase, role_data, service_config_settings]}
85 # BEGIN DOCKER SETTINGS
87 config_volume: neutron
88 puppet_tags: neutron_config,neutron_api_config
89 step_config: *step_config
90 config_image: {get_param: DockerNeutronConfigImage}
92 /var/lib/kolla/config_files/neutron_api.json:
93 command: /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-server
95 - source: "/var/lib/kolla/config_files/src/*"
98 preserve_properties: true
100 - path: /var/log/neutron
101 owner: neutron:neutron
103 /var/lib/kolla/config_files/neutron_server_tls_proxy.json:
104 command: /usr/sbin/httpd -DFOREGROUND
106 - source: "/var/lib/kolla/config_files/src/*"
109 preserve_properties: true
111 # db sync runs before permissions set by kolla_config
114 image: &neutron_api_image {get_param: DockerNeutronApiImage}
118 - /var/log/containers/neutron:/var/log/neutron
119 - /var/log/containers/httpd/neutron-api:/var/log/httpd
120 command: ['/bin/bash', '-c', 'chown -R neutron:neutron /var/log/neutron']
123 image: *neutron_api_image
130 - {get_attr: [ContainersCommon, volumes]}
132 - /var/lib/config-data/neutron/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
133 - /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro
134 - /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro
135 - /var/log/containers/neutron:/var/log/neutron
136 - /var/log/containers/httpd/neutron-api:/var/log/httpd
137 command: ['/usr/bin/bootstrap_host_exec', 'neutron_api', 'neutron-db-manage', 'upgrade', 'heads']
138 # FIXME: we should make config file permissions right
139 # and run as neutron user
140 #command: "/usr/bin/bootstrap_host_exec neutron_api su neutron -s /bin/bash -c 'neutron-db-manage upgrade heads'"
144 image: *neutron_api_image
150 - {get_attr: [ContainersCommon, volumes]}
152 - /var/lib/kolla/config_files/neutron_api.json:/var/lib/kolla/config_files/config.json:ro
153 - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
154 - /var/log/containers/neutron:/var/log/neutron
155 - /var/log/containers/httpd/neutron-api:/var/log/httpd
157 - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
159 - internal_tls_enabled
160 - neutron_server_tls_proxy:
161 image: *neutron_api_image
167 - {get_attr: [ContainersCommon, volumes]}
169 - /var/lib/kolla/config_files/neutron_server_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
170 - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
171 - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
172 - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
174 - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
177 - name: create persistent logs directory
182 - /var/log/containers/neutron
183 - /var/log/containers/httpd/neutron-api
185 - name: Check if neutron_server is deployed
186 command: systemctl is-enabled neutron-server
189 register: neutron_server_enabled
190 - name: "PreUpgrade step0,validation: Check service neutron-server is running"
191 shell: /usr/bin/systemctl show 'neutron-server' --property ActiveState | grep '\bactive\b'
192 when: neutron_server_enabled.rc == 0
193 tags: step0,validation
194 - name: Stop and disable neutron_api service
196 when: neutron_server_enabled.rc == 0
197 service: name=neutron-server state=stopped enabled=no
198 - name: Remove openstack-neutron package if operator requests it
199 yum: name=openstack-neutron state=removed
202 when: {get_param: UpgradeRemoveUnusedPackages}
204 get_attr: [NeutronBase, role_data, metadata_settings]