1 heat_template_version: pike
4 OpenStack containerized Neutron API service
10 DockerNeutronConfigImage:
11 description: The container image to use for the neutron config_volume
15 description: Mapping of service endpoint -> protocol. Typically set
16 via parameter_defaults in the resource registry.
20 description: Mapping of service_name -> network name. Typically set
21 via parameter_defaults in the resource registry. This
22 mapping overrides those in ServiceNetMapDefaults.
29 description: Role name on which the service is applied
33 description: Parameters specific to the role
41 internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
46 type: ./containers-common.yaml
49 type: ../../puppet/services/neutron-api.yaml
51 EndpointMap: {get_param: EndpointMap}
52 ServiceNetMap: {get_param: ServiceNetMap}
53 DefaultPasswords: {get_param: DefaultPasswords}
54 RoleName: {get_param: RoleName}
55 RoleParameters: {get_param: RoleParameters}
59 description: Role data for the Neutron API role.
61 service_name: {get_attr: [NeutronBase, role_data, service_name]}
64 - get_attr: [NeutronBase, role_data, config_settings]
65 step_config: &step_config
66 get_attr: [NeutronBase, role_data, step_config]
67 service_config_settings: {get_attr: [NeutronBase, role_data, service_config_settings]}
68 # BEGIN DOCKER SETTINGS
70 config_volume: neutron
71 puppet_tags: neutron_config,neutron_api_config
72 step_config: *step_config
73 config_image: {get_param: DockerNeutronConfigImage}
75 /var/lib/kolla/config_files/neutron_api.json:
76 command: /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-server
78 - source: "/var/lib/kolla/config_files/src/*"
81 preserve_properties: true
83 - path: /var/log/neutron
84 owner: neutron:neutron
86 /var/lib/kolla/config_files/neutron_server_tls_proxy.json:
87 command: /usr/sbin/httpd -DFOREGROUND
89 - source: "/var/lib/kolla/config_files/src/*"
92 preserve_properties: true
94 # db sync runs before permissions set by kolla_config
97 image: &neutron_api_image {get_param: DockerNeutronApiImage}
101 - /var/log/containers/neutron:/var/log/neutron
102 command: ['/bin/bash', '-c', 'chown -R neutron:neutron /var/log/neutron']
105 image: *neutron_api_image
112 - {get_attr: [ContainersCommon, volumes]}
114 - /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro
115 - /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro
116 - /var/log/containers/neutron:/var/log/neutron
117 command: ['/usr/bin/bootstrap_host_exec', 'neutron_api', 'neutron-db-manage', 'upgrade', 'heads']
118 # FIXME: we should make config file permissions right
119 # and run as neutron user
120 #command: "/usr/bin/bootstrap_host_exec neutron_api su neutron -s /bin/bash -c 'neutron-db-manage upgrade heads'"
124 image: *neutron_api_image
130 - {get_attr: [ContainersCommon, volumes]}
132 - /var/lib/kolla/config_files/neutron_api.json:/var/lib/kolla/config_files/config.json:ro
133 - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
134 - /var/log/containers/neutron:/var/log/neutron
136 - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
138 - internal_tls_enabled
139 - neutron_server_tls_proxy:
140 image: *neutron_api_image
146 - {get_attr: [ContainersCommon, volumes]}
148 - /var/lib/kolla/config_files/neutron_server_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
149 - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
150 - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
151 - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
153 - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
156 - name: create persistent logs directory
158 path: /var/log/containers/neutron
161 - name: Stop and disable neutron_api service
163 service: name=neutron-server state=stopped enabled=no
165 get_attr: [NeutronBase, role_data, metadata_settings]