docker/services/nova-libvirt.yaml

   1 heat_template_version: pike
   2
   3 description: >
   4   OpenStack Libvirt Service
   5
   6 parameters:
   7   DockerNamespace:
   8     description: namespace
   9     default: 'tripleoupstream'
  10     type: string
  11   DockerNovaLibvirtImage:
  12     description: image
  13     default: 'centos-binary-nova-libvirt:latest'
  14     type: string
  15   # we configure libvirt via the nova-compute container due to coupling
  16   # in the puppet modules
  17   DockerNovaLibvirtConfigImage:
  18     description: The container image to use for the nova_libvirt config_volume
  19     default: 'centos-binary-nova-compute:latest'
  20     type: string
  21   EnablePackageInstall:
  22     default: 'false'
  23     description: Set to true to enable package installation
  24     type: boolean
  25   ServiceData:
  26     default: {}
  27     description: Dictionary packing service data
  28     type: json
  29   ServiceNetMap:
  30     default: {}
  31     description: Mapping of service_name -> network name. Typically set
  32                  via parameter_defaults in the resource registry.  This
  33                  mapping overrides those in ServiceNetMapDefaults.
  34     type: json
  35   DefaultPasswords:
  36     default: {}
  37     type: json
  38   RoleName:
  39     default: ''
  40     description: Role name on which the service is applied
  41     type: string
  42   RoleParameters:
  43     default: {}
  44     description: Parameters specific to the role
  45     type: json
  46   EndpointMap:
  47     default: {}
  48     description: Mapping of service endpoint -> protocol. Typically set
  49                  via parameter_defaults in the resource registry.
  50     type: json
  51   EnableInternalTLS:
  52     type: boolean
  53     default: false
  54   UseTLSTransportForLiveMigration:
  55     type: boolean
  56     default: true
  57     description: If set to true and if EnableInternalTLS is enabled, it will
  58                  set the libvirt URI's transport to tls and configure the
  59                  relevant keys for libvirt.
  60
  61 conditions:
  62
  63   use_tls_for_live_migration:
  64     and:
  65     - equals:
  66       - {get_param: EnableInternalTLS}
  67       - true
  68     - equals:
  69       - {get_param: UseTLSTransportForLiveMigration}
  70       - true
  71
  72 resources:
  73
  74   ContainersCommon:
  75     type: ./containers-common.yaml
  76
  77   NovaLibvirtBase:
  78     type: ../../puppet/services/nova-libvirt.yaml
  79     properties:
  80       EndpointMap: {get_param: EndpointMap}
  81       ServiceData: {get_param: ServiceData}
  82       ServiceNetMap: {get_param: ServiceNetMap}
  83       DefaultPasswords: {get_param: DefaultPasswords}
  84       RoleName: {get_param: RoleName}
  85       RoleParameters: {get_param: RoleParameters}
  86
  87 outputs:
  88   role_data:
  89     description: Role data for the Libvirt service.
  90     value:
  91       service_name: {get_attr: [NovaLibvirtBase, role_data, service_name]}
  92       config_settings:
  93         map_merge:
  94           - get_attr: [NovaLibvirtBase, role_data, config_settings]
  95           # FIXME: we need to disable migration for now as the
  96           # hieradata is common for all services, and this means nova
  97           # and nova_placement puppet runs also try to configure
  98           # libvirt, and they fail. We can remove this override when
  99           # we have hieradata separation between containers.
 100           - tripleo::profile::base::nova::manage_migration: false
 101       step_config: &step_config
 102         get_attr: [NovaLibvirtBase, role_data, step_config]
 103       puppet_config:
 104         config_volume: nova_libvirt
 105         puppet_tags: nova_config
 106         step_config: *step_config
 107         config_image:
 108           list_join:
 109             - '/'
 110             - [ {get_param: DockerNamespace}, {get_param: DockerNovaLibvirtConfigImage} ]
 111       kolla_config:
 112         /var/lib/kolla/config_files/nova_libvirt.json:
 113           command:
 114             if:
 115               - use_tls_for_live_migration
 116               - /usr/sbin/libvirtd --listen --config /etc/libvirt/libvirtd.conf
 117               - /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf
 118           config_files:
 119             - source: "/var/lib/kolla/config_files/src/*"
 120               dest: "/"
 121               merge: true
 122               preserve_properties: true
 123           permissions:
 124             - path: /var/log/nova
 125               owner: nova:nova
 126               recurse: true
 127       docker_config:
 128         step_3:
 129           nova_libvirt:
 130             image:
 131               list_join:
 132               - '/'
 133               - [ {get_param: DockerNamespace}, {get_param: DockerNovaLibvirtImage} ]
 134             net: host
 135             pid: host
 136             privileged: true
 137             restart: always
 138             volumes:
 139               list_concat:
 140                 - {get_attr: [ContainersCommon, volumes]}
 141                 -
 142                   - /var/lib/kolla/config_files/nova_libvirt.json:/var/lib/kolla/config_files/config.json:ro
 143                   - /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
 144                   - /lib/modules:/lib/modules:ro
 145                   - /dev:/dev
 146                   - /run:/run
 147                   - /sys/fs/cgroup:/sys/fs/cgroup
 148                   - /var/lib/nova:/var/lib/nova
 149                   # Needed to use host's virtlogd
 150                   - /var/run/libvirt:/var/run/libvirt
 151                   - /var/lib/libvirt:/var/lib/libvirt
 152                   - /etc/libvirt/qemu:/etc/libvirt/qemu
 153                   - /var/log/libvirt/qemu:/var/log/libvirt/qemu:ro
 154                   - /var/log/containers/nova:/var/log/nova
 155             environment:
 156               - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
 157       host_prep_tasks:
 158         - name: create libvirt persistent data directories
 159           file:
 160             path: "{{ item }}"
 161             state: directory
 162           with_items:
 163             - /etc/libvirt/qemu
 164             - /var/lib/libvirt
 165             - /var/log/containers/nova
 166         - name: set enable_package_install fact
 167           set_fact:
 168             enable_package_install: {get_param: EnablePackageInstall}
 169         # We use virtlogd on host, so when using Deployed Server
 170         # feature, we need to ensure libvirt is installed.
 171         - name: install libvirt-daemon
 172           package:
 173             name: libvirt-daemon
 174             state: present
 175           when: enable_package_install
 176         - name: start virtlogd socket
 177           service:
 178             name: virtlogd.socket
 179             state: started
 180             enabled: yes
 181           when: enable_package_install
 182       upgrade_tasks:
 183         - name: Stop and disable libvirtd service
 184           tags: step2
 185           service: name=libvirtd state=stopped enabled=no