docker/services/octavia-api.yaml

   1 heat_template_version: pike
   2
   3 description: >
   4   OpenStack Octavia service configured with Puppet
   5
   6 parameters:
   7   DockerNamespace:
   8     description: namespace
   9     default: 'tripleoupstream'
  10     type: string
  11   DockerOctaviaApiImage:
  12     description: image
  13     default: 'centos-binary-octavia-api:latest'
  14     type: string
  15   DockerOctaviaConfigImage:
  16     description: The container image to use for the octavia config_volume
  17     default: 'centos-binary-octavia-api:latest'
  18     type: string
  19   EndpointMap:
  20     default: {}
  21     description: Mapping of service endpoint -> protocol. Typically set
  22                  via parameter_defaults in the resource registry.
  23     type: json
  24   ServiceData:
  25     default: {}
  26     description: Dictionary packing service data
  27     type: json
  28   ServiceNetMap:
  29     default: {}
  30     description: Mapping of service_name -> network name. Typically set
  31                  via parameter_defaults in the resource registry.  This
  32                  mapping overrides those in ServiceNetMapDefaults.
  33     type: json
  34   DefaultPasswords:
  35     default: {}
  36     type: json
  37   RoleName:
  38     default: ''
  39     description: Role name on which the service is applied
  40     type: string
  41   RoleParameters:
  42     default: {}
  43     description: Parameters specific to the role
  44     type: json
  45   EnableInternalTLS:
  46     type: boolean
  47     default: false
  48
  49 conditions:
  50
  51   internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
  52
  53
  54 resources:
  55
  56   ContainersCommon:
  57     type: ./containers-common.yaml
  58
  59   OctaviaApiPuppetBase:
  60     type: ../../puppet/services/octavia-api.yaml
  61     properties:
  62       EndpointMap: {get_param: EndpointMap}
  63       ServiceData: {get_param: ServiceData}
  64       ServiceNetMap: {get_param: ServiceNetMap}
  65       DefaultPasswords: {get_param: DefaultPasswords}
  66       RoleName: {get_param: RoleName}
  67       RoleParameters: {get_param: RoleParameters}
  68
  69 outputs:
  70   role_data:
  71     description: Role data for the Octavia API role.
  72     value:
  73       service_name: {get_attr: [OctaviaApiPuppetBase, role_data, service_name]}
  74       config_settings: {get_attr: [OctaviaApiPuppetBase, role_data, config_settings]}
  75       step_config: &step_config
  76         get_attr: [OctaviaApiPuppetBase, role_data, step_config]
  77       service_config_settings: {get_attr: [OctaviaApiPuppetBase, role_data, service_config_settings]}
  78       # BEGIN DOCKER SETTINGS #
  79       puppet_config:
  80         config_volume: octavia
  81         puppet_tags: octavia_config
  82         step_config: *step_config
  83         config_image:
  84           list_join:
  85             - '/'
  86             - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaConfigImage} ]
  87       kolla_config:
  88         /var/lib/kolla/config_files/octavia_api.json:
  89           command: /usr/bin/octavia-api --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/api.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-api
  90           config_files:
  91             - source: "/var/lib/kolla/config_files/src/*"
  92               dest: "/"
  93               merge: true
  94               preserve_properties: true
  95         /var/lib/kolla/config_files/octavia_api_tls_proxy.json:
  96           command: /usr/sbin/httpd -DFOREGROUND
  97           config_files:
  98             - source: "/var/lib/kolla/config_files/src/*"
  99               dest: "/"
 100               merge: true
 101               preserve_properties: true
 102       docker_config:
 103         # Kolla_bootstrap/db_sync runs before permissions set by kolla_config
 104         step_2:
 105           octavia_api_init_dirs:
 106             start_order: 0
 107             image: &octavia_api_image
 108               list_join:
 109                 - '/'
 110                 - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaApiImage} ]
 111             user: root
 112             volumes:
 113               # NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d
 114               # It is normally created as part of the RPM install, but it is
 115               # missing here because we use the same config_volume for all
 116               # octavia services, hence the same container image to generate
 117               # configuration.
 118               - /var/lib/config-data/puppet-generated/octavia/etc/octavia:/etc/octavia/
 119               - /var/log/containers/octavia:/var/log/octavia
 120             command: ['/bin/bash', '-c', 'mkdir -p /etc/octavia/conf.d/octavia-api; chown -R octavia:octavia /etc/octavia/conf.d/octavia-api; chown -R octavia:octavia /var/log/octavia']
 121         step_3:
 122           octavia_db_sync:
 123             start_order: 0
 124             image: *octavia_api_image
 125             net: host
 126             privileged: false
 127             detach: false
 128             user: root
 129             volumes:
 130               list_concat:
 131                 - {get_attr: [ContainersCommon, volumes]}
 132                 -
 133                   - /var/lib/config-data/octavia/etc/octavia/:/etc/octavia/:ro
 134                   - /var/log/containers/octavia:/var/log/octavia
 135             command: "/usr/bin/bootstrap_host_exec octavia_api su octavia -s /bin/bash -c '/usr/bin/octavia-db-manage upgrade head'"
 136         step_4:
 137           map_merge:
 138             - octavia_api:
 139                 start_order: 2
 140                 image: *octavia_api_image
 141                 net: host
 142                 privileged: false
 143                 restart: always
 144                 volumes:
 145                   list_concat:
 146                     - {get_attr: [ContainersCommon, volumes]}
 147                     -
 148                       - /var/lib/kolla/config_files/octavia_api.json:/var/lib/kolla/config_files/config.json:ro
 149                       - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro
 150                       - /var/log/containers/octavia:/var/log/octavia
 151                 environment:
 152                   - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
 153             - if:
 154                 - internal_tls_enabled
 155                 - octavia_api_tls_proxy:
 156                     start_order: 2
 157                     image: *octavia_api_image
 158                     net: host
 159                     user: root
 160                     restart: always
 161                     volumes:
 162                       list_concat:
 163                         - {get_attr: [ContainersCommon, volumes]}
 164                         -
 165                           - /var/lib/kolla/config_files/octavia_api_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
 166                           - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro
 167                           - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
 168                           - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
 169                     environment:
 170                       - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
 171                 - {}
 172       host_prep_tasks:
 173         - name: create persistent logs directory
 174           file:
 175             path: /var/log/containers/octavia
 176             state: directory
 177       upgrade_tasks:
 178         - name: Stop and disable octavia_api service
 179           tags: step2
 180           service: name=openstack-octavia-api state=stopped enabled=no