docker/services/pacemaker/database/redis.yaml

   1 heat_template_version: pike
   2
   3 description: >
   4   OpenStack containerized Redis services
   5
   6 parameters:
   7   DockerRedisImage:
   8     description: image
   9     type: string
  10   DockerRedisConfigImage:
  11     description: The container image to use for the redis config_volume
  12     type: string
  13   EndpointMap:
  14     default: {}
  15     description: Mapping of service endpoint -> protocol. Typically set
  16                  via parameter_defaults in the resource registry.
  17     type: json
  18   ServiceData:
  19     default: {}
  20     description: Dictionary packing service data
  21     type: json
  22   ServiceNetMap:
  23     default: {}
  24     description: Mapping of service_name -> network name. Typically set
  25                  via parameter_defaults in the resource registry.  This
  26                  mapping overrides those in ServiceNetMapDefaults.
  27     type: json
  28   DefaultPasswords:
  29     default: {}
  30     type: json
  31   RoleName:
  32     default: ''
  33     description: Role name on which the service is applied
  34     type: string
  35   RoleParameters:
  36     default: {}
  37     description: Parameters specific to the role
  38     type: json
  39   EnableInternalTLS:
  40     type: boolean
  41     default: false
  42
  43 conditions:
  44
  45   internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
  46
  47 resources:
  48
  49   ContainersCommon:
  50     type: ../../containers-common.yaml
  51
  52   RedisBase:
  53     type: ../../../../puppet/services/database/redis.yaml
  54     properties:
  55       EndpointMap: {get_param: EndpointMap}
  56       ServiceData: {get_param: ServiceData}
  57       ServiceNetMap: {get_param: ServiceNetMap}
  58       DefaultPasswords: {get_param: DefaultPasswords}
  59       RoleName: {get_param: RoleName}
  60       RoleParameters: {get_param: RoleParameters}
  61
  62 outputs:
  63   role_data:
  64     description: Role data for the Redis API role.
  65     value:
  66       service_name: {get_attr: [RedisBase, role_data, service_name]}
  67       config_settings:
  68         map_merge:
  69           - {get_attr: [RedisBase, role_data, config_settings]}
  70           - redis::service_manage: false
  71             redis::notify_service: false
  72             redis::managed_by_cluster_manager: true
  73             tripleo::profile::pacemaker::database::redis_bundle::redis_docker_image: &redis_image_pcmklatest
  74               list_join:
  75                 - ':'
  76                 - - yaql:
  77                       data: {get_param: DockerRedisImage}
  78                       expression: $.data.rightSplit(separator => ":", maxSplits => 1)[0]
  79                   - 'pcmklatest'
  80             tripleo::profile::pacemaker::database::redis_bundle::control_port: 3124
  81             tripleo.redis.firewall_rules:
  82               '108 redis-bundle':
  83                 dport:
  84                   - 3124
  85                   - 6379
  86                   - 26379
  87             tripleo::stunnel::manage_service: false
  88             tripleo::stunnel::foreground: 'yes'
  89       step_config: ""
  90       service_config_settings: {get_attr: [RedisBase, role_data, service_config_settings]}
  91       # BEGIN DOCKER SETTINGS
  92       puppet_config:
  93         config_volume: 'redis'
  94         # NOTE: we need the exec tag to copy /etc/redis.conf.puppet to
  95         # /etc/redis.conf
  96         # https://github.com/arioch/puppet-redis/commit/1c004143223e660cbd433422ff8194508aab9763
  97         puppet_tags: 'exec'
  98         step_config:
  99           get_attr: [RedisBase, role_data, step_config]
 100         config_image: &redis_config_image {get_param: DockerRedisConfigImage}
 101       kolla_config:
 102         /var/lib/kolla/config_files/redis.json:
 103           command: /usr/sbin/pacemaker_remoted
 104           config_files:
 105             - dest: /etc/libqb/force-filesystem-sockets
 106               source: /dev/null
 107               owner: root
 108               perm: '0644'
 109             - source: "/var/lib/kolla/config_files/src/*"
 110               dest: "/"
 111               merge: true
 112               preserve_properties: true
 113               optional: true
 114           permissions:
 115             - path: /var/run/redis
 116               owner: redis:redis
 117               recurse: true
 118             - path: /var/lib/redis
 119               owner: redis:redis
 120               recurse: true
 121             - path: /var/log/redis
 122               owner: redis:redis
 123               recurse: true
 124         /var/lib/kolla/config_files/redis_tls_proxy.json:
 125           command: stunnel /etc/stunnel/stunnel.conf
 126           config_files:
 127             - source: "/var/lib/kolla/config_files/src/*"
 128               dest: "/"
 129               merge: true
 130               preserve_properties: true
 131       docker_config:
 132         step_1:
 133           redis_image_tag:
 134             start_order: 1
 135             detach: false
 136             net: host
 137             user: root
 138             command:
 139               - '/bin/bash'
 140               - '-c'
 141               - str_replace:
 142                   template:
 143                     "/usr/bin/docker tag 'REDIS_IMAGE' 'REDIS_IMAGE_PCMKLATEST'"
 144                   params:
 145                     REDIS_IMAGE: {get_param: DockerRedisImage}
 146                     REDIS_IMAGE_PCMKLATEST: *redis_image_pcmklatest
 147             image: {get_param: DockerRedisImage}
 148             volumes:
 149               - /etc/hosts:/etc/hosts:ro
 150               - /etc/localtime:/etc/localtime:ro
 151               - /dev/shm:/dev/shm:rw
 152               - /etc/sysconfig/docker:/etc/sysconfig/docker:ro
 153               - /usr/bin:/usr/bin:ro
 154               - /var/run/docker.sock:/var/run/docker.sock:rw
 155         step_2:
 156           map_merge:
 157             - redis_init_bundle:
 158                 start_order: 2
 159                 detach: false
 160                 net: host
 161                 user: root
 162                 config_volume: 'redis_init_bundle'
 163                 command:
 164                   - '/bin/bash'
 165                   - '-c'
 166                   - str_replace:
 167                       template:
 168                         list_join:
 169                           - '; '
 170                           - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
 171                             - "FACTER_uuid=docker puppet apply --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
 172                       params:
 173                         TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
 174                         CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::database::redis_bundle'
 175                 image: *redis_config_image
 176                 volumes:
 177                   - /etc/hosts:/etc/hosts:ro
 178                   - /etc/localtime:/etc/localtime:ro
 179                   - /etc/puppet:/tmp/puppet-etc:ro
 180                   - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
 181                   - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
 182                   - /dev/shm:/dev/shm:rw
 183             - if:
 184                 - internal_tls_enabled
 185                 - redis_tls_proxy:
 186                     start_order: 3
 187                     image: *redis_image_pcmklatest
 188                     net: host
 189                     user: root
 190                     restart: always
 191                     volumes:
 192                       list_concat:
 193                         - {get_attr: [ContainersCommon, volumes]}
 194                         -
 195                           - /var/lib/kolla/config_files/redis_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
 196                           - /var/lib/config-data/puppet-generated/redis/:/var/lib/kolla/config_files/src:ro
 197                           - /etc/pki/tls/certs/redis.crt:/etc/pki/tls/certs/redis.crt:ro
 198                           - /etc/pki/tls/private/redis.key:/etc/pki/tls/private/redis.key:ro
 199                     environment:
 200                       - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
 201                 - {}
 202       metadata_settings:
 203         get_attr: [RedisBase, role_data, metadata_settings]
 204       host_prep_tasks:
 205         - name: create /var/run/redis
 206           file:
 207             path: /var/run/redis
 208             state: directory
 209         - name: create /var/log/redis
 210           file:
 211             path: /var/log/redis
 212             state: directory
 213         - name: create /var/lib/redis
 214           file:
 215             path: /var/lib/redis
 216             state: directory
 217       upgrade_tasks:
 218         - name: get bootstrap nodeid
 219           tags: common
 220           command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
 221           register: bootstrap_node
 222         - name: set is_bootstrap_node fact
 223           tags: common
 224           set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
 225         - name: Check cluster resource status
 226           tags: step2
 227           pacemaker_resource:
 228             resource: {get_attr: [RedisBase, role_data, service_name]}
 229             state: master
 230             check_mode: true
 231           ignore_errors: true
 232           register: redis_res
 233         - name: Disable the redis cluster resource
 234           tags: step2
 235           pacemaker_resource:
 236             resource: {get_attr: [RedisBase, role_data, service_name]}
 237             state: disable
 238             wait_for_resource: true
 239           register: output
 240           retries: 5
 241           until: output.rc == 0
 242           when: is_bootstrap_node and redis_res|succeeded
 243         - name: Delete the stopped redis cluster resource.
 244           tags: step2
 245           pacemaker_resource:
 246             resource: {get_attr: [RedisBase, role_data, service_name]}
 247             state: delete
 248             wait_for_resource: true
 249           register: output
 250           retries: 5
 251           until: output.rc == 0
 252           when: is_bootstrap_node and redis_res|succeeded
 253         - name: Disable redis service
 254           tags: step2
 255           service: name=redis enabled=no