Code Review
/
apex-tripleo-heat-templates.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Merge "Bind mount needed cert for haproxy for HA too"
[apex-tripleo-heat-templates.git]
/
docker
/
services
/
haproxy.yaml
diff --git
a/docker/services/haproxy.yaml
b/docker/services/haproxy.yaml
index
1f8bcfa
..
c24e107
100644
(file)
--- a/
docker/services/haproxy.yaml
+++ b/
docker/services/haproxy.yaml
@@
-12,6
+12,10
@@
parameters:
description: image
default: 'centos-binary-haproxy:latest'
type: string
description: image
default: 'centos-binary-haproxy:latest'
type: string
+ DockerHAProxyConfigImage:
+ description: The container image to use for the haproxy config_volume
+ default: 'centos-binary-haproxy:latest'
+ type: string
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@
-38,6
+42,11
@@
parameters:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
+ DeployedSSLCertificatePath:
+ default: '/etc/pki/tls/private/overcloud_endpoint.pem'
+ description: >
+ The filepath of the certificate as it will be stored in the controller.
+ type: string
RedisPassword:
description: The password for Redis
type: string
RedisPassword:
description: The password for Redis
type: string
@@
-85,26
+94,41
@@
outputs:
config_volume: haproxy
puppet_tags: haproxy_config
step_config: *step_config
config_volume: haproxy
puppet_tags: haproxy_config
step_config: *step_config
- config_image:
&haproxy_image
+ config_image:
list_join:
- '/'
list_join:
- '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyImage} ]
+ - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyConfigImage} ]
+ volumes: &deployed_cert_mount
+ - list_join:
+ - ':'
+ - - {get_param: DeployedSSLCertificatePath}
+ - {get_param: DeployedSSLCertificatePath}
+ - 'ro'
kolla_config:
/var/lib/kolla/config_files/haproxy.json:
command: haproxy -f /etc/haproxy/haproxy.cfg
kolla_config:
/var/lib/kolla/config_files/haproxy.json:
command: haproxy -f /etc/haproxy/haproxy.cfg
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_1:
haproxy:
docker_config:
step_1:
haproxy:
- image: *haproxy_image
+ image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyImage} ]
net: host
privileged: false
restart: always
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
net: host
privileged: false
restart: always
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
+ - *deployed_cert_mount
-
- /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro
-
- /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/
haproxy/etc/:/etc/
:ro
+ - /var/lib/config-data/
puppet-generated/haproxy/:/var/lib/kolla/config_files/src
:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
metadata_settings:
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
metadata_settings: