default: {}
description: Parameters specific to the role
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+ UpgradeRemoveUnusedPackages:
+ default: false
+ description: Remove package if the service is being disabled during upgrade
+ type: boolean
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaApiBase:
type: ../../puppet/services/nova-api.yaml
properties:
map_merge:
- get_attr: [NovaApiBase, role_data, config_settings]
- apache::default_vhost: false
- nova_wsgi_enabled: false
- nova::api::service_name: '%{::nova::params::api_service_name}'
- nova::wsgi::apache_api::ssl: false
+ logging_source: {get_attr: [NovaApiBase, role_data, logging_source]}
+ logging_groups: {get_attr: [NovaApiBase, role_data, logging_groups]}
step_config: &step_config
list_join:
- "\n"
- - "['Nova_cell_v2'].each |String $val| { noop_resource($val) }"
- {get_attr: [NovaApiBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
config_image: {get_param: DockerNovaConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_api.json:
- command: /usr/bin/nova-api
+ command: /usr/sbin/httpd -DFOREGROUND
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
user: root
volumes:
- /var/log/containers/nova:/var/log/nova
+ - /var/log/containers/httpd/nova-api:/var/log/httpd
command: ['/bin/bash', '-c', 'chown -R nova:nova /var/log/nova']
step_3:
nova_api_db_sync:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
+ - /var/lib/config-data/nova/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro
- /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
- /var/log/containers/nova:/var/log/nova
+ - /var/log/containers/httpd/nova-api:/var/log/httpd
command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage api_db sync'"
# FIXME: we probably want to wait on the 'cell_v2 update' in order for this
# to be capable of upgrading a baremetal setup. This is to ensure the name
start_order: 2
image: *nova_api_image
net: host
- user: nova
+ user: root
privileged: true
restart: always
volumes:
- /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/nova:/var/log/nova
+ - /var/log/containers/httpd/nova-api:/var/log/httpd
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
nova_api_cron:
user: root
privileged: false
restart: always
+ healthcheck:
+ test: /bin/true
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- /var/lib/kolla/config_files/nova_api_cron.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/nova:/var/log/nova
+ - /var/log/containers/httpd/nova-api:/var/log/httpd
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
step_5:
detach: false
volumes: *nova_api_bootstrap_volumes
user: root
- command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts'"
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts --verbose'"
+ metadata_settings:
+ get_attr: [NovaApiBase, role_data, metadata_settings]
host_prep_tasks:
- name: create persistent logs directory
file:
- path: /var/log/containers/nova
+ path: "{{ item }}"
state: directory
+ with_items:
+ - /var/log/containers/nova
+ - /var/log/containers/httpd/nova-api
upgrade_tasks:
- name: Stop and disable nova_api service
tags: step2
service: name=openstack-nova-api state=stopped enabled=no
+ - name: Remove openstack-nova-api package if operator requests it
+ yum: name=openstack-nova-api state=removed
+ tags: step2
+ ignore_errors: True
+ when: {get_param: UpgradeRemoveUnusedPackages}
+ - name: remove old nova cron jobs
+ tags: step2
+ file:
+ path: /var/spool/cron/nova
+ state: absent