Code Review / apex-tripleo-heat-templates.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "Rename service_workflow_tasks into workflow_tasks" into stable/pike
[apex-tripleo-heat-templates.git] / docker / services / nova-libvirt.yaml
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index 4741408..d20c093 100644 (file)
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -113,7 +113,10 @@ outputs:
     value:
       service_name: {get_attr: [NovaLibvirtBase, role_data, service_name]}
       config_settings:
-        get_attr: [NovaLibvirtBase, role_data, config_settings]
+        map_merge:
+          - get_attr: [NovaLibvirtBase, role_data, config_settings]
+          - tripleo::profile::base::certmonger_user::libvirt_postsave_cmd: "true" # TODO: restart the libvirt container here
+
       step_config: &step_config
         list_join:
           - "\n"
@@ -201,6 +204,17 @@ outputs:
                   - /var/lib/libvirt:/var/lib/libvirt
                   - /var/log/libvirt/qemu:/var/log/libvirt/qemu:ro
                   - /var/log/containers/nova:/var/log/nova
+                  - /var/lib/vhost_sockets:/var/lib/vhost_sockets
+                -
+                  if:
+                    - use_tls_for_live_migration
+                    -
+                      - /etc/ipa/ca.crt:/etc/pki/CA/cacert.pem:ro
+                      - /etc/pki/libvirt/servercert.pem:/etc/pki/libvirt/servercert.pem:ro
+                      - /etc/pki/libvirt/private/serverkey.pem:/etc/pki/libvirt/private/serverkey.pem:ro
+                      - /etc/pki/libvirt/clientcert.pem:/etc/pki/libvirt/clientcert.pem:ro
+                      - /etc/pki/libvirt/private/clientkey.pem:/etc/pki/libvirt/private/clientkey.pem:ro
+                    - null
             environment:
               - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
         step_4:
@@ -239,6 +253,30 @@ outputs:
             - /etc/libvirt/qemu
             - /var/lib/libvirt
             - /var/log/containers/nova
+        # qemu user on host will be cretaed by libvirt package install, ensure
+        # the qemu user created with same uid/gid as like libvirt package.
+        # These specific values are required since ovs is running on host.
+        # Once ovs with DPDK is containerized, we could modify this uid/gid
+        # to match with kolla config values.
+        - name: ensure qemu group is present on the host
+          group:
+            name: qemu
+            gid: 107
+            state: present
+        - name: ensure qemu user is present on the host
+          user:
+            name: qemu
+            uid: 107
+            group: qemu
+            state: present
+            shell: /sbin/nologin
+            comment: qemu user
+        - name: create directory for vhost-user sockets with qemu ownership
+          file:
+            path: /var/lib/vhost_sockets
+            state: directory
+            owner: qemu
+            group: qemu
         - name: ensure ceph configurations exist
           file:
             path: /etc/ceph
@@ -256,6 +294,8 @@ outputs:
             - libvirtd.service
             - virtlogd.socket
           when: libvirt_installed.rc == 0
+      metadata_settings:
+        get_attr: [NovaLibvirtBase, role_data, metadata_settings]
       upgrade_tasks:
         - name: Stop and disable libvirtd service
           tags: step2