X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=docker%2Fservices%2Fnova-api.yaml;h=7f1b7a54db796fd223eb195374c8a33466c60b7e;hb=4290af63ca4d6d3d7080422979bcb5592b3160d2;hp=4bec803593bad93c33bdad6afc69f20363c0bb53;hpb=9e74d2d0acdc44e90c3be7a907d194d6102a830c;p=apex-tripleo-heat-templates.git diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml index 4bec8035..7f1b7a54 100644 --- a/docker/services/nova-api.yaml +++ b/docker/services/nova-api.yaml @@ -36,12 +36,26 @@ parameters: default: {} description: Parameters specific to the role type: json + EnableInternalTLS: + type: boolean + default: false + UpgradeRemoveUnusedPackages: + default: false + description: Remove package if the service is being disabled during upgrade + type: boolean + +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: ContainersCommon: type: ./containers-common.yaml + MySQLClient: + type: ../../puppet/services/database/mysql-client.yaml + NovaApiBase: type: ../../puppet/services/nova-api.yaml properties: @@ -61,14 +75,14 @@ outputs: map_merge: - get_attr: [NovaApiBase, role_data, config_settings] - apache::default_vhost: false - nova_wsgi_enabled: false - nova::api::service_name: '%{::nova::params::api_service_name}' - nova::wsgi::apache_api::ssl: false + logging_source: {get_attr: [NovaApiBase, role_data, logging_source]} + logging_groups: {get_attr: [NovaApiBase, role_data, logging_groups]} step_config: &step_config list_join: - "\n" - - "['Nova_cell_v2'].each |String $val| { noop_resource($val) }" - {get_attr: [NovaApiBase, role_data, step_config]} + - {get_attr: [MySQLClient, role_data, step_config]} service_config_settings: {get_attr: [NovaApiBase, role_data, service_config_settings]} # BEGIN DOCKER SETTINGS puppet_config: @@ -78,7 +92,7 @@ outputs: config_image: {get_param: DockerNovaConfigImage} kolla_config: /var/lib/kolla/config_files/nova_api.json: - command: /usr/bin/nova-api + command: /usr/sbin/httpd -DFOREGROUND config_files: - source: "/var/lib/kolla/config_files/src/*" dest: "/" @@ -108,6 +122,7 @@ outputs: user: root volumes: - /var/log/containers/nova:/var/log/nova + - /var/log/containers/httpd/nova-api:/var/log/httpd command: ['/bin/bash', '-c', 'chown -R nova:nova /var/log/nova'] step_3: nova_api_db_sync: @@ -120,8 +135,10 @@ outputs: list_concat: - {get_attr: [ContainersCommon, volumes]} - + - /var/lib/config-data/nova/etc/my.cnf.d/tripleo.cnf:/etc/my.cnf.d/tripleo.cnf:ro - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro - /var/log/containers/nova:/var/log/nova + - /var/log/containers/httpd/nova-api:/var/log/httpd command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage api_db sync'" # FIXME: we probably want to wait on the 'cell_v2 update' in order for this # to be capable of upgrading a baremetal setup. This is to ensure the name @@ -159,7 +176,7 @@ outputs: start_order: 2 image: *nova_api_image net: host - user: nova + user: root privileged: true restart: always volumes: @@ -169,6 +186,17 @@ outputs: - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro - /var/log/containers/nova:/var/log/nova + - /var/log/containers/httpd/nova-api:/var/log/httpd + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro + - '' environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS nova_api_cron: @@ -177,6 +205,8 @@ outputs: user: root privileged: false restart: always + healthcheck: + test: /bin/true volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} @@ -184,6 +214,7 @@ outputs: - /var/lib/kolla/config_files/nova_api_cron.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro - /var/log/containers/nova:/var/log/nova + - /var/log/containers/httpd/nova-api:/var/log/httpd environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS step_5: @@ -194,13 +225,28 @@ outputs: detach: false volumes: *nova_api_bootstrap_volumes user: root - command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts'" + command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts --verbose'" + metadata_settings: + get_attr: [NovaApiBase, role_data, metadata_settings] host_prep_tasks: - name: create persistent logs directory file: - path: /var/log/containers/nova + path: "{{ item }}" state: directory + with_items: + - /var/log/containers/nova + - /var/log/containers/httpd/nova-api upgrade_tasks: - name: Stop and disable nova_api service tags: step2 service: name=openstack-nova-api state=stopped enabled=no + - name: Remove openstack-nova-api package if operator requests it + yum: name=openstack-nova-api state=removed + tags: step2 + ignore_errors: True + when: {get_param: UpgradeRemoveUnusedPackages} + - name: remove old nova cron jobs + tags: step2 + file: + path: /var/spool/cron/nova + state: absent