X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=docker%2Fservices%2Fnova-libvirt.yaml;h=f1a48cf103c60edf079e15b2fc62675c7555d5d7;hb=1b04a0f9a521b575d4438d1ee51dea588ad2f984;hp=1b103df4645bc4a905f2fade66830bc312b95be1;hpb=c37481b1e69a249682241c5da097e5c48d452e85;p=apex-tripleo-heat-templates.git

diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml
index 1b103df4..f1a48cf1 100644
--- a/docker/services/nova-libvirt.yaml
+++ b/docker/services/nova-libvirt.yaml
@@ -8,16 +8,20 @@ parameters:
     description: namespace
     default: 'tripleoupstream'
     type: string
-  DockerLibvirtImage:
+  DockerNovaLibvirtImage:
     description: image
     default: 'centos-binary-nova-libvirt:latest'
     type: string
   # we configure libvirt via the nova-compute container due to coupling
   # in the puppet modules
-  DockerNovaConfigImage:
-    description: image
+  DockerNovaLibvirtConfigImage:
+    description: The container image to use for the nova_libvirt config_volume
     default: 'centos-binary-nova-compute:latest'
     type: string
+  EnablePackageInstall:
+    default: 'false'
+    description: Set to true to enable package installation
+    type: boolean
   ServiceNetMap:
     default: {}
     description: Mapping of service_name -> network name. Typically set
@@ -27,11 +31,39 @@ parameters:
   DefaultPasswords:
     default: {}
     type: json
+  RoleName:
+    default: ''
+    description: Role name on which the service is applied
+    type: string
+  RoleParameters:
+    default: {}
+    description: Parameters specific to the role
+    type: json
   EndpointMap:
     default: {}
     description: Mapping of service endpoint -> protocol. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  EnableInternalTLS:
+    type: boolean
+    default: false
+  UseTLSTransportForLiveMigration:
+    type: boolean
+    default: true
+    description: If set to true and if EnableInternalTLS is enabled, it will
+                 set the libvirt URI's transport to tls and configure the
+                 relevant keys for libvirt.
+
+conditions:
+
+  use_tls_for_live_migration:
+    and:
+    - equals:
+      - {get_param: EnableInternalTLS}
+      - true
+    - equals:
+      - {get_param: UseTLSTransportForLiveMigration}
+      - true
 
 resources:
 
@@ -44,6 +76,8 @@ resources:
       EndpointMap: {get_param: EndpointMap}
       ServiceNetMap: {get_param: ServiceNetMap}
       DefaultPasswords: {get_param: DefaultPasswords}
+      RoleName: {get_param: RoleName}
+      RoleParameters: {get_param: RoleParameters}
 
 outputs:
   role_data:
@@ -67,18 +101,26 @@ outputs:
         step_config: *step_config
         config_image:
           list_join:
-          - '/'
-          - [ {get_param: DockerNamespace}, {get_param: DockerNovaConfigImage} ]
+            - '/'
+            - [ {get_param: DockerNamespace}, {get_param: DockerNovaLibvirtConfigImage} ]
       kolla_config:
-        /var/lib/kolla/config_files/nova-libvirt.json:
-          command: /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf
+        /var/lib/kolla/config_files/nova_libvirt.json:
+          command:
+            if:
+              - use_tls_for_live_migration
+              - /usr/sbin/libvirtd --listen --config /etc/libvirt/libvirtd.conf
+              - /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf
+          permissions:
+            - path: /var/log/nova
+              owner: nova:nova
+              recurse: true
       docker_config:
         step_3:
           nova_libvirt:
             image:
               list_join:
               - '/'
-              - [ {get_param: DockerNamespace}, {get_param: DockerLibvirtImage} ]
+              - [ {get_param: DockerNamespace}, {get_param: DockerNovaLibvirtImage} ]
             net: host
             pid: host
             privileged: true
@@ -87,7 +129,7 @@ outputs:
               list_concat:
                 - {get_attr: [ContainersCommon, volumes]}
                 -
-                  - /var/lib/kolla/config_files/nova-libvirt.json:/var/lib/kolla/config_files/config.json:ro
+                  - /var/lib/kolla/config_files/nova_libvirt.json:/var/lib/kolla/config_files/config.json:ro
                   - /var/lib/config-data/nova_libvirt/etc/libvirt/:/etc/libvirt/:ro
                   - /lib/modules:/lib/modules:ro
                   - /dev:/dev
@@ -98,6 +140,8 @@ outputs:
                   - /var/run/libvirt:/var/run/libvirt
                   - /var/lib/libvirt:/var/lib/libvirt
                   - /etc/libvirt/qemu:/etc/libvirt/qemu
+                  - /var/log/libvirt/qemu:/var/log/libvirt/qemu:ro
+                  - /var/log/containers/nova:/var/log/nova
             environment:
               - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
       host_prep_tasks:
@@ -108,6 +152,23 @@ outputs:
           with_items:
             - /etc/libvirt/qemu
             - /var/lib/libvirt
+            - /var/log/containers/nova
+        - name: set enable_package_install fact
+          set_fact:
+            enable_package_install: {get_param: EnablePackageInstall}
+        # We use virtlogd on host, so when using Deployed Server
+        # feature, we need to ensure libvirt is installed.
+        - name: install libvirt-daemon
+          package:
+            name: libvirt-daemon
+            state: present
+          when: enable_package_install
+        - name: start virtlogd socket
+          service:
+            name: virtlogd.socket
+            state: started
+            enabled: yes
+          when: enable_package_install
       upgrade_tasks:
         - name: Stop and disable libvirtd service
           tags: step2