default: {}
description: Parameters specific to the role
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
+ ContainersCommon:
+ type: ../../containers-common.yaml
+
RedisBase:
type: ../../../../puppet/services/database/redis.yaml
properties:
- 3124
- 6379
- 26379
+ tripleo::stunnel::manage_service: false
+ tripleo::stunnel::foreground: 'yes'
step_config: ""
service_config_settings: {get_attr: [RedisBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
- path: /var/log/redis
owner: redis:redis
recurse: true
+ /var/lib/kolla/config_files/redis_tls_proxy.json:
+ command: stunnel /etc/stunnel/stunnel.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_1:
redis_image_tag:
- /usr/bin:/usr/bin:ro
- /var/run/docker.sock:/var/run/docker.sock:rw
step_2:
- redis_init_bundle:
- start_order: 2
- detach: false
- net: host
- user: root
- config_volume: 'redis_init_bundle'
- command:
- - '/bin/bash'
- - '-c'
- - str_replace:
- template:
- list_join:
- - '; '
- - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
- - "FACTER_uuid=docker puppet apply --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
- params:
- TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
- CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::database::redis_bundle'
- image: *redis_config_image
- volumes:
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /etc/puppet:/tmp/puppet-etc:ro
- - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- - /dev/shm:/dev/shm:rw
+ map_merge:
+ - redis_init_bundle:
+ start_order: 2
+ detach: false
+ net: host
+ user: root
+ config_volume: 'redis_init_bundle'
+ command:
+ - '/bin/bash'
+ - '-c'
+ - str_replace:
+ template:
+ list_join:
+ - '; '
+ - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
+ - "FACTER_uuid=docker puppet apply --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
+ params:
+ TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
+ CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::database::redis_bundle'
+ image: *redis_config_image
+ volumes:
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
+ - /dev/shm:/dev/shm:rw
+ - if:
+ - internal_tls_enabled
+ - redis_tls_proxy:
+ start_order: 3
+ image: *redis_image_pcmklatest
+ net: host
+ user: root
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/redis_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/redis/:/var/lib/kolla/config_files/src:ro
+ - /etc/pki/tls/certs/redis.crt:/etc/pki/tls/certs/redis.crt:ro
+ - /etc/pki/tls/private/redis.key:/etc/pki/tls/private/redis.key:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ - {}
+ metadata_settings:
+ get_attr: [RedisBase, role_data, metadata_settings]
host_prep_tasks:
- name: create /var/run/redis
file:
Code Review / apex-tripleo-heat-templates.git / commitdiff