net: host
privileged: false
detach: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
- /var/log/containers/aodh:/var/log/aodh
- command: /usr/bin/aodh-dbsync
+ command: "/usr/bin/bootstrap_host_exec aodh_api su aodh -s /bin/bash -c /usr/bin/aodh-dbsync"
step_4:
aodh_api:
image: *aodh_image
value:
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
+ # required for bootstrap_host_exec
+ - /etc/puppet:/etc/puppet:ro
# OpenSSL trusted CAs
- /etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro
- /etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt:ro
net: host
privileged: false
detach: false
+ user: root
volumes: &glance_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ command: "/usr/bin/bootstrap_host_exec glance_api su glance -s /bin/bash -c '/usr/local/bin/kolla_start'"
step_4:
map_merge:
- glance_api:
net: host
detach: false
privileged: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- /var/log/containers/gnocchi:/var/log/gnocchi
- command: ["/usr/bin/gnocchi-upgrade", "--skip-storage"]
+ command: "/usr/bin/bootstrap_host_exec gnocchi_api su gnocchi -s /bin/bash -c '/usr/bin/gnocchi-upgrade --skip-storage'"
step_4:
gnocchi_api:
image: *gnocchi_image
net: host
privileged: false
detach: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
- /var/log/containers/heat:/var/log/heat
- command: ['heat-manage', 'db_sync']
+ command: "/usr/bin/bootstrap_host_exec heat_engine su heat -s /bin/bash -c 'heat-manage db_sync'"
step_4:
heat_engine:
image: *heat_engine_image
net: host
privileged: false
detach: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/ironic/etc/:/etc/:ro
- /var/log/containers/ironic:/var/log/ironic
- command: ['ironic-dbsync', '--config-file', '/etc/ironic/ironic.conf']
+ command: "/usr/bin/bootstrap_host_exec ironic_api su ironic -s /bin/bash -c 'ironic-dbsync --config-file /etc/ironic/ironic.conf'"
step_4:
ironic_api:
start_order: 10
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ command: ['/usr/bin/bootstrap_host_exec', 'keystone', '/usr/local/bin/kolla_start']
keystone:
- start_order: 1
+ start_order: 2
image: *keystone_image
net: host
privileged: false
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
keystone_bootstrap:
- start_order: 2
+ start_order: 3
action: exec
command:
- [ 'keystone', 'keystone-manage', 'bootstrap', '--bootstrap-password', {get_param: AdminPassword} ]
+ [ 'keystone', '/usr/bin/bootstrap_host_exec', 'keystone' ,'keystone-manage', 'bootstrap', '--bootstrap-password', {get_param: AdminPassword} ]
docker_puppet_tasks:
# Keystone endpoint creation occurs only on single node
step_3:
net: host
privileged: false
detach: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/mistral/etc/:/etc/:ro
- /var/log/containers/mistral:/var/log/mistral
- command: ['mistral-db-manage', '--config-file', '/etc/mistral/mistral.conf', 'upgrade', 'head']
+ command: "/usr/bin/bootstrap_host_exec mistral_api su mistral -s /bin/bash -c 'mistral-db-manage --config-file /etc/mistral/mistral.conf upgrade head'"
mistral_db_populate:
start_order: 2
image: *mistral_image
net: host
privileged: false
detach: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- /var/log/containers/mistral:/var/log/mistral
# NOTE: dprince this requires that we install openstack-tripleo-common into
# the Mistral API image so that we get tripleo* actions
- command: ['mistral-db-manage', '--config-file', '/etc/mistral/mistral.conf', 'populate']
+ command: "/usr/bin/bootstrap_host_exec mistral_api su mistral -s /bin/bash -c 'mistral-db-manage --config-file /etc/mistral/mistral.conf populate'"
step_4:
mistral_api:
start_order: 15
net: host
privileged: false
detach: false
- # FIXME: we should make config file permissions right
- # and run as neutron user
user: root
volumes:
list_concat:
- /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro
- /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro
- /var/log/containers/neutron:/var/log/neutron
- command: ['neutron-db-manage', 'upgrade', 'heads']
+ command: ['/usr/bin/bootstrap_host_exec', 'neutron_api', 'neutron-db-manage', 'upgrade', 'heads']
+ # FIXME: we should make config file permissions right
+ # and run as neutron user
+ #command: "/usr/bin/bootstrap_host_exec neutron_api su neutron -s /bin/bash -c 'neutron-db-manage upgrade heads'"
step_4:
map_merge:
- neutron_api:
image: *nova_api_image
net: host
detach: false
+ user: root
volumes: &nova_api_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
- /var/log/containers/nova:/var/log/nova
- command: ['/usr/bin/nova-manage', 'api_db', 'sync']
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage api_db sync'"
# FIXME: we probably want to wait on the 'cell_v2 update' in order for this
# to be capable of upgrading a baremetal setup. This is to ensure the name
# of the cell is 'default'
image: *nova_api_image
net: host
detach: false
+ user: root
volumes: *nova_api_volumes
- command:
- - '/usr/bin/nova-manage'
- - 'cell_v2'
- - 'map_cell0'
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 map_cell0'"
nova_api_create_default_cell:
start_order: 3
image: *nova_api_image
# this idempotent (if the resource already exists a conflict
# is raised)
exit_codes: [0,2]
- command:
- - '/usr/bin/nova-manage'
- - 'cell_v2'
- - 'create_cell'
- - '--name="default"'
+ user: root
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 create_cell --name=default'"
nova_db_sync:
start_order: 4
image: *nova_api_image
net: host
detach: false
volumes: *nova_api_volumes
- command: ['/usr/bin/nova-manage', 'db', 'sync']
+ user: root
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage db sync'"
step_4:
nova_api:
start_order: 2
net: host
detach: false
volumes: *nova_api_volumes
- command:
- - '/usr/bin/nova-manage'
- - 'cell_v2'
- - 'discover_hosts'
+ user: root
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts'"
host_prep_tasks:
- name: create persistent logs directory
file:
net: host
detach: false
privileged: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/panko/etc/panko:/etc/panko:ro
- /var/log/containers/panko:/var/log/panko
- command: /usr/bin/panko-dbsync
+ command: "/usr/bin/bootstrap_host_exec panko_api su panko -s /bin/bash -c '/usr/bin/panko-dbsync'"
step_4:
panko_api:
start_order: 2
Code Review / apex-tripleo-heat-templates.git / commitdiff