TripleO currently relies on Kolla docker containers. Kolla supports container
customization and we are making use of this feature within TripleO to inject
-puppet (our configuration tool of choice) into the Kolla base images. To
-build Kolla images for TripleO adjust your kolla config to build your
+puppet (our configuration tool of choice) into the Kolla base images. The
+undercloud nova-scheduler also requires openstack-tripleo-common to
+provide custom filters.
+
+To build Kolla images for TripleO adjust your kolla config to build your
centos base image with puppet using the example below:
.. code-block::
$ cat template-overrides.j2
{% extends parent_template %}
{% set base_centos_binary_packages_append = ['puppet'] %}
+{% set nova_scheduler_packages_append = ['openstack-tripleo-common'] %}
kolla-build --base centos --template-override template-overrides.j2
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ OpenStack containerized Nova API service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerNovaApiImage:
+ description: image
+ default: 'centos-binary-nova-api:latest'
+ type: string
+ DockerNovaBaseImage:
+ description: image
+ default: 'centos-binary-nova-base:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+
+resources:
+
+ NovaApiBase:
+ type: ../../puppet/services/nova-api.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+
+outputs:
+ role_data:
+ description: Role data for the Nova API role.
+ value:
+ service_name: {get_attr: [NovaApiBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - get_attr: [NovaApiBase, role_data, config_settings]
+ - apache::default_vhost: false
+ step_config: {get_attr: [NovaApiBase, role_data, step_config]}
+ service_config_settings: {get_attr: [NovaApiBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ docker_image: &nova_api_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaApiImage} ]
+ puppet_tags: nova_config
+ config_volume: nova
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/nova_api.json:
+ command: /usr/bin/nova-api
+ config_files:
+ - dest: /etc/nova/nova.conf
+ owner: nova
+ perm: '0640'
+ source: /var/lib/kolla/config_files/src/etc/nova/nova.conf
+ docker_config:
+ step_3:
+ nova_api_db_sync:
+ start_order: 1
+ image: *nova_api_image
+ net: host
+ detach: false
+ volumes: &nova_api_volumes
+ - /var/lib/config-data/nova/etc/:/etc/:ro
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ command: ['/usr/bin/nova-manage', 'api_db', 'sync']
+ # FIXME: we probably want to wait on the 'cell_v2 update' in order for this
+ # to be capable of upgrading a baremetal setup. This is to ensure the name
+ # of the cell is 'default'
+ nova_api_map_cell0:
+ start_order: 2
+ image: *nova_api_image
+ net: host
+ detach: false
+ volumes: *nova_api_volumes
+ command:
+ - '/usr/bin/nova-manage'
+ - 'cell_v2'
+ - 'map_cell0'
+ nova_api_create_default_cell:
+ start_order: 3
+ image: *nova_api_image
+ net: host
+ detach: false
+ volumes: *nova_api_volumes
+ # NOTE: allowing the exit code 2 is a dirty way of making
+ # this idempotent (if the resource already exists a conflict
+ # is raised)
+ exit_codes: [0,2]
+ command:
+ - '/usr/bin/nova-manage'
+ - 'cell_v2'
+ - 'create_cell'
+ - '--name="default"'
+ nova_db_sync:
+ start_order: 4
+ image: *nova_api_image
+ net: host
+ detach: false
+ volumes: *nova_api_volumes
+ command: ['/usr/bin/nova-manage', 'db', 'sync']
+ step_4:
+ nova_api:
+ start_order: 2
+ image: *nova_api_image
+ net: host
+ user: nova
+ privileged: true
+ restart: always
+ volumes:
+ - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova/:/var/lib/kolla/config_files/src:ro
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
perm: '0600'
source: /var/lib/kolla/config_files/src/etc/nova/rootwrap.conf
docker_config:
+ # FIXME: run discover hosts here
step_4:
novacompute:
image: *nova_compute_image
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ OpenStack containerized Nova Conductor service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerNovaConductorImage:
+ description: image
+ default: 'centos-binary-nova-conductor:latest'
+ type: string
+ DockerNovaBaseImage:
+ description: image
+ default: 'centos-binary-nova-base:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+
+
+resources:
+
+ NovaConductorBase:
+ type: ../../puppet/services/nova-conductor.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+
+outputs:
+ role_data:
+ description: Role data for the Nova Conductor service.
+ value:
+ service_name: {get_attr: [NovaConductorBase, role_data, service_name]}
+ config_settings: {get_attr: [NovaConductorBase, role_data, config_settings]}
+ step_config: {get_attr: [NovaConductorBase, role_data, step_config]}
+ service_config_settings: {get_attr: [NovaConductorBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ docker_image: &nova_conductor_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaConductorImage} ]
+ puppet_tags: nova_config
+ config_volume: nova
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/nova_conductor.json:
+ command: /usr/bin/nova-conductor
+ config_files:
+ - dest: /etc/nova/nova.conf
+ owner: nova
+ perm: '0600'
+ source: /var/lib/kolla/config_files/src/etc/nova/nova.conf
+ docker_config:
+ step_4:
+ nova_conductor:
+ image: *nova_conductor_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ - /run:/run
+ - /var/lib/kolla/config_files/nova_conductor.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova/:/var/lib/kolla/config_files/src:ro
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ OpenStack containerized Nova Ironic Compute service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerNovaComputeImage:
+ description: image
+ default: 'centos-binary-nova-compute-ironic:latest'
+ type: string
+ DockerNovaBaseImage:
+ description: image
+ default: 'centos-binary-nova-base:latest'
+ type: string
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+resources:
+
+
+ NovaIronicBase:
+ type: ../../puppet/services/nova-ironic.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Nova Compute service.
+ value:
+ service_name: {get_attr: [NovaIronicBase, role_data, service_name]}
+ config_settings: {get_attr: [NovaIronicBase, role_data, config_settings]}
+ step_config: {get_attr: [NovaIronicBase, role_data, step_config]}
+ puppet_tags: nova_config,nova_paste_api_ini
+ docker_image: &nova_ironic_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaComputeImage} ]
+ config_volume: nova
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/nova_ironic.json:
+ command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf
+ config_files:
+ - dest: /etc/nova/nova.conf
+ owner: nova
+ perm: '0600'
+ source: /var/lib/kolla/config_files/src/etc/nova/nova.conf
+ - dest: /etc/nova/rootwrap.conf
+ owner: nova
+ perm: '0600'
+ source: /var/lib/kolla/config_files/src/etc/nova/rootwrap.conf
+ docker_config:
+ step_5:
+ novacompute:
+ image: *nova_ironic_image
+ net: host
+ privileged: true
+ user: root
+ restart: always
+ volumes:
+ - /var/lib/kolla/config_files/nova_ironic.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova:/var/lib/kolla/config_files/src:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /run:/run
+ - /dev:/dev
+ - /etc/iscsi:/etc/iscsi
+ - nova_compute:/var/lib/nova/
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ OpenStack containerized Nova Metadata service
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+
+
+resources:
+
+ NovaMetadataBase:
+ type: ../../puppet/services/nova-metadata.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+
+outputs:
+ role_data:
+ description: Role data for the Nova Metadata service.
+ value:
+ service_name: {get_attr: [NovaMetadataBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - get_attr: [NovaMetadataBase, role_data, config_settings]
+ step_config: {get_attr: [NovaMetadataBase, role_data, step_config]}
+ service_config_settings: {get_attr: [NovaMetadataBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ docker_image: ''
+ puppet_tags: ''
+ config_volume: ''
+ config_image: ''
+ kolla_config: {}
+ docker_config: {}
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ OpenStack containerized Nova Placement API service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerNovaPlacementImage:
+ description: image
+ default: 'centos-binary-nova-placement-api'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+
+resources:
+
+ NovaPlacementBase:
+ type: ../../puppet/services/nova-placement.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+
+outputs:
+ role_data:
+ description: Role data for the Nova Placement API role.
+ value:
+ service_name: {get_attr: [NovaPlacementBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - get_attr: [NovaPlacementBase, role_data, config_settings]
+ - apache::default_vhost: false
+ step_config: {get_attr: [NovaPlacementBase, role_data, step_config]}
+ service_config_settings: {get_attr: [NovaPlacementBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ docker_image: &nova_placement_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaPlacementImage} ]
+ puppet_tags: nova_config
+ config_volume: nova_placement
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaPlacementImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/nova_placement.json:
+ command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - dest: /etc/nova/nova.conf
+ owner: nova
+ perm: '0640'
+ source: /var/lib/kolla/config_files/src/etc/nova/nova.conf
+ - dest: /etc/httpd/conf.d/10-placement_wsgi.conf
+ owner: root
+ perm: '0644'
+ source: /var/lib/kolla/config_files/src/etc/httpd/conf.d/10-placement_wsgi.conf
+ - dest: /etc/httpd/conf/httpd.conf
+ owner: root
+ perm: '0644'
+ source: /var/lib/kolla/config_files/src/etc/httpd/conf/httpd.conf
+ - dest: /etc/httpd/conf/ports.conf
+ owner: root
+ perm: '0644'
+ source: /var/lib/kolla/config_files/src/etc/httpd/conf/ports.conf
+ - dest: /var/www/cgi-bin/nova/nova-placement-api
+ owner: nova
+ perm: '0644'
+ source: /var/lib/kolla/config_files/src/var/www/cgi-bin/nova/nova-placement-api
+ docker_config:
+ # start this early so it is up before computes start reporting
+ step_3:
+ nova_placement:
+ start_order: 1
+ image: *nova_placement_image
+ net: host
+ user: root
+ restart: always
+ volumes:
+ - /var/lib/kolla/config_files/nova_placement.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova_placement/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/config-data/nova_placement/etc/httpd/conf.modules.d:/etc/httpd/conf.modules.d:ro
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ OpenStack containerized Nova Scheduler service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerNovaSchedulerImage:
+ description: image
+ default: 'centos-binary-nova-scheduler:latest'
+ type: string
+ DockerNovaBaseImage:
+ description: image
+ default: 'centos-binary-nova-base:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+
+resources:
+
+ NovaSchedulerBase:
+ type: ../../puppet/services/nova-scheduler.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+
+outputs:
+ role_data:
+ description: Role data for the Nova Scheduler service.
+ value:
+ service_name: {get_attr: [NovaSchedulerBase, role_data, service_name]}
+ config_settings: {get_attr: [NovaSchedulerBase, role_data, config_settings]}
+ step_config: {get_attr: [NovaSchedulerBase, role_data, step_config]}
+ service_config_settings: {get_attr: [NovaSchedulerBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ docker_image: &nova_scheduler_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaSchedulerImage} ]
+ puppet_tags: nova_config
+ config_volume: nova
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/nova_scheduler.json:
+ command: /usr/bin/nova-scheduler
+ config_files:
+ - dest: /etc/nova/nova.conf
+ owner: nova
+ perm: '0600'
+ source: /var/lib/kolla/config_files/src/etc/nova/nova.conf
+ docker_config:
+ step_4:
+ nova_scheduler:
+ image: *nova_scheduler_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ - /run:/run
+ - /var/lib/kolla/config_files/nova_scheduler.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/nova/:/var/lib/kolla/config_files/src:ro
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
Code Review / apex-tripleo-heat-templates.git / commitdiff