b3a7cfc43f
Problem: RHEL and CentOS8 will deprecate the usage of Yum. From DNF release note: DNF is the next upcoming major version of yum, a package manager for RPM-based Linux distributions. It roughly maintains CLI compatibility with YUM and defines a strict API for extensions. Solution: Use "package" Ansible module instead of "yum". "package" module is smarter when it comes to detect with package manager runs on the system. The goal of this patch is to support both yum/dnf (dnf will be the default in rhel/centos 8) from a single ansible module. Change-Id: I8e67d6f053e8790fdd0eb52a42035dca3051999e
186 lines
6.8 KiB
YAML
186 lines
6.8 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
OpenStack containerized Nova Consoleauth service
|
|
|
|
parameters:
|
|
DockerNovaConsoleauthImage:
|
|
description: image
|
|
type: string
|
|
DockerNovaConfigImage:
|
|
description: The container image to use for the nova config_volume
|
|
type: string
|
|
NovaConsoleauthLoggingSource:
|
|
type: json
|
|
default:
|
|
tag: openstack.nova.consoleauth
|
|
path: /var/log/containers/nova/nova-consoleauth.log
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
UpgradeRemoveUnusedPackages:
|
|
default: false
|
|
description: Remove package if the service is being disabled during upgrade
|
|
type: boolean
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ./containers-common.yaml
|
|
|
|
MySQLClient:
|
|
type: ../../puppet/services/database/mysql-client.yaml
|
|
|
|
NovaConsoleauthPuppetBase:
|
|
type: ../../puppet/services/nova-consoleauth.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceData: {get_param: ServiceData}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
NovaLogging:
|
|
type: OS::TripleO::Services::Logging::NovaCommon
|
|
properties:
|
|
DockerNovaImage: {get_param: DockerNovaConsoleauthImage}
|
|
NovaServiceName: 'consoleauth'
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Nova Consoleauth service.
|
|
value:
|
|
service_name: {get_attr: [NovaConsoleauthPuppetBase, role_data, service_name]}
|
|
config_settings:
|
|
map_merge:
|
|
- {get_attr: [NovaConsoleauthPuppetBase, role_data, config_settings]}
|
|
- {get_attr: [NovaLogging, config_settings]}
|
|
logging_source: {get_attr: [NovaConsoleauthPuppetBase, role_data, logging_source]}
|
|
logging_groups: {get_attr: [NovaConsoleauthPuppetBase, role_data, logging_groups]}
|
|
service_config_settings:
|
|
map_merge:
|
|
- get_attr: [NovaConsoleauthPuppetBase, role_data, service_config_settings]
|
|
- fluentd:
|
|
tripleo_fluentd_groups_nova_consoleauth:
|
|
- nova
|
|
tripleo_fluentd_sources_nova_consoleauth:
|
|
- {get_param: NovaConsoleauthLoggingSource}
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
config_volume: nova
|
|
puppet_tags: nova_config
|
|
step_config:
|
|
list_join:
|
|
- "\n"
|
|
- - {get_attr: [NovaConsoleauthPuppetBase, role_data, step_config]}
|
|
- {get_attr: [MySQLClient, role_data, step_config]}
|
|
config_image: {get_param: DockerNovaConfigImage}
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/nova_consoleauth.json:
|
|
command:
|
|
list_join:
|
|
- ' '
|
|
- - /usr/bin/nova-consoleauth
|
|
- get_attr: [NovaLogging, cmd_extra_args]
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
permissions:
|
|
- path: /var/log/nova
|
|
owner: nova:nova
|
|
recurse: true
|
|
docker_config:
|
|
step_4:
|
|
nova_consoleauth:
|
|
image: {get_param: DockerNovaConsoleauthImage}
|
|
net: host
|
|
privileged: false
|
|
restart: always
|
|
healthcheck:
|
|
test: /openstack/healthcheck
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
- {get_attr: [NovaLogging, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/nova_consoleauth.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
host_prep_tasks: {get_attr: [NovaLogging, host_prep_tasks]}
|
|
upgrade_tasks:
|
|
- when: step|int == 0
|
|
tags: common
|
|
block:
|
|
- name: Check if nova_consoleauth is deployed
|
|
command: systemctl is-enabled --quiet openstack-nova-consoleauth
|
|
ignore_errors: True
|
|
register: nova_consoleauth_enabled_result
|
|
- name: Set fact nova_consoleauth_enabled
|
|
set_fact:
|
|
nova_consoleauth_enabled: "{{ nova_consoleauth_enabled_result.rc == 0 }}"
|
|
- name: "PreUpgrade step0,validation: Check service openstack-nova-consoleauth is running"
|
|
command: systemctl is-active --quiet openstack-nova-consoleauth
|
|
tags: validation
|
|
when: nova_consoleauth_enabled|bool
|
|
- when: step|int == 2
|
|
block:
|
|
- name: Stop and disable nova_consoleauth service
|
|
when: nova_consoleauth_enabled|bool
|
|
service: name=openstack-nova-consoleauth state=stopped enabled=no
|
|
- when: step|int == 3
|
|
block:
|
|
- name: Set fact for removal of openstack-nova-console package
|
|
set_fact:
|
|
remove_nova_console_package: {get_param: UpgradeRemoveUnusedPackages}
|
|
- name: Remove openstack-nova-console package if operator requests it
|
|
package: name=openstack-nova-console state=removed
|
|
ignore_errors: True
|
|
when: remove_nova_console_package|bool
|
|
fast_forward_upgrade_tasks:
|
|
- name: Check if nova_consoleauth is deployed
|
|
command: systemctl is-active --quiet openstack-nova-consoleauth
|
|
ignore_errors: True
|
|
register: nova_consoleauth_enabled_result
|
|
when:
|
|
- step|int == 0
|
|
- release == 'ocata'
|
|
- name: Set fact nova_consoleauth_enabled
|
|
set_fact:
|
|
nova_consoleauth_enabled: "{{ nova_consoleauth_enabled_result.rc == 0 }}"
|
|
when:
|
|
- step|int == 0
|
|
- release == 'ocata'
|
|
- name: Stop and disable nova-consoleauth service
|
|
service: name=openstack-nova-consoleauth state=stopped
|
|
when:
|
|
- step|int == 1
|
|
- release == 'ocata'
|
|
- nova_consoleauth_enabled|bool
|