Use docker_config_scripts for puppet apply

There are some configuration applies that we need to do during the
deployment. These currently live as manually constructed bash runs which
are missing the --detailed-exitcode handling to know when we have
failures.  In order to reduce the duplicated code and simplify this
exeuction, this change creates a docker_config_scripts with
docker_puppet_run.sh in containers-common that can be reused by any of
the docker services. This allows use to properly handle
--detailed-exitcodes while also reducing the amount of duplicated code
bits that we have within THT.

Additionally this change adds a new shared value for ContainersCommon to
pull the required volumes for the docker_puppet_apply.sh script into a
single place. Unfortunately the existing volumes from ContainersCommon
includes a mount for /etc/puppet to /etc/puppet which causes problems
because we need to be able to write out a hiera value.  The /etc/puppet
mount is needed for the bootstrap_host_exec function which is consumed
by various docker_config tasks but the mount conflicts with the puppet
apply logic being used.

Depends-On: I24e5e344b7f657ce5d42a7c7c45be7b5ed5e6445
Change-Id: Icf4a64ed76635e39bbb34c3a088c55e1f14fddca
Related-Bug: #1741345
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
This commit is contained in:
Alex Schultz 2018-01-04 16:23:37 -07:00
parent 88759da151
commit 6f834f60e6
10 changed files with 206 additions and 220 deletions

View File

@ -48,14 +48,47 @@ conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
outputs:
volumes:
description: Common volumes for the containers.
docker_config_scripts:
description: Shared docker config scripts
value:
docker_puppet_apply.sh:
mode: "0700"
content: |
#!/bin/bash
set -eux
STEP=$1
TAGS=$2
CONFIG=$3
EXTRA_ARGS=${4:-''}
if [ -d /tmp/puppet-etc ]; then
# ignore copy failures as these may be the same file depending on docker mounts
cp -a /tmp/puppet-etc/* /etc/puppet || true
fi
echo "{\"step\": ${STEP}}" > /etc/puppet/hieradata/docker.json
export FACTOR_uuid=docker
set +e
puppet apply $EXTRA_ARGS \
--verbose \
--detailed-exitcodes \
--summarize \
--color=false \
--modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules \
--tags $TAGS \
-e "${CONFIG}"
rc=$?
set -e
set +ux
if [ $rc -eq 2 -o $rc -eq 0 ]; then
exit 0
fi
exit $rc
volumes_base:
description: Base volume list
value: &volumes_base
list_concat:
- - /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
# required for bootstrap_host_exec
- /etc/puppet:/etc/puppet:ro
# OpenSSL trusted CAs
- /etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro
- /etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt:ro
@ -63,7 +96,6 @@ outputs:
- /etc/pki/tls/cert.pem:/etc/pki/tls/cert.pem:ro
# Syslog socket
- /dev/log:/dev/log
- /etc/ssh/ssh_known_hosts:/etc/ssh/ssh_known_hosts:ro
- if:
- internal_tls_enabled
- - list_join:
@ -72,3 +104,22 @@ outputs:
- {get_param: InternalTLSCAFile}
- 'ro'
- null
volumes:
description: Common volumes for the containers.
value:
list_concat:
- *volumes_base
- - /etc/ssh/ssh_known_hosts:/etc/ssh/ssh_known_hosts:ro
# required for bootstrap_host_exec
- /etc/puppet:/etc/puppet:ro
docker_puppet_apply_volumes:
description: Common volumes needed to run the docker_puppet_apply.sh from docker_config_scripts
value:
list_concat:
- *volumes_base
- - /var/lib/docker-config-scripts/docker_puppet_apply.sh:/docker_puppet_apply.sh:ro
# docker_puppet_apply.sh will copy this to /etc/puppet in the container
- /etc/puppet:/tmp/puppet-etc:ro
- /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro

View File

@ -175,6 +175,7 @@ outputs:
owner: haproxy:haproxy
recurse: true
optional: true
docker_config_scripts: {get_attr: [ContainersCommon, docker_config_scripts]}
docker_config:
step_1:
map_merge:
@ -186,29 +187,20 @@ outputs:
net: host
user: root
privileged: true
command:
- '/bin/bash'
- '-c'
- str_replace:
template:
list_join:
- '; '
- - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 1}' > /etc/puppet/hieradata/docker.json"
- "FACTER_uuid=docker puppet apply DEBUG --color=false --summarize --modulepath=/etc/puppet/modules:/usr/share/openstack-puppet/modules --tags TAGS -v -e 'CONFIG'"
params:
TAGS: 'tripleo::firewall::rule'
CONFIG:
get_attr: [HAProxyBase, role_data, step_config]
DEBUG:
if:
- puppet_debug_enabled
- '--debug --verbose'
- ''
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
list_concat:
- - '/docker_puppet_apply.sh'
- '1'
- 'tripleo::firewall::rule'
- {get_attr: [HAProxyBase, role_data, step_config]}
- if:
- puppet_debug_enabled
- - '--debug --verbose'
- - ''
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
- - /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/haproxy/:/var/lib/kolla/config_files/src:ro
# puppet saves iptables rules in /etc/sysconfig
- /etc/sysconfig:/etc/sysconfig:rw
@ -216,8 +208,6 @@ outputs:
# the necessary bit and prevent systemd to try to reload the service in the container
- /usr/libexec/iptables:/usr/libexec/iptables:ro
- /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
- /etc/puppet:/tmp/puppet-etc:ro
- /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
haproxy:

View File

@ -58,6 +58,9 @@ conditions:
resources:
ContainersCommon:
type: ../containers-common.yaml
MySQLClient:
type: ../../../puppet/services/database/mysql-client.yaml
@ -127,6 +130,7 @@ outputs:
- path: /var/log/cinder
owner: cinder:cinder
recurse: true
docker_config_scripts: {get_attr: [ContainersCommon, docker_config_scripts]}
docker_config:
step_1:
cinder_backup_image_tag:
@ -166,31 +170,22 @@ outputs:
detach: false
net: host
user: root
command:
- '/bin/bash'
- '-c'
- str_replace:
template:
list_join:
- '; '
- - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 5}' > /etc/puppet/hieradata/docker.json"
- "FACTER_uuid=docker puppet apply DEBUG --color=false --modulepath=/etc/puppet/modules:/usr/share/openstack-puppet/modules --tags file_line,concat,augeas,TAGS --debug -v -e 'CONFIG'"
params:
TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::constraint::location'
CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::cinder::backup_bundle'
DEBUG:
if:
- puppet_debug_enabled
- '--debug --verbose'
- ''
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
list_concat:
- - '/docker_puppet_apply.sh'
- '5'
- 'file,file_line,concat,augeas,pacemaker::resource::bundle,pacemaker::property,pacemaker::constraint::location'
- 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::cinder::backup_bundle'
- if:
- puppet_debug_enabled
- - '--debug --verbose'
- - ''
image: {get_param: DockerCinderBackupImage}
volumes:
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
- /etc/puppet:/tmp/puppet-etc:ro
- /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
list_concat:
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
host_prep_tasks:
- name: create persistent directories
file:

View File

@ -55,6 +55,9 @@ conditions:
resources:
ContainersCommon:
type: ../containers-common.yaml
MySQLClient:
type: ../../../puppet/services/database/mysql-client.yaml
@ -121,6 +124,7 @@ outputs:
- path: /var/log/cinder
owner: cinder:cinder
recurse: true
docker_config_scripts: {get_attr: [ContainersCommon, docker_config_scripts]}
docker_config:
step_1:
cinder_volume_image_tag:
@ -160,31 +164,22 @@ outputs:
detach: false
net: host
user: root
command:
- '/bin/bash'
- '-c'
- str_replace:
template:
list_join:
- '; '
- - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 5}' > /etc/puppet/hieradata/docker.json"
- "FACTER_uuid=docker puppet apply DEBUG --color=false --modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules --tags file_line,concat,augeas,TAGS --debug -v -e 'CONFIG'"
params:
TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::constraint::location'
CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::cinder::volume_bundle'
DEBUG:
if:
- puppet_debug_enabled
- '--debug --verbose'
- ''
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
list_concat:
- - '/docker_puppet_apply.sh'
- '5'
- 'file,file_line,concat,augeas,pacemaker::resource::bundle,pacemaker::property,pacemaker::constraint::location'
- 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::cinder::volume_bundle'
- if:
- puppet_debug_enabled
- - '--debug --verbose'
- - ''
image: {get_param: DockerCinderVolumeImage}
volumes:
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
- /etc/puppet:/tmp/puppet-etc:ro
- /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
list_concat:
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
host_prep_tasks:
- name: create persistent directories
file:

View File

@ -153,6 +153,7 @@ outputs:
owner: mysql:mysql
perm: '0600'
optional: true
docker_config_scripts: {get_attr: [ContainersCommon, docker_config_scripts]}
docker_config:
step_1:
mysql_data_ownership:
@ -243,32 +244,23 @@ outputs:
detach: false
net: host
user: root
command:
- '/bin/bash'
- '-c'
- str_replace:
template:
list_join:
- '; '
- - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
- "FACTER_uuid=docker puppet apply DEBUG --color=false --modulepath=/etc/puppet/modules:/usr/share/openstack-puppet/modules --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
params:
TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation,galera_ready,mysql_database,mysql_grant,mysql_user'
CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::database::mysql_bundle'
DEBUG:
if:
- puppet_debug_enabled
- '--debug --verbose'
- ''
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
list_concat:
- - '/docker_puppet_apply.sh'
- '2'
- 'file,file_line,concat,augeas,pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation,galera_ready,mysql_database,mysql_grant,mysql_user'
- 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::database::mysql_bundle'
- if:
- puppet_debug_enabled
- - '--debug'
- - ''
image: {get_param: DockerMysqlImage}
volumes:
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
- /etc/puppet:/tmp/puppet-etc:ro
- /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
- /var/lib/mysql:/var/lib/mysql:rw
list_concat:
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
- /var/lib/mysql:/var/lib/mysql:rw
host_prep_tasks:
- name: create /var/lib/mysql
file:

View File

@ -46,6 +46,9 @@ conditions:
resources:
ContainersCommon:
type: ../../containers-common.yaml
RedisBase:
type: ../../../../puppet/services/database/redis.yaml
properties:
@ -117,6 +120,7 @@ outputs:
- path: /var/log/redis
owner: redis:redis
recurse: true
docker_config_scripts: {get_attr: [ContainersCommon, docker_config_scripts]}
docker_config:
step_1:
redis_image_tag:
@ -148,31 +152,22 @@ outputs:
net: host
user: root
config_volume: 'redis_init_bundle'
command:
- '/bin/bash'
- '-c'
- str_replace:
template:
list_join:
- '; '
- - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
- "FACTER_uuid=docker puppet apply DEBUG --color=false --modulepath=/etc/puppet/modules:/usr/share/openstack-puppet/modules --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
params:
TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::database::redis_bundle'
DEBUG:
if:
- puppet_debug_enabled
- '--debug --verbose'
- ''
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
list_concat:
- - '/docker_puppet_apply.sh'
- '2'
- 'file,file_line,concat,augeas,pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
- 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::database::redis_bundle'
- if:
- puppet_debug_enabled
- - '--debug'
- - ''
image: *redis_config_image
volumes:
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
- /etc/puppet:/tmp/puppet-etc:ro
- /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
list_concat:
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
host_prep_tasks:
- name: create /var/run/redis
file:

View File

@ -67,6 +67,9 @@ conditions:
resources:
ContainersCommon:
type: ../containers-common.yaml
HAProxyBase:
type: ../../../puppet/services/pacemaker/haproxy.yaml
properties:
@ -156,6 +159,7 @@ outputs:
owner: haproxy:haproxy
perm: '0600'
optional: true
docker_config_scripts: {get_attr: [ContainersCommon, docker_config_scripts]}
docker_config:
step_1:
haproxy_image_tag:
@ -188,30 +192,20 @@ outputs:
net: host
user: root
privileged: true
command:
- '/bin/bash'
- '-c'
- str_replace:
template:
list_join:
- '; '
- - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
- "FACTER_uuid=docker puppet apply DEBUG --color=false --modulepath=/etc/puppet/modules:/usr/share/openstack-puppet/modules --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
params:
TAGS: 'tripleo::firewall::rule,pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ip,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
CONFIG:
list_join:
- ';'
- - 'include ::tripleo::profile::base::pacemaker'
- 'include ::tripleo::profile::pacemaker::haproxy_bundle'
DEBUG:
if:
- puppet_debug_enabled
- '--debug --verbose'
- ''
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
list_concat:
- - '/docker_puppet_apply.sh'
- '2'
- 'file,file_line,concat,augeas,tripleo::firewall::rule,pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ip,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
- 'include ::tripleo::profile::base::pacemaker; include ::tripleo::profile::pacemaker::haproxy_bundle'
- if:
- puppet_debug_enabled
- - '--debug'
- - ''
image: {get_param: DockerHAProxyImage}
volumes:
list_concat:
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
- *deployed_cert_mount
-
# puppet saves iptables rules in /etc/sysconfig
@ -220,10 +214,6 @@ outputs:
# the necessary bit and prevent systemd to try to reload the service in the container
- /usr/libexec/iptables:/usr/libexec/iptables:ro
- /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
- /etc/puppet:/tmp/puppet-etc:ro
- /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
metadata_settings:

View File

@ -46,6 +46,9 @@ conditions:
resources:
ContainersCommon:
type: ../containers-common.yaml
MySQLClient:
type: ../../../puppet/services/database/mysql-client.yaml
@ -101,6 +104,7 @@ outputs:
- path: /var/log/manila
owner: manila:manila
recurse: true
docker_config_scripts: {get_attr: [ContainersCommon, docker_config_scripts]}
docker_config:
step_1:
manila_share_image_tag:
@ -140,31 +144,22 @@ outputs:
detach: false
net: host
user: root
command:
- '/bin/bash'
- '-c'
- str_replace:
template:
list_join:
- '; '
- - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 5}' > /etc/puppet/hieradata/docker.json"
- "FACTER_uuid=docker puppet apply DEBUG --color=false --modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules --tags file_line,concat,augeas,TAGS --debug -v -e 'CONFIG'"
params:
TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::constraint::location'
CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::manila::share_bundle'
DEBUG:
if:
- puppet_debug_enabled
- '--debug --verbose'
- ''
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
list_concat:
- - '/docker_puppet_apply.sh'
- '5'
- 'file,file_line,concat,augeas,pacemaker::resource::bundle,pacemaker::property,pacemaker::constraint::location'
- 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::manila::share_bundle'
- if:
- puppet_debug_enabled
- - '--debug'
- - ''
image: {get_param: DockerManilaShareImage}
volumes:
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
- /etc/puppet:/tmp/puppet-etc:ro
- /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
list_concat:
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
host_prep_tasks:
- name: create persistent directories
file:

View File

@ -102,6 +102,7 @@ outputs:
merge: true
preserve_properties: true
optional: true
docker_config_scripts: {get_attr: [ContainersCommon, docker_config_scripts]}
docker_config:
step_3:
ovn_dbs_init_bundle:
@ -110,35 +111,22 @@ outputs:
net: host
user: root
config_volume: 'ovn_dbs_init_bundle'
command:
- '/bin/bash'
- '-c'
- str_replace:
template:
list_join:
- '; '
- - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 3}' > /etc/puppet/hieradata/docker.json"
- "FACTER_uuid=docker puppet apply DEBUG --color=false --modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
params:
TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ip,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
CONFIG:
list_join:
- ';'
- - 'include ::tripleo::profile::base::pacemaker'
- 'include ::tripleo::profile::pacemaker::ovn_dbs_bundle'
DEBUG:
if:
- puppet_debug_enabled
- '--debug --verbose'
- ''
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
list_concat:
- - '/docker_puppet_apply.sh'
- '3'
- 'file,file_line,concat,augeas,pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ip,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
- 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::ovn_dbs_bundle'
- if:
- puppet_debug_enabled
- - '--debug'
- - ''
image: *ovn_dbs_config_image
volumes:
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
- /etc/puppet:/tmp/puppet-etc:ro
- /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
list_concat:
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
host_prep_tasks:
- name: create persistent directories
file:

View File

@ -50,6 +50,9 @@ conditions:
resources:
ContainersCommon:
type: ../containers-common.yaml
RabbitmqBase:
type: ../../../puppet/services/rabbitmq.yaml
properties:
@ -131,6 +134,7 @@ outputs:
optional: true
# When using pacemaker we don't launch the container, instead that is done by pacemaker
# itself.
docker_config_scripts: {get_attr: [ContainersCommon, docker_config_scripts]}
docker_config:
step_1:
rabbitmq_bootstrap:
@ -186,32 +190,23 @@ outputs:
detach: false
net: host
user: root
command:
- '/bin/bash'
- '-c'
- str_replace:
template:
list_join:
- '; '
- - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
- "FACTER_uuid=docker puppet apply DEBUG --color=false --modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
params:
TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation,rabbitmq_policy,rabbitmq_user,rabbitmq_ready'
CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::rabbitmq_bundle'
DEBUG:
if:
- puppet_debug_enabled
- '--debug --verbose'
- ''
command: # '/docker_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
list_concat:
- - '/docker_puppet_apply.sh'
- '2'
- 'file,file_line,concat,augeas,pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation,rabbitmq_policy,rabbitmq_user,rabbitmq_ready'
- 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::rabbitmq_bundle'
- if:
- puppet_debug_enabled
- - '--debug'
- - ''
image: {get_param: DockerRabbitmqImage}
volumes:
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
- /etc/puppet:/tmp/puppet-etc:ro
- /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
- /bin/true:/bin/epmd
list_concat:
- {get_attr: [ContainersCommon, docker_puppet_apply_volumes]}
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
- /bin/true:/bin/epmd
host_prep_tasks:
- name: create /var/lib/rabbitmq
file: