openstack/kolla-ansible
Code Issues Proposed changes
90435f6a9d
kolla-ansible/ansible/roles/keystone/defaults/main.yml
Michal Nasiadka c52a89ae04 Use Docker healthchecks for core services 
This change enables the use of Docker healthchecks for core OpenStack
services.
Also check-failures.sh has been updated to treat containers with
unhealthy status as failed.

Implements: blueprint container-health-check
Change-Id: I79c6b11511ce8af70f77e2f6a490b59b477fefbb
2020-10-05 08:35:47 +00:00

182 lines
7.7 KiB
YAML
Raw Blame History

---
project_name: "keystone"
keystone_services:
keystone:
container_name: "keystone"
group: "keystone"
enabled: true
image: "{{ keystone_image_full }}"
volumes: "{{ keystone_default_volumes + keystone_extra_volumes }}"
dimensions: "{{ keystone_dimensions }}"
healthcheck: "{{ keystone_healthcheck }}"
haproxy:
keystone_internal:
enabled: "{{ enable_keystone }}"
mode: "http"
external: false
tls_backend: "{{ keystone_enable_tls_backend }}"
port: "{{ keystone_public_port }}"
listen_port: "{{ keystone_public_listen_port }}"
keystone_external:
enabled: "{{ enable_keystone }}"
mode: "http"
external: true
tls_backend: "{{ keystone_enable_tls_backend }}"
port: "{{ keystone_public_port }}"
listen_port: "{{ keystone_public_listen_port }}"
keystone_admin:
enabled: "{{ enable_keystone }}"
mode: "http"
external: false
tls_backend: "{{ keystone_enable_tls_backend }}"
port: "{{ keystone_admin_port }}"
listen_port: "{{ keystone_admin_listen_port }}"
keystone-ssh:
container_name: "keystone_ssh"
group: "keystone"
enabled: "{{ keystone_token_provider == 'fernet' }}"
image: "{{ keystone_ssh_image_full }}"
volumes:
- "{{ node_config_directory }}/keystone-ssh/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "keystone_fernet_tokens:/etc/keystone/fernet-keys"
dimensions: "{{ keystone_ssh_dimensions }}"
healthcheck: "{{ keystone_ssh_healthcheck }}"
keystone-fernet:
container_name: "keystone_fernet"
group: "keystone"
enabled: "{{ keystone_token_provider == 'fernet' }}"
image: "{{ keystone_fernet_image_full }}"
volumes:
- "{{ node_config_directory }}/keystone-fernet/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "keystone_fernet_tokens:/etc/keystone/fernet-keys"
dimensions: "{{ keystone_fernet_dimensions }}"
####################
# Database
####################
keystone_database_name: "keystone"
keystone_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}keystone{% endif %}"
keystone_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}"
####################
# Fernet
####################
keystone_username: "keystone"
keystone_groupname: "keystone"
####################
# Docker
####################
keystone_install_type: "{{ kolla_install_type }}"
keystone_tag: "{{ openstack_tag }}"
keystone_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ keystone_install_type }}-keystone"
keystone_service_tag: "{{ keystone_tag }}"
keystone_image_full: "{{ keystone_image }}:{{ keystone_service_tag }}"
keystone_fernet_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ keystone_install_type }}-keystone-fernet"
keystone_fernet_tag: "{{ keystone_tag }}"
keystone_fernet_image_full: "{{ keystone_fernet_image }}:{{ keystone_fernet_tag }}"
keystone_ssh_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ keystone_install_type }}-keystone-ssh"
keystone_ssh_tag: "{{ keystone_tag }}"
keystone_ssh_image_full: "{{ keystone_ssh_image }}:{{ keystone_ssh_tag }}"
keystone_dimensions: "{{ default_container_dimensions }}"
keystone_fernet_dimensions: "{{ default_container_dimensions }}"
keystone_ssh_dimensions: "{{ default_container_dimensions }}"
keystone_enable_healthchecks: "{{ enable_container_healthchecks }}"
keystone_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
keystone_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
keystone_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
keystone_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if keystone_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ keystone_public_listen_port }}"]
keystone_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
keystone_healthcheck:
interval: "{{ keystone_healthcheck_interval }}"
retries: "{{ keystone_healthcheck_retries }}"
start_period: "{{ keystone_healthcheck_start_period }}"
test: "{% if keystone_enable_healthchecks | bool %}{{ keystone_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ keystone_healthcheck_timeout }}"
keystone_ssh_enable_healthchecks: "{{ enable_container_healthchecks }}"
keystone_ssh_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
keystone_ssh_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
keystone_ssh_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
keystone_ssh_healthcheck_test: ["CMD-SHELL", "healthcheck_listen sshd {{ keystone_ssh_port }}"]
keystone_ssh_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
keystone_ssh_healthcheck:
interval: "{{ keystone_ssh_healthcheck_interval }}"
retries: "{{ keystone_ssh_healthcheck_retries }}"
start_period: "{{ keystone_ssh_healthcheck_start_period }}"
test: "{% if keystone_ssh_enable_healthchecks | bool %}{{ keystone_ssh_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ keystone_ssh_healthcheck_timeout }}"
keystone_default_volumes:
- "{{ node_config_directory }}/keystone/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_os_family == 'Debian' else '' }}"
- "{{ kolla_dev_repos_directory ~ '/keystone/keystone:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/keystone' if keystone_dev_mode | bool else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{% if keystone_token_provider == 'fernet' %}keystone_fernet_tokens:/etc/keystone/fernet-keys{% endif %}"
keystone_extra_volumes: "{{ default_extra_volumes }}"
####################
# OpenStack
####################
keystone_logging_debug: "{{ openstack_logging_debug }}"
openstack_keystone_auth: "{{ openstack_auth }}"
####################
# Kolla
####################
keystone_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
keystone_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
keystone_dev_mode: "{{ kolla_dev_mode }}"
keystone_source_version: "{{ kolla_source_version }}"
####################
# Notifications
####################
keystone_default_notifications_topic_enabled: "{{ enable_ceilometer | bool }}"
keystone_default_notifications_topic_name: "notifications"
keystone_notification_topics:
- name: "{{ keystone_default_notifications_topic_name }}"
enabled: "{{ keystone_default_notifications_topic_enabled | bool }}"
- name: barbican_notifications
enabled: "{{ enable_barbican | bool }}"
keystone_enabled_notification_topics: "{{ keystone_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
keystone_ks_services:
- name: "keystone"
type: "identity"
description: "Openstack Identity Service"
endpoints:
- {'interface': 'admin', 'url': '{{ keystone_admin_url }}'}
- {'interface': 'internal', 'url': '{{ keystone_internal_url }}'}
- {'interface': 'public', 'url': '{{ keystone_public_url }}'}
####################
# TLS
####################
keystone_enable_tls_backend: "{{ kolla_enable_tls_backend }}"
View Git Blame Copy Permalink