"Fossies" - the Fresh Open Source Software Archive

Member "magnum-8.1.0/magnum/drivers/swarm_fedora_atomic_v1/templates/swarmmaster.yaml" (1 Oct 2019, 16264 Bytes) of package /linux/misc/openstack/magnum-8.1.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Ansible YAML source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the last Fossies "Diffs" side-by-side code changes report for "swarmmaster.yaml": 9.0.0_vs_9.1.0.

    1 heat_template_version: 2014-10-16
    2 
    3 description: >
    4   This is a nested stack that defines swarm master node. A swarm mater node is
    5   running a Docker daemon and a swarm manager container listening on port 2376.
    6 
    7 parameters:
    8 
    9   name:
   10     type: string
   11     description: server name
   12 
   13   ssh_key_name:
   14     type: string
   15     description: name of ssh key to be provisioned on our server
   16 
   17   docker_volume_size:
   18     type: number
   19     description: >
   20       size of a cinder volume to allocate to docker for container/image
   21       storage
   22 
   23   docker_volume_type:
   24     type: string
   25     description: >
   26       type of a cinder volume to allocate to docker for container/image
   27       storage
   28 
   29   docker_storage_driver:
   30     type: string
   31     description: docker storage driver name
   32 
   33   external_network:
   34     type: string
   35     description: uuid/name of a network to use for floating ip addresses
   36 
   37   discovery_url:
   38     type: string
   39     description: url provided for node discovery
   40 
   41   cluster_uuid:
   42     type: string
   43     description: identifier for the cluster this template is generating
   44 
   45   magnum_url:
   46     type: string
   47     description: endpoint to retrieve TLS certs from
   48 
   49   fixed_network_id:
   50     type: string
   51     description: Network from which to allocate fixed addresses.
   52 
   53   fixed_subnet_id:
   54     type: string
   55     description: Subnet from which to allocate fixed addresses.
   56 
   57   swarm_api_ip:
   58     type: string
   59     description: swarm master's api server ip address
   60     default: ""
   61 
   62   api_ip_address:
   63     type: string
   64     description: swarm master's api server public ip address
   65     default: ""
   66 
   67   server_image:
   68     type: string
   69     description: glance image used to boot the server
   70 
   71   server_flavor:
   72     type: string
   73     description: flavor to use when booting the server
   74 
   75   http_proxy:
   76     type: string
   77     description: http proxy address for docker
   78 
   79   https_proxy:
   80     type: string
   81     description: https proxy address for docker
   82 
   83   no_proxy:
   84     type: string
   85     description: no proxies for docker
   86 
   87   tls_disabled:
   88     type: boolean
   89     description: whether or not to enable TLS
   90 
   91   verify_ca:
   92     type: boolean
   93     description: whether or not to validate certificate authority
   94 
   95   network_driver:
   96     type: string
   97     description: network driver to use for instantiating container networks
   98 
   99   flannel_network_cidr:
  100     type: string
  101     description: network range for flannel overlay network
  102 
  103   flannel_network_subnetlen:
  104     type: number
  105     description: size of subnet assigned to each master
  106 
  107   flannel_backend:
  108     type: string
  109     description: >
  110       specify the backend for flannel, default udp backend
  111     constraints:
  112       - allowed_values: ["udp", "vxlan", "host-gw"]
  113 
  114   swarm_version:
  115     type: string
  116     description: version of swarm used for swarm cluster
  117 
  118   swarm_strategy:
  119     type: string
  120     description: >
  121         schedule strategy to be used by swarm manager
  122     constraints:
  123       - allowed_values: ["spread", "binpack", "random"]
  124 
  125   secgroup_swarm_master_id:
  126     type: string
  127     description: ID of the security group for swarm master.
  128 
  129   swarm_port:
  130     type: number
  131     description: >
  132       The port which are used by swarm manager to provide swarm service.
  133 
  134   api_pool_id:
  135     type: string
  136     description: ID of the load balancer pool of swarm master server.
  137 
  138   etcd_pool_id:
  139     type: string
  140     description: ID of the load balancer pool of etcd server.
  141 
  142   etcd_server_ip:
  143     type: string
  144     description: ip address of the load balancer pool of etcd server.
  145     default: ""
  146 
  147   trustee_user_id:
  148     type: string
  149     description: user id of the trustee
  150 
  151   trustee_password:
  152     type: string
  153     description: password of the trustee
  154     hidden: true
  155 
  156   trust_id:
  157     type: string
  158     description: id of the trust which is used by the trustee
  159     hidden: true
  160 
  161   auth_url:
  162     type: string
  163     description: url for keystone
  164 
  165   volume_driver:
  166     type: string
  167     description: volume driver to use for container storage
  168     default: ""
  169 
  170   rexray_preempt:
  171     type: string
  172     description: >
  173       enables any host to take control of a volume irrespective of whether
  174       other hosts are using the volume
  175     default: "false"
  176 
  177   openstack_ca:
  178     type: string
  179     description: The OpenStack CA certificate to install on the node.
  180 
  181   nodes_server_group_id:
  182     type: string
  183     description: ID of the server group for kubernetes cluster nodes.
  184 
  185 resources:
  186 
  187   master_wait_handle:
  188     type: "OS::Heat::WaitConditionHandle"
  189 
  190   master_wait_condition:
  191     type: "OS::Heat::WaitCondition"
  192     depends_on: swarm-master
  193     properties:
  194       handle: {get_resource: master_wait_handle}
  195       timeout: 6000
  196 
  197   ######################################################################
  198   #
  199   # resource that exposes the IPs of either the Swarm master or the API
  200   # LBaaS pool depending on whether LBaaS is enabled for the cluster.
  201   #
  202 
  203   api_address_switch:
  204     type: Magnum::ApiGatewaySwitcher
  205     properties:
  206       pool_public_ip: {get_param: api_ip_address}
  207       pool_private_ip: {get_param: swarm_api_ip}
  208       master_public_ip: {get_attr: [swarm_master_floating, floating_ip_address]}
  209       master_private_ip: {get_attr: [swarm_master_eth0, fixed_ips, 0, ip_address]}
  210 
  211   etcd_address_switch:
  212     type: Magnum::ApiGatewaySwitcher
  213     properties:
  214       pool_private_ip: {get_param: etcd_server_ip}
  215       master_private_ip: {get_attr: [swarm_master_eth0, fixed_ips, 0, ip_address]}
  216 
  217   ######################################################################
  218   #
  219   # software configs.  these are components that are combined into
  220   # a multipart MIME user-data archive.
  221   #
  222   no_proxy_extended:
  223     type: OS::Heat::Value
  224     properties:
  225       type: string
  226       value:
  227         list_join:
  228           - ','
  229           - - {get_attr: [api_address_switch, private_ip]}
  230             - {get_attr: [swarm_master_eth0, fixed_ips, 0, ip_address]}
  231             - {get_attr: [etcd_address_switch, private_ip]}
  232             - {get_attr: [api_address_switch, public_ip]}
  233             - {get_param: no_proxy}
  234 
  235   write_heat_params:
  236     type: "OS::Heat::SoftwareConfig"
  237     properties:
  238       group: ungrouped
  239       config:
  240         str_replace:
  241           template: {get_file: ../../common/templates/swarm/fragments/write-heat-params-master.yaml}
  242           params:
  243             "$WAIT_CURL": {get_attr: [master_wait_handle, curl_cli]}
  244             "$DOCKER_VOLUME": {get_resource: docker_volume}
  245             "$DOCKER_VOLUME_SIZE": {get_param: docker_volume_size}
  246             "$DOCKER_STORAGE_DRIVER": {get_param: docker_storage_driver}
  247             "$ETCD_DISCOVERY_URL": {get_param: discovery_url}
  248             "$HTTP_PROXY": {get_param: http_proxy}
  249             "$HTTPS_PROXY": {get_param: https_proxy}
  250             "$NO_PROXY": {get_attr: [no_proxy_extended, value]}
  251             "$SWARM_API_IP": {get_attr: [api_address_switch, private_ip]}
  252             "$SWARM_NODE_IP": {get_attr: [swarm_master_eth0, fixed_ips, 0, ip_address]}
  253             "$CLUSTER_UUID": {get_param: cluster_uuid}
  254             "$MAGNUM_URL": {get_param: magnum_url}
  255             "$TLS_DISABLED": {get_param: tls_disabled}
  256             "$VERIFY_CA": {get_param: verify_ca}
  257             "$NETWORK_DRIVER": {get_param: network_driver}
  258             "$FLANNEL_NETWORK_CIDR": {get_param: flannel_network_cidr}
  259             "$FLANNEL_NETWORK_SUBNETLEN": {get_param: flannel_network_subnetlen}
  260             "$FLANNEL_BACKEND": {get_param: flannel_backend}
  261             "$ETCD_SERVER_IP": {get_attr: [etcd_address_switch, private_ip]}
  262             "$API_IP_ADDRESS": {get_attr: [api_address_switch, public_ip]}
  263             "$SWARM_VERSION": {get_param: swarm_version}
  264             "$TRUSTEE_USER_ID": {get_param: trustee_user_id}
  265             "$TRUSTEE_PASSWORD": {get_param: trustee_password}
  266             "$TRUST_ID": {get_param: trust_id}
  267             "$AUTH_URL": {get_param: auth_url}
  268             "$VOLUME_DRIVER": {get_param: volume_driver}
  269             "$REXRAY_PREEMPT": {get_param: rexray_preempt}
  270 
  271   install_openstack_ca:
  272     type: OS::Heat::SoftwareConfig
  273     properties:
  274       group: ungrouped
  275       config:
  276         str_replace:
  277           params:
  278             $OPENSTACK_CA: {get_param: openstack_ca}
  279           template: {get_file: ../../common/templates/fragments/atomic-install-openstack-ca.sh}
  280 
  281   write_network_config:
  282     type: "OS::Heat::SoftwareConfig"
  283     properties:
  284       group: ungrouped
  285       config: {get_file: ../../common/templates/swarm/fragments/write-network-config.sh}
  286 
  287   network_config_service:
  288     type: "OS::Heat::SoftwareConfig"
  289     properties:
  290       group: ungrouped
  291       config: {get_file: ../../common/templates/swarm/fragments/network-config-service.sh}
  292 
  293   network_service:
  294     type: "OS::Heat::SoftwareConfig"
  295     properties:
  296       group: ungrouped
  297       config: {get_file: ../../common/templates/swarm/fragments/network-service.sh}
  298 
  299   configure_etcd:
  300     type: OS::Heat::SoftwareConfig
  301     properties:
  302       group: ungrouped
  303       config: {get_file: ../../common/templates/swarm/fragments/configure-etcd.sh}
  304 
  305   remove_docker_key:
  306     type: "OS::Heat::SoftwareConfig"
  307     properties:
  308       group: ungrouped
  309       config: {get_file: ../../common/templates/swarm/fragments/remove-docker-key.sh}
  310 
  311   configure_docker_storage:
  312     type: OS::Heat::SoftwareConfig
  313     properties:
  314       group: ungrouped
  315       config:
  316         str_replace:
  317           params:
  318             $configure_docker_storage_driver: {get_file: ../../common/templates/fragments/configure_docker_storage_driver_atomic.sh}
  319           template: {get_file: ../../common/templates/fragments/configure-docker-storage.sh}
  320 
  321   make_cert:
  322     type: "OS::Heat::SoftwareConfig"
  323     properties:
  324       group: ungrouped
  325       config: {get_file: ../../common/templates/swarm/fragments/make-cert.py}
  326 
  327   add_docker_daemon_options:
  328     type: "OS::Heat::SoftwareConfig"
  329     properties:
  330       group: ungrouped
  331       config: {get_file: ../../common/templates/swarm/fragments/add-docker-daemon-options.sh}
  332 
  333   write_swarm_manager_failure_service:
  334     type: "OS::Heat::SoftwareConfig"
  335     properties:
  336       group: ungrouped
  337       config:
  338         str_replace:
  339           template: {get_file: ../../common/templates/swarm/fragments/write-cluster-failure-service.yaml}
  340           params:
  341             "$SERVICE": swarm-manager
  342             "$WAIT_CURL": {get_attr: [master_wait_handle, curl_cli]}
  343             "$VERIFY_CA": {get_param: verify_ca}
  344 
  345   write_docker_socket:
  346     type: "OS::Heat::SoftwareConfig"
  347     properties:
  348       group: ungrouped
  349       config: {get_file: ../../common/templates/swarm/fragments/write-docker-socket.yaml}
  350 
  351   write_swarm_master_service:
  352     type: "OS::Heat::SoftwareConfig"
  353     properties:
  354       group: ungrouped
  355       config:
  356         str_replace:
  357           template: {get_file: ../../common/templates/swarm/fragments/write-swarm-master-service.sh}
  358           params:
  359             "$ETCD_SERVER_IP": {get_attr: [etcd_address_switch, private_ip]}
  360             "$NODE_IP": {get_attr: [swarm_master_eth0, fixed_ips, 0, ip_address]}
  361             "$WAIT_CURL": {get_attr: [master_wait_handle, curl_cli]}
  362             "$HTTP_PROXY": {get_param: http_proxy}
  363             "$HTTPS_PROXY": {get_param: https_proxy}
  364             "$NO_PROXY": {get_attr: [no_proxy_extended, value]}
  365             "$TLS_DISABLED": {get_param: tls_disabled}
  366             "$VERIFY_CA": {get_param: verify_ca}
  367             "$SWARM_VERSION": {get_param: swarm_version}
  368             "$SWARM_STRATEGY": {get_param: swarm_strategy}
  369 
  370   enable_services:
  371     type: "OS::Heat::SoftwareConfig"
  372     properties:
  373       group: ungrouped
  374       config:
  375         str_replace:
  376           template: {get_file: ../../common/templates/swarm/fragments/enable-services.sh}
  377           params:
  378             "$NODE_SERVICES": "etcd docker.socket docker swarm-manager"
  379 
  380   cfn_signal:
  381     type: "OS::Heat::SoftwareConfig"
  382     properties:
  383       group: ungrouped
  384       config: {get_file: ../../common/templates/swarm/fragments/cfn-signal.sh}
  385 
  386   configure_selinux:
  387     type: "OS::Heat::SoftwareConfig"
  388     properties:
  389       group: ungrouped
  390       config: {get_file: ../../common/templates/swarm/fragments/configure-selinux.sh}
  391 
  392   add_proxy:
  393     type: "OS::Heat::SoftwareConfig"
  394     properties:
  395       group: ungrouped
  396       config: {get_file: ../../common/templates/swarm/fragments/add-proxy.sh}
  397 
  398   volume_service:
  399     type: "OS::Heat::SoftwareConfig"
  400     properties:
  401       group: ungrouped
  402       config: {get_file: ../../common/templates/swarm/fragments/volume-service.sh}
  403 
  404   swarm_master_init:
  405     type: "OS::Heat::MultipartMime"
  406     properties:
  407       parts:
  408         - config: {get_resource: install_openstack_ca}
  409         - config: {get_resource: configure_selinux}
  410         - config: {get_resource: remove_docker_key}
  411         - config: {get_resource: write_heat_params}
  412         - config: {get_resource: make_cert}
  413         - config: {get_resource: configure_etcd}
  414         - config: {get_resource: write_network_config}
  415         - config: {get_resource: network_config_service}
  416         - config: {get_resource: network_service}
  417         - config: {get_resource: configure_docker_storage}
  418         - config: {get_resource: write_swarm_manager_failure_service}
  419         - config: {get_resource: add_docker_daemon_options}
  420         - config: {get_resource: write_docker_socket}
  421         - config: {get_resource: write_swarm_master_service}
  422         - config: {get_resource: add_proxy}
  423         - config: {get_resource: enable_services}
  424         - config: {get_resource: cfn_signal}
  425         - config: {get_resource: volume_service}
  426 
  427   ######################################################################
  428   #
  429   # Swarm_manager is a special node running the swarm manage daemon along
  430   # side the swarm agent.
  431   #
  432 
  433   # do NOT use "_" (underscore) in the Nova server name
  434   # it creates a mismatch between the generated Nova name and its hostname
  435   # which can lead to weird problems
  436   swarm-master:
  437     type: "OS::Nova::Server"
  438     properties:
  439       name: {get_param: name}
  440       image:
  441         get_param: server_image
  442       flavor:
  443         get_param: server_flavor
  444       key_name:
  445         get_param: ssh_key_name
  446       user_data_format: RAW
  447       user_data: {get_resource: swarm_master_init}
  448       networks:
  449         - port:
  450             get_resource: swarm_master_eth0
  451       scheduler_hints: { group: { get_param: nodes_server_group_id }}
  452 
  453   swarm_master_eth0:
  454     type: "OS::Neutron::Port"
  455     properties:
  456       network_id:
  457         get_param: fixed_network_id
  458       security_groups:
  459         - {get_param: secgroup_swarm_master_id}
  460       fixed_ips:
  461         - subnet_id:
  462             get_param: fixed_subnet_id
  463       allowed_address_pairs:
  464         - ip_address: {get_param: flannel_network_cidr}
  465 
  466   swarm_master_floating:
  467     type: "OS::Neutron::FloatingIP"
  468     properties:
  469       floating_network:
  470         get_param: external_network
  471       port_id:
  472         get_resource: swarm_master_eth0
  473 
  474   api_pool_member:
  475     type: Magnum::Optional::Neutron::LBaaS::PoolMember
  476     properties:
  477       pool: {get_param: api_pool_id}
  478       address: {get_attr: [swarm_master_eth0, fixed_ips, 0, ip_address]}
  479       subnet: { get_param: fixed_subnet_id }
  480       protocol_port: {get_param: swarm_port}
  481 
  482   etcd_pool_member:
  483     type: Magnum::Optional::Neutron::LBaaS::PoolMember
  484     properties:
  485       pool: {get_param: etcd_pool_id}
  486       address: {get_attr: [swarm_master_eth0, fixed_ips, 0, ip_address]}
  487       subnet: { get_param: fixed_subnet_id }
  488       protocol_port: 2379
  489 
  490   ######################################################################
  491   #
  492   # docker storage.  This allocates a cinder volume and attaches it
  493   # to the node.
  494   #
  495 
  496   docker_volume:
  497     type: Magnum::Optional::Cinder::Volume
  498     properties:
  499       size: {get_param: docker_volume_size}
  500       volume_type: {get_param: docker_volume_type}
  501 
  502   docker_volume_attach:
  503     type: Magnum::Optional::Cinder::VolumeAttachment
  504     properties:
  505       instance_uuid: {get_resource: swarm-master}
  506       volume_id: {get_resource: docker_volume}
  507       mountpoint: /dev/vdb
  508 
  509 outputs:
  510 
  511   swarm_master_ip:
  512     value: {get_attr: [swarm_master_eth0, fixed_ips, 0, ip_address]}
  513     description: >
  514       This is the "private" addresses of all the Swarm master.
  515 
  516   swarm_master_external_ip:
  517     value: {get_attr: [swarm_master_floating, floating_ip_address]}
  518     description: >
  519       This is the "public" ip addresses of Swarm master.