{"heat_template_version": "wallaby", "description": "OpenStack containerized Cinder Backup service\n", "parameters": {"ContainerCinderBackupImage": {"description": "image", "type": "string", "tags": ["role_specific"]}, "ContainerCinderConfigImage": {"description": "The container image to use for the cinder config_volume", "type": "string", "tags": ["role_specific"]}, "EndpointMap": {"default": {}, "description": "Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry.", "type": "json"}, "ServiceData": {"default": {}, "description": "Dictionary packing service data", "type": "json"}, "ServiceNetMap": {"default": {}, "description": "Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. Use parameter_merge_strategies to merge it with the defaults.", "type": "json"}, "RoleName": {"default": "", "description": "Role name on which the service is applied", "type": "string"}, "RoleParameters": {"default": {}, "description": "Parameters specific to the role", "type": "json"}, "CephClusterName": {"type": "string", "default": "ceph", "description": "The Ceph cluster name.", "constraints": [{"allowed_pattern": "[a-zA-Z0-9]+", "description": "The Ceph cluster name must be at least 1 character and contain only letters and numbers.\n"}]}, "CephClientUserName": {"default": "openstack", "type": "string"}, "DockerCinderBackupLoggingSource": {"type": "json", "default": {"tag": "openstack.cinder.backup", "file": "/var/log/containers/cinder/cinder-backup.log"}}, "CinderBackupBackend": {"default": "swift", "description": "The short name of the Cinder Backup backend to use.", "type": "string", "constraints": [{"allowed_values": ["swift", "ceph", "nfs", "gcs", "s3"]}]}, "CinderBackupWorkers": {"type": "number", "default": 1, "description": "The number of cinder-backup processes to launch."}, "CinderBackupMaxOperations": {"type": "number", "default": 15, "description": "The maximum number of concurrent cinder backup/restore operations (0 means unlimited)."}, "CinderBackupCompressionAlgorithm": {"default": "zlib", "description": "The compression algorithm used by Cinder Backup backends that are based on Cinder's \"chunked\" backup driver. This includes the swift, nfs, gcs and s3 backends. The ceph backend does not support the feature.", "type": "string", "constraints": [{"allowed_values": ["none", "zlib", "bzip2", "zstd"]}]}, "CinderBackupRbdClusterName": {"type": "string", "default": "", "description": "The Ceph cluster where backups are to be stored. If no value is specified then the CephClusterName value is used."}, "CinderBackupRbdClientUserName": {"default": "", "type": "string", "description": "The Ceph client name used by the backup service. If no value is specified then the CephClientUserName value is used."}, "CinderBackupRbdPoolName": {"default": "backups", "type": "string"}, "CinderBackupNfsShare": {"default": "", "description": "NFS share to be mounted", "type": "string"}, "CinderBackupNfsMountOptions": {"default": "context=system_u:object_r:container_file_t:s0", "description": "Mount options passed to the NFS client. See NFS man page for details.", "type": "string"}, "CinderBackupGcsCredentials": {"default": {}, "description": "The GCS service account credentials, in JSON format.", "type": "json"}, "CinderBackupGcsProjectId": {"default": "", "description": "The GCS project ID.", "type": "string"}, "CinderBackupGcsBucket": {"default": "volumebackups", "description": "The GCS bucket where backups are to be stored.", "type": "string"}, "CinderBackupGcsBucketLocation": {"default": "", "description": "If set, it specifies the location where the GCS bucket should be created.", "type": "string"}, "CinderBackupS3EndpointUrl": {"default": "", "description": "The URL where the S3 server is listening.", "type": "string"}, "CinderBackupS3AccessKey": {"default": "", "description": "The S3 query token access key.", "type": "string"}, "CinderBackupS3SecretKey": {"default": "", "description": "The S3 query token secret key.", "type": "string"}, "CinderBackupS3Bucket": {"default": "volumebackups", "description": "The S3 bucket where backups are to be stored.", "type": "string"}, "MonitoringSubscriptionCinderBackup": {"default": "overcloud-cinder-backup", "type": "string"}}, "resources": {"ContainersCommon": {"type": "file:///usr/share/openstack-tripleo-heat-templates/deployment/containers-common.yaml"}, "MySQLClient": {"type": "file:///usr/share/openstack-tripleo-heat-templates/deployment/database/mysql-client.yaml"}, "CinderBase": {"type": "file:///usr/share/openstack-tripleo-heat-templates/deployment/cinder/cinder-base.yaml", "properties": {"EndpointMap": {"get_param": "EndpointMap"}, "ServiceData": {"get_param": "ServiceData"}, "ServiceNetMap": {"get_param": "ServiceNetMap"}, "RoleName": {"get_param": "RoleName"}, "RoleParameters": {"get_param": "RoleParameters"}}}, "CinderCommon": {"type": "file:///usr/share/openstack-tripleo-heat-templates/deployment/cinder/cinder-common-container-puppet.yaml"}, "RoleParametersValue": {"type": "OS::Heat::Value", "properties": {"type": "json", "value": {"map_replace": [{"map_replace": [{"ContainerCinderBackupImage": "ContainerCinderBackupImage", "ContainerCinderConfigImage": "ContainerCinderConfigImage"}, {"values": {"get_param": ["RoleParameters"]}}]}, {"values": {"ContainerCinderBackupImage": {"get_param": "ContainerCinderBackupImage"}, "ContainerCinderConfigImage": {"get_param": "ContainerCinderConfigImage"}}}]}}}}, "outputs": {"role_data": {"description": "Role data for the Cinder Backup role.", "value": {"service_name": "cinder_backup", "monitoring_subscription": {"get_param": "MonitoringSubscriptionCinderBackup"}, "config_settings": {"map_merge": [{"get_attr": ["CinderBase", "role_data", "config_settings"]}, {"cinder::backup::backup_workers": {"get_param": "CinderBackupWorkers"}, "cinder::backup::backup_max_operations": {"get_param": "CinderBackupMaxOperations"}}, {"if": [{"equals": [{"get_param": "CinderBackupBackend"}, "ceph"]}, {"cinder::backup::ceph::backup_ceph_user": {"str_replace": {"template": "USERNAME", "params": {"USERNAME": {"if": [{"equals": [{"get_param": "CinderBackupRbdClientUserName"}, ""]}, {"get_param": "CephClientUserName"}, {"get_param": "CinderBackupRbdClientUserName"}]}}}}, "cinder::backup::ceph::backup_ceph_pool": {"get_param": "CinderBackupRbdPoolName"}, "cinder::backup::ceph::backup_ceph_conf": {"str_replace": {"template": "/etc/ceph/CLUSTER.conf", "params": {"CLUSTER": {"if": [{"equals": [{"get_param": "CinderBackupRbdClusterName"}, ""]}, {"get_param": "CephClusterName"}, {"get_param": "CinderBackupRbdClusterName"}]}}}}}]}, {"if": [{"equals": [{"get_param": "CinderBackupBackend"}, "swift"]}, {"cinder::backup::swift::backup_swift_container": "volumebackups", "cinder::backup::swift::backup_compression_algorithm": {"get_param": "CinderBackupCompressionAlgorithm"}, "cinder::backup::swift::swift_catalog_info": "object-store:swift:internalURL"}]}, {"if": [{"equals": [{"get_param": "CinderBackupBackend"}, "nfs"]}, {"cinder::backup::nfs::backup_share": {"get_param": "CinderBackupNfsShare"}, "cinder::backup::nfs::backup_mount_options": {"get_param": "CinderBackupNfsMountOptions"}, "cinder::backup::nfs::backup_compression_algorithm": {"get_param": "CinderBackupCompressionAlgorithm"}}]}, {"if": [{"equals": [{"get_param": "CinderBackupBackend"}, "gcs"]}, {"tripleo::profile::base::cinder::backup::gcs::credentials": {"get_param": "CinderBackupGcsCredentials"}, "cinder::backup::google::backup_gcs_project_id": {"get_param": "CinderBackupGcsProjectId"}, "cinder::backup::google::backup_gcs_bucket": {"get_param": "CinderBackupGcsBucket"}, "cinder::backup::google::backup_gcs_bucket_location": {"get_param": "CinderBackupGcsBucketLocation"}, "cinder::config::cinder_config": {"DEFAULT/backup_compression_algorithm": {"value": {"get_param": "CinderBackupCompressionAlgorithm"}}}}]}, {"if": [{"equals": [{"get_param": "CinderBackupBackend"}, "s3"]}, {"cinder::backup::s3::backup_s3_endpoint_url": {"get_param": "CinderBackupS3EndpointUrl"}, "cinder::backup::s3::backup_s3_store_access_key": {"get_param": "CinderBackupS3AccessKey"}, "cinder::backup::s3::backup_s3_store_secret_key": {"get_param": "CinderBackupS3SecretKey"}, "cinder::backup::s3::backup_s3_store_bucket": {"get_param": "CinderBackupS3Bucket"}, "cinder::backup::s3::backup_compression_algorithm": {"get_param": "CinderBackupCompressionAlgorithm"}}]}]}, "service_config_settings": {"rsyslog": {"tripleo_logging_sources_cinder_backup": [{"get_param": "DockerCinderBackupLoggingSource"}]}}, "puppet_config": {"config_volume": "cinder", "puppet_tags": "cinder_config,file,concat,file_line", "step_config": {"list_join": ["\n", [{"get_attr": ["CinderBase", "role_data", "step_config"]}, {"str_replace": {"template": "include tripleo::profile::base::cinder::backup::DRIVER", "params": {"DRIVER": {"get_param": "CinderBackupBackend"}}}}, {"get_attr": ["MySQLClient", "role_data", "step_config"]}]]}, "config_image": {"get_attr": ["RoleParametersValue", "value", "ContainerCinderConfigImage"]}}, "kolla_config": {"/var/lib/kolla/config_files/cinder_backup.json": {"command": "/usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf", "config_files": {"get_attr": ["CinderCommon", "cinder_common_kolla_config_files"]}, "permissions": {"get_attr": ["CinderCommon", "cinder_common_kolla_permissions"]}}}, "docker_config": {"step_3": {"cinder_backup_init_logs": {"start_order": 0, "image": {"get_attr": ["RoleParametersValue", "value", "ContainerCinderBackupImage"]}, "net": "none", "privileged": false, "user": "root", "volumes": ["/var/log/containers/cinder:/var/log/cinder:z"], "command": ["/bin/bash", "-c", "chown -R cinder:cinder /var/log/cinder"]}}, "step_4": {"cinder_backup": {"image": {"get_attr": ["RoleParametersValue", "value", "ContainerCinderBackupImage"]}, "ipc": "host", "net": "host", "privileged": true, "user": "root", "restart": "always", "healthcheck": {"get_attr": ["ContainersCommon", "healthcheck_rpc_port"]}, "volumes": {"get_attr": ["CinderCommon", "cinder_backup_volumes"]}, "environment": {"get_attr": ["CinderCommon", "cinder_backup_environment"]}}}}, "host_prep_tasks": {"list_concat": [{"get_attr": ["CinderCommon", "cinder_backup_host_prep_tasks"]}, [{"name": "enable virt_sandbox_use_netlink for healthcheck", "seboolean": {"name": "virt_sandbox_use_netlink", "persistent": true, "state": true}, "when": ["ansible_facts.selinux is defined", "ansible_facts.selinux.status == \"enabled\""]}]]}, "deploy_steps_tasks": [{"name": "Clean up when switching cinder-backup from pcmk to active-active", "when": ["step|int == 1"], "become": true, "block": [{"name": "Check if cinder-backup is running under pacemaker", "command": "pcs status", "register": "cinder_backup_pcs_status", "check_mode": false, "failed_when": false, "changed_when": false}, {"when": ["\"cinder-backup\" in cinder_backup_pcs_status.stdout"], "block": [{"name": "Remove the openstack-cinder-backup pcs resource", "pacemaker_resource": {"resource": "openstack-cinder-backup", "state": "delete"}, "run_once": true}, {"name": "Identify the cinder-backup pcmklatest container image", "shell": "{{container_cli}} images | awk '$1 ~ \"cinder-backup\" && $2 == \"pcmklatest\" {print $1\":\"$2}'", "register": "cinder_backup_pcmklatest_image", "check_mode": false, "changed_when": false}, {"name": "Remove the cinder-backup pcmklatest container image", "command": "{{container_cli}} rmi {{cinder_backup_pcmklatest_image.stdout}}", "when": ["cinder_backup_pcmklatest_image.stdout|length > 0"]}]}]}], "external_upgrade_tasks": [{"when": ["step|int == 1"], "tags": ["never", "system_upgrade_transfer_data", "system_upgrade_stop_services"], "block": [{"name": "Stop cinder backup container", "import_role": {"name": "tripleo_container_stop"}, "vars": {"tripleo_containers_to_stop": ["cinder_backup"], "tripleo_delegate_to": "{{ groups['cinder_backup'] | difference(groups['excluded_overcloud']) }}"}}]}]}}}}