Menu Close

Red Hat Training

A Red Hat training course is available for Red Hat OpenStack Platform

Appendix A. Composable service parameters

The following parameters are used for the outputs in all composable services:

The following parameters are used for the outputs specifically for containerized composable services:

A.1. All composable services

The following parameters apply to all composable services.


The name of your service. You can use this to apply configuration from other composable services via service_config_settings.


Custom hieradata settings for your service.


Custom hieradata settings for another service. For example, your service might require its endpoints registered in OpenStack Identity (keystone). This provides parameters from one service to another and provide a method of cross-service configuration, even if the services are on different roles.


Custom hieradata settings distributed to all roles.


A Puppet snippet to configure the service. This snippet is added to a combined manifest created and run at each step of the service configuration process. These steps are:

  • Step 1 - Load balancer configuration
  • Step 2 - Core high availability and general services (Database, RabbitMQ, NTP)
  • Step 3 - Early OpenStack Platform Service setup (Storage, Ring Building)
  • Step 4 - General OpenStack Platform services
  • Step 5 - Service activation (Pacemaker) and OpenStack Identity (keystone) role and user creation

In any referenced puppet manifest, you can use the step hieradata (using hiera('step')) to define specific actions at specific steps during the deployment process.


Ansible snippet to help with upgrading the service. The snippet is added to a combined playbook. Each operation uses a tag to define a step, which includes:

  • common - Applies to all steps
  • step0 - Validation
  • step1 - Stop all OpenStack services.
  • step2 - Stop all Pacemaker-controlled services
  • step3 - Package update and new package installation
  • step4 - Start OpenStack service required for database upgrade
  • step5 - Upgrade database


Performs a similar function to upgrade_tasks but only executes batch set of Ansible tasks in order they are listed. The default is 1, but you can change this per role using the upgrade_batch_size parameter in a roles_data.yaml file.

A.2. Containerized composable services

The following parameters apply to all containerized composable services.


This section is a nested set of key value pairs that drive the creation of configuration files using puppet. Required parameters include:

Puppet resource tag names that are used to generate configuration files with Puppet. Only the named configuration resources are used to generate a file. Any service that specifies tags will have the default tags of file,concat,file_line,augeas,cron appended to the setting. Example: keystone_config
The name of the volume (directory) where the configuration files are generated for this service. Use this as the location to bind mount into the running Kolla container for configuration.
The name of the docker image that will be used for generating configuration files. This is often the same container that the runtime service uses. Some services share a common set of configuration files which are generated in a common base container.
This setting controls the manifest that is used to create docker configuration files via Puppet. The Puppet tags below are used along with this manifest to generate a configuration directory for this container.


Creates a map of the the Kolla configuration in the container. The format begins with the absolute path of the configuration file and uses it for following sub-parameters:

The command to run when the container starts.
The location of the service configuration files (source) and the destination on the container (dest) before the service starts. Also includes options to either merge or replace these files on the container (merge), whether to preserve the file permissions and other properties (preserve_properties).
Set permissions for certain directories on the containers. Requires a path, an owner, and a group. You can also apply the permissions recursively (recurse).

The following is an example of the kolla_config parameter for the keystone service:

    command: /usr/sbin/httpd -DFOREGROUND
      - source: "/var/lib/kolla/config_files/src/*"
        dest: "/"
        merge: true
        preserve_properties: true
    command: /usr/sbin/crond -n
      - source: "/var/lib/kolla/config_files/src/*"
        dest: "/"
        merge: true
        preserve_properties: true
      - path: /var/log/keystone
        owner: keystone:keystone
        recurse: true


Data passed to the docker-cmd hook to configure a container at each step.

  • step_0 - Containers configuration files generated per hiera settings.
  • step_1 - Load Balancer configuration

    1. Baremetal configuration
    2. Container configuration
  • step_2 - Core Services (Database/Rabbit/NTP/etc.)

    1. Baremetal configuration
    2. Container configuration
  • step_3 - Early OpenStack Service setup (Ringbuilder, etc.)

    1. Baremetal configuration
    2. Container configuration
  • step_4 - General OpenStack Services

    1. Baremetal configuration
    2. Container configuration
    3. Keystone container post initialization (tenant, service, endpoint creation)
  • step_5 - Service activation (Pacemaker)

    1. Baremetal configuration
    2. Container configuration

The YAML uses a set of parameters to define the container container to run at each step and the docker settings associated with each container. For example:

      start_order: 2
      image: *keystone_image
      net: host
      privileged: false
      restart: always
        test: /openstack/healthcheck
      volumes: *keystone_volumes

This creates a keystone container and uses the respective parameters to define details, including the image to use, the networking type, and environment variables.


Provides data to drive the tool directly. The task is executed only once within the cluster (not on each node) and is useful for several Puppet snippets required for initialization of things like keystone endpoints and database users. For example:

  # Keystone endpoint creation occurs only on single node
    config_volume: 'keystone_init_tasks'
    puppet_tags: 'keystone_config,keystone_domain_config,keystone_endpoint,keystone_identity_provider,keystone_paste_ini,keystone_role,keystone_service,keystone_tenant,keystone_user,keystone_user_role,keystone_domain'
    step_config: 'include ::tripleo::profile::base::keystone'
    config_image: *keystone_config_image


This is an ansible snippet to execute on the node host to prepare it for containerized services. For example, you might need to create a specific directory to mount to the container during its creation.


Ansible snippet to help with the fast forward upgrade process. This snippet is added to a combined playbook. Each operation uses tags to define step and release

The step usually follows these stages:

  • step=0 - Check running services
  • step=1 - Stop the service
  • step=2 - Stop the cluster
  • step=3 - Update repositories
  • step=4 - Database backups
  • step=5 - Pre-package update commands
  • step=6 - Package updates
  • step=7 - Post-package update commands
  • step=8 - Database updates
  • step=9 - Verification

The tag corresponds to a release:

  • tag=ocata - OpenStack Platform 11
  • tag=pike - OpenStack Platform 12
  • tag=queens - OpenStack Platform 13