Skip to content
Snippets Groups Projects
Commit 2364bee3 authored by root's avatar root Committed by jianyi
Browse files

Add zun ansible role


Change-Id: I13cf03d6a97fb94dd7cb309e99a417ad101dc21a
Co-Authored-By: default avatarMauricio Lima <mauriciolimab@gmail.com>
Partially-implements: bp add-zun-ansible-role
parent 04ebda9e
No related branches found
No related tags found
No related merge requests found
Showing
with 376 additions and 1 deletion
......@@ -245,6 +245,8 @@ tacker_server_port: "9890"
fluentd_syslog_port: "5140"
zun_api_port: "9512"
public_protocol: "{{ 'https' if kolla_enable_tls_external | bool else 'http' }}"
internal_protocol: "http"
admin_protocol: "http"
......@@ -364,6 +366,7 @@ enable_tempest: "no"
enable_trove: "no"
enable_vmtp: "no"
enable_watcher: "no"
enable_zun: "no"
ironic_keystone_user: "ironic"
neutron_keystone_user: "neutron"
......
......@@ -184,6 +184,9 @@ control
[bifrost:children]
deployment
[zun:children]
control
# Additional control implemented here. These groups allow you to control which
# services run on which hosts at a per-service level.
#
......@@ -527,3 +530,10 @@ designate
# Placement
[placement-api:children]
placement
# Zun
[zun-api:children]
zun
[zun-compute:children]
compute
......@@ -202,6 +202,9 @@ control
[bifrost:children]
deployment
[zun:children]
control
# Additional control implemented here. These groups allow you to control which
# services run on which hosts at a per-service level.
#
......@@ -545,3 +548,10 @@ designate
# Placement
[placement-api:children]
placement
# Zun
[zun-api:children]
zun
[zun-compute:children]
compute
......@@ -110,3 +110,4 @@
- { name: "swift", enabled: "{{ enable_swift }}" }
- { name: "tacker", enabled: "{{ enable_tacker }}" }
- { name: "watcher", enabled: "{{ enable_watcher }}" }
- { name: "zun", enabled: "{{ enable_zun }}" }
"/var/log/kolla/zun/*.log"
{
}
......@@ -34,7 +34,8 @@
( 'solum', enable_solum ),
( 'swift', enable_swift ),
( 'tacker', enable_tacker ),
( 'watcher', enable_watcher )
( 'watcher', enable_watcher ),
( 'zun', enable_zun )
] %}
{
"command": "{{ cron_cmd }}",
......
......@@ -621,3 +621,14 @@
- enable_watcher | bool
- inventory_hostname in groups['haproxy']
- "{{ 'watcher_api' not in haproxy_stat }}"
- name: Checking free port for Zun API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ zun_api_port }}"
connect_timeout: 1
state: stopped
when:
- enable_zun | bool
- inventory_hostname in groups['haproxy']
- "{{ 'zun_api' not in haproxy_stat }}"
......@@ -798,6 +798,25 @@ listen tacker_server_external
{% endif %}
{% endif %}
{% if enable_zun | bool %}
listen zun_api
bind {{ kolla_internal_vip_address }}:{{ zun_api_port }}
http-request del-header X-Forwarded-Proto if { ssl_fc }
{% for host in groups['zun-api'] %}
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ zun_api_port }} check inter 2000 rise 2 fall 5
{% endfor %}
{% if haproxy_enable_external_vip | bool %}
listen zun_api_external
bind {{ kolla_external_vip_address }}:{{ zun_api_port }} {{ tls_bind_info }}
http-request del-header X-Forwarded-Proto if { ssl_fc }
http-request set-header X-Forwarded-Proto https if { ssl_fc }
{% for host in groups['zun-api'] %}
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ zun_api_port }} check inter 2000 rise 2 fall 5
{% endfor %}
{% endif %}
{% endif %}
# (NOTE): This defaults section deletes forwardfor as recommended by:
# https://marc.info/?l=haproxy&m=141684110710132&w=1
......
---
project_name: "zun"
zun_services:
zun-api:
container_name: zun_api
group: zun-api
enabled: true
image: "{{ zun_api_image_full }}"
volumes:
- "{{ node_config_directory }}/zun-api/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
zun-compute:
container_name: zun_compute
group: zun-compute
enabled: true
image: "{{ zun_compute_image_full }}"
volumes:
- "{{ node_config_directory }}/zun-compute/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
####################
## Database
####################
zun_database_name: "zun"
zun_database_user: "zun"
zun_database_address: "{{ kolla_internal_fqdn }}:{{ database_port }}"
####################
## Docker
####################
zun_compute_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-zun-compute"
zun_compute_tag: "{{ openstack_release }}"
zun_compute_image_full: "{{ zun_compute_image }}:{{ zun_compute_tag }}"
zun_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-zun-api"
zun_api_tag: "{{ openstack_release }}"
zun_api_image_full: "{{ zun_api_image }}:{{ zun_api_tag }}"
####################
## OpenStack
####################
zun_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
zun_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
zun_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
zun_logging_debug: "{{ openstack_logging_debug }}"
zun_keystone_user: "zun"
openstack_zun_auth: "{{ openstack_auth }}"
---
- name: Restart zun-api container
vars:
service_name: "zun-api"
service: "{{ zun_services[service_name] }}"
config_json: "{{ zun_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
zun_conf: "{{ zun_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ zun_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
zun_api_container: "{{ check_zun_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
common_options: "{{ docker_common_options }}"
name: "{{ service.container_name }}"
image: "{{ service.image }}"
volumes: "{{ service.volumes }}"
when:
- action != "config"
- inventory_hostname in groups[service.group]
- service.enabled | bool
- config_json.changed | bool
or zun_conf.changed | bool
or policy_json.changed | bool
or zun_api_container.changed | bool
- name: Restart zun-compute container
vars:
service_name: "zun-compute"
service: "{{ zun_services[service_name] }}"
config_json: "{{ zun_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
zun_conf: "{{ zun_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ zun_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
zun_compute_container: "{{ check_zun_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
common_options: "{{ docker_common_options }}"
name: "{{ service.container_name }}"
image: "{{ service.image }}"
volumes: "{{ service.volumes }}"
when:
- action != "config"
- inventory_hostname in groups[service.group]
- service.enabled | bool
- config_json.changed | bool
or zun_conf.changed | bool
or policy_json.changed | bool
or zun_compute_container.changed | bool
---
dependencies:
- { role: common }
---
- name: Creating Zun database
kolla_toolbox:
module_name: mysql_db
module_args:
login_host: "{{ database_address }}"
login_port: "{{ database_port }}"
login_user: "{{ database_user }}"
login_password: "{{ database_password }}"
name: "{{ zun_database_name }}"
register: database
run_once: True
delegate_to: "{{ groups['zun-api'][0] }}"
- name: Creating Zun database user and setting permissions
kolla_toolbox:
module_name: mysql_user
module_args:
login_host: "{{ database_address }}"
login_port: "{{ database_port }}"
login_user: "{{ database_user }}"
login_password: "{{ database_password }}"
name: "{{ zun_database_name }}"
password: "{{ zun_database_password }}"
host: "%"
priv: "{{ zun_database_name }}.*:ALL"
append_privs: "yes"
run_once: True
delegate_to: "{{ groups['zun-api'][0] }}"
- include: bootstrap_service.yml
when: database.changed
---
- name: Running Zun bootstrap container
vars:
zun_api: "{{ zun_services['zun-api'] }}"
kolla_docker:
action: "start_container"
common_options: "{{ docker_common_options }}"
detach: False
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
image: "{{ zun_api.image }}"
labels:
BOOTSTRAP:
name: "bootstrap_zun"
restart_policy: "never"
volumes: "{{ zun_api.volumes }}"
run_once: True
delegate_to: "{{ groups[zun_api.group][0] }}"
---
- name: Ensuring config directories exist
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
recurse: yes
when: inventory_hostname in groups[item.value.group]
with_dict: "{{ zun_services }}"
- name: Copying over config.json files for services
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
register: zun_config_jsons
when:
- item.value.enabled | bool
- inventory_hostname in groups[item.value.group]
with_dict: "{{ zun_services }}"
notify:
- Restart zun-api container
- Restart zun-compute container
- name: Copying over zun.conf
merge_configs:
vars:
service_name: "{{ item.key }}"
sources:
- "{{ role_path }}/templates/zun.conf.j2"
- "{{ node_custom_config }}/global.conf"
- "{{ node_custom_config }}/database.conf"
- "{{ node_custom_config }}/messaging.conf"
- "{{ node_custom_config }}/zun.conf"
- "{{ node_custom_config }}/zun/{{ item.key }}.conf"
- "{{ node_custom_config }}/zun/{{ inventory_hostname }}/zun.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/zun.conf"
register: zun_confs
when:
- item.value.enabled | bool
- inventory_hostname in groups[item.value.group]
with_dict: "{{ zun_services }}"
notify:
- Restart zun-api container
- Restart zun-compute container
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/zun/policy.json"
register: zun_policy
- name: Copying over existing policy.json
template:
src: "{{ node_custom_config }}/zun/policy.json"
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
register: zun_policy_jsons
when:
- zun_policy.stat.exists
- inventory_hostname in groups[item.value.group]
with_dict: "{{ zun_services }}"
notify:
- Restart zun-api container
- Restart zun-compute container
- name: Check zun containers
kolla_docker:
action: "compare_container"
common_options: "{{ docker_common_options }}"
name: "{{ item.value.container_name }}"
image: "{{ item.value.image }}"
volumes: "{{ item.value.volumes }}"
register: check_zun_containers
when:
- action != "config"
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ zun_services }}"
notify:
- Restart zun-api container
- Restart zun-compute container
---
- include: register.yml
when: inventory_hostname in groups['zun-api']
- include: config.yml
when: inventory_hostname in groups['zun-api'] or
inventory_hostname in groups['zun-compute']
- include: bootstrap.yml
when: inventory_hostname in groups['zun-api']
- name: Flush handlers
meta: flush_handlers
---
- include: "{{ action }}.yml"
---
- name: Get container facts
kolla_container_facts:
name:
- zun_api
register: container_facts
- name: Checking free port for Zun API
wait_for:
host: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}"
port: "{{ zun_api_port }}"
connect_timeout: 1
state: stopped
when:
- container_facts['zun_api'] is not defined
- inventory_hostname in groups['zun-api']
---
- name: Pulling zun images
kolla_docker:
action: "pull_image"
common_options: "{{ docker_common_options }}"
image: "{{ item.value.image }}"
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ zun_services }}"
---
- include: deploy.yml
---
- name: Creating the Zun service and endpoint
kolla_toolbox:
module_name: "kolla_keystone_service"
module_args:
service_name: "{{ item.service_name }}"
service_type: "{{ item.service_type }}"
description: "Container Service"
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ '{{ openstack_zun_auth }}' }}"
module_extra_vars:
openstack_zun_auth: "{{ openstack_zun_auth }}"
register: zun_endpoint
until: zun_endpoint|success
retries: 10
delay: 5
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ zun_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ zun_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ zun_public_endpoint }}'}
- name: Creating the Zun project, user, and role
kolla_toolbox:
module_name: "kolla_keystone_user"
module_args:
project: "service"
user: "{{ zun_keystone_user }}"
password: "{{ zun_keystone_password }}"
role: "admin"
region_name: "{{ openstack_region_name }}"
auth: "{{ '{{ openstack_zun_auth }}' }}"
module_extra_vars:
openstack_zun_auth: "{{ openstack_zun_auth }}"
register: zun_user
until: zun_user|success
retries: 10
delay: 5
run_once: True
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment