From aad71bcd252ce6cdc7506d56cf189a206edce8ac Mon Sep 17 00:00:00 2001
From: Mark Goddard <mark@stackhpc.com>
Date: Fri, 17 Feb 2017 12:50:13 +0000
Subject: [PATCH] Support Ocata split of kolla-ansible from kolla, allow custom
 kolla passwords

---
 ansible/group_vars/all/kolla                  | 27 +++++++++++
 ansible/roles/kolla-ansible/defaults/main.yml | 17 +++++++
 ansible/roles/kolla-ansible/tasks/config.yml  | 48 +++++++++++++++++++
 ansible/roles/kolla-ansible/tasks/install.yml | 48 +++++++++++++++++++
 ansible/roles/kolla-ansible/tasks/main.yml    | 35 ++------------
 ansible/roles/kolla-ansible/vars/main.yml     |  9 +++-
 ansible/roles/kolla/defaults/main.yml         | 16 +++++++
 etc/kayobe/kolla.yml                          | 18 +++++++
 8 files changed, 185 insertions(+), 33 deletions(-)
 create mode 100644 ansible/roles/kolla-ansible/tasks/config.yml
 create mode 100644 ansible/roles/kolla-ansible/tasks/install.yml

diff --git a/ansible/group_vars/all/kolla b/ansible/group_vars/all/kolla
index 9c8f52206..f4d3aea9a 100644
--- a/ansible/group_vars/all/kolla
+++ b/ansible/group_vars/all/kolla
@@ -12,6 +12,13 @@ kolla_source_url: "https://github.com/stackhpc/kolla"
 # 'source'.
 kolla_source_version: "stackhpc-{{ kolla_openstack_release }}"
 
+# URL of Kolla Ansible source code repository if type is 'source'.
+kolla_ansible_source_url: "https://github.com/stackhpc/kolla-ansible"
+
+# Version (branch, tag, etc.) of Kolla Ansible source code repository if type
+# is 'source'.
+kolla_ansible_source_version: "stackhpc-{{ kolla_openstack_release }}"
+
 ###############################################################################
 # Kolla configuration.
 
@@ -45,3 +52,23 @@ kolla_openstack_logging_debug: "False"
 kolla_enable_glance: "yes"
 kolla_enable_ironic: "yes"
 kolla_enable_swift: "yes"
+
+###############################################################################
+# Passwords and credentials.
+
+# Dictionary containing default custom passwords to add or override in the
+# Kolla passwords file.
+kolla_ansible_default_custom_passwords:
+  # SSH key authorized in hosts deployed by Bifrost.
+  bifrost_ssh_key:
+    private_key: "{{ lookup('file', ssh_private_key_path) }}"
+    public_key: "{{ lookup('file', ssh_public_key_path) }}"
+  # SSH key authorized by kolla user on Kolla hosts during
+  # kolla-ansible bootstrap-servers.
+  kolla_ssh_key:
+    private_key: "{{ lookup('file', ssh_private_key_path) }}"
+    public_key: "{{ lookup('file', ssh_public_key_path) }}"
+
+# Dictionary containing custom passwords to add or override in the Kolla
+# passwords file.
+kolla_ansible_custom_passwords: "{{ kolla_ansible_default_custom_passwords }}"
diff --git a/ansible/roles/kolla-ansible/defaults/main.yml b/ansible/roles/kolla-ansible/defaults/main.yml
index 916f2cb87..2338572fc 100644
--- a/ansible/roles/kolla-ansible/defaults/main.yml
+++ b/ansible/roles/kolla-ansible/defaults/main.yml
@@ -1,4 +1,17 @@
 ---
+# Path to directory for source code checkouts.
+source_checkout_path:
+
+# Type of Kolla control installation. One of 'binary' or 'source'.
+kolla_ctl_install_type:
+
+# URL of Kolla Ansible source code repository if type is 'source'.
+kolla_ansible_source_url:
+
+# Version (branch, tag, etc.) of Kolla Ansible source code repository if type
+# is 'source'.
+kolla_ansible_source_version:
+
 # Virtualenv directory where Kolla will be installed.
 kolla_venv: "{{ ansible_env['PWD'] }}/kolla-venv"
 
@@ -137,3 +150,7 @@ kolla_openstack_logging_debug:
 
 # Free form extra configuration to append to {{ kolla_config_path }}/globals.yml.
 kolla_extra_globals:
+
+# Dictionary containing custom passwords to add or override in the Kolla
+# passwords file.
+kolla_ansible_custom_passwords: {}
diff --git a/ansible/roles/kolla-ansible/tasks/config.yml b/ansible/roles/kolla-ansible/tasks/config.yml
new file mode 100644
index 000000000..1f9e9fd34
--- /dev/null
+++ b/ansible/roles/kolla-ansible/tasks/config.yml
@@ -0,0 +1,48 @@
+---
+- name: Ensure the Kolla Ansible configuration directores exist
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: 0755
+  become: True
+  with_items:
+    - "{{ kolla_config_path }}"
+    - "{{ kolla_config_path }}/inventory"
+    - "{{ kolla_node_custom_config_path }}"
+
+- name: Ensure the Kolla configuration files exist
+  template:
+    src: "{{ item.src }}"
+    dest: "{{ kolla_config_path }}/{{ item.dest }}"
+    mode: 0644
+  become: True
+  with_items:
+    - { src: seed.j2, dest: inventory/seed }
+    - { src: overcloud.j2, dest: inventory/overcloud }
+    - { src: globals.yml.j2, dest: globals.yml }
+
+- name: Check whether the Kolla passwords file exists
+  stat:
+    path: "{{ kolla_config_path }}/passwords.yml"
+  register: kolla_passwords_stat
+
+- name: Generate Kolla passwords
+  shell: >
+    cp {{ kolla_ansible_install_dir }}/etc_examples/kolla/passwords.yml {{ kolla_config_path }}/passwords.yml.generated
+    && {{ kolla_venv }}/bin/kolla-genpwd -p {{ kolla_config_path }}/passwords.yml.generated
+    && mv {{ kolla_config_path }}/passwords.yml.generated {{ kolla_config_path }}/passwords.yml
+  become: True
+  when: not kolla_passwords_stat.stat.exists
+
+- name: Read the Kolla passwords file
+  slurp:
+    src: "{{ kolla_config_path }}/passwords.yml"
+  register: passwords_result
+  when: "{{ kolla_ansible_custom_passwords }}"
+
+- name: Ensure the Kolla passwords file contains the required custom passwords
+  copy:
+    content: "{{ passwords_result.content | b64decode | from_yaml | combine(kolla_ansible_custom_passwords) | to_nice_yaml }}"
+    dest: "{{ kolla_config_path }}/passwords.yml"
+  become: True
+  when: "{{ kolla_ansible_custom_passwords }}"
diff --git a/ansible/roles/kolla-ansible/tasks/install.yml b/ansible/roles/kolla-ansible/tasks/install.yml
new file mode 100644
index 000000000..905630c57
--- /dev/null
+++ b/ansible/roles/kolla-ansible/tasks/install.yml
@@ -0,0 +1,48 @@
+---
+- name: Ensure required packages are installed
+  yum:
+    name: "{{ item }}"
+    state: installed
+  become: True
+  with_items:
+    - gcc
+    - libffi-devel
+    - openssl-devel
+    - patch
+    - python-devel
+    - python-pip
+    - python-virtualenv
+
+- name: Ensure the latest version of pip is installed
+  pip:
+    name: "{{ item.name }}"
+    state: latest
+    virtualenv: "{{ kolla_venv }}"
+  with_items:
+    - { name: pip }
+
+- name: Ensure Kolla Ansible source code checkout exists
+  git:
+    repo: "{{ kolla_ansible_source_url }}"
+    dest: "{{ source_checkout_path }}/kolla-ansible"
+    version: "{{ kolla_ansible_source_version }}"
+  when: "{{ kolla_ctl_install_type == 'source' }}"
+
+- name: Ensure required Python packages are installed
+  pip:
+    name: "{{ item.name }}"
+    version: "{{ item.version | default(omit) }}"
+    state: present
+    virtualenv: "{{ kolla_venv }}"
+  with_items:
+    # Intall Kolla Ansible from source.
+    - name: "{{ source_checkout_path }}/kolla-ansible"
+      install: "{{ kolla_ctl_install_type == 'source' }}"
+    # Intall Kolla Ansible from PyPI.
+    - name: "kolla-ansible"
+      version: "{{ kolla_openstack_release }}"
+      install: "{{ kolla_ctl_install_type == 'binary' }}"
+    # Required for kolla-genpwd.
+    - name: PyYAML
+      version: "3.12"
+  when: "{{ item.install | default(True) | bool }}"
diff --git a/ansible/roles/kolla-ansible/tasks/main.yml b/ansible/roles/kolla-ansible/tasks/main.yml
index a0cc1da25..91193b560 100644
--- a/ansible/roles/kolla-ansible/tasks/main.yml
+++ b/ansible/roles/kolla-ansible/tasks/main.yml
@@ -1,34 +1,5 @@
 ---
-- name: Ensure the Kolla configuration directores exist
-  file:
-    path: "{{ item }}"
-    state: directory
-    mode: 0755
-  become: True
-  with_items:
-    - "{{ kolla_config_path }}/inventory"
-    - "{{ kolla_node_custom_config_path }}"
+- include: install.yml
+  when: "{{ kolla_ansible_is_standalone | bool }}"
 
-- name: Ensure the Kolla configuration files exist
-  template:
-    src: "{{ item.src }}"
-    dest: "{{ kolla_config_path }}/{{ item.dest }}"
-    mode: 0644
-  become: True
-  with_items:
-    - { src: seed.j2, dest: inventory/seed }
-    - { src: overcloud.j2, dest: inventory/overcloud }
-    - { src: globals.yml.j2, dest: globals.yml }
-
-- name: Check whether the Kolla passwords file exists
-  stat:
-    path: "{{ kolla_config_path }}/passwords.yml"
-  register: kolla_passwords_stat
-
-- name: Generate Kolla passwords
-  shell: >
-    cp {{ kolla_install_dir }}/etc_examples/kolla/passwords.yml {{ kolla_config_path }}/passwords.yml.generated
-    && {{ kolla_venv }}/bin/kolla-genpwd -p {{ kolla_config_path }}/passwords.yml.generated
-    && mv {{ kolla_config_path }}/passwords.yml.generated {{ kolla_config_path }}/passwords.yml
-  become: True
-  when: not kolla_passwords_stat.stat.exists
+- include: config.yml
diff --git a/ansible/roles/kolla-ansible/vars/main.yml b/ansible/roles/kolla-ansible/vars/main.yml
index 85f81741a..5b165cdc6 100644
--- a/ansible/roles/kolla-ansible/vars/main.yml
+++ b/ansible/roles/kolla-ansible/vars/main.yml
@@ -1,5 +1,12 @@
 ---
-kolla_install_dir: "{{ kolla_venv }}/share/kolla"
+# kolla-ansible was bundled with kolla prior to Ocata (4.0.0).
+kolla_ansible_is_standalone: "{{ kolla_ansible_source_version | version_compare('4.0.0', '>=') }}"
+
+# Name of the kolla-ansible python module.
+kolla_ansible_module: "{% if kolla_ansible_is_standalone | bool %}kolla-ansible{% else %}kolla{% endif %}"
+
+# Path to Kolla Ansible installation directory.
+kolla_ansible_install_dir: "{{ kolla_venv }}/share/{{ kolla_ansible_module }}"
 
 # List of features supported by Kolla as enable_* flags.
 kolla_feature_flags:
diff --git a/ansible/roles/kolla/defaults/main.yml b/ansible/roles/kolla/defaults/main.yml
index 061756399..34be64971 100644
--- a/ansible/roles/kolla/defaults/main.yml
+++ b/ansible/roles/kolla/defaults/main.yml
@@ -1,6 +1,22 @@
 ---
+# Path to directory for source code checkouts.
+source_checkout_path:
+
+# Type of Kolla control installation. One of 'binary' or 'source'.
+kolla_ctl_install_type:
+
+# URL of Kolla source code repository if type is 'source'.
+kolla_source_url:
+
+# Version (branch, tag, etc.) of Kolla source code repository if type is
+# 'source'.
+kolla_source_version:
+
 # Virtualenv directory where Kolla will be installed.
 kolla_venv: "{{ ansible_env['PWD'] }}/kolla-venv"
 
 # Directory where Kolla config files will be installed.
 kolla_config_path:
+
+# Kolla OpenStack release version. This should be a Docker image tag.
+kolla_openstack_release:
diff --git a/etc/kayobe/kolla.yml b/etc/kayobe/kolla.yml
index 43bed55b6..90c0f9181 100644
--- a/etc/kayobe/kolla.yml
+++ b/etc/kayobe/kolla.yml
@@ -14,6 +14,13 @@
 # 'source'.
 #kolla_source_version:
 
+# URL of Kolla Ansible source code repository if type is 'source'.
+#kolla_ansible_source_url:
+
+# Version (branch, tag, etc.) of Kolla Ansible source code repository if type
+# is 'source'.
+#kolla_ansible_source_version:
+
 ###############################################################################
 # Kolla configuration.
 
@@ -83,6 +90,17 @@
 #kolla_enable_vmtp:
 #kolla_enable_watcher:
 
+###############################################################################
+# Passwords and credentials.
+
+# Dictionary containing default custom passwords to add or override in the
+# Kolla passwords file.
+#kolla_ansible_default_custom_passwords:
+
+# Dictionary containing custom passwords to add or override in the Kolla
+# passwords file.
+#kolla_ansible_custom_passwords:
+
 ###############################################################################
 # Dummy variable to allow Ansible to accept this file.
 workaround_ansible_issue_8743: yes