diff --git a/README.rst b/README.rst index ac4117c3c7..881fe009f3 100644 --- a/README.rst +++ b/README.rst @@ -50,6 +50,7 @@ Kolla-Ansible deploys containers for the following OpenStack projects: - `Cinder `__ - `CloudKitty `__ - `Congress `__ +- `Cyborg `__ - `Designate `__ - `Freezer `__ - `Glance `__ diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 0dd717abe7..8ba87ac0cd 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -209,6 +209,8 @@ cloudkitty_api_port: "8889" collectd_udp_port: "25826" +cyborg_api_port: "6666" + designate_internal_fqdn: "{{ kolla_internal_fqdn }}" designate_external_fqdn: "{{ kolla_external_fqdn }}" designate_api_port: "9001" @@ -527,6 +529,7 @@ enable_cinder_backend_zfssa_iscsi: "no" enable_cinder_backend_quobyte: "no" enable_cloudkitty: "no" enable_congress: "no" +enable_cyborg: "no" enable_designate: "no" enable_etcd: "no" enable_fluentd: "yes" diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one index 9215b26d6a..0772ba7948 100644 --- a/ansible/inventory/all-in-one +++ b/ansible/inventory/all-in-one @@ -187,6 +187,10 @@ control [aodh:children] control +[cyborg:children] +control +compute + [congress:children] control @@ -549,6 +553,16 @@ aodh [aodh-notifier:children] aodh +# Cyborg +[cyborg-api:children] +cyborg + +[cyborg-agent:children] +compute + +[cyborg-conductor:children] +cyborg + # Panko [panko-api:children] panko diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode index 1c0160cef2..9d07a7d401 100644 --- a/ansible/inventory/multinode +++ b/ansible/inventory/multinode @@ -200,6 +200,10 @@ control [aodh:children] control +[cyborg:children] +control +compute + [congress:children] control @@ -578,6 +582,16 @@ aodh [aodh-notifier:children] aodh +# Cyborg +[cyborg-api:children] +cyborg + +[cyborg-agent:children] +compute + +[cyborg-conductor:children] +cyborg + # Congress [congress-api:children] congress diff --git a/ansible/roles/common/tasks/config.yml b/ansible/roles/common/tasks/config.yml index aa7676ae80..f3fdf23af8 100644 --- a/ansible/roles/common/tasks/config.yml +++ b/ansible/roles/common/tasks/config.yml @@ -249,6 +249,7 @@ - { name: "cloudkitty", enabled: "{{ enable_cloudkitty }}" } - { name: "collectd", enabled: "{{ enable_collectd }}" } - { name: "congress", enabled: "{{ enable_congress }}" } + - { name: "cyborg", enabled: "{{ enable_cyborg }}" } - { name: "designate", enabled: "{{ enable_designate }}" } - { name: "elasticsearch", enabled: "{{ enable_elasticsearch }}" } - { name: "etcd", enabled: "{{ enable_etcd }}" } diff --git a/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 b/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 index 9c87d0d31e..5b579a503e 100644 --- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 +++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 @@ -33,4 +33,5 @@ rewriterule30 programname ^(tacker-server|tacker-conductor)$ openstack_python rewriterule31 programname ^(vitrage-ml|vitrage-notifier|vitrage-graph)$ openstack_python rewriterule32 programname ^(blazar-api|blazar-manager)$ openstack_python + rewriterule33 programname ^(cyborg-api|cyborg-conductor|cyborg-agent)$ openstack_python diff --git a/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 b/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 index 9672671dc0..f67f46d965 100644 --- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 +++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 @@ -66,6 +66,11 @@ pattern ^(aodh-notifier|aodh-listener|aodh-evaluator|aodh-dbsync)$ tag openstack_python + + key programname + pattern ^(cyborg-api|cyborg-conductor|cyborg-agent)$ + tag openstack_python + key programname pattern ^(cinder-api|cinder-scheduler|cinder-manage|cinder-volume|cinder-backup|privsep-helper)$ diff --git a/ansible/roles/common/templates/conf/input/00-global.conf.j2 b/ansible/roles/common/templates/conf/input/00-global.conf.j2 index e8b048d192..16b70fdb83 100644 --- a/ansible/roles/common/templates/conf/input/00-global.conf.j2 +++ b/ansible/roles/common/templates/conf/input/00-global.conf.j2 @@ -7,6 +7,7 @@ ( 'cinder', enable_cinder ), ( 'cloudkitty', enable_cloudkitty ), ( 'congress', enable_congress ), + ( 'cyborg', enable_cyborg ), ( 'designate', enable_designate ), ( 'freezer', enable_freezer ), ( 'glance', enable_glance ), diff --git a/ansible/roles/common/templates/cron-logrotate-cyborg.conf.j2 b/ansible/roles/common/templates/cron-logrotate-cyborg.conf.j2 new file mode 100644 index 0000000000..d4f8b90214 --- /dev/null +++ b/ansible/roles/common/templates/cron-logrotate-cyborg.conf.j2 @@ -0,0 +1,3 @@ +"/var/log/kolla/cyborg/*.log" +{ +} diff --git a/ansible/roles/common/templates/cron.json.j2 b/ansible/roles/common/templates/cron.json.j2 index fb74a575e3..91134cd5a9 100644 --- a/ansible/roles/common/templates/cron.json.j2 +++ b/ansible/roles/common/templates/cron.json.j2 @@ -11,6 +11,7 @@ ( 'cloudkitty', enable_cloudkitty ), ( 'collectd', enable_collectd ), ( 'congress', enable_congress ), + ( 'cyborg', enable_cyborg ), ( 'designate', enable_designate ), ( 'elasticsearch', enable_elasticsearch ), ( 'etcd', enable_etcd ), diff --git a/ansible/roles/cyborg/defaults/main.yml b/ansible/roles/cyborg/defaults/main.yml new file mode 100644 index 0000000000..92b941f5ae --- /dev/null +++ b/ansible/roles/cyborg/defaults/main.yml @@ -0,0 +1,77 @@ +--- +project_name: "cyborg" + +cyborg_services: + cyborg-api: + container_name: cyborg_api + group: cyborg-api + enabled: true + image: "{{ cyborg_api_image_full }}" + volumes: + - "{{ node_config_directory }}/cyborg-api/:{{ container_config_directory }}/:ro" + - "/etc/localtime:/etc/localtime:ro" + - "cyborg:/var/lib/cyborg/" + - "kolla_logs:/var/log/kolla/" + dimensions: "{{ cyborg_api_dimensions }}" + cyborg-agent: + container_name: cyborg_agent + group: cyborg-agent + enabled: true + image: "{{ cyborg_agent_image_full }}" + volumes: + - "{{ node_config_directory }}/cyborg-agent/:{{ container_config_directory }}/:ro" + - "/etc/localtime:/etc/localtime:ro" + - "kolla_logs:/var/log/kolla/" + dimensions: "{{ cyborg_agent_dimensions }}" + cyborg-conductor: + container_name: cyborg_conductor + group: cyborg-conductor + enabled: true + image: "{{ cyborg_conductor_image_full }}" + volumes: + - "{{ node_config_directory }}/cyborg-conductor/:{{ container_config_directory }}/:ro" + - "/etc/localtime:/etc/localtime:ro" + - "kolla_logs:/var/log/kolla/" + dimensions: "{{ cyborg_conductor_dimensions }}" + +#################### +# Database +#################### +cyborg_database_name: "cyborg" +cyborg_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}cyborg{% endif %}" +cyborg_database_address: "{{ database_address }}:{{ database_port }}" + +#################### +# Docker +#################### +cyborg_install_type: "{{ kolla_install_type }}" +cyborg_tag: "{{ openstack_release }}" + +cyborg_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ cyborg_install_type }}-cyborg-api" +cyborg_api_tag: "{{ cyborg_tag }}" +cyborg_api_image_full: "{{ cyborg_api_image }}:{{ cyborg_api_tag }}" + +cyborg_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ cyborg_install_type }}-cyborg-agent" +cyborg_agent_tag: "{{ cyborg_tag }}" +cyborg_agent_image_full: "{{ cyborg_agent_image }}:{{ cyborg_agent_tag }}" + +cyborg_conductor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ cyborg_install_type }}-cyborg-conductor" +cyborg_conductor_tag: "{{ cyborg_tag }}" +cyborg_conductor_image_full: "{{ cyborg_conductor_image }}:{{ cyborg_conductor_tag }}" + +cyborg_api_dimensions: "{{ default_container_dimensions }}" +cyborg_agent_dimensions: "{{ default_container_dimensions }}" +cyborg_conductor_dimensions: "{{ default_container_dimensions }}" + +#################### +# OpenStack +#################### +cyborg_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ cyborg_api_port }}" +cyborg_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ cyborg_api_port }}" +cyborg_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ cyborg_api_port }}" + +cyborg_logging_debug: "{{ openstack_logging_debug }}" + +cyborg_keystone_user: "cyborg" + +openstack_cyborg_auth: "{{ openstack_auth }}" diff --git a/ansible/roles/cyborg/handlers/main.yml b/ansible/roles/cyborg/handlers/main.yml new file mode 100644 index 0000000000..0453191629 --- /dev/null +++ b/ansible/roles/cyborg/handlers/main.yml @@ -0,0 +1,72 @@ +--- +- name: Restart cyborg-api container + vars: + service_name: "cyborg-api" + service: "{{ cyborg_services[service_name] }}" + config_json: "{{ cyborg_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + cyborg_conf: "{{ cyborg_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_overwriting: "{{ cyborg_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" + cyborg_api_container: "{{ check_cyborg_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + kolla_docker: + action: "recreate_or_restart_container" + common_options: "{{ docker_common_options }}" + name: "{{ service.container_name }}" + image: "{{ service.image }}" + volumes: "{{ service.volumes }}" + dimensions: "{{ service.dimensions }}" + when: + - action != "config" + - inventory_hostname in groups[service.group] + - service.enabled | bool + - config_json.changed | bool + or cyborg_conf.changed | bool + or policy_overwriting.changed | bool + or cyborg_api_container.changed | bool + +- name: Restart cyborg-conductor container + vars: + service_name: "cyborg-conductor" + service: "{{ cyborg_services[service_name] }}" + config_json: "{{ cyborg_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + cyborg_conf: "{{ cyborg_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_overwriting: "{{ cyborg_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" + cyborg_conductor_container: "{{ check_cyborg_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + kolla_docker: + action: "recreate_or_restart_container" + common_options: "{{ docker_common_options }}" + name: "{{ service.container_name }}" + image: "{{ service.image }}" + volumes: "{{ service.volumes }}" + dimensions: "{{ service.dimensions }}" + when: + - action != "config" + - inventory_hostname in groups[service.group] + - service.enabled | bool + - config_json.changed | bool + or cyborg_conf.changed | bool + or policy_overwriting.changed | bool + or cyborg_conductor_container.changed | bool + +- name: Restart cyborg-agent container + vars: + service_name: "cyborg-agent" + service: "{{ cyborg_services[service_name] }}" + config_json: "{{ cyborg_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + cyborg_conf: "{{ cyborg_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_overwriting: "{{ cyborg_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" + cyborg_agent_container: "{{ check_cyborg_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + kolla_docker: + action: "recreate_or_restart_container" + common_options: "{{ docker_common_options }}" + name: "{{ service.container_name }}" + image: "{{ service.image }}" + volumes: "{{ service.volumes }}" + dimensions: "{{ service.dimensions }}" + when: + - action != "config" + - inventory_hostname in groups[service.group] + - service.enabled | bool + - config_json.changed | bool + or cyborg_conf.changed | bool + or policy_overwriting.changed | bool + or cyborg_agent_container.changed | bool diff --git a/ansible/roles/cyborg/meta/main.yml b/ansible/roles/cyborg/meta/main.yml new file mode 100644 index 0000000000..6b4fff8fef --- /dev/null +++ b/ansible/roles/cyborg/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - { role: common } diff --git a/ansible/roles/cyborg/tasks/bootstrap.yml b/ansible/roles/cyborg/tasks/bootstrap.yml new file mode 100644 index 0000000000..fec53cdf03 --- /dev/null +++ b/ansible/roles/cyborg/tasks/bootstrap.yml @@ -0,0 +1,36 @@ +--- +- name: Creating cyborg database + kolla_toolbox: + module_name: mysql_db + module_args: + login_host: "{{ database_address }}" + login_port: "{{ database_port }}" + login_user: "{{ database_user }}" + login_password: "{{ database_password }}" + name: "{{ cyborg_database_name }}" + register: database + run_once: True + delegate_to: "{{ groups['cyborg-api'][0] }}" + when: + - not use_preconfigured_databases | bool + +- name: Creating cyborg database user and setting permissions + kolla_toolbox: + module_name: mysql_user + module_args: + login_host: "{{ database_address }}" + login_port: "{{ database_port }}" + login_user: "{{ database_user }}" + login_password: "{{ database_password }}" + name: "{{ cyborg_database_user }}" + password: "{{ cyborg_database_password }}" + host: "%" + priv: "{{ cyborg_database_name }}.*:ALL" + append_privs: "yes" + run_once: True + delegate_to: "{{ groups['cyborg-api'][0] }}" + when: + - not use_preconfigured_databases | bool + +- include_tasks: bootstrap_service.yml + when: database.changed or use_preconfigured_databases | bool diff --git a/ansible/roles/cyborg/tasks/bootstrap_service.yml b/ansible/roles/cyborg/tasks/bootstrap_service.yml new file mode 100644 index 0000000000..b272595514 --- /dev/null +++ b/ansible/roles/cyborg/tasks/bootstrap_service.yml @@ -0,0 +1,19 @@ +--- +- name: Running cyborg bootstrap container + vars: + cyborg_api: "{{ cyborg_services['cyborg-api'] }}" + kolla_docker: + action: "start_container" + common_options: "{{ docker_common_options }}" + detach: False + environment: + KOLLA_BOOTSTRAP: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + image: "{{ cyborg_api.image }}" + labels: + BOOTSTRAP: + name: "bootstrap_cyborg" + restart_policy: "never" + volumes: "{{ cyborg_api.volumes }}" + run_once: True + delegate_to: "{{ groups[cyborg_api.group][0] }}" diff --git a/ansible/roles/cyborg/tasks/check.yml b/ansible/roles/cyborg/tasks/check.yml new file mode 100644 index 0000000000..ed97d539c0 --- /dev/null +++ b/ansible/roles/cyborg/tasks/check.yml @@ -0,0 +1 @@ +--- diff --git a/ansible/roles/cyborg/tasks/clone.yml b/ansible/roles/cyborg/tasks/clone.yml new file mode 100644 index 0000000000..0493d85c65 --- /dev/null +++ b/ansible/roles/cyborg/tasks/clone.yml @@ -0,0 +1,7 @@ +--- +- name: Cloning cyborg source repository for development + git: + repo: "{{ cyborg_git_repository }}" + dest: "{{ kolla_dev_repos_directory }}/{{ project_name }}" + update: "{{ cyborg_dev_repos_pull }}" + version: "{{ cyborg_source_version }}" diff --git a/ansible/roles/cyborg/tasks/config.yml b/ansible/roles/cyborg/tasks/config.yml new file mode 100644 index 0000000000..326317e4d3 --- /dev/null +++ b/ansible/roles/cyborg/tasks/config.yml @@ -0,0 +1,128 @@ +--- +- name: Ensuring config directories exist + file: + path: "{{ node_config_directory }}/{{ item.key }}" + state: "directory" + owner: "{{ config_owner_user }}" + group: "{{ config_owner_group }}" + mode: "0770" + become: true + when: + - item.value.enabled | bool + - inventory_hostname in groups[item.value.group] + with_dict: "{{ cyborg_services }}" + +- name: Check if policies shall be overwritten + local_action: stat path="{{ item }}" + run_once: True + register: cyborg_policy + with_first_found: + - files: "{{ supported_policy_format_list }}" + paths: + - "{{ node_custom_config }}/cyborg/" + skip: true + +- name: Set cyborg policy file + set_fact: + cyborg_policy_file: "{{ cyborg_policy.results.0.stat.path | basename }}" + cyborg_policy_file_path: "{{ cyborg_policy.results.0.stat.path }}" + when: + - cyborg_policy.results + +- name: Copying over existing policy file + template: + src: "{{ cyborg_policy_file_path }}" + dest: "{{ node_config_directory }}/{{ item.key }}/{{ cyborg_policy_file }}" + mode: "0660" + become: true + register: cyborg_policy_overwriting + when: + - cyborg_policy_file is defined + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ cyborg_services }}" + notify: + - Restart cyborg-api container + - Restart cyborg-agent container + - Restart cyborg-conductor container + +- name: Copying over config.json files for services + template: + src: "{{ item.key }}.json.j2" + dest: "{{ node_config_directory }}/{{ item.key }}/config.json" + mode: "0660" + become: true + register: cyborg_config_jsons + when: + - item.value.enabled | bool + - inventory_hostname in groups[item.value.group] + with_dict: "{{ cyborg_services }}" + notify: + - Restart cyborg-api container + - Restart cyborg-agent container + - Restart cyborg-conductor container + +- name: Copying over cyborg.conf + vars: + service_name: "{{ item.key }}" + merge_configs: + sources: + - "{{ role_path }}/templates/cyborg.conf.j2" + - "{{ node_custom_config }}/global.conf" + - "{{ node_custom_config }}/cyborg.conf" + - "{{ node_custom_config }}/cyborg/{{ item.key }}.conf" + - "{{ node_custom_config }}/cyborg/{{ inventory_hostname }}/cyborg.conf" + dest: "{{ node_config_directory }}/{{ item.key }}/cyborg.conf" + mode: "0660" + become: true + register: cyborg_confs + when: + - item.value.enabled | bool + - inventory_hostname in groups[item.value.group] + with_dict: "{{ cyborg_services }}" + notify: + - Restart cyborg-api container + - Restart cyborg-agent container + - Restart cyborg-conductor container + +- name: Checking whether cyborg-api-paste.ini file exists + vars: + service: "{{ cyborg_services['cyborg-api'] }}" + local_action: stat path="{{ node_custom_config }}/cyborg/cyborg-api-paste.ini" + run_once: True + register: check_cyborg_api_paste_ini + when: + - service.enabled | bool + +- name: Copying over cyborg-api-paste.ini + vars: + service: "{{ cyborg_services['cyborg-api'] }}" + template: + src: "{{ node_custom_config }}/cyborg/cyborg-api-paste.ini" + dest: "{{ node_config_directory }}/cyborg-api/api-paste.ini" + when: + - inventory_hostname in groups['cyborg-api'] + - service.enabled | bool + - check_cyborg_api_paste_ini.stat.exists + register: cyborg_api_paste + notify: + - Restart cyborg-api container + +- name: Check cyborg containers + kolla_docker: + action: "compare_container" + common_options: "{{ docker_common_options }}" + name: "{{ item.value.container_name }}" + image: "{{ item.value.image }}" + volumes: "{{ item.value.volumes }}" + dimensions: "{{ item.value.dimensions }}" + register: check_cyborg_containers + when: + - action != "config" + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ cyborg_services }}" + notify: + - Restart cyborg-api container + - Restart cyborg-agent container + - Restart cyborg-conductor container diff --git a/ansible/roles/cyborg/tasks/deploy.yml b/ansible/roles/cyborg/tasks/deploy.yml new file mode 100644 index 0000000000..c63cdcdf8f --- /dev/null +++ b/ansible/roles/cyborg/tasks/deploy.yml @@ -0,0 +1,14 @@ +--- +- include_tasks: register.yml + when: inventory_hostname in groups['cyborg-api'] + +- include_tasks: config.yml + when: inventory_hostname in groups['cyborg-api'] or + inventory_hostname in groups['cyborg-conductor'] or + inventory_hostname in groups['cyborg-agent'] + +- include_tasks: bootstrap.yml + when: inventory_hostname in groups['cyborg-api'] + +- name: Flush handlers + meta: flush_handlers diff --git a/ansible/roles/cyborg/tasks/loadbalancer.yml b/ansible/roles/cyborg/tasks/loadbalancer.yml new file mode 100644 index 0000000000..971b7583ab --- /dev/null +++ b/ansible/roles/cyborg/tasks/loadbalancer.yml @@ -0,0 +1,7 @@ +--- +- name: "Configure haproxy for {{ project_name }}" + import_role: + role: haproxy-config + vars: + project_services: "{{ cyborg_services }}" + tags: always diff --git a/ansible/roles/cyborg/tasks/main.yml b/ansible/roles/cyborg/tasks/main.yml new file mode 100644 index 0000000000..bc5d1e6257 --- /dev/null +++ b/ansible/roles/cyborg/tasks/main.yml @@ -0,0 +1,2 @@ +--- +- include_tasks: "{{ kolla_action }}.yml" diff --git a/ansible/roles/cyborg/tasks/precheck.yml b/ansible/roles/cyborg/tasks/precheck.yml new file mode 100644 index 0000000000..fbd1cb3c7a --- /dev/null +++ b/ansible/roles/cyborg/tasks/precheck.yml @@ -0,0 +1,17 @@ +--- +- name: Get container facts + kolla_container_facts: + name: + - cyborg_api + register: container_facts + +- name: Checking free port for cyborg API + wait_for: + host: "{{ api_interface_address }}" + port: "{{ cyborg_api_port }}" + connect_timeout: 1 + timeout: 1 + state: stopped + when: + - container_facts['cyborg_api'] is not defined + - inventory_hostname in groups['cyborg-api'] diff --git a/ansible/roles/cyborg/tasks/pull.yml b/ansible/roles/cyborg/tasks/pull.yml new file mode 100644 index 0000000000..eb3e4663cf --- /dev/null +++ b/ansible/roles/cyborg/tasks/pull.yml @@ -0,0 +1,11 @@ +--- +- name: Pulling cyborg images + become: true + kolla_docker: + action: "pull_image" + common_options: "{{ docker_common_options }}" + image: "{{ item.value.image }}" + when: + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ cyborg_services }}" diff --git a/ansible/roles/cyborg/tasks/reconfigure.yml b/ansible/roles/cyborg/tasks/reconfigure.yml new file mode 100644 index 0000000000..f670a5b78d --- /dev/null +++ b/ansible/roles/cyborg/tasks/reconfigure.yml @@ -0,0 +1,2 @@ +--- +- include_tasks: deploy.yml diff --git a/ansible/roles/cyborg/tasks/register.yml b/ansible/roles/cyborg/tasks/register.yml new file mode 100644 index 0000000000..b43de75590 --- /dev/null +++ b/ansible/roles/cyborg/tasks/register.yml @@ -0,0 +1,32 @@ +--- +- name: Creating the cyborg service and endpoint + kolla_toolbox: + module_name: "kolla_keystone_service" + module_args: + service_name: "cyborg" + service_type: "cyborg" + description: "OpenStack Cyborg Service" + endpoint_region: "{{ openstack_region_name }}" + url: "{{ item.url }}" + interface: "{{ item.interface }}" + region_name: "{{ openstack_region_name }}" + auth: "{{ openstack_cyborg_auth }}" + endpoint_type: "{{ openstack_interface }}" + run_once: True + with_items: + - {'interface': 'admin', 'url': '{{ cyborg_admin_endpoint }}'} + - {'interface': 'internal', 'url': '{{ cyborg_internal_endpoint }}'} + - {'interface': 'public', 'url': '{{ cyborg_public_endpoint }}'} + +- name: Creating the cyborg project, user, and role + kolla_toolbox: + module_name: "kolla_keystone_user" + module_args: + project: "service" + user: "{{ cyborg_keystone_user }}" + password: "{{ cyborg_keystone_password }}" + role: "admin" + region_name: "{{ openstack_region_name }}" + auth: "{{ openstack_cyborg_auth }}" + endpoint_type: "{{ openstack_interface }}" + run_once: True diff --git a/ansible/roles/cyborg/tasks/stop.yml b/ansible/roles/cyborg/tasks/stop.yml new file mode 100644 index 0000000000..87085221f7 --- /dev/null +++ b/ansible/roles/cyborg/tasks/stop.yml @@ -0,0 +1,6 @@ +--- +- import_role: + role: service-stop + vars: + project_services: "{{ cyborg_services }}" + service_name: "{{ project_name }}" diff --git a/ansible/roles/cyborg/tasks/upgrade.yml b/ansible/roles/cyborg/tasks/upgrade.yml new file mode 100644 index 0000000000..20ccddc8f1 --- /dev/null +++ b/ansible/roles/cyborg/tasks/upgrade.yml @@ -0,0 +1,7 @@ +--- +- include_tasks: config.yml + +- include_tasks: bootstrap_service.yml + +- name: Flush handlers + meta: flush_handlers diff --git a/ansible/roles/cyborg/templates/cyborg-agent.json.j2 b/ansible/roles/cyborg/templates/cyborg-agent.json.j2 new file mode 100644 index 0000000000..f72fe7379a --- /dev/null +++ b/ansible/roles/cyborg/templates/cyborg-agent.json.j2 @@ -0,0 +1,24 @@ +{ + "command": "cyborg-agent --config-file /etc/cyborg/cyborg.conf", + "config_files": [ + { + "source": "{{ container_config_directory }}/cyborg.conf", + "dest": "/etc/cyborg/cyborg.conf", + "owner": "cyborg", + "perm": "0600" + }{% if cyborg_policy_file is defined %}, + { + "source": "{{ container_config_directory }}/{{ cyborg_policy_file }}", + "dest": "/etc/cyborg/{{ cyborg_policy_file }}", + "owner": "cyborg", + "perm": "0600" + }{% endif %} + ], + "permissions": [ + { + "path": "/var/log/kolla/cyborg", + "owner": "cyborg:cyborg", + "recurse": true + } + ] +} diff --git a/ansible/roles/cyborg/templates/cyborg-api-paste.ini.j2 b/ansible/roles/cyborg/templates/cyborg-api-paste.ini.j2 new file mode 100644 index 0000000000..7717f95879 --- /dev/null +++ b/ansible/roles/cyborg/templates/cyborg-api-paste.ini.j2 @@ -0,0 +1,19 @@ +[pipeline:main] +pipeline = cors request_id authtoken api_v1 + +[app:api_v1] +paste.app_factory = cyborg.api.app:app_factory + +[filter:authtoken] +acl_public_routes = /, /v1 +paste.filter_factory = cyborg.api.middleware.auth_token:AuthTokenMiddleware.factory + +[filter:osprofiler] +paste.filter_factory = cyborg.common.profiler:WsgiMiddleware.factory + +[filter:request_id] +paste.filter_factory = oslo_middleware:RequestId.factory + +[filter:cors] +paste.filter_factory = oslo_middleware.cors:filter_factory +oslo_config_project = cyborg diff --git a/ansible/roles/cyborg/templates/cyborg-api.json.j2 b/ansible/roles/cyborg/templates/cyborg-api.json.j2 new file mode 100644 index 0000000000..922906e458 --- /dev/null +++ b/ansible/roles/cyborg/templates/cyborg-api.json.j2 @@ -0,0 +1,30 @@ +{ + "command": "cyborg-api --config-file /etc/cyborg/cyborg.conf", + "config_files": [ + { + "source": "{{ container_config_directory }}/cyborg.conf", + "dest": "/etc/cyborg/cyborg.conf", + "owner": "cyborg", + "perm": "0600" + }, + { + "source": "{{ container_config_directory }}/api-paste.ini", + "dest": "/etc/cyborg/api-paste.ini", + "owner": "cyborg", + "perm": "0600" + }{% if cyborg_policy_file is defined %}, + { + "source": "{{ container_config_directory }}/{{ cyborg_policy_file }}", + "dest": "/etc/cyborg/{{ cyborg_policy_file }}", + "owner": "cyborg", + "perm": "0600" + }{% endif %} + ], + "permissions": [ + { + "path": "/var/log/kolla/cyborg", + "owner": "cyborg:cyborg", + "recurse": true + } + ] +} diff --git a/ansible/roles/cyborg/templates/cyborg-conductor.json.j2 b/ansible/roles/cyborg/templates/cyborg-conductor.json.j2 new file mode 100644 index 0000000000..d4b673b81c --- /dev/null +++ b/ansible/roles/cyborg/templates/cyborg-conductor.json.j2 @@ -0,0 +1,24 @@ +{ + "command": "cyborg-conductor --config-file /etc/cyborg/cyborg.conf", + "config_files": [ + { + "source": "{{ container_config_directory }}/cyborg.conf", + "dest": "/etc/cyborg/cyborg.conf", + "owner": "cyborg", + "perm": "0600" + }{% if cyborg_policy_file is defined %}, + { + "source": "{{ container_config_directory }}/{{ cyborg_policy_file }}", + "dest": "/etc/cyborg/{{ cyborg_policy_file }}", + "owner": "cyborg", + "perm": "0600" + }{% endif %} + ], + "permissions": [ + { + "path": "/var/log/kolla/cyborg", + "owner": "cyborg:cyborg", + "recurse": true + } + ] +} diff --git a/ansible/roles/cyborg/templates/cyborg.conf.j2 b/ansible/roles/cyborg/templates/cyborg.conf.j2 new file mode 100644 index 0000000000..06903f4526 --- /dev/null +++ b/ansible/roles/cyborg/templates/cyborg.conf.j2 @@ -0,0 +1,45 @@ +[DEFAULT] +auth_strategy = keystone +log_dir = /var/log/kolla/cyborg +debug = {{ cyborg_logging_debug }} +notification_topics = notifications + +transport_url = {{ rpc_transport_url }} + +[api] +port = {{ cyborg_api_port }} +host = {{ api_interface_address }} + +[database] +connection = mysql+pymysql://{{ cyborg_database_user }}:{{ cyborg_database_password }}@{{ cyborg_database_address }}/{{ cyborg_database_name }} + +[keystone_authtoken] +memcache_security_strategy = ENCRYPT +memcache_secret_key = {{ memcache_secret_key }} +memcache_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +project_domain_name = {{ default_project_domain_name }} +project_name = service +user_domain_name = {{ default_user_domain_name }} +username = {{ cyborg_keystone_user }} +password = {{ cyborg_keystone_password }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} +auth_type = password + +{% if cyborg_policy_file is defined %} +[oslo_policy] +policy_file = {{ cyborg_policy_file }} +{% endif %} + +[service_credentials] +auth_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}/v3 +region_name = {{ openstack_region_name }} +password = {{ cyborg_keystone_password }} +username = {{ cyborg_keystone_user }} +project_name = service +project_domain_id = {{ default_project_domain_id }} +user_domain_id = {{ default_user_domain_id }} +auth_type = password + +[oslo_messaging_notifications] +transport_url = {{ notify_transport_url }} diff --git a/ansible/roles/haproxy/tasks/precheck.yml b/ansible/roles/haproxy/tasks/precheck.yml index 8985c1007a..03c8097a73 100644 --- a/ansible/roles/haproxy/tasks/precheck.yml +++ b/ansible/roles/haproxy/tasks/precheck.yml @@ -256,6 +256,18 @@ - haproxy_stat.find('congress_api') == -1 - "host_running_haproxy == 'None'" +- name: Checking free port for Cyborg API HAProxy + wait_for: + host: "{{ kolla_internal_vip_address }}" + port: "{{ cyborg_api_port }}" + connect_timeout: 1 + timeout: 1 + state: stopped + when: + - enable_cyborg | bool + - inventory_hostname in groups['haproxy'] + - haproxy_stat.find('cyborg_api') == -1 + - name: Checking free port for Designate API HAProxy wait_for: host: "{{ kolla_internal_vip_address }}" diff --git a/ansible/site.yml b/ansible/site.yml index a36b28ca70..0516438a5f 100644 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -30,6 +30,7 @@ - enable_cloudkitty_{{ enable_cloudkitty | bool }} - enable_collectd_{{ enable_collectd | bool }} - enable_congress_{{ enable_congress | bool }} + - enable_cyborg_{{ enable_cyborg | bool }} - enable_designate_{{ enable_designate | bool }} - enable_elasticsearch_{{ enable_elasticsearch | bool }} - enable_etcd_{{ enable_etcd | bool }} @@ -157,6 +158,11 @@ tasks_from: loadbalancer tags: congress when: enable_congress | bool + - include_role: + role: cyborg + tasks_from: loadbalancer + tags: cyborg + when: enable_cyborg | bool - include_role: role: designate tasks_from: loadbalancer @@ -998,6 +1004,17 @@ tags: congress, when: enable_congress | bool } +- name: Apply role cyborg + gather_facts: false + hosts: + - cyborg + - '&enable_cyborg_True' + serial: '{{ serial|default("0") }}' + roles: + - { role: cyborg, + tags: cyborg, + when: enable_cyborg | bool } + - name: Apply role tempest gather_facts: false hosts: diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index 70533322f0..f091b4ca3f 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -210,6 +210,7 @@ kolla_internal_vip_address: "10.10.10.254" #enable_cloudkitty: "no" #enable_collectd: "no" #enable_congress: "no" +#enable_cyborg: "no" #enable_designate: "no" #enable_destroy_images: "no" #enable_elasticsearch: "{{ 'yes' if enable_central_logging | bool or enable_freezer | bool or enable_osprofiler | bool or enable_skydive | bool or enable_monasca | bool else 'no' }}" diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml index beb9c86e1f..43f919021a 100644 --- a/etc/kolla/passwords.yml +++ b/etc/kolla/passwords.yml @@ -102,6 +102,9 @@ cinder_keystone_password: cloudkitty_database_password: cloudkitty_keystone_password: +cyborg_database_password: +cyborg_keystone_password: + panko_database_password: panko_keystone_password: diff --git a/releasenotes/notes/add-cyborg-c7ee957a2cbe8e99.yaml b/releasenotes/notes/add-cyborg-c7ee957a2cbe8e99.yaml new file mode 100644 index 0000000000..7cfb84861c --- /dev/null +++ b/releasenotes/notes/add-cyborg-c7ee957a2cbe8e99.yaml @@ -0,0 +1,3 @@ +--- +features: + - Add cyborg ansible role diff --git a/tests/templates/inventory.j2 b/tests/templates/inventory.j2 index a1a8635233..e3137964a3 100644 --- a/tests/templates/inventory.j2 +++ b/tests/templates/inventory.j2 @@ -183,6 +183,10 @@ control [aodh:children] control +[cyborg:children] +control +compute + [congress:children] control @@ -492,6 +496,17 @@ aodh [aodh-notifier:children] aodh +# Cyborg +[cyborg-api:children] +cyborg + +[cyborg-agent:children] +cyborg + +[cyborg-conductor:children] +cyborg + + # Panko [panko-api:children] panko