openstack/kolla-ansible
Code Issues Proposed changes

Add Kuryr ansible role

Browse Source 
Change-Id: I7134bffab940ee780e5f5010d639af56f97b41d6
Co-authored-by: Mohammad Banikazemi <mb@us.ibm.com>
Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>
Co-Authored-By: Antoni Segura Puimedon <antonisp@celebdor.com>
Partially-implements: bp kuryr-docker-plugin
This commit is contained in:
Hui Kang 2016-03-29 13:25:43 -04:00
parent 97c99a9214
commit 0d28b311eb
18 changed files with 229 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ansible/group_vars/all.yml
View File

@ -198,6 +198,8 @@ senlin_api_port: "8778"
etcd_client_port: "2379" etcd_client_port: "2379"
etcd_peer_port: "2380" etcd_peer_port: "2380"
kuryr_port: "23750"
public_protocol: "{{ 'https' if kolla_enable_tls_external | bool else 'http' }}" public_protocol: "{{ 'https' if kolla_enable_tls_external | bool else 'http' }}"
internal_protocol: "http" internal_protocol: "http"
admin_protocol: "http" admin_protocol: "http"
@ -255,6 +257,7 @@ enable_heat: "yes"
enable_horizon: "yes" enable_horizon: "yes"
enable_influxdb: "no" enable_influxdb: "no"
enable_ironic: "no" enable_ironic: "no"
enable_kuryr: "no"
enable_magnum: "no" enable_magnum: "no"
enable_manila: "no" enable_manila: "no"
enable_mistral: "no" enable_mistral: "no"

20
ansible/roles/kuryr/defaults/main.yml Normal file
View File

@ -0,0 +1,20 @@
---
project_name: "kuryr"
####################
# Docker
####################
kuryr_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-kuryr-libnetwork"
kuryr_tag: "{{ openstack_release }}"
kuryr_image_full: "{{ kuryr_image }}:{{ kuryr_tag }}"
####################
# OpenStack
####################
kuryr_logging_debug: "{{ openstack_logging_debug }}"
kuryr_keystone_user: "kuryr"
openstack_kuryr_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}','domain_name':'default'}"

18
ansible/roles/kuryr/tasks/bootstrap.yml Normal file
View File

@ -0,0 +1,18 @@
---
- name: Running Kuryr bootstrap container
kolla_docker:
action: "start_container"
common_options: "{{ docker_common_options }}"
detach: False
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
image: "{{ kuryr_image_full }}"
labels:
BOOTSTRAP:
name: "bootstrap_kuryr"
restart_policy: "never"
volumes:
- "{{ node_config_directory }}/kuryr/:{{ container_config_directory }}/:ro"
- "/run:/run"
- "/usr/lib/docker:/usr/lib/docker"

25
ansible/roles/kuryr/tasks/config.yml Normal file
View File

@ -0,0 +1,25 @@
---
- name: Ensuring config directories exist
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
recurse: yes
with_items:
- "kuryr"
- name: Copying over config.json files for services
template:
src: "{{ item }}.json.j2"
dest: "{{ node_config_directory }}/{{ item }}/config.json"
with_items:
- "kuryr"
- name: Copying over kuryr.conf
template:
src: "kuryr.conf.j2"
dest: "{{ node_config_directory }}/kuryr/kuryr.conf"
- name: Copying over kuryr.spec
template:
src: "kuryr.spec.j2"
dest: "{{ node_config_directory }}/kuryr/kuryr.spec"

8
ansible/roles/kuryr/tasks/deploy.yml Normal file
View File

@ -0,0 +1,8 @@
---
- include: register.yml
- include: config.yml
- include: bootstrap.yml
- include: start.yml

2
ansible/roles/kuryr/tasks/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
- include: "{{ action }}.yml"

6
ansible/roles/kuryr/tasks/pull.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: Pulling kuryr image
kolla_docker:
action: "pull_image"
common_options: "{{ docker_common_options }}"
image: "{{ kuryr_image_full }}"

17
ansible/roles/kuryr/tasks/register.yml Normal file
View File

@ -0,0 +1,17 @@
---
- name: Creating the Kuryr project, user, and role
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
-m kolla_keystone_user
-a "project=service
user={{ kuryr_keystone_user }}
password={{ kuryr_keystone_password }}
role=admin
region_name={{ openstack_region_name }}
auth={{ '{{ openstack_kuryr_auth }}' }}"
-e "{'openstack_kuryr_auth':{{ openstack_kuryr_auth }}}"
register: kuryr_user
changed_when: "{{ kuryr_user.stdout.find('localhost | SUCCESS => ') != -1 and (kuryr_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
until: kuryr_user.stdout.split()[2] == 'SUCCESS'
retries: 10
delay: 5
run_once: True

18
ansible/roles/kuryr/tasks/start.yml Normal file
View File

@ -0,0 +1,18 @@
---
# NOTE(huikang, apuimedo): when you request a driver in a docker operation, such
# as docker network create, docker searches /usr/lib/docker or /etc/docker
# subdirs for network/storage plugin specs or json definitions. so it's either
# have ansible place the file there, or volume mount it and let the container
# place the file there
- name: Starting kuryr container
kolla_docker:
action: "start_container"
common_options: "{{ docker_common_options }}"
image: "{{ kuryr_image_full }}"
name: "kuryr"
privileged: True
volumes:
- "{{ node_config_directory }}/kuryr/:{{ container_config_directory }}/:ro"
- "/run:/run"
- "/usr/lib/docker:/usr/lib/docker"
when: inventory_hostname in groups['compute']

17
ansible/roles/kuryr/templates/kuryr.conf.j2 Normal file
View File

@ -0,0 +1,17 @@
[DEFAULT]
kuryr_uri = http://{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ kuryr_port }}
debug = {{ kuryr_logging_debug }}
[binding]
[neutron]
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
auth_type = password
project_domain_name = Default
project_name = service
user_domain_name = Default
project_domain_id = default
user_domain_id = default
password = {{ kuryr_keystone_password }}
username = {{ kuryr_keystone_user }}

17
ansible/roles/kuryr/templates/kuryr.json.j2 Normal file
View File

@ -0,0 +1,17 @@
{
"command": "kuryr-server --config-file /etc/kuryr/kuryr.conf",
"config_files": [
{
"source": "{{ container_config_directory }}/kuryr.conf",
"dest": "/etc/kuryr/kuryr.conf",
"owner": "root",
"perm": "0600"
},
{
"source": "{{ container_config_directory }}/kuryr.spec",
"dest": "/usr/lib/docker/plugins/kuryr/kuryr.spec",
"owner": "root",
"perm": "0600"
}
]
}

1
ansible/roles/kuryr/templates/kuryr.spec.j2 Normal file
View File

@ -0,0 +1 @@
http://{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ kuryr_port }}

7
ansible/site.yml
View File

@ -144,6 +144,13 @@
tags: nova, tags: nova,
when: enable_nova | bool } when: enable_nova | bool }
- hosts:
- compute
roles:
- { role: kuryr,
tags: kuryr,
when: enable_kuryr | bool }
# (gmmaha): Please do not change the order listed here. The current order is a # (gmmaha): Please do not change the order listed here. The current order is a
# workaround to fix the bug https://bugs.launchpad.net/kolla/+bug/1546789 # workaround to fix the bug https://bugs.launchpad.net/kolla/+bug/1546789
- hosts: - hosts:

1
doc/index.rst
View File

@ -59,6 +59,7 @@ Kolla Services
swift-guide swift-guide
kibana-guide kibana-guide
bifrost bifrost
kuryr-guide
Developer Docs Developer Docs
============== ==============

63
doc/kuryr-guide.rst Normal file
View File

@ -0,0 +1,63 @@
Kuryr in Kolla
==============
"Kuryr is a Docker network plugin that uses Neutron to provide networking
services to Docker containers. It provides containerized images for the common
Neutron plugins" [1]. Kuryr requires at least Keystone and neutron. Kolla makes
kuryr deployment faster and accessible.
Requirements
------------
* A minimum of 3 hosts for a vanilla deploy
Preparation and Deployment
--------------------------
To allow docker daemon connect to the etcd, add the following in the docker.server
file.
::
ExecStart= -H tcp://172.16.1.13:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://172.16.1.13:2379 --cluster-advertise=172.16.1.13:2375
The IP address is host runnning the etcd service. ```2375``` is port that allows
Docker daemon to be accessed remotely. ```2379``` is the etcd listening port.
By default etcd and kuryr are disabled in the ``group_vars/all.yml``. In order to
enable them, you need to edit the file globals.yml and set the following
variables
::
enable_etcd: "yes"
enable_kuryr: "yes"
Deploy the OpenStack cloud and kuryr network plugin
::
kolla-ansible deploy
Create a Virtual Network
--------------------------------
::
docker network create -d kuryr --ipam-driver=kuryr --subnet=10.1.0.0/24 --gateway=10.1.0.1 docker-net1
To list the created network:
::
docker network ls
The created network is also available from openstack CLI:
::
openstack network list
[1] https://github.com/openstack/kuryr

1
etc/kolla/globals.yml
View File

@ -126,6 +126,7 @@ kolla_internal_vip_address: "10.10.10.254"
#enable_horizon: "yes" #enable_horizon: "yes"
#enable_influxdb: "no" #enable_influxdb: "no"
#enable_ironic: "no" #enable_ironic: "no"
#enable_kuryr: "no"
#enable_magnum: "no" #enable_magnum: "no"
#enable_manila: "no" #enable_manila: "no"
#enable_mistral: "no" #enable_mistral: "no"

2
etc/kolla/passwords.yml
View File

@ -39,6 +39,8 @@ glance_keystone_password:
gnocchi_database_password: gnocchi_database_password:
gnocchi_keystone_password: gnocchi_keystone_password:
kuryr_keystone_password:
nova_database_password: nova_database_password:
nova_api_database_password: nova_api_database_password:
nova_keystone_password: nova_keystone_password:

3
releasenotes/notes/kuryr-libnetwork-1e6ab1916a8a0d10.yaml Normal file
View File

@ -0,0 +1,3 @@
---
features:
- Add kuryr ansible role