Merge "Adds Qinling Ansible role"
This commit is contained in:
commit
2208b0214e
@ -69,6 +69,7 @@ Kolla-Ansible deploys containers for the following OpenStack projects:
|
|||||||
- `Nova <https://docs.openstack.org/nova/latest/>`__
|
- `Nova <https://docs.openstack.org/nova/latest/>`__
|
||||||
- `Octavia <https://docs.openstack.org/octavia/latest/>`__
|
- `Octavia <https://docs.openstack.org/octavia/latest/>`__
|
||||||
- `Panko <https://docs.openstack.org/panko/latest/>`__
|
- `Panko <https://docs.openstack.org/panko/latest/>`__
|
||||||
|
- `Qinling <https://docs.openstack.org/qinling/latest/>`__
|
||||||
- `Rally <https://docs.openstack.org/rally/latest/>`__
|
- `Rally <https://docs.openstack.org/rally/latest/>`__
|
||||||
- `Sahara <https://docs.openstack.org/sahara/latest/>`__
|
- `Sahara <https://docs.openstack.org/sahara/latest/>`__
|
||||||
- `Searchlight <https://docs.openstack.org/searchlight/latest/>`__
|
- `Searchlight <https://docs.openstack.org/searchlight/latest/>`__
|
||||||
|
@ -375,6 +375,8 @@ prometheus_elasticsearch_exporter_port: "9108"
|
|||||||
|
|
||||||
qdrouterd_port: "31459"
|
qdrouterd_port: "31459"
|
||||||
|
|
||||||
|
qinling_api_port: "7070"
|
||||||
|
|
||||||
rabbitmq_port: "5672"
|
rabbitmq_port: "5672"
|
||||||
rabbitmq_management_port: "15672"
|
rabbitmq_management_port: "15672"
|
||||||
rabbitmq_cluster_port: "25672"
|
rabbitmq_cluster_port: "25672"
|
||||||
@ -561,6 +563,7 @@ enable_horizon_murano: "{{ enable_murano | bool }}"
|
|||||||
enable_horizon_neutron_lbaas: "{{ enable_neutron_lbaas | bool }}"
|
enable_horizon_neutron_lbaas: "{{ enable_neutron_lbaas | bool }}"
|
||||||
enable_horizon_neutron_vpnaas: "{{ enable_neutron_vpnaas | bool }}"
|
enable_horizon_neutron_vpnaas: "{{ enable_neutron_vpnaas | bool }}"
|
||||||
enable_horizon_octavia: "{{ enable_octavia | bool }}"
|
enable_horizon_octavia: "{{ enable_octavia | bool }}"
|
||||||
|
enable_horizon_qinling: "{{ enable_qinling | bool }}"
|
||||||
enable_horizon_sahara: "{{ enable_sahara | bool }}"
|
enable_horizon_sahara: "{{ enable_sahara | bool }}"
|
||||||
enable_horizon_searchlight: "{{ enable_searchlight | bool }}"
|
enable_horizon_searchlight: "{{ enable_searchlight | bool }}"
|
||||||
enable_horizon_senlin: "{{ enable_senlin | bool }}"
|
enable_horizon_senlin: "{{ enable_senlin | bool }}"
|
||||||
@ -615,6 +618,7 @@ enable_osprofiler: "no"
|
|||||||
enable_panko: "no"
|
enable_panko: "no"
|
||||||
enable_placement: "{{ enable_nova }}"
|
enable_placement: "{{ enable_nova }}"
|
||||||
enable_qdrouterd: "{{ 'yes' if om_rpc_transport == 'amqp' else 'no' }}"
|
enable_qdrouterd: "{{ 'yes' if om_rpc_transport == 'amqp' else 'no' }}"
|
||||||
|
enable_qinling: "no"
|
||||||
enable_rally: "no"
|
enable_rally: "no"
|
||||||
enable_redis: "no"
|
enable_redis: "no"
|
||||||
enable_sahara: "no"
|
enable_sahara: "no"
|
||||||
@ -894,6 +898,12 @@ octavia_amp_boot_network_list:
|
|||||||
octavia_amp_secgroup_list:
|
octavia_amp_secgroup_list:
|
||||||
octavia_amp_flavor_id:
|
octavia_amp_flavor_id:
|
||||||
|
|
||||||
|
#################
|
||||||
|
# Qinling options
|
||||||
|
#################
|
||||||
|
# Configure qinling-engine certificates to authenticate with Kubernetes cluster.
|
||||||
|
qinling_kubernetes_certificates: "no"
|
||||||
|
|
||||||
###################
|
###################
|
||||||
# Ceph options
|
# Ceph options
|
||||||
###################
|
###################
|
||||||
|
@ -163,6 +163,9 @@ monitoring
|
|||||||
[magnum:children]
|
[magnum:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
|
[qinling:children]
|
||||||
|
control
|
||||||
|
|
||||||
[sahara:children]
|
[sahara:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
@ -508,6 +511,13 @@ magnum
|
|||||||
[magnum-conductor:children]
|
[magnum-conductor:children]
|
||||||
magnum
|
magnum
|
||||||
|
|
||||||
|
# Qinling
|
||||||
|
[qinling-api:children]
|
||||||
|
qinling
|
||||||
|
|
||||||
|
[qinling-engine:children]
|
||||||
|
qinling
|
||||||
|
|
||||||
# Solum
|
# Solum
|
||||||
[solum-api:children]
|
[solum-api:children]
|
||||||
solum
|
solum
|
||||||
|
@ -185,6 +185,9 @@ control
|
|||||||
[magnum:children]
|
[magnum:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
|
[qinling:children]
|
||||||
|
control
|
||||||
|
|
||||||
[sahara:children]
|
[sahara:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
@ -517,6 +520,13 @@ magnum
|
|||||||
[magnum-conductor:children]
|
[magnum-conductor:children]
|
||||||
magnum
|
magnum
|
||||||
|
|
||||||
|
# Qinling
|
||||||
|
[qinling-api:children]
|
||||||
|
qinling
|
||||||
|
|
||||||
|
[qinling-engine:children]
|
||||||
|
qinling
|
||||||
|
|
||||||
# Sahara
|
# Sahara
|
||||||
[sahara-api:children]
|
[sahara-api:children]
|
||||||
sahara
|
sahara
|
||||||
|
@ -286,6 +286,7 @@
|
|||||||
- { name: "opendaylight", enabled: "{{ enable_opendaylight }}" }
|
- { name: "opendaylight", enabled: "{{ enable_opendaylight }}" }
|
||||||
- { name: "outward-rabbitmq", enabled: "{{ enable_outward_rabbitmq }}" }
|
- { name: "outward-rabbitmq", enabled: "{{ enable_outward_rabbitmq }}" }
|
||||||
- { name: "panko", enabled: "{{ enable_panko }}" }
|
- { name: "panko", enabled: "{{ enable_panko }}" }
|
||||||
|
- { name: "qinling", enabled: "{{ enable_qinling }}" }
|
||||||
- { name: "rabbitmq", enabled: "{{ enable_rabbitmq }}" }
|
- { name: "rabbitmq", enabled: "{{ enable_rabbitmq }}" }
|
||||||
- { name: "rally", enabled: "{{ enable_rally }}" }
|
- { name: "rally", enabled: "{{ enable_rally }}" }
|
||||||
- { name: "sahara", enabled: "{{ enable_sahara }}" }
|
- { name: "sahara", enabled: "{{ enable_sahara }}" }
|
||||||
|
@ -166,4 +166,9 @@
|
|||||||
pattern ^(blazar-api|blazar-manager)$
|
pattern ^(blazar-api|blazar-manager)$
|
||||||
tag openstack_python
|
tag openstack_python
|
||||||
</rule>
|
</rule>
|
||||||
|
<rule>
|
||||||
|
key programname
|
||||||
|
pattern ^(qinling-engine|qinling-api)$
|
||||||
|
tag openstack_python
|
||||||
|
</rule>
|
||||||
</match>
|
</match>
|
||||||
|
@ -29,6 +29,7 @@
|
|||||||
( 'nova', enable_nova ),
|
( 'nova', enable_nova ),
|
||||||
( 'octavia', enable_octavia ),
|
( 'octavia', enable_octavia ),
|
||||||
( 'panko', enable_panko ),
|
( 'panko', enable_panko ),
|
||||||
|
( 'qinling', enable_qinling ),
|
||||||
( 'rally', enable_rally ),
|
( 'rally', enable_rally ),
|
||||||
( 'sahara', enable_sahara ),
|
( 'sahara', enable_sahara ),
|
||||||
( 'searchlight', enable_searchlight ),
|
( 'searchlight', enable_searchlight ),
|
||||||
|
@ -0,0 +1,3 @@
|
|||||||
|
"/var/log/kolla/qinling/*.log"
|
||||||
|
{
|
||||||
|
}
|
@ -44,6 +44,7 @@
|
|||||||
( 'opendaylight', enable_opendaylight ),
|
( 'opendaylight', enable_opendaylight ),
|
||||||
( 'outward-rabbitmq', enable_outward_rabbitmq ),
|
( 'outward-rabbitmq', enable_outward_rabbitmq ),
|
||||||
( 'panko', enable_panko ),
|
( 'panko', enable_panko ),
|
||||||
|
( 'qinling', enable_qinling ),
|
||||||
( 'rabbitmq', enable_rabbitmq ),
|
( 'rabbitmq', enable_rabbitmq ),
|
||||||
( 'rally', enable_rally ),
|
( 'rally', enable_rally ),
|
||||||
( 'sahara', enable_sahara ),
|
( 'sahara', enable_sahara ),
|
||||||
|
@ -756,6 +756,19 @@
|
|||||||
- haproxy_stat.find('panko_api') == -1
|
- haproxy_stat.find('panko_api') == -1
|
||||||
- "host_running_haproxy == 'None'"
|
- "host_running_haproxy == 'None'"
|
||||||
|
|
||||||
|
- name: Checking free port for Qinling API HAProxy
|
||||||
|
wait_for:
|
||||||
|
host: "{{ kolla_internal_vip_address }}"
|
||||||
|
port: "{{ qinling_api_port }}"
|
||||||
|
connect_timeout: 1
|
||||||
|
timeout: 1
|
||||||
|
state: stopped
|
||||||
|
when:
|
||||||
|
- enable_qinling | bool
|
||||||
|
- inventory_hostname in groups['haproxy']
|
||||||
|
- haproxy_stat.find('qinling_api') == -1
|
||||||
|
- "host_running_haproxy == 'None'"
|
||||||
|
|
||||||
- name: Checking free port for RabbitMQ Management HAProxy
|
- name: Checking free port for RabbitMQ Management HAProxy
|
||||||
wait_for:
|
wait_for:
|
||||||
host: "{{ kolla_internal_vip_address }}"
|
host: "{{ kolla_internal_vip_address }}"
|
||||||
|
@ -24,6 +24,7 @@ horizon_services:
|
|||||||
ENABLE_NEUTRON_LBAAS: "{{ 'yes' if enable_horizon_neutron_lbaas | bool else 'no' }}"
|
ENABLE_NEUTRON_LBAAS: "{{ 'yes' if enable_horizon_neutron_lbaas | bool else 'no' }}"
|
||||||
ENABLE_NEUTRON_VPNAAS: "{{ 'yes' if enable_horizon_neutron_vpnaas | bool else 'no' }}"
|
ENABLE_NEUTRON_VPNAAS: "{{ 'yes' if enable_horizon_neutron_vpnaas | bool else 'no' }}"
|
||||||
ENABLE_OCTAVIA: "{{ 'yes' if enable_horizon_octavia | bool else 'no' }}"
|
ENABLE_OCTAVIA: "{{ 'yes' if enable_horizon_octavia | bool else 'no' }}"
|
||||||
|
ENABLE_QINLING: "{{ 'yes' if enable_horizon_qinling | bool else 'no' }}"
|
||||||
ENABLE_SAHARA: "{{ 'yes' if enable_horizon_sahara | bool else 'no' }}"
|
ENABLE_SAHARA: "{{ 'yes' if enable_horizon_sahara | bool else 'no' }}"
|
||||||
ENABLE_SEARCHLIGHT: "{{ 'yes' if enable_horizon_searchlight | bool else 'no' }}"
|
ENABLE_SEARCHLIGHT: "{{ 'yes' if enable_horizon_searchlight | bool else 'no' }}"
|
||||||
ENABLE_SENLIN: "{{ 'yes' if enable_horizon_senlin | bool else 'no' }}"
|
ENABLE_SENLIN: "{{ 'yes' if enable_horizon_senlin | bool else 'no' }}"
|
||||||
|
@ -37,6 +37,7 @@
|
|||||||
- { name: "murano", enabled: "{{ enable_horizon_murano }}" }
|
- { name: "murano", enabled: "{{ enable_horizon_murano }}" }
|
||||||
- { name: "neutron", enabled: "{{ enable_neutron_horizon_policy_file }}" }
|
- { name: "neutron", enabled: "{{ enable_neutron_horizon_policy_file }}" }
|
||||||
- { name: "nova", enabled: "{{ enable_nova_horizon_policy_file }}" }
|
- { name: "nova", enabled: "{{ enable_nova_horizon_policy_file }}" }
|
||||||
|
- { name: "qinling", enabled: "{{ enable_horizon_qinling }}" }
|
||||||
- { name: "sahara", enabled: "{{ enable_horizon_sahara }}" }
|
- { name: "sahara", enabled: "{{ enable_horizon_sahara }}" }
|
||||||
- { name: "searchlight", enabled: "{{ enable_horizon_searchlight }}" }
|
- { name: "searchlight", enabled: "{{ enable_horizon_searchlight }}" }
|
||||||
- { name: "senlin", enabled: "{{ enable_horizon_senlin }}" }
|
- { name: "senlin", enabled: "{{ enable_horizon_senlin }}" }
|
||||||
|
@ -18,6 +18,7 @@
|
|||||||
( 'murano', enable_horizon_murano ),
|
( 'murano', enable_horizon_murano ),
|
||||||
( 'neutron', enable_neutron ),
|
( 'neutron', enable_neutron ),
|
||||||
( 'nova', enable_nova ),
|
( 'nova', enable_nova ),
|
||||||
|
( 'qinling', enable_horizon_qinling ),
|
||||||
( 'sahara', enable_horizon_sahara ),
|
( 'sahara', enable_horizon_sahara ),
|
||||||
( 'searchlight', enable_horizon_searchlight ),
|
( 'searchlight', enable_horizon_searchlight ),
|
||||||
( 'senlin', enable_horizon_senlin ),
|
( 'senlin', enable_horizon_senlin ),
|
||||||
|
88
ansible/roles/qinling/defaults/main.yml
Normal file
88
ansible/roles/qinling/defaults/main.yml
Normal file
@ -0,0 +1,88 @@
|
|||||||
|
---
|
||||||
|
project_name: "qinling"
|
||||||
|
|
||||||
|
qinling_services:
|
||||||
|
qinling-api:
|
||||||
|
container_name: qinling_api
|
||||||
|
group: qinling-api
|
||||||
|
enabled: true
|
||||||
|
image: "{{ qinling_api_image_full }}"
|
||||||
|
volumes:
|
||||||
|
- "{{ node_config_directory }}/qinling-api/:{{ container_config_directory }}/:ro"
|
||||||
|
- "/etc/localtime:/etc/localtime:ro"
|
||||||
|
- "{{ kolla_dev_repos_directory ~ '/qinling/qinling:/var/lib/kolla/venv/lib/python2.7/site-packages/qinling' if qinling_dev_mode | bool else '' }}"
|
||||||
|
- "kolla_logs:/var/log/kolla/"
|
||||||
|
dimensions: "{{ qinling_api_dimensions }}"
|
||||||
|
haproxy:
|
||||||
|
qinling_api:
|
||||||
|
enabled: "{{ enable_qinling }}"
|
||||||
|
mode: "http"
|
||||||
|
external: false
|
||||||
|
port: "{{ qinling_api_port }}"
|
||||||
|
qinling_api_external:
|
||||||
|
enabled: "{{ enable_qinling }}"
|
||||||
|
mode: "http"
|
||||||
|
external: true
|
||||||
|
port: "{{ qinling_api_port }}"
|
||||||
|
qinling-engine:
|
||||||
|
container_name: qinling_engine
|
||||||
|
group: qinling-engine
|
||||||
|
enabled: true
|
||||||
|
image: "{{ qinling_engine_image_full }}"
|
||||||
|
environment: "{{ container_proxy }}"
|
||||||
|
volumes:
|
||||||
|
- "{{ node_config_directory }}/qinling-engine/:{{ container_config_directory }}/:ro"
|
||||||
|
- "/etc/localtime:/etc/localtime:ro"
|
||||||
|
- "qinling:/var/lib/qinling/"
|
||||||
|
- "{{ kolla_dev_repos_directory ~ '/qinling/qinling:/var/lib/kolla/venv/lib/python2.7/site-packages/qinling' if qinling_dev_mode | bool else '' }}"
|
||||||
|
- "kolla_logs:/var/log/kolla/"
|
||||||
|
dimensions: "{{ qinling_engine_dimensions }}"
|
||||||
|
|
||||||
|
|
||||||
|
####################
|
||||||
|
# Database
|
||||||
|
####################
|
||||||
|
qinling_database_name: "qinling"
|
||||||
|
qinling_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}qinling{% endif %}"
|
||||||
|
qinling_database_address: "{{ database_address }}:{{ database_port }}"
|
||||||
|
|
||||||
|
|
||||||
|
####################
|
||||||
|
# Docker
|
||||||
|
####################
|
||||||
|
qinling_install_type: "{{ kolla_install_type }}"
|
||||||
|
qinling_tag: "{{ openstack_release }}"
|
||||||
|
|
||||||
|
qinling_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ qinling_install_type }}-qinling-api"
|
||||||
|
qinling_api_tag: "{{ qinling_tag }}"
|
||||||
|
qinling_api_image_full: "{{ qinling_api_image }}:{{ qinling_api_tag }}"
|
||||||
|
|
||||||
|
qinling_engine_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ qinling_install_type }}-qinling-engine"
|
||||||
|
qinling_engine_tag: "{{ qinling_tag }}"
|
||||||
|
qinling_engine_image_full: "{{ qinling_engine_image }}:{{ qinling_engine_tag }}"
|
||||||
|
|
||||||
|
qinling_api_dimensions: "{{ default_container_dimensions }}"
|
||||||
|
qinling_engine_dimensions: "{{ default_container_dimensions }}"
|
||||||
|
|
||||||
|
|
||||||
|
####################
|
||||||
|
# OpenStack
|
||||||
|
####################
|
||||||
|
qinling_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ qinling_api_port }}"
|
||||||
|
qinling_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ qinling_api_port }}"
|
||||||
|
qinling_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ qinling_api_port }}"
|
||||||
|
|
||||||
|
qinling_logging_debug: "{{ openstack_logging_debug }}"
|
||||||
|
|
||||||
|
qinling_keystone_user: "qinling"
|
||||||
|
|
||||||
|
openstack_qinling_auth: "{{ openstack_auth }}"
|
||||||
|
|
||||||
|
|
||||||
|
####################
|
||||||
|
# Kolla
|
||||||
|
####################
|
||||||
|
qinling_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
|
||||||
|
qinling_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
|
||||||
|
qinling_dev_mode: "{{ kolla_dev_mode }}"
|
||||||
|
qinling_source_version: "{{ kolla_source_version }}"
|
52
ansible/roles/qinling/handlers/main.yml
Normal file
52
ansible/roles/qinling/handlers/main.yml
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
---
|
||||||
|
- name: Restart qinling-api container
|
||||||
|
vars:
|
||||||
|
service_name: "qinling-api"
|
||||||
|
service: "{{ qinling_services[service_name] }}"
|
||||||
|
config_json: "{{ qinling_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
qinling_conf: "{{ qinling_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
policy_overwriting: "{{ qinling_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
qinling_api_container: "{{ check_qinling_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
become: true
|
||||||
|
kolla_docker:
|
||||||
|
action: "recreate_or_restart_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
name: "{{ service.container_name }}"
|
||||||
|
image: "{{ service.image }}"
|
||||||
|
volumes: "{{ service.volumes|reject('equalto', '')|list }}"
|
||||||
|
environment: "{{ service.environment }}"
|
||||||
|
dimensions: "{{ service.dimensions }}"
|
||||||
|
when:
|
||||||
|
- kolla_action != "config"
|
||||||
|
- inventory_hostname in groups[service.group]
|
||||||
|
- service.enabled | bool
|
||||||
|
- config_json.changed | bool
|
||||||
|
or qinling_conf.changed | bool
|
||||||
|
or policy_overwriting.changed | bool
|
||||||
|
or qinling_api_container.changed | bool
|
||||||
|
|
||||||
|
- name: Restart qinling-engine container
|
||||||
|
vars:
|
||||||
|
service_name: "qinling-engine"
|
||||||
|
service: "{{ qinling_services[service_name] }}"
|
||||||
|
config_json: "{{ qinling_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
qinling_conf: "{{ qinling_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
policy_overwriting: "{{ qinling_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
qinling_engine_container: "{{ check_qinling_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
become: true
|
||||||
|
kolla_docker:
|
||||||
|
action: "recreate_or_restart_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
name: "{{ service.container_name }}"
|
||||||
|
image: "{{ service.image }}"
|
||||||
|
volumes: "{{ service.volumes|reject('equalto', '')|list }}"
|
||||||
|
environment: "{{ service.environment }}"
|
||||||
|
dimensions: "{{ service.dimensions }}"
|
||||||
|
when:
|
||||||
|
- kolla_action != "config"
|
||||||
|
- inventory_hostname in groups[service.group]
|
||||||
|
- service.enabled | bool
|
||||||
|
- config_json.changed | bool
|
||||||
|
or qinling_conf.changed | bool
|
||||||
|
or policy_overwriting.changed | bool
|
||||||
|
or qinling_engine_container.changed | bool
|
3
ansible/roles/qinling/meta/main.yml
Normal file
3
ansible/roles/qinling/meta/main.yml
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
---
|
||||||
|
dependencies:
|
||||||
|
- { role: common }
|
38
ansible/roles/qinling/tasks/bootstrap.yml
Normal file
38
ansible/roles/qinling/tasks/bootstrap.yml
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
---
|
||||||
|
- name: Creating Qinling database
|
||||||
|
become: true
|
||||||
|
kolla_toolbox:
|
||||||
|
module_name: mysql_db
|
||||||
|
module_args:
|
||||||
|
login_host: "{{ database_address }}"
|
||||||
|
login_port: "{{ database_port }}"
|
||||||
|
login_user: "{{ database_user }}"
|
||||||
|
login_password: "{{ database_password }}"
|
||||||
|
name: "{{ qinling_database_name }}"
|
||||||
|
register: database
|
||||||
|
run_once: True
|
||||||
|
delegate_to: "{{ groups['qinling-api'][0] }}"
|
||||||
|
when:
|
||||||
|
- not use_preconfigured_databases | bool
|
||||||
|
|
||||||
|
- name: Creating Qinling database user and setting permissions
|
||||||
|
become: true
|
||||||
|
kolla_toolbox:
|
||||||
|
module_name: mysql_user
|
||||||
|
module_args:
|
||||||
|
login_host: "{{ database_address }}"
|
||||||
|
login_port: "{{ database_port }}"
|
||||||
|
login_user: "{{ database_user }}"
|
||||||
|
login_password: "{{ database_password }}"
|
||||||
|
name: "{{ qinling_database_user }}"
|
||||||
|
password: "{{ qinling_database_password }}"
|
||||||
|
host: "%"
|
||||||
|
priv: "{{ qinling_database_name }}.*:ALL"
|
||||||
|
append_privs: "yes"
|
||||||
|
run_once: True
|
||||||
|
delegate_to: "{{ groups['qinling-api'][0] }}"
|
||||||
|
when:
|
||||||
|
- not use_preconfigured_databases | bool
|
||||||
|
|
||||||
|
- include_tasks: bootstrap_service.yml
|
||||||
|
when: database.changed or use_preconfigured_databases | bool
|
20
ansible/roles/qinling/tasks/bootstrap_service.yml
Normal file
20
ansible/roles/qinling/tasks/bootstrap_service.yml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
---
|
||||||
|
- name: Running Qinling bootstrap container
|
||||||
|
vars:
|
||||||
|
qinling_api: "{{ qinling_services['qinling-api'] }}"
|
||||||
|
become: true
|
||||||
|
kolla_docker:
|
||||||
|
action: "start_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
detach: False
|
||||||
|
environment:
|
||||||
|
KOLLA_BOOTSTRAP:
|
||||||
|
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||||
|
image: "{{ qinling_api.image }}"
|
||||||
|
labels:
|
||||||
|
BOOTSTRAP:
|
||||||
|
name: "bootstrap_qinling"
|
||||||
|
restart_policy: "never"
|
||||||
|
volumes: "{{ qinling_api.volumes|reject('equalto', '')|list }}"
|
||||||
|
run_once: True
|
||||||
|
delegate_to: "{{ groups[qinling_api.group][0] }}"
|
1
ansible/roles/qinling/tasks/check.yml
Normal file
1
ansible/roles/qinling/tasks/check.yml
Normal file
@ -0,0 +1 @@
|
|||||||
|
---
|
7
ansible/roles/qinling/tasks/clone.yml
Normal file
7
ansible/roles/qinling/tasks/clone.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- name: Cloning qinling source repository for development
|
||||||
|
git:
|
||||||
|
repo: "{{ qinling_git_repository }}"
|
||||||
|
dest: "{{ kolla_dev_repos_directory }}/{{ project_name }}"
|
||||||
|
update: "{{ qinling_dev_repos_pull }}"
|
||||||
|
version: "{{ qinling_source_version }}"
|
104
ansible/roles/qinling/tasks/config.yml
Normal file
104
ansible/roles/qinling/tasks/config.yml
Normal file
@ -0,0 +1,104 @@
|
|||||||
|
---
|
||||||
|
- name: Ensuring config directories exist
|
||||||
|
file:
|
||||||
|
path: "{{ node_config_directory }}/{{ item.key }}"
|
||||||
|
state: "directory"
|
||||||
|
owner: "{{ config_owner_user }}"
|
||||||
|
group: "{{ config_owner_group }}"
|
||||||
|
mode: "0770"
|
||||||
|
become: true
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ qinling_services }}"
|
||||||
|
|
||||||
|
- include_tasks: external_kubernetes.yml
|
||||||
|
when:
|
||||||
|
- (enable_qinling | bool) and (qinling_kubernetes_certificates | bool)
|
||||||
|
- inventory_hostname in groups['qinling-engine']
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
local_action: stat path="{{ item }}"
|
||||||
|
run_once: True
|
||||||
|
register: qinling_policy
|
||||||
|
with_first_found:
|
||||||
|
- files: "{{ supported_policy_format_list }}"
|
||||||
|
paths:
|
||||||
|
- "{{ node_custom_config }}/qinling/"
|
||||||
|
skip: true
|
||||||
|
|
||||||
|
- name: Set qinling policy file
|
||||||
|
set_fact:
|
||||||
|
qinling_policy_file: "{{ qinling_policy.results.0.stat.path | basename }}"
|
||||||
|
qinling_policy_file_path: "{{ qinling_policy.results.0.stat.path }}"
|
||||||
|
when:
|
||||||
|
- qinling_policy.results
|
||||||
|
|
||||||
|
- name: Copying over config.json files for services
|
||||||
|
template:
|
||||||
|
src: "{{ item.key }}.json.j2"
|
||||||
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
||||||
|
mode: "0660"
|
||||||
|
become: true
|
||||||
|
register: qinling_config_jsons
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ qinling_services }}"
|
||||||
|
notify:
|
||||||
|
- Restart {{ item.key }} container
|
||||||
|
|
||||||
|
- name: Copying over qinling.conf
|
||||||
|
vars:
|
||||||
|
service_name: "{{ item.key }}"
|
||||||
|
merge_configs:
|
||||||
|
sources:
|
||||||
|
- "{{ role_path }}/templates/qinling.conf.j2"
|
||||||
|
- "{{ node_custom_config }}/global.conf"
|
||||||
|
- "{{ node_custom_config }}/qinling.conf"
|
||||||
|
- "{{ node_custom_config }}/qinling/{{ item.key }}.conf"
|
||||||
|
- "{{ node_custom_config }}/qinling/{{ inventory_hostname }}/qinling.conf"
|
||||||
|
dest: "{{ node_config_directory }}/{{ item.key }}/qinling.conf"
|
||||||
|
mode: "0660"
|
||||||
|
become: true
|
||||||
|
register: qinling_confs
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ qinling_services }}"
|
||||||
|
notify:
|
||||||
|
- Restart {{ item.key }} container
|
||||||
|
|
||||||
|
- name: Copying over existing policy file
|
||||||
|
template:
|
||||||
|
src: "{{ qinling_policy_file_path }}"
|
||||||
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ qinling_policy_file }}"
|
||||||
|
mode: "0660"
|
||||||
|
become: true
|
||||||
|
register: qinling_policy_overwriting
|
||||||
|
when:
|
||||||
|
- qinling_policy_file is defined
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ qinling_services }}"
|
||||||
|
notify:
|
||||||
|
- Restart {{ item.key }} container
|
||||||
|
|
||||||
|
- name: Check qinling containers
|
||||||
|
become: true
|
||||||
|
kolla_docker:
|
||||||
|
action: "compare_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
name: "{{ item.value.container_name }}"
|
||||||
|
image: "{{ item.value.image }}"
|
||||||
|
volumes: "{{ item.value.volumes|reject('equalto', '')|list }}"
|
||||||
|
dimensions: "{{ item.value.dimensions }}"
|
||||||
|
environment: "{{ item.value.environment }}"
|
||||||
|
register: check_qinling_containers
|
||||||
|
when:
|
||||||
|
- kolla_action != "config"
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ qinling_services }}"
|
||||||
|
notify:
|
||||||
|
- Restart {{ item.key }} container
|
16
ansible/roles/qinling/tasks/deploy.yml
Normal file
16
ansible/roles/qinling/tasks/deploy.yml
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
---
|
||||||
|
- include_tasks: register.yml
|
||||||
|
when: inventory_hostname in groups['qinling-api']
|
||||||
|
|
||||||
|
- include_tasks: config.yml
|
||||||
|
when: inventory_hostname in groups['qinling-api'] or
|
||||||
|
inventory_hostname in groups['qinling-engine']
|
||||||
|
|
||||||
|
- include_tasks: clone.yml
|
||||||
|
when: qinling_dev_mode | bool
|
||||||
|
|
||||||
|
- include_tasks: bootstrap.yml
|
||||||
|
when: inventory_hostname in groups['qinling-api']
|
||||||
|
|
||||||
|
- name: Flush handlers
|
||||||
|
meta: flush_handlers
|
19
ansible/roles/qinling/tasks/external_kubernetes.yml
Normal file
19
ansible/roles/qinling/tasks/external_kubernetes.yml
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
---
|
||||||
|
- name: Copy over Kubernetes certificates files for qinling-engine
|
||||||
|
copy:
|
||||||
|
src: "{{ item }}"
|
||||||
|
dest: "{{ node_config_directory }}/qinling-engine/"
|
||||||
|
mode: "0660"
|
||||||
|
owner: "{{ config_owner_user }}"
|
||||||
|
group: "{{ config_owner_group }}"
|
||||||
|
become: true
|
||||||
|
register: qinling_engine_kubernetes_files
|
||||||
|
with_items:
|
||||||
|
- "{{ node_custom_config }}/qinling/qinling-engine/kubernetes_ca.crt"
|
||||||
|
- "{{ node_custom_config }}/qinling/qinling-engine/kubernetes.crt"
|
||||||
|
- "{{ node_custom_config }}/qinling/qinling-engine/kubernetes.key"
|
||||||
|
when:
|
||||||
|
- qinling_kubernetes_certificates | bool
|
||||||
|
- inventory_hostname in groups['qinling-engine']
|
||||||
|
notify:
|
||||||
|
- Restart qinling-engine container
|
7
ansible/roles/qinling/tasks/loadbalancer.yml
Normal file
7
ansible/roles/qinling/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- name: "Configure haproxy for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: haproxy-config
|
||||||
|
vars:
|
||||||
|
project_services: "{{ qinling_services }}"
|
||||||
|
tags: always
|
2
ansible/roles/qinling/tasks/main.yml
Normal file
2
ansible/roles/qinling/tasks/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
- include_tasks: "{{ kolla_action }}.yml"
|
17
ansible/roles/qinling/tasks/precheck.yml
Normal file
17
ansible/roles/qinling/tasks/precheck.yml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
---
|
||||||
|
- name: Get container facts
|
||||||
|
kolla_container_facts:
|
||||||
|
name:
|
||||||
|
- qinling_api
|
||||||
|
register: container_facts
|
||||||
|
|
||||||
|
- name: Checking free port for Qinling API
|
||||||
|
wait_for:
|
||||||
|
host: "{{ api_interface_address }}"
|
||||||
|
port: "{{ qinling_api_port }}"
|
||||||
|
connect_timeout: 1
|
||||||
|
timeout: 1
|
||||||
|
state: stopped
|
||||||
|
when:
|
||||||
|
- container_facts['qinling_api'] is not defined
|
||||||
|
- inventory_hostname in groups['qinling-api']
|
11
ansible/roles/qinling/tasks/pull.yml
Normal file
11
ansible/roles/qinling/tasks/pull.yml
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
---
|
||||||
|
- name: Pulling qinling images
|
||||||
|
become: true
|
||||||
|
kolla_docker:
|
||||||
|
action: "pull_image"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
image: "{{ item.value.image }}"
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ qinling_services }}"
|
2
ansible/roles/qinling/tasks/reconfigure.yml
Normal file
2
ansible/roles/qinling/tasks/reconfigure.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
- include_tasks: deploy.yml
|
34
ansible/roles/qinling/tasks/register.yml
Normal file
34
ansible/roles/qinling/tasks/register.yml
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
---
|
||||||
|
- name: Creating the Qinling service and endpoint
|
||||||
|
become: true
|
||||||
|
kolla_toolbox:
|
||||||
|
module_name: "kolla_keystone_service"
|
||||||
|
module_args:
|
||||||
|
service_name: "qinling"
|
||||||
|
service_type: "function-engine"
|
||||||
|
description: "Function Service"
|
||||||
|
endpoint_region: "{{ openstack_region_name }}"
|
||||||
|
url: "{{ item.url }}"
|
||||||
|
interface: "{{ item.interface }}"
|
||||||
|
region_name: "{{ openstack_region_name }}"
|
||||||
|
auth: "{{ openstack_qinling_auth }}"
|
||||||
|
endpoint_type: "{{ openstack_interface }}"
|
||||||
|
run_once: True
|
||||||
|
with_items:
|
||||||
|
- {'interface': 'admin', 'url': '{{ qinling_admin_endpoint }}'}
|
||||||
|
- {'interface': 'internal', 'url': '{{ qinling_internal_endpoint }}'}
|
||||||
|
- {'interface': 'public', 'url': '{{ qinling_public_endpoint }}'}
|
||||||
|
|
||||||
|
- name: Creating the Qinling project, user, and role
|
||||||
|
become: true
|
||||||
|
kolla_toolbox:
|
||||||
|
module_name: "kolla_keystone_user"
|
||||||
|
module_args:
|
||||||
|
project: "service"
|
||||||
|
user: "{{ qinling_keystone_user }}"
|
||||||
|
password: "{{ qinling_keystone_password }}"
|
||||||
|
role: "admin"
|
||||||
|
region_name: "{{ openstack_region_name }}"
|
||||||
|
auth: "{{ openstack_qinling_auth }}"
|
||||||
|
endpoint_type: "{{ openstack_interface }}"
|
||||||
|
run_once: True
|
6
ansible/roles/qinling/tasks/stop.yml
Normal file
6
ansible/roles/qinling/tasks/stop.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- import_role:
|
||||||
|
role: service-stop
|
||||||
|
vars:
|
||||||
|
project_services: "{{ qinling_services }}"
|
||||||
|
service_name: "{{ project_name }}"
|
7
ansible/roles/qinling/tasks/upgrade.yml
Normal file
7
ansible/roles/qinling/tasks/upgrade.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- include_tasks: config.yml
|
||||||
|
|
||||||
|
- include_tasks: bootstrap_service.yml
|
||||||
|
|
||||||
|
- name: Flush handlers
|
||||||
|
meta: flush_handlers
|
24
ansible/roles/qinling/templates/qinling-api.json.j2
Normal file
24
ansible/roles/qinling/templates/qinling-api.json.j2
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
{
|
||||||
|
"command": "qinling-api --config-file /etc/qinling/qinling.conf",
|
||||||
|
"config_files": [
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/qinling.conf",
|
||||||
|
"dest": "/etc/qinling/qinling.conf",
|
||||||
|
"owner": "qinling",
|
||||||
|
"perm": "0600"
|
||||||
|
}{% if qinling_policy_file is defined %},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/{{ qinling_policy_file }}",
|
||||||
|
"dest": "/etc/qinling/{{ qinling_policy_file }}",
|
||||||
|
"owner": "qinling",
|
||||||
|
"perm": "0600"
|
||||||
|
}{% endif %}
|
||||||
|
],
|
||||||
|
"permissions": [
|
||||||
|
{
|
||||||
|
"path": "/var/log/kolla/qinling",
|
||||||
|
"owner": "qinling:qinling",
|
||||||
|
"recurse": true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
47
ansible/roles/qinling/templates/qinling-engine.json.j2
Normal file
47
ansible/roles/qinling/templates/qinling-engine.json.j2
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
{
|
||||||
|
"command": "qinling-engine --config-file /etc/qinling/qinling.conf",
|
||||||
|
"config_files": [
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/qinling.conf",
|
||||||
|
"dest": "/etc/qinling/qinling.conf",
|
||||||
|
"owner": "qinling",
|
||||||
|
"perm": "0600"
|
||||||
|
}{% if qinling_policy_file is defined %},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/{{ qinling_policy_file }}",
|
||||||
|
"dest": "/etc/qinling/{{ qinling_policy_file }}",
|
||||||
|
"owner": "qinling",
|
||||||
|
"perm": "0600"
|
||||||
|
}{% endif %}{% if qinling_kubernetes_certificates is defined and qinling_kubernetes_certificates | bool %},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/kubernetes_ca.crt",
|
||||||
|
"dest": "/etc/qinling/pki/kubernetes/ca.crt",
|
||||||
|
"owner": "qinling",
|
||||||
|
"perm": "0600"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/kubernetes.crt",
|
||||||
|
"dest": "/etc/qinling/pki/kubernetes/qinling.crt",
|
||||||
|
"owner": "qinling",
|
||||||
|
"perm": "0600"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/kubernetes.key",
|
||||||
|
"dest": "/etc/qinling/pki/kubernetes/qinling.key",
|
||||||
|
"owner": "qinling",
|
||||||
|
"perm": "0600"
|
||||||
|
}{% endif %}
|
||||||
|
],
|
||||||
|
"permissions": [
|
||||||
|
{
|
||||||
|
"path": "/var/lib/qinling",
|
||||||
|
"owner": "qinling:qinling",
|
||||||
|
"recurse": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"path": "/var/log/kolla/qinling",
|
||||||
|
"owner": "qinling:qinling",
|
||||||
|
"recurse": true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
62
ansible/roles/qinling/templates/qinling.conf.j2
Normal file
62
ansible/roles/qinling/templates/qinling.conf.j2
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
[DEFAULT]
|
||||||
|
debug = {{ qinling_logging_debug }}
|
||||||
|
log_dir = /var/log/kolla/qinling
|
||||||
|
transport_url = {{ rpc_transport_url }}
|
||||||
|
|
||||||
|
{% if service_name == 'qinling-api' %}
|
||||||
|
[api]
|
||||||
|
port = {{ qinling_api_port }}
|
||||||
|
host = {{ api_interface_address }}
|
||||||
|
api_workers = {{ openstack_service_workers }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if service_name == 'qinling-engine' %}
|
||||||
|
[engine]
|
||||||
|
host = {{ api_interface_address }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
[database]
|
||||||
|
connection = mysql+pymysql://{{ qinling_database_user }}:{{ qinling_database_password }}@{{ qinling_database_address }}/{{ qinling_database_name }}
|
||||||
|
max_retries = -1
|
||||||
|
|
||||||
|
[keystone_authtoken]
|
||||||
|
www_authenticate_uri = {{ keystone_internal_url }}/v3
|
||||||
|
auth_url = {{ keystone_admin_url }}
|
||||||
|
auth_type = password
|
||||||
|
project_domain_name = {{ default_project_domain_name }}
|
||||||
|
user_domain_name = {{ default_user_domain_name }}
|
||||||
|
project_name = service
|
||||||
|
username = {{ qinling_keystone_user }}
|
||||||
|
password = {{ qinling_keystone_password }}
|
||||||
|
region_name = {{ openstack_region_name }}
|
||||||
|
|
||||||
|
memcache_security_strategy = ENCRYPT
|
||||||
|
memcache_secret_key = {{ memcache_secret_key }}
|
||||||
|
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||||
|
|
||||||
|
[storage]
|
||||||
|
file_system_dir = /var/lib/qinling/package
|
||||||
|
|
||||||
|
[etcd]
|
||||||
|
{% if enable_etcd | bool %}
|
||||||
|
host = {{ api_interface_address }}
|
||||||
|
port = {{ etcd_client_port }}
|
||||||
|
protocol = {{ internal_protocol }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
[oslo_messaging_notifications]
|
||||||
|
transport_url = {{ notify_transport_url }}
|
||||||
|
{% if enable_ceilometer | bool %}
|
||||||
|
driver = messagingv2
|
||||||
|
topics = notifications
|
||||||
|
{% else %}
|
||||||
|
driver = noop
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if qinling_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ qinling_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
[oslo_middleware]
|
||||||
|
enable_proxy_headers_parsing = True
|
@ -69,6 +69,7 @@
|
|||||||
- enable_placement_{{ enable_placement | bool }}
|
- enable_placement_{{ enable_placement | bool }}
|
||||||
- enable_prometheus_{{ enable_prometheus | bool }}
|
- enable_prometheus_{{ enable_prometheus | bool }}
|
||||||
- enable_qdrouterd_{{ enable_qdrouterd | bool }}
|
- enable_qdrouterd_{{ enable_qdrouterd | bool }}
|
||||||
|
- enable_qinling_{{ enable_qinling | bool }}
|
||||||
- enable_rabbitmq_{{ enable_rabbitmq | bool }}
|
- enable_rabbitmq_{{ enable_rabbitmq | bool }}
|
||||||
- enable_rally_{{ enable_rally | bool }}
|
- enable_rally_{{ enable_rally | bool }}
|
||||||
- enable_redis_{{ enable_redis | bool }}
|
- enable_redis_{{ enable_redis | bool }}
|
||||||
@ -302,6 +303,11 @@
|
|||||||
tasks_from: loadbalancer
|
tasks_from: loadbalancer
|
||||||
tags: prometheus
|
tags: prometheus
|
||||||
when: enable_prometheus | bool
|
when: enable_prometheus | bool
|
||||||
|
- include_role:
|
||||||
|
role: qinling
|
||||||
|
tasks_from: loadbalancer
|
||||||
|
tags: qinling
|
||||||
|
when: enable_qinling | bool
|
||||||
- include_role:
|
- include_role:
|
||||||
role: rabbitmq
|
role: rabbitmq
|
||||||
tasks_from: loadbalancer
|
tasks_from: loadbalancer
|
||||||
@ -863,6 +869,18 @@
|
|||||||
tags: mistral,
|
tags: mistral,
|
||||||
when: enable_mistral | bool }
|
when: enable_mistral | bool }
|
||||||
|
|
||||||
|
- name: Apply role qinling
|
||||||
|
gather_facts: false
|
||||||
|
hosts:
|
||||||
|
- qinling-api
|
||||||
|
- qinling-engine
|
||||||
|
- '&enable_qinling_True'
|
||||||
|
serial: '{{ kolla_serial|default("0") }}'
|
||||||
|
roles:
|
||||||
|
- { role: qinling,
|
||||||
|
tags: qinling,
|
||||||
|
when: enable_qinling | bool }
|
||||||
|
|
||||||
- name: Apply role sahara
|
- name: Apply role sahara
|
||||||
gather_facts: false
|
gather_facts: false
|
||||||
hosts:
|
hosts:
|
||||||
|
@ -10,6 +10,7 @@ compute services like HyperV, XenServer and so on.
|
|||||||
|
|
||||||
hyperv-guide
|
hyperv-guide
|
||||||
nova-fake-driver
|
nova-fake-driver
|
||||||
|
qinling-guide
|
||||||
vmware-guide
|
vmware-guide
|
||||||
xenserver-guide
|
xenserver-guide
|
||||||
zun-guide
|
zun-guide
|
||||||
|
96
doc/source/reference/compute/qinling-guide.rst
Normal file
96
doc/source/reference/compute/qinling-guide.rst
Normal file
@ -0,0 +1,96 @@
|
|||||||
|
.. _qinling-guide:
|
||||||
|
|
||||||
|
=========================
|
||||||
|
Qinling - Function Engine
|
||||||
|
=========================
|
||||||
|
|
||||||
|
Overview
|
||||||
|
~~~~~~~~
|
||||||
|
|
||||||
|
Qinling aims to provide a platform to support serverless functions
|
||||||
|
(like AWS Lambda). Qinling supports different container orchestration
|
||||||
|
platforms (Kubernetes/Swarm, etc...) and different function package storage
|
||||||
|
backends (local/Swift/S3) by nature using plugin mechanism.
|
||||||
|
|
||||||
|
Kolla deploys Qinling API and Qinling Engine containers which are the main
|
||||||
|
Qinling components but it needs to be connected to an existing container
|
||||||
|
orchestration platforms.
|
||||||
|
|
||||||
|
Apply custom policies to Qinling API
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
Custom policies could be apply by creating ``policy.json`` file under
|
||||||
|
``/etc/kolla/config/qinling`` directory.
|
||||||
|
|
||||||
|
|
||||||
|
Connect to an existing Kubernetes cluster
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
Certificates
|
||||||
|
------------
|
||||||
|
|
||||||
|
``qinling-engine`` authenticates to Kubernetes by using certificates.
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
If the cluster has not been created with OpenStack Magnum then
|
||||||
|
certificates need to be gathered using different methods that will not
|
||||||
|
be mentioned here.
|
||||||
|
|
||||||
|
If the Kubernetes cluster has been deployed with OpenStack Magnum then the
|
||||||
|
OpenStack client should be used to retrieve the certificates.
|
||||||
|
|
||||||
|
.. code-block:: console
|
||||||
|
|
||||||
|
openstack coe cluster config --dir . 687f7476-5604-4b44-8b09-b7a4f3fdbd64 --output-certs
|
||||||
|
|
||||||
|
Where ``687f7476-5604-4b44-8b09-b7a4f3fdbd64`` is the Kubernetes cluster ID
|
||||||
|
created with Magnum.
|
||||||
|
|
||||||
|
Four files should have been generated:
|
||||||
|
|
||||||
|
- ``ca.pem``
|
||||||
|
- ``cert.pem``
|
||||||
|
- ``key.pem``
|
||||||
|
- ``config``
|
||||||
|
|
||||||
|
Only ``ca.pem``, ``cert.pem`` and ``key.pem`` will be used, these files have
|
||||||
|
to be stored in ``/etc/kolla/config/qinling/qinling-engine`` directory under
|
||||||
|
these file name:
|
||||||
|
|
||||||
|
- ``ca.pem``: ``/etc/kolla/config/qinling/qinling-engine/kubernetes_ca.crt``
|
||||||
|
- ``cert.pem``: ``/etc/kolla/config/qinling/qinling-engine/kubernetes.crt``
|
||||||
|
- ``key.pem``: ``/etc/kolla/config/qinling/qinling-engine/kubernetes.key``
|
||||||
|
|
||||||
|
|
||||||
|
Declare ``qinling_kubernetes_certificates`` variable in
|
||||||
|
``/etc/kolla/globals.yml``:
|
||||||
|
|
||||||
|
.. code-block:: yaml
|
||||||
|
|
||||||
|
qinling_kubernetes_certificates: "yes"
|
||||||
|
|
||||||
|
Kubernetes cluster
|
||||||
|
------------------
|
||||||
|
|
||||||
|
``qinling-engine`` needs to know where to connect, the information is
|
||||||
|
provided by options under ``[kubernetes]`` section inside ``qinling.conf``
|
||||||
|
configuration file.
|
||||||
|
|
||||||
|
As mentioned above, these settings are only required by ``qinling-engine``,
|
||||||
|
put the content in ``/etc/kolla/config/qinling/qinling-engine.conf``.
|
||||||
|
|
||||||
|
.. code-block:: ini
|
||||||
|
|
||||||
|
[kubernetes]
|
||||||
|
kube_host = https://192.168.1.168:6443
|
||||||
|
use_api_certificate = True
|
||||||
|
ssl_ca_cert = /etc/qinling/pki/kubernetes/ca.crt
|
||||||
|
cert_file = /etc/qinling/pki/kubernetes/qinling.crt
|
||||||
|
key_file = /etc/qinling/pki/kubernetes/qinling.key
|
||||||
|
trusted_cidrs = 192.168.1.0/24,10.0.0.53/32
|
||||||
|
|
||||||
|
``kube_host`` is the the Kubernetes cluster API address, ``https`` protocol
|
||||||
|
have to be defined.
|
||||||
|
|
||||||
|
``trusted_cidrs`` is a list of CIDR trusted by the Kubernetes cluster defined
|
||||||
|
by a network policy under the ``qinling`` namespace.
|
@ -236,6 +236,7 @@ kolla_internal_vip_address: "10.10.10.254"
|
|||||||
#enable_horizon_neutron_lbaas: "{{ enable_neutron_lbaas | bool }}"
|
#enable_horizon_neutron_lbaas: "{{ enable_neutron_lbaas | bool }}"
|
||||||
#enable_horizon_neutron_vpnaas: "{{ enable_neutron_vpnaas | bool }}"
|
#enable_horizon_neutron_vpnaas: "{{ enable_neutron_vpnaas | bool }}"
|
||||||
#enable_horizon_octavia: "{{ enable_octavia | bool }}"
|
#enable_horizon_octavia: "{{ enable_octavia | bool }}"
|
||||||
|
#enable_horizon_qinling: "{{ enable_qinling | bool }}"
|
||||||
#enable_horizon_sahara: "{{ enable_sahara | bool }}"
|
#enable_horizon_sahara: "{{ enable_sahara | bool }}"
|
||||||
#enable_horizon_searchlight: "{{ enable_searchlight | bool }}"
|
#enable_horizon_searchlight: "{{ enable_searchlight | bool }}"
|
||||||
#enable_horizon_senlin: "{{ enable_senlin | bool }}"
|
#enable_horizon_senlin: "{{ enable_senlin | bool }}"
|
||||||
@ -288,6 +289,7 @@ kolla_internal_vip_address: "10.10.10.254"
|
|||||||
#enable_placement: "{{ enable_nova }}"
|
#enable_placement: "{{ enable_nova }}"
|
||||||
#enable_prometheus: "no"
|
#enable_prometheus: "no"
|
||||||
#enable_qdrouterd: "no"
|
#enable_qdrouterd: "no"
|
||||||
|
#enable_qinling: "no"
|
||||||
#enable_rally: "no"
|
#enable_rally: "no"
|
||||||
#enable_redis: "no"
|
#enable_redis: "no"
|
||||||
#enable_sahara: "no"
|
#enable_sahara: "no"
|
||||||
|
@ -196,6 +196,9 @@ vitrage_keystone_password:
|
|||||||
|
|
||||||
memcache_secret_key:
|
memcache_secret_key:
|
||||||
|
|
||||||
|
qinling_database_password:
|
||||||
|
qinling_keystone_password:
|
||||||
|
|
||||||
# HMAC secret key
|
# HMAC secret key
|
||||||
osprofiler_secret:
|
osprofiler_secret:
|
||||||
|
|
||||||
|
@ -0,0 +1,5 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- Adds Qinling Ansible role. Qinling is an OpenStack project
|
||||||
|
to provide "Function as a Service". This project aims to
|
||||||
|
provide a platform to support serverless functions.
|
@ -159,6 +159,9 @@ monitoring
|
|||||||
[magnum:children]
|
[magnum:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
|
[qinling:children]
|
||||||
|
control
|
||||||
|
|
||||||
[sahara:children]
|
[sahara:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
@ -457,6 +460,13 @@ magnum
|
|||||||
[magnum-conductor:children]
|
[magnum-conductor:children]
|
||||||
magnum
|
magnum
|
||||||
|
|
||||||
|
# Qinling
|
||||||
|
[qinling-api:children]
|
||||||
|
qinling
|
||||||
|
|
||||||
|
[qinling-engine:children]
|
||||||
|
qinling
|
||||||
|
|
||||||
# Solum
|
# Solum
|
||||||
[solum-api:children]
|
[solum-api:children]
|
||||||
solum
|
solum
|
||||||
|
Loading…
Reference in New Issue
Block a user