Allow nova services to use independent hostnames

This allows nova service endpoints to use custom hostnames, and adds the following variables: * nova_internal_fqdn * nova_external_fqdn * placement_internal_fqdn * placement_external_fqdn * nova_novncproxy_fqdn * nova_spicehtml5proxy_fqdn * nova_serialproxy_fqdn These default to the old values of kolla_internal_fqdn or kolla_external_fqdn. This also adds the following variables: * nova_api_listen_port * nova_metadata_listen_port * nova_novncproxy_listen_port * nova_spicehtml5proxy_listen_port * nova_serialproxy_listen_port * placement_api_listen_port These default to <service>_port, e.g. nova_api_port, for backward compatibility. These options allow the user to differentiate between the port the service listens on, and the port the service is reachable on. This is useful for external load balancers which live on the same host as the service itself. Change-Id: I7bcce56a2138eeadcabac79dd07c8dba1c5af644 Implements: blueprint service-hostnames
2018-12-18 09:42:52 -05:00 · 2018-12-18 09:42:52 -05:00 · 51c9e1b633
commit 51c9e1b633
parent 114521ccba
6 changed files with 52 additions and 26 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -272,11 +272,21 @@ murano_api_port: "8082"

 neutron_server_port: "9696"

+nova_internal_fqdn: "{{ kolla_internal_fqdn }}"
+nova_external_fqdn: "{{ kolla_external_fqdn }}"
 nova_api_port: "8774"
+nova_api_listen_port: "{{ nova_api_port }}"
 nova_metadata_port: "8775"
+nova_metadata_listen_port: "{{ nova_metadata_port }}"
+nova_novncproxy_fqdn: "{{ kolla_external_fqdn }}"
 nova_novncproxy_port: "6080"
+nova_novncproxy_listen_port: "{{ nova_novncproxy_port }}"
+nova_spicehtml5proxy_fqdn: "{{ kolla_external_fqdn }}"
 nova_spicehtml5proxy_port: "6082"
+nova_spicehtml5proxy_listen_port: "{{ nova_spicehtml5proxy_port }}"
+nova_serialproxy_fqdn: "{{ kolla_external_fqdn }}"
 nova_serialproxy_port: "6083"
+nova_serialproxy_listen_port: "{{ nova_serialproxy_port }}"

 octavia_api_port: "9876"
 octavia_health_manager_port: "5555"
@ -290,7 +300,10 @@ ovsdb_port: "6640"

 panko_api_port: "8977"

+placement_internal_fqdn: "{{ kolla_internal_fqdn }}"
+placement_external_fqdn: "{{ kolla_external_fqdn }}"
 placement_api_port: "8780"
+placement_api_listen_port: "{{ placement_api_port }}"

 prometheus_port: "9091"
 prometheus_node_exporter_port: "9100"
--- a/ansible/roles/neutron/templates/metadata_agent.ini.j2
+++ b/ansible/roles/neutron/templates/metadata_agent.ini.j2
@ -1,6 +1,6 @@
 # metadata_agent.ini
 [DEFAULT]
-nova_metadata_host = {{ kolla_internal_fqdn }}
+nova_metadata_host = {{ nova_internal_fqdn }}

 nova_metadata_port = {{ nova_metadata_port }}
 metadata_proxy_shared_secret = {{ metadata_secret }}
--- a/ansible/roles/nova/defaults/main.yml
+++ b/ansible/roles/nova/defaults/main.yml
@ -53,11 +53,13 @@ nova_services:
        mode: "http"
        external: false
        port: "{{ placement_api_port }}"
+        listen_port: "{{ placement_api_listen_port }}"
      placement_api_external:
        enabled: "{{ enable_nova }}"
        mode: "http"
        external: true
        port: "{{ placement_api_port }}"
+        listen_port: "{{ placement_api_listen_port }}"
  nova-api:
    container_name: "nova_api"
    group: "nova-api"
@ -77,21 +79,25 @@ nova_services:
        mode: "http"
        external: false
        port: "{{ nova_api_port }}"
+        listen_port: "{{ nova_api_listen_port }}"
      nova_api_external:
        enabled: "{{ enable_nova }}"
        mode: "http"
        external: true
        port: "{{ nova_api_port }}"
+        listen_port: "{{ nova_api_listen_port }}"
      nova_metadata:
        enabled: "{{ enable_nova }}"
        mode: "http"
        external: false
        port: "{{ nova_metadata_port }}"
+        listen_port: "{{ nova_metadata_listen_port }}"
      nova_metadata_external:
        enabled: "{{ enable_nova }}"
        mode: "http"
        external: true
        port: "{{ nova_metadata_port }}"
+        listen_port: "{{ nova_metadata_listen_port }}"
      nova_rdp:
        enabled: "{{ enable_nova|bool and nova_console == 'rdp' }}"
        mode: "http"
@ -126,6 +132,7 @@ nova_services:
        mode: "http"
        external: false
        port: "{{ nova_novncproxy_port }}"
+        listen_port: "{{ nova_novncproxy_listen_port }}"
        backend_http_extra:
          - "timeout tunnel 1h"
      nova_novncproxy_external:
@ -133,6 +140,7 @@ nova_services:
        mode: "http"
        external: true
        port: "{{ nova_novncproxy_port }}"
+        listen_port: "{{ nova_novncproxy_listen_port }}"
  nova-scheduler:
    container_name: "nova_scheduler"
    group: "nova-scheduler"
@ -161,11 +169,13 @@ nova_services:
        mode: "http"
        external: false
        port: "{{ nova_spicehtml5proxy_port }}"
+        listen_port: "{{ nova_spicehtml5proxy_listen_port }}"
      nova_spicehtml5proxy_external:
        enabled: "{{ enable_nova|bool and nova_console == 'spice' }}"
        mode: "http"
        external: true
        port: "{{ nova_spicehtml5proxy_port }}"
+        listen_port: "{{ nova_spicehtml5proxy_listen_port }}"
  nova-serialproxy:
    container_name: "nova_serialproxy"
    group: "nova-serialproxy"
@ -183,6 +193,7 @@ nova_services:
        mode: "http"
        external: false
        port: "{{ nova_serialproxy_port }}"
+        listen_port: "{{ nova_serialproxy_listen_port }}"
        backend_http_extra:
          - "timeout tunnel {{ haproxy_nova_serialconsole_proxy_tunnel_timeout }}"
      nova_serialconsole_proxy_external:
@ -190,6 +201,7 @@ nova_services:
        mode: "http"
        external: true
        port: "{{ nova_serialproxy_port }}"
+        listen_port: "{{ nova_serialproxy_listen_port }}"
        backend_http_extra:
          - "timeout tunnel {{ haproxy_nova_serialconsole_proxy_tunnel_timeout }}"
  nova-conductor:
@ -354,17 +366,18 @@ haproxy_nova_serialconsole_proxy_tunnel_timeout: "10m"
 ####################
 # OpenStack
 ####################
-nova_legacy_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
-nova_legacy_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
-nova_legacy_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"

-nova_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
-nova_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
-nova_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
+nova_legacy_admin_endpoint: "{{ admin_protocol }}://{{ nova_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
+nova_legacy_internal_endpoint: "{{ internal_protocol }}://{{ nova_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
+nova_legacy_public_endpoint: "{{ public_protocol }}://{{ nova_external_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"

-placement_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ placement_api_port }}"
-placement_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ placement_api_port }}"
-placement_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ placement_api_port }}"
+nova_admin_endpoint: "{{ admin_protocol }}://{{ nova_internal_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
+nova_internal_endpoint: "{{ internal_protocol }}://{{ nova_internal_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
+nova_public_endpoint: "{{ public_protocol }}://{{ nova_external_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
+
+placement_admin_endpoint: "{{ admin_protocol }}://{{ placement_internal_fqdn }}:{{ placement_api_port }}"
+placement_internal_endpoint: "{{ internal_protocol }}://{{ placement_internal_fqdn }}:{{ placement_api_port }}"
+placement_public_endpoint: "{{ public_protocol }}://{{ placement_external_fqdn }}:{{ placement_api_port }}"

 nova_logging_debug: "{{ openstack_logging_debug }}"

--- a/ansible/roles/nova/tasks/precheck.yml
+++ b/ansible/roles/nova/tasks/precheck.yml
@ -26,7 +26,7 @@
    nova_api: "{{ nova_services['nova-api'] }}"
  wait_for:
    host: "{{ api_interface_address }}"
-    port: "{{ nova_api_port }}"
+    port: "{{ nova_api_listen_port }}"
    connect_timeout: 1
    timeout: 1
    state: stopped
@ -40,7 +40,7 @@
    nova_api: "{{ nova_services['nova-api'] }}"
  wait_for:
    host: "{{ api_interface_address }}"
-    port: "{{ nova_metadata_port }}"
+    port: "{{ nova_metadata_listen_port }}"
    connect_timeout: 1
    timeout: 1
    state: stopped
@ -54,7 +54,7 @@
    nova_novncproxy: "{{ nova_services['nova-novncproxy'] }}"
  wait_for:
    host: "{{ api_interface_address }}"
-    port: "{{ nova_novncproxy_port }}"
+    port: "{{ nova_novncproxy_listen_port }}"
    connect_timeout: 1
    timeout: 1
    state: stopped
@ -68,7 +68,7 @@
    nova_serialproxy: "{{ nova_services['nova-serialproxy'] }}"
  wait_for:
    host: "{{ api_interface_address }}"
-    port: "{{ nova_serialproxy_port }}"
+    port: "{{ nova_serialproxy_listen_port }}"
    connect_timeout: 1
    timeout: 1
    state: stopped
@ -82,7 +82,7 @@
    nova_spicehtml5proxy: "{{ nova_services['nova-spicehtml5proxy'] }}"
  wait_for:
    host: "{{ api_interface_address }}"
-    port: "{{ nova_spicehtml5proxy_port }}"
+    port: "{{ nova_spicehtml5proxy_listen_port }}"
    connect_timeout: 1
    timeout: 1
    state: stopped
@ -124,7 +124,7 @@
    placement_api: "{{ nova_services['placement-api'] }}"
  wait_for:
    host: "{{ api_interface_address }}"
-    port: "{{ placement_api_port }}"
+    port: "{{ placement_api_listen_port }}"
    connect_timeout: 1
    timeout: 1
    state: stopped
--- a/ansible/roles/nova/templates/nova.conf.j2
+++ b/ansible/roles/nova/templates/nova.conf.j2
@ -7,12 +7,12 @@ log_dir = /var/log/kolla/nova
 state_path = /var/lib/nova

 osapi_compute_listen = {{ api_interface_address }}
-osapi_compute_listen_port = {{ nova_api_port }}
+osapi_compute_listen_port = {{ nova_api_listen_port }}
 osapi_compute_workers = {{ openstack_service_workers }}
 metadata_workers = {{ openstack_service_workers }}

 metadata_listen = {{ api_interface_address }}
-metadata_listen_port = {{ nova_metadata_port }}
+metadata_listen_port = {{ nova_metadata_listen_port }}

 # NOTE(mgoddard): This option has been deprecated but RDO sets a different
 # default value for it in /usr/share/nova/nova-dist.conf which causes the
@ -74,11 +74,11 @@ workers = {{ openstack_service_workers }}
 enabled = false
 {% else %}
 novncproxy_host = {{ api_interface_address }}
-novncproxy_port = {{ nova_novncproxy_port }}
+novncproxy_port = {{ nova_novncproxy_listen_port }}
 server_listen = {{ api_interface_address }}
 server_proxyclient_address = {{ api_interface_address }}
 {% if inventory_hostname in groups['compute'] %}
-novncproxy_base_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_novncproxy_port }}/vnc_auto.html
+novncproxy_base_url = {{ public_protocol }}://{{ nova_novncproxy_fqdn }}:{{ nova_novncproxy_port }}/vnc_auto.html
 {% endif %}
 {% endif %}
 {% elif nova_console == 'spice' %}
@ -90,10 +90,10 @@ enabled = true
 server_listen = {{ api_interface_address }}
 server_proxyclient_address = {{ api_interface_address }}
 {% if inventory_hostname in groups['compute'] %}
-html5proxy_base_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_spicehtml5proxy_port }}/spice_auto.html
+html5proxy_base_url = {{ public_protocol }}://{{ nova_spicehtml5proxy_fqdn }}:{{ nova_spicehtml5proxy_port }}/spice_auto.html
 {% endif %}
 html5proxy_host = {{ api_interface_address }}
-html5proxy_port = {{ nova_spicehtml5proxy_port }}
+html5proxy_port = {{ nova_spicehtml5proxy_listen_port }}
 {% elif nova_console == 'none' %}
 [vnc]
 enabled = false
@ -103,9 +103,9 @@ enabled = false
 {% if enable_nova_serialconsole_proxy | bool %}
 [serial_console]
 enabled = true
-base_url = ws://{{ kolla_external_fqdn }}:{{ nova_serialproxy_port }}/
+base_url = ws://{{ nova_serialproxy_fqdn }}:{{ nova_serialproxy_port }}/
 serialproxy_host = {{ api_interface_address }}
-serialproxy_port = {{ nova_serialproxy_port }}
+serialproxy_port = {{ nova_serialproxy_listen_port }}
 proxyclient_address = {{ api_interface_address }}
 {% endif %}

--- a/ansible/roles/nova/templates/placement-api-wsgi.conf.j2
+++ b/ansible/roles/nova/templates/placement-api-wsgi.conf.j2
@ -1,13 +1,13 @@
 {% set log_dir = '/var/log/kolla/nova' %}
 {% set python_path = '/usr/lib/python2.7/site-packages' if nova_install_type == 'binary' else '/var/lib/kolla/venv/lib/python2.7/site-packages' %}
 {% set wsgi_directory = '/usr/bin' if nova_install_type == 'binary' else '/var/lib/kolla/venv/bin' %}
-Listen {{ api_interface_address }}:{{ placement_api_port }}
+Listen {{ api_interface_address }}:{{ placement_api_listen_port }}

 ServerSignature Off
 ServerTokens Prod
 TraceEnable off

-<VirtualHost *:{{ placement_api_port }}>
+<VirtualHost *:{{ placement_api_listen_port }}>
    WSGIDaemonProcess placement-api processes={{ openstack_service_workers }} threads=1 user=nova group=nova display-name=%{GROUP} python-path={{ python_path }}
    WSGIProcessGroup placement-api
    WSGIScriptAlias / {{ wsgi_directory }}/nova-placement-api