Ansible Nova w/ libvirt support

Initial support for Nova in Ansible

Partially-Implements: blueprint ansible-service

Change-Id: I4b0a74bd3e5daa5664f5e1e622bfb40c3285949e

ansible/inventory/all-in-one

@@ -1,6 +1,14 @@
+# These initial groups are the only groups required to be modified. The
+# additional groups are for more control of the environment.
 [support]
 localhost       ansible_connection=local
 
+[compute]
+localhost       ansible_connection=local
+
+
+# You can explicitly specify which hosts run each project by updating the
+# groups in the sections below. Common services are grouped together.
 [database:children]
 support
 
@@ -12,3 +20,30 @@ support
 
 [glance:children]
 support
+
+[nova:children]
+support
+
+
+# Additional control implemented here. These groups allow you to control which
+# services run on which hosts at a per-service level.
+#
+# Word of caution: Some services are required to run on the same host to
+# function appropriately. For example, neutron-metadata-agent must run on the
+# same host as the l3-agent and (depending on configuration) the dhcp-agent.
+
+# Nova
+[nova-api:children]
+nova
+
+[nova-conductor:children]
+nova
+
+[nova-consoleauth:children]
+nova
+
+[nova-novncproxy:children]
+nova
+
+[nova-scheduler:children]
+nova

ansible/inventory/multinode

@@ -1,3 +1,5 @@
+# These initial groups are the only groups required to be modified. The
+# additional groups are for more control of the environment.
 [support]
 # These hostname must be resolvable from your deployment host
 support01       ansible_ssh_user=sam
@@ -7,6 +9,12 @@ support03       ansible_ssh_user=sam
 # The above can also be specified as follows:
 #support[01:03]     ansible_ssh_user=sam
 
+[compute]
+compute01
+
+
+# You can explicitly specify which hosts run each project by updating the
+# groups in the sections below. Common services are grouped together.
 [database:children]
 support
 
@@ -18,3 +26,30 @@ support
 
 [glance:children]
 support
+
+[nova:children]
+support
+
+
+# Additional control implemented here. These groups allow you to control which
+# services run on which hosts at a per-service level.
+#
+# Word of caution: Some services are required to run on the same host to
+# function appropriately. For example, neutron-metadata-agent must run on the
+# same host as the l3-agent and (depending on configuration) the dhcp-agent.
+
+# Nova
+[nova-api:children]
+nova
+
+[nova-conductor:children]
+nova
+
+[nova-consoleauth:children]
+nova
+
+[nova-novncproxy:children]
+nova
+
+[nova-scheduler:children]
+nova

ansible/roles/glance/defaults/main.yml

@@ -40,9 +40,6 @@ glance_public_address: "{{ kolla_external_address }}"
 glance_admin_address: "{{ kolla_internal_address }}"
 glance_internal_address: "{{ kolla_internal_address }}"
 
-glance_registry_port: "9191"
-glance_api_port: "9292"
-
 glance_logging_verbose: "{{ openstack_logging_verbose }}"
 glance_logging_debug: "{{ openstack_logging_debug }}"
 

ansible/roles/nova/defaults/main.yml

@@ -0,0 +1,71 @@
+---
+project_name: "nova"
+
+####################
+# Database
+####################
+nova_database_name: "nova"
+nova_database_user: "nova"
+nova_database_address: "{{ kolla_internal_address }}"
+
+# Do not override "service_*" variables
+service_database_name: "{{ nova_database_name }}"
+service_database_user: "{{ nova_database_user }}"
+service_database_password: "{{ nova_database_password }}"
+
+
+####################
+# Docker
+####################
+docker_nova_registry: "{{ docker_registry }}"
+docker_nova_namespace: "{{ docker_namespace }}"
+kolla_nova_base_distro: "{{ kolla_base_distro }}"
+kolla_nova_install_type: "{{ kolla_install_type }}"
+
+kolla_nova_libvirt_container_name: "nova-libvirt"
+docker_nova_libvirt_image: "{{ docker_nova_registry }}{{ docker_nova_namespace }}/{{ kolla_nova_base_distro }}-{{ kolla_nova_install_type }}-{{ kolla_nova_libvirt_container_name }}"
+docker_nova_libvirt_tag: "{{ openstack_release }}"
+docker_nova_libvirt_image_full: "{{ docker_nova_libvirt_image }}:{{ docker_nova_libvirt_tag }}"
+
+kolla_nova_api_container_name: "nova-api"
+docker_nova_api_image: "{{ docker_nova_registry }}{{ docker_nova_namespace }}/{{ kolla_nova_base_distro }}-{{ kolla_nova_install_type }}-{{ kolla_nova_api_container_name }}"
+docker_nova_api_tag: "{{ openstack_release }}"
+docker_nova_api_image_full: "{{ docker_nova_api_image }}:{{ docker_nova_api_tag }}"
+
+kolla_nova_conductor_container_name: "nova-conductor"
+docker_nova_conductor_image: "{{ docker_nova_registry }}{{ docker_nova_namespace }}/{{ kolla_nova_base_distro }}-{{ kolla_nova_install_type }}-{{ kolla_nova_conductor_container_name }}"
+docker_nova_conductor_tag: "{{ openstack_release }}"
+docker_nova_conductor_image_full: "{{ docker_nova_conductor_image }}:{{ docker_nova_conductor_tag }}"
+
+kolla_nova_consoleauth_container_name: "nova-consoleauth"
+docker_nova_consoleauth_image: "{{ docker_nova_registry }}{{ docker_nova_namespace }}/{{ kolla_nova_base_distro }}-{{ kolla_nova_install_type }}-{{ kolla_nova_consoleauth_container_name }}"
+docker_nova_consoleauth_tag: "{{ openstack_release }}"
+docker_nova_consoleauth_image_full: "{{ docker_nova_consoleauth_image }}:{{ docker_nova_consoleauth_tag }}"
+
+kolla_nova_novncproxy_container_name: "nova-novncproxy"
+docker_nova_novncproxy_image: "{{ docker_nova_registry }}{{ docker_nova_namespace }}/{{ kolla_nova_base_distro }}-{{ kolla_nova_install_type }}-{{ kolla_nova_novncproxy_container_name }}"
+docker_nova_novncproxy_tag: "{{ openstack_release }}"
+docker_nova_novncproxy_image_full: "{{ docker_nova_novncproxy_image }}:{{ docker_nova_novncproxy_tag }}"
+
+kolla_nova_scheduler_container_name: "nova-scheduler"
+docker_nova_scheduler_image: "{{ docker_nova_registry }}{{ docker_nova_namespace }}/{{ kolla_nova_base_distro }}-{{ kolla_nova_install_type }}-{{ kolla_nova_scheduler_container_name }}"
+docker_nova_scheduler_tag: "{{ openstack_release }}"
+docker_nova_scheduler_image_full: "{{ docker_nova_scheduler_image }}:{{ docker_nova_scheduler_tag }}"
+
+kolla_nova_compute_container_name: "nova-compute"
+docker_nova_compute_image: "{{ docker_nova_registry }}{{ docker_nova_namespace }}/{{ kolla_nova_base_distro }}-{{ kolla_nova_install_type }}-{{ kolla_nova_compute_container_name }}"
+docker_nova_compute_tag: "{{ openstack_release }}"
+docker_nova_compute_image_full: "{{ docker_nova_compute_image }}:{{ docker_nova_compute_tag }}"
+
+
+####################
+# Openstack
+####################
+nova_public_address: "{{ kolla_external_address }}"
+nova_admin_address: "{{ kolla_internal_address }}"
+nova_internal_address: "{{ kolla_internal_address }}"
+
+nova_logging_verbose: "{{ openstack_logging_verbose }}"
+nova_logging_debug: "{{ openstack_logging_debug }}"
+
+nova_keystone_user: "nova"

ansible/roles/nova/tasks/bootstrap.yml

@@ -0,0 +1,12 @@
+---
+- include: ../../bootstrap.yml
+  vars:
+    container_detach: False
+    container_environment:
+      KOLLA_BOOTSTRAP:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+    container_image: "{{ docker_nova_api_image_full }}"
+    container_name: "bootstrap_nova"
+    container_restart_policy: "no"
+    container_volumes:
+      - "{{ node_config_directory }}/nova-api/:/opt/kolla/nova-api/:ro"

ansible/roles/nova/tasks/config.yml

@@ -0,0 +1,120 @@
+---
+- include: ../../config.yml
+  vars:
+    service_name: "nova-api"
+    config_source:
+      - "roles/{{ project_name }}/templates/nova.conf.j2"
+      - "/etc/kolla/config/global.conf"
+      - "/etc/kolla/config/database.conf"
+      - "/etc/kolla/config/messaging.conf"
+      - "/etc/kolla/config/{{ project_name }}.conf"
+      - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf"
+    config_template_dest:
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment"
+    config_dest: "{{ node_config_directory }}/{{ service_name }}/nova.conf"
+  when: inventory_hostname in groups['nova-api']
+
+- include: ../../config.yml
+  vars:
+    service_name: "nova-conductor"
+    config_source:
+      - "roles/{{ project_name }}/templates/nova.conf.j2"
+      - "/etc/kolla/config/global.conf"
+      - "/etc/kolla/config/database.conf"
+      - "/etc/kolla/config/messaging.conf"
+      - "/etc/kolla/config/{{ project_name }}.conf"
+      - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf"
+    config_template_dest:
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment"
+    config_dest: "{{ node_config_directory }}/{{ service_name }}/nova.conf"
+  when: inventory_hostname in groups['nova-conductor']
+
+- include: ../../config.yml
+  vars:
+    service_name: "nova-consoleauth"
+    config_source:
+      - "roles/{{ project_name }}/templates/nova.conf.j2"
+      - "/etc/kolla/config/global.conf"
+      - "/etc/kolla/config/database.conf"
+      - "/etc/kolla/config/messaging.conf"
+      - "/etc/kolla/config/{{ project_name }}.conf"
+      - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf"
+    config_template_dest:
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment"
+    config_dest: "{{ node_config_directory }}/{{ service_name }}/nova.conf"
+  when: inventory_hostname in groups['nova-consoleauth']
+
+- include: ../../config.yml
+  vars:
+    service_name: "nova-scheduler"
+    config_source:
+      - "roles/{{ project_name }}/templates/nova.conf.j2"
+      - "/etc/kolla/config/global.conf"
+      - "/etc/kolla/config/database.conf"
+      - "/etc/kolla/config/messaging.conf"
+      - "/etc/kolla/config/{{ project_name }}.conf"
+      - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf"
+    config_template_dest:
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment"
+    config_dest: "{{ node_config_directory }}/{{ service_name }}/nova.conf"
+  when: inventory_hostname in groups['nova-scheduler']
+
+- include: ../../config.yml
+  vars:
+    service_name: "nova-compute"
+    config_source:
+      - "roles/{{ project_name }}/templates/nova.conf.j2"
+      - "/etc/kolla/config/global.conf"
+      - "/etc/kolla/config/database.conf"
+      - "/etc/kolla/config/messaging.conf"
+      - "/etc/kolla/config/{{ project_name }}.conf"
+      - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf"
+    config_template_dest:
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment"
+    config_dest: "{{ node_config_directory }}/{{ service_name }}/nova.conf"
+  when: inventory_hostname in groups['compute']
+
+- include: ../../config.yml
+  vars:
+    service_name: "nova-novncproxy"
+    config_source:
+      - "roles/{{ project_name }}/templates/nova.conf.j2"
+      - "/etc/kolla/config/global.conf"
+      - "/etc/kolla/config/database.conf"
+      - "/etc/kolla/config/messaging.conf"
+      - "/etc/kolla/config/{{ project_name }}.conf"
+      - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf"
+    config_template_dest:
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment"
+    config_dest: "{{ node_config_directory }}/{{ service_name }}/nova.conf"
+  when: inventory_hostname in groups['nova-novncproxy']

ansible/roles/nova/tasks/main.yml

@@ -0,0 +1,8 @@
+---
+- include: register.yml
+
+- include: config.yml
+
+- include: bootstrap.yml
+
+- include: start.yml

ansible/roles/nova/tasks/register.yml

@@ -0,0 +1,21 @@
+---
+- name: Creating the Nova service and endpoint
+  kolla_keystone_service:
+    service_name: "nova"
+    service_type: "compute"
+    description: "Openstack Compute"
+    endpoint_region: "{{ openstack_region_name }}"
+    admin_url: "http://{{ kolla_internal_address }}:{{ nova_api_port }}/v2/%(tenant_id)s"
+    internal_url: "http://{{ kolla_internal_address }}:{{ nova_api_port }}/v2/%(tenant_id)s"
+    public_url: "http://{{ kolla_external_address }}:{{ nova_api_port }}/v2/%(tenant_id)s"
+    auth: "{{ openstack_auth_v2 }}"
+    region_name: "{{ openstack_region_name }}"
+
+- name: Creating the Nova project, user, and role
+  kolla_keystone_user:
+    project: "service"
+    user: "nova"
+    password: "{{ nova_keystone_password }}"
+    role: "admin"
+    auth: "{{ openstack_auth_v2 }}"
+    region_name: "{{ openstack_region_name }}"

ansible/roles/nova/tasks/start.yml

@@ -0,0 +1,76 @@
+---
+- include: ../../start.yml
+  vars:
+    container_environment:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+    container_image: "{{ docker_nova_libvirt_image_full }}"
+    container_name: "nova_libvirt"
+    container_privileged: "True"
+    container_volumes:
+      - "/run:/run"
+      - "/lib/modules:/lib/modules:ro"
+  when: inventory_hostname in groups['compute']
+
+- include: ../../start.yml
+  vars:
+    container_environment:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+    container_image: "{{ docker_nova_api_image_full }}"
+    container_name: "nova_api"
+    container_privileged: "True"
+    container_volumes:
+      - "{{ node_config_directory }}/nova-api/:/opt/kolla/nova-api/:ro"
+      - "/lib/modules:/lib/modules:ro"
+  when: inventory_hostname in groups['nova-api']
+
+- include: ../../start.yml
+  vars:
+    container_environment:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+    container_image: "{{ docker_nova_conductor_image_full }}"
+    container_name: "nova_conductor"
+    container_volumes:
+      - "{{ node_config_directory }}/nova-conductor/:/opt/kolla/nova-conductor/:ro"
+  when: inventory_hostname in groups['nova-conductor']
+
+- include: ../../start.yml
+  vars:
+    container_environment:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+    container_image: "{{ docker_nova_consoleauth_image_full }}"
+    container_name: "nova_consoleauth"
+    container_volumes:
+      - "{{ node_config_directory }}/nova-consoleauth/:/opt/kolla/nova-consoleauth/:ro"
+  when: inventory_hostname in groups['nova-consoleauth']
+
+- include: ../../start.yml
+  vars:
+    container_environment:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+    container_image: "{{ docker_nova_novncproxy_image_full }}"
+    container_name: "nova_novncproxy"
+    container_volumes:
+      - "{{ node_config_directory }}/nova-novncproxy/:/opt/kolla/nova-novncproxy/:ro"
+  when: inventory_hostname in groups['nova-novncproxy']
+
+- include: ../../start.yml
+  vars:
+    container_environment:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+    container_image: "{{ docker_nova_scheduler_image_full }}"
+    container_name: "nova_scheduler"
+    container_volumes:
+      - "{{ node_config_directory }}/nova-scheduler/:/opt/kolla/nova-scheduler/:ro"
+  when: inventory_hostname in groups['nova-scheduler']
+
+- include: ../../start.yml
+  vars:
+    container_environment:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+    container_image: "{{ docker_nova_compute_image_full }}"
+    container_name: "nova_compute"
+    container_volumes:
+      - "{{ node_config_directory }}/nova-compute/:/opt/kolla/nova-compute/:ro"
+      - "/run:/run"
+      - "/lib/modules:/lib/modules:ro"
+  when: inventory_hostname in groups['compute']

ansible/roles/nova/templates/nova.conf.j2

@@ -0,0 +1,69 @@
+[DEFAULT]
+verbose = true
+debug = true
+
+state_path = /var/lib/nova
+lock_path = /var/lock/nova
+api_paste_config = /etc/nova/api-paste.ini
+
+osapi_compute_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+ec2_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+
+notification_driver = nova.openstack.common.notifier.rpc_notifier
+
+virt_type = kvm
+security_group_api = neutron
+network_api_class = nova.network.neutronv2.api.API
+firewall_driver = nova.virt.firewall.NoopFirewallDriver
+linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
+
+compute_driver = libvirt.LibvirtDriver
+allow_resize_to_same_host = true
+
+vnc_enabled = true
+my_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+vncserver_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+vncserver_proxyclient_address = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+novncproxy_base_url = http://{{ kolla_internal_address }}:6080/vnc_auto.html
+
+[oslo_messaging_rabbit]
+rabbit_host = {{ kolla_internal_address }}
+rabbit_userid = {{ rabbitmq_user }}
+rabbit_password = {{ rabbitmq_password }}
+rabbit_ha_queues = true
+
+[oslo_concurrency]
+lock_path = /var/lib/nova/tmp
+
+[glance]
+host = {{ kolla_internal_address }}
+
+[cinder]
+catalog_info = volume:cinder:internalURL
+
+[neutron]
+url = http://{{ kolla_internal_address }}:{{ neutron_server_port }}
+auth_strategy = keystone
+admin_auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v2.0
+admin_tenant_name = service
+admin_username = neutron
+admin_password = {{ neutron_keystone_password }}
+metadata_proxy_shared_secret = {{ metadata_secret }}
+service_metadata_proxy = true
+
+[database]
+connection = mysql://{{ nova_database_user }}:{{ nova_database_password }}@{{ nova_database_address }}/{{ nova_database_name }}
+
+[keystone_authtoken]
+auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }}
+auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }}
+auth_plugin = password
+project_domain_id = default
+user_domain_id = default
+project_name = service
+username = nova
+password = {{ nova_keystone_password }}
+
+[libvirt]
+connection_type = libivrt
+inject_partition = -2

ansible/site.yml

@@ -18,3 +18,8 @@
   roles:
     - glance
   tags: glance
+
+- hosts: nova
+  roles:
+    - nova
+  tags: nova

docker/common/nova-controller/nova-api/start.sh

@@ -10,4 +10,11 @@ source /opt/kolla/kolla-common.sh
 # Config-internal script exec out of this function, it does not return here.
 set_configs
 
+# Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases
+# of the KOLLA_BOOTSTRAP variable being set, including empty.
+if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
+    su -s /bin/sh -c "nova-manage db sync" nova
+    exit 0
+fi
+
 exec $CMD $ARGS

docker/common/nova-controller/nova-conductor/start.sh

@@ -10,11 +10,4 @@ source /opt/kolla/kolla-common.sh
 # Config-internal script exec out of this function, it does not return here.
 set_configs
 
-# Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases
-# of the KOLLA_BOOTSTRAP variable being set, including empty.
-if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
-    su -s /bin/sh -c "nova-manage db sync" nova
-    exit 0
-fi
-
 exec $CMD $ARGS

etc/kolla/defaults.yml

@@ -18,3 +18,17 @@ node_templates_directory: "/usr/share/kolla/templates"
 
 # The directory to store the config files on the destination node
 node_config_directory: "/opt/kolla/config"
+
+# All services have ports that need to be referenced on a global scale between
+# the different services. This prevents setting the ports in the defaults for
+# each role.
+
+keystone_public_port: "5000"
+keystone_admin_port: "35357"
+
+glance_api_port: "9292"
+glance_registry_port: "9191"
+
+nova_api_port: "8774"
+
+neutron_server_port: "9696"

etc/kolla/globals.yml

@@ -69,8 +69,6 @@ openstack_logging_verbose: "True"
 openstack_logging_debug: "False"
 
 openstack_region_name: "RegionOne"
-keystone_public_port: "5000"
-keystone_admin_port: "35357"
 
 openstack_auth:
     auth_url: "http://{{ kolla_internal_address }}:{{ keystone_admin_port }}"

etc/kolla/passwords.yml

@@ -25,6 +25,13 @@ keystone_database_password: "password"
 glance_database_password: "password"
 glance_keystone_password: "password"
 
+nova_database_password: "password"
+nova_keystone_password: "password"
+
+neutron_database_password: "password"
+neutron_keystone_password: "password"
+
+metadata_secret: "password"
 
 ####################
 # RabbitMQ options