Glance interface address, memcached override, and glance override.

Note: This should not result in any behavior changes in regular Kolla, just
Kolla-Kubernetes and only when you've overridden stuff in globals.yml

Allows override of interface address, memcached pools, and glance registry
host so that Kubernetes can do the right thing.

There are some significant architectural issues involved in memcached pooling
in the Kolla-kubernetes world.  Avoiding them right now.

Current working with this Kolla-Kubernetes globals.yml file:

api_interface_address: "0.0.0.0"

memcached_servers: "memcached"

keystone_database_address: "mariadb"
keystone_admin_url: "http://keystone-admin:35357/v3"
keystone_internal_url: "http://keystone-public:5000/v3"
keystone_public_url: "http://keystone-public:5000/v3"
glance_registry_host: "glance-registry"

Two tings to note:
 * This depends on a kolla-kubernetes patch, so that it won't be merged
   until it's safe for glance to bind to 0.0.0.0.  It's OK to bind to
   0.0.0.0 in the Kubernetes world because the network fabric controls
   access.
 * In Kolla-Kubernetes, the global.yml file doesn't do var substitution
   so you have to be explicit about the URLs, otherwise Keystone will
   look like it was provisioned but it won't quite be provisioned right.

Co-Authored-By: Ryan Hallisey <rhallise@redhat.com>
Change-Id: Ic87566118a1d4f552748392ff394b9b121c91887
Partially-implements: blueprint api-interface-bind-address-override
Depends-On: I586ce1c6c3300254c4e2a398ff46645df576aeb0
This commit is contained in:
Ken Wronkiewicz 2016-06-21 14:16:17 -07:00 committed by Ryan Hallisey
parent a6d89f44e9
commit 85db94e5b7
3 changed files with 27 additions and 9 deletions

View File

@ -28,4 +28,4 @@
- "{{ node_custom_config }}/glance/{{ inventory_hostname }}/{{ item.service }}.conf" - "{{ node_custom_config }}/glance/{{ inventory_hostname }}/{{ item.service }}.conf"
dest: "{{ node_config_directory }}/{{ item.service }}/{{ item.service }}.conf" dest: "{{ node_config_directory }}/{{ item.service }}/{{ item.service }}.conf"
when: inventory_hostname in groups[item.group] when: inventory_hostname in groups[item.group]
with_items: "{{ glance_service_groups }}" with_items: "{{ glance_service_groups }}"

View File

@ -5,11 +5,15 @@ debug = {{ glance_logging_debug }}
log_file = /var/log/kolla/glance/api.log log_file = /var/log/kolla/glance/api.log
use_forwarded_for = true use_forwarded_for = true
bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} bind_host = {{ api_interface_address }}
bind_port = {{ glance_api_port }} bind_port = {{ glance_api_port }}
workers = {{ openstack_service_workers }} workers = {{ openstack_service_workers }}
{% if orchestration_engine == 'KUBERNETES' %}
registry_host = {{ glance_registry_host }}
{% else %}
registry_host = {{ kolla_internal_fqdn }} registry_host = {{ kolla_internal_fqdn }}
{% endif %}
{% if enable_ceph | bool %} {% if enable_ceph | bool %}
show_image_direct_url= True show_image_direct_url= True
@ -23,8 +27,8 @@ connection = mysql+pymysql://{{ glance_database_user }}:{{ glance_database_passw
max_retries = -1 max_retries = -1
[keystone_authtoken] [keystone_authtoken]
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} auth_uri = {{ keystone_public_url }}
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_url = {{ keystone_admin_url }}
auth_type = password auth_type = password
project_domain_id = default project_domain_id = default
user_domain_id = default user_domain_id = default
@ -32,10 +36,17 @@ project_name = service
username = {{ glance_keystone_user }} username = {{ glance_keystone_user }}
password = {{ glance_keystone_password }} password = {{ glance_keystone_password }}
{# For Kolla-Ansible, generate the memcache servers based on the list of
memcached servers in the inventory and memcached_servers should be un-set.
For Kolla-Kubernetes, it is necessary to define the memcached_servers
variable in globals.yml to set it to the Kubernetes service for memcached. #}
memcache_security_strategy = ENCRYPT memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }} memcache_secret_key = {{ memcache_secret_key }}
{% if orchestration_engine == 'KUBERNETES' %}
memcache_servers = {{ memcached_servers }}
{% else %}
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
{%- endif %}
[paste_deploy] [paste_deploy]
flavor = keystone flavor = keystone

View File

@ -4,7 +4,7 @@ debug = {{ glance_logging_debug }}
# NOTE(elemoine) log_dir alone does not work for Glance # NOTE(elemoine) log_dir alone does not work for Glance
log_file = /var/log/kolla/glance/registry.log log_file = /var/log/kolla/glance/registry.log
bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} bind_host = {{ api_interface_address }}
bind_port = {{ glance_registry_port }} bind_port = {{ glance_registry_port }}
workers = {{ openstack_service_workers }} workers = {{ openstack_service_workers }}
@ -13,8 +13,8 @@ connection = mysql+pymysql://{{ glance_database_user }}:{{ glance_database_passw
max_retries = -1 max_retries = -1
[keystone_authtoken] [keystone_authtoken]
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} auth_uri = {{ keystone_public_url }}
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_url = {{ keystone_admin_url }}
auth_type = password auth_type = password
project_domain_id = default project_domain_id = default
user_domain_id = default user_domain_id = default
@ -22,10 +22,17 @@ project_name = service
username = {{ glance_keystone_user }} username = {{ glance_keystone_user }}
password = {{ glance_keystone_password }} password = {{ glance_keystone_password }}
{# For Kolla-Ansible, generate the memcache servers based on the list of
memcached servers in the inventory and memcached_servers should be un-set.
For Kolla-Kubernetes, it is necessary to define the memcached_servers
variable in globals.yml to set it to the Kubernetes service for memcached. #}
memcache_security_strategy = ENCRYPT memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }} memcache_secret_key = {{ memcache_secret_key }}
{% if orchestration_engine == 'KUBERNETES' %}
memcache_servers = {{ memcached_servers }}
{% else %}
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
{%- endif %}
[paste_deploy] [paste_deploy]
flavor = keystone flavor = keystone