Add freezer ansible role

Co-Authored-By: caoyuan <cao.yuan@99cloud.net>
Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>

Change-Id: I419f7ceb219ea9643cfd225c130018f967ddd860
Partially-implements: bp freezer-ansible-role
This commit is contained in:
caowei 2017-01-19 18:42:12 +08:00 committed by zhubingbing
parent 69cc2489f3
commit 9c82ed8071
27 changed files with 426 additions and 3 deletions

View File

@ -129,6 +129,8 @@ designate_bind_port: "53"
designate_mdns_port: "5354"
designate_rndc_port: "953"
freezer_api_port: "9090"
iscsi_port: "3260"
gnocchi_api_port: "8041"
@ -287,6 +289,7 @@ enable_cloudkitty: "no"
enable_congress: "no"
enable_designate: "no"
enable_etcd: "no"
enable_freezer: "no"
enable_gnocchi: "no"
enable_grafana: "no"
enable_heat: "yes"
@ -360,7 +363,7 @@ enable_destroy_images: "no"
elasticsearch_address: "{{ kolla_internal_vip_address }}"
elasticsearch_protocol: "{{ internal_protocol }}"
enable_elasticsearch: "{{ 'yes' if enable_central_logging | bool else 'no' }}"
enable_elasticsearch: "{{ 'yes' if enable_central_logging | bool or enable_freezer | bool else 'no' }}"
enable_kibana: "{{ 'yes' if enable_central_logging | bool else 'no' }}"
####################

View File

@ -75,6 +75,9 @@ control
[cloudkitty:children]
control
[freezer:children]
control
[memcached:children]
control
@ -248,6 +251,10 @@ cloudkitty
[cloudkitty-processor:children]
cloudkitty
# Freezer
[freezer-api:children]
freezer
# iSCSI
[iscsid:children]
compute

View File

@ -94,6 +94,9 @@ control
[cloudkitty:children]
control
[freezer:children]
control
[memcached:children]
control
@ -264,6 +267,10 @@ cloudkitty
[cloudkitty-processor:children]
cloudkitty
# Freezer
[freezer-api:children]
freezer
# iSCSI
[iscsid:children]
compute

View File

@ -78,6 +78,7 @@
- { name: "cloudkitty", enabled: "{{ enable_cloudkitty }}" }
- { name: "designate", enabled: "{{ enable_designate }}" }
- { name: "elasticsearch", enabled: "{{ enable_elasticsearch }}" }
- { name: "freezer", enabled: "{{ enable_freezer }}" }
- { name: "glance", enabled: "{{ enable_glance }}" }
- { name: "global", enabled: "yes" }
- { name: "gnocchi", enabled: "{{ enable_gnocchi }}" }

View File

@ -0,0 +1,3 @@
"/var/log/kolla/freezer/*.log"
{
}

View File

@ -8,6 +8,7 @@
( 'cloudkitty', enable_cloudkitty ),
( 'designate', enable_designate ),
( 'elasticsearch', enable_elasticsearch ),
( 'freezer', enable_freezer ),
( 'glance', enable_glance ),
( 'gnocchi', enable_gnocchi ),
( 'grafana', enable_grafana ),

View File

@ -0,0 +1,44 @@
---
project_name: "freezer"
freezer_services:
freezer-api:
container_name: freezer_api
group: freezer-api
enabled: true
image: "{{ freezer_api_image_full }}"
volumes:
- "{{ node_config_directory }}/freezer-api/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "freezer:/var/lib/freezer/"
- "kolla_logs:/var/log/kolla/"
####################
# Database
####################
freezer_database_name: "freezer"
freezer_database_user: "freezer"
freezer_database_address: "{{ kolla_internal_fqdn }}:{{ database_port }}"
####################
# Docker
####################
freezer_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-freezer-api"
freezer_api_tag: "{{ openstack_release }}"
freezer_api_image_full: "{{ freezer_api_image }}:{{ freezer_api_tag }}"
####################
# OpenStack
####################
freezer_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ freezer_api_port }}"
freezer_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ freezer_api_port }}"
freezer_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ freezer_api_port }}"
freezer_logging_debug: "{{ openstack_logging_debug }}"
freezer_keystone_user: "freezer"
openstack_freezer_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"

View File

@ -0,0 +1,24 @@
---
- name: Restart freezer-api container
vars:
service_name: "freezer-api"
service: "{{ freezer_services[service_name] }}"
config_json: "{{ freezer_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
freezer_conf: "{{ freezer_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ freezer_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
freezer_api_container: "{{ check_freezer_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
common_options: "{{ docker_common_options }}"
name: "{{ service.container_name }}"
image: "{{ service.image }}"
volumes: "{{ service.volumes }}"
when:
- action != "config"
- inventory_hostname in groups[service.group]
- service.enabled | bool
- config_json.changed | bool
or wsgi_freezer_api.changed | bool
or freezer_conf.changed | bool
or policy_json.changed | bool
or freezer_api_container.changed | bool

View File

@ -0,0 +1,3 @@
---
dependencies:
- { role: common }

View File

@ -0,0 +1,19 @@
---
- name: Running Freezer bootstrap container
vars:
freezer_api: "{{ freezer_services['freezer-api'] }}"
kolla_docker:
action: "start_container"
common_options: "{{ docker_common_options }}"
detach: False
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
image: "{{ freezer_api.image }}"
labels:
BOOTSTRAP:
name: "bootstrap_freezer"
restart_policy: "never"
volumes: "{{ freezer_api.volumes }}"
run_once: True
delegate_to: "{{ groups[freezer_api.group][0] }}"

View File

@ -0,0 +1,88 @@
---
- name: Ensuring config directories exist
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
recurse: yes
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ freezer_services }}"
- name: Copying over config.json files for services
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
register: freezer_config_jsons
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ freezer_services }}"
notify:
- Restart freezer-api container
- name: Copying over wsgi-freezer-api.conf
template:
src: "wsgi-freezer-api.conf.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/wsgi-freezer-api.conf"
register: wsgi_freezer_api
when:
- inventory_hostname in groups[item.value.group]
- service.enabled | bool
with_dict: "{{ freezer_services }}"
notify:
- Restart freezer-api container
- name: Copying over freezer-api.conf
merge_configs:
vars:
service_name: "{{ item.key }}"
sources:
- "{{ role_path }}/templates/freezer-api.conf.j2"
- "{{ node_config_directory }}/global.conf"
- "{{ node_config_directory }}/database.conf"
- "{{ node_config_directory }}/messaging.conf"
- "{{ node_config_directory }}/freezer.conf"
- "{{ node_custom_config }}/freezer/{{ item.key }}.conf"
- "{{ node_custom_config }}/freezer/{{ inventory_hostname }}/{{ item.key }}.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/freezer-api.conf"
register: freezer_confs
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ freezer_services }}"
notify:
- Restart freezer-api container
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_config_directory }}/freezer/policy.json"
register: freezer_policy
- name: Copying over existing policy.json
template:
src: "{{ node_config_directory }}/freezer/policy.json"
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
register: freezer_policy_jsons
when:
- freezer_policy.stat.exists
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ freezer_services }}"
notify:
- Restart freezer-api container
- name: Check freezer containers
kolla_docker:
action: "compare_container"
common_options: "{{ docker_common_options }}"
name: "{{ item.value.container_name }}"
image: "{{ item.value.image }}"
volumes: "{{ item.value.volumes }}"
register: check_freezer_containers
when:
- action != "config"
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ freezer_services }}"
notify:
- Restart freezer-api container

View File

@ -0,0 +1,9 @@
---
- include: register.yml
- include: config.yml
- include: bootstrap_service.yml
- name: Flush handlers
meta: flush_handlers

View File

@ -0,0 +1,2 @@
---
- include: "{{ action }}.yml"

View File

@ -0,0 +1,15 @@
---
- name: Get container facts
kolla_container_facts:
name: "{{ freezer_services.keys() }}"
register: container_facts
- name: Checking free port for Freezer API
wait_for:
host: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}"
port: "{{ freezer_api_port }}"
connect_timeout: 1
state: stopped
when:
- inventory_hostname in groups[freezer_services['freezer-api']['group']]
- container_facts['freezer_api'] is not defined

View File

@ -0,0 +1,10 @@
---
- name: Pulling freezer image
kolla_docker:
action: "pull_image"
common_options: "{{ docker_common_options }}"
image: "{{ item.value.image }}"
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ freezer_services }}"

View File

@ -0,0 +1,2 @@
---
- include: deploy.yml

View File

@ -0,0 +1,42 @@
---
- name: Creating the freezer service and endpoint
kolla_toolbox:
module_name: kolla_keystone_service
module_args:
service_name: freezer
service_type: backup-service
description: 'Openstack Freezer Backup Service'
endpoint_region: "{{ openstack_region_name }}"
url: "{{ item.url }}"
interface: "{{ item.interface }}"
region_name: "{{ openstack_region_name }}"
auth: "{{ '{{ openstack_freezer_auth }}' }}"
module_extra_vars:
openstack_freezer_auth: "{{ openstack_freezer_auth }}"
register: freezer_endpoint
until: freezer_endpoint|success
retries: 10
delay: 5
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ freezer_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ freezer_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ freezer_public_endpoint }}'}
- name: Creating the freezer project, user, and role
kolla_toolbox:
module_name: kolla_keystone_user
module_args:
project: service
user: freezer
password: "{{ freezer_keystone_password }}"
role: admin
region_name: "{{ openstack_region_name }}"
auth: "{{ '{{ openstack_freezer_auth }}' }}"
module_extra_vars:
openstack_freezer_auth: "{{ openstack_freezer_auth }}"
register: freezer_user
until: freezer_user|success
retries: 10
delay: 5
run_once: True

View File

@ -0,0 +1,7 @@
---
- include: config.yml
- include: bootstrap_service.yml
- name: Flush handlers
meta: flush_handlers

View File

@ -0,0 +1,37 @@
[DEFAULT]
debug = {{ freezer_logging_debug }}
log_dir = /var/log/kolla/freezer
{% if service_name == 'freezer-api' %}
bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
bind_port = {{ freezer_api_port }}
{% endif %}
transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
[keystone_authtoken]
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
auth_type = password
project_domain_id = default
user_domain_id = default
admin_tenant_name = service
admin_user = {{ freezer_keystone_user }}
admin_password = {{ freezer_keystone_password }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[paste_deploy]
config_file = /etc/freezer/freezer-paste.ini
[storage]
hosts = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ elasticsearch_port }}
number_of_replicas = 0
index = freezer
db = elasticsearch
[oslo_messaging_notifications]
driver = messagingv2

View File

@ -0,0 +1,33 @@
{% set apache_cmd = 'apache2' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd' %}
{% set apache_dir = 'apache2/conf-enabled' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd/conf.d' %}
{
"command": "{{ apache_cmd }} -DFOREGROUND",
"config_files": [
{
"source": "{{ container_config_directory }}/freezer-api.conf",
"dest": "/etc/freezer/freezer.conf",
"owner": "freezer",
"perm": "0600"
},
{
"source": "{{ container_config_directory }}/wsgi-freezer-api.conf",
"dest": "/etc/{{ apache_dir }}/wsgi-freezer.conf",
"owner": "freezer",
"perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/freezer/policy.json",
"owner": "freezer",
"perm": "0600",
"optional": true
}
],
"permissions": [
{
"path": "/var/log/kolla/freezer",
"owner": "freezer:freezer",
"recurse": true
}
]
}

View File

@ -0,0 +1,23 @@
{% set freezer_log_dir = '/var/log/kolla/freezer' %}
{% set python_path = '/usr/lib/python2.7/site-packages' if kolla_install_type == 'binary' else '/var/lib/kolla/venv/lib/python2.7/site-packages' %}
Listen {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ freezer_api_port }}
<VirtualHost *:{{ freezer_api_port }}>
WSGIDaemonProcess freezer-api processes={{ openstack_service_workers }} threads=1 user=freezer display-name=%{GROUP}
WSGIProcessGroup freezer-api
WSGIApplicationGroup freezer-api
WSGIScriptAlias / {{ python_path }}/freezer_api/cmd/wsgi.py
ErrorLog {{ freezer_log_dir }}/freezer-api.log
CustomLog {{ freezer_log_dir }}/freezer-api_access.log combined
LogLevel info
<Directory {{ python_path }}/freezer_api>
Options Indexes FollowSymLinks MultiViews
Require all granted
AllowOverride None
Order allow,deny
allow from all
LimitRequestBody 102400
</Directory>
</VirtualHost>

View File

@ -135,6 +135,17 @@
- "{{ 'gnocchi_api' not in haproxy_stat }}"
- inventory_hostname in groups['haproxy']
- name: Checking free port for Freezer API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ freezer_api_port }}"
connect_timeout: 1
state: stopped
when:
- enable_freezer | bool
- "{{ 'freezer_api' not in haproxy_stat }}"
- inventory_hostname in groups['haproxy']
- name: Checking free port for Grafana server HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"

View File

@ -391,6 +391,24 @@ listen karbor_api_external
{% endif %}
{% endif %}
{% if enable_freezer | bool %}
listen freezer_api
bind {{ kolla_internal_vip_address }}:{{ freezer_api_port }}
{% for host in groups['freezer-api'] %}
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ freezer_api_port }} check inter 2000 rise 2 fall 5
{% endfor %}
{% if haproxy_enable_external_vip | bool %}
listen freezer_api_external
bind {{ kolla_external_vip_address }}:{{ freezer_api_port }} {{ tls_bind_info }}
{% for host in groups['freezer-api'] %}
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ freezer_api_port }} check inter 2000 rise 2 fall 5
{% endfor %}
{% endif %}
{% endif %}
{% if enable_senlin | bool %}
listen senlin_api
bind {{ kolla_internal_vip_address }}:{{ senlin_api_port }}

View File

@ -502,6 +502,15 @@
tags: cloudkitty,
when: enable_cloudkitty | bool }
- name: Apply role freezer
hosts:
- freezer-api
serial: '{{ serial|default("0") }}'
roles:
- { role: freezer,
tags: freezer,
when: enable_freezer | bool }
- name: Apply role senlin
hosts:
- senlin-api

View File

@ -133,6 +133,7 @@ kolla_internal_vip_address: "10.10.10.254"
#enable_designate: "no"
#enable_destroy_images: "no"
#enable_etcd: "no"
#enable_freezer: "no"
#enable_gnocchi: "no"
#enable_grafana: "no"
#enable_heat: "yes"

View File

@ -62,6 +62,9 @@ cloudkitty_keystone_password:
panko_database_password:
panko_keystone_password:
freezer_database_password:
freezer_keystone_password:
sahara_database_password:
sahara_keystone_password:

View File

@ -1,3 +1,4 @@
---
features:
- Add freezer Dockerfile
- Freezer is a distributed backup restore and disaster recovery as a service platform
Add freezer ansible role