diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 5ad218ab8d..9be48d7048 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -235,6 +235,8 @@ memcached_port: "11211" mistral_api_port: "8989" +monasca_api_port: "8070" + mongodb_port: "27017" mongodb_web_port: "28017" @@ -438,12 +440,12 @@ enable_horizon_vitrage: "{{ enable_vitrage | bool }}" enable_horizon_watcher: "{{ enable_watcher | bool }}" enable_horizon_zun: "{{ enable_zun | bool }}" enable_hyperv: "no" -enable_influxdb: "no" +enable_influxdb: "{{ enable_monasca | bool }}" enable_ironic: "no" enable_ironic_pxe_uefi: "no" enable_iscsid: "{{ (enable_cinder | bool and enable_cinder_backend_iscsi | bool) or enable_ironic | bool }}" enable_karbor: "no" -enable_kafka: "no" +enable_kafka: "{{ enable_monasca | bool }}" enable_kuryr: "no" enable_magnum: "no" enable_manila: "no" @@ -452,6 +454,7 @@ enable_manila_backend_hnas: "no" enable_manila_backend_cephfs_native: "no" enable_manila_backend_cephfs_nfs: "no" enable_mistral: "no" +enable_monasca: "no" enable_mongodb: "no" enable_multipathd: "no" enable_murano: "no" diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one index 89ef1c8a21..042f0caa74 100644 --- a/ansible/inventory/all-in-one +++ b/ansible/inventory/all-in-one @@ -100,6 +100,9 @@ control [qdrouterd:children] control +[monasca:children] +monitoring + [mongodb:children] control @@ -433,6 +436,10 @@ murano [murano-engine:children] murano +# Monasca +[monasca-api:children] +monasca + # Ironic [ironic-api:children] ironic diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode index b19f84a02b..58e02990d0 100644 --- a/ansible/inventory/multinode +++ b/ansible/inventory/multinode @@ -122,6 +122,9 @@ control [qdrouterd:children] control +[monasca:children] +monitoring + [mongodb:children] control @@ -442,6 +445,10 @@ murano [murano-engine:children] murano +# Monasca +[monasca-api:children] +monasca + # Ironic [ironic-api:children] ironic diff --git a/ansible/roles/common/tasks/config.yml b/ansible/roles/common/tasks/config.yml index bc5ec7d9f5..cd95eec6a1 100644 --- a/ansible/roles/common/tasks/config.yml +++ b/ansible/roles/common/tasks/config.yml @@ -204,6 +204,7 @@ - { name: "manila", enabled: "{{ enable_manila }}" } - { name: "mariadb", enabled: "{{ enable_mariadb }}" } - { name: "mistral", enabled: "{{ enable_mistral }}" } + - { name: "monasca", enabled: "{{ enable_monasca }}" } - { name: "mongodb", enabled: "{{ enable_mongodb }}" } - { name: "murano", enabled: "{{ enable_murano }}" } - { name: "neutron", enabled: "{{ enable_neutron }}" } diff --git a/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 b/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 index 4179bd1d81..e5e5c76d71 100644 --- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 +++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 @@ -1,7 +1,7 @@ @type rewrite_tag_filter capitalize_regex_backreference yes - rewriterule1 programname ^(cinder-api-access|cloudkitty-api-access|gnocchi-api-access|horizon-access|keystone-apache-admin-access|keystone-apache-public-access|placement-api-access|panko-api-access)$ apache_access + rewriterule1 programname ^(cinder-api-access|cloudkitty-api-access|gnocchi-api-access|horizon-access|keystone-apache-admin-access|keystone-apache-public-access|monasca-api-access|placement-api-access|panko-api-access)$ apache_access rewriterule2 programname ^(aodh_wsgi_access|barbican-api|zun_api_wsgi_access|vitrage_wsgi_access)$ wsgi_access rewriterule3 programname ^(nova-api|nova-compute|nova-compute-ironic|nova-conductor|nova-consoleauth|nova-manage|nova-novncproxy|nova-scheduler|nova-placement-api|placement-api|privsep-helper)$ openstack_python rewriterule4 programname ^(sahara-api|sahara-engine)$ openstack_python diff --git a/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 b/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 index 4316c28905..e1cf581c79 100644 --- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 +++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 @@ -3,7 +3,7 @@ capitalize_regex_backreference yes key programname - pattern ^(cinder-api-access|cloudkitty-api-access|gnocchi-api-access|horizon-access|keystone-apache-admin-access|keystone-apache-public-access|placement-api-access|panko-api-access)$ + pattern ^(cinder-api-access|cloudkitty-api-access|gnocchi-api-access|horizon-access|keystone-apache-admin-access|keystone-apache-public-access|monasca-api-access|placement-api-access|panko-api-access)$ tag apache_access diff --git a/ansible/roles/common/templates/conf/input/00-global.conf.j2 b/ansible/roles/common/templates/conf/input/00-global.conf.j2 index cd1e4ac173..448478bd5a 100644 --- a/ansible/roles/common/templates/conf/input/00-global.conf.j2 +++ b/ansible/roles/common/templates/conf/input/00-global.conf.j2 @@ -21,6 +21,7 @@ ( 'magnum', enable_magnum ), ( 'manila', enable_manila ), ( 'mistral', enable_mistral ), + ( 'monasca', enable_monasca ), ( 'mongodb', enable_mongodb ), ( 'murano', enable_murano ), ( 'neutron', enable_neutron ), diff --git a/ansible/roles/common/templates/cron-logrotate-monasca.conf.j2 b/ansible/roles/common/templates/cron-logrotate-monasca.conf.j2 new file mode 100644 index 0000000000..6f0f5ea573 --- /dev/null +++ b/ansible/roles/common/templates/cron-logrotate-monasca.conf.j2 @@ -0,0 +1,3 @@ +"/var/log/kolla/monasca/*.log" +{ +} diff --git a/ansible/roles/common/templates/cron.json.j2 b/ansible/roles/common/templates/cron.json.j2 index 3ee2fb0c54..eca7cf76ad 100644 --- a/ansible/roles/common/templates/cron.json.j2 +++ b/ansible/roles/common/templates/cron.json.j2 @@ -34,6 +34,7 @@ ( 'manila', enable_manila ), ( 'mariadb', enable_mariadb ), ( 'mistral', enable_mistral ), + ( 'monasca', enable_monasca ), ( 'mongodb', enable_mongodb ), ( 'murano', enable_murano ), ( 'neutron', enable_neutron ), diff --git a/ansible/roles/haproxy/templates/haproxy.cfg.j2 b/ansible/roles/haproxy/templates/haproxy.cfg.j2 index 1eefd9d0fa..1da33c008f 100644 --- a/ansible/roles/haproxy/templates/haproxy.cfg.j2 +++ b/ansible/roles/haproxy/templates/haproxy.cfg.j2 @@ -167,6 +167,25 @@ listen influxdb_http {% endfor %} {% endif %} +{% if enable_monasca | bool %} +listen monasca_api_internal + bind {{ kolla_internal_vip_address }}:{{ monasca_api_port }} + http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for host in groups['monasca-api'] %} + server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ monasca_api_port }} check inter 2000 rise 2 fall 5 +{% endfor %} + +{% if haproxy_enable_external_vip | bool %} +listen monasca_api_external + bind {{ kolla_external_vip_address }}:{{ monasca_api_port }} {{ tls_bind_info }} + http-request del-header X-Forwarded-Proto if { ssl_fc } + http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for host in groups['monasca-api'] %} + server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ monasca_api_port }} check inter 2000 rise 2 fall 5 +{% endfor %} +{% endif %} +{% endif %} + {% if enable_nova | bool %} listen nova_api bind {{ kolla_internal_vip_address }}:{{ nova_api_port }} diff --git a/ansible/roles/monasca/defaults/main.yml b/ansible/roles/monasca/defaults/main.yml new file mode 100644 index 0000000000..593aad2562 --- /dev/null +++ b/ansible/roles/monasca/defaults/main.yml @@ -0,0 +1,59 @@ +--- +monasca_services: + monasca-api: + container_name: monasca_api + group: monasca-api + enabled: true + image: "{{ monasca_api_image_full }}" + volumes: + - "{{ node_config_directory }}/monasca-api/:{{ container_config_directory }}/:ro" + - "/etc/localtime:/etc/localtime:ro" + - "kolla_logs:/var/log/kolla" + +#################### +# Databases +#################### +monasca_database_name: "monasca" +monasca_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}monasca{% endif %}" +monasca_database_address: "{{ database_address }}:{{ database_port }}" + +monasca_influxdb_name: "monasca" +monasca_influxdb_address: "{{ kolla_internal_fqdn }}" +monasca_influxdb_http_port: "{{ influxdb_http_port }}" + +#################### +# Monasca +#################### +monasca_kafka: "{% for host in groups['kafka'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ kafka_port }}{% if not loop.last %},{% endif %}{% endfor %}" +monasca_memcached_servers: "{% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}" + +#################### +# Docker +#################### +monasca_install_type: "{{ kolla_install_type }}" +monasca_tag: "{{ openstack_release }}" + +monasca_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ monasca_install_type }}-monasca-api" +monasca_api_tag: "{{ monasca_tag }}" +monasca_api_image_full: "{{ monasca_api_image }}:{{ monasca_api_tag }}" + +#################### +# OpenStack +#################### +monasca_openstack_auth: "{{ openstack_auth }}" + +monasca_keystone_user: "monasca" +monasca_default_authorized_roles: + - admin +monasca_read_only_authorized_roles: + - monasca-read-only-user +monasca_agent_authorized_roles: + - agent +monasca_delegate_authorized_roles: + - admin + +monasca_api_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ monasca_api_port }}/v2.0" +monasca_api_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ monasca_api_port }}/v2.0" +monasca_api_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ monasca_api_port }}/v2.0" + +monasca_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/monasca/handlers/main.yml b/ansible/roles/monasca/handlers/main.yml new file mode 100644 index 0000000000..df23d67399 --- /dev/null +++ b/ansible/roles/monasca/handlers/main.yml @@ -0,0 +1,21 @@ +--- +- name: Restart monasca-api container + vars: + service_name: "monasca-api" + service: "{{ monasca_services[service_name] }}" + config_json: "{{ monasca_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + monasca_api_container: "{{ check_monasca_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + kolla_docker: + action: "recreate_or_restart_container" + common_options: "{{ docker_common_options }}" + name: "{{ service.container_name }}" + image: "{{ service.image }}" + volumes: "{{ service.volumes }}" + when: + - kolla_action != "config" + - inventory_hostname in groups[service.group] + - service.enabled | bool + - config_json.changed | bool + or monasca_api_confs.changed | bool + or monasca_api_wsgi_confs.changed | bool + or monasca_api_container.changed | bool diff --git a/ansible/roles/monasca/meta/main.yml b/ansible/roles/monasca/meta/main.yml new file mode 100644 index 0000000000..6b4fff8fef --- /dev/null +++ b/ansible/roles/monasca/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - { role: common } diff --git a/ansible/roles/monasca/tasks/bootstrap.yml b/ansible/roles/monasca/tasks/bootstrap.yml new file mode 100644 index 0000000000..b8733b5e04 --- /dev/null +++ b/ansible/roles/monasca/tasks/bootstrap.yml @@ -0,0 +1,51 @@ +--- +- name: Creating monasca database + kolla_toolbox: + module_name: mysql_db + module_args: + login_host: "{{ database_address }}" + login_port: "{{ database_port }}" + login_user: "{{ database_user }}" + login_password: "{{ database_password }}" + name: "{{ monasca_database_name }}" + register: database + run_once: True + delegate_to: "{{ groups['monasca-api'][0] }}" + when: + - not use_preconfigured_databases | bool + +- name: Creating monasca database user and setting permissions + kolla_toolbox: + module_name: mysql_user + module_args: + login_host: "{{ database_address }}" + login_port: "{{ database_port }}" + login_user: "{{ database_user }}" + login_password: "{{ database_password }}" + name: "{{ monasca_database_user }}" + password: "{{ monasca_database_password }}" + host: "%" + priv: "{{ monasca_database_name }}.*:ALL" + append_privs: "yes" + run_once: True + delegate_to: "{{ groups['monasca-api'][0] }}" + when: + - not use_preconfigured_databases | bool + - database.changed + +- include: bootstrap_service.yml + when: database.changed or use_preconfigured_databases | bool + +- name: Creating monasca influxdb database + kolla_toolbox: + module_name: influxdb_database + module_args: + hostname: "{{ monasca_influxdb_address }}" + port: "{{ monasca_influxdb_http_port }}" + database_name: "{{ monasca_influxdb_name }}" + run_once: True + delegate_to: "{{ groups['monasca-api'][0] }}" + +# NOTE(dszumski): The Monasca APIs write logs and messages to Kafka. Since +# Kafka has automatic topic generation enabled by default we don't need to +# create topics here. diff --git a/ansible/roles/monasca/tasks/bootstrap_service.yml b/ansible/roles/monasca/tasks/bootstrap_service.yml new file mode 100644 index 0000000000..bed466e55b --- /dev/null +++ b/ansible/roles/monasca/tasks/bootstrap_service.yml @@ -0,0 +1,24 @@ +--- +- name: Running monasca bootstrap container + vars: + monasca_api: "{{ monasca_services['monasca-api'] }}" + kolla_docker: + action: "start_container" + common_options: "{{ docker_common_options }}" + detach: False + environment: + KOLLA_BOOTSTRAP: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + MONASCA_DATABASE_ADDRESS: "{{ database_address }}" + MONASCA_DATABASE_PORT: "{{ database_port }}" + MONASCA_DATABASE_USER: "{{ monasca_database_user }}" + MONASCA_DATABASE_PASSWORD: "{{ monasca_database_password }}" + MONASCA_DATABASE_NAME: "{{ monasca_database_name }}" + image: "{{ monasca_api.image }}" + labels: + BOOTSTRAP: + name: "bootstrap_monasca" + restart_policy: "never" + volumes: "{{ monasca_api.volumes }}" + run_once: True + delegate_to: "{{ groups[monasca_api.group][0] }}" diff --git a/ansible/roles/monasca/tasks/check.yml b/ansible/roles/monasca/tasks/check.yml new file mode 100644 index 0000000000..ed97d539c0 --- /dev/null +++ b/ansible/roles/monasca/tasks/check.yml @@ -0,0 +1 @@ +--- diff --git a/ansible/roles/monasca/tasks/config.yml b/ansible/roles/monasca/tasks/config.yml new file mode 100644 index 0000000000..70343d98ca --- /dev/null +++ b/ansible/roles/monasca/tasks/config.yml @@ -0,0 +1,80 @@ +--- +- name: Ensuring config directories exist + file: + path: "{{ node_config_directory }}/{{ item.key }}" + state: "directory" + owner: "{{ config_owner_user }}" + group: "{{ config_owner_group }}" + mode: "0770" + recurse: yes + become: true + when: + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ monasca_services }}" + +- name: Copying over config.json files for services + template: + src: "{{ item.key }}/{{ item.key }}.json.j2" + dest: "{{ node_config_directory }}/{{ item.key }}/config.json" + mode: "0660" + become: true + register: monasca_config_jsons + when: + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ monasca_services }}" + notify: + - Restart monasca-api container + +- name: Copying over monasca-api config + vars: + service: "{{ monasca_services['monasca-api'] }}" + merge_configs: + sources: + - "{{ role_path }}/templates/monasca-api/{{ item }}.j2" + - "{{ node_custom_config }}/monasca/{{ item }}" + - "{{ node_custom_config }}/monasca/{{ inventory_hostname }}/{{ item }}" + dest: "{{ node_config_directory }}/monasca-api/{{ item }}" + mode: "0660" + become: true + register: monasca_api_confs + with_items: + - api-config.conf + - api-config.ini + when: + - inventory_hostname in groups[service['group']] + - service.enabled | bool + notify: + - Restart monasca-api container + +- name: Copying over monasca-api wsgi config + vars: + service: "{{ monasca_services['monasca-api'] }}" + template: + src: "{{ role_path }}/templates/monasca-api/wsgi-api.conf.j2" + dest: "{{ node_config_directory }}/monasca-api/wsgi-api.conf" + mode: "0660" + become: true + register: monasca_api_wsgi_confs + when: + - inventory_hostname in groups[service['group']] + - service.enabled | bool + notify: + - Restart monasca-api container + +- name: Check monasca containers + kolla_docker: + action: "compare_container" + common_options: "{{ docker_common_options }}" + name: "{{ item.value.container_name }}" + image: "{{ item.value.image }}" + volumes: "{{ item.value.volumes }}" + register: check_monasca_containers + when: + - kolla_action != "config" + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ monasca_services }}" + notify: + - Restart monasca-api container diff --git a/ansible/roles/monasca/tasks/deploy.yml b/ansible/roles/monasca/tasks/deploy.yml new file mode 100644 index 0000000000..9eb3e1c6bf --- /dev/null +++ b/ansible/roles/monasca/tasks/deploy.yml @@ -0,0 +1,15 @@ +--- +- include: register.yml + when: inventory_hostname in groups['monasca-api'] + +- include: config.yml + when: inventory_hostname in groups['monasca-api'] + +- include: bootstrap.yml + when: inventory_hostname in groups['monasca-api'] + +- name: Flush handlers + meta: flush_handlers + +- include: check.yml + when: inventory_hostname in groups['monasca-api'] diff --git a/ansible/roles/monasca/tasks/main.yml b/ansible/roles/monasca/tasks/main.yml new file mode 100644 index 0000000000..49a33b8492 --- /dev/null +++ b/ansible/roles/monasca/tasks/main.yml @@ -0,0 +1,2 @@ +--- +- include: "{{ kolla_action }}.yml" diff --git a/ansible/roles/monasca/tasks/precheck.yml b/ansible/roles/monasca/tasks/precheck.yml new file mode 100644 index 0000000000..0b18498032 --- /dev/null +++ b/ansible/roles/monasca/tasks/precheck.yml @@ -0,0 +1,16 @@ +--- +- name: Get container facts + kolla_container_facts: + name: "{{ monasca_services.values()|map(attribute='container_name')|list }}" + register: container_facts + +- name: Checking free port for monasca-api + wait_for: + host: "{{ api_interface_address }}" + port: "{{ monasca_api_port }}" + connect_timeout: 1 + timeout: 1 + state: stopped + when: + - inventory_hostname in groups[monasca_services['monasca-api']['group']] + - container_facts['monasca_api'] is not defined diff --git a/ansible/roles/monasca/tasks/pull.yml b/ansible/roles/monasca/tasks/pull.yml new file mode 100644 index 0000000000..dae0055cbf --- /dev/null +++ b/ansible/roles/monasca/tasks/pull.yml @@ -0,0 +1,10 @@ +--- +- name: Pulling monasca images + kolla_docker: + action: "pull_image" + common_options: "{{ docker_common_options }}" + image: "{{ item.value.image }}" + when: + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ monasca_services }}" diff --git a/ansible/roles/monasca/tasks/reconfigure.yml b/ansible/roles/monasca/tasks/reconfigure.yml new file mode 100644 index 0000000000..e078ef1318 --- /dev/null +++ b/ansible/roles/monasca/tasks/reconfigure.yml @@ -0,0 +1,2 @@ +--- +- include: deploy.yml diff --git a/ansible/roles/monasca/tasks/register.yml b/ansible/roles/monasca/tasks/register.yml new file mode 100644 index 0000000000..d55b54ecd1 --- /dev/null +++ b/ansible/roles/monasca/tasks/register.yml @@ -0,0 +1,44 @@ +--- +- name: Creating monasca-api service and endpoints + kolla_toolbox: + module_name: "kolla_keystone_service" + module_args: + service_name: "monasca-api" + service_type: "monitoring" + description: "Monasca monitoring as a service" + endpoint_region: "{{ openstack_region_name }}" + url: "{{ item.url }}" + interface: "{{ item.interface }}" + region_name: "{{ openstack_region_name }}" + auth: "{{ monasca_openstack_auth }}" + run_once: True + with_items: + - {'interface': 'admin', 'url': '{{ monasca_api_admin_endpoint }}'} + - {'interface': 'internal', 'url': '{{ monasca_api_internal_endpoint }}'} + - {'interface': 'public', 'url': '{{ monasca_api_public_endpoint }}'} + +- name: Creating the monasca keystone user + kolla_toolbox: + module_name: "kolla_keystone_user" + module_args: + project: "service" + user: "{{ monasca_keystone_user }}" + password: "{{ monasca_keystone_password }}" + role: "admin" + region_name: "{{ openstack_region_name }}" + auth: "{{ '{{ monasca_openstack_auth }}' }}" + run_once: True + +- name: Creating monasca roles + kolla_toolbox: + module_name: os_keystone_role + module_args: + name: "{{ item }}" + region_name: "{{ openstack_region_name }}" + auth: "{{ monasca_openstack_auth }}" + run_once: True + with_items: + - "{{ monasca_default_authorized_roles }}" + - "{{ monasca_agent_authorized_roles }}" + - "{{ monasca_read_only_authorized_roles }}" + - "{{ monasca_delegate_authorized_roles }}" diff --git a/ansible/roles/monasca/tasks/upgrade.yml b/ansible/roles/monasca/tasks/upgrade.yml new file mode 100644 index 0000000000..dd26ecc34d --- /dev/null +++ b/ansible/roles/monasca/tasks/upgrade.yml @@ -0,0 +1,5 @@ +--- +- include: config.yml + +- name: Flush handlers + meta: flush_handlers diff --git a/ansible/roles/monasca/templates/monasca-api/api-config.conf.j2 b/ansible/roles/monasca/templates/monasca-api/api-config.conf.j2 new file mode 100644 index 0000000000..d05e38f961 --- /dev/null +++ b/ansible/roles/monasca/templates/monasca-api/api-config.conf.j2 @@ -0,0 +1,59 @@ +[DEFAULT] +log_file = monasca-api.log +log_dir = /var/log/kolla/monasca +debug = {{ monasca_logging_debug }} +region = {{ openstack_region_name }} + +[database] +database = {{ monasca_database_name }} +connection = mysql+pymysql://{{ monasca_database_user }}:{{ monasca_database_password }}@{{ monasca_database_address }}/{{ monasca_database_name }} + +[influxdb] +database_name = {{ monasca_influxdb_name }} +ip_address = {{ monasca_influxdb_address }} +port = {{ monasca_influxdb_http_port }} + +[kafka] +partitions = 0 +uri = {{ monasca_kafka }} + +[messaging] +driver = monasca_api.common.messaging.kafka_publisher:KafkaPublisher + +[security] +default_authorized_roles = {{ monasca_default_authorized_roles|join(', ') }} +agent_authorized_roles = {{ monasca_agent_authorized_roles|join(', ') }} +read_only_authorized_roles = {{ monasca_read_only_authorized_roles|join(', ') }} +delegate_authorized_roles = {{ monasca_delegate_authorized_roles|join(', ') }} + +[keystone_authtoken] +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} +auth_type = password +project_domain_id = {{ default_project_domain_id }} +user_domain_id = {{ default_user_domain_id }} +project_name = service +username = {{ monasca_keystone_user }} +password = {{ monasca_keystone_password }} +service_token_roles_required=True + +memcache_security_strategy = ENCRYPT +memcache_secret_key = {{ memcache_secret_key }} +memcached_servers = {{ monasca_memcached_servers }} + +[dispatcher] +versions = monasca_api.v2.reference.versions:Versions +version_2_0 = monasca_api.v2.reference.version_2_0:Version2 +metrics = monasca_api.v2.reference.metrics:Metrics +metrics_measurements = monasca_api.v2.reference.metrics:MetricsMeasurements +metrics_statistics = monasca_api.v2.reference.metrics:MetricsStatistics +metrics_names = monasca_api.v2.reference.metrics:MetricsNames +alarm_definitions = monasca_api.v2.reference.alarm_definitions:AlarmDefinitions +alarms = monasca_api.v2.reference.alarms:Alarms +alarms_count = monasca_api.v2.reference.alarms:AlarmsCount +alarms_state_history = monasca_api.v2.reference.alarms:AlarmsStateHistory +notification_methods = monasca_api.v2.reference.notifications:Notifications +dimension_values = monasca_api.v2.reference.metrics:DimensionValues +dimension_names = monasca_api.v2.reference.metrics:DimensionNames +notification_method_types = monasca_api.v2.reference.notificationstype:NotificationsType +healthchecks = monasca_api.healthchecks:HealthChecks diff --git a/ansible/roles/monasca/templates/monasca-api/api-config.ini.j2 b/ansible/roles/monasca/templates/monasca-api/api-config.ini.j2 new file mode 100644 index 0000000000..6ac702a4cd --- /dev/null +++ b/ansible/roles/monasca/templates/monasca-api/api-config.ini.j2 @@ -0,0 +1,14 @@ +[DEFAULT] +name = monasca_api + +[pipeline:main] +pipeline = request_id auth api + +[app:api] +paste.app_factory = monasca_api.api.server:launch + +[filter:auth] +paste.filter_factory = monasca_api.healthcheck.keystone_protocol:filter_factory + +[filter:request_id] +paste.filter_factory = oslo_middleware.request_id:RequestId.factory diff --git a/ansible/roles/monasca/templates/monasca-api/monasca-api.json.j2 b/ansible/roles/monasca/templates/monasca-api/monasca-api.json.j2 new file mode 100644 index 0000000000..66dcce588a --- /dev/null +++ b/ansible/roles/monasca/templates/monasca-api/monasca-api.json.j2 @@ -0,0 +1,32 @@ +{% set monasca_cmd = 'apache2' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd' %} +{% set wsgi_conf_dir = 'apache2/conf-enabled' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd/conf.d' %} +{ + "command": "/usr/sbin/{{ monasca_cmd }} -DFOREGROUND", + "config_files": [ + { + "source": "{{ container_config_directory }}/api-config.conf", + "dest": "/etc/monasca/api-config.conf", + "owner": "monasca", + "perm": "0600" + }, + { + "source": "{{ container_config_directory }}/api-config.ini", + "dest": "/etc/monasca/api-config.ini", + "owner": "monasca", + "perm": "0600" + }, + { + "source": "{{ container_config_directory }}/wsgi-api.conf", + "dest": "/etc/{{ wsgi_conf_dir }}/wsgi-config.conf", + "owner": "monasca", + "perm": "0600" + } + ], + "permissions": [ + { + "path": "/var/log/kolla/monasca", + "owner": "monasca:kolla", + "recurse": true + } + ] +} diff --git a/ansible/roles/monasca/templates/monasca-api/wsgi-api.conf.j2 b/ansible/roles/monasca/templates/monasca-api/wsgi-api.conf.j2 new file mode 100644 index 0000000000..99b20a54dc --- /dev/null +++ b/ansible/roles/monasca/templates/monasca-api/wsgi-api.conf.j2 @@ -0,0 +1,24 @@ +{% set python_path = '/usr/lib/python2.7/site-packages' if kolla_install_type == 'binary' else '/var/lib/kolla/venv/lib/python2.7/site-packages' %} +{% set wsgi_path = '/usr/bin' if monasca_install_type == 'binary' else '/monasca-api/monasca_api/api' %} + +Listen {{ api_interface_address }}:{{ monasca_api_port }} + +TraceEnable off + + + + ErrorLog "/var/log/kolla/monasca/monasca-api-error.log" + LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b %D \"%{Referer}i\" \"%{User-Agent}i\"" logformat + CustomLog "/var/log/kolla/monasca/monasca-api-access.log" logformat + WSGIApplicationGroup %{GLOBAL} + WSGIDaemonProcess monasca-api group=monasca processes={{ openstack_service_workers }} threads=1 user=monasca python-path={{ python_path }} + WSGIProcessGroup monasca-api + WSGIScriptAlias / {{ wsgi_path }}/wsgi.py + WSGIPassAuthorization On + SetEnv no-gzip 1 + + + Require all granted + + + diff --git a/ansible/site.yml b/ansible/site.yml index 2ec6cec9d9..842cd9b0bb 100644 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -546,6 +546,15 @@ tags: ceilometer, when: enable_ceilometer | bool } +- name: Apply role monasca + gather_facts: false + hosts: monasca + serial: '{{ kolla_serial|default("0") }}' + roles: + - { role: monasca, + tags: monasca, + when: enable_monasca | bool } + - name: Apply role aodh gather_facts: false hosts: diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index d0a78c7a5b..aec0a4fd51 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -200,6 +200,7 @@ kolla_internal_vip_address: "10.10.10.254" #enable_manila_backend_cephfs_native: "no" #enable_manila_backend_cephfs_nfs: "no" #enable_mistral: "no" +#enable_monasca: "no" #enable_mongodb: "no" #enable_murano: "no" #enable_multipathd: "no" diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml index 0094a156c9..34867c9af2 100644 --- a/etc/kolla/passwords.yml +++ b/etc/kolla/passwords.yml @@ -122,6 +122,9 @@ murano_database_password: murano_keystone_password: murano_agent_rabbitmq_password: +monasca_database_password: +monasca_keystone_password: + ironic_database_password: ironic_keystone_password: diff --git a/releasenotes/notes/add-monasca-api-eb536dd5a6d77563.yaml b/releasenotes/notes/add-monasca-api-eb536dd5a6d77563.yaml new file mode 100644 index 0000000000..1c0041749c --- /dev/null +++ b/releasenotes/notes/add-monasca-api-eb536dd5a6d77563.yaml @@ -0,0 +1,5 @@ +--- +features: + - Add a role for deploying the Monasca API which forms part of the + Monasca distributed monitoring and logging as a service platform. + See https://wiki.openstack.org/wiki/Monasca for more details.