diff --git a/README.rst b/README.rst
index ac4117c3c7..881fe009f3 100644
--- a/README.rst
+++ b/README.rst
@@ -50,6 +50,7 @@ Kolla-Ansible deploys containers for the following OpenStack projects:
- `Cinder `__
- `CloudKitty `__
- `Congress `__
+- `Cyborg `__
- `Designate `__
- `Freezer `__
- `Glance `__
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 42a22f6226..a781b2ee63 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -204,6 +204,8 @@ cloudkitty_api_port: "8889"
collectd_udp_port: "25826"
+cyborg_api_port: "6666"
+
designate_internal_fqdn: "{{ kolla_internal_fqdn }}"
designate_external_fqdn: "{{ kolla_external_fqdn }}"
designate_api_port: "9001"
@@ -504,6 +506,7 @@ enable_cinder_backend_zfssa_iscsi: "no"
enable_cinder_backend_quobyte: "no"
enable_cloudkitty: "no"
enable_congress: "no"
+enable_cyborg: "no"
enable_designate: "no"
enable_etcd: "no"
enable_fluentd: "yes"
diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one
index 27b284220f..a4d453898d 100644
--- a/ansible/inventory/all-in-one
+++ b/ansible/inventory/all-in-one
@@ -187,6 +187,10 @@ control
[aodh:children]
control
+[cyborg:children]
+control
+compute
+
[congress:children]
control
@@ -549,6 +553,16 @@ aodh
[aodh-notifier:children]
aodh
+# Cyborg
+[cyborg-api:children]
+cyborg
+
+[cyborg-agent:children]
+compute
+
+[cyborg-conductor:children]
+cyborg
+
# Panko
[panko-api:children]
panko
diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode
index 2d84051537..8b42d9e4c9 100644
--- a/ansible/inventory/multinode
+++ b/ansible/inventory/multinode
@@ -200,6 +200,10 @@ control
[aodh:children]
control
+[cyborg:children]
+control
+compute
+
[congress:children]
control
@@ -575,6 +579,16 @@ aodh
[aodh-notifier:children]
aodh
+# Cyborg
+[cyborg-api:children]
+cyborg
+
+[cyborg-agent:children]
+compute
+
+[cyborg-conductor:children]
+cyborg
+
# Congress
[congress-api:children]
congress
diff --git a/ansible/roles/common/tasks/config.yml b/ansible/roles/common/tasks/config.yml
index 5a8eb174a7..fbca0316cf 100644
--- a/ansible/roles/common/tasks/config.yml
+++ b/ansible/roles/common/tasks/config.yml
@@ -228,6 +228,7 @@
- { name: "cloudkitty", enabled: "{{ enable_cloudkitty }}" }
- { name: "collectd", enabled: "{{ enable_collectd }}" }
- { name: "congress", enabled: "{{ enable_congress }}" }
+ - { name: "cyborg", enabled: "{{ enable_cyborg }}" }
- { name: "designate", enabled: "{{ enable_designate }}" }
- { name: "elasticsearch", enabled: "{{ enable_elasticsearch }}" }
- { name: "etcd", enabled: "{{ enable_etcd }}" }
diff --git a/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 b/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2
index 9c87d0d31e..5b579a503e 100644
--- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2
+++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2
@@ -33,4 +33,5 @@
rewriterule30 programname ^(tacker-server|tacker-conductor)$ openstack_python
rewriterule31 programname ^(vitrage-ml|vitrage-notifier|vitrage-graph)$ openstack_python
rewriterule32 programname ^(blazar-api|blazar-manager)$ openstack_python
+ rewriterule33 programname ^(cyborg-api|cyborg-conductor|cyborg-agent)$ openstack_python
diff --git a/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 b/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2
index 9672671dc0..f67f46d965 100644
--- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2
+++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2
@@ -66,6 +66,11 @@
pattern ^(aodh-notifier|aodh-listener|aodh-evaluator|aodh-dbsync)$
tag openstack_python
+
+ key programname
+ pattern ^(cyborg-api|cyborg-conductor|cyborg-agent)$
+ tag openstack_python
+
key programname
pattern ^(cinder-api|cinder-scheduler|cinder-manage|cinder-volume|cinder-backup|privsep-helper)$
diff --git a/ansible/roles/common/templates/conf/input/00-global.conf.j2 b/ansible/roles/common/templates/conf/input/00-global.conf.j2
index e8b048d192..16b70fdb83 100644
--- a/ansible/roles/common/templates/conf/input/00-global.conf.j2
+++ b/ansible/roles/common/templates/conf/input/00-global.conf.j2
@@ -7,6 +7,7 @@
( 'cinder', enable_cinder ),
( 'cloudkitty', enable_cloudkitty ),
( 'congress', enable_congress ),
+ ( 'cyborg', enable_cyborg ),
( 'designate', enable_designate ),
( 'freezer', enable_freezer ),
( 'glance', enable_glance ),
diff --git a/ansible/roles/common/templates/cron-logrotate-cyborg.conf.j2 b/ansible/roles/common/templates/cron-logrotate-cyborg.conf.j2
new file mode 100644
index 0000000000..d4f8b90214
--- /dev/null
+++ b/ansible/roles/common/templates/cron-logrotate-cyborg.conf.j2
@@ -0,0 +1,3 @@
+"/var/log/kolla/cyborg/*.log"
+{
+}
diff --git a/ansible/roles/common/templates/cron.json.j2 b/ansible/roles/common/templates/cron.json.j2
index fb74a575e3..91134cd5a9 100644
--- a/ansible/roles/common/templates/cron.json.j2
+++ b/ansible/roles/common/templates/cron.json.j2
@@ -11,6 +11,7 @@
( 'cloudkitty', enable_cloudkitty ),
( 'collectd', enable_collectd ),
( 'congress', enable_congress ),
+ ( 'cyborg', enable_cyborg ),
( 'designate', enable_designate ),
( 'elasticsearch', enable_elasticsearch ),
( 'etcd', enable_etcd ),
diff --git a/ansible/roles/cyborg/defaults/main.yml b/ansible/roles/cyborg/defaults/main.yml
new file mode 100644
index 0000000000..92b941f5ae
--- /dev/null
+++ b/ansible/roles/cyborg/defaults/main.yml
@@ -0,0 +1,77 @@
+---
+project_name: "cyborg"
+
+cyborg_services:
+ cyborg-api:
+ container_name: cyborg_api
+ group: cyborg-api
+ enabled: true
+ image: "{{ cyborg_api_image_full }}"
+ volumes:
+ - "{{ node_config_directory }}/cyborg-api/:{{ container_config_directory }}/:ro"
+ - "/etc/localtime:/etc/localtime:ro"
+ - "cyborg:/var/lib/cyborg/"
+ - "kolla_logs:/var/log/kolla/"
+ dimensions: "{{ cyborg_api_dimensions }}"
+ cyborg-agent:
+ container_name: cyborg_agent
+ group: cyborg-agent
+ enabled: true
+ image: "{{ cyborg_agent_image_full }}"
+ volumes:
+ - "{{ node_config_directory }}/cyborg-agent/:{{ container_config_directory }}/:ro"
+ - "/etc/localtime:/etc/localtime:ro"
+ - "kolla_logs:/var/log/kolla/"
+ dimensions: "{{ cyborg_agent_dimensions }}"
+ cyborg-conductor:
+ container_name: cyborg_conductor
+ group: cyborg-conductor
+ enabled: true
+ image: "{{ cyborg_conductor_image_full }}"
+ volumes:
+ - "{{ node_config_directory }}/cyborg-conductor/:{{ container_config_directory }}/:ro"
+ - "/etc/localtime:/etc/localtime:ro"
+ - "kolla_logs:/var/log/kolla/"
+ dimensions: "{{ cyborg_conductor_dimensions }}"
+
+####################
+# Database
+####################
+cyborg_database_name: "cyborg"
+cyborg_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}cyborg{% endif %}"
+cyborg_database_address: "{{ database_address }}:{{ database_port }}"
+
+####################
+# Docker
+####################
+cyborg_install_type: "{{ kolla_install_type }}"
+cyborg_tag: "{{ openstack_release }}"
+
+cyborg_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ cyborg_install_type }}-cyborg-api"
+cyborg_api_tag: "{{ cyborg_tag }}"
+cyborg_api_image_full: "{{ cyborg_api_image }}:{{ cyborg_api_tag }}"
+
+cyborg_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ cyborg_install_type }}-cyborg-agent"
+cyborg_agent_tag: "{{ cyborg_tag }}"
+cyborg_agent_image_full: "{{ cyborg_agent_image }}:{{ cyborg_agent_tag }}"
+
+cyborg_conductor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ cyborg_install_type }}-cyborg-conductor"
+cyborg_conductor_tag: "{{ cyborg_tag }}"
+cyborg_conductor_image_full: "{{ cyborg_conductor_image }}:{{ cyborg_conductor_tag }}"
+
+cyborg_api_dimensions: "{{ default_container_dimensions }}"
+cyborg_agent_dimensions: "{{ default_container_dimensions }}"
+cyborg_conductor_dimensions: "{{ default_container_dimensions }}"
+
+####################
+# OpenStack
+####################
+cyborg_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ cyborg_api_port }}"
+cyborg_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ cyborg_api_port }}"
+cyborg_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ cyborg_api_port }}"
+
+cyborg_logging_debug: "{{ openstack_logging_debug }}"
+
+cyborg_keystone_user: "cyborg"
+
+openstack_cyborg_auth: "{{ openstack_auth }}"
diff --git a/ansible/roles/cyborg/handlers/main.yml b/ansible/roles/cyborg/handlers/main.yml
new file mode 100644
index 0000000000..0453191629
--- /dev/null
+++ b/ansible/roles/cyborg/handlers/main.yml
@@ -0,0 +1,72 @@
+---
+- name: Restart cyborg-api container
+ vars:
+ service_name: "cyborg-api"
+ service: "{{ cyborg_services[service_name] }}"
+ config_json: "{{ cyborg_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ cyborg_conf: "{{ cyborg_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ policy_overwriting: "{{ cyborg_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ cyborg_api_container: "{{ check_cyborg_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ kolla_docker:
+ action: "recreate_or_restart_container"
+ common_options: "{{ docker_common_options }}"
+ name: "{{ service.container_name }}"
+ image: "{{ service.image }}"
+ volumes: "{{ service.volumes }}"
+ dimensions: "{{ service.dimensions }}"
+ when:
+ - action != "config"
+ - inventory_hostname in groups[service.group]
+ - service.enabled | bool
+ - config_json.changed | bool
+ or cyborg_conf.changed | bool
+ or policy_overwriting.changed | bool
+ or cyborg_api_container.changed | bool
+
+- name: Restart cyborg-conductor container
+ vars:
+ service_name: "cyborg-conductor"
+ service: "{{ cyborg_services[service_name] }}"
+ config_json: "{{ cyborg_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ cyborg_conf: "{{ cyborg_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ policy_overwriting: "{{ cyborg_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ cyborg_conductor_container: "{{ check_cyborg_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ kolla_docker:
+ action: "recreate_or_restart_container"
+ common_options: "{{ docker_common_options }}"
+ name: "{{ service.container_name }}"
+ image: "{{ service.image }}"
+ volumes: "{{ service.volumes }}"
+ dimensions: "{{ service.dimensions }}"
+ when:
+ - action != "config"
+ - inventory_hostname in groups[service.group]
+ - service.enabled | bool
+ - config_json.changed | bool
+ or cyborg_conf.changed | bool
+ or policy_overwriting.changed | bool
+ or cyborg_conductor_container.changed | bool
+
+- name: Restart cyborg-agent container
+ vars:
+ service_name: "cyborg-agent"
+ service: "{{ cyborg_services[service_name] }}"
+ config_json: "{{ cyborg_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ cyborg_conf: "{{ cyborg_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ policy_overwriting: "{{ cyborg_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ cyborg_agent_container: "{{ check_cyborg_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
+ kolla_docker:
+ action: "recreate_or_restart_container"
+ common_options: "{{ docker_common_options }}"
+ name: "{{ service.container_name }}"
+ image: "{{ service.image }}"
+ volumes: "{{ service.volumes }}"
+ dimensions: "{{ service.dimensions }}"
+ when:
+ - action != "config"
+ - inventory_hostname in groups[service.group]
+ - service.enabled | bool
+ - config_json.changed | bool
+ or cyborg_conf.changed | bool
+ or policy_overwriting.changed | bool
+ or cyborg_agent_container.changed | bool
diff --git a/ansible/roles/cyborg/meta/main.yml b/ansible/roles/cyborg/meta/main.yml
new file mode 100644
index 0000000000..6b4fff8fef
--- /dev/null
+++ b/ansible/roles/cyborg/meta/main.yml
@@ -0,0 +1,3 @@
+---
+dependencies:
+ - { role: common }
diff --git a/ansible/roles/cyborg/tasks/bootstrap.yml b/ansible/roles/cyborg/tasks/bootstrap.yml
new file mode 100644
index 0000000000..fec53cdf03
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/bootstrap.yml
@@ -0,0 +1,36 @@
+---
+- name: Creating cyborg database
+ kolla_toolbox:
+ module_name: mysql_db
+ module_args:
+ login_host: "{{ database_address }}"
+ login_port: "{{ database_port }}"
+ login_user: "{{ database_user }}"
+ login_password: "{{ database_password }}"
+ name: "{{ cyborg_database_name }}"
+ register: database
+ run_once: True
+ delegate_to: "{{ groups['cyborg-api'][0] }}"
+ when:
+ - not use_preconfigured_databases | bool
+
+- name: Creating cyborg database user and setting permissions
+ kolla_toolbox:
+ module_name: mysql_user
+ module_args:
+ login_host: "{{ database_address }}"
+ login_port: "{{ database_port }}"
+ login_user: "{{ database_user }}"
+ login_password: "{{ database_password }}"
+ name: "{{ cyborg_database_user }}"
+ password: "{{ cyborg_database_password }}"
+ host: "%"
+ priv: "{{ cyborg_database_name }}.*:ALL"
+ append_privs: "yes"
+ run_once: True
+ delegate_to: "{{ groups['cyborg-api'][0] }}"
+ when:
+ - not use_preconfigured_databases | bool
+
+- include_tasks: bootstrap_service.yml
+ when: database.changed or use_preconfigured_databases | bool
diff --git a/ansible/roles/cyborg/tasks/bootstrap_service.yml b/ansible/roles/cyborg/tasks/bootstrap_service.yml
new file mode 100644
index 0000000000..b272595514
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/bootstrap_service.yml
@@ -0,0 +1,19 @@
+---
+- name: Running cyborg bootstrap container
+ vars:
+ cyborg_api: "{{ cyborg_services['cyborg-api'] }}"
+ kolla_docker:
+ action: "start_container"
+ common_options: "{{ docker_common_options }}"
+ detach: False
+ environment:
+ KOLLA_BOOTSTRAP:
+ KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+ image: "{{ cyborg_api.image }}"
+ labels:
+ BOOTSTRAP:
+ name: "bootstrap_cyborg"
+ restart_policy: "never"
+ volumes: "{{ cyborg_api.volumes }}"
+ run_once: True
+ delegate_to: "{{ groups[cyborg_api.group][0] }}"
diff --git a/ansible/roles/cyborg/tasks/check.yml b/ansible/roles/cyborg/tasks/check.yml
new file mode 100644
index 0000000000..ed97d539c0
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/check.yml
@@ -0,0 +1 @@
+---
diff --git a/ansible/roles/cyborg/tasks/clone.yml b/ansible/roles/cyborg/tasks/clone.yml
new file mode 100644
index 0000000000..0493d85c65
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/clone.yml
@@ -0,0 +1,7 @@
+---
+- name: Cloning cyborg source repository for development
+ git:
+ repo: "{{ cyborg_git_repository }}"
+ dest: "{{ kolla_dev_repos_directory }}/{{ project_name }}"
+ update: "{{ cyborg_dev_repos_pull }}"
+ version: "{{ cyborg_source_version }}"
diff --git a/ansible/roles/cyborg/tasks/config.yml b/ansible/roles/cyborg/tasks/config.yml
new file mode 100644
index 0000000000..326317e4d3
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/config.yml
@@ -0,0 +1,128 @@
+---
+- name: Ensuring config directories exist
+ file:
+ path: "{{ node_config_directory }}/{{ item.key }}"
+ state: "directory"
+ owner: "{{ config_owner_user }}"
+ group: "{{ config_owner_group }}"
+ mode: "0770"
+ become: true
+ when:
+ - item.value.enabled | bool
+ - inventory_hostname in groups[item.value.group]
+ with_dict: "{{ cyborg_services }}"
+
+- name: Check if policies shall be overwritten
+ local_action: stat path="{{ item }}"
+ run_once: True
+ register: cyborg_policy
+ with_first_found:
+ - files: "{{ supported_policy_format_list }}"
+ paths:
+ - "{{ node_custom_config }}/cyborg/"
+ skip: true
+
+- name: Set cyborg policy file
+ set_fact:
+ cyborg_policy_file: "{{ cyborg_policy.results.0.stat.path | basename }}"
+ cyborg_policy_file_path: "{{ cyborg_policy.results.0.stat.path }}"
+ when:
+ - cyborg_policy.results
+
+- name: Copying over existing policy file
+ template:
+ src: "{{ cyborg_policy_file_path }}"
+ dest: "{{ node_config_directory }}/{{ item.key }}/{{ cyborg_policy_file }}"
+ mode: "0660"
+ become: true
+ register: cyborg_policy_overwriting
+ when:
+ - cyborg_policy_file is defined
+ - inventory_hostname in groups[item.value.group]
+ - item.value.enabled | bool
+ with_dict: "{{ cyborg_services }}"
+ notify:
+ - Restart cyborg-api container
+ - Restart cyborg-agent container
+ - Restart cyborg-conductor container
+
+- name: Copying over config.json files for services
+ template:
+ src: "{{ item.key }}.json.j2"
+ dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
+ mode: "0660"
+ become: true
+ register: cyborg_config_jsons
+ when:
+ - item.value.enabled | bool
+ - inventory_hostname in groups[item.value.group]
+ with_dict: "{{ cyborg_services }}"
+ notify:
+ - Restart cyborg-api container
+ - Restart cyborg-agent container
+ - Restart cyborg-conductor container
+
+- name: Copying over cyborg.conf
+ vars:
+ service_name: "{{ item.key }}"
+ merge_configs:
+ sources:
+ - "{{ role_path }}/templates/cyborg.conf.j2"
+ - "{{ node_custom_config }}/global.conf"
+ - "{{ node_custom_config }}/cyborg.conf"
+ - "{{ node_custom_config }}/cyborg/{{ item.key }}.conf"
+ - "{{ node_custom_config }}/cyborg/{{ inventory_hostname }}/cyborg.conf"
+ dest: "{{ node_config_directory }}/{{ item.key }}/cyborg.conf"
+ mode: "0660"
+ become: true
+ register: cyborg_confs
+ when:
+ - item.value.enabled | bool
+ - inventory_hostname in groups[item.value.group]
+ with_dict: "{{ cyborg_services }}"
+ notify:
+ - Restart cyborg-api container
+ - Restart cyborg-agent container
+ - Restart cyborg-conductor container
+
+- name: Checking whether cyborg-api-paste.ini file exists
+ vars:
+ service: "{{ cyborg_services['cyborg-api'] }}"
+ local_action: stat path="{{ node_custom_config }}/cyborg/cyborg-api-paste.ini"
+ run_once: True
+ register: check_cyborg_api_paste_ini
+ when:
+ - service.enabled | bool
+
+- name: Copying over cyborg-api-paste.ini
+ vars:
+ service: "{{ cyborg_services['cyborg-api'] }}"
+ template:
+ src: "{{ node_custom_config }}/cyborg/cyborg-api-paste.ini"
+ dest: "{{ node_config_directory }}/cyborg-api/api-paste.ini"
+ when:
+ - inventory_hostname in groups['cyborg-api']
+ - service.enabled | bool
+ - check_cyborg_api_paste_ini.stat.exists
+ register: cyborg_api_paste
+ notify:
+ - Restart cyborg-api container
+
+- name: Check cyborg containers
+ kolla_docker:
+ action: "compare_container"
+ common_options: "{{ docker_common_options }}"
+ name: "{{ item.value.container_name }}"
+ image: "{{ item.value.image }}"
+ volumes: "{{ item.value.volumes }}"
+ dimensions: "{{ item.value.dimensions }}"
+ register: check_cyborg_containers
+ when:
+ - action != "config"
+ - inventory_hostname in groups[item.value.group]
+ - item.value.enabled | bool
+ with_dict: "{{ cyborg_services }}"
+ notify:
+ - Restart cyborg-api container
+ - Restart cyborg-agent container
+ - Restart cyborg-conductor container
diff --git a/ansible/roles/cyborg/tasks/deploy.yml b/ansible/roles/cyborg/tasks/deploy.yml
new file mode 100644
index 0000000000..c63cdcdf8f
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/deploy.yml
@@ -0,0 +1,14 @@
+---
+- include_tasks: register.yml
+ when: inventory_hostname in groups['cyborg-api']
+
+- include_tasks: config.yml
+ when: inventory_hostname in groups['cyborg-api'] or
+ inventory_hostname in groups['cyborg-conductor'] or
+ inventory_hostname in groups['cyborg-agent']
+
+- include_tasks: bootstrap.yml
+ when: inventory_hostname in groups['cyborg-api']
+
+- name: Flush handlers
+ meta: flush_handlers
diff --git a/ansible/roles/cyborg/tasks/loadbalancer.yml b/ansible/roles/cyborg/tasks/loadbalancer.yml
new file mode 100644
index 0000000000..971b7583ab
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/loadbalancer.yml
@@ -0,0 +1,7 @@
+---
+- name: "Configure haproxy for {{ project_name }}"
+ import_role:
+ role: haproxy-config
+ vars:
+ project_services: "{{ cyborg_services }}"
+ tags: always
diff --git a/ansible/roles/cyborg/tasks/main.yml b/ansible/roles/cyborg/tasks/main.yml
new file mode 100644
index 0000000000..bc5d1e6257
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/main.yml
@@ -0,0 +1,2 @@
+---
+- include_tasks: "{{ kolla_action }}.yml"
diff --git a/ansible/roles/cyborg/tasks/precheck.yml b/ansible/roles/cyborg/tasks/precheck.yml
new file mode 100644
index 0000000000..fbd1cb3c7a
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/precheck.yml
@@ -0,0 +1,17 @@
+---
+- name: Get container facts
+ kolla_container_facts:
+ name:
+ - cyborg_api
+ register: container_facts
+
+- name: Checking free port for cyborg API
+ wait_for:
+ host: "{{ api_interface_address }}"
+ port: "{{ cyborg_api_port }}"
+ connect_timeout: 1
+ timeout: 1
+ state: stopped
+ when:
+ - container_facts['cyborg_api'] is not defined
+ - inventory_hostname in groups['cyborg-api']
diff --git a/ansible/roles/cyborg/tasks/pull.yml b/ansible/roles/cyborg/tasks/pull.yml
new file mode 100644
index 0000000000..eb3e4663cf
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/pull.yml
@@ -0,0 +1,11 @@
+---
+- name: Pulling cyborg images
+ become: true
+ kolla_docker:
+ action: "pull_image"
+ common_options: "{{ docker_common_options }}"
+ image: "{{ item.value.image }}"
+ when:
+ - inventory_hostname in groups[item.value.group]
+ - item.value.enabled | bool
+ with_dict: "{{ cyborg_services }}"
diff --git a/ansible/roles/cyborg/tasks/reconfigure.yml b/ansible/roles/cyborg/tasks/reconfigure.yml
new file mode 100644
index 0000000000..f670a5b78d
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/reconfigure.yml
@@ -0,0 +1,2 @@
+---
+- include_tasks: deploy.yml
diff --git a/ansible/roles/cyborg/tasks/register.yml b/ansible/roles/cyborg/tasks/register.yml
new file mode 100644
index 0000000000..b43de75590
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/register.yml
@@ -0,0 +1,32 @@
+---
+- name: Creating the cyborg service and endpoint
+ kolla_toolbox:
+ module_name: "kolla_keystone_service"
+ module_args:
+ service_name: "cyborg"
+ service_type: "cyborg"
+ description: "OpenStack Cyborg Service"
+ endpoint_region: "{{ openstack_region_name }}"
+ url: "{{ item.url }}"
+ interface: "{{ item.interface }}"
+ region_name: "{{ openstack_region_name }}"
+ auth: "{{ openstack_cyborg_auth }}"
+ endpoint_type: "{{ openstack_interface }}"
+ run_once: True
+ with_items:
+ - {'interface': 'admin', 'url': '{{ cyborg_admin_endpoint }}'}
+ - {'interface': 'internal', 'url': '{{ cyborg_internal_endpoint }}'}
+ - {'interface': 'public', 'url': '{{ cyborg_public_endpoint }}'}
+
+- name: Creating the cyborg project, user, and role
+ kolla_toolbox:
+ module_name: "kolla_keystone_user"
+ module_args:
+ project: "service"
+ user: "{{ cyborg_keystone_user }}"
+ password: "{{ cyborg_keystone_password }}"
+ role: "admin"
+ region_name: "{{ openstack_region_name }}"
+ auth: "{{ openstack_cyborg_auth }}"
+ endpoint_type: "{{ openstack_interface }}"
+ run_once: True
diff --git a/ansible/roles/cyborg/tasks/stop.yml b/ansible/roles/cyborg/tasks/stop.yml
new file mode 100644
index 0000000000..87085221f7
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/stop.yml
@@ -0,0 +1,6 @@
+---
+- import_role:
+ role: service-stop
+ vars:
+ project_services: "{{ cyborg_services }}"
+ service_name: "{{ project_name }}"
diff --git a/ansible/roles/cyborg/tasks/upgrade.yml b/ansible/roles/cyborg/tasks/upgrade.yml
new file mode 100644
index 0000000000..20ccddc8f1
--- /dev/null
+++ b/ansible/roles/cyborg/tasks/upgrade.yml
@@ -0,0 +1,7 @@
+---
+- include_tasks: config.yml
+
+- include_tasks: bootstrap_service.yml
+
+- name: Flush handlers
+ meta: flush_handlers
diff --git a/ansible/roles/cyborg/templates/cyborg-agent.json.j2 b/ansible/roles/cyborg/templates/cyborg-agent.json.j2
new file mode 100644
index 0000000000..f72fe7379a
--- /dev/null
+++ b/ansible/roles/cyborg/templates/cyborg-agent.json.j2
@@ -0,0 +1,24 @@
+{
+ "command": "cyborg-agent --config-file /etc/cyborg/cyborg.conf",
+ "config_files": [
+ {
+ "source": "{{ container_config_directory }}/cyborg.conf",
+ "dest": "/etc/cyborg/cyborg.conf",
+ "owner": "cyborg",
+ "perm": "0600"
+ }{% if cyborg_policy_file is defined %},
+ {
+ "source": "{{ container_config_directory }}/{{ cyborg_policy_file }}",
+ "dest": "/etc/cyborg/{{ cyborg_policy_file }}",
+ "owner": "cyborg",
+ "perm": "0600"
+ }{% endif %}
+ ],
+ "permissions": [
+ {
+ "path": "/var/log/kolla/cyborg",
+ "owner": "cyborg:cyborg",
+ "recurse": true
+ }
+ ]
+}
diff --git a/ansible/roles/cyborg/templates/cyborg-api-paste.ini.j2 b/ansible/roles/cyborg/templates/cyborg-api-paste.ini.j2
new file mode 100644
index 0000000000..7717f95879
--- /dev/null
+++ b/ansible/roles/cyborg/templates/cyborg-api-paste.ini.j2
@@ -0,0 +1,19 @@
+[pipeline:main]
+pipeline = cors request_id authtoken api_v1
+
+[app:api_v1]
+paste.app_factory = cyborg.api.app:app_factory
+
+[filter:authtoken]
+acl_public_routes = /, /v1
+paste.filter_factory = cyborg.api.middleware.auth_token:AuthTokenMiddleware.factory
+
+[filter:osprofiler]
+paste.filter_factory = cyborg.common.profiler:WsgiMiddleware.factory
+
+[filter:request_id]
+paste.filter_factory = oslo_middleware:RequestId.factory
+
+[filter:cors]
+paste.filter_factory = oslo_middleware.cors:filter_factory
+oslo_config_project = cyborg
diff --git a/ansible/roles/cyborg/templates/cyborg-api.json.j2 b/ansible/roles/cyborg/templates/cyborg-api.json.j2
new file mode 100644
index 0000000000..922906e458
--- /dev/null
+++ b/ansible/roles/cyborg/templates/cyborg-api.json.j2
@@ -0,0 +1,30 @@
+{
+ "command": "cyborg-api --config-file /etc/cyborg/cyborg.conf",
+ "config_files": [
+ {
+ "source": "{{ container_config_directory }}/cyborg.conf",
+ "dest": "/etc/cyborg/cyborg.conf",
+ "owner": "cyborg",
+ "perm": "0600"
+ },
+ {
+ "source": "{{ container_config_directory }}/api-paste.ini",
+ "dest": "/etc/cyborg/api-paste.ini",
+ "owner": "cyborg",
+ "perm": "0600"
+ }{% if cyborg_policy_file is defined %},
+ {
+ "source": "{{ container_config_directory }}/{{ cyborg_policy_file }}",
+ "dest": "/etc/cyborg/{{ cyborg_policy_file }}",
+ "owner": "cyborg",
+ "perm": "0600"
+ }{% endif %}
+ ],
+ "permissions": [
+ {
+ "path": "/var/log/kolla/cyborg",
+ "owner": "cyborg:cyborg",
+ "recurse": true
+ }
+ ]
+}
diff --git a/ansible/roles/cyborg/templates/cyborg-conductor.json.j2 b/ansible/roles/cyborg/templates/cyborg-conductor.json.j2
new file mode 100644
index 0000000000..d4b673b81c
--- /dev/null
+++ b/ansible/roles/cyborg/templates/cyborg-conductor.json.j2
@@ -0,0 +1,24 @@
+{
+ "command": "cyborg-conductor --config-file /etc/cyborg/cyborg.conf",
+ "config_files": [
+ {
+ "source": "{{ container_config_directory }}/cyborg.conf",
+ "dest": "/etc/cyborg/cyborg.conf",
+ "owner": "cyborg",
+ "perm": "0600"
+ }{% if cyborg_policy_file is defined %},
+ {
+ "source": "{{ container_config_directory }}/{{ cyborg_policy_file }}",
+ "dest": "/etc/cyborg/{{ cyborg_policy_file }}",
+ "owner": "cyborg",
+ "perm": "0600"
+ }{% endif %}
+ ],
+ "permissions": [
+ {
+ "path": "/var/log/kolla/cyborg",
+ "owner": "cyborg:cyborg",
+ "recurse": true
+ }
+ ]
+}
diff --git a/ansible/roles/cyborg/templates/cyborg.conf.j2 b/ansible/roles/cyborg/templates/cyborg.conf.j2
new file mode 100644
index 0000000000..06903f4526
--- /dev/null
+++ b/ansible/roles/cyborg/templates/cyborg.conf.j2
@@ -0,0 +1,45 @@
+[DEFAULT]
+auth_strategy = keystone
+log_dir = /var/log/kolla/cyborg
+debug = {{ cyborg_logging_debug }}
+notification_topics = notifications
+
+transport_url = {{ rpc_transport_url }}
+
+[api]
+port = {{ cyborg_api_port }}
+host = {{ api_interface_address }}
+
+[database]
+connection = mysql+pymysql://{{ cyborg_database_user }}:{{ cyborg_database_password }}@{{ cyborg_database_address }}/{{ cyborg_database_name }}
+
+[keystone_authtoken]
+memcache_security_strategy = ENCRYPT
+memcache_secret_key = {{ memcache_secret_key }}
+memcache_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
+auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
+project_domain_name = {{ default_project_domain_name }}
+project_name = service
+user_domain_name = {{ default_user_domain_name }}
+username = {{ cyborg_keystone_user }}
+password = {{ cyborg_keystone_password }}
+auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
+auth_type = password
+
+{% if cyborg_policy_file is defined %}
+[oslo_policy]
+policy_file = {{ cyborg_policy_file }}
+{% endif %}
+
+[service_credentials]
+auth_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}/v3
+region_name = {{ openstack_region_name }}
+password = {{ cyborg_keystone_password }}
+username = {{ cyborg_keystone_user }}
+project_name = service
+project_domain_id = {{ default_project_domain_id }}
+user_domain_id = {{ default_user_domain_id }}
+auth_type = password
+
+[oslo_messaging_notifications]
+transport_url = {{ notify_transport_url }}
diff --git a/ansible/roles/haproxy/tasks/precheck.yml b/ansible/roles/haproxy/tasks/precheck.yml
index 8985c1007a..03c8097a73 100644
--- a/ansible/roles/haproxy/tasks/precheck.yml
+++ b/ansible/roles/haproxy/tasks/precheck.yml
@@ -256,6 +256,18 @@
- haproxy_stat.find('congress_api') == -1
- "host_running_haproxy == 'None'"
+- name: Checking free port for Cyborg API HAProxy
+ wait_for:
+ host: "{{ kolla_internal_vip_address }}"
+ port: "{{ cyborg_api_port }}"
+ connect_timeout: 1
+ timeout: 1
+ state: stopped
+ when:
+ - enable_cyborg | bool
+ - inventory_hostname in groups['haproxy']
+ - haproxy_stat.find('cyborg_api') == -1
+
- name: Checking free port for Designate API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
diff --git a/ansible/site.yml b/ansible/site.yml
index 1ae7dc53de..ba6686619e 100644
--- a/ansible/site.yml
+++ b/ansible/site.yml
@@ -30,6 +30,7 @@
- enable_cloudkitty_{{ enable_cloudkitty | bool }}
- enable_collectd_{{ enable_collectd | bool }}
- enable_congress_{{ enable_congress | bool }}
+ - enable_cyborg_{{ enable_cyborg | bool }}
- enable_designate_{{ enable_designate | bool }}
- enable_elasticsearch_{{ enable_elasticsearch | bool }}
- enable_etcd_{{ enable_etcd | bool }}
@@ -156,6 +157,11 @@
tasks_from: loadbalancer
tags: congress
when: enable_congress | bool
+ - include_role:
+ role: cyborg
+ tasks_from: loadbalancer
+ tags: cyborg
+ when: enable_cyborg | bool
- include_role:
role: designate
tasks_from: loadbalancer
@@ -980,6 +986,17 @@
tags: congress,
when: enable_congress | bool }
+- name: Apply role cyborg
+ gather_facts: false
+ hosts:
+ - cyborg
+ - '&enable_cyborg_True'
+ serial: '{{ serial|default("0") }}'
+ roles:
+ - { role: cyborg,
+ tags: cyborg,
+ when: enable_cyborg | bool }
+
- name: Apply role tempest
gather_facts: false
hosts:
diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml
index 0b95913d3c..a334d12308 100644
--- a/etc/kolla/globals.yml
+++ b/etc/kolla/globals.yml
@@ -207,6 +207,7 @@ kolla_internal_vip_address: "10.10.10.254"
#enable_cloudkitty: "no"
#enable_collectd: "no"
#enable_congress: "no"
+#enable_cyborg: "no"
#enable_designate: "no"
#enable_destroy_images: "no"
#enable_elasticsearch: "{{ 'yes' if enable_central_logging | bool or enable_freezer | bool or enable_osprofiler | bool or enable_skydive | bool or enable_monasca | bool else 'no' }}"
diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml
index 8d60d26180..26ddb82b63 100644
--- a/etc/kolla/passwords.yml
+++ b/etc/kolla/passwords.yml
@@ -101,6 +101,9 @@ cinder_keystone_password:
cloudkitty_database_password:
cloudkitty_keystone_password:
+cyborg_database_password:
+cyborg_keystone_password:
+
panko_database_password:
panko_keystone_password:
diff --git a/releasenotes/notes/add-cyborg-c7ee957a2cbe8e99.yaml b/releasenotes/notes/add-cyborg-c7ee957a2cbe8e99.yaml
new file mode 100644
index 0000000000..7cfb84861c
--- /dev/null
+++ b/releasenotes/notes/add-cyborg-c7ee957a2cbe8e99.yaml
@@ -0,0 +1,3 @@
+---
+features:
+ - Add cyborg ansible role
diff --git a/tests/templates/inventory.j2 b/tests/templates/inventory.j2
index 777d7251da..3240cd20ec 100644
--- a/tests/templates/inventory.j2
+++ b/tests/templates/inventory.j2
@@ -183,6 +183,10 @@ control
[aodh:children]
control
+[cyborg:children]
+control
+compute
+
[congress:children]
control
@@ -492,6 +496,17 @@ aodh
[aodh-notifier:children]
aodh
+# Cyborg
+[cyborg-api:children]
+cyborg
+
+[cyborg-agent:children]
+cyborg
+
+[cyborg-conductor:children]
+cyborg
+
+
# Panko
[panko-api:children]
panko