Merge "Added Ansible playbook for congress deploy"

This commit is contained in:
Jenkins 2016-09-01 13:20:38 +00:00 committed by Gerrit Code Review
commit f1927b717c
21 changed files with 393 additions and 0 deletions

View File

@ -118,6 +118,8 @@ aodh_api_port: "8042"
ceilometer_api_port: "8777"
congress_api_port: "1789"
iscsi_port: "3260"
mariadb_port: "{{ database_port }}"
@ -227,6 +229,7 @@ enable_ceph: "no"
enable_ceph_rgw: "no"
enable_cinder: "no"
enable_cinder_backend_lvm: "no"
enable_congress: "no"
enable_heat: "yes"
enable_horizon: "yes"
enable_ironic: "no"

View File

@ -90,6 +90,9 @@ control
[aodh:children]
control
[congress:children]
control
# Tempest
[tempest:children]
control
@ -269,6 +272,16 @@ ceilometer
[ceilometer-compute:children]
compute
# Congress
[congress-api:children]
congress
[congress-datasource:children]
congress
[congress-policy-engine:children]
congress
# Multipathd
[multipathd:children]
compute

View File

@ -107,6 +107,9 @@ control
[aodh:children]
control
[congress:children]
control
# Tempest
[tempest:children]
control
@ -286,6 +289,16 @@ aodh
[aodh-notifier:children]
aodh
# Congress
[congress-api:children]
congress
[congress-datasource:children]
congress
[congress-policy-engine:children]
congress
# Multipathd
[multipathd:children]
compute

View File

@ -0,0 +1,39 @@
---
project_name: "congress"
####################
# Database
####################
congress_database_name: "congress"
congress_database_user: "congress"
congress_database_address: "{{ kolla_internal_fqdn }}:{{ database_port }}"
####################
# Docker
####################
congress_policy_engine_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-congress-policy-engine"
congress_policy_engine_tag: "{{ openstack_release }}"
congress_policy_engine_image_full: "{{ congress_policy_engine_image }}:{{ congress_policy_engine_tag }}"
congress_datasource_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-congress-datasource"
congress_datasource_tag: "{{ openstack_release }}"
congress_datasource_image_full: "{{ congress_datasource_image }}:{{ congress_datasource_tag }}"
congress_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-congress-api"
congress_api_tag: "{{ openstack_release }}"
congress_api_image_full: "{{ congress_api_image }}:{{ congress_api_tag }}"
####################
# OpenStack
####################
congress_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ congress_api_port }}"
congress_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ congress_api_port }}"
congress_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ congress_api_port }}"
congress_logging_debug: "{{ openstack_logging_debug }}"
congress_keystone_user: "congress"
openstack_congress_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"

View File

@ -0,0 +1,3 @@
---
dependencies:
- { role: common }

View File

@ -0,0 +1,41 @@
---
- name: Creating congress database
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
-m mysql_db
-a "login_host='{{ database_address }}'
login_port='{{ database_port }}'
login_user='{{ database_user }}'
login_password='{{ database_password }}'
name='{{ congress_database_name }}'"
register: database
changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and
(database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
failed_when: database.stdout.split()[2] != 'SUCCESS'
run_once: True
delegate_to: "{{ groups['congress-api'][0] }}"
- name: Reading json from variable
set_fact:
database_created: "{{ (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
- name: Creating congress database user and setting permissions
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
-m mysql_user
-a "login_host='{{ database_address }}'
login_port='{{ database_port }}'
login_user='{{ database_user }}'
login_password='{{ database_password }}'
name='{{ congress_database_name }}'
password='{{ congress_database_password }}'
host='%'
priv='{{ congress_database_name }}.*:ALL'
append_privs='yes'"
register: database_user_create
changed_when: "{{ database_user_create.stdout.find('localhost | SUCCESS => ') != -1 and
(database_user_create.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
failed_when: database_user_create.stdout.split()[2] != 'SUCCESS'
run_once: True
delegate_to: "{{ groups['congress-api'][0] }}"
- include: bootstrap_service.yml
when: database_created

View File

@ -0,0 +1,20 @@
---
- name: Running congress bootstrap container
kolla_docker:
action: "start_container"
common_options: "{{docker_common_options}}"
detach: False
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
image: "{{ congress_api_image_full }}"
labels:
BOOTSTRAP:
name: "bootstrap_congress"
restart_policy: "never"
volumes:
- "{{ node_config_directory }}/congress-api/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
run_once: True
delegate_to: "{{ groups['congress-api'][0] }}"

View File

@ -0,0 +1,37 @@
---
- name: Ensuring config directories exist
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
recurse: yes
with_items:
- "congress-api"
- "congress-policy-engine"
- "congress-datasource"
- name: Copying over config.json files for services
template:
src: "{{ item }}.json.j2"
dest: "{{ node_config_directory }}/{{ item }}/config.json"
with_items:
- "congress-api"
- "congress-policy-engine"
- "congress-datasource"
- name: Copying over congress.conf
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/congress.conf.j2"
- "{{ node_custom_config }}/global.conf"
- "{{ node_custom_config }}/database.conf"
- "{{ node_custom_config }}/messaging.conf"
- "{{ node_custom_config }}/congress.conf"
- "{{ node_custom_config }}/congress/{{ item }}.conf"
- "{{ node_custom_config }}/congress/{{ inventory_hostname }}/congress.conf"
dest: "{{ node_config_directory }}/{{ item }}/congress.conf"
with_items:
- "congress-api"
- "congress-policy-engine"
- "congress-datasource"

View File

@ -0,0 +1,16 @@
---
- include: register.yml
when: inventory_hostname in groups['congress-api']
- include: config.yml
when: inventory_hostname in groups['congress-api'] or
inventory_hostname in groups['congress-policy-engine'] or
inventory_hostname in groups['congress-datasource']
- include: bootstrap.yml
when: inventory_hostname in groups['congress-api']
- include: start.yml
when: inventory_hostname in groups['congress-api'] or
inventory_hostname in groups['congress-policy-engine'] or
inventory_hostname in groups['congress-datasource']

View File

@ -0,0 +1,2 @@
---
- include: "{{ action }}.yml"

View File

@ -0,0 +1,21 @@
---
- name: Pulling congress-api image
kolla_docker:
action: "pull_image"
common_options: "{{ docker_common_options }}"
image: "{{ congress_api_image_full }}"
when: inventory_hostname in groups['congress-api']
- name: Pulling congress-policy-engine image
kolla_docker:
action: "pull_image"
common_options: "{{ docker_common_options }}"
image: "{{ congress_policy_engine_image_full }}"
when: inventory_hostname in groups['congress-policy-engine']
- name: Pulling congress-datasource image
kolla_docker:
action: "pull_image"
common_options: "{{ docker_common_options }}"
image: "{{ congress_datasource_image_full }}"
when: inventory_hostname in groups['congress-datasource']

View File

@ -0,0 +1,40 @@
---
- name: Creating the congress service and endpoint
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
-m kolla_keystone_service
-a "service_name=congress
service_type=application_catalog
description='Openstack Application Catalog'
endpoint_region={{ openstack_region_name }}
url='{{ item.url }}'
interface='{{ item.interface }}'
region_name={{ openstack_region_name }}
auth={{ '{{ openstack_congress_auth }}' }}"
-e "{'openstack_congress_auth':{{ openstack_congress_auth }}}"
register: congress_endpoint
changed_when: "{{ congress_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (congress_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
until: congress_endpoint.stdout.split()[2] == 'SUCCESS'
retries: 10
delay: 5
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ congress_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ congress_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ congress_public_endpoint }}'}
- name: Creating the congress project, user, and role
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
-m kolla_keystone_user
-a "project=service
user=congress
password={{ congress_keystone_password }}
role=admin
region_name={{ openstack_region_name }}
auth={{ '{{ openstack_congress_auth }}' }}"
-e "{'openstack_congress_auth':{{ openstack_congress_auth }}}"
register: congress_user
changed_when: "{{ congress_user.stdout.find('localhost | SUCCESS => ') != -1 and (congress_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
until: congress_user.stdout.split()[2] == 'SUCCESS'
retries: 10
delay: 5
run_once: True

View File

@ -0,0 +1,36 @@
---
- name: Starting congress-policy-engine container
kolla_docker:
action: "start_container"
name: "congress_policy_engine"
common_options: "{{docker_common_options}}"
image: "{{ congress_policy_engine_image_full }}"
volumes:
- "{{ node_config_directory }}/congress-policy-engine/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
when: inventory_hostname in groups['congress-policy-engine']
- name: Starting congress-datasource container
kolla_docker:
action: "start_container"
name: "congress_datasource"
common_options: "{{docker_common_options}}"
image: "{{ congress_datasource_image_full }}"
volumes:
- "{{ node_config_directory }}/congress-datasource/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
when: inventory_hostname in groups['congress-datasource']
- name: Starting congress-api container
kolla_docker:
action: "start_container"
name: "congress_api"
common_options: "{{docker_common_options}}"
image: "{{ congress_api_image_full }}"
volumes:
- "{{ node_config_directory }}/congress-api/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
when: inventory_hostname in groups['congress-api']

View File

@ -0,0 +1,11 @@
{
"command": "congress-server --api --node_id=api-node --config-file /etc/congress/congress.conf",
"config_files": [
{
"source": "{{ container_config_directory }}/congress.conf",
"dest": "/etc/congress/congress.conf",
"owner": "congress",
"perm": "0644"
}
]
}

View File

@ -0,0 +1,11 @@
{
"command": "congress-server --datasources --node_id=data-node --config-file /etc/congress/congress.conf",
"config_files": [
{
"source": "{{ container_config_directory }}/congress.conf",
"dest": "/etc/congress/congress.conf",
"owner": "congress",
"perm": "0644"
}
]
}

View File

@ -0,0 +1,11 @@
{
"command": "congress-server --policy_engine --node_id=policy-node --config-file /etc/congress/congress.conf",
"config_files": [
{
"source": "{{ container_config_directory }}/congress.conf",
"dest": "/etc/congress/congress.conf",
"owner": "congress",
"perm": "0644"
}
]
}

View File

@ -0,0 +1,56 @@
[DEFAULT]
debug = {{ congress_logging_debug }}
log_dir = /var/log/kolla/congress
drivers = congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources.keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver,congress.datasources.swift_driver.SwiftDriver,congress.datasources.plexxi_driver.PlexxiDriver,congress.datasources.vCenter_driver.VCenterDriver,congress.datasources.murano_driver.MuranoDriver,congress.datasources.ironic_driver.IronicDriver
rpc_backend = rabbit
auth_strategy = keystone
os_region_name = {{ openstack_region_name }}
# NOTE: set use_stderr to False or the logs will also be sent to
# stderr and collected by Docker
use_stderr = False
my_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
api_paste_config = /etc/congress/api-paste.ini
{% if service_name == 'congress-api' %}
bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
bind_port = {{ congress_api_port }}
{% endif %}
[database]
connection = mysql+pymysql://{{ congress_database_user }}:{{ congress_database_password }}@{{ congress_database_address }}/{{ congress_database_name }}
max_retries = -1
[keystone_authtoken]
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = {{ congress_keystone_user }}
password = {{ congress_keystone_password }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[congress]
url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ congress_api_port }}
[oslo_messaging_rabbit]
rabbit_userid = {{ rabbitmq_user }}
rabbit_password = {{ rabbitmq_password }}
rabbit_ha_queues = true
rabbit_hosts = {% for host in groups['rabbitmq'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
[oslo_messaging_notifications]
driver = noop

View File

@ -247,6 +247,17 @@
tags: aodh,
when: enable_aodh | bool }
- hosts:
- congress-api
- congress-policy-engine
- congress-datasource
- rabbitmq
- memcached
roles:
- { role: congress,
tags: congress,
when: enable_congress | bool }
- hosts:
- tempest
roles:

View File

@ -127,6 +127,7 @@ kolla_internal_vip_address: "10.10.10.254"
#enable_ceph_rgw: "no"
#enable_cinder: "no"
#enable_cinder_backend_lvm: "no"
#enable_congress: "no"
#enable_heat: "yes"
#enable_horizon: "yes"
#enable_ironic: "no"

View File

@ -67,6 +67,9 @@ ceilometer_keystone_password:
watcher_database_password:
watcher_keystone_password:
congress_database_password:
congress_keystone_password:
horizon_secret_key:
telemetry_secret_key:

View File

@ -0,0 +1,5 @@
---
features:
- Add ansible role for openstack congress project which provide
policy as a service across any collection of cloud services in
order to offer governance and compliance for dynamic infrastructures.