From f425c0678f9c90c019805edb0b233d89f61f7ca8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Weing=C3=A4rtner?= Date: Tue, 16 Jun 2020 16:03:31 -0300 Subject: [PATCH] Standardize use and construction of endpoint URLs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The goal for this push request is to normalize the construction and use of internal, external, and admin URLs. While extending Kolla-ansible to enable a more flexible method to manage external URLs, we noticed that the same URL was constructed multiple times in different parts of the code. This can make it difficult for people that want to work with these URLs and create inconsistencies in a large code base with time. Therefore, we are proposing here the use of "single Kolla-ansible variable" per endpoint URL, which facilitates for people that are interested in overriding/extending these URLs. As an example, we extended Kolla-ansible to facilitate the "override" of public (external) URLs with the following standard ".". Therefore, the "NAT/redirect" in the SSL termination system (HAproxy, HTTPD or some other) is done via the service name, and not by the port. This allows operators to easily and automatically create more friendly URL names. To develop this feature, we first applied this patch that we are sending now to the community. We did that to reduce the surface of changes in Kolla-ansible. Another example is the integration of Kolla-ansible and Consul, which we also implemented internally, and also requires URLs changes. Therefore, this PR is essential to reduce code duplicity, and to facility users/developers to work/customize the services URLs. Change-Id: I73d483e01476e779a5155b2e18dd5ea25f514e93 Signed-off-by: Rafael Weingärtner --- ansible/group_vars/all.yml | 67 ++++++++++++++++++- ansible/roles/barbican/defaults/main.yml | 4 -- .../roles/barbican/templates/barbican.conf.j2 | 3 +- ansible/roles/cinder/defaults/main.yml | 17 +++-- ansible/roles/cinder/templates/cinder.conf.j2 | 4 +- .../templates/conf/output/00-local.conf.j2 | 6 +- .../templates/conf/output/02-monasca.conf.j2 | 2 +- ansible/roles/cyborg/templates/cyborg.conf.j2 | 4 +- .../designate/templates/designate.conf.j2 | 2 +- ansible/roles/elasticsearch/tasks/upgrade.yml | 8 +-- ansible/roles/etcd/defaults/main.yml | 14 ++-- ansible/roles/freezer/defaults/main.yml | 6 +- .../roles/gnocchi/templates/gnocchi.conf.j2 | 2 +- ansible/roles/grafana/defaults/main.yml | 10 ++- ansible/roles/grafana/tasks/post_config.yml | 6 +- .../grafana/templates/prometheus.yaml.j2 | 2 +- ansible/roles/heat/defaults/main.yml | 5 +- ansible/roles/heat/templates/heat.conf.j2 | 5 +- ansible/roles/horizon/defaults/main.yml | 4 +- ansible/roles/ironic/defaults/main.yml | 6 +- .../roles/ironic/templates/inspector.ipxe.j2 | 2 +- ansible/roles/ironic/templates/ironic.conf.j2 | 2 +- .../ironic/templates/pxelinux.default.j2 | 3 +- .../roles/keystone/templates/keystone.conf.j2 | 2 +- ansible/roles/kibana/templates/kibana.yml.j2 | 2 +- ansible/roles/kuryr/defaults/main.yml | 5 ++ ansible/roles/kuryr/templates/kuryr.conf.j2 | 2 +- ansible/roles/kuryr/templates/kuryr.spec.j2 | 2 +- ansible/roles/manila/defaults/main.yml | 18 +++-- .../manila/templates/manila-share.conf.j2 | 2 +- ansible/roles/mistral/defaults/main.yml | 4 +- .../roles/mistral/templates/mistral.conf.j2 | 2 +- ansible/roles/monasca/defaults/main.yml | 14 ++-- ansible/roles/monasca/tasks/post_config.yml | 14 ++-- .../murano/tasks/import_library_packages.yml | 6 +- ansible/roles/murano/templates/murano.conf.j2 | 2 +- ansible/roles/neutron/defaults/main.yml | 4 -- .../roles/neutron/templates/neutron.conf.j2 | 4 +- .../roles/nova-cell/templates/nova.conf.j2 | 4 +- ansible/roles/nova/defaults/main.yml | 15 +++-- ansible/roles/nova/templates/nova.conf.j2 | 3 +- ansible/roles/octavia/defaults/main.yml | 4 -- .../roles/prometheus/templates/clouds.yml.j2 | 2 +- .../templates/prometheus-alertmanager.yml.j2 | 2 +- ansible/roles/searchlight/defaults/main.yml | 2 +- .../searchlight/templates/searchlight.conf.j2 | 2 +- ansible/roles/swift/defaults/main.yml | 4 -- .../roles/tempest/templates/tempest.conf.j2 | 8 +-- ansible/roles/vitrage/defaults/main.yml | 4 -- 49 files changed, 192 insertions(+), 125 deletions(-) diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 589f3aa792..210485c6bf 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -168,6 +168,8 @@ keepalived_virtual_router_id: "51" es_heap_size: "1G" elasticsearch_datadir_volume: "elasticsearch" +elasticsearch_internal_endpoint: "{{ internal_protocol }}://{{ elasticsearch_address | put_address_in_context('url') }}:{{ elasticsearch_port }}" + ################### # Messaging options ################### @@ -301,6 +303,7 @@ heat_api_cfn_port: "8000" heat_api_cfn_listen_port: "{{ heat_api_cfn_port }}" horizon_port: "80" +horizon_tls_port: "443" horizon_listen_port: "{{ horizon_port }}" influxdb_http_port: "8086" @@ -690,6 +693,13 @@ enable_destroy_images: "no" #################### # Monasca options #################### +monasca_api_admin_base_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}" +monasca_api_internal_base_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}" +monasca_api_public_base_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}" + +monasca_log_api_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }}" +monasca_log_api_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }}" +monasca_log_api_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }}" # The OpenStack username used by the Monasca Agent and the Fluentd Monasca # plugin to post logs and metrics from the control plane to Monasca. @@ -786,6 +796,7 @@ kibana_log_prefix: "flog" #################### keystone_internal_fqdn: "{{ kolla_internal_fqdn }}" keystone_external_fqdn: "{{ kolla_external_fqdn }}" + keystone_admin_url: "{{ admin_protocol }}://{{ keystone_internal_fqdn | put_address_in_context('url') }}:{{ keystone_admin_port }}" keystone_internal_url: "{{ internal_protocol }}://{{ keystone_internal_fqdn | put_address_in_context('url') }}:{{ keystone_public_port }}" keystone_public_url: "{{ public_protocol }}://{{ keystone_external_fqdn | put_address_in_context('url') }}:{{ keystone_public_port }}" @@ -837,6 +848,10 @@ glance_enable_property_protection: "no" glance_enable_interoperable_image_import: "no" glance_api_hosts: "{{ [groups['glance-api']|first] if glance_backend_file | bool and glance_file_datadir_volume == 'glance' else groups['glance-api'] }}" +glance_admin_endpoint: "{{ admin_protocol }}://{{ glance_internal_fqdn | put_address_in_context('url') }}:{{ glance_api_port }}" +glance_internal_endpoint: "{{ internal_protocol }}://{{ glance_internal_fqdn | put_address_in_context('url') }}:{{ glance_api_port }}" +glance_public_endpoint: "{{ public_protocol }}://{{ glance_external_fqdn | put_address_in_context('url') }}:{{ glance_api_port }}" + ####################### # Barbican options ####################### @@ -844,6 +859,10 @@ glance_api_hosts: "{{ [groups['glance-api']|first] if glance_backend_file | bool barbican_crypto_plugin: "simple_crypto" barbican_library_path: "/usr/lib/libCryptoki2_64.so" +barbican_admin_endpoint: "{{ admin_protocol }}://{{ barbican_internal_fqdn | put_address_in_context('url') }}:{{ barbican_api_port }}" +barbican_internal_endpoint: "{{ internal_protocol }}://{{ barbican_internal_fqdn | put_address_in_context('url') }}:{{ barbican_api_port }}" +barbican_public_endpoint: "{{ public_protocol }}://{{ barbican_external_fqdn | put_address_in_context('url') }}:{{ barbican_api_port }}" + ################# # Gnocchi options ################# @@ -854,7 +873,6 @@ gnocchi_backend_storage: "{% if enable_swift | bool %}swift{% else %}file{% endi gnocchi_incoming_storage: "{{ 'redis' if enable_redis | bool else '' }}" gnocchi_metric_datadir_volume: "gnocchi" - ################################# # Cinder options ################################# @@ -893,6 +911,10 @@ designate_backend_external_bind9_nameservers: "" # Valid options are [ '', redis ] designate_coordination_backend: "{{ 'redis' if enable_redis|bool else '' }}" +designate_admin_endpoint: "{{ admin_protocol }}://{{ designate_internal_fqdn | put_address_in_context('url') }}:{{ designate_api_port }}" +designate_internal_endpoint: "{{ internal_protocol }}://{{ designate_internal_fqdn | put_address_in_context('url') }}:{{ designate_api_port }}" +designate_public_endpoint: "{{ public_protocol }}://{{ designate_external_fqdn | put_address_in_context('url') }}:{{ designate_api_port }}" + ####################### # Neutron options ####################### @@ -917,6 +939,11 @@ neutron_legacy_iptables: "no" # Enable distributed floating ip for OVN deployments neutron_ovn_distributed_fip: "no" +neutron_admin_endpoint: "{{ admin_protocol }}://{{ neutron_internal_fqdn | put_address_in_context('url') }}:{{ neutron_server_port }}" +neutron_internal_endpoint: "{{ internal_protocol }}://{{ neutron_internal_fqdn | put_address_in_context('url') }}:{{ neutron_server_port }}" +neutron_public_endpoint: "{{ public_protocol }}://{{ neutron_external_fqdn | put_address_in_context('url') }}:{{ neutron_server_port }}" + + ####################### # Nova options ####################### @@ -954,6 +981,8 @@ enable_keystone_horizon_policy_file: "{{ enable_keystone }}" enable_neutron_horizon_policy_file: "{{ enable_neutron }}" enable_nova_horizon_policy_file: "{{ enable_nova }}" +horizon_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ horizon_tls_port if kolla_enable_tls_internal | bool else horizon_port }}" + ################# # Octavia options ################# @@ -1044,12 +1073,15 @@ prometheus_openstack_exporter_endpoint_type: "internal" ############ enable_vitrage_prometheus_datasource: "{{ enable_prometheus | bool }}" + #################### # InfluxDB options #################### influxdb_address: "{{ kolla_internal_fqdn }}" influxdb_datadir_volume: "influxdb" +infuxdb_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ influxdb_http_port }}" + ################# # Kafka options ################# @@ -1073,3 +1105,36 @@ distro_python_version: "{{ distro_python_version_map[kolla_base_distro] }}" # Configure telegraf to use the docker daemon itself as an input for # telemetry data. telegraf_enable_docker_input: "no" + +vitrage_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ vitrage_api_port }}" +vitrage_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ vitrage_api_port }}" +vitrage_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ vitrage_api_port }}" + +#################### +# Grafana +#################### +grafana_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ grafana_server_port }}" +grafana_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ grafana_server_port }}" + +############# +# Ironic +############# +ironic_admin_endpoint: "{{ admin_protocol }}://{{ ironic_internal_fqdn | put_address_in_context('url') }}:{{ ironic_api_port }}" +ironic_internal_endpoint: "{{ internal_protocol }}://{{ ironic_internal_fqdn | put_address_in_context('url') }}:{{ ironic_api_port }}" +ironic_public_endpoint: "{{ public_protocol }}://{{ ironic_external_fqdn | put_address_in_context('url') }}:{{ ironic_api_port }}" + +######## +# Swift +######## +swift_internal_base_endpoint: "{{ internal_protocol }}://{{ swift_internal_fqdn | put_address_in_context('url') }}:{{ swift_proxy_server_port }}" + +swift_admin_endpoint: "{{ admin_protocol }}://{{ swift_internal_fqdn | put_address_in_context('url') }}:{{ swift_proxy_server_port }}/v1" +swift_internal_endpoint: "{{ swift_internal_base_endpoint }}/v1/AUTH_%(tenant_id)s" +swift_public_endpoint: "{{ public_protocol }}://{{ swift_external_fqdn | put_address_in_context('url') }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s" + +########## +# Octavia +########## +octavia_admin_endpoint: "{{ admin_protocol }}://{{ octavia_internal_fqdn | put_address_in_context('url') }}:{{ octavia_api_port }}" +octavia_internal_endpoint: "{{ internal_protocol }}://{{ octavia_internal_fqdn | put_address_in_context('url') }}:{{ octavia_api_port }}" +octavia_public_endpoint: "{{ public_protocol }}://{{ octavia_external_fqdn | put_address_in_context('url') }}:{{ octavia_api_port }}" diff --git a/ansible/roles/barbican/defaults/main.yml b/ansible/roles/barbican/defaults/main.yml index df58ee959c..ccdf4d7a9f 100644 --- a/ansible/roles/barbican/defaults/main.yml +++ b/ansible/roles/barbican/defaults/main.yml @@ -98,10 +98,6 @@ barbican_worker_extra_volumes: "{{ barbican_extra_volumes }}" #################### # OpenStack #################### -barbican_admin_endpoint: "{{ admin_protocol }}://{{ barbican_internal_fqdn | put_address_in_context('url') }}:{{ barbican_api_port }}" -barbican_internal_endpoint: "{{ internal_protocol }}://{{ barbican_internal_fqdn | put_address_in_context('url') }}:{{ barbican_api_port }}" -barbican_public_endpoint: "{{ public_protocol }}://{{ barbican_external_fqdn | put_address_in_context('url') }}:{{ barbican_api_port }}" - barbican_logging_debug: "{{ openstack_logging_debug }}" barbican_keystone_user: "barbican" diff --git a/ansible/roles/barbican/templates/barbican.conf.j2 b/ansible/roles/barbican/templates/barbican.conf.j2 index c207318709..d7b698579f 100644 --- a/ansible/roles/barbican/templates/barbican.conf.j2 +++ b/ansible/roles/barbican/templates/barbican.conf.j2 @@ -4,7 +4,8 @@ log_dir = /var/log/kolla/barbican bind_port = {{ barbican_api_listen_port }} bind_host = {{ api_interface_address }} -host_href = {{ public_protocol }}://{{ barbican_external_fqdn | put_address_in_context('url') }}:{{ barbican_api_port }} +host_href = {{ barbican_public_endpoint }} + backlog = 4096 max_allowed_secret_in_bytes = 10000 max_allowed_request_size_in_bytes = 1000000 diff --git a/ansible/roles/cinder/defaults/main.yml b/ansible/roles/cinder/defaults/main.yml index 05764dace5..95c7576d7e 100644 --- a/ansible/roles/cinder/defaults/main.yml +++ b/ansible/roles/cinder/defaults/main.yml @@ -128,12 +128,17 @@ cinder_volume_extra_volumes: "{{ cinder_extra_volumes }}" #################### # OpenStack #################### -cinder_v2_admin_endpoint: "{{ admin_protocol }}://{{ cinder_internal_fqdn | put_address_in_context('url') }}:{{ cinder_api_port }}/v2/%(tenant_id)s" -cinder_v2_internal_endpoint: "{{ internal_protocol }}://{{ cinder_internal_fqdn | put_address_in_context('url') }}:{{ cinder_api_port }}/v2/%(tenant_id)s" -cinder_v2_public_endpoint: "{{ public_protocol }}://{{ cinder_external_fqdn | put_address_in_context('url') }}:{{ cinder_api_port }}/v2/%(tenant_id)s" -cinder_v3_admin_endpoint: "{{ admin_protocol }}://{{ cinder_internal_fqdn | put_address_in_context('url') }}:{{ cinder_api_port }}/v3/%(tenant_id)s" -cinder_v3_internal_endpoint: "{{ internal_protocol }}://{{ cinder_internal_fqdn | put_address_in_context('url') }}:{{ cinder_api_port }}/v3/%(tenant_id)s" -cinder_v3_public_endpoint: "{{ public_protocol }}://{{ cinder_external_fqdn | put_address_in_context('url') }}:{{ cinder_api_port }}/v3/%(tenant_id)s" +cinder_admin_base_endpoint: "{{ admin_protocol }}://{{ cinder_internal_fqdn | put_address_in_context('url') }}:{{ cinder_api_port }}" +cinder_internal_base_endpoint: "{{ internal_protocol }}://{{ cinder_internal_fqdn | put_address_in_context('url') }}:{{ cinder_api_port }}" +cinder_public_base_endpoint: "{{ public_protocol }}://{{ cinder_external_fqdn | put_address_in_context('url') }}:{{ cinder_api_port }}" + +cinder_v2_admin_endpoint: "{{ cinder_admin_base_endpoint }}/v2/%(tenant_id)s" +cinder_v2_internal_endpoint: "{{ cinder_internal_base_endpoint }}/v2/%(tenant_id)s" +cinder_v2_public_endpoint: "{{ cinder_public_base_endpoint }}/v2/%(tenant_id)s" + +cinder_v3_admin_endpoint: "{{ cinder_admin_base_endpoint }}/v3/%(tenant_id)s" +cinder_v3_internal_endpoint: "{{ cinder_internal_base_endpoint }}/v3/%(tenant_id)s" +cinder_v3_public_endpoint: "{{ cinder_public_base_endpoint }}/v3/%(tenant_id)s" cinder_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/cinder/templates/cinder.conf.j2 b/ansible/roles/cinder/templates/cinder.conf.j2 index 2066c4db92..5fcae8daa0 100644 --- a/ansible/roles/cinder/templates/cinder.conf.j2 +++ b/ansible/roles/cinder/templates/cinder.conf.j2 @@ -13,7 +13,7 @@ my_ip = {{ api_interface_address }} osapi_volume_workers = {{ openstack_service_workers }} volume_name_template = volume-%s -glance_api_servers = {{ internal_protocol }}://{{ glance_internal_fqdn | put_address_in_context('url') }}:{{ glance_api_port }} +glance_api_servers = {{ glance_internal_endpoint }} glance_num_retries = {{ groups['glance-api'] | length }} glance_api_version = 2 @@ -43,7 +43,7 @@ backup_share = {{ cinder_backup_share }} backup_file_size = 327680000 {% elif enable_swift | bool and cinder_backup_driver == "swift" %} backup_driver = cinder.backup.drivers.swift.SwiftBackupDriver -backup_swift_url = {{ internal_protocol }}://{{ swift_internal_fqdn | put_address_in_context('url') }}:{{ swift_proxy_server_port }}/v1/AUTH_ +backup_swift_url = {{ swift_internal_base_endpoint }}/v1/AUTH_ backup_swift_auth = per_user backup_swift_auth_version = 1 backup_swift_user = diff --git a/ansible/roles/common/templates/conf/output/00-local.conf.j2 b/ansible/roles/common/templates/conf/output/00-local.conf.j2 index d1eb7ae79c..13514dfa31 100644 --- a/ansible/roles/common/templates/conf/output/00-local.conf.j2 +++ b/ansible/roles/common/templates/conf/output/00-local.conf.j2 @@ -40,7 +40,7 @@ @type monasca keystone_url {{ keystone_internal_url }} - monasca_api {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }} + monasca_api {{ monasca_log_api_internal_endpoint }} monasca_api_version v2.0 username {{ monasca_agent_user }} password {{ monasca_agent_password }} @@ -102,7 +102,7 @@ @type monasca keystone_url {{ keystone_internal_url }} - monasca_api {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }} + monasca_api {{ monasca_log_api_internal_endpoint }} monasca_api_version v2.0 username {{ monasca_agent_user }} password {{ monasca_agent_password }} @@ -161,7 +161,7 @@ @type monasca keystone_url {{ keystone_internal_url }} - monasca_api {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }} + monasca_api {{ monasca_log_api_internal_endpoint }} monasca_api_version v2.0 username {{ monasca_agent_user }} password {{ monasca_agent_password }} diff --git a/ansible/roles/common/templates/conf/output/02-monasca.conf.j2 b/ansible/roles/common/templates/conf/output/02-monasca.conf.j2 index 8d5cfacba0..6a8824a56c 100644 --- a/ansible/roles/common/templates/conf/output/02-monasca.conf.j2 +++ b/ansible/roles/common/templates/conf/output/02-monasca.conf.j2 @@ -3,7 +3,7 @@ @type monasca keystone_url {{ keystone_internal_url }} - monasca_api {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }} + monasca_api {{ monasca_log_api_internal_endpoint }} monasca_api_version v2.0 username {{ monasca_agent_user }} password {{ monasca_agent_password }} diff --git a/ansible/roles/cyborg/templates/cyborg.conf.j2 b/ansible/roles/cyborg/templates/cyborg.conf.j2 index 14f9e7378d..0330edf197 100644 --- a/ansible/roles/cyborg/templates/cyborg.conf.j2 +++ b/ansible/roles/cyborg/templates/cyborg.conf.j2 @@ -17,13 +17,13 @@ connection = mysql+pymysql://{{ cyborg_database_user }}:{{ cyborg_database_passw memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} memcache_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} -auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ keystone_public_port }} +auth_uri = {{ keystone_internal_url }} project_domain_name = {{ default_project_domain_name }} project_name = service user_domain_name = {{ default_user_domain_name }} username = {{ cyborg_keystone_user }} password = {{ cyborg_keystone_password }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ keystone_admin_port }} +auth_url = {{ keystone_admin_url }} auth_type = password cafile = {{ openstack_cacert }} diff --git a/ansible/roles/designate/templates/designate.conf.j2 b/ansible/roles/designate/templates/designate.conf.j2 index 5e6cc08fb5..2d1701aa56 100644 --- a/ansible/roles/designate/templates/designate.conf.j2 +++ b/ansible/roles/designate/templates/designate.conf.j2 @@ -12,7 +12,7 @@ workers = {{ openstack_service_workers }} [service:api] listen = {{ api_interface_address | put_address_in_context('url') }}:{{ designate_api_listen_port }} -api_base_uri = {{ internal_protocol }}://{{ designate_internal_fqdn | put_address_in_context('url') }}:{{ designate_api_port }} +api_base_uri = {{ designate_internal_endpoint }} workers = {{ openstack_service_workers }} enable_api_admin = True enable_host_header = True diff --git a/ansible/roles/elasticsearch/tasks/upgrade.yml b/ansible/roles/elasticsearch/tasks/upgrade.yml index 16f263f988..790e9bd2ff 100644 --- a/ansible/roles/elasticsearch/tasks/upgrade.yml +++ b/ansible/roles/elasticsearch/tasks/upgrade.yml @@ -1,8 +1,4 @@ --- -- name: Set fact for Elasticsearch URL - set_fact: - elasticsearch_url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}" - # The official procedure for upgrade elasticsearch: # https://www.elastic.co/guide/en/elasticsearch/reference/6.x/restart-upgrade.html - name: Disable shard allocation @@ -12,7 +8,7 @@ kolla_toolbox: module_name: uri module_args: - url: "{{ elasticsearch_url }}/_cluster/settings" + url: "{{ elasticsearch_internal_endpoint }}/_cluster/settings" method: PUT status_code: 200 return_content: yes @@ -26,7 +22,7 @@ kolla_toolbox: module_name: uri module_args: - url: "{{ elasticsearch_url }}/_flush/synced" + url: "{{ elasticsearch_internal_endpoint }}/_flush/synced" method: POST status_code: 200 return_content: yes diff --git a/ansible/roles/etcd/defaults/main.yml b/ansible/roles/etcd/defaults/main.yml index 0b26cadbf7..bca599286f 100644 --- a/ansible/roles/etcd/defaults/main.yml +++ b/ansible/roles/etcd/defaults/main.yml @@ -9,10 +9,10 @@ etcd_services: environment: ETCD_DATA_DIR: "/var/lib/etcd" ETCD_NAME: "{{ ansible_hostname }}" - ETCD_ADVERTISE_CLIENT_URLS: "{{ etcd_protocol }}://{{ api_interface_address | put_address_in_context('url') }}:{{ etcd_client_port }}" - ETCD_LISTEN_CLIENT_URLS: "{{ etcd_protocol }}://{{ api_interface_address | put_address_in_context('url') }}:{{ etcd_client_port }}" - ETCD_INITIAL_ADVERTISE_PEER_URLS: "{{ etcd_protocol }}://{{ api_interface_address | put_address_in_context('url') }}:{{ etcd_peer_port }}" - ETCD_LISTEN_PEER_URLS: "{{ etcd_protocol }}://{{ api_interface_address | put_address_in_context('url') }}:{{ etcd_peer_port }}" + ETCD_ADVERTISE_CLIENT_URLS: "{{ etcd_client_internal_endpoint }}" + ETCD_LISTEN_CLIENT_URLS: "{{ etcd_client_internal_endpoint }}" + ETCD_INITIAL_ADVERTISE_PEER_URLS: "{{ etcd_peer_internal_endpoint }}" + ETCD_LISTEN_PEER_URLS: "{{ etcd_peer_internal_endpoint }}" ETCD_INITIAL_CLUSTER_TOKEN: "{{ etcd_cluster_token }}" ETCD_INITIAL_CLUSTER: "{% for host in groups['etcd'] %}{{ hostvars[host]['ansible_hostname'] }}={{ etcd_protocol }}://{{ 'api' | kolla_address(host) | put_address_in_context('url') }}:{{ etcd_peer_port }}{% if not loop.last %},{% endif %}{% endfor %}" ETCD_INITIAL_CLUSTER_STATE: "new" @@ -43,3 +43,9 @@ etcd_default_volumes: - "kolla_etcd:/var/lib/etcd/" - "kolla_logs:/var/log/kolla/" etcd_extra_volumes: "{{ default_extra_volumes }}" + +############ +# Endpoints +############ +etcd_client_internal_endpoint: "{{ internal_protocol }}://{{ api_interface_address | put_address_in_context('url') }}:{{ etcd_client_port }}" +etcd_peer_internal_endpoint: "{{ internal_protocol }}://{{ api_interface_address | put_address_in_context('url') }}:{{ etcd_peer_port }}" diff --git a/ansible/roles/freezer/defaults/main.yml b/ansible/roles/freezer/defaults/main.yml index 5d95fab441..379b5fb5ed 100644 --- a/ansible/roles/freezer/defaults/main.yml +++ b/ansible/roles/freezer/defaults/main.yml @@ -36,9 +36,9 @@ freezer_database_name: "freezer" freezer_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}freezer{% endif %}" freezer_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}" freezer_elasticsearch_replicas: "1" -freezer_es_protocol: -freezer_es_address: -freezer_es_port: +freezer_es_protocol: "{{ internal_protocol }}" +freezer_es_address: "{{ elasticsearch_address }}" +freezer_es_port: "{{ elasticsearch_port }}" #################### # Docker diff --git a/ansible/roles/gnocchi/templates/gnocchi.conf.j2 b/ansible/roles/gnocchi/templates/gnocchi.conf.j2 index a00eeabc90..79ba8b504b 100644 --- a/ansible/roles/gnocchi/templates/gnocchi.conf.j2 +++ b/ansible/roles/gnocchi/templates/gnocchi.conf.j2 @@ -89,5 +89,5 @@ swift_project_name = {{ swift_admin_tenant_name }} {% if enable_grafana | bool %} [cors] -allowed_origin = {{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ grafana_server_port }} +allowed_origin = {{ grafana_public_endpoint }} {% endif %} diff --git a/ansible/roles/grafana/defaults/main.yml b/ansible/roles/grafana/defaults/main.yml index a5326ead5d..20c3482116 100644 --- a/ansible/roles/grafana/defaults/main.yml +++ b/ansible/roles/grafana/defaults/main.yml @@ -39,7 +39,7 @@ grafana_data_sources: database: "telegraf" name: "telegraf" type: "influxdb" - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ influxdb_http_port }}" + url: "{{ infuxdb_internal_endpoint }}" access: "proxy" basicAuth: false elasticsearch: @@ -48,7 +48,7 @@ grafana_data_sources: name: "elasticsearch" type: "elasticsearch" access: "proxy" - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}" + url: "{{ elasticsearch_internal_endpoint }}" database: "flog-*" jsonData: esVersion: 5 @@ -64,7 +64,6 @@ grafana_image_full: "{{ grafana_image }}:{{ grafana_tag }}" grafana_admin_username: "admin" grafana_dimensions: "{{ default_container_dimensions }}" - grafana_default_volumes: - "{{ node_config_directory }}/grafana/:{{ container_config_directory }}/:ro" - "/etc/localtime:/etc/localtime:ro" @@ -72,3 +71,8 @@ grafana_default_volumes: - "grafana:/var/lib/grafana/" - "kolla_logs:/var/log/kolla/" grafana_extra_volumes: "{{ default_extra_volumes }}" + +############ +# Prometheus +############ +grafana_prometheus_url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ prometheus_port }}" diff --git a/ansible/roles/grafana/tasks/post_config.yml b/ansible/roles/grafana/tasks/post_config.yml index 6739b6c261..a4ccf1b8df 100644 --- a/ansible/roles/grafana/tasks/post_config.yml +++ b/ansible/roles/grafana/tasks/post_config.yml @@ -4,7 +4,7 @@ kolla_toolbox: module_name: uri module_args: - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ grafana_server_port }}/login" + url: "{{ grafana_internal_endpoint }}/login" status_code: 200 register: result until: result.get('status') == 200 @@ -17,7 +17,7 @@ kolla_toolbox: module_name: uri module_args: - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ grafana_server_port }}/api/datasources" + url: "{{ grafana_internal_endpoint }}/api/datasources" method: POST user: "{{ grafana_admin_username }}" password: "{{ grafana_admin_password }}" @@ -38,7 +38,7 @@ kolla_toolbox: module_name: uri module_args: - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ grafana_server_port }}/api/user/helpflags/1" + url: "{{ grafana_internal_endpoint }}/api/user/helpflags/1" method: PUT user: "{{ grafana_admin_username }}" password: "{{ grafana_admin_password }}" diff --git a/ansible/roles/grafana/templates/prometheus.yaml.j2 b/ansible/roles/grafana/templates/prometheus.yaml.j2 index d57891dedb..870da4b7f9 100644 --- a/ansible/roles/grafana/templates/prometheus.yaml.j2 +++ b/ansible/roles/grafana/templates/prometheus.yaml.j2 @@ -5,5 +5,5 @@ datasources: type: prometheus access: proxy orgId: 1 - url: {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ prometheus_port }} + url: {{ grafana_prometheus_url }} version: 1 diff --git a/ansible/roles/heat/defaults/main.yml b/ansible/roles/heat/defaults/main.yml index 796fa521e4..5ec8c202cf 100644 --- a/ansible/roles/heat/defaults/main.yml +++ b/ansible/roles/heat/defaults/main.yml @@ -114,9 +114,12 @@ heat_engine_extra_volumes: "{{ heat_extra_volumes }}" heat_admin_endpoint: "{{ admin_protocol }}://{{ heat_internal_fqdn | put_address_in_context('url') }}:{{ heat_api_port }}/v1/%(tenant_id)s" heat_internal_endpoint: "{{ internal_protocol }}://{{ heat_internal_fqdn | put_address_in_context('url') }}:{{ heat_api_port }}/v1/%(tenant_id)s" heat_public_endpoint: "{{ public_protocol }}://{{ heat_external_fqdn | put_address_in_context('url') }}:{{ heat_api_port }}/v1/%(tenant_id)s" + +heat_cfn_public_base_endpoint: "{{ public_protocol }}://{{ heat_cfn_external_fqdn | put_address_in_context('url') }}:{{ heat_api_cfn_port }}" + heat_cfn_admin_endpoint: "{{ admin_protocol }}://{{ heat_cfn_internal_fqdn | put_address_in_context('url') }}:{{ heat_api_cfn_port }}/v1" heat_cfn_internal_endpoint: "{{ internal_protocol }}://{{ heat_cfn_internal_fqdn | put_address_in_context('url') }}:{{ heat_api_cfn_port }}/v1" -heat_cfn_public_endpoint: "{{ public_protocol }}://{{ heat_cfn_external_fqdn | put_address_in_context('url') }}:{{ heat_api_cfn_port }}/v1" +heat_cfn_public_endpoint: "{{ heat_cfn_public_base_endpoint }}/v1" heat_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/heat/templates/heat.conf.j2 b/ansible/roles/heat/templates/heat.conf.j2 index dda99617e7..4ab451247b 100644 --- a/ansible/roles/heat/templates/heat.conf.j2 +++ b/ansible/roles/heat/templates/heat.conf.j2 @@ -3,9 +3,8 @@ debug = {{ heat_logging_debug }} log_dir = /var/log/kolla/heat log_file = $log_dir/{{ service_name }}.log - -heat_metadata_server_url = {{ public_protocol }}://{{ heat_cfn_external_fqdn | put_address_in_context('url') }}:{{ heat_api_cfn_port }} -heat_waitcondition_server_url = {{ public_protocol }}://{{ heat_cfn_external_fqdn | put_address_in_context('url') }}:{{ heat_api_cfn_port }}/v1/waitcondition +heat_metadata_server_url = {{ heat_cfn_public_base_endpoint }} +heat_waitcondition_server_url = {{ heat_cfn_public_base_endpoint }}/v1/waitcondition heat_stack_user_role = {{ heat_stack_user_role }} diff --git a/ansible/roles/horizon/defaults/main.yml b/ansible/roles/horizon/defaults/main.yml index 59b800ce34..57d3f2bc75 100644 --- a/ansible/roles/horizon/defaults/main.yml +++ b/ansible/roles/horizon/defaults/main.yml @@ -41,7 +41,7 @@ horizon_services: enabled: "{{ enable_horizon }}" mode: "http" external: false - port: "{% if kolla_enable_tls_internal|bool %}443{% else %}{{ horizon_port }}{% endif %}" + port: "{% if kolla_enable_tls_internal|bool %}{{ horizon_tls_port }}{% else %}{{ horizon_port }}{% endif %}" listen_port: "{{ horizon_listen_port }}" backend_http_extra: - "balance source" @@ -56,7 +56,7 @@ horizon_services: enabled: "{{ enable_horizon }}" mode: "http" external: true - port: "{% if kolla_enable_tls_external|bool %}443{% else %}{{ horizon_port }}{% endif %}" + port: "{% if kolla_enable_tls_external|bool %}{{ horizon_tls_port }}{% else %}{{ horizon_port }}{% endif %}" listen_port: "{{ horizon_listen_port }}" backend_http_extra: - "balance source" diff --git a/ansible/roles/ironic/defaults/main.yml b/ansible/roles/ironic/defaults/main.yml index e29347ae6f..2305157d68 100644 --- a/ansible/roles/ironic/defaults/main.yml +++ b/ansible/roles/ironic/defaults/main.yml @@ -180,10 +180,6 @@ ironic_dnsmasq_extra_volumes: "{{ ironic_extra_volumes }}" #################### ironic_inspector_keystone_user: "ironic-inspector" -ironic_admin_endpoint: "{{ admin_protocol }}://{{ ironic_internal_fqdn | put_address_in_context('url') }}:{{ ironic_api_port }}" -ironic_internal_endpoint: "{{ internal_protocol }}://{{ ironic_internal_fqdn | put_address_in_context('url') }}:{{ ironic_api_port }}" -ironic_public_endpoint: "{{ public_protocol }}://{{ ironic_external_fqdn | put_address_in_context('url') }}:{{ ironic_api_port }}" - ironic_inspector_admin_endpoint: "{{ admin_protocol }}://{{ ironic_inspector_internal_fqdn | put_address_in_context('url') }}:{{ ironic_inspector_port }}" ironic_inspector_internal_endpoint: "{{ internal_protocol }}://{{ ironic_inspector_internal_fqdn | put_address_in_context('url') }}:{{ ironic_inspector_port }}" ironic_inspector_public_endpoint: "{{ public_protocol }}://{{ ironic_inspector_external_fqdn | put_address_in_context('url') }}:{{ ironic_inspector_port }}" @@ -204,7 +200,7 @@ ironic_dnsmasq_default_gateway: ironic_dnsmasq_boot_file: "{% if enable_ironic_ipxe | bool %}undionly.kpxe{% else %}pxelinux.0{% endif %}" ironic_cleaning_network: ironic_console_serial_speed: "115200n8" -ironic_ipxe_url: http://{{ api_interface_address | put_address_in_context('url') }}:{{ ironic_ipxe_port }} +ironic_ipxe_url: "http://{{ api_interface_address | put_address_in_context('url') }}:{{ ironic_ipxe_port }}" ironic_enable_rolling_upgrade: "yes" ironic_inspector_kernel_cmdline_extras: [] ironic_inspector_pxe_filter: "{% if enable_neutron | bool %}dnsmasq{% else %}none{% endif %}" diff --git a/ansible/roles/ironic/templates/inspector.ipxe.j2 b/ansible/roles/ironic/templates/inspector.ipxe.j2 index 4094bf41e4..c0715118f6 100644 --- a/ansible/roles/ironic/templates/inspector.ipxe.j2 +++ b/ansible/roles/ironic/templates/inspector.ipxe.j2 @@ -13,6 +13,6 @@ chain pxelinux.cfg/${mac:hexhyp} || goto inspector_ipa :inspector_ipa :retry_boot imgfree -kernel --timeout 30000 {{ ironic_ipxe_url }}/ironic-agent.kernel ipa-inspection-callback-url={{ internal_protocol }}://{{ ironic_inspector_internal_fqdn | put_address_in_context('url') }}:{{ ironic_inspector_port }}/v1/continue systemd.journald.forward_to_console=yes BOOTIF=${mac} initrd=ironic-agent.initramfs {{ ironic_inspector_kernel_cmdline_extras | join(' ') }} || goto retry_boot +kernel --timeout 30000 {{ ironic_ipxe_url }}/ironic-agent.kernel ipa-inspection-callback-url={{ ironic_inspector_internal_endpoint }}/v1/continue systemd.journald.forward_to_console=yes BOOTIF=${mac} initrd=ironic-agent.initramfs {{ ironic_inspector_kernel_cmdline_extras | join(' ') }} || goto retry_boot initrd --timeout 30000 {{ ironic_ipxe_url }}/ironic-agent.initramfs || goto retry_boot boot diff --git a/ansible/roles/ironic/templates/ironic.conf.j2 b/ansible/roles/ironic/templates/ironic.conf.j2 index 1a95cfd47e..7e79cd2789 100644 --- a/ansible/roles/ironic/templates/ironic.conf.j2 +++ b/ansible/roles/ironic/templates/ironic.conf.j2 @@ -172,7 +172,7 @@ valid_interfaces = internal cafile = {{ openstack_cacert }} {% else %} auth_type = none -endpoint_override = {{ internal_protocol }}://{{ ironic_internal_fqdn | put_address_in_context('url') }}:{{ ironic_api_port }} +endpoint_override = {{ ironic_internal_endpoint }} {% endif %} [agent] diff --git a/ansible/roles/ironic/templates/pxelinux.default.j2 b/ansible/roles/ironic/templates/pxelinux.default.j2 index f75e757489..3b5b6ce75b 100644 --- a/ansible/roles/ironic/templates/pxelinux.default.j2 +++ b/ansible/roles/ironic/templates/pxelinux.default.j2 @@ -2,6 +2,7 @@ default introspect label introspect kernel ironic-agent.kernel -append initrd=ironic-agent.initramfs ipa-inspection-callback-url={{ internal_protocol }}://{{ ironic_inspector_internal_fqdn | put_address_in_context('url') }}:{{ ironic_inspector_port }}/v1/continue systemd.journald.forward_to_console=yes {{ ironic_inspector_kernel_cmdline_extras | join(' ') }} + +append initrd=ironic-agent.initramfs ipa-inspection-callback-url={{ ironic_inspector_internal_endpoint }}/v1/continue systemd.journald.forward_to_console=yes {{ ironic_inspector_kernel_cmdline_extras | join(' ') }} ipappend 3 diff --git a/ansible/roles/keystone/templates/keystone.conf.j2 b/ansible/roles/keystone/templates/keystone.conf.j2 index d8664e96ae..1e028935b4 100644 --- a/ansible/roles/keystone/templates/keystone.conf.j2 +++ b/ansible/roles/keystone/templates/keystone.conf.j2 @@ -68,5 +68,5 @@ connection_string = {{ osprofiler_backend_connection_string }} {% if enable_grafana | bool %} [cors] -allowed_origin = {{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ grafana_server_port }} +allowed_origin = {{ grafana_public_endpoint }} {% endif %} diff --git a/ansible/roles/kibana/templates/kibana.yml.j2 b/ansible/roles/kibana/templates/kibana.yml.j2 index d613c3c980..c5eb81cbe2 100644 --- a/ansible/roles/kibana/templates/kibana.yml.j2 +++ b/ansible/roles/kibana/templates/kibana.yml.j2 @@ -2,7 +2,7 @@ kibana.defaultAppId: "{{ kibana_default_app_id }}" logging.dest: /var/log/kolla/kibana/kibana.log server.port: {{ kibana_server_port }} server.host: "{{ api_interface_address }}" -elasticsearch.url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}" +elasticsearch.url: "{{ elasticsearch_internal_endpoint }}" elasticsearch.requestTimeout: {{ kibana_elasticsearch_request_timeout }} elasticsearch.shardTimeout: {{ kibana_elasticsearch_shard_timeout }} elasticsearch.ssl.verificationMode: "{{ 'full' if kibana_elasticsearch_ssl_verify | bool else 'none' }}" diff --git a/ansible/roles/kuryr/defaults/main.yml b/ansible/roles/kuryr/defaults/main.yml index 72ac22666f..a9ef18fe1a 100644 --- a/ansible/roles/kuryr/defaults/main.yml +++ b/ansible/roles/kuryr/defaults/main.yml @@ -70,3 +70,8 @@ kuryr_ks_users: user: "{{ kuryr_keystone_user }}" password: "{{ kuryr_keystone_password }}" role: "admin" + +########### +# Endpoints +########## +kuryr_internal_endpoint: "{{ internal_protocol }}://{{ api_interface_address | put_address_in_context('url') }}:{{ kuryr_port }}" diff --git a/ansible/roles/kuryr/templates/kuryr.conf.j2 b/ansible/roles/kuryr/templates/kuryr.conf.j2 index 56e7fc1344..9ac3d4cf00 100644 --- a/ansible/roles/kuryr/templates/kuryr.conf.j2 +++ b/ansible/roles/kuryr/templates/kuryr.conf.j2 @@ -1,5 +1,5 @@ [DEFAULT] -kuryr_uri = {{ internal_protocol }}://{{ api_interface_address | put_address_in_context('url') }}:{{ kuryr_port }} +kuryr_uri = {{ kuryr_internal_endpoint }} debug = {{ kuryr_logging_debug }} log_dir = /var/log/kolla/kuryr diff --git a/ansible/roles/kuryr/templates/kuryr.spec.j2 b/ansible/roles/kuryr/templates/kuryr.spec.j2 index 15ccc34da6..06c8be3d00 100644 --- a/ansible/roles/kuryr/templates/kuryr.spec.j2 +++ b/ansible/roles/kuryr/templates/kuryr.spec.j2 @@ -1 +1 @@ -http://{{ api_interface_address | put_address_in_context('url') }}:{{ kuryr_port }} +{{ kuryr_internal_endpoint }} diff --git a/ansible/roles/manila/defaults/main.yml b/ansible/roles/manila/defaults/main.yml index 47fae5f4ba..f5aafa017e 100644 --- a/ansible/roles/manila/defaults/main.yml +++ b/ansible/roles/manila/defaults/main.yml @@ -118,12 +118,18 @@ manila_data_extra_volumes: "{{ manila_extra_volumes }}" ##################### ## OpenStack ##################### -manila_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ manila_api_port }}/v1/%(tenant_id)s" -manila_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ manila_api_port }}/v1/%(tenant_id)s" -manila_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ manila_api_port }}/v1/%(tenant_id)s" -manila_v2_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ manila_api_port }}/v2/%(tenant_id)s" -manila_v2_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ manila_api_port }}/v2/%(tenant_id)s" -manila_v2_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ manila_api_port }}/v2/%(tenant_id)s" +manila_admin_base_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ manila_api_port }}" +manila_internal_base_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ manila_api_port }}" +manila_public_base_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ manila_api_port }}" + + +manila_admin_endpoint: "{{ manila_admin_base_endpoint }}/v1/%(tenant_id)s" +manila_internal_endpoint: "{{ manila_internal_base_endpoint }}/v1/%(tenant_id)s" +manila_public_endpoint: "{{ manila_public_base_endpoint }}/v1/%(tenant_id)s" + +manila_v2_admin_endpoint: "{{ manila_admin_base_endpoint }}/v2/%(tenant_id)s" +manila_v2_internal_endpoint: "{{ manila_internal_base_endpoint }}/v2/%(tenant_id)s" +manila_v2_public_endpoint: "{{ manila_public_base_endpoint }}/v2/%(tenant_id)s" manila_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/manila/templates/manila-share.conf.j2 b/ansible/roles/manila/templates/manila-share.conf.j2 index 94c9edc218..e0778d976b 100644 --- a/ansible/roles/manila/templates/manila-share.conf.j2 +++ b/ansible/roles/manila/templates/manila-share.conf.j2 @@ -40,8 +40,8 @@ memcache_secret_key = {{ memcache_secret_key }} memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} [neutron] -url = {{ internal_protocol }}://{{ neutron_internal_fqdn | put_address_in_context('url') }}:{{ neutron_server_port }} auth_uri = {{ keystone_internal_url }} +url = {{ neutron_internal_endpoint }} auth_url = {{ keystone_admin_url }} auth_type = password project_domain_id = {{ default_project_domain_id }} diff --git a/ansible/roles/mistral/defaults/main.yml b/ansible/roles/mistral/defaults/main.yml index 9ce604b5dc..d84c444770 100644 --- a/ansible/roles/mistral/defaults/main.yml +++ b/ansible/roles/mistral/defaults/main.yml @@ -112,8 +112,10 @@ mistral_api_extra_volumes: "{{ mistral_extra_volumes }}" #################### # OpenStack #################### +mistral_internal_base_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ mistral_api_port }}" + mistral_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ mistral_api_port }}/v2" -mistral_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ mistral_api_port }}/v2" +mistral_internal_endpoint: "{{ mistral_internal_base_endpoint }}/v2" mistral_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ mistral_api_port }}/v2" mistral_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/mistral/templates/mistral.conf.j2 b/ansible/roles/mistral/templates/mistral.conf.j2 index c99786e0f2..2d0cd3b31d 100644 --- a/ansible/roles/mistral/templates/mistral.conf.j2 +++ b/ansible/roles/mistral/templates/mistral.conf.j2 @@ -53,7 +53,7 @@ memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_addres [mistral] -url = {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ mistral_api_port }} +url = {{ mistral_internal_base_endpoint }} [openstack_actions] os_actions_endpoint_type = internal diff --git a/ansible/roles/monasca/defaults/main.yml b/ansible/roles/monasca/defaults/main.yml index ad69db6c50..24434e6670 100644 --- a/ansible/roles/monasca/defaults/main.yml +++ b/ansible/roles/monasca/defaults/main.yml @@ -171,7 +171,7 @@ monasca_grafana_data_sources: name: "Monasca API" type: "monasca-datasource" access: "proxy" - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}" + url: "{{ monasca_api_internal_base_endpoint }}" isDefault: True basicAuth: false jsonData: @@ -316,16 +316,14 @@ monasca_agent_authorized_roles: monasca_delegate_authorized_roles: - admin -monasca_api_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}/v2.0" -monasca_api_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}/v2.0" -monasca_api_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}/v2.0" - -monasca_log_api_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }}" -monasca_log_api_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }}" -monasca_log_api_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }}" +monasca_api_admin_endpoint: "{{ monasca_api_admin_base_endpoint }}/v2.0" +monasca_api_internal_endpoint: "{{ monasca_api_internal_base_endpoint }}/v2.0" +monasca_api_public_endpoint: "{{ monasca_api_public_base_endpoint }}/v2.0" monasca_logging_debug: "{{ openstack_logging_debug }}" +monasca_grafana_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}" + #################### # Keystone #################### diff --git a/ansible/roles/monasca/tasks/post_config.yml b/ansible/roles/monasca/tasks/post_config.yml index 817776dd59..bd0df522e8 100644 --- a/ansible/roles/monasca/tasks/post_config.yml +++ b/ansible/roles/monasca/tasks/post_config.yml @@ -4,7 +4,7 @@ kolla_toolbox: module_name: uri module_args: - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/login" + url: "{{ monasca_grafana_internal_endpoint }}/login" status_code: 200 register: result until: result.get('status') == 200 @@ -22,7 +22,7 @@ module_name: uri module_args: method: GET - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs" + url: "{{ monasca_grafana_internal_endpoint }}/api/orgs" user: '{{ monasca_grafana_admin_username }}' password: '{{ monasca_grafana_admin_password }}' return_content: true @@ -39,7 +39,7 @@ module_name: uri module_args: method: POST - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs" + url: "{{ monasca_grafana_internal_endpoint }}/api/orgs" user: '{{ monasca_grafana_admin_username }}' password: '{{ monasca_grafana_admin_password }}' body_format: json @@ -54,7 +54,7 @@ module_name: uri module_args: method: GET - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs/name/{{ monasca_grafana_control_plane_org }}" # noqa 204 + url: "{{ monasca_grafana_internal_endpoint }}/api/orgs/name/{{ monasca_grafana_control_plane_org }}" # noqa 204 user: '{{ monasca_grafana_admin_username }}' password: '{{ monasca_grafana_admin_password }}' return_content: true @@ -72,7 +72,7 @@ module_name: uri module_args: method: POST - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/orgs/{{ monasca_grafana_conf_org.json.id }}/users" # noqa 204 + url: "{{ monasca_grafana_internal_endpoint }}/api/orgs/{{ monasca_grafana_conf_org.json.id }}/users" # noqa 204 user: '{{ monasca_grafana_admin_username }}' password: '{{ monasca_grafana_admin_password }}' body: "{{ monasca_user_body | to_json }}" @@ -91,7 +91,7 @@ module_name: uri module_args: method: POST - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/user/using/{{ monasca_grafana_conf_org.json.id }}" # noqa 204 + url: "{{ monasca_grafana_internal_endpoint }}/api/user/using/{{ monasca_grafana_conf_org.json.id }}" # noqa 204 user: '{{ monasca_grafana_admin_username }}' password: '{{ monasca_grafana_admin_password }}' force_basic_auth: true @@ -102,7 +102,7 @@ kolla_toolbox: module_name: uri module_args: - url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_grafana_server_port }}/api/datasources" + url: "{{ monasca_grafana_internal_endpoint }}/api/datasources" method: POST user: "{{ monasca_grafana_admin_username }}" password: "{{ monasca_grafana_admin_password }}" diff --git a/ansible/roles/murano/tasks/import_library_packages.yml b/ansible/roles/murano/tasks/import_library_packages.yml index d01e0cc7fb..615bfa5124 100644 --- a/ansible/roles/murano/tasks/import_library_packages.yml +++ b/ansible/roles/murano/tasks/import_library_packages.yml @@ -21,7 +21,7 @@ --os-project-name {{ openstack_auth.project_name }} {% if openstack_cacert != '' %}--os-cacert {{ openstack_cacert }}{% endif %} --os-auth-url {{ keystone_admin_url }} - --murano-url {{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ murano_api_port }} + --murano-url {{ murano_admin_endpoint }} package-list register: status changed_when: False @@ -37,7 +37,7 @@ --os-project-name {{ openstack_auth.project_name }} {% if openstack_cacert != '' %}--os-cacert {{ openstack_cacert }}{% endif %} --os-auth-url {{ keystone_admin_url }} - --murano-url {{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ murano_api_port }} + --murano-url {{ murano_admin_endpoint }} package-import --exists-action u --is-public /io.murano.zip run_once: True delegate_to: "{{ groups['murano-api'][0] }}" @@ -53,7 +53,7 @@ --os-project-name {{ openstack_auth.project_name }} {% if openstack_cacert != '' %}--os-cacert {{ openstack_cacert }}{% endif %} --os-auth-url {{ keystone_admin_url }} - --murano-url {{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ murano_api_port }} + --murano-url {{ murano_admin_endpoint }} package-import --exists-action u --is-public /io.murano.applications.zip run_once: True delegate_to: "{{ groups['murano-api'][0] }}" diff --git a/ansible/roles/murano/templates/murano.conf.j2 b/ansible/roles/murano/templates/murano.conf.j2 index 92e3a4cce4..2e717bcc75 100644 --- a/ansible/roles/murano/templates/murano.conf.j2 +++ b/ansible/roles/murano/templates/murano.conf.j2 @@ -45,7 +45,7 @@ password = {{ murano_keystone_password }} cafile = {{ openstack_cacert }} [murano] -url = {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ murano_api_port }} +url = {{ murano_internal_endpoint }} api_workers = {{ openstack_service_workers }} [oslo_messaging_notifications] diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml index 223c6e95a6..76bc243080 100644 --- a/ansible/roles/neutron/defaults/main.yml +++ b/ansible/roles/neutron/defaults/main.yml @@ -373,10 +373,6 @@ ironic_neutron_agent_extra_volumes: "{{ neutron_extra_volumes }}" dhcp_agents_per_network: 2 max_l3_agents_per_router: 3 -neutron_admin_endpoint: "{{ admin_protocol }}://{{ neutron_internal_fqdn | put_address_in_context('url') }}:{{ neutron_server_port }}" -neutron_internal_endpoint: "{{ internal_protocol }}://{{ neutron_internal_fqdn | put_address_in_context('url') }}:{{ neutron_server_port }}" -neutron_public_endpoint: "{{ public_protocol }}://{{ neutron_external_fqdn | put_address_in_context('url') }}:{{ neutron_server_port }}" - neutron_logging_debug: "{{ openstack_logging_debug }}" openstack_neutron_auth: "{{ openstack_auth }}" diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2 index 3b579c29e1..699465f8c2 100644 --- a/ansible/roles/neutron/templates/neutron.conf.j2 +++ b/ansible/roles/neutron/templates/neutron.conf.j2 @@ -139,12 +139,12 @@ drivers = ovs {% if enable_octavia | bool %} [octavia] -base_url = {{ internal_protocol }}://{{ octavia_internal_fqdn | put_address_in_context('url') }}:{{ octavia_api_port }} +base_url = {{ octavia_internal_endpoint }} {% endif %} {% if enable_designate | bool %} [designate] -url = {{ internal_protocol }}://{{ designate_internal_fqdn | put_address_in_context('url') }}:{{ designate_api_port }}/v2 +url = {{ designate_internal_endpoint }}/v2 auth_uri = {{ keystone_internal_url }} auth_url = {{ keystone_admin_url }} auth_type = password diff --git a/ansible/roles/nova-cell/templates/nova.conf.j2 b/ansible/roles/nova-cell/templates/nova.conf.j2 index 5bbd4f1629..9a4741e192 100644 --- a/ansible/roles/nova-cell/templates/nova.conf.j2 +++ b/ansible/roles/nova-cell/templates/nova.conf.j2 @@ -90,7 +90,7 @@ auth_type = password project_name = service user_domain_name = {{ default_user_domain_name }} project_domain_name = {{ default_project_domain_name }} -endpoint_override = {{ internal_protocol }}://{{ ironic_internal_fqdn | put_address_in_context('url') }}:{{ ironic_api_port }}/v1 +endpoint_override = {{ ironic_internal_endpoint }}/v1 {% endif %} @@ -98,7 +98,7 @@ endpoint_override = {{ internal_protocol }}://{{ ironic_internal_fqdn | put_addr lock_path = /var/lib/nova/tmp [glance] -api_servers = {{ internal_protocol }}://{{ glance_internal_fqdn | put_address_in_context('url') }}:{{ glance_api_port }} +api_servers = {{ glance_internal_endpoint }} cafile = {{ openstack_cacert }} num_retries = 3 diff --git a/ansible/roles/nova/defaults/main.yml b/ansible/roles/nova/defaults/main.yml index 3c13a50a88..6c80dfc14a 100644 --- a/ansible/roles/nova/defaults/main.yml +++ b/ansible/roles/nova/defaults/main.yml @@ -131,14 +131,17 @@ nova_api_bootstrap_extra_volumes: "{{ nova_extra_volumes }}" #################### # OpenStack #################### +nova_admin_base_endpoint: "{{ admin_protocol }}://{{ nova_internal_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}" +nova_internal_base_endpoint: "{{ internal_protocol }}://{{ nova_internal_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}" +nova_public_base_endpoint: "{{ public_protocol }}://{{ nova_external_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}" -nova_legacy_admin_endpoint: "{{ admin_protocol }}://{{ nova_internal_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}/v2/%(tenant_id)s" -nova_legacy_internal_endpoint: "{{ internal_protocol }}://{{ nova_internal_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}/v2/%(tenant_id)s" -nova_legacy_public_endpoint: "{{ public_protocol }}://{{ nova_external_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}/v2/%(tenant_id)s" +nova_legacy_admin_endpoint: "{{ nova_admin_base_endpoint }}/v2/%(tenant_id)s" +nova_legacy_internal_endpoint: "{{ nova_internal_base_endpoint }}/v2/%(tenant_id)s" +nova_legacy_public_endpoint: "{{ nova_public_base_endpoint }}/v2/%(tenant_id)s" -nova_admin_endpoint: "{{ admin_protocol }}://{{ nova_internal_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}/v2.1" -nova_internal_endpoint: "{{ internal_protocol }}://{{ nova_internal_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}/v2.1" -nova_public_endpoint: "{{ public_protocol }}://{{ nova_external_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}/v2.1" +nova_admin_endpoint: "{{ nova_admin_base_endpoint }}/v2.1" +nova_internal_endpoint: "{{ nova_internal_base_endpoint }}/v2.1" +nova_public_endpoint: "{{ nova_public_base_endpoint }}/v2.1" nova_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2 index d37200a559..2c51f86a37 100644 --- a/ansible/roles/nova/templates/nova.conf.j2 +++ b/ansible/roles/nova/templates/nova.conf.j2 @@ -49,8 +49,9 @@ enable_proxy_headers_parsing = True lock_path = /var/lib/nova/tmp [glance] -api_servers = {{ internal_protocol }}://{{ glance_internal_fqdn | put_address_in_context('url') }}:{{ glance_api_port }} cafile = {{ openstack_cacert }} +api_servers = {{ glance_internal_endpoint }} + num_retries = {{ groups['glance-api'] | length }} debug = {{ nova_logging_debug }} diff --git a/ansible/roles/octavia/defaults/main.yml b/ansible/roles/octavia/defaults/main.yml index 57c1fd110d..f91e7d3685 100644 --- a/ansible/roles/octavia/defaults/main.yml +++ b/ansible/roles/octavia/defaults/main.yml @@ -119,10 +119,6 @@ octavia_worker_extra_volumes: "{{ octavia_extra_volumes }}" #################### # OpenStack #################### -octavia_admin_endpoint: "{{ admin_protocol }}://{{ octavia_internal_fqdn | put_address_in_context('url') }}:{{ octavia_api_port }}" -octavia_internal_endpoint: "{{ internal_protocol }}://{{ octavia_internal_fqdn | put_address_in_context('url') }}:{{ octavia_api_port }}" -octavia_public_endpoint: "{{ public_protocol }}://{{ octavia_external_fqdn | put_address_in_context('url') }}:{{ octavia_api_port }}" - octavia_logging_debug: "{{ openstack_logging_debug }}" octavia_keystone_user: "octavia" diff --git a/ansible/roles/prometheus/templates/clouds.yml.j2 b/ansible/roles/prometheus/templates/clouds.yml.j2 index bbbf44b5e9..5472aeed20 100644 --- a/ansible/roles/prometheus/templates/clouds.yml.j2 +++ b/ansible/roles/prometheus/templates/clouds.yml.j2 @@ -9,5 +9,5 @@ clouds: project_name: {{ keystone_admin_project }} project_domain_name: 'Default' user_domain_name: 'Default' - auth_url: {{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ keystone_admin_port }}/v3 cacert: {{ openstack_cacert }} + auth_url: {{ keystone_admin_url }}/v3 diff --git a/ansible/roles/prometheus/templates/prometheus-alertmanager.yml.j2 b/ansible/roles/prometheus/templates/prometheus-alertmanager.yml.j2 index e479ec327c..88c29ada63 100644 --- a/ansible/roles/prometheus/templates/prometheus-alertmanager.yml.j2 +++ b/ansible/roles/prometheus/templates/prometheus-alertmanager.yml.j2 @@ -11,7 +11,7 @@ receivers: {% if enable_vitrage | bool and enable_vitrage_prometheus_datasource | bool %} webhook_configs: - send_resolved: true - url: '{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ vitrage_api_port }}/v1/event' + url: '{{ vitrage_public_endpoint }}/v1/event' http_config: basic_auth: username: '{{ keystone_admin_user }}' diff --git a/ansible/roles/searchlight/defaults/main.yml b/ansible/roles/searchlight/defaults/main.yml index 3d8c4fe2cd..b09411b9f7 100644 --- a/ansible/roles/searchlight/defaults/main.yml +++ b/ansible/roles/searchlight/defaults/main.yml @@ -31,7 +31,7 @@ searchlight_services: #################### # Elasticsearch #################### -searchlight_elasticsearch_url: "{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}" +searchlight_elasticsearch_url: "{{ elasticsearch_address | put_address_in_context('url') }}:{{ elasticsearch_port }}" #################### # Docker diff --git a/ansible/roles/searchlight/templates/searchlight.conf.j2 b/ansible/roles/searchlight/templates/searchlight.conf.j2 index 59c14d96b5..e1ea68cfed 100644 --- a/ansible/roles/searchlight/templates/searchlight.conf.j2 +++ b/ansible/roles/searchlight/templates/searchlight.conf.j2 @@ -7,7 +7,7 @@ transport_url = {{ rpc_transport_url }} [api] port = {{ searchlight_api_port }} bind_host = {{ api_interface_address }} -public_endpoint = {{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ searchlight_api_port }} +public_endpoint = {{ searchlight_public_endpoint }} workers = {{ openstack_service_workers }} [elasticsearch] diff --git a/ansible/roles/swift/defaults/main.yml b/ansible/roles/swift/defaults/main.yml index 7d38df8833..ac4fcdb849 100644 --- a/ansible/roles/swift/defaults/main.yml +++ b/ansible/roles/swift/defaults/main.yml @@ -52,10 +52,6 @@ swift_log_level: "{{ 'DEBUG' if openstack_logging_debug | bool else 'INFO'}}" #################### # OpenStack #################### -swift_admin_endpoint: "{{ admin_protocol }}://{{ swift_internal_fqdn | put_address_in_context('url') }}:{{ swift_proxy_server_port }}/v1" -swift_internal_endpoint: "{{ internal_protocol }}://{{ swift_internal_fqdn | put_address_in_context('url') }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s" -swift_public_endpoint: "{{ public_protocol }}://{{ swift_external_fqdn | put_address_in_context('url') }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s" - swift_logging_debug: "{{ openstack_logging_debug }}" swift_keystone_user: "swift" diff --git a/ansible/roles/tempest/templates/tempest.conf.j2 b/ansible/roles/tempest/templates/tempest.conf.j2 index c8e4632bcb..a3972a16f3 100644 --- a/ansible/roles/tempest/templates/tempest.conf.j2 +++ b/ansible/roles/tempest/templates/tempest.conf.j2 @@ -11,8 +11,8 @@ admin_project_name = {{ openstack_auth.project_name }} admin_domain_name = {{ openstack_auth.domain_name }} [dashboard] -dashboard_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }} -login_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}/auth/login/ +dashboard_url = {{ horizon_internal_endpoint }} +login_url = {{ horizon_internal_endpoint }}/auth/login/ [service_available] cinder = {{ enable_cinder }} @@ -32,10 +32,6 @@ flavor_ref = {{ tempest_flavor_ref_id }} flavor_ref_alt = {{ tempest_flavor_ref_alt_id }} region = {{ openstack_region_name }} -[dashboard] -dashboard_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}/ -login_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}/auth/login - [identity] region = {{ openstack_region_name }} auth_version = v3 diff --git a/ansible/roles/vitrage/defaults/main.yml b/ansible/roles/vitrage/defaults/main.yml index 1fee236b9d..ba1e795bc4 100644 --- a/ansible/roles/vitrage/defaults/main.yml +++ b/ansible/roles/vitrage/defaults/main.yml @@ -130,10 +130,6 @@ vitrage_persistor_extra_volumes: "{{ vitrage_extra_volumes }}" #################### # OpenStack #################### -vitrage_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ vitrage_api_port }}" -vitrage_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ vitrage_api_port }}" -vitrage_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ vitrage_api_port }}" - vitrage_logging_debug: "{{ openstack_logging_debug }}" vitrage_keystone_user: "vitrage"