openstack/kolla-ansible
Code Issues Proposed changes
2e08ffd6d3
kolla-ansible/tests/templates/globals-default.j2
Hongbin Lu 91678f67af Zun: Add zun-cni-daemon to compute node 
Zun has a new component "zun-cni-daemon" which should be
deployed in every compute nodes. It is basically an implementation
of CNI (Container Network Interface) that performs the neutron
port binding.

If users is using the capsule (pod) API, the recommended deployment
option is using "cri" as capsule driver. This is basically to use
a CRI runtime (i.e. CRI plugin for containerd) for supporting
capsules (pods). A CRI runtime needs a CNI plugin which is what
the "zun-cni-daemon" provides.

The configuration is based on the Zun installation guide [1].
It consits of the following steps:
* Configure the containerd daemon in the host. The "zun-compute"
  container will use grpc to communicate with this service.
* Install the "zun-cni" binary at host. The containerd process
  will invoke this binary to call the CNI plugin.
* Run a "zun-cni-daemon" container. The "zun-cni" binary will
  communicate with this container via HTTP.

Relevant patches:
Blueprint: https://blueprints.launchpad.net/zun/+spec/add-support-cri-runtime
Install guide: https://review.opendev.org/#/c/707948/
Devstack plugin: https://review.opendev.org/#/c/705338/
Kolla image: https://review.opendev.org/#/c/708273/

[1] https://docs.openstack.org/zun/latest/install/index.html

Depends-On: https://review.opendev.org/#/c/721044/
Change-Id: I9c361a99b355af27907cf80f5c88d97191193495
2020-04-30 02:22:20 +00:00

139 lines
3.9 KiB
Django/Jinja
Raw Blame History

---
{% if ansible_os_family == 'Debian' %}
# Force the use of python3 on Debian and Ubuntu remote hosts. These distros
# typically have an unversioned Python interpreter which links to python2.7.
ansible_python_interpreter: /usr/bin/python3
{% endif %}
kolla_base_distro: "{{ base_distro }}"
kolla_install_type: "{{ install_type }}"
network_interface: "{{ api_interface_name }}"
network_address_family: "{{ address_family }}"
docker_restart_policy: "no"
docker_custom_config:
debug: true
registry-mirrors:
- {{ infra_dockerhub_mirror }}
# Use a random router id, otherwise it may result in the same router id
# in the CI gate.
keepalived_virtual_router_id: "{{ 250 | random(1) }}"
# MariaDB/Galera - fine tune gmcast.peer_timeout
mariadb_wsrep_extra_provider_options:
- "gmcast.peer_timeout=PT15S"
enable_openstack_core: "{{ openstack_core_enabled }}"
enable_horizon: "{{ dashboard_enabled }}"
enable_heat: "{{ openstack_core_tested }}"
{% if scenario != 'bifrost' %}
kolla_internal_vip_address: "{{ kolla_internal_vip_address }}"
neutron_external_interface: "{{ neutron_external_interface_name }}"
openstack_logging_debug: "True"
openstack_service_workers: "1"
{% endif %}
{% if need_build_image and not is_previous_release %}
# NOTE(Jeffrey4l): use different a docker namespace name in case it pull image from hub.docker.io when deplying
docker_namespace: "lokolla"
# NOTE(yoctozepto): use hostname or FQDN to be compatible between IPv4 and IPv6
# docker does not support referencing registry via an IPv6 address
# see: https://github.com/moby/moby/issues/39033
docker_registry: "primary:4000"
openstack_tag: "{{ build_image_tag }}"
{% else %}
# use docker hub images
docker_namespace: "kolla"
{% if docker_image_tag_suffix %}
openstack_tag_suffix: "{{ docker_image_tag_suffix }}"
{% endif %}
{% if need_build_image and is_previous_release %}
# NOTE(mgoddard): Ensure that the insecure local registry is trusted, since it
# will be the source of images during the upgrade.
# NOTE(yoctozepto): this is required here for CI because we run templating
# of docker systemd command only once
docker_custom_option: "--insecure-registry primary:4000"
{% endif %}
{% if is_previous_release %}
openstack_release: "{{ previous_release }}"
{% endif %}
{% endif %}
{% if scenario == "zun" %}
enable_zun: "yes"
enable_kuryr: "yes"
enable_etcd: "yes"
docker_configure_for_zun: "yes"
containerd_configure_for_zun: "yes"
enable_cinder: "yes"
# lvm backup driver for cinder-backup does not exist
enable_cinder_backup: "no"
enable_cinder_backend_lvm: "yes"
{% endif %}
{% if scenario == "swift" %}
enable_swift: "yes"
{% endif %}
{% if scenario == "scenario_nfv" %}
enable_tacker: "yes"
enable_neutron_sfc: "yes"
enable_mistral: "yes"
enable_redis: "yes"
enable_barbican: "yes"
enable_heat: "yes"
{% endif %}
{% if scenario == "ironic" %}
enable_ironic: "yes"
ironic_dnsmasq_dhcp_range: "10.42.0.2,10.42.0.254"
{% endif %}
{% if scenario == "masakari" %}
enable_masakari: "yes"
{% endif %}
{% if scenario == "cells" %}
enable_cells: "yes"
{% endif %}
{% if scenario == "mariadb" %}
enable_chrony: "no"
enable_fluentd: "yes"
enable_mariadb: "yes"
enable_memcached: "no"
enable_rabbitmq: "no"
{% endif %}
{% if scenario == "ceph-ansible" %}
# kolla-ansible vars
enable_cinder: "yes"
# External Ceph
glance_backend_ceph: "yes"
cinder_backend_ceph: "yes"
nova_backend_ceph: "yes"
ceph_nova_user: "cinder"
{% endif %}
{% if tls_enabled %}
kolla_enable_tls_external: "yes"
kolla_enable_tls_internal: "yes"
kolla_copy_ca_into_containers: "yes"
kolla_enable_tls_backend: "yes"
{% if base_distro == "ubuntu" or base_distro == "debian" %}
openstack_cacert: "/usr/local/share/ca-certificates/kolla-customca-haproxy-internal.crt"
{% endif %}
{% if base_distro == "centos" %}
openstack_cacert: "/etc/pki/ca-trust/source/anchors/kolla-customca-haproxy-internal.crt"
{% endif %}
{% endif %}
{% if scenario == 'linuxbridge' %}
neutron_plugin_agent: "linuxbridge"
{% endif %}
{% if scenario == "ovn" %}
neutron_plugin_agent: "ovn"
{% endif %}
View Git Blame Copy Permalink