openstack/kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/tacker/defaults/main.yml
Matt Crees 6c2aace8d6 Integrate oslo-config-validator 
Regularly, we experience issues in Kolla Ansible deployments because we
use wrong options in OpenStack configuration files. This is because
OpenStack services ignore unknown options. We also need to keep on top
of deprecated options that may be removed in the future. Integrating
oslo-config-validator into Kolla Ansible will greatly help.

Adds a shared role to run oslo-config-validator on each service. Takes
into account that services have multiple containers, and these may also
use multiple config files. Service roles are extended to use this shared
role. Executed with the new command ``kolla-ansible validate-config``.

Change-Id: Ic10b410fc115646d96d2ce39d9618e7c46cb3fbc
2022-12-21 17:19:09 +00:00

186 lines
8.2 KiB
YAML
Raw Blame History

---
tacker_services:
tacker-server:
container_name: "tacker_server"
group: "tacker-server"
host_in_groups: "{{ inventory_hostname in tacker_hosts }}"
enabled: true
image: "{{ tacker_server_image_full }}"
volumes: "{{ tacker_server_default_volumes + tacker_server_extra_volumes }}"
dimensions: "{{ tacker_server_dimensions }}"
healthcheck: "{{ tacker_server_healthcheck }}"
haproxy:
tacker_server:
enabled: "{{ enable_tacker }}"
mode: "http"
external: false
port: "{{ tacker_server_port }}"
custom_member_list: "{{ tacker_haproxy_members.split(';') }}"
tacker_server_external:
enabled: "{{ enable_tacker }}"
mode: "http"
external: true
port: "{{ tacker_server_port }}"
custom_member_list: "{{ tacker_haproxy_members.split(';') }}"
tacker-conductor:
container_name: "tacker_conductor"
group: "tacker-conductor"
host_in_groups: "{{ inventory_hostname in tacker_hosts }}"
enabled: true
image: "{{ tacker_conductor_image_full }}"
volumes: "{{ tacker_conductor_default_volumes + tacker_conductor_extra_volumes }}"
dimensions: "{{ tacker_conductor_dimensions }}"
healthcheck: "{{ tacker_conductor_healthcheck }}"
####################
# Config Validate
####################
tacker_config_validation:
- generator: "/tacker/etc/config-generator.conf"
config: "/etc/tacker/tacker.conf"
####################
# Database
####################
tacker_database_name: "tacker"
tacker_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}tacker{% endif %}"
tacker_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}"
####################
# Database sharding
####################
tacker_database_shard_root_user: "{% if enable_proxysql | bool %}root_shard_{{ tacker_database_shard_id }}{% else %}{{ database_user }}{% endif %}"
tacker_database_shard_id: "{{ mariadb_default_database_shard_id | int }}"
tacker_database_shard:
users:
- user: "{{ tacker_database_user }}"
password: "{{ tacker_database_password }}"
rules:
- schema: "{{ tacker_database_name }}"
shard_id: "{{ tacker_database_shard_id }}"
########
# Docker
########
tacker_tag: "{{ openstack_tag }}"
tacker_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/tacker-server"
tacker_server_tag: "{{ tacker_tag }}"
tacker_server_image_full: "{{ tacker_server_image }}:{{ tacker_server_tag }}"
tacker_conductor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/tacker-conductor"
tacker_conductor_tag: "{{ tacker_tag }}"
tacker_conductor_image_full: "{{ tacker_conductor_image }}:{{ tacker_conductor_tag }}"
tacker_server_dimensions: "{{ default_container_dimensions }}"
tacker_conductor_dimensions: "{{ default_container_dimensions }}"
tacker_server_enable_healthchecks: "{{ enable_container_healthchecks }}"
tacker_server_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
tacker_server_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
tacker_server_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
tacker_server_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ tacker_server_port }}"]
tacker_server_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
tacker_server_healthcheck:
interval: "{{ tacker_server_healthcheck_interval }}"
retries: "{{ tacker_server_healthcheck_retries }}"
start_period: "{{ tacker_server_healthcheck_start_period }}"
test: "{% if tacker_server_enable_healthchecks | bool %}{{ tacker_server_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ tacker_server_healthcheck_timeout }}"
tacker_conductor_enable_healthchecks: "{{ enable_container_healthchecks }}"
tacker_conductor_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
tacker_conductor_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
tacker_conductor_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
tacker_conductor_healthcheck_test: ["CMD-SHELL", "healthcheck_port tacker-conductor {{ om_rpc_port }}"]
tacker_conductor_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
tacker_conductor_healthcheck:
interval: "{{ tacker_conductor_healthcheck_interval }}"
retries: "{{ tacker_conductor_healthcheck_retries }}"
start_period: "{{ tacker_conductor_healthcheck_start_period }}"
test: "{% if tacker_conductor_enable_healthchecks | bool %}{{ tacker_conductor_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ tacker_conductor_healthcheck_timeout }}"
tacker_server_default_volumes:
- "{{ node_config_directory }}/tacker-server/:{{ container_config_directory }}/:ro"
- "{{ kolla_dev_repos_directory ~ '/tacker/tacker:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/tacker' if tacker_dev_mode | bool else '' }}"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
# NOTE(yoctozepto): Starting in Train, this volume must be shared
# between all instances of both Tacker services (Server, Conductor)
- "kolla_tacker_csar_files:/var/lib/tacker/csar_files/"
tacker_conductor_default_volumes:
- "{{ node_config_directory }}/tacker-conductor/:{{ container_config_directory }}/:ro"
- "{{ kolla_dev_repos_directory ~ '/tacker/tacker:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/tacker' if tacker_dev_mode | bool else '' }}"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "kolla_tacker_vnfpackages:/var/lib/tacker/vnfpackages/"
# NOTE(yoctozepto): Starting in Train, this volume must be shared
# between all instances of both Tacker services (Server, Conductor)
- "kolla_tacker_csar_files:/var/lib/tacker/csar_files/"
tacker_extra_volumes: "{{ default_extra_volumes }}"
tacker_server_extra_volumes: "{{ tacker_extra_volumes }}"
tacker_conductor_extra_volumes: "{{ tacker_extra_volumes }}"
# NOTE(yoctozepto): Starting in Train, this variable is used to co-locate all
# Tacker services on one host since we do not provide shared filesystem
# to satisfy kolla_tacker_csar_files volume needs.
tacker_hosts: "{{ [groups['tacker'] | first] }}"
####################
# OpenStack
####################
tacker_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ tacker_server_port }}"
tacker_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ tacker_server_port }}"
tacker_logging_debug: "{{ openstack_logging_debug }}"
tacker_keystone_user: "tacker"
openstack_tacker_auth: "{{ openstack_auth }}"
tacker_api_workers: "{{ openstack_service_workers }}"
###################
# Kolla
####################
tacker_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
tacker_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
tacker_dev_mode: "{{ kolla_dev_mode }}"
tacker_source_version: "{{ kolla_source_version }}"
####################
# Notifications
####################
tacker_notification_topics:
- name: notifications
enabled: "{{ enable_ceilometer | bool }}"
tacker_enabled_notification_topics: "{{ tacker_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Keystone
####################
tacker_ks_services:
- name: "tacker"
type: "nfv-orchestration"
description: "Tacker Service"
endpoints:
- {'interface': 'internal', 'url': '{{ tacker_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ tacker_public_endpoint }}'}
tacker_ks_users:
- project: "service"
user: "{{ tacker_keystone_user }}"
password: "{{ tacker_keystone_password }}"
role: "admin"
####################
# HAProxy
####################
tacker_haproxy_members: "{% for host in tacker_hosts %}server {{ hostvars[host].ansible_facts.hostname }} {{ 'api' | kolla_address(host) }}:{{ tacker_server_port }} check inter 2000 rise 2 fall 5;{% endfor %}"
View Git Blame Copy Permalink