openstack/kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/cloudkitty/defaults/main.yml
Aravindh Murugesan 70279972b6 HAProxy: Switch to L7 Healthchecks 
Address occasional issues where TCP connections appear healthy,
yet the web servers within containers fail to respond,
resulting in requests being sent to unhealthy servers.

Implemented for services I currently use.
- Aodh (OPTIONS to /, expects 2XX or 3XX)
- Barbican (OPTIONS to /, expects 2XX or 3XX)
- Blazar (OPTIONS to /, expects 401)
- Cinder API (OPTIONS to /, expects 2XX or 3XX)
- CloudKitty (OPTIONS to /, expects 2XX or 3XX)
- Designate (OPTIONS to /, expects 2XX or 3XX)
- Glance (OPTIONS to /, expects 2XX or 3XX)
- Gnocchi (OPTIONS to /, expects 2XX or 3XX)
- Grafana (OPTIONS to /, expects 2XX or 3XX)
- Heat (OPTIONS to /, expects 2XX or 3XX)
- Horizon (OPTIONS to /, expects 2XX or 3XX)
- Ironic (OPTIONS to /, expects 2XX or 3XX)
- Keystone (OPTIONS to /, expects 2XX or 3XX)
- Magnum (OPTIONS to /, expects 2XX or 3XX)
- Manila (OPTIONS to /, expects 2XX or 3XX)
- Masakari (OPTIONS to /, expects 2XX or 3XX)
- Mistral (OPTIONS to /, expects 2XX or 3XX)
- Nova API (OPTIONS to /, expects 2XX or 3XX)
- Nova Metadata (OPTIONS to /, expects 2XX or 3XX)
- Neutron (OPTIONS to /, expects 2XX or 3XX)
- Opensearch (OPTIONS to /, expects 2XX or 3XX)
- Opensearch Dashboards (OPTIONS to /, expects 401)
- Placement (GET to /, expects 2XX or 3XX)
- Prometheus (OPTIONS to /, expects 2XX or 3XX)
- Prometheus AlertManager (OPTIONS to /, expects 2XX or 3XX)
- Prometheus Openstack Exporter (OPTIONS to /, expects 2XX or 3XX)
- Prometheus Server (OPTIONS to /, expects 2XX or 3XX)
- Skyline API (OPTIONS to /docs, expects 2XX or 3XX)
- Skyline Console (GET to /, expects 2XX or 3XX)
- Swift (OPTIONS to /info, expects 2XX or 3XX)
- Trove (OPTIONS to /, expects 2XX or 3XX)
- Venus (OPTIONS to /, expects 2XX or 3XX)
- Watcher (GET to /, expects 2XX or 3XX)
- Zun (OPTIONS to /, expects 2XX or 3XX)

Change-Id: I839f7f1051182fe797394e5436571d64d5c5b5a4
2024-12-20 09:16:28 +01:00

235 lines
9.9 KiB
YAML
Raw Blame History

---
cloudkitty_services:
cloudkitty-api:
container_name: "cloudkitty_api"
group: "cloudkitty-api"
image: "{{ cloudkitty_api_image_full }}"
enabled: True
volumes: "{{ cloudkitty_api_default_volumes + cloudkitty_api_extra_volumes }}"
dimensions: "{{ cloudkitty_api_dimensions }}"
healthcheck: "{{ cloudkitty_api_healthcheck }}"
haproxy:
cloudkitty_api:
enabled: "{{ enable_cloudkitty }}"
mode: "http"
external: false
port: "{{ cloudkitty_api_port }}"
listen_port: "{{ cloudkitty_api_listen_port }}"
backend_http_extra:
- "option httpchk"
cloudkitty_api_external:
enabled: "{{ enable_cloudkitty }}"
mode: "http"
external: true
external_fqdn: "{{ cloudkitty_external_fqdn }}"
port: "{{ cloudkitty_api_public_port }}"
listen_port: "{{ cloudkitty_api_listen_port }}"
backend_http_extra:
- "option httpchk"
cloudkitty-processor:
container_name: "cloudkitty_processor"
group: "cloudkitty-processor"
image: "{{ cloudkitty_processor_image_full }}"
enabled: True
volumes: "{{ cloudkitty_processor_default_volumes + cloudkitty_processor_extra_volumes }}"
dimensions: "{{ cloudkitty_processor_dimensions }}"
healthcheck: "{{ cloudkitty_processor_healthcheck }}"
####################
# Config Validate
####################
cloudkitty_config_validation:
- generator: "/cloudkitty/etc/oslo-config-generator/cloudkitty.conf"
config: "/etc/cloudkitty/cloudkitty.conf"
####################
# Database
####################
cloudkitty_database_name: "cloudkitty"
cloudkitty_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}cloudkitty{% endif %}"
cloudkitty_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}"
####################
# Database sharding
####################
cloudkitty_database_shard_root_user: "{% if enable_proxysql | bool %}root_shard_{{ cloudkitty_database_shard_id }}{% else %}{{ database_user }}{% endif %}"
cloudkitty_database_shard_id: "{{ mariadb_default_database_shard_id | int }}"
cloudkitty_database_shard:
users:
- user: "{{ cloudkitty_database_user }}"
password: "{{ cloudkitty_database_password }}"
rules:
- schema: "{{ cloudkitty_database_name }}"
shard_id: "{{ cloudkitty_database_shard_id }}"
####################
# Docker
####################
cloudkitty_tag: "{{ openstack_tag }}"
cloudkitty_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ docker_image_name_prefix }}cloudkitty-api"
cloudkitty_api_tag: "{{ cloudkitty_tag }}"
cloudkitty_api_image_full: "{{ cloudkitty_api_image }}:{{ cloudkitty_api_tag }}"
cloudkitty_processor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ docker_image_name_prefix }}cloudkitty-processor"
cloudkitty_processor_tag: "{{ cloudkitty_tag }}"
cloudkitty_processor_image_full: "{{ cloudkitty_processor_image }}:{{ cloudkitty_processor_tag }}"
cloudkitty_processor_dimensions: "{{ default_container_dimensions }}"
cloudkitty_api_dimensions: "{{ default_container_dimensions }}"
cloudkitty_api_default_volumes:
- "{{ node_config_directory }}/cloudkitty-api/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/cloudkitty:/dev-mode/cloudkitty' if cloudkitty_dev_mode | bool else '' }}"
cloudkitty_processor_default_volumes:
- "{{ node_config_directory }}/cloudkitty-processor/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/cloudkitty:/dev-mode/cloudkitty' if cloudkitty_dev_mode | bool else '' }}"
cloudkitty_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
cloudkitty_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
cloudkitty_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
cloudkitty_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
cloudkitty_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ cloudkitty_api_port }}"]
cloudkitty_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
cloudkitty_api_healthcheck:
interval: "{{ cloudkitty_api_healthcheck_interval }}"
retries: "{{ cloudkitty_api_healthcheck_retries }}"
start_period: "{{ cloudkitty_api_healthcheck_start_period }}"
test: "{% if cloudkitty_api_enable_healthchecks | bool %}{{ cloudkitty_api_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ cloudkitty_api_healthcheck_timeout }}"
cloudkitty_processor_enable_healthchecks: "{{ enable_container_healthchecks }}"
cloudkitty_processor_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
cloudkitty_processor_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
cloudkitty_processor_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
cloudkitty_processor_healthcheck_test: ["CMD-SHELL", "healthcheck_port cloudkitty-processor {{ om_rpc_port }}"]
cloudkitty_processor_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
cloudkitty_processor_healthcheck:
interval: "{{ cloudkitty_processor_healthcheck_interval }}"
retries: "{{ cloudkitty_processor_healthcheck_retries }}"
start_period: "{{ cloudkitty_processor_healthcheck_start_period }}"
test: "{% if cloudkitty_processor_enable_healthchecks | bool %}{{ cloudkitty_processor_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ cloudkitty_processor_healthcheck_timeout }}"
cloudkitty_extra_volumes: "{{ default_extra_volumes }}"
cloudkitty_processor_extra_volumes: "{{ cloudkitty_extra_volumes }}"
cloudkitty_api_extra_volumes: "{{ cloudkitty_extra_volumes }}"
####################
# OpenStack
####################
cloudkitty_logging_debug: "{{ openstack_logging_debug }}"
cloudkitty_keystone_user: "cloudkitty"
openstack_cloudkitty_auth: "{{ openstack_auth }}"
cloudkitty_api_workers: "{{ openstack_service_workers }}"
cloudkitty_processor_workers: "{{ openstack_service_workers }}"
####################
# Cloudkitty
####################
cloudkitty_openstack_keystone_default_role: "rating"
####################
# Kolla
####################
cloudkitty_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
cloudkitty_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
cloudkitty_dev_mode: "{{ kolla_dev_mode }}"
cloudkitty_source_version: "{{ kolla_source_version }}"
cloudkitty_custom_metrics_yaml_file: "metrics.yml"
####################
# Storage backend
####################
# InfluxDB retention policy to use (defaults to autogen).
# cloudkitty_influxdb_retention_policy: "autogen"
# Set to true to use SSL for InfluxDB connections.
cloudkitty_influxdb_use_ssl: "{{ kolla_enable_tls_internal }}"
# Path of the CA certificate to trust for HTTPS connections.
cloudkitty_influxdb_cafile: "{{ openstack_cacert }}"
# Set to true to authorize insecure HTTPS connections to InfluxDB.
# This means, HTTPS connections without validating the certificate used by InfluxDB
# cloudkitty_influxdb_insecure_connections: false
cloudkitty_influxdb_name: "cloudkitty"
# Set the elasticsearch/opensearch index name.
cloudkitty_elasticsearch_index_name: "cloudkitty"
cloudkitty_opensearch_index_name: "{{ cloudkitty_elasticsearch_index_name }}"
# Set the elasticsearch/opensearch host URL.
cloudkitty_elasticsearch_url: "{{ internal_protocol }}://{{ opensearch_address }}:{{ opensearch_port }}"
cloudkitty_opensearch_url: "{{ cloudkitty_elasticsearch_url }}"
# Path of the CA certificate to trust for HTTPS connections.
cloudkitty_elasticsearch_cafile: "{{ openstack_cacert }}"
# Set to true to authorize insecure HTTPS connections to Elasticsearch.
# This means, HTTPS connections without validating the certificate used by elasticsearch
cloudkitty_elasticsearch_insecure_connections: false
# Path of the CA certificate to trust for HTTPS connections.
cloudkitty_opensearch_cafile: "{{ openstack_cacert }}"
# Set to true to authorize insecure HTTPS connections to OpenSearch.
# This means, HTTPS connections without validating the certificate used by
# OpenSearch.
cloudkitty_opensearch_insecure_connections: false
####################
# Collector
####################
# Valid options are 'gnocchi' or 'prometheus'. The default value is
# 'gnocchi', which matches the default in Cloudkitty.
cloudkitty_collector_backend: "gnocchi"
# Set prometheus collector URL.
cloudkitty_prometheus_url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ prometheus_port }}/api/v1"
# Path of the CA certificate to trust for HTTPS connections.
cloudkitty_prometheus_cafile: "{{ openstack_cacert }}"
# Set to true to authorize insecure HTTPS connections to Prometheus.
# This means, HTTPS connections without validating the certificate used by prometheus.
cloudkitty_prometheus_insecure_connections: false
####################
# Fetcher
####################
# Valid options are 'keystone', 'source', 'gnocchi' or 'prometheus'.
# The default value is 'keystone', which matches the default in CloudKitty.
cloudkitty_fetcher_backend: "keystone"
####################
# Keystone
####################
cloudkitty_ks_services:
- name: "cloudkitty"
type: "rating"
description: "OpenStack Rating"
endpoints:
- {'interface': 'internal', 'url': '{{ cloudkitty_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cloudkitty_public_endpoint }}'}
cloudkitty_ks_users:
- project: "service"
user: "{{ cloudkitty_keystone_user }}"
password: "{{ cloudkitty_keystone_password }}"
role: "admin"
cloudkitty_ks_roles:
- "{{ cloudkitty_openstack_keystone_default_role }}"
View Git Blame Copy Permalink