Merge "Enable V2 Octavia API (Experimental)"
This commit is contained in:
commit
d25a59b68c
@ -16,6 +16,15 @@
|
|||||||
## Verbosity Options
|
## Verbosity Options
|
||||||
debug: False
|
debug: False
|
||||||
|
|
||||||
|
## Octavia stnadalone (v2) experimental
|
||||||
|
octavia_v2: false
|
||||||
|
|
||||||
|
## Activate Octavia V1 API
|
||||||
|
octavia_v1: True
|
||||||
|
|
||||||
|
## Allow TLS listener
|
||||||
|
octavia_tls_listener_enabled: True
|
||||||
|
|
||||||
# Set the package install state for distribution and pip packages
|
# Set the package install state for distribution and pip packages
|
||||||
# Options are 'present' and 'latest'
|
# Options are 'present' and 'latest'
|
||||||
octavia_package_state: "latest"
|
octavia_package_state: "latest"
|
||||||
@ -37,9 +46,7 @@ octavia_fatal_deprecations: False
|
|||||||
|
|
||||||
octavia_clients_endpoint: internalURL
|
octavia_clients_endpoint: internalURL
|
||||||
|
|
||||||
# Workaround for https://bugs.launchpad.net/octavia/+bug/1704468
|
octavia_auth_strategy: keystone
|
||||||
# API haproxy needs "/" to return 200 for healthcheck
|
|
||||||
octavia_auth_strategy: noauth
|
|
||||||
|
|
||||||
## DB
|
## DB
|
||||||
octavia_galera_user: octavia
|
octavia_galera_user: octavia
|
||||||
@ -121,11 +128,11 @@ octavia_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(o
|
|||||||
octavia_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(octavia_service_proto) }}"
|
octavia_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(octavia_service_proto) }}"
|
||||||
octavia_service_type: load-balancer
|
octavia_service_type: load-balancer
|
||||||
octavia_service_publicuri: "{{ octavia_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ octavia_service_port }}"
|
octavia_service_publicuri: "{{ octavia_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ octavia_service_port }}"
|
||||||
octavia_service_publicurl: "{{ octavia_service_publicuri }}/v1/%(tenant_id)s"
|
octavia_service_publicurl_v2: "{{ octavia_service_publicuri }}/"
|
||||||
octavia_service_adminuri: "{{ octavia_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}"
|
octavia_service_adminuri: "{{ octavia_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}"
|
||||||
octavia_service_adminurl: "{{ octavia_service_adminuri }}/v1/%(tenant_id)s"
|
octavia_service_adminurl_v2: "{{ octavia_service_adminuri }}"
|
||||||
octavia_service_internaluri: "{{ octavia_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}"
|
octavia_service_internaluri: "{{ octavia_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}"
|
||||||
octavia_service_internalurl: "{{ octavia_service_internaluri }}/v1/%(tenant_id)s"
|
octavia_service_internalurl_v2: "{{ octavia_service_internaluri }}"
|
||||||
|
|
||||||
octavia_service_in_ldap: false
|
octavia_service_in_ldap: false
|
||||||
|
|
||||||
@ -154,17 +161,13 @@ octavia_pip_packages:
|
|||||||
- cryptography
|
- cryptography
|
||||||
- keystonemiddleware
|
- keystonemiddleware
|
||||||
- PyMySQL
|
- PyMySQL
|
||||||
- python-ceilometerclient
|
|
||||||
- python-cinderclient
|
|
||||||
- python-glanceclient
|
- python-glanceclient
|
||||||
- python-heatclient
|
|
||||||
- python-keystoneclient
|
- python-keystoneclient
|
||||||
- python-memcached
|
- python-memcached
|
||||||
- python-neutronclient
|
- python-neutronclient
|
||||||
- python-novaclient
|
- python-novaclient
|
||||||
- python-openstackclient
|
- python-openstackclient
|
||||||
- python-swiftclient
|
- python-octaviaclient
|
||||||
- python-troveclient
|
|
||||||
- octavia
|
- octavia
|
||||||
- uwsgi
|
- uwsgi
|
||||||
|
|
||||||
|
@ -192,6 +192,32 @@ enable access.
|
|||||||
/etc/openstack-deploy
|
/etc/openstack-deploy
|
||||||
|
|
||||||
|
|
||||||
|
Optional: Enable Octavia V2 API
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
Beginning with the Pike release, Octavia can be deployed in a stand-alone
|
||||||
|
version thus avoiding the Neutron integration. Currently, the following
|
||||||
|
configuration should be added to ``openstack_user_config.yml``:
|
||||||
|
|
||||||
|
.. code-block:: yaml
|
||||||
|
|
||||||
|
# Disable Octavia support in Neutron
|
||||||
|
neutron_lbaas_octavia: False
|
||||||
|
# Disable LBaaS V2
|
||||||
|
neutron_lbaasv2: False
|
||||||
|
# Enable Octavia V2 API/standalone
|
||||||
|
octavia_v2: True
|
||||||
|
# Disable Octavia V1 API
|
||||||
|
octavia_v1: False
|
||||||
|
|
||||||
|
Please note that in some settings the LBaaS plugin is directly enabled in the
|
||||||
|
``neutron_plugin_base`` so adjust this as necessary.
|
||||||
|
|
||||||
|
Please be aware that if you enable only the Octavia endpoint, only
|
||||||
|
Octavia load balancers can be created because the integration with 3rd party
|
||||||
|
load balancer vendors nor with the haproxy namespace driver is available
|
||||||
|
in the Pike release.
|
||||||
|
|
||||||
Optional: Tuning Octavia for production use
|
Optional: Tuning Octavia for production use
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- Adds a new flag to enable Octavia V2 API (disabled by default) to facilitate to run Octavia
|
||||||
|
stand alone (without Neutron)
|
||||||
|
- Adds a new flag to toggle Octavia V1 API (the API needed to run in conjunction with Neutron)
|
||||||
|
and enables it by default.
|
||||||
|
|
@ -66,7 +66,8 @@
|
|||||||
retries: 5
|
retries: 5
|
||||||
delay: 10
|
delay: 10
|
||||||
|
|
||||||
# Create an endpoint
|
# Create an endpoint (v2 only)
|
||||||
|
# V1 uses a direct URL in the neutron conf
|
||||||
- name: Ensure octavia endpoint
|
- name: Ensure octavia endpoint
|
||||||
keystone:
|
keystone:
|
||||||
command: "ensure_endpoint"
|
command: "ensure_endpoint"
|
||||||
@ -79,14 +80,14 @@
|
|||||||
service_type: "{{ octavia_service_type }}"
|
service_type: "{{ octavia_service_type }}"
|
||||||
insecure: "{{ keystone_service_adminuri_insecure }}"
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||||
endpoint_list:
|
endpoint_list:
|
||||||
# Versions pre Pike only have an internal endpoint
|
- url: "{{ octavia_service_publicurl_v2 }}"
|
||||||
# - url: "{{ service_publicurl }}"
|
interface: "public"
|
||||||
# interface: "public"
|
- url: "{{ octavia_service_internalurl_v2 }}"
|
||||||
- url: "{{ octavia_service_internalurl }}"
|
|
||||||
interface: "internal"
|
interface: "internal"
|
||||||
# - url: "{{ service_adminurl }}"
|
- url: "{{ octavia_service_adminurl_v2 }}"
|
||||||
# interface: "admin"
|
interface: "admin"
|
||||||
register: add_service
|
register: add_service_v2
|
||||||
until: add_service|success
|
until: add_service_v2|success
|
||||||
retries: 5
|
retries: 5
|
||||||
delay: 10
|
delay: 10
|
||||||
|
when: octavia_v2 | bool
|
||||||
|
@ -1,13 +1,16 @@
|
|||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
# Print debugging output (set logging level to DEBUG instead of default WARNING level).
|
# Print debugging output (set logging level to DEBUG instead of default WARNING level).
|
||||||
debug = {{ debug }}
|
debug = {{ debug }}
|
||||||
|
|
||||||
|
{% if not octavia_v2|bool %}
|
||||||
bind_host = 0.0.0.0
|
bind_host = 0.0.0.0
|
||||||
bind_port = {{ octavia_service_port }}
|
bind_port = {{ octavia_service_port }}
|
||||||
# api_handler = queue_producer
|
# api_handler = queue_producer
|
||||||
#
|
#
|
||||||
# How should authentication be handled (keystone, noauth)
|
# How should authentication be handled (keystone, noauth)
|
||||||
# auth_strategy = noauth
|
auth_strategy = {{ octavia_auth_strategy }}
|
||||||
#
|
#
|
||||||
|
{% endif %}
|
||||||
# Plugin options are hot_plug_plugin (Hot-pluggable controller plugin)
|
# Plugin options are hot_plug_plugin (Hot-pluggable controller plugin)
|
||||||
#
|
#
|
||||||
# octavia_plugins = hot_plug_plugin
|
# octavia_plugins = hot_plug_plugin
|
||||||
@ -24,8 +27,20 @@ bind_port = {{ octavia_service_port }}
|
|||||||
|
|
||||||
transport_url = rabbit://{% for host in octavia_rabbitmq_servers.split(',') %}{{ octavia_rabbitmq_userid }}:{{ octavia_rabbitmq_password }}@{{ host }}:{{ octavia_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ octavia_rabbitmq_vhost }}{% endif %}{% endfor %}
|
transport_url = rabbit://{% for host in octavia_rabbitmq_servers.split(',') %}{{ octavia_rabbitmq_userid }}:{{ octavia_rabbitmq_password }}@{{ host }}:{{ octavia_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ octavia_rabbitmq_vhost }}{% endif %}{% endfor %}
|
||||||
|
|
||||||
# for pre Pike
|
[api_settings]
|
||||||
|
bind_host = 0.0.0.0
|
||||||
|
bind_port = {{ octavia_service_port }}
|
||||||
|
# api_handler = queue_producer
|
||||||
|
#
|
||||||
|
# How should authentication be handled (keystone, noauth)
|
||||||
|
# Note: remove "noauth" once LP bug is fixed
|
||||||
auth_strategy = {{ octavia_auth_strategy }}
|
auth_strategy = {{ octavia_auth_strategy }}
|
||||||
|
#
|
||||||
|
api_v1_enabled = {{ octavia_v1 }}
|
||||||
|
api_v2_enabled = {{ octavia_v2 }}
|
||||||
|
# Allow users to create TLS Terminated listeners?
|
||||||
|
allow_tls_terminated_listeners = {{ octavia_tls_listener_enabled }}
|
||||||
|
|
||||||
# pre Ocata
|
# pre Ocata
|
||||||
[oslo_messaging_rabbit]
|
[oslo_messaging_rabbit]
|
||||||
ssl = {{ octavia_rabbitmq_use_ssl }}
|
ssl = {{ octavia_rabbitmq_use_ssl }}
|
||||||
|
Loading…
Reference in New Issue
Block a user