Merge "Enable V2 Octavia API (Experimental)"

This commit is contained in:
Jenkins 2017-08-15 18:31:46 +00:00 committed by Gerrit Code Review
commit d25a59b68c
5 changed files with 74 additions and 22 deletions

View File

@ -16,6 +16,15 @@
## Verbosity Options ## Verbosity Options
debug: False debug: False
## Octavia stnadalone (v2) experimental
octavia_v2: false
## Activate Octavia V1 API
octavia_v1: True
## Allow TLS listener
octavia_tls_listener_enabled: True
# Set the package install state for distribution and pip packages # Set the package install state for distribution and pip packages
# Options are 'present' and 'latest' # Options are 'present' and 'latest'
octavia_package_state: "latest" octavia_package_state: "latest"
@ -37,9 +46,7 @@ octavia_fatal_deprecations: False
octavia_clients_endpoint: internalURL octavia_clients_endpoint: internalURL
# Workaround for https://bugs.launchpad.net/octavia/+bug/1704468 octavia_auth_strategy: keystone
# API haproxy needs "/" to return 200 for healthcheck
octavia_auth_strategy: noauth
## DB ## DB
octavia_galera_user: octavia octavia_galera_user: octavia
@ -121,11 +128,11 @@ octavia_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(o
octavia_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(octavia_service_proto) }}" octavia_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(octavia_service_proto) }}"
octavia_service_type: load-balancer octavia_service_type: load-balancer
octavia_service_publicuri: "{{ octavia_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ octavia_service_port }}" octavia_service_publicuri: "{{ octavia_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ octavia_service_port }}"
octavia_service_publicurl: "{{ octavia_service_publicuri }}/v1/%(tenant_id)s" octavia_service_publicurl_v2: "{{ octavia_service_publicuri }}/"
octavia_service_adminuri: "{{ octavia_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}" octavia_service_adminuri: "{{ octavia_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}"
octavia_service_adminurl: "{{ octavia_service_adminuri }}/v1/%(tenant_id)s" octavia_service_adminurl_v2: "{{ octavia_service_adminuri }}"
octavia_service_internaluri: "{{ octavia_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}" octavia_service_internaluri: "{{ octavia_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}"
octavia_service_internalurl: "{{ octavia_service_internaluri }}/v1/%(tenant_id)s" octavia_service_internalurl_v2: "{{ octavia_service_internaluri }}"
octavia_service_in_ldap: false octavia_service_in_ldap: false
@ -154,17 +161,13 @@ octavia_pip_packages:
- cryptography - cryptography
- keystonemiddleware - keystonemiddleware
- PyMySQL - PyMySQL
- python-ceilometerclient
- python-cinderclient
- python-glanceclient - python-glanceclient
- python-heatclient
- python-keystoneclient - python-keystoneclient
- python-memcached - python-memcached
- python-neutronclient - python-neutronclient
- python-novaclient - python-novaclient
- python-openstackclient - python-openstackclient
- python-swiftclient - python-octaviaclient
- python-troveclient
- octavia - octavia
- uwsgi - uwsgi

View File

@ -192,6 +192,32 @@ enable access.
/etc/openstack-deploy /etc/openstack-deploy
Optional: Enable Octavia V2 API
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Beginning with the Pike release, Octavia can be deployed in a stand-alone
version thus avoiding the Neutron integration. Currently, the following
configuration should be added to ``openstack_user_config.yml``:
.. code-block:: yaml
# Disable Octavia support in Neutron
neutron_lbaas_octavia: False
# Disable LBaaS V2
neutron_lbaasv2: False
# Enable Octavia V2 API/standalone
octavia_v2: True
# Disable Octavia V1 API
octavia_v1: False
Please note that in some settings the LBaaS plugin is directly enabled in the
``neutron_plugin_base`` so adjust this as necessary.
Please be aware that if you enable only the Octavia endpoint, only
Octavia load balancers can be created because the integration with 3rd party
load balancer vendors nor with the haproxy namespace driver is available
in the Pike release.
Optional: Tuning Octavia for production use Optional: Tuning Octavia for production use
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

View File

@ -0,0 +1,7 @@
---
features:
- Adds a new flag to enable Octavia V2 API (disabled by default) to facilitate to run Octavia
stand alone (without Neutron)
- Adds a new flag to toggle Octavia V1 API (the API needed to run in conjunction with Neutron)
and enables it by default.

View File

@ -66,7 +66,8 @@
retries: 5 retries: 5
delay: 10 delay: 10
# Create an endpoint # Create an endpoint (v2 only)
# V1 uses a direct URL in the neutron conf
- name: Ensure octavia endpoint - name: Ensure octavia endpoint
keystone: keystone:
command: "ensure_endpoint" command: "ensure_endpoint"
@ -79,14 +80,14 @@
service_type: "{{ octavia_service_type }}" service_type: "{{ octavia_service_type }}"
insecure: "{{ keystone_service_adminuri_insecure }}" insecure: "{{ keystone_service_adminuri_insecure }}"
endpoint_list: endpoint_list:
# Versions pre Pike only have an internal endpoint - url: "{{ octavia_service_publicurl_v2 }}"
# - url: "{{ service_publicurl }}" interface: "public"
# interface: "public" - url: "{{ octavia_service_internalurl_v2 }}"
- url: "{{ octavia_service_internalurl }}"
interface: "internal" interface: "internal"
# - url: "{{ service_adminurl }}" - url: "{{ octavia_service_adminurl_v2 }}"
# interface: "admin" interface: "admin"
register: add_service register: add_service_v2
until: add_service|success until: add_service_v2|success
retries: 5 retries: 5
delay: 10 delay: 10
when: octavia_v2 | bool

View File

@ -1,13 +1,16 @@
[DEFAULT] [DEFAULT]
# Print debugging output (set logging level to DEBUG instead of default WARNING level). # Print debugging output (set logging level to DEBUG instead of default WARNING level).
debug = {{ debug }} debug = {{ debug }}
{% if not octavia_v2|bool %}
bind_host = 0.0.0.0 bind_host = 0.0.0.0
bind_port = {{ octavia_service_port }} bind_port = {{ octavia_service_port }}
# api_handler = queue_producer # api_handler = queue_producer
# #
# How should authentication be handled (keystone, noauth) # How should authentication be handled (keystone, noauth)
# auth_strategy = noauth auth_strategy = {{ octavia_auth_strategy }}
# #
{% endif %}
# Plugin options are hot_plug_plugin (Hot-pluggable controller plugin) # Plugin options are hot_plug_plugin (Hot-pluggable controller plugin)
# #
# octavia_plugins = hot_plug_plugin # octavia_plugins = hot_plug_plugin
@ -24,8 +27,20 @@ bind_port = {{ octavia_service_port }}
transport_url = rabbit://{% for host in octavia_rabbitmq_servers.split(',') %}{{ octavia_rabbitmq_userid }}:{{ octavia_rabbitmq_password }}@{{ host }}:{{ octavia_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ octavia_rabbitmq_vhost }}{% endif %}{% endfor %} transport_url = rabbit://{% for host in octavia_rabbitmq_servers.split(',') %}{{ octavia_rabbitmq_userid }}:{{ octavia_rabbitmq_password }}@{{ host }}:{{ octavia_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ octavia_rabbitmq_vhost }}{% endif %}{% endfor %}
# for pre Pike [api_settings]
bind_host = 0.0.0.0
bind_port = {{ octavia_service_port }}
# api_handler = queue_producer
#
# How should authentication be handled (keystone, noauth)
# Note: remove "noauth" once LP bug is fixed
auth_strategy = {{ octavia_auth_strategy }} auth_strategy = {{ octavia_auth_strategy }}
#
api_v1_enabled = {{ octavia_v1 }}
api_v2_enabled = {{ octavia_v2 }}
# Allow users to create TLS Terminated listeners?
allow_tls_terminated_listeners = {{ octavia_tls_listener_enabled }}
# pre Ocata # pre Ocata
[oslo_messaging_rabbit] [oslo_messaging_rabbit]
ssl = {{ octavia_rabbitmq_use_ssl }} ssl = {{ octavia_rabbitmq_use_ssl }}