glaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaance

2017-08-21 14:01:12 +02:00 · 2017-08-21 14:01:12 +02:00 · cd1d4a9f79
parent 56348325c8
commit cd1d4a9f79
8 changed files with 425 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -0,0 +1,13 @@
+coe_host: "https://127.0.0.1:8443"
+kube_context: "kubernetes-admin@kubernetes"
+config_file: "~/.kube/config"
+action: provision
+
+hiera_data: {}
+hiera_data_file: ''
+
+glance_config:
+  DEFAULT:
+    public_bind_host: "0.0.0.0"
+  database:
+    connection: "mysql+pymysql://root:weakpassword@mariadb:3306/glance"
--- a/tasks/deprovision.yml
+++ b/tasks/deprovision.yml
@ -0,0 +1,37 @@
+- name: Delete glance db-sync job
+  k8s_v1_job:
+    host: "{{coe_host}}"
+    context: "{{kube_context}}"
+    kubeconfig: "{{config_file}}"
+    name: glance-db-sync
+    namespace: openstack
+    state: absent
+
+- name: Delete glance deployment
+  k8s_v1beta1_deployment:
+    host: "{{coe_host}}"
+    context: "{{kube_context}}"
+    kubeconfig: "{{config_file}}"
+    name: glance-api
+    namespace: openstack
+    state: absent
+
+- name: Delete glance service
+  k8s_v1_service:
+    host: "{{coe_host}}"
+    context: "{{kube_context}}"
+    kubeconfig: "{{config_file}}"
+    name: glance
+    namespace: openstack
+    state: absent
+
+- name: Delete glance configmaps
+  ignore_errors: yes
+  k8s_v1_config_map:
+    host: "{{coe_host}}"
+    context: "{{kube_context}}"
+    kubeconfig: "{{config_file}}"
+    name: glance
+    namespace: openstack
+    state: absent
+    debug: yes
--- a/tasks/hiera.yml
+++ b/tasks/hiera.yml
@ -0,0 +1,59 @@
+- name: Translate hieradata
+  include_role:
+    name: 'ansible-role-k8s-tripleo'
+  vars:
+    hieradata: '{{hiera_data}}'
+    hieradata_file: '{{hiera_data_file}}'
+    schema:
+      glance::database_connection: database.connection
+
+      glance_log_file: DEFAULT.log_file
+      glance::api::debug: DEFAULT.debug
+      glance::api::workers: DEFAULT.workers
+      glance::api::bind_port: DEFAULT.bind_port
+      glance::api::enable_v1_api: DEFAULT.enable_v1_api
+      glance::api::enable_v2_api: DEFAULT.enable_v2_api
+      glance::api::show_image_direct_url: DEFAULT.show_image_direct_url
+      glance::api::show_multiple_locations: DEFAULT.show_multiple_locations
+
+      glance::api::authtoken::auth_uri: keystone_authtoken.auth_uri
+      glance::api::authtoken::auth_url: keystone_authtoken.auth_url
+      glance::api::authtoken::password: keystone_authtoken.password
+      glance::api::authtoken::username: keystone_authtoken.username
+      glance::api::authtoken::project: keystone_authtoken.project
+#      glance::keystone::authtoken::user_domain_name: 'Default'
+#      glance::keystone::authtoken::project_domain_name: 'Default'
+
+
+      glance::api::os_region_name: glance_store.os_region_name
+
+      glance::api::enable_proxy_headers_parsing: oslo_middleware.enable_proxy_headers_parsing
+
+      glance::api::pipeline: paste_deploy.pipeline
+
+      #glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
+      glance::notify::rabbitmq::rabbit_userid: oslo_messaging_rabbit.rabbit_userid
+      glance::notify::rabbitmq::rabbit_port: oslo_messaging_rabbit.rabbit_port
+      glance::notify::rabbitmq::rabbit_password: oslo_messaging_rabbit.rabbit_password
+      glance::notify::rabbitmq::rabbit_use_ssl: oslo_messaging_rabbit.rabbit_use_ssl
+      glance::notify::rabbitmq::rabbit_host: oslo_messaging_rabbit.rabbit_host
+
+      glance::notify::rabbitmq::notification_driver: {get_param: NotificationDriver}
+      glance::notification_driver: oslo_messaging_notifications.driver
+      glance::notification_topics: oslo_messaging_notifications.topics
+
+    fact_variable: 'glance_config'
+
+#           glance::policy::policies: {get_param: GlanceApiPolicies}
+#           glance::backend::swift::swift_store_auth_address: {get_param: [EndpointMap, KeystoneV3Internal, uri] }
+#           glance::backend::swift::swift_store_user: service:glance
+#           glance::backend::swift::swift_store_key: {get_param: GlancePassword}
+#           glance::backend::swift::swift_store_create_container_on_put: true
+#           glance::backend::swift::swift_store_auth_version: 3
+#           glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName}
+#           glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName}
+#           glance_backend: {get_param: GlanceBackend}
+
+#           tripleo::profile::base::glance::api::glance_nfs_enabled: {get_param: GlanceNfsEnabled}
+#           tripleo::glance::nfs_mount::share: {get_param: GlanceNfsShare}
+#           tripleo::glance::nfs_mount::options: {get_param: GlanceNfsOptions}
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1 @@
+- include: "{{ action }}.yml"
--- a/tasks/provision.yml
+++ b/tasks/provision.yml
@ -0,0 +1,180 @@
+- name: Create project
+  k8s_v1_namespace:
+    host: "{{coe_host}}"
+    context: "{{kube_context}}"
+    kubeconfig: "{{config_file}}"
+    name: openstack
+    state: present
+    debug: yes
+
+- name: Upload config files
+  template:
+    src: "{{item}}"
+    dest: /tmp/{{item}}
+    backup: yes
+    mode: 0644
+  with_items:
+    - httpd.conf
+    - httpd-glance-main.conf
+
+- include: hiera.yaml
+
+- name: Generate config files
+  config_template:
+    src: base.conf.j2
+    dest: /tmp/glance-api.conf
+    config_overrides: '{{glance_config}}'
+    config_type: ini
+
+- name: Read configs into memory
+  slurp:
+    src: "/tmp/httpd-glance-main.conf"
+  register: "httpd_glance_main_conf"
+
+- name: Read configs into memory
+  slurp:
+    src: "/tmp/httpd.conf"
+  register: "httpd_conf"
+
+- name: Read configs into memory
+  slurp:
+    src: "/tmp/glance-api.conf"
+  register: "glance_conf"
+
+- name: Create glance configmaps
+  ignore_errors: yes
+  k8s_v1_config_map:
+    host: "{{coe_host}}"
+    context: "{{kube_context}}"
+    kubeconfig: "{{config_file}}"
+    name: glance
+    namespace: openstack
+    state: present
+    debug: yes
+    labels:
+      service: glance
+    data:
+      config.json: |
+        {
+            "command": "/usr/sbin/httpd -DFOREGROUND",
+            "config_files": [
+              {
+                "dest": "/etc/httpd/conf/httpd.conf",
+                "owner": "root",
+                "perm": "0644",
+                "source": "/var/lib/kolla/config_files/httpd.conf"
+              },
+              {
+                "dest": "/etc/glance/glance-api.conf",
+                "owner": "glance",
+                "perm": "0644",
+                "source": "/var/lib/kolla/config_files/glance-api.conf"
+              },
+              {
+                "dest": "/etc/httpd/conf.d/10-glance-main.conf",
+                "owner": "root",
+                "perm": "0644",
+                "source": "/var/lib/kolla/config_files/httpd-glance-main.conf"
+              },
+            ]
+        }
+      glance-api.conf: |
+        {{glance_conf['content'] | b64decode}}
+      httpd.conf: |
+        {{httpd_conf['content'] | b64decode}}
+      httpd-glance-main.conf: |
+        {{httpd_glance_main_conf['content'] | b64decode}}
+      httpd-glance-admin.conf: |
+        {{httpd_glance_admin_conf['content'] | b64decode}}
+
+
+- name: Create glance db-sync job
+  k8s_v1_job:
+    host: "{{coe_host}}"
+    context: "{{kube_context}}"
+    kubeconfig: "{{config_file}}"
+    name: glance-db-sync
+    namespace: openstack
+    state: present
+    spec_template_metadata_annotations:
+      pod.beta.kubernetes.io/init-containers: '[
+          {
+            "name": "glance-db-create",
+            "image": "tripleoupstream/centos-binary-mariadb",
+            "imagePullPolicy": "IfNotPresent",
+            "restartPolicy": "OnFailure",
+            "command": [
+              "mysql",
+              "-h",
+              "mariadb",
+              "-u",
+              "root",
+              "--password=weakpassword",
+              "-e",
+              "create database if not exists glance;"
+            ]
+          }
+        ]'
+    restart_policy: OnFailure
+    containers:
+      - image: tripleoupstream/centos-binary-glance-api
+        name: glance-db-sync
+        env:
+          - name: KOLLA_CONFIG_STRATEGY
+            value: COPY_ALWAYS
+          - name: KOLLA_BOOTSTRAP
+            value: ''
+        volume_mounts:
+        - name: kolla-config
+          mountPath: /var/lib/kolla/config_files/
+    volumes:
+      - name: kolla-config
+        config_map:
+          name: glance
+    state: present
+
+- name: Create glance service
+  k8s_v1_service:
+    host: "{{coe_host}}"
+    context: "{{kube_context}}"
+    kubeconfig: "{{config_file}}"
+    name: glance
+    namespace: openstack
+    state: present
+    ports:
+      - port: 9292
+        name: glance-api
+    selector:
+      app: glance-api
+
+- name: Create glance deployment
+  k8s_v1beta1_deployment:
+    host: "{{coe_host}}"
+    context: "{{kube_context}}"
+    kubeconfig: "{{config_file}}"
+    name: glance-api
+    namespace: openstack
+    replicas: 1
+    spec_revision_history_limit: 3
+    spec_template_metadata_labels:
+      app: glance-api
+    containers:
+      - name: glance-api
+        image: tripleoupstream/centos-binary-glance-api
+        imagePullPolicy: IfNotPresent
+        env:
+        - name: KOLLA_CONFIG_STRATEGY
+          value: COPY_ALWAYS
+        - name: KOLLA_KUBERNETES
+          value: ""
+        ports:
+          - name: glance-api
+            containerPort: 9292
+        volume_mounts:
+        - name: kolla-config
+          mountPath: /var/lib/kolla/config_files/
+    volumes:
+      - name: kolla-config
+        config_map:
+          name: glance
+    state: present
--- a/templates/base.conf.j2
+++ b/templates/base.conf.j2
--- a/templates/httpd-glance-main.conf
+++ b/templates/httpd-glance-main.conf
@ -0,0 +1,22 @@
+<VirtualHost *:5000>
+  ## Vhost docroot
+  DocumentRoot "/var/www/cgi-bin/glance"
+
+  ## Directories, there should at least be a declaration for /var/www/cgi-bin/glance
+
+  <Directory "/var/www/cgi-bin/glance">
+    Options Indexes FollowSymLinks MultiViews
+    AllowOverride None
+    Require all granted
+  </Directory>
+
+  ## Logging
+  # ErrorLog "/var/log/httpd/glance_wsgi_main_error.log"
+  ServerSignature Off
+  # CustomLog "/var/log/httpd/glance_wsgi_main_access.log" combined
+  WSGIApplicationGroup %{GLOBAL}
+  WSGIDaemonProcess glance_main display-name=glance-main group=glance processes=2 threads=1 user=glance
+  WSGIProcessGroup glance_main
+  WSGIScriptAlias / "/var/www/cgi-bin/glance/main"
+  WSGIPassAuthorization On
+</VirtualHost>
--- a/templates/httpd.conf
+++ b/templates/httpd.conf
@ -0,0 +1,113 @@
+Listen *:5000
+Listen *:35357
+
+ServerRoot "/etc/httpd"
+DocumentRoot "/var/www/html"
+User apache
+Group apache
+
+Include conf.modules.d/*.conf
+
+<Directory />
+    AllowOverride none
+    Require all denied
+</Directory>
+
+<Directory "/var/www">
+    AllowOverride None
+    # Allow open access:
+    Require all granted
+</Directory>
+
+<Directory "/var/www/cgi-bin">
+    AllowOverride None
+    Options None
+    Require all granted
+</Directory>
+
+<IfModule dir_module>
+    DirectoryIndex index.html
+</IfModule>
+
+<Files ".ht*">
+    Require all denied
+</Files>
+
+ErrorLog /dev/stderr
+<IfModule log_config_module>
+    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+    LogFormat "%h %l %u %t \"%r\" %>s %b" common
+
+    <IfModule logio_module>
+      # You need to enable mod_logio.c to use %I and %O
+      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
+    </IfModule>
+
+    CustomLog /dev/stdout combined
+</IfModule>
+
+<IfModule mime_module>
+    #
+    # TypesConfig points to the file containing the list of mappings from
+    # filename extension to MIME-type.
+    #
+    TypesConfig /etc/mime.types
+
+    #
+    # AddType allows you to add to or override the MIME configuration
+    # file specified in TypesConfig for specific file types.
+    #
+    #AddType application/x-gzip .tgz
+    #
+    # AddEncoding allows you to have certain browsers uncompress
+    # information on the fly. Note: Not all browsers support this.
+    #
+    #AddEncoding x-compress .Z
+    #AddEncoding x-gzip .gz .tgz
+    #
+    # If the AddEncoding directives above are commented-out, then you
+    # probably should define those extensions to indicate media types:
+    #
+    AddType application/x-compress .Z
+    AddType application/x-gzip .gz .tgz
+
+    #
+    # AddHandler allows you to map certain file extensions to "handlers":
+    # actions unrelated to filetype. These can be either built into the server
+    # or added with the Action directive (see below)
+    #
+    # To use CGI scripts outside of ScriptAliased directories:
+    # (You will also need to add "ExecCGI" to the "Options" directive.)
+    #
+    #AddHandler cgi-script .cgi
+
+    # For type maps (negotiated resources):
+    #AddHandler type-map var
+
+    #
+    # Filters allow you to process content before it is sent to the client.
+    #
+    # To parse .shtml files for server-side includes (SSI):
+    # (You will also need to add "Includes" to the "Options" directive.)
+    #
+    AddType text/html .shtml
+    AddOutputFilter INCLUDES .shtml
+</IfModule>
+
+AddDefaultCharset UTF-8
+
+<IfModule mime_magic_module>
+    #
+    # The mod_mime_magic module allows the server to use various hints from the
+    # contents of the file itself to determine its type.  The MIMEMagicFile
+    # directive tells the module where the hint definitions are located.
+    #
+    MIMEMagicFile conf/magic
+</IfModule>
+
+EnableSendfile on
+
+# Supplemental configuration
+#
+# Load config files in the "/etc/httpd/conf.d" directory, if any.
+IncludeOptional conf.d/*.conf