Implement blazar ansible role

Add ansible role to deploy blazar Add nova filters to allow use of blazar Change-Id: I6742ddc9a4736f256491dd0cfd31904fa8eb5652 Implements: blueprint blazar-ansible-role
2017-04-07 16:01:07 +01:00 · 2017-04-07 16:01:07 +01:00 · 31f7732aef
parent 5f0a709dfd
commit 31f7732aef
33 changed files with 550 additions and 0 deletions
--- a/README.rst
+++ b/README.rst
@ -45,6 +45,7 @@ Kolla-Ansible deploys containers for the following OpenStack projects:
 - `Aodh <https://docs.openstack.org/aodh/latest/>`__
 - `Barbican <https://docs.openstack.org/barbican/latest/>`__
 - `Bifrost <https://docs.openstack.org/bifrost/latest/>`__
+- `Blazar <https://blazar.readthedocs.io/en/latest/>`__
 - `Ceilometer <https://docs.openstack.org/ceilometer/latest/>`__
 - `Cinder <https://docs.openstack.org/cinder/latest/>`__
 - `CloudKitty <https://docs.openstack.org/cloudkitty/latest/>`__
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -167,6 +167,8 @@ aodh_api_port: "8042"

 barbican_api_port: "9311"

+blazar_api_port: "1234"
+
 cinder_api_port: "8776"

 congress_api_port: "1789"
@ -371,6 +373,7 @@ enable_outward_rabbitmq: "{{ enable_murano | bool }}"
 # Additional optional OpenStack features and services are specified here
 enable_aodh: "no"
 enable_barbican: "no"
+enable_blazar: "no"
 enable_cadf_notifications: "no"
 enable_ceilometer: "no"
 enable_central_logging: "no"
--- a/ansible/inventory/all-in-one
+++ b/ansible/inventory/all-in-one
@ -231,6 +231,9 @@ monitoring
 [redis:children]
 control

+[blazar:children]
+control
+
 # Additional control implemented here. These groups allow you to control which
 # services run on which hosts at a per-service level.
 #
@ -615,3 +618,10 @@ vitrage

 [vitrage-ml:children]
 vitrage
+
+# Blazar
+[blazar-api:children]
+blazar
+
+[blazar-manager:children]
+blazar
--- a/ansible/inventory/multinode
+++ b/ansible/inventory/multinode
@ -250,6 +250,9 @@ monitoring
 [redis:children]
 control

+[blazar:children]
+control
+
 # Additional control implemented here. These groups allow you to control which
 # services run on which hosts at a per-service level.
 #
@ -634,3 +637,10 @@ vitrage

 [vitrage-ml:children]
 vitrage
+
+# Blazar
+[blazar-api:children]
+blazar
+
+[blazar-manager:children]
+blazar
--- a/ansible/roles/blazar/defaults/main.yml
+++ b/ansible/roles/blazar/defaults/main.yml
@ -0,0 +1,63 @@
+---
+project_name: "blazar"
+
+blazar_services:
+  blazar-api:
+    container_name: blazar_api
+    group: blazar-api
+    enabled: true
+    image: "{{ blazar_api_image_full }}"
+    volumes:
+      - "{{ node_config_directory }}/blazar-api/:{{ container_config_directory }}/:ro"
+      - "/etc/localtime:/etc/localtime:ro"
+      - "kolla_logs:/var/log/kolla/"
+  blazar-manager:
+    container_name: blazar_manager
+    group: blazar-manager
+    enabled: true
+    image: "{{ blazar_manager_image_full }}"
+    volumes:
+      - "{{ node_config_directory }}/blazar-manager/:{{ container_config_directory }}/:ro"
+      - "/etc/localtime:/etc/localtime:ro"
+      - "kolla_logs:/var/log/kolla/"
+
+####################
+# Blazar
+####################
+blazar_aggregate_pool_name: "freepool"
+
+####################
+# Database
+####################
+blazar_database_name: "blazar"
+blazar_database_user: "blazar"
+blazar_database_address: "{{ kolla_internal_fqdn }}:{{ database_port }}"
+
+
+####################
+# Docker
+####################
+blazar_install_type: "{{ kolla_install_type }}"
+blazar_tag: "{{ openstack_release }}"
+
+blazar_manager_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ blazar_install_type }}-blazar-manager"
+blazar_manager_tag: "{{ blazar_tag }}"
+blazar_manager_image_full: "{{ blazar_manager_image }}:{{ blazar_manager_tag }}"
+
+blazar_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ blazar_install_type }}-blazar-api"
+blazar_api_tag: "{{ blazar_tag }}"
+blazar_api_image_full: "{{ blazar_api_image }}:{{ blazar_api_tag }}"
+
+
+####################
+# OpenStack
+####################
+blazar_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ blazar_api_port }}/v1"
+blazar_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ blazar_api_port }}/v1"
+blazar_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ blazar_api_port }}/v1"
+
+blazar_logging_debug: "{{ openstack_logging_debug }}"
+
+blazar_keystone_user: "blazar"
+
+openstack_blazar_auth: "{{ openstack_auth }}"
--- a/ansible/roles/blazar/handlers/main.yml
+++ b/ansible/roles/blazar/handlers/main.yml
@ -0,0 +1,46 @@
+---
+- name: Restart blazar-api container
+  vars:
+    service_name: "blazar-api"
+    service: "{{ blazar_services[service_name] }}"
+    config_json: "{{ blazar_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
+    blazar_conf: "{{ blazar_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
+    policy_json: "{{ blazar_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
+    blazar_api_container: "{{ check_blazar_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
+  kolla_docker:
+    action: "recreate_or_restart_container"
+    common_options: "{{ docker_common_options }}"
+    name: "{{ service.container_name }}"
+    image: "{{ service.image }}"
+    volumes: "{{ service.volumes }}"
+  when:
+    - action != "config"
+    - inventory_hostname in groups[service.group]
+    - service.enabled | bool
+    - config_json.changed | bool
+      or blazar_conf.changed | bool
+      or policy_json.changed | bool
+      or blazar_api_container.changed | bool
+
+- name: Restart blazar-manager container
+  vars:
+    service_name: "blazar-manager"
+    service: "{{ blazar_services[service_name] }}"
+    config_json: "{{ blazar_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
+    blazar_conf: "{{ blazar_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
+    policy_json: "{{ blazar_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
+    blazar_manager_container: "{{ check_blazar_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
+  kolla_docker:
+    action: "recreate_or_restart_container"
+    common_options: "{{ docker_common_options }}"
+    name: "{{ service.container_name }}"
+    image: "{{ service.image }}"
+    volumes: "{{ service.volumes }}"
+  when:
+    - action != "config"
+    - inventory_hostname in groups[service.group]
+    - service.enabled | bool
+    - config_json.changed | bool
+      or blazar_conf.changed | bool
+      or policy_json.changed | bool
+      or blazar_manager_container.changed | bool
--- a/ansible/roles/blazar/meta/main.yml
+++ b/ansible/roles/blazar/meta/main.yml
@ -0,0 +1,3 @@
+---
+dependencies:
+  - { role: common }
--- a/ansible/roles/blazar/tasks/bootstrap.yml
+++ b/ansible/roles/blazar/tasks/bootstrap.yml
@ -0,0 +1,54 @@
+---
+- name: Creating blazar database
+  kolla_toolbox:
+    module_name: mysql_db
+    module_args:
+      login_host: "{{ database_address }}"
+      login_port: "{{ database_port }}"
+      login_user: "{{ database_user }}"
+      login_password: "{{ database_password }}"
+      name: "{{ blazar_database_name }}"
+  register: database
+  run_once: True
+  delegate_to: "{{ groups['blazar-api'][0] }}"
+
+- name: Creating blazar database user and setting permissions
+  kolla_toolbox:
+    module_name: mysql_user
+    module_args:
+      login_host: "{{ database_address }}"
+      login_port: "{{ database_port }}"
+      login_user: "{{ database_user }}"
+      login_password: "{{ database_password }}"
+      name: "{{ blazar_database_name }}"
+      password: "{{ blazar_database_password }}"
+      host: "%"
+      priv: "{{ blazar_database_name }}.*:ALL"
+      append_privs: "yes"
+  run_once: True
+  delegate_to: "{{ groups['blazar-api'][0] }}"
+
+# TODO(egonzalez) Use os_nova_host_aggregate ansible module once ansible min version is 2.3
+# http://docs.ansible.com/ansible/os_nova_host_aggregate_module.html
+- name: Creating blazar host aggregate
+  command: >
+    docker exec kolla_toolbox openstack
+    --os-interface internal
+    --os-auth-url {{ keystone_admin_url }}
+    --os-identity-api-version 3
+    --os-project-domain-name default
+    --os-tenant-name admin
+    --os-username admin
+    --os-password {{ keystone_admin_password }}
+    --os-user-domain-name default
+    aggregate create {{ blazar_aggregate_pool_name }}
+  register: blazar_host_aggregate
+  changed_when: blazar_host_aggregate | success
+  failed_when:
+    - blazar_host_aggregate.rc != 0
+    - "{{ 'already' not in blazar_host_aggregate.stderr }}"
+  run_once: True
+  delegate_to: "{{ groups['blazar-api'][0] }}"
+
+- include: bootstrap_service.yml
+  when: database.changed
--- a/ansible/roles/blazar/tasks/bootstrap_service.yml
+++ b/ansible/roles/blazar/tasks/bootstrap_service.yml
@ -0,0 +1,19 @@
+---
+- name: Running blazar bootstrap container
+  vars:
+    blazar_api: "{{ blazar_services['blazar-api'] }}"
+  kolla_docker:
+    action: "start_container"
+    common_options: "{{ docker_common_options }}"
+    detach: False
+    environment:
+      KOLLA_BOOTSTRAP:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+    image: "{{ blazar_api.image }}"
+    labels:
+      BOOTSTRAP:
+    name: "bootstrap_blazar"
+    restart_policy: "never"
+    volumes: "{{ blazar_api.volumes }}"
+  run_once: True
+  delegate_to: "{{ groups[blazar_api.group][0] }}"
--- a/ansible/roles/blazar/tasks/check.yml
+++ b/ansible/roles/blazar/tasks/check.yml
@ -0,0 +1 @@
+---
--- a/ansible/roles/blazar/tasks/config.yml
+++ b/ansible/roles/blazar/tasks/config.yml
@ -0,0 +1,78 @@
+---
+- name: Ensuring config directories exist
+  file:
+    path: "{{ node_config_directory }}/{{ item.key }}"
+    state: "directory"
+    recurse: yes
+  when:
+    - inventory_hostname in groups[item.value.group]
+    - item.value.enabled | bool
+  with_dict: "{{ blazar_services }}"
+
+- name: Copying over config.json files for services
+  template:
+    src: "{{ item.key }}.json.j2"
+    dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
+  register: blazar_config_jsons
+  when:
+    - item.value.enabled | bool
+    - inventory_hostname in groups[item.value.group]
+  with_dict: "{{ blazar_services }}"
+  notify:
+    - Restart blazar-api container
+    - Restart blazar-manager container
+
+- name: Copying over blazar.conf
+  vars:
+    service_name: "{{ item.key }}"
+  merge_configs:
+    sources:
+      - "{{ role_path }}/templates/blazar.conf.j2"
+      - "{{ node_custom_config }}/global.conf"
+      - "{{ node_custom_config }}/blazar.conf"
+      - "{{ node_custom_config }}/blazar/{{ item.key }}.conf"
+      - "{{ node_custom_config }}/blazar/{{ inventory_hostname }}/blazar.conf"
+    dest: "{{ node_config_directory }}/{{ item.key }}/blazar.conf"
+  register: blazar_confs
+  when:
+    - item.value.enabled | bool
+    - inventory_hostname in groups[item.value.group]
+  with_dict: "{{ blazar_services }}"
+  notify:
+    - Restart blazar-api container
+    - Restart blazar-manager container
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/blazar/policy.json"
+  register: blazar_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/blazar/policy.json"
+    dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
+  register: blazar_policy_jsons
+  when:
+    - blazar_policy.stat.exists
+    - inventory_hostname in groups[item.value.group]
+    - item.value.enabled | bool
+  with_dict: "{{ blazar_services }}"
+  notify:
+    - Restart blazar-api container
+    - Restart blazar-manager container
+
+- name: Check blazar containers
+  kolla_docker:
+    action: "compare_container"
+    common_options: "{{ docker_common_options }}"
+    name: "{{ item.value.container_name }}"
+    image: "{{ item.value.image }}"
+    volumes: "{{ item.value.volumes }}"
+  register: check_blazar_containers
+  when:
+    - action != "config"
+    - inventory_hostname in groups[item.value.group]
+    - item.value.enabled | bool
+  with_dict: "{{ blazar_services }}"
+  notify:
+    - Restart blazar-api container
+    - Restart blazar-manager container
--- a/ansible/roles/blazar/tasks/deploy.yml
+++ b/ansible/roles/blazar/tasks/deploy.yml
@ -0,0 +1,13 @@
+---
+- include: register.yml
+  when: inventory_hostname in groups['blazar-api']
+
+- include: config.yml
+  when: inventory_hostname in groups['blazar-api'] or
+        inventory_hostname in groups['blazar-manager']
+
+- include: bootstrap.yml
+  when: inventory_hostname in groups['blazar-api']
+
+- name: Flush handlers
+  meta: flush_handlers
--- a/ansible/roles/blazar/tasks/main.yml
+++ b/ansible/roles/blazar/tasks/main.yml
@ -0,0 +1,2 @@
+---
+- include: "{{ action }}.yml"
--- a/ansible/roles/blazar/tasks/precheck.yml
+++ b/ansible/roles/blazar/tasks/precheck.yml
@ -0,0 +1,17 @@
+---
+- name: Get container facts
+  kolla_container_facts:
+    name:
+      - blazar_api
+  register: container_facts
+
+- name: Checking free port for blazar API
+  wait_for:
+    host: "{{ api_interface_address }}"
+    port: "{{ blazar_api_port }}"
+    connect_timeout: 1
+    timeout: 1
+    state: stopped
+  when:
+    - container_facts['blazar_api'] is not defined
+    - inventory_hostname in groups['blazar-api']
--- a/ansible/roles/blazar/tasks/pull.yml
+++ b/ansible/roles/blazar/tasks/pull.yml
@ -0,0 +1,10 @@
+---
+- name: Pulling blazar images
+  kolla_docker:
+    action: "pull_image"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ item.value.image }}"
+  when:
+    - inventory_hostname in groups[item.value.group]
+    - item.value.enabled | bool
+  with_dict: "{{ blazar_services }}"
--- a/ansible/roles/blazar/tasks/reconfigure.yml
+++ b/ansible/roles/blazar/tasks/reconfigure.yml
@ -0,0 +1,2 @@
+---
+- include: deploy.yml
--- a/ansible/roles/blazar/tasks/register.yml
+++ b/ansible/roles/blazar/tasks/register.yml
@ -0,0 +1,36 @@
+---
+- name: Creating the blazar service and endpoint
+  kolla_toolbox:
+    module_name: "kolla_keystone_service"
+    module_args:
+      service_name: "blazar"
+      service_type: "reservation"
+      description: "OpenStack Reservation Service"
+      endpoint_region: "{{ openstack_region_name }}"
+      url: "{{ item.url }}"
+      interface: "{{ item.interface }}"
+      region_name: "{{ openstack_region_name }}"
+      auth: "{{ '{{ openstack_blazar_auth }}' }}"
+      endpoint_type: "{{ openstack_interface }}"
+    module_extra_vars:
+      openstack_blazar_auth: "{{ openstack_blazar_auth }}"
+  run_once: True
+  with_items:
+    - {'interface': 'admin', 'url': '{{ blazar_admin_endpoint }}'}
+    - {'interface': 'internal', 'url': '{{ blazar_internal_endpoint }}'}
+    - {'interface': 'public', 'url': '{{ blazar_public_endpoint }}'}
+
+- name: Creating the blazar project, user, and role
+  kolla_toolbox:
+    module_name: "kolla_keystone_user"
+    module_args:
+      project: "service"
+      user: "{{ blazar_keystone_user }}"
+      password: "{{ blazar_keystone_password }}"
+      role: "admin"
+      region_name: "{{ openstack_region_name }}"
+      auth: "{{ '{{ openstack_blazar_auth }}' }}"
+      endpoint_type: "{{ openstack_interface }}"
+    module_extra_vars:
+      openstack_blazar_auth: "{{ openstack_blazar_auth }}"
+  run_once: True
--- a/ansible/roles/blazar/tasks/upgrade.yml
+++ b/ansible/roles/blazar/tasks/upgrade.yml
@ -0,0 +1,7 @@
+---
+- include: config.yml
+
+- include: bootstrap_service.yml
+
+- name: Flush handlers
+  meta: flush_handlers
--- a/ansible/roles/blazar/templates/blazar-api.json.j2
+++ b/ansible/roles/blazar/templates/blazar-api.json.j2
@ -0,0 +1,25 @@
+{
+    "command": "blazar-api --config-file /etc/blazar/blazar.conf",
+    "config_files": [
+        {
+            "source": "{{ container_config_directory }}/blazar.conf",
+            "dest": "/etc/blazar/blazar.conf",
+            "owner": "blazar",
+            "perm": "0600"
+        },
+        {
+            "source": "{{ container_config_directory }}/policy.json",
+            "dest": "/etc/blazar/policy.json",
+            "owner": "blazar",
+            "perm": "0600",
+            "optional": true
+        }
+    ],
+    "permissions": [
+        {
+            "path": "/var/log/kolla/blazar",
+            "owner": "blazar:blazar",
+            "recurse": true
+        }
+    ]
+}
--- a/ansible/roles/blazar/templates/blazar-manager.json.j2
+++ b/ansible/roles/blazar/templates/blazar-manager.json.j2
@ -0,0 +1,25 @@
+{
+    "command": "blazar-manager --config-file /etc/blazar/blazar.conf",
+    "config_files": [
+        {
+            "source": "{{ container_config_directory }}/blazar.conf",
+            "dest": "/etc/blazar/blazar.conf",
+            "owner": "blazar",
+            "perm": "0600"
+        },
+        {
+            "source": "{{ container_config_directory }}/policy.json",
+            "dest": "/etc/blazar/policy.json",
+            "owner": "blazar",
+            "perm": "0600",
+            "optional": true
+        }
+    ],
+    "permissions": [
+        {
+            "path": "/var/log/kolla/blazar",
+            "owner": "blazar:blazar",
+            "recurse": true
+        }
+    ]
+}
--- a/ansible/roles/blazar/templates/blazar.conf.j2
+++ b/ansible/roles/blazar/templates/blazar.conf.j2
@ -0,0 +1,58 @@
+[DEFAULT]
+debug = {{ blazar_logging_debug }}
+
+log_dir = /var/log/kolla/blazar
+
+transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
+
+host = {{ api_interface_address }}
+port = {{ blazar_api_port }}
+os_auth_host = {{ kolla_internal_fqdn }}
+os_auth_port = {{ keystone_admin_port }}
+os_auth_protocol = {{ admin_protocol }}
+os_auth_version = v3
+os_admin_username = {{ blazar_keystone_user }}
+os_admin_password = {{ blazar_keystone_password }}
+os_admin_project_name = service
+identity_service = identity
+
+[api]
+api_v2_controllers = oshosts,leases
+
+[manager]
+plugins = virtual.instance.plugin,physical.host.plugin
+
+[keystone_authtoken]
+auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}/v3
+auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}/v3
+auth_type = password
+project_domain_id = default
+user_domain_id = default
+project_name = service
+username = {{ blazar_keystone_user }}
+password = {{ blazar_keystone_password }}
+service_token_roles_required = True
+
+memcache_security_strategy = ENCRYPT
+memcache_secret_key = {{ memcache_secret_key }}
+memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
+
+[database]
+connection = mysql+pymysql://{{ blazar_database_user }}:{{ blazar_database_password }}@{{ blazar_database_address }}/{{ blazar_database_name }}
+max_retries = -1
+
+[physical:host]
+on_start = on_start
+on_end = on_end
+aggregate_freepool_name = {{ blazar_aggregate_pool_name }}
+blazar_username = {{ blazar_keystone_user }}
+blazar_password = {{ blazar_keystone_password }}
+blazar_project_name = service
+
+[oslo_messaging_notifications]
+{% if enable_ceilometer | bool %}
+driver = messagingv2
+topics = notifications
+{% else %}
+driver = noop
+{% endif %}
--- a/ansible/roles/common/tasks/config.yml
+++ b/ansible/roles/common/tasks/config.yml
@ -149,6 +149,7 @@
    - { name: "ansible", enabled: "yes" }
    - { name: "aodh", enabled: "{{ enable_aodh }}" }
    - { name: "barbican", enabled: "{{ enable_barbican }}" }
+    - { name: "blazar", enabled: "{{ enable_blazar }}" }
    - { name: "ceilometer", enabled: "{{ enable_ceilometer }}" }
    - { name: "ceph", enabled: "{{ enable_ceph }}" }
    - { name: "chrony", enabled: "{{ enable_chrony }}" }
--- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2
+++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2
@ -32,4 +32,5 @@
    rewriterule29 programname ^(panko-api|panko-dbsync)$ openstack_python
    rewriterule30 programname ^(tacker-server|tacker-conductor)$ openstack_python
    rewriterule31 programname ^(vitrage-collector|vitrage-ml|vitrage-notifier|vitrage-graph)$ openstack_python
+    rewriterule32 programname ^(blazar-api|blazar-manager)$ openstack_python
 </match>
--- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2
+++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2
@ -155,5 +155,10 @@
    key     programname
    pattern ^(vitrage-collector|vitrage-ml|vitrage-notifier|vitrage-graph)$
    tag openstack_python
+</rule>
+  <rule>
+    key     programname
+    pattern ^(blazar-api|blazar-manager)$
+    tag openstack_python
  </rule>
 </match>
--- a/ansible/roles/common/templates/cron-logrotate-blazar.conf.j2
+++ b/ansible/roles/common/templates/cron-logrotate-blazar.conf.j2
@ -0,0 +1,3 @@
+"/var/log/kolla/blazar/*.log"
+{
+}
--- a/ansible/roles/common/templates/cron.json.j2
+++ b/ansible/roles/common/templates/cron.json.j2
@ -3,6 +3,7 @@
    ( 'ansible', 'yes' ),
    ( 'aodh', enable_aodh ),
    ( 'barbican', enable_barbican ),
+    ( 'blazar', enable_blazar ),
    ( 'ceilometer', enable_ceilometer ),
    ( 'ceph', enable_ceph ),
    ( 'chrony', enable_chrony ),
--- a/ansible/roles/haproxy/tasks/precheck.yml
+++ b/ansible/roles/haproxy/tasks/precheck.yml
@ -119,6 +119,18 @@
    - inventory_hostname in groups['haproxy']
    - haproxy_stat.find('barbican_api') == -1

+- name: Checking free port for Blazar API HAProxy
+  wait_for:
+    host: "{{ kolla_internal_vip_address }}"
+    port: "{{ blazar_api_port }}"
+    connect_timeout: 1
+    timeout: 1
+    state: stopped
+  when:
+    - enable_blazar | bool
+    - inventory_hostname in groups['haproxy']
+    - haproxy_stat.find('blazar_api') == -1
+
 - name: Checking free port for Cinder API HAProxy
  wait_for:
    host: "{{ kolla_internal_vip_address }}"
--- a/ansible/roles/haproxy/templates/haproxy.cfg.j2
+++ b/ansible/roles/haproxy/templates/haproxy.cfg.j2
@ -861,6 +861,25 @@ listen vitrage_api_external
 {% endif %}
 {% endif %}

+{% if enable_blazar | bool %}
+listen blazar_api
+  bind {{ kolla_internal_vip_address }}:{{ blazar_api_port }}
+  http-request del-header X-Forwarded-Proto if { ssl_fc }
+{% for host in groups['blazar-api'] %}
+  server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ blazar_api_port }} check inter 2000 rise 2 fall 5
+{% endfor %}
+{% if haproxy_enable_external_vip | bool %}
+
+listen blazar_api_external
+  bind {{ kolla_external_vip_address }}:{{ blazar_api_port }} {{ tls_bind_info }}
+  http-request del-header X-Forwarded-Proto if { ssl_fc }
+  http-request set-header X-Forwarded-Proto https if { ssl_fc }
+{% for host in groups['blazar-api'] %}
+  server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ blazar_api_port }} check inter 2000 rise 2 fall 5
+{% endfor %}
+{% endif %}
+{% endif %}
+
 # (NOTE): This defaults section deletes forwardfor as recommended by:
 #         https://marc.info/?l=haproxy&m=141684110710132&w=1

--- a/ansible/roles/nova/templates/nova.conf.j2
+++ b/ansible/roles/nova/templates/nova.conf.j2
@ -52,6 +52,13 @@ compute_monitors=nova.compute.monitors.cpu.virt_driver

 transport_url = {{ rpc_transport_url }}

+{% if enable_blazar | bool %}
+[filter_scheduler]
+available_filters = nova.scheduler.filters.all_filters
+available_filters = blazarnova.scheduler.filters.blazar_filter.BlazarFilter
+enabled_filters = RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,BlazarFilter
+{% endif %}
+
 [api]
 use_forwarded_for = true

--- a/ansible/site.yml
+++ b/ansible/site.yml
@ -735,3 +735,14 @@
    - { role: vitrage,
        tags: vitrage,
        when: enable_vitrage | bool }
+
+- name: Apply role blazar
+  gather_facts: false
+  hosts:
+    - blazar-api
+    - blazar-manager
+  serial: '{{ serial|default("0") }}'
+  roles:
+    - { role: blazar,
+        tags: blazar,
+        when: enable_blazar | bool }
--- a/etc/kolla/globals.yml
+++ b/etc/kolla/globals.yml
@ -139,6 +139,7 @@ kolla_internal_vip_address: "10.10.10.254"
 # OpenStack services can be enabled or disabled with these options
 #enable_aodh: "no"
 #enable_barbican: "no"
+#enable_blazar: "no"
 #enable_ceilometer: "no"
 #enable_central_logging: "no"
 #enable_ceph: "no"
--- a/etc/kolla/passwords.yml
+++ b/etc/kolla/passwords.yml
@ -56,6 +56,9 @@ barbican_keystone_password:
 barbican_p11_password:
 barbican_crypto_key:

+blazar_database_password:
+blazar_keystone_password:
+
 keystone_admin_password:
 keystone_database_password:

--- a/releasenotes/notes/blazar-ansible-role-15887700e73b00f8.yaml
+++ b/releasenotes/notes/blazar-ansible-role-15887700e73b00f8.yaml
@ -0,0 +1,3 @@
+---
+features:
+  - Blazar services deployment method is implemented