Allow skydive keystone service setup from an alternate host

This patch allows a deployer to override the service setup host
and python interpreter path so that the keystone service setup
can be done on a different host, typically the first utility
container in an openstack-ansible deployment.

Overrides can be provided in an integration inventory and an
example would be:

skydive_service_setup_host: "{{ groups['utility_all'][0] }}"
skydive_service_setup_host_python_interpreter: "/openstack/venvs/utility-{{ openstack_release }}/bin/python"

Change-Id: Id4faf605fd1f0de1262ed48166a8801b7e24a528
This commit is contained in:
Jonathan Rosser 2019-01-20 21:02:54 +00:00 committed by Kevin Carter
parent 506463b241
commit 181edc376f
3 changed files with 128 additions and 101 deletions

View File

@ -13,6 +13,12 @@
# See the License for the specific language governing permissions and
# limitations under the License.
# Set the host which will execute the shade modules
# for the skydive openstack service setup. The host must already have
# clouds.yaml properly configured.
skydive_service_setup_host: "{{ openstack_service_setup_host | default(ansible_play_hosts[0]) }}"
skydive_service_setup_host_python_interpreter: "{{ (openstack_service_setup_host is undefined) | ternary('/opt/skydive/bin/python', ansible_python['executable']) }}"
# Set the analyzer port
skydive_analyzer_port: 8082

View File

@ -68,13 +68,35 @@
tags:
- package_install
- name: Check for openstack deployment
# NOTE(cloudnull): Locate a clouds.yaml file on the service setup host or localhost.
- name: Check for OpenStack deployment
block:
- name: Slurp clouds file
slurp:
src: "{{ skydive_os_cloud_file }}"
register: clouds_file
delegate_to: "{{ skydive_service_setup_host }}"
rescue:
- name: Slurp clouds file (fallback to localhost)
slurp:
src: "{{ skydive_os_cloud_file }}"
register: clouds_file
delegate_to: "localhost"
failed_when: false
when:
- not (skydive_service_setup_host in ['localhost', '127.0.0.1'])
- name: OpenStack integration notice
debug:
msg: >-
No clouds file found, running without OpenStack integration.
when:
- not (clouds_file is success)
# NOTE(cloudnull): If a clouds file is found the facts for the clouds file will be delegated
# to all hosts throughout the skydive deployment.
- name: Run OpenStack ingetration deployment
block:
- name: Enable OpenStack integration
set_fact:
clouds_yaml: "{{ clouds_file['content'] | b64decode | from_yaml }}"
@ -87,12 +109,7 @@
- include_tasks: skydive_keystone.yml
run_once: true
rescue:
- name: Notice
debug:
msg: >-
OpenStack setup is not possible, running in without it.
when:
- not (skydive_openstack_enabled | bool)
when:
- clouds_file is success
- include_tasks: skydive_setup.yml

View File

@ -28,104 +28,108 @@
- default: "skydive_os_auth_url"
cfg: "auth_url"
- name: Create skydive venv
command: "/usr/bin/virtualenv --no-site-packages --no-setuptools /opt/skydive"
args:
creates: /opt/skydive/bin/pip
- name: Create service setup environment when localhost is the service setup host
delegate_to: "{{ skydive_service_setup_host }}"
run_once: yes
when:
- skydive_service_setup_host_python_interpreter == '/opt/skydive/bin/python'
block:
- name: Create skydive venv
command: "/usr/bin/virtualenv --no-site-packages --no-setuptools /opt/skydive"
args:
creates: /opt/skydive/bin/pip
- name: Setup skydive venv
pip:
name:
- pip
- setuptools
extra_args: "-U"
virtualenv: /opt/skydive
- name: Setup skydive venv
pip:
name:
- pip
- setuptools
extra_args: "-U"
virtualenv: /opt/skydive
- name: Ensure the openstacksdk is installed
pip:
name:
- openstacksdk
extra_args: "-U"
virtualenv: /opt/skydive
- name: Ensure the openstacksdk is installed
pip:
name:
- openstacksdk
extra_args: "-U"
virtualenv: /opt/skydive
- name: Capture current ansible python interpreter
set_fact:
old_ansible_python_interpreter: "{{ ansible_python_interpreter | default('/usr/bin/python') }}"
- name: Show ansible interpreter
debug:
var: skydive_service_setup_host_python_interpreter
- name: Set ansible python interpreter to skydive venv
set_fact:
ansible_python_interpreter: "/opt/skydive/bin/python"
- name: Setup the skydive service
delegate_to: "{{ skydive_service_setup_host }}"
run_once: yes
vars:
ansible_python_interpreter: "{{ skydive_service_setup_host_python_interpreter }}"
block:
- name: Add skydive project
os_project:
cloud: "{{ skydive_os_cloud }}"
state: present
name: "{{ skydive_os_project_name }}"
description: "Skydive admin project"
domain_id: "{{ skydive_os_domain_name }}"
verify: "{{ not (skydive_os_service_insecure | bool) }}"
enabled: true
register: keystone_api
until: keystone_api is success
retries: 5
delay: 10
- name: Add skydive project
os_project:
cloud: "{{ skydive_os_cloud }}"
state: present
name: "{{ skydive_os_project_name }}"
description: "Skydive admin project"
domain_id: "{{ skydive_os_domain_name }}"
verify: "{{ not (skydive_os_service_insecure | bool) }}"
enabled: true
register: keystone_api
until: keystone_api is success
retries: 5
delay: 10
- name: Add skydive user
os_user:
cloud: "{{ skydive_os_cloud }}"
state: present
name: "{{ skydive_os_user_name }}"
password: "{{ skydive_password }}"
update_password: on_create
domain: "{{ skydive_os_domain_name }}"
default_project: "{{ skydive_os_project_name }}"
verify: "{{ not (skydive_os_service_insecure | bool) }}"
enabled: true
register: keystone_api
until: keystone_api is success
retries: 5
delay: 10
- name: Add skydive user
os_user:
cloud: "{{ skydive_os_cloud }}"
state: present
name: "{{ skydive_os_user_name }}"
password: "{{ skydive_password }}"
update_password: on_create
domain: "{{ skydive_os_domain_name }}"
default_project: "{{ skydive_os_project_name }}"
verify: "{{ not (skydive_os_service_insecure | bool) }}"
enabled: true
register: keystone_api
until: keystone_api is success
retries: 5
delay: 10
- name: Assign skydive user role
os_user_role:
cloud: "{{ skydive_os_cloud }}"
state: present
user: "{{ skydive_os_user_name }}"
role: "{{ skydive_os_user_role }}"
project: "{{ skydive_os_project_name }}"
verify: "{{ not (skydive_os_service_insecure | bool) }}"
register: keystone_api
until: keystone_api is success
retries: 5
delay: 10
- name: Assign skydive user role
os_user_role:
cloud: "{{ skydive_os_cloud }}"
state: present
user: "{{ skydive_os_user_name }}"
role: "{{ skydive_os_user_role }}"
project: "{{ skydive_os_project_name }}"
verify: "{{ not (skydive_os_service_insecure | bool) }}"
register: keystone_api
until: keystone_api is success
retries: 5
delay: 10
- name: Add skydive service user
os_user:
cloud: "{{ skydive_os_cloud }}"
state: present
name: "{{ skydive_os_service_user }}"
password: "{{ skydive_os_service_password }}"
domain: "{{ skydive_os_domain_name }}"
default_project: "{{ skydive_os_project_name }}"
verify: "{{ not (skydive_os_service_insecure | bool) }}"
register: keystone_api
until: keystone_api is success
retries: 5
delay: 10
- name: Add skydive service user
os_user:
cloud: "{{ skydive_os_cloud }}"
state: present
name: "{{ skydive_os_service_user }}"
password: "{{ skydive_os_service_password }}"
domain: "{{ skydive_os_domain_name }}"
default_project: "{{ skydive_os_project_name }}"
verify: "{{ not (skydive_os_service_insecure | bool) }}"
register: keystone_api
until: keystone_api is success
retries: 5
delay: 10
- name: Assign skydive service user role
os_user_role:
cloud: "{{ skydive_os_cloud }}"
state: present
user: "{{ skydive_os_service_user }}"
role: "{{ skydive_os_service_user_role }}"
project: "{{ skydive_os_project_name }}"
verify: "{{ not (skydive_os_service_insecure | bool) }}"
register: keystone_api
until: keystone_api is success
retries: 5
delay: 10
- name: Reset ansible python
set_fact:
ansible_python_interpreter: "{{ old_ansible_python_interpreter }}"
- name: Assign skydive service user role
os_user_role:
cloud: "{{ skydive_os_cloud }}"
state: present
user: "{{ skydive_os_service_user }}"
role: "{{ skydive_os_service_user_role }}"
project: "{{ skydive_os_project_name }}"
verify: "{{ not (skydive_os_service_insecure | bool) }}"
register: keystone_api
until: keystone_api is success
retries: 5
delay: 10