Add initial placement role

This patch adds the support for the placement service with
a simple functional test which hits the API (which in turn
hits the database and keystone for authorization).

Depends-On: I878e8c479d8963b339b5e1f6031f649c0f87082f
Change-Id: Iaa11a8cc4d945712b62c3b9c2cb6ad168def34eb
This commit is contained in:
Guilherme Steinmüller 2018-11-19 20:00:43 +00:00 committed by Mohammed Naser
parent 565c63a659
commit 32c1eb8488
33 changed files with 1282 additions and 2 deletions

75
.gitignore vendored Normal file
View File

@ -0,0 +1,75 @@
# Compiled source #
###################
*.com
*.class
*.dll
*.exe
*.o
*.so
*.pyc
build/
dist/
doc/build/
# Packages #
############
# it's better to unpack these files and commit the raw source
# git has its own built in compression methods
*.7z
*.dmg
*.gz
*.iso
*.jar
*.rar
*.tar
*.zip
# Logs and databases #
######################
*.log
*.sql
*.sqlite
logs/*
# OS generated files #
######################
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
.idea
.tox
*.sublime*
*.egg-info
Icon?
ehthumbs.db
Thumbs.db
.eggs
# User driven backup files #
############################
*.bak
*.swp
# Generated by pbr while building docs
######################################
AUTHORS
ChangeLog
# Files created by releasenotes build
releasenotes/build
# Test temp files
tests/common
tests/*.retry
# Vagrant artifacts
.vagrant
# Git clones
openstack-ansible-ops
previous
# Editor files
.vscode

127
defaults/main.yml Normal file
View File

@ -0,0 +1,127 @@
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Set installation method
placement_install_method: "source"
# Set the package install state for distribution and pip packages
# Options are 'present' and 'latest'
placement_package_state: "latest"
placement_pip_package_state: "latest"
# Set the host which will execute the shade modules
# for the service setup. The host must already have
# clouds.yaml properly configured.
placement_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}"
placement_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((placement_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_python['executable'])) }}"
placement_git_repo: https://git.openstack.org/openstack/placement
placement_git_install_branch: master
placement_developer_mode: false
placement_developer_constraints:
- "git+{{ placement_git_repo }}@{{ placement_git_install_branch }}#egg=openstack-placement"
# TODO(odyssey4me):
# This can be simplified once all the roles are using
# python_venv_build. We can then switch to using a
# set of constraints in pip.conf inside the venv,
# perhaps prepared by giving a giving a list of
# constraints to the role.
placement_pip_install_args: >-
{{ placement_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }}
{{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''), '') }}
{{ pip_install_options | default('') }}
# Name of the virtual env to deploy into
placement_venv_tag: "{{ venv_tag | default('untagged') }}"
placement_bin: "{{ _placement_bin }}"
## Database info
placement_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}"
placement_galera_address: "{{ galera_address | default('127.0.0.1') }}"
placement_galera_database: placement
placement_galera_user: placement
placement_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
placement_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"
## Placement User / Group
placement_system_user_name: placement
placement_system_group_name: placement
placement_system_comment: placement system user
placement_system_shell: /bin/false
placement_system_user_home: "/var/lib/{{ placement_system_user_name }}"
# API
placement_bind_address: 0.0.0.0
placement_service_port: 8780
# UWSGI
placement_wsgi_processes_max: 16
placement_wsgi_processes: "{{ [[ansible_processor_vcpus|default(1), 1] | max * 2, placement_wsgi_processes_max] | min }}"
placement_wsgi_threads: 1
placement_wsgi_buffer_size: 65535
## Service Type and Data
placement_service_region: RegionOne
placement_service_name: placement
placement_service_proto: http
placement_service_registry_proto: "{{ placement_service_proto }}"
placement_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(placement_service_proto) }}"
placement_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(placement_service_proto) }}"
placement_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(placement_service_proto) }}"
placement_service_type: placement
placement_service_description: "Placement Service"
placement_service_user_name: placement
placement_service_project_name: service
placement_service_project_domain_id: default
placement_service_user_domain_id: default
placement_service_publicurl: "{{ placement_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ placement_service_port }}"
placement_service_internalurl: "{{ placement_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ placement_service_port }}"
placement_service_adminurl: "{{ placement_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ placement_service_port }}"
placement_service_in_ldap: false
placement_auth_strategy: keystone
## Keystone authentication middleware
placement_keystone_auth_type: password
placement_role_name: admin
# Common pip packages
placement_pip_packages:
- openstack-placement
- PyMySQL
- python-memcached
- cryptography
- uwsgi
## Service Name-Group Mapping
placement_services:
placement-api:
group: placement_api
service_name: placement-api
init_config_overrides: "{{ placement_api_init_overrides }}"
start_order: 1
wsgi_overrides: "{{ placement_api_uwsgi_ini_overrides }}"
wsgi_app: True
wsgi_name: placement-api
uwsgi_bind_address: "{{ placement_bind_address }}"
uwsgi_port: "{{ placement_service_port }}"
execstarts: "{{ placement_uwsgi_bin }}/uwsgi --autoload --ini /etc/uwsgi/placement-api.ini"
execreloads: "{{ placement_uwsgi_bin }}/uwsgi --reload /var/run/placement-api/placement-uwsgi.pid"
## Tunable overrides
placement_api_uwsgi_ini_overrides: {}
placement_api_init_overrides: {}
placement_placement_conf_overrides: {}

49
handlers/main.yml Normal file
View File

@ -0,0 +1,49 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Stop services
service:
name: "{{ item.service_name }}"
enabled: yes
state: "stopped"
daemon_reload: yes
with_items: "{{ filtered_placement_services }}"
register: _stop
until: _stop is success
retries: 5
delay: 2
listen:
- "Restart placement services"
- "venv changed"
- name: Start services
service:
name: "{{ item.service_name }}"
enabled: yes
state: "started"
daemon_reload: yes
with_items: "{{ filtered_placement_services }}"
register: _start
until: _start is success
retries: 5
delay: 2
listen:
- "Restart placement services"
- "venv changed"
- meta: noop
listen: Manage LB
when: false

View File

@ -1,5 +1,5 @@
---
# Copyright 2018, Vexxhost, Inc.
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
---
# Copyright 2018, Vexxhost, Inc.
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

94
run_tests.sh Executable file
View File

@ -0,0 +1,94 @@
#!/usr/bin/env bash
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# PURPOSE:
# This script clones the openstack-ansible-tests repository to the
# tests/common folder in order to be able to re-use test components
# for role testing. This is intended to be the thinnest possible
# shim for test execution outside of OpenStack CI.
# WARNING:
# This file is maintained in the openstack-ansible-tests repository.
# https://git.openstack.org/cgit/openstack/openstack-ansible-tests/tree/run_tests.sh
# If you need to modify this file, update the one in the openstack-ansible-tests
# repository and then update this file as well. The purpose of this file is to
# prepare the host and then execute all the tox tests.
#
## Shell Opts ----------------------------------------------------------------
set -xeu
## Vars ----------------------------------------------------------------------
WORKING_DIR="$(readlink -f $(dirname $0))"
OSA_PROJECT_NAME="$(sed -n 's|^project=openstack/\(.*\).git$|\1|p' $(pwd)/.gitreview)"
COMMON_TESTS_PATH="${WORKING_DIR}/tests/common"
TESTING_HOME=${TESTING_HOME:-$HOME}
ZUUL_TESTS_CLONE_LOCATION="/home/zuul/src/git.openstack.org/openstack/openstack-ansible-tests"
# Use .gitreview as the key to determine the appropriate
# branch to clone for tests.
TESTING_BRANCH=$(awk -F'=' '/defaultbranch/ {print $2}' "${WORKING_DIR}/.gitreview")
if [[ "${TESTING_BRANCH}" == "" ]]; then
TESTING_BRANCH="master"
fi
## Main ----------------------------------------------------------------------
# Source distribution information
source /etc/os-release || source /usr/lib/os-release
# Prefer dnf over yum for CentOS.
which dnf &>/dev/null && RHT_PKG_MGR='dnf' || RHT_PKG_MGR='yum'
# Figure out the appropriate package install command
case ${ID,,} in
*suse*) pkg_mgr_cmd="zypper -n in" ;;
centos|rhel|fedora) pkg_mgr_cmd="${RHT_PKG_MGR} install -y" ;;
ubuntu|debian) pkg_mgr_cmd="apt-get install -y" ;;
gentoo) pkg_mgr_cmd="emerge" ;;
*) echo "unsupported distribution: ${ID,,}"; exit 1 ;;
esac
# Install git so that we can clone the tests repo if git is not available
which git &>/dev/null || eval sudo "${pkg_mgr_cmd}" git
# Clone the tests repo for access to the common test script
if [[ ! -d "${COMMON_TESTS_PATH}" ]]; then
# The tests repo doesn't need a clone, we can just
# symlink it.
if [[ "${OSA_PROJECT_NAME}" == "openstack-ansible-tests" ]]; then
ln -s "${WORKING_DIR}" "${COMMON_TESTS_PATH}"
# In zuul v3 any dependent repository is placed into
# /home/zuul/src/git.openstack.org, so we check to see
# if there is a tests checkout there already. If so, we
# symlink that and use it.
elif [[ -d "${ZUUL_TESTS_CLONE_LOCATION}" ]]; then
ln -s "${ZUUL_TESTS_CLONE_LOCATION}" "${COMMON_TESTS_PATH}"
# Otherwise we're clearly not in zuul or using a previously setup
# repo in some way, so just clone it from upstream.
else
git clone -b "${TESTING_BRANCH}" \
https://git.openstack.org/openstack/openstack-ansible-tests \
"${COMMON_TESTS_PATH}"
fi
fi
# Execute the common test script
source tests/common/run_tests_common.sh

66
tasks/main.yml Normal file
View File

@ -0,0 +1,66 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Gather variables for each operating system
include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_distribution | lower }}.yml"
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_version.split('.')[0] }}.yml"
- "{{ ansible_os_family | lower }}.yml"
tags:
- always
- name: Fail if service was deployed using a different installation method
fail:
msg: "Switching installation methods for OpenStack services is not supported"
when:
- ansible_local is defined
- ansible_local.openstack_ansible is defined
- ansible_local.openstack_ansible.placement is defined
- ansible_local.openstack_ansible.placement.install_method is defined
- ansible_local.openstack_ansible.placement.install_method != placement_install_method
- name: Gather variables for installation method
include_vars: "{{ placement_install_method }}_install.yml"
tags:
- always
- include_tasks: placement_pre_install.yml
tags:
- placement-install
- include_tasks: placement_install.yml
tags:
- placement-install
- include_tasks: placement_post_install.yml
tags:
- placement-config
- include_tasks: placement_db_setup.yml
run_once: true
tags:
- placement-config
- include_tasks: placement_service_setup.yml
run_once: true
tags:
- placement-config
- name: Flush handlers
meta: flush_handlers

View File

@ -0,0 +1,46 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create DB for service
mysql_db:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "{{ placement_galera_address }}"
name: "{{ placement_galera_database }}"
state: "present"
delegate_to: "{{ placement_db_setup_host }}"
no_log: True
- name: Grant access to the DB for the service
mysql_user:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "{{ placement_galera_address }}"
name: "{{ placement_galera_user }}"
password: "{{ placement_galera_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ placement_galera_database }}.*:ALL"
delegate_to: "{{ placement_db_setup_host }}"
with_items:
- "localhost"
- "%"
no_log: True
- name: Perform a Placement DB sync
command: "{{ placement_bin }}/placement-manage db sync"
become: yes
become_user: "{{ placement_system_user_name }}"
changed_when: false

View File

@ -0,0 +1,97 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Record the installation method
ini_file:
dest: "/etc/ansible/facts.d/openstack_ansible.fact"
section: "placement"
option: "install_method"
value: "{{ placement_install_method }}"
- name: Refresh local facts to ensure the placement section is present
setup:
filter: ansible_local
gather_subset: "!all"
- name: Install distro packages
package:
name: "{{ placement_package_list }}"
state: "{{ placement_package_state }}"
update_cache: "{{ (ansible_pkg_mgr in ['apt', 'zypper']) | ternary('yes', omit) }}"
cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(cache_timeout, omit) }}"
register: install_packages
until: install_packages is success
retries: 5
delay: 2
- name: Install placement packages from PIP
include_tasks: placement_install_source.yml
when: placement_install_method == 'source'
- name: Record the need for a service restart
ini_file:
dest: "/etc/ansible/facts.d/openstack_ansible.fact"
section: "placement"
option: "need_service_restart"
value: true
when: (install_packages | changed) or
('need_service_restart' not in ansible_local['openstack_ansible']['placement'])
- name: Run the systemd service role
include_role:
name: systemd_service
private: true
vars:
systemd_user_name: "{{ placement_system_user_name }}"
systemd_group_name: "{{ placement_system_group_name }}"
systemd_tempd_prefix: openstack
systemd_slice_name: placement
systemd_lock_path: /var/lock/placement
systemd_CPUAccounting: true
systemd_BlockIOAccounting: true
systemd_MemoryAccounting: true
systemd_TasksAccounting: true
systemd_services:
- service_name: "{{ service_var.service_name }}"
enabled: yes
state: started
execstarts: "{{ service_var.execstarts }}"
execreloads: "{{ service_var.execreloads | default([]) }}"
config_overrides: "{{ service_var.init_config_overrides }}"
with_items: "{{ filtered_placement_services }}"
loop_control:
loop_var: service_var
tags:
- placement-config
- systemd-service
- name: Ensure uWSGI directory exists
file:
path: "/etc/uwsgi/"
state: directory
mode: "0711"
- name: Apply uWSGI configuration
config_template:
src: "placement-uwsgi.ini.j2"
dest: "/etc/uwsgi/{{ item.service_name }}.ini"
mode: "0744"
config_overrides: "{{ item.wsgi_overrides }}"
config_type: ini
with_items: "{{ filtered_placement_services }}"
when: item.wsgi_app | default(False)
notify:
- Manage LB
- Restart placement services

View File

@ -0,0 +1,52 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# TODO(odyssey4me):
# This can be simplified once all the roles are using
# python_venv_build. We can then switch to using a
# set of constraints in pip.conf inside the venv,
# perhaps prepared by giving a giving a list of
# constraints to the role.
- name: Create developer mode constraint file
copy:
dest: "/opt/developer-pip-constraints.txt"
content: |
{% for item in placement_developer_constraints %}
{{ item }}
{% endfor %}
when: placement_developer_mode | bool
- name: Ensure remote wheel building is disabled in developer mode
set_fact:
venv_build_host: "{{ ansible_hostname }}"
when:
- placement_developer_mode | bool
- name: Install the python venv
include_role:
name: "python_venv_build"
private: yes
vars:
venv_install_destination_path: "{{ placement_bin | dirname }}"
venv_install_distro_package_list: "{{ placement_distro_packages }}"
venv_pip_install_args: "{{ placement_pip_install_args }}"
venv_pip_packages: "{{ placement_pip_packages }}"
venv_facts_when_changed:
- section: "placement"
option: "need_service_restart"
value: True
- section: "placement"
option: "venv_tag"
value: "{{ placement_venv_tag }}"

View File

@ -0,0 +1,29 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Copy placement configs
config_template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "root"
group: "{{ item.group|default(placement_system_group_name) }}"
mode: "0640"
config_overrides: "{{ item.config_overrides }}"
config_type: "{{ item.config_type }}"
with_items:
- src: "placement.conf.j2"
dest: "/etc/placement/placement.conf"
config_overrides: "{{ placement_placement_conf_overrides }}"
config_type: "ini"

View File

@ -0,0 +1,50 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: create the system group
group:
name: "{{ placement_system_group_name }}"
gid: "{{ placement_system_group_gid|default(omit) }}"
state: "present"
system: "yes"
- name: Create the placement system user
user:
name: "{{ placement_system_user_name }}"
uid: "{{ placement_system_user_uid|default(omit) }}"
group: "{{ placement_system_group_name }}"
comment: "{{ placement_system_comment }}"
shell: "{{ placement_system_shell }}"
system: "yes"
createhome: "yes"
home: "{{ placement_system_user_home }}"
- name: Create placement dir
file:
path: "{{ item.path }}"
state: directory
owner: "{{ item.owner|default(placement_system_user_name) }}"
group: "{{ item.group|default(placement_system_group_name) }}"
mode: "{{ item.mode|default('0755') }}"
with_items:
- path: "/openstack"
mode: "0755"
owner: "root"
group: "root"
- path: "/etc/placement"
mode: "0700"
- path: "{{ placement_system_user_home }}"
- path: "/var/log/placement"
mode: "0755"

View File

@ -0,0 +1,93 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# We set the python interpreter to the ansible runtime venv if
# the delegation is to localhost so that we get access to the
# appropriate python libraries in that venv. If the delegation
# is to another host, we assume that it is accessible by the
# system python instead.
#
- name: Setup the service
delegate_to: "{{ placement_service_setup_host }}"
vars:
ansible_python_interpreter: "{{ placement_service_setup_host_python_interpreter }}"
block:
- name: Add services to the keystone service catalog
os_keystone_service:
cloud: default
state: present
name: "{{ placement_service_name }}"
service_type: "{{ placement_service_type }}"
description: "{{ placement_service_description }}"
endpoint_type: admin
verify: "{{ not keystone_service_adminuri_insecure }}"
register: add_service
until: add_service is success
retries: 5
delay: 10
- name: Add service user
os_user:
cloud: default
state: present
name: "{{ placement_service_user_name }}"
password: "{{ placement_service_password }}"
domain: default
default_project: "{{ placement_service_project_name }}"
endpoint_type: admin
verify: "{{ not keystone_service_adminuri_insecure }}"
register: add_service
when: not placement_service_in_ldap | bool
until: add_service is success
retries: 5
delay: 10
no_log: True
- name: Add service user to admin role
os_user_role:
cloud: default
state: present
user: "{{ placement_service_user_name }}"
role: "{{ placement_role_name }}"
project: "{{ placement_service_project_name }}"
endpoint_type: admin
verify: "{{ not keystone_service_adminuri_insecure }}"
register: add_service
when: not placement_service_in_ldap | bool
until: add_service is success
retries: 5
delay: 10
- name: Add endpoints to keystone endpoint catalog
os_keystone_endpoint:
cloud: default
state: present
service: "{{ placement_service_name }}"
endpoint_interface: "{{ item.interface }}"
url: "{{ item.url }}"
region: "{{ placement_service_region }}"
endpoint_type: admin
verify: "{{ not keystone_service_adminuri_insecure }}"
register: add_service
until: add_service is success
retries: 5
delay: 10
with_items:
- interface: "public"
url: "{{ placement_service_publicurl }}"
- interface: "internal"
url: "{{ placement_service_internalurl }}"
- interface: "admin"
url: "{{ placement_service_adminurl }}"

View File

@ -0,0 +1,27 @@
# {{ ansible_managed }}
[uwsgi]
uid = {{ placement_system_user_name }}
gid = {{ placement_system_group_name }}
{% if placement_install_method == 'source' %}
virtualenv = /openstack/venvs/placement-{{ placement_venv_tag }}
{% endif %}
wsgi-file = {{ placement_bin }}/{{ item.wsgi_name }}
http = {{ item.uwsgi_bind_address }}:{{ item.uwsgi_port }}
master = true
enable-threads = true
processes = {{ placement_wsgi_processes }}
threads = {{ placement_wsgi_threads }}
exit-on-reload = false
die-on-term = true
lazy-apps = true
add-header = Connection: close
buffer-size = {{ placement_wsgi_buffer_size }}
thunder-lock = true
logfile-chmod = 644
pidfile = /var/run/{{ item.service_name }}/{{ item.service_name }}.pid
# Avoid filling up the logs with health check requests from haproxy.
route-user-agent = ^osa-haproxy-healthcheck$ donotlog:

View File

@ -0,0 +1,22 @@
# {{ ansible_managed }}
[DEFAULT]
log_dir = /var/log/placement
[keystone_authtoken]
auth_type = {{ placement_keystone_auth_type }}
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_url = {{ keystone_service_adminuri }}
www_authenticate_uri = {{ keystone_service_publicuri }}
project_domain_id = {{ placement_service_project_domain_id }}
user_domain_id = {{ placement_service_user_domain_id }}
project_name = {{ placement_service_project_name }}
username = {{ placement_service_user_name }}
password = {{ placement_service_password }}
region_name = {{ keystone_service_region }}
memcached_servers = {{ memcached_servers }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}
[placement_database]
connection = mysql+pymysql://{{ placement_galera_user }}:{{ placement_galera_password }}@{{ placement_galera_address }}/{{ placement_galera_database }}?charset=utf8{% if placement_galera_use_ssl | bool %}&ssl_ca={{ placement_galera_ssl_ca_cert }}{% endif %}

View File

@ -0,0 +1,61 @@
---
- name: apt_package_pinning
src: https://git.openstack.org/openstack/openstack-ansible-apt_package_pinning
scm: git
version: master
- name: pip_install
src: https://git.openstack.org/openstack/openstack-ansible-pip_install
scm: git
version: master
- name: openstack_hosts
src: https://git.openstack.org/openstack/openstack-ansible-openstack_hosts
scm: git
version: master
- name: lxc_hosts
src: https://git.openstack.org/openstack/openstack-ansible-lxc_hosts
scm: git
version: master
- name: lxc_container_create
src: https://git.openstack.org/openstack/openstack-ansible-lxc_container_create
scm: git
version: master
- name: galera_client
src: https://git.openstack.org/openstack/openstack-ansible-galera_client
scm: git
version: master
- name: galera_server
src: https://git.openstack.org/openstack/openstack-ansible-galera_server
scm: git
version: master
- name: memcached_server
src: https://git.openstack.org/openstack/openstack-ansible-memcached_server
scm: git
version: master
- name: rabbitmq_server
src: https://git.openstack.org/openstack/openstack-ansible-rabbitmq_server
scm: git
version: master
- name: os_keystone
src: https://git.openstack.org/openstack/openstack-ansible-os_keystone
scm: git
version: master
- name: openstack_openrc
src: https://git.openstack.org/openstack/openstack-ansible-openstack_openrc
scm: git
version: master
- name: os_tempest
src: https://git.openstack.org/openstack/openstack-ansible-os_tempest
scm: git
version: master
- name: systemd_service
src: https://git.openstack.org/openstack/ansible-role-systemd_service
scm: git
version: master
- name: systemd_mount
src: https://git.openstack.org/openstack/ansible-role-systemd_mount
scm: git
version: master
- name: python_venv_build
src: https://git.openstack.org/openstack/ansible-role-python_venv_build
scm: git
version: master

View File

@ -0,0 +1,35 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
container_networks:
management_address:
address: "{{ ansible_host }}"
bridge: "br-mgmt"
interface: "eth1"
netmask: "255.255.252.0"
type: "veth"
physical_host: localhost
properties:
service_name: "{{ inventory_hostname }}"
# NOTE(cloudnull): The lxc-openstack AA profile for is used to ensure general
# container functionality typical to the integrated build.
lxc2_container_config_list:
- 'lxc.aa_profile=lxc-openstack'
lxc3_container_config_list:
- 'lxc.apparmor.profile=lxc-openstack'
lxc_container_config_list: "{{ lookup('pipe', 'lxc-info --version || echo 2.0.0') is version_compare('3.0.0', 'lt') | ternary(lxc2_container_config_list, lxc3_container_config_list) }}"

View File

@ -0,0 +1,19 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
ansible_host: 10.1.0.2
ansible_become: True
ansible_user: root
container_name: infra1

View File

@ -0,0 +1,18 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
bridges:
- name: "br-mgmt"
ip_addr: "10.1.0.1"

View File

@ -0,0 +1,19 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
ansible_host: 10.1.0.3
ansible_become: True
ansible_user: root
container_name: openstack1

36
tests/inventory Normal file
View File

@ -0,0 +1,36 @@
[all]
localhost
infra1
openstack1
[all_containers]
infra1
openstack1
[oslomsg_rpc_all]
infra1
[oslomsg_notify_all]
infra1
[rabbitmq_all]
infra1
[galera_all]
infra1
[service_all:children]
rabbitmq_all
galera_all
[keystone_all]
openstack1
[utility_all]
openstack1
[placement_all:children]
placement_api
[placement_api]
openstack1

View File

@ -0,0 +1,21 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
placement_galera_password: secret
placement_service_password: secret
placement_developer_mode: true
placement_service_publicurl: "{{ placement_service_proto }}://{{ hostvars[groups['placement_api'][0]]['ansible_host'] }}:{{ placement_service_port }}"
placement_service_internalurl: "{{ placement_service_publicurl }}"
placement_service_adminurl: "{{ placement_service_publicurl }}"

View File

@ -0,0 +1,24 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Install placement
hosts: placement_all
remote_user: root
gather_facts: true
any_errors_fatal: true
vars_files:
- common/test-vars.yml
roles:
- role: "os_placement"

View File

@ -0,0 +1,45 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- hosts: localhost
gather_facts: false
tasks:
- name: Get authentication token
os_auth:
cloud: default
- name: Set facts for placement URL
set_fact:
placement_token: "{{ auth_token }}"
placement_url: "{{ service_catalog | json_query('[?name==`placement`].endpoints | [0][?interface==`public`].url | [0]') }}"
- name: Run simple placement request
register: placement_request
uri:
url: "{{ placement_url }}/resource_providers"
headers:
X-Auth-Token: "{{ placement_token }}"
- name: Log the HTTP request
debug:
var: placement_request
- name: Assert response is valid
assert:
that:
- placement_request.status == 200
- placement_request.json.resource_providers == []
vars:
ansible_python_interpreter: "{{ ansible_playbook_python }}"

29
tests/test.yml Normal file
View File

@ -0,0 +1,29 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Setup the host
- import_playbook: common/test-setup-host.yml
# Install RabbitMQ/MariaDB
- import_playbook: common/test-install-infra.yml
# Install Keystone
- import_playbook: common/test-install-keystone.yml
# Install Placement
- import_playbook: test-install-placement.yml
# Test Placement
- import_playbook: test-placement-functional.yml

11
tox.ini
View File

@ -95,3 +95,14 @@ commands =
{[testenv:bashate]commands}
{[testenv:ansible-lint]commands}
{[testenv:ansible-syntax]commands}
[testenv:functional]
commands =
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
[testenv:distro_install]
setenv =
{[testenv]setenv}
ANSIBLE_PARAMETERS=-e @{toxinidir}/tests/common/test-distro_install-vars.yml
commands =
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"

21
vars/distro_install.yml Normal file
View File

@ -0,0 +1,21 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
placement_package_list: |-
{% set packages = (placement_distro_packages + placement_service_distro_packages) %}
{{ packages }}
_placement_bin: "/usr/bin"
placement_uwsgi_bin: '/usr/sbin'

31
vars/main.yml Normal file
View File

@ -0,0 +1,31 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Compile a list of the services on a host based on whether
# the host is in the host group and the service is enabled.
# The service list is provided in the defined start order.
filtered_placement_services: |-
{% set services = [] %}
{% for key, value in placement_services.items() %}
{% if (value['group'] in group_names) and
(('condition' not in value) or
('condition' in value and value['condition'])) %}
{% set _ = value.update({'service_key': key}) %}
{% set _ = services.append(value) %}
{% endif %}
{% endfor %}
{{ services | sort(attribute='start_order') }}

19
vars/redhat-7.yml Normal file
View File

@ -0,0 +1,19 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
placement_distro_packages: []
placement_service_distro_packages:
- openstack-placement-api

21
vars/source_install.yml Normal file
View File

@ -0,0 +1,21 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
placement_package_list: |-
{% set packages = placement_distro_packages %}
{{ packages }}
_placement_bin: "/openstack/venvs/placement-{{ placement_venv_tag }}/bin"
placement_uwsgi_bin: "{{ _placement_bin }}"

18
vars/suse.yml Normal file
View File

@ -0,0 +1,18 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
placement_distro_packages: []
placement_service_distro_packages: []

23
vars/ubuntu.yml Normal file
View File

@ -0,0 +1,23 @@
---
# Copyright 2019, VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## APT Cache options
cache_timeout: 600
# Common apt packages
placement_distro_packages: []
placement_service_distro_packages: []

View File

@ -15,5 +15,7 @@
- project:
templates:
- check-requirements
- openstack-ansible-role-jobs
- openstack-ansible-role-distro_install-jobs
- publish-openstack-docs-pti
- release-notes-jobs-python3