openstack
/
openstack-ansible-os_tacker
Code Issues Proposed changes

minor updates

This commit is contained in:
root 2016-10-03 09:19:22 +00:00
parent 4da3eabbf5
commit d7002e46e5
11 changed files with 513 additions and 665 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
defaults/main.yml
View File

@ -118,20 +118,6 @@ tacker_pip_packages:
- tacker
#NOTE: these default should be updated approprietly
# tacker-horizon uses this
tackerclient_git_url: https://github.com/openstack/python-tackerclient.git
tacker_git_branch: "stable/liberty"
#tacker_git_dest: "{{ tacker_system_user_home }}/tacker"
# tacker horizon vars
tacker_horizon_venv: "/openstack/venvs/horizon-{{ openstack_release }}"
tacker_horizon_venv_bin: "{{ tacker_horizon_venv }}/bin"
tacker_horizon_enable_path: "{{ tacker_horizon_venv }}/lib/python2.7/site-packages/openstack_dashboard/enabled"
tacker_horizon_git: https://github.com/openstack/tacker-horizon.git
## Service Names
tacker_service_names:
- "tacker-server"
@ -145,6 +131,23 @@ tacker_heat_stack_retry_wait: 5
# heat service paramter for tacker.conf
heat_service_adminurl: "{{ tacker_service_publicuri_proto }}://{{ external_lb_vip_address }}:8004/v1"
#NOTE: these default should be updated approprietly
# tacker-horizon uses this
tackerclient_git_url: https://github.com/openstack/python-tackerclient.git
tacker_git_branch: "stable/liberty"
# tacker horizon vars
tacker_horizon_venv: "/openstack/venvs/horizon-{{ openstack_release }}"
tacker_horizon_venv_bin: "{{ tacker_horizon_venv }}/bin"
tacker_horizon_enable_path: "{{ tacker_horizon_venv }}/lib/python2.7/site-packages/openstack_dashboard/enabled"
tacker_horizon_git: https://github.com/openstack/tacker-horizon.git
tacker_horizon_dashboard_disable: "False"
tacker_horizon_pip_packages:
- python-tackerclient
# This variable is used by the repo_build process to determine
# which host group to check for members of before building the

6
extras/repo_tacker.yml
View File

@ -4,3 +4,9 @@ tacker_git_repo: https://git.openstack.org/openstack/tacker
tacker_git_install_branch: 3f4e899f79903a76ffc2562531012801afb6468e # HEAD of master as of 2016-09-16
tacker_git_dest: "/opt/tacker_{{ tacker_git_install_branch | replace('/', '_') }}"
tacker_git_project_group: tacker_all
## Tacker Horizon
tackerhorizon_git_repo: https://git.openstack.org/openstack/tacker-horizon
tackerhorizon_git_install_branch: 79e99e762f2cef3a4474532135ab8ef19f9a459c # HEAD of master as of 2016-09-20
tackerhorizon_git_dest: "/opt/tackerhorizon_{{ tacker_git_install_branch | replace('/', '_') }}"
tackerhorizon_git_project_group: tacker_all

4
tasks/main.yml
View File

@ -59,10 +59,6 @@
tags:
- tacker-install
#- include: tacker_init_common.yml
#tags:
#- tacker-install
- include: tacker_db_setup.yml
when: >
inventory_hostname == groups['tacker_all'][0]

14
tasks/tacker_horizon.yml
View File

@ -1,5 +1,7 @@
---
# tacker horizon dashboard setup
# temporary tacker horizon dashboard setup
# tacker-horizon install should done by horizon role
# and probably different than this :)
# tacker horizon depends on tacker client
- name: Clone tacker client
@ -45,7 +47,15 @@
tags:
- tacker-horizon-install
#NOTE: not sure if this is the right way to do this
- name: Install tacker-horizon pip packages
pip:
name: "{{ tacker_requires_pip_packages | join(' ') }}"
state: latest
extra_args: "{{ pip_install_options_fact }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
- name: Install tacker horizon into venv
command: "{{ tacker_horizon_venv_bin }}/python setup.py install"

30
templates/etc/tacker/api-paste.ini.j2.liberty
View File

@ -1,30 +0,0 @@
[composite:tacker]
use = egg:Paste#urlmap
/: tackerversions
/v1.0: tackerapi_v1_0
[composite:tackerapi_v1_0]
use = call:tacker.auth:pipeline_factory
noauth = request_id catch_errors extensions tackerapiapp_v1_0
keystone = request_id catch_errors authtoken keystonecontext extensions tackerapiapp_v1_0
[filter:request_id]
paste.filter_factory = oslo.middleware:RequestId.factory
[filter:catch_errors]
paste.filter_factory = oslo.middleware:CatchErrors.factory
[filter:keystonecontext]
paste.filter_factory = tacker.auth:TackerKeystoneContext.factory
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
[filter:extensions]
paste.filter_factory = tacker.api.extensions:extension_middleware_factory
[app:tackerversions]
paste.app_factory = tacker.api.versions:Versions.factory
[app:tackerapiapp_v1_0]
paste.app_factory = tacker.api.v1.router:APIRouter.factory

136
templates/etc/tacker/policy.json.j2.liberty
View File

@ -1,136 +0,0 @@
{
"context_is_admin": "role:admin",
"admin_or_owner": "rule:context_is_admin or tenant_id:%(tenant_id)s",
"admin_or_network_owner": "rule:context_is_admin or tenant_id:%(network:tenant_id)s",
"admin_only": "rule:context_is_admin",
"regular_user": "",
"shared": "field:networks:shared=True",
"shared_firewalls": "field:firewalls:shared=True",
"external": "field:networks:router:external=True",
"default": "rule:admin_or_owner",
"subnets:private:read": "rule:admin_or_owner",
"subnets:private:write": "rule:admin_or_owner",
"subnets:shared:read": "rule:regular_user",
"subnets:shared:write": "rule:admin_only",
"create_subnet": "rule:admin_or_network_owner",
"get_subnet": "rule:admin_or_owner or rule:shared",
"update_subnet": "rule:admin_or_network_owner",
"delete_subnet": "rule:admin_or_network_owner",
"create_network": "",
"get_network": "rule:admin_or_owner or rule:shared or rule:external",
"get_network:router:external": "rule:regular_user",
"get_network:segments": "rule:admin_only",
"get_network:provider:network_type": "rule:admin_only",
"get_network:provider:physical_network": "rule:admin_only",
"get_network:provider:segmentation_id": "rule:admin_only",
"get_network:queue_id": "rule:admin_only",
"create_network:shared": "rule:admin_only",
"create_network:router:external": "rule:admin_only",
"create_network:segments": "rule:admin_only",
"create_network:provider:network_type": "rule:admin_only",
"create_network:provider:physical_network": "rule:admin_only",
"create_network:provider:segmentation_id": "rule:admin_only",
"update_network": "rule:admin_or_owner",
"update_network:segments": "rule:admin_only",
"update_network:shared": "rule:admin_only",
"update_network:provider:network_type": "rule:admin_only",
"update_network:provider:physical_network": "rule:admin_only",
"update_network:provider:segmentation_id": "rule:admin_only",
"delete_network": "rule:admin_or_owner",
"create_port": "",
"create_port:mac_address": "rule:admin_or_network_owner",
"create_port:fixed_ips": "rule:admin_or_network_owner",
"create_port:port_security_enabled": "rule:admin_or_network_owner",
"create_port:binding:host_id": "rule:admin_only",
"create_port:binding:profile": "rule:admin_only",
"create_port:mac_learning_enabled": "rule:admin_or_network_owner",
"get_port": "rule:admin_or_owner",
"get_port:queue_id": "rule:admin_only",
"get_port:binding:vif_type": "rule:admin_only",
"get_port:binding:vif_details": "rule:admin_only",
"get_port:binding:host_id": "rule:admin_only",
"get_port:binding:profile": "rule:admin_only",
"update_port": "rule:admin_or_owner",
"update_port:fixed_ips": "rule:admin_or_network_owner",
"update_port:port_security_enabled": "rule:admin_or_network_owner",
"update_port:binding:host_id": "rule:admin_only",
"update_port:binding:profile": "rule:admin_only",
"update_port:mac_learning_enabled": "rule:admin_or_network_owner",
"delete_port": "rule:admin_or_owner",
"create_router:external_gateway_info:enable_snat": "rule:admin_only",
"update_router:external_gateway_info:enable_snat": "rule:admin_only",
"create_firewall": "",
"get_firewall": "rule:admin_or_owner",
"create_firewall:shared": "rule:admin_only",
"get_firewall:shared": "rule:admin_only",
"update_firewall": "rule:admin_or_owner",
"update_firewall:shared": "rule:admin_only",
"delete_firewall": "rule:admin_or_owner",
"create_firewall_policy": "",
"get_firewall_policy": "rule:admin_or_owner or rule:shared_firewalls",
"create_firewall_policy:shared": "rule:admin_or_owner",
"update_firewall_policy": "rule:admin_or_owner",
"delete_firewall_policy": "rule:admin_or_owner",
"create_firewall_rule": "",
"get_firewall_rule": "rule:admin_or_owner or rule:shared_firewalls",
"update_firewall_rule": "rule:admin_or_owner",
"delete_firewall_rule": "rule:admin_or_owner",
"create_qos_queue": "rule:admin_only",
"get_qos_queue": "rule:admin_only",
"update_agent": "rule:admin_only",
"delete_agent": "rule:admin_only",
"get_agent": "rule:admin_only",
"create_dhcp-network": "rule:admin_only",
"delete_dhcp-network": "rule:admin_only",
"get_dhcp-networks": "rule:admin_only",
"create_l3-router": "rule:admin_only",
"delete_l3-router": "rule:admin_only",
"get_l3-routers": "rule:admin_only",
"get_dhcp-agents": "rule:admin_only",
"get_l3-agents": "rule:admin_only",
"get_loadbalancer-agent": "rule:admin_only",
"get_loadbalancer-pools": "rule:admin_only",
"create_router": "rule:regular_user",
"get_router": "rule:admin_or_owner",
"update_router:add_router_interface": "rule:admin_or_owner",
"update_router:remove_router_interface": "rule:admin_or_owner",
"delete_router": "rule:admin_or_owner",
"create_floatingip": "rule:regular_user",
"update_floatingip": "rule:admin_or_owner",
"delete_floatingip": "rule:admin_or_owner",
"get_floatingip": "rule:admin_or_owner",
"create_network_profile": "rule:admin_only",
"update_network_profile": "rule:admin_only",
"delete_network_profile": "rule:admin_only",
"get_network_profiles": "",
"get_network_profile": "",
"update_policy_profiles": "rule:admin_only",
"get_policy_profiles": "",
"get_policy_profile": "",
"create_metering_label": "rule:admin_only",
"delete_metering_label": "rule:admin_only",
"get_metering_label": "rule:admin_only",
"create_metering_label_rule": "rule:admin_only",
"delete_metering_label_rule": "rule:admin_only",
"get_metering_label_rule": "rule:admin_only",
"get_service_provider": "rule:regular_user",
"get_lsn": "rule:admin_only",
"create_lsn": "rule:admin_only"
}

34
templates/etc/tacker/rootwrap.conf.j2.liberty
View File

@ -1,34 +0,0 @@
# Configuration for tacker-rootwrap
# This file should be owned by (and only-writeable by) the root user
[DEFAULT]
# List of directories to load filter definitions from (separated by ',').
# These directories MUST all be only writeable by root !
filters_path=/etc/tacker/rootwrap.d,/usr/share/tacker/rootwrap
# List of directories to search executables in, in case filters do not
# explicitely specify a full path (separated by ',')
# If not specified, defaults to system PATH environment variable.
# These directories MUST all be only writeable by root !
exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin
# Enable logging to syslog
# Default value is False
use_syslog=False
# Which syslog facility to use.
# Valid values include auth, authpriv, syslog, local0, local1...
# Default value is 'syslog'
syslog_log_facility=syslog
# Which messages to log.
# INFO means log all usage
# ERROR means only log unsuccessful attempts
syslog_log_level=ERROR
[xenapi]
# XenAPI configuration is only required by the L2 agent if it is to
# target a XenServer/XCP compute host's dom0.
xenapi_connection_url=<None>
xenapi_connection_username=root
xenapi_connection_password=<None>

445
templates/etc/tacker/tacker.conf.j2.liberty
View File

@ -1,445 +0,0 @@
# {{ ansible_managed }}
[DEFAULT]
verbose = {{ verbose }}
debug = {{ debug }}
# Where to store Tacker state files. This directory must be writable by the
# user executing the agent.
state_path = {{ tacker_system_user_home }}
# Where to store lock files
lock_path = $state_path/lock
policy_file = {{ tacker_etc_dir }}/policy.json
# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s
# log_date_format = %Y-%m-%d %H:%M:%S
# use_syslog -> syslog
# log_file and log_dir -> log_dir/log_file
# (not log_file) and log_dir -> log_dir/{binary_name}.log
# use_stderr -> stderr
# (not user_stderr) and (not log_file) -> stdout
# publish_errors -> notification system
use_syslog = False
# syslog_log_facility = LOG_USER
# use_stderr = True
# log_file =
# log_dir =
# publish_errors = False
# Address to bind the API server to
bind_host = {{ tacker_bind_address }}
# Port the bind the API server to
bind_port = {{ tacker_service_port }}
# Path to the extensions. Note that this can be a colon-separated list of
# paths. For example:
# api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions
# The __path__ of tacker.extensions is appended to this, so if your
# extensions are in there you don't need to specify them here
# api_extensions_path =
# (StrOpt) Tacker core plugin entrypoint to be loaded from the
# tacker.core_plugins namespace. See setup.cfg for the entrypoint names of the
# plugins included in the tacker source distribution. For compatibility with
# previous versions, the class name of a plugin can be specified instead of its
# entrypoint name.
#
# core_plugin =
# Example: core_plugin = ml2
# (ListOpt) List of service plugin entrypoints to be loaded from the
# tacker.service_plugins namespace. See setup.cfg for the entrypoint names of
# the plugins included in the tacker source distribution. For compatibility
# with previous versions, the class name of a plugin can be specified instead
# of its entrypoint name.
#
# service_plugins =
# Example: service_plugins = router,firewall,lbaas,vpnaas,metering
service_plugins = tacker.vm.plugin.VNFMPlugin
# Paste configuration file
# api_paste_config = api-paste.ini
# The strategy to be used for auth.
# Supported values are 'keystone'(default), 'noauth'.
auth_strategy = keystone
# Allow sending resource operation notification to DHCP agent
# dhcp_agent_notification = True
# Enable or disable bulk create/update/delete operations
# allow_bulk = True
# Enable or disable pagination
# allow_pagination = False
# Enable or disable sorting
# allow_sorting = False
# Enable or disable overlapping IPs for subnets
# Attention: the following parameter MUST be set to False if Tacker is
# being used in conjunction with nova security groups
# allow_overlapping_ips = False
# Ensure that configured gateway is on subnet
# force_gateway_on_subnet = False
# RPC configuration options. Defined in rpc __init__
# The messaging module to use, defaults to kombu.
# rpc_backend = tacker.openstack.common.rpc.impl_kombu
# Size of RPC thread pool
# rpc_thread_pool_size = 64
# Size of RPC connection pool
# rpc_conn_pool_size = 30
# Seconds to wait for a response from call or multicall
# rpc_response_timeout = 60
# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.
# rpc_cast_timeout = 30
# Modules of exceptions that are permitted to be recreated
# upon receiving exception data from an rpc call.
# allowed_rpc_exception_modules = tacker.openstack.common.exception, nova.exception
# AMQP exchange to connect to if using RabbitMQ or QPID
# control_exchange = tacker
# If passed, use a fake RabbitMQ provider
# fake_rabbit = False
# Configuration options if sending notifications via kombu rpc (these are
# the defaults)
# SSL version to use (valid only if SSL enabled)
# kombu_ssl_version =
# SSL key file (valid only if SSL enabled)
# kombu_ssl_keyfile =
# SSL cert file (valid only if SSL enabled)
# kombu_ssl_certfile =
# SSL certification authority file (valid only if SSL enabled)
# kombu_ssl_ca_certs =
# IP address of the RabbitMQ installation
# rabbit_host = localhost
# Password of the RabbitMQ server
# rabbit_password = guest
# Port where RabbitMQ server is running/listening
# rabbit_port = 5672
# RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672)
# rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port'
# rabbit_hosts = localhost:5672
# User ID used for RabbitMQ connections
# rabbit_userid = guest
# Location of a virtual RabbitMQ installation.
# rabbit_virtual_host = /
# Maximum retries with trying to connect to RabbitMQ
# (the default of 0 implies an infinite retry count)
# rabbit_max_retries = 0
# RabbitMQ connection retry interval
# rabbit_retry_interval = 1
# Use HA queues in RabbitMQ (x-ha-policy: all). You need to
# wipe RabbitMQ database when changing this option. (boolean value)
# rabbit_ha_queues = false
# QPID
# rpc_backend=tacker.openstack.common.rpc.impl_qpid
# Qpid broker hostname
# qpid_hostname = localhost
# Qpid broker port
# qpid_port = 5672
# Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672)
# qpid_hosts is defaulted to '$qpid_hostname:$qpid_port'
# qpid_hosts = localhost:5672
# Username for qpid connection
# qpid_username = ''
# Password for qpid connection
# qpid_password = ''
# Space separated list of SASL mechanisms to use for auth
# qpid_sasl_mechanisms = ''
# Seconds between connection keepalive heartbeats
# qpid_heartbeat = 60
# Transport to use, either 'tcp' or 'ssl'
# qpid_protocol = tcp
# Disable Nagle algorithm
# qpid_tcp_nodelay = True
# ZMQ
# rpc_backend=tacker.openstack.common.rpc.impl_zmq
# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP.
# The "host" option should point or resolve to this address.
# rpc_zmq_bind_address = *
# ============ Notification System Options =====================
# Notifications can be sent when network/subnet/port are created, updated or deleted.
# There are three methods of sending notifications: logging (via the
# log_file directive), rpc (via a message queue) and
# noop (no notifications sent, the default)
# Notification_driver can be defined multiple times
# Do nothing driver
# notification_driver = tacker.openstack.common.notifier.no_op_notifier
# Logging driver
# notification_driver = tacker.openstack.common.notifier.log_notifier
# RPC driver.
notification_driver = tacker.openstack.common.notifier.rpc_notifier
# default_notification_level is used to form actual topic name(s) or to set logging level
# default_notification_level = INFO
# default_publisher_id is a part of the notification payload
# host = myhost.com
# default_publisher_id = $host
# Defined in rpc_notifier, can be comma separated values.
# The actual topic names will be %s.%(default_notification_level)s
# notification_topics = notifications
# Default maximum number of items returned in a single response,
# value == infinite and value < 0 means no max limit, and value must
# be greater than 0. If the number of items requested is greater than
# pagination_max_limit, server will just return pagination_max_limit
# of number of items.
# pagination_max_limit = -1
# Maximum number of DNS nameservers per subnet
# max_dns_nameservers = 5
# Maximum number of host routes per subnet
# max_subnet_host_routes = 20
# Maximum number of fixed ips per port
# max_fixed_ips_per_port = 5
# =========== items for agent management extension =============
# Seconds to regard the agent as down; should be at least twice
# report_interval, to be sure the agent is down for good
# agent_down_time = 75
# =========== end of items for agent management extension =====
# Allow auto scheduling networks to DHCP agent. It will schedule non-hosted
# networks to first DHCP agent which sends get_active_networks message to
# tacker server
# network_auto_schedule = True
# Allow auto scheduling routers to L3 agent. It will schedule non-hosted
# routers to first L3 agent which sends sync_routers message to tacker server
# router_auto_schedule = True
# Number of DHCP agents scheduled to host a network. This enables redundant
# DHCP agents for configured networks.
# dhcp_agents_per_network = 1
# =========== end of items for agent scheduler extension =====
# =========== WSGI parameters related to the API server ==============
# Number of separate worker processes to spawn. The default, 0, runs the
# worker thread in the current process. Greater than 0 launches that number of
# child processes as workers. The parent process manages them.
# api_workers = 0
# Number of separate RPC worker processes to spawn. The default, 0, runs the
# worker thread in the current process. Greater than 0 launches that number of
# child processes as RPC workers. The parent process manages them.
# This feature is experimental until issues are addressed and testing has been
# enabled for various plugins for compatibility.
# rpc_workers = 0
# Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when
# starting API server. Not supported on OS X.
# tcp_keepidle = 600
# Number of seconds to keep retrying to listen
# retry_until_window = 30
# Number of backlog requests to configure the socket with.
# backlog = 4096
# Max header line to accommodate large tokens
# max_header_line = 16384
# Enable SSL on the API server
# use_ssl = False
# Certificate file to use when starting API server securely
# ssl_cert_file = /path/to/certfile
# Private key file to use when starting API server securely
# ssl_key_file = /path/to/keyfile
# CA certificate file to use when starting API server securely to
# verify connecting clients. This is an optional parameter only required if
# API clients need to authenticate to the API server using SSL certificates
# signed by a trusted CA
# ssl_ca_file = /path/to/cafile
# ======== end of WSGI parameters related to the API server ==========
# ======== tacker nova interactions ==========
# Send notification to nova when port status is active.
# notify_nova_on_port_status_changes = True
# Send notifications to nova when port data (fixed_ips/floatingips) change
# so nova can update it's cache.
# notify_nova_on_port_data_changes = True
# URL for connection to nova (Only supports one nova region currently).
# nova_url = http://127.0.0.1:8774/v2
# Name of nova region to use. Useful if keystone manages more than one region
# nova_region_name =
# Username for connection to nova in admin context
# nova_admin_username =
# The uuid of the admin nova tenant
# nova_admin_tenant_id =
# Password for connection to nova in admin context.
# nova_admin_password =
# Authorization URL for connection to nova in admin context.
# nova_admin_auth_url =
# CA file for novaclient to verify server certificates
# nova_ca_certificates_file =
# Boolean to control ignoring SSL errors on the nova url
# nova_api_insecure = False
# Number of seconds between sending events to nova if there are any events to send
# send_events_interval = 2
# ======== end of tacker nova interactions ==========
[agent]
# Use "sudo tacker-rootwrap /etc/tacker/rootwrap.conf" to use the real
# root filter facility.
# Change to "sudo" to skip the filtering and just run the comand directly
# root_helper = sudo
root_helper = sudo {{ tacker_bin }}/tacker-rootwrap {{ tacker_etc_dir }}/rootwrap.conf
# =========== items for agent management extension =============
# seconds between nodes reporting state to server; should be less than
# agent_down_time, best if it is half or less than agent_down_time
# report_interval = 30
# =========== end of items for agent management extension =====
[keystone_authtoken]
signing_dir = /var/cache/tacker
# cafile = /opt/stack/data/ca-bundle.pem
project_domain_id = {{ tacker_service_project_domain_id }}
project_name = {{ tacker_service_project_name }}
user_domain_id = {{ tacker_service_user_domain_id }}
password = {{ tacker_service_password }}
username = {{ tacker_service_user_name }}
auth_url = {{ keystone_service_adminuri }}
auth_uri = {{ keystone_service_internaluri }}
auth_plugin = {{ tacker_keystone_auth_plugin }}
# identity_uri = {{ keystone_service_internaluri }}
[database]
# This line MUST be changed to actually run the plugin.
# Example:
# connection = mysql://root:pass@127.0.0.1:3306/tacker
# Replace 127.0.0.1 above with the IP address of the database used by the
# main tacker server. (Leave it as is if the database runs on this host.)
# connection = sqlite://
# NOTE: In deployment the [database] section and its connection attribute may
# be set in the corresponding core plugin '.ini' file. However, it is suggested
# to put the [database] section and its connection attribute in this
# configuration file.
connection = mysql+pymysql://{{ tacker_galera_user }}:{{ tacker_container_mysql_password }}@{{ tacker_galera_address }}/{{ tacker_galera_database }}?charset=utf8
# Database engine for which script will be generated when using offline
# migration
# engine =
# The SQLAlchemy connection string used to connect to the slave database
# slave_connection =
# Database reconnection retry times - in event connectivity is lost
# set to -1 implies an infinite retry count
# max_retries = 10
# Database reconnection interval in seconds - if the initial connection to the
# database fails
# retry_interval = 10
# Minimum number of SQL connections to keep open in a pool
# min_pool_size = 1
# Maximum number of SQL connections to keep open in a pool
# max_pool_size = 10
# Timeout in seconds before idle sql connections are reaped
# idle_timeout = 3600
# If set, use this value for max_overflow with sqlalchemy
# max_overflow = 20
# Verbosity of SQL debugging information. 0=None, 100=Everything
# connection_debug = 0
# Add python stack traces to SQL as comment strings
# connection_trace = False
# If set, use this value for pool_timeout with sqlalchemy
# pool_timeout = 10
[servicevm]
# Specify drivers for hosting device
# exmpale: infra_driver = noop
# exmpale: infra_driver = nova
# exmpale: infra_driver = heat
infra_driver = heat
# Specify drivers for mgmt
mgmt_driver = noop
mgmt_driver = openwrt
{% if install_tacker_mgmt_driver_extras %}
mgmt_driver = bsc
mgmt_driver = vyatta
{% endif %}
# Specify drivers for monitoring
monitor_driver = ping
monitor_driver = http_ping
[servicevm_nova]
# parameters for novaclient to talk to nova
region_name = {{ service_region }}
project_domain_id = {{ nova_service_project_domain_id }}
project_name = {{ nova_service_project_name }}
user_domain_id = {{ nova_service_user_domain_id }}
password = {{ nova_service_password }}
username = {{ nova_service_user_name }}
auth_url = {{ keystone_service_adminuri }}
auth_plugin = {{ nova_keystone_auth_plugin }}
[servicevm_heat]
heat_uri = {{ heat_service_adminurl }}
# heat_uri = http://localhost:8004/v1
stack_retries = {{ tacker_heat_stack_retires }}
stack_retry_wait = {{ tacker_heat_stack_retry_wait }}
[servicevm_agent]
# VM agent requires that an interface driver be set. Choose the one that best
# matches your plugin.
# interface_driver =
# Example of interface_driver option for OVS based plugins (OVS, Ryu, NEC)
# that supports L3 agent
# interface_driver = tacker.agent.linux.interface.OVSInterfaceDriver
# Use veth for an OVS interface or not.
# Support kernels with limited namespace support
# (e.g. RHEL 6.5) so long as ovs_use_veth is set to True.
# ovs_use_veth = False
# Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and
# iproute2 package that supports namespaces).
# use_namespaces = True

318
templates/etc/tacker/tacker.conf.sample Normal file
View File

@ -0,0 +1,318 @@
[DEFAULT]
#
# From tacker.common.config
#
# The host IP to bind to (string value)
#bind_host = 0.0.0.0
# The port to bind to (integer value)
#bind_port = 9890
# The API paste config file to use (string value)
#api_paste_config = api-paste.ini
# The path for API extensions (string value)
#api_extensions_path =
# The service plugins Tacker will use (list value)
#service_plugins = nfvo,vnfm
# The policy file to use (string value)
#policy_file = policy.json
# The type of authentication to use (string value)
#auth_strategy = keystone
# Allow the usage of the bulk API (boolean value)
#allow_bulk = true
# Allow the usage of the pagination (boolean value)
#allow_pagination = false
# Allow the usage of the sorting (boolean value)
#allow_sorting = false
# The maximum number of items returned in a single response, value was
# 'infinite' or negative integer means no limit (string value)
#pagination_max_limit = -1
# The hostname Tacker is running on (string value)
#host = aio1-tacker-container-c4f3e5cd
# URL for connection to nova (string value)
#nova_url = http://127.0.0.1:8774/v2
# Username for connecting to nova in admin context (string value)
#nova_admin_username = <None>
# Password for connection to nova in admin context (string value)
#nova_admin_password = <None>
# The uuid of the admin nova tenant (string value)
#nova_admin_tenant_id = <None>
# Authorization URL for connecting to nova in admin context (string value)
#nova_admin_auth_url = http://localhost:5000/v2.0
# CA file for novaclient to verify server certificates (string value)
#nova_ca_certificates_file = <None>
# If True, ignore any SSL validation issues (boolean value)
#nova_api_insecure = false
# Name of nova region to use. Useful if keystone manages more than one region.
# (string value)
#nova_region_name = <None>
# Where to store Tacker state files. This directory must be writable by the
# agent. (string value)
#state_path = /var/lib/tacker
#
# From tacker.service
#
# Seconds between running periodic tasks (integer value)
#periodic_interval = 40
# Number of separate worker processes for service (integer value)
#api_workers = 0
# Range of seconds to randomly delay when starting the periodic task scheduler
# to reduce stampeding. (Disable by setting to 0) (integer value)
#periodic_fuzzy_delay = 5
#
# From tacker.wsgi
#
# Number of backlog requests to configure the socket with (integer value)
#backlog = 4096
# Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not
# supported on OS X. (integer value)
#tcp_keepidle = 600
# Number of seconds to keep retrying to listen (integer value)
#retry_until_window = 30
# Max header line to accommodate large tokens (integer value)
#max_header_line = 16384
# Enable SSL on the API server (boolean value)
#use_ssl = false
# CA certificate file to use to verify connecting clients (string value)
#ssl_ca_file = <None>
# Certificate file to use when starting the server securely (string value)
#ssl_cert_file = <None>
# Private key file to use when starting the server securely (string value)
#ssl_key_file = <None>
[alarm_auth]
#
# From tacker.alarm_receiver
#
# User name for alarm monitoring (string value)
#username = tacker
# password for alarm monitoring (string value)
#password = nomoresecret
# project name for alarm monitoring (string value)
#project_name = service
# url for alarm monitoring (string value)
#url = http://localhost:35357/v3
[ceilometer]
#
# From tacker.vnfm.monitor_drivers.ceilometer.ceilometer
#
# Address which drivers use to trigger (string value)
#host = aio1-tacker-container-c4f3e5cd
# port number which drivers use to trigger (port value)
# Minimum value: 0
# Maximum value: 65535
#port = 9890
[monitor]
#
# From tacker.vnfm.monitor
#
# check interval for monitor (integer value)
#check_intvl = 10
[monitor_http_ping]
#
# From tacker.vnfm.monitor_drivers.http_ping.http_ping
#
# number of times to retry (integer value)
#retry = 5
# number of seconds to wait for a response (integer value)
#timeout = 1
# HTTP port number to send request (integer value)
#port = 80
[monitor_ping]
#
# From tacker.vnfm.monitor_drivers.ping.ping
#
# number of ICMP packets to send (string value)
#count = 1
# number of seconds to wait for a response (string value)
#timeout = 1
# number of seconds to wait between packets (string value)
#interval = 1
[nfvo]
#
# From tacker.nfvo.nfvo_plugin
#
# VIM driver for launching VNFs (list value)
#vim_drivers = openstack
# Interval to check for VIM health (integer value)
#monitor_interval = 30
[nfvo_vim]
#
# From tacker.vnfm.vim_client
#
# DEPRECATED: Default VIM for launching VNFs. This option is deprecated and
# will be removed in Ocata release. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#default_vim = <None>
[openstack_vim]
#
# From tacker.vnfm.infra_drivers.openstack.openstack
#
# Number of attempts to retry for stack creation/deletion (integer value)
#stack_retries = 60
# Wait time (in seconds) between consecutive stack create/delete retries
# (integer value)
#stack_retry_wait = 5
# Flavor Extra Specs (dict value)
#flavor_extra_specs =
[openwrt]
#
# From tacker.vnfm.mgmt_drivers.openwrt.openwrt
#
# user name to login openwrt (string value)
#user = root
# password to login openwrt (string value)
#password =
[tacker]
#
# From tacker.vnfm.monitor
#
# Monitor driver to communicate with Hosting VNF/logical service instance
# tacker plugin will use (list value)
#monitor_driver = ping,http_ping
# Alarm monitoring driver to communicate with Hosting VNF/logical service
# instance tacker plugin will use (list value)
#alarm_monitor_driver = ceilometer
#
# From tacker.vnfm.plugin
#
# MGMT driver to communicate with Hosting VNF/logical service instance tacker
# plugin will use (list value)
#mgmt_driver = noop,openwrt
# Time interval to wait for VM to boot (integer value)
#boot_wait = 30
# Hosting vnf drivers tacker plugin will use (list value)
#infra_driver = nova,heat,noop,openstack
[tacker_heat]
#
# From tacker.vnfm.infra_drivers.heat.heat
#
# Number of attempts to retry for stack creation/deletion (integer value)
#stack_retries = 60
# Wait time (in seconds) between consecutive stack create/delete retries
# (integer value)
#stack_retry_wait = 5
# Flavor Extra Specs (dict value)
#flavor_extra_specs =
[vim_keys]
#
# From tacker.nfvo.drivers.vim.openstack_driver
#
# Dir.path to store fernet keys. (string value)
#openstack = /etc/tacker/vim/fernet_keys
[vim_monitor]
#
# From tacker.nfvo.drivers.vim.openstack_driver
#
# number of ICMP packets to send (string value)
#count = 1
# number of seconds to wait for a response (string value)
#timeout = 1
# number of seconds to wait between packets (string value)
#interval = 1

7
templates/tacker_horizon_dashboard_extension.py Normal file
View File

@ -0,0 +1,7 @@
DASHBOARD = 'nfv'
DISABLED = {{ tacker_horizon_dashboard_disable }}
ADD_INSTALLED_APPS = [
'tacker_horizon',
'tacker_horizon.openstack_dashboard.dashboards.nfv',
]

153
tox.ini Normal file
View File

@ -0,0 +1,153 @@
[tox]
minversion = 2.0
skipsdist = True
envlist = docs,linters,functional
[testenv]
usedevelop = True
install_command =
pip install -c{env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt} {opts} {packages}
deps =
-r{toxinidir}/test-requirements.txt
commands =
/usr/bin/find . -type f -name "*.pyc" -delete
passenv =
HOME
http_proxy
HTTP_PROXY
https_proxy
HTTPS_PROXY
no_proxy
NO_PROXY
whitelist_externals =
bash
setenv =
PYTHONUNBUFFERED=1
ROLE_NAME=os_tacker
VIRTUAL_ENV={envdir}
WORKING_DIR={toxinidir}
[testenv:docs]
commands=
bash -c "rm -rf doc/build"
doc8 doc
python setup.py build_sphinx
[doc8]
# Settings for doc8:
extensions = .rst
[testenv:releasenotes]
commands =
sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
# environment used by the -infra templated docs job
[testenv:venv]
commands =
{posargs}
[testenv:tests_clone]
commands =
bash -c "if [ ! -d "{toxinidir}/tests/common" ]; then \
git clone https://git.openstack.org/openstack/openstack-ansible-tests {toxinidir}/tests/common; \
fi"
[testenv:pep8]
commands =
{[testenv:tests_clone]commands}
bash -c "{toxinidir}/tests/common/test-pep8.sh"
[flake8]
# Ignores the following rules due to how ansible modules work in general
# F403 'from ansible.module_utils.basic import *' used;
# unable to detect undefined names
# H303 No wildcard (*) import.
ignore=F403,H303
[testenv:bashate]
commands =
{[testenv:tests_clone]commands}
bash -c "{toxinidir}/tests/common/test-bashate.sh"
[testenv:ansible]
deps =
{[testenv]deps}
-rhttp://git.openstack.org/cgit/openstack/openstack-ansible-tests/plain/test-ansible-deps.txt
commands =
{[testenv:tests_clone]commands}
bash -c "{toxinidir}/tests/common/test-ansible-env-prep.sh"
[testenv:ansible-syntax]
deps =
{[testenv:ansible]deps}
commands =
{[testenv:ansible]commands}
ansible-playbook -i {toxinidir}/tests/inventory \
--syntax-check \
--list-tasks \
{toxinidir}/tests/test.yml
[testenv:ansible-lint]
deps =
{[testenv:ansible]deps}
commands =
{[testenv:ansible]commands}
ansible-lint {toxinidir}
[testenv:func_base]
# NOTE(odyssey4me): this target does not use constraints because
# it doesn't work in OpenStack-CI yet. Once that's fixed, we can
# drop the install_command.
install_command =
pip install -U --force-reinstall {opts} {packages}
[testenv:func_logs]
commands =
bash -c "{toxinidir}/tests/common/test-log-collect.sh"
[testenv:functional]
# Ignore_errors is set to true so that the logs are collected at the
# end of the run. This will not produce a false positive. Any
# exception will be mark the run as failed and exit 1 after all of
# the commands have been iterated through.
ignore_errors = True
# NOTE(odyssey4me): this target does not use constraints because
# it doesn't work in OpenStack-CI yet. Once that's fixed, we can
# drop the install_command.
install_command =
{[testenv:func_base]install_command}
deps =
{[testenv:ansible]deps}
commands =
{[testenv:ansible]commands}
ansible-playbook -i {toxinidir}/tests/inventory \
-e "install_test_packages=True" \
{toxinidir}/tests/test.yml -vvvv
{[testenv:func_logs]commands}
[testenv:linters]
deps =
{[testenv:ansible]deps}
commands =
{[testenv:pep8]commands}
{[testenv:bashate]commands}
{[testenv:ansible-lint]commands}
{[testenv:ansible-syntax]commands}
{[testenv:docs]commands}