From d3cfb2052a7321606e3a46fd6846f776d28afd86 Mon Sep 17 00:00:00 2001 From: SamYaple Date: Fri, 26 Feb 2016 01:02:25 +0000 Subject: [PATCH] Change kolla_internal_address variable Due to poor planning on our variable names we have a situation where we have "internal_address" which must be a VIP, but "external_address" which should be a DNS name. Now with two vips "external_vip_address" is a new variable. This corrects that issue by deprecating kolla_internal_address and replacing it with 4 nicely named variables. kolla_internal_vip_address kolla_internal_fqdn kolla_external_vip_address kolla_external_fqdn The default behaviour will remain the same, and the way the variable inheritance is setup the kolla_internal_address variable can still be set in globals.yml and propogate out to these 4 new variables like it normally would, but all reference to kolla_internal_address has been completely removed. Change-Id: I4556dcdbf4d91a8d2751981ef9c64bad44a719e5 Partially-Implements: blueprint ssl-kolla --- ansible/group_vars/all.yml | 15 +++--- ansible/roles/cinder/defaults/main.yml | 8 +-- ansible/roles/cinder/tasks/register.yml | 14 +++--- ansible/roles/cinder/templates/cinder.conf.j2 | 6 +-- .../roles/common/templates/admin-openrc.sh.j2 | 2 +- ansible/roles/elasticsearch/defaults/main.yml | 2 +- ansible/roles/glance/defaults/main.yml | 8 +-- ansible/roles/glance/tasks/register.yml | 6 +-- .../roles/glance/templates/glance-api.conf.j2 | 7 ++- .../glance/templates/glance-registry.conf.j2 | 4 +- ansible/roles/haproxy/tasks/start.yml | 4 +- ansible/roles/haproxy/tasks/upgrade.yml | 6 +-- .../roles/haproxy/templates/haproxy.cfg.j2 | 50 +++++++++---------- .../haproxy/templates/keepalived.conf.j2 | 2 +- ansible/roles/heat/defaults/main.yml | 8 +-- ansible/roles/heat/tasks/register.yml | 12 ++--- ansible/roles/heat/templates/heat.conf.j2 | 18 +++---- .../roles/horizon/templates/local_settings.j2 | 2 +- ansible/roles/ironic/defaults/main.yml | 8 +-- .../roles/ironic/templates/discoverd.conf.j2 | 2 +- ansible/roles/ironic/templates/ironic.conf.j2 | 10 ++-- ansible/roles/keystone/defaults/main.yml | 8 +-- ansible/roles/keystone/tasks/register.yml | 6 +-- ansible/roles/kibana/defaults/main.yml | 2 +- ansible/roles/kibana/templates/kibana.yml.j2 | 2 +- ansible/roles/magnum/defaults/main.yml | 8 +-- ansible/roles/magnum/tasks/register.yml | 6 +-- ansible/roles/magnum/templates/magnum.conf.j2 | 8 +-- ansible/roles/mariadb/tasks/check.yml | 2 +- ansible/roles/mistral/defaults/main.yml | 8 +-- ansible/roles/mistral/tasks/register.yml | 6 +-- .../roles/mistral/templates/mistral.conf.j2 | 6 +-- ansible/roles/murano/defaults/main.yml | 8 +-- ansible/roles/murano/tasks/register.yml | 6 +-- ansible/roles/murano/templates/murano.conf.j2 | 6 +-- ansible/roles/neutron/defaults/main.yml | 8 +-- ansible/roles/neutron/tasks/register.yml | 6 +-- .../neutron/templates/metadata_agent.ini.j2 | 2 +- .../roles/neutron/templates/neutron.conf.j2 | 6 +-- ansible/roles/nova/defaults/main.yml | 10 ++-- ansible/roles/nova/tasks/register.yml | 6 +-- ansible/roles/nova/templates/nova.conf.j2 | 16 +++--- ansible/roles/prechecks/tasks/port_checks.yml | 44 ++++++++-------- ansible/roles/swift/defaults/main.yml | 6 +-- ansible/roles/swift/tasks/register.yml | 6 +-- .../swift/templates/proxy-server.conf.j2 | 4 +- doc/quickstart.rst | 14 +++--- etc/kolla/globals.yml | 24 +++++---- tools/deploy_aio.sh | 2 +- tools/openrc-example | 4 +- 50 files changed, 218 insertions(+), 216 deletions(-) diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 5549688af3..1a1203f7e6 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -22,9 +22,10 @@ kolla_base_distro: "centos" # Valid options are [ binary, source ] kolla_install_type: "binary" -# Value set in the public_url endpoint in Keystone -kolla_external_vip_address: "{{ kolla_internal_address }}" -kolla_external_address: "{{ kolla_external_vip_address }}" +kolla_internal_vip_address: "{{ kolla_internal_address }}" +kolla_internal_fqdn: "{{ kolla_internal_address }}" +kolla_external_vip_address: "{{ kolla_internal_vip_address }}" +kolla_external_fqdn: "{{ kolla_internal_fqdn if kolla_external_vip_address == kolla_internal_vip_address else kolla_external_vip_address }}" kolla_enable_sanity_checks: "no" @@ -34,7 +35,7 @@ kolla_enable_sanity_glance: "{{ kolla_enable_sanity_checks }}" #################### # Database options #################### -database_address: "{{ kolla_internal_address }}" +database_address: "{{ kolla_internal_fqdn }}" database_user: "root" @@ -152,7 +153,7 @@ nova_console: "novnc" # OpenStack authentication string. You should only need to override these if you # are changing the admin tenant/project or user. openstack_auth: - auth_url: "{{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}" + auth_url: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}" username: "admin" password: "{{ keystone_admin_password }}" project_name: "admin" @@ -160,7 +161,7 @@ openstack_auth: # This shouldn't be needed for long. It is only temporary until we get the # ansible modules sorted out openstack_auth_v2: - auth_url: "{{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v2.0" + auth_url: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}/v2.0" username: "admin" password: "{{ keystone_admin_password }}" project_name: "admin" @@ -206,7 +207,7 @@ rabbitmq_user: "openstack" # HAProxy options #################### haproxy_user: "openstack" -haproxy_enable_external_vip: "{{ 'no' if kolla_external_vip_address == kolla_internal_address else 'yes' }}" +haproxy_enable_external_vip: "{{ 'no' if kolla_external_vip_address == kolla_internal_vip_address else 'yes' }}" ################################# diff --git a/ansible/roles/cinder/defaults/main.yml b/ansible/roles/cinder/defaults/main.yml index 031ba942da..d8c0359d22 100644 --- a/ansible/roles/cinder/defaults/main.yml +++ b/ansible/roles/cinder/defaults/main.yml @@ -24,7 +24,7 @@ cinder_backup_cache_mode: "{{ ceph_cinder_backup_cache_mode }}" #################### cinder_database_name: "cinder" cinder_database_user: "cinder" -cinder_database_address: "{{ kolla_internal_address }}" +cinder_database_address: "{{ kolla_internal_fqdn }}" #################### @@ -50,9 +50,9 @@ cinder_api_image_full: "{{ cinder_api_image }}:{{ cinder_api_tag }}" #################### # OpenStack #################### -cinder_public_address: "{{ kolla_external_address }}" -cinder_admin_address: "{{ kolla_internal_address }}" -cinder_internal_address: "{{ kolla_internal_address }}" +cinder_public_address: "{{ kolla_external_fqdn }}" +cinder_admin_address: "{{ kolla_internal_fqdn }}" +cinder_internal_address: "{{ kolla_internal_fqdn }}" cinder_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/cinder/tasks/register.yml b/ansible/roles/cinder/tasks/register.yml index 3ce4fc8586..011f74c0cd 100644 --- a/ansible/roles/cinder/tasks/register.yml +++ b/ansible/roles/cinder/tasks/register.yml @@ -6,9 +6,9 @@ service_type=volume description='Openstack Block Storage' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s' region_name={{ openstack_region_name }} auth={{ '{{ openstack_cinder_auth }}' }}" -e "{'openstack_cinder_auth':{{ openstack_cinder_auth }}}" @@ -26,9 +26,9 @@ service_type=volumev2 description='Openstack Block Storage' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ cinder_api_port }}/v2/%(tenant_id)s' region_name={{ openstack_region_name }} auth={{ '{{ openstack_cinder_auth }}' }}" -e "{'openstack_cinder_auth':{{ openstack_cinder_auth }}}" @@ -54,4 +54,4 @@ until: cinder_user.stdout.split()[2] == 'SUCCESS' retries: 10 delay: 5 - run_once: True \ No newline at end of file + run_once: True diff --git a/ansible/roles/cinder/templates/cinder.conf.j2 b/ansible/roles/cinder/templates/cinder.conf.j2 index f93329670e..ee8c018065 100644 --- a/ansible/roles/cinder/templates/cinder.conf.j2 +++ b/ansible/roles/cinder/templates/cinder.conf.j2 @@ -11,7 +11,7 @@ use_stderr = False enable_v1_api=false volume_name_template = %s -glance_api_servers = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ glance_api_port }} +glance_api_servers = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ glance_api_port }} glance_api_version = 2 os_region_name = {{ openstack_region_name }} @@ -47,8 +47,8 @@ auth_strategy = keystone connection = mysql+pymysql://{{ cinder_database_user }}:{{ cinder_database_password }}@{{ cinder_database_address }}/{{ cinder_database_name }} [keystone_authtoken] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/common/templates/admin-openrc.sh.j2 b/ansible/roles/common/templates/admin-openrc.sh.j2 index 0626818cd4..ec0d714d4b 100644 --- a/ansible/roles/common/templates/admin-openrc.sh.j2 +++ b/ansible/roles/common/templates/admin-openrc.sh.j2 @@ -4,5 +4,5 @@ export OS_PROJECT_NAME=admin export OS_TENANT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD={{ keystone_admin_password }} -export OS_AUTH_URL={{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}/v3 +export OS_AUTH_URL={{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}/v3 export OS_IDENTITY_API_VERSION=3 diff --git a/ansible/roles/elasticsearch/defaults/main.yml b/ansible/roles/elasticsearch/defaults/main.yml index 0325736714..c7c5cc986b 100644 --- a/ansible/roles/elasticsearch/defaults/main.yml +++ b/ansible/roles/elasticsearch/defaults/main.yml @@ -3,7 +3,7 @@ # Elasticsearch #################### elasticsearch_port: "{{ elasticsearch_port }}" -elasticsearch_host: "{{ kolla_internal_address }}" +elasticsearch_host: "{{ kolla_internal_vip_address }}" elasticsearch_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-elasticsearch" elasticsearch_tag: "{{ openstack_release }}" elasticsearch_image_full: "{{ elasticsearch_image }}:{{ elasticsearch_tag }}" diff --git a/ansible/roles/glance/defaults/main.yml b/ansible/roles/glance/defaults/main.yml index c8035c61b0..b98a2c1925 100644 --- a/ansible/roles/glance/defaults/main.yml +++ b/ansible/roles/glance/defaults/main.yml @@ -19,7 +19,7 @@ glance_cache_mode: "{{ ceph_glance_cache_mode }}" #################### glance_database_name: "glance" glance_database_user: "glance" -glance_database_address: "{{ kolla_internal_address }}" +glance_database_address: "{{ kolla_internal_fqdn }}" #################### @@ -37,9 +37,9 @@ glance_api_image_full: "{{ glance_api_image }}:{{ glance_api_tag }}" #################### # OpenStack #################### -glance_public_address: "{{ kolla_external_address }}" -glance_admin_address: "{{ kolla_internal_address }}" -glance_internal_address: "{{ kolla_internal_address }}" +glance_public_address: "{{ kolla_external_fqdn }}" +glance_admin_address: "{{ kolla_internal_fqdn }}" +glance_internal_address: "{{ kolla_internal_fqdn }}" glance_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/glance/tasks/register.yml b/ansible/roles/glance/tasks/register.yml index 9e2a11a677..660bc30a03 100644 --- a/ansible/roles/glance/tasks/register.yml +++ b/ansible/roles/glance/tasks/register.yml @@ -6,9 +6,9 @@ service_type=image description='Openstack Image' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ glance_api_port }}' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ glance_api_port }}' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ glance_api_port }}' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ glance_api_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ glance_api_port }}' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ glance_api_port }}' region_name={{ openstack_region_name }} auth={{ '{{ openstack_glance_auth }}' }}" -e "{'openstack_glance_auth':{{ openstack_glance_auth }}}" diff --git a/ansible/roles/glance/templates/glance-api.conf.j2 b/ansible/roles/glance/templates/glance-api.conf.j2 index ee2f17af55..2f40a44e69 100644 --- a/ansible/roles/glance/templates/glance-api.conf.j2 +++ b/ansible/roles/glance/templates/glance-api.conf.j2 @@ -8,8 +8,7 @@ use_forwarded_for = true bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} bind_port = {{ glance_api_port }} - -registry_host = {{ kolla_internal_address }} +registry_host = {{ kolla_internal_fqdn }} {% if enable_ceph | bool %} show_image_direct_url= True @@ -19,8 +18,8 @@ show_image_direct_url= True connection = mysql+pymysql://{{ glance_database_user }}:{{ glance_database_password }}@{{ glance_database_address }}/{{ glance_database_name }} [keystone_authtoken] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/glance/templates/glance-registry.conf.j2 b/ansible/roles/glance/templates/glance-registry.conf.j2 index 2310c920f7..3d0d2f4e3d 100644 --- a/ansible/roles/glance/templates/glance-registry.conf.j2 +++ b/ansible/roles/glance/templates/glance-registry.conf.j2 @@ -12,8 +12,8 @@ bind_port = {{ glance_registry_port }} connection = mysql+pymysql://{{ glance_database_user }}:{{ glance_database_password }}@{{ glance_database_address }}/{{ glance_database_name }} [keystone_authtoken] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/haproxy/tasks/start.yml b/ansible/roles/haproxy/tasks/start.yml index 352311d948..7ad4d106a0 100644 --- a/ansible/roles/haproxy/tasks/start.yml +++ b/ansible/roles/haproxy/tasks/start.yml @@ -30,4 +30,6 @@ changed_when: status.stdout.find('changed') != -1 - name: Waiting for virtual IP to appear - wait_for: host="{{ kolla_internal_address }}" port="{{ mariadb_port }}" + wait_for: + host: "{{ kolla_internal_vip_address }}" + port: "{{ mariadb_port }}" diff --git a/ansible/roles/haproxy/tasks/upgrade.yml b/ansible/roles/haproxy/tasks/upgrade.yml index c4670a5aa0..ce1adcfa36 100644 --- a/ansible/roles/haproxy/tasks/upgrade.yml +++ b/ansible/roles/haproxy/tasks/upgrade.yml @@ -8,12 +8,12 @@ action: "stop_container" common_options: "{{ docker_common_options }}" name: "keepalived" - when: kolla_internal_address not in secondary_addresses + when: kolla_internal_vip_address not in secondary_addresses # Upgrading master keepalived and haproxy - include: start.yml - when: kolla_internal_address in secondary_addresses + when: kolla_internal_vip_address in secondary_addresses # Upgrading slave keepalived and haproxy - include: start.yml - when: kolla_internal_address not in secondary_addresses + when: kolla_internal_vip_address not in secondary_addresses diff --git a/ansible/roles/haproxy/templates/haproxy.cfg.j2 b/ansible/roles/haproxy/templates/haproxy.cfg.j2 index 161ce15cff..1ab7dd67db 100644 --- a/ansible/roles/haproxy/templates/haproxy.cfg.j2 +++ b/ansible/roles/haproxy/templates/haproxy.cfg.j2 @@ -32,7 +32,7 @@ listen mariadb option tcplog option tcpka option mysql-check user haproxy - bind {{ kolla_internal_address }}:{{ mariadb_port }} + bind {{ kolla_internal_vip_address }}:{{ mariadb_port }} {% for host in groups['mariadb'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ mariadb_port }} check inter 2000 rise 2 fall 5 {% if not loop.first %}backup{% endif %} @@ -41,7 +41,7 @@ listen mariadb {% if enable_rabbitmq | bool %} listen rabbitmq_management - bind {{ kolla_internal_address }}:{{ rabbitmq_management_port }} + bind {{ kolla_internal_vip_address }}:{{ rabbitmq_management_port }} {% for host in groups['rabbitmq'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_management_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -49,7 +49,7 @@ listen rabbitmq_management {% if enable_mongodb | bool %} listen mongodb - bind {{ kolla_internal_address }}:{{ mongodb_port }} + bind {{ kolla_internal_vip_address }}:{{ mongodb_port }} {% for host in groups['mongodb'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ mongodb_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -57,7 +57,7 @@ listen mongodb {% if enable_keystone | bool %} listen keystone_internal - bind {{ kolla_internal_address }}:{{ keystone_public_port }} + bind {{ kolla_internal_vip_address }}:{{ keystone_public_port }} {% for host in groups['keystone'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ keystone_public_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -71,7 +71,7 @@ listen keystone_external {% endif %} listen keystone_admin - bind {{ kolla_internal_address }}:{{ keystone_admin_port }} + bind {{ kolla_internal_vip_address }}:{{ keystone_admin_port }} {% for host in groups['keystone'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ keystone_admin_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -79,13 +79,13 @@ listen keystone_admin {% if enable_glance | bool %} listen glance_registry - bind {{ kolla_internal_address }}:{{ glance_registry_port }} + bind {{ kolla_internal_vip_address }}:{{ glance_registry_port }} {% for host in groups['glance-registry'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_registry_port }} check inter 2000 rise 2 fall 5 {% endfor %} listen glance_api - bind {{ kolla_internal_address }}:{{ glance_api_port }} + bind {{ kolla_internal_vip_address }}:{{ glance_api_port }} {% for host in groups['glance-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -107,32 +107,32 @@ listen glance_api_external {% if enable_nova | bool %} listen nova_api - bind {{ kolla_internal_address }}:{{ nova_api_port }} + bind {{ kolla_internal_vip_address }}:{{ nova_api_port }} {% for host in groups['nova-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} listen nova_api_ec2 - bind {{ kolla_internal_address }}:{{ nova_api_ec2_port }} + bind {{ kolla_internal_vip_address }}:{{ nova_api_ec2_port }} {% for host in groups['nova-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_api_ec2_port }} check inter 2000 rise 2 fall 5 {% endfor %} listen nova_metadata - bind {{ kolla_internal_address }}:{{ nova_metadata_port }} + bind {{ kolla_internal_vip_address }}:{{ nova_metadata_port }} {% for host in groups['nova-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_metadata_port }} check inter 2000 rise 2 fall 5 {% endfor %} {% if nova_console == 'novnc' %} listen nova_novncproxy - bind {{ kolla_internal_address }}:{{ nova_novncproxy_port }} + bind {{ kolla_internal_vip_address }}:{{ nova_novncproxy_port }} {% for host in groups['nova-novncproxy'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_novncproxy_port }} check inter 2000 rise 2 fall 5 {% endfor %} {% elif nova_console == 'spice' %} listen nova_spicehtml5proxy - bind {{ kolla_internal_address }}:{{ nova_spicehtml5proxy_port }} + bind {{ kolla_internal_vip_address }}:{{ nova_spicehtml5proxy_port }} {% for host in groups['nova-spicehtml5proxy'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_spicehtml5proxy_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -175,7 +175,7 @@ listen nova_spicehtml5proxy_external {% if enable_neutron | bool %} listen neutron_server - bind {{ kolla_internal_address }}:{{ neutron_server_port }} + bind {{ kolla_internal_vip_address }}:{{ neutron_server_port }} {% for host in groups['neutron-server'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ neutron_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -191,7 +191,7 @@ listen neutron_server_external {% if enable_horizon | bool %} listen horizon - bind {{ kolla_internal_address }}:80 + bind {{ kolla_internal_vip_address }}:80 {% for host in groups['horizon'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:80 check inter 2000 rise 2 fall 5 {% endfor %} @@ -207,7 +207,7 @@ listen horizon_external {% if enable_cinder | bool %} listen cinder_api - bind {{ kolla_internal_address }}:{{ cinder_api_port }} + bind {{ kolla_internal_vip_address }}:{{ cinder_api_port }} {% for host in groups['cinder-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ cinder_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -223,13 +223,13 @@ listen cinder_api_external {% if enable_heat | bool %} listen heat_api - bind {{ kolla_internal_address }}:{{ heat_api_port }} + bind {{ kolla_internal_vip_address }}:{{ heat_api_port }} {% for host in groups['heat-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ heat_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} listen heat_api_cfn - bind {{ kolla_internal_address }}:{{ heat_api_cfn_port }} + bind {{ kolla_internal_vip_address }}:{{ heat_api_cfn_port }} {% for host in groups['heat-api-cfn'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ heat_api_cfn_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -251,14 +251,14 @@ listen heat_api_cfn_external {% if enable_ironic | bool %} listen ironic_api - bind {{ kolla_internal_address}}:{{ ironic_api_port }} + bind {{ kolla_internal_vip_address }}:{{ ironic_api_port }} {% for host in groups['ironic-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ ironic_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} {% if haproxy_enable_external_vip | bool %} listen ironic_api_external - bind {{ kolla_external_vip_address}}:{{ ironic_api_port }} + bind {{ kolla_external_vip_address }}:{{ ironic_api_port }} {% for host in groups['ironic-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ ironic_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -267,14 +267,14 @@ listen ironic_api_external {% if enable_swift | bool %} listen swift_api - bind {{ kolla_internal_address}}:{{ swift_proxy_server_port }} + bind {{ kolla_internal_vip_address }}:{{ swift_proxy_server_port }} {% for host in groups['swift-proxy-server'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ swift_proxy_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} {% if haproxy_enable_external_vip | bool %} listen swift_api_external - bind {{ kolla_external_vip_address}}:{{ swift_proxy_server_port }} + bind {{ kolla_external_vip_address }}:{{ swift_proxy_server_port }} {% for host in groups['swift-proxy-server'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ swift_proxy_server_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -283,7 +283,7 @@ listen swift_api_external {% if enable_murano | bool %} listen murano_api - bind {{ kolla_internal_address }}:{{ murano_api_port }} + bind {{ kolla_internal_vip_address }}:{{ murano_api_port }} {% for host in groups['murano-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ murano_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -299,7 +299,7 @@ listen murano_api_external {% if enable_magnum | bool %} listen magnum_api - bind {{ kolla_internal_address }}:{{ magnum_api_port }} + bind {{ kolla_internal_vip_address }}:{{ magnum_api_port }} {% for host in groups['magnum-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ magnum_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} @@ -315,14 +315,14 @@ listen magnum_api_external {% if enable_ceph | bool and enable_ceph_rgw | bool %} listen radosgw - bind {{ kolla_internal_address}}:{{ rgw_port }} + bind {{ kolla_internal_vip_address }}:{{ rgw_port }} {% for host in groups['ceph-rgw'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rgw_port }} check inter 2000 rise 2 fall 5 {% endfor %} {% if haproxy_enable_external_vip | bool %} listen radosgw_external - bind {{ kolla_external_vip_address}}:{{ rgw_port }} + bind {{ kolla_external_vip_address }}:{{ rgw_port }} {% for host in groups['ceph-rgw'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rgw_port }} check inter 2000 rise 2 fall 5 {% endfor %} diff --git a/ansible/roles/haproxy/templates/keepalived.conf.j2 b/ansible/roles/haproxy/templates/keepalived.conf.j2 index f71c207d31..dee8a6e5e6 100644 --- a/ansible/roles/haproxy/templates/keepalived.conf.j2 +++ b/ansible/roles/haproxy/templates/keepalived.conf.j2 @@ -12,7 +12,7 @@ vrrp_instance kolla_internal_vip { priority {{ groups['haproxy'].index(inventory_hostname) + 1 }} advert_int 1 virtual_ipaddress { - {{ kolla_internal_address }} + {{ kolla_internal_vip_address }} } track_script { check_alive diff --git a/ansible/roles/heat/defaults/main.yml b/ansible/roles/heat/defaults/main.yml index ae0d1729b5..d1954c62aa 100644 --- a/ansible/roles/heat/defaults/main.yml +++ b/ansible/roles/heat/defaults/main.yml @@ -6,7 +6,7 @@ project_name: "heat" #################### heat_database_name: "heat" heat_database_user: "heat" -heat_database_address: "{{ kolla_internal_address }}" +heat_database_address: "{{ kolla_internal_fqdn }}" #################### @@ -27,9 +27,9 @@ heat_engine_image_full: "{{ heat_engine_image }}:{{ heat_engine_tag }}" #################### # OpenStack #################### -heat_public_address: "{{ kolla_external_address }}" -heat_admin_address: "{{ kolla_internal_address }}" -heat_internal_address: "{{ kolla_internal_address }}" +heat_public_address: "{{ kolla_external_fqdn }}" +heat_admin_address: "{{ kolla_internal_fqdn }}" +heat_internal_address: "{{ kolla_internal_fqdn }}" heat_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/heat/tasks/register.yml b/ansible/roles/heat/tasks/register.yml index e9b8127d40..0f50f66e55 100644 --- a/ansible/roles/heat/tasks/register.yml +++ b/ansible/roles/heat/tasks/register.yml @@ -6,9 +6,9 @@ service_type=orchestration description='Openstack Orchestration' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_port }}/v1/%(tenant_id)s' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_port }}/v1/%(tenant_id)s' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_port }}/v1/%(tenant_id)s' region_name={{ openstack_region_name }} auth={{ '{{ openstack_heat_auth }}' }}" -e "{'openstack_heat_auth':{{ openstack_heat_auth }}}" @@ -26,9 +26,9 @@ service_type=orchestration description='Openstack Orchestration' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ heat_api_port }}/v1' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ heat_api_cfn_port }}/v1' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ heat_api_cfn_port }}/v1' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_port }}/v1' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ heat_api_cfn_port }}/v1' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_cfn_port }}/v1' region_name={{ openstack_region_name }} auth={{ '{{ openstack_heat_auth }}' }}" -e "{'openstack_heat_auth':{{ openstack_heat_auth }}}" diff --git a/ansible/roles/heat/templates/heat.conf.j2 b/ansible/roles/heat/templates/heat.conf.j2 index b581cec01d..39a4ae260a 100644 --- a/ansible/roles/heat/templates/heat.conf.j2 +++ b/ansible/roles/heat/templates/heat.conf.j2 @@ -3,9 +3,9 @@ debug = {{ heat_logging_debug }} log_dir = /var/log/kolla/heat -heat_watch_server_url = {{ public_protocol }}://{{ kolla_external_address }}:{{ heat_api_cfn_port }} -heat_metadata_server_url = {{ public_protocol }}://{{ kolla_external_address }}:{{ heat_api_cfn_port }} -heat_waitcondition_server_url = {{ public_protocol }}://{{ kolla_external_address }}:{{ heat_api_cfn_port }}/v1/waitcondition +heat_watch_server_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_cfn_port }} +heat_metadata_server_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_cfn_port }} +heat_waitcondition_server_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_cfn_port }}/v1/waitcondition stack_domain_admin = heat_domain_admin stack_domain_admin_password = {{ heat_domain_admin_password }} @@ -38,8 +38,8 @@ bind_port = {{ heat_api_cfn_port }} connection = mysql+pymysql://{{ heat_database_user }}:{{ heat_database_password }}@{{ heat_database_address }}/{{ heat_database_name }} [keystone_authtoken] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -48,8 +48,8 @@ username = heat password = {{ heat_keystone_password }} [trustee] -auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = http://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = http://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_plugin = password project_domain_id = default user_domain_id = default @@ -58,10 +58,10 @@ username = heat password = {{ heat_keystone_password }} [ec2authtoken] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} [clients_keystone] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} [oslo_messaging_notifications] driver = noop diff --git a/ansible/roles/horizon/templates/local_settings.j2 b/ansible/roles/horizon/templates/local_settings.j2 index 65d9586bd8..cc6802e50e 100644 --- a/ansible/roles/horizon/templates/local_settings.j2 +++ b/ansible/roles/horizon/templates/local_settings.j2 @@ -147,7 +147,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' # ('http://cluster2.example.com:5000/v2.0', 'cluster2'), #] -OPENSTACK_HOST = "{{ kolla_external_address }}" +OPENSTACK_HOST = "{{ kolla_external_fqdn }}" OPENSTACK_KEYSTONE_URL = "{{ public_protocol }}://%s:{{ keystone_public_port }}/v3" % OPENSTACK_HOST OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_" diff --git a/ansible/roles/ironic/defaults/main.yml b/ansible/roles/ironic/defaults/main.yml index a670905ac9..69da77ffcc 100644 --- a/ansible/roles/ironic/defaults/main.yml +++ b/ansible/roles/ironic/defaults/main.yml @@ -6,7 +6,7 @@ project_name: "ironic" #################### ironic_database_name: "ironic" ironic_database_user: "ironic" -ironic_database_address: "{{ kolla_internal_address }}" +ironic_database_address: "{{ kolla_internal_fqdn }}" #################### @@ -32,9 +32,9 @@ ironic_pxe_image_full: "{{ ironic_pxe_image }}:{{ ironic_pxe_tag }}" #################### # OpenStack #################### -ironic_public_address: "{{ kolla_external_address }}" -ironic_admin_address: "{{ kolla_internal_address }}" -ironic_internal_address: "{{ kolla_internal_address }}" +ironic_public_address: "{{ kolla_external_fqdn }}" +ironic_admin_address: "{{ kolla_internal_fqdn }}" +ironic_internal_address: "{{ kolla_internal_fqdn }}" ironic_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/ironic/templates/discoverd.conf.j2 b/ansible/roles/ironic/templates/discoverd.conf.j2 index 151fcfa9d2..b7dae00832 100644 --- a/ansible/roles/ironic/templates/discoverd.conf.j2 +++ b/ansible/roles/ironic/templates/discoverd.conf.j2 @@ -1,6 +1,6 @@ [discoverd] database = inspector.sqlite3 -os_auth_url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }}/v2.0 +os_auth_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}/v2.0 os_username = {{ openstack_auth.username }} os_password = {{ openstack_auth.password }} os_tenant_name = {{ openstack_auth.project_name }} diff --git a/ansible/roles/ironic/templates/ironic.conf.j2 b/ansible/roles/ironic/templates/ironic.conf.j2 index f100b681ff..53c00e2c08 100644 --- a/ansible/roles/ironic/templates/ironic.conf.j2 +++ b/ansible/roles/ironic/templates/ironic.conf.j2 @@ -10,7 +10,7 @@ host_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['a {% if service_name == 'ironic-conductor' %} [conductor] -api_url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ ironic_api_port }} +api_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }} clean_nodes = false {% endif %} @@ -18,8 +18,8 @@ clean_nodes = false connection = mysql+pymysql://{{ ironic_database_user }}:{{ ironic_database_password }}@{{ ironic_database_address }}/{{ ironic_database_name }} [keystone_authtoken] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -28,10 +28,10 @@ username = {{ ironic_keystone_user }} password = {{ ironic_keystone_password }} [glance] -glance_host = {{ kolla_internal_address }} +glance_host = {{ kolla_internal_fqdn }} [neutron] -url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ neutron_server_port }} +url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }} [oslo_messaging_rabbit] rabbit_userid = {{ rabbitmq_user }} diff --git a/ansible/roles/keystone/defaults/main.yml b/ansible/roles/keystone/defaults/main.yml index 8c7a4a0ef4..78977e1c0b 100644 --- a/ansible/roles/keystone/defaults/main.yml +++ b/ansible/roles/keystone/defaults/main.yml @@ -6,7 +6,7 @@ project_name: "keystone" #################### keystone_database_name: "keystone" keystone_database_user: "keystone" -keystone_database_address: "{{ kolla_internal_address }}" +keystone_database_address: "{{ kolla_internal_fqdn }}" #################### @@ -20,9 +20,9 @@ keystone_image_full: "{{ keystone_image }}:{{ keystone_tag }}" #################### # OpenStack #################### -keystone_public_address: "{{ kolla_external_address }}" -keystone_admin_address: "{{ kolla_internal_address }}" -keystone_internal_address: "{{ kolla_internal_address }}" +keystone_public_address: "{{ kolla_external_fqdn }}" +keystone_admin_address: "{{ kolla_internal_fqdn }}" +keystone_internal_address: "{{ kolla_internal_fqdn }}" keystone_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/keystone/tasks/register.yml b/ansible/roles/keystone/tasks/register.yml index 2b9af5a600..53a9f55a87 100644 --- a/ansible/roles/keystone/tasks/register.yml +++ b/ansible/roles/keystone/tasks/register.yml @@ -24,9 +24,9 @@ service_type=identity description='Openstack Identity' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ keystone_public_port }}' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ keystone_public_port }}' region_name={{ openstack_region_name }} auth_type=admin_token auth={{ '{{ openstack_keystone_token_auth }}' }}" diff --git a/ansible/roles/kibana/defaults/main.yml b/ansible/roles/kibana/defaults/main.yml index be14a522e1..c720b03069 100644 --- a/ansible/roles/kibana/defaults/main.yml +++ b/ansible/roles/kibana/defaults/main.yml @@ -3,7 +3,7 @@ # Kibana #################### kibana_port: "{{ kibana_port }}" -kibana_host: "{{ kolla_internal_address }}" +kibana_host: "{{ kolla_internal_vip_address }}" kibana_app_id: "discover" kibana_request_timeout: 300000 kibana_shard_timeout: 0 diff --git a/ansible/roles/kibana/templates/kibana.yml.j2 b/ansible/roles/kibana/templates/kibana.yml.j2 index 00186c4f4c..2fa66eec93 100644 --- a/ansible/roles/kibana/templates/kibana.yml.j2 +++ b/ansible/roles/kibana/templates/kibana.yml.j2 @@ -1,6 +1,6 @@ port: {{ kibana_port }} host: {{ kibana_host }} -elasticsearch_url: "{{ internal_protocol }}://{{ kolla_internal_address }}:{{ elasticsearch_port }}" +elasticsearch_url: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ elasticsearch_port }}" elasticsearch_preserve_host: {{ elasticsearch_preserve_host }} default_app_id: {{ kibana_app_id }} request_timeout: {{ kibana_request_timeout }} diff --git a/ansible/roles/magnum/defaults/main.yml b/ansible/roles/magnum/defaults/main.yml index 9faaf67e4b..ff2e1fc0f6 100644 --- a/ansible/roles/magnum/defaults/main.yml +++ b/ansible/roles/magnum/defaults/main.yml @@ -6,7 +6,7 @@ project_name: "magnum" #################### magnum_database_name: "magnum" magnum_database_user: "magnum" -magnum_database_address: "{{ kolla_internal_address }}" +magnum_database_address: "{{ kolla_internal_fqdn }}" #################### @@ -23,9 +23,9 @@ magnum_conductor_image_full: "{{ magnum_conductor_image }}:{{ magnum_conductor_t #################### # OpenStack #################### -magnum_public_address: "{{ kolla_external_address }}" -magnum_admin_address: "{{ kolla_internal_address }}" -magnum_internal_address: "{{ kolla_internal_address }}" +magnum_public_address: "{{ kolla_external_fqdn }}" +magnum_admin_address: "{{ kolla_internal_fqdn }}" +magnum_internal_address: "{{ kolla_internal_fqdn }}" magnum_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/magnum/tasks/register.yml b/ansible/roles/magnum/tasks/register.yml index 6e17ccd7ab..0da0ad072c 100644 --- a/ansible/roles/magnum/tasks/register.yml +++ b/ansible/roles/magnum/tasks/register.yml @@ -6,9 +6,9 @@ service_type=container description='Openstack Container Service' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ magnum_api_port }}/v1' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ magnum_api_port }}/v1' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ magnum_api_port }}/v1' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ magnum_api_port }}/v1' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ magnum_api_port }}/v1' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ magnum_api_port }}/v1' region_name={{ openstack_region_name }} auth={{ '{{ openstack_magnum_auth }}' }}" -e "{'openstack_magnum_auth':{{ openstack_magnum_auth }}}" diff --git a/ansible/roles/magnum/templates/magnum.conf.j2 b/ansible/roles/magnum/templates/magnum.conf.j2 index d55d713f41..047353d55b 100644 --- a/ansible/roles/magnum/templates/magnum.conf.j2 +++ b/ansible/roles/magnum/templates/magnum.conf.j2 @@ -16,8 +16,8 @@ connection = mysql+pymysql://{{ magnum_database_user }}:{{ magnum_database_passw region_name = {{ openstack_region_name }} [keystone_authtoken] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -26,8 +26,8 @@ username = {{ magnum_keystone_user }} password = {{ magnum_keystone_password }} [trustee] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/mariadb/tasks/check.yml b/ansible/roles/mariadb/tasks/check.yml index 80a4e52401..61ff73436d 100644 --- a/ansible/roles/mariadb/tasks/check.yml +++ b/ansible/roles/mariadb/tasks/check.yml @@ -1,6 +1,6 @@ --- - name: Waiting for MariaDB service to be ready through VIP - command: "docker exec mariadb mysql -h {{ kolla_internal_address }} -u haproxy -e 'show databases;'" + command: "docker exec mariadb mysql -h {{ kolla_internal_fqdn }} -u haproxy -e 'show databases;'" register: result until: result | success changed_when: False diff --git a/ansible/roles/mistral/defaults/main.yml b/ansible/roles/mistral/defaults/main.yml index d72baa8a62..b2d73ed0b7 100644 --- a/ansible/roles/mistral/defaults/main.yml +++ b/ansible/roles/mistral/defaults/main.yml @@ -6,7 +6,7 @@ project_name: "mistral" #################### mistral_database_name: "mistral" mistral_database_user: "mistral" -mistral_database_address: "{{ kolla_internal_address }}" +mistral_database_address: "{{ kolla_internal_fqdn }}" #################### @@ -28,9 +28,9 @@ mistral_api_image_full: "{{ mistral_api_image }}:{{ mistral_api_tag }}" #################### # OpenStack #################### -mistral_public_address: "{{ kolla_external_address }}" -mistral_admin_address: "{{ kolla_internal_address }}" -mistral_internal_address: "{{ kolla_internal_address }}" +mistral_public_address: "{{ kolla_external_fqdn }}" +mistral_admin_address: "{{ kolla_internal_fqdn }}" +mistral_internal_address: "{{ kolla_internal_fqdn }}" mistral_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/mistral/tasks/register.yml b/ansible/roles/mistral/tasks/register.yml index 5994ccb856..8ef413900f 100644 --- a/ansible/roles/mistral/tasks/register.yml +++ b/ansible/roles/mistral/tasks/register.yml @@ -6,9 +6,9 @@ service_type=application_catalog description='Openstack Application Catalog' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ mistral_api_port }}' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ mistral_api_port }}' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ mistral_api_port }}' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ mistral_api_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ mistral_api_port }}' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ mistral_api_port }}' region_name={{ openstack_region_name }} auth={{ '{{ openstack_mistral_auth }}' }}" -e "{'openstack_mistral_auth':{{ openstack_mistral_auth }}}" diff --git a/ansible/roles/mistral/templates/mistral.conf.j2 b/ansible/roles/mistral/templates/mistral.conf.j2 index 5a18367ef2..52456733c7 100644 --- a/ansible/roles/mistral/templates/mistral.conf.j2 +++ b/ansible/roles/mistral/templates/mistral.conf.j2 @@ -16,8 +16,8 @@ bind_port = {{ mistral_api_port }} connection = mysql+pymysql://{{ mistral_database_user }}:{{ mistral_database_password }}@{{ mistral_database_address }}/{{ mistral_database_name }} [keystone_authtoken] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -26,7 +26,7 @@ username = {{ mistral_keystone_user }} password = {{ mistral_keystone_password }} [mistral] -url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ mistral_api_port }} +url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ mistral_api_port }} [oslo_messaging_rabbit] rabbit_userid = {{ rabbitmq_user }} diff --git a/ansible/roles/murano/defaults/main.yml b/ansible/roles/murano/defaults/main.yml index 2385db89ea..280cc99fa0 100644 --- a/ansible/roles/murano/defaults/main.yml +++ b/ansible/roles/murano/defaults/main.yml @@ -6,7 +6,7 @@ project_name: "murano" #################### murano_database_name: "murano" murano_database_user: "murano" -murano_database_address: "{{ kolla_internal_address }}" +murano_database_address: "{{ kolla_internal_fqdn }}" #################### @@ -24,9 +24,9 @@ murano_api_image_full: "{{ murano_api_image }}:{{ murano_api_tag }}" #################### # OpenStack #################### -murano_public_address: "{{ kolla_external_address }}" -murano_admin_address: "{{ kolla_internal_address }}" -murano_internal_address: "{{ kolla_internal_address }}" +murano_public_address: "{{ kolla_external_fqdn }}" +murano_admin_address: "{{ kolla_internal_fqdn }}" +murano_internal_address: "{{ kolla_internal_fqdn }}" murano_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/murano/tasks/register.yml b/ansible/roles/murano/tasks/register.yml index 2872cc76e7..78bdc4f603 100644 --- a/ansible/roles/murano/tasks/register.yml +++ b/ansible/roles/murano/tasks/register.yml @@ -6,9 +6,9 @@ service_type=application_catalog description='Openstack Application Catalogue' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ murano_api_port }}' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ murano_api_port }}' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ murano_api_port }}' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ murano_api_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ murano_api_port }}' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ murano_api_port }}' region_name={{ openstack_region_name }} auth={{ '{{ openstack_murano_auth }}' }}" -e "{'openstack_murano_auth':{{ openstack_murano_auth }}}" diff --git a/ansible/roles/murano/templates/murano.conf.j2 b/ansible/roles/murano/templates/murano.conf.j2 index a64cfb54cc..a48dea30ed 100644 --- a/ansible/roles/murano/templates/murano.conf.j2 +++ b/ansible/roles/murano/templates/murano.conf.j2 @@ -12,8 +12,8 @@ bind_port = {{ murano_api_port }} connection = mysql+pymysql://{{ murano_database_user }}:{{ murano_database_password }}@{{ murano_database_address }}/{{ murano_database_name }} [keystone_authtoken] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -22,7 +22,7 @@ username = {{ murano_keystone_user }} password = {{ murano_keystone_password }} [murano] -url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ murano_api_port }} +url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ murano_api_port }} [oslo_messaging_rabbit] rabbit_userid = {{ rabbitmq_user }} diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml index 0c2e03fed0..5b7887370c 100644 --- a/ansible/roles/neutron/defaults/main.yml +++ b/ansible/roles/neutron/defaults/main.yml @@ -6,7 +6,7 @@ project_name: "neutron" #################### neutron_database_name: "neutron" neutron_database_user: "neutron" -neutron_database_address: "{{ kolla_internal_address }}" +neutron_database_address: "{{ kolla_internal_fqdn }}" #################### @@ -48,9 +48,9 @@ openvswitch_vswitchd_image_full: "{{ openvswitch_vswitchd_image }}:{{ openvswitc #################### # OpenStack #################### -neutron_public_address: "{{ kolla_external_address }}" -neutron_admin_address: "{{ kolla_internal_address }}" -neutron_internal_address: "{{ kolla_internal_address }}" +neutron_public_address: "{{ kolla_external_fqdn }}" +neutron_admin_address: "{{ kolla_internal_fqdn }}" +neutron_internal_address: "{{ kolla_internal_fqdn }}" neutron_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/neutron/tasks/register.yml b/ansible/roles/neutron/tasks/register.yml index d400d6ca7f..067fa5bf48 100644 --- a/ansible/roles/neutron/tasks/register.yml +++ b/ansible/roles/neutron/tasks/register.yml @@ -6,9 +6,9 @@ service_type=network description='Openstack Networking' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ neutron_server_port }}' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ neutron_server_port }}' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ neutron_server_port }}' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ neutron_server_port }}' region_name={{ openstack_region_name }} auth={{ '{{ openstack_neutron_auth }}' }}" -e "{'openstack_neutron_auth':{{ openstack_neutron_auth }}}" diff --git a/ansible/roles/neutron/templates/metadata_agent.ini.j2 b/ansible/roles/neutron/templates/metadata_agent.ini.j2 index e6bba74d45..86f33b9d0d 100644 --- a/ansible/roles/neutron/templates/metadata_agent.ini.j2 +++ b/ansible/roles/neutron/templates/metadata_agent.ini.j2 @@ -1,5 +1,5 @@ # metadata_agent.ini [DEFAULT] -nova_metadata_ip = {{ kolla_internal_address }} +nova_metadata_ip = {{ kolla_internal_fqdn }} nova_metadata_port = {{ nova_metadata_port }} metadata_proxy_shared_secret = {{ metadata_secret }} diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2 index 6a0f8a1623..802611f03d 100644 --- a/ansible/roles/neutron/templates/neutron.conf.j2 +++ b/ansible/roles/neutron/templates/neutron.conf.j2 @@ -34,7 +34,7 @@ core_plugin = ml2 service_plugins = router [nova] -auth_url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default @@ -59,8 +59,8 @@ root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf connection = mysql+pymysql://{{ neutron_database_user }}:{{ neutron_database_password }}@{{ neutron_database_address }}/{{ neutron_database_name }} [keystone_authtoken] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/nova/defaults/main.yml b/ansible/roles/nova/defaults/main.yml index 707e4950f6..01bdaea9c8 100644 --- a/ansible/roles/nova/defaults/main.yml +++ b/ansible/roles/nova/defaults/main.yml @@ -19,11 +19,11 @@ nova_cache_mode: "{{ ceph_nova_cache_mode }}" #################### nova_database_name: "nova" nova_database_user: "nova" -nova_database_address: "{{ kolla_internal_address }}" +nova_database_address: "{{ kolla_internal_fqdn }}" nova_api_database_name: "nova_api" nova_api_database_user: "nova_api" -nova_api_database_address: "{{ kolla_internal_address }}" +nova_api_database_address: "{{ kolla_internal_fqdn }}" #################### # Docker @@ -67,9 +67,9 @@ nova_compute_ironic_image_full: "{{ nova_compute_ironic_image }}:{{ nova_compute #################### # OpenStack #################### -nova_public_address: "{{ kolla_external_address }}" -nova_admin_address: "{{ kolla_internal_address }}" -nova_internal_address: "{{ kolla_internal_address }}" +nova_public_address: "{{ kolla_external_fqdn }}" +nova_admin_address: "{{ kolla_internal_fqdn }}" +nova_internal_address: "{{ kolla_internal_fqdn }}" nova_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/nova/tasks/register.yml b/ansible/roles/nova/tasks/register.yml index 95f0f968dd..d7a757bb5d 100644 --- a/ansible/roles/nova/tasks/register.yml +++ b/ansible/roles/nova/tasks/register.yml @@ -6,9 +6,9 @@ service_type=compute description='Openstack Compute' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ nova_api_port }}/v2/%(tenant_id)s' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ nova_api_port }}/v2/%(tenant_id)s' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ nova_api_port }}/v2/%(tenant_id)s' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s' region_name={{ openstack_region_name }} auth={{ '{{ openstack_nova_auth }}' }}" -e "{'openstack_nova_auth':{{ openstack_nova_auth }}}" diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2 index 352465b5cb..b208a833dc 100644 --- a/ansible/roles/nova/templates/nova.conf.j2 +++ b/ansible/roles/nova/templates/nova.conf.j2 @@ -60,7 +60,7 @@ novncproxy_port = {{ nova_novncproxy_port }} vncserver_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} vncserver_proxyclient_address = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} {% if inventory_hostname in groups['compute'] %} -novncproxy_base_url = {{ public_protocol }}://{{ kolla_external_address }}:{{ nova_novncproxy_port }}/vnc_auto.html +novncproxy_base_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_novncproxy_port }}/vnc_auto.html {% endif %} {% elif nova_console == 'spice' %} [vnc] @@ -70,7 +70,7 @@ enabled = false server_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} server_proxyclient_address = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} {% if inventory_hostname in groups['compute'] %} -html5proxy_base_url = {{ public_protocol }}://{{ kolla_external_address }}:{{ nova_spicehtml5proxy_port }}/spice_auto.html +html5proxy_base_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_spicehtml5proxy_port }}/spice_auto.html {% endif %} html5proxy_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} html5proxy_port = {{ nova_spicehtml5proxy_port }} @@ -83,7 +83,7 @@ admin_username = {{ ironic_keystone_user }} admin_password = {{ ironic_keystone_password }} admin_url = {{ openstack_auth_v2.auth_url }} admin_tenant_name = service -api_endpoint = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ ironic_api_port }}/v1 +api_endpoint = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}/v1 {% endif %} [oslo_messaging_rabbit] @@ -97,7 +97,7 @@ lock_path = /var/lib/nova/tmp [glance] {% if enable_ceph | bool %} -host = {{ kolla_internal_address }} +host = {{ kolla_internal_fqdn }} port = {{ glance_api_port }} {% else %} api_servers = {% for host in groups['glance-api'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_api_port }}{% if not loop.last %},{% endif %}{% endfor %} @@ -109,12 +109,12 @@ num_retries = {{ groups['glance-api'] | length }} catalog_info = volume:cinder:internalURL [neutron] -url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ neutron_server_port }} +url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }} auth_strategy = keystone metadata_proxy_shared_secret = {{ metadata_secret }} service_metadata_proxy = true -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_plugin = password project_domain_name = default user_domain_id = default @@ -129,8 +129,8 @@ connection = mysql+pymysql://{{ nova_database_user }}:{{ nova_database_password connection = mysql+pymysql://{{ nova_api_database_user }}:{{ nova_api_database_password }}@{{ nova_api_database_address }}/{{ nova_api_database_name }} [keystone_authtoken] -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/prechecks/tasks/port_checks.yml b/ansible/roles/prechecks/tasks/port_checks.yml index 5771742e5c..6c2ce7cc54 100644 --- a/ansible/roles/prechecks/tasks/port_checks.yml +++ b/ansible/roles/prechecks/tasks/port_checks.yml @@ -9,7 +9,7 @@ - name: Checking free port for Cinder API HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ cinder_api_port }}" connect_timeout: 1 state: stopped @@ -25,7 +25,7 @@ - name: Checking free port for Glance API HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ glance_api_port }}" connect_timeout: 1 state: stopped @@ -41,7 +41,7 @@ - name: Checking free port for Glance Registry HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ glance_registry_port }}" connect_timeout: 1 state: stopped @@ -49,7 +49,7 @@ - name: Checking free port for HAProxy stats wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ haproxy_stats_port }}" connect_timeout: 1 state: stopped @@ -65,7 +65,7 @@ - name: Checking free port for Heat API HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ heat_api_port }}" connect_timeout: 1 state: stopped @@ -81,7 +81,7 @@ - name: Checking free port for Heat API CFN HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ heat_api_cfn_port }}" connect_timeout: 1 state: stopped @@ -97,7 +97,7 @@ - name: Checking free port for Horizon HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "80" connect_timeout: 1 state: stopped @@ -113,7 +113,7 @@ - name: Checking free port for Ironic HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ ironic_api_port }}" connect_timeout: 1 state: stopped @@ -137,7 +137,7 @@ - name: Checking free port for Keystone Admin HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ keystone_admin_port }}" connect_timeout: 1 state: stopped @@ -153,7 +153,7 @@ - name: Checking free port for Keystone Public HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ keystone_public_port }}" connect_timeout: 1 state: stopped @@ -169,7 +169,7 @@ - name: Checking free port for MariaDB HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ mariadb_port }}" connect_timeout: 1 state: stopped @@ -217,7 +217,7 @@ - name: Checking free port for Murano API HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ murano_api_port }}" connect_timeout: 1 state: stopped @@ -233,7 +233,7 @@ - name: Checking free port for Neutron Server HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ neutron_server_port }}" connect_timeout: 1 state: stopped @@ -249,7 +249,7 @@ - name: Checking free port for Nova API HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ nova_api_port }}" connect_timeout: 1 state: stopped @@ -265,7 +265,7 @@ - name: Checking free port for Nova API EC2 HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ nova_api_ec2_port }}" connect_timeout: 1 state: stopped @@ -281,7 +281,7 @@ - name: Checking free port for Nova Metadata HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ nova_metadata_port }}" connect_timeout: 1 state: stopped @@ -297,7 +297,7 @@ - name: Checking free port for Nova NoVNC HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ nova_novncproxy_port }}" connect_timeout: 1 state: stopped @@ -313,7 +313,7 @@ - name: Checking free port for Nova Spice HTML5 HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ nova_spicehtml5proxy_port }}" connect_timeout: 1 state: stopped @@ -337,7 +337,7 @@ - name: Checking free port for RabbitMQ Management HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ rabbitmq_management_port }}" connect_timeout: 1 state: stopped @@ -377,7 +377,7 @@ - name: Checking free port for Mongodb HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ mongodb_port }}" connect_timeout: 1 state: stopped @@ -425,7 +425,7 @@ - name: Checking free port for Swift Proxy Server HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ swift_proxy_server_port }}" connect_timeout: 1 state: stopped @@ -441,7 +441,7 @@ - name: Checking free port for RadosGW HAProxy wait_for: - host: "{{ kolla_internal_address }}" + host: "{{ kolla_internal_vip_address }}" port: "{{ rgw_port }}" connect_timeout: 1 state: stopped diff --git a/ansible/roles/swift/defaults/main.yml b/ansible/roles/swift/defaults/main.yml index b4fcb34e79..5194043df1 100644 --- a/ansible/roles/swift/defaults/main.yml +++ b/ansible/roles/swift/defaults/main.yml @@ -27,9 +27,9 @@ swift_rsyncd_image_full: "{{ swift_rsyncd_image }}:{{ swift_rsyncd_tag }}" #################### # OpenStack #################### -swift_public_address: "{{ kolla_external_address }}" -swift_admin_address: "{{ kolla_internal_address }}" -swift_internal_address: "{{ kolla_internal_address }}" +swift_public_address: "{{ kolla_external_fqdn }}" +swift_admin_address: "{{ kolla_internal_fqdn }}" +swift_internal_address: "{{ kolla_internal_fqdn }}" swift_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/swift/tasks/register.yml b/ansible/roles/swift/tasks/register.yml index 27e558a857..01ed3c629a 100644 --- a/ansible/roles/swift/tasks/register.yml +++ b/ansible/roles/swift/tasks/register.yml @@ -6,9 +6,9 @@ service_type=object-store description='Openstack Object Storage' endpoint_region={{ openstack_region_name }} - admin_url='{{ admin_protocol }}://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}' - internal_url='{{ internal_protocol }}://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s' - public_url='{{ public_protocol }}://{{ kolla_external_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s' + admin_url='{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ swift_proxy_server_port }}' + internal_url='{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s' + public_url='{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s' region_name={{ openstack_region_name }} auth={{ '{{ openstack_swift_auth }}' }}" -e "{'openstack_swift_auth':{{ openstack_swift_auth }}}" diff --git a/ansible/roles/swift/templates/proxy-server.conf.j2 b/ansible/roles/swift/templates/proxy-server.conf.j2 index cf9de196fa..e6b9e5b89c 100644 --- a/ansible/roles/swift/templates/proxy-server.conf.j2 +++ b/ansible/roles/swift/templates/proxy-server.conf.j2 @@ -30,8 +30,8 @@ use = egg:swift#proxy_logging [filter:authtoken] paste.filter_factory = keystonemiddleware.auth_token:filter_factory -auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }} -auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default user_domain_id = default diff --git a/doc/quickstart.rst b/doc/quickstart.rst index e78c812e91..e8a84c8b10 100644 --- a/doc/quickstart.rst +++ b/doc/quickstart.rst @@ -385,15 +385,13 @@ All variables for the environment can be specified in the files: Start by editing /etc/kolla/globals.yml. Check and edit, if needed, these parameters: kolla_base_distro, kolla_install_type. -The kolla\_\*\_address variables can both be the same. Please specify -an unused IP address in the network to act as a VIP for -kolla\_internal\_address. The VIP will be used with keepalived and +Please specify an unused IP address in the network to act as a VIP for +kolla\_internal\_vip\_address. The VIP will be used with keepalived and added to the "api\_interface" as specified in the globals.yml :: - kolla_external_address: "openstack.example.com" - kolla_internal_address: "10.10.10.254" + kolla_internal_vip_address: "10.10.10.254" If the environment doesn't have a free IP address available for VIP configuration, the host's IP address may be used here by disabling HAProxy by @@ -471,9 +469,9 @@ deployment takes 25 minutes. These are estimates; different hardware may be faster or slower but should be near these results. After successful deployment of OpenStack, the Horizon dashboard will be -available by entering IP address or hostname from "kolla_external_address", -or kolla_internal_address in case then kolla_external_address uses -kolla_internal_address. +available by entering IP address or hostname from kolla\_external\_fqdn, or +kolla\_internal\_fqdn. If these variables were not set during deploy they +default to kolla\_internal\_vip\_address. Useful tools ------------- diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index 885c80bc8a..f286e96bfa 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -18,21 +18,23 @@ # the hosts running keepalived for high-availability. When running an All-In-One # without haproxy and keepalived, this should be the first IP on your # 'network_interface' as set in the Networking section below. -kolla_internal_address: "10.10.10.254" +kolla_internal_vip_address: "10.10.10.254" -# The Public address used to communicate with OpenStack as set in the public_url -# for the endpoints that will be created. It defaults to kolla_internal_address -# but can be overridden in your globals.yml to a public address. It is up to the -# deployer to ensure that that public address maps to the environment correctly. -# It is recommended to use a DNS name as well, but not required. -#kolla_external_address: "{{ kolla_internal_address }}" +# This is the DNS name that maps to the kolla_internal_vip_address VIP. By +# default it is the same as kolla_internal_vip_address. +#kolla_internal_fqdn: "{{ kolla_internal_vip_address }}" # This should be a VIP, an unused IP on your network that will float between # the hosts running keepalived for high-availability. It defaults to the -# kolla_internal_address, allowing internal and external communication to -# share the same address. Specify a kolla_external_vip_address to -# separate internal and external requests between two VIPs. -#kolla_external_vip_address: "{{ kolla_internal_address }}" +# kolla_internal_vip_address, allowing internal and external communication to +# share the same address. Specify a kolla_external_vip_address to separate +# internal and external requests between two VIPs. +#kolla_external_vip_address: "{{ kolla_internal_vip_address }}" + +# The Public address used to communicate with OpenStack as set in the public_url +# for the endpoints that will be created. This DNS name should map to +# kolla_external_vip_address. +#kolla_external_fqdn: "{{ kolla_external_vip_address }}" #################### # Docker options diff --git a/tools/deploy_aio.sh b/tools/deploy_aio.sh index e5c773414f..e6ef5a11e4 100755 --- a/tools/deploy_aio.sh +++ b/tools/deploy_aio.sh @@ -53,7 +53,7 @@ function write_configs { --- kolla_base_distro: "${KOLLA_BASE}" kolla_install_type: "${KOLLA_TYPE}" -kolla_internal_address: "169.254.169.10" +kolla_internal_vip_address: "169.254.169.10" docker_restart_policy: "never" network_interface: "eth0" neutron_external_interface: "fake_interface" diff --git a/tools/openrc-example b/tools/openrc-example index 2dda3aed35..66b2fb7ba1 100644 --- a/tools/openrc-example +++ b/tools/openrc-example @@ -1,6 +1,6 @@ # You can customize this to match your environment by replacing the variables: # keystone_admin_password -# kolla_internal_address +# kolla_internal_fqdn # keystone_admin_port export OS_PROJECT_DOMAIN_ID=default @@ -8,4 +8,4 @@ export OS_USER_DOMAIN_ID=default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD= -export OS_AUTH_URL=http://: +export OS_AUTH_URL=http://: