first commit
This commit is contained in:
commit
bb87b62ea4
|
@ -0,0 +1,3 @@
|
||||||
|
*.swp
|
||||||
|
*.pyc
|
||||||
|
|
|
@ -0,0 +1,203 @@
|
||||||
|
Apache License
|
||||||
|
Version 2.0, January 2004
|
||||||
|
http://www.apache.org/licenses/
|
||||||
|
|
||||||
|
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||||
|
|
||||||
|
1. Definitions.
|
||||||
|
|
||||||
|
"License" shall mean the terms and conditions for use, reproduction,
|
||||||
|
and distribution as defined by Sections 1 through 9 of this document.
|
||||||
|
|
||||||
|
"Licensor" shall mean the copyright owner or entity authorized by
|
||||||
|
the copyright owner that is granting the License.
|
||||||
|
|
||||||
|
"Legal Entity" shall mean the union of the acting entity and all
|
||||||
|
other entities that control, are controlled by, or are under common
|
||||||
|
control with that entity. For the purposes of this definition,
|
||||||
|
"control" means (i) the power, direct or indirect, to cause the
|
||||||
|
direction or management of such entity, whether by contract or
|
||||||
|
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||||
|
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||||
|
|
||||||
|
"You" (or "Your") shall mean an individual or Legal Entity
|
||||||
|
exercising permissions granted by this License.
|
||||||
|
|
||||||
|
"Source" form shall mean the preferred form for making modifications,
|
||||||
|
including but not limited to software source code, documentation
|
||||||
|
source, and configuration files.
|
||||||
|
|
||||||
|
"Object" form shall mean any form resulting from mechanical
|
||||||
|
transformation or translation of a Source form, including but
|
||||||
|
not limited to compiled object code, generated documentation,
|
||||||
|
and conversions to other media types.
|
||||||
|
|
||||||
|
"Work" shall mean the work of authorship, whether in Source or
|
||||||
|
Object form, made available under the License, as indicated by a
|
||||||
|
copyright notice that is included in or attached to the work
|
||||||
|
(an example is provided in the Appendix below).
|
||||||
|
|
||||||
|
"Derivative Works" shall mean any work, whether in Source or Object
|
||||||
|
form, that is based on (or derived from) the Work and for which the
|
||||||
|
editorial revisions, annotations, elaborations, or other modifications
|
||||||
|
represent, as a whole, an original work of authorship. For the purposes
|
||||||
|
of this License, Derivative Works shall not include works that remain
|
||||||
|
separable from, or merely link (or bind by name) to the interfaces of,
|
||||||
|
the Work and Derivative Works thereof.
|
||||||
|
|
||||||
|
"Contribution" shall mean any work of authorship, including
|
||||||
|
the original version of the Work and any modifications or additions
|
||||||
|
to that Work or Derivative Works thereof, that is intentionally
|
||||||
|
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||||
|
or by an individual or Legal Entity authorized to submit on behalf of
|
||||||
|
the copyright owner. For the purposes of this definition, "submitted"
|
||||||
|
means any form of electronic, verbal, or written communication sent
|
||||||
|
to the Licensor or its representatives, including but not limited to
|
||||||
|
communication on electronic mailing lists, source code control systems,
|
||||||
|
and issue tracking systems that are managed by, or on behalf of, the
|
||||||
|
Licensor for the purpose of discussing and improving the Work, but
|
||||||
|
excluding communication that is conspicuously marked or otherwise
|
||||||
|
designated in writing by the copyright owner as "Not a Contribution."
|
||||||
|
|
||||||
|
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||||
|
on behalf of whom a Contribution has been received by Licensor and
|
||||||
|
subsequently incorporated within the Work.
|
||||||
|
|
||||||
|
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||||
|
this License, each Contributor hereby grants to You a perpetual,
|
||||||
|
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||||
|
copyright license to reproduce, prepare Derivative Works of,
|
||||||
|
publicly display, publicly perform, sublicense, and distribute the
|
||||||
|
Work and such Derivative Works in Source or Object form.
|
||||||
|
|
||||||
|
3. Grant of Patent License. Subject to the terms and conditions of
|
||||||
|
this License, each Contributor hereby grants to You a perpetual,
|
||||||
|
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||||
|
(except as stated in this section) patent license to make, have made,
|
||||||
|
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||||
|
where such license applies only to those patent claims licensable
|
||||||
|
by such Contributor that are necessarily infringed by their
|
||||||
|
Contribution(s) alone or by combination of their Contribution(s)
|
||||||
|
with the Work to which such Contribution(s) was submitted. If You
|
||||||
|
institute patent litigation against any entity (including a
|
||||||
|
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||||
|
or a Contribution incorporated within the Work constitutes direct
|
||||||
|
or contributory patent infringement, then any patent licenses
|
||||||
|
granted to You under this License for that Work shall terminate
|
||||||
|
as of the date such litigation is filed.
|
||||||
|
|
||||||
|
4. Redistribution. You may reproduce and distribute copies of the
|
||||||
|
Work or Derivative Works thereof in any medium, with or without
|
||||||
|
modifications, and in Source or Object form, provided that You
|
||||||
|
meet the following conditions:
|
||||||
|
|
||||||
|
(a) You must give any other recipients of the Work or
|
||||||
|
Derivative Works a copy of this License; and
|
||||||
|
|
||||||
|
(b) You must cause any modified files to carry prominent notices
|
||||||
|
stating that You changed the files; and
|
||||||
|
|
||||||
|
(c) You must retain, in the Source form of any Derivative Works
|
||||||
|
that You distribute, all copyright, patent, trademark, and
|
||||||
|
attribution notices from the Source form of the Work,
|
||||||
|
excluding those notices that do not pertain to any part of
|
||||||
|
the Derivative Works; and
|
||||||
|
|
||||||
|
(d) If the Work includes a "NOTICE" text file as part of its
|
||||||
|
distribution, then any Derivative Works that You distribute must
|
||||||
|
include a readable copy of the attribution notices contained
|
||||||
|
within such NOTICE file, excluding those notices that do not
|
||||||
|
pertain to any part of the Derivative Works, in at least one
|
||||||
|
of the following places: within a NOTICE text file distributed
|
||||||
|
as part of the Derivative Works; within the Source form or
|
||||||
|
documentation, if provided along with the Derivative Works; or,
|
||||||
|
within a display generated by the Derivative Works, if and
|
||||||
|
wherever such third-party notices normally appear. The contents
|
||||||
|
of the NOTICE file are for informational purposes only and
|
||||||
|
do not modify the License. You may add Your own attribution
|
||||||
|
notices within Derivative Works that You distribute, alongside
|
||||||
|
or as an addendum to the NOTICE text from the Work, provided
|
||||||
|
that such additional attribution notices cannot be construed
|
||||||
|
as modifying the License.
|
||||||
|
|
||||||
|
You may add Your own copyright statement to Your modifications and
|
||||||
|
may provide additional or different license terms and conditions
|
||||||
|
for use, reproduction, or distribution of Your modifications, or
|
||||||
|
for any such Derivative Works as a whole, provided Your use,
|
||||||
|
reproduction, and distribution of the Work otherwise complies with
|
||||||
|
the conditions stated in this License.
|
||||||
|
|
||||||
|
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||||
|
any Contribution intentionally submitted for inclusion in the Work
|
||||||
|
by You to the Licensor shall be under the terms and conditions of
|
||||||
|
this License, without any additional terms or conditions.
|
||||||
|
Notwithstanding the above, nothing herein shall supersede or modify
|
||||||
|
the terms of any separate license agreement you may have executed
|
||||||
|
with Licensor regarding such Contributions.
|
||||||
|
|
||||||
|
6. Trademarks. This License does not grant permission to use the trade
|
||||||
|
names, trademarks, service marks, or product names of the Licensor,
|
||||||
|
except as required for reasonable and customary use in describing the
|
||||||
|
origin of the Work and reproducing the content of the NOTICE file.
|
||||||
|
|
||||||
|
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||||
|
agreed to in writing, Licensor provides the Work (and each
|
||||||
|
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||||
|
implied, including, without limitation, any warranties or conditions
|
||||||
|
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||||
|
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||||
|
appropriateness of using or redistributing the Work and assume any
|
||||||
|
risks associated with Your exercise of permissions under this License.
|
||||||
|
|
||||||
|
8. Limitation of Liability. In no event and under no legal theory,
|
||||||
|
whether in tort (including negligence), contract, or otherwise,
|
||||||
|
unless required by applicable law (such as deliberate and grossly
|
||||||
|
negligent acts) or agreed to in writing, shall any Contributor be
|
||||||
|
liable to You for damages, including any direct, indirect, special,
|
||||||
|
incidental, or consequential damages of any character arising as a
|
||||||
|
result of this License or out of the use or inability to use the
|
||||||
|
Work (including but not limited to damages for loss of goodwill,
|
||||||
|
work stoppage, computer failure or malfunction, or any and all
|
||||||
|
other commercial damages or losses), even if such Contributor
|
||||||
|
has been advised of the possibility of such damages.
|
||||||
|
|
||||||
|
9. Accepting Warranty or Additional Liability. While redistributing
|
||||||
|
the Work or Derivative Works thereof, You may choose to offer,
|
||||||
|
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||||
|
or other liability obligations and/or rights consistent with this
|
||||||
|
License. However, in accepting such obligations, You may act only
|
||||||
|
on Your own behalf and on Your sole responsibility, not on behalf
|
||||||
|
of any other Contributor, and only if You agree to indemnify,
|
||||||
|
defend, and hold each Contributor harmless for any liability
|
||||||
|
incurred by, or claims asserted against, such Contributor by reason
|
||||||
|
of your accepting any such warranty or additional liability.
|
||||||
|
|
||||||
|
END OF TERMS AND CONDITIONS
|
||||||
|
|
||||||
|
APPENDIX: How to apply the Apache License to your work.
|
||||||
|
|
||||||
|
To apply the Apache License to your work, attach the following
|
||||||
|
boilerplate notice, with the fields enclosed by brackets "{}"
|
||||||
|
replaced with your own identifying information. (Don't include
|
||||||
|
the brackets!) The text should be enclosed in the appropriate
|
||||||
|
comment syntax for the file format. We also recommend that a
|
||||||
|
file or class name and description of purpose be included on the
|
||||||
|
same "printed page" as the copyright notice for easier
|
||||||
|
identification within third-party archives.
|
||||||
|
|
||||||
|
Copyright {yyyy} {name of copyright owner}
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,11 @@
|
||||||
|
====================================
|
||||||
|
Tacker role for OpenStack-Ansible
|
||||||
|
====================================
|
||||||
|
|
||||||
|
Ansible role to install OpenStack Tacker.
|
||||||
|
|
||||||
|
Documentation for the project can be found at:
|
||||||
|
http://
|
||||||
|
|
||||||
|
The project home is at:
|
||||||
|
http://launchpad.net/openstack-ansible
|
|
@ -0,0 +1,158 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
|
||||||
|
## Verbosity Options
|
||||||
|
debug: False
|
||||||
|
verbose: True
|
||||||
|
|
||||||
|
# Set the package install state for distribution packages
|
||||||
|
# Options are 'present' and 'latest'
|
||||||
|
tacker_package_state: "latest"
|
||||||
|
|
||||||
|
tacker_git_repo: https://git.openstack.org/openstack/tacker
|
||||||
|
tacker_git_install_branch: master
|
||||||
|
tacker_requirements_git_repo: https://git.openstack.org/openstack/requirements
|
||||||
|
tacker_requirements_git_install_branch: master
|
||||||
|
tacker_developer_mode: false
|
||||||
|
tacker_developer_constraints:
|
||||||
|
- "git+{{ tacker_git_repo }}@{{ tacker_git_install_branch }}#egg=tacker"
|
||||||
|
|
||||||
|
#tacker_venv_enabled: true
|
||||||
|
|
||||||
|
# Name of the virtual env to deploy into
|
||||||
|
tacker_venv_tag: untagged
|
||||||
|
tacker_bin: "/openstack/venvs/tacker-{{ tacker_venv_tag }}/bin"
|
||||||
|
#tacker_venv_bin: "/openstack/venvs/tacker-{{ tacker_venv_tag }}/bin"
|
||||||
|
|
||||||
|
# Set the etc dir path where tacker is installed.
|
||||||
|
# This is used for role access to the db migrations.
|
||||||
|
# Example:
|
||||||
|
# tacker_etc_dir: "/usr/local/etc/tacker"
|
||||||
|
tacker_etc_dir: "{{ tacker_bin | dirname }}/etc/tacker"
|
||||||
|
|
||||||
|
tacker_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/tacker.tgz
|
||||||
|
|
||||||
|
|
||||||
|
## System info
|
||||||
|
tacker_system_user_name: tacker
|
||||||
|
tacker_system_group_name: tacker
|
||||||
|
tacker_system_shell: /bin/false
|
||||||
|
tacker_system_comment: tacker system user
|
||||||
|
tacker_system_user_home: "/var/lib/{{ tacker_system_user_name }}"
|
||||||
|
|
||||||
|
|
||||||
|
## RabbitMQ info
|
||||||
|
|
||||||
|
tacker_rabbitmq_userid: tacker
|
||||||
|
tacker_rabbitmq_vhost: /tacker
|
||||||
|
glance_rabbitmq_port: 5672
|
||||||
|
glance_rabbitmq_servers: 127.0.0.1
|
||||||
|
glance_rabbitmq_use_ssl: False
|
||||||
|
|
||||||
|
## DB info
|
||||||
|
tacker_galera_database: tacker
|
||||||
|
tacker_galera_user: tacker
|
||||||
|
|
||||||
|
tacker_role_name: admin
|
||||||
|
tacker_bind_address: 0.0.0.0
|
||||||
|
tacker_service_port: 8888
|
||||||
|
tacker_program_name: tacker-server
|
||||||
|
|
||||||
|
## Service Type and Data
|
||||||
|
tacker_service_region: RegionOne
|
||||||
|
tacker_service_name: tacker
|
||||||
|
tacker_service_proto: http
|
||||||
|
tacker_service_type: nfv-orchestration
|
||||||
|
tacker_service_description: "tacker service"
|
||||||
|
tacker_service_publicuri: "{{ tacker_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ tacker_service_port }}"
|
||||||
|
tacker_service_publicurl: "{{ tacker_service_publicuri }}"
|
||||||
|
tacker_service_internaluri: "{{ tacker_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ tacker_service_port }}"
|
||||||
|
tacker_service_internalurl: "{{ tacker_service_internaluri }}"
|
||||||
|
tacker_service_adminuri: "{{ tacker_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ tacker_service_port }}"
|
||||||
|
tacker_service_adminurl: "{{ tacker_service_adminuri }}"
|
||||||
|
tacker_service_registry_proto: "{{ tacker_service_proto }}"
|
||||||
|
tacker_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(tacker_service_proto) }}"
|
||||||
|
tacker_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(tacker_service_proto) }}"
|
||||||
|
tacker_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(tacker_service_proto) }}"
|
||||||
|
|
||||||
|
|
||||||
|
#NOTE: move password to tests/test-vars.yml
|
||||||
|
tacker_service_password: password
|
||||||
|
|
||||||
|
## Keystone
|
||||||
|
tacker_service_project_domain_id: default
|
||||||
|
tacker_service_project_name: service
|
||||||
|
tacker_service_user_domain_id: default
|
||||||
|
tacker_service_user_name: tacker
|
||||||
|
tacker_keystone_auth_plugin: password
|
||||||
|
|
||||||
|
tacker_service_in_ldap: false
|
||||||
|
|
||||||
|
# packages that must be installed before anything else
|
||||||
|
tacker_requires_pip_packages:
|
||||||
|
- virtualenv
|
||||||
|
- virtualenv-tools
|
||||||
|
- python-keystoneclient # Keystoneclient needed to OSA keystone lib
|
||||||
|
|
||||||
|
## Common pip packages
|
||||||
|
tacker_pip_packages:
|
||||||
|
- PyMySQL
|
||||||
|
- tacker
|
||||||
|
- mysql-python
|
||||||
|
|
||||||
|
|
||||||
|
#NOTE: these default should be updated approprietly
|
||||||
|
# tacker-horizon uses this
|
||||||
|
tackerclient_git_url: https://github.com/openstack/python-tackerclient.git
|
||||||
|
tacker_git_branch: "stable/liberty"
|
||||||
|
|
||||||
|
#tacker_git_dest: "{{ tacker_system_user_home }}/tacker"
|
||||||
|
|
||||||
|
# tacker horizon vars
|
||||||
|
tacker_horizon_venv: "/openstack/venvs/horizon-{{ openstack_release }}"
|
||||||
|
tacker_horizon_venv_bin: "{{ tacker_horizon_venv }}/bin"
|
||||||
|
tacker_horizon_enable_path: "{{ tacker_horizon_venv }}/lib/python2.7/site-packages/openstack_dashboard/enabled"
|
||||||
|
tacker_horizon_git: https://github.com/openstack/tacker-horizon.git
|
||||||
|
|
||||||
|
|
||||||
|
## Service Names
|
||||||
|
tacker_service_names:
|
||||||
|
- "tacker-server"
|
||||||
|
|
||||||
|
tacker_config_options: --config-file {{ tacker_etc_dir }}/tacker.conf
|
||||||
|
|
||||||
|
## tacker config
|
||||||
|
tacker_heat_stack_retires: 60
|
||||||
|
tacker_heat_stack_retry_wait: 5
|
||||||
|
|
||||||
|
# heat service paramter for tacker.conf
|
||||||
|
heat_service_adminurl: "{{ tacker_service_publicuri_proto }}://{{ external_lb_vip_address }}:8004/v1"
|
||||||
|
|
||||||
|
|
||||||
|
# This variable is used by the repo_build process to determine
|
||||||
|
# which host group to check for members of before building the
|
||||||
|
# pip packages required by this role. The value is picked up
|
||||||
|
# by the py_pkgs lookup.
|
||||||
|
tacker_role_project_group: tacker_all
|
||||||
|
|
||||||
|
## Tunable overrides
|
||||||
|
tacker_tacker_conf_overrides: {}
|
||||||
|
tacker_api_paste_ini_overrides: {}
|
||||||
|
tacker_policy_overrides: {}
|
||||||
|
tacker_rootwrap_overrides: {}
|
||||||
|
|
|
@ -0,0 +1,23 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
tacker_hosts:
|
||||||
|
aio1:
|
||||||
|
affinity:
|
||||||
|
tacker_container: 1
|
||||||
|
ip: 172.29.236.100
|
||||||
|
|
|
@ -0,0 +1,40 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
|
||||||
|
component_skel:
|
||||||
|
tacker_server:
|
||||||
|
belongs_to:
|
||||||
|
- tacker_all
|
||||||
|
|
||||||
|
container_skel:
|
||||||
|
tacker_container:
|
||||||
|
belongs_to:
|
||||||
|
- tacker_containers
|
||||||
|
contains:
|
||||||
|
- tacker_server
|
||||||
|
properties:
|
||||||
|
service_name: tacker
|
||||||
|
|
||||||
|
physical_skel:
|
||||||
|
tacker_containers:
|
||||||
|
belongs_to:
|
||||||
|
- all_containers
|
||||||
|
tacker_hosts:
|
||||||
|
belongs_to:
|
||||||
|
- hosts
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
- service:
|
||||||
|
haproxy_service_name: tacker_server
|
||||||
|
haproxy_backend_nodes: "{{ groups['tacker_server'] | default([]) }}"
|
||||||
|
haproxy_port: 8888
|
||||||
|
haproxy_balance_type: http
|
||||||
|
haproxy_backend_options:
|
||||||
|
- "forwardfor"
|
||||||
|
- "httpchk"
|
||||||
|
- "httplog"
|
|
@ -0,0 +1,101 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
|
||||||
|
- name: Install tacker server
|
||||||
|
hosts: tacker_server
|
||||||
|
#hosts: tacker_all
|
||||||
|
max_fail_percentage: 20
|
||||||
|
user: root
|
||||||
|
pre_tasks:
|
||||||
|
- name: Use the lxc-openstack aa profile
|
||||||
|
lxc_container:
|
||||||
|
name: "{{ container_name }}"
|
||||||
|
container_config:
|
||||||
|
- "lxc.aa_profile=lxc-openstack"
|
||||||
|
delegate_to: "{{ physical_host }}"
|
||||||
|
when: not is_metal | bool
|
||||||
|
register: container_config
|
||||||
|
tags:
|
||||||
|
- lxc-aa-profile
|
||||||
|
- name: Wait for container ssh
|
||||||
|
wait_for:
|
||||||
|
port: "22"
|
||||||
|
delay: "{{ ssh_delay }}"
|
||||||
|
search_regex: "OpenSSH"
|
||||||
|
host: "{{ ansible_ssh_host }}"
|
||||||
|
delegate_to: "{{ physical_host }}"
|
||||||
|
when: >
|
||||||
|
(container_config is defined and container_config | changed) or
|
||||||
|
(container_extra_config is defined and container_config | changed)
|
||||||
|
register: ssh_wait_check
|
||||||
|
until: ssh_wait_check | success
|
||||||
|
retries: 3
|
||||||
|
tags:
|
||||||
|
- ssh-wait
|
||||||
|
- name: Sort the rabbitmq servers
|
||||||
|
dist_sort:
|
||||||
|
value_to_lookup: "{{ container_name }}"
|
||||||
|
ref_list: "{{ groups['tacker_all'] }}"
|
||||||
|
src_list: "{{ rabbitmq_servers }}"
|
||||||
|
register: servers
|
||||||
|
- name: Set rabbitmq servers
|
||||||
|
set_fact:
|
||||||
|
rabbitmq_servers: "{{ servers.sorted_list }}"
|
||||||
|
- name: Create log dir
|
||||||
|
file:
|
||||||
|
path: "{{ item.path }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- { path: "/openstack/log/{{ inventory_hostname }}-tacker" }
|
||||||
|
when: is_metal | bool
|
||||||
|
tags:
|
||||||
|
- tacker-logs
|
||||||
|
- tacker-log-dirs
|
||||||
|
- name: Create log aggregation links
|
||||||
|
file:
|
||||||
|
src: "{{ item.src }}"
|
||||||
|
dest: "{{ item.dest }}"
|
||||||
|
state: "{{ item.state }}"
|
||||||
|
force: "yes"
|
||||||
|
with_items:
|
||||||
|
- { src: "/openstack/log/{{ inventory_hostname }}-tacker", dest: "/var/log/tacker", state: "link" }
|
||||||
|
when: is_metal | bool
|
||||||
|
tags:
|
||||||
|
- tacker-logs
|
||||||
|
roles:
|
||||||
|
- role: "os_tacker"
|
||||||
|
tacker_galera_address: "{{ galera_address }}"
|
||||||
|
tacker_venv_tag: "{{ openstack_release }}"
|
||||||
|
tacker_venv_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ ansible_distribution | lower }}/tacker-{{ openstack_release }}-{{ ansible_architecture | lower }}.tgz"
|
||||||
|
tags:
|
||||||
|
- "os-tacker"
|
||||||
|
- { role: "openstack_openrc", tags: [ "openstack-openrc" ] }
|
||||||
|
- role: "rsyslog_client"
|
||||||
|
rsyslog_client_log_rotate_file: tacker_log_rotate
|
||||||
|
rsyslog_client_log_dir: "/var/log/tacker"
|
||||||
|
rsyslog_client_config_name: "99-tacker-rsyslog-client.conf"
|
||||||
|
tags:
|
||||||
|
- "tacker-rsyslog-client"
|
||||||
|
- "rsyslog-client"
|
||||||
|
- role: "system_crontab_coordination"
|
||||||
|
tags:
|
||||||
|
- "system-crontab-coordination"
|
||||||
|
vars:
|
||||||
|
galera_address: "{{ internal_lb_vip_address }}"
|
||||||
|
ansible_hostname: "{{ container_name }}"
|
||||||
|
is_metal: "{{ properties.is_metal|default(false) }}"
|
|
@ -0,0 +1,6 @@
|
||||||
|
|
||||||
|
## Tacker Service
|
||||||
|
tacker_git_repo: https://git.openstack.org/openstack/tacker
|
||||||
|
tacker_git_install_branch: 3f4e899f79903a76ffc2562531012801afb6468e # HEAD of master as of 2016-09-16
|
||||||
|
tacker_git_dest: "/opt/tacker_{{ tacker_git_install_branch | replace('/', '_') }}"
|
||||||
|
tacker_git_project_group: tacker_all
|
|
@ -0,0 +1,3 @@
|
||||||
|
tacker_service_password:
|
||||||
|
tacker_container_mysql_password:
|
||||||
|
tacker_rabbitmq_password:
|
|
@ -0,0 +1,35 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
- name: Restart tacker services
|
||||||
|
service:
|
||||||
|
name: "{{ item }}"
|
||||||
|
state: restarted
|
||||||
|
pattern: "{{ item }}"
|
||||||
|
with_items: "{{ tacker_service_names }}"
|
||||||
|
failed_when: false
|
||||||
|
|
||||||
|
- name: Restart apache
|
||||||
|
service:
|
||||||
|
name: apache2
|
||||||
|
state: restarted
|
||||||
|
delegate_to: "{{ item }}"
|
||||||
|
with_items:
|
||||||
|
- "{{ groups['horizon_all'] }}"
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,44 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
|
||||||
|
galaxy_info:
|
||||||
|
author: jrametta
|
||||||
|
description: Tacker deployment with OpenStack Ansible
|
||||||
|
company: OpenStack
|
||||||
|
license: Apache2
|
||||||
|
|
||||||
|
min_ansible_version: 1.9
|
||||||
|
|
||||||
|
platforms:
|
||||||
|
- name: Ubuntu
|
||||||
|
versions:
|
||||||
|
- trusty
|
||||||
|
- xenial
|
||||||
|
galaxy_tags:
|
||||||
|
- cloud
|
||||||
|
- openstack
|
||||||
|
- tacker
|
||||||
|
- python
|
||||||
|
|
||||||
|
dependencies:
|
||||||
|
- pip_install
|
||||||
|
- role: apt_package_pinning
|
||||||
|
when:
|
||||||
|
- ansible_pkg_mgr == 'apt'
|
||||||
|
- galera_client
|
||||||
|
- openstack_openrc
|
|
@ -0,0 +1,87 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
|
||||||
|
- name: Gather variables for each operating system
|
||||||
|
include_vars: "{{ item }}"
|
||||||
|
with_first_found:
|
||||||
|
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
|
||||||
|
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
|
||||||
|
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
|
||||||
|
- "{{ ansible_distribution | lower }}.yml"
|
||||||
|
- "{{ ansible_os_family | lower }}.yml"
|
||||||
|
tags:
|
||||||
|
- always
|
||||||
|
|
||||||
|
- name: Check init system
|
||||||
|
command: cat /proc/1/comm
|
||||||
|
register: _pid1_name
|
||||||
|
tags:
|
||||||
|
- always
|
||||||
|
|
||||||
|
- name: Set the name of pid1
|
||||||
|
set_fact:
|
||||||
|
pid1_name: "{{ _pid1_name.stdout }}"
|
||||||
|
tags:
|
||||||
|
- always
|
||||||
|
|
||||||
|
- include: tacker_pre_install.yml
|
||||||
|
tags:
|
||||||
|
- tacker-install
|
||||||
|
- include: tacker_install.yml
|
||||||
|
tags:
|
||||||
|
- tacker-install
|
||||||
|
|
||||||
|
- include: tacker_install.yml
|
||||||
|
tags:
|
||||||
|
- tacker-install
|
||||||
|
|
||||||
|
- include: tacker_post_install.yml
|
||||||
|
tags:
|
||||||
|
- tacker-install
|
||||||
|
- tacker-config
|
||||||
|
|
||||||
|
- include: tacker_init.yml
|
||||||
|
tags:
|
||||||
|
- tacker-install
|
||||||
|
|
||||||
|
#- include: tacker_init_common.yml
|
||||||
|
#tags:
|
||||||
|
#- tacker-install
|
||||||
|
|
||||||
|
- include: tacker_db_setup.yml
|
||||||
|
when: >
|
||||||
|
inventory_hostname == groups['tacker_all'][0]
|
||||||
|
tags:
|
||||||
|
- tacker-install
|
||||||
|
|
||||||
|
- include: tacker_service_setup.yml
|
||||||
|
when: >
|
||||||
|
inventory_hostname == groups['tacker_all'][0]
|
||||||
|
tags:
|
||||||
|
- tacker-install
|
||||||
|
|
||||||
|
#NOTE: comment for now
|
||||||
|
#- include: tacker_horizon.yml
|
||||||
|
#when: >
|
||||||
|
#inventory_hostname == groups['tacker_all'][0]
|
||||||
|
#tags:
|
||||||
|
#- tacker-install
|
||||||
|
#- tacker-horizon
|
||||||
|
|
||||||
|
- name: Flush handlers
|
||||||
|
meta: flush_handlers
|
|
@ -0,0 +1,51 @@
|
||||||
|
---
|
||||||
|
# Copyright 2014, Rackspace US, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
- name: Create DB for service
|
||||||
|
mysql_db:
|
||||||
|
login_user: "{{ galera_root_user }}"
|
||||||
|
login_password: "{{ galera_root_password }}"
|
||||||
|
login_host: "{{ tacker_galera_address }}"
|
||||||
|
name: "{{ tacker_galera_database }}"
|
||||||
|
state: "present"
|
||||||
|
tags:
|
||||||
|
- tacker-db-setup
|
||||||
|
|
||||||
|
- name: Grant access to the DB for the service
|
||||||
|
mysql_user:
|
||||||
|
login_user: "{{ galera_root_user }}"
|
||||||
|
login_password: "{{ galera_root_password }}"
|
||||||
|
login_host: "{{ tacker_galera_address }}"
|
||||||
|
name: "{{ tacker_galera_user }}"
|
||||||
|
password: "{{ tacker_container_mysql_password }}"
|
||||||
|
host: "{{ item }}"
|
||||||
|
state: "present"
|
||||||
|
priv: "{{ tacker_galera_database }}.*:ALL"
|
||||||
|
with_items:
|
||||||
|
- "localhost"
|
||||||
|
- "%"
|
||||||
|
tags:
|
||||||
|
- tacker-db-setup
|
||||||
|
|
||||||
|
- name: Perform a tacker DB sync
|
||||||
|
command: "{{ tacker_bin }}/tacker-db-manage
|
||||||
|
--config-file {{ tacker_etc_dir }}/tacker.conf upgrade head"
|
||||||
|
become: yes
|
||||||
|
become_user: "{{ tacker_system_user_name }}"
|
||||||
|
tags:
|
||||||
|
- tacker-db-sync
|
||||||
|
- tacker-setup
|
||||||
|
- tacker-command-bin
|
||||||
|
|
|
@ -0,0 +1,75 @@
|
||||||
|
---
|
||||||
|
# tacker horizon dashboard setup
|
||||||
|
|
||||||
|
# tacker horizon depends on tacker client
|
||||||
|
- name: Clone tacker client
|
||||||
|
git:
|
||||||
|
repo: "{{ tackerclient_git_url }}"
|
||||||
|
version: "{{ tacker_git_branch }}"
|
||||||
|
dest: /tmp/python-tackerclient
|
||||||
|
force: yes
|
||||||
|
register: tackerclient_git_clone
|
||||||
|
delegate_to: "{{ item }}"
|
||||||
|
with_items:
|
||||||
|
- "{{ groups['horizon_all'] }}"
|
||||||
|
until: tackerclient_git_clone|success
|
||||||
|
retries: 5
|
||||||
|
delay: 2
|
||||||
|
tags:
|
||||||
|
- tacker-horizon-install
|
||||||
|
|
||||||
|
- name: Install tacker client into venv
|
||||||
|
command: python setup.py install
|
||||||
|
args:
|
||||||
|
chdir: /tmp/python-tackerclient
|
||||||
|
creates: /usr/local/bin/tacker
|
||||||
|
delegate_to: "{{ item }}"
|
||||||
|
with_items:
|
||||||
|
- "{{ groups['horizon_all'] }}"
|
||||||
|
tags:
|
||||||
|
- tacker-horizon-install
|
||||||
|
|
||||||
|
- name: Clone tacker horizon source
|
||||||
|
git:
|
||||||
|
repo: "{{ tacker_horizon_git }}"
|
||||||
|
version: stable/liberty
|
||||||
|
dest: /tmp/python-tacker-horizon
|
||||||
|
force: yes
|
||||||
|
register: tackerhorizon_git_clone
|
||||||
|
delegate_to: "{{ item }}"
|
||||||
|
with_items:
|
||||||
|
- "{{ groups['horizon_all'] }}"
|
||||||
|
until: tackerhorizon_git_clone|success
|
||||||
|
retries: 5
|
||||||
|
delay: 2
|
||||||
|
tags:
|
||||||
|
- tacker-horizon-install
|
||||||
|
|
||||||
|
#NOTE: not sure if this is the right way to do this
|
||||||
|
|
||||||
|
- name: Install tacker horizon into venv
|
||||||
|
command: "{{ tacker_horizon_venv_bin }}/python setup.py install"
|
||||||
|
args:
|
||||||
|
chdir: /tmp/python-tacker-horizon
|
||||||
|
creates:
|
||||||
|
"{{ tacker_horizon_venv_bin }}/../lib/python2.7/site-packages/tacker_horizon"
|
||||||
|
delegate_to: "{{ item }}"
|
||||||
|
notify: Restart apache
|
||||||
|
with_items:
|
||||||
|
- "{{ groups['horizon_all'] }}"
|
||||||
|
tags:
|
||||||
|
- tacker-horizon-install
|
||||||
|
|
||||||
|
- name: Enable tacker in openstack dashboard
|
||||||
|
command: cp openstack_dashboard_extensions/_80_nfv.py {{ tacker_horizon_enable_path }}/_80_nfv.py
|
||||||
|
args:
|
||||||
|
chdir: /tmp/python-tacker-horizon
|
||||||
|
creates: "{{ tacker_horizon_enable_path }}/_80_nfv.py"
|
||||||
|
delegate_to: "{{ item }}"
|
||||||
|
notify: Restart apache
|
||||||
|
with_items:
|
||||||
|
- "{{ groups['horizon_all'] }}"
|
||||||
|
tags:
|
||||||
|
- tacker-horizon-install
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,26 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
- include: tacker_init_common.yml
|
||||||
|
vars:
|
||||||
|
program_name: "{{ tacker_program_name }}"
|
||||||
|
service_name: "{{ tacker_service_name }}"
|
||||||
|
system_user: "{{ tacker_system_user_name }}"
|
||||||
|
system_group: "{{ tacker_system_group_name }}"
|
||||||
|
service_home: "{{ tacker_system_user_home }}"
|
||||||
|
program_config_options: "{{ tacker_config_options }}"
|
||||||
|
|
|
@ -0,0 +1,31 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
- include: tacker_init_upstart.yml
|
||||||
|
when: pid1_name == "init"
|
||||||
|
|
||||||
|
- include: tacker_init_systemd.yml
|
||||||
|
when: pid1_name == "systemd"
|
||||||
|
|
||||||
|
- name: Load service
|
||||||
|
service:
|
||||||
|
name: "{{ program_name }}"
|
||||||
|
enabled: "yes"
|
||||||
|
notify:
|
||||||
|
- Restart tacker services
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,56 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
- name: Create TEMP run dir
|
||||||
|
file:
|
||||||
|
path: "/var/run/{{ program_name }}"
|
||||||
|
state: directory
|
||||||
|
owner: "{{ system_user }}"
|
||||||
|
group: "{{ system_group }}"
|
||||||
|
mode: "02755"
|
||||||
|
|
||||||
|
- name: Create TEMP lock dir
|
||||||
|
file:
|
||||||
|
path: "/var/lock/{{ program_name }}"
|
||||||
|
state: directory
|
||||||
|
owner: "{{ system_user }}"
|
||||||
|
group: "{{ system_group }}"
|
||||||
|
mode: "02755"
|
||||||
|
|
||||||
|
- name: Create tempfile.d entry
|
||||||
|
template:
|
||||||
|
src: "tacker-systemd-tempfiles.j2"
|
||||||
|
dest: "/etc/tmpfiles.d/tacker.conf"
|
||||||
|
mode: "0644"
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
|
||||||
|
- name: Place the systemd init script
|
||||||
|
template:
|
||||||
|
src: "tacker-systemd-init.j2"
|
||||||
|
dest: "/etc/systemd/system/{{ program_name }}.service"
|
||||||
|
mode: "0644"
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
register: systemd_init
|
||||||
|
|
||||||
|
- name: Reload the systemd daemon
|
||||||
|
command: "systemctl daemon-reload"
|
||||||
|
when: systemd_init | changed
|
||||||
|
notify:
|
||||||
|
- Restart tacker services
|
||||||
|
|
|
@ -0,0 +1,35 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
- name: Place the init script
|
||||||
|
template:
|
||||||
|
src: "tacker-upstart-init.j2"
|
||||||
|
dest: "/etc/init/{{ program_name }}.conf"
|
||||||
|
mode: "0644"
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
register: upstart_init
|
||||||
|
notify:
|
||||||
|
- Restart tacker services
|
||||||
|
|
||||||
|
- name: Reload init scripts
|
||||||
|
shell: |
|
||||||
|
initctl reload-configuration
|
||||||
|
when: upstart_init | changed
|
||||||
|
notify:
|
||||||
|
- Restart tacker services
|
||||||
|
|
|
@ -0,0 +1,146 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
- include: tacker_install_apt.yml
|
||||||
|
when:
|
||||||
|
- ansible_pkg_mgr == 'apt'
|
||||||
|
|
||||||
|
- name: Create developer mode constraint file
|
||||||
|
copy:
|
||||||
|
dest: "/opt/developer-pip-constraints.txt"
|
||||||
|
content: |
|
||||||
|
{% for item in tacker_developer_constraints %}
|
||||||
|
{{ item }}
|
||||||
|
{% endfor %}
|
||||||
|
when:
|
||||||
|
- tacker_developer_mode | bool
|
||||||
|
|
||||||
|
- name: Clone requirements git repository
|
||||||
|
git:
|
||||||
|
repo: "{{ tacker_requirements_git_repo }}"
|
||||||
|
dest: "/opt/requirements"
|
||||||
|
clone: yes
|
||||||
|
update: yes
|
||||||
|
version: "{{ tacker_requirements_git_install_branch }}"
|
||||||
|
when:
|
||||||
|
- tacker_developer_mode | bool
|
||||||
|
|
||||||
|
- name: Add constraints to pip_install_options fact for developer mode
|
||||||
|
set_fact:
|
||||||
|
pip_install_options_fact: "{{ pip_install_options|default('') }} --constraint /opt/developer-pip-constraints.txt --constraint /opt/requirements/upper-constraints.txt"
|
||||||
|
when:
|
||||||
|
- tacker_developer_mode | bool
|
||||||
|
|
||||||
|
- name: Set pip_install_options_fact when not in developer mode
|
||||||
|
set_fact:
|
||||||
|
pip_install_options_fact: "{{ pip_install_options|default('') }}"
|
||||||
|
when:
|
||||||
|
- not tacker_developer_mode | bool
|
||||||
|
|
||||||
|
- name: Install requires pip packages
|
||||||
|
pip:
|
||||||
|
name: "{{ tacker_requires_pip_packages | join(' ') }}"
|
||||||
|
state: latest
|
||||||
|
extra_args: "{{ pip_install_options_fact }}"
|
||||||
|
register: install_packages
|
||||||
|
until: install_packages|success
|
||||||
|
retries: 5
|
||||||
|
delay: 2
|
||||||
|
|
||||||
|
- name: Get local venv checksum
|
||||||
|
stat:
|
||||||
|
path: "/var/cache/{{ tacker_venv_download_url | basename }}"
|
||||||
|
get_md5: False
|
||||||
|
when:
|
||||||
|
- not tacker_developer_mode | bool
|
||||||
|
register: local_venv_stat
|
||||||
|
|
||||||
|
#- name: Get remote venv checksum
|
||||||
|
#uri:
|
||||||
|
#url: "{{ tacker_venv_download_url | replace('tgz', 'checksum') }}"
|
||||||
|
#return_content: True
|
||||||
|
#when:
|
||||||
|
#- not tacker_developer_mode | bool
|
||||||
|
#register: remote_venv_checksum
|
||||||
|
|
||||||
|
# TODO: When project moves to ansible 2 we can pass this a sha256sum which will:
|
||||||
|
# a) allow us to remove force: yes
|
||||||
|
# b) allow the module to calculate the checksum of dest file which would
|
||||||
|
# result in file being downloaded only if provided and dest sha256sum
|
||||||
|
# checksums differ
|
||||||
|
- name: Attempt venv download
|
||||||
|
get_url:
|
||||||
|
url: "{{ tacker_venv_download_url }}"
|
||||||
|
dest: "/var/cache/{{ tacker_venv_download_url | basename }}"
|
||||||
|
force: yes
|
||||||
|
ignore_errors: true
|
||||||
|
register: get_venv
|
||||||
|
when:
|
||||||
|
- not tacker_developer_mode | bool
|
||||||
|
- (local_venv_stat.stat.exists == False or
|
||||||
|
{{ local_venv_stat.stat.checksum is defined and local_venv_stat.stat.checksum != remote_venv_checksum.content | trim }})
|
||||||
|
|
||||||
|
- name: Set tacker get_venv fact
|
||||||
|
set_fact:
|
||||||
|
tacker_get_venv: "{{ get_venv }}"
|
||||||
|
|
||||||
|
- name: Remove existing venv
|
||||||
|
file:
|
||||||
|
path: "{{ tacker_bin | dirname }}"
|
||||||
|
state: absent
|
||||||
|
when:
|
||||||
|
- tacker_get_venv | changed
|
||||||
|
|
||||||
|
- name: Create tacker venv dir
|
||||||
|
file:
|
||||||
|
path: "{{ tacker_bin | dirname }}"
|
||||||
|
state: directory
|
||||||
|
register: tacker_venv_dir
|
||||||
|
|
||||||
|
- name: Unarchive pre-built venv
|
||||||
|
unarchive:
|
||||||
|
src: "/var/cache/{{ tacker_venv_download_url | basename }}"
|
||||||
|
dest: "{{ tacker_bin | dirname }}"
|
||||||
|
copy: "no"
|
||||||
|
when:
|
||||||
|
- not tacker_developer_mode | bool
|
||||||
|
- tacker_get_venv | changed or tacker_venv_dir | changed
|
||||||
|
notify:
|
||||||
|
- Restart tacker services
|
||||||
|
|
||||||
|
- name: Install pip packages
|
||||||
|
pip:
|
||||||
|
name: "{{ tacker_pip_packages | join(' ') }}"
|
||||||
|
state: latest
|
||||||
|
virtualenv: "{{ tacker_bin | dirname }}"
|
||||||
|
virtualenv_site_packages: "no"
|
||||||
|
extra_args: "{{ pip_install_options_fact }}"
|
||||||
|
register: install_packages
|
||||||
|
until: install_packages|success
|
||||||
|
retries: 5
|
||||||
|
delay: 2
|
||||||
|
when:
|
||||||
|
- tacker_get_venv | failed or tacker_developer_mode | bool
|
||||||
|
notify:
|
||||||
|
- Restart tacker services
|
||||||
|
|
||||||
|
- name: Update virtualenv path
|
||||||
|
command: >
|
||||||
|
virtualenv-tools --update-path=auto {{ tacker_bin | dirname }}
|
||||||
|
when:
|
||||||
|
- not tacker_developer_mode | bool
|
||||||
|
- tacker_get_venv | success
|
|
@ -0,0 +1,40 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
#TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache
|
||||||
|
#when https://github.com/ansible/ansible-modules-core/pull/1517 is merged
|
||||||
|
#in 1.9.x or we move to 2.0 (if tested working)
|
||||||
|
|
||||||
|
- name: Check apt last update file
|
||||||
|
stat:
|
||||||
|
path: /var/cache/apt
|
||||||
|
register: apt_cache_stat
|
||||||
|
|
||||||
|
- name: Update apt if needed
|
||||||
|
apt:
|
||||||
|
update_cache: yes
|
||||||
|
when: "ansible_date_time.epoch|float - apt_cache_stat.stat.mtime > {{cache_timeout}}"
|
||||||
|
|
||||||
|
- name: Install apt packages
|
||||||
|
apt:
|
||||||
|
pkg: "{{ item }}"
|
||||||
|
state: "{{ tacker_package_state }}"
|
||||||
|
register: install_packages
|
||||||
|
until: install_packages|success
|
||||||
|
retries: 5
|
||||||
|
delay: 2
|
||||||
|
with_items: "{{ tacker_distro_packages }}"
|
|
@ -0,0 +1,27 @@
|
||||||
|
---
|
||||||
|
# tacker messaging setup
|
||||||
|
|
||||||
|
|
||||||
|
- name: Ensure Rabbitmq vhost
|
||||||
|
rabbitmq_vhost:
|
||||||
|
name: "{{ tacker_rabbitmq_vhost }}"
|
||||||
|
state: "present"
|
||||||
|
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
||||||
|
tags:
|
||||||
|
- tacker-rabbitmq
|
||||||
|
- tacker-rabbitmq-vhost
|
||||||
|
|
||||||
|
- name: Ensure rabbitmq user
|
||||||
|
rabbitmq_user:
|
||||||
|
user: "{{ tacker_rabbitmq_userid }}"
|
||||||
|
password: "{{ tacker_rabbitmq_password }}"
|
||||||
|
vhost: "{{ tacker_rabbitmq_vhost }}"
|
||||||
|
configure_priv: ".*"
|
||||||
|
read_priv: ".*"
|
||||||
|
write_priv: ".*"
|
||||||
|
state: "present"
|
||||||
|
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
||||||
|
tags:
|
||||||
|
- tacker-rabbitmq
|
||||||
|
- tacker-rabbitmq-user
|
||||||
|
|
|
@ -0,0 +1,62 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
#- name: Get tacker command path
|
||||||
|
#command: which {{ tacker_program_name }}
|
||||||
|
#register: tacker_command_path
|
||||||
|
#when:
|
||||||
|
#- not tacker_venv_enabled | bool
|
||||||
|
#tags:
|
||||||
|
#- tacker-command-bin
|
||||||
|
|
||||||
|
#- name: Set tacker command path
|
||||||
|
#set_fact:
|
||||||
|
#tacker_bin: "{{ tacker_command_path.stdout | dirname }}"
|
||||||
|
#when:
|
||||||
|
#- not tacker_venv_enabled | bool
|
||||||
|
#tags:
|
||||||
|
#- tacker-command-bin
|
||||||
|
|
||||||
|
- name: Drop tacker Config(s)
|
||||||
|
config_template:
|
||||||
|
src: "{{ item.src }}"
|
||||||
|
dest: "{{ item.dest }}"
|
||||||
|
owner: "{{ tacker_system_user_name }}"
|
||||||
|
group: "{{ tacker_system_group_name }}"
|
||||||
|
mode: "0644"
|
||||||
|
config_overrides: "{{ item.config_overrides }}"
|
||||||
|
config_type: "{{ item.config_type }}"
|
||||||
|
with_items:
|
||||||
|
- src: "etc/tacker/tacker.conf.j2"
|
||||||
|
dest: "{{ tacker_etc_dir }}/tacker.conf"
|
||||||
|
config_overrides: "{{ tacker_tacker_conf_overrides }}"
|
||||||
|
config_type: "ini"
|
||||||
|
- src: "etc/tacker/api-paste.ini.j2"
|
||||||
|
dest: "{{ tacker_etc_dir }}/api-paste.ini"
|
||||||
|
config_overrides: "{{ tacker_api_paste_ini_overrides }}"
|
||||||
|
config_type: "ini"
|
||||||
|
- src: "etc/tacker/rootwrap.conf.j2"
|
||||||
|
dest: "{{ tacker_etc_dir}}/rootwrap.conf"
|
||||||
|
config_overrides: "{{ tacker_rootwrap_overrides }}"
|
||||||
|
config_type: "ini"
|
||||||
|
- src: "etc/tacker/policy.json.j2"
|
||||||
|
dest: "{{ tacker_etc_dir }}/policy.json"
|
||||||
|
config_overrides: "{{ tacker_policy_overrides }}"
|
||||||
|
config_type: "json"
|
||||||
|
notify:
|
||||||
|
- Restart tacker services
|
||||||
|
|
|
@ -0,0 +1,80 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
- name: create the system group
|
||||||
|
group:
|
||||||
|
name: "{{ tacker_system_group_name }}"
|
||||||
|
state: "present"
|
||||||
|
system: "yes"
|
||||||
|
|
||||||
|
- name: Create the tacker system user
|
||||||
|
user:
|
||||||
|
name: "{{ tacker_system_user_name }}"
|
||||||
|
group: "{{ tacker_system_group_name }}"
|
||||||
|
comment: "{{ tacker_system_comment }}"
|
||||||
|
shell: "{{ tacker_system_shell }}"
|
||||||
|
system: "yes"
|
||||||
|
createhome: "yes"
|
||||||
|
home: "{{ tacker_system_user_home }}"
|
||||||
|
|
||||||
|
- name: Create tacker directories
|
||||||
|
file:
|
||||||
|
path: "{{ item.path }}"
|
||||||
|
state: directory
|
||||||
|
owner: "{{ item.owner|default(tacker_system_user_name) }}"
|
||||||
|
group: "{{ item.group|default(tacker_system_group_name) }}"
|
||||||
|
mode: "{{ item.mode|default('0755') }}"
|
||||||
|
with_items:
|
||||||
|
- { path: "/openstack", mode: "0755", owner: "root", group: "root" }
|
||||||
|
- { path: "/etc/tacker" }
|
||||||
|
- { path: "/var/cache/tacker" }
|
||||||
|
- { path: "{{ tacker_system_user_home }}" }
|
||||||
|
|
||||||
|
#- name: Create tacker venv dir
|
||||||
|
#file:
|
||||||
|
#path: "{{ item.path }}"
|
||||||
|
#state: directory
|
||||||
|
#with_items:
|
||||||
|
#- { path: "/openstack/venvs" }
|
||||||
|
#- { path: "{{ tacker_venv_bin }}" }
|
||||||
|
#when: tacker_venv_enabled | bool
|
||||||
|
#tags:
|
||||||
|
#- tacker-dirs
|
||||||
|
|
||||||
|
- name: Test for log directory or link
|
||||||
|
shell: |
|
||||||
|
if [ -h "/var/log/tacker" ]; then
|
||||||
|
chown -h {{ tacker_system_user_name }}:{{ tacker_system_group_name }} "/var/log/tacker"
|
||||||
|
chown -R {{ tacker_system_user_name }}:{{ tacker_system_group_name }} "$(readlink /var/log/tacker)"
|
||||||
|
else
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
register: log_dir
|
||||||
|
failed_when: false
|
||||||
|
changed_when: log_dir.rc != 0
|
||||||
|
|
||||||
|
- name: Create tacker log dir
|
||||||
|
file:
|
||||||
|
path: "{{ item.path }}"
|
||||||
|
state: directory
|
||||||
|
owner: "{{ item.owner|default(tacker_system_user_name) }}"
|
||||||
|
group: "{{ item.group|default(tacker_system_group_name) }}"
|
||||||
|
mode: "{{ item.mode|default('0755') }}"
|
||||||
|
with_items:
|
||||||
|
- { path: "/var/log/tacker" }
|
||||||
|
when: log_dir.rc != 0
|
||||||
|
|
|
@ -0,0 +1,93 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
# Create a service
|
||||||
|
- name: Ensure tacker service
|
||||||
|
keystone:
|
||||||
|
command: "ensure_service"
|
||||||
|
endpoint: "{{ keystone_service_adminurl }}"
|
||||||
|
login_user: "{{ keystone_admin_user_name }}"
|
||||||
|
login_password: "{{ keystone_auth_admin_password }}"
|
||||||
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||||
|
service_name: "{{ tacker_service_name }}"
|
||||||
|
service_type: "{{ tacker_service_type }}"
|
||||||
|
description: "{{ tacker_service_description }}"
|
||||||
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||||
|
register: add_service
|
||||||
|
until: add_service|success
|
||||||
|
retries: 5
|
||||||
|
delay: 2
|
||||||
|
|
||||||
|
# Create an admin user
|
||||||
|
- name: Ensure tacker user
|
||||||
|
keystone:
|
||||||
|
command: "ensure_user"
|
||||||
|
endpoint: "{{ keystone_service_adminurl }}"
|
||||||
|
login_user: "{{ keystone_admin_user_name }}"
|
||||||
|
login_password: "{{ keystone_auth_admin_password }}"
|
||||||
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||||
|
user_name: "{{ tacker_service_user_name }}"
|
||||||
|
tenant_name: "{{ tacker_service_project_name }}"
|
||||||
|
password: "{{ tacker_service_password }}"
|
||||||
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||||
|
register: add_service
|
||||||
|
when: not tacker_service_in_ldap | bool
|
||||||
|
until: add_service|success
|
||||||
|
retries: 5
|
||||||
|
delay: 10
|
||||||
|
|
||||||
|
# Add a role to the user
|
||||||
|
- name: Ensure tacker user to admin role
|
||||||
|
keystone:
|
||||||
|
command: "ensure_user_role"
|
||||||
|
endpoint: "{{ keystone_service_adminurl }}"
|
||||||
|
login_user: "{{ keystone_admin_user_name }}"
|
||||||
|
login_password: "{{ keystone_auth_admin_password }}"
|
||||||
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||||
|
user_name: "{{ tacker_service_user_name }}"
|
||||||
|
tenant_name: "{{ tacker_service_project_name }}"
|
||||||
|
role_name: "{{ tacker_role_name }}"
|
||||||
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||||
|
register: add_service
|
||||||
|
when: not tacker_service_in_ldap | bool
|
||||||
|
until: add_service|success
|
||||||
|
retries: 5
|
||||||
|
delay: 10
|
||||||
|
|
||||||
|
# Create an endpoint
|
||||||
|
- name: Ensure tacker endpoint
|
||||||
|
keystone:
|
||||||
|
command: "ensure_endpoint"
|
||||||
|
endpoint: "{{ keystone_service_adminurl }}"
|
||||||
|
login_user: "{{ keystone_admin_user_name }}"
|
||||||
|
login_password: "{{ keystone_auth_admin_password }}"
|
||||||
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||||
|
region_name: "{{ tacker_service_region }}"
|
||||||
|
service_name: "{{ tacker_service_name }}"
|
||||||
|
service_type: "{{ tacker_service_type }}"
|
||||||
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||||
|
endpoint_list:
|
||||||
|
- url: "{{ tacker_service_publicurl }}"
|
||||||
|
interface: "public"
|
||||||
|
- url: "{{ tacker_service_internalurl }}"
|
||||||
|
interface: "internal"
|
||||||
|
- url: "{{ tacker_service_adminurl }}"
|
||||||
|
interface: "admin"
|
||||||
|
register: add_service
|
||||||
|
until: add_service|success
|
||||||
|
retries: 5
|
||||||
|
delay: 10
|
|
@ -0,0 +1,30 @@
|
||||||
|
[composite:tacker]
|
||||||
|
use = egg:Paste#urlmap
|
||||||
|
/: tackerversions
|
||||||
|
/v1.0: tackerapi_v1_0
|
||||||
|
|
||||||
|
[composite:tackerapi_v1_0]
|
||||||
|
use = call:tacker.auth:pipeline_factory
|
||||||
|
noauth = request_id catch_errors extensions tackerapiapp_v1_0
|
||||||
|
keystone = request_id catch_errors authtoken keystonecontext extensions tackerapiapp_v1_0
|
||||||
|
|
||||||
|
[filter:request_id]
|
||||||
|
paste.filter_factory = oslo_middleware:RequestId.factory
|
||||||
|
|
||||||
|
[filter:catch_errors]
|
||||||
|
paste.filter_factory = oslo_middleware:CatchErrors.factory
|
||||||
|
|
||||||
|
[filter:keystonecontext]
|
||||||
|
paste.filter_factory = tacker.auth:TackerKeystoneContext.factory
|
||||||
|
|
||||||
|
[filter:authtoken]
|
||||||
|
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||||
|
|
||||||
|
[filter:extensions]
|
||||||
|
paste.filter_factory = tacker.api.extensions:extension_middleware_factory
|
||||||
|
|
||||||
|
[app:tackerversions]
|
||||||
|
paste.app_factory = tacker.api.versions:Versions.factory
|
||||||
|
|
||||||
|
[app:tackerapiapp_v1_0]
|
||||||
|
paste.app_factory = tacker.api.v1.router:APIRouter.factory
|
|
@ -0,0 +1,30 @@
|
||||||
|
[composite:tacker]
|
||||||
|
use = egg:Paste#urlmap
|
||||||
|
/: tackerversions
|
||||||
|
/v1.0: tackerapi_v1_0
|
||||||
|
|
||||||
|
[composite:tackerapi_v1_0]
|
||||||
|
use = call:tacker.auth:pipeline_factory
|
||||||
|
noauth = request_id catch_errors extensions tackerapiapp_v1_0
|
||||||
|
keystone = request_id catch_errors authtoken keystonecontext extensions tackerapiapp_v1_0
|
||||||
|
|
||||||
|
[filter:request_id]
|
||||||
|
paste.filter_factory = oslo.middleware:RequestId.factory
|
||||||
|
|
||||||
|
[filter:catch_errors]
|
||||||
|
paste.filter_factory = oslo.middleware:CatchErrors.factory
|
||||||
|
|
||||||
|
[filter:keystonecontext]
|
||||||
|
paste.filter_factory = tacker.auth:TackerKeystoneContext.factory
|
||||||
|
|
||||||
|
[filter:authtoken]
|
||||||
|
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||||
|
|
||||||
|
[filter:extensions]
|
||||||
|
paste.filter_factory = tacker.api.extensions:extension_middleware_factory
|
||||||
|
|
||||||
|
[app:tackerversions]
|
||||||
|
paste.app_factory = tacker.api.versions:Versions.factory
|
||||||
|
|
||||||
|
[app:tackerapiapp_v1_0]
|
||||||
|
paste.app_factory = tacker.api.v1.router:APIRouter.factory
|
|
@ -0,0 +1,10 @@
|
||||||
|
{
|
||||||
|
"context_is_admin": "role:admin",
|
||||||
|
"admin_or_owner": "rule:context_is_admin or tenant_id:%(tenant_id)s",
|
||||||
|
"admin_only": "rule:context_is_admin",
|
||||||
|
"regular_user": "",
|
||||||
|
"shared": "field:vims:shared=True",
|
||||||
|
"default": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"get_vim": "rule:admin_or_owner or rule:shared"
|
||||||
|
}
|
|
@ -0,0 +1,136 @@
|
||||||
|
{
|
||||||
|
"context_is_admin": "role:admin",
|
||||||
|
"admin_or_owner": "rule:context_is_admin or tenant_id:%(tenant_id)s",
|
||||||
|
"admin_or_network_owner": "rule:context_is_admin or tenant_id:%(network:tenant_id)s",
|
||||||
|
"admin_only": "rule:context_is_admin",
|
||||||
|
"regular_user": "",
|
||||||
|
"shared": "field:networks:shared=True",
|
||||||
|
"shared_firewalls": "field:firewalls:shared=True",
|
||||||
|
"external": "field:networks:router:external=True",
|
||||||
|
"default": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"subnets:private:read": "rule:admin_or_owner",
|
||||||
|
"subnets:private:write": "rule:admin_or_owner",
|
||||||
|
"subnets:shared:read": "rule:regular_user",
|
||||||
|
"subnets:shared:write": "rule:admin_only",
|
||||||
|
|
||||||
|
"create_subnet": "rule:admin_or_network_owner",
|
||||||
|
"get_subnet": "rule:admin_or_owner or rule:shared",
|
||||||
|
"update_subnet": "rule:admin_or_network_owner",
|
||||||
|
"delete_subnet": "rule:admin_or_network_owner",
|
||||||
|
|
||||||
|
"create_network": "",
|
||||||
|
"get_network": "rule:admin_or_owner or rule:shared or rule:external",
|
||||||
|
"get_network:router:external": "rule:regular_user",
|
||||||
|
"get_network:segments": "rule:admin_only",
|
||||||
|
"get_network:provider:network_type": "rule:admin_only",
|
||||||
|
"get_network:provider:physical_network": "rule:admin_only",
|
||||||
|
"get_network:provider:segmentation_id": "rule:admin_only",
|
||||||
|
"get_network:queue_id": "rule:admin_only",
|
||||||
|
"create_network:shared": "rule:admin_only",
|
||||||
|
"create_network:router:external": "rule:admin_only",
|
||||||
|
"create_network:segments": "rule:admin_only",
|
||||||
|
"create_network:provider:network_type": "rule:admin_only",
|
||||||
|
"create_network:provider:physical_network": "rule:admin_only",
|
||||||
|
"create_network:provider:segmentation_id": "rule:admin_only",
|
||||||
|
"update_network": "rule:admin_or_owner",
|
||||||
|
"update_network:segments": "rule:admin_only",
|
||||||
|
"update_network:shared": "rule:admin_only",
|
||||||
|
"update_network:provider:network_type": "rule:admin_only",
|
||||||
|
"update_network:provider:physical_network": "rule:admin_only",
|
||||||
|
"update_network:provider:segmentation_id": "rule:admin_only",
|
||||||
|
"delete_network": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"create_port": "",
|
||||||
|
"create_port:mac_address": "rule:admin_or_network_owner",
|
||||||
|
"create_port:fixed_ips": "rule:admin_or_network_owner",
|
||||||
|
"create_port:port_security_enabled": "rule:admin_or_network_owner",
|
||||||
|
"create_port:binding:host_id": "rule:admin_only",
|
||||||
|
"create_port:binding:profile": "rule:admin_only",
|
||||||
|
"create_port:mac_learning_enabled": "rule:admin_or_network_owner",
|
||||||
|
"get_port": "rule:admin_or_owner",
|
||||||
|
"get_port:queue_id": "rule:admin_only",
|
||||||
|
"get_port:binding:vif_type": "rule:admin_only",
|
||||||
|
"get_port:binding:vif_details": "rule:admin_only",
|
||||||
|
"get_port:binding:host_id": "rule:admin_only",
|
||||||
|
"get_port:binding:profile": "rule:admin_only",
|
||||||
|
"update_port": "rule:admin_or_owner",
|
||||||
|
"update_port:fixed_ips": "rule:admin_or_network_owner",
|
||||||
|
"update_port:port_security_enabled": "rule:admin_or_network_owner",
|
||||||
|
"update_port:binding:host_id": "rule:admin_only",
|
||||||
|
"update_port:binding:profile": "rule:admin_only",
|
||||||
|
"update_port:mac_learning_enabled": "rule:admin_or_network_owner",
|
||||||
|
"delete_port": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"create_router:external_gateway_info:enable_snat": "rule:admin_only",
|
||||||
|
"update_router:external_gateway_info:enable_snat": "rule:admin_only",
|
||||||
|
|
||||||
|
"create_firewall": "",
|
||||||
|
"get_firewall": "rule:admin_or_owner",
|
||||||
|
"create_firewall:shared": "rule:admin_only",
|
||||||
|
"get_firewall:shared": "rule:admin_only",
|
||||||
|
"update_firewall": "rule:admin_or_owner",
|
||||||
|
"update_firewall:shared": "rule:admin_only",
|
||||||
|
"delete_firewall": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"create_firewall_policy": "",
|
||||||
|
"get_firewall_policy": "rule:admin_or_owner or rule:shared_firewalls",
|
||||||
|
"create_firewall_policy:shared": "rule:admin_or_owner",
|
||||||
|
"update_firewall_policy": "rule:admin_or_owner",
|
||||||
|
"delete_firewall_policy": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"create_firewall_rule": "",
|
||||||
|
"get_firewall_rule": "rule:admin_or_owner or rule:shared_firewalls",
|
||||||
|
"update_firewall_rule": "rule:admin_or_owner",
|
||||||
|
"delete_firewall_rule": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"create_qos_queue": "rule:admin_only",
|
||||||
|
"get_qos_queue": "rule:admin_only",
|
||||||
|
|
||||||
|
"update_agent": "rule:admin_only",
|
||||||
|
"delete_agent": "rule:admin_only",
|
||||||
|
"get_agent": "rule:admin_only",
|
||||||
|
|
||||||
|
"create_dhcp-network": "rule:admin_only",
|
||||||
|
"delete_dhcp-network": "rule:admin_only",
|
||||||
|
"get_dhcp-networks": "rule:admin_only",
|
||||||
|
"create_l3-router": "rule:admin_only",
|
||||||
|
"delete_l3-router": "rule:admin_only",
|
||||||
|
"get_l3-routers": "rule:admin_only",
|
||||||
|
"get_dhcp-agents": "rule:admin_only",
|
||||||
|
"get_l3-agents": "rule:admin_only",
|
||||||
|
"get_loadbalancer-agent": "rule:admin_only",
|
||||||
|
"get_loadbalancer-pools": "rule:admin_only",
|
||||||
|
|
||||||
|
"create_router": "rule:regular_user",
|
||||||
|
"get_router": "rule:admin_or_owner",
|
||||||
|
"update_router:add_router_interface": "rule:admin_or_owner",
|
||||||
|
"update_router:remove_router_interface": "rule:admin_or_owner",
|
||||||
|
"delete_router": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"create_floatingip": "rule:regular_user",
|
||||||
|
"update_floatingip": "rule:admin_or_owner",
|
||||||
|
"delete_floatingip": "rule:admin_or_owner",
|
||||||
|
"get_floatingip": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"create_network_profile": "rule:admin_only",
|
||||||
|
"update_network_profile": "rule:admin_only",
|
||||||
|
"delete_network_profile": "rule:admin_only",
|
||||||
|
"get_network_profiles": "",
|
||||||
|
"get_network_profile": "",
|
||||||
|
"update_policy_profiles": "rule:admin_only",
|
||||||
|
"get_policy_profiles": "",
|
||||||
|
"get_policy_profile": "",
|
||||||
|
|
||||||
|
"create_metering_label": "rule:admin_only",
|
||||||
|
"delete_metering_label": "rule:admin_only",
|
||||||
|
"get_metering_label": "rule:admin_only",
|
||||||
|
|
||||||
|
"create_metering_label_rule": "rule:admin_only",
|
||||||
|
"delete_metering_label_rule": "rule:admin_only",
|
||||||
|
"get_metering_label_rule": "rule:admin_only",
|
||||||
|
|
||||||
|
"get_service_provider": "rule:regular_user",
|
||||||
|
"get_lsn": "rule:admin_only",
|
||||||
|
"create_lsn": "rule:admin_only"
|
||||||
|
}
|
|
@ -0,0 +1,34 @@
|
||||||
|
# Configuration for tacker-rootwrap
|
||||||
|
# This file should be owned by (and only-writeable by) the root user
|
||||||
|
|
||||||
|
[DEFAULT]
|
||||||
|
# List of directories to load filter definitions from (separated by ',').
|
||||||
|
# These directories MUST all be only writeable by root !
|
||||||
|
filters_path=/etc/tacker/rootwrap.d,/usr/share/tacker/rootwrap
|
||||||
|
|
||||||
|
# List of directories to search executables in, in case filters do not
|
||||||
|
# explicitely specify a full path (separated by ',')
|
||||||
|
# If not specified, defaults to system PATH environment variable.
|
||||||
|
# These directories MUST all be only writeable by root !
|
||||||
|
exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin
|
||||||
|
|
||||||
|
# Enable logging to syslog
|
||||||
|
# Default value is False
|
||||||
|
use_syslog=False
|
||||||
|
|
||||||
|
# Which syslog facility to use.
|
||||||
|
# Valid values include auth, authpriv, syslog, local0, local1...
|
||||||
|
# Default value is 'syslog'
|
||||||
|
syslog_log_facility=syslog
|
||||||
|
|
||||||
|
# Which messages to log.
|
||||||
|
# INFO means log all usage
|
||||||
|
# ERROR means only log unsuccessful attempts
|
||||||
|
syslog_log_level=ERROR
|
||||||
|
|
||||||
|
[xenapi]
|
||||||
|
# XenAPI configuration is only required by the L2 agent if it is to
|
||||||
|
# target a XenServer/XCP compute host's dom0.
|
||||||
|
xenapi_connection_url=<None>
|
||||||
|
xenapi_connection_username=root
|
||||||
|
xenapi_connection_password=<None>
|
|
@ -0,0 +1,34 @@
|
||||||
|
# Configuration for tacker-rootwrap
|
||||||
|
# This file should be owned by (and only-writeable by) the root user
|
||||||
|
|
||||||
|
[DEFAULT]
|
||||||
|
# List of directories to load filter definitions from (separated by ',').
|
||||||
|
# These directories MUST all be only writeable by root !
|
||||||
|
filters_path=/etc/tacker/rootwrap.d,/usr/share/tacker/rootwrap
|
||||||
|
|
||||||
|
# List of directories to search executables in, in case filters do not
|
||||||
|
# explicitely specify a full path (separated by ',')
|
||||||
|
# If not specified, defaults to system PATH environment variable.
|
||||||
|
# These directories MUST all be only writeable by root !
|
||||||
|
exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin
|
||||||
|
|
||||||
|
# Enable logging to syslog
|
||||||
|
# Default value is False
|
||||||
|
use_syslog=False
|
||||||
|
|
||||||
|
# Which syslog facility to use.
|
||||||
|
# Valid values include auth, authpriv, syslog, local0, local1...
|
||||||
|
# Default value is 'syslog'
|
||||||
|
syslog_log_facility=syslog
|
||||||
|
|
||||||
|
# Which messages to log.
|
||||||
|
# INFO means log all usage
|
||||||
|
# ERROR means only log unsuccessful attempts
|
||||||
|
syslog_log_level=ERROR
|
||||||
|
|
||||||
|
[xenapi]
|
||||||
|
# XenAPI configuration is only required by the L2 agent if it is to
|
||||||
|
# target a XenServer/XCP compute host's dom0.
|
||||||
|
xenapi_connection_url=<None>
|
||||||
|
xenapi_connection_username=root
|
||||||
|
xenapi_connection_password=<None>
|
|
@ -0,0 +1,311 @@
|
||||||
|
[DEFAULT]
|
||||||
|
nova_region_name = RegionOne
|
||||||
|
nova_api_insecure = False
|
||||||
|
nova_ca_certificates_file =
|
||||||
|
nova_admin_auth_url = http://10.18.133.120/identity_v2_admin
|
||||||
|
nova_admin_tenant_id = service
|
||||||
|
nova_admin_password = devstack
|
||||||
|
nova_admin_user_name = nova
|
||||||
|
nova_url = http://127.0.0.1:8774/v2
|
||||||
|
auth_strategy = keystone
|
||||||
|
policy_file = /etc/tacker/policy.json
|
||||||
|
debug = True
|
||||||
|
logging_context_format_string = %(asctime)s.%(msecs)03d %(levelname)s %(name)s [%(request_id)s %(user_name)s %(project_name)s] %(instance)s%(message)s
|
||||||
|
use_syslog = False
|
||||||
|
state_path = /opt/stack/data/tacker
|
||||||
|
transport_url = rabbit://stackrabbit:devstack@10.18.133.120:5672/
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.common.config
|
||||||
|
#
|
||||||
|
|
||||||
|
# The host IP to bind to (string value)
|
||||||
|
#bind_host = 0.0.0.0
|
||||||
|
|
||||||
|
# The port to bind to (integer value)
|
||||||
|
#bind_port = 9890
|
||||||
|
|
||||||
|
# The API paste config file to use (string value)
|
||||||
|
#api_paste_config = api-paste.ini
|
||||||
|
|
||||||
|
# The path for API extensions (string value)
|
||||||
|
#api_extensions_path =
|
||||||
|
|
||||||
|
# The service plugins Tacker will use (list value)
|
||||||
|
#service_plugins = nfvo,vnfm,commonservices
|
||||||
|
|
||||||
|
# The policy file to use (string value)
|
||||||
|
#policy_file = policy.json
|
||||||
|
|
||||||
|
# The type of authentication to use (string value)
|
||||||
|
#auth_strategy = keystone
|
||||||
|
|
||||||
|
# Allow the usage of the bulk API (boolean value)
|
||||||
|
#allow_bulk = true
|
||||||
|
|
||||||
|
# Allow the usage of the pagination (boolean value)
|
||||||
|
#allow_pagination = false
|
||||||
|
|
||||||
|
# Allow the usage of the sorting (boolean value)
|
||||||
|
#allow_sorting = false
|
||||||
|
|
||||||
|
# The maximum number of items returned in a single response, value was
|
||||||
|
# 'infinite' or negative integer means no limit (string value)
|
||||||
|
#pagination_max_limit = -1
|
||||||
|
|
||||||
|
# The hostname Tacker is running on (string value)
|
||||||
|
#host = stellarstack-1473375405-000
|
||||||
|
|
||||||
|
# URL for connection to nova (string value)
|
||||||
|
#nova_url = http://127.0.0.1:8774/v2
|
||||||
|
|
||||||
|
# Username for connecting to nova in admin context (string value)
|
||||||
|
#nova_admin_username = <None>
|
||||||
|
|
||||||
|
# Password for connection to nova in admin context (string value)
|
||||||
|
#nova_admin_password = <None>
|
||||||
|
|
||||||
|
# The uuid of the admin nova tenant (string value)
|
||||||
|
#nova_admin_tenant_id = <None>
|
||||||
|
|
||||||
|
# Authorization URL for connecting to nova in admin context (string value)
|
||||||
|
#nova_admin_auth_url = http://localhost:5000/v2.0
|
||||||
|
|
||||||
|
# CA file for novaclient to verify server certificates (string value)
|
||||||
|
#nova_ca_certificates_file = <None>
|
||||||
|
|
||||||
|
# If True, ignore any SSL validation issues (boolean value)
|
||||||
|
#nova_api_insecure = false
|
||||||
|
|
||||||
|
# Name of nova region to use. Useful if keystone manages more than one region.
|
||||||
|
# (string value)
|
||||||
|
#nova_region_name = <None>
|
||||||
|
|
||||||
|
# Where to store Tacker state files. This directory must be writable by the
|
||||||
|
# agent. (string value)
|
||||||
|
#state_path = /var/lib/tacker
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.service
|
||||||
|
#
|
||||||
|
|
||||||
|
# Seconds between running periodic tasks (integer value)
|
||||||
|
#periodic_interval = 40
|
||||||
|
|
||||||
|
# Number of separate worker processes for service (integer value)
|
||||||
|
#api_workers = 0
|
||||||
|
|
||||||
|
# Range of seconds to randomly delay when starting the periodic task scheduler
|
||||||
|
# to reduce stampeding. (Disable by setting to 0) (integer value)
|
||||||
|
#periodic_fuzzy_delay = 5
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.wsgi
|
||||||
|
#
|
||||||
|
|
||||||
|
# Number of backlog requests to configure the socket with (integer value)
|
||||||
|
#backlog = 4096
|
||||||
|
|
||||||
|
# Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not
|
||||||
|
# supported on OS X. (integer value)
|
||||||
|
#tcp_keepidle = 600
|
||||||
|
|
||||||
|
# Number of seconds to keep retrying to listen (integer value)
|
||||||
|
#retry_until_window = 30
|
||||||
|
|
||||||
|
# Max header line to accommodate large tokens (integer value)
|
||||||
|
#max_header_line = 16384
|
||||||
|
|
||||||
|
# Enable SSL on the API server (boolean value)
|
||||||
|
#use_ssl = false
|
||||||
|
|
||||||
|
# CA certificate file to use to verify connecting clients (string value)
|
||||||
|
#ssl_ca_file = <None>
|
||||||
|
|
||||||
|
# Certificate file to use when starting the server securely (string value)
|
||||||
|
#ssl_cert_file = <None>
|
||||||
|
|
||||||
|
# Private key file to use when starting the server securely (string value)
|
||||||
|
#ssl_key_file = <None>
|
||||||
|
|
||||||
|
|
||||||
|
[monitor]
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.vnfm.monitor
|
||||||
|
#
|
||||||
|
|
||||||
|
# check interval for monitor (integer value)
|
||||||
|
#check_intvl = 10
|
||||||
|
|
||||||
|
|
||||||
|
[monitor_http_ping]
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.vnfm.monitor_drivers.http_ping.http_ping
|
||||||
|
#
|
||||||
|
|
||||||
|
# number of times to retry (integer value)
|
||||||
|
#retry = 5
|
||||||
|
|
||||||
|
# number of seconds to wait for a response (integer value)
|
||||||
|
#timeout = 1
|
||||||
|
|
||||||
|
# HTTP port number to send request (integer value)
|
||||||
|
#port = 80
|
||||||
|
|
||||||
|
|
||||||
|
[monitor_ping]
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.vnfm.monitor_drivers.ping.ping
|
||||||
|
#
|
||||||
|
|
||||||
|
# number of ICMP packets to send (string value)
|
||||||
|
#count = 1
|
||||||
|
|
||||||
|
# number of seconds to wait for a response (string value)
|
||||||
|
#timeout = 1
|
||||||
|
|
||||||
|
# number of seconds to wait between packets (string value)
|
||||||
|
#interval = 1
|
||||||
|
|
||||||
|
|
||||||
|
[nfvo]
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.nfvo.nfvo_plugin
|
||||||
|
#
|
||||||
|
|
||||||
|
# VIM driver for launching VNFs (list value)
|
||||||
|
#vim_drivers = openstack
|
||||||
|
|
||||||
|
# Interval to check for VIM health (integer value)
|
||||||
|
#monitor_interval = 30
|
||||||
|
|
||||||
|
|
||||||
|
[nfvo_vim]
|
||||||
|
default_vim = VIM0
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.vnfm.vim_client
|
||||||
|
#
|
||||||
|
|
||||||
|
# DEPRECATED: Default VIM for launching VNFs. This option is deprecated and
|
||||||
|
# will be removed in Ocata release. (string value)
|
||||||
|
# This option is deprecated for removal.
|
||||||
|
# Its value may be silently ignored in the future.
|
||||||
|
#default_vim = <None>
|
||||||
|
|
||||||
|
|
||||||
|
[openwrt]
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.vnfm.mgmt_drivers.openwrt.openwrt
|
||||||
|
#
|
||||||
|
|
||||||
|
# user name to login openwrt (string value)
|
||||||
|
#user = root
|
||||||
|
|
||||||
|
# password to login openwrt (string value)
|
||||||
|
#password =
|
||||||
|
|
||||||
|
|
||||||
|
[tacker]
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.vnfm.monitor
|
||||||
|
#
|
||||||
|
|
||||||
|
# Monitor driver to communicate with Hosting VNF/logical service instance
|
||||||
|
# tacker plugin will use (list value)
|
||||||
|
#monitor_driver = ping,http_ping
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.vnfm.plugin
|
||||||
|
#
|
||||||
|
|
||||||
|
# MGMT driver to communicate with Hosting VNF/logical service instance tacker
|
||||||
|
# plugin will use (list value)
|
||||||
|
#mgmt_driver = noop,openwrt
|
||||||
|
|
||||||
|
# Time interval to wait for VM to boot (integer value)
|
||||||
|
#boot_wait = 30
|
||||||
|
|
||||||
|
# Hosting vnf drivers tacker plugin will use (list value)
|
||||||
|
#infra_driver = nova,heat,noop,openstack
|
||||||
|
|
||||||
|
|
||||||
|
[tacker_heat]
|
||||||
|
stack_retry_wait = 5
|
||||||
|
stack_retries = 60
|
||||||
|
heat_uri = http://10.18.133.120:8004/v1
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.vnfm.infra_drivers.heat.heat
|
||||||
|
#
|
||||||
|
|
||||||
|
# Number of attempts to retry for stack creation/deletion (integer value)
|
||||||
|
#stack_retries = 60
|
||||||
|
|
||||||
|
# Wait time (in seconds) between consecutive stack create/delete retries
|
||||||
|
# (integer value)
|
||||||
|
#stack_retry_wait = 5
|
||||||
|
|
||||||
|
# Flavor Extra Specs (dict value)
|
||||||
|
#flavor_extra_specs =
|
||||||
|
|
||||||
|
|
||||||
|
[vim_keys]
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.nfvo.drivers.vim.openstack_driver
|
||||||
|
#
|
||||||
|
|
||||||
|
# Dir.path to store fernet keys. (string value)
|
||||||
|
#openstack = /etc/tacker/vim/fernet_keys
|
||||||
|
|
||||||
|
|
||||||
|
[vim_monitor]
|
||||||
|
|
||||||
|
#
|
||||||
|
# From tacker.nfvo.drivers.vim.openstack_driver
|
||||||
|
#
|
||||||
|
|
||||||
|
# number of ICMP packets to send (string value)
|
||||||
|
#count = 1
|
||||||
|
|
||||||
|
# number of seconds to wait for a response (string value)
|
||||||
|
#timeout = 1
|
||||||
|
|
||||||
|
# number of seconds to wait between packets (string value)
|
||||||
|
#interval = 1
|
||||||
|
|
||||||
|
[database]
|
||||||
|
connection = mysql+pymysql://root:devstack@127.0.0.1/tacker?charset=utf8
|
||||||
|
|
||||||
|
[keystone_authtoken]
|
||||||
|
memcached_servers = 10.18.133.120:11211
|
||||||
|
signing_dir = /var/cache/tacker
|
||||||
|
cafile = /opt/stack/data/ca-bundle.pem
|
||||||
|
auth_uri = http://10.18.133.120/identity
|
||||||
|
project_domain_name = Default
|
||||||
|
project_name = service
|
||||||
|
user_domain_name = Default
|
||||||
|
password = devstack
|
||||||
|
username = tacker
|
||||||
|
auth_url = http://10.18.133.120/identity_v2_admin
|
||||||
|
auth_type = password
|
||||||
|
|
||||||
|
[tacker_nova]
|
||||||
|
region_name = RegionOne
|
||||||
|
project_domain_id = default
|
||||||
|
project_name = service
|
||||||
|
user_domain_id = default
|
||||||
|
password = devstack
|
||||||
|
username = nova
|
||||||
|
auth_url = http://10.18.133.120/identity_v2_admin
|
||||||
|
auth_plugin = password
|
||||||
|
|
||||||
|
[agent]
|
||||||
|
root_helper = sudo /usr/local/bin/tacker-rootwrap /etc/tacker/rootwrap.conf
|
|
@ -0,0 +1,425 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
[DEFAULT]
|
||||||
|
verbose = {{ verbose }}
|
||||||
|
debug = {{ debug }}
|
||||||
|
|
||||||
|
|
||||||
|
# Where to store Tacker state files. This directory must be writable by the
|
||||||
|
# user executing the agent.
|
||||||
|
state_path = {{ tacker_system_user_home }}
|
||||||
|
|
||||||
|
# Where to store lock files
|
||||||
|
lock_path = $state_path/lock
|
||||||
|
|
||||||
|
policy_file = {{ tacker_etc_dir }}/policy.json
|
||||||
|
|
||||||
|
# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s
|
||||||
|
# log_date_format = %Y-%m-%d %H:%M:%S
|
||||||
|
|
||||||
|
# use_syslog -> syslog
|
||||||
|
# log_file and log_dir -> log_dir/log_file
|
||||||
|
# (not log_file) and log_dir -> log_dir/{binary_name}.log
|
||||||
|
# use_stderr -> stderr
|
||||||
|
# (not user_stderr) and (not log_file) -> stdout
|
||||||
|
# publish_errors -> notification system
|
||||||
|
|
||||||
|
use_syslog = False
|
||||||
|
# syslog_log_facility = LOG_USER
|
||||||
|
|
||||||
|
# use_stderr = True
|
||||||
|
# log_file =
|
||||||
|
# log_dir =
|
||||||
|
|
||||||
|
# publish_errors = False
|
||||||
|
|
||||||
|
# Address to bind the API server to
|
||||||
|
bind_host = {{ tacker_bind_address }}
|
||||||
|
|
||||||
|
# Port the bind the API server to
|
||||||
|
bind_port = {{ tacker_service_port }}
|
||||||
|
|
||||||
|
# Path to the extensions. Note that this can be a colon-separated list of
|
||||||
|
# paths. For example:
|
||||||
|
# api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions
|
||||||
|
# The __path__ of tacker.extensions is appended to this, so if your
|
||||||
|
# extensions are in there you don't need to specify them here
|
||||||
|
# api_extensions_path =
|
||||||
|
|
||||||
|
# (StrOpt) Tacker core plugin entrypoint to be loaded from the
|
||||||
|
# tacker.core_plugins namespace. See setup.cfg for the entrypoint names of the
|
||||||
|
# plugins included in the tacker source distribution. For compatibility with
|
||||||
|
# previous versions, the class name of a plugin can be specified instead of its
|
||||||
|
# entrypoint name.
|
||||||
|
#
|
||||||
|
# core_plugin =
|
||||||
|
# Example: core_plugin = ml2
|
||||||
|
|
||||||
|
# (ListOpt) List of service plugin entrypoints to be loaded from the
|
||||||
|
# tacker.service_plugins namespace. See setup.cfg for the entrypoint names of
|
||||||
|
# the plugins included in the tacker source distribution. For compatibility
|
||||||
|
# with previous versions, the class name of a plugin can be specified instead
|
||||||
|
# of its entrypoint name.
|
||||||
|
#
|
||||||
|
# service_plugins =
|
||||||
|
# Example: service_plugins = router,firewall,lbaas,vpnaas,metering
|
||||||
|
service_plugins = vnfm,nfvo
|
||||||
|
|
||||||
|
# Paste configuration file
|
||||||
|
# api_paste_config = api-paste.ini
|
||||||
|
|
||||||
|
# The strategy to be used for auth.
|
||||||
|
# Supported values are 'keystone'(default), 'noauth'.
|
||||||
|
auth_strategy = keystone
|
||||||
|
|
||||||
|
# Allow sending resource operation notification to DHCP agent
|
||||||
|
# dhcp_agent_notification = True
|
||||||
|
|
||||||
|
# Enable or disable bulk create/update/delete operations
|
||||||
|
# allow_bulk = True
|
||||||
|
# Enable or disable pagination
|
||||||
|
# allow_pagination = False
|
||||||
|
# Enable or disable sorting
|
||||||
|
# allow_sorting = False
|
||||||
|
# Enable or disable overlapping IPs for subnets
|
||||||
|
# Attention: the following parameter MUST be set to False if Tacker is
|
||||||
|
# being used in conjunction with nova security groups
|
||||||
|
# allow_overlapping_ips = False
|
||||||
|
# Ensure that configured gateway is on subnet
|
||||||
|
# force_gateway_on_subnet = False
|
||||||
|
|
||||||
|
|
||||||
|
# RPC configuration options. Defined in rpc __init__
|
||||||
|
# The messaging module to use, defaults to kombu.
|
||||||
|
# rpc_backend = tacker.openstack.common.rpc.impl_kombu
|
||||||
|
# Size of RPC thread pool
|
||||||
|
# rpc_thread_pool_size = 64
|
||||||
|
# Size of RPC connection pool
|
||||||
|
# rpc_conn_pool_size = 30
|
||||||
|
# Seconds to wait for a response from call or multicall
|
||||||
|
# rpc_response_timeout = 60
|
||||||
|
# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.
|
||||||
|
# rpc_cast_timeout = 30
|
||||||
|
# Modules of exceptions that are permitted to be recreated
|
||||||
|
# upon receiving exception data from an rpc call.
|
||||||
|
# allowed_rpc_exception_modules = tacker.openstack.common.exception, nova.exception
|
||||||
|
# AMQP exchange to connect to if using RabbitMQ or QPID
|
||||||
|
# control_exchange = tacker
|
||||||
|
|
||||||
|
# If passed, use a fake RabbitMQ provider
|
||||||
|
# fake_rabbit = False
|
||||||
|
|
||||||
|
# Configuration options if sending notifications via kombu rpc (these are
|
||||||
|
# the defaults)
|
||||||
|
# SSL version to use (valid only if SSL enabled)
|
||||||
|
# kombu_ssl_version =
|
||||||
|
# SSL key file (valid only if SSL enabled)
|
||||||
|
# kombu_ssl_keyfile =
|
||||||
|
# SSL cert file (valid only if SSL enabled)
|
||||||
|
# kombu_ssl_certfile =
|
||||||
|
# SSL certification authority file (valid only if SSL enabled)
|
||||||
|
# kombu_ssl_ca_certs =
|
||||||
|
# IP address of the RabbitMQ installation
|
||||||
|
# rabbit_host = localhost
|
||||||
|
# Password of the RabbitMQ server
|
||||||
|
# rabbit_password = guest
|
||||||
|
# Port where RabbitMQ server is running/listening
|
||||||
|
# rabbit_port = 5672
|
||||||
|
# RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672)
|
||||||
|
# rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port'
|
||||||
|
# rabbit_hosts = localhost:5672
|
||||||
|
# User ID used for RabbitMQ connections
|
||||||
|
# rabbit_userid = guest
|
||||||
|
# Location of a virtual RabbitMQ installation.
|
||||||
|
# rabbit_virtual_host = /
|
||||||
|
# Maximum retries with trying to connect to RabbitMQ
|
||||||
|
# (the default of 0 implies an infinite retry count)
|
||||||
|
# rabbit_max_retries = 0
|
||||||
|
# RabbitMQ connection retry interval
|
||||||
|
# rabbit_retry_interval = 1
|
||||||
|
# Use HA queues in RabbitMQ (x-ha-policy: all). You need to
|
||||||
|
# wipe RabbitMQ database when changing this option. (boolean value)
|
||||||
|
# rabbit_ha_queues = false
|
||||||
|
|
||||||
|
# QPID
|
||||||
|
# rpc_backend=tacker.openstack.common.rpc.impl_qpid
|
||||||
|
# Qpid broker hostname
|
||||||
|
# qpid_hostname = localhost
|
||||||
|
# Qpid broker port
|
||||||
|
# qpid_port = 5672
|
||||||
|
# Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672)
|
||||||
|
# qpid_hosts is defaulted to '$qpid_hostname:$qpid_port'
|
||||||
|
# qpid_hosts = localhost:5672
|
||||||
|
# Username for qpid connection
|
||||||
|
# qpid_username = ''
|
||||||
|
# Password for qpid connection
|
||||||
|
# qpid_password = ''
|
||||||
|
# Space separated list of SASL mechanisms to use for auth
|
||||||
|
# qpid_sasl_mechanisms = ''
|
||||||
|
# Seconds between connection keepalive heartbeats
|
||||||
|
# qpid_heartbeat = 60
|
||||||
|
# Transport to use, either 'tcp' or 'ssl'
|
||||||
|
# qpid_protocol = tcp
|
||||||
|
# Disable Nagle algorithm
|
||||||
|
# qpid_tcp_nodelay = True
|
||||||
|
|
||||||
|
# ZMQ
|
||||||
|
# rpc_backend=tacker.openstack.common.rpc.impl_zmq
|
||||||
|
# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP.
|
||||||
|
# The "host" option should point or resolve to this address.
|
||||||
|
# rpc_zmq_bind_address = *
|
||||||
|
|
||||||
|
# ============ Notification System Options =====================
|
||||||
|
|
||||||
|
# Notifications can be sent when network/subnet/port are created, updated or deleted.
|
||||||
|
# There are three methods of sending notifications: logging (via the
|
||||||
|
# log_file directive), rpc (via a message queue) and
|
||||||
|
# noop (no notifications sent, the default)
|
||||||
|
|
||||||
|
# Notification_driver can be defined multiple times
|
||||||
|
# Do nothing driver
|
||||||
|
# notification_driver = tacker.openstack.common.notifier.no_op_notifier
|
||||||
|
# Logging driver
|
||||||
|
# notification_driver = tacker.openstack.common.notifier.log_notifier
|
||||||
|
# RPC driver.
|
||||||
|
notification_driver = tacker.openstack.common.notifier.rpc_notifier
|
||||||
|
|
||||||
|
# default_notification_level is used to form actual topic name(s) or to set logging level
|
||||||
|
# default_notification_level = INFO
|
||||||
|
|
||||||
|
# default_publisher_id is a part of the notification payload
|
||||||
|
# host = myhost.com
|
||||||
|
# default_publisher_id = $host
|
||||||
|
|
||||||
|
# Defined in rpc_notifier, can be comma separated values.
|
||||||
|
# The actual topic names will be %s.%(default_notification_level)s
|
||||||
|
# notification_topics = notifications
|
||||||
|
|
||||||
|
# Default maximum number of items returned in a single response,
|
||||||
|
# value == infinite and value < 0 means no max limit, and value must
|
||||||
|
# be greater than 0. If the number of items requested is greater than
|
||||||
|
# pagination_max_limit, server will just return pagination_max_limit
|
||||||
|
# of number of items.
|
||||||
|
# pagination_max_limit = -1
|
||||||
|
|
||||||
|
# Maximum number of DNS nameservers per subnet
|
||||||
|
# max_dns_nameservers = 5
|
||||||
|
|
||||||
|
# Maximum number of host routes per subnet
|
||||||
|
# max_subnet_host_routes = 20
|
||||||
|
|
||||||
|
# Maximum number of fixed ips per port
|
||||||
|
# max_fixed_ips_per_port = 5
|
||||||
|
|
||||||
|
# =========== items for agent management extension =============
|
||||||
|
# Seconds to regard the agent as down; should be at least twice
|
||||||
|
# report_interval, to be sure the agent is down for good
|
||||||
|
# agent_down_time = 75
|
||||||
|
# =========== end of items for agent management extension =====
|
||||||
|
|
||||||
|
# Allow auto scheduling networks to DHCP agent. It will schedule non-hosted
|
||||||
|
# networks to first DHCP agent which sends get_active_networks message to
|
||||||
|
# tacker server
|
||||||
|
# network_auto_schedule = True
|
||||||
|
|
||||||
|
# Allow auto scheduling routers to L3 agent. It will schedule non-hosted
|
||||||
|
# routers to first L3 agent which sends sync_routers message to tacker server
|
||||||
|
# router_auto_schedule = True
|
||||||
|
|
||||||
|
# Number of DHCP agents scheduled to host a network. This enables redundant
|
||||||
|
# DHCP agents for configured networks.
|
||||||
|
# dhcp_agents_per_network = 1
|
||||||
|
|
||||||
|
# =========== end of items for agent scheduler extension =====
|
||||||
|
|
||||||
|
# =========== WSGI parameters related to the API server ==============
|
||||||
|
# Number of separate worker processes to spawn. The default, 0, runs the
|
||||||
|
# worker thread in the current process. Greater than 0 launches that number of
|
||||||
|
# child processes as workers. The parent process manages them.
|
||||||
|
# api_workers = 0
|
||||||
|
|
||||||
|
# Number of separate RPC worker processes to spawn. The default, 0, runs the
|
||||||
|
# worker thread in the current process. Greater than 0 launches that number of
|
||||||
|
# child processes as RPC workers. The parent process manages them.
|
||||||
|
# This feature is experimental until issues are addressed and testing has been
|
||||||
|
# enabled for various plugins for compatibility.
|
||||||
|
# rpc_workers = 0
|
||||||
|
|
||||||
|
# Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when
|
||||||
|
# starting API server. Not supported on OS X.
|
||||||
|
# tcp_keepidle = 600
|
||||||
|
|
||||||
|
# Number of seconds to keep retrying to listen
|
||||||
|
# retry_until_window = 30
|
||||||
|
|
||||||
|
# Number of backlog requests to configure the socket with.
|
||||||
|
# backlog = 4096
|
||||||
|
|
||||||
|
# Max header line to accommodate large tokens
|
||||||
|
# max_header_line = 16384
|
||||||
|
|
||||||
|
# Enable SSL on the API server
|
||||||
|
# use_ssl = False
|
||||||
|
|
||||||
|
# Certificate file to use when starting API server securely
|
||||||
|
# ssl_cert_file = /path/to/certfile
|
||||||
|
|
||||||
|
# Private key file to use when starting API server securely
|
||||||
|
# ssl_key_file = /path/to/keyfile
|
||||||
|
|
||||||
|
# CA certificate file to use when starting API server securely to
|
||||||
|
# verify connecting clients. This is an optional parameter only required if
|
||||||
|
# API clients need to authenticate to the API server using SSL certificates
|
||||||
|
# signed by a trusted CA
|
||||||
|
# ssl_ca_file = /path/to/cafile
|
||||||
|
# ======== end of WSGI parameters related to the API server ==========
|
||||||
|
|
||||||
|
|
||||||
|
# ======== tacker nova interactions ==========
|
||||||
|
# Send notification to nova when port status is active.
|
||||||
|
# notify_nova_on_port_status_changes = True
|
||||||
|
|
||||||
|
# Send notifications to nova when port data (fixed_ips/floatingips) change
|
||||||
|
# so nova can update it's cache.
|
||||||
|
# notify_nova_on_port_data_changes = True
|
||||||
|
|
||||||
|
# URL for connection to nova (Only supports one nova region currently).
|
||||||
|
# nova_url = http://127.0.0.1:8774/v2
|
||||||
|
|
||||||
|
# Name of nova region to use. Useful if keystone manages more than one region
|
||||||
|
# nova_region_name =
|
||||||
|
|
||||||
|
# Username for connection to nova in admin context
|
||||||
|
# nova_admin_username =
|
||||||
|
|
||||||
|
# The uuid of the admin nova tenant
|
||||||
|
# nova_admin_tenant_id =
|
||||||
|
|
||||||
|
# Password for connection to nova in admin context.
|
||||||
|
# nova_admin_password =
|
||||||
|
|
||||||
|
# Authorization URL for connection to nova in admin context.
|
||||||
|
# nova_admin_auth_url =
|
||||||
|
|
||||||
|
# CA file for novaclient to verify server certificates
|
||||||
|
# nova_ca_certificates_file =
|
||||||
|
|
||||||
|
# Boolean to control ignoring SSL errors on the nova url
|
||||||
|
# nova_api_insecure = False
|
||||||
|
|
||||||
|
# Number of seconds between sending events to nova if there are any events to send
|
||||||
|
# send_events_interval = 2
|
||||||
|
|
||||||
|
# ======== end of tacker nova interactions ==========
|
||||||
|
|
||||||
|
[agent]
|
||||||
|
# Use "sudo tacker-rootwrap /etc/tacker/rootwrap.conf" to use the real
|
||||||
|
# root filter facility.
|
||||||
|
# Change to "sudo" to skip the filtering and just run the comand directly
|
||||||
|
# root_helper = sudo
|
||||||
|
root_helper = sudo {{ tacker_bin }}/tacker-rootwrap {{ tacker_etc_dir }}/rootwrap.conf
|
||||||
|
|
||||||
|
# =========== items for agent management extension =============
|
||||||
|
# seconds between nodes reporting state to server; should be less than
|
||||||
|
# agent_down_time, best if it is half or less than agent_down_time
|
||||||
|
# report_interval = 30
|
||||||
|
|
||||||
|
# =========== end of items for agent management extension =====
|
||||||
|
|
||||||
|
[keystone_authtoken]
|
||||||
|
signing_dir = /var/cache/tacker
|
||||||
|
# cafile = /opt/stack/data/ca-bundle.pem
|
||||||
|
project_domain_name = {{ tacker_service_project_domain_id }}
|
||||||
|
project_name = {{ tacker_service_project_name }}
|
||||||
|
user_domain_name = {{ tacker_service_user_domain_id }}
|
||||||
|
username = {{ tacker_service_user_name }}
|
||||||
|
password = {{ tacker_service_password }}
|
||||||
|
auth_url = {{ keystone_service_adminuri }}
|
||||||
|
auth_uri = {{ keystone_service_internaluri }}
|
||||||
|
auth_type = {{ tacker_keystone_auth_plugin }}
|
||||||
|
#memcached_servers = memcache:11211
|
||||||
|
|
||||||
|
|
||||||
|
[database]
|
||||||
|
# This line MUST be changed to actually run the plugin.
|
||||||
|
# Example:
|
||||||
|
# connection = mysql://root:pass@127.0.0.1:3306/tacker
|
||||||
|
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||||
|
# main tacker server. (Leave it as is if the database runs on this host.)
|
||||||
|
# connection = sqlite://
|
||||||
|
# NOTE: In deployment the [database] section and its connection attribute may
|
||||||
|
# be set in the corresponding core plugin '.ini' file. However, it is suggested
|
||||||
|
# to put the [database] section and its connection attribute in this
|
||||||
|
# configuration file.
|
||||||
|
connection = mysql://{{ tacker_galera_user }}:{{ tacker_container_mysql_password }}@{{ tacker_galera_address }}/{{ tacker_galera_database }}?charset=utf8
|
||||||
|
|
||||||
|
# Database engine for which script will be generated when using offline
|
||||||
|
# migration
|
||||||
|
# engine =
|
||||||
|
|
||||||
|
# The SQLAlchemy connection string used to connect to the slave database
|
||||||
|
# slave_connection =
|
||||||
|
|
||||||
|
# Database reconnection retry times - in event connectivity is lost
|
||||||
|
# set to -1 implies an infinite retry count
|
||||||
|
# max_retries = 10
|
||||||
|
|
||||||
|
# Database reconnection interval in seconds - if the initial connection to the
|
||||||
|
# database fails
|
||||||
|
# retry_interval = 10
|
||||||
|
|
||||||
|
# Minimum number of SQL connections to keep open in a pool
|
||||||
|
# min_pool_size = 1
|
||||||
|
|
||||||
|
# Maximum number of SQL connections to keep open in a pool
|
||||||
|
# max_pool_size = 10
|
||||||
|
|
||||||
|
# Timeout in seconds before idle sql connections are reaped
|
||||||
|
# idle_timeout = 3600
|
||||||
|
|
||||||
|
# If set, use this value for max_overflow with sqlalchemy
|
||||||
|
# max_overflow = 20
|
||||||
|
|
||||||
|
# Verbosity of SQL debugging information. 0=None, 100=Everything
|
||||||
|
# connection_debug = 0
|
||||||
|
|
||||||
|
# Add python stack traces to SQL as comment strings
|
||||||
|
# connection_trace = False
|
||||||
|
|
||||||
|
# If set, use this value for pool_timeout with sqlalchemy
|
||||||
|
# pool_timeout = 10
|
||||||
|
|
||||||
|
[tacker]
|
||||||
|
# Specify drivers for hosting device
|
||||||
|
infra_driver = heat,nova,noop
|
||||||
|
|
||||||
|
# Specify drivers for mgmt
|
||||||
|
mgmt_driver = noop,openwrt
|
||||||
|
|
||||||
|
# Specify drivers for monitoring
|
||||||
|
monitor_driver = ping, http_ping
|
||||||
|
|
||||||
|
[nfvo_vim]
|
||||||
|
# Supported VIM drivers, resource orchestration controllers such as OpenStack, kvm
|
||||||
|
#Default VIM driver is OpenStack
|
||||||
|
#vim_drivers = openstack
|
||||||
|
#Default VIM placement if vim id is not provided
|
||||||
|
default_vim = VIM0
|
||||||
|
|
||||||
|
[vim_keys]
|
||||||
|
#openstack = /etc/tacker/vim/fernet_keys
|
||||||
|
[tacker_nova]
|
||||||
|
# parameters for novaclient to talk to nova
|
||||||
|
region_name = {{ service_region }}
|
||||||
|
project_domain_id = {{ nova_service_project_domain_id }}
|
||||||
|
project_name = {{ nova_service_project_name }}
|
||||||
|
user_domain_id = {{ nova_service_user_domain_id }}
|
||||||
|
password = {{ nova_service_password }}
|
||||||
|
username = {{ nova_service_user_name }}
|
||||||
|
auth_url = {{ keystone_service_adminuri }}
|
||||||
|
auth_plugin = {{ nova_keystone_auth_plugin }}
|
||||||
|
|
||||||
|
[tacker_heat]
|
||||||
|
heat_uri = {{ heat_service_adminurl }}
|
||||||
|
stack_retries = {{ tacker_heat_stack_retires }}
|
||||||
|
stack_retry_wait = {{ tacker_heat_stack_retry_wait }}
|
|
@ -0,0 +1,445 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
[DEFAULT]
|
||||||
|
verbose = {{ verbose }}
|
||||||
|
debug = {{ debug }}
|
||||||
|
|
||||||
|
|
||||||
|
# Where to store Tacker state files. This directory must be writable by the
|
||||||
|
# user executing the agent.
|
||||||
|
state_path = {{ tacker_system_user_home }}
|
||||||
|
|
||||||
|
# Where to store lock files
|
||||||
|
lock_path = $state_path/lock
|
||||||
|
|
||||||
|
policy_file = {{ tacker_etc_dir }}/policy.json
|
||||||
|
|
||||||
|
# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s
|
||||||
|
# log_date_format = %Y-%m-%d %H:%M:%S
|
||||||
|
|
||||||
|
# use_syslog -> syslog
|
||||||
|
# log_file and log_dir -> log_dir/log_file
|
||||||
|
# (not log_file) and log_dir -> log_dir/{binary_name}.log
|
||||||
|
# use_stderr -> stderr
|
||||||
|
# (not user_stderr) and (not log_file) -> stdout
|
||||||
|
# publish_errors -> notification system
|
||||||
|
|
||||||
|
use_syslog = False
|
||||||
|
# syslog_log_facility = LOG_USER
|
||||||
|
|
||||||
|
# use_stderr = True
|
||||||
|
# log_file =
|
||||||
|
# log_dir =
|
||||||
|
|
||||||
|
# publish_errors = False
|
||||||
|
|
||||||
|
# Address to bind the API server to
|
||||||
|
bind_host = {{ tacker_bind_address }}
|
||||||
|
|
||||||
|
# Port the bind the API server to
|
||||||
|
bind_port = {{ tacker_service_port }}
|
||||||
|
|
||||||
|
# Path to the extensions. Note that this can be a colon-separated list of
|
||||||
|
# paths. For example:
|
||||||
|
# api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions
|
||||||
|
# The __path__ of tacker.extensions is appended to this, so if your
|
||||||
|
# extensions are in there you don't need to specify them here
|
||||||
|
# api_extensions_path =
|
||||||
|
|
||||||
|
# (StrOpt) Tacker core plugin entrypoint to be loaded from the
|
||||||
|
# tacker.core_plugins namespace. See setup.cfg for the entrypoint names of the
|
||||||
|
# plugins included in the tacker source distribution. For compatibility with
|
||||||
|
# previous versions, the class name of a plugin can be specified instead of its
|
||||||
|
# entrypoint name.
|
||||||
|
#
|
||||||
|
# core_plugin =
|
||||||
|
# Example: core_plugin = ml2
|
||||||
|
|
||||||
|
# (ListOpt) List of service plugin entrypoints to be loaded from the
|
||||||
|
# tacker.service_plugins namespace. See setup.cfg for the entrypoint names of
|
||||||
|
# the plugins included in the tacker source distribution. For compatibility
|
||||||
|
# with previous versions, the class name of a plugin can be specified instead
|
||||||
|
# of its entrypoint name.
|
||||||
|
#
|
||||||
|
# service_plugins =
|
||||||
|
# Example: service_plugins = router,firewall,lbaas,vpnaas,metering
|
||||||
|
service_plugins = tacker.vm.plugin.VNFMPlugin
|
||||||
|
|
||||||
|
# Paste configuration file
|
||||||
|
# api_paste_config = api-paste.ini
|
||||||
|
|
||||||
|
# The strategy to be used for auth.
|
||||||
|
# Supported values are 'keystone'(default), 'noauth'.
|
||||||
|
auth_strategy = keystone
|
||||||
|
|
||||||
|
# Allow sending resource operation notification to DHCP agent
|
||||||
|
# dhcp_agent_notification = True
|
||||||
|
|
||||||
|
# Enable or disable bulk create/update/delete operations
|
||||||
|
# allow_bulk = True
|
||||||
|
# Enable or disable pagination
|
||||||
|
# allow_pagination = False
|
||||||
|
# Enable or disable sorting
|
||||||
|
# allow_sorting = False
|
||||||
|
# Enable or disable overlapping IPs for subnets
|
||||||
|
# Attention: the following parameter MUST be set to False if Tacker is
|
||||||
|
# being used in conjunction with nova security groups
|
||||||
|
# allow_overlapping_ips = False
|
||||||
|
# Ensure that configured gateway is on subnet
|
||||||
|
# force_gateway_on_subnet = False
|
||||||
|
|
||||||
|
|
||||||
|
# RPC configuration options. Defined in rpc __init__
|
||||||
|
# The messaging module to use, defaults to kombu.
|
||||||
|
# rpc_backend = tacker.openstack.common.rpc.impl_kombu
|
||||||
|
# Size of RPC thread pool
|
||||||
|
# rpc_thread_pool_size = 64
|
||||||
|
# Size of RPC connection pool
|
||||||
|
# rpc_conn_pool_size = 30
|
||||||
|
# Seconds to wait for a response from call or multicall
|
||||||
|
# rpc_response_timeout = 60
|
||||||
|
# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.
|
||||||
|
# rpc_cast_timeout = 30
|
||||||
|
# Modules of exceptions that are permitted to be recreated
|
||||||
|
# upon receiving exception data from an rpc call.
|
||||||
|
# allowed_rpc_exception_modules = tacker.openstack.common.exception, nova.exception
|
||||||
|
# AMQP exchange to connect to if using RabbitMQ or QPID
|
||||||
|
# control_exchange = tacker
|
||||||
|
|
||||||
|
# If passed, use a fake RabbitMQ provider
|
||||||
|
# fake_rabbit = False
|
||||||
|
|
||||||
|
# Configuration options if sending notifications via kombu rpc (these are
|
||||||
|
# the defaults)
|
||||||
|
# SSL version to use (valid only if SSL enabled)
|
||||||
|
# kombu_ssl_version =
|
||||||
|
# SSL key file (valid only if SSL enabled)
|
||||||
|
# kombu_ssl_keyfile =
|
||||||
|
# SSL cert file (valid only if SSL enabled)
|
||||||
|
# kombu_ssl_certfile =
|
||||||
|
# SSL certification authority file (valid only if SSL enabled)
|
||||||
|
# kombu_ssl_ca_certs =
|
||||||
|
# IP address of the RabbitMQ installation
|
||||||
|
# rabbit_host = localhost
|
||||||
|
# Password of the RabbitMQ server
|
||||||
|
# rabbit_password = guest
|
||||||
|
# Port where RabbitMQ server is running/listening
|
||||||
|
# rabbit_port = 5672
|
||||||
|
# RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672)
|
||||||
|
# rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port'
|
||||||
|
# rabbit_hosts = localhost:5672
|
||||||
|
# User ID used for RabbitMQ connections
|
||||||
|
# rabbit_userid = guest
|
||||||
|
# Location of a virtual RabbitMQ installation.
|
||||||
|
# rabbit_virtual_host = /
|
||||||
|
# Maximum retries with trying to connect to RabbitMQ
|
||||||
|
# (the default of 0 implies an infinite retry count)
|
||||||
|
# rabbit_max_retries = 0
|
||||||
|
# RabbitMQ connection retry interval
|
||||||
|
# rabbit_retry_interval = 1
|
||||||
|
# Use HA queues in RabbitMQ (x-ha-policy: all). You need to
|
||||||
|
# wipe RabbitMQ database when changing this option. (boolean value)
|
||||||
|
# rabbit_ha_queues = false
|
||||||
|
|
||||||
|
# QPID
|
||||||
|
# rpc_backend=tacker.openstack.common.rpc.impl_qpid
|
||||||
|
# Qpid broker hostname
|
||||||
|
# qpid_hostname = localhost
|
||||||
|
# Qpid broker port
|
||||||
|
# qpid_port = 5672
|
||||||
|
# Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672)
|
||||||
|
# qpid_hosts is defaulted to '$qpid_hostname:$qpid_port'
|
||||||
|
# qpid_hosts = localhost:5672
|
||||||
|
# Username for qpid connection
|
||||||
|
# qpid_username = ''
|
||||||
|
# Password for qpid connection
|
||||||
|
# qpid_password = ''
|
||||||
|
# Space separated list of SASL mechanisms to use for auth
|
||||||
|
# qpid_sasl_mechanisms = ''
|
||||||
|
# Seconds between connection keepalive heartbeats
|
||||||
|
# qpid_heartbeat = 60
|
||||||
|
# Transport to use, either 'tcp' or 'ssl'
|
||||||
|
# qpid_protocol = tcp
|
||||||
|
# Disable Nagle algorithm
|
||||||
|
# qpid_tcp_nodelay = True
|
||||||
|
|
||||||
|
# ZMQ
|
||||||
|
# rpc_backend=tacker.openstack.common.rpc.impl_zmq
|
||||||
|
# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP.
|
||||||
|
# The "host" option should point or resolve to this address.
|
||||||
|
# rpc_zmq_bind_address = *
|
||||||
|
|
||||||
|
# ============ Notification System Options =====================
|
||||||
|
|
||||||
|
# Notifications can be sent when network/subnet/port are created, updated or deleted.
|
||||||
|
# There are three methods of sending notifications: logging (via the
|
||||||
|
# log_file directive), rpc (via a message queue) and
|
||||||
|
# noop (no notifications sent, the default)
|
||||||
|
|
||||||
|
# Notification_driver can be defined multiple times
|
||||||
|
# Do nothing driver
|
||||||
|
# notification_driver = tacker.openstack.common.notifier.no_op_notifier
|
||||||
|
# Logging driver
|
||||||
|
# notification_driver = tacker.openstack.common.notifier.log_notifier
|
||||||
|
# RPC driver.
|
||||||
|
notification_driver = tacker.openstack.common.notifier.rpc_notifier
|
||||||
|
|
||||||
|
# default_notification_level is used to form actual topic name(s) or to set logging level
|
||||||
|
# default_notification_level = INFO
|
||||||
|
|
||||||
|
# default_publisher_id is a part of the notification payload
|
||||||
|
# host = myhost.com
|
||||||
|
# default_publisher_id = $host
|
||||||
|
|
||||||
|
# Defined in rpc_notifier, can be comma separated values.
|
||||||
|
# The actual topic names will be %s.%(default_notification_level)s
|
||||||
|
# notification_topics = notifications
|
||||||
|
|
||||||
|
# Default maximum number of items returned in a single response,
|
||||||
|
# value == infinite and value < 0 means no max limit, and value must
|
||||||
|
# be greater than 0. If the number of items requested is greater than
|
||||||
|
# pagination_max_limit, server will just return pagination_max_limit
|
||||||
|
# of number of items.
|
||||||
|
# pagination_max_limit = -1
|
||||||
|
|
||||||
|
# Maximum number of DNS nameservers per subnet
|
||||||
|
# max_dns_nameservers = 5
|
||||||
|
|
||||||
|
# Maximum number of host routes per subnet
|
||||||
|
# max_subnet_host_routes = 20
|
||||||
|
|
||||||
|
# Maximum number of fixed ips per port
|
||||||
|
# max_fixed_ips_per_port = 5
|
||||||
|
|
||||||
|
# =========== items for agent management extension =============
|
||||||
|
# Seconds to regard the agent as down; should be at least twice
|
||||||
|
# report_interval, to be sure the agent is down for good
|
||||||
|
# agent_down_time = 75
|
||||||
|
# =========== end of items for agent management extension =====
|
||||||
|
|
||||||
|
# Allow auto scheduling networks to DHCP agent. It will schedule non-hosted
|
||||||
|
# networks to first DHCP agent which sends get_active_networks message to
|
||||||
|
# tacker server
|
||||||
|
# network_auto_schedule = True
|
||||||
|
|
||||||
|
# Allow auto scheduling routers to L3 agent. It will schedule non-hosted
|
||||||
|
# routers to first L3 agent which sends sync_routers message to tacker server
|
||||||
|
# router_auto_schedule = True
|
||||||
|
|
||||||
|
# Number of DHCP agents scheduled to host a network. This enables redundant
|
||||||
|
# DHCP agents for configured networks.
|
||||||
|
# dhcp_agents_per_network = 1
|
||||||
|
|
||||||
|
# =========== end of items for agent scheduler extension =====
|
||||||
|
|
||||||
|
# =========== WSGI parameters related to the API server ==============
|
||||||
|
# Number of separate worker processes to spawn. The default, 0, runs the
|
||||||
|
# worker thread in the current process. Greater than 0 launches that number of
|
||||||
|
# child processes as workers. The parent process manages them.
|
||||||
|
# api_workers = 0
|
||||||
|
|
||||||
|
# Number of separate RPC worker processes to spawn. The default, 0, runs the
|
||||||
|
# worker thread in the current process. Greater than 0 launches that number of
|
||||||
|
# child processes as RPC workers. The parent process manages them.
|
||||||
|
# This feature is experimental until issues are addressed and testing has been
|
||||||
|
# enabled for various plugins for compatibility.
|
||||||
|
# rpc_workers = 0
|
||||||
|
|
||||||
|
# Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when
|
||||||
|
# starting API server. Not supported on OS X.
|
||||||
|
# tcp_keepidle = 600
|
||||||
|
|
||||||
|
# Number of seconds to keep retrying to listen
|
||||||
|
# retry_until_window = 30
|
||||||
|
|
||||||
|
# Number of backlog requests to configure the socket with.
|
||||||
|
# backlog = 4096
|
||||||
|
|
||||||
|
# Max header line to accommodate large tokens
|
||||||
|
# max_header_line = 16384
|
||||||
|
|
||||||
|
# Enable SSL on the API server
|
||||||
|
# use_ssl = False
|
||||||
|
|
||||||
|
# Certificate file to use when starting API server securely
|
||||||
|
# ssl_cert_file = /path/to/certfile
|
||||||
|
|
||||||
|
# Private key file to use when starting API server securely
|
||||||
|
# ssl_key_file = /path/to/keyfile
|
||||||
|
|
||||||
|
# CA certificate file to use when starting API server securely to
|
||||||
|
# verify connecting clients. This is an optional parameter only required if
|
||||||
|
# API clients need to authenticate to the API server using SSL certificates
|
||||||
|
# signed by a trusted CA
|
||||||
|
# ssl_ca_file = /path/to/cafile
|
||||||
|
# ======== end of WSGI parameters related to the API server ==========
|
||||||
|
|
||||||
|
|
||||||
|
# ======== tacker nova interactions ==========
|
||||||
|
# Send notification to nova when port status is active.
|
||||||
|
# notify_nova_on_port_status_changes = True
|
||||||
|
|
||||||
|
# Send notifications to nova when port data (fixed_ips/floatingips) change
|
||||||
|
# so nova can update it's cache.
|
||||||
|
# notify_nova_on_port_data_changes = True
|
||||||
|
|
||||||
|
# URL for connection to nova (Only supports one nova region currently).
|
||||||
|
# nova_url = http://127.0.0.1:8774/v2
|
||||||
|
|
||||||
|
# Name of nova region to use. Useful if keystone manages more than one region
|
||||||
|
# nova_region_name =
|
||||||
|
|
||||||
|
# Username for connection to nova in admin context
|
||||||
|
# nova_admin_username =
|
||||||
|
|
||||||
|
# The uuid of the admin nova tenant
|
||||||
|
# nova_admin_tenant_id =
|
||||||
|
|
||||||
|
# Password for connection to nova in admin context.
|
||||||
|
# nova_admin_password =
|
||||||
|
|
||||||
|
# Authorization URL for connection to nova in admin context.
|
||||||
|
# nova_admin_auth_url =
|
||||||
|
|
||||||
|
# CA file for novaclient to verify server certificates
|
||||||
|
# nova_ca_certificates_file =
|
||||||
|
|
||||||
|
# Boolean to control ignoring SSL errors on the nova url
|
||||||
|
# nova_api_insecure = False
|
||||||
|
|
||||||
|
# Number of seconds between sending events to nova if there are any events to send
|
||||||
|
# send_events_interval = 2
|
||||||
|
|
||||||
|
# ======== end of tacker nova interactions ==========
|
||||||
|
|
||||||
|
[agent]
|
||||||
|
# Use "sudo tacker-rootwrap /etc/tacker/rootwrap.conf" to use the real
|
||||||
|
# root filter facility.
|
||||||
|
# Change to "sudo" to skip the filtering and just run the comand directly
|
||||||
|
# root_helper = sudo
|
||||||
|
root_helper = sudo {{ tacker_bin }}/tacker-rootwrap {{ tacker_etc_dir }}/rootwrap.conf
|
||||||
|
|
||||||
|
# =========== items for agent management extension =============
|
||||||
|
# seconds between nodes reporting state to server; should be less than
|
||||||
|
# agent_down_time, best if it is half or less than agent_down_time
|
||||||
|
# report_interval = 30
|
||||||
|
|
||||||
|
# =========== end of items for agent management extension =====
|
||||||
|
|
||||||
|
[keystone_authtoken]
|
||||||
|
signing_dir = /var/cache/tacker
|
||||||
|
# cafile = /opt/stack/data/ca-bundle.pem
|
||||||
|
project_domain_id = {{ tacker_service_project_domain_id }}
|
||||||
|
project_name = {{ tacker_service_project_name }}
|
||||||
|
user_domain_id = {{ tacker_service_user_domain_id }}
|
||||||
|
password = {{ tacker_service_password }}
|
||||||
|
username = {{ tacker_service_user_name }}
|
||||||
|
auth_url = {{ keystone_service_adminuri }}
|
||||||
|
auth_uri = {{ keystone_service_internaluri }}
|
||||||
|
auth_plugin = {{ tacker_keystone_auth_plugin }}
|
||||||
|
# identity_uri = {{ keystone_service_internaluri }}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
[database]
|
||||||
|
# This line MUST be changed to actually run the plugin.
|
||||||
|
# Example:
|
||||||
|
# connection = mysql://root:pass@127.0.0.1:3306/tacker
|
||||||
|
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||||
|
# main tacker server. (Leave it as is if the database runs on this host.)
|
||||||
|
# connection = sqlite://
|
||||||
|
# NOTE: In deployment the [database] section and its connection attribute may
|
||||||
|
# be set in the corresponding core plugin '.ini' file. However, it is suggested
|
||||||
|
# to put the [database] section and its connection attribute in this
|
||||||
|
# configuration file.
|
||||||
|
connection = mysql+pymysql://{{ tacker_galera_user }}:{{ tacker_container_mysql_password }}@{{ tacker_galera_address }}/{{ tacker_galera_database }}?charset=utf8
|
||||||
|
|
||||||
|
# Database engine for which script will be generated when using offline
|
||||||
|
# migration
|
||||||
|
# engine =
|
||||||
|
|
||||||
|
# The SQLAlchemy connection string used to connect to the slave database
|
||||||
|
# slave_connection =
|
||||||
|
|
||||||
|
# Database reconnection retry times - in event connectivity is lost
|
||||||
|
# set to -1 implies an infinite retry count
|
||||||
|
# max_retries = 10
|
||||||
|
|
||||||
|
# Database reconnection interval in seconds - if the initial connection to the
|
||||||
|
# database fails
|
||||||
|
# retry_interval = 10
|
||||||
|
|
||||||
|
# Minimum number of SQL connections to keep open in a pool
|
||||||
|
# min_pool_size = 1
|
||||||
|
|
||||||
|
# Maximum number of SQL connections to keep open in a pool
|
||||||
|
# max_pool_size = 10
|
||||||
|
|
||||||
|
# Timeout in seconds before idle sql connections are reaped
|
||||||
|
# idle_timeout = 3600
|
||||||
|
|
||||||
|
# If set, use this value for max_overflow with sqlalchemy
|
||||||
|
# max_overflow = 20
|
||||||
|
|
||||||
|
# Verbosity of SQL debugging information. 0=None, 100=Everything
|
||||||
|
# connection_debug = 0
|
||||||
|
|
||||||
|
# Add python stack traces to SQL as comment strings
|
||||||
|
# connection_trace = False
|
||||||
|
|
||||||
|
# If set, use this value for pool_timeout with sqlalchemy
|
||||||
|
# pool_timeout = 10
|
||||||
|
|
||||||
|
[servicevm]
|
||||||
|
# Specify drivers for hosting device
|
||||||
|
# exmpale: infra_driver = noop
|
||||||
|
# exmpale: infra_driver = nova
|
||||||
|
# exmpale: infra_driver = heat
|
||||||
|
infra_driver = heat
|
||||||
|
|
||||||
|
# Specify drivers for mgmt
|
||||||
|
mgmt_driver = noop
|
||||||
|
mgmt_driver = openwrt
|
||||||
|
{% if install_tacker_mgmt_driver_extras %}
|
||||||
|
mgmt_driver = bsc
|
||||||
|
mgmt_driver = vyatta
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
# Specify drivers for monitoring
|
||||||
|
monitor_driver = ping
|
||||||
|
monitor_driver = http_ping
|
||||||
|
|
||||||
|
[servicevm_nova]
|
||||||
|
# parameters for novaclient to talk to nova
|
||||||
|
region_name = {{ service_region }}
|
||||||
|
project_domain_id = {{ nova_service_project_domain_id }}
|
||||||
|
project_name = {{ nova_service_project_name }}
|
||||||
|
user_domain_id = {{ nova_service_user_domain_id }}
|
||||||
|
password = {{ nova_service_password }}
|
||||||
|
username = {{ nova_service_user_name }}
|
||||||
|
auth_url = {{ keystone_service_adminuri }}
|
||||||
|
auth_plugin = {{ nova_keystone_auth_plugin }}
|
||||||
|
|
||||||
|
[servicevm_heat]
|
||||||
|
heat_uri = {{ heat_service_adminurl }}
|
||||||
|
# heat_uri = http://localhost:8004/v1
|
||||||
|
stack_retries = {{ tacker_heat_stack_retires }}
|
||||||
|
stack_retry_wait = {{ tacker_heat_stack_retry_wait }}
|
||||||
|
|
||||||
|
[servicevm_agent]
|
||||||
|
# VM agent requires that an interface driver be set. Choose the one that best
|
||||||
|
# matches your plugin.
|
||||||
|
# interface_driver =
|
||||||
|
|
||||||
|
# Example of interface_driver option for OVS based plugins (OVS, Ryu, NEC)
|
||||||
|
# that supports L3 agent
|
||||||
|
# interface_driver = tacker.agent.linux.interface.OVSInterfaceDriver
|
||||||
|
|
||||||
|
# Use veth for an OVS interface or not.
|
||||||
|
# Support kernels with limited namespace support
|
||||||
|
# (e.g. RHEL 6.5) so long as ovs_use_veth is set to True.
|
||||||
|
# ovs_use_veth = False
|
||||||
|
|
||||||
|
# Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and
|
||||||
|
# iproute2 package that supports namespaces).
|
||||||
|
# use_namespaces = True
|
|
@ -0,0 +1,25 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
[Unit]
|
||||||
|
Description=tacker openstack service
|
||||||
|
After=syslog.target
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
User={{ system_user }}
|
||||||
|
Group={{ system_group }}
|
||||||
|
|
||||||
|
{% if program_override is defined %}
|
||||||
|
ExecStart={{ program_override }} {{ program_config_options|default('') }} --log-file=/var/log/tacker/{{ program_name }}.log
|
||||||
|
{% else %}
|
||||||
|
ExecStart={{ tacker_bin }}/{{ program_name }} {{ program_config_options|default('') }} --log-file=/var/log/tacker/{{ program_name }}.log
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
# Give a reasonable amount of time for the server to start up/shut down
|
||||||
|
TimeoutSec=300
|
||||||
|
Restart=on-failure
|
||||||
|
RestartSec=150
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
|
@ -0,0 +1,4 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
D /var/lock/{{ program_name }} 2755 {{ system_user }} {{ system_group }}
|
||||||
|
D /var/run/{{ program_name }} 2755 {{ system_user }} {{ system_group }}
|
|
@ -0,0 +1,41 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
# vim:set ft=upstart ts=2 et:
|
||||||
|
|
||||||
|
description "{{ tacker_program_name }}"
|
||||||
|
|
||||||
|
start on runlevel [2345]
|
||||||
|
stop on runlevel [016]
|
||||||
|
|
||||||
|
respawn
|
||||||
|
respawn limit 10 5
|
||||||
|
|
||||||
|
# Set the RUNBIN environment variable
|
||||||
|
env RUNBIN="{{ tacker_bin }}/{{ tacker_program_name }}"
|
||||||
|
|
||||||
|
# Change directory to service users home
|
||||||
|
chdir "{{ tacker_system_user_home }}"
|
||||||
|
|
||||||
|
# Pre start actions
|
||||||
|
pre-start script
|
||||||
|
mkdir -p "/var/run/{{ tacker_program_name }}"
|
||||||
|
chown {{ tacker_system_user_name }}:{{ tacker_system_group_name }} "/var/run/{{ tacker_program_name }}"
|
||||||
|
|
||||||
|
mkdir -p "/var/lock/{{ tacker_program_name }}"
|
||||||
|
chown {{ tacker_system_user_name }}:{{ tacker_system_group_name }} "/var/lock/{{ tacker_program_name }}"
|
||||||
|
|
||||||
|
end script
|
||||||
|
|
||||||
|
# Post stop actions
|
||||||
|
post-stop script
|
||||||
|
rm "/var/run/{{ tacker_program_name }}/{{ tacker_program_name }}.pid"
|
||||||
|
end script
|
||||||
|
|
||||||
|
# Run the start up job
|
||||||
|
exec start-stop-daemon --start \
|
||||||
|
--chuid {{ tacker_system_user_name }} \
|
||||||
|
--make-pidfile \
|
||||||
|
--pidfile /var/run/{{ tacker_program_name }}/{{ tacker_program_name }}.pid \
|
||||||
|
--exec "{{ program_override|default('$RUNBIN') }}" \
|
||||||
|
-- {{ program_config_options|default('') }} \
|
||||||
|
--log-file=/var/log/tacker/{{ tacker_program_name }}.log
|
|
@ -0,0 +1 @@
|
||||||
|
localhost
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
- hosts: localhost
|
||||||
|
remote_user: root
|
||||||
|
roles:
|
||||||
|
- os_tacker
|
|
@ -0,0 +1,17 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
|
@ -0,0 +1,27 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
## APT Cache options
|
||||||
|
cache_timeout: 600
|
||||||
|
|
||||||
|
tacker_distro_packages:
|
||||||
|
- rsync
|
||||||
|
- git
|
||||||
|
#- remove after testing
|
||||||
|
- python-pip
|
||||||
|
#- remove after testing
|
||||||
|
- python-mysqldb
|
|
@ -0,0 +1,27 @@
|
||||||
|
---
|
||||||
|
# (C)2016 Brocade Communications Systems, Inc.
|
||||||
|
# 130 Holger Way, San Jose, CA 95134.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
## APT Cache options
|
||||||
|
cache_timeout: 600
|
||||||
|
|
||||||
|
tacker_distro_packages:
|
||||||
|
- rsync
|
||||||
|
- git
|
||||||
|
#- remove after testing
|
||||||
|
- python-pip
|
||||||
|
#- remove after testing
|
||||||
|
- python-mysqldb
|
Loading…
Reference in New Issue