Add support for using distribution packages for OpenStack services
Distributions provide packages for the OpenStack services so we add support for using these instead of the pip ones. Change-Id: I1c2b4ad14fb40ce3958ed197115ccf45468544c6 Implements: blueprint openstack-distribution-packages
This commit is contained in:
parent
d8cc312659
commit
c9135f8b34
|
@ -21,6 +21,9 @@ debug: False
|
|||
barbican_package_state: "latest"
|
||||
barbican_pip_package_state: "latest"
|
||||
|
||||
# Set installation method.
|
||||
barbican_install_method: "source"
|
||||
|
||||
# Toggle keystone authentication for barbican
|
||||
barbican_keystone_auth: no
|
||||
|
||||
|
@ -79,7 +82,7 @@ barbican_developer_constraints:
|
|||
|
||||
# Name of the virtual env to deploy into
|
||||
barbican_venv_tag: untagged
|
||||
barbican_bin: "/openstack/venvs/barbican-{{ barbican_venv_tag }}/bin"
|
||||
barbican_bin: "{{ _barbican_bin }}"
|
||||
|
||||
# venv_download, even when true, will use the fallback method of building the
|
||||
# venv from scratch if the venv download fails.
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
The role now supports using the distribution packages for the OpenStack
|
||||
services instead of the pip ones. This feature is disabled by default
|
||||
and can be enabled by simply setting the ``barbican_install_method``
|
||||
variable to ``distro``.
|
|
@ -16,6 +16,7 @@
|
|||
- include: barbican_init_common.yml
|
||||
vars:
|
||||
program_name: "{{ barbican_uwsgi_program_name }}"
|
||||
program_bin: "{{ barbican_uwsgi_bin }}"
|
||||
program_config_options: "{{ barbican_uwsgi_options }}"
|
||||
service_name: "{{ barbican_service_name }}"
|
||||
system_user: "{{ barbican_system_user_name }}"
|
||||
|
|
|
@ -13,9 +13,21 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Record the installation method
|
||||
ini_file:
|
||||
dest: "/etc/ansible/facts.d/openstack_ansible.fact"
|
||||
section: "barbican"
|
||||
option: "install_method"
|
||||
value: "{{ barbican_install_method }}"
|
||||
|
||||
- name: Refresh local facts to ensure the barbican section is present
|
||||
setup:
|
||||
filter: ansible_local
|
||||
gather_subset: "!all"
|
||||
|
||||
- name: Install distro packages
|
||||
package:
|
||||
name: "{{ barbican_distro_packages }}"
|
||||
name: "{{ barbican_package_list }}"
|
||||
state: "{{ barbican_package_state }}"
|
||||
update_cache: "{{ (ansible_pkg_mgr in ['apt', 'zypper']) | ternary('yes', omit) }}"
|
||||
cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(cache_timeout, omit) }}"
|
||||
|
@ -24,112 +36,6 @@
|
|||
retries: 5
|
||||
delay: 2
|
||||
|
||||
- name: Create developer mode constraint file
|
||||
copy:
|
||||
dest: "/opt/developer-pip-constraints.txt"
|
||||
content: |
|
||||
{% for item in barbican_developer_constraints %}
|
||||
{{ item }}
|
||||
{% endfor %}
|
||||
when: barbican_developer_mode | bool
|
||||
|
||||
- name: Install requires pip packages
|
||||
pip:
|
||||
name: "{{ barbican_requires_pip_packages }}"
|
||||
state: "{{ barbican_pip_package_state }}"
|
||||
extra_args: >-
|
||||
{{ barbican_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }}
|
||||
{{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }}
|
||||
{{ pip_install_options | default('') }}
|
||||
register: install_packages
|
||||
until: install_packages|success
|
||||
retries: 5
|
||||
delay: 2
|
||||
|
||||
- name: Retrieve checksum for venv download
|
||||
uri:
|
||||
url: "{{ barbican_venv_download_url | replace('tgz', 'checksum') }}"
|
||||
return_content: yes
|
||||
register: barbican_venv_checksum
|
||||
when: barbican_venv_download | bool
|
||||
|
||||
- name: Attempt venv download
|
||||
get_url:
|
||||
url: "{{ barbican_venv_download_url }}"
|
||||
dest: "/var/cache/{{ barbican_venv_download_url | basename }}"
|
||||
checksum: "sha1:{{ barbican_venv_checksum.content | trim }}"
|
||||
register: barbican_get_venv
|
||||
when: barbican_venv_download | bool
|
||||
|
||||
- name: Remove existing venv
|
||||
file:
|
||||
path: "{{ barbican_bin | dirname }}"
|
||||
state: absent
|
||||
when: barbican_get_venv | changed
|
||||
|
||||
- name: Create barbican venv dir
|
||||
file:
|
||||
path: "{{ barbican_bin | dirname }}"
|
||||
state: directory
|
||||
register: barbican_venv_dir
|
||||
when: barbican_get_venv | changed
|
||||
|
||||
- name: Unarchive pre-built venv
|
||||
unarchive:
|
||||
src: "/var/cache/{{ barbican_venv_download_url | basename }}"
|
||||
dest: "{{ barbican_bin | dirname }}"
|
||||
copy: "no"
|
||||
when: barbican_get_venv | changed
|
||||
notify: Restart barbican services
|
||||
|
||||
- name: Install pip packages
|
||||
pip:
|
||||
name: "{{ barbican_pip_packages }}"
|
||||
state: "{{ barbican_pip_package_state }}"
|
||||
virtualenv: "{{ barbican_bin | dirname }}"
|
||||
virtualenv_site_packages: "no"
|
||||
extra_args: >-
|
||||
{{ barbican_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }}
|
||||
{{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }}
|
||||
{{ pip_install_options | default('') }}
|
||||
register: install_packages
|
||||
until: install_packages|success
|
||||
retries: 5
|
||||
delay: 2
|
||||
when: barbican_get_venv | failed or barbican_get_venv | skipped
|
||||
notify: Restart barbican services
|
||||
|
||||
- name: Remove python from path first (CentOS, openSUSE)
|
||||
file:
|
||||
path: "{{ barbican_bin | dirname }}/bin/python2.7"
|
||||
state: "absent"
|
||||
when:
|
||||
- ansible_pkg_mgr in ['yum', 'dnf', 'zypper']
|
||||
- barbican_get_venv | changed
|
||||
|
||||
# NOTE(odyssey4me):
|
||||
# We reinitialize the venv to ensure that the right
|
||||
# version of python is in the venv, but we do not
|
||||
# want virtualenv to also replace pip, setuptools
|
||||
# and wheel so we tell it not to.
|
||||
# We do not use --always-copy for CentOS/SuSE due
|
||||
# to https://github.com/pypa/virtualenv/issues/565
|
||||
- name: Update virtualenv path
|
||||
shell: |
|
||||
find {{ barbican_bin }} -name \*.pyc -delete
|
||||
sed -si '1s/^.*python.*$/#!{{ barbican_bin | replace ('/','\/') }}\/python/' {{ barbican_bin }}/*
|
||||
virtualenv {{ barbican_bin | dirname }} \
|
||||
{{ (ansible_pkg_mgr == 'apt') | ternary('--always-copy', '') }} \
|
||||
--no-pip \
|
||||
--no-setuptools \
|
||||
--no-wheel
|
||||
when: barbican_get_venv | changed
|
||||
tags:
|
||||
- skip_ansible_lint
|
||||
|
||||
- name: Record the venv tag deployed
|
||||
ini_file:
|
||||
dest: "/etc/ansible/facts.d/openstack_ansible.fact"
|
||||
section: barbican
|
||||
option: venv_tag
|
||||
value: "{{ barbican_venv_tag }}"
|
||||
- name: Install barbican packages from PIP
|
||||
include_tasks: barbican_install_source.yml
|
||||
when: barbican_install_method == 'source'
|
||||
|
|
|
@ -0,0 +1,124 @@
|
|||
---
|
||||
# Copyright 2018, SUSE Linux GmbH.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Create developer mode constraint file
|
||||
copy:
|
||||
dest: "/opt/developer-pip-constraints.txt"
|
||||
content: |
|
||||
{% for item in barbican_developer_constraints %}
|
||||
{{ item }}
|
||||
{% endfor %}
|
||||
when: barbican_developer_mode | bool
|
||||
|
||||
- name: Install requires pip packages
|
||||
pip:
|
||||
name: "{{ barbican_requires_pip_packages }}"
|
||||
state: "{{ barbican_pip_package_state }}"
|
||||
extra_args: >-
|
||||
{{ barbican_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }}
|
||||
{{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }}
|
||||
{{ pip_install_options | default('') }}
|
||||
register: install_packages
|
||||
until: install_packages|success
|
||||
retries: 5
|
||||
delay: 2
|
||||
|
||||
- name: Retrieve checksum for venv download
|
||||
uri:
|
||||
url: "{{ barbican_venv_download_url | replace('tgz', 'checksum') }}"
|
||||
return_content: yes
|
||||
register: barbican_venv_checksum
|
||||
when: barbican_venv_download | bool
|
||||
|
||||
- name: Attempt venv download
|
||||
get_url:
|
||||
url: "{{ barbican_venv_download_url }}"
|
||||
dest: "/var/cache/{{ barbican_venv_download_url | basename }}"
|
||||
checksum: "sha1:{{ barbican_venv_checksum.content | trim }}"
|
||||
register: barbican_get_venv
|
||||
when: barbican_venv_download | bool
|
||||
|
||||
- name: Remove existing venv
|
||||
file:
|
||||
path: "{{ barbican_bin | dirname }}"
|
||||
state: absent
|
||||
when: barbican_get_venv | changed
|
||||
|
||||
- name: Create barbican venv dir
|
||||
file:
|
||||
path: "{{ barbican_bin | dirname }}"
|
||||
state: directory
|
||||
register: barbican_venv_dir
|
||||
when: barbican_get_venv | changed
|
||||
|
||||
- name: Unarchive pre-built venv
|
||||
unarchive:
|
||||
src: "/var/cache/{{ barbican_venv_download_url | basename }}"
|
||||
dest: "{{ barbican_bin | dirname }}"
|
||||
copy: "no"
|
||||
when: barbican_get_venv | changed
|
||||
notify: Restart barbican services
|
||||
|
||||
- name: Install pip packages
|
||||
pip:
|
||||
name: "{{ barbican_pip_packages }}"
|
||||
state: "{{ barbican_pip_package_state }}"
|
||||
virtualenv: "{{ barbican_bin | dirname }}"
|
||||
virtualenv_site_packages: "no"
|
||||
extra_args: >-
|
||||
{{ barbican_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }}
|
||||
{{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }}
|
||||
{{ pip_install_options | default('') }}
|
||||
register: install_packages
|
||||
until: install_packages|success
|
||||
retries: 5
|
||||
delay: 2
|
||||
when: barbican_get_venv | failed or barbican_get_venv | skipped
|
||||
notify: Restart barbican services
|
||||
|
||||
- name: Remove python from path first (CentOS, openSUSE)
|
||||
file:
|
||||
path: "{{ barbican_bin | dirname }}/bin/python2.7"
|
||||
state: "absent"
|
||||
when:
|
||||
- ansible_pkg_mgr in ['yum', 'dnf', 'zypper']
|
||||
- barbican_get_venv | changed
|
||||
|
||||
# NOTE(odyssey4me):
|
||||
# We reinitialize the venv to ensure that the right
|
||||
# version of python is in the venv, but we do not
|
||||
# want virtualenv to also replace pip, setuptools
|
||||
# and wheel so we tell it not to.
|
||||
# We do not use --always-copy for CentOS/SuSE due
|
||||
# to https://github.com/pypa/virtualenv/issues/565
|
||||
- name: Update virtualenv path
|
||||
shell: |
|
||||
find {{ barbican_bin }} -name \*.pyc -delete
|
||||
sed -si '1s/^.*python.*$/#!{{ barbican_bin | replace ('/','\/') }}\/python/' {{ barbican_bin }}/*
|
||||
virtualenv {{ barbican_bin | dirname }} \
|
||||
{{ (ansible_pkg_mgr == 'apt') | ternary('--always-copy', '') }} \
|
||||
--no-pip \
|
||||
--no-setuptools \
|
||||
--no-wheel
|
||||
when: barbican_get_venv | changed
|
||||
tags:
|
||||
- skip_ansible_lint
|
||||
|
||||
- name: Record the venv tag deployed
|
||||
ini_file:
|
||||
dest: "/etc/ansible/facts.d/openstack_ansible.fact"
|
||||
section: barbican
|
||||
option: venv_tag
|
||||
value: "{{ barbican_venv_tag }}"
|
|
@ -26,6 +26,21 @@
|
|||
tags:
|
||||
- always
|
||||
|
||||
- name: Fail if service was deployed using a different installation method
|
||||
fail:
|
||||
msg: "Switching installation methods for OpenStack services is not supported"
|
||||
when:
|
||||
- ansible_local is defined
|
||||
- ansible_local.openstack_ansible is defined
|
||||
- ansible_local.openstack_ansible.barbican is defined
|
||||
- ansible_local.openstack_ansible.barbican.install_method is defined
|
||||
- ansible_local.openstack_ansible.barbican.install_method != barbican_install_method
|
||||
|
||||
- name: Gather variables for installation method
|
||||
include_vars: "{{ barbican_install_method }}_install.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- include: barbican_pre_install.yml
|
||||
tags:
|
||||
- barbican-install
|
||||
|
|
|
@ -13,7 +13,7 @@ Group={{ system_group }}
|
|||
{% if program_override is defined %}
|
||||
ExecStart={{ program_override }} {{ program_config_options|default('') }}
|
||||
{% else %}
|
||||
ExecStart={{ barbican_bin }}/{{ program_name }} {{ program_config_options|default('') }}
|
||||
ExecStart={{ program_bin }}/{{ program_name }} {{ program_config_options|default('') }}
|
||||
{% endif %}
|
||||
|
||||
# Give a reasonable amount of time for the server to start up/shut down
|
||||
|
|
8
tox.ini
8
tox.ini
|
@ -100,6 +100,14 @@ deps =
|
|||
commands =
|
||||
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
|
||||
|
||||
[testenv:distro_install]
|
||||
deps =
|
||||
{[testenv:ansible]deps}
|
||||
setenv =
|
||||
{[testenv]setenv}
|
||||
ANSIBLE_PARAMETERS=-e barbican_install_method=distro
|
||||
commands =
|
||||
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
|
||||
|
||||
[testenv:ssl]
|
||||
deps =
|
||||
|
|
|
@ -20,3 +20,13 @@ barbican_distro_packages:
|
|||
- libffi-dev
|
||||
- gettext
|
||||
- build-essential
|
||||
|
||||
barbican_service_distro_packages:
|
||||
- barbican-api
|
||||
- barbican-keystone-listener
|
||||
- barbican-worker
|
||||
- python-pymysql # needed by /usr/bin/barbican-manage db upgrade.
|
||||
- uwsgi
|
||||
- uwsgi-plugin-python
|
||||
|
||||
barbican_uwsgi_bin: '/usr/bin'
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
# Copyright 2017, SUSE Linux GmbH.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
barbican_package_list: "{{ barbican_service_distro_packages }}"
|
||||
_barbican_bin: "/usr/bin"
|
|
@ -21,3 +21,13 @@ barbican_distro_packages:
|
|||
- openssl-devel
|
||||
- postgresql-libs
|
||||
- python-devel
|
||||
|
||||
barbican_service_distro_packages:
|
||||
- openstack-barbican
|
||||
- openstack-barbican-api
|
||||
- openstack-barbican-keystone-listener
|
||||
- openstack-barbican-worker
|
||||
- uwsgi
|
||||
- uwsgi-plugin-python
|
||||
|
||||
barbican_uwsgi_bin: '/usr/sbin'
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
# Copyright 2019, SUSE Linux GmbH.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
barbican_package_list: "{{ barbican_distro_packages }}"
|
||||
_barbican_bin: "/openstack/venvs/barbican-{{ barbican_venv_tag }}/bin"
|
||||
barbican_uwsgi_bin: "{{ _barbican_bin }}"
|
|
@ -19,3 +19,14 @@ barbican_distro_packages:
|
|||
- libopenssl-devel
|
||||
- postgresql-devel
|
||||
- python-devel
|
||||
|
||||
barbican_service_distro_packages:
|
||||
- openstack-barbican
|
||||
- openstack-barbican-api
|
||||
- openstack-barbican-keystone-listener
|
||||
- openstack-barbican-retry
|
||||
- openstack-barbican-worker
|
||||
- uwsgi
|
||||
- uwsgi-python
|
||||
|
||||
barbican_uwsgi_bin: '/usr/sbin'
|
||||
|
|
|
@ -19,6 +19,11 @@
|
|||
- openstack-ansible-functional-centos-7
|
||||
- openstack-ansible-functional-opensuse-423
|
||||
- openstack-ansible-functional-ubuntu-xenial
|
||||
- openstack-ansible-functional-distro_install-ubuntu-xenial
|
||||
# NOTE(hwoarang) Centos7 is having some troubles with repo dependencies
|
||||
# so disabling until it's investigated.
|
||||
- openstack-ansible-functional-distro_install-centos-7-nv
|
||||
- openstack-ansible-functional-distro_install-opensuse-423
|
||||
- openstack-ansible-barbican-ssl-nv
|
||||
experimental:
|
||||
jobs:
|
||||
|
@ -29,3 +34,5 @@
|
|||
- openstack-ansible-functional-centos-7
|
||||
- openstack-ansible-functional-opensuse-423
|
||||
- openstack-ansible-functional-ubuntu-xenial
|
||||
- openstack-ansible-functional-distro_install-ubuntu-xenial
|
||||
- openstack-ansible-functional-distro_install-opensuse-423
|
||||
|
|
Loading…
Reference in New Issue