From 94e56a4138e1915298b53217c2bfbc1de8dc5739 Mon Sep 17 00:00:00 2001 From: Seb-Solon Date: Tue, 14 Nov 2017 14:24:25 -0500 Subject: [PATCH] Add: Aodh support into telemetry Closes-Bug: #1779940 Change-Id: I6deefd31562fba5da3987ab31534ebd6689d27e2 --- attributes/aodh_conf.rb | 19 ++++ attributes/default.rb | 30 +++++- recipes/aodh.rb | 152 +++++++++++++++++++++++++++++++ recipes/identity_registration.rb | 5 +- spec/spec_helper.rb | 3 + 5 files changed, 206 insertions(+), 3 deletions(-) create mode 100644 attributes/aodh_conf.rb create mode 100644 recipes/aodh.rb diff --git a/attributes/aodh_conf.rb b/attributes/aodh_conf.rb new file mode 100644 index 0000000..993b1a8 --- /dev/null +++ b/attributes/aodh_conf.rb @@ -0,0 +1,19 @@ +default['openstack']['aodh']['conf_secrets'] = {} + +default['openstack']['aodh']['conf'].tap do |conf| + # [keystone_authtoken] section + conf['keystone_authtoken']['username'] = 'aodh' + conf['keystone_authtoken']['project_name'] = 'service' + conf['keystone_authtoken']['auth_type'] = 'v3password' + conf['keystone_authtoken']['user_domain_name'] = 'Default' + conf['keystone_authtoken']['project_domain_name'] = 'Default' + conf['keystone_authtoken']['region_name'] = node['openstack']['region'] + # [service_credentials] section + conf['service_credentials']['username'] = 'aodh' + conf['service_credentials']['project_name'] = 'service' + conf['service_credentials']['user_domain_name'] = 'Default' + conf['service_credentials']['project_domain_name'] = 'Default' + conf['service_credentials']['auth_type'] = 'v3password' + conf['service_credentials']['interface'] = 'internal' + conf['service_credentials']['region_name'] = node['openstack']['region'] +end diff --git a/attributes/default.rb b/attributes/default.rb index 4d047eb..6c3634a 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -27,13 +27,14 @@ default['openstack']['telemetry']['custom_template_banner'] = ' # Set the endpoints for the telemetry services to allow all other cookbooks to # access and use them -%w(telemetry telemetry-metric).each do |ts| +%w(telemetry telemetry-metric aodh).each do |ts| %w(public internal admin).each do |ep_type| default['openstack']['endpoints'][ep_type][ts]['host'] = '127.0.0.1' default['openstack']['endpoints'][ep_type][ts]['scheme'] = 'http' default['openstack']['endpoints'][ep_type][ts]['path'] = '' default['openstack']['endpoints'][ep_type]['telemetry']['port'] = 8777 default['openstack']['endpoints'][ep_type]['telemetry-metric']['port'] = 8041 + default['openstack']['endpoints'][ep_type]['aodh']['port'] = 8042 # web-service (e.g. apache) listen address (can be different from openstack # telemetry endpoints) end @@ -41,6 +42,7 @@ default['openstack']['telemetry']['custom_template_banner'] = ' end default['openstack']['bind_service']['all']['telemetry']['port'] = 8777 default['openstack']['bind_service']['all']['telemetry-metric']['port'] = 8041 +default['openstack']['bind_service']['all']['aodh']['port'] = 8042 default['openstack']['telemetry']['conf_dir'] = '/etc/ceilometer' default['openstack']['telemetry']['conf_file'] = @@ -50,22 +52,32 @@ default['openstack']['telemetry-metric']['conf_file'] = ::File.join(node['openstack']['telemetry-metric']['conf_dir'], 'gnocchi.conf') default['openstack']['telemetry']['syslog']['use'] = false +default['openstack']['aodh']['conf_dir'] = '/etc/aodh' +default['openstack']['aodh']['conf_file'] = + ::File.join(node['openstack']['aodh']['conf_dir'], 'aodh.conf') + default['openstack']['telemetry']['user'] = 'ceilometer' default['openstack']['telemetry']['group'] = 'ceilometer' default['openstack']['telemetry-metric']['user'] = 'gnocchi' default['openstack']['telemetry-metric']['group'] = 'gnocchi' +default['openstack']['aodh']['user'] = 'aodh' +default['openstack']['aodh']['group'] = 'aodh' + default['openstack']['telemetry']['service_role'] = 'admin' default['openstack']['telemetry-metric']['service_role'] = 'admin' +default['openstack']['aodh']['service_role'] = 'admin' default['openstack']['telemetry']['identity-api']['auth']['version'] = node['openstack']['api']['auth']['version'] default['openstack']['telemetry-metric']['identity-api']['auth']['version'] = node['openstack']['api']['auth']['version'] +default['openstack']['aodh']['identity-api']['auth']['version'] = + node['openstack']['api']['auth']['version'] default['openstack']['telemetry-metric']['gnocchi-upgrade-options'] = '' -%w(telemetry telemetry-metric).each do |ts| +%w(telemetry telemetry-metric aodh).each do |ts| # specify whether to enable SSL for ceilometer API endpoint default['openstack'][ts]['ssl']['enabled'] = false # specify server whether to enforce client certificate requirement @@ -109,6 +121,14 @@ when 'rhel' 'package_overrides' => '', } + default['openstack']['aodh']['platform'] = { + 'aodh_packages' => ['openstack-aodh', 'openstack-aodh-api', 'openstack-aodh-evaluator', + 'openstack-aodh-expirer', 'openstack-aodh-listener', 'openstack-aodh-notifier', + 'python-aodhclient'], + 'aodh_services' => ['openstack-aodh-evaluator', 'openstack-aodh-notifier', 'openstack-aodh-listener'], + 'aodh-api_wsgi_file' => '/usr/share/aodh/app.wsgi', + } + when 'debian' default['openstack']['telemetry']['platform'] = { 'common_packages' => ['ceilometer-common'], @@ -129,4 +149,10 @@ when 'debian' 'collector_service' => 'ceilometer-collector', 'package_overrides' => '', } + + default['openstack']['aodh']['platform'] = { + 'aodh_packages' => ['aodh-api', 'aodh-evaluator', 'aodh-expirer', 'aodh-listener', 'aodh-notifier', 'python-ceilometerclient'], + 'aodh_services' => ['aodh-evaluator', 'aodh-notifier', 'aodh-listener'], + 'aodh-api_wsgi_file' => '/usr/share/aodh/app.wsgi' # this file come with aodh-common which aodh-api depends on + } end diff --git a/recipes/aodh.rb b/recipes/aodh.rb new file mode 100644 index 0000000..bb04a48 --- /dev/null +++ b/recipes/aodh.rb @@ -0,0 +1,152 @@ +# encoding: UTF-8 +# +# Cookbook Name:: openstack-telemetry +# Recipe:: aodh +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# load the methods defined in cookbook-openstack-common libraries +class ::Chef::Recipe + include ::Openstack +end + +platform = node['openstack']['aodh']['platform'] +platform['aodh_packages'].each do |pkg| + package pkg do + options platform['package_overrides'] + action :upgrade + end +end + +if node['openstack']['mq']['service_type'] == 'rabbit' + node.default['openstack']['aodh']['conf_secrets']['DEFAULT']['transport_url'] = rabbit_transport_url 'aodh' +end + +db_user = node['openstack']['db']['aodh']['username'] +db_pass = get_password 'db', 'aodh' +bind_service = node['openstack']['bind_service']['all']['aodh'] +bind_service_address = bind_address bind_service + +node.default['openstack']['aodh']['conf_secrets'].tap do |conf_secrets| + conf_secrets['database']['connection'] = + db_uri('aodh', db_user, db_pass) + conf_secrets['service_credentials']['password'] = + get_password 'service', 'openstack-aodh' + conf_secrets['keystone_authtoken']['password'] = + get_password 'service', 'openstack-aodh' +end + +identity_public_endpoint = public_endpoint 'identity' +auth_url = + auth_uri_transform( + identity_public_endpoint.to_s, + node['openstack']['aodh']['identity-api']['auth']['version'] + ) + +node.default['openstack']['aodh']['conf'].tap do |conf| + conf['api']['host'] = bind_service_address + conf['api']['port'] = bind_service.port + conf['keystone_authtoken']['auth_url'] = auth_url + conf['service_credentials']['auth_url'] = auth_url + conf['keystone_authtoken']['memcache_servers'] = memcached_servers.join ',' +end + +directory node['openstack']['aodh']['conf_dir'] do + owner node['openstack']['aodh']['user'] + group node['openstack']['aodh']['group'] + mode 0o0750 + action :create +end + +# merge all config options and secrets to be used in the aodh.conf +aodh_conf_options = merge_config_options 'aodh' + +template node['openstack']['aodh']['conf_file'] do + source 'openstack-service.conf.erb' + cookbook 'openstack-common' + owner node['openstack']['aodh']['user'] + group node['openstack']['aodh']['group'] + mode 0o0640 + variables( + service_config: aodh_conf_options + ) +end + +execute 'run aodh-dbsync' do + command 'aodh-dbsync ' + user node['openstack']['aodh']['user'] +end + +#### Start of Apache specific work + +# configure attributes for apache2 cookbook to align with openstack settings +apache_listen = Array(node['apache']['listen']) # include already defined listen attributes +# Remove the default apache2 cookbook port, as that is also the default for horizon, but with +# a different address syntax. *:80 vs 0.0.0.0:80 +apache_listen -= ['*:80'] +apache_listen += ["#{bind_service_address}:#{bind_service.port}"] +node.normal['apache']['listen'] = apache_listen.uniq + +# include the apache2 default recipe and the recipes for mod_wsgi +include_recipe 'apache2' +include_recipe 'apache2::mod_wsgi' +# include the apache2 mod_ssl recipe if ssl is enabled for identity +include_recipe 'apache2::mod_ssl' if node['openstack']['aodh']['ssl']['enabled'] + +# create the aodh-api apache directory +aodh_apache_dir = "#{node['apache']['docroot_dir']}/aodh" +directory aodh_apache_dir do + owner 'root' + group 'root' + mode 0o0755 +end + +aodh_server_entry = "#{aodh_apache_dir}/app" +# Note: Using lazy here as the wsgi file is not available until after +# the aodh-common package is installed during execution phase. +file aodh_server_entry do + content lazy { IO.read(platform['aodh-api_wsgi_file']) } + owner 'root' + group 'root' + mode 0o0755 +end + +web_app 'aodh-api' do + template 'wsgi-template.conf.erb' + daemon_process 'aodh-api' + server_host bind_service.host + server_port bind_service.port + server_entry aodh_server_entry + run_dir node['apache']['run_dir'] + log_dir node['apache']['log_dir'] + log_debug node['openstack']['aodh']['debug'] + user node['openstack']['aodh']['user'] + group node['openstack']['aodh']['group'] + use_ssl node['openstack']['aodh']['ssl']['enabled'] + cert_file node['openstack']['aodh']['ssl']['certfile'] + chain_file node['openstack']['aodh']['ssl']['chainfile'] + key_file node['openstack']['aodh']['ssl']['keyfile'] + ca_certs_path node['openstack']['aodh']['ssl']['ca_certs_path'] + cert_required node['openstack']['aodh']['ssl']['cert_required'] + protocol node['openstack']['aodh']['ssl']['protocol'] + ciphers node['openstack']['aodh']['ssl']['ciphers'] +end + +platform['aodh_services'].each do |aodh_service| + service aodh_service do + service_name aodh_service + subscribes :restart, "template[#{node['openstack']['aodh']['conf_file']}]" + action [:enable, :start] + end +end diff --git a/recipes/identity_registration.rb b/recipes/identity_registration.rb index f7d3fcb..0aff62c 100644 --- a/recipes/identity_registration.rb +++ b/recipes/identity_registration.rb @@ -41,7 +41,7 @@ connection_params = { openstack_domain_name: admin_domain, } -%w(telemetry telemetry-metric).each do |telemetry_service| +%w(telemetry telemetry-metric aodh).each do |telemetry_service| case telemetry_service when 'telemetry' service_name = 'ceilometer' @@ -49,6 +49,9 @@ connection_params = { when 'telemetry-metric' service_name = 'gnocchi' service_type = 'metric' + when 'aodh' + service_name = 'aodh' + service_type = 'alarming' end interfaces = { diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index bf7574a..52b083c 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -38,6 +38,9 @@ shared_context 'telemetry-stubs' do allow_any_instance_of(Chef::Recipe).to receive(:get_password) .with('service', 'openstack-telemetry-metric') .and_return('gnocchi-pass') + allow_any_instance_of(Chef::Recipe).to receive(:get_password) + .with('service', 'openstack-aodh') + .and_return('aodh-pass') allow_any_instance_of(Chef::Recipe).to receive(:get_password) .with('user', 'guest') .and_return('mq-pass')