From 31f7732aef7bc69b3c51755b4622fd4e5ce59536 Mon Sep 17 00:00:00 2001 From: Eduardo Gonzalez Date: Fri, 7 Apr 2017 16:01:07 +0100 Subject: [PATCH] Implement blazar ansible role Add ansible role to deploy blazar Add nova filters to allow use of blazar Change-Id: I6742ddc9a4736f256491dd0cfd31904fa8eb5652 Implements: blueprint blazar-ansible-role --- README.rst | 1 + ansible/group_vars/all.yml | 3 + ansible/inventory/all-in-one | 10 +++ ansible/inventory/multinode | 10 +++ ansible/roles/blazar/defaults/main.yml | 63 +++++++++++++++ ansible/roles/blazar/handlers/main.yml | 46 +++++++++++ ansible/roles/blazar/meta/main.yml | 3 + ansible/roles/blazar/tasks/bootstrap.yml | 54 +++++++++++++ .../roles/blazar/tasks/bootstrap_service.yml | 19 +++++ ansible/roles/blazar/tasks/check.yml | 1 + ansible/roles/blazar/tasks/config.yml | 78 +++++++++++++++++++ ansible/roles/blazar/tasks/deploy.yml | 13 ++++ ansible/roles/blazar/tasks/main.yml | 2 + ansible/roles/blazar/tasks/precheck.yml | 17 ++++ ansible/roles/blazar/tasks/pull.yml | 10 +++ ansible/roles/blazar/tasks/reconfigure.yml | 2 + ansible/roles/blazar/tasks/register.yml | 36 +++++++++ ansible/roles/blazar/tasks/upgrade.yml | 7 ++ .../roles/blazar/templates/blazar-api.json.j2 | 25 ++++++ .../blazar/templates/blazar-manager.json.j2 | 25 ++++++ ansible/roles/blazar/templates/blazar.conf.j2 | 58 ++++++++++++++ ansible/roles/common/tasks/config.yml | 1 + .../conf/filter/01-rewrite-0.12.conf.j2 | 1 + .../conf/filter/01-rewrite-0.14.conf.j2 | 5 ++ .../templates/cron-logrotate-blazar.conf.j2 | 3 + ansible/roles/common/templates/cron.json.j2 | 1 + ansible/roles/haproxy/tasks/precheck.yml | 12 +++ .../roles/haproxy/templates/haproxy.cfg.j2 | 19 +++++ ansible/roles/nova/templates/nova.conf.j2 | 7 ++ ansible/site.yml | 11 +++ etc/kolla/globals.yml | 1 + etc/kolla/passwords.yml | 3 + .../blazar-ansible-role-15887700e73b00f8.yaml | 3 + 33 files changed, 550 insertions(+) create mode 100644 ansible/roles/blazar/defaults/main.yml create mode 100644 ansible/roles/blazar/handlers/main.yml create mode 100644 ansible/roles/blazar/meta/main.yml create mode 100644 ansible/roles/blazar/tasks/bootstrap.yml create mode 100644 ansible/roles/blazar/tasks/bootstrap_service.yml create mode 100644 ansible/roles/blazar/tasks/check.yml create mode 100644 ansible/roles/blazar/tasks/config.yml create mode 100644 ansible/roles/blazar/tasks/deploy.yml create mode 100644 ansible/roles/blazar/tasks/main.yml create mode 100644 ansible/roles/blazar/tasks/precheck.yml create mode 100644 ansible/roles/blazar/tasks/pull.yml create mode 100644 ansible/roles/blazar/tasks/reconfigure.yml create mode 100644 ansible/roles/blazar/tasks/register.yml create mode 100644 ansible/roles/blazar/tasks/upgrade.yml create mode 100644 ansible/roles/blazar/templates/blazar-api.json.j2 create mode 100644 ansible/roles/blazar/templates/blazar-manager.json.j2 create mode 100644 ansible/roles/blazar/templates/blazar.conf.j2 create mode 100644 ansible/roles/common/templates/cron-logrotate-blazar.conf.j2 create mode 100644 releasenotes/notes/blazar-ansible-role-15887700e73b00f8.yaml diff --git a/README.rst b/README.rst index 528413eab9..55dd515db1 100644 --- a/README.rst +++ b/README.rst @@ -45,6 +45,7 @@ Kolla-Ansible deploys containers for the following OpenStack projects: - `Aodh `__ - `Barbican `__ - `Bifrost `__ +- `Blazar `__ - `Ceilometer `__ - `Cinder `__ - `CloudKitty `__ diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 9e43567cb1..5c5bf17ef8 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -167,6 +167,8 @@ aodh_api_port: "8042" barbican_api_port: "9311" +blazar_api_port: "1234" + cinder_api_port: "8776" congress_api_port: "1789" @@ -371,6 +373,7 @@ enable_outward_rabbitmq: "{{ enable_murano | bool }}" # Additional optional OpenStack features and services are specified here enable_aodh: "no" enable_barbican: "no" +enable_blazar: "no" enable_cadf_notifications: "no" enable_ceilometer: "no" enable_central_logging: "no" diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one index dce8d97247..cab362b268 100644 --- a/ansible/inventory/all-in-one +++ b/ansible/inventory/all-in-one @@ -231,6 +231,9 @@ monitoring [redis:children] control +[blazar:children] +control + # Additional control implemented here. These groups allow you to control which # services run on which hosts at a per-service level. # @@ -615,3 +618,10 @@ vitrage [vitrage-ml:children] vitrage + +# Blazar +[blazar-api:children] +blazar + +[blazar-manager:children] +blazar diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode index f1521cae7c..c1b2d9527a 100644 --- a/ansible/inventory/multinode +++ b/ansible/inventory/multinode @@ -250,6 +250,9 @@ monitoring [redis:children] control +[blazar:children] +control + # Additional control implemented here. These groups allow you to control which # services run on which hosts at a per-service level. # @@ -634,3 +637,10 @@ vitrage [vitrage-ml:children] vitrage + +# Blazar +[blazar-api:children] +blazar + +[blazar-manager:children] +blazar diff --git a/ansible/roles/blazar/defaults/main.yml b/ansible/roles/blazar/defaults/main.yml new file mode 100644 index 0000000000..2ca63d5443 --- /dev/null +++ b/ansible/roles/blazar/defaults/main.yml @@ -0,0 +1,63 @@ +--- +project_name: "blazar" + +blazar_services: + blazar-api: + container_name: blazar_api + group: blazar-api + enabled: true + image: "{{ blazar_api_image_full }}" + volumes: + - "{{ node_config_directory }}/blazar-api/:{{ container_config_directory }}/:ro" + - "/etc/localtime:/etc/localtime:ro" + - "kolla_logs:/var/log/kolla/" + blazar-manager: + container_name: blazar_manager + group: blazar-manager + enabled: true + image: "{{ blazar_manager_image_full }}" + volumes: + - "{{ node_config_directory }}/blazar-manager/:{{ container_config_directory }}/:ro" + - "/etc/localtime:/etc/localtime:ro" + - "kolla_logs:/var/log/kolla/" + +#################### +# Blazar +#################### +blazar_aggregate_pool_name: "freepool" + +#################### +# Database +#################### +blazar_database_name: "blazar" +blazar_database_user: "blazar" +blazar_database_address: "{{ kolla_internal_fqdn }}:{{ database_port }}" + + +#################### +# Docker +#################### +blazar_install_type: "{{ kolla_install_type }}" +blazar_tag: "{{ openstack_release }}" + +blazar_manager_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ blazar_install_type }}-blazar-manager" +blazar_manager_tag: "{{ blazar_tag }}" +blazar_manager_image_full: "{{ blazar_manager_image }}:{{ blazar_manager_tag }}" + +blazar_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ blazar_install_type }}-blazar-api" +blazar_api_tag: "{{ blazar_tag }}" +blazar_api_image_full: "{{ blazar_api_image }}:{{ blazar_api_tag }}" + + +#################### +# OpenStack +#################### +blazar_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ blazar_api_port }}/v1" +blazar_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ blazar_api_port }}/v1" +blazar_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ blazar_api_port }}/v1" + +blazar_logging_debug: "{{ openstack_logging_debug }}" + +blazar_keystone_user: "blazar" + +openstack_blazar_auth: "{{ openstack_auth }}" diff --git a/ansible/roles/blazar/handlers/main.yml b/ansible/roles/blazar/handlers/main.yml new file mode 100644 index 0000000000..db24311643 --- /dev/null +++ b/ansible/roles/blazar/handlers/main.yml @@ -0,0 +1,46 @@ +--- +- name: Restart blazar-api container + vars: + service_name: "blazar-api" + service: "{{ blazar_services[service_name] }}" + config_json: "{{ blazar_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + blazar_conf: "{{ blazar_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_json: "{{ blazar_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + blazar_api_container: "{{ check_blazar_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + kolla_docker: + action: "recreate_or_restart_container" + common_options: "{{ docker_common_options }}" + name: "{{ service.container_name }}" + image: "{{ service.image }}" + volumes: "{{ service.volumes }}" + when: + - action != "config" + - inventory_hostname in groups[service.group] + - service.enabled | bool + - config_json.changed | bool + or blazar_conf.changed | bool + or policy_json.changed | bool + or blazar_api_container.changed | bool + +- name: Restart blazar-manager container + vars: + service_name: "blazar-manager" + service: "{{ blazar_services[service_name] }}" + config_json: "{{ blazar_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + blazar_conf: "{{ blazar_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_json: "{{ blazar_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + blazar_manager_container: "{{ check_blazar_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + kolla_docker: + action: "recreate_or_restart_container" + common_options: "{{ docker_common_options }}" + name: "{{ service.container_name }}" + image: "{{ service.image }}" + volumes: "{{ service.volumes }}" + when: + - action != "config" + - inventory_hostname in groups[service.group] + - service.enabled | bool + - config_json.changed | bool + or blazar_conf.changed | bool + or policy_json.changed | bool + or blazar_manager_container.changed | bool diff --git a/ansible/roles/blazar/meta/main.yml b/ansible/roles/blazar/meta/main.yml new file mode 100644 index 0000000000..6b4fff8fef --- /dev/null +++ b/ansible/roles/blazar/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - { role: common } diff --git a/ansible/roles/blazar/tasks/bootstrap.yml b/ansible/roles/blazar/tasks/bootstrap.yml new file mode 100644 index 0000000000..b6fef2aac0 --- /dev/null +++ b/ansible/roles/blazar/tasks/bootstrap.yml @@ -0,0 +1,54 @@ +--- +- name: Creating blazar database + kolla_toolbox: + module_name: mysql_db + module_args: + login_host: "{{ database_address }}" + login_port: "{{ database_port }}" + login_user: "{{ database_user }}" + login_password: "{{ database_password }}" + name: "{{ blazar_database_name }}" + register: database + run_once: True + delegate_to: "{{ groups['blazar-api'][0] }}" + +- name: Creating blazar database user and setting permissions + kolla_toolbox: + module_name: mysql_user + module_args: + login_host: "{{ database_address }}" + login_port: "{{ database_port }}" + login_user: "{{ database_user }}" + login_password: "{{ database_password }}" + name: "{{ blazar_database_name }}" + password: "{{ blazar_database_password }}" + host: "%" + priv: "{{ blazar_database_name }}.*:ALL" + append_privs: "yes" + run_once: True + delegate_to: "{{ groups['blazar-api'][0] }}" + +# TODO(egonzalez) Use os_nova_host_aggregate ansible module once ansible min version is 2.3 +# http://docs.ansible.com/ansible/os_nova_host_aggregate_module.html +- name: Creating blazar host aggregate + command: > + docker exec kolla_toolbox openstack + --os-interface internal + --os-auth-url {{ keystone_admin_url }} + --os-identity-api-version 3 + --os-project-domain-name default + --os-tenant-name admin + --os-username admin + --os-password {{ keystone_admin_password }} + --os-user-domain-name default + aggregate create {{ blazar_aggregate_pool_name }} + register: blazar_host_aggregate + changed_when: blazar_host_aggregate | success + failed_when: + - blazar_host_aggregate.rc != 0 + - "{{ 'already' not in blazar_host_aggregate.stderr }}" + run_once: True + delegate_to: "{{ groups['blazar-api'][0] }}" + +- include: bootstrap_service.yml + when: database.changed diff --git a/ansible/roles/blazar/tasks/bootstrap_service.yml b/ansible/roles/blazar/tasks/bootstrap_service.yml new file mode 100644 index 0000000000..ead18b5ee7 --- /dev/null +++ b/ansible/roles/blazar/tasks/bootstrap_service.yml @@ -0,0 +1,19 @@ +--- +- name: Running blazar bootstrap container + vars: + blazar_api: "{{ blazar_services['blazar-api'] }}" + kolla_docker: + action: "start_container" + common_options: "{{ docker_common_options }}" + detach: False + environment: + KOLLA_BOOTSTRAP: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + image: "{{ blazar_api.image }}" + labels: + BOOTSTRAP: + name: "bootstrap_blazar" + restart_policy: "never" + volumes: "{{ blazar_api.volumes }}" + run_once: True + delegate_to: "{{ groups[blazar_api.group][0] }}" diff --git a/ansible/roles/blazar/tasks/check.yml b/ansible/roles/blazar/tasks/check.yml new file mode 100644 index 0000000000..ed97d539c0 --- /dev/null +++ b/ansible/roles/blazar/tasks/check.yml @@ -0,0 +1 @@ +--- diff --git a/ansible/roles/blazar/tasks/config.yml b/ansible/roles/blazar/tasks/config.yml new file mode 100644 index 0000000000..472de1b7ba --- /dev/null +++ b/ansible/roles/blazar/tasks/config.yml @@ -0,0 +1,78 @@ +--- +- name: Ensuring config directories exist + file: + path: "{{ node_config_directory }}/{{ item.key }}" + state: "directory" + recurse: yes + when: + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ blazar_services }}" + +- name: Copying over config.json files for services + template: + src: "{{ item.key }}.json.j2" + dest: "{{ node_config_directory }}/{{ item.key }}/config.json" + register: blazar_config_jsons + when: + - item.value.enabled | bool + - inventory_hostname in groups[item.value.group] + with_dict: "{{ blazar_services }}" + notify: + - Restart blazar-api container + - Restart blazar-manager container + +- name: Copying over blazar.conf + vars: + service_name: "{{ item.key }}" + merge_configs: + sources: + - "{{ role_path }}/templates/blazar.conf.j2" + - "{{ node_custom_config }}/global.conf" + - "{{ node_custom_config }}/blazar.conf" + - "{{ node_custom_config }}/blazar/{{ item.key }}.conf" + - "{{ node_custom_config }}/blazar/{{ inventory_hostname }}/blazar.conf" + dest: "{{ node_config_directory }}/{{ item.key }}/blazar.conf" + register: blazar_confs + when: + - item.value.enabled | bool + - inventory_hostname in groups[item.value.group] + with_dict: "{{ blazar_services }}" + notify: + - Restart blazar-api container + - Restart blazar-manager container + +- name: Check if policies shall be overwritten + local_action: stat path="{{ node_custom_config }}/blazar/policy.json" + register: blazar_policy + +- name: Copying over existing policy.json + template: + src: "{{ node_custom_config }}/blazar/policy.json" + dest: "{{ node_config_directory }}/{{ item.key }}/policy.json" + register: blazar_policy_jsons + when: + - blazar_policy.stat.exists + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ blazar_services }}" + notify: + - Restart blazar-api container + - Restart blazar-manager container + +- name: Check blazar containers + kolla_docker: + action: "compare_container" + common_options: "{{ docker_common_options }}" + name: "{{ item.value.container_name }}" + image: "{{ item.value.image }}" + volumes: "{{ item.value.volumes }}" + register: check_blazar_containers + when: + - action != "config" + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ blazar_services }}" + notify: + - Restart blazar-api container + - Restart blazar-manager container diff --git a/ansible/roles/blazar/tasks/deploy.yml b/ansible/roles/blazar/tasks/deploy.yml new file mode 100644 index 0000000000..9cee66a9d8 --- /dev/null +++ b/ansible/roles/blazar/tasks/deploy.yml @@ -0,0 +1,13 @@ +--- +- include: register.yml + when: inventory_hostname in groups['blazar-api'] + +- include: config.yml + when: inventory_hostname in groups['blazar-api'] or + inventory_hostname in groups['blazar-manager'] + +- include: bootstrap.yml + when: inventory_hostname in groups['blazar-api'] + +- name: Flush handlers + meta: flush_handlers diff --git a/ansible/roles/blazar/tasks/main.yml b/ansible/roles/blazar/tasks/main.yml new file mode 100644 index 0000000000..b017e8b4ad --- /dev/null +++ b/ansible/roles/blazar/tasks/main.yml @@ -0,0 +1,2 @@ +--- +- include: "{{ action }}.yml" diff --git a/ansible/roles/blazar/tasks/precheck.yml b/ansible/roles/blazar/tasks/precheck.yml new file mode 100644 index 0000000000..8a83efcac0 --- /dev/null +++ b/ansible/roles/blazar/tasks/precheck.yml @@ -0,0 +1,17 @@ +--- +- name: Get container facts + kolla_container_facts: + name: + - blazar_api + register: container_facts + +- name: Checking free port for blazar API + wait_for: + host: "{{ api_interface_address }}" + port: "{{ blazar_api_port }}" + connect_timeout: 1 + timeout: 1 + state: stopped + when: + - container_facts['blazar_api'] is not defined + - inventory_hostname in groups['blazar-api'] diff --git a/ansible/roles/blazar/tasks/pull.yml b/ansible/roles/blazar/tasks/pull.yml new file mode 100644 index 0000000000..60b814c380 --- /dev/null +++ b/ansible/roles/blazar/tasks/pull.yml @@ -0,0 +1,10 @@ +--- +- name: Pulling blazar images + kolla_docker: + action: "pull_image" + common_options: "{{ docker_common_options }}" + image: "{{ item.value.image }}" + when: + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ blazar_services }}" diff --git a/ansible/roles/blazar/tasks/reconfigure.yml b/ansible/roles/blazar/tasks/reconfigure.yml new file mode 100644 index 0000000000..e078ef1318 --- /dev/null +++ b/ansible/roles/blazar/tasks/reconfigure.yml @@ -0,0 +1,2 @@ +--- +- include: deploy.yml diff --git a/ansible/roles/blazar/tasks/register.yml b/ansible/roles/blazar/tasks/register.yml new file mode 100644 index 0000000000..5180e5c693 --- /dev/null +++ b/ansible/roles/blazar/tasks/register.yml @@ -0,0 +1,36 @@ +--- +- name: Creating the blazar service and endpoint + kolla_toolbox: + module_name: "kolla_keystone_service" + module_args: + service_name: "blazar" + service_type: "reservation" + description: "OpenStack Reservation Service" + endpoint_region: "{{ openstack_region_name }}" + url: "{{ item.url }}" + interface: "{{ item.interface }}" + region_name: "{{ openstack_region_name }}" + auth: "{{ '{{ openstack_blazar_auth }}' }}" + endpoint_type: "{{ openstack_interface }}" + module_extra_vars: + openstack_blazar_auth: "{{ openstack_blazar_auth }}" + run_once: True + with_items: + - {'interface': 'admin', 'url': '{{ blazar_admin_endpoint }}'} + - {'interface': 'internal', 'url': '{{ blazar_internal_endpoint }}'} + - {'interface': 'public', 'url': '{{ blazar_public_endpoint }}'} + +- name: Creating the blazar project, user, and role + kolla_toolbox: + module_name: "kolla_keystone_user" + module_args: + project: "service" + user: "{{ blazar_keystone_user }}" + password: "{{ blazar_keystone_password }}" + role: "admin" + region_name: "{{ openstack_region_name }}" + auth: "{{ '{{ openstack_blazar_auth }}' }}" + endpoint_type: "{{ openstack_interface }}" + module_extra_vars: + openstack_blazar_auth: "{{ openstack_blazar_auth }}" + run_once: True diff --git a/ansible/roles/blazar/tasks/upgrade.yml b/ansible/roles/blazar/tasks/upgrade.yml new file mode 100644 index 0000000000..c38db1adf4 --- /dev/null +++ b/ansible/roles/blazar/tasks/upgrade.yml @@ -0,0 +1,7 @@ +--- +- include: config.yml + +- include: bootstrap_service.yml + +- name: Flush handlers + meta: flush_handlers diff --git a/ansible/roles/blazar/templates/blazar-api.json.j2 b/ansible/roles/blazar/templates/blazar-api.json.j2 new file mode 100644 index 0000000000..12468e54ba --- /dev/null +++ b/ansible/roles/blazar/templates/blazar-api.json.j2 @@ -0,0 +1,25 @@ +{ + "command": "blazar-api --config-file /etc/blazar/blazar.conf", + "config_files": [ + { + "source": "{{ container_config_directory }}/blazar.conf", + "dest": "/etc/blazar/blazar.conf", + "owner": "blazar", + "perm": "0600" + }, + { + "source": "{{ container_config_directory }}/policy.json", + "dest": "/etc/blazar/policy.json", + "owner": "blazar", + "perm": "0600", + "optional": true + } + ], + "permissions": [ + { + "path": "/var/log/kolla/blazar", + "owner": "blazar:blazar", + "recurse": true + } + ] +} diff --git a/ansible/roles/blazar/templates/blazar-manager.json.j2 b/ansible/roles/blazar/templates/blazar-manager.json.j2 new file mode 100644 index 0000000000..6bd74e752b --- /dev/null +++ b/ansible/roles/blazar/templates/blazar-manager.json.j2 @@ -0,0 +1,25 @@ +{ + "command": "blazar-manager --config-file /etc/blazar/blazar.conf", + "config_files": [ + { + "source": "{{ container_config_directory }}/blazar.conf", + "dest": "/etc/blazar/blazar.conf", + "owner": "blazar", + "perm": "0600" + }, + { + "source": "{{ container_config_directory }}/policy.json", + "dest": "/etc/blazar/policy.json", + "owner": "blazar", + "perm": "0600", + "optional": true + } + ], + "permissions": [ + { + "path": "/var/log/kolla/blazar", + "owner": "blazar:blazar", + "recurse": true + } + ] +} diff --git a/ansible/roles/blazar/templates/blazar.conf.j2 b/ansible/roles/blazar/templates/blazar.conf.j2 new file mode 100644 index 0000000000..e62171f9f7 --- /dev/null +++ b/ansible/roles/blazar/templates/blazar.conf.j2 @@ -0,0 +1,58 @@ +[DEFAULT] +debug = {{ blazar_logging_debug }} + +log_dir = /var/log/kolla/blazar + +transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} + +host = {{ api_interface_address }} +port = {{ blazar_api_port }} +os_auth_host = {{ kolla_internal_fqdn }} +os_auth_port = {{ keystone_admin_port }} +os_auth_protocol = {{ admin_protocol }} +os_auth_version = v3 +os_admin_username = {{ blazar_keystone_user }} +os_admin_password = {{ blazar_keystone_password }} +os_admin_project_name = service +identity_service = identity + +[api] +api_v2_controllers = oshosts,leases + +[manager] +plugins = virtual.instance.plugin,physical.host.plugin + +[keystone_authtoken] +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}/v3 +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}/v3 +auth_type = password +project_domain_id = default +user_domain_id = default +project_name = service +username = {{ blazar_keystone_user }} +password = {{ blazar_keystone_password }} +service_token_roles_required = True + +memcache_security_strategy = ENCRYPT +memcache_secret_key = {{ memcache_secret_key }} +memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} + +[database] +connection = mysql+pymysql://{{ blazar_database_user }}:{{ blazar_database_password }}@{{ blazar_database_address }}/{{ blazar_database_name }} +max_retries = -1 + +[physical:host] +on_start = on_start +on_end = on_end +aggregate_freepool_name = {{ blazar_aggregate_pool_name }} +blazar_username = {{ blazar_keystone_user }} +blazar_password = {{ blazar_keystone_password }} +blazar_project_name = service + +[oslo_messaging_notifications] +{% if enable_ceilometer | bool %} +driver = messagingv2 +topics = notifications +{% else %} +driver = noop +{% endif %} diff --git a/ansible/roles/common/tasks/config.yml b/ansible/roles/common/tasks/config.yml index b5a271dce2..df889680a7 100644 --- a/ansible/roles/common/tasks/config.yml +++ b/ansible/roles/common/tasks/config.yml @@ -149,6 +149,7 @@ - { name: "ansible", enabled: "yes" } - { name: "aodh", enabled: "{{ enable_aodh }}" } - { name: "barbican", enabled: "{{ enable_barbican }}" } + - { name: "blazar", enabled: "{{ enable_blazar }}" } - { name: "ceilometer", enabled: "{{ enable_ceilometer }}" } - { name: "ceph", enabled: "{{ enable_ceph }}" } - { name: "chrony", enabled: "{{ enable_chrony }}" } diff --git a/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 b/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 index d998ef630b..43b32aecec 100644 --- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 +++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 @@ -32,4 +32,5 @@ rewriterule29 programname ^(panko-api|panko-dbsync)$ openstack_python rewriterule30 programname ^(tacker-server|tacker-conductor)$ openstack_python rewriterule31 programname ^(vitrage-collector|vitrage-ml|vitrage-notifier|vitrage-graph)$ openstack_python + rewriterule32 programname ^(blazar-api|blazar-manager)$ openstack_python diff --git a/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 b/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 index 7d93201ceb..46e22a3528 100644 --- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 +++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 @@ -155,5 +155,10 @@ key programname pattern ^(vitrage-collector|vitrage-ml|vitrage-notifier|vitrage-graph)$ tag openstack_python + + + key programname + pattern ^(blazar-api|blazar-manager)$ + tag openstack_python diff --git a/ansible/roles/common/templates/cron-logrotate-blazar.conf.j2 b/ansible/roles/common/templates/cron-logrotate-blazar.conf.j2 new file mode 100644 index 0000000000..1c0c0e2ca1 --- /dev/null +++ b/ansible/roles/common/templates/cron-logrotate-blazar.conf.j2 @@ -0,0 +1,3 @@ +"/var/log/kolla/blazar/*.log" +{ +} diff --git a/ansible/roles/common/templates/cron.json.j2 b/ansible/roles/common/templates/cron.json.j2 index e8a071d2bb..8601208172 100644 --- a/ansible/roles/common/templates/cron.json.j2 +++ b/ansible/roles/common/templates/cron.json.j2 @@ -3,6 +3,7 @@ ( 'ansible', 'yes' ), ( 'aodh', enable_aodh ), ( 'barbican', enable_barbican ), + ( 'blazar', enable_blazar ), ( 'ceilometer', enable_ceilometer ), ( 'ceph', enable_ceph ), ( 'chrony', enable_chrony ), diff --git a/ansible/roles/haproxy/tasks/precheck.yml b/ansible/roles/haproxy/tasks/precheck.yml index c8bba75587..57d7765730 100644 --- a/ansible/roles/haproxy/tasks/precheck.yml +++ b/ansible/roles/haproxy/tasks/precheck.yml @@ -119,6 +119,18 @@ - inventory_hostname in groups['haproxy'] - haproxy_stat.find('barbican_api') == -1 +- name: Checking free port for Blazar API HAProxy + wait_for: + host: "{{ kolla_internal_vip_address }}" + port: "{{ blazar_api_port }}" + connect_timeout: 1 + timeout: 1 + state: stopped + when: + - enable_blazar | bool + - inventory_hostname in groups['haproxy'] + - haproxy_stat.find('blazar_api') == -1 + - name: Checking free port for Cinder API HAProxy wait_for: host: "{{ kolla_internal_vip_address }}" diff --git a/ansible/roles/haproxy/templates/haproxy.cfg.j2 b/ansible/roles/haproxy/templates/haproxy.cfg.j2 index 335b4b9f05..2e52aef637 100644 --- a/ansible/roles/haproxy/templates/haproxy.cfg.j2 +++ b/ansible/roles/haproxy/templates/haproxy.cfg.j2 @@ -861,6 +861,25 @@ listen vitrage_api_external {% endif %} {% endif %} +{% if enable_blazar | bool %} +listen blazar_api + bind {{ kolla_internal_vip_address }}:{{ blazar_api_port }} + http-request del-header X-Forwarded-Proto if { ssl_fc } +{% for host in groups['blazar-api'] %} + server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ blazar_api_port }} check inter 2000 rise 2 fall 5 +{% endfor %} +{% if haproxy_enable_external_vip | bool %} + +listen blazar_api_external + bind {{ kolla_external_vip_address }}:{{ blazar_api_port }} {{ tls_bind_info }} + http-request del-header X-Forwarded-Proto if { ssl_fc } + http-request set-header X-Forwarded-Proto https if { ssl_fc } +{% for host in groups['blazar-api'] %} + server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ blazar_api_port }} check inter 2000 rise 2 fall 5 +{% endfor %} +{% endif %} +{% endif %} + # (NOTE): This defaults section deletes forwardfor as recommended by: # https://marc.info/?l=haproxy&m=141684110710132&w=1 diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2 index 006bd17b61..4e2d66fd5d 100644 --- a/ansible/roles/nova/templates/nova.conf.j2 +++ b/ansible/roles/nova/templates/nova.conf.j2 @@ -52,6 +52,13 @@ compute_monitors=nova.compute.monitors.cpu.virt_driver transport_url = {{ rpc_transport_url }} +{% if enable_blazar | bool %} +[filter_scheduler] +available_filters = nova.scheduler.filters.all_filters +available_filters = blazarnova.scheduler.filters.blazar_filter.BlazarFilter +enabled_filters = RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,BlazarFilter +{% endif %} + [api] use_forwarded_for = true diff --git a/ansible/site.yml b/ansible/site.yml index 3178a8e93a..141c96c3f4 100644 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -735,3 +735,14 @@ - { role: vitrage, tags: vitrage, when: enable_vitrage | bool } + +- name: Apply role blazar + gather_facts: false + hosts: + - blazar-api + - blazar-manager + serial: '{{ serial|default("0") }}' + roles: + - { role: blazar, + tags: blazar, + when: enable_blazar | bool } diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index c9107f6ce9..093a60a860 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -139,6 +139,7 @@ kolla_internal_vip_address: "10.10.10.254" # OpenStack services can be enabled or disabled with these options #enable_aodh: "no" #enable_barbican: "no" +#enable_blazar: "no" #enable_ceilometer: "no" #enable_central_logging: "no" #enable_ceph: "no" diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml index 1b85756f84..9a59564e01 100644 --- a/etc/kolla/passwords.yml +++ b/etc/kolla/passwords.yml @@ -56,6 +56,9 @@ barbican_keystone_password: barbican_p11_password: barbican_crypto_key: +blazar_database_password: +blazar_keystone_password: + keystone_admin_password: keystone_database_password: diff --git a/releasenotes/notes/blazar-ansible-role-15887700e73b00f8.yaml b/releasenotes/notes/blazar-ansible-role-15887700e73b00f8.yaml new file mode 100644 index 0000000000..592f3e038b --- /dev/null +++ b/releasenotes/notes/blazar-ansible-role-15887700e73b00f8.yaml @@ -0,0 +1,3 @@ +--- +features: + - Blazar services deployment method is implemented