diff --git a/defaults/main.yml b/defaults/main.yml index f68d97b..ab4dadc 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -96,7 +96,6 @@ monasca_service_user_domain_name: default monasca_role_name: admin monasca_api_bind_address: 0.0.0.0 -monasca_api_service_port: 8070 ## Service Type and Data monasca_service_region: RegionOne @@ -265,6 +264,7 @@ monasca_requires_pip_packages: monasca_pip_packages: - cassandra-driver + - cryptography - gunicorn - influxdb - keystoneauth1 @@ -273,7 +273,6 @@ monasca_pip_packages: - monasca-persister - monasca-notification - monasca-statsd - - pycrypto - PyOpenSSL - python-monascaclient - python-memcached diff --git a/extras/os_horizon/templates/monasca-ui/local_settings.py.j2 b/extras/os_horizon/templates/monasca-ui/local_settings.py.j2 index edaf82f..d5b507b 100644 --- a/extras/os_horizon/templates/monasca-ui/local_settings.py.j2 +++ b/extras/os_horizon/templates/monasca-ui/local_settings.py.j2 @@ -46,7 +46,18 @@ MONITORING_SERVICE_TYPE = getattr( ) # Grafana button titles/file names (global across all projects): -GRAFANA_LINKS = [] +GRAFANA_LINKS = [ + +{% if (groups['ceph_all'] is defined) and (groups['ceph_all'] | length > 0) %} + {'title': 'Ceph Dashboard', 'path': 'ceph-dashboard'}, + {'title': 'Ceph OSDs Dashboard', 'path': 'ceph-osds-dashboard'}, + {'title': 'Ceph Pools Dashboard', 'path': 'ceph-pools-dashboard'}, +{% endif %} + {'title': 'Containers Dashboard', 'path': 'containers-dashboard'}, + {'title': 'Hosts Dashboard', 'path': 'hosts-dashboard'}, + {'title': 'Infra Dashboard', 'path': 'infra-dashboard'}, + {'title': 'Instances Dashboard', 'path': 'instances-dashboard'} +] DASHBOARDS = getattr(settings, 'GRAFANA_LINKS', GRAFANA_LINKS) # @@ -64,7 +75,7 @@ DASHBOARDS = getattr(settings, 'GRAFANA_LINKS', GRAFANA_LINKS) # {'title': _('OpenStack Dashboard'), 'path': 'project'}]} # ] -GRAFANA_URL = { 'RegionOne': '{{ horizon_grafana_url }}', } +GRAFANA_URL = { '{{ horizon_service_region }}': '{{ horizon_grafana_url }}', } ENABLE_KIBANA_BUTTON = getattr(settings, 'ENABLE_KIBANA_BUTTON', False) KIBANA_POLICY_RULE = getattr(settings, 'KIBANA_POLICY_RULE', 'admin_required') diff --git a/library/monasca_alarm_definition.py b/library/monasca_alarm_definition.py index 505ed8e..2953987 100644 --- a/library/monasca_alarm_definition.py +++ b/library/monasca_alarm_definition.py @@ -37,28 +37,44 @@ options: description: - Keystone password to use for authentication, required unless a keystone_token is specified. - keystone_url: + keystone_auth_url: required: false description: - Keystone url to authenticate against, required unless keystone_token isdefined. Example http://192.168.10.5:5000/v3 + keystone_insecure: + required: false + default: false + description: + - Specifies if insecure TLS (https) requests. If True, + the servers certificate will not be validated. keystone_token: required: false description: - Keystone token to use with the monasca api. If this is specified the monasca_api_url is required but the keystone_user and keystone_password aren't. - keystone_user: + keystone_username: required: false description: - Keystone user to log in as, required unless a keystone_token is specified. - keystone_project: + keystone_user_domain_name: + required: false + default: 'Default' + description: + - Keystone user domain name used for authentication. + keystone_project_name: required: false description: - Keystone project name to obtain a token for, defaults to the user's default project + keystone_project_domain_name: + required: false + default: 'Default' + description: + - Keystone project domain name used for authentication. match_by: required: false default: "[hostname]" @@ -127,7 +143,6 @@ import os # NOQA try: from monascaclient import client - from monascaclient import ksclient except ImportError: # In many installs the python-monascaclient is available in a venv, switch # to the most common location @@ -136,7 +151,6 @@ except ImportError: try: execfile(activate_this, dict(__file__=activate_this)) from monascaclient import client - from monascaclient import ksclient except ImportError: monascaclient_found = False else: @@ -159,43 +173,40 @@ class MonascaAnsible(object): def __init__(self, module): self.module = module - self._keystone_auth() - self.exit_data = { - 'keystone_token': self.token, - 'monasca_api_url': self.api_url} + self.auth_kwargs = self._get_auth_credentials() self.monasca = client.Client( self.module.params['api_version'], - self.api_url, - token=self.token) + **self.auth_kwargs + ) def _exit_json(self, **kwargs): - """ Exit with supplied kwargs combined with the self.exit_data + """ Exit with supplied kwargs """ - kwargs.update(self.exit_data) self.module.exit_json(**kwargs) - def _keystone_auth(self): - """ Authenticate to Keystone and set self.token and self.api_url + def _get_auth_credentials(self): + """ Build kwargs for authentication """ + kwargs = { + 'auth_url': self.module.params['keystone_auth_url'], + 'insecure': self.module.params['keystone_insecure'], + 'endpoint': self.module.params['monasca_api_url'], + 'project_name': self.module.params['keystone_project_name'], + 'project_domain_name': self.module.params[ + 'keystone_project_domain_name'] + } if self.module.params['keystone_token'] is None: - ks = ksclient.KSClient( - auth_url=self.module.params['keystone_url'], - username=self.module.params['keystone_user'], - password=self.module.params['keystone_password'], - project_name=self.module.params['keystone_project']) - - self.token = ks.token - if self.module.params['monasca_api_url'] is None: - self.api_url = ks.monasca_url - else: - self.api_url = self.module.params['monasca_api_url'] + kwargs.update({ + 'username': self.module.params['keystone_username'], + 'password': self.module.params['keystone_password'], + 'user_domain_name': self.module.params[ + 'keystone_user_domain_name'] + }) else: - if self.module.params['monasca_api_url'] is None: - self.module.fail_json( - msg='Error: When specifying keystone_token, \ - monasca_api_url is required') - self.token = self.module.params['keystone_token'] - self.api_url = self.module.params['monasca_api_url'] + kwargs.update({ + 'token': self.module.params['keystone_token'] + }) + return kwargs class MonascaDefinition(MonascaAnsible): @@ -272,11 +283,16 @@ def main(): api_version=dict(required=False, default='2_0', type='str'), description=dict(required=False, type='str'), expression=dict(required=False, type='str'), - keystone_password=dict(required=False, type='str'), + keystone_auth_url=dict(required=False, type='str'), + keystone_insecure=dict(required=False, default=False, type='bool'), + keystone_password=dict(required=False, type='str', no_log=True), + keystone_project_name=dict(required=False, type='str'), + keystone_project_domain_name=dict(required=False, + default='Default', type='str'), keystone_token=dict(required=False, type='str'), - keystone_url=dict(required=False, type='str'), - keystone_user=dict(required=False, type='str'), - keystone_project=dict(required=False, type='str'), + keystone_username=dict(required=False, type='str'), + keystone_user_domain_name=dict(required=False, default='Default', + type='str'), match_by=dict(default=['hostname'], type='list'), monasca_api_url=dict(required=False, type='str'), name=dict(required=True, type='str'), @@ -290,7 +306,7 @@ def main(): ) if not monascaclient_found: - module.fail_json(msg="python-monascaclient >= 1.0.9 is required") + module.fail_json(msg="python-monascaclient >= 1.6.1 is required") definition = MonascaDefinition(module) definition.run() diff --git a/library/monasca_notification_method.py b/library/monasca_notification_method.py index 34dd622..bbf1fe3 100644 --- a/library/monasca_notification_method.py +++ b/library/monasca_notification_method.py @@ -1,5 +1,4 @@ #!/usr/bin/python -# -*- coding: utf-8 -*- # (C) Copyright 2015 Hewlett-Packard Development Company, L.P. DOCUMENTATION = ''' @@ -29,28 +28,44 @@ options: description: - Keystone password to use for authentication, required unless a keystone_token is specified. - keystone_url: - required: false + keystone_auth_url: + required: true description: - Keystone url to authenticate against, required unless keystone_token isdefined. Example http://192.168.10.5:5000/v3 + keystone_insecure: + required: false + default: false + description: + - Specifies if insecure TLS (https) requests. If True, + the servers certificate will not be validated. keystone_token: required: false description: - Keystone token to use with the monasca api. If this is specified the monasca_api_url is required but the keystone_user and keystone_password aren't. - keystone_user: + keystone_username: required: false description: - Keystone user to log in as, required unless a keystone_token is - specified. - keystone_project: + keystone_user_domain_name: + required: false + default: 'Default' + description: + - Keystone user domain name used for authentication. + specified. + keystone_project_name: required: false description: - Keystone project name to obtain a token for, defaults to the user's default project + keystone_project_domain_name: + required: false + default: 'Default' + description: + - Keystone project domain name used for authentication. monasca_api_url: required: false description: @@ -104,7 +119,6 @@ import os # NOQA try: from monascaclient import client - from monascaclient import ksclient except ImportError: # In many installs the python-monascaclient is available in a venv, switch # to the most common location @@ -113,7 +127,6 @@ except ImportError: try: execfile(activate_this, dict(__file__=activate_this)) from monascaclient import client - from monascaclient import ksclient except ImportError: monascaclient_found = False else: @@ -130,49 +143,45 @@ class MonascaAnsible(object): expected. It should have at least these params defined: - api_version - keystone_token and monasca_api_url or keystone_url, keystone_user - and keystone_password and optionally - monasca_api_url + and keystone_password and optionally monasca_api_url """ def __init__(self, module): self.module = module - self._keystone_auth() - self.exit_data = { - 'keystone_token': self.token, - 'monasca_api_url': self.api_url} + self.auth_kwargs = self._get_auth_credentials() self.monasca = client.Client( self.module.params['api_version'], - self.api_url, - token=self.token) + **self.auth_kwargs + ) def _exit_json(self, **kwargs): - """ Exit with supplied kwargs combined with the self.exit_data + """ Exit with supplied kwargs """ - kwargs.update(self.exit_data) self.module.exit_json(**kwargs) - def _keystone_auth(self): - """ Authenticate to Keystone and set self.token and self.api_url + def _get_auth_credentials(self): + """ Build kwargs for authentication """ + kwargs = { + 'auth_url': self.module.params['keystone_auth_url'], + 'insecure': self.module.params['keystone_insecure'], + 'endpoint': self.module.params['monasca_api_url'], + 'project_name': self.module.params['keystone_project_name'], + 'project_domain_name': self.module.params[ + 'keystone_project_domain_name'] + } if self.module.params['keystone_token'] is None: - ks = ksclient.KSClient( - auth_url=self.module.params['keystone_url'], - username=self.module.params['keystone_user'], - password=self.module.params['keystone_password'], - project_name=self.module.params['keystone_project']) - - self.token = ks.token - if self.module.params['monasca_api_url'] is None: - self.api_url = ks.monasca_url - else: - self.api_url = self.module.params['monasca_api_url'] + kwargs.update({ + 'username': self.module.params['keystone_username'], + 'password': self.module.params['keystone_password'], + 'user_domain_name': self.module.params[ + 'keystone_user_domain_name'] + }) else: - if self.module.params['monasca_api_url'] is None: - self.module.fail_json( - msg='Error: When specifying keystone_token, \ - monasca_api_url is required') - self.token = self.module.params['keystone_token'] - self.api_url = self.module.params['monasca_api_url'] + kwargs.update({ + 'token': self.module.params['keystone_token'] + }) + return kwargs class MonascaNotification(MonascaAnsible): @@ -222,11 +231,16 @@ def main(): argument_spec=dict( address=dict(required=True, type='str'), api_version=dict(required=False, default='2_0', type='str'), + keystone_auth_url=dict(required=True, type='str'), + keystone_insecure=dict(required=False, default=False, type='bool'), keystone_password=dict(required=False, type='str', no_log=True), + keystone_project_name=dict(required=True, type='str'), + keystone_project_domain_name=dict(required=False, + default='Default', type='str'), keystone_token=dict(required=False, type='str'), - keystone_url=dict(required=False, type='str'), - keystone_user=dict(required=False, type='str'), - keystone_project=dict(required=False, type='str'), + keystone_username=dict(required=False, type='str'), + keystone_user_domain_name=dict(required=False, default='Default', + type='str'), monasca_api_url=dict(required=False, type='str'), name=dict(required=True, type='str'), state=dict(default='present', choices=['present', 'absent'], @@ -237,7 +251,7 @@ def main(): ) if not monascaclient_found: - module.fail_json(msg="python-monascaclient >= 1.0.9 is required") + module.fail_json(msg="python-monascaclient >= 1.6.1 is required") notification = MonascaNotification(module) notification.run() diff --git a/tasks/monasca_alarms_setup.yml b/tasks/monasca_alarms_setup.yml index a8659a2..131e8da 100644 --- a/tasks/monasca_alarms_setup.yml +++ b/tasks/monasca_alarms_setup.yml @@ -11,26 +11,33 @@ # See the License for the specific language governing permissions and # limitations under the License. +- name: Wait for monasca-api to come up + uri: + url: "{{ monasca_service_internalurl }}" + status_code: 401 + register: result + until: result|success + retries: 5 + delay: 2 + - name: Setup default notification method monasca_notification_method: name: "{{ monasca_notification_name }}" type: "{{ monasca_notification_type }}" address: "{{ monasca_notification_address }}" - keystone_url: "{{ keystone_service_adminurl }}" - keystone_user: "{{ keystone_admin_user_name }}" + keystone_auth_url: "{{ keystone_service_adminurl }}" + keystone_username: "{{ keystone_admin_user_name }}" keystone_password: "{{ keystone_auth_admin_password }}" - keystone_project: "{{ keystone_admin_tenant_name }}" + keystone_project_name: "{{ keystone_admin_tenant_name }}" monasca_api_url: "{{ monasca_service_internalurl }}" register: default_notification -- name: Create Default Alarm Definitions +- name: Create default alarm definitions monasca_alarm_definition: name: "{{ item.name }}" description: "{{ item.description | default('') }}" expression: "{{ item.expression }}" - keystone_token: "{{ default_notification.keystone_token }}" match_by: "{{ item.match_by | default(['hostname']) }}" - monasca_api_url: "{{ default_notification.monasca_api_url }}" severity: "{{ item.severity | default('LOW') }}" alarm_actions: - "{{ default_notification.notification_method_id }}" @@ -38,4 +45,9 @@ - "{{ default_notification.notification_method_id }}" undetermined_actions: - "{{ default_notification.notification_method_id }}" + keystone_auth_url: "{{ keystone_service_adminurl }}" + keystone_username: "{{ keystone_admin_user_name }}" + keystone_password: "{{ keystone_auth_admin_password }}" + keystone_project_name: "{{ keystone_admin_tenant_name }}" + monasca_api_url: "{{ monasca_service_internalurl }}" with_items: "{{ monasca_default_alarms }}" diff --git a/templates/monasca-api/api-config.ini.j2 b/templates/monasca-api/api-config.ini.j2 index 01d9a52..1e83473 100644 --- a/templates/monasca-api/api-config.ini.j2 +++ b/templates/monasca-api/api-config.ini.j2 @@ -18,8 +18,12 @@ paste.filter_factory = oslo_middleware.request_id:RequestId.factory [server:main] use = egg:gunicorn#main host = 0.0.0.0 -port = {{ monasca_api_service_port }} +port = {{ monasca_service_port }} workers = {{ monasca_api_workers }} worker-connections = 2000 backlog = 1000 -proc_name = monasca_api +proc_name = monasca-api +worker-class = eventlet +timeout = 30 +backlog = 2048 +keepalive = 2