Optimizing monasca role.
- Making role more compatible with keystone v3 - Replacing variable names with more OSA aligned styling Change-Id: I5b7230301faedfdfa63f12e51ccadcc16c26639a
This commit is contained in:
parent
86b05c62fe
commit
57eefc0f84
|
@ -17,52 +17,51 @@
|
||||||
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
||||||
monasca_package_state: "latest"
|
monasca_package_state: "latest"
|
||||||
monasca_pip_package_state: "latest"
|
monasca_pip_package_state: "latest"
|
||||||
debug: false
|
|
||||||
|
|
||||||
## System info
|
debug: False
|
||||||
|
|
||||||
monasca_system_user_name: monasca
|
monasca_system_user_name: monasca
|
||||||
monasca_system_group_name: monasca
|
monasca_system_group_name: monasca
|
||||||
|
monasca_system_comment: Monasca system user
|
||||||
monasca_system_user_shell: /bin/false
|
monasca_system_user_shell: /bin/false
|
||||||
monasca_system_comment: monasca system user
|
|
||||||
monasca_system_user_home: "/var/lib/{{ monasca_system_user_name }}"
|
monasca_system_user_home: "/var/lib/{{ monasca_system_user_name }}"
|
||||||
monasca_bin: "/openstack/venvs/monasca-{{ monasca_venv_tag }}/bin"
|
monasca_bin: "/openstack/venvs/monasca-{{ monasca_venv_tag }}/bin"
|
||||||
monasca_log_directory: "/var/log/monasca"
|
monasca_log_directory: "/var/log/monasca"
|
||||||
monasca_conf_directory: "/etc/monasca"
|
monasca_conf_directory: "/etc/monasca"
|
||||||
|
|
||||||
|
monasca_service_name: monasca
|
||||||
|
monasca_service_user_name: monasca
|
||||||
|
monasca_readonly_user_name: monasca-read-only
|
||||||
|
monasca_service_type: monitoring
|
||||||
|
monasca_service_description: "OpenStack Monitoring Service (Monasca)"
|
||||||
|
monasca_service_project_name: service
|
||||||
|
monasca_service_role_names:
|
||||||
|
- admin
|
||||||
monasca_service_region: RegionOne
|
monasca_service_region: RegionOne
|
||||||
monasca_service_host: "0.0.0.0"
|
monasca_service_host: "0.0.0.0"
|
||||||
monasca_service_port: 8070
|
monasca_bind_port: 8070
|
||||||
monasca_service_publicuri_proto: http
|
monasca_service_publicuri_proto: http
|
||||||
monasca_service_publicurl: "{{ monasca_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ monasca_service_port }}/v2.0"
|
monasca_service_publicurl: "{{ monasca_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ monasca_bind_port }}/v2.0"
|
||||||
monasca_service_internaluri_proto: http
|
monasca_service_internaluri_proto: http
|
||||||
monasca_service_internalurl: "{{ monasca_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ monasca_service_port }}/v2.0"
|
monasca_service_internalurl: "{{ monasca_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ monasca_bind_port }}/v2.0"
|
||||||
monasca_service_adminuri_proto: http
|
monasca_service_adminuri_proto: http
|
||||||
monasca_service_adminurl: "{{ monasca_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ monasca_service_port }}/v2.0"
|
monasca_service_adminurl: "{{ monasca_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ monasca_bind_port }}/v2.0"
|
||||||
monasca_auth_url: "{{ keystone_service_internalurl }}"
|
|
||||||
monasca_keystone_auth_plugin: password
|
|
||||||
monasca_service_tenant_name: monasca
|
|
||||||
monasca_service_project_name: monasca
|
|
||||||
monasca_project_domain_name: default
|
|
||||||
monasca_user_domain_name: default
|
|
||||||
|
|
||||||
monasca_service_description: "Monasca Monitoring Service"
|
# Name of the virtual env to deploy into
|
||||||
monasca_service_name: monasca
|
monasca_venv_tag: untagged
|
||||||
monasca_service_type: monitoring
|
monasca_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/monasca.tgz
|
||||||
monasca_admin_username: monasca-admin
|
|
||||||
monasca_regular_username: monasca-user
|
|
||||||
monasca_service_admin_role_names: admin
|
|
||||||
monasca_backend_database: "influxdb"
|
|
||||||
|
|
||||||
monasca_use_mod_wsgi: false
|
monasca_bin: "/openstack/venvs/monasca-{{ monasca_venv_tag }}/bin"
|
||||||
|
|
||||||
|
# Toggle developer mode
|
||||||
|
monasca_developer_mode: false
|
||||||
|
|
||||||
monasca_api_service_port: 8070
|
|
||||||
monasca_api_git_repo: "https://git.openstack.org/openstack/monasca-api"
|
monasca_api_git_repo: "https://git.openstack.org/openstack/monasca-api"
|
||||||
monasca_api_git_install_branch: master
|
monasca_api_git_install_branch: master
|
||||||
monasca_api_requirements_git_repo: https://git.openstack.org/openstack/requirements
|
monasca_api_requirements_git_repo: https://git.openstack.org/openstack/requirements
|
||||||
monasca_api_requirements_git_install_branch: master
|
monasca_api_requirements_git_install_branch: master
|
||||||
monasca_api_metrics_driver: "monasca_api.common.repositories.influxdb.metrics_repository:MetricsRepository"
|
|
||||||
|
|
||||||
monasca_log_api_service_port: 5607
|
monasca_log_api_bind_port: 5607
|
||||||
monasca_log_api_git_repo: "https://git.openstack.org/openstack/monasca-log-api"
|
monasca_log_api_git_repo: "https://git.openstack.org/openstack/monasca-log-api"
|
||||||
monasca_log_api_git_install_branch: master
|
monasca_log_api_git_install_branch: master
|
||||||
monasca_log_api_requirements_git_repo: https://git.openstack.org/openstack/requirements
|
monasca_log_api_requirements_git_repo: https://git.openstack.org/openstack/requirements
|
||||||
|
@ -108,19 +107,25 @@ monasca_developer_constraints:
|
||||||
- "git+{{ monasca_log_api_git_repo }}@{{ monasca_log_api_git_install_branch }}#egg=monasca-log-api"
|
- "git+{{ monasca_log_api_git_repo }}@{{ monasca_log_api_git_install_branch }}#egg=monasca-log-api"
|
||||||
- "git+{{ monasca_ceilometer_git_repo }}@{{ monasca_ceilometer_git_install_branch }}#egg=monasca-ceilometer"
|
- "git+{{ monasca_ceilometer_git_repo }}@{{ monasca_ceilometer_git_install_branch }}#egg=monasca-ceilometer"
|
||||||
- "git+{{ monasca_common_git_repo }}@{{ monasca_common_git_install_branch }}#egg=monasca-common"
|
- "git+{{ monasca_common_git_repo }}@{{ monasca_common_git_install_branch }}#egg=monasca-common"
|
||||||
|
- "git+{{ monasca_thresh_git_repo }}@{{ monasca_thresh_git_install_branch }}#egg=monasca-thresh"
|
||||||
- "git+{{ monasca_transform_git_repo }}@{{ monasca_transform_git_install_branch }}#egg=monasca-transform"
|
- "git+{{ monasca_transform_git_repo }}@{{ monasca_transform_git_install_branch }}#egg=monasca-transform"
|
||||||
- "git+{{ monasca_notification_git_repo }}@{{ monasca_notification_git_install_branch }}#egg=monasca-notification"
|
- "git+{{ monasca_notification_git_repo }}@{{ monasca_notification_git_install_branch }}#egg=monasca-notification"
|
||||||
- "git+{{ monasca_persister_git_repo }}@{{ monasca_persister_git_install_branch }}#egg=monasca-persister"
|
- "git+{{ monasca_persister_git_repo }}@{{ monasca_persister_git_install_branch }}#egg=monasca-persister"
|
||||||
- "git+{{ monasca_python_client_git_repo }}@{{ monasca_python_client_git_install_branch }}#egg=python-monascaclient"
|
- "git+{{ monasca_python_client_git_repo }}@{{ monasca_python_client_git_install_branch }}#egg=python-monascaclient"
|
||||||
|
|
||||||
# Name of the virtual env to deploy into
|
# Keystone AuthToken/Middleware
|
||||||
monasca_venv_tag: untagged
|
monasca_keystone_auth_plugin: password
|
||||||
monasca_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/monasca.tgz
|
monasca_service_project_domain_name: Default
|
||||||
|
monasca_service_user_domain_name: default
|
||||||
|
|
||||||
|
# Grafana Galera
|
||||||
monasca_grafana_galera_database: grafana
|
monasca_grafana_galera_database: grafana
|
||||||
monasca_grafana_galera_username: grafana
|
monasca_grafana_galera_username: grafana
|
||||||
|
|
||||||
pip_install_options: ""
|
monasca_backend_database: "influxdb"
|
||||||
|
monasca_use_mod_wsgi: false
|
||||||
|
|
||||||
|
monasca_api_metrics_driver: "monasca_api.common.repositories.influxdb.metrics_repository:MetricsRepository"
|
||||||
|
|
||||||
monasca_services:
|
monasca_services:
|
||||||
monasca-api:
|
monasca-api:
|
||||||
|
@ -139,15 +144,15 @@ monasca_requires_pip_packages:
|
||||||
- python-glanceclient
|
- python-glanceclient
|
||||||
- python-keystoneclient
|
- python-keystoneclient
|
||||||
- python-monascaclient
|
- python-monascaclient
|
||||||
- python-memcached
|
- pyyaml
|
||||||
- virtualenv
|
- virtualenv
|
||||||
- virtualenv-tools
|
- virtualenv-tools
|
||||||
|
|
||||||
# Common pip packages
|
|
||||||
monasca_pip_packages:
|
monasca_pip_packages:
|
||||||
- keystoneauth1
|
- keystoneauth1
|
||||||
- simport
|
- simport
|
||||||
- gunicorn
|
- gunicorn
|
||||||
|
- python-memcached
|
||||||
- monasca-common
|
- monasca-common
|
||||||
- monasca-api
|
- monasca-api
|
||||||
- monasca-log-api
|
- monasca-log-api
|
||||||
|
@ -163,3 +168,9 @@ monasca_log_api_config_overrides: {}
|
||||||
monasca_log_api_logging_overrides: {}
|
monasca_log_api_logging_overrides: {}
|
||||||
monasca_notification_yml_overrides: {}
|
monasca_notification_yml_overrides: {}
|
||||||
monasca_persister_yml_overrides: {}
|
monasca_persister_yml_overrides: {}
|
||||||
|
|
||||||
|
# This variable is used by the repo_build process to determine
|
||||||
|
# which host group to check for members of before building the
|
||||||
|
# pip packages required by this role. The value is picked up
|
||||||
|
# by the py_pkgs lookup.
|
||||||
|
monasca_role_project_group: monasca_all
|
||||||
|
|
|
@ -16,6 +16,10 @@
|
||||||
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
||||||
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
||||||
|
|
||||||
|
- include: monasca_install_apt.yml
|
||||||
|
static: no
|
||||||
|
when: ansible_pkg_mgr == 'apt'
|
||||||
|
|
||||||
- name: Create developer mode constraint file
|
- name: Create developer mode constraint file
|
||||||
copy:
|
copy:
|
||||||
dest: "/opt/developer-pip-constraints.txt"
|
dest: "/opt/developer-pip-constraints.txt"
|
||||||
|
@ -118,8 +122,7 @@
|
||||||
retries: 5
|
retries: 5
|
||||||
delay: 2
|
delay: 2
|
||||||
when: monasca_developer_mode | bool
|
when: monasca_developer_mode | bool
|
||||||
notify:
|
notify: Restart monasca services
|
||||||
- Restart monasca services
|
|
||||||
|
|
||||||
- name: Update virtualenv path
|
- name: Update virtualenv path
|
||||||
command: >
|
command: >
|
||||||
|
|
|
@ -42,19 +42,19 @@
|
||||||
|
|
||||||
- include: pre-install.yml
|
- include: pre-install.yml
|
||||||
tags:
|
tags:
|
||||||
- os_monasca
|
- monasca-install
|
||||||
|
|
||||||
- include: install.yml
|
- include: install.yml
|
||||||
tags:
|
tags:
|
||||||
- os_monasca
|
- monasca-install
|
||||||
|
|
||||||
- include: configure.yml
|
|
||||||
tags:
|
|
||||||
- os_monasca
|
|
||||||
|
|
||||||
- include: post-install.yml
|
- include: post-install.yml
|
||||||
tags:
|
tags:
|
||||||
- os_monasca
|
- monasca-config
|
||||||
|
|
||||||
|
- include: monasca_init_common.yml
|
||||||
|
tags:
|
||||||
|
- monasca-install
|
||||||
|
|
||||||
- include: monasca_service_setup.yml
|
- include: monasca_service_setup.yml
|
||||||
static: no
|
static: no
|
||||||
|
@ -62,9 +62,5 @@
|
||||||
tags:
|
tags:
|
||||||
- monasca-install
|
- monasca-install
|
||||||
|
|
||||||
- include: monasca_init_common.yml
|
|
||||||
tags:
|
|
||||||
- os_monasca
|
|
||||||
|
|
||||||
- name: Flush handlers
|
- name: Flush handlers
|
||||||
meta: flush_handlers
|
meta: flush_handlers
|
||||||
|
|
|
@ -1,17 +1,26 @@
|
||||||
---
|
---
|
||||||
# Copyright 2016 Internet Solutions (Pty) Ltd
|
# Copyright 2016, Walmart Stores, Inc.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
# You may obtain a copy of the License at
|
# You may obtain a copy of the License at
|
||||||
#
|
#
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
#
|
#
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
#
|
|
||||||
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
- name: Install apt packages for monasca
|
||||||
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
apt:
|
||||||
|
pkg: "{{ item }}"
|
||||||
|
state: "{{ monasca_package_state }}"
|
||||||
|
update_cache: yes
|
||||||
|
cache_valid_time: "{{ cache_timeout }}"
|
||||||
|
register: install_monasca_distro_packages
|
||||||
|
until: install_monasca_distro_packages |success
|
||||||
|
retries: 5
|
||||||
|
delay: 2
|
||||||
|
with_items: "{{ monasca_distro_packages }}"
|
|
@ -15,26 +15,6 @@
|
||||||
#
|
#
|
||||||
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
||||||
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
||||||
- name: Ensure the monasca tenant exists
|
|
||||||
keystone:
|
|
||||||
command: "ensure_tenant"
|
|
||||||
endpoint: "{{ keystone_service_adminurl }}"
|
|
||||||
login_user: "{{ keystone_admin_user_name }}"
|
|
||||||
login_password: "{{ keystone_auth_admin_password }}"
|
|
||||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
|
||||||
insecure: "{{ keystone_service_adminuri_insecure }}"
|
|
||||||
tenant_name: "{{ monasca_service_tenant_name }}"
|
|
||||||
project_name: "{{ monasca_service_project_name }}"
|
|
||||||
description: "{{ monasca_service_description }}"
|
|
||||||
register: add_monasca_tenant
|
|
||||||
until: add_monasca_tenant |success
|
|
||||||
retries: 5
|
|
||||||
delay: 2
|
|
||||||
tags:
|
|
||||||
- monasca-api-setup
|
|
||||||
- monasca-service-add
|
|
||||||
- monasca-setup
|
|
||||||
|
|
||||||
- name: Ensure the service for monasca exists
|
- name: Ensure the service for monasca exists
|
||||||
keystone:
|
keystone:
|
||||||
command: "ensure_service"
|
command: "ensure_service"
|
||||||
|
@ -55,7 +35,7 @@
|
||||||
- monasca-service-add
|
- monasca-service-add
|
||||||
- monasca-setup
|
- monasca-setup
|
||||||
|
|
||||||
- name: Ensure the monasca admin user exists
|
- name: Ensure the monasca user exists
|
||||||
keystone:
|
keystone:
|
||||||
command: "ensure_user"
|
command: "ensure_user"
|
||||||
endpoint: "{{ keystone_service_adminurl }}"
|
endpoint: "{{ keystone_service_adminurl }}"
|
||||||
|
@ -63,12 +43,11 @@
|
||||||
login_password: "{{ keystone_auth_admin_password }}"
|
login_password: "{{ keystone_auth_admin_password }}"
|
||||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||||
insecure: "{{ keystone_service_adminuri_insecure }}"
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||||
user_name: "{{ monasca_admin_username }}"
|
user_name: "{{ monasca_service_user_name }}"
|
||||||
tenant_name: "{{ monasca_service_tenant_name }}"
|
tenant_name: "{{ monasca_service_project_name }}"
|
||||||
password: "{{ monasca_admin_password }}"
|
password: "{{ monasca_service_password | default('changeme') }}"
|
||||||
project_name: "{{ monasca_service_project_name }}"
|
register: add_monasca_user
|
||||||
register: add_monasca_admin_user
|
until: add_monasca_user |success
|
||||||
until: add_monasca_admin_user |success
|
|
||||||
retries: 5
|
retries: 5
|
||||||
delay: 2
|
delay: 2
|
||||||
tags:
|
tags:
|
||||||
|
@ -85,12 +64,11 @@
|
||||||
login_password: "{{ keystone_auth_admin_password }}"
|
login_password: "{{ keystone_auth_admin_password }}"
|
||||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||||
insecure: "{{ keystone_service_adminuri_insecure }}"
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||||
user_name: "{{ monasca_regular_username }}"
|
user_name: "{{ monasca_readonly_user_name }}"
|
||||||
tenant_name: "{{ monasca_service_tenant_name }}"
|
tenant_name: "{{ monasca_service_project_name }}"
|
||||||
password: "{{ monasca_regular_user_password }}"
|
password: "{{ monasca_readonly_password }}"
|
||||||
project_name: "{{ monasca_service_project_name }}"
|
register: add_monasca_readonly_user
|
||||||
register: add_monasca_regular_user
|
until: add_monasca_readonly_user |success
|
||||||
until: add_monasca_regular_user |success
|
|
||||||
retries: 5
|
retries: 5
|
||||||
delay: 2
|
delay: 2
|
||||||
tags:
|
tags:
|
||||||
|
@ -99,23 +77,22 @@
|
||||||
- monasca-user-add
|
- monasca-user-add
|
||||||
- monasca-setup
|
- monasca-setup
|
||||||
|
|
||||||
- name: Ensure the monasca admin user has the admin role
|
- name: Ensure the monasca user has the admin role
|
||||||
keystone:
|
keystone:
|
||||||
command: "ensure_user_role"
|
command: "ensure_user_role"
|
||||||
endpoint: "{{ keystone_service_adminurl }}"
|
endpoint: "{{ keystone_service_adminurl }}"
|
||||||
login_user: "{{ keystone_admin_user_name }}"
|
login_user: "{{ keystone_admin_user_name }}"
|
||||||
login_password: "{{ keystone_auth_admin_password }}"
|
login_password: "{{ keystone_auth_admin_password }}"
|
||||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||||
user_name: "{{ monasca_admin_username }}"
|
user_name: "{{ monasca_service_user_name }}"
|
||||||
tenant_name: "{{ monasca_service_tenant_name }}"
|
tenant_name: "{{ monasca_service_project_name }}"
|
||||||
role_name: "{{ item }}"
|
role_name: "{{ item }}"
|
||||||
insecure: "{{ keystone_service_adminuri_insecure }}"
|
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||||
project_name: "{{ monasca_service_project_name }}"
|
register: ensure_monasca_roles
|
||||||
register: ensure_monasca_admin_roles
|
until: ensure_monasca_roles |success
|
||||||
until: ensure_monasca_admin_roles |success
|
|
||||||
retries: 5
|
retries: 5
|
||||||
delay: 2
|
delay: 2
|
||||||
with_items: "{{ monasca_service_admin_role_names }}"
|
with_items: "{{ monasca_service_role_names }}"
|
||||||
|
|
||||||
- name: Ensure the monasca endpoint is registered
|
- name: Ensure the monasca endpoint is registered
|
||||||
keystone:
|
keystone:
|
||||||
|
|
|
@ -15,25 +15,55 @@
|
||||||
#
|
#
|
||||||
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
||||||
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
||||||
- name: Update Apt sources
|
|
||||||
apt:
|
- name: Create the monasca system group
|
||||||
update_cache: yes
|
group:
|
||||||
register: apt_update
|
name: "{{ monasca_system_group_name }}"
|
||||||
until: apt_update | success
|
state: "present"
|
||||||
|
system: "yes"
|
||||||
|
|
||||||
|
- name: Create the monasca system user
|
||||||
|
user:
|
||||||
|
name: "{{ monasca_system_user_name }}"
|
||||||
|
group: "{{ monasca_system_group_name }}"
|
||||||
|
groups: sudo
|
||||||
|
shell: "{{ monasca_system_user_shell }}"
|
||||||
|
system: "yes"
|
||||||
|
createhome: "yes"
|
||||||
|
home: "{{ monasca_system_user_home }}"
|
||||||
|
register: create_monasca_user
|
||||||
|
until: create_monasca_user | success
|
||||||
retries: 5
|
retries: 5
|
||||||
delay: 2
|
delay: 2
|
||||||
|
|
||||||
- name: Install Apt dependencies
|
- name: Create monasca's directories
|
||||||
apt:
|
file:
|
||||||
pkg: "{{ item }}"
|
path: "{{ item.path }}"
|
||||||
state: "{{ monasca_package_state }}"
|
state: "directory"
|
||||||
register: install_deps
|
owner: "{{ item.owner |default(monasca_system_user_name) }}"
|
||||||
until: install_deps | success
|
group: "{{ item.group |default(monasca_system_group_name) }}"
|
||||||
retries: 5
|
mode: "{{ item.mode |default('0750') }}"
|
||||||
delay: 2
|
with_items:
|
||||||
with_items: "{{ monasca_distro_packages }}"
|
- path: "{{ monasca_conf_directory }}"
|
||||||
|
- path: "{{ monasca_system_user_home }}"
|
||||||
|
|
||||||
- include: pre-monasca-install.yml
|
- name: Test for monasca log directory or link
|
||||||
when:
|
shell: |
|
||||||
- inventory_hostname in groups['monasca_api']
|
if [ -h "{{ monasca_log_directory }}" ]; then
|
||||||
- inventory_hostname in groups['monasca_log_api']
|
chown -h {{ monasca_system_user_name }}:{{ monasca_system_group_name }} {{ monasca_log_directory }}
|
||||||
|
chown -R {{ monasca_system_user_name }}:{{ monasca_system_group_name }} "$(readlink {{ monasca_log_directory }})"
|
||||||
|
else
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
register: log_dir
|
||||||
|
failed_when: false
|
||||||
|
changed_when: log_dir.rc != 0
|
||||||
|
|
||||||
|
- name: Create monasca log directory
|
||||||
|
file:
|
||||||
|
path: "{{ monasca_log_directory }}"
|
||||||
|
state: "directory"
|
||||||
|
owner: "{{ monasca_system_user_name }}"
|
||||||
|
group: "{{ monasca_system_group_name }}"
|
||||||
|
mode: "0750"
|
||||||
|
when: log_dir.rc != 0
|
||||||
|
|
|
@ -1,69 +0,0 @@
|
||||||
---
|
|
||||||
# Copyright 2016 Internet Solutions (Pty) Ltd
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
# you may not use this file except in compliance with the License.
|
|
||||||
# You may obtain a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
# See the License for the specific language governing permissions and
|
|
||||||
# limitations under the License.
|
|
||||||
#
|
|
||||||
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
|
||||||
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
|
||||||
|
|
||||||
- name: Create the monasca system group
|
|
||||||
group:
|
|
||||||
name: "{{ monasca_system_group_name }}"
|
|
||||||
state: "present"
|
|
||||||
system: "yes"
|
|
||||||
|
|
||||||
- name: Create the monasca system user
|
|
||||||
user:
|
|
||||||
name: "{{ monasca_system_user_name }}"
|
|
||||||
group: "{{ monasca_system_group_name }}"
|
|
||||||
groups: sudo
|
|
||||||
shell: "{{ monasca_system_user_shell }}"
|
|
||||||
system: "yes"
|
|
||||||
createhome: "yes"
|
|
||||||
home: "{{ monasca_system_user_home }}"
|
|
||||||
register: create_monasca_user
|
|
||||||
until: create_monasca_user | success
|
|
||||||
retries: 5
|
|
||||||
delay: 2
|
|
||||||
|
|
||||||
- name: Create monasca's directories
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: "directory"
|
|
||||||
owner: "{{ item.owner |default(monasca_system_user_name) }}"
|
|
||||||
group: "{{ item.group |default(monasca_system_group_name) }}"
|
|
||||||
mode: "{{ item.mode |default('0750') }}"
|
|
||||||
with_items:
|
|
||||||
- path: "{{ monasca_conf_directory }}"
|
|
||||||
- path: "{{ monasca_system_user_home }}"
|
|
||||||
|
|
||||||
- name: Test for monasca log directory or link
|
|
||||||
shell: |
|
|
||||||
if [ -h "{{ monasca_log_directory }}" ]; then
|
|
||||||
chown -h {{ monasca_system_user_name }}:{{ monasca_system_group_name }} {{ monasca_log_directory }}
|
|
||||||
chown -R {{ monasca_system_user_name }}:{{ monasca_system_group_name }} "$(readlink {{ monasca_log_directory }})"
|
|
||||||
else
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
register: log_dir
|
|
||||||
failed_when: false
|
|
||||||
changed_when: log_dir.rc != 0
|
|
||||||
|
|
||||||
- name: Create monasca log directory
|
|
||||||
file:
|
|
||||||
path: "{{ monasca_log_directory }}"
|
|
||||||
state: "directory"
|
|
||||||
owner: "{{ monasca_system_user_name }}"
|
|
||||||
group: "{{ monasca_system_group_name }}"
|
|
||||||
mode: "0750"
|
|
||||||
when: log_dir.rc != 0
|
|
|
@ -17,6 +17,6 @@ paste.filter_factory = monasca_api.middleware.keystone_context_filter:filter_fac
|
||||||
[server:main]
|
[server:main]
|
||||||
use = egg:gunicorn#main
|
use = egg:gunicorn#main
|
||||||
host = 0.0.0.0
|
host = 0.0.0.0
|
||||||
port = {{ monasca_api_service_port }}
|
port = {{ monasca_bind_port }}
|
||||||
workers = 1
|
workers = 1
|
||||||
proc_name = monasca_api
|
proc_name = monasca_api
|
||||||
|
|
|
@ -20,9 +20,9 @@ dimension_names = monasca_api.v2.reference.metrics:DimensionNames
|
||||||
notification_method_types = monasca_api.v2.reference.notificationstype:NotificationsType
|
notification_method_types = monasca_api.v2.reference.notificationstype:NotificationsType
|
||||||
|
|
||||||
[security]
|
[security]
|
||||||
default_authorized_roles = user, domainuser, domainadmin, {{ monasca_regular_username }}
|
default_authorized_roles = user, domainuser, domainadmin, {{ monasca_service_user_name }}
|
||||||
agent_authorized_roles = {{ monasca_admin_username }}
|
agent_authorized_roles = {{ monasca_service_user_name }}
|
||||||
read_only_authorized_roles = {{ monasca_regular_username }}
|
read_only_authorized_roles = {{ monasca_readonly_user_name }}
|
||||||
delegate_authorized_roles = admin
|
delegate_authorized_roles = admin
|
||||||
|
|
||||||
[messaging]
|
[messaging]
|
||||||
|
@ -71,12 +71,17 @@ password = {{ monasca_galera_password }}
|
||||||
url = "mysql+pymysql://{{ monasca_galera_user }}:{{ monasca_galera_password }}@{{ monasca_galera_address }}/{{ monasca_galera_database }}"
|
url = "mysql+pymysql://{{ monasca_galera_user }}:{{ monasca_galera_password }}@{{ monasca_galera_address }}/{{ monasca_galera_database }}"
|
||||||
|
|
||||||
[keystone_authtoken]
|
[keystone_authtoken]
|
||||||
|
auth_uri = {{ keystone_service_internalurl }}
|
||||||
|
auth_version = v3
|
||||||
insecure = {{ keystone_service_internaluri_insecure | bool }}
|
insecure = {{ keystone_service_internaluri_insecure | bool }}
|
||||||
|
memcached_servers = {{ memcached_servers }}
|
||||||
|
token_cachce_time = 300
|
||||||
|
revocation_cache_time = 60
|
||||||
identity_uri = {{ keystone_service_adminuri }}
|
identity_uri = {{ keystone_service_adminuri }}
|
||||||
auth_url = {{ keystone_service_internaluri }}
|
|
||||||
auth_uri = {{ keystone_service_internaluri }}
|
|
||||||
auth_type = {{ monasca_keystone_auth_plugin }}
|
auth_type = {{ monasca_keystone_auth_plugin }}
|
||||||
project_domain_name = {{ monasca_project_domain_name }}
|
auth_url = {{ keystone_service_internaluri }}
|
||||||
user_domain_name = {{ monasca_user_domain_name }}
|
project_domain_name = {{ monasca_service_project_domain_name }}
|
||||||
username = {{ monasca_admin_username }}
|
user_domain_name = {{ monasca_service_user_domain_name }}
|
||||||
password = {{ monasca_admin_password }}
|
project_name = {{ monasca_service_project_name }}
|
||||||
|
username = {{ monasca_service_user_name }}
|
||||||
|
password = {{ monasca_service_password }}
|
||||||
|
|
|
@ -16,6 +16,6 @@ paste.filter_factory = monasca_log_api.middleware.role_middleware:RoleMiddleware
|
||||||
[server:main]
|
[server:main]
|
||||||
use = egg:gunicorn#main
|
use = egg:gunicorn#main
|
||||||
host = 0.0.0.0
|
host = 0.0.0.0
|
||||||
port = {{ monasca_log_api_service_port }}
|
port = {{ monasca_log_api_bind_port }}
|
||||||
workers = 1
|
workers = 1
|
||||||
proc_name = monasca_log_api
|
proc_name = monasca_log_api
|
||||||
|
|
|
@ -16,8 +16,8 @@ kafka_topics = log
|
||||||
[roles_middleware]
|
[roles_middleware]
|
||||||
path = /v2.0/log
|
path = /v2.0/log
|
||||||
path = /v3.0/logs
|
path = /v3.0/logs
|
||||||
default_roles = user, domainuser, domainadmin, {{ monasca_regular_username }}
|
default_roles = user, domainuser, domainadmin, {{ monasca_service_user_name }}
|
||||||
agent_roles = {{ monasca_admin_username }}, admin
|
agent_roles = {{ monasca_service_user_name }}, admin
|
||||||
|
|
||||||
[dispatcher]
|
[dispatcher]
|
||||||
logs = monasca_log_api.reference.v2.logs:Logs
|
logs = monasca_log_api.reference.v2.logs:Logs
|
||||||
|
@ -26,12 +26,17 @@ versions = monasca_log_api.reference.versions:Versions
|
||||||
healthchecks = monasca_log_api.reference.healthchecks:HealthChecks
|
healthchecks = monasca_log_api.reference.healthchecks:HealthChecks
|
||||||
|
|
||||||
[keystone_authtoken]
|
[keystone_authtoken]
|
||||||
|
auth_uri = {{ keystone_service_internalurl }}
|
||||||
|
auth_version = v3
|
||||||
insecure = {{ keystone_service_internaluri_insecure | bool }}
|
insecure = {{ keystone_service_internaluri_insecure | bool }}
|
||||||
|
memcached_servers = {{ memcached_servers }}
|
||||||
|
token_cachce_time = 300
|
||||||
|
revocation_cache_time = 60
|
||||||
identity_uri = {{ keystone_service_adminuri }}
|
identity_uri = {{ keystone_service_adminuri }}
|
||||||
auth_url = {{ keystone_service_internaluri }}
|
|
||||||
auth_uri = {{ keystone_service_internaluri }}
|
|
||||||
auth_type = {{ monasca_keystone_auth_plugin }}
|
auth_type = {{ monasca_keystone_auth_plugin }}
|
||||||
pproject_domain_name = {{ monasca_project_domain_name }}
|
auth_url = {{ keystone_service_internaluri }}
|
||||||
user_domain_name = {{ monasca_user_domain_name }}
|
project_domain_name = {{ monasca_service_project_domain_name }}
|
||||||
username = {{ monasca_admin_username }}
|
user_domain_name = {{ monasca_service_user_domain_name }}
|
||||||
password = {{ monasca_admin_password }}
|
project_name = {{ monasca_service_project_name }}
|
||||||
|
username = {{ monasca_service_user_name }}
|
||||||
|
password = {{ monasca_service_password }}
|
||||||
|
|
|
@ -22,7 +22,7 @@
|
||||||
user: root
|
user: root
|
||||||
gather_facts: false
|
gather_facts: false
|
||||||
vars:
|
vars:
|
||||||
monasca_api: "http://localhost:{{ monasca_api_service_port }}"
|
monasca_api: "http://localhost:{{ monasca_bind_port }}"
|
||||||
tasks:
|
tasks:
|
||||||
- name: Install openstackclient
|
- name: Install openstackclient
|
||||||
pip:
|
pip:
|
||||||
|
|
|
@ -38,15 +38,15 @@ monasca_notification_requirements_git_install_branch: master
|
||||||
monasca_persister_requirements_git_install_branch: master
|
monasca_persister_requirements_git_install_branch: master
|
||||||
monasca_python_client_requirements_git_install_branch: master
|
monasca_python_client_requirements_git_install_branch: master
|
||||||
monasca_service_password: "secrete"
|
monasca_service_password: "secrete"
|
||||||
monasca_regular_user_password: "secrete"
|
monasca_readonly_password: "secrete"
|
||||||
monasca_admin_password: "secrete"
|
monasca_service_user_domain_name: default
|
||||||
monasca_project_domain_name: default
|
monasca_service_project_domain_name: Default
|
||||||
monasca_user_domain_name: default
|
|
||||||
monasca_service_project_name: service
|
monasca_service_project_name: service
|
||||||
monasca_service_region: RegionOne
|
monasca_service_region: RegionOne
|
||||||
monasca_service_user_name: monasca
|
monasca_service_user_name: monasca
|
||||||
monasca_api_service_port: 8070
|
monasca_readonly_user_name: monasca-read-only
|
||||||
monasca_log_api_service_port: 5607
|
monasca_bind_port: 8070
|
||||||
|
monasca_log_api_bind_port: 5607
|
||||||
monasca_venv_tag: untagged
|
monasca_venv_tag: untagged
|
||||||
monasca_bin: "/openstack/venvs/monasca-{{ monasca_venv_tag }}/bin"
|
monasca_bin: "/openstack/venvs/monasca-{{ monasca_venv_tag }}/bin"
|
||||||
storm_nimbus_enabled: true
|
storm_nimbus_enabled: true
|
||||||
|
|
Loading…
Reference in New Issue