Enable V2 Octavia API (Experimental)
For Pike Octavia gains a way to run independent of Neutron with the
new V2 API. This adds an (experiemntal) switch to enable this which
defaults to False.
Change-Id: I009ea4feb7aecda861701af277122001c9bf4500
(cherry picked from commit 072bf2c64d)
This commit is contained in:
German Eichberger
Hengqing Hu
parent
733217e1fa
commit
5676be3e84
|
|
@ -16,6 +16,15 @@
|
|||
## Verbosity Options
|
||||
debug: False
|
||||
|
||||
## Octavia stnadalone (v2) experimental
|
||||
octavia_v2: false
|
||||
|
||||
## Activate Octavia V1 API
|
||||
octavia_v1: True
|
||||
|
||||
## Allow TLS listener
|
||||
octavia_tls_listener_enabled: True
|
||||
|
||||
# Set the package install state for distribution and pip packages
|
||||
# Options are 'present' and 'latest'
|
||||
octavia_package_state: "latest"
|
||||
|
|
@ -37,9 +46,7 @@ octavia_fatal_deprecations: False
|
|||
|
||||
octavia_clients_endpoint: internalURL
|
||||
|
||||
# Workaround for https://bugs.launchpad.net/octavia/+bug/1704468
|
||||
# API haproxy needs "/" to return 200 for healthcheck
|
||||
octavia_auth_strategy: noauth
|
||||
octavia_auth_strategy: keystone
|
||||
|
||||
## DB
|
||||
octavia_galera_user: octavia
|
||||
|
|
@ -121,11 +128,11 @@ octavia_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(o
|
|||
octavia_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(octavia_service_proto) }}"
|
||||
octavia_service_type: load-balancer
|
||||
octavia_service_publicuri: "{{ octavia_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ octavia_service_port }}"
|
||||
octavia_service_publicurl: "{{ octavia_service_publicuri }}/v1/%(tenant_id)s"
|
||||
octavia_service_publicurl_v2: "{{ octavia_service_publicuri }}/"
|
||||
octavia_service_adminuri: "{{ octavia_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}"
|
||||
octavia_service_adminurl: "{{ octavia_service_adminuri }}/v1/%(tenant_id)s"
|
||||
octavia_service_adminurl_v2: "{{ octavia_service_adminuri }}"
|
||||
octavia_service_internaluri: "{{ octavia_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}"
|
||||
octavia_service_internalurl: "{{ octavia_service_internaluri }}/v1/%(tenant_id)s"
|
||||
octavia_service_internalurl_v2: "{{ octavia_service_internaluri }}"
|
||||
|
||||
octavia_service_in_ldap: false
|
||||
|
||||
|
|
@ -154,17 +161,13 @@ octavia_pip_packages:
|
|||
- cryptography
|
||||
- keystonemiddleware
|
||||
- PyMySQL
|
||||
- python-ceilometerclient
|
||||
- python-cinderclient
|
||||
- python-glanceclient
|
||||
- python-heatclient
|
||||
- python-keystoneclient
|
||||
- python-memcached
|
||||
- python-neutronclient
|
||||
- python-novaclient
|
||||
- python-openstackclient
|
||||
- python-swiftclient
|
||||
- python-troveclient
|
||||
- python-octaviaclient
|
||||
- octavia
|
||||
- uwsgi
|
||||
|
||||
|
|
|
|||
|
|
@ -192,6 +192,32 @@ enable access.
|
|||
/etc/openstack-deploy
|
||||
|
||||
|
||||
Optional: Enable Octavia V2 API
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Beginning with the Pike release, Octavia can be deployed in a stand-alone
|
||||
version thus avoiding the Neutron integration. Currently, the following
|
||||
configuration should be added to ``openstack_user_config.yml``:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
# Disable Octavia support in Neutron
|
||||
neutron_lbaas_octavia: False
|
||||
# Disable LBaaS V2
|
||||
neutron_lbaasv2: False
|
||||
# Enable Octavia V2 API/standalone
|
||||
octavia_v2: True
|
||||
# Disable Octavia V1 API
|
||||
octavia_v1: False
|
||||
|
||||
Please note that in some settings the LBaaS plugin is directly enabled in the
|
||||
``neutron_plugin_base`` so adjust this as necessary.
|
||||
|
||||
Please be aware that if you enable only the Octavia endpoint, only
|
||||
Octavia load balancers can be created because the integration with 3rd party
|
||||
load balancer vendors nor with the haproxy namespace driver is available
|
||||
in the Pike release.
|
||||
|
||||
Optional: Tuning Octavia for production use
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
features:
|
||||
- Adds a new flag to enable Octavia V2 API (disabled by default) to facilitate to run Octavia
|
||||
stand alone (without Neutron)
|
||||
- Adds a new flag to toggle Octavia V1 API (the API needed to run in conjunction with Neutron)
|
||||
and enables it by default.
|
||||
|
||||
|
|
@ -66,7 +66,8 @@
|
|||
retries: 5
|
||||
delay: 10
|
||||
|
||||
# Create an endpoint
|
||||
# Create an endpoint (v2 only)
|
||||
# V1 uses a direct URL in the neutron conf
|
||||
- name: Ensure octavia endpoint
|
||||
keystone:
|
||||
command: "ensure_endpoint"
|
||||
|
|
@ -79,14 +80,14 @@
|
|||
service_type: "{{ octavia_service_type }}"
|
||||
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||
endpoint_list:
|
||||
# Versions pre Pike only have an internal endpoint
|
||||
# - url: "{{ service_publicurl }}"
|
||||
# interface: "public"
|
||||
- url: "{{ octavia_service_internalurl }}"
|
||||
- url: "{{ octavia_service_publicurl_v2 }}"
|
||||
interface: "public"
|
||||
- url: "{{ octavia_service_internalurl_v2 }}"
|
||||
interface: "internal"
|
||||
# - url: "{{ service_adminurl }}"
|
||||
# interface: "admin"
|
||||
register: add_service
|
||||
until: add_service|success
|
||||
- url: "{{ octavia_service_adminurl_v2 }}"
|
||||
interface: "admin"
|
||||
register: add_service_v2
|
||||
until: add_service_v2|success
|
||||
retries: 5
|
||||
delay: 10
|
||||
when: octavia_v2 | bool
|
||||
|
|
|
|||
|
|
@ -1,13 +1,16 @@
|
|||
[DEFAULT]
|
||||
# Print debugging output (set logging level to DEBUG instead of default WARNING level).
|
||||
debug = {{ debug }}
|
||||
|
||||
{% if not octavia_v2|bool %}
|
||||
bind_host = 0.0.0.0
|
||||
bind_port = {{ octavia_service_port }}
|
||||
# api_handler = queue_producer
|
||||
#
|
||||
# How should authentication be handled (keystone, noauth)
|
||||
# auth_strategy = noauth
|
||||
auth_strategy = {{ octavia_auth_strategy }}
|
||||
#
|
||||
{% endif %}
|
||||
# Plugin options are hot_plug_plugin (Hot-pluggable controller plugin)
|
||||
#
|
||||
# octavia_plugins = hot_plug_plugin
|
||||
|
|
@ -24,8 +27,20 @@ bind_port = {{ octavia_service_port }}
|
|||
|
||||
transport_url = rabbit://{% for host in octavia_rabbitmq_servers.split(',') %}{{ octavia_rabbitmq_userid }}:{{ octavia_rabbitmq_password }}@{{ host }}:{{ octavia_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ octavia_rabbitmq_vhost }}{% endif %}{% endfor %}
|
||||
|
||||
# for pre Pike
|
||||
[api_settings]
|
||||
bind_host = 0.0.0.0
|
||||
bind_port = {{ octavia_service_port }}
|
||||
# api_handler = queue_producer
|
||||
#
|
||||
# How should authentication be handled (keystone, noauth)
|
||||
# Note: remove "noauth" once LP bug is fixed
|
||||
auth_strategy = {{ octavia_auth_strategy }}
|
||||
#
|
||||
api_v1_enabled = {{ octavia_v1 }}
|
||||
api_v2_enabled = {{ octavia_v2 }}
|
||||
# Allow users to create TLS Terminated listeners?
|
||||
allow_tls_terminated_listeners = {{ octavia_tls_listener_enabled }}
|
||||
|
||||
# pre Ocata
|
||||
[oslo_messaging_rabbit]
|
||||
ssl = {{ octavia_rabbitmq_use_ssl }}
|
||||
|
|
|
|||
Loading…
Reference in New Issue