Add skyline service
Support to deploy skyline by kolla-ansible. Implements: blueprint skyline Depends-On: https://review.opendev.org/c/openstack/kolla/+/826948 Change-Id: Ice5621491a432ba32138abd6f62d1f815cc219e0
This commit is contained in:
parent
66ec9cef55
commit
113b77c8cb
@ -515,6 +515,13 @@ senlin_external_fqdn: "{{ kolla_external_fqdn }}"
|
|||||||
senlin_api_port: "8778"
|
senlin_api_port: "8778"
|
||||||
senlin_api_listen_port: "{{ senlin_api_port }}"
|
senlin_api_listen_port: "{{ senlin_api_port }}"
|
||||||
|
|
||||||
|
skyline_internal_fqdn: "{{ kolla_internal_fqdn }}"
|
||||||
|
skyline_external_fqdn: "{{ kolla_external_fqdn }}"
|
||||||
|
skyline_apiserver_port: "9998"
|
||||||
|
skyline_apiserver_listen_port: "{{ skyline_apiserver_port }}"
|
||||||
|
skyline_console_port: "9999"
|
||||||
|
skyline_console_listen_port: "{{ skyline_console_port }}"
|
||||||
|
|
||||||
solum_application_deployment_port: "9777"
|
solum_application_deployment_port: "9777"
|
||||||
solum_image_builder_port: "9778"
|
solum_image_builder_port: "9778"
|
||||||
|
|
||||||
@ -735,6 +742,7 @@ enable_proxysql: "no"
|
|||||||
enable_redis: "no"
|
enable_redis: "no"
|
||||||
enable_sahara: "no"
|
enable_sahara: "no"
|
||||||
enable_senlin: "no"
|
enable_senlin: "no"
|
||||||
|
enable_skyline: "no"
|
||||||
enable_solum: "no"
|
enable_solum: "no"
|
||||||
enable_swift: "no"
|
enable_swift: "no"
|
||||||
enable_swift_s3api: "no"
|
enable_swift_s3api: "no"
|
||||||
|
@ -198,6 +198,9 @@ control
|
|||||||
[zun:children]
|
[zun:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
|
[skyline:children]
|
||||||
|
control
|
||||||
|
|
||||||
[redis:children]
|
[redis:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
@ -621,6 +624,13 @@ compute
|
|||||||
[zun-cni-daemon:children]
|
[zun-cni-daemon:children]
|
||||||
compute
|
compute
|
||||||
|
|
||||||
|
# Skyline
|
||||||
|
[skyline-apiserver:children]
|
||||||
|
skyline
|
||||||
|
|
||||||
|
[skyline-console:children]
|
||||||
|
skyline
|
||||||
|
|
||||||
# Tacker
|
# Tacker
|
||||||
[tacker-server:children]
|
[tacker-server:children]
|
||||||
tacker
|
tacker
|
||||||
|
@ -216,6 +216,9 @@ control
|
|||||||
[zun:children]
|
[zun:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
|
[skyline:children]
|
||||||
|
control
|
||||||
|
|
||||||
[redis:children]
|
[redis:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
@ -639,6 +642,13 @@ compute
|
|||||||
[zun-cni-daemon:children]
|
[zun-cni-daemon:children]
|
||||||
compute
|
compute
|
||||||
|
|
||||||
|
# Skyline
|
||||||
|
[skyline-apiserver:children]
|
||||||
|
skyline
|
||||||
|
|
||||||
|
[skyline-console:children]
|
||||||
|
skyline
|
||||||
|
|
||||||
# Tacker
|
# Tacker
|
||||||
[tacker-server:children]
|
[tacker-server:children]
|
||||||
tacker
|
tacker
|
||||||
|
@ -189,6 +189,7 @@
|
|||||||
- { name: "rabbitmq", enabled: "{{ enable_rabbitmq | bool }}" }
|
- { name: "rabbitmq", enabled: "{{ enable_rabbitmq | bool }}" }
|
||||||
- { name: "sahara", enabled: "{{ enable_sahara | bool }}" }
|
- { name: "sahara", enabled: "{{ enable_sahara | bool }}" }
|
||||||
- { name: "senlin", enabled: "{{ enable_senlin | bool }}" }
|
- { name: "senlin", enabled: "{{ enable_senlin | bool }}" }
|
||||||
|
- { name: "skyline", enabled: "{{ enable_skyline | bool }}" }
|
||||||
- { name: "solum", enabled: "{{ enable_solum | bool }}" }
|
- { name: "solum", enabled: "{{ enable_solum | bool }}" }
|
||||||
- { name: "swift", enabled: "{{ enable_swift | bool }}" }
|
- { name: "swift", enabled: "{{ enable_swift | bool }}" }
|
||||||
- { name: "tacker", enabled: "{{ enable_tacker | bool }}" }
|
- { name: "tacker", enabled: "{{ enable_tacker | bool }}" }
|
||||||
|
@ -166,6 +166,11 @@
|
|||||||
pattern ^(venus-api|venus-manager)$
|
pattern ^(venus-api|venus-manager)$
|
||||||
tag openstack_python
|
tag openstack_python
|
||||||
</rule>
|
</rule>
|
||||||
|
<rule>
|
||||||
|
key programname
|
||||||
|
pattern ^(skyline)$
|
||||||
|
tag openstack_python
|
||||||
|
</rule>
|
||||||
<rule>
|
<rule>
|
||||||
key programname
|
key programname
|
||||||
pattern .+
|
pattern .+
|
||||||
|
@ -0,0 +1,3 @@
|
|||||||
|
"/var/log/kolla/skyline/*.log"
|
||||||
|
{
|
||||||
|
}
|
186
ansible/roles/skyline/defaults/main.yml
Normal file
186
ansible/roles/skyline/defaults/main.yml
Normal file
@ -0,0 +1,186 @@
|
|||||||
|
---
|
||||||
|
skyline_services:
|
||||||
|
skyline-apiserver:
|
||||||
|
container_name: skyline_apiserver
|
||||||
|
group: skyline-apiserver
|
||||||
|
enabled: true
|
||||||
|
image: "{{ skyline_apiserver_image_full }}"
|
||||||
|
volumes: "{{ skyline_apiserver_default_volumes + skyline_apiserver_extra_volumes }}"
|
||||||
|
dimensions: "{{ skyline_apiserver_dimensions }}"
|
||||||
|
healthcheck: "{{ skyline_apiserver_healthcheck }}"
|
||||||
|
haproxy:
|
||||||
|
skyline_apiserver:
|
||||||
|
enabled: "{{ enable_skyline }}"
|
||||||
|
mode: "http"
|
||||||
|
external: false
|
||||||
|
port: "{{ skyline_apiserver_port }}"
|
||||||
|
listen_port: "{{ skyline_apiserver_listen_port }}"
|
||||||
|
tls_backend: "{{ skyline_enable_tls_backend }}"
|
||||||
|
skyline_apiserver_external:
|
||||||
|
enabled: "{{ enable_skyline }}"
|
||||||
|
mode: "http"
|
||||||
|
external: true
|
||||||
|
port: "{{ skyline_apiserver_port }}"
|
||||||
|
listen_port: "{{ skyline_apiserver_listen_port }}"
|
||||||
|
tls_backend: "{{ skyline_enable_tls_backend }}"
|
||||||
|
skyline-console:
|
||||||
|
container_name: skyline_console
|
||||||
|
group: skyline-console
|
||||||
|
enabled: true
|
||||||
|
image: "{{ skyline_console_image_full }}"
|
||||||
|
volumes: "{{ skyline_console_default_volumes + skyline_console_extra_volumes }}"
|
||||||
|
dimensions: "{{ skyline_console_dimensions }}"
|
||||||
|
healthcheck: "{{ skyline_console_healthcheck }}"
|
||||||
|
haproxy:
|
||||||
|
skyline_console:
|
||||||
|
enabled: "{{ enable_skyline }}"
|
||||||
|
mode: "http"
|
||||||
|
external: false
|
||||||
|
port: "{{ skyline_console_port }}"
|
||||||
|
listen_port: "{{ skyline_console_listen_port }}"
|
||||||
|
tls_backend: "{{ skyline_enable_tls_backend }}"
|
||||||
|
skyline_console_external:
|
||||||
|
enabled: "{{ enable_skyline }}"
|
||||||
|
mode: "http"
|
||||||
|
external: true
|
||||||
|
port: "{{ skyline_console_port }}"
|
||||||
|
listen_port: "{{ skyline_console_listen_port }}"
|
||||||
|
tls_backend: "{{ skyline_enable_tls_backend }}"
|
||||||
|
|
||||||
|
####################
|
||||||
|
# Database
|
||||||
|
####################
|
||||||
|
skyline_database_name: "skyline"
|
||||||
|
skyline_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}skyline{% endif %}"
|
||||||
|
skyline_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}"
|
||||||
|
|
||||||
|
####################
|
||||||
|
# Database sharding
|
||||||
|
####################
|
||||||
|
skyline_database_shard_root_user: "{% if enable_proxysql | bool %}root_shard_{{ skyline_database_shard_id }}{% else %}{{ database_user }}{% endif %}"
|
||||||
|
skyline_database_shard_id: "{{ mariadb_default_database_shard_id | int }}"
|
||||||
|
skyline_database_shard:
|
||||||
|
users:
|
||||||
|
- user: "{{ skyline_database_user }}"
|
||||||
|
password: "{{ skyline_database_password }}"
|
||||||
|
rules:
|
||||||
|
- schema: "{{ skyline_database_name }}"
|
||||||
|
shard_id: "{{ skyline_database_shard_id }}"
|
||||||
|
|
||||||
|
####################
|
||||||
|
# Docker
|
||||||
|
####################
|
||||||
|
skyline_tag: "{{ openstack_tag }}"
|
||||||
|
|
||||||
|
skyline_apiserver_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/skyline-apiserver"
|
||||||
|
skyline_apiserver_tag: "{{ skyline_tag }}"
|
||||||
|
skyline_apiserver_image_full: "{{ skyline_apiserver_image }}:{{ skyline_apiserver_tag }}"
|
||||||
|
|
||||||
|
skyline_console_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/skyline-console"
|
||||||
|
skyline_console_tag: "{{ skyline_tag }}"
|
||||||
|
skyline_console_image_full: "{{ skyline_console_image }}:{{ skyline_console_tag }}"
|
||||||
|
|
||||||
|
skyline_apiserver_dimensions: "{{ default_container_dimensions }}"
|
||||||
|
skyline_console_dimensions: "{{ default_container_dimensions }}"
|
||||||
|
|
||||||
|
skyline_apiserver_enable_healthchecks: "{{ enable_container_healthchecks }}"
|
||||||
|
skyline_apiserver_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
|
||||||
|
skyline_apiserver_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
|
||||||
|
skyline_apiserver_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
|
||||||
|
skyline_apiserver_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if skyline_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ skyline_apiserver_listen_port }}/docs"]
|
||||||
|
skyline_apiserver_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
|
||||||
|
skyline_apiserver_healthcheck:
|
||||||
|
interval: "{{ skyline_apiserver_healthcheck_interval }}"
|
||||||
|
retries: "{{ skyline_apiserver_healthcheck_retries }}"
|
||||||
|
start_period: "{{ skyline_apiserver_healthcheck_start_period }}"
|
||||||
|
test: "{% if skyline_apiserver_enable_healthchecks | bool %}{{ skyline_apiserver_healthcheck_test }}{% else %}NONE{% endif %}"
|
||||||
|
timeout: "{{ skyline_apiserver_healthcheck_timeout }}"
|
||||||
|
|
||||||
|
skyline_console_enable_healthchecks: "{{ enable_container_healthchecks }}"
|
||||||
|
skyline_console_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
|
||||||
|
skyline_console_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
|
||||||
|
skyline_console_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
|
||||||
|
skyline_console_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if skyline_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ skyline_console_listen_port }}/docs"]
|
||||||
|
skyline_console_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
|
||||||
|
skyline_console_healthcheck:
|
||||||
|
interval: "{{ skyline_console_healthcheck_interval }}"
|
||||||
|
retries: "{{ skyline_console_healthcheck_retries }}"
|
||||||
|
start_period: "{{ skyline_console_healthcheck_start_period }}"
|
||||||
|
test: "{% if skyline_console_enable_healthchecks | bool %}{{ skyline_console_healthcheck_test }}{% else %}NONE{% endif %}"
|
||||||
|
timeout: "{{ skyline_console_healthcheck_timeout }}"
|
||||||
|
|
||||||
|
skyline_apiserver_default_volumes:
|
||||||
|
- "{{ node_config_directory }}/skyline-apiserver/:{{ container_config_directory }}/:ro"
|
||||||
|
- "/etc/localtime:/etc/localtime:ro"
|
||||||
|
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
|
||||||
|
- "kolla_logs:/var/log/kolla/"
|
||||||
|
|
||||||
|
skyline_console_default_volumes:
|
||||||
|
- "{{ node_config_directory }}/skyline-console/:{{ container_config_directory }}/:ro"
|
||||||
|
- "/etc/localtime:/etc/localtime:ro"
|
||||||
|
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
|
||||||
|
- "kolla_logs:/var/log/kolla/"
|
||||||
|
|
||||||
|
skyline_extra_volumes: "{{ default_extra_volumes }}"
|
||||||
|
skyline_apiserver_extra_volumes: "{{ skyline_extra_volumes }}"
|
||||||
|
skyline_console_extra_volumes: "{{ skyline_extra_volumes }}"
|
||||||
|
|
||||||
|
####################
|
||||||
|
# OpenStack
|
||||||
|
####################
|
||||||
|
skyline_internal_endpoint: "{{ internal_protocol }}://{{ skyline_internal_fqdn | put_address_in_context('url') }}:{{ skyline_apiserver_port }}"
|
||||||
|
skyline_public_endpoint: "{{ public_protocol }}://{{ skyline_external_fqdn | put_address_in_context('url') }}:{{ skyline_apiserver_port }}"
|
||||||
|
|
||||||
|
skyline_logging_debug: "{{ openstack_logging_debug }}"
|
||||||
|
|
||||||
|
openstack_skyline_auth: "{{ openstack_auth }}"
|
||||||
|
|
||||||
|
####################
|
||||||
|
# Skyline
|
||||||
|
####################
|
||||||
|
log_dir: /var/log/kolla/skyline
|
||||||
|
skyline_access_token_expire_seconds: 3600
|
||||||
|
skyline_access_token_renew_seconds: 1800
|
||||||
|
skyline_backend_cors_origins: []
|
||||||
|
skyline_nginx_prefix: /api/openstack
|
||||||
|
# if set skyline_base_domains_ignore as true, we will not display
|
||||||
|
# the domains like heat_user_domain when we login from skyline.
|
||||||
|
skyline_base_domains_ignore: true
|
||||||
|
skyline_system_admin_roles:
|
||||||
|
- admin
|
||||||
|
skyline_system_reader_roles:
|
||||||
|
- system_reader
|
||||||
|
skyline_keystone_url: "{{ keystone_internal_url }}/v3/"
|
||||||
|
skyline_session_name: session
|
||||||
|
skyline_reclaim_instance_interval: 604800
|
||||||
|
|
||||||
|
skyline_gunicorn_debug_level: "{% if openstack_logging_debug | bool %}DEBUG{% else %}INFO{% endif %}"
|
||||||
|
skyline_gunicorn_timeout: 300
|
||||||
|
skyline_gunicorn_keepalive: 5
|
||||||
|
skyline_gunicorn_workers: "{{ openstack_service_workers }}"
|
||||||
|
|
||||||
|
skyline_ssl_certfile: "{{ '/etc/skyline/certs/skyline-cert.pem' if skyline_enable_tls_backend | bool else '' }}"
|
||||||
|
skyline_ssl_keyfile: "{{ '/etc/skyline/certs/skyline-key.pem' if skyline_enable_tls_backend | bool else '' }}"
|
||||||
|
|
||||||
|
####################
|
||||||
|
# Keystone
|
||||||
|
####################
|
||||||
|
skyline_keystone_user: skyline
|
||||||
|
skyline_ks_services:
|
||||||
|
- name: "skyline"
|
||||||
|
type: "panel"
|
||||||
|
description: "OpenStack Dashboard Service"
|
||||||
|
endpoints:
|
||||||
|
- {'interface': 'internal', 'url': '{{ skyline_internal_endpoint }}'}
|
||||||
|
- {'interface': 'public', 'url': '{{ skyline_public_endpoint }}'}
|
||||||
|
|
||||||
|
skyline_ks_users:
|
||||||
|
- project: "service"
|
||||||
|
user: "{{ skyline_keystone_user }}"
|
||||||
|
password: "{{ skyline_keystone_password }}"
|
||||||
|
role: "admin"
|
||||||
|
|
||||||
|
####################
|
||||||
|
# TLS
|
||||||
|
####################
|
||||||
|
skyline_enable_tls_backend: "{{ kolla_enable_tls_backend }}"
|
32
ansible/roles/skyline/handlers/main.yml
Normal file
32
ansible/roles/skyline/handlers/main.yml
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
---
|
||||||
|
- name: Restart skyline-apiserver container
|
||||||
|
vars:
|
||||||
|
service_name: "skyline-apiserver"
|
||||||
|
service: "{{ skyline_services[service_name] }}"
|
||||||
|
become: true
|
||||||
|
kolla_docker:
|
||||||
|
action: "recreate_or_restart_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
name: "{{ service.container_name }}"
|
||||||
|
image: "{{ service.image }}"
|
||||||
|
volumes: "{{ service.volumes | reject('equalto', '') | list }}"
|
||||||
|
dimensions: "{{ service.dimensions }}"
|
||||||
|
healthcheck: "{{ service.healthcheck | default(omit) }}"
|
||||||
|
when:
|
||||||
|
- kolla_action != "config"
|
||||||
|
|
||||||
|
- name: Restart skyline-console container
|
||||||
|
vars:
|
||||||
|
service_name: "skyline-console"
|
||||||
|
service: "{{ skyline_services[service_name] }}"
|
||||||
|
become: true
|
||||||
|
kolla_docker:
|
||||||
|
action: "recreate_or_restart_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
name: "{{ service.container_name }}"
|
||||||
|
image: "{{ service.image }}"
|
||||||
|
volumes: "{{ service.volumes | reject('equalto', '') | list }}"
|
||||||
|
dimensions: "{{ service.dimensions }}"
|
||||||
|
healthcheck: "{{ service.healthcheck | default(omit) }}"
|
||||||
|
when:
|
||||||
|
- kolla_action != "config"
|
38
ansible/roles/skyline/tasks/bootstrap.yml
Normal file
38
ansible/roles/skyline/tasks/bootstrap.yml
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
---
|
||||||
|
- name: Creating Skyline database
|
||||||
|
become: true
|
||||||
|
kolla_toolbox:
|
||||||
|
container_engine: "{{ kolla_container_engine }}"
|
||||||
|
module_name: mysql_db
|
||||||
|
module_args:
|
||||||
|
login_host: "{{ database_address }}"
|
||||||
|
login_port: "{{ database_port }}"
|
||||||
|
login_user: "{{ skyline_database_shard_root_user }}"
|
||||||
|
login_password: "{{ database_password }}"
|
||||||
|
name: "{{ skyline_database_name }}"
|
||||||
|
run_once: True
|
||||||
|
delegate_to: "{{ groups['skyline-apiserver'][0] }}"
|
||||||
|
when:
|
||||||
|
- not use_preconfigured_databases | bool
|
||||||
|
|
||||||
|
- name: Creating Skyline database user and setting permissions
|
||||||
|
become: true
|
||||||
|
kolla_toolbox:
|
||||||
|
container_engine: "{{ kolla_container_engine }}"
|
||||||
|
module_name: mysql_user
|
||||||
|
module_args:
|
||||||
|
login_host: "{{ database_address }}"
|
||||||
|
login_port: "{{ database_port }}"
|
||||||
|
login_user: "{{ skyline_database_shard_root_user }}"
|
||||||
|
login_password: "{{ database_password }}"
|
||||||
|
name: "{{ skyline_database_user }}"
|
||||||
|
password: "{{ skyline_database_password }}"
|
||||||
|
host: "%"
|
||||||
|
priv: "{{ skyline_database_name }}.*:ALL"
|
||||||
|
append_privs: "yes"
|
||||||
|
run_once: True
|
||||||
|
delegate_to: "{{ groups['skyline-apiserver'][0] }}"
|
||||||
|
when:
|
||||||
|
- not use_preconfigured_databases | bool
|
||||||
|
|
||||||
|
- import_tasks: bootstrap_service.yml
|
20
ansible/roles/skyline/tasks/bootstrap_service.yml
Normal file
20
ansible/roles/skyline/tasks/bootstrap_service.yml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
---
|
||||||
|
- name: Running Skyline bootstrap container
|
||||||
|
vars:
|
||||||
|
skyline_apiserver: "{{ skyline_services['skyline-apiserver'] }}"
|
||||||
|
become: true
|
||||||
|
kolla_docker:
|
||||||
|
action: "start_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
detach: False
|
||||||
|
environment:
|
||||||
|
KOLLA_BOOTSTRAP:
|
||||||
|
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||||
|
image: "{{ skyline_apiserver.image }}"
|
||||||
|
labels:
|
||||||
|
BOOTSTRAP:
|
||||||
|
name: "bootstrap_skyline"
|
||||||
|
restart_policy: no
|
||||||
|
volumes: "{{ skyline_apiserver.volumes | reject('equalto', '') | list }}"
|
||||||
|
run_once: True
|
||||||
|
delegate_to: "{{ groups[skyline_apiserver.group][0] }}"
|
17
ansible/roles/skyline/tasks/check-containers.yml
Normal file
17
ansible/roles/skyline/tasks/check-containers.yml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
---
|
||||||
|
- name: Check skyline container
|
||||||
|
become: true
|
||||||
|
kolla_docker:
|
||||||
|
action: "compare_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
name: "{{ item.value.container_name }}"
|
||||||
|
image: "{{ item.value.image }}"
|
||||||
|
volumes: "{{ item.value.volumes | reject('equalto', '') | list }}"
|
||||||
|
dimensions: "{{ item.value.dimensions }}"
|
||||||
|
healthcheck: "{{ horizon.healthcheck | default(omit) }}"
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ skyline_services }}"
|
||||||
|
notify:
|
||||||
|
- "Restart {{ item.key }} container"
|
1
ansible/roles/skyline/tasks/check.yml
Normal file
1
ansible/roles/skyline/tasks/check.yml
Normal file
@ -0,0 +1 @@
|
|||||||
|
---
|
69
ansible/roles/skyline/tasks/config.yml
Normal file
69
ansible/roles/skyline/tasks/config.yml
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
---
|
||||||
|
- name: Ensuring config directories exist
|
||||||
|
file:
|
||||||
|
path: "{{ node_config_directory }}/{{ item.key }}"
|
||||||
|
state: "directory"
|
||||||
|
owner: "{{ config_owner_user }}"
|
||||||
|
group: "{{ config_owner_group }}"
|
||||||
|
mode: "0770"
|
||||||
|
become: true
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ skyline_services }}"
|
||||||
|
|
||||||
|
- include_tasks: copy-certs.yml
|
||||||
|
when:
|
||||||
|
- kolla_copy_ca_into_containers | bool or skyline_enable_tls_backend | bool
|
||||||
|
|
||||||
|
- name: Copying over skyline.yaml files for services
|
||||||
|
template:
|
||||||
|
src: "skyline.yaml.j2"
|
||||||
|
dest: "{{ node_config_directory }}/{{ item.key }}/skyline.yaml"
|
||||||
|
mode: "0660"
|
||||||
|
become: true
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ skyline_services }}"
|
||||||
|
notify:
|
||||||
|
- "Restart {{ item.key }} container"
|
||||||
|
|
||||||
|
- name: Copying over gunicorn.py files for services
|
||||||
|
template:
|
||||||
|
src: "gunicorn.py.j2"
|
||||||
|
dest: "{{ node_config_directory }}/{{ item.key }}/gunicorn.py"
|
||||||
|
mode: "0660"
|
||||||
|
become: true
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups['skyline-apiserver']
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ skyline_services }}"
|
||||||
|
notify:
|
||||||
|
- "Restart {{ item.key }} container"
|
||||||
|
|
||||||
|
- name: Copying over nginx.conf files for services
|
||||||
|
template:
|
||||||
|
src: "nginx.conf.j2"
|
||||||
|
dest: "{{ node_config_directory }}/{{ item.key }}/nginx.conf"
|
||||||
|
mode: "0660"
|
||||||
|
become: true
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups['skyline-console']
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ skyline_services }}"
|
||||||
|
notify:
|
||||||
|
- "Restart {{ item.key }} container"
|
||||||
|
|
||||||
|
- name: Copying over config.json files for services
|
||||||
|
template:
|
||||||
|
src: "{{ item.key }}.json.j2"
|
||||||
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
||||||
|
mode: "0660"
|
||||||
|
become: true
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ skyline_services }}"
|
||||||
|
notify:
|
||||||
|
- "Restart {{ item.key }} container"
|
1
ansible/roles/skyline/tasks/config_validate.yml
Normal file
1
ansible/roles/skyline/tasks/config_validate.yml
Normal file
@ -0,0 +1 @@
|
|||||||
|
---
|
6
ansible/roles/skyline/tasks/copy-certs.yml
Normal file
6
ansible/roles/skyline/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ skyline_services }}"
|
11
ansible/roles/skyline/tasks/deploy.yml
Normal file
11
ansible/roles/skyline/tasks/deploy.yml
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
---
|
||||||
|
- import_tasks: register.yml
|
||||||
|
|
||||||
|
- import_tasks: config.yml
|
||||||
|
|
||||||
|
- import_tasks: check-containers.yml
|
||||||
|
|
||||||
|
- import_tasks: bootstrap.yml
|
||||||
|
|
||||||
|
- name: Flush handlers
|
||||||
|
meta: flush_handlers
|
7
ansible/roles/skyline/tasks/loadbalancer.yml
Normal file
7
ansible/roles/skyline/tasks/loadbalancer.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- name: "Configure loadbalancer for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
name: loadbalancer-config
|
||||||
|
vars:
|
||||||
|
project_services: "{{ skyline_services }}"
|
||||||
|
tags: always
|
2
ansible/roles/skyline/tasks/main.yml
Normal file
2
ansible/roles/skyline/tasks/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
- include_tasks: "{{ kolla_action }}.yml"
|
37
ansible/roles/skyline/tasks/precheck.yml
Normal file
37
ansible/roles/skyline/tasks/precheck.yml
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
---
|
||||||
|
- import_role:
|
||||||
|
name: service-precheck
|
||||||
|
vars:
|
||||||
|
service_precheck_services: "{{ skyline_services }}"
|
||||||
|
service_name: "{{ project_name }}"
|
||||||
|
|
||||||
|
- name: Get container facts
|
||||||
|
become: true
|
||||||
|
kolla_container_facts:
|
||||||
|
container_engine: "{{ kolla_container_engine }}"
|
||||||
|
name:
|
||||||
|
- skyline_apiserver
|
||||||
|
- skyline_console
|
||||||
|
register: container_facts
|
||||||
|
|
||||||
|
- name: Checking free port for Skyline APIServer
|
||||||
|
wait_for:
|
||||||
|
host: "{{ api_interface_address }}"
|
||||||
|
port: "{{ skyline_apiserver_listen_port }}"
|
||||||
|
connect_timeout: 1
|
||||||
|
timeout: 1
|
||||||
|
state: stopped
|
||||||
|
when:
|
||||||
|
- container_facts['skyline_apiserver'] is not defined
|
||||||
|
- inventory_hostname in groups['skyline-apiserver']
|
||||||
|
|
||||||
|
- name: Checking free port for Skyline Console
|
||||||
|
wait_for:
|
||||||
|
host: "{{ api_interface_address }}"
|
||||||
|
port: "{{ skyline_console_listen_port }}"
|
||||||
|
connect_timeout: 1
|
||||||
|
timeout: 1
|
||||||
|
state: stopped
|
||||||
|
when:
|
||||||
|
- container_facts['skyline_console'] is not defined
|
||||||
|
- inventory_hostname in groups['skyline-console']
|
3
ansible/roles/skyline/tasks/pull.yml
Normal file
3
ansible/roles/skyline/tasks/pull.yml
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
---
|
||||||
|
- import_role:
|
||||||
|
role: service-images-pull
|
2
ansible/roles/skyline/tasks/reconfigure.yml
Normal file
2
ansible/roles/skyline/tasks/reconfigure.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
- include_tasks: deploy.yml
|
7
ansible/roles/skyline/tasks/register.yml
Normal file
7
ansible/roles/skyline/tasks/register.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- import_role:
|
||||||
|
name: service-ks-register
|
||||||
|
vars:
|
||||||
|
service_ks_register_auth: "{{ openstack_skyline_auth }}"
|
||||||
|
service_ks_register_services: "{{ skyline_ks_services }}"
|
||||||
|
service_ks_register_users: "{{ skyline_ks_users }}"
|
11
ansible/roles/skyline/tasks/stop.yml
Normal file
11
ansible/roles/skyline/tasks/stop.yml
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
---
|
||||||
|
- name: "Stopping skyline containers"
|
||||||
|
vars:
|
||||||
|
service: "{{ item.value }}"
|
||||||
|
docker_container:
|
||||||
|
name: "{{ service.container_name }}"
|
||||||
|
state: stopped
|
||||||
|
when:
|
||||||
|
- service.enabled | bool
|
||||||
|
- service.container_name not in skip_stop_containers
|
||||||
|
with_dict: "{{ skyline_services }}"
|
7
ansible/roles/skyline/tasks/upgrade.yml
Normal file
7
ansible/roles/skyline/tasks/upgrade.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- import_tasks: config.yml
|
||||||
|
|
||||||
|
- import_tasks: check-containers.yml
|
||||||
|
|
||||||
|
- name: Flush handlers
|
||||||
|
meta: flush_handlers
|
66
ansible/roles/skyline/templates/gunicorn.py.j2
Normal file
66
ansible/roles/skyline/templates/gunicorn.py.j2
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
# Copyright 2022 99cloud
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
|
||||||
|
bind = "{{ api_interface_address }}:{{ skyline_apiserver_port }}"
|
||||||
|
workers = {{ skyline_gunicorn_workers }}
|
||||||
|
worker_class = "uvicorn.workers.UvicornWorker"
|
||||||
|
timeout = {{ skyline_gunicorn_timeout }}
|
||||||
|
keepalive = {{ skyline_gunicorn_keepalive }}
|
||||||
|
reuse_port = True
|
||||||
|
proc_name = "{{ project_name }}"
|
||||||
|
|
||||||
|
logconfig_dict = {
|
||||||
|
"version": 1,
|
||||||
|
"disable_existing_loggers": False,
|
||||||
|
"root": {"level": "{{ skyline_gunicorn_debug_level }}", "handlers": ["console"]},
|
||||||
|
"loggers": {
|
||||||
|
"gunicorn.error": {
|
||||||
|
"level": "{{ skyline_gunicorn_debug_level }}",
|
||||||
|
"handlers": ["error_file"],
|
||||||
|
"propagate": 0,
|
||||||
|
"qualname": "gunicorn_error",
|
||||||
|
},
|
||||||
|
"gunicorn.access": {
|
||||||
|
"level": "{{ skyline_gunicorn_debug_level }}",
|
||||||
|
"handlers": ["access_file"],
|
||||||
|
"propagate": 0,
|
||||||
|
"qualname": "access",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
"handlers": {
|
||||||
|
"error_file": {
|
||||||
|
"class": "logging.handlers.RotatingFileHandler",
|
||||||
|
"formatter": "generic",
|
||||||
|
"filename": "{{ log_dir }}/skyline-error.log",
|
||||||
|
},
|
||||||
|
"access_file": {
|
||||||
|
"class": "logging.handlers.RotatingFileHandler",
|
||||||
|
"formatter": "generic",
|
||||||
|
"filename": "{{ log_dir }}/skyline-access.log",
|
||||||
|
},
|
||||||
|
"console": {
|
||||||
|
"class": "logging.StreamHandler",
|
||||||
|
"level": "{{ skyline_gunicorn_debug_level }}",
|
||||||
|
"formatter": "generic",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
"formatters": {
|
||||||
|
"generic": {
|
||||||
|
"format": "%(asctime)s.%(msecs)03d %(process)d %(levelname)s [-] %(message)s",
|
||||||
|
"datefmt": "[%Y-%m-%d %H:%M:%S %z]",
|
||||||
|
"class": "logging.Formatter",
|
||||||
|
}
|
||||||
|
},
|
||||||
|
}
|
258
ansible/roles/skyline/templates/nginx.conf.j2
Normal file
258
ansible/roles/skyline/templates/nginx.conf.j2
Normal file
@ -0,0 +1,258 @@
|
|||||||
|
daemon off;
|
||||||
|
worker_processes auto;
|
||||||
|
pid /run/nginx.pid;
|
||||||
|
include /etc/nginx/modules-enabled/*.conf;
|
||||||
|
|
||||||
|
events {
|
||||||
|
worker_connections 1024;
|
||||||
|
multi_accept on;
|
||||||
|
}
|
||||||
|
|
||||||
|
http {
|
||||||
|
|
||||||
|
##
|
||||||
|
# Basic Settings
|
||||||
|
##
|
||||||
|
sendfile on;
|
||||||
|
tcp_nopush on;
|
||||||
|
tcp_nodelay on;
|
||||||
|
client_max_body_size 0;
|
||||||
|
types_hash_max_size 2048;
|
||||||
|
proxy_request_buffering off;
|
||||||
|
server_tokens off;
|
||||||
|
|
||||||
|
# server_names_hash_bucket_size 64;
|
||||||
|
# server_name_in_redirect off;
|
||||||
|
|
||||||
|
include /etc/nginx/mime.types;
|
||||||
|
default_type application/octet-stream;
|
||||||
|
{% if skyline_ssl_certfile and skyline_ssl_keyfile %}
|
||||||
|
##
|
||||||
|
# SSL Settings
|
||||||
|
##
|
||||||
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
|
ssl_prefer_server_ciphers on;
|
||||||
|
|
||||||
|
# Self signed certs generated by the ssl-cert package
|
||||||
|
# Don't use them in a production server!
|
||||||
|
ssl_certificate {{ skyline_ssl_certfile }};
|
||||||
|
ssl_certificate_key {{ skyline_ssl_keyfile }};
|
||||||
|
{% endif %}
|
||||||
|
##
|
||||||
|
# Logging Settings
|
||||||
|
##
|
||||||
|
log_format main '$remote_addr - $remote_user [$time_local] "$request_time" '
|
||||||
|
'"$upstream_response_time" "$request" '
|
||||||
|
'$status $body_bytes_sent "$http_referer" '
|
||||||
|
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||||
|
access_log {{ log_dir | default('/var/log/skyline') }}/skyline-nginx-access.log main;
|
||||||
|
error_log {{ log_dir | default('/var/log/skyline') }}/skyline-nginx-error.log;
|
||||||
|
|
||||||
|
##
|
||||||
|
# Gzip Settings
|
||||||
|
##
|
||||||
|
gzip on;
|
||||||
|
gzip_static on;
|
||||||
|
gzip_disable "msie6";
|
||||||
|
|
||||||
|
gzip_vary on;
|
||||||
|
gzip_proxied any;
|
||||||
|
gzip_comp_level 6;
|
||||||
|
gzip_buffers 16 8k;
|
||||||
|
# gzip_http_version 1.1;
|
||||||
|
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
||||||
|
|
||||||
|
##
|
||||||
|
# Virtual Host Configs
|
||||||
|
##
|
||||||
|
server {
|
||||||
|
listen {{ api_interface_address | put_address_in_context('url') }}:{{ skyline_console_listen_port }}{% if skyline_ssl_certfile and skyline_ssl_keyfile %} ssl http2{% endif %} default_server;
|
||||||
|
|
||||||
|
root /var/lib/kolla/venv/lib/python{{ distro_python_version }}/site-packages/skyline_console/static;
|
||||||
|
|
||||||
|
# Add index.php to the list if you are using PHP
|
||||||
|
index index.html;
|
||||||
|
|
||||||
|
server_name _;
|
||||||
|
|
||||||
|
error_page 497 https://$http_host$request_uri;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
# First attempt to serve request as file, then
|
||||||
|
# as directory, then fall back to displaying a 404.
|
||||||
|
try_files $uri $uri/ /index.html;
|
||||||
|
expires 1d;
|
||||||
|
add_header Cache-Control "public";
|
||||||
|
}
|
||||||
|
|
||||||
|
# Service: skyline
|
||||||
|
location {{ skyline_nginx_prefix }}/skyline/ {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ skyline_internal_fqdn | put_address_in_context('url') }}:{{ skyline_apiserver_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ skyline_internal_fqdn | put_address_in_context('url') }}:{{ skyline_apiserver_port }}/ {{ skyline_nginx_prefix }}/skyline/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
|
||||||
|
{% if enable_keystone | bool %}# Region: {{ openstack_region_name }}, Service: keystone
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/keystone {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ keystone_internal_fqdn | put_address_in_context('url') }}:{{ keystone_public_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ keystone_internal_fqdn | put_address_in_context('url') }}:{{ keystone_public_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/keystone/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_glance | bool %}# Region: {{ openstack_region_name }}, Service: glance
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/glance {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ glance_api_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ glance_api_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/glance/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_neutron | bool %}# Region: {{ openstack_region_name }}, Service: neutron
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/neutron {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ neutron_internal_fqdn | put_address_in_context('url') }}:{{ neutron_server_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ neutron_internal_fqdn | put_address_in_context('url') }}:{{ neutron_server_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/neutron/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_nova | bool %}# Region: {{ openstack_region_name }}, Service: nova
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/nova {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ nova_internal_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ nova_internal_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/nova/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_placement | bool %}# Region: {{ openstack_region_name }}, Service: placement
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/placement {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ placement_internal_fqdn | put_address_in_context('url') }}:{{ placement_api_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ placement_internal_fqdn | put_address_in_context('url') }}:{{ placement_api_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/placement/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_cinder | bool %}# Region: {{ openstack_region_name }}, Service: cinder
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/cinder {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ cinder_internal_fqdn | put_address_in_context('url') }}:{{ cinder_api_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ cinder_internal_fqdn | put_address_in_context('url') }}:{{ cinder_api_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/cinder/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_heat | bool %}# Region: {{ openstack_region_name }}, Service: heat
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/heat {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ heat_internal_fqdn | put_address_in_context('url') }}:{{ heat_api_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ heat_internal_fqdn | put_address_in_context('url') }}:{{ heat_api_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/heat/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_octavia | bool %}# Region: {{ openstack_region_name }}, Service: octavia
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/octavia {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ octavia_internal_fqdn | put_address_in_context('url') }}:{{ octavia_api_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ octavia_internal_fqdn | put_address_in_context('url') }}:{{ octavia_api_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/octavia/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_manila | bool %}# Region: {{ openstack_region_name }}, Service: manilav2
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/manilav2 {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ manila_api_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ manila_api_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/manilav2/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_ironic | bool %}# Region: {{ openstack_region_name }}, Service: ironic
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/ironic {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ ironic_internal_fqdn | put_address_in_context('url') }}:{{ ironic_api_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ ironic_internal_fqdn | put_address_in_context('url') }}:{{ ironic_api_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/ironic/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_zun | bool %}# Region: {{ openstack_region_name }}, Service: zun
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/zun {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ zun_api_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ zun_api_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/zun/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_magnum | bool %}# Region: {{ openstack_region_name }}, Service: magnum
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/magnum {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ magnum_api_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ magnum_api_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/magnum/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_trove | bool %}# Region: {{ openstack_region_name }}, Service: trove
|
||||||
|
location {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/trove {
|
||||||
|
proxy_pass {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ trove_api_port }}/;
|
||||||
|
proxy_redirect {{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ trove_api_port }}/ {{ skyline_nginx_prefix }}/{{ openstack_region_name | lower }}/trove/;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
36
ansible/roles/skyline/templates/skyline-apiserver.json.j2
Normal file
36
ansible/roles/skyline/templates/skyline-apiserver.json.j2
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
{
|
||||||
|
"command": "gunicorn -c /etc/skyline/gunicorn.py skyline_apiserver.main:app",
|
||||||
|
"config_files": [
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/skyline.yaml",
|
||||||
|
"dest": "/etc/skyline/skyline.yaml",
|
||||||
|
"owner": "skyline",
|
||||||
|
"perm": "0600"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/gunicorn.py",
|
||||||
|
"dest": "/etc/skyline/gunicorn.py",
|
||||||
|
"owner": "skyline",
|
||||||
|
"perm": "0600"
|
||||||
|
}{% if skyline_enable_tls_backend | bool %},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/skyline-cert.pem",
|
||||||
|
"dest": "/etc/skyline/certs/skyline-cert.pem",
|
||||||
|
"owner": "skyline",
|
||||||
|
"perm": "0600"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/skyline-key.pem",
|
||||||
|
"dest": "/etc/skyline/certs/skyline-key.pem",
|
||||||
|
"owner": "skyline",
|
||||||
|
"perm": "0600"
|
||||||
|
}{% endif %}
|
||||||
|
],
|
||||||
|
"permissions": [
|
||||||
|
{
|
||||||
|
"path": "/var/log/kolla/skyline",
|
||||||
|
"owner": "skyline:skyline",
|
||||||
|
"recurse": true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
36
ansible/roles/skyline/templates/skyline-console.json.j2
Normal file
36
ansible/roles/skyline/templates/skyline-console.json.j2
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
{
|
||||||
|
"command": "nginx",
|
||||||
|
"config_files": [
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/skyline.yaml",
|
||||||
|
"dest": "/etc/skyline/skyline.yaml",
|
||||||
|
"owner": "skyline",
|
||||||
|
"perm": "0600"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/nginx.conf",
|
||||||
|
"dest": "/etc/nginx/nginx.conf",
|
||||||
|
"owner": "skyline",
|
||||||
|
"perm": "0600"
|
||||||
|
}{% if skyline_enable_tls_backend | bool %},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/skyline-cert.pem",
|
||||||
|
"dest": "/etc/skyline/certs/skyline-cert.pem",
|
||||||
|
"owner": "skyline",
|
||||||
|
"perm": "0600"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/skyline-key.pem",
|
||||||
|
"dest": "/etc/skyline/certs/skyline-key.pem",
|
||||||
|
"owner": "skyline",
|
||||||
|
"perm": "0600"
|
||||||
|
}{% endif %}
|
||||||
|
],
|
||||||
|
"permissions": [
|
||||||
|
{
|
||||||
|
"path": "/var/log/kolla/skyline",
|
||||||
|
"owner": "skyline:skyline",
|
||||||
|
"recurse": true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
92
ansible/roles/skyline/templates/skyline.yaml.j2
Normal file
92
ansible/roles/skyline/templates/skyline.yaml.j2
Normal file
@ -0,0 +1,92 @@
|
|||||||
|
default:
|
||||||
|
access_token_expire: {{ skyline_access_token_expire_seconds }}
|
||||||
|
access_token_renew: {{ skyline_access_token_renew_seconds }}
|
||||||
|
cors_allow_origins: {{ skyline_backend_cors_origins }}
|
||||||
|
database_url: mysql://{{ skyline_database_user }}:{{ skyline_database_password }}@{{ skyline_database_address }}/{{ skyline_database_name }}
|
||||||
|
debug: {{ skyline_logging_debug }}
|
||||||
|
log_dir: {{ log_dir }}
|
||||||
|
secret_key: {{ skyline_secret_key }}
|
||||||
|
session_name: {{ skyline_session_name }}
|
||||||
|
openstack:
|
||||||
|
{% if skyline_base_domains_ignore | bool %}
|
||||||
|
base_domains:
|
||||||
|
{% if enable_heat | bool %}
|
||||||
|
- heat_user_domain
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_magnum | bool %}
|
||||||
|
- magnum
|
||||||
|
{% endif %}
|
||||||
|
{% endif %}
|
||||||
|
default_region: {{ openstack_region_name }}
|
||||||
|
extension_mapping:
|
||||||
|
{% if enable_neutron_port_forwarding | bool %}
|
||||||
|
floating-ip-port-forwarding: neutron_port_forwarding
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_neutron_qos | bool %}
|
||||||
|
qos: neutron_qos
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_neutron_vpnaas | bool %}
|
||||||
|
vpnaas: neutron_vpn
|
||||||
|
{% endif %}
|
||||||
|
keystone_url: {{ skyline_keystone_url }}
|
||||||
|
nginx_prefix: {{ skyline_nginx_prefix }}
|
||||||
|
reclaim_instance_interval: {{ skyline_reclaim_instance_interval }}
|
||||||
|
service_mapping:
|
||||||
|
{% if enable_ironic | bool %}
|
||||||
|
baremetal: ironic
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_nova | bool %}
|
||||||
|
compute: nova
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_zun | bool %}
|
||||||
|
container: zun
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_magnum | bool %}
|
||||||
|
container-infra: magnum
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_trove | bool %}
|
||||||
|
database: trove
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_keystone | bool %}
|
||||||
|
identity: keystone
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_glance | bool %}
|
||||||
|
image: glance
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_barbican | bool %}
|
||||||
|
key-manager: barbican
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_octavia | bool %}
|
||||||
|
load-balancer: octavia
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_neutron | bool %}
|
||||||
|
network: neutron
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_swift | bool %}
|
||||||
|
object-store: swift
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_heat | bool %}
|
||||||
|
orchestration: heat
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_placement | bool %}
|
||||||
|
placement: placement
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_manila | bool %}
|
||||||
|
sharev2: manilav2
|
||||||
|
{% endif %}
|
||||||
|
{% if enable_cinder | bool %}
|
||||||
|
volumev3: cinder
|
||||||
|
{% endif %}
|
||||||
|
system_admin_roles:
|
||||||
|
{% for skyline_system_admin_role in skyline_system_admin_roles %}
|
||||||
|
- {{ skyline_system_admin_role }}
|
||||||
|
{% endfor %}
|
||||||
|
system_project: service
|
||||||
|
system_project_domain: {{ default_project_domain_name }}
|
||||||
|
system_reader_roles:
|
||||||
|
{% for skyline_system_reader_role in skyline_system_reader_roles %}
|
||||||
|
- {{ skyline_system_reader_role }}
|
||||||
|
{% endfor %}
|
||||||
|
system_user_domain: {{ default_user_domain_name }}
|
||||||
|
system_user_name: skyline
|
||||||
|
system_user_password: {{ skyline_keystone_password }}
|
2
ansible/roles/skyline/vars/main.yml
Normal file
2
ansible/roles/skyline/vars/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
project_name: "skyline"
|
@ -64,6 +64,7 @@
|
|||||||
- enable_redis_{{ enable_redis | bool }}
|
- enable_redis_{{ enable_redis | bool }}
|
||||||
- enable_sahara_{{ enable_sahara | bool }}
|
- enable_sahara_{{ enable_sahara | bool }}
|
||||||
- enable_senlin_{{ enable_senlin | bool }}
|
- enable_senlin_{{ enable_senlin | bool }}
|
||||||
|
- enable_skyline_{{ enable_skyline | bool }}
|
||||||
- enable_solum_{{ enable_solum | bool }}
|
- enable_solum_{{ enable_solum | bool }}
|
||||||
- enable_swift_{{ enable_swift | bool }}
|
- enable_swift_{{ enable_swift | bool }}
|
||||||
- enable_tacker_{{ enable_tacker | bool }}
|
- enable_tacker_{{ enable_tacker | bool }}
|
||||||
@ -285,6 +286,11 @@
|
|||||||
tasks_from: loadbalancer
|
tasks_from: loadbalancer
|
||||||
tags: senlin
|
tags: senlin
|
||||||
when: enable_senlin | bool
|
when: enable_senlin | bool
|
||||||
|
- include_role:
|
||||||
|
name: skyline
|
||||||
|
tasks_from: loadbalancer
|
||||||
|
tags: skyline
|
||||||
|
when: enable_skyline | bool
|
||||||
- include_role:
|
- include_role:
|
||||||
name: solum
|
name: solum
|
||||||
tasks_from: loadbalancer
|
tasks_from: loadbalancer
|
||||||
@ -987,3 +993,13 @@
|
|||||||
roles:
|
roles:
|
||||||
- { role: venus,
|
- { role: venus,
|
||||||
tags: venus }
|
tags: venus }
|
||||||
|
|
||||||
|
- name: Apply role skyline
|
||||||
|
gather_facts: false
|
||||||
|
hosts:
|
||||||
|
- skyline
|
||||||
|
- '&enable_skyline_True'
|
||||||
|
serial: '{{ kolla_serial|default("0") }}'
|
||||||
|
roles:
|
||||||
|
- { role: skyline,
|
||||||
|
tags: skyline }
|
||||||
|
@ -406,6 +406,7 @@ workaround_ansible_issue_8743: yes
|
|||||||
#enable_redis: "no"
|
#enable_redis: "no"
|
||||||
#enable_sahara: "no"
|
#enable_sahara: "no"
|
||||||
#enable_senlin: "no"
|
#enable_senlin: "no"
|
||||||
|
#enable_skyline: "no"
|
||||||
#enable_solum: "no"
|
#enable_solum: "no"
|
||||||
#enable_swift: "no"
|
#enable_swift: "no"
|
||||||
#enable_swift_s3api: "no"
|
#enable_swift_s3api: "no"
|
||||||
|
@ -174,6 +174,10 @@ masakari_keystone_password:
|
|||||||
|
|
||||||
memcache_secret_key:
|
memcache_secret_key:
|
||||||
|
|
||||||
|
skyline_secret_key:
|
||||||
|
skyline_database_password:
|
||||||
|
skyline_keystone_password:
|
||||||
|
|
||||||
# HMAC secret key
|
# HMAC secret key
|
||||||
osprofiler_secret:
|
osprofiler_secret:
|
||||||
|
|
||||||
|
@ -0,0 +1,3 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- Add skyline ansible role
|
Loading…
Reference in New Issue
Block a user