Fix zun deployment
Configure zun-api to use apache. Fix zun endpoint (tenant_id) causes a 404 error. Fix zun.conf options Change zun port, correct port is 9517 Zun compute need privileged and mount docker lib volume Change-Id: Id9455e7dde62e1994a3f6ae8f30d378e5cda4262 Closes-Bug: #1682165
This commit is contained in:
parent
afdd11b9a2
commit
27b577c484
@ -245,7 +245,7 @@ tacker_server_port: "9890"
|
|||||||
|
|
||||||
fluentd_syslog_port: "5140"
|
fluentd_syslog_port: "5140"
|
||||||
|
|
||||||
zun_api_port: "9512"
|
zun_api_port: "9517"
|
||||||
|
|
||||||
ovsdb_port: "6640"
|
ovsdb_port: "6640"
|
||||||
|
|
||||||
|
@ -16,10 +16,13 @@ zun_services:
|
|||||||
group: zun-compute
|
group: zun-compute
|
||||||
enabled: true
|
enabled: true
|
||||||
image: "{{ zun_compute_image_full }}"
|
image: "{{ zun_compute_image_full }}"
|
||||||
|
privileged: True
|
||||||
volumes:
|
volumes:
|
||||||
- "{{ node_config_directory }}/zun-compute/:{{ container_config_directory }}/:ro"
|
- "{{ node_config_directory }}/zun-compute/:{{ container_config_directory }}/:ro"
|
||||||
- "/etc/localtime:/etc/localtime:ro"
|
- "/etc/localtime:/etc/localtime:ro"
|
||||||
- "kolla_logs:/var/log/kolla/"
|
- "kolla_logs:/var/log/kolla/"
|
||||||
|
- "/run:/run:shared"
|
||||||
|
- "/usr/lib/docker:/usr/lib/docker"
|
||||||
|
|
||||||
####################
|
####################
|
||||||
## Database
|
## Database
|
||||||
@ -44,9 +47,9 @@ zun_api_image_full: "{{ zun_api_image }}:{{ zun_api_tag }}"
|
|||||||
####################
|
####################
|
||||||
## OpenStack
|
## OpenStack
|
||||||
####################
|
####################
|
||||||
zun_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
|
zun_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/"
|
||||||
zun_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
|
zun_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/"
|
||||||
zun_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
|
zun_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ zun_api_port }}/v1/"
|
||||||
|
|
||||||
zun_logging_debug: "{{ openstack_logging_debug }}"
|
zun_logging_debug: "{{ openstack_logging_debug }}"
|
||||||
|
|
||||||
|
@ -12,6 +12,7 @@
|
|||||||
common_options: "{{ docker_common_options }}"
|
common_options: "{{ docker_common_options }}"
|
||||||
name: "{{ service.container_name }}"
|
name: "{{ service.container_name }}"
|
||||||
image: "{{ service.image }}"
|
image: "{{ service.image }}"
|
||||||
|
privileged: "{{ service.privileged | default(False) }}"
|
||||||
volumes: "{{ service.volumes }}"
|
volumes: "{{ service.volumes }}"
|
||||||
when:
|
when:
|
||||||
- action != "config"
|
- action != "config"
|
||||||
@ -19,6 +20,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or zun_conf.changed | bool
|
or zun_conf.changed | bool
|
||||||
|
or zun_conf_wsgi.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_json.changed | bool
|
||||||
or zun_api_container.changed | bool
|
or zun_api_container.changed | bool
|
||||||
|
|
||||||
@ -35,6 +37,7 @@
|
|||||||
common_options: "{{ docker_common_options }}"
|
common_options: "{{ docker_common_options }}"
|
||||||
name: "{{ service.container_name }}"
|
name: "{{ service.container_name }}"
|
||||||
image: "{{ service.image }}"
|
image: "{{ service.image }}"
|
||||||
|
privileged: "{{ service.privileged | default(False) }}"
|
||||||
volumes: "{{ service.volumes }}"
|
volumes: "{{ service.volumes }}"
|
||||||
when:
|
when:
|
||||||
- action != "config"
|
- action != "config"
|
||||||
|
@ -42,6 +42,19 @@
|
|||||||
- Restart zun-api container
|
- Restart zun-api container
|
||||||
- Restart zun-compute container
|
- Restart zun-compute container
|
||||||
|
|
||||||
|
- name: Copying over wsgi-zun files for services
|
||||||
|
vars:
|
||||||
|
service: "{{ zun_services['zun-api'] }}"
|
||||||
|
template:
|
||||||
|
src: "wsgi-zun.conf.j2"
|
||||||
|
dest: "{{ node_config_directory }}/zun-api/wsgi-zun.conf"
|
||||||
|
register: zun_conf_wsgi
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups[service.group]
|
||||||
|
- service.enabled | bool
|
||||||
|
notify:
|
||||||
|
- Restart zun-api container
|
||||||
|
|
||||||
- name: Check if policies shall be overwritten
|
- name: Check if policies shall be overwritten
|
||||||
local_action: stat path="{{ node_custom_config }}/zun/policy.json"
|
local_action: stat path="{{ node_custom_config }}/zun/policy.json"
|
||||||
register: zun_policy
|
register: zun_policy
|
||||||
@ -65,6 +78,7 @@
|
|||||||
common_options: "{{ docker_common_options }}"
|
common_options: "{{ docker_common_options }}"
|
||||||
name: "{{ item.value.container_name }}"
|
name: "{{ item.value.container_name }}"
|
||||||
image: "{{ item.value.image }}"
|
image: "{{ item.value.image }}"
|
||||||
|
privileged: "{{ item.value.privileged | default(False) }}"
|
||||||
volumes: "{{ item.value.volumes }}"
|
volumes: "{{ item.value.volumes }}"
|
||||||
register: check_zun_containers
|
register: check_zun_containers
|
||||||
when:
|
when:
|
||||||
|
25
ansible/roles/zun/templates/wsgi-zun.conf.j2
Normal file
25
ansible/roles/zun/templates/wsgi-zun.conf.j2
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
{% set python_path = '/usr/lib/python2.7/site-packages' if kolla_install_type == 'binary' else '/var/lib/kolla/venv/lib/python2.7/site-packages' %}
|
||||||
|
Listen {{ api_interface_address }}:{{ zun_api_port }}
|
||||||
|
|
||||||
|
<VirtualHost *:{{ zun_api_port }}>
|
||||||
|
|
||||||
|
## Vhost docroot
|
||||||
|
DocumentRoot "/var/www/cgi-bin/zun"
|
||||||
|
|
||||||
|
## Directories, there should at least be a declaration for /var/www/cgi-bin/zun
|
||||||
|
|
||||||
|
<Directory "/var/www/cgi-bin/zun">
|
||||||
|
Options Indexes FollowSymLinks MultiViews
|
||||||
|
AllowOverride None
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
## Logging
|
||||||
|
ErrorLog "/var/log/kolla/zun/zun_api_wsgi_error.log"
|
||||||
|
ServerSignature Off
|
||||||
|
CustomLog "/var/log/kolla/zun/zun_api_wsgi_access.log" combined
|
||||||
|
WSGIApplicationGroup %{GLOBAL}
|
||||||
|
WSGIDaemonProcess zun group=zun processes={{ openstack_service_workers }} threads=1 user=zun python-path={{ python_path }}
|
||||||
|
WSGIProcessGroup zun
|
||||||
|
WSGIScriptAlias / "/var/www/cgi-bin/zun/app.wsgi"
|
||||||
|
</VirtualHost>
|
@ -1,5 +1,7 @@
|
|||||||
|
{% set zun_cmd = 'apache2' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd' %}
|
||||||
|
{% set zun_dir = 'apache2/conf-enabled' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd/conf.d' %}
|
||||||
{
|
{
|
||||||
"command": "zun-api --config-file /etc/zun/zun.conf",
|
"command": "{{ zun_cmd }} -DFOREGROUND",
|
||||||
"config_files": [
|
"config_files": [
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/zun.conf",
|
"source": "{{ container_config_directory }}/zun.conf",
|
||||||
@ -8,16 +10,17 @@
|
|||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/api-paste.ini",
|
"source": "{{ container_config_directory }}/wsgi-zun.conf",
|
||||||
"dest": "/etc/zun/api-paste.ini",
|
"dest": "/etc/{{ zun_dir }}/wsgi-zun.conf",
|
||||||
"owner": "zun",
|
"owner": "root",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/policy.json",
|
||||||
"dest": "/etc/zun/policy.json",
|
"dest": "/etc/zun/policy.json",
|
||||||
"owner": "zun",
|
"owner": "zun",
|
||||||
"perm": "0600"
|
"perm": "0600",
|
||||||
|
"optional": true
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
|
@ -3,10 +3,17 @@ debug = {{ zun_logging_debug }}
|
|||||||
log_dir = /var/log/kolla/zun
|
log_dir = /var/log/kolla/zun
|
||||||
transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||||
|
|
||||||
{% if service_name == 'zun-api' %}
|
container_driver = docker.driver.DockerDriver
|
||||||
osapi_zun_listen = {{ api_interface_address }}
|
image_driver_list = glance
|
||||||
osapi_zun_listen_port = {{ zun_api_port }}
|
db_type = sql
|
||||||
{% endif %}
|
|
||||||
|
[api]
|
||||||
|
host_ip = {{ api_interface_address }}
|
||||||
|
port = {{ zun_api_port }}
|
||||||
|
workers = {{ openstack_service_workers }}
|
||||||
|
|
||||||
|
[compute]
|
||||||
|
topic = zun-compute
|
||||||
|
|
||||||
[database]
|
[database]
|
||||||
connection = mysql+pymysql://{{ zun_database_user }}:{{ zun_database_password }}@{{ zun_database_address }}/{{ zun_database_name }}
|
connection = mysql+pymysql://{{ zun_database_user }}:{{ zun_database_password }}@{{ zun_database_address }}/{{ zun_database_name }}
|
||||||
@ -17,10 +24,9 @@ version = 1
|
|||||||
service_type = container
|
service_type = container
|
||||||
service_name = zun
|
service_name = zun
|
||||||
|
|
||||||
[keystone_authtoken]
|
[keystone_auth]
|
||||||
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
|
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
|
||||||
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
||||||
project_domain_name = Default
|
|
||||||
auth_type = password
|
auth_type = password
|
||||||
project_domain_id = default
|
project_domain_id = default
|
||||||
user_domain_id = default
|
user_domain_id = default
|
||||||
@ -31,3 +37,32 @@ password = {{ zun_keystone_password }}
|
|||||||
memcache_security_strategy = ENCRYPT
|
memcache_security_strategy = ENCRYPT
|
||||||
memcache_secret_key = {{ memcache_secret_key }}
|
memcache_secret_key = {{ memcache_secret_key }}
|
||||||
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||||
|
|
||||||
|
[keystone_authtoken]
|
||||||
|
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
|
||||||
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
||||||
|
auth_type = password
|
||||||
|
project_domain_id = default
|
||||||
|
user_domain_id = default
|
||||||
|
project_name = service
|
||||||
|
username = {{ zun_keystone_user }}
|
||||||
|
password = {{ zun_keystone_password }}
|
||||||
|
service_token_roles_required = True
|
||||||
|
|
||||||
|
memcache_security_strategy = ENCRYPT
|
||||||
|
memcache_secret_key = {{ memcache_secret_key }}
|
||||||
|
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||||
|
|
||||||
|
|
||||||
|
[glance_client]
|
||||||
|
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
|
||||||
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
||||||
|
auth_type = password
|
||||||
|
project_domain_id = default
|
||||||
|
user_domain_id = default
|
||||||
|
project_name = service
|
||||||
|
username = {{ zun_keystone_user }}
|
||||||
|
password = {{ zun_keystone_password }}
|
||||||
|
region_name = {{ openstack_region_name }}
|
||||||
|
endpoint_type = internalURL
|
||||||
|
api_version = 2
|
||||||
|
Loading…
Reference in New Issue
Block a user