From 51c9e1b6338d6f1ab05040e7ed92b051c0a0411b Mon Sep 17 00:00:00 2001
From: Jim Rollenhagen <jim@jimrollenhagen.com>
Date: Tue, 18 Dec 2018 09:42:52 -0500
Subject: [PATCH] Allow nova services to use independent hostnames
This allows nova service endpoints to use custom hostnames, and adds the
following variables:
* nova_internal_fqdn
* nova_external_fqdn
* placement_internal_fqdn
* placement_external_fqdn
* nova_novncproxy_fqdn
* nova_spicehtml5proxy_fqdn
* nova_serialproxy_fqdn
These default to the old values of kolla_internal_fqdn or
kolla_external_fqdn.
This also adds the following variables:
* nova_api_listen_port
* nova_metadata_listen_port
* nova_novncproxy_listen_port
* nova_spicehtml5proxy_listen_port
* nova_serialproxy_listen_port
* placement_api_listen_port
These default to <service>_port, e.g. nova_api_port, for backward
compatibility.
These options allow the user to differentiate between the port the
service listens on, and the port the service is reachable on. This is
useful for external load balancers which live on the same host as the
service itself.
Change-Id: I7bcce56a2138eeadcabac79dd07c8dba1c5af644
Implements: blueprint service-hostnames
---
ansible/group_vars/all.yml | 13 ++++++++
.../neutron/templates/metadata_agent.ini.j2 | 2 +-
ansible/roles/nova/defaults/main.yml | 31 +++++++++++++------
ansible/roles/nova/tasks/precheck.yml | 12 +++----
ansible/roles/nova/templates/nova.conf.j2 | 16 +++++-----
.../nova/templates/placement-api-wsgi.conf.j2 | 4 +--
6 files changed, 52 insertions(+), 26 deletions(-)
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index e5f5c69a9a..b53e135f18 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -272,11 +272,21 @@ murano_api_port: "8082"
neutron_server_port: "9696"
+nova_internal_fqdn: "{{ kolla_internal_fqdn }}"
+nova_external_fqdn: "{{ kolla_external_fqdn }}"
nova_api_port: "8774"
+nova_api_listen_port: "{{ nova_api_port }}"
nova_metadata_port: "8775"
+nova_metadata_listen_port: "{{ nova_metadata_port }}"
+nova_novncproxy_fqdn: "{{ kolla_external_fqdn }}"
nova_novncproxy_port: "6080"
+nova_novncproxy_listen_port: "{{ nova_novncproxy_port }}"
+nova_spicehtml5proxy_fqdn: "{{ kolla_external_fqdn }}"
nova_spicehtml5proxy_port: "6082"
+nova_spicehtml5proxy_listen_port: "{{ nova_spicehtml5proxy_port }}"
+nova_serialproxy_fqdn: "{{ kolla_external_fqdn }}"
nova_serialproxy_port: "6083"
+nova_serialproxy_listen_port: "{{ nova_serialproxy_port }}"
octavia_api_port: "9876"
octavia_health_manager_port: "5555"
@@ -290,7 +300,10 @@ ovsdb_port: "6640"
panko_api_port: "8977"
+placement_internal_fqdn: "{{ kolla_internal_fqdn }}"
+placement_external_fqdn: "{{ kolla_external_fqdn }}"
placement_api_port: "8780"
+placement_api_listen_port: "{{ placement_api_port }}"
prometheus_port: "9091"
prometheus_node_exporter_port: "9100"
diff --git a/ansible/roles/neutron/templates/metadata_agent.ini.j2 b/ansible/roles/neutron/templates/metadata_agent.ini.j2
index 944ba1bcfb..981d86c451 100644
--- a/ansible/roles/neutron/templates/metadata_agent.ini.j2
+++ b/ansible/roles/neutron/templates/metadata_agent.ini.j2
@@ -1,6 +1,6 @@
# metadata_agent.ini
[DEFAULT]
-nova_metadata_host = {{ kolla_internal_fqdn }}
+nova_metadata_host = {{ nova_internal_fqdn }}
nova_metadata_port = {{ nova_metadata_port }}
metadata_proxy_shared_secret = {{ metadata_secret }}
diff --git a/ansible/roles/nova/defaults/main.yml b/ansible/roles/nova/defaults/main.yml
index 10d6f64c9b..cc35dd4eb4 100644
--- a/ansible/roles/nova/defaults/main.yml
+++ b/ansible/roles/nova/defaults/main.yml
@@ -53,11 +53,13 @@ nova_services:
mode: "http"
external: false
port: "{{ placement_api_port }}"
+ listen_port: "{{ placement_api_listen_port }}"
placement_api_external:
enabled: "{{ enable_nova }}"
mode: "http"
external: true
port: "{{ placement_api_port }}"
+ listen_port: "{{ placement_api_listen_port }}"
nova-api:
container_name: "nova_api"
group: "nova-api"
@@ -77,21 +79,25 @@ nova_services:
mode: "http"
external: false
port: "{{ nova_api_port }}"
+ listen_port: "{{ nova_api_listen_port }}"
nova_api_external:
enabled: "{{ enable_nova }}"
mode: "http"
external: true
port: "{{ nova_api_port }}"
+ listen_port: "{{ nova_api_listen_port }}"
nova_metadata:
enabled: "{{ enable_nova }}"
mode: "http"
external: false
port: "{{ nova_metadata_port }}"
+ listen_port: "{{ nova_metadata_listen_port }}"
nova_metadata_external:
enabled: "{{ enable_nova }}"
mode: "http"
external: true
port: "{{ nova_metadata_port }}"
+ listen_port: "{{ nova_metadata_listen_port }}"
nova_rdp:
enabled: "{{ enable_nova|bool and nova_console == 'rdp' }}"
mode: "http"
@@ -126,6 +132,7 @@ nova_services:
mode: "http"
external: false
port: "{{ nova_novncproxy_port }}"
+ listen_port: "{{ nova_novncproxy_listen_port }}"
backend_http_extra:
- "timeout tunnel 1h"
nova_novncproxy_external:
@@ -133,6 +140,7 @@ nova_services:
mode: "http"
external: true
port: "{{ nova_novncproxy_port }}"
+ listen_port: "{{ nova_novncproxy_listen_port }}"
nova-scheduler:
container_name: "nova_scheduler"
group: "nova-scheduler"
@@ -161,11 +169,13 @@ nova_services:
mode: "http"
external: false
port: "{{ nova_spicehtml5proxy_port }}"
+ listen_port: "{{ nova_spicehtml5proxy_listen_port }}"
nova_spicehtml5proxy_external:
enabled: "{{ enable_nova|bool and nova_console == 'spice' }}"
mode: "http"
external: true
port: "{{ nova_spicehtml5proxy_port }}"
+ listen_port: "{{ nova_spicehtml5proxy_listen_port }}"
nova-serialproxy:
container_name: "nova_serialproxy"
group: "nova-serialproxy"
@@ -183,6 +193,7 @@ nova_services:
mode: "http"
external: false
port: "{{ nova_serialproxy_port }}"
+ listen_port: "{{ nova_serialproxy_listen_port }}"
backend_http_extra:
- "timeout tunnel {{ haproxy_nova_serialconsole_proxy_tunnel_timeout }}"
nova_serialconsole_proxy_external:
@@ -190,6 +201,7 @@ nova_services:
mode: "http"
external: true
port: "{{ nova_serialproxy_port }}"
+ listen_port: "{{ nova_serialproxy_listen_port }}"
backend_http_extra:
- "timeout tunnel {{ haproxy_nova_serialconsole_proxy_tunnel_timeout }}"
nova-conductor:
@@ -354,17 +366,18 @@ haproxy_nova_serialconsole_proxy_tunnel_timeout: "10m"
####################
# OpenStack
####################
-nova_legacy_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
-nova_legacy_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
-nova_legacy_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
-nova_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
-nova_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
-nova_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
+nova_legacy_admin_endpoint: "{{ admin_protocol }}://{{ nova_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
+nova_legacy_internal_endpoint: "{{ internal_protocol }}://{{ nova_internal_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
+nova_legacy_public_endpoint: "{{ public_protocol }}://{{ nova_external_fqdn }}:{{ nova_api_port }}/v2/%(tenant_id)s"
-placement_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ placement_api_port }}"
-placement_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ placement_api_port }}"
-placement_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ placement_api_port }}"
+nova_admin_endpoint: "{{ admin_protocol }}://{{ nova_internal_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
+nova_internal_endpoint: "{{ internal_protocol }}://{{ nova_internal_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
+nova_public_endpoint: "{{ public_protocol }}://{{ nova_external_fqdn }}:{{ nova_api_port }}/v2.1/%(tenant_id)s"
+
+placement_admin_endpoint: "{{ admin_protocol }}://{{ placement_internal_fqdn }}:{{ placement_api_port }}"
+placement_internal_endpoint: "{{ internal_protocol }}://{{ placement_internal_fqdn }}:{{ placement_api_port }}"
+placement_public_endpoint: "{{ public_protocol }}://{{ placement_external_fqdn }}:{{ placement_api_port }}"
nova_logging_debug: "{{ openstack_logging_debug }}"
diff --git a/ansible/roles/nova/tasks/precheck.yml b/ansible/roles/nova/tasks/precheck.yml
index 2cc6065679..d20fbb74b2 100644
--- a/ansible/roles/nova/tasks/precheck.yml
+++ b/ansible/roles/nova/tasks/precheck.yml
@@ -26,7 +26,7 @@
nova_api: "{{ nova_services['nova-api'] }}"
wait_for:
host: "{{ api_interface_address }}"
- port: "{{ nova_api_port }}"
+ port: "{{ nova_api_listen_port }}"
connect_timeout: 1
timeout: 1
state: stopped
@@ -40,7 +40,7 @@
nova_api: "{{ nova_services['nova-api'] }}"
wait_for:
host: "{{ api_interface_address }}"
- port: "{{ nova_metadata_port }}"
+ port: "{{ nova_metadata_listen_port }}"
connect_timeout: 1
timeout: 1
state: stopped
@@ -54,7 +54,7 @@
nova_novncproxy: "{{ nova_services['nova-novncproxy'] }}"
wait_for:
host: "{{ api_interface_address }}"
- port: "{{ nova_novncproxy_port }}"
+ port: "{{ nova_novncproxy_listen_port }}"
connect_timeout: 1
timeout: 1
state: stopped
@@ -68,7 +68,7 @@
nova_serialproxy: "{{ nova_services['nova-serialproxy'] }}"
wait_for:
host: "{{ api_interface_address }}"
- port: "{{ nova_serialproxy_port }}"
+ port: "{{ nova_serialproxy_listen_port }}"
connect_timeout: 1
timeout: 1
state: stopped
@@ -82,7 +82,7 @@
nova_spicehtml5proxy: "{{ nova_services['nova-spicehtml5proxy'] }}"
wait_for:
host: "{{ api_interface_address }}"
- port: "{{ nova_spicehtml5proxy_port }}"
+ port: "{{ nova_spicehtml5proxy_listen_port }}"
connect_timeout: 1
timeout: 1
state: stopped
@@ -124,7 +124,7 @@
placement_api: "{{ nova_services['placement-api'] }}"
wait_for:
host: "{{ api_interface_address }}"
- port: "{{ placement_api_port }}"
+ port: "{{ placement_api_listen_port }}"
connect_timeout: 1
timeout: 1
state: stopped
diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2
index 1a4fb39846..540f25f723 100644
--- a/ansible/roles/nova/templates/nova.conf.j2
+++ b/ansible/roles/nova/templates/nova.conf.j2
@@ -7,12 +7,12 @@ log_dir = /var/log/kolla/nova
state_path = /var/lib/nova
osapi_compute_listen = {{ api_interface_address }}
-osapi_compute_listen_port = {{ nova_api_port }}
+osapi_compute_listen_port = {{ nova_api_listen_port }}
osapi_compute_workers = {{ openstack_service_workers }}
metadata_workers = {{ openstack_service_workers }}
metadata_listen = {{ api_interface_address }}
-metadata_listen_port = {{ nova_metadata_port }}
+metadata_listen_port = {{ nova_metadata_listen_port }}
# NOTE(mgoddard): This option has been deprecated but RDO sets a different
# default value for it in /usr/share/nova/nova-dist.conf which causes the
@@ -74,11 +74,11 @@ workers = {{ openstack_service_workers }}
enabled = false
{% else %}
novncproxy_host = {{ api_interface_address }}
-novncproxy_port = {{ nova_novncproxy_port }}
+novncproxy_port = {{ nova_novncproxy_listen_port }}
server_listen = {{ api_interface_address }}
server_proxyclient_address = {{ api_interface_address }}
{% if inventory_hostname in groups['compute'] %}
-novncproxy_base_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_novncproxy_port }}/vnc_auto.html
+novncproxy_base_url = {{ public_protocol }}://{{ nova_novncproxy_fqdn }}:{{ nova_novncproxy_port }}/vnc_auto.html
{% endif %}
{% endif %}
{% elif nova_console == 'spice' %}
@@ -90,10 +90,10 @@ enabled = true
server_listen = {{ api_interface_address }}
server_proxyclient_address = {{ api_interface_address }}
{% if inventory_hostname in groups['compute'] %}
-html5proxy_base_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_spicehtml5proxy_port }}/spice_auto.html
+html5proxy_base_url = {{ public_protocol }}://{{ nova_spicehtml5proxy_fqdn }}:{{ nova_spicehtml5proxy_port }}/spice_auto.html
{% endif %}
html5proxy_host = {{ api_interface_address }}
-html5proxy_port = {{ nova_spicehtml5proxy_port }}
+html5proxy_port = {{ nova_spicehtml5proxy_listen_port }}
{% elif nova_console == 'none' %}
[vnc]
enabled = false
@@ -103,9 +103,9 @@ enabled = false
{% if enable_nova_serialconsole_proxy | bool %}
[serial_console]
enabled = true
-base_url = ws://{{ kolla_external_fqdn }}:{{ nova_serialproxy_port }}/
+base_url = ws://{{ nova_serialproxy_fqdn }}:{{ nova_serialproxy_port }}/
serialproxy_host = {{ api_interface_address }}
-serialproxy_port = {{ nova_serialproxy_port }}
+serialproxy_port = {{ nova_serialproxy_listen_port }}
proxyclient_address = {{ api_interface_address }}
{% endif %}
diff --git a/ansible/roles/nova/templates/placement-api-wsgi.conf.j2 b/ansible/roles/nova/templates/placement-api-wsgi.conf.j2
index 69a20a57f9..7af2e9ae6c 100644
--- a/ansible/roles/nova/templates/placement-api-wsgi.conf.j2
+++ b/ansible/roles/nova/templates/placement-api-wsgi.conf.j2
@@ -1,13 +1,13 @@
{% set log_dir = '/var/log/kolla/nova' %}
{% set python_path = '/usr/lib/python2.7/site-packages' if nova_install_type == 'binary' else '/var/lib/kolla/venv/lib/python2.7/site-packages' %}
{% set wsgi_directory = '/usr/bin' if nova_install_type == 'binary' else '/var/lib/kolla/venv/bin' %}
-Listen {{ api_interface_address }}:{{ placement_api_port }}
+Listen {{ api_interface_address }}:{{ placement_api_listen_port }}
ServerSignature Off
ServerTokens Prod
TraceEnable off
-<VirtualHost *:{{ placement_api_port }}>
+<VirtualHost *:{{ placement_api_listen_port }}>
WSGIDaemonProcess placement-api processes={{ openstack_service_workers }} threads=1 user=nova group=nova display-name=%{GROUP} python-path={{ python_path }}
WSGIProcessGroup placement-api
WSGIScriptAlias / {{ wsgi_directory }}/nova-placement-api