From 6c31bb676d372969d2489ecc7d39f04fa8ba4941 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 24 Apr 2024 17:35:16 +0200 Subject: [PATCH] Drop Murano It's inactive and hasn't produced a 2024.1 release [1]. In addition to that, there's a CVE that hasn't really been patched [2]. Also drop outward_rabbitmq that was used only with Murano. [1]: https://governance.openstack.org/tc/reference/emerging-technology-and-inactive-projects.html#current-inactive-projects [2]: https://lists.openstack.org/archives/list/openstack-announce@lists.openstack.org/thread/4FYM6GSIM5WZSJQIG4TT5Q3UBKQIHLWX/ Change-Id: I691205730b0e10a42ce61f3340cc39ee51bd1010 --- README.rst | 1 - ansible/group_vars/all.yml | 27 +--- ansible/inventory/all-in-one | 13 -- ansible/inventory/multinode | 13 -- ansible/rabbitmq.yml | 69 --------- ansible/roles/common/defaults/main.yml | 2 - ansible/roles/common/tasks/config.yml | 2 - .../templates/conf/filter/01-rewrite.conf.j2 | 5 - .../templates/cron-logrotate-murano.conf.j2 | 3 - .../cron-logrotate-outward-rabbitmq.conf.j2 | 3 - ansible/roles/horizon/defaults/main.yml | 5 - ansible/roles/horizon/tasks/clone.yml | 10 -- ansible/roles/horizon/tasks/config.yml | 1 - .../templates/_9998-kolla-settings.py.j2 | 10 -- ansible/roles/loadbalancer/tasks/precheck.yml | 25 ---- ansible/roles/murano/defaults/main.yml | 140 ------------------ ansible/roles/murano/handlers/main.yml | 31 ---- ansible/roles/murano/tasks/bootstrap.yml | 38 ----- .../roles/murano/tasks/bootstrap_service.yml | 21 --- .../roles/murano/tasks/check-containers.yml | 16 -- ansible/roles/murano/tasks/check.yml | 1 - ansible/roles/murano/tasks/clone.yml | 8 - ansible/roles/murano/tasks/config.yml | 82 ---------- .../roles/murano/tasks/config_validate.yml | 7 - ansible/roles/murano/tasks/copy-certs.yml | 6 - .../roles/murano/tasks/deploy-containers.yml | 2 - ansible/roles/murano/tasks/deploy.yml | 17 --- .../murano/tasks/import_library_packages.yml | 61 -------- ansible/roles/murano/tasks/loadbalancer.yml | 7 - ansible/roles/murano/tasks/main.yml | 2 - ansible/roles/murano/tasks/precheck.yml | 26 ---- ansible/roles/murano/tasks/pull.yml | 3 - ansible/roles/murano/tasks/reconfigure.yml | 2 - ansible/roles/murano/tasks/register.yml | 7 - ansible/roles/murano/tasks/stop.yml | 6 - ansible/roles/murano/tasks/upgrade.yml | 11 -- .../roles/murano/templates/murano-api.json.j2 | 24 --- .../murano/templates/murano-engine.json.j2 | 24 --- ansible/roles/murano/templates/murano.conf.j2 | 119 --------------- ansible/roles/murano/vars/main.yml | 2 - ansible/roles/rabbitmq/defaults/main.yml | 23 --- ansible/roles/rabbitmq/tasks/precheck.yml | 96 ------------ .../rabbitmq/templates/definitions.json.j2 | 16 +- ansible/roles/telegraf/defaults/main.yml | 1 - .../roles/telegraf/templates/telegraf.conf.j2 | 6 - ansible/site.yml | 24 +-- etc/kolla/globals.yml | 5 +- etc/kolla/passwords.yml | 6 - .../notes/drop-murano-51796e817e8331b4.yaml | 6 + tests/templates/inventory.j2 | 13 -- 50 files changed, 13 insertions(+), 1035 deletions(-) delete mode 100644 ansible/roles/common/templates/cron-logrotate-murano.conf.j2 delete mode 100644 ansible/roles/common/templates/cron-logrotate-outward-rabbitmq.conf.j2 delete mode 100644 ansible/roles/murano/defaults/main.yml delete mode 100644 ansible/roles/murano/handlers/main.yml delete mode 100644 ansible/roles/murano/tasks/bootstrap.yml delete mode 100644 ansible/roles/murano/tasks/bootstrap_service.yml delete mode 100644 ansible/roles/murano/tasks/check-containers.yml delete mode 100644 ansible/roles/murano/tasks/check.yml delete mode 100644 ansible/roles/murano/tasks/clone.yml delete mode 100644 ansible/roles/murano/tasks/config.yml delete mode 100644 ansible/roles/murano/tasks/config_validate.yml delete mode 100644 ansible/roles/murano/tasks/copy-certs.yml delete mode 100644 ansible/roles/murano/tasks/deploy-containers.yml delete mode 100644 ansible/roles/murano/tasks/deploy.yml delete mode 100644 ansible/roles/murano/tasks/import_library_packages.yml delete mode 100644 ansible/roles/murano/tasks/loadbalancer.yml delete mode 100644 ansible/roles/murano/tasks/main.yml delete mode 100644 ansible/roles/murano/tasks/precheck.yml delete mode 100644 ansible/roles/murano/tasks/pull.yml delete mode 100644 ansible/roles/murano/tasks/reconfigure.yml delete mode 100644 ansible/roles/murano/tasks/register.yml delete mode 100644 ansible/roles/murano/tasks/stop.yml delete mode 100644 ansible/roles/murano/tasks/upgrade.yml delete mode 100644 ansible/roles/murano/templates/murano-api.json.j2 delete mode 100644 ansible/roles/murano/templates/murano-engine.json.j2 delete mode 100644 ansible/roles/murano/templates/murano.conf.j2 delete mode 100644 ansible/roles/murano/vars/main.yml create mode 100644 releasenotes/notes/drop-murano-51796e817e8331b4.yaml diff --git a/README.rst b/README.rst index 612533fcaa..0d3300c68c 100644 --- a/README.rst +++ b/README.rst @@ -58,7 +58,6 @@ Kolla Ansible deploys containers for the following OpenStack projects: - `Manila `__ - `Masakari `__ (deprecated) - `Mistral `__ -- `Murano `__ - `Neutron `__ - `Nova `__ - `Octavia `__ diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index a102035c5c..64ea14c04c 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -494,12 +494,6 @@ mistral_api_port: "8989" mistral_api_public_port: "{{ haproxy_single_external_frontend_public_port if haproxy_single_external_frontend | bool else mistral_api_port }}" mistral_api_listen_port: "{{ mistral_api_port }}" -murano_internal_fqdn: "{{ kolla_internal_fqdn }}" -murano_external_fqdn: "{{ kolla_external_fqdn }}" -murano_api_port: "8082" -murano_api_public_port: "{{ haproxy_single_external_frontend_public_port if haproxy_single_external_frontend | bool else murano_api_port }}" -murano_api_listen_port: "{{ murano_api_listen_port }}" - neutron_internal_fqdn: "{{ kolla_internal_fqdn }}" neutron_external_fqdn: "{{ kolla_external_fqdn }}" neutron_server_port: "9696" @@ -550,12 +544,6 @@ ovn_sb_db_port: "6642" ovn_nb_connection: "{% for host in groups['ovn-nb-db'] %}tcp:{{ 'api' | kolla_address(host) | put_address_in_context('url') }}:{{ ovn_nb_db_port }}{% if not loop.last %},{% endif %}{% endfor %}" ovn_sb_connection: "{% for host in groups['ovn-sb-db'] %}tcp:{{ 'api' | kolla_address(host) | put_address_in_context('url') }}:{{ ovn_sb_db_port }}{% if not loop.last %},{% endif %}{% endfor %}" -outward_rabbitmq_port: "5674" -outward_rabbitmq_management_port: "15674" -outward_rabbitmq_cluster_port: "25674" -outward_rabbitmq_epmd_port: "4371" -outward_rabbitmq_prometheus_port: "15694" - ovsdb_port: "6640" placement_internal_fqdn: "{{ kolla_internal_fqdn }}" @@ -744,7 +732,6 @@ enable_memcached: "yes" enable_neutron: "{{ enable_openstack_core | bool }}" enable_nova: "{{ enable_openstack_core | bool }}" enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no' }}" -enable_outward_rabbitmq: "{{ enable_murano | bool }}" # NOTE: Most memcached clients handle load-balancing via client side # hashing (consistent or not) logic, so going under the covers and messing @@ -795,7 +782,6 @@ enable_horizon_magnum: "{{ enable_magnum | bool }}" enable_horizon_manila: "{{ enable_manila | bool }}" enable_horizon_masakari: "{{ enable_masakari | bool }}" enable_horizon_mistral: "{{ enable_mistral | bool }}" -enable_horizon_murano: "{{ enable_murano | bool }}" enable_horizon_neutron_vpnaas: "{{ enable_neutron_vpnaas | bool }}" enable_horizon_octavia: "{{ enable_octavia | bool }}" enable_horizon_tacker: "{{ enable_tacker | bool }}" @@ -823,7 +809,6 @@ enable_masakari_instancemonitor: "{{ enable_masakari | bool }}" enable_masakari_hostmonitor: "{{ enable_masakari | bool }}" enable_mistral: "no" enable_multipathd: "no" -enable_murano: "no" enable_neutron_vpnaas: "no" enable_neutron_sriov: "no" enable_neutron_mlnx: "no" @@ -873,7 +858,6 @@ ironic_keystone_user: "ironic" neutron_keystone_user: "neutron" nova_keystone_user: "nova" placement_keystone_user: "placement" -murano_keystone_user: "murano" cinder_keystone_user: "cinder" glance_keystone_user: "glance" @@ -924,8 +908,6 @@ osprofiler_backend_connection_string: "{{ redis_connection_string if osprofiler_ #################### rabbitmq_user: "openstack" rabbitmq_monitoring_user: "" -outward_rabbitmq_user: "openstack" -outward_rabbitmq_external_fqdn: "{{ kolla_external_fqdn }}" # Whether to enable TLS encryption for RabbitMQ client-server communication. rabbitmq_enable_tls: "no" # CA certificate bundle in RabbitMQ container. @@ -1155,17 +1137,10 @@ nova_console: "novnc" ####################### nova_database_shard_id: "{{ mariadb_default_database_shard_id | int }}" -####################### -# Murano options -####################### -murano_agent_rabbitmq_vhost: "muranoagent" -murano_agent_rabbitmq_user: "muranoagent" - - ####################### # Horizon options ####################### -horizon_backend_database: "{{ enable_murano | bool }}" +horizon_backend_database: false horizon_keystone_multidomain: False # Enable deploying custom horizon policy files for services that don't have a diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one index c2f8130542..26fa845a05 100644 --- a/ansible/inventory/all-in-one +++ b/ansible/inventory/all-in-one @@ -65,9 +65,6 @@ control [rabbitmq:children] control -[outward-rabbitmq:children] -control - [keystone:children] control @@ -106,9 +103,6 @@ control [heat:children] control -[murano:children] -control - [ironic:children] control @@ -355,13 +349,6 @@ heat [heat-engine:children] heat -# Murano -[murano-api:children] -murano - -[murano-engine:children] -murano - # Ironic [ironic-api:children] ironic diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode index c59d44f9a7..bc2a9063db 100644 --- a/ansible/inventory/multinode +++ b/ansible/inventory/multinode @@ -89,9 +89,6 @@ control [rabbitmq:children] control -[outward-rabbitmq:children] -control - [keystone:children] control @@ -130,9 +127,6 @@ control [heat:children] control -[murano:children] -control - [ironic:children] control @@ -364,13 +358,6 @@ heat [heat-engine:children] heat -# Murano -[murano-api:children] -murano - -[murano-engine:children] -murano - # Ironic [ironic-api:children] ironic diff --git a/ansible/rabbitmq.yml b/ansible/rabbitmq.yml index 008c40ae16..896d52dd91 100644 --- a/ansible/rabbitmq.yml +++ b/ansible/rabbitmq.yml @@ -68,72 +68,3 @@ vars: role_rabbitmq_cluster_cookie: '{{ rabbitmq_cluster_cookie }}' role_rabbitmq_groups: rabbitmq - -- name: Apply role rabbitmq (outward) - gather_facts: false - hosts: - - outward-rabbitmq - - '&enable_outward_rabbitmq_True' - max_fail_percentage: >- - {{ rabbitmq_max_fail_percentage | - default(kolla_max_fail_percentage) | - default(100) }} - tags: - - rabbitmq - tasks: - - import_role: - name: rabbitmq - vars: - project_name: outward_rabbitmq - role_rabbitmq_cluster_cookie: '{{ outward_rabbitmq_cluster_cookie }}' - role_rabbitmq_cluster_port: '{{ outward_rabbitmq_cluster_port }}' - role_rabbitmq_epmd_port: '{{ outward_rabbitmq_epmd_port }}' - role_rabbitmq_groups: outward-rabbitmq - role_rabbitmq_management_port: '{{ outward_rabbitmq_management_port }}' - role_rabbitmq_password: '{{ outward_rabbitmq_password }}' - role_rabbitmq_port: '{{ outward_rabbitmq_port }}' - role_rabbitmq_prometheus_port: '{{ outward_rabbitmq_prometheus_port }}' - role_rabbitmq_user: '{{ outward_rabbitmq_user }}' - -- name: Restart rabbitmq (outward) services - gather_facts: false - hosts: - - outward_rabbitmq_restart - - '&enable_outward_rabbitmq_True' - # Restart in batches - serial: "33%" - max_fail_percentage: >- - {{ rabbitmq_max_fail_percentage | - default(kolla_max_fail_percentage) | - default(100) }} - tags: - - rabbitmq - tasks: - - import_role: - name: rabbitmq - tasks_from: restart_services.yml - vars: - project_name: outward_rabbitmq - role_rabbitmq_cluster_cookie: '{{ outward_rabbitmq_cluster_cookie }}' - role_rabbitmq_groups: outward-rabbitmq - -- name: Apply rabbitmq (outward) post-configuration - gather_facts: false - hosts: - - outward-rabbitmq - - '&enable_outward_rabbitmq_True' - max_fail_percentage: >- - {{ rabbitmq_max_fail_percentage | - default(kolla_max_fail_percentage) | - default(100) }} - tags: - - rabbitmq - tasks: - - name: Include rabbitmq (outward) post-deploy.yml - include_role: - name: rabbitmq - when: kolla_action in ['deploy', 'reconfigure'] - vars: - project_name: outward_rabbitmq - role_rabbitmq_cluster_cookie: '{{ outward_rabbitmq_cluster_cookie }}' - role_rabbitmq_groups: outward-rabbitmq diff --git a/ansible/roles/common/defaults/main.yml b/ansible/roles/common/defaults/main.yml index 3e14d7db81..ef71a2572d 100644 --- a/ansible/roles/common/defaults/main.yml +++ b/ansible/roles/common/defaults/main.yml @@ -176,8 +176,6 @@ fluentd_input_openstack_services: enabled: "{{ enable_masakari | bool }}" - name: mistral enabled: "{{ enable_mistral | bool }}" - - name: murano - enabled: "{{ enable_murano | bool }}" - name: neutron enabled: "{{ enable_neutron | bool }}" - name: nova diff --git a/ansible/roles/common/tasks/config.yml b/ansible/roles/common/tasks/config.yml index f334b37e8c..20a44f5aa1 100644 --- a/ansible/roles/common/tasks/config.yml +++ b/ansible/roles/common/tasks/config.yml @@ -240,7 +240,6 @@ - { name: "mariadb", enabled: "{{ enable_mariadb | bool }}" } - { name: "masakari", enabled: "{{ enable_masakari | bool }}" } - { name: "mistral", enabled: "{{ enable_mistral | bool }}" } - - { name: "murano", enabled: "{{ enable_murano | bool }}" } - { name: "neutron", enabled: "{{ enable_neutron | bool }}" } - { name: "neutron-tls-proxy", enabled: "{{ neutron_enable_tls_backend | bool }}" } - { name: "nova", enabled: "{{ enable_nova | bool }}" } @@ -248,7 +247,6 @@ - { name: "octavia", enabled: "{{ enable_octavia | bool }}" } - { name: "opensearch", enabled: "{{ enable_opensearch | bool or enable_opensearch_dashboards | bool }}" } - { name: "openvswitch", enabled: "{{ enable_openvswitch | bool }}" } - - { name: "outward-rabbitmq", enabled: "{{ enable_outward_rabbitmq | bool }}" } - { name: "placement", enabled: "{{ enable_placement | bool }}" } - { name: "prometheus", enabled: "{{ enable_prometheus | bool }}" } - { name: "proxysql", enabled: "{{ enable_proxysql | bool }}" } diff --git a/ansible/roles/common/templates/conf/filter/01-rewrite.conf.j2 b/ansible/roles/common/templates/conf/filter/01-rewrite.conf.j2 index 8f0ececae6..f68293d5d0 100644 --- a/ansible/roles/common/templates/conf/filter/01-rewrite.conf.j2 +++ b/ansible/roles/common/templates/conf/filter/01-rewrite.conf.j2 @@ -91,11 +91,6 @@ pattern ^(trove-api|trove-conductor|trove-manage|trove-taskmanager)$ tag openstack_python - - key programname - pattern ^(murano-api|murano-engine)$ - tag openstack_python - key programname pattern ^(watcher-api|watcher-applier|watcher-db-manage|watcher-decision-engine)$ diff --git a/ansible/roles/common/templates/cron-logrotate-murano.conf.j2 b/ansible/roles/common/templates/cron-logrotate-murano.conf.j2 deleted file mode 100644 index ab33090192..0000000000 --- a/ansible/roles/common/templates/cron-logrotate-murano.conf.j2 +++ /dev/null @@ -1,3 +0,0 @@ -"/var/log/kolla/murano/*.log" -{ -} diff --git a/ansible/roles/common/templates/cron-logrotate-outward-rabbitmq.conf.j2 b/ansible/roles/common/templates/cron-logrotate-outward-rabbitmq.conf.j2 deleted file mode 100644 index 34c1ac0b8d..0000000000 --- a/ansible/roles/common/templates/cron-logrotate-outward-rabbitmq.conf.j2 +++ /dev/null @@ -1,3 +0,0 @@ -"/var/log/kolla/outward-rabbitmq/*.log" -{ -} diff --git a/ansible/roles/horizon/defaults/main.yml b/ansible/roles/horizon/defaults/main.yml index d536a787f2..1a5e44846c 100644 --- a/ansible/roles/horizon/defaults/main.yml +++ b/ansible/roles/horizon/defaults/main.yml @@ -15,7 +15,6 @@ horizon_services: ENABLE_MANILA: "{{ 'yes' if enable_horizon_manila | bool else 'no' }}" ENABLE_MASAKARI: "{{ 'yes' if enable_horizon_masakari | bool else 'no' }}" ENABLE_MISTRAL: "{{ 'yes' if enable_horizon_mistral | bool else 'no' }}" - ENABLE_MURANO: "{{ 'yes' if enable_horizon_murano | bool else 'no' }}" ENABLE_NEUTRON_VPNAAS: "{{ 'yes' if enable_horizon_neutron_vpnaas | bool else 'no' }}" ENABLE_OCTAVIA: "{{ 'yes' if enable_horizon_octavia | bool else 'no' }}" ENABLE_TACKER: "{{ 'yes' if enable_horizon_tacker | bool else 'no' }}" @@ -125,7 +124,6 @@ horizon_default_volumes: - "{{ node_config_directory }}/horizon/:{{ container_config_directory }}/:ro" - "{{ kolla_dev_repos_directory ~ '/horizon/horizon:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/horizon' if horizon_dev_mode | bool else '' }}" - "{{ kolla_dev_repos_directory ~ '/horizon/openstack_dashboard:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/openstack_dashboard' if horizon_dev_mode | bool else '' }}" - - "{{ kolla_dev_repos_directory ~ '/murano-dashboard/muranodashboard:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/muranodashboard' if horizon_murano_dev_mode | bool else '' }}" - "/etc/localtime:/etc/localtime:ro" - "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}" - "kolla_logs:/var/log/kolla/" @@ -151,13 +149,10 @@ horizon_wsgi_threads: 1 # Kolla #################### horizon_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}" -murano_dashboard_git_repository: "{{ kolla_dev_repos_git }}/murano-dashboard" horizon_dev_repos_pull: "{{ kolla_dev_repos_pull }}" horizon_dev_mode: "{{ kolla_dev_mode }}" -horizon_murano_dev_mode: "{{ kolla_dev_mode }}" horizon_source_version: "{{ kolla_source_version }}" -horizon_murano_source_version: "{{ kolla_source_version }}" # This variable was created for administrators to define which one of the Keystone's URLs should be configured in Horizon. # In some cases, such as when using OIDC, horizon will need to be configured with Keystone's public URL. diff --git a/ansible/roles/horizon/tasks/clone.yml b/ansible/roles/horizon/tasks/clone.yml index 6e03a95296..19ded83ee4 100644 --- a/ansible/roles/horizon/tasks/clone.yml +++ b/ansible/roles/horizon/tasks/clone.yml @@ -6,13 +6,3 @@ dest: "{{ kolla_dev_repos_directory }}/{{ project_name }}" update: "{{ horizon_dev_repos_pull }}" version: "{{ horizon_source_version }}" - -- name: Cloning murano-dashboard source repositories for development - become: true - git: - repo: "{{ murano_dashboard_git_repository }}" - dest: "{{ kolla_dev_repos_directory }}/murano-dashboard" - update: "{{ horizon_dev_repos_pull }}" - version: "{{ horizon_murano_source_version }}" - when: - - horizon_murano_dev_mode | bool diff --git a/ansible/roles/horizon/tasks/config.yml b/ansible/roles/horizon/tasks/config.yml index 24665d5b1a..912c078ff1 100644 --- a/ansible/roles/horizon/tasks/config.yml +++ b/ansible/roles/horizon/tasks/config.yml @@ -33,7 +33,6 @@ - { name: "manila", enabled: "{{ enable_horizon_manila }}" } - { name: "masakari", enabled: "{{ enable_horizon_masakari }}" } - { name: "mistral", enabled: "{{ enable_horizon_mistral }}" } - - { name: "murano", enabled: "{{ enable_horizon_murano }}" } - { name: "neutron", enabled: "{{ enable_neutron_horizon_policy_file }}" } - { name: "nova", enabled: "{{ enable_nova_horizon_policy_file }}" } - { name: "octavia", enabled: "{{ enable_horizon_octavia }}" } diff --git a/ansible/roles/horizon/templates/_9998-kolla-settings.py.j2 b/ansible/roles/horizon/templates/_9998-kolla-settings.py.j2 index 66c786a730..71a46acf12 100644 --- a/ansible/roles/horizon/templates/_9998-kolla-settings.py.j2 +++ b/ansible/roles/horizon/templates/_9998-kolla-settings.py.j2 @@ -378,13 +378,3 @@ REST_API_REQUIRED_SETTINGS = [ 'OPENSTACK_KEYSTONE_DEFAULT_DOMAIN', ] -{% if enable_murano | bool and enable_barbican | bool %} -KEY_MANAGER = { - 'auth_url': '{{ keystone_internal_url }}', - 'username': '{{ murano_keystone_user }}', - 'user_domain_name': '{{ default_project_domain_name }}', - 'password': '{{ murano_keystone_password }}', - 'project_name': 'service', - 'project_domain_name': '{{ default_project_domain_name }}' -} -{% endif %} diff --git a/ansible/roles/loadbalancer/tasks/precheck.yml b/ansible/roles/loadbalancer/tasks/precheck.yml index d3974d6dcf..b8ced61e0a 100644 --- a/ansible/roles/loadbalancer/tasks/precheck.yml +++ b/ansible/roles/loadbalancer/tasks/precheck.yml @@ -518,19 +518,6 @@ - haproxy_stat.find('mistral_api') == -1 - haproxy_vip_prechecks -- name: Checking free port for Murano API HAProxy - wait_for: - host: "{{ kolla_internal_vip_address }}" - port: "{{ murano_api_port }}" - connect_timeout: 1 - timeout: 1 - state: stopped - when: - - enable_murano | bool - - inventory_hostname in groups['loadbalancer'] - - haproxy_stat.find('murano_api') == -1 - - haproxy_vip_prechecks - - name: Checking free port for Neutron Server HAProxy wait_for: host: "{{ kolla_internal_vip_address }}" @@ -677,18 +664,6 @@ - haproxy_stat.find('rabbitmq_management') == -1 - haproxy_vip_prechecks -- name: Checking free port for outward RabbitMQ Management HAProxy - wait_for: - host: "{{ kolla_internal_vip_address }}" - port: "{{ outward_rabbitmq_management_port }}" - connect_timeout: 1 - state: stopped - when: - - enable_outward_rabbitmq | bool - - inventory_hostname in groups['loadbalancer'] - - haproxy_stat.find('outward_rabbitmq_management') == -1 - - haproxy_vip_prechecks - - name: Checking free port for Swift Proxy Server HAProxy wait_for: host: "{{ kolla_internal_vip_address }}" diff --git a/ansible/roles/murano/defaults/main.yml b/ansible/roles/murano/defaults/main.yml deleted file mode 100644 index 7446518e62..0000000000 --- a/ansible/roles/murano/defaults/main.yml +++ /dev/null @@ -1,140 +0,0 @@ ---- -murano_services: - murano-api: - container_name: murano_api - group: murano-api - enabled: true - image: "{{ murano_api_image_full }}" - volumes: "{{ murano_api_default_volumes + murano_api_extra_volumes }}" - dimensions: "{{ murano_api_dimensions }}" - haproxy: - murano_api: - enabled: "{{ enable_murano }}" - mode: "http" - external: false - port: "{{ murano_api_port }}" - listen_port: "{{ murano_api_listen_port }}" - murano_api_external: - enabled: "{{ enable_murano }}" - mode: "http" - external: true - external_fqdn: "{{ murano_external_fqdn }}" - port: "{{ murano_api_public_port }}" - listen_port: "{{ murano_api_listen_port }}" - murano-engine: - container_name: murano_engine - group: murano-engine - enabled: true - image: "{{ murano_engine_image_full }}" - volumes: "{{ murano_engine_default_volumes + murano_engine_extra_volumes }}" - dimensions: "{{ murano_engine_dimensions }}" - -#################### -# Config Validate -#################### -murano_config_validation: - - generator: "/murano/etc/oslo-config-generator/murano.conf" - config: "/etc/murano/murano.conf" - -#################### -# Database -#################### -murano_database_name: "murano" -murano_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}murano{% endif %}" -murano_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}" - -#################### -# Database sharding -#################### -murano_database_shard_root_user: "{% if enable_proxysql | bool %}root_shard_{{ murano_database_shard_id }}{% else %}{{ database_user }}{% endif %}" -murano_database_shard_id: "{{ mariadb_default_database_shard_id | int }}" -murano_database_shard: - users: - - user: "{{ murano_database_user }}" - password: "{{ murano_database_password }}" - rules: - - schema: "{{ murano_database_name }}" - shard_id: "{{ murano_database_shard_id }}" - - -#################### -# Docker -#################### -murano_tag: "{{ openstack_tag }}" - -murano_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/murano-api" -murano_api_tag: "{{ murano_tag }}" -murano_api_image_full: "{{ murano_api_image }}:{{ murano_api_tag }}" - -murano_engine_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/murano-engine" -murano_engine_tag: "{{ murano_tag }}" -murano_engine_image_full: "{{ murano_engine_image }}:{{ murano_engine_tag }}" - -murano_api_dimensions: "{{ default_container_dimensions }}" -murano_engine_dimensions: "{{ default_container_dimensions }}" - -murano_api_default_volumes: - - "{{ node_config_directory }}/murano-api/:{{ container_config_directory }}/:ro" - - "{{ kolla_dev_repos_directory ~ '/murano/murano:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/murano' if murano_dev_mode | bool else '' }}" - - "/etc/localtime:/etc/localtime:ro" - - "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}" - - "kolla_logs:/var/log/kolla/" -murano_engine_default_volumes: - - "{{ node_config_directory }}/murano-engine/:{{ container_config_directory }}/:ro" - - "{{ kolla_dev_repos_directory ~ '/murano/murano:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/murano' if murano_dev_mode | bool else '' }}" - - "/etc/localtime:/etc/localtime:ro" - - "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}" - - "kolla_logs:/var/log/kolla/" - -murano_extra_volumes: "{{ default_extra_volumes }}" -murano_api_extra_volumes: "{{ murano_extra_volumes }}" -murano_engine_extra_volumes: "{{ murano_extra_volumes }}" - -#################### -# OpenStack -#################### -murano_internal_endpoint: "{{ murano_internal_fqdn | kolla_url(internal_protocol, murano_api_port) }}" -murano_public_endpoint: "{{ murano_external_fqdn | kolla_url(public_protocol, murano_api_public_port) }}" - -murano_logging_debug: "{{ openstack_logging_debug }}" - -openstack_murano_auth: "{{ openstack_auth }}" - -murano_agent_timeout: 3600 - -murano_engine_workers: "{{ openstack_service_workers }}" -murano_api_workers: "{{ openstack_service_workers }}" - -#################### -# Kolla -#################### -murano_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}" -murano_dev_repos_pull: "{{ kolla_dev_repos_pull }}" -murano_dev_mode: "{{ kolla_dev_mode }}" -murano_source_version: "{{ kolla_source_version }}" - -#################### -# Notifications -#################### -murano_notification_topics: - - name: notifications - enabled: "{{ enable_ceilometer | bool }}" - -murano_enabled_notification_topics: "{{ murano_notification_topics | selectattr('enabled', 'equalto', true) | list }}" - -#################### -# Keystone -#################### -murano_ks_services: - - name: "murano" - type: "application-catalog" - description: "Openstack Application Catalogue" - endpoints: - - {'interface': 'internal', 'url': '{{ murano_internal_endpoint }}'} - - {'interface': 'public', 'url': '{{ murano_public_endpoint }}'} - -murano_ks_users: - - project: "service" - user: "{{ murano_keystone_user }}" - password: "{{ murano_keystone_password }}" - role: "admin" diff --git a/ansible/roles/murano/handlers/main.yml b/ansible/roles/murano/handlers/main.yml deleted file mode 100644 index a90d8cd9e6..0000000000 --- a/ansible/roles/murano/handlers/main.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: Restart murano-api container - vars: - service_name: "murano-api" - service: "{{ murano_services[service_name] }}" - become: true - kolla_container: - action: "recreate_or_restart_container" - common_options: "{{ docker_common_options }}" - name: "{{ service.container_name }}" - image: "{{ service.image }}" - volumes: "{{ service.volumes }}" - dimensions: "{{ service.dimensions }}" - when: - - kolla_action != "config" - -- name: Restart murano-engine container - vars: - service_name: "murano-engine" - service: "{{ murano_services[service_name] }}" - become: true - kolla_container: - action: "recreate_or_restart_container" - common_options: "{{ docker_common_options }}" - name: "{{ service.container_name }}" - image: "{{ service.image }}" - privileged: "{{ service.privileged | default(False) }}" - volumes: "{{ service.volumes }}" - dimensions: "{{ service.dimensions }}" - when: - - kolla_action != "config" diff --git a/ansible/roles/murano/tasks/bootstrap.yml b/ansible/roles/murano/tasks/bootstrap.yml deleted file mode 100644 index fd29f18597..0000000000 --- a/ansible/roles/murano/tasks/bootstrap.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -- name: Creating Murano database - become: true - kolla_toolbox: - container_engine: "{{ kolla_container_engine }}" - module_name: mysql_db - module_args: - login_host: "{{ database_address }}" - login_port: "{{ database_port }}" - login_user: "{{ murano_database_shard_root_user }}" - login_password: "{{ database_password }}" - name: "{{ murano_database_name }}" - run_once: True - delegate_to: "{{ groups['murano-api'][0] }}" - when: - - not use_preconfigured_databases | bool - -- name: Creating Murano database user and setting permissions - become: true - kolla_toolbox: - container_engine: "{{ kolla_container_engine }}" - module_name: mysql_user - module_args: - login_host: "{{ database_address }}" - login_port: "{{ database_port }}" - login_user: "{{ murano_database_shard_root_user }}" - login_password: "{{ database_password }}" - name: "{{ murano_database_user }}" - password: "{{ murano_database_password }}" - host: "%" - priv: "{{ murano_database_name }}.*:ALL" - append_privs: "yes" - run_once: True - delegate_to: "{{ groups['murano-api'][0] }}" - when: - - not use_preconfigured_databases | bool - -- import_tasks: bootstrap_service.yml diff --git a/ansible/roles/murano/tasks/bootstrap_service.yml b/ansible/roles/murano/tasks/bootstrap_service.yml deleted file mode 100644 index f31349769d..0000000000 --- a/ansible/roles/murano/tasks/bootstrap_service.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- name: Running Murano bootstrap container - become: true - kolla_container: - action: "start_container" - common_options: "{{ docker_common_options }}" - detach: False - environment: - KOLLA_BOOTSTRAP: - KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" - image: "{{ murano_api_image_full }}" - labels: - BOOTSTRAP: - name: "bootstrap_murano" - restart_policy: oneshot - volumes: - - "{{ node_config_directory }}/murano-api/:{{ container_config_directory }}/:ro" - - "/etc/localtime:/etc/localtime:ro" - - "kolla_logs:/var/log/kolla/" - run_once: True - delegate_to: "{{ groups['murano-api'][0] }}" diff --git a/ansible/roles/murano/tasks/check-containers.yml b/ansible/roles/murano/tasks/check-containers.yml deleted file mode 100644 index 76ee8c0300..0000000000 --- a/ansible/roles/murano/tasks/check-containers.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: Check murano containers - become: true - kolla_container: - action: "compare_container" - common_options: "{{ docker_common_options }}" - name: "{{ item.value.container_name }}" - image: "{{ item.value.image }}" - volumes: "{{ item.value.volumes }}" - dimensions: "{{ item.value.dimensions }}" - when: - - inventory_hostname in groups[item.value.group] - - item.value.enabled | bool - with_dict: "{{ murano_services }}" - notify: - - "Restart {{ item.key }} container" diff --git a/ansible/roles/murano/tasks/check.yml b/ansible/roles/murano/tasks/check.yml deleted file mode 100644 index ed97d539c0..0000000000 --- a/ansible/roles/murano/tasks/check.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/ansible/roles/murano/tasks/clone.yml b/ansible/roles/murano/tasks/clone.yml deleted file mode 100644 index d284a1b13a..0000000000 --- a/ansible/roles/murano/tasks/clone.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Cloning source repositories for development - become: true - git: - repo: "{{ murano_git_repository }}" - dest: "{{ kolla_dev_repos_directory }}/{{ project_name }}" - update: "{{ murano_dev_repos_pull }}" - version: "{{ murano_source_version }}" diff --git a/ansible/roles/murano/tasks/config.yml b/ansible/roles/murano/tasks/config.yml deleted file mode 100644 index 8f26465784..0000000000 --- a/ansible/roles/murano/tasks/config.yml +++ /dev/null @@ -1,82 +0,0 @@ ---- -- name: Ensuring config directories exist - file: - path: "{{ node_config_directory }}/{{ item.key }}" - state: "directory" - owner: "{{ config_owner_user }}" - group: "{{ config_owner_group }}" - mode: "0770" - become: true - when: - - inventory_hostname in groups[item.value.group] - - item.value.enabled | bool - with_dict: "{{ murano_services }}" - -- name: Check if policies shall be overwritten - stat: - path: "{{ item }}" - delegate_to: localhost - run_once: True - register: murano_policy - with_first_found: - - files: "{{ supported_policy_format_list }}" - paths: - - "{{ node_custom_config }}/murano/" - skip: true - -- name: Set murano policy file - set_fact: - murano_policy_file: "{{ murano_policy.results.0.stat.path | basename }}" - murano_policy_file_path: "{{ murano_policy.results.0.stat.path }}" - when: - - murano_policy.results - -- include_tasks: copy-certs.yml - when: - - kolla_copy_ca_into_containers | bool - -- name: Copying over config.json files for services - template: - src: "{{ item.key }}.json.j2" - dest: "{{ node_config_directory }}/{{ item.key }}/config.json" - mode: "0660" - become: true - when: - - inventory_hostname in groups[item.value.group] - - item.value.enabled | bool - with_dict: "{{ murano_services }}" - notify: - - "Restart {{ item.key }} container" - -- name: Copying over murano.conf - vars: - service_name: "{{ item.key }}" - merge_configs: - sources: - - "{{ role_path }}/templates/murano.conf.j2" - - "{{ node_custom_config }}/global.conf" - - "{{ node_custom_config }}/murano.conf" - - "{{ node_custom_config }}/murano/{{ item.key }}.conf" - - "{{ node_custom_config }}/murano/{{ inventory_hostname }}/murano.conf" - dest: "{{ node_config_directory }}/{{ item.key }}/murano.conf" - mode: "0660" - become: true - when: - - inventory_hostname in groups[item.value.group] - - item.value.enabled | bool - with_dict: "{{ murano_services }}" - notify: - - "Restart {{ item.key }} container" - -- name: Copying over existing policy file - template: - src: "{{ murano_policy_file_path }}" - dest: "{{ node_config_directory }}/{{ item.key }}/{{ murano_policy_file }}" - mode: "0660" - when: - - murano_policy_file is defined - - inventory_hostname in groups[item.value.group] - - item.value.enabled | bool - with_dict: "{{ murano_services }}" - notify: - - "Restart {{ item.key }} container" diff --git a/ansible/roles/murano/tasks/config_validate.yml b/ansible/roles/murano/tasks/config_validate.yml deleted file mode 100644 index 03f5facbb1..0000000000 --- a/ansible/roles/murano/tasks/config_validate.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- import_role: - name: service-config-validate - vars: - service_config_validate_services: "{{ murano_services }}" - service_name: "{{ project_name }}" - service_config_validation: "{{ murano_config_validation }}" diff --git a/ansible/roles/murano/tasks/copy-certs.yml b/ansible/roles/murano/tasks/copy-certs.yml deleted file mode 100644 index f3dcc6dd6b..0000000000 --- a/ansible/roles/murano/tasks/copy-certs.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: "Copy certificates and keys for {{ project_name }}" - import_role: - role: service-cert-copy - vars: - project_services: "{{ murano_services }}" diff --git a/ansible/roles/murano/tasks/deploy-containers.yml b/ansible/roles/murano/tasks/deploy-containers.yml deleted file mode 100644 index eb24ab5c7a..0000000000 --- a/ansible/roles/murano/tasks/deploy-containers.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- import_tasks: check-containers.yml diff --git a/ansible/roles/murano/tasks/deploy.yml b/ansible/roles/murano/tasks/deploy.yml deleted file mode 100644 index a039004dd7..0000000000 --- a/ansible/roles/murano/tasks/deploy.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- import_tasks: register.yml - -- import_tasks: config.yml - -- import_tasks: check-containers.yml - -- include_tasks: clone.yml - when: - - murano_dev_mode | bool - -- import_tasks: bootstrap.yml - -- name: Flush handlers - meta: flush_handlers - -- import_tasks: import_library_packages.yml diff --git a/ansible/roles/murano/tasks/import_library_packages.yml b/ansible/roles/murano/tasks/import_library_packages.yml deleted file mode 100644 index 4b9df1cbeb..0000000000 --- a/ansible/roles/murano/tasks/import_library_packages.yml +++ /dev/null @@ -1,61 +0,0 @@ ---- -- name: Waiting for Murano API service to be ready on first node - wait_for: - host: "{{ api_interface_address }}" - port: "{{ murano_api_port }}" - connect_timeout: 1 - timeout: 60 - run_once: True - register: check_murano_port - until: check_murano_port is success - retries: 10 - delay: 6 - delegate_to: "{{ groups['murano-api'][0] }}" - -- name: Checking if Murano core and applications library packages exist - become: true - command: > - {{ kolla_container_engine }} exec murano_api murano - --os-username {{ openstack_auth.username }} - --os-password {{ openstack_auth.password }} - --os-project-name {{ openstack_auth.project_name }} - {% if openstack_cacert != '' %}--os-cacert {{ openstack_cacert }}{% endif %} - --os-auth-url {{ openstack_auth.auth_url }} - --murano-url {{ murano_internal_endpoint }} - package-list - register: status - changed_when: False - run_once: True - delegate_to: "{{ groups['murano-api'][0] }}" - -- name: Importing Murano core library package - become: true - command: > - {{ kolla_container_engine }} exec murano_api murano - --os-username {{ openstack_auth.username }} - --os-password {{ openstack_auth.password }} - --os-project-name {{ openstack_auth.project_name }} - {% if openstack_cacert != '' %}--os-cacert {{ openstack_cacert }}{% endif %} - --os-auth-url {{ openstack_auth.auth_url }} - --murano-url {{ murano_internal_endpoint }} - package-import --exists-action u --is-public /io.murano.zip - run_once: True - delegate_to: "{{ groups['murano-api'][0] }}" - when: - - status.stdout.find("io.murano") == -1 or kolla_action == "upgrade" - -- name: Importing Murano applications library package - become: true - command: > - {{ kolla_container_engine }} exec murano_api murano - --os-username {{ openstack_auth.username }} - --os-password {{ openstack_auth.password }} - --os-project-name {{ openstack_auth.project_name }} - {% if openstack_cacert != '' %}--os-cacert {{ openstack_cacert }}{% endif %} - --os-auth-url {{ openstack_auth.auth_url }} - --murano-url {{ murano_internal_endpoint }} - package-import --exists-action u --is-public /io.murano.applications.zip - run_once: True - delegate_to: "{{ groups['murano-api'][0] }}" - when: - - status.stdout.find("io.murano.applications") == -1 or kolla_action == "upgrade" diff --git a/ansible/roles/murano/tasks/loadbalancer.yml b/ansible/roles/murano/tasks/loadbalancer.yml deleted file mode 100644 index 215d32c461..0000000000 --- a/ansible/roles/murano/tasks/loadbalancer.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: "Configure loadbalancer for {{ project_name }}" - import_role: - name: loadbalancer-config - vars: - project_services: "{{ murano_services }}" - tags: always diff --git a/ansible/roles/murano/tasks/main.yml b/ansible/roles/murano/tasks/main.yml deleted file mode 100644 index bc5d1e6257..0000000000 --- a/ansible/roles/murano/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- include_tasks: "{{ kolla_action }}.yml" diff --git a/ansible/roles/murano/tasks/precheck.yml b/ansible/roles/murano/tasks/precheck.yml deleted file mode 100644 index 602eb3bf74..0000000000 --- a/ansible/roles/murano/tasks/precheck.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -- import_role: - name: service-precheck - vars: - service_precheck_services: "{{ murano_services }}" - service_name: "{{ project_name }}" - -- name: Get container facts - become: true - kolla_container_facts: - container_engine: "{{ kolla_container_engine }}" - name: - - murano_api - check_mode: false - register: container_facts - -- name: Checking free port for Murano API - wait_for: - host: "{{ api_interface_address }}" - port: "{{ murano_api_port }}" - connect_timeout: 1 - timeout: 1 - state: stopped - when: - - container_facts['murano_api'] is not defined - - inventory_hostname in groups['murano-api'] diff --git a/ansible/roles/murano/tasks/pull.yml b/ansible/roles/murano/tasks/pull.yml deleted file mode 100644 index 53f9c5fda1..0000000000 --- a/ansible/roles/murano/tasks/pull.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- import_role: - role: service-images-pull diff --git a/ansible/roles/murano/tasks/reconfigure.yml b/ansible/roles/murano/tasks/reconfigure.yml deleted file mode 100644 index 5b10a7e111..0000000000 --- a/ansible/roles/murano/tasks/reconfigure.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- import_tasks: deploy.yml diff --git a/ansible/roles/murano/tasks/register.yml b/ansible/roles/murano/tasks/register.yml deleted file mode 100644 index 2b10a818a0..0000000000 --- a/ansible/roles/murano/tasks/register.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- import_role: - name: service-ks-register - vars: - service_ks_register_auth: "{{ openstack_murano_auth }}" - service_ks_register_services: "{{ murano_ks_services }}" - service_ks_register_users: "{{ murano_ks_users }}" diff --git a/ansible/roles/murano/tasks/stop.yml b/ansible/roles/murano/tasks/stop.yml deleted file mode 100644 index 8e110ef997..0000000000 --- a/ansible/roles/murano/tasks/stop.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- import_role: - name: service-stop - vars: - project_services: "{{ murano_services }}" - service_name: "{{ project_name }}" diff --git a/ansible/roles/murano/tasks/upgrade.yml b/ansible/roles/murano/tasks/upgrade.yml deleted file mode 100644 index 7d9c287b04..0000000000 --- a/ansible/roles/murano/tasks/upgrade.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- import_tasks: config.yml - -- import_tasks: check-containers.yml - -- import_tasks: bootstrap_service.yml - -- name: Flush handlers - meta: flush_handlers - -- import_tasks: import_library_packages.yml diff --git a/ansible/roles/murano/templates/murano-api.json.j2 b/ansible/roles/murano/templates/murano-api.json.j2 deleted file mode 100644 index 6b30be2fc7..0000000000 --- a/ansible/roles/murano/templates/murano-api.json.j2 +++ /dev/null @@ -1,24 +0,0 @@ -{ - "command": "murano-api --config-file /etc/murano/murano.conf", - "config_files": [ - { - "source": "{{ container_config_directory }}/murano.conf", - "dest": "/etc/murano/murano.conf", - "owner": "murano", - "perm": "0600" - }{% if murano_policy_file is defined %}, - { - "source": "{{ container_config_directory }}/{{ murano_policy_file }}", - "dest": "/etc/murano/{{ murano_policy_file }}", - "owner": "murano", - "perm": "0600" - }{% endif %} - ], - "permissions": [ - { - "path": "/var/log/kolla/murano", - "owner": "murano:murano", - "recurse": true - } - ] -} diff --git a/ansible/roles/murano/templates/murano-engine.json.j2 b/ansible/roles/murano/templates/murano-engine.json.j2 deleted file mode 100644 index a42329e002..0000000000 --- a/ansible/roles/murano/templates/murano-engine.json.j2 +++ /dev/null @@ -1,24 +0,0 @@ -{ - "command": "murano-engine --config-file /etc/murano/murano.conf", - "config_files": [ - { - "source": "{{ container_config_directory }}/murano.conf", - "dest": "/etc/murano/murano.conf", - "owner": "murano", - "perm": "0600" - }{% if murano_policy_file is defined %}, - { - "source": "{{ container_config_directory }}/{{ murano_policy_file }}", - "dest": "/etc/murano/{{ murano_policy_file }}", - "owner": "murano", - "perm": "0600" - }{% endif %} - ], - "permissions": [ - { - "path": "/var/log/kolla/murano", - "owner": "murano:murano", - "recurse": true - } - ] -} diff --git a/ansible/roles/murano/templates/murano.conf.j2 b/ansible/roles/murano/templates/murano.conf.j2 deleted file mode 100644 index fbebb12f9d..0000000000 --- a/ansible/roles/murano/templates/murano.conf.j2 +++ /dev/null @@ -1,119 +0,0 @@ -[DEFAULT] -debug = {{ murano_logging_debug }} - -log_dir = /var/log/kolla/murano - -{% if service_name == 'murano-api' %} -bind_host = {{ api_interface_address }} -bind_port = {{ murano_api_port }} -{% endif %} - -transport_url = {{ rpc_transport_url }} - -[engine] -engine_workers = {{ murano_engine_workers }} -agent_timeout = {{ murano_agent_timeout }} - -[database] -connection = mysql+pymysql://{{ murano_database_user }}:{{ murano_database_password }}@{{ murano_database_address }}/{{ murano_database_name }} -connection_recycle_time = {{ database_connection_recycle_time }} -max_pool_size = {{ database_max_pool_size }} -max_retries = -1 - -[keystone_authtoken] -service_type = application-catalog -www_authenticate_uri = {{ keystone_internal_url }} -auth_url = {{ keystone_internal_url }} -auth_type = password -project_domain_id = {{ default_project_domain_id }} -user_domain_id = {{ default_user_domain_id }} -project_name = service -username = {{ murano_keystone_user }} -password = {{ murano_keystone_password }} -cafile = {{ openstack_cacert }} -region_name = {{ openstack_region_name }} - -memcache_security_strategy = ENCRYPT -memcache_secret_key = {{ memcache_secret_key }} -memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} - -[murano_auth] -auth_uri = {{ keystone_internal_url }} -auth_url = {{ keystone_internal_url }} -auth_type = password -project_domain_name = {{ default_project_domain_name }} -user_domain_name = {{ default_user_domain_name }} -project_name = service -username = {{ murano_keystone_user }} -password = {{ murano_keystone_password }} -cafile = {{ openstack_cacert }} - -[murano] -url = {{ murano_internal_endpoint }} -api_workers = {{ murano_api_workers }} - -[oslo_messaging_notifications] -transport_url = {{ notify_transport_url }} -{% if murano_enabled_notification_topics %} -driver = messagingv2 -topics = {{ murano_enabled_notification_topics | map(attribute='name') | join(',') }} -{% else %} -driver = noop -{% endif %} - -[oslo_messaging_rabbit] -heartbeat_in_pthread = false -{% if om_enable_rabbitmq_tls | bool %} -ssl = true -ssl_ca_file = {{ om_rabbitmq_cacert }} -{% endif %} -{% if om_enable_rabbitmq_high_availability | bool %} -amqp_durable_queues = true -{% endif %} -{% if om_enable_rabbitmq_quorum_queues | bool %} -rabbit_quorum_queue = true -{% endif %} - -[oslo_middleware] -enable_proxy_headers_parsing = True - -{% if murano_policy_file is defined %} -[oslo_policy] -policy_file = {{ murano_policy_file }} -{% endif %} - -{% if service_name == 'murano-engine' %} -[rabbitmq] -host = {{ rabbitmq_external_fqdn }} -port = {{ outward_rabbitmq_port }} -login = {{ murano_agent_rabbitmq_user }} -password = {{ murano_agent_rabbitmq_password }} -virtual_host = {{ murano_agent_rabbitmq_vhost }} - -{% if enable_barbican | bool %} -[key_manager] -auth_type = keystone_password -auth_url = {{ keystone_internal_url }} -username = {{ murano_keystone_user }} -password = {{ murano_keystone_password }} -user_domain_name = {{ default_project_domain_name }} -cafile = {{ openstack_cacert }} -region_name = {{ openstack_region_name }} -{% endif %} -{% endif %} - -[neutron] -endpoint_type = internalURL -cafile = {{ openstack_cacert }} - -[heat] -endpoint_type = internalURL -cafile = {{ openstack_cacert }} - -[glance] -endpoint_type = internalURL -cafile = {{ openstack_cacert }} - -[mistral] -endpoint_type = internalURL -cafile = {{ openstack_cacert }} diff --git a/ansible/roles/murano/vars/main.yml b/ansible/roles/murano/vars/main.yml deleted file mode 100644 index b9c934a3d2..0000000000 --- a/ansible/roles/murano/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -project_name: "murano" diff --git a/ansible/roles/rabbitmq/defaults/main.yml b/ansible/roles/rabbitmq/defaults/main.yml index 803eea0b48..c08fd7c788 100644 --- a/ansible/roles/rabbitmq/defaults/main.yml +++ b/ansible/roles/rabbitmq/defaults/main.yml @@ -23,29 +23,6 @@ rabbitmq_services: mode: "http" port: "{{ rabbitmq_management_port }}" host_group: "rabbitmq" - rabbitmq_outward_management: - enabled: "{{ enable_outward_rabbitmq }}" - mode: "http" - port: "{{ outward_rabbitmq_management_port }}" - host_group: "outward-rabbitmq" - rabbitmq_outward_external: - enabled: "{{ enable_outward_rabbitmq }}" - mode: "tcp" - external: true - external_fqdn: "{{ outward_rabbitmq_external_fqdn }}" - port: "{{ outward_rabbitmq_port }}" - host_group: "outward-rabbitmq" - frontend_tcp_extra: - - "timeout client {{ haproxy_outward_rabbitmq_client_timeout }}" - backend_tcp_extra: - - "timeout server {{ haproxy_outward_rabbitmq_server_timeout }}" - -#################### -# HAProxy -#################### -haproxy_outward_rabbitmq_client_timeout: "1h" -haproxy_outward_rabbitmq_server_timeout: "1h" - #################### # Docker diff --git a/ansible/roles/rabbitmq/tasks/precheck.yml b/ansible/roles/rabbitmq/tasks/precheck.yml index b1e8c5fdb5..69aa517489 100644 --- a/ansible/roles/rabbitmq/tasks/precheck.yml +++ b/ansible/roles/rabbitmq/tasks/precheck.yml @@ -11,7 +11,6 @@ container_engine: "{{ kolla_container_engine }}" name: - rabbitmq - - outward_rabbitmq check_mode: false register: container_facts @@ -105,101 +104,6 @@ - not kolla_externally_managed_cert | bool - rabbitmq_enable_tls | bool -- name: Checking free port for outward RabbitMQ - wait_for: - host: "{{ api_interface_address }}" - port: "{{ outward_rabbitmq_port }}" - connect_timeout: 1 - state: stopped - when: - - enable_outward_rabbitmq | bool - - inventory_hostname in groups['outward-rabbitmq'] - - container_facts['outward_rabbitmq'] is not defined - -- name: Checking free port for outward RabbitMQ Management - wait_for: - host: "{{ api_interface_address }}" - port: "{{ outward_rabbitmq_management_port }}" - connect_timeout: 1 - state: stopped - when: - - enable_outward_rabbitmq | bool - - inventory_hostname in groups['outward-rabbitmq'] - - container_facts['outward_rabbitmq'] is not defined - -- name: Checking free port for outward RabbitMQ Cluster - wait_for: - host: "{{ api_interface_address }}" - port: "{{ outward_rabbitmq_cluster_port }}" - connect_timeout: 1 - state: stopped - when: - - enable_outward_rabbitmq | bool - - inventory_hostname in groups['outward-rabbitmq'] - - container_facts['outward_rabbitmq'] is not defined - -- name: Checking free port for outward RabbitMQ EPMD - wait_for: - host: "{{ api_interface_address }}" - port: "{{ outward_rabbitmq_epmd_port }}" - connect_timeout: 1 - state: stopped - when: - - enable_outward_rabbitmq | bool - - inventory_hostname in groups['outward-rabbitmq'] - - container_facts['outward_rabbitmq'] is not defined - -- name: Check if all outward rabbit hostnames are resolvable - vars: - nss_database: "{{ 'ahostsv4' if api_address_family == 'ipv4' else 'ahostsv6' }}" - command: "getent {{ nss_database }} {{ hostvars[item].ansible_facts.hostname }}" - changed_when: false - check_mode: false - register: outward_rabbitmq_hostnames - with_items: "{{ groups['outward-rabbitmq'] }}" - when: - - enable_outward_rabbitmq | bool - -- name: Check if each rabbit hostname resolves uniquely to the proper IP address - fail: - msg: Hostname has to resolve uniquely to the IP address of api_interface - with_subelements: - - "{{ outward_rabbitmq_hostnames.results }}" - - stdout_lines - when: - - enable_outward_rabbitmq | bool - - not item.1 is match('^'+('api' | kolla_address(item.0.item))+'\\b') - -- name: Check if TLS certificate exists for outward RabbitMQ - assert: - that: cert | length > 0 - fail_msg: No TLS certificate provided for outward RabbitMQ. - vars: - cert: "{{ query('first_found', paths, errors='ignore') }}" - paths: - - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}/outward_rabbitmq-cert.pem" - - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}-cert.pem" - - "{{ kolla_certificates_dir }}/outward_rabbitmq-cert.pem" - when: - - not kolla_externally_managed_cert | bool - - enable_outward_rabbitmq | bool - - rabbitmq_enable_tls | bool - -- name: Check if TLS key exists for outward RabbitMQ - assert: - that: key | length > 0 - msg: No TLS key provided for outward RabbitMQ. - vars: - key: "{{ query('first_found', paths, errors='ignore') }}" - paths: - - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}/outward_rabbitmq-key.pem" - - "{{ kolla_certificates_dir }}/{{ inventory_hostname }}-key.pem" - - "{{ kolla_certificates_dir }}/outward_rabbitmq-key.pem" - when: - - not kolla_externally_managed_cert | bool - - enable_outward_rabbitmq | bool - - rabbitmq_enable_tls | bool - - block: - name: List RabbitMQ policies become: true diff --git a/ansible/roles/rabbitmq/templates/definitions.json.j2 b/ansible/roles/rabbitmq/templates/definitions.json.j2 index e442db7782..9fcffbb35e 100644 --- a/ansible/roles/rabbitmq/templates/definitions.json.j2 +++ b/ansible/roles/rabbitmq/templates/definitions.json.j2 @@ -1,26 +1,18 @@ { "vhosts": [ - {"name": "/"}{% if project_name == 'outward_rabbitmq' %}, - {"name": "{{ murano_agent_rabbitmq_vhost }}"} - {% endif %} + {"name": "/"} ], "users": [ {"name": "{{ role_rabbitmq_user }}", "password": "{{ role_rabbitmq_password }}", "tags": "administrator"}{% if role_rabbitmq_monitoring_user is defined and role_rabbitmq_monitoring_user %}, - {"name": "{{ role_rabbitmq_monitoring_user }}", "password": "{{ role_rabbitmq_monitoring_password }}", "tags": "monitoring"}{% endif %}{% if project_name == 'outward_rabbitmq' %}, - {"name": "{{ murano_agent_rabbitmq_user }}", "password": "{{ murano_agent_rabbitmq_password }}", "tags": "management"} - {% endif %} + {"name": "{{ role_rabbitmq_monitoring_user }}", "password": "{{ role_rabbitmq_monitoring_password }}", "tags": "monitoring"}{% endif %} ], "permissions": [ {"user": "{{ role_rabbitmq_user }}", "vhost": "/", "configure": ".*", "write": ".*", "read": ".*"}{% if role_rabbitmq_monitoring_user is defined and role_rabbitmq_monitoring_user %}, - {"user": "{{ role_rabbitmq_monitoring_user }}", "vhost": "/", "configure": "^$", "write": "^$", "read": ".*"}{% endif %}{% if project_name == 'outward_rabbitmq' %}, - {"user": "{{ murano_agent_rabbitmq_user }}", "vhost": "{{ murano_agent_rabbitmq_vhost }}", "configure": ".*", "write": ".*", "read": ".*"} - {% endif %} + {"user": "{{ role_rabbitmq_monitoring_user }}", "vhost": "/", "configure": "^$", "write": "^$", "read": ".*"}{% endif %} ], {% if om_enable_rabbitmq_high_availability | bool %} "policies":[ - {"vhost": "/", "name": "ha-all", "pattern": "^(?!(amq\\.)|(.*_fanout_)|(reply_)).*", "apply-to": "all", "definition": {"ha-mode":{% if rabbitmq_ha_replica_count is not none %}"exactly","ha-params":{{ rabbitmq_ha_replica_count | int }}{% else %}"all"{% endif %}{% if rabbitmq_ha_promote_on_shutdown is not none %},"ha-promote-on-shutdown":"{{ rabbitmq_ha_promote_on_shutdown }}"{% endif %}{% if rabbitmq_message_ttl_ms is not none %},"message-ttl":{{ rabbitmq_message_ttl_ms | int }}{% endif %}{% if rabbitmq_queue_expiry_ms is not none %},"expires":{{ rabbitmq_queue_expiry_ms | int }}{% endif %}}, "priority":0}{% if project_name == 'outward_rabbitmq' %}, - {"vhost": "{{ murano_agent_rabbitmq_vhost }}", "name": "ha-all", "pattern": "^(?!(amq\\.)|(.*_fanout_)|(reply_)).*", "apply-to": "all", "definition": {"ha-mode":{% if rabbitmq_ha_replica_count is not none %}"exactly","ha-params":{{ rabbitmq_ha_replica_count | int }}{% else %}"all"{% endif %}{% if rabbitmq_ha_promote_on_shutdown is not none %},"ha-promote-on-shutdown":"{{ rabbitmq_ha_promote_on_shutdown }}"{% endif %}{% if rabbitmq_message_ttl_ms is not none %},"message-ttl":{{ rabbitmq_message_ttl_ms | int }}{% endif %}{% if rabbitmq_queue_expiry_ms is not none %},"expires":{{ rabbitmq_queue_expiry_ms | int }}{% endif %}}, "priority":0} - {% endif %} + {"vhost": "/", "name": "ha-all", "pattern": "^(?!(amq\\.)|(.*_fanout_)|(reply_)).*", "apply-to": "all", "definition": {"ha-mode":{% if rabbitmq_ha_replica_count is not none %}"exactly","ha-params":{{ rabbitmq_ha_replica_count | int }}{% else %}"all"{% endif %}{% if rabbitmq_ha_promote_on_shutdown is not none %},"ha-promote-on-shutdown":"{{ rabbitmq_ha_promote_on_shutdown }}"{% endif %}{% if rabbitmq_message_ttl_ms is not none %},"message-ttl":{{ rabbitmq_message_ttl_ms | int }}{% endif %}{% if rabbitmq_queue_expiry_ms is not none %},"expires":{{ rabbitmq_queue_expiry_ms | int }}{% endif %}}, "priority":0} ] {% else %} "policies":[] diff --git a/ansible/roles/telegraf/defaults/main.yml b/ansible/roles/telegraf/defaults/main.yml index cdefc16457..ea93ab420e 100644 --- a/ansible/roles/telegraf/defaults/main.yml +++ b/ansible/roles/telegraf/defaults/main.yml @@ -36,4 +36,3 @@ influxdb_proto: "http" rabbitmq_proto: "http" mariadb_proto: "tcp" opensearch_proto: "http" -outward_rabbitmq_proto: "http" diff --git a/ansible/roles/telegraf/templates/telegraf.conf.j2 b/ansible/roles/telegraf/templates/telegraf.conf.j2 index 8a6a973841..a8c88f5e44 100644 --- a/ansible/roles/telegraf/templates/telegraf.conf.j2 +++ b/ansible/roles/telegraf/templates/telegraf.conf.j2 @@ -67,12 +67,6 @@ username = "{{ rabbitmq_user }}" password = "{{ rabbitmq_password }}" {% endif %} -{% if inventory_hostname in groups['outward-rabbitmq'] and enable_outward_rabbitmq | bool %} -[[inputs.rabbitmq]] - url = "{{ outward_rabbitmq_proto }}://{{ api_interface_address | put_address_in_context('url') }}:{{ outward_rabbitmq_management_port }}" - username = "{{ outward_rabbitmq_user }}" - password = "{{ outward_rabbitmq_password }}" -{% endif %} {% if inventory_hostname in groups['redis'] and enable_redis | bool %} [[inputs.redis]] servers = ["tcp://:{{ redis_master_password }}@{{ api_interface_address | put_address_in_context('url') }}:{{ redis_port }}"] diff --git a/ansible/site.yml b/ansible/site.yml index b308e9f3b4..0475d2c582 100644 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -53,14 +53,12 @@ - enable_memcached_{{ enable_memcached | bool }} - enable_mistral_{{ enable_mistral | bool }} - enable_multipathd_{{ enable_multipathd | bool }} - - enable_murano_{{ enable_murano | bool }} - enable_neutron_{{ enable_neutron | bool }} - enable_nova_{{ enable_nova | bool }} - enable_octavia_{{ enable_octavia | bool }} - enable_opensearch_{{ enable_opensearch | bool }} - enable_opensearch_dashboards_{{ enable_opensearch_dashboards | bool }} - enable_openvswitch_{{ enable_openvswitch | bool }}_enable_ovs_dpdk_{{ enable_ovs_dpdk | bool }} - - enable_outward_rabbitmq_{{ enable_outward_rabbitmq | bool }} - enable_ovn_{{ enable_ovn | bool }} - enable_placement_{{ enable_placement | bool }} - enable_prometheus_{{ enable_prometheus | bool }} @@ -243,11 +241,6 @@ tasks_from: loadbalancer tags: mistral when: enable_mistral | bool - - include_role: - name: murano - tasks_from: loadbalancer - tags: murano - when: enable_murano | bool - include_role: name: neutron tasks_from: loadbalancer @@ -293,7 +286,7 @@ vars: role_rabbitmq_cluster_cookie: role_rabbitmq_groups: - when: enable_rabbitmq | bool or enable_outward_rabbitmq | bool + when: enable_rabbitmq | bool - include_role: name: skyline tasks_from: loadbalancer @@ -760,21 +753,6 @@ - { role: horizon, tags: horizon } -- name: Apply role murano - gather_facts: false - hosts: - - murano-api - - murano-engine - - '&enable_murano_True' - serial: '{{ kolla_serial|default("0") }}' - max_fail_percentage: >- - {{ murano_max_fail_percentage | - default(kolla_max_fail_percentage) | - default(100) }} - roles: - - { role: murano, - tags: murano } - - name: Apply role magnum gather_facts: false hosts: diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index b564c509f5..9ddcb18508 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -322,7 +322,6 @@ workaround_ansible_issue_8743: yes #enable_neutron: "{{ enable_openstack_core | bool }}" #enable_nova: "{{ enable_openstack_core | bool }}" #enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no' }}" -#enable_outward_rabbitmq: "{{ enable_murano | bool }}" # OpenStack services can be enabled or disabled with these options #enable_aodh: "no" @@ -367,7 +366,6 @@ workaround_ansible_issue_8743: yes #enable_horizon_manila: "{{ enable_manila | bool }}" #enable_horizon_masakari: "{{ enable_masakari | bool }}" #enable_horizon_mistral: "{{ enable_mistral | bool }}" -#enable_horizon_murano: "{{ enable_murano | bool }}" #enable_horizon_neutron_vpnaas: "{{ enable_neutron_vpnaas | bool }}" #enable_horizon_octavia: "{{ enable_octavia | bool }}" #enable_horizon_tacker: "{{ enable_tacker | bool }}" @@ -392,7 +390,6 @@ workaround_ansible_issue_8743: yes #enable_masakari: "no" #enable_mistral: "no" #enable_multipathd: "no" -#enable_murano: "no" #enable_neutron_vpnaas: "no" #enable_neutron_sriov: "no" #enable_neutron_dvr: "no" @@ -642,7 +639,7 @@ workaround_ansible_issue_8743: yes ############################# # Horizon - Dashboard Options ############################# -#horizon_backend_database: "{{ enable_murano | bool }}" +#horizon_backend_database: false ############################# # Ironic options diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml index 8621c21d3c..8a24849c67 100644 --- a/etc/kolla/passwords.yml +++ b/etc/kolla/passwords.yml @@ -107,10 +107,6 @@ heat_database_password: heat_keystone_password: heat_domain_admin_password: -murano_database_password: -murano_keystone_password: -murano_agent_rabbitmq_password: - ironic_database_password: ironic_keystone_password: @@ -211,8 +207,6 @@ gnocchi_user_id: rabbitmq_password: rabbitmq_monitoring_password: rabbitmq_cluster_cookie: -outward_rabbitmq_password: -outward_rabbitmq_cluster_cookie: #################### # HAProxy options diff --git a/releasenotes/notes/drop-murano-51796e817e8331b4.yaml b/releasenotes/notes/drop-murano-51796e817e8331b4.yaml new file mode 100644 index 0000000000..2fc3353fcc --- /dev/null +++ b/releasenotes/notes/drop-murano-51796e817e8331b4.yaml @@ -0,0 +1,6 @@ +--- +upgrade: + - | + Support for deploying ``Murano`` has been dropped. + In addition to that support for deploying outward RabbitMQ (only used + for Murano) has been dropped as well. diff --git a/tests/templates/inventory.j2 b/tests/templates/inventory.j2 index e7bb2686f2..aaada13372 100644 --- a/tests/templates/inventory.j2 +++ b/tests/templates/inventory.j2 @@ -141,9 +141,6 @@ control [rabbitmq:children] control -[outward-rabbitmq:children] -control - [keystone:children] control @@ -182,9 +179,6 @@ control [heat:children] control -[murano:children] -control - [ironic:children] control @@ -416,13 +410,6 @@ heat [heat-engine:children] heat -# Murano -[murano-api:children] -murano - -[murano-engine:children] -murano - # Ironic [ironic-api:children] ironic