openstack/kolla-ansible
Code Issues Proposed changes

Enable kolla k8s to override bind api bind address in genconfig

Browse Source 
It's good if k8s reuses ansible templates, but we need to abstract all
ansible specific variables to achieve that.

- Implements ansible override variable api_interface_address.
- Adds api_interface_address setting and comments to globals.yml
- Makes changes to mariadb templates to accept this new setting.
- Disabled Galera when api_interface_address==0.0.0.0 in the
  case of Kubernetes.  Otherwise, mariadb fails to start.
- Tested with and without setting to ensure kolla genconfig output
  does not change when setting is disabled or undefined.

Change-Id: Ia0e4951c327be01b717aebb86ef4c3a4e7ed170e
Partially-implements: blueprint api-interface-bind-address-override
Co-authored-by: David Wang <dcwangmit01@gmail.com>
Co-authored-by: Ryan Hallisey <rhallise@redhat.com>
Co-authored-by: Kevin Fox <kevin@efox.cc>
This commit is contained in:
Michal (inc0) Jastrzebski 2016-06-09 20:29:54 +00:00 committed by Ryan Hallisey
parent be77c38cfb
commit 5838bd0b3c
3 changed files with 28 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
ansible/group_vars/all.yml
View File

@ -19,6 +19,10 @@ node_config_directory: "/etc/kolla/{{ project }}"
################### ###################
# Kolla options # Kolla options
################### ###################
# Which orchestration engine to use. Valid options are [ ANSIBLE, KUBERNETES ]
orchestration_engine: "ANSIBLE"
# Valid options are [ COPY_ONCE, COPY_ALWAYS ] # Valid options are [ COPY_ONCE, COPY_ALWAYS ]
config_strategy: "COPY_ALWAYS" config_strategy: "COPY_ALWAYS"
@ -39,6 +43,19 @@ kolla_enable_sanity_glance: "{{ kolla_enable_sanity_checks }}"
kolla_enable_sanity_cinder: "{{ kolla_enable_sanity_checks }}" kolla_enable_sanity_cinder: "{{ kolla_enable_sanity_checks }}"
kolla_enable_sanity_swift: "{{ kolla_enable_sanity_checks }}" kolla_enable_sanity_swift: "{{ kolla_enable_sanity_checks }}"
####################
# kolla-kubernetes
####################
# By default, Kolla API services bind to the network address assigned
# to the api_interface. Allow the bind address to be an override. In
# some cases (Kubernetes), the api_interface address is not known
# until container runtime, and thus it is necessary to bind to all
# interfaces "0.0.0.0". When used outside of Kubernetes, binding to
# all interfaces may present a security issue, and thus is not
# recommended.
api_interface_address: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] if orchestration_engine == 'ANSIBLE' else '0.0.0.0' }}"
#################### ####################
# Database options # Database options
#################### ####################

15
ansible/roles/mariadb/templates/galera.cnf.j2
View File

@ -1,6 +1,11 @@
{% set wsrep_driver = '/usr/lib/galera/libgalera_smm.so' if kolla_base_distro == 'ubuntu' else '/usr/lib64/galera/libgalera_smm.so' %} {%- set wsrep_driver = '/usr/lib/galera/libgalera_smm.so' if kolla_base_distro == 'ubuntu' else '/usr/lib64/galera/libgalera_smm.so' %}
{#- Disable Galera in the case of of Kubernetes as its not supported yet. Otherwise, #}
{#- mariadb will fail to start #}
{%- set wsrep_driver = 'none' if orchestration_engine == 'KUBERNETES' else wsrep_driver %}
[mysqld] [mysqld]
bind-address={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} bind-address={{ api_interface_address }}
port={{ mariadb_port }} port={{ mariadb_port }}
log-error=/var/log/kolla/mariadb/mariadb.log log-error=/var/log/kolla/mariadb/mariadb.log
@ -13,10 +18,10 @@ datadir=/var/lib/mysql/
wsrep_cluster_address=gcomm://{% if (groups['mariadb'] | length) > 1 %}{% for host in groups['mariadb'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ mariadb_wsrep_port }}{% if not loop.last %},{% endif %}{% endfor %}{% endif %} wsrep_cluster_address=gcomm://{% if (groups['mariadb'] | length) > 1 %}{% for host in groups['mariadb'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ mariadb_wsrep_port }}{% if not loop.last %},{% endif %}{% endfor %}{% endif %}
wsrep_provider_options=gmcast.listen_addr=tcp://{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ mariadb_wsrep_port }};ist.recv_addr={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ mariadb_ist_port }} wsrep_provider_options=gmcast.listen_addr=tcp://{{ api_interface_address }}:{{ mariadb_wsrep_port }};ist.recv_addr={{ api_interface_address }}:{{ mariadb_ist_port }}
wsrep_node_address={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ mariadb_wsrep_port }} wsrep_node_address={{ api_interface_address }}:{{ mariadb_wsrep_port }}
wsrep_sst_receive_address={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ mariadb_sst_port }} wsrep_sst_receive_address={{ api_interface_address }}:{{ mariadb_sst_port }}
wsrep_provider={{ wsrep_driver }} wsrep_provider={{ wsrep_driver }}
wsrep_cluster_name="{{ database_cluster_name }}" wsrep_cluster_name="{{ database_cluster_name }}"

2
ansible/roles/mariadb/templates/wsrep-notify.sh.j2
View File

@ -3,7 +3,7 @@
# Edit parameters below to specify the address and login to server. # Edit parameters below to specify the address and login to server.
USER={{ database_user }} USER={{ database_user }}
PSWD={{ database_password }} PSWD={{ database_password }}
HOST={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} HOST={{ api_interface_address }}
PORT={{ mariadb_port }} PORT={{ mariadb_port }}
LB_USER=haproxy LB_USER=haproxy