From 9e668902c2998d92bad6f8cc9266367f2fac8d55 Mon Sep 17 00:00:00 2001
From: Doug Szumski <doug@stackhpc.com>
Date: Fri, 31 Jul 2020 09:28:15 +0000
Subject: [PATCH] Register Elasticsearch in Keystone

This makes it possible for services to fetch the Elasticsearch endpoint
from Keystone. It is useful for both operators and Monasca Tempest.

Change-Id: Id60298582496a8959e82b970676669ca17e2e9d4
---
 ansible/roles/elasticsearch/defaults/main.yml | 16 +++++++
 ansible/roles/elasticsearch/tasks/deploy.yml  |  3 ++
 .../roles/elasticsearch/tasks/register.yml    |  7 +++
 ansible/roles/elasticsearch/tasks/upgrade.yml |  3 ++
 ansible/site.yml                              | 44 +++++++++----------
 ...icsearch_in_keystone-34b0fc7727046b0b.yaml |  5 +++
 6 files changed, 56 insertions(+), 22 deletions(-)
 create mode 100644 ansible/roles/elasticsearch/tasks/register.yml
 create mode 100644 releasenotes/notes/register_elasticsearch_in_keystone-34b0fc7727046b0b.yaml

diff --git a/ansible/roles/elasticsearch/defaults/main.yml b/ansible/roles/elasticsearch/defaults/main.yml
index 18a9b15554..4a42bc1c2c 100644
--- a/ansible/roles/elasticsearch/defaults/main.yml
+++ b/ansible/roles/elasticsearch/defaults/main.yml
@@ -31,6 +31,10 @@ elasticsearch_services:
 ####################
 # Elasticsearch
 ####################
+
+# Register Elasticsearch internal endpoint in the Keystone service catalogue
+elasticsearch_enable_keystone_registration: False
+
 elasticsearch_cluster_name: "kolla_logging"
 es_heap_size: "1g"
 es_java_opts: "{% if es_heap_size %}-Xms{{ es_heap_size }} -Xmx{{ es_heap_size }}{%endif%}"
@@ -70,6 +74,18 @@ elasticsearch_curator_soft_retention_period_days: 30
 # Duration after which an index is permanently erased from the cluster.
 elasticsearch_curator_hard_retention_period_days: 60
 
+####################
+# Keystone
+####################
+elasticsearch_openstack_auth: "{{ openstack_auth }}"
+
+elasticsearch_ks_services:
+  - name: "elasticsearch"
+    type: "log-storage"
+    description: "Elasticsearch"
+    endpoints:
+      - {'interface': 'internal', 'url': '{{ elasticsearch_internal_endpoint }}'}
+
 ####################
 # Docker
 ####################
diff --git a/ansible/roles/elasticsearch/tasks/deploy.yml b/ansible/roles/elasticsearch/tasks/deploy.yml
index 514002b273..dba49b3609 100644
--- a/ansible/roles/elasticsearch/tasks/deploy.yml
+++ b/ansible/roles/elasticsearch/tasks/deploy.yml
@@ -5,5 +5,8 @@
 
 - import_tasks: check-containers.yml
 
+- include_tasks: register.yml
+  when: elasticsearch_enable_keystone_registration | bool
+
 - name: Flush handlers
   meta: flush_handlers
diff --git a/ansible/roles/elasticsearch/tasks/register.yml b/ansible/roles/elasticsearch/tasks/register.yml
new file mode 100644
index 0000000000..5957f14727
--- /dev/null
+++ b/ansible/roles/elasticsearch/tasks/register.yml
@@ -0,0 +1,7 @@
+---
+- import_role:
+    name: service-ks-register
+  vars:
+    service_ks_register_auth: "{{ elasticsearch_openstack_auth }}"
+    service_ks_register_services: "{{ elasticsearch_ks_services }}"
+  tags: always
diff --git a/ansible/roles/elasticsearch/tasks/upgrade.yml b/ansible/roles/elasticsearch/tasks/upgrade.yml
index a7b0484ba5..f6dc02bf89 100644
--- a/ansible/roles/elasticsearch/tasks/upgrade.yml
+++ b/ansible/roles/elasticsearch/tasks/upgrade.yml
@@ -56,5 +56,8 @@
 
 - import_tasks: check-containers.yml
 
+- include_tasks: register.yml
+  when: elasticsearch_enable_keystone_registration | bool
+
 - name: Flush handlers
   meta: flush_handlers
diff --git a/ansible/site.yml b/ansible/site.yml
index 55ba30d462..eab36acb13 100644
--- a/ansible/site.yml
+++ b/ansible/site.yml
@@ -378,17 +378,6 @@
         tags: zookeeper,
         when: enable_zookeeper | bool }
 
-- name: Apply role elasticsearch
-  gather_facts: false
-  hosts:
-    - elasticsearch
-    - '&enable_elasticsearch_True'
-  serial: '{{ kolla_serial|default("0") }}'
-  roles:
-    - { role: elasticsearch,
-        tags: elasticsearch,
-        when: enable_elasticsearch | bool }
-
 - name: Apply role influxdb
   gather_facts: false
   hosts:
@@ -422,17 +411,6 @@
         tags: redis,
         when: enable_redis | bool }
 
-- name: Apply role kibana
-  gather_facts: false
-  hosts:
-    - kibana
-    - '&enable_kibana_True'
-  serial: '{{ kolla_serial|default("0") }}'
-  roles:
-    - { role: kibana,
-        tags: kibana,
-        when: enable_kibana | bool }
-
 - name: Apply role mariadb
   gather_facts: false
   hosts:
@@ -569,6 +547,28 @@
         tags: keystone,
         when: enable_keystone | bool }
 
+- name: Apply role elasticsearch
+  gather_facts: false
+  hosts:
+    - elasticsearch
+    - '&enable_elasticsearch_True'
+  serial: '{{ kolla_serial|default("0") }}'
+  roles:
+    - { role: elasticsearch,
+        tags: elasticsearch,
+        when: enable_elasticsearch | bool }
+
+- name: Apply role kibana
+  gather_facts: false
+  hosts:
+    - kibana
+    - '&enable_kibana_True'
+  serial: '{{ kolla_serial|default("0") }}'
+  roles:
+    - { role: kibana,
+        tags: kibana,
+        when: enable_kibana | bool }
+
 - name: Apply role kafka
   gather_facts: false
   hosts:
diff --git a/releasenotes/notes/register_elasticsearch_in_keystone-34b0fc7727046b0b.yaml b/releasenotes/notes/register_elasticsearch_in_keystone-34b0fc7727046b0b.yaml
new file mode 100644
index 0000000000..b897dbb1fc
--- /dev/null
+++ b/releasenotes/notes/register_elasticsearch_in_keystone-34b0fc7727046b0b.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Elasticsearch can be optionally registered as an internal
+    service in the Keystone Catalogue. This is off by default.