Merge "Add zun ansible role"
This commit is contained in:
commit
aa68c84463
@ -245,6 +245,8 @@ tacker_server_port: "9890"
|
|||||||
|
|
||||||
fluentd_syslog_port: "5140"
|
fluentd_syslog_port: "5140"
|
||||||
|
|
||||||
|
zun_api_port: "9512"
|
||||||
|
|
||||||
public_protocol: "{{ 'https' if kolla_enable_tls_external | bool else 'http' }}"
|
public_protocol: "{{ 'https' if kolla_enable_tls_external | bool else 'http' }}"
|
||||||
internal_protocol: "http"
|
internal_protocol: "http"
|
||||||
admin_protocol: "http"
|
admin_protocol: "http"
|
||||||
@ -364,6 +366,7 @@ enable_tempest: "no"
|
|||||||
enable_trove: "no"
|
enable_trove: "no"
|
||||||
enable_vmtp: "no"
|
enable_vmtp: "no"
|
||||||
enable_watcher: "no"
|
enable_watcher: "no"
|
||||||
|
enable_zun: "no"
|
||||||
|
|
||||||
ironic_keystone_user: "ironic"
|
ironic_keystone_user: "ironic"
|
||||||
neutron_keystone_user: "neutron"
|
neutron_keystone_user: "neutron"
|
||||||
|
@ -184,6 +184,9 @@ control
|
|||||||
[bifrost:children]
|
[bifrost:children]
|
||||||
deployment
|
deployment
|
||||||
|
|
||||||
|
[zun:children]
|
||||||
|
control
|
||||||
|
|
||||||
# Additional control implemented here. These groups allow you to control which
|
# Additional control implemented here. These groups allow you to control which
|
||||||
# services run on which hosts at a per-service level.
|
# services run on which hosts at a per-service level.
|
||||||
#
|
#
|
||||||
@ -527,3 +530,10 @@ designate
|
|||||||
# Placement
|
# Placement
|
||||||
[placement-api:children]
|
[placement-api:children]
|
||||||
placement
|
placement
|
||||||
|
|
||||||
|
# Zun
|
||||||
|
[zun-api:children]
|
||||||
|
zun
|
||||||
|
|
||||||
|
[zun-compute:children]
|
||||||
|
compute
|
||||||
|
@ -202,6 +202,9 @@ control
|
|||||||
[bifrost:children]
|
[bifrost:children]
|
||||||
deployment
|
deployment
|
||||||
|
|
||||||
|
[zun:children]
|
||||||
|
control
|
||||||
|
|
||||||
# Additional control implemented here. These groups allow you to control which
|
# Additional control implemented here. These groups allow you to control which
|
||||||
# services run on which hosts at a per-service level.
|
# services run on which hosts at a per-service level.
|
||||||
#
|
#
|
||||||
@ -545,3 +548,10 @@ designate
|
|||||||
# Placement
|
# Placement
|
||||||
[placement-api:children]
|
[placement-api:children]
|
||||||
placement
|
placement
|
||||||
|
|
||||||
|
# Zun
|
||||||
|
[zun-api:children]
|
||||||
|
zun
|
||||||
|
|
||||||
|
[zun-compute:children]
|
||||||
|
compute
|
||||||
|
@ -110,3 +110,4 @@
|
|||||||
- { name: "swift", enabled: "{{ enable_swift }}" }
|
- { name: "swift", enabled: "{{ enable_swift }}" }
|
||||||
- { name: "tacker", enabled: "{{ enable_tacker }}" }
|
- { name: "tacker", enabled: "{{ enable_tacker }}" }
|
||||||
- { name: "watcher", enabled: "{{ enable_watcher }}" }
|
- { name: "watcher", enabled: "{{ enable_watcher }}" }
|
||||||
|
- { name: "zun", enabled: "{{ enable_zun }}" }
|
||||||
|
@ -0,0 +1,3 @@
|
|||||||
|
"/var/log/kolla/zun/*.log"
|
||||||
|
{
|
||||||
|
}
|
@ -34,7 +34,8 @@
|
|||||||
( 'solum', enable_solum ),
|
( 'solum', enable_solum ),
|
||||||
( 'swift', enable_swift ),
|
( 'swift', enable_swift ),
|
||||||
( 'tacker', enable_tacker ),
|
( 'tacker', enable_tacker ),
|
||||||
( 'watcher', enable_watcher )
|
( 'watcher', enable_watcher ),
|
||||||
|
( 'zun', enable_zun )
|
||||||
] %}
|
] %}
|
||||||
{
|
{
|
||||||
"command": "{{ cron_cmd }}",
|
"command": "{{ cron_cmd }}",
|
||||||
|
@ -621,3 +621,14 @@
|
|||||||
- enable_watcher | bool
|
- enable_watcher | bool
|
||||||
- inventory_hostname in groups['haproxy']
|
- inventory_hostname in groups['haproxy']
|
||||||
- "{{ 'watcher_api' not in haproxy_stat }}"
|
- "{{ 'watcher_api' not in haproxy_stat }}"
|
||||||
|
|
||||||
|
- name: Checking free port for Zun API HAProxy
|
||||||
|
wait_for:
|
||||||
|
host: "{{ kolla_internal_vip_address }}"
|
||||||
|
port: "{{ zun_api_port }}"
|
||||||
|
connect_timeout: 1
|
||||||
|
state: stopped
|
||||||
|
when:
|
||||||
|
- enable_zun | bool
|
||||||
|
- inventory_hostname in groups['haproxy']
|
||||||
|
- "{{ 'zun_api' not in haproxy_stat }}"
|
||||||
|
@ -798,6 +798,25 @@ listen tacker_server_external
|
|||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
{% if enable_zun | bool %}
|
||||||
|
listen zun_api
|
||||||
|
bind {{ kolla_internal_vip_address }}:{{ zun_api_port }}
|
||||||
|
http-request del-header X-Forwarded-Proto if { ssl_fc }
|
||||||
|
{% for host in groups['zun-api'] %}
|
||||||
|
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ zun_api_port }} check inter 2000 rise 2 fall 5
|
||||||
|
{% endfor %}
|
||||||
|
{% if haproxy_enable_external_vip | bool %}
|
||||||
|
|
||||||
|
listen zun_api_external
|
||||||
|
bind {{ kolla_external_vip_address }}:{{ zun_api_port }} {{ tls_bind_info }}
|
||||||
|
http-request del-header X-Forwarded-Proto if { ssl_fc }
|
||||||
|
http-request set-header X-Forwarded-Proto https if { ssl_fc }
|
||||||
|
{% for host in groups['zun-api'] %}
|
||||||
|
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ zun_api_port }} check inter 2000 rise 2 fall 5
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
# (NOTE): This defaults section deletes forwardfor as recommended by:
|
# (NOTE): This defaults section deletes forwardfor as recommended by:
|
||||||
# https://marc.info/?l=haproxy&m=141684110710132&w=1
|
# https://marc.info/?l=haproxy&m=141684110710132&w=1
|
||||||
|
|
||||||
|
55
ansible/roles/zun/defaults/main.yml
Normal file
55
ansible/roles/zun/defaults/main.yml
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
---
|
||||||
|
project_name: "zun"
|
||||||
|
|
||||||
|
zun_services:
|
||||||
|
zun-api:
|
||||||
|
container_name: zun_api
|
||||||
|
group: zun-api
|
||||||
|
enabled: true
|
||||||
|
image: "{{ zun_api_image_full }}"
|
||||||
|
volumes:
|
||||||
|
- "{{ node_config_directory }}/zun-api/:{{ container_config_directory }}/:ro"
|
||||||
|
- "/etc/localtime:/etc/localtime:ro"
|
||||||
|
- "kolla_logs:/var/log/kolla/"
|
||||||
|
zun-compute:
|
||||||
|
container_name: zun_compute
|
||||||
|
group: zun-compute
|
||||||
|
enabled: true
|
||||||
|
image: "{{ zun_compute_image_full }}"
|
||||||
|
volumes:
|
||||||
|
- "{{ node_config_directory }}/zun-compute/:{{ container_config_directory }}/:ro"
|
||||||
|
- "/etc/localtime:/etc/localtime:ro"
|
||||||
|
- "kolla_logs:/var/log/kolla/"
|
||||||
|
|
||||||
|
####################
|
||||||
|
## Database
|
||||||
|
####################
|
||||||
|
zun_database_name: "zun"
|
||||||
|
zun_database_user: "zun"
|
||||||
|
zun_database_address: "{{ kolla_internal_fqdn }}:{{ database_port }}"
|
||||||
|
|
||||||
|
|
||||||
|
####################
|
||||||
|
## Docker
|
||||||
|
####################
|
||||||
|
zun_compute_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-zun-compute"
|
||||||
|
zun_compute_tag: "{{ openstack_release }}"
|
||||||
|
zun_compute_image_full: "{{ zun_compute_image }}:{{ zun_compute_tag }}"
|
||||||
|
|
||||||
|
zun_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-zun-api"
|
||||||
|
zun_api_tag: "{{ openstack_release }}"
|
||||||
|
zun_api_image_full: "{{ zun_api_image }}:{{ zun_api_tag }}"
|
||||||
|
|
||||||
|
|
||||||
|
####################
|
||||||
|
## OpenStack
|
||||||
|
####################
|
||||||
|
zun_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
|
||||||
|
zun_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
|
||||||
|
zun_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
|
||||||
|
|
||||||
|
zun_logging_debug: "{{ openstack_logging_debug }}"
|
||||||
|
|
||||||
|
zun_keystone_user: "zun"
|
||||||
|
|
||||||
|
openstack_zun_auth: "{{ openstack_auth }}"
|
46
ansible/roles/zun/handlers/main.yml
Normal file
46
ansible/roles/zun/handlers/main.yml
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
---
|
||||||
|
- name: Restart zun-api container
|
||||||
|
vars:
|
||||||
|
service_name: "zun-api"
|
||||||
|
service: "{{ zun_services[service_name] }}"
|
||||||
|
config_json: "{{ zun_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
zun_conf: "{{ zun_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
policy_json: "{{ zun_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
zun_api_container: "{{ check_zun_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
kolla_docker:
|
||||||
|
action: "recreate_or_restart_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
name: "{{ service.container_name }}"
|
||||||
|
image: "{{ service.image }}"
|
||||||
|
volumes: "{{ service.volumes }}"
|
||||||
|
when:
|
||||||
|
- action != "config"
|
||||||
|
- inventory_hostname in groups[service.group]
|
||||||
|
- service.enabled | bool
|
||||||
|
- config_json.changed | bool
|
||||||
|
or zun_conf.changed | bool
|
||||||
|
or policy_json.changed | bool
|
||||||
|
or zun_api_container.changed | bool
|
||||||
|
|
||||||
|
- name: Restart zun-compute container
|
||||||
|
vars:
|
||||||
|
service_name: "zun-compute"
|
||||||
|
service: "{{ zun_services[service_name] }}"
|
||||||
|
config_json: "{{ zun_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
zun_conf: "{{ zun_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
policy_json: "{{ zun_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
zun_compute_container: "{{ check_zun_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
kolla_docker:
|
||||||
|
action: "recreate_or_restart_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
name: "{{ service.container_name }}"
|
||||||
|
image: "{{ service.image }}"
|
||||||
|
volumes: "{{ service.volumes }}"
|
||||||
|
when:
|
||||||
|
- action != "config"
|
||||||
|
- inventory_hostname in groups[service.group]
|
||||||
|
- service.enabled | bool
|
||||||
|
- config_json.changed | bool
|
||||||
|
or zun_conf.changed | bool
|
||||||
|
or policy_json.changed | bool
|
||||||
|
or zun_compute_container.changed | bool
|
3
ansible/roles/zun/meta/main.yml
Normal file
3
ansible/roles/zun/meta/main.yml
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
---
|
||||||
|
dependencies:
|
||||||
|
- { role: common }
|
32
ansible/roles/zun/tasks/bootstrap.yml
Normal file
32
ansible/roles/zun/tasks/bootstrap.yml
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
---
|
||||||
|
- name: Creating Zun database
|
||||||
|
kolla_toolbox:
|
||||||
|
module_name: mysql_db
|
||||||
|
module_args:
|
||||||
|
login_host: "{{ database_address }}"
|
||||||
|
login_port: "{{ database_port }}"
|
||||||
|
login_user: "{{ database_user }}"
|
||||||
|
login_password: "{{ database_password }}"
|
||||||
|
name: "{{ zun_database_name }}"
|
||||||
|
register: database
|
||||||
|
run_once: True
|
||||||
|
delegate_to: "{{ groups['zun-api'][0] }}"
|
||||||
|
|
||||||
|
- name: Creating Zun database user and setting permissions
|
||||||
|
kolla_toolbox:
|
||||||
|
module_name: mysql_user
|
||||||
|
module_args:
|
||||||
|
login_host: "{{ database_address }}"
|
||||||
|
login_port: "{{ database_port }}"
|
||||||
|
login_user: "{{ database_user }}"
|
||||||
|
login_password: "{{ database_password }}"
|
||||||
|
name: "{{ zun_database_name }}"
|
||||||
|
password: "{{ zun_database_password }}"
|
||||||
|
host: "%"
|
||||||
|
priv: "{{ zun_database_name }}.*:ALL"
|
||||||
|
append_privs: "yes"
|
||||||
|
run_once: True
|
||||||
|
delegate_to: "{{ groups['zun-api'][0] }}"
|
||||||
|
|
||||||
|
- include: bootstrap_service.yml
|
||||||
|
when: database.changed
|
19
ansible/roles/zun/tasks/bootstrap_service.yml
Normal file
19
ansible/roles/zun/tasks/bootstrap_service.yml
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
---
|
||||||
|
- name: Running Zun bootstrap container
|
||||||
|
vars:
|
||||||
|
zun_api: "{{ zun_services['zun-api'] }}"
|
||||||
|
kolla_docker:
|
||||||
|
action: "start_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
detach: False
|
||||||
|
environment:
|
||||||
|
KOLLA_BOOTSTRAP:
|
||||||
|
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||||
|
image: "{{ zun_api.image }}"
|
||||||
|
labels:
|
||||||
|
BOOTSTRAP:
|
||||||
|
name: "bootstrap_zun"
|
||||||
|
restart_policy: "never"
|
||||||
|
volumes: "{{ zun_api.volumes }}"
|
||||||
|
run_once: True
|
||||||
|
delegate_to: "{{ groups[zun_api.group][0] }}"
|
77
ansible/roles/zun/tasks/config.yml
Normal file
77
ansible/roles/zun/tasks/config.yml
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
---
|
||||||
|
- name: Ensuring config directories exist
|
||||||
|
file:
|
||||||
|
path: "{{ node_config_directory }}/{{ item.key }}"
|
||||||
|
state: "directory"
|
||||||
|
recurse: yes
|
||||||
|
when: inventory_hostname in groups[item.value.group]
|
||||||
|
with_dict: "{{ zun_services }}"
|
||||||
|
|
||||||
|
- name: Copying over config.json files for services
|
||||||
|
template:
|
||||||
|
src: "{{ item.key }}.json.j2"
|
||||||
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
||||||
|
register: zun_config_jsons
|
||||||
|
when:
|
||||||
|
- item.value.enabled | bool
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
with_dict: "{{ zun_services }}"
|
||||||
|
notify:
|
||||||
|
- Restart zun-api container
|
||||||
|
- Restart zun-compute container
|
||||||
|
|
||||||
|
- name: Copying over zun.conf
|
||||||
|
merge_configs:
|
||||||
|
vars:
|
||||||
|
service_name: "{{ item.key }}"
|
||||||
|
sources:
|
||||||
|
- "{{ role_path }}/templates/zun.conf.j2"
|
||||||
|
- "{{ node_custom_config }}/global.conf"
|
||||||
|
- "{{ node_custom_config }}/database.conf"
|
||||||
|
- "{{ node_custom_config }}/messaging.conf"
|
||||||
|
- "{{ node_custom_config }}/zun.conf"
|
||||||
|
- "{{ node_custom_config }}/zun/{{ item.key }}.conf"
|
||||||
|
- "{{ node_custom_config }}/zun/{{ inventory_hostname }}/zun.conf"
|
||||||
|
dest: "{{ node_config_directory }}/{{ item.key }}/zun.conf"
|
||||||
|
register: zun_confs
|
||||||
|
when:
|
||||||
|
- item.value.enabled | bool
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
with_dict: "{{ zun_services }}"
|
||||||
|
notify:
|
||||||
|
- Restart zun-api container
|
||||||
|
- Restart zun-compute container
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
local_action: stat path="{{ node_custom_config }}/zun/policy.json"
|
||||||
|
register: zun_policy
|
||||||
|
|
||||||
|
- name: Copying over existing policy.json
|
||||||
|
template:
|
||||||
|
src: "{{ node_custom_config }}/zun/policy.json"
|
||||||
|
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
||||||
|
register: zun_policy_jsons
|
||||||
|
when:
|
||||||
|
- zun_policy.stat.exists
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
with_dict: "{{ zun_services }}"
|
||||||
|
notify:
|
||||||
|
- Restart zun-api container
|
||||||
|
- Restart zun-compute container
|
||||||
|
|
||||||
|
- name: Check zun containers
|
||||||
|
kolla_docker:
|
||||||
|
action: "compare_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
name: "{{ item.value.container_name }}"
|
||||||
|
image: "{{ item.value.image }}"
|
||||||
|
volumes: "{{ item.value.volumes }}"
|
||||||
|
register: check_zun_containers
|
||||||
|
when:
|
||||||
|
- action != "config"
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ zun_services }}"
|
||||||
|
notify:
|
||||||
|
- Restart zun-api container
|
||||||
|
- Restart zun-compute container
|
13
ansible/roles/zun/tasks/deploy.yml
Normal file
13
ansible/roles/zun/tasks/deploy.yml
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
---
|
||||||
|
- include: register.yml
|
||||||
|
when: inventory_hostname in groups['zun-api']
|
||||||
|
|
||||||
|
- include: config.yml
|
||||||
|
when: inventory_hostname in groups['zun-api'] or
|
||||||
|
inventory_hostname in groups['zun-compute']
|
||||||
|
|
||||||
|
- include: bootstrap.yml
|
||||||
|
when: inventory_hostname in groups['zun-api']
|
||||||
|
|
||||||
|
- name: Flush handlers
|
||||||
|
meta: flush_handlers
|
2
ansible/roles/zun/tasks/main.yml
Normal file
2
ansible/roles/zun/tasks/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
- include: "{{ action }}.yml"
|
16
ansible/roles/zun/tasks/precheck.yml
Normal file
16
ansible/roles/zun/tasks/precheck.yml
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
---
|
||||||
|
- name: Get container facts
|
||||||
|
kolla_container_facts:
|
||||||
|
name:
|
||||||
|
- zun_api
|
||||||
|
register: container_facts
|
||||||
|
|
||||||
|
- name: Checking free port for Zun API
|
||||||
|
wait_for:
|
||||||
|
host: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}"
|
||||||
|
port: "{{ zun_api_port }}"
|
||||||
|
connect_timeout: 1
|
||||||
|
state: stopped
|
||||||
|
when:
|
||||||
|
- container_facts['zun_api'] is not defined
|
||||||
|
- inventory_hostname in groups['zun-api']
|
10
ansible/roles/zun/tasks/pull.yml
Normal file
10
ansible/roles/zun/tasks/pull.yml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
---
|
||||||
|
- name: Pulling zun images
|
||||||
|
kolla_docker:
|
||||||
|
action: "pull_image"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
image: "{{ item.value.image }}"
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
- item.value.enabled | bool
|
||||||
|
with_dict: "{{ zun_services }}"
|
2
ansible/roles/zun/tasks/reconfigure.yml
Normal file
2
ansible/roles/zun/tasks/reconfigure.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
- include: deploy.yml
|
42
ansible/roles/zun/tasks/register.yml
Normal file
42
ansible/roles/zun/tasks/register.yml
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
---
|
||||||
|
- name: Creating the Zun service and endpoint
|
||||||
|
kolla_toolbox:
|
||||||
|
module_name: "kolla_keystone_service"
|
||||||
|
module_args:
|
||||||
|
service_name: "{{ item.service_name }}"
|
||||||
|
service_type: "{{ item.service_type }}"
|
||||||
|
description: "Container Service"
|
||||||
|
endpoint_region: "{{ openstack_region_name }}"
|
||||||
|
url: "{{ item.url }}"
|
||||||
|
interface: "{{ item.interface }}"
|
||||||
|
region_name: "{{ openstack_region_name }}"
|
||||||
|
auth: "{{ '{{ openstack_zun_auth }}' }}"
|
||||||
|
module_extra_vars:
|
||||||
|
openstack_zun_auth: "{{ openstack_zun_auth }}"
|
||||||
|
register: zun_endpoint
|
||||||
|
until: zun_endpoint|success
|
||||||
|
retries: 10
|
||||||
|
delay: 5
|
||||||
|
run_once: True
|
||||||
|
with_items:
|
||||||
|
- {'interface': 'admin', 'url': '{{ zun_admin_endpoint }}'}
|
||||||
|
- {'interface': 'internal', 'url': '{{ zun_internal_endpoint }}'}
|
||||||
|
- {'interface': 'public', 'url': '{{ zun_public_endpoint }}'}
|
||||||
|
|
||||||
|
- name: Creating the Zun project, user, and role
|
||||||
|
kolla_toolbox:
|
||||||
|
module_name: "kolla_keystone_user"
|
||||||
|
module_args:
|
||||||
|
project: "service"
|
||||||
|
user: "{{ zun_keystone_user }}"
|
||||||
|
password: "{{ zun_keystone_password }}"
|
||||||
|
role: "admin"
|
||||||
|
region_name: "{{ openstack_region_name }}"
|
||||||
|
auth: "{{ '{{ openstack_zun_auth }}' }}"
|
||||||
|
module_extra_vars:
|
||||||
|
openstack_zun_auth: "{{ openstack_zun_auth }}"
|
||||||
|
register: zun_user
|
||||||
|
until: zun_user|success
|
||||||
|
retries: 10
|
||||||
|
delay: 5
|
||||||
|
run_once: True
|
7
ansible/roles/zun/tasks/upgrade.yml
Normal file
7
ansible/roles/zun/tasks/upgrade.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- include: config.yml
|
||||||
|
|
||||||
|
- include: bootstrap_service.yml
|
||||||
|
|
||||||
|
- name: Flush handlers
|
||||||
|
meta: flush_handlers
|
30
ansible/roles/zun/templates/zun-api.json.j2
Normal file
30
ansible/roles/zun/templates/zun-api.json.j2
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{
|
||||||
|
"command": "zun-api --config-file /etc/zun/zun.conf",
|
||||||
|
"config_files": [
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/zun.conf",
|
||||||
|
"dest": "/etc/zun/zun.conf",
|
||||||
|
"owner": "zun",
|
||||||
|
"perm": "0600"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/api-paste.ini",
|
||||||
|
"dest": "/etc/zun/api-paste.ini",
|
||||||
|
"owner": "zun",
|
||||||
|
"perm": "0600"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/policy.json",
|
||||||
|
"dest": "/etc/zun/policy.json",
|
||||||
|
"owner": "zun",
|
||||||
|
"perm": "0600"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"permissions": [
|
||||||
|
{
|
||||||
|
"path": "/var/log/kolla/zun",
|
||||||
|
"owner": "zun:zun",
|
||||||
|
"recurse": true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
25
ansible/roles/zun/templates/zun-compute.json.j2
Normal file
25
ansible/roles/zun/templates/zun-compute.json.j2
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
{
|
||||||
|
"command": "zun-compute --config-file /etc/zun/zun.conf",
|
||||||
|
"config_files": [
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/zun.conf",
|
||||||
|
"dest": "/etc/zun/zun.conf",
|
||||||
|
"owner": "zun",
|
||||||
|
"perm": "0600"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/policy.json",
|
||||||
|
"dest": "/etc/zun/policy.json",
|
||||||
|
"owner": "zun",
|
||||||
|
"perm": "0600",
|
||||||
|
"optional": true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"permissions": [
|
||||||
|
{
|
||||||
|
"path": "/var/log/kolla/zun",
|
||||||
|
"owner": "zun:zun",
|
||||||
|
"recurse": true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
33
ansible/roles/zun/templates/zun.conf.j2
Normal file
33
ansible/roles/zun/templates/zun.conf.j2
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
[DEFAULT]
|
||||||
|
debug = {{ zun_logging_debug }}
|
||||||
|
log_dir = /var/log/kolla/zun
|
||||||
|
transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||||
|
|
||||||
|
{% if service_name == 'zun-api' %}
|
||||||
|
osapi_zun_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
|
||||||
|
osapi_zun_listen_port = {{ zun_api_port }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
[database]
|
||||||
|
connection = mysql+pymysql://{{ zun_database_user }}:{{ zun_database_password }}@{{ zun_database_address }}/{{ zun_database_name }}
|
||||||
|
max_retries = -1
|
||||||
|
|
||||||
|
[zun_client]
|
||||||
|
version = 1
|
||||||
|
service_type = container
|
||||||
|
service_name = zun
|
||||||
|
|
||||||
|
[keystone_authtoken]
|
||||||
|
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
|
||||||
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
||||||
|
project_domain_name = Default
|
||||||
|
auth_type = password
|
||||||
|
project_domain_id = default
|
||||||
|
user_domain_id = default
|
||||||
|
project_name = service
|
||||||
|
username = {{ zun_keystone_user }}
|
||||||
|
password = {{ zun_keystone_password }}
|
||||||
|
|
||||||
|
memcache_security_strategy = ENCRYPT
|
||||||
|
memcache_secret_key = {{ memcache_secret_key }}
|
||||||
|
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
@ -612,3 +612,14 @@
|
|||||||
- { role: octavia,
|
- { role: octavia,
|
||||||
tags: octavia,
|
tags: octavia,
|
||||||
when: enable_octavia | bool }
|
when: enable_octavia | bool }
|
||||||
|
|
||||||
|
- name: Apply role zun
|
||||||
|
gather_facts: false
|
||||||
|
hosts:
|
||||||
|
- zun-api
|
||||||
|
- zun-compute
|
||||||
|
serial: '{{ serial|default("0") }}'
|
||||||
|
roles:
|
||||||
|
- { role: zun,
|
||||||
|
tags: zun,
|
||||||
|
when: enable_zun | bool }
|
||||||
|
@ -192,6 +192,7 @@ kolla_internal_vip_address: "10.10.10.254"
|
|||||||
#enable_trove: "no"
|
#enable_trove: "no"
|
||||||
#enable_vmtp: "no"
|
#enable_vmtp: "no"
|
||||||
#enable_watcher: "no"
|
#enable_watcher: "no"
|
||||||
|
#enable_zun: "no"
|
||||||
|
|
||||||
###################
|
###################
|
||||||
# Ceph options
|
# Ceph options
|
||||||
|
@ -144,6 +144,9 @@ searchlight_keystone_password:
|
|||||||
tacker_database_password:
|
tacker_database_password:
|
||||||
tacker_keystone_password:
|
tacker_keystone_password:
|
||||||
|
|
||||||
|
zun_database_password:
|
||||||
|
zun_keystone_password:
|
||||||
|
|
||||||
memcache_secret_key:
|
memcache_secret_key:
|
||||||
|
|
||||||
nova_ssh_key:
|
nova_ssh_key:
|
||||||
|
5
releasenotes/notes/add-zun-role-275d41711e0fe206.yaml
Normal file
5
releasenotes/notes/add-zun-role-275d41711e0fe206.yaml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- Add zun ansible role,Zun is an OpenStack project for the management of containers.
|
||||||
|
zun quick start guide link is
|
||||||
|
https://github.com/openstack/zun/blob/master/doc/source/dev/quickstart.rst
|
Loading…
x
Reference in New Issue
Block a user