25 Commits

Author SHA1 Message Date
Steven Dake
9c5e708fe2 Add pid_mode to libvirt
Libvirt requires pid_mode to Host to operate on Fedora Hosts.  Further
we will need this for libvirt upgrade.  I am not entirely sure why
libvirt running with pid=host gets things working, but it definately
has something to do with CentOS's libvirt's integration with systemd.

Nailing down the problem, the interface to the Docker module accepts only
None or "host".  There is no way to generate a None type except with !!null
in yml, but this does not work in the jinja2 parser.  As a result, one
solution is this conditional.  A better long term solution would be for
the Docker module to take some other argument to indicate None that can
be expressed in a string.

Change-Id: I54eb87e8ce8679bbf12f671527280c73e195b2e4
Closes-Bug: #1473270
2015-07-15 13:24:35 -07:00
Jenkins
8bb49e9653 Merge "Ansible Nova w/ libvirt support" 2015-07-15 03:36:01 +00:00
Sam Yaple
37ca7222bb fix possible symlink attack with ansible
The commands used to create a temporary file on the localhost were
vulnerable to a symlink attack. Removing the shell module and ensuring
the ansible copy and file module is used will verify this file exists as a
file with the correct permissions and ownership

Change-Id: I829483edf1435e41726ebfe1bc826e0c2e5265e3
Closes-Bug: 1471376
2015-07-14 02:51:54 +00:00
Jenkins
7c29bdd1af Merge "Add temporary Ansible keystone modules" 2015-07-13 17:16:37 +00:00
Sam Yaple
7da0b2a80c Ansible Nova w/ libvirt support
Initial support for Nova in Ansible

Partially-Implements: blueprint ansible-service

Change-Id: I4b0a74bd3e5daa5664f5e1e622bfb40c3285949e
2015-07-12 12:44:14 +00:00
Sam Yaple
05a6640a0f Add temporary Ansible keystone modules
Due to the licensing issues and the modules not existing in upstream
Ansible yet, I have written a simple module to fill the gaps.

This also uses Keystone v2.0 for all create of users, roles and
endpoints. The implementation of Keystone v3 must be discussed after the
new modules arrive.

Partially-Implements: blueprint ansible-service

Change-Id: I389edd56741360dd26fbbc0a982f365ca27ff446
2015-07-12 03:14:49 +00:00
Sam Yaple
8f194e50a0 Fixes an issue with AIO and galera clusters
AIO nodes had an address in the gcomm list which would prevent AIO
containers from starting appropriately.

Change-Id: I6db8c831ef9f9c0348748eb9539db326dc0df048
Closes-Bug: #1472481
2015-07-11 09:05:29 +00:00
Sam Yaple
e7a7cc9017 Ansible Glance support
Adds support for glance in ansible

Partially-Implements: blueprint ansible-service
Change-Id: I2d162e79f85877116b0e33b1843de6ccb62a445a
2015-07-09 15:29:55 +00:00
Sam Yaple
4c4181d54a Fix permissions on log directory for keystone
Additionally fixed bootstrap issue caused by an ansible bug in some
versions of the docker module.

Closes-Bug: #1472270
Change-Id: Ia5a370db5ab7690854afcd63492ba7dbbea29835
2015-07-08 09:35:33 +00:00
Jenkins
6998aaf891 Merge "make merge_configs idempotent" 2015-07-07 18:16:56 +00:00
Jenkins
de98d9ddb3 Merge "Have bootstrap script create the initial endpoint" 2015-07-07 12:34:35 +00:00
Sam Yaple
39e6075f29 make merge_configs idempotent
merge_configs can now check if the destination file has the same content
will be written. This information is used to inform ansible no change has
occured

Closes-Bug: 1471514
Change-Id: I78bce04505349d5aafbb027fd3f7d76ab6eccf6a
2015-07-06 07:26:00 +00:00
Sam Yaple
c80a8c282b Have bootstrap script create the initial endpoint
Due to a few issue that exist between keystone v3 and v2.0 the endpoint
needs to be created as v2.0. If it is created as v3, v2.0 queries will not
see the endpoint.

https://bugs.launchpad.net/keystone/+bug/1470635

Change-Id: Ie7ff88b8cbb23b3ca149cb6e8d5a18a427d22038
Partially-Implements: blueprint ansible-service
2015-07-05 15:36:22 +00:00
Sam Yaple
1d6e6899f6 Change restart policy for bootstrap container
Sets the restart policy to 'no' for bootstrap containers

Change-Id: I1044fdc70a6b7d50396fd923b6be67bd7c47faa2
Closes-Bug: 1471536
2015-07-05 12:13:18 +00:00
Sam Yaple
11597cc2f4 Updated keystone for wsgi in config-external
This will switch config-external to using wsgi vs evenlet for keystone.

Partially Implements: blueprint ansible-service

Change-Id: I85a88c813ed36d827916796199dad735b2d44b40
2015-07-03 14:17:02 +00:00
Sam Yaple
c97ccd6a5f Ansible Rabbitmq support
Adds initial support for Rabbitmq in Ansible using the CONFIG_EXTERNAL methods.

Additionally, this refactors some of the Rabbitmq config script to allow for
reuse by CONFIG_EXTERNAL.

Partially Implements: blueprint ansible-service

Change-Id: I1765548f7e4f1258eb8a49e2a23242955f52655d
2015-07-03 14:16:47 +00:00
Sam Yaple
efbfd7912b Ansible Mariadb w/ Galera support
Adds initial support for Mariadb with Galera replication in Ansible
using the CONFIG_EXTERNAL methods.

Additionally, this refactors some of the Galera config script to allow
for reuse by CONFIG_EXTERNAL.

Partially Implements: blueprint ansible-service

Change-Id: I566fea0376ecca39fc8a5167f9ff9ff434ea7b7e
2015-07-03 13:56:06 +00:00
Sam Yaple
3ac7da64d1 Add initial config function and keystone support
Add set_configs function that implements the flow from the proposed
ansible-multi spec. Move start.sh to config-internal.sh to preserve existing
behaviour.

config-externall.sh copies the appropriate configs in from the bind'd
location and sets permissions and ownership appropriately.

Partially Implements: blueprint ansible-multi

Change-Id: I53fca0660451087f273fefc3c63e0d8cf1a2c096
2015-06-30 17:26:23 +00:00
Paul Bourke
6d3be05e5b Move ansible/README.md under docs/
Move the Ansible README under the docs/ dir to make it more visible
to people browsing the docs.

Change-Id: Ibe38ac24ad5c328486f7a9dd13fbe825d77d26e0
2015-06-22 14:06:16 +00:00
weiyu
0e00ad2188 fix ansible libary passing error arguments.
kolla is mandatory to run a version of docker-compose that 
includes pid: host support.docker-compose 1.3.0 to include the
necessary features.

docker-compose 1.3.0 project.up() abandoned the parameters 
detach and use allow_recreate replace recreate parameters.
closes-Bug: #1458116

Change-Id: I1235da58db5bedf208ebaea2a54568964dc802f8
2015-06-02 10:49:25 +00:00
Fang Fenghua
5a1b0008f2 Add auth role to ansible
Add a auth role so ansible can deploy
keystone.

Change-Id: I3f41fe150654451aae6271cce59ddeb807945043
2015-05-05 19:08:47 +00:00
Sam Yaple
9a81566d05 Allow the Kolla directory to be configurable
Implements the initial structure for variable substitution in ansible.

Change-Id: I26d82189273be6ebf941b0ab82efc6bf1eebc53d
2015-04-03 09:28:59 -05:00
Sam Yaple
fd5c23ad7a Add and use ansible module for docker-compose
This ansible module for docker-compose allows for idempotency. I have
submitted a pull request upstream to ansible-modules-extra to include
this new module. When/if the module is accepted upstream if can be
removed from the local module library.

The two playbooks have been updated to use this module. The database
data container does not support idempotency due to the fact that it
exists instead of sleeps. Therefore each time `docker-compose up` is
called, it will start the container and register a change. The
message-broker does not have this issue and will remain unchanged even
repeatedly running these playbooks.

Due to the use of a special branch of docker-compose provided by sdake,
this module requires at least docker-compose==1.2.0rc1

Change-Id: If1644eaa3bff0c2a007fa2d479a95bea941945f6
2015-04-02 11:54:42 -05:00
Sam Yaple
15f6fede75 Add documentation for running with ansible tags
Additionally fix some md format mistakes.

Change-Id: Ica1600b16986303feb188976ec86972ca2f5b942
2015-03-31 09:40:07 -05:00
Sam Yaple
0f5af771ef Initial commit for adding ansible support
This adds a very basic structure to begin supporting ansible in Kolla.
Ansible can support complete idempotency, but wrapping docker-compose
does not allow idempotency at this time. These playbooks will be
extended to compensate for that in future patches.

Change-Id: I1c9e8d32321e2733f5a9b752edf74b4fe90317ed
2015-03-28 17:56:21 -05:00