59 Commits

Author SHA1 Message Date
Jeffrey Zhang
970652c46b Add missed octavia_ca_password variable in passwords.yml file
Change-Id: I17fe211ac6ccfc5bc1617ac6018833ccf4c69c7c
Implements: blueprint octavia-ansible-role
2017-01-13 14:17:26 +08:00
Jenkins
8fdfc403ea Merge "add panko role" 2017-01-06 19:33:28 +00:00
Ross Krumbeck
a9ade20bee Ansible-ize OpenStack Designate
Implement ansible role to deploy designate
and dependencies. The backend used is bind9.

Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>
Co-Authored-By: Eduardo Gonzalez <dabarren@gmail.com>

Depends-On: 6d0dc3e0f931c7c50b64a4659900cc50b0d860a2
Implements: blueprint ansible-designate
Change-Id: I34d8126e0cd8d71d5ced9b62f3776cc354fbb549
2017-01-05 14:34:15 +00:00
zhubingbing
3e7ed2c42c add panko role
Change-Id: I515fdcdf6093e9e59dbbdc97221d23ed7f4e0a3d
Partially-Implements: blueprint add-panko-ansible-role
2016-12-15 08:01:50 +00:00
Jeffrey Zhang
7f89522b94 Implement octavia ansible role
Change-Id: Ic72b49275627aff239b23e9862966923555a464f
Implements: blueprint octavia-ansible-role
2016-12-12 16:27:34 +08:00
Eduardo Gonzalez
79df5d84f8 Tacker NFV Ansible support
Add Ansible configuration for Tacker NFV service

Change-Id: I472d96e13a5270d1ee219c2f72f57d9c361f87a6
Partially-Implements: blueprint tacker-support
2016-11-29 17:19:21 +00:00
Jenkins
89dcde15ff Merge "Add solum ansible role" 2016-11-29 16:32:53 +00:00
caowei
90f2b7cd06 Add solum ansible role
Change-Id: I07f2df405574b55daa44fa381625e8be0c352607
Partially-implements: bp solum-ansible-role
2016-11-25 06:14:51 +08:00
zhubingbing
195a32b1e9 Add trove role
Add trove enable options and port configuration
Add trove groups to ansible inventory
Add defaults/main.yml
Add bootstrap Ansible task
Add config Ansible task
Add deploy Ansible task
Add pull Ansible task
Add register Ansible task
Add start Ansible task
Add upgrade Ansible task
Add reconfigure Ansible task
Add templatized json and .conf files for trove
Integrate trove with haproxy
Reference installation configuration link:http://docs.openstack.org/mitaka/install-guide-rdo/trove-install.html

Change-Id: I0bc6edbf2e495ce377f994f793bde979d5c55dbf
Implements: blueprint ansible-trove
2016-11-24 03:02:27 +00:00
liyingjun
ec57f589c4 Support searchlight ansible role
Searchlight is an Openstack search and index service, this patch
implements the ansible role for searchlight.

Implement blueprint: support-searchlight-deployment

Change-Id: Ibf42d5b259a6740d6596041f896e1009657b7388
2016-10-19 05:57:53 +00:00
Jenkins
ce3abeb0eb Merge "Allow use of database for Horizon sessions" 2016-09-22 04:00:28 +00:00
Hui Kang
0d28b311eb Add Kuryr ansible role
Change-Id: I7134bffab940ee780e5f5010d639af56f97b41d6
Co-authored-by: Mohammad Banikazemi <mb@us.ibm.com>
Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>
Co-Authored-By: Antoni Segura Puimedon <antonisp@celebdor.com>
Partially-implements: bp kuryr-docker-plugin
2016-09-15 23:47:22 +00:00
Hui Kang
a5b53f3a70 Add etcd ansible role
Change-Id: If8351ab3000006323a05924e907f1e3745768304
Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>>
Partially-implements: bp kuryr-docker-plugin
2016-09-15 03:33:57 +00:00
Jenkins
d438e1ca13 Merge "Added grafana role" 2016-09-14 18:14:58 +00:00
Mathias Ewald
fe61591a7c Added grafana role
Added ansible role to deploy grafana

Added host group for grafana deployment

Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>

Change-Id: I3dec4e8586b6f65fa7de66a48506d1c79de2fe1e
Partially-Implements: Blueprint performance-monitoring
2016-09-14 09:36:34 +00:00
Eduardo Gonzalez
abf83650a1 Add Senlin Ansible role
Change-Id: Ic941a396b5cd9abfb5e9941218e91b784f8bba0a
Implements: bp senlin-container
2016-09-14 07:20:22 +02:00
zhubingbing
e0537385d0 Add Barbican ansible role
Partially-Implements: blueprint barbican-ansible

Change-Id: Id6be35b1d0527d5c38d4ea8576b233ebcc404718
2016-09-13 02:56:27 +00:00
Paul Bourke
d3f65a812f Allow use of database for Horizon sessions
Database-backed sessions are scalable (using an appropriate database
strategy), persistent, and can be made high-concurrency and
highly-available [0]

Default is off.

[0] http://docs.openstack.org/developer/horizon/topics/deployment.html#database

Co-Authored-By: Vladislav Belogrudov <vladislav.belogrudov@oracle.com>
Closes-Bug: 1618781

Change-Id: Ib68a21397dc020d20e07dcc51d3d0fdc1de102ff
2016-09-08 12:49:02 +01:00
zhubingbing
0c9debe893 Add sahara ansible role
Change-Id: I75b58248bfc4e86cace75faa82526d55a9ebbdbf
Partially-Implements: blueprint sahara-role
2016-09-07 15:29:02 +00:00
Jenkins
5d8878de6d Merge "Add cloudkitty ansible role" 2016-09-07 15:21:44 +00:00
Christian Berendt
5f62c22959 Add cloudkitty ansible role
Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>

Change-Id: Id83c852e32c3dd583e6128e888ac511634e8eabb
Partially-Implements: blueprint cloudkitty
2016-09-07 14:10:06 +00:00
zhubingbing
d3d3472326 Implement Ansible rally role
Change-Id: I647c38adbfd00c70874cf51c0bfcb68d243e26cc
Partially-Implements: blueprint rally-role
2016-09-07 02:07:04 +00:00
zhubingbing
89392f4f6a Add gnocchi ansible role
Partially-Implements: blueprint ansible-gnocchi

Change-Id: I8dd0460bd21ac0a233fab0142ec7b6079459bdc2
2016-09-06 13:17:47 +00:00
mail2nadeem92
4b39d056ad Added Ansible playbook for congress deploy
Change-Id: Id04fe7a8f30ed0dae292933662036f4775e394a2
Partially-Implements: blueprint enable-congress-container
2016-09-01 10:43:03 +05:30
Sean Mooney
538dbac24a adds bifrost ssh key generation
- This change extend the genpwd.py
  command to generate an ssh key pair
  bifrost.
- This change bifrost config and bootstrap
  task to install the generated keys.
- This change updates the bifrost guide to
  discribe how to provide your own key.

Change-Id: I05243f58843d9195cace253dff5628fae89c78e8
Implements: blueprint bifrost-support
2016-08-31 13:12:20 +00:00
Jenkins
b29357e70c Merge "Add aodh role" 2016-08-31 12:52:58 +00:00
zhubingbing
7ce05f9782 Add aodh role
Partially-Implements: blueprint ansible-aodh

Change-Id: I9e20f4bf5e7d8f37f243ae15746e2b7bb49eb20c
2016-08-31 03:54:35 +00:00
Shaun Smekel
1c68ae389b Add full support for fernet
This addresses the ansible aspects of fernet key bootstrapping as
well as distributed key rotation.

- Bootstrapping is handled in the same way as keystone bootstrap.
- A new keystone-fernet and keystone-ssh container is created to allow
  the nodes to communicate with each other (taken from nova-ssh).
- The keystone-fernet is a keystone container with crontab installed.
  This will handle key rotations through keystone-manage and trigger
  an rsync to push new tokens to other nodes.
- Key rotation is setup to be balanced across the keystone nodes using
  a round-robbin style. This ensures that any node failures will not
  stop the keys from rotating. This is configured by a desired token
  expiration time which then determines the cron scheduling for each
  node as well as the number of fernet tokens in rotation.
- Ability for recovered node to resync with the cluster. When a node
  starts it will run sanity checks to ensure that its fernet tokens
  are not stale. If they are it will rsync with other nodes to ensure
  its tokens are up to date.

The Docker component is implemented in:
  https://review.openstack.org/#/c/349366

Change-Id: I15052c25a1d1149d364236f10ced2e2346119738
Implements: blueprint keystone-fernet-token
2016-08-25 20:08:22 +10:00
Sean Mooney
3e8f9986d1 add baremetal role to install kolla deps.
Change-Id: Ie70db1b18a73528b1194e4fbcf53d09fed20f4a0
Implements: blueprint kolla-host
2016-08-10 16:03:08 +00:00
Dave Walker (Daviey)
bb2397d26d Add Watcher default settings
This adds:
  - AIO and multinode inventory samples
  - Password (blank) fields for default password.yml
  - Default to not enabled, in globals.yml

This is the last changeset in the series to add basic
Watcher functionality to Kolla.

Change-Id: I9daec0eadc8dad3d37e03e7d69783af003af0916
Closes-bug: #1598929
Partially-implements: blueprint watcher
Signed-off-by: Dave Walker (Daviey) <email@daviey.com>
2016-08-05 09:17:28 +00:00
Hui Kang
4108c6c6ec Implement ceilometer ansible role
Change-Id: I13c50a78b2dc7c98b720a4b2e7161104213bd295
Implements: bp ansible-ceilometer
2016-06-16 22:05:56 -04:00
Jeffrey Zhang
9318b93c73 Remove the useless nova_ssh configure in the passwords.yml
The nova_ssh_private_key and nova_ssh_public_key is useless, and
they should not be merged.

Change-Id: I7e7178398242060a78fe7caee6e14fa77f2ffe35
Closes-Bug: #1576199
2016-04-28 20:55:56 +08:00
Jeffrey Zhang
42420830f6 Implement nova-ssh container
Add a nova-ssh container to handle the `nova migrate` and
`nova resize` case, in which the nova will use ssh to copy
files between machines.

Change-Id: Ie6675943f3aeabfbba8589d308d55b9c89d732db
Closes-Bug: #1562141
2016-04-03 07:21:17 +00:00
akwasniewska
ba62740a93 Add kibana authentication using HAproxy
Change-Id: Ib501571dd34cb68924775ce738499d63df5718dd
Closes-Bug: 1556487
2016-03-24 11:46:06 +01:00
Carlos Cesario
1d31b79e23 Remove static password
Remove static password into file passwords.yml

Change-Id: I68d766b9d9b4a7055629473de9bb9d6ab59d8503
Closes-Bug: #1559266
2016-03-21 18:12:32 -03:00
SamYaple
f03e06e09b Add generate_passwords.py to generate passwords
As with all tools, this is a first pass at the generation. Perhaps we
even want to move this into kolla/kolla/cmd and be generated with tox
itself in the future.

This tool, when run, will only populate empty fields that have no
values meaning that it is safe to run repeatedly on the same file.

Of note, there is no way to preserve comments in the file after it has
been processed by the yaml parser in python. Comments and sections
will remain in the passwords.yml template for additional documentation
if the user wishes to populate the file themselves.

Use SystemRandom and clean up the docs a bit to not use pronouns.

Co-Authored-By: Steven Dake <stdake@cisco.com>

Closes-Bug: #1559266
Change-Id: I2932d592df8871f1b7811059206d0b4d0553a687
2016-03-21 17:02:23 +00:00
SamYaple
d786ac948a Move manila variable
The user variable was incorrectly in passwords.yml

The naming was inconsistent, it should be prefixed with manila_*

Removed old unused variable

TrivialFix

Change-Id: I182797fcc6d62d35174403d78d71c8ad7ddcbc43
2016-03-19 23:55:13 +00:00
SamYaple
d4535b6dc3 Add memcached_servers to keystone_auth section
The in-process cache for keystone tokens has been deprecated due to
"incosistent results and high memory usage" with the expectation we
switch to memcached_servers if we want to stay performant.

Add memcache_servers [cache] section to the appropriate servers as the
[DEFAULT]\memcache_servers options was deprecated.

TrivialFix
Related-Id: Ied2b88c8cefe5655a88d0c2f334de04e588fa75a

Change-Id: Ic971bdddc0be3338b15924f7cc0f97d4a3ad2440
2016-03-19 21:53:03 +00:00
Jeffrey Zhang
e6b230d784 Add authentication for keepalived
TrivialFix

Closes-Bug: #1551314
Change-Id: Id85859500aec283703b6b6714abf213a42286182
2016-03-04 21:28:01 +08:00
Mauricio Lima
9786fd646f Add ansible support for Manila
Co-Authored-By: Marc Koderer <marc@koderer.com>
Change-Id: I16bab281f2eca341b7a649f766bae5f2cf18a117
Partially-Implements: blueprint enable-manila-containers
2016-03-01 10:55:47 -05:00
SamYaple
4edd0baf8d Remove keystone admin token
Admin token has been deprecated upstream. It will be removed in O. We
switch over to the new `keystone-manage bootstrap` method for creating
the initial admin user, role, and project.

Co-Authored-By: Sam Yaple <sam@yaple.net>
Change-Id: I6ca90e8d4c3b71009e24b049b2efbc08c05ebfbf
2016-03-01 00:14:06 +00:00
venkatamahesh
70de590a11 Use uppercase 'S' in word "OpenStack"
Change-Id: I27ca0ea75f3d6a4371c91b3cb2c7a999ec90fbc4
2016-02-15 12:37:30 +00:00
SamYaple
e7dfd63bfc Create nova-api database
This is a required patch.

Kilo introduced a nova-api database but didn't use it. [1]
Mitaka now uses it and has broken booting instances. [2]

[1] https://wiki.openstack.org/wiki/ReleaseNotes/Kilo#OpenStack_Compute_.28Nova.29
[2] df0fca62cf/releasenotes/notes/request-spec-api-db-b9cc6e0624d563c5.yaml

Change-Id: If0a7f4ba4937fab8d60f5236ca00db06faa768c7
Closes-Bug: #1540579
2016-02-02 21:56:54 +00:00
hparekh
409fc11e36 Ansible files for mistral containers.
Change-Id: Ifb55ff4a7ca70bc3d10fbb2ec067c245342d3288
Partially-implements: blueprint enable-mistral-container
2016-01-05 09:40:14 +09:00
Michal Rostecki
2cd5d9ed74 Add Ansible support for Magnum
Change-Id: Idb25ac4d3148c9b9400cf675ac2e47d35cce6224
Implements: blueprint ansible-magnum
2015-11-13 11:31:34 +01:00
Sam Yaple
2ea87ebdb7 Use memcache for consoleauth and horizon
Unfortunately there was no was to avoid memcache for consoleauth, so
we might as well take advantage of it for Horizon as well.

Change-Id: Idd338a025b031f6b50fe0c9f03c2c8d862f9d4c0
Closes-Bug: #1504606
Closes-Bug: #1504800
2015-10-15 10:47:21 +00:00
Jeff Peeler
f5a50a1d7d Add Ansible support for Ironic
Configuration based off upstream documentation here:
http://docs.openstack.org/developer/ironic/deploy/install-guide.html

A few notes:
-ironic-api is not configured to use mod_wsgi
-several places it's noted that discoverd is going away and needs to be
replaced with ironic-inspector - (sqlite connection should be changed
too)
-currently enabling ironic reconfigures nova compute (driver and
scheduler) as well as changes neutron network settings
-a nice enhancement would be to configure the web console

Required post-deployment configuration:

Create the flat network to launch the instances:

neutron net-create --tenant-id $TENANT_ID sharednet1 --shared \
--provider:network_type flat --provider:physical_network physnet1

neutron subnet-create sharednet1 $NETWORK_CIDR --name $SUBNET_NAME \
--ip-version=4 --gateway=$GATEWAY_IP --allocation-pool \
start=$START_IP,end=$END_IP --enable-dhcp

And then the above ID is used to set cleaning_network_uuid in the neutron
section of ironic.conf.

Change-Id: I572e7ff1f23c4e57a2c50817cafe9269fd9950dd
Implements: blueprint ironic-container
2015-09-28 16:10:43 -04:00
Sam Yaple
99c7eb1997 Make OpenStack use Ceph
This implements all the openstack pieces needed to make ceph work.

DocImpact
Change-Id: I1d24476a966602cf955e5ef872b0efb01319894a
Partially-Implements: blueprint ceph-container
Implements: blueprint kolla-live-migration
2015-09-25 20:11:18 +00:00
Sam Yaple
c86e66c9dc Ceph Ansible support
Add the initial playbooks for making ceph and ansible play nice
together.

This does not include all of the openstack changes to make things like
nova, glance, and cinder work. This will simply build the ceph cluster
and thats it. The next patchset will do the OpenStack integration.

DocImpact
Change-Id: Ie1697dde5f92e833652933a80f0004f31b641330
Partially-Implements: blueprint ceph-container
2015-09-24 12:33:43 +00:00
Qiu Yu
c7ceca711a Expose HAProxy stats for management purpose
Change-Id: Ia7263a9993e29c8f3db71e86264b786398224223
Closes-Bug: #1496658
2015-09-17 09:55:27 +08:00