44 Commits

Author SHA1 Message Date
Michal Jastrzebski
26524c7475 Playbook for keystone upgrade
New playbook for keystone release upgrade.

Co-Authored-By: SamYaple <sam@yaple.net>
Change-Id: I387abb30e5ead0033430848164d250fce739d2fd
Implements: blueprint upgrade-keystone
Partially-Implements: blueprint upgrade-kolla
2016-01-13 18:48:55 +00:00
SamYaple
9efc593c8f Allow keystone role to pull images
Change-Id: I64aff93368da7580b6cc1369a42be0904a670f98
Partially-Implements: blueprint pre-pull-images
2016-01-06 04:23:28 +00:00
SamYaple
bc1cc939d2 Convert Keystone to kolla_docker
Change-Id: Ia1beaf8205317f8c628fa1efcb65be90a9ad8237
Partially-Implements: blueprint kolla-docker-module
2015-12-31 16:38:56 +00:00
Jenkins
027e70f9a2 Merge "Simplify config creation" 2015-12-23 13:19:08 +00:00
SamYaple
74e9126fdb Remove unneeded variables passed into keystone
During the bootstrap we no longer need to pass in this info

TrivialFix
Related-Bug: #1526251
Related-Id: Ieee215b9de1618b3d31f3d1a766a9d0ebafdee4d

Change-Id: I82460cf11dea4692c0469bf2b9afddd794a30ec1
2015-12-22 22:19:13 +00:00
Jenkins
4a2e728688 Merge "Convert to pymysql" 2015-12-22 15:47:02 +00:00
SamYaple
026942e9c5 Convert to pymysql
Closes-Bug: #1528432
Change-Id: I6e56f283521b29678964cb655ac3cff2d13b8246
2015-12-22 04:30:32 +00:00
SamYaple
ed82afa8e9 Simplify config creation
Convert config creation from a playbook to an action_plugin. This
reduces the complexity and confusion while retaining the same augment
structure and flexibility.

This allows us to remove the 0-byte files as requirements. They will
still be used if they are present (this means we require additional
documentation around them).

DocImpact
Closes-Bug: #1528430
Change-Id: I2c789f6be9f195c7771ca093a6d59499564b4740
2015-12-22 04:28:53 +00:00
Jeffrey Zhang
b766695f18 Move the admin account creation to register.yml
Create the admin project, user, role and keystone service info by
using ansible task rather than shell script

Closes-Bug: #1526251
Change-Id: Ieee215b9de1618b3d31f3d1a766a9d0ebafdee4d
2015-12-15 23:20:53 +08:00
Michal Jastrzebski
aab1bd36c8 Sanity check for glance
This runs first sanity check for glance. After glance is deployed
it checks images.list(). Also consist few fixes for previous patches

Change-Id: I03d05d246302d8411b2e94c94ca7fe046c00d735
Partially-Implements: blueprint sanity-check-container
2015-12-02 14:19:01 -06:00
Michal Jastrzebski
f632cfe878 Sanity check for keystone
This runs first sanity check for keystone. After keystone is deployed
it checks tenants.list()

Change-Id: Ie919ffe6124eb70428309404a434d9b0eb0b9f70
Partially-Implements: blueprint sanity-check-container
2015-12-02 10:27:36 -06:00
Michal Rostecki
febcb600f1 Source installation in virtualenv
Use virtualenv for installation of OpenStack projects and
dependencies to avoid conflicts with Python libraries installed
by non-OpenStack binary packages.

Change-Id: I21ecd673b2e93335b1d3dd4e279e940c9d694c3c
Implements: blueprint virtualenv
2015-11-27 10:22:17 +01:00
Sam Yaple
97a8ba6fd7 Fix incorrect ansible variable
Change-Id: Ic6755dfe5c3741e4a945c8353f643bbf1479c172
Closes-Bug: #1519040
2015-11-23 17:37:04 +00:00
Sam Yaple
970617b80a Make the database json variable more readable
Additionally remove tty from the container cleanup docker section. It
was added in a sed in a previous patchset by serves no purpose.

Change-Id: Ib617870616bca687f72ffaa44b2e9a3a11ef1011
Partially-Implements: blueprint cleanup-playbooks
2015-11-23 17:24:22 +00:00
Hui Kang
790bf336d5 Fix bootstrap for services
The bootstrap tasks could be started on any node listed in the
site.yml

The issue is that all the tasks must run on the same node, and the
only node that all the tasks can run on is the 'api' node due to
needing to start the bootstrap container which binds in the configs.

delegate_to is required to ensure that the proper node gets the task.

Co-Authored-By: Sam Yaple <sam@yaple.net>
Change-Id: Ica04ab366777a571a92212ac22c482f1881d4ecd
Closes-Bug: #1513598
Related-Bug: #1513439
2015-11-23 17:09:36 +00:00
akwasniewska
206455120f Fixed log error messages from keystone to syslog.
Rsyslog adapted to filter keystone error log messages.

Related bug: 1516462

Change-Id: I4d8d4280dc8fef870d56d8466ed466241ee18e64
2015-11-17 20:27:08 +01:00
Sam Yaple
6b28343017 Incorrect parsed variable name
database_user_create was not correctly referenced when parsing the
variable names. This could never actually lead to a situation that
reported a false change, but it could break an operation if you were
using the --step option with ansible and skipped the database create
task.

TrivialFix
Backport: Liberty

Change-Id: Idf69fffcc3814f509448ccea11b7d175f074ccf1
2015-11-09 10:47:15 +00:00
Sam Yaple
b2ac6e80cd Add tty to containers
sudo requires a tty to function by default on centos. Instead of
tweaking the sudo conf we can just add a tty. This has the added
advantage of making the containers more friendly if you have to
`docker exec -i <container> bash` into them.

Change-Id: If97a02ca1d37c243a787d98ade54bde8d641aecd
backport: liberty
Partially-Implements: blueprint functional-testing-gate
2015-10-14 10:54:33 +00:00
Sam Yaple
c5be228be8 Bump ansible to 1.9.2
Ansible 1.9.2 contains the fix needed for docker-py >1.2.0

This is needed for some gate reasons, but it is also a good version
bump because it fixes a few issues with delegate_to.

Change-Id: Iafbabb3b0232620849d0548c5cd9d8d316c2b0f3
backport: liberty
Partially-Implements: blueprint functional-testing-gate
2015-10-13 15:13:34 +00:00
Sam Yaple
94162bd08f Bring Kolla inline with FHS
This brings Kolla images inline with FHS and should make finding
locations of things more consistent and reliable with the linux world
at large.

Change-Id: Iece5b4da4bace0fb8b1f41a65ab2c852ec73e6f8
Closes-Bug: #1485742
2015-10-06 03:30:53 +00:00
Michal Jastrzebski
f99a27f0c5 Keystone logging to rsyslog
Configure keystone to use rsyslog container as logging mechanism

Change-Id: Id77574fe841e9c2a9d870b712ffd0c26b5463ded
Implements: bp logging-container
2015-09-24 14:08:25 +02:00
rthallisey
180e8c3331 Replace config-external with a JSON file for Keystone
Change-Id: I4c403edb7cd16f587f30a313c1943f070512eda3
Partially-Implements: blueprint replace-config-external
2015-09-18 15:19:06 -04:00
Sam Yaple
f42528acaf Properly check failed status
No need for a new task.

Change-Id: I958f87ac9a1434a2f6052e0271f37e5f3109775e
Closes-Bug: #1492337
2015-09-06 11:21:44 +00:00
Vladislav Belogrudov
7f81dbc85b Check exit status of bootstrap containers
Currently bootstrap containers are waited to exit but are not
checked for exit status and ansible runs further tasks. If
bootstrapping fails we notice it at much later time.

Change-Id: I137fc11b0f9d1f03d2ded08a213e8dbd62741f92
Closes-Bug: #1492337
2015-09-04 19:47:54 +03:00
Jenkins
539862aeb0 Merge "Fix typo in task bootstrap task names" 2015-08-31 11:15:01 +00:00
Paul Bourke
f5c996e77d Fix typo in task bootstrap task names
Not quite halloween yet...

Change-Id: Ib1973eea0b2dddc0e0845731d1212c4d4447cca5
Closes-Bug: #1490502
2015-08-31 11:27:10 +01:00
Sam Yaple
7f17203406 Keystone container should use the openstackclient
Initially it did not use this client due to the fact that the client
didn't seem to want to work in the containers. Now it works fine and
it should be used instead of the deprecated keystone client

Change-Id: Ib0e172c677e200e5df01c478b7ea257b30c0df0b
Closes-Bug: #1490126
2015-08-30 08:35:54 +00:00
Sam Yaple
17333aed12 Fix keystone for Ubuntu
Due to the differences between Ubuntu and Centos around Apache2 I have
had to copy both start.sh and config-external.sh to be unique files
for Ubuntu so as not to affect Centos either. This can be removed when
we change the way config-external works.

Change-Id: I14dc11e7bb6284b897259a53acc914ae8f254d3c
Partially-Implements: blueprint install-from-ubuntu
2015-08-23 06:07:04 +00:00
Steven Dake
98b98924ee Use database_user_create in the register operation
The register operation was registering user_database which is a global
variable in group_vars/all.yml.  This results in glance not being deployable
because user_database is overwrriten at keystone task registration time.

The result of this is the playbooks fail to deploy.

Change-Id: Ic69725fb09aa0a368ec5b0d8f47bfc768c29c70c
Closes-Bug: #1486876
2015-08-20 00:49:31 -07:00
Sam Yaple
cf3fd4043a Update mariadb confs and ports
Cleanup all options in galera.cnf. Bind to all interfaces and ports
appropriately.

Change-Id: I516613d09673ba61aadda2c7bbb4abbbe4ea47ac
Partially-Implements: blueprint update-configs
Closes-Bug: #1478330
2015-08-13 02:27:38 +00:00
Vladislav Belogrudov
fe9092bab7 Ansible should wait bootstrap container on first host
Bootstrapping of Keystone/Glance happens on first host
via 'run_once'. After running bootstrap containers we
should wait for them also on the same host. Currently
waiting is done on all hosts what gives task error on
other hosts.

Change-Id: I6eac928d405ea819982118d9b567988074be4ed2
Closes-Bug: #1483224
2015-08-10 15:59:50 +03:00
Sam Yaple
f2d575b9c6 Remove Ansible abstraction for Keystone
Change-Id: I0daf8b78f39b919d2b88336322203f1d643fc54b
Partial-Bug: #1482214
Partially-Implements: blueprint remove-abstraction-ansible
2015-08-08 06:01:44 +00:00
Sam Yaple
98a379b0fd Reduce dependencies on the dest nodes
Currently we require a slew of deps on each destination node, this
includes a gcc compiler and installing things via pip. We can remove
these dependencies by containerizing them and running and Ansible
inside the container itself. The container would then report back
facts about idempotency.

DocImpact
Closes-Bug: #1481495
Implements: blueprint containerize-dependencies
Change-Id: I3dfccbf9fafc06ffc36e78f3006fe5d3367891df
2015-08-06 01:32:05 +00:00
Sam Yaple
0fb09203d5 Removes unneeded variables
These variables are defined in the defaults.yml file

Change-Id: I45de4fbd41c50e2a8fe3233cdffc467c9a594aa5
Closes-Bug: #1480498
2015-08-01 00:40:28 +00:00
Vladislav Belogrudov
2887c6d2e4 Add missing slash if docker registry is specified
If user specifies registry a full image name is constructed by
concatenation of the registry, namespace and image. Currently
concatenation does not include '/' if registry is non-empty but
it should. If registry is empty '/' is not required.
This fix covers both use cases with help of Ansible filter.

Change-Id: I0588dd0da55d777e6caa7eb47d51b2435d38d5e0
Closes-Bug: #1479013
2015-07-31 18:38:16 +03:00
Sam Yaple
e4e0eb439e Remove psuedo-legalize as it is no longer valid
Change-Id: I8eb94b9beec3ebee9f9c80584e05f568b264749f
2015-07-28 18:49:42 +00:00
Sam Yaple
e7a7cc9017 Ansible Glance support
Adds support for glance in ansible

Partially-Implements: blueprint ansible-service
Change-Id: I2d162e79f85877116b0e33b1843de6ccb62a445a
2015-07-09 15:29:55 +00:00
Sam Yaple
4c4181d54a Fix permissions on log directory for keystone
Additionally fixed bootstrap issue caused by an ansible bug in some
versions of the docker module.

Closes-Bug: #1472270
Change-Id: Ia5a370db5ab7690854afcd63492ba7dbbea29835
2015-07-08 09:35:33 +00:00
Jenkins
de98d9ddb3 Merge "Have bootstrap script create the initial endpoint" 2015-07-07 12:34:35 +00:00
Sam Yaple
c80a8c282b Have bootstrap script create the initial endpoint
Due to a few issue that exist between keystone v3 and v2.0 the endpoint
needs to be created as v2.0. If it is created as v3, v2.0 queries will not
see the endpoint.

https://bugs.launchpad.net/keystone/+bug/1470635

Change-Id: Ie7ff88b8cbb23b3ca149cb6e8d5a18a427d22038
Partially-Implements: blueprint ansible-service
2015-07-05 15:36:22 +00:00
Sam Yaple
1d6e6899f6 Change restart policy for bootstrap container
Sets the restart policy to 'no' for bootstrap containers

Change-Id: I1044fdc70a6b7d50396fd923b6be67bd7c47faa2
Closes-Bug: 1471536
2015-07-05 12:13:18 +00:00
Sam Yaple
11597cc2f4 Updated keystone for wsgi in config-external
This will switch config-external to using wsgi vs evenlet for keystone.

Partially Implements: blueprint ansible-service

Change-Id: I85a88c813ed36d827916796199dad735b2d44b40
2015-07-03 14:17:02 +00:00
Sam Yaple
3ac7da64d1 Add initial config function and keystone support
Add set_configs function that implements the flow from the proposed
ansible-multi spec. Move start.sh to config-internal.sh to preserve existing
behaviour.

config-externall.sh copies the appropriate configs in from the bind'd
location and sets permissions and ownership appropriately.

Partially Implements: blueprint ansible-multi

Change-Id: I53fca0660451087f273fefc3c63e0d8cf1a2c096
2015-06-30 17:26:23 +00:00
Fang Fenghua
5a1b0008f2 Add auth role to ansible
Add a auth role so ansible can deploy
keystone.

Change-Id: I3f41fe150654451aae6271cce59ddeb807945043
2015-05-05 19:08:47 +00:00