openstack/kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/cloudkitty/defaults/main.yml
Matt Crees 6c2aace8d6 Integrate oslo-config-validator 
Regularly, we experience issues in Kolla Ansible deployments because we
use wrong options in OpenStack configuration files. This is because
OpenStack services ignore unknown options. We also need to keep on top
of deprecated options that may be removed in the future. Integrating
oslo-config-validator into Kolla Ansible will greatly help.

Adds a shared role to run oslo-config-validator on each service. Takes
into account that services have multiple containers, and these may also
use multiple config files. Service roles are extended to use this shared
role. Executed with the new command ``kolla-ansible validate-config``.

Change-Id: Ic10b410fc115646d96d2ce39d9618e7c46cb3fbc
2022-12-21 17:19:09 +00:00

221 lines
9.5 KiB
YAML
Raw Blame History

---
cloudkitty_services:
cloudkitty-api:
container_name: "cloudkitty_api"
group: "cloudkitty-api"
image: "{{ cloudkitty_api_image_full }}"
enabled: True
volumes: "{{ cloudkitty_api_default_volumes + cloudkitty_api_extra_volumes }}"
dimensions: "{{ cloudkitty_api_dimensions }}"
healthcheck: "{{ cloudkitty_api_healthcheck }}"
haproxy:
cloudkitty_api:
enabled: "{{ enable_cloudkitty }}"
mode: "http"
external: false
port: "{{ cloudkitty_api_port }}"
cloudkitty_api_external:
enabled: "{{ enable_cloudkitty }}"
mode: "http"
external: true
port: "{{ cloudkitty_api_port }}"
cloudkitty-processor:
container_name: "cloudkitty_processor"
group: "cloudkitty-processor"
image: "{{ cloudkitty_processor_image_full }}"
enabled: True
volumes: "{{ cloudkitty_processor_default_volumes + cloudkitty_processor_extra_volumes }}"
dimensions: "{{ cloudkitty_processor_dimensions }}"
healthcheck: "{{ cloudkitty_processor_healthcheck }}"
####################
# Config Validate
####################
cloudkitty_config_validation:
- generator: "/cloudkitty/etc/oslo-config-generator/cloudkitty.conf"
config: "/etc/cloudkitty/cloudkitty.conf"
####################
# Database
####################
cloudkitty_database_name: "cloudkitty"
cloudkitty_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}cloudkitty{% endif %}"
cloudkitty_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}"
####################
# Database sharding
####################
cloudkitty_database_shard_root_user: "{% if enable_proxysql | bool %}root_shard_{{ cloudkitty_database_shard_id }}{% else %}{{ database_user }}{% endif %}"
cloudkitty_database_shard_id: "{{ mariadb_default_database_shard_id | int }}"
cloudkitty_database_shard:
users:
- user: "{{ cloudkitty_database_user }}"
password: "{{ cloudkitty_database_password }}"
rules:
- schema: "{{ cloudkitty_database_name }}"
shard_id: "{{ cloudkitty_database_shard_id }}"
####################
# Docker
####################
cloudkitty_tag: "{{ openstack_tag }}"
cloudkitty_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/cloudkitty-api"
cloudkitty_api_tag: "{{ cloudkitty_tag }}"
cloudkitty_api_image_full: "{{ cloudkitty_api_image }}:{{ cloudkitty_api_tag }}"
cloudkitty_processor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/cloudkitty-processor"
cloudkitty_processor_tag: "{{ cloudkitty_tag }}"
cloudkitty_processor_image_full: "{{ cloudkitty_processor_image }}:{{ cloudkitty_processor_tag }}"
cloudkitty_processor_dimensions: "{{ default_container_dimensions }}"
cloudkitty_api_dimensions: "{{ default_container_dimensions }}"
cloudkitty_api_default_volumes:
- "{{ node_config_directory }}/cloudkitty-api/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/cloudkitty/cloudkitty:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/cloudkitty' if cloudkitty_dev_mode | bool else '' }}"
cloudkitty_processor_default_volumes:
- "{{ node_config_directory }}/cloudkitty-processor/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/cloudkitty/cloudkitty:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/cloudkitty' if cloudkitty_dev_mode | bool else '' }}"
cloudkitty_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
cloudkitty_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
cloudkitty_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
cloudkitty_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
cloudkitty_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ cloudkitty_api_port }}"]
cloudkitty_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
cloudkitty_api_healthcheck:
interval: "{{ cloudkitty_api_healthcheck_interval }}"
retries: "{{ cloudkitty_api_healthcheck_retries }}"
start_period: "{{ cloudkitty_api_healthcheck_start_period }}"
test: "{% if cloudkitty_api_enable_healthchecks | bool %}{{ cloudkitty_api_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ cloudkitty_api_healthcheck_timeout }}"
cloudkitty_processor_enable_healthchecks: "{{ enable_container_healthchecks }}"
cloudkitty_processor_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
cloudkitty_processor_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
cloudkitty_processor_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
cloudkitty_processor_healthcheck_test: ["CMD-SHELL", "healthcheck_port cloudkitty-processor {{ om_rpc_port }}"]
cloudkitty_processor_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
cloudkitty_processor_healthcheck:
interval: "{{ cloudkitty_processor_healthcheck_interval }}"
retries: "{{ cloudkitty_processor_healthcheck_retries }}"
start_period: "{{ cloudkitty_processor_healthcheck_start_period }}"
test: "{% if cloudkitty_processor_enable_healthchecks | bool %}{{ cloudkitty_processor_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ cloudkitty_processor_healthcheck_timeout }}"
cloudkitty_extra_volumes: "{{ default_extra_volumes }}"
cloudkitty_processor_extra_volumes: "{{ cloudkitty_extra_volumes }}"
cloudkitty_api_extra_volumes: "{{ cloudkitty_extra_volumes }}"
####################
# OpenStack
####################
cloudkitty_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ cloudkitty_api_port }}"
cloudkitty_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ cloudkitty_api_port }}"
cloudkitty_logging_debug: "{{ openstack_logging_debug }}"
cloudkitty_keystone_user: "cloudkitty"
openstack_cloudkitty_auth: "{{ openstack_auth }}"
cloudkitty_api_workers: "{{ openstack_service_workers }}"
cloudkitty_processor_workers: "{{ openstack_service_workers }}"
####################
# Cloudkitty
####################
cloudkitty_openstack_keystone_default_role: "rating"
####################
# Kolla
####################
cloudkitty_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
cloudkitty_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
cloudkitty_dev_mode: "{{ kolla_dev_mode }}"
cloudkitty_source_version: "{{ kolla_source_version }}"
cloudkitty_custom_metrics_yaml_file: "metrics.yml"
####################
# Storage backend
####################
# InfluxDB retention policy to use (defaults to autogen).
# cloudkitty_influxdb_retention_policy: "autogen"
# Set to true to use SSL for InfluxDB connections.
cloudkitty_influxdb_use_ssl: false
# Path of the CA certificate to trust for HTTPS connections.
# cloudkitty_influxdb_cafile: "{{ openstack_cacert }}"
# Set to true to authorize insecure HTTPS connections to InfluxDB.
# This means, HTTPS connections without validating the certificate used by InfluxDB
# cloudkitty_influxdb_insecure_connections: false
cloudkitty_influxdb_name: "cloudkitty"
# Set the elasticsearch index name.
cloudkitty_elasticsearch_index_name: "cloudkitty"
# Set the elasticsearch host URL.
cloudkitty_elasticsearch_url: "{{ internal_protocol }}://{{ opensearch_address }}:{{ opensearch_port }}"
# Path of the CA certificate to trust for HTTPS connections.
# cloudkitty_elasticsearch_cafile: "{{ openstack_cacert }}"
# Set to true to authorize insecure HTTPS connections to Elasticsearch.
# This means, HTTPS connections without validating the certificate used by elasticsearch
cloudkitty_elasticsearch_insecure_connections: false
####################
# Collector
####################
# Valid options are 'gnocchi' or 'prometheus'. The default value is
# 'gnocchi', which matches the default in Cloudkitty.
cloudkitty_collector_backend: "gnocchi"
# Set prometheus collector URL.
cloudkitty_prometheus_url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ prometheus_port }}/api/v1"
# Path of the CA certificate to trust for HTTPS connections.
# cloudkitty_prometheus_cafile: "{{ openstack_cacert }}"
# Set to true to authorize insecure HTTPS connections to Prometheus.
# This means, HTTPS connections without validating the certificate used by prometheus.
cloudkitty_prometheus_insecure_connections: false
####################
# Fetcher
####################
# Valid options are 'keystone', 'source', 'gnocchi' or 'prometheus'.
# The default value is 'keystone', which matches the default in CloudKitty.
cloudkitty_fetcher_backend: "keystone"
####################
# Keystone
####################
cloudkitty_ks_services:
- name: "cloudkitty"
type: "rating"
description: "OpenStack Rating"
endpoints:
- {'interface': 'internal', 'url': '{{ cloudkitty_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ cloudkitty_public_endpoint }}'}
cloudkitty_ks_users:
- project: "service"
user: "{{ cloudkitty_keystone_user }}"
password: "{{ cloudkitty_keystone_password }}"
role: "admin"
cloudkitty_ks_roles:
- "{{ cloudkitty_openstack_keystone_default_role }}"
View Git Blame Copy Permalink