From c92b99d3f431eddc51e85457c8e214a601f77f1c Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Fri, 2 Apr 2021 17:06:41 +0300 Subject: [PATCH] Update trove configuration We haven't payed attention to the trove for a while and we need to align configuration with current state of the service. trove-conductor and trove-taskmanager configs are not loaded by trove services anymore (at least by default), so we merge all options into trove.conf Also defaults and deprecated options are dropped from the config. We implement bunch of new variables to cover missed logic and some usecases. Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/784565 Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/784113 Change-Id: I2ba758de38ed3fee10fe1485aa25621eddbf9046 --- defaults/main.yml | 54 ++++++--- doc/source/index.rst | 1 + handlers/main.yml | 9 +- .../trove_merge_config-f52eecb1e3501fd6.yaml | 71 +++++++++++ tasks/main.yml | 4 +- tasks/trove_db_sync.yml | 5 +- tasks/trove_post_install.yml | 66 +++------- templates/include_db.j2 | 41 ------- templates/trove-conductor.conf.j2 | 28 ----- templates/trove-guestagent.conf.j2 | 113 ++++-------------- templates/trove-taskmanager.conf.j2 | 107 ----------------- templates/trove.conf.j2 | 112 +++++++++-------- 12 files changed, 213 insertions(+), 398 deletions(-) create mode 100644 releasenotes/notes/trove_merge_config-f52eecb1e3501fd6.yaml delete mode 100644 templates/include_db.j2 delete mode 100644 templates/trove-conductor.conf.j2 delete mode 100644 templates/trove-taskmanager.conf.j2 diff --git a/defaults/main.yml b/defaults/main.yml index 9937a50..dcab346 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -37,17 +37,15 @@ trove_system_user_home: "/var/lib/{{ trove_system_user_name }}" trove_log_directory: /var/log/trove trove_etc_directory: /etc/trove -trove_admin_user_name: admin_trove_user - trove_service_name: trove -trove_service_user_name: "{{ trove_admin_user_name }}" -trove_service_tenant_name: trove_for_trove_usage +trove_service_user_name: trove trove_service_type: database trove_service_description: "OpenStack DBaaS (Trove)" -trove_service_project_name: "{{ trove_service_tenant_name }}" +trove_service_project_name: service trove_service_admin_role_names: - admin trove_service_region: "{{ service_region | default('RegionOne') }}" +trove_service_endpoint_type: internal trove_service_host: "{{ openstack_service_bind_address | default('0.0.0.0') }}" trove_service_port: 8779 trove_service_proto: http @@ -96,7 +94,6 @@ trove_db_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter | d trove_galera_address: "{{ galera_address | default('127.0.0.1') }}" trove_galera_database_name: trove trove_galera_user: trove -trove_db_sync_options: trove_galera_use_ssl: "{{ galera_use_ssl | default(False) }}" trove_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}" trove_galera_port: "{{ galera_port | default('3306') }}" @@ -144,17 +141,15 @@ trove_rabbit_notification_topic: notification # The value of 'net_name' field of the provider network network to use for infrastructure services trove_provider_net_name: dbaas-mgmt trove_provider_network: "{{ provider_networks|map(attribute='network')|selectattr('net_name','defined')|selectattr('net_name', 'equalto', trove_provider_net_name)|list|first }}" -# The value of 'ip_from_q' field -trove_provider_ip_from_q: "{{ trove_provider_network['ip_from_q'] }}" -# The name of the network address pool -trove_container_net_name: "{{ trove_provider_ip_from_q }}_address" -trove_guest_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers | default('127.0.0.1') }}" +# The name of the network interface +trove_provider_net_iface: "{{ (is_metal | bool) | ternary(trove_provider_network['container_bridge'], trove_provider_network['container_interface']) }}" +trove_guest_endpoint_type: public +trove_guest_rpc_host_group: "{{ oslomsg_rpc_host_group | default('rabbitmq_all') }}" +trove_guest_oslomsg_rpc_servers: "{{ groups[trove_guest_rpc_host_group] | map('extract', hostvars, 'ansible_facts') | map(attribute=trove_provider_net_iface | replace('-','_')) | map(attribute='ipv4.address') | join(',') }}" trove_guest_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}" -trove_guest_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}" +trove_guest_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}" +trove_guest_oslomsg_notify_servers: "{{ groups[trove_guest_notify_host_group] | map('extract', hostvars, 'ansible_facts') | map(attribute=trove_provider_net_iface | replace('-','_')) | map(attribute='ipv4.address') | join(',') }}" trove_guest_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl | default(False) }}" -# For OpenStack services that have public, admin, and internal access, use the public ones for the guest VMs. -trove_guest_auth_url: "{{ keystone_service_publicurl }}" -trove_guest_swift_url: "{{ trove_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ swift_proxy_port }}/v1/AUTH_" # Trove image settings. # Set the directory where the downloaded images will be stored @@ -173,6 +168,25 @@ trove_image_path_owner: "{{ lookup('env', 'USER') }}" # checksum: "sha256:9a5252e24b82a5edb1ce75b05653f59895685b0f1028112462e908a12deae518" trove_guestagent_images: [] +# For OpenStack services that have public, admin, and internal access, use the public ones for the guest VMs. +trove_guest_auth_url: "{{ keystone_service_publicurl }}" +trove_guest_swift_url: "{{ trove_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ swift_proxy_port }}/v1/AUTH_" + +trove_swift_enabled: "{{ (groups['swift_all'] is defined and groups['swift_all'] | length > 0) or (groups['ceph-rgw'] is defined and groups['ceph-rgw'] | length > 0) or (ceph_rgws is defined and ceph_rgws | length > 0) }}" +trove_designate_enabled: "{{ (groups['designate_all'] is defined and groups['designate_all'] | length > 0) }}" +trove_cinder_enabled: "{{ (groups['cinder_volume'] is defined and groups['cinder_volume'] | length > 0) }}" + +trove_service_neutron_endpoint_type: "{{ trove_service_endpoint_type }}" +trove_service_cinder_endpoint_type: "{{ trove_service_endpoint_type }}" +trove_service_nova_endpoint_type: "{{ trove_service_endpoint_type }}" +trove_service_glance_endpoint_type: "{{ trove_service_endpoint_type }}" +trove_service_swift_endpoint_type: "{{ trove_service_endpoint_type }}" + +trove_dns_domain_name: 'trove.com.' +trove_dns_domain_id: '00000000-0000-0000-0000-000000000000' +# Notification topics for designate. +trove_notifications_designate: notifications_designate + # Trove service network settings. # These values are used when creating an OpenStack network to be used by Trove. By default the network will # not be created. @@ -188,7 +202,10 @@ trove_service_net_subnet_cidr: "172.29.252.0/22" trove_service_net_dhcp: "True" trove_service_net_allocation_pool_start: "172.29.252.110" trove_service_net_allocation_pool_end: "172.29.255.254" -trove_service_net_endpoint_type: internal +trove_service_net_endpoint_type: "{{ trove_service_endpoint_type }}" + +# UUID of security groups that will be attached to the management net of guests +trove_management_security_groups: [] # RPC encryption keys # See the Trove documentation as to the significance of the rpc encryption keys @@ -202,12 +219,13 @@ trove_required_secrets: - trove_admin_user_password - trove_taskmanager_rpc_encr_key - trove_inst_rpc_key_encr_key + - trove_instance_rpc_encr_key # Keystone AuthToken/Middleware trove_keystone_auth_plugin: "{{ trove_keystone_auth_type }}" trove_keystone_auth_type: password trove_service_project_domain_name: Default -trove_service_user_domain_name: default +trove_service_user_domain_name: Default trove_service_project_domain_id: default trove_service_user_domain_id: default @@ -235,8 +253,6 @@ trove_optional_oslomsg_amqp1_pip_packages: ## Tunable overrides trove_config_overrides: {} trove_api_paste_ini_overrides: {} -trove_conductor_config_overrides: {} -trove_taskmanager_config_overrides: {} trove_guestagent_config_overrides: {} trove_policy_overrides: {} trove_api_init_config_overrides: {} diff --git a/doc/source/index.rst b/doc/source/index.rst index 9cc63c1..beadd73 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -37,6 +37,7 @@ To use this role, define the following variables: # Trove RPC encryption keys. trove_taskmanager_rpc_encr_key: trove_inst_rpc_key_encr_key: + trove_instance_rpc_encr_key: This list is not exhaustive at present. See role internals for further details. diff --git a/handlers/main.yml b/handlers/main.yml index a5ee2d6..6249d9d 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -19,6 +19,7 @@ systemd: name: "{{ trove_services['trove-api']['service_name'] }}" state: "restarted" + when: "'trove-api' in filtered_trove_services" listen: - "Restart trove services" - "venv changed" @@ -40,10 +41,14 @@ - "venv changed" # NOTE (noonedeadpunk): Remove this task after Xena release -- name: Remove obsoleted policy.json +- name: Remove obsoleted config files file: - path: "/etc/trove/policy.json" + path: "{{ item }}" state: absent + with_items: + - /etc/trove/policy.json + - /etc/trove/trove-conductor.conf + - /etc/trove/trove-taskmanager.conf listen: - "Restart trove services" - "venv changed" diff --git a/releasenotes/notes/trove_merge_config-f52eecb1e3501fd6.yaml b/releasenotes/notes/trove_merge_config-f52eecb1e3501fd6.yaml new file mode 100644 index 0000000..4c27b8e --- /dev/null +++ b/releasenotes/notes/trove_merge_config-f52eecb1e3501fd6.yaml @@ -0,0 +1,71 @@ +--- +features: + - | + Added variable ``trove_management_security_groups`` to set list of + security groups that will be set for management interface of Trove + guest instances. + - | + Added following variables to control endpoint types that trove will search + in the catalog: + + - trove_service_endpoint_type + - trove_service_neutron_endpoint_type + - trove_service_cinder_endpoint_type + - trove_service_nova_endpoint_type + - trove_service_glance_endpoint_type + - trove_service_swift_endpoint_type + - trove_guest_endpoint_type + + - | + Added following variables to control when to add specific service blocks + to the config file and enable support for these services: + + - trove_swift_enabled + - trove_designate_enabled + - trove_cinder_enabled + + - | + Added following variables to ease designate integration with trove: + + - trove_dns_domain_name + - trove_dns_domain_id + - trove_notifications_designate + + - | + Added Trove guest specific variables to be able to use standalone rabbitmq + along with defaulting behaviour to enable guests to use + ``trove_container_net_name`` for rabbitmq servers: + + - trove_guest_oslomsg_rpc_hostgroup + - trove_guest_oslomsg_notify_hostgroup + +upgrade: + - | + Trove service specific config files, like ``trove-conductor.conf`` and + ``trove-taskmanager.conf``, were removed and all functionality was merged + to the ``trove.conf`` file. So you need to ensure, that all overriden + options are now placed for the trove.conf file. + - | + Default Trove service username has been changed from ``admin_trove_user`` + to ``trove``. You might want to manually delete ``admin_trove_user`` + after upgrade or override new default. + - | + Default Trove service project name has been changed from + ``trove_for_trove_usage`` to ``service``. You might want to manually delete + ``trove_for_trove_usage`` project after upgrade or override new default. +deprecations: + - | + Variables ``trove_taskmanager_config_overrides`` and + ``trove_conductor_config_overrides`` were removed along with affected config + files. You should use ``trove_config_overrides`` to override trove + configuration. + - | + Removed variable ``trove_provider_ip_from_q`` and + ``trove_container_net_name``. If you need to change network which will be + used for guests inside trove containers, please use variables + ``trove_provider_network`` or ``trove_provider_net_iface``. + - | + Removed variables ``trove_admin_user_name`` and + ``trove_service_tenant_name``. Please use ``trove_service_user_name`` + and ``trove_service_project_name`` correspondingly to manage username + and project name which will be used for auth in keystone. diff --git a/tasks/main.yml b/tasks/main.yml index 391d339..0951306 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -158,9 +158,9 @@ _service_project_name: "{{ trove_service_project_name }}" _service_region: "{{ trove_service_region }}" _service_users: |- - {% set users = [{'name': trove_admin_user_name, 'password': trove_service_password}] %} + {% set users = [{'name': trove_service_user_name, 'password': trove_service_password}] %} {% for role in trove_service_admin_role_names %} - {% set _ = users.append({'name': trove_admin_user_name, 'role': role}) %} + {% set _ = users.append({'name': trove_service_user_name, 'role': role}) %} {% endfor %} {{ users }} _service_endpoints: diff --git a/tasks/trove_db_sync.yml b/tasks/trove_db_sync.yml index 9ce2923..f7a2f22 100644 --- a/tasks/trove_db_sync.yml +++ b/tasks/trove_db_sync.yml @@ -17,10 +17,7 @@ # (c) 2016 Paul Stevens - name: Perform a trove DB sync - command: > - {{ trove_bin }}/trove-manage - --config-file=/etc/trove/{{ trove_services['trove-conductor']['service_name'] }}.conf - db_sync {{ trove_db_sync_options }} + command: "{{ trove_bin }}/trove-manage db_sync" become: yes become_user: "{{ trove_system_user_name }}" changed_when: false diff --git a/tasks/trove_post_install.yml b/tasks/trove_post_install.yml index cce0d3b..0343b5b 100644 --- a/tasks/trove_post_install.yml +++ b/tasks/trove_post_install.yml @@ -15,6 +15,16 @@ # # (c) 2016 Donovan Francesco # (c) 2016 Paul Stevens + +- name: Gathering network facts for {{ trove_provider_net_name }} interface + setup: + gather_subset: "!all,network" + filter: "{{ trove_address_gather_filter | default('ansible_' ~ trove_provider_net_iface | replace('-','_')) }}" + delegate_to: "{{ item }}" + delegate_facts: true + with_items: "{{ (groups[trove_guest_rpc_host_group] + groups[trove_guest_notify_host_group]) | unique }}" + run_once: true + - name: Drop trove api Config(s) config_template: src: "{{ item.src }}" @@ -33,10 +43,13 @@ dest: "/etc/trove/trove.conf" config_overrides: "{{ trove_config_overrides }}" config_type: "ini" + - src: "trove-guestagent.conf.j2" + dest: "/etc/trove/trove-guestagent.conf" + config_overrides: "{{ trove_guestagent_config_overrides }}" + config_type: "ini" notify: - - Restart trove API services + - Restart trove services - Restart uwsgi services - when: inventory_hostname in groups['trove_api'] - name: Implement policy.yaml if there are overrides configured config_template: @@ -71,53 +84,4 @@ - trove_use_uwsgi | bool - inventory_hostname in groups['trove_api'] notify: - - Restart trove API services - Restart uwsgi services - -- name: Drop trove-conductor Config(s) - config_template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: "{{ trove_system_user_name }}" - group: "{{ trove_system_group_name }}" - mode: "0644" - config_overrides: "{{ item.config_overrides }}" - config_type: "{{ item.config_type }}" - with_items: - - src: "api-paste.ini.j2" - dest: "/etc/trove/api-paste.ini" - config_overrides: "{{ trove_api_paste_ini_overrides }}" - config_type: "ini" - - src: "trove-conductor.conf.j2" - dest: "/etc/trove/trove-conductor.conf" - config_overrides: "{{ trove_conductor_config_overrides }}" - config_type: "ini" - notify: - - Restart trove conductor service - when: inventory_hostname in groups['trove_conductor'] - -- name: Drop trove-taskmanager Config(s) - config_template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: "{{ trove_system_user_name }}" - group: "{{ trove_system_group_name }}" - mode: "0644" - config_overrides: "{{ item.config_overrides }}" - config_type: "{{ item.config_type }}" - with_items: - - src: "api-paste.ini.j2" - dest: "/etc/trove/api-paste.ini" - config_overrides: "{{ trove_api_paste_ini_overrides }}" - config_type: "ini" - - src: "trove-taskmanager.conf.j2" - dest: "/etc/trove/trove-taskmanager.conf" - config_overrides: "{{ trove_taskmanager_config_overrides }}" - config_type: "ini" - - src: "trove-guestagent.conf.j2" - dest: "/etc/trove/trove-guestagent.conf" - config_overrides: "{{ trove_guestagent_config_overrides }}" - config_type: "ini" - notify: - - Restart trove taskmanager service - when: inventory_hostname in groups['trove_taskmanager'] diff --git a/templates/include_db.j2 b/templates/include_db.j2 deleted file mode 100644 index 5eb0351..0000000 --- a/templates/include_db.j2 +++ /dev/null @@ -1,41 +0,0 @@ -[mysql] -root_on_create = False -tcp_ports = 3306 -volume_support = True -device_path = /dev/vdb - -# Users to ignore for user create/list/delete operations -ignore_users = os_admin, root -ignore_dbs = mysql, information_schema, performance_schema - -[redis] -tcp_ports = 6379, 16379 -#redis uses local storage -volume_support = True -# default device_path = None - -[cassandra] -tcp_ports = 7000, 7001, 9042, 9160 -volume_support = True -device_path = /dev/vdb - -[couchbase] -tcp_ports = 8091, 8092, 4369, 11209-11211, 21100-21199 -volume_support = True -device_path = /dev/vdb - -[mongodb] -tcp_ports = 2500, 27017 -volume_support = True -device_path = /dev/vdb -num_config_servers_per_cluster = 1 -num_query_routers_per_cluster = 1 - -[vertica] -tcp_ports = 5433, 5434, 22, 5444, 5450, 4803 -udp_ports = 5433, 4803, 4804, 6453 -volume_support = True -device_path = /dev/vdb -cluster_support = True -cluster_member_count = 3 -api_strategy = trove.common.strategies.cluster.experimental.vertica.api.VerticaAPIStrategy diff --git a/templates/trove-conductor.conf.j2 b/templates/trove-conductor.conf.j2 deleted file mode 100644 index 39f3401..0000000 --- a/templates/trove-conductor.conf.j2 +++ /dev/null @@ -1,28 +0,0 @@ -#{{ ansible_managed }} -# Do not edit this file manually, your changes will be overwritten. -[DEFAULT] -debug = {{ debug }} -trove_auth_url = {{ trove_auth_url }} -conductor_manager = trove.conductor.manager.Manager -trove_conductor_workers={{ trove_conductor_workers }} -transport_url = {{ trove_oslomsg_rpc_transport }}://{% for host in trove_oslomsg_rpc_servers.split(',') %}{{ trove_oslomsg_rpc_userid }}:{{ trove_oslomsg_rpc_password }}@{{ host }}:{{ trove_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_rpc_vhost }}{% endif %}{% endfor %} - -{# There must be a blank line above or the following line will be appended to the previous. #} -control_exchange = {{ trove_control_exchange }} -enable_secure_rpc_messaging = {{ trove_enable_secure_rpc_messaging }} -inst_rpc_key_encr_key = {{ trove_inst_rpc_key_encr_key }} - -[profiler] -enabled = {{ trove_profiler_enabled }} -# If False doesn't trace SQL requests. -#trace_sqlalchemy = True - -[database] -connection = "{{ trove_galera_connection_string }}" - -[oslo_messaging_rabbit] -ssl={{ trove_oslomsg_rpc_use_ssl }} - -[oslo_messaging_notifications] -driver = {{ (trove_ceilometer_enabled | bool) | ternary('messagingv2', 'noop') }} -transport_url = {{ trove_oslomsg_notify_transport }}://{% for host in trove_oslomsg_notify_servers.split(',') %}{{ trove_oslomsg_notify_userid }}:{{ trove_oslomsg_notify_password }}@{{ host }}:{{ trove_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_notify_vhost }}{% endif %}{% endfor %} diff --git a/templates/trove-guestagent.conf.j2 b/templates/trove-guestagent.conf.j2 index a8f2cdf..6091b59 100644 --- a/templates/trove-guestagent.conf.j2 +++ b/templates/trove-guestagent.conf.j2 @@ -1,57 +1,31 @@ # {{ ansible_managed }} [DEFAULT] control_exchange = {{ trove_control_exchange }} -trove_auth_url = {{ trove_guest_auth_url }} -nova_proxy_admin_user = {{ trove_service_user_name }} -nova_proxy_admin_pass = {{ trove_service_password }} -nova_proxy_admin_tenant_name = {{ trove_service_project_name }} - -transport_url = {{ trove_oslomsg_rpc_transport }}://{% for host in trove_oslomsg_rpc_servers.split(',') %}{{ trove_oslomsg_rpc_userid }}:{{ trove_oslomsg_rpc_password }}@{{ host }}:{{ trove_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_rpc_vhost }}{% endif %}{% endfor %} +transport_url = {{ trove_oslomsg_rpc_transport }}://{% for host in trove_guest_oslomsg_rpc_servers.split(',') %}{{ trove_oslomsg_rpc_userid }}:{{ trove_oslomsg_rpc_password }}@{{ host }}:{{ trove_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_rpc_vhost }}{% endif %}{% endfor %} {% if trove_swift_enabled is defined %} swift_url = {{ trove_guest_swift_url }} -# Region name of this node. Default value is None. -os_region_name = {{ trove_service_region }} # Service type to use when searching catalog. swift_service_type = object-store -{% endif %} -# ========== Datastore Manager Configurations ========== -# Datastore manager implementations. -# Format: list of 'datastore-type:datastore.manager.implementation.module' -datastore_registry_ext = mysql:trove.guestagent.datastore.mysql.manager.Manager, percona:trove.guestagent.datastore.mysql.manager.Manager - -# ========== Default Users / DBs Configuration ========== -root_grant = ALL -root_grant_option = True - -{% if trove_storage_strategy is defined %} # For storage to Swift, use the following as defaults: -storage_strategy = SwiftStorage -storage_namespace = trove.common.strategies.storage.swift +storage_strategy = swift # Default config options for storing backups to swift backup_swift_container = database_backups -backup_use_gzip_compression = True -backup_use_openssl_encryption = True -backup_aes_cbc_key = "default_aes_cbc_key" -backup_use_snet = False -backup_chunk_size = 65536 -backup_segment_max_size = 2147483648 {% endif %} # Show debugging output in logs (sets DEBUG log level output) debug = {{ debug }} -# Directory and path for log files -log_dir = /var/log/trove/ -log_file = trove-guestagent.log - -[profiler] -# If False fully disable profiling feature. -#enabled = False -# If False doesn't trace SQL requests. -#trace_sqlalchemy = True +[service_credentials] +auth_url = {{ trove_guest_auth_url }} +username = {{ trove_service_user_name }} +password = {{ trove_service_password }} +project_name = {{ trove_service_project_name }} +region_name = {{ trove_service_region }} +project_domain_name = {{ trove_service_project_domain_name }} +user_domain_name = {{ trove_service_user_domain_name }} [oslo_messaging_rabbit] # Connect over SSL for RabbitMQ. (boolean value) @@ -59,60 +33,13 @@ log_file = trove-guestagent.log ssl = {{ trove_guest_oslomsg_rpc_use_ssl }} [oslo_messaging_notifications] -driver = {% if trove_ceilometer_enabled %}messagingv2{% else %}noop{% endif %} -transport_url = {{ trove_oslomsg_notify_transport }}://{% for host in trove_oslomsg_notify_servers.split(',') %}{{ trove_oslomsg_notify_userid }}:{{ trove_oslomsg_notify_password }}@{{ host }}:{{ trove_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_notify_vhost }}{% endif %}{% endfor %} - -# ========== Datastore Specific Configuration Options ========== - -[mysql] -# For mysql, the following are the defaults for backup, and restore: -backup_strategy = InnoBackupEx -backup_namespace = trove.guestagent.strategies.backup.mysql_impl -restore_namespace = trove.guestagent.strategies.restore.mysql_impl -# Default configuration for mysql replication -replication_strategy = MysqlBinlogReplication -replication_namespace = trove.guestagent.strategies.replication.mysql_binlog -replication_user = slave_user -replication_password = slave_password - -# Users to ignore for user create/list/delete operations -ignore_users = os_admin - -# Databases to ignore for db create/list/delete operations -# ignore_dbs = mysql, information_schema, performance_schema - -[vertica] -# For vertica, following are the defaults needed: -mount_point = /var/lib/vertica -readahead_size = 2048 -guestagent_strategy = trove.common.strategies.cluster.experimental.vertica.guestagent.VerticaGuestAgentStrategy - -[redis] -# For redis, the following are the defaults for backup, and restore: -backup_strategy = RedisBackup -backup_namespace = trove.guestagent.strategies.backup.experimental.redis_impl -restore_namespace = trove.guestagent.strategies.restore.experimental.redis_impl - -[percona] -backup_namespace = trove.guestagent.strategies.backup.mysql_impl -restore_namespace = trove.guestagent.strategies.restore.mysql_impl - -[couchbase] -backup_namespace = trove.guestagent.strategies.backup.experimental.couchbase_impl -restore_namespace = trove.guestagent.strategies.restore.experimental.couchbase_impl - -[cassandra] -backup_namespace = trove.guestagent.strategies.backup.experimental.cassandra_impl -restore_namespace = trove.guestagent.strategies.restore.experimental.cassandra_impl - -[db2] -# For db2, the following are the defaults for backup, and restore: -backup_strategy = DB2Backup -backup_namespace = trove.guestagent.strategies.backup.experimental.db2_impl -restore_namespace = trove.guestagent.strategies.restore.experimental.db2_impl - -[couchdb] -#For CouchDB, the following are the defaults for backup and restore: -backup_strategy = CouchDBBackup -backup_namespace = trove.guestagent.strategies.backup.experimental.couchdb_impl -restore_namespace = trove.guestagent.strategies.restore.experimental.couchdb_impl +{% set notification_topics = [] %} +{% if trove_ceilometer_enabled %} +{% set _ = notification_topics.append('notifications') %} +{% endif %} +{% if trove_designate_enabled %} +{% set _ = notification_topics.append(trove_notifications_designate) %} +{% endif %} +topics = {{ notification_topics | join(',') }} +driver = {{ (notification_topics | length > 0) | ternary('messagingv2', 'noop') }} +transport_url = {{ trove_oslomsg_notify_transport }}://{% for host in trove_guest_oslomsg_notify_servers.split(',') %}{{ trove_oslomsg_notify_userid }}:{{ trove_oslomsg_notify_password }}@{{ host }}:{{ trove_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_notify_vhost }}{% endif %}{% endfor %} diff --git a/templates/trove-taskmanager.conf.j2 b/templates/trove-taskmanager.conf.j2 deleted file mode 100644 index beea60b..0000000 --- a/templates/trove-taskmanager.conf.j2 +++ /dev/null @@ -1,107 +0,0 @@ -#{{ ansible_managed }} -# Do not edit this file manually, your changes will be overwritten. -[DEFAULT] -debug = {{ debug }} -update_status_on_fail = True -transport_url = {{ trove_oslomsg_rpc_transport }}://{% for host in trove_oslomsg_rpc_servers.split(',') %}{{ trove_oslomsg_rpc_userid }}:{{ trove_oslomsg_rpc_password }}@{{ host }}:{{ trove_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_rpc_vhost }}{% endif %}{% endfor %} - -{# There must be a blank line above or the following line will be appended to the previous. #} -control_exchange = {{ trove_control_exchange }} -enable_secure_rpc_messaging = {{ trove_enable_secure_rpc_messaging }} -taskmanager_rpc_encr_key = {{ trove_taskmanager_rpc_encr_key }} -inst_rpc_key_encr_key = {{ trove_inst_rpc_key_encr_key }} - -db_api_implementation = trove.db.sqlalchemy.api -trove_volume_support = True -block_device_mapping = vdb -device_path = /dev/vdb -mount_point = /var/lib/mysql -volume_time_out=30 -server_delete_time_out=480 -use_nova_server_config_drive = True -taskmanager_manager=trove.taskmanager.manager.Manager - -# Keystone -trove_auth_url = {{ trove_auth_url }} -os_region_name = {{ trove_service_region }} - -# Nova -nova_compute_service_type = compute -nova_endpoint_type = internalURL -nova_proxy_admin_user = {{ trove_service_user_name }} -nova_proxy_admin_pass = {{ trove_service_password }} -nova_proxy_admin_tenant_name = {{ trove_service_project_name }} - -# Cinder -cinder_endpoint_type = internalURL -cinder_service_type = volumev2 - -#Swift -swift_service_type = object-store - -# Neutron -neutron_endpoint_type = internalURL -neutron_service_type = network -network_driver = trove.network.neutron.NeutronDriver -default_neutron_networks = {{ trove_service_net_id }} - -# Notifications -notification_service_id = mysql:2f3ff068-2bfb-4f70-9a9d-a6bb65bc084b - -# Trove DNS -trove_dns_support = False -dns_account_id = 123456 -dns_auth_url = http://127.0.0.1:5000/v2.0 -dns_username = user -dns_passkey = password -dns_ttl = 3600 -dns_domain_name = 'trove.com.' -dns_domain_id = 11111111-1111-1111-1111-111111111111 -dns_driver = trove.dns.designate.driver.DesignateDriver -dns_instance_entry_factory = trove.dns.designate.driver.DesignateInstanceEntryFactory -dns_endpoint_url = http://127.0.0.1/v1/ -dns_service_type = dns - -# Trove Security Groups for Instances -trove_security_groups_support = True -trove_security_group_rule_cidr = 0.0.0.0/0 - -# Guest related conf -agent_heartbeat_time = 10 -agent_call_low_timeout = 5 -agent_call_high_timeout = 150 -agent_replication_snapshot_timeout = 36000 - -# Whether to use nova's contrib api for create server with volume -use_nova_server_volume = False - -network_label_regex = .* -#ip_regex = ^(15.|123.) -#black_list_regex = ^(10.0.0.) - -# Datastore templates -template_path = /etc/trove/templates/ -pydev_debug = disabled - -# ================= Guestagent related ======================== -guest_config = /etc/trove/trove-guestagent.conf -guest_info = guest_info.conf -injected_config_location = /etc/trove/conf.d -#cloudinit_location = /etc/trove/cloudinit - -[database] -connection = "{{ trove_galera_connection_string }}" -idle_timeout = 3600 - -[profiler] -enabled = {{ trove_profiler_enabled }} -# If False doesn't trace SQL requests. -#trace_sqlalchemy = True - -[oslo_messaging_rabbit] -ssl={{ trove_oslomsg_rpc_use_ssl }} - -[oslo_messaging_notifications] -transport_url = {{ trove_oslomsg_notify_transport }}://{% for host in trove_oslomsg_notify_servers.split(',') %}{{ trove_oslomsg_notify_userid }}:{{ trove_oslomsg_notify_password }}@{{ host }}:{{ trove_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_notify_vhost }}{% endif %}{% endfor %} - -{% include 'include_db.j2' %} diff --git a/templates/trove.conf.j2 b/templates/trove.conf.j2 index 3c812cd..0c1379f 100644 --- a/templates/trove.conf.j2 +++ b/templates/trove.conf.j2 @@ -2,9 +2,17 @@ [DEFAULT] debug = {{ debug }} use_journal = true + +{% if trove_use_uwsgi | bool %} bind_host = {{ trove_service_host }} bind_port = {{ trove_service_port }} trove_api_workers={{ trove_api_workers }} +{% endif %} + +trove_conductor_workers={{ trove_conductor_workers }} + +taskmanager_manager = trove.taskmanager.manager.Manager + transport_url = {{ trove_oslomsg_rpc_transport }}://{% for host in trove_oslomsg_rpc_servers.split(',') %}{{ trove_oslomsg_rpc_userid }}:{{ trove_oslomsg_rpc_password }}@{{ host }}:{{ trove_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_rpc_vhost }}{% endif %}{% endfor %} {# There must be a blank line above or the following line will be appended to the previous. #} @@ -12,74 +20,60 @@ control_exchange = {{ trove_control_exchange }} enable_secure_rpc_messaging = {{ trove_enable_secure_rpc_messaging }} inst_rpc_key_encr_key = {{ trove_inst_rpc_key_encr_key }} taskmanager_rpc_encr_key = {{ trove_taskmanager_rpc_encr_key }} +instance_rpc_encr_key = {{ trove_instance_rpc_encr_key }} -db_api_implementation = "trove.db.sqlalchemy.api" -trove_auth_url = {{ trove_auth_url }} -os_region_name = {{ trove_service_region }} -network_label_regex = .* -#network_label_regex = .* //with neutron enabled -#ip_regex = ^(15.|123.) -#black_list_regex = ^10.0.0. -trove_volume_support = True -block_device_mapping = vdb -device_path = /dev/vdb -max_accepted_volume_size = 10 -max_instances_per_tenant = 5 -max_volumes_per_tenant = 100 -max_backups_per_tenant = 5 -volume_time_out=30 +nova_compute_endpoint_type = {{ trove_service_nova_endpoint_type }} +nova_compute_service_type = compute -# Config options for rate limits -http_get_rate = 200 -http_post_rate = 200 -http_put_rate = 200 -http_delete_rate = 200 -http_mgmt_post_rate = 200 +glance_endpoint_type = {{ trove_service_glance_endpoint_type }} +trove_endpoint_type = {{ trove_service_endpoint_type }} + +# Cinder +trove_volume_support = {{ trove_cinder_enabled }} +max_accepted_volume_size = 100 +max_volumes_per_tenant = 1000 +cinder_endpoint_type = {{ trove_service_cinder_endpoint_type }} +cinder_service_type = volumev3 # Trove DNS -trove_dns_support = False -dns_account_id = 123456 -dns_auth_url = http://127.0.0.1:5000/v2.0 -dns_username = user -dns_passkey = password +trove_dns_support = {{ trove_designate_enabled | bool }} +{% if trove_designate_enabled | bool %} +dns_account_id = {{ trove_service_project_name }} +dns_auth_url = {{ trove_auth_url }} +dns_username = {{ trove_service_user_name }} +dns_passkey = {{ trove_service_password }} +dns_region = {{ keystone_service_region }} +dns_user_domain_id = {{ trove_service_user_domain_id }} +dns_project_domain_id = {{ trove_service_project_domain_id }} dns_ttl = 3600 -dns_domain_name = 'trove.com.' -dns_domain_id = 11111111-1111-1111-1111-111111111111 +dns_domain_name = {{ trove_dns_domain_name }} +dns_domain_id = {{ trove_dns_domain_id }} dns_driver = trove.dns.designate.driver.DesignateDriver dns_instance_entry_factory = trove.dns.designate.driver.DesignateInstanceEntryFactory -dns_endpoint_url = http://127.0.0.1/v1/ dns_service_type = dns - -# Nova -nova_proxy_admin_user = {{ trove_service_user_name }} -nova_proxy_admin_pass = {{ trove_service_password }} -nova_proxy_admin_tenant_name = {{ trove_service_project_name }} +{% endif %} # Neutron network_driver = trove.network.neutron.NeutronDriver -default_neutron_networks = {{ trove_service_net_id }} +management_networks = {{ trove_service_net_id }} +neutron_endpoint_type = {{ trove_service_neutron_endpoint_type }} +neutron_service_type = network +{% if trove_management_security_groups | length > 0 %} +management_security_groups = {{ trove_management_security_groups | join(',') }} +{% endif %} + +{% if trove_swift_enabled is defined %} # Swift swift_service_type = object-store - -# Taskmanager queue name -taskmanager_queue = taskmanager - -# Auth -admin_roles = admin -auth_strategy = keystone +swift_endpoint_type = {{ trove_service_swift_endpoint_type }} +{% endif %} # Guest related conf agent_heartbeat_time = 10 agent_call_low_timeout = 5 agent_call_high_timeout = 150 -# Reboot time out for instances -reboot_time_out = 60 - -# Trove api-paste file name -api_paste_config = api-paste.ini - [keystone_authtoken] insecure = {{ keystone_service_internaluri_insecure | bool }} auth_type = {{ trove_keystone_auth_plugin }} @@ -91,6 +85,7 @@ project_name = {{ trove_service_project_name }} username = {{ trove_service_user_name }} password = {{ trove_service_password }} region_name = {{ keystone_service_region }} +interface = {{ trove_service_endpoint_type }} memcached_servers = {{ trove_memcached_servers }} token_cache_time = 300 @@ -99,6 +94,15 @@ token_cache_time = 300 memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcached_encryption_key }} +[service_credentials] +auth_url = {{ trove_auth_url }} +username = {{ trove_service_user_name }} +password = {{ trove_service_password }} +project_name = {{ trove_service_project_name }} +region_name = {{ trove_service_region }} +project_domain_name = {{ trove_service_project_domain_name }} +user_domain_name = {{ trove_service_user_domain_name }} + [database] connection = "{{ trove_galera_connection_string }}" idle_timeout = 3600 @@ -117,7 +121,13 @@ enabled = {{ trove_profiler_enabled }} ssl = {{ trove_oslomsg_rpc_use_ssl }} [oslo_messaging_notifications] -driver = {% if trove_ceilometer_enabled %}messagingv2{% else %}noop{% endif %} +{% set notification_topics = [] %} +{% if trove_ceilometer_enabled %} +{% set _ = notification_topics.append('notifications') %} +{% endif %} +{% if trove_designate_enabled %} +{% set _ = notification_topics.append(trove_notifications_designate) %} +{% endif %} +topics = {{ notification_topics | join(',') }} +driver = {{ (notification_topics | length > 0) | ternary('messagingv2', 'noop') }} transport_url = {{ trove_oslomsg_notify_transport }}://{% for host in trove_oslomsg_notify_servers.split(',') %}{{ trove_oslomsg_notify_userid }}:{{ trove_oslomsg_notify_password }}@{{ host }}:{{ trove_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ trove_oslomsg_notify_vhost }}{% endif %}{% endfor %} - -{% include 'include_db.j2' %}