From 51fa5a52927818a272a0fd14e87aa412014280af Mon Sep 17 00:00:00 2001
From: Brent Eagles <beagles@redhat.com>
Date: Fri, 16 Dec 2016 11:56:28 -0330
Subject: [PATCH] Add Octavia API service definitions

Introduce basic configuration support for Octavia API service.

Change-Id: I8816725ed65039af4b7d45392a2823395e81e51c
Depends-On: I77783029797be4fb488c6e743c51d228eba9c474
Partially-Implements: blueprint octavia-service-integration
---
 environments/tls-endpoints-public-dns.yaml    |   3 +
 environments/tls-endpoints-public-ip.yaml     |   3 +
 .../tls-everywhere-endpoints-dns.yaml         |   3 +
 network/endpoints/endpoint_data.yaml          |   9 +
 network/endpoints/endpoint_map.yaml           | 246 ++++++++++++++++++
 network/service_net_map.j2.yaml               |   1 +
 puppet/services/octavia-api.yaml              |  97 +++++++
 puppet/services/octavia-base.yaml             |  62 +++++
 8 files changed, 424 insertions(+)
 create mode 100644 puppet/services/octavia-api.yaml
 create mode 100644 puppet/services/octavia-base.yaml

diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml
index 74c9f61da5..718149807e 100644
--- a/environments/tls-endpoints-public-dns.yaml
+++ b/environments/tls-endpoints-public-dns.yaml
@@ -55,6 +55,9 @@ parameter_defaults:
     NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
     NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
     NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
+    OctaviaAdmin: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
+    OctaviaInternal: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
+    OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'}
     PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
     PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
     PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'}
diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml
index 17ff2feb03..4b34d54e29 100644
--- a/environments/tls-endpoints-public-ip.yaml
+++ b/environments/tls-endpoints-public-ip.yaml
@@ -55,6 +55,9 @@ parameter_defaults:
     NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
     NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
     NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'}
+    OctaviaAdmin: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
+    OctaviaInternal: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
+    OctaviaPublic: {protocol: 'https', port: '13876', host: 'IP_ADDRESS'}
     PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
     PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
     PankoPublic: {protocol: 'https', port: '13779', host: 'IP_ADDRESS'}
diff --git a/environments/tls-everywhere-endpoints-dns.yaml b/environments/tls-everywhere-endpoints-dns.yaml
index 0aa2be08c1..086dd3607a 100644
--- a/environments/tls-everywhere-endpoints-dns.yaml
+++ b/environments/tls-everywhere-endpoints-dns.yaml
@@ -55,6 +55,9 @@ parameter_defaults:
     NovaVNCProxyAdmin: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
     NovaVNCProxyInternal: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
     NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
+    OctaviaAdmin: {protocol: 'https', port: '9876', host: 'IP_ADDRESS'}
+    OctaviaInternal: {protocol: 'https', port: '9876', host: 'IP_ADDRESS'}
+    OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'}
     PankoAdmin: {protocol: 'https', port: '8779', host: 'CLOUDNAME'}
     PankoInternal: {protocol: 'https', port: '8779', host: 'CLOUDNAME'}
     PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'}
diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml
index 23c1ce1ee7..6966f3d01c 100644
--- a/network/endpoints/endpoint_data.yaml
+++ b/network/endpoints/endpoint_data.yaml
@@ -305,3 +305,12 @@ ZaqarWebSocket:
         net_param: ZaqarApi
     port: 9000
     protocol: ws
+
+Octavia:
+    Internal:
+        net_param: OctaviaApi
+    Public:
+        net_param: Public
+    Admin:
+        net_param: OctaviaApi
+    port: 9876
diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml
index a17f1c9613..90986360ba 100644
--- a/network/endpoints/endpoint_map.yaml
+++ b/network/endpoints/endpoint_map.yaml
@@ -72,6 +72,9 @@ parameters:
       NovaVNCProxyAdmin: {protocol: http, port: '6080', host: IP_ADDRESS}
       NovaVNCProxyInternal: {protocol: http, port: '6080', host: IP_ADDRESS}
       NovaVNCProxyPublic: {protocol: http, port: '6080', host: IP_ADDRESS}
+      OctaviaAdmin: {protocol: http, port: '9876', host: IP_ADDRESS}
+      OctaviaInternal: {protocol: http, port: '9876', host: IP_ADDRESS}
+      OctaviaPublic: {protocol: http, port: '9876', host: IP_ADDRESS}
       PankoAdmin: {protocol: http, port: '8779', host: IP_ADDRESS}
       PankoInternal: {protocol: http, port: '8779', host: IP_ADDRESS}
       PankoPublic: {protocol: http, port: '8779', host: IP_ADDRESS}
@@ -5490,6 +5493,249 @@ outputs:
                         template: NETWORK_uri
             - ':'
             - get_param: [EndpointMap, NovaVNCProxyPublic, port]
+      OctaviaAdmin:
+        host:
+          str_replace:
+            template:
+              get_param: [EndpointMap, OctaviaAdmin, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, OctaviaApiNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - str_replace:
+                    params:
+                      NETWORK:
+                        get_param: [ServiceNetMap, OctaviaApiNetwork]
+                    template: NETWORK_uri
+        host_nobrackets:
+          str_replace:
+            template:
+              get_param: [EndpointMap, OctaviaAdmin, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, OctaviaApiNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - get_param: [ServiceNetMap, OctaviaApiNetwork]
+        port:
+          get_param: [EndpointMap, OctaviaAdmin, port]
+        protocol:
+          get_param: [EndpointMap, OctaviaAdmin, protocol]
+        uri:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, OctaviaAdmin, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, OctaviaAdmin, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, OctaviaApiNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, OctaviaApiNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, OctaviaAdmin, port]
+        uri_no_suffix:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, OctaviaAdmin, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, OctaviaAdmin, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, OctaviaApiNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, OctaviaApiNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, OctaviaAdmin, port]
+      OctaviaInternal:
+        host:
+          str_replace:
+            template:
+              get_param: [EndpointMap, OctaviaInternal, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, OctaviaApiNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - str_replace:
+                    params:
+                      NETWORK:
+                        get_param: [ServiceNetMap, OctaviaApiNetwork]
+                    template: NETWORK_uri
+        host_nobrackets:
+          str_replace:
+            template:
+              get_param: [EndpointMap, OctaviaInternal, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, OctaviaApiNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - get_param: [ServiceNetMap, OctaviaApiNetwork]
+        port:
+          get_param: [EndpointMap, OctaviaInternal, port]
+        protocol:
+          get_param: [EndpointMap, OctaviaInternal, protocol]
+        uri:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, OctaviaInternal, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, OctaviaInternal, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, OctaviaApiNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, OctaviaApiNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, OctaviaInternal, port]
+        uri_no_suffix:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, OctaviaInternal, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, OctaviaInternal, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, OctaviaApiNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, OctaviaApiNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, OctaviaInternal, port]
+      OctaviaPublic:
+        host:
+          str_replace:
+            template:
+              get_param: [EndpointMap, OctaviaPublic, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, PublicNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - str_replace:
+                    params:
+                      NETWORK:
+                        get_param: [ServiceNetMap, PublicNetwork]
+                    template: NETWORK_uri
+        host_nobrackets:
+          str_replace:
+            template:
+              get_param: [EndpointMap, OctaviaPublic, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, PublicNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - get_param: [ServiceNetMap, PublicNetwork]
+        port:
+          get_param: [EndpointMap, OctaviaPublic, port]
+        protocol:
+          get_param: [EndpointMap, OctaviaPublic, protocol]
+        uri:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, OctaviaPublic, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, OctaviaPublic, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, PublicNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, PublicNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, OctaviaPublic, port]
+        uri_no_suffix:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, OctaviaPublic, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, OctaviaPublic, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, PublicNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, PublicNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, OctaviaPublic, port]
       PankoAdmin:
         host:
           str_replace:
diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml
index 8f1c4b4504..a8620ea7f5 100644
--- a/network/service_net_map.j2.yaml
+++ b/network/service_net_map.j2.yaml
@@ -38,6 +38,7 @@ parameters:
       KeystonePublicApiNetwork: internal_api
       ManilaApiNetwork: internal_api
       NeutronApiNetwork: internal_api
+      OctaviaApiNetwork: internal_api
       HeatApiNetwork: internal_api
       HeatApiCfnNetwork: internal_api
       HeatApiCloudwatchNetwork: internal_api
diff --git a/puppet/services/octavia-api.yaml b/puppet/services/octavia-api.yaml
new file mode 100644
index 0000000000..4c6f4c37ea
--- /dev/null
+++ b/puppet/services/octavia-api.yaml
@@ -0,0 +1,97 @@
+heat_template_version: ocata
+
+description: >
+  OpenStack Octavia API service.
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  OctaviaPassword:
+    description: The password for the Octavia's database account.
+    type: string
+    hidden: true
+  KeystoneRegion:
+    type: string
+    default: 'regionOne'
+    description: Keystone region for endpoint
+  MonitoringSubscriptionOctaviaApi:
+    default: 'overcloud-octavia-api'
+    type: string
+  OctaviaApiLoggingSource:
+    type: json
+    default:
+      tag: openstack.octavia.api
+      path: /var/log/octavia/api.log
+
+resources:
+
+  OctaviaBase:
+    type: ./octavia-base.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
+outputs:
+  role_data:
+    description: Role data for the Octavia API service.
+    value:
+      service_name: octavia_api
+      monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaApi}
+      logging_source: {get_param: OctaviaApiLoggingSource}
+      logging_groups:
+        - octavia
+      config_settings:
+        map_merge:
+          - get_attr: [OctaviaBase, role_data, config_settings]
+          - octavia::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+            octavia::db::database_connection:
+              list_join:
+                - ''
+                - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+                  - '://octavia:'
+                  - {get_param: OctaviaPassword}
+                  - '@'
+                  - {get_param: [EndpointMap, MysqlInternal, host]}
+                  - '/octavia'
+                  - '?bind_address='
+                  - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
+            octavia::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+            octavia::keystone::authtoken::project_name: 'service'
+            octavia::api::sync_db: true
+            tripleo.octavia_api.firewall_rules:
+              '120 octavia api':
+                dport:
+                  - 9876
+                  - 13876
+            octavia::host: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
+      step_config: |
+        include tripleo::profile::base::octavia::api
+      service_config_settings:
+        keystone:
+          octavia::keystone::auth::tenant: 'service'
+          octavia::keystone::auth::public_url: {get_param: [EndpointMap, OctaviaPublic, uri]}
+          octavia::keystone::auth::internal_url: { get_param: [ EndpointMap, OctaviaInternal, uri ] }
+          octavia::keystone::auth::admin_url: { get_param: [ EndpointMap, OctaviaAdmin, uri ] }
+          octavia::keystone::auth::password: {get_param: OctaviaPassword}
+          octavia::keystone::auth::region: {get_param: KeystoneRegion}
+        mysql:
+          octavia::db::mysql::password: {get_param: OctaviaPassword}
+          octavia::db::mysql::user: octavia
+          octavia::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+          octavia::db::mysql::dbname: octavia
+          octavia::db::mysql::allowed_hosts:
+            - '%'
+            - "%{hiera('mysql_bind_host')}"
diff --git a/puppet/services/octavia-base.yaml b/puppet/services/octavia-base.yaml
new file mode 100644
index 0000000000..b537a2bc4e
--- /dev/null
+++ b/puppet/services/octavia-base.yaml
@@ -0,0 +1,62 @@
+heat_template_version: ocata
+
+description: >
+  OpenStack Octavia base service. Shared for all Octavia services
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  Debug:
+    type: string
+    default: ''
+    description: Set to True to enable debugging on all services.
+  EnableConfigPurge:
+    type: boolean
+    default: true
+    description: >
+        Remove configuration that is not generated by TripleO. Setting
+        to false may result in configuration remnants after updates/upgrades.
+  RabbitPassword:
+    description: The password for RabbitMQ
+    type: string
+    hidden: true
+  RabbitUserName:
+    default: guest
+    description: The username for RabbitMQ
+    type: string
+  RabbitClientUseSSL:
+    default: false
+    description: >
+        Rabbit client subscriber parameter to specify
+        an SSL connection to the RabbitMQ host.
+    type: string
+  RabbitClientPort:
+    default: 5672
+    description: Set rabbit subscriber port, change this if using SSL
+    type: number
+
+outputs:
+  role_data:
+    description: Base role data for Octavia services
+    value:
+       service_name: octavia_base
+       config_settings:
+         octavia::debug: {get_param: Debug}
+         octavia::purge_config: {get_param: EnableConfigPurge}
+         octavia::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
+         tripleo::profile::base::octavia::rabbit_user: {get_param: RabbitUserName}
+         tripleo::profile::base::octavia::rabbit_password: {get_param: RabbitPassword}
+         tripleo::profile::base::octavia::rabbit_port: {get_param: RabbitClientPort}
+