From d27269354209adc1cb9681db430c88a782a27d39 Mon Sep 17 00:00:00 2001 From: coldmoment Date: Thu, 25 Aug 2016 17:40:03 +0800 Subject: [PATCH] Add Magnum deployment in packstack Magnum is stable now, it's necessary to add magnum support in packstack. Change-Id: I37fa5554ad2221c93d48e0fb20fa60dc42979629 Implements: blueprint add-magnum-support Depends-On: Ic33aba69873e0aeb79546fe25f158604229a54a5 --- Puppetfile | 4 + docs/packstack.rst | 12 ++ packstack/plugins/magnum_920.py | 114 ++++++++++++++++++ packstack/plugins/prescript_000.py | 14 +++ packstack/plugins/puppet_950.py | 2 +- .../packstack/manifests/keystone/magnum.pp | 19 +++ .../modules/packstack/manifests/magnum.pp | 44 +++++++ .../packstack/manifests/magnum/rabbitmq.pp | 28 +++++ .../packstack/manifests/mariadb/services.pp | 9 ++ .../manifests/mariadb/services_remote.pp | 31 +++++ packstack/puppet/templates/controller.pp | 6 + tests/scenario003.sh | 2 + 12 files changed, 284 insertions(+), 1 deletion(-) mode change 100644 => 100755 Puppetfile mode change 100644 => 100755 docs/packstack.rst create mode 100755 packstack/plugins/magnum_920.py mode change 100644 => 100755 packstack/plugins/prescript_000.py mode change 100644 => 100755 packstack/plugins/puppet_950.py create mode 100755 packstack/puppet/modules/packstack/manifests/keystone/magnum.pp create mode 100755 packstack/puppet/modules/packstack/manifests/magnum.pp create mode 100755 packstack/puppet/modules/packstack/manifests/magnum/rabbitmq.pp mode change 100644 => 100755 packstack/puppet/modules/packstack/manifests/mariadb/services.pp mode change 100644 => 100755 packstack/puppet/modules/packstack/manifests/mariadb/services_remote.pp mode change 100644 => 100755 packstack/puppet/templates/controller.pp mode change 100644 => 100755 tests/scenario003.sh diff --git a/Puppetfile b/Puppetfile old mode 100644 new mode 100755 index 94605b1c2..23563f45c --- a/Puppetfile +++ b/Puppetfile @@ -26,6 +26,10 @@ mod 'heat', :git => 'https://github.com/openstack/puppet-heat', :ref => 'master' +mod 'magnum', + :git => 'https://github.com/openstack/puppet-magnum', + :ref => 'master' + mod 'horizon', :git => 'https://github.com/openstack/puppet-horizon', :ref => 'master' diff --git a/docs/packstack.rst b/docs/packstack.rst old mode 100644 new mode 100755 index 9507a9ef6..2ebfa2626 --- a/docs/packstack.rst +++ b/docs/packstack.rst @@ -71,6 +71,9 @@ Global Options **CONFIG_HEAT_INSTALL** Specify 'y' to install OpenStack Orchestration (heat). ['y', 'n'] +**CONFIG_MAGNUM_INSTALL** + Specify 'y' to install OpenStack Container Service (magnum). ['y', 'n'] + **CONFIG_SAHARA_INSTALL** Specify 'y' to install OpenStack Data Processing (sahara). In case of sahara installation packstack also installs heat.['y', 'n'] @@ -1132,6 +1135,15 @@ Nagios Config parameters **CONFIG_NAGIOS_PW** Password of the nagiosadmin user on the Nagios server. +Magnum Options +------------------------ + +**CONFIG_MAGNUM_DB_PW** + Password to use for the Magnum to access the database. + +**CONFIG_MAGNUM_KS_PW** + Password to use for the Magnum to authenticate with the Identity service. + Log files and Debug info ------------------------ diff --git a/packstack/plugins/magnum_920.py b/packstack/plugins/magnum_920.py new file mode 100755 index 000000000..02cb72a80 --- /dev/null +++ b/packstack/plugins/magnum_920.py @@ -0,0 +1,114 @@ +# -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +""" +Installs and configures Magnum +""" + +from packstack.installer import basedefs +from packstack.installer import processors +from packstack.installer import utils +from packstack.installer import validators + +from packstack.modules.documentation import update_params_usage + +# ------------- Magnum Packstack Plugin Initialization -------------- +PLUGIN_NAME = "OS-Magnum" +PLUGIN_NAME_COLORED = utils.color_text(PLUGIN_NAME, 'blue') + + +def initConfig(controller): + magnum_params = { + "MAGNUM": [ + {"CMD_OPTION": "magnum-db-passwd", + "PROMPT": "Enter the password for the Magnum DB access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MAGNUM_DB_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + + {"CMD_OPTION": "magnum-ks-passwd", + "PROMPT": "Enter the password for the Magnum Keystone access", + "OPTION_LIST": [], + "VALIDATORS": [validators.validate_not_empty], + "DEFAULT_VALUE": "PW_PLACEHOLDER", + "PROCESSORS": [processors.process_password], + "MASK_INPUT": True, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MAGNUM_KS_PW", + "USE_DEFAULT": False, + "NEED_CONFIRM": True, + "CONDITION": False}, + ] + + } + update_params_usage(basedefs.PACKSTACK_DOC, magnum_params) + + magnum_groups = [ + {"GROUP_NAME": "MAGNUM", + "DESCRIPTION": "Magnum Options", + "PRE_CONDITION": "CONFIG_MAGNUM_INSTALL", + "PRE_CONDITION_MATCH": "y", + "POST_CONDITION": False, + "POST_CONDITION_MATCH": True}, + ] + for group in magnum_groups: + params = magnum_params[group["GROUP_NAME"]] + controller.addGroup(group, params) + + +def initSequences(controller): + if controller.CONF['CONFIG_MAGNUM_INSTALL'] != 'y': + return + + magnum_steps = [ + {'title': 'Adding Magnum manifest entries', + 'functions': [create_all_manifest]}, + ] + + controller.addSequence("Installing OpenStack Magnum", [], [], + magnum_steps) + + +# ------------------------- helper functions ------------------------- + +# ------------------------ Step Functions ---------------------------- +def create_all_manifest(config, messages): + if config['CONFIG_AMQP_ENABLE_SSL'] == 'y': + ssl_cert_file = config['CONFIG_MAGNUM_SSL_CERT'] = ( + '/etc/pki/tls/certs/ssl_amqp_magnum.crt' + ) + ssl_key_file = config['CONFIG_MAGNUM_SSL_KEY'] = ( + '/etc/pki/tls/private/ssl_amqp_magnum.key' + ) + ssl_host = config['CONFIG_CONTROLLER_HOST'] + service = 'magnum' + generate_ssl_cert(config, ssl_host, service, ssl_key_file, + ssl_cert_file) + + fw_details = dict() + key = "magnum" + fw_details.setdefault(key, {}) + fw_details[key]['host'] = "ALL" + fw_details[key]['service_name'] = "magnum api" + fw_details[key]['chain'] = "INPUT" + fw_details[key]['ports'] = ['9511'] + fw_details[key]['proto'] = "tcp" + config['FIREWALL_MAGNUM_API_RULES'] = fw_details diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py old mode 100644 new mode 100755 index 7bb4af9b6..7d47e3ff8 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -276,6 +276,20 @@ def initConfig(controller): "NEED_CONFIRM": False, "CONDITION": False}, + {"CMD_OPTION": "os-magnum-install", + "PROMPT": ( + "Should Packstack install OpenStack Container Service (Magnum)" + ), + "OPTION_LIST": ["y", "n"], + "VALIDATORS": [validators.validate_options], + "DEFAULT_VALUE": "n", + "MASK_INPUT": False, + "LOOSE_VALIDATION": False, + "CONF_NAME": "CONFIG_MAGNUM_INSTALL", + "USE_DEFAULT": False, + "NEED_CONFIRM": False, + "CONDITION": False}, + {"CMD_OPTION": "os-trove-install", "PROMPT": ( "Should Packstack install OpenStack Database (Trove)" diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py old mode 100644 new mode 100755 index fe54c18c2..7837936e5 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -148,7 +148,7 @@ def copy_puppet_modules(config, messages): os_modules = ' '.join(('aodh', 'apache', 'ceilometer', 'certmonger', 'cinder', 'concat', 'firewall', 'glance', 'gnocchi', 'heat', 'horizon', 'inifile', 'ironic', - 'keystone', 'manila', 'memcached', 'mongodb', + 'keystone', 'magnum', 'manila', 'memcached', 'mongodb', 'mysql', 'neutron', 'nova', 'nssdb', 'openstack', 'openstacklib', 'oslo', 'packstack', 'rabbitmq', 'redis', 'remote', 'rsync', 'sahara', 'ssh', diff --git a/packstack/puppet/modules/packstack/manifests/keystone/magnum.pp b/packstack/puppet/modules/packstack/manifests/keystone/magnum.pp new file mode 100755 index 000000000..44bc413fa --- /dev/null +++ b/packstack/puppet/modules/packstack/manifests/keystone/magnum.pp @@ -0,0 +1,19 @@ +class packstack::keystone::magnum () +{ + $magnum_protocol = 'http' + $magnum_host = hiera('CONFIG_KEYSTONE_HOST_URL') + $magnum_port = '9511' + $magnum_url = "${magnum_protocol}://${magnum_host}:$magnum_port/v1" + + class { '::magnum::keystone::auth': + region => hiera('CONFIG_KEYSTONE_REGION'), + password => hiera('CONFIG_MAGNUM_KS_PW'), + public_url => $magnum_url, + admin_url => $magnum_url, + internal_url => $magnum_url + } + + class { '::magnum::keystone::domain': + domain_password => hiera('CONFIG_MAGNUM_KS_PW'), + } +} diff --git a/packstack/puppet/modules/packstack/manifests/magnum.pp b/packstack/puppet/modules/packstack/manifests/magnum.pp new file mode 100755 index 000000000..4941609e8 --- /dev/null +++ b/packstack/puppet/modules/packstack/manifests/magnum.pp @@ -0,0 +1,44 @@ +class packstack::magnum () +{ + create_resources(packstack::firewall, hiera('FIREWALL_MAGNUM_API_RULES', {})) + + $magnum_cfg_magnum_db_pw = hiera('CONFIG_MAGNUM_DB_PW') + $magnum_cfg_magnum_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') + class { '::magnum::db': + database_connection => "mysql+pymysql://magnum:${magnum_cfg_magnum_db_pw}@${magnum_cfg_magnum_mariadb_host}/magnum", + } + + $magnum_protocol = 'http' + $magnum_host = hiera('CONFIG_KEYSTONE_HOST_URL') + $magnum_port = '9511' + $magnum_url = "${magnum_protocol}://${magnum_host}:$magnum_port/v1" + class { '::magnum::keystone::authtoken': + auth_uri => "${magnum_protocol}://${magnum_host}:5000/v3", + auth_url => "${magnum_protocol}://${magnum_host}:35357", + auth_version => 'v3', + username => 'magnum', + password => hiera('CONFIG_MAGNUM_KS_PW'), + auth_type => 'password', + memcached_servers => "${magnum_host}:11211", + project_name => 'services' + } + + class { '::magnum::api': + enabled => true, + host => '0.0.0.0' + } + + class { '::magnum::conductor': + } + + class { '::magnum::client': + } + + class { '::magnum::clients': + region_name => hiera('CONFIG_KEYSTONE_REGION') + } + + class { '::magnum::certificates': + cert_manager_type => 'local' + } +} diff --git a/packstack/puppet/modules/packstack/manifests/magnum/rabbitmq.pp b/packstack/puppet/modules/packstack/manifests/magnum/rabbitmq.pp new file mode 100755 index 000000000..3bb6f2b3b --- /dev/null +++ b/packstack/puppet/modules/packstack/manifests/magnum/rabbitmq.pp @@ -0,0 +1,28 @@ +class packstack::magnum::rabbitmq () +{ + $kombu_ssl_ca_certs = hiera('CONFIG_AMQP_SSL_CACERT_FILE', undef) + $kombu_ssl_keyfile = hiera('CONFIG_MAGNUM_SSL_KEY', undef) + $kombu_ssl_certfile = hiera('CONFIG_MAGNUM_SSL_CERT', undef) + + if $kombu_ssl_keyfile { + $files_to_set_owner = [ $kombu_ssl_keyfile, $kombu_ssl_certfile ] + file { $files_to_set_owner: + owner => 'magnum', + group => 'magnum', + require => Package['openstack-magnum-common'], + } + File[$files_to_set_owner] ~> Service<||> + } + + class { '::magnum': + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), + rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), + rabbit_use_ssl => hiera('CONFIG_AMQP_SSL_ENABLED'), + rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), + rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), + kombu_ssl_ca_certs => $kombu_ssl_ca_certs, + kombu_ssl_keyfile => $kombu_ssl_keyfile, + kombu_ssl_certfile => $kombu_ssl_certfile, + notification_driver => 'messagingv2' + } +} diff --git a/packstack/puppet/modules/packstack/manifests/mariadb/services.pp b/packstack/puppet/modules/packstack/manifests/mariadb/services.pp old mode 100644 new mode 100755 index dda177882..19fe70c4e --- a/packstack/puppet/modules/packstack/manifests/mariadb/services.pp +++ b/packstack/puppet/modules/packstack/manifests/mariadb/services.pp @@ -43,6 +43,15 @@ class packstack::mariadb::services () } } + if hiera('CONFIG_MAGNUM_INSTALL') == 'y' { + class { '::magnum::db::mysql': + password => hiera('CONFIG_MAGNUM_DB_PW'), + host => '%', + allowed_hosts => '%', + charset => 'utf8', + } + } + if hiera('CONFIG_IRONIC_INSTALL') == 'y' { class { '::ironic::db::mysql': password => hiera('CONFIG_IRONIC_DB_PW'), diff --git a/packstack/puppet/modules/packstack/manifests/mariadb/services_remote.pp b/packstack/puppet/modules/packstack/manifests/mariadb/services_remote.pp old mode 100644 new mode 100755 index 431b91b80..0b20e657e --- a/packstack/puppet/modules/packstack/manifests/mariadb/services_remote.pp +++ b/packstack/puppet/modules/packstack/manifests/mariadb/services_remote.pp @@ -152,6 +152,37 @@ class packstack::mariadb::services_remote () { } } + if hiera('CONFIG_MAGNUM_INSTALL') == 'y' { + remote_database { 'magnum': + ensure => 'present', + charset => 'utf8', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + } + + $mariadb_magnum_noinstall_db_pw = hiera('CONFIG_MAGNUM_DB_PW') + + remote_database_user { 'magnum@%': + password_hash => mysql_password($mariadb_magnum_noinstall_db_pw), + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database['magnum'], + } + + remote_database_grant { 'magnum@%/magnum': + privileges => 'all', + db_host => hiera('CONFIG_MARIADB_HOST'), + db_user => hiera('CONFIG_MARIADB_USER'), + db_password => hiera('CONFIG_MARIADB_PW'), + provider => 'mysql', + require => Remote_database_user['magnum@%'], + } + } + if hiera('CONFIG_IRONIC_INSTALL') == 'y' { remote_database { 'ironic': ensure => 'present', diff --git a/packstack/puppet/templates/controller.pp b/packstack/puppet/templates/controller.pp old mode 100644 new mode 100755 index 79e68fbe7..3698e166a --- a/packstack/puppet/templates/controller.pp +++ b/packstack/puppet/templates/controller.pp @@ -142,6 +142,12 @@ if hiera('CONFIG_HEAT_INSTALL') == 'y' { } } +if hiera('CONFIG_MAGNUM_INSTALL') == 'y' { + include '::packstack::keystone::magnum' + include '::packstack::magnum' + include '::packstack::magnum::rabbitmq' +} + if hiera('CONFIG_PROVISION_DEMO') == 'y' or hiera('CONFIG_PROVISION_TEMPEST') == 'y' { include '::packstack::provision' if hiera('CONFIG_GLANCE_INSTALL') == 'y' { diff --git a/tests/scenario003.sh b/tests/scenario003.sh old mode 100644 new mode 100755 index 5b736fb9c..5cb5251b2 --- a/tests/scenario003.sh +++ b/tests/scenario003.sh @@ -12,6 +12,7 @@ echo -e "Generating packstack config for: - aodh - gnocchi - heat +- magnum - tempest (regex: 'smoke TelemetryAlarming')" echo "tempest will run if packstack's installation completes successfully." echo @@ -25,6 +26,7 @@ $SUDO packstack ${ADDITIONAL_ARGS} \ --os-horizon-install=n \ --glance-backend=file \ --os-heat-install=y \ + --os-magnum-install=y \ --provision-uec-kernel-url="/tmp/cirros/cirros-0.3.4-x86_64-vmlinuz" \ --provision-uec-ramdisk-url="/tmp/cirros/cirros-0.3.4-x86_64-initrd" \ --provision-uec-disk-url="/tmp/cirros/cirros-0.3.4-x86_64-disk.img" \