openstack
/
ansible-role-k8s-cinder
Code Issues Proposed changes

Adds Ansible variables support 

Extensive use of ansible variables to render configmaps. Makes the
use of hiera optional.

Change-Id: Iee9e7fcabf92cfdc5b6b4a8d0b8bcf57d8777be4
This commit is contained in:
Kiran Thyagaraja 2018-03-07 22:06:36 -06:00
parent 2fb45a6ba9
commit b9cbdc5198
14 changed files with 236 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
defaults/main.yml
View File

@ -3,10 +3,12 @@ kube_context:
config_file:
action: provision
namespace: openstack
service_account: default
service_account: openstack
privileged_service_account: openstack-priv
database_password: weakpassword
cinder_db_password: cinderpass
cinder_db_password: cinderpassword
cluster: kubernetes
hiera_data: {}
hiera_data_file: ''
@ -17,4 +19,53 @@ cinder_config:
database:
connection: "mysql+pymysql://root:weakpassword@mariadb:3306/cinder"
mariadb_root: root
mariadb_root_password: weakpassword
cinder_user: cinder
cinder_password: cinderpassword
rabbimq_user: guest
rabbitmq_password: rabbitmqpassword
auth_strategy: noauth
cinder_config:
DEFAULT:
public_bind_host: "0.0.0.0"
database:
connection: "mysql+pymysql://root:weakpassword@mariadb:3306/cinder"
cinder_rbd_user_name: cinder
role_name: cinder
# Backends
# Array to remember enabled backends.
enabled_backends: []
#
cinder_enable_iscsi_backend: false
cinder_enable_rbd_backend: false
cinder_enable_xtremio_backend: false
cinder_enable_netapp_backend: false
#
# Xtremio
xtremio:
max_over_subscription_ratio: 40
use_multipath_for_image_xfer: true
volume_backend_name: xtremio
volume_driver: cinder.volume.drivers.emc.xtremio.XtremIOISCSIDriver
san_ip:
xtremio_cluster_name:
san_login:
san_password:
image_volume_cache_enabled:
#
# Ceph
ceph:
cinder_rbd_pool_name: cinder_volumes
cinder_rbd_user_name: cinder
client_key:
ceph_authentication_type: cephx
ceph_mon_host:

4
tasks/backends/iscsi.yml
View File

@ -88,7 +88,7 @@
- name: Create Cinder Volume Deployment
k8s_apps_v1beta1_deployment:
k8s_v1beta2_deployment:
name: cinder-volume-iscsi
namespace: "{{ namespace }}"
service_account_name: '{{ privileged_service_account }}'
@ -163,7 +163,7 @@
- name: iscsid
securityContext:
privileged: true
image: tripleomaster/centos-binary-iscsid:current-tripleo
image: tripleoupstream/centos-binary-iscsid:latest
volumeMounts:
- mountPath: /etc/localtime
name: host-etc-localtime

59
tasks/backends/rbd.yml
View File

@ -9,15 +9,26 @@
src: "/tmp/ceph.conf"
register: "ceph_conf"
- name: Create cinder-volume-rbd configmaps
- name: Generate client keyring file
config_template:
src: rbd/keyring.j2
dest: /tmp/keyring
config_type: ini
- name: Read configs into memory
slurp:
src: "/tmp/keyring"
register: "keyring"
- name: Create cinder-volume-ceph configmaps
ignore_errors: yes
k8s_v1_config_map:
name: cinder-volume-rbd
name: cinder-volume-ceph
namespace: "{{ namespace }}"
state: present
debug: yes
labels:
service: cinder-volume-rbd
service: cinder-volume-ceph
data:
config.json: |
{
@ -32,8 +43,14 @@
{
"source": "/var/lib/kolla/config_files/ceph.conf",
"dest": "/etc/ceph/ceph.conf",
"owner": "root",
"owner": "cinder",
"perm": "0644"
},
{
"source": "/var/lib/kolla/config_files/keyring",
"dest": "/etc/ceph/keyring",
"owner": "cinder",
"perm": "0600"
}
],
"permissions": [
@ -56,27 +73,25 @@
ceph.conf: |
{{ceph_conf['content'] | b64decode}}
keyring: |
{{keyring['content'] | b64decode}}
- name: Create Cinder Volume Deployment
k8s_apps_v1beta1_deployment:
name: cinder-volume-rbd
openshift_v1_deployment_config:
name: cinder-volume-ceph
namespace: "{{ namespace }}"
service_account_name: "{{ service_account }}"
labels:
app: cinder-volume-rbd
service: cinder-volume-rbd
app: cinder-volume-ceph
service: cinder-volume-ceph
replicas: 1
spec_template_metadata_labels:
app: cinder-volume-rbd
service: cinder-volume-rbd
app: cinder-volume-ceph
service: cinder-volume-ceph
containers:
- name: cinder-volume
image: tripleomaster/centos-binary-cinder-volume:current-tripleo
volumeMounts:
- name: kolla-config
mountPath: /var/lib/kolla/config_files/
- name: ceph-client-cinder-keyring
mountPath: /etc/ceph/ceph.client.cinder.keyring
env:
- name: TZ
value: UTC
@ -84,12 +99,12 @@
value: COPY_ALWAYS
- name: KOLLA_KUBERNETES
value: ""
volumeMounts:
- name: kolla-config
mountPath: /var/lib/kolla/config_files
volumes:
- name: kolla-config
config_map:
name: cinder-volume-rbd
- name: ceph-client-cinder-keyring
secret:
secretName: ceph-client-cinder-keyring
configMap:
name: cinder-volume-ceph

2
tasks/backends/xtremio.yml
View File

@ -37,7 +37,7 @@
{{cinder_conf['content'] | b64decode}}
- name: Create Cinder Volume Deployment
k8s_apps_v1beta1_deployment:
openshift_v1_deployment_config:
name: cinder-volume-xtremio
namespace: "{{ namespace }}"
service_account_name: "{{ service_account }}"

34
tasks/cinder-api.yml
View File

@ -107,4 +107,38 @@
- name: kolla-config
config_map:
name: cinder-api
when: cluster == "kubernetes"
- name: Create Cinder-api Deployment
openshift_v1_deployment_config:
name: cinder-api
namespace: "{{ namespace }}"
service_account_name: "{{ service_account }}"
labels:
app: cinder-api
service: cinder-api
replicas: 1
spec_template_metadata_labels:
app: cinder-api
service: cinder-api
containers:
- name: cinder-api
image: tripleomaster/centos-binary-cinder-api:current-tripleo
ports:
- container_port: 8776
protocol: TCP
env:
- name: TZ
value: UTC
- name: KOLLA_CONFIG_STRATEGY
value: COPY_ALWAYS
- name: KOLLA_KUBERNETES
value: ""
volume_mounts:
- name: kolla-config
mountPath: /var/lib/kolla/config_files/
volumes:
- name: kolla-config
config_map:
name: cinder-api
when: cluster == "openshift"

31
tasks/cinder-scheduler.yml
View File

@ -65,4 +65,35 @@
- name: kolla-config
config_map:
name: cinder-scheduler
when: cluster == "kubernetes"
- name: create cinder-scheduler deployment
openshift_v1_deployment_config:
name: cinder-scheduler
namespace: "{{ namespace }}"
service_account_name: "{{ service_account }}"
labels:
app: cinder-scheduler
service: cinder-scheduler
replicas: 1
spec_template_metadata_labels:
app: cinder-scheduler
service: cinder-scheduler
containers:
- name: cinder-scheduler
image: tripleomaster/centos-binary-cinder-scheduler:current-tripleo
env:
- name: TZ
value: UTC
- name: KOLLA_CONFIG_STRATEGY
value: COPY_ALWAYS
- name: KOLLA_KUBERNETES
value: ""
volume_mounts:
- name: kolla-config
mountPath: /var/lib/kolla/config_files/
volumes:
- name: kolla-config
config_map:
name: cinder-scheduler
when: cluster == "openshift"

8
tasks/cinder-volume.yml
View File

@ -2,10 +2,10 @@
# backend configmap to its corresponding cinder-volume pod
- include: backends/iscsi.yml
when: result.conf_dict['cinder_enable_iscsi_backend']
when: cinder_enable_iscsi_backend
- include: backends/rbd.yml
when: result.conf_dict['cinder_enable_rbd_backend']
when: cinder_enable_rbd_backend
- include: backends/xtremio.yml
when: result.conf_dict['dellemc_xtremio_iscsi_backend']
when: cinder_enable_xtremio_backend
- include: backends/netapp.yml
when: result.conf_dict['cinder_enable_netapp_backend']
when: cinder_enable_netapp_backend

18
tasks/deprovision.yml
View File

@ -19,43 +19,47 @@
- name: Delete cinder-api deployment
k8s_apps_v1beta1_deployment:
name: cinder-api
namespace: openstack
namespace: {{ namespace }}
state: absent
when: cluster == "kubernetes"
- name: Delete cinder-scheduler deployment
k8s_apps_v1beta1_deployment:
name: cinder-scheduler
namespace: openstack
namespace: {{ namespace }}
state: absent
when: cluster == "kubernetes"
- name: Delete cinder-volume deployment
k8s_apps_v1beta1_deployment:
name: cinder-volume
namespace: openstack
namespace: {{ namespace }}
state: absent
- name: Delete cinder service
k8s_v1_service:
name: cinder
namespace: openstack
namespace: {{ namespace }}
state: absent
- name: Delete cinder configmaps
ignore_errors: yes
k8s_v1_config_map:
name: cinder-volume
namespace: openstack
namespace: {{ namespace }}
state: absent
- name: Delete cinder configmaps
ignore_errors: yes
k8s_v1_config_map:
name: cinder-scheduler
namespace: openstack
namespace: {{ namespace }}
state: absent
- name: Delete cinder configmaps
ignore_errors: yes
k8s_v1_config_map:
name: cinder-api
namespace: openstack
namespace: {{ namespace }}
state: absent
debug: yes

8
tasks/enabled_backends.yml
View File

@ -2,20 +2,20 @@
- name: Append backend to enable_backends list
set_fact:
enabled_backends: "{{ enabled_backends }} + [ 'tripleo_ceph' ]"
when: result.conf_dict['cinder_enable_rbd_backend']
when: cinder_enable_rbd_backend
- name: Append backend to enable_backends list
set_fact:
enabled_backends: "{{ enabled_backends }} + [ 'tripleo_iscsi' ]"
when: result.conf_dict['cinder_enable_iscsi_backend']
when: cinder_enable_iscsi_backend
- name: Append backend to enable_backends list
set_fact:
enabled_backends: "{{ enabled_backends }} + [ 'xtremio' ]"
when: result.conf_dict['dellemc_xtremio_iscsi_backend']
when: cinder_enable_xtremio_backend
- name: Append backend to enable_backends list
set_fact:
enabled_backends: "{{ enabled_backends }} + [ 'tripleo_netapp' ]"
when: result.conf_dict['cinder_enable_netapp_backend']
when: cinder_enable_netapp_backend

58
tasks/init-jobs.yml
View File

@ -1,44 +1,8 @@
# List of init jobs for the pod go here
- name: Create cinder-init-job configmaps
ignore_errors: yes
k8s_v1_config_map:
name: cinder-init-job
namespace: "{{ namespace }}"
state: present
debug: yes
data:
config.json: |
{
"command": "cinder-scheduler --config-file /etc/cinder/cinder.conf",
"config_files": [
{
"source": "/var/lib/kolla/config_files/cinder.conf",
"dest": "/etc/cinder/cinder.conf",
"owner": "cinder",
"perm": "0600"
}
],
"permissions": [
{
"path": "/var/lib/cinder",
"owner": "cinder:cinder",
"recurse": true
},
{
"path": "/var/log/kolla/cinder",
"owner": "cinder:cinder",
"recurse": true
}
]
}
cinder.conf: |
{{cinder_conf['content'] | b64decode}}
- name: Create Cinder Database
k8s_v1_job:
name: cinder-create-db
namespace: "{{ namespace }}"
service_account_name: "{{ service_account }}"
restart_policy: OnFailure
containers:
- name: cinder-create-db
@ -54,7 +18,7 @@
name='cinder'"
env:
- name: DATABASE_PASSWORD
value: "{{ database_password }}"
value: "{{ mariadb_root_password }}"
- name: "TZ"
value: "UTC"
register: db_create
@ -63,6 +27,7 @@
k8s_v1_job:
name: cinder-create-user
namespace: "{{ namespace }}"
service_account_name: "{{ service_account }}"
restart_policy: OnFailure
containers:
- name: cinder-create-db
@ -82,9 +47,9 @@
append_privs='yes'"
env:
- name: CINDER_DATABASE_PASSWORD
value: "{{ cinder_db_password }}"
value: "{{ cinder_password }}"
- name: DATABASE_PASSWORD
value: "{{database_password}}"
value: "{{mariadb_root_password}}"
- name: "TZ"
value: "UTC"
when: db_create|succeeded
@ -94,12 +59,12 @@
k8s_v1_job:
name: cinder-create-tables
namespace: "{{ namespace }}"
service_account_name: "{{ service_account }}"
restart_policy: OnFailure
containers:
- name: cinder-create-db
image: tripleomaster/centos-binary-cinder-api:current-tripleo
image_pull_policy: IfNotPresent
# command: ["/usr/bin/cinder-manage", "db", "sync"]
env:
- name: KOLLA_KUBERNETES
value: ""
@ -115,16 +80,7 @@
volumes:
- name: kolla-config
config_map:
name: cinder-init-job
name: cinder-scheduler
when: db_create|succeeded
register: cinder_bootstrap
# Remove the init-job configmap.
- name: Delete cinder-init-job configmaps
ignore_errors: yes
k8s_v1_config_map:
name: cinder-init-job
namespace: "{{namespace}}"
state: absent
when: cinder_bootstrap|succeeded

7
tasks/provision.yml
View File

@ -1,19 +1,18 @@
--
- include: hiera.yml
- include: enabled_backends.yml
- name: Generate config files
config_template:
template:
src: cinder.conf.j2
dest: /tmp/cinder.conf
config_overrides: '{{cinder_config}}'
config_type: ini
- name: Read configs into memory
slurp:
src: "/tmp/cinder.conf"
register: "cinder_conf"
- include: config_maps.yml
- include: init-jobs.yml
- include: cinder-api.yml
- include: cinder-scheduler.yml

9
templates/cinder-volume-config.yml.j2
View File

@ -4,17 +4,17 @@ config_files:
dest: "/etc/cinder/cinder.conf"
owner: cinder
perm: '0600'
{% if result.conf_dict['cinder_enable_rbd_backend'] %}
{% if cinder_enable_rbd_backend %}
- source: "/var/lib/kolla/config_files/ceph.conf"
dest: "/etc/ceph/ceph.conf"
owner: root
perm: '0644'
- source: "/var/lib/kolla/config_files/ceph.client.{{result.conf_dict['cinder_rbd_user_name']}}.keyring"
dest: "/etc/ceph/ceph.client.{{result.conf_dict['cinder_rbd_user_name']}}.keyring"
- source: "/var/lib/kolla/config_files/ceph.client.{{cinder_rbd_user_name}}.keyring"
dest: "/etc/ceph/ceph.client.{{cinder_rbd_user_name}}.keyring"
owner: root
perm: '0644'
{% endif %}
{% if result.conf_dict['cinder_enable_iscsi_backend'] %}
{% if cinder_enable_iscsi_backend %}
- source: "/var/lib/kolla/config_files/lvm.conf"
dest: "/etc/lvm/lvm.conf"
owner: root
@ -27,4 +27,3 @@ permissions:
- path: "/var/log/kolla/cinder"
owner: cinder:cinder
recurse: true

105
templates/cinder.conf.j2
View File

@ -1,50 +1,42 @@
[DEFAULT]
glance_api_servers={{result.conf_dict['DEFAULT']['glance_api_servers']}}
glance_api_version={{result.conf_dict['DEFAULT']['glance_api_version']}}
enable_v3_api=True
storage_availability_zone=nova
default_availability_zone=nova
auth_strategy={{result.conf_dict['DEFAULT']['auth_strategy']}}
enabled_backends={{ enabled_backends | join(",") }}
nova_catalog_info=compute:nova:internalURL
nova_catalog_admin_info=compute:nova:adminURL
scheduler_driver=cinder.scheduler.filter_scheduler.FilterScheduler
osapi_volume_listen=0.0.0.0
osapi_volume_workers=2
log_dir=/var/log/cinder
transport_url=rabbit://{{result.conf_dict['oslo_messaging_rabbit']['rabbit_userid']}}:{{result.conf_dict['oslo_messaging_rabbit']['rabbit_password']}}@rabbitmq:{{result.conf_dict['oslo_messaging_rabbit']['rabbit_port']}}/?ssl=0
rpc_backend=rabbit
control_exchange=openstack
api_paste_config=/etc/cinder/api-paste.ini
[database]
connection=mysql+pymysql://{{result.conf_dict['database']['user']}}:{{result.conf_dict['database']['password']}}@{{result.conf_dict['database']['host']}}:3306/{{result.conf_dict['database']['dbname']}}
max_retries=-1
db_max_retries=-1
[oslo_concurrency]
lock_path=/var/lib/cinder/tmp
enable_v3_api = true
glance_api_servers = none
enabled_backends = {{ enabled_backends | join(",") }}
glance_api_version = 2
log_dir = /var/log/cinder
osapi_volume_listen = 0.0.0.0
scheduler_driver = cinder.scheduler.filter_scheduler.FilterScheduler
nova_catalog_info = compute:nova:internalURL
api_paste_config = /etc/cinder/api-paste.ini
transport_url = rabbit://{{ rabbitmq_user }}:{{rabbitmq_password }}@rabbitmq:5672/?ssl=0
public_bind_host = 0.0.0.0
auth_strategy = {{ auth_strategy }}
[oslo_messaging_notifications]
driver=messagingv2
transport_url=rabbit://{{result.conf_dict['oslo_messaging_rabbit']['rabbit_userid']}}:{{result.conf_dict['oslo_messaging_rabbit']['rabbit_password']}}@rabbitmq:{{result.conf_dict['oslo_messaging_rabbit']['rabbit_port']}}/?ssl=0
transport_url = rabbit://{{ rabbitmq_user }}:{{ rabbitmq_password }}@rabbitmq:5672/?ssl=0
driver = messagingv2
[oslo_messaging_rabbit]
ssl={{result.conf_dict['oslo_messaging_rabbit']['rabbit_use_ssl']}}
rabbit_port={{result.conf_dict['oslo_messaging_rabbit']['rabbit_port']}}
rabbit_userid={{result.conf_dict['oslo_messaging_rabbit']['rabbit_userid']}}
rabbit_password={{result.conf_dict['oslo_messaging_rabbit']['rabbit_password']}}
heartbeat_timeout_threshold={{result.conf_dict['oslo_messaging_rabbit']['rabbit_heartbeat_timeout_threshold']}}
[database]
db_max_retries = -1
host = mariadb
max_retries = -1
connection = mysql+pymysql://{{ mariadb_root_user }}:{{ mariadb_root_password }}@mariadb:3306/{{ cinder_user }}
user = {{ cinder_user }}
password = {{ cinder_password }}
dbname = {{ cinder_user }}
[oslo_middleware]
enable_proxy_headers_parsing=True
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
[oslo_policy]
policy_file=/etc/cinder/policy.json
policy_file = /etc/cinder/policy.json
{% if result.conf_dict['cinder_enable_iscsi_backend'] %}
[tripleo_iscsi]
volume_backend_name=tripleo_iscsi
[privsep_entrypoint]
helper_command = sudo cinder-rootwrap /etc/cinder/rootwrap.conf privsep-helper --config-file /etc/cinder/cinder.conf
{% if cinder_enable_iscsi_backend %}
[iscsi]
volume_backend_name=iscsi
volume_driver=cinder.volume.drivers.lvm.LVMVolumeDriver
iscsi_ip_address=iscsid
iscsi_helper=lioadm
@ -52,35 +44,18 @@ volumes_dir=/var/lib/cinder/cinder-volumes
iscsi_protocol=iscsi
{% endif %}
{% if result.conf_dict['dellemc_xtremio_iscsi_backend'] %}
[xtremio]
max_over_subscription_ratio = {{result.conf_dict['xtremio']['max_over_subscription_ratio']}}
use_multipath_for_image_xfer= {{result.conf_dict['xtremio']['use_multipath_for_image_xfer']}}
volume_backend_name=xtremio
volume_driver=cinder.volume.drivers.emc.xtremio.XtremIOISCSIDriver
san_ip={{result.conf_dict['xtremio']['san_ip']}}
xtremio_cluster_name={{result.conf_dict['xtremio']['xtremio_cluster_name']}}
san_login={{result.conf_dict['xtremio']['san_login']}}
san_password={{result.conf_dict['xtremio']['san_password']}}
image_volume_cache_enabled={{result.conf_dict['xtremio']['image_volume_cache_enabled']}}
{% if cinder_enable_xtremio_backend %}
{% include 'xtremio/cinder-annex.conf.j2' %}
{% endif %}
{% if result.conf_dict['cinder_enable_rbd_backend'] %}
[tripleo_ceph]
volume_backend_name=tripleo_ceph
volume_driver=cinder.volume.drivers.rbd.RBDDriver
rbd_ceph_conf=/etc/ceph/ceph.conf
rbd_user={{ result.conf_dict['cinder_rbd_user_name'] }}
rbd_pool={{ result.conf_dict['cinder_rbd_pool_name'] }}
rbd_secret_uuid={{ result.conf_dict['ceph_cluster_fsid'] }}
backend_host=hostgroup
{% if cinder_enable_rbd_backend %}
{% include 'rbd/cinder-annex.conf.j2' %}
{% endif %}
{% if result.conf_dict['cinder_enable_netapp_backend'] %}
[tripleo_netapp]
{% if cinder_enable_netapp_backend %}
[netapp]
title = tripleo_netapp
netapp_login = {{result.conf_dict['tripleo_netapp']['netapp_login']}}
netapp_password = {{result.conf_dict['tripleo_netapp']['netapp_password']}}
netapp_server_hostname = {{result.conf_dict['tripleo_netapp']['netapp_server_hostname']}}
netapp_login = {{netapp.netapp_login}}
netapp_password = {{netapp.netapp_password}}
netapp_server_hostname = {{netapp.netapp_server_hostname}}
{% endif %}

11
templates/rbd/ceph.conf.j2
View File

@ -1,10 +1,9 @@
[global]
fsid = {{result.conf_dict['ceph_cluster_fsid']}}
mon_host = {{result.conf_dict['ceph_mon_host']}}
auth_cluster_required = {{result.conf_dict['authentication_type']}}
auth_service_required = {{result.conf_dict['authentication_type']}}
auth_client_required = {{result.conf_dict['authentication_type']}}
auth_supported = {{result.conf_dict['authentication_type']}}
mon_host = {{ceph.ceph_mon_host}}
auth_cluster_required = {{ceph.authentication_type}}
auth_service_required = {{ceph.authentication_type}}
auth_client_required = {{ceph.authentication_type}}
auth_supported = {{ceph.authentication_type}}
[client]
rbd_default_features = 1