From e33c91ee0e54add15d7ddaf51071b72378ed8ba7 Mon Sep 17 00:00:00 2001
From: Dmitry Tantsur <divius.inside@gmail.com>
Date: Thu, 1 Dec 2016 16:07:28 +0100
Subject: [PATCH] Optional Cinder support for undercloud

This is required to support overcloud nodes boot from volume. This support is
newly introduced in ironic in the Ocata, see the following specs for details:
http://specs.openstack.org/openstack/ironic-specs/specs/approved/boot-from-volume-reference-drivers.html
http://specs.openstack.org/openstack/ironic-specs/specs/approved/volume-connection-information.html

The implementation is mostly copied from overcloud cinder services, except
that only iscsi backend is enabled, as ironic only supports it for now.

The backup service is not enabled as part of this patch for simplicity.

Partially implements: blueprint undercloud-boot-from-volume

Change-Id: I7068c85be421d7642514c30bc47bc05589d43551
---
 .../puppet-stack-config.pp                    | 35 +++++++++++++++++++
 .../puppet-stack-config.yaml.template         | 34 ++++++++++++++++++
 .../root/tripleo-undercloud-passwords         |  1 +
 instack_undercloud/tests/test_undercloud.py   |  2 +-
 instack_undercloud/undercloud.py              | 12 +++++++
 undercloud.conf.sample                        |  8 +++++
 6 files changed, 91 insertions(+), 1 deletion(-)

diff --git a/elements/puppet-stack-config/puppet-stack-config.pp b/elements/puppet-stack-config/puppet-stack-config.pp
index 665d71c46..fcb345ba5 100644
--- a/elements/puppet-stack-config/puppet-stack-config.pp
+++ b/elements/puppet-stack-config/puppet-stack-config.pp
@@ -56,6 +56,7 @@ Exec<| title == 'ironic-dbsync' |> { refreshonly => false }
 Exec<| title == 'mistral-db-sync' |> { refreshonly => false }
 Exec<| title == 'mistral-db-populate' |> { refreshonly => false }
 Exec<| title == 'zaqar-manage db_sync' |> { refreshonly => false }
+Exec<| title == 'cinder-manage db_sync' |> { refreshonly => false }
 
 if count(hiera('ntp::servers')) > 0 {
   include ::ntp
@@ -546,6 +547,40 @@ if str2bool(hiera('enable_zaqar', true)) {
   }
 }
 
+if str2bool(hiera('enable_cinder', true)) {
+  $cinder_dsn = split(hiera('cinder::database_connection'), '[@:/?]')
+  class { '::cinder::db::mysql':
+    user          => $cinder_dsn[3],
+    password      => $cinder_dsn[4],
+    host          => $cinder_dsn[5],
+    dbname        => $cinder_dsn[6],
+    allowed_hosts => $allowed_hosts,
+  }
+  include ::cinder::keystone::auth
+
+  include ::cinder
+  include ::cinder::api
+  include ::cinder::cron::db_purge
+  include ::cinder::config
+  include ::cinder::glance
+  include ::cinder::scheduler
+  include ::cinder::volume
+  include ::cinder::wsgi::apache
+
+  $cinder_backend_name = hiera('cinder_backend_name')
+  cinder::backend::iscsi { $cinder_backend_name:
+    iscsi_ip_address => hiera('cinder_iscsi_address'),
+    iscsi_helper     => 'lioadm',
+    iscsi_protocol   => 'iscsi'
+  }
+
+  include ::cinder::backends
+
+  if str2bool(hiera('cinder_enable_test_volume', false)) {
+    include ::cinder::setup_test_volume
+  }
+}
+
 # dependency of pxe_drac
 ensure_resource('package', 'python-dracclient')
 # dependency of pxe_ilo
diff --git a/elements/puppet-stack-config/puppet-stack-config.yaml.template b/elements/puppet-stack-config/puppet-stack-config.yaml.template
index 57ead19f8..a37559df8 100644
--- a/elements/puppet-stack-config/puppet-stack-config.yaml.template
+++ b/elements/puppet-stack-config/puppet-stack-config.yaml.template
@@ -532,6 +532,39 @@ zaqar::messaging::mongodb::uri: mongodb://127.0.0.1:27017
 zaqar::message_pipeline: 'zaqar.notification.notifier'
 zaqar::max_messages_post_size: 1048576
 
+# Cinder
+cinder_backend_name: 'undercloud_iscsi'
+cinder_enable_test_volume: false
+cinder_iscsi_address: {{LOCAL_IP}}
+cinder::api::enable_proxy_headers_parsing: true
+cinder::api::service_name: 'httpd'
+cinder::api::nova_catalog_info: 'compute:Compute Service:internalURL'
+cinder::backends::enabled_backends: ["%{hiera('cinder_backend_name')}"]
+cinder::cron::db_purge::destination: "/dev/null"
+cinder::database_connection: mysql+pymysql://cinder:{{UNDERCLOUD_CINDER_PASSWORD}}@{{LOCAL_IP}}/cinder
+cinder::db::database_db_max_retries: -1
+cinder::db::database_max_retries: -1
+cinder::debug: "%{hiera('debug')}"
+cinder::glance::glance_api_servers: {{UNDERCLOUD_ENDPOINT_GLANCE_PUBLIC}}
+cinder::keystone::auth::tenant: 'service'
+cinder::keystone::auth::public_url: {{UNDERCLOUD_ENDPOINT_CINDER_PUBLIC}}
+cinder::keystone::auth::internal_url: {{UNDERCLOUD_ENDPOINT_CINDER_INTERNAL}}
+cinder::keystone::auth::admin_url: {{UNDERCLOUD_ENDPOINT_CINDER_ADMIN}}
+cinder::keystone::auth::region: 'regionOne'
+cinder::keystone::auth::password: {{UNDERCLOUD_CINDER_PASSWORD}}
+cinder::keystone::authtoken::project_name: 'service'
+cinder::keystone::authtoken::auth_uri: "%{hiera('keystone_auth_uri')}"
+cinder::keystone::authtoken::auth_url: "%{hiera('keystone_identity_uri')}"
+cinder::keystone::authtoken::password: {{UNDERCLOUD_CINDER_PASSWORD}}
+cinder::rabbit_userid: {{UNDERCLOUD_RABBIT_USERNAME}}
+cinder::rabbit_password: {{UNDERCLOUD_RABBIT_PASSWORD}}
+cinder::rabbit_host: {{LOCAL_IP}}
+cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler
+cinder::setup_test_volume::size: '10280M'
+cinder::wsgi::apache::bind_host: {{LOCAL_IP}}
+cinder::wsgi::apache::ssl: false
+cinder::wsgi::apache::workers: "%{::os_workers}"
+
 # HAproxy
 tripleo::profile::base::haproxy::step: 1
 tripleo::haproxy::haproxy_stats_password: {{UNDERCLOUD_HAPROXY_STATS_PASSWORD}}
@@ -602,6 +635,7 @@ enable_zaqar: {{ENABLE_ZAQAR}}
 enable_validations: {{ENABLE_VALIDATIONS}}
 enable_telemetry: {{ENABLE_TELEMETRY}}
 enable_ui: {{ENABLE_UI}}
+enable_cinder: {{ENABLE_CINDER}}
 
 # Path to install configuration files
 tripleo_install_user: {{TRIPLEO_INSTALL_USER}}
diff --git a/elements/undercloud-install/os-apply-config/root/tripleo-undercloud-passwords b/elements/undercloud-install/os-apply-config/root/tripleo-undercloud-passwords
index c968009fb..a7cc2c802 100644
--- a/elements/undercloud-install/os-apply-config/root/tripleo-undercloud-passwords
+++ b/elements/undercloud-install/os-apply-config/root/tripleo-undercloud-passwords
@@ -21,3 +21,4 @@ UNDERCLOUD_SWIFT_HASH_SUFFIX=$(sudo hiera swift::swift_hash_suffix)
 UNDERCLOUD_SWIFT_PASSWORD=$(sudo hiera swift::proxy::authtoken::admin_password)
 UNDERCLOUD_MISTRAL_PASSWORD=$(sudo hiera mistral::admin_password)
 UNDERCLOUD_ZAQAR_PASSWORD=$(sudo hiera zaqar::keystone::authtoken::password)
+UNDERCLOUD_CINDER_PASSWORD=$(sudo hiera cinder::keystone::authtoken::password)
diff --git a/instack_undercloud/tests/test_undercloud.py b/instack_undercloud/tests/test_undercloud.py
index 6460fe2a9..d65636be3 100644
--- a/instack_undercloud/tests/test_undercloud.py
+++ b/instack_undercloud/tests/test_undercloud.py
@@ -290,7 +290,7 @@ class TestGenerateEnvironment(BaseTestCase):
         env = undercloud._generate_environment('.')
         endpoint_vars = {k: v for (k, v) in env.items()
                          if k.startswith('UNDERCLOUD_ENDPOINT')}
-        self.assertEqual(39, len(endpoint_vars))
+        self.assertEqual(42, len(endpoint_vars))
         # Spot check one service
         self.assertEqual('http://192.168.24.1:5000',
                          env['UNDERCLOUD_ENDPOINT_KEYSTONE_PUBLIC'])
diff --git a/instack_undercloud/undercloud.py b/instack_undercloud/undercloud.py
index 7b71b26ef..988fb5158 100644
--- a/instack_undercloud/undercloud.py
+++ b/instack_undercloud/undercloud.py
@@ -286,6 +286,10 @@ _opts = [
                 help=('Whether to install requirements to run the TripleO '
                       'validations.')
                 ),
+    cfg.BoolOpt('enable_cinder',
+                default=False,
+                help=('Whether to install the Volume service to be boot '
+                      'overcloud nodes from remote volumes.')),
     cfg.BoolOpt('ipxe_enabled',
                 default=True,
                 help=('Whether to use iPXE for deploy and inspection.'),
@@ -414,6 +418,10 @@ _auth_opts = [
                help=('Horizon secret key. '
                      'If left unset, one will be automatically generated.')
                ),
+    cfg.StrOpt('undercloud_cinder_password',
+               help=('Cinder service password. '
+                     'If left unset, one will be automatically generated.')
+               ),
 ]
 CONF.register_opts(_opts)
 CONF.register_opts(_auth_opts, group='auth')
@@ -703,6 +711,10 @@ def _generate_endpoints(instack_env):
             '%s://%s:%d',
             {'host': public_host, 'port': 8888, 'ssl_port': 13888},
             {'host': internal_host, 'port': 8888}),
+        ('cinder',
+            '%s://%s:%d/v1/%%(tenant_id)s',
+            {'host': public_host, 'port': 8776, 'ssl_port': 13776},
+            {'host': internal_host, 'port': 8776}),
     ]
     for endpoint_data in endpoint_list:
         endpoints.update(
diff --git a/undercloud.conf.sample b/undercloud.conf.sample
index 4856f88a6..fb196d461 100644
--- a/undercloud.conf.sample
+++ b/undercloud.conf.sample
@@ -159,6 +159,10 @@
 # (boolean value)
 #enable_validations = true
 
+# Whether to install the Volume service to be boot overcloud nodes
+# from remote volumes. (boolean value)
+#enable_cinder = false
+
 # Whether to use iPXE for deploy and inspection. (boolean value)
 # Deprecated group/name - [DEFAULT]/ipxe_deploy
 #ipxe_enabled = true
@@ -285,3 +289,7 @@
 # Horizon secret key. If left unset, one will be automatically
 # generated. (string value)
 #undercloud_horizon_secret_key = <None>
+
+# Cinder service password. If left unset, one will be automatically
+# generated. (string value)
+#undercloud_cinder_password = <None>