From 134089d6cd484563ecac0ea357428a05a2bcfd0e Mon Sep 17 00:00:00 2001 From: Serguei Bezverkhi Date: Sun, 11 Sep 2016 15:03:30 -0400 Subject: [PATCH] Adding required check for Orchestration Kubernetes Thgis PS add missing check for Kubernetes orchestration engine, without these changes, running kolla-ansible genconfig fails for Kubernetes environment. TrivialFix Change-Id: I25eeb7ae3ddba7c924f6d48aa24afdbe74227170 --- ansible/roles/cinder/templates/cinder.conf.j2 | 15 ++++--- .../roles/glance/templates/glance-api.conf.j2 | 9 +++- .../glance/templates/glance-registry.conf.j2 | 9 +++- ansible/roles/heat/templates/heat.conf.j2 | 23 +++++++--- .../roles/horizon/templates/local_settings.j2 | 3 +- ansible/roles/iscsi/templates/tgtd.json.j2 | 2 +- .../neutron/templates/metadata_agent.ini.j2 | 3 +- .../roles/neutron/templates/ml2_conf.ini.j2 | 4 +- .../roles/neutron/templates/neutron.conf.j2 | 4 +- .../templates/openvswitch-db-server.json.j2 | 2 +- ansible/roles/nova/templates/libvirtd.conf.j2 | 2 +- ansible/roles/nova/templates/nova.conf.j2 | 43 +++++++++++-------- ansible/roles/nova/templates/sshd_config.j2 | 2 +- .../rabbitmq/templates/rabbitmq-env.conf.j2 | 1 - 14 files changed, 81 insertions(+), 41 deletions(-) diff --git a/ansible/roles/cinder/templates/cinder.conf.j2 b/ansible/roles/cinder/templates/cinder.conf.j2 index d6e46df9b9..311033dd82 100644 --- a/ansible/roles/cinder/templates/cinder.conf.j2 +++ b/ansible/roles/cinder/templates/cinder.conf.j2 @@ -12,7 +12,7 @@ enable_v1_api=false osapi_volume_workers = {{ openstack_service_workers }} volume_name_template = volume-%s -glance_api_servers = {% for host in groups['glance-api'] %}{{ internal_protocol }}://{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_api_port }}{% if not loop.last %},{% endif %}{% endfor %} +glance_api_servers = {% for host in groups['glance-api'] %}{{ internal_protocol }}://{% if orchestration_engine == 'KUBERNETES' %}glance-api{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ glance_api_port }}{% if not loop.last %},{% endif %}{% endfor %} glance_num_retries = {{ groups['glance-api'] | length }} glance_api_version = 2 @@ -34,7 +34,7 @@ backup_ceph_stripe_count = 0 restore_discard_excess_bytes = true {% endif %} -osapi_volume_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +osapi_volume_listen = {{ api_interface_address }} osapi_volume_listen_port = {{ cinder_api_port }} api_paste_config = /etc/cinder/api-paste.ini @@ -42,7 +42,7 @@ nova_catalog_info = compute:nova:internalURL auth_strategy = keystone -transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} +transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} [oslo_messaging_notifications] {% if enable_ceilometer | bool %} @@ -50,12 +50,17 @@ driver = messagingv2 {% endif %} [database] -connection = mysql+pymysql://{{ cinder_database_user }}:{{ cinder_database_password }}@{{ cinder_database_address }}/{{ cinder_database_name }} +connection = mysql+pymysql://{{ cinder_database_user }}:{{ cinder_database_password }}@{% if orchestration_engine == 'KUBERNETES' %}{{ cinder_database_address }}{% else %}{{ cinder_database_address }}{% endif %}/{{ cinder_database_name }} max_retries = -1 [keystone_authtoken] +{% if orchestration_engine == 'KUBERNETES' %} +auth_uri = {{ keystone_internal_url }} +auth_url = {{ keystone_admin_url }} +{% else %} auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} +{% endif %} auth_type = password project_domain_id = default user_domain_id = default @@ -65,7 +70,7 @@ password = {{ cinder_keystone_password }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} -memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} +memcached_servers = {% for host in groups['memcached'] %}{% if orchestration_engine == 'KUBERNETES' %}memcached{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} [oslo_concurrency] diff --git a/ansible/roles/glance/templates/glance-api.conf.j2 b/ansible/roles/glance/templates/glance-api.conf.j2 index d274e1d6d8..fd01f2b197 100644 --- a/ansible/roles/glance/templates/glance-api.conf.j2 +++ b/ansible/roles/glance/templates/glance-api.conf.j2 @@ -22,15 +22,20 @@ show_multiple_locations = True cinder_catalog_info = volume:cinder:internalURL -transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} +transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} [database] connection = mysql+pymysql://{{ glance_database_user }}:{{ glance_database_password }}@{{ glance_database_address }}/{{ glance_database_name }} max_retries = -1 [keystone_authtoken] -auth_uri = {{ keystone_public_url }} +{% if orchestration_engine == 'KUBERNETES' %} +auth_uri = {{ keystone_internal_url }} auth_url = {{ keystone_admin_url }} +{% else %} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} +{% endif %} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/glance/templates/glance-registry.conf.j2 b/ansible/roles/glance/templates/glance-registry.conf.j2 index 6fd4b68c5b..b982e8788c 100644 --- a/ansible/roles/glance/templates/glance-registry.conf.j2 +++ b/ansible/roles/glance/templates/glance-registry.conf.j2 @@ -8,15 +8,20 @@ bind_host = {{ api_interface_address }} bind_port = {{ glance_registry_port }} workers = {{ openstack_service_workers }} -transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} +transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} [database] connection = mysql+pymysql://{{ glance_database_user }}:{{ glance_database_password }}@{{ glance_database_address }}/{{ glance_database_name }} max_retries = -1 [keystone_authtoken] -auth_uri = {{ keystone_public_url }} +{% if orchestration_engine == 'KUBERNETES' %} +auth_uri = {{ keystone_internal_url }} auth_url = {{ keystone_admin_url }} +{% else %} +auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} +{% endif %} auth_type = password project_domain_id = default user_domain_id = default diff --git a/ansible/roles/heat/templates/heat.conf.j2 b/ansible/roles/heat/templates/heat.conf.j2 index db546beff3..8f7b0529e8 100644 --- a/ansible/roles/heat/templates/heat.conf.j2 +++ b/ansible/roles/heat/templates/heat.conf.j2 @@ -15,18 +15,18 @@ deferred_auth_method = trusts trusts_delegated_role = heat_stack_owner num_engine_workers = {{ openstack_service_workers }} -transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} +transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} {% if service_name == 'heat-api' %} [heat_api] -bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +bind_host = {{ api_interface_address }} bind_port = {{ heat_api_port }} works = {{ openstack_service_workers }} {% endif %} {% if service_name == 'heat-api-cfn' %} [heat_api_cfn] -bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +bind_host = {{ api_interface_address }} bind_port = {{ heat_api_cfn_port }} {% endif %} @@ -46,18 +46,23 @@ password = {{ heat_keystone_password }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} -memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} +memcached_servers = {% for host in groups['memcached'] %}{% if orchestration_engine == 'KUBERNETES' %}memcached{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} [cache] backend = oslo_cache.memcache_pool enabled = True -memcache_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} +memcache_servers = {% for host in groups['memcached'] %}{% if orchestration_engine == 'KUBERNETES' %}memcached{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} [trustee] +{% if orchestration_engine == 'KUBERNETES' %} +auth_uri = {{ keystone_internal_url }} +auth_url = {{ keystone_admin_url }} +{% else %} auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} +{% endif %} auth_plugin = password project_domain_id = default user_domain_id = default @@ -66,10 +71,18 @@ username = {{ heat_keystone_user }} password = {{ heat_keystone_password }} [ec2authtoken] +{% if orchestration_engine == 'KUBERNETES' %} +auth_uri = {{ keystone_internal_url }} +{% else %} auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +{% endif %} [clients_keystone] +{% if orchestration_engine == 'KUBERNETES' %} +auth_uri = {{ keystone_internal_url }} +{% else %} auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} +{% endif %} [oslo_messaging_notifications] driver = noop diff --git a/ansible/roles/horizon/templates/local_settings.j2 b/ansible/roles/horizon/templates/local_settings.j2 index 954cc3419b..05386f1d00 100644 --- a/ansible/roles/horizon/templates/local_settings.j2 +++ b/ansible/roles/horizon/templates/local_settings.j2 @@ -173,7 +173,8 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' # ('http://cluster2.example.com:5000/v2.0', 'cluster2'), #] -OPENSTACK_HOST = "{{ kolla_internal_fqdn }}" +OPENSTACK_HOST = "{% if orchestration_engine == 'KUBERNETES' %}{{ api_interface_address }}{% else %}{{ kolla_internal_fqdn }}{% endif %}" + OPENSTACK_KEYSTONE_URL = "{{ keystone_public_url }}" OPENSTACK_KEYSTONE_DEFAULT_ROLE = "{{ horizon_openstack_keystone_default_role }}" diff --git a/ansible/roles/iscsi/templates/tgtd.json.j2 b/ansible/roles/iscsi/templates/tgtd.json.j2 index 0d74a78fda..3f38ef996f 100644 --- a/ansible/roles/iscsi/templates/tgtd.json.j2 +++ b/ansible/roles/iscsi/templates/tgtd.json.j2 @@ -1,4 +1,4 @@ { - "command": "tgtd -d 1 -f --iscsi portal={{ hostvars[inventory_hostname]['ansible_' + network_interface]['ipv4']['address'] }}:{{ iscsi_port }}", + "command": "tgtd -d 1 -f --iscsi portal={{ api_interface_address }}:{{ iscsi_port }}", "config_files": [] } diff --git a/ansible/roles/neutron/templates/metadata_agent.ini.j2 b/ansible/roles/neutron/templates/metadata_agent.ini.j2 index 86f33b9d0d..79f6aa2305 100644 --- a/ansible/roles/neutron/templates/metadata_agent.ini.j2 +++ b/ansible/roles/neutron/templates/metadata_agent.ini.j2 @@ -1,5 +1,6 @@ # metadata_agent.ini [DEFAULT] -nova_metadata_ip = {{ kolla_internal_fqdn }} +nova_metadata_ip = {% if orchestration_engine == 'KUBERNETES' %}nova-metadata{% else %}{{ kolla_internal_fqdn }}{% endif %} + nova_metadata_port = {{ nova_metadata_port }} metadata_proxy_shared_secret = {{ metadata_secret }} diff --git a/ansible/roles/neutron/templates/ml2_conf.ini.j2 b/ansible/roles/neutron/templates/ml2_conf.ini.j2 index 49bd4cbab7..a8f6560235 100644 --- a/ansible/roles/neutron/templates/ml2_conf.ini.j2 +++ b/ansible/roles/neutron/templates/ml2_conf.ini.j2 @@ -52,7 +52,7 @@ arp_responder = true [ovs] bridge_mappings = physnet1:{{ neutron_bridge_name }} -ovsdb_connection = tcp:{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:6640 +ovsdb_connection = tcp:{{ api_interface_address }}:6640 {% if enable_nova_fake | bool %} integration_bridge = br-int-{{ item }} {% endif %} @@ -64,4 +64,4 @@ physical_interface_mappings = physnet1:{{ neutron_external_interface }} [vxlan] l2_population = true {% endif %} -local_ip = {{ hostvars[inventory_hostname]['ansible_' + tunnel_interface]['ipv4']['address'] }} +local_ip = {{ api_interface_address }} diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2 index c7f64dffd3..b233cf0a4c 100644 --- a/ansible/roles/neutron/templates/neutron.conf.j2 +++ b/ansible/roles/neutron/templates/neutron.conf.j2 @@ -51,6 +51,8 @@ transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }} service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default {% endif %} +transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} + [nova] auth_url = {{ keystone_admin_url }} auth_type = password @@ -88,7 +90,7 @@ memcache_secret_key = {{ memcache_secret_key }} {% if orchestration_engine == 'KUBERNETES' %} memcache_servers = {{ memcached_servers }} {% else %} -memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} +memcached_servers = {% for host in groups['memcached'] %}{% if orchestration_engine == 'KUBERNETES' %}memcached{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} {% endif %} [oslo_messaging_notifications] diff --git a/ansible/roles/neutron/templates/openvswitch-db-server.json.j2 b/ansible/roles/neutron/templates/openvswitch-db-server.json.j2 index d352d92977..72b9ad694a 100644 --- a/ansible/roles/neutron/templates/openvswitch-db-server.json.j2 +++ b/ansible/roles/neutron/templates/openvswitch-db-server.json.j2 @@ -1,4 +1,4 @@ { - "command": "start-ovsdb-server {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} {% if orchestration_engine == 'KUBERNETES' %} {{ neutron_bridge_name }} {{ neutron_external_interface }} {% endif %}", + "command": "start-ovsdb-server {{ api_interface_address }} {% if orchestration_engine == 'KUBERNETES' %} {{ neutron_bridge_name }} {{ neutron_external_interface }} {% endif %}", "config_files": [] } diff --git a/ansible/roles/nova/templates/libvirtd.conf.j2 b/ansible/roles/nova/templates/libvirtd.conf.j2 index de891b8d28..70e958929c 100644 --- a/ansible/roles/nova/templates/libvirtd.conf.j2 +++ b/ansible/roles/nova/templates/libvirtd.conf.j2 @@ -3,4 +3,4 @@ auth_tcp = "none" ca_file = "" log_level = 3 log_outputs = "3:file:/var/log/kolla/libvirt/libvirtd.log" -listen_addr = "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}" +listen_addr = "{{ api_interface_address }}" diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2 index e5fbc50990..02b1a2041e 100644 --- a/ansible/roles/nova/templates/nova.conf.j2 +++ b/ansible/roles/nova/templates/nova.conf.j2 @@ -12,12 +12,12 @@ state_path = /var/lib/nova secure_proxy_ssl_header = X-Forwarded-Proto {% endif %} -osapi_compute_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +osapi_compute_listen = {{ api_interface_address }} osapi_compute_listen_port = {{ nova_api_port }} osapi_compute_workers = {{ openstack_service_workers }} metadata_workers = {{ openstack_service_workers }} -metadata_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +metadata_listen = {{ api_interface_address }} metadata_listen_port = {{ nova_metadata_port }} use_neutron = True @@ -51,7 +51,7 @@ compute_driver = libvirt.LibvirtDriver {% endif %} # Though my_ip is not used directly, lots of other variables use $my_ip -my_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +my_ip = {{ api_interface_address }} {% if enable_ceilometer | bool %} instance_usage_audit = True @@ -62,19 +62,19 @@ compute_monitors=nova.compute.monitors.cpu.virt_driver {% endif %} {% endif %} -transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} +transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} [conductor] workers = {{ openstack_service_workers }} {% if nova_console == 'novnc' %} [vnc] -novncproxy_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +novncproxy_host = {{ api_interface_address }} novncproxy_port = {{ nova_novncproxy_port }} -vncserver_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} -vncserver_proxyclient_address = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +vncserver_listen = {{ api_interface_address }} +vncserver_proxyclient_address = {{ api_interface_address }} {% if inventory_hostname in groups['compute'] %} -novncproxy_base_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_novncproxy_port }}/vnc_auto.html +novncproxy_base_url = {{ public_protocol }}://{% if orchestration_engine == 'KUBERNETES' %}kolla_kubernetes_external_vip{% else %}{{ kolla_external_fqdn }}{% endif %}:{{ nova_novncproxy_port }}/vnc_auto.html {% endif %} {% elif nova_console == 'spice' %} [vnc] @@ -82,12 +82,12 @@ novncproxy_base_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_ enabled = false [spice] enabled = true -server_listen = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} -server_proxyclient_address = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +server_listen = {{ api_interface_address }} +server_proxyclient_address = {{ api_interface_address }} {% if inventory_hostname in groups['compute'] %} -html5proxy_base_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_spicehtml5proxy_port }}/spice_auto.html +html5proxy_base_url = {{ public_protocol }}://{% if orchestration_engine == 'KUBERNETES' %}kolla_kubernetes_external_vip{% else %}{{ kolla_external_fqdn }}{% endif %}:{{ nova_spicehtml5proxy_port }}/spice_auto.html {% endif %} -html5proxy_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +html5proxy_host = {{ api_interface_address }} html5proxy_port = {{ nova_spicehtml5proxy_port }} {% endif %} @@ -104,7 +104,7 @@ api_endpoint = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api lock_path = /var/lib/nova/tmp [glance] -api_servers = {% for host in groups['glance-api'] %}{{ internal_protocol }}://{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ glance_api_port }}{% if not loop.last %},{% endif %}{% endfor %} +api_servers = {% for host in groups['glance-api'] %}{{ internal_protocol }}://{% if orchestration_engine == 'KUBERNETES' %}glance-api{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ glance_api_port }}{% if not loop.last %},{% endif %}{% endfor %} num_retries = {{ groups['glance-api'] | length }} @@ -112,11 +112,15 @@ num_retries = {{ groups['glance-api'] | length }} catalog_info = volume:cinder:internalURL [neutron] +{% if orchestration_engine == 'KUBERNETES' %} +url = {{ internal_protocol }}://neutron-server:{{ neutron_server_port }} +{% else %} url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }} +{% endif %} metadata_proxy_shared_secret = {{ metadata_secret }} service_metadata_proxy = true -auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} +auth_url = {{ keystone_admin_url }} auth_type = password project_domain_name = default user_domain_id = default @@ -137,12 +141,17 @@ max_retries = -1 [cache] backend = oslo_cache.memcache_pool enabled = True -memcache_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} +memcache_servers = {% for host in groups['memcached'] %}{% if orchestration_engine == 'KUBERNETES' %}memcached{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} [keystone_authtoken] +{% if orchestration_engine == 'KUBERNETES' %} +auth_uri = {{ keystone_internal_url }} +auth_url = {{ keystone_admin_url }} +{% else %} auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} +{% endif %} auth_type = password project_domain_id = default user_domain_id = default @@ -152,11 +161,11 @@ password = {{ nova_keystone_password }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} -memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} +memcached_servers = {% for host in groups['memcached'] %}{% if orchestration_engine == 'KUBERNETES' %}memcached{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif%}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} [libvirt] -connection_uri = "qemu+tcp://{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}/system" +connection_uri = "qemu+tcp://{{ api_interface_address }}/system" {% if enable_ceph | bool and nova_backend == "rbd" %} images_type = rbd images_rbd_pool = {{ ceph_nova_pool_name }} diff --git a/ansible/roles/nova/templates/sshd_config.j2 b/ansible/roles/nova/templates/sshd_config.j2 index ba6c8df8cc..29bea8dea1 100644 --- a/ansible/roles/nova/templates/sshd_config.j2 +++ b/ansible/roles/nova/templates/sshd_config.j2 @@ -1,5 +1,5 @@ Port {{ nova_ssh_port }} -ListenAddress {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +ListenAddress {{ api_interface_address }} SyslogFacility AUTHPRIV UsePAM yes diff --git a/ansible/roles/rabbitmq/templates/rabbitmq-env.conf.j2 b/ansible/roles/rabbitmq/templates/rabbitmq-env.conf.j2 index 41add3fa53..55eaab9d80 100644 --- a/ansible/roles/rabbitmq/templates/rabbitmq-env.conf.j2 +++ b/ansible/roles/rabbitmq/templates/rabbitmq-env.conf.j2 @@ -15,6 +15,5 @@ RABBITMQ_LOG_BASE=/var/log/kolla/rabbitmq # https://bugs.launchpad.net/ubuntu/+source/erlang/+bug/1374109 # https://bugs.launchpad.net/kolla/+bug/1562701 # https://bugzilla.redhat.com/show_bug.cgi?id=1324922 -# export ERL_EPMD_ADDRESS={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} export ERL_EPMD_PORT={{ rabbitmq_epmd_port }}