Ansible config for nova-serialproxy console

Change-Id: Ifd40ca95c82fafacaf91291511f7048351d1bf42
Partially-Implements: blueprint nova-proxies
This commit is contained in:
Eduardo Gonzalez 2016-08-22 22:21:25 +02:00
parent adaabb9c4d
commit 3d03a50864
15 changed files with 168 additions and 2 deletions

View File

@ -164,6 +164,7 @@ nova_api_port: "8774"
nova_metadata_port: "8775"
nova_novncproxy_port: "6080"
nova_spicehtml5proxy_port: "6082"
nova_serialproxy_port: "6083"
neutron_server_port: "9696"
@ -314,6 +315,7 @@ enable_neutron_lbaas: "no"
enable_neutron_fwaas: "no"
enable_neutron_qos: "no"
enable_neutron_agent_ha: "no"
enable_nova_serialconsole_proxy: "no"
enable_octavia: "no"
enable_panko: "no"
enable_rally: "no"

View File

@ -196,6 +196,9 @@ nova
[nova-compute-ironic:children]
nova
[nova-serialproxy:children]
nova
# Neutron
[neutron-server:children]
control

View File

@ -212,6 +212,9 @@ nova
[nova-compute-ironic:children]
nova
[nova-serialproxy:children]
nova
# Neutron
[neutron-server:children]
control

View File

@ -257,6 +257,18 @@
- nova_console == 'novnc'
- inventory_hostname in groups['haproxy']
- name: Checking free port for Nova Serial Proxy HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ nova_serialproxy_port }}"
connect_timeout: 1
state: stopped
when:
- enable_nova | bool
- "{{ 'nova_serialconsole_proxy' not in haproxy_stat }}"
- enable_nova_serialconsole_proxy | bool
- inventory_hostname in groups['haproxy']
- name: Checking free port for Nova Spice HTML5 HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"

View File

@ -130,6 +130,14 @@ listen nova_spicehtml5proxy
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_spicehtml5proxy_port }} check inter 2000 rise 2 fall 5
{% endfor %}
{% endif %}
{% if enable_nova_serialconsole_proxy | bool %}
listen nova_serialconsole_proxy
bind {{ kolla_internal_vip_address }}:{{ nova_serialproxy_port }}
{% for host in groups['nova-serialproxy'] %}
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + api_interface]['ipv4']['address'] }}:{{ nova_serialproxy_port }} check inter 2000 rise 2 fall 5
{% endfor %}
{% endif %}
{% if haproxy_enable_external_vip | bool %}
listen nova_api_external
@ -165,6 +173,16 @@ listen nova_spicehtml5proxy_external
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_spicehtml5proxy_port }} check inter 2000 rise 2 fall 5
{% endfor %}
{% endif %}
{% if enable_nova_serialconsole_proxy | bool %}
listen nova_serialconsole_proxy_external
bind {{ kolla_external_vip_address }}:{{ nova_serialproxy_port }} {{ tls_bind_info }}
http-request del-header X-Forwarded-Proto
http-request set-header X-Forwarded-Proto https if { ssl_fc }
{% for host in groups['nova-serialproxy'] %}
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ nova_serialproxy_port }} check inter 2000 rise 2 fall 5
{% endfor %}
{% endif %}
{% endif %}
{% endif %}

View File

@ -72,6 +72,10 @@ nova_compute_ironic_image: "{{ docker_registry ~ '/' if docker_registry else ''
nova_compute_ironic_tag: "{{ openstack_release }}"
nova_compute_ironic_image_full: "{{ nova_compute_ironic_image }}:{{ nova_compute_ironic_tag }}"
nova_serialproxy_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-nova-serialproxy"
nova_serialproxy_tag: "{{ openstack_release }}"
nova_serialproxy_image_full: "{{ nova_serialproxy_image }}:{{ nova_serialproxy_tag }}"
####################
# OpenStack
####################

View File

@ -26,6 +26,7 @@
- "nova-scheduler"
- "nova-spicehtml5proxy"
- "nova-ssh"
- "nova-serialproxy"
- name: Copying over config.json files for services
template:
@ -42,6 +43,7 @@
- "nova-scheduler"
- "nova-spicehtml5proxy"
- "nova-ssh"
- "nova-serialproxy"
- name: Copying over nova.conf
merge_configs:
@ -65,6 +67,7 @@
- "nova-novncproxy"
- "nova-scheduler"
- "nova-spicehtml5proxy"
- "nova-serialproxy"
- name: Copying over libvirt configuration
template:
@ -101,5 +104,6 @@
- "nova-novncproxy"
- "nova-scheduler"
- "nova-spicehtml5proxy"
- "nova-serialproxy"
when:
nova_policy.stat.exists

View File

@ -24,7 +24,8 @@
inventory_hostname in groups['nova-conductor'] or
inventory_hostname in groups['nova-consoleauth'] or
inventory_hostname in groups['nova-novncproxy'] or
inventory_hostname in groups['nova-scheduler']
inventory_hostname in groups['nova-scheduler'] or
inventory_hostname in groups['nova-serialproxy']
- include: config-nova-fake.yml
when:
@ -41,4 +42,6 @@
inventory_hostname in groups['nova-conductor'] or
inventory_hostname in groups['nova-consoleauth'] or
inventory_hostname in groups['nova-novncproxy'] or
inventory_hostname in groups['nova-scheduler']
inventory_hostname in groups['nova-scheduler'] or
inventory_hostname in groups['nova-serialproxy']

View File

@ -4,6 +4,7 @@
name:
- nova_api
- nova_novncproxy
- nova_serialproxy
- nova_spicehtml5proxy
register: container_facts
@ -38,6 +39,17 @@
- nova_console == 'novnc'
- inventory_hostname in groups['nova-novncproxy']
- name: Checking free port for Nova Serial Proxy
wait_for:
host: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}"
port: "{{ nova_serialproxy_port }}"
connect_timeout: 1
state: stopped
when:
- container_facts['nova_serialproxy'] is not defined
- enable_nova_serialconsole_proxy | bool
- inventory_hostname in groups['nova-serialproxy']
- name: Checking free port for Nova Spice HTML5 Proxy
wait_for:
host: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}"

View File

@ -68,6 +68,15 @@
image: "{{ nova_scheduler_image_full }}"
when: inventory_hostname in groups['nova-scheduler']
- name: Pulling nova-serialproxy image
kolla_docker:
action: "pull_image"
common_options: "{{ docker_common_options }}"
image: "{{ nova_serialproxy_image_full }}"
when:
- inventory_hostname in groups['nova-serialproxy']
- enable_nova_serialconsole_proxy | bool
- name: Pulling nova-spicehtml5proxy image
kolla_docker:
action: "pull_image"

View File

@ -54,6 +54,16 @@
- nova_console == 'spice'
- inventory_hostname in groups['nova-spicehtml5proxy']
- name: Ensuring the nova_serialproxy container is up
kolla_docker:
name: "nova_serialproxy"
action: "get_container_state"
register: container_state
failed_when: container_state.Running == false
when:
- enable_nova_serialconsole_proxy | bool
- inventory_hostname in groups['nova-serialproxy']
- include: config.yml
- name: Check the configs for nova libvirt, ssh, conductor, api, consoleauth and scheduler containers
@ -106,6 +116,15 @@
- nova_console == 'spice'
- inventory_hostname in groups['nova-spicehtml5proxy']
- name: Check the configs in the nova_serialproxy container
command: docker exec nova_serialproxy /usr/local/bin/kolla_set_configs --check
changed_when: false
failed_when: false
register: nova_serialproxy_check_result
when:
- enable_nova_serialconsole_proxy | bool
- inventory_hostname in groups['nova-serialproxy']
# NOTE(jeffrey4l): when config_strategy == 'COPY_ALWAYS'
# and container env['KOLLA_CONFIG_STRATEGY'] == 'COPY_ONCE',
# just remove the container and start again
@ -159,6 +178,15 @@
- nova_console == 'spice'
- inventory_hostname in groups['nova-spicehtml5proxy']
- name: Container config strategy for nova_serialproxy
kolla_docker:
name: nova_serialproxy
action: "get_container_env"
register: nova_serialproxy_container_env
when:
- enable_nova_serialconsole_proxy | bool
- inventory_hostname in groups['nova-serialproxy']
- name: Remove the nova libvirt, ssh, conductor, api, consoleauth and scheduler containers
kolla_docker:
name: "{{ item[0]['name'] }}"
@ -226,6 +254,17 @@
- config_strategy == 'COPY_ONCE' or nova_spicehtml5proxy_container_env['KOLLA_CONFIG_STRATEGY'] == 'COPY_ONCE'
- nova_spicehtml5proxy_check_result['rc'] == 1
- name: Remove nova_serialproxy container
kolla_docker:
name: nova_serialproxy
action: "remove_container"
register: remove_nova_serialproxy_container
when:
- enable_nova_serialconsole_proxy | bool
- inventory_hostname in groups['nova-serialproxy']
- config_strategy == 'COPY_ONCE' or nova_serialproxy_container_env['KOLLA_CONFIG_STRATEGY'] == 'COPY_ONCE'
- nova_serialproxy_check_result['rc'] == 1
- include: start.yml
when: remove_containers.changed
@ -254,6 +293,11 @@
- nova_console == 'spice'
- remove_nova_spicehtml5proxy_container.changed
- include: start.yml
when:
- enable_nova_serialconsole_proxy | bool
- remove_nova_serialproxy_container.changed
- name: Restart the nova libvirt, ssh, conductor, api, consoleauth and scheduler containers
kolla_docker:
name: "{{ item[0]['name'] }}"
@ -316,3 +360,14 @@
- inventory_hostname in groups['nova-spicehtml5proxy']
- nova_spicehtml5proxy_container_env['KOLLA_CONFIG_STRATEGY'] != 'COPY_ONCE'
- nova_spicehtml5proxy_check_result['rc'] == 1
- name: Restart the nova_serialproxy container
kolla_docker:
name: "nova_serialproxy"
action: "restart_container"
when:
- enable_nova_serialconsole_proxy | bool
- config_strategy == 'COPY_ALWAYS'
- inventory_hostname in groups['nova-serialproxy']
- nova_serialproxy_container_env['KOLLA_CONFIG_STRATEGY'] != 'COPY_ONCE'
- nova_serialproxy_check_result['rc'] == 1

View File

@ -51,6 +51,20 @@
- "kolla_logs:/var/log/kolla/"
when: inventory_hostname in groups['nova-scheduler']
- name: Starting nova-serialproxy container
kolla_docker:
action: "start_container"
common_options: "{{ docker_common_options }}"
image: "{{ nova_serialproxy_image_full }}"
name: "nova_serialproxy"
volumes:
- "{{ node_config_directory }}/nova-serialproxy/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
when:
- inventory_hostname in groups['nova-serialproxy']
- enable_nova_serialconsole_proxy | bool
- name: Starting nova-spicehtml5proxy container
kolla_docker:
action: "start_container"

View File

@ -0,0 +1,18 @@
{
"command": "nova-serialproxy",
"config_files": [
{
"source": "{{ container_config_directory }}/nova.conf",
"dest": "/etc/nova/nova.conf",
"owner": "nova",
"perm": "0600"
}
],
"permissions": [
{
"path": "/var/log/kolla/nova",
"owner": "nova:nova",
"recurse": true
}
]
}

View File

@ -87,6 +87,14 @@ html5proxy_base_url = {{ public_protocol }}://{% if orchestration_engine == 'KUB
html5proxy_host = {{ api_interface_address }}
html5proxy_port = {{ nova_spicehtml5proxy_port }}
{% endif %}
{% if enable_nova_serialconsole_proxy | bool %}
[serial_console]
enabled = true
base_url = ws://{{ kolla_external_fqdn }}:{{ nova_serialproxy_port }}/
serialproxy_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
serialproxy_port = {{ nova_serialproxy_port }}
proxyclient_address = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
{% endif %}
{% if service_name == "nova-compute-ironic" %}
[ironic]

View File

@ -165,6 +165,7 @@ kolla_internal_vip_address: "10.10.10.254"
#enable_neutron_qos: "no"
#enable_neutron_agent_ha: "no"
#enable_neutron_vpnaas: "no"
#enable_nova_serialconsole_proxy: "no"
#enable_octavia: "no"
#enable_rally: "no"
#enable_sahara: "no"