openstack/kolla-ansible
Code Issues Proposed changes

Merge "Fix zun deployment"

Browse Source
This commit is contained in:
Jenkins 2017-06-02 12:35:21 +00:00 committed by Gerrit Code Review
commit 62972a6c8e
7 changed files with 98 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/group_vars/all.yml
View File

@ -245,7 +245,7 @@ tacker_server_port: "9890"
fluentd_syslog_port: "5140"
zun_api_port: "9512"
zun_api_port: "9517"
ovsdb_port: "6640"

9
ansible/roles/zun/defaults/main.yml
View File

@ -16,10 +16,13 @@ zun_services:
group: zun-compute
enabled: true
image: "{{ zun_compute_image_full }}"
privileged: True
volumes:
- "{{ node_config_directory }}/zun-compute/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
- "/run:/run:shared"
- "/usr/lib/docker:/usr/lib/docker"
####################
## Database
@ -44,9 +47,9 @@ zun_api_image_full: "{{ zun_api_image }}:{{ zun_api_tag }}"
####################
## OpenStack
####################
zun_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
zun_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
zun_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ zun_api_port }}/v1/%(tenant_id)s"
zun_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/"
zun_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ zun_api_port }}/v1/"
zun_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ zun_api_port }}/v1/"
zun_logging_debug: "{{ openstack_logging_debug }}"

3
ansible/roles/zun/handlers/main.yml
View File

@ -12,6 +12,7 @@
common_options: "{{ docker_common_options }}"
name: "{{ service.container_name }}"
image: "{{ service.image }}"
privileged: "{{ service.privileged | default(False) }}"
volumes: "{{ service.volumes }}"
when:
- action != "config"
@ -19,6 +20,7 @@
- service.enabled | bool
- config_json.changed | bool
or zun_conf.changed | bool
or zun_conf_wsgi.changed | bool
or policy_json.changed | bool
or zun_api_container.changed | bool
@ -35,6 +37,7 @@
common_options: "{{ docker_common_options }}"
name: "{{ service.container_name }}"
image: "{{ service.image }}"
privileged: "{{ service.privileged | default(False) }}"
volumes: "{{ service.volumes }}"
when:
- action != "config"

14
ansible/roles/zun/tasks/config.yml
View File

@ -42,6 +42,19 @@
- Restart zun-api container
- Restart zun-compute container
- name: Copying over wsgi-zun files for services
vars:
service: "{{ zun_services['zun-api'] }}"
template:
src: "wsgi-zun.conf.j2"
dest: "{{ node_config_directory }}/zun-api/wsgi-zun.conf"
register: zun_conf_wsgi
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
notify:
- Restart zun-api container
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/zun/policy.json"
register: zun_policy
@ -65,6 +78,7 @@
common_options: "{{ docker_common_options }}"
name: "{{ item.value.container_name }}"
image: "{{ item.value.image }}"
privileged: "{{ item.value.privileged | default(False) }}"
volumes: "{{ item.value.volumes }}"
register: check_zun_containers
when:

25
ansible/roles/zun/templates/wsgi-zun.conf.j2 Normal file
View File

@ -0,0 +1,25 @@
{% set python_path = '/usr/lib/python2.7/site-packages' if kolla_install_type == 'binary' else '/var/lib/kolla/venv/lib/python2.7/site-packages' %}
Listen {{ api_interface_address }}:{{ zun_api_port }}
<VirtualHost *:{{ zun_api_port }}>
## Vhost docroot
DocumentRoot "/var/www/cgi-bin/zun"
## Directories, there should at least be a declaration for /var/www/cgi-bin/zun
<Directory "/var/www/cgi-bin/zun">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
</Directory>
## Logging
ErrorLog "/var/log/kolla/zun/zun_api_wsgi_error.log"
ServerSignature Off
CustomLog "/var/log/kolla/zun/zun_api_wsgi_access.log" combined
WSGIApplicationGroup %{GLOBAL}
WSGIDaemonProcess zun group=zun processes={{ openstack_service_workers }} threads=1 user=zun python-path={{ python_path }}
WSGIProcessGroup zun
WSGIScriptAlias / "/var/www/cgi-bin/zun/app.wsgi"
</VirtualHost>

13
ansible/roles/zun/templates/zun-api.json.j2
View File

@ -1,5 +1,7 @@
{% set zun_cmd = 'apache2' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd' %}
{% set zun_dir = 'apache2/conf-enabled' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd/conf.d' %}
{
"command": "zun-api --config-file /etc/zun/zun.conf",
"command": "{{ zun_cmd }} -DFOREGROUND",
"config_files": [
{
"source": "{{ container_config_directory }}/zun.conf",
@ -8,16 +10,17 @@
"perm": "0600"
},
{
"source": "{{ container_config_directory }}/api-paste.ini",
"dest": "/etc/zun/api-paste.ini",
"owner": "zun",
"source": "{{ container_config_directory }}/wsgi-zun.conf",
"dest": "/etc/{{ zun_dir }}/wsgi-zun.conf",
"owner": "root",
"perm": "0600"
},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/zun/policy.json",
"owner": "zun",
"perm": "0600"
"perm": "0600",
"optional": true
}
],
"permissions": [

47
ansible/roles/zun/templates/zun.conf.j2
View File

@ -3,10 +3,17 @@ debug = {{ zun_logging_debug }}
log_dir = /var/log/kolla/zun
transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
{% if service_name == 'zun-api' %}
osapi_zun_listen = {{ api_interface_address }}
osapi_zun_listen_port = {{ zun_api_port }}
{% endif %}
container_driver = docker.driver.DockerDriver
image_driver_list = glance
db_type = sql
[api]
host_ip = {{ api_interface_address }}
port = {{ zun_api_port }}
workers = {{ openstack_service_workers }}
[compute]
topic = zun-compute
[database]
connection = mysql+pymysql://{{ zun_database_user }}:{{ zun_database_password }}@{{ zun_database_address }}/{{ zun_database_name }}
@ -17,10 +24,9 @@ version = 1
service_type = container
service_name = zun
[keystone_authtoken]
[keystone_auth]
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
project_domain_name = Default
auth_type = password
project_domain_id = default
user_domain_id = default
@ -31,3 +37,32 @@ password = {{ zun_keystone_password }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[keystone_authtoken]
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = {{ zun_keystone_user }}
password = {{ zun_keystone_password }}
service_token_roles_required = True
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[glance_client]
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = {{ zun_keystone_user }}
password = {{ zun_keystone_password }}
region_name = {{ openstack_region_name }}
endpoint_type = internalURL
api_version = 2