Add ansible support for Murano

Deploy the core services for murano-api and murano-engine containers.

Implements: bp ansible-murano

Change-Id: Ibcc618665a3509465ba8f9249a417e8848087eef

ansible/group_vars/all.yml

@@ -99,6 +99,7 @@ swift_container_server_port: "6002"
 heat_api_port: "8004"
 heat_api_cfn_port: "8000"
 
+murano_api_port: "8082"
 
 ####################
 # Openstack options
@@ -140,6 +141,7 @@ enable_cinder: "no"
 enable_heat: "yes"
 enable_horizon: "yes"
 enable_swift: "no"
+enable_murano: "no"
 
 
 ####################

ansible/inventory/all-in-one

@@ -51,6 +51,9 @@ control
 [heat:children]
 control
 
+[murano:children]
+control
+
 
 # Additional control implemented here. These groups allow you to control which
 # services run on which hosts at a per-service level.
@@ -124,3 +127,10 @@ heat
 
 [heat-engine:children]
 heat
+
+# Murano
+[murano-api:children]
+murano
+
+[murano-engine:children]
+murano

ansible/inventory/multinode

@@ -59,6 +59,9 @@ control
 [heat:children]
 control
 
+[murano:children]
+control
+
 
 # Additional control implemented here. These groups allow you to control which
 # services run on which hosts at a per-service level.
@@ -132,3 +135,10 @@ heat
 
 [heat-engine:children]
 heat
+
+# Murano
+[murano-api:children]
+murano
+
+[murano-engine:children]
+murano

ansible/roles/murano/defaults/main.yml

@@ -0,0 +1,36 @@
+---
+project_name: "murano"
+
+####################
+# Database
+####################
+murano_database_name: "murano"
+murano_database_user: "murano"
+murano_database_address: "{{ kolla_internal_address }}"
+
+
+####################
+# Docker
+####################
+murano_engine_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-murano-engine"
+murano_engine_tag: "{{ openstack_release }}"
+murano_engine_image_full: "{{ murano_engine_image }}:{{ murano_engine_tag }}"
+
+murano_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-murano-api"
+murano_api_tag: "{{ openstack_release }}"
+murano_api_image_full: "{{ murano_api_image }}:{{ murano_api_tag }}"
+
+
+####################
+# Openstack
+####################
+murano_public_address: "{{ kolla_external_address }}"
+murano_admin_address: "{{ kolla_internal_address }}"
+murano_internal_address: "{{ kolla_internal_address }}"
+
+murano_logging_verbose: "{{ openstack_logging_verbose }}"
+murano_logging_debug: "{{ openstack_logging_debug }}"
+
+murano_keystone_user: "murano"
+
+openstack_murano_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"

ansible/roles/murano/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - { role: common }

ansible/roles/murano/tasks/bootstrap.yml

@@ -0,0 +1,63 @@
+---
+- name: Creating Murano database
+  command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+    -m mysql_db
+    -a "login_host='{{ database_address }}'
+        login_user='{{ database_user }}'
+        login_port='{{ mariadb_port }}'
+        login_password='{{ database_password }}'
+        name='{{ murano_database_name }}'"
+  register: database
+  changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  failed_when: database.stdout.split()[2] != 'SUCCESS'
+  run_once: True
+
+- name: Creating Murano database user and setting permissions
+  command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+    -m mysql_user
+    -a "login_host='{{ database_address }}'
+        login_user='{{ database_user }}'
+        login_password='{{ database_password }}'
+        name='{{ murano_database_name }}'
+        password='{{ murano_database_password }}'
+        host='%'
+        priv='{{ murano_database_name }}.*:ALL'
+        append_privs='yes'"
+  register: database_user_create
+  changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database_user_create.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  failed_when: database_user_create.stdout.split()[2] != 'SUCCESS'
+  run_once: True
+
+- name: Starting Murano bootstrap container
+  docker:
+    detach: False
+    docker_api_version: "{{ docker_api_version }}"
+    net: host
+    pull: "{{ docker_pull_policy }}"
+    restart_policy: "no"
+    state: reloaded
+    registry: "{{ docker_registry }}"
+    username: "{{ docker_registry_username }}"
+    password: "{{ docker_registry_password }}"
+    insecure_registry: "{{ docker_insecure_registry }}"
+    name: bootstrap_murano
+    image: "{{ murano_api_image_full }}"
+    volumes: "{{ node_config_directory }}/murano-api/:/opt/kolla/murano-api/:ro"
+    env:
+      KOLLA_BOOTSTRAP:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+  run_once: True
+  when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed
+
+# https://github.com/ansible/ansible-modules-core/pull/1031
+- name: Waiting for bootstrap container to exit
+  command: docker wait bootstrap_murano
+  run_once: True
+  when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed
+
+- name: Cleaning up Murano boostrap container
+  docker:
+    name: bootstrap_murano
+    image: "{{ murano_api_image_full }}"
+    state: absent
+  when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed

ansible/roles/murano/tasks/config.yml

@@ -0,0 +1,40 @@
+---
+- include: ../../config.yml
+  vars:
+    service_name: "murano-engine"
+    config_source:
+      - "roles/{{ project_name }}/templates/murano.conf.j2"
+      - "/etc/kolla/config/global.conf"
+      - "/etc/kolla/config/database.conf"
+      - "/etc/kolla/config/messaging.conf"
+      - "/etc/kolla/config/{{ project_name }}.conf"
+      - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf"
+    config_template_dest:
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment"
+    config_dest: "{{ node_config_directory }}/{{ service_name }}/murano.conf"
+  when: inventory_hostname in groups['murano-engine']
+
+- include: ../../config.yml
+  vars:
+    service_name: "murano-api"
+    config_source:
+      - "roles/{{ project_name }}/templates/murano.conf.j2"
+      - "/etc/kolla/config/global.conf"
+      - "/etc/kolla/config/database.conf"
+      - "/etc/kolla/config/messaging.conf"
+      - "/etc/kolla/config/{{ project_name }}.conf"
+      - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf"
+    config_template_dest:
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment"
+      - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment"
+    config_dest: "{{ node_config_directory }}/{{ service_name }}/murano.conf"
+  when: inventory_hostname in groups['murano-api']

ansible/roles/murano/tasks/main.yml

@@ -0,0 +1,8 @@
+---
+- include: register.yml
+
+- include: config.yml
+
+- include: bootstrap.yml
+
+- include: start.yml

ansible/roles/murano/tasks/register.yml

@@ -0,0 +1,37 @@
+---
+- name: Creating the Murano service and endpoint
+  command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+    -m kolla_keystone_service
+    -a "service_name=murano
+        service_type=application_catalog
+        description='Openstack Application Catalogue'
+        endpoint_region={{ openstack_region_name }}
+        admin_url='http://{{ kolla_internal_address }}:{{ murano_api_port }}'
+        internal_url='http://{{ kolla_internal_address }}:{{ murano_api_port }}'
+        public_url='http://{{ kolla_external_address }}:{{ murano_api_port }}'
+        region_name={{ openstack_region_name }}
+        auth={{ '{{ openstack_murano_auth }}' }}"
+    -e "{'openstack_murano_auth':{{ openstack_murano_auth }}}"
+  register: murano_endpoint
+  changed_when: "{{ murano_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (murano_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  until: murano_endpoint.stdout.split()[2] == 'SUCCESS'
+  retries: 10
+  delay: 5
+  run_once: True
+
+- name: Creating the Murano project, user, and role
+  command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+    -m kolla_keystone_user
+    -a "project=service
+        user=murano
+        password={{ murano_keystone_password }}
+        role=admin
+        region_name={{ openstack_region_name }}
+        auth={{ '{{ openstack_murano_auth }}' }}"
+    -e "{'openstack_murano_auth':{{ openstack_murano_auth }}}"
+  register: murano_user
+  changed_when: "{{ murano_user.stdout.find('localhost | SUCCESS => ') != -1 and (murano_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  until: murano_user.stdout.split()[2] == 'SUCCESS'
+  retries: 10
+  delay: 5
+  run_once: True

ansible/roles/murano/tasks/start.yml

@@ -0,0 +1,39 @@
+---
+- name: Starting Murano-engine container
+  docker:
+    docker_api_version: "{{ docker_api_version }}"
+    net: host
+    pull: "{{ docker_pull_policy }}"
+    restart_policy: "{{ docker_restart_policy }}"
+    restart_policy_retry: "{{ docker_restart_policy_retry }}"
+    state: reloaded
+    registry: "{{ docker_registry }}"
+    username: "{{ docker_registry_username }}"
+    password: "{{ docker_registry_password }}"
+    insecure_registry: "{{ docker_insecure_registry }}"
+    name: murano_engine
+    image: "{{ murano_engine_image_full }}"
+    volumes: "{{ node_config_directory }}/murano-engine/:/opt/kolla/murano-engine/:ro"
+    volumes_from:
+    env:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+  when: inventory_hostname in groups['murano-engine']
+
+- name: Starting Murano-api container
+  docker:
+    docker_api_version: "{{ docker_api_version }}"
+    net: host
+    pull: "{{ docker_pull_policy }}"
+    restart_policy: "{{ docker_restart_policy }}"
+    restart_policy_retry: "{{ docker_restart_policy_retry }}"
+    state: reloaded
+    registry: "{{ docker_registry }}"
+    username: "{{ docker_registry_username }}"
+    password: "{{ docker_registry_password }}"
+    insecure_registry: "{{ docker_insecure_registry }}"
+    name: murano_api
+    image: "{{ murano_api_image_full }}"
+    volumes: "{{ node_config_directory }}/murano-api/:/opt/kolla/murano-api/:ro"
+    env:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+  when: inventory_hostname in groups['murano-api']

ansible/roles/murano/templates/murano.conf.j2

@@ -0,0 +1,36 @@
+[DEFAULT]
+verbose = {{ openstack_logging_verbose }}
+debug = {{ openstack_logging_debug }}
+
+rabbit_host = {{ kolla_internal_address }}
+rabbit_userid = {{ rabbitmq_user }}
+rabbit_password = {{ rabbitmq_password }}
+notification_driver = noop
+
+{% if service_name == 'murano-api' %}
+bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+bind_port = {{ murano_api_port }}
+{% endif %}
+
+[database]
+connection = mysql://{{ murano_database_user }}:{{ murano_database_password }}@{{ murano_database_address }}/{{ murano_database_name }}
+
+[keystone_authtoken]
+auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }}
+auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }}
+auth_plugin = password
+project_domain_id = default
+user_domain_id = default
+project_name = service
+username = {{ murano_keystone_user }}
+password = {{ murano_keystone_password }}
+
+[murano]
+url = http://{{ kolla_internal_address }}:{{ murano_api_port }}
+
+{% if service_name == 'murano-engine' %}
+[rabbitmq]
+host = {{ kolla_internal_address }}
+login = {{ rabbitmq_user }}
+password = {{ rabbitmq_password }}
+{% endif %}

ansible/site.yml

@@ -42,3 +42,7 @@
 - hosts: horizon
   roles:
     - { role: horizon, tags: horizon, when: enable_horizon | bool }
+
+- hosts: [murano-api, murano-engine]
+  roles:
+    - { role: murano, tags: murano, when: enable_murano | bool }

docker/murano/murano-api/config-external.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-SOURCE="/opt/kolla/murano/murano.conf"
+SOURCE="/opt/kolla/murano-api/murano.conf"
 TARGET="/etc/murano/murano.conf"
 OWNER="murano"
 

docker/murano/murano-engine/config-external.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-SOURCE="/opt/kolla/murano/murano.conf"
+SOURCE="/opt/kolla/murano-engine/murano.conf"
 TARGET="/etc/murano/murano.conf"
 OWNER="murano"
 

etc/kolla/passwords.yml

@@ -43,6 +43,9 @@ heat_database_password: "password"
 heat_keystone_password: "password"
 heat_domain_admin_password: "password"
 
+murano_database_password: "password"
+murano_keystone_password: "password"
+
 ####################
 # RabbitMQ options
 ####################