diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 34985a0594..6df5c7ba96 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -99,6 +99,7 @@ swift_container_server_port: "6002" heat_api_port: "8004" heat_api_cfn_port: "8000" +murano_api_port: "8082" #################### # Openstack options @@ -140,6 +141,7 @@ enable_cinder: "no" enable_heat: "yes" enable_horizon: "yes" enable_swift: "no" +enable_murano: "no" #################### diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one index e762078b1b..8b782f72ac 100644 --- a/ansible/inventory/all-in-one +++ b/ansible/inventory/all-in-one @@ -51,6 +51,9 @@ control [heat:children] control +[murano:children] +control + # Additional control implemented here. These groups allow you to control which # services run on which hosts at a per-service level. @@ -124,3 +127,10 @@ heat [heat-engine:children] heat + +# Murano +[murano-api:children] +murano + +[murano-engine:children] +murano diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode index 1d4e1fb7fd..f6ce047a7f 100644 --- a/ansible/inventory/multinode +++ b/ansible/inventory/multinode @@ -59,6 +59,9 @@ control [heat:children] control +[murano:children] +control + # Additional control implemented here. These groups allow you to control which # services run on which hosts at a per-service level. @@ -132,3 +135,10 @@ heat [heat-engine:children] heat + +# Murano +[murano-api:children] +murano + +[murano-engine:children] +murano diff --git a/ansible/roles/murano/defaults/main.yml b/ansible/roles/murano/defaults/main.yml new file mode 100644 index 0000000000..45ac3dd73a --- /dev/null +++ b/ansible/roles/murano/defaults/main.yml @@ -0,0 +1,36 @@ +--- +project_name: "murano" + +#################### +# Database +#################### +murano_database_name: "murano" +murano_database_user: "murano" +murano_database_address: "{{ kolla_internal_address }}" + + +#################### +# Docker +#################### +murano_engine_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-murano-engine" +murano_engine_tag: "{{ openstack_release }}" +murano_engine_image_full: "{{ murano_engine_image }}:{{ murano_engine_tag }}" + +murano_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-murano-api" +murano_api_tag: "{{ openstack_release }}" +murano_api_image_full: "{{ murano_api_image }}:{{ murano_api_tag }}" + + +#################### +# Openstack +#################### +murano_public_address: "{{ kolla_external_address }}" +murano_admin_address: "{{ kolla_internal_address }}" +murano_internal_address: "{{ kolla_internal_address }}" + +murano_logging_verbose: "{{ openstack_logging_verbose }}" +murano_logging_debug: "{{ openstack_logging_debug }}" + +murano_keystone_user: "murano" + +openstack_murano_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}" diff --git a/ansible/roles/murano/meta/main.yml b/ansible/roles/murano/meta/main.yml new file mode 100644 index 0000000000..6b4fff8fef --- /dev/null +++ b/ansible/roles/murano/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - { role: common } diff --git a/ansible/roles/murano/tasks/bootstrap.yml b/ansible/roles/murano/tasks/bootstrap.yml new file mode 100644 index 0000000000..69eca17529 --- /dev/null +++ b/ansible/roles/murano/tasks/bootstrap.yml @@ -0,0 +1,63 @@ +--- +- name: Creating Murano database + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m mysql_db + -a "login_host='{{ database_address }}' + login_user='{{ database_user }}' + login_port='{{ mariadb_port }}' + login_password='{{ database_password }}' + name='{{ murano_database_name }}'" + register: database + changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + failed_when: database.stdout.split()[2] != 'SUCCESS' + run_once: True + +- name: Creating Murano database user and setting permissions + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m mysql_user + -a "login_host='{{ database_address }}' + login_user='{{ database_user }}' + login_password='{{ database_password }}' + name='{{ murano_database_name }}' + password='{{ murano_database_password }}' + host='%' + priv='{{ murano_database_name }}.*:ALL' + append_privs='yes'" + register: database_user_create + changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database_user_create.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + failed_when: database_user_create.stdout.split()[2] != 'SUCCESS' + run_once: True + +- name: Starting Murano bootstrap container + docker: + detach: False + docker_api_version: "{{ docker_api_version }}" + net: host + pull: "{{ docker_pull_policy }}" + restart_policy: "no" + state: reloaded + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + insecure_registry: "{{ docker_insecure_registry }}" + name: bootstrap_murano + image: "{{ murano_api_image_full }}" + volumes: "{{ node_config_directory }}/murano-api/:/opt/kolla/murano-api/:ro" + env: + KOLLA_BOOTSTRAP: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + run_once: True + when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed + +# https://github.com/ansible/ansible-modules-core/pull/1031 +- name: Waiting for bootstrap container to exit + command: docker wait bootstrap_murano + run_once: True + when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed + +- name: Cleaning up Murano boostrap container + docker: + name: bootstrap_murano + image: "{{ murano_api_image_full }}" + state: absent + when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed diff --git a/ansible/roles/murano/tasks/config.yml b/ansible/roles/murano/tasks/config.yml new file mode 100644 index 0000000000..2398f81968 --- /dev/null +++ b/ansible/roles/murano/tasks/config.yml @@ -0,0 +1,40 @@ +--- +- include: ../../config.yml + vars: + service_name: "murano-engine" + config_source: + - "roles/{{ project_name }}/templates/murano.conf.j2" + - "/etc/kolla/config/global.conf" + - "/etc/kolla/config/database.conf" + - "/etc/kolla/config/messaging.conf" + - "/etc/kolla/config/{{ project_name }}.conf" + - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf" + config_template_dest: + - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal" + - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global" + - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database" + - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging" + - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment" + - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment" + config_dest: "{{ node_config_directory }}/{{ service_name }}/murano.conf" + when: inventory_hostname in groups['murano-engine'] + +- include: ../../config.yml + vars: + service_name: "murano-api" + config_source: + - "roles/{{ project_name }}/templates/murano.conf.j2" + - "/etc/kolla/config/global.conf" + - "/etc/kolla/config/database.conf" + - "/etc/kolla/config/messaging.conf" + - "/etc/kolla/config/{{ project_name }}.conf" + - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf" + config_template_dest: + - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal" + - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global" + - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database" + - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging" + - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment" + - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment" + config_dest: "{{ node_config_directory }}/{{ service_name }}/murano.conf" + when: inventory_hostname in groups['murano-api'] diff --git a/ansible/roles/murano/tasks/main.yml b/ansible/roles/murano/tasks/main.yml new file mode 100644 index 0000000000..5c48120b7c --- /dev/null +++ b/ansible/roles/murano/tasks/main.yml @@ -0,0 +1,8 @@ +--- +- include: register.yml + +- include: config.yml + +- include: bootstrap.yml + +- include: start.yml diff --git a/ansible/roles/murano/tasks/register.yml b/ansible/roles/murano/tasks/register.yml new file mode 100644 index 0000000000..c1ea88daf1 --- /dev/null +++ b/ansible/roles/murano/tasks/register.yml @@ -0,0 +1,37 @@ +--- +- name: Creating the Murano service and endpoint + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m kolla_keystone_service + -a "service_name=murano + service_type=application_catalog + description='Openstack Application Catalogue' + endpoint_region={{ openstack_region_name }} + admin_url='http://{{ kolla_internal_address }}:{{ murano_api_port }}' + internal_url='http://{{ kolla_internal_address }}:{{ murano_api_port }}' + public_url='http://{{ kolla_external_address }}:{{ murano_api_port }}' + region_name={{ openstack_region_name }} + auth={{ '{{ openstack_murano_auth }}' }}" + -e "{'openstack_murano_auth':{{ openstack_murano_auth }}}" + register: murano_endpoint + changed_when: "{{ murano_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (murano_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + until: murano_endpoint.stdout.split()[2] == 'SUCCESS' + retries: 10 + delay: 5 + run_once: True + +- name: Creating the Murano project, user, and role + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m kolla_keystone_user + -a "project=service + user=murano + password={{ murano_keystone_password }} + role=admin + region_name={{ openstack_region_name }} + auth={{ '{{ openstack_murano_auth }}' }}" + -e "{'openstack_murano_auth':{{ openstack_murano_auth }}}" + register: murano_user + changed_when: "{{ murano_user.stdout.find('localhost | SUCCESS => ') != -1 and (murano_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + until: murano_user.stdout.split()[2] == 'SUCCESS' + retries: 10 + delay: 5 + run_once: True diff --git a/ansible/roles/murano/tasks/start.yml b/ansible/roles/murano/tasks/start.yml new file mode 100644 index 0000000000..c857ef0fbd --- /dev/null +++ b/ansible/roles/murano/tasks/start.yml @@ -0,0 +1,39 @@ +--- +- name: Starting Murano-engine container + docker: + docker_api_version: "{{ docker_api_version }}" + net: host + pull: "{{ docker_pull_policy }}" + restart_policy: "{{ docker_restart_policy }}" + restart_policy_retry: "{{ docker_restart_policy_retry }}" + state: reloaded + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + insecure_registry: "{{ docker_insecure_registry }}" + name: murano_engine + image: "{{ murano_engine_image_full }}" + volumes: "{{ node_config_directory }}/murano-engine/:/opt/kolla/murano-engine/:ro" + volumes_from: + env: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + when: inventory_hostname in groups['murano-engine'] + +- name: Starting Murano-api container + docker: + docker_api_version: "{{ docker_api_version }}" + net: host + pull: "{{ docker_pull_policy }}" + restart_policy: "{{ docker_restart_policy }}" + restart_policy_retry: "{{ docker_restart_policy_retry }}" + state: reloaded + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + insecure_registry: "{{ docker_insecure_registry }}" + name: murano_api + image: "{{ murano_api_image_full }}" + volumes: "{{ node_config_directory }}/murano-api/:/opt/kolla/murano-api/:ro" + env: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + when: inventory_hostname in groups['murano-api'] diff --git a/ansible/roles/murano/templates/murano.conf.j2 b/ansible/roles/murano/templates/murano.conf.j2 new file mode 100644 index 0000000000..85b1fea64f --- /dev/null +++ b/ansible/roles/murano/templates/murano.conf.j2 @@ -0,0 +1,36 @@ +[DEFAULT] +verbose = {{ openstack_logging_verbose }} +debug = {{ openstack_logging_debug }} + +rabbit_host = {{ kolla_internal_address }} +rabbit_userid = {{ rabbitmq_user }} +rabbit_password = {{ rabbitmq_password }} +notification_driver = noop + +{% if service_name == 'murano-api' %} +bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +bind_port = {{ murano_api_port }} +{% endif %} + +[database] +connection = mysql://{{ murano_database_user }}:{{ murano_database_password }}@{{ murano_database_address }}/{{ murano_database_name }} + +[keystone_authtoken] +auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_plugin = password +project_domain_id = default +user_domain_id = default +project_name = service +username = {{ murano_keystone_user }} +password = {{ murano_keystone_password }} + +[murano] +url = http://{{ kolla_internal_address }}:{{ murano_api_port }} + +{% if service_name == 'murano-engine' %} +[rabbitmq] +host = {{ kolla_internal_address }} +login = {{ rabbitmq_user }} +password = {{ rabbitmq_password }} +{% endif %} diff --git a/ansible/site.yml b/ansible/site.yml index 6eeafed366..2be2ce7ff5 100755 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -42,3 +42,7 @@ - hosts: horizon roles: - { role: horizon, tags: horizon, when: enable_horizon | bool } + +- hosts: [murano-api, murano-engine] + roles: + - { role: murano, tags: murano, when: enable_murano | bool } diff --git a/docker/murano/murano-api/config-external.sh b/docker/murano/murano-api/config-external.sh index 5d9a2da497..ffcdaef0b9 100644 --- a/docker/murano/murano-api/config-external.sh +++ b/docker/murano/murano-api/config-external.sh @@ -1,5 +1,5 @@ #!/bin/bash -SOURCE="/opt/kolla/murano/murano.conf" +SOURCE="/opt/kolla/murano-api/murano.conf" TARGET="/etc/murano/murano.conf" OWNER="murano" diff --git a/docker/murano/murano-engine/config-external.sh b/docker/murano/murano-engine/config-external.sh index 5d9a2da497..af23e0e898 100644 --- a/docker/murano/murano-engine/config-external.sh +++ b/docker/murano/murano-engine/config-external.sh @@ -1,5 +1,5 @@ #!/bin/bash -SOURCE="/opt/kolla/murano/murano.conf" +SOURCE="/opt/kolla/murano-engine/murano.conf" TARGET="/etc/murano/murano.conf" OWNER="murano" diff --git a/etc/kolla/config/murano.conf b/etc/kolla/config/murano.conf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/etc/kolla/config/murano/murano-api.conf b/etc/kolla/config/murano/murano-api.conf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/etc/kolla/config/murano/murano-engine.conf b/etc/kolla/config/murano/murano-engine.conf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml index dacfcd6ee3..4785c6b56a 100644 --- a/etc/kolla/passwords.yml +++ b/etc/kolla/passwords.yml @@ -43,6 +43,9 @@ heat_database_password: "password" heat_keystone_password: "password" heat_domain_admin_password: "password" +murano_database_password: "password" +murano_keystone_password: "password" + #################### # RabbitMQ options ####################