Drop Murano
It's inactive and hasn't produced a 2024.1 release [1]. In addition to that, there's a CVE that hasn't really been patched [2]. Also drop outward_rabbitmq that was used only with Murano. [1]: https://governance.openstack.org/tc/reference/emerging-technology-and-inactive-projects.html#current-inactive-projects [2]: https://lists.openstack.org/archives/list/openstack-announce@lists.openstack.org/thread/4FYM6GSIM5WZSJQIG4TT5Q3UBKQIHLWX/ Change-Id: I691205730b0e10a42ce61f3340cc39ee51bd1010
This commit is contained in:
parent
b3f19f8146
commit
6c31bb676d
@ -58,7 +58,6 @@ Kolla Ansible deploys containers for the following OpenStack projects:
|
|||||||
- `Manila <https://docs.openstack.org/manila/latest/>`__
|
- `Manila <https://docs.openstack.org/manila/latest/>`__
|
||||||
- `Masakari <https://docs.openstack.org/masakari/latest/>`__ (deprecated)
|
- `Masakari <https://docs.openstack.org/masakari/latest/>`__ (deprecated)
|
||||||
- `Mistral <https://docs.openstack.org/mistral/latest/>`__
|
- `Mistral <https://docs.openstack.org/mistral/latest/>`__
|
||||||
- `Murano <https://docs.openstack.org/murano/latest/>`__
|
|
||||||
- `Neutron <https://docs.openstack.org/neutron/latest/>`__
|
- `Neutron <https://docs.openstack.org/neutron/latest/>`__
|
||||||
- `Nova <https://docs.openstack.org/nova/latest/>`__
|
- `Nova <https://docs.openstack.org/nova/latest/>`__
|
||||||
- `Octavia <https://docs.openstack.org/octavia/latest/>`__
|
- `Octavia <https://docs.openstack.org/octavia/latest/>`__
|
||||||
|
@ -494,12 +494,6 @@ mistral_api_port: "8989"
|
|||||||
mistral_api_public_port: "{{ haproxy_single_external_frontend_public_port if haproxy_single_external_frontend | bool else mistral_api_port }}"
|
mistral_api_public_port: "{{ haproxy_single_external_frontend_public_port if haproxy_single_external_frontend | bool else mistral_api_port }}"
|
||||||
mistral_api_listen_port: "{{ mistral_api_port }}"
|
mistral_api_listen_port: "{{ mistral_api_port }}"
|
||||||
|
|
||||||
murano_internal_fqdn: "{{ kolla_internal_fqdn }}"
|
|
||||||
murano_external_fqdn: "{{ kolla_external_fqdn }}"
|
|
||||||
murano_api_port: "8082"
|
|
||||||
murano_api_public_port: "{{ haproxy_single_external_frontend_public_port if haproxy_single_external_frontend | bool else murano_api_port }}"
|
|
||||||
murano_api_listen_port: "{{ murano_api_listen_port }}"
|
|
||||||
|
|
||||||
neutron_internal_fqdn: "{{ kolla_internal_fqdn }}"
|
neutron_internal_fqdn: "{{ kolla_internal_fqdn }}"
|
||||||
neutron_external_fqdn: "{{ kolla_external_fqdn }}"
|
neutron_external_fqdn: "{{ kolla_external_fqdn }}"
|
||||||
neutron_server_port: "9696"
|
neutron_server_port: "9696"
|
||||||
@ -550,12 +544,6 @@ ovn_sb_db_port: "6642"
|
|||||||
ovn_nb_connection: "{% for host in groups['ovn-nb-db'] %}tcp:{{ 'api' | kolla_address(host) | put_address_in_context('url') }}:{{ ovn_nb_db_port }}{% if not loop.last %},{% endif %}{% endfor %}"
|
ovn_nb_connection: "{% for host in groups['ovn-nb-db'] %}tcp:{{ 'api' | kolla_address(host) | put_address_in_context('url') }}:{{ ovn_nb_db_port }}{% if not loop.last %},{% endif %}{% endfor %}"
|
||||||
ovn_sb_connection: "{% for host in groups['ovn-sb-db'] %}tcp:{{ 'api' | kolla_address(host) | put_address_in_context('url') }}:{{ ovn_sb_db_port }}{% if not loop.last %},{% endif %}{% endfor %}"
|
ovn_sb_connection: "{% for host in groups['ovn-sb-db'] %}tcp:{{ 'api' | kolla_address(host) | put_address_in_context('url') }}:{{ ovn_sb_db_port }}{% if not loop.last %},{% endif %}{% endfor %}"
|
||||||
|
|
||||||
outward_rabbitmq_port: "5674"
|
|
||||||
outward_rabbitmq_management_port: "15674"
|
|
||||||
outward_rabbitmq_cluster_port: "25674"
|
|
||||||
outward_rabbitmq_epmd_port: "4371"
|
|
||||||
outward_rabbitmq_prometheus_port: "15694"
|
|
||||||
|
|
||||||
ovsdb_port: "6640"
|
ovsdb_port: "6640"
|
||||||
|
|
||||||
placement_internal_fqdn: "{{ kolla_internal_fqdn }}"
|
placement_internal_fqdn: "{{ kolla_internal_fqdn }}"
|
||||||
@ -744,7 +732,6 @@ enable_memcached: "yes"
|
|||||||
enable_neutron: "{{ enable_openstack_core | bool }}"
|
enable_neutron: "{{ enable_openstack_core | bool }}"
|
||||||
enable_nova: "{{ enable_openstack_core | bool }}"
|
enable_nova: "{{ enable_openstack_core | bool }}"
|
||||||
enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no' }}"
|
enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no' }}"
|
||||||
enable_outward_rabbitmq: "{{ enable_murano | bool }}"
|
|
||||||
|
|
||||||
# NOTE: Most memcached clients handle load-balancing via client side
|
# NOTE: Most memcached clients handle load-balancing via client side
|
||||||
# hashing (consistent or not) logic, so going under the covers and messing
|
# hashing (consistent or not) logic, so going under the covers and messing
|
||||||
@ -795,7 +782,6 @@ enable_horizon_magnum: "{{ enable_magnum | bool }}"
|
|||||||
enable_horizon_manila: "{{ enable_manila | bool }}"
|
enable_horizon_manila: "{{ enable_manila | bool }}"
|
||||||
enable_horizon_masakari: "{{ enable_masakari | bool }}"
|
enable_horizon_masakari: "{{ enable_masakari | bool }}"
|
||||||
enable_horizon_mistral: "{{ enable_mistral | bool }}"
|
enable_horizon_mistral: "{{ enable_mistral | bool }}"
|
||||||
enable_horizon_murano: "{{ enable_murano | bool }}"
|
|
||||||
enable_horizon_neutron_vpnaas: "{{ enable_neutron_vpnaas | bool }}"
|
enable_horizon_neutron_vpnaas: "{{ enable_neutron_vpnaas | bool }}"
|
||||||
enable_horizon_octavia: "{{ enable_octavia | bool }}"
|
enable_horizon_octavia: "{{ enable_octavia | bool }}"
|
||||||
enable_horizon_tacker: "{{ enable_tacker | bool }}"
|
enable_horizon_tacker: "{{ enable_tacker | bool }}"
|
||||||
@ -823,7 +809,6 @@ enable_masakari_instancemonitor: "{{ enable_masakari | bool }}"
|
|||||||
enable_masakari_hostmonitor: "{{ enable_masakari | bool }}"
|
enable_masakari_hostmonitor: "{{ enable_masakari | bool }}"
|
||||||
enable_mistral: "no"
|
enable_mistral: "no"
|
||||||
enable_multipathd: "no"
|
enable_multipathd: "no"
|
||||||
enable_murano: "no"
|
|
||||||
enable_neutron_vpnaas: "no"
|
enable_neutron_vpnaas: "no"
|
||||||
enable_neutron_sriov: "no"
|
enable_neutron_sriov: "no"
|
||||||
enable_neutron_mlnx: "no"
|
enable_neutron_mlnx: "no"
|
||||||
@ -873,7 +858,6 @@ ironic_keystone_user: "ironic"
|
|||||||
neutron_keystone_user: "neutron"
|
neutron_keystone_user: "neutron"
|
||||||
nova_keystone_user: "nova"
|
nova_keystone_user: "nova"
|
||||||
placement_keystone_user: "placement"
|
placement_keystone_user: "placement"
|
||||||
murano_keystone_user: "murano"
|
|
||||||
cinder_keystone_user: "cinder"
|
cinder_keystone_user: "cinder"
|
||||||
glance_keystone_user: "glance"
|
glance_keystone_user: "glance"
|
||||||
|
|
||||||
@ -924,8 +908,6 @@ osprofiler_backend_connection_string: "{{ redis_connection_string if osprofiler_
|
|||||||
####################
|
####################
|
||||||
rabbitmq_user: "openstack"
|
rabbitmq_user: "openstack"
|
||||||
rabbitmq_monitoring_user: ""
|
rabbitmq_monitoring_user: ""
|
||||||
outward_rabbitmq_user: "openstack"
|
|
||||||
outward_rabbitmq_external_fqdn: "{{ kolla_external_fqdn }}"
|
|
||||||
# Whether to enable TLS encryption for RabbitMQ client-server communication.
|
# Whether to enable TLS encryption for RabbitMQ client-server communication.
|
||||||
rabbitmq_enable_tls: "no"
|
rabbitmq_enable_tls: "no"
|
||||||
# CA certificate bundle in RabbitMQ container.
|
# CA certificate bundle in RabbitMQ container.
|
||||||
@ -1155,17 +1137,10 @@ nova_console: "novnc"
|
|||||||
#######################
|
#######################
|
||||||
nova_database_shard_id: "{{ mariadb_default_database_shard_id | int }}"
|
nova_database_shard_id: "{{ mariadb_default_database_shard_id | int }}"
|
||||||
|
|
||||||
#######################
|
|
||||||
# Murano options
|
|
||||||
#######################
|
|
||||||
murano_agent_rabbitmq_vhost: "muranoagent"
|
|
||||||
murano_agent_rabbitmq_user: "muranoagent"
|
|
||||||
|
|
||||||
|
|
||||||
#######################
|
#######################
|
||||||
# Horizon options
|
# Horizon options
|
||||||
#######################
|
#######################
|
||||||
horizon_backend_database: "{{ enable_murano | bool }}"
|
horizon_backend_database: false
|
||||||
horizon_keystone_multidomain: False
|
horizon_keystone_multidomain: False
|
||||||
|
|
||||||
# Enable deploying custom horizon policy files for services that don't have a
|
# Enable deploying custom horizon policy files for services that don't have a
|
||||||
|
@ -65,9 +65,6 @@ control
|
|||||||
[rabbitmq:children]
|
[rabbitmq:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
[outward-rabbitmq:children]
|
|
||||||
control
|
|
||||||
|
|
||||||
[keystone:children]
|
[keystone:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
@ -106,9 +103,6 @@ control
|
|||||||
[heat:children]
|
[heat:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
[murano:children]
|
|
||||||
control
|
|
||||||
|
|
||||||
[ironic:children]
|
[ironic:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
@ -355,13 +349,6 @@ heat
|
|||||||
[heat-engine:children]
|
[heat-engine:children]
|
||||||
heat
|
heat
|
||||||
|
|
||||||
# Murano
|
|
||||||
[murano-api:children]
|
|
||||||
murano
|
|
||||||
|
|
||||||
[murano-engine:children]
|
|
||||||
murano
|
|
||||||
|
|
||||||
# Ironic
|
# Ironic
|
||||||
[ironic-api:children]
|
[ironic-api:children]
|
||||||
ironic
|
ironic
|
||||||
|
@ -89,9 +89,6 @@ control
|
|||||||
[rabbitmq:children]
|
[rabbitmq:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
[outward-rabbitmq:children]
|
|
||||||
control
|
|
||||||
|
|
||||||
[keystone:children]
|
[keystone:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
@ -130,9 +127,6 @@ control
|
|||||||
[heat:children]
|
[heat:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
[murano:children]
|
|
||||||
control
|
|
||||||
|
|
||||||
[ironic:children]
|
[ironic:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
@ -364,13 +358,6 @@ heat
|
|||||||
[heat-engine:children]
|
[heat-engine:children]
|
||||||
heat
|
heat
|
||||||
|
|
||||||
# Murano
|
|
||||||
[murano-api:children]
|
|
||||||
murano
|
|
||||||
|
|
||||||
[murano-engine:children]
|
|
||||||
murano
|
|
||||||
|
|
||||||
# Ironic
|
# Ironic
|
||||||
[ironic-api:children]
|
[ironic-api:children]
|
||||||
ironic
|
ironic
|
||||||
|
@ -68,72 +68,3 @@
|
|||||||
vars:
|
vars:
|
||||||
role_rabbitmq_cluster_cookie: '{{ rabbitmq_cluster_cookie }}'
|
role_rabbitmq_cluster_cookie: '{{ rabbitmq_cluster_cookie }}'
|
||||||
role_rabbitmq_groups: rabbitmq
|
role_rabbitmq_groups: rabbitmq
|
||||||
|
|
||||||
- name: Apply role rabbitmq (outward)
|
|
||||||
gather_facts: false
|
|
||||||
hosts:
|
|
||||||
- outward-rabbitmq
|
|
||||||
- '&enable_outward_rabbitmq_True'
|
|
||||||
max_fail_percentage: >-
|
|
||||||
{{ rabbitmq_max_fail_percentage |
|
|
||||||
default(kolla_max_fail_percentage) |
|
|
||||||
default(100) }}
|
|
||||||
tags:
|
|
||||||
- rabbitmq
|
|
||||||
tasks:
|
|
||||||
- import_role:
|
|
||||||
name: rabbitmq
|
|
||||||
vars:
|
|
||||||
project_name: outward_rabbitmq
|
|
||||||
role_rabbitmq_cluster_cookie: '{{ outward_rabbitmq_cluster_cookie }}'
|
|
||||||
role_rabbitmq_cluster_port: '{{ outward_rabbitmq_cluster_port }}'
|
|
||||||
role_rabbitmq_epmd_port: '{{ outward_rabbitmq_epmd_port }}'
|
|
||||||
role_rabbitmq_groups: outward-rabbitmq
|
|
||||||
role_rabbitmq_management_port: '{{ outward_rabbitmq_management_port }}'
|
|
||||||
role_rabbitmq_password: '{{ outward_rabbitmq_password }}'
|
|
||||||
role_rabbitmq_port: '{{ outward_rabbitmq_port }}'
|
|
||||||
role_rabbitmq_prometheus_port: '{{ outward_rabbitmq_prometheus_port }}'
|
|
||||||
role_rabbitmq_user: '{{ outward_rabbitmq_user }}'
|
|
||||||
|
|
||||||
- name: Restart rabbitmq (outward) services
|
|
||||||
gather_facts: false
|
|
||||||
hosts:
|
|
||||||
- outward_rabbitmq_restart
|
|
||||||
- '&enable_outward_rabbitmq_True'
|
|
||||||
# Restart in batches
|
|
||||||
serial: "33%"
|
|
||||||
max_fail_percentage: >-
|
|
||||||
{{ rabbitmq_max_fail_percentage |
|
|
||||||
default(kolla_max_fail_percentage) |
|
|
||||||
default(100) }}
|
|
||||||
tags:
|
|
||||||
- rabbitmq
|
|
||||||
tasks:
|
|
||||||
- import_role:
|
|
||||||
name: rabbitmq
|
|
||||||
tasks_from: restart_services.yml
|
|
||||||
vars:
|
|
||||||
project_name: outward_rabbitmq
|
|
||||||
role_rabbitmq_cluster_cookie: '{{ outward_rabbitmq_cluster_cookie }}'
|
|
||||||
role_rabbitmq_groups: outward-rabbitmq
|
|
||||||
|
|
||||||
- name: Apply rabbitmq (outward) post-configuration
|
|
||||||
gather_facts: false
|
|
||||||
hosts:
|
|
||||||
- outward-rabbitmq
|
|
||||||
- '&enable_outward_rabbitmq_True'
|
|
||||||
max_fail_percentage: >-
|
|
||||||
{{ rabbitmq_max_fail_percentage |
|
|
||||||
default(kolla_max_fail_percentage) |
|
|
||||||
default(100) }}
|
|
||||||
tags:
|
|
||||||
- rabbitmq
|
|
||||||
tasks:
|
|
||||||
- name: Include rabbitmq (outward) post-deploy.yml
|
|
||||||
include_role:
|
|
||||||
name: rabbitmq
|
|
||||||
when: kolla_action in ['deploy', 'reconfigure']
|
|
||||||
vars:
|
|
||||||
project_name: outward_rabbitmq
|
|
||||||
role_rabbitmq_cluster_cookie: '{{ outward_rabbitmq_cluster_cookie }}'
|
|
||||||
role_rabbitmq_groups: outward-rabbitmq
|
|
||||||
|
@ -176,8 +176,6 @@ fluentd_input_openstack_services:
|
|||||||
enabled: "{{ enable_masakari | bool }}"
|
enabled: "{{ enable_masakari | bool }}"
|
||||||
- name: mistral
|
- name: mistral
|
||||||
enabled: "{{ enable_mistral | bool }}"
|
enabled: "{{ enable_mistral | bool }}"
|
||||||
- name: murano
|
|
||||||
enabled: "{{ enable_murano | bool }}"
|
|
||||||
- name: neutron
|
- name: neutron
|
||||||
enabled: "{{ enable_neutron | bool }}"
|
enabled: "{{ enable_neutron | bool }}"
|
||||||
- name: nova
|
- name: nova
|
||||||
|
@ -240,7 +240,6 @@
|
|||||||
- { name: "mariadb", enabled: "{{ enable_mariadb | bool }}" }
|
- { name: "mariadb", enabled: "{{ enable_mariadb | bool }}" }
|
||||||
- { name: "masakari", enabled: "{{ enable_masakari | bool }}" }
|
- { name: "masakari", enabled: "{{ enable_masakari | bool }}" }
|
||||||
- { name: "mistral", enabled: "{{ enable_mistral | bool }}" }
|
- { name: "mistral", enabled: "{{ enable_mistral | bool }}" }
|
||||||
- { name: "murano", enabled: "{{ enable_murano | bool }}" }
|
|
||||||
- { name: "neutron", enabled: "{{ enable_neutron | bool }}" }
|
- { name: "neutron", enabled: "{{ enable_neutron | bool }}" }
|
||||||
- { name: "neutron-tls-proxy", enabled: "{{ neutron_enable_tls_backend | bool }}" }
|
- { name: "neutron-tls-proxy", enabled: "{{ neutron_enable_tls_backend | bool }}" }
|
||||||
- { name: "nova", enabled: "{{ enable_nova | bool }}" }
|
- { name: "nova", enabled: "{{ enable_nova | bool }}" }
|
||||||
@ -248,7 +247,6 @@
|
|||||||
- { name: "octavia", enabled: "{{ enable_octavia | bool }}" }
|
- { name: "octavia", enabled: "{{ enable_octavia | bool }}" }
|
||||||
- { name: "opensearch", enabled: "{{ enable_opensearch | bool or enable_opensearch_dashboards | bool }}" }
|
- { name: "opensearch", enabled: "{{ enable_opensearch | bool or enable_opensearch_dashboards | bool }}" }
|
||||||
- { name: "openvswitch", enabled: "{{ enable_openvswitch | bool }}" }
|
- { name: "openvswitch", enabled: "{{ enable_openvswitch | bool }}" }
|
||||||
- { name: "outward-rabbitmq", enabled: "{{ enable_outward_rabbitmq | bool }}" }
|
|
||||||
- { name: "placement", enabled: "{{ enable_placement | bool }}" }
|
- { name: "placement", enabled: "{{ enable_placement | bool }}" }
|
||||||
- { name: "prometheus", enabled: "{{ enable_prometheus | bool }}" }
|
- { name: "prometheus", enabled: "{{ enable_prometheus | bool }}" }
|
||||||
- { name: "proxysql", enabled: "{{ enable_proxysql | bool }}" }
|
- { name: "proxysql", enabled: "{{ enable_proxysql | bool }}" }
|
||||||
|
@ -91,11 +91,6 @@
|
|||||||
pattern ^(trove-api|trove-conductor|trove-manage|trove-taskmanager)$
|
pattern ^(trove-api|trove-conductor|trove-manage|trove-taskmanager)$
|
||||||
tag openstack_python
|
tag openstack_python
|
||||||
</rule>
|
</rule>
|
||||||
<rule>
|
|
||||||
key programname
|
|
||||||
pattern ^(murano-api|murano-engine)$
|
|
||||||
tag openstack_python
|
|
||||||
</rule>
|
|
||||||
<rule>
|
<rule>
|
||||||
key programname
|
key programname
|
||||||
pattern ^(watcher-api|watcher-applier|watcher-db-manage|watcher-decision-engine)$
|
pattern ^(watcher-api|watcher-applier|watcher-db-manage|watcher-decision-engine)$
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
"/var/log/kolla/murano/*.log"
|
|
||||||
{
|
|
||||||
}
|
|
@ -1,3 +0,0 @@
|
|||||||
"/var/log/kolla/outward-rabbitmq/*.log"
|
|
||||||
{
|
|
||||||
}
|
|
@ -15,7 +15,6 @@ horizon_services:
|
|||||||
ENABLE_MANILA: "{{ 'yes' if enable_horizon_manila | bool else 'no' }}"
|
ENABLE_MANILA: "{{ 'yes' if enable_horizon_manila | bool else 'no' }}"
|
||||||
ENABLE_MASAKARI: "{{ 'yes' if enable_horizon_masakari | bool else 'no' }}"
|
ENABLE_MASAKARI: "{{ 'yes' if enable_horizon_masakari | bool else 'no' }}"
|
||||||
ENABLE_MISTRAL: "{{ 'yes' if enable_horizon_mistral | bool else 'no' }}"
|
ENABLE_MISTRAL: "{{ 'yes' if enable_horizon_mistral | bool else 'no' }}"
|
||||||
ENABLE_MURANO: "{{ 'yes' if enable_horizon_murano | bool else 'no' }}"
|
|
||||||
ENABLE_NEUTRON_VPNAAS: "{{ 'yes' if enable_horizon_neutron_vpnaas | bool else 'no' }}"
|
ENABLE_NEUTRON_VPNAAS: "{{ 'yes' if enable_horizon_neutron_vpnaas | bool else 'no' }}"
|
||||||
ENABLE_OCTAVIA: "{{ 'yes' if enable_horizon_octavia | bool else 'no' }}"
|
ENABLE_OCTAVIA: "{{ 'yes' if enable_horizon_octavia | bool else 'no' }}"
|
||||||
ENABLE_TACKER: "{{ 'yes' if enable_horizon_tacker | bool else 'no' }}"
|
ENABLE_TACKER: "{{ 'yes' if enable_horizon_tacker | bool else 'no' }}"
|
||||||
@ -125,7 +124,6 @@ horizon_default_volumes:
|
|||||||
- "{{ node_config_directory }}/horizon/:{{ container_config_directory }}/:ro"
|
- "{{ node_config_directory }}/horizon/:{{ container_config_directory }}/:ro"
|
||||||
- "{{ kolla_dev_repos_directory ~ '/horizon/horizon:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/horizon' if horizon_dev_mode | bool else '' }}"
|
- "{{ kolla_dev_repos_directory ~ '/horizon/horizon:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/horizon' if horizon_dev_mode | bool else '' }}"
|
||||||
- "{{ kolla_dev_repos_directory ~ '/horizon/openstack_dashboard:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/openstack_dashboard' if horizon_dev_mode | bool else '' }}"
|
- "{{ kolla_dev_repos_directory ~ '/horizon/openstack_dashboard:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/openstack_dashboard' if horizon_dev_mode | bool else '' }}"
|
||||||
- "{{ kolla_dev_repos_directory ~ '/murano-dashboard/muranodashboard:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/muranodashboard' if horizon_murano_dev_mode | bool else '' }}"
|
|
||||||
- "/etc/localtime:/etc/localtime:ro"
|
- "/etc/localtime:/etc/localtime:ro"
|
||||||
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
|
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
|
||||||
- "kolla_logs:/var/log/kolla/"
|
- "kolla_logs:/var/log/kolla/"
|
||||||
@ -151,13 +149,10 @@ horizon_wsgi_threads: 1
|
|||||||
# Kolla
|
# Kolla
|
||||||
####################
|
####################
|
||||||
horizon_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
|
horizon_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
|
||||||
murano_dashboard_git_repository: "{{ kolla_dev_repos_git }}/murano-dashboard"
|
|
||||||
|
|
||||||
horizon_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
|
horizon_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
|
||||||
horizon_dev_mode: "{{ kolla_dev_mode }}"
|
horizon_dev_mode: "{{ kolla_dev_mode }}"
|
||||||
horizon_murano_dev_mode: "{{ kolla_dev_mode }}"
|
|
||||||
horizon_source_version: "{{ kolla_source_version }}"
|
horizon_source_version: "{{ kolla_source_version }}"
|
||||||
horizon_murano_source_version: "{{ kolla_source_version }}"
|
|
||||||
|
|
||||||
# This variable was created for administrators to define which one of the Keystone's URLs should be configured in Horizon.
|
# This variable was created for administrators to define which one of the Keystone's URLs should be configured in Horizon.
|
||||||
# In some cases, such as when using OIDC, horizon will need to be configured with Keystone's public URL.
|
# In some cases, such as when using OIDC, horizon will need to be configured with Keystone's public URL.
|
||||||
|
@ -6,13 +6,3 @@
|
|||||||
dest: "{{ kolla_dev_repos_directory }}/{{ project_name }}"
|
dest: "{{ kolla_dev_repos_directory }}/{{ project_name }}"
|
||||||
update: "{{ horizon_dev_repos_pull }}"
|
update: "{{ horizon_dev_repos_pull }}"
|
||||||
version: "{{ horizon_source_version }}"
|
version: "{{ horizon_source_version }}"
|
||||||
|
|
||||||
- name: Cloning murano-dashboard source repositories for development
|
|
||||||
become: true
|
|
||||||
git:
|
|
||||||
repo: "{{ murano_dashboard_git_repository }}"
|
|
||||||
dest: "{{ kolla_dev_repos_directory }}/murano-dashboard"
|
|
||||||
update: "{{ horizon_dev_repos_pull }}"
|
|
||||||
version: "{{ horizon_murano_source_version }}"
|
|
||||||
when:
|
|
||||||
- horizon_murano_dev_mode | bool
|
|
||||||
|
@ -33,7 +33,6 @@
|
|||||||
- { name: "manila", enabled: "{{ enable_horizon_manila }}" }
|
- { name: "manila", enabled: "{{ enable_horizon_manila }}" }
|
||||||
- { name: "masakari", enabled: "{{ enable_horizon_masakari }}" }
|
- { name: "masakari", enabled: "{{ enable_horizon_masakari }}" }
|
||||||
- { name: "mistral", enabled: "{{ enable_horizon_mistral }}" }
|
- { name: "mistral", enabled: "{{ enable_horizon_mistral }}" }
|
||||||
- { name: "murano", enabled: "{{ enable_horizon_murano }}" }
|
|
||||||
- { name: "neutron", enabled: "{{ enable_neutron_horizon_policy_file }}" }
|
- { name: "neutron", enabled: "{{ enable_neutron_horizon_policy_file }}" }
|
||||||
- { name: "nova", enabled: "{{ enable_nova_horizon_policy_file }}" }
|
- { name: "nova", enabled: "{{ enable_nova_horizon_policy_file }}" }
|
||||||
- { name: "octavia", enabled: "{{ enable_horizon_octavia }}" }
|
- { name: "octavia", enabled: "{{ enable_horizon_octavia }}" }
|
||||||
|
@ -378,13 +378,3 @@ REST_API_REQUIRED_SETTINGS = [
|
|||||||
'OPENSTACK_KEYSTONE_DEFAULT_DOMAIN',
|
'OPENSTACK_KEYSTONE_DEFAULT_DOMAIN',
|
||||||
]
|
]
|
||||||
|
|
||||||
{% if enable_murano | bool and enable_barbican | bool %}
|
|
||||||
KEY_MANAGER = {
|
|
||||||
'auth_url': '{{ keystone_internal_url }}',
|
|
||||||
'username': '{{ murano_keystone_user }}',
|
|
||||||
'user_domain_name': '{{ default_project_domain_name }}',
|
|
||||||
'password': '{{ murano_keystone_password }}',
|
|
||||||
'project_name': 'service',
|
|
||||||
'project_domain_name': '{{ default_project_domain_name }}'
|
|
||||||
}
|
|
||||||
{% endif %}
|
|
||||||
|
@ -518,19 +518,6 @@
|
|||||||
- haproxy_stat.find('mistral_api') == -1
|
- haproxy_stat.find('mistral_api') == -1
|
||||||
- haproxy_vip_prechecks
|
- haproxy_vip_prechecks
|
||||||
|
|
||||||
- name: Checking free port for Murano API HAProxy
|
|
||||||
wait_for:
|
|
||||||
host: "{{ kolla_internal_vip_address }}"
|
|
||||||
port: "{{ murano_api_port }}"
|
|
||||||
connect_timeout: 1
|
|
||||||
timeout: 1
|
|
||||||
state: stopped
|
|
||||||
when:
|
|
||||||
- enable_murano | bool
|
|
||||||
- inventory_hostname in groups['loadbalancer']
|
|
||||||
- haproxy_stat.find('murano_api') == -1
|
|
||||||
- haproxy_vip_prechecks
|
|
||||||
|
|
||||||
- name: Checking free port for Neutron Server HAProxy
|
- name: Checking free port for Neutron Server HAProxy
|
||||||
wait_for:
|
wait_for:
|
||||||
host: "{{ kolla_internal_vip_address }}"
|
host: "{{ kolla_internal_vip_address }}"
|
||||||
@ -677,18 +664,6 @@
|
|||||||
- haproxy_stat.find('rabbitmq_management') == -1
|
- haproxy_stat.find('rabbitmq_management') == -1
|
||||||
- haproxy_vip_prechecks
|
- haproxy_vip_prechecks
|
||||||
|
|
||||||
- name: Checking free port for outward RabbitMQ Management HAProxy
|
|
||||||
wait_for:
|
|
||||||
host: "{{ kolla_internal_vip_address }}"
|
|
||||||
port: "{{ outward_rabbitmq_management_port }}"
|
|
||||||
connect_timeout: 1
|
|
||||||
state: stopped
|
|
||||||
when:
|
|
||||||
- enable_outward_rabbitmq | bool
|
|
||||||
- inventory_hostname in groups['loadbalancer']
|
|
||||||
- haproxy_stat.find('outward_rabbitmq_management') == -1
|
|
||||||
- haproxy_vip_prechecks
|
|
||||||
|
|
||||||
- name: Checking free port for Swift Proxy Server HAProxy
|
- name: Checking free port for Swift Proxy Server HAProxy
|
||||||
wait_for:
|
wait_for:
|
||||||
host: "{{ kolla_internal_vip_address }}"
|
host: "{{ kolla_internal_vip_address }}"
|
||||||
|
@ -1,140 +0,0 @@
|
|||||||
---
|
|
||||||
murano_services:
|
|
||||||
murano-api:
|
|
||||||
container_name: murano_api
|
|
||||||
group: murano-api
|
|
||||||
enabled: true
|
|
||||||
image: "{{ murano_api_image_full }}"
|
|
||||||
volumes: "{{ murano_api_default_volumes + murano_api_extra_volumes }}"
|
|
||||||
dimensions: "{{ murano_api_dimensions }}"
|
|
||||||
haproxy:
|
|
||||||
murano_api:
|
|
||||||
enabled: "{{ enable_murano }}"
|
|
||||||
mode: "http"
|
|
||||||
external: false
|
|
||||||
port: "{{ murano_api_port }}"
|
|
||||||
listen_port: "{{ murano_api_listen_port }}"
|
|
||||||
murano_api_external:
|
|
||||||
enabled: "{{ enable_murano }}"
|
|
||||||
mode: "http"
|
|
||||||
external: true
|
|
||||||
external_fqdn: "{{ murano_external_fqdn }}"
|
|
||||||
port: "{{ murano_api_public_port }}"
|
|
||||||
listen_port: "{{ murano_api_listen_port }}"
|
|
||||||
murano-engine:
|
|
||||||
container_name: murano_engine
|
|
||||||
group: murano-engine
|
|
||||||
enabled: true
|
|
||||||
image: "{{ murano_engine_image_full }}"
|
|
||||||
volumes: "{{ murano_engine_default_volumes + murano_engine_extra_volumes }}"
|
|
||||||
dimensions: "{{ murano_engine_dimensions }}"
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Config Validate
|
|
||||||
####################
|
|
||||||
murano_config_validation:
|
|
||||||
- generator: "/murano/etc/oslo-config-generator/murano.conf"
|
|
||||||
config: "/etc/murano/murano.conf"
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Database
|
|
||||||
####################
|
|
||||||
murano_database_name: "murano"
|
|
||||||
murano_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}murano{% endif %}"
|
|
||||||
murano_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}"
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Database sharding
|
|
||||||
####################
|
|
||||||
murano_database_shard_root_user: "{% if enable_proxysql | bool %}root_shard_{{ murano_database_shard_id }}{% else %}{{ database_user }}{% endif %}"
|
|
||||||
murano_database_shard_id: "{{ mariadb_default_database_shard_id | int }}"
|
|
||||||
murano_database_shard:
|
|
||||||
users:
|
|
||||||
- user: "{{ murano_database_user }}"
|
|
||||||
password: "{{ murano_database_password }}"
|
|
||||||
rules:
|
|
||||||
- schema: "{{ murano_database_name }}"
|
|
||||||
shard_id: "{{ murano_database_shard_id }}"
|
|
||||||
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Docker
|
|
||||||
####################
|
|
||||||
murano_tag: "{{ openstack_tag }}"
|
|
||||||
|
|
||||||
murano_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/murano-api"
|
|
||||||
murano_api_tag: "{{ murano_tag }}"
|
|
||||||
murano_api_image_full: "{{ murano_api_image }}:{{ murano_api_tag }}"
|
|
||||||
|
|
||||||
murano_engine_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/murano-engine"
|
|
||||||
murano_engine_tag: "{{ murano_tag }}"
|
|
||||||
murano_engine_image_full: "{{ murano_engine_image }}:{{ murano_engine_tag }}"
|
|
||||||
|
|
||||||
murano_api_dimensions: "{{ default_container_dimensions }}"
|
|
||||||
murano_engine_dimensions: "{{ default_container_dimensions }}"
|
|
||||||
|
|
||||||
murano_api_default_volumes:
|
|
||||||
- "{{ node_config_directory }}/murano-api/:{{ container_config_directory }}/:ro"
|
|
||||||
- "{{ kolla_dev_repos_directory ~ '/murano/murano:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/murano' if murano_dev_mode | bool else '' }}"
|
|
||||||
- "/etc/localtime:/etc/localtime:ro"
|
|
||||||
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
|
|
||||||
- "kolla_logs:/var/log/kolla/"
|
|
||||||
murano_engine_default_volumes:
|
|
||||||
- "{{ node_config_directory }}/murano-engine/:{{ container_config_directory }}/:ro"
|
|
||||||
- "{{ kolla_dev_repos_directory ~ '/murano/murano:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/murano' if murano_dev_mode | bool else '' }}"
|
|
||||||
- "/etc/localtime:/etc/localtime:ro"
|
|
||||||
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
|
|
||||||
- "kolla_logs:/var/log/kolla/"
|
|
||||||
|
|
||||||
murano_extra_volumes: "{{ default_extra_volumes }}"
|
|
||||||
murano_api_extra_volumes: "{{ murano_extra_volumes }}"
|
|
||||||
murano_engine_extra_volumes: "{{ murano_extra_volumes }}"
|
|
||||||
|
|
||||||
####################
|
|
||||||
# OpenStack
|
|
||||||
####################
|
|
||||||
murano_internal_endpoint: "{{ murano_internal_fqdn | kolla_url(internal_protocol, murano_api_port) }}"
|
|
||||||
murano_public_endpoint: "{{ murano_external_fqdn | kolla_url(public_protocol, murano_api_public_port) }}"
|
|
||||||
|
|
||||||
murano_logging_debug: "{{ openstack_logging_debug }}"
|
|
||||||
|
|
||||||
openstack_murano_auth: "{{ openstack_auth }}"
|
|
||||||
|
|
||||||
murano_agent_timeout: 3600
|
|
||||||
|
|
||||||
murano_engine_workers: "{{ openstack_service_workers }}"
|
|
||||||
murano_api_workers: "{{ openstack_service_workers }}"
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Kolla
|
|
||||||
####################
|
|
||||||
murano_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
|
|
||||||
murano_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
|
|
||||||
murano_dev_mode: "{{ kolla_dev_mode }}"
|
|
||||||
murano_source_version: "{{ kolla_source_version }}"
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Notifications
|
|
||||||
####################
|
|
||||||
murano_notification_topics:
|
|
||||||
- name: notifications
|
|
||||||
enabled: "{{ enable_ceilometer | bool }}"
|
|
||||||
|
|
||||||
murano_enabled_notification_topics: "{{ murano_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Keystone
|
|
||||||
####################
|
|
||||||
murano_ks_services:
|
|
||||||
- name: "murano"
|
|
||||||
type: "application-catalog"
|
|
||||||
description: "Openstack Application Catalogue"
|
|
||||||
endpoints:
|
|
||||||
- {'interface': 'internal', 'url': '{{ murano_internal_endpoint }}'}
|
|
||||||
- {'interface': 'public', 'url': '{{ murano_public_endpoint }}'}
|
|
||||||
|
|
||||||
murano_ks_users:
|
|
||||||
- project: "service"
|
|
||||||
user: "{{ murano_keystone_user }}"
|
|
||||||
password: "{{ murano_keystone_password }}"
|
|
||||||
role: "admin"
|
|
@ -1,31 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Restart murano-api container
|
|
||||||
vars:
|
|
||||||
service_name: "murano-api"
|
|
||||||
service: "{{ murano_services[service_name] }}"
|
|
||||||
become: true
|
|
||||||
kolla_container:
|
|
||||||
action: "recreate_or_restart_container"
|
|
||||||
common_options: "{{ docker_common_options }}"
|
|
||||||
name: "{{ service.container_name }}"
|
|
||||||
image: "{{ service.image }}"
|
|
||||||
volumes: "{{ service.volumes }}"
|
|
||||||
dimensions: "{{ service.dimensions }}"
|
|
||||||
when:
|
|
||||||
- kolla_action != "config"
|
|
||||||
|
|
||||||
- name: Restart murano-engine container
|
|
||||||
vars:
|
|
||||||
service_name: "murano-engine"
|
|
||||||
service: "{{ murano_services[service_name] }}"
|
|
||||||
become: true
|
|
||||||
kolla_container:
|
|
||||||
action: "recreate_or_restart_container"
|
|
||||||
common_options: "{{ docker_common_options }}"
|
|
||||||
name: "{{ service.container_name }}"
|
|
||||||
image: "{{ service.image }}"
|
|
||||||
privileged: "{{ service.privileged | default(False) }}"
|
|
||||||
volumes: "{{ service.volumes }}"
|
|
||||||
dimensions: "{{ service.dimensions }}"
|
|
||||||
when:
|
|
||||||
- kolla_action != "config"
|
|
@ -1,38 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Creating Murano database
|
|
||||||
become: true
|
|
||||||
kolla_toolbox:
|
|
||||||
container_engine: "{{ kolla_container_engine }}"
|
|
||||||
module_name: mysql_db
|
|
||||||
module_args:
|
|
||||||
login_host: "{{ database_address }}"
|
|
||||||
login_port: "{{ database_port }}"
|
|
||||||
login_user: "{{ murano_database_shard_root_user }}"
|
|
||||||
login_password: "{{ database_password }}"
|
|
||||||
name: "{{ murano_database_name }}"
|
|
||||||
run_once: True
|
|
||||||
delegate_to: "{{ groups['murano-api'][0] }}"
|
|
||||||
when:
|
|
||||||
- not use_preconfigured_databases | bool
|
|
||||||
|
|
||||||
- name: Creating Murano database user and setting permissions
|
|
||||||
become: true
|
|
||||||
kolla_toolbox:
|
|
||||||
container_engine: "{{ kolla_container_engine }}"
|
|
||||||
module_name: mysql_user
|
|
||||||
module_args:
|
|
||||||
login_host: "{{ database_address }}"
|
|
||||||
login_port: "{{ database_port }}"
|
|
||||||
login_user: "{{ murano_database_shard_root_user }}"
|
|
||||||
login_password: "{{ database_password }}"
|
|
||||||
name: "{{ murano_database_user }}"
|
|
||||||
password: "{{ murano_database_password }}"
|
|
||||||
host: "%"
|
|
||||||
priv: "{{ murano_database_name }}.*:ALL"
|
|
||||||
append_privs: "yes"
|
|
||||||
run_once: True
|
|
||||||
delegate_to: "{{ groups['murano-api'][0] }}"
|
|
||||||
when:
|
|
||||||
- not use_preconfigured_databases | bool
|
|
||||||
|
|
||||||
- import_tasks: bootstrap_service.yml
|
|
@ -1,21 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Running Murano bootstrap container
|
|
||||||
become: true
|
|
||||||
kolla_container:
|
|
||||||
action: "start_container"
|
|
||||||
common_options: "{{ docker_common_options }}"
|
|
||||||
detach: False
|
|
||||||
environment:
|
|
||||||
KOLLA_BOOTSTRAP:
|
|
||||||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
|
||||||
image: "{{ murano_api_image_full }}"
|
|
||||||
labels:
|
|
||||||
BOOTSTRAP:
|
|
||||||
name: "bootstrap_murano"
|
|
||||||
restart_policy: oneshot
|
|
||||||
volumes:
|
|
||||||
- "{{ node_config_directory }}/murano-api/:{{ container_config_directory }}/:ro"
|
|
||||||
- "/etc/localtime:/etc/localtime:ro"
|
|
||||||
- "kolla_logs:/var/log/kolla/"
|
|
||||||
run_once: True
|
|
||||||
delegate_to: "{{ groups['murano-api'][0] }}"
|
|
@ -1,16 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Check murano containers
|
|
||||||
become: true
|
|
||||||
kolla_container:
|
|
||||||
action: "compare_container"
|
|
||||||
common_options: "{{ docker_common_options }}"
|
|
||||||
name: "{{ item.value.container_name }}"
|
|
||||||
image: "{{ item.value.image }}"
|
|
||||||
volumes: "{{ item.value.volumes }}"
|
|
||||||
dimensions: "{{ item.value.dimensions }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- item.value.enabled | bool
|
|
||||||
with_dict: "{{ murano_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
@ -1 +0,0 @@
|
|||||||
---
|
|
@ -1,8 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Cloning source repositories for development
|
|
||||||
become: true
|
|
||||||
git:
|
|
||||||
repo: "{{ murano_git_repository }}"
|
|
||||||
dest: "{{ kolla_dev_repos_directory }}/{{ project_name }}"
|
|
||||||
update: "{{ murano_dev_repos_pull }}"
|
|
||||||
version: "{{ murano_source_version }}"
|
|
@ -1,82 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Ensuring config directories exist
|
|
||||||
file:
|
|
||||||
path: "{{ node_config_directory }}/{{ item.key }}"
|
|
||||||
state: "directory"
|
|
||||||
owner: "{{ config_owner_user }}"
|
|
||||||
group: "{{ config_owner_group }}"
|
|
||||||
mode: "0770"
|
|
||||||
become: true
|
|
||||||
when:
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- item.value.enabled | bool
|
|
||||||
with_dict: "{{ murano_services }}"
|
|
||||||
|
|
||||||
- name: Check if policies shall be overwritten
|
|
||||||
stat:
|
|
||||||
path: "{{ item }}"
|
|
||||||
delegate_to: localhost
|
|
||||||
run_once: True
|
|
||||||
register: murano_policy
|
|
||||||
with_first_found:
|
|
||||||
- files: "{{ supported_policy_format_list }}"
|
|
||||||
paths:
|
|
||||||
- "{{ node_custom_config }}/murano/"
|
|
||||||
skip: true
|
|
||||||
|
|
||||||
- name: Set murano policy file
|
|
||||||
set_fact:
|
|
||||||
murano_policy_file: "{{ murano_policy.results.0.stat.path | basename }}"
|
|
||||||
murano_policy_file_path: "{{ murano_policy.results.0.stat.path }}"
|
|
||||||
when:
|
|
||||||
- murano_policy.results
|
|
||||||
|
|
||||||
- include_tasks: copy-certs.yml
|
|
||||||
when:
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
|
||||||
template:
|
|
||||||
src: "{{ item.key }}.json.j2"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
|
||||||
mode: "0660"
|
|
||||||
become: true
|
|
||||||
when:
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- item.value.enabled | bool
|
|
||||||
with_dict: "{{ murano_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over murano.conf
|
|
||||||
vars:
|
|
||||||
service_name: "{{ item.key }}"
|
|
||||||
merge_configs:
|
|
||||||
sources:
|
|
||||||
- "{{ role_path }}/templates/murano.conf.j2"
|
|
||||||
- "{{ node_custom_config }}/global.conf"
|
|
||||||
- "{{ node_custom_config }}/murano.conf"
|
|
||||||
- "{{ node_custom_config }}/murano/{{ item.key }}.conf"
|
|
||||||
- "{{ node_custom_config }}/murano/{{ inventory_hostname }}/murano.conf"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/murano.conf"
|
|
||||||
mode: "0660"
|
|
||||||
become: true
|
|
||||||
when:
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- item.value.enabled | bool
|
|
||||||
with_dict: "{{ murano_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over existing policy file
|
|
||||||
template:
|
|
||||||
src: "{{ murano_policy_file_path }}"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ murano_policy_file }}"
|
|
||||||
mode: "0660"
|
|
||||||
when:
|
|
||||||
- murano_policy_file is defined
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- item.value.enabled | bool
|
|
||||||
with_dict: "{{ murano_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
@ -1,7 +0,0 @@
|
|||||||
---
|
|
||||||
- import_role:
|
|
||||||
name: service-config-validate
|
|
||||||
vars:
|
|
||||||
service_config_validate_services: "{{ murano_services }}"
|
|
||||||
service_name: "{{ project_name }}"
|
|
||||||
service_config_validation: "{{ murano_config_validation }}"
|
|
@ -1,6 +0,0 @@
|
|||||||
---
|
|
||||||
- name: "Copy certificates and keys for {{ project_name }}"
|
|
||||||
import_role:
|
|
||||||
role: service-cert-copy
|
|
||||||
vars:
|
|
||||||
project_services: "{{ murano_services }}"
|
|
@ -1,2 +0,0 @@
|
|||||||
---
|
|
||||||
- import_tasks: check-containers.yml
|
|
@ -1,17 +0,0 @@
|
|||||||
---
|
|
||||||
- import_tasks: register.yml
|
|
||||||
|
|
||||||
- import_tasks: config.yml
|
|
||||||
|
|
||||||
- import_tasks: check-containers.yml
|
|
||||||
|
|
||||||
- include_tasks: clone.yml
|
|
||||||
when:
|
|
||||||
- murano_dev_mode | bool
|
|
||||||
|
|
||||||
- import_tasks: bootstrap.yml
|
|
||||||
|
|
||||||
- name: Flush handlers
|
|
||||||
meta: flush_handlers
|
|
||||||
|
|
||||||
- import_tasks: import_library_packages.yml
|
|
@ -1,61 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Waiting for Murano API service to be ready on first node
|
|
||||||
wait_for:
|
|
||||||
host: "{{ api_interface_address }}"
|
|
||||||
port: "{{ murano_api_port }}"
|
|
||||||
connect_timeout: 1
|
|
||||||
timeout: 60
|
|
||||||
run_once: True
|
|
||||||
register: check_murano_port
|
|
||||||
until: check_murano_port is success
|
|
||||||
retries: 10
|
|
||||||
delay: 6
|
|
||||||
delegate_to: "{{ groups['murano-api'][0] }}"
|
|
||||||
|
|
||||||
- name: Checking if Murano core and applications library packages exist
|
|
||||||
become: true
|
|
||||||
command: >
|
|
||||||
{{ kolla_container_engine }} exec murano_api murano
|
|
||||||
--os-username {{ openstack_auth.username }}
|
|
||||||
--os-password {{ openstack_auth.password }}
|
|
||||||
--os-project-name {{ openstack_auth.project_name }}
|
|
||||||
{% if openstack_cacert != '' %}--os-cacert {{ openstack_cacert }}{% endif %}
|
|
||||||
--os-auth-url {{ openstack_auth.auth_url }}
|
|
||||||
--murano-url {{ murano_internal_endpoint }}
|
|
||||||
package-list
|
|
||||||
register: status
|
|
||||||
changed_when: False
|
|
||||||
run_once: True
|
|
||||||
delegate_to: "{{ groups['murano-api'][0] }}"
|
|
||||||
|
|
||||||
- name: Importing Murano core library package
|
|
||||||
become: true
|
|
||||||
command: >
|
|
||||||
{{ kolla_container_engine }} exec murano_api murano
|
|
||||||
--os-username {{ openstack_auth.username }}
|
|
||||||
--os-password {{ openstack_auth.password }}
|
|
||||||
--os-project-name {{ openstack_auth.project_name }}
|
|
||||||
{% if openstack_cacert != '' %}--os-cacert {{ openstack_cacert }}{% endif %}
|
|
||||||
--os-auth-url {{ openstack_auth.auth_url }}
|
|
||||||
--murano-url {{ murano_internal_endpoint }}
|
|
||||||
package-import --exists-action u --is-public /io.murano.zip
|
|
||||||
run_once: True
|
|
||||||
delegate_to: "{{ groups['murano-api'][0] }}"
|
|
||||||
when:
|
|
||||||
- status.stdout.find("io.murano") == -1 or kolla_action == "upgrade"
|
|
||||||
|
|
||||||
- name: Importing Murano applications library package
|
|
||||||
become: true
|
|
||||||
command: >
|
|
||||||
{{ kolla_container_engine }} exec murano_api murano
|
|
||||||
--os-username {{ openstack_auth.username }}
|
|
||||||
--os-password {{ openstack_auth.password }}
|
|
||||||
--os-project-name {{ openstack_auth.project_name }}
|
|
||||||
{% if openstack_cacert != '' %}--os-cacert {{ openstack_cacert }}{% endif %}
|
|
||||||
--os-auth-url {{ openstack_auth.auth_url }}
|
|
||||||
--murano-url {{ murano_internal_endpoint }}
|
|
||||||
package-import --exists-action u --is-public /io.murano.applications.zip
|
|
||||||
run_once: True
|
|
||||||
delegate_to: "{{ groups['murano-api'][0] }}"
|
|
||||||
when:
|
|
||||||
- status.stdout.find("io.murano.applications") == -1 or kolla_action == "upgrade"
|
|
@ -1,7 +0,0 @@
|
|||||||
---
|
|
||||||
- name: "Configure loadbalancer for {{ project_name }}"
|
|
||||||
import_role:
|
|
||||||
name: loadbalancer-config
|
|
||||||
vars:
|
|
||||||
project_services: "{{ murano_services }}"
|
|
||||||
tags: always
|
|
@ -1,2 +0,0 @@
|
|||||||
---
|
|
||||||
- include_tasks: "{{ kolla_action }}.yml"
|
|
@ -1,26 +0,0 @@
|
|||||||
---
|
|
||||||
- import_role:
|
|
||||||
name: service-precheck
|
|
||||||
vars:
|
|
||||||
service_precheck_services: "{{ murano_services }}"
|
|
||||||
service_name: "{{ project_name }}"
|
|
||||||
|
|
||||||
- name: Get container facts
|
|
||||||
become: true
|
|
||||||
kolla_container_facts:
|
|
||||||
container_engine: "{{ kolla_container_engine }}"
|
|
||||||
name:
|
|
||||||
- murano_api
|
|
||||||
check_mode: false
|
|
||||||
register: container_facts
|
|
||||||
|
|
||||||
- name: Checking free port for Murano API
|
|
||||||
wait_for:
|
|
||||||
host: "{{ api_interface_address }}"
|
|
||||||
port: "{{ murano_api_port }}"
|
|
||||||
connect_timeout: 1
|
|
||||||
timeout: 1
|
|
||||||
state: stopped
|
|
||||||
when:
|
|
||||||
- container_facts['murano_api'] is not defined
|
|
||||||
- inventory_hostname in groups['murano-api']
|
|
@ -1,3 +0,0 @@
|
|||||||
---
|
|
||||||
- import_role:
|
|
||||||
role: service-images-pull
|
|
@ -1,2 +0,0 @@
|
|||||||
---
|
|
||||||
- import_tasks: deploy.yml
|
|
@ -1,7 +0,0 @@
|
|||||||
---
|
|
||||||
- import_role:
|
|
||||||
name: service-ks-register
|
|
||||||
vars:
|
|
||||||
service_ks_register_auth: "{{ openstack_murano_auth }}"
|
|
||||||
service_ks_register_services: "{{ murano_ks_services }}"
|
|
||||||
service_ks_register_users: "{{ murano_ks_users }}"
|
|
@ -1,6 +0,0 @@
|
|||||||
---
|
|
||||||
- import_role:
|
|
||||||
name: service-stop
|
|
||||||
vars:
|
|
||||||
project_services: "{{ murano_services }}"
|
|
||||||
service_name: "{{ project_name }}"
|
|
@ -1,11 +0,0 @@
|
|||||||
---
|
|
||||||
- import_tasks: config.yml
|
|
||||||
|
|
||||||
- import_tasks: check-containers.yml
|
|
||||||
|
|
||||||
- import_tasks: bootstrap_service.yml
|
|
||||||
|
|
||||||
- name: Flush handlers
|
|
||||||
meta: flush_handlers
|
|
||||||
|
|
||||||
- import_tasks: import_library_packages.yml
|
|
@ -1,24 +0,0 @@
|
|||||||
{
|
|
||||||
"command": "murano-api --config-file /etc/murano/murano.conf",
|
|
||||||
"config_files": [
|
|
||||||
{
|
|
||||||
"source": "{{ container_config_directory }}/murano.conf",
|
|
||||||
"dest": "/etc/murano/murano.conf",
|
|
||||||
"owner": "murano",
|
|
||||||
"perm": "0600"
|
|
||||||
}{% if murano_policy_file is defined %},
|
|
||||||
{
|
|
||||||
"source": "{{ container_config_directory }}/{{ murano_policy_file }}",
|
|
||||||
"dest": "/etc/murano/{{ murano_policy_file }}",
|
|
||||||
"owner": "murano",
|
|
||||||
"perm": "0600"
|
|
||||||
}{% endif %}
|
|
||||||
],
|
|
||||||
"permissions": [
|
|
||||||
{
|
|
||||||
"path": "/var/log/kolla/murano",
|
|
||||||
"owner": "murano:murano",
|
|
||||||
"recurse": true
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
@ -1,24 +0,0 @@
|
|||||||
{
|
|
||||||
"command": "murano-engine --config-file /etc/murano/murano.conf",
|
|
||||||
"config_files": [
|
|
||||||
{
|
|
||||||
"source": "{{ container_config_directory }}/murano.conf",
|
|
||||||
"dest": "/etc/murano/murano.conf",
|
|
||||||
"owner": "murano",
|
|
||||||
"perm": "0600"
|
|
||||||
}{% if murano_policy_file is defined %},
|
|
||||||
{
|
|
||||||
"source": "{{ container_config_directory }}/{{ murano_policy_file }}",
|
|
||||||
"dest": "/etc/murano/{{ murano_policy_file }}",
|
|
||||||
"owner": "murano",
|
|
||||||
"perm": "0600"
|
|
||||||
}{% endif %}
|
|
||||||
],
|
|
||||||
"permissions": [
|
|
||||||
{
|
|
||||||
"path": "/var/log/kolla/murano",
|
|
||||||
"owner": "murano:murano",
|
|
||||||
"recurse": true
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
@ -1,119 +0,0 @@
|
|||||||
[DEFAULT]
|
|
||||||
debug = {{ murano_logging_debug }}
|
|
||||||
|
|
||||||
log_dir = /var/log/kolla/murano
|
|
||||||
|
|
||||||
{% if service_name == 'murano-api' %}
|
|
||||||
bind_host = {{ api_interface_address }}
|
|
||||||
bind_port = {{ murano_api_port }}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
transport_url = {{ rpc_transport_url }}
|
|
||||||
|
|
||||||
[engine]
|
|
||||||
engine_workers = {{ murano_engine_workers }}
|
|
||||||
agent_timeout = {{ murano_agent_timeout }}
|
|
||||||
|
|
||||||
[database]
|
|
||||||
connection = mysql+pymysql://{{ murano_database_user }}:{{ murano_database_password }}@{{ murano_database_address }}/{{ murano_database_name }}
|
|
||||||
connection_recycle_time = {{ database_connection_recycle_time }}
|
|
||||||
max_pool_size = {{ database_max_pool_size }}
|
|
||||||
max_retries = -1
|
|
||||||
|
|
||||||
[keystone_authtoken]
|
|
||||||
service_type = application-catalog
|
|
||||||
www_authenticate_uri = {{ keystone_internal_url }}
|
|
||||||
auth_url = {{ keystone_internal_url }}
|
|
||||||
auth_type = password
|
|
||||||
project_domain_id = {{ default_project_domain_id }}
|
|
||||||
user_domain_id = {{ default_user_domain_id }}
|
|
||||||
project_name = service
|
|
||||||
username = {{ murano_keystone_user }}
|
|
||||||
password = {{ murano_keystone_password }}
|
|
||||||
cafile = {{ openstack_cacert }}
|
|
||||||
region_name = {{ openstack_region_name }}
|
|
||||||
|
|
||||||
memcache_security_strategy = ENCRYPT
|
|
||||||
memcache_secret_key = {{ memcache_secret_key }}
|
|
||||||
memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
||||||
|
|
||||||
[murano_auth]
|
|
||||||
auth_uri = {{ keystone_internal_url }}
|
|
||||||
auth_url = {{ keystone_internal_url }}
|
|
||||||
auth_type = password
|
|
||||||
project_domain_name = {{ default_project_domain_name }}
|
|
||||||
user_domain_name = {{ default_user_domain_name }}
|
|
||||||
project_name = service
|
|
||||||
username = {{ murano_keystone_user }}
|
|
||||||
password = {{ murano_keystone_password }}
|
|
||||||
cafile = {{ openstack_cacert }}
|
|
||||||
|
|
||||||
[murano]
|
|
||||||
url = {{ murano_internal_endpoint }}
|
|
||||||
api_workers = {{ murano_api_workers }}
|
|
||||||
|
|
||||||
[oslo_messaging_notifications]
|
|
||||||
transport_url = {{ notify_transport_url }}
|
|
||||||
{% if murano_enabled_notification_topics %}
|
|
||||||
driver = messagingv2
|
|
||||||
topics = {{ murano_enabled_notification_topics | map(attribute='name') | join(',') }}
|
|
||||||
{% else %}
|
|
||||||
driver = noop
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
[oslo_messaging_rabbit]
|
|
||||||
heartbeat_in_pthread = false
|
|
||||||
{% if om_enable_rabbitmq_tls | bool %}
|
|
||||||
ssl = true
|
|
||||||
ssl_ca_file = {{ om_rabbitmq_cacert }}
|
|
||||||
{% endif %}
|
|
||||||
{% if om_enable_rabbitmq_high_availability | bool %}
|
|
||||||
amqp_durable_queues = true
|
|
||||||
{% endif %}
|
|
||||||
{% if om_enable_rabbitmq_quorum_queues | bool %}
|
|
||||||
rabbit_quorum_queue = true
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
[oslo_middleware]
|
|
||||||
enable_proxy_headers_parsing = True
|
|
||||||
|
|
||||||
{% if murano_policy_file is defined %}
|
|
||||||
[oslo_policy]
|
|
||||||
policy_file = {{ murano_policy_file }}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if service_name == 'murano-engine' %}
|
|
||||||
[rabbitmq]
|
|
||||||
host = {{ rabbitmq_external_fqdn }}
|
|
||||||
port = {{ outward_rabbitmq_port }}
|
|
||||||
login = {{ murano_agent_rabbitmq_user }}
|
|
||||||
password = {{ murano_agent_rabbitmq_password }}
|
|
||||||
virtual_host = {{ murano_agent_rabbitmq_vhost }}
|
|
||||||
|
|
||||||
{% if enable_barbican | bool %}
|
|
||||||
[key_manager]
|
|
||||||
auth_type = keystone_password
|
|
||||||
auth_url = {{ keystone_internal_url }}
|
|
||||||
username = {{ murano_keystone_user }}
|
|
||||||
password = {{ murano_keystone_password }}
|
|
||||||
user_domain_name = {{ default_project_domain_name }}
|
|
||||||
cafile = {{ openstack_cacert }}
|
|
||||||
region_name = {{ openstack_region_name }}
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
[neutron]
|
|
||||||
endpoint_type = internalURL
|
|
||||||
cafile = {{ openstack_cacert }}
|
|
||||||
|
|
||||||
[heat]
|
|
||||||
endpoint_type = internalURL
|
|
||||||
cafile = {{ openstack_cacert }}
|
|
||||||
|
|
||||||
[glance]
|
|
||||||
endpoint_type = internalURL
|
|
||||||
cafile = {{ openstack_cacert }}
|
|
||||||
|
|
||||||
[mistral]
|
|
||||||
endpoint_type = internalURL
|
|
||||||
cafile = {{ openstack_cacert }}
|
|
@ -1,2 +0,0 @@
|
|||||||
---
|
|
||||||
project_name: "murano"
|
|
@ -23,29 +23,6 @@ rabbitmq_services:
|
|||||||
mode: "http"
|
mode: "http"
|
||||||
port: "{{ rabbitmq_management_port }}"
|
port: "{{ rabbitmq_management_port }}"
|
||||||
host_group: "rabbitmq"
|
host_group: "rabbitmq"
|
||||||
rabbitmq_outward_management:
|
|
||||||
enabled: "{{ enable_outward_rabbitmq }}"
|
|
||||||
mode: "http"
|
|
||||||
port: "{{ outward_rabbitmq_management_port }}"
|
|
||||||
host_group: "outward-rabbitmq"
|
|
||||||
rabbitmq_outward_external:
|
|
||||||
enabled: "{{ enable_outward_rabbitmq }}"
|
|
||||||
mode: "tcp"
|
|
||||||
external: true
|
|
||||||
external_fqdn: "{{ outward_rabbitmq_external_fqdn }}"
|
|
||||||
port: "{{ outward_rabbitmq_port }}"
|
|
||||||
host_group: "outward-rabbitmq"
|
|
||||||
frontend_tcp_extra:
|
|
||||||
- "timeout client {{ haproxy_outward_rabbitmq_client_timeout }}"
|
|
||||||
backend_tcp_extra:
|
|
||||||
- "timeout server {{ haproxy_outward_rabbitmq_server_timeout }}"
|
|
||||||
|
|
||||||
####################
|
|
||||||
# HAProxy
|
|
||||||
####################
|
|
||||||
haproxy_outward_rabbitmq_client_timeout: "1h"
|
|
||||||
haproxy_outward_rabbitmq_server_timeout: "1h"
|
|
||||||
|
|
||||||
|
|
||||||
####################
|
####################
|
||||||
# Docker
|
# Docker
|
||||||
|
@ -11,7 +11,6 @@
|
|||||||
container_engine: "{{ kolla_container_engine }}"
|
container_engine: "{{ kolla_container_engine }}"
|
||||||
name:
|
name:
|
||||||
- rabbitmq
|
- rabbitmq
|
||||||
- outward_rabbitmq
|
|
||||||
check_mode: false
|
check_mode: false
|
||||||
register: container_facts
|
register: container_facts
|
||||||
|
|
||||||
@ -105,101 +104,6 @@
|
|||||||
- not kolla_externally_managed_cert | bool
|
- not kolla_externally_managed_cert | bool
|
||||||
- rabbitmq_enable_tls | bool
|
- rabbitmq_enable_tls | bool
|
||||||
|
|
||||||
- name: Checking free port for outward RabbitMQ
|
|
||||||
wait_for:
|
|
||||||
host: "{{ api_interface_address }}"
|
|
||||||
port: "{{ outward_rabbitmq_port }}"
|
|
||||||
connect_timeout: 1
|
|
||||||
state: stopped
|
|
||||||
when:
|
|
||||||
- enable_outward_rabbitmq | bool
|
|
||||||
- inventory_hostname in groups['outward-rabbitmq']
|
|
||||||
- container_facts['outward_rabbitmq'] is not defined
|
|
||||||
|
|
||||||
- name: Checking free port for outward RabbitMQ Management
|
|
||||||
wait_for:
|
|
||||||
host: "{{ api_interface_address }}"
|
|
||||||
port: "{{ outward_rabbitmq_management_port }}"
|
|
||||||
connect_timeout: 1
|
|
||||||
state: stopped
|
|
||||||
when:
|
|
||||||
- enable_outward_rabbitmq | bool
|
|
||||||
- inventory_hostname in groups['outward-rabbitmq']
|
|
||||||
- container_facts['outward_rabbitmq'] is not defined
|
|
||||||
|
|
||||||
- name: Checking free port for outward RabbitMQ Cluster
|
|
||||||
wait_for:
|
|
||||||
host: "{{ api_interface_address }}"
|
|
||||||
port: "{{ outward_rabbitmq_cluster_port }}"
|
|
||||||
connect_timeout: 1
|
|
||||||
state: stopped
|
|
||||||
when:
|
|
||||||
- enable_outward_rabbitmq | bool
|
|
||||||
- inventory_hostname in groups['outward-rabbitmq']
|
|
||||||
- container_facts['outward_rabbitmq'] is not defined
|
|
||||||
|
|
||||||
- name: Checking free port for outward RabbitMQ EPMD
|
|
||||||
wait_for:
|
|
||||||
host: "{{ api_interface_address }}"
|
|
||||||
port: "{{ outward_rabbitmq_epmd_port }}"
|
|
||||||
connect_timeout: 1
|
|
||||||
state: stopped
|
|
||||||
when:
|
|
||||||
- enable_outward_rabbitmq | bool
|
|
||||||
- inventory_hostname in groups['outward-rabbitmq']
|
|
||||||
- container_facts['outward_rabbitmq'] is not defined
|
|
||||||
|
|
||||||
- name: Check if all outward rabbit hostnames are resolvable
|
|
||||||
vars:
|
|
||||||
nss_database: "{{ 'ahostsv4' if api_address_family == 'ipv4' else 'ahostsv6' }}"
|
|
||||||
command: "getent {{ nss_database }} {{ hostvars[item].ansible_facts.hostname }}"
|
|
||||||
changed_when: false
|
|
||||||
check_mode: false
|
|
||||||
register: outward_rabbitmq_hostnames
|
|
||||||
with_items: "{{ groups['outward-rabbitmq'] }}"
|
|
||||||
when:
|
|
||||||
- enable_outward_rabbitmq | bool
|
|
||||||
|
|
||||||
- name: Check if each rabbit hostname resolves uniquely to the proper IP address
|
|
||||||
fail:
|
|
||||||
msg: Hostname has to resolve uniquely to the IP address of api_interface
|
|
||||||
with_subelements:
|
|
||||||
- "{{ outward_rabbitmq_hostnames.results }}"
|
|
||||||
- stdout_lines
|
|
||||||
when:
|
|
||||||
- enable_outward_rabbitmq | bool
|
|
||||||
- not item.1 is match('^'+('api' | kolla_address(item.0.item))+'\\b')
|
|
||||||
|
|
||||||
- name: Check if TLS certificate exists for outward RabbitMQ
|
|
||||||
assert:
|
|
||||||
that: cert | length > 0
|
|
||||||
fail_msg: No TLS certificate provided for outward RabbitMQ.
|
|
||||||
vars:
|
|
||||||
cert: "{{ query('first_found', paths, errors='ignore') }}"
|
|
||||||
paths:
|
|
||||||
- "{{ kolla_certificates_dir }}/{{ inventory_hostname }}/outward_rabbitmq-cert.pem"
|
|
||||||
- "{{ kolla_certificates_dir }}/{{ inventory_hostname }}-cert.pem"
|
|
||||||
- "{{ kolla_certificates_dir }}/outward_rabbitmq-cert.pem"
|
|
||||||
when:
|
|
||||||
- not kolla_externally_managed_cert | bool
|
|
||||||
- enable_outward_rabbitmq | bool
|
|
||||||
- rabbitmq_enable_tls | bool
|
|
||||||
|
|
||||||
- name: Check if TLS key exists for outward RabbitMQ
|
|
||||||
assert:
|
|
||||||
that: key | length > 0
|
|
||||||
msg: No TLS key provided for outward RabbitMQ.
|
|
||||||
vars:
|
|
||||||
key: "{{ query('first_found', paths, errors='ignore') }}"
|
|
||||||
paths:
|
|
||||||
- "{{ kolla_certificates_dir }}/{{ inventory_hostname }}/outward_rabbitmq-key.pem"
|
|
||||||
- "{{ kolla_certificates_dir }}/{{ inventory_hostname }}-key.pem"
|
|
||||||
- "{{ kolla_certificates_dir }}/outward_rabbitmq-key.pem"
|
|
||||||
when:
|
|
||||||
- not kolla_externally_managed_cert | bool
|
|
||||||
- enable_outward_rabbitmq | bool
|
|
||||||
- rabbitmq_enable_tls | bool
|
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
- name: List RabbitMQ policies
|
- name: List RabbitMQ policies
|
||||||
become: true
|
become: true
|
||||||
|
@ -1,26 +1,18 @@
|
|||||||
{
|
{
|
||||||
"vhosts": [
|
"vhosts": [
|
||||||
{"name": "/"}{% if project_name == 'outward_rabbitmq' %},
|
{"name": "/"}
|
||||||
{"name": "{{ murano_agent_rabbitmq_vhost }}"}
|
|
||||||
{% endif %}
|
|
||||||
],
|
],
|
||||||
"users": [
|
"users": [
|
||||||
{"name": "{{ role_rabbitmq_user }}", "password": "{{ role_rabbitmq_password }}", "tags": "administrator"}{% if role_rabbitmq_monitoring_user is defined and role_rabbitmq_monitoring_user %},
|
{"name": "{{ role_rabbitmq_user }}", "password": "{{ role_rabbitmq_password }}", "tags": "administrator"}{% if role_rabbitmq_monitoring_user is defined and role_rabbitmq_monitoring_user %},
|
||||||
{"name": "{{ role_rabbitmq_monitoring_user }}", "password": "{{ role_rabbitmq_monitoring_password }}", "tags": "monitoring"}{% endif %}{% if project_name == 'outward_rabbitmq' %},
|
{"name": "{{ role_rabbitmq_monitoring_user }}", "password": "{{ role_rabbitmq_monitoring_password }}", "tags": "monitoring"}{% endif %}
|
||||||
{"name": "{{ murano_agent_rabbitmq_user }}", "password": "{{ murano_agent_rabbitmq_password }}", "tags": "management"}
|
|
||||||
{% endif %}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{"user": "{{ role_rabbitmq_user }}", "vhost": "/", "configure": ".*", "write": ".*", "read": ".*"}{% if role_rabbitmq_monitoring_user is defined and role_rabbitmq_monitoring_user %},
|
{"user": "{{ role_rabbitmq_user }}", "vhost": "/", "configure": ".*", "write": ".*", "read": ".*"}{% if role_rabbitmq_monitoring_user is defined and role_rabbitmq_monitoring_user %},
|
||||||
{"user": "{{ role_rabbitmq_monitoring_user }}", "vhost": "/", "configure": "^$", "write": "^$", "read": ".*"}{% endif %}{% if project_name == 'outward_rabbitmq' %},
|
{"user": "{{ role_rabbitmq_monitoring_user }}", "vhost": "/", "configure": "^$", "write": "^$", "read": ".*"}{% endif %}
|
||||||
{"user": "{{ murano_agent_rabbitmq_user }}", "vhost": "{{ murano_agent_rabbitmq_vhost }}", "configure": ".*", "write": ".*", "read": ".*"}
|
|
||||||
{% endif %}
|
|
||||||
],
|
],
|
||||||
{% if om_enable_rabbitmq_high_availability | bool %}
|
{% if om_enable_rabbitmq_high_availability | bool %}
|
||||||
"policies":[
|
"policies":[
|
||||||
{"vhost": "/", "name": "ha-all", "pattern": "^(?!(amq\\.)|(.*_fanout_)|(reply_)).*", "apply-to": "all", "definition": {"ha-mode":{% if rabbitmq_ha_replica_count is not none %}"exactly","ha-params":{{ rabbitmq_ha_replica_count | int }}{% else %}"all"{% endif %}{% if rabbitmq_ha_promote_on_shutdown is not none %},"ha-promote-on-shutdown":"{{ rabbitmq_ha_promote_on_shutdown }}"{% endif %}{% if rabbitmq_message_ttl_ms is not none %},"message-ttl":{{ rabbitmq_message_ttl_ms | int }}{% endif %}{% if rabbitmq_queue_expiry_ms is not none %},"expires":{{ rabbitmq_queue_expiry_ms | int }}{% endif %}}, "priority":0}{% if project_name == 'outward_rabbitmq' %},
|
{"vhost": "/", "name": "ha-all", "pattern": "^(?!(amq\\.)|(.*_fanout_)|(reply_)).*", "apply-to": "all", "definition": {"ha-mode":{% if rabbitmq_ha_replica_count is not none %}"exactly","ha-params":{{ rabbitmq_ha_replica_count | int }}{% else %}"all"{% endif %}{% if rabbitmq_ha_promote_on_shutdown is not none %},"ha-promote-on-shutdown":"{{ rabbitmq_ha_promote_on_shutdown }}"{% endif %}{% if rabbitmq_message_ttl_ms is not none %},"message-ttl":{{ rabbitmq_message_ttl_ms | int }}{% endif %}{% if rabbitmq_queue_expiry_ms is not none %},"expires":{{ rabbitmq_queue_expiry_ms | int }}{% endif %}}, "priority":0}
|
||||||
{"vhost": "{{ murano_agent_rabbitmq_vhost }}", "name": "ha-all", "pattern": "^(?!(amq\\.)|(.*_fanout_)|(reply_)).*", "apply-to": "all", "definition": {"ha-mode":{% if rabbitmq_ha_replica_count is not none %}"exactly","ha-params":{{ rabbitmq_ha_replica_count | int }}{% else %}"all"{% endif %}{% if rabbitmq_ha_promote_on_shutdown is not none %},"ha-promote-on-shutdown":"{{ rabbitmq_ha_promote_on_shutdown }}"{% endif %}{% if rabbitmq_message_ttl_ms is not none %},"message-ttl":{{ rabbitmq_message_ttl_ms | int }}{% endif %}{% if rabbitmq_queue_expiry_ms is not none %},"expires":{{ rabbitmq_queue_expiry_ms | int }}{% endif %}}, "priority":0}
|
|
||||||
{% endif %}
|
|
||||||
]
|
]
|
||||||
{% else %}
|
{% else %}
|
||||||
"policies":[]
|
"policies":[]
|
||||||
|
@ -36,4 +36,3 @@ influxdb_proto: "http"
|
|||||||
rabbitmq_proto: "http"
|
rabbitmq_proto: "http"
|
||||||
mariadb_proto: "tcp"
|
mariadb_proto: "tcp"
|
||||||
opensearch_proto: "http"
|
opensearch_proto: "http"
|
||||||
outward_rabbitmq_proto: "http"
|
|
||||||
|
@ -67,12 +67,6 @@
|
|||||||
username = "{{ rabbitmq_user }}"
|
username = "{{ rabbitmq_user }}"
|
||||||
password = "{{ rabbitmq_password }}"
|
password = "{{ rabbitmq_password }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if inventory_hostname in groups['outward-rabbitmq'] and enable_outward_rabbitmq | bool %}
|
|
||||||
[[inputs.rabbitmq]]
|
|
||||||
url = "{{ outward_rabbitmq_proto }}://{{ api_interface_address | put_address_in_context('url') }}:{{ outward_rabbitmq_management_port }}"
|
|
||||||
username = "{{ outward_rabbitmq_user }}"
|
|
||||||
password = "{{ outward_rabbitmq_password }}"
|
|
||||||
{% endif %}
|
|
||||||
{% if inventory_hostname in groups['redis'] and enable_redis | bool %}
|
{% if inventory_hostname in groups['redis'] and enable_redis | bool %}
|
||||||
[[inputs.redis]]
|
[[inputs.redis]]
|
||||||
servers = ["tcp://:{{ redis_master_password }}@{{ api_interface_address | put_address_in_context('url') }}:{{ redis_port }}"]
|
servers = ["tcp://:{{ redis_master_password }}@{{ api_interface_address | put_address_in_context('url') }}:{{ redis_port }}"]
|
||||||
|
@ -53,14 +53,12 @@
|
|||||||
- enable_memcached_{{ enable_memcached | bool }}
|
- enable_memcached_{{ enable_memcached | bool }}
|
||||||
- enable_mistral_{{ enable_mistral | bool }}
|
- enable_mistral_{{ enable_mistral | bool }}
|
||||||
- enable_multipathd_{{ enable_multipathd | bool }}
|
- enable_multipathd_{{ enable_multipathd | bool }}
|
||||||
- enable_murano_{{ enable_murano | bool }}
|
|
||||||
- enable_neutron_{{ enable_neutron | bool }}
|
- enable_neutron_{{ enable_neutron | bool }}
|
||||||
- enable_nova_{{ enable_nova | bool }}
|
- enable_nova_{{ enable_nova | bool }}
|
||||||
- enable_octavia_{{ enable_octavia | bool }}
|
- enable_octavia_{{ enable_octavia | bool }}
|
||||||
- enable_opensearch_{{ enable_opensearch | bool }}
|
- enable_opensearch_{{ enable_opensearch | bool }}
|
||||||
- enable_opensearch_dashboards_{{ enable_opensearch_dashboards | bool }}
|
- enable_opensearch_dashboards_{{ enable_opensearch_dashboards | bool }}
|
||||||
- enable_openvswitch_{{ enable_openvswitch | bool }}_enable_ovs_dpdk_{{ enable_ovs_dpdk | bool }}
|
- enable_openvswitch_{{ enable_openvswitch | bool }}_enable_ovs_dpdk_{{ enable_ovs_dpdk | bool }}
|
||||||
- enable_outward_rabbitmq_{{ enable_outward_rabbitmq | bool }}
|
|
||||||
- enable_ovn_{{ enable_ovn | bool }}
|
- enable_ovn_{{ enable_ovn | bool }}
|
||||||
- enable_placement_{{ enable_placement | bool }}
|
- enable_placement_{{ enable_placement | bool }}
|
||||||
- enable_prometheus_{{ enable_prometheus | bool }}
|
- enable_prometheus_{{ enable_prometheus | bool }}
|
||||||
@ -243,11 +241,6 @@
|
|||||||
tasks_from: loadbalancer
|
tasks_from: loadbalancer
|
||||||
tags: mistral
|
tags: mistral
|
||||||
when: enable_mistral | bool
|
when: enable_mistral | bool
|
||||||
- include_role:
|
|
||||||
name: murano
|
|
||||||
tasks_from: loadbalancer
|
|
||||||
tags: murano
|
|
||||||
when: enable_murano | bool
|
|
||||||
- include_role:
|
- include_role:
|
||||||
name: neutron
|
name: neutron
|
||||||
tasks_from: loadbalancer
|
tasks_from: loadbalancer
|
||||||
@ -293,7 +286,7 @@
|
|||||||
vars:
|
vars:
|
||||||
role_rabbitmq_cluster_cookie:
|
role_rabbitmq_cluster_cookie:
|
||||||
role_rabbitmq_groups:
|
role_rabbitmq_groups:
|
||||||
when: enable_rabbitmq | bool or enable_outward_rabbitmq | bool
|
when: enable_rabbitmq | bool
|
||||||
- include_role:
|
- include_role:
|
||||||
name: skyline
|
name: skyline
|
||||||
tasks_from: loadbalancer
|
tasks_from: loadbalancer
|
||||||
@ -760,21 +753,6 @@
|
|||||||
- { role: horizon,
|
- { role: horizon,
|
||||||
tags: horizon }
|
tags: horizon }
|
||||||
|
|
||||||
- name: Apply role murano
|
|
||||||
gather_facts: false
|
|
||||||
hosts:
|
|
||||||
- murano-api
|
|
||||||
- murano-engine
|
|
||||||
- '&enable_murano_True'
|
|
||||||
serial: '{{ kolla_serial|default("0") }}'
|
|
||||||
max_fail_percentage: >-
|
|
||||||
{{ murano_max_fail_percentage |
|
|
||||||
default(kolla_max_fail_percentage) |
|
|
||||||
default(100) }}
|
|
||||||
roles:
|
|
||||||
- { role: murano,
|
|
||||||
tags: murano }
|
|
||||||
|
|
||||||
- name: Apply role magnum
|
- name: Apply role magnum
|
||||||
gather_facts: false
|
gather_facts: false
|
||||||
hosts:
|
hosts:
|
||||||
|
@ -322,7 +322,6 @@ workaround_ansible_issue_8743: yes
|
|||||||
#enable_neutron: "{{ enable_openstack_core | bool }}"
|
#enable_neutron: "{{ enable_openstack_core | bool }}"
|
||||||
#enable_nova: "{{ enable_openstack_core | bool }}"
|
#enable_nova: "{{ enable_openstack_core | bool }}"
|
||||||
#enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no' }}"
|
#enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no' }}"
|
||||||
#enable_outward_rabbitmq: "{{ enable_murano | bool }}"
|
|
||||||
|
|
||||||
# OpenStack services can be enabled or disabled with these options
|
# OpenStack services can be enabled or disabled with these options
|
||||||
#enable_aodh: "no"
|
#enable_aodh: "no"
|
||||||
@ -367,7 +366,6 @@ workaround_ansible_issue_8743: yes
|
|||||||
#enable_horizon_manila: "{{ enable_manila | bool }}"
|
#enable_horizon_manila: "{{ enable_manila | bool }}"
|
||||||
#enable_horizon_masakari: "{{ enable_masakari | bool }}"
|
#enable_horizon_masakari: "{{ enable_masakari | bool }}"
|
||||||
#enable_horizon_mistral: "{{ enable_mistral | bool }}"
|
#enable_horizon_mistral: "{{ enable_mistral | bool }}"
|
||||||
#enable_horizon_murano: "{{ enable_murano | bool }}"
|
|
||||||
#enable_horizon_neutron_vpnaas: "{{ enable_neutron_vpnaas | bool }}"
|
#enable_horizon_neutron_vpnaas: "{{ enable_neutron_vpnaas | bool }}"
|
||||||
#enable_horizon_octavia: "{{ enable_octavia | bool }}"
|
#enable_horizon_octavia: "{{ enable_octavia | bool }}"
|
||||||
#enable_horizon_tacker: "{{ enable_tacker | bool }}"
|
#enable_horizon_tacker: "{{ enable_tacker | bool }}"
|
||||||
@ -392,7 +390,6 @@ workaround_ansible_issue_8743: yes
|
|||||||
#enable_masakari: "no"
|
#enable_masakari: "no"
|
||||||
#enable_mistral: "no"
|
#enable_mistral: "no"
|
||||||
#enable_multipathd: "no"
|
#enable_multipathd: "no"
|
||||||
#enable_murano: "no"
|
|
||||||
#enable_neutron_vpnaas: "no"
|
#enable_neutron_vpnaas: "no"
|
||||||
#enable_neutron_sriov: "no"
|
#enable_neutron_sriov: "no"
|
||||||
#enable_neutron_dvr: "no"
|
#enable_neutron_dvr: "no"
|
||||||
@ -642,7 +639,7 @@ workaround_ansible_issue_8743: yes
|
|||||||
#############################
|
#############################
|
||||||
# Horizon - Dashboard Options
|
# Horizon - Dashboard Options
|
||||||
#############################
|
#############################
|
||||||
#horizon_backend_database: "{{ enable_murano | bool }}"
|
#horizon_backend_database: false
|
||||||
|
|
||||||
#############################
|
#############################
|
||||||
# Ironic options
|
# Ironic options
|
||||||
|
@ -107,10 +107,6 @@ heat_database_password:
|
|||||||
heat_keystone_password:
|
heat_keystone_password:
|
||||||
heat_domain_admin_password:
|
heat_domain_admin_password:
|
||||||
|
|
||||||
murano_database_password:
|
|
||||||
murano_keystone_password:
|
|
||||||
murano_agent_rabbitmq_password:
|
|
||||||
|
|
||||||
ironic_database_password:
|
ironic_database_password:
|
||||||
ironic_keystone_password:
|
ironic_keystone_password:
|
||||||
|
|
||||||
@ -211,8 +207,6 @@ gnocchi_user_id:
|
|||||||
rabbitmq_password:
|
rabbitmq_password:
|
||||||
rabbitmq_monitoring_password:
|
rabbitmq_monitoring_password:
|
||||||
rabbitmq_cluster_cookie:
|
rabbitmq_cluster_cookie:
|
||||||
outward_rabbitmq_password:
|
|
||||||
outward_rabbitmq_cluster_cookie:
|
|
||||||
|
|
||||||
####################
|
####################
|
||||||
# HAProxy options
|
# HAProxy options
|
||||||
|
6
releasenotes/notes/drop-murano-51796e817e8331b4.yaml
Normal file
6
releasenotes/notes/drop-murano-51796e817e8331b4.yaml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
upgrade:
|
||||||
|
- |
|
||||||
|
Support for deploying ``Murano`` has been dropped.
|
||||||
|
In addition to that support for deploying outward RabbitMQ (only used
|
||||||
|
for Murano) has been dropped as well.
|
@ -141,9 +141,6 @@ control
|
|||||||
[rabbitmq:children]
|
[rabbitmq:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
[outward-rabbitmq:children]
|
|
||||||
control
|
|
||||||
|
|
||||||
[keystone:children]
|
[keystone:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
@ -182,9 +179,6 @@ control
|
|||||||
[heat:children]
|
[heat:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
[murano:children]
|
|
||||||
control
|
|
||||||
|
|
||||||
[ironic:children]
|
[ironic:children]
|
||||||
control
|
control
|
||||||
|
|
||||||
@ -416,13 +410,6 @@ heat
|
|||||||
[heat-engine:children]
|
[heat-engine:children]
|
||||||
heat
|
heat
|
||||||
|
|
||||||
# Murano
|
|
||||||
[murano-api:children]
|
|
||||||
murano
|
|
||||||
|
|
||||||
[murano-engine:children]
|
|
||||||
murano
|
|
||||||
|
|
||||||
# Ironic
|
# Ironic
|
||||||
[ironic-api:children]
|
[ironic-api:children]
|
||||||
ironic
|
ironic
|
||||||
|
Loading…
Reference in New Issue
Block a user