diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 57e630bb33..0d09da0d62 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -120,6 +120,8 @@ magnum_api_port: "9511" rgw_port: "6780" +mistral_api_port: "8989" + #################### # Openstack options #################### @@ -172,6 +174,7 @@ enable_swift: "no" enable_murano: "no" enable_ironic: "no" enable_magnum: "no" +enable_mistral: "no" ironic_keystone_user: "ironic" diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one index fcf28a8c09..0eb841b545 100644 --- a/ansible/inventory/all-in-one +++ b/ansible/inventory/all-in-one @@ -69,6 +69,9 @@ control [magnum:children] control +[mistral:children] +control + # Additional control implemented here. These groups allow you to control which # services run on which hosts at a per-service level. # @@ -174,3 +177,13 @@ magnum [magnum-conductor:children] magnum + +# Mistral +[mistral-api:children] +mistral + +[mistral-executor:children] +mistral + +[mistral-engine:children] +mistral diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode index 14f6d82e54..c886cc2e3e 100644 --- a/ansible/inventory/multinode +++ b/ansible/inventory/multinode @@ -78,6 +78,8 @@ storage [magnum:children] control +[mistral:children] +control # Additional control implemented here. These groups allow you to control which # services run on which hosts at a per-service level. @@ -184,3 +186,13 @@ magnum [magnum-conductor:children] magnum + +# Mistral +[mistral-api:children] +mistral + +[mistral-executor:children] +mistral + +[mistral-engine:children] +mistral diff --git a/ansible/roles/mistral/defaults/main.yml b/ansible/roles/mistral/defaults/main.yml new file mode 100644 index 0000000000..8de4c38a27 --- /dev/null +++ b/ansible/roles/mistral/defaults/main.yml @@ -0,0 +1,40 @@ +--- +project_name: "mistral" + +#################### +# Database +#################### +mistral_database_name: "mistral" +mistral_database_user: "mistral" +mistral_database_address: "{{ kolla_internal_address }}" + + +#################### +# Docker +#################### +mistral_engine_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-mistral-engine" +mistral_engine_tag: "{{ openstack_release }}" +mistral_engine_image_full: "{{ mistral_engine_image }}:{{ mistral_engine_tag }}" + +mistral_executor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-mistral-executor" +mistral_executor_tag: "{{ openstack_release }}" +mistral_executor_image_full: "{{ mistral_executor_image }}:{{ mistral_executor_tag }}" + +mistral_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-mistral-api" +mistral_api_tag: "{{ openstack_release }}" +mistral_api_image_full: "{{ mistral_api_image }}:{{ mistral_api_tag }}" + + +#################### +# Openstack +#################### +mistral_public_address: "{{ kolla_external_address }}" +mistral_admin_address: "{{ kolla_internal_address }}" +mistral_internal_address: "{{ kolla_internal_address }}" + +mistral_logging_verbose: "{{ openstack_logging_verbose }}" +mistral_logging_debug: "{{ openstack_logging_debug }}" + +mistral_keystone_user: "mistral" + +openstack_mistral_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}" diff --git a/ansible/roles/mistral/meta/main.yml b/ansible/roles/mistral/meta/main.yml new file mode 100644 index 0000000000..6b4fff8fef --- /dev/null +++ b/ansible/roles/mistral/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - { role: common } diff --git a/ansible/roles/mistral/tasks/bootstrap.yml b/ansible/roles/mistral/tasks/bootstrap.yml new file mode 100644 index 0000000000..0373842a5e --- /dev/null +++ b/ansible/roles/mistral/tasks/bootstrap.yml @@ -0,0 +1,53 @@ +--- +- name: Creating Mistral database + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m mysql_db + -a "login_host='{{ database_address }}' + login_user='{{ database_user }}' + login_port='{{ mariadb_port }}' + login_password='{{ database_password }}' + name='{{ mistral_database_name }}'" + register: database + changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and + (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + failed_when: database.stdout.split()[2] != 'SUCCESS' + run_once: True + delegate_to: "{{ groups['mistral-api'][0] }}" + +- name: Reading json from variable + set_fact: + database_created: "{{ (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + +- name: Creating Mistral database user and setting permissions + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m mysql_user + -a "login_host='{{ database_address }}' + login_user='{{ database_user }}' + login_password='{{ database_password }}' + name='{{ mistral_database_name }}' + password='{{ mistral_database_password }}' + host='%' + priv='{{ mistral_database_name }}.*:ALL' + append_privs='yes'" + register: database_user_create + changed_when: "{{ database_user_create.stdout.find('localhost | SUCCESS => ') != -1 and + (database_user_create.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + failed_when: database_user_create.stdout.split()[2] != 'SUCCESS' + run_once: True + delegate_to: "{{ groups['mistral-api'][0] }}" + +- name: Running Mistral bootstrap container + kolla_docker: + action: "start_container" + common_options: "{{docker_common_options}}" + detach: False + environment: + KOLLA_BOOTSTRAP: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + image: "{{ mistral_api_image_full }}" + name: "bootstrap_mistral" + restart_policy: "never" + volumes: "{{ node_config_directory }}/mistral-api/:{{ container_config_directory }}/:ro" + run_once: True + delegate_to: "{{ groups['mistral-api'][0] }}" + when: database_created diff --git a/ansible/roles/mistral/tasks/config.yml b/ansible/roles/mistral/tasks/config.yml new file mode 100644 index 0000000000..fc8f8d2c6c --- /dev/null +++ b/ansible/roles/mistral/tasks/config.yml @@ -0,0 +1,36 @@ +--- +- name: Ensuring config directories exist + file: + path: "{{ node_config_directory }}/{{ item }}" + state: "directory" + recurse: yes + with_items: + - "mistral-api" + - "mistral-engine" + - "mistral-executor" + +- name: Copying over config.json files for services + template: + src: "{{ item }}.json.j2" + dest: "{{ node_config_directory }}/{{ item }}/config.json" + with_items: + - "mistral-api" + - "mistral-engine" + - "mistral-executor" + +- name: Copying over mistral.conf + merge_configs: + vars: + service_name: "{{ item }}" + sources: + - "{{ role_path }}/templates/mistral.conf.j2" + - "/etc/kolla/config/global.conf" + - "/etc/kolla/config/database.conf" + - "/etc/kolla/config/messaging.conf" + - "/etc/kolla/config/mistral.conf" + - "/etc/kolla/config/mistral/{{ item }}.conf" + dest: "{{ node_config_directory }}/{{ item }}/mistral.conf" + with_items: + - "mistral-api" + - "mistral-engine" + - "mistral-executor" diff --git a/ansible/roles/mistral/tasks/main.yml b/ansible/roles/mistral/tasks/main.yml new file mode 100644 index 0000000000..5f062e5c51 --- /dev/null +++ b/ansible/roles/mistral/tasks/main.yml @@ -0,0 +1,16 @@ +--- +- include: register.yml + when: inventory_hostname in groups['mistral-api'] + +- include: config.yml + when: inventory_hostname in groups['mistral-api'] or + inventory_hostname in groups['mistral-engine'] or + inventory_hostname in groups['mistral-executor'] + +- include: bootstrap.yml + when: inventory_hostname in groups['mistral-api'] + +- include: start.yml + when: inventory_hostname in groups['mistral-api'] or + inventory_hostname in groups['mistral-engine'] or + inventory_hostname in groups['mistral-executor'] diff --git a/ansible/roles/mistral/tasks/register.yml b/ansible/roles/mistral/tasks/register.yml new file mode 100644 index 0000000000..fe1059d51c --- /dev/null +++ b/ansible/roles/mistral/tasks/register.yml @@ -0,0 +1,37 @@ +--- +- name: Creating the Mistral service and endpoint + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m kolla_keystone_service + -a "service_name=mistral + service_type=application_catalog + description='Openstack Application Catalog' + endpoint_region={{ openstack_region_name }} + admin_url='http://{{ kolla_internal_address }}:{{ mistral_api_port }}' + internal_url='http://{{ kolla_internal_address }}:{{ mistral_api_port }}' + public_url='http://{{ kolla_external_address }}:{{ mistral_api_port }}' + region_name={{ openstack_region_name }} + auth={{ '{{ openstack_mistral_auth }}' }}" + -e "{'openstack_mistral_auth':{{ openstack_mistral_auth }}}" + register: mistral_endpoint + changed_when: "{{ mistral_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (mistral_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + until: mistral_endpoint.stdout.split()[2] == 'SUCCESS' + retries: 10 + delay: 5 + run_once: True + +- name: Creating the Mistral project, user, and role + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m kolla_keystone_user + -a "project=service + user=mistral + password={{ mistral_keystone_password }} + role=admin + region_name={{ openstack_region_name }} + auth={{ '{{ openstack_mistral_auth }}' }}" + -e "{'openstack_mistral_auth':{{ openstack_mistral_auth }}}" + register: mistral_user + changed_when: "{{ mistral_user.stdout.find('localhost | SUCCESS => ') != -1 and (mistral_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + until: mistral_user.stdout.split()[2] == 'SUCCESS' + retries: 10 + delay: 5 + run_once: True diff --git a/ansible/roles/mistral/tasks/start.yml b/ansible/roles/mistral/tasks/start.yml new file mode 100644 index 0000000000..c7b3020c55 --- /dev/null +++ b/ansible/roles/mistral/tasks/start.yml @@ -0,0 +1,33 @@ +--- +- name: Starting Mistral-engine container + kolla_docker: + action: "start_container" + name: mistral_engine + common_options: "{{docker_common_options}}" + image: "{{ mistral_engine_image_full }}" + volumes: + - "{{ node_config_directory }}/mistral-engine/:{{ container_config_directory }}/:ro" + - "/var/lib/kolla/dev/log:/dev/log" + when: inventory_hostname in groups['mistral-engine'] + +- name: Starting Mistral-executor container + kolla_docker: + action: "start_container" + name: mistral_engine + common_options: "{{docker_common_options}}" + image: "{{ mistral_engine_image_full }}" + volumes: + - "{{ node_config_directory }}/mistral-executor/:{{ container_config_directory }}/:ro" + - "/var/lib/kolla/dev/log:/dev/log" + when: inventory_hostname in groups['mistral-engine'] + +- name: Starting Mistral-api container + kolla_docker: + action: "start_container" + name: mistral_api + common_options: "{{docker_common_options}}" + image: "{{ mistral_api_image_full }}" + volumes: + - "{{ node_config_directory }}/mistral-api/:{{ container_config_directory }}/:ro" + - "/var/lib/kolla/dev/log:/dev/log" + when: inventory_hostname in groups['mistral-api'] diff --git a/ansible/roles/mistral/templates/mistral-api.json.j2 b/ansible/roles/mistral/templates/mistral-api.json.j2 new file mode 100644 index 0000000000..bb9c5d8682 --- /dev/null +++ b/ansible/roles/mistral/templates/mistral-api.json.j2 @@ -0,0 +1,11 @@ +{ + "command": "mistral-server --server api --config-file /etc/mistral/mistral.conf", + "config_files": [ + { + "source": "{{ container_config_directory }}/mistral.conf", + "dest": "/etc/mistral/mistral.conf", + "owner": "mistral", + "perm": "0644" + } + ] +} diff --git a/ansible/roles/mistral/templates/mistral-engine.json.j2 b/ansible/roles/mistral/templates/mistral-engine.json.j2 new file mode 100644 index 0000000000..68151098e3 --- /dev/null +++ b/ansible/roles/mistral/templates/mistral-engine.json.j2 @@ -0,0 +1,11 @@ +{ + "command": "mistral-server --server engine --config-file /etc/mistral/mistral.conf", + "config_files": [ + { + "source": "{{ container_config_directory }}/mistral.conf", + "dest": "/etc/mistral/mistral.conf", + "owner": "mistral", + "perm": "0644" + } + ] +} diff --git a/ansible/roles/mistral/templates/mistral-executor.json.j2 b/ansible/roles/mistral/templates/mistral-executor.json.j2 new file mode 100644 index 0000000000..09a5c53e17 --- /dev/null +++ b/ansible/roles/mistral/templates/mistral-executor.json.j2 @@ -0,0 +1,11 @@ +{ + "command": "mistral-server --server executor --config-file /etc/mistral/mistral.conf", + "config_files": [ + { + "source": "{{ container_config_directory }}/mistral.conf", + "dest": "/etc/mistral/mistral.conf", + "owner": "mistral", + "perm": "0644" + } + ] +} diff --git a/ansible/roles/mistral/templates/mistral.conf.j2 b/ansible/roles/mistral/templates/mistral.conf.j2 new file mode 100644 index 0000000000..31f432ebc9 --- /dev/null +++ b/ansible/roles/mistral/templates/mistral.conf.j2 @@ -0,0 +1,35 @@ +[DEFAULT] +verbose = {{ openstack_logging_verbose }} +debug = {{ openstack_logging_debug }} + +notification_driver = noop + +use_syslog = True +syslog_log_facility = LOG_LOCAL0 + +{% if service_name == 'mistral-api' %} +bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +bind_port = {{ mistral_api_port }} +{% endif %} + +[database] +connection = mysql+pymysql://{{ mistral_database_user }}:{{ mistral_database_password }}@{{ mistral_database_address }}/{{ mistral_database_name }} + +[keystone_authtoken] +auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_plugin = password +project_domain_id = default +user_domain_id = default +project_name = service +username = {{ mistral_keystone_user }} +password = {{ mistral_keystone_password }} + +[mistral] +url = http://{{ kolla_internal_address }}:{{ mistral_api_port }} + +[oslo_messaging_rabbit] +rabbit_userid = {{ rabbitmq_user }} +rabbit_password = {{ rabbitmq_password }} +rabbit_ha_queues = true +rabbit_hosts = {% for host in groups['rabbitmq'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} diff --git a/ansible/site.yml b/ansible/site.yml index 49b2b135a0..e4f7ff9645 100644 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -152,3 +152,13 @@ - { role: magnum, tags: magnum, when: enable_magnum | bool } + +- hosts: + - mistral-api + - mistral-engine + - mistral-executor + - rabbitmq + roles: + - { role: mistral, + tags: mistral, + when: enable_mistral | bool } diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml index 6de1f7bb9f..369053b0b4 100644 --- a/etc/kolla/passwords.yml +++ b/etc/kolla/passwords.yml @@ -59,6 +59,9 @@ ironic_keystone_password: "password" magnum_database_password: "password" magnum_keystone_password: "password" +mistral_database_password: "password" +mistral_keystone_password: "password" + horizon_secret_key: "password" ####################