openstack/kolla-ansible
Code Issues Proposed changes

Implement octavia ansible role

Browse Source 
Change-Id: Ic72b49275627aff239b23e9862966923555a464f
Implements: blueprint octavia-ansible-role
This commit is contained in:
Jeffrey Zhang 2016-11-30 16:45:00 +08:00
parent 09a0319a92
commit 7f89522b94
28 changed files with 607 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ansible/group_vars/all.yml
View File

@ -150,6 +150,9 @@ keystone_ssh_port: "8023"
glance_api_port: "9292" glance_api_port: "9292"
glance_registry_port: "9191" glance_registry_port: "9191"
octavia_api_port: "9876"
octavia_health_manager_port: "5555"
nova_api_port: "8774" nova_api_port: "8774"
nova_metadata_port: "8775" nova_metadata_port: "8775"
nova_novncproxy_port: "6080" nova_novncproxy_port: "6080"
@ -287,6 +290,7 @@ enable_neutron_dvr: "no"
enable_neutron_lbaas: "no" enable_neutron_lbaas: "no"
enable_neutron_qos: "no" enable_neutron_qos: "no"
enable_neutron_agent_ha: "no" enable_neutron_agent_ha: "no"
enable_octavia: "no"
enable_rally: "no" enable_rally: "no"
enable_sahara: "no" enable_sahara: "no"
enable_searchlight: "no" enable_searchlight: "no"
@ -404,6 +408,15 @@ nova_backend: "{{ 'rbd' if nova_backend_ceph | bool else 'default' }}"
####################### #######################
horizon_backend_database: "no" horizon_backend_database: "no"
#################
# Octavia options
#################
# Load balancer topology options are [ SINGLE, ACTIVE_STANDBY ]
octavia_loadbalancer_topology: "SINGLE"
octavia_amp_boot_network_list:
octavia_amp_secgroup_list:
octavia_amp_flavor_id:
################### ###################
# Ceph options # Ceph options
################### ###################

16
ansible/inventory/all-in-one
View File

@ -151,6 +151,9 @@ control
[searchlight:children] [searchlight:children]
control control
[octavia:children]
control
# Additional control implemented here. These groups allow you to control which # Additional control implemented here. These groups allow you to control which
# services run on which hosts at a per-service level. # services run on which hosts at a per-service level.
# #
@ -434,3 +437,16 @@ searchlight
[searchlight-listener:children] [searchlight-listener:children]
searchlight searchlight
# Octavia
[octavia-api:children]
octavia
[octavia-health-manager:children]
octavia
[octavia-housekeeping:children]
octavia
[octavia-worker:children]
octavia

16
ansible/inventory/multinode
View File

@ -166,6 +166,9 @@ control
[searchlight:children] [searchlight:children]
control control
[octavia:children]
control
# Additional control implemented here. These groups allow you to control which # Additional control implemented here. These groups allow you to control which
# services run on which hosts at a per-service level. # services run on which hosts at a per-service level.
# #
@ -449,3 +452,16 @@ searchlight
[searchlight-listener:children] [searchlight-listener:children]
searchlight searchlight
# Octavia
[octavia-api:children]
octavia
[octavia-health-manager:children]
octavia
[octavia-housekeeping:children]
octavia
[octavia-worker:children]
octavia

1
ansible/roles/common/tasks/config.yml
View File

@ -94,6 +94,7 @@
- { name: "murano", enabled: "{{ enable_murano }}" } - { name: "murano", enabled: "{{ enable_murano }}" }
- { name: "neutron", enabled: "{{ enable_neutron }}" } - { name: "neutron", enabled: "{{ enable_neutron }}" }
- { name: "nova", enabled: "{{ enable_nova }}" } - { name: "nova", enabled: "{{ enable_nova }}" }
- { name: "octavia", enabled: "{{ enable_octavia }}" }
- { name: "rabbitmq", enabled: "{{ enable_rabbitmq }}" } - { name: "rabbitmq", enabled: "{{ enable_rabbitmq }}" }
- { name: "sahara", enabled: "{{ enable_sahara }}" } - { name: "sahara", enabled: "{{ enable_sahara }}" }
- { name: "searchlight", enabled: "{{ enable_searchlight }}" } - { name: "searchlight", enabled: "{{ enable_searchlight }}" }

3
ansible/roles/common/templates/cron-logrotate-octavia.conf.j2 Normal file
View File

@ -0,0 +1,3 @@
"/var/log/kolla/octavia/*.log"
{
}

2
ansible/roles/common/templates/heka-openstack.toml.j2
View File

@ -6,6 +6,6 @@ filename = "lua_decoders/os_openstack_log.lua"
type = "LogstreamerInput" type = "LogstreamerInput"
decoder = "openstack_log_decoder" decoder = "openstack_log_decoder"
log_directory = "/var/log/kolla" log_directory = "/var/log/kolla"
file_match = '(?P<Service>cloudkitty|nova|glance|keystone|neutron|ceph|cinder|heat|murano|magnum|mistral|manila|searchlight|senlin|sahara|tacker)/(?P<Program>.*)\.log\.?(?P<Seq>\d*)$' file_match = '(?P<Service>cloudkitty|nova|glance|keystone|neutron|ceph|cinder|heat|murano|magnum|mistral|manila|octavia|searchlight|senlin|sahara|tacker)/(?P<Program>.*)\.log\.?(?P<Seq>\d*)$'
priority = ["^Seq"] priority = ["^Seq"]
differentiator = ["Service", "_", "Program"] differentiator = ["Service", "_", "Program"]

19
ansible/roles/haproxy/templates/haproxy.cfg.j2
View File

@ -255,6 +255,25 @@ listen cloudkitty_api_external
{% endif %} {% endif %}
{% endif %} {% endif %}
{% if enable_octavia | bool %}
listen octavia_api
bind {{ kolla_internal_vip_address }}:{{ octavia_api_port }}
http-request del-header X-Forwarded-Proto
{% for host in groups['octavia-api'] %}
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ octavia_api_port }} check inter 2000 rise 2 fall 5
{% endfor %}
{% if haproxy_enable_external_vip | bool %}
listen octavia_api_external
bind {{ kolla_external_vip_address }}:{{ octavia_api_port }} {{ tls_bind_info }}
http-request del-header X-Forwarded-Proto
http-request set-header X-Forwarded-Proto https if { ssl_fc }
{% for host in groups['octavia-api'] %}
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ octavia_api_port }} check inter 2000 rise 2 fall 5
{% endfor %}
{% endif %}
{% endif %}
{% if enable_heat | bool %} {% if enable_heat | bool %}
listen heat_api listen heat_api
bind {{ kolla_internal_vip_address }}:{{ heat_api_port }} bind {{ kolla_internal_vip_address }}:{{ heat_api_port }}

5
ansible/roles/neutron/templates/neutron.conf.j2
View File

@ -103,3 +103,8 @@ driver = noop
drivers = ovs drivers = ovs
[flowclassifier] [flowclassifier]
{% endif %} {% endif %}
{% if enable_octavia | bool %}
[octavia]
base_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ octavia_api_port }}
{% endif %}

12
ansible/roles/neutron/templates/neutron_lbaas.conf.j2
View File

@ -1,4 +1,16 @@
{% if enable_neutron_lbaas | bool %} {% if enable_neutron_lbaas | bool %}
[service_providers] [service_providers]
{% if enable_octavia | bool %}
service_provider = LOADBALANCERV2:Octavia:neutron_lbaas.drivers.octavia.driver.OctaviaDriver:default
[service_auth]
auth_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}/v2.0
admin_tenant_name = admin
admin_user = admin
admin_password = {{ keystone_admin_password }}
auth_version = 2
{% else %}
service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
{% endif %} {% endif %}
{% endif %}

43
ansible/roles/octavia/defaults/main.yml Normal file
View File

@ -0,0 +1,43 @@
---
project_name: "octavia"
####################
# Database
####################
octavia_database_name: "octavia"
octavia_database_user: "octavia"
octavia_database_address: "{{ kolla_internal_fqdn }}:{{ database_port }}"
####################
# Docker
####################
octavia_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-octavia-api"
octavia_api_tag: "{{ openstack_release }}"
octavia_api_image_full: "{{ octavia_api_image }}:{{ octavia_api_tag }}"
octavia_health_manager_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-octavia-health-manager"
octavia_health_manager_tag: "{{ openstack_release }}"
octavia_health_manager_image_full: "{{ octavia_health_manager_image }}:{{ octavia_health_manager_tag }}"
octavia_housekeeping_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-octavia-housekeeping"
octavia_housekeeping_tag: "{{ openstack_release }}"
octavia_housekeeping_image_full: "{{ octavia_housekeeping_image }}:{{ octavia_housekeeping_tag }}"
octavia_worker_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-octavia-worker"
octavia_worker_tag: "{{ openstack_release }}"
octavia_worker_image_full: "{{ octavia_worker_image }}:{{ octavia_worker_tag }}"
####################
# OpenStack
####################
octavia_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ octavia_api_port }}"
octavia_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ octavia_api_port }}"
octavia_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ octavia_api_port }}"
octavia_logging_debug: "{{ openstack_logging_debug }}"
octavia_keystone_user: "octavia"
openstack_octavia_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"

41
ansible/roles/octavia/tasks/bootstrap.yml Normal file
View File

@ -0,0 +1,41 @@
---
- name: Creating Octavia database
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
-m mysql_db
-a "login_host='{{ database_address }}'
login_port='{{ database_port }}'
login_user='{{ database_user }}'
login_password='{{ database_password }}'
name='{{ octavia_database_name }}'"
register: database
changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and
(database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
failed_when: database.stdout.split()[2] != 'SUCCESS'
run_once: True
delegate_to: "{{ groups['octavia-api'][0] }}"
- name: Reading json from variable
set_fact:
database_created: "{{ (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
- name: Creating Octavia database user and setting permissions
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
-m mysql_user
-a "login_host='{{ database_address }}'
login_port='{{ database_port }}'
login_user='{{ database_user }}'
login_password='{{ database_password }}'
name='{{ octavia_database_name }}'
password='{{ octavia_database_password }}'
host='%'
priv='{{ octavia_database_name }}.*:ALL'
append_privs='yes'"
register: database_user_create
changed_when: "{{ database_user_create.stdout.find('localhost | SUCCESS => ') != -1 and
(database_user_create.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
failed_when: database_user_create.stdout.split()[2] != 'SUCCESS'
run_once: True
delegate_to: "{{ groups['octavia-api'][0] }}"
- include: bootstrap_service.yml
when: database_created

20
ansible/roles/octavia/tasks/bootstrap_service.yml Normal file
View File

@ -0,0 +1,20 @@
---
- name: Running Octavia bootstrap container
kolla_docker:
action: "start_container"
common_options: "{{ docker_common_options }}"
detach: False
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
image: "{{ octavia_api_image_full }}"
labels:
BOOTSTRAP:
name: "bootstrap_octavia"
restart_policy: "never"
volumes:
- "{{ node_config_directory }}/octavia-api/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
run_once: True
delegate_to: "{{ groups['octavia-api'][0] }}"

49
ansible/roles/octavia/tasks/config.yml Normal file
View File

@ -0,0 +1,49 @@
---
- name: Ensuring config directories exist
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
recurse: yes
with_items:
- "octavia-api"
- "octavia-health-manager"
- "octavia-housekeeping"
- "octavia-worker"
- name: Copying over config.json files for services
template:
src: "{{ item }}.json.j2"
dest: "{{ node_config_directory }}/{{ item }}/config.json"
with_items:
- "octavia-api"
- "octavia-health-manager"
- "octavia-housekeeping"
- "octavia-worker"
- name: Copying over octavia.conf
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/octavia.conf.j2"
- "{{ node_config_directory }}/config/global.conf"
- "{{ node_config_directory }}/config/database.conf"
- "{{ node_config_directory }}/config/messaging.conf"
- "{{ node_config_directory }}/config/octavia.conf"
- "{{ node_config_directory }}/config/octavia/{{ item }}.conf"
- "{{ node_config_directory }}/config/octavia/{{ inventory_hostname }}/octavia.conf"
dest: "{{ node_config_directory }}/{{ item }}/octavia.conf"
with_items:
- "octavia-api"
- "octavia-health-manager"
- "octavia-housekeeping"
- "octavia-worker"
- name: Copying certificate files
copy:
src: "{{ node_config_directory }}/config/octavia/{{ item }}"
dest: "{{ node_config_directory }}/octavia-worker/{{ item }}"
with_items:
- cakey.pem
- ca_01.pem
- client.pem

18
ansible/roles/octavia/tasks/deploy.yml Normal file
View File

@ -0,0 +1,18 @@
---
- include: "register.yml"
when: inventory_hostname in groups['octavia-api']
- include: "config.yml"
when: inventory_hostname in groups['octavia-api'] or
inventory_hostname in groups['octavia-health-manager'] or
inventory_hostname in groups['octavia-housekeeping'] or
inventory_hostname in groups['octavia-worker']
- include: "bootstrap.yml"
when: inventory_hostname in groups['octavia-api']
- include: "start.yml"
when: inventory_hostname in groups['octavia-api'] or
inventory_hostname in groups['octavia-health-manager'] or
inventory_hostname in groups['octavia-housekeeping'] or
inventory_hostname in groups['octavia-worker']

2
ansible/roles/octavia/tasks/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
- include: "{{ action }}.yml"

28
ansible/roles/octavia/tasks/pull.yml Normal file
View File

@ -0,0 +1,28 @@
---
- name: Pulling octavia-api image
kolla_docker:
action: "pull_image"
common_options: "{{ docker_common_options }}"
image: "{{ octavia_api_image_full }}"
when: inventory_hostname in groups['octavia-api']
- name: Pulling octavia-health-manager image
kolla_docker:
action: "pull_image"
common_options: "{{ docker_common_options }}"
image: "{{ octavia_health_manager_image_full }}"
when: inventory_hostname in groups['octavia-health-manager']
- name: Pulling octavia-housekeeping image
kolla_docker:
action: "pull_image"
common_options: "{{ docker_common_options }}"
image: "{{ octavia_housekeeping_image_full }}"
when: inventory_hostname in groups['octavia-housekeeping']
- name: Pulling octavia-worker image
kolla_docker:
action: "pull_image"
common_options: "{{ docker_common_options }}"
image: "{{ octavia_worker_image_full }}"
when: inventory_hostname in groups['octavia-worker']

76
ansible/roles/octavia/tasks/reconfigure.yml Normal file
View File

@ -0,0 +1,76 @@
---
- name: Ensuring the containers up
kolla_docker:
name: "{{ item.name }}"
action: "get_container_state"
register: container_state
failed_when: container_state.Running == false
when: inventory_hostname in groups[item.group]
with_items:
- { name: octavia_api, group: octavia-api }
- { name: octavia_health_manager, group: octavia-health-manager }
- { name: octavia_housekeeping, group: octavia-housekeeping }
- { name: octavia_worker, group: octavia-worker }
- include: config.yml
- name: Check the configs
command: docker exec {{ item.name }} /usr/local/bin/kolla_set_configs --check
changed_when: false
failed_when: false
register: check_results
when: inventory_hostname in groups[item.group]
with_items:
- { name: octavia_api, group: octavia-api }
- { name: octavia_health_manager, group: octavia-health-manager }
- { name: octavia_housekeeping, group: octavia-housekeeping }
- { name: octavia_worker, group: octavia-worker }
- name: Containers config strategy
kolla_docker:
name: "{{ item.name }}"
action: "get_container_env"
register: container_envs
when: inventory_hostname in groups[item.group]
with_items:
- { name: octavia_api, group: octavia-api }
- { name: octavia_health_manager, group: octavia-health-manager }
- { name: octavia_housekeeping, group: octavia-housekeeping }
- { name: octavia_worker, group: octavia-worker }
- name: Remove the containers
kolla_docker:
name: "{{ item[0]['name'] }}"
action: "remove_container"
register: remove_containers
when:
- inventory_hostname in groups[item[0]['group']]
- config_strategy == "COPY_ONCE" or item[1]['KOLLA_CONFIG_STRATEGY'] == 'COPY_ONCE'
- item[2]['rc'] == 1
with_together:
- [{ name: octavia_api, group: octavia-api },
{ name: octavia_health_manager, group: octavia-health-manager },
{ name: octavia_housekeeping, group: octavia-housekeeping },
{ name: octavia_worker, group: octavia-worker }]
- "{{ container_envs.results }}"
- "{{ check_results.results }}"
- include: start.yml
when: remove_containers.changed
- name: Restart containers
kolla_docker:
name: "{{ item[0]['name'] }}"
action: "restart_container"
when:
- inventory_hostname in groups[item[0]['group']]
- config_strategy == 'COPY_ALWAYS'
- item[1]['KOLLA_CONFIG_STRATEGY'] != 'COPY_ONCE'
- item[2]['rc'] == 1
with_together:
- [{ name: octavia_api, group: octavia-api },
{ name: octavia_health_manager, group: octavia-health-manager },
{ name: octavia_housekeeping, group: octavia-housekeeping },
{ name: octavia_worker, group: octavia-worker }]
- "{{ container_envs.results }}"
- "{{ check_results.results }}"

40
ansible/roles/octavia/tasks/register.yml Normal file
View File

@ -0,0 +1,40 @@
---
- name: Creating the Octavia service and endpoint
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
-m kolla_keystone_service
-a "service_name=octavia
service_type=application-catalog
description='Openstack Application Catalogue'
endpoint_region={{ openstack_region_name }}
url='{{ item.url }}'
interface='{{ item.interface }}'
region_name={{ openstack_region_name }}
auth={{ '{{ openstack_octavia_auth }}' }}"
-e "{'openstack_octavia_auth':{{ openstack_octavia_auth }}}"
register: octavia_endpoint
changed_when: "{{ octavia_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (octavia_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
until: octavia_endpoint.stdout.split()[2] == 'SUCCESS'
retries: 10
delay: 5
run_once: True
with_items:
- {'interface': 'admin', 'url': '{{ octavia_admin_endpoint }}'}
- {'interface': 'internal', 'url': '{{ octavia_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ octavia_public_endpoint }}'}
- name: Creating the Octavia project, user, and role
command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
-m kolla_keystone_user
-a "project=service
user=octavia
password={{ octavia_keystone_password }}
role=admin
region_name={{ openstack_region_name }}
auth={{ '{{ openstack_octavia_auth }}' }}"
-e "{'openstack_octavia_auth':{{ openstack_octavia_auth }}}"
register: octavia_user
changed_when: "{{ octavia_user.stdout.find('localhost | SUCCESS => ') != -1 and (octavia_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
until: octavia_user.stdout.split()[2] == 'SUCCESS'
retries: 10
delay: 5
run_once: True

48
ansible/roles/octavia/tasks/start.yml Normal file
View File

@ -0,0 +1,48 @@
---
- name: Starting octavia-api container
kolla_docker:
action: "start_container"
common_options: "{{ docker_common_options }}"
image: "{{ octavia_api_image_full }}"
name: "octavia_api"
volumes:
- "{{ node_config_directory }}/octavia-api/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
when: inventory_hostname in groups['octavia-api']
- name: Starting octavia-health-manager container
kolla_docker:
action: "start_container"
common_options: "{{ docker_common_options }}"
image: "{{ octavia_api_image_full }}"
name: "octavia_health_manager"
volumes:
- "{{ node_config_directory }}/octavia-health-manager/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
when: inventory_hostname in groups['octavia-health-manager']
- name: Starting octavia-housekeeping container
kolla_docker:
action: "start_container"
common_options: "{{ docker_common_options }}"
image: "{{ octavia_api_image_full }}"
name: "octavia_housekeeping"
volumes:
- "{{ node_config_directory }}/octavia-housekeeping/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
when: inventory_hostname in groups['octavia-housekeeping']
- name: Starting octavia-worker container
kolla_docker:
action: "start_container"
common_options: "{{ docker_common_options }}"
image: "{{ octavia_api_image_full }}"
name: "octavia_worker"
volumes:
- "{{ node_config_directory }}/octavia-worker/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "kolla_logs:/var/log/kolla/"
when: inventory_hostname in groups['octavia-worker']

6
ansible/roles/octavia/tasks/upgrade.yml Normal file
View File

@ -0,0 +1,6 @@
---
- include: "config.yml"
- include: "bootstrap_service.yml"
- include: "start.yml"

11
ansible/roles/octavia/templates/octavia-api.json.j2 Normal file
View File

@ -0,0 +1,11 @@
{
"command": "octavia-api --config-file /etc/octavia/octavia.conf",
"config_files": [
{
"source": "{{ container_config_directory }}/octavia.conf",
"dest": "/etc/octavia/octavia.conf",
"owner": "octavia",
"perm": "0600"
}
]
}

11
ansible/roles/octavia/templates/octavia-health-manager.json.j2 Normal file
View File

@ -0,0 +1,11 @@
{
"command": "octavia-health-manager --config-file /etc/octavia/octavia.conf",
"config_files": [
{
"source": "{{ container_config_directory }}/octavia.conf",
"dest": "/etc/octavia/octavia.conf",
"owner": "octavia",
"perm": "0600"
}
]
}

11
ansible/roles/octavia/templates/octavia-housekeeping.json.j2 Normal file
View File

@ -0,0 +1,11 @@
{
"command": "octavia-housekeeping --config-file /etc/octavia/octavia.conf",
"config_files": [
{
"source": "{{ container_config_directory }}/octavia.conf",
"dest": "/etc/octavia/octavia.conf",
"owner": "octavia",
"perm": "0600"
}
]
}

29
ansible/roles/octavia/templates/octavia-worker.json.j2 Normal file
View File

@ -0,0 +1,29 @@
{
"command": "octavia-worker --config-file /etc/octavia/octavia.conf",
"config_files": [
{
"source": "{{ container_config_directory }}/octavia.conf",
"dest": "/etc/octavia/octavia.conf",
"owner": "octavia",
"perm": "0600"
},
{
"source": "{{ container_config_directory }}/cakey.pem",
"dest": "/etc/octavia/certs/private/cakey.pem",
"owner": "octavia",
"perm": "0600"
},
{
"source": "{{ container_config_directory }}/ca_01.pem",
"dest": "/etc/octavia/certs/ca_01.pem",
"owner": "octavia",
"perm": "0600"
},
{
"source": "{{ container_config_directory }}/client.pem",
"dest": "/etc/octavia/certs/client.pem",
"owner": "octavia",
"perm": "0600"
}
]
}

74
ansible/roles/octavia/templates/octavia.conf.j2 Normal file
View File

@ -0,0 +1,74 @@
[DEFAULT]
debug = {{ octavia_logging_debug }}
log_dir = /var/log/kolla/octavia
api_handler = queue_producer
transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
bind_port = {{ octavia_api_port }}
[certificates]
ca_private_key_passphrase = {{ octavia_ca_password }}
ca_private_key = /etc/octavia/certs/private/cakey.pem
ca_certificate = /etc/octavia/certs/ca_01.pem
[haproxy_amphora]
server_ca = /etc/octavia/certs/ca_01.pem
client_cert = /etc/octavia/certs/client.pem
[database]
connection = mysql+pymysql://{{ octavia_database_user }}:{{ octavia_database_password }}@{{ octavia_database_address }}/{{ octavia_database_name }}
max_retries = -1
[service_auth]
auth_url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
auth_type = password
username = admin
password = {{ keystone_admin_password }}
user_domain_name = Default
project_name = admin
project_domain_name = Default
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[keystone_authtoken]
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
auth_host = {{ kolla_internal_fqdn }}
auth_port = {{ keystone_public_port }}
auth_protocol = {{ internal_protocol }}
auth_type = password
admin_tenant_name = service
admin_user = {{ octavia_keystone_user }}
admin_password = {{ octavia_keystone_password }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[health_manager]
bind_port = {{ octavia_health_manager_port }}
bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
controller_ip_port_list = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ octavia_health_manager_port }}
heartbeat_key =insecure
[controller_worker]
amp_boot_network_list = {{ octavia_amp_boot_network_list }}
amp_image_tag = amphora
amp_secgroup_list = {{ octavia_amp_secgroup_list }}
amp_flavor_id = {{ octavia_amp_flavor_id }}
amp_ssh_key_name = octavia_ssh_key
network_driver = allowed_address_pairs_driver
compute_driver = compute_nova_driver
amphora_driver = amphora_haproxy_rest_driver
amp_active_retries = 100
amp_active_wait_sec = 2
loadbalancer_topology = {{ octavia_loadbalancer_topology }}
[oslo_messaging]
topic = octavia_prov
rpc_thread_pool_size = 2

8
ansible/site.yml
View File

@ -485,3 +485,11 @@
- { role: tacker, - { role: tacker,
tags: tacker, tags: tacker,
when: enable_tacker | bool } when: enable_tacker | bool }
- name: Apply role octavia
hosts:
- octavia-api
- octavia-health-manager
- octavia-housekeeping
- octavia-worker
serial: '{{ serial|default("0") }}'

3
etc/kolla/passwords.yml
View File

@ -106,6 +106,9 @@ telemetry_secret_key:
manila_database_password: manila_database_password:
manila_keystone_password: manila_keystone_password:
octavia_database_password:
octavia_keystone_password:
searchlight_keystone_password: searchlight_keystone_password:
tacker_database_password: tacker_database_password:

3
releasenotes/notes/implement-octavia-73f5470136886e9e.yaml Normal file
View File

@ -0,0 +1,3 @@
---
features:
- Implement Octavia Ansible role