From 5e521f0550cab5989580fe1a92c112d367f33072 Mon Sep 17 00:00:00 2001 From: Steven Dake Date: Sun, 2 Aug 2015 12:26:30 -0700 Subject: [PATCH] Add Ansible support for Heat This changes bootstrapping of the Heat container to bootstrap the Heat container with a heat domain user. This requires some work from bootstrap.yml to pass in several environment variables needed by the heat domain setup script. Co-Authored-By: Sam Yaple Change-Id: Iab05983754fa514835cb5ff54d775faa18773110 Partially-implements: blueprint ansible-heat --- ansible/group_vars/all.yml | 6 ++ ansible/inventory/all-in-one | 13 ++++ ansible/inventory/multinode | 15 ++++ .../roles/haproxy/templates/haproxy.cfg.j2 | 12 ++++ ansible/roles/heat/defaults/main.yml | 43 ++++++++++++ ansible/roles/heat/tasks/bootstrap.yml | 68 +++++++++++++++++++ ansible/roles/heat/tasks/config.yml | 55 +++++++++++++++ ansible/roles/heat/tasks/main.yml | 8 +++ ansible/roles/heat/tasks/register.yml | 57 ++++++++++++++++ ansible/roles/heat/tasks/start.yml | 57 ++++++++++++++++ ansible/roles/heat/templates/heat.conf.j2 | 45 ++++++++++++ ansible/site.yml | 4 ++ docker/base/Dockerfile.j2 | 10 ++- docker/designate/designate-base/Dockerfile.j2 | 7 +- docker/heat/heat-api-cfn/Dockerfile.j2 | 4 +- docker/heat/heat-api/Dockerfile.j2 | 4 +- docker/heat/heat-api/config-external.sh | 4 +- docker/heat/heat-api/start.sh | 10 +++ docker/ironic/ironic-base/Dockerfile.j2 | 2 - docker/keystone/Dockerfile.j2 | 1 - docker/kolla-ansible/Dockerfile.j2 | 8 +-- etc/kolla/config/heat.conf | 0 etc/kolla/config/heat/heat-api-cfn.conf | 0 etc/kolla/config/heat/heat-api.conf | 0 etc/kolla/config/heat/heat-engine.conf | 0 etc/kolla/passwords.yml | 5 +- 26 files changed, 415 insertions(+), 23 deletions(-) create mode 100644 ansible/roles/heat/defaults/main.yml create mode 100644 ansible/roles/heat/tasks/bootstrap.yml create mode 100644 ansible/roles/heat/tasks/config.yml create mode 100644 ansible/roles/heat/tasks/main.yml create mode 100644 ansible/roles/heat/tasks/register.yml create mode 100644 ansible/roles/heat/tasks/start.yml create mode 100644 ansible/roles/heat/templates/heat.conf.j2 create mode 100644 etc/kolla/config/heat.conf create mode 100644 etc/kolla/config/heat/heat-api-cfn.conf create mode 100644 etc/kolla/config/heat/heat-api.conf create mode 100644 etc/kolla/config/heat/heat-engine.conf diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 16efa3d5cc..34985a0594 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -96,6 +96,10 @@ swift_object_server_port: "6000" swift_account_server_port: "6001" swift_container_server_port: "6002" +heat_api_port: "8004" +heat_api_cfn_port: "8000" + + #################### # Openstack options #################### @@ -133,9 +137,11 @@ enable_rabbitmq: "yes" # Additional optional OpenStack services are specified here enable_cinder: "no" +enable_heat: "yes" enable_horizon: "yes" enable_swift: "no" + #################### # RabbitMQ options #################### diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one index b0cbdb457a..e762078b1b 100644 --- a/ansible/inventory/all-in-one +++ b/ansible/inventory/all-in-one @@ -48,6 +48,9 @@ control [swift:children] control +[heat:children] +control + # Additional control implemented here. These groups allow you to control which # services run on which hosts at a per-service level. @@ -111,3 +114,13 @@ storage [swift-object-server:children] storage + +# Heat +[heat-api:children] +heat + +[heat-api-cfn:children] +heat + +[heat-engine:children] +heat diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode index 7db8c12a5f..1d4e1fb7fd 100644 --- a/ansible/inventory/multinode +++ b/ansible/inventory/multinode @@ -9,6 +9,8 @@ control03 ansible_ssh_user=sam # The above can also be specified as follows: #control[01:03] ansible_ssh_user=sam +# The network nodes are where your l3-agent and loadbalancers will run +# This can be the same as a a host in the control group [network] network01 @@ -54,6 +56,9 @@ control [swift:children] control +[heat:children] +control + # Additional control implemented here. These groups allow you to control which # services run on which hosts at a per-service level. @@ -117,3 +122,13 @@ storage [swift-object-server:children] storage + +# Heat +[heat-api:children] +heat + +[heat-api-cfn:children] +heat + +[heat-engine:children] +heat diff --git a/ansible/roles/haproxy/templates/haproxy.cfg.j2 b/ansible/roles/haproxy/templates/haproxy.cfg.j2 index 128e1ff961..745d9b0f58 100644 --- a/ansible/roles/haproxy/templates/haproxy.cfg.j2 +++ b/ansible/roles/haproxy/templates/haproxy.cfg.j2 @@ -97,3 +97,15 @@ listen cinder_api {% for host in groups['cinder-api'] %} server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + api_interface]['ipv4']['address'] }}:{{ cinder_api_port }} check inter 2000 rise 2 fall 5 {% endfor %} + +listen heat_api + bind {{ kolla_internal_address }}:{{ heat_api_port }} +{% for host in groups['heat-api'] %} + server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + api_interface]['ipv4']['address'] }}:{{ heat_api_port }} check inter 2000 rise 2 fall 5 +{% endfor %} + +listen heat_api_cfn + bind {{ kolla_internal_address }}:{{ heat_api_cfn_port }} +{% for host in groups['heat-api-cfn'] %} + server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + api_interface]['ipv4']['address'] }}:{{ heat_api_cfn_port }} check inter 2000 rise 2 fall 5 +{% endfor %} diff --git a/ansible/roles/heat/defaults/main.yml b/ansible/roles/heat/defaults/main.yml new file mode 100644 index 0000000000..1e126a7b24 --- /dev/null +++ b/ansible/roles/heat/defaults/main.yml @@ -0,0 +1,43 @@ +--- +project_name: "heat" + +#################### +# Database +#################### +heat_database_name: "heat" +heat_database_user: "heat" +heat_database_address: "{{ kolla_internal_address }}" + + +#################### +# Docker +#################### +heat_registry_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-heat-registry" +heat_registry_tag: "{{ openstack_release }}" +heat_registry_image_full: "{{ heat_registry_image }}:{{ heat_registry_tag }}" + +heat_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-heat-api" +heat_api_tag: "{{ openstack_release }}" +heat_api_image_full: "{{ heat_api_image }}:{{ heat_api_tag }}" + +heat_api_cfn_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-heat-api-cfn" +heat_api_cfn_tag: "{{ openstack_release }}" +heat_api_cfn_image_full: "{{ heat_api_cfn_image }}:{{ heat_api_cfn_tag }}" + +heat_engine_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-heat-engine" +heat_engine_tag: "{{ openstack_release }}" +heat_engine_image_full: "{{ heat_engine_image }}:{{ heat_engine_tag }}" + +#################### +# Openstack +#################### +heat_public_address: "{{ kolla_external_address }}" +heat_admin_address: "{{ kolla_internal_address }}" +heat_internal_address: "{{ kolla_internal_address }}" + +heat_logging_verbose: "{{ openstack_logging_verbose }}" +heat_logging_debug: "{{ openstack_logging_debug }}" + +heat_keystone_user: "heat" + +openstack_heat_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}" diff --git a/ansible/roles/heat/tasks/bootstrap.yml b/ansible/roles/heat/tasks/bootstrap.yml new file mode 100644 index 0000000000..b43b4dccb4 --- /dev/null +++ b/ansible/roles/heat/tasks/bootstrap.yml @@ -0,0 +1,68 @@ +--- +- name: Creating Heat database + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m mysql_db + -a "login_host='{{ database_address }}' + login_user='{{ database_user }}' + login_password='{{ database_password }}' + name='{{ heat_database_name }}'" + register: database + changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + failed_when: database.stdout.split()[2] != 'SUCCESS' + run_once: True + +- name: Creating Heat database user and setting permissions + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m mysql_user + -a "login_host='{{ database_address }}' + login_user='{{ database_user }}' + login_password='{{ database_password }}' + name='{{ heat_database_name }}' + password='{{ heat_database_password }}' + host='%' + priv='{{ heat_database_name }}.*:ALL' + append_privs='yes'" + register: database_user + changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + failed_when: database_user.stdout.split()[2] != 'SUCCESS' + run_once: True + +- name: Starting Heat bootstrap container + docker: + detach: False + docker_api_version: "{{ docker_api_version }}" + net: host + pull: "{{ docker_pull_policy }}" + restart_policy: "no" + state: reloaded + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + insecure_registry: "{{ docker_insecure_registry }}" + name: bootstrap_heat + image: "{{ heat_api_image_full }}" + volumes: "{{ node_config_directory }}/heat-api/:/opt/kolla/heat-api/:ro" + env: + KOLLA_BOOTSTRAP: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + OS_AUTH_URL: "{{ openstack_auth.auth_url }}" + OS_IDENTITY_API_VERSION: "3" + OS_USERNAME: "{{ openstack_auth.username }}" + OS_PASSWORD: "{{ openstack_auth.password }}" + OS_PROJECT_NAME: "{{ openstack_auth.project_name }}" + HEAT_DOMAIN_ADMIN_PASSWORD: "{{ heat_domain_admin_password }}" + run_once: True + when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed + +# https://github.com/ansible/ansible-modules-core/pull/1031 +- name: Waiting for bootstrap container to exit + command: docker wait bootstrap_heat + run_once: True + when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed + +- name: Cleaning up Heat boostrap container + docker: + name: bootstrap_heat + image: "{{ heat_api_image_full }}" + state: absent + when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed diff --git a/ansible/roles/heat/tasks/config.yml b/ansible/roles/heat/tasks/config.yml new file mode 100644 index 0000000000..bf1364a010 --- /dev/null +++ b/ansible/roles/heat/tasks/config.yml @@ -0,0 +1,55 @@ +--- +- include: ../../config.yml + vars: + service_name: "heat-engine" + config_source: + - "roles/heat/templates/heat.conf.j2" + - "/etc/kolla/config/global.conf" + - "/etc/kolla/config/database.conf" + - "/etc/kolla/config/heat.conf" + - "/etc/kolla/config/heat/heat-engine.conf" + config_template_dest: + - "{{ node_templates_directory }}/heat-engine/heat.conf_minimal" + - "{{ node_templates_directory }}/heat-engine/heat.conf_global" + - "{{ node_templates_directory }}/heat-engine/heat.conf_database" + - "{{ node_templates_directory }}/heat-engine/heat.conf_augment" + - "{{ node_templates_directory }}/heat-engine/heat-engine.conf_augment" + config_dest: "{{ node_config_directory }}/heat-engine/heat.conf" + +- include: ../../config.yml + vars: + service_name: "heat-api" + config_source: + - "roles/heat/templates/heat.conf.j2" + - "/etc/kolla/config/global.conf" + - "/etc/kolla/config/database.conf" + - "/etc/kolla/config/messaging.conf" + - "/etc/kolla/config/heat.conf" + - "/etc/kolla/config/heat/heat-api.conf" + config_template_dest: + - "{{ node_templates_directory }}/heat-api/heat.conf_minimal" + - "{{ node_templates_directory }}/heat-api/heat.conf_global" + - "{{ node_templates_directory }}/heat-api/heat.conf_database" + - "{{ node_templates_directory }}/heat-api/heat.conf_messaging" + - "{{ node_templates_directory }}/heat-api/heat.conf_augment" + - "{{ node_templates_directory }}/heat-api/heat-api.conf_augment" + config_dest: "{{ node_config_directory }}/heat-api/heat.conf" + +- include: ../../config.yml + vars: + service_name: "heat-api-cfn" + config_source: + - "roles/heat/templates/heat.conf.j2" + - "/etc/kolla/config/global.conf" + - "/etc/kolla/config/database.conf" + - "/etc/kolla/config/messaging.conf" + - "/etc/kolla/config/heat.conf" + - "/etc/kolla/config/heat/heat-api-cfn.conf" + config_template_dest: + - "{{ node_templates_directory }}/heat-api-cfn/heat.conf_minimal" + - "{{ node_templates_directory }}/heat-api-cfn/heat.conf_global" + - "{{ node_templates_directory }}/heat-api-cfn/heat.conf_database" + - "{{ node_templates_directory }}/heat-api-cfn/heat.conf_messaging" + - "{{ node_templates_directory }}/heat-api-cfn/heat.conf_augment" + - "{{ node_templates_directory }}/heat-api-cfn/heat-api-cfn.conf_augment" + config_dest: "{{ node_config_directory }}/heat-api-cfn/heat.conf" diff --git a/ansible/roles/heat/tasks/main.yml b/ansible/roles/heat/tasks/main.yml new file mode 100644 index 0000000000..5c48120b7c --- /dev/null +++ b/ansible/roles/heat/tasks/main.yml @@ -0,0 +1,8 @@ +--- +- include: register.yml + +- include: config.yml + +- include: bootstrap.yml + +- include: start.yml diff --git a/ansible/roles/heat/tasks/register.yml b/ansible/roles/heat/tasks/register.yml new file mode 100644 index 0000000000..3cd89b94bb --- /dev/null +++ b/ansible/roles/heat/tasks/register.yml @@ -0,0 +1,57 @@ +--- +- name: Creating the Heat service and endpoint + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m kolla_keystone_service + -a "service_name=heat + service_type=orchestration + description='Openstack Orchestration' + endpoint_region={{ openstack_region_name }} + admin_url='http://{{ kolla_internal_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' + internal_url='http://{{ kolla_internal_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' + public_url='http://{{ kolla_external_address }}:{{ heat_api_port }}/v1/%(tenant_id)s' + region_name={{ openstack_region_name }} + auth={{ '{{ openstack_heat_auth }}' }}" + -e "{'openstack_heat_auth':{{ openstack_heat_auth }}}" + register: heat_endpoint + changed_when: "{{ heat_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (heat_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + until: heat_endpoint.stdout.split()[2] == 'SUCCESS' + retries: 10 + delay: 5 + run_once: True + +- name: Creating the Heat-cfn service and endpoint + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m kolla_keystone_service + -a "service_name=heat-cfn + service_type=orchestration + description='Openstack Orchestration' + endpoint_region={{ openstack_region_name }} + admin_url='http://{{ kolla_internal_address }}:{{ heat_api_port }}/v1' + internal_url='http://{{ kolla_internal_address }}:{{ heat_api_cfn_port }}/v1' + public_url='http://{{ kolla_external_address }}:{{ heat_api_cfn_port }}/v1' + region_name={{ openstack_region_name }} + auth={{ '{{ openstack_heat_auth }}' }}" + -e "{'openstack_heat_auth':{{ openstack_heat_auth }}}" + register: heat_endpoint + changed_when: "{{ heat_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (heat_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + until: heat_endpoint.stdout.split()[2] == 'SUCCESS' + retries: 10 + delay: 5 + run_once: True + +- name: Creating the Heat project, user, and role + command: docker exec -t kolla_ansible /usr/bin/ansible localhost + -m kolla_keystone_user + -a "project=service + user=heat + password={{ heat_keystone_password }} + role=admin + region_name={{ openstack_region_name }} + auth={{ '{{ openstack_heat_auth }}' }}" + -e "{'openstack_heat_auth':{{ openstack_heat_auth }}}" + register: heat_user + changed_when: "{{ heat_user.stdout.find('localhost | SUCCESS => ') != -1 and (heat_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}" + until: heat_user.stdout.split()[2] == 'SUCCESS' + retries: 10 + delay: 5 + run_once: True diff --git a/ansible/roles/heat/tasks/start.yml b/ansible/roles/heat/tasks/start.yml new file mode 100644 index 0000000000..62f8ba1e0c --- /dev/null +++ b/ansible/roles/heat/tasks/start.yml @@ -0,0 +1,57 @@ +--- +- name: Starting heat-api container + docker: + docker_api_version: "{{ docker_api_version }}" + net: host + pull: "{{ docker_pull_policy }}" + restart_policy: "{{ docker_restart_policy }}" + restart_policy_retry: "{{ docker_restart_policy_retry }}" + state: reloaded + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + insecure_registry: "{{ docker_insecure_registry }}" + name: heat_api + image: "{{ heat_api_image_full }}" + volumes: "{{ node_config_directory }}/heat-api/:/opt/kolla/heat-api/:ro" + env: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + when: inventory_hostname in groups['heat-api'] + +- name: Starting heat-api-cfn container + docker: + docker_api_version: "{{ docker_api_version }}" + net: host + pull: "{{ docker_pull_policy }}" + restart_policy: "{{ docker_restart_policy }}" + restart_policy_retry: "{{ docker_restart_policy_retry }}" + state: reloaded + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + insecure_registry: "{{ docker_insecure_registry }}" + name: heat_api_cfn + image: "{{ heat_api_cfn_image_full }}" + volumes: "{{ node_config_directory }}/heat-api-cfn/:/opt/kolla/heat-api-cfn/:ro" + env: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + when: inventory_hostname in groups['heat-api-cfn'] + +- name: Starting heat-engine container + docker: + docker_api_version: "{{ docker_api_version }}" + net: host + pull: "{{ docker_pull_policy }}" + restart_policy: "{{ docker_restart_policy }}" + restart_policy_retry: "{{ docker_restart_policy_retry }}" + state: reloaded + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + insecure_registry: "{{ docker_insecure_registry }}" + name: heat_engine + image: "{{ heat_engine_image_full }}" + volumes: "{{ node_config_directory }}/heat-engine/:/opt/kolla/heat-engine/:ro" + env: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + when: inventory_hostname in groups['heat-engine'] diff --git a/ansible/roles/heat/templates/heat.conf.j2 b/ansible/roles/heat/templates/heat.conf.j2 new file mode 100644 index 0000000000..9d891758e5 --- /dev/null +++ b/ansible/roles/heat/templates/heat.conf.j2 @@ -0,0 +1,45 @@ +[DEFAULT] +heat_watch_server_url = http://{{ kolla_external_address }}:{{ heat_api_cfn_port }} +heat_metadata_server_url = http://{{ kolla_external_address }}:{{ heat_api_cfn_port }} +heat_waitcondition_server_url = http://{{ kolla_external_address }}:{{ heat_api_cfn_port }}/v1/waitcondition + +stack_domain_admin = heat_domain_admin +stack_domain_admin_password = {{ heat_domain_admin_password }} +stack_user_domain_name = heat_user_domain + +rpc_backend = rabbit +notification_driver = noop + +[oslo_messaging_rabbit] +rabbit_host = {{ kolla_internal_address }} +rabbit_userid = {{ rabbitmq_user }} +rabbit_password = {{ rabbitmq_password }} +rabbit_ha_queues = true + +{% if service_name == 'heat-api' %} +[heat_api] +bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +bind_port = {{ heat_api_port }} +{% endif %} + +{% if service_name == 'heat-api-cfn' %} +[heat_api_cfn] +bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +bind_port = {{ heat_api_cfn_port }} +{% endif %} + +[database] +connection = mysql://{{ heat_database_user }}:{{ heat_database_password }}@{{ heat_database_address }}/{{ heat_database_name }} + +[keystone_authtoken] +auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} +auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }} +auth_plugin = password +project_domain_id = default +user_domain_id = default +project_name = service +username = heat +password = {{ heat_keystone_password }} + +[ec2authtoken] +auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }} diff --git a/ansible/site.yml b/ansible/site.yml index b395249023..6eeafed366 100755 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -35,6 +35,10 @@ roles: - { role: cinder, tags: cinder, when: enable_cinder | bool } +- hosts: [heat-api, heat-api-cfn, heat-engine] + roles: + - { role: heat, tags: heat, when: enable_heat | bool } + - hosts: horizon roles: - { role: horizon, tags: horizon, when: enable_horizon | bool } diff --git a/docker/base/Dockerfile.j2 b/docker/base/Dockerfile.j2 index b3b0c776a2..602555c85a 100755 --- a/docker/base/Dockerfile.j2 +++ b/docker/base/Dockerfile.j2 @@ -65,6 +65,7 @@ RUN yum install -y \ git \ iproute \ mariadb-libs \ + MySQL-python \ openssl \ openstack-utils \ pyparsing \ @@ -108,6 +109,7 @@ RUN yum install -y \ python-netifaces \ python-networkx \ python-oauthlib \ + python-openstackclient \ python-oslo-config \ python-oslo-messaging \ python-oslo-rootwrap \ @@ -173,7 +175,6 @@ RUN yum update -y \ libxslt-devel \ mariadb-devel \ mysql-devel \ - MySQL-python \ openldap-devel \ openssl \ openssl-devel \ @@ -210,7 +211,6 @@ RUN apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com 199369E5404BD build-essential \ python-dev \ libssl-dev \ - python-mysqldb \ libmariadbclient-dev \ libxslt1-dev \ libffi-dev \ @@ -228,7 +228,11 @@ RUN apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com 199369E5404BD RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py \ && python get-pip.py \ - && rm get-pip.py + && rm get-pip.py \ + && pip --no-cache-dir install \ + python-openstackclient \ + MySQL-python \ + numpy # Endif for install_type source {% endif %} diff --git a/docker/designate/designate-base/Dockerfile.j2 b/docker/designate/designate-base/Dockerfile.j2 index 3fec3a6f73..4272ca7e75 100644 --- a/docker/designate/designate-base/Dockerfile.j2 +++ b/docker/designate/designate-base/Dockerfile.j2 @@ -9,10 +9,9 @@ MAINTAINER Kolla Project (https://launchpad.net.kolla) # need the complete policy file because of some of the containers' # requiring it. Remove the package when the file is moved though. RUN yum install -y \ - MySQL-python \ - openstack-designate-api \ - openstack-designate-common \ - python-tooz \ + openstack-designate-api \ + openstack-designate-common \ + python-tooz \ && yum clean all \ && cp /etc/designate/policy.json /tmp/ \ && rpm -e openstack-designate-api \ diff --git a/docker/heat/heat-api-cfn/Dockerfile.j2 b/docker/heat/heat-api-cfn/Dockerfile.j2 index f199c16cfd..0e0b099078 100644 --- a/docker/heat/heat-api-cfn/Dockerfile.j2 +++ b/docker/heat/heat-api-cfn/Dockerfile.j2 @@ -4,9 +4,7 @@ MAINTAINER Kolla Project (https://launchpad.net/kolla) {% if install_type == 'binary' %} {% if base_distro in ['fedora', 'centos', 'oraclelinux'] %} -RUN yum -y install \ - openstack-heat-api-cfn \ - python-openstackclient \ +RUN yum -y install openstack-heat-api-cfn \ && yum clean all {% elif base_distro in ['ubuntu', 'debian'] %} diff --git a/docker/heat/heat-api/Dockerfile.j2 b/docker/heat/heat-api/Dockerfile.j2 index 8a782d8d3b..25cbcf9f58 100644 --- a/docker/heat/heat-api/Dockerfile.j2 +++ b/docker/heat/heat-api/Dockerfile.j2 @@ -4,9 +4,7 @@ MAINTAINER Kolla Project (https://launchpad.net/kolla) {% if install_type == 'binary' %} {% if base_distro in ['fedora', 'centos', 'oraclelinux'] %} -RUN yum -y install \ - openstack-heat-api \ - python-openstackclient \ +RUN yum -y install openstack-heat-api \ && yum clean all {% elif base_distro in ['ubuntu', 'debian'] %} diff --git a/docker/heat/heat-api/config-external.sh b/docker/heat/heat-api/config-external.sh index ca5d73e909..2da92b2031 100644 --- a/docker/heat/heat-api/config-external.sh +++ b/docker/heat/heat-api/config-external.sh @@ -1,6 +1,6 @@ #!/bin/bash -SOURCE="/opt/kolla/heat-api/heat-api.conf" -TARGET="/etc/heat/heat-api.conf" +SOURCE="/opt/kolla/heat-api/heat.conf" +TARGET="/etc/heat/heat.conf" OWNER="heat" if [[ -f "$SOURCE" ]]; then diff --git a/docker/heat/heat-api/start.sh b/docker/heat/heat-api/start.sh index a7b14b1d9a..25bfa2bff6 100755 --- a/docker/heat/heat-api/start.sh +++ b/docker/heat/heat-api/start.sh @@ -10,4 +10,14 @@ source /opt/kolla/kolla-common.sh # Execute config strategy set_configs +# Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases +# of the KOLLA_BOOTSTRAP variable being set, including empty. +if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then + su -s /bin/sh -c "heat-manage db_sync" heat + openstack domain create heat_user_domain + openstack user create --domain heat_user_domain heat_domain_admin --password ${HEAT_DOMAIN_ADMIN_PASSWORD} + openstack role add --domain heat_user_domain --user heat_domain_admin admin + exit 0 +fi + exec $CMD $ARGS diff --git a/docker/ironic/ironic-base/Dockerfile.j2 b/docker/ironic/ironic-base/Dockerfile.j2 index 0fc7e56c27..29789429e2 100644 --- a/docker/ironic/ironic-base/Dockerfile.j2 +++ b/docker/ironic/ironic-base/Dockerfile.j2 @@ -6,12 +6,10 @@ MAINTAINER Kolla Project (https://launchpad.net/kolla) # until packaging is fixed, all of this is required # api: policy -# conductor:MySQL-python RUN yum -y install \ python-oslo-log \ python-oslo-concurrency \ python-oslo-policy \ - MySQL-python \ && yum clean all {% elif base_distro in ['ubuntu', 'debian'] %} diff --git a/docker/keystone/Dockerfile.j2 b/docker/keystone/Dockerfile.j2 index db5292399b..e71d7dfb9f 100644 --- a/docker/keystone/Dockerfile.j2 +++ b/docker/keystone/Dockerfile.j2 @@ -6,7 +6,6 @@ MAINTAINER Kolla Project (https://launchpad.net/kolla) RUN yum -y install openstack-keystone \ python-keystoneclient \ - python-openstackclient \ httpd \ mod_wsgi \ && yum clean all diff --git a/docker/kolla-ansible/Dockerfile.j2 b/docker/kolla-ansible/Dockerfile.j2 index 9975f58738..9b84c761e0 100644 --- a/docker/kolla-ansible/Dockerfile.j2 +++ b/docker/kolla-ansible/Dockerfile.j2 @@ -9,7 +9,6 @@ RUN yum -y install \ libffi-devel \ libxml2-devel \ libxslt-devel \ - MySQL-python \ openssl-devel \ python-devel \ openssh-clients \ @@ -19,16 +18,17 @@ RUN pip install -U pip wheel {% elif base_distro in ['ubuntu', 'debian'] %} -RUN apt-get install -y --no-install-recommends git +RUN apt-get install -y --no-install-recommends git \ + && apt-get clean {% endif %} -RUN pip install shade +RUN pip --no-cache-dir install shade RUN git clone --depth 1 https://github.com/ansible/ansible.git \ && cd ansible \ && git submodule update --init --recursive \ - && pip install --install-option="--install-scripts=/usr/bin" . + && pip --no-cache-dir install . RUN mkdir -p /etc/ansible /usr/share/ansible \ && echo 'localhost ansible_connection=local' > /etc/ansible/hosts diff --git a/etc/kolla/config/heat.conf b/etc/kolla/config/heat.conf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/etc/kolla/config/heat/heat-api-cfn.conf b/etc/kolla/config/heat/heat-api-cfn.conf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/etc/kolla/config/heat/heat-api.conf b/etc/kolla/config/heat/heat-api.conf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/etc/kolla/config/heat/heat-engine.conf b/etc/kolla/config/heat/heat-engine.conf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml index e73f573f72..dacfcd6ee3 100644 --- a/etc/kolla/passwords.yml +++ b/etc/kolla/passwords.yml @@ -30,7 +30,6 @@ nova_keystone_password: "password" neutron_database_password: "password" neutron_keystone_password: "password" - metadata_secret: "password" cinder_database_password: "password" @@ -40,6 +39,10 @@ swift_keystone_password: "password" swift_hash_path_suffix: "kolla" swift_hash_path_prefix: "kolla" +heat_database_password: "password" +heat_keystone_password: "password" +heat_domain_admin_password: "password" + #################### # RabbitMQ options ####################