diff --git a/compose/heat-api-cfn.yml b/compose/heat-api-cfn.yml new file mode 100644 index 0000000000..b97b54c0e7 --- /dev/null +++ b/compose/heat-api-cfn.yml @@ -0,0 +1,7 @@ +heatapicfn: + image: kollaglue/centos-rdo-heat-api-cfn + name: heat-api-cfn + net: "host" + restart: always + env_file: + - openstack.env diff --git a/docker/heat/heat-api-cfn/Dockerfile b/docker/heat/heat-api-cfn/Dockerfile new file mode 100644 index 0000000000..2fa2ad5de1 --- /dev/null +++ b/docker/heat/heat-api-cfn/Dockerfile @@ -0,0 +1,12 @@ +FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%heat-base +MAINTAINER Kolla Project (https://launchpad.net/kolla) + +RUN yum -y install \ + openstack-heat-api-cfn \ + python-openstackclient \ + && yum clean all + +ADD ./start.sh /start.sh +ADD ./check.sh /check.sh + +CMD ["/start.sh"] diff --git a/docker/heat/heat-api-cfn/build b/docker/heat/heat-api-cfn/build new file mode 120000 index 0000000000..43944faa00 --- /dev/null +++ b/docker/heat/heat-api-cfn/build @@ -0,0 +1 @@ +../../../tools/build-docker-image \ No newline at end of file diff --git a/docker/heat/heat-api-cfn/check.sh b/docker/heat/heat-api-cfn/check.sh new file mode 100755 index 0000000000..ee03dc6d23 --- /dev/null +++ b/docker/heat/heat-api-cfn/check.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +RES=0 + +. /openrc +if ! keystone token-get > /dev/null; then + echo "ERROR: keystone token-get failed" >&2 + RES=1 +else + if ! heat stack-list > /dev/null; then + echo "ERROR: heat stack-list failed" >&2 + RES=1 + fi +fi + +exit $RES diff --git a/docker/heat/heat-api-cfn/start.sh b/docker/heat/heat-api-cfn/start.sh new file mode 100755 index 0000000000..bcd72250b4 --- /dev/null +++ b/docker/heat/heat-api-cfn/start.sh @@ -0,0 +1,28 @@ +#!/bin/bash +set -e + +. /opt/kolla/kolla-common.sh +. /opt/kolla/config-heat.sh + +check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \ + HEAT_CFN_KEYSTONE_USER HEAT_CFN_KEYSTONE_PASSWORD \ + KEYSTONE_AUTH_PROTOCOL KEYSTONE_ADMIN_SERVICE_PORT \ + ADMIN_TENANT_NAME HEAT_API_CFN_SERVICE_HOST \ + HEAT_API_CFN_SERVICE_PORT + +fail_unless_os_service_running keystone + +export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}" +export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v2.0" + +crux user-create -n ${HEAT_CFN_KEYSTONE_USER} \ + -p ${HEAT_CFN_KEYSTONE_PASSWORD} \ + -t ${ADMIN_TENANT_NAME} \ + -r admin + +crux endpoint-create --remove-all -n ${HEAT_CFN_KEYSTONE_USER} -t cloudformation \ + -I "${KEYSTONE_AUTH_PROTOCOL}://${HEAT_API_CFN_SERVICE_HOST}:${HEAT_API_CFN_SERVICE_PORT}/v1" \ + -P "${KEYSTONE_AUTH_PROTOCOL}://${HEAT_API_CFN_SERVICE_HOST}:${HEAT_API_CFN_SERVICE_PORT}/v1" \ + -A "${KEYSTONE_AUTH_PROTOCOL}://${HEAT_API_CFN_SERVICE_HOST}:${HEAT_API_CFN_SERVICE_PORT}/v1" + +exec /usr/bin/heat-api-cfn diff --git a/docker/heat/heat-api/start.sh b/docker/heat/heat-api/start.sh index f065c7de86..b57aaa710b 100755 --- a/docker/heat/heat-api/start.sh +++ b/docker/heat/heat-api/start.sh @@ -23,11 +23,6 @@ crux endpoint-create --remove-all -n ${HEAT_KEYSTONE_USER} -t orchestration \ -P "${KEYSTONE_AUTH_PROTOCOL}://${PUBLIC_IP}:8004/v1/%(tenant_id)s" \ -A "${KEYSTONE_AUTH_PROTOCOL}://${HEAT_API_SERVICE_HOST}:8004/v1/%(tenant_id)s" -#crux endpoint-create --remove-all -n ${HEAT_KEYSTONE_USER} -t cloudformation \ -# -I "http://${HEAT_CFN_API_SERVICE_HOST}:8000/v1" \ -# -P "http://${PUBLIC_IP}:8000/v1" \ -# -A "http://${HEAT_CFN_API_SERVICE_HOST}:8000/v1" - # will use crux after https://github.com/larsks/crux/issues/1 is implemented openstack role list --os-token="${KEYSTONE_ADMIN_TOKEN}" --os-url $SERVICE_ENDPOINT -f csv | tail -n +2 | awk -F, '{print $2}' | grep heat_stack_user || keystone role-create --name heat_stack_user diff --git a/docker/heat/heat-base/config-heat.sh b/docker/heat/heat-base/config-heat.sh index ef2d0f9497..74b2718a4b 100755 --- a/docker/heat/heat-base/config-heat.sh +++ b/docker/heat/heat-base/config-heat.sh @@ -8,6 +8,7 @@ set -e : ${HEAT_DB_NAME:=heat} : ${HEAT_DB_USER:=heat} : ${HEAT_KEYSTONE_USER:=heat} +: ${HEAT_CFN_KEYSTONE_USER:=heat_cfn} : ${KEYSTONE_AUTH_PROTOCOL:=http} : ${PUBLIC_IP:=$HEAT_API_PORT_8004_TCP_ADDR} : ${RABBIT_USER:=guest} @@ -33,11 +34,11 @@ crudini --set /etc/heat/heat.conf DEFAULT use_stderr \ crudini --set /etc/heat/heat.conf DEFAULT rpc_backend \ heat.openstack.common.rpc.impl_kombu crudini --set /etc/heat/heat.conf DEFAULT rabbit_host \ - ${RABBITMQ_SERVICE_HOST} + "${RABBITMQ_SERVICE_HOST}" crudini --set /etc/heat/heat.conf DEFAULT rabbit_userid \ - ${RABBIT_USER} + "${RABBIT_USER}" crudini --set /etc/heat/heat.conf DEFAULT rabbit_password \ - ${RABBIT_PASSWORD} + "${RABBIT_PASSWORD}" crudini --set /etc/heat/heat.conf database connection \ mysql://${HEAT_DB_USER}:${HEAT_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${HEAT_DB_NAME} @@ -47,9 +48,9 @@ crudini --set /etc/heat/heat.conf keystone_authtoken auth_protocol \ crudini --set /etc/heat/heat.conf keystone_authtoken auth_host \ "${KEYSTONE_PUBLIC_SERVICE_HOST}" crudini --set /etc/heat/heat.conf keystone_authtoken auth_port \ - 5000 + "${KEYSTONE_PUBLIC_SERVICE_PORT}" crudini --set /etc/heat/heat.conf keystone_authtoken auth_uri \ - "${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/v2.0" + "${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0" crudini --set /etc/heat/heat.conf keystone_authtoken admin_tenant_name \ "${ADMIN_TENANT_NAME}" crudini --set /etc/heat/heat.conf keystone_authtoken admin_user \ @@ -58,11 +59,9 @@ crudini --set /etc/heat/heat.conf keystone_authtoken admin_password \ "${HEAT_KEYSTONE_PASSWORD}" crudini --set /etc/heat/heat.conf ec2authtoken auth_uri \ - "${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/v2.0" + "${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0" -# cfn crudini --set /etc/heat/heat.conf DEFAULT heat_metadata_server_url \ - http://${HEAT_CFN_API_SERVICE_HOST}:8000 + http://${HEAT_API_CFN_URL_HOST}:${HEAT_API_CFN_SERVICE_PORT} crudini --set /etc/heat/heat.conf DEFAULT heat_waitcondition_server_url \ - http://${HEAT_CFN_API_SERVICE_HOST}:8000/v1/waitcondition - + http://${HEAT_API_CFN_URL_HOST}:${HEAT_API_CFN_SERVICE_PORT}/v1/waitcondition diff --git a/docs/integration-guide.md b/docs/integration-guide.md index 869791e23a..58165a06ef 100644 --- a/docs/integration-guide.md +++ b/docs/integration-guide.md @@ -101,7 +101,8 @@ all containers. This allows a simple method of ensuring every type of node HEAT_DB_PASSWORD= - The heat db password HEAT_KEYSTONE_PASSWORD= - The keystone password for the heat user HEAT_API_SERVICE_HOST= - The IP Address where the Heat API service is hosted - HEAT_API_CFN_SERVICE_HOST= - The IP Address where Heat will contact the heat-engine in search for meta data + HEAT_API_CFN_SERVICE_HOST= - The IP Address where Heat users will contact the heat-engine in search for meta data + HEAT_API_CFN_URL_HOST= - The IP Address where Heat virtual machines will contact the heat-engine to signal wait conditions PUBLIC_INTERFACE= - The nova public interface PUBLIC_IP= - The IP Address of this host RABBITMQ_PASS= - The rabbitmq password used to join AMQP diff --git a/tools/genenv b/tools/genenv index f4551e6dbf..3fbb55e63b 100755 --- a/tools/genenv +++ b/tools/genenv @@ -108,7 +108,8 @@ HEAT_DB_NAME=heat HEAT_DB_PASSWORD=kolla HEAT_KEYSTONE_PASSWORD=heat HEAT_API_SERVICE_HOST=$HOST_IP -HEAT_CFN_API_SERVICE_HOST=$HOST_IP +HEAT_API_CFN_SERVICE_HOST=$HOST_IP +HEAT_API_CFN_URL_HOST=$HOST_IP cat > ./openrc <