Allow skydive keystone service setup from an alternate host
This patch allows a deployer to override the service setup host
and python interpreter path so that the keystone service setup
can be done on a different host, typically the first utility
container in an openstack-ansible deployment.
Overrides can be provided in an integration inventory and an
example would be:
skydive_service_setup_host: "{{ groups['utility_all'][0] }}"
skydive_service_setup_host_python_interpreter: "/openstack/venvs/utility-{{ openstack_release }}/bin/python"
Change-Id: Id4faf605fd1f0de1262ed48166a8801b7e24a528
This commit is contained in:
Jonathan Rosser
Kevin Carter
parent
506463b241
commit
181edc376f
@ -13,6 +13,12 @@
|
|||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
|
# Set the host which will execute the shade modules
|
||||||
|
# for the skydive openstack service setup. The host must already have
|
||||||
|
# clouds.yaml properly configured.
|
||||||
|
skydive_service_setup_host: "{{ openstack_service_setup_host | default(ansible_play_hosts[0]) }}"
|
||||||
|
skydive_service_setup_host_python_interpreter: "{{ (openstack_service_setup_host is undefined) | ternary('/opt/skydive/bin/python', ansible_python['executable']) }}"
|
||||||
|
|
||||||
# Set the analyzer port
|
# Set the analyzer port
|
||||||
skydive_analyzer_port: 8082
|
skydive_analyzer_port: 8082
|
||||||
|
|
||||||
|
|||||||
@ -68,13 +68,35 @@
|
|||||||
tags:
|
tags:
|
||||||
- package_install
|
- package_install
|
||||||
|
|
||||||
- name: Check for openstack deployment
|
# NOTE(cloudnull): Locate a clouds.yaml file on the service setup host or localhost.
|
||||||
|
- name: Check for OpenStack deployment
|
||||||
block:
|
block:
|
||||||
- name: Slurp clouds file
|
- name: Slurp clouds file
|
||||||
slurp:
|
slurp:
|
||||||
src: "{{ skydive_os_cloud_file }}"
|
src: "{{ skydive_os_cloud_file }}"
|
||||||
register: clouds_file
|
register: clouds_file
|
||||||
|
delegate_to: "{{ skydive_service_setup_host }}"
|
||||||
|
rescue:
|
||||||
|
- name: Slurp clouds file (fallback to localhost)
|
||||||
|
slurp:
|
||||||
|
src: "{{ skydive_os_cloud_file }}"
|
||||||
|
register: clouds_file
|
||||||
|
delegate_to: "localhost"
|
||||||
|
failed_when: false
|
||||||
|
when:
|
||||||
|
- not (skydive_service_setup_host in ['localhost', '127.0.0.1'])
|
||||||
|
|
||||||
|
- name: OpenStack integration notice
|
||||||
|
debug:
|
||||||
|
msg: >-
|
||||||
|
No clouds file found, running without OpenStack integration.
|
||||||
|
when:
|
||||||
|
- not (clouds_file is success)
|
||||||
|
|
||||||
|
# NOTE(cloudnull): If a clouds file is found the facts for the clouds file will be delegated
|
||||||
|
# to all hosts throughout the skydive deployment.
|
||||||
|
- name: Run OpenStack ingetration deployment
|
||||||
|
block:
|
||||||
- name: Enable OpenStack integration
|
- name: Enable OpenStack integration
|
||||||
set_fact:
|
set_fact:
|
||||||
clouds_yaml: "{{ clouds_file['content'] | b64decode | from_yaml }}"
|
clouds_yaml: "{{ clouds_file['content'] | b64decode | from_yaml }}"
|
||||||
@ -87,12 +109,7 @@
|
|||||||
|
|
||||||
- include_tasks: skydive_keystone.yml
|
- include_tasks: skydive_keystone.yml
|
||||||
run_once: true
|
run_once: true
|
||||||
rescue:
|
when:
|
||||||
- name: Notice
|
- clouds_file is success
|
||||||
debug:
|
|
||||||
msg: >-
|
|
||||||
OpenStack setup is not possible, running in without it.
|
|
||||||
when:
|
|
||||||
- not (skydive_openstack_enabled | bool)
|
|
||||||
|
|
||||||
- include_tasks: skydive_setup.yml
|
- include_tasks: skydive_setup.yml
|
||||||
|
|||||||
@ -28,104 +28,108 @@
|
|||||||
- default: "skydive_os_auth_url"
|
- default: "skydive_os_auth_url"
|
||||||
cfg: "auth_url"
|
cfg: "auth_url"
|
||||||
|
|
||||||
- name: Create skydive venv
|
- name: Create service setup environment when localhost is the service setup host
|
||||||
command: "/usr/bin/virtualenv --no-site-packages --no-setuptools /opt/skydive"
|
delegate_to: "{{ skydive_service_setup_host }}"
|
||||||
args:
|
run_once: yes
|
||||||
creates: /opt/skydive/bin/pip
|
when:
|
||||||
|
- skydive_service_setup_host_python_interpreter == '/opt/skydive/bin/python'
|
||||||
|
block:
|
||||||
|
- name: Create skydive venv
|
||||||
|
command: "/usr/bin/virtualenv --no-site-packages --no-setuptools /opt/skydive"
|
||||||
|
args:
|
||||||
|
creates: /opt/skydive/bin/pip
|
||||||
|
|
||||||
- name: Setup skydive venv
|
- name: Setup skydive venv
|
||||||
pip:
|
pip:
|
||||||
name:
|
name:
|
||||||
- pip
|
- pip
|
||||||
- setuptools
|
- setuptools
|
||||||
extra_args: "-U"
|
extra_args: "-U"
|
||||||
virtualenv: /opt/skydive
|
virtualenv: /opt/skydive
|
||||||
|
|
||||||
- name: Ensure the openstacksdk is installed
|
- name: Ensure the openstacksdk is installed
|
||||||
pip:
|
pip:
|
||||||
name:
|
name:
|
||||||
- openstacksdk
|
- openstacksdk
|
||||||
extra_args: "-U"
|
extra_args: "-U"
|
||||||
virtualenv: /opt/skydive
|
virtualenv: /opt/skydive
|
||||||
|
|
||||||
- name: Capture current ansible python interpreter
|
- name: Show ansible interpreter
|
||||||
set_fact:
|
debug:
|
||||||
old_ansible_python_interpreter: "{{ ansible_python_interpreter | default('/usr/bin/python') }}"
|
var: skydive_service_setup_host_python_interpreter
|
||||||
|
|
||||||
- name: Set ansible python interpreter to skydive venv
|
- name: Setup the skydive service
|
||||||
set_fact:
|
delegate_to: "{{ skydive_service_setup_host }}"
|
||||||
ansible_python_interpreter: "/opt/skydive/bin/python"
|
run_once: yes
|
||||||
|
vars:
|
||||||
|
ansible_python_interpreter: "{{ skydive_service_setup_host_python_interpreter }}"
|
||||||
|
block:
|
||||||
|
- name: Add skydive project
|
||||||
|
os_project:
|
||||||
|
cloud: "{{ skydive_os_cloud }}"
|
||||||
|
state: present
|
||||||
|
name: "{{ skydive_os_project_name }}"
|
||||||
|
description: "Skydive admin project"
|
||||||
|
domain_id: "{{ skydive_os_domain_name }}"
|
||||||
|
verify: "{{ not (skydive_os_service_insecure | bool) }}"
|
||||||
|
enabled: true
|
||||||
|
register: keystone_api
|
||||||
|
until: keystone_api is success
|
||||||
|
retries: 5
|
||||||
|
delay: 10
|
||||||
|
|
||||||
- name: Add skydive project
|
- name: Add skydive user
|
||||||
os_project:
|
os_user:
|
||||||
cloud: "{{ skydive_os_cloud }}"
|
cloud: "{{ skydive_os_cloud }}"
|
||||||
state: present
|
state: present
|
||||||
name: "{{ skydive_os_project_name }}"
|
name: "{{ skydive_os_user_name }}"
|
||||||
description: "Skydive admin project"
|
password: "{{ skydive_password }}"
|
||||||
domain_id: "{{ skydive_os_domain_name }}"
|
update_password: on_create
|
||||||
verify: "{{ not (skydive_os_service_insecure | bool) }}"
|
domain: "{{ skydive_os_domain_name }}"
|
||||||
enabled: true
|
default_project: "{{ skydive_os_project_name }}"
|
||||||
register: keystone_api
|
verify: "{{ not (skydive_os_service_insecure | bool) }}"
|
||||||
until: keystone_api is success
|
enabled: true
|
||||||
retries: 5
|
register: keystone_api
|
||||||
delay: 10
|
until: keystone_api is success
|
||||||
|
retries: 5
|
||||||
|
delay: 10
|
||||||
|
|
||||||
- name: Add skydive user
|
- name: Assign skydive user role
|
||||||
os_user:
|
os_user_role:
|
||||||
cloud: "{{ skydive_os_cloud }}"
|
cloud: "{{ skydive_os_cloud }}"
|
||||||
state: present
|
state: present
|
||||||
name: "{{ skydive_os_user_name }}"
|
user: "{{ skydive_os_user_name }}"
|
||||||
password: "{{ skydive_password }}"
|
role: "{{ skydive_os_user_role }}"
|
||||||
update_password: on_create
|
project: "{{ skydive_os_project_name }}"
|
||||||
domain: "{{ skydive_os_domain_name }}"
|
verify: "{{ not (skydive_os_service_insecure | bool) }}"
|
||||||
default_project: "{{ skydive_os_project_name }}"
|
register: keystone_api
|
||||||
verify: "{{ not (skydive_os_service_insecure | bool) }}"
|
until: keystone_api is success
|
||||||
enabled: true
|
retries: 5
|
||||||
register: keystone_api
|
delay: 10
|
||||||
until: keystone_api is success
|
|
||||||
retries: 5
|
|
||||||
delay: 10
|
|
||||||
|
|
||||||
- name: Assign skydive user role
|
- name: Add skydive service user
|
||||||
os_user_role:
|
os_user:
|
||||||
cloud: "{{ skydive_os_cloud }}"
|
cloud: "{{ skydive_os_cloud }}"
|
||||||
state: present
|
state: present
|
||||||
user: "{{ skydive_os_user_name }}"
|
name: "{{ skydive_os_service_user }}"
|
||||||
role: "{{ skydive_os_user_role }}"
|
password: "{{ skydive_os_service_password }}"
|
||||||
project: "{{ skydive_os_project_name }}"
|
domain: "{{ skydive_os_domain_name }}"
|
||||||
verify: "{{ not (skydive_os_service_insecure | bool) }}"
|
default_project: "{{ skydive_os_project_name }}"
|
||||||
register: keystone_api
|
verify: "{{ not (skydive_os_service_insecure | bool) }}"
|
||||||
until: keystone_api is success
|
register: keystone_api
|
||||||
retries: 5
|
until: keystone_api is success
|
||||||
delay: 10
|
retries: 5
|
||||||
|
delay: 10
|
||||||
|
|
||||||
- name: Add skydive service user
|
- name: Assign skydive service user role
|
||||||
os_user:
|
os_user_role:
|
||||||
cloud: "{{ skydive_os_cloud }}"
|
cloud: "{{ skydive_os_cloud }}"
|
||||||
state: present
|
state: present
|
||||||
name: "{{ skydive_os_service_user }}"
|
user: "{{ skydive_os_service_user }}"
|
||||||
password: "{{ skydive_os_service_password }}"
|
role: "{{ skydive_os_service_user_role }}"
|
||||||
domain: "{{ skydive_os_domain_name }}"
|
project: "{{ skydive_os_project_name }}"
|
||||||
default_project: "{{ skydive_os_project_name }}"
|
verify: "{{ not (skydive_os_service_insecure | bool) }}"
|
||||||
verify: "{{ not (skydive_os_service_insecure | bool) }}"
|
register: keystone_api
|
||||||
register: keystone_api
|
until: keystone_api is success
|
||||||
until: keystone_api is success
|
retries: 5
|
||||||
retries: 5
|
delay: 10
|
||||||
delay: 10
|
|
||||||
|
|
||||||
- name: Assign skydive service user role
|
|
||||||
os_user_role:
|
|
||||||
cloud: "{{ skydive_os_cloud }}"
|
|
||||||
state: present
|
|
||||||
user: "{{ skydive_os_service_user }}"
|
|
||||||
role: "{{ skydive_os_service_user_role }}"
|
|
||||||
project: "{{ skydive_os_project_name }}"
|
|
||||||
verify: "{{ not (skydive_os_service_insecure | bool) }}"
|
|
||||||
register: keystone_api
|
|
||||||
until: keystone_api is success
|
|
||||||
retries: 5
|
|
||||||
delay: 10
|
|
||||||
|
|
||||||
- name: Reset ansible python
|
|
||||||
set_fact:
|
|
||||||
ansible_python_interpreter: "{{ old_ansible_python_interpreter }}"
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user