openstack/openstack-ansible-os_cloudkitty
Code Issues Proposed changes

Adding the extras and tests with updated readme

Browse Source 
This change includes the bits needed to add to osa such
as the playbook and env.d file.
This commit is contained in:
Michael Rice
2016-05-19 22:21:55 -05:00
parent 52e56cc298
commit 6d6ca0c8fa
12 changed files with 585 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
README.rst
View File

@@ -1 +1,38 @@
openstack-ansible-cloudkitty
OpenStack-Ansible CloudKitty
############################
:tags: openstack, cloudkitty, cloud, ansible
:category: \*nix
This Ansible role installs and configures OpenStack cloudkitty.
This role will install the following Upstart services:
* cloudkitty-api
* cloudkitty-processor
Required Variables
==================
.. code-block:: yaml
cloudkitty_user_password
cloudkitty_rabbitmq_password
cloudkitty_galera_password
cloudkitty_galera_address
Example Playbook
================
.. code-block:: yaml
- name: Install cloudkitty server
hosts: cloudkitty_all
user: root
roles:
- { role: "os_cloudkitty", tags: [ "os-cloudkitty" ] }
vars:
external_lb_vip_address: 172.16.24.1
internal_lb_vip_address: 192.168.0.1
cloudkitty_galera_address: "{{ internal_lb_vip_address }}"
cloudkitty_container_mysql_password: "SuperSecretePassword1"
cloudkitty_service_password: "SuperSecretePassword2"
cloudkitty_rabbitmq_password: "SuperSecretePassword3"

35
extras/env.d/cloudkitty.yml Normal file
View File

@@ -0,0 +1,35 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
component_skel:
cloudkitty_api:
belongs_to:
- cloudkitty_all
cloudkitty_engine:
belongs_to:
- cloudkitty_all
container_skel:
cloudkitty_container:
belongs_to:
- infra_containers
- os-infra_containers
contains:
- cloudkitty_api
- cloudkitty_engine
properties:
service_name: cloudkitty
container_release: trusty

10
extras/haproxy_cloudkitty.yml Normal file
View File

@@ -0,0 +1,10 @@
haproxy_service_configs:
- service:
haproxy_service_name: cloudkitty_api
haproxy_backend_nodes: "{{ groups['cloudkitty_api'] | default([]) }}"
haproxy_port: 8089
haproxy_balance_type: http
haproxy_backend_options:
- "forwardfor"
- "httpchk"
- "httplog"

16
extras/horizon/horizon_post_install.yml Normal file
View File

@@ -0,0 +1,16 @@
- name: Enable the cloudkitty-dashboard Horizon panel
file:
src: "{{ item.src }}"
path: "{{ item.dest }}"
state: "{{ (horizon_enable_cloudkitty | bool | ternary('link', 'absent')) }}"
with_items:
- { src: "{{ horizon_venv_lib_dir }}/cloudkittydashboard/enabled/_10_admin_group.py", dest: "{{ horizon_venv_lib_dir }}/openstack_dashboard/local/enabled/_10_admin_group.py" }
- { src: "{{ horizon_venv_lib_dir }}/cloudkittydashboard/enabled/_10_project_group.py", dest: "{{ horizon_venv_lib_dir }}/openstack_dashboard/local/enabled/_10_project_group.py" }
- { src: "{{ horizon_venv_lib_dir }}/cloudkittydashboard/enabled/_11_admin_hashmap_panel.py", dest: "{{ horizon_venv_lib_dir }}/openstack_dashboard/local/enabled/_11_admin_hashmap_panel.py" }
- { src: "{{ horizon_venv_lib_dir }}/cloudkittydashboard/enabled/_11_admin_rating_panel.py", dest: "{{ horizon_venv_lib_dir }}/openstack_dashboard/local/enabled/_11_admin_rating_panel.py" }
- { src: "{{ horizon_venv_lib_dir }}/cloudkittydashboard/enabled/_11_project_rating_panel.py", dest: "{{ horizon_venv_lib_dir }}/openstack_dashboard/local/enabled/_11_project_rating_panel.py" }
- { src: "{{ horizon_venv_lib_dir }}/cloudkittydashboard/enabled/_12_project_reporting_panel.py", dest: "{{ horizon_venv_lib_dir }}/openstack_dashboard/local/enabled/_12_project_reporting_panel.py" }
- { src: "{{ horizon_venv_lib_dir }}/cloudkittydashboard/enabled/_13_admin_pyscripts_panel.py", dest: "{{ horizon_venv_lib_dir }}/openstack_dashboard/local/enabled/_13_admin_pyscripts_panel.py" }
notify: Restart apache2
tags:
- horizon-configs

6
extras/horizon/horizon_vars.yml Normal file
View File

@@ -0,0 +1,6 @@
## CloudKitty
horizon_enable_cloudkitty: False
horizon_pip_packages:
- cloudkitty-dashboard
- python-cloudkittyclient

131
extras/os-cloudkitty-install.yml Normal file
View File

@@ -0,0 +1,131 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Install cloudkitty server
hosts: cloudkitty_all
max_fail_percentage: 20
user: root
pre_tasks:
- name: Use the lxc-openstack aa profile
lxc_container:
name: "{{ container_name }}"
container_config:
- "lxc.aa_profile=lxc-openstack"
delegate_to: "{{ physical_host }}"
when: not is_metal | bool
register: container_config
tags:
- lxc-aa-profile
- name: Wait for container ssh
wait_for:
port: "22"
delay: "{{ ssh_delay }}"
search_regex: "OpenSSH"
host: "{{ ansible_ssh_host }}"
delegate_to: "{{ physical_host }}"
when: container_config is defined and container_config | changed
register: ssh_wait_check
until: ssh_wait_check | success
retries: 3
tags:
- ssh-wait
- name: Sort the rabbitmq servers
dist_sort:
value_to_lookup: "{{ container_name }}"
ref_list: "{{ groups['cloudkitty_all'] }}"
src_list: "{{ rabbitmq_servers }}"
register: servers
tags:
- always
- name: Set rabbitmq servers
set_fact:
rabbitmq_servers: "{{ servers.sorted_list }}"
tags:
- always
- name: Create log dir
file:
path: "{{ item.path }}"
state: directory
with_items:
- { path: "/openstack/log/{{ inventory_hostname }}-cloudkitty" }
when: is_metal | bool
tags:
- cloudkitty-logs
- cloudkitty-log-dirs
- name: Create log aggregation links
file:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
state: "{{ item.state }}"
force: "yes"
with_items:
- { src: "/openstack/log/{{ inventory_hostname }}-cloudkitty", dest: "/var/log/cloudkitty", state: "link" }
when: is_metal | bool
tags:
- cloudkitty-logs
- name: Ensure Rabbitmq vhost
rabbitmq_vhost:
name: "{{ cloudkitty_rabbitmq_vhost }}"
state: "present"
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
when:
- inventory_hostname == groups['cloudkitty_all'][0]
- groups['rabbitmq_all']|length > 0
tags:
- cloudkitty-rabbitmq
- cloudkitty-rabbitmq-vhost
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ cloudkitty_rabbitmq_userid }}"
password: "{{ cloudkitty_rabbitmq_password }}"
vhost: "{{ cloudkitty_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
when:
- inventory_hostname == groups['cloudkitty_all'][0]
- groups['rabbitmq_all']|length > 0
tags:
- cloudkitty-rabbitmq
- cloudkitty-rabbitmq-user
roles:
- role: "os_cloudkitty"
cloudkitty_venv_tag: "{{ openstack_release }}"
cloudkitty_venv_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ ansible_distribution | lower }}/cloudkitty-{{ openstack_release }}.tgz"
cloudkitty_galera_address: "{{ galera_address }}"
tags:
- "os-cloudkitty"
- role: "rsyslog_client"
rsyslog_client_log_rotate_file: cloudkitty_log_rotate
rsyslog_client_log_dir: "/var/log/cloudkitty"
rsyslog_client_config_name: "99-cloudkitty-rsyslog-client.conf"
tags:
- "cloudkitty-rsyslog-client"
- "rsyslog-client"
- role: "system_crontab_coordination"
tags:
- "system-crontab-coordination"
vars:
galera_address: "{{ internal_lb_vip_address }}"
is_metal: "{{ properties.is_metal|default(false) }}"
cloudkitty_rabbitmq_userid: cloudkitty
cloudkitty_rabbitmq_vhost: /cloudkitty
cloudkitty_rabbitmq_servers: "{{ rabbitmq_servers }}"
cloudkitty_rabbitmq_port: "{{ rabbitmq_port }}"
cloudkitty_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}"
vars_files:
- defaults/repo_packages/openstack_services.yml

4
extras/user_secrets_cloudkitty.yml Normal file
View File

@@ -0,0 +1,4 @@
## Cloudkitty passwords
cloudkitty_user_password:
cloudkitty_rabbitmq_password:
cloudkitty_galera_password:

48
tests/ansible-role-requirements.yml Normal file
View File

@@ -0,0 +1,48 @@
- name: apt_package_pinning
src: https://git.openstack.org/openstack/openstack-ansible-apt_package_pinning
scm: git
version: master
- name: pip_install
src: https://git.openstack.org/openstack/openstack-ansible-pip_install
scm: git
version: master
- name: pip_lock_down
src: https://git.openstack.org/openstack/openstack-ansible-pip_lock_down
scm: git
version: master
- name: memcached_server
src: https://git.openstack.org/openstack/openstack-ansible-memcached_server
scm: git
version: master
- name: lxc_hosts
src: https://git.openstack.org/openstack/openstack-ansible-lxc_hosts
scm: git
version: master
- name: lxc_container_create
src: https://git.openstack.org/openstack/openstack-ansible-lxc_container_create
scm: git
version: master
- name: openstack_hosts
src: https://git.openstack.org/openstack/openstack-ansible-openstack_hosts
scm: git
version: master
- name: galera_client
src: https://git.openstack.org/openstack/openstack-ansible-galera_client
scm: git
version: master
- name: galera_server
src: https://git.openstack.org/openstack/openstack-ansible-galera_server
scm: git
version: master
- name: rabbitmq_server
src: https://git.openstack.org/openstack/openstack-ansible-rabbitmq_server
scm: git
version: master
- name: os_keystone
src: https://git.openstack.org/openstack/openstack-ansible-os_keystone
scm: git
version: master
- name: openstack_openrc
src: https://git.openstack.org/openstack/openstack-ansible-openstack_openrc
scm: git
version: master

2
tests/inventory Normal file
View File

@@ -0,0 +1,2 @@
[all]
localhost ansible_connection=local ansible_become=True

54
tests/test-container-create.yml Normal file
View File

@@ -0,0 +1,54 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create test containers
hosts: all_containers
connection: local
gather_facts: false
pre_tasks:
- name: Destroy test containers
lxc_container:
name: "{{ container_name }}"
state: "absent"
delegate_to: "{{ physical_host }}"
tags:
- container-destroy
- name: Destroy container service directories
file:
path: "{{ item }}"
state: "absent"
with_items:
- "/openstack/{{ container_name }}"
- "/openstack/backup/{{ container_name }}"
- "/openstack/log/{{ container_name }}"
- "/var/lib/lxc/{{ container_name }}"
- "{{ lxc_container_directory|default('/var/lib/lxc') }}/{{ container_name }}"
delegate_to: "{{ physical_host }}"
tags:
- container-directories
roles:
- role: "lxc_container_create"
lxc_container_release: trusty
lxc_container_backing_store: dir
global_environment_variables:
PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
post_tasks:
- name: Wait for ssh to be available
local_action:
module: wait_for
port: "{{ ansible_ssh_port | default('22') }}"
host: "{{ ansible_ssh_host | default(inventory_hostname) }}"
search_regex: OpenSSH
delay: 1

86
tests/test-prep.yml Normal file
View File

@@ -0,0 +1,86 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create ssh key pairs for use with containers
hosts: 127.0.0.1
connection: local
become: false
pre_tasks:
- name: Create ssh key pair for root
user:
name: "{{ ansible_ssh_user }}"
generate_ssh_key: "yes"
ssh_key_bits: 2048
ssh_key_file: ".ssh/id_rsa"
- name: get the calling users key
command: cat ~/.ssh/id_rsa.pub
register: key_get
- set_fact:
lxc_container_ssh_key: "{{ key_get.stdout }}"
- name: Perform basic LXC host setup
hosts: localhost
connection: local
become: yes
pre_tasks:
# Make sure OS does not have a stale package cache.
- name: Update apt cache.
apt:
update_cache: yes
when: ansible_os_family == 'Debian'
- name: Ensure root's new public ssh key is in authorized_keys
authorized_key:
user: root
key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}"
manage_dir: no
- set_fact:
lxc_container_ssh_key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}"
roles:
- role: "lxc_hosts"
lxc_net_address: 10.100.100.1
lxc_net_dhcp_range: 10.100.100.2,10.100.100.253
lxc_net_bridge: lxcbr0
lxc_kernel_options:
- { key: 'fs.inotify.max_user_instances', value: 1024 }
lxc_container_caches:
- url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz"
name: "trusty.tgz"
sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c"
chroot_path: trusty/rootfs-amd64
post_tasks:
# Inventory is being pre-loaded using a post tasks instead of through a dynamic
# inventory system. While this is not a usual method for deployment it's being
# done for functional testing.
- name: Create container hosts
add_host:
groups: "{{ item.groups }}"
hostname: "{{ item.name }}"
inventory_hostname: "{{ item.name }}"
ansible_ssh_host: "{{ item.address }}"
ansible_become: true
properties:
service_name: "{{ item.service }}"
container_networks:
management_address:
address: "{{ item.address }}"
bridge: "lxcbr0"
interface: "eth1"
netmask: "255.255.252.0"
type: "veth"
physical_host: localhost
container_name: "{{ item.name }}"
with_items:
- { name: "service1", service: "service1", address: "10.100.100.101", groups: "all,all_containers,rabbitmq_all,galera_all,service_all" }
- { name: "openstack1", service: "openstack1", address: "10.100.100.102", groups: "all,all_containers,cloudkitty_all,cloudkitty_api,cloudkitty_engine,cloudkitty_engine_container,cloudkitty_apis_container,keystone_all" }

155
tests/test.yml Normal file
View File

@@ -0,0 +1,155 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Run basic prep
- include: test-prep.yml
# Run container clean up and build
- include: test-container-create.yml
- name: Playbook for deploying infra services
hosts: service_all
user: root
gather_facts: true
roles:
- role: "rabbitmq_server"
rabbitmq_cookie_token: secrete
- role: "galera_server"
galera_root_password: secrete
galera_root_user: root
galera_innodb_buffer_pool_size: 512M
galera_innodb_log_buffer_size: 32M
galera_server_id: "{{ inventory_hostname | string_2_int }}"
galera_wsrep_node_name: "{{ inventory_hostname }}"
galera_wsrep_provider_options:
- { option: "gcache.size", value: "32M" }
galera_server_id: "{{ inventory_hostname | string_2_int }}"
- name: Playbook for deploying keystone
hosts: keystone_all
user: root
gather_facts: true
pre_tasks:
- name: Ensure Rabbitmq vhost
rabbitmq_vhost:
name: "{{ keystone_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.101"
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ keystone_rabbitmq_userid }}"
password: "{{ keystone_rabbitmq_password }}"
vhost: "{{ keystone_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.101"
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
state: "present"
delegate_to: "10.100.100.101"
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
password: "{{ keystone_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ keystone_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.101"
roles:
- role: os_keystone
vars:
external_lb_vip_address: 10.100.100.102
internal_lb_vip_address: 10.100.100.102
keystone_galera_address: 10.100.100.101
keystone_galera_database: keystone
keystone_venv_tag: "testing"
keystone_developer_mode: true
keystone_git_install_branch: master
keystone_requirements_git_install_branch: master
keystone_auth_admin_token: "SuperSecreteTestToken"
keystone_auth_admin_password: "SuperSecretePassword"
keystone_service_password: "secrete"
keystone_rabbitmq_password: "secrete"
keystone_container_mysql_password: "SuperSecrete"
keystone_rabbitmq_port: 5671
keystone_rabbitmq_userid: keystone
keystone_rabbitmq_vhost: /keystone
keystone_rabbitmq_servers: 10.100.100.101
keystone_rabbitmq_use_ssl: false
galera_client_drop_config_file: false
- name: Playbook for role testing
hosts: cloudkitty_all
user: root
gather_facts: true
pre_tasks:
- name: Ensure Rabbitmq vhost
rabbitmq_vhost:
name: "{{ cloudkitty_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.101"
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ cloudkitty_rabbitmq_userid }}"
password: "{{ cloudkitty_rabbitmq_password }}"
vhost: "{{ cloudkitty_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.101"
roles:
- role: "{{ rolename | basename }}"
vars:
external_lb_vip_address: 10.100.100.102
internal_lb_vip_address: 10.100.100.102
cloudkitty_venv_tag: "testing"
cloudkitty_developer_mode: true
cloudkitty_git_install_branch: master
cloudkitty_requirements_git_install_branch: master
cloudkitty_galera_address: 10.100.100.101
galera_client_drop_config_file: false
galera_root_password: "secrete"
cloudkitty_rabbitmq_password: "secrete"
cloudkitty_rabbitmq_userid: cloudkitty
cloudkitty_rabbitmq_vhost: /cloudkitty
rabbitmq_servers: 10.100.100.101
rabbitmq_use_ssl: false
rabbitmq_port: 5671
keystone_auth_admin_password: "SuperSecretePassword"
keystone_admin_user_name: admin
keystone_admin_tenant_name: admin
keystone_service_adminuri_insecure: false
keystone_service_internaluri_insecure: false
keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000"
keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357"
keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
openrc_os_password: "{{ keystone_auth_admin_password }}"
openrc_os_domain_name: "Default"
memcached_servers: 127.0.0.1
memcached_encryption_key: "secrete"