Merge "Add coordination to octavia"

defaults/main.yml

@@ -71,6 +71,7 @@ octavia_db_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter |
 octavia_galera_address: "{{ galera_address | default('127.0.0.1') }}"
 octavia_galera_user: octavia
 octavia_galera_database: octavia
+octavia_galera_persistence_database: octavia_persistence
 octavia_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
 octavia_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('') }}"
 octavia_db_max_overflow: "{{ openstack_db_max_overflow | default('50') }}"
@@ -79,6 +80,16 @@ octavia_db_pool_timeout: "{{ openstack_db_pool_timeout | default('30') }}"
 octavia_db_connection_recycle_time: "{{ openstack_db_connection_recycle_time | default('600') }}"
 octavia_galera_port: "{{ galera_port | default('3306') }}"
 
+## Coordination info
+# NOTE: Only Zookeeper and Redis are supported for Octavia
+octavia_coordination_driver: "{{ coordination_driver | default('zookeeper') }}"
+octavia_coordination_group: "{{ coordination_host_group | default('zookeeper_all') }}"
+octavia_coordination_enable: "{{ octavia_coordination_group in groups and groups[octavia_coordination_group] | length > 0 }}"
+octavia_coordination_namespace: octavia_jobboard
+octavia_coordination_client_ssl: "{{ coordination_client_ssl | default(True) }}"
+octavia_coordination_verify_cert: "{{ coordination_verify_cert | default(True) }}"
+octavia_coordination_port: "{{ coordination_port | default(octavia_coordination_client_ssl | ternary('2281', '2181')) }}"
+
 ## Oslo Messaging
 
 # RPC
@@ -179,6 +190,7 @@ octavia_pip_packages:
   - python-octaviaclient
   - "git+{{ octavia_git_repo }}@{{ octavia_git_install_branch }}#egg=octavia"
   - systemd-python
+  - "tooz[{{ octavia_coordination_driver }}]"
 
 # Memcached override
 octavia_memcached_servers: "{{ memcached_servers }}"
@@ -424,6 +436,8 @@ octavia_uwsgi_bind_address: "{{ openstack_service_bind_address | default('0.0.0.
 octavia_api_uwsgi_ini_overrides: {}
 
 # Set up the drivers
+octavia_enabled_provider_drivers: "{{ _octavia_enabled_provider_drivers }}"
+octavia_default_provider_driver: "{{ (octavia_coordination_enable | bool) | ternary('amphorav2', 'amphora') }}"
 octavia_amphora_driver: amphora_haproxy_rest_driver
 octavia_compute_driver: compute_nova_driver
 octavia_network_driver: allowed_address_pairs_driver

releasenotes/notes/octavia_jobboard-6fce898eac4f15d4.yaml

@@ -0,0 +1,8 @@
+---
+features:
+  - |
+    With adding zookeeper as coordination backend Octavia will be configured
+    to use amphorav2 as default provider driver. This will result in creating
+    a new database and jobboard configuration. You can control database name
+    with variable ``octavia_galera_persistence_database`` and existing octavia
+    db user will be granted ALL permissions to that database.

tasks/main.yml

@@ -69,6 +69,11 @@
         users:
           - username: "{{ octavia_galera_user }}"
             password: "{{ octavia_container_mysql_password }}"
+      - name: "{{ octavia_galera_persistence_database }}"
+        condition: "{{ octavia_coordination_enable | bool }}"
+        users:
+          - username: "{{ octavia_galera_user }}"
+            password: "{{ octavia_container_mysql_password }}"
   tags:
     - always
 

tasks/octavia_db_sync.yml

@@ -18,3 +18,10 @@
   become: yes
   become_user: "{{ octavia_system_user_name }}"
   changed_when: false
+
+- name: Perform a octavia DB sync
+  command: "{{ octavia_bin }}/octavia-db-manage upgrade_persistence"
+  become: yes
+  become_user: "{{ octavia_system_user_name }}"
+  changed_when: false
+  when: octavia_coordination_enable | bool

templates/octavia.conf.j2

@@ -15,6 +15,9 @@ auth_strategy = {{ octavia_auth_strategy }}
 # Allow users to create TLS Terminated listeners?
 allow_tls_terminated_listeners = {{ octavia_tls_listener_enabled }}
 
+default_provider_driver = {{ octavia_default_provider_driver }}
+enabled_provider_drivers = {{ octavia_enabled_provider_drivers }}
+
 [oslo_messaging]
 topic = octavia_prov
 
@@ -114,9 +117,23 @@ loadbalancer_topology = {{ octavia_loadbalancer_topology }}
 
 
 [task_flow]
-# engine = serial
 max_workers = {{ octavia_task_flow_max_workers }}
 
+{% if octavia_coordination_enable %}
+persistence_connection = mysql+pymysql://{{ octavia_galera_user }}:{{ octavia_container_mysql_password }}@{{ octavia_galera_address }}/{{ octavia_galera_persistence_database }}?charset=utf8{% if octavia_galera_use_ssl | bool %}&ssl_verify_cert=true{% if octavia_galera_ssl_ca_cert | length > 0 %}&ssl_ca={{ octavia_galera_ssl_ca_cert }}{% endif %}{% endif +%}
+jobboard_enabled = True
+jobboard_backend_driver = {{ _octavia_jobboard_driver_map[octavia_coordination_driver] }}
+jobboard_backend_hosts = {{ groups[octavia_coordination_group] | map('extract', hostvars, 'ansible_host') | list | join(',') }}
+jobboard_backend_port = {{ octavia_coordination_port }}
+jobboard_backend_namespace = {{ octavia_coordination_namespace }}
+
+{% if octavia_coordination_driver == 'zookeeper' %}
+jobboard_zookeeper_ssl_options = use_ssl:{{ octavia_coordination_client_ssl | bool }},verify_certs:{{ octavia_coordination_verify_cert | bool }}
+{% endif %}
+{% if octavia_coordination_driver == 'redis' %}
+jobboard_redis_backend_ssl_options = ssl:{{ octavia_coordination_client_ssl | bool }},ssl_cert_reqs:{{ octavia_coordination_verify_cert | ternary('required', 'None') }}
+{% endif %}
+{% endif %}
 
 [service_auth]
 insecure = {{ keystone_service_internaluri_insecure | bool }}

vars/main.yml

@@ -72,3 +72,14 @@ _octavia_legacy_policies:
     "load-balancer:read-quota": "rule:admin_or_owner"
     "load-balancer:read-quota-global": "is_admin:True"
     "load-balancer:write-quota": "is_admin:True"
+
+_octavia_jobboard_driver_map:
+  zookeeper: zookeeper_taskflow_driver
+  redis: redis_taskflow_driver
+
+_octavia_enabled_provider_drivers: |-
+  {% set drivers = ["amphora:'The Octavia Amphora driver.'", "octavia:'Deprecated name of Amphora driver.'"] %}
+  {% if (octavia_coordination_enable | bool) %}
+  {%   set _ = drivers.append("amphorav2:'The Octavia Amphora v2 driver.'") %}
+  {% endif %}
+  {{ drivers | join(',') }}