From b8ee7bb2b1689c7422d690d54e5ce837b6326ff6 Mon Sep 17 00:00:00 2001 From: Satish Patel Date: Tue, 1 Sep 2020 13:12:03 -0400 Subject: [PATCH] Initial commit to os_senlin Depends-On: https://review.opendev.org/749540 Change-Id: I3abd0d0099f82f57eea0cac1fdd9050592aefeff --- CONTRIBUTING.rst | 19 ++ LICENSE | 202 +++++++++++++ README.rst | 35 +++ Vagrantfile | 62 ++++ bindep.txt | 50 ++++ defaults/main.yml | 268 +++++++++++++++++ doc/Makefile | 195 +++++++++++++ doc/requirements.txt | 16 ++ doc/source/_static/.gitkeep | 0 doc/source/conf.py | 302 ++++++++++++++++++++ doc/source/index.rst | 70 +++++ examples/playbook.yml | 6 + handlers/main.yml | 24 ++ manual-test.rc | 33 +++ meta/main.yml | 45 +++ meta/openstack-ansible.yml | 20 ++ releasenotes/notes/.placeholder | 0 releasenotes/source/_static/.placeholder | 0 releasenotes/source/_templates/.placeholder | 0 releasenotes/source/conf.py | 276 ++++++++++++++++++ releasenotes/source/index.rst | 8 + releasenotes/source/unreleased.rst | 5 + run_tests.sh | 97 +++++++ setup.cfg | 13 + setup.py | 20 ++ tasks/db_setup.yml | 42 +++ tasks/main.yml | 135 +++++++++ tasks/mq_setup.yml | 110 +++++++ tasks/senlin_db_sync.yml | 20 ++ tasks/senlin_install.yml | 56 ++++ tasks/senlin_post_install.yml | 81 ++++++ tasks/senlin_pre_install.yml | 85 ++++++ tasks/senlin_service_setup.yml | 81 ++++++ tasks/service_setup.yml | 161 +++++++++++ templates/senlin.conf.j2 | 106 +++++++ tests/ansible-role-requirements.yml | 53 ++++ tests/group_vars/all_containers.yml | 25 ++ tests/host_vars/infra1.yml | 19 ++ tests/host_vars/localhost.yml | 17 ++ tests/host_vars/openstack1.yml | 19 ++ tests/inventory | 80 ++++++ tests/test-senlin-functional.yml | 35 +++ tests/test-vars.yml | 6 + tests/test.yml | 26 ++ tox.ini | 103 +++++++ vars/debian.yml | 33 +++ vars/distro_install.yml | 23 ++ vars/main.yml | 69 +++++ vars/redhat.yml | 35 +++ vars/source_install.yml | 23 ++ vars/suse.yml | 35 +++ zuul.d/project.yaml | 23 ++ 52 files changed, 3267 insertions(+) create mode 100644 CONTRIBUTING.rst create mode 100644 LICENSE create mode 100644 README.rst create mode 100644 Vagrantfile create mode 100644 bindep.txt create mode 100644 defaults/main.yml create mode 100644 doc/Makefile create mode 100644 doc/requirements.txt create mode 100644 doc/source/_static/.gitkeep create mode 100644 doc/source/conf.py create mode 100644 doc/source/index.rst create mode 100644 examples/playbook.yml create mode 100644 handlers/main.yml create mode 100644 manual-test.rc create mode 100644 meta/main.yml create mode 100644 meta/openstack-ansible.yml create mode 100644 releasenotes/notes/.placeholder create mode 100644 releasenotes/source/_static/.placeholder create mode 100644 releasenotes/source/_templates/.placeholder create mode 100644 releasenotes/source/conf.py create mode 100644 releasenotes/source/index.rst create mode 100644 releasenotes/source/unreleased.rst create mode 100755 run_tests.sh create mode 100644 setup.cfg create mode 100644 setup.py create mode 100644 tasks/db_setup.yml create mode 100644 tasks/main.yml create mode 100644 tasks/mq_setup.yml create mode 100644 tasks/senlin_db_sync.yml create mode 100644 tasks/senlin_install.yml create mode 100644 tasks/senlin_post_install.yml create mode 100644 tasks/senlin_pre_install.yml create mode 100644 tasks/senlin_service_setup.yml create mode 100644 tasks/service_setup.yml create mode 100644 templates/senlin.conf.j2 create mode 100644 tests/ansible-role-requirements.yml create mode 100644 tests/group_vars/all_containers.yml create mode 100644 tests/host_vars/infra1.yml create mode 100644 tests/host_vars/localhost.yml create mode 100644 tests/host_vars/openstack1.yml create mode 100644 tests/inventory create mode 100644 tests/test-senlin-functional.yml create mode 100644 tests/test-vars.yml create mode 100644 tests/test.yml create mode 100644 tox.ini create mode 100644 vars/debian.yml create mode 100644 vars/distro_install.yml create mode 100644 vars/main.yml create mode 100644 vars/redhat.yml create mode 100644 vars/source_install.yml create mode 100644 vars/suse.yml create mode 100644 zuul.d/project.yaml diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst new file mode 100644 index 0000000..a3600ac --- /dev/null +++ b/CONTRIBUTING.rst @@ -0,0 +1,19 @@ +The source repository for this project can be found at: + + https://opendev.org/openstack/openstack-ansible-os_senlin + +Pull requests submitted through GitHub are not monitored. + +To start contributing to OpenStack, follow the steps in the contribution guide +to set up and use Gerrit: + + https://docs.openstack.org/contributors/code-and-documentation/quick-start.html + +Bugs should be filed on Launchpad: + + https://bugs.launchpad.net/openstack-ansible + +For more specific information about contributing to this repository, see the +openstack-ansible contributor guide: + + https://docs.openstack.org/openstack-ansible/latest/contributor/contributing.html diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..e06d208 --- /dev/null +++ b/LICENSE @@ -0,0 +1,202 @@ +Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/README.rst b/README.rst new file mode 100644 index 0000000..5b337eb --- /dev/null +++ b/README.rst @@ -0,0 +1,35 @@ +======================== +Team and repository tags +======================== + +.. image:: https://governance.openstack.org/tc/badges/openstack-ansible-os_senlin.svg + :target: https://governance.openstack.org/tc/reference/tags/index.html + +.. Change things from this point on + +====================== +OpenStack-Ansible senlin +====================== + +Ansible role to install OpenStack senlin. + +This role will install: + * senlin-api + * senlin-engine + * senlin-conductor + * senlin-health-manager + + Documentation for the project can be found at: + https://docs.openstack.org/openstack-ansible-os_senlin/latest/ + +Release notes for the project can be found at: + https://docs.openstack.org/releasenotes/openstack-ansible-os_senlin/ + +The project source code repository is located at: + https://opendev.org/openstack/openstack-ansible-os_senlin/ + +The project home is at: + https://launchpad.net/openstack-ansible + +The project bug tracker is located at: + https://bugs.launchpad.net/openstack-ansible diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 0000000..bf2400c --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,62 @@ +# Note: +# This file is maintained in the openstack-ansible-tests repository. +# https://opendev.org/openstack/openstack-ansible-tests/src/Vagrantfile +# +# If you need to perform any change on it, you should modify the central file, +# then, an OpenStack CI job will propagate your changes to every OSA repository +# since every repo uses the same Vagrantfile + +# Verify whether required plugins are installed. +required_plugins = [ "vagrant-disksize" ] +required_plugins.each do |plugin| + if not Vagrant.has_plugin?(plugin) + raise "The vagrant plugin #{plugin} is required. Please run `vagrant plugin install #{plugin}`" + end +end + +Vagrant.configure(2) do |config| + config.vm.provider "virtualbox" do |v| + v.memory = 6144 + v.cpus = 2 + # https://github.com/hashicorp/vagrant/issues/9524 + v.customize ["modifyvm", :id, "--audio", "none"] + end + + config.vm.synced_folder ".", "/vagrant", type: "rsync" + + config.vm.provision "shell", + privileged: false, + inline: <<-SHELL + cd /vagrant + ./run_tests.sh + SHELL + + config.vm.define "centos7" do |centos7| + centos7.vm.box = "centos/7" + end + + config.vm.define "debian8" do |debian8| + debian8.vm.box = "debian/jessie64" + end + + config.vm.define "debian9" do |debian9| + debian9.vm.box = "debian/stretch64" + end + + config.vm.define "gentoo" do |gentoo| + gentoo.vm.box = "generic/gentoo" + end + + config.vm.define "opensuse150" do |leap150| + leap150.vm.box = "opensuse/openSUSE-15.0-x86_64" + end + + config.vm.define "opensuse151" do |leap151| + leap151.vm.box = "opensuse/openSUSE-15.1-x86_64" + end + + config.vm.define "ubuntu1804" do |bionic| + bionic.disksize.size = "40GB" + bionic.vm.box = "ubuntu/bionic64" + end +end diff --git a/bindep.txt b/bindep.txt new file mode 100644 index 0000000..bb77692 --- /dev/null +++ b/bindep.txt @@ -0,0 +1,50 @@ +# This file facilitates OpenStack-CI package installation +# before the execution of any tests. +# +# See the following for details: +# - https://docs.openstack.org/infra/bindep/ +# - https://opendev.org/openstack-infra/bindep +# +# Even if the role does not make use of this facility, it +# is better to have this file empty, otherwise OpenStack-CI +# will fall back to installing its default packages which +# will potentially be detrimental to the tests executed. +# +# Note: +# This file is maintained in the openstack-ansible-tests repository. +# https://opendev.org/openstack/openstack-ansible-tests/src/bindep.txt +# If you need to remove or add extra dependencies, you should modify +# the central file instead and once your change is accepted then update +# this file as well. The purpose of this file is to ensure that Python and +# Ansible have all their necessary binary requirements on the test host before +# tox executes. Any binary requirements needed by services/roles should be +# installed by those roles in their applicable package install tasks, not through +# using this file. +# + +# The gcc compiler +gcc + +# Base requirements for Ubuntu +git-core [platform:dpkg platform:suse] +libssl-dev [platform:dpkg] +libffi-dev [platform:dpkg] +python3 [platform:dpkg] +python3-apt [platform:dpkg] +python3-dev [platform:dpkg] + +# Base requirements for RPM distros +gcc-c++ [platform:rpm] +git [platform:rpm !platform:suse] +libffi-devel [platform:rpm] +openssl-devel [platform:rpm] +python3-dnf [platform:fedora] +python3-devel [platform:rpm] + +# Base requirements for Gentoo +git [platform:gentoo] + +# For SELinux +libselinux-python3 [platform:redhat] +libsemanage-python3 [platform:redhat] +iptables [platform:redhat] diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..231ba23 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,268 @@ +--- +# Copyright 2020, Satish Patel +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# The variables file used by the playbooks in the Senlin-api group. +# These don't have to be explicitly imported by vars_files: they are autopopulated. + +# Enable/Disable Ceilometer +senlin_ceilometer_enabled: False + +## Verbosity Options +debug: False + +# Set the host which will execute the shade modules +# for the service setup. The host must already have +# clouds.yaml properly configured. +senlin_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}" +senlin_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((senlin_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_python['executable'])) }}" + +# Set the package install state for distribution and pip packages +# Options are 'present' and 'latest' +senlin_package_state: "latest" +senlin_pip_package_state: "latest" + +# Set installation method. +senlin_install_method: "source" +senlin_venv_python_executable: "{{ openstack_venv_python_executable | default('python2') }}" + +senlin_git_repo: https://opendev.org/openstack/senlin +senlin_git_install_branch: master +senlin_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}" +senlin_git_constraints: + - "git+{{ senlin_git_repo }}@{{ senlin_git_install_branch }}#egg=openstack-senlin" + - "--constraint {{ senlin_upper_constraints_url }}" + +senlin_pip_install_args: "{{ pip_install_options | default('') }}" + +# Name of the virtual env to deploy into +senlin_venv_tag: "{{ venv_tag | default('untagged') }}" +senlin_bin: "{{ _senlin_bin }}" + +senlin_fatal_deprecations: False + +## Database info +senlin_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}" +senlin_galera_address: "{{ galera_address | default('127.0.0.1') }}" +senlin_galera_user: senlin +senlin_galera_database: senlin +senlin_galera_use_ssl: "{{ galera_use_ssl | default(False) }}" +senlin_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}" + +## Oslo Messaging Info +# RPC +senlin_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group | default('rabbitmq_all') }}" +senlin_oslomsg_rpc_setup_host: "{{ (senlin_oslomsg_rpc_host_group in groups) | ternary(groups[senlin_oslomsg_rpc_host_group][0], 'localhost') }}" +senlin_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport | default('rabbit') }}" +senlin_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers | default('127.0.0.1') }}" +senlin_oslomsg_rpc_port: "{{ oslomsg_rpc_port | default('5672') }}" +senlin_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}" +senlin_oslomsg_rpc_userid: senlin +senlin_oslomsg_rpc_vhost: /senlin + +# Notify +senlin_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}" +senlin_oslomsg_notify_setup_host: "{{ (senlin_oslomsg_notify_host_group in groups) | ternary(groups[senlin_oslomsg_notify_host_group][0], 'localhost') }}" +senlin_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit') }}" +senlin_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}" +senlin_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}" +senlin_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl | default(False) }}" +senlin_oslomsg_notify_userid: "{{ senlin_oslomsg_rpc_userid }}" +senlin_oslomsg_notify_password: "{{ senlin_oslomsg_rpc_password }}" +senlin_oslomsg_notify_vhost: "{{ senlin_oslomsg_rpc_vhost }}" + +## (Qdrouterd) integration +# TODO(ansmith): Change structure when more backends will be supported +senlin_oslomsg_amqp1_enabled: "{{ senlin_oslomsg_rpc_transport == 'amqp' }}" + +## Senlin User / Group +senlin_system_user_name: senlin +senlin_system_group_name: senlin +senlin_system_shell: /bin/false +senlin_system_comment: senlin system user +senlin_system_home_folder: "/var/lib/{{ senlin_system_user_name }}" + +## Default domain +senlin_project_domain_name: Default +senlin_project_name: admin +senlin_user_domain_name: Default + +## Stack +senlin_stack_domain_admin: stack_domain_admin +senlin_stack_owner_name: senlin_stack_owner +senlin_stack_domain_description: Owns users and projects created by senlin +senlin_stack_user_domain_name: senlin + +# osprofiler +senlin_profiler_enabled: false +senlin_profiler_trace_sqlalchemy: false + +## Auth +senlin_service_region: RegionOne +senlin_service_project_name: "service" +senlin_service_user_name: "senlin" +senlin_service_role_name: admin +senlin_service_project_domain_id: default +senlin_service_user_domain_id: default +senlin_keystone_auth_plugin: password + +## Trustee Auth +senlin_service_trustee_project_name: "service" +senlin_service_trustee_user_name: "senlin" +senlin_service_trustee_password: "{{ senlin_service_password }}" +senlin_service_trustee_project_domain_id: "default" +senlin_service_trustee_user_domain_id: "default" +senlin_keystone_trustee_auth_plugin: "{{ senlin_keystone_trustee_auth_type }}" +senlin_keystone_trustee_auth_type: password + +## Senlin api service type and data +senlin_service_name: senlin +senlin_service_description: "Senlin Clustering Service" +senlin_service_port: 8778 +senlin_service_proto: http +senlin_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(senlin_service_proto) }}" +senlin_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(senlin_service_proto) }}" +senlin_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(senlin_service_proto) }}" +senlin_service_type: clustering +senlin_service_publicuri: "{{ senlin_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ senlin_service_port }}" +senlin_service_publicurl: "{{ senlin_service_publicuri }}" +senlin_service_adminuri: "{{ senlin_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ senlin_service_port }}" +senlin_service_adminurl: "{{ senlin_service_adminuri }}" +senlin_service_internaluri: "{{ senlin_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ senlin_service_port }}" +senlin_service_internalurl: "{{ senlin_service_internaluri }}" + +## Senlin tunable options +senlin_max_clusters_per_project: 100 +senlin_max_nodes_per_cluster: 1000 +senlin_periodic_interval: 60 +senlin_periodic_interval_max: 120 +senlin_periodic_fuzzy_delay: 10 +senlin_health_check_interval_min: 60 +senlin_check_interval_max: 3600 +senlin_max_response_size: 524288 +senlin_default_action_timeout: 3600 +senlin_default_nova_timeout: 600 +senlin_max_actions_per_batch: 0 +senlin_batch_interval: 3 +senlin_lock_retry_times: 3 +senlin_lock_retry_interval: 10 +senlin_database_retry_limit: 10 +senlin_database_max_retry_interval: 2 +senlin_engine_life_check_timeout: 2 +senlin_service_down_time: 60 + +## If the following variables are unset in user_variables, the value set will be half the number of available VCPUs +# senlin_engine_workers: 4 +# senlin_api_workers: 4 +# senlin_conductor_workers: 4 +# senlin_health_manager_workers: 4 +## Number of threads +senlin_engine_threads: 1000 +senlin_conductor_threads: 1000 +senlin_health_manager_threads: 1000 + +## Cap the maximum number of threads / workers when a user value is unspecified. +senlin_api_threads_max: 16 +senlin_api_threads: "{{ [[ansible_processor_vcpus|default(2) // 2, 1] | max, senlin_api_threads_max] | min }}" + +senlin_service_in_ldap: false + +## Policy vars +# Provide a list of access controls to update the default policy.json with. These changes will be merged +# with the access controls in the default policy.json. E.g. +#senlin_policy_overrides: +# "cloudformation:ListStacks": "rule:deny_stack_user" +# "cloudformation:CreateStack": "rule:deny_stack_user" + +# Common pip packages +senlin_pip_packages: + - cryptography + - senlin + - keystonemiddleware + - osprofiler + - PyMySQL + - pymemcache + - python-memcached + - systemd-python + +# Memcached override +senlin_memcached_servers: "{{ memcached_servers }}" + +# Specific pip packages provided by the user +senlin_user_pip_packages: [] + +senlin_optional_oslomsg_amqp1_pip_packages: + - oslo.messaging[amqp1] + +senlin_api_init_overrides: {} +senlin_engine_init_overrides: {} +senlin_conductor_init_overrides: {} +senlin_health_manager_init_overrides: {} + +## Service Name-Group Mapping +senlin_services: + senlin-api: + group: senlin_api + service_name: senlin-api + init_config_overrides: "{{ senlin_api_init_overrides }}" + start_order: 4 + wsgi_app: True + wsgi_name: senlin-wsgi-api + uwsgi_overrides: "{{ senlin_api_uwsgi_ini_overrides }}" + uwsgi_port: "{{ senlin_service_port }}" + uwsgi_bind_address: "{{ senlin_api_uwsgi_bind_address }}" + senlin-engine: + group: senlin_engine + service_name: senlin-engine + execstarts: "{{ senlin_bin }}/senlin-engine" + init_config_overrides: "{{ senlin_engine_init_overrides }}" + start_order: 3 + senlin-conductor: + group: senlin_conductor + service_name: senlin-conductor + execstarts: "{{ senlin_bin }}/senlin-conductor" + init_config_overrides: "{{ senlin_conductor_init_overrides }}" + start_order: 2 + senlin-health-manager: + group: senlin_health-manager + service_name: senlin-health-manager + execstarts: "{{ senlin_bin }}/senlin-health-manager" + init_config_overrides: "{{ senlin_health_manager_init_overrides }}" + start_order: 1 + +# Required secrets for the role +senlin_required_secrets: + - keystone_auth_admin_password + - senlin_galera_password + - senlin_rabbitmq_password + - senlin_service_password + - memcached_encryption_key + +# uWSGI Settings +senlin_api_uwsgi_ini_overrides: {} +senlin_wsgi_processes_max: 16 +senlin_wsgi_processes: "{{ [[ansible_processor_vcpus|default(1), 1] | max * 2, senlin_wsgi_processes_max] | min }}" +senlin_wsgi_threads: 1 +senlin_api_uwsgi_bind_address: "{{ openstack_service_bind_address | default('0.0.0.0') }}" +#senlin_api_cfn_uwsgi_bind_address: "{{ openstack_service_bind_address | default('0.0.0.0') }}" + +senlin_role_project_group: senlin_all + +## Tunable overrides +senlin_senlin_conf_overrides: {} +senlin_api_paste_ini_overrides: {} +senlin_default_yaml_overrides: {} +senlin_aws_cloudwatch_alarm_yaml_overrides: {} +senlin_aws_rds_dbinstance_yaml_overrides: {} +senlin_policy_overrides: {} diff --git a/doc/Makefile b/doc/Makefile new file mode 100644 index 0000000..6b16ca3 --- /dev/null +++ b/doc/Makefile @@ -0,0 +1,195 @@ +# Makefile for Sphinx documentation +# + +# You can set these variables from the command line. +SPHINXOPTS = +SPHINXBUILD = sphinx-build +PAPER = +BUILDDIR = build + +# User-friendly check for sphinx-build +ifeq ($(shell which $(SPHINXBUILD) >/dev/null 2>&1; echo $$?), 1) +$(error The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don't have Sphinx installed, grab it from http://sphinx-doc.org/) +endif + +# Internal variables. +PAPEROPT_a4 = -D latex_paper_size=a4 +PAPEROPT_letter = -D latex_paper_size=letter +ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) source +# the i18n builder cannot share the environment and doctrees with the others +I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) source + +.PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest coverage gettext + +help: + @echo "Please use \`make ' where is one of" + @echo " html to make standalone HTML files" + @echo " dirhtml to make HTML files named index.html in directories" + @echo " singlehtml to make a single large HTML file" + @echo " pickle to make pickle files" + @echo " json to make JSON files" + @echo " htmlhelp to make HTML files and a HTML help project" + @echo " qthelp to make HTML files and a qthelp project" + @echo " applehelp to make an Apple Help Book" + @echo " devhelp to make HTML files and a Devhelp project" + @echo " epub to make an epub" + @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter" + @echo " latexpdf to make LaTeX files and run them through pdflatex" + @echo " latexpdfja to make LaTeX files and run them through platex/dvipdfmx" + @echo " text to make text files" + @echo " man to make manual pages" + @echo " texinfo to make Texinfo files" + @echo " info to make Texinfo files and run them through makeinfo" + @echo " gettext to make PO message catalogs" + @echo " changes to make an overview of all changed/added/deprecated items" + @echo " xml to make Docutils-native XML files" + @echo " pseudoxml to make pseudoxml-XML files for display purposes" + @echo " linkcheck to check all external links for integrity" + @echo " doctest to run all doctests embedded in the documentation (if enabled)" + @echo " coverage to run coverage check of the documentation (if enabled)" + +clean: + rm -rf $(BUILDDIR)/* + +html: + $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html + @echo + @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." + +dirhtml: + $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml + @echo + @echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml." + +singlehtml: + $(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml + @echo + @echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml." + +pickle: + $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle + @echo + @echo "Build finished; now you can process the pickle files." + +json: + $(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json + @echo + @echo "Build finished; now you can process the JSON files." + +htmlhelp: + $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp + @echo + @echo "Build finished; now you can run HTML Help Workshop with the" \ + ".hhp project file in $(BUILDDIR)/htmlhelp." + +qthelp: + $(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp + @echo + @echo "Build finished; now you can run "qcollectiongenerator" with the" \ + ".qhcp project file in $(BUILDDIR)/qthelp, like this:" + @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/openstack-ansible-os_senlin.qhcp" + @echo "To view the help file:" + @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/openstack-ansible-os_senlin.qhc" + +applehelp: + $(SPHINXBUILD) -b applehelp $(ALLSPHINXOPTS) $(BUILDDIR)/applehelp + @echo + @echo "Build finished. The help book is in $(BUILDDIR)/applehelp." + @echo "N.B. You won't be able to view it unless you put it in" \ + "~/Library/Documentation/Help or install it in your application" \ + "bundle." + +devhelp: + $(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp + @echo + @echo "Build finished." + @echo "To view the help file:" + @echo "# mkdir -p $$HOME/.local/share/devhelp/openstack-ansible-os_senlin" + @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/openstack-ansible-os_senlin" + @echo "# devhelp" + +epub: + $(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub + @echo + @echo "Build finished. The epub file is in $(BUILDDIR)/epub." + +latex: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo + @echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex." + @echo "Run \`make' in that directory to run these through (pdf)latex" \ + "(use \`make latexpdf' here to do that automatically)." + +latexpdf: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo "Running LaTeX files through pdflatex..." + $(MAKE) -C $(BUILDDIR)/latex all-pdf + @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." + +latexpdfja: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo "Running LaTeX files through platex and dvipdfmx..." + $(MAKE) -C $(BUILDDIR)/latex all-pdf-ja + @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." + +text: + $(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text + @echo + @echo "Build finished. The text files are in $(BUILDDIR)/text." + +man: + $(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man + @echo + @echo "Build finished. The manual pages are in $(BUILDDIR)/man." + +texinfo: + $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo + @echo + @echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo." + @echo "Run \`make' in that directory to run these through makeinfo" \ + "(use \`make info' here to do that automatically)." + +info: + $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo + @echo "Running Texinfo files through makeinfo..." + make -C $(BUILDDIR)/texinfo info + @echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo." + +gettext: + $(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale + @echo + @echo "Build finished. The message catalogs are in $(BUILDDIR)/locale." + +changes: + $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes + @echo + @echo "The overview file is in $(BUILDDIR)/changes." + +linkcheck: + $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck + @echo + @echo "Link check complete; look for any errors in the above output " \ + "or in $(BUILDDIR)/linkcheck/output.txt." + +doctest: + $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest + @echo "Testing of doctests in the sources finished, look at the " \ + "results in $(BUILDDIR)/doctest/output.txt." + +coverage: + $(SPHINXBUILD) -b coverage $(ALLSPHINXOPTS) $(BUILDDIR)/coverage + @echo "Testing of coverage in the sources finished, look at the " \ + "results in $(BUILDDIR)/coverage/python.txt." + +xml: + $(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml + @echo + @echo "Build finished. The XML files are in $(BUILDDIR)/xml." + +pseudoxml: + $(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml + @echo + @echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml." + +livehtml: html + sphinx-autobuild -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html diff --git a/doc/requirements.txt b/doc/requirements.txt new file mode 100644 index 0000000..07801f8 --- /dev/null +++ b/doc/requirements.txt @@ -0,0 +1,16 @@ +# The order of packages is significant, because pip processes them in the order +# of appearance. Changing the order has an impact on the overall integration +# process, which may cause wedges in the gate later. + +# WARNING: +# This file is maintained in the openstack-ansible-tests repository. +# https://opendev.org/openstack/openstack-ansible-tests/src/branch/master/sync/doc/requirements.txt +# If you need to modify this file, update the one in the +# openstack-ansible-tests repository. Once it merges there, the changes will +# automatically be proposed to all the repositories which use it. + +sphinx>=2.0.0,!=2.1.0 # BSD +sphinxcontrib-svg2pdfconverter>=0.1.0 # BSD +openstackdocstheme>=2.2.1 # Apache-2.0 +reno>=3.1.0 # Apache-2.0 +doc8>=0.6.0 # Apache-2.0 diff --git a/doc/source/_static/.gitkeep b/doc/source/_static/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/doc/source/conf.py b/doc/source/conf.py new file mode 100644 index 0000000..a166f69 --- /dev/null +++ b/doc/source/conf.py @@ -0,0 +1,302 @@ +#!/usr/bin/env python3 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# sys.path.insert(0, os.path.abspath('.')) + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + 'openstackdocstheme', + 'sphinx.ext.autodoc', + 'sphinxcontrib.rsvgconverter', +] + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['_templates'] + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +# source_suffix = ['.rst', '.md'] +source_suffix = '.rst' + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +author = 'OpenStack-Ansible Contributors' +category = 'Miscellaneous' +copyright = '2014-2016, OpenStack-Ansible Contributors' +description = 'OpenStack-Ansible deploys OpenStack environments using Ansible.' +project = 'OpenStack-Ansible' +role_name = 'os_senlin' +target_name = 'openstack-ansible-' + role_name +title = 'OpenStack-Ansible Documentation: ' + role_name + ' role' + +# openstackdocstheme options +openstackdocs_repo_name = 'openstack/' + target_name +openstackdocs_pdf_link = True +openstackdocs_bug_project = project.lower() +openstackdocs_bug_tag = '' + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = [] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'native' + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = False + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = 'openstackdocs' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# html_theme_options = {} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ['_static'] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'h', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'r', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = target_name + '-docs' + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + (master_doc, 'doc-' + target_name + '.tex', + title.replace("_", "\_"), author, 'manual'), +] + +latex_use_xindy = False + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + (master_doc, target_name, + title, [author], 1) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + (master_doc, target_name, + title, author, project, + description, category), +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False +# -- Options for PDF output -------------------------------------------------- + +pdf_documents = [ + (master_doc, target_name, + title, author) +] + +locale_dirs = ['locale/'] diff --git a/doc/source/index.rst b/doc/source/index.rst new file mode 100644 index 0000000..dda9b00 --- /dev/null +++ b/doc/source/index.rst @@ -0,0 +1,70 @@ +================================= +Senlin role for OpenStack-Ansible +================================= + + +Dependencies +~~~~~~~~~~~~ + +This role needs pip >= 7.1 installed on the target host. + +To use this role, define the following variables: + +.. code-block:: yaml + + # password of the keystone service user for senlin + senlin_service_password: "secrete" + # password of the admin user for the keystone senlin domain + senlin_stack_domain_admin_password: "secrete" + # key used for encrypting credentials stored in the senlin db + senlin_auth_encryption_key: "32characterslongboguskeyvaluefoo" + # password for senlin database + senlin_container_mysql_password: "secrete" + # password for senlin RabbitMQ vhost + senlin_rabbitmq_password: "secrete" + # comma-separated list of RabbitMQ hosts + rabbitmq_servers: 10.100.100.101 + # Keystone admin user for service, domain, project, role creation + keystone_admin_user_name: "admin" + # Keystone admin password for service, domain, project, role creation + keystone_auth_admin_password: "secrete" + +To clone or view the source code for this repository, visit the role repository +for `os_senlin `_. + +Default variables +~~~~~~~~~~~~~~~~~ + +.. literalinclude:: ../../defaults/main.yml + :language: yaml + :start-after: under the License. + +Example playbook +~~~~~~~~~~~~~~~~ + +.. literalinclude:: ../../examples/playbook.yml + :language: yaml + +Tags +~~~~ + +This role supports two tags: ``senlin-install`` and +``senlin-config``. The ``senlin-install`` tag can be used to install +and upgrade. The ``senlin-config`` tag can be used to maintain the +configuration of the service. + +Senlin client endpoints +~~~~~~~~~~~~~~~~~~~~~~~ + +When your VMs need to talk to your API, you might have to change the Senlin +config. By default Senlin is configured to use the internal API endpoints. +Should instances or created containers need to access the API (e.g. +Magnum, Senlin Signaling) the public endpoints will need to be used as in +the following example: + +.. code-block:: yaml + + senlin_senlin_conf_overrides: + clients_keystone: + endpoint_type: publicURL + auth_uri: "{{ keystone_service_publicurl }}" diff --git a/examples/playbook.yml b/examples/playbook.yml new file mode 100644 index 0000000..d7af273 --- /dev/null +++ b/examples/playbook.yml @@ -0,0 +1,6 @@ +--- +- name: Install senlin server + hosts: senlin_all + user: root + roles: + - { role: "os_senlin", tags: [ "os-senlin" ] } diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..459a32f --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,24 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Restart senlin services + systemd: + name: "{{ item.service_name }}" + enabled: yes + state: "restarted" + daemon_reload: "{{ (ansible_service_mgr == 'systemd') | ternary('yes', omit) }}" + with_items: "{{ filtered_senlin_services }}" + listen: + - "venv changed" diff --git a/manual-test.rc b/manual-test.rc new file mode 100644 index 0000000..7016c45 --- /dev/null +++ b/manual-test.rc @@ -0,0 +1,33 @@ +export VIRTUAL_ENV=$(pwd) +export ANSIBLE_HOST_KEY_CHECKING=False +export ANSIBLE_SSH_CONTROL_PATH=/tmp/%%h-%%r + +# TODO (odyssey4me) These are only here as they are non-standard folder +# names for Ansible 1.9.x. We are using the standard folder names for +# Ansible v2.x. We can remove this when we move to Ansible 2.x. +export ANSIBLE_ACTION_PLUGINS=${HOME}/.ansible/plugins/action +export ANSIBLE_CALLBACK_PLUGINS=${HOME}/.ansible/plugins/callback +export ANSIBLE_FILTER_PLUGINS=${HOME}/.ansible/plugins/filter +export ANSIBLE_LOOKUP_PLUGINS=${HOME}/.ansible/plugins/lookup + +# This is required as the default is the current path or a path specified +# in ansible.cfg +export ANSIBLE_LIBRARY=${HOME}/.ansible/plugins/library + +# This is required as the default is '/etc/ansible/roles' or a path +# specified in ansible.cfg +export ANSIBLE_ROLES_PATH=${HOME}/.ansible/roles:$(pwd)/.. + +export ANSIBLE_SSH_ARGS="-o ControlMaster=no \ + -o UserKnownHostsFile=/dev/null \ + -o StrictHostKeyChecking=no \ + -o ServerAliveInterval=64 \ + -o ServerAliveCountMax=1024 \ + -o Compression=no \ + -o TCPKeepAlive=yes \ + -o VerifyHostKeyDNS=no \ + -o ForwardX11=no \ + -o ForwardAgent=yes" + +echo "Run manual functional tests by executing the following:" +echo "# ./.tox/functional/bin/ansible-playbook -i tests/inventory tests/test.yml" diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..434aede --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,45 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +galaxy_info: + author: rcbops + description: Installation and setup of senlin + company: Rackspace + license: Apache2 + min_ansible_version: 2.2 + platforms: + - name: Debian + versions: + - stretch + - name: Ubuntu + versions: + - xenial + - bionic + - name: EL + versions: + - 7 + - name: opensuse + versions: + - 15 + categories: + - cloud + - python + - senlin + - development + - openstack +dependencies: + - role: apt_package_pinning + when: + - ansible_pkg_mgr == 'apt' diff --git a/meta/openstack-ansible.yml b/meta/openstack-ansible.yml new file mode 100644 index 0000000..be178e4 --- /dev/null +++ b/meta/openstack-ansible.yml @@ -0,0 +1,20 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# (c) 2017, Jean-Philippe Evrard + +maturity_info: + status: complete + created_during: mitaka diff --git a/releasenotes/notes/.placeholder b/releasenotes/notes/.placeholder new file mode 100644 index 0000000..e69de29 diff --git a/releasenotes/source/_static/.placeholder b/releasenotes/source/_static/.placeholder new file mode 100644 index 0000000..e69de29 diff --git a/releasenotes/source/_templates/.placeholder b/releasenotes/source/_templates/.placeholder new file mode 100644 index 0000000..e69de29 diff --git a/releasenotes/source/conf.py b/releasenotes/source/conf.py new file mode 100644 index 0000000..1610300 --- /dev/null +++ b/releasenotes/source/conf.py @@ -0,0 +1,276 @@ +#!/usr/bin/env python3 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# sys.path.insert(0, os.path.abspath('.')) + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + 'openstackdocstheme', + 'reno.sphinxext', +] + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['_templates'] + +# The suffix of source filenames. +source_suffix = '.rst' + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +author = 'OpenStack-Ansible Contributors' +category = 'Miscellaneous' +copyright = '2014-2016, OpenStack-Ansible Contributors' +description = 'OpenStack-Ansible deploys OpenStack environments using Ansible.' +project = 'OpenStack-Ansible' +role_name = 'os_senlin' +target_name = 'openstack-ansible-' + role_name +title = 'OpenStack-Ansible Release Notes: ' + role_name + 'role' + +# Release notes do not need a version number in the title, they +# cover multiple releases. +# The full version, including alpha/beta/rc tags. +release = '' +# The short X.Y version. +version = '' + +# openstackdocstheme options +openstackdocs_repo_name = 'openstack/' + target_name +openstackdocs_bug_project = project.lower() +openstackdocs_bug_tag = '' + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = [] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'native' + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = 'openstackdocs' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# html_theme_options = {} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ['_static'] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Output file base name for HTML help builder. +htmlhelp_basename = target_name + '-docs' + + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + + # Additional stuff for the LaTeX preamble. + # 'preamble': '', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + (master_doc, target_name + '.tex', + title, author, 'manual'), +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + (master_doc, target_name, + title, [author], 1) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + (master_doc, target_name, + title, author, project, + description, category), +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + +# -- Options for Internationalization output ------------------------------ +locale_dirs = ['locale/'] diff --git a/releasenotes/source/index.rst b/releasenotes/source/index.rst new file mode 100644 index 0000000..71f7357 --- /dev/null +++ b/releasenotes/source/index.rst @@ -0,0 +1,8 @@ +================================ + OpenStack-Ansible Release Notes +================================ + +.. toctree:: + :maxdepth: 1 + + unreleased diff --git a/releasenotes/source/unreleased.rst b/releasenotes/source/unreleased.rst new file mode 100644 index 0000000..cd22aab --- /dev/null +++ b/releasenotes/source/unreleased.rst @@ -0,0 +1,5 @@ +============================== + Current Series Release Notes +============================== + +.. release-notes:: diff --git a/run_tests.sh b/run_tests.sh new file mode 100755 index 0000000..3129599 --- /dev/null +++ b/run_tests.sh @@ -0,0 +1,97 @@ +#!/usr/bin/env bash +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# PURPOSE: +# This script clones the openstack-ansible-tests repository to the +# tests/common folder in order to be able to re-use test components +# for role testing. This is intended to be the thinnest possible +# shim for test execution outside of OpenStack CI. + +# WARNING: +# This file is maintained in the openstack-ansible-tests repository. +# https://opendev.org/openstack/openstack-ansible-tests/src/run_tests.sh +# If you need to modify this file, update the one in the openstack-ansible-tests +# repository and then update this file as well. The purpose of this file is to +# prepare the host and then execute all the tox tests. +# + +## Shell Opts ---------------------------------------------------------------- +set -xeu + +## Vars ---------------------------------------------------------------------- + +WORKING_DIR="$(readlink -f $(dirname $0))" +OSA_PROJECT_NAME="$(sed -n 's|^project=openstack/\(.*\).git$|\1|p' $(pwd)/.gitreview)" + +COMMON_TESTS_PATH="${WORKING_DIR}/tests/common" +TESTING_HOME=${TESTING_HOME:-$HOME} +ZUUL_TESTS_CLONE_LOCATION="/home/zuul/src/opendev.org/openstack/openstack-ansible-tests" + +# Use .gitreview as the key to determine the appropriate +# branch to clone for tests. +TESTING_BRANCH=$(awk -F'=' '/defaultbranch/ {print $2}' "${WORKING_DIR}/.gitreview") +if [[ "${TESTING_BRANCH}" == "" ]]; then + TESTING_BRANCH="master" +fi + +## Main ---------------------------------------------------------------------- + +# Source distribution information +source /etc/os-release || source /usr/lib/os-release + +# Prefer dnf over yum for CentOS. +which dnf &>/dev/null && RHT_PKG_MGR='dnf' || RHT_PKG_MGR='yum' + +# Figure out the appropriate package install command +case ${ID,,} in + *suse*) pkg_mgr_cmd="zypper -n in" ;; + centos|rhel|fedora) pkg_mgr_cmd="${RHT_PKG_MGR} install -y" ;; + ubuntu|debian) pkg_mgr_cmd="apt-get install -y" ;; + # Gentoo needs to have version set since it's rolling + gentoo) pkg_mgr_cmd="emerge --jobs=4"; VERSION="rolling" ;; + *) echo "unsupported distribution: ${ID,,}"; exit 1 ;; +esac + +# Install git so that we can clone the tests repo if git is not available +case ${ID,,} in + gentoo) which git &>/dev/null || eval sudo "${pkg_mgr_cmd}" dev-vcs/git ;; + *) which git &>/dev/null || eval sudo "${pkg_mgr_cmd}" git ;; +esac + +# Clone the tests repo for access to the common test script +if [[ ! -d "${COMMON_TESTS_PATH}" ]]; then + # The tests repo doesn't need a clone, we can just + # symlink it. + if [[ "${OSA_PROJECT_NAME}" == "openstack-ansible-tests" ]]; then + ln -s "${WORKING_DIR}" "${COMMON_TESTS_PATH}" + + # In zuul v3 any dependent repository is placed into + # /home/zuul/src/opendev.org, so we check to see + # if there is a tests checkout there already. If so, we + # symlink that and use it. + elif [[ -d "${ZUUL_TESTS_CLONE_LOCATION}" ]]; then + ln -s "${ZUUL_TESTS_CLONE_LOCATION}" "${COMMON_TESTS_PATH}" + + # Otherwise we're clearly not in zuul or using a previously setup + # repo in some way, so just clone it from upstream. + else + git clone -b "${TESTING_BRANCH}" \ + https://opendev.org/openstack/openstack-ansible-tests \ + "${COMMON_TESTS_PATH}" + fi +fi + +# Execute the common test script +source tests/common/run_tests_common.sh diff --git a/setup.cfg b/setup.cfg new file mode 100644 index 0000000..75ad7c2 --- /dev/null +++ b/setup.cfg @@ -0,0 +1,13 @@ +[metadata] +name = openstack-ansible-os_senlin +summary = os_senlin for OpenStack Ansible +description-file = + README.rst +author = OpenStack +author-email = openstack-discuss@lists.openstack.org +home-page = https://docs.openstack.org/openstack-ansible-os_senlin/latest/ +classifier = + Intended Audience :: Developers + Intended Audience :: System Administrators + License :: OSI Approved :: Apache Software License + Operating System :: POSIX :: Linux diff --git a/setup.py b/setup.py new file mode 100644 index 0000000..cd35c3c --- /dev/null +++ b/setup.py @@ -0,0 +1,20 @@ +# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import setuptools + +setuptools.setup( + setup_requires=['pbr>=2.0.0'], + pbr=True) diff --git a/tasks/db_setup.yml b/tasks/db_setup.yml new file mode 100644 index 0000000..042407d --- /dev/null +++ b/tasks/db_setup.yml @@ -0,0 +1,42 @@ +--- +# Copyright 2019, VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# WARNING: +# This file is maintained in the openstack-ansible-tests repository. +# https://git.openstack.org/cgit/openstack/openstack-ansible-tests/tree/sync/tasks/db_setup.yml +# If you need to modify this file, update the one in the openstack-ansible-tests +# repository. Once it merges there, the changes will automatically be proposed to +# all the repositories which use it. + +- name: Setup Database Service (MariaDB) + delegate_to: "{{ _oslodb_setup_host }}" + tags: + - common-mariadb + block: + - name: Create database for service + mysql_db: + name: "{{ item.name }}" + loop: "{{ _oslodb_databases }}" + no_log: false + + - name: Grant access to the database for the service + mysql_user: + name: "{{ item.1.username }}" + password: "{{ item.1.password }}" + host: "{{ item.1.host | default('%') }}" + priv: "{{ item.0.name }}.*:{{ item.1.priv | default('ALL') }}" + append_privs: yes + loop: "{{ _oslodb_databases | subelements('users') }}" + no_log: true diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..e18d0e2 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,135 @@ +--- +# Copyright 2020, Satish Patel +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Fail if service was deployed using a different installation method + fail: + msg: "Switching installation methods for OpenStack services is not supported" + when: + - ansible_local is defined + - ansible_local.openstack_ansible is defined + - ansible_local.openstack_ansible.senlin is defined + - ansible_local.openstack_ansible.senlin.install_method is defined + - ansible_local.openstack_ansible.senlin.install_method != senlin_install_method + +- name: Gather variables for each operating system + include_vars: "{{ item }}" + with_first_found: + - "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml" + - "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml" + - "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml" + - "{{ ansible_distribution | lower }}.yml" + - "{{ ansible_os_family | lower }}.yml" + tags: + - always + +- name: Fail if our required secrets are not present + fail: + msg: "Please set the {{ item }} variable prior to applying this role." + when: (item is undefined) or (item is none) + with_items: "{{ senlin_required_secrets }}" + tags: + - always + +- name: Gather variables for installation method + include_vars: "{{ senlin_install_method }}_install.yml" + tags: + - always + +- import_tasks: db_setup.yml + when: + - inventory_hostname == groups['senlin_all'][0] + vars: + _oslodb_setup_host: "{{ senlin_db_setup_host }}" + _oslodb_databases: + - name: "{{ senlin_galera_database }}" + users: + - username: "{{ senlin_galera_user }}" + password: "{{ senlin_galera_password }}" + tags: + - common-db + - senlin-config + +- import_tasks: mq_setup.yml + when: + - inventory_hostname == groups['senlin_all'][0] + vars: + _oslomsg_rpc_setup_host: "{{ senlin_oslomsg_rpc_setup_host }}" + _oslomsg_rpc_userid: "{{ senlin_oslomsg_rpc_userid }}" + _oslomsg_rpc_password: "{{ senlin_oslomsg_rpc_password }}" + _oslomsg_rpc_vhost: "{{ senlin_oslomsg_rpc_vhost }}" + _oslomsg_rpc_transport: "{{ senlin_oslomsg_rpc_transport }}" + _oslomsg_notify_setup_host: "{{ senlin_oslomsg_notify_setup_host }}" + _oslomsg_notify_userid: "{{ senlin_oslomsg_notify_userid }}" + _oslomsg_notify_password: "{{ senlin_oslomsg_notify_password }}" + _oslomsg_notify_vhost: "{{ senlin_oslomsg_notify_vhost }}" + _oslomsg_notify_transport: "{{ senlin_oslomsg_notify_transport }}" + tags: + - common-mq + - senlin-config + +- import_tasks: senlin_pre_install.yml + tags: + - senlin-install + +- import_tasks: senlin_install.yml + tags: + - senlin-install + +- import_tasks: senlin_post_install.yml + tags: + - senlin-config + +- name: Run the systemd service role + import_role: + name: systemd_service + vars: + systemd_user_name: "{{ senlin_system_user_name }}" + systemd_group_name: "{{ senlin_system_group_name }}" + systemd_tempd_prefix: openstack + systemd_slice_name: senlin + systemd_lock_path: /var/lock/senlin + systemd_CPUAccounting: true + systemd_BlockIOAccounting: true + systemd_MemoryAccounting: true + systemd_TasksAccounting: true + systemd_services: "{{ filtered_senlin_services }}" + tags: + - senlin-config + - systemd-service + +- import_tasks: senlin_db_sync.yml + when: + - "inventory_hostname == ansible_play_hosts[0]" + tags: + - senlin-config + +- name: Import uwsgi role + import_role: + name: uwsgi + vars: + uwsgi_services: "{{ senlin_uwsgi_services }}" + uwsgi_install_method: "{{ senlin_install_method }}" + tags: + - senlin-config + - uwsgi + +- import_tasks: senlin_service_setup.yml + when: + - "inventory_hostname == ansible_play_hosts[0]" + tags: + - senlin-config + +- name: Flush handlers + meta: flush_handlers diff --git a/tasks/mq_setup.yml b/tasks/mq_setup.yml new file mode 100644 index 0000000..dd6e02e --- /dev/null +++ b/tasks/mq_setup.yml @@ -0,0 +1,110 @@ +--- +# Copyright 2018, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# WARNING: +# This file is maintained in the openstack-ansible-tests repository. +# https://opendev.org/openstack/openstack-ansible-tests/src/sync/tasks/mq_setup.yml +# If you need to modify this file, update the one in the openstack-ansible-tests +# repository. Once it merges there, the changes will automatically be proposed to +# all the repositories which use it. + +- name: Setup RPC MQ Service (RabbitMQ) + delegate_to: "{{ _oslomsg_rpc_setup_host }}" + when: + - "(_oslomsg_configure_rpc | default(_oslomsg_rpc_transport is defined))" + - "(_oslomsg_rpc_transport is defined) and (_oslomsg_rpc_transport == 'rabbit')" + tags: + - common-rabbitmq + block: + - name: Add RPC RabbitMQ vhost + rabbitmq_vhost: + name: "{{ _oslomsg_rpc_vhost }}" + state: "present" + + - name: Apply RPC RabbitMQ vhost policies + rabbitmq_policy: + name: "{{ item.name }}" + pattern: "{{ item.pattern }}" + priority: "{{ item.priority | default(0) }}" + tags: "{{ item.tags }}" + vhost: "{{ _oslomsg_rpc_vhost }}" + loop: "{{ _oslomsg_rpc_policies | default([]) + oslomsg_rpc_policies }}" + + - name: Add RPC RabbitMQ user + rabbitmq_user: + user: "{{ _oslomsg_rpc_userid }}" + password: "{{ _oslomsg_rpc_password }}" + update_password: always + vhost: "{{ _oslomsg_rpc_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + no_log: true + +- name: Setup Notify MQ Service (RabbitMQ) + delegate_to: "{{ _oslomsg_notify_setup_host }}" + when: + - "(_oslomsg_configure_notify | default(_oslomsg_notify_transport is defined))" + - "(_oslomsg_notify_transport is defined) and (_oslomsg_notify_transport == 'rabbit')" + tags: + - common-rabbitmq + block: + - name: Add Notify RabbitMQ vhost + rabbitmq_vhost: + name: "{{ _oslomsg_notify_vhost }}" + state: "present" + when: + - (_oslomsg_rpc_vhost is undefined) or + (_oslomsg_notify_vhost != _oslomsg_rpc_vhost) + + - name: Apply Notify RabbitMQ vhost policies + rabbitmq_policy: + name: "{{ item.name }}" + pattern: "{{ item.pattern }}" + priority: "{{ item.priority | default(0) }}" + tags: "{{ item.tags }}" + vhost: "{{ _oslomsg_notify_vhost }}" + loop: "{{ _oslomsg_notify_policies | default([]) + oslomsg_notify_policies }}" + when: + - (_oslomsg_rpc_vhost is undefined) or + (_oslomsg_notify_vhost != _oslomsg_rpc_vhost) + + - name: Add Notify RabbitMQ user + rabbitmq_user: + user: "{{ _oslomsg_notify_userid }}" + password: "{{ _oslomsg_notify_password }}" + update_password: always + vhost: "{{ _oslomsg_notify_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + no_log: true + when: + - (_oslomsg_rpc_userid is undefined) or + (_oslomsg_notify_userid != _oslomsg_rpc_userid) + +- name: Setup RPC MQ Service (Qdrouterd) + delegate_to: "{{ _oslomsg_rpc_setup_host }}" + when: + - "(_oslomsg_configure_rpc | default(_oslomsg_rpc_transport is defined))" + - "(_oslomsg_rpc_transport is defined) and (_oslomsg_rpc_transport == 'amqp')" + tags: + - common-qdrouterd + block: + - name: Add RPC Qdrouterd user + shell: "echo {{ _oslomsg_rpc_password }} | saslpasswd2 -c -p -f /var/lib/qdrouterd/qdrouterd.sasldb -u AMQP {{ _oslomsg_rpc_userid }}" + no_log: true diff --git a/tasks/senlin_db_sync.yml b/tasks/senlin_db_sync.yml new file mode 100644 index 0000000..ddee23e --- /dev/null +++ b/tasks/senlin_db_sync.yml @@ -0,0 +1,20 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Perform a senlin DB sync + command: "{{ senlin_bin }}/senlin-manage db_sync" + become: yes + become_user: "{{ senlin_system_user_name }}" + changed_when: false diff --git a/tasks/senlin_install.yml b/tasks/senlin_install.yml new file mode 100644 index 0000000..35ef332 --- /dev/null +++ b/tasks/senlin_install.yml @@ -0,0 +1,56 @@ +--- +# Copyright 2020, Satish Patel +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Record the installation method + ini_file: + dest: "/etc/ansible/facts.d/openstack_ansible.fact" + section: "senlin" + option: "install_method" + value: "{{ senlin_install_method }}" + +- name: Refresh local facts to ensure the senlin section is present + setup: + filter: ansible_local + gather_subset: "!all" + +- name: Install distro packages + package: + name: "{{ senlin_package_list }}" + state: "{{ senlin_package_state }}" + update_cache: "{{ (ansible_pkg_mgr in ['apt', 'zypper']) | ternary('yes', omit) }}" + cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(cache_timeout, omit) }}" + register: install_packages + until: install_packages is success + retries: 5 + delay: 2 + +- name: Install the python venv + import_role: + name: "python_venv_build" + vars: + venv_python_executable: "{{ senlin_venv_python_executable }}" + venv_build_constraints: "{{ senlin_git_constraints }}" + venv_build_distro_package_list: "{{ senlin_devel_distro_packages }}" + venv_install_destination_path: "{{ senlin_bin | dirname }}" + venv_install_distro_package_list: "{{ senlin_distro_packages }}" + venv_pip_install_args: "{{ senlin_pip_install_args }}" + venv_pip_packages: >- + {{ senlin_pip_packages | union(senlin_user_pip_packages) + + (senlin_oslomsg_amqp1_enabled | bool) | ternary(senlin_optional_oslomsg_amqp1_pip_packages, []) }} + venv_facts_when_changed: + - section: "senlin" + option: "venv_tag" + value: "{{ senlin_venv_tag }}" + when: senlin_install_method == 'source' diff --git a/tasks/senlin_post_install.yml b/tasks/senlin_post_install.yml new file mode 100644 index 0000000..a137d11 --- /dev/null +++ b/tasks/senlin_post_install.yml @@ -0,0 +1,81 @@ +--- +# Copyright 2020, Satish Patel +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Drop senlin Config(s) + config_template: + src: "senlin.conf.j2" + dest: "/etc/senlin/senlin.conf" + owner: "root" + group: "{{ senlin_system_group_name }}" + mode: "0640" + config_overrides: "{{ senlin_senlin_conf_overrides }}" + config_type: "ini" + notify: + - Restart senlin services + +- name: Implement policy.json if there are overrides configured + copy: + content: "{{ senlin_policy_overrides | to_nice_json }}" + dest: "/etc/senlin/policy.json" + when: + - senlin_policy_overrides != {} + +# NOTE(cloudnull): This is using "cp" instead of copy with a remote_source +# because we only want to copy the original files once. and we +# don't want to need multiple tasks. +- name: Preserve original configuration file(s) + command: "cp {{ item.target_f }} {{ item.target_f }}.original" + args: + creates: "{{ item.target_f }}.original" + when: + - item.condition | bool + with_items: "{{ senlin_core_files }}" + +- name: Fetch override files + fetch: + src: "{{ item.target_f }}" + dest: "{{ item.tmp_f }}" + flat: yes + changed_when: false + run_once: true + when: + - item.condition | bool + with_items: "{{ senlin_core_files }}" + +- name: Copy common config + config_template: + src: "{{ item.tmp_f }}" + dest: "{{ item.target_f }}" + owner: "root" + group: "{{ item.group | default(senlin_system_group_name) }}" + mode: "0640" + config_overrides: "{{ item.config_overrides }}" + config_type: "{{ item.config_type }}" + when: + - item.condition | bool + with_items: "{{ senlin_core_files }}" + notify: + - Restart uwsgi services + - Restart senlin services + +- name: Cleanup fetched temp files + file: + path: "{{ item.tmp_f }}" + state: absent + changed_when: false + delegate_to: localhost + when: + - item.condition | bool + with_items: "{{ senlin_core_files }}" diff --git a/tasks/senlin_pre_install.yml b/tasks/senlin_pre_install.yml new file mode 100644 index 0000000..44e619c --- /dev/null +++ b/tasks/senlin_pre_install.yml @@ -0,0 +1,85 @@ +--- +# Copyright 2020, Satish Patel +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: create the system group + group: + name: "{{ senlin_system_group_name }}" + state: "present" + system: "yes" + +- name: Create the senlin system user + user: + name: "{{ senlin_system_user_name }}" + group: "{{ senlin_system_group_name }}" + comment: "{{ senlin_system_comment }}" + shell: "{{ senlin_system_shell }}" + system: "yes" + createhome: "yes" + home: "{{ senlin_system_home_folder }}" + +# NOTE(cloudnull): During an upgrade the local directory may exist on a source +# install. If the directory does exist it will need to be +# removed. This is required on source installs because the +# config directory is a link. +- name: Source config block + block: + - name: Stat config directory + stat: + path: "/etc/senlin" + register: senlin_conf_dir_stat + + - name: Remove the config directory + file: + path: "/etc/senlin" + state: absent + when: + - senlin_conf_dir_stat.stat.isdir is defined and + senlin_conf_dir_stat.stat.isdir + when: + - senlin_install_method == 'source' + +- name: Create senlin dir + file: + path: "{{ item.path | default(omit) }}" + src: "{{ item.src | default(omit) }}" + dest: "{{ item.dest | default(omit) }}" + state: "{{ item.state | default('directory') }}" + owner: "{{ item.owner|default(senlin_system_user_name) }}" + group: "{{ item.group|default(senlin_system_group_name) }}" + mode: "{{ item.mode | default(omit) }}" + force: "{{ item.force | default(omit) }}" + when: + - (item.condition | default(true)) | bool + with_items: + - path: "/openstack" + owner: "root" + group: "root" + - path: "/openstack/venvs" + owner: "root" + group: "root" + - path: "{{ (senlin_install_method == 'distro') | ternary('/etc/senlin', (senlin_bin | dirname) + '/etc/senlin') }}" + mode: "0755" + # NOTE(cloudnull): The "src" path is relative. This ensures all files remain + # within the host/container confines when connecting to + # them using the connection plugin or the root filesystem. + - dest: "/etc/senlin" + src: "{{ senlin_bin | dirname | regex_replace('^/', '../') }}/etc/senlin" + state: link + force: true + condition: "{{ senlin_install_method == 'source' }}" + - path: "/etc/senlin/environments" + - path: "/var/cache/senlin" + mode: "0700" + - path: "{{ senlin_system_home_folder }}" diff --git a/tasks/senlin_service_setup.yml b/tasks/senlin_service_setup.yml new file mode 100644 index 0000000..b2bac99 --- /dev/null +++ b/tasks/senlin_service_setup.yml @@ -0,0 +1,81 @@ +--- +# Copyright 2020, Satish Patel +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# We set the python interpreter to the ansible runtime venv if +# the delegation is to localhost so that we get access to the +# appropriate python libraries in that venv. If the delegation +# is to another host, we assume that it is accessible by the +# system python instead. + +# NOTE (noonedeadpunk) We can't move domain creation inside service_setup.yml +# since for role assignment we need to provide ID of created domain instead of +# domain name (which we have). This might be dropped right after backport of +# https://github.com/ansible/ansible/commit/737da1853ef2239e27a2fe380c3e83ba5b34de5b +- name: Setup the service + delegate_to: "{{ senlin_service_setup_host }}" + vars: + ansible_python_interpreter: "{{ senlin_service_setup_host_python_interpreter }}" + os_keystone_domain: + cloud: default + state: present + name: "{{ senlin_stack_user_domain_name }}" + endpoint_type: admin + verify: "{{ not keystone_service_adminuri_insecure }}" + register: add_stack_user_domain + until: add_stack_user_domain is success + retries: 5 + delay: 10 + +- include_tasks: service_setup.yml + vars: + _project_name: "{{ senlin_project_name }}" + _project_domain: "{{ senlin_project_domain_name }}" + _service_adminuri_insecure: "{{ keystone_service_adminuri_insecure }}" + _service_in_ldap: "{{ senlin_service_in_ldap }}" + _service_setup_host: "{{ senlin_service_setup_host }}" + _service_setup_host_python_interpreter: "{{ senlin_service_setup_host_python_interpreter }}" + _service_project_name: "{{ senlin_service_project_name }}" + _service_region: "{{ senlin_service_region }}" + _service_users: + - name: "{{ senlin_service_user_name }}" + password: "{{ senlin_service_password }}" + domain: default + project: "{{ senlin_service_project_name }}" + role: "{{ senlin_service_role_name }}" + # We add the keystone role used by senlin to delegate to the senlin service user + # for performing deferred operations via trusts. + - name: "{{ senlin_service_user_name }}" + role: "{{ senlin_stack_owner_name }}" + project: "{{ senlin_service_project_name }}" + # Any user creating stacks needs to have the 'senlin_stack_owner' role assigned. + # We add to admin user here for testing purposes. + - name: "{{ keystone_admin_user_name }}" + role: "{{ senlin_stack_owner_name }}" + project: "{{ senlin_service_project_name }}" + - role: senlin_stack_user + _service_endpoints: + - service: "{{ senlin_service_name }}" + interface: "public" + url: "{{ senlin_service_publicurl }}" + - service: "{{ senlin_service_name }}" + interface: "internal" + url: "{{ senlin_service_internalurl }}" + - service: "{{ senlin_service_name }}" + interface: "admin" + url: "{{ senlin_service_adminurl }}" + _service_catalog: + - name: "{{ senlin_service_name }}" + type: "{{ senlin_service_type }}" + description: "{{ senlin_service_description }}" diff --git a/tasks/service_setup.yml b/tasks/service_setup.yml new file mode 100644 index 0000000..29707fc --- /dev/null +++ b/tasks/service_setup.yml @@ -0,0 +1,161 @@ +--- +# Copyright 2019, VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# WARNING: +# This file is maintained in the openstack-ansible-tests repository. +# https://opendev.org/openstack/openstack-ansible-tests/src/sync/tasks/service_setup.yml +# If you need to modify this file, update the one in the openstack-ansible-tests +# repository. Once it merges there, the changes will automatically be proposed to +# all the repositories which use it. + +# We set the python interpreter to the ansible runtime venv if +# the delegation is to localhost so that we get access to the +# appropriate python libraries in that venv. If the delegation +# is to another host, we assume that it is accessible by the +# system python instead. + +- name: Setup the OS service + delegate_to: "{{ _service_setup_host }}" + vars: + ansible_python_interpreter: "{{ _service_setup_host_python_interpreter }}" + block: + - name: Add keystone domain + openstack.cloud.os_keystone_domain: + cloud: default + state: present + name: "{{ _domain_name }}" + endpoint_type: admin + verify: "{{ not _service_adminuri_insecure }}" + register: add_domain + when: _domain_name is defined + until: add_domain is success + retries: 5 + delay: 10 + + - name: Add service project + openstack.cloud.os_project: + cloud: default + state: present + name: "{{ _project_name }}" + description: "{{ _project_description | default(omit) }}" + domain_id: "{{ _project_domain | default('default') }}" + endpoint_type: admin + validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" + register: add_service + when: + - not (_service_in_ldap | default(False) | bool) + - _project_name is defined + until: add_service is success + retries: 5 + delay: 10 + + - name: Add services to the keystone service catalog + openstack.cloud.os_keystone_service: + cloud: default + state: "{{ item.state | default('present') }}" + name: "{{ item.name }}" + service_type: "{{ item.type }}" + description: "{{ item.description | default('') }}" + endpoint_type: admin + validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" + register: add_service + with_items: "{{ _service_catalog }}" + when: _service_catalog is defined + until: add_service is success + retries: 5 + delay: 10 + + - name: Add keystone roles + openstack.cloud.os_keystone_role: + cloud: default + state: present + name: "{{ item.role }}" + endpoint_type: admin + validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" + register: add_service + when: + - not (_service_in_ldap | default(False) | bool) + - _service_users is defined + - "'role' in item" + - (item.condition | default(True)) | bool + until: add_service is success + with_items: "{{ _service_users }}" + retries: 5 + delay: 10 + no_log: True + + - name: Add service users + openstack.cloud.os_user: + cloud: default + state: present + name: "{{ item.name }}" + password: "{{ item.password }}" + domain: "{{ item.domain | default('default') }}" + default_project: "{{ item.project | default(_service_project_name) }}" + endpoint_type: admin + validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" + update_password: always + register: add_service + when: + - not (_service_in_ldap | default(False) | bool) + - _service_users is defined + - "'name' in item" + - "'password' in item" + - (item.condition | default(True)) | bool + until: add_service is success + with_items: "{{ _service_users }}" + retries: 5 + delay: 10 + no_log: True + + - name: Add service users to the role + openstack.cloud.os_user_role: + cloud: default + state: present + user: "{{ item.name }}" + role: "{{ item.role }}" + project: "{{ item.project | default(_service_project_name) }}" + domain: "{{ item.domain | default(omit) }}" + endpoint_type: admin + validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" + register: add_service + when: + - not (_service_in_ldap | default(False) | bool) + - _service_users is defined + - "'name' in item" + - "'role' in item" + - (item.condition | default(True)) | bool + until: add_service is success + with_items: "{{ _service_users }}" + retries: 5 + delay: 10 + no_log: True + + - name: Add endpoints to keystone endpoint catalog + openstack.cloud.os_keystone_endpoint: + cloud: default + state: "{{ item.state | default('present') }}" + service: "{{ item.service }}" + endpoint_interface: "{{ item.interface }}" + url: "{{ item.url }}" + region: "{{ _service_region | default('RegionOne') }}" + endpoint_type: admin + validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" + register: add_service + until: add_service is success + retries: 5 + delay: 10 + with_items: "{{ _service_endpoints }}" + when: _service_endpoints is defined diff --git a/templates/senlin.conf.j2 b/templates/senlin.conf.j2 new file mode 100644 index 0000000..75a3987 --- /dev/null +++ b/templates/senlin.conf.j2 @@ -0,0 +1,106 @@ +# {{ ansible_managed }} + +[DEFAULT] +# Disable stderr logging +use_stderr = False +debug = {{ debug }} +fatal_deprecations = {{ senlin_fatal_deprecations }} + +use_journal = True + +server_keystone_endpoint_type = public + +## RPC Backend +transport_url = {{ senlin_oslomsg_rpc_transport }}://{% for host in senlin_oslomsg_rpc_servers.split(',') %}{{ senlin_oslomsg_rpc_userid }}:{{ senlin_oslomsg_rpc_password }}@{{ host }}:{{ senlin_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ senlin_oslomsg_rpc_vhost }}{% if senlin_oslomsg_rpc_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %} + +# Default region name used to get services endpoints. +region_name_for_services = {{ senlin_service_region }} + +## Tunable option +max_clusters_per_project = {{ senlin_max_clusters_per_project }} +max_nodes_per_cluster = {{ senlin_max_nodes_per_cluster }} +periodic_interval = {{ senlin_periodic_interval }} +periodic_interval_max = {{ senlin_periodic_interval_max }} +periodic_fuzzy_delay = {{ senlin_periodic_fuzzy_delay }} +health_check_interval_min = {{ senlin_health_check_interval_min }} +check_interval_max = {{ senlin_check_interval_max }} +max_response_size = {{ senlin_max_response_size }} +default_action_timeout = {{ senlin_default_action_timeout }} +default_nova_timeout = {{ senlin_default_nova_timeout }} +max_actions_per_batch = {{ senlin_max_actions_per_batch }} +batch_interval = {{ senlin_batch_interval }} +lock_retry_times = {{ senlin_lock_retry_times }} +lock_retry_interval = {{ senlin_lock_retry_interval }} +database_retry_limit = {{ senlin_database_retry_limit }} +database_max_retry_interval = {{ senlin_database_max_retry_interval }} +engine_life_check_timeout = {{ senlin_engine_life_check_timeout }} +service_down_time = {{ senlin_service_down_time }} + +[database] +connection = mysql+pymysql://{{ senlin_galera_user }}:{{ senlin_galera_password }}@{{ senlin_galera_address }}/{{ senlin_galera_database }}?charset=utf8{% if senlin_galera_use_ssl | bool %}&ssl_ca={{ senlin_galera_ssl_ca_cert }}{% endif %} + +[senlin_api] +bind_port = {{ senlin_service_port }} +workers = {{ senlin_api_workers | default(senlin_api_threads) }} + +[oslo_messaging_rabbit] +ssl = {{ senlin_oslomsg_rpc_use_ssl }} + +{% if senlin_service_publicuri_proto != senlin_service_internaluri_proto %} +[oslo_middleware] +enable_proxy_headers_parsing = True +{% endif %} + +# Ceilometer options +[oslo_messaging_notifications] +driver = {{ (senlin_ceilometer_enabled | bool) | ternary('messagingv2', 'noop') }} +transport_url = {{ senlin_oslomsg_notify_transport }}://{% for host in senlin_oslomsg_notify_servers.split(',') %}{{ senlin_oslomsg_notify_userid }}:{{ senlin_oslomsg_notify_password }}@{{ host }}:{{ senlin_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ senlin_oslomsg_notify_vhost }}{% if senlin_oslomsg_notify_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %} + + +[profiler] +enabled = {{ senlin_profiler_enabled }} +trace_sqlalchemy = {{ senlin_profiler_trace_sqlalchemy }} + + +[keystone_authtoken] +insecure = {{ keystone_service_internaluri_insecure | bool }} +auth_type = {{ senlin_keystone_auth_plugin }} +auth_url = {{ keystone_service_adminurl }} +www_authenticate_uri = {{ keystone_service_internaluri }} +project_domain_id = {{ senlin_service_project_domain_id }} +user_domain_id = {{ senlin_service_user_domain_id }} +project_name = {{ senlin_service_project_name }} +username = {{ senlin_service_user_name }} +password = {{ senlin_service_password }} +region_name = {{ keystone_service_region }} + +memcached_servers = {{ senlin_memcached_servers }} + +token_cache_time = 300 + +# if your memcached server is shared, use these settings to avoid cache poisoning +memcache_security_strategy = ENCRYPT +memcache_secret_key = {{ memcached_encryption_key }} + +[authentication] +auth_url = {{ keystone_service_adminurl }} +service_username = {{ senlin_service_user_name }} +service_password = {{ senlin_service_password }} +service_project_name = {{ senlin_service_project_name }} + +[engine] +workers = {{ senlin_engine_workers | default(senlin_api_threads) }} + +[conductor] +workers = {{ senlin_conductor_workers | default(senlin_api_threads) }} + +[health_manager] +workers = {{ senlin_health_manager_workers | default(senlin_api_threads) }} + +[trustee] +insecure = {{ keystone_service_internaluri_insecure | bool }} +auth_type = {{ senlin_keystone_trustee_auth_plugin }} +auth_url = {{ keystone_service_adminurl }} +user_domain_id = {{ senlin_service_trustee_user_domain_id }} +username = {{ senlin_service_trustee_user_name }} +password = {{ senlin_service_trustee_password }} diff --git a/tests/ansible-role-requirements.yml b/tests/ansible-role-requirements.yml new file mode 100644 index 0000000..87f3aee --- /dev/null +++ b/tests/ansible-role-requirements.yml @@ -0,0 +1,53 @@ +--- +- name: apt_package_pinning + src: https://opendev.org/openstack/openstack-ansible-apt_package_pinning + scm: git + version: master +- name: memcached_server + src: https://opendev.org/openstack/openstack-ansible-memcached_server + scm: git + version: master +- name: openstack_hosts + src: https://opendev.org/openstack/openstack-ansible-openstack_hosts + scm: git + version: master +- name: lxc_hosts + src: https://opendev.org/openstack/openstack-ansible-lxc_hosts + scm: git + version: master +- name: lxc_container_create + src: https://opendev.org/openstack/openstack-ansible-lxc_container_create + scm: git + version: master +- name: galera_client + src: https://opendev.org/openstack/openstack-ansible-galera_client + scm: git + version: master +- name: galera_server + src: https://opendev.org/openstack/openstack-ansible-galera_server + scm: git + version: master +- name: rabbitmq_server + src: https://opendev.org/openstack/openstack-ansible-rabbitmq_server + scm: git + version: master +- name: os_keystone + src: https://opendev.org/openstack/openstack-ansible-os_keystone + scm: git + version: master +- name: openstack_openrc + src: https://opendev.org/openstack/openstack-ansible-openstack_openrc + scm: git + version: master +- name: systemd_service + src: https://opendev.org/openstack/ansible-role-systemd_service + scm: git + version: master +- name: python_venv_build + src: https://opendev.org/openstack/ansible-role-python_venv_build + scm: git + version: master +- name: uwsgi + src: https://opendev.org/openstack/ansible-role-uwsgi + scm: git + version: master diff --git a/tests/group_vars/all_containers.yml b/tests/group_vars/all_containers.yml new file mode 100644 index 0000000..802a50f --- /dev/null +++ b/tests/group_vars/all_containers.yml @@ -0,0 +1,25 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +container_networks: + management_address: + address: "{{ ansible_host }}" + bridge: "br-mgmt" + interface: "eth1" + netmask: "255.255.255.0" + type: "veth" +physical_host: localhost +properties: + service_name: "{{ inventory_hostname }}" diff --git a/tests/host_vars/infra1.yml b/tests/host_vars/infra1.yml new file mode 100644 index 0000000..fcf92eb --- /dev/null +++ b/tests/host_vars/infra1.yml @@ -0,0 +1,19 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ansible_host: 10.1.0.2 +ansible_become: True +ansible_user: root +container_name: infra1 diff --git a/tests/host_vars/localhost.yml b/tests/host_vars/localhost.yml new file mode 100644 index 0000000..6c26f31 --- /dev/null +++ b/tests/host_vars/localhost.yml @@ -0,0 +1,17 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +bridges: + - "br-mgmt" diff --git a/tests/host_vars/openstack1.yml b/tests/host_vars/openstack1.yml new file mode 100644 index 0000000..0290962 --- /dev/null +++ b/tests/host_vars/openstack1.yml @@ -0,0 +1,19 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ansible_host: 10.1.0.3 +ansible_become: True +ansible_user: root +container_name: openstack1 diff --git a/tests/inventory b/tests/inventory new file mode 100644 index 0000000..c271bf5 --- /dev/null +++ b/tests/inventory @@ -0,0 +1,80 @@ +[all] +localhost +infra1 +openstack1 + +[all_containers] +infra1 +openstack1 + +[oslomsg_rpc_all] +infra1 + +[oslomsg_notify_all] +infra1 + +[rabbitmq_all] +infra1 + +[galera_all] +infra1 + +[memcached_all] +infra1 + +[service_all:children] +rabbitmq_all +galera_all +memcached_all + +[utility_all] +openstack1 + +[keystone_all] +openstack1 + +[senlin-api] +openstack1 + +[senlin-engine] +openstack1 + +[senlin-conductor] +openstack1 + +[senlin-health-manager] +openstack1 + +[senlin-engine_container] +openstack1 + +[senlin-apis_container] +openstack1 + +[senlin_all:children] +senlin-api +senlin-engine +senlin-conductor +senlin-health-manager + +[heat_api] +openstack1 + +[heat_engine] +openstack1 + +[heat_api_cfn] +openstack1 + +[heat_engine_container] +openstack1 + +[heat_apis_container] +openstack1 + +[heat_all:children] +heat_api +heat_engine +heat_api_cfn +heat_engine_container +heat_apis_container diff --git a/tests/test-senlin-functional.yml b/tests/test-senlin-functional.yml new file mode 100644 index 0000000..1bd63da --- /dev/null +++ b/tests/test-senlin-functional.yml @@ -0,0 +1,35 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Ensure senlin APIs are reachable + hosts: senlin_all + user: root + gather_facts: false + vars_files: + - common/test-vars.yml + - test-vars.yml + roles: + - { role: "os_senlin", tags: [ "os-senlin" ] } + post_tasks: + - name: check senlin api + uri: + url: "http://localhost:{{ item }}" + status_code: 300 + register: result + until: result.status == 300 + retries: 5 + delay: 10 + with_items: + - 8778 diff --git a/tests/test-vars.yml b/tests/test-vars.yml new file mode 100644 index 0000000..8ea747f --- /dev/null +++ b/tests/test-vars.yml @@ -0,0 +1,6 @@ +--- + +senlin_galera_address: "{{ galera_address }}" +senlin_galera_password: "{{ galera_root_password }}" +senlin_oslomsg_rpc_password: "{{ oslomsg_rpc_password }}" +senlin_service_password: secrete diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 0000000..9d1d5c4 --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,26 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Setup the host +- import_playbook: common/test-setup-host.yml + +# Install RabbitMQ/MariaDB +- import_playbook: common/test-install-infra.yml + +# Install Keystone +- import_playbook: common/test-install-keystone.yml + +# Install Senlin +- import_playbook: test-senlin-functional.yml diff --git a/tox.ini b/tox.ini new file mode 100644 index 0000000..f1093df --- /dev/null +++ b/tox.ini @@ -0,0 +1,103 @@ +[tox] +minversion = 3.1 +skipsdist = True +envlist = docs,linters,functional +ignore_basepython_conflict = True + +[testenv] +basepython = python3 +usedevelop = True +install_command = + pip install -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master} {opts} {packages} +commands = + /usr/bin/find . -type f -name "*.pyc" -delete +passenv = + COMMON_TESTS_PATH + HOME + http_proxy + HTTP_PROXY + https_proxy + HTTPS_PROXY + no_proxy + NO_PROXY + TESTING_BRANCH + TESTING_HOME + USER +whitelist_externals = + bash +setenv = + PYTHONUNBUFFERED=1 + ROLE_NAME=os_senlin + TEST_IDEMPOTENCE=false + VIRTUAL_ENV={envdir} + WORKING_DIR={toxinidir} + +[testenv:docs] +deps = -r{toxinidir}/doc/requirements.txt +commands = + bash -c "rm -rf doc/build" + doc8 doc + sphinx-build -W --keep-going -b html doc/source doc/build/html + +[testenv:pdf-docs] +deps = {[testenv:docs]deps} +whitelist_externals = + make +commands = + sphinx-build -W --keep-going -b latex doc/source doc/build/pdf + make -C doc/build/pdf + +[doc8] +# Settings for doc8: +extensions = .rst + +[testenv:releasenotes] +deps = -r{toxinidir}/doc/requirements.txt +commands = + sphinx-build -a -E -W -d releasenotes/build/doctrees --keep-going -b html releasenotes/source releasenotes/build/html + +# environment used by the -infra templated docs job +[testenv:venv] +commands = + {posargs} + +[testenv:pep8] +commands = + bash -c "{toxinidir}/tests/common/test-pep8.sh" + +[flake8] +# Ignores the following rules due to how ansible modules work in general +# F403 'from ansible.module_utils.basic import *' used; +# unable to detect undefined names +ignore=F403 + +[testenv:bashate] +commands = + bash -c "{toxinidir}/tests/common/test-bashate.sh" + +[testenv:ansible-syntax] +commands = + bash -c "{toxinidir}/tests/common/test-ansible-syntax.sh" + +[testenv:ansible-lint] +commands = + bash -c "{toxinidir}/tests/common/test-ansible-lint.sh" + +[testenv:functional] +commands = + bash -c "{toxinidir}/tests/common/test-ansible-functional.sh" + +[testenv:distro_install] +setenv = + {[testenv]setenv} + ANSIBLE_PARAMETERS=-e @{toxinidir}/tests/common/test-distro_install-vars.yml +commands = + bash -c "{toxinidir}/tests/common/test-ansible-functional.sh" + +[testenv:linters] +commands = + bash -c "{toxinidir}/tests/common/test-ansible-env-prep.sh" + {[testenv:pep8]commands} + {[testenv:bashate]commands} + {[testenv:ansible-lint]commands} + {[testenv:ansible-syntax]commands} diff --git a/vars/debian.yml b/vars/debian.yml new file mode 100644 index 0000000..4b2f447 --- /dev/null +++ b/vars/debian.yml @@ -0,0 +1,33 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +## APT Cache options +cache_timeout: 600 + +senlin_distro_packages: + - rsync + - libxslt1.1 + - libopenmpi-dev + +senlin_devel_distro_packages: + - libsystemd-dev + +senlin_service_distro_packages: + - python3-senlin + - python3-systemd + +senlin_oslomsg_amqp1_distro_packages: + - libsasl2-modules + - sasl2-bin diff --git a/vars/distro_install.yml b/vars/distro_install.yml new file mode 100644 index 0000000..c28ff7f --- /dev/null +++ b/vars/distro_install.yml @@ -0,0 +1,23 @@ +--- +# Copyright 2018, SUSE LINUX GmbH. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +senlin_package_list: |- + {% set packages = senlin_service_distro_packages %} + {% if senlin_oslomsg_amqp1_enabled | bool %} + {% set _ = packages.extend(senlin_oslomsg_amqp1_distro_packages) %} + {% endif %} + {{ packages }} + +senlin_bin: "/usr/bin" diff --git a/vars/main.yml b/vars/main.yml new file mode 100644 index 0000000..dbbb578 --- /dev/null +++ b/vars/main.yml @@ -0,0 +1,69 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# +# Compile a list of the services on a host based on whether +# the host is in the host group and the service is enabled. +# The service list is provided in the defined start order. +# +filtered_senlin_services: |- + {% set services = [] %} + {% for key, value in senlin_services.items() %} + {% if (value['group'] in group_names) and + (('condition' not in value) or + ('condition' in value and value['condition'])) and + not ('wsgi_app' in value and value['wsgi_app']) %} + {% set _ = value.update( + { + 'service_key': key, + 'enabled': 'yes', + 'state': 'started', + 'config_overrides': value.init_config_overrides + } + ) + %} + {% set _ = value.pop('init_config_overrides') -%} + {% set _ = services.append(value) %} + {% endif %} + {% endfor %} + {{ services | sort(attribute='start_order') }} + +senlin_uwsgi_services: |- + {% set services = {} %} + {% for key, value in senlin_services.items() %} + {% if (value['group'] in group_names) and + (('condition' not in value) or ('condition' in value and value['condition'])) + and ('wsgi_app' in value and value['wsgi_app']) %} + {% set _ = value.update( + { + 'wsgi_path': senlin_bin ~ '/' ~ value.wsgi_name, + 'wsgi_venv': ((senlin_install_method == 'source') | ternary(senlin_bin | dirname, None)), + 'uwsgi_uid': senlin_system_user_name, + 'uwsgi_guid': senlin_system_group_name, + 'uwsgi_processes': senlin_wsgi_processes, + 'uwsgi_threads': senlin_wsgi_threads + } + ) %} + {% set _ = services.update({key: value}) %} + {% endif %} + {% endfor %} + {{ services }} + +senlin_core_files: + - tmp_f: "/tmp/api-paste.ini" + target_f: "{{ (senlin_install_method == 'distro' and ansible_os_family == 'RedHat') | ternary('/usr/share/senlin', '/etc/senlin') }}/api-paste.ini" + config_overrides: "{{ senlin_api_paste_ini_overrides }}" + config_type: "ini" + condition: "{{ not ((senlin_install_method == 'distro') and ((ansible_os_family | lower) == 'redhat')) }}" diff --git a/vars/redhat.yml b/vars/redhat.yml new file mode 100644 index 0000000..ca0e998 --- /dev/null +++ b/vars/redhat.yml @@ -0,0 +1,35 @@ +--- +# Copyright 2020, Satish Patel +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +senlin_distro_packages: + - rsync + - libxslt + - which + - openmpi-devel + +senlin_devel_distro_packages: + - systemd-devel + +senlin_service_distro_packages: + - openstack-senlin-engine + - openstack-senlin-api + - openstack-senlin-conductor + - openstack-senlin-health-manager + - "{{ ansible_distribution_major_version is version('8', '<') | ternary('systemd-python', 'python3-systemd') }}" + +senlin_oslomsg_amqp1_distro_packages: + - cyrus-sasl-lib + - cyrus-sasl-plain + - cyrus-sasl-md5 diff --git a/vars/source_install.yml b/vars/source_install.yml new file mode 100644 index 0000000..aeb5922 --- /dev/null +++ b/vars/source_install.yml @@ -0,0 +1,23 @@ +--- +# Copyright 2018, SUSE LINUX GmbH. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +senlin_package_list: |- + {% set packages = senlin_distro_packages %} + {% if senlin_oslomsg_amqp1_enabled | bool %} + {% set _ = packages.extend(senlin_oslomsg_amqp1_distro_packages) %} + {% endif %} + {{ packages }} + +_senlin_bin: "/openstack/venvs/senlin-{{ senlin_venv_tag }}/bin" diff --git a/vars/suse.yml b/vars/suse.yml new file mode 100644 index 0000000..571ca80 --- /dev/null +++ b/vars/suse.yml @@ -0,0 +1,35 @@ +--- +# Copyright 2018, SUSE LINUX GmbH. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +senlin_distro_packages: + - rsync + - libxslt1 + - openmpi + +senlin_devel_distro_packages: + - systemd-devel + +senlin_service_distro_packages: + - openstack-senlin + - openstack-senlin-api + - openstack-senlin-engine + - openstack-senlin-conductor + - openstack-senlin-health-manager + - python-systemd + +senlin_oslomsg_amqp1_distro_packages: + - cyrus-sasl + - cyrus-sasl-plain + - cyrus-sasl-digestmd5 diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml new file mode 100644 index 0000000..8a10754 --- /dev/null +++ b/zuul.d/project.yaml @@ -0,0 +1,23 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- project: + templates: + - check-requirements + - openstack-ansible-linters-jobs + - openstack-ansible-deploy-aio_distro_metal-jobs + - openstack-ansible-deploy-aio_metal-jobs + - publish-openstack-docs-pti + - release-notes-jobs-python3