From 9949f3fb4ad26dc68e7fde8923264f6cee044e61 Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Tue, 6 Oct 2020 17:07:09 +0300 Subject: [PATCH] Added Openstack Adjutant role deployment This commit adds experimental deployment of Adjutant role. Depends-On: https://review.opendev.org/756313 Change-Id: I7203536111eb2120fa74d639ad9fc7b783d3cca7 --- ansible-role-requirements.yml | 5 ++ deploy-guide/source/configure.rst | 2 + .../contributor/role-maturity-matrix.html | 9 +++ etc/openstack_deploy/conf.d/adjutant.yml.aio | 3 + .../conf.d/adjutant.yml.example | 8 +++ etc/openstack_deploy/user_secrets.yml | 25 +++++--- inventory/env.d/adjutant.yml | 34 ++++++++++ inventory/group_vars/haproxy/haproxy.yml | 11 ++++ inventory/group_vars/horizon_all.yml | 1 + inventory/inventory.ini | 4 ++ .../repo_packages/openstack_services.yml | 5 ++ playbooks/os-adjutant-install.yml | 63 +++++++++++++++++++ playbooks/setup-openstack.yml | 1 + .../notes/os_adjutant-ec59fc6a996e1fbe.yaml | 6 ++ tests/test_inventory.py | 6 ++ zuul.d/jobs.yaml | 2 + 16 files changed, 175 insertions(+), 10 deletions(-) create mode 100644 etc/openstack_deploy/conf.d/adjutant.yml.aio create mode 100644 etc/openstack_deploy/conf.d/adjutant.yml.example create mode 100644 inventory/env.d/adjutant.yml create mode 100644 playbooks/os-adjutant-install.yml create mode 100644 releasenotes/notes/os_adjutant-ec59fc6a996e1fbe.yaml diff --git a/ansible-role-requirements.yml b/ansible-role-requirements.yml index 1da5cd3dd0..c1cf9be9a5 100644 --- a/ansible-role-requirements.yml +++ b/ansible-role-requirements.yml @@ -63,6 +63,11 @@ src: https://opendev.org/openstack/openstack-ansible-openstack_openrc version: master trackbranch: master +- name: os_adjutant + scm: git + src: https://opendev.org/openstack/openstack-ansible-os_adjutant + version: master + trackbranch: master - name: os_aodh scm: git src: https://opendev.org/openstack/openstack-ansible-os_aodh diff --git a/deploy-guide/source/configure.rst b/deploy-guide/source/configure.rst index 58776303ab..09776dd0c8 100644 --- a/deploy-guide/source/configure.rst +++ b/deploy-guide/source/configure.rst @@ -126,6 +126,8 @@ Infrastructure service roles OpenStack service roles ----------------------- +- :role_docs:`os_adjutant` + - :role_docs:`os_aodh` - :role_docs:`os_barbican` diff --git a/doc/source/contributor/role-maturity-matrix.html b/doc/source/contributor/role-maturity-matrix.html index b06171bfac..087a3f8d96 100644 --- a/doc/source/contributor/role-maturity-matrix.html +++ b/doc/source/contributor/role-maturity-matrix.html @@ -108,6 +108,15 @@ ✔ ✔ + + os_adjutant + Ussuri + Incubated + ✔ + ✔ + ✔ + ✔ + os_aodh Mitaka diff --git a/etc/openstack_deploy/conf.d/adjutant.yml.aio b/etc/openstack_deploy/conf.d/adjutant.yml.aio new file mode 100644 index 0000000000..817fd41a75 --- /dev/null +++ b/etc/openstack_deploy/conf.d/adjutant.yml.aio @@ -0,0 +1,3 @@ +registration_hosts: + aio1: + ip: 172.29.236.100 diff --git a/etc/openstack_deploy/conf.d/adjutant.yml.example b/etc/openstack_deploy/conf.d/adjutant.yml.example new file mode 100644 index 0000000000..15c2255711 --- /dev/null +++ b/etc/openstack_deploy/conf.d/adjutant.yml.example @@ -0,0 +1,8 @@ +# The infra nodes that will be running the adjutant services +registration_hosts: + infra1: + ip: 172.20.236.111 + infra2: + ip: 172.20.236.112 + infra3: + ip: 172.20.236.113 diff --git a/etc/openstack_deploy/user_secrets.yml b/etc/openstack_deploy/user_secrets.yml index 643593a886..3788a2987c 100644 --- a/etc/openstack_deploy/user_secrets.yml +++ b/etc/openstack_deploy/user_secrets.yml @@ -39,16 +39,10 @@ keystone_oslomsg_rpc_password: # your user variables. #keystone_oslomsg_notify_password: -## Ceilometer Options: -ceilometer_container_db_password: -ceilometer_service_password: -ceilometer_telemetry_secret: -ceilometer_oslomsg_rpc_password: -#NOTE: Please uncomment those -# if you want to split rpc and notify users -# Please also wire the appropriate userid in -# your user variables. -#ceilometer_oslomsg_notify_password: +## Adjutant Options: +adjutant_galera_password: +adjutant_service_password: +adjutant_secret_key: ## Aodh Options: aodh_container_db_password: @@ -60,6 +54,17 @@ aodh_oslomsg_rpc_password: # your user variables. #aodh_oslomsg_notify_password: +## Ceilometer Options: +ceilometer_container_db_password: +ceilometer_service_password: +ceilometer_telemetry_secret: +ceilometer_oslomsg_rpc_password: +#NOTE: Please uncomment those +# if you want to split rpc and notify users +# Please also wire the appropriate userid in +# your user variables. +#ceilometer_oslomsg_notify_password: + ## Cinder Options cinder_container_mysql_password: cinder_service_password: diff --git a/inventory/env.d/adjutant.yml b/inventory/env.d/adjutant.yml new file mode 100644 index 0000000000..275a5bd864 --- /dev/null +++ b/inventory/env.d/adjutant.yml @@ -0,0 +1,34 @@ +--- +# Copyright 2020, City Network International AB. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +component_skel: + adjutant_api: + belongs_to: + - adjutant_all + +container_skel: + adjutant_container: + belongs_to: + - registration_containers + contains: + - adjutant_api + +physical_skel: + registration_containers: + belongs_to: + - all_containers + registration_hosts: + belongs_to: + - hosts diff --git a/inventory/group_vars/haproxy/haproxy.yml b/inventory/group_vars/haproxy/haproxy.yml index 1e735f1cf1..a0b90915b2 100644 --- a/inventory/group_vars/haproxy/haproxy.yml +++ b/inventory/group_vars/haproxy/haproxy.yml @@ -246,6 +246,17 @@ haproxy_default_services: haproxy_backend_options: - "httpchk GET /healthcheck HTTP/1.0\\r\\nUser-agent:\\ osa-haproxy-healthcheck" haproxy_service_enabled: "{{ groups['swift_proxy'] is defined and groups['swift_proxy'] | length > 0 }}" + - service: + haproxy_service_name: adjutant_api + haproxy_backend_nodes: "{{ groups['adjutant_api'] | default([]) }}" + haproxy_ssl: "{{ haproxy_ssl }}" + haproxy_ssl_all_vips: "{{ haproxy_ssl_all_vips }}" + haproxy_port: 5050 + haproxy_balance_type: http + haproxy_balance_alg: source + haproxy_backend_options: + - "httpchk GET / HTTP/1.0\\r\\nUser-agent:\\ osa-haproxy-healthcheck" + haproxy_service_enabled: "{{ groups['adjutant_api'] is defined and groups['adjutant_api'] | length > 0 }}" - service: haproxy_service_name: aodh_api haproxy_backend_nodes: "{{ groups['aodh_api'] | default([]) }}" diff --git a/inventory/group_vars/horizon_all.yml b/inventory/group_vars/horizon_all.yml index eb93d7a734..1f82a18922 100644 --- a/inventory/group_vars/horizon_all.yml +++ b/inventory/group_vars/horizon_all.yml @@ -16,6 +16,7 @@ horizon_external_ssl: "{{ openstack_external_ssl }}" horizon_service_region: "{{ service_region }}" horizon_enable_cinder_backup: "{{ hostvars['localhost']['cinder_service_backup_program_enabled'] }}" +horizon_enable_adjutant_ui: "{{ (groups['adjutant_all'] is defined) and (groups['adjutant_all'] | length > 0) }}" horizon_enable_blazar_ui: "{{ (groups['blazar_all'] is defined) and (groups['blazar_all'] | length > 0) }}" horizon_enable_heat_ui: "{{ (groups['heat_all'] is defined) and (groups['heat_all'] | length > 0) }}" horizon_enable_ironic_ui: "{{ (groups['ironic_all'] is defined) and (groups['ironic_all'] | length > 0) }}" diff --git a/inventory/inventory.ini b/inventory/inventory.ini index 19be9f214b..79e630a137 100644 --- a/inventory/inventory.ini +++ b/inventory/inventory.ini @@ -31,6 +31,10 @@ hosts [utility_all] ## Mandatory groups for the setup-openstack playbooks +[adjutant_all:children] +adjutant_api +[adjutant_api] + [aodh_all:children] aodh_alarm_evaluator aodh_alarm_notifier diff --git a/playbooks/defaults/repo_packages/openstack_services.yml b/playbooks/defaults/repo_packages/openstack_services.yml index e399e539fd..971e76f908 100644 --- a/playbooks/defaults/repo_packages/openstack_services.yml +++ b/playbooks/defaults/repo_packages/openstack_services.yml @@ -34,6 +34,11 @@ requirements_git_repo: https://opendev.org/openstack/requirements requirements_git_install_branch: 679941a9f4f9d2053d830ea44c58baadd03b3a11 # HEAD as of 19.10.2020 requirements_git_track_branch: stable/victoria +## Adjutant service +adjutant_git_repo: https://opendev.org/openstack/adjutant +adjutant_git_install_branch: 43e0c625e39f826b578e3e5c25519606d9b72808 # HEAD as of 06.10.2020 +adjutant_git_project_group: adjutant_all +adjutant_git_track_branch: stable/victoria ## Aodh service aodh_git_repo: https://opendev.org/openstack/aodh diff --git a/playbooks/os-adjutant-install.yml b/playbooks/os-adjutant-install.yml new file mode 100644 index 0000000000..11044b0016 --- /dev/null +++ b/playbooks/os-adjutant-install.yml @@ -0,0 +1,63 @@ +--- +# Copyright 2020, City Network International AB +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Gather adjutant facts + hosts: adjutant_all + gather_facts: "{{ osa_gather_facts | default(True) }}" + tags: + - always + +- name: Install adjutant services + hosts: adjutant_all + gather_facts: false + serial: "{{ adjutant_api_serial | default(['1','100%']) }}" + user: root + environment: "{{ deployment_environment_variables | default({}) }}" + vars_files: + - "defaults/repo_packages/openstack_services.yml" + - "defaults/{{ install_method }}_install.yml" + tags: + - adjutant + pre_tasks: + # In order to ensure that any container, software or + # config file changes which causes a container/service + # restart do not cause an unexpected outage, we drain + # the load balancer back end for this container. + - include_tasks: common-tasks/haproxy-endpoint-manage.yml + vars: + haproxy_backend: adjutant_api-back + haproxy_state: disabled + when: + - "'adjutant_api' in group_names" + - "groups['adjutant_api'] | length > 1" + + - include_tasks: common-tasks/unbound-clients.yml + when: + - hostvars['localhost']['resolvconf_enabled'] | bool + + roles: + - role: "os_adjutant" + + post_tasks: + # Now that container changes are done, we can set + # the load balancer back end for this container + # to available again. + - include_tasks: common-tasks/haproxy-endpoint-manage.yml + vars: + haproxy_backend: adjutant_api-back + haproxy_state: enabled + when: + - "'adjutant_api' in group_names" + - "groups['adjutant_api'] | length > 1" diff --git a/playbooks/setup-openstack.yml b/playbooks/setup-openstack.yml index 441190bd21..4da24a88d1 100644 --- a/playbooks/setup-openstack.yml +++ b/playbooks/setup-openstack.yml @@ -25,6 +25,7 @@ - import_playbook: os-designate-install.yml - import_playbook: os-gnocchi-install.yml - import_playbook: os-swift-install.yml +- import_playbook: os-adjutant-install.yml - import_playbook: os-ceilometer-install.yml - import_playbook: os-aodh-install.yml - import_playbook: os-panko-install.yml diff --git a/releasenotes/notes/os_adjutant-ec59fc6a996e1fbe.yaml b/releasenotes/notes/os_adjutant-ec59fc6a996e1fbe.yaml new file mode 100644 index 0000000000..b63cee7ed8 --- /dev/null +++ b/releasenotes/notes/os_adjutant-ec59fc6a996e1fbe.yaml @@ -0,0 +1,6 @@ +--- +features: + - | + Experimental support has been added to allow the deployment of the + OpenStack Adjutant service when hosts are present in the host group + ``registration_hosts``. diff --git a/tests/test_inventory.py b/tests/test_inventory.py index 905abd8fae..c37b9d1c38 100644 --- a/tests/test_inventory.py +++ b/tests/test_inventory.py @@ -136,6 +136,9 @@ class TestAnsibleInventoryFormatConstraints(unittest.TestCase): 'aio1-host_containers', 'all', 'all_containers', + 'adjutant_all', + 'adjutant_api', + 'adjutant_container', 'aodh_alarm_evaluator', 'aodh_alarm_notifier', 'aodh_all', @@ -426,6 +429,9 @@ class TestAnsibleInventoryFormatConstraints(unittest.TestCase): 'rabbit_mq_container', 'rabbitmq', 'rabbitmq_all', + 'registration_all', + 'registration_containers', + 'registration_hosts', 'remote', 'remote_containers', 'repo-infra_all', diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml index 7a959c2f9f..1521018ad3 100644 --- a/zuul.d/jobs.yaml +++ b/zuul.d/jobs.yaml @@ -36,6 +36,7 @@ - name: openstack/openstack-ansible-openstack_hosts - name: openstack/openstack-ansible-os_keystone - name: openstack/openstack-ansible-openstack_openrc + - name: openstack/openstack-ansible-os_adjutant - name: openstack/openstack-ansible-os_aodh - name: openstack/openstack-ansible-os_barbican - name: openstack/openstack-ansible-os_blazar @@ -79,6 +80,7 @@ - name: openstack/ansible-role-uwsgi # OpenStack service repos - listed here to make cached repos available in CI - name: openstack/requirements + - name: openstack/adjutant - name: openstack/aodh - name: openstack/barbican - name: openstack/ceilometer