diff --git a/ansible-role-requirements.yml b/ansible-role-requirements.yml index 49dc8d0dfd..8d2505416f 100644 --- a/ansible-role-requirements.yml +++ b/ansible-role-requirements.yml @@ -186,3 +186,7 @@ scm: git src: https://github.com/ceph/ansible-ceph-osd version: master +- name: os_octavia + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_octavia + version: master \ No newline at end of file diff --git a/etc/openstack_deploy/conf.d/octavia.yml.aio b/etc/openstack_deploy/conf.d/octavia.yml.aio new file mode 100644 index 0000000000..12c29724d9 --- /dev/null +++ b/etc/openstack_deploy/conf.d/octavia.yml.aio @@ -0,0 +1,4 @@ +# The controller host that the octavia control plane will be run on +octavia_hosts: + aio1: + ip: 172.29.236.100 diff --git a/etc/openstack_deploy/user_secrets.yml b/etc/openstack_deploy/user_secrets.yml index b5d50f246a..c2b048aa22 100644 --- a/etc/openstack_deploy/user_secrets.yml +++ b/etc/openstack_deploy/user_secrets.yml @@ -103,6 +103,12 @@ nova_placement_container_mysql_password: # LXD Options for nova compute lxd_trust_password: +## Octavia Options +octavia_container_mysql_password: +octavia_service_password: +octavia_health_hmac_key: +octavia_rabbitmq_password: + ## Sahara Options sahara_container_mysql_password: sahara_rabbitmq_password: diff --git a/playbooks/defaults/repo_packages/openstack_services.yml b/playbooks/defaults/repo_packages/openstack_services.yml index 951a409c99..0228f91675 100644 --- a/playbooks/defaults/repo_packages/openstack_services.yml +++ b/playbooks/defaults/repo_packages/openstack_services.yml @@ -228,3 +228,9 @@ trove_dashboard_git_repo: https://git.openstack.org/openstack/trove-dashboard trove_dashboard_git_install_branch: a485b5d79f2fcdc8d37cf61f5043c3d3a4a60313 # HEAD of "master" as of 03.03.2017 trove_dashboard_git_dest: "/opt/trove_dashboard_{{ trove_dashboard_git_install_branch | replace('/', '_') }}" trove_dashboard_git_project_group: horizon_all + +## Octavia service +octavia_git_repo: https://git.openstack.org/openstack/octavia +octavia_git_install_branch: f7426dcf96874b6e3ce15009d251866f6de01116 # HEAD of "master" as of `28.2.2017 +ocatvia_git_dest: "/opt/octavia_{{ octavia_git_install_branch | replace('/', '_') }}" +octavia_git_project_group: octavia_all diff --git a/playbooks/inventory/env.d/octavia.yml b/playbooks/inventory/env.d/octavia.yml new file mode 100644 index 0000000000..000c9119d0 --- /dev/null +++ b/playbooks/inventory/env.d/octavia.yml @@ -0,0 +1,49 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +component_skel: + octavia-api: + belongs_to: + - octavia_all + octavia-worker: + belongs_to: + - octavia_all + octavia-housekeeping: + belongs_to: + - octavia_all + octavia-health-manager: + belongs_to: + - octavia_all + + +container_skel: + octavia_server_container: + belongs_to: + - octavia-infra_containers + contains: + - octavia-api + - octavia-worker + - octavia-housekeeping + - octavia-health-manager + properties: + service_name: octavia + +physical_skel: + octavia-infra_containers: + belongs_to: + - all_containers + octavia_hosts: + belongs_to: + - hosts diff --git a/playbooks/inventory/group_vars/all.yml b/playbooks/inventory/group_vars/all.yml index 9d6c576c1b..6b9848fb1f 100644 --- a/playbooks/inventory/group_vars/all.yml +++ b/playbooks/inventory/group_vars/all.yml @@ -392,6 +392,25 @@ nova_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups[' # If there are any Barbican hosts in the environment, then enable its usage nova_barbican_enabled: "{{ (groups['barbican_all'] is defined) and (groups['barbican_all'] | length > 0) }}" +## Octavia +octavia_service_port: 9876 +octavia_service_proto: http +octavia_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(octavia_service_proto) }}" +octavia_service_internaluri: "{{ octavia_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}" +octavia_service_internalurl: "{{ octavia_service_internaluri }}/v1/%(tenant_id)s" + +octavia_service_user_name: octavia +octavia_service_url: "{{ octavia_service_internaluri }}" + +# RPC +octavia_rabbitmq_userid: octavia +octavia_rabbitmq_vhost: /octavia +octavia_rabbitmq_port: "{{ rabbitmq_port }}" +octavia_rabbitmq_servers: "{{ rabbitmq_servers }}" +octavia_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +octavia_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + + ## Sahara #RPC sahara_rabbitmq_userid: sahara diff --git a/playbooks/inventory/group_vars/neutron_all.yml b/playbooks/inventory/group_vars/neutron_all.yml index 27ba0a3569..b16e7bdc64 100644 --- a/playbooks/inventory/group_vars/neutron_all.yml +++ b/playbooks/inventory/group_vars/neutron_all.yml @@ -26,3 +26,5 @@ neutron_package_state: "{{ package_state }}" # venv fetch configuration neutron_venv_tag: "{{ venv_tag }}" neutron_venv_download_url: "{{ venv_base_download_url }}/neutron-{{ openstack_release }}-{{ ansible_architecture | lower }}.tgz" + +neutron_lbaas_octavia: "{{ (groups['octavia_all'] is defined) and (groups['octavia_all'] | length > 0) }}" diff --git a/playbooks/inventory/group_vars/octavia_all.yml b/playbooks/inventory/group_vars/octavia_all.yml new file mode 100644 index 0000000000..35300e2ff6 --- /dev/null +++ b/playbooks/inventory/group_vars/octavia_all.yml @@ -0,0 +1,19 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# venv fetch configuration +octavia_venv_tag: "{{ venv_tag }}" +octavia_bin: "/openstack/venvs/octavia-{{ octavia_venv_tag }}/bin" +octavia_venv_download_url: "{{ venv_base_download_url }}/octavia-{{ openstack_release }}-{{ ansible_architecture | lower }}.tgz" \ No newline at end of file diff --git a/playbooks/os-octavia-install.yml b/playbooks/os-octavia-install.yml new file mode 100644 index 0000000000..f8b9c3e160 --- /dev/null +++ b/playbooks/os-octavia-install.yml @@ -0,0 +1,68 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Install octavia server + hosts: octavia_all + gather_facts: "{{ gather_facts | default(True) }}" + max_fail_percentage: 20 + user: root + pre_tasks: + - include: common-tasks/os-lxc-container-setup.yml + static: no + - include: common-tasks/rabbitmq-vhost-user.yml + static: no + vars: + user: "{{ octavia_rabbitmq_userid }}" + password: "{{ octavia_rabbitmq_password }}" + vhost: "{{ octavia_rabbitmq_vhost }}" + _rabbitmq_host_group: "{{ octavia_rabbitmq_host_group }}" + when: + - inventory_hostname == groups['octavia_all'][0] + - groups[octavia_rabbitmq_host_group] | length > 0 + - include: common-tasks/os-log-dir-setup.yml + vars: + log_dirs: + - src: "/openstack/log/{{ inventory_hostname }}-octavia" + dest: "/var/log/octavia" + - include: common-tasks/mysql-db-user.yml + static: no + vars: + user_name: "{{ octavia_galera_user }}" + password: "{{ octavia_container_mysql_password }}" + login_host: "{{ octavia_galera_address }}" + db_name: "{{ octavia_galera_database }}" + when: inventory_hostname == groups['octavia_all'][0] + - include: common-tasks/package-cache-proxy.yml + roles: + - role: "os_octavia" + - role: "openstack_openrc" + tags: + - openrc + - role: "rsyslog_client" + rsyslog_client_log_rotate_file: octavia_log_rotate + rsyslog_client_log_dir: "/var/log/ocgtavia" + rsyslog_client_config_name: " 100-octavia-rsyslog-client.conf" + tags: + - rsyslog + - role: "system_crontab_coordination" + tags: + - crontab + vars: + is_metal: "{{ properties.is_metal|default(false) }}" + octavia_galera_user: octavia + octavia_galera_database: octavia + octavia_galera_address: "{{ galera_address }}" + tags: + - octavia diff --git a/playbooks/vars/configs/haproxy_config.yml b/playbooks/vars/configs/haproxy_config.yml index c09a661841..6cfbe75b75 100644 --- a/playbooks/vars/configs/haproxy_config.yml +++ b/playbooks/vars/configs/haproxy_config.yml @@ -266,3 +266,14 @@ haproxy_default_services: - "forwardfor" - "httpchk /versions" - "httplog" + - service: + haproxy_service_name: octavia + haproxy_backend_nodes: "{{ groups['octavia_all'] | default([]) }}" + haproxy_port: 9876 + haproxy_balance_type: http + haproxy_backend_options: + - "httpchk GET /" + haproxy_whitelist_networks: + - 192.168.0.0/16 + - 172.16.0.0/12 + - 10.0.0.0/8 diff --git a/releasenotes/notes/add-octavia-to-repo-f9d0fd8cee969181.yaml b/releasenotes/notes/add-octavia-to-repo-f9d0fd8cee969181.yaml new file mode 100644 index 0000000000..babd5ea917 --- /dev/null +++ b/releasenotes/notes/add-octavia-to-repo-f9d0fd8cee969181.yaml @@ -0,0 +1,5 @@ +--- +features: + - Experimental support has been added to allow the deployment of + the OpenStack Octavia Load Balancing service when hosts are present + in the host group ``octavia_hosts``. diff --git a/tests/test_inventory.py b/tests/test_inventory.py index 491582aa8f..a14bdf7dd5 100644 --- a/tests/test_inventory.py +++ b/tests/test_inventory.py @@ -257,6 +257,14 @@ class TestAnsibleInventoryFormatConstraints(unittest.TestCase): 'magnum-infra_hosts', 'magnum_all', 'magnum_container', + 'octavia_hosts', + 'octavia_all', + 'octavia-api', + 'octavia_server_container', + 'octavia-worker', + 'octavia-housekeeping', + 'octavia-health-manager', + 'octavia-infra_containers', 'trove_all', 'trove_api', 'trove_conductor',