diff --git a/etc/openstack_deploy/conf.d/zun.yml.aio b/etc/openstack_deploy/conf.d/zun.yml.aio new file mode 100644 index 0000000000..985bc450b0 --- /dev/null +++ b/etc/openstack_deploy/conf.d/zun.yml.aio @@ -0,0 +1,7 @@ +--- +zun-infra_hosts: + aio1: + ip: 172.29.236.100 +zun-compute_hosts: + aio1: + ip: 172.29.236.100 diff --git a/etc/openstack_deploy/conf.d/zun.yml.example b/etc/openstack_deploy/conf.d/zun.yml.example new file mode 100644 index 0000000000..2bcd35af98 --- /dev/null +++ b/etc/openstack_deploy/conf.d/zun.yml.example @@ -0,0 +1,9 @@ +--- +# The infra nodes that will be running the zun services +zun-infra_hosts: + infra1: + ip: 172.20.236.111 + infra2: + ip: 172.20.236.112 + infra3: + ip: 172.20.236.113 diff --git a/etc/openstack_deploy/env.d/aio_metal.yml.example b/etc/openstack_deploy/env.d/aio_metal.yml.example index bc4f46f8cc..a0dec6db19 100644 --- a/etc/openstack_deploy/env.d/aio_metal.yml.example +++ b/etc/openstack_deploy/env.d/aio_metal.yml.example @@ -153,3 +153,9 @@ container_skel: utility_container: properties: is_metal: true + zun_api_container: + properties: + is_metal: true + zun_compute_container: + properties: + is_metal: true diff --git a/etc/openstack_deploy/user_secrets.yml b/etc/openstack_deploy/user_secrets.yml index 7e932125a7..7af295aad9 100644 --- a/etc/openstack_deploy/user_secrets.yml +++ b/etc/openstack_deploy/user_secrets.yml @@ -295,3 +295,14 @@ placement_galera_password: ironic_inspector_container_mysql_password: ironic_inspector_service_password: ironic_inspector_swift_password: + +# zun passwords +zun_oslomsg_rpc_password: +zun_galera_password: +zun_service_password: +zun_kuryr_service_password: +#NOTE: Please uncomment those +# if you want to split rpc and notify users +# Please also wire the appropriate userid in +# your user variables. +#zun_oslomsg_notify_password: diff --git a/inventory/env.d/zun.yml b/inventory/env.d/zun.yml new file mode 100644 index 0000000000..5ba9989d15 --- /dev/null +++ b/inventory/env.d/zun.yml @@ -0,0 +1,36 @@ +--- +component_skel: + zun_api: + belongs_to: + - zun_all + zun_compute: + belongs_to: + - zun_all + +container_skel: + zun_api_container: + belongs_to: + - zun-infra_containers + contains: + - zun_api + zun_compute_container: + belongs_to: + - zun-compute_containers + contains: + - zun_compute + properties: + is_metal: true + +physical_skel: + zun-compute_containers: + belongs_to: + - all_containers + zun-compute_hosts: + belongs_to: + - hosts + zun-infra_containers: + belongs_to: + - all_containers + zun-infra_hosts: + belongs_to: + - hosts diff --git a/inventory/group_vars/haproxy/haproxy.yml b/inventory/group_vars/haproxy/haproxy.yml index ffec9fd8d3..0a411a14dd 100644 --- a/inventory/group_vars/haproxy/haproxy.yml +++ b/inventory/group_vars/haproxy/haproxy.yml @@ -439,3 +439,12 @@ haproxy_default_services: - "httpchk GET / HTTP/1.0\\r\\nUser-agent:\\ osa-haproxy-healthcheck" - "httplog" haproxy_service_enabled: "{{ groups['panko_all'] is defined and groups['panko_all'] | length > 0 }}" + - service: + haproxy_service_name: zun_api + haproxy_backend_nodes: "{{ groups['zun_api'] | default([]) }}" + haproxy_ssl: "{{ haproxy_ssl }}" + haproxy_port: 9517 + haproxy_balance_type: http + haproxy_backend_options: + - "httpchk GET /v1 HTTP/1.0\\r\\nUser-agent:\\ osa-haproxy-healthcheck" + haproxy_service_enabled: "{{ groups['zun_api'] is defined and groups['zun_api'] | length > 0 }}" diff --git a/inventory/inventory.ini b/inventory/inventory.ini index 63deccfda7..a5a7d44e18 100644 --- a/inventory/inventory.ini +++ b/inventory/inventory.ini @@ -249,3 +249,9 @@ swift_remote [tacker_all] [trove_all] + +[zun_all:children] +zun_api +zun_compute +[zun_api] +[zun_compute] diff --git a/playbooks/defaults/repo_packages/openstack_services.yml b/playbooks/defaults/repo_packages/openstack_services.yml index 58836ed4fd..1c5233d442 100644 --- a/playbooks/defaults/repo_packages/openstack_services.yml +++ b/playbooks/defaults/repo_packages/openstack_services.yml @@ -322,3 +322,15 @@ blazar_nova_git_repo: https://opendev.org/openstack/blazar-nova blazar_nova_git_install_branch: 9f030ebc27572909b9315f1a6dd88f36c00ae72c # HEAD as of 22.03.2020 blazar_nova_git_project_group: blazar_all blazar_nova_git_track_branch: master + +## Zun service +zun_git_repo: https://opendev.org/openstack/zun +zun_git_install_branch: 499a547007dc3d8a79230d3a3fade12efdc93dcf # HEAD as of 31.10.2019 +zun_git_project_group: zun_all +zun_git_track_branch: master + +## Zun kyrir service +zun_kuryr_git_repo: https://opendev.org/openstack/kuryr-libnetwork +zun_kuryr_git_install_branch: fc7cc09604041e628d9a48777aad77f666dea8a1 # HEAD as of 31.10.2019 +zun_kuryr_git_project_group: zun_all +zun_kuryr_git_track_branch: master diff --git a/playbooks/os-zun-install.yml b/playbooks/os-zun-install.yml new file mode 100644 index 0000000000..d5110e8ee0 --- /dev/null +++ b/playbooks/os-zun-install.yml @@ -0,0 +1,60 @@ +--- +# Copyright 2019, VEXXHOST, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Install the zun components + hosts: zun_all + gather_facts: "{{ osa_gather_facts | default(True) }}" + user: root + vars_files: + - "defaults/repo_packages/openstack_services.yml" + - "defaults/{{ install_method }}_install.yml" + pre_tasks: + # In order to ensure that any container, software or + # config file changes which causes a container/service + # restart do not cause an unexpected outage, we drain + # the load balancer back end for this container. + - include_tasks: common-tasks/haproxy-endpoint-manage.yml + vars: + haproxy_backend: zun_api-back + haproxy_state: disabled + when: + - "'zun_api' in group_names" + - "groups['zun_api'] | length > 1" + + - include_tasks: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" + when: not is_metal + + - include_tasks: common-tasks/unbound-clients.yml + when: + - hostvars['localhost']['resolvconf_enabled'] | bool + + roles: + - role: "os_zun" + + post_tasks: + # Now that container changes are done, we can set + # the load balancer back end for this container + # to available again. + - include_tasks: common-tasks/haproxy-endpoint-manage.yml + vars: + haproxy_backend: zun_api-back + haproxy_state: enabled + when: + - "'zun_api' in group_names" + - "groups['zun_api'] | length > 1" + + environment: "{{ deployment_environment_variables | default({}) }}" + tags: + - zun diff --git a/playbooks/setup-openstack.yml b/playbooks/setup-openstack.yml index f054a4d847..dea41683fe 100644 --- a/playbooks/setup-openstack.yml +++ b/playbooks/setup-openstack.yml @@ -39,6 +39,7 @@ - import_playbook: os-manila-install.yml - import_playbook: os-mistral-install.yml - import_playbook: os-murano-install.yml +- import_playbook: os-zun-install.yml # This is not an OpenStack service, but integrates with Keystone and must be # deployed afterward. diff --git a/releasenotes/notes/add-zun-to-repo-169a09b4ab52c1f7.yaml b/releasenotes/notes/add-zun-to-repo-169a09b4ab52c1f7.yaml new file mode 100644 index 0000000000..875248b9ac --- /dev/null +++ b/releasenotes/notes/add-zun-to-repo-169a09b4ab52c1f7.yaml @@ -0,0 +1,4 @@ +--- +features: + - A new playbook ``os-zun-install.yml`` has been added which will deploy the zun + service to hosts assigned to the host group ``zun-infra_hosts``. \ No newline at end of file diff --git a/tests/roles/bootstrap-host/tasks/prepare_aio_config.yml b/tests/roles/bootstrap-host/tasks/prepare_aio_config.yml index 51ba8de11b..7190de0ebb 100644 --- a/tests/roles/bootstrap-host/tasks/prepare_aio_config.yml +++ b/tests/roles/bootstrap-host/tasks/prepare_aio_config.yml @@ -188,6 +188,9 @@ - src: user_variables_calico.yml.j2 dest: user_variables_calico.yml condition: "{{ 'calico' in bootstrap_host_scenarios_expanded }}" + - src: user_variables_zun.yml.j2 + dest: user_variables_zun.yml + condition: "{{ 'zun' in bootstrap_host_scenarios_expanded }}" - name: Copy modified cinder-volume env.d file for ceph scenario copy: diff --git a/tests/roles/bootstrap-host/templates/user_variables_zun.yml.j2 b/tests/roles/bootstrap-host/templates/user_variables_zun.yml.j2 new file mode 100644 index 0000000000..f00b5383f1 --- /dev/null +++ b/tests/roles/bootstrap-host/templates/user_variables_zun.yml.j2 @@ -0,0 +1,21 @@ +--- +# Copyright 2020, VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +tempest_test_whitelist: + - zun_tempest_plugin.tests.tempest.api + +tempest_tempest_conf_overrides: + container_service: + min_microversion: 1.12 diff --git a/tests/test_inventory.py b/tests/test_inventory.py index c4ea2ec508..5389251f2e 100644 --- a/tests/test_inventory.py +++ b/tests/test_inventory.py @@ -488,7 +488,18 @@ class TestAnsibleInventoryFormatConstraints(unittest.TestCase): 'unbound_hosts', 'utility', 'utility_all', - 'utility_container' + 'utility_container', + 'zun-infra_all', + 'zun-infra_containers', + 'zun-infra_hosts', + 'zun_all', + 'zun_api', + 'zun_api_container', + 'zun_compute', + 'zun-compute_containers', + 'zun-compute_hosts', + 'zun-compute_all', + 'zun_compute_container', ] @classmethod