openstack/openstack-ansible
Code Issues Proposed changes
Files
d8e1b3405674cb732282cecb2ada69db417767eb
openstack-ansible/playbooks/roles/os_heat/defaults/main.yml
Matt Thompson 9592381e66 Re-deploy the Heat venv if it mismatches the repo 
We currently have two issues with venvs:

- if you update your venv on the repo server, it is not possible for
  that updated venv to land on the service's container as the get_url
  task always skips if the file exists (even if the file is different)
- if you have an updated venv on the repo server and forcefully delete
  the cached venv tarball on the service's container, the new tarball
  will get unarchived over top of the existing venv

This commit does the following:

- gets the checksum of the /var/cache tarball and downloads checksum
  file from repo server
- updates "Attempt venv download" to only download the venv if the
  cache doesn't exist or if the local and remote checksums differ
- adds a "force: true" to "Attempt venv download" task so that the venv
  tarball will get re-downloaded when the when condition is true (this
  is necessary otherwise the download will get skipped since the
  destination already exists)
- adds a new task "Remove existing venv" so we can first remove the
  venv before we unarchive the potentially new venv from the repo
  server
- updates "Create heat venv dir" and "Unarchive pre-built venv"
  tasks to only proceed if "heat_get_venv | changed", which
  prevents these tasks from running when they the venv tarball hasn't
  changed
- adds multiple service restarts to
  os_heat/tasks/heat_install.yml so that heat will restart
  correctly should the venv/packages update without any associated
  config changes

NOTE: The reason why we compare local and remote checksum is to avoid
      unnecessarily downloading the venv when the checksums are in fact
      the same.  On small deploys this is more or less a non-issue but
      if a deploy w/ thousands of compute nodes re-runs playbooks we
      want to limit the venv downloads when it's unnecessary.

Change-Id: If3817f6ec8424bbaeccfed3884283ecdedd9a03e
2016-01-28 09:08:26 +00:00

210 lines
7.3 KiB
YAML
Raw Blame History

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# The variables file used by the playbooks in the Heat-api group.
# These don't have to be explicitly imported by vars_files: they are autopopulated.
# Enable/Disable Ceilometer
heat_ceilometer_enabled: False
## Verbosity Options
debug: False
verbose: True
# Name of the virtual env to deploy into
heat_venv_tag: untagged
heat_venv_bin: "/openstack/venvs/heat-{{ heat_venv_tag }}/bin"
# Set this to enable or disable installing in a venv
heat_venv_enabled: true
# The bin path defaults to the venv path however if installation in a
# venv is disabled the bin path will be dynamically set based on the
# system path used when the installing.
heat_bin: "{{ heat_venv_bin }}"
heat_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/heat.tgz
heat_fatal_deprecations: False
heat_clients_endpoint: internalURL
heat_clients_heat_endpoint: publicURL
## DB
heat_galera_user: heat
heat_galera_database: heat
## RabbitMQ info
heat_rabbitmq_userid: heat
heat_rabbitmq_vhost: /heat
## RPC
heat_rpc_backend: heat.openstack.common.rpc.impl_kombu
## Heat User / Group
heat_system_user_name: heat
heat_system_group_name: heat
heat_system_shell: /bin/false
heat_system_comment: heat system user
heat_system_home_folder: "/var/lib/{{ heat_system_user_name }}"
## Default domain
heat_project_domain_name: Default
heat_project_name: admin
heat_user_domain_name: Default
## Stack
heat_stack_domain_admin: stack_domain_admin
heat_stack_owner_name: heat_stack_owner
heat_stack_domain_description: Owns users and projects created by heat
heat_stack_user_domain_name: heat
heat_max_nested_stack_depth: 5
heat_deferred_auth_method: trusts
heat_trusts_delegated_roles: []
# osprofiler
heat_profiler_enabled: false
# heat_profiler_hmac_key is set in user_secrets.yml
heat_profiler_trace_sqlalchemy: false
## Auth
heat_service_region: RegionOne
heat_service_project_name: "service"
heat_service_user_name: "heat"
heat_service_role_name: admin
heat_service_project_domain_id: default
heat_service_user_domain_id: default
heat_keystone_auth_plugin: password
## Trustee Auth
heat_service_trustee_project_name: "service"
heat_service_trustee_user_name: "heat"
heat_service_trustee_password: "{{ heat_service_password }}"
heat_service_trustee_project_domain_id: "default"
heat_service_trustee_user_domain_id: "default"
heat_keystone_trustee_auth_plugin: password
## Heat api service type and data
heat_service_name: heat
heat_service_description: "Heat Orchestration Service"
heat_service_port: 8004
heat_service_proto: http
heat_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(heat_service_proto) }}"
heat_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(heat_service_proto) }}"
heat_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(heat_service_proto) }}"
heat_service_type: orchestration
heat_service_publicuri: "{{ heat_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_service_port }}"
heat_service_publicurl: "{{ heat_service_publicuri }}/v1/%(tenant_id)s"
heat_service_adminuri: "{{ heat_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ heat_service_port }}"
heat_service_adminurl: "{{ heat_service_adminuri }}/v1/%(tenant_id)s"
heat_service_internaluri: "{{ heat_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ heat_service_port }}"
heat_service_internalurl: "{{ heat_service_internaluri }}/v1/%(tenant_id)s"
heat_service_program_name: heat-api
## Heat api cfn service type and data
heat_cfn_service_name: heat-cfn
heat_cfn_service_description: "Heat CloudFormation Service"
heat_cfn_service_port: 8000
heat_cfn_service_proto: http
heat_cfn_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(heat_cfn_service_proto) }}"
heat_cfn_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(heat_cfn_service_proto) }}"
heat_cfn_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(heat_cfn_service_proto) }}"
heat_cfn_service_type: cloudformation
heat_cfn_service_publicuri: "{{ heat_cfn_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_cfn_service_port }}"
heat_cfn_service_publicurl: "{{ heat_cfn_service_publicuri }}/v1"
heat_cfn_service_adminuri: "{{ heat_cfn_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ heat_cfn_service_port }}"
heat_cfn_service_adminurl: "{{ heat_cfn_service_adminuri }}/v1"
heat_cfn_service_internaluri: "{{ heat_cfn_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ heat_cfn_service_port }}"
heat_cfn_service_internalurl: "{{ heat_cfn_service_internaluri }}/v1"
heat_cfn_service_program_name: heat-api-cfn
## Heat wait and metadata server
heat_waitcondition_server_uri: "{{ heat_cfn_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_cfn_service_port }}"
heat_waitcondition_server_url: "{{ heat_waitcondition_server_uri }}/v1/waitcondition"
heat_metadata_server_url: "{{ heat_cfn_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_cfn_service_port }}"
## Heat cloudwatch
heat_cloudwatch_program_name: heat-api-cloudwatch
heat_engine_program_name: heat-engine
## Heat watch server
heat_watch_proto: http
heat_watch_port: 8003
heat_watch_server_uri: "{{ heat_watch_proto }}://{{ external_lb_vip_address }}:{{ heat_watch_port }}"
heat_watch_server_url: "{{ heat_watch_server_uri }}"
# If the following variables are unset in user_variables, the value set will be half the number of available VCPUs
# heat_engine_workers: 4
# heat_api_workers: 4
heat_service_in_ldap: false
## Plugin dirs
heat_plugin_dirs:
- /usr/lib/heat
- /usr/local/lib/heat
## Policy vars
# Provide a list of access controls to update the default policy.json with. These changes will be merged
# with the access controls in the default policy.json. E.g.
#heat_policy_overrides:
# "cloudformation:ListStacks": "rule:deny_stack_user"
# "cloudformation:CreateStack": "rule:deny_stack_user"
heat_apt_packages:
- rsync
- libxslt1.1
# Heat packages that must be installed before anything else
heat_requires_pip_packages:
- virtualenv
- virtualenv-tools
- python-keystoneclient # Keystoneclient needed to OSA keystone lib
- httplib2
# Common pip packages
heat_pip_packages:
- keystonemiddleware
- PyMySQL
- python-memcached
- pycrypto
- python-ceilometerclient
- python-cinderclient
- python-glanceclient
- python-heatclient
- python-keystoneclient
- python-neutronclient
- python-novaclient
- python-openstackclient
- python-swiftclient
- python-troveclient
- heat
## Service Names
heat_service_names:
- heat-api
- heat-api-cfn
- heat-api-cloudwatch
- heat-engine
## Tunable overrides
heat_heat_conf_overrides: {}
heat_api_paste_ini_overrides: {}
heat_default_yaml_overrides: {}
heat_aws_cloudwatch_alarm_yaml_overrides: {}
heat_aws_rds_dbinstance_yaml_overrides: {}
heat_policy_overrides: {}
View Git Blame Copy Permalink