From 845c4625fd7482ac88b4305ae0a455b2cd954a5d Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <tkajinam@redhat.com>
Date: Thu, 18 Aug 2022 22:37:41 +0900
Subject: [PATCH] Configure OVN DB connections by ansible

... instead of containers, so that we can use ansible vars instead of
hieradata to look up IPs.

Change-Id: I7df97fde05388dae45caeff0bfe2e17e47beea62
---
 deployment/ovn/ovn-dbs-container-puppet.yaml | 87 ++++++++------------
 1 file changed, 36 insertions(+), 51 deletions(-)

diff --git a/deployment/ovn/ovn-dbs-container-puppet.yaml b/deployment/ovn/ovn-dbs-container-puppet.yaml
index 1b8f5e2156..04bf91fa83 100644
--- a/deployment/ovn/ovn-dbs-container-puppet.yaml
+++ b/deployment/ovn/ovn-dbs-container-puppet.yaml
@@ -116,15 +116,16 @@ outputs:
         '100 ovn_sbdb_haproxy_frontend_ssl':
           dport:
             - {get_param: OVNSouthboundServerPort}
-      config_settings:
-        ovn::northbound::port: {get_param: OVNNorthboundServerPort}
-        ovn::southbound::port: {get_param: OVNSouthboundServerPort}
-        ovn::northd::dbs_listen_ip:
-          str_replace:
-             template:
-               "%{lookup('$NETWORK')}"
-             params:
-               $NETWORK: {get_param: [ServiceNetMap, OvnDbsNetwork]}
+      config_settings: {}
+      ansible_group_vars:
+        tripleo_ovn_dbs_protocol:
+          if:
+            - {get_param: EnableInternalTLS}
+            - 'pssl'
+            - 'ptcp'
+        tripleo_ovn_dbs_network: {get_param: [ServiceNetMap, OvnDbsNetwork]}
+        tripleo_ovn_northbound_db_port: {get_param: OVNNorthboundServerPort}
+        tripleo_ovn_southbound_db_port: {get_param: OVNSouthboundServerPort}
       service_config_settings:
         haproxy:
           tripleo::haproxy::ovn_dbs_manage_lb: true
@@ -170,7 +171,7 @@ outputs:
               owner: root:root
               recurse: true
       docker_config:
-        step_4:
+        step_3:
           ovn_north_db_server:
             start_order: 0
             image: {get_attr: [RoleParametersValue, value, ContainerOvnNbDbImage]}
@@ -213,48 +214,9 @@ outputs:
                   - /var/log/containers/openvswitch:/var/log/ovn:z
             environment:
               KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
-          configure_ovn_north_db_server:
-            start_order: 1
-            action: exec
-            user: root
-            command:
-              list_concat:
-                - ['ovn_north_db_server', '/bin/bash', '-c']
-                - - list_join:
-                      - ' '
-                      -
-                        # TODO(tkajinam): Replace the hiera CLI
-                        - 'DBS_LISTEN_IP=`hiera $OVN_DB_NETWORK -c /etc/puppet/hiera.yaml`;'
-                        - '/usr/bin/bootstrap_host_exec ovn_dbs ovn-nbctl set-connection'
-                        - if:
-                          - {get_param: EnableInternalTLS}
-                          - 'pssl:$NB_DB_PORT:$DBS_LISTEN_IP'
-                          - 'ptcp:$NB_DB_PORT:$DBS_LISTEN_IP'
-            environment:
-              OVN_DB_NETWORK: {get_param: [ServiceNetMap, OvnDbsNetwork]}
-              NB_DB_PORT: {get_param: OVNNorthboundServerPort}
-          configure_ovn_south_db_server:
-            start_order: 1
-            action: exec
-            user: root
-            command:
-              list_concat:
-                - ['ovn_south_db_server', '/bin/bash', '-c']
-                - - list_join:
-                      - ' '
-                      -
-                        # TODO(tkajinam): Replace the hiera CLI
-                        - 'DBS_LISTEN_IP=`hiera $OVN_DB_NETWORK -c /etc/puppet/hiera.yaml`;'
-                        - '/usr/bin/bootstrap_host_exec ovn_dbs ovn-sbctl set-connection'
-                        - if:
-                          - {get_param: EnableInternalTLS}
-                          - 'pssl:$SB_DB_PORT:$DBS_LISTEN_IP'
-                          - 'ptcp:$SB_DB_PORT:$DBS_LISTEN_IP'
-            environment:
-              OVN_DB_NETWORK: {get_param: [ServiceNetMap, OvnDbsNetwork]}
-              SB_DB_PORT: {get_param: OVNSouthboundServerPort}
+        step_4:
           ovn_northd:
-            start_order: 2
+            start_order: 0
             image: {get_attr: [RoleParametersValue, value, ContainerOvnNorthdImage]}
             net: host
             privileged: false
@@ -282,6 +244,29 @@ outputs:
           with_items:
             - { 'path': /var/log/containers/openvswitch, 'setype': container_file_t, 'mode': '0750' }
             - { 'path': /var/lib/openvswitch/ovn, 'setype': container_file_t }
+      deploy_steps_tasks:
+        - name: Set up OVN DB connections
+          when:
+            - step|int == 4
+          block:
+            - name: Get OVN DB boostrap node
+              set_fact:
+                is_ovn_dbs_bootstrap_node: "{{ovn_dbs_short_bootstrap_node_name|lower == ansible_facts['hostname']|lower}}"
+            - name: Get OVN DB ip
+              set_fact:
+                tripleo_ovn_dbs_ip: "{{ lookup('vars', tripleo_ovn_dbs_network + '_ip') }}"
+            - name: Set OVN DB connections
+              when:
+                - is_ovn_dbs_bootstrap_node|bool
+              block:
+                - name: Set OVN Northbound DB connection
+                  shell: |
+                    podman exec ovn_north_db_server /bin/bash -c \
+                    "ovn-nbctl set-connection {{ tripleo_ovn_dbs_protocol }}:{{ tripleo_ovn_northbound_db_port }}:{{ tripleo_ovn_dbs_ip }}"
+                - name: Set OVN Southbound DB connection
+                  shell: |
+                    podman exec ovn_south_db_server /bin/bash -c \
+                    "ovn-sbctl set-connection {{ tripleo_ovn_dbs_protocol }}:{{ tripleo_ovn_southbound_db_port }}:{{ tripleo_ovn_dbs_ip }}"
       external_deploy_tasks:
         - when:
             - step|int == 0