Deploy /etc/openstack/clouds.yaml with Ansible

Replace the python script that was run on post-config, by an Ansible
task running on the host where Keystone is running.

It'll be useful later when using OpenStackSDK to have access to the
credentials during the deployment and not having to wait the far end.

It's also reducing the Heat resources.

Depends-On: https://review.opendev.org/#/c/700015
Change-Id: I585abc3e6a3b9b8ae9183e0b5170df2e39301e17
changes/90/696390/56
Emilien Macchi 3 years ago
parent 4be06d706b
commit 25a2045e62
  1. 11
      ci/common/ironic_standalone_post.yaml
  2. 32
      deployment/keystone/keystone-container-puppet.yaml
  3. 1
      environments/standalone.yaml
  4. 1
      environments/standalone/standalone-tripleo.yaml
  5. 54
      extraconfig/post_deploy/clouds_yaml.py
  6. 73
      extraconfig/post_deploy/standalone_post.yaml
  7. 43
      extraconfig/post_deploy/undercloud_post.yaml
  8. 1
      sample-env-generator/standalone.yaml

@ -3,19 +3,8 @@ heat_template_version: rocky
parameters:
servers:
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
resources:
StandaloneStandardExtraConfigPost:
type: ../../extraconfig/post_deploy/standalone_post.yaml
properties:
servers: {get_param: servers}
EndpointMap: {get_param: EndpointMap}
IronicVBMCSetup:
type: vbmc_setup.yaml
properties:

@ -280,6 +280,9 @@ parameters:
default: ''
description: >-
OAuth 2.0 introspection endpoint for mod_auth_openidc
RootStackName:
description: The name of the stack/plan.
type: string
resources:
@ -680,6 +683,35 @@ outputs:
user: root
command:
[ 'keystone', 'pkill', '--signal', 'USR1', 'httpd' ]
external_deploy_tasks:
- name: Manage clouds.yaml files
when:
- step|int == 1
- not ansible_check_mode|bool
block:
- name: Create /etc/openstack directory if it does not exist
become: true
file:
mode: '0755'
owner: root
path: /etc/openstack
state: directory
- name: Configure /etc/openstack/clouds.yaml
include_role:
name: tripleo-keystone-resources
tasks_from: clouds
vars:
tripleo_keystone_resources_cloud_name: {get_param: RootStackName}
tripleo_keystone_resources_cloud_config:
auth:
auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
password: {get_param: AdminPassword}
project_domain_name: Default
project_name: admin
user_domain_name: Default
username: admin
identity_api_version: '3'
region_name: {get_param: KeystoneRegion}
deploy_steps_tasks:
- name: validate keystone service state
when:

@ -6,7 +6,6 @@ resource_registry:
OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/noop.yaml
OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml
OS::TripleO::Standalone::Net::SoftwareConfig: ../net-config-standalone.yaml
OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/standalone_post.yaml
OS::TripleO::Services::OpenStackClients: ../deployment/clients/openstack-clients-baremetal-puppet.yaml

@ -52,7 +52,6 @@ resource_registry:
OS::TripleO::Network::Ports::ControlPlaneVipPort: ../../deployed-server/deployed-neutron-port.yaml
OS::TripleO::Network::Ports::OVNDBsVipPort: ../../network/ports/noop.yaml
OS::TripleO::Network::Ports::RedisVipPort: ../../network/ports/noop.yaml
OS::TripleO::NodeExtraConfigPost: ../../extraconfig/post_deploy/standalone_post.yaml
OS::TripleO::Services::AodhApi: OS::Heat::None
OS::TripleO::Services::AodhEvaluator: OS::Heat::None
OS::TripleO::Services::AodhListener: OS::Heat::None

@ -1,54 +0,0 @@
#!/usr/bin/env python
# Copyright 2018, 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import os
from tripleo_common.utils import clouds_yaml
from tripleoclient import constants
def _get_cloud_config():
cloud_config = {
os.environ["cloud_name"]: {
"auth": {
"auth_url": os.environ["auth_url"],
"project_name": os.environ["project_name"],
"project_domain_name": os.environ["project_domain_name"],
"username": os.environ["user_name"],
"user_domain_name": os.environ["user_domain_name"],
"password": os.environ["admin_password"],
},
"region_name": os.environ["region_name"],
"identity_api_version": os.environ["identity_api_version"],
}
}
return cloud_config
if __name__ == "__main__":
cloud = _get_cloud_config()
home_dir = os.path.join(os.environ["home_dir"])
user_id = os.stat(home_dir).st_uid
group_id = os.stat(home_dir).st_gid
clouds_yaml.create_clouds_yaml(
cloud=cloud,
cloud_yaml_dir=os.path.join(home_dir, constants.CLOUDS_YAML_DIR),
user_id=user_id,
group_id=group_id,
)
# Generate clouds.yaml globally
clouds_yaml.create_clouds_yaml(cloud=cloud)

@ -1,73 +0,0 @@
heat_template_version: rocky
description: >
Post-deployment for the TripleO standalone deployment
parameters:
servers:
type: json
DeployedServerPortMap:
default: {}
type: json
StandaloneHomeDir:
description: The HOME directory where the stackrc and ssh credentials for the Standalone will be installed. Set to /home/<user> to customize the location.
type: string
default: '/root'
AdminPassword: #supplied by tripleo-undercloud-passwords.yaml
type: string
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
hidden: True
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
StandaloneCloudName:
type: string
default: 'standalone'
description: Cloud name for the clouds.yaml
PythonInterpreter:
type: string
description: The python interpreter to use for python and ansible actions
default: /usr/bin/python
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
resources:
CloudsYamlConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
inputs:
- name: admin_password
- name: auth_url
- name: cloud_name
- name: home_dir
- name: identity_api_version
- name: project_name
- name: project_domain_name
- name: region_name
- name: user_name
- name: user_domain_name
config: {get_file: ./clouds_yaml.py}
CloudsYamlDeployment:
type: OS::Heat::SoftwareDeploymentGroup
properties:
name: CloudsYamlDeployment
servers: {get_param: servers}
config: {get_resource: CloudsYamlConfig}
input_values:
admin_password: {get_param: AdminPassword}
auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
cloud_name: {get_param: StandaloneCloudName}
home_dir: {get_param: StandaloneHomeDir}
identity_api_version: 3
project_name: 'admin'
project_domain_name: 'Default'
region_name: {get_param: KeystoneRegion}
user_name: 'admin'
user_domain_name: 'Default'

@ -78,10 +78,6 @@ parameters:
type: string
constraints:
- allowed_values: ['dhcpv6-stateless', 'dhcpv6-stateful']
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
UndercloudCloudName:
type: string
default: 'undercloud'
@ -144,41 +140,6 @@ resources:
- ''
auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
CloudsYamlConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
inputs:
- name: admin_password
- name: auth_url
- name: cloud_name
- name: home_dir
- name: identity_api_version
- name: project_name
- name: project_domain_name
- name: region_name
- name: user_name
- name: user_domain_name
config: {get_file: ./clouds_yaml.py}
CloudsYamlDeployment:
type: OS::Heat::SoftwareDeploymentGroup
properties:
name: CloudsYamlDeployment
servers: {get_param: servers}
config: {get_resource: CloudsYamlConfig}
input_values:
admin_password: {get_param: AdminPassword}
auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
cloud_name: {get_param: UndercloudCloudName}
home_dir: {get_param: UndercloudHomeDir}
identity_api_version: 3
project_name: 'admin'
project_domain_name: 'Default'
region_name: {get_param: KeystoneRegion}
user_name: 'admin'
user_domain_name: 'Default'
UndercloudPostPyConfig:
type: OS::Heat::SoftwareConfig
properties:
@ -189,7 +150,7 @@ resources:
UndercloudPostPyDeployment:
type: OS::Heat::SoftwareDeploymentGroup
depends_on: [UndercloudPostDeployment, CloudsYamlDeployment]
depends_on: UndercloudPostDeployment
properties:
name: UndercloudPostPyDeployment
servers: {get_param: servers}
@ -217,7 +178,7 @@ resources:
UndercloudCtlplaneNetworkDeployment:
type: OS::Heat::SoftwareDeploymentGroup
depends_on: [UndercloudPostDeployment, CloudsYamlDeployment]
depends_on: UndercloudPostDeployment
properties:
name: UndercloudCtlplaneNetworkDeployment
servers: {get_param: servers}

@ -54,7 +54,6 @@ environments:
OS::TripleO::Network::Ports::OVNDBsVipPort: ../../network/ports/noop.yaml
OS::TripleO::Network::Ports::ControlPlaneVipPort: ../../deployed-server/deployed-neutron-port.yaml
OS::TripleO::Standalone::Net::SoftwareConfig: ../../net-config-standalone.yaml
OS::TripleO::NodeExtraConfigPost: ../../extraconfig/post_deploy/standalone_post.yaml
# OVN
OS::TripleO::Services::OVNDBs: ../../deployment/ovn/ovn-dbs-container-puppet.yaml

Loading…
Cancel
Save