From 25a2045e6205d07f38cc6a065f9ad67b86ebe43d Mon Sep 17 00:00:00 2001 From: Emilien Macchi Date: Wed, 27 Nov 2019 14:10:32 -0500 Subject: [PATCH] Deploy /etc/openstack/clouds.yaml with Ansible Replace the python script that was run on post-config, by an Ansible task running on the host where Keystone is running. It'll be useful later when using OpenStackSDK to have access to the credentials during the deployment and not having to wait the far end. It's also reducing the Heat resources. Depends-On: https://review.opendev.org/#/c/700015 Change-Id: I585abc3e6a3b9b8ae9183e0b5170df2e39301e17 --- ci/common/ironic_standalone_post.yaml | 11 --- .../keystone/keystone-container-puppet.yaml | 32 ++++++++ environments/standalone.yaml | 1 - .../standalone/standalone-tripleo.yaml | 1 - extraconfig/post_deploy/clouds_yaml.py | 54 -------------- extraconfig/post_deploy/standalone_post.yaml | 73 ------------------- extraconfig/post_deploy/undercloud_post.yaml | 43 +---------- sample-env-generator/standalone.yaml | 1 - 8 files changed, 34 insertions(+), 182 deletions(-) delete mode 100755 extraconfig/post_deploy/clouds_yaml.py delete mode 100644 extraconfig/post_deploy/standalone_post.yaml diff --git a/ci/common/ironic_standalone_post.yaml b/ci/common/ironic_standalone_post.yaml index 75ea1c7eb8..49ca30585a 100644 --- a/ci/common/ironic_standalone_post.yaml +++ b/ci/common/ironic_standalone_post.yaml @@ -3,19 +3,8 @@ heat_template_version: rocky parameters: servers: type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json resources: - StandaloneStandardExtraConfigPost: - type: ../../extraconfig/post_deploy/standalone_post.yaml - properties: - servers: {get_param: servers} - EndpointMap: {get_param: EndpointMap} - IronicVBMCSetup: type: vbmc_setup.yaml properties: diff --git a/deployment/keystone/keystone-container-puppet.yaml b/deployment/keystone/keystone-container-puppet.yaml index d94d98b330..8b49e70671 100644 --- a/deployment/keystone/keystone-container-puppet.yaml +++ b/deployment/keystone/keystone-container-puppet.yaml @@ -280,6 +280,9 @@ parameters: default: '' description: >- OAuth 2.0 introspection endpoint for mod_auth_openidc + RootStackName: + description: The name of the stack/plan. + type: string resources: @@ -680,6 +683,35 @@ outputs: user: root command: [ 'keystone', 'pkill', '--signal', 'USR1', 'httpd' ] + external_deploy_tasks: + - name: Manage clouds.yaml files + when: + - step|int == 1 + - not ansible_check_mode|bool + block: + - name: Create /etc/openstack directory if it does not exist + become: true + file: + mode: '0755' + owner: root + path: /etc/openstack + state: directory + - name: Configure /etc/openstack/clouds.yaml + include_role: + name: tripleo-keystone-resources + tasks_from: clouds + vars: + tripleo_keystone_resources_cloud_name: {get_param: RootStackName} + tripleo_keystone_resources_cloud_config: + auth: + auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} + password: {get_param: AdminPassword} + project_domain_name: Default + project_name: admin + user_domain_name: Default + username: admin + identity_api_version: '3' + region_name: {get_param: KeystoneRegion} deploy_steps_tasks: - name: validate keystone service state when: diff --git a/environments/standalone.yaml b/environments/standalone.yaml index c041aa2d96..38231bef2c 100644 --- a/environments/standalone.yaml +++ b/environments/standalone.yaml @@ -6,7 +6,6 @@ resource_registry: OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/noop.yaml OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml OS::TripleO::Standalone::Net::SoftwareConfig: ../net-config-standalone.yaml - OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/standalone_post.yaml OS::TripleO::Services::OpenStackClients: ../deployment/clients/openstack-clients-baremetal-puppet.yaml diff --git a/environments/standalone/standalone-tripleo.yaml b/environments/standalone/standalone-tripleo.yaml index caf76ec667..313f20b153 100644 --- a/environments/standalone/standalone-tripleo.yaml +++ b/environments/standalone/standalone-tripleo.yaml @@ -52,7 +52,6 @@ resource_registry: OS::TripleO::Network::Ports::ControlPlaneVipPort: ../../deployed-server/deployed-neutron-port.yaml OS::TripleO::Network::Ports::OVNDBsVipPort: ../../network/ports/noop.yaml OS::TripleO::Network::Ports::RedisVipPort: ../../network/ports/noop.yaml - OS::TripleO::NodeExtraConfigPost: ../../extraconfig/post_deploy/standalone_post.yaml OS::TripleO::Services::AodhApi: OS::Heat::None OS::TripleO::Services::AodhEvaluator: OS::Heat::None OS::TripleO::Services::AodhListener: OS::Heat::None diff --git a/extraconfig/post_deploy/clouds_yaml.py b/extraconfig/post_deploy/clouds_yaml.py deleted file mode 100755 index b16b0d4c61..0000000000 --- a/extraconfig/post_deploy/clouds_yaml.py +++ /dev/null @@ -1,54 +0,0 @@ -#!/usr/bin/env python -# Copyright 2018, 2019 Red Hat, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -import os - -from tripleo_common.utils import clouds_yaml -from tripleoclient import constants - - -def _get_cloud_config(): - cloud_config = { - os.environ["cloud_name"]: { - "auth": { - "auth_url": os.environ["auth_url"], - "project_name": os.environ["project_name"], - "project_domain_name": os.environ["project_domain_name"], - "username": os.environ["user_name"], - "user_domain_name": os.environ["user_domain_name"], - "password": os.environ["admin_password"], - }, - "region_name": os.environ["region_name"], - "identity_api_version": os.environ["identity_api_version"], - } - } - return cloud_config - - -if __name__ == "__main__": - cloud = _get_cloud_config() - home_dir = os.path.join(os.environ["home_dir"]) - user_id = os.stat(home_dir).st_uid - group_id = os.stat(home_dir).st_gid - clouds_yaml.create_clouds_yaml( - cloud=cloud, - cloud_yaml_dir=os.path.join(home_dir, constants.CLOUDS_YAML_DIR), - user_id=user_id, - group_id=group_id, - ) - - # Generate clouds.yaml globally - clouds_yaml.create_clouds_yaml(cloud=cloud) diff --git a/extraconfig/post_deploy/standalone_post.yaml b/extraconfig/post_deploy/standalone_post.yaml deleted file mode 100644 index d1037abf03..0000000000 --- a/extraconfig/post_deploy/standalone_post.yaml +++ /dev/null @@ -1,73 +0,0 @@ -heat_template_version: rocky - -description: > - Post-deployment for the TripleO standalone deployment - -parameters: - servers: - type: json - DeployedServerPortMap: - default: {} - type: json - StandaloneHomeDir: - description: The HOME directory where the stackrc and ssh credentials for the Standalone will be installed. Set to /home/ to customize the location. - type: string - default: '/root' - AdminPassword: #supplied by tripleo-undercloud-passwords.yaml - type: string - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - hidden: True - KeystoneRegion: - type: string - default: 'regionOne' - description: Keystone region for endpoint - StandaloneCloudName: - type: string - default: 'standalone' - description: Cloud name for the clouds.yaml - PythonInterpreter: - type: string - description: The python interpreter to use for python and ansible actions - default: /usr/bin/python - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - -resources: - - CloudsYamlConfig: - type: OS::Heat::SoftwareConfig - properties: - group: script - inputs: - - name: admin_password - - name: auth_url - - name: cloud_name - - name: home_dir - - name: identity_api_version - - name: project_name - - name: project_domain_name - - name: region_name - - name: user_name - - name: user_domain_name - config: {get_file: ./clouds_yaml.py} - - CloudsYamlDeployment: - type: OS::Heat::SoftwareDeploymentGroup - properties: - name: CloudsYamlDeployment - servers: {get_param: servers} - config: {get_resource: CloudsYamlConfig} - input_values: - admin_password: {get_param: AdminPassword} - auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} - cloud_name: {get_param: StandaloneCloudName} - home_dir: {get_param: StandaloneHomeDir} - identity_api_version: 3 - project_name: 'admin' - project_domain_name: 'Default' - region_name: {get_param: KeystoneRegion} - user_name: 'admin' - user_domain_name: 'Default' diff --git a/extraconfig/post_deploy/undercloud_post.yaml b/extraconfig/post_deploy/undercloud_post.yaml index 90072d55a4..20cee38fae 100644 --- a/extraconfig/post_deploy/undercloud_post.yaml +++ b/extraconfig/post_deploy/undercloud_post.yaml @@ -78,10 +78,6 @@ parameters: type: string constraints: - allowed_values: ['dhcpv6-stateless', 'dhcpv6-stateful'] - KeystoneRegion: - type: string - default: 'regionOne' - description: Keystone region for endpoint UndercloudCloudName: type: string default: 'undercloud' @@ -144,41 +140,6 @@ resources: - '' auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} - CloudsYamlConfig: - type: OS::Heat::SoftwareConfig - properties: - group: script - inputs: - - name: admin_password - - name: auth_url - - name: cloud_name - - name: home_dir - - name: identity_api_version - - name: project_name - - name: project_domain_name - - name: region_name - - name: user_name - - name: user_domain_name - config: {get_file: ./clouds_yaml.py} - - CloudsYamlDeployment: - type: OS::Heat::SoftwareDeploymentGroup - properties: - name: CloudsYamlDeployment - servers: {get_param: servers} - config: {get_resource: CloudsYamlConfig} - input_values: - admin_password: {get_param: AdminPassword} - auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} - cloud_name: {get_param: UndercloudCloudName} - home_dir: {get_param: UndercloudHomeDir} - identity_api_version: 3 - project_name: 'admin' - project_domain_name: 'Default' - region_name: {get_param: KeystoneRegion} - user_name: 'admin' - user_domain_name: 'Default' - UndercloudPostPyConfig: type: OS::Heat::SoftwareConfig properties: @@ -189,7 +150,7 @@ resources: UndercloudPostPyDeployment: type: OS::Heat::SoftwareDeploymentGroup - depends_on: [UndercloudPostDeployment, CloudsYamlDeployment] + depends_on: UndercloudPostDeployment properties: name: UndercloudPostPyDeployment servers: {get_param: servers} @@ -217,7 +178,7 @@ resources: UndercloudCtlplaneNetworkDeployment: type: OS::Heat::SoftwareDeploymentGroup - depends_on: [UndercloudPostDeployment, CloudsYamlDeployment] + depends_on: UndercloudPostDeployment properties: name: UndercloudCtlplaneNetworkDeployment servers: {get_param: servers} diff --git a/sample-env-generator/standalone.yaml b/sample-env-generator/standalone.yaml index a2e893e941..58e4c6c9be 100644 --- a/sample-env-generator/standalone.yaml +++ b/sample-env-generator/standalone.yaml @@ -54,7 +54,6 @@ environments: OS::TripleO::Network::Ports::OVNDBsVipPort: ../../network/ports/noop.yaml OS::TripleO::Network::Ports::ControlPlaneVipPort: ../../deployed-server/deployed-neutron-port.yaml OS::TripleO::Standalone::Net::SoftwareConfig: ../../net-config-standalone.yaml - OS::TripleO::NodeExtraConfigPost: ../../extraconfig/post_deploy/standalone_post.yaml # OVN OS::TripleO::Services::OVNDBs: ../../deployment/ovn/ovn-dbs-container-puppet.yaml