Deploy /etc/openstack/clouds.yaml with Ansible

Replace the python script that was run on post-config, by an Ansible task running on the host where Keystone is running. It'll be useful later when using OpenStackSDK to have access to the credentials during the deployment and not having to wait the far end. It's also reducing the Heat resources. Depends-On: https://review.opendev.org/#/c/700015 Change-Id: I585abc3e6a3b9b8ae9183e0b5170df2e39301e17
2019-11-27 14:10:32 -05:00 · 2019-11-27 14:10:32 -05:00 · 25a2045e62
parent 4be06d706b
commit 25a2045e62
8 changed files with 34 additions and 182 deletions
--- a/ci/common/ironic_standalone_post.yaml
+++ b/ci/common/ironic_standalone_post.yaml
@ -3,19 +3,8 @@ heat_template_version: rocky
 parameters:
  servers:
    type: json
-  EndpointMap:
-    default: {}
-    description: Mapping of service endpoint -> protocol. Typically set
-                 via parameter_defaults in the resource registry.
-    type: json

 resources:
-  StandaloneStandardExtraConfigPost:
-    type: ../../extraconfig/post_deploy/standalone_post.yaml
-    properties:
-       servers:  {get_param: servers}
-       EndpointMap:  {get_param: EndpointMap}
-
  IronicVBMCSetup:
    type: vbmc_setup.yaml
    properties:
--- a/deployment/keystone/keystone-container-puppet.yaml
+++ b/deployment/keystone/keystone-container-puppet.yaml
@ -280,6 +280,9 @@ parameters:
    default: ''
    description: >-
      OAuth 2.0 introspection endpoint for mod_auth_openidc
+  RootStackName:
+    description: The name of the stack/plan.
+    type: string

 resources:

@ -680,6 +683,35 @@ outputs:
            user: root
            command:
              [ 'keystone', 'pkill', '--signal', 'USR1', 'httpd' ]
+      external_deploy_tasks:
+        - name: Manage clouds.yaml files
+          when:
+            - step|int == 1
+            - not ansible_check_mode|bool
+          block:
+            - name: Create /etc/openstack directory if it does not exist
+              become: true
+              file:
+                mode: '0755'
+                owner: root
+                path: /etc/openstack
+                state: directory
+            - name: Configure /etc/openstack/clouds.yaml
+              include_role:
+                name: tripleo-keystone-resources
+                tasks_from: clouds
+              vars:
+                tripleo_keystone_resources_cloud_name: {get_param: RootStackName}
+                tripleo_keystone_resources_cloud_config:
+                  auth:
+                    auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
+                    password: {get_param: AdminPassword}
+                    project_domain_name: Default
+                    project_name: admin
+                    user_domain_name: Default
+                    username: admin
+                  identity_api_version: '3'
+                  region_name: {get_param: KeystoneRegion}
      deploy_steps_tasks:
        - name: validate keystone service state
          when:
--- a/environments/standalone.yaml
+++ b/environments/standalone.yaml
@ -6,7 +6,6 @@ resource_registry:
  OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/noop.yaml
  OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml
  OS::TripleO::Standalone::Net::SoftwareConfig: ../net-config-standalone.yaml
-  OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/standalone_post.yaml

  OS::TripleO::Services::OpenStackClients: ../deployment/clients/openstack-clients-baremetal-puppet.yaml

--- a/environments/standalone/standalone-tripleo.yaml
+++ b/environments/standalone/standalone-tripleo.yaml
@ -52,7 +52,6 @@ resource_registry:
  OS::TripleO::Network::Ports::ControlPlaneVipPort: ../../deployed-server/deployed-neutron-port.yaml
  OS::TripleO::Network::Ports::OVNDBsVipPort: ../../network/ports/noop.yaml
  OS::TripleO::Network::Ports::RedisVipPort: ../../network/ports/noop.yaml
-  OS::TripleO::NodeExtraConfigPost: ../../extraconfig/post_deploy/standalone_post.yaml
  OS::TripleO::Services::AodhApi: OS::Heat::None
  OS::TripleO::Services::AodhEvaluator: OS::Heat::None
  OS::TripleO::Services::AodhListener: OS::Heat::None
--- a/extraconfig/post_deploy/clouds_yaml.py
+++ b/extraconfig/post_deploy/clouds_yaml.py
@ -1,54 +0,0 @@
-#!/usr/bin/env python
-# Copyright 2018, 2019 Red Hat, Inc.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import os
-
-from tripleo_common.utils import clouds_yaml
-from tripleoclient import constants
-
-
-def _get_cloud_config():
-    cloud_config = {
-        os.environ["cloud_name"]: {
-            "auth": {
-                "auth_url": os.environ["auth_url"],
-                "project_name": os.environ["project_name"],
-                "project_domain_name": os.environ["project_domain_name"],
-                "username": os.environ["user_name"],
-                "user_domain_name": os.environ["user_domain_name"],
-                "password": os.environ["admin_password"],
-            },
-            "region_name": os.environ["region_name"],
-            "identity_api_version": os.environ["identity_api_version"],
-        }
-    }
-    return cloud_config
-
-
-if __name__ == "__main__":
-    cloud = _get_cloud_config()
-    home_dir = os.path.join(os.environ["home_dir"])
-    user_id = os.stat(home_dir).st_uid
-    group_id = os.stat(home_dir).st_gid
-    clouds_yaml.create_clouds_yaml(
-        cloud=cloud,
-        cloud_yaml_dir=os.path.join(home_dir, constants.CLOUDS_YAML_DIR),
-        user_id=user_id,
-        group_id=group_id,
-    )
-
-    # Generate clouds.yaml globally
-    clouds_yaml.create_clouds_yaml(cloud=cloud)
--- a/extraconfig/post_deploy/standalone_post.yaml
+++ b/extraconfig/post_deploy/standalone_post.yaml
@ -1,73 +0,0 @@
-heat_template_version: rocky
-
-description: >
-  Post-deployment for the TripleO standalone deployment
-
-parameters:
-  servers:
-    type: json
-  DeployedServerPortMap:
-    default: {}
-    type: json
-  StandaloneHomeDir:
-    description: The HOME directory where the stackrc and ssh credentials for the Standalone will be installed. Set to /home/<user> to customize the location.
-    type: string
-    default: '/root'
-  AdminPassword: #supplied by tripleo-undercloud-passwords.yaml
-    type: string
-    description: The password for the keystone admin account, used for monitoring, querying neutron etc.
-    hidden: True
-  KeystoneRegion:
-    type: string
-    default: 'regionOne'
-    description: Keystone region for endpoint
-  StandaloneCloudName:
-    type: string
-    default: 'standalone'
-    description: Cloud name for the clouds.yaml
-  PythonInterpreter:
-    type: string
-    description: The python interpreter to use for python and ansible actions
-    default: /usr/bin/python
-  EndpointMap:
-    default: {}
-    description: Mapping of service endpoint -> protocol. Typically set
-                 via parameter_defaults in the resource registry.
-    type: json
-
-resources:
-
-  CloudsYamlConfig:
-    type: OS::Heat::SoftwareConfig
-    properties:
-      group: script
-      inputs:
-        - name: admin_password
-        - name: auth_url
-        - name: cloud_name
-        - name: home_dir
-        - name: identity_api_version
-        - name: project_name
-        - name: project_domain_name
-        - name: region_name
-        - name: user_name
-        - name: user_domain_name
-      config: {get_file: ./clouds_yaml.py}
-
-  CloudsYamlDeployment:
-    type: OS::Heat::SoftwareDeploymentGroup
-    properties:
-      name: CloudsYamlDeployment
-      servers: {get_param: servers}
-      config: {get_resource: CloudsYamlConfig}
-      input_values:
-        admin_password: {get_param: AdminPassword}
-        auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
-        cloud_name: {get_param: StandaloneCloudName}
-        home_dir: {get_param: StandaloneHomeDir}
-        identity_api_version: 3
-        project_name: 'admin'
-        project_domain_name: 'Default'
-        region_name: {get_param: KeystoneRegion}
-        user_name: 'admin'
-        user_domain_name: 'Default'
--- a/extraconfig/post_deploy/undercloud_post.yaml
+++ b/extraconfig/post_deploy/undercloud_post.yaml
@ -78,10 +78,6 @@ parameters:
    type: string
    constraints:
      - allowed_values: ['dhcpv6-stateless', 'dhcpv6-stateful']
-  KeystoneRegion:
-    type: string
-    default: 'regionOne'
-    description: Keystone region for endpoint
  UndercloudCloudName:
    type: string
    default: 'undercloud'
@ -144,41 +140,6 @@ resources:
          - ''
        auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}

-  CloudsYamlConfig:
-    type: OS::Heat::SoftwareConfig
-    properties:
-      group: script
-      inputs:
-        - name: admin_password
-        - name: auth_url
-        - name: cloud_name
-        - name: home_dir
-        - name: identity_api_version
-        - name: project_name
-        - name: project_domain_name
-        - name: region_name
-        - name: user_name
-        - name: user_domain_name
-      config: {get_file: ./clouds_yaml.py}
-
-  CloudsYamlDeployment:
-    type: OS::Heat::SoftwareDeploymentGroup
-    properties:
-      name: CloudsYamlDeployment
-      servers: {get_param: servers}
-      config: {get_resource: CloudsYamlConfig}
-      input_values:
-        admin_password: {get_param: AdminPassword}
-        auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
-        cloud_name: {get_param: UndercloudCloudName}
-        home_dir: {get_param: UndercloudHomeDir}
-        identity_api_version: 3
-        project_name: 'admin'
-        project_domain_name: 'Default'
-        region_name: {get_param: KeystoneRegion}
-        user_name: 'admin'
-        user_domain_name: 'Default'
-
  UndercloudPostPyConfig:
    type: OS::Heat::SoftwareConfig
    properties:
@ -189,7 +150,7 @@ resources:

  UndercloudPostPyDeployment:
    type: OS::Heat::SoftwareDeploymentGroup
-    depends_on: [UndercloudPostDeployment, CloudsYamlDeployment]
+    depends_on: UndercloudPostDeployment
    properties:
      name: UndercloudPostPyDeployment
      servers: {get_param: servers}
@ -217,7 +178,7 @@ resources:

  UndercloudCtlplaneNetworkDeployment:
    type: OS::Heat::SoftwareDeploymentGroup
-    depends_on: [UndercloudPostDeployment, CloudsYamlDeployment]
+    depends_on: UndercloudPostDeployment
    properties:
      name: UndercloudCtlplaneNetworkDeployment
      servers: {get_param: servers}
--- a/sample-env-generator/standalone.yaml
+++ b/sample-env-generator/standalone.yaml
@ -54,7 +54,6 @@ environments:
      OS::TripleO::Network::Ports::OVNDBsVipPort: ../../network/ports/noop.yaml
      OS::TripleO::Network::Ports::ControlPlaneVipPort: ../../deployed-server/deployed-neutron-port.yaml
      OS::TripleO::Standalone::Net::SoftwareConfig: ../../net-config-standalone.yaml
-      OS::TripleO::NodeExtraConfigPost: ../../extraconfig/post_deploy/standalone_post.yaml

      # OVN
      OS::TripleO::Services::OVNDBs: ../../deployment/ovn/ovn-dbs-container-puppet.yaml