Browse Source

docker: add support for TripleO UI

Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Dan Prince <dprince@redhat.com>
Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Partially-Implements: bp tripleo-ui-undercloud-container
Change-Id: I1109d19e586958ac4225107108ff90187da30edd
changes/90/515490/30
Honza Pokorny 5 years ago committed by Emilien Macchi
parent
commit
7cbe28b5ef
  1. 148
      docker/services/tripleo-ui.yaml
  2. 2
      environments/services-docker/tripleo-ui.yaml
  3. 2
      environments/services/tripleo-ui.yaml
  4. 1
      environments/ssl/tls-endpoints-public-dns.yaml
  5. 1
      environments/ssl/tls-endpoints-public-ip.yaml
  6. 1
      environments/ssl/tls-everywhere-endpoints-dns.yaml
  7. 1
      environments/tls-endpoints-public-dns.yaml
  8. 1
      environments/tls-endpoints-public-ip.yaml
  9. 1
      environments/tls-everywhere-endpoints-dns.yaml
  10. 7
      network/endpoints/endpoint_data.yaml
  11. 83
      network/endpoints/endpoint_map.yaml
  12. 1
      overcloud-resource-registry-puppet.j2.yaml
  13. 111
      puppet/services/tripleo-ui.yaml
  14. 1
      roles/Undercloud.yaml
  15. 1
      roles_data_undercloud.yaml
  16. 3
      sample-env-generator/ssl.yaml
  17. 1
      tools/yaml-validate.py

148
docker/services/tripleo-ui.yaml

@ -0,0 +1,148 @@
heat_template_version: queens
description: >
Openstack containerized TripleO UI service
parameters:
DockerTripleoUIImage:
description: image
type: string
DockerTripleoUIConfigImage:
description: The container image to use for the tripleo-ui config_volume
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EnableInternalTLS:
type: boolean
default: false
UpgradeRemoveUnusedPackages:
default: false
description: Remove package if the service is being disabled during upgrade
type: boolean
conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
ContainersCommon:
type: ./containers-common.yaml
TripleoUIPuppetBase:
type: ../../puppet/services/tripleo-ui.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the TripleO UI role.
value:
service_name: {get_attr: [TripleoUIPuppetBase, role_data, service_name]}
config_settings:
map_merge:
- get_attr: [TripleoUIPuppetBase, role_data, config_settings]
- apache::default_vhost: false
logging_source: {get_attr: [TripleoUIPuppetBase, role_data, logging_source]}
logging_groups: {get_attr: [TripleoUIPuppetBase, role_data, logging_groups]}
service_config_settings: {get_attr: [TripleoUIPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: tripleo-ui
step_config: {get_attr: [TripleoUIPuppetBase, role_data, step_config]}
config_image: {get_param: DockerTripleoUIConfigImage}
kolla_config:
/var/lib/kolla/config_files/tripleo_ui.json:
command: /usr/sbin/httpd -DFOREGROUND
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
docker_config:
step_4:
tripleo_ui:
image: {get_param: DockerTripleoUIImage}
net: host
privileged: false
restart: always
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/tripleo_ui.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/tripleo-ui/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/httpd/tripleo-ui:/var/log/httpd
-
if:
- internal_tls_enabled
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
- ''
-
if:
- internal_tls_enabled
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
- ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- name: create persistent logs directory
file:
path: "{{ item }}"
state: directory
with_items:
- /var/log/containers/httpd/tripleo-ui
upgrade_tasks:
- name: Check for tripleo-ui service running under apache
tags: common
shell: "httpd -t -D DUMP_VHOSTS | grep -q tripleo-ui"
ignore_errors: True
register: httpd_enabled
- name: Check if httpd is running
tags: common
command: systemctl is-active --quiet httpd
ignore_errors: True
register: httpd_running
- name: "PreUpgrade step0,validation: Check if tripleo-ui is running"
shell: systemctl status 'httpd' | grep -q tripleo-ui
tags: validation
when: httpd_enabled.rc == 0 and httpd_running.rc == 0
- name: Stop and disable tripleo-ui service (running under httpd)
when: httpd_enabled.rc == 0 and httpd_running.rc == 0 and step|int == 2
service: name=httpd state=stopped enabled=no
- name: Remove openstack-tripleo-ui package if operator requests it
yum: name=openstack-tripleo-ui state=removed
ignore_errors: True
when:
- step|int == 2
- {get_param: UpgradeRemoveUnusedPackages}
metadata_settings:
get_attr: [TripleoUIPuppetBase, role_data, metadata_settings]

2
environments/services-docker/tripleo-ui.yaml

@ -0,0 +1,2 @@
resource_registry:
OS::TripleO::Services::TripleoUI: ../../docker/services/tripleo-ui.yaml

2
environments/services/tripleo-ui.yaml

@ -0,0 +1,2 @@
resource_registry:
OS::TripleO::Services::TripleoUI: ../../puppet/services/tripleo-ui.yaml

1
environments/ssl/tls-endpoints-public-dns.yaml

@ -75,6 +75,7 @@ parameter_defaults:
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
NovaUIConfig: {protocol: 'http', port: '3000', host: 'IP_ADDRESS'}
NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}

1
environments/ssl/tls-endpoints-public-ip.yaml

@ -75,6 +75,7 @@ parameter_defaults:
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'}
NovaUIConfig: {protocol: 'http', port: '3000', host: 'IP_ADDRESS'}
NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'}

1
environments/ssl/tls-everywhere-endpoints-dns.yaml

@ -75,6 +75,7 @@ parameter_defaults:
NovaAdmin: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaInternal: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
NovaUIConfig: {protocol: 'http', port: '3000', host: 'CLOUDNAME'}
NovaPlacementAdmin: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
NovaPlacementInternal: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}

1
environments/tls-endpoints-public-dns.yaml

@ -69,6 +69,7 @@ parameter_defaults:
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
NovaUIConfig: {protocol: 'http', port: '3000', host: 'IP_ADDRESS'}
NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}

1
environments/tls-endpoints-public-ip.yaml

@ -69,6 +69,7 @@ parameter_defaults:
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'}
NovaUIConfig: {protocol: 'http', port: '3000', host: 'IP_ADDRESS'}
NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'}

1
environments/tls-everywhere-endpoints-dns.yaml

@ -65,6 +65,7 @@ parameter_defaults:
NovaAdmin: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaInternal: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
NovaUIConfig: {protocol: 'http', port: '3000', host: 'CLOUDNAME'}
NovaPlacementAdmin: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
NovaPlacementInternal: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}

7
network/endpoints/endpoint_data.yaml

@ -230,6 +230,11 @@ Nova:
net_param: NovaApi
uri_suffixes:
'': /v2.1
UIConfig:
net_param: Public
uri_suffixes:
'': /nova/v2.1
port: 3000
port: 8774
NovaPlacement:
@ -401,4 +406,4 @@ OpenDaylight:
net_param: OpenDaylightApi
Admin:
net_param: OpenDaylightApi
port: 8081
port: 8081

83
network/endpoints/endpoint_map.yaml

@ -82,6 +82,7 @@ parameters:
NovaAdmin: {protocol: http, port: '8774', host: IP_ADDRESS}
NovaInternal: {protocol: http, port: '8774', host: IP_ADDRESS}
NovaPublic: {protocol: http, port: '8774', host: IP_ADDRESS}
NovaUIConfig: {protocol: http, port: '3000', host: IP_ADDRESS}
NovaPlacementAdmin: {protocol: http, port: '8778', host: IP_ADDRESS}
NovaPlacementInternal: {protocol: http, port: '8778', host: IP_ADDRESS}
NovaPlacementPublic: {protocol: http, port: '8778', host: IP_ADDRESS}
@ -6300,6 +6301,88 @@ outputs:
template: NETWORK_uri
port:
get_param: [EndpointMap, NovaPublic, port]
NovaUIConfig:
host:
str_replace:
template:
get_param: [EndpointMap, NovaUIConfig, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param: [EndpointMap, NovaUIConfig, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- get_param: [ServiceNetMap, PublicNetwork]
port:
get_param: [EndpointMap, NovaUIConfig, port]
protocol:
get_param: [EndpointMap, NovaUIConfig, protocol]
uri:
make_url:
scheme:
get_param: [EndpointMap, NovaUIConfig, protocol]
host:
str_replace:
template:
get_param: [EndpointMap, NovaUIConfig, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
port:
get_param: [EndpointMap, NovaUIConfig, port]
path: /nova/v2.1
uri_no_suffix:
make_url:
scheme:
get_param: [EndpointMap, NovaUIConfig, protocol]
host:
str_replace:
template:
get_param: [EndpointMap, NovaUIConfig, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
port:
get_param: [EndpointMap, NovaUIConfig, port]
NovaPlacementAdmin:
host:
str_replace:

1
overcloud-resource-registry-puppet.j2.yaml

@ -189,6 +189,7 @@ resource_registry:
OS::TripleO::Services::Memcached: docker/services/memcached.yaml
OS::TripleO::Services::SaharaApi: OS::Heat::None
OS::TripleO::Services::SaharaEngine: OS::Heat::None
OS::TripleO::Services::TripleoUI: OS::Heat::None
OS::TripleO::Services::Tuned: puppet/services/tuned.yaml
OS::TripleO::Services::Securetty: OS::Heat::None
OS::TripleO::Services::Sshd: docker/services/sshd.yaml

111
puppet/services/tripleo-ui.yaml

@ -0,0 +1,111 @@
heat_template_version: queens
description: >
OpenStack TripleO UI service configured with Puppet
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
EnableInternalTLS:
type: boolean
default: false
TripleoUILoggingSource:
type: json
default:
tag: openstack.tripleo.ui
# FIXME(mandre)
path: /var/log/tripleo/ui.log
resources:
ApacheServiceBase:
type: ./apache.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
EnableInternalTLS: {get_param: EnableInternalTLS}
outputs:
role_data:
description: Role data for the TripleO UI role.
value:
service_name: tripleo_ui
logging_source: {get_param: TripleoUILoggingSource}
logging_groups:
- tripleo_ui
config_settings:
map_merge:
- get_attr: [ApacheServiceBase, role_data, config_settings]
- keystone::cors::allowed_origin: '*'
ironic::cors::allowed_origin: '*'
ironic::cors::max_age: 3600
ironic::cors::allow_methods: 'GET,POST,PUT,DELETE,OPTIONS,PATCH'
ironic::cors::allow_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Auth-Token'
ironic::cors::expose_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma'
ironic::inspector::cors::allowed_origin: '*'
ironic::inspector::cors::max_age: 3600
ironic::inspector::cors::allow_methods: 'GET,POST,PUT,DELETE,OPTIONS,PATCH'
ironic::inspector::cors::allow_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Auth-Token'
ironic::inspector::cors::expose_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma'
heat::cors::allowed_origin: '*'
heat::cors::max_age: 3600
heat::cors::allow_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Auth-Token'
heat::cors::expose_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma'
mistral::cors::allowed_origin: '*'
mistral::cors::allow_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Auth-Token'
mistral::cors::expose_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma'
swift::proxy::cors_allow_origin: '*'
tripleo::ui::endpoint_proxy_zaqar: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri_no_suffix]}
tripleo::ui::endpoint_proxy_keystone: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
tripleo::ui::endpoint_proxy_heat: {get_param: [EndpointMap, HeatInternal, uri_no_suffix]}
tripleo::ui::endpoint_proxy_ironic: {get_param: [EndpointMap, IronicInternal, uri_no_suffix]}
tripleo::ui::endpoint_proxy_ironic_inspector: {get_param: [EndpointMap, IronicInspectorInternal, uri_no_suffix]}
tripleo::ui::endpoint_proxy_mistral: {get_param: [EndpointMap, MistralInternal, uri_no_suffix]}
tripleo::ui::endpoint_proxy_nova: {get_param: [EndpointMap, NovaInternal, uri_no_suffix]}
tripleo::ui::endpoint_proxy_swift: {get_param: [EndpointMap, SwiftInternal, uri_no_suffix]}
tripleo::ui::endpoint_config_zaqar: {get_param: [EndpointMap, ZaqarWebSocketUIConfig, uri]}
tripleo::ui::endpoint_config_keystone: {get_param: [EndpointMap, KeystoneUIConfig, uri]}
tripleo::ui::endpoint_config_heat: {get_param: [EndpointMap, HeatUIConfig, uri]}
tripleo::ui::endpoint_config_ironic: {get_param: [EndpointMap, IronicUIConfig, uri]}
tripleo::ui::endpoint_config_ironic_inspector: {get_param: [EndpointMap, IronicInspectorUIConfig, uri]}
tripleo::ui::endpoint_config_mistral: {get_param: [EndpointMap, MistralUIConfig, uri]}
tripleo::ui::endpoint_config_nova: {get_param: [EndpointMap, NovaUIConfig, uri]}
tripleo::ui::endpoint_config_swift: {get_param: [EndpointMap, SwiftUIConfig, uri]}
# FIXME(mandre) we're required to set bind_host otherwise it
# complains that it can't find the controller_host hiera key
tripleo::ui::bind_host: "127.0.0.1"
step_config: |
include ::tripleo::ui
service_config_settings: {}
metadata_settings:
get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks: {}

1
roles/Undercloud.yaml

@ -53,6 +53,7 @@
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::SwiftStorage
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoUI
- OS::TripleO::Services::Tuned
- OS::TripleO::Services::UndercloudAodhApi
- OS::TripleO::Services::UndercloudAodhEvaluator

1
roles_data_undercloud.yaml

@ -56,6 +56,7 @@
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::SwiftStorage
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoUI
- OS::TripleO::Services::Tuned
- OS::TripleO::Services::UndercloudAodhApi
- OS::TripleO::Services::UndercloudAodhEvaluator

3
sample-env-generator/ssl.yaml

@ -170,6 +170,7 @@ environments:
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'}
NovaUIConfig: {protocol: 'http', port: '3000', host: 'IP_ADDRESS'}
NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'}
@ -282,6 +283,7 @@ environments:
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
NovaUIConfig: {protocol: 'http', port: '3000', host: 'IP_ADDRESS'}
NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}
@ -394,6 +396,7 @@ environments:
NovaAdmin: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaInternal: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
NovaUIConfig: {protocol: 'http', port: '3000', host: 'CLOUDNAME'}
NovaPlacementAdmin: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
NovaPlacementInternal: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}

1
tools/yaml-validate.py

@ -134,6 +134,7 @@ PARAMETER_DEFINITION_EXCLUSIONS = {'CephPools': ['description',
PREFERRED_CAMEL_CASE = {
'ec2api': 'Ec2Api',
'haproxy': 'HAProxy',
'tripleo-ui': 'TripleoUI',
}
# Overrides for docker/puppet validation

Loading…
Cancel
Save