openstack
/
tripleo-heat-templates
Code Issues Proposed changes
Browse Source

Add ec2-api service 

This change adds the ec2api service using the
tripleo::profile::base::nova::ec2api profile.

The deprecated nova-cert service is not supported, and therefore the
RegisterImage action is not supported either.

Change-Id: I2510fd4ed935d8423216fff9ce3adf2d69c9c804
Depends-On: If4b091e1ca02f43aa9c65392baf8ceea007b7cfb
changes/34/398634/25
Sven Anderson 6 years ago committed by Emilien Macchi
parent
44ec61345d
commit
e02c3c2962
12 changed files with 393 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      README.rst
  2. 2
      ci/environments/scenario002-multinode.yaml
  3. 3
      environments/services/ec2-api.yaml
  4. 3
      environments/tls-endpoints-public-dns.yaml
  5. 3
      environments/tls-endpoints-public-ip.yaml
  6. 3
      environments/tls-everywhere-endpoints-dns.yaml
  7. 9
      network/endpoints/endpoint_data.yaml
  8. 246
      network/endpoints/endpoint_map.yaml
  9. 2
      network/service_net_map.j2.yaml
  10. 1
      overcloud-resource-registry-puppet.j2.yaml
  11. 118
      puppet/services/ec2-api.yaml
  12. 1
      roles_data.yaml

2
README.rst
Unescape View File

@ -116,5 +116,7 @@ and should be executed according to the following table:
+----------------+-------------+-------------+-------------+-------------+-----------------+
| zaqar | | X | | | |
+----------------+-------------+-------------+-------------+-------------+-----------------+
| ec2api | | X | | | |
+----------------+-------------+-------------+-------------+-------------+-----------------+
| cephrgw | | X | | X | |
+----------------+-------------+-------------+-------------+-------------+-----------------+

2
ci/environments/scenario002-multinode.yaml
Unescape View File

@ -3,6 +3,7 @@ resource_registry:
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml
OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml
OS::TripleO::Services::Ec2Api: ../../puppet/services/ec2-api.yaml
parameter_defaults:
ControllerServices:
@ -45,6 +46,7 @@ parameter_defaults:
- OS::TripleO::Services::BarbicanApi
- OS::TripleO::Services::MongoDb
- OS::TripleO::Services::Zaqar
- OS::TripleO::Services::Ec2Api
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu

3
environments/services/ec2-api.yaml
Unescape View File

@ -0,0 +1,3 @@
# A Heat environment file which can be used to enable EC2-API service.
resource_registry:
OS::TripleO::Services::Ec2Api: ../../puppet/services/ec2-api.yaml

3
environments/tls-endpoints-public-dns.yaml
Unescape View File

@ -17,6 +17,9 @@ parameter_defaults:
CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}

3
environments/tls-endpoints-public-ip.yaml
Unescape View File

@ -17,6 +17,9 @@ parameter_defaults:
CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'IP_ADDRESS'}
GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
GlancePublic: {protocol: 'https', port: '13292', host: 'IP_ADDRESS'}

3
environments/tls-everywhere-endpoints-dns.yaml
Unescape View File

@ -17,6 +17,9 @@ parameter_defaults:
CinderAdmin: {protocol: 'https', port: '8776', host: 'CLOUDNAME'}
CinderInternal: {protocol: 'https', port: '8776', host: 'CLOUDNAME'}
CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'}
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
GlanceAdmin: {protocol: 'https', port: '9292', host: 'CLOUDNAME'}
GlanceInternal: {protocol: 'https', port: '9292', host: 'CLOUDNAME'}
GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}

9
network/endpoints/endpoint_data.yaml
Unescape View File

@ -28,6 +28,15 @@ Ceilometer:
net_param: CeilometerApi
port: 8777
Ec2Api:
Internal:
net_param: Ec2Api
Public:
net_param: Public
Admin:
net_param: Ec2Api
port: 8788
Gnocchi:
Internal:
net_param: GnocchiApi

246
network/endpoints/endpoint_map.yaml
Unescape View File

@ -34,6 +34,9 @@ parameters:
CinderAdmin: {protocol: http, port: '8776', host: IP_ADDRESS}
CinderInternal: {protocol: http, port: '8776', host: IP_ADDRESS}
CinderPublic: {protocol: http, port: '8776', host: IP_ADDRESS}
Ec2ApiAdmin: {protocol: http, port: '8788', host: IP_ADDRESS}
Ec2ApiInternal: {protocol: http, port: '8788', host: IP_ADDRESS}
Ec2ApiPublic: {protocol: http, port: '8788', host: IP_ADDRESS}
GlanceAdmin: {protocol: http, port: '9292', host: IP_ADDRESS}
GlanceInternal: {protocol: http, port: '9292', host: IP_ADDRESS}
GlancePublic: {protocol: http, port: '9292', host: IP_ADDRESS}
@ -1810,6 +1813,249 @@ outputs:
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, CinderPublic, port]
Ec2ApiAdmin:
host:
str_replace:
template:
get_param: [EndpointMap, Ec2ApiAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, Ec2ApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, Ec2ApiNetwork]
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param: [EndpointMap, Ec2ApiAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, Ec2ApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- get_param: [ServiceNetMap, Ec2ApiNetwork]
port:
get_param: [EndpointMap, Ec2ApiAdmin, port]
protocol:
get_param: [EndpointMap, Ec2ApiAdmin, protocol]
uri:
list_join:
- ''
- - get_param: [EndpointMap, Ec2ApiAdmin, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, Ec2ApiAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, Ec2ApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, Ec2ApiNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, Ec2ApiAdmin, port]
uri_no_suffix:
list_join:
- ''
- - get_param: [EndpointMap, Ec2ApiAdmin, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, Ec2ApiAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, Ec2ApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, Ec2ApiNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, Ec2ApiAdmin, port]
Ec2ApiInternal:
host:
str_replace:
template:
get_param: [EndpointMap, Ec2ApiInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, Ec2ApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, Ec2ApiNetwork]
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param: [EndpointMap, Ec2ApiInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, Ec2ApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- get_param: [ServiceNetMap, Ec2ApiNetwork]
port:
get_param: [EndpointMap, Ec2ApiInternal, port]
protocol:
get_param: [EndpointMap, Ec2ApiInternal, protocol]
uri:
list_join:
- ''
- - get_param: [EndpointMap, Ec2ApiInternal, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, Ec2ApiInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, Ec2ApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, Ec2ApiNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, Ec2ApiInternal, port]
uri_no_suffix:
list_join:
- ''
- - get_param: [EndpointMap, Ec2ApiInternal, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, Ec2ApiInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, Ec2ApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, Ec2ApiNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, Ec2ApiInternal, port]
Ec2ApiPublic:
host:
str_replace:
template:
get_param: [EndpointMap, Ec2ApiPublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param: [EndpointMap, Ec2ApiPublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- get_param: [ServiceNetMap, PublicNetwork]
port:
get_param: [EndpointMap, Ec2ApiPublic, port]
protocol:
get_param: [EndpointMap, Ec2ApiPublic, protocol]
uri:
list_join:
- ''
- - get_param: [EndpointMap, Ec2ApiPublic, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, Ec2ApiPublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, Ec2ApiPublic, port]
uri_no_suffix:
list_join:
- ''
- - get_param: [EndpointMap, Ec2ApiPublic, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, Ec2ApiPublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, Ec2ApiPublic, port]
GlanceAdmin:
host:
str_replace:

2
network/service_net_map.j2.yaml
Unescape View File

@ -48,6 +48,8 @@ parameters:
NovaPlacementNetwork: internal_api
NovaMetadataNetwork: internal_api
NovaVncProxyNetwork: internal_api
Ec2ApiNetwork: internal_api
Ec2ApiMetadataNetwork: internal_api
SwiftStorageNetwork: storage_mgmt
SwiftProxyNetwork: storage
SaharaApiNetwork: internal_api

1
overcloud-resource-registry-puppet.j2.yaml
Unescape View File

@ -234,6 +234,7 @@ resource_registry:
OS::TripleO::Services::NeutronML2FujitsuFossw: OS::Heat::None
OS::TripleO::Services::CinderHPELeftHandISCSI: OS::Heat::None
OS::TripleO::Services::Etcd: OS::Heat::None
OS::TripleO::Services::Ec2Api: OS::Heat::None
parameter_defaults:
EnablePackageInstall: false

118
puppet/services/ec2-api.yaml
Unescape View File

@ -0,0 +1,118 @@
heat_template_version: ocata
description: >
OpenStack EC2-API service configured with Puppet
parameters:
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
Ec2ApiWorkers:
default: 0
description: Number of workers for EC2-API service.
type: number
Ec2ApiPassword:
description: The password for the nova service and db account, used by nova-api.
type: string
hidden: true
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
MonitoringSubscriptionEc2Api:
default: 'overcloud-ec2-api'
type: string
Ec2ApiLoggingSource:
type: json
default:
tag: openstack.ec2.api
path: /var/log/ec2api/ec2api.log
EnablePackageInstall:
default: 'false'
description: Set to true to enable package installation via Puppet
type: boolean
conditions:
nova_workers_zero: {equals : [{get_param: Ec2ApiWorkers}, 0]}
outputs:
role_data:
description: Role data for the EC2-API service.
value:
service_name: ec2_api
monitoring_subscription: {get_param: MonitoringSubscriptionEc2Api}
logging_source: {get_param: Ec2ApiLoggingSource}
logging_groups:
- nova
config_settings:
map_merge:
- tripleo.ec2_api.firewall_rules:
'113 ec2_api':
dport:
- 8788
- 13788
ec2api::keystone::authtoken::project_name: 'service'
ec2api::keystone::authtoken::password: {get_param: Ec2ApiPassword}
ec2api::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
ec2api::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
ec2api::api::enabled: true
ec2api::package_manage: {get_param: EnablePackageInstall}
ec2api::api::ec2api_listen:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
params:
$NETWORK: {get_param: [ServiceNetMap, Ec2ApiNetwork]}
ec2api::metadata::metadata_listen:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
params:
$NETWORK: {get_param: [ServiceNetMap, Ec2ApiMetadataNetwork]}
ec2api::db::database_connection:
list_join:
- ''
- - {get_param: [EndpointMap, MysqlInternal, protocol]}
- '://ec2_api:'
- {get_param: Ec2ApiPassword}
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ec2_api'
- '?bind_address='
- "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
-
if:
- nova_workers_zero
- {}
- ec2api::api::ec2api_workers: {get_param: Ec2ApiWorkers}
ec2api::metadata::metadata_workers: {get_param: Ec2ApiWorkers}
step_config: |
include tripleo::profile::base::nova::ec2api
service_config_settings:
keystone:
ec2api::keystone::auth::tenant: 'service'
ec2api::keystone::auth::public_url: {get_param: [EndpointMap, Ec2ApiPublic, uri]}
ec2api::keystone::auth::internal_url: {get_param: [EndpointMap, Ec2ApiInternal, uri]}
ec2api::keystone::auth::admin_url: {get_param: [EndpointMap, Ec2ApiAdmin, uri]}
ec2api::keystone::auth::password: {get_param: Ec2ApiPassword}
ec2api::keystone::auth::region: {get_param: KeystoneRegion}
mysql:
ec2api::db::mysql::password: {get_param: Ec2ApiPassword}
ec2api::db::mysql::user: ec2_api
ec2api::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
ec2api::db::mysql::dbname: ec2_api
ec2api::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"

1
roles_data.yaml
Unescape View File

@ -61,6 +61,7 @@
- OS::TripleO::Services::NovaScheduler
- OS::TripleO::Services::NovaConsoleauth
- OS::TripleO::Services::NovaVncProxy
- OS::TripleO::Services::Ec2Api
- OS::TripleO::Services::Ntp
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftStorage

Write Preview
Loading…
Cancel
Save