diff --git a/sysinv/sysinv/sysinv/setup.cfg b/sysinv/sysinv/sysinv/setup.cfg index 114857c5a1..9653090368 100644 --- a/sysinv/sysinv/sysinv/setup.cfg +++ b/sysinv/sysinv/sysinv/setup.cfg @@ -113,6 +113,7 @@ systemconfig.helm_plugins.stx_openstack = 026_nginx-ports-control = sysinv.helm.nginx_ports_control:NginxPortsControlHelm 027_version_check = sysinv.helm.openstack_version_check:StxOpenstackVersionCheckHelm 028_fm-rest-api = sysinv.helm.fm_rest_api:FmRestApiHelm + 029_dcdbsync = sysinv.helm.dcdbsync:DcdbsyncHelm systemconfig.armada.manifest_ops = generic = sysinv.helm.manifest_generic:GenericArmadaManifestOperator diff --git a/sysinv/sysinv/sysinv/sysinv/conductor/manager.py b/sysinv/sysinv/sysinv/sysinv/conductor/manager.py index dbb4895aaa..74aae96710 100644 --- a/sysinv/sysinv/sysinv/sysinv/conductor/manager.py +++ b/sysinv/sysinv/sysinv/sysinv/conductor/manager.py @@ -6432,7 +6432,8 @@ class ConductorManager(service.PeriodicService): config_dict = { "personalities": personalities, - "classes": ['platform::sm::stx_openstack::runtime'] + "classes": ['platform::sm::stx_openstack::runtime', + 'platform::dcdbsync::stx_openstack::runtime'] } self._config_apply_runtime_manifest(context, @@ -6450,6 +6451,7 @@ class ConductorManager(service.PeriodicService): config_dict = { "personalities": personalities, "classes": ['platform::nfv::runtime', + 'platform::dcdbsync::stx_openstack::runtime', 'platform::sm::stx_openstack::runtime'] } diff --git a/sysinv/sysinv/sysinv/sysinv/helm/common.py b/sysinv/sysinv/sysinv/sysinv/helm/common.py index b1a539ad77..82104b4c71 100644 --- a/sysinv/sysinv/sysinv/sysinv/helm/common.py +++ b/sysinv/sysinv/sysinv/sysinv/helm/common.py @@ -57,6 +57,7 @@ HELM_CHART_HELM_TOOLKIT = 'helm-toolkit' HELM_CHART_KEYSTONE_API_PROXY = 'keystone-api-proxy' HELM_CHART_SWIFT = 'ceph-rgw' HELM_CHART_NGINX_PORTS_CONTROL = "nginx-ports-control" +HELM_CHART_DCDBSYNC = 'dcdbsync' HELM_CHART_ELASTICSEARCH = 'elasticsearch' HELM_CHART_KIBANA = 'kibana' diff --git a/sysinv/sysinv/sysinv/sysinv/helm/dcdbsync.py b/sysinv/sysinv/sysinv/sysinv/helm/dcdbsync.py new file mode 100644 index 0000000000..ba0d8153ec --- /dev/null +++ b/sysinv/sysinv/sysinv/sysinv/helm/dcdbsync.py @@ -0,0 +1,61 @@ +# +# Copyright (c) 2019 Wind River Systems, Inc. +# +# SPDX-License-Identifier: Apache-2.0 +# + +from sysinv.common import constants +from sysinv.common import exception +from sysinv.helm import common +from sysinv.helm import openstack + + +class DcdbsyncHelm(openstack.OpenstackBaseHelm): + """Class to encapsulate helm operations for the dcdbsync chart""" + + CHART = common.HELM_CHART_DCDBSYNC + AUTH_USERS = ['dcdbsync'] + SERVICE_NAME = common.HELM_CHART_DCDBSYNC + + def _is_enabled(self, app_name, chart_name, namespace): + # First, see if this chart is enabled by the user then adjust based on + # system conditions + enabled = super(DcdbsyncHelm, self)._is_enabled( + app_name, chart_name, namespace) + if enabled \ + and (self._distributed_cloud_role() != + constants.DISTRIBUTED_CLOUD_ROLE_SYSTEMCONTROLLER) \ + and (self._distributed_cloud_role() != + constants.DISTRIBUTED_CLOUD_ROLE_SUBCLOUD): + enabled = False + return enabled + + def execute_manifest_updates(self, operator): + if self._is_enabled(operator.APP, + self.CHART, common.HELM_NS_OPENSTACK): + operator.manifest_chart_groups_insert( + operator.ARMADA_MANIFEST, + operator.CHART_GROUPS_LUT[self.CHART]) + + def get_overrides(self, namespace=None): + overrides = { + common.HELM_NS_OPENSTACK: { + 'endpoints': self._get_endpoints_overrides(), + } + } + + if namespace in self.SUPPORTED_NAMESPACES: + return overrides[namespace] + elif namespace: + raise exception.InvalidHelmNamespace(chart=self.CHART, + namespace=namespace) + else: + return overrides + + def _get_endpoints_overrides(self): + return { + 'identity': { + 'auth': self._get_endpoints_identity_overrides( + self.SERVICE_NAME, self.AUTH_USERS), + }, + } diff --git a/sysinv/sysinv/sysinv/sysinv/helm/helm.py b/sysinv/sysinv/sysinv/sysinv/helm/helm.py index 7228c8bb5b..33f8fbf612 100644 --- a/sysinv/sysinv/sysinv/sysinv/helm/helm.py +++ b/sysinv/sysinv/sysinv/sysinv/helm/helm.py @@ -735,9 +735,40 @@ class HelmOperatorData(HelmOperator): keystone_operator.get_admin_user_domain(), 'admin_project_domain': keystone_operator.get_admin_project_domain(), + 'admin_password': + keystone_operator.get_admin_password(), } return auth_data + @helm_context + def get_keystone_endpoint_data(self): + keystone_operator = self.chart_operators[common.HELM_CHART_KEYSTONE] + endpoint_data = { + 'endpoint_override': + 'http://keystone.openstack.svc.cluster.local:80', + 'region_name': + keystone_operator.get_region_name(), + } + return endpoint_data + + @helm_context + def get_keystone_oslo_db_data(self): + keystone_operator = self.chart_operators[common.HELM_CHART_KEYSTONE] + endpoints_overrides = keystone_operator.\ + _get_endpoints_oslo_db_overrides(common.HELM_CHART_KEYSTONE, + ['keystone']) + + password = endpoints_overrides['keystone']['password'] + connection = "mysql+pymysql://keystone:%s@" \ + "mariadb.openstack.svc.cluster.local:3306/keystone"\ + % (password) + + endpoint_data = { + 'connection': + connection, + } + return endpoint_data + @helm_context def get_nova_endpoint_data(self): nova_operator = self.chart_operators[common.HELM_CHART_NOVA] @@ -822,3 +853,14 @@ class HelmOperatorData(HelmOperator): ceilometer_operator.get_region_name(), } return endpoint_data + + @helm_context + def get_dcdbsync_endpoint_data(self): + dcdbsync_operator = self.chart_operators[common.HELM_CHART_DCDBSYNC] + endpoints_overrides = dcdbsync_operator._get_endpoints_overrides() + endpoint_data = { + 'keystone_password': + endpoints_overrides['identity']['auth']['dcdbsync'] + ['password'], + } + return endpoint_data diff --git a/sysinv/sysinv/sysinv/sysinv/helm/keystone.py b/sysinv/sysinv/sysinv/sysinv/helm/keystone.py index bf2a523618..d966f88824 100644 --- a/sysinv/sysinv/sysinv/sysinv/helm/keystone.py +++ b/sysinv/sysinv/sysinv/sysinv/helm/keystone.py @@ -268,3 +268,12 @@ class KeystoneHelm(openstack.OpenstackBaseHelm): if service_config is not None: return service_config.capabilities.get('admin_project_domain') return self.DEFAULT_DOMAIN_NAME + + def get_admin_password(self): + o_user = self.get_admin_user_name() + o_service = common.SERVICE_ADMIN + + return self._get_identity_password(o_service, o_user) + + def get_region_name(self): + return self._get_service_region_name(self.SERVICE_NAME) diff --git a/sysinv/sysinv/sysinv/sysinv/helm/manifest_openstack.py b/sysinv/sysinv/sysinv/sysinv/helm/manifest_openstack.py index cb68c52f58..2833a5e4c5 100644 --- a/sysinv/sysinv/sysinv/sysinv/helm/manifest_openstack.py +++ b/sysinv/sysinv/sysinv/sysinv/helm/manifest_openstack.py @@ -16,6 +16,7 @@ from sysinv.helm.aodh import AodhHelm from sysinv.helm.barbican import BarbicanHelm from sysinv.helm.ceilometer import CeilometerHelm from sysinv.helm.cinder import CinderHelm +from sysinv.helm.dcdbsync import DcdbsyncHelm from sysinv.helm.fm_rest_api import FmRestApiHelm from sysinv.helm.garbd import GarbdHelm from sysinv.helm.glance import GlanceHelm @@ -67,6 +68,7 @@ class OpenstackArmadaManifestOperator(base.ArmadaManifestOperator): CHART_GROUP_HEAT = 'openstack-heat' CHART_GROUP_HORIZON = 'openstack-horizon' CHART_GROUP_TELEMETRY = 'openstack-telemetry' + CHART_GROUP_DCDBSYNC = 'openstack-dcdbsync' CHART_GROUPS_LUT = { AodhHelm.CHART: CHART_GROUP_TELEMETRY, @@ -96,6 +98,7 @@ class OpenstackArmadaManifestOperator(base.ArmadaManifestOperator): PlacementHelm.CHART: CHART_GROUP_COMPUTE_KIT, RabbitmqHelm.CHART: CHART_GROUP_RABBITMQ, SwiftHelm.CHART: CHART_GROUP_SWIFT, + DcdbsyncHelm.CHART: CHART_GROUP_DCDBSYNC, } CHARTS_LUT = { @@ -126,6 +129,7 @@ class OpenstackArmadaManifestOperator(base.ArmadaManifestOperator): PlacementHelm.CHART: 'openstack-placement', RabbitmqHelm.CHART: 'openstack-rabbitmq', SwiftHelm.CHART: 'openstack-ceph-rgw', + DcdbsyncHelm.CHART: 'openstack-dcdbsync', } def platform_mode_manifest_updates(self, dbapi, mode): diff --git a/sysinv/sysinv/sysinv/sysinv/puppet/dcdbsync.py b/sysinv/sysinv/sysinv/sysinv/puppet/dcdbsync.py index bf83c838ff..565cf58725 100644 --- a/sysinv/sysinv/sysinv/sysinv/puppet/dcdbsync.py +++ b/sysinv/sysinv/sysinv/sysinv/puppet/dcdbsync.py @@ -5,6 +5,8 @@ # from sysinv.common import constants +from sysinv.common import utils +from sysinv.helm import helm from sysinv.puppet import openstack @@ -43,7 +45,7 @@ class DCDBsyncPuppet(openstack.OpenstackBasePuppet): def get_system_config(self): ksuser = self._get_service_user_name(self.SERVICE_NAME) - return { + config = { # The region in which the identity server can be found 'dcdbsync::region_name': self._keystone_region_name(), @@ -71,11 +73,29 @@ class DCDBsyncPuppet(openstack.OpenstackBasePuppet): self._to_create_services(), } + if utils.is_openstack_applied(self.dbapi): + helm_data = helm.HelmOperatorData(self.dbapi) + + # The dcdbsync instance for openstack is authenticated with + # pod based keystone. + endpoints_data = helm_data.get_keystone_endpoint_data() + service_config = { + 'dcdbsync::openstack_init::region_name': + endpoints_data['region_name'], + 'dcdbsync::openstack_api::keystone_auth_uri': + endpoints_data['endpoint_override'], + 'dcdbsync::openstack_api::keystone_identity_uri': + endpoints_data['endpoint_override'], + } + config.update(service_config) + + return config + def get_secure_system_config(self): dbpass = self._get_database_password(self.IDENTITY_SERVICE_NAME) kspass = self._get_service_password(self.SERVICE_NAME) - return { + config = { 'dcdbsync::database_connection': self._format_database_connection( self.IDENTITY_SERVICE_NAME, @@ -85,6 +105,24 @@ class DCDBsyncPuppet(openstack.OpenstackBasePuppet): 'dcdbsync::api::keystone_password': kspass, } + if utils.is_openstack_applied(self.dbapi): + helm_data = helm.HelmOperatorData(self.dbapi) + + # The dcdbsync instance for openstack is authenticated with + # pod based keystone. + endpoints_data = helm_data.get_dcdbsync_endpoint_data() + db_data = helm_data.get_keystone_oslo_db_data() + + service_auth_config = { + 'dcdbsync::openstack_api::keystone_password': + endpoints_data['keystone_password'], + 'dcdbsync::openstack_init::database_connection': + db_data['connection'], + } + config.update(service_auth_config) + + return config + def get_public_url(self): return self._format_public_endpoint(self.SERVICE_PORT, path=self.SERVICE_PATH)