dcdbsync for containerized openstack services - config
This update contains changes to sysinv to deploy and config the dcdbsync instance for containerized openstack services, including: - Updated sysinv dcdbsync puppet plugin to retrieve information from helm for the dcdbsync runtime puppet to generate configuration file. - Update sysinv conductor to provision/deprovision the openstack dcdbsync service. The overall procedure is, during stx-openstack app application, dcdbsync identities will be created in containerized keystone. After stx-openstack is successfully applied the dcdbsync runtime puppet is called to generate the configuration file for openstack dcdbsync instance with some information retrieved from helm (particularly keystone passwords). Finally sm runtime is called to bring up the dcdbsync service into running. When stx-openstack app is removed, openstack dcdbsync instance will be cleanup with configuration file removed and service deprovisioned and stopped. Change-Id: I367576eefdd3eb5e4482a95aba8ca34dd968487a Story: 2004766 Task: 36104 Depends-On: https://review.opendev.org/#/c/682154/ Depends-On: https://review.opendev.org/#/c/682155/ Signed-off-by: Andy Ning <andy.ning@windriver.com>
This commit is contained in:
parent
8e51a4bb54
commit
23fa2454ae
@ -113,6 +113,7 @@ systemconfig.helm_plugins.stx_openstack =
|
||||
026_nginx-ports-control = sysinv.helm.nginx_ports_control:NginxPortsControlHelm
|
||||
027_version_check = sysinv.helm.openstack_version_check:StxOpenstackVersionCheckHelm
|
||||
028_fm-rest-api = sysinv.helm.fm_rest_api:FmRestApiHelm
|
||||
029_dcdbsync = sysinv.helm.dcdbsync:DcdbsyncHelm
|
||||
|
||||
systemconfig.armada.manifest_ops =
|
||||
generic = sysinv.helm.manifest_generic:GenericArmadaManifestOperator
|
||||
|
@ -6432,7 +6432,8 @@ class ConductorManager(service.PeriodicService):
|
||||
|
||||
config_dict = {
|
||||
"personalities": personalities,
|
||||
"classes": ['platform::sm::stx_openstack::runtime']
|
||||
"classes": ['platform::sm::stx_openstack::runtime',
|
||||
'platform::dcdbsync::stx_openstack::runtime']
|
||||
}
|
||||
|
||||
self._config_apply_runtime_manifest(context,
|
||||
@ -6450,6 +6451,7 @@ class ConductorManager(service.PeriodicService):
|
||||
config_dict = {
|
||||
"personalities": personalities,
|
||||
"classes": ['platform::nfv::runtime',
|
||||
'platform::dcdbsync::stx_openstack::runtime',
|
||||
'platform::sm::stx_openstack::runtime']
|
||||
}
|
||||
|
||||
|
@ -57,6 +57,7 @@ HELM_CHART_HELM_TOOLKIT = 'helm-toolkit'
|
||||
HELM_CHART_KEYSTONE_API_PROXY = 'keystone-api-proxy'
|
||||
HELM_CHART_SWIFT = 'ceph-rgw'
|
||||
HELM_CHART_NGINX_PORTS_CONTROL = "nginx-ports-control"
|
||||
HELM_CHART_DCDBSYNC = 'dcdbsync'
|
||||
|
||||
HELM_CHART_ELASTICSEARCH = 'elasticsearch'
|
||||
HELM_CHART_KIBANA = 'kibana'
|
||||
|
61
sysinv/sysinv/sysinv/sysinv/helm/dcdbsync.py
Normal file
61
sysinv/sysinv/sysinv/sysinv/helm/dcdbsync.py
Normal file
@ -0,0 +1,61 @@
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
||||
from sysinv.common import constants
|
||||
from sysinv.common import exception
|
||||
from sysinv.helm import common
|
||||
from sysinv.helm import openstack
|
||||
|
||||
|
||||
class DcdbsyncHelm(openstack.OpenstackBaseHelm):
|
||||
"""Class to encapsulate helm operations for the dcdbsync chart"""
|
||||
|
||||
CHART = common.HELM_CHART_DCDBSYNC
|
||||
AUTH_USERS = ['dcdbsync']
|
||||
SERVICE_NAME = common.HELM_CHART_DCDBSYNC
|
||||
|
||||
def _is_enabled(self, app_name, chart_name, namespace):
|
||||
# First, see if this chart is enabled by the user then adjust based on
|
||||
# system conditions
|
||||
enabled = super(DcdbsyncHelm, self)._is_enabled(
|
||||
app_name, chart_name, namespace)
|
||||
if enabled \
|
||||
and (self._distributed_cloud_role() !=
|
||||
constants.DISTRIBUTED_CLOUD_ROLE_SYSTEMCONTROLLER) \
|
||||
and (self._distributed_cloud_role() !=
|
||||
constants.DISTRIBUTED_CLOUD_ROLE_SUBCLOUD):
|
||||
enabled = False
|
||||
return enabled
|
||||
|
||||
def execute_manifest_updates(self, operator):
|
||||
if self._is_enabled(operator.APP,
|
||||
self.CHART, common.HELM_NS_OPENSTACK):
|
||||
operator.manifest_chart_groups_insert(
|
||||
operator.ARMADA_MANIFEST,
|
||||
operator.CHART_GROUPS_LUT[self.CHART])
|
||||
|
||||
def get_overrides(self, namespace=None):
|
||||
overrides = {
|
||||
common.HELM_NS_OPENSTACK: {
|
||||
'endpoints': self._get_endpoints_overrides(),
|
||||
}
|
||||
}
|
||||
|
||||
if namespace in self.SUPPORTED_NAMESPACES:
|
||||
return overrides[namespace]
|
||||
elif namespace:
|
||||
raise exception.InvalidHelmNamespace(chart=self.CHART,
|
||||
namespace=namespace)
|
||||
else:
|
||||
return overrides
|
||||
|
||||
def _get_endpoints_overrides(self):
|
||||
return {
|
||||
'identity': {
|
||||
'auth': self._get_endpoints_identity_overrides(
|
||||
self.SERVICE_NAME, self.AUTH_USERS),
|
||||
},
|
||||
}
|
@ -735,9 +735,40 @@ class HelmOperatorData(HelmOperator):
|
||||
keystone_operator.get_admin_user_domain(),
|
||||
'admin_project_domain':
|
||||
keystone_operator.get_admin_project_domain(),
|
||||
'admin_password':
|
||||
keystone_operator.get_admin_password(),
|
||||
}
|
||||
return auth_data
|
||||
|
||||
@helm_context
|
||||
def get_keystone_endpoint_data(self):
|
||||
keystone_operator = self.chart_operators[common.HELM_CHART_KEYSTONE]
|
||||
endpoint_data = {
|
||||
'endpoint_override':
|
||||
'http://keystone.openstack.svc.cluster.local:80',
|
||||
'region_name':
|
||||
keystone_operator.get_region_name(),
|
||||
}
|
||||
return endpoint_data
|
||||
|
||||
@helm_context
|
||||
def get_keystone_oslo_db_data(self):
|
||||
keystone_operator = self.chart_operators[common.HELM_CHART_KEYSTONE]
|
||||
endpoints_overrides = keystone_operator.\
|
||||
_get_endpoints_oslo_db_overrides(common.HELM_CHART_KEYSTONE,
|
||||
['keystone'])
|
||||
|
||||
password = endpoints_overrides['keystone']['password']
|
||||
connection = "mysql+pymysql://keystone:%s@" \
|
||||
"mariadb.openstack.svc.cluster.local:3306/keystone"\
|
||||
% (password)
|
||||
|
||||
endpoint_data = {
|
||||
'connection':
|
||||
connection,
|
||||
}
|
||||
return endpoint_data
|
||||
|
||||
@helm_context
|
||||
def get_nova_endpoint_data(self):
|
||||
nova_operator = self.chart_operators[common.HELM_CHART_NOVA]
|
||||
@ -822,3 +853,14 @@ class HelmOperatorData(HelmOperator):
|
||||
ceilometer_operator.get_region_name(),
|
||||
}
|
||||
return endpoint_data
|
||||
|
||||
@helm_context
|
||||
def get_dcdbsync_endpoint_data(self):
|
||||
dcdbsync_operator = self.chart_operators[common.HELM_CHART_DCDBSYNC]
|
||||
endpoints_overrides = dcdbsync_operator._get_endpoints_overrides()
|
||||
endpoint_data = {
|
||||
'keystone_password':
|
||||
endpoints_overrides['identity']['auth']['dcdbsync']
|
||||
['password'],
|
||||
}
|
||||
return endpoint_data
|
||||
|
@ -268,3 +268,12 @@ class KeystoneHelm(openstack.OpenstackBaseHelm):
|
||||
if service_config is not None:
|
||||
return service_config.capabilities.get('admin_project_domain')
|
||||
return self.DEFAULT_DOMAIN_NAME
|
||||
|
||||
def get_admin_password(self):
|
||||
o_user = self.get_admin_user_name()
|
||||
o_service = common.SERVICE_ADMIN
|
||||
|
||||
return self._get_identity_password(o_service, o_user)
|
||||
|
||||
def get_region_name(self):
|
||||
return self._get_service_region_name(self.SERVICE_NAME)
|
||||
|
@ -16,6 +16,7 @@ from sysinv.helm.aodh import AodhHelm
|
||||
from sysinv.helm.barbican import BarbicanHelm
|
||||
from sysinv.helm.ceilometer import CeilometerHelm
|
||||
from sysinv.helm.cinder import CinderHelm
|
||||
from sysinv.helm.dcdbsync import DcdbsyncHelm
|
||||
from sysinv.helm.fm_rest_api import FmRestApiHelm
|
||||
from sysinv.helm.garbd import GarbdHelm
|
||||
from sysinv.helm.glance import GlanceHelm
|
||||
@ -67,6 +68,7 @@ class OpenstackArmadaManifestOperator(base.ArmadaManifestOperator):
|
||||
CHART_GROUP_HEAT = 'openstack-heat'
|
||||
CHART_GROUP_HORIZON = 'openstack-horizon'
|
||||
CHART_GROUP_TELEMETRY = 'openstack-telemetry'
|
||||
CHART_GROUP_DCDBSYNC = 'openstack-dcdbsync'
|
||||
|
||||
CHART_GROUPS_LUT = {
|
||||
AodhHelm.CHART: CHART_GROUP_TELEMETRY,
|
||||
@ -96,6 +98,7 @@ class OpenstackArmadaManifestOperator(base.ArmadaManifestOperator):
|
||||
PlacementHelm.CHART: CHART_GROUP_COMPUTE_KIT,
|
||||
RabbitmqHelm.CHART: CHART_GROUP_RABBITMQ,
|
||||
SwiftHelm.CHART: CHART_GROUP_SWIFT,
|
||||
DcdbsyncHelm.CHART: CHART_GROUP_DCDBSYNC,
|
||||
}
|
||||
|
||||
CHARTS_LUT = {
|
||||
@ -126,6 +129,7 @@ class OpenstackArmadaManifestOperator(base.ArmadaManifestOperator):
|
||||
PlacementHelm.CHART: 'openstack-placement',
|
||||
RabbitmqHelm.CHART: 'openstack-rabbitmq',
|
||||
SwiftHelm.CHART: 'openstack-ceph-rgw',
|
||||
DcdbsyncHelm.CHART: 'openstack-dcdbsync',
|
||||
}
|
||||
|
||||
def platform_mode_manifest_updates(self, dbapi, mode):
|
||||
|
@ -5,6 +5,8 @@
|
||||
#
|
||||
|
||||
from sysinv.common import constants
|
||||
from sysinv.common import utils
|
||||
from sysinv.helm import helm
|
||||
from sysinv.puppet import openstack
|
||||
|
||||
|
||||
@ -43,7 +45,7 @@ class DCDBsyncPuppet(openstack.OpenstackBasePuppet):
|
||||
def get_system_config(self):
|
||||
ksuser = self._get_service_user_name(self.SERVICE_NAME)
|
||||
|
||||
return {
|
||||
config = {
|
||||
# The region in which the identity server can be found
|
||||
'dcdbsync::region_name': self._keystone_region_name(),
|
||||
|
||||
@ -71,11 +73,29 @@ class DCDBsyncPuppet(openstack.OpenstackBasePuppet):
|
||||
self._to_create_services(),
|
||||
}
|
||||
|
||||
if utils.is_openstack_applied(self.dbapi):
|
||||
helm_data = helm.HelmOperatorData(self.dbapi)
|
||||
|
||||
# The dcdbsync instance for openstack is authenticated with
|
||||
# pod based keystone.
|
||||
endpoints_data = helm_data.get_keystone_endpoint_data()
|
||||
service_config = {
|
||||
'dcdbsync::openstack_init::region_name':
|
||||
endpoints_data['region_name'],
|
||||
'dcdbsync::openstack_api::keystone_auth_uri':
|
||||
endpoints_data['endpoint_override'],
|
||||
'dcdbsync::openstack_api::keystone_identity_uri':
|
||||
endpoints_data['endpoint_override'],
|
||||
}
|
||||
config.update(service_config)
|
||||
|
||||
return config
|
||||
|
||||
def get_secure_system_config(self):
|
||||
dbpass = self._get_database_password(self.IDENTITY_SERVICE_NAME)
|
||||
kspass = self._get_service_password(self.SERVICE_NAME)
|
||||
|
||||
return {
|
||||
config = {
|
||||
'dcdbsync::database_connection':
|
||||
self._format_database_connection(
|
||||
self.IDENTITY_SERVICE_NAME,
|
||||
@ -85,6 +105,24 @@ class DCDBsyncPuppet(openstack.OpenstackBasePuppet):
|
||||
'dcdbsync::api::keystone_password': kspass,
|
||||
}
|
||||
|
||||
if utils.is_openstack_applied(self.dbapi):
|
||||
helm_data = helm.HelmOperatorData(self.dbapi)
|
||||
|
||||
# The dcdbsync instance for openstack is authenticated with
|
||||
# pod based keystone.
|
||||
endpoints_data = helm_data.get_dcdbsync_endpoint_data()
|
||||
db_data = helm_data.get_keystone_oslo_db_data()
|
||||
|
||||
service_auth_config = {
|
||||
'dcdbsync::openstack_api::keystone_password':
|
||||
endpoints_data['keystone_password'],
|
||||
'dcdbsync::openstack_init::database_connection':
|
||||
db_data['connection'],
|
||||
}
|
||||
config.update(service_auth_config)
|
||||
|
||||
return config
|
||||
|
||||
def get_public_url(self):
|
||||
return self._format_public_endpoint(self.SERVICE_PORT,
|
||||
path=self.SERVICE_PATH)
|
||||
|
Loading…
Reference in New Issue
Block a user