Merge "Keystone DB sync - update puppet manifest for dcdbsync service" into f/keystone-db
This commit is contained in:
commit
bcdf8c5905
|
@ -1,2 +1,2 @@
|
|||
SRC_DIR="src"
|
||||
TIS_PATCH_VER=80
|
||||
TIS_PATCH_VER=81
|
||||
|
|
|
@ -22,6 +22,7 @@ Requires: puppet-sysinv
|
|||
Requires: puppet-sshd
|
||||
Requires: puppet-smapi
|
||||
Requires: puppet-fm
|
||||
Requires: puppet-dcdbsync
|
||||
|
||||
# Openstack puppet modules
|
||||
Requires: puppet-aodh
|
||||
|
|
|
@ -536,6 +536,11 @@ dcmanager::use_syslog: true
|
|||
dcmanager::log_facility: 'local2'
|
||||
dcmanager::debug: false
|
||||
|
||||
# Dcdbsync
|
||||
dbsync::use_syslog: true
|
||||
dbsync::log_facility: 'local2'
|
||||
dbsync::debug: false
|
||||
|
||||
# FM
|
||||
fm::use_syslog: true
|
||||
fm::log_facility: 'local2'
|
||||
|
|
|
@ -133,6 +133,9 @@ include ::platform::dcmanager::api
|
|||
|
||||
include ::platform::dcorch::snmp
|
||||
|
||||
include ::platform::dcdbsync
|
||||
include ::platform::dcdbsync::api
|
||||
|
||||
include ::platform::smapi
|
||||
|
||||
include ::openstack::swift
|
||||
|
|
|
@ -27,7 +27,8 @@
|
|||
["'murano':%(target.user.name)s"],
|
||||
["'panko':%(target.user.name)s"],
|
||||
["'gnocchi':%(target.user.name)s"],
|
||||
["'fm':%(target.user.name)s"]],
|
||||
["'fm':%(target.user.name)s"],
|
||||
["'dcdbsync':%(target.user.name)s"]],
|
||||
|
||||
"identity:delete_service": "rule:admin_required and not rule:protected_services",
|
||||
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
class platform::dcdbsync::params (
|
||||
$api_port = 8219,
|
||||
$region_name = undef,
|
||||
$service_create = false,
|
||||
$service_enabled = false,
|
||||
$default_endpoint_type = 'internalURL',
|
||||
) {
|
||||
include ::platform::params
|
||||
}
|
||||
|
||||
class platform::dcdbsync
|
||||
inherits ::platform::dcdbsync::params {
|
||||
if ($::platform::params::distributed_cloud_role == 'systemcontroller' or
|
||||
$::platform::params::distributed_cloud_role == 'subcloud') {
|
||||
if $service_create {
|
||||
if $::platform::params::init_keystone {
|
||||
include ::dcdbsync::keystone::auth
|
||||
}
|
||||
|
||||
class { '::dcdbsync': }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
class platform::dcdbsync::api
|
||||
inherits ::platform::dcdbsync::params {
|
||||
if ($::platform::params::distributed_cloud_role == 'systemcontroller' or
|
||||
$::platform::params::distributed_cloud_role == 'subcloud') {
|
||||
if $service_create {
|
||||
include ::platform::network::mgmt::params
|
||||
|
||||
$api_host = $::platform::network::mgmt::params::controller_address
|
||||
$api_fqdn = $::platform::params::controller_hostname
|
||||
$url_host = "http://${api_fqdn}:${api_port}"
|
||||
|
||||
class { '::dcdbsync::api':
|
||||
bind_host => $api_host,
|
||||
bind_port => $api_port,
|
||||
enabled => $service_enabled,
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -572,6 +572,22 @@ class platform::sm
|
|||
if $::platform::params::distributed_cloud_role =='subcloud' {
|
||||
$configure_keystone = true
|
||||
|
||||
# Provision and configure dcorch dbsync when running as a subcloud
|
||||
exec { 'Provision distributed-cloud-services (service-domain-member distributed-cloud-services)':
|
||||
command => 'sm-provision service-domain-member controller distributed-cloud-services',
|
||||
}
|
||||
-> exec { 'Provision distributed-cloud-services (service-group distributed-cloud-services)':
|
||||
command => 'sm-provision service-group distributed-cloud-services',
|
||||
}
|
||||
-> exec { 'Provision DCDBsync-RestApi (service-group-member dcdbsync-api)':
|
||||
command => 'sm-provision service-group-member distributed-cloud-services dcdbsync-api',
|
||||
}
|
||||
-> exec { 'Provision DCDBsync-RestApi in SM (service dcdbsync-api)':
|
||||
command => 'sm-provision service dcdbsync-api',
|
||||
}
|
||||
-> exec { 'Configure OpenStack - DCDBsync-API':
|
||||
command => "sm-configure service_instance dcdbsync-api dcdbsync-api \"\"",
|
||||
}
|
||||
# Deprovision Horizon when running as a subcloud
|
||||
exec { 'Deprovision OpenStack - Horizon (service-group-member)':
|
||||
command => 'sm-deprovision service-group-member web-services horizon',
|
||||
|
@ -1698,6 +1714,12 @@ class platform::sm
|
|||
-> exec { 'Provision DCOrch-Patch-Api-Proxy in SM (service dcorch-patch-api-proxy)':
|
||||
command => 'sm-provision service dcorch-patch-api-proxy',
|
||||
}
|
||||
-> exec { 'Provision DCDBsync-RestApi (service-group-member dcdbsync-api)':
|
||||
command => 'sm-provision service-group-member distributed-cloud-services dcdbsync-api',
|
||||
}
|
||||
-> exec { 'Provision DCDBsync-RestApi in SM (service dcdbsync-api)':
|
||||
command => 'sm-provision service dcdbsync-api',
|
||||
}
|
||||
-> exec { 'Configure Platform - DCManager-Manager':
|
||||
command => "sm-configure service_instance dcmanager-manager dcmanager-manager \"\"",
|
||||
}
|
||||
|
@ -1725,6 +1747,9 @@ class platform::sm
|
|||
-> exec { 'Configure OpenStack - DCOrch-patch-api-proxy':
|
||||
command => "sm-configure service_instance dcorch-patch-api-proxy dcorch-patch-api-proxy \"\"",
|
||||
}
|
||||
-> exec { 'Configure OpenStack - DCDBsync-API':
|
||||
command => "sm-configure service_instance dcdbsync-api dcdbsync-api \"\"",
|
||||
}
|
||||
if $cinder_service_enabled {
|
||||
notice('Enable cinder-api-proxy')
|
||||
exec { 'Provision DCOrch-Cinder-Api-Proxy (service-group-member dcorch-cinder-api-proxy)':
|
||||
|
|
|
@ -66,12 +66,13 @@ systemconfig.puppet_plugins =
|
|||
026_panko = sysinv.puppet.panko:PankoPuppet
|
||||
027_dcmanager = sysinv.puppet.dcmanager:DCManagerPuppet
|
||||
028_dcorch = sysinv.puppet.dcorch:DCOrchPuppet
|
||||
029_kubernetes = sysinv.puppet.kubernetes:KubernetesPuppet
|
||||
030_smapi = sysinv.puppet.smapi:SmPuppet
|
||||
031_fm = sysinv.puppet.fm:FmPuppet
|
||||
032_swift = sysinv.puppet.swift:SwiftPuppet
|
||||
033_service_parameter = sysinv.puppet.service_parameter:ServiceParamPuppet
|
||||
034_barbican = sysinv.puppet.barbican:BarbicanPuppet
|
||||
029_dcdbsync = sysinv.puppet.dcdbsync:DCDBsyncPuppet
|
||||
030_kubernetes = sysinv.puppet.kubernetes:KubernetesPuppet
|
||||
031_smapi = sysinv.puppet.smapi:SmPuppet
|
||||
032_fm = sysinv.puppet.fm:FmPuppet
|
||||
033_swift = sysinv.puppet.swift:SwiftPuppet
|
||||
034_service_parameter = sysinv.puppet.service_parameter:ServiceParamPuppet
|
||||
035_barbican = sysinv.puppet.barbican:BarbicanPuppet
|
||||
|
||||
systemconfig.helm_plugins =
|
||||
aodh = sysinv.helm.aodh:AodhHelm
|
||||
|
|
|
@ -0,0 +1,101 @@
|
|||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
||||
from sysinv.common import constants
|
||||
from sysinv.puppet import openstack
|
||||
|
||||
|
||||
class DCDBsyncPuppet(openstack.OpenstackBasePuppet):
|
||||
"""Class to encapsulate puppet operations for dcdbsync
|
||||
configuration"""
|
||||
|
||||
SERVICE_NAME = 'dcdbsync'
|
||||
SERVICE_PORT = 8219
|
||||
SERVICE_PATH = 'v1.0'
|
||||
IDENTITY_SERVICE_NAME = 'keystone'
|
||||
IDENTITY_SERVICE_DB = 'keystone'
|
||||
|
||||
def get_static_config(self):
|
||||
dbuser = self._get_database_username(self.IDENTITY_SERVICE_NAME)
|
||||
|
||||
return {
|
||||
'dcdbsync::db::postgresql::user': dbuser,
|
||||
}
|
||||
|
||||
def get_secure_static_config(self):
|
||||
dbpass = self._get_database_password(self.IDENTITY_SERVICE_NAME)
|
||||
kspass = self._get_service_password(self.SERVICE_NAME)
|
||||
|
||||
# initial bootstrap is bound to localhost
|
||||
dburl = self._format_database_connection(self.IDENTITY_SERVICE_NAME,
|
||||
constants.LOCALHOST_HOSTNAME,
|
||||
database=self.IDENTITY_SERVICE_DB)
|
||||
return {
|
||||
'dcdbsync::database_connection': dburl,
|
||||
'dcdbsync::db::postgresql::password': dbpass,
|
||||
'dcdbsync::keystone::auth::password': kspass,
|
||||
'dcdbsync::api::keystone_password': kspass,
|
||||
}
|
||||
|
||||
def get_system_config(self):
|
||||
ksuser = self._get_service_user_name(self.SERVICE_NAME)
|
||||
|
||||
return {
|
||||
# The region in which the identity server can be found
|
||||
'dcdbsync::region_name': self._keystone_region_name(),
|
||||
|
||||
'dcdbsync::keystone::auth::public_url': self.get_public_url(),
|
||||
'dcdbsync::keystone::auth::internal_url': self.get_internal_url(),
|
||||
'dcdbsync::keystone::auth::admin_url': self.get_admin_url(),
|
||||
'dcdbsync::keystone::auth::region': self._region_name(),
|
||||
'dcdbsync::keystone::auth::auth_name': ksuser,
|
||||
'dcdbsync::keystone::auth::auth_domain':
|
||||
self._get_service_user_domain_name(),
|
||||
'dcdbsync::keystone::auth::service_name': self.SERVICE_NAME,
|
||||
'dcdbsync::keystone::auth::tenant': self._get_service_tenant_name(),
|
||||
'dcdbsync::api::bind_host': self._get_management_address(),
|
||||
'dcdbsync::api::keystone_auth_uri': self._keystone_auth_uri(),
|
||||
'dcdbsync::api::keystone_identity_uri':
|
||||
self._keystone_identity_uri(),
|
||||
'dcdbsync::api::keystone_tenant': self._get_service_project_name(),
|
||||
'dcdbsync::api::keystone_user_domain':
|
||||
self._get_service_user_domain_name(),
|
||||
'dcdbsync::api::keystone_project_domain':
|
||||
self._get_service_project_domain_name(),
|
||||
'dcdbsync::api::keystone_user': ksuser,
|
||||
'platform::dcdbsync::params::region_name': self.get_region_name(),
|
||||
'platform::dcdbsync::params::service_create':
|
||||
self._to_create_services(),
|
||||
}
|
||||
|
||||
def get_secure_system_config(self):
|
||||
dbpass = self._get_database_password(self.IDENTITY_SERVICE_NAME)
|
||||
kspass = self._get_service_password(self.SERVICE_NAME)
|
||||
|
||||
return {
|
||||
'dcdbsync::database_connection':
|
||||
self._format_database_connection(
|
||||
self.IDENTITY_SERVICE_NAME,
|
||||
database=self.IDENTITY_SERVICE_DB),
|
||||
'dcdbsync::db::postgresql::password': dbpass,
|
||||
'dcdbsync::keystone::auth::password': kspass,
|
||||
'dcdbsync::api::keystone_password': kspass,
|
||||
}
|
||||
|
||||
def get_public_url(self):
|
||||
return self._format_public_endpoint(self.SERVICE_PORT,
|
||||
path=self.SERVICE_PATH)
|
||||
|
||||
def get_internal_url(self):
|
||||
return self._format_private_endpoint(self.SERVICE_PORT,
|
||||
path=self.SERVICE_PATH)
|
||||
|
||||
def get_admin_url(self):
|
||||
return self._format_private_endpoint(self.SERVICE_PORT,
|
||||
path=self.SERVICE_PATH)
|
||||
|
||||
def get_region_name(self):
|
||||
return self._get_service_region_name(self.SERVICE_NAME)
|
Loading…
Reference in New Issue