Merge "Keystone DB sync - update puppet manifest for dcdbsync service" into f/keystone-db
This commit is contained in:
commit
bcdf8c5905
@ -1,2 +1,2 @@
|
|||||||
SRC_DIR="src"
|
SRC_DIR="src"
|
||||||
TIS_PATCH_VER=80
|
TIS_PATCH_VER=81
|
||||||
|
@ -22,6 +22,7 @@ Requires: puppet-sysinv
|
|||||||
Requires: puppet-sshd
|
Requires: puppet-sshd
|
||||||
Requires: puppet-smapi
|
Requires: puppet-smapi
|
||||||
Requires: puppet-fm
|
Requires: puppet-fm
|
||||||
|
Requires: puppet-dcdbsync
|
||||||
|
|
||||||
# Openstack puppet modules
|
# Openstack puppet modules
|
||||||
Requires: puppet-aodh
|
Requires: puppet-aodh
|
||||||
|
@ -536,6 +536,11 @@ dcmanager::use_syslog: true
|
|||||||
dcmanager::log_facility: 'local2'
|
dcmanager::log_facility: 'local2'
|
||||||
dcmanager::debug: false
|
dcmanager::debug: false
|
||||||
|
|
||||||
|
# Dcdbsync
|
||||||
|
dbsync::use_syslog: true
|
||||||
|
dbsync::log_facility: 'local2'
|
||||||
|
dbsync::debug: false
|
||||||
|
|
||||||
# FM
|
# FM
|
||||||
fm::use_syslog: true
|
fm::use_syslog: true
|
||||||
fm::log_facility: 'local2'
|
fm::log_facility: 'local2'
|
||||||
|
@ -133,6 +133,9 @@ include ::platform::dcmanager::api
|
|||||||
|
|
||||||
include ::platform::dcorch::snmp
|
include ::platform::dcorch::snmp
|
||||||
|
|
||||||
|
include ::platform::dcdbsync
|
||||||
|
include ::platform::dcdbsync::api
|
||||||
|
|
||||||
include ::platform::smapi
|
include ::platform::smapi
|
||||||
|
|
||||||
include ::openstack::swift
|
include ::openstack::swift
|
||||||
|
@ -27,7 +27,8 @@
|
|||||||
["'murano':%(target.user.name)s"],
|
["'murano':%(target.user.name)s"],
|
||||||
["'panko':%(target.user.name)s"],
|
["'panko':%(target.user.name)s"],
|
||||||
["'gnocchi':%(target.user.name)s"],
|
["'gnocchi':%(target.user.name)s"],
|
||||||
["'fm':%(target.user.name)s"]],
|
["'fm':%(target.user.name)s"],
|
||||||
|
["'dcdbsync':%(target.user.name)s"]],
|
||||||
|
|
||||||
"identity:delete_service": "rule:admin_required and not rule:protected_services",
|
"identity:delete_service": "rule:admin_required and not rule:protected_services",
|
||||||
|
|
||||||
|
44
puppet-manifests/src/modules/platform/manifests/dcdbsync.pp
Normal file
44
puppet-manifests/src/modules/platform/manifests/dcdbsync.pp
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
class platform::dcdbsync::params (
|
||||||
|
$api_port = 8219,
|
||||||
|
$region_name = undef,
|
||||||
|
$service_create = false,
|
||||||
|
$service_enabled = false,
|
||||||
|
$default_endpoint_type = 'internalURL',
|
||||||
|
) {
|
||||||
|
include ::platform::params
|
||||||
|
}
|
||||||
|
|
||||||
|
class platform::dcdbsync
|
||||||
|
inherits ::platform::dcdbsync::params {
|
||||||
|
if ($::platform::params::distributed_cloud_role == 'systemcontroller' or
|
||||||
|
$::platform::params::distributed_cloud_role == 'subcloud') {
|
||||||
|
if $service_create {
|
||||||
|
if $::platform::params::init_keystone {
|
||||||
|
include ::dcdbsync::keystone::auth
|
||||||
|
}
|
||||||
|
|
||||||
|
class { '::dcdbsync': }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
class platform::dcdbsync::api
|
||||||
|
inherits ::platform::dcdbsync::params {
|
||||||
|
if ($::platform::params::distributed_cloud_role == 'systemcontroller' or
|
||||||
|
$::platform::params::distributed_cloud_role == 'subcloud') {
|
||||||
|
if $service_create {
|
||||||
|
include ::platform::network::mgmt::params
|
||||||
|
|
||||||
|
$api_host = $::platform::network::mgmt::params::controller_address
|
||||||
|
$api_fqdn = $::platform::params::controller_hostname
|
||||||
|
$url_host = "http://${api_fqdn}:${api_port}"
|
||||||
|
|
||||||
|
class { '::dcdbsync::api':
|
||||||
|
bind_host => $api_host,
|
||||||
|
bind_port => $api_port,
|
||||||
|
enabled => $service_enabled,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -572,6 +572,22 @@ class platform::sm
|
|||||||
if $::platform::params::distributed_cloud_role =='subcloud' {
|
if $::platform::params::distributed_cloud_role =='subcloud' {
|
||||||
$configure_keystone = true
|
$configure_keystone = true
|
||||||
|
|
||||||
|
# Provision and configure dcorch dbsync when running as a subcloud
|
||||||
|
exec { 'Provision distributed-cloud-services (service-domain-member distributed-cloud-services)':
|
||||||
|
command => 'sm-provision service-domain-member controller distributed-cloud-services',
|
||||||
|
}
|
||||||
|
-> exec { 'Provision distributed-cloud-services (service-group distributed-cloud-services)':
|
||||||
|
command => 'sm-provision service-group distributed-cloud-services',
|
||||||
|
}
|
||||||
|
-> exec { 'Provision DCDBsync-RestApi (service-group-member dcdbsync-api)':
|
||||||
|
command => 'sm-provision service-group-member distributed-cloud-services dcdbsync-api',
|
||||||
|
}
|
||||||
|
-> exec { 'Provision DCDBsync-RestApi in SM (service dcdbsync-api)':
|
||||||
|
command => 'sm-provision service dcdbsync-api',
|
||||||
|
}
|
||||||
|
-> exec { 'Configure OpenStack - DCDBsync-API':
|
||||||
|
command => "sm-configure service_instance dcdbsync-api dcdbsync-api \"\"",
|
||||||
|
}
|
||||||
# Deprovision Horizon when running as a subcloud
|
# Deprovision Horizon when running as a subcloud
|
||||||
exec { 'Deprovision OpenStack - Horizon (service-group-member)':
|
exec { 'Deprovision OpenStack - Horizon (service-group-member)':
|
||||||
command => 'sm-deprovision service-group-member web-services horizon',
|
command => 'sm-deprovision service-group-member web-services horizon',
|
||||||
@ -1698,6 +1714,12 @@ class platform::sm
|
|||||||
-> exec { 'Provision DCOrch-Patch-Api-Proxy in SM (service dcorch-patch-api-proxy)':
|
-> exec { 'Provision DCOrch-Patch-Api-Proxy in SM (service dcorch-patch-api-proxy)':
|
||||||
command => 'sm-provision service dcorch-patch-api-proxy',
|
command => 'sm-provision service dcorch-patch-api-proxy',
|
||||||
}
|
}
|
||||||
|
-> exec { 'Provision DCDBsync-RestApi (service-group-member dcdbsync-api)':
|
||||||
|
command => 'sm-provision service-group-member distributed-cloud-services dcdbsync-api',
|
||||||
|
}
|
||||||
|
-> exec { 'Provision DCDBsync-RestApi in SM (service dcdbsync-api)':
|
||||||
|
command => 'sm-provision service dcdbsync-api',
|
||||||
|
}
|
||||||
-> exec { 'Configure Platform - DCManager-Manager':
|
-> exec { 'Configure Platform - DCManager-Manager':
|
||||||
command => "sm-configure service_instance dcmanager-manager dcmanager-manager \"\"",
|
command => "sm-configure service_instance dcmanager-manager dcmanager-manager \"\"",
|
||||||
}
|
}
|
||||||
@ -1725,6 +1747,9 @@ class platform::sm
|
|||||||
-> exec { 'Configure OpenStack - DCOrch-patch-api-proxy':
|
-> exec { 'Configure OpenStack - DCOrch-patch-api-proxy':
|
||||||
command => "sm-configure service_instance dcorch-patch-api-proxy dcorch-patch-api-proxy \"\"",
|
command => "sm-configure service_instance dcorch-patch-api-proxy dcorch-patch-api-proxy \"\"",
|
||||||
}
|
}
|
||||||
|
-> exec { 'Configure OpenStack - DCDBsync-API':
|
||||||
|
command => "sm-configure service_instance dcdbsync-api dcdbsync-api \"\"",
|
||||||
|
}
|
||||||
if $cinder_service_enabled {
|
if $cinder_service_enabled {
|
||||||
notice('Enable cinder-api-proxy')
|
notice('Enable cinder-api-proxy')
|
||||||
exec { 'Provision DCOrch-Cinder-Api-Proxy (service-group-member dcorch-cinder-api-proxy)':
|
exec { 'Provision DCOrch-Cinder-Api-Proxy (service-group-member dcorch-cinder-api-proxy)':
|
||||||
|
@ -66,12 +66,13 @@ systemconfig.puppet_plugins =
|
|||||||
026_panko = sysinv.puppet.panko:PankoPuppet
|
026_panko = sysinv.puppet.panko:PankoPuppet
|
||||||
027_dcmanager = sysinv.puppet.dcmanager:DCManagerPuppet
|
027_dcmanager = sysinv.puppet.dcmanager:DCManagerPuppet
|
||||||
028_dcorch = sysinv.puppet.dcorch:DCOrchPuppet
|
028_dcorch = sysinv.puppet.dcorch:DCOrchPuppet
|
||||||
029_kubernetes = sysinv.puppet.kubernetes:KubernetesPuppet
|
029_dcdbsync = sysinv.puppet.dcdbsync:DCDBsyncPuppet
|
||||||
030_smapi = sysinv.puppet.smapi:SmPuppet
|
030_kubernetes = sysinv.puppet.kubernetes:KubernetesPuppet
|
||||||
031_fm = sysinv.puppet.fm:FmPuppet
|
031_smapi = sysinv.puppet.smapi:SmPuppet
|
||||||
032_swift = sysinv.puppet.swift:SwiftPuppet
|
032_fm = sysinv.puppet.fm:FmPuppet
|
||||||
033_service_parameter = sysinv.puppet.service_parameter:ServiceParamPuppet
|
033_swift = sysinv.puppet.swift:SwiftPuppet
|
||||||
034_barbican = sysinv.puppet.barbican:BarbicanPuppet
|
034_service_parameter = sysinv.puppet.service_parameter:ServiceParamPuppet
|
||||||
|
035_barbican = sysinv.puppet.barbican:BarbicanPuppet
|
||||||
|
|
||||||
systemconfig.helm_plugins =
|
systemconfig.helm_plugins =
|
||||||
aodh = sysinv.helm.aodh:AodhHelm
|
aodh = sysinv.helm.aodh:AodhHelm
|
||||||
|
101
sysinv/sysinv/sysinv/sysinv/puppet/dcdbsync.py
Normal file
101
sysinv/sysinv/sysinv/sysinv/puppet/dcdbsync.py
Normal file
@ -0,0 +1,101 @@
|
|||||||
|
#
|
||||||
|
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||||
|
#
|
||||||
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
#
|
||||||
|
|
||||||
|
from sysinv.common import constants
|
||||||
|
from sysinv.puppet import openstack
|
||||||
|
|
||||||
|
|
||||||
|
class DCDBsyncPuppet(openstack.OpenstackBasePuppet):
|
||||||
|
"""Class to encapsulate puppet operations for dcdbsync
|
||||||
|
configuration"""
|
||||||
|
|
||||||
|
SERVICE_NAME = 'dcdbsync'
|
||||||
|
SERVICE_PORT = 8219
|
||||||
|
SERVICE_PATH = 'v1.0'
|
||||||
|
IDENTITY_SERVICE_NAME = 'keystone'
|
||||||
|
IDENTITY_SERVICE_DB = 'keystone'
|
||||||
|
|
||||||
|
def get_static_config(self):
|
||||||
|
dbuser = self._get_database_username(self.IDENTITY_SERVICE_NAME)
|
||||||
|
|
||||||
|
return {
|
||||||
|
'dcdbsync::db::postgresql::user': dbuser,
|
||||||
|
}
|
||||||
|
|
||||||
|
def get_secure_static_config(self):
|
||||||
|
dbpass = self._get_database_password(self.IDENTITY_SERVICE_NAME)
|
||||||
|
kspass = self._get_service_password(self.SERVICE_NAME)
|
||||||
|
|
||||||
|
# initial bootstrap is bound to localhost
|
||||||
|
dburl = self._format_database_connection(self.IDENTITY_SERVICE_NAME,
|
||||||
|
constants.LOCALHOST_HOSTNAME,
|
||||||
|
database=self.IDENTITY_SERVICE_DB)
|
||||||
|
return {
|
||||||
|
'dcdbsync::database_connection': dburl,
|
||||||
|
'dcdbsync::db::postgresql::password': dbpass,
|
||||||
|
'dcdbsync::keystone::auth::password': kspass,
|
||||||
|
'dcdbsync::api::keystone_password': kspass,
|
||||||
|
}
|
||||||
|
|
||||||
|
def get_system_config(self):
|
||||||
|
ksuser = self._get_service_user_name(self.SERVICE_NAME)
|
||||||
|
|
||||||
|
return {
|
||||||
|
# The region in which the identity server can be found
|
||||||
|
'dcdbsync::region_name': self._keystone_region_name(),
|
||||||
|
|
||||||
|
'dcdbsync::keystone::auth::public_url': self.get_public_url(),
|
||||||
|
'dcdbsync::keystone::auth::internal_url': self.get_internal_url(),
|
||||||
|
'dcdbsync::keystone::auth::admin_url': self.get_admin_url(),
|
||||||
|
'dcdbsync::keystone::auth::region': self._region_name(),
|
||||||
|
'dcdbsync::keystone::auth::auth_name': ksuser,
|
||||||
|
'dcdbsync::keystone::auth::auth_domain':
|
||||||
|
self._get_service_user_domain_name(),
|
||||||
|
'dcdbsync::keystone::auth::service_name': self.SERVICE_NAME,
|
||||||
|
'dcdbsync::keystone::auth::tenant': self._get_service_tenant_name(),
|
||||||
|
'dcdbsync::api::bind_host': self._get_management_address(),
|
||||||
|
'dcdbsync::api::keystone_auth_uri': self._keystone_auth_uri(),
|
||||||
|
'dcdbsync::api::keystone_identity_uri':
|
||||||
|
self._keystone_identity_uri(),
|
||||||
|
'dcdbsync::api::keystone_tenant': self._get_service_project_name(),
|
||||||
|
'dcdbsync::api::keystone_user_domain':
|
||||||
|
self._get_service_user_domain_name(),
|
||||||
|
'dcdbsync::api::keystone_project_domain':
|
||||||
|
self._get_service_project_domain_name(),
|
||||||
|
'dcdbsync::api::keystone_user': ksuser,
|
||||||
|
'platform::dcdbsync::params::region_name': self.get_region_name(),
|
||||||
|
'platform::dcdbsync::params::service_create':
|
||||||
|
self._to_create_services(),
|
||||||
|
}
|
||||||
|
|
||||||
|
def get_secure_system_config(self):
|
||||||
|
dbpass = self._get_database_password(self.IDENTITY_SERVICE_NAME)
|
||||||
|
kspass = self._get_service_password(self.SERVICE_NAME)
|
||||||
|
|
||||||
|
return {
|
||||||
|
'dcdbsync::database_connection':
|
||||||
|
self._format_database_connection(
|
||||||
|
self.IDENTITY_SERVICE_NAME,
|
||||||
|
database=self.IDENTITY_SERVICE_DB),
|
||||||
|
'dcdbsync::db::postgresql::password': dbpass,
|
||||||
|
'dcdbsync::keystone::auth::password': kspass,
|
||||||
|
'dcdbsync::api::keystone_password': kspass,
|
||||||
|
}
|
||||||
|
|
||||||
|
def get_public_url(self):
|
||||||
|
return self._format_public_endpoint(self.SERVICE_PORT,
|
||||||
|
path=self.SERVICE_PATH)
|
||||||
|
|
||||||
|
def get_internal_url(self):
|
||||||
|
return self._format_private_endpoint(self.SERVICE_PORT,
|
||||||
|
path=self.SERVICE_PATH)
|
||||||
|
|
||||||
|
def get_admin_url(self):
|
||||||
|
return self._format_private_endpoint(self.SERVICE_PORT,
|
||||||
|
path=self.SERVICE_PATH)
|
||||||
|
|
||||||
|
def get_region_name(self):
|
||||||
|
return self._get_service_region_name(self.SERVICE_NAME)
|
Loading…
Reference in New Issue
Block a user