starlingx/config
Code Issues Proposed changes

Merge "Keystone DB sync - update puppet manifest for dcdbsync service"

Browse Source
This commit is contained in:
Zuul
2019-05-07 21:38:01 +00:00
committed by Gerrit Code Review
parent 1b1a1a50bc 1906ebc5cb
commit dbd1a3a6ce
8 changed files with 188 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
puppet-manifests/centos/puppet-manifests.spec
View File

@@ -21,6 +21,7 @@ Requires: puppet-sysinv
Requires: puppet-sshd
Requires: puppet-smapi
Requires: puppet-fm
Requires: puppet-dcdbsync
# Openstack puppet modules
Requires: puppet-barbican

5
puppet-manifests/src/hieradata/controller.yaml
View File

@@ -210,6 +210,11 @@ dcmanager::use_syslog: true
dcmanager::log_facility: 'local2'
dcmanager::debug: false
# Dcdbsync
dbsync::use_syslog: true
dbsync::log_facility: 'local2'
dbsync::debug: false
# FM
fm::use_syslog: true
fm::log_facility: 'local2'

3
puppet-manifests/src/manifests/controller.pp
View File

@@ -90,6 +90,9 @@ include ::platform::dcmanager::api
include ::platform::dcorch::snmp
include ::platform::dcdbsync
include ::platform::dcdbsync::api
include ::platform::smapi
include ::openstack::barbican

3
puppet-manifests/src/modules/openstack/templates/keystone-policy.json.erb
View File

@@ -16,7 +16,8 @@
["'patching':%(target.user.name)s"],
["'sysinv':%(target.user.name)s"],
["'mtce':%(target.user.name)s"],
["'fm':%(target.user.name)s"]],
["'fm':%(target.user.name)s"],
["'dcdbsync':%(target.user.name)s"]],
"identity:delete_service": "rule:admin_required and not rule:protected_services",

44
puppet-manifests/src/modules/platform/manifests/dcdbsync.pp Normal file
View File

@@ -0,0 +1,44 @@
class platform::dcdbsync::params (
$api_port = 8219,
$region_name = undef,
$service_create = false,
$service_enabled = false,
$default_endpoint_type = 'internalURL',
) {
include ::platform::params
}
class platform::dcdbsync
inherits ::platform::dcdbsync::params {
if ($::platform::params::distributed_cloud_role == 'systemcontroller' or
$::platform::params::distributed_cloud_role == 'subcloud') {
if $service_create {
if $::platform::params::init_keystone {
include ::dcdbsync::keystone::auth
}
class { '::dcdbsync': }
}
}
}
class platform::dcdbsync::api
inherits ::platform::dcdbsync::params {
if ($::platform::params::distributed_cloud_role == 'systemcontroller' or
$::platform::params::distributed_cloud_role == 'subcloud') {
if $service_create {
include ::platform::network::mgmt::params
$api_host = $::platform::network::mgmt::params::controller_address
$api_fqdn = $::platform::params::controller_hostname
$url_host = "http://${api_fqdn}:${api_port}"
class { '::dcdbsync::api':
bind_host => $api_host,
bind_port => $api_port,
enabled => $service_enabled,
}
}
}
}

25
puppet-manifests/src/modules/platform/manifests/sm.pp
View File

@@ -421,6 +421,22 @@ class platform::sm
if $::platform::params::distributed_cloud_role =='subcloud' {
$configure_keystone = true
# Provision and configure dcorch dbsync when running as a subcloud
exec { 'Provision distributed-cloud-services (service-domain-member distributed-cloud-services)':
command => 'sm-provision service-domain-member controller distributed-cloud-services',
}
-> exec { 'Provision distributed-cloud-services (service-group distributed-cloud-services)':
command => 'sm-provision service-group distributed-cloud-services',
}
-> exec { 'Provision DCDBsync-RestApi (service-group-member dcdbsync-api)':
command => 'sm-provision service-group-member distributed-cloud-services dcdbsync-api',
}
-> exec { 'Provision DCDBsync-RestApi in SM (service dcdbsync-api)':
command => 'sm-provision service dcdbsync-api',
}
-> exec { 'Configure OpenStack - DCDBsync-API':
command => "sm-configure service_instance dcdbsync-api dcdbsync-api \"\"",
}
# Deprovision Horizon when running as a subcloud
exec { 'Deprovision OpenStack - Horizon (service-group-member)':
command => 'sm-deprovision service-group-member web-services horizon',
@@ -842,6 +858,12 @@ class platform::sm
-> exec { 'Provision DCOrch-Patch-Api-Proxy in SM (service dcorch-patch-api-proxy)':
command => 'sm-provision service dcorch-patch-api-proxy',
}
-> exec { 'Provision DCDBsync-RestApi (service-group-member dcdbsync-api)':
command => 'sm-provision service-group-member distributed-cloud-services dcdbsync-api',
}
-> exec { 'Provision DCDBsync-RestApi in SM (service dcdbsync-api)':
command => 'sm-provision service dcdbsync-api',
}
-> exec { 'Configure Platform - DCManager-Manager':
command => "sm-configure service_instance dcmanager-manager dcmanager-manager \"\"",
}
@@ -863,6 +885,9 @@ class platform::sm
-> exec { 'Configure OpenStack - DCOrch-patch-api-proxy':
command => "sm-configure service_instance dcorch-patch-api-proxy dcorch-patch-api-proxy \"\"",
}
-> exec { 'Configure OpenStack - DCDBsync-API':
command => "sm-configure service_instance dcdbsync-api dcdbsync-api \"\"",
}
}
# lint:endignore:140chars

13
sysinv/sysinv/sysinv/setup.cfg
View File

@@ -63,12 +63,13 @@ systemconfig.puppet_plugins =
025_ironic = sysinv.puppet.ironic:IronicPuppet
027_dcmanager = sysinv.puppet.dcmanager:DCManagerPuppet
028_dcorch = sysinv.puppet.dcorch:DCOrchPuppet
029_kubernetes = sysinv.puppet.kubernetes:KubernetesPuppet
030_smapi = sysinv.puppet.smapi:SmPuppet
031_fm = sysinv.puppet.fm:FmPuppet
032_swift = sysinv.puppet.swift:SwiftPuppet
033_barbican = sysinv.puppet.barbican:BarbicanPuppet
034_dockerdistribution = sysinv.puppet.dockerdistribution:DockerDistributionPuppet
029_dcdbsync = sysinv.puppet.dcdbsync:DCDBsyncPuppet
030_kubernetes = sysinv.puppet.kubernetes:KubernetesPuppet
031_smapi = sysinv.puppet.smapi:SmPuppet
032_fm = sysinv.puppet.fm:FmPuppet
033_swift = sysinv.puppet.swift:SwiftPuppet
034_barbican = sysinv.puppet.barbican:BarbicanPuppet
035_dockerdistribution = sysinv.puppet.dockerdistribution:DockerDistributionPuppet
099_service_parameter = sysinv.puppet.service_parameter:ServiceParamPuppet
systemconfig.helm_applications =

101
sysinv/sysinv/sysinv/sysinv/puppet/dcdbsync.py Normal file
View File

@@ -0,0 +1,101 @@
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
from sysinv.common import constants
from sysinv.puppet import openstack
class DCDBsyncPuppet(openstack.OpenstackBasePuppet):
"""Class to encapsulate puppet operations for dcdbsync
configuration"""
SERVICE_NAME = 'dcdbsync'
SERVICE_PORT = 8219
SERVICE_PATH = 'v1.0'
IDENTITY_SERVICE_NAME = 'keystone'
IDENTITY_SERVICE_DB = 'keystone'
def get_static_config(self):
dbuser = self._get_database_username(self.IDENTITY_SERVICE_NAME)
return {
'dcdbsync::db::postgresql::user': dbuser,
}
def get_secure_static_config(self):
dbpass = self._get_database_password(self.IDENTITY_SERVICE_NAME)
kspass = self._get_service_password(self.SERVICE_NAME)
# initial bootstrap is bound to localhost
dburl = self._format_database_connection(self.IDENTITY_SERVICE_NAME,
constants.LOCALHOST_HOSTNAME,
database=self.IDENTITY_SERVICE_DB)
return {
'dcdbsync::database_connection': dburl,
'dcdbsync::db::postgresql::password': dbpass,
'dcdbsync::keystone::auth::password': kspass,
'dcdbsync::api::keystone_password': kspass,
}
def get_system_config(self):
ksuser = self._get_service_user_name(self.SERVICE_NAME)
return {
# The region in which the identity server can be found
'dcdbsync::region_name': self._keystone_region_name(),
'dcdbsync::keystone::auth::public_url': self.get_public_url(),
'dcdbsync::keystone::auth::internal_url': self.get_internal_url(),
'dcdbsync::keystone::auth::admin_url': self.get_admin_url(),
'dcdbsync::keystone::auth::region': self._region_name(),
'dcdbsync::keystone::auth::auth_name': ksuser,
'dcdbsync::keystone::auth::auth_domain':
self._get_service_user_domain_name(),
'dcdbsync::keystone::auth::service_name': self.SERVICE_NAME,
'dcdbsync::keystone::auth::tenant': self._get_service_tenant_name(),
'dcdbsync::api::bind_host': self._get_management_address(),
'dcdbsync::api::keystone_auth_uri': self._keystone_auth_uri(),
'dcdbsync::api::keystone_identity_uri':
self._keystone_identity_uri(),
'dcdbsync::api::keystone_tenant': self._get_service_project_name(),
'dcdbsync::api::keystone_user_domain':
self._get_service_user_domain_name(),
'dcdbsync::api::keystone_project_domain':
self._get_service_project_domain_name(),
'dcdbsync::api::keystone_user': ksuser,
'platform::dcdbsync::params::region_name': self.get_region_name(),
'platform::dcdbsync::params::service_create':
self._to_create_services(),
}
def get_secure_system_config(self):
dbpass = self._get_database_password(self.IDENTITY_SERVICE_NAME)
kspass = self._get_service_password(self.SERVICE_NAME)
return {
'dcdbsync::database_connection':
self._format_database_connection(
self.IDENTITY_SERVICE_NAME,
database=self.IDENTITY_SERVICE_DB),
'dcdbsync::db::postgresql::password': dbpass,
'dcdbsync::keystone::auth::password': kspass,
'dcdbsync::api::keystone_password': kspass,
}
def get_public_url(self):
return self._format_public_endpoint(self.SERVICE_PORT,
path=self.SERVICE_PATH)
def get_internal_url(self):
return self._format_private_endpoint(self.SERVICE_PORT,
path=self.SERVICE_PATH)
def get_admin_url(self):
return self._format_private_endpoint(self.SERVICE_PORT,
path=self.SERVICE_PATH)
def get_region_name(self):
return self._get_service_region_name(self.SERVICE_NAME)