From 17211630e06f5fe46e026249c0c5fb7e888a6ad1 Mon Sep 17 00:00:00 2001 From: okozachenko Date: Wed, 9 Sep 2020 05:31:19 +0300 Subject: [PATCH] Add monasca-api Change-Id: Id968ddc528e3e7780056b50e6bcb0fed5a132927 --- images/monasca-api/Dockerfile | 60 ++ images/monasca-api/README.rst | 118 +++ images/monasca-api/api-config.ini.j2 | 27 + images/monasca-api/api-gunicorn.conf.j2 | 15 + images/monasca-api/api-logging.conf.j2 | 71 ++ images/monasca-api/health_check.py | 45 + images/monasca-api/monasca-api.conf.j2 | 863 ++++++++++++++++++ images/monasca-api/start.sh | 46 + .../templates/monasca/api/daemonset.yml.j2 | 97 ++ .../templates/monasca/api/service.yml.j2 | 28 + zuul.d/functional-jobs.yaml | 4 + zuul.d/monasca-api-jobs.yaml | 42 + 12 files changed, 1416 insertions(+) create mode 100644 images/monasca-api/Dockerfile create mode 100644 images/monasca-api/README.rst create mode 100644 images/monasca-api/api-config.ini.j2 create mode 100644 images/monasca-api/api-gunicorn.conf.j2 create mode 100644 images/monasca-api/api-logging.conf.j2 create mode 100644 images/monasca-api/health_check.py create mode 100644 images/monasca-api/monasca-api.conf.j2 create mode 100644 images/monasca-api/start.sh create mode 100644 openstack_operator/templates/monasca/api/daemonset.yml.j2 create mode 100644 openstack_operator/templates/monasca/api/service.yml.j2 create mode 100644 zuul.d/monasca-api-jobs.yaml diff --git a/images/monasca-api/Dockerfile b/images/monasca-api/Dockerfile new file mode 100644 index 00000000..dc5b4165 --- /dev/null +++ b/images/monasca-api/Dockerfile @@ -0,0 +1,60 @@ +ARG EXTRA_DEPS="gunicorn gevent==1.3.5 python-memcached influxdb" +ARG COMMON_REPO=https://review.opendev.org/openstack/monasca-common +ARG COMMON_VERSION=3.1.0 +ARG REPO_VERSION=stable/ussuri +ARG CONSTRAINTS_BRANCH=master +ARG CONSTRAINTS_FILE=https://opendev.org/openstack/requirements/raw/branch/stable/ussuri/upper-constraints.txt +ARG DOCKER_IMAGE=monasca/api +ARG APP_REPO=https://opendev.org/openstack/monasca-api +ARG GITHUB_REPO=https://github.com/openstack/monasca-api + +FROM monasca/base:ussuri as monasca-api + +ENV \ + KAFKA_URI=kafka:9092 \ + KAFKA_WAIT_FOR_TOPICS=alarm-state-transitions,metrics \ + MONASCA_CONTAINER_API_PORT=8070 \ + DATABASE_BACKEND=influxdb \ + INFLUX_HOST=influxdb \ + INFLUX_PORT=8086 \ + INFLUX_USER=mon_api \ + INFLUX_PASSWORD=password \ + INFLUX_DB=mon \ + CASSANDRA_CONTACT_POINTS=cassandra \ + CASSANDRA_PORT=9042 \ + CASSANDRA_KEY_SPACE=monasca \ + CASSANDRA_USER=mon_persister \ + CASSANDRA_PASSWORD=password \ + CASSANDRA_CONNECTION_TIMEOUT=5 \ + MYSQL_HOST=mysql \ + MYSQL_PORT=3306 \ + MYSQL_USER=monapi \ + MYSQL_PASSWORD=password \ + MYSQL_DB=mon \ + MEMCACHED_URI=memcached:11211 \ + DEFAULT_REGION=RegionOne \ + KEYSTONE_IDENTITY_URI=http://keystone:35357 \ + KEYSTONE_AUTH_URI=http://keystone:5000 \ + KEYSTONE_ADMIN_USER=admin \ + KEYSTONE_ADMIN_PASSWORD=secretadmin \ + KEYSTONE_ADMIN_TENANT=admin \ + KEYSTONE_ADMIN_DOMAIN=default \ + KEYSTONE_INSECURE=false \ + GUNICORN_WORKERS=9 \ + GUNICORN_WORKER_CLASS=gevent \ + GUNICORN_WORKER_CONNECTIONS=2000 \ + GUNICORN_BACKLOG=1000 \ + GUNICORN_TIMEOUT=10 \ + ADD_ACCESS_LOG=true \ + ACCESS_LOG_FORMAT="%(asctime)s [%(process)d] gunicorn.access [%(levelname)s] %(message)s" \ + ACCESS_LOG_FIELDS='%(h)s %(l)s %(u)s %(t)s %(r)s %(s)s %(b)s "%(f)s" "%(a)s" %(L)s' \ + LOG_LEVEL_ROOT=WARN \ + LOG_LEVEL_CONSOLE=INFO \ + LOG_LEVEL_ACCESS=INFO \ + STAY_ALIVE_ON_FAILURE=false \ + ENABLE_METRICS_API=true \ + ENABLE_LOGS_API=false +COPY api-* /etc/monasca/ +COPY monasca-api.conf.j2 /etc/monasca/ +EXPOSE ${MONASCA_CONTAINER_API_PORT} +CMD ["/start.sh"] diff --git a/images/monasca-api/README.rst b/images/monasca-api/README.rst new file mode 100644 index 00000000..fd20685f --- /dev/null +++ b/images/monasca-api/README.rst @@ -0,0 +1,118 @@ +============================ +Docker image for Monasca API +============================ +The Monasca API image is based on the monasca-base image. + + +Building monasca-base image +=========================== +See https://github.com/openstack/monasca-common/tree/master/docker/README.rst + + +Building Monasca API image +========================== + +Example: + $ ./build_image.sh + +Everything after ``./build_image.sh`` is optional and by default configured +to get versions from ``Dockerfile``. ``./build_image.sh`` also contain more +detailed build description. + +Environment variables +~~~~~~~~~~~~~~~~~~~~~ +============================== ======================================================================= ========================================== +Variable Default Description +============================== ======================================================================= ========================================== +KAFKA_URI kafka:9092 URI to Apache Kafka (distributed streaming platform) +MONASCA_CONTAINER_API_PORT 8070 The port from the metric pipeline endpoint +DATABASE_BACKEND influxdb Select for backend database +INFLUX_HOST influxdb The host for influxdb +INFLUX_PORT 8086 The port for influxdb +INFLUX_USER mon_api The influx username +INFLUX_PASSWORD password The influx password +INFLUX_DB mon The influx database name +CASSANDRA_CONTACT_POINTS cassandra Cassandra node addresses +CASSANDRA_PORT 9042 Cassandra port number +CASSANDRA_KEY_SPACE monasca Cassandra keyspace where metric are stored +CASSANDRA_USER mon_persister Cassandra user name +CASSANDRA_PASSWORD password Cassandra password +CASSANDRA_CONNECTION_TIMEOUT 5 Cassandra timeout in seconds when creating a new connection +MYSQL_HOST mysql The host for MySQL +MYSQL_PORT 3306 The port for MySQL +MYSQL_USER monapi The MySQL username +MYSQL_PASSWORD password The MySQL password +MYSQL_DB mon The MySQL database name +API_MYSQL_DISABLED unset If 'true' do not use a mysql database. Only metric API will work +MEMCACHED_URI memcached:11211 URI to Keystone authentication cache +DEFAULT_REGION RegionOne Region that API is running in +AUTHORIZED_ROLES admin,domainuser,domainadmin,monasca-user Roles for Monasca users (full API access) +AGENT_AUTHORIZED_ROLES monasca-agent Roles for Monasca agents (sending data only) +READ_ONLY_AUTHORIZED_ROLES monasca-read-only-user Roles for read only users +DELEGATE_AUTHORIZED_ROLES admin Roles allow to read/write cross tenant ID +KEYSTONE_IDENTITY_URI http://keystone:35357 URI to Keystone admin endpoint +KEYSTONE_AUTH_URI http://keystone:5000 URI to Keystone public endpoint +KEYSTONE_ADMIN_USER admin OpenStack administrator user name +KEYSTONE_ADMIN_PASSWORD secretadmin OpenStack administrator user password +KEYSTONE_ADMIN_TENANT admin OpenStack administrator tenant name +KEYSTONE_ADMIN_DOMAIN default OpenStack administrator domain +KEYSTONE_INSECURE false Allow insecure Keystone connection +KEYSTONE_REGION_NAME undefined Keystone admin account region +GUNICORN_WORKERS 9 Number of gunicorn (WSGI-HTTP server) workers +GUNICORN_WORKER_CLASS gevent Used gunicorn worker class +GUNICORN_WORKER_CONNECTIONS 2000 Number of gunicorn worker connections +GUNICORN_BACKLOG 1000 Number of gunicorn backlogs +GUNICORN_TIMEOUT 10 Gunicorn connection timeout +ADD_ACCESS_LOG false Enable gunicorn request/access logging +ACCESS_LOG_FORMAT "%(asctime)s [%(process)d] gunicorn.access [%(levelname)s] %(message)s" Define the logging format +ACCESS_LOG_FIELDS '%(h)s %(l)s %(u)s %(t)s %(r)s %(s)s %(b)s "%(f)s" "%(a)s" %(L)s' Define the fields to be logged +LOG_LEVEL_ROOT WARN Log level for root logging +LOG_LEVEL_CONSOLE INFO Log level for console logging +LOG_LEVEL_ACCESS INFO Log level for access logging +STAY_ALIVE_ON_FAILURE false If true, container runs 2 hours after service fail +ENABLE_METRICS_API true Enable/Disable metrics endpoints +ENABLE_LOGS_API false Enable/disable logs endpoints +============================== ======================================================================= ========================================== + +Wait scripts environment variables +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +======================== ================================ ========================================= +Variable Default Description +======================== ================================ ========================================= +KAFKA_URI kafka:9092 URI to Apache Kafka +KAFKA_WAIT_FOR_TOPICS alarm-state-transitions,metrics The topics where metric-api streams + the metric messages and alarm-states +KAFKA_WAIT_RETRIES 24 Number of kafka connect attempts +KAFKA_WAIT_DELAY 5 Seconds to wait between attempts +MYSQL_HOST mysql The host for MySQL +MYSQL_PORT 3306 The port for MySQL +MYSQL_USER monapi The MySQL username +MYSQL_PASSWORD password The MySQL password +MYSQL_DB mon The MySQL database name +MYSQL_WAIT_RETRIES 24 Number of MySQL connection attempts +MYSQL_WAIT_DELAY 5 Seconds to wait between attempts +======================== ================================ ========================================= + +Scripts +~~~~~~~ +start.sh + In this starting script provide all steps that lead to the proper service + start. Including usage of wait scripts and templating of configuration + files. You also could provide the ability to allow running container after + service died for easier debugging. + +health_check.py + This file will be used for checking the status of the application. + +Provide Configuration templates +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +* monasca-api.conf.j2 +* api-config.ini.j2 +* api-logging.conf.j2 + + +Links +~~~~~ +https://docs.openstack.org/monasca-api/latest/ + +https://github.com/openstack/monasca-api/blob/master/README.rst diff --git a/images/monasca-api/api-config.ini.j2 b/images/monasca-api/api-config.ini.j2 new file mode 100644 index 00000000..e0f3b44d --- /dev/null +++ b/images/monasca-api/api-config.ini.j2 @@ -0,0 +1,27 @@ +[DEFAULT] +name = monasca_api + +[pipeline:main] +pipeline = request_id auth api + +[app:api] +paste.app_factory = monasca_api.api.server:launch + +[filter:auth] +paste.filter_factory = monasca_api.healthcheck.keystone_protocol:filter_factory + +[filter:request_id] +paste.filter_factory = oslo_middleware.request_id:RequestId.factory + +[server:main] +use = egg:gunicorn#main +host = 0.0.0.0 +port = {{ MONASCA_CONTAINER_API_PORT }} +workers = 9 +worker-connections = 2000 +worker-class = eventlet +timeout = 30 +backlog = 2048 +keepalive = 2 +proc_name = monasca_api +#loglevel = DEBUG diff --git a/images/monasca-api/api-gunicorn.conf.j2 b/images/monasca-api/api-gunicorn.conf.j2 new file mode 100644 index 00000000..d6bca372 --- /dev/null +++ b/images/monasca-api/api-gunicorn.conf.j2 @@ -0,0 +1,15 @@ +bind = '0.0.0.0:{{ MONASCA_CONTAINER_API_PORT }}' +proc_name = 'monasca-api' + +backlog = {{ GUNICORN_BACKLOG | int }} +workers = {{ GUNICORN_WORKERS | int }} +worker_class = '{{ GUNICORN_WORKER_CLASS }}' +worker_connections = '{{ GUNICORN_WORKER_CONNECTIONS }}' +timeout = {{ GUNICORN_TIMEOUT | int }} + +{% if ADD_ACCESS_LOG == true %} +accesslog = '-' +{% endif %} +access_log_format = '{{ ACCESS_LOG_FIELDS }}' + +capture_output = True diff --git a/images/monasca-api/api-logging.conf.j2 b/images/monasca-api/api-logging.conf.j2 new file mode 100644 index 00000000..517f46da --- /dev/null +++ b/images/monasca-api/api-logging.conf.j2 @@ -0,0 +1,71 @@ +[default] +disable_existing_loggers = 0 + +[loggers] +keys = root, gunicorn.access, sqlalchemy, kafka, kafka.consumer, urllib3 + +[handlers] +keys = console, console_access + +[formatters] +keys = context, generic + +[logger_root] +level = {{ LOG_LEVEL_ROOT }} +handlers = console + +[logger_gunicorn.access] +level = INFO +handlers = console_access +propagate = 0 +qualname = gunicorn.access + +[logger_sqlalchemy] +qualname = sqlalchemy.engine +# "level = INFO" logs SQL queries. +# "level = DEBUG" logs SQL queries and results. +# "level = WARN" logs neither. (Recommended for production systems.) +level = ERROR +handlers = console +propagate=0 + +[logger_kafka.consumer] +qualname = kafka.consumer +level = INFO +formatter = default +handlers = console +propagate = 0 + +[logger_kafka] +qualname = monasca_common.kafka_lib +level = INFO +formatter = default +handlers = console +propagate = 0 + +[logger_urllib3] +qualname = urllib3.connectionpool +level = INFO +formatter = default +handlers = console +propagate = 0 + +[handler_console] +class = logging.StreamHandler +args = (sys.stdout,) +level = {{ LOG_LEVEL_CONSOLE }} +formatter = context + +[handler_console_access] +class = logging.StreamHandler +args = (sys.stdout,) +level = {{ LOG_LEVEL_ACCESS }} +formatter = generic + +[formatter_context] +class = oslo_log.formatters.ContextFormatter + +[formatter_generic] +format={{ ACCESS_LOG_FORMAT }} +datefmt=%Y-%m-%d %H:%M:%S +class=logging.Formatter diff --git a/images/monasca-api/health_check.py b/images/monasca-api/health_check.py new file mode 100644 index 00000000..31250653 --- /dev/null +++ b/images/monasca-api/health_check.py @@ -0,0 +1,45 @@ +#!/usr/bin/env python +# coding=utf-8 + +# (C) Copyright 2018 FUJITSU LIMITED +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +"""Health check will returns 0 when service is working properly.""" + +import logging +import os +import sys +from urllib import request + + +LOG_LEVEL = logging.getLevelName(os.environ.get('LOG_LEVEL', 'INFO')) +logging.basicConfig(level=LOG_LEVEL) +logger = logging.getLogger(__name__) + +API_PORT = os.environ.get('MONASCA_CONTAINER_API_PORT', '8070') +url = "http://localhost:" + API_PORT + "/healthcheck" + + +def main(): + """Send health check request to health check endpoint of Monasca API.""" + logger.debug('Send health check request to %s', url) + try: + request.urlopen(url=url) + except Exception as ex: + logger.error('Exception during request handling: ' + repr(ex)) + sys.exit(1) + + +if __name__ == '__main__': + main() diff --git a/images/monasca-api/monasca-api.conf.j2 b/images/monasca-api/monasca-api.conf.j2 new file mode 100644 index 00000000..bc3d24f4 --- /dev/null +++ b/images/monasca-api/monasca-api.conf.j2 @@ -0,0 +1,863 @@ +[DEFAULT] + +# +# From monasca_api +# + +# +# Region that API is running in +# (string value) +# +# This option has a sample default set, which means that +# its actual default value may vary from the one documented +# below. +region = {{ DEFAULT_REGION }} + +# +# Valid periods for notification methods +# (list value) +#valid_notification_periods = 0,60 + +# +# Enable Metrics api endpoints (boolean value) +enable_metrics_api = {{ ENABLE_METRICS_API }} + +# +# Enable Logs api endpoints (boolean value) +enable_logs_api = {{ ENABLE_LOGS_API }} + +# +# From oslo.log +# + +# If set to true, the logging level will be set to DEBUG instead of the default +# INFO level (boolean value) +# Note: This option can be changed without restarting. +#debug = false + +# The name of a logging configuration file. This file is appended to any +# existing logging configuration files. For details about logging configuration +# files, see the Python logging module documentation. Note that when logging +# configuration files are used then all logging configuration is set in the +# configuration file and other logging configuration options are ignored (for +# example, logging_context_format_string) (string value) +# Note: This option can be changed without restarting. +# Deprecated group/name - [DEFAULT]/log_config +log_config_append=/etc/monasca/api-logging.conf + +# Defines the format string for %%(asctime)s in log records. Default: +# %(default)s . This option is ignored if log_config_append is set (string +# value) +#log_date_format = %Y-%m-%d %H:%M:%S + +# (Optional) Name of log file to send logging output to. If no default is set, +# logging will go to stderr as defined by use_stderr. This option is ignored if +# log_config_append is set (string value) +# Deprecated group/name - [DEFAULT]/logfile +#log_file = + +# (Optional) The base directory used for relative log_file paths. This option +# is ignored if log_config_append is set (string value) +# Deprecated group/name - [DEFAULT]/logdir +#log_dir = + +# Uses logging handler designed to watch file system. When log file is moved or +# removed this handler will open a new log file with specified path +# instantaneously. It makes sense only if log_file option is specified and +# Linux platform is used. This option is ignored if log_config_append is set +# (boolean value) +#watch_log_file = false + +# Use syslog for logging. Existing syslog format is DEPRECATED and will be +# changed later to honor RFC5424. This option is ignored if log_config_append +# is set (boolean value) +#use_syslog = false + +# Enable journald for logging. If running in a systemd environment you may wish +# to enable journal support. Doing so will use the journal native protocol +# which includes structured metadata in addition to log messages.This option is +# ignored if log_config_append is set (boolean value) +#use_journal = false + +# Syslog facility to receive log lines. This option is ignored if +# log_config_append is set (string value) +#syslog_log_facility = LOG_USER + +# Use JSON formatting for logging. This option is ignored if log_config_append +# is set (boolean value) +#use_json = false + +# Log output to standard error. This option is ignored if log_config_append is +# set (boolean value) +#use_stderr = false + +# Log output to Windows Event Log (boolean value) +#use_eventlog = false + +# The amount of time before the log files are rotated. This option is ignored +# unless log_rotation_type is setto "interval" (integer value) +#log_rotate_interval = 1 + +# Rotation interval type. The time of the last file change (or the time when +# the service was started) is used when scheduling the next rotation (string +# value) +# Possible values: +# Seconds - +# Minutes - +# Hours - +# Days - +# Weekday - +# Midnight - +#log_rotate_interval_type = days + +# Maximum number of rotated log files (integer value) +#max_logfile_count = 30 + +# Log file maximum size in MB. This option is ignored if "log_rotation_type" is +# not set to "size" (integer value) +#max_logfile_size_mb = 200 + +# Log rotation type (string value) +# Possible values: +# interval - Rotate logs at predefined time intervals. +# size - Rotate logs once they reach a predefined size. +# none - Do not rotate log files. +#log_rotation_type = none + +# Format string to use for log messages with context (string value) +#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s + +# Format string to use for log messages when context is undefined (string +# value) +#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s + +# Additional data to append to log message when logging level for the message +# is DEBUG (string value) +#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d + +# Prefix each line of exception output with this format (string value) +#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s + +# Defines the format string for %(user_identity)s that is used in +# logging_context_format_string (string value) +#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s + +# List of package logging levels in logger=LEVEL pairs. This option is ignored +# if log_config_append is set (list value) +#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,oslo_messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,oslo_policy=INFO,dogpile.core.dogpile=INFO + +# Enables or disables publication of error events (boolean value) +#publish_errors = false + +# The format for an instance that is passed with the log message (string value) +#instance_format = "[instance: %(uuid)s] " + +# The format for an instance UUID that is passed with the log message (string +# value) +#instance_uuid_format = "[instance: %(uuid)s] " + +# Interval, number of seconds, of log rate limiting (integer value) +#rate_limit_interval = 0 + +# Maximum number of logged messages per rate_limit_interval (integer value) +#rate_limit_burst = 0 + +# Log level name used by rate limiting: CRITICAL, ERROR, INFO, WARNING, DEBUG +# or empty string. Logs with level greater or equal to rate_limit_except_level +# are not filtered. An empty string means that all levels are filtered (string +# value) +#rate_limit_except_level = CRITICAL + +# Enables or disables fatal status of deprecations (boolean value) +#fatal_deprecations = false + + +[cassandra] + +# +# From monasca_api +# + +# +# Comma separated list of Cassandra node IP addresses +# (list value) +contact_points = {{ CASSANDRA_CONTACT_POINTS | default('127.0.0.1') }} + +# +# Port to Cassandra server +# (port value) +port = {{ CASSANDRA_PORT | default('9042') }} + +# +# keyspace where metric are stored +# (string value) +keyspace = {{ CASSANDRA_KEY_SPACE }} + +# +# Cassandra user for monasca-api service +# (string value) +user = {{ CASSANDRA_USER }} + +# +# Cassandra user password for monasca-api service +# (string value) +password = {{ CASSANDRA_PASSWORD }} + +# +# Cassandra connection timeout in seconds +# (integer value) +connection_timeout = {{ CASSANDRA_CONNECTION_TIMEOUT }} + + +[database] + +# +# From oslo.db +# + +# If True, SQLite uses synchronous mode (boolean value) +#sqlite_synchronous = true + +# The back end to use for the database (string value) +# Deprecated group/name - [DEFAULT]/db_backend +#backend = sqlalchemy + +# The SQLAlchemy connection string to use to connect to the database (string +# value) +# Deprecated group/name - [DEFAULT]/sql_connection +# Deprecated group/name - [DATABASE]/sql_connection +# Deprecated group/name - [sql]/connection +{% if not ( API_MYSQL_DISABLED is defined and API_MYSQL_DISABLED | lower == 'true' ) %} +connection = "mysql+pymysql://{{ MYSQL_USER }}:{{ MYSQL_PASSWORD }}@{{ MYSQL_HOST }}:{{ MYSQL_PORT | default('3306') }}/{{ MYSQL_DB }}" +{% endif %} + + +# The SQLAlchemy connection string to use to connect to the slave database +# (string value) +#slave_connection = + +# The SQL mode to be used for MySQL sessions. This option, including the +# default, overrides any server-set SQL mode. To use whatever SQL mode is set +# by the server configuration, set this to no value. Example: mysql_sql_mode= +# (string value) +#mysql_sql_mode = TRADITIONAL + +# If True, transparently enables support for handling MySQL Cluster (NDB) +# (boolean value) +#mysql_enable_ndb = false + +# Connections which have been present in the connection pool longer than this +# number of seconds will be replaced with a new one the next time they are +# checked out from the pool (integer value) +# Deprecated group/name - [DATABASE]/idle_timeout +# Deprecated group/name - [database]/idle_timeout +# Deprecated group/name - [DEFAULT]/sql_idle_timeout +# Deprecated group/name - [DATABASE]/sql_idle_timeout +# Deprecated group/name - [sql]/idle_timeout +#connection_recycle_time = 3600 + +# DEPRECATED: Minimum number of SQL connections to keep open in a pool (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_min_pool_size +# Deprecated group/name - [DATABASE]/sql_min_pool_size +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +# Reason: The option to set the minimum pool size is not supported by +# sqlalchemy. +#min_pool_size = 1 + +# Maximum number of SQL connections to keep open in a pool. Setting a value of +# 0 indicates no limit (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_pool_size +# Deprecated group/name - [DATABASE]/sql_max_pool_size +#max_pool_size = 5 + +# Maximum number of database connection retries during startup. Set to -1 to +# specify an infinite retry count (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_retries +# Deprecated group/name - [DATABASE]/sql_max_retries +#max_retries = 10 + +# Interval between retries of opening a SQL connection (integer value) +# Deprecated group/name - [DEFAULT]/sql_retry_interval +# Deprecated group/name - [DATABASE]/reconnect_interval +#retry_interval = 10 + +# If set, use this value for max_overflow with SQLAlchemy (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_overflow +# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow = 50 + +# Verbosity of SQL debugging information: 0=None, 100=Everything (integer +# value) +# Minimum value: 0 +# Maximum value: 100 +# Deprecated group/name - [DEFAULT]/sql_connection_debug +#connection_debug = 0 + +# Add Python stack traces to SQL as comment strings (boolean value) +# Deprecated group/name - [DEFAULT]/sql_connection_trace +#connection_trace = false + +# If set, use this value for pool_timeout with SQLAlchemy (integer value) +# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout = + +# Enable the experimental use of database reconnect on connection lost (boolean +# value) +#use_db_reconnect = false + +# Seconds between retries of a database transaction (integer value) +#db_retry_interval = 1 + +# If True, increases the interval between retries of a database operation up to +# db_max_retry_interval (boolean value) +#db_inc_retry_interval = true + +# If db_inc_retry_interval is set, the maximum seconds between retries of a +# database operation (integer value) +#db_max_retry_interval = 10 + +# Maximum retries in case of connection error or deadlock error before error is +# raised. Set to -1 to specify an infinite retry count (integer value) +#db_max_retries = 20 + +# Optional URL parameters to append onto the connection URL at connect time; +# specify as param1=value1¶m2=value2& (string value) +#connection_parameters = + + +[dispatcher] + +# +# From monasca_api +# + +# Versions controller (string value) +versions = monasca_api.v2.reference.versions:Versions + +# Version 2.0 controller (string value) +version_2_0 = monasca_api.v2.reference.version_2_0:Version2 + +# Metrics controller (string value) +metrics = monasca_api.v2.reference.metrics:Metrics + +# Metrics measurements controller (string value) +metrics_measurements = monasca_api.v2.reference.metrics:MetricsMeasurements + +# Metrics statistics controller (string value) +metrics_statistics = monasca_api.v2.reference.metrics:MetricsStatistics + +# Metrics names controller (string value) +metrics_names = monasca_api.v2.reference.metrics:MetricsNames + +# Alarm definitions controller (string value) +alarm_definitions = monasca_api.v2.reference.alarm_definitions:AlarmDefinitions + +# Alarms controller (string value) +alarms = monasca_api.v2.reference.alarms:Alarms + +# Alarms Count controller (string value) +alarms_count = monasca_api.v2.reference.alarms:AlarmsCount + +# Alarms state history controller (string value) +alarms_state_history = monasca_api.v2.reference.alarms:AlarmsStateHistory + +# Notification Methods controller (string value) +notification_methods = monasca_api.v2.reference.notifications:Notifications + +# Dimension Values controller (string value) +dimension_values = monasca_api.v2.reference.metrics:DimensionValues + +# Dimension Names controller (string value) +dimension_names = monasca_api.v2.reference.metrics:DimensionNames + +# Notifications Type Methods controller (string value) +notification_method_types = monasca_api.v2.reference.notificationstype:NotificationsType + +# Health checks endpoint controller (string value) +healthchecks = monasca_api.healthchecks:HealthChecks + + +[influxdb] + +# +# From monasca_api +# + +# +# Database name where metrics are stored +# (string value) +database_name = {{ INFLUX_DB }} + +# +# IP address to Influxdb server +# (host address value) +ip_address = {{ INFLUX_HOST }} + +# Port to Influxdb server (port value) +# Minimum value: 0 +# Maximum value: 65535 +port = {{ INFLUX_PORT }} + +# +# Influxdb user +# (string value) +user = {{ INFLUX_USER }} + +# +# Influxdb password +# (string value) +password = {{ INFLUX_PASSWORD }} + + +[kafka] + +# +# From monasca_api +# + +# +# Comma separated list of Kafka broker host:port +# (list value) +uri = {{ KAFKA_URI }} + +# +# The topic that metrics will be published to +# (string value) +metrics_topic = metrics + +# +# The topic that events will be published too +# (string value) +#events_topic = events + +# The topic that logs will be published to (multi valued) +#logs_topics = log + +# +# The topic that alarm state will be published too +# (string value) +#alarm_state_transitions_topic = alarm-state-transitions + +# +# The group name that this service belongs to +# (string value) +group = api + +# +# The ack time back to kafka. +# (integer value) +#ack_time = 20 + +# +# The number of retry when there is a connection error +# (integer value) +max_retry = 1 + +# +# The type of posting +# (boolean value) +is_async = true + +# +# Specify if the message received should be parsed. +# If True, message will not be parsed, otherwise +# messages will be parsed +# (boolean value) +compact = true + +# +# The partitions this connection should +# listen for messages on. Currently does not +# support multiple partitions. +# Default is to listen on partition 0 +# (list value) +partitions = 0 + +# +# Specify if received data should be simply dropped. +# This parameter is only for testing purposes +# (boolean value) +#drop_data = false + +# +# The wait time when no messages on kafka queue +# (integer value) +# Minimum value: 1 +# Advanced Option: intended for advanced users and not used +# by the majority of users, and might have a significant +# effect on stability and/or performance. +wait_time = 1 + +# +# Should messages be automatically committed +# (boolean value) +# Advanced Option: intended for advanced users and not used +# by the majority of users, and might have a significant +# effect on stability and/or performance. +#auto_commit = false + + +[keystone_authtoken] + +auth_url = {{ KEYSTONE_IDENTITY_URI }} +username = {{ KEYSTONE_ADMIN_USER }} +password = {{ KEYSTONE_ADMIN_PASSWORD }} +user_domain_name = Default +project_name = {{ KEYSTONE_ADMIN_TENANT }} +project_domain_name = Default + +# +# From keystonemiddleware.auth_token +# + +# Complete "public" Identity API endpoint. This endpoint should not be an +# "admin" endpoint, as it should be accessible by all end users. +# Unauthenticated clients are redirected to this endpoint to authenticate. +# Although this endpoint should ideally be unversioned, client support in the +# wild varies. If you're using a versioned v2 endpoint here, then this should +# *not* be the same endpoint the service user utilizes for validating tokens, +# because normal end users may not be able to reach that endpoint (string +# value) +# Deprecated group/name - [keystone_authtoken]/auth_uri +www_authenticate_uri = {{ KEYSTONE_AUTH_URI }} + +# DEPRECATED: Complete "public" Identity API endpoint. This endpoint should not +# be an "admin" endpoint, as it should be accessible by all end users. +# Unauthenticated clients are redirected to this endpoint to authenticate. +# Although this endpoint should ideally be unversioned, client support in the +# wild varies. If you're using a versioned v2 endpoint here, then this should +# *not* be the same endpoint the service user utilizes for validating tokens, +# because normal end users may not be able to reach that endpoint. This option +# is deprecated in favor of www_authenticate_uri and will be removed in the S +# release (string value) +# This option is deprecated for removal since Queens. +# Its value may be silently ignored in the future. +# Reason: The auth_uri option is deprecated in favor of www_authenticate_uri +# and will be removed in the S release. +#auth_uri = + +# API version of the admin Identity API endpoint (string value) +#auth_version = + +# Do not handle authorization requests within the middleware, but delegate the +# authorization decision to downstream WSGI components (boolean value) +#delay_auth_decision = false + +# Request timeout value for communicating with Identity API server (integer +# value) +#http_connect_timeout = + +# How many times are we trying to reconnect when communicating with Identity +# API Server (integer value) +#http_request_max_retries = 3 + +# Request environment key where the Swift cache object is stored. When +# auth_token middleware is deployed with a Swift cache, use this option to have +# the middleware share a caching backend with swift. Otherwise, use the +# ``memcached_servers`` option instead (string value) +#cache = + +# Required if identity server requires client certificate (string value) +#certfile = + +# Required if identity server requires client certificate (string value) +#keyfile = + +# A PEM encoded Certificate Authority to use when verifying HTTPs connections. +# Defaults to system CAs (string value) +#cafile = + +# Verify HTTPS connections (boolean value) +insecure = {{ KEYSTONE_INSECURE }} + +# The region in which the identity server can be found (string value) +{% if KEYSTONE_REGION_NAME is defined %} +region_name = {{ KEYSTONE_REGION_NAME }} +{% endif %} + +# DEPRECATED: Directory used to cache files related to PKI tokens. This option +# has been deprecated in the Ocata release and will be removed in the P release +# (string value) +# This option is deprecated for removal since Ocata. +# Its value may be silently ignored in the future. +# Reason: PKI token format is no longer supported. +#signing_dir = + +# Optionally specify a list of memcached server(s) to use for caching. If left +# undefined, tokens will instead be cached in-process (list value) +# Deprecated group/name - [keystone_authtoken]/memcache_servers +memcached_servers = {{ MEMCACHED_URI }} + +# In order to prevent excessive effort spent validating tokens, the middleware +# caches previously-seen tokens for a configurable duration (in seconds). Set +# to -1 to disable caching completely (integer value) +#token_cache_time = 300 + +# DEPRECATED: Determines the frequency at which the list of revoked tokens is +# retrieved from the Identity service (in seconds). A high number of revocation +# events combined with a low cache duration may significantly reduce +# performance. Only valid for PKI tokens. This option has been deprecated in +# the Ocata release and will be removed in the P release (integer value) +# This option is deprecated for removal since Ocata. +# Its value may be silently ignored in the future. +# Reason: PKI token format is no longer supported. +#revocation_cache_time = 10 + +# (Optional) If defined, indicate whether token data should be authenticated or +# authenticated and encrypted. If MAC, token data is authenticated (with HMAC) +# in the cache. If ENCRYPT, token data is encrypted and authenticated in the +# cache. If the value is not one of these options or empty, auth_token will +# raise an exception on initialization (string value) +# Possible values: +# None - +# MAC - +# ENCRYPT - +#memcache_security_strategy = None + +# (Optional, mandatory if memcache_security_strategy is defined) This string is +# used for key derivation (string value) +#memcache_secret_key = + +# (Optional) Number of seconds memcached server is considered dead before it is +# tried again (integer value) +#memcache_pool_dead_retry = 300 + +# (Optional) Maximum total number of open connections to every memcached server +# (integer value) +#memcache_pool_maxsize = 10 + +# (Optional) Socket timeout in seconds for communicating with a memcached +# server (integer value) +#memcache_pool_socket_timeout = 3 + +# (Optional) Number of seconds a connection to memcached is held unused in the +# pool before it is closed (integer value) +#memcache_pool_unused_timeout = 60 + +# (Optional) Number of seconds that an operation will wait to get a memcached +# client connection from the pool (integer value) +#memcache_pool_conn_get_timeout = 10 + +# (Optional) Use the advanced (eventlet safe) memcached client pool. The +# advanced pool will only work under python 2.x (boolean value) +#memcache_use_advanced_pool = false + +# (Optional) Indicate whether to set the X-Service-Catalog header. If False, +# middleware will not ask for service catalog on token validation and will not +# set the X-Service-Catalog header (boolean value) +#include_service_catalog = true + +# Used to control the use and type of token binding. Can be set to: "disabled" +# to not check token binding. "permissive" (default) to validate binding +# information if the bind type is of a form known to the server and ignore it +# if not. "strict" like "permissive" but if the bind type is unknown the token +# will be rejected. "required" any form of token binding is needed to be +# allowed. Finally the name of a binding method that must be present in tokens +# (string value) +#enforce_token_bind = permissive + +# DEPRECATED: If true, the revocation list will be checked for cached tokens. +# This requires that PKI tokens are configured on the identity server (boolean +# value) +# This option is deprecated for removal since Ocata. +# Its value may be silently ignored in the future. +# Reason: PKI token format is no longer supported. +#check_revocations_for_cached = false + +# DEPRECATED: Hash algorithms to use for hashing PKI tokens. This may be a +# single algorithm or multiple. The algorithms are those supported by Python +# standard hashlib.new(). The hashes will be tried in the order given, so put +# the preferred one first for performance. The result of the first hash will be +# stored in the cache. This will typically be set to multiple values only while +# migrating from a less secure algorithm to a more secure one. Once all the old +# tokens are expired this option should be set to a single value for better +# performance (list value) +# This option is deprecated for removal since Ocata. +# Its value may be silently ignored in the future. +# Reason: PKI token format is no longer supported. +#hash_algorithms = md5 + +# A choice of roles that must be present in a service token. Service tokens are +# allowed to request that an expired token can be used and so this check should +# tightly control that only actual services should be sending this token. Roles +# here are applied as an ANY check so any role in this list must be present. +# For backwards compatibility reasons this currently only affects the +# allow_expired check (list value) +#service_token_roles = service + +# For backwards compatibility reasons we must let valid service tokens pass +# that don't pass the service_token_roles check as valid. Setting this true +# will become the default in a future release and should be enabled if possible +# (boolean value) +service_token_roles_required = true + +# Authentication type to load (string value) +# Deprecated group/name - [keystone_authtoken]/auth_plugin +auth_type = password + +# Config Section from which to load plugin specific options (string value) +#auth_section = + + +[messaging] + +# +# From monasca_api +# + +# +# The message queue driver to use +# (string value) +driver = monasca_api.common.messaging.kafka_publisher:KafkaPublisher + +# DEPRECATED: +# The type of metrics message format to publish to the message queue +# (string value) +# This option is deprecated for removal since 2.1.0. +# Its value may be silently ignored in the future. +# Reason: +# Option is not used anywhere in the codebase +#metrics_message_format = reference + +# DEPRECATED: +# The type of events message format to publish to the message queue +# (string value) +# This option is deprecated for removal since 2.1.0. +# Its value may be silently ignored in the future. +# Reason: +# Option is not used anywhere in the codebase +#events_message_format = reference + + +[oslo_policy] + +# +# From oslo.policy +# + +# This option controls whether or not to enforce scope when evaluating +# policies. If ``True``, the scope of the token used in the request is compared +# to the ``scope_types`` of the policy being enforced. If the scopes do not +# match, an ``InvalidScope`` exception will be raised. If ``False``, a message +# will be logged informing operators that policies are being invoked with +# mismatching scope (boolean value) +#enforce_scope = false + +# The file that defines policies (string value) +#policy_file = policy.json + +# Default rule. Enforced when a requested rule is not found (string value) +#policy_default_rule = default + +# Directories where policy configuration files are stored. They can be relative +# to any directory in the search path defined by the config_dir option, or +# absolute paths. The file defined by policy_file must exist for these +# directories to be searched. Missing or empty directories are ignored (multi +# valued) +#policy_dirs = policy.d + +# Content Type to send and receive data for REST based policy check (string +# value) +# Possible values: +# application/x-www-form-urlencoded - +# application/json - +#remote_content_type = application/x-www-form-urlencoded + +# server identity verification for REST based policy check (boolean value) +#remote_ssl_verify_server_crt = false + +# Absolute path to ca cert file for REST based policy check (string value) +#remote_ssl_ca_crt_file = + +# Absolute path to client cert for REST based policy check (string value) +#remote_ssl_client_crt_file = + +# Absolute path client key file REST based policy check (string value) +#remote_ssl_client_key_file = + + +[repositories] + +# +# From monasca_api +# + +# +# The repository driver to use for metrics +# (string value) +# Advanced Option: intended for advanced users and not used +# by the majority of users, and might have a significant +# effect on stability and/or performance. +{% if DATABASE_BACKEND | lower == 'cassandra' %} +metrics_driver = monasca_api.common.repositories.cassandra.metrics_repository:MetricsRepository +{% else %} +metrics_driver = monasca_api.common.repositories.influxdb.metrics_repository:MetricsRepository +{% endif %} + +# +# The repository driver to use for alarm definitions +# (string value) +# Advanced Option: intended for advanced users and not used +# by the majority of users, and might have a significant +# effect on stability and/or performance. +alarm_definitions_driver = monasca_api.common.repositories.sqla.alarm_definitions_repository:AlarmDefinitionsRepository + +# +# The repository driver to use for alarms +# (string value) +# Advanced Option: intended for advanced users and not used +# by the majority of users, and might have a significant +# effect on stability and/or performance. +alarms_driver = monasca_api.common.repositories.sqla.alarms_repository:AlarmsRepository + +# +# The repository driver to use for notifications +# (string value) +# Advanced Option: intended for advanced users and not used +# by the majority of users, and might have a significant +# effect on stability and/or performance. +notifications_driver = monasca_api.common.repositories.sqla.notifications_repository:NotificationsRepository + +# +# The repository driver to use for notifications +# (string value) +# Advanced Option: intended for advanced users and not used +# by the majority of users, and might have a significant +# effect on stability and/or performance. +notification_method_type_driver = monasca_api.common.repositories.sqla.notification_method_type_repository:NotificationMethodTypeRepository + + +[security] + +# +# From monasca_api +# + +# Roles that are allowed to check the health (list value) +#healthcheck_roles = @ + +# Roles that are allowed to check the versions (list value) +#versions_roles = @ + +# +# Roles that are allowed full access to the API +# (list value) +default_authorized_roles = {{ AUTHORIZED_ROLES | default('admin, domainuser, domainadmin, monasca-user') }} + +# +# Roles that are only allowed to POST to the API +# (list value) +agent_authorized_roles = {{ AGENT_AUTHORIZED_ROLES | default('monasca-agent') }} + +# +# Roles that are only allowed to GET from the API +# (list value) +read_only_authorized_roles = {{ READ_ONLY_AUTHORIZED_ROLES | default('monasca-read-only-user') }} + +# +# Roles that are allowed to POST metrics on +# behalf of another tenant +# (list value) +delegate_authorized_roles = {{ DELEGATE_AUTHORIZED_ROLES | default('admin') }} diff --git a/images/monasca-api/start.sh b/images/monasca-api/start.sh new file mode 100644 index 00000000..5428dfe2 --- /dev/null +++ b/images/monasca-api/start.sh @@ -0,0 +1,46 @@ +#!/bin/sh + +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# Starting script. +# All checks and configuration templating you need to do before service +# could be safely started should be added in this file. + +set -eo pipefail # Exit the script if any statement returns error. + +# Test services we need before starting our service. +echo "Start script: waiting for needed services" +python3 /kafka_wait_for_topics.py +python3 /mysql_check.py + +# Template all config files before start, it will use env variables. +# Read usage examples: https://pypi.org/project/Templer/ +echo "Start script: creating config files from templates" +templer -v -f /etc/monasca/monasca-api.conf.j2 /etc/monasca/monasca-api.conf +templer -v -f /etc/monasca/api-config.ini.j2 /etc/monasca/api-config.ini +templer -v -f /etc/monasca/api-logging.conf.j2 /etc/monasca/api-logging.conf +templer -v -f /etc/monasca/api-gunicorn.conf.j2 /etc/monasca/api-gunicorn.conf + +# Start our service. +echo "Start script: starting container" +gunicorn \ + --config /etc/monasca/api-gunicorn.conf \ + --paste /etc/monasca/api-config.ini + +# Allow server to stay alive in case of failure for 2 hours for debugging. +RESULT=$? +if [ $RESULT != 0 ] && [ "$STAY_ALIVE_ON_FAILURE" = "true" ]; then + echo "Service died, waiting 120 min before exiting" + sleep 7200 +fi +exit $RESULT diff --git a/openstack_operator/templates/monasca/api/daemonset.yml.j2 b/openstack_operator/templates/monasca/api/daemonset.yml.j2 new file mode 100644 index 00000000..dd307e8f --- /dev/null +++ b/openstack_operator/templates/monasca/api/daemonset.yml.j2 @@ -0,0 +1,97 @@ +--- +# Copyright 2020 VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: monasca-api + namespace: openstack + labels: + {{ labels("monasca", component="api") | indent(4) }} +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + selector: + matchLabels: + {{ labels("monasca", component="api") | indent(6) }} + template: + metadata: + labels: + {{ labels("monasca", component="api") | indent(8) }} + annotations: + checksum/config: "{{ config_hash }}" + spec: + automountServiceAccountToken: false + containers: + - name: monasca-api + image: vexxhost/monasca-api:latest + imagePullPolicy: Always + {% if env is defined and env|length %} + env: + {% if 'sentryDSN' in spec %} + - name: SENTRY_DSN + value: {{ spec.sentryDSN }} + {% endif %} + {% for v in env %} + - name: "{{ v.name }}" + value: "{{ v.value }}" + {% endfor %} + {% endif %} + ports: + - name: monasca-api + protocol: TCP + containerPort: 8070 + livenessProbe: + httpGet: + path: / + port: monasca-api + readinessProbe: + httpGet: + path: / + port: monasca-api + lifecycle: + preStop: + exec: + command: ["/bin/sleep", "5"] + securityContext: + runAsUser: 65534 + runAsGroup: 65534 + volumeMounts: + - mountPath: /etc/monasca + name: config + - name: uwsgi-config + mountPath: /etc/uwsgi + volumes: + - name: config + secret: + secretName: monasca-config + - name: uwsgi-config + configMap: + defaultMode: 420 + name: uwsgi-default +{% if 'nodeSelector' in spec %} + nodeSelector: + {{ spec.nodeSelector | to_yaml | indent(8) }} +{% endif %} +{% if 'tolerations' in spec %} + tolerations: + {{ spec.tolerations | to_yaml | indent(8) }} +{% endif %} +{% if 'hostAliases' in spec %} + hostAliases: + {{ spec.hostAliases | to_yaml | indent(8) }} +{% endif %} diff --git a/openstack_operator/templates/monasca/api/service.yml.j2 b/openstack_operator/templates/monasca/api/service.yml.j2 new file mode 100644 index 00000000..566085e0 --- /dev/null +++ b/openstack_operator/templates/monasca/api/service.yml.j2 @@ -0,0 +1,28 @@ +--- +# Copyright 2020 VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: monasca-api + namespace: openstack +spec: + ports: + - name: monasca-api + protocol: TCP + port: 80 + targetPort: monasca-api + selector: + {{ labels("monasca", component="api") | indent(4) }} diff --git a/zuul.d/functional-jobs.yaml b/zuul.d/functional-jobs.yaml index bdb47172..6d62fb41 100644 --- a/zuul.d/functional-jobs.yaml +++ b/zuul.d/functional-jobs.yaml @@ -79,6 +79,8 @@ soft: true - name: openstack-operator:images:build:magnum soft: true + - name: openstack-operator:images:build:monasca-api + soft: true - name: openstack-operator:images:build:glance soft: true - name: openstack-operator:images:build:rabbitmq @@ -116,6 +118,8 @@ soft: true - name: openstack-operator:images:upload:magnum soft: true + - name: openstack-operator:images:upload:monasca-api + soft: true - name: openstack-operator:images:upload:glance soft: true - name: openstack-operator:images:upload:rabbitmq diff --git a/zuul.d/monasca-api-jobs.yaml b/zuul.d/monasca-api-jobs.yaml new file mode 100644 index 00000000..cab47b9f --- /dev/null +++ b/zuul.d/monasca-api-jobs.yaml @@ -0,0 +1,42 @@ +- job: + name: openstack-operator:images:build:monasca-api + parent: vexxhost-build-docker-image + provides: openstack-operator:image:monasca-api + nodeset: &id001 + nodes: + - name: ubuntu-bionic + label: ubuntu-bionic-vexxhost + vars: &id002 + docker_images: + - context: images/monasca-api + repository: vexxhost/monasca-api + target: monasca-api + dependencies: + - openstack-operator:images:build:openstack-operator + files: &id003 + - ^images/monasca-api/.* +- job: + name: openstack-operator:images:upload:monasca-api + parent: vexxhost-upload-docker-image + provides: openstack-operator:image:monasca-api + nodeset: *id001 + vars: *id002 + dependencies: + - openstack-operator:images:upload:openstack-operator + files: *id003 +- job: + name: openstack-operator:images:promote:monasca-api + parent: vexxhost-promote-docker-image + nodeset: *id001 + vars: *id002 + files: *id003 +- project: + check: + jobs: + - openstack-operator:images:build:monasca-api + gate: + jobs: + - openstack-operator:images:upload:monasca-api + promote: + jobs: + - openstack-operator:images:promote:monasca-api