From 8cb4da7a1ed969bf8f44ebe39f5153141d5a3c5c Mon Sep 17 00:00:00 2001 From: Juan Antonio Osorio Robles Date: Tue, 22 Aug 2017 12:06:30 +0000 Subject: Zaqar: Match service name with service-net-map This is required for t-h-t to generate the appropriate hieradata. Change-Id: I9b451eac4427a52ad8eec62ff89acc6c6d3ab799 Closes-Bug: #1712328 --- .../scenario002-multinode-containers.yaml | 2 +- ci/environments/scenario002-multinode.yaml | 2 +- docker/services/zaqar.yaml | 2 +- environments/services/zaqar.yaml | 2 +- puppet/services/zaqar-api.yaml | 217 +++++++++++++++++++++ puppet/services/zaqar.yaml | 217 --------------------- ...Change-zaqar-profile-path-7b00c68c0812fb3d.yaml | 6 + 7 files changed, 227 insertions(+), 221 deletions(-) create mode 100644 puppet/services/zaqar-api.yaml delete mode 100644 puppet/services/zaqar.yaml create mode 100644 releasenotes/notes/Change-zaqar-profile-path-7b00c68c0812fb3d.yaml diff --git a/ci/environments/scenario002-multinode-containers.yaml b/ci/environments/scenario002-multinode-containers.yaml index fe06ef66..584c1e5e 100644 --- a/ci/environments/scenario002-multinode-containers.yaml +++ b/ci/environments/scenario002-multinode-containers.yaml @@ -11,7 +11,7 @@ resource_registry: OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml # TODO: Zaqar doesn't work when containerized # https://bugs.launchpad.net/tripleo/+bug/1710959 - OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml + OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar-api.yaml OS::TripleO::Services::Ec2Api: ../../docker/services/ec2-api.yaml # NOTE: This is needed because of upgrades from Ocata to Pike. We # deploy the initial environment with Ocata templates, and diff --git a/ci/environments/scenario002-multinode.yaml b/ci/environments/scenario002-multinode.yaml index 513d3f71..5670c213 100644 --- a/ci/environments/scenario002-multinode.yaml +++ b/ci/environments/scenario002-multinode.yaml @@ -2,7 +2,7 @@ resource_registry: OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml - OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml + OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar-api.yaml OS::TripleO::Services::Ec2Api: ../../puppet/services/ec2-api.yaml OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml OS::TripleO::Services::Redis: ../../puppet/services/pacemaker/database/redis.yaml diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml index 072c6759..b6fb4001 100644 --- a/docker/services/zaqar.yaml +++ b/docker/services/zaqar.yaml @@ -57,7 +57,7 @@ resources: type: ../../puppet/services/database/mysql-client.yaml ZaqarBase: - type: ../../puppet/services/zaqar.yaml + type: ../../puppet/services/zaqar-api.yaml properties: EndpointMap: {get_param: EndpointMap} ServiceData: {get_param: ServiceData} diff --git a/environments/services/zaqar.yaml b/environments/services/zaqar.yaml index e501b69c..f57582c2 100644 --- a/environments/services/zaqar.yaml +++ b/environments/services/zaqar.yaml @@ -1,3 +1,3 @@ resource_registry: - OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml + OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar-api.yaml OS::TripleO::Services::MongoDb: ../../puppet/services/database/mongodb.yaml diff --git a/puppet/services/zaqar-api.yaml b/puppet/services/zaqar-api.yaml new file mode 100644 index 00000000..82d105ef --- /dev/null +++ b/puppet/services/zaqar-api.yaml @@ -0,0 +1,217 @@ +heat_template_version: pike + +description: > + Openstack Zaqar service. Shared for all Heat services. + +parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string + ZaqarDebug: + default: '' + description: Set to True to enable debugging Zaqar service. + type: string + ZaqarPassword: + description: The password for Zaqar + type: string + hidden: true + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint + ZaqarPolicies: + description: | + A hash of policies to configure for Zaqar. + e.g. { zaqar-context_is_admin: { key: context_is_admin, value: 'role:admin' } } + default: {} + type: json + ZaqarWorkers: + type: string + description: Set the number of workers for zaqar::wsgi::apache + default: '%{::os_workers}' + ZaqarMessageStore: + type: string + description: The messaging store for Zaqar + default: mongodb + ZaqarManagementStore: + type: string + description: The management store for Zaqar + default: mongodb + EnableInternalTLS: + type: boolean + default: false + +conditions: + zaqar_workers_zero: {equals : [{get_param: ZaqarWorkers}, 0]} + service_debug_unset: {equals : [{get_param: ZaqarDebug}, '']} + zaqar_messaging_store_swift: {equals : [{get_param: ZaqarMessageStore}, 'swift']} + zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']} + +resources: + + ApacheServiceBase: + type: ./apache.yaml + properties: + ServiceData: {get_param: ServiceData} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + EnableInternalTLS: {get_param: EnableInternalTLS} + +outputs: + role_data: + description: Shared role data for the Zaqar services. + value: + service_name: zaqar_api + config_settings: + map_merge: + - get_attr: [ApacheServiceBase, role_data, config_settings] + - zaqar::policy::policies: {get_param: ZaqarPolicies} + zaqar::keystone::authtoken::password: {get_param: ZaqarPassword} + zaqar::keystone::authtoken::project_name: 'service' + zaqar::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} + zaqar::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + zaqar::debug: + if: + - service_debug_unset + - {get_param: Debug } + - {get_param: ZaqarDebug } + zaqar::server::service_name: 'httpd' + zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]} + zaqar::wsgi::apache::ssl: {get_param: EnableInternalTLS} + zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]} + zaqar::message_pipeline: 'zaqar.notification.notifier' + zaqar::unreliable: true + zaqar::wsgi::apache::servername: + str_replace: + template: + "%{hiera('fqdn_$NETWORK')}" + params: + $NETWORK: {get_param: [ServiceNetMap, ZaqarApiNetwork]} + zaqar::message_store: {get_param: ZaqarMessageStore} + zaqar::management_store: {get_param: ZaqarManagementStore} + - + if: + - zaqar_messaging_store_swift + - + zaqar::messaging::swift::uri: + list_join: + - '' + - ['swift://zaqar:', {get_param: ZaqarPassword}, '@/service'] + zaqar::messaging::swift::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } + tripleo::profile::base::zaqar::messaging_store: 'swift' + - {} + - + if: + - zaqar_management_store_sqlalchemy + - + tripleo::profile::base::zaqar::management_store: 'sqlalchemy' + zaqar::management::sqlalchemy::uri: + make_url: + scheme: {get_param: [EndpointMap, MysqlInternal, protocol]} + username: zaqar + password: {get_param: ZaqarPassword} + host: {get_param: [EndpointMap, MysqlInternal, host]} + path: /zaqar + query: + read_default_file: /etc/my.cnf.d/tripleo.cnf + read_default_group: tripleo + - {} + - + if: + - zaqar_workers_zero + - {} + - zaqar::wsgi::apache::workers: {get_param: ZaqarWorkers} + service_config_settings: + map_merge: + - keystone: + zaqar::keystone::auth::password: {get_param: ZaqarPassword} + zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]} + zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]} + zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]} + zaqar::keystone::auth::region: {get_param: KeystoneRegion} + zaqar::keystone::auth::tenant: 'service' + zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword} + zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]} + zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]} + zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]} + zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion} + zaqar::keystone::auth_websocket::tenant: 'service' + - + if: + - zaqar_management_store_sqlalchemy + - mysql: + zaqar::db::mysql::user: zaqar + zaqar::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} + zaqar::db::mysql::dbname: zaqar + zaqar::db::mysql::password: {get_param: ZaqarPassword} + zaqar::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" + - {} + step_config: | + include ::tripleo::profile::base::zaqar + metadata_settings: + get_attr: [ApacheServiceBase, role_data, metadata_settings] + upgrade_tasks: + yaql: + expression: $.data.apache_upgrade + $.data.zaqar_upgrade + data: + apache_upgrade: + get_attr: [ApacheServiceBase, role_data, upgrade_tasks] + zaqar_upgrade: + - name: Check if zaqar is deployed + command: systemctl is-enabled openstack-zaqar + tags: common + ignore_errors: True + register: zaqar_enabled + - name: "PreUpgrade step0,validation: Check if openstack-zaqar is running" + shell: > + /usr/bin/systemctl show 'openstack-zaqar' --property ActiveState | + grep '\bactive\b' + when: zaqar_enabled.rc == 0 + tags: step0,validation + - name: Check for zaqar running under apache (post upgrade) + tags: step1 + shell: "httpd -t -D DUMP_VHOSTS | grep -q zaqar_wsgi" + register: zaqar_apache + ignore_errors: true + - name: Stop zaqar service (running under httpd) + tags: step1 + service: name=httpd state=stopped + when: zaqar_apache.rc == 0 + - name: Stop and disable zaqar service (pre-upgrade not under httpd) + tags: step1 + when: zaqar_enabled.rc == 0 + service: name=openstack-zaqar state=stopped enabled=no + - name: Install openstack-zaqar package if it was disabled + tags: step3 + yum: name=openstack-zaqar state=latest + when: zaqar_enabled.rc != 0 diff --git a/puppet/services/zaqar.yaml b/puppet/services/zaqar.yaml deleted file mode 100644 index 4a1ad179..00000000 --- a/puppet/services/zaqar.yaml +++ /dev/null @@ -1,217 +0,0 @@ -heat_template_version: pike - -description: > - Openstack Zaqar service. Shared for all Heat services. - -parameters: - ServiceData: - default: {} - description: Dictionary packing service data - type: json - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. This - mapping overrides those in ServiceNetMapDefaults. - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - DefaultPasswords: - default: {} - type: json - RoleName: - default: '' - description: Role name on which the service is applied - type: string - RoleParameters: - default: {} - description: Parameters specific to the role - type: json - Debug: - default: '' - description: Set to True to enable debugging on all services. - type: string - ZaqarDebug: - default: '' - description: Set to True to enable debugging Zaqar service. - type: string - ZaqarPassword: - description: The password for Zaqar - type: string - hidden: true - KeystoneRegion: - type: string - default: 'regionOne' - description: Keystone region for endpoint - ZaqarPolicies: - description: | - A hash of policies to configure for Zaqar. - e.g. { zaqar-context_is_admin: { key: context_is_admin, value: 'role:admin' } } - default: {} - type: json - ZaqarWorkers: - type: string - description: Set the number of workers for zaqar::wsgi::apache - default: '%{::os_workers}' - ZaqarMessageStore: - type: string - description: The messaging store for Zaqar - default: mongodb - ZaqarManagementStore: - type: string - description: The management store for Zaqar - default: mongodb - EnableInternalTLS: - type: boolean - default: false - -conditions: - zaqar_workers_zero: {equals : [{get_param: ZaqarWorkers}, 0]} - service_debug_unset: {equals : [{get_param: ZaqarDebug}, '']} - zaqar_messaging_store_swift: {equals : [{get_param: ZaqarMessageStore}, 'swift']} - zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']} - -resources: - - ApacheServiceBase: - type: ./apache.yaml - properties: - ServiceData: {get_param: ServiceData} - ServiceNetMap: {get_param: ServiceNetMap} - DefaultPasswords: {get_param: DefaultPasswords} - EndpointMap: {get_param: EndpointMap} - EnableInternalTLS: {get_param: EnableInternalTLS} - -outputs: - role_data: - description: Shared role data for the Heat services. - value: - service_name: zaqar - config_settings: - map_merge: - - get_attr: [ApacheServiceBase, role_data, config_settings] - - zaqar::policy::policies: {get_param: ZaqarPolicies} - zaqar::keystone::authtoken::password: {get_param: ZaqarPassword} - zaqar::keystone::authtoken::project_name: 'service' - zaqar::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} - zaqar::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} - zaqar::debug: - if: - - service_debug_unset - - {get_param: Debug } - - {get_param: ZaqarDebug } - zaqar::server::service_name: 'httpd' - zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]} - zaqar::wsgi::apache::ssl: {get_param: EnableInternalTLS} - zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]} - zaqar::message_pipeline: 'zaqar.notification.notifier' - zaqar::unreliable: true - zaqar::wsgi::apache::servername: - str_replace: - template: - "%{hiera('fqdn_$NETWORK')}" - params: - $NETWORK: {get_param: [ServiceNetMap, ZaqarApiNetwork]} - zaqar::message_store: {get_param: ZaqarMessageStore} - zaqar::management_store: {get_param: ZaqarManagementStore} - - - if: - - zaqar_messaging_store_swift - - - zaqar::messaging::swift::uri: - list_join: - - '' - - ['swift://zaqar:', {get_param: ZaqarPassword}, '@/service'] - zaqar::messaging::swift::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } - tripleo::profile::base::zaqar::messaging_store: 'swift' - - {} - - - if: - - zaqar_management_store_sqlalchemy - - - tripleo::profile::base::zaqar::management_store: 'sqlalchemy' - zaqar::management::sqlalchemy::uri: - make_url: - scheme: {get_param: [EndpointMap, MysqlInternal, protocol]} - username: zaqar - password: {get_param: ZaqarPassword} - host: {get_param: [EndpointMap, MysqlInternal, host]} - path: /zaqar - query: - read_default_file: /etc/my.cnf.d/tripleo.cnf - read_default_group: tripleo - - {} - - - if: - - zaqar_workers_zero - - {} - - zaqar::wsgi::apache::workers: {get_param: ZaqarWorkers} - service_config_settings: - map_merge: - - keystone: - zaqar::keystone::auth::password: {get_param: ZaqarPassword} - zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]} - zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]} - zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]} - zaqar::keystone::auth::region: {get_param: KeystoneRegion} - zaqar::keystone::auth::tenant: 'service' - zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword} - zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]} - zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]} - zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]} - zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion} - zaqar::keystone::auth_websocket::tenant: 'service' - - - if: - - zaqar_management_store_sqlalchemy - - mysql: - zaqar::db::mysql::user: zaqar - zaqar::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} - zaqar::db::mysql::dbname: zaqar - zaqar::db::mysql::password: {get_param: ZaqarPassword} - zaqar::db::mysql::allowed_hosts: - - '%' - - "%{hiera('mysql_bind_host')}" - - {} - step_config: | - include ::tripleo::profile::base::zaqar - metadata_settings: - get_attr: [ApacheServiceBase, role_data, metadata_settings] - upgrade_tasks: - yaql: - expression: $.data.apache_upgrade + $.data.zaqar_upgrade - data: - apache_upgrade: - get_attr: [ApacheServiceBase, role_data, upgrade_tasks] - zaqar_upgrade: - - name: Check if zaqar is deployed - command: systemctl is-enabled openstack-zaqar - tags: common - ignore_errors: True - register: zaqar_enabled - - name: "PreUpgrade step0,validation: Check if openstack-zaqar is running" - shell: > - /usr/bin/systemctl show 'openstack-zaqar' --property ActiveState | - grep '\bactive\b' - when: zaqar_enabled.rc == 0 - tags: step0,validation - - name: Check for zaqar running under apache (post upgrade) - tags: step1 - shell: "httpd -t -D DUMP_VHOSTS | grep -q zaqar_wsgi" - register: zaqar_apache - ignore_errors: true - - name: Stop zaqar service (running under httpd) - tags: step1 - service: name=httpd state=stopped - when: zaqar_apache.rc == 0 - - name: Stop and disable zaqar service (pre-upgrade not under httpd) - tags: step1 - when: zaqar_enabled.rc == 0 - service: name=openstack-zaqar state=stopped enabled=no - - name: Install openstack-zaqar package if it was disabled - tags: step3 - yum: name=openstack-zaqar state=latest - when: zaqar_enabled.rc != 0 diff --git a/releasenotes/notes/Change-zaqar-profile-path-7b00c68c0812fb3d.yaml b/releasenotes/notes/Change-zaqar-profile-path-7b00c68c0812fb3d.yaml new file mode 100644 index 00000000..52db34b6 --- /dev/null +++ b/releasenotes/notes/Change-zaqar-profile-path-7b00c68c0812fb3d.yaml @@ -0,0 +1,6 @@ +--- +upgrade: + - | + The path to the zaqar profile has changed from puppet/services/zaqar.yaml to + puppet/services/zaqar-api.yaml. Make sure to update any references to this + in the resource registry. -- cgit 1.2.3-korg