diff options
author | liyuenan <liyuenan@huawei.com> | 2016-12-19 11:06:36 +0800 |
---|---|---|
committer | liyuenan <liyuenan@huawei.com> | 2016-12-20 15:05:03 +0800 |
commit | 819912d0379f6cd2b2693c2968576f7514a117c5 (patch) | |
tree | e24d274484fa1ec8976c9f1bd44f5ee6e445724b /deploy/adapters/ansible/openstack_mitaka | |
parent | eb5dbdac42b1b7b775fbc1dc513376425a6898ff (diff) |
master only support newton
JIRA: COMPASS-513
Remove other roles and ppa, master only support newton.
Change-Id: I47ddb16baa25902c3e05cc7f9d0d6430f5dc7e00
Signed-off-by: liyuenan <liyuenan@huawei.com>
Diffstat (limited to 'deploy/adapters/ansible/openstack_mitaka')
87 files changed, 0 insertions, 5086 deletions
diff --git a/deploy/adapters/ansible/openstack_mitaka/.gitkeep b/deploy/adapters/ansible/openstack_mitaka/.gitkeep deleted file mode 100644 index e69de29b..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/.gitkeep +++ /dev/null diff --git a/deploy/adapters/ansible/openstack_mitaka/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack_mitaka/HA-ansible-multinodes.yml deleted file mode 100644 index c04445d8..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/HA-ansible-multinodes.yml +++ /dev/null @@ -1,265 +0,0 @@ ---- -- hosts: all - remote_user: root - pre_tasks: - - name: make sure ssh dir exist - file: - path: '{{ item.path }}' - owner: '{{ item.owner }}' - group: '{{ item.group }}' - state: directory - mode: 0755 - with_items: - - path: /root/.ssh - owner: root - group: root - - - name: write ssh config - copy: - content: "UserKnownHostsFile /dev/null\nStrictHostKeyChecking no" - dest: '{{ item.dest }}' - owner: '{{ item.owner }}' - group: '{{ item.group }}' - mode: 0600 - with_items: - - dest: /root/.ssh/config - owner: root - group: root - - - name: generate ssh keys - shell: if [ ! -f ~/.ssh/id_rsa.pub ]; then ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N ""; else echo "already gen ssh key!"; fi; - - - name: fetch ssh keys - fetch: src=/root/.ssh/id_rsa.pub dest=/tmp/ssh-keys-{{ ansible_hostname }} flat=yes - - - authorized_key: - user: root - key: "{{ lookup('file', 'item') }}" - with_fileglob: - - /tmp/ssh-keys-* - max_fail_percentage: 0 - roles: - - common - -- hosts: all - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - setup-network - -- hosts: ha - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - ha - -- hosts: controller - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - memcached - - apache - - database - - mq - - keystone - - nova-controller - - neutron-controller - - cinder-controller - - glance - - neutron-common - - neutron-network - - ceilometer_controller -# - ext-network - - dashboard - - heat - - aodh - -- hosts: all - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - storage - -- hosts: compute - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - nova-compute - - neutron-compute - - cinder-volume - - ceilometer_compute - -- hosts: all - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - secgroup - -- hosts: ceph_adm - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: [] - # - ceph-deploy - -- hosts: ceph - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - ceph-purge - - ceph-config - -- hosts: ceph_mon - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - ceph-mon - -- hosts: ceph_osd - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - ceph-osd - -- hosts: ceph - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - ceph-openstack - -- hosts: all - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - monitor - - -- hosts: all - remote_user: root - accelerate: true - max_fail_percentage: 0 - tasks: - - name: set bash to nova - user: - name: nova - shell: /bin/bash - - - name: make sure ssh dir exist - file: - path: '{{ item.path }}' - owner: '{{ item.owner }}' - group: '{{ item.group }}' - state: directory - mode: 0755 - with_items: - - path: /var/lib/nova/.ssh - owner: nova - group: nova - - - name: copy ssh keys for nova - shell: cp -rf /root/.ssh/id_rsa /var/lib/nova/.ssh; - - - name: write ssh config - copy: - content: "UserKnownHostsFile /dev/null\nStrictHostKeyChecking no" - dest: '{{ item.dest }}' - owner: '{{ item.owner }}' - group: '{{ item.group }}' - mode: 0600 - with_items: - - dest: /var/lib/nova/.ssh/config - owner: nova - group: nova - - - authorized_key: - user: nova - key: "{{ lookup('file', 'item') }}" - with_fileglob: - - /tmp/ssh-keys-* - - - name: chown ssh file - shell: chown -R nova:nova /var/lib/nova/.ssh; - - -- hosts: all - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - odl_cluster - -- hosts: all - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - onos_cluster - -- hosts: all - remote_user: root - sudo: True - max_fail_percentage: 0 - roles: - - open-contrail - -- hosts: all - remote_user: root - accelerate: true - serial: 1 - max_fail_percentage: 0 - roles: - - odl_cluster_neutron - -- hosts: all - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - odl_cluster_post - -- hosts: controller - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - ext-network - -- hosts: controller - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - tacker - -- hosts: controller - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - boot-recovery - -- hosts: controller - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - controller-recovery - -- hosts: compute - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - compute-recovery - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/handlers/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/handlers/main.yml deleted file mode 100644 index b3399e0c..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/handlers/main.yml +++ /dev/null @@ -1,13 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- name: restart aodh services - service: name={{ item }} state=restarted enabled=yes - with_items: services | union(services_noarch) - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_config.yml b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_config.yml deleted file mode 100644 index e60d5338..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_config.yml +++ /dev/null @@ -1,14 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- name: aodh db sync - shell: su -s /bin/sh -c "aodh-dbsync" aodh - notify: - - restart aodh services - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_install.yml b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_install.yml deleted file mode 100644 index eb51fbea..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_install.yml +++ /dev/null @@ -1,31 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include_vars: "{{ ansible_os_family }}.yml" - -- name: install aodh packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: packages | union(packages_noarch) - -- name: update aodh conf - template: src={{ item }} dest=/etc/aodh/aodh.conf - backup=yes - with_items: - - aodh.conf.j2 -# - api_paste.ini.j2 -# - policy.json.j2 - notify: - - restart aodh services - -- name: write services to monitor list - lineinfile: dest=/opt/service create=yes line='{{ item }}' - with_items: services | union(services_noarch) - -- name: remove default sqlite db - shell: rm /var/lib/aodh/aodh.sqlite || touch aodh.sqllite.db.removed diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/main.yml deleted file mode 100644 index 9b61915f..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/main.yml +++ /dev/null @@ -1,23 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include: aodh_install.yml - tags: - - install - - aodh_install - - aodh - -- include: aodh_config.yml - when: inventory_hostname == groups['controller'][0] - tags: - - config - - aodh_config - - aodh - -- meta: flush_handlers diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/aodh.conf.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/aodh.conf.j2 deleted file mode 100644 index 752dd0f0..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/aodh.conf.j2 +++ /dev/null @@ -1,46 +0,0 @@ -{% set memcached_servers = [] %} -{% for host in haproxy_hosts.values() %} -{% set _ = memcached_servers.append('%s:11211'% host) %} -{% endfor %} -{% set memcached_servers = memcached_servers|join(',') %} - -[DEFAULT] -bind_host = {{ internal_ip }} -bind_port = 8042 -rpc_backend = rabbit -auth_strategy = keystone -debug = True - -[oslo_messaging_rabbit] -rabbit_hosts = {{ internal_vip.ip }} -rabbit_userid = {{ RABBIT_USER }} -rabbit_password = {{ RABBIT_PASS }} -#rabbit_use_ssl = false - -[database] -connection = mysql://aodh:{{ AODH_DBPASS }}@{{ db_host }}/aodh - -[keystone_authtoken] -auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 -auth_url = http://{{ internal_vip.ip }}:35357 -identity_uri = http://{{ internal_vip.ip }}:35357 -auth_plugin = password -project_domain_id = default -user_domain_id = default -project_name = service -username = aodh -password = {{ AODH_PASS }} -memcached_servers = {{ memcached_servers }} -token_cache_time = 300 -revocation_cache_time = 60 - -[service_credentials] -os_auth_url = http://{{ internal_vip.ip }}:5000/v2.0 -os_username = aodh -os_tenant_name = service -os_password = {{ AODH_PASS }} -os_endpoint_type = internalURL -os_region_name = RegionOne - -[api] -host = {{ internal_ip }} diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/api_paste.ini.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/api_paste.ini.j2 deleted file mode 100644 index 151789c4..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/api_paste.ini.j2 +++ /dev/null @@ -1,22 +0,0 @@ -# aodh API WSGI Pipeline -# Define the filters that make up the pipeline for processing WSGI requests -# Note: This pipeline is PasteDeploy's term rather than aodh's pipeline -# used for processing samples - -# Remove authtoken from the pipeline if you don't want to use keystone authentication -[pipeline:main] -pipeline = cors request_id authtoken api-server - -[app:api-server] -paste.app_factory = aodh.api.app:app_factory - -[filter:authtoken] -paste.filter_factory = keystonemiddleware.auth_token:filter_factory -oslo_config_project = aodh - -[filter:request_id] -paste.filter_factory = oslo_middleware:RequestId.factory - -[filter:cors] -paste.filter_factory = oslo_middleware.cors:filter_factory -oslo_config_project = aodh diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/policy.json.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/policy.json.j2 deleted file mode 100644 index 4fd873e9..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/policy.json.j2 +++ /dev/null @@ -1,20 +0,0 @@ -{ - "context_is_admin": "role:admin", - "segregation": "rule:context_is_admin", - "admin_or_owner": "rule:context_is_admin or project_id:%(project_id)s", - "default": "rule:admin_or_owner", - - "telemetry:get_alarm": "rule:admin_or_owner", - "telemetry:get_alarms": "rule:admin_or_owner", - "telemetry:query_alarm": "rule:admin_or_owner", - - "telemetry:create_alarm": "", - "telemetry:change_alarm": "rule:admin_or_owner", - "telemetry:delete_alarm": "rule:admin_or_owner", - - "telemetry:get_alarm_state": "rule:admin_or_owner", - "telemetry:change_alarm_state": "rule:admin_or_owner", - - "telemetry:alarm_history": "rule:admin_or_owner", - "telemetry:query_alarm_history": "rule:admin_or_owner" -} diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/vars/Debian.yml deleted file mode 100644 index bdf4655e..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/vars/Debian.yml +++ /dev/null @@ -1,22 +0,0 @@ -############################################################################# -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################# ---- -packages: - - aodh-api - - aodh-evaluator - - aodh-notifier - - aodh-listener - - aodh-expirer - - python-ceilometerclient - -services: - - aodh-api - - aodh-notifier - - aodh-evaluator - - aodh-listener diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/vars/RedHat.yml b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/vars/RedHat.yml deleted file mode 100644 index a0381c6b..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/vars/RedHat.yml +++ /dev/null @@ -1,22 +0,0 @@ -############################################################################# -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################# ---- -packages: - - openstack-aodh-api - - openstack-aodh-evaluator - - openstack-aodh-notifier - - openstack-aodh-listener - - openstack-aodh-expirer - - python-ceilometerclient - -services: - - openstack-aodh-api - - openstack-aodh-notifier - - openstack-aodh-evaluator - - openstack-aodh-listener diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/vars/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/vars/main.yml deleted file mode 100644 index b17f6ed0..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/vars/main.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -## Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -## -## All rights reserved. This program and the accompanying materials -## are made available under the terms of the Apache License, Version 2.0 -## which accompanies this distribution, and is available at -## http://www.apache.org/licenses/LICENSE-2.0 -############################################################################### ---- -packages_noarch: [] - -services_noarch: [] diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/apache/files/index.html b/deploy/adapters/ansible/openstack_mitaka/roles/apache/files/index.html deleted file mode 100644 index f083c4f1..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/apache/files/index.html +++ /dev/null @@ -1,10 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> -<html> - <head> - <title>Index</title> - </head> - <body> - <a href="/horizon">Openstack Dashboard</a> - </body> -</html> - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/apache/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/apache/tasks/main.yml deleted file mode 100755 index 44407bef..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/apache/tasks/main.yml +++ /dev/null @@ -1,38 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include_vars: "{{ ansible_os_family }}.yml" - -- name: install packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=latest update_cache=yes" - with_items: packages | union(packages_noarch) - -- name: assure listen port exist - template: - dest: '{{ apache_config_dir }}/ports.conf' - src: ports.conf.j2 - notify: - - restart apache related services - -- name: remove default listen port on centos - lineinfile: - dest: /etc/httpd/conf/httpd.conf - state: absent - regexp: 'Listen 80' - when: ansible_os_family == 'RedHat' - -- name: copy index.html file - copy: src=index.html dest=/var/www/html/index.html mode=0644 - when: ansible_os_family == 'RedHat' - -- name: copy index.html file - copy: src=index.html dest=/var/www/index.html mode=0644 - when: ansible_os_family == 'Debian' - -- meta: flush_handlers diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ceilometer_controller/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ceilometer_controller/vars/Debian.yml deleted file mode 100644 index b749ffaa..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ceilometer_controller/vars/Debian.yml +++ /dev/null @@ -1,37 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -ceilometer_packages: - - ceilometer-api - - ceilometer-collector - - ceilometer-agent-central - - ceilometer-agent-notification -# - ceilometer-alarm-evaluator -# - ceilometer-alarm-notifier - - python-ceilometerclient - -ceilometer_services: - - ceilometer-agent-central - - ceilometer-agent-notification - - ceilometer-api - - ceilometer-collector -# - ceilometer-alarm-evaluator -# - ceilometer-alarm-notifier - -ceilometer_configs_templates: - - src: ceilometer.j2 - dest: - - /etc/ceilometer/ceilometer.conf - - src: cinder.j2 - dest: - - /etc/cinder/cinder.conf - - src: glance.j2 - dest: - - /etc/glance/glance-api.conf - - /etc/glance/glance-registry.conf diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ceilometer_controller/vars/RedHat.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ceilometer_controller/vars/RedHat.yml deleted file mode 100644 index 6c5f53ec..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ceilometer_controller/vars/RedHat.yml +++ /dev/null @@ -1,36 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -ceilometer_packages: - - openstack-ceilometer-api - - openstack-ceilometer-collector - - openstack-ceilometer-central - - openstack-ceilometer-notification -# - openstack-ceilometer-alarm - - python-ceilometerclient - -ceilometer_services: - - openstack-ceilometer-central - - openstack-ceilometer-notification - - openstack-ceilometer-api - - openstack-ceilometer-collector -# - openstack-ceilometer-alarm-evaluator -# - openstack-ceilometer-alarm-notifier - -ceilometer_configs_templates: - - src: ceilometer.j2 - dest: - - /etc/ceilometer/ceilometer.conf - - src: cinder.j2 - dest: - - /etc/cinder/cinder.conf - - src: glance.j2 - dest: - - /etc/glance/glance-api.conf - - /etc/glance/glance-registry.conf diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-mon/tasks/install_mon.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ceph-mon/tasks/install_mon.yml deleted file mode 100644 index 0ad666a6..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-mon/tasks/install_mon.yml +++ /dev/null @@ -1,36 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## - -- include_vars: "{{ ansible_os_family }}.yml" - -- name: Create a default data directory - file: path="/var/lib/ceph/mon/ceph-{{ inventory_hostname }}" state="directory" - -- name: Populate the monitor daemon - shell: "ceph-mon --mkfs -i {{ inventory_hostname }} --monmap /tmp/monmap --keyring /tmp/ceph.mon.keyring" - -- name: Change ceph/mon dir owner to ceph - shell: "chown -R ceph:ceph /var/lib/ceph/mon" - when: ansible_os_family == "Debian" - -- name: Touch the done and auto start file - file: path="/var/lib/ceph/mon/ceph-{{ inventory_hostname }}/{{ item }}" state="touch" - with_items: - - "done" - - "{{ ceph_start_type }}" - -- name: start mon daemon - shell: "{{ ceph_start_script }}" - -- name: wait for creating osd keyring - wait_for: path=/var/lib/ceph/bootstrap-osd/ceph.keyring - -- name: fetch osd keyring - fetch: src="/var/lib/ceph/bootstrap-osd/ceph.keyring" dest="/tmp/ceph.osd.keyring" flat=yes - run_once: True diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-openstack/tasks/ceph_openstack_post.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ceph-openstack/tasks/ceph_openstack_post.yml deleted file mode 100644 index 2097ca57..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-openstack/tasks/ceph_openstack_post.yml +++ /dev/null @@ -1,19 +0,0 @@ -############################################################################## -## Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -## -## All rights reserved. This program and the accompanying materials -## are made available under the terms of the Apache License, Version 2.0 -## which accompanies this distribution, and is available at -## http://www.apache.org/licenses/LICENSE-2.0 -############################################################################### ---- -- name: get mount info - command: mount - register: mount_info - -- name: try unmount image nfs directory - shell: | - umount /var/lib/glance/images - sed -i '/\/var\/lib\/glance\/images/d' /etc/fstab - when: mount_info.stdout.find('images') != -1 - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-openstack/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ceph-openstack/tasks/main.yml deleted file mode 100644 index 06c3acb6..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-openstack/tasks/main.yml +++ /dev/null @@ -1,33 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -- include_vars: "{{ ansible_os_family }}.yml" - tags: - - ceph_deploy - - ceph_openstack_pre - - ceph_openstack_conf - - ceph_openstack_post - - ceph_openstack - -- include: ceph_openstack_pre.yml - tags: - - ceph_deploy - - ceph_openstack_pre - - ceph_openstack - -- include: ceph_openstack_conf.yml - tags: - - ceph_deploy - - ceph_openstack_conf - - ceph_openstack - -- include: ceph_openstack_post.yml - tags: - - ceph_deploy - - ceph_openstack_post - - ceph_openstack diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-osd/tasks/install_osd.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ceph-osd/tasks/install_osd.yml deleted file mode 100644 index 35e84cf8..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-osd/tasks/install_osd.yml +++ /dev/null @@ -1,42 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- - -- name: create osd lv and mount it on /var/local/osd - script: create_osd.sh - -- name: fetch osd keyring from ceph_adm - fetch: src="/var/lib/ceph/bootstrap-osd/ceph.keyring" dest="/tmp/ceph.osd.keyring" flat=yes - delegate_to: "{{ public_vip.ip }}" - when: compute_expansion - -- name: copy osd keyring - copy: src="/tmp/ceph.osd.keyring" dest="/var/lib/ceph/bootstrap-osd/ceph.keyring" - -- name: prepare osd disk - shell: ceph-disk prepare --fs-type xfs /var/local/osd - -- name: change local/osd dir owner to ceph - shell: chown ceph:ceph /var/local/osd - when: ansible_os_family == "Debian" - -- name: activate osd node - shell: ceph-disk activate /var/local/osd - -- name: enable ceph service - service: name=ceph enabled=yes - -- name: rebuild osd after reboot - lineinfile: dest=/etc/init/ceph-osd-all-starter.conf insertafter="^task" line="pre-start script\n set -e\n /opt/setup_storage/losetup.sh\n sleep 3\n mount /dev/storage-volumes/ceph0 /var/local/osd\nend script" - when: ansible_os_family == "Debian" - -- name: rebuild osd after reboot for centos - lineinfile: dest=/etc/init.d/ceph insertafter="^### END INIT INFO" line="\nsleep 1\nmount /dev/storage-volumes/ceph0 /var/local/osd" - when: ansible_os_family == "RedHat" - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-purge/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ceph-purge/tasks/main.yml deleted file mode 100644 index 02013762..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-purge/tasks/main.yml +++ /dev/null @@ -1,37 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -- name: clear tmp files - local_action: shell rm -rf /tmp/ceph* - tags: - - ceph_purge - - ceph_deploy - -- name: install ceph-related packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: - - ceph-deploy - tags: - - ceph_purge - - ceph_deploy - when: ansible_os_family == "Debian" - -- name: purge ceph - shell: "ceph-deploy purge {{ inventory_hostname }}; ceph-deploy purgedata {{ inventory_hostname }}; ceph-deploy forgetkeys" - tags: - - ceph_purge - - ceph_deploy - when: ansible_os_family == "Debian" - -- name: remove monmap - file: path="/tmp/monmap" state="absent" - tags: - - ceph_purge - - ceph_deploy - - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/files/congress.conf b/deploy/adapters/ansible/openstack_mitaka/roles/congress/files/congress.conf deleted file mode 100755 index 22a64a66..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/files/congress.conf +++ /dev/null @@ -1,37 +0,0 @@ -description "OpenStack Congress Server" -author "Thomas Goirand <zigo@debian.org>" - -start on runlevel [2345] -stop on runlevel [!2345] - -chdir /var/run - -respawn -respawn limit 20 5 -limit nofile 65535 65535 - -pre-start script - for i in lock run log lib ; do - mkdir -p /var/$i/congress - chown root /var/$i/congress - done -end script - -script - [ -x "/usr/local/bin/congress-server" ] || exit 0 - DAEMON_ARGS="" - CONFIG_FILE="/etc/congress/congress.conf" - USE_SYSLOG="" - USE_LOGFILE="" - NO_OPENSTACK_CONFIG_FILE_DAEMON_ARG="" - [ -r /etc/default/openstack ] && . /etc/default/openstack - [ -r /etc/default/$UPSTART_JOB ] && . /etc/default/$UPSTART_JOB - [ "x$USE_SYSLOG" = "xyes" ] && DAEMON_ARGS="$DAEMON_ARGS --use-syslog" - [ "x$USE_LOGFILE" != "xno" ] && DAEMON_ARGS="$DAEMON_ARGS --log-file=/var/log/congress/congress.log" - [ -z "$NO_OPENSTACK_CONFIG_FILE_DAEMON_ARG" ] && DAEMON_ARGS="$DAEMON_ARGS --config-file=$CONFIG_FILE" - - exec start-stop-daemon --start --chdir /var/lib/congress \ - --chuid root:root --make-pidfile --pidfile /var/run/congress/congress.pid \ - --exec /usr/local/bin/congress-server -- ${DAEMON_ARGS} -end script - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/files/congress.service b/deploy/adapters/ansible/openstack_mitaka/roles/congress/files/congress.service deleted file mode 100755 index 23db7b0e..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/files/congress.service +++ /dev/null @@ -1,19 +0,0 @@ -[Unit] -Description=OpenStack Congress server -After= - -[Service] -User=root -Group=root -Type=simple -WorkingDirectory=/var/lib/congress -PermissionsStartOnly=true -ExecStartPre=/bin/mkdir -p /var/lock/congress /var/log/congress /var/lib/congress -ExecStartPre=/usr/bin/touch /var/log/congress/congress.log -ExecStart=/usr/bin/congress-server --config-file /etc/congress/congress.conf -Restart=on-failure -LimitNOFILE=65535 -TimeoutStopSec=15 - -[Install] -WantedBy=multi-user.target diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/handlers/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/congress/handlers/main.yml deleted file mode 100755 index cf535a11..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/handlers/main.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- name: restart congress services - service: name={{ item }} state=restarted enabled=yes - with_items: services | union(services_noarch) diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_config_debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_config_debian.yml deleted file mode 100755 index c5d7cce7..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_config_debian.yml +++ /dev/null @@ -1,31 +0,0 @@ -############################################################################## -## Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -## -## All rights reserved. This program and the accompanying materials -## are made available under the terms of the Apache License, Version 2.0 -## which accompanies this distribution, and is available at -## http://www.apache.org/licenses/LICENSE-2.0 -############################################################################### ---- -- name: upgrade openstackclient - pip: name=python-openstackclient state=latest - -- name: create congress service - copy: src=congress.conf dest=/etc/init - -- name: create congress service work dir - file: path=/var/lib/congress state=directory - -- name: link the congress service - file: - src: /etc/init/congress.conf - dest: /etc/init.d/congress - state: link - -- name: congress db sync - shell: /usr/local/bin/congress-db-manage --config-file /etc/congress/congress.conf upgrade head - when: inventory_hostname == haproxy_hosts.keys()[0] - -- name: start congress service - shell: service congress start - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_config_redhat.yml b/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_config_redhat.yml deleted file mode 100755 index e922c508..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_config_redhat.yml +++ /dev/null @@ -1,31 +0,0 @@ -############################################################################## -## Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -## -## All rights reserved. This program and the accompanying materials -## are made available under the terms of the Apache License, Version 2.0 -## which accompanies this distribution, and is available at -## http://www.apache.org/licenses/LICENSE-2.0 -############################################################################### ---- -- name: upgrade openstackclient - pip: name=python-openstackclient state=latest - -- name: create congress service - copy: src=congress.service dest=/lib/systemd/system/ - -- name: create congress service work dir - file: path=/var/lib/congress state=directory - -- name: link the congress service - file: - src: /lib/systemd/system/congress.service - dest: /etc/systemd/system/multi-user.target.wants/congress.service - state: link - -- name: congress db sync - shell: /usr/bin/congress-db-manage --config-file /etc/congress/congress.conf upgrade head - when: inventory_hostname == haproxy_hosts.keys()[0] - -- name: start congress service - shell: service congress start - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_db.yml b/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_db.yml deleted file mode 100755 index 1883509b..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_db.yml +++ /dev/null @@ -1,28 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- name: create congress db - mysql_db: - login_unix_socket: /var/run/mysqld/mysqld.sock - name: "{{ item.db }}" - state: present - with_items: "{{ credentials }}" - -- name: create congress db user - mysql_user: - login_unix_socket: /var/run/mysqld/mysqld.sock - name: "{{ item[0].user }}" - password: "{{ item[0].password }}" - priv: "*.*:ALL,GRANT" - host: "{{ item[1] }}" - state: present - with_nested: - - "{{ credentials }}" - - ['%', 'localhost'] - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_install.yml b/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_install.yml deleted file mode 100755 index 65daff3e..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/congress_install.yml +++ /dev/null @@ -1,25 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include_vars: "{{ ansible_os_family }}.yml" - -- name: install congress packages - pip: name={{ item }} state=present - with_items: packages - -- name: create congress etc directory - file: path=/etc/congress state=directory - -- name: update congress conf - template: src={{ item }} dest=/etc/congress/{{ item }} - backup=yes - with_items: - - congress.conf - - api-paste.ini - - policy.json diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/main.yml deleted file mode 100755 index 2cbd619c..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/tasks/main.yml +++ /dev/null @@ -1,20 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include: congress_install.yml - -- include: congress_db.yml - when: - - inventory_hostname == haproxy_hosts.keys()[0] - -- include: congress_config_debian.yml - when: ansible_os_family == "Debian" - -- include: congress_config_redhat.yml - when: ansible_os_family == "RedHat" diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/templates/api-paste.ini b/deploy/adapters/ansible/openstack_mitaka/roles/congress/templates/api-paste.ini deleted file mode 100755 index 39be570b..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/templates/api-paste.ini +++ /dev/null @@ -1,34 +0,0 @@ -[composite:congress] -use = egg:Paste#urlmap -/: congressversions -/v1: congress_api_v1 - -[pipeline:congressversions] -pipeline = cors catch_errors congressversionapp - -[app:congressversionapp] -paste.app_factory = congress.api.versions:Versions.factory - -[composite:congress_api_v1] -use = call:congress.auth:pipeline_factory -keystone = cors request_id catch_errors authtoken keystonecontext congress_api -noauth = cors request_id catch_errors congress_api - -[app:congress_api] -paste.app_factory = congress.service:congress_app_factory - -[filter:request_id] -paste.filter_factory = oslo_middleware:RequestId.factory - -[filter:catch_errors] -paste.filter_factory = oslo_middleware:CatchErrors.factory - -[filter:keystonecontext] -paste.filter_factory = congress.auth:CongressKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystonemiddleware.auth_token:filter_factory - -[filter:cors] -paste.filter_factory = oslo_middleware.cors:filter_factory -oslo_config_project = congress diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/templates/congress.conf b/deploy/adapters/ansible/openstack_mitaka/roles/congress/templates/congress.conf deleted file mode 100755 index 0305b418..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/templates/congress.conf +++ /dev/null @@ -1,510 +0,0 @@ -{% set memcached_servers = [] %} -{% set rabbitmq_servers = [] %} -{% for host in haproxy_hosts.values() %} -{% set _ = memcached_servers.append('%s:11211'% host) %} -{% set _ = rabbitmq_servers.append('%s:5672'% host) %} -{% endfor %} -{% set memcached_servers = memcached_servers|join(',') %} -{% set rabbitmq_servers = rabbitmq_servers|join(',') %} -[DEFAULT] - -# -# From congress -# -# The host IP to bind to (string tmq_serversvalue) -bind_host = {{ internal_ip }} - -# The port to bind to (port value) -# Minimum value: 0 -# Maximum value: 65535 -bind_port = 1789 - -# Thread pool size for eventlet. (integer value) -#max_simultaneous_requests = 1024 - -# Set this to true to enable TCP_KEEALIVE socket option on connections received -# by the API server. (boolean value) -#tcp_keepalive = false - -# Sets the value of TCP_KEEPIDLE in seconds for each server socket. Only -# applies if tcp_keepalive is true. Not supported on OS X. (integer value) -#tcp_keepidle = 600 - -# The path to the latest policy dump (string value) -policy_path = /etc/congress/policy.json - -# The file containing datasource configuration (string value) -#datasource_file = <None> - -# The absolute path to the congress repo (string value) -#root_path = <None> - -# The number of worker processes to serve the congress API application. -# (integer value) -#api_workers = 1 - -# The API paste config file to use (string value) -#api_paste_config = api-paste.ini - -# The type of authentication to use (string value) -auth_strategy = keystone - -# List of driver class paths to import. (list value) -drivers = congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources.keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver,congress.datasources.swift_driver.SwiftDriver,congress.datasources.plexxi_driver.PlexxiDriver,congress.datasources.vCenter_driver.VCenterDriver,congress.datasources.cloudfoundryv2_driver.CloudFoundryV2Driver,congress.datasources.murano_driver.MuranoDriver,congress.datasources.ironic_driver.IronicDriver - - -# The number of seconds to wait between synchronizing datasource config from -# the database (integer value) -#datasource_sync_period = 0 - -# Sets the flag to False if you don't want the congress to execute actions. -# (boolean value) -#enable_execute_action = true - -# The flag to use congress new distributed architecture.Don't set it to True in -# L release since the new architecture is under implementation. (boolean value) -#distributed_architecture = false - -# Explicitly specify the temporary working directory (string value) -#tempdir = <None> - -# Make exception message format errors fatal (boolean value) -#fatal_exception_format_errors = false - -# -# From oslo.log -# - -# If set to true, the logging level will be set to DEBUG instead of the default -# INFO level. (boolean value) -# Note: This option can be changed without restarting. -debug = True - -# DEPRECATED: If set to false, the logging level will be set to WARNING instead -# of the default INFO level. (boolean value) -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -#verbose = true - -# The name of a logging configuration file. This file is appended to any -# existing logging configuration files. For details about logging configuration -# files, see the Python logging module documentation. Note that when logging -# configuration files are used then all logging configuration is set in the -# configuration file and other logging configuration options are ignored (for -# example, logging_context_format_string). (string value) -# Note: This option can be changed without restarting. -# Deprecated group/name - [DEFAULT]/log_config -#log_config_append = <None> - -# Defines the format string for %%(asctime)s in log records. Default: -# %(default)s . This option is ignored if log_config_append is set. (string -# value) -#log_date_format = %Y-%m-%d %H:%M:%S - -# (Optional) Name of log file to send logging output to. If no default is set, -# logging will go to stderr as defined by use_stderr. This option is ignored if -# log_config_append is set. (string value) -# Deprecated group/name - [DEFAULT]/logfile -log_file = congress.log - -# (Optional) The base directory used for relative log_file paths. This option -# is ignored if log_config_append is set. (string value) -# Deprecated group/name - [DEFAULT]/logdir -log_dir = /var/log/congress - -# Uses logging handler designed to watch file system. When log file is moved or -# removed this handler will open a new log file with specified path -# instantaneously. It makes sense only if log_file option is specified and -# Linux platform is used. This option is ignored if log_config_append is set. -# (boolean value) -#watch_log_file = false - -# Use syslog for logging. Existing syslog format is DEPRECATED and will be -# changed later to honor RFC5424. This option is ignored if log_config_append -# is set. (boolean value) -#use_syslog = false - -# Syslog facility to receive log lines. This option is ignored if -# log_config_append is set. (string value) -#syslog_log_facility = LOG_USER - -# Log output to standard error. This option is ignored if log_config_append is -# set. (boolean value) -#use_stderr = true - -# Format string to use for log messages with context. (string value) -#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s - -# Format string to use for log messages when context is undefined. (string -# value) -#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s - -# Additional data to append to log message when logging level for the message -# is DEBUG. (string value) -#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d - -# Prefix each line of exception output with this format. (string value) -#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s - -# Defines the format string for %(user_identity)s that is used in -# logging_context_format_string. (string value) -#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s - -# List of package logging levels in logger=LEVEL pairs. This option is ignored -# if log_config_append is set. (list value) -#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO - -# Enables or disables publication of error events. (boolean value) -#publish_errors = false - -# The format for an instance that is passed with the log message. (string -# value) -#instance_format = "[instance: %(uuid)s] " - -# The format for an instance UUID that is passed with the log message. (string -# value) -#instance_uuid_format = "[instance: %(uuid)s] " - -# Enables or disables fatal status of deprecations. (boolean value) -#fatal_deprecations = false - - -[cors] - -# -# From oslo.middleware.cors -# - -# Indicate whether this resource may be shared with the domain received in the -# requests "origin" header. Format: "<protocol>://<host>[:<port>]", no trailing -# slash. Example: https://horizon.example.com (list value) -#allowed_origin = <None> - -# Indicate that the actual request can include user credentials (boolean value) -#allow_credentials = true - -# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple -# Headers. (list value) -#expose_headers = X-Auth-Token,X-OpenStack-Request-ID,X-Subject-Token,X-Service-Token - -# Maximum cache age of CORS preflight requests. (integer value) -#max_age = 3600 - -# Indicate which methods can be used during the actual request. (list value) -#allow_methods = GET,PUT,POST,DELETE,PATCH - -# Indicate which header field names may be used during the actual request. -# (list value) -#allow_headers = X-Auth-Token,X-OpenStack-Request-ID,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id - - -[cors.subdomain] - -# -# From oslo.middleware.cors -# - -# Indicate whether this resource may be shared with the domain received in the -# requests "origin" header. Format: "<protocol>://<host>[:<port>]", no trailing -# slash. Example: https://horizon.example.com (list value) -#allowed_origin = <None> - -# Indicate that the actual request can include user credentials (boolean value) -#allow_credentials = true - -# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple -# Headers. (list value) -#expose_headers = X-Auth-Token,X-OpenStack-Request-ID,X-Subject-Token,X-Service-Token - -# Maximum cache age of CORS preflight requests. (integer value) -#max_age = 3600 - -# Indicate which methods can be used during the actual request. (list value) -#allow_methods = GET,PUT,POST,DELETE,PATCH - -# Indicate which header field names may be used during the actual request. -# (list value) -#allow_headers = X-Auth-Token,X-OpenStack-Request-ID,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id - - -[database] - -# -# From oslo.db -# - -# DEPRECATED: The file name to use with SQLite. (string value) -# Deprecated group/name - [DEFAULT]/sqlite_db -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -# Reason: Should use config option connection or slave_connection to connect -# the database. -#sqlite_db = oslo.sqlite - -# If True, SQLite uses synchronous mode. (boolean value) -# Deprecated group/name - [DEFAULT]/sqlite_synchronous -#sqlite_synchronous = true - -# The back end to use for the database. (string value) -# Deprecated group/name - [DEFAULT]/db_backend -#backend = sqlalchemy - -# The SQLAlchemy connection string to use to connect to the database. (string -# value) -# Deprecated group/name - [DEFAULT]/sql_connection -# Deprecated group/name - [DATABASE]/sql_connection -# Deprecated group/name - [sql]/connection -connection = mysql+pymysql://congress:{{ CONGRESS_DBPASS }}@{{ db_host }}/congress - -# The SQLAlchemy connection string to use to connect to the slave database. -# (string value) -#slave_connection = <None> - -# The SQL mode to be used for MySQL sessions. This option, including the -# default, overrides any server-set SQL mode. To use whatever SQL mode is set -# by the server configuration, set this to no value. Example: mysql_sql_mode= -# (string value) -#mysql_sql_mode = TRADITIONAL - -# Timeout before idle SQL connections are reaped. (integer value) -# Deprecated group/name - [DEFAULT]/sql_idle_timeout -# Deprecated group/name - [DATABASE]/sql_idle_timeout -# Deprecated group/name - [sql]/idle_timeout -#idle_timeout = 3600 - -# Minimum number of SQL connections to keep open in a pool. (integer value) -# Deprecated group/name - [DEFAULT]/sql_min_pool_size -# Deprecated group/name - [DATABASE]/sql_min_pool_size -#min_pool_size = 1 - -# Maximum number of SQL connections to keep open in a pool. Setting a value of -# 0 indicates no limit. (integer value) -# Deprecated group/name - [DEFAULT]/sql_max_pool_size -# Deprecated group/name - [DATABASE]/sql_max_pool_size -#max_pool_size = 5 - -# Maximum number of database connection retries during startup. Set to -1 to -# specify an infinite retry count. (integer value) -# Deprecated group/name - [DEFAULT]/sql_max_retries -# Deprecated group/name - [DATABASE]/sql_max_retries -#max_retries = 10 - -# Interval between retries of opening a SQL connection. (integer value) -# Deprecated group/name - [DEFAULT]/sql_retry_interval -# Deprecated group/name - [DATABASE]/reconnect_interval -#retry_interval = 10 - -# If set, use this value for max_overflow with SQLAlchemy. (integer value) -# Deprecated group/name - [DEFAULT]/sql_max_overflow -# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow -#max_overflow = 50 - -# Verbosity of SQL debugging information: 0=None, 100=Everything. (integer -# value) -# Minimum value: 0 -# Maximum value: 100 -# Deprecated group/name - [DEFAULT]/sql_connection_debug -#connection_debug = 0 - -# Add Python stack traces to SQL as comment strings. (boolean value) -# Deprecated group/name - [DEFAULT]/sql_connection_trace -#connection_trace = false - -# If set, use this value for pool_timeout with SQLAlchemy. (integer value) -# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout -#pool_timeout = <None> - -# Enable the experimental use of database reconnect on connection lost. -# (boolean value) -#use_db_reconnect = false - -# Seconds between retries of a database transaction. (integer value) -#db_retry_interval = 1 - -# If True, increases the interval between retries of a database operation up to -# db_max_retry_interval. (boolean value) -#db_inc_retry_interval = true - -# If db_inc_retry_interval is set, the maximum seconds between retries of a -# database operation. (integer value) -#db_max_retry_interval = 10 - -# Maximum retries in case of connection error or deadlock error before error is -# raised. Set to -1 to specify an infinite retry count. (integer value) -#db_max_retries = 20 - - -[keystone_authtoken] - -# -# From keystonemiddleware.auth_token -# - -# Complete "public" Identity API endpoint. This endpoint should not be an -# "admin" endpoint, as it should be accessible by all end users. -# Unauthenticated clients are redirected to this endpoint to authenticate. -# Although this endpoint should ideally be unversioned, client support in the -# wild varies. If you're using a versioned v2 endpoint here, then this should -# *not* be the same endpoint the service user utilizes for validating tokens, -# because normal end users may not be able to reach that endpoint. (string -# value) -auth_uri = http://{{ internal_vip.ip }}:5000 -auth_url = http://{{ internal_vip.ip }}:35357 -memcached_servers = {{ memcached_servers }} -project_name = service -password = {{ CONGRESS_PASS }} -username = congress -auth_type = password -# API version of the admin Identity API endpoint. (string value) - -# Do not handle authorization requests within the middleware, but delegate the -# authorization decision to downstream WSGI components. (boolean value) -#delay_auth_decision = false - -# Request timeout value for communicating with Identity API server. (integer -# value) -#http_connect_timeout = <None> - -# How many times are we trying to reconnect when communicating with Identity -# API Server. (integer value) -#http_request_max_retries = 3 - -# Request environment key where the Swift cache object is stored. When -# auth_token middleware is deployed with a Swift cache, use this option to have -# the middleware share a caching backend with swift. Otherwise, use the -# ``memcached_servers`` option instead. (string value) -#cache = <None> - -# Required if identity server requires client certificate (string value) -#certfile = <None> - -# Required if identity server requires client certificate (string value) -#keyfile = <None> - -# A PEM encoded Certificate Authority to use when verifying HTTPs connections. -# Defaults to system CAs. (string value) -#cafile = <None> - -# Verify HTTPS connections. (boolean value) -#insecure = false - -# The region in which the identity server can be found. (string value) -#region_name = <None> - -# Directory used to cache files related to PKI tokens. (string value) -#signing_dir = <None> - -# Optionally specify a list of memcached server(s) to use for caching. If left -# undefined, tokens will instead be cached in-process. (list value) -# Deprecated group/name - [keystone_authtoken]/memcache_servers -#memcached_servers = <None> - -# In order to prevent excessive effort spent validating tokens, the middleware -# caches previously-seen tokens for a configurable duration (in seconds). Set -# to -1 to disable caching completely. (integer value) -#token_cache_time = 300 - -# Determines the frequency at which the list of revoked tokens is retrieved -# from the Identity service (in seconds). A high number of revocation events -# combined with a low cache duration may significantly reduce performance. Only -# valid for PKI tokens. (integer value) -#revocation_cache_time = 10 - -# (Optional) If defined, indicate whether token data should be authenticated or -# authenticated and encrypted. If MAC, token data is authenticated (with HMAC) -# in the cache. If ENCRYPT, token data is encrypted and authenticated in the -# cache. If the value is not one of these options or empty, auth_token will -# raise an exception on initialization. (string value) -# Allowed values: None, MAC, ENCRYPT -#memcache_security_strategy = None - -# (Optional, mandatory if memcache_security_strategy is defined) This string is -# used for key derivation. (string value) -#memcache_secret_key = <None> - -# (Optional) Number of seconds memcached server is considered dead before it is -# tried again. (integer value) -#memcache_pool_dead_retry = 300 - -# (Optional) Maximum total number of open connections to every memcached -# server. (integer value) -#memcache_pool_maxsize = 10 - -# (Optional) Socket timeout in seconds for communicating with a memcached -# server. (integer value) -#memcache_pool_socket_timeout = 3 - -# (Optional) Number of seconds a connection to memcached is held unused in the -# pool before it is closed. (integer value) -#memcache_pool_unused_timeout = 60 - -# (Optional) Number of seconds that an operation will wait to get a memcached -# client connection from the pool. (integer value) -#memcache_pool_conn_get_timeout = 10 - -# (Optional) Use the advanced (eventlet safe) memcached client pool. The -# advanced pool will only work under python 2.x. (boolean value) -#memcache_use_advanced_pool = false - -# (Optional) Indicate whether to set the X-Service-Catalog header. If False, -# middleware will not ask for service catalog on token validation and will not -# set the X-Service-Catalog header. (boolean value) -#include_service_catalog = true - -# Used to control the use and type of token binding. Can be set to: "disabled" -# to not check token binding. "permissive" (default) to validate binding -# information if the bind type is of a form known to the server and ignore it -# if not. "strict" like "permissive" but if the bind type is unknown the token -# will be rejected. "required" any form of token binding is needed to be -# allowed. Finally the name of a binding method that must be present in tokens. -# (string value) -#enforce_token_bind = permissive - -# If true, the revocation list will be checked for cached tokens. This requires -# that PKI tokens are configured on the identity server. (boolean value) -#check_revocations_for_cached = false - -# Hash algorithms to use for hashing PKI tokens. This may be a single algorithm -# or multiple. The algorithms are those supported by Python standard -# hashlib.new(). The hashes will be tried in the order given, so put the -# preferred one first for performance. The result of the first hash will be -# stored in the cache. This will typically be set to multiple values only while -# migrating from a less secure algorithm to a more secure one. Once all the old -# tokens are expired this option should be set to a single value for better -# performance. (list value) -#hash_algorithms = md5 - -# Authentication type to load (string value) -# Deprecated group/name - [keystone_authtoken]/auth_plugin -#auth_type = <None> - -# Config Section from which to load plugin specific options (string value) -#auth_section = <None> - - -[oslo_policy] - -# -# From oslo.policy -# - -# The JSON file that defines policies. (string value) -# Deprecated group/name - [DEFAULT]/policy_file -#policy_file = policy.json - -# Default rule. Enforced when a requested rule is not found. (string value) -# Deprecated group/name - [DEFAULT]/policy_default_rule -#policy_default_rule = default - -# Directories where policy configuration files are stored. They can be relative -# to any directory in the search path defined by the config_dir option, or -# absolute paths. The file defined by policy_file must exist for these -# directories to be searched. Missing or empty directories are ignored. (multi -# valued) -# Deprecated group/name - [DEFAULT]/policy_dirs -#policy_dirs = policy.d - -[oslo_messaging_rabbit] -rabbit_userid = {{ RABBIT_USER }} -rabbit_password = {{ RABBIT_PASS }} -rabbit_hosts = {{ rabbitmq_servers }} diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/templates/policy.json b/deploy/adapters/ansible/openstack_mitaka/roles/congress/templates/policy.json deleted file mode 100755 index 4476051d..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/templates/policy.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "context_is_admin": "role:admin", - "admin_only": "rule:context_is_admin", - "regular_user": "", - "default": "rule:admin_only" -} diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/congress/vars/Debian.yml deleted file mode 100755 index 1cc4645e..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/vars/Debian.yml +++ /dev/null @@ -1,21 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -packages: - - congress - - python-congressclient - - python-cloudfoundryclient - -service: - - congress - -credentials: - - user: congress - db: congress - password: "{{ CONGRESS_DBPASS }}" diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/vars/RedHat.yml b/deploy/adapters/ansible/openstack_mitaka/roles/congress/vars/RedHat.yml deleted file mode 100755 index 15916e69..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/vars/RedHat.yml +++ /dev/null @@ -1,21 +0,0 @@ -############################################################################## -## Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -## -## All rights reserved. This program and the accompanying materials -## are made available under the terms of the Apache License, Version 2.0 -## which accompanies this distribution, and is available at -## http://www.apache.org/licenses/LICENSE-2.0 -############################################################################### ---- -packages: - - congress - - python-congressclient - - python-cloudfoundryclient - -service: - - congress - -credentials: - - user: congress - db: congress - password: "{{ CONGRESS_DBPASS }}" diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/congress/vars/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/congress/vars/main.yml deleted file mode 100755 index f6fef749..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/congress/vars/main.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -packages_noarch: [] - -services_noarch: [] diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/dashboard/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/dashboard/vars/Debian.yml deleted file mode 100644 index aaeb8cdb..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/dashboard/vars/Debian.yml +++ /dev/null @@ -1,17 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -packages: [] - -services: - - memcached - - apache2 - -apache_config_dir: /etc/apache2 -horizon_dir: /usr/share/openstack-dashboard/openstack_dashboard diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/database/templates/data.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/database/templates/data.j2 deleted file mode 100644 index 66c2fead..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/database/templates/data.j2 +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/sh -mysql -uroot -Dmysql <<EOF -drop database if exists keystone; -drop database if exists glance; -drop database if exists neutron; -drop database if exists nova; -drop database if exists cinder; -drop database if exists heat; -drop database if exists aodh; - -CREATE DATABASE keystone; -{% for host in ['%', 'localhost', inventory_hostname] %} -GRANT ALL ON keystone.* TO 'keystone'@'{{ host }}' IDENTIFIED BY '{{ KEYSTONE_DBPASS }}'; -{% endfor %} - -CREATE DATABASE glance; -{% for host in ['%', 'localhost', inventory_hostname] %} -GRANT ALL ON glance.* TO 'glance'@'{{ host }}' IDENTIFIED BY '{{ GLANCE_DBPASS }}'; -{% endfor %} - -CREATE DATABASE neutron; -{% for host in ['%', 'localhost', inventory_hostname] %} -GRANT ALL ON neutron.* TO 'neutron'@'{{ host }}' IDENTIFIED BY '{{ NEUTRON_DBPASS }}'; -{% endfor %} - -CREATE DATABASE nova; -{% for host in ['%', 'localhost', inventory_hostname] %} -GRANT ALL ON nova.* TO 'nova'@'{{ host }}' IDENTIFIED BY '{{ NOVA_DBPASS }}'; -{% endfor %} - -CREATE DATABASE cinder; -{% for host in ['%', 'localhost', inventory_hostname] %} -GRANT ALL ON cinder.* TO 'cinder'@'{{ host }}' IDENTIFIED BY '{{ CINDER_DBPASS }}'; -{% endfor %} - -CREATE DATABASE heat; -{% for host in ['%', 'localhost', inventory_hostname] %} -GRANT ALL ON heat.* TO 'heat'@'{{ host }}' IDENTIFIED BY '{{ HEAT_DBPASS }}'; -{% endfor %} - -CREATE DATABASE aodh; -{% for host in ['%', 'localhost', inventory_hostname] %} -GRANT ALL ON aodh.* TO 'aodh'@'{{ host }}' IDENTIFIED BY '{{ AODH_DBPASS }}'; -{% endfor %} - -{% if WSREP_SST_USER is defined %} -{% for host in ['%', 'localhost', inventory_hostname] %} -GRANT ALL ON *.* TO '{{ WSREP_SST_USER }}'@'{{ host }}' IDENTIFIED BY '{{ WSREP_SST_PASS }}'; -{% endfor %} -{% endif %} -EOF diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/database/vars/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/database/vars/main.yml deleted file mode 100644 index a32897f0..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/database/vars/main.yml +++ /dev/null @@ -1,39 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -packages_noarch: [] - -services_noarch: - - mysql - -credentials: - - user: keystone - db: keystone - password: "{{ KEYSTONE_DBPASS }}" - - user: neutron - db: neutron - password: "{{ NEUTRON_DBPASS }}" - - user: glance - db: glance - password: "{{ GLANCE_DBPASS }}" - - user: nova - db: nova_api - password: "{{ NOVA_DBPASS }}" - - user: nova - db: nova - password: "{{ NOVA_DBPASS }}" - - user: cinder - db: cinder - password: "{{ CINDER_DBPASS }}" - - user: heat - db: heat - password: "{{ HEAT_DBPASS }}" - - user: aodh - db: aodh - password: "{{ AODH_DBPASS }}" diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/handlers/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/handlers/main.yml deleted file mode 100644 index 36e39072..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/handlers/main.yml +++ /dev/null @@ -1,29 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- name: restart neutron-plugin-openvswitch-agent - service: name=neutron-openvswitch-agent state=restarted enabled=yes - when: "'opendaylight' not in {{ NEUTRON_MECHANISM_DRIVERS }}" - -- name: restart neutron-l3-agent - service: name=neutron-l3-agent state=restarted enabled=yes - -- name: kill dnsmasq - command: killall dnsmasq - ignore_errors: True - -- name: restart neutron-dhcp-agent - service: name=neutron-dhcp-agent state=restarted enabled=yes - -- name: restart neutron-metadata-agent - service: name=neutron-metadata-agent state=restarted enabled=yes - -- name: restart xorp - service: name=xorp state=restarted enabled=yes sleep=10 - ignore_errors: True diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/tasks/main.yml deleted file mode 100644 index b52b9178..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/tasks/main.yml +++ /dev/null @@ -1,56 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include_vars: "{{ ansible_os_family }}.yml" - -# FIXME: temporary workaround for openstack api access random failure -- name: restart api server - service: name={{ item }} state=restarted enabled=yes - with_items: api_services | union(api_services_noarch) - -- name: restart neutron server - service: name=neutron-server state=restarted enabled=yes - -- name: wait for neutron time - shell: "sleep 10" - -- name: create external net - neutron_network: - login_username: ADMIN - login_password: "{{ ADMIN_PASS }}" - login_tenant_name: admin - auth_url: "http://{{ internal_vip.ip }}:35357/v2.0" - name: "{{ public_net_info.network }}" - provider_network_type: "{{ public_net_info.type }}" - provider_physical_network: "{{ public_net_info.provider_network }}" - provider_segmentation_id: "{{ public_net_info.segment_id}}" - shared: false - router_external: yes - state: present - run_once: true - when: 'public_net_info.enable == True' - -- name: create external subnet - neutron_subnet: - login_username: ADMIN - login_password: "{{ ADMIN_PASS }}" - login_tenant_name: admin - auth_url: "http://{{ internal_vip.ip }}:35357/v2.0" - name: "{{ public_net_info.subnet }}" - network_name: "{{ public_net_info.network }}" - cidr: "{{ public_net_info.floating_ip_cidr }}" - enable_dhcp: "{{ public_net_info.enable_dhcp }}" - no_gateway: "{{ public_net_info.no_gateway }}" - gateway_ip: "{{ public_net_info.external_gw }}" - allocation_pool_start: "{{ public_net_info.floating_ip_start }}" - allocation_pool_end: "{{ public_net_info.floating_ip_end }}" - state: present - run_once: true - when: 'public_net_info.enable == True' - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/vars/Debian.yml deleted file mode 100644 index 0b5c78b6..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/vars/Debian.yml +++ /dev/null @@ -1,18 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -api_services: - - nova-api - - glance-api - - ceilometer-api - - heat-api - - heat-api-cfn - - aodh-api - - cinder-api - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/vars/RedHat.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/vars/RedHat.yml deleted file mode 100644 index 886401fd..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/vars/RedHat.yml +++ /dev/null @@ -1,17 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -api_services: - - openstack-nova-api - - openstack-glance-api - - openstack-ceilometer-api - - openstack-heat-api - - openstack-heat-api-cfn - - openstack-cinder-api - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/vars/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/vars/main.yml deleted file mode 100644 index b19b6ebf..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ext-network/vars/main.yml +++ /dev/null @@ -1,10 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -api_services_noarch: [] diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/glance/tasks/nfs.yml b/deploy/adapters/ansible/openstack_mitaka/roles/glance/tasks/nfs.yml deleted file mode 100644 index 9dc72e31..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/glance/tasks/nfs.yml +++ /dev/null @@ -1,68 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- name: install nfs packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: nfs_packages - -- name: install nfs - local_action: yum name={{ item }} state=present - with_items: - - rpcbind - - nfs-utils - run_once: True - -- name: create image directory - local_action: file path=/opt/images state=directory mode=0777 - run_once: True - -- name: remove nfs config item if exist - local_action: lineinfile dest=/etc/exports state=absent - regexp="^/opt/images" - run_once: True - -- name: update nfs config - local_action: lineinfile dest=/etc/exports state=present - line="/opt/images *(rw,insecure,sync,all_squash)" - run_once: True - -- name: restart compass nfs service - local_action: service name={{ item }} state=restarted enabled=yes - with_items: - - rpcbind - - nfs-server - run_once: True - -- name: get mount info - command: mount - register: mount_info - tags: - - recovery - -- name: get nfs server - shell: awk -F'=' '/compass_server/ {print $2}' /etc/compass.conf - register: ip_info - tags: - - recovery - -- name: restart host nfs service - service: name={{ item }} state=restarted enabled=yes - with_items: '{{ nfs_services }}' - -- name: mount image directory - shell: | - mkdir -p /var/lib/glance/images - mount -t nfs -onfsvers=3 {{ ip_info.stdout_lines[0] }}:/opt/images /var/lib/glance/images - sed -i '/\/var\/lib\/glance\/images/d' /etc/fstab - #echo {{ ip_info.stdout_lines[0] }}:/opt/images /var/lib/glance/images/ nfs nfsvers=3 >> /etc/fstab - when: mount_info.stdout.find('images') == -1 - retries: 5 - delay: 3 - tags: - - recovery diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/glance/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/glance/vars/Debian.yml deleted file mode 100644 index d1825012..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/glance/vars/Debian.yml +++ /dev/null @@ -1,21 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -packages: - - glance - - nfs-common - -nfs_packages: - - nfs-common - -nfs_services: [] - -services: - - glance-registry - - glance-api diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/glance/vars/RedHat.yml b/deploy/adapters/ansible/openstack_mitaka/roles/glance/vars/RedHat.yml deleted file mode 100644 index 2987d0c4..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/glance/vars/RedHat.yml +++ /dev/null @@ -1,23 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -packages: - - openstack-glance - - rpcbind - -nfs_packages: - - nfs-utils - - rpcbind - -nfs_services: - - rpcbind - -services: - - openstack-glance-api - - openstack-glance-registry diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ha/templates/haproxy.cfg b/deploy/adapters/ansible/openstack_mitaka/roles/ha/templates/haproxy.cfg deleted file mode 100755 index 5fbcc9d9..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/ha/templates/haproxy.cfg +++ /dev/null @@ -1,227 +0,0 @@ - -global - #chroot /var/run/haproxy - daemon - user haproxy - group haproxy - maxconn 4000 - pidfile /var/run/haproxy/haproxy.pid - #log 127.0.0.1 local0 - tune.bufsize 1000000 - stats socket /var/run/haproxy.sock - stats timeout 2m - -defaults - log global - maxconn 8000 - option redispatch - option dontlognull - option splice-auto - timeout http-request 10s - timeout queue 1m - timeout connect 10s - timeout client 50s - timeout server 50s - timeout check 10s - retries 3 - -listen proxy-mysql - bind {{ internal_vip.ip }}:3306 - option tcpka - option tcplog - balance source -{% for host, ip in haproxy_hosts.items() %} -{% if loop.index == 1 %} - server {{ host }} {{ ip }}:3306 weight 1 check inter 2000 rise 2 fall 5 -{% else %} - server {{ host }} {{ ip }}:3306 weight 1 check inter 2000 rise 2 fall 5 backup -{% endif %} -{% endfor %} - -listen proxy-rabbit - bind {{ internal_vip.ip }}:5672 - bind {{ public_vip.ip }}:5672 - - option tcpka - option tcplog - timeout client 3h - timeout server 3h - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:5672 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-glance_registry_cluster - bind {{ internal_vip.ip }}:9191 - bind {{ public_vip.ip }}:9191 - option tcpka - option tcplog - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:9191 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-glance_api_cluster - bind {{ internal_vip.ip }}:9292 - bind {{ public_vip.ip }}:9292 - option tcpka - option tcplog - option httpchk - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:9292 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-nova-novncproxy - bind {{ internal_vip.ip }}:6080 - bind {{ public_vip.ip }}:6080 - option tcpka - option tcplog - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:6080 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-network - bind {{ internal_vip.ip }}:9696 - bind {{ public_vip.ip }}:9696 - option tcpka - option tcplog - balance source - option httpchk -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:9696 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-volume - bind {{ internal_vip.ip }}:8776 - bind {{ public_vip.ip }}:8776 - option tcpka - option httpchk - option tcplog - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:8776 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-keystone_admin_cluster - bind {{ internal_vip.ip }}:35357 - bind {{ public_vip.ip }}:35357 - option tcpka - option httpchk - option tcplog - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:35357 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-keystone_public_internal_cluster - bind {{ internal_vip.ip }}:5000 - bind {{ public_vip.ip }}:5000 - option tcpka - option httpchk - option tcplog - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:5000 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-nova_compute_api_cluster - bind {{ internal_vip.ip }}:8774 - bind {{ public_vip.ip }}:8774 - mode tcp - option httpchk - option tcplog - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:8774 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-nova_metadata_api_cluster - bind {{ internal_vip.ip }}:8775 - bind {{ public_vip.ip }}:8775 - option tcpka - option tcplog - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:8775 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-cinder_api_cluster - bind {{ internal_vip.ip }}:8776 - bind {{ public_vip.ip }}:8776 - mode tcp - option httpchk - option tcplog - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:8776 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -#listen proxy-swift-proxy -# bind {{ internal_vip.ip }}:8080 -# bind {{ public_vip.ip }}:8080 -# balance source -# option tcpka -# option tcplog -#{% for host,ip in haproxy_hosts.items() %} -# server {{ host }} {{ ip }}:8080 weight 1 check inter 2000 rise 2 fall 5 -#{% endfor %} - -listen proxy-ceilometer_api_cluster - bind {{ internal_vip.ip }}:8777 - bind {{ public_vip.ip }}:8777 - mode tcp - option tcp-check - option tcplog - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:8777 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-aodh_api_cluster - bind {{ internal_vip.ip }}:8042 - bind {{ public_vip.ip }}:8042 - mode tcp - option tcp-check - option tcplog - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:8042 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-congress_api_cluster - bind {{ internal_vip.ip }}:1789 - bind {{ public_vip.ip }}:1789 - mode tcp - option tcp-check - option tcplog - balance source -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:1789 weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen proxy-dashboarad - bind {{ public_vip.ip }}:80 - mode http - balance source - capture cookie vgnvisitor= len 32 - cookie SERVERID insert indirect nocache - option forwardfor - option httpchk - option httpclose - rspidel ^Set-cookie:\ IP= -{% for host,ip in haproxy_hosts.items() %} - server {{ host }} {{ ip }}:80 cookie {{ host }} weight 1 check inter 2000 rise 2 fall 5 -{% endfor %} - -listen stats - mode http - bind 0.0.0.0:9999 - stats enable - stats refresh 30s - stats uri / - stats realm Global\ statistics - stats auth admin:admin - - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/heat/tasks/heat_install.yml b/deploy/adapters/ansible/openstack_mitaka/roles/heat/tasks/heat_install.yml deleted file mode 100644 index b90e6402..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/heat/tasks/heat_install.yml +++ /dev/null @@ -1,39 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include_vars: "{{ ansible_os_family }}.yml" - -- name: install heat related packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: packages | union(packages_noarch) - -- name: generate heat service list - lineinfile: dest=/opt/service create=yes line='{{ item }}' - with_items: services | union(services_noarch) - -# ' - -- name: create heat user domain - shell: > - . /opt/admin-openrc-v3.sh; - openstack domain create --description "Stack projects and users" heat; - openstack user create --domain heat --password {{ HEAT_PASS }} heat_domain_admin; - openstack role add --domain heat --user-domain heat --user heat_domain_admin admin; - openstack role create heat_stack_owner; - openstack role add --project demo --user demo heat_stack_owner; - when: inventory_hostname == groups['controller'][0] - -- name: update heat conf - template: src=heat.j2 - dest=/etc/heat/heat.conf - backup=yes - notify: - - restart heat service - - remove heat-sqlite-db - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/heat/templates/heat.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/heat/templates/heat.j2 deleted file mode 100644 index 62df9fd9..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/heat/templates/heat.j2 +++ /dev/null @@ -1,28 +0,0 @@ -[DEFAULT] -heat_metadata_server_url = http://{{ internal_vip.ip }}:8000 -heat_waitcondition_server_url = http://{{ internal_vip.ip }}:8000/v1/waitcondition -rpc_backend = rabbit -rabbit_host = {{ rabbit_host }} -rabbit_userid = {{ RABBIT_USER }} -rabbit_password = {{ RABBIT_PASS }} -log_dir = /var/log/heat -stack_domain_admin = heat_domain_admin -stack_domain_admin_password = {{ HEAT_PASS }} -stack_user_domain_name = heat - -[database] -connection = mysql://heat:{{ HEAT_DBPASS }}@{{ db_host }}/heat -idle_timeout = 30 -use_db_reconnect = True -pool_timeout = 10 - -[ec2authtoken] -auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 - -[keystone_authtoken] -auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 -identity_uri = http://{{ internal_vip.ip }}:35357 -admin_tenant_name = service -admin_user = heat -admin_password = {{ HEAT_PASS }} - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/tasks/keystone_install.yml b/deploy/adapters/ansible/openstack_mitaka/roles/keystone/tasks/keystone_install.yml deleted file mode 100644 index ba4fc28e..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/tasks/keystone_install.yml +++ /dev/null @@ -1,97 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include_vars: "{{ ansible_os_family }}.yml" - -- name: disable auto start - copy: - content: "#!/bin/sh\nexit 101" - dest: "/usr/sbin/policy-rc.d" - mode: 0755 - when: ansible_os_family == "Debian" - -- name: install keystone packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: packages | union(packages_noarch) - -- name: enable auto start - file: - path=/usr/sbin/policy-rc.d - state=absent - when: ansible_os_family == "Debian" - -- name: disable boot auto start - file: - path={{ item }} - state=absent - with_items: - - /etc/init.d/keystone - - /etc/init/keystone.conf - when: ansible_os_family == "Debian" - -- name: generate keystone service list - lineinfile: dest=/opt/service create=yes line='{{ item }}' - with_items: services | union(services_noarch) - -- name: delete sqlite database - file: - path: /var/lib/keystone/keystone.db - state: absent - -- name: update keystone conf - template: src=keystone.conf dest=/etc/keystone/keystone.conf backup=yes - notify: - - restart keystone services - -- name: assure listen port exist - lineinfile: - dest: '{{ apache_config_dir }}/ports.conf' - regexp: '{{ item.regexp }}' - line: '{{ item.line}}' - with_items: - - regexp: "^Listen {{ internal_ip }}:5000" - line: "Listen {{ internal_ip }}:5000" - - regexp: "^Listen {{ internal_ip }}:35357" - line: "Listen {{ internal_ip }}:35357" - notify: - - restart keystone services - -- name: update apache2 configs - template: - src: wsgi-keystone.conf.j2 - dest: '{{ apache_config_dir }}/sites-available/wsgi-keystone.conf' - when: ansible_os_family == 'Debian' - notify: - - restart keystone services - -- name: update apache2 configs - template: - src: wsgi-keystone.conf.j2 - dest: '{{ apache_config_dir }}/wsgi-keystone.conf' - when: ansible_os_family == 'RedHat' - notify: - - restart keystone services - -- name: enable keystone server - file: - src: "{{ apache_config_dir }}/sites-available/wsgi-keystone.conf" - dest: "{{ apache_config_dir }}/sites-enabled/wsgi-keystone.conf" - state: "link" - when: ansible_os_family == 'Debian' - notify: - - restart keystone services - -- name: keystone source files - template: src={{ item }} dest=/opt/{{ item }} - with_items: - - admin-openrc.sh - - demo-openrc.sh - - admin-openrc-v3.sh - -- meta: flush_handlers diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/RedHat.yml b/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/RedHat.yml deleted file mode 100644 index 63ddce3c..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/RedHat.yml +++ /dev/null @@ -1,20 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -cron_path: "/var/spool/cron" - -packages: - - openstack-keystone - - python-openstackclient - -services: - - httpd - -apache_config_dir: /etc/httpd/conf.d -http_service_name: httpd diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/main.yml deleted file mode 100755 index baaf89e1..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/main.yml +++ /dev/null @@ -1,194 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -packages_noarch: - - python-keystoneclient - -services_noarch: [] -os_services: - - name: keystone - type: identity - region: RegionOne - description: "OpenStack Identity" - publicurl: "http://{{ public_vip.ip }}:5000/v2.0" - internalurl: "http://{{ internal_vip.ip }}:5000/v2.0" - adminurl: "http://{{ internal_vip.ip }}:35357/v2.0" - - - name: glance - type: image - region: RegionOne - description: "OpenStack Image Service" - publicurl: "http://{{ public_vip.ip }}:9292" - internalurl: "http://{{ internal_vip.ip }}:9292" - adminurl: "http://{{ internal_vip.ip }}:9292" - - - name: nova - type: compute - region: RegionOne - description: "OpenStack Compute" - publicurl: "http://{{ public_vip.ip }}:8774/v2/%(tenant_id)s" - internalurl: "http://{{ internal_vip.ip }}:8774/v2/%(tenant_id)s" - adminurl: "http://{{ internal_vip.ip }}:8774/v2/%(tenant_id)s" - - - name: neutron - type: network - region: RegionOne - description: "OpenStack Networking" - publicurl: "http://{{ public_vip.ip }}:9696" - internalurl: "http://{{ internal_vip.ip }}:9696" - adminurl: "http://{{ internal_vip.ip }}:9696" - - - name: ceilometer - type: metering - region: RegionOne - description: "OpenStack Telemetry" - publicurl: "http://{{ public_vip.ip }}:8777" - internalurl: "http://{{ internal_vip.ip }}:8777" - adminurl: "http://{{ internal_vip.ip }}:8777" - - - name: aodh - type: alarming - region: RegionOne - description: "OpenStack Telemetry" - publicurl: "http://{{ public_vip.ip }}:8042" - internalurl: "http://{{ internal_vip.ip }}:8042" - adminurl: "http://{{ internal_vip.ip }}:8042" - - - name: cinder - type: volume - region: RegionOne - description: "OpenStack Block Storage" - publicurl: "http://{{ public_vip.ip }}:8776/v1/%(tenant_id)s" - internalurl: "http://{{ internal_vip.ip }}:8776/v1/%(tenant_id)s" - adminurl: "http://{{ internal_vip.ip }}:8776/v1/%(tenant_id)s" - - - name: cinderv2 - type: volumev2 - region: RegionOne - description: "OpenStack Block Storage v2" - publicurl: "http://{{ public_vip.ip }}:8776/v2/%(tenant_id)s" - internalurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s" - adminurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s" - - - name: heat - type: orchestration - region: RegionOne - description: "OpenStack Orchestration" - publicurl: "http://{{ public_vip.ip }}:8004/v1/%(tenant_id)s" - internalurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s" - adminurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s" - - - name: heat-cfn - type: cloudformation - region: RegionOne - description: "OpenStack CloudFormation Orchestration" - publicurl: "http://{{ public_vip.ip }}:8000/v1" - internalurl: "http://{{ internal_vip.ip }}:8000/v1" - adminurl: "http://{{ internal_vip.ip }}:8000/v1" - - - name: congress - type: policy - region: RegionOne - description: "OpenStack Policy Service" - publicurl: "http://{{ public_vip.ip }}:1789" - internalurl: "http://{{ internal_vip.ip }}:1789" - adminurl: "http://{{ internal_vip.ip }}:1789" - -# - name: swift -# type: object-store -# region: RegionOne -# description: "OpenStack Object Storage" -# publicurl: "http://{{ public_vip.ip }}:8080/v1/AUTH_%(tenant_id)s" -# internalurl: "http://{{ internal_vip.ip }}:8080/v1/AUTH_%(tenant_id)s" -# adminurl: "http://{{ internal_vip.ip }}:8080/v1/AUTH_%(tenant_id)s" - -os_users: - - user: admin - password: "{{ ADMIN_PASS }}" - email: admin@admin.com - role: admin - tenant: admin - tenant_description: "Admin Tenant" - - - user: glance - password: "{{ GLANCE_PASS }}" - email: glance@admin.com - role: admin - tenant: service - tenant_description: "Service Tenant" - - - user: nova - password: "{{ NOVA_PASS }}" - email: nova@admin.com - role: admin - tenant: service - tenant_description: "Service Tenant" - - - user: keystone - password: "{{ KEYSTONE_PASS }}" - email: keystone@admin.com - role: admin - tenant: service - tenant_description: "Service Tenant" - - - user: neutron - password: "{{ NEUTRON_PASS }}" - email: neutron@admin.com - role: admin - tenant: service - tenant_description: "Service Tenant" - - - user: ceilometer - password: "{{ CEILOMETER_PASS }}" - email: ceilometer@admin.com - role: admin - tenant: service - tenant_description: "Service Tenant" - - - user: cinder - password: "{{ CINDER_PASS }}" - email: cinder@admin.com - role: admin - tenant: service - tenant_description: "Service Tenant" - - - user: aodh - password: "{{ AODH_PASS }}" - email: aodh@admin.com - role: admin - tenant: service - tenant_description: "Service Tenant" - - - user: heat - password: "{{ HEAT_PASS }}" - email: heat@admin.com - role: admin - tenant: service - tenant_description: "Service Tenant" - - - user: congress - password: "{{ CONGRESS_PASS }}" - email: congress@admin.com - role: admin - tenant: service - tenant_description: "Service Tenant" - - - user: demo - password: "" - email: heat@demo.com - role: heat_stack_user - tenant: demo - tenant_description: "Demo Tenant" - -# - user: swift -# password: "{{ CINDER_PASS }}" -# email: swift@admin.com -# role: admin -# tenant: service -# tenant_description: "Service Tenant" diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/neutron-compute/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/neutron-compute/tasks/main.yml deleted file mode 100644 index fd3e51d3..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/neutron-compute/tasks/main.yml +++ /dev/null @@ -1,75 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include_vars: "{{ ansible_os_family }}.yml" - -- name: activate ipv4 forwarding - sysctl: name=net.ipv4.ip_forward value=1 - state=present reload=yes - -- name: deactivate ipv4 rp filter - sysctl: name=net.ipv4.conf.all.rp_filter value=0 - state=present reload=yes - -- name: deactivate ipv4 default rp filter - sysctl: name=net.ipv4.conf.default.rp_filter - value=0 state=present reload=yes - -- name: disable auto start - copy: - content: "#!/bin/sh\nexit 101" - dest: "/usr/sbin/policy-rc.d" - mode: 0755 - when: ansible_os_family == "Debian" - -- name: install compute-related neutron packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: packages | union(packages_noarch) - -- name: enable auto start - file: - path=/usr/sbin/policy-rc.d - state=absent - when: ansible_os_family == "Debian" - -- name: fix openstack neutron plugin config file - shell: | - sed -i 's,plugins/ml2/openvswitch_agent.ini,plugin.ini,g' /usr/lib/systemd/system/neutron-openvswitch-agent.service - systemctl daemon-reload - when: ansible_os_family == 'RedHat' - -- name: fix openstack neutron plugin config file ubuntu - shell: | - sed -i 's,plugins/ml2/openvswitch_agent.ini,plugin.ini,g' /etc/init/neutron-openvswitch-agent.conf - sed -i 's,plugins/ml2/openvswitch_agent.ini,plugin.ini,g' /etc/init.d/neutron-openvswitch-agent - when: ansible_os_family == "Debian" - -- name: generate neutron compute service list - lineinfile: dest=/opt/service create=yes line='{{ item }}' - with_items: services | union(services_noarch) - -- name: config ml2 plugin - template: src=templates/ml2_conf.ini - dest=/etc/neutron/plugins/ml2/ml2_conf.ini - backup=yes - -- name: ln plugin.ini - file: src=/etc/neutron/plugins/ml2/ml2_conf.ini dest=/etc/neutron/plugin.ini state=link - -- name: config neutron - template: src=templates/neutron.conf - dest=/etc/neutron/neutron.conf backup=yes - notify: - - restart neutron compute service - - restart nova-compute services - -- meta: flush_handlers - -- include: ../../neutron-network/tasks/odl.yml - when: "'opendaylight' in {{ NEUTRON_MECHANISM_DRIVERS }}" diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/neutron-compute/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/neutron-compute/vars/Debian.yml deleted file mode 100644 index 6ae52f3b..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/neutron-compute/vars/Debian.yml +++ /dev/null @@ -1,19 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- - -packages: - - neutron-common - - neutron-plugin-ml2 - - openvswitch-datapath-dkms - - openvswitch-switch - - neutron-plugin-openvswitch-agent - -services: - - neutron-openvswitch-agent diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/neutron-network/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/neutron-network/tasks/main.yml deleted file mode 100644 index 31f7f17c..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/neutron-network/tasks/main.yml +++ /dev/null @@ -1,117 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include_vars: "{{ ansible_os_family }}.yml" - -- name: activate ipv4 forwarding - sysctl: name=net.ipv4.ip_forward value=1 - state=present reload=yes - -- name: deactivate ipv4 rp filter - sysctl: name=net.ipv4.conf.all.rp_filter value=0 - state=present reload=yes - -- name: deactivate ipv4 default rp filter - sysctl: name=net.ipv4.conf.default.rp_filter - value=0 state=present reload=yes - -- name: assert kernel support for vxlan - command: modinfo -F version vxlan - when: "'vxlan' in {{ NEUTRON_TUNNEL_TYPES }}" - -- name: assert iproute2 suppport for vxlan - command: ip link add type vxlan help - register: iproute_out - failed_when: iproute_out.rc == 255 - when: "'vxlan' in {{ NEUTRON_TUNNEL_TYPES }}" - -- name: disable auto start - copy: - content: "#!/bin/sh\nexit 101" - dest: "/usr/sbin/policy-rc.d" - mode: 0755 - when: ansible_os_family == "Debian" - -- name: install neutron network related packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: packages | union(packages_noarch) - -- name: enable auto start - file: - path=/usr/sbin/policy-rc.d - state=absent - when: ansible_os_family == "Debian" - -- name: generate neutron network service list - lineinfile: dest=/opt/service create=yes line='{{ item }}' - with_items: services | union(services_noarch) - -- name: fix openstack neutron plugin config file - shell: | - sed -i 's,plugins/ml2/openvswitch_agent.ini,plugin.ini,g' /usr/lib/systemd/system/neutron-openvswitch-agent.service - systemctl daemon-reload - when: ansible_os_family == 'RedHat' - -- name: fix openstack neutron plugin config file ubuntu - shell: | - sed -i 's,plugins/ml2/openvswitch_agent.ini,plugin.ini,g' /etc/init/neutron-openvswitch-agent.conf - sed -i 's,plugins/ml2/openvswitch_agent.ini,plugin.ini,g' /etc/init.d/neutron-openvswitch-agent - when: ansible_os_family == "Debian" - -- name: config l3 agent - template: src=l3_agent.ini dest=/etc/neutron/l3_agent.ini - backup=yes - -- name: config dhcp agent - template: src=dhcp_agent.ini dest=/etc/neutron/dhcp_agent.ini - backup=yes - -- name: update dnsmasq-neutron.conf - template: src=templates/dnsmasq-neutron.conf - dest=/etc/neutron/dnsmasq-neutron.conf - -- name: config metadata agent - template: src=metadata_agent.ini - dest=/etc/neutron/metadata_agent.ini backup=yes - -- name: config ml2 plugin - template: src=templates/ml2_conf.ini - dest=/etc/neutron/plugins/ml2/ml2_conf.ini - backup=yes - -- name: ln plugin.ini - file: src=/etc/neutron/plugins/ml2/ml2_conf.ini dest=/etc/neutron/plugin.ini state=link - -- name: config neutron - template: src=templates/neutron.conf - dest=/etc/neutron/neutron.conf backup=yes - -- name: force mtu to 1450 for vxlan - lineinfile: - dest: /etc/neutron/dnsmasq-neutron.conf - regexp: '^dhcp-option-force' - line: 'dhcp-option-force=26,1450' - when: "'vxlan' in {{ NEUTRON_TUNNEL_TYPES }}" - -- include: firewall.yml - when: enable_fwaas == True - -- include: vpn.yml - when: enable_vpnaas == True - -- include: odl.yml - when: "'opendaylight' in {{ NEUTRON_MECHANISM_DRIVERS }}" - -- name: restart neutron network relation service - service: name={{ item }} state=restarted enabled=yes - with_flattened: - - services_noarch - - services - -- meta: flush_handlers diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/neutron-network/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/neutron-network/vars/Debian.yml deleted file mode 100644 index c95d0265..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/neutron-network/vars/Debian.yml +++ /dev/null @@ -1,25 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -packages: - - neutron-plugin-ml2 - - openvswitch-datapath-dkms - - openvswitch-switch - - neutron-l3-agent - - neutron-dhcp-agent - - neutron-plugin-openvswitch-agent - -services: - - openvswitch-switch - - neutron-openvswitch-agent - -openvswitch_agent: neutron-plugin-openvswitch-agent - -xorp_packages: - - xorp diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/tasks/main.yml deleted file mode 100644 index fe544630..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/tasks/main.yml +++ /dev/null @@ -1,58 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include_vars: "{{ ansible_os_family }}.yml" - -- name: disable auto start - copy: - content: "#!/bin/sh\nexit 101" - dest: "/usr/sbin/policy-rc.d" - mode: 0755 - when: ansible_os_family == "Debian" - -- name: install nova-compute related packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: packages | union(packages_noarch) - -- name: restart virtlogd - service: name=virtlogd state=started enabled=yes - when: ansible_os_family == "Debian" - -- name: enable auto start - file: - path=/usr/sbin/policy-rc.d - state=absent - when: ansible_os_family == "Debian" - -- name: update nova-compute conf - template: src={{ item }} dest=/etc/nova/{{ item }} - with_items: - - nova.conf - notify: - - restart nova-compute services - -- name: get number of cpu support virtualization - shell: egrep -c '(vmx|svm)' /proc/cpuinfo - register: kvm_cpu_num - -- name: update nova-compute conf - template: src={{ item }} dest=/etc/nova/{{ item }} - with_items: - - nova-compute.conf - notify: - - restart nova-compute services - -- name: generate neutron control service list - lineinfile: dest=/opt/service create=yes line='{{ item }}' - with_items: services | union(services_noarch) - -- name: remove nova sqlite db - shell: rm /var/lib/nova/nova.sqlite || touch nova.sqlite.removed - -- meta: flush_handlers diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova-compute.conf b/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova-compute.conf deleted file mode 100644 index 305d408b..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova-compute.conf +++ /dev/null @@ -1,11 +0,0 @@ -[DEFAULT] -compute_driver=libvirt.LibvirtDriver -force_raw_images = true -[libvirt] -{% if kvm_cpu_num.stdout_lines[0]|int == 0 %} -virt_type=qemu -{% else %} -virt_type=kvm -{% endif %} -images_type = raw -mem_stats_period_seconds=0 diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova.conf b/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova.conf deleted file mode 100644 index 73b49a5a..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova.conf +++ /dev/null @@ -1,89 +0,0 @@ -[DEFAULT] -block_device_allocate_retries=5 -block_device_allocate_retries_interval=300 -dhcpbridge_flagfile=/etc/nova/nova.conf -dhcpbridge=/usr/bin/nova-dhcpbridge -logdir=/var/log/nova -state_path=/var/lib/nova -lock_path=/var/lib/nova/tmp -force_dhcp_release=True -iscsi_helper=tgtadm -libvirt_use_virtio_for_bridges=True -connection_type=libvirt -root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf -verbose={{ VERBOSE}} -debug={{ DEBUG }} -ec2_private_dns_show_ip=True -api_paste_config=/etc/nova/api-paste.ini -volumes_path=/var/lib/nova/volumes -enabled_apis=osapi_compute,metadata - -default_floating_pool={{ public_net_info.network }} -auth_strategy = keystone - -rpc_backend = rabbit -rabbit_host = {{ rabbit_host }} -rabbit_userid = {{ RABBIT_USER }} -rabbit_password = {{ RABBIT_PASS }} - -osapi_compute_listen={{ internal_ip }} -metadata_listen={{ internal_ip }} - -my_ip = {{ internal_ip }} -vnc_enabled = True -vncserver_listen = {{ internal_ip }} -vncserver_proxyclient_address = {{ internal_ip }} -novncproxy_base_url = http://{{ public_vip.ip }}:6080/vnc_auto.html - -novncproxy_host = {{ internal_ip }} -novncproxy_port = 6080 - -network_api_class = nova.network.neutronv2.api.API -linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver -firewall_driver = nova.virt.firewall.NoopFirewallDriver -security_group_api = neutron - -instance_usage_audit = True -instance_usage_audit_period = hour -notify_on_state_change = vm_and_task_state -notification_driver = nova.openstack.common.notifier.rpc_notifier -notification_driver = ceilometer.compute.nova_notifier - -[database] -# The SQLAlchemy connection string used to connect to the database -connection = mysql://nova:{{ NOVA_DBPASS }}@{{ db_host }}/nova -idle_timeout = 30 -use_db_reconnect = True -pool_timeout = 10 - -[api_database] -connection = mysql://nova:{{ NOVA_DBPASS }}@{{ db_host }}/nova_api -idle_timeout = 30 -use_db_reconnect = True -pool_timeout = 10 - -[keystone_authtoken] -auth_uri = http://{{ internal_vip.ip }}:5000/2.0 -identity_uri = http://{{ internal_vip.ip }}:35357 -admin_tenant_name = service -admin_user = nova -admin_password = {{ NOVA_PASS }} - -[glance] -host = {{ internal_vip.ip }} - -[neutron] -url = http://{{ internal_vip.ip }}:9696 -auth_strategy = keystone -admin_tenant_name = service -admin_username = neutron -admin_password = {{ NEUTRON_PASS }} -admin_auth_url = http://{{ internal_vip.ip }}:35357/v2.0 -service_metadata_proxy = True -metadata_proxy_shared_secret = {{ METADATA_SECRET }} -auth_type = password -auth_url = http://{{ internal_vip.ip }}:35357 -password = {{ NEUTRON_PASS }} -username = neutron -project_domain_name = default -user_domain_name = default diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/nova-controller/tasks/nova_config.yml b/deploy/adapters/ansible/openstack_mitaka/roles/nova-controller/tasks/nova_config.yml deleted file mode 100644 index f332c97a..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/nova-controller/tasks/nova_config.yml +++ /dev/null @@ -1,21 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- name: nova api db sync - shell: su -s /bin/sh -c "nova-manage api_db sync" nova - ignore_errors: True - notify: - - restart nova service - -- name: nova db sync - nova_manage: action=dbsync - notify: - - restart nova service - -- meta: flush_handlers diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/odl_cluster/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/odl_cluster/vars/Debian.yml deleted file mode 100755 index bb560ac0..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/odl_cluster/vars/Debian.yml +++ /dev/null @@ -1,19 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- - -common_packages: - - crudini - -service_ovs_name: openvswitch-switch -service_ovs_agent_name: neutron-openvswitch-agent - -service_file: - src: opendaylight.conf - dst: /etc/init/opendaylight.conf diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/files/setup_networks/log.py b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/files/setup_networks/log.py deleted file mode 100644 index a22ff0fe..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/files/setup_networks/log.py +++ /dev/null @@ -1,43 +0,0 @@ -import logging -import os -loggers = {} -log_dir = "/var/log/setup_network" -try: - os.makedirs(log_dir) -except: - pass - - -def getLogger(name): - if name in loggers: - return loggers[name] - - logger = logging.getLogger(name) - logger.setLevel(logging.DEBUG) - - # create file handler which logs even debug messages - log_file = "%s/%s.log" % (log_dir, name) - try: - os.remove(log_file) - except: - pass - - fh = logging.FileHandler(log_file) - fh.setLevel(logging.DEBUG) - - # create console handler with a higher log level - ch = logging.StreamHandler() - ch.setLevel(logging.ERROR) - - # create formatter and add it to the handlers - formatter = logging.Formatter( - "%(asctime)s - %(name)s - %(levelname)s - %(message)s") - ch.setFormatter(formatter) - fh.setFormatter(formatter) - - # add the handlers to logger - logger.addHandler(ch) - logger.addHandler(fh) - - loggers[name] = logger - return logger diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/files/setup_networks/net_init b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/files/setup_networks/net_init deleted file mode 100755 index c27a8bf8..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/files/setup_networks/net_init +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -## BEGIN INIT INFO -# Provides: anamon.init -# Default-Start: 3 5 -# Default-Stop: 0 1 2 4 6 -# Required-Start: $network -# Short-Description: Starts the cobbler anamon boot notification program -# Description: anamon runs the first time a machine is booted after -# installation. -## END INIT INFO - -# -# anamon.init: Starts the cobbler post-install boot notification program -# -# chkconfig: 35 0 6 -# -# description: anamon runs the first time a machine is booted after -# installation. -# -python /opt/setup_networks/setup_networks.py diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/files/setup_networks/setup_networks.py b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/files/setup_networks/setup_networks.py deleted file mode 100644 index 086edb20..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/files/setup_networks/setup_networks.py +++ /dev/null @@ -1,83 +0,0 @@ -import yaml -import netaddr -import os -import log as logging - -LOG = logging.getLogger("net-init") -config_path = os.path.join(os.path.dirname(__file__), "network.cfg") - - -def setup_bondings(bond_mappings): - print bond_mappings - - -def add_vlan_link(interface, ifname, vlan_id): - LOG.info("add_vlan_link enter") - cmd = "ip link add link %s name %s type vlan id %s; " % ( - ifname, interface, vlan_id) - cmd += "ip link set %s up; ip link set %s up" % (interface, ifname) - LOG.info("add_vlan_link: cmd=%s" % cmd) - os.system(cmd) - - -def add_ovs_port(ovs_br, ifname, uplink, vlan_id=None): - LOG.info("add_ovs_port enter") - cmd = "ovs-vsctl --may-exist add-port %s %s" % (ovs_br, ifname) - if vlan_id: - cmd += " tag=%s" % vlan_id - cmd += " -- set Interface %s type=internal;" % ifname - cmd += "ip link set dev %s address `ip link show %s |awk '/link\/ether/{print $2}'`;" % (ifname, uplink) # noqa - cmd += "ip link set %s up;" % ifname - LOG.info("add_ovs_port: cmd=%s" % cmd) - os.system(cmd) - - -def setup_intfs(sys_intf_mappings, uplink_map): - LOG.info("setup_intfs enter") - for intf_name, intf_info in sys_intf_mappings.items(): - if intf_info["type"] == "vlan": - add_vlan_link( - intf_name, - intf_info["interface"], - intf_info["vlan_tag"]) - elif intf_info["type"] == "ovs": - add_ovs_port( - intf_info["interface"], - intf_name, - uplink_map[intf_info["interface"]], - vlan_id=intf_info.get("vlan_tag")) - else: - pass - - -def setup_ips(ip_settings, sys_intf_mappings): - LOG.info("setup_ips enter") - for intf_info in ip_settings.values(): - network = netaddr.IPNetwork(intf_info["cidr"]) - if sys_intf_mappings[intf_info["name"]]["type"] == "ovs": - intf_name = intf_info["name"] - else: - intf_name = intf_info["alias"] - cmd = "ip addr add %s/%s brd %s dev %s;" \ - % (intf_info["ip"], intf_info["netmask"], str(network.broadcast), intf_name) # noqa - if "gw" in intf_info: - cmd += "route del default;" - cmd += "ip route add default via %s dev %s" % ( - intf_info["gw"], intf_name) - LOG.info("setup_ips: cmd=%s" % cmd) - os.system(cmd) - - -def main(config): - uplink_map = {} - setup_bondings(config["bond_mappings"]) - for provider_net in config["provider_net_mappings"]: - uplink_map[provider_net['name']] = provider_net['interface'] - - setup_intfs(config["sys_intf_mappings"], uplink_map) - setup_ips(config["ip_settings"], config["sys_intf_mappings"]) - -if __name__ == "__main__": - os.system("service openvswitch-switch status|| service openvswitch-switch start") # noqa - config = yaml.load(open(config_path)) - main(config) diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/handlers/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/handlers/main.yml deleted file mode 100755 index e099fcf4..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/handlers/main.yml +++ /dev/null @@ -1,11 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- name: restart onos service - service: name=onos state=restarted enabled=yes diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/main.yml deleted file mode 100755 index 6b619057..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/main.yml +++ /dev/null @@ -1,121 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- include_vars: "{{ ansible_os_family }}.yml" - -- name: install onos related packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: packages | union(packages_noarch) - when: groups['onos']|length !=0 - -- name: remove neutron-openvswitch-agent auto start - shell: > - update-rc.d neutron-openvswitch-agent remove; - sed -i /neutron-openvswitch-agent/d /opt/service - when: groups['onos']|length !=0 - ignore_errors: True - -- name: shut down and disable Neutron's agent services - service: name=neutron-openvswitch-agent state=stopped - when: groups['onos']|length !=0 - ignore_errors: True - -- name: remove neutron-l3-agent auto start - shell: > - update-rc.d neutron-l3-agent remove; - sed -i /neutron-l3-agent/d /opt/service - when: inventory_hostname in groups['onos'] - ignore_errors: True - -- name: shut down and disable Neutron's l3 agent services - service: name=neutron-l3-agent state=stopped - when: inventory_hostname in groups['onos'] - ignore_errors: True - -- name: Stop the Open vSwitch service and clear existing OVSDB - shell: > - service openvswitch-switch stop ; - rm -rf /var/log/openvswitch/* ; - rm -rf /etc/openvswitch/conf.db ; - service openvswitch-switch start ; - when: groups['onos']|length !=0 - ignore_errors: True - -################################################################## -########### Recover External network ################# -################################################################## - -- name: add ovs bridge - openvswitch_bridge: bridge={{ item["name"] }} state=present - with_items: "{{ network_cfg['provider_net_mappings'] }}" - when: item["type"] == "ovs" and groups['onos']|length !=0 - -- name: add ovs uplink - openvswitch_port: bridge={{ item["name"] }} port={{ item["interface"] }} state=present - with_items: "{{ network_cfg['provider_net_mappings'] }}" - when: item["type"] == "ovs" and groups['onos']|length !=0 - -- name: add ovs uplink - shell: ip link set {{ item["interface"] }} up - with_items: "{{ network_cfg['provider_net_mappings'] }}" - when: item["type"] == "ovs" and groups['onos']|length !=0 - -- name: ensure script dir exist - shell: mkdir -p /opt/setup_networks - when: groups['onos']|length !=0 - -- name: copy scripts - copy: src={{ item }} dest=/opt/setup_networks - with_items: - - setup_networks/log.py - - setup_networks/setup_networks.py - when: groups['onos']|length !=0 - -- name: copy boot scripts - copy: src={{ item }} dest=/etc/init.d/ mode=0755 - with_items: - - setup_networks/net_init - when: groups['onos']|length !=0 - -- name: copy config files - template: src=network.cfg dest=/opt/setup_networks - when: groups['onos']|length !=0 - -- name: make sure python lib exist - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: - - python-yaml - - python-netaddr - when: groups['onos']|length !=0 - -- name: run scripts - shell: python /opt/setup_networks/setup_networks.py - when: groups['onos']|length !=0 - -- name: add to boot scripts - service: name=net_init enabled=yes - when: groups['onos']|length !=0 -################################################################## - -- name: restart keepalived to recover external IP - shell: service keepalived restart - when: inventory_hostname in groups['onos'] - ignore_errors: True - -- name: Install ONOS Cluster on Controller - include: onos_controller.yml - when: inventory_hostname in groups['onos'] and onos_sfc == "Disable" - -- name: Install ONOS Cluster on Controller - include: onos_sfc_controller.yml - when: inventory_hostname in groups['onos'] and onos_sfc == "Enable" - -- name: Config ONOS Cluster - include: openvswitch.yml - when: groups['onos']|length !=0 diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/onos_controller.yml b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/onos_controller.yml deleted file mode 100755 index 9ab8d1c1..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/onos_controller.yml +++ /dev/null @@ -1,131 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- - -- name: get image http server - shell: awk -F'=' '/compass_server/ {print $2}' /etc/compass.conf - register: http_server - -- name: download onos driver packages - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/onos/{{ onos_driver }}" dest=/opt/ - -- name: unarchive onos driver package - command: su -s /bin/sh -c "tar xvf /opt/networking-onos.tar -C /opt/" - -- name: install onos driver - command: su -s /bin/sh -c "/opt/networking-onos/install_driver.sh" - -- name: install onos required packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: packages - -- name: download oracle-jdk8 package file - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/onos/{{ jdk8_pkg_name }}" dest=/opt/{{ jdk8_pkg_name }} - -- name: download oracle-jdk8 script file - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/onos/{{ jdk8_script_name }}" dest=/opt/ - -- name: unarchive onos driver package - command: su -s /bin/sh -c "tar xvf /opt/install_jdk8.tar -C /opt/" - -- name: install install_jdk8 package - command: su -s /bin/sh -c "/opt/install_jdk8/install_jdk8.sh" - -- name: create JAVA_HOME environment variable - shell: > - export J2SDKDIR=/usr/lib/jvm/java-8-oracle; - export J2REDIR=/usr/lib/jvm/java-8-oracle/jre; - export PATH=$PATH:/usr/lib/jvm/java-8-oracle/bin:/usr/lib/jvm/java-8-oracle/db/bin:/usr/lib/jvm/java-8-oracle/jre/bin; - export JAVA_HOME=/usr/lib/jvm/java-8-oracle; - export DERBY_HOME=/usr/lib/jvm/java-8-oracle/db; - -- name: create onos group - group: name=onos system=yes state=present - -- name: create onos user - user: - name: onos - group: onos - home: "{{ onos_home }}" - createhome: "yes" - system: "yes" - shell: "/bin/false" - -- name: download onos package - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/onos/{{ onos_pkg_name }}" dest=/opt/{{ onos_pkg_name }} - -- name: create new jar repository - command: su -s /bin/sh -c "mkdir ~/.m2" - ignore_errors: True - -- name: download jar repository - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/onos/{{ repository }}" dest=~/.m2/ - -- name: extract jar repository - command: su -s /bin/sh -c "tar xvf ~/.m2/repository.tar -C ~/.m2/" - -- name: extract onos package - command: su -s /bin/sh -c "tar xzf /opt/{{ onos_pkg_name }} -C {{ onos_home }} --strip-components 1 --no-overwrite-dir -k --skip-old-files" onos - -- name: configure onos service - shell: > - echo 'export ONOS_OPTS=debug' > {{ onos_home }}/options; - echo 'export ONOS_USER=root' >> {{ onos_home }}/options; - mkdir {{ onos_home }}/var; - mkdir {{ onos_home }}/config; - sed -i '/pre-stop/i\env JAVA_HOME=/usr/lib/jvm/java-8-oracle' {{ onos_home }}/init/onos.conf; - cp -rf {{ onos_home }}/init/onos.conf /etc/init/; - cp -rf {{ onos_home }}/init/onos.conf /etc/init.d/; - -- name: configure onos boot feature - shell: > - sed -i '/^featuresBoot=/c\featuresBoot={{ onos_boot_features }}' {{ onos_home }}/{{ karaf_dist }}/etc/org.apache.karaf.features.cfg; - -- name: wait for config time - shell: "sleep 10" - -- name: start onos service - service: name=onos state=started enabled=yes - -- name: wait for onos start time - shell: "sleep 200" - -- name: add onos auto start - shell: > - echo "onos">>/opt/service - -########################################################################################################## -################################ ONOS connect with OpenStack ################################ -########################################################################################################## -- name: Configure Neutron1 - shell: > - crudini --set /etc/neutron/neutron.conf DEFAULT service_plugins onos_router; - crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers onos_ml2; - crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan; - crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers vxlan - -- name: Create ML2 Configuration File - template: - src: ml2_conf.sh - dest: "/opt/ml2_conf.sh" - mode: 0777 - -- name: Configure Neutron2 - command: su -s /bin/sh -c "/opt/ml2_conf.sh;" - -- name: Configure Neutron3 - shell: > - mysql -e "drop database if exists neutron_ml2;"; - mysql -e "create database neutron_ml2 character set utf8;"; - mysql -e "grant all on neutron_ml2.* to 'neutron'@'%';"; - su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron; - su -s /bin/sh -c "neutron-db-manage --subproject networking-sfc upgrade head" neutron; - -- name: Restart neutron-server - service: name=neutron-server state=restarted diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/onos_sfc_controller.yml b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/onos_sfc_controller.yml deleted file mode 100755 index 226923e8..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/onos_sfc_controller.yml +++ /dev/null @@ -1,140 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- - -- name: get image http server - shell: awk -F'=' '/compass_server/ {print $2}' /etc/compass.conf - register: http_server - -- name: download onos driver packages - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/onos/{{ onos_driver }}" dest=/opt/ - -- name: download onos sfc driver package - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/onos/{{ onos_sfc_driver }}" dest=/opt/ - -- name: unarchive onos driver package - command: su -s /bin/sh -c "tar xvf /opt/networking-onos.tar -C /opt/" - -- name: unarchive onos sfc driver package - command: su -s /bin/sh -c "tar xvf /opt/networking-sfc.tar -C /opt/" - -- name: install onos driver - command: su -s /bin/sh -c "/opt/networking-onos/install_driver.sh" - -- name: install onos sfc driver - command: su -s /bin/sh -c "/opt/networking-sfc/install_driver.sh" - -- name: install onos required packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: packages - -- name: download oracle-jdk8 package file - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/onos/{{ jdk8_pkg_name }}" dest=/opt/{{ jdk8_pkg_name }} - -- name: download oracle-jdk8 script file - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/onos/{{ jdk8_script_name }}" dest=/opt/ - -- name: unarchive onos driver package - command: su -s /bin/sh -c "tar xvf /opt/install_jdk8.tar -C /opt/" - -- name: install install_jdk8 package - command: su -s /bin/sh -c "/opt/install_jdk8/install_jdk8.sh" - -- name: create JAVA_HOME environment variable - shell: > - export J2SDKDIR=/usr/lib/jvm/java-8-oracle; - export J2REDIR=/usr/lib/jvm/java-8-oracle/jre; - export PATH=$PATH:/usr/lib/jvm/java-8-oracle/bin:/usr/lib/jvm/java-8-oracle/db/bin:/usr/lib/jvm/java-8-oracle/jre/bin; - export JAVA_HOME=/usr/lib/jvm/java-8-oracle; - export DERBY_HOME=/usr/lib/jvm/java-8-oracle/db; - -- name: create onos group - group: name=onos system=yes state=present - -- name: create onos user - user: - name: onos - group: onos - home: "{{ onos_home }}" - createhome: "yes" - system: "yes" - shell: "/bin/false" - -- name: download onos package - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/onos/{{ onos_pkg_name }}" dest=/opt/{{ onos_pkg_name }} - -- name: create new jar repository - command: su -s /bin/sh -c "mkdir ~/.m2" - ignore_errors: True - -- name: download jar repository - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/onos/{{ repository }}" dest=~/.m2/ - -- name: extract jar repository - command: su -s /bin/sh -c "tar xvf ~/.m2/repository.tar -C ~/.m2/" - -- name: extract onos package - command: su -s /bin/sh -c "tar xzf /opt/{{ onos_pkg_name }} -C {{ onos_home }} --strip-components 1 --no-overwrite-dir -k --skip-old-files" onos - -- name: configure onos service - shell: > - echo 'export ONOS_OPTS=debug' > {{ onos_home }}/options; - echo 'export ONOS_USER=root' >> {{ onos_home }}/options; - mkdir {{ onos_home }}/var; - mkdir {{ onos_home }}/config; - sed -i '/pre-stop/i\env JAVA_HOME=/usr/lib/jvm/java-8-oracle' {{ onos_home }}/init/onos.conf; - cp -rf {{ onos_home }}/init/onos.conf /etc/init/; - cp -rf {{ onos_home }}/init/onos.conf /etc/init.d/; - -- name: configure onos boot feature - shell: > - sed -i '/^featuresBoot=/c\featuresBoot={{ onos_boot_features }}' {{ onos_home }}/{{ karaf_dist }}/etc/org.apache.karaf.features.cfg; - -- name: wait for config time - shell: "sleep 10" - -- name: start onos service - service: name=onos state=started enabled=yes - -- name: wait for onos start time - shell: "sleep 200" - -- name: add onos auto start - shell: > - echo "onos">>/opt/service - -########################################################################################################## -################################ ONOS connect with OpenStack ################################ -########################################################################################################## -- name: Configure Neutron1 - shell: > - crudini --set /etc/neutron/neutron.conf DEFAULT service_plugins networking_sfc.services.sfc.plugin.SfcPlugin,networking_sfc.services.flowclassifier.plugin.FlowClassifierPlugin,onos_router; - crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers onos_ml2; - crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan; - crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers vxlan - -- name: Create ML2 Configuration File - template: - src: ml2_conf.sh - dest: "/opt/ml2_conf.sh" - mode: 0777 - -- name: Configure Neutron2 - command: su -s /bin/sh -c "/opt/ml2_conf.sh;" - -- name: Configure Neutron3 - shell: > - mysql -e "drop database if exists neutron_ml2;"; - mysql -e "create database neutron_ml2 character set utf8;"; - mysql -e "grant all on neutron_ml2.* to 'neutron'@'%';"; - su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron; - su -s /bin/sh -c "neutron-db-manage --subproject networking-sfc upgrade head" neutron; - -- name: Restart neutron-server - service: name=neutron-server state=restarted diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/openvswitch.yml b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/openvswitch.yml deleted file mode 100755 index 76863890..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/tasks/openvswitch.yml +++ /dev/null @@ -1,64 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- - -- name: set veth port - shell: > - ip link add onos_port1 type veth peer name onos_port2; - ifconfig onos_port1 up; - ifconfig onos_port2 up; - ignore_errors: True - -- name: set veth to ovs - shell: > - export externamMac=`ifconfig eth1 | grep -Eo '\<[0-9a-fA-F]{2}(:[0-9a-fA-F]{2}){5}'`; - ifconfig onos_port2 hw ether $externamMac; - ovs-vsctl add-port br-prv onos_port1; - ignore_errors: True - -- name: add openflow-base feature - command: su -s /bin/sh -c "/opt/onos/bin/onos 'feature:install onos-openflow-base'"; - when: inventory_hostname in groups['onos'] - -- name: add openflow feature - command: su -s /bin/sh -c "/opt/onos/bin/onos 'feature:install onos-openflow'"; - when: inventory_hostname in groups['onos'] - -- name: add ovsdatabase feature - command: su -s /bin/sh -c "/opt/onos/bin/onos 'feature:install onos-ovsdatabase'"; - when: inventory_hostname in groups['onos'] - -- name: add ovsdb-base feature - command: su -s /bin/sh -c "/opt/onos/bin/onos 'feature:install onos-ovsdb-base'"; - when: inventory_hostname in groups['onos'] - -- name: add onos driver ovsdb feature - command: su -s /bin/sh -c "/opt/onos/bin/onos 'feature:install onos-drivers-ovsdb'"; - when: inventory_hostname in groups['onos'] - -- name: add ovsdb provider host feature - command: su -s /bin/sh -c "/opt/onos/bin/onos 'feature:install onos-ovsdb-provider-host'"; - when: inventory_hostname in groups['onos'] - -- name: add vtn feature - command: su -s /bin/sh -c "/opt/onos/bin/onos 'feature:install onos-app-vtn-onosfw'"; - when: inventory_hostname in groups['onos'] - -- name: set public eth card start - command: su -s /bin/sh -c "/opt/onos/bin/onos 'externalportname-set -n onos_port2'" - when: inventory_hostname in groups['onos'] - -- name: Set ONOS as the manager - command: su -s /bin/sh -c "ovs-vsctl set-manager tcp:{{ ip_settings[groups['onos'][0]]['mgmt']['ip'] }}:6640;" - -- name: delete default gateway - shell: > - route delete default; - when: inventory_hostname not in groups['onos'] - ignore_errors: True diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/keepalived.conf b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/keepalived.conf deleted file mode 100644 index 4ccf1c43..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/keepalived.conf +++ /dev/null @@ -1,47 +0,0 @@ -global_defs { - router_id {{ inventory_hostname }} -} - -vrrp_sync_group VG1 { - group { - internal_vip - public_vip - } -} - -vrrp_instance internal_vip { - interface {{ internal_vip.interface }} - virtual_router_id {{ vrouter_id_internal }} - state BACKUP - nopreempt - advert_int 1 - priority {{ 50 + (host_index[inventory_hostname] * 50) }} - - authentication { - auth_type PASS - auth_pass 1234 - } - - virtual_ipaddress { - {{ internal_vip.ip }}/{{ internal_vip.netmask }} dev {{ internal_vip.interface }} - } -} - -vrrp_instance public_vip { - interface br-ex - virtual_router_id {{ vrouter_id_public }} - state BACKUP - nopreempt - advert_int 1 - priority {{ 50 + (host_index[inventory_hostname] * 50) }} - - authentication { - auth_type PASS - auth_pass 4321 - } - - virtual_ipaddress { - {{ network_cfg.public_vip.ip }}/{{ network_cfg.public_vip.netmask }} dev br-ex - } - -} diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/ml2_conf.sh b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/ml2_conf.sh deleted file mode 100755 index 8af03df4..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/ml2_conf.sh +++ /dev/null @@ -1,15 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -cat <<EOT>> /etc/neutron/plugins/ml2/ml2_conf.ini -[onos] -password = admin -username = admin -url_path = http://{{ ip_settings[groups['onos'][0]]['mgmt']['ip'] }}:8181/onos/vtn -EOT - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/my_configs.debian b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/my_configs.debian deleted file mode 100644 index 5ab1519b..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/my_configs.debian +++ /dev/null @@ -1,14 +0,0 @@ -{%- for alias, intf in host_ip_settings.items() %} - -auto {{ alias }} -iface {{ alias }} inet static - address {{ intf["ip"] }} - netmask {{ intf["netmask"] }} -{% if "gw" in intf %} - gateway {{ intf["gw"] }} -{% endif %} -{% if intf["name"] == alias %} - pre-up ip link set {{ sys_intf_mappings[alias]["interface"] }} up - pre-up ip link add link {{ sys_intf_mappings[alias]["interface"] }} name {{ alias }} type vlan id {{ sys_intf_mappings[alias]["vlan_tag"] }} -{% endif %} -{% endfor %} diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/network.cfg b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/network.cfg deleted file mode 100644 index 75ba90cb..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/templates/network.cfg +++ /dev/null @@ -1,5 +0,0 @@ -bond_mappings: {{ network_cfg["bond_mappings"] }} -ip_settings: {{ ip_settings[inventory_hostname] }} -sys_intf_mappings: {{ sys_intf_mappings }} -provider_net_mappings: {{ network_cfg["provider_net_mappings"] }} - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/vars/Debian.yml deleted file mode 100755 index c480dd9f..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/vars/Debian.yml +++ /dev/null @@ -1,15 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -packages: - - software-properties-common - - crudini - - git - -services: [] diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/vars/RedHat.yml b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/vars/RedHat.yml deleted file mode 100755 index c480dd9f..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/vars/RedHat.yml +++ /dev/null @@ -1,15 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -packages: - - software-properties-common - - crudini - - git - -services: [] diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/vars/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/vars/main.yml deleted file mode 100755 index 0f6204e2..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/onos_cluster/vars/main.yml +++ /dev/null @@ -1,23 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -packages_noarch: [] - -services_noarch: [] -onos_pkg_name: onos-1.6.0.tar.gz -onos_home: /opt/onos/ -karaf_dist: apache-karaf-3.0.5 -jdk8_pkg_name: jdk-8u51-linux-x64.tar.gz -jdk8_script_name: install_jdk8.tar -onos_driver: networking-onos.tar -onos_sfc_driver: networking-sfc.tar -repository: repository.tar -onos_boot_features: config,standard,region,package,kar,ssh,management,webconsole,onos-api,onos-core,onos-incubator,onos-cli,onos-rest,onos-gui,onos-openflow-base, onos-openflow, onos-ovsdatabase, onos-ovsdb-base, onos-drivers-ovsdb, onos-ovsdb-provider-host, onos-app-vtn-onosfw - - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/open-contrail/tasks/uninstall-openvswitch.yml b/deploy/adapters/ansible/openstack_mitaka/roles/open-contrail/tasks/uninstall-openvswitch.yml deleted file mode 100755 index 836cb78b..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/open-contrail/tasks/uninstall-openvswitch.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -- name: del ovs bridge - shell: ovs-vsctl del-br br-int; ovs-vsctl del-br br-tun; ovs-vsctl del-br br-prv; - -- name: remove ovs and ovs-plugin daeman - shell: > - sed -i '/neutron-openvswitch-agent/d' /opt/service ; - sed -i '/openvswitch-switch/d' /opt/service ; - -- name: stop ovs and ovs-plugin - shell: service openvswitch-switch stop; service neutron-openvswitch-agent stop; - -- name: remove ovs and ovs-plugin files - shell: > - update-rc.d -f neutron-openvswitch-agent remove; - mv /etc/init.d/neutron-openvswitch-agent /home/neutron-openvswitch-agent; - mv /etc/init/neutron-openvswitch-agent.conf /home/neutron-openvswitch-agent.conf; - update-rc.d -f openvswitch-switch remove ; - mv /etc/init.d/openvswitch-switch /home/openvswitch-switch ; - mv /etc/init/openvswitch-switch.conf /home/openvswitch-switch.conf ; - update-rc.d -f neutron-ovs-cleanup remove ; - mv /etc/init.d/neutron-ovs-cleanup /home/neutron-ovs-cleanup ; - mv /etc/init/neutron-ovs-cleanup.conf /home/neutron-ovs-cleanup.conf ; - -- name: remove ovs kernel module - shell: rmmod vport_vxlan; rmmod openvswitch; - ignore_errors: True - -- name: copy recovery script - copy: src={{ item }} dest=/opt/setup_networks - with_items: -# - recover_network_opencontrail.py - - setup_networks_opencontrail.py - -#- name: recover external script -# shell: python /opt/setup_networks/recover_network_opencontrail.py - -- name: modify net-init - shell: sed -i 's/setup_networks.py/setup_networks_opencontrail.py/g' /etc/init.d/net_init - -- name: resolve dual NIC problem - shell: > - echo "net.ipv4.conf.all.arp_ignore=1" >> /etc/sysctl.conf ; - /sbin/sysctl -p ; - echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore ; - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 deleted file mode 100644 index e7107660..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 +++ /dev/null @@ -1,7 +0,0 @@ -[securitygroup] -firewall_driver = neutron.agent.firewall.NoopFirewallDriver -enable_security_group = True - -[agent] -prevent_arp_spoofing = False - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/nova.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/nova.j2 deleted file mode 100644 index 7dbc216a..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/nova.j2 +++ /dev/null @@ -1,3 +0,0 @@ -[DEFAULT] -firewall_driver = nova.virt.firewall.NoopFirewallDriver -security_group_api = neutron diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/vars/Debian.yml deleted file mode 100644 index 221a3d92..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/vars/Debian.yml +++ /dev/null @@ -1,35 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -configs_templates: - - src: nova.j2 - dest: - - /etc/nova/nova.conf - - src: neutron.j2 - dest: - - /etc/neutron/plugins/ml2/ml2_conf.ini - - /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini - - /etc/neutron/plugins/ml2/restproxy.ini - -controller_services: - - nova-api - - nova-cert - - nova-conductor - - nova-consoleauth - - nova-novncproxy - - nova-scheduler - - neutron-server - - neutron-openvswitch-agent - - neutron-l3-agent - - neutron-dhcp-agent - - neutron-metadata-agent - -compute_services: - - nova-compute - - neutron-openvswitch-agent diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/files/tacker.conf b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/files/tacker.conf deleted file mode 100644 index 0c90dcb9..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/files/tacker.conf +++ /dev/null @@ -1,36 +0,0 @@ -description "OpenStack Tacker Server" -author "Yifei Xue <xueyifei@huawei.com>" - -start on runlevel [2345] -stop on runlevel [!2345] - -chdir /var/run - -respawn -respawn limit 20 5 -limit nofile 65535 65535 - -pre-start script - for i in lock run log lib ; do - mkdir -p /var/$i/tacker - chown root /var/$i/tacker - done -end script - -script - [ -x "/usr/local/bin/tacker-server" ] || exit 0 - DAEMON_ARGS="" - CONFIG_FILE="/usr/local/etc/tacker/tacker.conf" - USE_SYSLOG="" - USE_LOGFILE="" - NO_OPENSTACK_CONFIG_FILE_DAEMON_ARG="" - [ -r /etc/default/openstack ] && . /etc/default/openstack - [ -r /etc/default/$UPSTART_JOB ] && . /etc/default/$UPSTART_JOB - [ "x$USE_SYSLOG" = "xyes" ] && DAEMON_ARGS="$DAEMON_ARGS --use-syslog" - [ "x$USE_LOGFILE" != "xno" ] && DAEMON_ARGS="$DAEMON_ARGS --log-file=/var/log/tacker/tacker.log" - [ -z "$NO_OPENSTACK_CONFIG_FILE_DAEMON_ARG" ] && DAEMON_ARGS="$DAEMON_ARGS --config-file=$CONFIG_FILE" - - exec start-stop-daemon --start --chdir /var/lib/tacker \ - --chuid root:root --make-pidfile --pidfile /var/run/tacker/tacker.pid \ - --exec /usr/local/bin/tacker-server -- ${DAEMON_ARGS} -end script diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/tasks/tacker_controller.yml b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/tasks/tacker_controller.yml deleted file mode 100755 index cd3b19e8..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/tasks/tacker_controller.yml +++ /dev/null @@ -1,215 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- name: get http server - shell: awk -F'=' '/compass_server/ {print $2}' /etc/compass.conf - register: http_server - -- name: creat tacker_home, tacker_client_home, tacker_horizon_home - shell: > - mkdir -p /opt/tacker - mkdir -p /opt/tacker_client - mkdir -p /opt/tacker_horizon - -- name: download tacker package - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/tacker/{{ tacker_pkg_name }}" dest=/opt/{{ tacker_pkg_name }} - -- name: download tacker_client package - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/tacker/{{ tacker_client_pkg_name }}" dest=/opt/{{ tacker_client_pkg_name }} - -- name: download tacker_horizon package - get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/tacker/{{ tacker_horizon_pkg_name }}" dest=/opt/{{ tacker_horizon_pkg_name }} - -- name: extract tacker package - command: su -s /bin/sh -c "tar xzf /opt/{{ tacker_pkg_name }} -C {{ tacker_home }} --strip-components 1 --no-overwrite-dir -k --skip-old-files" - -- name: extract tacker_client package - command: su -s /bin/sh -c "tar xzf /opt/{{ tacker_client_pkg_name }} -C {{ tacker_client_home }} --strip-components 1 --no-overwrite-dir -k --skip-old-files" - -- name: extract tacker_horizon package - command: su -s /bin/sh -c "tar xzf /opt/{{ tacker_horizon_pkg_name }} -C {{ tacker_horizon_home }} --strip-components 1 --no-overwrite-dir -k --skip-old-files" - -- name: edit ml2_conf.ini - shell: crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security; - -- name: Restart neutron-server - service: name=neutron-server state=restarted - -- name: "create haproxy configuration for tacker" - template: - src: "haproxy-tacker-cfg.j2" - dest: "/tmp/haproxy-tacker.cfg" - -- name: get the current haproxy configuration - shell: cat /etc/haproxy/haproxy.cfg - register: ha_cfg - -- name: "combination of the haproxy configuration" - shell: "cat /tmp/haproxy-tacker.cfg >> /etc/haproxy/haproxy.cfg" - when: ha_cfg.stdout.find('8888') == -1 - -- name: "delete temporary configuration file" - file: - dest: "/tmp/haproxy-tacker.cfg" - state: "absent" - -- name: "restart haproxy" - service: - name: "haproxy" - state: "restarted" - -- name: drop and recreate tacker database - shell: mysql -e "drop database if exists tacker;"; - mysql -e "create database tacker character set utf8;"; - mysql -e "grant all on tacker.* to 'tacker'@'%' identified by 'TACKER_DBPASS';"; - when: inventory_hostname == haproxy_hosts.keys()[0] - -- name: get the openstack user info - shell: . /opt/admin-openrc.sh; openstack user list - register: user_info - -- name: get the openstack service info - shell: . /opt/admin-openrc.sh; openstack service list - register: service_info - -- name: get the openstack endpoint info - shell: . /opt/admin-openrc.sh; openstack endpoint list - register: endpoint_info - -- name: delete the existed tacker endpoint - shell: . /opt/admin-openrc.sh; openstack endpoint delete $(openstack endpoint list | grep tacker | awk '{print $2}') - when: endpoint_info.stdout.find('tacker') != -1 and inventory_hostname == haproxy_hosts.keys()[0] - -- name: delete the existed tacker service - shell: . /opt/admin-openrc.sh; openstack service delete tacker - when: service_info.stdout.find('tacker') != -1 and inventory_hostname == haproxy_hosts.keys()[0] - -- name: delete the existed tacker user - shell: . /opt/admin-openrc.sh; openstack user delete tacker - when: user_info.stdout.find('tacker') != -1 and inventory_hostname == haproxy_hosts.keys()[0] - -- name: create tacker user with admin privileges - shell: . /opt/admin-openrc.sh; openstack user create --password console tacker; openstack role add --project service --user tacker admin; - when: inventory_hostname == haproxy_hosts.keys()[0] - -- name: creat tacker service - shell: > - . /opt/admin-openrc.sh; openstack service create --name tacker --description "Tacker Project" nfv-orchestration - when: inventory_hostname == haproxy_hosts.keys()[0] - -- name: provide an endpoint to tacker service - shell: > - . /opt/admin-openrc.sh; openstack endpoint create --region RegionOne \ - --publicurl 'http://{{ public_vip.ip }}:8888/' \ - --adminurl 'http://{{ internal_vip.ip }}:8888/' \ - --internalurl 'http://{{ internal_vip.ip }}:8888/' tacker - when: inventory_hostname == haproxy_hosts.keys()[0] - -- name: install pip package - pip: name=Babel state=present version=2.3.4 - -- name: install pip packages - shell: > - pip install tosca-parser heat-translator oslosphinx; - -- name: install tacker - shell: > - . /opt/admin-openrc.sh; cd {{ tacker_home }}; python setup.py install - -- name: create 'tacker' directory in '/var/cache', set ownership and permissions - shell: > - mkdir -p /var/cache/tacker -# sudo chown <LOGIN_USER>:root /var/cache/tacker -# chmod 700 /var/cache/tacker - -- name: create 'tacker' directory in '/var/log' - shell: mkdir -p /var/log/tacker - -- name: copy tacker configs - template: src={{ item.src }} dest=/opt/os_templates - with_items: "{{ tacker_configs_templates }}" - -- name: edit tacker configuration file - shell: crudini --merge /usr/local/etc/tacker/tacker.conf < /opt/os_templates/tacker.j2 - -- name: populate tacker database - shell: > - . /opt/admin-openrc.sh; /usr/local/bin/tacker-db-manage --config-file /usr/local/etc/tacker/tacker.conf upgrade head - when: inventory_hostname == haproxy_hosts.keys()[0] - -- name: install tacker client - shell: > - . /opt/admin-openrc.sh; cd {{ tacker_client_home }}; python setup.py install - -- name: install tacker horizon - shell: > - . /opt/admin-openrc.sh; cd {{ tacker_horizon_home }}; python setup.py install - -- name: enable tacker horizon in dashboard - shell: > - cp {{ tacker_horizon_home }}/openstack_dashboard_extensions/* /usr/share/openstack-dashboard/openstack_dashboard/enabled/ - -- name: restart apache server - shell: service apache2 restart - -- name: create tacker service - copy: src=tacker.conf dest=/etc/init - -- name: create tacker service work dir - file: path=/var/lib/tacker state=directory - -- name: link the tacker service - file: - src: /etc/init/tacker.conf - dest: /etc/init.d/tacker - state: link - -- name: start tacker service - shell: service tacker start - -- name: create tackerc file - template: src=tackerc.sh dest=/opt/tackerc.sh mode=777 - -- name: get the nfv_user info - shell: . /opt/tackerc.sh; openstack user list - register: nfvuser_info - -- name: delete the existed nfv user - shell: . /opt/tackerc.sh; openstack user delete nfv_user - when: nfvuser_info.stdout.find('nfv') != -1 and inventory_hostname == haproxy_hosts.keys()[0] - -- name: get the openstack project info - shell: . /opt/tackerc.sh; openstack project list - register: nfvproject_info - -- name: delete the existed nfv project - shell: . /opt/tackerc.sh; openstack project delete $(openstack project list | grep nfv | awk '{print $2}') - when: nfvproject_info.stdout.find('nfv') != -1 and inventory_hostname == haproxy_hosts.keys()[0] - -- name: create an nfv project - shell: . /opt/tackerc.sh; openstack project create --description "NFV Project" nfv - when: inventory_hostname == haproxy_hosts.keys()[0] - -- name: create nfv user with admin privileges - shell: . /opt/tackerc.sh; openstack user create --password console nfv_user; openstack role add --project nfv --user nfv_user admin; - when: inventory_hostname == haproxy_hosts.keys()[0] - -- name: create config.yml - template: src=config.yaml dest=/opt/config.yaml - -- name: check if tacker running - shell: . /opt/tackerc.sh; while (!(tacker ext-list)); do sleep 30; done - -- name: register VIM to tacker - shell: . /opt/tackerc.sh; tacker vim-register --config-file /opt/config.yaml --description "OpenStack" --name VIM0 - when: inventory_hostname == haproxy_hosts.keys()[0] - -- name: restart tacker service - shell: service tacker stop; service tacker start - diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/config.yaml b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/config.yaml deleted file mode 100644 index 8f73e907..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/config.yaml +++ /dev/null @@ -1,4 +0,0 @@ -auth_url: 'http://{{ public_vip.ip }}:5000/v2.0' -username: 'nfv_user' -password: 'console' -project_name: 'nfv' diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tacker.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tacker.j2 deleted file mode 100644 index 4f186b67..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tacker.j2 +++ /dev/null @@ -1,426 +0,0 @@ -[DEFAULT] -# Print more verbose output (set logging level to INFO instead of default WARNING level). -verbose = True - -# Print debugging output (set logging level to DEBUG instead of default WARNING level). -debug = True - -# Where to store Tacker state files. This directory must be writable by the -# user executing the agent. -state_path = /var/lib/tacker - -# Where to store lock files -lock_path = $state_path/lock - -auth_strategy = keystone -policy_file = /usr/local/etc/tacker/policy.json - -# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s -# log_date_format = %Y-%m-%d %H:%M:%S - -# use_syslog -> syslog -# log_file and log_dir -> log_dir/log_file -# (not log_file) and log_dir -> log_dir/{binary_name}.log -# use_stderr -> stderr -# (not user_stderr) and (not log_file) -> stdout -# publish_errors -> notification system - -use_syslog = False -# syslog_log_facility = LOG_USER - -# use_stderr = True -# log_file = -# log_dir = - -# publish_errors = False - -# Address to bind the API server to -bind_host = {{ internal_ip }} - -# Port the bind the API server to -bind_port = 8888 - -# Path to the extensions. Note that this can be a colon-separated list of -# paths. For example: -# api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions -# The __path__ of tacker.extensions is appended to this, so if your -# extensions are in there you don't need to specify them here -# api_extensions_path = - -# (StrOpt) Tacker core plugin entrypoint to be loaded from the -# tacker.core_plugins namespace. See setup.cfg for the entrypoint names of the -# plugins included in the tacker source distribution. For compatibility with -# previous versions, the class name of a plugin can be specified instead of its -# entrypoint name. -# -# core_plugin = -# Example: core_plugin = ml2 - -# (ListOpt) List of service plugin entrypoints to be loaded from the -# tacker.service_plugins namespace. See setup.cfg for the entrypoint names of -# the plugins included in the tacker source distribution. For compatibility -# with previous versions, the class name of a plugin can be specified instead -# of its entrypoint name. -# -# service_plugins = -# Example: service_plugins = router,firewall,lbaas,vpnaas,metering - -service_plugins = vnfm,nfvo - -# Paste configuration file -# api_paste_config = api-paste.ini - -# The strategy to be used for auth. -# Supported values are 'keystone'(default), 'noauth'. -# auth_strategy = keystone - -# Allow sending resource operation notification to DHCP agent -# dhcp_agent_notification = True - -# Enable or disable bulk create/update/delete operations -# allow_bulk = True -# Enable or disable pagination -# allow_pagination = False -# Enable or disable sorting -# allow_sorting = False -# Enable or disable overlapping IPs for subnets -# Attention: the following parameter MUST be set to False if Tacker is -# being used in conjunction with nova security groups -# allow_overlapping_ips = False -# Ensure that configured gateway is on subnet -# force_gateway_on_subnet = False - - -# RPC configuration options. Defined in rpc __init__ -# The messaging module to use, defaults to kombu. -# rpc_backend = tacker.openstack.common.rpc.impl_kombu -# Size of RPC thread pool -# rpc_thread_pool_size = 64 -# Size of RPC connection pool -# rpc_conn_pool_size = 30 -# Seconds to wait for a response from call or multicall -# rpc_response_timeout = 60 -# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. -# rpc_cast_timeout = 30 -# Modules of exceptions that are permitted to be recreated -# upon receiving exception data from an rpc call. -# allowed_rpc_exception_modules = tacker.openstack.common.exception, nova.exception -# AMQP exchange to connect to if using RabbitMQ or QPID -# control_exchange = tacker - -# If passed, use a fake RabbitMQ provider -# fake_rabbit = False - -# Configuration options if sending notifications via kombu rpc (these are -# the defaults) -# SSL version to use (valid only if SSL enabled) -# kombu_ssl_version = -# SSL key file (valid only if SSL enabled) -# kombu_ssl_keyfile = -# SSL cert file (valid only if SSL enabled) -# kombu_ssl_certfile = -# SSL certification authority file (valid only if SSL enabled) -# kombu_ssl_ca_certs = -# IP address of the RabbitMQ installation -# rabbit_host = localhost -# Password of the RabbitMQ server -# rabbit_password = guest -# Port where RabbitMQ server is running/listening -# rabbit_port = 5672 -# RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) -# rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' -# rabbit_hosts = localhost:5672 -# User ID used for RabbitMQ connections -# rabbit_userid = guest -# Location of a virtual RabbitMQ installation. -# rabbit_virtual_host = / -# Maximum retries with trying to connect to RabbitMQ -# (the default of 0 implies an infinite retry count) -# rabbit_max_retries = 0 -# RabbitMQ connection retry interval -# rabbit_retry_interval = 1 -# Use HA queues in RabbitMQ (x-ha-policy: all). You need to -# wipe RabbitMQ database when changing this option. (boolean value) -# rabbit_ha_queues = false - -# QPID -# rpc_backend=tacker.openstack.common.rpc.impl_qpid -# Qpid broker hostname -# qpid_hostname = localhost -# Qpid broker port -# qpid_port = 5672 -# Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) -# qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' -# qpid_hosts = localhost:5672 -# Username for qpid connection -# qpid_username = '' -# Password for qpid connection -# qpid_password = '' -# Space separated list of SASL mechanisms to use for auth -# qpid_sasl_mechanisms = '' -# Seconds between connection keepalive heartbeats -# qpid_heartbeat = 60 -# Transport to use, either 'tcp' or 'ssl' -# qpid_protocol = tcp -# Disable Nagle algorithm -# qpid_tcp_nodelay = True - -# ZMQ -# rpc_backend=tacker.openstack.common.rpc.impl_zmq -# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. -# The "host" option should point or resolve to this address. -# rpc_zmq_bind_address = * - -# ============ Notification System Options ===================== - -# Notifications can be sent when network/subnet/port are created, updated or deleted. -# There are three methods of sending notifications: logging (via the -# log_file directive), rpc (via a message queue) and -# noop (no notifications sent, the default) - -# Notification_driver can be defined multiple times -# Do nothing driver -# notification_driver = tacker.openstack.common.notifier.no_op_notifier -# Logging driver -# notification_driver = tacker.openstack.common.notifier.log_notifier -# RPC driver. -notification_driver = tacker.openstack.common.notifier.rpc_notifier - -# default_notification_level is used to form actual topic name(s) or to set logging level -# default_notification_level = INFO - -# default_publisher_id is a part of the notification payload -# host = myhost.com -# default_publisher_id = $host - -# Defined in rpc_notifier, can be comma separated values. -# The actual topic names will be %s.%(default_notification_level)s -# notification_topics = notifications - -# Default maximum number of items returned in a single response, -# value == infinite and value < 0 means no max limit, and value must -# be greater than 0. If the number of items requested is greater than -# pagination_max_limit, server will just return pagination_max_limit -# of number of items. -# pagination_max_limit = -1 - -# Maximum number of DNS nameservers per subnet -# max_dns_nameservers = 5 - -# Maximum number of host routes per subnet -# max_subnet_host_routes = 20 - -# Maximum number of fixed ips per port -# max_fixed_ips_per_port = 5 - -# =========== items for agent management extension ============= -# Seconds to regard the agent as down; should be at least twice -# report_interval, to be sure the agent is down for good -# agent_down_time = 75 -# =========== end of items for agent management extension ===== - -# Allow auto scheduling networks to DHCP agent. It will schedule non-hosted -# networks to first DHCP agent which sends get_active_networks message to -# tacker server -# network_auto_schedule = True - -# Allow auto scheduling routers to L3 agent. It will schedule non-hosted -# routers to first L3 agent which sends sync_routers message to tacker server -# router_auto_schedule = True - -# Number of DHCP agents scheduled to host a network. This enables redundant -# DHCP agents for configured networks. -# dhcp_agents_per_network = 1 - -# =========== end of items for agent scheduler extension ===== - -# =========== WSGI parameters related to the API server ============== -# Number of separate worker processes to spawn. The default, 0, runs the -# worker thread in the current process. Greater than 0 launches that number of -# child processes as workers. The parent process manages them. -# api_workers = 0 - -# Number of separate RPC worker processes to spawn. The default, 0, runs the -# worker thread in the current process. Greater than 0 launches that number of -# child processes as RPC workers. The parent process manages them. -# This feature is experimental until issues are addressed and testing has been -# enabled for various plugins for compatibility. -# rpc_workers = 0 - -# Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when -# starting API server. Not supported on OS X. -# tcp_keepidle = 600 - -# Number of seconds to keep retrying to listen -# retry_until_window = 30 - -# Number of backlog requests to configure the socket with. -# backlog = 4096 - -# Max header line to accommodate large tokens -# max_header_line = 16384 - -# Enable SSL on the API server -# use_ssl = False - -# Certificate file to use when starting API server securely -# ssl_cert_file = /path/to/certfile - -# Private key file to use when starting API server securely -# ssl_key_file = /path/to/keyfile - -# CA certificate file to use when starting API server securely to -# verify connecting clients. This is an optional parameter only required if -# API clients need to authenticate to the API server using SSL certificates -# signed by a trusted CA -# ssl_ca_file = /path/to/cafile -# ======== end of WSGI parameters related to the API server ========== - - -# ======== tacker nova interactions ========== -# Send notification to nova when port status is active. -# notify_nova_on_port_status_changes = True - -# Send notifications to nova when port data (fixed_ips/floatingips) change -# so nova can update it's cache. -# notify_nova_on_port_data_changes = True - -# URL for connection to nova (Only supports one nova region currently). -# nova_url = http://127.0.0.1:8774/v2 - -# Name of nova region to use. Useful if keystone manages more than one region -# nova_region_name = - -# Username for connection to nova in admin context -# nova_admin_username = - -# The uuid of the admin nova tenant -# nova_admin_tenant_id = - -# Password for connection to nova in admin context. -# nova_admin_password = - -# Authorization URL for connection to nova in admin context. -# nova_admin_auth_url = - -# CA file for novaclient to verify server certificates -# nova_ca_certificates_file = - -# Boolean to control ignoring SSL errors on the nova url -# nova_api_insecure = False - -# Number of seconds between sending events to nova if there are any events to send -# send_events_interval = 2 - -# ======== end of tacker nova interactions ========== - -[agent] -# Use "sudo tacker-rootwrap /etc/tacker/rootwrap.conf" to use the real -# root filter facility. -# Change to "sudo" to skip the filtering and just run the comand directly -root_helper = sudo /usr/local/bin/tacker-rootwrap /usr/local/etc/tacker/rootwrap.conf - -# =========== items for agent management extension ============= -# seconds between nodes reporting state to server; should be less than -# agent_down_time, best if it is half or less than agent_down_time -# report_interval = 30 - -# =========== end of items for agent management extension ===== - -[keystone_authtoken] -signing_dir = /var/cache/tacker -#cafile = /opt/stack/data/ca-bundle.pem -#project_domain_id = default -project_name = service -#user_domain_id = default -password = console -username = tacker -auth_url = http://{{ internal_vip.ip }}:35357 -auth_plugin = password -identity_uri = http://{{ internal_vip.ip }}:5000/v2.0 -auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 - - -[database] -# This line MUST be changed to actually run the plugin. -# Example: -# connection = mysql://root:pass@127.0.0.1:3306/tacker -connection = mysql://tacker:TACKER_DBPASS@{{ internal_vip.ip }}:3306/tacker?charset=utf8 -# Replace 127.0.0.1 above with the IP address of the database used by the -# main tacker server. (Leave it as is if the database runs on this host.) -# connection = sqlite:// -# NOTE: In deployment the [database] section and its connection attribute may -# be set in the corresponding core plugin '.ini' file. However, it is suggested -# to put the [database] section and its connection attribute in this -# configuration file. - -# Database engine for which script will be generated when using offline -# migration -# engine = - -# The SQLAlchemy connection string used to connect to the slave database -# slave_connection = - -# Database reconnection retry times - in event connectivity is lost -# set to -1 implies an infinite retry count -# max_retries = 10 - -# Database reconnection interval in seconds - if the initial connection to the -# database fails -# retry_interval = 10 - -# Minimum number of SQL connections to keep open in a pool -# min_pool_size = 1 - -# Maximum number of SQL connections to keep open in a pool -# max_pool_size = 10 - -# Timeout in seconds before idle sql connections are reaped -# idle_timeout = 3600 - -# If set, use this value for max_overflow with sqlalchemy -# max_overflow = 20 - -# Verbosity of SQL debugging information. 0=None, 100=Everything -# connection_debug = 0 - -# Add python stack traces to SQL as comment strings -# connection_trace = False - -# If set, use this value for pool_timeout with sqlalchemy -# pool_timeout = 10 - -[tacker] -# Specify drivers for hosting device -# infra_driver = heat,nova,noop - -# Specify drivers for mgmt -# mgmt_driver = noop,openwrt - -# Specify drivers for monitoring -# monitor_driver = ping, http_ping - -[nfvo_vim] -# Supported VIM drivers, resource orchestration controllers such as OpenStack, kvm -#Default VIM driver is OpenStack -#vim_drivers = openstack -#Default VIM placement if vim id is not provided -default_vim = VIM0 - -[vim_keys] -#openstack = /etc/tacker/vim/fernet_keys -[tacker_nova] -# parameters for novaclient to talk to nova -region_name = RegionOne -#project_domain_id = default -project_name = service -#user_domain_id = default -password = console -username = nova -auth_url = http://{{ internal_vip.ip }}:35357 -auth_plugin = password - -[tacker_heat] -heat_uri = http://{{ internal_vip.ip }}:8004/v1 -stack_retries = 60 -stack_retry_wait = 5 diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tackerc.sh b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tackerc.sh deleted file mode 100644 index c673e7f1..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tackerc.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh -export LC_ALL=C -export OS_NO_CACHE=true -export OS_TENANT_NAME=service -export OS_PROJECT_NAME=service -export OS_USERNAME=tacker -export OS_PASSWORD=console -export OS_AUTH_URL=http://{{ internal_vip.ip }}:5000/v2.0 -export OS_DEFAULT_DOMAIN=default -export OS_AUTH_STRATEGY=keystone -export OS_REGION_NAME=RegionOne -export TACKER_ENDPOINT_TYPE=internalurl diff --git a/deploy/adapters/ansible/openstack_mitaka/templates/neutron.conf b/deploy/adapters/ansible/openstack_mitaka/templates/neutron.conf deleted file mode 100644 index 33231ed5..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/templates/neutron.conf +++ /dev/null @@ -1,486 +0,0 @@ -[DEFAULT] -# Print more verbose output (set logging level to INFO instead of default WARNING level). -verbose = {{ VERBOSE }} - -# Print debugging output (set logging level to DEBUG instead of default WARNING level). -debug = {{ VERBOSE }} - -# Where to store Neutron state files. This directory must be writable by the -# user executing the agent. -state_path = /var/lib/neutron - -# Where to store lock files -lock_path = $state_path/lock - -notify_nova_on_port_status_changes = True -notify_nova_on_port_data_changes = True - -# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s -# log_date_format = %Y-%m-%d %H:%M:%S - -# use_syslog -> syslog -# log_file and log_dir -> log_dir/log_file -# (not log_file) and log_dir -> log_dir/{binary_name}.log -# use_stderr -> stderr -# (not user_stderr) and (not log_file) -> stdout -# publish_errors -> notification system - -# use_syslog = False -# syslog_log_facility = LOG_USER - -# use_stderr = True -# log_file = -log_dir = /var/log/neutron - -# publish_errors = False - -# Address to bind the API server to -bind_host = {{ network_server_host }} - -# Port the bind the API server to -bind_port = 9696 - -# Path to the extensions. Note that this can be a colon-separated list of -# paths. For example: -# api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions -# The __path__ of neutron.extensions is appended to this, so if your -# extensions are in there you don't need to specify them here -# api_extensions_path = - -# (StrOpt) Neutron core plugin entrypoint to be loaded from the -# neutron.core_plugins namespace. See setup.cfg for the entrypoint names of the -# plugins included in the neutron source distribution. For compatibility with -# previous versions, the class name of a plugin can be specified instead of its -# entrypoint name. -# -#core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin -core_plugin = ml2 -# Example: core_plugin = ml2 - -# (ListOpt) List of service plugin entrypoints to be loaded from the -# neutron.service_plugins namespace. See setup.cfg for the entrypoint names of -# the plugins included in the neutron source distribution. For compatibility -# with previous versions, the class name of a plugin can be specified instead -# of its entrypoint name. -# -# service_plugins = -# Example: service_plugins = router,firewall,lbaas,vpnaas,metering -service_plugins = router - -# Paste configuration file -api_paste_config = api-paste.ini - -# The strategy to be used for auth. -# Supported values are 'keystone'(default), 'noauth'. -auth_strategy = keystone - -# Base MAC address. The first 3 octets will remain unchanged. If the -# 4h octet is not 00, it will also be used. The others will be -# randomly generated. -# 3 octet -# base_mac = fa:16:3e:00:00:00 -# 4 octet -# base_mac = fa:16:3e:4f:00:00 - -# Maximum amount of retries to generate a unique MAC address -# mac_generation_retries = 16 - -# DHCP Lease duration (in seconds) -dhcp_lease_duration = 86400 - -# Allow sending resource operation notification to DHCP agent -# dhcp_agent_notification = True - -# Enable or disable bulk create/update/delete operations -# allow_bulk = True -# Enable or disable pagination -# allow_pagination = False -# Enable or disable sorting -# allow_sorting = False -# Enable or disable overlapping IPs for subnets -# Attention: the following parameter MUST be set to False if Neutron is -# being used in conjunction with nova security groups -allow_overlapping_ips = True -# Ensure that configured gateway is on subnet -# force_gateway_on_subnet = False - - -# RPC configuration options. Defined in rpc __init__ -# The messaging module to use, defaults to kombu. -# rpc_backend = neutron.openstack.common.rpc.impl_kombu -rpc_backend = rabbit -rabbit_host = {{ rabbit_host }} -rabbit_password = {{ RABBIT_PASS }} - -# Size of RPC thread pool -rpc_thread_pool_size = 240 -# Size of RPC connection pool -rpc_conn_pool_size = 100 -# Seconds to wait for a response from call or multicall -rpc_response_timeout = 300 -# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. -rpc_cast_timeout = 300 -# Modules of exceptions that are permitted to be recreated -# upon receiving exception data from an rpc call. -# allowed_rpc_exception_modules = neutron.openstack.common.exception, nova.exception -# AMQP exchange to connect to if using RabbitMQ or QPID -# control_exchange = neutron - -# If passed, use a fake RabbitMQ provider -# fake_rabbit = False - -# Configuration options if sending notifications via kombu rpc (these are -# the defaults) -# SSL version to use (valid only if SSL enabled) -# kombu_ssl_version = -# SSL key file (valid only if SSL enabled) -# kombu_ssl_keyfile = -# SSL cert file (valid only if SSL enabled) -# kombu_ssl_certfile = -# SSL certification authority file (valid only if SSL enabled) -# kombu_ssl_ca_certs = -# Port where RabbitMQ server is running/listening -rabbit_port = 5672 -# RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) -# rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' -# rabbit_hosts = localhost:5672 -# User ID used for RabbitMQ connections -rabbit_userid = {{ RABBIT_USER }} -# Location of a virtual RabbitMQ installation. -# rabbit_virtual_host = / -# Maximum retries with trying to connect to RabbitMQ -# (the default of 0 implies an infinite retry count) -# rabbit_max_retries = 0 -# RabbitMQ connection retry interval -# rabbit_retry_interval = 1 -# Use HA queues in RabbitMQ (x-ha-policy: all). You need to -# wipe RabbitMQ database when changing this option. (boolean value) -# rabbit_ha_queues = false -# QPID -# rpc_backend=neutron.openstack.common.rpc.impl_qpid -# Qpid broker hostname -# qpid_hostname = localhost -# Qpid broker port -# qpid_port = 5672 -# Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) -# qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' -# qpid_hosts = localhost:5672 -# Username for qpid connection -# qpid_username = '' -# Password for qpid connection -# qpid_password = '' -# Space separated list of SASL mechanisms to use for auth -# qpid_sasl_mechanisms = '' -# Seconds between connection keepalive heartbeats -# qpid_heartbeat = 60 -# Transport to use, either 'tcp' or 'ssl' -# qpid_protocol = tcp -# Disable Nagle algorithm -# qpid_tcp_nodelay = True - -# ZMQ -# rpc_backend=neutron.openstack.common.rpc.impl_zmq -# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. -# The "host" option should point or resolve to this address. -# rpc_zmq_bind_address = * - -# ============ Notification System Options ===================== - -# Notifications can be sent when network/subnet/port are created, updated or deleted. -# There are three methods of sending notifications: logging (via the -# log_file directive), rpc (via a message queue) and -# noop (no notifications sent, the default) - -# Notification_driver can be defined multiple times -# Do nothing driver -# notification_driver = neutron.openstack.common.notifier.no_op_notifier -# Logging driver -# notification_driver = neutron.openstack.common.notifier.log_notifier -# RPC driver. -notification_driver = neutron.openstack.common.notifier.rpc_notifier - -# default_notification_level is used to form actual topic name(s) or to set logging level -default_notification_level = INFO - -# default_publisher_id is a part of the notification payload -# host = myhost.com -# default_publisher_id = $host - -# Defined in rpc_notifier, can be comma separated values. -# The actual topic names will be %s.%(default_notification_level)s -notification_topics = notifications - -# Default maximum number of items returned in a single response, -# value == infinite and value < 0 means no max limit, and value must -# be greater than 0. If the number of items requested is greater than -# pagination_max_limit, server will just return pagination_max_limit -# of number of items. -# pagination_max_limit = -1 - -# Maximum number of DNS nameservers per subnet -# max_dns_nameservers = 5 - -# Maximum number of host routes per subnet -# max_subnet_host_routes = 20 - -# Maximum number of fixed ips per port -# max_fixed_ips_per_port = 5 - -# =========== items for agent management extension ============= -# Seconds to regard the agent as down; should be at least twice -# report_interval, to be sure the agent is down for good -agent_down_time = 75 -# =========== end of items for agent management extension ===== - -# =========== items for agent scheduler extension ============= -# Driver to use for scheduling network to DHCP agent -network_scheduler_driver = neutron.scheduler.dhcp_agent_scheduler.ChanceScheduler -# Driver to use for scheduling router to a default L3 agent -router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.ChanceScheduler -# Driver to use for scheduling a loadbalancer pool to an lbaas agent -# loadbalancer_pool_scheduler_driver = neutron.services.loadbalancer.agent_scheduler.ChanceScheduler - -# Allow auto scheduling networks to DHCP agent. It will schedule non-hosted -# networks to first DHCP agent which sends get_active_networks message to -# neutron server -# network_auto_schedule = True - -# Allow auto scheduling routers to L3 agent. It will schedule non-hosted -# routers to first L3 agent which sends sync_routers message to neutron server -# router_auto_schedule = True - -# Number of DHCP agents scheduled to host a network. This enables redundant -# DHCP agents for configured networks. -# dhcp_agents_per_network = 1 - -# =========== end of items for agent scheduler extension ===== - -# =========== WSGI parameters related to the API server ============== -# Number of separate worker processes to spawn. The default, 0, runs the -# worker thread in the current process. Greater than 0 launches that number of -# child processes as workers. The parent process manages them. -api_workers = 8 - -# Number of separate RPC worker processes to spawn. The default, 0, runs the -# worker thread in the current process. Greater than 0 launches that number of -# child processes as RPC workers. The parent process manages them. -# This feature is experimental until issues are addressed and testing has been -# enabled for various plugins for compatibility. -rpc_workers = 8 - -# Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when -# starting API server. Not supported on OS X. -# tcp_keepidle = 600 - -# Number of seconds to keep retrying to listen -# retry_until_window = 30 - -# Number of backlog requests to configure the socket with. -# backlog = 4096 - -# Max header line to accommodate large tokens -# max_header_line = 16384 - -# Enable SSL on the API server -# use_ssl = False - -# Certificate file to use when starting API server securely -# ssl_cert_file = /path/to/certfile - -# Private key file to use when starting API server securely -# ssl_key_file = /path/to/keyfile - -# CA certificate file to use when starting API server securely to -# verify connecting clients. This is an optional parameter only required if -# API clients need to authenticate to the API server using SSL certificates -# signed by a trusted CA -# ssl_ca_file = /path/to/cafile -# ======== end of WSGI parameters related to the API server ========== - - -# ======== neutron nova interactions ========== -# Send notification to nova when port status is active. -notify_nova_on_port_status_changes = True - -# Send notifications to nova when port data (fixed_ips/floatingips) change -# so nova can update it's cache. -notify_nova_on_port_data_changes = True - -# URL for connection to nova (Only supports one nova region currently). -nova_url = http://{{ internal_vip.ip }}:8774/v2 - -# Name of nova region to use. Useful if keystone manages more than one region -nova_region_name = RegionOne - -# Username for connection to nova in admin context -nova_admin_username = nova - -# The uuid of the admin nova tenant -{% if NOVA_ADMIN_TENANT_ID|default('') %} -nova_admin_tenant_id = {{ NOVA_ADMIN_TENANT_ID.stdout_lines[0] }} -{% endif %} -# Password for connection to nova in admin context. -nova_admin_password = {{ NOVA_PASS }} - -# Authorization URL for connection to nova in admin context. -nova_admin_auth_url = http://{{ internal_vip.ip }}:35357/v2.0 - -# Number of seconds between sending events to nova if there are any events to send -send_events_interval = 2 - -# ======== end of neutron nova interactions ========== - -[quotas] -# Default driver to use for quota checks -quota_driver = neutron.db.quota_db.DbQuotaDriver - -# Resource name(s) that are supported in quota features -quota_items = network,subnet,port - -# Default number of resource allowed per tenant. A negative value means -# unlimited. -default_quota = -1 - -# Number of networks allowed per tenant. A negative value means unlimited. -quota_network = 100 - -# Number of subnets allowed per tenant. A negative value means unlimited. -quota_subnet = 100 - -# Number of ports allowed per tenant. A negative value means unlimited. -quota_port = 8000 - -# Number of security groups allowed per tenant. A negative value means -# unlimited. -quota_security_group = 1000 - -# Number of security group rules allowed per tenant. A negative value means -# unlimited. -quota_security_group_rule = 1000 - -# Number of vips allowed per tenant. A negative value means unlimited. -# quota_vip = 10 - -# Number of pools allowed per tenant. A negative value means unlimited. -# quota_pool = 10 - -# Number of pool members allowed per tenant. A negative value means unlimited. -# The default is unlimited because a member is not a real resource consumer -# on Openstack. However, on back-end, a member is a resource consumer -# and that is the reason why quota is possible. -# quota_member = -1 - -# Number of health monitors allowed per tenant. A negative value means -# unlimited. -# The default is unlimited because a health monitor is not a real resource -# consumer on Openstack. However, on back-end, a member is a resource consumer -# and that is the reason why quota is possible. -# quota_health_monitors = -1 - -# Number of routers allowed per tenant. A negative value means unlimited. -# quota_router = 10 - -# Number of floating IPs allowed per tenant. A negative value means unlimited. -# quota_floatingip = 50 - -[agent] -# Use "sudo neutron-rootwrap /etc/neutron/rootwrap.conf" to use the real -# root filter facility. -# Change to "sudo" to skip the filtering and just run the comand directly -root_helper = "sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf" - -# =========== items for agent management extension ============= -# seconds between nodes reporting state to server; should be less than -# agent_down_time, best if it is half or less than agent_down_time -report_interval = 30 - -# =========== end of items for agent management extension ===== - -[keystone_authtoken] -auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 -identity_uri = http://{{ internal_vip.ip }}:35357 -admin_tenant_name = service -admin_user = neutron -admin_password = {{ NEUTRON_PASS }} -signing_dir = $state_path/keystone-signing - -[database] -# This line MUST be changed to actually run the plugin. -# Example: -# connection = mysql://root:pass@127.0.0.1:3306/neutron -# Replace 127.0.0.1 above with the IP address of the database used by the -# main neutron server. (Leave it as is if the database runs on this host.) -# connection = sqlite:////var/lib/neutron/neutron.sqlite -connection = mysql://neutron:{{ NEUTRON_DBPASS }}@{{ db_host }}/neutron - -# The SQLAlchemy connection string used to connect to the slave database -slave_connection = - -# Database reconnection retry times - in event connectivity is lost -# set to -1 implies an infinite retry count -max_retries = 10 - -# Database reconnection interval in seconds - if the initial connection to the -# database fails -retry_interval = 10 - -# Minimum number of SQL connections to keep open in a pool -min_pool_size = 1 - -# Maximum number of SQL connections to keep open in a pool -max_pool_size = 100 - -# Timeout in seconds before idle sql connections are reaped -idle_timeout = 30 -use_db_reconnect = True - -# If set, use this value for max_overflow with sqlalchemy -max_overflow = 100 - -# Verbosity of SQL debugging information. 0=None, 100=Everything -connection_debug = 0 - -# Add python stack traces to SQL as comment strings -connection_trace = False - -# If set, use this value for pool_timeout with sqlalchemy -pool_timeout = 10 - -[service_providers] -# Specify service providers (drivers) for advanced services like loadbalancer, VPN, Firewall. -# Must be in form: -# service_provider=<service_type>:<name>:<driver>[:default] -# List of allowed service types includes LOADBALANCER, FIREWALL, VPN -# Combination of <service type> and <name> must be unique; <driver> must also be unique -# This is multiline option, example for default provider: -# service_provider=LOADBALANCER:name:lbaas_plugin_driver_path:default -# example of non-default provider: -# service_provider=FIREWALL:name2:firewall_driver_path -# --- Reference implementations --- -service_provider=FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewllDriver:default -# In order to activate Radware's lbaas driver you need to uncomment the next line. -# If you want to keep the HA Proxy as the default lbaas driver, remove the attribute default from the line below. -# Otherwise comment the HA Proxy line -# service_provider = LOADBALANCER:Radware:neutron.services.loadbalancer.drivers.radware.driver.LoadBalancerDriver:default -# uncomment the following line to make the 'netscaler' LBaaS provider available. -# service_provider=LOADBALANCER:NetScaler:neutron.services.loadbalancer.drivers.netscaler.netscaler_driver.NetScalerPluginDriver -# Uncomment the following line (and comment out the OpenSwan VPN line) to enable Cisco's VPN driver. -# service_provider=VPN:cisco:neutron.services.vpn.service_drivers.cisco_ipsec.CiscoCsrIPsecVPNDriver:default -# Uncomment the line below to use Embrane heleos as Load Balancer service provider. -# service_provider=LOADBALANCER:Embrane:neutron.services.loadbalancer.drivers.embrane.driver.EmbraneLbaas:default - -{% if enable_fwaas %} -[fwaas] -driver = neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver -enabled = True -{% endif %} - -[nova] -auth_url = http://{{ internal_vip.ip }}:35357 -auth_type = password -project_domain_name = default -user_domain_name = default -project_name = service -username = nova -password = {{ NOVA_PASS }} - diff --git a/deploy/adapters/ansible/openstack_mitaka/templates/nova.conf b/deploy/adapters/ansible/openstack_mitaka/templates/nova.conf deleted file mode 100644 index 3a5735cf..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/templates/nova.conf +++ /dev/null @@ -1,96 +0,0 @@ -{% set memcached_servers = [] %} -{% for host in haproxy_hosts.values() %} -{% set _ = memcached_servers.append('%s:11211'% host) %} -{% endfor %} -{% set memcached_servers = memcached_servers|join(',') %} - -[DEFAULT] -dhcpbridge_flagfile=/etc/nova/nova.conf -dhcpbridge=/usr/bin/nova-dhcpbridge -logdir=/var/log/nova -state_path=/var/lib/nova -lock_path=/var/lib/nova/tmp -force_dhcp_release=True -iscsi_helper=tgtadm -libvirt_use_virtio_for_bridges=True -connection_type=libvirt -root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf -verbose={{ VERBOSE}} -debug={{ DEBUG }} -ec2_private_dns_show_ip=True -api_paste_config=/etc/nova/api-paste.ini -volumes_path=/var/lib/nova/volumes -enabled_apis=osapi_compute,metadata - -default_floating_pool={{ public_net_info.network }} -auth_strategy = keystone - -rpc_backend = rabbit -rabbit_host = {{ rabbit_host }} -rabbit_userid = {{ RABBIT_USER }} -rabbit_password = {{ RABBIT_PASS }} - -osapi_compute_listen={{ internal_ip }} -metadata_listen={{ internal_ip }} - -my_ip = {{ internal_ip }} -vnc_enabled = True -vncserver_listen = {{ internal_ip }} -vncserver_proxyclient_address = {{ internal_ip }} -novncproxy_base_url = http://{{ public_vip.ip }}:6080/vnc_auto.html - -novncproxy_host = {{ internal_ip }} -novncproxy_port = 6080 - -network_api_class = nova.network.neutronv2.api.API -linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver -firewall_driver = nova.virt.firewall.NoopFirewallDriver -security_group_api = neutron - -instance_usage_audit = True -instance_usage_audit_period = hour -notify_on_state_change = vm_and_task_state -notification_driver = nova.openstack.common.notifier.rpc_notifier -notification_driver = ceilometer.compute.nova_notifier - -memcached_servers = {{ memcached_servers }} - -[database] -# The SQLAlchemy connection string used to connect to the database -connection = mysql://nova:{{ NOVA_DBPASS }}@{{ db_host }}/nova -idle_timeout = 30 -use_db_reconnect = True -pool_timeout = 10 - -[api_database] -connection = mysql://nova:{{ NOVA_DBPASS }}@{{ db_host }}/nova_api -idle_timeout = 30 -use_db_reconnect = True -pool_timeout = 10 - -[keystone_authtoken] -auth_uri = http://{{ internal_vip.ip }}:5000/2.0 -identity_uri = http://{{ internal_vip.ip }}:35357 -admin_tenant_name = service -admin_user = nova -admin_password = {{ NOVA_PASS }} -memcached_servers = {{ memcached_servers }} - -[glance] -host = {{ internal_vip.ip }} - -[neutron] -url = http://{{ internal_vip.ip }}:9696 -auth_strategy = keystone -admin_tenant_name = service -admin_username = neutron -admin_password = {{ NEUTRON_PASS }} -admin_auth_url = http://{{ internal_vip.ip }}:35357/v2.0 -service_metadata_proxy = True -metadata_proxy_shared_secret = {{ METADATA_SECRET }} -auth_type = password -auth_url = http://{{ internal_vip.ip }}:35357 -password = {{ NEUTRON_PASS }} -username = neutron -project_domain_name = default -user_domain_name = default |