diff options
19 files changed, 293 insertions, 58 deletions
diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/handlers/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/handlers/main.yml index e1084c83..b3399e0c 100644 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/handlers/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/handlers/main.yml @@ -9,4 +9,5 @@ --- - name: restart aodh services service: name={{ item }} state=restarted enabled=yes - with_items: services + with_items: services | union(services_noarch) + diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_config.yml b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_config.yml new file mode 100644 index 00000000..e60d5338 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_config.yml @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: aodh db sync + shell: su -s /bin/sh -c "aodh-dbsync" aodh + notify: + - restart aodh services + diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_install.yml b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_install.yml new file mode 100644 index 00000000..eb51fbea --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/aodh_install.yml @@ -0,0 +1,31 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- include_vars: "{{ ansible_os_family }}.yml" + +- name: install aodh packages + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: packages | union(packages_noarch) + +- name: update aodh conf + template: src={{ item }} dest=/etc/aodh/aodh.conf + backup=yes + with_items: + - aodh.conf.j2 +# - api_paste.ini.j2 +# - policy.json.j2 + notify: + - restart aodh services + +- name: write services to monitor list + lineinfile: dest=/opt/service create=yes line='{{ item }}' + with_items: services | union(services_noarch) + +- name: remove default sqlite db + shell: rm /var/lib/aodh/aodh.sqlite || touch aodh.sqllite.db.removed diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/main.yml index 75b15511..9b61915f 100644 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/tasks/main.yml @@ -7,23 +7,17 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- -- include_vars: "{{ ansible_os_family }}.yml" +- include: aodh_install.yml + tags: + - install + - aodh_install + - aodh -- name: install aodh packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: packages | union(packages_noarch) - -- name: update aodh conf - template: src={{ item }} dest=/etc/aodh/aodh.conf - backup=yes - with_items: - - aodh.conf.j2 -# - api_paste.ini.j2 -# - policy.json.j2 - notify: restart aodh services - -- name: write services to monitor list - lineinfile: dest=/opt/service create=yes line='{{ item }}' - with_items: services +- include: aodh_config.yml + when: inventory_hostname == groups['controller'][0] + tags: + - config + - aodh_config + - aodh - meta: flush_handlers diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/aodh.conf.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/aodh.conf.j2 index 85512ed5..743099cb 100644 --- a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/aodh.conf.j2 +++ b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/aodh.conf.j2 @@ -10,16 +10,15 @@ bind_port = 8042 rpc_backend = rabbit auth_strategy = keystone debug = True -verbose = True [oslo_messaging_rabbit] rabbit_hosts = {{ internal_vip.ip }} rabbit_userid = {{ RABBIT_USER }} rabbit_password = {{ RABBIT_PASS }} -rabbit_use_ssl = false +#rabbit_use_ssl = false [database] -connection = mongodb://aodh:{{ AODH_DBPASS }}@{{ internal_vip.ip }}:27017/aodh +connection = mysql://aodh:{{ AODH_DBPASS }}@{{ db_host }}/aodh [keystone_authtoken] auth_uri = http://{{ internal_vip.ip }}:5000 diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/database/templates/data.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/database/templates/data.j2 new file mode 100644 index 00000000..66c2fead --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/database/templates/data.j2 @@ -0,0 +1,51 @@ +#!/bin/sh +mysql -uroot -Dmysql <<EOF +drop database if exists keystone; +drop database if exists glance; +drop database if exists neutron; +drop database if exists nova; +drop database if exists cinder; +drop database if exists heat; +drop database if exists aodh; + +CREATE DATABASE keystone; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON keystone.* TO 'keystone'@'{{ host }}' IDENTIFIED BY '{{ KEYSTONE_DBPASS }}'; +{% endfor %} + +CREATE DATABASE glance; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON glance.* TO 'glance'@'{{ host }}' IDENTIFIED BY '{{ GLANCE_DBPASS }}'; +{% endfor %} + +CREATE DATABASE neutron; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON neutron.* TO 'neutron'@'{{ host }}' IDENTIFIED BY '{{ NEUTRON_DBPASS }}'; +{% endfor %} + +CREATE DATABASE nova; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON nova.* TO 'nova'@'{{ host }}' IDENTIFIED BY '{{ NOVA_DBPASS }}'; +{% endfor %} + +CREATE DATABASE cinder; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON cinder.* TO 'cinder'@'{{ host }}' IDENTIFIED BY '{{ CINDER_DBPASS }}'; +{% endfor %} + +CREATE DATABASE heat; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON heat.* TO 'heat'@'{{ host }}' IDENTIFIED BY '{{ HEAT_DBPASS }}'; +{% endfor %} + +CREATE DATABASE aodh; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON aodh.* TO 'aodh'@'{{ host }}' IDENTIFIED BY '{{ AODH_DBPASS }}'; +{% endfor %} + +{% if WSREP_SST_USER is defined %} +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON *.* TO '{{ WSREP_SST_USER }}'@'{{ host }}' IDENTIFIED BY '{{ WSREP_SST_PASS }}'; +{% endfor %} +{% endif %} +EOF diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/database/vars/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/database/vars/main.yml index b4ff7ba5..a32897f0 100644 --- a/deploy/adapters/ansible/openstack_mitaka/roles/database/vars/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka/roles/database/vars/main.yml @@ -34,4 +34,6 @@ credentials: - user: heat db: heat password: "{{ HEAT_DBPASS }}" - + - user: aodh + db: aodh + password: "{{ AODH_DBPASS }}" diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/handlers/main.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/handlers/main.yml index e1084c83..b3399e0c 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/handlers/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/handlers/main.yml @@ -9,4 +9,5 @@ --- - name: restart aodh services service: name={{ item }} state=restarted enabled=yes - with_items: services + with_items: services | union(services_noarch) + diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/tasks/aodh_config.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/tasks/aodh_config.yml new file mode 100644 index 00000000..e60d5338 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/tasks/aodh_config.yml @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: aodh db sync + shell: su -s /bin/sh -c "aodh-dbsync" aodh + notify: + - restart aodh services + diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/tasks/aodh_install.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/tasks/aodh_install.yml new file mode 100644 index 00000000..eb51fbea --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/tasks/aodh_install.yml @@ -0,0 +1,31 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- include_vars: "{{ ansible_os_family }}.yml" + +- name: install aodh packages + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: packages | union(packages_noarch) + +- name: update aodh conf + template: src={{ item }} dest=/etc/aodh/aodh.conf + backup=yes + with_items: + - aodh.conf.j2 +# - api_paste.ini.j2 +# - policy.json.j2 + notify: + - restart aodh services + +- name: write services to monitor list + lineinfile: dest=/opt/service create=yes line='{{ item }}' + with_items: services | union(services_noarch) + +- name: remove default sqlite db + shell: rm /var/lib/aodh/aodh.sqlite || touch aodh.sqllite.db.removed diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/tasks/main.yml index 75b15511..9b61915f 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/tasks/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/tasks/main.yml @@ -7,23 +7,17 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- -- include_vars: "{{ ansible_os_family }}.yml" +- include: aodh_install.yml + tags: + - install + - aodh_install + - aodh -- name: install aodh packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" - with_items: packages | union(packages_noarch) - -- name: update aodh conf - template: src={{ item }} dest=/etc/aodh/aodh.conf - backup=yes - with_items: - - aodh.conf.j2 -# - api_paste.ini.j2 -# - policy.json.j2 - notify: restart aodh services - -- name: write services to monitor list - lineinfile: dest=/opt/service create=yes line='{{ item }}' - with_items: services +- include: aodh_config.yml + when: inventory_hostname == groups['controller'][0] + tags: + - config + - aodh_config + - aodh - meta: flush_handlers diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/templates/aodh.conf.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/templates/aodh.conf.j2 index 85512ed5..743099cb 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/templates/aodh.conf.j2 +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/aodh/templates/aodh.conf.j2 @@ -10,16 +10,15 @@ bind_port = 8042 rpc_backend = rabbit auth_strategy = keystone debug = True -verbose = True [oslo_messaging_rabbit] rabbit_hosts = {{ internal_vip.ip }} rabbit_userid = {{ RABBIT_USER }} rabbit_password = {{ RABBIT_PASS }} -rabbit_use_ssl = false +#rabbit_use_ssl = false [database] -connection = mongodb://aodh:{{ AODH_DBPASS }}@{{ internal_vip.ip }}:27017/aodh +connection = mysql://aodh:{{ AODH_DBPASS }}@{{ db_host }}/aodh [keystone_authtoken] auth_uri = http://{{ internal_vip.ip }}:5000 diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/database/templates/data.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/database/templates/data.j2 new file mode 100644 index 00000000..66c2fead --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/database/templates/data.j2 @@ -0,0 +1,51 @@ +#!/bin/sh +mysql -uroot -Dmysql <<EOF +drop database if exists keystone; +drop database if exists glance; +drop database if exists neutron; +drop database if exists nova; +drop database if exists cinder; +drop database if exists heat; +drop database if exists aodh; + +CREATE DATABASE keystone; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON keystone.* TO 'keystone'@'{{ host }}' IDENTIFIED BY '{{ KEYSTONE_DBPASS }}'; +{% endfor %} + +CREATE DATABASE glance; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON glance.* TO 'glance'@'{{ host }}' IDENTIFIED BY '{{ GLANCE_DBPASS }}'; +{% endfor %} + +CREATE DATABASE neutron; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON neutron.* TO 'neutron'@'{{ host }}' IDENTIFIED BY '{{ NEUTRON_DBPASS }}'; +{% endfor %} + +CREATE DATABASE nova; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON nova.* TO 'nova'@'{{ host }}' IDENTIFIED BY '{{ NOVA_DBPASS }}'; +{% endfor %} + +CREATE DATABASE cinder; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON cinder.* TO 'cinder'@'{{ host }}' IDENTIFIED BY '{{ CINDER_DBPASS }}'; +{% endfor %} + +CREATE DATABASE heat; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON heat.* TO 'heat'@'{{ host }}' IDENTIFIED BY '{{ HEAT_DBPASS }}'; +{% endfor %} + +CREATE DATABASE aodh; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON aodh.* TO 'aodh'@'{{ host }}' IDENTIFIED BY '{{ AODH_DBPASS }}'; +{% endfor %} + +{% if WSREP_SST_USER is defined %} +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON *.* TO '{{ WSREP_SST_USER }}'@'{{ host }}' IDENTIFIED BY '{{ WSREP_SST_PASS }}'; +{% endfor %} +{% endif %} +EOF diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/database/vars/main.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/database/vars/main.yml index b4ff7ba5..a32897f0 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/database/vars/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/database/vars/main.yml @@ -34,4 +34,6 @@ credentials: - user: heat db: heat password: "{{ HEAT_DBPASS }}" - + - user: aodh + db: aodh + password: "{{ AODH_DBPASS }}" diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/templates/proxy-server.conf b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/templates/proxy-server.conf index db2ee145..9bea7a8e 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/templates/proxy-server.conf +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/templates/proxy-server.conf @@ -324,6 +324,9 @@ project_name = service username = swift password = {{ CINDER_PASS }} delay_auth_decision = True +admin_user=admin +admin_password={{ ADMIN_PASS }} +admin_token={{ ADMIN_TOKEN }} # # delay_auth_decision defaults to False, but leaving it as false will # prevent other auth systems, staticweb, tempurl, formpost, and ACLs from @@ -767,5 +770,6 @@ use = egg:swift#versioned_writes [filter:moon] paste.filter_factory = keystonemiddleware.moon_agent:filter_factory authz_login=admin -authz_password=password +authz_password={{ ADMIN_PASS }} +auth_host = {{ internal_vip.ip }} logfile=/var/log/moon/keystonemiddleware.log diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/swift/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/swift/tasks/main.yml index 769d3a05..25c151a3 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/swift/tasks/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/swift/tasks/main.yml @@ -42,6 +42,12 @@ - rsync when: inventory_hostname in groups['compute'] +- name: upload swift lib + unarchive: src=swift-lib.tar.gz dest=/tmp/ + +- name: copy swift lib + command: su -s /bin/sh -c "cp /tmp/swift-lib/* /usr/lib/" + - name: wait 30 seconds shell: sleep 30 @@ -85,3 +91,25 @@ - swift-object-replicator when: inventory_hostname in groups['compute'] ignore_errors: True + +- name: sleep 10 second + shell: sleep 10 + +- name: start tasks on compute + service: name={{ item }} state=start enabled=yes + with_items: + - swift-account + - swift-account-replicator + - swift-container-replicator + - swift-object + - swift-object-updater + - swift-account-auditor + - swift-container + - swift-container-sync + - swift-object-auditor + - swift-account-reaper + - swift-container-auditor + - swift-container-updater + - swift-object-replicator + when: inventory_hostname in groups['compute'] + ignore_errors: True diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/swift/tasks/swift-compute1.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/swift/tasks/swift-compute1.yml index e6e4e6aa..be00484b 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/swift/tasks/swift-compute1.yml +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/swift/tasks/swift-compute1.yml @@ -66,13 +66,13 @@ #- name: copy swift lib # copy: src=swift-lib.tar.gz dest=/tmp/swift-lib.tar.gz - -- name: upload swift lib - unarchive: src=swift-lib.tar.gz dest=/tmp/ - -- name: copy swift lib - shell: command: su -s /bin/sh -c "cp /tmp/swift-lib/* /usr/lib/" - +# +#- name: upload swift lib +# unarchive: src=swift-lib.tar.gz dest=/tmp/ +# +#- name: copy swift lib +# shell: command: su -s /bin/sh -c "cp /tmp/swift-lib/* /usr/lib/" +# #- name: untar swift lib # shell: > # tar zxf /tmp/swift-lib.tar.gz; diff --git a/deploy/launch.sh b/deploy/launch.sh index 9947bd8d..488e0fd7 100755 --- a/deploy/launch.sh +++ b/deploy/launch.sh @@ -12,6 +12,8 @@ WORK_DIR=$COMPASS_DIR/work/deploy mkdir -p $WORK_DIR/script +export DEPLOY_FIRST_TIME=${DEPLOY_FIRST_TIME-"true"} + source ${COMPASS_DIR}/deploy/prepare.sh prepare_python_env source ${COMPASS_DIR}/util/log.sh diff --git a/deploy/prepare.sh b/deploy/prepare.sh index e7d84441..a4f606af 100755 --- a/deploy/prepare.sh +++ b/deploy/prepare.sh @@ -36,11 +36,14 @@ function download_iso() } function prepare_env() { - sudo apt-get update -y - sudo apt-get install -y --force-yes mkisofs bc curl ipmitool openvswitch-switch - sudo apt-get install -y --force-yes git python-dev - sudo apt-get install -y --force-yes libxslt-dev libxml2-dev libvirt-dev build-essential qemu-utils qemu-kvm libvirt-bin virtinst libmysqld-dev - sudo apt-get install -y --force-yes libffi-dev libssl-dev + if [[ "$DEPLOY_FIRST_TIME" == "true" ]]; then + sudo apt-get update -y + sudo apt-get install -y --force-yes mkisofs bc curl ipmitool openvswitch-switch + sudo apt-get install -y --force-yes git python-dev + sudo apt-get install -y --force-yes libxslt-dev libxml2-dev libvirt-dev build-essential qemu-utils qemu-kvm libvirt-bin virtinst libmysqld-dev + sudo apt-get install -y --force-yes libffi-dev libssl-dev + fi + sudo service libvirt-bin restart if sudo service openvswitch-switch status|grep stop; then sudo service openvswitch-switch start @@ -71,7 +74,7 @@ function prepare_env() { sudo cp ${COMPASS_DIR}/deploy/qemu_hook.sh /etc/libvirt/hooks/qemu } -function prepare_python_env() { +function _prepare_python_env() { rm -rf $WORK_DIR/venv mkdir -p $WORK_DIR/venv @@ -88,3 +91,17 @@ function prepare_python_env() { pip install --upgrade oslo.config pip install --upgrade ansible } + +function prepare_python_env() +{ + if [[ "$DEPLOY_FIRST_TIME" == "true" ]]; then + _prepare_python_env + else + source $WORK_DIR/venv/bin/activate + if [[ $? -ne 0 ]]; then + _prepare_python_env + fi + fi + which python +} + |