aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml1
-rw-r--r--deploy/adapters/ansible/openstack/group_vars/all2
-rw-r--r--deploy/adapters/ansible/roles/database/templates/data.j26
-rw-r--r--deploy/adapters/ansible/roles/database/vars/main.yml3
-rw-r--r--deploy/adapters/ansible/roles/heat/handlers/main.yml8
-rw-r--r--deploy/adapters/ansible/roles/heat/tasks/heat_config.yml9
-rw-r--r--deploy/adapters/ansible/roles/heat/tasks/heat_install.yml19
-rw-r--r--deploy/adapters/ansible/roles/heat/tasks/main.yml14
-rw-r--r--deploy/adapters/ansible/roles/heat/templates/heat.j222
-rw-r--r--deploy/adapters/ansible/roles/heat/vars/Debian.yml12
-rw-r--r--deploy/adapters/ansible/roles/heat/vars/RedHat.yml5
-rw-r--r--deploy/adapters/ansible/roles/heat/vars/main.yml5
-rw-r--r--deploy/adapters/ansible/roles/keystone/vars/main.yml30
-rw-r--r--deploy/conf/base.conf2
14 files changed, 137 insertions, 1 deletions
diff --git a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
index 58774e4b..e4c218c0 100644
--- a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
+++ b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
@@ -28,6 +28,7 @@
- ceilometer_controller
# - ext-network
- dashboard
+ - heat
- hosts: compute
remote_user: root
diff --git a/deploy/adapters/ansible/openstack/group_vars/all b/deploy/adapters/ansible/openstack/group_vars/all
index 5643fcd9..1efcc1c8 100644
--- a/deploy/adapters/ansible/openstack/group_vars/all
+++ b/deploy/adapters/ansible/openstack/group_vars/all
@@ -24,6 +24,8 @@ NOVA_PASS: nova_secret
DASH_DBPASS: dash_db_secret
CINDER_DBPASS: cinder_db_secret
CINDER_PASS: cinder_secret
+HEAT_DBPASS: heat_db_secret
+HEAT_PASS: heat_secret
NEUTRON_DBPASS: neutron_db_secret
NEUTRON_PASS: netron_secret
NEUTRON_TYPE_DRIVERS: ['flat', 'gre', 'vxlan']
diff --git a/deploy/adapters/ansible/roles/database/templates/data.j2 b/deploy/adapters/ansible/roles/database/templates/data.j2
index c894b322..109201ab 100644
--- a/deploy/adapters/ansible/roles/database/templates/data.j2
+++ b/deploy/adapters/ansible/roles/database/templates/data.j2
@@ -5,6 +5,7 @@ drop database if exists glance;
drop database if exists neutron;
drop database if exists nova;
drop database if exists cinder;
+drop database if exists heat;
CREATE DATABASE keystone;
{% for host in ['%', 'localhost', inventory_hostname] %}
@@ -31,6 +32,11 @@ CREATE DATABASE cinder;
GRANT ALL ON cinder.* TO 'cinder'@'{{ host }}' IDENTIFIED BY '{{ CINDER_DBPASS }}';
{% endfor %}
+CREATE DATABASE heat;
+{% for host in ['%', 'localhost', inventory_hostname] %}
+GRANT ALL ON heat.* TO 'heat'@'{{ host }}' IDENTIFIED BY '{{ HEAT_DBPASS }}';
+{% endfor %}
+
{% if WSREP_SST_USER is defined %}
{% for host in ['%', 'localhost', inventory_hostname] %}
GRANT ALL ON *.* TO '{{ WSREP_SST_USER }}'@'{{ host }}' IDENTIFIED BY '{{ WSREP_SST_PASS }}';
diff --git a/deploy/adapters/ansible/roles/database/vars/main.yml b/deploy/adapters/ansible/roles/database/vars/main.yml
index e71c1d4c..82ed91c0 100644
--- a/deploy/adapters/ansible/roles/database/vars/main.yml
+++ b/deploy/adapters/ansible/roles/database/vars/main.yml
@@ -20,4 +20,7 @@ credentials:
- user: cinder
db: cinder
password: "{{ CINDER_DBPASS }}"
+ - user: heat
+ db: heat
+ password: "{{ HEAT_DBPASS }}"
diff --git a/deploy/adapters/ansible/roles/heat/handlers/main.yml b/deploy/adapters/ansible/roles/heat/handlers/main.yml
new file mode 100644
index 00000000..74bcd10a
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/handlers/main.yml
@@ -0,0 +1,8 @@
+---
+- name: restart heat service
+ service: name={{ item }} state=restarted enabled=yes
+ with_items: services | union(services_noarch)
+
+- name: remove heat-sqlite-db
+ shell: rm /var/lib/heat/heat.sqlite || touch heat.sqlite.db.removed
+
diff --git a/deploy/adapters/ansible/roles/heat/tasks/heat_config.yml b/deploy/adapters/ansible/roles/heat/tasks/heat_config.yml
new file mode 100644
index 00000000..739d1aae
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/tasks/heat_config.yml
@@ -0,0 +1,9 @@
+---
+- name: heat db sync
+ shell: su -s /bin/sh -c "heat-manage db_sync" heat
+ ignore_errors: True
+ notify:
+ - restart heat service
+
+- meta: flush_handlers
+
diff --git a/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml
new file mode 100644
index 00000000..ab23f873
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml
@@ -0,0 +1,19 @@
+---
+- include_vars: "{{ ansible_os_family }}.yml"
+
+- name: install heat related packages
+ action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
+ with_items: packages | union(packages_noarch)
+
+- name: generate heat service list
+ shell: echo {{ item }} >> /opt/service
+ with_items: services | union(services_noarch)
+
+- name: update heat conf
+ template: src=heat.j2
+ dest=/etc/heat/heat.conf
+ backup=yes
+ notify:
+ - restart heat service
+ - remove heat-sqlite-db
+
diff --git a/deploy/adapters/ansible/roles/heat/tasks/main.yml b/deploy/adapters/ansible/roles/heat/tasks/main.yml
new file mode 100644
index 00000000..cf259eb5
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/tasks/main.yml
@@ -0,0 +1,14 @@
+---
+- include: heat_install.yml
+ tags:
+ - install
+ - heat_install
+ - heat
+
+- include: heat_config.yml
+ when: HA_CLUSTER is not defined or HA_CLUSTER[inventory_hostname] == ''
+ tags:
+ - config
+ - heat_config
+ - heat
+
diff --git a/deploy/adapters/ansible/roles/heat/templates/heat.j2 b/deploy/adapters/ansible/roles/heat/templates/heat.j2
new file mode 100644
index 00000000..67beb1ca
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/templates/heat.j2
@@ -0,0 +1,22 @@
+[DEFAULT]
+heat_metadata_server_url = http://{{ internal_vip.ip }}:8000
+heat_waitcondition_server_url = http://{{ internal_vip.ip }}:8000/v1/waitcondition
+rpc_backend = rabbit
+rabbit_host = {{ rabbit_host }}
+rabbit_userid = {{ RABBIT_USER }}
+rabbit_password = {{ RABBIT_PASS }}
+log_dir = /var/log/heat
+
+[database]
+connection = mysql://heat:{{ HEAT_DBPASS }}@{{ db_host }}/heat
+
+[ec2authtoken]
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+
+[keystone_authtoken]
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
+admin_tenant_name = service
+admin_user = heat
+admin_password = {{ HEAT_PASS }}
+
diff --git a/deploy/adapters/ansible/roles/heat/vars/Debian.yml b/deploy/adapters/ansible/roles/heat/vars/Debian.yml
new file mode 100644
index 00000000..03787bcb
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/vars/Debian.yml
@@ -0,0 +1,12 @@
+---
+packages:
+ - heat-api
+ - heat-api-cfn
+ - heat-engine
+ - python-heatclient
+
+services:
+ - heat-api
+ - heat-api-cfn
+ - heat-engine
+
diff --git a/deploy/adapters/ansible/roles/heat/vars/RedHat.yml b/deploy/adapters/ansible/roles/heat/vars/RedHat.yml
new file mode 100644
index 00000000..25b318d0
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/vars/RedHat.yml
@@ -0,0 +1,5 @@
+---
+services: []
+
+packages: []
+
diff --git a/deploy/adapters/ansible/roles/heat/vars/main.yml b/deploy/adapters/ansible/roles/heat/vars/main.yml
new file mode 100644
index 00000000..05d75010
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/vars/main.yml
@@ -0,0 +1,5 @@
+---
+packages_noarch: []
+
+services_noarch: []
+
diff --git a/deploy/adapters/ansible/roles/keystone/vars/main.yml b/deploy/adapters/ansible/roles/keystone/vars/main.yml
index f3bd4f5f..d743b4ee 100644
--- a/deploy/adapters/ansible/roles/keystone/vars/main.yml
+++ b/deploy/adapters/ansible/roles/keystone/vars/main.yml
@@ -60,6 +60,22 @@ os_services:
internalurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s"
adminurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s"
+ - name: heat
+ type: orchestration
+ region: regionOne
+ description: "OpenStack Orchestration"
+ publicurl: "http://{{ public_vip.ip }}:8004/v1/%(tenant_id)s"
+ internalurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s"
+ adminurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s"
+
+ - name: heat-cfn
+ type: cloudformation
+ region: regionOne
+ description: "OpenStack CloudFormation Orchestration"
+ publicurl: "http://{{ public_vip.ip }}:8000/v1"
+ internalurl: "http://{{ internal_vip.ip }}:8000/v1"
+ adminurl: "http://{{ internal_vip.ip }}:8000/v1"
+
os_users:
- user: admin
password: "{{ ADMIN_PASS }}"
@@ -109,3 +125,17 @@ os_users:
role: admin
tenant: service
tenant_description: "Service Tenant"
+
+ - user: heat
+ password: "{{ HEAT_PASS }}"
+ email: heat@admin.com
+ role: admin
+ tenant: service
+ tenant_description: "Service Tenant"
+
+ - user: demo
+ password: ""
+ email: heat@demo.com
+ role: heat_stack_user
+ tenant: demo
+ tenant_description: "Demo Tenant"
diff --git a/deploy/conf/base.conf b/deploy/conf/base.conf
index 3f8361fe..45970a05 100644
--- a/deploy/conf/base.conf
+++ b/deploy/conf/base.conf
@@ -18,7 +18,7 @@ export SUBNETS="10.1.0.0/24,172.16.2.0/24,172.16.3.0/24,172.16.4.0/24"
export MANAGEMENT_IP_START=${MANAGEMENT_IP_START:-'10.1.0.50'}
export MANAGEMENT_INTERFACE=${MANAGEMENT_INTERFACE:-eth0}
export DASHBOARD_URL=""
-export ENABLE_SECGROUP="false"
+export ENABLE_SECGROUP="true"
export ENABLE_VPNAAS="false"
export ENABLE_FWAAS="false"