18 files changed, 142 insertions, 7 deletions
diff --git a/deploy/adapters/ansible/roles/cinder-controller/templates/cinder.conf b/deploy/adapters/ansible/roles/cinder-controller/templates/cinder.conf
index cf41817b..b61e6562 100644
--- a/deploy/adapters/ansible/roles/cinder-controller/templates/cinder.conf
+++ b/deploy/adapters/ansible/roles/cinder-controller/templates/cinder.conf
@@ -61,3 +61,4 @@ admin_password = {{ CINDER_PASS }}
 
 [database]
 connection = mysql://cinder:{{ CINDER_DBPASS }}@{{ db_host }}/cinder
+idle_timeout = 30
diff --git a/deploy/adapters/ansible/roles/cinder-volume/templates/cinder.conf b/deploy/adapters/ansible/roles/cinder-volume/templates/cinder.conf
index 0b855da5..fdcac69d 100644
--- a/deploy/adapters/ansible/roles/cinder-volume/templates/cinder.conf
+++ b/deploy/adapters/ansible/roles/cinder-volume/templates/cinder.conf
@@ -60,3 +60,4 @@ admin_password = {{ CINDER_PASS }}
 
 [database]
 connection = mysql://cinder:{{ CINDER_DBPASS }}@{{ db_host }}/cinder
+idle_timeout = 30
diff --git a/deploy/adapters/ansible/roles/database/templates/data.j2 b/deploy/adapters/ansible/roles/database/templates/data.j2
index c894b322..109201ab 100644
--- a/deploy/adapters/ansible/roles/database/templates/data.j2
+++ b/deploy/adapters/ansible/roles/database/templates/data.j2
@@ -5,6 +5,7 @@ drop database if exists glance;
 drop database if exists neutron;
 drop database if exists nova;
 drop database if exists cinder;
+drop database if exists heat;
 
 CREATE DATABASE keystone;
 {% for host in ['%', 'localhost', inventory_hostname] %}
@@ -31,6 +32,11 @@ CREATE DATABASE cinder;
 GRANT ALL ON cinder.* TO 'cinder'@'{{ host }}' IDENTIFIED BY '{{ CINDER_DBPASS }}';
 {% endfor %}
 
+CREATE DATABASE heat;
+{% for host in ['%', 'localhost', inventory_hostname] %}
+GRANT ALL ON heat.* TO 'heat'@'{{ host }}' IDENTIFIED BY '{{ HEAT_DBPASS }}';
+{% endfor %}
+
 {% if WSREP_SST_USER is defined %}
 {% for host in ['%', 'localhost', inventory_hostname] %}
 GRANT ALL ON *.* TO '{{ WSREP_SST_USER }}'@'{{ host }}' IDENTIFIED BY '{{ WSREP_SST_PASS }}';
diff --git a/deploy/adapters/ansible/roles/database/vars/main.yml b/deploy/adapters/ansible/roles/database/vars/main.yml
index e71c1d4c..82ed91c0 100644
--- a/deploy/adapters/ansible/roles/database/vars/main.yml
+++ b/deploy/adapters/ansible/roles/database/vars/main.yml
@@ -20,4 +20,7 @@ credentials:
   - user: cinder
     db: cinder
     password: "{{ CINDER_DBPASS }}"
+  - user: heat
+    db: heat
+    password: "{{ HEAT_DBPASS }}"
 
diff --git a/deploy/adapters/ansible/roles/glance/templates/glance-api.conf b/deploy/adapters/ansible/roles/glance/templates/glance-api.conf
index 737b9a3a..ab63e054 100644
--- a/deploy/adapters/ansible/roles/glance/templates/glance-api.conf
+++ b/deploy/adapters/ansible/roles/glance/templates/glance-api.conf
@@ -586,7 +586,7 @@ connection = mysql://glance:{{ GLANCE_DBPASS }}@{{ db_host }}/glance
 # Deprecated group/name - [DEFAULT]/sql_idle_timeout
 # Deprecated group/name - [DATABASE]/sql_idle_timeout
 # Deprecated group/name - [sql]/idle_timeout
-#idle_timeout = 3600
+idle_timeout = 30
 
 # Minimum number of SQL connections to keep open in a pool
 # (integer value)
diff --git a/deploy/adapters/ansible/roles/glance/templates/glance-registry.conf b/deploy/adapters/ansible/roles/glance/templates/glance-registry.conf
index 1fedb0b5..06c403fd 100644
--- a/deploy/adapters/ansible/roles/glance/templates/glance-registry.conf
+++ b/deploy/adapters/ansible/roles/glance/templates/glance-registry.conf
@@ -106,7 +106,7 @@ connection = mysql://glance:{{ GLANCE_DBPASS }}@{{ db_host }}/glance
 # Deprecated group/name - [DEFAULT]/sql_idle_timeout
 # Deprecated group/name - [DATABASE]/sql_idle_timeout
 # Deprecated group/name - [sql]/idle_timeout
-#idle_timeout = 3600
+idle_timeout = 30
 
 # Minimum number of SQL connections to keep open in a pool
 # (integer value)
diff --git a/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg b/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg
index c8065f05..6b91a248 100644
--- a/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg
+++ b/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg
@@ -20,10 +20,10 @@ defaults
     timeout http-request 10s
     timeout queue 1m
     timeout connect 10s
-    timeout client 6m
-    timeout server 6m
+    timeout client 50s
+    timeout server 50s
     timeout check 10s
-    retries 5
+    retries 3
 
 listen  proxy-glance_registry_cluster
     bind {{ internal_vip.ip }}:9191
diff --git a/deploy/adapters/ansible/roles/heat/handlers/main.yml b/deploy/adapters/ansible/roles/heat/handlers/main.yml
new file mode 100644
index 00000000..74bcd10a
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/handlers/main.yml
@@ -0,0 +1,8 @@
+---
+- name: restart heat service
+  service: name={{ item }} state=restarted enabled=yes
+  with_items: services | union(services_noarch)
+
+- name: remove heat-sqlite-db
+  shell: rm /var/lib/heat/heat.sqlite || touch heat.sqlite.db.removed
+
diff --git a/deploy/adapters/ansible/roles/heat/tasks/heat_config.yml b/deploy/adapters/ansible/roles/heat/tasks/heat_config.yml
new file mode 100644
index 00000000..739d1aae
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/tasks/heat_config.yml
@@ -0,0 +1,9 @@
+---
+- name: heat db sync
+  shell: su -s /bin/sh -c "heat-manage db_sync" heat
+  ignore_errors: True
+  notify:
+    - restart heat service
+
+- meta: flush_handlers
+
diff --git a/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml
new file mode 100644
index 00000000..ab23f873
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml
@@ -0,0 +1,19 @@
+---
+- include_vars: "{{ ansible_os_family }}.yml"
+
+- name: install heat related packages
+  action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
+  with_items: packages | union(packages_noarch)
+
+- name: generate heat service list
+  shell: echo {{ item }} >> /opt/service
+  with_items: services | union(services_noarch)
+
+- name: update heat conf
+  template: src=heat.j2
+            dest=/etc/heat/heat.conf
+            backup=yes
+  notify:
+    - restart heat service
+    - remove heat-sqlite-db
+
diff --git a/deploy/adapters/ansible/roles/heat/tasks/main.yml b/deploy/adapters/ansible/roles/heat/tasks/main.yml
new file mode 100644
index 00000000..cf259eb5
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/tasks/main.yml
@@ -0,0 +1,14 @@
+---
+- include: heat_install.yml
+  tags:
+    - install
+    - heat_install
+    - heat
+
+- include: heat_config.yml
+  when: HA_CLUSTER is not defined or HA_CLUSTER[inventory_hostname] == ''
+  tags:
+    - config
+    - heat_config
+    - heat
+
diff --git a/deploy/adapters/ansible/roles/heat/templates/heat.j2 b/deploy/adapters/ansible/roles/heat/templates/heat.j2
new file mode 100644
index 00000000..67beb1ca
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/templates/heat.j2
@@ -0,0 +1,22 @@
+[DEFAULT]
+heat_metadata_server_url = http://{{ internal_vip.ip }}:8000
+heat_waitcondition_server_url = http://{{ internal_vip.ip }}:8000/v1/waitcondition
+rpc_backend = rabbit
+rabbit_host = {{ rabbit_host }}
+rabbit_userid = {{ RABBIT_USER }}
+rabbit_password = {{ RABBIT_PASS }}
+log_dir = /var/log/heat
+
+[database]
+connection = mysql://heat:{{ HEAT_DBPASS }}@{{ db_host }}/heat
+
+[ec2authtoken]
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+
+[keystone_authtoken]
+auth_uri = http://{{ internal_vip.ip }}:5000/v2.0
+identity_uri = http://{{ internal_vip.ip }}:35357
+admin_tenant_name = service
+admin_user = heat
+admin_password = {{ HEAT_PASS }}
+
diff --git a/deploy/adapters/ansible/roles/heat/vars/Debian.yml b/deploy/adapters/ansible/roles/heat/vars/Debian.yml
new file mode 100644
index 00000000..03787bcb
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/vars/Debian.yml
@@ -0,0 +1,12 @@
+---
+packages:
+  - heat-api
+  - heat-api-cfn
+  - heat-engine
+  - python-heatclient
+
+services:
+  - heat-api
+  - heat-api-cfn
+  - heat-engine
+
diff --git a/deploy/adapters/ansible/roles/heat/vars/RedHat.yml b/deploy/adapters/ansible/roles/heat/vars/RedHat.yml
new file mode 100644
index 00000000..25b318d0
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/vars/RedHat.yml
@@ -0,0 +1,5 @@
+---
+services: []
+
+packages: []
+
diff --git a/deploy/adapters/ansible/roles/heat/vars/main.yml b/deploy/adapters/ansible/roles/heat/vars/main.yml
new file mode 100644
index 00000000..05d75010
--- /dev/null
+++ b/deploy/adapters/ansible/roles/heat/vars/main.yml
@@ -0,0 +1,5 @@
+---
+packages_noarch: []
+
+services_noarch: []
+
diff --git a/deploy/adapters/ansible/roles/keystone/templates/keystone.conf b/deploy/adapters/ansible/roles/keystone/templates/keystone.conf
index fc8bf1f1..b022a084 100644
--- a/deploy/adapters/ansible/roles/keystone/templates/keystone.conf
+++ b/deploy/adapters/ansible/roles/keystone/templates/keystone.conf
@@ -614,7 +614,7 @@ connection = mysql://keystone:{{ KEYSTONE_DBPASS }}@{{ db_host }}/keystone
 # Deprecated group/name - [DEFAULT]/sql_idle_timeout
 # Deprecated group/name - [DATABASE]/sql_idle_timeout
 # Deprecated group/name - [sql]/idle_timeout
-#idle_timeout=3600
+idle_timeout=30
 
 # Minimum number of SQL connections to keep open in a pool
 # (integer value)
diff --git a/deploy/adapters/ansible/roles/keystone/vars/main.yml b/deploy/adapters/ansible/roles/keystone/vars/main.yml
index f3bd4f5f..d743b4ee 100644
--- a/deploy/adapters/ansible/roles/keystone/vars/main.yml
+++ b/deploy/adapters/ansible/roles/keystone/vars/main.yml
@@ -60,6 +60,22 @@ os_services:
     internalurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s"
     adminurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s"
 
+  - name: heat
+    type: orchestration
+    region: regionOne
+    description: "OpenStack Orchestration"
+    publicurl: "http://{{ public_vip.ip }}:8004/v1/%(tenant_id)s"
+    internalurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s"
+    adminurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s"
+
+  - name: heat-cfn
+    type: cloudformation
+    region: regionOne
+    description: "OpenStack CloudFormation Orchestration"
+    publicurl: "http://{{ public_vip.ip }}:8000/v1"
+    internalurl: "http://{{ internal_vip.ip }}:8000/v1"
+    adminurl: "http://{{ internal_vip.ip }}:8000/v1"
+
 os_users:
   - user: admin
     password: "{{ ADMIN_PASS }}"
@@ -109,3 +125,17 @@ os_users:
     role: admin
     tenant: service
     tenant_description: "Service Tenant"
+
+  - user: heat
+    password: "{{ HEAT_PASS }}"
+    email: heat@admin.com
+    role: admin
+    tenant: service
+    tenant_description: "Service Tenant"
+
+  - user: demo
+    password: ""
+    email: heat@demo.com
+    role: heat_stack_user
+    tenant: demo
+    tenant_description: "Demo Tenant"
diff --git a/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml b/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml
index e52b18ff..f010deb8 100755
--- a/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml
+++ b/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml
@@ -43,7 +43,7 @@
 - name: Configure Neutron1
   shell: >
     crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers opendaylight;
-    crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vlan;
+    crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan;
 
 #- name: Adjust Service Daemon
 #  shell: >