diff options
Diffstat (limited to 'deploy/adapters/ansible')
5 files changed, 443 insertions, 19 deletions
diff --git a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml index 6df1d0d9..dd25870b 100644 --- a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml +++ b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml @@ -229,10 +229,3 @@ max_fail_percentage: 0 roles: - ext-network - -- hosts: controller - remote_user: root - accelerate: true - max_fail_percentage: 0 - roles: - - tacker diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tacker.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tacker.j2 new file mode 100644 index 00000000..f1d9125b --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tacker.j2 @@ -0,0 +1,426 @@ +[DEFAULT] +# Print more verbose output (set logging level to INFO instead of default WARNING level). +verbose = True + +# Print debugging output (set logging level to DEBUG instead of default WARNING level). +debug = True + +# Where to store Tacker state files. This directory must be writable by the +# user executing the agent. +state_path = /var/lib/tacker + +# Where to store lock files +lock_path = $state_path/lock + +auth_strategy = keystone +policy_file = /usr/local/etc/tacker/policy.json + +# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s +# log_date_format = %Y-%m-%d %H:%M:%S + +# use_syslog -> syslog +# log_file and log_dir -> log_dir/log_file +# (not log_file) and log_dir -> log_dir/{binary_name}.log +# use_stderr -> stderr +# (not user_stderr) and (not log_file) -> stdout +# publish_errors -> notification system + +use_syslog = False +# syslog_log_facility = LOG_USER + +# use_stderr = True +# log_file = +# log_dir = + +# publish_errors = False + +# Address to bind the API server to +bind_host = {{ internal_ip }} + +# Port the bind the API server to +bind_port = 8888 + +# Path to the extensions. Note that this can be a colon-separated list of +# paths. For example: +# api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions +# The __path__ of tacker.extensions is appended to this, so if your +# extensions are in there you don't need to specify them here +# api_extensions_path = + +# (StrOpt) Tacker core plugin entrypoint to be loaded from the +# tacker.core_plugins namespace. See setup.cfg for the entrypoint names of the +# plugins included in the tacker source distribution. For compatibility with +# previous versions, the class name of a plugin can be specified instead of its +# entrypoint name. +# +# core_plugin = +# Example: core_plugin = ml2 + +# (ListOpt) List of service plugin entrypoints to be loaded from the +# tacker.service_plugins namespace. See setup.cfg for the entrypoint names of +# the plugins included in the tacker source distribution. For compatibility +# with previous versions, the class name of a plugin can be specified instead +# of its entrypoint name. +# +# service_plugins = +# Example: service_plugins = router,firewall,lbaas,vpnaas,metering + +service_plugins = vnfm,nfvo + +# Paste configuration file +# api_paste_config = api-paste.ini + +# The strategy to be used for auth. +# Supported values are 'keystone'(default), 'noauth'. +# auth_strategy = keystone + +# Allow sending resource operation notification to DHCP agent +# dhcp_agent_notification = True + +# Enable or disable bulk create/update/delete operations +# allow_bulk = True +# Enable or disable pagination +# allow_pagination = False +# Enable or disable sorting +# allow_sorting = False +# Enable or disable overlapping IPs for subnets +# Attention: the following parameter MUST be set to False if Tacker is +# being used in conjunction with nova security groups +# allow_overlapping_ips = False +# Ensure that configured gateway is on subnet +# force_gateway_on_subnet = False + + +# RPC configuration options. Defined in rpc __init__ +# The messaging module to use, defaults to kombu. +# rpc_backend = tacker.openstack.common.rpc.impl_kombu +# Size of RPC thread pool +# rpc_thread_pool_size = 64 +# Size of RPC connection pool +# rpc_conn_pool_size = 30 +# Seconds to wait for a response from call or multicall +# rpc_response_timeout = 60 +# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. +# rpc_cast_timeout = 30 +# Modules of exceptions that are permitted to be recreated +# upon receiving exception data from an rpc call. +# allowed_rpc_exception_modules = tacker.openstack.common.exception, nova.exception +# AMQP exchange to connect to if using RabbitMQ or QPID +# control_exchange = tacker + +# If passed, use a fake RabbitMQ provider +# fake_rabbit = False + +# Configuration options if sending notifications via kombu rpc (these are +# the defaults) +# SSL version to use (valid only if SSL enabled) +# kombu_ssl_version = +# SSL key file (valid only if SSL enabled) +# kombu_ssl_keyfile = +# SSL cert file (valid only if SSL enabled) +# kombu_ssl_certfile = +# SSL certification authority file (valid only if SSL enabled) +# kombu_ssl_ca_certs = +# IP address of the RabbitMQ installation +# rabbit_host = localhost +# Password of the RabbitMQ server +# rabbit_password = guest +# Port where RabbitMQ server is running/listening +# rabbit_port = 5672 +# RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) +# rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' +# rabbit_hosts = localhost:5672 +# User ID used for RabbitMQ connections +# rabbit_userid = guest +# Location of a virtual RabbitMQ installation. +# rabbit_virtual_host = / +# Maximum retries with trying to connect to RabbitMQ +# (the default of 0 implies an infinite retry count) +# rabbit_max_retries = 0 +# RabbitMQ connection retry interval +# rabbit_retry_interval = 1 +# Use HA queues in RabbitMQ (x-ha-policy: all). You need to +# wipe RabbitMQ database when changing this option. (boolean value) +# rabbit_ha_queues = false + +# QPID +# rpc_backend=tacker.openstack.common.rpc.impl_qpid +# Qpid broker hostname +# qpid_hostname = localhost +# Qpid broker port +# qpid_port = 5672 +# Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) +# qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' +# qpid_hosts = localhost:5672 +# Username for qpid connection +# qpid_username = '' +# Password for qpid connection +# qpid_password = '' +# Space separated list of SASL mechanisms to use for auth +# qpid_sasl_mechanisms = '' +# Seconds between connection keepalive heartbeats +# qpid_heartbeat = 60 +# Transport to use, either 'tcp' or 'ssl' +# qpid_protocol = tcp +# Disable Nagle algorithm +# qpid_tcp_nodelay = True + +# ZMQ +# rpc_backend=tacker.openstack.common.rpc.impl_zmq +# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. +# The "host" option should point or resolve to this address. +# rpc_zmq_bind_address = * + +# ============ Notification System Options ===================== + +# Notifications can be sent when network/subnet/port are created, updated or deleted. +# There are three methods of sending notifications: logging (via the +# log_file directive), rpc (via a message queue) and +# noop (no notifications sent, the default) + +# Notification_driver can be defined multiple times +# Do nothing driver +# notification_driver = tacker.openstack.common.notifier.no_op_notifier +# Logging driver +# notification_driver = tacker.openstack.common.notifier.log_notifier +# RPC driver. +notification_driver = tacker.openstack.common.notifier.rpc_notifier + +# default_notification_level is used to form actual topic name(s) or to set logging level +# default_notification_level = INFO + +# default_publisher_id is a part of the notification payload +# host = myhost.com +# default_publisher_id = $host + +# Defined in rpc_notifier, can be comma separated values. +# The actual topic names will be %s.%(default_notification_level)s +# notification_topics = notifications + +# Default maximum number of items returned in a single response, +# value == infinite and value < 0 means no max limit, and value must +# be greater than 0. If the number of items requested is greater than +# pagination_max_limit, server will just return pagination_max_limit +# of number of items. +# pagination_max_limit = -1 + +# Maximum number of DNS nameservers per subnet +# max_dns_nameservers = 5 + +# Maximum number of host routes per subnet +# max_subnet_host_routes = 20 + +# Maximum number of fixed ips per port +# max_fixed_ips_per_port = 5 + +# =========== items for agent management extension ============= +# Seconds to regard the agent as down; should be at least twice +# report_interval, to be sure the agent is down for good +# agent_down_time = 75 +# =========== end of items for agent management extension ===== + +# Allow auto scheduling networks to DHCP agent. It will schedule non-hosted +# networks to first DHCP agent which sends get_active_networks message to +# tacker server +# network_auto_schedule = True + +# Allow auto scheduling routers to L3 agent. It will schedule non-hosted +# routers to first L3 agent which sends sync_routers message to tacker server +# router_auto_schedule = True + +# Number of DHCP agents scheduled to host a network. This enables redundant +# DHCP agents for configured networks. +# dhcp_agents_per_network = 1 + +# =========== end of items for agent scheduler extension ===== + +# =========== WSGI parameters related to the API server ============== +# Number of separate worker processes to spawn. The default, 0, runs the +# worker thread in the current process. Greater than 0 launches that number of +# child processes as workers. The parent process manages them. +# api_workers = 0 + +# Number of separate RPC worker processes to spawn. The default, 0, runs the +# worker thread in the current process. Greater than 0 launches that number of +# child processes as RPC workers. The parent process manages them. +# This feature is experimental until issues are addressed and testing has been +# enabled for various plugins for compatibility. +# rpc_workers = 0 + +# Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when +# starting API server. Not supported on OS X. +# tcp_keepidle = 600 + +# Number of seconds to keep retrying to listen +# retry_until_window = 30 + +# Number of backlog requests to configure the socket with. +# backlog = 4096 + +# Max header line to accommodate large tokens +# max_header_line = 16384 + +# Enable SSL on the API server +# use_ssl = False + +# Certificate file to use when starting API server securely +# ssl_cert_file = /path/to/certfile + +# Private key file to use when starting API server securely +# ssl_key_file = /path/to/keyfile + +# CA certificate file to use when starting API server securely to +# verify connecting clients. This is an optional parameter only required if +# API clients need to authenticate to the API server using SSL certificates +# signed by a trusted CA +# ssl_ca_file = /path/to/cafile +# ======== end of WSGI parameters related to the API server ========== + + +# ======== tacker nova interactions ========== +# Send notification to nova when port status is active. +# notify_nova_on_port_status_changes = True + +# Send notifications to nova when port data (fixed_ips/floatingips) change +# so nova can update it's cache. +# notify_nova_on_port_data_changes = True + +# URL for connection to nova (Only supports one nova region currently). +# nova_url = http://127.0.0.1:8774/v2 + +# Name of nova region to use. Useful if keystone manages more than one region +# nova_region_name = + +# Username for connection to nova in admin context +# nova_admin_username = + +# The uuid of the admin nova tenant +# nova_admin_tenant_id = + +# Password for connection to nova in admin context. +# nova_admin_password = + +# Authorization URL for connection to nova in admin context. +# nova_admin_auth_url = + +# CA file for novaclient to verify server certificates +# nova_ca_certificates_file = + +# Boolean to control ignoring SSL errors on the nova url +# nova_api_insecure = False + +# Number of seconds between sending events to nova if there are any events to send +# send_events_interval = 2 + +# ======== end of tacker nova interactions ========== + +[agent] +# Use "sudo tacker-rootwrap /etc/tacker/rootwrap.conf" to use the real +# root filter facility. +# Change to "sudo" to skip the filtering and just run the comand directly +root_helper = sudo /usr/local/bin/tacker-rootwrap /usr/local/etc/tacker/rootwrap.conf + +# =========== items for agent management extension ============= +# seconds between nodes reporting state to server; should be less than +# agent_down_time, best if it is half or less than agent_down_time +# report_interval = 30 + +# =========== end of items for agent management extension ===== + +[keystone_authtoken] +signing_dir = /var/cache/tacker +#cafile = /opt/stack/data/ca-bundle.pem +#project_domain_id = default +project_name = service +#user_domain_id = default +password = console +username = tacker +auth_url = http://{{ internal_vip.ip }}:35357 +auth_plugin = password +identity_uri = http://{{ internal_vip.ip }}:5000 +auth_uri = http://{{ internal_vip.ip }}:5000 + + +[database] +# This line MUST be changed to actually run the plugin. +# Example: +# connection = mysql://root:pass@127.0.0.1:3306/tacker +connection = mysql://tacker:TACKER_DBPASS@{{ internal_vip.ip }}:3306/tacker?charset=utf8 +# Replace 127.0.0.1 above with the IP address of the database used by the +# main tacker server. (Leave it as is if the database runs on this host.) +# connection = sqlite:// +# NOTE: In deployment the [database] section and its connection attribute may +# be set in the corresponding core plugin '.ini' file. However, it is suggested +# to put the [database] section and its connection attribute in this +# configuration file. + +# Database engine for which script will be generated when using offline +# migration +# engine = + +# The SQLAlchemy connection string used to connect to the slave database +# slave_connection = + +# Database reconnection retry times - in event connectivity is lost +# set to -1 implies an infinite retry count +# max_retries = 10 + +# Database reconnection interval in seconds - if the initial connection to the +# database fails +# retry_interval = 10 + +# Minimum number of SQL connections to keep open in a pool +# min_pool_size = 1 + +# Maximum number of SQL connections to keep open in a pool +# max_pool_size = 10 + +# Timeout in seconds before idle sql connections are reaped +# idle_timeout = 3600 + +# If set, use this value for max_overflow with sqlalchemy +# max_overflow = 20 + +# Verbosity of SQL debugging information. 0=None, 100=Everything +# connection_debug = 0 + +# Add python stack traces to SQL as comment strings +# connection_trace = False + +# If set, use this value for pool_timeout with sqlalchemy +# pool_timeout = 10 + +[tacker] +# Specify drivers for hosting device +# infra_driver = heat,nova,noop + +# Specify drivers for mgmt +# mgmt_driver = noop,openwrt + +# Specify drivers for monitoring +# monitor_driver = ping, http_ping + +[nfvo_vim] +# Supported VIM drivers, resource orchestration controllers such as OpenStack, kvm +#Default VIM driver is OpenStack +#vim_drivers = openstack +#Default VIM placement if vim id is not provided +default_vim = VIM0 + +[vim_keys] +#openstack = /etc/tacker/vim/fernet_keys +[tacker_nova] +# parameters for novaclient to talk to nova +region_name = RegionOne +#project_domain_id = default +project_name = service +#user_domain_id = default +password = console +username = nova +auth_url = http://{{ internal_vip.ip }}:35357 +auth_plugin = password + +[tacker_heat] +heat_uri = http://{{ internal_vip.ip }}:8004/v1 +stack_retries = 60 +stack_retry_wait = 5 diff --git a/deploy/adapters/ansible/roles/tacker/tasks/tacker_controller.yml b/deploy/adapters/ansible/roles/tacker/tasks/tacker_controller.yml index 7bdc32e5..52cc3f3e 100755 --- a/deploy/adapters/ansible/roles/tacker/tasks/tacker_controller.yml +++ b/deploy/adapters/ansible/roles/tacker/tasks/tacker_controller.yml @@ -82,15 +82,19 @@ --internalurl 'http://{{ internal_vip.ip }}:8888/' tacker when: inventory_hostname == haproxy_hosts.keys()[0] +- name: install pip packages + shell: > + pip install tosca-parser heat-translator; + - name: install tacker shell: > - . /opt/admin-openrc.sh; pip install tosca-parser; cd {{ tacker_home }}; python setup.py install + . /opt/admin-openrc.sh; cd {{ tacker_home }}; python setup.py install -# - name: create 'tacker' directory in '/var/cache', set ownership and permissions -# shell: > -# sudo mkdir /var/cache/tacker +- name: create 'tacker' directory in '/var/cache', set ownership and permissions + shell: > + mkdir -p /var/cache/tacker # sudo chown <LOGIN_USER>:root /var/cache/tacker -# sudo chmod 700 /var/cache/tacker +# chmod 700 /var/cache/tacker - name: create 'tacker' directory in '/var/log' shell: mkdir -p /var/log/tacker @@ -102,9 +106,10 @@ - name: edit tacker configuration file shell: crudini --merge /usr/local/etc/tacker/tacker.conf < /opt/os_templates/tacker.j2 -#- name: populate tacker database -# shell: > -# . /opt/admin-openrc.sh; /usr/local/bin/tacker-db-manage --config-file /usr/local/etc/tacker/tacker.conf upgrade head +- name: populate tacker database + shell: > + . /opt/admin-openrc.sh; /usr/local/bin/tacker-db-manage --config-file /usr/local/etc/tacker/tacker.conf upgrade head + when: inventory_hostname == haproxy_hosts.keys()[0] - name: install tacker client shell: > diff --git a/deploy/adapters/ansible/roles/tacker/templates/tacker.j2 b/deploy/adapters/ansible/roles/tacker/templates/tacker.j2 index 2e51496e..5bc23473 100644 --- a/deploy/adapters/ansible/roles/tacker/templates/tacker.j2 +++ b/deploy/adapters/ansible/roles/tacker/templates/tacker.j2 @@ -17,7 +17,7 @@ project_name = service [agent] root_helper = sudo /usr/local/bin/tacker-rootwrap /usr/local/etc/tacker/rootwrap.conf -[DATABASE] +[database] connection = mysql://tacker:TACKER_DBPASS@{{ internal_vip.ip }}:3306/tacker?charset=utf8 [servicevm_nova] diff --git a/deploy/adapters/ansible/roles/tacker/vars/main.yml b/deploy/adapters/ansible/roles/tacker/vars/main.yml index 2df4ca3a..0ae6d9ef 100755 --- a/deploy/adapters/ansible/roles/tacker/vars/main.yml +++ b/deploy/adapters/ansible/roles/tacker/vars/main.yml @@ -6,9 +6,9 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## -tacker_pkg_name: tacker-2014.2.0.dev206.tar.gz -tacker_client_pkg_name: python-tackerclient-0.0.1.dev85.tar.gz -tacker_horizon_pkg_name: tacker-horizon-0.0.1.dev687.tar.gz +tacker_pkg_name: tacker-0.3.1.tar.gz +tacker_client_pkg_name: python-tackerclient-0.3.1.tar.gz +tacker_horizon_pkg_name: tacker-horizon-0.3.1.tar.gz tacker_home: /opt/tacker/ tacker_client_home: /opt/tacker_client/ tacker_horizon_home: /opt/tacker_horizon/ |