diff options
Diffstat (limited to 'deploy/adapters')
27 files changed, 326 insertions, 21 deletions
diff --git a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml index 27aef19c..7f61a1cf 100644 --- a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml +++ b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml @@ -232,3 +232,18 @@ max_fail_percentage: 0 roles: - ext-network + +- hosts: controller + remote_user: root + accelerate: true + max_fail_percentage: 0 + roles: + - controller-recovery + +- hosts: compute + remote_user: root + accelerate: true + max_fail_percentage: 0 + roles: + - compute-recovery + diff --git a/deploy/adapters/ansible/openstack_mitaka/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack_mitaka/HA-ansible-multinodes.yml index 25b469e0..7ef467ee 100644 --- a/deploy/adapters/ansible/openstack_mitaka/HA-ansible-multinodes.yml +++ b/deploy/adapters/ansible/openstack_mitaka/HA-ansible-multinodes.yml @@ -241,3 +241,18 @@ max_fail_percentage: 0 roles: - tacker + +- hosts: controller + remote_user: root + accelerate: true + max_fail_percentage: 0 + roles: + - controller-recovery + +- hosts: compute + remote_user: root + accelerate: true + max_fail_percentage: 0 + roles: + - compute-recovery + diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/tasks/main.yml index 5d7f8b60..f49896bf 100644 --- a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/tasks/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/tasks/main.yml @@ -37,6 +37,10 @@ notify: - restart nova-compute services +- name: get number of cpu support virtualization + shell: egrep -c '(vmx|svm)' /proc/cpuinfo + register: kvm_cpu_num + - name: update nova-compute conf template: src={{ item }} dest=/etc/nova/{{ item }} with_items: diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova-compute.conf b/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova-compute.conf new file mode 100644 index 00000000..305d408b --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova-compute.conf @@ -0,0 +1,11 @@ +[DEFAULT] +compute_driver=libvirt.LibvirtDriver +force_raw_images = true +[libvirt] +{% if kvm_cpu_num.stdout_lines[0]|int == 0 %} +virt_type=qemu +{% else %} +virt_type=kvm +{% endif %} +images_type = raw +mem_stats_period_seconds=0 diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 new file mode 100644 index 00000000..aac6c8a2 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 @@ -0,0 +1,4 @@ +[securitygroup] +firewall_driver = neutron.agent.firewall.NoopFirewallDriver +enable_security_group = True + diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/nova.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/nova.j2 new file mode 100644 index 00000000..7dbc216a --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/nova.j2 @@ -0,0 +1,3 @@ +[DEFAULT] +firewall_driver = nova.virt.firewall.NoopFirewallDriver +security_group_api = neutron diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/HA-ansible-multinodes.yml index 1300ab64..c6b1c9ab 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/HA-ansible-multinodes.yml +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/HA-ansible-multinodes.yml @@ -243,3 +243,17 @@ roles: - ext-network +- hosts: controller + remote_user: root + accelerate: true + max_fail_percentage: 0 + roles: + - controller-recovery + +- hosts: compute + remote_user: root + accelerate: true + max_fail_percentage: 0 + roles: + - compute-recovery + diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/tasks/main.yml index c177001d..7bb4f347 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/tasks/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/tasks/main.yml @@ -37,6 +37,10 @@ notify: - restart nova-compute services +- name: get number of cpu support virtualization + shell: egrep -c '(vmx|svm)' /proc/cpuinfo + register: kvm_cpu_num + - name: update nova-compute conf template: src={{ item }} dest=/etc/nova/{{ item }} with_items: diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/templates/nova-compute.conf b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/templates/nova-compute.conf new file mode 100644 index 00000000..305d408b --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/templates/nova-compute.conf @@ -0,0 +1,11 @@ +[DEFAULT] +compute_driver=libvirt.LibvirtDriver +force_raw_images = true +[libvirt] +{% if kvm_cpu_num.stdout_lines[0]|int == 0 %} +virt_type=qemu +{% else %} +virt_type=kvm +{% endif %} +images_type = raw +mem_stats_period_seconds=0 diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/neutron.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/neutron.j2 new file mode 100644 index 00000000..aac6c8a2 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/neutron.j2 @@ -0,0 +1,4 @@ +[securitygroup] +firewall_driver = neutron.agent.firewall.NoopFirewallDriver +enable_security_group = True + diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/nova.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/nova.j2 new file mode 100644 index 00000000..7dbc216a --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/nova.j2 @@ -0,0 +1,3 @@ +[DEFAULT] +firewall_driver = nova.virt.firewall.NoopFirewallDriver +security_group_api = neutron diff --git a/deploy/adapters/ansible/roles/compute-recovery/tasks/main.yml b/deploy/adapters/ansible/roles/compute-recovery/tasks/main.yml new file mode 100644 index 00000000..b333b9e0 --- /dev/null +++ b/deploy/adapters/ansible/roles/compute-recovery/tasks/main.yml @@ -0,0 +1,26 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: Register RECOVERY + set_fact: RECOVERY_ENV={{RECOVERY_ENV | default('False')}} + tags: + - recovery + +- include_vars: "{{ ansible_os_family }}.yml" + when: RECOVERY_ENV + tags: + - recovery + +- name: restart compute services + service: name={{ item }} state=restarted enabled=yes + with_items: compute_services | union(compute_services_noarch) + when: RECOVERY_ENV + tags: + - recovery + diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/Debian.yml b/deploy/adapters/ansible/roles/compute-recovery/vars/Debian.yml index b8d8e7c2..23200a50 100644 --- a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/Debian.yml +++ b/deploy/adapters/ansible/roles/compute-recovery/vars/Debian.yml @@ -7,15 +7,9 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- +compute_services: + - nova-compute + - neutron-openvswitch-agent + - cinder-volume + - ceilometer-agent-compute -cron_path: "/var/spool/cron/crontabs" - -packages: - - keystone - - python-openstackclient - -services: - - apache2 - -apache_config_dir: /etc/apache2 -http_service_name: apache2 diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/admin-openrc-v3.sh b/deploy/adapters/ansible/roles/compute-recovery/vars/RedHat.yml index c3d863e8..c96b062a 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/admin-openrc-v3.sh +++ b/deploy/adapters/ansible/roles/compute-recovery/vars/RedHat.yml @@ -6,14 +6,10 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## -# Verify the Identity Service installation -export OS_PASSWORD={{ ADMIN_PASS }} -export OS_TENANT_NAME=admin -export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v3 -export OS_IDENTITY_API_VERSION=3 -export OS_USERNAME=admin -export OS_VOLUME_API_VERSION=2 -export OS_USER_DOMAIN_NAME=Default -export OS_PROJECT_DOMAIN_NAME=Default - +--- +compute_services: + - openstack-nova-compute + - neutron-openvswitch-agent + - openstack-cinder-volume + - openstack-ceilometer-compute diff --git a/deploy/adapters/ansible/roles/compute-recovery/vars/main.yml b/deploy/adapters/ansible/roles/compute-recovery/vars/main.yml new file mode 100644 index 00000000..c2c0d8ee --- /dev/null +++ b/deploy/adapters/ansible/roles/compute-recovery/vars/main.yml @@ -0,0 +1,10 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +compute_services_noarch: [] diff --git a/deploy/adapters/ansible/roles/controller-recovery/tasks/main.yml b/deploy/adapters/ansible/roles/controller-recovery/tasks/main.yml new file mode 100644 index 00000000..ccf3e46b --- /dev/null +++ b/deploy/adapters/ansible/roles/controller-recovery/tasks/main.yml @@ -0,0 +1,26 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: Register RECOVERY + set_fact: RECOVERY_ENV={{RECOVERY_ENV | default('False')}} + tags: + - recovery + +- include_vars: "{{ ansible_os_family }}.yml" + when: RECOVERY_ENV + tags: + - recovery + +- name: restart controller services + service: name={{ item }} state=restarted enabled=yes + with_items: controller_services | union(controller_services_noarch) + when: RECOVERY_ENV + tags: + - recovery + diff --git a/deploy/adapters/ansible/roles/controller-recovery/vars/Debian.yml b/deploy/adapters/ansible/roles/controller-recovery/vars/Debian.yml new file mode 100644 index 00000000..34675f6b --- /dev/null +++ b/deploy/adapters/ansible/roles/controller-recovery/vars/Debian.yml @@ -0,0 +1,40 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +controller_services: + - keepalived + - apache2 + - nova-api + - nova-cert + - nova-conductor + - nova-consoleauth + - nova-novncproxy + - nova-scheduler + - neutron-server + - cinder-api + - cinder-scheduler + - glance-registry + - glance-api + - openvswitch-switch + - neutron-openvswitch-agent + - neutron-l3-agent + - neutron-dhcp-agent + - neutron-metadata-agent + - ceilometer-agent-central + - ceilometer-agent-notification + - ceilometer-api + - ceilometer-collector + - heat-api + - heat-api-cfn + - heat-engine + - aodh-api + - aodh-notifier + - aodh-evaluator + - aodh-listener + diff --git a/deploy/adapters/ansible/roles/controller-recovery/vars/RedHat.yml b/deploy/adapters/ansible/roles/controller-recovery/vars/RedHat.yml new file mode 100644 index 00000000..35c0a955 --- /dev/null +++ b/deploy/adapters/ansible/roles/controller-recovery/vars/RedHat.yml @@ -0,0 +1,39 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +controller_services: + - keepalived + - httpd + - openstack-nova-api + - openstack-nova-cert + - openstack-nova-conductor + - openstack-nova-consoleauth + - openstack-nova-novncproxy + - openstack-nova-scheduler + - neutron-server + - openstack-cinder-api + - openstack-cinder-scheduler + - openstack-glance-api + - openstack-glance-registry + - neutron-openvswitch-agent + - neutron-l3-agent + - neutron-dhcp-agent + - neutron-metadata-agent + - openstack-ceilometer-central + - openstack-ceilometer-notification + - openstack-ceilometer-api + - openstack-ceilometer-collector + - openstack-heat-api + - openstack-heat-api-cfn + - openstack-heat-engine + - openstack-aodh-api + - openstack-aodh-notifier + - openstack-aodh-evaluator + - openstack-aodh-listener + diff --git a/deploy/adapters/ansible/roles/controller-recovery/vars/main.yml b/deploy/adapters/ansible/roles/controller-recovery/vars/main.yml new file mode 100644 index 00000000..22af29f4 --- /dev/null +++ b/deploy/adapters/ansible/roles/controller-recovery/vars/main.yml @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +controller_services_noarch: [] + diff --git a/deploy/adapters/ansible/roles/database/tasks/main.yml b/deploy/adapters/ansible/roles/database/tasks/main.yml index 124b2639..f28da23b 100644 --- a/deploy/adapters/ansible/roles/database/tasks/main.yml +++ b/deploy/adapters/ansible/roles/database/tasks/main.yml @@ -10,9 +10,13 @@ - include_vars: "{{ ansible_os_family }}.yml" tags: - test_mongo + - recovery - include: mariadb_install.yml + - include: mariadb_cluster.yml + tags: + - recovery - include: mariadb_config.yml when: diff --git a/deploy/adapters/ansible/roles/database/tasks/mariadb_config.yml b/deploy/adapters/ansible/roles/database/tasks/mariadb_config.yml index b18ae8f7..780fc322 100644 --- a/deploy/adapters/ansible/roles/database/tasks/mariadb_config.yml +++ b/deploy/adapters/ansible/roles/database/tasks/mariadb_config.yml @@ -41,6 +41,24 @@ script: remove_user.sh when: ansible_os_family == "RedHat" +- name: restart mysql for centos noha + service: + name: mysql + state: restarted + when: > + inventory_hostname == haproxy_hosts.keys()[0] + and haproxy_hosts|length == 1 + and ansible_os_family == "RedHat" + +- name: restart mysql second time for centos noha + service: + name: mysql + state: restarted + when: > + inventory_hostname == haproxy_hosts.keys()[0] + and haproxy_hosts|length == 1 + and ansible_os_family == "RedHat" + - name: restart first nodes service: name: mysql diff --git a/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml index 1fbada8c..a6e76c74 100644 --- a/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml +++ b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml @@ -17,6 +17,18 @@ lineinfile: dest=/opt/service create=yes line='{{ item }}' with_items: services | union(services_noarch) +# ' + +- name: create heat user domain + shell: > + . /opt/admin-openrc-v3.sh; + openstack domain create --description "Stack projects and users" heat; + openstack user create --domain heat --password {{ HEAT_PASS }} heat_domain_admin; + openstack role add --domain heat --user-domain heat --user heat_domain_admin admin; + openstack role create heat_stack_owner; + openstack role add --project demo --user demo heat_stack_owner; + when: inventory_hostname == groups['controller'][0] and ansible_os_family == "Debian" + - name: update heat conf template: src=heat.j2 dest=/etc/heat/heat.conf @@ -24,4 +36,13 @@ notify: - restart heat service - remove heat-sqlite-db + when: ansible_os_family == "RedHat" +- name: update heat conf + template: src=heat_debian.j2 + dest=/etc/heat/heat.conf + backup=yes + notify: + - restart heat service + - remove heat-sqlite-db + when: ansible_os_family == "Debian" diff --git a/deploy/adapters/ansible/roles/heat/templates/heat_debian.j2 b/deploy/adapters/ansible/roles/heat/templates/heat_debian.j2 new file mode 100644 index 00000000..62df9fd9 --- /dev/null +++ b/deploy/adapters/ansible/roles/heat/templates/heat_debian.j2 @@ -0,0 +1,28 @@ +[DEFAULT] +heat_metadata_server_url = http://{{ internal_vip.ip }}:8000 +heat_waitcondition_server_url = http://{{ internal_vip.ip }}:8000/v1/waitcondition +rpc_backend = rabbit +rabbit_host = {{ rabbit_host }} +rabbit_userid = {{ RABBIT_USER }} +rabbit_password = {{ RABBIT_PASS }} +log_dir = /var/log/heat +stack_domain_admin = heat_domain_admin +stack_domain_admin_password = {{ HEAT_PASS }} +stack_user_domain_name = heat + +[database] +connection = mysql://heat:{{ HEAT_DBPASS }}@{{ db_host }}/heat +idle_timeout = 30 +use_db_reconnect = True +pool_timeout = 10 + +[ec2authtoken] +auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 + +[keystone_authtoken] +auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 +identity_uri = http://{{ internal_vip.ip }}:35357 +admin_tenant_name = service +admin_user = heat +admin_password = {{ HEAT_PASS }} + diff --git a/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml b/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml index ffae8ff0..ea6926f4 100644 --- a/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml +++ b/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml @@ -83,5 +83,6 @@ with_items: - admin-openrc.sh - demo-openrc.sh + - admin-openrc-v3.sh - meta: flush_handlers diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/templates/admin-openrc-v3.sh b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v3.sh index c3d863e8..c3d863e8 100644 --- a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/templates/admin-openrc-v3.sh +++ b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v3.sh diff --git a/deploy/adapters/ansible/roles/keystone/vars/Debian.yml b/deploy/adapters/ansible/roles/keystone/vars/Debian.yml index 67547277..b8d8e7c2 100644 --- a/deploy/adapters/ansible/roles/keystone/vars/Debian.yml +++ b/deploy/adapters/ansible/roles/keystone/vars/Debian.yml @@ -12,6 +12,7 @@ cron_path: "/var/spool/cron/crontabs" packages: - keystone + - python-openstackclient services: - apache2 diff --git a/deploy/adapters/ansible/roles/setup-network/tasks/main.yml b/deploy/adapters/ansible/roles/setup-network/tasks/main.yml index 727b24ea..7873c073 100644 --- a/deploy/adapters/ansible/roles/setup-network/tasks/main.yml +++ b/deploy/adapters/ansible/roles/setup-network/tasks/main.yml @@ -55,6 +55,8 @@ - name: run scripts shell: python /opt/setup_networks/setup_networks.py + tags: + - recovery - name: add to boot scripts service: name=net_init enabled=yes |