diff options
Diffstat (limited to 'deploy')
14 files changed, 137 insertions, 1 deletions
diff --git a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml index 58774e4b..e4c218c0 100644 --- a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml +++ b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml @@ -28,6 +28,7 @@ - ceilometer_controller # - ext-network - dashboard + - heat - hosts: compute remote_user: root diff --git a/deploy/adapters/ansible/openstack/group_vars/all b/deploy/adapters/ansible/openstack/group_vars/all index 5643fcd9..1efcc1c8 100644 --- a/deploy/adapters/ansible/openstack/group_vars/all +++ b/deploy/adapters/ansible/openstack/group_vars/all @@ -24,6 +24,8 @@ NOVA_PASS: nova_secret DASH_DBPASS: dash_db_secret CINDER_DBPASS: cinder_db_secret CINDER_PASS: cinder_secret +HEAT_DBPASS: heat_db_secret +HEAT_PASS: heat_secret NEUTRON_DBPASS: neutron_db_secret NEUTRON_PASS: netron_secret NEUTRON_TYPE_DRIVERS: ['flat', 'gre', 'vxlan'] diff --git a/deploy/adapters/ansible/roles/database/templates/data.j2 b/deploy/adapters/ansible/roles/database/templates/data.j2 index c894b322..109201ab 100644 --- a/deploy/adapters/ansible/roles/database/templates/data.j2 +++ b/deploy/adapters/ansible/roles/database/templates/data.j2 @@ -5,6 +5,7 @@ drop database if exists glance; drop database if exists neutron; drop database if exists nova; drop database if exists cinder; +drop database if exists heat; CREATE DATABASE keystone; {% for host in ['%', 'localhost', inventory_hostname] %} @@ -31,6 +32,11 @@ CREATE DATABASE cinder; GRANT ALL ON cinder.* TO 'cinder'@'{{ host }}' IDENTIFIED BY '{{ CINDER_DBPASS }}'; {% endfor %} +CREATE DATABASE heat; +{% for host in ['%', 'localhost', inventory_hostname] %} +GRANT ALL ON heat.* TO 'heat'@'{{ host }}' IDENTIFIED BY '{{ HEAT_DBPASS }}'; +{% endfor %} + {% if WSREP_SST_USER is defined %} {% for host in ['%', 'localhost', inventory_hostname] %} GRANT ALL ON *.* TO '{{ WSREP_SST_USER }}'@'{{ host }}' IDENTIFIED BY '{{ WSREP_SST_PASS }}'; diff --git a/deploy/adapters/ansible/roles/database/vars/main.yml b/deploy/adapters/ansible/roles/database/vars/main.yml index e71c1d4c..82ed91c0 100644 --- a/deploy/adapters/ansible/roles/database/vars/main.yml +++ b/deploy/adapters/ansible/roles/database/vars/main.yml @@ -20,4 +20,7 @@ credentials: - user: cinder db: cinder password: "{{ CINDER_DBPASS }}" + - user: heat + db: heat + password: "{{ HEAT_DBPASS }}" diff --git a/deploy/adapters/ansible/roles/heat/handlers/main.yml b/deploy/adapters/ansible/roles/heat/handlers/main.yml new file mode 100644 index 00000000..74bcd10a --- /dev/null +++ b/deploy/adapters/ansible/roles/heat/handlers/main.yml @@ -0,0 +1,8 @@ +--- +- name: restart heat service + service: name={{ item }} state=restarted enabled=yes + with_items: services | union(services_noarch) + +- name: remove heat-sqlite-db + shell: rm /var/lib/heat/heat.sqlite || touch heat.sqlite.db.removed + diff --git a/deploy/adapters/ansible/roles/heat/tasks/heat_config.yml b/deploy/adapters/ansible/roles/heat/tasks/heat_config.yml new file mode 100644 index 00000000..739d1aae --- /dev/null +++ b/deploy/adapters/ansible/roles/heat/tasks/heat_config.yml @@ -0,0 +1,9 @@ +--- +- name: heat db sync + shell: su -s /bin/sh -c "heat-manage db_sync" heat + ignore_errors: True + notify: + - restart heat service + +- meta: flush_handlers + diff --git a/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml new file mode 100644 index 00000000..ab23f873 --- /dev/null +++ b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml @@ -0,0 +1,19 @@ +--- +- include_vars: "{{ ansible_os_family }}.yml" + +- name: install heat related packages + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: packages | union(packages_noarch) + +- name: generate heat service list + shell: echo {{ item }} >> /opt/service + with_items: services | union(services_noarch) + +- name: update heat conf + template: src=heat.j2 + dest=/etc/heat/heat.conf + backup=yes + notify: + - restart heat service + - remove heat-sqlite-db + diff --git a/deploy/adapters/ansible/roles/heat/tasks/main.yml b/deploy/adapters/ansible/roles/heat/tasks/main.yml new file mode 100644 index 00000000..cf259eb5 --- /dev/null +++ b/deploy/adapters/ansible/roles/heat/tasks/main.yml @@ -0,0 +1,14 @@ +--- +- include: heat_install.yml + tags: + - install + - heat_install + - heat + +- include: heat_config.yml + when: HA_CLUSTER is not defined or HA_CLUSTER[inventory_hostname] == '' + tags: + - config + - heat_config + - heat + diff --git a/deploy/adapters/ansible/roles/heat/templates/heat.j2 b/deploy/adapters/ansible/roles/heat/templates/heat.j2 new file mode 100644 index 00000000..67beb1ca --- /dev/null +++ b/deploy/adapters/ansible/roles/heat/templates/heat.j2 @@ -0,0 +1,22 @@ +[DEFAULT] +heat_metadata_server_url = http://{{ internal_vip.ip }}:8000 +heat_waitcondition_server_url = http://{{ internal_vip.ip }}:8000/v1/waitcondition +rpc_backend = rabbit +rabbit_host = {{ rabbit_host }} +rabbit_userid = {{ RABBIT_USER }} +rabbit_password = {{ RABBIT_PASS }} +log_dir = /var/log/heat + +[database] +connection = mysql://heat:{{ HEAT_DBPASS }}@{{ db_host }}/heat + +[ec2authtoken] +auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 + +[keystone_authtoken] +auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 +identity_uri = http://{{ internal_vip.ip }}:35357 +admin_tenant_name = service +admin_user = heat +admin_password = {{ HEAT_PASS }} + diff --git a/deploy/adapters/ansible/roles/heat/vars/Debian.yml b/deploy/adapters/ansible/roles/heat/vars/Debian.yml new file mode 100644 index 00000000..03787bcb --- /dev/null +++ b/deploy/adapters/ansible/roles/heat/vars/Debian.yml @@ -0,0 +1,12 @@ +--- +packages: + - heat-api + - heat-api-cfn + - heat-engine + - python-heatclient + +services: + - heat-api + - heat-api-cfn + - heat-engine + diff --git a/deploy/adapters/ansible/roles/heat/vars/RedHat.yml b/deploy/adapters/ansible/roles/heat/vars/RedHat.yml new file mode 100644 index 00000000..25b318d0 --- /dev/null +++ b/deploy/adapters/ansible/roles/heat/vars/RedHat.yml @@ -0,0 +1,5 @@ +--- +services: [] + +packages: [] + diff --git a/deploy/adapters/ansible/roles/heat/vars/main.yml b/deploy/adapters/ansible/roles/heat/vars/main.yml new file mode 100644 index 00000000..05d75010 --- /dev/null +++ b/deploy/adapters/ansible/roles/heat/vars/main.yml @@ -0,0 +1,5 @@ +--- +packages_noarch: [] + +services_noarch: [] + diff --git a/deploy/adapters/ansible/roles/keystone/vars/main.yml b/deploy/adapters/ansible/roles/keystone/vars/main.yml index f3bd4f5f..d743b4ee 100644 --- a/deploy/adapters/ansible/roles/keystone/vars/main.yml +++ b/deploy/adapters/ansible/roles/keystone/vars/main.yml @@ -60,6 +60,22 @@ os_services: internalurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s" adminurl: "http://{{ internal_vip.ip }}:8776/v2/%(tenant_id)s" + - name: heat + type: orchestration + region: regionOne + description: "OpenStack Orchestration" + publicurl: "http://{{ public_vip.ip }}:8004/v1/%(tenant_id)s" + internalurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s" + adminurl: "http://{{ internal_vip.ip }}:8004/v1/%(tenant_id)s" + + - name: heat-cfn + type: cloudformation + region: regionOne + description: "OpenStack CloudFormation Orchestration" + publicurl: "http://{{ public_vip.ip }}:8000/v1" + internalurl: "http://{{ internal_vip.ip }}:8000/v1" + adminurl: "http://{{ internal_vip.ip }}:8000/v1" + os_users: - user: admin password: "{{ ADMIN_PASS }}" @@ -109,3 +125,17 @@ os_users: role: admin tenant: service tenant_description: "Service Tenant" + + - user: heat + password: "{{ HEAT_PASS }}" + email: heat@admin.com + role: admin + tenant: service + tenant_description: "Service Tenant" + + - user: demo + password: "" + email: heat@demo.com + role: heat_stack_user + tenant: demo + tenant_description: "Demo Tenant" diff --git a/deploy/conf/base.conf b/deploy/conf/base.conf index 3f8361fe..45970a05 100644 --- a/deploy/conf/base.conf +++ b/deploy/conf/base.conf @@ -18,7 +18,7 @@ export SUBNETS="10.1.0.0/24,172.16.2.0/24,172.16.3.0/24,172.16.4.0/24" export MANAGEMENT_IP_START=${MANAGEMENT_IP_START:-'10.1.0.50'} export MANAGEMENT_INTERFACE=${MANAGEMENT_INTERFACE:-eth0} export DASHBOARD_URL="" -export ENABLE_SECGROUP="false" +export ENABLE_SECGROUP="true" export ENABLE_VPNAAS="false" export ENABLE_FWAAS="false" |