From 53916ab0e407f29b33a72c721f424284567636ce Mon Sep 17 00:00:00 2001
From: Harry Huang <huangxiangyu5@huawei.com>
Date: Mon, 23 Jan 2017 15:38:52 +0800
Subject: Congress support for Newton

Modification:
  1.Add congress support in deploy/compass_conf
  2.Optimize congress role to be more independant.
    Separate congress role into install, keystone,
    database, start.
  3.Support both ubuntu and centos

Change-Id: I1c9a458addd84133652fb7c0563bc287d161d129
Signed-off-by: Harry Huang <huangxiangyu5@huawei.com>
---
 .../ansible/openstack/HA-ansible-multinodes.yml    |  1 +
 .../ansible/roles/congress/files/congress.service  | 19 ------
 .../ansible/roles/congress/handlers/main.yml       |  0
 .../roles/congress/tasks/congress_config.yml       | 17 ------
 .../roles/congress/tasks/congress_database.yml     | 34 +++++++++++
 .../ansible/roles/congress/tasks/congress_db.yml   | 27 ---------
 .../roles/congress/tasks/congress_install.yml      | 10 ++--
 .../roles/congress/tasks/congress_keystone.yml     | 70 ++++++++++++++++++++++
 .../roles/congress/tasks/congress_start.yml        | 12 ++++
 .../adapters/ansible/roles/congress/tasks/main.yml | 27 ++++++++-
 .../ansible/roles/congress/templates/api-paste.ini |  0
 .../ansible/roles/congress/templates/congress.conf |  0
 .../roles/congress/templates/congress.service      | 19 ++++++
 .../ansible/roles/congress/templates/policy.json   |  0
 .../ansible/roles/congress/vars/Debian.yml         |  9 +--
 .../ansible/roles/congress/vars/RedHat.yml         | 18 ++++++
 .../adapters/ansible/roles/congress/vars/main.yml  | 22 +++++++
 .../HA-ansible-multinodes-newton.conf              |  4 ++
 .../vars/HA-ansible-multinodes.tmpl                |  4 ++
 19 files changed, 218 insertions(+), 75 deletions(-)
 delete mode 100644 deploy/adapters/ansible/roles/congress/files/congress.service
 mode change 100644 => 100755 deploy/adapters/ansible/roles/congress/handlers/main.yml
 delete mode 100644 deploy/adapters/ansible/roles/congress/tasks/congress_config.yml
 create mode 100755 deploy/adapters/ansible/roles/congress/tasks/congress_database.yml
 delete mode 100644 deploy/adapters/ansible/roles/congress/tasks/congress_db.yml
 mode change 100644 => 100755 deploy/adapters/ansible/roles/congress/tasks/congress_install.yml
 create mode 100755 deploy/adapters/ansible/roles/congress/tasks/congress_keystone.yml
 create mode 100755 deploy/adapters/ansible/roles/congress/tasks/congress_start.yml
 mode change 100644 => 100755 deploy/adapters/ansible/roles/congress/tasks/main.yml
 mode change 100644 => 100755 deploy/adapters/ansible/roles/congress/templates/api-paste.ini
 mode change 100644 => 100755 deploy/adapters/ansible/roles/congress/templates/congress.conf
 create mode 100755 deploy/adapters/ansible/roles/congress/templates/congress.service
 mode change 100644 => 100755 deploy/adapters/ansible/roles/congress/templates/policy.json
 mode change 100644 => 100755 deploy/adapters/ansible/roles/congress/vars/Debian.yml
 create mode 100755 deploy/adapters/ansible/roles/congress/vars/RedHat.yml
 mode change 100644 => 100755 deploy/adapters/ansible/roles/congress/vars/main.yml

(limited to 'deploy')

diff --git a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
index 8398ca76..5e729cf3 100644
--- a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
+++ b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
@@ -77,6 +77,7 @@
     - dashboard
     - heat
     - aodh
+    - congress
 
 - hosts: all
   remote_user: root
diff --git a/deploy/adapters/ansible/roles/congress/files/congress.service b/deploy/adapters/ansible/roles/congress/files/congress.service
deleted file mode 100644
index 4ec26c8c..00000000
--- a/deploy/adapters/ansible/roles/congress/files/congress.service
+++ /dev/null
@@ -1,19 +0,0 @@
-[Unit]
-Description=OpenStack Congress server
-After=
-
-[Service]
-User=root
-Group=root
-Type=simple
-WorkingDirectory=/var/lib/congress
-PermissionsStartOnly=true
-ExecStartPre=/bin/mkdir -p /var/lock/congress /var/log/congress /var/lib/congress
-ExecStartPre=/usr/bin/touch /var/log/congress/congress.log
-ExecStart=/usr/local/bin/congress-server --config-file /etc/congress/congress.conf
-Restart=on-failure
-LimitNOFILE=65535
-TimeoutStopSec=15
-
-[Install]
-WantedBy=multi-user.target
diff --git a/deploy/adapters/ansible/roles/congress/handlers/main.yml b/deploy/adapters/ansible/roles/congress/handlers/main.yml
old mode 100644
new mode 100755
diff --git a/deploy/adapters/ansible/roles/congress/tasks/congress_config.yml b/deploy/adapters/ansible/roles/congress/tasks/congress_config.yml
deleted file mode 100644
index c85057e8..00000000
--- a/deploy/adapters/ansible/roles/congress/tasks/congress_config.yml
+++ /dev/null
@@ -1,17 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-- name: congress db sync
-  shell: |
-    /usr/local/bin/congress-db-manage \
-        --config-file /etc/congress/congress.conf upgrade head
-  when: inventory_hostname == haproxy_hosts.keys()[0]
-
-- name: start congress service
-  shell: systemctl start congress.service
diff --git a/deploy/adapters/ansible/roles/congress/tasks/congress_database.yml b/deploy/adapters/ansible/roles/congress/tasks/congress_database.yml
new file mode 100755
index 00000000..009e3488
--- /dev/null
+++ b/deploy/adapters/ansible/roles/congress/tasks/congress_database.yml
@@ -0,0 +1,34 @@
+#############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+- name: create congress db
+  mysql_db:
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+    name: "{{ item.db }}"
+    state: present
+  with_items: "{{ congress_database }}"
+
+- name: create congress db user
+  mysql_user:
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+    name: "{{ item[0].user }}"
+    password: "{{ item[0].password }}"
+    priv: "*.*:ALL,GRANT"
+    host: "{{ item[1] }}"
+    state: present
+  with_nested:
+    - "{{ congress_database }}"
+    - ['%', 'localhost']
+
+- name: congress db sync
+  shell: |
+    "{{ congress_path }}"/congress-db-manage \
+        --config-file /etc/congress/congress.conf upgrade head
+  notify:
+    - restart congress services
diff --git a/deploy/adapters/ansible/roles/congress/tasks/congress_db.yml b/deploy/adapters/ansible/roles/congress/tasks/congress_db.yml
deleted file mode 100644
index 16832eaa..00000000
--- a/deploy/adapters/ansible/roles/congress/tasks/congress_db.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-##############################################################################
-# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-- name: create congress db
-  mysql_db:
-    login_unix_socket: /var/run/mysqld/mysqld.sock
-    name: "{{ item.db }}"
-    state: present
-  with_items: "{{ credentials }}"
-
-- name: create congress db user
-  mysql_user:
-    login_unix_socket: /var/run/mysqld/mysqld.sock
-    name: "{{ item[0].user }}"
-    password: "{{ item[0].password }}"
-    priv: "*.*:ALL,GRANT"
-    host: "{{ item[1] }}"
-    state: present
-  with_nested:
-    - "{{ credentials }}"
-    - ['%', 'localhost']
diff --git a/deploy/adapters/ansible/roles/congress/tasks/congress_install.yml b/deploy/adapters/ansible/roles/congress/tasks/congress_install.yml
old mode 100644
new mode 100755
index 4269b5e6..40d5d78e
--- a/deploy/adapters/ansible/roles/congress/tasks/congress_install.yml
+++ b/deploy/adapters/ansible/roles/congress/tasks/congress_install.yml
@@ -7,11 +7,9 @@
 # http://www.apache.org/licenses/LICENSE-2.0
 ##############################################################################
 ---
-- include_vars: "{{ ansible_os_family }}.yml"
-
 - name: install congress packages
   pip: name={{ item }} state=present
-  with_items: "{{ packages }}"
+  with_items: "{{ pip_packages | union(packages_noarch) }}"
 
 - name: create congress etc directory
   file: path=/etc/congress state=directory
@@ -23,9 +21,13 @@
     - congress.conf
     - api-paste.ini
     - policy.json
+  notify:
+    - restart congress services
 
 - name: create congress service
-  copy: src=congress.service dest=/lib/systemd/system/
+  template: src=congress.service dest=/lib/systemd/system/
+  notify:
+    - restart congress services
 
 - name: create congress service work dir
   file: path=/var/lib/congress state=directory
diff --git a/deploy/adapters/ansible/roles/congress/tasks/congress_keystone.yml b/deploy/adapters/ansible/roles/congress/tasks/congress_keystone.yml
new file mode 100755
index 00000000..b7f00b88
--- /dev/null
+++ b/deploy/adapters/ansible/roles/congress/tasks/congress_keystone.yml
@@ -0,0 +1,70 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+###############################################################################
+---
+- name: add service
+  os_keystone_service:
+    cloud: opnfv
+    name: "{{ item.name }}"
+    description: "{{ item.description }}"
+    service_type: "{{ item.type }}"
+  with_items: "{{ congress_service }}"
+
+- name: add user
+  os_user:
+    cloud: opnfv
+    domain: default
+    name: "{{ item.user }}"
+    password: "{{ item.password }}"
+    default_project: "{{ item.tenant }}"
+    email: "{{ item.email }}"
+  with_items: "{{ congress_user }}"
+
+- name: grant roles
+  os_user_role:
+    cloud: opnfv
+    user: "{{ item.user }}"
+    role: "{{ item.role }}"
+    project: "{{ item.tenant }}"
+  with_items: "{{ congress_user }}"
+
+- name: create admin url for service's endpoint
+  keystone_endpoint:
+    cloud: opnfv
+    endpoint_type: admin
+    name: "{{ item.name }}"
+    service_type: "{{ item.type }}"
+    state: present
+    interface: admin
+    region: "{{ item.region}}"
+    url: "{{ item.adminurl }}"
+  with_items: "{{ congress_service }}"
+
+- name: create internal url for service's endpoint
+  keystone_endpoint:
+    cloud: opnfv
+    endpoint_type: admin
+    name: "{{ item.name }}"
+    service_type: "{{ item.type }}"
+    state: present
+    interface: internal
+    region: "{{ item.region}}"
+    url: "{{ item.internalurl }}"
+  with_items: "{{ congress_service }}"
+
+- name: create public url for service'e endpoint
+  keystone_endpoint:
+    cloud: opnfv
+    endpoint_type: admin
+    name: "{{ item.name }}"
+    service_type: "{{ item.type }}"
+    state: present
+    interface: public
+    region: "{{ item.region}}"
+    url: "{{ item.publicurl }}"
+  with_items: "{{ congress_service }}"
diff --git a/deploy/adapters/ansible/roles/congress/tasks/congress_start.yml b/deploy/adapters/ansible/roles/congress/tasks/congress_start.yml
new file mode 100755
index 00000000..1d7d5e52
--- /dev/null
+++ b/deploy/adapters/ansible/roles/congress/tasks/congress_start.yml
@@ -0,0 +1,12 @@
+##############################################################################
+## Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+##
+## All rights reserved. This program and the accompanying materials
+## are made available under the terms of the Apache License, Version 2.0
+## which accompanies this distribution, and is available at
+## http://www.apache.org/licenses/LICENSE-2.0
+###############################################################################
+---
+- name: start congress services
+  service: name={{ item }} state=started enabled=yes
+  with_items: "{{ services | union(services_noarch) }}"
diff --git a/deploy/adapters/ansible/roles/congress/tasks/main.yml b/deploy/adapters/ansible/roles/congress/tasks/main.yml
old mode 100644
new mode 100755
index f8056d15..6aad108f
--- a/deploy/adapters/ansible/roles/congress/tasks/main.yml
+++ b/deploy/adapters/ansible/roles/congress/tasks/main.yml
@@ -7,10 +7,33 @@
 # http://www.apache.org/licenses/LICENSE-2.0
 ##############################################################################
 ---
+- include_vars: "{{ ansible_os_family }}.yml"
+  tags:
+    - install
+    - start
+
 - include: congress_install.yml
+  tags:
+    - install
 
-- include: congress_db.yml
+- include: congress_keystone.yml
   when:
     - inventory_hostname == haproxy_hosts.keys()[0]
+  tags:
+    - keystone
+
+- include: congress_database.yml
+  when:
+    - inventory_hostname == haproxy_hosts.keys()[0]
+  tags:
+    - database
+
+- include: congress_start.yml
+  tags:
+    - start
 
-- include: congress_config.yml
+- meta: flush_handlers
+  tags:
+    - install
+    - keystone
+    - database
diff --git a/deploy/adapters/ansible/roles/congress/templates/api-paste.ini b/deploy/adapters/ansible/roles/congress/templates/api-paste.ini
old mode 100644
new mode 100755
diff --git a/deploy/adapters/ansible/roles/congress/templates/congress.conf b/deploy/adapters/ansible/roles/congress/templates/congress.conf
old mode 100644
new mode 100755
diff --git a/deploy/adapters/ansible/roles/congress/templates/congress.service b/deploy/adapters/ansible/roles/congress/templates/congress.service
new file mode 100755
index 00000000..f92ee1b6
--- /dev/null
+++ b/deploy/adapters/ansible/roles/congress/templates/congress.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=OpenStack Congress server
+After=
+
+[Service]
+User=root
+Group=root
+Type=simple
+WorkingDirectory=/var/lib/congress
+PermissionsStartOnly=true
+ExecStartPre=/bin/mkdir -p /var/lock/congress /var/log/congress /var/lib/congress
+ExecStartPre=/usr/bin/touch /var/log/congress/congress.log
+ExecStart={{ congress_path }}/congress-server --config-file /etc/congress/congress.conf
+Restart=on-failure
+LimitNOFILE=65535
+TimeoutStopSec=15
+
+[Install]
+WantedBy=multi-user.target
diff --git a/deploy/adapters/ansible/roles/congress/templates/policy.json b/deploy/adapters/ansible/roles/congress/templates/policy.json
old mode 100644
new mode 100755
diff --git a/deploy/adapters/ansible/roles/congress/vars/Debian.yml b/deploy/adapters/ansible/roles/congress/vars/Debian.yml
old mode 100644
new mode 100755
index 36aba73e..1f0820c8
--- a/deploy/adapters/ansible/roles/congress/vars/Debian.yml
+++ b/deploy/adapters/ansible/roles/congress/vars/Debian.yml
@@ -7,15 +7,12 @@
 # http://www.apache.org/licenses/LICENSE-2.0
 ##############################################################################
 ---
-packages:
+pip_packages:
   - congress
   - python-congressclient
   - python-cloudfoundryclient
 
-service:
+services:
   - congress
 
-credentials:
-  - user: congress
-    db: congress
-    password: "{{ CONGRESS_DBPASS }}"
+congress_path: /usr/local/bin
diff --git a/deploy/adapters/ansible/roles/congress/vars/RedHat.yml b/deploy/adapters/ansible/roles/congress/vars/RedHat.yml
new file mode 100755
index 00000000..0b5e9678
--- /dev/null
+++ b/deploy/adapters/ansible/roles/congress/vars/RedHat.yml
@@ -0,0 +1,18 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+pip_packages:
+  - congress
+  - python-congressclient
+  - python-cloudfoundryclient
+
+services:
+  - congress
+
+congress_path: /usr/bin
diff --git a/deploy/adapters/ansible/roles/congress/vars/main.yml b/deploy/adapters/ansible/roles/congress/vars/main.yml
old mode 100644
new mode 100755
index f6fef749..18c4c845
--- a/deploy/adapters/ansible/roles/congress/vars/main.yml
+++ b/deploy/adapters/ansible/roles/congress/vars/main.yml
@@ -10,3 +10,25 @@
 packages_noarch: []
 
 services_noarch: []
+
+congress_service:
+  - name: congress
+    type: policy
+    region: RegionOne
+    description: "OpenStack Policy Service"
+    publicurl: "http://{{ public_vip.ip }}:1789"
+    internalurl: "http://{{ internal_vip.ip }}:1789"
+    adminurl: "http://{{ internal_vip.ip }}:1789"
+
+congress_user:
+  - user: congress
+    password: "{{ CONGRESS_PASS }}"
+    email: congress@admin.com
+    role: admin
+    tenant: service
+    tenant_description: "Service Tenant"
+
+congress_database:
+  - user: congress
+    db: congress
+    password: "{{ CONGRESS_DBPASS }}"
diff --git a/deploy/compass_conf/flavor_mapping/HA-ansible-multinodes-newton.conf b/deploy/compass_conf/flavor_mapping/HA-ansible-multinodes-newton.conf
index 9dcdfc5f..702f89cd 100755
--- a/deploy/compass_conf/flavor_mapping/HA-ansible-multinodes-newton.conf
+++ b/deploy/compass_conf/flavor_mapping/HA-ansible-multinodes-newton.conf
@@ -54,6 +54,10 @@ CONFIG_MAPPING = {
                 "heat": {
                     "username": "heat",
                     "password": "heat"
+                },
+                "policy": {
+                    "username": "congress",
+                    "password": "congress"
                 }
             }
         }
diff --git a/deploy/compass_conf/templates/ansible_installer/openstack_newton/vars/HA-ansible-multinodes.tmpl b/deploy/compass_conf/templates/ansible_installer/openstack_newton/vars/HA-ansible-multinodes.tmpl
index 2205431b..b56a0b15 100755
--- a/deploy/compass_conf/templates/ansible_installer/openstack_newton/vars/HA-ansible-multinodes.tmpl
+++ b/deploy/compass_conf/templates/ansible_installer/openstack_newton/vars/HA-ansible-multinodes.tmpl
@@ -115,6 +115,8 @@ ERLANG_TOKEN: YOWSJSJIGGAUFZTIBRAD
 #set ceilometer_pass = $console_credentials.metering.password
 #set aodh_dbpass = $credentials.alarming.password
 #set aodh_pass = $console_credentials.alarming.password
+#set congress_dbpass = $credentials.policy.password
+#set congress_pass = $console_credentials.policy.password
 #set admin_pass = $console_credentials.admin.password
 #set demo_pass = $console_credentials.demo.password
 
@@ -153,6 +155,8 @@ NEUTRON_DBPASS: $neutron_dbpass
 NEUTRON_PASS: $neutron_pass
 HEAT_DBPASS: $heat_dbpass
 HEAT_PASS: $heat_pass
+CONGRESS_DBPASS: $congress_dbpass
+CONGRESS_PASS: $congress_pass
 DEMO_PASS: $demo_pass
 ADMIN_PASS: $admin_pass
 
-- 
cgit 1.2.3-korg