diff options
-rw-r--r-- | components/congress/ansible/README.txt | 199 | ||||
-rw-r--r-- | components/congress/ansible/config.yml | 65 | ||||
-rw-r--r-- | components/congress/ansible/deploy_congress.yml | 2 | ||||
-rw-r--r-- | components/congress/ansible/hosts.ini | 3 | ||||
-rw-r--r-- | components/congress/ansible/roles/deploy/tasks/main.yml | 250 | ||||
-rw-r--r-- | components/congress/ansible/roles/deploy/templates/congress-api.service | 11 | ||||
-rw-r--r-- | components/congress/ansible/roles/deploy/templates/congress.conf | 25 |
7 files changed, 506 insertions, 49 deletions
diff --git a/components/congress/ansible/README.txt b/components/congress/ansible/README.txt new file mode 100644 index 0000000..a5f79fc --- /dev/null +++ b/components/congress/ansible/README.txt @@ -0,0 +1,199 @@ +# This file contains instructions for installing Congress on a Centos7 OPNFV jumphost using Ansible +# Details are sparse so far - a user guide will be written +# Some of these instructions may already have been completed in the copper git Ansible installer files + +# INSTALLING + +# update +sudo yum -y update + +# install ansible (likely already installed) +sudo yum install ansible + +# if you got a Dropbox-related error in ansible installation, disable dropbox and repeat ansible install +sudo yum-config-manager --disable Dropbox + +# install sshpass (needed for ansible-playbook call with password authentication) +sudo yum install sshpass + +# download https://launchpad.net/congress/kilo/2015.1.0/+download/congress-2015.1.0.tar.gz and save in /tmp/congress-2015.1.0.tar.gz +wget https://launchpad.net/congress/kilo/2015.1.0/+download/congress-2015.1.0.tar.gz -O /tmp/congress-2015.1.0.tar.gz + +# clone copper +mkdir ~/git +cd ~/git +git clone https://gerrit.opnfv.org/gerrit/copper + +# edit hosts.ini and add your controller IP address +gedit ~/git/copper/components/congress/ansible/hosts.ini +[congress_prod_host] +(your controller IP) + +# edit deploy_congress.yml and add your controller IP address +# note: this should not be needed, unless the "congress_prod_host" setting in hosts.ini is not picked up for some reason (?) +gedit ~/git/copper/components/congress/ansible/deploy_congress.yml +- hosts: (your controller IP) + +# edit config.yml and set authRegion per your openstack install, your controller IP address where needed, publicEndpoint = http:// (not https://) +gedit ~/git/copper/components/congress/ansible/config.yml +authRegion: RegionOne +publicEndpoint = http://(your controller IP):1789/ +internalEndpoint = http://(your controller IP):1789/ +adminEndpoint = http://(your controller IP):1789/ +mysqlDBIP: (your controller IP) + +# edit congress.conf and set +# bind_host to controller IP address +# "auth_strategy = noauth" for testing +# drivers per the list to test (leave out swift due to issues below) +# TODO: auth_strategy noauth is needed to overcome some issue with keystone auth (debug needed) +gedit ~/git/copper/components/congress/ansible/roles/deploy/templates/congress.conf +bind_host = (your controller IP) +auth_strategy = noauth +drivers = congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources.keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver,congress.datasources.swift_driver.SwiftDriver + +# add controller host IP to /etc/ansible/hosts +sudo vi /etc/ansible/hosts + +# run the ansible playbook +ansible-playbook -vvv -u root -k deploy_congress.yml + +# use --start-at-task="task" when restarting to avoid idempotency errors (steps which fail because they have already completed and can't be completed successfully twice) +ansible-playbook -vvv -u root -k deploy_congress.yml --start-at-task="install datasource drivers" + +# install congress API test driver +# install lamp server: see https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-centos-7 +sudo yum -y install httpd +sudo yum -y install php +sudo cp -r ~/git/copper/test/congress/driver/www/html/ /var/www/ +sudo cp ~/git/copper/test/congress/driver/www/httpd.conf /etc/httpd/conf +sudo systemctl start httpd.service + +# UNINSTALLING +# Ansible uninstaller will be developed... for now manual uninstall +# On the controller +openstack endpoint list --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +openstack endpoint delete <id> --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +openstack service list --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +openstack service delete <id> --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +systemctl stop congress-api +sudo rm /etc/init/congress-api.conf +sudo rm -r /opt/congress +sudo rm -r /opt/congress-2015.1.0 +sudo rm -r /var/log/congress +sudo rm -r /usr/lib/python2.7/site-packages/python_congressclient-2015.1.0.dist-info +sudo rm -r /usr/lib/python2.7/site-packages/congressclient/ +sudo rm -r /usr/lib/python2.7/site-packages/congress-2015.1.0-py2.7.egg-info +sudo rm -r /etc/congress +sudo rm -r /tmp/congress-2015.1.0.tar.gz +sudo rm -r /tmp/congress.tar.gz +sudo rm -r /var/lib/mysql/congress +sudo rm -r /var/spool/mail/congress +sudo rm -r /usr/bin/congress-server +sudo rm -r /usr/bin/congress-db-manage +sudo rm -r /usr/lib/python2.7/site-packages/congress +sudo rm /usr/lib/systemd/system/congress-api.service +sudo userdel -r congress +find / | grep congress + +# find ID of the installed congress services, and remove +openstack service list --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +openstack service delete <id> --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 + + +# DEBUGGING RAW NOTES + +# various attempts to get a auth token (failed) +# found SSL issues with creating datasources; set config.yml publicEndpoint to http:// to fix +# to remove endpoints (to cleanup from incorrectly provisoned endpoints) +keystone endpoint-list +keystone endpoint-delete <id> fa7c4b72faef402a919d50e5374705a9 + +# various issues resulted from trying to create the swift datasource driver. removed for now (see congress.conf notes above) +# server errors reading datasources +2015-11-20 20:02:59.398 17478 ERROR congress.api.application [-] Traceback (most recent call last): + File "/opt/congress/congress/api/application.py", line 47, in __call__ + response = handler.handle_request(request) + File "/opt/congress/congress/api/webservice.py", line 351, in handle_request + return self.list_members(request) + File "/opt/congress/congress/api/webservice.py", line 375, in list_members + context=self._get_context(request)) + File "/opt/congress/congress/api/datasource_model.py", line 52, in get_items + datasources = self.datasource_mgr.get_datasources(filter_secret=True) + File "/opt/congress/congress/managers/datasource.py", line 138, in get_datasources + hide_fields = cls.get_driver_info(result['driver'])['secret'] +KeyError: 'secret' + +vi /opt/congress/congress/managers/datasource.py +remove + if filter_secret: + hide_fields = cls.get_driver_info(result['driver'])['secret'] + for hide_field in hide_fields: + result['config'][hide_field] = "<hidden>" +(didn't help) + +2015-11-20 19:58:13.021 17478 ERROR congress.api.application [-] Traceback (most recent call last): + File "/opt/congress/congress/api/application.py", line 47, in __call__ + response = handler.handle_request(request) + File "/opt/congress/congress/api/webservice.py", line 351, in handle_request + return self.list_members(request) + File "/opt/congress/congress/api/webservice.py", line 375, in list_members + context=self._get_context(request)) + File "/opt/congress/congress/api/datasource_model.py", line 52, in get_items + datasources = self.datasource_mgr.get_datasources(filter_secret=True) + File "/opt/congress/congress/managers/datasource.py", line 138, in get_datasources + return results +KeyError: 'secret' + +openstack congress datasource create ceilometer "ceilometer" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create cinder "cinder" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create glancev2 "glancev2" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create keystone "keystone" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create neutronv2 "neutronv2" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create nova "nova" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create swift "swift" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + + ++++++++++++++++++++ +curl -s -X POST http://192.168.1.204:5000/v2.0/tokens \ + -H "Content-Type: application/json" \ + -d '{"auth": {"tenantName": "'"$OS_TENANT_NAME"'", "passwordCredentials": + {"username": "'"$OS_USERNAME"'", "password": "'"$OS_PASSWORD"'"}}}' \ + | python -m json.tool + +export OS_TOKEN=(token from the response) + +curl -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' -H "Content-type: application/json" http://192.168.1.204:35357/v2.0/tokens | python -m json.tool + +curl -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' -H "Content-type: application/json" http://192.168.1.204:5000/v2.0/tokens + +curl -v -s -X POST http://192.168.1.204:5000/v2.0/tokens -H "Content-Type: application/json" -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' + +curl -v -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' http://192.168.1.204:1789/v1/policies + +curl -v -d '{"auth": {"tenantName": "'"$OS_TENANT_NAME"'", "passwordCredentials": + {"username": "'"$OS_USERNAME"'", "password": "'"$OS_PASSWORD"'"}}}' http://192.168.1.204:1789/v1/policies + + +curl -i \ + -H "Content-Type: application/json" \ + -H "X-Auth-Token: $OS_TOKEN" \ + -d ' +{ "auth": { + "identity": { + "methods": ["token"], + "token": { + "id": "'$OS_TOKEN'" + } + } + } +}' \ +http://192.168.1.204:1789/v1/policies ; echo + + diff --git a/components/congress/ansible/config.yml b/components/congress/ansible/config.yml index 0db4e33..7fd127d 100644 --- a/components/congress/ansible/config.yml +++ b/components/congress/ansible/config.yml @@ -1,45 +1,65 @@ --- -#Openstack Congress Ansible installer answer file -#Jacob Cherkas <cherkasj@vmware.com> - -#temp directory used to build congress dependencies +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# What this is: An Ansible installer answer file for installing OpenStack Congress on Centos 7. +# Status: testing in progress +# + +# temp directory used to build congress dependencies tempDir: /tmp -#directory where the binary venv package will be built +# directory where the binary venv package will be built virtualPackageDir: /var/tmp -#packge version -congressVersion: "2014.1.4-1" +# package version +congressVersion: "2015.1.0" -#directory where to install congress. This should only be the base directory and not the full path. We will create the congress folder automatically -installDir: /opt/ +# directory where to install congress. This should only be the base directory and not the full path. We will create the congress folder automatically +installDir: /opt -#initialize congress services, keystone endpoint, congress user creation and database initialization. -#if this is the first time you are installing then set init = True. For subsequent install or upgrades -#set donInit = False +# If this is the first time you are installing then set init = True. For subsequent install or upgrades set init = False +# You can also use the --start-at-task="(name)" and --step options to re-run and skip non-idempotent steps +# (non-idempotent means the step will fail if already completed) init: "True" +# This section contains the answers for all "init" (initial install) steps to +# initialize congress services, keystone endpoint, congress user creation and database initialization. #--------- start init --------- +#hostIP +hostIP: 192.168.10.6 + #public endpoint -publicEndpoint: https://snsj54.vctlab.com:1789/ +publicEndpoint: http://192.168.10.6:1789/ #internal endpoint -internalEndpoint: http://snsj54.vctlab.com:1789/ +internalEndpoint: http://192.168.10.6:1789/ #admin endpoint -adminEndpoint: http://snsj54.vctlab.com:1789/ +adminEndpoint: http://192.168.10.6:1789/ #keystone admin user -keystoneAdminUser: blsaws +keystoneAdminUser: admin #keystone admin password -keystoneAdminPassword: SHOULD@manner@11 +keystoneAdminPassword: octopus #keystone auth_url -#keystoneAuthURL: http://keystone_server:35357/v2.0 +#keystoneAuthURL: http://192.168.10.6:35357/v2.0 #keystone auth_host -keystoneAuthHost: snsj54.vctlab.com +keystoneAuthHost: localhost #keystone auth protocal (http or https) keystoneAuthProto: http @@ -48,7 +68,7 @@ keystoneAuthProto: http adminTenantName: admin #region -authRegion: sddc +authRegion: RegionOne #congress admin username congressAdminUser: congress @@ -57,10 +77,11 @@ congressAdminUser: congress congressAdminPassword: congress #mysql user ip address or hostname -mysqlDBIP: snsj54.vctlab.com +# TODO: whether this needs to be localhost or the actual IP address +mysqlDBIP: localhost #mysql root password -mysqlDBPassword: 67f7d56ce7dafd97af43 +mysqlDBPassword: octopus #mysql root username mysqlDBUser: root diff --git a/components/congress/ansible/deploy_congress.yml b/components/congress/ansible/deploy_congress.yml index 7f01040..b3e311c 100644 --- a/components/congress/ansible/deploy_congress.yml +++ b/components/congress/ansible/deploy_congress.yml @@ -1,6 +1,6 @@ --- -- hosts: congress_prod_host +- hosts: 192.168.1.204 sudo: true diff --git a/components/congress/ansible/hosts.ini b/components/congress/ansible/hosts.ini index f3f0766..341bf16 100644 --- a/components/congress/ansible/hosts.ini +++ b/components/congress/ansible/hosts.ini @@ -2,4 +2,5 @@ 127.0.0.1 ansible_connection=local [congress_prod_host] -snsj54.vctlab.com +192.168.1.204 + diff --git a/components/congress/ansible/roles/deploy/tasks/main.yml b/components/congress/ansible/roles/deploy/tasks/main.yml index 956728b..d057ffc 100644 --- a/components/congress/ansible/roles/deploy/tasks/main.yml +++ b/components/congress/ansible/roles/deploy/tasks/main.yml @@ -1,57 +1,157 @@ --- +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# What this is: An Ansible playbook for installing OpenStack Congress on Centos 7. +# Status: this is a work in progress, under test +# +# How to use: +# ansible-playbook -vvv -u root -k -i hosts.ini deploy_congress.yml +# + +# Update packages +# yum update_cache=yes name=* - name: updating package cache - apt: update_cache=yes +# apt: update_cache=yes + yum: update_cache=yes name=* +# Install dependencies +# Direct command: +# yum pkg=python-pip,mariadb-libs,MySQL-python,git,gcc,python-devel,libxml2,libxslt-devel,libzip-devel,mysql-server state=present - name: installing dependancies - apt: pkg={{item}} state=present + yum: pkg={{item}} state=present with_items: - python-pip - - libmysqlclient-dev - - python-mysqldb + - mariadb-libs + - MySQL-python + - git + - gcc +# - python-dev +# - libxslt1-dev +# - libzip-dev + - python-devel + - libxml2 + - libxslt-devel + - libzip-devel + - mysql-server +# - libmysqlclient-dev +# - python-mysqldb + +# Upgrade pip +# Direct command: pip install --upgrade pip +#- name: upgrade pip +# shell: pip install --upgrade pip +# Install python dependencies +# Direct command: pip name=virtualenv - name: installing python dependancies +# pip: name={{item}} extra_args='--upgrade' pip: name={{item}} with_items: - virtualenv + - oslo.middleware # - MySQL-python +# Create the congress user group +# Direct command: group name=congress state=present - name: creating congress group group: name=congress state=present when: init == "True" +# Create the congress user +# Direct command: user name=congress group=congress state=present createhome=no - name: creating congress user user: name=congress group=congress state=present createhome=no - when: init == "True" +# Create the congress install directory +# Direct command: mkdir {{item}}; chown congress {{item}}; chgrp congress {{item}}; - name: creating remote install directory file: path={{item}} state=directory owner=congress group=congress with_items: - /etc/congress - - "{{installDir}}" + - /etc/congress/snapshot +# - "{{installDir}}" - /var/log/congress +# Copying congress build to prod host +# Direct command: what direct command this maps to is TBD - name: copying congress build to prod host - unarchive: src={{tempDir}}/congress-{{congressVersion}}.tgz dest={{installDir}} owner=congress group=congress + unarchive: src={{tempDir}}/congress-{{congressVersion}}.tar.gz dest={{installDir}} owner=congress group=congress + args: + creates: "{{installDir}}/congress-{{congressVersion}}" + +# Run the congress python setup +# Direct command: cd /opt/congress-{{congressVersion}}; python setup.py install +- name: run setup.py + shell: python setup.py install + args: + chdir: "{{installDir}}/congress-{{congressVersion}}" + creates: /usr/bin/congress-db-manage +# Activate virtualenv (creates virtual python script library to avoid conflicts with other code on the server) +# TODO: clarify need or benefit from virtualenv +# Direct command: virtualenv /opt/congress-{{congressVersion}} - name: activating virtualenv - shell: virtualenv {{installDir}}/congress + shell: virtualenv {{installDir}}/congress-{{congressVersion}} + +# Install dependencies in virtualenv +# Direct command: pip install --upgrade {{item}} +# TODO: how to invoke virtualenv install in manual command +#- name: Install dependencies in virtualenv +# pip: name={{item}} virtualenv={{installDir}}/congress-{{congressVersion}} virtualenv_site_packages=yes extra_args='--upgrade' +# with_items: +# - pbr +# - oslo.middleware +# - i18n + +# Copy api-paste.ini to the config directory +# Direct command: cd /opt/congress-{{congressVersion}}; cp etc/api-paste.ini /etc/congress +- name: copy /etc/congress/api-paste.ini + shell: cp etc/api-paste.ini /etc/congress + args: + creates: /etc/congress/api-paste.ini + chdir: "{{installDir}}/congress-{{congressVersion}}" + +# Copy policy.json to the config directory +# Direct command: cd /opt/congress-{{congressVersion}}; cp etc/policy.json /etc/congress +- name: copy /etc/congress/policy.json + shell: cp etc/policy.json /etc/congress + args: + creates: /etc/congress/policy.json + chdir: "{{installDir}}/congress-{{congressVersion}}" +# Copy congress.conf to the config directory +# Direct command: what direct command this maps to is TBD) - name: updating congress.conf template: src=congress.conf dest=/etc/congress/congress.conf owner=congress group=congress +# Create the congress service +# Direct command: bin/keystone --os-auth-url=http://localhost:35357/v2.0 --os-username=admin --os-tenant-name=admin --os-password=octopus service-create --name congress --type "policy" --description "Congress Service" - name: create congress service shell: > - {{installDir}}/congress/bin/keystone \ + /bin/keystone \ --os-auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 \ --os-username={{keystoneAdminUser}} \ --os-tenant-name={{adminTenantName}} \ --os-password={{keystoneAdminPassword}} \ service-create --name congress --type "policy" --description "Congress Service" - when: init == "True" +# Create the congress service endpoint +# Direct command: bin/keystone --os-auth-url=http://localhost:35357/v2.0 --os-username=admin --os-tenant-name=admin --os-password=octopus endpoint-create --service congress --region RegionOne --publicurl http://192.168.1.204:1789/ - name: creating keystone endpoint shell: > - {{installDir}}/congress/bin/keystone \ + /bin/keystone \ --os-auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 \ --os-username={{keystoneAdminUser}} \ --os-tenant-name={{adminTenantName}} \ @@ -61,29 +161,135 @@ --publicurl {{publicEndpoint}} \ --adminurl {{adminEndpoint}} \ --internalurl {{internalEndpoint}} - when: init == "True" +# Create the congress database +# TODO: fix some bug resulting in "msg: unable to connect, check login credentials " +# Workaround: on controller +# mysql mysql +# update user set host = '%' where user = 'root'; +# exit +# Direct command: mysql_db name=congress state=present login_host=192.168.1.204 login_user=root login_password=VALUE_HIDDEN - name: creating congress database mysql_db: name=congress state=present login_host={{mysqlDBIP}} login_user={{mysqlDBUser}} login_password={{mysqlDBPassword}} - when: init == "True" +# Create the congress database user and access +# Direct command: mysql_user name=congress password=VALUE_HIDDEN login_host=localhost login_user=root login_password=VALUE_HIDDEN priv=congress.*:ALL host=% - name: creating and granting congress user access to database mysql_user: name={{dbUser}} password={{dbPassword}} login_host={{mysqlDBIP}} login_user={{mysqlDBUser}} login_password={{mysqlDBPassword}} priv=congress.*:ALL host={{ item }} with_items: - "%" - "localhost" - when: init == "True" +# Fix bug with congress-db-manage failure to import i18n +# See https://bugs.launchpad.net/tripleo/+bug/1468028 +# It's unclear if this patch causes other problems... +# Direct command: pip install oslo.i18n==1.7.0 +#- name: pip install oslo.i18n==1.7.0 +# shell: > +# pip install oslo.i18n==1.7.0 + +# Create the congress database schema +# Direct command: /usr/bin/congress-db-manage --config-file /etc/congress/congress.conf upgrade head - name: creating congress database schema shell: > - {{installDir}}/congress/bin/congress-db-manage --config-file /etc/congress/congress.conf upgrade head - when: init == "True" + /usr/bin/congress-db-manage --config-file /etc/congress/congress.conf upgrade head -- name: copy init service - template: src=congress-api.conf dest=/etc/init/congress-api.conf - when: init == "True" +# Enable congress to start on system restart +# Direct command: what direct command this maps to is TBD +- name: copy and enable congress-api.service thru systemd + template: src=congress-api.service dest=/usr/lib/systemd/system/congress-api.service -- name: enabling init service for congress - file: src=/lib/init/upstart-job dest=/etc/init.d/congress-api state=link - when: init == "True" +# Install clients +# Direct command: pip install {{item}} +# pip: name={{item}} virtualenv={{installDir}}/congress-{{congressVersion}} virtualenv_site_packages=yes extra_args='--upgrade' +- name: Install clients + pip: name={{item}} + with_items: + - python-openstackclient + - python-congressclient + +# stderr: Exception raised: (pbr 0.11.0 (/usr/lib/python2.7/site-packages), Requirement.parse('pbr>=1.6')) +# Install pbr-1.8.1 +# Direct command: pip install pbr==1.8.1 +- name: Install pbr-1.8.1 + shell: > + pip install pbr==1.8.1 + +# stderr: Exception raised: (pbr 1.8.1 (/usr/lib/python2.7/site-packages), Requirement.parse('pbr>=0.6,!=0.7,<1.0')) +# fix per https://ask.openstack.org/en/question/83174/whole-cli-doesnt-work-anymore-kilo/ +# pip install --upgrade python-openstackclient +- name: Upgrade python-openstackclient + shell: > + pip install --upgrade python-openstackclient +# stderr: Unable to establish connection to http://192.168.10.6:1789/v1/data-sources +# systemctl | grep congress +# congress-api.service loaded failed failed OpenStack Congress Server +# https://wiki.archlinux.org/index.php/Systemd#Investigating_systemd_errors +# systemctl status congress-api -l +# oscontroller1.opnfv.com systemd[4175]: Failed at step EXEC spawning /opt/congress/bin/congress-server: No such file or directory +# error in congress-api.service, needed to completely remove from systemd and reinstall +# systemctl stop congress-api.service +# systemctl disable congress-api.service +# rm /etc/systemd/system/congress-api.service +# systemctl daemon-reload +# systemctl reset-failed +# restart at +# ansible-playbook -vvv -u root -k -i hosts.ini deploy_congress.yml --start-at-task="copy and enable congress-api.service thru systemd" + +# congress-server: Traceback (most recent call last): +# congress-server: File "/opt/congress-2015.1.0/bin/congress-server", line 33, in <module> +# congress-server: from congress.server import congress_server +# congress-server: File "/opt/congress-2015.1.0/congress/server/congress_server.py", line 26, in <module> +# congress-server: from congress.common import config +# congress-server: File "/opt/congress-2015.1.0/congress/common/config.py", line 20, in <module> +# congress-server: from congress.managers import datasource as datasource_mgr +# congress-server: File "/opt/congress-2015.1.0/congress/managers/datasource.py", line 19, in <module> +# congress-server: from oslo.db import exception as db_exc +# congress-server: File "/usr/lib/python2.7/site-packages/oslo/db/exception.py", line 48, in <module> +# congress-server: from oslo.db._i18n import _ +# congress-server: File "/usr/lib/python2.7/site-packages/oslo/db/_i18n.py", line 19, in <module> +# congress-server: from oslo import i18n +# congress-server: ImportError: cannot import name i18n +# systemd: congress-api.service: main process exited, code=exited, status=1/FAILURE +# systemd: Unit congress-api.service entered failed state. +# See https://bugs.launchpad.net/tripleo/+bug/1468028 +# It's unclear if this patch causes other problems... +# Direct command: pip install oslo.i18n==1.7.0 +- name: install oslo.i18n==1.7.0 + shell: > + pip install oslo.i18n==1.7.0 + +# congress-server: 2015-11-26 00:30:42.754 24988 TRACE congress from oslo.middleware import request_id +# congress-server: 2015-11-26 00:30:42.754 24988 TRACE congress ImportError: No module named middleware +- name: install oslo.middleware + pip: name={{item}} + with_items: + - oslo.middleware + +# Start the congress service +# Direct command: systemctl start congress-api +- name: start congress-api service + shell: systemctl start congress-api + +# Create congress datasources +# leave out swift for now, as it seems to break access to the other datasources +# Direct command: openstack congress datasource create {{item}} "{{item}}" --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +- name: install datasource drivers + shell: openstack congress datasource create {{item}} "{{item}}" \ + --os-username={{keystoneAdminUser}} \ + --os-tenant-name={{adminTenantName}} \ + --os-password={{keystoneAdminPassword}} \ + --os-auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 + --config username={{keystoneAdminUser}} \ + --config tenant-name={{adminTenantName}} \ + --config password={{keystoneAdminPassword}} \ + --config auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 + with_items: + - ceilometer + - cinder + - glancev2 + - keystone + - neutronv2 + - nova +# - swift diff --git a/components/congress/ansible/roles/deploy/templates/congress-api.service b/components/congress/ansible/roles/deploy/templates/congress-api.service new file mode 100644 index 0000000..aacc30c --- /dev/null +++ b/components/congress/ansible/roles/deploy/templates/congress-api.service @@ -0,0 +1,11 @@ +[Unit] +Description=OpenStack Congress Server +After=syslog.target network.target + +[Service] +Type=simple +User=congress +ExecStart={{installDir}}/congress/bin/congress-server --config-file /etc/congress/congress.conf + +[Install] +WantedBy=multi-user.target diff --git a/components/congress/ansible/roles/deploy/templates/congress.conf b/components/congress/ansible/roles/deploy/templates/congress.conf index ffcd900..da74ec0 100644 --- a/components/congress/ansible/roles/deploy/templates/congress.conf +++ b/components/congress/ansible/roles/deploy/templates/congress.conf @@ -1,3 +1,21 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# What this is: An template configuration file for OpenStack Congress +# Status: testing in progress +# + [DEFAULT] # Print more verbose output (set logging level to INFO instead of default WARNING level). verbose = True @@ -25,7 +43,7 @@ log_dir = /var/log/congress # publish_errors = False # Address to bind the API server to -# bind_host = 0.0.0.0 +bind_host = {{hostIP}} # Port the bind the API server to # bind_port = 1789 @@ -38,11 +56,12 @@ policy_path = /etc/congress/snapshot # The strategy to be used for auth. # Supported values are 'keystone'(default), 'noauth'. -auth_strategy = keystone +auth_strategy = noauth # List of datasource driver class paths to import. # For example: congress.datasources.neutronv2_driver.NeutronV2Driver, etc -# datasource_drivers = [] +# errors seen in log, removed congress.datasources.swift_driver.SwiftDriver +drivers = congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources.keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver,congress.datasources.swift_driver.SwiftDriver [keystone_authtoken] auth_host = {{ keystoneAuthHost }} |