This repository has been archived by the owner on Nov 24, 2022. It is now read-only.
forked from openstack/kolla-ansible
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
db25948
commit fa378de
Showing
26 changed files
with
1,385 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
etc/kolla/passwords.yml | ||
etc/kolla/globals.yml | ||
ansible/group_vars/all.yml | ||
ansible/site.yml | ||
ansible/roles/common/tasks/config.yml | ||
ansible/roles/common/defaults/main.yml | ||
ansible/roles/common/templates/cron-logrotate-adjutant.conf.j2 | ||
ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 | ||
ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 | ||
ansible/roles/adjutant/tasks/copy-certs.yml | ||
ansible/roles/adjutant/tasks/pull.yml | ||
ansible/roles/adjutant/tasks/check-containers.yml | ||
ansible/roles/adjutant/tasks/precheck.yml | ||
ansible/roles/adjutant/tasks/loadbalancer.yml | ||
ansible/roles/adjutant/tasks/deploy.yml | ||
ansible/roles/adjutant/tasks/register.yml | ||
ansible/roles/adjutant/tasks/bootstrap_service.yml | ||
ansible/roles/adjutant/tasks/config.yml | ||
ansible/roles/adjutant/tasks/stop.yml | ||
ansible/roles/adjutant/tasks/external_ceph.yml | ||
ansible/roles/adjutant/tasks/bootstrap.yml | ||
ansible/roles/adjutant/defaults/main.yml | ||
ansible/roles/adjutant/templates/adjutant-api.json.j2 | ||
ansible/roles/adjutant/templates/wsgi-adjutant.conf.j2 | ||
ansible/roles/adjutant/templates/adjutant.yaml copy.j2 | ||
ansible/roles/adjutant/handlers/main.yml | ||
ansible/roles/adjutant/templates/adjutant.yaml.j2 | ||
ansible/inventory/multinode | ||
ansible/inventory/all-in-one |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
--- | ||
project_name: "adjutant" | ||
|
||
adjutant_services: | ||
adjutant-api: | ||
container_name: adjutant_api | ||
group: adjutant-api | ||
enabled: true | ||
image: "{{ adjutant_api_image_full }}" | ||
volumes: "{{ adjutant_api_default_volumes + adjutant_api_extra_volumes }}" | ||
dimensions: "{{ adjutant_api_dimensions }}" | ||
haproxy: | ||
adjutant_api: | ||
enabled: "{{ enable_adjutant }}" | ||
mode: "http" | ||
external: false | ||
port: "{{ adjutant_api_listen_port }}" | ||
adjutant_api_external: | ||
enabled: "{{ enable_adjutant }}" | ||
mode: "http" | ||
external: true | ||
port: "{{ adjutant_api_listen_port }}" | ||
|
||
#################### | ||
# Database | ||
#################### | ||
adjutant_database_name: "adjutant" | ||
adjutant_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}adjutant{% endif %}" | ||
adjutant_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}" | ||
|
||
|
||
#################### | ||
# Docker | ||
#################### | ||
adjutant_install_type: "{{ kolla_install_type }}" | ||
adjutant_tag: "{{ openstack_tag }}" | ||
|
||
adjutant_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ adjutant_install_type }}-adjutant-api" | ||
adjutant_api_tag: "{{ adjutant_tag }}" | ||
adjutant_api_image_full: "{{ adjutant_api_image }}:{{ adjutant_api_tag }}" | ||
|
||
adjutant_api_dimensions: "{{ default_container_dimensions }}" | ||
|
||
adjutant_api_default_volumes: | ||
- "{{ node_config_directory }}/adjutant-api/:{{ container_config_directory }}/:ro" | ||
- "/etc/localtime:/etc/localtime:ro" | ||
- "{{ '/etc/timezone:/etc/timezone:ro' if kolla_base_distro in ['debian', 'ubuntu'] else '' }}" | ||
- "kolla_logs:/var/log/kolla/" | ||
|
||
adjutant_extra_volumes: "{{ default_extra_volumes }}" | ||
adjutant_api_extra_volumes: "{{ adjutant_extra_volumes }}" | ||
|
||
#################### | ||
# OpenStack | ||
#################### | ||
adjutant_admin_endpoint: "{{ admin_protocol }}://{{ adjutant_internal_fqdn | put_address_in_context('url') }}:{{ adjutant_api_port }}" | ||
adjutant_internal_endpoint: "{{ internal_protocol }}://{{ adjutant_internal_fqdn | put_address_in_context('url') }}:{{ adjutant_api_port }}" | ||
adjutant_public_endpoint: "{{ public_protocol }}://{{ adjutant_external_fqdn | put_address_in_context('url') }}:{{ adjutant_api_port }}" | ||
|
||
adjutant_logging_debug: "{{ openstack_logging_debug }}" | ||
|
||
adjutant_keystone_user: "adjutant" | ||
|
||
openstack_adjutant_auth: "{{ openstack_auth }}" | ||
|
||
#################### | ||
# Keystone | ||
#################### | ||
adjutant_ks_services: | ||
- name: "adjutant" | ||
type: "registration" | ||
description: "OpenStack Registration Service" | ||
endpoints: | ||
- {'interface': 'admin', 'url': '{{ adjutant_admin_endpoint }}/v1'} | ||
- {'interface': 'internal', 'url': '{{ adjutant_internal_endpoint }}/v1'} | ||
- {'interface': 'public', 'url': '{{ adjutant_public_endpoint }}/v1'} | ||
|
||
adjutant_ks_users: | ||
- project: "service" | ||
user: "{{ adjutant_keystone_user }}" | ||
password: "{{ adjutant_keystone_password }}" | ||
role: "admin" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
--- | ||
- name: Restart adjutant-api container | ||
vars: | ||
service_name: "adjutant-api" | ||
service: "{{ adjutant_services[service_name] }}" | ||
become: true | ||
kolla_docker: | ||
action: "recreate_or_restart_container" | ||
common_options: "{{ docker_common_options }}" | ||
name: "{{ service.container_name }}" | ||
image: "{{ service.image }}" | ||
volumes: "{{ service.volumes }}" | ||
dimensions: "{{ service.dimensions }}" | ||
when: | ||
- kolla_action != "config" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
--- | ||
dependencies: | ||
- { role: common } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
--- | ||
- name: Creating adjutant database | ||
become: true | ||
kolla_toolbox: | ||
module_name: mysql_db | ||
module_args: | ||
login_host: "{{ database_address }}" | ||
login_port: "{{ database_port }}" | ||
login_user: "{{ database_user }}" | ||
login_password: "{{ database_password }}" | ||
name: "{{ adjutant_database_name }}" | ||
run_once: True | ||
delegate_to: "{{ groups['adjutant-api'][0] }}" | ||
when: | ||
- not use_preconfigured_databases | bool | ||
|
||
- name: Creating adjutant database user and setting permissions | ||
become: true | ||
kolla_toolbox: | ||
module_name: mysql_user | ||
module_args: | ||
login_host: "{{ database_address }}" | ||
login_port: "{{ database_port }}" | ||
login_user: "{{ database_user }}" | ||
login_password: "{{ database_password }}" | ||
name: "{{ adjutant_database_user }}" | ||
password: "{{ adjutant_database_password }}" | ||
host: "%" | ||
priv: "{{ adjutant_database_name }}.*:ALL" | ||
append_privs: "yes" | ||
run_once: True | ||
delegate_to: "{{ groups['adjutant-api'][0] }}" | ||
when: | ||
- not use_preconfigured_databases | bool | ||
|
||
- include_tasks: bootstrap_service.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
--- | ||
- name: Running adjutant bootstrap container | ||
vars: | ||
adjutant_api: "{{ adjutant_services['adjutant-api'] }}" | ||
become: true | ||
kolla_docker: | ||
action: "start_container" | ||
common_options: "{{ docker_common_options }}" | ||
detach: False | ||
environment: | ||
KOLLA_BOOTSTRAP: | ||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" | ||
image: "{{ adjutant_api.image }}" | ||
labels: | ||
BOOTSTRAP: | ||
name: "bootstrap_adjutant" | ||
restart_policy: no | ||
volumes: "{{ adjutant_api.volumes }}" | ||
run_once: True | ||
delegate_to: "{{ groups[adjutant_api.group][0] }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
--- | ||
- name: Check adjutant containers | ||
become: true | ||
kolla_docker: | ||
action: "compare_container" | ||
common_options: "{{ docker_common_options }}" | ||
name: "{{ item.value.container_name }}" | ||
image: "{{ item.value.image }}" | ||
volumes: "{{ item.value.volumes }}" | ||
dimensions: "{{ item.value.dimensions }}" | ||
when: | ||
- inventory_hostname in groups[item.value.group] | ||
- item.value.enabled | bool | ||
with_dict: "{{ adjutant_services }}" | ||
notify: | ||
- "Restart {{ item.key }} container" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
--- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,107 @@ | ||
--- | ||
- name: Ensuring config directories exist | ||
file: | ||
path: "{{ node_config_directory }}/{{ item.key }}" | ||
state: "directory" | ||
owner: "{{ config_owner_user }}" | ||
group: "{{ config_owner_group }}" | ||
mode: "0770" | ||
become: true | ||
when: | ||
- inventory_hostname in groups[item.value.group] | ||
- item.value.enabled | bool | ||
with_dict: "{{ adjutant_services }}" | ||
|
||
- name: Check if policies shall be overwritten | ||
stat: | ||
path: "{{ item }}" | ||
delegate_to: localhost | ||
run_once: True | ||
register: adjutant_policy | ||
with_first_found: | ||
- files: "{{ supported_policy_format_list }}" | ||
paths: | ||
- "{{ node_custom_config }}/adjutant/" | ||
skip: true | ||
|
||
- name: Set adjutant policy file | ||
set_fact: | ||
adjutant_policy_file: "{{ adjutant_policy.results.0.stat.path | basename }}" | ||
adjutant_policy_file_path: "{{ adjutant_policy.results.0.stat.path }}" | ||
when: | ||
- adjutant_policy.results | ||
|
||
- include_tasks: copy-certs.yml | ||
when: | ||
- kolla_copy_ca_into_containers | bool | ||
|
||
- name: Copying over config.json files for services | ||
template: | ||
src: "{{ item.key }}.json.j2" | ||
dest: "{{ node_config_directory }}/{{ item.key }}/config.json" | ||
mode: "0660" | ||
become: true | ||
when: | ||
- item.value.enabled | bool | ||
- inventory_hostname in groups[item.value.group] | ||
with_dict: "{{ adjutant_services }}" | ||
notify: | ||
- Restart {{ item.key }} container | ||
|
||
- name: Copying over adjutant.yaml | ||
vars: | ||
service: "{{ adjutant_services['adjutant-api'] }}" | ||
# NOTE(dszumski): We can't use merge_yaml since it replaces empty values | ||
# with `null`. This breaks the thresholder config file parsing (which should | ||
# probably be more robust). | ||
template: | ||
src: "{{ item }}" | ||
dest: "{{ node_config_directory }}/adjutant-api/adjutant.yaml" | ||
owner: "{{ config_owner_user }}" | ||
group: "{{ config_owner_group }}" | ||
mode: "0644" | ||
become: true | ||
with_first_found: | ||
- "{{ node_custom_config }}/adjutant.yaml" | ||
- "{{ node_custom_config }}/adjutant/{{ item.key }}.conf" | ||
- "{{ node_custom_config }}/adjutant/{{ inventory_hostname }}/adjutant.yaml" | ||
- "{{ role_path }}/templates/adjutant.yml.j2" | ||
when: | ||
- inventory_hostname in groups['adjutant-api'] | ||
- service.enabled | bool | ||
notify: | ||
- Restart adjutant-api container | ||
|
||
|
||
- name: Copying over wsgi-adjutant.conf | ||
vars: | ||
service: "{{ adjutant_services['adjutant-api'] }}" | ||
template: | ||
src: "wsgi-adjutant.conf.j2" | ||
dest: "{{ node_config_directory }}/{{ item }}/wsgi-adjutant.conf" | ||
mode: "0660" | ||
become: true | ||
when: | ||
- inventory_hostname in groups['adjutant-api'] | ||
- service.enabled | bool | ||
with_items: | ||
- "adjutant-api" | ||
notify: | ||
- Restart adjutant-api container | ||
|
||
- name: Copying over existing policy file | ||
template: | ||
src: "{{ adjutant_policy_file_path }}" | ||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ adjutant_policy_file }}" | ||
mode: "0660" | ||
become: true | ||
when: | ||
- adjutant_policy_file is defined | ||
- inventory_hostname in groups[item.value.group] | ||
- item.value.enabled | bool | ||
with_dict: "{{ adjutant_services }}" | ||
notify: | ||
- Restart {{ item.key }} container | ||
|
||
- include_tasks: check-containers.yml | ||
when: kolla_action != "config" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
--- | ||
- name: "Copy certificates and keys for {{ project_name }}" | ||
import_role: | ||
role: service-cert-copy | ||
vars: | ||
project_services: "{{ adjutant_services }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
--- | ||
- import_tasks: check-containers.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
--- | ||
- include_tasks: register.yml | ||
when: inventory_hostname in groups['adjutant-api'] | ||
|
||
- include_tasks: config.yml | ||
when: inventory_hostname in groups['adjutant-api'] | ||
|
||
- include_tasks: bootstrap.yml | ||
when: inventory_hostname in groups['adjutant-api'] | ||
|
||
- name: Flush handlers | ||
meta: flush_handlers |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
--- | ||
- name: Copy over ceph.conf file | ||
template: | ||
src: "{{ node_custom_config }}/adjutant/ceph.conf" | ||
dest: "{{ node_config_directory }}/{{ item }}/ceph.conf" | ||
mode: "0660" | ||
become: true | ||
when: inventory_hostname in groups[item] | ||
with_items: | ||
- "adjutant-api" | ||
notify: | ||
- Restart {{ item }} container | ||
|
||
- name: Copy over ceph adjutant keyring | ||
copy: | ||
src: "{{ node_custom_config }}/adjutant/{{ ceph_adjutant_keyring }}" | ||
dest: "{{ node_config_directory }}/{{ item }}/{{ ceph_adjutant_keyring }}" | ||
mode: "0660" | ||
become: true | ||
when: inventory_hostname in groups[item] | ||
with_items: | ||
- "adjutant-api" | ||
notify: | ||
- Restart {{ item }} container | ||
|
||
- name: Ensuring config directory has correct owner and permission | ||
become: true | ||
file: | ||
path: "{{ node_config_directory }}/{{ item }}" | ||
recurse: yes | ||
owner: "{{ config_owner_user }}" | ||
group: "{{ config_owner_group }}" | ||
when: inventory_hostname in groups[item] | ||
with_items: | ||
- "adjutant-api" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
--- | ||
- name: "Configure haproxy for {{ project_name }}" | ||
import_role: | ||
name: haproxy-config | ||
vars: | ||
project_services: "{{ adjutant_services }}" | ||
tags: always |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
--- | ||
- include_tasks: "{{ kolla_action }}.yml" |
Oops, something went wrong.