diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index ed6b6c15f4..e5ff91e3be 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -19,6 +19,10 @@ node_config_directory: "/etc/kolla/{{ project }}" ################### # Kolla options ################### + +# Which orchestration engine to use. Valid options are [ ANSIBLE, KUBERNETES ] +orchestration_engine: "ANSIBLE" + # Valid options are [ COPY_ONCE, COPY_ALWAYS ] config_strategy: "COPY_ALWAYS" @@ -39,6 +43,19 @@ kolla_enable_sanity_glance: "{{ kolla_enable_sanity_checks }}" kolla_enable_sanity_cinder: "{{ kolla_enable_sanity_checks }}" kolla_enable_sanity_swift: "{{ kolla_enable_sanity_checks }}" + +#################### +# kolla-kubernetes +#################### +# By default, Kolla API services bind to the network address assigned +# to the api_interface. Allow the bind address to be an override. In +# some cases (Kubernetes), the api_interface address is not known +# until container runtime, and thus it is necessary to bind to all +# interfaces "0.0.0.0". When used outside of Kubernetes, binding to +# all interfaces may present a security issue, and thus is not +# recommended. +api_interface_address: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] if orchestration_engine == 'ANSIBLE' else '0.0.0.0' }}" + #################### # Database options #################### diff --git a/ansible/roles/mariadb/templates/galera.cnf.j2 b/ansible/roles/mariadb/templates/galera.cnf.j2 index 7ffcb26a05..3dcb5f8670 100644 --- a/ansible/roles/mariadb/templates/galera.cnf.j2 +++ b/ansible/roles/mariadb/templates/galera.cnf.j2 @@ -1,6 +1,11 @@ -{% set wsrep_driver = '/usr/lib/galera/libgalera_smm.so' if kolla_base_distro == 'ubuntu' else '/usr/lib64/galera/libgalera_smm.so' %} +{%- set wsrep_driver = '/usr/lib/galera/libgalera_smm.so' if kolla_base_distro == 'ubuntu' else '/usr/lib64/galera/libgalera_smm.so' %} + +{#- Disable Galera in the case of of Kubernetes as its not supported yet. Otherwise, #} +{#- mariadb will fail to start #} +{%- set wsrep_driver = 'none' if orchestration_engine == 'KUBERNETES' else wsrep_driver %} + [mysqld] -bind-address={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +bind-address={{ api_interface_address }} port={{ mariadb_port }} log-error=/var/log/kolla/mariadb/mariadb.log @@ -13,10 +18,10 @@ datadir=/var/lib/mysql/ wsrep_cluster_address=gcomm://{% if (groups['mariadb'] | length) > 1 %}{% for host in groups['mariadb'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ mariadb_wsrep_port }}{% if not loop.last %},{% endif %}{% endfor %}{% endif %} -wsrep_provider_options=gmcast.listen_addr=tcp://{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ mariadb_wsrep_port }};ist.recv_addr={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ mariadb_ist_port }} +wsrep_provider_options=gmcast.listen_addr=tcp://{{ api_interface_address }}:{{ mariadb_wsrep_port }};ist.recv_addr={{ api_interface_address }}:{{ mariadb_ist_port }} -wsrep_node_address={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ mariadb_wsrep_port }} -wsrep_sst_receive_address={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ mariadb_sst_port }} +wsrep_node_address={{ api_interface_address }}:{{ mariadb_wsrep_port }} +wsrep_sst_receive_address={{ api_interface_address }}:{{ mariadb_sst_port }} wsrep_provider={{ wsrep_driver }} wsrep_cluster_name="{{ database_cluster_name }}" diff --git a/ansible/roles/mariadb/templates/wsrep-notify.sh.j2 b/ansible/roles/mariadb/templates/wsrep-notify.sh.j2 index babd29e86e..73acde3fe6 100644 --- a/ansible/roles/mariadb/templates/wsrep-notify.sh.j2 +++ b/ansible/roles/mariadb/templates/wsrep-notify.sh.j2 @@ -3,7 +3,7 @@ # Edit parameters below to specify the address and login to server. USER={{ database_user }} PSWD={{ database_password }} -HOST={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} +HOST={{ api_interface_address }} PORT={{ mariadb_port }} LB_USER=haproxy