From 68e7da0a3630a045fafe79a572113c490aef7ca0 Mon Sep 17 00:00:00 2001
From: Mick Thompson <michael.a.thompson@oracle.com>
Date: Fri, 28 Aug 2015 10:49:29 +0100
Subject: [PATCH] Add ansible support for Murano
Deploy the core services for murano-api and murano-engine containers.
Implements: bp ansible-murano
Change-Id: Ibcc618665a3509465ba8f9249a417e8848087eef
---
ansible/group_vars/all.yml | 2 +
ansible/inventory/all-in-one | 10 +++
ansible/inventory/multinode | 10 +++
ansible/roles/murano/defaults/main.yml | 36 +++++++++++
ansible/roles/murano/meta/main.yml | 3 +
ansible/roles/murano/tasks/bootstrap.yml | 63 +++++++++++++++++++
ansible/roles/murano/tasks/config.yml | 40 ++++++++++++
ansible/roles/murano/tasks/main.yml | 8 +++
ansible/roles/murano/tasks/register.yml | 37 +++++++++++
ansible/roles/murano/tasks/start.yml | 39 ++++++++++++
ansible/roles/murano/templates/murano.conf.j2 | 36 +++++++++++
ansible/site.yml | 4 ++
docker/murano/murano-api/config-external.sh | 2 +-
.../murano/murano-engine/config-external.sh | 2 +-
etc/kolla/config/murano.conf | 0
etc/kolla/config/murano/murano-api.conf | 0
etc/kolla/config/murano/murano-engine.conf | 0
etc/kolla/passwords.yml | 3 +
18 files changed, 293 insertions(+), 2 deletions(-)
create mode 100644 ansible/roles/murano/defaults/main.yml
create mode 100644 ansible/roles/murano/meta/main.yml
create mode 100644 ansible/roles/murano/tasks/bootstrap.yml
create mode 100644 ansible/roles/murano/tasks/config.yml
create mode 100644 ansible/roles/murano/tasks/main.yml
create mode 100644 ansible/roles/murano/tasks/register.yml
create mode 100644 ansible/roles/murano/tasks/start.yml
create mode 100644 ansible/roles/murano/templates/murano.conf.j2
create mode 100644 etc/kolla/config/murano.conf
create mode 100644 etc/kolla/config/murano/murano-api.conf
create mode 100644 etc/kolla/config/murano/murano-engine.conf
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 34985a0594..6df5c7ba96 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -99,6 +99,7 @@ swift_container_server_port: "6002"
heat_api_port: "8004"
heat_api_cfn_port: "8000"
+murano_api_port: "8082"
####################
# Openstack options
@@ -140,6 +141,7 @@ enable_cinder: "no"
enable_heat: "yes"
enable_horizon: "yes"
enable_swift: "no"
+enable_murano: "no"
####################
diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one
index e762078b1b..8b782f72ac 100644
--- a/ansible/inventory/all-in-one
+++ b/ansible/inventory/all-in-one
@@ -51,6 +51,9 @@ control
[heat:children]
control
+[murano:children]
+control
+
# Additional control implemented here. These groups allow you to control which
# services run on which hosts at a per-service level.
@@ -124,3 +127,10 @@ heat
[heat-engine:children]
heat
+
+# Murano
+[murano-api:children]
+murano
+
+[murano-engine:children]
+murano
diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode
index 1d4e1fb7fd..f6ce047a7f 100644
--- a/ansible/inventory/multinode
+++ b/ansible/inventory/multinode
@@ -59,6 +59,9 @@ control
[heat:children]
control
+[murano:children]
+control
+
# Additional control implemented here. These groups allow you to control which
# services run on which hosts at a per-service level.
@@ -132,3 +135,10 @@ heat
[heat-engine:children]
heat
+
+# Murano
+[murano-api:children]
+murano
+
+[murano-engine:children]
+murano
diff --git a/ansible/roles/murano/defaults/main.yml b/ansible/roles/murano/defaults/main.yml
new file mode 100644
index 0000000000..45ac3dd73a
--- /dev/null
+++ b/ansible/roles/murano/defaults/main.yml
@@ -0,0 +1,36 @@
+---
+project_name: "murano"
+
+####################
+# Database
+####################
+murano_database_name: "murano"
+murano_database_user: "murano"
+murano_database_address: "{{ kolla_internal_address }}"
+
+
+####################
+# Docker
+####################
+murano_engine_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-murano-engine"
+murano_engine_tag: "{{ openstack_release }}"
+murano_engine_image_full: "{{ murano_engine_image }}:{{ murano_engine_tag }}"
+
+murano_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-murano-api"
+murano_api_tag: "{{ openstack_release }}"
+murano_api_image_full: "{{ murano_api_image }}:{{ murano_api_tag }}"
+
+
+####################
+# Openstack
+####################
+murano_public_address: "{{ kolla_external_address }}"
+murano_admin_address: "{{ kolla_internal_address }}"
+murano_internal_address: "{{ kolla_internal_address }}"
+
+murano_logging_verbose: "{{ openstack_logging_verbose }}"
+murano_logging_debug: "{{ openstack_logging_debug }}"
+
+murano_keystone_user: "murano"
+
+openstack_murano_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
diff --git a/ansible/roles/murano/meta/main.yml b/ansible/roles/murano/meta/main.yml
new file mode 100644
index 0000000000..6b4fff8fef
--- /dev/null
+++ b/ansible/roles/murano/meta/main.yml
@@ -0,0 +1,3 @@
+---
+dependencies:
+ - { role: common }
diff --git a/ansible/roles/murano/tasks/bootstrap.yml b/ansible/roles/murano/tasks/bootstrap.yml
new file mode 100644
index 0000000000..69eca17529
--- /dev/null
+++ b/ansible/roles/murano/tasks/bootstrap.yml
@@ -0,0 +1,63 @@
+---
+- name: Creating Murano database
+ command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+ -m mysql_db
+ -a "login_host='{{ database_address }}'
+ login_user='{{ database_user }}'
+ login_port='{{ mariadb_port }}'
+ login_password='{{ database_password }}'
+ name='{{ murano_database_name }}'"
+ register: database
+ changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+ failed_when: database.stdout.split()[2] != 'SUCCESS'
+ run_once: True
+
+- name: Creating Murano database user and setting permissions
+ command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+ -m mysql_user
+ -a "login_host='{{ database_address }}'
+ login_user='{{ database_user }}'
+ login_password='{{ database_password }}'
+ name='{{ murano_database_name }}'
+ password='{{ murano_database_password }}'
+ host='%'
+ priv='{{ murano_database_name }}.*:ALL'
+ append_privs='yes'"
+ register: database_user_create
+ changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and (database_user_create.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+ failed_when: database_user_create.stdout.split()[2] != 'SUCCESS'
+ run_once: True
+
+- name: Starting Murano bootstrap container
+ docker:
+ detach: False
+ docker_api_version: "{{ docker_api_version }}"
+ net: host
+ pull: "{{ docker_pull_policy }}"
+ restart_policy: "no"
+ state: reloaded
+ registry: "{{ docker_registry }}"
+ username: "{{ docker_registry_username }}"
+ password: "{{ docker_registry_password }}"
+ insecure_registry: "{{ docker_insecure_registry }}"
+ name: bootstrap_murano
+ image: "{{ murano_api_image_full }}"
+ volumes: "{{ node_config_directory }}/murano-api/:/opt/kolla/murano-api/:ro"
+ env:
+ KOLLA_BOOTSTRAP:
+ KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+ run_once: True
+ when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed
+
+# https://github.com/ansible/ansible-modules-core/pull/1031
+- name: Waiting for bootstrap container to exit
+ command: docker wait bootstrap_murano
+ run_once: True
+ when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed
+
+- name: Cleaning up Murano boostrap container
+ docker:
+ name: bootstrap_murano
+ image: "{{ murano_api_image_full }}"
+ state: absent
+ when: database.stdout.find('localhost | SUCCESS => ') != -1 and (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed
diff --git a/ansible/roles/murano/tasks/config.yml b/ansible/roles/murano/tasks/config.yml
new file mode 100644
index 0000000000..2398f81968
--- /dev/null
+++ b/ansible/roles/murano/tasks/config.yml
@@ -0,0 +1,40 @@
+---
+- include: ../../config.yml
+ vars:
+ service_name: "murano-engine"
+ config_source:
+ - "roles/{{ project_name }}/templates/murano.conf.j2"
+ - "/etc/kolla/config/global.conf"
+ - "/etc/kolla/config/database.conf"
+ - "/etc/kolla/config/messaging.conf"
+ - "/etc/kolla/config/{{ project_name }}.conf"
+ - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf"
+ config_template_dest:
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal"
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global"
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database"
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging"
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment"
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment"
+ config_dest: "{{ node_config_directory }}/{{ service_name }}/murano.conf"
+ when: inventory_hostname in groups['murano-engine']
+
+- include: ../../config.yml
+ vars:
+ service_name: "murano-api"
+ config_source:
+ - "roles/{{ project_name }}/templates/murano.conf.j2"
+ - "/etc/kolla/config/global.conf"
+ - "/etc/kolla/config/database.conf"
+ - "/etc/kolla/config/messaging.conf"
+ - "/etc/kolla/config/{{ project_name }}.conf"
+ - "/etc/kolla/config/{{ project_name }}/{{ service_name }}.conf"
+ config_template_dest:
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_minimal"
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_global"
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_database"
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_messaging"
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment"
+ - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment"
+ config_dest: "{{ node_config_directory }}/{{ service_name }}/murano.conf"
+ when: inventory_hostname in groups['murano-api']
diff --git a/ansible/roles/murano/tasks/main.yml b/ansible/roles/murano/tasks/main.yml
new file mode 100644
index 0000000000..5c48120b7c
--- /dev/null
+++ b/ansible/roles/murano/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+- include: register.yml
+
+- include: config.yml
+
+- include: bootstrap.yml
+
+- include: start.yml
diff --git a/ansible/roles/murano/tasks/register.yml b/ansible/roles/murano/tasks/register.yml
new file mode 100644
index 0000000000..c1ea88daf1
--- /dev/null
+++ b/ansible/roles/murano/tasks/register.yml
@@ -0,0 +1,37 @@
+---
+- name: Creating the Murano service and endpoint
+ command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+ -m kolla_keystone_service
+ -a "service_name=murano
+ service_type=application_catalog
+ description='Openstack Application Catalogue'
+ endpoint_region={{ openstack_region_name }}
+ admin_url='http://{{ kolla_internal_address }}:{{ murano_api_port }}'
+ internal_url='http://{{ kolla_internal_address }}:{{ murano_api_port }}'
+ public_url='http://{{ kolla_external_address }}:{{ murano_api_port }}'
+ region_name={{ openstack_region_name }}
+ auth={{ '{{ openstack_murano_auth }}' }}"
+ -e "{'openstack_murano_auth':{{ openstack_murano_auth }}}"
+ register: murano_endpoint
+ changed_when: "{{ murano_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (murano_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+ until: murano_endpoint.stdout.split()[2] == 'SUCCESS'
+ retries: 10
+ delay: 5
+ run_once: True
+
+- name: Creating the Murano project, user, and role
+ command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+ -m kolla_keystone_user
+ -a "project=service
+ user=murano
+ password={{ murano_keystone_password }}
+ role=admin
+ region_name={{ openstack_region_name }}
+ auth={{ '{{ openstack_murano_auth }}' }}"
+ -e "{'openstack_murano_auth':{{ openstack_murano_auth }}}"
+ register: murano_user
+ changed_when: "{{ murano_user.stdout.find('localhost | SUCCESS => ') != -1 and (murano_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+ until: murano_user.stdout.split()[2] == 'SUCCESS'
+ retries: 10
+ delay: 5
+ run_once: True
diff --git a/ansible/roles/murano/tasks/start.yml b/ansible/roles/murano/tasks/start.yml
new file mode 100644
index 0000000000..c857ef0fbd
--- /dev/null
+++ b/ansible/roles/murano/tasks/start.yml
@@ -0,0 +1,39 @@
+---
+- name: Starting Murano-engine container
+ docker:
+ docker_api_version: "{{ docker_api_version }}"
+ net: host
+ pull: "{{ docker_pull_policy }}"
+ restart_policy: "{{ docker_restart_policy }}"
+ restart_policy_retry: "{{ docker_restart_policy_retry }}"
+ state: reloaded
+ registry: "{{ docker_registry }}"
+ username: "{{ docker_registry_username }}"
+ password: "{{ docker_registry_password }}"
+ insecure_registry: "{{ docker_insecure_registry }}"
+ name: murano_engine
+ image: "{{ murano_engine_image_full }}"
+ volumes: "{{ node_config_directory }}/murano-engine/:/opt/kolla/murano-engine/:ro"
+ volumes_from:
+ env:
+ KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+ when: inventory_hostname in groups['murano-engine']
+
+- name: Starting Murano-api container
+ docker:
+ docker_api_version: "{{ docker_api_version }}"
+ net: host
+ pull: "{{ docker_pull_policy }}"
+ restart_policy: "{{ docker_restart_policy }}"
+ restart_policy_retry: "{{ docker_restart_policy_retry }}"
+ state: reloaded
+ registry: "{{ docker_registry }}"
+ username: "{{ docker_registry_username }}"
+ password: "{{ docker_registry_password }}"
+ insecure_registry: "{{ docker_insecure_registry }}"
+ name: murano_api
+ image: "{{ murano_api_image_full }}"
+ volumes: "{{ node_config_directory }}/murano-api/:/opt/kolla/murano-api/:ro"
+ env:
+ KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+ when: inventory_hostname in groups['murano-api']
diff --git a/ansible/roles/murano/templates/murano.conf.j2 b/ansible/roles/murano/templates/murano.conf.j2
new file mode 100644
index 0000000000..85b1fea64f
--- /dev/null
+++ b/ansible/roles/murano/templates/murano.conf.j2
@@ -0,0 +1,36 @@
+[DEFAULT]
+verbose = {{ openstack_logging_verbose }}
+debug = {{ openstack_logging_debug }}
+
+rabbit_host = {{ kolla_internal_address }}
+rabbit_userid = {{ rabbitmq_user }}
+rabbit_password = {{ rabbitmq_password }}
+notification_driver = noop
+
+{% if service_name == 'murano-api' %}
+bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+bind_port = {{ murano_api_port }}
+{% endif %}
+
+[database]
+connection = mysql://{{ murano_database_user }}:{{ murano_database_password }}@{{ murano_database_address }}/{{ murano_database_name }}
+
+[keystone_authtoken]
+auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }}
+auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }}
+auth_plugin = password
+project_domain_id = default
+user_domain_id = default
+project_name = service
+username = {{ murano_keystone_user }}
+password = {{ murano_keystone_password }}
+
+[murano]
+url = http://{{ kolla_internal_address }}:{{ murano_api_port }}
+
+{% if service_name == 'murano-engine' %}
+[rabbitmq]
+host = {{ kolla_internal_address }}
+login = {{ rabbitmq_user }}
+password = {{ rabbitmq_password }}
+{% endif %}
diff --git a/ansible/site.yml b/ansible/site.yml
index 6eeafed366..2be2ce7ff5 100755
--- a/ansible/site.yml
+++ b/ansible/site.yml
@@ -42,3 +42,7 @@
- hosts: horizon
roles:
- { role: horizon, tags: horizon, when: enable_horizon | bool }
+
+- hosts: [murano-api, murano-engine]
+ roles:
+ - { role: murano, tags: murano, when: enable_murano | bool }
diff --git a/docker/murano/murano-api/config-external.sh b/docker/murano/murano-api/config-external.sh
index 5d9a2da497..ffcdaef0b9 100644
--- a/docker/murano/murano-api/config-external.sh
+++ b/docker/murano/murano-api/config-external.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-SOURCE="/opt/kolla/murano/murano.conf"
+SOURCE="/opt/kolla/murano-api/murano.conf"
TARGET="/etc/murano/murano.conf"
OWNER="murano"
diff --git a/docker/murano/murano-engine/config-external.sh b/docker/murano/murano-engine/config-external.sh
index 5d9a2da497..af23e0e898 100644
--- a/docker/murano/murano-engine/config-external.sh
+++ b/docker/murano/murano-engine/config-external.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-SOURCE="/opt/kolla/murano/murano.conf"
+SOURCE="/opt/kolla/murano-engine/murano.conf"
TARGET="/etc/murano/murano.conf"
OWNER="murano"
diff --git a/etc/kolla/config/murano.conf b/etc/kolla/config/murano.conf
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/etc/kolla/config/murano/murano-api.conf b/etc/kolla/config/murano/murano-api.conf
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/etc/kolla/config/murano/murano-engine.conf b/etc/kolla/config/murano/murano-engine.conf
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml
index dacfcd6ee3..4785c6b56a 100644
--- a/etc/kolla/passwords.yml
+++ b/etc/kolla/passwords.yml
@@ -43,6 +43,9 @@ heat_database_password: "password"
heat_keystone_password: "password"
heat_domain_admin_password: "password"
+murano_database_password: "password"
+murano_keystone_password: "password"
+
####################
# RabbitMQ options
####################