From 85db94e5b75c0c1b87679cb8f571f95279f7b75b Mon Sep 17 00:00:00 2001
From: Ken Wronkiewicz <wh-openstack@wirewd.com>
Date: Tue, 21 Jun 2016 14:16:17 -0700
Subject: [PATCH] Glance interface address, memcached override, and glance
 override.

Note: This should not result in any behavior changes in regular Kolla, just
Kolla-Kubernetes and only when you've overridden stuff in globals.yml

Allows override of interface address, memcached pools, and glance registry
host so that Kubernetes can do the right thing.

There are some significant architectural issues involved in memcached pooling
in the Kolla-kubernetes world.  Avoiding them right now.

Current working with this Kolla-Kubernetes globals.yml file:

api_interface_address: "0.0.0.0"

memcached_servers: "memcached"

keystone_database_address: "mariadb"
keystone_admin_url: "http://keystone-admin:35357/v3"
keystone_internal_url: "http://keystone-public:5000/v3"
keystone_public_url: "http://keystone-public:5000/v3"
glance_registry_host: "glance-registry"

Two tings to note:
 * This depends on a kolla-kubernetes patch, so that it won't be merged
   until it's safe for glance to bind to 0.0.0.0.  It's OK to bind to
   0.0.0.0 in the Kubernetes world because the network fabric controls
   access.
 * In Kolla-Kubernetes, the global.yml file doesn't do var substitution
   so you have to be explicit about the URLs, otherwise Keystone will
   look like it was provisioned but it won't quite be provisioned right.

Co-Authored-By: Ryan Hallisey <rhallise@redhat.com>
Change-Id: Ic87566118a1d4f552748392ff394b9b121c91887
Partially-implements: blueprint api-interface-bind-address-override
Depends-On: I586ce1c6c3300254c4e2a398ff46645df576aeb0
---
 ansible/roles/glance/tasks/config.yml         |  2 +-
 .../roles/glance/templates/glance-api.conf.j2 | 19 +++++++++++++++----
 .../glance/templates/glance-registry.conf.j2  | 15 +++++++++++----
 3 files changed, 27 insertions(+), 9 deletions(-)

diff --git a/ansible/roles/glance/tasks/config.yml b/ansible/roles/glance/tasks/config.yml
index 88cb5c446a..e943f54d7d 100644
--- a/ansible/roles/glance/tasks/config.yml
+++ b/ansible/roles/glance/tasks/config.yml
@@ -28,4 +28,4 @@
       - "{{ node_custom_config }}/glance/{{ inventory_hostname }}/{{ item.service }}.conf"
     dest: "{{ node_config_directory }}/{{ item.service }}/{{ item.service }}.conf"
   when: inventory_hostname in groups[item.group]
-  with_items: "{{ glance_service_groups }}"
+  with_items: "{{ glance_service_groups }}"
\ No newline at end of file
diff --git a/ansible/roles/glance/templates/glance-api.conf.j2 b/ansible/roles/glance/templates/glance-api.conf.j2
index 0ed898cc6a..3bce5a9a4b 100644
--- a/ansible/roles/glance/templates/glance-api.conf.j2
+++ b/ansible/roles/glance/templates/glance-api.conf.j2
@@ -5,11 +5,15 @@ debug = {{ glance_logging_debug }}
 log_file = /var/log/kolla/glance/api.log
 use_forwarded_for = true
 
-bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+bind_host = {{ api_interface_address }}
 bind_port = {{ glance_api_port }}
 workers = {{ openstack_service_workers }}
 
+{% if orchestration_engine == 'KUBERNETES' %}
+registry_host = {{ glance_registry_host }}
+{% else %}
 registry_host = {{ kolla_internal_fqdn }}
+{% endif %}
 
 {% if enable_ceph | bool %}
 show_image_direct_url= True
@@ -23,8 +27,8 @@ connection = mysql+pymysql://{{ glance_database_user }}:{{ glance_database_passw
 max_retries = -1
 
 [keystone_authtoken]
-auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
-auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
+auth_uri = {{ keystone_public_url }}
+auth_url = {{ keystone_admin_url }}
 auth_type = password
 project_domain_id = default
 user_domain_id = default
@@ -32,10 +36,17 @@ project_name = service
 username = {{ glance_keystone_user }}
 password = {{ glance_keystone_password }}
 
+{# For Kolla-Ansible, generate the memcache servers based on the list of
+memcached servers in the inventory and memcached_servers should be un-set.
+For Kolla-Kubernetes,  it is necessary to define the memcached_servers
+variable in globals.yml to set it to the Kubernetes service for memcached. #}
 memcache_security_strategy = ENCRYPT
 memcache_secret_key = {{ memcache_secret_key }}
+{% if orchestration_engine == 'KUBERNETES' %}
+memcache_servers = {{ memcached_servers }}
+{% else %}
 memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
-
+{%- endif %}
 
 [paste_deploy]
 flavor = keystone
diff --git a/ansible/roles/glance/templates/glance-registry.conf.j2 b/ansible/roles/glance/templates/glance-registry.conf.j2
index 92d4fcd6fe..c2f3b6bcbd 100644
--- a/ansible/roles/glance/templates/glance-registry.conf.j2
+++ b/ansible/roles/glance/templates/glance-registry.conf.j2
@@ -4,7 +4,7 @@ debug = {{ glance_logging_debug }}
 # NOTE(elemoine) log_dir alone does not work for Glance
 log_file = /var/log/kolla/glance/registry.log
 
-bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+bind_host = {{ api_interface_address }}
 bind_port = {{ glance_registry_port }}
 workers = {{ openstack_service_workers }}
 
@@ -13,8 +13,8 @@ connection = mysql+pymysql://{{ glance_database_user }}:{{ glance_database_passw
 max_retries = -1
 
 [keystone_authtoken]
-auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
-auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
+auth_uri = {{ keystone_public_url }}
+auth_url = {{ keystone_admin_url }}
 auth_type = password
 project_domain_id = default
 user_domain_id = default
@@ -22,10 +22,17 @@ project_name = service
 username = {{ glance_keystone_user }}
 password = {{ glance_keystone_password }}
 
+{# For Kolla-Ansible, generate the memcache servers based on the list of
+memcached servers in the inventory and memcached_servers should be un-set.
+For Kolla-Kubernetes,  it is necessary to define the memcached_servers
+variable in globals.yml to set it to the Kubernetes service for memcached. #}
 memcache_security_strategy = ENCRYPT
 memcache_secret_key = {{ memcache_secret_key }}
+{% if orchestration_engine == 'KUBERNETES' %}
+memcache_servers = {{ memcached_servers }}
+{% else %}
 memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
-
+{%- endif %}
 
 [paste_deploy]
 flavor = keystone