From f47fa7dcd5dae97d4bd932b11a2f4a0e2cbd731e Mon Sep 17 00:00:00 2001 From: yangshaoxue Date: Tue, 12 Oct 2021 10:31:07 +0800 Subject: [PATCH] Integration with Kolla and Kolla-Ansible 1. Add kolla and kolla-ansible integrated patch 2. Add README to introduce how we can build skyline image with kolla and deploy skyline with kolla-ansible 3. Add kolla folder as irrelevant files into jobs Change-Id: I0cc7e9ddd62fc3e20564bf8a0d98d5c7b8f8abac --- .zuul.yaml | 6 + README-zh_CN.md | 5 + README.md | 5 + kolla/README-zh_CN.md | 180 +++++++ kolla/README.md | 179 +++++++ kolla/kolla-0ba97fd.diff | 360 +++++++++++++ kolla/kolla-ansible-3d98604.diff | 848 +++++++++++++++++++++++++++++++ 7 files changed, 1583 insertions(+) create mode 100644 kolla/README-zh_CN.md create mode 100644 kolla/README.md create mode 100755 kolla/kolla-0ba97fd.diff create mode 100755 kolla/kolla-ansible-3d98604.diff diff --git a/.zuul.yaml b/.zuul.yaml index 7b57dcc..48a9de4 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -65,6 +65,7 @@ - ^.*\.rst$ - ^.*\.md$ - ^libs/skyline-console$ + - ^kolla/.*$ - skyline-tox-lint-py38: irrelevant-files: - ^container/.*$ @@ -74,6 +75,7 @@ - ^.*\.rst$ - ^.*\.md$ - ^libs/skyline-console$ + - ^kolla/.*$ - skyline-functional-devstack: irrelevant-files: - ^container/.*$ @@ -81,6 +83,7 @@ - ^tools/.*$ - ^.*\.rst$ - ^.*\.md$ + - ^kolla/.*$ gate: jobs: - skyline-tox-unittest-py38: @@ -92,6 +95,7 @@ - ^.*\.rst$ - ^.*\.md$ - ^libs/skyline-console$ + - ^kolla/.*$ - skyline-tox-lint-py38: irrelevant-files: - ^container/.*$ @@ -101,6 +105,7 @@ - ^.*\.rst$ - ^.*\.md$ - ^libs/skyline-console$ + - ^kolla/.*$ - skyline-functional-devstack: irrelevant-files: - ^container/.*$ @@ -108,6 +113,7 @@ - ^tools/.*$ - ^.*\.rst$ - ^.*\.md$ + - ^kolla/.*$ post: jobs: - publish-skyline-python-branch-tarball diff --git a/README-zh_CN.md b/README-zh_CN.md index cf77748..64a5ba0 100644 --- a/README-zh_CN.md +++ b/README-zh_CN.md @@ -22,6 +22,7 @@ Skyline 的吉祥物是九色鹿。九色鹿源自于敦煌壁画《九色鹿本 - [依赖工具](#依赖工具) - [安装和运行](#安装和运行) - [Devstack 集成](#devstack-集成) + - [Kolla Ansible 部署](#kolla-ansible-部署) ## 资源 @@ -218,3 +219,7 @@ Skyline 的吉祥物是九色鹿。九色鹿源自于敦煌壁画《九色鹿本 ## Devstack 集成 [与 Devstack 快速集成,搭建环境。](./devstack/README.rst) + +## Kolla Ansible 部署 + +[使用 Kolla Ansible 部署环境。](./kolla/README-zh_CN.md) diff --git a/README.md b/README.md index c1d848c..34fa3e1 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,7 @@ Skyline's mascot is the nine-color deer. The nine-color deer comes from Dunhuang - [Dependent tools](#dependent-tools) - [Install & Run](#install--run) - [Devstack Integration](#devstack-integration) + - [Kolla Ansible Deployment](#kolla-ansible-deployment) ## Resources @@ -218,3 +219,7 @@ You can now access the dashboard: `https://:9999` ## Devstack Integration [Fast integration with Devstack to build an environment.](./devstack/README.rst) + +## Kolla Ansible Deployment + +[Kolla Ansible to build an environment.](./kolla/README.md) diff --git a/kolla/README-zh_CN.md b/kolla/README-zh_CN.md new file mode 100644 index 0000000..1381551 --- /dev/null +++ b/kolla/README-zh_CN.md @@ -0,0 +1,180 @@ +# Kolla Ansible 部署 + +## 环境准备 + +> **部署环境配置建议:**\ +> 2个网络接口\ +> 8GB内存\ +> 100GB磁盘\ +> ubuntu20.04 / centos8 + +- kolla : `https://github.com/openstack/kolla` +- kolla-ansible : `https://github.com/openstack/kolla-ansible` +- kolla skyline patch包 : `https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-xxxxxxx.diff` +- kolla-ansible skyline patch包 : `https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-ansible-xxxxxxx.diff` + +## kolla build docker image + +- 若部署环境未安装 kolla + + ```shell + cd /opt + git clone https://github.com/openstack/kolla + curl https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-xxxxxxx.diff -o kolla.diff + cd /opt/kolla + git apply --check /opt/kolla.diff + git apply /opt/kolla.diff + sudo pip3 install /opt/kolla + ``` + +- 若部署环境已安装 kolla + + 获取 kolla 安装目录 + + ```shell + KOLLA_PACKAGE_PATH=$(python3 -c "import kolla;from pathlib import Path;print(Path(kolla.__file__).parents[1])") + KOLLA_DATA_FILES_PATH=$(python3 -c "import kolla;from pathlib import Path;print(Path(kolla.__file__).parents[4].joinpath('share/kolla'))") + ``` + + 安装 kolla patch 包 + + ```shell + curl https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-xxxxxxx.diff -o /opt/kolla.diff + cd ${KOLLA_PACKAGE_PATH} + git apply --check --include='kolla/*' /opt/kolla.diff + git apply --include='kolla/*' /opt/kolla.diff + cd ${KOLLA_DATA_FILES_PATH} + git apply --check --include='docker/*' /opt/kolla.diff + git apply --include='docker/*' /opt/kolla.diff + ``` + +### skyline 镜像构建 + +> **注 : skyline 镜像目前仅支持 ubuntu-source-skyline 版本** + +- `-b`:基础镜像类型 +- `-t`:安装方式 +- `-n`:命名空间 +- `--tag`:标签 +- `--registry`:docker仓库 +- `--push`:镜像构建之后自动推送 + +```shell +kolla-build -b ubuntu -t source -n kolla --tag master --registry 127.0.0.1:4000 --push skyline +``` + +## kolla-ansible install + +### kolla-ansible 安装 + +- 若部署环境未安装 kolla-ansible + + ```shell + cd /opt + git clone https://github.com/openstack/kolla-ansible + curl https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-ansible-xxxxxxx.diff -o kolla-ansible.diff + cd /opt/kolla-ansible + git apply --check /opt/kolla-ansible.diff + git apply /opt/kolla-ansible.diff + sudo pip3 install /opt/kolla-ansible + ``` + +- 若部署环境已安装 kolla-ansible + + 获取 kolla-ansible 安装目录 + + ```shell + KOLLA_ANSIBLE_DATA_FILES_PATH=$(python3 -c "import kolla_ansible;from pathlib import Path;print(Path(kolla_ansible.__file__).parents[4].joinpath('share/kolla-ansible'))") + ``` + + 安装 kolla-ansible patch 包 + + ```shell + curl https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-ansible-xxxxxxx.diff -o /opt/kolla-ansible.diff + cd ${KOLLA_ANSIBLE_DATA_FILES_PATH} + git apply --check --include='ansible/*' /opt/kolla-ansible.diff + git apply --include='ansible/*' /opt/kolla-ansible.diff + ``` + +### 配置文件 + +- 若没有配置文件(globals.yml/passwords.yml/all-in-one/multinode),复制配置文件并生成密码 + + ```shell + sudo mkdir -p /etc/kolla + sudo chown $USER:$USER /etc/kolla + cp -r kolla-ansible/etc/kolla/* /etc/kolla + cp kolla-ansible/ansible/inventory/* . + kolla-genpwd + ``` + +- 若已有配置文件,则需要手动更改 + - 编辑 `all-in-one` 和 `multinode` 并增加以下配置项 + + ```bash + [skyline:children] + control + ``` + + - 编辑 `/etc/kolla/passwords.yml` 并增加以下配置项,自定义密码或使用 `kolla-genpwd` 命令生成以下配置密码 + + ```shell + skyline_database_password: + skyline_keystone_password: + ``` + +创建并编辑 `/etc/ansible/ansible.cfg` 文件 + +```bash +[defaults] +host_key_checking=False +pipelining=True +forks=100 +``` + +编辑 `/etc/kolla/globals.yml` 文件,根据构建的skyline镜像更改配置项 + +```bash +network_interface: "eth0" +neutron_external_interface: "eth1" +kolla_internal_vip_address: "192.168.10.250" +enable_skyline: "yes" +docker_registry: "127.0.0.1:4000" +docker_namespace: "kolla" +kolla_base_distro: "ubuntu" +kolla_install_type: "source" +``` + +### skyline 部署 + +> **注 : 环境需已安装 Openstack 基础模块** + +kolla-ansible 进行 skyline 部署,选择 `all-in-one` 或 `multinode` 配置文件 + +```shell +kolla-ansible -i ./all-in-one bootstrap-servers -t skyline +kolla-ansible -i ./all-in-one prechecks -t skyline +kolla-ansible -i ./all-in-one deploy -t skyline +``` + +## FAQ + +### 在 skyline 镜像构建 和 skyline 部署过程中出现本地仓库 "connect: connection refused" 错误 + +编辑 `/etc/docker/daemon.json` 文件,删除以下配置项 + +```shell +bridge: "none" +``` + +重启 docker 服务 + +```shell +sudo service docker restart +``` + +启动本地镜像 registry + +```shell +docker run -d --name registry --restart=always -p 4000:5000 -v registry:/var/lib/registry registry:2 +``` diff --git a/kolla/README.md b/kolla/README.md new file mode 100644 index 0000000..151126b --- /dev/null +++ b/kolla/README.md @@ -0,0 +1,179 @@ +# Kolla Ansible Deployment + +## Environments + +> **Requirements:**\ +> 2 network interfaces\ +> 8GB main memory\ +> 100GB disk space\ +> ubuntu20.04 / centos8 + +- kolla : `https://github.com/openstack/kolla` +- kolla-ansible : `https://github.com/openstack/kolla-ansible` +- kolla skyline patch : `https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-xxxxxxx.diff` +- kolla-ansible skyline patch : `https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-ansible-xxxxxxx.diff` + +## kolla build docker image + +- If kolla is not installed in the deployment environment + + ```shell + cd /opt + git clone https://github.com/openstack/kolla-ansible + curl https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-ansible-xxxxxxx.diff -o kolla-ansible.diff + cd /opt/kolla-ansible + git apply --check /opt/kolla-ansible.diff + git apply /opt/kolla-ansible.diff + sudo pip3 install /opt/kolla-ansible + ``` + +- If kolla has been installed in the deployment environment + + Get the kolla installation directory: + + ```shell + KOLLA_PACKAGE_PATH=$(python3 -c "import kolla;from pathlib import Path;print(Path(kolla.__file__).parents[1])") + KOLLA_DATA_FILES_PATH=$(python3 -c "import kolla;from pathlib import Path;print(Path(kolla.__file__).parents[4].joinpath('share/kolla'))") + ``` + + Install kolla patch + + ```shell + curl https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-xxxxxxx.diff -o /opt/kolla.diff + cd ${KOLLA_PACKAGE_PATH} + git apply --check --include='kolla/*' /opt/kolla.diff + git apply --include='kolla/*' /opt/kolla.diff + cd ${KOLLA_DATA_FILES_PATH} + git apply --check --include='docker/*' /opt/kolla.diff + git apply --include='docker/*' /opt/kolla.diff + ``` + +### Build skyline image + +> **Note : Only provide ubuntu-source-skyline of skyline image** + +- `-b`: The distro type of the base image +- `-t`: The method of the OpenStack install +- `-n`: The Docker namespace name +- `--tag`: Docker tag +- `--registry`: The docker registry host +- `--push`: Push images after building + +```shell +kolla-build -b ubuntu -t source -n kolla --tag master --registry 127.0.0.1:4000 --push skyline +``` + +## Kolla Ansible Install + +### kolla-ansible install + +- If kolla-ansible is not installed in the deployment environment + + ```shell + cd /opt + git clone https://github.com/openstack/kolla-ansible + curl https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-ansible-xxxxxxx.diff -o kolla-ansible.diff + cd /opt/kolla-ansible + git apply --check /opt/kolla-ansible.diff + git apply /opt/kolla-ansible.diff + sudo pip3 install /opt/kolla-ansible + ``` + +- If kolla-ansible has been installed in the deployment environment + + Get the kolla-ansible installation directory: + + ```shell + KOLLA_ANSIBLE_DATA_FILES_PATH=$(python3 -c "import kolla_ansible;from pathlib import Path;print(Path(kolla_ansible.__file__).parents[4].joinpath('share/kolla-ansible'))") + ``` + + Install kolla-ansible patch + + ```shell + curl https://opendev.org/skyline/skyline-apiserver/src/branch/master/kolla/kolla-ansible-xxxxxxx.diff -o /opt/kolla-ansible.diff + cd ${KOLLA_ANSIBLE_DATA_FILES_PATH} + git apply --check --include='ansible/*' /opt/kolla-ansible.diff + git apply --include='ansible/*' /opt/kolla-ansible.diff + ``` + +### Configuration + +- If the configuration file does not exist(globals.yml/passwords.yml/all-in-one/multinode), copy the + configuration files and generate passwords + + ```shell + cp -r kolla-ansible/etc/kolla/* /etc/kolla + cp kolla-ansible/ansible/inventory/* /etc/kolla + kolla-genpwd + ``` + +- If the configuration file exists(globals.yml/passwords.yml/all-in-one/multinode), modify it + manually + - Edit `/etc/kolla/all-in-one` and `/etc/kolla/multinode`, add the following options + + ```bash + [skyline:children] + control + ``` + + - Edit `/etc/kolla/passwords.yml` and add the following options, then generate passwords manually + or by running `kolla-genpwd` + + ```shell + skyline_database_password: + skyline_keystone_password: + ``` + +Edit `/etc/ansible/ansible.cfg` file + +```bash +[defaults] +host_key_checking=False +pipelining=True +forks=100 +``` + +Edit `/etc/kolla/globals.yml` file, for example: + +```bash +network_interface: "eth0" +neutron_external_interface: "eth1" +kolla_internal_vip_address: "192.168.10.250" +enable_skyline: "yes" +docker_registry: "127.0.0.1:4000" +docker_namespace: "kolla" +kolla_base_distro: "ubuntu" +kolla_install_type: "source" +``` + +### Skyline Deployment + +> **Note : Openstack basic modules have been installed** + +```shell +kolla-ansible -i ./all-in-one bootstrap-servers -t skyline +kolla-ansible -i ./all-in-one prechecks -t skyline +kolla-ansible -i ./all-in-one deploy -t skyline +``` + +## FAQ + +### Local Repository Error "connect: Connection refused" occurred during skyline image build and skyline deployment + +Edit `/etc/docker/daemon.json` file and Delete the following options + +```shell +bridge: "none" +``` + +Restart docker service + +```shell +sudo service docker restart +``` + +Run local registry + +```shell +docker run -d --name registry --restart=always -p 4000:5000 -v registry:/var/lib/registry registry:2 +``` diff --git a/kolla/kolla-0ba97fd.diff b/kolla/kolla-0ba97fd.diff new file mode 100755 index 0000000..c303f53 --- /dev/null +++ b/kolla/kolla-0ba97fd.diff @@ -0,0 +1,360 @@ +From 0ba97fdcee8b832f6f9586ce1af52de8a66c4182 Mon Sep 17 00:00:00 2001 +From: yangshaoxue +Date: Fri, 24 Sep 2021 10:03:16 +0800 +Subject: [PATCH] Skyline: Add skyline dockerfile + +Add skyline dockerfile + +Change-Id: I4e528760fd4520a5cc9b18d8564716671b9f6e74 +--- + +diff --git a/docker/openstack-base/Dockerfile.j2 b/docker/openstack-base/Dockerfile.j2 +index f0b3309..ee7d269 100644 +--- a/docker/openstack-base/Dockerfile.j2 ++++ b/docker/openstack-base/Dockerfile.j2 +@@ -330,6 +330,12 @@ + + ENV PATH /var/lib/kolla/venv/bin:$PATH + ++{% set setuptools_pip_packages = [ ++ 'setuptools==57.5.0' ++] %} ++ ++RUN {{ macros.install_pip(setuptools_pip_packages | customizable("pip_packages"), constraints = false) }} ++ + RUN {{ macros.install_pip(openstack_base_pip_packages | customizable("pip_packages")) }} + + {% endif %} +diff --git a/docker/skyline/skyline-apiserver-base/Dockerfile.j2 b/docker/skyline/skyline-apiserver-base/Dockerfile.j2 +new file mode 100644 +index 0000000..bc7ee3d +--- /dev/null ++++ b/docker/skyline/skyline-apiserver-base/Dockerfile.j2 +@@ -0,0 +1,18 @@ ++FROM {{ namespace }}/{{ image_prefix }}skyline-policy-manager-base:{{ tag }} ++{% block labels %} ++LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}" ++{% endblock %} ++ ++{% block skyline_apiserver_base_header %}{% endblock %} ++ ++{% import "macros.j2" as macros with context %} ++ ++{% set skyline_apiserver_base_pip_packages = [ ++ '/skyline-apiserver', ++] %} ++ ++ADD skyline-apiserver-base-archive /skyline-apiserver-base-source ++RUN ln -s skyline-apiserver-base-source/* skyline-apiserver \ ++ && {{ macros.install_pip(skyline_apiserver_base_pip_packages | customizable("pip_packages"), constraints = false) }} ++ ++{% block skyline_apiserver_base_footer %}{% endblock %} +diff --git a/docker/skyline/skyline-base/Dockerfile.j2 b/docker/skyline/skyline-base/Dockerfile.j2 +new file mode 100644 +index 0000000..cd2e902 +--- /dev/null ++++ b/docker/skyline/skyline-base/Dockerfile.j2 +@@ -0,0 +1,32 @@ ++FROM {{ namespace }}/{{ image_prefix }}openstack-base:{{ tag }} ++{% block labels %} ++LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}" ++{% endblock %} ++ ++{% block skyline_base_header %}{% endblock %} ++ ++{% import "macros.j2" as macros with context %} ++ ++{{ macros.configure_user(name='skyline') }} ++ ++{% set skyline_base_packages = [ ++ 'nginx', ++ 'traceroute', ++ 'vim', ++ 'wget' ++] %} ++ ++{% if base_package_type == 'rpm' %} ++ {% set skyline_base_packages = skyline_base_packages + [ ++ ] %} ++{% elif base_package_type == 'deb' %} ++ {% set skyline_base_packages = skyline_base_packages + [ ++ 'iputils-ping', ++ 'locales-all', ++ 'ssl-cert' ++ ] %} ++{% endif %} ++ ++{{ macros.install_packages(skyline_base_packages | customizable("packages")) }} ++ ++{% block skyline_base_footer %}{% endblock %} +diff --git a/docker/skyline/skyline-config-base/Dockerfile.j2 b/docker/skyline/skyline-config-base/Dockerfile.j2 +new file mode 100644 +index 0000000..496b5dd +--- /dev/null ++++ b/docker/skyline/skyline-config-base/Dockerfile.j2 +@@ -0,0 +1,18 @@ ++FROM {{ namespace }}/{{ image_prefix }}skyline-console-base:{{ tag }} ++{% block labels %} ++LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}" ++{% endblock %} ++ ++{% block skyline_config_base_header %}{% endblock %} ++ ++{% import "macros.j2" as macros with context %} ++ ++{% set skyline_config_base_pip_packages = [ ++ '/skyline-config', ++] %} ++ ++ADD skyline-config-base-archive /skyline-config-base-source ++RUN ln -s skyline-config-base-source/* skyline-config \ ++ && {{ macros.install_pip(skyline_config_base_pip_packages | customizable("pip_packages"), constraints = false) }} ++ ++{% block skyline_config_base_footer %}{% endblock %} +diff --git a/docker/skyline/skyline-console-base/Dockerfile.j2 b/docker/skyline/skyline-console-base/Dockerfile.j2 +new file mode 100644 +index 0000000..9b25733 +--- /dev/null ++++ b/docker/skyline/skyline-console-base/Dockerfile.j2 +@@ -0,0 +1,18 @@ ++FROM {{ namespace }}/{{ image_prefix }}skyline-log-base:{{ tag }} ++{% block labels %} ++LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}" ++{% endblock %} ++ ++{% block skyline_console_base_header %}{% endblock %} ++ ++{% import "macros.j2" as macros with context %} ++ ++{% set skyline_console_base_pip_packages = [ ++ '/skyline-console', ++] %} ++ ++ADD skyline-console-base-archive /skyline-console-base-source ++RUN ln -s skyline-console-base-source/* skyline-console \ ++ && {{ macros.install_pip(skyline_console_base_pip_packages | customizable("pip_packages"), constraints = false) }} ++ ++{% block skyline_console_base_footer %}{% endblock %} +diff --git a/docker/skyline/skyline-log-base/Dockerfile.j2 b/docker/skyline/skyline-log-base/Dockerfile.j2 +new file mode 100644 +index 0000000..db0d992 +--- /dev/null ++++ b/docker/skyline/skyline-log-base/Dockerfile.j2 +@@ -0,0 +1,18 @@ ++FROM {{ namespace }}/{{ image_prefix }}skyline-base:{{ tag }} ++{% block labels %} ++LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}" ++{% endblock %} ++ ++{% block skyline_log_base_header %}{% endblock %} ++ ++{% import "macros.j2" as macros with context %} ++ ++{% set skyline_log_base_pip_packages = [ ++ '/skyline-log', ++] %} ++ ++ADD skyline-log-base-archive /skyline-log-base-source ++RUN ln -s skyline-log-base-source/* skyline-log \ ++ && {{ macros.install_pip(skyline_log_base_pip_packages | customizable("pip_packages"), constraints = false) }} ++ ++{% block skyline_log_base_footer %}{% endblock %} +diff --git a/docker/skyline/skyline-nginx-base/Dockerfile.j2 b/docker/skyline/skyline-nginx-base/Dockerfile.j2 +new file mode 100644 +index 0000000..15d6769 +--- /dev/null ++++ b/docker/skyline/skyline-nginx-base/Dockerfile.j2 +@@ -0,0 +1,19 @@ ++FROM {{ namespace }}/{{ image_prefix }}skyline-apiserver-base:{{ tag }} ++{% block labels %} ++LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}" ++{% endblock %} ++ ++{% block skyline_nginx_base_header %}{% endblock %} ++ ++{% import "macros.j2" as macros with context %} ++ ++{% set skyline_nginx_base_pip_packages = [ ++ '/skyline-nginx', ++] %} ++ ++ADD skyline-nginx-base-archive /skyline-nginx-base-source ++RUN ln -s skyline-nginx-base-source/* skyline-nginx \ ++ && sed -i "s#/var/log#/var/log/kolla#g" /skyline-nginx/skyline_nginx/templates/nginx.conf.j2 \ ++ && {{ macros.install_pip(skyline_nginx_base_pip_packages | customizable("pip_packages"), constraints = false) }} ++ ++{% block skyline_nginx_base_footer %}{% endblock %} +diff --git a/docker/skyline/skyline-policy-manager-base/Dockerfile.j2 b/docker/skyline/skyline-policy-manager-base/Dockerfile.j2 +new file mode 100644 +index 0000000..bbc9ffc +--- /dev/null ++++ b/docker/skyline/skyline-policy-manager-base/Dockerfile.j2 +@@ -0,0 +1,18 @@ ++FROM {{ namespace }}/{{ image_prefix }}skyline-config-base:{{ tag }} ++{% block labels %} ++LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}" ++{% endblock %} ++ ++{% block skyline_policy_manager_base_header %}{% endblock %} ++ ++{% import "macros.j2" as macros with context %} ++ ++{% set skyline_policy_manager_base_pip_packages = [ ++ '/skyline-policy-manager', ++] %} ++ ++ADD skyline-policy-manager-base-archive /skyline-policy-manager-base-source ++RUN ln -s skyline-policy-manager-base-source/* skyline-policy-manager \ ++ && {{ macros.install_pip(skyline_policy_manager_base_pip_packages | customizable("pip_packages"), constraints = false) }} ++ ++{% block skyline_policy_manager_base_footer %}{% endblock %} +diff --git a/docker/skyline/skyline/Dockerfile.j2 b/docker/skyline/skyline/Dockerfile.j2 +new file mode 100644 +index 0000000..00a69ef +--- /dev/null ++++ b/docker/skyline/skyline/Dockerfile.j2 +@@ -0,0 +1,14 @@ ++FROM {{ namespace }}/{{ image_prefix }}skyline-nginx-base:{{ tag }} ++{% block labels %} ++LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}" ++{% endblock %} ++ ++{% block skyline_header %}{% endblock %} ++ ++{% import "macros.j2" as macros with context %} ++ ++COPY extend_start.sh /usr/local/bin/kolla_extend_start ++RUN chmod 755 /usr/local/bin/kolla_extend_start ++ ++{% block skyline_footer %}{% endblock %} ++{% block footer %}{% endblock %} +diff --git a/docker/skyline/skyline/extend_start.sh b/docker/skyline/skyline/extend_start.sh +new file mode 100644 +index 0000000..621002e +--- /dev/null ++++ b/docker/skyline/skyline/extend_start.sh +@@ -0,0 +1,26 @@ ++#!/bin/bash ++ ++if [[ ! -d "/var/log/kolla/skyline" ]]; then ++ mkdir -p /var/log/kolla/skyline ++fi ++if [[ $(stat -c %a /var/log/kolla/skyline) != "755" ]]; then ++ chmod 755 /var/log/kolla/skyline ++fi ++ ++if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then ++ # TODO ugly path ++ pushd /var/lib/kolla/venv/lib/python3.8/site-packages/skyline_apiserver/db/alembic ++ alembic upgrade head ++ popd ++ exit 0 ++fi ++ ++if [[ -n "${SSL_CERTFILE}" && -n "${SSL_KEYFILE}" ]]; then ++ nginx-generator -o /etc/nginx/nginx.conf --ssl-certfile "${SSL_CERTFILE}" --ssl-keyfile "${SSL_KEYFILE}" ++else ++ nginx-generator -o /etc/nginx/nginx.conf ++fi ++ ++sed -i "s/listen 9999/listen ${LISTEN_ADDRESS}:9999/" /etc/nginx/nginx.conf ++ ++nginx +diff --git a/kolla/common/config.py b/kolla/common/config.py +index f5075a3..1024002 100755 +--- a/kolla/common/config.py ++++ b/kolla/common/config.py +@@ -32,12 +32,12 @@ + 'debian': 'Debian GNU/Linux 11 (bullseye)', + 'ubuntu': 'Ubuntu 20.04', + } +-OPENSTACK_RELEASE = 'xena' ++OPENSTACK_RELEASE = 'master' + + # This is noarch repository so we will use it on all architectures +-DELOREAN = "https://trunk.rdoproject.org/centos8-xena/" \ ++DELOREAN = "https://trunk.rdoproject.org/centos8-master/" \ + "consistent/delorean.repo" +-DELOREAN_DEPS = "https://trunk.rdoproject.org/centos8-xena/" \ ++DELOREAN_DEPS = "https://trunk.rdoproject.org/centos8-master/" \ + "delorean-deps.repo" + + INSTALL_TYPE_CHOICES = ['binary', 'source'] +@@ -136,6 +136,7 @@ + 'proxysql', + 'openvswitch', + 'rabbitmq', ++ 'skyline' + ], + help='Default images'), + ] +@@ -595,6 +596,30 @@ + 'type': 'url', + 'location': ('$tarballs_base/openstack/senlin/' + 'senlin-${openstack_branch}.tar.gz')}, ++ 'skyline-log-base': { ++ 'type': 'url', ++ 'location': ('$tarballs_base/skyline/skyline-apiserver/' ++ 'skyline-log-${openstack_branch}.tar.gz')}, ++ 'skyline-console-base': { ++ 'type': 'url', ++ 'location': ('$tarballs_base/skyline/skyline-apiserver/' ++ 'skyline-console-${openstack_branch}.tar.gz')}, ++ 'skyline-config-base': { ++ 'type': 'url', ++ 'location': ('$tarballs_base/skyline/skyline-apiserver/' ++ 'skyline-config-${openstack_branch}.tar.gz')}, ++ 'skyline-policy-manager-base': { ++ 'type': 'url', ++ 'location': ('$tarballs_base/skyline/skyline-apiserver/' ++ 'skyline-policy-manager-${openstack_branch}.tar.gz')}, ++ 'skyline-apiserver-base': { ++ 'type': 'url', ++ 'location': ('$tarballs_base/skyline/skyline-apiserver/' ++ 'skyline-apiserver-${openstack_branch}.tar.gz')}, ++ 'skyline-nginx-base': { ++ 'type': 'url', ++ 'location': ('$tarballs_base/skyline/skyline-apiserver/' ++ 'skyline-nginx-${openstack_branch}.tar.gz')}, + 'solum-base': { + 'type': 'url', + 'location': ('$tarballs_base/openstack/solum/' +@@ -945,6 +970,10 @@ + 'proxysql-user': { + 'uid': 42487, + 'gid': 42487, ++ }, ++ 'skyline-user': { ++ 'uid': 42488, ++ 'gid': 42488, + } + } + +diff --git a/kolla/image/build.py b/kolla/image/build.py +index a868726..f4ec4d8 100755 +--- a/kolla/image/build.py ++++ b/kolla/image/build.py +@@ -96,6 +96,7 @@ + "solum-base", + "vmtp", + "zun-base", ++ "skyline-base", + }, + + 'source+aarch64': { +@@ -108,6 +109,7 @@ + "nova-spicehtml5proxy", # Missing spicehtml5 package + "ovsdpdk", # Not supported on CentOS + "tgtd", # Not supported on CentOS 8 ++ "skyline-base", + }, + + 'debian': { +@@ -115,6 +117,7 @@ + # Debian 'buster' + "ovn-base", # needs more checking + "qdrouterd", ++ "skyline-base", + }, + + 'ubuntu': { diff --git a/kolla/kolla-ansible-3d98604.diff b/kolla/kolla-ansible-3d98604.diff new file mode 100755 index 0000000..5ca4fc6 --- /dev/null +++ b/kolla/kolla-ansible-3d98604.diff @@ -0,0 +1,848 @@ +From 3d98604c16f7d60127122df5185843873a8ff70d Mon Sep 17 00:00:00 2001 +From: yangshaoxue +Date: Thu, 23 Sep 2021 16:50:17 +0800 +Subject: [PATCH] Skyline: Add skyline role + +Add skyline role + +Depends-On: https://review.opendev.org/c/openstack/kolla/+/810796 + +Change-Id: I5243c88ffbdb72fd3ad2e0eb6a41bd2b341f89b8 +--- + +diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml +index d27139d..2afe4d2 100644 +--- a/ansible/group_vars/all.yml ++++ b/ansible/group_vars/all.yml +@@ -47,10 +47,13 @@ + # Valid options are [ binary, source ] + kolla_install_type: "source" + ++kolla_admin_vip_address: "{{ kolla_internal_vip_address }}" ++kolla_admin_fqdn: "{{ kolla_internal_fqdn if kolla_same_internal_admin_vip | bool else kolla_admin_vip_address }}" + kolla_internal_vip_address: "{{ kolla_internal_address | default('') }}" + kolla_internal_fqdn: "{{ kolla_internal_vip_address }}" + kolla_external_vip_address: "{{ kolla_internal_vip_address }}" + kolla_same_external_internal_vip: "{{ kolla_external_vip_address == kolla_internal_vip_address }}" ++kolla_same_internal_admin_vip: "{{ kolla_internal_vip_address == kolla_admin_vip_address }}" + kolla_external_fqdn: "{{ kolla_internal_fqdn if kolla_same_external_internal_vip | bool else kolla_external_vip_address }}" + + kolla_enable_sanity_checks: "no" +@@ -481,6 +484,13 @@ + skydive_analyzer_port: "8085" + skydive_agents_port: "8090" + ++skyline_port: "9999" ++skyline_enable_tls_backend: "{{ kolla_enable_tls_backend }}" ++skyline_cert: "{{ container_config_directory }}/skyline-cert.pem" ++skyline_key: "{{ container_config_directory }}/skyline-key.pem" ++skyline_ssl_certfile: "{{ skyline_cert if skyline_enable_tls_backend | bool else '' }}" ++skyline_ssl_keyfile: "{{ skyline_key if skyline_enable_tls_backend | bool else '' }}" ++ + solum_application_deployment_port: "9777" + solum_image_builder_port: "9778" + +@@ -691,6 +701,7 @@ + enable_sahara: "no" + enable_senlin: "no" + enable_skydive: "no" ++enable_skyline: "no" + enable_solum: "no" + enable_storm: "{{ enable_monasca | bool and monasca_enable_alerting_pipeline | bool }}" + enable_swift: "no" +diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one +index 66e17b4..c1d9925 100644 +--- a/ansible/inventory/all-in-one ++++ b/ansible/inventory/all-in-one +@@ -213,6 +213,9 @@ + [skydive:children] + monitoring + ++[skyline:children] ++control ++ + [redis:children] + control + +diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode +index 63247ff..bd94759 100644 +--- a/ansible/inventory/multinode ++++ b/ansible/inventory/multinode +@@ -231,6 +231,9 @@ + [skydive:children] + monitoring + ++[skyline:children] ++control ++ + [redis:children] + control + +diff --git a/ansible/roles/common/tasks/config.yml b/ansible/roles/common/tasks/config.yml +index 94d6d63..30e6ea3 100644 +--- a/ansible/roles/common/tasks/config.yml ++++ b/ansible/roles/common/tasks/config.yml +@@ -229,6 +229,7 @@ + - { name: "sahara", enabled: "{{ enable_sahara | bool }}" } + - { name: "senlin", enabled: "{{ enable_senlin | bool }}" } + - { name: "skydive", enabled: "{{ enable_skydive | bool }}" } ++ - { name: "skyline", enabled: "{{ enable_skyline | bool }}" } + - { name: "solum", enabled: "{{ enable_solum | bool }}" } + - { name: "storm", enabled: "{{ enable_storm | bool }}" } + - { name: "swift", enabled: "{{ enable_swift | bool }}" } +diff --git a/ansible/roles/skyline/defaults/main.yml b/ansible/roles/skyline/defaults/main.yml +new file mode 100644 +index 0000000..72e49ab +--- /dev/null ++++ b/ansible/roles/skyline/defaults/main.yml +@@ -0,0 +1,187 @@ ++--- ++project_name: "skyline" ++ ++skyline_services: ++ skyline: ++ container_name: "skyline" ++ group: skyline ++ enabled: true ++ image: "{{ skyline_image_full }}" ++ volumes: "{{ skyline_volumes }}" ++ haproxy: ++ skyline: ++ enabled: "{{ enable_skyline|bool }}" ++ mode: "tcp" ++ port: "{{ skyline_port }}" ++ listen_port: "{{ skyline_port }}" ++ frontend_tcp_extra: ++ - "option clitcpka" ++ - "timeout client 3600s" ++ backend_tcp_extra: ++ - "option srvtcpka" ++ - "timeout server 3600s" ++ custom_member_list: "{{ internal_haproxy_members.split(';') }}" ++ skyline_external: ++ enabled: "{{ enable_skyline|bool }}" ++ mode: "tcp" ++ external: true ++ port: "{{ skyline_port }}" ++ listen_port: "{{ skyline_port }}" ++ frontend_tcp_extra: ++ - "option clitcpka" ++ - "timeout client 3600s" ++ backend_tcp_extra: ++ - "option srvtcpka" ++ - "timeout server 3600s" ++ custom_member_list: "{{ external_haproxy_members.split(';') }}" ++ skyline_admin: ++ enabled: "{{ enable_skyline|bool and not kolla_same_internal_admin_vip|bool }}" ++ mode: "tcp" ++ external: false ++ port: "{{ skyline_port }}" ++ listen_port: "{{ skyline_port }}" ++ frontend_tcp_extra: ++ - "option clitcpka" ++ - "timeout client 3600s" ++ backend_tcp_extra: ++ - "option srvtcpka" ++ - "timeout server 3600s" ++ custom_member_list: "{{ admin_haproxy_members.split(';') }}" ++ ++#################### ++# Registry config ++#################### ++openstack_skyline_auth: "{{ openstack_auth }}" ++skyline_keystone_user: skyline ++skyline_admin_endpoint: "{{ admin_protocol }}://{{ kolla_admin_fqdn | put_address_in_context('url') }}:{{ skyline_port }}" ++skyline_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ skyline_port }}" ++skyline_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ skyline_port }}" ++skyline_ks_services: ++ - name: "skyline" ++ type: "panel" ++ description: "Custom API" ++ endpoints: ++ - {'interface': 'admin', 'url': '{{ skyline_admin_endpoint }}'} ++ - {'interface': 'internal', 'url': '{{ skyline_internal_endpoint }}'} ++ - {'interface': 'public', 'url': '{{ skyline_public_endpoint }}'} ++skyline_ks_users: ++ - project: service ++ user: "{{ skyline_keystone_user }}" ++ password: "{{ skyline_keystone_password }}" ++ role: admin ++ ++#################### ++# Database config ++#################### ++skyline_database_name: skyline ++skyline_database_user: skyline ++skyline_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}" ++ ++#################### ++# HAProxy ++#################### ++internal_haproxy_members: "{% for host in groups['skyline'] %}server {{ hostvars[host]['ansible_hostname'] }} {{ 'api' | kolla_address(host) }}:{{ skyline_port }} check inter 2000 rise 2 fall 5{% if not loop.first %} backup{% endif %};{% endfor %}" ++external_haproxy_members: "{% for host in groups['skyline'] %}server {{ host }} {{ host }}:{{ skyline_port }} check inter 2000 rise 2 fall 5{% if not loop.first %} backup{% endif %};{% endfor %}" ++admin_haproxy_members: "{% for host in groups['skyline'] %}server {{ host }} {{ host }}:{{ skyline_port }} check inter 2000 rise 2 fall 5{% if not loop.first %} backup{% endif %};{% endfor %}" ++ ++#################### ++# Docker image ++#################### ++skyline_distro: "{{ kolla_base_distro }}" ++skyline_install_type: "{{ kolla_install_type }}" ++skyline_release: "{{ openstack_release }}" ++ ++skyline_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ skyline_distro }}-{{ skyline_install_type }}-skyline" ++skyline_tag: "{{ skyline_release }}" ++skyline_image_full: "{{ skyline_image }}:{{ skyline_tag }}" ++ ++#################### ++# Skyline config ++#################### ++debug: false ++log_dir: /var/log/kolla/ ++skyline_show_raw_sql: false ++skyline_access_token_expire_seconds: 3600 ++skyline_access_token_renew_seconds: 1800 ++skyline_backend_cors_origins: [] ++skyline_nginx_prefix: /api/openstack ++skyline_base_domains: ++ - heat_user_domain ++skyline_base_roles: ++ - keystone_system_admin ++ - keystone_system_reader ++ - keystone_project_admin ++ - keystone_project_member ++ - keystone_project_reader ++ - nova_system_admin ++ - nova_system_reader ++ - nova_project_admin ++ - nova_project_member ++ - nova_project_reader ++ - cinder_system_admin ++ - cinder_system_reader ++ - cinder_project_admin ++ - cinder_project_member ++ - cinder_project_reader ++ - glance_system_admin ++ - glance_system_reader ++ - glance_project_admin ++ - glance_project_member ++ - glance_project_reader ++ - neutron_system_admin ++ - neutron_system_reader ++ - neutron_project_admin ++ - neutron_project_member ++ - neutron_project_reader ++ - heat_system_admin ++ - heat_system_reader ++ - heat_project_admin ++ - heat_project_member ++ - heat_project_reader ++ - placement_system_admin ++ - placement_system_reader ++ - panko_system_admin ++ - panko_system_reader ++ - panko_project_admin ++ - panko_project_member ++ - panko_project_reader ++ - ironic_system_admin ++ - ironic_system_reader ++ - octavia_system_admin ++ - octavia_system_reader ++ - octavia_project_admin ++ - octavia_project_member ++ - octavia_project_reader ++skyline_extension_mapping: ++ fwaas_v2: neutron_firewall ++ vpnaas: neutron_vpn ++skyline_service_mapping: ++ compute: nova ++ identity: keystone ++ image: glance ++ network: neutron ++ orchestration: heat ++ placement: placement ++ volumev3: cinder ++skyline_system_admin_roles: ++ - admin ++ - system_admin ++skyline_system_reader_roles: ++ - system_reader ++skyline_keystone_url: "{{ keystone_internal_url }}/v3/" ++skyline_secret_key: aCtmgbcUqYUy_HNVg5BDXCaeJgJQzHJXwqbXr0Nmb2o ++skyline_session_name: session ++skyline_reclaim_instance_interval: 604800 ++ ++skyline_gunicorn_debug_level: debug ++skyline_gunicorn_timeout: 3600 ++skyline_gunicorn_keepalive: 5 ++ ++################### ++# volumes ++################### ++skyline_volumes: ++ - "kolla_logs:{{ log_dir }}" ++ - "/etc/localtime:/etc/localtime:ro" ++ - "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}" ++ - "{{ node_config_directory }}/skyline/:{{ container_config_directory }}/:ro" +diff --git a/ansible/roles/skyline/handlers/main.yml b/ansible/roles/skyline/handlers/main.yml +new file mode 100644 +index 0000000..9108b03 +--- /dev/null ++++ b/ansible/roles/skyline/handlers/main.yml +@@ -0,0 +1,19 @@ ++--- ++- name: Restart skyline container ++ vars: ++ service_name: skyline ++ service: "{{ skyline_services[service_name] }}" ++ become: true ++ kolla_docker: ++ action: "recreate_or_restart_container" ++ common_options: "{{ docker_common_options }}" ++ environment: ++ SSL_KEYFILE: ++ SSL_CERTFILE: ++ LISTEN_ADDRESS: "{{ api_interface_address | put_address_in_context('url') }}" ++ KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" ++ name: "{{ service.container_name }}" ++ image: "{{ service.image }}" ++ volumes: "{{ service.volumes }}" ++ when: ++ - kolla_action != "config" +diff --git a/ansible/roles/skyline/tasks/bootstrap.yml b/ansible/roles/skyline/tasks/bootstrap.yml +new file mode 100644 +index 0000000..175fb1c +--- /dev/null ++++ b/ansible/roles/skyline/tasks/bootstrap.yml +@@ -0,0 +1,52 @@ ++--- ++- name: Creating skyline database ++ become: true ++ kolla_toolbox: ++ module_name: mysql_db ++ module_args: ++ login_host: "{{ database_address }}" ++ login_port: "{{ database_port }}" ++ login_user: "{{ database_user }}" ++ login_password: "{{ database_password }}" ++ name: "{{ skyline_database_name }}" ++ register: database ++ run_once: True ++ delegate_to: "{{ groups['skyline'][0] }}" ++ ++- name: Creating skyline database user and setting permissions ++ become: true ++ kolla_toolbox: ++ module_name: mysql_user ++ module_args: ++ login_host: "{{ database_address }}" ++ login_port: "{{ database_port }}" ++ login_user: "{{ database_user }}" ++ login_password: "{{ database_password }}" ++ name: "{{ skyline_database_user }}" ++ password: "{{ skyline_database_password }}" ++ host: "%" ++ priv: "{{ skyline_database_name }}.*:ALL" ++ append_privs: "yes" ++ run_once: True ++ delegate_to: "{{ groups['skyline'][0] }}" ++ ++- name: Creating boostrap container ++ vars: ++ service_name: skyline ++ service: "{{ skyline_services[service_name] }}" ++ become: true ++ kolla_docker: ++ action: "start_container" ++ name: "bootstrap_{{ service.container_name }}" ++ common_options: "{{ docker_common_options }}" ++ image: "{{ service.image }}" ++ detach: False ++ restart_policy: no ++ volumes: "{{ service.volumes }}" ++ environment: ++ KOLLA_BOOTSTRAP: ++ KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" ++ labels: ++ BOOTSTRAP: ++ run_once: True ++ delegate_to: "{{ groups['skyline'][0] }}" +diff --git a/ansible/roles/skyline/tasks/check.yml b/ansible/roles/skyline/tasks/check.yml +new file mode 100644 +index 0000000..ed97d53 +--- /dev/null ++++ b/ansible/roles/skyline/tasks/check.yml +@@ -0,0 +1 @@ ++--- +diff --git a/ansible/roles/skyline/tasks/config.yml b/ansible/roles/skyline/tasks/config.yml +new file mode 100644 +index 0000000..ed5697a +--- /dev/null ++++ b/ansible/roles/skyline/tasks/config.yml +@@ -0,0 +1,83 @@ ++--- ++- name: Ensuring config directories exist ++ become: true ++ file: ++ path: "{{ node_config_directory }}/{{ item.key }}" ++ state: "directory" ++ recurse: yes ++ when: ++ - inventory_hostname in groups[item.value.group] ++ - item.value.enabled | bool ++ with_dict: "{{ skyline_services }}" ++ ++- name: Ensuring log directories exist ++ file: ++ path: "{{ docker_runtime_directory or '/var/lib/docker' }}/volumes/kolla_logs/_data/{{ item.key }}" ++ state: directory ++ recurse: yes ++ when: ++ - inventory_hostname in groups[item.value.group] ++ - item.value.enabled | bool ++ with_dict: "{{ skyline_services }}" ++ ++- include_tasks: copy-certs.yml ++ when: ++ - skyline_enable_tls_backend | bool ++ ++- name: Copying over config.yaml files for services ++ become: true ++ template: ++ src: "{{ item.key }}.yaml.j2" ++ dest: "{{ node_config_directory }}/{{ item.key }}/skyline.yaml" ++ mode: "0660" ++ when: ++ - inventory_hostname in groups[item.value.group] ++ - item.value.enabled | bool ++ with_dict: "{{ skyline_services }}" ++ notify: ++ - "Restart {{ item.key }} container" ++ ++- name: Copying over gunicorn.py files for services ++ become: true ++ template: ++ src: "gunicorn.py.j2" ++ dest: "{{ node_config_directory }}/{{ item.key }}/gunicorn.py" ++ mode: "0660" ++ when: ++ - inventory_hostname in groups[item.value.group] ++ - item.value.enabled | bool ++ with_dict: "{{ skyline_services }}" ++ notify: ++ - "Restart {{ item.key }} container" ++ ++- name: Copying over config.json files for services ++ become: true ++ template: ++ src: "{{ item.key }}.json.j2" ++ dest: "{{ node_config_directory }}/{{ item.key }}/config.json" ++ mode: "0660" ++ when: ++ - inventory_hostname in groups[item.value.group] ++ - item.value.enabled | bool ++ with_dict: "{{ skyline_services }}" ++ notify: ++ - "Restart {{ item.key }} container" ++ ++- name: Check skyline containers ++ become: true ++ kolla_docker: ++ action: "compare_container" ++ common_options: "{{ docker_common_options }}" ++ name: "{{ item.value.container_name }}" ++ image: "{{ item.value.image }}" ++ volumes: "{{ item.value.volumes }}" ++ environment: ++ SSL_CERTFILE: "{{ skyline_ssl_certfile }}" ++ SSL_KEYFILE: "{{ skyline_ssl_keyfile }}" ++ register: check_skyline_containers ++ when: ++ - inventory_hostname in groups[item.value.group] ++ - item.value.enabled | bool ++ with_dict: "{{ skyline_services }}" ++ notify: ++ - "Restart {{ item.key }} container" +diff --git a/ansible/roles/skyline/tasks/copy-certs.yml b/ansible/roles/skyline/tasks/copy-certs.yml +new file mode 100644 +index 0000000..3f39794 +--- /dev/null ++++ b/ansible/roles/skyline/tasks/copy-certs.yml +@@ -0,0 +1,6 @@ ++--- ++- name: "Copy certificates and keys for {{ project_name }}" ++ import_role: ++ role: service-cert-copy ++ vars: ++ project_services: "{{ skyline_services }}" +diff --git a/ansible/roles/skyline/tasks/deploy.yml b/ansible/roles/skyline/tasks/deploy.yml +new file mode 100644 +index 0000000..0d49d33 +--- /dev/null ++++ b/ansible/roles/skyline/tasks/deploy.yml +@@ -0,0 +1,13 @@ ++--- ++- include: precheck.yml ++ ++- include: pull.yml ++ ++- include: register.yml ++ ++- include: config.yml ++ ++- include: bootstrap.yml ++ ++- name: Flush handlers ++ meta: flush_handlers +diff --git a/ansible/roles/skyline/tasks/loadbalancer.yml b/ansible/roles/skyline/tasks/loadbalancer.yml +new file mode 100644 +index 0000000..d4759ea +--- /dev/null ++++ b/ansible/roles/skyline/tasks/loadbalancer.yml +@@ -0,0 +1,7 @@ ++--- ++- name: "Configure haproxy for {{ project_name }}" ++ import_role: ++ name: haproxy-config ++ vars: ++ project_services: "{{ skyline_services }}" ++ tags: always +diff --git a/ansible/roles/skyline/tasks/main.yml b/ansible/roles/skyline/tasks/main.yml +new file mode 100644 +index 0000000..bc5d1e6 +--- /dev/null ++++ b/ansible/roles/skyline/tasks/main.yml +@@ -0,0 +1,2 @@ ++--- ++- include_tasks: "{{ kolla_action }}.yml" +diff --git a/ansible/roles/skyline/tasks/precheck.yml b/ansible/roles/skyline/tasks/precheck.yml +new file mode 100644 +index 0000000..8cfcb92 +--- /dev/null ++++ b/ansible/roles/skyline/tasks/precheck.yml +@@ -0,0 +1,18 @@ ++--- ++- name: Get container facts ++ become: true ++ kolla_container_facts: ++ name: ++ - skyline ++ register: container_facts ++ ++- name: Checking free port for Skyline ++ wait_for: ++ host: "{{ api_interface_address }}" ++ port: "{{ skyline_port }}" ++ connect_timeout: 1 ++ timeout: 1 ++ state: stopped ++ when: ++ - container_facts['skyline'] is not defined ++ - inventory_hostname in groups['skyline'] +diff --git a/ansible/roles/skyline/tasks/pull.yml b/ansible/roles/skyline/tasks/pull.yml +new file mode 100644 +index 0000000..53f9c5f +--- /dev/null ++++ b/ansible/roles/skyline/tasks/pull.yml +@@ -0,0 +1,3 @@ ++--- ++- import_role: ++ role: service-images-pull +diff --git a/ansible/roles/skyline/tasks/reconfigure.yml b/ansible/roles/skyline/tasks/reconfigure.yml +new file mode 100644 +index 0000000..f670a5b +--- /dev/null ++++ b/ansible/roles/skyline/tasks/reconfigure.yml +@@ -0,0 +1,2 @@ ++--- ++- include_tasks: deploy.yml +diff --git a/ansible/roles/skyline/tasks/register.yml b/ansible/roles/skyline/tasks/register.yml +new file mode 100644 +index 0000000..f0ec84e +--- /dev/null ++++ b/ansible/roles/skyline/tasks/register.yml +@@ -0,0 +1,8 @@ ++--- ++- import_role: ++ name: service-ks-register ++ vars: ++ service_ks_register_auth: "{{ openstack_skyline_auth }}" ++ service_ks_register_services: "{{ skyline_ks_services }}" ++ service_ks_register_users: "{{ skyline_ks_users }}" ++ tags: always +diff --git a/ansible/roles/skyline/tasks/stop.yml b/ansible/roles/skyline/tasks/stop.yml +new file mode 100644 +index 0000000..a8e9278 +--- /dev/null ++++ b/ansible/roles/skyline/tasks/stop.yml +@@ -0,0 +1,11 @@ ++--- ++- name: "Stopping skyline containers" ++ vars: ++ service: "{{ item.value }}" ++ docker_container: ++ name: "{{ service.container_name }}" ++ state: stopped ++ when: ++ - service.enabled | bool ++ - service.container_name not in skip_stop_containers ++ with_dict: "{{ skyline_services }}" +diff --git a/ansible/roles/skyline/tasks/upgrade.yml b/ansible/roles/skyline/tasks/upgrade.yml +new file mode 100644 +index 0000000..90c46fa +--- /dev/null ++++ b/ansible/roles/skyline/tasks/upgrade.yml +@@ -0,0 +1,7 @@ ++--- ++- include_tasks: register.yml ++ ++- include_tasks: config.yml ++ ++- name: Flush handlers ++ meta: flush_handlers +diff --git a/ansible/roles/skyline/templates/gunicorn.py.j2 b/ansible/roles/skyline/templates/gunicorn.py.j2 +new file mode 100644 +index 0000000..a6190e3 +--- /dev/null ++++ b/ansible/roles/skyline/templates/gunicorn.py.j2 +@@ -0,0 +1,12 @@ ++import multiprocessing ++ ++bind = "unix:/var/lib/skyline/skyline.sock" ++workers = (1 + multiprocessing.cpu_count()) // 2 ++worker_class = "uvicorn.workers.UvicornWorker" ++timeout = {{ skyline_gunicorn_timeout }} ++keepalive = {{ skyline_gunicorn_keepalive }} ++reuse_port = True ++proc_name = "{{ project_name }}" ++log_level = "{{ skyline_gunicorn_debug_level }}" ++accesslog = "{{ log_dir }}skyline/access.log" ++errorlog = "{{ log_dir }}skyline/error.log" +diff --git a/ansible/roles/skyline/templates/skyline.json.j2 b/ansible/roles/skyline/templates/skyline.json.j2 +new file mode 100644 +index 0000000..ee4559d +--- /dev/null ++++ b/ansible/roles/skyline/templates/skyline.json.j2 +@@ -0,0 +1,36 @@ ++{ ++ "command": "gunicorn -c /etc/skyline/gunicorn.py skyline_apiserver.main:app", ++ "config_files": [ ++ { ++ "source": "{{ container_config_directory }}/skyline.yaml", ++ "dest": "/etc/skyline/skyline.yaml", ++ "owner": "skyline", ++ "perm": "0600" ++ }, ++ { ++ "source": "{{ container_config_directory }}/gunicorn.py", ++ "dest": "/etc/skyline/gunicorn.py", ++ "owner": "skyline", ++ "perm": "0600" ++ }{% if skyline_enable_tls_backend | bool %}, ++ { ++ "source": "{{ container_config_directory }}/skyline-cert.pem", ++ "dest": "/etc/skyline/certs/skyline-cert.pem", ++ "owner": "skyline", ++ "perm": "0600" ++ }, ++ { ++ "source": "{{ container_config_directory }}/skyline-key.pem", ++ "dest": "/etc/skyline/certs/skyline-key.pem", ++ "owner": "skyline", ++ "perm": "0600" ++ }{% endif %} ++ ], ++ "permissions": [ ++ { ++ "path": "/var/log/kolla/skyline", ++ "owner": "skyline:skyline", ++ "recurse": true ++ } ++ ] ++} +diff --git a/ansible/roles/skyline/templates/skyline.yaml.j2 b/ansible/roles/skyline/templates/skyline.yaml.j2 +new file mode 100644 +index 0000000..6b7b4b5 +--- /dev/null ++++ b/ansible/roles/skyline/templates/skyline.yaml.j2 +@@ -0,0 +1,113 @@ ++default: ++ access_token_expire: {{ skyline_access_token_expire_seconds }} ++ access_token_renew: {{ skyline_access_token_renew_seconds }} ++ cors_allow_origins: {{ skyline_backend_cors_origins }} ++ database_url: mysql://{{ skyline_database_user }}:{{ skyline_database_password }}@{{ skyline_database_address }}/{{ skyline_database_name }} ++ debug: {{ debug }} ++ log_dir: {{ log_dir }} ++ secret_key: {{ skyline_secret_key }} ++ session_name: {{ skyline_session_name }} ++developer: ++ show_raw_sql: {{ skyline_show_raw_sql }} ++openstack: ++ base_domains: ++ - heat_user_domain ++ base_roles: ++ - keystone_system_admin ++ - keystone_system_reader ++ - keystone_project_admin ++ - keystone_project_member ++ - keystone_project_reader ++ - nova_system_admin ++ - nova_system_reader ++ - nova_project_admin ++ - nova_project_member ++ - nova_project_reader ++ - cinder_system_admin ++ - cinder_system_reader ++ - cinder_project_admin ++ - cinder_project_member ++ - cinder_project_reader ++ - glance_system_admin ++ - glance_system_reader ++ - glance_project_admin ++ - glance_project_member ++ - glance_project_reader ++ - neutron_system_admin ++ - neutron_system_reader ++ - neutron_project_admin ++ - neutron_project_member ++ - neutron_project_reader ++ - heat_system_admin ++ - heat_system_reader ++ - heat_project_admin ++ - heat_project_member ++ - heat_project_reader ++ - placement_system_admin ++ - placement_system_reader ++ - panko_system_admin ++ - panko_system_reader ++ - panko_project_admin ++ - panko_project_member ++ - panko_project_reader ++ - ironic_system_admin ++ - ironic_system_reader ++ - octavia_system_admin ++ - octavia_system_reader ++ - octavia_project_admin ++ - octavia_project_member ++ - octavia_project_reader ++ default_region: RegionOne ++ extension_mapping: ++ fwaas_v2: neutron_firewall ++ vpnaas: neutron_vpn ++ interface_type: public ++ keystone_url: {{ skyline_keystone_url }} ++ nginx_prefix: {{ skyline_nginx_prefix }} ++ reclaim_instance_interval: {{ skyline_reclaim_instance_interval }} ++ service_mapping: ++ baremetal: ironic ++ compute: nova ++ identity: keystone ++ image: glance ++ load-balancer: octavia ++ network: neutron ++ orchestration: heat ++ placement: placement ++ volumev3: cinder ++ system_admin_roles: ++ - admin ++ - system_admin ++ system_project: service ++ system_project_domain: Default ++ system_reader_roles: ++ - system_reader ++ system_user_domain: Default ++ system_user_name: skyline ++ system_user_password: {{ skyline_keystone_password }} ++setting: ++ base_settings: ++ - flavor_families ++ - gpu_models ++ - usb_models ++ flavor_families: ++ - architecture: x86_architecture ++ categories: ++ - name: general_purpose ++ properties: [] ++ - name: compute_optimized ++ properties: [] ++ - name: memory_optimized ++ properties: [] ++ - name: high_clock_speed ++ properties: [] ++ - architecture: heterogeneous_computing ++ categories: ++ - name: compute_optimized_type_with_gpu ++ properties: [] ++ - name: visualization_compute_optimized_type_with_gpu ++ properties: [] ++ gpu_models: ++ - nvidia_t4 ++ usb_models: ++ - usb_c +diff --git a/ansible/site.yml b/ansible/site.yml +index dc0be8e..daa2a50 100644 +--- a/ansible/site.yml ++++ b/ansible/site.yml +@@ -68,6 +68,7 @@ + - enable_sahara_{{ enable_sahara | bool }} + - enable_senlin_{{ enable_senlin | bool }} + - enable_skydive_{{ enable_skydive | bool }} ++ - enable_skyline_{{ enable_skyline | bool }} + - enable_solum_{{ enable_solum | bool }} + - enable_storm_{{ enable_storm | bool }} + - enable_swift_{{ enable_swift | bool }} +@@ -308,6 +309,11 @@ + tags: skydive + when: enable_skydive | bool + - include_role: ++ name: skyline ++ tasks_from: loadbalancer ++ tags: skyline ++ when: enable_skyline | bool ++ - include_role: + name: solum + tasks_from: loadbalancer + tags: solum +@@ -1091,6 +1097,17 @@ + tags: skydive, + when: enable_skydive | bool } + ++- name: Apply role skyline ++ gather_facts: false ++ hosts: ++ - skyline ++ - '&enable_skyline_True' ++ serial: '{{ kolla_serial|default("0") }}' ++ roles: ++ - { role: skyline, ++ tags: skyline, ++ when: enable_skyline | bool } ++ + - name: Apply role vitrage + gather_facts: false + hosts: +diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml +index d7c89b7..4146a21 100644 +--- a/etc/kolla/globals.yml ++++ b/etc/kolla/globals.yml +@@ -392,6 +392,7 @@ + #enable_sahara: "no" + #enable_senlin: "no" + #enable_skydive: "no" ++#enable_skyline: "no" + #enable_solum: "no" + #enable_storm: "{{ enable_monasca | bool }}" + #enable_swift: "no" +diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml +index 9b0dd99..35cc94f 100644 +--- a/etc/kolla/passwords.yml ++++ b/etc/kolla/passwords.yml +@@ -251,3 +251,9 @@ + # Ceph RadosGW options + #################### + ceph_rgw_keystone_password: ++ ++#################### ++# Skyline options ++#################### ++skyline_database_password: ++skyline_keystone_password: