From 8de7d921a3f8b7375691a4fbcfcfa8a66c49226c Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Tue, 14 Apr 2015 18:54:57 +0000 Subject: OpenStack: Split nova into control and compute This adds NOVA_ENABLE_{CONTROLLER,COMPUTE}. Both are enabled by deafult, but if CONTROLLER is enabled but COMPUTE isn't, then the conductor service is enabled. Change-Id: I523a7270d4afdcd1e2a30eaac42ea499581fe971 --- openstack/usr/share/openstack/nova-config.yml | 34 +++++++++ openstack/usr/share/openstack/nova-db.yml | 51 +++++++++++++ openstack/usr/share/openstack/nova.yml | 102 -------------------------- 3 files changed, 85 insertions(+), 102 deletions(-) create mode 100644 openstack/usr/share/openstack/nova-config.yml create mode 100644 openstack/usr/share/openstack/nova-db.yml delete mode 100644 openstack/usr/share/openstack/nova.yml (limited to 'openstack/usr/share') diff --git a/openstack/usr/share/openstack/nova-config.yml b/openstack/usr/share/openstack/nova-config.yml new file mode 100644 index 00000000..4f43db39 --- /dev/null +++ b/openstack/usr/share/openstack/nova-config.yml @@ -0,0 +1,34 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/nova.conf" + tasks: + - name: Create the nova user. + user: + name: nova + comment: Openstack Nova Daemons + shell: /sbin/nologin + home: /var/lib/nova + groups: libvirt + append: yes + + - name: Create the /var folders for nova + file: + path: "{{ item }}" + state: directory + owner: nova + group: nova + with_items: + - /var/run/nova + - /var/lock/nova + - /var/log/nova + - /var/lib/nova + - /var/lib/nova/instances + + - file: path=/etc/nova state=directory + - name: Add the configuration needed for nova in /etc/nova using templates + template: + src: /usr/share/openstack/nova/{{ item }} + dest: /etc/nova/{{ item }} + with_lines: + - cd /usr/share/openstack/nova && find -type f diff --git a/openstack/usr/share/openstack/nova-db.yml b/openstack/usr/share/openstack/nova-db.yml new file mode 100644 index 00000000..e7dc5b10 --- /dev/null +++ b/openstack/usr/share/openstack/nova-db.yml @@ -0,0 +1,51 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/nova.conf" + tasks: + - name: Create nova service user in service tenant + keystone_user: + user: "{{ NOVA_SERVICE_USER }}" + password: "{{ NOVA_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Assign admin role to nova service user in the service tenant + keystone_user: + role: admin + user: "{{ NOVA_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add nova endpoint + keystone_service: + name: nova + type: compute + description: Openstack Compute Service + publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + region: 'regionOne' + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for nova + postgresql_user: + name: "{{ NOVA_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + password: "{{ NOVA_DB_PASSWORD }}" + sudo: yes + sudo_user: nova + + - name: Create database for nova services + postgresql_db: + name: nova + owner: "{{ NOVA_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + sudo: yes + sudo_user: nova + + - name: Initiate nova database + nova_manage: + action: dbsync + sudo: yes + sudo_user: nova diff --git a/openstack/usr/share/openstack/nova.yml b/openstack/usr/share/openstack/nova.yml deleted file mode 100644 index c1122c60..00000000 --- a/openstack/usr/share/openstack/nova.yml +++ /dev/null @@ -1,102 +0,0 @@ ---- -- hosts: localhost - vars_files: - - "/etc/openstack/nova.conf" - tasks: - - name: Create the nova user. - user: - name: nova - comment: Openstack Nova Daemons - shell: /sbin/nologin - home: /var/lib/nova - groups: libvirt - append: yes - - - name: Create the /var folders for nova - file: - path: "{{ item }}" - state: directory - owner: nova - group: nova - with_items: - - /var/run/nova - - /var/lock/nova - - /var/log/nova - - /var/lib/nova - - /var/lib/nova/instances - - - file: path=/etc/nova state=directory - - name: Add the configuration needed for nova in /etc/nova using templates - template: - src: /usr/share/openstack/nova/{{ item }} - dest: /etc/nova/{{ item }} - with_lines: - - cd /usr/share/openstack/nova && find -type f - - - name: Create nova service user in service tenant - keystone_user: - user: "{{ NOVA_SERVICE_USER }}" - password: "{{ NOVA_SERVICE_PASSWORD }}" - tenant: service - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Assign admin role to nova service user in the service tenant - keystone_user: - role: admin - user: "{{ NOVA_SERVICE_USER }}" - tenant: service - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Add nova endpoint - keystone_service: - name: nova - type: compute - description: Openstack Compute Service - publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' - internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' - adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' - region: 'regionOne' - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Create postgresql user for nova - postgresql_user: - name: "{{ NOVA_DB_USER }}" - login_host: "{{ CONTROLLER_HOST_ADDRESS }}" - password: "{{ NOVA_DB_PASSWORD }}" - sudo: yes - sudo_user: nova - - - name: Create database for nova services - postgresql_db: - name: nova - owner: "{{ NOVA_DB_USER }}" - login_host: "{{ CONTROLLER_HOST_ADDRESS }}" - sudo: yes - sudo_user: nova - - - name: Initiate nova database - nova_manage: - action: dbsync - sudo: yes - sudo_user: nova - - - -# [1] Never enable openstack-nova-conductor service in a node with -# openstack-nova-compute or the security benefits of removing -# database access from nova-compute will be negated -#systemctl start openstack-nova-conductor - - name: Enable and start openstack-nova services - service: - name: "{{ item }}" - enabled: yes - state: started - with_items: - - openstack-nova-api.service - - openstack-nova-cert.service - - openstack-nova-compute.service - - openstack-nova-consoleauth.service - - openstack-nova-novncproxy.service - - openstack-nova-scheduler.service - - openstack-nova-serialproxy.service -# - openstack-nova-conductor.service -- cgit v1.2.1