diff --git a/puppet-manifests/centos/build_srpm.data b/puppet-manifests/centos/build_srpm.data index 9d22d52d33..e7b9de50b5 100644 --- a/puppet-manifests/centos/build_srpm.data +++ b/puppet-manifests/centos/build_srpm.data @@ -1,2 +1,2 @@ SRC_DIR="src" -TIS_PATCH_VER=80 +TIS_PATCH_VER=81 diff --git a/puppet-manifests/centos/puppet-manifests.spec b/puppet-manifests/centos/puppet-manifests.spec index 407850ee6c..38c1b3b4e9 100644 --- a/puppet-manifests/centos/puppet-manifests.spec +++ b/puppet-manifests/centos/puppet-manifests.spec @@ -22,6 +22,7 @@ Requires: puppet-sysinv Requires: puppet-sshd Requires: puppet-smapi Requires: puppet-fm +Requires: puppet-dcdbsync # Openstack puppet modules Requires: puppet-aodh diff --git a/puppet-manifests/src/hieradata/controller.yaml b/puppet-manifests/src/hieradata/controller.yaml index ef0ab3bf11..39935c856e 100644 --- a/puppet-manifests/src/hieradata/controller.yaml +++ b/puppet-manifests/src/hieradata/controller.yaml @@ -536,6 +536,11 @@ dcmanager::use_syslog: true dcmanager::log_facility: 'local2' dcmanager::debug: false +# Dcdbsync +dbsync::use_syslog: true +dbsync::log_facility: 'local2' +dbsync::debug: false + # FM fm::use_syslog: true fm::log_facility: 'local2' diff --git a/puppet-manifests/src/manifests/controller.pp b/puppet-manifests/src/manifests/controller.pp index a4a18273ae..526146472e 100644 --- a/puppet-manifests/src/manifests/controller.pp +++ b/puppet-manifests/src/manifests/controller.pp @@ -133,6 +133,9 @@ include ::platform::dcmanager::api include ::platform::dcorch::snmp +include ::platform::dcdbsync +include ::platform::dcdbsync::api + include ::platform::smapi include ::openstack::swift diff --git a/puppet-manifests/src/modules/openstack/templates/keystone-policy.json.erb b/puppet-manifests/src/modules/openstack/templates/keystone-policy.json.erb index 42f858aaff..73fc031831 100644 --- a/puppet-manifests/src/modules/openstack/templates/keystone-policy.json.erb +++ b/puppet-manifests/src/modules/openstack/templates/keystone-policy.json.erb @@ -27,7 +27,8 @@ ["'murano':%(target.user.name)s"], ["'panko':%(target.user.name)s"], ["'gnocchi':%(target.user.name)s"], - ["'fm':%(target.user.name)s"]], + ["'fm':%(target.user.name)s"], + ["'dcdbsync':%(target.user.name)s"]], "identity:delete_service": "rule:admin_required and not rule:protected_services", diff --git a/puppet-manifests/src/modules/platform/manifests/dcdbsync.pp b/puppet-manifests/src/modules/platform/manifests/dcdbsync.pp new file mode 100644 index 0000000000..dafc15d14a --- /dev/null +++ b/puppet-manifests/src/modules/platform/manifests/dcdbsync.pp @@ -0,0 +1,44 @@ +class platform::dcdbsync::params ( + $api_port = 8219, + $region_name = undef, + $service_create = false, + $service_enabled = false, + $default_endpoint_type = 'internalURL', +) { + include ::platform::params +} + +class platform::dcdbsync + inherits ::platform::dcdbsync::params { + if ($::platform::params::distributed_cloud_role == 'systemcontroller' or + $::platform::params::distributed_cloud_role == 'subcloud') { + if $service_create { + if $::platform::params::init_keystone { + include ::dcdbsync::keystone::auth + } + + class { '::dcdbsync': } + } + } +} + +class platform::dcdbsync::api + inherits ::platform::dcdbsync::params { + if ($::platform::params::distributed_cloud_role == 'systemcontroller' or + $::platform::params::distributed_cloud_role == 'subcloud') { + if $service_create { + include ::platform::network::mgmt::params + + $api_host = $::platform::network::mgmt::params::controller_address + $api_fqdn = $::platform::params::controller_hostname + $url_host = "http://${api_fqdn}:${api_port}" + + class { '::dcdbsync::api': + bind_host => $api_host, + bind_port => $api_port, + enabled => $service_enabled, + } + } + } +} + diff --git a/puppet-manifests/src/modules/platform/manifests/sm.pp b/puppet-manifests/src/modules/platform/manifests/sm.pp index 2e9351adda..35fd6104e9 100644 --- a/puppet-manifests/src/modules/platform/manifests/sm.pp +++ b/puppet-manifests/src/modules/platform/manifests/sm.pp @@ -572,6 +572,22 @@ class platform::sm if $::platform::params::distributed_cloud_role =='subcloud' { $configure_keystone = true + # Provision and configure dcorch dbsync when running as a subcloud + exec { 'Provision distributed-cloud-services (service-domain-member distributed-cloud-services)': + command => 'sm-provision service-domain-member controller distributed-cloud-services', + } + -> exec { 'Provision distributed-cloud-services (service-group distributed-cloud-services)': + command => 'sm-provision service-group distributed-cloud-services', + } + -> exec { 'Provision DCDBsync-RestApi (service-group-member dcdbsync-api)': + command => 'sm-provision service-group-member distributed-cloud-services dcdbsync-api', + } + -> exec { 'Provision DCDBsync-RestApi in SM (service dcdbsync-api)': + command => 'sm-provision service dcdbsync-api', + } + -> exec { 'Configure OpenStack - DCDBsync-API': + command => "sm-configure service_instance dcdbsync-api dcdbsync-api \"\"", + } # Deprovision Horizon when running as a subcloud exec { 'Deprovision OpenStack - Horizon (service-group-member)': command => 'sm-deprovision service-group-member web-services horizon', @@ -1698,6 +1714,12 @@ class platform::sm -> exec { 'Provision DCOrch-Patch-Api-Proxy in SM (service dcorch-patch-api-proxy)': command => 'sm-provision service dcorch-patch-api-proxy', } + -> exec { 'Provision DCDBsync-RestApi (service-group-member dcdbsync-api)': + command => 'sm-provision service-group-member distributed-cloud-services dcdbsync-api', + } + -> exec { 'Provision DCDBsync-RestApi in SM (service dcdbsync-api)': + command => 'sm-provision service dcdbsync-api', + } -> exec { 'Configure Platform - DCManager-Manager': command => "sm-configure service_instance dcmanager-manager dcmanager-manager \"\"", } @@ -1725,6 +1747,9 @@ class platform::sm -> exec { 'Configure OpenStack - DCOrch-patch-api-proxy': command => "sm-configure service_instance dcorch-patch-api-proxy dcorch-patch-api-proxy \"\"", } + -> exec { 'Configure OpenStack - DCDBsync-API': + command => "sm-configure service_instance dcdbsync-api dcdbsync-api \"\"", + } if $cinder_service_enabled { notice('Enable cinder-api-proxy') exec { 'Provision DCOrch-Cinder-Api-Proxy (service-group-member dcorch-cinder-api-proxy)': diff --git a/sysinv/sysinv/sysinv/setup.cfg b/sysinv/sysinv/sysinv/setup.cfg index 379260ad05..8eadab1cf8 100644 --- a/sysinv/sysinv/sysinv/setup.cfg +++ b/sysinv/sysinv/sysinv/setup.cfg @@ -66,12 +66,13 @@ systemconfig.puppet_plugins = 026_panko = sysinv.puppet.panko:PankoPuppet 027_dcmanager = sysinv.puppet.dcmanager:DCManagerPuppet 028_dcorch = sysinv.puppet.dcorch:DCOrchPuppet - 029_kubernetes = sysinv.puppet.kubernetes:KubernetesPuppet - 030_smapi = sysinv.puppet.smapi:SmPuppet - 031_fm = sysinv.puppet.fm:FmPuppet - 032_swift = sysinv.puppet.swift:SwiftPuppet - 033_service_parameter = sysinv.puppet.service_parameter:ServiceParamPuppet - 034_barbican = sysinv.puppet.barbican:BarbicanPuppet + 029_dcdbsync = sysinv.puppet.dcdbsync:DCDBsyncPuppet + 030_kubernetes = sysinv.puppet.kubernetes:KubernetesPuppet + 031_smapi = sysinv.puppet.smapi:SmPuppet + 032_fm = sysinv.puppet.fm:FmPuppet + 033_swift = sysinv.puppet.swift:SwiftPuppet + 034_service_parameter = sysinv.puppet.service_parameter:ServiceParamPuppet + 035_barbican = sysinv.puppet.barbican:BarbicanPuppet systemconfig.helm_plugins = aodh = sysinv.helm.aodh:AodhHelm diff --git a/sysinv/sysinv/sysinv/sysinv/puppet/dcdbsync.py b/sysinv/sysinv/sysinv/sysinv/puppet/dcdbsync.py new file mode 100644 index 0000000000..bf83c838ff --- /dev/null +++ b/sysinv/sysinv/sysinv/sysinv/puppet/dcdbsync.py @@ -0,0 +1,101 @@ +# +# Copyright (c) 2019 Wind River Systems, Inc. +# +# SPDX-License-Identifier: Apache-2.0 +# + +from sysinv.common import constants +from sysinv.puppet import openstack + + +class DCDBsyncPuppet(openstack.OpenstackBasePuppet): + """Class to encapsulate puppet operations for dcdbsync + configuration""" + + SERVICE_NAME = 'dcdbsync' + SERVICE_PORT = 8219 + SERVICE_PATH = 'v1.0' + IDENTITY_SERVICE_NAME = 'keystone' + IDENTITY_SERVICE_DB = 'keystone' + + def get_static_config(self): + dbuser = self._get_database_username(self.IDENTITY_SERVICE_NAME) + + return { + 'dcdbsync::db::postgresql::user': dbuser, + } + + def get_secure_static_config(self): + dbpass = self._get_database_password(self.IDENTITY_SERVICE_NAME) + kspass = self._get_service_password(self.SERVICE_NAME) + + # initial bootstrap is bound to localhost + dburl = self._format_database_connection(self.IDENTITY_SERVICE_NAME, + constants.LOCALHOST_HOSTNAME, + database=self.IDENTITY_SERVICE_DB) + return { + 'dcdbsync::database_connection': dburl, + 'dcdbsync::db::postgresql::password': dbpass, + 'dcdbsync::keystone::auth::password': kspass, + 'dcdbsync::api::keystone_password': kspass, + } + + def get_system_config(self): + ksuser = self._get_service_user_name(self.SERVICE_NAME) + + return { + # The region in which the identity server can be found + 'dcdbsync::region_name': self._keystone_region_name(), + + 'dcdbsync::keystone::auth::public_url': self.get_public_url(), + 'dcdbsync::keystone::auth::internal_url': self.get_internal_url(), + 'dcdbsync::keystone::auth::admin_url': self.get_admin_url(), + 'dcdbsync::keystone::auth::region': self._region_name(), + 'dcdbsync::keystone::auth::auth_name': ksuser, + 'dcdbsync::keystone::auth::auth_domain': + self._get_service_user_domain_name(), + 'dcdbsync::keystone::auth::service_name': self.SERVICE_NAME, + 'dcdbsync::keystone::auth::tenant': self._get_service_tenant_name(), + 'dcdbsync::api::bind_host': self._get_management_address(), + 'dcdbsync::api::keystone_auth_uri': self._keystone_auth_uri(), + 'dcdbsync::api::keystone_identity_uri': + self._keystone_identity_uri(), + 'dcdbsync::api::keystone_tenant': self._get_service_project_name(), + 'dcdbsync::api::keystone_user_domain': + self._get_service_user_domain_name(), + 'dcdbsync::api::keystone_project_domain': + self._get_service_project_domain_name(), + 'dcdbsync::api::keystone_user': ksuser, + 'platform::dcdbsync::params::region_name': self.get_region_name(), + 'platform::dcdbsync::params::service_create': + self._to_create_services(), + } + + def get_secure_system_config(self): + dbpass = self._get_database_password(self.IDENTITY_SERVICE_NAME) + kspass = self._get_service_password(self.SERVICE_NAME) + + return { + 'dcdbsync::database_connection': + self._format_database_connection( + self.IDENTITY_SERVICE_NAME, + database=self.IDENTITY_SERVICE_DB), + 'dcdbsync::db::postgresql::password': dbpass, + 'dcdbsync::keystone::auth::password': kspass, + 'dcdbsync::api::keystone_password': kspass, + } + + def get_public_url(self): + return self._format_public_endpoint(self.SERVICE_PORT, + path=self.SERVICE_PATH) + + def get_internal_url(self): + return self._format_private_endpoint(self.SERVICE_PORT, + path=self.SERVICE_PATH) + + def get_admin_url(self): + return self._format_private_endpoint(self.SERVICE_PORT, + path=self.SERVICE_PATH) + + def get_region_name(self): + return self._get_service_region_name(self.SERVICE_NAME)