Aodh role for OpenStack-Ansible

Aodh role for OpenStack-Ansible

To clone or view the source code for this repository, visit the role repository for os_aodh.

Default variables

## Verbosity Options
debug: False

# Set the package install state for distribution and pip packages
# Options are 'present' and 'latest'
aodh_package_state: "latest"
aodh_pip_package_state: "latest"

## Toggle developer mode
aodh_developer_mode: false

## The git source/branch
aodh_git_repo: https://git.openstack.org/openstack/aodh
aodh_git_install_branch: "stable/queens"

## The packages to build from source (used in developer mode)
aodh_developer_constraints:
  - "git+{{ aodh_git_repo }}@{{ aodh_git_install_branch }}#egg=aodh"

# Name of the virtual env to deploy into
aodh_venv_tag: untagged
aodh_bin: "/openstack/venvs/aodh-{{ aodh_venv_tag }}/bin"

# venv_download, even when true, will use the fallback method of building the
# venv from scratch if the venv download fails.
aodh_venv_download: "{{ not aodh_developer_mode | bool }}"
# URL of the pre-built virtualenv
aodh_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/aodh.tgz

## System info
aodh_system_user_name: aodh
aodh_system_group_name: aodh
aodh_system_shell: /bin/false
aodh_system_comment: aodh system user
aodh_system_user_home: "/var/lib/{{ aodh_system_user_name }}"

## Database info
aodh_database_name: aodh
aodh_database_user: aodh
aodh_db_type: "mysql+pymysql"
aodh_db_address: localhost
aodh_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
aodh_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"
aodh_connection_string: "{{ aodh_db_type }}://{{ aodh_database_user }}:{{ aodh_container_db_password }}@{{ aodh_db_address }}/{{ aodh_database_name }}?charset=utf8{% if aodh_galera_use_ssl | bool %}&ssl_ca={{ aodh_galera_ssl_ca_cert }}{% endif %}"

## RabbitMQ info
aodh_rabbitmq_userid: aodh
aodh_rabbitmq_vhost: /aodh
aodh_rabbitmq_servers: 127.0.0.1
aodh_rabbitmq_port: 5672
aodh_rabbitmq_use_ssl: False

## Apache setup
aodh_apache_log_level: info
aodh_apache_servertokens: "Prod"
aodh_apache_serversignature: "Off"
aodh_wsgi_threads: 10
aodh_wsgi_processes_max: 16
aodh_wsgi_processes: "{{ [[ansible_processor_vcpus|default(1), 1] | max * 2, aodh_wsgi_processes_max] | min }}"

#Aodh services info
aodh_role_name: admin

## Service Type and Data
aodh_service_region: RegionOne
aodh_service_endpoint_type: internalURL
aodh_service_name: aodh
aodh_service_port: 8042
aodh_service_proto: http
aodh_service_type: alarming
aodh_service_description: "Telemetry"
aodh_service_project_domain_id: default
aodh_service_user_domain_id: default
aodh_service_user_name: aodh
aodh_keystone_auth_plugin: "{{ aodh_keystone_auth_type }}"
aodh_keystone_auth_type: password
aodh_service_tenant_name: service
aodh_service_project_name: service
aodh_service_publicuri: "{{ aodh_service_proto }}://{{ external_lb_vip_address }}:{{ aodh_service_port }}"
aodh_service_publicurl: "{{ aodh_service_publicuri }}"
aodh_service_internaluri: "{{ aodh_service_proto }}://{{ internal_lb_vip_address }}:{{ aodh_service_port }}"
aodh_service_internalurl: "{{ aodh_service_internaluri }}"
aodh_service_adminuri: "{{ aodh_service_proto }}://{{ internal_lb_vip_address }}:{{ aodh_service_port }}"
aodh_service_adminurl: "{{ aodh_service_adminuri }}"

aodh_service_in_ldap: false

# aodh packages that must be installed before anything else
aodh_requires_pip_packages:
  - virtualenv
  - python-keystoneclient # Keystoneclient needed to OSA keystone lib
  - httplib2

# Common pip packages
aodh_pip_packages:
  # The following constraints are taken from the setup.cfg
  # file in the aodh project. This is due to the fact that the repo-build
  # role does not respect constraints specified in setup.cfg files.
  # https://github.com/openstack/aodh/blob/master/setup.cfg#L35-L38
  - alembic>=0.7.2
  - aodh
  - ceilometermiddleware
  - cryptography
  - gnocchiclient
  - PyMySQL>=0.6.2
  - python-ceilometerclient
  - python-memcached
  - sqlalchemy>=0.9.7
  - sqlalchemy-utils
  - warlock

aodh_alarm_notifier_init_overrides: {}
aodh_alarm_evaluator_init_overrides: {}
aodh_listener_init_overrides: {}

## Service Name-Group Mapping
aodh_services:
  aodh-notifier:
    group: aodh_alarm_notifier
    service_name: aodh-notifier
    init_config_overrides: "{{ aodh_alarm_notifier_init_overrides }}"
  aodh-evaluator:
    group: aodh_alarm_evaluator
    service_name: aodh-evaluator
    init_config_overrides: "{{ aodh_alarm_evaluator_init_overrides }}"
  aodh-listener:
    group: aodh_listener
    service_name: aodh-listener
    init_config_overrides: "{{ aodh_listener_init_overrides }}"

aodh_required_secrets:
  - memcached_encryption_key
  - aodh_container_db_password
  - aodh_rabbitmq_password
  - aodh_service_password

install_test_packages: False

# This variable is used by the repo_build process to determine
# which host group to check for members of before building the
# pip packages required by this role. The value is picked up
# by the py_pkgs lookup.
aodh_role_project_group: aodh_all

## Tunable overrides
aodh_policy_overrides: {}
aodh_aodh_conf_overrides: {}
aodh_api_paste_ini_overrides: {}

Example playbook

- name: Install aodh services
  hosts: aodh_all
  user: root
  roles:
    - { role: "os_aodh" }
  vars:
    # Needed for aodh to talk to MongoDB
    aodh_container_db_password: "secrete"
    # Password used for Keystone aodh service user
    aodh_service_password: "secrete"
    # Needed for aodh to talk to memcached
    memcached_servers: 127.0.0.1
    memcached_encryption_key: "some_key"
    # Needed for aodh to locate and connect to the RabbitMQ cluster
    aodh_rabbitmq_password: "secrete"
    rabbitmq_servers: "10.100.100.2"
    rabbitmq_use_ssl: true
    rabbitmq_port: 5671
    # Needed to setup the aodh service in Keystone
    keystone_admin_user_name: admin
    keystone_admin_tenant_name: admin
    keystone_auth_admin_password: "SuperSecretePassword"
    keystone_service_adminuri_insecure: false
    keystone_service_internaluri_insecure: false
    keystone_service_internaluri: "http://1.2.3.4:5000"
    keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
    keystone_service_adminuri: "http://5.6.7.8:35357"
    keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"

Dependencies

This role needs pip >= 7.1 installed on the target host.

To use this role, define the following variables:

# Needed for aodh to talk to MongoDB
aodh_container_db_password: "secrete"
# Password used for Keystone aodh service user
aodh_service_password: "secrete"
# Needed for aodh to talk to memcached
memcached_servers: 127.0.0.1
memcached_encryption_key: "some_key"
# Needed for aodh to locate and connect to the RabbitMQ cluster
aodh_rabbitmq_password: "secrete"
rabbitmq_servers: "10.100.100.2"
rabbitmq_use_ssl: true
rabbitmq_port: 5671
# Needed to setup the aodh service in Keystone
keystone_admin_user_name: admin
keystone_admin_tenant_name: admin
keystone_auth_admin_password: "SuperSecretePassword"
keystone_service_adminuri_insecure: false
keystone_service_internaluri_insecure: false
keystone_service_internaluri: "http://1.2.3.4:5000"
keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
keystone_service_adminuri: "http://5.6.7.8:35357"
keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"

Tags

This role supports two tags: aodh-install and aodh-config. The aodh-install tag can be used to install and upgrade. The aodh-config tag can be used to maintain the configuration of the service.

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.