openstack/openstack-ansible-os_nova
Code Issues Proposed changes

Merge "Enable multiple console proxies where requried in deployments"

Browse Source
This commit is contained in:
Zuul 2023-08-30 09:49:31 +00:00 committed by Gerrit Code Review
commit bf6aaf7ab0
6 changed files with 32 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
defaults/main.yml
View File

@ -294,13 +294,19 @@ nova_libvirt_hw_disk_discard: '{{ (nova_libvirt_images_rbd_pool | length > 0) |
nova_libvirt_live_migration_inbound_addr: '{{ (nova_management_address == "localhost") | ternary("127.0.0.1", nova_management_address) }}'
## Nova console
# Set the console type. Presently the only options are ["spice", "novnc", "serialconsole", "disabled"].
# Set the console type for the compute host. Presently the only options are ["spice", "novnc", "serialconsole", "disabled"].
nova_console_type: "{{ (ansible_facts['architecture'] == 'aarch64') | ternary('serialconsole', 'novnc') }}"
## Nova ironic console
# Set the console type. Presently the only options are ["serialconsole", "disabled"].
nova_ironic_console_type: "disabled"
## Nova console proxies
# Set the console proxy types.
nova_console_proxy_types:
- "{{ nova_console_type }}"
- "{{ nova_ironic_console_type }}"
# Nova console ssl info, presently only used by novnc console type
nova_console_ssl_dir: "/etc/nova/ssl"
nova_console_ssl_cert: "{{ nova_console_ssl_dir }}/nova-console.pem"
@ -488,7 +494,7 @@ nova_services:
group: nova_console
service_name: nova-novncproxy
init_config_overrides: "{{ nova_novncproxy_init_overrides }}"
condition: "{{ nova_console_type == 'novnc' }}"
condition: "{{ 'novnc' in nova_console_proxy_types }}"
start_order: 5
execstarts: "{{ nova_bin }}/nova-novncproxy {{ nova_backend_ssl | ternary('--ssl_only --cert ' ~ nova_ssl_cert ~ ' --key ' ~ nova_ssl_key, '') }}"
nova-scheduler:
@ -502,21 +508,21 @@ nova_services:
group: nova_console
service_name: nova-spicehtml5proxy
init_config_overrides: "{{ {'Install': {'Alias': 'nova-spiceproxy.service'}} | combine(nova_spicehtml5proxy_init_overrides, recursive=True) }}"
condition: "{{ nova_console_type == 'spice' }}"
condition: "{{ 'spice' in nova_console_proxy_types }}"
start_order: 5
execstarts: "{{ nova_bin }}/nova-spicehtml5proxy {{ nova_backend_ssl | ternary('--ssl_only --cert ' ~ nova_ssl_cert ~ ' --key ' ~ nova_ssl_key, '') }}"
nova-serialconsole-proxy:
group: nova_console
service_name: nova-serialproxy
init_config_overrides: "{{ nova_serialproxy_init_overrides }}"
condition: "{{ nova_console_type == 'serialconsole' }}"
condition: "{{ 'serialconsole' in nova_console_proxy_types }}"
start_order: 5
execstarts: "{{ nova_bin }}/nova-serialproxy {{ nova_backend_ssl | ternary('--ssl_only --cert ' ~ nova_ssl_cert ~ ' --key ' ~ nova_ssl_key, '') }}"
nova_ironic_sericalconsole-proxy:
group: ironic_console
service_name: nova-serialproxy
init_config_overrides: "{{ nova_serialproxy_init_overrides }}"
condition: "{{ nova_ironic_console_type == 'serialconsole' }}"
condition: "{{ 'serialconsole' in nova_console_proxy_types }}"
start_order: 5
execstarts: "{{ nova_bin }}/nova-serialproxy {{ nova_backend_ssl | ternary('--ssl_only --cert ' ~ nova_ssl_cert ~ ' --key ' ~ nova_ssl_key, '') }}"
@ -714,7 +720,7 @@ nova_pki_console_certificates:
- keyEncipherment
extended_key_usage:
- clientAuth
condition: "{{ nova_qemu_vnc_tls == 1 and nova_console_type == 'novnc' }}"
condition: "{{ nova_qemu_vnc_tls == 1 and 'novnc' in nova_console_proxy_types }}"
# Installation details for SSL certificates for console hosts
nova_pki_console_install_certificates:

5
releasenotes/notes/nova_console_proxies-98f7705e3ecec051.yaml Normal file
View File

@ -0,0 +1,5 @@
---
features:
- |
Added ``nova_console_proxy_types`` list variable for use when deployments
have a mix of nova console types for different compute nodes.

5
tasks/nova_install.yml
View File

@ -81,7 +81,8 @@
- "nova_services['nova-novncproxy']['group'] in group_names or
nova_services['nova-spicehtml5proxy']['group'] in group_names or
nova_services['nova-serialconsole-proxy']['group'] in group_names"
- "nova_console_type not in ['serialconsole', 'disabled']"
- "'novnc' in nova_console_proxy_types or
'spice' in nova_console_proxy_types"
args:
apply:
tags:
@ -126,7 +127,7 @@
name: "{{ item.service }}"
enabled: no
state: stopped
when: (item.condition | bool) and item.type != nova_console_type
when: (item.condition | bool) and item.type not in nova_console_proxy_types
loop:
- service: "nova-novncproxy.service"
condition: "{{ novnc_proxy_enabled.rc is defined and novnc_proxy_enabled.rc == 0 }}"

32
templates/nova.conf.j2
View File

@ -80,25 +80,19 @@ catalog_info = volumev3:cinderv3:internalURL
os_region_name = {{ nova_service_region }}
auth_section = keystone_authtoken
{% if nova_console_type == 'spice' %}
[spice]
agent_enabled = {{ nova_spice_console_agent_enabled }}
enabled = True
# Console Url and binds
enabled = {{ (nova_console_type == 'spice') | ternary(True, False) }}
{% if 'spice' in nova_console_proxy_types %}
html5proxy_base_url = {{ nova_spice_html5proxy_base_url }}
html5proxy_host = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %}
server_listen = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %}
server_proxyclient_address = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %}
{% endif %}
[vnc]
enabled = False
{% elif nova_console_type == 'novnc' %}
[vnc]
enabled = True
enabled = {{ (nova_console_type == 'novnc') | ternary(True, False) }}
{% if 'novnc' in nova_console_proxy_types %}
novncproxy_base_url = {{ nova_novncproxy_base_url }}
novncproxy_host = {{ nova_novncproxy_host }}
novncproxy_port = {{ nova_novncproxy_port }}
@ -111,28 +105,18 @@ vencrypt_client_key={{ nova_vencrypt_client_key }}
vencrypt_client_cert={{ nova_vencrypt_client_cert }}
vencrypt_ca_certs={{ nova_vencrypt_ca_certs }}
{% endif %}
{% endif %}
{% elif nova_console_type == 'serialconsole' %}
[serial_console]
enabled = True
# Console Url and binds
enabled = {{ (nova_console_type == 'serialconsole') | ternary(True, False) }}
{% if 'serialconsole' in nova_console_proxy_types %}
base_url= {{ nova_serialconsoleproxy_base_url }}
proxyclient_address = {% if nova_management_address == 'localhost' +%}127.0.0.1{% else +%}{{ nova_management_address }}{% endif +%}
port_range = {{ nova_serialconsoleproxy_port_range }}
{% if nova_services['nova-serialconsole-proxy']['group'] %}
serialproxy_host= {{ nova_serialconsoleproxy_serialconsole_proxyserver_proxyclient_address }}
serialproxy_port= {{ nova_serialconsoleproxy_port }}
{% endif %}
[vnc]
enabled = False
{% elif nova_console_type == 'disabled' %}
[vnc]
enabled = False
{% endif %}
# Glance
[glance]
region_name = {{ nova_service_region }}

6
vars/distro_install.yml
View File

@ -23,13 +23,13 @@ nova_package_list: |-
{% if nova_services['nova-novncproxy']['group'] in group_names or
nova_services['nova-spicehtml5proxy']['group'] in group_names or
nova_services['nova-serialconsole-proxy']['group'] in group_names %}
{% if nova_console_type == 'novnc' %}
{% if 'novnc' in nova_console_proxy_types %}
{% set _ = packages.extend(nova_service_extra_distro_packages['novnc']) %}
{% endif %}
{% if nova_console_type == 'spice' %}
{% if 'spice' in nova_console_proxy_types %}
{% set _ = packages.extend(nova_service_extra_distro_packages['spice']) %}
{% endif %}
{% if nova_console_type == 'serialconsole' %}
{% if 'serialconsole' in nova_console_proxy_types %}
{% set _ = packages.extend(nova_service_extra_distro_packages['serialconsole']) %}
{% endif %}
{% endif %}

2
vars/main.yml
View File

@ -24,7 +24,7 @@ nova_venv_packages: |-
{%- if nova_oslomsg_amqp1_enabled | bool %}
{%- set _ = pkg_list.extend(nova_optional_oslomsg_amqp1_pip_packages) %}
{%- endif %}
{%- if (nova_console_type == 'novnc') %}
{%- if ('novnc' in nova_console_proxy_types) %}
{%- set _ = pkg_list.extend(nova_novnc_pip_packages) %}
{%- endif %}
{%- if (nova_services['nova-compute']['group'] in group_names) %}