diff --git a/README.md b/README.md index e460b3e..1bf6804 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ #monasca-api Installs the [monasca-api](https://github.com/stackforge/monasca-api) part of the [Monasca](https://wiki.openstack.org/wiki/Monasca) project. +There are two implementations of the API, one Java based and one Python based. This will install the Java based one by default. To install +the python implementation rather than the java implementation, set the variable `monasca_api_java` to False. ##Requirements - api_region diff --git a/defaults/main.yml b/defaults/main.yml index e3c089a..f9f3d49 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,7 +1,11 @@ --- # ©Copyright 2015 Hewlett-Packard Development Company, L.P. +database_type: influxdb influxdb_db: mon +cassandra_keyspace: mon +keystone_admin: admin +keystone_admin_tenant: admin keystone_auth_method: password keystone_admin_token: keystone_port: 5000 @@ -11,19 +15,40 @@ monasca_admin_client_port: 8081 monasca_api_client_port: 8070 monasca_api_client_keystore: monasca_api_client_keystore_password: +monasca_api_java: True monasca_api_java_opts: -Xmx1g +monasca_api_log_file: monasca-api.log monasca_api_truststore: monasca_api_truststore_password: monasca_api_keystore_password: monasca_api_tarball_base_url: http://tarballs.openstack.org/ci/monasca-api monasca_api_version: 1.1.0-SNAPSHOT -monasca_wait_for_period: 10 +monasca_jar_dir: /opt/monasca monasca_log_dir: /var/log/monasca monasca_log_level: WARN -monasca_jar_dir: /opt/monasca +monasca_python_dir: /opt/monasca +monasca_virtualenv_dir: /opt/monasca +monasca_wait_for_period: 10 mysql_db: mon -database_type: influxdb + +# API Roles +api_default_authorized_roles: + - user + - domainuser + - domainadmin + - monasca-user +api_agent_authorized_roles: + - monasca-agent +api_delegate_authorized_roles: + - admin + +# Python API specific +api_gunicorn_version: 19.3.0 +api_gunicorn_worker_connections: 2000 +api_gunicorn_backlog: 1000 +api_gunicorn_workers: 1 run_mode: Deploy skip_install: False verify: True +api_debug: False diff --git a/tasks/configure.yml b/tasks/configure.yml index 9def5dd..ba55004 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -4,49 +4,9 @@ - name: setup group group: name={{monasca_group}} system=yes -- name: Setup user +- name: setup user user: name={{monasca_api_user}} system=yes group={{monasca_group}} -- name: create vertica dir - file: path={{monasca_jar_dir}}/vertica state=directory owner=root group=root mode=755 - when: database_type == 'vertica' - -- name: check if vertica jar exists - stat: path={{monasca_jar_dir}}/vertica/vertica_jdbc.jar - register: status - when: database_type == 'vertica' - -- name: place vertica jdbc - command: cp {{vertica_jdbc_location}} {{monasca_jar_dir}}/vertica/vertica_jdbc.jar - when: database_type == 'vertica' and not status.stat.exists - -- name: Ensure vertica jdbc permissions - file: path={{monasca_jar_dir}}/vertica/vertica_jdbc.jar mode=644 - when: database_type == 'vertica' - -- name: Detect if this is a systemd based system - command: cat /proc/1/comm - register: init -- set_fact: use_systemd=True - when: init.stdout == 'systemd' -- set_fact: use_systemd=False - when: init.stdout != 'systemd' - -- name: create systemd config - template: dest={{api_systemd_service}} owner=root group=root mode=644 src=monasca-api.service.j2 - notify: - - restart monasca-api - when: use_systemd - -- command: systemctl daemon-reload - when: use_systemd - -- name: create upstart script from template - template: dest=/etc/init/monasca-api.conf owner=root group=root mode=744 src=monasca-api.conf.j2 - notify: - - restart monasca-api - when: not use_systemd - - name: create monasca log dir file: path={{monasca_log_dir}} state=directory owner=root group={{monasca_group}} mode=775 @@ -56,10 +16,15 @@ - name: create conf_dir file: path={{monasca_conf_dir}} state=directory owner=root group={{monasca_group}} mode=775 -- name: create conf_file from template - template: dest={{api_conf_file}} owner={{monasca_api_user}} group={{monasca_group}} mode=640 src=api-config.yml.j2 - notify: - - restart monasca-api +# select Java or Python + +- include: java_configure.yml + when: monasca_api_java + +- include: python_configure.yml + when: not monasca_api_java + +# -------- - name: Copy Truststore copy: dest={{monasca_api_truststore}} src={{monasca_api_truststore_src}} diff --git a/tasks/install.yml b/tasks/install.yml index bfac6a3..e85754f 100644 --- a/tasks/install.yml +++ b/tasks/install.yml @@ -1,10 +1,8 @@ --- # ©Copyright 2015 Hewlett-Packard Development Company, L.P. -- name: create jar dir - file: path={{monasca_jar_dir}} state=directory owner=root group=root mode=755 +- include: java_install.yml + when: monasca_api_java -- name: Fetch api jar - get_url: dest={{monasca_jar_dir}}/monasca-api.jar url="{{monasca_api_tarball_base_url}}/monasca-api-{{monasca_api_version}}-shaded.jar" force=yes - notify: - - restart monasca-api +- include: python_install.yml + when: not monasca_api_java diff --git a/tasks/java_configure.yml b/tasks/java_configure.yml new file mode 100644 index 0000000..d413857 --- /dev/null +++ b/tasks/java_configure.yml @@ -0,0 +1,48 @@ +--- +# ©Copyright 2015 Hewlett-Packard Development Company, L.P. + +- name: java | create vertica dir + file: path={{monasca_jar_dir}}/vertica state=directory owner=root group=root mode=755 + when: database_type == 'vertica' + +- name: java | check if vertica jar exists + stat: path={{monasca_jar_dir}}/vertica/vertica_jdbc.jar + register: status + when: database_type == 'vertica' + +- name: java | place vertica jdbc + command: cp {{vertica_jdbc_location}} {{monasca_jar_dir}}/vertica/vertica_jdbc.jar + when: database_type == 'vertica' and not status.stat.exists + +- name: java | Ensure vertica jdbc permissions + file: path={{monasca_jar_dir}}/vertica/vertica_jdbc.jar mode=644 + when: database_type == 'vertica' + +- name: java | Detect if this is a systemd based system + command: cat /proc/1/comm + register: init +- set_fact: use_systemd=True + when: init.stdout == 'systemd' +- set_fact: use_systemd=False + when: init.stdout != 'systemd' + +- name: java | create systemd config + template: dest={{api_systemd_service}} owner=root group=root mode=644 src=monasca-api.service.j2 + notify: + - restart monasca-api + when: use_systemd + +- name: java | systemctl daemon-reload + command: systemctl daemon-reload + when: use_systemd + +- name: java | create upstart script from template + template: dest=/etc/init/monasca-api.conf owner=root group=root mode=744 src=monasca-api.conf.j2 + notify: + - restart monasca-api + when: not use_systemd + +- name: java | create conf_file from template + template: dest={{api_conf_file}} owner={{monasca_api_user}} group={{monasca_group}} mode=640 src=api-config.yml.j2 + notify: + - restart monasca-api \ No newline at end of file diff --git a/tasks/java_install.yml b/tasks/java_install.yml new file mode 100644 index 0000000..5bbeba7 --- /dev/null +++ b/tasks/java_install.yml @@ -0,0 +1,10 @@ +--- +# ©Copyright 2015 Hewlett-Packard Development Company, L.P. + +- name: java | create jar dir + file: path={{monasca_jar_dir}} state=directory owner=root group=root mode=755 + +- name: java | fetch api jar + get_url: dest={{monasca_jar_dir}}/monasca-api.jar url="{{monasca_api_tarball_base_url}}/monasca-api-{{monasca_api_version}}-shaded.jar" force=yes + notify: + - restart monasca-api diff --git a/tasks/java_main.yml b/tasks/java_main.yml new file mode 100644 index 0000000..f064938 --- /dev/null +++ b/tasks/java_main.yml @@ -0,0 +1,2 @@ +--- +# ©Copyright 2015 Hewlett-Packard Development Company, L.P. diff --git a/tasks/main.yml b/tasks/main.yml index 695867d..bb734a1 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,6 +1,12 @@ --- # ©Copyright 2015 Hewlett-Packard Development Company, L.P. +- include: java_main.yml + when: monasca_api_java + +- include: python_main.yml + when: not monasca_api_java + - include: stop.yml when: run_mode == 'Stop' diff --git a/tasks/python_configure.yml b/tasks/python_configure.yml new file mode 100644 index 0000000..0ca9967 --- /dev/null +++ b/tasks/python_configure.yml @@ -0,0 +1,48 @@ +--- +# ©Copyright 2015 Hewlett-Packard Development Company, L.P. + +- name: python | create api-config.conf from template + template: > + src=python.api-config.conf.j2 + dest={{ monasca_conf_dir }}/api-config.conf + owner={{ monasca_api_user }} + group=root + mode=660 + notify: + - restart monasca-api + +- name: python | symlink api-config.conf + file: > + src={{ monasca_conf_dir }}/api-config.conf + dest=/etc/api-config.conf + owner=root + group=root + state=link + +- name: python | create api-config.ini from template + template: > + src=python.api-config.ini.j2 + dest={{ monasca_conf_dir }}/api-config.ini + owner={{ monasca_api_user }} + group=root + mode=660 + notify: + - restart monasca-api + +- name: python | symlink api-config.ini + file: > + src={{ monasca_conf_dir }}/api-config.ini + dest=/etc/api-config.ini + owner=root + group=root + state=link + +- name: python | create upstart script from template + template: > + src=python.monasca-api.conf.j2 + dest=/etc/init/monasca-api.conf + owner=root + group=root + mode=744 + notify: + - restart monasca-api \ No newline at end of file diff --git a/tasks/python_install.yml b/tasks/python_install.yml new file mode 100644 index 0000000..79fe29f --- /dev/null +++ b/tasks/python_install.yml @@ -0,0 +1,77 @@ +--- +# ©Copyright 2015 Hewlett-Packard Development Company, L.P. + +- name: python | update apt cache + apt: update_cache=yes cache_valid_time=3600 + +- name: Upgrade pip in virtualenv + pip: name=pip state=latest virtualenv="{{monasca_virtualenv_dir}}" + +- name: python | install python packages + action: apt pkg={{ item }} state=latest + with_items: + - git + - python-dev + - libmysqlclient-dev + +- name: create python base dir + file: path={{ monasca_python_dir }} state=directory owner=root group=root mode=755 + +- name: python | git clone monasca-api + git: > + repo=https://github.com/stackforge/monasca-api.git + dest={{ monasca_python_dir }}/monasca-api + notify: + - restart monasca-api + register: monasca_api_clone + +# example patch section to merge in monasca-api changes that are pending review + +#- name: python | create required patch for monasca-api +# shell: git fetch https://review.openstack.org/openstack/monasca-api refs/changes/18/240018/2 && git format-patch -1 --stdout FETCH_HEAD > 1.patch +# args: +# chdir: "{{ monasca_python_dir }}/monasca-api" +# when: (monasca_api_clone|changed) +# +#- name: python | apply required patch for monasca-api +# shell: git apply 1.patch +# args: +# chdir: "{{ monasca_python_dir }}/monasca-api" +# when: (monasca_api_clone|changed) + +# ---- end of patch section + +- name: python | create a source distribution + shell: python setup.py sdist + args: + chdir: "{{ monasca_python_dir }}/monasca-api" + creates: "{{ monasca_python_dir }}/monasca-api/dist" + register: monasca_api_sdist + +- name: python | register source distribution + shell: ls -td {{ monasca_python_dir }}/monasca-api/dist/monasca-api-*.tar.gz + register: monasca_api_src_dist + when: (monasca_api_sdist|changed) + +- name: python | pip install monasca-api + pip: > + name={{ monasca_api_src_dist.stdout }} + virtualenv={{ monasca_virtualenv_dir }} + extra_args='--pre --allow-all-external --allow-unverified simport' + notify: + - restart monasca-api + when: (monasca_api_sdist|changed) + +- name: python | find monasca_api in virtualenv + shell: find $(pwd)/lib -name monasca_api + args: + chdir: "{{ monasca_virtualenv_dir }}" + register: venv_monasca_api + +- name: python | symlink python API + file: > + src={{ venv_monasca_api.stdout }} + dest={{ monasca_python_dir }}/monasca_api + owner=root + group=root + state=link diff --git a/tasks/python_main.yml b/tasks/python_main.yml new file mode 100644 index 0000000..3fa0d3d --- /dev/null +++ b/tasks/python_main.yml @@ -0,0 +1,6 @@ +--- +# ©Copyright 2015 Hewlett-Packard Development Company, L.P. + +- name: python | set API bind host if not specified + set_fact: monasca_api_bind_host="{{ monasca_api_host }}" + when: not (monasca_api_bind_host | default(False)) diff --git a/templates/monasca-api.conf.j2 b/templates/monasca-api.conf.j2 index bbc4df6..d4e5e18 100644 --- a/templates/monasca-api.conf.j2 +++ b/templates/monasca-api.conf.j2 @@ -1,6 +1,23 @@ +# +# (C) Copyright 2015 Hewlett Packard Enterprise Development Company LP +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + # Startup script for the Monasca API -description "Monasca API java app" +description "Monasca API Java app" start on runlevel [2345] console log diff --git a/templates/python.api-config.conf.j2 b/templates/python.api-config.conf.j2 new file mode 100644 index 0000000..aeeff48 --- /dev/null +++ b/templates/python.api-config.conf.j2 @@ -0,0 +1,116 @@ +[DEFAULT] +# logging, make sure that the user under whom the server runs has permission +# to write to the directory. +log_file = {{ monasca_api_log_file }} +log_dir = {{ api_log_dir }} +debug = {{ api_debug }} + +# Identifies the region that the Monasca API is running in. +region = {{ api_region }} + +# Dispatchers to be loaded to serve restful APIs +[dispatcher] +versions = monasca_api.v2.reference.versions:Versions +metrics = monasca_api.v2.reference.metrics:Metrics +metrics_measurements = monasca_api.v2.reference.metrics:MetricsMeasurements +metrics_statistics = monasca_api.v2.reference.metrics:MetricsStatistics +metrics_names = monasca_api.v2.reference.metrics:MetricsNames +alarm_definitions = monasca_api.v2.reference.alarm_definitions:AlarmDefinitions +alarms = monasca_api.v2.reference.alarms:Alarms +alarms_state_history = monasca_api.v2.reference.alarms:AlarmsStateHistory +notification_methods = monasca_api.v2.reference.notifications:Notifications + +[security] +# The roles that are allowed full access to the API. +default_authorized_roles = {% for role in api_default_authorized_roles %}{{ role }}{% if not loop.last %}, {% endif %}{% endfor %} + +# The roles that are allowed to only POST metrics to the API. This role would be used by the Monasca Agent. +agent_authorized_roles = {% for role in api_agent_authorized_roles %}{{ role }}{% if not loop.last %}, {% endif %}{% endfor %} + +# The roles that are allowed to access the API on behalf of another tenant. +# For example, a service can POST metrics to another tenant if they are a member of the "delegate" role. +delegate_authorized_roles = {% for role in api_delegate_authorized_roles %}{{ role }}{% if not loop.last %}, {% endif %}{% endfor %} + +[messaging] +# The message queue driver to use +driver = monasca_api.common.messaging.kafka_publisher:KafkaPublisher + +[repositories] +# The driver to use for the metrics repository +metrics_driver = monasca_api.common.repositories.influxdb.metrics_repository:MetricsRepository + +# The driver to use for the alarm definitions repository +alarm_definitions_driver = monasca_api.common.repositories.mysql.alarm_definitions_repository:AlarmDefinitionsRepository + +# The driver to use for the alarms repository +alarms_driver = monasca_api.common.repositories.mysql.alarms_repository:AlarmsRepository + +# The driver to use for the notifications repository +notifications_driver = monasca_api.common.repositories.mysql.notifications_repository:NotificationsRepository + +[dispatcher] +driver = v2_reference + +[kafka] +# The endpoint to the kafka server +uri = {{ kafka_hosts }} + +# The topic that metrics will be published too +metrics_topic = metrics + +# consumer group name +group = api + +# how many times to try when error occurs +max_retry = 1 + +# wait time between tries when kafka goes down +wait_time = 1 + +# use synchronous or asynchronous connection to kafka +async = False + +# send messages in bulk or send messages one by one. +compact = False + +# How many partitions this connection should listen messages on, this +# parameter is for reading from kafka. If listens on multiple partitions, +# For example, if the client should listen on partitions 1 and 3, then the +# configuration should look like the following: +# partitions = 1 +# partitions = 3 +# default to listen on partition 0. +partitions = 0 + +[influxdb] +# The IP address of the InfluxDB service. +ip_address = {{ influxdb_url | regex_replace('^https?\://([^:]+):([0-9]+)(/.*)?$', '\\1') }} + +# The port number that the InfluxDB service is listening on. +port = {{ influxdb_url | regex_replace('^https?\://([^:]+):([0-9]+)(/.*)?$', '\\2') }} + +# The username to authenticate with. +user = {{ influxdb_user }} + +# The password to authenticate with. +password = {{ influxdb_password }} + +# The name of the InfluxDB database to use. +database_name = {{ influxdb_db }} + +[mysql] +database_name = {{ mysql_db }} +hostname = {{ mysql_host }} +username = {{ mysql_user }} +password = {{ mysql_password }} + +[keystone_authtoken] +identity_uri = http://{{keystone_host}}:35357 +auth_uri = http://{{keystone_host}}:{{ keystone_port }} +admin_password = {{ keystone_admin_password }} +admin_user = {{ keystone_admin }} +admin_tenant_name = {{ keystone_admin_tenant }} +cafile = +certfile = +keyfile = +insecure = false diff --git a/templates/python.api-config.ini.j2 b/templates/python.api-config.ini.j2 new file mode 100644 index 0000000..3e72470 --- /dev/null +++ b/templates/python.api-config.ini.j2 @@ -0,0 +1,22 @@ +[DEFAULT] +name = monasca_api + +[pipeline:main] +# Add validator in the pipeline so the metrics messages can be validated. +pipeline = auth keystonecontext api + +[app:api] +paste.app_factory = monasca_api.api.server:launch + +[filter:auth] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory + +[filter:keystonecontext] +paste.filter_factory = monasca_api.middleware.keystone_context_filter:filter_factory + +[server:main] +use = egg:gunicorn#main +host = {{ monasca_api_bind_host }} +port = {{ monasca_api_client_port }} +workers = {{ api_gunicorn_workers }} +proc_name = monasca_api diff --git a/templates/python.monasca-api.conf.j2 b/templates/python.monasca-api.conf.j2 new file mode 100644 index 0000000..18b36e9 --- /dev/null +++ b/templates/python.monasca-api.conf.j2 @@ -0,0 +1,33 @@ +# +# (C) Copyright 2015 Hewlett Packard Enterprise Development Company LP +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +#    http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# Startup script for the Monasca API + +description "Monasca API Python app" +start on runlevel [2345] + +console log +respawn + +setgid {{ monasca_group }} +setuid {{ monasca_api_user }} +exec {{ monasca_python_dir }}/bin/gunicorn \ + -k eventlet \ + --worker-connections={{ api_gunicorn_worker_connections }} \ + --backlog={{ api_gunicorn_backlog }} \ + --paste {{ monasca_conf_dir }}/api-config.ini \ + --name monasca-api diff --git a/vars/main.yml b/vars/main.yml index 97d721c..c51e9db 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,6 +1,7 @@ --- # ©Copyright 2015 Hewlett-Packard Development Company, L.P. +keystone_admin_password: admin monasca_api_user: mon-api monasca_conf_dir: /etc/monasca monasca_group: monasca