Add nova_neutron resource.

Includes configuration only classes for nova compute: nova::network::neutron and nova::compute::neutron Combined into the single resource as the latter one is too small (it has only 2 conf params) Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2015-08-03 11:33:38 +02:00 · 2015-08-03 11:33:38 +02:00 · 087b2b7c62
commit 087b2b7c62
parent 81f85f0486
4 changed files with 240 additions and 0 deletions
--- a/resources/nova_neutron_puppet/README.md
+++ b/resources/nova_neutron_puppet/README.md
@ -0,0 +1,109 @@
+# Nova neutron resource for puppet handler
+
+Setup and configure the Nova compute to use Neutron.
+Note, it should only be deployed on compute nodes.
+Also manage the network driver to use for compute guests
+This will use virtio for VM guests and the specified driver for the VIF.
+
+# Parameters
+
+source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/compute/neutron.pp
+
+ ``libvirt_vif_driver``
+   (optional) The libvirt VIF driver to configure the VIFs.
+   Defaults to 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver'.
+
+ ``force_snat_range``
+  (optional) Force SNAT rule to specified network for nova-network
+  Default to 0.0.0.0/0
+  Due to architecture constraints in nova_config, it's not possible to setup
+  more than one SNAT rule though initial parameter is MultiStrOpt
+
+source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/network/neutron.pp
+
+ ``neutron_admin_password``
+   (required) Password for connecting to Neutron network services in
+   admin context through the OpenStack Identity service.
+
+ ``neutron_auth_strategy``
+   (optional) Should be kept as default 'keystone' for all production deployments.
+   Defaults to 'keystone'
+
+ ``neutron_url``
+   (optional) URL for connecting to the Neutron networking service.
+   Defaults to 'http://127.0.0.1:9696'
+
+ ``neutron_url_timeout``
+   (optional) Timeout value for connecting to neutron in seconds.
+   Defaults to '30'
+
+ ``neutron_admin_tenant_name``
+   (optional) Tenant name for connecting to Neutron network services in
+   admin context through the OpenStack Identity service.
+   Defaults to 'services'
+
+ ``neutron_default_tenant_id``
+   (optional) Default tenant id when creating neutron networks
+   Defaults to 'default'
+
+ ``neutron_region_name``
+   (optional) Region name for connecting to neutron in admin context
+   through the OpenStack Identity service.
+   Defaults to 'RegionOne'
+
+ ``neutron_admin_username``
+   (optional) Username for connecting to Neutron network services in admin context
+   through the OpenStack Identity service.
+   Defaults to 'neutron'
+
+ ``neutron_ovs_bridge``
+   (optional) Name of Integration Bridge used by Open vSwitch
+   Defaults to 'br-int'
+
+ ``neutron_extension_sync_interval``
+   (optional) Number of seconds before querying neutron for extensions
+   Defaults to '600'
+
+ ``neutron_ca_certificates_file``
+   (optional) Location of ca certicates file to use for neutronclient requests.
+   Defaults to 'None'
+
+ ``neutron_admin_auth_url``
+   (optional) Points to the OpenStack Identity server IP and port.
+   This is the Identity (keystone) admin API server IP and port value,
+   and not the Identity service API IP and port.
+   Defaults to 'http://127.0.0.1:35357/v2.0'
+
+ ``network_api_class``
+   (optional) The full class name of the network API class.
+   The default configures Nova to use Neutron for the network API.
+   Defaults to 'nova.network.neutronv2.api.API'
+
+ ``security_group_api``
+   (optional) The full class name of the security API class.
+   The default configures Nova to use Neutron for security groups.
+   Set to 'nova' to use standard Nova security groups.
+   Defaults to 'neutron'
+
+ ``firewall_driver``
+   (optional) Firewall driver.
+   This prevents nova from maintaining a firewall so it does not interfere
+   with Neutron's. Set to 'nova.virt.firewall.IptablesFirewallDriver'
+   to re-enable the Nova firewall.
+   Defaults to 'nova.virt.firewall.NoopFirewallDriver'
+
+ ``vif_plugging_is_fatal``
+   (optional) Fail to boot instance if vif plugging fails.
+   This prevents nova from booting an instance if vif plugging notification
+   is not received from neutron.
+   Defaults to 'True'
+
+ ``vif_plugging_timeout``
+   (optional) Number of seconds to wait for neutron vif plugging events.
+   Set to '0' and vif_plugging_is_fatal to 'False' if vif plugging
+   notification is not being used.
+   Defaults to '300'
+
+ ``dhcp_domain``
+   (optional) domain to use for building the hostnames
+   Defaults to 'novalocal'
--- a/resources/nova_neutron_puppet/actions/remove.pp
+++ b/resources/nova_neutron_puppet/actions/remove.pp
@ -0,0 +1 @@
+notify { "Nothing to remove here": }
--- a/resources/nova_neutron_puppet/actions/run.pp
+++ b/resources/nova_neutron_puppet/actions/run.pp
@ -0,0 +1,49 @@
+$resource = hiera($::resource_name)
+
+$libvirt_vif_driver               = $resource['input']['libvirt_vif_driver']['value']
+$force_snat_range                 = $resource['input']['force_snat_range']['value']
+$neutron_admin_password           = $resource['input']['neutron_admin_password']['value']
+$neutron_auth_strategy            = $resource['input']['neutron_auth_strategy']['value']
+$neutron_url                      = $resource['input']['neutron_url']['value']
+$neutron_url_timeout              = $resource['input']['neutron_url_timeout']['value']
+$neutron_admin_tenant_name        = $resource['input']['neutron_admin_tenant_name']['value']
+$neutron_default_tenant_id        = $resource['input']['neutron_default_tenant_id']['value']
+$neutron_region_name              = $resource['input']['neutron_region_name']['value']
+$neutron_admin_username           = $resource['input']['neutron_admin_username']['value']
+$neutron_admin_auth_url           = $resource['input']['neutron_admin_auth_url']['value']
+$neutron_ovs_bridge               = $resource['input']['neutron_ovs_bridge']['value']
+$neutron_extension_sync_interval  = $resource['input']['neutron_extension_sync_interval']['value']
+$neutron_ca_certificates_file     = $resource['input']['neutron_ca_certificates_file']['value']
+$network_api_class                = $resource['input']['network_api_class']['value']
+$security_group_api               = $resource['input']['security_group_api']['value']
+$firewall_driver                  = $resource['input']['firewall_driver']['value']
+$vif_plugging_is_fatal            = $resource['input']['vif_plugging_is_fatal']['value']
+$vif_plugging_timeout             = $resource['input']['vif_plugging_timeout']['value']
+$dhcp_domain                      = $resource['input']['dhcp_domain']['value']
+
+
+class { 'nova::compute::neutron':
+  libvirt_vif_driver               => $libvirt_vif_driver,
+  force_snat_range                 => $force_snat_range,
+}
+
+class { 'nova::network::neutron':
+  neutron_admin_password           => $neutron_admin_password,
+  neutron_auth_strategy            => $neutron_auth_strategy,
+  neutron_url                      => $neutron_url,
+  neutron_url_timeout              => $neutron_url_timeout,
+  neutron_admin_tenant_name        => $neutron_admin_tenant_name,
+  neutron_default_tenant_id        => $neutron_default_tenant_id,
+  neutron_region_name              => $neutron_region_name,
+  neutron_admin_username           => $neutron_admin_username,
+  neutron_admin_auth_url           => $neutron_admin_auth_url,
+  neutron_ovs_bridge               => $neutron_ovs_bridge,
+  neutron_extension_sync_interval  => $neutron_extension_sync_interval,
+  neutron_ca_certificates_file     => $neutron_ca_certificates_file,
+  network_api_class                => $network_api_class,
+  security_group_api               => $security_group_api,
+  firewall_driver                  => $firewall_driver,
+  vif_plugging_is_fatal            => $vif_plugging_is_fatal,
+  vif_plugging_timeout             => $vif_plugging_timeout,
+  dhcp_domain                      => $dhcp_domain,
+}
--- a/resources/nova_neutron_puppet/meta.yaml
+++ b/resources/nova_neutron_puppet/meta.yaml
@ -0,0 +1,81 @@
+id: nova_neutron
+handler: puppet
+puppet_module: nova
+version: 1.0.0
+input:
+    libvirt_vif_driver:
+      schema: str
+      value: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver'
+    force_snat_range:
+      schema: str
+      value: '0.0.0.0/0'
+    neutron_admin_password:
+      schema: str
+      value: 'neutron'
+    neutron_auth_strategy:
+      schema: str
+      value: 'keystone'
+    neutron_url:
+      schema: str
+      value: 'http://127.0.0.1:9696'
+    neutron_url_timeout:
+      schema: int
+      value: 30
+    neutron_admin_tenant_name:
+      schema: str
+      value: 'services'
+    neutron_default_tenant_id:
+      schema: str
+      value: 'default'
+    neutron_region_name:
+      schema: str
+      value: 'RegionOne'
+    neutron_admin_username:
+      schema: str
+      value: 'neutron'
+    neutron_admin_auth_url:
+      schema: str
+      value: 'http://127.0.0.1:35357/v2.0'
+    neutron_ovs_bridge:
+      schema: str
+      value: 'br-int'
+    neutron_extension_sync_interval:
+      schema: int
+      value: 600
+    neutron_ca_certificates_file:
+      schema: str
+      value: ''
+    network_api_class:
+      schema: str
+      value: 'nova.network.neutronv2.api.API'
+    security_group_api:
+      schema: str
+      value: 'neutron'
+    firewall_driver:
+      schema: str
+      value: 'nova.virt.firewall.NoopFirewallDriver'
+    vif_plugging_is_fatal:
+      schema: bool
+      value: true
+    vif_plugging_timeout:
+      schema: int
+      value: 300
+    dhcp_domain:
+      schema: str
+      value: 'novalocal'
+
+    git:
+      schema: {repository: str!, branch: str!}
+      value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'}
+
+    ip:
+      schema: str!
+      value:
+    ssh_key:
+      schema: str!
+      value:
+    ssh_user:
+      schema: str!
+      value:
+
+tags: [resource/nova_neutron_service, resources/nova_neutron, resources/nova_compute, resources/nova]