Add nova api puppet resource

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2015-07-30 10:10:17 +02:00 · 2015-07-30 10:10:17 +02:00 · 70d9a0502d
commit 70d9a0502d
parent 56263a45ad
6 changed files with 330 additions and 1 deletions
--- a/example-puppet.py
+++ b/example-puppet.py
@ -345,6 +345,15 @@ def deploy():
        'ssh_key': 'ssh_key',
        'ssh_user': 'ssh_user'})

+    # NOVA API
+    nova_api_puppet = vr.create('nova_api_puppet', 'resources/nova_api_puppet', {})[0]
+    signals.connect(node1, nova_api_puppet)
+    signals.connect(nova_puppet, nova_api_puppet, {
+        'keystone_tenant': 'admin_tenant_name',
+        'keystone_user': 'admin_user',
+        'keystone_host': 'auth_host',
+        'keystone_port': 'auth_port'})
+
    # signals.connect(keystone_puppet, nova_network_puppet, {'ip': 'keystone_host', 'port': 'keystone_port'})
    # signals.connect(keystone_puppet, nova_keystone_service_endpoint, {'ip': 'keystone_host', 'admin_port': 'keystone_port', 'admin_token': 'admin_token'})
    # signals.connect(rabbitmq_service1, nova_network_puppet, {'ip': 'rabbitmq_host', 'port': 'rabbitmq_port'})
@ -471,6 +480,7 @@ def deploy():
    actions.resource_action(nova_keystone_role, 'run')
    actions.resource_action(nova_puppet, 'run')
    actions.resource_action(nova_keystone_service_endpoint, 'run')
+    actions.resource_action(nova_api_puppet, 'run')

    actions.resource_action(glance_db, 'run')
    actions.resource_action(glance_db_user, 'run')
@ -500,6 +510,7 @@ def undeploy():
        'nova_db',
        'nova_db_user',
        'nova_keystone_service_endpoint',
+        'nova_api_puppet',
        'nova_puppet',
        'cinder_volume_puppet',
        'cinder_scheduler_puppet',
--- a/resources/nova_api_puppet/README.md
+++ b/resources/nova_api_puppet/README.md
@ -0,0 +1,141 @@
+# Nova API resource for puppet handler
+
+Setup and configure the Nova API service
+
+# Parameters
+
+source https://github.com/openstack/puppet-nova_api/blob/5.1.0/manifests/api.pp
+
+ ``admin_password``
+   (required) The password to set for the nova admin user in keystone
+
+ ``ensure_package``
+   (optional) Whether the nova api package will be installed
+   Defaults to 'present'
+
+ ``auth_strategy``
+   (DEPRECATED) Does nothing and will be removed in Icehouse
+   Defaults to false
+
+ ``auth_host``
+   (optional) The IP of the server running keystone
+   Defaults to '127.0.0.1'
+
+ ``auth_port``
+   (optional) The port to use when authenticating against Keystone
+   Defaults to 35357
+
+ ``auth_protocol``
+   (optional) The protocol to use when authenticating against Keystone
+   Defaults to 'http'
+
+ ``auth_uri``
+   (optional) The uri of a Keystone service to authenticate against
+   Defaults to false
+
+ ``auth_admin_prefix``
+   (optional) Prefix to prepend at the beginning of the keystone path
+   Defaults to false
+
+ ``auth_version``
+   (optional) API version of the admin Identity API endpoint
+   for example, use 'v3.0' for the keystone version 3.0 api
+   Defaults to false
+
+ ``admin_tenant_name``
+   (optional) The name of the tenant to create in keystone for use by the nova services
+   Defaults to 'services'
+
+ ``admin_user``
+   (optional) The name of the user to create in keystone for use by the nova services
+   Defaults to 'nova'
+
+ ``api_bind_address``
+   (optional) IP address for nova-api server to listen
+   Defaults to '0.0.0.0'
+
+ ``metadata_listen``
+   (optional) IP address  for metadata server to listen
+   Defaults to '0.0.0.0'
+
+ ``enabled_apis``
+   (optional) A comma separated list of apis to enable
+   Defaults to 'ec2,osapi_compute,metadata'
+
+ ``keystone_ec2_url``
+   (optional) The keystone url where nova should send requests for ec2tokens
+   Defaults to false
+
+ ``volume_api_class``
+   (optional) The name of the class that nova will use to access volumes. Cinder is the only option.
+   Defaults to 'nova.volume.cinder.API'
+
+ ``use_forwarded_for``
+   (optional) Treat X-Forwarded-For as the canonical remote address. Only
+   enable this if you have a sanitizing proxy.
+   Defaults to false
+
+ ``osapi_compute_workers``
+   (optional) Number of workers for OpenStack API service
+   Defaults to $::processorcount
+
+ ``ec2_workers``
+   (optional) Number of workers for EC2 service
+   Defaults to $::processorcount
+
+ ``metadata_workers``
+   (optional) Number of workers for metadata service
+   Defaults to $::processorcount
+
+ ``conductor_workers``
+   (optional) DEPRECATED. Use workers parameter of nova::conductor
+   Class instead.
+   Defaults to undef
+
+ ``sync_db``
+   (optional) Run nova-manage db sync on api nodes after installing the package.
+   Defaults to true
+
+ ``neutron_metadata_proxy_shared_secret``
+   (optional) Shared secret to validate proxies Neutron metadata requests
+   Defaults to undef
+
+ ``pci_alias``
+   (optional) Pci passthrough for controller:
+   Defaults to undef
+   Example
+   "[ {'vendor_id':'1234', 'product_id':'5678', 'name':'default'}, {...} ]"
+
+ ``ratelimits``
+   (optional) A string that is a semicolon-separated list of 5-tuples.
+   See http://docs.openstack.org/trunk/config-reference/content/configuring-compute-API.html
+   Example: '(POST, "*", .*, 10, MINUTE);(POST, "*/servers", ^/servers, 50, DAY);(PUT, "*", .*, 10, MINUTE)'
+   Defaults to undef
+
+ ``ratelimits_factory``
+   (optional) The rate limiting factory to use
+   Defaults to 'nova.api.openstack.compute.limits:RateLimitingMiddleware.factory'
+
+ ``osapi_v3``
+   (optional) Enable or not Nova API v3
+   Defaults to false
+
+ ``validate``
+   (optional) Whether to validate the service is working after any service refreshes
+   Defaults to false
+
+ ``validation_options``
+   (optional) Service validation options
+   Should be a hash of options defined in openstacklib::service_validation
+   If empty, defaults values are taken from openstacklib function.
+   Default command list nova flavors.
+   Require validate set at True.
+   Example:
+   nova::api::validation_options:
+     nova-api:
+       command: check_nova.py
+       path: /usr/bin:/bin:/usr/sbin:/sbin
+       provider: shell
+       tries: 5
+       try_sleep: 10
+   Defaults to {}
--- a/resources/nova_api_puppet/actions/remove.pp
+++ b/resources/nova_api_puppet/actions/remove.pp
@ -0,0 +1,4 @@
+class { 'nova::api':
+  ensure_package => 'absent',
+  enabled        => false,
+}
--- a/resources/nova_api_puppet/actions/run.pp
+++ b/resources/nova_api_puppet/actions/run.pp
@ -0,0 +1,65 @@
+$resource = hiera($::resource_name)
+
+$ensure_package                        = $resource['input']['ensure_package']['value']
+$auth_strategy                         = $resource['input']['auth_strategy']['value']
+$auth_host                             = $resource['input']['auth_host']['value']
+$auth_port                             = $resource['input']['auth_port']['value']
+$auth_protocol                         = $resource['input']['auth_protocol']['value']
+$auth_uri                              = $resource['input']['auth_uri']['value']
+$auth_admin_prefix                     = $resource['input']['auth_admin_prefix']['value']
+$auth_version                          = $resource['input']['auth_version']['value']
+$admin_tenant_name                     = $resource['input']['admin_tenant_name']['value']
+$admin_user                            = $resource['input']['admin_user']['value']
+$api_bind_address                      = $resource['input']['api_bind_address']['value']
+$metadata_listen                       = $resource['input']['metadata_listen']['value']
+$enabled_apis                          = $resource['input']['enabled_apis']['value']
+$keystone_ec2_url                      = $resource['input']['keystone_ec2_url']['value']
+$volume_api_class                      = $resource['input']['volume_api_class']['value']
+$use_forwarded_for                     = $resource['input']['use_forwarded_for']['value']
+$osapi_compute_workers                 = $resource['input']['osapi_compute_workers']['value']
+$ec2_workers                           = $resource['input']['ec2_workers']['value']
+$metadata_workers                      = $resource['input']['metadata_workers']['value']
+$sync_db                               = $resource['input']['sync_db']['value']
+$neutron_metadata_proxy_shared_secret  = $resource['input']['neutron_metadata_proxy_shared_secret']['value']
+$osapi_v3                              = $resource['input']['osapi_v3']['value']
+$pci_alias                             = $resource['input']['pci_alias']['value']
+$ratelimits                            = $resource['input']['ratelimits']['value']
+$ratelimits_factory                    = $resource['input']['ratelimits_factory']['value']
+$validate                              = $resource['input']['validate']['value']
+$validation_options                    = $resource['input']['validation_options']['value']
+$workers                               = $resource['input']['workers']['value']
+$conductor_workers                     = $resource['input']['conductor_workers']['value']
+
+class { 'nova_api':
+  enabled                               => true,
+  manage_service                        => true,
+  ensure_package                        => $ensure_package,
+  auth_strategy                         => $auth_strategy,
+  auth_host                             => $auth_host,
+  auth_port                             => $auth_port,
+  auth_protocol                         => $auth_protocol,
+  auth_uri                              => $auth_uri,
+  auth_admin_prefix                     => $auth_admin_prefix,
+  auth_version                          => $auth_version,
+  admin_tenant_name                     => $admin_tenant_name,
+  admin_user                            => $admin_user,
+  api_bind_address                      => $api_bind_address,
+  metadata_listen                       => $metadata_listen,
+  enabled_apis                          => $enabled_apis,
+  keystone_ec2_url                      => $keystone_ec2_url,
+  volume_api_class                      => $volume_api_class,
+  use_forwarded_for                     => $use_forwarded_for,
+  osapi_compute_workers                 => $osapi_compute_workers,
+  ec2_workers                           => $ec2_workers,
+  metadata_workers                      => $metadata_workers,
+  sync_db                               => $sync_db,
+  neutron_metadata_proxy_shared_secret  => $neutron_metadata_proxy_shared_secret,
+  osapi_v3                              => $osapi_v3,
+  pci_alias                             => $pci_alias,
+  ratelimits                            => $ratelimits,
+  ratelimits_factory                    => $ratelimits_factory,
+  validate                              => $validate,
+  validation_options                    => $validation_options,
+  workers                               => $workers,
+  conductor_workers                     => $conductor_workers,
+}
--- a/resources/nova_api_puppet/meta.yaml
+++ b/resources/nova_api_puppet/meta.yaml
@ -0,0 +1,108 @@
+id: nova_api
+handler: puppet
+puppet_module: nova
+version: 1.0.0
+input:
+    ensure_package:
+      schema: str
+      value: 'present'
+    auth_strategy:
+      schema: str
+      value: ''
+    auth_host:
+      schema: str
+      value: '127.0.0.1'
+    auth_port:
+      schema: int
+      value: 35357
+    auth_protocol:
+      schema: str
+      value: 'http'
+    auth_uri:
+      schema: str
+      value: ''
+    auth_admin_prefix:
+      schema: str
+      value: ''
+    auth_version:
+      schema: str
+      value: ''
+    admin_tenant_name:
+      schema: str
+      value: 'services'
+    admin_user:
+      schema: str
+      value: 'nova'
+    api_bind_address:
+      schema: str
+      value: '0.0.0.0'
+    metadata_listen:
+      schema: str
+      value: '0.0.0.0'
+    enabled_apis:
+      schema: str
+      value: 'ec2,osapi_compute,metadata'
+    keystone_ec2_url:
+      schema: str
+      value: ''
+    volume_api_class:
+      schema: str
+      value: 'nova.volume.cinder.API'
+    use_forwarded_for:
+      schema: str
+      value: ''
+    osapi_compute_workers:
+      schema: inst
+      value: 1
+    ec2_workers:
+      schema: int
+      value: 1
+    metadata_workers:
+      schema: int
+      value: 1
+    sync_db:
+      schema: bool
+      value: true
+    neutron_metadata_proxy_shared_secret:
+      schema: str
+      value: ''
+    osapi_v3:
+      schema: bool
+      value: false
+    pci_alias:
+      schema: str
+      value: ''
+    ratelimits:
+      schema: str
+      value: ''
+    ratelimits_factory:
+      schema: str
+      value: 'nova.api.openstack.compute.limits:RateLimitingMiddleware.factory'
+    validate:
+      schema: bool
+      value: false
+    validation_options:
+      schema: {}
+      value: {}
+    workers:
+      schema: str
+      value: ''
+    conductor_workers:
+      schema: str
+      value: ''
+
+    git:
+      schema: {repository: str!, branch: str!}
+      value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'}
+
+    ip:
+      schema: str!
+      value:
+    ssh_key:
+      schema: str!
+      value:
+    ssh_user:
+      schema: str!
+      value:
+
+tags: [resource/nova_api_service, resources/nova_api, resources/nova]
--- a/resources/nova_puppet/README.md
+++ b/resources/nova_puppet/README.md
@ -1,4 +1,4 @@
-# Cinder resource for puppet handler
+# Nova resource for puppet handler

 Controlls a live cycle of the nova entities,
 like the main puppet class, auth, DB, AMQP, packages,