Decouple neutron resource
* Use neutron base and API(server) resources * Add db and db user for neutron composition layer Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
This commit is contained in:
parent
d04585ede9
commit
8be490610c
@ -158,9 +158,27 @@ def setup_resources():
|
||||
signals.connect(admin_user, openrc, {'user_name': 'user_name','user_password':'password', 'tenant_name': 'tenant'})
|
||||
|
||||
# NEUTRON
|
||||
# TODO: vhost cannot be specified in neutron Puppet manifests so this user has to be admin anyways
|
||||
# Deploy chain neutron -> neutron_server -> ( agents & plugins )
|
||||
neutron_puppet = vr.create('neutron_puppet', 'resources/neutron_puppet', {})[0]
|
||||
signals.connect(node1, neutron_puppet)
|
||||
signals.connect(rabbitmq_service1, neutron_puppet, {
|
||||
'ip': 'rabbitmq_host',
|
||||
'port': 'rabbitmq_port'
|
||||
})
|
||||
signals.connect(openstack_rabbitmq_user, neutron_puppet, {
|
||||
'user_name': 'rabbitmq_user',
|
||||
'password': 'rabbitmq_password'})
|
||||
signals.connect(openstack_vhost, neutron_puppet, {
|
||||
'vhost_name': 'rabbitmq_virtual_host'})
|
||||
|
||||
# NEUTRON API (SERVER)
|
||||
neutron_server_puppet = vr.create('neutron_server_puppet', 'resources/neutron_server_puppet', {
|
||||
'sync_db': True,
|
||||
})[0]
|
||||
neutron_db = vr.create('neutron_db', 'resources/mariadb_db/', {
|
||||
'db_name': 'neutron_db', 'login_user': 'root'})[0]
|
||||
neutron_db_user = vr.create('neutron_db_user', 'resources/mariadb_user/', {
|
||||
'user_name': 'neutron', 'user_password': 'neutron', 'login_user': 'root'})[0]
|
||||
neutron_keystone_user = vr.create('neutron_keystone_user', 'resources/keystone_user', {
|
||||
'user_name': 'neutron',
|
||||
'user_password': 'neutron'
|
||||
@ -177,24 +195,29 @@ def setup_resources():
|
||||
'type': 'network'
|
||||
})[0]
|
||||
|
||||
signals.connect(node1, neutron_puppet)
|
||||
signals.connect(rabbitmq_service1, neutron_puppet, {
|
||||
'ip': 'rabbitmq_host',
|
||||
'port': 'rabbitmq_port'
|
||||
signals.connect(node1, neutron_db)
|
||||
signals.connect(node1, neutron_db_user)
|
||||
signals.connect(mariadb_service1, neutron_db, {
|
||||
'port': 'login_port',
|
||||
'root_password': 'login_password',
|
||||
'root_user': 'login_user',
|
||||
'ip' : 'db_host'})
|
||||
signals.connect(mariadb_service1, neutron_db_user, {'port': 'login_port', 'root_password': 'login_password'})
|
||||
signals.connect(neutron_db, neutron_db_user, {'db_name', 'db_host'})
|
||||
signals.connect(neutron_db_user, neutron_server_puppet, {
|
||||
'user_name':'db_user',
|
||||
'db_name':'db_name',
|
||||
'user_password':'db_password',
|
||||
'db_host' : 'db_host'})
|
||||
signals.connect(node1, neutron_server_puppet)
|
||||
signals.connect(admin_user, neutron_server_puppet, {
|
||||
'user_name': 'auth_user',
|
||||
'user_password': 'auth_password',
|
||||
'tenant_name': 'auth_tenant'
|
||||
})
|
||||
signals.connect(openstack_rabbitmq_user, neutron_puppet, {
|
||||
'user_name': 'rabbitmq_user',
|
||||
'password': 'rabbitmq_password'})
|
||||
signals.connect(openstack_vhost, neutron_puppet, {
|
||||
'vhost_name': 'rabbitmq_virtual_host'})
|
||||
signals.connect(admin_user, neutron_puppet, {
|
||||
'user_name': 'keystone_user',
|
||||
'user_password': 'keystone_password',
|
||||
'tenant_name': 'keystone_tenant'
|
||||
})
|
||||
signals.connect(keystone_puppet, neutron_puppet, {
|
||||
'ip': 'keystone_host',
|
||||
'port': 'keystone_port'
|
||||
signals.connect(keystone_puppet, neutron_server_puppet, {
|
||||
'ip': 'auth_host',
|
||||
'port': 'auth_port'
|
||||
})
|
||||
signals.connect(services_tenant, neutron_keystone_user)
|
||||
signals.connect(neutron_keystone_user, neutron_keystone_role)
|
||||
@ -207,7 +230,7 @@ def setup_resources():
|
||||
})
|
||||
signals.connect(neutron_puppet, neutron_keystone_service_endpoint, {
|
||||
'ip': ['admin_ip', 'internal_ip', 'public_ip'],
|
||||
'port': ['admin_port', 'internal_port', 'public_port'],
|
||||
'bind_port': ['admin_port', 'internal_port', 'public_port'],
|
||||
})
|
||||
|
||||
# CINDER
|
||||
@ -508,10 +531,13 @@ resources_to_run = [
|
||||
'keystone_service_endpoint',
|
||||
'services_tenant',
|
||||
|
||||
'neutron_db',
|
||||
'neutron_db_user',
|
||||
'neutron_keystone_user',
|
||||
'neutron_keystone_role',
|
||||
'neutron_puppet',
|
||||
'neutron_keystone_service_endpoint',
|
||||
'neutron_server_puppet',
|
||||
|
||||
'cinder_db',
|
||||
'cinder_db_user',
|
||||
|
194
resources/neutron_puppet/README.md
Normal file
194
resources/neutron_puppet/README.md
Normal file
@ -0,0 +1,194 @@
|
||||
# Neutron puppet resource
|
||||
|
||||
Installs the neutron package and configures
|
||||
/etc/neutron/neutron.conf for SSL, AMQP, logging, service plugins and other stuff.
|
||||
Does not produce any services.
|
||||
|
||||
# Parameters:
|
||||
|
||||
source https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/init.pp
|
||||
|
||||
``package_ensure``
|
||||
(optional) The state of the package
|
||||
Defaults to 'present'
|
||||
|
||||
``verbose``
|
||||
(optional) Verbose logging
|
||||
Defaults to False
|
||||
|
||||
``debug``
|
||||
(optional) Print debug messages in the logs
|
||||
Defaults to False
|
||||
|
||||
``bind_host``
|
||||
(optional) The IP/interface to bind to
|
||||
Defaults to 0.0.0.0 (all interfaces)
|
||||
|
||||
``bind_port``
|
||||
(optional) The port to use
|
||||
Defaults to 9696
|
||||
|
||||
``core_plugin``
|
||||
(optional) Neutron plugin provider
|
||||
Defaults to openvswitch
|
||||
Could be bigswitch, brocade, cisco, embrane, hyperv, linuxbridge, midonet, ml2, mlnx, nec, nicira, plumgrid, ryu
|
||||
|
||||
``service_plugins``
|
||||
(optional) Advanced service modules.
|
||||
Could be an array that can have these elements:
|
||||
router, firewall, lbaas, vpnaas, metering
|
||||
Defaults to empty
|
||||
|
||||
``auth_strategy``
|
||||
(optional) How to authenticate
|
||||
Defaults to 'keystone'. 'noauth' is the only other valid option
|
||||
|
||||
``base_mac``
|
||||
(optional) The MAC address pattern to use.
|
||||
Defaults to fa:16:3e:00:00:00
|
||||
|
||||
``mac_generation_retries``
|
||||
(optional) How many times to try to generate a unique mac
|
||||
Defaults to 16
|
||||
|
||||
``dhcp_lease_duration``
|
||||
(optional) DHCP lease
|
||||
Defaults to 86400 seconds
|
||||
|
||||
``dhcp_agents_per_network``
|
||||
(optional) Number of DHCP agents scheduled to host a network.
|
||||
This enables redundant DHCP agents for configured networks.
|
||||
Defaults to 1
|
||||
|
||||
``network_device_mtu``
|
||||
(optional) The MTU size for the interfaces managed by neutron
|
||||
Defaults to undef
|
||||
|
||||
``dhcp_agent_notification``
|
||||
(optional) Allow sending resource operation notification to DHCP agent.
|
||||
Defaults to true
|
||||
|
||||
``allow_bulk``
|
||||
(optional) Enable bulk crud operations
|
||||
Defaults to true
|
||||
|
||||
``allow_pagination``
|
||||
(optional) Enable pagination
|
||||
Defaults to false
|
||||
|
||||
``allow_sorting``
|
||||
(optional) Enable sorting
|
||||
Defaults to false
|
||||
|
||||
``allow_overlapping_ips``
|
||||
(optional) Enables network namespaces
|
||||
Defaults to false
|
||||
|
||||
``api_extensions_path``
|
||||
(optional) Specify additional paths for API extensions that the
|
||||
module in use needs to load.
|
||||
Defaults to undef
|
||||
|
||||
``report_interval``
|
||||
(optional) Seconds between nodes reporting state to server; should be less than
|
||||
agent_down_time, best if it is half or less than agent_down_time.
|
||||
agent_down_time is a config for neutron-server, set by class neutron::server
|
||||
report_interval is a config for neutron agents, set by class neutron
|
||||
Defaults to: 30
|
||||
|
||||
``control_exchange``
|
||||
(optional) What RPC queue/exchange to use
|
||||
Defaults to neutron
|
||||
|
||||
``rpc_backend``
|
||||
(optional) what rpc/queuing service to use
|
||||
Defaults to impl_kombu (rabbitmq)
|
||||
|
||||
``rabbit_password``
|
||||
``rabbit_host``
|
||||
``rabbit_port``
|
||||
``rabbit_user``
|
||||
(optional) Various rabbitmq settings
|
||||
|
||||
``rabbit_hosts``
|
||||
(optional) array of rabbitmq servers for HA.
|
||||
A single IP address, such as a VIP, can be used for load-balancing
|
||||
multiple RabbitMQ Brokers.
|
||||
Defaults to false
|
||||
|
||||
``rabbit_use_ssl``
|
||||
(optional) Connect over SSL for RabbitMQ
|
||||
Defaults to false
|
||||
|
||||
``kombu_ssl_ca_certs``
|
||||
(optional) SSL certification authority file (valid only if SSL enabled).
|
||||
Defaults to undef
|
||||
|
||||
``kombu_ssl_certfile``
|
||||
(optional) SSL cert file (valid only if SSL enabled).
|
||||
Defaults to undef
|
||||
|
||||
``kombu_ssl_keyfile``
|
||||
(optional) SSL key file (valid only if SSL enabled).
|
||||
Defaults to undef
|
||||
|
||||
``kombu_ssl_version``
|
||||
(optional) SSL version to use (valid only if SSL enabled).
|
||||
Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be
|
||||
available on some distributions.
|
||||
Defaults to 'TLSv1'
|
||||
|
||||
``kombu_reconnect_delay``
|
||||
(optional) The amount of time to wait before attempting to reconnect
|
||||
to MQ provider. This is used in some cases where you may need to wait
|
||||
for the provider to propery premote the master before attempting to
|
||||
reconnect. See https://review.openstack.org/#/c/76686
|
||||
Defaults to '1.0'
|
||||
|
||||
``qpid_hostname``
|
||||
``qpid_port``
|
||||
``qpid_username``
|
||||
``qpid_password``
|
||||
``qpid_heartbeat``
|
||||
``qpid_protocol``
|
||||
``qpid_tcp_nodelay``
|
||||
``qpid_reconnect``
|
||||
``qpid_reconnect_timeout``
|
||||
``qpid_reconnect_limit``
|
||||
``qpid_reconnect_interval``
|
||||
``qpid_reconnect_interval_min``
|
||||
``qpid_reconnect_interval_max``
|
||||
(optional) various QPID options
|
||||
|
||||
``use_ssl``
|
||||
(optinal) Enable SSL on the API server
|
||||
Defaults to false, not set
|
||||
|
||||
``cert_file``
|
||||
(optinal) certificate file to use when starting api server securely
|
||||
defaults to false, not set
|
||||
|
||||
``key_file``
|
||||
(optional) Private key file to use when starting API server securely
|
||||
Defaults to false, not set
|
||||
|
||||
``ca_file``
|
||||
(optional) CA certificate file to use to verify connecting clients
|
||||
Defaults to false, not set
|
||||
|
||||
``use_syslog``
|
||||
(optional) Use syslog for logging
|
||||
Defaults to false
|
||||
|
||||
``log_facility``
|
||||
(optional) Syslog facility to receive log lines
|
||||
Defaults to LOG_USER
|
||||
|
||||
``log_file``
|
||||
(optional) Where to log
|
||||
Defaults to false
|
||||
|
||||
``log_dir``
|
||||
(optional) Directory where logs should be stored
|
||||
If set to boolean false, it will not log to any directory
|
||||
Defaults to /var/log/neutron
|
@ -1,22 +1,5 @@
|
||||
$resource = hiera('{{ resource_name }}')
|
||||
|
||||
$rabbitmq_user = $resource['input']['rabbitmq_user']['value']
|
||||
$rabbitmq_password = $resource['input']['rabbitmq_password']['value']
|
||||
$rabbitmq_host = $resource['input']['rabbitmq_host']['value']
|
||||
$rabbitmq_port = $resource['input']['rabbitmq_port']['value']
|
||||
|
||||
class { 'neutron::server':
|
||||
enabled => false,
|
||||
package_ensure => 'absent',
|
||||
auth_type => 'noauth'
|
||||
}
|
||||
|
||||
class { 'neutron':
|
||||
enabled => false,
|
||||
package_ensure => 'absent',
|
||||
rabbit_user => $rabbitmq_user,
|
||||
rabbit_password => $rabbitmq_password,
|
||||
rabbit_host => $rabbitmq_host,
|
||||
rabbit_port => $rabbitmq_port
|
||||
}
|
||||
|
||||
enabled => false,
|
||||
package_ensure => 'absent',
|
||||
rabbit_password => 'not important as removed',
|
||||
}
|
@ -2,45 +2,119 @@ $resource = hiera($::resource_name)
|
||||
|
||||
$ip = $resource['input']['ip']['value']
|
||||
|
||||
$rabbitmq_user = $resource['input']['rabbitmq_user']['value']
|
||||
$rabbitmq_password = $resource['input']['rabbitmq_password']['value']
|
||||
$rabbitmq_host = $resource['input']['rabbitmq_host']['value']
|
||||
$rabbitmq_port = $resource['input']['rabbitmq_port']['value']
|
||||
$rabbitmq_virtual_host = $resource['input']['rabbitmq_virtual_host']['value']
|
||||
|
||||
$keystone_host = $resource['input']['keystone_host']['value']
|
||||
$keystone_port = $resource['input']['keystone_port']['value']
|
||||
$keystone_user = $resource['input']['keystone_user']['value']
|
||||
$keystone_password = $resource['input']['keystone_password']['value']
|
||||
$keystone_tenant = $resource['input']['keystone_tenant']['value']
|
||||
$package_ensure = $resource['input']['package_ensure']['value']
|
||||
$verbose = $resource['input']['verbose']['value']
|
||||
$debug = $resource['input']['debug']['value']
|
||||
$bind_host = $resource['input']['bind_host']['value']
|
||||
$bind_port = $resource['input']['bind_port']['value']
|
||||
$core_plugin = $resource['input']['core_plugin']['value']
|
||||
$service_plugins = $resource['input']['service_plugins']['value']
|
||||
$auth_strategy = $resource['input']['auth_strategy']['value']
|
||||
$base_mac = $resource['input']['base_mac']['value']
|
||||
$mac_generation_retries = $resource['input']['mac_generation_retries']['value']
|
||||
$dhcp_lease_duration = $resource['input']['dhcp_lease_duration']['value']
|
||||
$dhcp_agents_per_network = $resource['input']['dhcp_agents_per_network']['value']
|
||||
$network_device_mtu = $resource['input']['network_device_mtu']['value']
|
||||
$dhcp_agent_notification = $resource['input']['dhcp_agent_notification']['value']
|
||||
$allow_bulk = $resource['input']['allow_bulk']['value']
|
||||
$allow_pagination = $resource['input']['allow_pagination']['value']
|
||||
$allow_sorting = $resource['input']['allow_sorting']['value']
|
||||
$allow_overlapping_ips = $resource['input']['allow_overlapping_ips']['value']
|
||||
$api_extensions_path = $resource['input']['api_extensions_path']['value']
|
||||
$root_helper = $resource['input']['root_helper']['value']
|
||||
$report_interval = $resource['input']['report_interval']['value']
|
||||
$control_exchange = $resource['input']['control_exchange']['value']
|
||||
$rpc_backend = $resource['input']['rpc_backend']['value']
|
||||
$rabbit_password = $resource['input']['rabbit_password']['value']
|
||||
$rabbit_host = $resource['input']['rabbit_host']['value']
|
||||
$rabbit_hosts = $resource['input']['rabbit_hosts']['value']
|
||||
$rabbit_port = $resource['input']['rabbit_port']['value']
|
||||
$rabbit_user = $resource['input']['rabbit_user']['value']
|
||||
$rabbit_virtual_host = $resource['input']['rabbit_virtual_host']['value']
|
||||
$rabbit_use_ssl = $resource['input']['rabbit_use_ssl']['value']
|
||||
$kombu_ssl_ca_certs = $resource['input']['kombu_ssl_ca_certs']['value']
|
||||
$kombu_ssl_certfile = $resource['input']['kombu_ssl_certfile']['value']
|
||||
$kombu_ssl_keyfile = $resource['input']['kombu_ssl_keyfile']['value']
|
||||
$kombu_ssl_version = $resource['input']['kombu_ssl_version']['value']
|
||||
$kombu_reconnect_delay = $resource['input']['kombu_reconnect_delay']['value']
|
||||
$qpid_hostname = $resource['input']['qpid_hostname']['value']
|
||||
$qpid_port = $resource['input']['qpid_port']['value']
|
||||
$qpid_username = $resource['input']['qpid_username']['value']
|
||||
$qpid_password = $resource['input']['qpid_password']['value']
|
||||
$qpid_heartbeat = $resource['input']['qpid_heartbeat']['value']
|
||||
$qpid_protocol = $resource['input']['qpid_protocol']['value']
|
||||
$qpid_tcp_nodelay = $resource['input']['qpid_tcp_nodelay']['value']
|
||||
$qpid_reconnect = $resource['input']['qpid_reconnect']['value']
|
||||
$qpid_reconnect_timeout = $resource['input']['qpid_reconnect_timeout']['value']
|
||||
$qpid_reconnect_limit = $resource['input']['qpid_reconnect_limit']['value']
|
||||
$qpid_reconnect_interval_min = $resource['input']['qpid_reconnect_interval_min']['value']
|
||||
$qpid_reconnect_interval_max = $resource['input']['qpid_reconnect_interval_max']['value']
|
||||
$qpid_reconnect_interval = $resource['input']['qpid_reconnect_interval']['value']
|
||||
$use_ssl = $resource['input']['use_ssl']['value']
|
||||
$cert_file = $resource['input']['cert_file']['value']
|
||||
$key_file = $resource['input']['key_file']['value']
|
||||
$ca_file = $resource['input']['ca_file']['value']
|
||||
$use_syslog = $resource['input']['use_syslog']['value']
|
||||
$log_facility = $resource['input']['log_facility']['value']
|
||||
$log_file = $resource['input']['log_file']['value']
|
||||
$log_dir = $resource['input']['log_dir']['value']
|
||||
|
||||
class { 'neutron':
|
||||
debug => true,
|
||||
verbose => true,
|
||||
enabled => true,
|
||||
package_ensure => 'present',
|
||||
auth_strategy => 'keystone',
|
||||
rabbit_user => $rabbitmq_user,
|
||||
rabbit_password => $rabbitmq_password,
|
||||
rabbit_host => $rabbitmq_host,
|
||||
rabbit_port => $rabbitmq_port,
|
||||
rabbit_virtual_host => $rabbitmq_virtual_host,
|
||||
service_plugins => ['metering']
|
||||
}
|
||||
|
||||
class { 'neutron::server':
|
||||
enabled => true,
|
||||
package_ensure => 'present',
|
||||
auth_type => 'keystone',
|
||||
auth_password => $keystone_password,
|
||||
auth_user => $keystone_user,
|
||||
auth_tenant => $keystone_tenant
|
||||
}
|
||||
|
||||
class { 'neutron::agents::dhcp': }
|
||||
|
||||
#file { '/etc/neutron/neutron-exports':
|
||||
# owner => 'root',
|
||||
# group => 'root',
|
||||
# content => template('neutron/exports.erb')
|
||||
#}
|
||||
enabled => true,
|
||||
package_ensure => $package_ensure,
|
||||
verbose => $verbose,
|
||||
debug => $debug,
|
||||
bind_host => $bind_host,
|
||||
bind_port => $bind_port,
|
||||
core_plugin => $core_plugin,
|
||||
service_plugins => $service_plugins,
|
||||
auth_strategy => $auth_strategy,
|
||||
base_mac => $base_mac,
|
||||
mac_generation_retries => $mac_generation_retries,
|
||||
dhcp_lease_duration => $dhcp_lease_duration,
|
||||
dhcp_agents_per_network => $dhcp_agents_per_network,
|
||||
network_device_mtu => $network_device_mtu,
|
||||
dhcp_agent_notification => $dhcp_agent_notification,
|
||||
allow_bulk => $allow_bulk,
|
||||
allow_pagination => $allow_pagination,
|
||||
allow_sorting => $allow_sorting,
|
||||
allow_overlapping_ips => $allow_overlapping_ips,
|
||||
api_extensions_path => $api_extensions_path,
|
||||
root_helper => $root_helper,
|
||||
report_interval => $report_interval,
|
||||
control_exchange => $control_exchange,
|
||||
rpc_backend => $rpc_backend,
|
||||
rabbit_password => $rabbit_password,
|
||||
rabbit_host => $rabbit_host,
|
||||
rabbit_hosts => $rabbit_hosts,
|
||||
rabbit_port => $rabbit_port,
|
||||
rabbit_user => $rabbit_user,
|
||||
rabbit_virtual_host => $rabbit_virtual_host,
|
||||
rabbit_use_ssl => $rabbit_use_ssl,
|
||||
kombu_ssl_ca_certs => $kombu_ssl_ca_certs,
|
||||
kombu_ssl_certfile => $kombu_ssl_certfile,
|
||||
kombu_ssl_keyfile => $kombu_ssl_keyfile,
|
||||
kombu_ssl_version => $kombu_ssl_version,
|
||||
kombu_reconnect_delay => $kombu_reconnect_delay,
|
||||
qpid_hostname => $qpid_hostname,
|
||||
qpid_port => $qpid_port,
|
||||
qpid_username => $qpid_username,
|
||||
qpid_password => $qpid_password,
|
||||
qpid_heartbeat => $qpid_heartbeat,
|
||||
qpid_protocol => $qpid_protocol,
|
||||
qpid_tcp_nodelay => $qpid_tcp_nodelay,
|
||||
qpid_reconnect => $qpid_reconnect,
|
||||
qpid_reconnect_timeout => $qpid_reconnect_timeout,
|
||||
qpid_reconnect_limit => $qpid_reconnect_limit,
|
||||
qpid_reconnect_interval_min => $qpid_reconnect_interval_min,
|
||||
qpid_reconnect_interval_max => $qpid_reconnect_interval_max,
|
||||
qpid_reconnect_interval => $qpid_reconnect_interval,
|
||||
use_ssl => $use_ssl,
|
||||
cert_file => $cert_file,
|
||||
key_file => $key_file,
|
||||
ca_file => $ca_file,
|
||||
use_syslog => $use_syslog,
|
||||
log_facility => $log_facility,
|
||||
log_file => $log_file,
|
||||
log_dir => $log_dir,
|
||||
}
|
@ -1,5 +1,5 @@
|
||||
handler: puppet
|
||||
id: 'neutron'
|
||||
id: 'neutron_puppet'
|
||||
input:
|
||||
ip:
|
||||
schema: str!
|
||||
@ -11,45 +11,179 @@ input:
|
||||
schema: str!
|
||||
value:
|
||||
|
||||
# TODO: add vhost!
|
||||
rabbitmq_host:
|
||||
package_ensure:
|
||||
schema: str
|
||||
value: 'present'
|
||||
verbose:
|
||||
schema: bool
|
||||
value: false
|
||||
debug:
|
||||
schema: bool
|
||||
value: false
|
||||
bind_host:
|
||||
schema: str
|
||||
value: '0.0.0.0'
|
||||
bind_port:
|
||||
schema: int
|
||||
value: 9696
|
||||
core_plugin:
|
||||
schema: str
|
||||
value: 'openvswitch'
|
||||
service_plugins:
|
||||
schema: str
|
||||
value: ''
|
||||
auth_strategy:
|
||||
schema: str
|
||||
value: 'keystone'
|
||||
base_mac:
|
||||
schema: str
|
||||
value: 'fa:16:3e:00:00:00'
|
||||
mac_generation_retries:
|
||||
schema: int
|
||||
value: 16
|
||||
dhcp_lease_duration:
|
||||
schema: int
|
||||
value: 86400
|
||||
dhcp_agents_per_network:
|
||||
schema: int
|
||||
value: 1
|
||||
network_device_mtu:
|
||||
schema: str
|
||||
value:
|
||||
dhcp_agent_notification:
|
||||
schema: bool
|
||||
value: true
|
||||
allow_bulk:
|
||||
schema: bool
|
||||
value: true
|
||||
allow_pagination:
|
||||
schema: bool
|
||||
value: false
|
||||
allow_sorting:
|
||||
schema: bool
|
||||
value: false
|
||||
allow_overlapping_ips:
|
||||
schema: bool
|
||||
value: false
|
||||
api_extensions_path:
|
||||
schema: str
|
||||
value:
|
||||
root_helper:
|
||||
schema: str
|
||||
value: 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf'
|
||||
report_interval:
|
||||
schema: int
|
||||
value: 30
|
||||
control_exchange:
|
||||
schema: str
|
||||
value: 'neutron'
|
||||
rpc_backend:
|
||||
schema: str
|
||||
value: 'neutron.openstack.common.rpc.impl_kombu'
|
||||
rabbit_password:
|
||||
schema: str!
|
||||
value:
|
||||
rabbitmq_port:
|
||||
schema: int!
|
||||
rabbit_host:
|
||||
schema: str
|
||||
value: 'localhost'
|
||||
rabbit_hosts:
|
||||
schema: bool
|
||||
value: false
|
||||
rabbit_port:
|
||||
schema: int
|
||||
value: 5672
|
||||
rabbit_user:
|
||||
schema: str
|
||||
value: 'guest'
|
||||
rabbit_virtual_host:
|
||||
schema: str
|
||||
value: '/'
|
||||
rabbit_use_ssl:
|
||||
schema: bool
|
||||
value: false
|
||||
kombu_ssl_ca_certs:
|
||||
schema: str
|
||||
value: ''
|
||||
kombu_ssl_certfile:
|
||||
schema: str
|
||||
value:
|
||||
rabbitmq_user:
|
||||
kombu_ssl_keyfile:
|
||||
schema: str
|
||||
value:
|
||||
kombu_ssl_version:
|
||||
schema: str
|
||||
value: 'TLSv1'
|
||||
kombu_reconnect_delay:
|
||||
schema: str
|
||||
value: '1.0'
|
||||
qpid_hostname:
|
||||
schema: str
|
||||
value: 'localhost'
|
||||
qpid_port:
|
||||
schema: int
|
||||
value: 5672
|
||||
qpid_username:
|
||||
schema: str
|
||||
value: 'guest'
|
||||
qpid_password:
|
||||
schema: str!
|
||||
value: 'guest'
|
||||
qpid_heartbeat:
|
||||
schema: int
|
||||
value: 60
|
||||
qpid_protocol:
|
||||
schema: str
|
||||
value: 'tcp'
|
||||
qpid_tcp_nodelay:
|
||||
schema: bool
|
||||
value: true
|
||||
qpid_reconnect:
|
||||
schema: bool
|
||||
value: true
|
||||
qpid_reconnect_timeout:
|
||||
schema: int
|
||||
value: 0
|
||||
qpid_reconnect_limit:
|
||||
schema: int
|
||||
value: 0
|
||||
qpid_reconnect_interval_min:
|
||||
schema: int
|
||||
value: 0
|
||||
qpid_reconnect_interval_max:
|
||||
schema: int
|
||||
value: 0
|
||||
qpid_reconnect_interval:
|
||||
schema: int
|
||||
value: 0
|
||||
use_ssl:
|
||||
schema: str
|
||||
value: ''
|
||||
cert_file:
|
||||
schema: str
|
||||
value:
|
||||
rabbitmq_password:
|
||||
schema: str!
|
||||
key_file:
|
||||
schema: str
|
||||
value:
|
||||
rabbitmq_virtual_host:
|
||||
schema: str!
|
||||
ca_file:
|
||||
schema: str
|
||||
value:
|
||||
use_syslog:
|
||||
schema: bool
|
||||
value: false
|
||||
log_facility:
|
||||
schema: str
|
||||
value: 'LOG_USER'
|
||||
log_file:
|
||||
schema: str
|
||||
value: ''
|
||||
log_dir:
|
||||
schema: str
|
||||
value: '/var/log/neutron'
|
||||
|
||||
git:
|
||||
schema: {repository: str!, branch: str!}
|
||||
value: {repository: 'https://github.com/openstack/puppet-neutron', branch: 'stable/juno'}
|
||||
value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'}
|
||||
|
||||
port:
|
||||
schema: int!
|
||||
value: 9696
|
||||
|
||||
keystone_host:
|
||||
schema: str!
|
||||
keystone_port:
|
||||
schema: int!
|
||||
value:
|
||||
keystone_user:
|
||||
schema: str!
|
||||
value:
|
||||
keystone_password:
|
||||
schema: str!
|
||||
value:
|
||||
keystone_tenant:
|
||||
schema: str!
|
||||
value:
|
||||
puppet_module: 'neutron'
|
||||
tags: []
|
||||
version: 1.0.0
|
||||
|
170
resources/neutron_server_puppet/README.md
Normal file
170
resources/neutron_server_puppet/README.md
Normal file
@ -0,0 +1,170 @@
|
||||
# Neutron puppet resource
|
||||
|
||||
Setup and configure the neutron API service and endpoint
|
||||
|
||||
# Parameters:
|
||||
|
||||
source https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/server.pp
|
||||
|
||||
``package_ensure``
|
||||
(optional) The state of the package
|
||||
Defaults to present
|
||||
|
||||
``log_file``
|
||||
REMOVED: Use log_file of neutron class instead.
|
||||
|
||||
``log_dir``
|
||||
REMOVED: Use log_dir of neutron class instead.
|
||||
|
||||
``auth_password``
|
||||
(optional) The password to use for authentication (keystone)
|
||||
Defaults to false. Set a value unless you are using noauth
|
||||
|
||||
``auth_type``
|
||||
(optional) What auth system to use
|
||||
Defaults to 'keystone'. Can other be 'noauth'
|
||||
|
||||
``auth_host``
|
||||
(optional) The keystone host
|
||||
Defaults to localhost
|
||||
|
||||
``auth_protocol``
|
||||
(optional) The protocol used to access the auth host
|
||||
Defaults to http.
|
||||
|
||||
``auth_port``
|
||||
(optional) The keystone auth port
|
||||
Defaults to 35357
|
||||
|
||||
``auth_admin_prefix``
|
||||
(optional) The admin_prefix used to admin endpoint of the auth host
|
||||
This allow admin auth URIs like http://auth_host:35357/keystone.
|
||||
(where '/keystone' is the admin prefix)
|
||||
Defaults to false for empty. If defined, should be a string with a leading '/' and no trailing '/'.
|
||||
|
||||
``auth_tenant``
|
||||
(optional) The tenant of the auth user
|
||||
Defaults to services
|
||||
|
||||
``auth_user``
|
||||
(optional) The name of the auth user
|
||||
Defaults to neutron
|
||||
|
||||
``auth_protocol``
|
||||
(optional) The protocol to connect to keystone
|
||||
Defaults to http
|
||||
|
||||
``auth_uri``
|
||||
(optional) Complete public Identity API endpoint.
|
||||
Defaults to: $auth_protocol://$auth_host:5000/
|
||||
|
||||
``database_connection``
|
||||
(optional) Connection url for the neutron database.
|
||||
(Defaults to 'sqlite:////var/lib/neutron/ovs.sqlite')
|
||||
|
||||
``sql_connection``
|
||||
DEPRECATED: Use database_connection instead.
|
||||
|
||||
``connection``
|
||||
DEPRECATED: Use database_connection instead.
|
||||
|
||||
``database_max_retries``
|
||||
(optional) Maximum database connection retries during startup.
|
||||
(Defaults to 10)
|
||||
|
||||
``sql_max_retries``
|
||||
DEPRECATED: Use database_max_retries instead.
|
||||
|
||||
``max_retries``
|
||||
DEPRECATED: Use database_max_retries instead.
|
||||
|
||||
``database_idle_timeout``
|
||||
(optional) Timeout before idle database connections are reaped.
|
||||
Deprecates sql_idle_timeout
|
||||
(Defaults to 3600)
|
||||
|
||||
``sql_idle_timeout``
|
||||
DEPRECATED: Use database_idle_timeout instead.
|
||||
|
||||
``idle_timeout``
|
||||
DEPRECATED: Use database_idle_timeout instead.
|
||||
|
||||
``database_retry_interval``
|
||||
(optional) Interval between retries of opening a database connection.
|
||||
(Defaults to 10)
|
||||
|
||||
``sql_reconnect_interval``
|
||||
DEPRECATED: Use database_retry_interval instead.
|
||||
|
||||
``retry_interval``
|
||||
DEPRECATED: Use database_retry_interval instead.
|
||||
|
||||
``database_min_pool_size``
|
||||
(optional) Minimum number of SQL connections to keep open in a pool.
|
||||
Defaults to: 1
|
||||
|
||||
``database_max_pool_size``
|
||||
(optional) Maximum number of SQL connections to keep open in a pool.
|
||||
Defaults to: 10
|
||||
|
||||
``database_max_overflow``
|
||||
(optional) If set, use this value for max_overflow with sqlalchemy.
|
||||
Defaults to: 20
|
||||
|
||||
``sync_db``
|
||||
(optional) Run neutron-db-manage on api nodes after installing the package.
|
||||
Defaults to false
|
||||
|
||||
``api_workers``
|
||||
(optional) Number of separate worker processes to spawn.
|
||||
The default, count of machine's processors, runs the worker thread in the
|
||||
current process.
|
||||
Greater than 0 launches that number of child processes as workers.
|
||||
The parent process manages them.
|
||||
Defaults to: $::processorcount
|
||||
|
||||
``rpc_workers``
|
||||
(optional) Number of separate RPC worker processes to spawn.
|
||||
The default, count of machine's processors, runs the worker thread in the
|
||||
current process.
|
||||
Greater than 0 launches that number of child processes as workers.
|
||||
The parent process manages them.
|
||||
Defaults to: $::processorcount
|
||||
|
||||
``agent_down_time``
|
||||
(optional) Seconds to regard the agent as down; should be at least twice
|
||||
report_interval, to be sure the agent is down for good.
|
||||
agent_down_time is a config for neutron-server, set by class neutron::server
|
||||
report_interval is a config for neutron agents, set by class neutron
|
||||
Defaults to: 75
|
||||
|
||||
``router_scheduler_driver``
|
||||
(optional) Driver to use for scheduling router to a default L3 agent. Could be:
|
||||
neutron.scheduler.l3_agent_scheduler.ChanceScheduler to schedule a router in a random way
|
||||
neutron.scheduler.l3_agent_scheduler.LeastRoutersScheduler to allocate on an L3 agent with the least number of routers bound.
|
||||
Defaults to: neutron.scheduler.l3_agent_scheduler.ChanceScheduler
|
||||
|
||||
``mysql_module``
|
||||
(optional) Deprecated. Does nothing.
|
||||
|
||||
``router_distributed``
|
||||
(optional) Setting the "router_distributed" flag to "True" will default to the creation
|
||||
of distributed tenant routers.
|
||||
Also can be the type of the router on the create request (admin-only attribute).
|
||||
Defaults to false
|
||||
|
||||
``l3_ha``
|
||||
(optional) Enable high availability for virtual routers.
|
||||
Defaults to false
|
||||
|
||||
``max_l3_agents_per_router``
|
||||
(optional) Maximum number of l3 agents which a HA router will be scheduled on. If set to '0', a router will be scheduled on every agent.
|
||||
Defaults to '3'
|
||||
|
||||
``min_l3_agents_per_router``
|
||||
(optional) Minimum number of l3 agents which a HA router will be scheduled on.
|
||||
Defaults to '2'
|
||||
|
||||
``l3_ha_net_cidr``
|
||||
(optional) CIDR of the administrative network if HA mode is enabled.
|
||||
Defaults to '169.254.192.0/18'
|
5
resources/neutron_server_puppet/actions/remove.pp
Normal file
5
resources/neutron_server_puppet/actions/remove.pp
Normal file
@ -0,0 +1,5 @@
|
||||
class { 'neutron::server':
|
||||
enabled => false,
|
||||
package_ensure => 'absent',
|
||||
auth_password => 'not important as removed',
|
||||
}
|
90
resources/neutron_server_puppet/actions/run.pp
Normal file
90
resources/neutron_server_puppet/actions/run.pp
Normal file
@ -0,0 +1,90 @@
|
||||
$resource = hiera($::resource_name)
|
||||
|
||||
$ip = $resource['input']['ip']['value']
|
||||
|
||||
$db_user = $resource['input']['db_user']['value']
|
||||
$db_host = $resource['input']['db_host']['value']
|
||||
$db_password = $resource['input']['db_password']['value']
|
||||
$db_name = $resource['input']['db_name']['value']
|
||||
|
||||
$package_ensure = $resource['input']['package_ensure']['value']
|
||||
$auth_password = $resource['input']['auth_password']['value']
|
||||
$auth_type = $resource['input']['auth_type']['value']
|
||||
$auth_host = $resource['input']['auth_host']['value']
|
||||
$auth_port = $resource['input']['auth_port']['value']
|
||||
$auth_admin_prefix = $resource['input']['auth_admin_prefix']['value']
|
||||
$auth_tenant = $resource['input']['auth_tenant']['value']
|
||||
$auth_user = $resource['input']['auth_user']['value']
|
||||
$auth_protocol = $resource['input']['auth_protocol']['value']
|
||||
$auth_uri = $resource['input']['auth_uri']['value']
|
||||
$database_connection = $resource['input']['database_connection']['value']
|
||||
$database_max_retries = $resource['input']['database_max_retries']['value']
|
||||
$database_idle_timeout = $resource['input']['database_idle_timeout']['value']
|
||||
$database_retry_interval = $resource['input']['database_retry_interval']['value']
|
||||
$database_min_pool_size = $resource['input']['database_min_pool_size']['value']
|
||||
$database_max_pool_size = $resource['input']['database_max_pool_size']['value']
|
||||
$database_max_overflow = $resource['input']['database_max_overflow']['value']
|
||||
$sync_db = $resource['input']['sync_db']['value']
|
||||
$api_workers = $resource['input']['api_workers']['value']
|
||||
$rpc_workers = $resource['input']['rpc_workers']['value']
|
||||
$agent_down_time = $resource['input']['agent_down_time']['value']
|
||||
$router_scheduler_driver = $resource['input']['router_scheduler_driver']['value']
|
||||
$router_distributed = $resource['input']['router_distributed']['value']
|
||||
$l3_ha = $resource['input']['l3_ha']['value']
|
||||
$max_l3_agents_per_router = $resource['input']['max_l3_agents_per_router']['value']
|
||||
$min_l3_agents_per_router = $resource['input']['min_l3_agents_per_router']['value']
|
||||
$l3_ha_net_cidr = $resource['input']['l3_ha_net_cidr']['value']
|
||||
$mysql_module = $resource['input']['mysql_module']['value']
|
||||
$sql_connection = $resource['input']['sql_connection']['value']
|
||||
$connection = $resource['input']['connection']['value']
|
||||
$sql_max_retries = $resource['input']['sql_max_retries']['value']
|
||||
$max_retries = $resource['input']['max_retries']['value']
|
||||
$sql_idle_timeout = $resource['input']['sql_idle_timeout']['value']
|
||||
$idle_timeout = $resource['input']['idle_timeout']['value']
|
||||
$sql_reconnect_interval = $resource['input']['sql_reconnect_interval']['value']
|
||||
$retry_interval = $resource['input']['retry_interval']['value']
|
||||
$log_dir = $resource['input']['log_dir']['value']
|
||||
$log_file = $resource['input']['log_file']['value']
|
||||
$report_interval = $resource['input']['report_interval']['value']
|
||||
|
||||
class { 'neutron::server':
|
||||
enabled => true,
|
||||
manage_service => true,
|
||||
database_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}",
|
||||
package_ensure => $package_ensure,
|
||||
auth_password => $auth_password,
|
||||
auth_type => $auth_type,
|
||||
auth_host => $auth_host,
|
||||
auth_port => $auth_port,
|
||||
auth_admin_prefix => $auth_admin_prefix,
|
||||
auth_tenant => $auth_tenant,
|
||||
auth_user => $auth_user,
|
||||
auth_protocol => $auth_protocol,
|
||||
auth_uri => $auth_uri,
|
||||
database_max_retries => $database_max_retries,
|
||||
database_idle_timeout => $database_idle_timeout,
|
||||
database_retry_interval => $database_retry_interval,
|
||||
database_min_pool_size => $database_min_pool_size,
|
||||
database_max_pool_size => $database_max_pool_size,
|
||||
database_max_overflow => $database_max_overflow,
|
||||
sync_db => $sync_db,
|
||||
api_workers => $api_workers,
|
||||
rpc_workers => $rpc_workers,
|
||||
agent_down_time => $agent_down_time,
|
||||
router_scheduler_driver => $router_scheduler_driver,
|
||||
router_distributed => $router_distributed,
|
||||
l3_ha => $l3_ha,
|
||||
max_l3_agents_per_router => $max_l3_agents_per_router,
|
||||
min_l3_agents_per_router => $min_l3_agents_per_router,
|
||||
l3_ha_net_cidr => $l3_ha_net_cidr,
|
||||
mysql_module => $mysql_module,
|
||||
sql_max_retries => $sql_max_retries,
|
||||
max_retries => $max_retries,
|
||||
sql_idle_timeout => $sql_idle_timeout,
|
||||
idle_timeout => $idle_timeout,
|
||||
sql_reconnect_interval => $sql_reconnect_interval,
|
||||
retry_interval => $retry_interval,
|
||||
log_dir => $log_dir,
|
||||
log_file => $log_file,
|
||||
report_interval => $report_interval,
|
||||
}
|
151
resources/neutron_server_puppet/meta.yaml
Normal file
151
resources/neutron_server_puppet/meta.yaml
Normal file
@ -0,0 +1,151 @@
|
||||
handler: puppet
|
||||
id: 'neutron_server_puppet'
|
||||
input:
|
||||
ip:
|
||||
schema: str!
|
||||
value: ''
|
||||
ssh_key:
|
||||
schema: str!
|
||||
value: ''
|
||||
ssh_user:
|
||||
schema: str!
|
||||
value: ''
|
||||
|
||||
db_user:
|
||||
schema: str!
|
||||
value:
|
||||
db_password:
|
||||
schema: str!
|
||||
value:
|
||||
db_name:
|
||||
schema: str!
|
||||
value:
|
||||
db_host:
|
||||
schema: str!
|
||||
value:
|
||||
|
||||
package_ensure:
|
||||
schema: str
|
||||
value: 'present'
|
||||
auth_password:
|
||||
schema: str!
|
||||
value: ''
|
||||
auth_type:
|
||||
schema: str
|
||||
value: 'keystone'
|
||||
auth_host:
|
||||
schema: str
|
||||
value: 'localhost'
|
||||
auth_port:
|
||||
schema: int
|
||||
value: 35357
|
||||
auth_admin_prefix:
|
||||
schema: str
|
||||
value: ''
|
||||
auth_tenant:
|
||||
schema: str
|
||||
value: 'services'
|
||||
auth_user:
|
||||
schema: str
|
||||
value: 'neutron'
|
||||
auth_protocol:
|
||||
schema: str
|
||||
value: 'http'
|
||||
auth_uri:
|
||||
schema: str
|
||||
value: ''
|
||||
database_connection:
|
||||
schema: str
|
||||
value: 'sqlite:////var/lib/neutron/ovs.sqlite'
|
||||
database_max_retries:
|
||||
schema: int
|
||||
value: 10
|
||||
database_idle_timeout:
|
||||
schema: int
|
||||
value: 3600
|
||||
database_retry_interval:
|
||||
schema: int
|
||||
value: 10
|
||||
database_min_pool_size:
|
||||
schema: int
|
||||
value: 1
|
||||
database_max_pool_size:
|
||||
schema: int
|
||||
value: 10
|
||||
database_max_overflow:
|
||||
schema: int
|
||||
value: 20
|
||||
sync_db:
|
||||
schema: bool
|
||||
value: false
|
||||
api_workers:
|
||||
schema: int
|
||||
value: 1
|
||||
rpc_workers:
|
||||
schema: int
|
||||
value: 1
|
||||
agent_down_time:
|
||||
schema: int
|
||||
value: 75
|
||||
router_scheduler_driver:
|
||||
schema: str
|
||||
value: 'neutron.scheduler.l3_agent_scheduler.ChanceScheduler'
|
||||
router_distributed:
|
||||
schema: bool
|
||||
value: false
|
||||
l3_ha:
|
||||
schema: bool
|
||||
value: false
|
||||
max_l3_agents_per_router:
|
||||
schema: int
|
||||
value: 3
|
||||
min_l3_agents_per_router:
|
||||
schema: int
|
||||
value: 2
|
||||
l3_ha_net_cidr:
|
||||
schema: str
|
||||
value: '169.254.192.0/18'
|
||||
mysql_module:
|
||||
schema: str
|
||||
value: ''
|
||||
sql_connection:
|
||||
schema: str
|
||||
value: ''
|
||||
connection:
|
||||
schema: str
|
||||
value: ''
|
||||
sql_max_retries:
|
||||
schema: str
|
||||
value: ''
|
||||
max_retries:
|
||||
schema: str
|
||||
value: ''
|
||||
sql_idle_timeout:
|
||||
schema: str
|
||||
value: ''
|
||||
idle_timeout:
|
||||
schema: str
|
||||
value: ''
|
||||
sql_reconnect_interval:
|
||||
schema: str
|
||||
value: ''
|
||||
retry_interval:
|
||||
schema: str
|
||||
value: ''
|
||||
log_dir:
|
||||
schema: str
|
||||
value: ''
|
||||
log_file:
|
||||
schema: str
|
||||
value: ''
|
||||
report_interval:
|
||||
schema: str
|
||||
value: ''
|
||||
|
||||
git:
|
||||
schema: {repository: str!, branch: str!}
|
||||
value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'}
|
||||
|
||||
puppet_module: 'neutron'
|
||||
tags: []
|
||||
version: 1.0.0
|
Loading…
Reference in New Issue
Block a user