diff --git a/example-puppet.py b/example-puppet.py index 7c25955c..4f7ba2c0 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -262,6 +262,14 @@ def setup_resources(): 'external_network_bridge': 'br-floating', })[0] signals.connect(node1, neutron_agents_l3) + neutron_agents_metadata = vr.create('neutron_agents_metadata', 'resources/neutron_agents_metadata_puppet', { + 'shared_secret': 'secret', + })[0] + signals.connect(node1, neutron_agents_metadata) + signals.connect(neutron_server_puppet, neutron_agents_metadata, { + 'auth_host', 'auth_port', 'auth_password', + 'auth_tenant', 'auth_user', + }) # NEUTRON FOR COMPUTE (node2) # Deploy chain neutron -> (plugins) -> ( agents ) @@ -437,6 +445,7 @@ def setup_resources(): 'keystone_password': 'admin_password', 'keystone_host': 'auth_host', 'keystone_port': 'auth_port'}) + signals.connect(nova_api_puppet, neutron_agents_metadata, {'ip': 'metadata_ip'}) # NOVA CONDUCTOR nova_conductor_puppet = vr.create('nova_conductor_puppet', 'resources/nova_conductor_puppet', {})[0] diff --git a/resources/neutron_agents_metadata_puppet/README.md b/resources/neutron_agents_metadata_puppet/README.md new file mode 100644 index 00000000..94cba4c7 --- /dev/null +++ b/resources/neutron_agents_metadata_puppet/README.md @@ -0,0 +1,65 @@ +# Neutron DHCP agent puppet resource + +Setup and configure Neutron metadata agent + +# Parameters + +https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/agents/metadata.pp + + ``auth_password`` + (required) The password for the administrative user. + + ``shared_secret`` + (required) Shared secret to validate proxies Neutron metadata requests. + + ``package_ensure`` + Ensure state of the package. Defaults to 'present'. + + ``debug`` + Debug. Defaults to false. + + ``auth_tenant`` + The administrative user's tenant name. Defaults to 'services'. + + ``auth_user`` + The administrative user name for OpenStack Networking. + Defaults to 'neutron'. + + ``auth_url`` + The URL used to validate tokens. Defaults to 'http://localhost:35357/v2.0'. + Note, for this resource it is decomposed to auth_host and auth_port + due to implementation restrictions + + ``auth_insecure`` + turn off verification of the certificate for ssl (Defaults to false) + + ``auth_ca_cert`` + CA cert to check against with for ssl keystone. (Defaults to undef) + + ``auth_region`` + The authentication region. Defaults to 'RegionOne'. + + ``metadata_ip`` + The IP address of the metadata service. Defaults to '127.0.0.1'. + + ``metadata_port`` + The TCP port of the metadata service. Defaults to 8775. + + ``metadata_workers`` + (optional) Number of separate worker processes to spawn. + The default, count of machine's processors, runs the worker thread in the + current process. + Greater than 0 launches that number of child processes as workers. + The parent process manages them. Having more workers will help to improve performances. + Defaults to: $::processorcount + + ``metadata_backlog`` + (optional) Number of backlog requests to configure the metadata server socket with. + Defaults to 4096 + + ``metadata_memory_cache_ttl`` + (optional) Specifies time in seconds a metadata cache entry is valid in + memory caching backend. + Set to 0 will cause cache entries to never expire. + Set to undef or false to disable cache. + Defaults to 5 \ No newline at end of file diff --git a/resources/neutron_agents_metadata_puppet/actions/remove.pp b/resources/neutron_agents_metadata_puppet/actions/remove.pp new file mode 100644 index 00000000..15000590 --- /dev/null +++ b/resources/neutron_agents_metadata_puppet/actions/remove.pp @@ -0,0 +1,16 @@ +class { 'neutron::agents::metadata': + package_ensure => 'absent', + enabled => false, +} + +include neutron::params + +package { 'neutron': + ensure => 'absent', + name => $::neutron::params::package_name, +} + +# Remove external class dependency +Service <| title == 'neutron-metadata' |> { + require => undef +} \ No newline at end of file diff --git a/resources/neutron_agents_metadata_puppet/actions/run.pp b/resources/neutron_agents_metadata_puppet/actions/run.pp new file mode 100644 index 00000000..ab99d768 --- /dev/null +++ b/resources/neutron_agents_metadata_puppet/actions/run.pp @@ -0,0 +1,53 @@ +$resource = hiera($::resource_name) + +$ip = $resource['input']['ip']['value'] + +$auth_host = $resource['input']['auth_host']['value'] +$auth_port = $resource['input']['auth_port']['value'] + +$auth_password = $resource['input']['auth_password']['value'] +$shared_secret = $resource['input']['shared_secret']['value'] +$package_ensure = $resource['input']['package_ensure']['value'] +$debug = $resource['input']['debug']['value'] +$auth_tenant = $resource['input']['auth_tenant']['value'] +$auth_user = $resource['input']['auth_user']['value'] +$auth_insecure = $resource['input']['auth_insecure']['value'] +$auth_ca_cert = $resource['input']['auth_ca_cert']['value'] +$auth_region = $resource['input']['auth_region']['value'] +$metadata_ip = $resource['input']['metadata_ip']['value'] +$metadata_port = $resource['input']['metadata_port']['value'] +$metadata_workers = $resource['input']['metadata_workers']['value'] +$metadata_backlog = $resource['input']['metadata_backlog']['value'] +$metadata_memory_cache_ttl = $resource['input']['metadata_memory_cache_ttl']['value'] + +class { 'neutron::agents::metadata': + enabled => true, + manage_service => true, + auth_password => $auth_password, + shared_secret => $shared_secret, + package_ensure => $package_ensure, + debug => $debug, + auth_tenant => $auth_tenant, + auth_user => $auth_user, + auth_url => "http://${auth_host}:${auth_port}/v2.0", + auth_insecure => $auth_insecure, + auth_ca_cert => $auth_ca_cert, + auth_region => $auth_region, + metadata_ip => $metadata_ip, + metadata_port => $metadata_port, + metadata_workers => $metadata_workers, + metadata_backlog => $metadata_backlog, + metadata_memory_cache_ttl => $metadata_memory_cache_ttl, +} + +include neutron::params + +package { 'neutron': + ensure => $package_ensure, + name => $::neutron::params::package_name, +} + +# Remove external class dependency +Service <| title == 'neutron-metadata' |> { + require => undef +} \ No newline at end of file diff --git a/resources/neutron_agents_metadata_puppet/meta.yaml b/resources/neutron_agents_metadata_puppet/meta.yaml new file mode 100644 index 00000000..0d7a2e17 --- /dev/null +++ b/resources/neutron_agents_metadata_puppet/meta.yaml @@ -0,0 +1,70 @@ +handler: puppet +id: 'neutron_agents_metadata_puppet' +input: + ip: + schema: str! + value: + ssh_key: + schema: str! + value: + ssh_user: + schema: str! + value: + + auth_password: + schema: str! + value: + shared_secret: + schema: str! + value: + package_ensure: + schema: str + value: 'present' + debug: + schema: bool + value: false + auth_tenant: + schema: str + value: 'services' + auth_user: + schema: str + value: 'neutron' + auth_insecure: + schema: bool + value: false + auth_ca_cert: + schema: str + value: + auth_region: + schema: str + value: 'RegionOne' + metadata_ip: + schema: str + value: '127.0.0.1' + metadata_port: + schema: int + value: 8775 + metadata_workers: + schema: int + value: 1 + metadata_backlog: + schema: int + value: 4096 + metadata_memory_cache_ttl: + schema: int + value: 5 + + auth_host: + schema: str + value: 'localhost' + auth_port: + schema: int + value: 35357 + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'} + +puppet_module: 'neutron' +tags: [resource/neutron, resource/neutron_agents_metadata] +version: 1.0.0