From a2d72c4fc9836ce63134f2965285648b377d580a Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Thu, 23 Jul 2015 13:48:02 +0200 Subject: [PATCH 01/25] Add apache puppet resource Signed-off-by: Bogdan Dobrelya --- resources/apache_puppet/README.md | 4 + resources/apache_puppet/actions/remove.pp | 5 + resources/apache_puppet/actions/run.pp | 120 ++++++++++++++ resources/apache_puppet/meta.yaml | 186 ++++++++++++++++++++++ resources/apache_puppet/test.py | 11 ++ 5 files changed, 326 insertions(+) create mode 100644 resources/apache_puppet/README.md create mode 100644 resources/apache_puppet/actions/remove.pp create mode 100644 resources/apache_puppet/actions/run.pp create mode 100644 resources/apache_puppet/meta.yaml create mode 100644 resources/apache_puppet/test.py diff --git a/resources/apache_puppet/README.md b/resources/apache_puppet/README.md new file mode 100644 index 00000000..bf0e1438 --- /dev/null +++ b/resources/apache_puppet/README.md @@ -0,0 +1,4 @@ +# Apache puppet resource + +This class installs Apache and manages apache service. +Defaults provided for Debian OS family. \ No newline at end of file diff --git a/resources/apache_puppet/actions/remove.pp b/resources/apache_puppet/actions/remove.pp new file mode 100644 index 00000000..6719c017 --- /dev/null +++ b/resources/apache_puppet/actions/remove.pp @@ -0,0 +1,5 @@ +class {'apache': + service_enable => false, + service_ensure => 'stopped', + package_ensure => 'absent', +} diff --git a/resources/apache_puppet/actions/run.pp b/resources/apache_puppet/actions/run.pp new file mode 100644 index 00000000..ee2379da --- /dev/null +++ b/resources/apache_puppet/actions/run.pp @@ -0,0 +1,120 @@ +$resource = hiera($::resource_name) + +$apache_name = $resource['input']['apache_name']['value'] +$service_name = $resource['input']['service_name']['value'] +$default_mods = $resource['input']['default_mods']['value'] +$default_vhost = $resource['input']['default_vhost']['value'] +$default_charset = $resource['input']['default_charset']['value'] +$default_confd_files = $resource['input']['default_confd_files']['value'] +$default_ssl_vhost = $resource['input']['default_ssl_vhost']['value'] +$default_ssl_cert = $resource['input']['default_ssl_cert']['value'] +$default_ssl_key = $resource['input']['default_ssl_key']['value'] +$default_ssl_chain = $resource['input']['default_ssl_chain']['value'] +$default_ssl_ca = $resource['input']['default_ssl_ca']['value'] +$default_ssl_crl_path = $resource['input']['default_ssl_crl_path']['value'] +$default_ssl_crl = $resource['input']['default_ssl_crl']['value'] +$default_ssl_crl_check = $resource['input']['default_ssl_crl_check']['value'] +$default_type = $resource['input']['default_type']['value'] +$ip = $resource['input']['ip']['value'] +$service_restart = $resource['input']['service_restart']['value'] +$purge_configs = $resource['input']['purge_configs']['value'] +$purge_vhost_dir = $resource['input']['purge_vhost_dir']['value'] +$purge_vdir = $resource['input']['purge_vdir']['value'] +$serveradmin = $resource['input']['serveradmin']['value'] +$sendfile = $resource['input']['sendfile']['value'] +$error_documents = $resource['input']['error_documents']['value'] +$timeout = $resource['input']['timeout']['value'] +$httpd_dir = $resource['input']['httpd_dir']['value'] +$server_root = $resource['input']['server_root']['value'] +$conf_dir = $resource['input']['conf_dir']['value'] +$confd_dir = $resource['input']['confd_dir']['value'] +$vhost_dir = $resource['input']['vhost_dir']['value'] +$vhost_enable_dir = $resource['input']['vhost_enable_dir']['value'] +$mod_dir = $resource['input']['mod_dir']['value'] +$mod_enable_dir = $resource['input']['mod_enable_dir']['value'] +$mpm_module = $resource['input']['mpm_module']['value'] +$lib_path = $resource['input']['lib_path']['value'] +$conf_template = $resource['input']['conf_template']['value'] +$servername = $resource['input']['servername']['value'] +$manage_user = $resource['input']['manage_user']['value'] +$manage_group = $resource['input']['manage_group']['value'] +$user = $resource['input']['user']['value'] +$group = $resource['input']['group']['value'] +$keepalive = $resource['input']['keepalive']['value'] +$keepalive_timeout = $resource['input']['keepalive_timeout']['value'] +$max_keepalive_requests = $resource['input']['max_keepalive_requests']['value'] +$logroot = $resource['input']['logroot']['value'] +$logroot_mode = $resource['input']['logroot_mode']['value'] +$log_level = $resource['input']['log_level']['value'] +$log_formats = $resource['input']['log_formats']['value'] +$ports_file = $resource['input']['ports_file']['value'] +$docroot = $resource['input']['docroot']['value'] +$apache_version = $resource['input']['apache_version']['value'] +$server_tokens = $resource['input']['server_tokens']['value'] +$server_signature = $resource['input']['server_signature']['value'] +$trace_enable = $resource['input']['trace_enable']['value'] +$allow_encoded_slashes = $resource['input']['allow_encoded_slashes']['value'] +$package_ensure = $resource['input']['package_ensure']['value'] +$use_optional_includes = $resource['input']['use_optional_includes']['value'] + +class {'apache': + apache_name => $apache_name, + service_name => $service_name, + default_mods => $default_mods, + default_vhost => $default_vhost, + default_charset => $default_charset, + default_confd_files => $default_confd_files, + default_ssl_vhost => $default_ssl_vhost, + default_ssl_cert => $default_ssl_cert, + default_ssl_key => $default_ssl_key, + default_ssl_chain => $default_ssl_chain, + default_ssl_ca => $default_ssl_ca, + default_ssl_crl_path => $default_ssl_crl_path, + default_ssl_crl => $default_ssl_crl, + default_ssl_crl_check => $default_ssl_crl_check, + default_type => $default_type, + ip => $ip, + service_enable => true, + service_manage => true, + service_ensure => 'running', + service_restart => $service_restart, + purge_configs => $purge_configs, + purge_vhost_dir => $purge_vhost_dir, + purge_vdir => $purge_vdir, + serveradmin => $serveradmin, + sendfile => $sendfile, + error_documents => $error_documents, + timeout => $timeout, + httpd_dir => $httpd_dir, + server_root => $server_root, + conf_dir => $conf_dir, + confd_dir => $confd_dir, + vhost_dir => $vhost_dir, + vhost_enable_dir => $vhost_enable_dir, + mod_dir => $mod_dir, + mod_enable_dir => $mod_enable_dir, + mpm_module => $mpm_module, + lib_path => $lib_path, + conf_template => $conf_template, + servername => $servername, + manage_user => $manage_user, + manage_group => $manage_group, + user => $user, + group => $group, + keepalive => $keepalive, + keepalive_timeout => $keepalive_timeout, + max_keepalive_requests => $max_keepalive_requests, + logroot => $logroot, + logroot_mode => $logroot_mode, + log_level => $log_level, + log_formats => $log_formats, + ports_file => $ports_file, + docroot => $docroot, + apache_version => $apache_version, + server_tokens => $server_tokens, + server_signature => $server_signature, + trace_enable => $trace_enable, + allow_encoded_slashes => $allow_encoded_slashes, + package_ensure => $package_ensure, + use_optional_includes => $use_optional_includes, +} diff --git a/resources/apache_puppet/meta.yaml b/resources/apache_puppet/meta.yaml new file mode 100644 index 00000000..e70e5ecc --- /dev/null +++ b/resources/apache_puppet/meta.yaml @@ -0,0 +1,186 @@ +id: cinder_scheduler_puppet +handler: puppet +puppet_module: cinder_scheduler +version: 1.0.0 +input: + apache_name: + schema: str + value: 'apache2' + service_name: + schema: str + value: 'apache2' + default_mods: + schema: bool + value: true + default_vhost: + schema: bool + value: true + default_charset: + schema: str + value: '' + default_confd_files: + schema: bool + value: true + default_ssl_vhost: + schema: bool + value: false + default_ssl_cert: + schema: str + value: '/etc/ssl/certs/ssl-cert-snakeoil.pem' + default_ssl_key: + schema: str + value: '/etc/ssl/private/ssl-cert-snakeoil.key' + default_ssl_chain: + schema: str + value: '' + default_ssl_ca: + schema: str + value: '' + default_ssl_crl_path: + schema: str + value: '' + default_ssl_crl: + schema: str + value: '' + default_ssl_crl_check: + schema: str + value: '' + default_type: + schema: str + value: 'none' + service_restart: + schema: str + value: 'restart' + purge_configs: + schema: bool + value: true + purge_vhost_dir: + schema: str + value: '' + purge_vdir: + schema: bool + value: false + serveradmin: + schema: str + value: 'root@localhost' + sendfile: + schema: str + value: 'On' + error_documents: + schema: bool + value: false + timeout: + schema: int + value: 120 + httpd_dir: + schema: str + value: '/etc/apache2' + server_root: + schema: str + value: '/etc/apache2' + conf_dir: + schema: str + value: '/etc/apache2' + confd_dir: + schema: str + value: '/etc/apache2/conf.d' + vhost_dir: + schema: str + value: '/etc/apache2/sites-available' + vhost_enable_dir: + schema: str + value: '/etc/apache2/sites-enabled' + mod_dir: + schema: str + value: '/etc/apache2/mods-available' + mod_enable_dir: + schema: str + value: '/etc/apache2/mods-enabled' + mpm_module: + schema: str + value: 'worker' + lib_path: + schema: str + value: '/usr/lib/apache2/modules' + conf_template: + schema: str + value: 'apache/httpd.conf.erb' + servername: + schema: str! + value: '' + manage_user: + schema: bool + value: true + manage_group: + schema: bool + value: true + user: + schema: str + value: 'www-data' + group: + schema: str + value: 'www-data' + keepalive: + schema: str + value: 'Off' + keepalive_timeout: + schema: int + value: 15 + max_keepalive_requests: + schema: int + value: 100 + logroot: + schema: str + value: '/var/log/apache2' + logroot_mode: + schema: str + value: '0640' + log_level: + schema: str + value: 'warn' + log_formats: + schema: {} + value: {} + ports_file: + schema: str + value: '/etc/apache2/ports.conf' + docroot: + schema: str + value: '/srv/www' + apache_version: + schema: str + value: '2.4' + server_tokens: + schema: str + value: 'OS' + server_signature: + schema: str + value: 'On' + trace_enable: + schema: str + value: 'On' + allow_encoded_slashes: + schema: str + value: '' + package_ensure: + schema: str + value: 'installed' + use_optional_includes: + schema: bool + value: false + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/puppetlabs/puppetlabs-apache.git', branch: '1.5.0'} + + ip: + schema: str! + value: + ssh_key: + schema: str! + value: + ssh_user: + schema: str! + value: + +tags: [resource/apache_service, resources/apache] diff --git a/resources/apache_puppet/test.py b/resources/apache_puppet/test.py new file mode 100644 index 00000000..a9f2b725 --- /dev/null +++ b/resources/apache_puppet/test.py @@ -0,0 +1,11 @@ +import requests + +from solar.core.log import log + + +def test(resource): + log.debug('Testing apache_puppet') + requests.get( + 'http://%s:%s' % (resource.args['ip'].value, 80) + + ) From 094928979f0034be49670cfc31a97013fd4a6efb Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Tue, 4 Aug 2015 15:48:31 +0200 Subject: [PATCH 02/25] Fix undef inputs for apache2 Signed-off-by: Bogdan Dobrelya --- resources/apache_puppet/meta.yaml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/resources/apache_puppet/meta.yaml b/resources/apache_puppet/meta.yaml index e70e5ecc..d14b26fd 100644 --- a/resources/apache_puppet/meta.yaml +++ b/resources/apache_puppet/meta.yaml @@ -17,7 +17,7 @@ input: value: true default_charset: schema: str - value: '' + value: default_confd_files: schema: bool value: true @@ -32,19 +32,19 @@ input: value: '/etc/ssl/private/ssl-cert-snakeoil.key' default_ssl_chain: schema: str - value: '' + value: default_ssl_ca: schema: str - value: '' + value: default_ssl_crl_path: schema: str - value: '' + value: default_ssl_crl: schema: str - value: '' + value: default_ssl_crl_check: schema: str - value: '' + value: default_type: schema: str value: 'none' @@ -56,7 +56,7 @@ input: value: true purge_vhost_dir: schema: str - value: '' + value: purge_vdir: schema: bool value: false @@ -107,7 +107,7 @@ input: value: 'apache/httpd.conf.erb' servername: schema: str! - value: '' + value: manage_user: schema: bool value: true @@ -161,7 +161,7 @@ input: value: 'On' allow_encoded_slashes: schema: str - value: '' + value: package_ensure: schema: str value: 'installed' From 8be490610cd4d7fe188e1cabfc3da806b9ed4193 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Tue, 4 Aug 2015 10:47:59 +0200 Subject: [PATCH 03/25] Decouple neutron resource * Use neutron base and API(server) resources * Add db and db user for neutron composition layer Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 64 ++++-- resources/neutron_puppet/README.md | 194 ++++++++++++++++++ resources/neutron_puppet/actions/remove.pp | 25 +-- resources/neutron_puppet/actions/run.pp | 154 ++++++++++---- resources/neutron_puppet/meta.yaml | 192 ++++++++++++++--- resources/neutron_server_puppet/README.md | 170 +++++++++++++++ .../neutron_server_puppet/actions/remove.pp | 5 + .../neutron_server_puppet/actions/run.pp | 90 ++++++++ resources/neutron_server_puppet/meta.yaml | 151 ++++++++++++++ 9 files changed, 936 insertions(+), 109 deletions(-) create mode 100644 resources/neutron_puppet/README.md create mode 100644 resources/neutron_server_puppet/README.md create mode 100644 resources/neutron_server_puppet/actions/remove.pp create mode 100644 resources/neutron_server_puppet/actions/run.pp create mode 100644 resources/neutron_server_puppet/meta.yaml diff --git a/example-puppet.py b/example-puppet.py index 7c555748..b567e79a 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -158,9 +158,27 @@ def setup_resources(): signals.connect(admin_user, openrc, {'user_name': 'user_name','user_password':'password', 'tenant_name': 'tenant'}) # NEUTRON - # TODO: vhost cannot be specified in neutron Puppet manifests so this user has to be admin anyways + # Deploy chain neutron -> neutron_server -> ( agents & plugins ) neutron_puppet = vr.create('neutron_puppet', 'resources/neutron_puppet', {})[0] + signals.connect(node1, neutron_puppet) + signals.connect(rabbitmq_service1, neutron_puppet, { + 'ip': 'rabbitmq_host', + 'port': 'rabbitmq_port' + }) + signals.connect(openstack_rabbitmq_user, neutron_puppet, { + 'user_name': 'rabbitmq_user', + 'password': 'rabbitmq_password'}) + signals.connect(openstack_vhost, neutron_puppet, { + 'vhost_name': 'rabbitmq_virtual_host'}) + # NEUTRON API (SERVER) + neutron_server_puppet = vr.create('neutron_server_puppet', 'resources/neutron_server_puppet', { + 'sync_db': True, + })[0] + neutron_db = vr.create('neutron_db', 'resources/mariadb_db/', { + 'db_name': 'neutron_db', 'login_user': 'root'})[0] + neutron_db_user = vr.create('neutron_db_user', 'resources/mariadb_user/', { + 'user_name': 'neutron', 'user_password': 'neutron', 'login_user': 'root'})[0] neutron_keystone_user = vr.create('neutron_keystone_user', 'resources/keystone_user', { 'user_name': 'neutron', 'user_password': 'neutron' @@ -177,24 +195,29 @@ def setup_resources(): 'type': 'network' })[0] - signals.connect(node1, neutron_puppet) - signals.connect(rabbitmq_service1, neutron_puppet, { - 'ip': 'rabbitmq_host', - 'port': 'rabbitmq_port' + signals.connect(node1, neutron_db) + signals.connect(node1, neutron_db_user) + signals.connect(mariadb_service1, neutron_db, { + 'port': 'login_port', + 'root_password': 'login_password', + 'root_user': 'login_user', + 'ip' : 'db_host'}) + signals.connect(mariadb_service1, neutron_db_user, {'port': 'login_port', 'root_password': 'login_password'}) + signals.connect(neutron_db, neutron_db_user, {'db_name', 'db_host'}) + signals.connect(neutron_db_user, neutron_server_puppet, { + 'user_name':'db_user', + 'db_name':'db_name', + 'user_password':'db_password', + 'db_host' : 'db_host'}) + signals.connect(node1, neutron_server_puppet) + signals.connect(admin_user, neutron_server_puppet, { + 'user_name': 'auth_user', + 'user_password': 'auth_password', + 'tenant_name': 'auth_tenant' }) - signals.connect(openstack_rabbitmq_user, neutron_puppet, { - 'user_name': 'rabbitmq_user', - 'password': 'rabbitmq_password'}) - signals.connect(openstack_vhost, neutron_puppet, { - 'vhost_name': 'rabbitmq_virtual_host'}) - signals.connect(admin_user, neutron_puppet, { - 'user_name': 'keystone_user', - 'user_password': 'keystone_password', - 'tenant_name': 'keystone_tenant' - }) - signals.connect(keystone_puppet, neutron_puppet, { - 'ip': 'keystone_host', - 'port': 'keystone_port' + signals.connect(keystone_puppet, neutron_server_puppet, { + 'ip': 'auth_host', + 'port': 'auth_port' }) signals.connect(services_tenant, neutron_keystone_user) signals.connect(neutron_keystone_user, neutron_keystone_role) @@ -207,7 +230,7 @@ def setup_resources(): }) signals.connect(neutron_puppet, neutron_keystone_service_endpoint, { 'ip': ['admin_ip', 'internal_ip', 'public_ip'], - 'port': ['admin_port', 'internal_port', 'public_port'], + 'bind_port': ['admin_port', 'internal_port', 'public_port'], }) # CINDER @@ -508,10 +531,13 @@ resources_to_run = [ 'keystone_service_endpoint', 'services_tenant', + 'neutron_db', + 'neutron_db_user', 'neutron_keystone_user', 'neutron_keystone_role', 'neutron_puppet', 'neutron_keystone_service_endpoint', + 'neutron_server_puppet', 'cinder_db', 'cinder_db_user', diff --git a/resources/neutron_puppet/README.md b/resources/neutron_puppet/README.md new file mode 100644 index 00000000..217cd25a --- /dev/null +++ b/resources/neutron_puppet/README.md @@ -0,0 +1,194 @@ +# Neutron puppet resource + + Installs the neutron package and configures + /etc/neutron/neutron.conf for SSL, AMQP, logging, service plugins and other stuff. + Does not produce any services. + +# Parameters: + +source https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/init.pp + + ``package_ensure`` + (optional) The state of the package + Defaults to 'present' + + ``verbose`` + (optional) Verbose logging + Defaults to False + + ``debug`` + (optional) Print debug messages in the logs + Defaults to False + + ``bind_host`` + (optional) The IP/interface to bind to + Defaults to 0.0.0.0 (all interfaces) + + ``bind_port`` + (optional) The port to use + Defaults to 9696 + + ``core_plugin`` + (optional) Neutron plugin provider + Defaults to openvswitch + Could be bigswitch, brocade, cisco, embrane, hyperv, linuxbridge, midonet, ml2, mlnx, nec, nicira, plumgrid, ryu + + ``service_plugins`` + (optional) Advanced service modules. + Could be an array that can have these elements: + router, firewall, lbaas, vpnaas, metering + Defaults to empty + + ``auth_strategy`` + (optional) How to authenticate + Defaults to 'keystone'. 'noauth' is the only other valid option + + ``base_mac`` + (optional) The MAC address pattern to use. + Defaults to fa:16:3e:00:00:00 + + ``mac_generation_retries`` + (optional) How many times to try to generate a unique mac + Defaults to 16 + + ``dhcp_lease_duration`` + (optional) DHCP lease + Defaults to 86400 seconds + + ``dhcp_agents_per_network`` + (optional) Number of DHCP agents scheduled to host a network. + This enables redundant DHCP agents for configured networks. + Defaults to 1 + + ``network_device_mtu`` + (optional) The MTU size for the interfaces managed by neutron + Defaults to undef + + ``dhcp_agent_notification`` + (optional) Allow sending resource operation notification to DHCP agent. + Defaults to true + + ``allow_bulk`` + (optional) Enable bulk crud operations + Defaults to true + + ``allow_pagination`` + (optional) Enable pagination + Defaults to false + + ``allow_sorting`` + (optional) Enable sorting + Defaults to false + + ``allow_overlapping_ips`` + (optional) Enables network namespaces + Defaults to false + + ``api_extensions_path`` + (optional) Specify additional paths for API extensions that the + module in use needs to load. + Defaults to undef + + ``report_interval`` + (optional) Seconds between nodes reporting state to server; should be less than + agent_down_time, best if it is half or less than agent_down_time. + agent_down_time is a config for neutron-server, set by class neutron::server + report_interval is a config for neutron agents, set by class neutron + Defaults to: 30 + + ``control_exchange`` + (optional) What RPC queue/exchange to use + Defaults to neutron + + ``rpc_backend`` + (optional) what rpc/queuing service to use + Defaults to impl_kombu (rabbitmq) + + ``rabbit_password`` + ``rabbit_host`` + ``rabbit_port`` + ``rabbit_user`` + (optional) Various rabbitmq settings + + ``rabbit_hosts`` + (optional) array of rabbitmq servers for HA. + A single IP address, such as a VIP, can be used for load-balancing + multiple RabbitMQ Brokers. + Defaults to false + + ``rabbit_use_ssl`` + (optional) Connect over SSL for RabbitMQ + Defaults to false + + ``kombu_ssl_ca_certs`` + (optional) SSL certification authority file (valid only if SSL enabled). + Defaults to undef + + ``kombu_ssl_certfile`` + (optional) SSL cert file (valid only if SSL enabled). + Defaults to undef + + ``kombu_ssl_keyfile`` + (optional) SSL key file (valid only if SSL enabled). + Defaults to undef + + ``kombu_ssl_version`` + (optional) SSL version to use (valid only if SSL enabled). + Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be + available on some distributions. + Defaults to 'TLSv1' + + ``kombu_reconnect_delay`` + (optional) The amount of time to wait before attempting to reconnect + to MQ provider. This is used in some cases where you may need to wait + for the provider to propery premote the master before attempting to + reconnect. See https://review.openstack.org/#/c/76686 + Defaults to '1.0' + + ``qpid_hostname`` + ``qpid_port`` + ``qpid_username`` + ``qpid_password`` + ``qpid_heartbeat`` + ``qpid_protocol`` + ``qpid_tcp_nodelay`` + ``qpid_reconnect`` + ``qpid_reconnect_timeout`` + ``qpid_reconnect_limit`` + ``qpid_reconnect_interval`` + ``qpid_reconnect_interval_min`` + ``qpid_reconnect_interval_max`` + (optional) various QPID options + + ``use_ssl`` + (optinal) Enable SSL on the API server + Defaults to false, not set + + ``cert_file`` + (optinal) certificate file to use when starting api server securely + defaults to false, not set + + ``key_file`` + (optional) Private key file to use when starting API server securely + Defaults to false, not set + + ``ca_file`` + (optional) CA certificate file to use to verify connecting clients + Defaults to false, not set + + ``use_syslog`` + (optional) Use syslog for logging + Defaults to false + + ``log_facility`` + (optional) Syslog facility to receive log lines + Defaults to LOG_USER + + ``log_file`` + (optional) Where to log + Defaults to false + + ``log_dir`` + (optional) Directory where logs should be stored + If set to boolean false, it will not log to any directory + Defaults to /var/log/neutron diff --git a/resources/neutron_puppet/actions/remove.pp b/resources/neutron_puppet/actions/remove.pp index d6967955..52cfc1a4 100644 --- a/resources/neutron_puppet/actions/remove.pp +++ b/resources/neutron_puppet/actions/remove.pp @@ -1,22 +1,5 @@ -$resource = hiera('{{ resource_name }}') - -$rabbitmq_user = $resource['input']['rabbitmq_user']['value'] -$rabbitmq_password = $resource['input']['rabbitmq_password']['value'] -$rabbitmq_host = $resource['input']['rabbitmq_host']['value'] -$rabbitmq_port = $resource['input']['rabbitmq_port']['value'] - -class { 'neutron::server': - enabled => false, - package_ensure => 'absent', - auth_type => 'noauth' -} - class { 'neutron': - enabled => false, - package_ensure => 'absent', - rabbit_user => $rabbitmq_user, - rabbit_password => $rabbitmq_password, - rabbit_host => $rabbitmq_host, - rabbit_port => $rabbitmq_port -} - + enabled => false, + package_ensure => 'absent', + rabbit_password => 'not important as removed', +} \ No newline at end of file diff --git a/resources/neutron_puppet/actions/run.pp b/resources/neutron_puppet/actions/run.pp index 299636bc..42cabe97 100644 --- a/resources/neutron_puppet/actions/run.pp +++ b/resources/neutron_puppet/actions/run.pp @@ -2,45 +2,119 @@ $resource = hiera($::resource_name) $ip = $resource['input']['ip']['value'] -$rabbitmq_user = $resource['input']['rabbitmq_user']['value'] -$rabbitmq_password = $resource['input']['rabbitmq_password']['value'] -$rabbitmq_host = $resource['input']['rabbitmq_host']['value'] -$rabbitmq_port = $resource['input']['rabbitmq_port']['value'] -$rabbitmq_virtual_host = $resource['input']['rabbitmq_virtual_host']['value'] - -$keystone_host = $resource['input']['keystone_host']['value'] -$keystone_port = $resource['input']['keystone_port']['value'] -$keystone_user = $resource['input']['keystone_user']['value'] -$keystone_password = $resource['input']['keystone_password']['value'] -$keystone_tenant = $resource['input']['keystone_tenant']['value'] +$package_ensure = $resource['input']['package_ensure']['value'] +$verbose = $resource['input']['verbose']['value'] +$debug = $resource['input']['debug']['value'] +$bind_host = $resource['input']['bind_host']['value'] +$bind_port = $resource['input']['bind_port']['value'] +$core_plugin = $resource['input']['core_plugin']['value'] +$service_plugins = $resource['input']['service_plugins']['value'] +$auth_strategy = $resource['input']['auth_strategy']['value'] +$base_mac = $resource['input']['base_mac']['value'] +$mac_generation_retries = $resource['input']['mac_generation_retries']['value'] +$dhcp_lease_duration = $resource['input']['dhcp_lease_duration']['value'] +$dhcp_agents_per_network = $resource['input']['dhcp_agents_per_network']['value'] +$network_device_mtu = $resource['input']['network_device_mtu']['value'] +$dhcp_agent_notification = $resource['input']['dhcp_agent_notification']['value'] +$allow_bulk = $resource['input']['allow_bulk']['value'] +$allow_pagination = $resource['input']['allow_pagination']['value'] +$allow_sorting = $resource['input']['allow_sorting']['value'] +$allow_overlapping_ips = $resource['input']['allow_overlapping_ips']['value'] +$api_extensions_path = $resource['input']['api_extensions_path']['value'] +$root_helper = $resource['input']['root_helper']['value'] +$report_interval = $resource['input']['report_interval']['value'] +$control_exchange = $resource['input']['control_exchange']['value'] +$rpc_backend = $resource['input']['rpc_backend']['value'] +$rabbit_password = $resource['input']['rabbit_password']['value'] +$rabbit_host = $resource['input']['rabbit_host']['value'] +$rabbit_hosts = $resource['input']['rabbit_hosts']['value'] +$rabbit_port = $resource['input']['rabbit_port']['value'] +$rabbit_user = $resource['input']['rabbit_user']['value'] +$rabbit_virtual_host = $resource['input']['rabbit_virtual_host']['value'] +$rabbit_use_ssl = $resource['input']['rabbit_use_ssl']['value'] +$kombu_ssl_ca_certs = $resource['input']['kombu_ssl_ca_certs']['value'] +$kombu_ssl_certfile = $resource['input']['kombu_ssl_certfile']['value'] +$kombu_ssl_keyfile = $resource['input']['kombu_ssl_keyfile']['value'] +$kombu_ssl_version = $resource['input']['kombu_ssl_version']['value'] +$kombu_reconnect_delay = $resource['input']['kombu_reconnect_delay']['value'] +$qpid_hostname = $resource['input']['qpid_hostname']['value'] +$qpid_port = $resource['input']['qpid_port']['value'] +$qpid_username = $resource['input']['qpid_username']['value'] +$qpid_password = $resource['input']['qpid_password']['value'] +$qpid_heartbeat = $resource['input']['qpid_heartbeat']['value'] +$qpid_protocol = $resource['input']['qpid_protocol']['value'] +$qpid_tcp_nodelay = $resource['input']['qpid_tcp_nodelay']['value'] +$qpid_reconnect = $resource['input']['qpid_reconnect']['value'] +$qpid_reconnect_timeout = $resource['input']['qpid_reconnect_timeout']['value'] +$qpid_reconnect_limit = $resource['input']['qpid_reconnect_limit']['value'] +$qpid_reconnect_interval_min = $resource['input']['qpid_reconnect_interval_min']['value'] +$qpid_reconnect_interval_max = $resource['input']['qpid_reconnect_interval_max']['value'] +$qpid_reconnect_interval = $resource['input']['qpid_reconnect_interval']['value'] +$use_ssl = $resource['input']['use_ssl']['value'] +$cert_file = $resource['input']['cert_file']['value'] +$key_file = $resource['input']['key_file']['value'] +$ca_file = $resource['input']['ca_file']['value'] +$use_syslog = $resource['input']['use_syslog']['value'] +$log_facility = $resource['input']['log_facility']['value'] +$log_file = $resource['input']['log_file']['value'] +$log_dir = $resource['input']['log_dir']['value'] class { 'neutron': - debug => true, - verbose => true, - enabled => true, - package_ensure => 'present', - auth_strategy => 'keystone', - rabbit_user => $rabbitmq_user, - rabbit_password => $rabbitmq_password, - rabbit_host => $rabbitmq_host, - rabbit_port => $rabbitmq_port, - rabbit_virtual_host => $rabbitmq_virtual_host, - service_plugins => ['metering'] -} - -class { 'neutron::server': - enabled => true, - package_ensure => 'present', - auth_type => 'keystone', - auth_password => $keystone_password, - auth_user => $keystone_user, - auth_tenant => $keystone_tenant -} - -class { 'neutron::agents::dhcp': } - -#file { '/etc/neutron/neutron-exports': -# owner => 'root', -# group => 'root', -# content => template('neutron/exports.erb') -#} + enabled => true, + package_ensure => $package_ensure, + verbose => $verbose, + debug => $debug, + bind_host => $bind_host, + bind_port => $bind_port, + core_plugin => $core_plugin, + service_plugins => $service_plugins, + auth_strategy => $auth_strategy, + base_mac => $base_mac, + mac_generation_retries => $mac_generation_retries, + dhcp_lease_duration => $dhcp_lease_duration, + dhcp_agents_per_network => $dhcp_agents_per_network, + network_device_mtu => $network_device_mtu, + dhcp_agent_notification => $dhcp_agent_notification, + allow_bulk => $allow_bulk, + allow_pagination => $allow_pagination, + allow_sorting => $allow_sorting, + allow_overlapping_ips => $allow_overlapping_ips, + api_extensions_path => $api_extensions_path, + root_helper => $root_helper, + report_interval => $report_interval, + control_exchange => $control_exchange, + rpc_backend => $rpc_backend, + rabbit_password => $rabbit_password, + rabbit_host => $rabbit_host, + rabbit_hosts => $rabbit_hosts, + rabbit_port => $rabbit_port, + rabbit_user => $rabbit_user, + rabbit_virtual_host => $rabbit_virtual_host, + rabbit_use_ssl => $rabbit_use_ssl, + kombu_ssl_ca_certs => $kombu_ssl_ca_certs, + kombu_ssl_certfile => $kombu_ssl_certfile, + kombu_ssl_keyfile => $kombu_ssl_keyfile, + kombu_ssl_version => $kombu_ssl_version, + kombu_reconnect_delay => $kombu_reconnect_delay, + qpid_hostname => $qpid_hostname, + qpid_port => $qpid_port, + qpid_username => $qpid_username, + qpid_password => $qpid_password, + qpid_heartbeat => $qpid_heartbeat, + qpid_protocol => $qpid_protocol, + qpid_tcp_nodelay => $qpid_tcp_nodelay, + qpid_reconnect => $qpid_reconnect, + qpid_reconnect_timeout => $qpid_reconnect_timeout, + qpid_reconnect_limit => $qpid_reconnect_limit, + qpid_reconnect_interval_min => $qpid_reconnect_interval_min, + qpid_reconnect_interval_max => $qpid_reconnect_interval_max, + qpid_reconnect_interval => $qpid_reconnect_interval, + use_ssl => $use_ssl, + cert_file => $cert_file, + key_file => $key_file, + ca_file => $ca_file, + use_syslog => $use_syslog, + log_facility => $log_facility, + log_file => $log_file, + log_dir => $log_dir, +} \ No newline at end of file diff --git a/resources/neutron_puppet/meta.yaml b/resources/neutron_puppet/meta.yaml index 8c39ceee..28d7921c 100644 --- a/resources/neutron_puppet/meta.yaml +++ b/resources/neutron_puppet/meta.yaml @@ -1,5 +1,5 @@ handler: puppet -id: 'neutron' +id: 'neutron_puppet' input: ip: schema: str! @@ -11,45 +11,179 @@ input: schema: str! value: - # TODO: add vhost! - rabbitmq_host: + package_ensure: + schema: str + value: 'present' + verbose: + schema: bool + value: false + debug: + schema: bool + value: false + bind_host: + schema: str + value: '0.0.0.0' + bind_port: + schema: int + value: 9696 + core_plugin: + schema: str + value: 'openvswitch' + service_plugins: + schema: str + value: '' + auth_strategy: + schema: str + value: 'keystone' + base_mac: + schema: str + value: 'fa:16:3e:00:00:00' + mac_generation_retries: + schema: int + value: 16 + dhcp_lease_duration: + schema: int + value: 86400 + dhcp_agents_per_network: + schema: int + value: 1 + network_device_mtu: + schema: str + value: + dhcp_agent_notification: + schema: bool + value: true + allow_bulk: + schema: bool + value: true + allow_pagination: + schema: bool + value: false + allow_sorting: + schema: bool + value: false + allow_overlapping_ips: + schema: bool + value: false + api_extensions_path: + schema: str + value: + root_helper: + schema: str + value: 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf' + report_interval: + schema: int + value: 30 + control_exchange: + schema: str + value: 'neutron' + rpc_backend: + schema: str + value: 'neutron.openstack.common.rpc.impl_kombu' + rabbit_password: schema: str! value: - rabbitmq_port: - schema: int! + rabbit_host: + schema: str + value: 'localhost' + rabbit_hosts: + schema: bool + value: false + rabbit_port: + schema: int + value: 5672 + rabbit_user: + schema: str + value: 'guest' + rabbit_virtual_host: + schema: str + value: '/' + rabbit_use_ssl: + schema: bool + value: false + kombu_ssl_ca_certs: + schema: str + value: '' + kombu_ssl_certfile: + schema: str value: - rabbitmq_user: + kombu_ssl_keyfile: + schema: str + value: + kombu_ssl_version: + schema: str + value: 'TLSv1' + kombu_reconnect_delay: + schema: str + value: '1.0' + qpid_hostname: + schema: str + value: 'localhost' + qpid_port: + schema: int + value: 5672 + qpid_username: + schema: str + value: 'guest' + qpid_password: schema: str! + value: 'guest' + qpid_heartbeat: + schema: int + value: 60 + qpid_protocol: + schema: str + value: 'tcp' + qpid_tcp_nodelay: + schema: bool + value: true + qpid_reconnect: + schema: bool + value: true + qpid_reconnect_timeout: + schema: int + value: 0 + qpid_reconnect_limit: + schema: int + value: 0 + qpid_reconnect_interval_min: + schema: int + value: 0 + qpid_reconnect_interval_max: + schema: int + value: 0 + qpid_reconnect_interval: + schema: int + value: 0 + use_ssl: + schema: str + value: '' + cert_file: + schema: str value: - rabbitmq_password: - schema: str! + key_file: + schema: str value: - rabbitmq_virtual_host: - schema: str! + ca_file: + schema: str value: + use_syslog: + schema: bool + value: false + log_facility: + schema: str + value: 'LOG_USER' + log_file: + schema: str + value: '' + log_dir: + schema: str + value: '/var/log/neutron' git: schema: {repository: str!, branch: str!} - value: {repository: 'https://github.com/openstack/puppet-neutron', branch: 'stable/juno'} + value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'} - port: - schema: int! - value: 9696 - - keystone_host: - schema: str! - keystone_port: - schema: int! - value: - keystone_user: - schema: str! - value: - keystone_password: - schema: str! - value: - keystone_tenant: - schema: str! - value: puppet_module: 'neutron' tags: [] version: 1.0.0 diff --git a/resources/neutron_server_puppet/README.md b/resources/neutron_server_puppet/README.md new file mode 100644 index 00000000..be11e355 --- /dev/null +++ b/resources/neutron_server_puppet/README.md @@ -0,0 +1,170 @@ +# Neutron puppet resource + +Setup and configure the neutron API service and endpoint + +# Parameters: + +source https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/server.pp + + ``package_ensure`` + (optional) The state of the package + Defaults to present + + ``log_file`` + REMOVED: Use log_file of neutron class instead. + + ``log_dir`` + REMOVED: Use log_dir of neutron class instead. + + ``auth_password`` + (optional) The password to use for authentication (keystone) + Defaults to false. Set a value unless you are using noauth + + ``auth_type`` + (optional) What auth system to use + Defaults to 'keystone'. Can other be 'noauth' + + ``auth_host`` + (optional) The keystone host + Defaults to localhost + + ``auth_protocol`` + (optional) The protocol used to access the auth host + Defaults to http. + + ``auth_port`` + (optional) The keystone auth port + Defaults to 35357 + + ``auth_admin_prefix`` + (optional) The admin_prefix used to admin endpoint of the auth host + This allow admin auth URIs like http://auth_host:35357/keystone. + (where '/keystone' is the admin prefix) + Defaults to false for empty. If defined, should be a string with a leading '/' and no trailing '/'. + + ``auth_tenant`` + (optional) The tenant of the auth user + Defaults to services + + ``auth_user`` + (optional) The name of the auth user + Defaults to neutron + + ``auth_protocol`` + (optional) The protocol to connect to keystone + Defaults to http + + ``auth_uri`` + (optional) Complete public Identity API endpoint. + Defaults to: $auth_protocol://$auth_host:5000/ + + ``database_connection`` + (optional) Connection url for the neutron database. + (Defaults to 'sqlite:////var/lib/neutron/ovs.sqlite') + + ``sql_connection`` + DEPRECATED: Use database_connection instead. + + ``connection`` + DEPRECATED: Use database_connection instead. + + ``database_max_retries`` + (optional) Maximum database connection retries during startup. + (Defaults to 10) + + ``sql_max_retries`` + DEPRECATED: Use database_max_retries instead. + + ``max_retries`` + DEPRECATED: Use database_max_retries instead. + + ``database_idle_timeout`` + (optional) Timeout before idle database connections are reaped. + Deprecates sql_idle_timeout + (Defaults to 3600) + + ``sql_idle_timeout`` + DEPRECATED: Use database_idle_timeout instead. + + ``idle_timeout`` + DEPRECATED: Use database_idle_timeout instead. + + ``database_retry_interval`` + (optional) Interval between retries of opening a database connection. + (Defaults to 10) + + ``sql_reconnect_interval`` + DEPRECATED: Use database_retry_interval instead. + + ``retry_interval`` + DEPRECATED: Use database_retry_interval instead. + + ``database_min_pool_size`` + (optional) Minimum number of SQL connections to keep open in a pool. + Defaults to: 1 + + ``database_max_pool_size`` + (optional) Maximum number of SQL connections to keep open in a pool. + Defaults to: 10 + + ``database_max_overflow`` + (optional) If set, use this value for max_overflow with sqlalchemy. + Defaults to: 20 + + ``sync_db`` + (optional) Run neutron-db-manage on api nodes after installing the package. + Defaults to false + + ``api_workers`` + (optional) Number of separate worker processes to spawn. + The default, count of machine's processors, runs the worker thread in the + current process. + Greater than 0 launches that number of child processes as workers. + The parent process manages them. + Defaults to: $::processorcount + + ``rpc_workers`` + (optional) Number of separate RPC worker processes to spawn. + The default, count of machine's processors, runs the worker thread in the + current process. + Greater than 0 launches that number of child processes as workers. + The parent process manages them. + Defaults to: $::processorcount + + ``agent_down_time`` + (optional) Seconds to regard the agent as down; should be at least twice + report_interval, to be sure the agent is down for good. + agent_down_time is a config for neutron-server, set by class neutron::server + report_interval is a config for neutron agents, set by class neutron + Defaults to: 75 + + ``router_scheduler_driver`` + (optional) Driver to use for scheduling router to a default L3 agent. Could be: + neutron.scheduler.l3_agent_scheduler.ChanceScheduler to schedule a router in a random way + neutron.scheduler.l3_agent_scheduler.LeastRoutersScheduler to allocate on an L3 agent with the least number of routers bound. + Defaults to: neutron.scheduler.l3_agent_scheduler.ChanceScheduler + + ``mysql_module`` + (optional) Deprecated. Does nothing. + + ``router_distributed`` + (optional) Setting the "router_distributed" flag to "True" will default to the creation + of distributed tenant routers. + Also can be the type of the router on the create request (admin-only attribute). + Defaults to false + + ``l3_ha`` + (optional) Enable high availability for virtual routers. + Defaults to false + + ``max_l3_agents_per_router`` + (optional) Maximum number of l3 agents which a HA router will be scheduled on. If set to '0', a router will be scheduled on every agent. + Defaults to '3' + + ``min_l3_agents_per_router`` + (optional) Minimum number of l3 agents which a HA router will be scheduled on. + Defaults to '2' + + ``l3_ha_net_cidr`` + (optional) CIDR of the administrative network if HA mode is enabled. + Defaults to '169.254.192.0/18' \ No newline at end of file diff --git a/resources/neutron_server_puppet/actions/remove.pp b/resources/neutron_server_puppet/actions/remove.pp new file mode 100644 index 00000000..83dbccac --- /dev/null +++ b/resources/neutron_server_puppet/actions/remove.pp @@ -0,0 +1,5 @@ +class { 'neutron::server': + enabled => false, + package_ensure => 'absent', + auth_password => 'not important as removed', +} \ No newline at end of file diff --git a/resources/neutron_server_puppet/actions/run.pp b/resources/neutron_server_puppet/actions/run.pp new file mode 100644 index 00000000..cb7a1d7c --- /dev/null +++ b/resources/neutron_server_puppet/actions/run.pp @@ -0,0 +1,90 @@ +$resource = hiera($::resource_name) + +$ip = $resource['input']['ip']['value'] + +$db_user = $resource['input']['db_user']['value'] +$db_host = $resource['input']['db_host']['value'] +$db_password = $resource['input']['db_password']['value'] +$db_name = $resource['input']['db_name']['value'] + +$package_ensure = $resource['input']['package_ensure']['value'] +$auth_password = $resource['input']['auth_password']['value'] +$auth_type = $resource['input']['auth_type']['value'] +$auth_host = $resource['input']['auth_host']['value'] +$auth_port = $resource['input']['auth_port']['value'] +$auth_admin_prefix = $resource['input']['auth_admin_prefix']['value'] +$auth_tenant = $resource['input']['auth_tenant']['value'] +$auth_user = $resource['input']['auth_user']['value'] +$auth_protocol = $resource['input']['auth_protocol']['value'] +$auth_uri = $resource['input']['auth_uri']['value'] +$database_connection = $resource['input']['database_connection']['value'] +$database_max_retries = $resource['input']['database_max_retries']['value'] +$database_idle_timeout = $resource['input']['database_idle_timeout']['value'] +$database_retry_interval = $resource['input']['database_retry_interval']['value'] +$database_min_pool_size = $resource['input']['database_min_pool_size']['value'] +$database_max_pool_size = $resource['input']['database_max_pool_size']['value'] +$database_max_overflow = $resource['input']['database_max_overflow']['value'] +$sync_db = $resource['input']['sync_db']['value'] +$api_workers = $resource['input']['api_workers']['value'] +$rpc_workers = $resource['input']['rpc_workers']['value'] +$agent_down_time = $resource['input']['agent_down_time']['value'] +$router_scheduler_driver = $resource['input']['router_scheduler_driver']['value'] +$router_distributed = $resource['input']['router_distributed']['value'] +$l3_ha = $resource['input']['l3_ha']['value'] +$max_l3_agents_per_router = $resource['input']['max_l3_agents_per_router']['value'] +$min_l3_agents_per_router = $resource['input']['min_l3_agents_per_router']['value'] +$l3_ha_net_cidr = $resource['input']['l3_ha_net_cidr']['value'] +$mysql_module = $resource['input']['mysql_module']['value'] +$sql_connection = $resource['input']['sql_connection']['value'] +$connection = $resource['input']['connection']['value'] +$sql_max_retries = $resource['input']['sql_max_retries']['value'] +$max_retries = $resource['input']['max_retries']['value'] +$sql_idle_timeout = $resource['input']['sql_idle_timeout']['value'] +$idle_timeout = $resource['input']['idle_timeout']['value'] +$sql_reconnect_interval = $resource['input']['sql_reconnect_interval']['value'] +$retry_interval = $resource['input']['retry_interval']['value'] +$log_dir = $resource['input']['log_dir']['value'] +$log_file = $resource['input']['log_file']['value'] +$report_interval = $resource['input']['report_interval']['value'] + +class { 'neutron::server': + enabled => true, + manage_service => true, + database_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}", + package_ensure => $package_ensure, + auth_password => $auth_password, + auth_type => $auth_type, + auth_host => $auth_host, + auth_port => $auth_port, + auth_admin_prefix => $auth_admin_prefix, + auth_tenant => $auth_tenant, + auth_user => $auth_user, + auth_protocol => $auth_protocol, + auth_uri => $auth_uri, + database_max_retries => $database_max_retries, + database_idle_timeout => $database_idle_timeout, + database_retry_interval => $database_retry_interval, + database_min_pool_size => $database_min_pool_size, + database_max_pool_size => $database_max_pool_size, + database_max_overflow => $database_max_overflow, + sync_db => $sync_db, + api_workers => $api_workers, + rpc_workers => $rpc_workers, + agent_down_time => $agent_down_time, + router_scheduler_driver => $router_scheduler_driver, + router_distributed => $router_distributed, + l3_ha => $l3_ha, + max_l3_agents_per_router => $max_l3_agents_per_router, + min_l3_agents_per_router => $min_l3_agents_per_router, + l3_ha_net_cidr => $l3_ha_net_cidr, + mysql_module => $mysql_module, + sql_max_retries => $sql_max_retries, + max_retries => $max_retries, + sql_idle_timeout => $sql_idle_timeout, + idle_timeout => $idle_timeout, + sql_reconnect_interval => $sql_reconnect_interval, + retry_interval => $retry_interval, + log_dir => $log_dir, + log_file => $log_file, + report_interval => $report_interval, +} \ No newline at end of file diff --git a/resources/neutron_server_puppet/meta.yaml b/resources/neutron_server_puppet/meta.yaml new file mode 100644 index 00000000..3779a2ff --- /dev/null +++ b/resources/neutron_server_puppet/meta.yaml @@ -0,0 +1,151 @@ +handler: puppet +id: 'neutron_server_puppet' +input: + ip: + schema: str! + value: '' + ssh_key: + schema: str! + value: '' + ssh_user: + schema: str! + value: '' + + db_user: + schema: str! + value: + db_password: + schema: str! + value: + db_name: + schema: str! + value: + db_host: + schema: str! + value: + + package_ensure: + schema: str + value: 'present' + auth_password: + schema: str! + value: '' + auth_type: + schema: str + value: 'keystone' + auth_host: + schema: str + value: 'localhost' + auth_port: + schema: int + value: 35357 + auth_admin_prefix: + schema: str + value: '' + auth_tenant: + schema: str + value: 'services' + auth_user: + schema: str + value: 'neutron' + auth_protocol: + schema: str + value: 'http' + auth_uri: + schema: str + value: '' + database_connection: + schema: str + value: 'sqlite:////var/lib/neutron/ovs.sqlite' + database_max_retries: + schema: int + value: 10 + database_idle_timeout: + schema: int + value: 3600 + database_retry_interval: + schema: int + value: 10 + database_min_pool_size: + schema: int + value: 1 + database_max_pool_size: + schema: int + value: 10 + database_max_overflow: + schema: int + value: 20 + sync_db: + schema: bool + value: false + api_workers: + schema: int + value: 1 + rpc_workers: + schema: int + value: 1 + agent_down_time: + schema: int + value: 75 + router_scheduler_driver: + schema: str + value: 'neutron.scheduler.l3_agent_scheduler.ChanceScheduler' + router_distributed: + schema: bool + value: false + l3_ha: + schema: bool + value: false + max_l3_agents_per_router: + schema: int + value: 3 + min_l3_agents_per_router: + schema: int + value: 2 + l3_ha_net_cidr: + schema: str + value: '169.254.192.0/18' + mysql_module: + schema: str + value: '' + sql_connection: + schema: str + value: '' + connection: + schema: str + value: '' + sql_max_retries: + schema: str + value: '' + max_retries: + schema: str + value: '' + sql_idle_timeout: + schema: str + value: '' + idle_timeout: + schema: str + value: '' + sql_reconnect_interval: + schema: str + value: '' + retry_interval: + schema: str + value: '' + log_dir: + schema: str + value: '' + log_file: + schema: str + value: '' + report_interval: + schema: str + value: '' + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'} + +puppet_module: 'neutron' +tags: [] +version: 1.0.0 From 0570c4a670e64de8964d1b3268cc705f8a94bef2 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Tue, 4 Aug 2015 11:59:24 +0200 Subject: [PATCH 04/25] Remove external class ref for neutron server resource * Fix rabbit inputs for neutron * Decouple service neutron-server from neutron class Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 10 +++++----- resources/neutron_server_puppet/actions/run.pp | 5 +++++ 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/example-puppet.py b/example-puppet.py index b567e79a..7989d006 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -162,14 +162,14 @@ def setup_resources(): neutron_puppet = vr.create('neutron_puppet', 'resources/neutron_puppet', {})[0] signals.connect(node1, neutron_puppet) signals.connect(rabbitmq_service1, neutron_puppet, { - 'ip': 'rabbitmq_host', - 'port': 'rabbitmq_port' + 'ip': 'rabbit_host', + 'port': 'rabbit_port' }) signals.connect(openstack_rabbitmq_user, neutron_puppet, { - 'user_name': 'rabbitmq_user', - 'password': 'rabbitmq_password'}) + 'user_name': 'rabbit_user', + 'password': 'rabbit_password'}) signals.connect(openstack_vhost, neutron_puppet, { - 'vhost_name': 'rabbitmq_virtual_host'}) + 'vhost_name': 'rabbit_virtual_host'}) # NEUTRON API (SERVER) neutron_server_puppet = vr.create('neutron_server_puppet', 'resources/neutron_server_puppet', { diff --git a/resources/neutron_server_puppet/actions/run.pp b/resources/neutron_server_puppet/actions/run.pp index cb7a1d7c..0d6d48c8 100644 --- a/resources/neutron_server_puppet/actions/run.pp +++ b/resources/neutron_server_puppet/actions/run.pp @@ -87,4 +87,9 @@ class { 'neutron::server': log_dir => $log_dir, log_file => $log_file, report_interval => $report_interval, +} + +# Remove external class dependency +Service <| title == 'neutron-server' |> { + require => undef } \ No newline at end of file From 190beffd6c9adcd8421c1f5bb48455e843fae1b5 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Tue, 4 Aug 2015 12:13:17 +0200 Subject: [PATCH 05/25] Add neutron ovs plugin resource * Add compostion layer for OVS plugin with GRE * Fix neutron tags, use_ssl input Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 9 +++- .../neutron_plugins_ovs_puppet/README.md | 15 ++++++ .../actions/remove.pp | 10 ++++ .../neutron_plugins_ovs_puppet/actions/run.pp | 32 +++++++++++++ .../neutron_plugins_ovs_puppet/meta.yaml | 48 +++++++++++++++++++ resources/neutron_puppet/meta.yaml | 6 +-- resources/neutron_server_puppet/meta.yaml | 2 +- 7 files changed, 117 insertions(+), 5 deletions(-) create mode 100644 resources/neutron_plugins_ovs_puppet/README.md create mode 100644 resources/neutron_plugins_ovs_puppet/actions/remove.pp create mode 100644 resources/neutron_plugins_ovs_puppet/actions/run.pp create mode 100644 resources/neutron_plugins_ovs_puppet/meta.yaml diff --git a/example-puppet.py b/example-puppet.py index 7989d006..ecdce96f 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -158,7 +158,7 @@ def setup_resources(): signals.connect(admin_user, openrc, {'user_name': 'user_name','user_password':'password', 'tenant_name': 'tenant'}) # NEUTRON - # Deploy chain neutron -> neutron_server -> ( agents & plugins ) + # Deploy chain neutron -> (plugins) -> neutron_server -> ( agents ) neutron_puppet = vr.create('neutron_puppet', 'resources/neutron_puppet', {})[0] signals.connect(node1, neutron_puppet) signals.connect(rabbitmq_service1, neutron_puppet, { @@ -171,6 +171,12 @@ def setup_resources(): signals.connect(openstack_vhost, neutron_puppet, { 'vhost_name': 'rabbit_virtual_host'}) + # NEUTRON OVS PLUGIN WITH GRE + neutron_plugins_ovs = vr.create('neutron_plugins_ovs_puppet', 'resources/neutron_plugins_ovs_puppet', { + 'tenant_network_type': 'gre', + })[0] + signals.connect(node1, neutron_plugins_ovs) + # NEUTRON API (SERVER) neutron_server_puppet = vr.create('neutron_server_puppet', 'resources/neutron_server_puppet', { 'sync_db': True, @@ -537,6 +543,7 @@ resources_to_run = [ 'neutron_keystone_role', 'neutron_puppet', 'neutron_keystone_service_endpoint', + 'neutron_plugins_ovs', 'neutron_server_puppet', 'cinder_db', diff --git a/resources/neutron_plugins_ovs_puppet/README.md b/resources/neutron_plugins_ovs_puppet/README.md new file mode 100644 index 00000000..7601306e --- /dev/null +++ b/resources/neutron_plugins_ovs_puppet/README.md @@ -0,0 +1,15 @@ +# Neutron OVS plugin puppet resource + +Configure the neutron server to use the OVS plugin. +This configures the plugin for the API server, but does nothing +about configuring the agents that must also run and share a config +file with the OVS plugin if both are on the same machine. + +NB: don't need tunnel ID range when using VLANs, +*but* you do need the network vlan range regardless of type, +because the list of networks there is still important +even if the ranges aren't specified +if type is vlan or flat, a default of physnet1:1000:2000 is used +otherwise this will not be set by default. + +source https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/plugins/ovs.pp \ No newline at end of file diff --git a/resources/neutron_plugins_ovs_puppet/actions/remove.pp b/resources/neutron_plugins_ovs_puppet/actions/remove.pp new file mode 100644 index 00000000..185c9531 --- /dev/null +++ b/resources/neutron_plugins_ovs_puppet/actions/remove.pp @@ -0,0 +1,10 @@ +class { 'neutron::plugins::ovs': + package_ensure => 'absent', +} + +include neutron::params + +package { 'neutron': + ensure => 'absent', + name => $::neutron::params::package_name, +} \ No newline at end of file diff --git a/resources/neutron_plugins_ovs_puppet/actions/run.pp b/resources/neutron_plugins_ovs_puppet/actions/run.pp new file mode 100644 index 00000000..fdbd38cb --- /dev/null +++ b/resources/neutron_plugins_ovs_puppet/actions/run.pp @@ -0,0 +1,32 @@ +$resource = hiera($::resource_name) + +$ip = $resource['input']['ip']['value'] + +$package_ensure = $resource['input']['package_ensure']['value'] +$sql_connection = $resource['input']['sql_connection']['value'] +$sql_max_retries = $resource['input']['sql_max_retries']['value'] +$sql_idle_timeout = $resource['input']['sql_idle_timeout']['value'] +$reconnect_interval = $resource['input']['reconnect_interval']['value'] +$tenant_network_type = $resource['input']['tenant_network_type']['value'] +$network_vlan_ranges = $resource['input']['network_vlan_ranges']['value'] +$tunnel_id_ranges = $resource['input']['tunnel_id_ranges']['value'] +$vxlan_udp_port = $resource['input']['vxlan_udp_port']['value'] + +class { 'neutron::plugins::ovs': + package_ensure => $package_ensure, + sql_connection => $sql_connection, + sql_max_retries => $sql_max_retries, + sql_idle_timeout => $sql_idle_timeout, + reconnect_interval => $reconnect_interval, + tenant_network_type => $tenant_network_type, + network_vlan_ranges => $network_vlan_ranges, + tunnel_id_ranges => $tunnel_id_ranges, + vxlan_udp_port => $vxlan_udp_port, +} + +include neutron::params + +package { 'neutron': + ensure => $package_ensure, + name => $::neutron::params::package_name, +} \ No newline at end of file diff --git a/resources/neutron_plugins_ovs_puppet/meta.yaml b/resources/neutron_plugins_ovs_puppet/meta.yaml new file mode 100644 index 00000000..ece3fdf5 --- /dev/null +++ b/resources/neutron_plugins_ovs_puppet/meta.yaml @@ -0,0 +1,48 @@ +handler: puppet +id: 'neutron_plugins_ovs_puppet' +input: + ip: + schema: str! + value: '' + ssh_key: + schema: str! + value: '' + ssh_user: + schema: str! + value: '' + + package_ensure: + schema: str + value: 'present' + sql_connection: + schema: str + value: '' + sql_max_retries: + schema: str + value: '' + sql_idle_timeout: + schema: str + value: '' + reconnect_interval: + schema: str + value: '' + tenant_network_type: + schema: str + value: 'vlan' + network_vlan_ranges: + schema: str + value: '' + tunnel_id_ranges: + schema: str + value: '1:1000' + vxlan_udp_port: + schema: int + value: 4789 + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'} + +puppet_module: 'neutron' +tags: [resource/neutron, resource/neutron_plugins_ovs] +version: 1.0.0 diff --git a/resources/neutron_puppet/meta.yaml b/resources/neutron_puppet/meta.yaml index 28d7921c..79d3b0ad 100644 --- a/resources/neutron_puppet/meta.yaml +++ b/resources/neutron_puppet/meta.yaml @@ -156,8 +156,8 @@ input: schema: int value: 0 use_ssl: - schema: str - value: '' + schema: bool + value: false cert_file: schema: str value: @@ -185,5 +185,5 @@ input: value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'} puppet_module: 'neutron' -tags: [] +tags: [resource/neutron] version: 1.0.0 diff --git a/resources/neutron_server_puppet/meta.yaml b/resources/neutron_server_puppet/meta.yaml index 3779a2ff..29cc844c 100644 --- a/resources/neutron_server_puppet/meta.yaml +++ b/resources/neutron_server_puppet/meta.yaml @@ -147,5 +147,5 @@ input: value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'} puppet_module: 'neutron' -tags: [] +tags: [resource/neutron, resource/neutron_service, resource/neutron_server, resource/neutron_api] version: 1.0.0 From 4c179a5a05d0ab84a68df256bf19b8d3d29cb453 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Tue, 4 Aug 2015 15:45:05 +0200 Subject: [PATCH 06/25] Fix undef inputs for neutron Signed-off-by: Bogdan Dobrelya --- .../neutron_plugins_ovs_puppet/meta.yaml | 16 ++++----- resources/neutron_puppet/meta.yaml | 6 ++-- resources/neutron_server_puppet/meta.yaml | 36 +++++++++---------- 3 files changed, 29 insertions(+), 29 deletions(-) diff --git a/resources/neutron_plugins_ovs_puppet/meta.yaml b/resources/neutron_plugins_ovs_puppet/meta.yaml index ece3fdf5..3198ad90 100644 --- a/resources/neutron_plugins_ovs_puppet/meta.yaml +++ b/resources/neutron_plugins_ovs_puppet/meta.yaml @@ -3,35 +3,35 @@ id: 'neutron_plugins_ovs_puppet' input: ip: schema: str! - value: '' + value: ssh_key: schema: str! - value: '' + value: ssh_user: schema: str! - value: '' + value: package_ensure: schema: str value: 'present' sql_connection: schema: str - value: '' + value: sql_max_retries: schema: str - value: '' + value: sql_idle_timeout: schema: str - value: '' + value: reconnect_interval: schema: str - value: '' + value: tenant_network_type: schema: str value: 'vlan' network_vlan_ranges: schema: str - value: '' + value: tunnel_id_ranges: schema: str value: '1:1000' diff --git a/resources/neutron_puppet/meta.yaml b/resources/neutron_puppet/meta.yaml index 79d3b0ad..fb0cc902 100644 --- a/resources/neutron_puppet/meta.yaml +++ b/resources/neutron_puppet/meta.yaml @@ -31,7 +31,7 @@ input: value: 'openvswitch' service_plugins: schema: str - value: '' + value: auth_strategy: schema: str value: 'keystone' @@ -103,7 +103,7 @@ input: value: false kombu_ssl_ca_certs: schema: str - value: '' + value: kombu_ssl_certfile: schema: str value: @@ -175,7 +175,7 @@ input: value: 'LOG_USER' log_file: schema: str - value: '' + value: log_dir: schema: str value: '/var/log/neutron' diff --git a/resources/neutron_server_puppet/meta.yaml b/resources/neutron_server_puppet/meta.yaml index 29cc844c..b32e0b2e 100644 --- a/resources/neutron_server_puppet/meta.yaml +++ b/resources/neutron_server_puppet/meta.yaml @@ -3,13 +3,13 @@ id: 'neutron_server_puppet' input: ip: schema: str! - value: '' + value: ssh_key: schema: str! - value: '' + value: ssh_user: schema: str! - value: '' + value: db_user: schema: str! @@ -29,7 +29,7 @@ input: value: 'present' auth_password: schema: str! - value: '' + value: auth_type: schema: str value: 'keystone' @@ -41,7 +41,7 @@ input: value: 35357 auth_admin_prefix: schema: str - value: '' + value: auth_tenant: schema: str value: 'services' @@ -53,7 +53,7 @@ input: value: 'http' auth_uri: schema: str - value: '' + value: database_connection: schema: str value: 'sqlite:////var/lib/neutron/ovs.sqlite' @@ -107,40 +107,40 @@ input: value: '169.254.192.0/18' mysql_module: schema: str - value: '' + value: sql_connection: schema: str - value: '' + value: connection: schema: str - value: '' + value: sql_max_retries: schema: str - value: '' + value: max_retries: schema: str - value: '' + value: sql_idle_timeout: schema: str - value: '' + value: idle_timeout: schema: str - value: '' + value: sql_reconnect_interval: schema: str - value: '' + value: retry_interval: schema: str - value: '' + value: log_dir: schema: str - value: '' + value: log_file: schema: str - value: '' + value: report_interval: schema: str - value: '' + value: git: schema: {repository: str!, branch: str!} From 5bc771b8f6d4f08eaec575e08c6c68109db4b235 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 5 Aug 2015 12:31:40 +0200 Subject: [PATCH 07/25] Add neutron OVS agent resource Signed-off-by: Bogdan Dobrelya --- resources/neutron_agents_ovs_puppet/README.md | 5 ++ .../actions/remove.pp | 4 ++ .../neutron_agents_ovs_puppet/actions/run.pp | 33 +++++++++++ resources/neutron_agents_ovs_puppet/meta.yaml | 57 +++++++++++++++++++ .../neutron_plugins_ovs_puppet/meta.yaml | 16 +++++- 5 files changed, 112 insertions(+), 3 deletions(-) create mode 100644 resources/neutron_agents_ovs_puppet/README.md create mode 100644 resources/neutron_agents_ovs_puppet/actions/remove.pp create mode 100644 resources/neutron_agents_ovs_puppet/actions/run.pp create mode 100644 resources/neutron_agents_ovs_puppet/meta.yaml diff --git a/resources/neutron_agents_ovs_puppet/README.md b/resources/neutron_agents_ovs_puppet/README.md new file mode 100644 index 00000000..b04c023c --- /dev/null +++ b/resources/neutron_agents_ovs_puppet/README.md @@ -0,0 +1,5 @@ +# Neutron OVS agent puppet resource + +Setups OVS neutron agent + +source https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/agents/ovs.pp \ No newline at end of file diff --git a/resources/neutron_agents_ovs_puppet/actions/remove.pp b/resources/neutron_agents_ovs_puppet/actions/remove.pp new file mode 100644 index 00000000..30baa70a --- /dev/null +++ b/resources/neutron_agents_ovs_puppet/actions/remove.pp @@ -0,0 +1,4 @@ +class { 'neutron::agents::ovs': + package_ensure => 'absent', + enabled => false, +} \ No newline at end of file diff --git a/resources/neutron_agents_ovs_puppet/actions/run.pp b/resources/neutron_agents_ovs_puppet/actions/run.pp new file mode 100644 index 00000000..70e6b741 --- /dev/null +++ b/resources/neutron_agents_ovs_puppet/actions/run.pp @@ -0,0 +1,33 @@ +$resource = hiera($::resource_name) + +$ip = $resource['input']['ip']['value'] + +$package_ensure = $resource['input']['package_ensure']['value'] +$bridge_uplinks = $resource['input']['bridge_uplinks']['value'] +$bridge_mappings = $resource['input']['bridge_mappings']['value'] +$integration_bridge = $resource['input']['integration_bridge']['value'] +$enable_tunneling = $resource['input']['enable_tunneling']['value'] +$tunnel_types = $resource['input']['tunnel_types']['value'] +$local_ip = $resource['input']['local_ip']['value'] +$tunnel_bridge = $resource['input']['tunnel_bridge']['value'] +$vxlan_udp_port = $resource['input']['vxlan_udp_port']['value'] +$polling_interval = $resource['input']['polling_interval']['value'] +$firewall_driver = $resource['input']['firewall_driver']['value'] +$veth_mtu = $resource['input']['veth_mtu']['value'] + +class { 'neutron::agents::ovs': + enabled => true, + manage_service => true, + package_ensure => $package_ensure, + bridge_uplinks => $bridge_uplinks, + bridge_mappings => $bridge_mappings, + integration_bridge => $integration_bridge, + enable_tunneling => $enable_tunneling, + tunnel_types => $tunnel_types, + local_ip => $local_ip, + tunnel_bridge => $tunnel_bridge, + vxlan_udp_port => $vxlan_udp_port, + polling_interval => $polling_interval, + firewall_driver => $firewall_driver, + veth_mtu => $veth_mtu, +} \ No newline at end of file diff --git a/resources/neutron_agents_ovs_puppet/meta.yaml b/resources/neutron_agents_ovs_puppet/meta.yaml new file mode 100644 index 00000000..e29d979d --- /dev/null +++ b/resources/neutron_agents_ovs_puppet/meta.yaml @@ -0,0 +1,57 @@ +handler: puppet +id: 'neutron_agents_ovs_puppet' +input: + ip: + schema: str! + value: + ssh_key: + schema: str! + value: + ssh_user: + schema: str! + value: + + package_ensure: + schema: str + value: 'present' + bridge_uplinks: + schema: [str] + value: [] + bridge_mappings: + schema: [str] + value: [] + integration_bridge: + schema: str + value: 'br-int' + enable_tunneling: + schema: bool + value: false + tunnel_types: + schema: [str] + value: [] + local_ip: + schema: str + value: + tunnel_bridge: + schema: str + value: 'br-tun' + vxlan_udp_port: + schema: int + value: 4789 + polling_interval: + schema: int + value: 2 + firewall_driver: + schema: str + value: 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' + veth_mtu: + schema: str + value: + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'} + +puppet_module: 'neutron' +tags: [resource/neutron, resource/neutron_agents_ovs] +version: 1.0.0 diff --git a/resources/neutron_plugins_ovs_puppet/meta.yaml b/resources/neutron_plugins_ovs_puppet/meta.yaml index 3198ad90..06b770d6 100644 --- a/resources/neutron_plugins_ovs_puppet/meta.yaml +++ b/resources/neutron_plugins_ovs_puppet/meta.yaml @@ -14,9 +14,6 @@ input: package_ensure: schema: str value: 'present' - sql_connection: - schema: str - value: sql_max_retries: schema: str value: @@ -39,6 +36,19 @@ input: schema: int value: 4789 + db_user: + schema: str! + value: + db_password: + schema: str! + value: + db_name: + schema: str! + value: + db_host: + schema: str! + value: + git: schema: {repository: str!, branch: str!} value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'} From ad9e1fa3ec442e425eb383f7422b7eb256aaf26f Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 5 Aug 2015 13:51:48 +0200 Subject: [PATCH 08/25] Remove deprecated/unused sql conn inputs Signed-off-by: Bogdan Dobrelya --- resources/neutron_server_puppet/actions/run.pp | 3 --- resources/neutron_server_puppet/meta.yaml | 13 ++----------- 2 files changed, 2 insertions(+), 14 deletions(-) diff --git a/resources/neutron_server_puppet/actions/run.pp b/resources/neutron_server_puppet/actions/run.pp index 0d6d48c8..47fcb2cc 100644 --- a/resources/neutron_server_puppet/actions/run.pp +++ b/resources/neutron_server_puppet/actions/run.pp @@ -17,7 +17,6 @@ $auth_tenant = $resource['input']['auth_tenant']['value'] $auth_user = $resource['input']['auth_user']['value'] $auth_protocol = $resource['input']['auth_protocol']['value'] $auth_uri = $resource['input']['auth_uri']['value'] -$database_connection = $resource['input']['database_connection']['value'] $database_max_retries = $resource['input']['database_max_retries']['value'] $database_idle_timeout = $resource['input']['database_idle_timeout']['value'] $database_retry_interval = $resource['input']['database_retry_interval']['value'] @@ -35,8 +34,6 @@ $max_l3_agents_per_router = $resource['input']['max_l3_agents_per_router']['val $min_l3_agents_per_router = $resource['input']['min_l3_agents_per_router']['value'] $l3_ha_net_cidr = $resource['input']['l3_ha_net_cidr']['value'] $mysql_module = $resource['input']['mysql_module']['value'] -$sql_connection = $resource['input']['sql_connection']['value'] -$connection = $resource['input']['connection']['value'] $sql_max_retries = $resource['input']['sql_max_retries']['value'] $max_retries = $resource['input']['max_retries']['value'] $sql_idle_timeout = $resource['input']['sql_idle_timeout']['value'] diff --git a/resources/neutron_server_puppet/meta.yaml b/resources/neutron_server_puppet/meta.yaml index b32e0b2e..4e4af5b7 100644 --- a/resources/neutron_server_puppet/meta.yaml +++ b/resources/neutron_server_puppet/meta.yaml @@ -19,10 +19,10 @@ input: value: db_name: schema: str! - value: + value: db_host: schema: str! - value: + value: package_ensure: schema: str @@ -54,9 +54,6 @@ input: auth_uri: schema: str value: - database_connection: - schema: str - value: 'sqlite:////var/lib/neutron/ovs.sqlite' database_max_retries: schema: int value: 10 @@ -108,12 +105,6 @@ input: mysql_module: schema: str value: - sql_connection: - schema: str - value: - connection: - schema: str - value: sql_max_retries: schema: str value: From 261975552bbee198839aea1c1bb582ba0aa05da6 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 5 Aug 2015 14:49:06 +0200 Subject: [PATCH 09/25] Add composition for OVS plugin/agent Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 58 ++++++++++++++++--- .../neutron_plugins_ovs_puppet/actions/run.pp | 7 ++- 2 files changed, 55 insertions(+), 10 deletions(-) diff --git a/example-puppet.py b/example-puppet.py index ecdce96f..1ce78c62 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -39,7 +39,7 @@ def setup_resources(): signals.Connections.clear() node1, node2 = vr.create('nodes', 'templates/nodes.yml', {}) - + # MARIADB mariadb_service1 = vr.create('mariadb_service1', 'resources/mariadb_service', { 'image': 'mariadb', @@ -171,12 +171,6 @@ def setup_resources(): signals.connect(openstack_vhost, neutron_puppet, { 'vhost_name': 'rabbit_virtual_host'}) - # NEUTRON OVS PLUGIN WITH GRE - neutron_plugins_ovs = vr.create('neutron_plugins_ovs_puppet', 'resources/neutron_plugins_ovs_puppet', { - 'tenant_network_type': 'gre', - })[0] - signals.connect(node1, neutron_plugins_ovs) - # NEUTRON API (SERVER) neutron_server_puppet = vr.create('neutron_server_puppet', 'resources/neutron_server_puppet', { 'sync_db': True, @@ -239,6 +233,47 @@ def setup_resources(): 'bind_port': ['admin_port', 'internal_port', 'public_port'], }) + # NEUTRON OVS PLUGIN & AGENT WITH GRE + neutron_plugins_ovs = vr.create('neutron_plugins_ovs', 'resources/neutron_plugins_ovs_puppet', { + 'tenant_network_type': 'gre', + })[0] + signals.connect(node1, neutron_plugins_ovs) + signals.connect(neutron_db_user, neutron_plugins_ovs, { + 'user_name':'db_user', + 'db_name':'db_name', + 'user_password':'db_password', + 'db_host' : 'db_host' + }) + neutron_agents_ovs = vr.create('neutron_agents_ovs', 'resources/neutron_agents_ovs_puppet', { + # TODO(bogdando) these should come from the node network resource + 'enable_tunneling': True, + 'local_ip': '10.1.0.13' # should be the IP addr of the br-mesh int. + })[0] + signals.connect(node1, neutron_agents_ovs) + + # NEUTRON FOR COMPUTE (node2) + # Deploy chain neutron -> (plugins) -> ( agents ) + neutron_puppet2 = vr.create('neutron_puppet2', 'resources/neutron_puppet', {})[0] + signals.connect(node2, neutron_puppet2) + signals.connect(neutron_puppet, neutron_puppet2, { + 'rabbit_host', 'rabbit_port', + 'rabbit_user', 'rabbit_password', + 'rabbit_virtual_host', 'package_ensure', + }) + + # NEUTRON OVS PLUGIN & AGENT WITH GRE FOR COMPUTE (node2) + neutron_plugins_ovs2 = vr.create('neutron_plugins_ovs2', 'resources/neutron_plugins_ovs_puppet', {})[0] + signals.connect(node2, neutron_plugins_ovs2) + signals.connect(neutron_plugins_ovs, neutron_plugins_ovs2, { + 'db_host', 'db_name', 'db_password', 'db_user', 'tenant_network_type' + }) + neutron_agents_ovs2 = vr.create('neutron_agents_ovs2', 'resources/neutron_agents_ovs_puppet', { + # TODO(bogdando) these should come from the node network resource + 'enable_tunneling': True, + 'local_ip': '10.1.0.14' # Should be the IP addr of the br-mesh int. + })[0] + signals.connect(node2, neutron_agents_ovs2) + # CINDER cinder_puppet = vr.create('cinder_puppet', 'resources/cinder_puppet', {})[0] cinder_db = vr.create('cinder_db', 'resources/mariadb_db/', { @@ -288,7 +323,7 @@ def setup_resources(): 'port': ['admin_port', 'internal_port', 'public_port'],}) signals.connect(keystone_puppet, cinder_keystone_service_endpoint, { 'admin_port': 'keystone_admin_port', 'admin_token': 'admin_token'}) - + # CINDER GLANCE # Deploy chain: cinder_puppet -> cinder_glance -> ( cinder_api, cinder_scheduler, cinder_volume ) cinder_glance_puppet = vr.create('cinder_glance_puppet', 'resources/cinder_glance_puppet', {})[0] @@ -312,7 +347,7 @@ def setup_resources(): cinder_volume_puppet = vr.create('cinder_volume_puppet', 'resources/cinder_volume_puppet', {})[0] signals.connect(node1, cinder_volume_puppet) signals.connect(cinder_puppet, cinder_volume_puppet) - + # NOVA nova_puppet = vr.create('nova_puppet', 'resources/nova_puppet', {})[0] nova_db = vr.create('nova_db', 'resources/mariadb_db/', { @@ -545,6 +580,7 @@ resources_to_run = [ 'neutron_keystone_service_endpoint', 'neutron_plugins_ovs', 'neutron_server_puppet', + 'neutron_agents_ovs', 'cinder_db', 'cinder_db_user', @@ -571,6 +607,10 @@ resources_to_run = [ 'nova_neutron_puppet', 'nova_compute_puppet', + 'neutron_puppet2', + 'neutron_plugins_ovs2', + 'neutron_agents_ovs2', + 'glance_db', 'glance_db_user', 'glance_keystone_user', diff --git a/resources/neutron_plugins_ovs_puppet/actions/run.pp b/resources/neutron_plugins_ovs_puppet/actions/run.pp index fdbd38cb..0bae1443 100644 --- a/resources/neutron_plugins_ovs_puppet/actions/run.pp +++ b/resources/neutron_plugins_ovs_puppet/actions/run.pp @@ -2,6 +2,11 @@ $resource = hiera($::resource_name) $ip = $resource['input']['ip']['value'] +$db_user = $resource['input']['db_user']['value'] +$db_host = $resource['input']['db_host']['value'] +$db_password = $resource['input']['db_password']['value'] +$db_name = $resource['input']['db_name']['value'] + $package_ensure = $resource['input']['package_ensure']['value'] $sql_connection = $resource['input']['sql_connection']['value'] $sql_max_retries = $resource['input']['sql_max_retries']['value'] @@ -14,7 +19,7 @@ $vxlan_udp_port = $resource['input']['vxlan_udp_port']['value'] class { 'neutron::plugins::ovs': package_ensure => $package_ensure, - sql_connection => $sql_connection, + sql_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}", sql_max_retries => $sql_max_retries, sql_idle_timeout => $sql_idle_timeout, reconnect_interval => $reconnect_interval, From 26bf28ffc8384a279e7859baa9d8ac28a921c4d4 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 5 Aug 2015 14:57:14 +0200 Subject: [PATCH 10/25] Fix removed sql_con Signed-off-by: Bogdan Dobrelya --- resources/neutron_plugins_ovs_puppet/actions/run.pp | 1 - resources/neutron_server_puppet/README.md | 9 +++------ 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/resources/neutron_plugins_ovs_puppet/actions/run.pp b/resources/neutron_plugins_ovs_puppet/actions/run.pp index 0bae1443..853cc227 100644 --- a/resources/neutron_plugins_ovs_puppet/actions/run.pp +++ b/resources/neutron_plugins_ovs_puppet/actions/run.pp @@ -8,7 +8,6 @@ $db_password = $resource['input']['db_password']['value'] $db_name = $resource['input']['db_name']['value'] $package_ensure = $resource['input']['package_ensure']['value'] -$sql_connection = $resource['input']['sql_connection']['value'] $sql_max_retries = $resource['input']['sql_max_retries']['value'] $sql_idle_timeout = $resource['input']['sql_idle_timeout']['value'] $reconnect_interval = $resource['input']['reconnect_interval']['value'] diff --git a/resources/neutron_server_puppet/README.md b/resources/neutron_server_puppet/README.md index be11e355..f0cc5537 100644 --- a/resources/neutron_server_puppet/README.md +++ b/resources/neutron_server_puppet/README.md @@ -61,12 +61,9 @@ source https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/server.p ``database_connection`` (optional) Connection url for the neutron database. (Defaults to 'sqlite:////var/lib/neutron/ovs.sqlite') - - ``sql_connection`` - DEPRECATED: Use database_connection instead. - - ``connection`` - DEPRECATED: Use database_connection instead. + Note: for this resource it is decomposed to the + 'db_host', 'db_port', 'db_user', 'db_password' inputs + due to implementation limitations ``database_max_retries`` (optional) Maximum database connection retries during startup. From 956261f31adba6983a34c2b33027e1dcb7ee48a9 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 5 Aug 2015 16:21:33 +0200 Subject: [PATCH 11/25] Fix core plugin, remove external class ref for neutron Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 7 +++++-- resources/neutron_agents_ovs_puppet/actions/run.pp | 5 +++++ resources/neutron_plugins_ovs_puppet/actions/run.pp | 5 +++++ 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/example-puppet.py b/example-puppet.py index 1ce78c62..0c3c8db7 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -159,7 +159,9 @@ def setup_resources(): # NEUTRON # Deploy chain neutron -> (plugins) -> neutron_server -> ( agents ) - neutron_puppet = vr.create('neutron_puppet', 'resources/neutron_puppet', {})[0] + neutron_puppet = vr.create('neutron_puppet', 'resources/neutron_puppet', { + 'core_plugin': 'neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2' + })[0] signals.connect(node1, neutron_puppet) signals.connect(rabbitmq_service1, neutron_puppet, { 'ip': 'rabbit_host', @@ -258,7 +260,8 @@ def setup_resources(): signals.connect(neutron_puppet, neutron_puppet2, { 'rabbit_host', 'rabbit_port', 'rabbit_user', 'rabbit_password', - 'rabbit_virtual_host', 'package_ensure', + 'rabbit_virtual_host', + 'package_ensure', 'core_plugin', }) # NEUTRON OVS PLUGIN & AGENT WITH GRE FOR COMPUTE (node2) diff --git a/resources/neutron_agents_ovs_puppet/actions/run.pp b/resources/neutron_agents_ovs_puppet/actions/run.pp index 70e6b741..8ae399bd 100644 --- a/resources/neutron_agents_ovs_puppet/actions/run.pp +++ b/resources/neutron_agents_ovs_puppet/actions/run.pp @@ -30,4 +30,9 @@ class { 'neutron::agents::ovs': polling_interval => $polling_interval, firewall_driver => $firewall_driver, veth_mtu => $veth_mtu, +} + +# Remove external class dependency +Service <| title == 'neutron-plugin-ovs-service' |> { + require => undef } \ No newline at end of file diff --git a/resources/neutron_plugins_ovs_puppet/actions/run.pp b/resources/neutron_plugins_ovs_puppet/actions/run.pp index 853cc227..fe3b552c 100644 --- a/resources/neutron_plugins_ovs_puppet/actions/run.pp +++ b/resources/neutron_plugins_ovs_puppet/actions/run.pp @@ -33,4 +33,9 @@ include neutron::params package { 'neutron': ensure => $package_ensure, name => $::neutron::params::package_name, +} + +# Remove external class dependency +Service <| title == 'neutron-plugin-ovs-service' |> { + require => undef } \ No newline at end of file From d83e20317175a886a543c36fb53ccaf799a4b954 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Thu, 6 Aug 2015 13:40:23 +0200 Subject: [PATCH 12/25] Fix neutron stamp/upgrade head Signed-off-by: Bogdan Dobrelya --- resources/neutron_plugins_ovs_puppet/README.md | 2 ++ .../neutron_plugins_ovs_puppet/actions/remove.pp | 5 +++++ resources/neutron_plugins_ovs_puppet/actions/run.pp | 11 ++++++++++- resources/neutron_puppet/actions/run.pp | 2 +- resources/neutron_server_puppet/actions/remove.pp | 5 +++++ 5 files changed, 23 insertions(+), 2 deletions(-) diff --git a/resources/neutron_plugins_ovs_puppet/README.md b/resources/neutron_plugins_ovs_puppet/README.md index 7601306e..af945afe 100644 --- a/resources/neutron_plugins_ovs_puppet/README.md +++ b/resources/neutron_plugins_ovs_puppet/README.md @@ -5,6 +5,8 @@ This configures the plugin for the API server, but does nothing about configuring the agents that must also run and share a config file with the OVS plugin if both are on the same machine. +Note, this plugin was deprecated, you may want to use the ML2 plugin instead. + NB: don't need tunnel ID range when using VLANs, *but* you do need the network vlan range regardless of type, because the list of networks there is still important diff --git a/resources/neutron_plugins_ovs_puppet/actions/remove.pp b/resources/neutron_plugins_ovs_puppet/actions/remove.pp index 185c9531..1ab65452 100644 --- a/resources/neutron_plugins_ovs_puppet/actions/remove.pp +++ b/resources/neutron_plugins_ovs_puppet/actions/remove.pp @@ -7,4 +7,9 @@ include neutron::params package { 'neutron': ensure => 'absent', name => $::neutron::params::package_name, +} + +# Remove external class dependency +Service <| title == 'neutron-plugin-ovs-service' |> { + require => undef } \ No newline at end of file diff --git a/resources/neutron_plugins_ovs_puppet/actions/run.pp b/resources/neutron_plugins_ovs_puppet/actions/run.pp index fe3b552c..1eb39ef2 100644 --- a/resources/neutron_plugins_ovs_puppet/actions/run.pp +++ b/resources/neutron_plugins_ovs_puppet/actions/run.pp @@ -16,6 +16,8 @@ $network_vlan_ranges = $resource['input']['network_vlan_ranges']['value'] $tunnel_id_ranges = $resource['input']['tunnel_id_ranges']['value'] $vxlan_udp_port = $resource['input']['vxlan_udp_port']['value'] +# Stamp neutron head, if current version is None, or upgrade head would fail later +$command = '/usr/bin/neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini' class { 'neutron::plugins::ovs': package_ensure => $package_ensure, sql_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}", @@ -26,6 +28,13 @@ class { 'neutron::plugins::ovs': network_vlan_ranges => $network_vlan_ranges, tunnel_id_ranges => $tunnel_id_ranges, vxlan_udp_port => $vxlan_udp_port, +} -> + +exec { 'neutron-db-sync': + provider => 'shell', + command => "${command} stamp head", + path => [ '/usr/bin', '/bin' ], + onlyif => "${command} current | grep -qE '^Current revision.*None$' " } include neutron::params @@ -38,4 +47,4 @@ package { 'neutron': # Remove external class dependency Service <| title == 'neutron-plugin-ovs-service' |> { require => undef -} \ No newline at end of file +} diff --git a/resources/neutron_puppet/actions/run.pp b/resources/neutron_puppet/actions/run.pp index 42cabe97..a0ee911d 100644 --- a/resources/neutron_puppet/actions/run.pp +++ b/resources/neutron_puppet/actions/run.pp @@ -117,4 +117,4 @@ class { 'neutron': log_facility => $log_facility, log_file => $log_file, log_dir => $log_dir, -} \ No newline at end of file +} diff --git a/resources/neutron_server_puppet/actions/remove.pp b/resources/neutron_server_puppet/actions/remove.pp index 83dbccac..ecaed03a 100644 --- a/resources/neutron_server_puppet/actions/remove.pp +++ b/resources/neutron_server_puppet/actions/remove.pp @@ -2,4 +2,9 @@ class { 'neutron::server': enabled => false, package_ensure => 'absent', auth_password => 'not important as removed', +} + +# Remove external class dependency +Service <| title == 'neutron-server' |> { + require => undef } \ No newline at end of file From 4a9fee81e86c3af863d85118fde0378309c6e416 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Thu, 6 Aug 2015 14:00:50 +0200 Subject: [PATCH 13/25] Add neutron DHCP agent resource Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 7 +++ .../neutron_agents_dhcp_puppet/README.md | 58 +++++++++++++++++++ .../actions/remove.pp | 16 +++++ .../neutron_agents_dhcp_puppet/actions/run.pp | 45 ++++++++++++++ .../neutron_agents_dhcp_puppet/meta.yaml | 57 ++++++++++++++++++ 5 files changed, 183 insertions(+) create mode 100644 resources/neutron_agents_dhcp_puppet/README.md create mode 100644 resources/neutron_agents_dhcp_puppet/actions/remove.pp create mode 100644 resources/neutron_agents_dhcp_puppet/actions/run.pp create mode 100644 resources/neutron_agents_dhcp_puppet/meta.yaml diff --git a/example-puppet.py b/example-puppet.py index 0c3c8db7..0ec4efa4 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -253,6 +253,13 @@ def setup_resources(): })[0] signals.connect(node1, neutron_agents_ovs) + # NEUTRON DHCP, L3, metadata agents + + neutron_agents_dhcp = vr.create('neutron_agents_dhcp', 'resources/neutron_agents_dhcp_puppet', { + 'use_namespaces': False, + })[0] + signals.connect(node1, neutron_agents_dhcp) + # NEUTRON FOR COMPUTE (node2) # Deploy chain neutron -> (plugins) -> ( agents ) neutron_puppet2 = vr.create('neutron_puppet2', 'resources/neutron_puppet', {})[0] diff --git a/resources/neutron_agents_dhcp_puppet/README.md b/resources/neutron_agents_dhcp_puppet/README.md new file mode 100644 index 00000000..f75b4ebf --- /dev/null +++ b/resources/neutron_agents_dhcp_puppet/README.md @@ -0,0 +1,58 @@ +# Neutron DHCP agent puppet resource + +Setups Neutron DHCP agent. + +# Parameters + +https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/agents/dhcp.pp + + + ``package_ensure`` + (optional) Ensure state for package. Defaults to 'present'. + + ``debug`` + (optional) Show debugging output in log. Defaults to false. + + ``state_path`` + (optional) Where to store dnsmasq state files. This directory must be + writable by the user executing the agent. Defaults to '/var/lib/neutron'. + + ``resync_interval`` + (optional) The DHCP agent will resync its state with Neutron to recover + from any transient notification or rpc errors. The interval is number of + seconds between attempts. Defaults to 30. + + ``interface_driver`` + (optional) Defaults to 'neutron.agent.linux.interface.OVSInterfaceDriver'. + + ``dhcp_driver`` + (optional) Defaults to 'neutron.agent.linux.dhcp.Dnsmasq'. + + ``root_helper`` + (optional) Defaults to 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf'. + Addresses bug: https://bugs.launchpad.net/neutron/+bug/1182616 + Note: This can safely be removed once the module only targets the Havana release. + + ``use_namespaces`` + (optional) Allow overlapping IP (Must have kernel build with + CONFIG_NET_NS=y and iproute2 package that supports namespaces). + Defaults to true. + + ``dnsmasq_config_file`` + (optional) Override the default dnsmasq settings with this file. + Defaults to undef + + ``dhcp_delete_namespaces`` + (optional) Delete namespace after removing a dhcp server + Defaults to false. + + ``enable_isolated_metadata`` + (optional) enable metadata support on isolated networks. + Defaults to false. + + ``enable_metadata_network`` + (optional) Allows for serving metadata requests coming from a dedicated metadata + access network whose cidr is 169.254.169.254/16 (or larger prefix), and is + connected to a Neutron router from which the VMs send metadata request. + This option requires enable_isolated_metadata = True + Defaults to false. \ No newline at end of file diff --git a/resources/neutron_agents_dhcp_puppet/actions/remove.pp b/resources/neutron_agents_dhcp_puppet/actions/remove.pp new file mode 100644 index 00000000..72dc2b1a --- /dev/null +++ b/resources/neutron_agents_dhcp_puppet/actions/remove.pp @@ -0,0 +1,16 @@ +class { 'neutron::agents::dhcp': + package_ensure => 'absent', + enabled => false, +} + +include neutron::params + +package { 'neutron': + ensure => 'absent', + name => $::neutron::params::package_name, +} + +# Remove external class dependency +Service <| title == 'neutron-dhcp-service' |> { + require => undef +} \ No newline at end of file diff --git a/resources/neutron_agents_dhcp_puppet/actions/run.pp b/resources/neutron_agents_dhcp_puppet/actions/run.pp new file mode 100644 index 00000000..c0c9cae1 --- /dev/null +++ b/resources/neutron_agents_dhcp_puppet/actions/run.pp @@ -0,0 +1,45 @@ +$resource = hiera($::resource_name) + +$ip = $resource['input']['ip']['value'] + +$package_ensure = $resource['input']['package_ensure']['value'] +$debug = $resource['input']['debug']['value'] +$state_path = $resource['input']['state_path']['value'] +$resync_interval = $resource['input']['resync_interval']['value'] +$interface_driver = $resource['input']['interface_driver']['value'] +$dhcp_driver = $resource['input']['dhcp_driver']['value'] +$root_helper = $resource['input']['root_helper']['value'] +$use_namespaces = $resource['input']['use_namespaces']['value'] +$dnsmasq_config_file = $resource['input']['dnsmasq_config_file']['value'] +$dhcp_delete_namespaces = $resource['input']['dhcp_delete_namespaces']['value'] +$enable_isolated_metadata = $resource['input']['enable_isolated_metadata']['value'] +$enable_metadata_network = $resource['input']['enable_metadata_network']['value'] + +class { 'neutron::agents::dhcp': + enabled => true, + manage_service => true, + package_ensure => $package_ensure, + debug => $debug, + state_path => $state_path, + resync_interval => $resync_interval, + interface_driver => $interface_driver, + dhcp_driver => $dhcp_driver, + root_helper => $root_helper, + use_namespaces => $use_namespaces, + dnsmasq_config_file => $dnsmasq_config_file, + dhcp_delete_namespaces => $dhcp_delete_namespaces, + enable_isolated_metadata => $enable_isolated_metadata, + enable_metadata_network => $enable_metadata_network, +} + +include neutron::params + +package { 'neutron': + ensure => $package_ensure, + name => $::neutron::params::package_name, +} + +# Remove external class dependency +Service <| title == 'neutron-dhcp-service' |> { + require => undef +} \ No newline at end of file diff --git a/resources/neutron_agents_dhcp_puppet/meta.yaml b/resources/neutron_agents_dhcp_puppet/meta.yaml new file mode 100644 index 00000000..9893e2e7 --- /dev/null +++ b/resources/neutron_agents_dhcp_puppet/meta.yaml @@ -0,0 +1,57 @@ +handler: puppet +id: 'neutron_agents_dhcp_puppet' +input: + ip: + schema: str! + value: + ssh_key: + schema: str! + value: + ssh_user: + schema: str! + value: + + package_ensure: + schema: str + value: present + debug: + schema: bool + value: false + state_path: + schema: str + value: '/var/lib/neutron' + resync_interval: + schema: int + value: 30 + interface_driver: + schema: str + value: 'neutron.agent.linux.interface.OVSInterfaceDriver' + dhcp_driver: + schema: str + value: 'neutron.agent.linux.dhcp.Dnsmasq' + root_helper: + schema: str + value: 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf' + use_namespaces: + schema: bool + value: true + dnsmasq_config_file: + schema: str + value: + dhcp_delete_namespaces: + schema: bool + value: false + enable_isolated_metadata: + schema: bool + value: false + enable_metadata_network: + schema: bool + value: false + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'} + +puppet_module: 'neutron' +tags: [resource/neutron, resource/neutron_agents_dhcp] +version: 1.0.0 From fa52977697c8d9169310c7d036dcae9da8d86a49 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Thu, 6 Aug 2015 14:30:37 +0200 Subject: [PATCH 14/25] Add neutron L3 agent resource Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 10 +- .../neutron_agents_dhcp_puppet/README.md | 3 +- resources/neutron_agents_l3_puppet/README.md | 100 ++++++++++++++++++ .../actions/remove.pp | 16 +++ .../neutron_agents_l3_puppet/actions/run.pp | 63 +++++++++++ resources/neutron_agents_l3_puppet/meta.yaml | 84 +++++++++++++++ 6 files changed, 273 insertions(+), 3 deletions(-) create mode 100644 resources/neutron_agents_l3_puppet/README.md create mode 100644 resources/neutron_agents_l3_puppet/actions/remove.pp create mode 100644 resources/neutron_agents_l3_puppet/actions/run.pp create mode 100644 resources/neutron_agents_l3_puppet/meta.yaml diff --git a/example-puppet.py b/example-puppet.py index 0ec4efa4..355c3028 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -254,11 +254,19 @@ def setup_resources(): signals.connect(node1, neutron_agents_ovs) # NEUTRON DHCP, L3, metadata agents - neutron_agents_dhcp = vr.create('neutron_agents_dhcp', 'resources/neutron_agents_dhcp_puppet', { 'use_namespaces': False, })[0] signals.connect(node1, neutron_agents_dhcp) + neutron_agents_l3 = vr.create('neutron_agents_l3', 'resources/neutron_agents_l3_puppet', { + # TODO(bogdando) these should come from the node network resource + 'use_namespaces': False, + 'metadata_port': 8775, + 'external_network_bridge': 'br-floating', + # The ID of the external router in neutron as 'router_id' input + # The ID of the external network in neutron as 'gateway_external_network_id' + })[0] + signals.connect(node1, neutron_agents_l3) # NEUTRON FOR COMPUTE (node2) # Deploy chain neutron -> (plugins) -> ( agents ) diff --git a/resources/neutron_agents_dhcp_puppet/README.md b/resources/neutron_agents_dhcp_puppet/README.md index f75b4ebf..ea1fcedb 100644 --- a/resources/neutron_agents_dhcp_puppet/README.md +++ b/resources/neutron_agents_dhcp_puppet/README.md @@ -1,12 +1,11 @@ # Neutron DHCP agent puppet resource -Setups Neutron DHCP agent. +Installs and configures the Neutron DHCP service # Parameters https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/agents/dhcp.pp - ``package_ensure`` (optional) Ensure state for package. Defaults to 'present'. diff --git a/resources/neutron_agents_l3_puppet/README.md b/resources/neutron_agents_l3_puppet/README.md new file mode 100644 index 00000000..4a74b464 --- /dev/null +++ b/resources/neutron_agents_l3_puppet/README.md @@ -0,0 +1,100 @@ +# Neutron L3 agent puppet resource + +Installs and configures the Neutron L3 service +TODO: create ability to have multiple L3 services + +# Parameters + +https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/agents/l3.pp + + ``package_ensure`` + (optional) The state of the package + Defaults to present + + ``debug`` + (optional) Print debug info in logs + Defaults to false + + ``external_network_bridge`` + (optional) The name of the external bridge + Defaults to br-ex + + ``use_namespaces`` + (optional) Enable overlapping IPs / network namespaces + Defaults to false + + ``interface_driver`` + (optional) Driver to interface with neutron + Defaults to OVSInterfaceDriver + + ``router_id`` + (optional) The ID of the external router in neutron + Defaults to blank + + ``gateway_external_network_id`` + (optional) The ID of the external network in neutron + Defaults to blank + + ``handle_internal_only_routers`` + (optional) L3 Agent will handle non-external routers + Defaults to true + + ``metadata_port`` + (optional) The port of the metadata server + Defaults to 9697 + + ``send_arp_for_ha`` + (optional) Send this many gratuitous ARPs for HA setup. Set it below or equal to 0 + to disable this feature. + Defaults to 3 + + ``periodic_interval`` + (optional) seconds between re-sync routers' data if needed + Defaults to 40 + + ``periodic_fuzzy_delay`` + (optional) seconds to start to sync routers' data after starting agent + Defaults to 5 + + ``enable_metadata_proxy`` + (optional) can be set to False if the Nova metadata server is not available + Defaults to True + + ``network_device_mtu`` + (optional) The MTU size for the interfaces managed by the L3 agent + Defaults to undef + Should be deprecated in the next major release in favor of a global parameter + + ``router_delete_namespaces`` + (optional) namespaces can be deleted cleanly on the host running the L3 agent + Defaults to False + + ``ha_enabled`` + (optional) Enabled or not HA for L3 agent. + Defaults to false + + ``ha_vrrp_auth_type`` + (optional) VRRP authentication type. Can be AH or PASS. + Defaults to "PASS" + + ``ha_vrrp_auth_password`` + (optional) VRRP authentication password. Required if ha_enabled = true. + Defaults to undef + + ``ha_vrrp_advert_int`` + (optional) The advertisement interval in seconds. + Defaults to '2' + + ``agent_mode`` + (optional) The working mode for the agent. + 'legacy': default behavior (without DVR) + 'dvr': enable DVR for an L3 agent running on compute node (DVR in production) + 'dvr_snat': enable DVR with centralized SNAT support (DVR for single-host, for testing only) + Defaults to 'legacy' + + ``allow_automatic_l3agent_failover`` + (optional) Automatically reschedule routers from offline L3 agents to online + L3 agents. + This is another way to run virtual routers in highly available way but with slow + failover performances compared to Keepalived feature in Neutron L3 Agent. + Defaults to 'False' \ No newline at end of file diff --git a/resources/neutron_agents_l3_puppet/actions/remove.pp b/resources/neutron_agents_l3_puppet/actions/remove.pp new file mode 100644 index 00000000..11b04be2 --- /dev/null +++ b/resources/neutron_agents_l3_puppet/actions/remove.pp @@ -0,0 +1,16 @@ +class { 'neutron::agents::l3': + package_ensure => 'absent', + enabled => false, +} + +include neutron::params + +package { 'neutron': + ensure => 'absent', + name => $::neutron::params::package_name, +} + +# Remove external class dependency +Service <| title == 'neutron-l3' |> { + require => undef +} \ No newline at end of file diff --git a/resources/neutron_agents_l3_puppet/actions/run.pp b/resources/neutron_agents_l3_puppet/actions/run.pp new file mode 100644 index 00000000..66971b1d --- /dev/null +++ b/resources/neutron_agents_l3_puppet/actions/run.pp @@ -0,0 +1,63 @@ +$resource = hiera($::resource_name) + +$ip = $resource['input']['ip']['value'] + +$package_ensure = $resource['input']['package_ensure']['value'] +$debug = $resource['input']['debug']['value'] +$external_network_bridge = $resource['input']['external_network_bridge']['value'] +$use_namespaces = $resource['input']['use_namespaces']['value'] +$interface_driver = $resource['input']['interface_driver']['value'] +$router_id = $resource['input']['router_id']['value'] +$gateway_external_network_id = $resource['input']['gateway_external_network_id']['value'] +$handle_internal_only_routers = $resource['input']['handle_internal_only_routers']['value'] +$metadata_port = $resource['input']['metadata_port']['value'] +$send_arp_for_ha = $resource['input']['send_arp_for_ha']['value'] +$periodic_interval = $resource['input']['periodic_interval']['value'] +$periodic_fuzzy_delay = $resource['input']['periodic_fuzzy_delay']['value'] +$enable_metadata_proxy = $resource['input']['enable_metadata_proxy']['value'] +$network_device_mtu = $resource['input']['network_device_mtu']['value'] +$router_delete_namespaces = $resource['input']['router_delete_namespaces']['value'] +$ha_enabled = $resource['input']['ha_enabled']['value'] +$ha_vrrp_auth_type = $resource['input']['ha_vrrp_auth_type']['value'] +$ha_vrrp_auth_password = $resource['input']['ha_vrrp_auth_password']['value'] +$ha_vrrp_advert_int = $resource['input']['ha_vrrp_advert_int']['value'] +$agent_mode = $resource['input']['agent_mode']['value'] +$allow_automatic_l3agent_failover = $resource['input']['allow_automatic_l3agent_failover']['value'] + +class { 'neutron::agents::l3': + enabled => true, + manage_service => true, + package_ensure => $package_ensure, + debug => $debug, + external_network_bridge => $external_network_bridge, + use_namespaces => $use_namespaces, + interface_driver => $interface_driver, + router_id => $router_id, + gateway_external_network_id => $gateway_external_network_id, + handle_internal_only_routers => $handle_internal_only_routers, + metadata_port => $metadata_port, + send_arp_for_ha => $send_arp_for_ha, + periodic_interval => $periodic_interval, + periodic_fuzzy_delay => $periodic_fuzzy_delay, + enable_metadata_proxy => $enable_metadata_proxy, + network_device_mtu => $network_device_mtu, + router_delete_namespaces => $router_delete_namespaces, + ha_enabled => $ha_enabled, + ha_vrrp_auth_type => $ha_vrrp_auth_type, + ha_vrrp_auth_password => $ha_vrrp_auth_password, + ha_vrrp_advert_int => $ha_vrrp_advert_int, + agent_mode => $agent_mode, + allow_automatic_l3agent_failover => $allow_automatic_l3agent_failover, +} + +include neutron::params + +package { 'neutron': + ensure => $package_ensure, + name => $::neutron::params::package_name, +} + +# Remove external class dependency +Service <| title == 'neutron-l3' |> { + require => undef +} \ No newline at end of file diff --git a/resources/neutron_agents_l3_puppet/meta.yaml b/resources/neutron_agents_l3_puppet/meta.yaml new file mode 100644 index 00000000..41d6be40 --- /dev/null +++ b/resources/neutron_agents_l3_puppet/meta.yaml @@ -0,0 +1,84 @@ +handler: puppet +id: 'neutron_agents_l3_puppet' +input: + ip: + schema: str! + value: + ssh_key: + schema: str! + value: + ssh_user: + schema: str! + value: + + package_ensure: + schema: str + value: 'present' + debug: + schema: bool + value: false + external_network_bridge: + schema: str + value: 'br-ex' + use_namespaces: + schema: bool + value: true + interface_driver: + schema: str + value: 'neutron.agent.linux.interface.OVSInterfaceDriver' + router_id: + schema: str + value: + gateway_external_network_id: + schema: str + value: + handle_internal_only_routers: + schema: bool + value: true + metadata_port: + schema: int + value: 9697 + send_arp_for_ha: + schema: int + value: 3 + periodic_interval: + schema: int + value: 40 + periodic_fuzzy_delay: + schema: int + value: 5 + enable_metadata_proxy: + schema: bool + value: true + network_device_mtu: + schema: str + value: + router_delete_namespaces: + schema: bool + value: false + ha_enabled: + schema: bool + value: false + ha_vrrp_auth_type: + schema: str + value: 'PASS' + ha_vrrp_auth_password: + schema: str + value: + ha_vrrp_advert_int: + schema: int + value: 3 + agent_mode: + schema: str + value: 'legacy' + allow_automatic_l3agent_failover: + schema: bool + value: false + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'} + +puppet_module: 'neutron' +tags: [resource/neutron, resource/neutron_agents_l3] +version: 1.0.0 From fa2c33077d5bfb30be7a15585e787a57c2dfe37e Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Thu, 6 Aug 2015 15:48:47 +0200 Subject: [PATCH 15/25] Use namespaces for L3 & DHCP agents Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/example-puppet.py b/example-puppet.py index 355c3028..7c25955c 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -254,17 +254,12 @@ def setup_resources(): signals.connect(node1, neutron_agents_ovs) # NEUTRON DHCP, L3, metadata agents - neutron_agents_dhcp = vr.create('neutron_agents_dhcp', 'resources/neutron_agents_dhcp_puppet', { - 'use_namespaces': False, - })[0] + neutron_agents_dhcp = vr.create('neutron_agents_dhcp', 'resources/neutron_agents_dhcp_puppet', {})[0] signals.connect(node1, neutron_agents_dhcp) neutron_agents_l3 = vr.create('neutron_agents_l3', 'resources/neutron_agents_l3_puppet', { # TODO(bogdando) these should come from the node network resource - 'use_namespaces': False, 'metadata_port': 8775, 'external_network_bridge': 'br-floating', - # The ID of the external router in neutron as 'router_id' input - # The ID of the external network in neutron as 'gateway_external_network_id' })[0] signals.connect(node1, neutron_agents_l3) From ad533c3cdfb0ca6766cee04fcee01b6d7634e3c8 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Thu, 6 Aug 2015 17:24:25 +0200 Subject: [PATCH 16/25] Add neutron metadata agent resource Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 9 +++ .../neutron_agents_metadata_puppet/README.md | 65 +++++++++++++++++ .../actions/remove.pp | 16 +++++ .../actions/run.pp | 53 ++++++++++++++ .../neutron_agents_metadata_puppet/meta.yaml | 70 +++++++++++++++++++ 5 files changed, 213 insertions(+) create mode 100644 resources/neutron_agents_metadata_puppet/README.md create mode 100644 resources/neutron_agents_metadata_puppet/actions/remove.pp create mode 100644 resources/neutron_agents_metadata_puppet/actions/run.pp create mode 100644 resources/neutron_agents_metadata_puppet/meta.yaml diff --git a/example-puppet.py b/example-puppet.py index 7c25955c..4f7ba2c0 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -262,6 +262,14 @@ def setup_resources(): 'external_network_bridge': 'br-floating', })[0] signals.connect(node1, neutron_agents_l3) + neutron_agents_metadata = vr.create('neutron_agents_metadata', 'resources/neutron_agents_metadata_puppet', { + 'shared_secret': 'secret', + })[0] + signals.connect(node1, neutron_agents_metadata) + signals.connect(neutron_server_puppet, neutron_agents_metadata, { + 'auth_host', 'auth_port', 'auth_password', + 'auth_tenant', 'auth_user', + }) # NEUTRON FOR COMPUTE (node2) # Deploy chain neutron -> (plugins) -> ( agents ) @@ -437,6 +445,7 @@ def setup_resources(): 'keystone_password': 'admin_password', 'keystone_host': 'auth_host', 'keystone_port': 'auth_port'}) + signals.connect(nova_api_puppet, neutron_agents_metadata, {'ip': 'metadata_ip'}) # NOVA CONDUCTOR nova_conductor_puppet = vr.create('nova_conductor_puppet', 'resources/nova_conductor_puppet', {})[0] diff --git a/resources/neutron_agents_metadata_puppet/README.md b/resources/neutron_agents_metadata_puppet/README.md new file mode 100644 index 00000000..94cba4c7 --- /dev/null +++ b/resources/neutron_agents_metadata_puppet/README.md @@ -0,0 +1,65 @@ +# Neutron DHCP agent puppet resource + +Setup and configure Neutron metadata agent + +# Parameters + +https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/agents/metadata.pp + + ``auth_password`` + (required) The password for the administrative user. + + ``shared_secret`` + (required) Shared secret to validate proxies Neutron metadata requests. + + ``package_ensure`` + Ensure state of the package. Defaults to 'present'. + + ``debug`` + Debug. Defaults to false. + + ``auth_tenant`` + The administrative user's tenant name. Defaults to 'services'. + + ``auth_user`` + The administrative user name for OpenStack Networking. + Defaults to 'neutron'. + + ``auth_url`` + The URL used to validate tokens. Defaults to 'http://localhost:35357/v2.0'. + Note, for this resource it is decomposed to auth_host and auth_port + due to implementation restrictions + + ``auth_insecure`` + turn off verification of the certificate for ssl (Defaults to false) + + ``auth_ca_cert`` + CA cert to check against with for ssl keystone. (Defaults to undef) + + ``auth_region`` + The authentication region. Defaults to 'RegionOne'. + + ``metadata_ip`` + The IP address of the metadata service. Defaults to '127.0.0.1'. + + ``metadata_port`` + The TCP port of the metadata service. Defaults to 8775. + + ``metadata_workers`` + (optional) Number of separate worker processes to spawn. + The default, count of machine's processors, runs the worker thread in the + current process. + Greater than 0 launches that number of child processes as workers. + The parent process manages them. Having more workers will help to improve performances. + Defaults to: $::processorcount + + ``metadata_backlog`` + (optional) Number of backlog requests to configure the metadata server socket with. + Defaults to 4096 + + ``metadata_memory_cache_ttl`` + (optional) Specifies time in seconds a metadata cache entry is valid in + memory caching backend. + Set to 0 will cause cache entries to never expire. + Set to undef or false to disable cache. + Defaults to 5 \ No newline at end of file diff --git a/resources/neutron_agents_metadata_puppet/actions/remove.pp b/resources/neutron_agents_metadata_puppet/actions/remove.pp new file mode 100644 index 00000000..15000590 --- /dev/null +++ b/resources/neutron_agents_metadata_puppet/actions/remove.pp @@ -0,0 +1,16 @@ +class { 'neutron::agents::metadata': + package_ensure => 'absent', + enabled => false, +} + +include neutron::params + +package { 'neutron': + ensure => 'absent', + name => $::neutron::params::package_name, +} + +# Remove external class dependency +Service <| title == 'neutron-metadata' |> { + require => undef +} \ No newline at end of file diff --git a/resources/neutron_agents_metadata_puppet/actions/run.pp b/resources/neutron_agents_metadata_puppet/actions/run.pp new file mode 100644 index 00000000..ab99d768 --- /dev/null +++ b/resources/neutron_agents_metadata_puppet/actions/run.pp @@ -0,0 +1,53 @@ +$resource = hiera($::resource_name) + +$ip = $resource['input']['ip']['value'] + +$auth_host = $resource['input']['auth_host']['value'] +$auth_port = $resource['input']['auth_port']['value'] + +$auth_password = $resource['input']['auth_password']['value'] +$shared_secret = $resource['input']['shared_secret']['value'] +$package_ensure = $resource['input']['package_ensure']['value'] +$debug = $resource['input']['debug']['value'] +$auth_tenant = $resource['input']['auth_tenant']['value'] +$auth_user = $resource['input']['auth_user']['value'] +$auth_insecure = $resource['input']['auth_insecure']['value'] +$auth_ca_cert = $resource['input']['auth_ca_cert']['value'] +$auth_region = $resource['input']['auth_region']['value'] +$metadata_ip = $resource['input']['metadata_ip']['value'] +$metadata_port = $resource['input']['metadata_port']['value'] +$metadata_workers = $resource['input']['metadata_workers']['value'] +$metadata_backlog = $resource['input']['metadata_backlog']['value'] +$metadata_memory_cache_ttl = $resource['input']['metadata_memory_cache_ttl']['value'] + +class { 'neutron::agents::metadata': + enabled => true, + manage_service => true, + auth_password => $auth_password, + shared_secret => $shared_secret, + package_ensure => $package_ensure, + debug => $debug, + auth_tenant => $auth_tenant, + auth_user => $auth_user, + auth_url => "http://${auth_host}:${auth_port}/v2.0", + auth_insecure => $auth_insecure, + auth_ca_cert => $auth_ca_cert, + auth_region => $auth_region, + metadata_ip => $metadata_ip, + metadata_port => $metadata_port, + metadata_workers => $metadata_workers, + metadata_backlog => $metadata_backlog, + metadata_memory_cache_ttl => $metadata_memory_cache_ttl, +} + +include neutron::params + +package { 'neutron': + ensure => $package_ensure, + name => $::neutron::params::package_name, +} + +# Remove external class dependency +Service <| title == 'neutron-metadata' |> { + require => undef +} \ No newline at end of file diff --git a/resources/neutron_agents_metadata_puppet/meta.yaml b/resources/neutron_agents_metadata_puppet/meta.yaml new file mode 100644 index 00000000..0d7a2e17 --- /dev/null +++ b/resources/neutron_agents_metadata_puppet/meta.yaml @@ -0,0 +1,70 @@ +handler: puppet +id: 'neutron_agents_metadata_puppet' +input: + ip: + schema: str! + value: + ssh_key: + schema: str! + value: + ssh_user: + schema: str! + value: + + auth_password: + schema: str! + value: + shared_secret: + schema: str! + value: + package_ensure: + schema: str + value: 'present' + debug: + schema: bool + value: false + auth_tenant: + schema: str + value: 'services' + auth_user: + schema: str + value: 'neutron' + auth_insecure: + schema: bool + value: false + auth_ca_cert: + schema: str + value: + auth_region: + schema: str + value: 'RegionOne' + metadata_ip: + schema: str + value: '127.0.0.1' + metadata_port: + schema: int + value: 8775 + metadata_workers: + schema: int + value: 1 + metadata_backlog: + schema: int + value: 4096 + metadata_memory_cache_ttl: + schema: int + value: 5 + + auth_host: + schema: str + value: 'localhost' + auth_port: + schema: int + value: 35357 + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'} + +puppet_module: 'neutron' +tags: [resource/neutron, resource/neutron_agents_metadata] +version: 1.0.0 From 87c89262f6a991de2f3c938d96dd2b140583a8cf Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Mon, 10 Aug 2015 14:49:29 +0200 Subject: [PATCH 17/25] Fix deployment order for example puppet Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/example-puppet.py b/example-puppet.py index 4f7ba2c0..c1c17bb2 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -624,6 +624,14 @@ resources_to_run = [ 'nova_api_puppet', 'nova_conductor_puppet', + 'glance_db', + 'glance_db_user', + 'glance_keystone_user', + 'glance_keystone_role', + 'glance_keystone_service_endpoint', + 'glance_api_puppet', + 'glance_registry_puppet', + 'nova_puppet2', 'nova_compute_libvirt_puppet', 'nova_neutron_puppet', @@ -632,18 +640,9 @@ resources_to_run = [ 'neutron_puppet2', 'neutron_plugins_ovs2', 'neutron_agents_ovs2', - - 'glance_db', - 'glance_db_user', - 'glance_keystone_user', - 'glance_keystone_role', - 'glance_keystone_service_endpoint', - 'glance_api_puppet', - 'glance_registry_puppet', ] - @click.command() def deploy(): setup_resources() From 70c3557bf29324e763e5dfa36aa19b72fbfa8d83 Mon Sep 17 00:00:00 2001 From: Jedrzej Nowak Date: Fri, 21 Aug 2015 16:59:39 +0200 Subject: [PATCH 18/25] Implemented uids history for solar cli commands --- solar/solar/cli/orch.py | 21 ++++++------ solar/solar/cli/system_log.py | 7 ++-- solar/solar/cli/uids_history.py | 58 +++++++++++++++++++++++++++++++++ 3 files changed, 74 insertions(+), 12 deletions(-) mode change 100644 => 100755 solar/solar/cli/orch.py create mode 100644 solar/solar/cli/uids_history.py diff --git a/solar/solar/cli/orch.py b/solar/solar/cli/orch.py old mode 100644 new mode 100755 index aa72f908..8e0f56d3 --- a/solar/solar/cli/orch.py +++ b/solar/solar/cli/orch.py @@ -7,6 +7,7 @@ import networkx as nx from solar.orchestration import graph from solar.orchestration import tasks +from solar.cli.uids_history import SOLARUID @click.group(name='orch') @@ -29,14 +30,14 @@ def create(plan): @orchestration.command() -@click.argument('uid') +@click.argument('uid', type=SOLARUID) @click.argument('plan', type=click.File('rb')) def update(uid, plan): graph.update_plan(uid, plan.read()) @orchestration.command() -@click.argument('uid') +@click.argument('uid', type=SOLARUID) def report(uid): colors = { 'PENDING': 'cyan', @@ -53,7 +54,7 @@ def report(uid): click.echo(click.style(msg, fg=colors[item[1]])) @orchestration.command(name='run-once') -@click.argument('uid') +@click.argument('uid', type=SOLARUID) @click.option('--start', default=None) @click.option('--end', default=None) def run_once(uid, start, end): @@ -63,20 +64,20 @@ def run_once(uid, start, end): queue='scheduler') @orchestration.command() -@click.argument('uid') +@click.argument('uid', type=SOLARUID) def restart(uid): graph.reset(uid) tasks.schedule_start.apply_async(args=[uid], queue='scheduler') @orchestration.command() -@click.argument('uid') +@click.argument('uid', type=SOLARUID) def reset(uid): graph.reset(uid) @orchestration.command() -@click.argument('uid') +@click.argument('uid', type=SOLARUID) def stop(uid): # TODO(dshulyak) how to do "hard" stop? # using revoke(terminate=True) will lead to inability to restart execution @@ -86,21 +87,21 @@ def stop(uid): @orchestration.command() -@click.argument('uid') +@click.argument('uid', type=SOLARUID) def resume(uid): graph.reset(uid, ['SKIPPED']) tasks.schedule_start.apply_async(args=[uid], queue='scheduler') @orchestration.command() -@click.argument('uid') +@click.argument('uid', type=SOLARUID) def retry(uid): graph.reset(uid, ['ERROR']) tasks.schedule_start.apply_async(args=[uid], queue='scheduler') @orchestration.command() -@click.argument('uid') +@click.argument('uid', type=SOLARUID) def dg(uid): plan = graph.get_graph(uid) @@ -122,6 +123,6 @@ def dg(uid): @orchestration.command() -@click.argument('uid') +@click.argument('uid', type=SOLARUID) def show(uid): click.echo(graph.show(uid)) diff --git a/solar/solar/cli/system_log.py b/solar/solar/cli/system_log.py index 896655f5..6dbe4987 100644 --- a/solar/solar/cli/system_log.py +++ b/solar/solar/cli/system_log.py @@ -8,6 +8,7 @@ from solar.core import resource from solar.system_log import change from solar.system_log import operations from solar.system_log import data +from solar.cli.uids_history import get_uid, remember_uid, SOLARUID @click.group() @@ -35,11 +36,13 @@ def stage(): @changes.command() def process(): - click.echo(change.send_to_orchestration()) + uid = change.send_to_orchestration() + remember_uid(uid) + click.echo(uid) @changes.command() -@click.argument('uid') +@click.argument('uid', type=SOLARUID) def commit(uid): operations.commit(uid) diff --git a/solar/solar/cli/uids_history.py b/solar/solar/cli/uids_history.py new file mode 100644 index 00000000..7a00e702 --- /dev/null +++ b/solar/solar/cli/uids_history.py @@ -0,0 +1,58 @@ +import click +import os +import re + +UIDS_HISTORY = os.path.join(os.getcwd(), '.solar_cli_uids') + + +def remember_uid(uid): + """ + Remembers last 3 uids. + Can be used then as `last`, `last1`, `last2` anywhere + """ + try: + with open(UIDS_HISTORY, 'rb') as f: + hist = [x.strip() for x in f.readlines()] + except IOError: + hist = [] + hist.insert(0, uid) + if len(hist) > 3: + hist = hist[:3] + with open(UIDS_HISTORY, 'wb') as f: + f.write('\n'.join(hist)) + + +def get_uid(given_uid): + """ + Converts given uid to real uid. + """ + matched = re.search('last(\d*)', given_uid) + if matched: + try: + position = int(matched.group(1)) + except ValueError: + position = 0 + with open(UIDS_HISTORY, 'rb') as f: + uids = [x.strip() for x in f.readlines()] + try: + return uids[position] + except IndexError: + # fallback to original + return given_uid + return given_uid + + +class SolarUIDParameterType(click.types.StringParamType): + """ + Type for solar changes uid. + Works like a string but can convert `last(\d+)` to valid uid. + """ + name = 'uid' + + def convert(self, value, param, ctx): + value = click.types.StringParamType.convert(self, value, param, ctx) + value = get_uid(value) + return value + + +SOLARUID = SolarUIDParameterType() From 6251331f2701d8adeb695c3af24baad60c90d7e7 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Mon, 24 Aug 2015 13:25:50 +0200 Subject: [PATCH 19/25] Fix neutron db stamp head Signed-off-by: Bogdan Dobrelya --- resources/neutron_plugins_ovs_puppet/actions/run.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/resources/neutron_plugins_ovs_puppet/actions/run.pp b/resources/neutron_plugins_ovs_puppet/actions/run.pp index 1eb39ef2..e4816044 100644 --- a/resources/neutron_plugins_ovs_puppet/actions/run.pp +++ b/resources/neutron_plugins_ovs_puppet/actions/run.pp @@ -42,6 +42,7 @@ include neutron::params package { 'neutron': ensure => $package_ensure, name => $::neutron::params::package_name, + before => Exec['neutron-db-sync'] } # Remove external class dependency From 2e78911e5c57794490311ab35fd94eb263f6c7c7 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Tue, 25 Aug 2015 12:40:46 +0200 Subject: [PATCH 20/25] Fix neutron conf for compute and nova_neutron resource Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 12 ++++++++++ resources/nova_neutron_puppet/README.md | 6 +++++ resources/nova_neutron_puppet/actions/run.pp | 13 ++++++---- resources/nova_neutron_puppet/meta.yaml | 25 +++++++++++++++----- 4 files changed, 46 insertions(+), 10 deletions(-) diff --git a/example-puppet.py b/example-puppet.py index c1c17bb2..1afe8d31 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -475,8 +475,20 @@ def setup_resources(): # NOTE(bogdando): changes nova config, so should notify nova compute service nova_compute_libvirt_puppet = vr.create('nova_compute_libvirt_puppet', 'resources/nova_compute_libvirt_puppet', {})[0] signals.connect(node2, nova_compute_libvirt_puppet) + # compute configuration for neutron, use http auth/endpoint protocols, keystone v2 auth hardcoded for the resource nova_neutron_puppet = vr.create('nova_neutron_puppet', 'resources/nova_neutron_puppet', {})[0] signals.connect(node2, nova_neutron_puppet) + signals.connect(neutron_server_puppet, nova_neutron_puppet, { + 'auth_password': 'neutron_admin_password', + 'auth_user': 'neutron_admin_username', + 'auth_type': 'neutron_auth_strategy', + 'auth_host': 'auth_host', 'auth_port': 'auth_port', + 'auth_protocol': 'auth_protocol', + }) + signals.connect(neutron_keystone_service_endpoint, nova_neutron_puppet, { + 'internal_ip':'neutron_endpoint_host', + 'internal_port':'neutron_endpoint_port', + }) # signals.connect(keystone_puppet, nova_network_puppet, {'ip': 'keystone_host', 'port': 'keystone_port'}) # signals.connect(keystone_puppet, nova_keystone_service_endpoint, {'ip': 'keystone_host', 'admin_port': 'keystone_port', 'admin_token': 'admin_token'}) diff --git a/resources/nova_neutron_puppet/README.md b/resources/nova_neutron_puppet/README.md index 1824d2af..fd438068 100644 --- a/resources/nova_neutron_puppet/README.md +++ b/resources/nova_neutron_puppet/README.md @@ -32,6 +32,9 @@ source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/network/neu ``neutron_url`` (optional) URL for connecting to the Neutron networking service. Defaults to 'http://127.0.0.1:9696' + Note: for this resource it is decomposed to the + 'neutron_endpoint_host', 'neutron_endpoint_port', 'neutron_endpoint_protocol' inputs + due to implementation limitations ``neutron_url_timeout`` (optional) Timeout value for connecting to neutron in seconds. @@ -73,6 +76,9 @@ source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/network/neu This is the Identity (keystone) admin API server IP and port value, and not the Identity service API IP and port. Defaults to 'http://127.0.0.1:35357/v2.0' + Note: for this resource it is decomposed to the + 'auth_host', 'auth_port', 'auth_protocol' inputs + due to implementation limitations ``network_api_class`` (optional) The full class name of the network API class. diff --git a/resources/nova_neutron_puppet/actions/run.pp b/resources/nova_neutron_puppet/actions/run.pp index 173f13da..4a0db5b8 100644 --- a/resources/nova_neutron_puppet/actions/run.pp +++ b/resources/nova_neutron_puppet/actions/run.pp @@ -1,16 +1,21 @@ $resource = hiera($::resource_name) +$auth_host = $resource['input']['auth_host']['value'] +$auth_port = $resource['input']['auth_port']['value'] +$auth_protocol = $resource['input']['auth_protocol']['value'] +$neutron_endpoint_host = $resource['input']['neutron_endpoint_host']['value'] +$neutron_endpoint_port = $resource['input']['neutron_endpoint_port']['value'] +$neutron_endpoint_protocol = $resource['input']['neutron_endpoint_protocol']['value'] + $libvirt_vif_driver = $resource['input']['libvirt_vif_driver']['value'] $force_snat_range = $resource['input']['force_snat_range']['value'] $neutron_admin_password = $resource['input']['neutron_admin_password']['value'] $neutron_auth_strategy = $resource['input']['neutron_auth_strategy']['value'] -$neutron_url = $resource['input']['neutron_url']['value'] $neutron_url_timeout = $resource['input']['neutron_url_timeout']['value'] $neutron_admin_tenant_name = $resource['input']['neutron_admin_tenant_name']['value'] $neutron_default_tenant_id = $resource['input']['neutron_default_tenant_id']['value'] $neutron_region_name = $resource['input']['neutron_region_name']['value'] $neutron_admin_username = $resource['input']['neutron_admin_username']['value'] -$neutron_admin_auth_url = $resource['input']['neutron_admin_auth_url']['value'] $neutron_ovs_bridge = $resource['input']['neutron_ovs_bridge']['value'] $neutron_extension_sync_interval = $resource['input']['neutron_extension_sync_interval']['value'] $neutron_ca_certificates_file = $resource['input']['neutron_ca_certificates_file']['value'] @@ -30,13 +35,13 @@ class { 'nova::compute::neutron': class { 'nova::network::neutron': neutron_admin_password => $neutron_admin_password, neutron_auth_strategy => $neutron_auth_strategy, - neutron_url => $neutron_url, + neutron_url => "${neutron_endpoint_protocol}://${neutron_endpoint_host}:${neutron_endpoint_port}", neutron_url_timeout => $neutron_url_timeout, neutron_admin_tenant_name => $neutron_admin_tenant_name, neutron_default_tenant_id => $neutron_default_tenant_id, neutron_region_name => $neutron_region_name, neutron_admin_username => $neutron_admin_username, - neutron_admin_auth_url => $neutron_admin_auth_url, + neutron_admin_auth_url => "${auth_protocol}://${auth_host}:${auth_port}/v2.0", neutron_ovs_bridge => $neutron_ovs_bridge, neutron_extension_sync_interval => $neutron_extension_sync_interval, neutron_ca_certificates_file => $neutron_ca_certificates_file, diff --git a/resources/nova_neutron_puppet/meta.yaml b/resources/nova_neutron_puppet/meta.yaml index f8afae15..a3e7a111 100644 --- a/resources/nova_neutron_puppet/meta.yaml +++ b/resources/nova_neutron_puppet/meta.yaml @@ -3,6 +3,25 @@ handler: puppet puppet_module: nova version: 1.0.0 input: + auth_host: + schema: str + value: 'localhost' + auth_port: + schema: int + value: 35357 + auth_protocol: + schema: str + value: 'http' + neutron_endpoint_host: + schema: str + value: 'localhost' + neutron_endpoint_port: + schema: int + value: 9696 + neutron_endpoint_protocol: + schema: str + value: 'http' + libvirt_vif_driver: schema: str value: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' @@ -15,9 +34,6 @@ input: neutron_auth_strategy: schema: str value: 'keystone' - neutron_url: - schema: str - value: 'http://127.0.0.1:9696' neutron_url_timeout: schema: int value: 30 @@ -33,9 +49,6 @@ input: neutron_admin_username: schema: str value: 'neutron' - neutron_admin_auth_url: - schema: str - value: 'http://127.0.0.1:35357/v2.0' neutron_ovs_bridge: schema: str value: 'br-int' From 55ed76fe81b452b6a99f36cd1a03d13717378190 Mon Sep 17 00:00:00 2001 From: Przemyslaw Kaminski Date: Tue, 25 Aug 2015 12:56:49 +0200 Subject: [PATCH 21/25] Fix puppet id and module in meta.yaml --- resources/apache_puppet/meta.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/resources/apache_puppet/meta.yaml b/resources/apache_puppet/meta.yaml index d14b26fd..89a233e7 100644 --- a/resources/apache_puppet/meta.yaml +++ b/resources/apache_puppet/meta.yaml @@ -1,6 +1,6 @@ -id: cinder_scheduler_puppet +id: apache_puppet handler: puppet -puppet_module: cinder_scheduler +puppet_module: apache version: 1.0.0 input: apache_name: From 1939bafca3ee9c85cb9d56552fdcef32063644c2 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Tue, 25 Aug 2015 15:03:04 +0200 Subject: [PATCH 22/25] Add neutron agents to the composition Signed-off-by: Bogdan Dobrelya --- example-puppet.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/example-puppet.py b/example-puppet.py index 1afe8d31..160d16f1 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -615,6 +615,9 @@ resources_to_run = [ 'neutron_plugins_ovs', 'neutron_server_puppet', 'neutron_agents_ovs', + 'neutron_agents_dhcp', + 'neutron_agents_l3', + 'neutron_agents_metadata', 'cinder_db', 'cinder_db_user', From 03adaf7cdefa5064a02c8484ae73f9a7716786f5 Mon Sep 17 00:00:00 2001 From: Przemyslaw Kaminski Date: Thu, 27 Aug 2015 11:52:51 +0200 Subject: [PATCH 23/25] Remove duplicated code in virtual_resource.py --- solar/solar/core/resource/virtual_resource.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/solar/solar/core/resource/virtual_resource.py b/solar/solar/core/resource/virtual_resource.py index 8e2d3633..3601a9a9 100644 --- a/solar/solar/core/resource/virtual_resource.py +++ b/solar/solar/core/resource/virtual_resource.py @@ -27,10 +27,6 @@ def create_resource(name, base_path, args, virtual_resource=None): prepare_meta(metadata) - if os.path.exists(actions_path): - for f in os.listdir(actions_path): - metadata['actions'][os.path.splitext(f)[0]] = f - tags = metadata.get('tags', []) resource = Resource(name, metadata, args, tags, virtual_resource) From 9243848329f507ea9cd4ef3af69d0805d6c4ce2d Mon Sep 17 00:00:00 2001 From: Dmitry Shulyak Date: Fri, 7 Aug 2015 17:29:33 +0300 Subject: [PATCH 24/25] Fix system_log and add compact view for changes --- solar/solar/cli/system_log.py | 8 ++++---- solar/solar/system_log/change.py | 5 +++-- solar/solar/system_log/data.py | 20 ++++++++++++-------- solar/solar/system_log/operations.py | 10 +++++----- solar/solar/system_log/tasks.py | 4 ++-- 5 files changed, 26 insertions(+), 21 deletions(-) diff --git a/solar/solar/cli/system_log.py b/solar/solar/cli/system_log.py index 6dbe4987..8a62c336 100644 --- a/solar/solar/cli/system_log.py +++ b/solar/solar/cli/system_log.py @@ -27,11 +27,11 @@ def validate(): @changes.command() def stage(): - log = change.stage_changes() - staged = list(log.reverse()) - if not staged: + log = list(change.stage_changes().reverse()) + for item in log: + click.echo(item) + if not log: click.echo('No changes') - click.echo(staged) @changes.command() diff --git a/solar/solar/system_log/change.py b/solar/solar/system_log/change.py index 34a74589..65140eac 100644 --- a/solar/solar/system_log/change.py +++ b/solar/solar/system_log/change.py @@ -63,11 +63,12 @@ def _stage_changes(staged_resources, conn_graph, df = create_diff(staged_data, commited_data) if df: + action = guess_action(commited_data, staged_data) log_item = data.LogItem( utils.generate_uuid(), res_uid, - df, - guess_action(commited_data, staged_data)) + '{}.{}'.format(res_uid, action), + df) staged_log.append(log_item) return staged_log diff --git a/solar/solar/system_log/data.py b/solar/solar/system_log/data.py index 0c99fdce..36e0a13c 100644 --- a/solar/solar/system_log/data.py +++ b/solar/solar/system_log/data.py @@ -30,12 +30,12 @@ CL = partial(state_file, 'commit_log') class LogItem(object): - def __init__(self, uid, res, diff, action, state=None): + def __init__(self, uid, res, log_action, diff, state=None): self.uid = uid self.res = res + self.log_action = log_action self.diff = diff self.state = state or STATES.pending - self.action = action def to_yaml(self): return utils.yaml_dump(self.to_dict()) @@ -43,9 +43,9 @@ class LogItem(object): def to_dict(self): return {'uid': self.uid, 'res': self.res, + 'log_action': self.log_action, 'diff': self.diff, - 'state': self.state.name, - 'action': self.action} + 'state': self.state.name} @classmethod def from_dict(cls, **kwargs): @@ -54,10 +54,14 @@ class LogItem(object): return cls(**kwargs) def __str__(self): - return self.to_yaml() + return self.compact def __repr__(self): - return self.to_yaml() + return self.compact + + @property + def compact(self): + return 'log task={} uid={}'.format(self.log_action, self.uid) class Log(object): @@ -66,7 +70,7 @@ class Log(object): self.ordered_log = db.get_set(path) def append(self, logitem): - self.ordered_log.add([(logitem.res, logitem.to_dict())]) + self.ordered_log.add([(logitem.log_action, logitem.to_dict())]) def pop(self, uid): item = self.get(uid) @@ -76,7 +80,7 @@ class Log(object): return item def update(self, logitem): - self.ordered_log.update(logitem.res, logitem.to_dict()) + self.ordered_log.update(logitem.log_action, logitem.to_dict()) def clean(self): self.ordered_log.clean() diff --git a/solar/solar/system_log/operations.py b/solar/solar/system_log/operations.py index 82714837..b2955f6b 100644 --- a/solar/solar/system_log/operations.py +++ b/solar/solar/system_log/operations.py @@ -4,20 +4,20 @@ from solar.system_log import data from dictdiffer import patch -def set_error(task_uuid, *args, **kwargs): +def set_error(log_action, *args, **kwargs): sl = data.SL() - item = sl.get(task_uuid) + item = sl.get(log_action) if item: item.state = data.STATES.error sl.update(item) -def move_to_commited(task_uuid, *args, **kwargs): +def move_to_commited(log_action, *args, **kwargs): sl = data.SL() - item = sl.pop(task_uuid) + item = sl.pop(log_action) if item: commited = data.CD() - staged_data = patch(item.diff, commited.get(item.res, {})) + staged_data = patch(item.diff, commited.get(item.log_action, {})) cl = data.CL() item.state = data.STATES.success cl.append(item) diff --git a/solar/solar/system_log/tasks.py b/solar/solar/system_log/tasks.py index 7f715bd7..81929aa5 100644 --- a/solar/solar/system_log/tasks.py +++ b/solar/solar/system_log/tasks.py @@ -6,11 +6,11 @@ from solar.system_log.operations import set_error, move_to_commited __all__ = ['error_logitem', 'commit_logitem'] -@app.task +@app.task(name='error_logitem') def error_logitem(task_uuid): return set_error(task_uuid.rsplit(':', 1)[-1]) -@app.task +@app.task(name='commit_logitem') def commit_logitem(task_uuid): return move_to_commited(task_uuid.rsplit(':', 1)[-1]) From bfd4a6189e693f5bdb432ceff4215da778eba3cc Mon Sep 17 00:00:00 2001 From: Dmitry Shulyak Date: Fri, 7 Aug 2015 18:33:41 +0300 Subject: [PATCH 25/25] Add detailed output for system log items Covered: - add non existent value - change existing value --- solar/solar/cli/system_log.py | 17 ++++++++++++++++- solar/solar/system_log/data.py | 14 ++++++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/solar/solar/cli/system_log.py b/solar/solar/cli/system_log.py index 8a62c336..fbd4f863 100644 --- a/solar/solar/cli/system_log.py +++ b/solar/solar/cli/system_log.py @@ -26,13 +26,28 @@ def validate(): @changes.command() -def stage(): +@click.option('-d', default=False, is_flag=True) +def stage(d): log = list(change.stage_changes().reverse()) for item in log: click.echo(item) + if d: + for line in item.details: + click.echo(' '*4+line) if not log: click.echo('No changes') +@changes.command(name='staged-item') +@click.argument('log_action') +@click.option('-d', default=True, is_flag=True) +def staged_item(log_action, d): + item = data.SL().get(log_action) + if not item: + click.echo('No staged changes for {}'.format(log_action)) + else: + click.echo(item) + for line in item.details: + click.echo(' '*4+line) @changes.command() def process(): diff --git a/solar/solar/system_log/data.py b/solar/solar/system_log/data.py index 36e0a13c..a5e300cf 100644 --- a/solar/solar/system_log/data.py +++ b/solar/solar/system_log/data.py @@ -63,6 +63,20 @@ class LogItem(object): def compact(self): return 'log task={} uid={}'.format(self.log_action, self.uid) + @property + def details(self): + rst = [] + for type_, val, change in self.diff: + if type_ == 'add': + for it in change: + if isinstance(it, dict): + rst.append('++ {}: {}'.format(it[0], it[1]['value'])) + else: + rst.append('++ {}: {}'.format(it[0], str(it[1]))) + elif type_ == 'change': + rst.append('-+ {}: {} >> {}'.format(val, change[0], change[1])) + return rst + class Log(object):