Merge branch 'pretty' into jnowak/events_riak1

This commit is contained in:
Przemyslaw Kaminski 2015-09-01 13:10:54 +02:00
commit aff97b4a7c
41 changed files with 2303 additions and 135 deletions

View File

@ -160,9 +160,29 @@ def setup_resources():
signals.connect(admin_user, openrc, {'user_name': 'user_name','user_password':'password', 'tenant_name': 'tenant'}) signals.connect(admin_user, openrc, {'user_name': 'user_name','user_password':'password', 'tenant_name': 'tenant'})
# NEUTRON # NEUTRON
# TODO: vhost cannot be specified in neutron Puppet manifests so this user has to be admin anyways # Deploy chain neutron -> (plugins) -> neutron_server -> ( agents )
neutron_puppet = vr.create('neutron_puppet', 'resources/neutron_puppet', {})[0] neutron_puppet = vr.create('neutron_puppet', 'resources/neutron_puppet', {
'core_plugin': 'neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2'
})[0]
signals.connect(node1, neutron_puppet)
signals.connect(rabbitmq_service1, neutron_puppet, {
'ip': 'rabbit_host',
'port': 'rabbit_port'
})
signals.connect(openstack_rabbitmq_user, neutron_puppet, {
'user_name': 'rabbit_user',
'password': 'rabbit_password'})
signals.connect(openstack_vhost, neutron_puppet, {
'vhost_name': 'rabbit_virtual_host'})
# NEUTRON API (SERVER)
neutron_server_puppet = vr.create('neutron_server_puppet', 'resources/neutron_server_puppet', {
'sync_db': True,
})[0]
neutron_db = vr.create('neutron_db', 'resources/mariadb_db/', {
'db_name': 'neutron_db', 'login_user': 'root'})[0]
neutron_db_user = vr.create('neutron_db_user', 'resources/mariadb_user/', {
'user_name': 'neutron', 'user_password': 'neutron', 'login_user': 'root'})[0]
neutron_keystone_user = vr.create('neutron_keystone_user', 'resources/keystone_user', { neutron_keystone_user = vr.create('neutron_keystone_user', 'resources/keystone_user', {
'user_name': 'neutron', 'user_name': 'neutron',
'user_password': 'neutron' 'user_password': 'neutron'
@ -179,24 +199,29 @@ def setup_resources():
'type': 'network' 'type': 'network'
})[0] })[0]
signals.connect(node1, neutron_puppet) signals.connect(node1, neutron_db)
signals.connect(rabbitmq_service1, neutron_puppet, { signals.connect(node1, neutron_db_user)
'ip': 'rabbitmq_host', signals.connect(mariadb_service1, neutron_db, {
'port': 'rabbitmq_port' 'port': 'login_port',
'root_password': 'login_password',
'root_user': 'login_user',
'ip' : 'db_host'})
signals.connect(mariadb_service1, neutron_db_user, {'port': 'login_port', 'root_password': 'login_password'})
signals.connect(neutron_db, neutron_db_user, {'db_name', 'db_host'})
signals.connect(neutron_db_user, neutron_server_puppet, {
'user_name':'db_user',
'db_name':'db_name',
'user_password':'db_password',
'db_host' : 'db_host'})
signals.connect(node1, neutron_server_puppet)
signals.connect(admin_user, neutron_server_puppet, {
'user_name': 'auth_user',
'user_password': 'auth_password',
'tenant_name': 'auth_tenant'
}) })
signals.connect(openstack_rabbitmq_user, neutron_puppet, { signals.connect(keystone_puppet, neutron_server_puppet, {
'user_name': 'rabbitmq_user', 'ip': 'auth_host',
'password': 'rabbitmq_password'}) 'port': 'auth_port'
signals.connect(openstack_vhost, neutron_puppet, {
'vhost_name': 'rabbitmq_virtual_host'})
signals.connect(admin_user, neutron_puppet, {
'user_name': 'keystone_user',
'user_password': 'keystone_password',
'tenant_name': 'keystone_tenant'
})
signals.connect(keystone_puppet, neutron_puppet, {
'ip': 'keystone_host',
'port': 'keystone_port'
}) })
signals.connect(services_tenant, neutron_keystone_user) signals.connect(services_tenant, neutron_keystone_user)
signals.connect(neutron_keystone_user, neutron_keystone_role) signals.connect(neutron_keystone_user, neutron_keystone_role)
@ -209,9 +234,69 @@ def setup_resources():
}) })
signals.connect(neutron_puppet, neutron_keystone_service_endpoint, { signals.connect(neutron_puppet, neutron_keystone_service_endpoint, {
'ip': ['admin_ip', 'internal_ip', 'public_ip'], 'ip': ['admin_ip', 'internal_ip', 'public_ip'],
'port': ['admin_port', 'internal_port', 'public_port'], 'bind_port': ['admin_port', 'internal_port', 'public_port'],
}) })
# NEUTRON OVS PLUGIN & AGENT WITH GRE
neutron_plugins_ovs = vr.create('neutron_plugins_ovs', 'resources/neutron_plugins_ovs_puppet', {
'tenant_network_type': 'gre',
})[0]
signals.connect(node1, neutron_plugins_ovs)
signals.connect(neutron_db_user, neutron_plugins_ovs, {
'user_name':'db_user',
'db_name':'db_name',
'user_password':'db_password',
'db_host' : 'db_host'
})
neutron_agents_ovs = vr.create('neutron_agents_ovs', 'resources/neutron_agents_ovs_puppet', {
# TODO(bogdando) these should come from the node network resource
'enable_tunneling': True,
'local_ip': '10.1.0.13' # should be the IP addr of the br-mesh int.
})[0]
signals.connect(node1, neutron_agents_ovs)
# NEUTRON DHCP, L3, metadata agents
neutron_agents_dhcp = vr.create('neutron_agents_dhcp', 'resources/neutron_agents_dhcp_puppet', {})[0]
signals.connect(node1, neutron_agents_dhcp)
neutron_agents_l3 = vr.create('neutron_agents_l3', 'resources/neutron_agents_l3_puppet', {
# TODO(bogdando) these should come from the node network resource
'metadata_port': 8775,
'external_network_bridge': 'br-floating',
})[0]
signals.connect(node1, neutron_agents_l3)
neutron_agents_metadata = vr.create('neutron_agents_metadata', 'resources/neutron_agents_metadata_puppet', {
'shared_secret': 'secret',
})[0]
signals.connect(node1, neutron_agents_metadata)
signals.connect(neutron_server_puppet, neutron_agents_metadata, {
'auth_host', 'auth_port', 'auth_password',
'auth_tenant', 'auth_user',
})
# NEUTRON FOR COMPUTE (node2)
# Deploy chain neutron -> (plugins) -> ( agents )
neutron_puppet2 = vr.create('neutron_puppet2', 'resources/neutron_puppet', {})[0]
signals.connect(node2, neutron_puppet2)
signals.connect(neutron_puppet, neutron_puppet2, {
'rabbit_host', 'rabbit_port',
'rabbit_user', 'rabbit_password',
'rabbit_virtual_host',
'package_ensure', 'core_plugin',
})
# NEUTRON OVS PLUGIN & AGENT WITH GRE FOR COMPUTE (node2)
neutron_plugins_ovs2 = vr.create('neutron_plugins_ovs2', 'resources/neutron_plugins_ovs_puppet', {})[0]
signals.connect(node2, neutron_plugins_ovs2)
signals.connect(neutron_plugins_ovs, neutron_plugins_ovs2, {
'db_host', 'db_name', 'db_password', 'db_user', 'tenant_network_type'
})
neutron_agents_ovs2 = vr.create('neutron_agents_ovs2', 'resources/neutron_agents_ovs_puppet', {
# TODO(bogdando) these should come from the node network resource
'enable_tunneling': True,
'local_ip': '10.1.0.14' # Should be the IP addr of the br-mesh int.
})[0]
signals.connect(node2, neutron_agents_ovs2)
# CINDER # CINDER
cinder_puppet = vr.create('cinder_puppet', 'resources/cinder_puppet', {})[0] cinder_puppet = vr.create('cinder_puppet', 'resources/cinder_puppet', {})[0]
cinder_db = vr.create('cinder_db', 'resources/mariadb_db/', { cinder_db = vr.create('cinder_db', 'resources/mariadb_db/', {
@ -286,6 +371,7 @@ def setup_resources():
signals.connect(node1, cinder_volume_puppet) signals.connect(node1, cinder_volume_puppet)
signals.connect(cinder_puppet, cinder_volume_puppet) signals.connect(cinder_puppet, cinder_volume_puppet)
evapi.add_react(cinder_puppet.name, cinder_volume_puppet.name, actions=('update',)) evapi.add_react(cinder_puppet.name, cinder_volume_puppet.name, actions=('update',))
# NOVA # NOVA
nova_puppet = vr.create('nova_puppet', 'resources/nova_puppet', {})[0] nova_puppet = vr.create('nova_puppet', 'resources/nova_puppet', {})[0]
nova_db = vr.create('nova_db', 'resources/mariadb_db/', { nova_db = vr.create('nova_db', 'resources/mariadb_db/', {
@ -362,6 +448,7 @@ def setup_resources():
'keystone_password': 'admin_password', 'keystone_password': 'admin_password',
'keystone_host': 'auth_host', 'keystone_host': 'auth_host',
'keystone_port': 'auth_port'}) 'keystone_port': 'auth_port'})
signals.connect(nova_api_puppet, neutron_agents_metadata, {'ip': 'metadata_ip'})
# NOVA CONDUCTOR # NOVA CONDUCTOR
nova_conductor_puppet = vr.create('nova_conductor_puppet', 'resources/nova_conductor_puppet', {})[0] nova_conductor_puppet = vr.create('nova_conductor_puppet', 'resources/nova_conductor_puppet', {})[0]
@ -391,8 +478,20 @@ def setup_resources():
# NOTE(bogdando): changes nova config, so should notify nova compute service # NOTE(bogdando): changes nova config, so should notify nova compute service
nova_compute_libvirt_puppet = vr.create('nova_compute_libvirt_puppet', 'resources/nova_compute_libvirt_puppet', {})[0] nova_compute_libvirt_puppet = vr.create('nova_compute_libvirt_puppet', 'resources/nova_compute_libvirt_puppet', {})[0]
signals.connect(node2, nova_compute_libvirt_puppet) signals.connect(node2, nova_compute_libvirt_puppet)
# compute configuration for neutron, use http auth/endpoint protocols, keystone v2 auth hardcoded for the resource
nova_neutron_puppet = vr.create('nova_neutron_puppet', 'resources/nova_neutron_puppet', {})[0] nova_neutron_puppet = vr.create('nova_neutron_puppet', 'resources/nova_neutron_puppet', {})[0]
signals.connect(node2, nova_neutron_puppet) signals.connect(node2, nova_neutron_puppet)
signals.connect(neutron_server_puppet, nova_neutron_puppet, {
'auth_password': 'neutron_admin_password',
'auth_user': 'neutron_admin_username',
'auth_type': 'neutron_auth_strategy',
'auth_host': 'auth_host', 'auth_port': 'auth_port',
'auth_protocol': 'auth_protocol',
})
signals.connect(neutron_keystone_service_endpoint, nova_neutron_puppet, {
'internal_ip':'neutron_endpoint_host',
'internal_port':'neutron_endpoint_port',
})
# signals.connect(keystone_puppet, nova_network_puppet, {'ip': 'keystone_host', 'port': 'keystone_port'}) # signals.connect(keystone_puppet, nova_network_puppet, {'ip': 'keystone_host', 'port': 'keystone_port'})
# signals.connect(keystone_puppet, nova_keystone_service_endpoint, {'ip': 'keystone_host', 'admin_port': 'keystone_port', 'admin_token': 'admin_token'}) # signals.connect(keystone_puppet, nova_keystone_service_endpoint, {'ip': 'keystone_host', 'admin_port': 'keystone_port', 'admin_token': 'admin_token'})
@ -510,10 +609,18 @@ resources_to_run = [
'keystone_service_endpoint', 'keystone_service_endpoint',
'services_tenant', 'services_tenant',
'neutron_db',
'neutron_db_user',
'neutron_keystone_user', 'neutron_keystone_user',
'neutron_keystone_role', 'neutron_keystone_role',
'neutron_puppet', 'neutron_puppet',
'neutron_keystone_service_endpoint', 'neutron_keystone_service_endpoint',
'neutron_plugins_ovs',
'neutron_server_puppet',
'neutron_agents_ovs',
'neutron_agents_dhcp',
'neutron_agents_l3',
'neutron_agents_metadata',
'cinder_db', 'cinder_db',
'cinder_db_user', 'cinder_db_user',
@ -535,11 +642,6 @@ resources_to_run = [
'nova_api_puppet', 'nova_api_puppet',
'nova_conductor_puppet', 'nova_conductor_puppet',
'nova_puppet2',
'nova_compute_libvirt_puppet',
'nova_neutron_puppet',
'nova_compute_puppet',
'glance_db', 'glance_db',
'glance_db_user', 'glance_db_user',
'glance_keystone_user', 'glance_keystone_user',
@ -547,8 +649,16 @@ resources_to_run = [
'glance_keystone_service_endpoint', 'glance_keystone_service_endpoint',
'glance_api_puppet', 'glance_api_puppet',
'glance_registry_puppet', 'glance_registry_puppet',
]
'nova_puppet2',
'nova_compute_libvirt_puppet',
'nova_neutron_puppet',
'nova_compute_puppet',
'neutron_puppet2',
'neutron_plugins_ovs2',
'neutron_agents_ovs2',
]
@click.command() @click.command()

View File

@ -0,0 +1,4 @@
# Apache puppet resource
This class installs Apache and manages apache service.
Defaults provided for Debian OS family.

View File

@ -0,0 +1,5 @@
class {'apache':
service_enable => false,
service_ensure => 'stopped',
package_ensure => 'absent',
}

View File

@ -0,0 +1,120 @@
$resource = hiera($::resource_name)
$apache_name = $resource['input']['apache_name']['value']
$service_name = $resource['input']['service_name']['value']
$default_mods = $resource['input']['default_mods']['value']
$default_vhost = $resource['input']['default_vhost']['value']
$default_charset = $resource['input']['default_charset']['value']
$default_confd_files = $resource['input']['default_confd_files']['value']
$default_ssl_vhost = $resource['input']['default_ssl_vhost']['value']
$default_ssl_cert = $resource['input']['default_ssl_cert']['value']
$default_ssl_key = $resource['input']['default_ssl_key']['value']
$default_ssl_chain = $resource['input']['default_ssl_chain']['value']
$default_ssl_ca = $resource['input']['default_ssl_ca']['value']
$default_ssl_crl_path = $resource['input']['default_ssl_crl_path']['value']
$default_ssl_crl = $resource['input']['default_ssl_crl']['value']
$default_ssl_crl_check = $resource['input']['default_ssl_crl_check']['value']
$default_type = $resource['input']['default_type']['value']
$ip = $resource['input']['ip']['value']
$service_restart = $resource['input']['service_restart']['value']
$purge_configs = $resource['input']['purge_configs']['value']
$purge_vhost_dir = $resource['input']['purge_vhost_dir']['value']
$purge_vdir = $resource['input']['purge_vdir']['value']
$serveradmin = $resource['input']['serveradmin']['value']
$sendfile = $resource['input']['sendfile']['value']
$error_documents = $resource['input']['error_documents']['value']
$timeout = $resource['input']['timeout']['value']
$httpd_dir = $resource['input']['httpd_dir']['value']
$server_root = $resource['input']['server_root']['value']
$conf_dir = $resource['input']['conf_dir']['value']
$confd_dir = $resource['input']['confd_dir']['value']
$vhost_dir = $resource['input']['vhost_dir']['value']
$vhost_enable_dir = $resource['input']['vhost_enable_dir']['value']
$mod_dir = $resource['input']['mod_dir']['value']
$mod_enable_dir = $resource['input']['mod_enable_dir']['value']
$mpm_module = $resource['input']['mpm_module']['value']
$lib_path = $resource['input']['lib_path']['value']
$conf_template = $resource['input']['conf_template']['value']
$servername = $resource['input']['servername']['value']
$manage_user = $resource['input']['manage_user']['value']
$manage_group = $resource['input']['manage_group']['value']
$user = $resource['input']['user']['value']
$group = $resource['input']['group']['value']
$keepalive = $resource['input']['keepalive']['value']
$keepalive_timeout = $resource['input']['keepalive_timeout']['value']
$max_keepalive_requests = $resource['input']['max_keepalive_requests']['value']
$logroot = $resource['input']['logroot']['value']
$logroot_mode = $resource['input']['logroot_mode']['value']
$log_level = $resource['input']['log_level']['value']
$log_formats = $resource['input']['log_formats']['value']
$ports_file = $resource['input']['ports_file']['value']
$docroot = $resource['input']['docroot']['value']
$apache_version = $resource['input']['apache_version']['value']
$server_tokens = $resource['input']['server_tokens']['value']
$server_signature = $resource['input']['server_signature']['value']
$trace_enable = $resource['input']['trace_enable']['value']
$allow_encoded_slashes = $resource['input']['allow_encoded_slashes']['value']
$package_ensure = $resource['input']['package_ensure']['value']
$use_optional_includes = $resource['input']['use_optional_includes']['value']
class {'apache':
apache_name => $apache_name,
service_name => $service_name,
default_mods => $default_mods,
default_vhost => $default_vhost,
default_charset => $default_charset,
default_confd_files => $default_confd_files,
default_ssl_vhost => $default_ssl_vhost,
default_ssl_cert => $default_ssl_cert,
default_ssl_key => $default_ssl_key,
default_ssl_chain => $default_ssl_chain,
default_ssl_ca => $default_ssl_ca,
default_ssl_crl_path => $default_ssl_crl_path,
default_ssl_crl => $default_ssl_crl,
default_ssl_crl_check => $default_ssl_crl_check,
default_type => $default_type,
ip => $ip,
service_enable => true,
service_manage => true,
service_ensure => 'running',
service_restart => $service_restart,
purge_configs => $purge_configs,
purge_vhost_dir => $purge_vhost_dir,
purge_vdir => $purge_vdir,
serveradmin => $serveradmin,
sendfile => $sendfile,
error_documents => $error_documents,
timeout => $timeout,
httpd_dir => $httpd_dir,
server_root => $server_root,
conf_dir => $conf_dir,
confd_dir => $confd_dir,
vhost_dir => $vhost_dir,
vhost_enable_dir => $vhost_enable_dir,
mod_dir => $mod_dir,
mod_enable_dir => $mod_enable_dir,
mpm_module => $mpm_module,
lib_path => $lib_path,
conf_template => $conf_template,
servername => $servername,
manage_user => $manage_user,
manage_group => $manage_group,
user => $user,
group => $group,
keepalive => $keepalive,
keepalive_timeout => $keepalive_timeout,
max_keepalive_requests => $max_keepalive_requests,
logroot => $logroot,
logroot_mode => $logroot_mode,
log_level => $log_level,
log_formats => $log_formats,
ports_file => $ports_file,
docroot => $docroot,
apache_version => $apache_version,
server_tokens => $server_tokens,
server_signature => $server_signature,
trace_enable => $trace_enable,
allow_encoded_slashes => $allow_encoded_slashes,
package_ensure => $package_ensure,
use_optional_includes => $use_optional_includes,
}

View File

@ -0,0 +1,186 @@
id: apache_puppet
handler: puppet
puppet_module: apache
version: 1.0.0
input:
apache_name:
schema: str
value: 'apache2'
service_name:
schema: str
value: 'apache2'
default_mods:
schema: bool
value: true
default_vhost:
schema: bool
value: true
default_charset:
schema: str
value:
default_confd_files:
schema: bool
value: true
default_ssl_vhost:
schema: bool
value: false
default_ssl_cert:
schema: str
value: '/etc/ssl/certs/ssl-cert-snakeoil.pem'
default_ssl_key:
schema: str
value: '/etc/ssl/private/ssl-cert-snakeoil.key'
default_ssl_chain:
schema: str
value:
default_ssl_ca:
schema: str
value:
default_ssl_crl_path:
schema: str
value:
default_ssl_crl:
schema: str
value:
default_ssl_crl_check:
schema: str
value:
default_type:
schema: str
value: 'none'
service_restart:
schema: str
value: 'restart'
purge_configs:
schema: bool
value: true
purge_vhost_dir:
schema: str
value:
purge_vdir:
schema: bool
value: false
serveradmin:
schema: str
value: 'root@localhost'
sendfile:
schema: str
value: 'On'
error_documents:
schema: bool
value: false
timeout:
schema: int
value: 120
httpd_dir:
schema: str
value: '/etc/apache2'
server_root:
schema: str
value: '/etc/apache2'
conf_dir:
schema: str
value: '/etc/apache2'
confd_dir:
schema: str
value: '/etc/apache2/conf.d'
vhost_dir:
schema: str
value: '/etc/apache2/sites-available'
vhost_enable_dir:
schema: str
value: '/etc/apache2/sites-enabled'
mod_dir:
schema: str
value: '/etc/apache2/mods-available'
mod_enable_dir:
schema: str
value: '/etc/apache2/mods-enabled'
mpm_module:
schema: str
value: 'worker'
lib_path:
schema: str
value: '/usr/lib/apache2/modules'
conf_template:
schema: str
value: 'apache/httpd.conf.erb'
servername:
schema: str!
value:
manage_user:
schema: bool
value: true
manage_group:
schema: bool
value: true
user:
schema: str
value: 'www-data'
group:
schema: str
value: 'www-data'
keepalive:
schema: str
value: 'Off'
keepalive_timeout:
schema: int
value: 15
max_keepalive_requests:
schema: int
value: 100
logroot:
schema: str
value: '/var/log/apache2'
logroot_mode:
schema: str
value: '0640'
log_level:
schema: str
value: 'warn'
log_formats:
schema: {}
value: {}
ports_file:
schema: str
value: '/etc/apache2/ports.conf'
docroot:
schema: str
value: '/srv/www'
apache_version:
schema: str
value: '2.4'
server_tokens:
schema: str
value: 'OS'
server_signature:
schema: str
value: 'On'
trace_enable:
schema: str
value: 'On'
allow_encoded_slashes:
schema: str
value:
package_ensure:
schema: str
value: 'installed'
use_optional_includes:
schema: bool
value: false
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/puppetlabs/puppetlabs-apache.git', branch: '1.5.0'}
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
tags: [resource/apache_service, resources/apache]

View File

@ -0,0 +1,11 @@
import requests
from solar.core.log import log
def test(resource):
log.debug('Testing apache_puppet')
requests.get(
'http://%s:%s' % (resource.args['ip'].value, 80)
)

View File

@ -0,0 +1,57 @@
# Neutron DHCP agent puppet resource
Installs and configures the Neutron DHCP service
# Parameters
https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/agents/dhcp.pp
``package_ensure``
(optional) Ensure state for package. Defaults to 'present'.
``debug``
(optional) Show debugging output in log. Defaults to false.
``state_path``
(optional) Where to store dnsmasq state files. This directory must be
writable by the user executing the agent. Defaults to '/var/lib/neutron'.
``resync_interval``
(optional) The DHCP agent will resync its state with Neutron to recover
from any transient notification or rpc errors. The interval is number of
seconds between attempts. Defaults to 30.
``interface_driver``
(optional) Defaults to 'neutron.agent.linux.interface.OVSInterfaceDriver'.
``dhcp_driver``
(optional) Defaults to 'neutron.agent.linux.dhcp.Dnsmasq'.
``root_helper``
(optional) Defaults to 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf'.
Addresses bug: https://bugs.launchpad.net/neutron/+bug/1182616
Note: This can safely be removed once the module only targets the Havana release.
``use_namespaces``
(optional) Allow overlapping IP (Must have kernel build with
CONFIG_NET_NS=y and iproute2 package that supports namespaces).
Defaults to true.
``dnsmasq_config_file``
(optional) Override the default dnsmasq settings with this file.
Defaults to undef
``dhcp_delete_namespaces``
(optional) Delete namespace after removing a dhcp server
Defaults to false.
``enable_isolated_metadata``
(optional) enable metadata support on isolated networks.
Defaults to false.
``enable_metadata_network``
(optional) Allows for serving metadata requests coming from a dedicated metadata
access network whose cidr is 169.254.169.254/16 (or larger prefix), and is
connected to a Neutron router from which the VMs send metadata request.
This option requires enable_isolated_metadata = True
Defaults to false.

View File

@ -0,0 +1,16 @@
class { 'neutron::agents::dhcp':
package_ensure => 'absent',
enabled => false,
}
include neutron::params
package { 'neutron':
ensure => 'absent',
name => $::neutron::params::package_name,
}
# Remove external class dependency
Service <| title == 'neutron-dhcp-service' |> {
require => undef
}

View File

@ -0,0 +1,45 @@
$resource = hiera($::resource_name)
$ip = $resource['input']['ip']['value']
$package_ensure = $resource['input']['package_ensure']['value']
$debug = $resource['input']['debug']['value']
$state_path = $resource['input']['state_path']['value']
$resync_interval = $resource['input']['resync_interval']['value']
$interface_driver = $resource['input']['interface_driver']['value']
$dhcp_driver = $resource['input']['dhcp_driver']['value']
$root_helper = $resource['input']['root_helper']['value']
$use_namespaces = $resource['input']['use_namespaces']['value']
$dnsmasq_config_file = $resource['input']['dnsmasq_config_file']['value']
$dhcp_delete_namespaces = $resource['input']['dhcp_delete_namespaces']['value']
$enable_isolated_metadata = $resource['input']['enable_isolated_metadata']['value']
$enable_metadata_network = $resource['input']['enable_metadata_network']['value']
class { 'neutron::agents::dhcp':
enabled => true,
manage_service => true,
package_ensure => $package_ensure,
debug => $debug,
state_path => $state_path,
resync_interval => $resync_interval,
interface_driver => $interface_driver,
dhcp_driver => $dhcp_driver,
root_helper => $root_helper,
use_namespaces => $use_namespaces,
dnsmasq_config_file => $dnsmasq_config_file,
dhcp_delete_namespaces => $dhcp_delete_namespaces,
enable_isolated_metadata => $enable_isolated_metadata,
enable_metadata_network => $enable_metadata_network,
}
include neutron::params
package { 'neutron':
ensure => $package_ensure,
name => $::neutron::params::package_name,
}
# Remove external class dependency
Service <| title == 'neutron-dhcp-service' |> {
require => undef
}

View File

@ -0,0 +1,57 @@
handler: puppet
id: 'neutron_agents_dhcp_puppet'
input:
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
package_ensure:
schema: str
value: present
debug:
schema: bool
value: false
state_path:
schema: str
value: '/var/lib/neutron'
resync_interval:
schema: int
value: 30
interface_driver:
schema: str
value: 'neutron.agent.linux.interface.OVSInterfaceDriver'
dhcp_driver:
schema: str
value: 'neutron.agent.linux.dhcp.Dnsmasq'
root_helper:
schema: str
value: 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf'
use_namespaces:
schema: bool
value: true
dnsmasq_config_file:
schema: str
value:
dhcp_delete_namespaces:
schema: bool
value: false
enable_isolated_metadata:
schema: bool
value: false
enable_metadata_network:
schema: bool
value: false
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'}
puppet_module: 'neutron'
tags: [resource/neutron, resource/neutron_agents_dhcp]
version: 1.0.0

View File

@ -0,0 +1,100 @@
# Neutron L3 agent puppet resource
Installs and configures the Neutron L3 service
TODO: create ability to have multiple L3 services
# Parameters
https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/agents/l3.pp
``package_ensure``
(optional) The state of the package
Defaults to present
``debug``
(optional) Print debug info in logs
Defaults to false
``external_network_bridge``
(optional) The name of the external bridge
Defaults to br-ex
``use_namespaces``
(optional) Enable overlapping IPs / network namespaces
Defaults to false
``interface_driver``
(optional) Driver to interface with neutron
Defaults to OVSInterfaceDriver
``router_id``
(optional) The ID of the external router in neutron
Defaults to blank
``gateway_external_network_id``
(optional) The ID of the external network in neutron
Defaults to blank
``handle_internal_only_routers``
(optional) L3 Agent will handle non-external routers
Defaults to true
``metadata_port``
(optional) The port of the metadata server
Defaults to 9697
``send_arp_for_ha``
(optional) Send this many gratuitous ARPs for HA setup. Set it below or equal to 0
to disable this feature.
Defaults to 3
``periodic_interval``
(optional) seconds between re-sync routers' data if needed
Defaults to 40
``periodic_fuzzy_delay``
(optional) seconds to start to sync routers' data after starting agent
Defaults to 5
``enable_metadata_proxy``
(optional) can be set to False if the Nova metadata server is not available
Defaults to True
``network_device_mtu``
(optional) The MTU size for the interfaces managed by the L3 agent
Defaults to undef
Should be deprecated in the next major release in favor of a global parameter
``router_delete_namespaces``
(optional) namespaces can be deleted cleanly on the host running the L3 agent
Defaults to False
``ha_enabled``
(optional) Enabled or not HA for L3 agent.
Defaults to false
``ha_vrrp_auth_type``
(optional) VRRP authentication type. Can be AH or PASS.
Defaults to "PASS"
``ha_vrrp_auth_password``
(optional) VRRP authentication password. Required if ha_enabled = true.
Defaults to undef
``ha_vrrp_advert_int``
(optional) The advertisement interval in seconds.
Defaults to '2'
``agent_mode``
(optional) The working mode for the agent.
'legacy': default behavior (without DVR)
'dvr': enable DVR for an L3 agent running on compute node (DVR in production)
'dvr_snat': enable DVR with centralized SNAT support (DVR for single-host, for testing only)
Defaults to 'legacy'
``allow_automatic_l3agent_failover``
(optional) Automatically reschedule routers from offline L3 agents to online
L3 agents.
This is another way to run virtual routers in highly available way but with slow
failover performances compared to Keepalived feature in Neutron L3 Agent.
Defaults to 'False'

View File

@ -0,0 +1,16 @@
class { 'neutron::agents::l3':
package_ensure => 'absent',
enabled => false,
}
include neutron::params
package { 'neutron':
ensure => 'absent',
name => $::neutron::params::package_name,
}
# Remove external class dependency
Service <| title == 'neutron-l3' |> {
require => undef
}

View File

@ -0,0 +1,63 @@
$resource = hiera($::resource_name)
$ip = $resource['input']['ip']['value']
$package_ensure = $resource['input']['package_ensure']['value']
$debug = $resource['input']['debug']['value']
$external_network_bridge = $resource['input']['external_network_bridge']['value']
$use_namespaces = $resource['input']['use_namespaces']['value']
$interface_driver = $resource['input']['interface_driver']['value']
$router_id = $resource['input']['router_id']['value']
$gateway_external_network_id = $resource['input']['gateway_external_network_id']['value']
$handle_internal_only_routers = $resource['input']['handle_internal_only_routers']['value']
$metadata_port = $resource['input']['metadata_port']['value']
$send_arp_for_ha = $resource['input']['send_arp_for_ha']['value']
$periodic_interval = $resource['input']['periodic_interval']['value']
$periodic_fuzzy_delay = $resource['input']['periodic_fuzzy_delay']['value']
$enable_metadata_proxy = $resource['input']['enable_metadata_proxy']['value']
$network_device_mtu = $resource['input']['network_device_mtu']['value']
$router_delete_namespaces = $resource['input']['router_delete_namespaces']['value']
$ha_enabled = $resource['input']['ha_enabled']['value']
$ha_vrrp_auth_type = $resource['input']['ha_vrrp_auth_type']['value']
$ha_vrrp_auth_password = $resource['input']['ha_vrrp_auth_password']['value']
$ha_vrrp_advert_int = $resource['input']['ha_vrrp_advert_int']['value']
$agent_mode = $resource['input']['agent_mode']['value']
$allow_automatic_l3agent_failover = $resource['input']['allow_automatic_l3agent_failover']['value']
class { 'neutron::agents::l3':
enabled => true,
manage_service => true,
package_ensure => $package_ensure,
debug => $debug,
external_network_bridge => $external_network_bridge,
use_namespaces => $use_namespaces,
interface_driver => $interface_driver,
router_id => $router_id,
gateway_external_network_id => $gateway_external_network_id,
handle_internal_only_routers => $handle_internal_only_routers,
metadata_port => $metadata_port,
send_arp_for_ha => $send_arp_for_ha,
periodic_interval => $periodic_interval,
periodic_fuzzy_delay => $periodic_fuzzy_delay,
enable_metadata_proxy => $enable_metadata_proxy,
network_device_mtu => $network_device_mtu,
router_delete_namespaces => $router_delete_namespaces,
ha_enabled => $ha_enabled,
ha_vrrp_auth_type => $ha_vrrp_auth_type,
ha_vrrp_auth_password => $ha_vrrp_auth_password,
ha_vrrp_advert_int => $ha_vrrp_advert_int,
agent_mode => $agent_mode,
allow_automatic_l3agent_failover => $allow_automatic_l3agent_failover,
}
include neutron::params
package { 'neutron':
ensure => $package_ensure,
name => $::neutron::params::package_name,
}
# Remove external class dependency
Service <| title == 'neutron-l3' |> {
require => undef
}

View File

@ -0,0 +1,84 @@
handler: puppet
id: 'neutron_agents_l3_puppet'
input:
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
package_ensure:
schema: str
value: 'present'
debug:
schema: bool
value: false
external_network_bridge:
schema: str
value: 'br-ex'
use_namespaces:
schema: bool
value: true
interface_driver:
schema: str
value: 'neutron.agent.linux.interface.OVSInterfaceDriver'
router_id:
schema: str
value:
gateway_external_network_id:
schema: str
value:
handle_internal_only_routers:
schema: bool
value: true
metadata_port:
schema: int
value: 9697
send_arp_for_ha:
schema: int
value: 3
periodic_interval:
schema: int
value: 40
periodic_fuzzy_delay:
schema: int
value: 5
enable_metadata_proxy:
schema: bool
value: true
network_device_mtu:
schema: str
value:
router_delete_namespaces:
schema: bool
value: false
ha_enabled:
schema: bool
value: false
ha_vrrp_auth_type:
schema: str
value: 'PASS'
ha_vrrp_auth_password:
schema: str
value:
ha_vrrp_advert_int:
schema: int
value: 3
agent_mode:
schema: str
value: 'legacy'
allow_automatic_l3agent_failover:
schema: bool
value: false
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'}
puppet_module: 'neutron'
tags: [resource/neutron, resource/neutron_agents_l3]
version: 1.0.0

View File

@ -0,0 +1,65 @@
# Neutron DHCP agent puppet resource
Setup and configure Neutron metadata agent
# Parameters
https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/agents/metadata.pp
``auth_password``
(required) The password for the administrative user.
``shared_secret``
(required) Shared secret to validate proxies Neutron metadata requests.
``package_ensure``
Ensure state of the package. Defaults to 'present'.
``debug``
Debug. Defaults to false.
``auth_tenant``
The administrative user's tenant name. Defaults to 'services'.
``auth_user``
The administrative user name for OpenStack Networking.
Defaults to 'neutron'.
``auth_url``
The URL used to validate tokens. Defaults to 'http://localhost:35357/v2.0'.
Note, for this resource it is decomposed to auth_host and auth_port
due to implementation restrictions
``auth_insecure``
turn off verification of the certificate for ssl (Defaults to false)
``auth_ca_cert``
CA cert to check against with for ssl keystone. (Defaults to undef)
``auth_region``
The authentication region. Defaults to 'RegionOne'.
``metadata_ip``
The IP address of the metadata service. Defaults to '127.0.0.1'.
``metadata_port``
The TCP port of the metadata service. Defaults to 8775.
``metadata_workers``
(optional) Number of separate worker processes to spawn.
The default, count of machine's processors, runs the worker thread in the
current process.
Greater than 0 launches that number of child processes as workers.
The parent process manages them. Having more workers will help to improve performances.
Defaults to: $::processorcount
``metadata_backlog``
(optional) Number of backlog requests to configure the metadata server socket with.
Defaults to 4096
``metadata_memory_cache_ttl``
(optional) Specifies time in seconds a metadata cache entry is valid in
memory caching backend.
Set to 0 will cause cache entries to never expire.
Set to undef or false to disable cache.
Defaults to 5

View File

@ -0,0 +1,16 @@
class { 'neutron::agents::metadata':
package_ensure => 'absent',
enabled => false,
}
include neutron::params
package { 'neutron':
ensure => 'absent',
name => $::neutron::params::package_name,
}
# Remove external class dependency
Service <| title == 'neutron-metadata' |> {
require => undef
}

View File

@ -0,0 +1,53 @@
$resource = hiera($::resource_name)
$ip = $resource['input']['ip']['value']
$auth_host = $resource['input']['auth_host']['value']
$auth_port = $resource['input']['auth_port']['value']
$auth_password = $resource['input']['auth_password']['value']
$shared_secret = $resource['input']['shared_secret']['value']
$package_ensure = $resource['input']['package_ensure']['value']
$debug = $resource['input']['debug']['value']
$auth_tenant = $resource['input']['auth_tenant']['value']
$auth_user = $resource['input']['auth_user']['value']
$auth_insecure = $resource['input']['auth_insecure']['value']
$auth_ca_cert = $resource['input']['auth_ca_cert']['value']
$auth_region = $resource['input']['auth_region']['value']
$metadata_ip = $resource['input']['metadata_ip']['value']
$metadata_port = $resource['input']['metadata_port']['value']
$metadata_workers = $resource['input']['metadata_workers']['value']
$metadata_backlog = $resource['input']['metadata_backlog']['value']
$metadata_memory_cache_ttl = $resource['input']['metadata_memory_cache_ttl']['value']
class { 'neutron::agents::metadata':
enabled => true,
manage_service => true,
auth_password => $auth_password,
shared_secret => $shared_secret,
package_ensure => $package_ensure,
debug => $debug,
auth_tenant => $auth_tenant,
auth_user => $auth_user,
auth_url => "http://${auth_host}:${auth_port}/v2.0",
auth_insecure => $auth_insecure,
auth_ca_cert => $auth_ca_cert,
auth_region => $auth_region,
metadata_ip => $metadata_ip,
metadata_port => $metadata_port,
metadata_workers => $metadata_workers,
metadata_backlog => $metadata_backlog,
metadata_memory_cache_ttl => $metadata_memory_cache_ttl,
}
include neutron::params
package { 'neutron':
ensure => $package_ensure,
name => $::neutron::params::package_name,
}
# Remove external class dependency
Service <| title == 'neutron-metadata' |> {
require => undef
}

View File

@ -0,0 +1,70 @@
handler: puppet
id: 'neutron_agents_metadata_puppet'
input:
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
auth_password:
schema: str!
value:
shared_secret:
schema: str!
value:
package_ensure:
schema: str
value: 'present'
debug:
schema: bool
value: false
auth_tenant:
schema: str
value: 'services'
auth_user:
schema: str
value: 'neutron'
auth_insecure:
schema: bool
value: false
auth_ca_cert:
schema: str
value:
auth_region:
schema: str
value: 'RegionOne'
metadata_ip:
schema: str
value: '127.0.0.1'
metadata_port:
schema: int
value: 8775
metadata_workers:
schema: int
value: 1
metadata_backlog:
schema: int
value: 4096
metadata_memory_cache_ttl:
schema: int
value: 5
auth_host:
schema: str
value: 'localhost'
auth_port:
schema: int
value: 35357
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'}
puppet_module: 'neutron'
tags: [resource/neutron, resource/neutron_agents_metadata]
version: 1.0.0

View File

@ -0,0 +1,5 @@
# Neutron OVS agent puppet resource
Setups OVS neutron agent
source https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/agents/ovs.pp

View File

@ -0,0 +1,4 @@
class { 'neutron::agents::ovs':
package_ensure => 'absent',
enabled => false,
}

View File

@ -0,0 +1,38 @@
$resource = hiera($::resource_name)
$ip = $resource['input']['ip']['value']
$package_ensure = $resource['input']['package_ensure']['value']
$bridge_uplinks = $resource['input']['bridge_uplinks']['value']
$bridge_mappings = $resource['input']['bridge_mappings']['value']
$integration_bridge = $resource['input']['integration_bridge']['value']
$enable_tunneling = $resource['input']['enable_tunneling']['value']
$tunnel_types = $resource['input']['tunnel_types']['value']
$local_ip = $resource['input']['local_ip']['value']
$tunnel_bridge = $resource['input']['tunnel_bridge']['value']
$vxlan_udp_port = $resource['input']['vxlan_udp_port']['value']
$polling_interval = $resource['input']['polling_interval']['value']
$firewall_driver = $resource['input']['firewall_driver']['value']
$veth_mtu = $resource['input']['veth_mtu']['value']
class { 'neutron::agents::ovs':
enabled => true,
manage_service => true,
package_ensure => $package_ensure,
bridge_uplinks => $bridge_uplinks,
bridge_mappings => $bridge_mappings,
integration_bridge => $integration_bridge,
enable_tunneling => $enable_tunneling,
tunnel_types => $tunnel_types,
local_ip => $local_ip,
tunnel_bridge => $tunnel_bridge,
vxlan_udp_port => $vxlan_udp_port,
polling_interval => $polling_interval,
firewall_driver => $firewall_driver,
veth_mtu => $veth_mtu,
}
# Remove external class dependency
Service <| title == 'neutron-plugin-ovs-service' |> {
require => undef
}

View File

@ -0,0 +1,57 @@
handler: puppet
id: 'neutron_agents_ovs_puppet'
input:
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
package_ensure:
schema: str
value: 'present'
bridge_uplinks:
schema: [str]
value: []
bridge_mappings:
schema: [str]
value: []
integration_bridge:
schema: str
value: 'br-int'
enable_tunneling:
schema: bool
value: false
tunnel_types:
schema: [str]
value: []
local_ip:
schema: str
value:
tunnel_bridge:
schema: str
value: 'br-tun'
vxlan_udp_port:
schema: int
value: 4789
polling_interval:
schema: int
value: 2
firewall_driver:
schema: str
value: 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
veth_mtu:
schema: str
value:
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'}
puppet_module: 'neutron'
tags: [resource/neutron, resource/neutron_agents_ovs]
version: 1.0.0

View File

@ -0,0 +1,17 @@
# Neutron OVS plugin puppet resource
Configure the neutron server to use the OVS plugin.
This configures the plugin for the API server, but does nothing
about configuring the agents that must also run and share a config
file with the OVS plugin if both are on the same machine.
Note, this plugin was deprecated, you may want to use the ML2 plugin instead.
NB: don't need tunnel ID range when using VLANs,
*but* you do need the network vlan range regardless of type,
because the list of networks there is still important
even if the ranges aren't specified
if type is vlan or flat, a default of physnet1:1000:2000 is used
otherwise this will not be set by default.
source https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/plugins/ovs.pp

View File

@ -0,0 +1,15 @@
class { 'neutron::plugins::ovs':
package_ensure => 'absent',
}
include neutron::params
package { 'neutron':
ensure => 'absent',
name => $::neutron::params::package_name,
}
# Remove external class dependency
Service <| title == 'neutron-plugin-ovs-service' |> {
require => undef
}

View File

@ -0,0 +1,51 @@
$resource = hiera($::resource_name)
$ip = $resource['input']['ip']['value']
$db_user = $resource['input']['db_user']['value']
$db_host = $resource['input']['db_host']['value']
$db_password = $resource['input']['db_password']['value']
$db_name = $resource['input']['db_name']['value']
$package_ensure = $resource['input']['package_ensure']['value']
$sql_max_retries = $resource['input']['sql_max_retries']['value']
$sql_idle_timeout = $resource['input']['sql_idle_timeout']['value']
$reconnect_interval = $resource['input']['reconnect_interval']['value']
$tenant_network_type = $resource['input']['tenant_network_type']['value']
$network_vlan_ranges = $resource['input']['network_vlan_ranges']['value']
$tunnel_id_ranges = $resource['input']['tunnel_id_ranges']['value']
$vxlan_udp_port = $resource['input']['vxlan_udp_port']['value']
# Stamp neutron head, if current version is None, or upgrade head would fail later
$command = '/usr/bin/neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini'
class { 'neutron::plugins::ovs':
package_ensure => $package_ensure,
sql_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}",
sql_max_retries => $sql_max_retries,
sql_idle_timeout => $sql_idle_timeout,
reconnect_interval => $reconnect_interval,
tenant_network_type => $tenant_network_type,
network_vlan_ranges => $network_vlan_ranges,
tunnel_id_ranges => $tunnel_id_ranges,
vxlan_udp_port => $vxlan_udp_port,
} ->
exec { 'neutron-db-sync':
provider => 'shell',
command => "${command} stamp head",
path => [ '/usr/bin', '/bin' ],
onlyif => "${command} current | grep -qE '^Current revision.*None$' "
}
include neutron::params
package { 'neutron':
ensure => $package_ensure,
name => $::neutron::params::package_name,
before => Exec['neutron-db-sync']
}
# Remove external class dependency
Service <| title == 'neutron-plugin-ovs-service' |> {
require => undef
}

View File

@ -0,0 +1,58 @@
handler: puppet
id: 'neutron_plugins_ovs_puppet'
input:
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
package_ensure:
schema: str
value: 'present'
sql_max_retries:
schema: str
value:
sql_idle_timeout:
schema: str
value:
reconnect_interval:
schema: str
value:
tenant_network_type:
schema: str
value: 'vlan'
network_vlan_ranges:
schema: str
value:
tunnel_id_ranges:
schema: str
value: '1:1000'
vxlan_udp_port:
schema: int
value: 4789
db_user:
schema: str!
value:
db_password:
schema: str!
value:
db_name:
schema: str!
value:
db_host:
schema: str!
value:
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'}
puppet_module: 'neutron'
tags: [resource/neutron, resource/neutron_plugins_ovs]
version: 1.0.0

View File

@ -0,0 +1,194 @@
# Neutron puppet resource
Installs the neutron package and configures
/etc/neutron/neutron.conf for SSL, AMQP, logging, service plugins and other stuff.
Does not produce any services.
# Parameters:
source https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/init.pp
``package_ensure``
(optional) The state of the package
Defaults to 'present'
``verbose``
(optional) Verbose logging
Defaults to False
``debug``
(optional) Print debug messages in the logs
Defaults to False
``bind_host``
(optional) The IP/interface to bind to
Defaults to 0.0.0.0 (all interfaces)
``bind_port``
(optional) The port to use
Defaults to 9696
``core_plugin``
(optional) Neutron plugin provider
Defaults to openvswitch
Could be bigswitch, brocade, cisco, embrane, hyperv, linuxbridge, midonet, ml2, mlnx, nec, nicira, plumgrid, ryu
``service_plugins``
(optional) Advanced service modules.
Could be an array that can have these elements:
router, firewall, lbaas, vpnaas, metering
Defaults to empty
``auth_strategy``
(optional) How to authenticate
Defaults to 'keystone'. 'noauth' is the only other valid option
``base_mac``
(optional) The MAC address pattern to use.
Defaults to fa:16:3e:00:00:00
``mac_generation_retries``
(optional) How many times to try to generate a unique mac
Defaults to 16
``dhcp_lease_duration``
(optional) DHCP lease
Defaults to 86400 seconds
``dhcp_agents_per_network``
(optional) Number of DHCP agents scheduled to host a network.
This enables redundant DHCP agents for configured networks.
Defaults to 1
``network_device_mtu``
(optional) The MTU size for the interfaces managed by neutron
Defaults to undef
``dhcp_agent_notification``
(optional) Allow sending resource operation notification to DHCP agent.
Defaults to true
``allow_bulk``
(optional) Enable bulk crud operations
Defaults to true
``allow_pagination``
(optional) Enable pagination
Defaults to false
``allow_sorting``
(optional) Enable sorting
Defaults to false
``allow_overlapping_ips``
(optional) Enables network namespaces
Defaults to false
``api_extensions_path``
(optional) Specify additional paths for API extensions that the
module in use needs to load.
Defaults to undef
``report_interval``
(optional) Seconds between nodes reporting state to server; should be less than
agent_down_time, best if it is half or less than agent_down_time.
agent_down_time is a config for neutron-server, set by class neutron::server
report_interval is a config for neutron agents, set by class neutron
Defaults to: 30
``control_exchange``
(optional) What RPC queue/exchange to use
Defaults to neutron
``rpc_backend``
(optional) what rpc/queuing service to use
Defaults to impl_kombu (rabbitmq)
``rabbit_password``
``rabbit_host``
``rabbit_port``
``rabbit_user``
(optional) Various rabbitmq settings
``rabbit_hosts``
(optional) array of rabbitmq servers for HA.
A single IP address, such as a VIP, can be used for load-balancing
multiple RabbitMQ Brokers.
Defaults to false
``rabbit_use_ssl``
(optional) Connect over SSL for RabbitMQ
Defaults to false
``kombu_ssl_ca_certs``
(optional) SSL certification authority file (valid only if SSL enabled).
Defaults to undef
``kombu_ssl_certfile``
(optional) SSL cert file (valid only if SSL enabled).
Defaults to undef
``kombu_ssl_keyfile``
(optional) SSL key file (valid only if SSL enabled).
Defaults to undef
``kombu_ssl_version``
(optional) SSL version to use (valid only if SSL enabled).
Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be
available on some distributions.
Defaults to 'TLSv1'
``kombu_reconnect_delay``
(optional) The amount of time to wait before attempting to reconnect
to MQ provider. This is used in some cases where you may need to wait
for the provider to propery premote the master before attempting to
reconnect. See https://review.openstack.org/#/c/76686
Defaults to '1.0'
``qpid_hostname``
``qpid_port``
``qpid_username``
``qpid_password``
``qpid_heartbeat``
``qpid_protocol``
``qpid_tcp_nodelay``
``qpid_reconnect``
``qpid_reconnect_timeout``
``qpid_reconnect_limit``
``qpid_reconnect_interval``
``qpid_reconnect_interval_min``
``qpid_reconnect_interval_max``
(optional) various QPID options
``use_ssl``
(optinal) Enable SSL on the API server
Defaults to false, not set
``cert_file``
(optinal) certificate file to use when starting api server securely
defaults to false, not set
``key_file``
(optional) Private key file to use when starting API server securely
Defaults to false, not set
``ca_file``
(optional) CA certificate file to use to verify connecting clients
Defaults to false, not set
``use_syslog``
(optional) Use syslog for logging
Defaults to false
``log_facility``
(optional) Syslog facility to receive log lines
Defaults to LOG_USER
``log_file``
(optional) Where to log
Defaults to false
``log_dir``
(optional) Directory where logs should be stored
If set to boolean false, it will not log to any directory
Defaults to /var/log/neutron

View File

@ -1,22 +1,5 @@
$resource = hiera('{{ resource_name }}')
$rabbitmq_user = $resource['input']['rabbitmq_user']['value']
$rabbitmq_password = $resource['input']['rabbitmq_password']['value']
$rabbitmq_host = $resource['input']['rabbitmq_host']['value']
$rabbitmq_port = $resource['input']['rabbitmq_port']['value']
class { 'neutron::server':
enabled => false,
package_ensure => 'absent',
auth_type => 'noauth'
}
class { 'neutron': class { 'neutron':
enabled => false, enabled => false,
package_ensure => 'absent', package_ensure => 'absent',
rabbit_user => $rabbitmq_user, rabbit_password => 'not important as removed',
rabbit_password => $rabbitmq_password,
rabbit_host => $rabbitmq_host,
rabbit_port => $rabbitmq_port
} }

View File

@ -2,45 +2,119 @@ $resource = hiera($::resource_name)
$ip = $resource['input']['ip']['value'] $ip = $resource['input']['ip']['value']
$rabbitmq_user = $resource['input']['rabbitmq_user']['value'] $package_ensure = $resource['input']['package_ensure']['value']
$rabbitmq_password = $resource['input']['rabbitmq_password']['value'] $verbose = $resource['input']['verbose']['value']
$rabbitmq_host = $resource['input']['rabbitmq_host']['value'] $debug = $resource['input']['debug']['value']
$rabbitmq_port = $resource['input']['rabbitmq_port']['value'] $bind_host = $resource['input']['bind_host']['value']
$rabbitmq_virtual_host = $resource['input']['rabbitmq_virtual_host']['value'] $bind_port = $resource['input']['bind_port']['value']
$core_plugin = $resource['input']['core_plugin']['value']
$keystone_host = $resource['input']['keystone_host']['value'] $service_plugins = $resource['input']['service_plugins']['value']
$keystone_port = $resource['input']['keystone_port']['value'] $auth_strategy = $resource['input']['auth_strategy']['value']
$keystone_user = $resource['input']['keystone_user']['value'] $base_mac = $resource['input']['base_mac']['value']
$keystone_password = $resource['input']['keystone_password']['value'] $mac_generation_retries = $resource['input']['mac_generation_retries']['value']
$keystone_tenant = $resource['input']['keystone_tenant']['value'] $dhcp_lease_duration = $resource['input']['dhcp_lease_duration']['value']
$dhcp_agents_per_network = $resource['input']['dhcp_agents_per_network']['value']
$network_device_mtu = $resource['input']['network_device_mtu']['value']
$dhcp_agent_notification = $resource['input']['dhcp_agent_notification']['value']
$allow_bulk = $resource['input']['allow_bulk']['value']
$allow_pagination = $resource['input']['allow_pagination']['value']
$allow_sorting = $resource['input']['allow_sorting']['value']
$allow_overlapping_ips = $resource['input']['allow_overlapping_ips']['value']
$api_extensions_path = $resource['input']['api_extensions_path']['value']
$root_helper = $resource['input']['root_helper']['value']
$report_interval = $resource['input']['report_interval']['value']
$control_exchange = $resource['input']['control_exchange']['value']
$rpc_backend = $resource['input']['rpc_backend']['value']
$rabbit_password = $resource['input']['rabbit_password']['value']
$rabbit_host = $resource['input']['rabbit_host']['value']
$rabbit_hosts = $resource['input']['rabbit_hosts']['value']
$rabbit_port = $resource['input']['rabbit_port']['value']
$rabbit_user = $resource['input']['rabbit_user']['value']
$rabbit_virtual_host = $resource['input']['rabbit_virtual_host']['value']
$rabbit_use_ssl = $resource['input']['rabbit_use_ssl']['value']
$kombu_ssl_ca_certs = $resource['input']['kombu_ssl_ca_certs']['value']
$kombu_ssl_certfile = $resource['input']['kombu_ssl_certfile']['value']
$kombu_ssl_keyfile = $resource['input']['kombu_ssl_keyfile']['value']
$kombu_ssl_version = $resource['input']['kombu_ssl_version']['value']
$kombu_reconnect_delay = $resource['input']['kombu_reconnect_delay']['value']
$qpid_hostname = $resource['input']['qpid_hostname']['value']
$qpid_port = $resource['input']['qpid_port']['value']
$qpid_username = $resource['input']['qpid_username']['value']
$qpid_password = $resource['input']['qpid_password']['value']
$qpid_heartbeat = $resource['input']['qpid_heartbeat']['value']
$qpid_protocol = $resource['input']['qpid_protocol']['value']
$qpid_tcp_nodelay = $resource['input']['qpid_tcp_nodelay']['value']
$qpid_reconnect = $resource['input']['qpid_reconnect']['value']
$qpid_reconnect_timeout = $resource['input']['qpid_reconnect_timeout']['value']
$qpid_reconnect_limit = $resource['input']['qpid_reconnect_limit']['value']
$qpid_reconnect_interval_min = $resource['input']['qpid_reconnect_interval_min']['value']
$qpid_reconnect_interval_max = $resource['input']['qpid_reconnect_interval_max']['value']
$qpid_reconnect_interval = $resource['input']['qpid_reconnect_interval']['value']
$use_ssl = $resource['input']['use_ssl']['value']
$cert_file = $resource['input']['cert_file']['value']
$key_file = $resource['input']['key_file']['value']
$ca_file = $resource['input']['ca_file']['value']
$use_syslog = $resource['input']['use_syslog']['value']
$log_facility = $resource['input']['log_facility']['value']
$log_file = $resource['input']['log_file']['value']
$log_dir = $resource['input']['log_dir']['value']
class { 'neutron': class { 'neutron':
debug => true, enabled => true,
verbose => true, package_ensure => $package_ensure,
enabled => true, verbose => $verbose,
package_ensure => 'present', debug => $debug,
auth_strategy => 'keystone', bind_host => $bind_host,
rabbit_user => $rabbitmq_user, bind_port => $bind_port,
rabbit_password => $rabbitmq_password, core_plugin => $core_plugin,
rabbit_host => $rabbitmq_host, service_plugins => $service_plugins,
rabbit_port => $rabbitmq_port, auth_strategy => $auth_strategy,
rabbit_virtual_host => $rabbitmq_virtual_host, base_mac => $base_mac,
service_plugins => ['metering'] mac_generation_retries => $mac_generation_retries,
dhcp_lease_duration => $dhcp_lease_duration,
dhcp_agents_per_network => $dhcp_agents_per_network,
network_device_mtu => $network_device_mtu,
dhcp_agent_notification => $dhcp_agent_notification,
allow_bulk => $allow_bulk,
allow_pagination => $allow_pagination,
allow_sorting => $allow_sorting,
allow_overlapping_ips => $allow_overlapping_ips,
api_extensions_path => $api_extensions_path,
root_helper => $root_helper,
report_interval => $report_interval,
control_exchange => $control_exchange,
rpc_backend => $rpc_backend,
rabbit_password => $rabbit_password,
rabbit_host => $rabbit_host,
rabbit_hosts => $rabbit_hosts,
rabbit_port => $rabbit_port,
rabbit_user => $rabbit_user,
rabbit_virtual_host => $rabbit_virtual_host,
rabbit_use_ssl => $rabbit_use_ssl,
kombu_ssl_ca_certs => $kombu_ssl_ca_certs,
kombu_ssl_certfile => $kombu_ssl_certfile,
kombu_ssl_keyfile => $kombu_ssl_keyfile,
kombu_ssl_version => $kombu_ssl_version,
kombu_reconnect_delay => $kombu_reconnect_delay,
qpid_hostname => $qpid_hostname,
qpid_port => $qpid_port,
qpid_username => $qpid_username,
qpid_password => $qpid_password,
qpid_heartbeat => $qpid_heartbeat,
qpid_protocol => $qpid_protocol,
qpid_tcp_nodelay => $qpid_tcp_nodelay,
qpid_reconnect => $qpid_reconnect,
qpid_reconnect_timeout => $qpid_reconnect_timeout,
qpid_reconnect_limit => $qpid_reconnect_limit,
qpid_reconnect_interval_min => $qpid_reconnect_interval_min,
qpid_reconnect_interval_max => $qpid_reconnect_interval_max,
qpid_reconnect_interval => $qpid_reconnect_interval,
use_ssl => $use_ssl,
cert_file => $cert_file,
key_file => $key_file,
ca_file => $ca_file,
use_syslog => $use_syslog,
log_facility => $log_facility,
log_file => $log_file,
log_dir => $log_dir,
} }
class { 'neutron::server':
enabled => true,
package_ensure => 'present',
auth_type => 'keystone',
auth_password => $keystone_password,
auth_user => $keystone_user,
auth_tenant => $keystone_tenant
}
class { 'neutron::agents::dhcp': }
#file { '/etc/neutron/neutron-exports':
# owner => 'root',
# group => 'root',
# content => template('neutron/exports.erb')
#}

View File

@ -1,5 +1,5 @@
handler: puppet handler: puppet
id: 'neutron' id: 'neutron_puppet'
input: input:
ip: ip:
schema: str! schema: str!
@ -11,45 +11,179 @@ input:
schema: str! schema: str!
value: value:
# TODO: add vhost! package_ensure:
rabbitmq_host: schema: str
value: 'present'
verbose:
schema: bool
value: false
debug:
schema: bool
value: false
bind_host:
schema: str
value: '0.0.0.0'
bind_port:
schema: int
value: 9696
core_plugin:
schema: str
value: 'openvswitch'
service_plugins:
schema: str
value:
auth_strategy:
schema: str
value: 'keystone'
base_mac:
schema: str
value: 'fa:16:3e:00:00:00'
mac_generation_retries:
schema: int
value: 16
dhcp_lease_duration:
schema: int
value: 86400
dhcp_agents_per_network:
schema: int
value: 1
network_device_mtu:
schema: str
value:
dhcp_agent_notification:
schema: bool
value: true
allow_bulk:
schema: bool
value: true
allow_pagination:
schema: bool
value: false
allow_sorting:
schema: bool
value: false
allow_overlapping_ips:
schema: bool
value: false
api_extensions_path:
schema: str
value:
root_helper:
schema: str
value: 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf'
report_interval:
schema: int
value: 30
control_exchange:
schema: str
value: 'neutron'
rpc_backend:
schema: str
value: 'neutron.openstack.common.rpc.impl_kombu'
rabbit_password:
schema: str! schema: str!
value: value:
rabbitmq_port: rabbit_host:
schema: int! schema: str
value: 'localhost'
rabbit_hosts:
schema: bool
value: false
rabbit_port:
schema: int
value: 5672
rabbit_user:
schema: str
value: 'guest'
rabbit_virtual_host:
schema: str
value: '/'
rabbit_use_ssl:
schema: bool
value: false
kombu_ssl_ca_certs:
schema: str
value: value:
rabbitmq_user: kombu_ssl_certfile:
schema: str
value:
kombu_ssl_keyfile:
schema: str
value:
kombu_ssl_version:
schema: str
value: 'TLSv1'
kombu_reconnect_delay:
schema: str
value: '1.0'
qpid_hostname:
schema: str
value: 'localhost'
qpid_port:
schema: int
value: 5672
qpid_username:
schema: str
value: 'guest'
qpid_password:
schema: str! schema: str!
value: 'guest'
qpid_heartbeat:
schema: int
value: 60
qpid_protocol:
schema: str
value: 'tcp'
qpid_tcp_nodelay:
schema: bool
value: true
qpid_reconnect:
schema: bool
value: true
qpid_reconnect_timeout:
schema: int
value: 0
qpid_reconnect_limit:
schema: int
value: 0
qpid_reconnect_interval_min:
schema: int
value: 0
qpid_reconnect_interval_max:
schema: int
value: 0
qpid_reconnect_interval:
schema: int
value: 0
use_ssl:
schema: bool
value: false
cert_file:
schema: str
value: value:
rabbitmq_password: key_file:
schema: str! schema: str
value: value:
rabbitmq_virtual_host: ca_file:
schema: str! schema: str
value: value:
use_syslog:
schema: bool
value: false
log_facility:
schema: str
value: 'LOG_USER'
log_file:
schema: str
value:
log_dir:
schema: str
value: '/var/log/neutron'
git: git:
schema: {repository: str!, branch: str!} schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-neutron', branch: 'stable/juno'} value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'}
port:
schema: int!
value: 9696
keystone_host:
schema: str!
keystone_port:
schema: int!
value:
keystone_user:
schema: str!
value:
keystone_password:
schema: str!
value:
keystone_tenant:
schema: str!
value:
puppet_module: 'neutron' puppet_module: 'neutron'
tags: [] tags: [resource/neutron]
version: 1.0.0 version: 1.0.0

View File

@ -0,0 +1,167 @@
# Neutron puppet resource
Setup and configure the neutron API service and endpoint
# Parameters:
source https://github.com/openstack/puppet-neutron/blob/5.1.0/manifests/server.pp
``package_ensure``
(optional) The state of the package
Defaults to present
``log_file``
REMOVED: Use log_file of neutron class instead.
``log_dir``
REMOVED: Use log_dir of neutron class instead.
``auth_password``
(optional) The password to use for authentication (keystone)
Defaults to false. Set a value unless you are using noauth
``auth_type``
(optional) What auth system to use
Defaults to 'keystone'. Can other be 'noauth'
``auth_host``
(optional) The keystone host
Defaults to localhost
``auth_protocol``
(optional) The protocol used to access the auth host
Defaults to http.
``auth_port``
(optional) The keystone auth port
Defaults to 35357
``auth_admin_prefix``
(optional) The admin_prefix used to admin endpoint of the auth host
This allow admin auth URIs like http://auth_host:35357/keystone.
(where '/keystone' is the admin prefix)
Defaults to false for empty. If defined, should be a string with a leading '/' and no trailing '/'.
``auth_tenant``
(optional) The tenant of the auth user
Defaults to services
``auth_user``
(optional) The name of the auth user
Defaults to neutron
``auth_protocol``
(optional) The protocol to connect to keystone
Defaults to http
``auth_uri``
(optional) Complete public Identity API endpoint.
Defaults to: $auth_protocol://$auth_host:5000/
``database_connection``
(optional) Connection url for the neutron database.
(Defaults to 'sqlite:////var/lib/neutron/ovs.sqlite')
Note: for this resource it is decomposed to the
'db_host', 'db_port', 'db_user', 'db_password' inputs
due to implementation limitations
``database_max_retries``
(optional) Maximum database connection retries during startup.
(Defaults to 10)
``sql_max_retries``
DEPRECATED: Use database_max_retries instead.
``max_retries``
DEPRECATED: Use database_max_retries instead.
``database_idle_timeout``
(optional) Timeout before idle database connections are reaped.
Deprecates sql_idle_timeout
(Defaults to 3600)
``sql_idle_timeout``
DEPRECATED: Use database_idle_timeout instead.
``idle_timeout``
DEPRECATED: Use database_idle_timeout instead.
``database_retry_interval``
(optional) Interval between retries of opening a database connection.
(Defaults to 10)
``sql_reconnect_interval``
DEPRECATED: Use database_retry_interval instead.
``retry_interval``
DEPRECATED: Use database_retry_interval instead.
``database_min_pool_size``
(optional) Minimum number of SQL connections to keep open in a pool.
Defaults to: 1
``database_max_pool_size``
(optional) Maximum number of SQL connections to keep open in a pool.
Defaults to: 10
``database_max_overflow``
(optional) If set, use this value for max_overflow with sqlalchemy.
Defaults to: 20
``sync_db``
(optional) Run neutron-db-manage on api nodes after installing the package.
Defaults to false
``api_workers``
(optional) Number of separate worker processes to spawn.
The default, count of machine's processors, runs the worker thread in the
current process.
Greater than 0 launches that number of child processes as workers.
The parent process manages them.
Defaults to: $::processorcount
``rpc_workers``
(optional) Number of separate RPC worker processes to spawn.
The default, count of machine's processors, runs the worker thread in the
current process.
Greater than 0 launches that number of child processes as workers.
The parent process manages them.
Defaults to: $::processorcount
``agent_down_time``
(optional) Seconds to regard the agent as down; should be at least twice
report_interval, to be sure the agent is down for good.
agent_down_time is a config for neutron-server, set by class neutron::server
report_interval is a config for neutron agents, set by class neutron
Defaults to: 75
``router_scheduler_driver``
(optional) Driver to use for scheduling router to a default L3 agent. Could be:
neutron.scheduler.l3_agent_scheduler.ChanceScheduler to schedule a router in a random way
neutron.scheduler.l3_agent_scheduler.LeastRoutersScheduler to allocate on an L3 agent with the least number of routers bound.
Defaults to: neutron.scheduler.l3_agent_scheduler.ChanceScheduler
``mysql_module``
(optional) Deprecated. Does nothing.
``router_distributed``
(optional) Setting the "router_distributed" flag to "True" will default to the creation
of distributed tenant routers.
Also can be the type of the router on the create request (admin-only attribute).
Defaults to false
``l3_ha``
(optional) Enable high availability for virtual routers.
Defaults to false
``max_l3_agents_per_router``
(optional) Maximum number of l3 agents which a HA router will be scheduled on. If set to '0', a router will be scheduled on every agent.
Defaults to '3'
``min_l3_agents_per_router``
(optional) Minimum number of l3 agents which a HA router will be scheduled on.
Defaults to '2'
``l3_ha_net_cidr``
(optional) CIDR of the administrative network if HA mode is enabled.
Defaults to '169.254.192.0/18'

View File

@ -0,0 +1,10 @@
class { 'neutron::server':
enabled => false,
package_ensure => 'absent',
auth_password => 'not important as removed',
}
# Remove external class dependency
Service <| title == 'neutron-server' |> {
require => undef
}

View File

@ -0,0 +1,92 @@
$resource = hiera($::resource_name)
$ip = $resource['input']['ip']['value']
$db_user = $resource['input']['db_user']['value']
$db_host = $resource['input']['db_host']['value']
$db_password = $resource['input']['db_password']['value']
$db_name = $resource['input']['db_name']['value']
$package_ensure = $resource['input']['package_ensure']['value']
$auth_password = $resource['input']['auth_password']['value']
$auth_type = $resource['input']['auth_type']['value']
$auth_host = $resource['input']['auth_host']['value']
$auth_port = $resource['input']['auth_port']['value']
$auth_admin_prefix = $resource['input']['auth_admin_prefix']['value']
$auth_tenant = $resource['input']['auth_tenant']['value']
$auth_user = $resource['input']['auth_user']['value']
$auth_protocol = $resource['input']['auth_protocol']['value']
$auth_uri = $resource['input']['auth_uri']['value']
$database_max_retries = $resource['input']['database_max_retries']['value']
$database_idle_timeout = $resource['input']['database_idle_timeout']['value']
$database_retry_interval = $resource['input']['database_retry_interval']['value']
$database_min_pool_size = $resource['input']['database_min_pool_size']['value']
$database_max_pool_size = $resource['input']['database_max_pool_size']['value']
$database_max_overflow = $resource['input']['database_max_overflow']['value']
$sync_db = $resource['input']['sync_db']['value']
$api_workers = $resource['input']['api_workers']['value']
$rpc_workers = $resource['input']['rpc_workers']['value']
$agent_down_time = $resource['input']['agent_down_time']['value']
$router_scheduler_driver = $resource['input']['router_scheduler_driver']['value']
$router_distributed = $resource['input']['router_distributed']['value']
$l3_ha = $resource['input']['l3_ha']['value']
$max_l3_agents_per_router = $resource['input']['max_l3_agents_per_router']['value']
$min_l3_agents_per_router = $resource['input']['min_l3_agents_per_router']['value']
$l3_ha_net_cidr = $resource['input']['l3_ha_net_cidr']['value']
$mysql_module = $resource['input']['mysql_module']['value']
$sql_max_retries = $resource['input']['sql_max_retries']['value']
$max_retries = $resource['input']['max_retries']['value']
$sql_idle_timeout = $resource['input']['sql_idle_timeout']['value']
$idle_timeout = $resource['input']['idle_timeout']['value']
$sql_reconnect_interval = $resource['input']['sql_reconnect_interval']['value']
$retry_interval = $resource['input']['retry_interval']['value']
$log_dir = $resource['input']['log_dir']['value']
$log_file = $resource['input']['log_file']['value']
$report_interval = $resource['input']['report_interval']['value']
class { 'neutron::server':
enabled => true,
manage_service => true,
database_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}",
package_ensure => $package_ensure,
auth_password => $auth_password,
auth_type => $auth_type,
auth_host => $auth_host,
auth_port => $auth_port,
auth_admin_prefix => $auth_admin_prefix,
auth_tenant => $auth_tenant,
auth_user => $auth_user,
auth_protocol => $auth_protocol,
auth_uri => $auth_uri,
database_max_retries => $database_max_retries,
database_idle_timeout => $database_idle_timeout,
database_retry_interval => $database_retry_interval,
database_min_pool_size => $database_min_pool_size,
database_max_pool_size => $database_max_pool_size,
database_max_overflow => $database_max_overflow,
sync_db => $sync_db,
api_workers => $api_workers,
rpc_workers => $rpc_workers,
agent_down_time => $agent_down_time,
router_scheduler_driver => $router_scheduler_driver,
router_distributed => $router_distributed,
l3_ha => $l3_ha,
max_l3_agents_per_router => $max_l3_agents_per_router,
min_l3_agents_per_router => $min_l3_agents_per_router,
l3_ha_net_cidr => $l3_ha_net_cidr,
mysql_module => $mysql_module,
sql_max_retries => $sql_max_retries,
max_retries => $max_retries,
sql_idle_timeout => $sql_idle_timeout,
idle_timeout => $idle_timeout,
sql_reconnect_interval => $sql_reconnect_interval,
retry_interval => $retry_interval,
log_dir => $log_dir,
log_file => $log_file,
report_interval => $report_interval,
}
# Remove external class dependency
Service <| title == 'neutron-server' |> {
require => undef
}

View File

@ -0,0 +1,142 @@
handler: puppet
id: 'neutron_server_puppet'
input:
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
db_user:
schema: str!
value:
db_password:
schema: str!
value:
db_name:
schema: str!
value:
db_host:
schema: str!
value:
package_ensure:
schema: str
value: 'present'
auth_password:
schema: str!
value:
auth_type:
schema: str
value: 'keystone'
auth_host:
schema: str
value: 'localhost'
auth_port:
schema: int
value: 35357
auth_admin_prefix:
schema: str
value:
auth_tenant:
schema: str
value: 'services'
auth_user:
schema: str
value: 'neutron'
auth_protocol:
schema: str
value: 'http'
auth_uri:
schema: str
value:
database_max_retries:
schema: int
value: 10
database_idle_timeout:
schema: int
value: 3600
database_retry_interval:
schema: int
value: 10
database_min_pool_size:
schema: int
value: 1
database_max_pool_size:
schema: int
value: 10
database_max_overflow:
schema: int
value: 20
sync_db:
schema: bool
value: false
api_workers:
schema: int
value: 1
rpc_workers:
schema: int
value: 1
agent_down_time:
schema: int
value: 75
router_scheduler_driver:
schema: str
value: 'neutron.scheduler.l3_agent_scheduler.ChanceScheduler'
router_distributed:
schema: bool
value: false
l3_ha:
schema: bool
value: false
max_l3_agents_per_router:
schema: int
value: 3
min_l3_agents_per_router:
schema: int
value: 2
l3_ha_net_cidr:
schema: str
value: '169.254.192.0/18'
mysql_module:
schema: str
value:
sql_max_retries:
schema: str
value:
max_retries:
schema: str
value:
sql_idle_timeout:
schema: str
value:
idle_timeout:
schema: str
value:
sql_reconnect_interval:
schema: str
value:
retry_interval:
schema: str
value:
log_dir:
schema: str
value:
log_file:
schema: str
value:
report_interval:
schema: str
value:
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-neutron', branch: '5.1.0'}
puppet_module: 'neutron'
tags: [resource/neutron, resource/neutron_service, resource/neutron_server, resource/neutron_api]
version: 1.0.0

View File

@ -32,6 +32,9 @@ source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/network/neu
``neutron_url`` ``neutron_url``
(optional) URL for connecting to the Neutron networking service. (optional) URL for connecting to the Neutron networking service.
Defaults to 'http://127.0.0.1:9696' Defaults to 'http://127.0.0.1:9696'
Note: for this resource it is decomposed to the
'neutron_endpoint_host', 'neutron_endpoint_port', 'neutron_endpoint_protocol' inputs
due to implementation limitations
``neutron_url_timeout`` ``neutron_url_timeout``
(optional) Timeout value for connecting to neutron in seconds. (optional) Timeout value for connecting to neutron in seconds.
@ -73,6 +76,9 @@ source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/network/neu
This is the Identity (keystone) admin API server IP and port value, This is the Identity (keystone) admin API server IP and port value,
and not the Identity service API IP and port. and not the Identity service API IP and port.
Defaults to 'http://127.0.0.1:35357/v2.0' Defaults to 'http://127.0.0.1:35357/v2.0'
Note: for this resource it is decomposed to the
'auth_host', 'auth_port', 'auth_protocol' inputs
due to implementation limitations
``network_api_class`` ``network_api_class``
(optional) The full class name of the network API class. (optional) The full class name of the network API class.

View File

@ -1,16 +1,21 @@
$resource = hiera($::resource_name) $resource = hiera($::resource_name)
$auth_host = $resource['input']['auth_host']['value']
$auth_port = $resource['input']['auth_port']['value']
$auth_protocol = $resource['input']['auth_protocol']['value']
$neutron_endpoint_host = $resource['input']['neutron_endpoint_host']['value']
$neutron_endpoint_port = $resource['input']['neutron_endpoint_port']['value']
$neutron_endpoint_protocol = $resource['input']['neutron_endpoint_protocol']['value']
$libvirt_vif_driver = $resource['input']['libvirt_vif_driver']['value'] $libvirt_vif_driver = $resource['input']['libvirt_vif_driver']['value']
$force_snat_range = $resource['input']['force_snat_range']['value'] $force_snat_range = $resource['input']['force_snat_range']['value']
$neutron_admin_password = $resource['input']['neutron_admin_password']['value'] $neutron_admin_password = $resource['input']['neutron_admin_password']['value']
$neutron_auth_strategy = $resource['input']['neutron_auth_strategy']['value'] $neutron_auth_strategy = $resource['input']['neutron_auth_strategy']['value']
$neutron_url = $resource['input']['neutron_url']['value']
$neutron_url_timeout = $resource['input']['neutron_url_timeout']['value'] $neutron_url_timeout = $resource['input']['neutron_url_timeout']['value']
$neutron_admin_tenant_name = $resource['input']['neutron_admin_tenant_name']['value'] $neutron_admin_tenant_name = $resource['input']['neutron_admin_tenant_name']['value']
$neutron_default_tenant_id = $resource['input']['neutron_default_tenant_id']['value'] $neutron_default_tenant_id = $resource['input']['neutron_default_tenant_id']['value']
$neutron_region_name = $resource['input']['neutron_region_name']['value'] $neutron_region_name = $resource['input']['neutron_region_name']['value']
$neutron_admin_username = $resource['input']['neutron_admin_username']['value'] $neutron_admin_username = $resource['input']['neutron_admin_username']['value']
$neutron_admin_auth_url = $resource['input']['neutron_admin_auth_url']['value']
$neutron_ovs_bridge = $resource['input']['neutron_ovs_bridge']['value'] $neutron_ovs_bridge = $resource['input']['neutron_ovs_bridge']['value']
$neutron_extension_sync_interval = $resource['input']['neutron_extension_sync_interval']['value'] $neutron_extension_sync_interval = $resource['input']['neutron_extension_sync_interval']['value']
$neutron_ca_certificates_file = $resource['input']['neutron_ca_certificates_file']['value'] $neutron_ca_certificates_file = $resource['input']['neutron_ca_certificates_file']['value']
@ -30,13 +35,13 @@ class { 'nova::compute::neutron':
class { 'nova::network::neutron': class { 'nova::network::neutron':
neutron_admin_password => $neutron_admin_password, neutron_admin_password => $neutron_admin_password,
neutron_auth_strategy => $neutron_auth_strategy, neutron_auth_strategy => $neutron_auth_strategy,
neutron_url => $neutron_url, neutron_url => "${neutron_endpoint_protocol}://${neutron_endpoint_host}:${neutron_endpoint_port}",
neutron_url_timeout => $neutron_url_timeout, neutron_url_timeout => $neutron_url_timeout,
neutron_admin_tenant_name => $neutron_admin_tenant_name, neutron_admin_tenant_name => $neutron_admin_tenant_name,
neutron_default_tenant_id => $neutron_default_tenant_id, neutron_default_tenant_id => $neutron_default_tenant_id,
neutron_region_name => $neutron_region_name, neutron_region_name => $neutron_region_name,
neutron_admin_username => $neutron_admin_username, neutron_admin_username => $neutron_admin_username,
neutron_admin_auth_url => $neutron_admin_auth_url, neutron_admin_auth_url => "${auth_protocol}://${auth_host}:${auth_port}/v2.0",
neutron_ovs_bridge => $neutron_ovs_bridge, neutron_ovs_bridge => $neutron_ovs_bridge,
neutron_extension_sync_interval => $neutron_extension_sync_interval, neutron_extension_sync_interval => $neutron_extension_sync_interval,
neutron_ca_certificates_file => $neutron_ca_certificates_file, neutron_ca_certificates_file => $neutron_ca_certificates_file,

View File

@ -3,6 +3,25 @@ handler: puppet
puppet_module: nova puppet_module: nova
version: 1.0.0 version: 1.0.0
input: input:
auth_host:
schema: str
value: 'localhost'
auth_port:
schema: int
value: 35357
auth_protocol:
schema: str
value: 'http'
neutron_endpoint_host:
schema: str
value: 'localhost'
neutron_endpoint_port:
schema: int
value: 9696
neutron_endpoint_protocol:
schema: str
value: 'http'
libvirt_vif_driver: libvirt_vif_driver:
schema: str schema: str
value: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' value: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver'
@ -15,9 +34,6 @@ input:
neutron_auth_strategy: neutron_auth_strategy:
schema: str schema: str
value: 'keystone' value: 'keystone'
neutron_url:
schema: str
value: 'http://127.0.0.1:9696'
neutron_url_timeout: neutron_url_timeout:
schema: int schema: int
value: 30 value: 30
@ -33,9 +49,6 @@ input:
neutron_admin_username: neutron_admin_username:
schema: str schema: str
value: 'neutron' value: 'neutron'
neutron_admin_auth_url:
schema: str
value: 'http://127.0.0.1:35357/v2.0'
neutron_ovs_bridge: neutron_ovs_bridge:
schema: str schema: str
value: 'br-int' value: 'br-int'

View File

@ -26,13 +26,28 @@ def validate():
@changes.command() @changes.command()
def stage(): @click.option('-d', default=False, is_flag=True)
def stage(d):
log = list(change.stage_changes().reverse()) log = list(change.stage_changes().reverse())
for item in log: for item in log:
click.echo(item) click.echo(item)
if d:
for line in item.details:
click.echo(' '*4+line)
if not log: if not log:
click.echo('No changes') click.echo('No changes')
@changes.command(name='staged-item')
@click.argument('log_action')
@click.option('-d', default=True, is_flag=True)
def staged_item(log_action, d):
item = data.SL().get(log_action)
if not item:
click.echo('No staged changes for {}'.format(log_action))
else:
click.echo(item)
for line in item.details:
click.echo(' '*4+line)
@changes.command() @changes.command()
def process(): def process():

View File

@ -2,7 +2,7 @@ import click
import os import os
import re import re
uids_history = os.path.join(os.getcwd(), '.solar_cli_uids') UIDS_HISTORY = os.path.join(os.getcwd(), '.solar_cli_uids')
def remember_uid(uid): def remember_uid(uid):
@ -11,14 +11,14 @@ def remember_uid(uid):
Can be used then as `last`, `last1`, `last2` anywhere Can be used then as `last`, `last1`, `last2` anywhere
""" """
try: try:
with open(uids_history, 'rb') as f: with open(UIDS_HISTORY, 'rb') as f:
hist = [x.strip() for x in f.readlines()] hist = [x.strip() for x in f.readlines()]
except IOError: except IOError:
hist = [] hist = []
hist.insert(0, uid) hist.insert(0, uid)
if len(hist) > 3: if len(hist) > 3:
hist = hist[:3] hist = hist[:3]
with open(uids_history, 'wb') as f: with open(UIDS_HISTORY, 'wb') as f:
f.write('\n'.join(hist)) f.write('\n'.join(hist))
@ -32,7 +32,7 @@ def get_uid(given_uid):
position = int(matched.group(1)) position = int(matched.group(1))
except ValueError: except ValueError:
position = 0 position = 0
with open(uids_history, 'rb') as f: with open(UIDS_HISTORY, 'rb') as f:
uids = [x.strip() for x in f.readlines()] uids = [x.strip() for x in f.readlines()]
try: try:
return uids[position] return uids[position]

View File

@ -27,10 +27,6 @@ def create_resource(name, base_path, args, virtual_resource=None):
prepare_meta(metadata) prepare_meta(metadata)
if os.path.exists(actions_path):
for f in os.listdir(actions_path):
metadata['actions'][os.path.splitext(f)[0]] = f
tags = metadata.get('tags', []) tags = metadata.get('tags', [])
resource = Resource(name, metadata, args, tags, virtual_resource) resource = Resource(name, metadata, args, tags, virtual_resource)

View File

@ -63,6 +63,20 @@ class LogItem(object):
def compact(self): def compact(self):
return 'log task={} uid={}'.format(self.log_action, self.uid) return 'log task={} uid={}'.format(self.log_action, self.uid)
@property
def details(self):
rst = []
for type_, val, change in self.diff:
if type_ == 'add':
for it in change:
if isinstance(it, dict):
rst.append('++ {}: {}'.format(it[0], it[1]['value']))
else:
rst.append('++ {}: {}'.format(it[0], str(it[1])))
elif type_ == 'change':
rst.append('-+ {}: {} >> {}'.format(val, change[0], change[1]))
return rst
class Log(object): class Log(object):