diff --git a/example-puppet.py b/example-puppet.py index a934b3ee..4b22e188 100644 --- a/example-puppet.py +++ b/example-puppet.py @@ -37,8 +37,8 @@ def deploy(): signals.Connections.clear() - node1 = vr.create('nodes', 'templates/nodes.yml', {})[0] - + node1, node2 = vr.create('nodes', 'templates/nodes.yml', {}) + # MARIADB mariadb_service1 = vr.create('mariadb_service1', 'resources/mariadb_service', { 'image': 'mariadb', @@ -279,7 +279,7 @@ def deploy(): signals.connect(cinder_puppet, cinder_volume_puppet) # NOVA - nova_api = vr.create('nova_api', 'resources/nova_api_puppet', {})[0] + nova_puppet = vr.create('nova_puppet', 'resources/nova_puppet', {})[0] nova_db = vr.create('nova_db', 'resources/mariadb_db/', { 'db_name': 'nova_db', 'login_user': 'root'})[0] @@ -298,12 +298,9 @@ def deploy(): 'internalurl': 'http://{{internal_ip}}:{{internal_port}}/v2/%(tenant_id)s', 'publicurl': 'http://{{public_ip}}:{{public_port}}/v2/%(tenant_id)s', 'description': 'OpenStack Compute Service', - 'type': 'compute', - 'public_port': 8774, - 'internal_port': 8774, - 'admin_port': 8774})[0] + 'type': 'compute'})[0] - signals.connect(node1, nova_api) + signals.connect(node1, nova_puppet) signals.connect(node1, nova_db) signals.connect(node1, nova_db_user) signals.connect(mariadb_service1, nova_db, { @@ -314,41 +311,81 @@ def deploy(): signals.connect(mariadb_service1, nova_db_user, { 'port': 'login_port', 'root_password': 'login_password'}) + signals.connect(admin_user, nova_puppet, {'user_name': 'keystone_user', 'user_password': 'keystone_password', 'tenant_name': 'keystone_tenant'}) #? + signals.connect(openstack_vhost, nova_puppet, {'vhost_name': 'rabbit_virtual_host'}) signals.connect(nova_db, nova_db_user, {'db_name', 'db_host'}) signals.connect(services_tenant, nova_keystone_user) signals.connect(nova_keystone_user, nova_keystone_role) - signals.connect(keystone_puppet, nova_api, { + signals.connect(keystone_puppet, nova_puppet, { 'ip': 'keystone_host', 'admin_port': 'keystone_port'}) - signals.connect(nova_keystone_user, nova_api, { - 'user_name': 'keystone_user_name', - 'tenant_name': 'keystone_tenant_name', + signals.connect(nova_keystone_user, nova_puppet, { + 'user_name': 'keystone_user', + 'tenant_name': 'keystone_tenant', 'user_password': 'keystone_password'}) - signals.connect(rabbitmq_service1, nova_api, { - 'ip': 'rabbitmq_host'}) - signals.connect(openstack_rabbitmq_user, nova_api, { - 'user_name': 'rabbitmq_user', - 'password': 'rabbitmq_password'}) + signals.connect(rabbitmq_service1, nova_puppet, { + 'ip': 'rabbit_host', 'port': 'rabbit_port'}) + signals.connect(openstack_rabbitmq_user, nova_puppet, { + 'user_name': 'rabbit_userid', + 'password': 'rabbit_password'}) signals.connect(keystone_puppet, nova_keystone_service_endpoint, { 'ip': 'keystone_host', 'admin_port': 'keystone_admin_port', 'admin_token': 'admin_token'}) - signals.connect(mariadb_service1, nova_api, { + signals.connect(mariadb_service1, nova_puppet, { 'ip':'db_host'}) - signals.connect(nova_db_user, nova_api, { + signals.connect(nova_db_user, nova_puppet, { 'user_name':'db_user', 'db_name':'db_name', 'user_password':'db_password', 'db_host' : 'db_host'}) - signals.connect(nova_api, nova_keystone_service_endpoint, { - 'ip': ['ip', 'public_ip', 'internal_ip', 'admin_ip'], - 'ssh_key': 'ssh_key', - 'ssh_user': 'ssh_user'}) - signals.connect(nova_api, nova_keystone_service_endpoint, { - 'ip': 'ip', + signals.connect(nova_puppet, nova_keystone_service_endpoint, { + 'ip': ['ip', 'keystone_host', 'public_ip', 'internal_ip', 'admin_ip'], + 'port': ['admin_port', 'internal_port', 'public_port'], 'ssh_key': 'ssh_key', 'ssh_user': 'ssh_user'}) + # NOVA API + nova_api_puppet = vr.create('nova_api_puppet', 'resources/nova_api_puppet', {})[0] + signals.connect(node1, nova_api_puppet) + signals.connect(nova_puppet, nova_api_puppet, { + 'keystone_tenant': 'admin_tenant_name', + 'keystone_user': 'admin_user', + 'keystone_password': 'admin_password', + 'keystone_host': 'auth_host', + 'keystone_port': 'auth_port'}) + + # NOVA CONDUCTOR + nova_conductor_puppet = vr.create('nova_conductor_puppet', 'resources/nova_conductor_puppet', {})[0] + signals.connect(node1, nova_conductor_puppet) + signals.connect(nova_puppet, nova_conductor_puppet) + + # NOVA COMPUTE + # Deploy chain (nova, node_networking(TODO)) -> (nova_compute_libvirt, nova_neutron) -> nova_compute + nova_compute_puppet = vr.create('nova_compute_puppet', 'resources/nova_compute_puppet', {})[0] + # TODO (bogdando) figure out how to use it for multiple glance api servers + nova_puppet2 = vr.create('nova_puppet2', 'resources/nova_puppet', { + 'glance_api_servers': '{{glance_api_servers_host}}:{{glance_api_servers_port}}' + })[0] + signals.connect(nova_puppet, nova_puppet2, { + 'ensure_package', 'rabbit_host', + 'rabbit_password', 'rabbit_port', 'rabbit_userid', + 'rabbit_virtual_host', 'db_user', 'db_password', + 'db_name', 'db_host', 'keystone_password', + 'keystone_port', 'keystone_host', 'keystone_tenant', + 'keystone_user', + }) + # TODO(bogdando): Make a connection for nova_puppet2.glance_api_servers = "glance_api_puppet.ip:glance_api_puppet.bind_port" + signals.connect(node2, nova_puppet2) + signals.connect(node2, nova_compute_puppet) + + # NOVA COMPUTE LIBVIRT, NOVA_NEUTRON + # NOTE(bogdando): changes nova config, so should notify nova compute service + nova_compute_libvirt_puppet = vr.create('nova_compute_libvirt_puppet', 'resources/nova_compute_libvirt_puppet', {})[0] + signals.connect(node2, nova_compute_libvirt_puppet) + nova_neutron_puppet = vr.create('nova_neutron_puppet', 'resources/nova_neutron_puppet', {})[0] + signals.connect(node2, nova_neutron_puppet) + # signals.connect(keystone_puppet, nova_network_puppet, {'ip': 'keystone_host', 'port': 'keystone_port'}) # signals.connect(keystone_puppet, nova_keystone_service_endpoint, {'ip': 'keystone_host', 'admin_port': 'keystone_port', 'admin_token': 'admin_token'}) # signals.connect(rabbitmq_service1, nova_network_puppet, {'ip': 'rabbitmq_host', 'port': 'rabbitmq_port'}) @@ -420,6 +457,12 @@ def deploy(): 'pipeline': 'keystone', }) + # Update glance_api_service for nova compute + signals.connect(glance_api_puppet, nova_puppet2, { + 'ip': 'glance_api_servers_host', + 'bind_port': 'glance_api_servers_port' + }) + has_errors = False for r in locals().values(): if not isinstance(r, resource.Resource): @@ -468,12 +511,20 @@ def deploy(): actions.resource_action(cinder_api_puppet, 'run') actions.resource_action(cinder_scheduler_puppet, 'run') actions.resource_action(cinder_volume_puppet, 'run') + actions.resource_action(nova_db, 'run') actions.resource_action(nova_db_user, 'run') actions.resource_action(nova_keystone_user, 'run') actions.resource_action(nova_keystone_role, 'run') - actions.resource_action(nova_api, 'run') + actions.resource_action(nova_puppet, 'run') actions.resource_action(nova_keystone_service_endpoint, 'run') + actions.resource_action(nova_api_puppet, 'run') + actions.resource_action(nova_conductor_puppet, 'run') + + actions.resource_action(nova_puppet2, 'run') + actions.resource_action(nova_compute_libvirt_puppet, 'run') + actions.resource_action(nova_neutron_puppet, 'run') + actions.resource_action(nova_compute_puppet, 'run') actions.resource_action(glance_db, 'run') actions.resource_action(glance_db_user, 'run') @@ -483,8 +534,6 @@ def deploy(): actions.resource_action(glance_api_puppet, 'run') actions.resource_action(glance_registry_puppet, 'run') - #actions.resource_action(glance, 'run') - time.sleep(10) @@ -503,7 +552,13 @@ def undeploy(): 'nova_db', 'nova_db_user', 'nova_keystone_service_endpoint', - 'nova_api', + 'nova_conductor_puppet', + 'nova_api_puppet', + 'nova_puppet', + 'nova_compute_puppet', + 'nova_neutron_puppet', + 'nova_compute_libvirt_puppet', + 'nova_puppet2', 'cinder_volume_puppet', 'cinder_scheduler_puppet', 'cinder_api_puppet', @@ -541,37 +596,6 @@ def undeploy(): except errors.SolarError as e: print 'WARNING: %s' % str(e) - #actions.resource_action(resources['nova_keystone_service_endpoint'], 'remove' ) - # actions.resource_action(resources['nova_network_puppet'], 'remove' ) - - # actions.resource_action(resources['nova_keystone_role'], 'remove') - # actions.resource_action(resources['nova_keystone_user'], 'remove') - - # actions.resource_action(resources['neutron_keystone_service_endpoint'], 'remove' ) - # actions.resource_action(resources['neutron_puppet'], 'remove' ) - - # actions.resource_action(resources['cinder_puppet'], 'remove' ) - # actions.resource_action(resources['cinder_keystone_role'], 'remove') - # actions.resource_action(resources['cinder_keystone_user'], 'remove') - - # actions.resource_action(resources['neutron_keystone_role'], 'remove') - # actions.resource_action(resources['neutron_keystone_user'], 'remove') - # actions.resource_action(resources['services_tenant'], 'remove') - - # actions.resource_action(resources['admin_role'], 'remove') - # actions.resource_action(resources['admin_user'], 'remove') - # actions.resource_action(resources['admin_tenant'], 'remove') - - # actions.resource_action(resources['keystone_puppet'], 'remove') - # actions.resource_action(resources['keystone_db_user'], 'remove') - # actions.resource_action(resources['keystone_db'], 'remove') - - # actions.resource_action(resources['mariadb_service1'], 'remove') - - # actions.resource_action(resources['openstack_rabbitmq_user'], 'remove') - # actions.resource_action(resources['openstack_vhost'], 'remove') - # actions.resource_action(resources['rabbitmq_service1'], 'remove') - db.clear() signals.Connections.clear() diff --git a/resources/cinder_api_puppet/meta.yaml b/resources/cinder_api_puppet/meta.yaml index 6164176a..114db75a 100644 --- a/resources/cinder_api_puppet/meta.yaml +++ b/resources/cinder_api_puppet/meta.yaml @@ -1,6 +1,6 @@ id: cinder_api_puppet handler: puppet -puppet_module: cinder_api +puppet_module: cinder version: 1.0.0 input: keystone_password: diff --git a/resources/cinder_puppet/README.md b/resources/cinder_puppet/README.md index 0f288ca8..52021836 100644 --- a/resources/cinder_puppet/README.md +++ b/resources/cinder_puppet/README.md @@ -1,6 +1,6 @@ # Cinder resource for puppet handler -Controlls a live cycle of the cinder entities, +Controls a live cycle of the cinder entities, like the main puppet class, auth, DB, AMQP, packages, keystone user, role and endpoint. @@ -109,4 +109,4 @@ source https://github.com/openstack/puppet-cinder/blob/5.1.0/manifests/init.pp ``sql_connection`` DEPRECATED ``sql_idle_timeout`` - DEPRECATED \ No newline at end of file + DEPRECATED diff --git a/resources/cinder_scheduler_puppet/meta.yaml b/resources/cinder_scheduler_puppet/meta.yaml index 5a7ce2b6..24c98431 100644 --- a/resources/cinder_scheduler_puppet/meta.yaml +++ b/resources/cinder_scheduler_puppet/meta.yaml @@ -1,6 +1,6 @@ id: cinder_scheduler_puppet handler: puppet -puppet_module: cinder_scheduler +puppet_module: cinder version: 1.0.0 input: scheduler_driver: diff --git a/resources/cinder_volume_puppet/meta.yaml b/resources/cinder_volume_puppet/meta.yaml index 20bc84fd..9146a153 100644 --- a/resources/cinder_volume_puppet/meta.yaml +++ b/resources/cinder_volume_puppet/meta.yaml @@ -1,6 +1,6 @@ id: cinder_volume_puppet handler: puppet -puppet_module: cinder_volume +puppet_module: cinder version: 1.0.0 input: package_ensure: diff --git a/resources/glance_api_service/test.py b/resources/glance_api_service/test.py index 23dcb7de..ba87049c 100644 --- a/resources/glance_api_service/test.py +++ b/resources/glance_api_service/test.py @@ -9,7 +9,7 @@ def test(resource): args = resource.args - token = validation.validate_token( + token, _ = validation.validate_token( keystone_host=args['keystone_host'].value, keystone_port=args['keystone_port'].value, user='glance_admin', diff --git a/resources/glance_puppet/README.md b/resources/glance_puppet/README.md index 8c84b90f..74be1851 100644 --- a/resources/glance_puppet/README.md +++ b/resources/glance_puppet/README.md @@ -1,6 +1,6 @@ # Glance (API) resource for puppet handler -Controlls a live cycle of the glance entities, +Controls a live cycle of the glance entities, like the main puppet class, auth, DB, AMQP, packages, keystone user, role and endpoint, API service. Also configures glance file backend. diff --git a/resources/glance_puppet/test.py b/resources/glance_puppet/test.py index b3ee8f02..e6fece1f 100644 --- a/resources/glance_puppet/test.py +++ b/resources/glance_puppet/test.py @@ -13,7 +13,7 @@ def test(resource): args = resource.args - token = validation.validate_token( + token, _ = validation.validate_token( keystone_host=args['keystone_host'].value, keystone_port=args['keystone_port'].value, user=args['keystone_user'].value, diff --git a/resources/keystone_service_endpoint/test.py b/resources/keystone_service_endpoint/test.py index edeede03..19819125 100644 --- a/resources/keystone_service_endpoint/test.py +++ b/resources/keystone_service_endpoint/test.py @@ -12,7 +12,7 @@ def test(resource): 'http://%s:%s/v3/services' % (resource.args['ip'].value, resource.args['keystone_admin_port'].value), headers={ 'X-Auth-Token': resource.args['admin_token'].value, - } + } ) resp_json = resp.json() diff --git a/resources/keystone_user/test.py b/resources/keystone_user/test.py index fcce9508..f37f375e 100644 --- a/resources/keystone_user/test.py +++ b/resources/keystone_user/test.py @@ -9,7 +9,7 @@ def test(resource): args = resource.args - token = validation.validate_token( + token, _ = validation.validate_token( keystone_host=args['keystone_host'].value, keystone_port=args['keystone_port'].value, user=args['user_name'].value, diff --git a/resources/nova_api_puppet/README.md b/resources/nova_api_puppet/README.md new file mode 100644 index 00000000..9fc2bb88 --- /dev/null +++ b/resources/nova_api_puppet/README.md @@ -0,0 +1,141 @@ +# Nova API resource for puppet handler + +Setup and configure the Nova API service + +# Parameters + +source https://github.com/openstack/puppet-nova_api/blob/5.1.0/manifests/api.pp + + ``admin_password`` + (required) The password to set for the nova admin user in keystone + + ``ensure_package`` + (optional) Whether the nova api package will be installed + Defaults to 'present' + + ``auth_strategy`` + (DEPRECATED) Does nothing and will be removed in Icehouse + Defaults to false + + ``auth_host`` + (optional) The IP of the server running keystone + Defaults to '127.0.0.1' + + ``auth_port`` + (optional) The port to use when authenticating against Keystone + Defaults to 35357 + + ``auth_protocol`` + (optional) The protocol to use when authenticating against Keystone + Defaults to 'http' + + ``auth_uri`` + (optional) The uri of a Keystone service to authenticate against + Defaults to false + + ``auth_admin_prefix`` + (optional) Prefix to prepend at the beginning of the keystone path + Defaults to false + + ``auth_version`` + (optional) API version of the admin Identity API endpoint + for example, use 'v3.0' for the keystone version 3.0 api + Defaults to false + + ``admin_tenant_name`` + (optional) The name of the tenant to create in keystone for use by the nova services + Defaults to 'services' + + ``admin_user`` + (optional) The name of the user to create in keystone for use by the nova services + Defaults to 'nova' + + ``api_bind_address`` + (optional) IP address for nova-api server to listen + Defaults to '0.0.0.0' + + ``metadata_listen`` + (optional) IP address for metadata server to listen + Defaults to '0.0.0.0' + + ``enabled_apis`` + (optional) A comma separated list of apis to enable + Defaults to 'ec2,osapi_compute,metadata' + + ``keystone_ec2_url`` + (optional) The keystone url where nova should send requests for ec2tokens + Defaults to false + + ``volume_api_class`` + (optional) The name of the class that nova will use to access volumes. Cinder is the only option. + Defaults to 'nova.volume.cinder.API' + + ``use_forwarded_for`` + (optional) Treat X-Forwarded-For as the canonical remote address. Only + enable this if you have a sanitizing proxy. + Defaults to false + + ``osapi_compute_workers`` + (optional) Number of workers for OpenStack API service + Defaults to $::processorcount + + ``ec2_workers`` + (optional) Number of workers for EC2 service + Defaults to $::processorcount + + ``metadata_workers`` + (optional) Number of workers for metadata service + Defaults to $::processorcount + + ``conductor_workers`` + (optional) DEPRECATED. Use workers parameter of nova::conductor + Class instead. + Defaults to undef + + ``sync_db`` + (optional) Run nova-manage db sync on api nodes after installing the package. + Defaults to true + + ``neutron_metadata_proxy_shared_secret`` + (optional) Shared secret to validate proxies Neutron metadata requests + Defaults to undef + + ``pci_alias`` + (optional) Pci passthrough for controller: + Defaults to undef + Example + "[ {'vendor_id':'1234', 'product_id':'5678', 'name':'default'}, {...} ]" + + ``ratelimits`` + (optional) A string that is a semicolon-separated list of 5-tuples. + See http://docs.openstack.org/trunk/config-reference/content/configuring-compute-API.html + Example: '(POST, "*", .*, 10, MINUTE);(POST, "*/servers", ^/servers, 50, DAY);(PUT, "*", .*, 10, MINUTE)' + Defaults to undef + + ``ratelimits_factory`` + (optional) The rate limiting factory to use + Defaults to 'nova.api.openstack.compute.limits:RateLimitingMiddleware.factory' + + ``osapi_v3`` + (optional) Enable or not Nova API v3 + Defaults to false + + ``validate`` + (optional) Whether to validate the service is working after any service refreshes + Defaults to false + + ``validation_options`` + (optional) Service validation options + Should be a hash of options defined in openstacklib::service_validation + If empty, defaults values are taken from openstacklib function. + Default command list nova flavors. + Require validate set at True. + Example: + nova::api::validation_options: + nova-api: + command: check_nova.py + path: /usr/bin:/bin:/usr/sbin:/sbin + provider: shell + tries: 5 + try_sleep: 10 + Defaults to {} diff --git a/resources/nova_api_puppet/actions/remove.pp b/resources/nova_api_puppet/actions/remove.pp index 4d6c4864..4dfb8e20 100644 --- a/resources/nova_api_puppet/actions/remove.pp +++ b/resources/nova_api_puppet/actions/remove.pp @@ -1,29 +1,17 @@ -$resource = hiera($::resource_name) - -$rabbitmq_user = $resource['input']['rabbitmq_user']['value'] -$rabbitmq_password = $resource['input']['rabbitmq_password']['value'] -$rabbitmq_host = $resource['input']['rabbitmq_host']['value'] -$db_user = $resource['input']['db_user']['value'] -$db_password = $resource['input']['db_password']['value'] -$db_name = $resource['input']['db_name']['value'] -$db_host = $resource['input']['db_host']['value'] -$keystone_password = $resource['input']['keystone_password']['value'] -$keystone_host = $resource['input']['keystone_host']['value'] -$keystone_port = $resource['input']['keystone_port']['value'] -$keystone_tenant_name = $resource['input']['keystone_tenant_name']['value'] -$keystone_user = $resource['input']['keystone_user_name']['value'] - -class { 'nova': - database_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}?charset=utf8", - rabbit_userid => $rabbitmq_user, - rabbit_password => $rabbitmq_password, - rabbit_host => $rabbitmq_host, - image_service => 'nova.image.glance.GlanceImageService', - glance_api_servers => 'localhost:9292', - verbose => false, -} - class { 'nova::api': - admin_password => $keystone_password, - ensure_package => 'absent' + ensure_package => 'absent', + enabled => false, + admin_password => 'not important as removed' +} + +include nova::params + +exec { 'post-nova_config': + command => '/bin/echo "Nova config has changed"', + refreshonly => true, +} + +package { 'nova-common': + name => $nova::params::common_package_name, + ensure => 'absent', } diff --git a/resources/nova_api_puppet/actions/run.pp b/resources/nova_api_puppet/actions/run.pp index c1384f8b..46a2eb78 100644 --- a/resources/nova_api_puppet/actions/run.pp +++ b/resources/nova_api_puppet/actions/run.pp @@ -1,33 +1,78 @@ $resource = hiera($::resource_name) -$rabbitmq_user = $resource['input']['rabbitmq_user']['value'] -$rabbitmq_password = $resource['input']['rabbitmq_password']['value'] -$rabbitmq_host = $resource['input']['rabbitmq_host']['value'] -$db_user = $resource['input']['db_user']['value'] -$db_password = $resource['input']['db_password']['value'] -$db_name = $resource['input']['db_name']['value'] -$db_host = $resource['input']['db_host']['value'] -$keystone_password = $resource['input']['keystone_password']['value'] -$keystone_host = $resource['input']['keystone_host']['value'] -$keystone_port = $resource['input']['keystone_port']['value'] -$keystone_tenant_name = $resource['input']['keystone_tenant_name']['value'] -$keystone_user = $resource['input']['keystone_user_name']['value'] +$ensure_package = $resource['input']['ensure_package']['value'] +$auth_strategy = $resource['input']['auth_strategy']['value'] +$auth_host = $resource['input']['auth_host']['value'] +$auth_port = $resource['input']['auth_port']['value'] +$auth_protocol = $resource['input']['auth_protocol']['value'] +$auth_uri = $resource['input']['auth_uri']['value'] +$auth_admin_prefix = $resource['input']['auth_admin_prefix']['value'] +$auth_version = $resource['input']['auth_version']['value'] +$admin_tenant_name = $resource['input']['admin_tenant_name']['value'] +$admin_user = $resource['input']['admin_user']['value'] +$admin_password = $resource['input']['admin_password']['value'] +$api_bind_address = $resource['input']['api_bind_address']['value'] +$metadata_listen = $resource['input']['metadata_listen']['value'] +$enabled_apis = $resource['input']['enabled_apis']['value'] +$keystone_ec2_url = $resource['input']['keystone_ec2_url']['value'] +$volume_api_class = $resource['input']['volume_api_class']['value'] +$use_forwarded_for = $resource['input']['use_forwarded_for']['value'] +$osapi_compute_workers = $resource['input']['osapi_compute_workers']['value'] +$ec2_workers = $resource['input']['ec2_workers']['value'] +$metadata_workers = $resource['input']['metadata_workers']['value'] +$sync_db = $resource['input']['sync_db']['value'] +$neutron_metadata_proxy_shared_secret = $resource['input']['neutron_metadata_proxy_shared_secret']['value'] +$osapi_v3 = $resource['input']['osapi_v3']['value'] +$pci_alias = $resource['input']['pci_alias']['value'] +$ratelimits = $resource['input']['ratelimits']['value'] +$ratelimits_factory = $resource['input']['ratelimits_factory']['value'] +$validate = $resource['input']['validate']['value'] +$validation_options = $resource['input']['validation_options']['value'] +$workers = $resource['input']['workers']['value'] +$conductor_workers = $resource['input']['conductor_workers']['value'] -class { 'nova': - database_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}?charset=utf8", - rabbit_userid => $rabbitmq_user, - rabbit_password => $rabbitmq_password, - rabbit_host => $rabbitmq_host, - image_service => 'nova.image.glance.GlanceImageService', - glance_api_servers => 'localhost:9292', - verbose => false, +exec { 'post-nova_config': + command => '/bin/echo "Nova config has changed"', +} + +include nova::params + +package { 'nova-common': + name => $nova::params::common_package_name, + ensure => $ensure_package, } class { 'nova::api': - enabled => true, - admin_user => $keystone_user, - admin_password => $keystone_password, - auth_host => $keystone_host, - auth_port => $keystone_port, - admin_tenant_name => $keystone_tenant_name, + enabled => true, + manage_service => true, + ensure_package => $ensure_package, + auth_strategy => $auth_strategy, + auth_host => $auth_host, + auth_port => $auth_port, + auth_protocol => $auth_protocol, + auth_uri => $auth_uri, + auth_admin_prefix => $auth_admin_prefix, + auth_version => $auth_version, + admin_tenant_name => $admin_tenant_name, + admin_user => $admin_user, + admin_password => $admin_password, + api_bind_address => $api_bind_address, + metadata_listen => $metadata_listen, + enabled_apis => $enabled_apis, + keystone_ec2_url => $keystone_ec2_url, + volume_api_class => $volume_api_class, + use_forwarded_for => $use_forwarded_for, + osapi_compute_workers => $osapi_compute_workers, + ec2_workers => $ec2_workers, + metadata_workers => $metadata_workers, + sync_db => $sync_db, + neutron_metadata_proxy_shared_secret => $neutron_metadata_proxy_shared_secret, + osapi_v3 => $osapi_v3, + pci_alias => $pci_alias, + ratelimits => $ratelimits, + ratelimits_factory => $ratelimits_factory, + validate => $validate, + validation_options => $validation_options, + workers => $workers, + conductor_workers => $conductor_workers, } diff --git a/resources/nova_api_puppet/meta.yaml b/resources/nova_api_puppet/meta.yaml index 96ff21dc..ca568f8a 100644 --- a/resources/nova_api_puppet/meta.yaml +++ b/resources/nova_api_puppet/meta.yaml @@ -1,50 +1,102 @@ -id: nova +id: nova_api handler: puppet puppet_module: nova version: 1.0.0 input: - db_user: - schema: str! - value: nova - db_password: - schema: str! - value: - db_name: - schema: str! - value: - db_host: - schema: str! - value: - - rabbitmq_user: - schema: str! - value: - rabbitmq_password: - schema: str! - value: - rabbitmq_host: - schema: str! - value: - - keystone_password: - schema: str! - value: - keystone_port: - schema: int! - value: - keystone_host: - schema: str! - value: - keystone_tenant_name: - schema: str! - value: - keystone_user_name: - schema: str! - value: + ensure_package: + schema: str + value: 'present' + auth_strategy: + schema: str + value: '' + auth_host: + schema: str + value: '127.0.0.1' + auth_port: + schema: int + value: 35357 + auth_protocol: + schema: str + value: 'http' + auth_uri: + schema: str + value: '' + auth_admin_prefix: + schema: str + value: '' + auth_version: + schema: str + value: '' + admin_tenant_name: + schema: str + value: 'services' + admin_user: + schema: str + value: 'nova' + admin_password: + schema: str + value: 'nova' + api_bind_address: + schema: str + value: '0.0.0.0' + metadata_listen: + schema: str + value: '0.0.0.0' + enabled_apis: + schema: str + value: 'ec2,osapi_compute,metadata' + keystone_ec2_url: + schema: str + value: '' + volume_api_class: + schema: str + value: 'nova.volume.cinder.API' + use_forwarded_for: + schema: bool + value: false + osapi_compute_workers: + schema: int + value: 1 + ec2_workers: + schema: int + value: 1 + metadata_workers: + schema: int + value: 1 + sync_db: + schema: bool + value: true + neutron_metadata_proxy_shared_secret: + schema: str + value: '' + osapi_v3: + schema: bool + value: false + pci_alias: + schema: str + value: '' + ratelimits: + schema: str + value: '' + ratelimits_factory: + schema: str + value: 'nova.api.openstack.compute.limits:RateLimitingMiddleware.factory' + validate: + schema: bool + value: false + validation_options: + schema: {} + value: {} + workers: + schema: str + value: '' + conductor_workers: + schema: str + value: '' git: schema: {repository: str!, branch: str!} - value: {repository: 'https://github.com/openstack/puppet-nova', branch: 'stable/juno'} + value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'} ip: schema: str! @@ -56,4 +108,4 @@ input: schema: str! value: -tags: [resource/nova_service, resources/nova, resource/nova-api] +tags: [resource/nova_api_service, resources/nova_api, resources/nova] diff --git a/resources/nova_api_puppet/test.py b/resources/nova_api_puppet/test.py new file mode 100644 index 00000000..ca32863f --- /dev/null +++ b/resources/nova_api_puppet/test.py @@ -0,0 +1,92 @@ +import json +import requests + +from solar.core.log import log +from solar.core import validation + + +def test(resource): + log.debug('Testing nova api') + + args = resource.args + + token, token_data = validation.validate_token( + keystone_host=args['auth_host'].value, + keystone_port=args['auth_port'].value, + user=args['admin_user'].value, + tenant=args['admin_tenant_name'].value, + password=args['admin_password'].value, + ) + + endpoints = [ + e['endpoints'] for e in token_data['access']['serviceCatalog'] + if e['name'] == 'nova' + ][0] + public_url = endpoints[0]['publicURL'] + + log.debug('nova admin_url: %s', public_url) + + servers = requests.get( + '{public_url}/servers/detail'.format(public_url=public_url), + headers={ + 'X-Auth-Token': token, + 'Content-Type': 'application/json', + } + ) + + servers_json = servers.json() + + log.debug( + 'NOVA API SERVERS: %s', + json.dumps(servers_json, indent=2) + ) + + assert 'servers' in servers_json + assert isinstance(servers_json['servers'], list) + + flavors = requests.get( + '{public_url}/flavors'.format(public_url=public_url), + headers={ + 'X-Auth-Token': token, + 'Content-Type': 'application/json', + } + ) + + flavors_json = flavors.json() + + log.debug('NOVA API FLAVORS: %s', json.dumps(flavors_json, indent=2)) + + assert 'flavors' in flavors_json + assert isinstance(flavors_json['flavors'], list) + assert len(flavors_json['flavors']) > 0 + + for flavor_data in flavors_json['flavors']: + url = [link['href'] for link in flavor_data['links'] + if link['rel'] == 'self'][0] + + flavor = requests.get( + url, + headers={ + 'X-Auth-Token': token, + 'Content-Type': 'application/json', + } + ) + + flavor_json = flavor.json() + + log.debug( + 'NOVA API FLAVOR %s data: %s', + flavor_data['name'], + json.dumps(flavor_json, indent=2) + ) + + images = requests.get( + '{public_url}/images'.format(public_url=public_url), + headers={ + 'X-Auth-Token': token, + 'Content-Type': 'application/json', + } + ) + + log.debug('NOVA API IMAGES: %s', images.json()) + diff --git a/resources/nova_compute_libvirt_puppet/README.md b/resources/nova_compute_libvirt_puppet/README.md new file mode 100644 index 00000000..12a5928e --- /dev/null +++ b/resources/nova_compute_libvirt_puppet/README.md @@ -0,0 +1,84 @@ +# Nova compute libvirt resource for puppet handler + +Install and manage nova-compute guests managed by libvirt. +Cannot be used separately from nova compute resource and +should share the same node. +Libvirt service name defaults are given for Debian OS family. + +# Parameters + +source https://github.com/openstack/puppet-nova_compute_libvirt/blob/5.1.0/manifests/compute/libvirt.pp + + ``libvirt_virt_type`` + (optional) Libvirt domain type. Options are: kvm, lxc, qemu, uml, xen + Replaces libvirt_type + Defaults to 'kvm' + + ``vncserver_listen`` + (optional) IP address on which instance vncservers should listen + Defaults to '127.0.0.1' + + ``migration_support`` + (optional) Whether to support virtual machine migration + Defaults to false + + ``libvirt_cpu_mode`` + (optional) The libvirt CPU mode to configure. Possible values + include custom, host-model, none, host-passthrough. + Defaults to 'host-model' if libvirt_virt_type is set to either + kvm or qemu, otherwise defaults to 'none'. + + ``libvirt_disk_cachemodes`` + (optional) A list of cachemodes for different disk types, e.g. + ["file=directsync", "block=none"] + If an empty list is specified, the disk_cachemodes directive + will be removed from nova.conf completely. + Defaults to an empty list + + ``libvirt_inject_password`` + (optional) Inject the admin password at boot time, without an agent. + Defaults to false + + ``libvirt_inject_key`` + (optional) Inject the ssh public key at boot time. + Defaults to false + + ``libvirt_inject_partition`` + (optional) The partition to inject to : -2 => disable, -1 => inspect + (libguestfs only), 0 => not partitioned, >0 => partition + number (integer value) + Defaults to -2 + + ``remove_unused_base_images`` + (optional) Should unused base images be removed? + If undef is specified, remove the line in nova.conf + otherwise, use a boolean to remove or not the base images. + Defaults to undef + + ``remove_unused_kernels`` + (optional) Should unused kernel images be removed? + This is only safe to enable if all compute nodes + have been updated to support this option. + If undef is specified, remove the line in nova.conf + otherwise, use a boolean to remove or not the kernels. + Defaults to undef + + ``remove_unused_resized_minimum_age_seconds`` + (optional) Unused resized base images younger + than this will not be removed + If undef is specified, remove the line in nova.conf + otherwise, use a integer or a string to define after + how many seconds it will be removed. + Defaults to undef + + ``remove_unused_original_minimum_age_seconds`` + (optional) Unused unresized base images younger + than this will not be removed + If undef is specified, remove the line in nova.conf + otherwise, use a integer or a string to define after + how many seconds it will be removed. + Defaults to undef + + ``libvirt_service_name`` + (optional) libvirt service name. + Defaults to $::nova::params::libvirt_service_name diff --git a/resources/nova_compute_libvirt_puppet/actions/remove.pp b/resources/nova_compute_libvirt_puppet/actions/remove.pp new file mode 100644 index 00000000..b575edb8 --- /dev/null +++ b/resources/nova_compute_libvirt_puppet/actions/remove.pp @@ -0,0 +1 @@ +notify { 'Remove action is not supported upstream': } \ No newline at end of file diff --git a/resources/nova_compute_libvirt_puppet/actions/run.pp b/resources/nova_compute_libvirt_puppet/actions/run.pp new file mode 100644 index 00000000..a33a7761 --- /dev/null +++ b/resources/nova_compute_libvirt_puppet/actions/run.pp @@ -0,0 +1,56 @@ +$resource = hiera($::resource_name) + +$libvirt_virt_type = $resource['input']['libvirt_virt_type']['value'] +$vncserver_listen = $resource['input']['vncserver_listen']['value'] +$migration_support = $resource['input']['migration_support']['value'] +$libvirt_cpu_mode = $resource['input']['libvirt_cpu_mode']['value'] +$libvirt_disk_cachemodes = $resource['input']['libvirt_disk_cachemodes']['value'] +$libvirt_inject_password = $resource['input']['libvirt_inject_password']['value'] +$libvirt_inject_key = $resource['input']['libvirt_inject_key']['value'] +$libvirt_inject_partition = $resource['input']['libvirt_inject_partition']['value'] +$remove_unused_base_images = $resource['input']['remove_unused_base_images']['value'] +$remove_unused_kernels = $resource['input']['remove_unused_kernels']['value'] +$remove_unused_resized_minimum_age_seconds = $resource['input']['remove_unused_resized_minimum_age_seconds']['value'] +$remove_unused_original_minimum_age_seconds = $resource['input']['remove_unused_original_minimum_age_seconds']['value'] +$libvirt_service_name = $resource['input']['libvirt_service_name']['value'] +$libvirt_type = $resource['input']['libvirt_type']['value'] + +class { 'nova::compute::libvirt': + libvirt_virt_type => $libvirt_virt_type, + vncserver_listen => $vncserver_listen, + migration_support => $migration_support, + libvirt_cpu_mode => $libvirt_cpu_mode, + libvirt_disk_cachemodes => $libvirt_disk_cachemodes, + libvirt_inject_password => $libvirt_inject_password, + libvirt_inject_key => $libvirt_inject_key, + libvirt_inject_partition => $libvirt_inject_partition, + remove_unused_base_images => $remove_unused_base_images, + remove_unused_kernels => $remove_unused_kernels, + remove_unused_resized_minimum_age_seconds => $remove_unused_resized_minimum_age_seconds, + remove_unused_original_minimum_age_seconds => $remove_unused_original_minimum_age_seconds, + libvirt_service_name => $libvirt_service_name, + libvirt_type => $libvirt_type, +} + +#exec { 'networking-refresh': +# command => '/sbin/ifdown -a ; /sbin/ifup -a', +#} + +#exec { 'post-nova_config': +# command => '/bin/echo "Nova config has changed"', +#} + +include nova::params + +service { 'nova-compute': + name => $::nova::params::compute_service_name, +} + +package { 'nova-compute': + name => $::nova::params::compute_package_name, +} + +package { 'nova-common': + name => $nova::params::common_package_name, + ensure => $ensure_package, +} diff --git a/resources/nova_compute_libvirt_puppet/meta.yaml b/resources/nova_compute_libvirt_puppet/meta.yaml new file mode 100644 index 00000000..632787d8 --- /dev/null +++ b/resources/nova_compute_libvirt_puppet/meta.yaml @@ -0,0 +1,63 @@ +id: nova_compute_libvirt +handler: puppet +puppet_module: nova +version: 1.0.0 +input: + libvirt_virt_type: + schema: str + value: 'kvm' + vncserver_listen: + schema: str + value: '127.0.0.1' + migration_support: + schema: bool + value: false + libvirt_cpu_mode: + schema: str + value: '' + libvirt_disk_cachemodes: + schema: [str] + value: [] + libvirt_inject_password: + schema: bool + value: false + libvirt_inject_key: + schema: bool + value: false + libvirt_inject_partition: + schema: str + value: '-2' + remove_unused_base_images: + schema: str + value: '' + remove_unused_kernels: + schema: str + value: '' + remove_unused_resized_minimum_age_seconds: + schema: str + value: '' + remove_unused_original_minimum_age_seconds: + schema: str + value: '' + libvirt_service_name: + schema: str + value: 'libvirt-bin' + libvirt_type: + schema: bool + value: false + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'} + + ip: + schema: str! + value: + ssh_key: + schema: str! + value: + ssh_user: + schema: str! + value: + +tags: [resource/nova_compute_libvirt_service, resources/nova_compute_libvirt, resources/nova_compute, resources/nova] diff --git a/resources/nova_compute_puppet/README.md b/resources/nova_compute_puppet/README.md new file mode 100644 index 00000000..8cecc3ec --- /dev/null +++ b/resources/nova_compute_puppet/README.md @@ -0,0 +1,105 @@ +# Nova compute resource for puppet handler + +Setup and configure the Nova compute service. + +# Parameters + +source https://github.com/openstack/puppet-nova_compute/blob/5.1.0/manifests/compute.pp + + ``enabled`` + (optional) Whether to enable the nova-compute service + Defaults to false + + ``manage_service`` + (optional) Whether to start/stop the service + Defaults to true + + ``ensure_package`` + (optional) The state for the nova-compute package + Defaults to 'present' + + ``vnc_enabled`` + (optional) Whether to use a VNC proxy + Defaults to true + + ``vncserver_proxyclient_address`` + (optional) The IP address of the server running the VNC proxy client + Defaults to '127.0.0.1' + + ``vncproxy_host`` + (optional) The host of the VNC proxy server + Defaults to false + + ``vncproxy_protocol`` + (optional) The protocol to communicate with the VNC proxy server + Defaults to 'http' + + ``vncproxy_port`` + (optional) The port to communicate with the VNC proxy server + Defaults to '6080' + + ``vncproxy_path`` + (optional) The path at the end of the uri for communication with the VNC proxy server + Defaults to '/vnc_auto.html' + + ``vnc_keymap`` + (optional) The keymap to use with VNC (ls -alh /usr/share/qemu/keymaps to list available keymaps) + Defaults to 'en-us' + + ``force_config_drive`` + (optional) Whether to force the config drive to be attached to all VMs + Defaults to false + + ``virtio_nic`` + (optional) Whether to use virtio for the nic driver of VMs + Defaults to false + + ``neutron_enabled`` + (optional) Whether to use Neutron for networking of VMs + Defaults to true + + ``network_device_mtu`` + (optional) The MTU size for the interfaces managed by nova + Defaults to undef + + ``instance_usage_audit`` + (optional) Generate periodic compute.instance.exists notifications. + Defaults to false + + ``instance_usage_audit_period`` + (optional) Time period to generate instance usages for. + Time period must be hour, day, month or year + Defaults to 'month' + + ``force_raw_images`` + (optional) Force backing images to raw format. + Defaults to true + + ``reserved_host_memory`` + Reserved host memory + The amount of memory in MB reserved for the host. + Defaults to '512' + + ``compute_manager`` + Compute manager + The driver that will manage the running instances. + Defaults to nova.compute.manager.ComputeManager + + ``pci_passthrough_whitelist`` + (optional) Pci passthrough hash in format of: + Defaults to undef + Example + "[ { 'vendor_id':'1234','product_id':'5678' }, + { 'vendor_id':'4321','product_id':'8765','physical_network':'default' } ] " + + ``default_availability_zone`` + (optional) Default compute node availability zone. + Defaults to nova + + ``default_schedule_zone`` + (optional) Availability zone to use when user doesn't specify one. + Defaults to undef + + ``internal_service_availability_zone`` + (optional) The availability zone to show internal services under. + Defaults to internal diff --git a/resources/nova_compute_puppet/actions/remove.pp b/resources/nova_compute_puppet/actions/remove.pp new file mode 100644 index 00000000..a8a07fb0 --- /dev/null +++ b/resources/nova_compute_puppet/actions/remove.pp @@ -0,0 +1,20 @@ +class { 'nova::compute': + ensure_package => 'absent', + enabled => false, +} + +include nova::params + +exec { 'post-nova_config': + command => '/bin/echo "Nova config has changed"', + refreshonly => true, +} + +exec { 'networking-refresh': + command => '/sbin/ifdown -a ; /sbin/ifup -a', +} + +package { 'nova-common': + name => $nova::params::common_package_name, + ensure => 'absent', +} \ No newline at end of file diff --git a/resources/nova_compute_puppet/actions/run.pp b/resources/nova_compute_puppet/actions/run.pp new file mode 100644 index 00000000..8c33baa1 --- /dev/null +++ b/resources/nova_compute_puppet/actions/run.pp @@ -0,0 +1,64 @@ +$resource = hiera($::resource_name) + +$ensure_package = $resource['input']['ensure_package']['value'] +$vnc_enabled = $resource['input']['vnc_enabled']['value'] +$vncserver_proxyclient_address = $resource['input']['vncserver_proxyclient_address']['value'] +$vncproxy_host = $resource['input']['vncproxy_host']['value'] +$vncproxy_protocol = $resource['input']['vncproxy_protocol']['value'] +$vncproxy_port = $resource['input']['vncproxy_port']['value'] +$vncproxy_path = $resource['input']['vncproxy_path']['value'] +$vnc_keymap = $resource['input']['vnc_keymap']['value'] +$force_config_drive = $resource['input']['force_config_drive']['value'] +$virtio_nic = $resource['input']['virtio_nic']['value'] +$neutron_enabled = $resource['input']['neutron_enabled']['value'] +$network_device_mtu = $resource['input']['network_device_mtu']['value'] +$instance_usage_audit = $resource['input']['instance_usage_audit']['value'] +$instance_usage_audit_period = $resource['input']['instance_usage_audit_period']['value'] +$force_raw_images = $resource['input']['force_raw_images']['value'] +$reserved_host_memory = $resource['input']['reserved_host_memory']['value'] +$compute_manager = $resource['input']['compute_manager']['value'] +$pci_passthrough = $resource['input']['pci_passthrough']['value'] +$default_availability_zone = $resource['input']['default_availability_zone']['value'] +$default_schedule_zone = $resource['input']['default_schedule_zone']['value'] +$internal_service_availability_zone = $resource['input']['internal_service_availability_zone']['value'] + +class { 'nova::compute': + enabled => true, + manage_service => true, + ensure_package => $ensure_package, + vnc_enabled => $vnc_enabled, + vncserver_proxyclient_address => $vncserver_proxyclient_address, + vncproxy_host => $vncproxy_host, + vncproxy_protocol => $vncproxy_protocol, + vncproxy_port => $vncproxy_port, + vncproxy_path => $vncproxy_path, + vnc_keymap => $vnc_keymap, + force_config_drive => $force_config_drive, + virtio_nic => $virtio_nic, + neutron_enabled => $neutron_enabled, + network_device_mtu => $network_device_mtu, + instance_usage_audit => $instance_usage_audit, + instance_usage_audit_period => $instance_usage_audit_period, + force_raw_images => $force_raw_images, + reserved_host_memory => $reserved_host_memory, + compute_manager => $compute_manager, + pci_passthrough => $pci_passthrough, + default_availability_zone => $default_availability_zone, + default_schedule_zone => $default_schedule_zone, + internal_service_availability_zone => $internal_service_availability_zone, +} + +exec { 'networking-refresh': + command => '/sbin/ifdown -a ; /sbin/ifup -a', +} + +exec { 'post-nova_config': + command => '/bin/echo "Nova config has changed"', +} + +include nova::params + +package { 'nova-common': + name => $nova::params::common_package_name, + ensure => $ensure_package, +} \ No newline at end of file diff --git a/resources/nova_compute_puppet/meta.yaml b/resources/nova_compute_puppet/meta.yaml new file mode 100644 index 00000000..0c448e11 --- /dev/null +++ b/resources/nova_compute_puppet/meta.yaml @@ -0,0 +1,84 @@ +id: nova_compute +handler: puppet +puppet_module: nova +version: 1.0.0 +input: + ensure_package: + schema: str + value: 'present' + vnc_enabled: + schema: bool + value: true + vncserver_proxyclient_address: + schema: str + value: '127.0.0.1' + vncproxy_host: + schema: str + value: '' + vncproxy_protocol: + schema: str + value: 'http' + vncproxy_port: + schema: int + value: 6080 + vncproxy_path: + schema: str + value: '/vnc_auto.html' + vnc_keymap: + schema: str + value: 'en-us' + force_config_drive: + schema: bool + value: false + virtio_nic: + schema: bool + value: false + neutron_enabled: + schema: bool + value: true + network_device_mtu: + schema: str + value: '' + instance_usage_audit: + schema: bool + value: false + instance_usage_audit_period: + schema: str + value: 'month' + force_raw_images: + schema: bool + value: true + reserved_host_memory: + schema: int + value: 512 + compute_manager: + schema: str + value: 'nova.compute.manager.ComputeManager' + pci_passthrough: + schema: str + value: '' + default_availability_zone: + schema: str + value: 'nova' + default_schedule_zone: + schema: str + value: '' + internal_service_availability_zone: + schema: str + value: 'internal' + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'} + + ip: + schema: str! + value: + ssh_key: + schema: str! + value: + ssh_user: + schema: str! + value: + +tags: [resource/nova_compute_service, resources/nova_compute, resources/nova] diff --git a/resources/nova_conductor_puppet/README.md b/resources/nova_conductor_puppet/README.md new file mode 100644 index 00000000..26a94d35 --- /dev/null +++ b/resources/nova_conductor_puppet/README.md @@ -0,0 +1,16 @@ +# Nova conductor resource for puppet handler + +Setup and configure the Nova conductor service. +Note, it [should not](http://docs.openstack.org/juno/config-reference/content/section_conductor.html) be deployed on compute nodes. + +# Parameters + +source https://github.com/openstack/puppet-nova_conductor/blob/5.1.0/manifests/conductor.pp + + ``ensure_package`` + (optional) The state of the nova conductor package + Defaults to 'present' + + ``workers`` + (optional) Number of workers for OpenStack Conductor service + Defaults to undef (i.e. parameter will not be present) \ No newline at end of file diff --git a/resources/nova_conductor_puppet/actions/remove.pp b/resources/nova_conductor_puppet/actions/remove.pp new file mode 100644 index 00000000..9c9fee76 --- /dev/null +++ b/resources/nova_conductor_puppet/actions/remove.pp @@ -0,0 +1,11 @@ +class { 'nova::conductor': + ensure_package => 'absent', + enabled => false, +} + +include nova::params + +package { 'nova-common': + name => $nova::params::common_package_name, + ensure => 'absent', +} \ No newline at end of file diff --git a/resources/nova_conductor_puppet/actions/run.pp b/resources/nova_conductor_puppet/actions/run.pp new file mode 100644 index 00000000..271fc179 --- /dev/null +++ b/resources/nova_conductor_puppet/actions/run.pp @@ -0,0 +1,22 @@ +$resource = hiera($::resource_name) + +$ensure_package = $resource['input']['ensure_package']['value'] +$workers = $resource['input']['workers']['value'] + +exec { 'post-nova_config': + command => '/bin/echo "Nova config has changed"', +} + +include nova::params + +package { 'nova-common': + name => $nova::params::common_package_name, + ensure => $ensure_package, +} + +class { 'nova::conductor': + enabled => true, + manage_service => true, + ensure_package => $ensure_package, + workers => $workers, +} \ No newline at end of file diff --git a/resources/nova_conductor_puppet/meta.yaml b/resources/nova_conductor_puppet/meta.yaml new file mode 100644 index 00000000..39b4c3f5 --- /dev/null +++ b/resources/nova_conductor_puppet/meta.yaml @@ -0,0 +1,27 @@ +id: nova_conductor +handler: puppet +puppet_module: nova +version: 1.0.0 +input: + ensure_package: + schema: str + value: 'present' + workers: + schema: int + value: 1 + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'} + + ip: + schema: str! + value: + ssh_key: + schema: str! + value: + ssh_user: + schema: str! + value: + +tags: [resource/nova_conductor_service, resources/nova_conductor, resources/nova] diff --git a/resources/nova_neutron_puppet/README.md b/resources/nova_neutron_puppet/README.md new file mode 100644 index 00000000..1824d2af --- /dev/null +++ b/resources/nova_neutron_puppet/README.md @@ -0,0 +1,109 @@ +# Nova neutron resource for puppet handler + +Setup and configure the Nova compute to use Neutron. +Note, it should only be deployed on compute nodes. +Also manage the network driver to use for compute guests +This will use virtio for VM guests and the specified driver for the VIF. + +# Parameters + +source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/compute/neutron.pp + + ``libvirt_vif_driver`` + (optional) The libvirt VIF driver to configure the VIFs. + Defaults to 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver'. + + ``force_snat_range`` + (optional) Force SNAT rule to specified network for nova-network + Default to 0.0.0.0/0 + Due to architecture constraints in nova_config, it's not possible to setup + more than one SNAT rule though initial parameter is MultiStrOpt + +source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/network/neutron.pp + + ``neutron_admin_password`` + (required) Password for connecting to Neutron network services in + admin context through the OpenStack Identity service. + + ``neutron_auth_strategy`` + (optional) Should be kept as default 'keystone' for all production deployments. + Defaults to 'keystone' + + ``neutron_url`` + (optional) URL for connecting to the Neutron networking service. + Defaults to 'http://127.0.0.1:9696' + + ``neutron_url_timeout`` + (optional) Timeout value for connecting to neutron in seconds. + Defaults to '30' + + ``neutron_admin_tenant_name`` + (optional) Tenant name for connecting to Neutron network services in + admin context through the OpenStack Identity service. + Defaults to 'services' + + ``neutron_default_tenant_id`` + (optional) Default tenant id when creating neutron networks + Defaults to 'default' + + ``neutron_region_name`` + (optional) Region name for connecting to neutron in admin context + through the OpenStack Identity service. + Defaults to 'RegionOne' + + ``neutron_admin_username`` + (optional) Username for connecting to Neutron network services in admin context + through the OpenStack Identity service. + Defaults to 'neutron' + + ``neutron_ovs_bridge`` + (optional) Name of Integration Bridge used by Open vSwitch + Defaults to 'br-int' + + ``neutron_extension_sync_interval`` + (optional) Number of seconds before querying neutron for extensions + Defaults to '600' + + ``neutron_ca_certificates_file`` + (optional) Location of ca certicates file to use for neutronclient requests. + Defaults to 'None' + + ``neutron_admin_auth_url`` + (optional) Points to the OpenStack Identity server IP and port. + This is the Identity (keystone) admin API server IP and port value, + and not the Identity service API IP and port. + Defaults to 'http://127.0.0.1:35357/v2.0' + + ``network_api_class`` + (optional) The full class name of the network API class. + The default configures Nova to use Neutron for the network API. + Defaults to 'nova.network.neutronv2.api.API' + + ``security_group_api`` + (optional) The full class name of the security API class. + The default configures Nova to use Neutron for security groups. + Set to 'nova' to use standard Nova security groups. + Defaults to 'neutron' + + ``firewall_driver`` + (optional) Firewall driver. + This prevents nova from maintaining a firewall so it does not interfere + with Neutron's. Set to 'nova.virt.firewall.IptablesFirewallDriver' + to re-enable the Nova firewall. + Defaults to 'nova.virt.firewall.NoopFirewallDriver' + + ``vif_plugging_is_fatal`` + (optional) Fail to boot instance if vif plugging fails. + This prevents nova from booting an instance if vif plugging notification + is not received from neutron. + Defaults to 'True' + + ``vif_plugging_timeout`` + (optional) Number of seconds to wait for neutron vif plugging events. + Set to '0' and vif_plugging_is_fatal to 'False' if vif plugging + notification is not being used. + Defaults to '300' + + ``dhcp_domain`` + (optional) domain to use for building the hostnames + Defaults to 'novalocal' \ No newline at end of file diff --git a/resources/nova_neutron_puppet/actions/remove.pp b/resources/nova_neutron_puppet/actions/remove.pp new file mode 100644 index 00000000..cfb90903 --- /dev/null +++ b/resources/nova_neutron_puppet/actions/remove.pp @@ -0,0 +1 @@ +notify { "Nothing to remove here": } \ No newline at end of file diff --git a/resources/nova_neutron_puppet/actions/run.pp b/resources/nova_neutron_puppet/actions/run.pp new file mode 100644 index 00000000..173f13da --- /dev/null +++ b/resources/nova_neutron_puppet/actions/run.pp @@ -0,0 +1,49 @@ +$resource = hiera($::resource_name) + +$libvirt_vif_driver = $resource['input']['libvirt_vif_driver']['value'] +$force_snat_range = $resource['input']['force_snat_range']['value'] +$neutron_admin_password = $resource['input']['neutron_admin_password']['value'] +$neutron_auth_strategy = $resource['input']['neutron_auth_strategy']['value'] +$neutron_url = $resource['input']['neutron_url']['value'] +$neutron_url_timeout = $resource['input']['neutron_url_timeout']['value'] +$neutron_admin_tenant_name = $resource['input']['neutron_admin_tenant_name']['value'] +$neutron_default_tenant_id = $resource['input']['neutron_default_tenant_id']['value'] +$neutron_region_name = $resource['input']['neutron_region_name']['value'] +$neutron_admin_username = $resource['input']['neutron_admin_username']['value'] +$neutron_admin_auth_url = $resource['input']['neutron_admin_auth_url']['value'] +$neutron_ovs_bridge = $resource['input']['neutron_ovs_bridge']['value'] +$neutron_extension_sync_interval = $resource['input']['neutron_extension_sync_interval']['value'] +$neutron_ca_certificates_file = $resource['input']['neutron_ca_certificates_file']['value'] +$network_api_class = $resource['input']['network_api_class']['value'] +$security_group_api = $resource['input']['security_group_api']['value'] +$firewall_driver = $resource['input']['firewall_driver']['value'] +$vif_plugging_is_fatal = $resource['input']['vif_plugging_is_fatal']['value'] +$vif_plugging_timeout = $resource['input']['vif_plugging_timeout']['value'] +$dhcp_domain = $resource['input']['dhcp_domain']['value'] + + +class { 'nova::compute::neutron': + libvirt_vif_driver => $libvirt_vif_driver, + force_snat_range => $force_snat_range, +} + +class { 'nova::network::neutron': + neutron_admin_password => $neutron_admin_password, + neutron_auth_strategy => $neutron_auth_strategy, + neutron_url => $neutron_url, + neutron_url_timeout => $neutron_url_timeout, + neutron_admin_tenant_name => $neutron_admin_tenant_name, + neutron_default_tenant_id => $neutron_default_tenant_id, + neutron_region_name => $neutron_region_name, + neutron_admin_username => $neutron_admin_username, + neutron_admin_auth_url => $neutron_admin_auth_url, + neutron_ovs_bridge => $neutron_ovs_bridge, + neutron_extension_sync_interval => $neutron_extension_sync_interval, + neutron_ca_certificates_file => $neutron_ca_certificates_file, + network_api_class => $network_api_class, + security_group_api => $security_group_api, + firewall_driver => $firewall_driver, + vif_plugging_is_fatal => $vif_plugging_is_fatal, + vif_plugging_timeout => $vif_plugging_timeout, + dhcp_domain => $dhcp_domain, +} diff --git a/resources/nova_neutron_puppet/meta.yaml b/resources/nova_neutron_puppet/meta.yaml new file mode 100644 index 00000000..39a44b19 --- /dev/null +++ b/resources/nova_neutron_puppet/meta.yaml @@ -0,0 +1,81 @@ +id: nova_neutron +handler: puppet +puppet_module: nova +version: 1.0.0 +input: + libvirt_vif_driver: + schema: str + value: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' + force_snat_range: + schema: str + value: '0.0.0.0/0' + neutron_admin_password: + schema: str + value: 'neutron' + neutron_auth_strategy: + schema: str + value: 'keystone' + neutron_url: + schema: str + value: 'http://127.0.0.1:9696' + neutron_url_timeout: + schema: int + value: 30 + neutron_admin_tenant_name: + schema: str + value: 'services' + neutron_default_tenant_id: + schema: str + value: 'default' + neutron_region_name: + schema: str + value: 'RegionOne' + neutron_admin_username: + schema: str + value: 'neutron' + neutron_admin_auth_url: + schema: str + value: 'http://127.0.0.1:35357/v2.0' + neutron_ovs_bridge: + schema: str + value: 'br-int' + neutron_extension_sync_interval: + schema: int + value: 600 + neutron_ca_certificates_file: + schema: str + value: '' + network_api_class: + schema: str + value: 'nova.network.neutronv2.api.API' + security_group_api: + schema: str + value: 'neutron' + firewall_driver: + schema: str + value: 'nova.virt.firewall.NoopFirewallDriver' + vif_plugging_is_fatal: + schema: bool + value: true + vif_plugging_timeout: + schema: int + value: 300 + dhcp_domain: + schema: str + value: 'novalocal' + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'} + + ip: + schema: str! + value: + ssh_key: + schema: str! + value: + ssh_user: + schema: str! + value: + +tags: [resource/nova_neutron_service, resources/nova_neutron, resources/nova_compute, resources/nova] diff --git a/resources/nova_puppet/README.md b/resources/nova_puppet/README.md new file mode 100644 index 00000000..ad41226a --- /dev/null +++ b/resources/nova_puppet/README.md @@ -0,0 +1,275 @@ +# Nova resource for puppet handler + +Controls a live cycle of the nova entities, +like the main puppet class, auth, DB, AMQP, packages, +keystone user, role and endpoint. + +# Parameters + +source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/init.pp + + ``ensure_package`` + (optional) The state of nova packages + Defaults to 'present' + + ``nova_cluster_id`` + (optional) Deprecated. This parameter does nothing and will be removed. + Defaults to 'localcluster' + + ``sql_connection`` + (optional) Deprecated. Use database_connection instead. + Defaults to false + + ``sql_idle_timeout`` + (optional) Deprecated. Use database_idle_timeout instead + Defaults to false + + ``database_connection`` + (optional) Connection url to connect to nova database. + Defaults to false + + ``slave_connection`` + (optional) Connection url to connect to nova slave database (read-only). + Defaults to false + + ``database_idle_timeout`` + (optional) Timeout before idle db connections are reaped. + Defaults to 3600 + + ``rpc_backend`` + (optional) The rpc backend implementation to use, can be: + rabbit (for rabbitmq) + qpid (for qpid) + zmq (for zeromq) + Defaults to 'rabbit' + + ``image_service`` + (optional) Service used to search for and retrieve images. + Defaults to 'nova.image.local.LocalImageService' + + ``glance_api_servers`` + (optional) List of addresses for api servers. + Defaults to 'localhost:9292' + + ``memcached_servers`` + (optional) Use memcached instead of in-process cache. Supply a list of memcached server IP's:Memcached Port. + Defaults to false + + ``rabbit_host`` + (optional) Location of rabbitmq installation. + Defaults to 'localhost' + + ``rabbit_hosts`` + (optional) List of clustered rabbit servers. + Defaults to false + + ``rabbit_port`` + (optional) Port for rabbitmq instance. + Defaults to '5672' + + ``rabbit_password`` + (optional) Password used to connect to rabbitmq. + Defaults to 'guest' + + ``rabbit_userid`` + (optional) User used to connect to rabbitmq. + Defaults to 'guest' + + ``rabbit_virtual_host`` + (optional) The RabbitMQ virtual host. + Defaults to '/' + + ``rabbit_use_ssl`` + (optional) Connect over SSL for RabbitMQ + Defaults to false + + ``kombu_ssl_ca_certs`` + (optional) SSL certification authority file (valid only if SSL enabled). + Defaults to undef + + ``kombu_ssl_certfile`` + (optional) SSL cert file (valid only if SSL enabled). + Defaults to undef + + ``kombu_ssl_keyfile`` + (optional) SSL key file (valid only if SSL enabled). + Defaults to undef + + ``kombu_ssl_version`` + (optional) SSL version to use (valid only if SSL enabled). + Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be + available on some distributions. + Defaults to 'TLSv1' + + ``amqp_durable_queues`` + (optional) Define queues as "durable" to rabbitmq. + Defaults to false + + ``qpid_hostname`` + (optional) Location of qpid server + Defaults to 'localhost' + + ``qpid_port`` + (optional) Port for qpid server + Defaults to '5672' + + ``qpid_username`` + (optional) Username to use when connecting to qpid + Defaults to 'guest' + + ``qpid_password`` + (optional) Password to use when connecting to qpid + Defaults to 'guest' + + ``qpid_heartbeat`` + (optional) Seconds between connection keepalive heartbeats + Defaults to 60 + + ``qpid_protocol`` + (optional) Transport to use, either 'tcp' or 'ssl'' + Defaults to 'tcp' + + ``qpid_sasl_mechanisms`` + (optional) Enable one or more SASL mechanisms + Defaults to false + + ``qpid_tcp_nodelay`` + (optional) Disable Nagle algorithm + Defaults to true + + ``service_down_time`` + (optional) Maximum time since last check-in for up service. + Defaults to 60 + + ``logdir`` + (optional) Deprecated. Use log_dir instead. + Defaults to false + + ``log_dir`` + (optional) Directory where logs should be stored. + If set to boolean false, it will not log to any directory. + Defaults to '/var/log/nova' + + ``state_path`` + (optional) Directory for storing state. + Defaults to '/var/lib/nova' + + ``lock_path`` + (optional) Directory for lock files. + On RHEL will be '/var/lib/nova/tmp' and on Debian '/var/lock/nova' + Defaults to $::nova::params::lock_path + + ``verbose`` + (optional) Set log output to verbose output. + Defaults to false + + ``periodic_interval`` + (optional) Seconds between running periodic tasks. + Defaults to '60' + + ``report_interval`` + (optional) Interval at which nodes report to data store. + Defaults to '10' + + ``monitoring_notifications`` + (optional) Whether or not to send system usage data notifications out on the message queue. Only valid for stable/essex. + Defaults to false + + ``use_syslog`` + (optional) Use syslog for logging + Defaults to false + + ``log_facility`` + (optional) Syslog facility to receive log lines. + Defaults to 'LOG_USER' + + ``use_ssl`` + (optional) Enable SSL on the API server + Defaults to false, not set + + ``enabled_ssl_apis`` + (optional) List of APIs to SSL enable + Defaults to [] + Possible values : 'ec2', 'osapi_compute', 'metadata' + + ``cert_file`` + (optinal) Certificate file to use when starting API server securely + Defaults to false, not set + + ``key_file`` + (optional) Private key file to use when starting API server securely + Defaults to false, not set + + ``ca_file`` + (optional) CA certificate file to use to verify connecting clients + Defaults to false, not set_ + + ``nova_user_id`` + (optional) Create the nova user with the specified gid. + Changing to a new uid after specifying a different uid previously, + or using this option after the nova account already exists will break + the ownership of all files/dirs owned by nova. It is strongly encouraged + not to use this option and instead create user before nova class or + for network shares create netgroup into which you'll put nova on all the + nodes. If undef no user will be created and user creation will standardly + happen in nova-common package. + Defaults to undef. + + ``nova_group_id`` + (optional) Create the nova user with the specified gid. + Changing to a new uid after specifying a different uid previously, + or using this option after the nova account already exists will break + the ownership of all files/dirs owned by nova. It is strongly encouraged + not to use this option and instead create group before nova class or for + network shares create netgroup into which you'll put nova on all the + nodes. If undef no user or group will be created and creation will + happen in nova-common package. + Defaults to undef. + + ``nova_public_key`` + (optional) Install public key in .ssh/authorized_keys for the 'nova' user. + Expects a hash of the form { type => 'key-type', key => 'key-data' } where + 'key-type' is one of (ssh-rsa, ssh-dsa, ssh-ecdsa) and 'key-data' is the + actual key data (e.g, 'AAAA...'). + + ``nova_private_key`` + (optional) Install private key into .ssh/id_rsa (or appropriate equivalent + for key type). Expects a hash of the form { type => 'key-type', key => + 'key-data' }, where 'key-type' is one of (ssh-rsa, ssh-dsa, ssh-ecdsa) and + 'key-data' is the contents of the private key file. + + ``nova_shell`` + (optional) Set shell for 'nova' user to the specified value. + Defaults to '/bin/false'. + + ``mysql_module`` + (optional) Deprecated. Does nothing. + + ``notification_driver`` + (optional) Driver or drivers to handle sending notifications. + Value can be a string or a list. + Defaults to [] + + ``notification_topics`` + (optional) AMQP topic used for OpenStack notifications + Defaults to 'notifications' + + ``notify_api_faults`` + (optional) If set, send api.fault notifications on caught + exceptions in the API service + Defaults to false + + ``notify_on_state_change`` + (optional) If set, send compute.instance.update notifications + on instance state changes. Valid values are None for no notifications, + "vm_state" for notifications on VM state changes, or "vm_and_task_state" + for notifications on VM and task state changes. + Defaults to undef + + ``os_region_name`` + (optional) Sets the os_region_name flag. For environments with + more than one endpoint per service, this is required to make + things such as cinder volume attach work. If you don't set this + and you have multiple endpoints, you will get AmbiguousEndpoint + exceptions in the nova API service. + Defaults to undef \ No newline at end of file diff --git a/resources/nova_puppet/actions/remove.pp b/resources/nova_puppet/actions/remove.pp new file mode 100644 index 00000000..764ff454 --- /dev/null +++ b/resources/nova_puppet/actions/remove.pp @@ -0,0 +1,4 @@ +class { 'nova': + ensure_package => 'absent', + rabbit_password => 'not important as removed', +} diff --git a/resources/nova_puppet/actions/run.pp b/resources/nova_puppet/actions/run.pp new file mode 100644 index 00000000..81a59824 --- /dev/null +++ b/resources/nova_puppet/actions/run.pp @@ -0,0 +1,137 @@ +$resource = hiera($::resource_name) + +$db_user = $resource['input']['db_user']['value'] +$db_password = $resource['input']['db_password']['value'] +$db_name = $resource['input']['db_name']['value'] +$db_host = $resource['input']['db_host']['value'] +$glance_api_servers_host = $resource['input']['glance_api_servers_host']['value'] +$glance_api_servers_port = $resource['input']['glance_api_servers_port']['value'] + +$ensure_package = $resource['input']['ensure_package']['value'] +$database_connection = $resource['input']['database_connection']['value'] +$slave_connection = $resource['input']['slave_connection']['value'] +$database_idle_timeout = $resource['input']['database_idle_timeout']['value'] +$rpc_backend = $resource['input']['rpc_backend']['value'] +$image_service = $resource['input']['image_service']['value'] +$glance_api_servers = $resource['input']['glance_api_servers']['value'] +$memcached_servers = $resource['input']['memcached_servers']['value'] +$rabbit_host = $resource['input']['rabbit_host']['value'] +$rabbit_hosts = $resource['input']['rabbit_hosts']['value'] +$rabbit_password = $resource['input']['rabbit_password']['value'] +$rabbit_port = $resource['input']['rabbit_port']['value'] +$rabbit_userid = $resource['input']['rabbit_userid']['value'] +$rabbit_virtual_host = $resource['input']['rabbit_virtual_host']['value'] +$rabbit_use_ssl = $resource['input']['rabbit_use_ssl']['value'] +$rabbit_ha_queues = $resource['input']['rabbit_ha_queues']['value'] +$kombu_ssl_ca_certs = $resource['input']['kombu_ssl_ca_certs']['value'] +$kombu_ssl_certfile = $resource['input']['kombu_ssl_certfile']['value'] +$kombu_ssl_keyfile = $resource['input']['kombu_ssl_keyfile']['value'] +$kombu_ssl_version = $resource['input']['kombu_ssl_version']['value'] +$amqp_durable_queues = $resource['input']['amqp_durable_queues']['value'] +$qpid_hostname = $resource['input']['qpid_hostname']['value'] +$qpid_port = $resource['input']['qpid_port']['value'] +$qpid_username = $resource['input']['qpid_username']['value'] +$qpid_password = $resource['input']['qpid_password']['value'] +$qpid_sasl_mechanisms = $resource['input']['qpid_sasl_mechanisms']['value'] +$qpid_heartbeat = $resource['input']['qpid_heartbeat']['value'] +$qpid_protocol = $resource['input']['qpid_protocol']['value'] +$qpid_tcp_nodelay = $resource['input']['qpid_tcp_nodelay']['value'] +$auth_strategy = $resource['input']['auth_strategy']['value'] +$service_down_time = $resource['input']['service_down_time']['value'] +$log_dir = $resource['input']['log_dir']['value'] +$state_path = $resource['input']['state_path']['value'] +$lock_path = $resource['input']['lock_path']['value'] +$verbose = $resource['input']['verbose']['value'] +$debug = $resource['input']['debug']['value'] +$periodic_interval = $resource['input']['periodic_interval']['value'] +$report_interval = $resource['input']['report_interval']['value'] +$rootwrap_config = $resource['input']['rootwrap_config']['value'] +$use_ssl = $resource['input']['use_ssl']['value'] +$enabled_ssl_apis = $resource['input']['enabled_ssl_apis']['value'] +$ca_file = $resource['input']['ca_file']['value'] +$cert_file = $resource['input']['cert_file']['value'] +$key_file = $resource['input']['key_file']['value'] +$nova_user_id = $resource['input']['nova_user_id']['value'] +$nova_group_id = $resource['input']['nova_group_id']['value'] +$nova_public_key = $resource['input']['nova_public_key']['value'] +$nova_private_key = $resource['input']['nova_private_key']['value'] +$nova_shell = $resource['input']['nova_shell']['value'] +$monitoring_notifications = $resource['input']['monitoring_notifications']['value'] +$use_syslog = $resource['input']['use_syslog']['value'] +$log_facility = $resource['input']['log_facility']['value'] +$install_utilities = $resource['input']['install_utilities']['value'] +$notification_driver = $resource['input']['notification_driver']['value'] +$notification_topics = $resource['input']['notification_topics']['value'] +$notify_api_faults = $resource['input']['notify_api_faults']['value'] +$notify_on_state_change = $resource['input']['notify_on_state_change']['value'] +$mysql_module = $resource['input']['mysql_module']['value'] +$nova_cluster_id = $resource['input']['nova_cluster_id']['value'] +$sql_connection = $resource['input']['sql_connection']['value'] +$sql_idle_timeout = $resource['input']['sql_idle_timeout']['value'] +$logdir = $resource['input']['logdir']['value'] +$os_region_name = $resource['input']['os_region_name']['value'] + +class { 'nova': + database_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}?charset=utf8", + ensure_package => $ensure_package, + slave_connection => $slave_connection, + database_idle_timeout => $database_idle_timeout, + rpc_backend => $rpc_backend, + image_service => $image_service, + glance_api_servers => "${glance_api_servers_host}:${glance_api_servers_port}", + memcached_servers => $memcached_servers, + rabbit_host => $rabbit_host, + rabbit_hosts => $rabbit_hosts, + rabbit_password => $rabbit_password, + rabbit_port => $rabbit_port, + rabbit_userid => $rabbit_userid, + rabbit_virtual_host => $rabbit_virtual_host, + rabbit_use_ssl => $rabbit_use_ssl, + rabbit_ha_queues => $rabbit_ha_queues, + kombu_ssl_ca_certs => $kombu_ssl_ca_certs, + kombu_ssl_certfile => $kombu_ssl_certfile, + kombu_ssl_keyfile => $kombu_ssl_keyfile, + kombu_ssl_version => $kombu_ssl_version, + amqp_durable_queues => $amqp_durable_queues, + qpid_hostname => $qpid_hostname, + qpid_port => $qpid_port, + qpid_username => $qpid_username, + qpid_password => $qpid_password, + qpid_sasl_mechanisms => $qpid_sasl_mechanisms, + qpid_heartbeat => $qpid_heartbeat, + qpid_protocol => $qpid_protocol, + qpid_tcp_nodelay => $qpid_tcp_nodelay, + auth_strategy => $auth_strategy, + service_down_time => $service_down_time, + log_dir => $log_dir, + state_path => $state_path, + lock_path => $lock_path, + verbose => $verbose, + debug => $debug, + periodic_interval => $periodic_interval, + report_interval => $report_interval, + rootwrap_config => $rootwrap_config, + use_ssl => $use_ssl, + enabled_ssl_apis => $enabled_ssl_apis, + ca_file => $ca_file, + cert_file => $cert_file, + key_file => $key_file, + nova_user_id => $nova_user_id, + nova_group_id => $nova_group_id, + nova_public_key => $nova_public_key, + nova_private_key => $nova_private_key, + nova_shell => $nova_shell, + monitoring_notifications => $monitoring_notifications, + use_syslog => $use_syslog, + log_facility => $log_facility, + install_utilities => $install_utilities, + notification_driver => $notification_driver, + notification_topics => $notification_topics, + notify_api_faults => $notify_api_faults, + notify_on_state_change => $notify_on_state_change, + mysql_module => $mysql_module, + nova_cluster_id => $nova_cluster_id, + sql_idle_timeout => $sql_idle_timeout, + logdir => $logdir, + os_region_name => $os_region_name, +} diff --git a/resources/nova_puppet/meta.yaml b/resources/nova_puppet/meta.yaml new file mode 100644 index 00000000..37f26709 --- /dev/null +++ b/resources/nova_puppet/meta.yaml @@ -0,0 +1,250 @@ +id: nova +handler: puppet +puppet_module: nova +version: 1.0.0 +input: + ensure_package: + schema: str + value: 'present' + database_connection: + schema: str + value: '' + slave_connection: + schema: str + value: '' + database_idle_timeout: + schema: int + value: 3600 + rpc_backend: + schema: str + value: 'rabbit' + image_service: + schema: str + value: 'nova.image.glance.GlanceImageService' + glance_api_servers: + schema: str + value: 'localhost:9292' + memcached_servers: + schema: str + value: '' + rabbit_host: + schema: str + value: 'localhost' + rabbit_hosts: + schema: str + value: '' + rabbit_password: + schema: str! + value: 'guest' + rabbit_port: + schema: int + value: 5672 + rabbit_userid: + schema: str + value: 'guest' + rabbit_virtual_host: + schema: str + value: '/' + rabbit_use_ssl: + schema: bool + value: false + rabbit_ha_queues: + schema: str + value: '' + kombu_ssl_ca_certs: + schema: str + value: '' + kombu_ssl_certfile: + schema: str + value: '' + kombu_ssl_keyfile: + schema: str + value: '' + kombu_ssl_version: + schema: str + value: 'TLSv1' + amqp_durable_queues: + schema: bool + value: false + qpid_hostname: + schema: str + value: 'localhost' + qpid_port: + schema: int + value: 5672 + qpid_username: + schema: str + value: 'guest' + qpid_password: + schema: str! + value: 'guest' + qpid_sasl_mechanisms: + schema: bool + value: false + qpid_heartbeat: + schema: int + value: 60 + qpid_protocol: + schema: str + value: 'tcp' + qpid_tcp_nodelay: + schema: bool + value: true + auth_strategy: + schema: str + value: 'keystone' + service_down_time: + schema: int + value: 60 + log_dir: + schema: str + value: '/var/log/nova' + state_path: + schema: str + value: '/var/lib/nova' + lock_path: + schema: str + value: '/var/lock/nova' + verbose: + schema: bool + value: false + debug: + schema: bool + value: false + periodic_interval: + schema: int + value: 60 + report_interval: + schema: int + value: 10 + rootwrap_config: + schema: str + value: '/etc/nova/rootwrap.conf' + use_ssl: + schema: bool + value: false + enabled_ssl_apis: + schema: [str] + value: ['ec2', 'metadata', 'osapi_compute'] + ca_file: + schema: str + value: '' + cert_file: + schema: str + value: '' + key_file: + schema: str + value: '' + nova_user_id: + schema: str + value: '' + nova_group_id: + schema: str + value: '' + nova_public_key: + schema: str + value: '' + nova_private_key: + schema: str + value: '' + nova_shell: + schema: str + value: '/bin/false' + monitoring_notifications: + schema: bool + value: false + use_syslog: + schema: bool + value: false + log_facility: + schema: str + value: 'LOG_USER' + install_utilities: + schema: bool + value: true + notification_driver: + schema: [str] + value: [] + notification_topics: + schema: str + value: 'notifications' + notify_api_faults: + schema: bool + value: false + notify_on_state_change: + schema: str + value: '' + mysql_module: + schema: str + value: '' + nova_cluster_id: + schema: str + value: '' + sql_connection: + schema: str + value: '' + sql_idle_timeout: + schema: str + value: '' + logdir: + schema: str + value: '' + os_region_name: + schema: str + value: '' + + db_user: + schema: str! + value: nova + db_password: + schema: str! + value: + db_name: + schema: str! + value: + db_host: + schema: str! + value: + + keystone_password: + schema: str! + value: + keystone_port: + schema: int! + value: + keystone_host: + schema: str! + value: + keystone_tenant: + schema: str! + value: + keystone_user: + schema: str! + value: + + glance_api_servers_port: + schema: int + value: 9292 + glance_api_servers_host: + schema: 'str' + value: 'localhost' + + port: + schema: int! + value: 8774 + + git: + schema: {repository: str!, branch: str!} + value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'} + + ip: + schema: str! + value: + ssh_key: + schema: str! + value: + ssh_user: + schema: str! + value: + +tags: [resource/nova_service, resources/nova] diff --git a/solar/solar/core/validation.py b/solar/solar/core/validation.py index dee5cf11..e4efe4a0 100644 --- a/solar/solar/core/validation.py +++ b/solar/solar/core/validation.py @@ -192,4 +192,4 @@ def validate_token( log.debug('%s TOKEN: %s', user, token) - return token + return token, token_data.json() diff --git a/templates/nodes.yml b/templates/nodes.yml index 1aaa7784..fc0261df 100644 --- a/templates/nodes.yml +++ b/templates/nodes.yml @@ -1,4 +1,4 @@ -id: mariadb_service +id: simple_multinode resources: - id: node1 from: resources/ro_node @@ -6,3 +6,9 @@ resources: ip: '10.0.0.3' ssh_key: '/vagrant/.vagrant/machines/solar-dev1/virtualbox/private_key' ssh_user: 'vagrant' + - id: node2 + from: resources/ro_node + values: + ip: '10.0.0.4' + ssh_key: '/vagrant/.vagrant/machines/solar-dev2/virtualbox/private_key' + ssh_user: 'vagrant'