x/solar
Code Issues Proposed changes

Merge pull request #58 from Mirantis/bogdando/nova

Browse Source 
Bogdando/nova
This commit is contained in:
Bogdan Dobrelya 2015-08-04 10:06:22 +02:00
commit b1faa0f978
37 changed files with 1973 additions and 166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

144
example-puppet.py
View File

@ -37,8 +37,8 @@ def deploy():
signals.Connections.clear()
node1 = vr.create('nodes', 'templates/nodes.yml', {})[0]
node1, node2 = vr.create('nodes', 'templates/nodes.yml', {})
# MARIADB
mariadb_service1 = vr.create('mariadb_service1', 'resources/mariadb_service', {
'image': 'mariadb',
@ -279,7 +279,7 @@ def deploy():
signals.connect(cinder_puppet, cinder_volume_puppet)
# NOVA
nova_api = vr.create('nova_api', 'resources/nova_api_puppet', {})[0]
nova_puppet = vr.create('nova_puppet', 'resources/nova_puppet', {})[0]
nova_db = vr.create('nova_db', 'resources/mariadb_db/', {
'db_name': 'nova_db',
'login_user': 'root'})[0]
@ -298,12 +298,9 @@ def deploy():
'internalurl': 'http://{{internal_ip}}:{{internal_port}}/v2/%(tenant_id)s',
'publicurl': 'http://{{public_ip}}:{{public_port}}/v2/%(tenant_id)s',
'description': 'OpenStack Compute Service',
'type': 'compute',
'public_port': 8774,
'internal_port': 8774,
'admin_port': 8774})[0]
'type': 'compute'})[0]
signals.connect(node1, nova_api)
signals.connect(node1, nova_puppet)
signals.connect(node1, nova_db)
signals.connect(node1, nova_db_user)
signals.connect(mariadb_service1, nova_db, {
@ -314,41 +311,81 @@ def deploy():
signals.connect(mariadb_service1, nova_db_user, {
'port': 'login_port',
'root_password': 'login_password'})
signals.connect(admin_user, nova_puppet, {'user_name': 'keystone_user', 'user_password': 'keystone_password', 'tenant_name': 'keystone_tenant'}) #?
signals.connect(openstack_vhost, nova_puppet, {'vhost_name': 'rabbit_virtual_host'})
signals.connect(nova_db, nova_db_user, {'db_name', 'db_host'})
signals.connect(services_tenant, nova_keystone_user)
signals.connect(nova_keystone_user, nova_keystone_role)
signals.connect(keystone_puppet, nova_api, {
signals.connect(keystone_puppet, nova_puppet, {
'ip': 'keystone_host',
'admin_port': 'keystone_port'})
signals.connect(nova_keystone_user, nova_api, {
'user_name': 'keystone_user_name',
'tenant_name': 'keystone_tenant_name',
signals.connect(nova_keystone_user, nova_puppet, {
'user_name': 'keystone_user',
'tenant_name': 'keystone_tenant',
'user_password': 'keystone_password'})
signals.connect(rabbitmq_service1, nova_api, {
'ip': 'rabbitmq_host'})
signals.connect(openstack_rabbitmq_user, nova_api, {
'user_name': 'rabbitmq_user',
'password': 'rabbitmq_password'})
signals.connect(rabbitmq_service1, nova_puppet, {
'ip': 'rabbit_host', 'port': 'rabbit_port'})
signals.connect(openstack_rabbitmq_user, nova_puppet, {
'user_name': 'rabbit_userid',
'password': 'rabbit_password'})
signals.connect(keystone_puppet, nova_keystone_service_endpoint, {
'ip': 'keystone_host',
'admin_port': 'keystone_admin_port',
'admin_token': 'admin_token'})
signals.connect(mariadb_service1, nova_api, {
signals.connect(mariadb_service1, nova_puppet, {
'ip':'db_host'})
signals.connect(nova_db_user, nova_api, {
signals.connect(nova_db_user, nova_puppet, {
'user_name':'db_user',
'db_name':'db_name',
'user_password':'db_password',
'db_host' : 'db_host'})
signals.connect(nova_api, nova_keystone_service_endpoint, {
'ip': ['ip', 'public_ip', 'internal_ip', 'admin_ip'],
'ssh_key': 'ssh_key',
'ssh_user': 'ssh_user'})
signals.connect(nova_api, nova_keystone_service_endpoint, {
'ip': 'ip',
signals.connect(nova_puppet, nova_keystone_service_endpoint, {
'ip': ['ip', 'keystone_host', 'public_ip', 'internal_ip', 'admin_ip'],
'port': ['admin_port', 'internal_port', 'public_port'],
'ssh_key': 'ssh_key',
'ssh_user': 'ssh_user'})
# NOVA API
nova_api_puppet = vr.create('nova_api_puppet', 'resources/nova_api_puppet', {})[0]
signals.connect(node1, nova_api_puppet)
signals.connect(nova_puppet, nova_api_puppet, {
'keystone_tenant': 'admin_tenant_name',
'keystone_user': 'admin_user',
'keystone_password': 'admin_password',
'keystone_host': 'auth_host',
'keystone_port': 'auth_port'})
# NOVA CONDUCTOR
nova_conductor_puppet = vr.create('nova_conductor_puppet', 'resources/nova_conductor_puppet', {})[0]
signals.connect(node1, nova_conductor_puppet)
signals.connect(nova_puppet, nova_conductor_puppet)
# NOVA COMPUTE
# Deploy chain (nova, node_networking(TODO)) -> (nova_compute_libvirt, nova_neutron) -> nova_compute
nova_compute_puppet = vr.create('nova_compute_puppet', 'resources/nova_compute_puppet', {})[0]
# TODO (bogdando) figure out how to use it for multiple glance api servers
nova_puppet2 = vr.create('nova_puppet2', 'resources/nova_puppet', {
'glance_api_servers': '{{glance_api_servers_host}}:{{glance_api_servers_port}}'
})[0]
signals.connect(nova_puppet, nova_puppet2, {
'ensure_package', 'rabbit_host',
'rabbit_password', 'rabbit_port', 'rabbit_userid',
'rabbit_virtual_host', 'db_user', 'db_password',
'db_name', 'db_host', 'keystone_password',
'keystone_port', 'keystone_host', 'keystone_tenant',
'keystone_user',
})
# TODO(bogdando): Make a connection for nova_puppet2.glance_api_servers = "glance_api_puppet.ip:glance_api_puppet.bind_port"
signals.connect(node2, nova_puppet2)
signals.connect(node2, nova_compute_puppet)
# NOVA COMPUTE LIBVIRT, NOVA_NEUTRON
# NOTE(bogdando): changes nova config, so should notify nova compute service
nova_compute_libvirt_puppet = vr.create('nova_compute_libvirt_puppet', 'resources/nova_compute_libvirt_puppet', {})[0]
signals.connect(node2, nova_compute_libvirt_puppet)
nova_neutron_puppet = vr.create('nova_neutron_puppet', 'resources/nova_neutron_puppet', {})[0]
signals.connect(node2, nova_neutron_puppet)
# signals.connect(keystone_puppet, nova_network_puppet, {'ip': 'keystone_host', 'port': 'keystone_port'})
# signals.connect(keystone_puppet, nova_keystone_service_endpoint, {'ip': 'keystone_host', 'admin_port': 'keystone_port', 'admin_token': 'admin_token'})
# signals.connect(rabbitmq_service1, nova_network_puppet, {'ip': 'rabbitmq_host', 'port': 'rabbitmq_port'})
@ -420,6 +457,12 @@ def deploy():
'pipeline': 'keystone',
})
# Update glance_api_service for nova compute
signals.connect(glance_api_puppet, nova_puppet2, {
'ip': 'glance_api_servers_host',
'bind_port': 'glance_api_servers_port'
})
has_errors = False
for r in locals().values():
if not isinstance(r, resource.Resource):
@ -468,12 +511,20 @@ def deploy():
actions.resource_action(cinder_api_puppet, 'run')
actions.resource_action(cinder_scheduler_puppet, 'run')
actions.resource_action(cinder_volume_puppet, 'run')
actions.resource_action(nova_db, 'run')
actions.resource_action(nova_db_user, 'run')
actions.resource_action(nova_keystone_user, 'run')
actions.resource_action(nova_keystone_role, 'run')
actions.resource_action(nova_api, 'run')
actions.resource_action(nova_puppet, 'run')
actions.resource_action(nova_keystone_service_endpoint, 'run')
actions.resource_action(nova_api_puppet, 'run')
actions.resource_action(nova_conductor_puppet, 'run')
actions.resource_action(nova_puppet2, 'run')
actions.resource_action(nova_compute_libvirt_puppet, 'run')
actions.resource_action(nova_neutron_puppet, 'run')
actions.resource_action(nova_compute_puppet, 'run')
actions.resource_action(glance_db, 'run')
actions.resource_action(glance_db_user, 'run')
@ -483,8 +534,6 @@ def deploy():
actions.resource_action(glance_api_puppet, 'run')
actions.resource_action(glance_registry_puppet, 'run')
#actions.resource_action(glance, 'run')
time.sleep(10)
@ -503,7 +552,13 @@ def undeploy():
'nova_db',
'nova_db_user',
'nova_keystone_service_endpoint',
'nova_api',
'nova_conductor_puppet',
'nova_api_puppet',
'nova_puppet',
'nova_compute_puppet',
'nova_neutron_puppet',
'nova_compute_libvirt_puppet',
'nova_puppet2',
'cinder_volume_puppet',
'cinder_scheduler_puppet',
'cinder_api_puppet',
@ -541,37 +596,6 @@ def undeploy():
except errors.SolarError as e:
print 'WARNING: %s' % str(e)
#actions.resource_action(resources['nova_keystone_service_endpoint'], 'remove' )
# actions.resource_action(resources['nova_network_puppet'], 'remove' )
# actions.resource_action(resources['nova_keystone_role'], 'remove')
# actions.resource_action(resources['nova_keystone_user'], 'remove')
# actions.resource_action(resources['neutron_keystone_service_endpoint'], 'remove' )
# actions.resource_action(resources['neutron_puppet'], 'remove' )
# actions.resource_action(resources['cinder_puppet'], 'remove' )
# actions.resource_action(resources['cinder_keystone_role'], 'remove')
# actions.resource_action(resources['cinder_keystone_user'], 'remove')
# actions.resource_action(resources['neutron_keystone_role'], 'remove')
# actions.resource_action(resources['neutron_keystone_user'], 'remove')
# actions.resource_action(resources['services_tenant'], 'remove')
# actions.resource_action(resources['admin_role'], 'remove')
# actions.resource_action(resources['admin_user'], 'remove')
# actions.resource_action(resources['admin_tenant'], 'remove')
# actions.resource_action(resources['keystone_puppet'], 'remove')
# actions.resource_action(resources['keystone_db_user'], 'remove')
# actions.resource_action(resources['keystone_db'], 'remove')
# actions.resource_action(resources['mariadb_service1'], 'remove')
# actions.resource_action(resources['openstack_rabbitmq_user'], 'remove')
# actions.resource_action(resources['openstack_vhost'], 'remove')
# actions.resource_action(resources['rabbitmq_service1'], 'remove')
db.clear()
signals.Connections.clear()

2
resources/cinder_api_puppet/meta.yaml
View File

@ -1,6 +1,6 @@
id: cinder_api_puppet
handler: puppet
puppet_module: cinder_api
puppet_module: cinder
version: 1.0.0
input:
keystone_password:

4
resources/cinder_puppet/README.md
View File

@ -1,6 +1,6 @@
# Cinder resource for puppet handler
Controlls a live cycle of the cinder entities,
Controls a live cycle of the cinder entities,
like the main puppet class, auth, DB, AMQP, packages,
keystone user, role and endpoint.
@ -109,4 +109,4 @@ source https://github.com/openstack/puppet-cinder/blob/5.1.0/manifests/init.pp
``sql_connection``
DEPRECATED
``sql_idle_timeout``
DEPRECATED
DEPRECATED

2
resources/cinder_scheduler_puppet/meta.yaml
View File

@ -1,6 +1,6 @@
id: cinder_scheduler_puppet
handler: puppet
puppet_module: cinder_scheduler
puppet_module: cinder
version: 1.0.0
input:
scheduler_driver:

2
resources/cinder_volume_puppet/meta.yaml
View File

@ -1,6 +1,6 @@
id: cinder_volume_puppet
handler: puppet
puppet_module: cinder_volume
puppet_module: cinder
version: 1.0.0
input:
package_ensure:

2
resources/glance_api_service/test.py
View File

@ -9,7 +9,7 @@ def test(resource):
args = resource.args
token = validation.validate_token(
token, _ = validation.validate_token(
keystone_host=args['keystone_host'].value,
keystone_port=args['keystone_port'].value,
user='glance_admin',

2
resources/glance_puppet/README.md
View File

@ -1,6 +1,6 @@
# Glance (API) resource for puppet handler
Controlls a live cycle of the glance entities,
Controls a live cycle of the glance entities,
like the main puppet class, auth, DB, AMQP, packages,
keystone user, role and endpoint, API service. Also configures
glance file backend.

2
resources/glance_puppet/test.py
View File

@ -13,7 +13,7 @@ def test(resource):
args = resource.args
token = validation.validate_token(
token, _ = validation.validate_token(
keystone_host=args['keystone_host'].value,
keystone_port=args['keystone_port'].value,
user=args['keystone_user'].value,

2
resources/keystone_service_endpoint/test.py
View File

@ -12,7 +12,7 @@ def test(resource):
'http://%s:%s/v3/services' % (resource.args['ip'].value, resource.args['keystone_admin_port'].value),
headers={
'X-Auth-Token': resource.args['admin_token'].value,
}
}
)
resp_json = resp.json()

2
resources/keystone_user/test.py
View File

@ -9,7 +9,7 @@ def test(resource):
args = resource.args
token = validation.validate_token(
token, _ = validation.validate_token(
keystone_host=args['keystone_host'].value,
keystone_port=args['keystone_port'].value,
user=args['user_name'].value,

141
resources/nova_api_puppet/README.md Normal file
View File

@ -0,0 +1,141 @@
# Nova API resource for puppet handler
Setup and configure the Nova API service
# Parameters
source https://github.com/openstack/puppet-nova_api/blob/5.1.0/manifests/api.pp
``admin_password``
(required) The password to set for the nova admin user in keystone
``ensure_package``
(optional) Whether the nova api package will be installed
Defaults to 'present'
``auth_strategy``
(DEPRECATED) Does nothing and will be removed in Icehouse
Defaults to false
``auth_host``
(optional) The IP of the server running keystone
Defaults to '127.0.0.1'
``auth_port``
(optional) The port to use when authenticating against Keystone
Defaults to 35357
``auth_protocol``
(optional) The protocol to use when authenticating against Keystone
Defaults to 'http'
``auth_uri``
(optional) The uri of a Keystone service to authenticate against
Defaults to false
``auth_admin_prefix``
(optional) Prefix to prepend at the beginning of the keystone path
Defaults to false
``auth_version``
(optional) API version of the admin Identity API endpoint
for example, use 'v3.0' for the keystone version 3.0 api
Defaults to false
``admin_tenant_name``
(optional) The name of the tenant to create in keystone for use by the nova services
Defaults to 'services'
``admin_user``
(optional) The name of the user to create in keystone for use by the nova services
Defaults to 'nova'
``api_bind_address``
(optional) IP address for nova-api server to listen
Defaults to '0.0.0.0'
``metadata_listen``
(optional) IP address for metadata server to listen
Defaults to '0.0.0.0'
``enabled_apis``
(optional) A comma separated list of apis to enable
Defaults to 'ec2,osapi_compute,metadata'
``keystone_ec2_url``
(optional) The keystone url where nova should send requests for ec2tokens
Defaults to false
``volume_api_class``
(optional) The name of the class that nova will use to access volumes. Cinder is the only option.
Defaults to 'nova.volume.cinder.API'
``use_forwarded_for``
(optional) Treat X-Forwarded-For as the canonical remote address. Only
enable this if you have a sanitizing proxy.
Defaults to false
``osapi_compute_workers``
(optional) Number of workers for OpenStack API service
Defaults to $::processorcount
``ec2_workers``
(optional) Number of workers for EC2 service
Defaults to $::processorcount
``metadata_workers``
(optional) Number of workers for metadata service
Defaults to $::processorcount
``conductor_workers``
(optional) DEPRECATED. Use workers parameter of nova::conductor
Class instead.
Defaults to undef
``sync_db``
(optional) Run nova-manage db sync on api nodes after installing the package.
Defaults to true
``neutron_metadata_proxy_shared_secret``
(optional) Shared secret to validate proxies Neutron metadata requests
Defaults to undef
``pci_alias``
(optional) Pci passthrough for controller:
Defaults to undef
Example
"[ {'vendor_id':'1234', 'product_id':'5678', 'name':'default'}, {...} ]"
``ratelimits``
(optional) A string that is a semicolon-separated list of 5-tuples.
See http://docs.openstack.org/trunk/config-reference/content/configuring-compute-API.html
Example: '(POST, "*", .*, 10, MINUTE);(POST, "*/servers", ^/servers, 50, DAY);(PUT, "*", .*, 10, MINUTE)'
Defaults to undef
``ratelimits_factory``
(optional) The rate limiting factory to use
Defaults to 'nova.api.openstack.compute.limits:RateLimitingMiddleware.factory'
``osapi_v3``
(optional) Enable or not Nova API v3
Defaults to false
``validate``
(optional) Whether to validate the service is working after any service refreshes
Defaults to false
``validation_options``
(optional) Service validation options
Should be a hash of options defined in openstacklib::service_validation
If empty, defaults values are taken from openstacklib function.
Default command list nova flavors.
Require validate set at True.
Example:
nova::api::validation_options:
nova-api:
command: check_nova.py
path: /usr/bin:/bin:/usr/sbin:/sbin
provider: shell
tries: 5
try_sleep: 10
Defaults to {}

42
resources/nova_api_puppet/actions/remove.pp
View File

@ -1,29 +1,17 @@
$resource = hiera($::resource_name)
$rabbitmq_user = $resource['input']['rabbitmq_user']['value']
$rabbitmq_password = $resource['input']['rabbitmq_password']['value']
$rabbitmq_host = $resource['input']['rabbitmq_host']['value']
$db_user = $resource['input']['db_user']['value']
$db_password = $resource['input']['db_password']['value']
$db_name = $resource['input']['db_name']['value']
$db_host = $resource['input']['db_host']['value']
$keystone_password = $resource['input']['keystone_password']['value']
$keystone_host = $resource['input']['keystone_host']['value']
$keystone_port = $resource['input']['keystone_port']['value']
$keystone_tenant_name = $resource['input']['keystone_tenant_name']['value']
$keystone_user = $resource['input']['keystone_user_name']['value']
class { 'nova':
database_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}?charset=utf8",
rabbit_userid => $rabbitmq_user,
rabbit_password => $rabbitmq_password,
rabbit_host => $rabbitmq_host,
image_service => 'nova.image.glance.GlanceImageService',
glance_api_servers => 'localhost:9292',
verbose => false,
}
class { 'nova::api':
admin_password => $keystone_password,
ensure_package => 'absent'
ensure_package => 'absent',
enabled => false,
admin_password => 'not important as removed'
}
include nova::params
exec { 'post-nova_config':
command => '/bin/echo "Nova config has changed"',
refreshonly => true,
}
package { 'nova-common':
name => $nova::params::common_package_name,
ensure => 'absent',
}

97
resources/nova_api_puppet/actions/run.pp
View File

@ -1,33 +1,78 @@
$resource = hiera($::resource_name)
$rabbitmq_user = $resource['input']['rabbitmq_user']['value']
$rabbitmq_password = $resource['input']['rabbitmq_password']['value']
$rabbitmq_host = $resource['input']['rabbitmq_host']['value']
$db_user = $resource['input']['db_user']['value']
$db_password = $resource['input']['db_password']['value']
$db_name = $resource['input']['db_name']['value']
$db_host = $resource['input']['db_host']['value']
$keystone_password = $resource['input']['keystone_password']['value']
$keystone_host = $resource['input']['keystone_host']['value']
$keystone_port = $resource['input']['keystone_port']['value']
$keystone_tenant_name = $resource['input']['keystone_tenant_name']['value']
$keystone_user = $resource['input']['keystone_user_name']['value']
$ensure_package = $resource['input']['ensure_package']['value']
$auth_strategy = $resource['input']['auth_strategy']['value']
$auth_host = $resource['input']['auth_host']['value']
$auth_port = $resource['input']['auth_port']['value']
$auth_protocol = $resource['input']['auth_protocol']['value']
$auth_uri = $resource['input']['auth_uri']['value']
$auth_admin_prefix = $resource['input']['auth_admin_prefix']['value']
$auth_version = $resource['input']['auth_version']['value']
$admin_tenant_name = $resource['input']['admin_tenant_name']['value']
$admin_user = $resource['input']['admin_user']['value']
$admin_password = $resource['input']['admin_password']['value']
$api_bind_address = $resource['input']['api_bind_address']['value']
$metadata_listen = $resource['input']['metadata_listen']['value']
$enabled_apis = $resource['input']['enabled_apis']['value']
$keystone_ec2_url = $resource['input']['keystone_ec2_url']['value']
$volume_api_class = $resource['input']['volume_api_class']['value']
$use_forwarded_for = $resource['input']['use_forwarded_for']['value']
$osapi_compute_workers = $resource['input']['osapi_compute_workers']['value']
$ec2_workers = $resource['input']['ec2_workers']['value']
$metadata_workers = $resource['input']['metadata_workers']['value']
$sync_db = $resource['input']['sync_db']['value']
$neutron_metadata_proxy_shared_secret = $resource['input']['neutron_metadata_proxy_shared_secret']['value']
$osapi_v3 = $resource['input']['osapi_v3']['value']
$pci_alias = $resource['input']['pci_alias']['value']
$ratelimits = $resource['input']['ratelimits']['value']
$ratelimits_factory = $resource['input']['ratelimits_factory']['value']
$validate = $resource['input']['validate']['value']
$validation_options = $resource['input']['validation_options']['value']
$workers = $resource['input']['workers']['value']
$conductor_workers = $resource['input']['conductor_workers']['value']
class { 'nova':
database_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}?charset=utf8",
rabbit_userid => $rabbitmq_user,
rabbit_password => $rabbitmq_password,
rabbit_host => $rabbitmq_host,
image_service => 'nova.image.glance.GlanceImageService',
glance_api_servers => 'localhost:9292',
verbose => false,
exec { 'post-nova_config':
command => '/bin/echo "Nova config has changed"',
}
include nova::params
package { 'nova-common':
name => $nova::params::common_package_name,
ensure => $ensure_package,
}
class { 'nova::api':
enabled => true,
admin_user => $keystone_user,
admin_password => $keystone_password,
auth_host => $keystone_host,
auth_port => $keystone_port,
admin_tenant_name => $keystone_tenant_name,
enabled => true,
manage_service => true,
ensure_package => $ensure_package,
auth_strategy => $auth_strategy,
auth_host => $auth_host,
auth_port => $auth_port,
auth_protocol => $auth_protocol,
auth_uri => $auth_uri,
auth_admin_prefix => $auth_admin_prefix,
auth_version => $auth_version,
admin_tenant_name => $admin_tenant_name,
admin_user => $admin_user,
admin_password => $admin_password,
api_bind_address => $api_bind_address,
metadata_listen => $metadata_listen,
enabled_apis => $enabled_apis,
keystone_ec2_url => $keystone_ec2_url,
volume_api_class => $volume_api_class,
use_forwarded_for => $use_forwarded_for,
osapi_compute_workers => $osapi_compute_workers,
ec2_workers => $ec2_workers,
metadata_workers => $metadata_workers,
sync_db => $sync_db,
neutron_metadata_proxy_shared_secret => $neutron_metadata_proxy_shared_secret,
osapi_v3 => $osapi_v3,
pci_alias => $pci_alias,
ratelimits => $ratelimits,
ratelimits_factory => $ratelimits_factory,
validate => $validate,
validation_options => $validation_options,
workers => $workers,
conductor_workers => $conductor_workers,
}

134
resources/nova_api_puppet/meta.yaml
View File

@ -1,50 +1,102 @@
id: nova
id: nova_api
handler: puppet
puppet_module: nova
version: 1.0.0
input:
db_user:
schema: str!
value: nova
db_password:
schema: str!
value:
db_name:
schema: str!
value:
db_host:
schema: str!
value:
rabbitmq_user:
schema: str!
value:
rabbitmq_password:
schema: str!
value:
rabbitmq_host:
schema: str!
value:
keystone_password:
schema: str!
value:
keystone_port:
schema: int!
value:
keystone_host:
schema: str!
value:
keystone_tenant_name:
schema: str!
value:
keystone_user_name:
schema: str!
value:
ensure_package:
schema: str
value: 'present'
auth_strategy:
schema: str
value: ''
auth_host:
schema: str
value: '127.0.0.1'
auth_port:
schema: int
value: 35357
auth_protocol:
schema: str
value: 'http'
auth_uri:
schema: str
value: ''
auth_admin_prefix:
schema: str
value: ''
auth_version:
schema: str
value: ''
admin_tenant_name:
schema: str
value: 'services'
admin_user:
schema: str
value: 'nova'
admin_password:
schema: str
value: 'nova'
api_bind_address:
schema: str
value: '0.0.0.0'
metadata_listen:
schema: str
value: '0.0.0.0'
enabled_apis:
schema: str
value: 'ec2,osapi_compute,metadata'
keystone_ec2_url:
schema: str
value: ''
volume_api_class:
schema: str
value: 'nova.volume.cinder.API'
use_forwarded_for:
schema: bool
value: false
osapi_compute_workers:
schema: int
value: 1
ec2_workers:
schema: int
value: 1
metadata_workers:
schema: int
value: 1
sync_db:
schema: bool
value: true
neutron_metadata_proxy_shared_secret:
schema: str
value: ''
osapi_v3:
schema: bool
value: false
pci_alias:
schema: str
value: ''
ratelimits:
schema: str
value: ''
ratelimits_factory:
schema: str
value: 'nova.api.openstack.compute.limits:RateLimitingMiddleware.factory'
validate:
schema: bool
value: false
validation_options:
schema: {}
value: {}
workers:
schema: str
value: ''
conductor_workers:
schema: str
value: ''
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-nova', branch: 'stable/juno'}
value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'}
ip:
schema: str!
@ -56,4 +108,4 @@ input:
schema: str!
value:
tags: [resource/nova_service, resources/nova, resource/nova-api]
tags: [resource/nova_api_service, resources/nova_api, resources/nova]

92
resources/nova_api_puppet/test.py Normal file
View File

@ -0,0 +1,92 @@
import json
import requests
from solar.core.log import log
from solar.core import validation
def test(resource):
log.debug('Testing nova api')
args = resource.args
token, token_data = validation.validate_token(
keystone_host=args['auth_host'].value,
keystone_port=args['auth_port'].value,
user=args['admin_user'].value,
tenant=args['admin_tenant_name'].value,
password=args['admin_password'].value,
)
endpoints = [
e['endpoints'] for e in token_data['access']['serviceCatalog']
if e['name'] == 'nova'
][0]
public_url = endpoints[0]['publicURL']
log.debug('nova admin_url: %s', public_url)
servers = requests.get(
'{public_url}/servers/detail'.format(public_url=public_url),
headers={
'X-Auth-Token': token,
'Content-Type': 'application/json',
}
)
servers_json = servers.json()
log.debug(
'NOVA API SERVERS: %s',
json.dumps(servers_json, indent=2)
)
assert 'servers' in servers_json
assert isinstance(servers_json['servers'], list)
flavors = requests.get(
'{public_url}/flavors'.format(public_url=public_url),
headers={
'X-Auth-Token': token,
'Content-Type': 'application/json',
}
)
flavors_json = flavors.json()
log.debug('NOVA API FLAVORS: %s', json.dumps(flavors_json, indent=2))
assert 'flavors' in flavors_json
assert isinstance(flavors_json['flavors'], list)
assert len(flavors_json['flavors']) > 0
for flavor_data in flavors_json['flavors']:
url = [link['href'] for link in flavor_data['links']
if link['rel'] == 'self'][0]
flavor = requests.get(
url,
headers={
'X-Auth-Token': token,
'Content-Type': 'application/json',
}
)
flavor_json = flavor.json()
log.debug(
'NOVA API FLAVOR %s data: %s',
flavor_data['name'],
json.dumps(flavor_json, indent=2)
)
images = requests.get(
'{public_url}/images'.format(public_url=public_url),
headers={
'X-Auth-Token': token,
'Content-Type': 'application/json',
}
)
log.debug('NOVA API IMAGES: %s', images.json())

84
resources/nova_compute_libvirt_puppet/README.md Normal file
View File

@ -0,0 +1,84 @@
# Nova compute libvirt resource for puppet handler
Install and manage nova-compute guests managed by libvirt.
Cannot be used separately from nova compute resource and
should share the same node.
Libvirt service name defaults are given for Debian OS family.
# Parameters
source https://github.com/openstack/puppet-nova_compute_libvirt/blob/5.1.0/manifests/compute/libvirt.pp
``libvirt_virt_type``
(optional) Libvirt domain type. Options are: kvm, lxc, qemu, uml, xen
Replaces libvirt_type
Defaults to 'kvm'
``vncserver_listen``
(optional) IP address on which instance vncservers should listen
Defaults to '127.0.0.1'
``migration_support``
(optional) Whether to support virtual machine migration
Defaults to false
``libvirt_cpu_mode``
(optional) The libvirt CPU mode to configure. Possible values
include custom, host-model, none, host-passthrough.
Defaults to 'host-model' if libvirt_virt_type is set to either
kvm or qemu, otherwise defaults to 'none'.
``libvirt_disk_cachemodes``
(optional) A list of cachemodes for different disk types, e.g.
["file=directsync", "block=none"]
If an empty list is specified, the disk_cachemodes directive
will be removed from nova.conf completely.
Defaults to an empty list
``libvirt_inject_password``
(optional) Inject the admin password at boot time, without an agent.
Defaults to false
``libvirt_inject_key``
(optional) Inject the ssh public key at boot time.
Defaults to false
``libvirt_inject_partition``
(optional) The partition to inject to : -2 => disable, -1 => inspect
(libguestfs only), 0 => not partitioned, >0 => partition
number (integer value)
Defaults to -2
``remove_unused_base_images``
(optional) Should unused base images be removed?
If undef is specified, remove the line in nova.conf
otherwise, use a boolean to remove or not the base images.
Defaults to undef
``remove_unused_kernels``
(optional) Should unused kernel images be removed?
This is only safe to enable if all compute nodes
have been updated to support this option.
If undef is specified, remove the line in nova.conf
otherwise, use a boolean to remove or not the kernels.
Defaults to undef
``remove_unused_resized_minimum_age_seconds``
(optional) Unused resized base images younger
than this will not be removed
If undef is specified, remove the line in nova.conf
otherwise, use a integer or a string to define after
how many seconds it will be removed.
Defaults to undef
``remove_unused_original_minimum_age_seconds``
(optional) Unused unresized base images younger
than this will not be removed
If undef is specified, remove the line in nova.conf
otherwise, use a integer or a string to define after
how many seconds it will be removed.
Defaults to undef
``libvirt_service_name``
(optional) libvirt service name.
Defaults to $::nova::params::libvirt_service_name

1
resources/nova_compute_libvirt_puppet/actions/remove.pp Normal file
View File

@ -0,0 +1 @@
notify { 'Remove action is not supported upstream': }

56
resources/nova_compute_libvirt_puppet/actions/run.pp Normal file
View File

@ -0,0 +1,56 @@
$resource = hiera($::resource_name)
$libvirt_virt_type = $resource['input']['libvirt_virt_type']['value']
$vncserver_listen = $resource['input']['vncserver_listen']['value']
$migration_support = $resource['input']['migration_support']['value']
$libvirt_cpu_mode = $resource['input']['libvirt_cpu_mode']['value']
$libvirt_disk_cachemodes = $resource['input']['libvirt_disk_cachemodes']['value']
$libvirt_inject_password = $resource['input']['libvirt_inject_password']['value']
$libvirt_inject_key = $resource['input']['libvirt_inject_key']['value']
$libvirt_inject_partition = $resource['input']['libvirt_inject_partition']['value']
$remove_unused_base_images = $resource['input']['remove_unused_base_images']['value']
$remove_unused_kernels = $resource['input']['remove_unused_kernels']['value']
$remove_unused_resized_minimum_age_seconds = $resource['input']['remove_unused_resized_minimum_age_seconds']['value']
$remove_unused_original_minimum_age_seconds = $resource['input']['remove_unused_original_minimum_age_seconds']['value']
$libvirt_service_name = $resource['input']['libvirt_service_name']['value']
$libvirt_type = $resource['input']['libvirt_type']['value']
class { 'nova::compute::libvirt':
libvirt_virt_type => $libvirt_virt_type,
vncserver_listen => $vncserver_listen,
migration_support => $migration_support,
libvirt_cpu_mode => $libvirt_cpu_mode,
libvirt_disk_cachemodes => $libvirt_disk_cachemodes,
libvirt_inject_password => $libvirt_inject_password,
libvirt_inject_key => $libvirt_inject_key,
libvirt_inject_partition => $libvirt_inject_partition,
remove_unused_base_images => $remove_unused_base_images,
remove_unused_kernels => $remove_unused_kernels,
remove_unused_resized_minimum_age_seconds => $remove_unused_resized_minimum_age_seconds,
remove_unused_original_minimum_age_seconds => $remove_unused_original_minimum_age_seconds,
libvirt_service_name => $libvirt_service_name,
libvirt_type => $libvirt_type,
}
#exec { 'networking-refresh':
# command => '/sbin/ifdown -a ; /sbin/ifup -a',
#}
#exec { 'post-nova_config':
# command => '/bin/echo "Nova config has changed"',
#}
include nova::params
service { 'nova-compute':
name => $::nova::params::compute_service_name,
}
package { 'nova-compute':
name => $::nova::params::compute_package_name,
}
package { 'nova-common':
name => $nova::params::common_package_name,
ensure => $ensure_package,
}

63
resources/nova_compute_libvirt_puppet/meta.yaml Normal file
View File

@ -0,0 +1,63 @@
id: nova_compute_libvirt
handler: puppet
puppet_module: nova
version: 1.0.0
input:
libvirt_virt_type:
schema: str
value: 'kvm'
vncserver_listen:
schema: str
value: '127.0.0.1'
migration_support:
schema: bool
value: false
libvirt_cpu_mode:
schema: str
value: ''
libvirt_disk_cachemodes:
schema: [str]
value: []
libvirt_inject_password:
schema: bool
value: false
libvirt_inject_key:
schema: bool
value: false
libvirt_inject_partition:
schema: str
value: '-2'
remove_unused_base_images:
schema: str
value: ''
remove_unused_kernels:
schema: str
value: ''
remove_unused_resized_minimum_age_seconds:
schema: str
value: ''
remove_unused_original_minimum_age_seconds:
schema: str
value: ''
libvirt_service_name:
schema: str
value: 'libvirt-bin'
libvirt_type:
schema: bool
value: false
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'}
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
tags: [resource/nova_compute_libvirt_service, resources/nova_compute_libvirt, resources/nova_compute, resources/nova]

105
resources/nova_compute_puppet/README.md Normal file
View File

@ -0,0 +1,105 @@
# Nova compute resource for puppet handler
Setup and configure the Nova compute service.
# Parameters
source https://github.com/openstack/puppet-nova_compute/blob/5.1.0/manifests/compute.pp
``enabled``
(optional) Whether to enable the nova-compute service
Defaults to false
``manage_service``
(optional) Whether to start/stop the service
Defaults to true
``ensure_package``
(optional) The state for the nova-compute package
Defaults to 'present'
``vnc_enabled``
(optional) Whether to use a VNC proxy
Defaults to true
``vncserver_proxyclient_address``
(optional) The IP address of the server running the VNC proxy client
Defaults to '127.0.0.1'
``vncproxy_host``
(optional) The host of the VNC proxy server
Defaults to false
``vncproxy_protocol``
(optional) The protocol to communicate with the VNC proxy server
Defaults to 'http'
``vncproxy_port``
(optional) The port to communicate with the VNC proxy server
Defaults to '6080'
``vncproxy_path``
(optional) The path at the end of the uri for communication with the VNC proxy server
Defaults to '/vnc_auto.html'
``vnc_keymap``
(optional) The keymap to use with VNC (ls -alh /usr/share/qemu/keymaps to list available keymaps)
Defaults to 'en-us'
``force_config_drive``
(optional) Whether to force the config drive to be attached to all VMs
Defaults to false
``virtio_nic``
(optional) Whether to use virtio for the nic driver of VMs
Defaults to false
``neutron_enabled``
(optional) Whether to use Neutron for networking of VMs
Defaults to true
``network_device_mtu``
(optional) The MTU size for the interfaces managed by nova
Defaults to undef
``instance_usage_audit``
(optional) Generate periodic compute.instance.exists notifications.
Defaults to false
``instance_usage_audit_period``
(optional) Time period to generate instance usages for.
Time period must be hour, day, month or year
Defaults to 'month'
``force_raw_images``
(optional) Force backing images to raw format.
Defaults to true
``reserved_host_memory``
Reserved host memory
The amount of memory in MB reserved for the host.
Defaults to '512'
``compute_manager``
Compute manager
The driver that will manage the running instances.
Defaults to nova.compute.manager.ComputeManager
``pci_passthrough_whitelist``
(optional) Pci passthrough hash in format of:
Defaults to undef
Example
"[ { 'vendor_id':'1234','product_id':'5678' },
{ 'vendor_id':'4321','product_id':'8765','physical_network':'default' } ] "
``default_availability_zone``
(optional) Default compute node availability zone.
Defaults to nova
``default_schedule_zone``
(optional) Availability zone to use when user doesn't specify one.
Defaults to undef
``internal_service_availability_zone``
(optional) The availability zone to show internal services under.
Defaults to internal

20
resources/nova_compute_puppet/actions/remove.pp Normal file
View File

@ -0,0 +1,20 @@
class { 'nova::compute':
ensure_package => 'absent',
enabled => false,
}
include nova::params
exec { 'post-nova_config':
command => '/bin/echo "Nova config has changed"',
refreshonly => true,
}
exec { 'networking-refresh':
command => '/sbin/ifdown -a ; /sbin/ifup -a',
}
package { 'nova-common':
name => $nova::params::common_package_name,
ensure => 'absent',
}

64
resources/nova_compute_puppet/actions/run.pp Normal file
View File

@ -0,0 +1,64 @@
$resource = hiera($::resource_name)
$ensure_package = $resource['input']['ensure_package']['value']
$vnc_enabled = $resource['input']['vnc_enabled']['value']
$vncserver_proxyclient_address = $resource['input']['vncserver_proxyclient_address']['value']
$vncproxy_host = $resource['input']['vncproxy_host']['value']
$vncproxy_protocol = $resource['input']['vncproxy_protocol']['value']
$vncproxy_port = $resource['input']['vncproxy_port']['value']
$vncproxy_path = $resource['input']['vncproxy_path']['value']
$vnc_keymap = $resource['input']['vnc_keymap']['value']
$force_config_drive = $resource['input']['force_config_drive']['value']
$virtio_nic = $resource['input']['virtio_nic']['value']
$neutron_enabled = $resource['input']['neutron_enabled']['value']
$network_device_mtu = $resource['input']['network_device_mtu']['value']
$instance_usage_audit = $resource['input']['instance_usage_audit']['value']
$instance_usage_audit_period = $resource['input']['instance_usage_audit_period']['value']
$force_raw_images = $resource['input']['force_raw_images']['value']
$reserved_host_memory = $resource['input']['reserved_host_memory']['value']
$compute_manager = $resource['input']['compute_manager']['value']
$pci_passthrough = $resource['input']['pci_passthrough']['value']
$default_availability_zone = $resource['input']['default_availability_zone']['value']
$default_schedule_zone = $resource['input']['default_schedule_zone']['value']
$internal_service_availability_zone = $resource['input']['internal_service_availability_zone']['value']
class { 'nova::compute':
enabled => true,
manage_service => true,
ensure_package => $ensure_package,
vnc_enabled => $vnc_enabled,
vncserver_proxyclient_address => $vncserver_proxyclient_address,
vncproxy_host => $vncproxy_host,
vncproxy_protocol => $vncproxy_protocol,
vncproxy_port => $vncproxy_port,
vncproxy_path => $vncproxy_path,
vnc_keymap => $vnc_keymap,
force_config_drive => $force_config_drive,
virtio_nic => $virtio_nic,
neutron_enabled => $neutron_enabled,
network_device_mtu => $network_device_mtu,
instance_usage_audit => $instance_usage_audit,
instance_usage_audit_period => $instance_usage_audit_period,
force_raw_images => $force_raw_images,
reserved_host_memory => $reserved_host_memory,
compute_manager => $compute_manager,
pci_passthrough => $pci_passthrough,
default_availability_zone => $default_availability_zone,
default_schedule_zone => $default_schedule_zone,
internal_service_availability_zone => $internal_service_availability_zone,
}
exec { 'networking-refresh':
command => '/sbin/ifdown -a ; /sbin/ifup -a',
}
exec { 'post-nova_config':
command => '/bin/echo "Nova config has changed"',
}
include nova::params
package { 'nova-common':
name => $nova::params::common_package_name,
ensure => $ensure_package,
}

84
resources/nova_compute_puppet/meta.yaml Normal file
View File

@ -0,0 +1,84 @@
id: nova_compute
handler: puppet
puppet_module: nova
version: 1.0.0
input:
ensure_package:
schema: str
value: 'present'
vnc_enabled:
schema: bool
value: true
vncserver_proxyclient_address:
schema: str
value: '127.0.0.1'
vncproxy_host:
schema: str
value: ''
vncproxy_protocol:
schema: str
value: 'http'
vncproxy_port:
schema: int
value: 6080
vncproxy_path:
schema: str
value: '/vnc_auto.html'
vnc_keymap:
schema: str
value: 'en-us'
force_config_drive:
schema: bool
value: false
virtio_nic:
schema: bool
value: false
neutron_enabled:
schema: bool
value: true
network_device_mtu:
schema: str
value: ''
instance_usage_audit:
schema: bool
value: false
instance_usage_audit_period:
schema: str
value: 'month'
force_raw_images:
schema: bool
value: true
reserved_host_memory:
schema: int
value: 512
compute_manager:
schema: str
value: 'nova.compute.manager.ComputeManager'
pci_passthrough:
schema: str
value: ''
default_availability_zone:
schema: str
value: 'nova'
default_schedule_zone:
schema: str
value: ''
internal_service_availability_zone:
schema: str
value: 'internal'
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'}
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
tags: [resource/nova_compute_service, resources/nova_compute, resources/nova]

16
resources/nova_conductor_puppet/README.md Normal file
View File

@ -0,0 +1,16 @@
# Nova conductor resource for puppet handler
Setup and configure the Nova conductor service.
Note, it [should not](http://docs.openstack.org/juno/config-reference/content/section_conductor.html) be deployed on compute nodes.
# Parameters
source https://github.com/openstack/puppet-nova_conductor/blob/5.1.0/manifests/conductor.pp
``ensure_package``
(optional) The state of the nova conductor package
Defaults to 'present'
``workers``
(optional) Number of workers for OpenStack Conductor service
Defaults to undef (i.e. parameter will not be present)

11
resources/nova_conductor_puppet/actions/remove.pp Normal file
View File

@ -0,0 +1,11 @@
class { 'nova::conductor':
ensure_package => 'absent',
enabled => false,
}
include nova::params
package { 'nova-common':
name => $nova::params::common_package_name,
ensure => 'absent',
}

22
resources/nova_conductor_puppet/actions/run.pp Normal file
View File

@ -0,0 +1,22 @@
$resource = hiera($::resource_name)
$ensure_package = $resource['input']['ensure_package']['value']
$workers = $resource['input']['workers']['value']
exec { 'post-nova_config':
command => '/bin/echo "Nova config has changed"',
}
include nova::params
package { 'nova-common':
name => $nova::params::common_package_name,
ensure => $ensure_package,
}
class { 'nova::conductor':
enabled => true,
manage_service => true,
ensure_package => $ensure_package,
workers => $workers,
}

27
resources/nova_conductor_puppet/meta.yaml Normal file
View File

@ -0,0 +1,27 @@
id: nova_conductor
handler: puppet
puppet_module: nova
version: 1.0.0
input:
ensure_package:
schema: str
value: 'present'
workers:
schema: int
value: 1
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'}
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
tags: [resource/nova_conductor_service, resources/nova_conductor, resources/nova]

109
resources/nova_neutron_puppet/README.md Normal file
View File

@ -0,0 +1,109 @@
# Nova neutron resource for puppet handler
Setup and configure the Nova compute to use Neutron.
Note, it should only be deployed on compute nodes.
Also manage the network driver to use for compute guests
This will use virtio for VM guests and the specified driver for the VIF.
# Parameters
source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/compute/neutron.pp
``libvirt_vif_driver``
(optional) The libvirt VIF driver to configure the VIFs.
Defaults to 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver'.
``force_snat_range``
(optional) Force SNAT rule to specified network for nova-network
Default to 0.0.0.0/0
Due to architecture constraints in nova_config, it's not possible to setup
more than one SNAT rule though initial parameter is MultiStrOpt
source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/network/neutron.pp
``neutron_admin_password``
(required) Password for connecting to Neutron network services in
admin context through the OpenStack Identity service.
``neutron_auth_strategy``
(optional) Should be kept as default 'keystone' for all production deployments.
Defaults to 'keystone'
``neutron_url``
(optional) URL for connecting to the Neutron networking service.
Defaults to 'http://127.0.0.1:9696'
``neutron_url_timeout``
(optional) Timeout value for connecting to neutron in seconds.
Defaults to '30'
``neutron_admin_tenant_name``
(optional) Tenant name for connecting to Neutron network services in
admin context through the OpenStack Identity service.
Defaults to 'services'
``neutron_default_tenant_id``
(optional) Default tenant id when creating neutron networks
Defaults to 'default'
``neutron_region_name``
(optional) Region name for connecting to neutron in admin context
through the OpenStack Identity service.
Defaults to 'RegionOne'
``neutron_admin_username``
(optional) Username for connecting to Neutron network services in admin context
through the OpenStack Identity service.
Defaults to 'neutron'
``neutron_ovs_bridge``
(optional) Name of Integration Bridge used by Open vSwitch
Defaults to 'br-int'
``neutron_extension_sync_interval``
(optional) Number of seconds before querying neutron for extensions
Defaults to '600'
``neutron_ca_certificates_file``
(optional) Location of ca certicates file to use for neutronclient requests.
Defaults to 'None'
``neutron_admin_auth_url``
(optional) Points to the OpenStack Identity server IP and port.
This is the Identity (keystone) admin API server IP and port value,
and not the Identity service API IP and port.
Defaults to 'http://127.0.0.1:35357/v2.0'
``network_api_class``
(optional) The full class name of the network API class.
The default configures Nova to use Neutron for the network API.
Defaults to 'nova.network.neutronv2.api.API'
``security_group_api``
(optional) The full class name of the security API class.
The default configures Nova to use Neutron for security groups.
Set to 'nova' to use standard Nova security groups.
Defaults to 'neutron'
``firewall_driver``
(optional) Firewall driver.
This prevents nova from maintaining a firewall so it does not interfere
with Neutron's. Set to 'nova.virt.firewall.IptablesFirewallDriver'
to re-enable the Nova firewall.
Defaults to 'nova.virt.firewall.NoopFirewallDriver'
``vif_plugging_is_fatal``
(optional) Fail to boot instance if vif plugging fails.
This prevents nova from booting an instance if vif plugging notification
is not received from neutron.
Defaults to 'True'
``vif_plugging_timeout``
(optional) Number of seconds to wait for neutron vif plugging events.
Set to '0' and vif_plugging_is_fatal to 'False' if vif plugging
notification is not being used.
Defaults to '300'
``dhcp_domain``
(optional) domain to use for building the hostnames
Defaults to 'novalocal'

1
resources/nova_neutron_puppet/actions/remove.pp Normal file
View File

@ -0,0 +1 @@
notify { "Nothing to remove here": }

49
resources/nova_neutron_puppet/actions/run.pp Normal file
View File

@ -0,0 +1,49 @@
$resource = hiera($::resource_name)
$libvirt_vif_driver = $resource['input']['libvirt_vif_driver']['value']
$force_snat_range = $resource['input']['force_snat_range']['value']
$neutron_admin_password = $resource['input']['neutron_admin_password']['value']
$neutron_auth_strategy = $resource['input']['neutron_auth_strategy']['value']
$neutron_url = $resource['input']['neutron_url']['value']
$neutron_url_timeout = $resource['input']['neutron_url_timeout']['value']
$neutron_admin_tenant_name = $resource['input']['neutron_admin_tenant_name']['value']
$neutron_default_tenant_id = $resource['input']['neutron_default_tenant_id']['value']
$neutron_region_name = $resource['input']['neutron_region_name']['value']
$neutron_admin_username = $resource['input']['neutron_admin_username']['value']
$neutron_admin_auth_url = $resource['input']['neutron_admin_auth_url']['value']
$neutron_ovs_bridge = $resource['input']['neutron_ovs_bridge']['value']
$neutron_extension_sync_interval = $resource['input']['neutron_extension_sync_interval']['value']
$neutron_ca_certificates_file = $resource['input']['neutron_ca_certificates_file']['value']
$network_api_class = $resource['input']['network_api_class']['value']
$security_group_api = $resource['input']['security_group_api']['value']
$firewall_driver = $resource['input']['firewall_driver']['value']
$vif_plugging_is_fatal = $resource['input']['vif_plugging_is_fatal']['value']
$vif_plugging_timeout = $resource['input']['vif_plugging_timeout']['value']
$dhcp_domain = $resource['input']['dhcp_domain']['value']
class { 'nova::compute::neutron':
libvirt_vif_driver => $libvirt_vif_driver,
force_snat_range => $force_snat_range,
}
class { 'nova::network::neutron':
neutron_admin_password => $neutron_admin_password,
neutron_auth_strategy => $neutron_auth_strategy,
neutron_url => $neutron_url,
neutron_url_timeout => $neutron_url_timeout,
neutron_admin_tenant_name => $neutron_admin_tenant_name,
neutron_default_tenant_id => $neutron_default_tenant_id,
neutron_region_name => $neutron_region_name,
neutron_admin_username => $neutron_admin_username,
neutron_admin_auth_url => $neutron_admin_auth_url,
neutron_ovs_bridge => $neutron_ovs_bridge,
neutron_extension_sync_interval => $neutron_extension_sync_interval,
neutron_ca_certificates_file => $neutron_ca_certificates_file,
network_api_class => $network_api_class,
security_group_api => $security_group_api,
firewall_driver => $firewall_driver,
vif_plugging_is_fatal => $vif_plugging_is_fatal,
vif_plugging_timeout => $vif_plugging_timeout,
dhcp_domain => $dhcp_domain,
}

81
resources/nova_neutron_puppet/meta.yaml Normal file
View File

@ -0,0 +1,81 @@
id: nova_neutron
handler: puppet
puppet_module: nova
version: 1.0.0
input:
libvirt_vif_driver:
schema: str
value: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver'
force_snat_range:
schema: str
value: '0.0.0.0/0'
neutron_admin_password:
schema: str
value: 'neutron'
neutron_auth_strategy:
schema: str
value: 'keystone'
neutron_url:
schema: str
value: 'http://127.0.0.1:9696'
neutron_url_timeout:
schema: int
value: 30
neutron_admin_tenant_name:
schema: str
value: 'services'
neutron_default_tenant_id:
schema: str
value: 'default'
neutron_region_name:
schema: str
value: 'RegionOne'
neutron_admin_username:
schema: str
value: 'neutron'
neutron_admin_auth_url:
schema: str
value: 'http://127.0.0.1:35357/v2.0'
neutron_ovs_bridge:
schema: str
value: 'br-int'
neutron_extension_sync_interval:
schema: int
value: 600
neutron_ca_certificates_file:
schema: str
value: ''
network_api_class:
schema: str
value: 'nova.network.neutronv2.api.API'
security_group_api:
schema: str
value: 'neutron'
firewall_driver:
schema: str
value: 'nova.virt.firewall.NoopFirewallDriver'
vif_plugging_is_fatal:
schema: bool
value: true
vif_plugging_timeout:
schema: int
value: 300
dhcp_domain:
schema: str
value: 'novalocal'
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'}
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
tags: [resource/nova_neutron_service, resources/nova_neutron, resources/nova_compute, resources/nova]

275
resources/nova_puppet/README.md Normal file
View File

@ -0,0 +1,275 @@
# Nova resource for puppet handler
Controls a live cycle of the nova entities,
like the main puppet class, auth, DB, AMQP, packages,
keystone user, role and endpoint.
# Parameters
source https://github.com/openstack/puppet-nova/blob/5.1.0/manifests/init.pp
``ensure_package``
(optional) The state of nova packages
Defaults to 'present'
``nova_cluster_id``
(optional) Deprecated. This parameter does nothing and will be removed.
Defaults to 'localcluster'
``sql_connection``
(optional) Deprecated. Use database_connection instead.
Defaults to false
``sql_idle_timeout``
(optional) Deprecated. Use database_idle_timeout instead
Defaults to false
``database_connection``
(optional) Connection url to connect to nova database.
Defaults to false
``slave_connection``
(optional) Connection url to connect to nova slave database (read-only).
Defaults to false
``database_idle_timeout``
(optional) Timeout before idle db connections are reaped.
Defaults to 3600
``rpc_backend``
(optional) The rpc backend implementation to use, can be:
rabbit (for rabbitmq)
qpid (for qpid)
zmq (for zeromq)
Defaults to 'rabbit'
``image_service``
(optional) Service used to search for and retrieve images.
Defaults to 'nova.image.local.LocalImageService'
``glance_api_servers``
(optional) List of addresses for api servers.
Defaults to 'localhost:9292'
``memcached_servers``
(optional) Use memcached instead of in-process cache. Supply a list of memcached server IP's:Memcached Port.
Defaults to false
``rabbit_host``
(optional) Location of rabbitmq installation.
Defaults to 'localhost'
``rabbit_hosts``
(optional) List of clustered rabbit servers.
Defaults to false
``rabbit_port``
(optional) Port for rabbitmq instance.
Defaults to '5672'
``rabbit_password``
(optional) Password used to connect to rabbitmq.
Defaults to 'guest'
``rabbit_userid``
(optional) User used to connect to rabbitmq.
Defaults to 'guest'
``rabbit_virtual_host``
(optional) The RabbitMQ virtual host.
Defaults to '/'
``rabbit_use_ssl``
(optional) Connect over SSL for RabbitMQ
Defaults to false
``kombu_ssl_ca_certs``
(optional) SSL certification authority file (valid only if SSL enabled).
Defaults to undef
``kombu_ssl_certfile``
(optional) SSL cert file (valid only if SSL enabled).
Defaults to undef
``kombu_ssl_keyfile``
(optional) SSL key file (valid only if SSL enabled).
Defaults to undef
``kombu_ssl_version``
(optional) SSL version to use (valid only if SSL enabled).
Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be
available on some distributions.
Defaults to 'TLSv1'
``amqp_durable_queues``
(optional) Define queues as "durable" to rabbitmq.
Defaults to false
``qpid_hostname``
(optional) Location of qpid server
Defaults to 'localhost'
``qpid_port``
(optional) Port for qpid server
Defaults to '5672'
``qpid_username``
(optional) Username to use when connecting to qpid
Defaults to 'guest'
``qpid_password``
(optional) Password to use when connecting to qpid
Defaults to 'guest'
``qpid_heartbeat``
(optional) Seconds between connection keepalive heartbeats
Defaults to 60
``qpid_protocol``
(optional) Transport to use, either 'tcp' or 'ssl''
Defaults to 'tcp'
``qpid_sasl_mechanisms``
(optional) Enable one or more SASL mechanisms
Defaults to false
``qpid_tcp_nodelay``
(optional) Disable Nagle algorithm
Defaults to true
``service_down_time``
(optional) Maximum time since last check-in for up service.
Defaults to 60
``logdir``
(optional) Deprecated. Use log_dir instead.
Defaults to false
``log_dir``
(optional) Directory where logs should be stored.
If set to boolean false, it will not log to any directory.
Defaults to '/var/log/nova'
``state_path``
(optional) Directory for storing state.
Defaults to '/var/lib/nova'
``lock_path``
(optional) Directory for lock files.
On RHEL will be '/var/lib/nova/tmp' and on Debian '/var/lock/nova'
Defaults to $::nova::params::lock_path
``verbose``
(optional) Set log output to verbose output.
Defaults to false
``periodic_interval``
(optional) Seconds between running periodic tasks.
Defaults to '60'
``report_interval``
(optional) Interval at which nodes report to data store.
Defaults to '10'
``monitoring_notifications``
(optional) Whether or not to send system usage data notifications out on the message queue. Only valid for stable/essex.
Defaults to false
``use_syslog``
(optional) Use syslog for logging
Defaults to false
``log_facility``
(optional) Syslog facility to receive log lines.
Defaults to 'LOG_USER'
``use_ssl``
(optional) Enable SSL on the API server
Defaults to false, not set
``enabled_ssl_apis``
(optional) List of APIs to SSL enable
Defaults to []
Possible values : 'ec2', 'osapi_compute', 'metadata'
``cert_file``
(optinal) Certificate file to use when starting API server securely
Defaults to false, not set
``key_file``
(optional) Private key file to use when starting API server securely
Defaults to false, not set
``ca_file``
(optional) CA certificate file to use to verify connecting clients
Defaults to false, not set_
``nova_user_id``
(optional) Create the nova user with the specified gid.
Changing to a new uid after specifying a different uid previously,
or using this option after the nova account already exists will break
the ownership of all files/dirs owned by nova. It is strongly encouraged
not to use this option and instead create user before nova class or
for network shares create netgroup into which you'll put nova on all the
nodes. If undef no user will be created and user creation will standardly
happen in nova-common package.
Defaults to undef.
``nova_group_id``
(optional) Create the nova user with the specified gid.
Changing to a new uid after specifying a different uid previously,
or using this option after the nova account already exists will break
the ownership of all files/dirs owned by nova. It is strongly encouraged
not to use this option and instead create group before nova class or for
network shares create netgroup into which you'll put nova on all the
nodes. If undef no user or group will be created and creation will
happen in nova-common package.
Defaults to undef.
``nova_public_key``
(optional) Install public key in .ssh/authorized_keys for the 'nova' user.
Expects a hash of the form { type => 'key-type', key => 'key-data' } where
'key-type' is one of (ssh-rsa, ssh-dsa, ssh-ecdsa) and 'key-data' is the
actual key data (e.g, 'AAAA...').
``nova_private_key``
(optional) Install private key into .ssh/id_rsa (or appropriate equivalent
for key type). Expects a hash of the form { type => 'key-type', key =>
'key-data' }, where 'key-type' is one of (ssh-rsa, ssh-dsa, ssh-ecdsa) and
'key-data' is the contents of the private key file.
``nova_shell``
(optional) Set shell for 'nova' user to the specified value.
Defaults to '/bin/false'.
``mysql_module``
(optional) Deprecated. Does nothing.
``notification_driver``
(optional) Driver or drivers to handle sending notifications.
Value can be a string or a list.
Defaults to []
``notification_topics``
(optional) AMQP topic used for OpenStack notifications
Defaults to 'notifications'
``notify_api_faults``
(optional) If set, send api.fault notifications on caught
exceptions in the API service
Defaults to false
``notify_on_state_change``
(optional) If set, send compute.instance.update notifications
on instance state changes. Valid values are None for no notifications,
"vm_state" for notifications on VM state changes, or "vm_and_task_state"
for notifications on VM and task state changes.
Defaults to undef
``os_region_name``
(optional) Sets the os_region_name flag. For environments with
more than one endpoint per service, this is required to make
things such as cinder volume attach work. If you don't set this
and you have multiple endpoints, you will get AmbiguousEndpoint
exceptions in the nova API service.
Defaults to undef

4
resources/nova_puppet/actions/remove.pp Normal file
View File

@ -0,0 +1,4 @@
class { 'nova':
ensure_package => 'absent',
rabbit_password => 'not important as removed',
}

137
resources/nova_puppet/actions/run.pp Normal file
View File

@ -0,0 +1,137 @@
$resource = hiera($::resource_name)
$db_user = $resource['input']['db_user']['value']
$db_password = $resource['input']['db_password']['value']
$db_name = $resource['input']['db_name']['value']
$db_host = $resource['input']['db_host']['value']
$glance_api_servers_host = $resource['input']['glance_api_servers_host']['value']
$glance_api_servers_port = $resource['input']['glance_api_servers_port']['value']
$ensure_package = $resource['input']['ensure_package']['value']
$database_connection = $resource['input']['database_connection']['value']
$slave_connection = $resource['input']['slave_connection']['value']
$database_idle_timeout = $resource['input']['database_idle_timeout']['value']
$rpc_backend = $resource['input']['rpc_backend']['value']
$image_service = $resource['input']['image_service']['value']
$glance_api_servers = $resource['input']['glance_api_servers']['value']
$memcached_servers = $resource['input']['memcached_servers']['value']
$rabbit_host = $resource['input']['rabbit_host']['value']
$rabbit_hosts = $resource['input']['rabbit_hosts']['value']
$rabbit_password = $resource['input']['rabbit_password']['value']
$rabbit_port = $resource['input']['rabbit_port']['value']
$rabbit_userid = $resource['input']['rabbit_userid']['value']
$rabbit_virtual_host = $resource['input']['rabbit_virtual_host']['value']
$rabbit_use_ssl = $resource['input']['rabbit_use_ssl']['value']
$rabbit_ha_queues = $resource['input']['rabbit_ha_queues']['value']
$kombu_ssl_ca_certs = $resource['input']['kombu_ssl_ca_certs']['value']
$kombu_ssl_certfile = $resource['input']['kombu_ssl_certfile']['value']
$kombu_ssl_keyfile = $resource['input']['kombu_ssl_keyfile']['value']
$kombu_ssl_version = $resource['input']['kombu_ssl_version']['value']
$amqp_durable_queues = $resource['input']['amqp_durable_queues']['value']
$qpid_hostname = $resource['input']['qpid_hostname']['value']
$qpid_port = $resource['input']['qpid_port']['value']
$qpid_username = $resource['input']['qpid_username']['value']
$qpid_password = $resource['input']['qpid_password']['value']
$qpid_sasl_mechanisms = $resource['input']['qpid_sasl_mechanisms']['value']
$qpid_heartbeat = $resource['input']['qpid_heartbeat']['value']
$qpid_protocol = $resource['input']['qpid_protocol']['value']
$qpid_tcp_nodelay = $resource['input']['qpid_tcp_nodelay']['value']
$auth_strategy = $resource['input']['auth_strategy']['value']
$service_down_time = $resource['input']['service_down_time']['value']
$log_dir = $resource['input']['log_dir']['value']
$state_path = $resource['input']['state_path']['value']
$lock_path = $resource['input']['lock_path']['value']
$verbose = $resource['input']['verbose']['value']
$debug = $resource['input']['debug']['value']
$periodic_interval = $resource['input']['periodic_interval']['value']
$report_interval = $resource['input']['report_interval']['value']
$rootwrap_config = $resource['input']['rootwrap_config']['value']
$use_ssl = $resource['input']['use_ssl']['value']
$enabled_ssl_apis = $resource['input']['enabled_ssl_apis']['value']
$ca_file = $resource['input']['ca_file']['value']
$cert_file = $resource['input']['cert_file']['value']
$key_file = $resource['input']['key_file']['value']
$nova_user_id = $resource['input']['nova_user_id']['value']
$nova_group_id = $resource['input']['nova_group_id']['value']
$nova_public_key = $resource['input']['nova_public_key']['value']
$nova_private_key = $resource['input']['nova_private_key']['value']
$nova_shell = $resource['input']['nova_shell']['value']
$monitoring_notifications = $resource['input']['monitoring_notifications']['value']
$use_syslog = $resource['input']['use_syslog']['value']
$log_facility = $resource['input']['log_facility']['value']
$install_utilities = $resource['input']['install_utilities']['value']
$notification_driver = $resource['input']['notification_driver']['value']
$notification_topics = $resource['input']['notification_topics']['value']
$notify_api_faults = $resource['input']['notify_api_faults']['value']
$notify_on_state_change = $resource['input']['notify_on_state_change']['value']
$mysql_module = $resource['input']['mysql_module']['value']
$nova_cluster_id = $resource['input']['nova_cluster_id']['value']
$sql_connection = $resource['input']['sql_connection']['value']
$sql_idle_timeout = $resource['input']['sql_idle_timeout']['value']
$logdir = $resource['input']['logdir']['value']
$os_region_name = $resource['input']['os_region_name']['value']
class { 'nova':
database_connection => "mysql://${db_user}:${db_password}@${db_host}/${db_name}?charset=utf8",
ensure_package => $ensure_package,
slave_connection => $slave_connection,
database_idle_timeout => $database_idle_timeout,
rpc_backend => $rpc_backend,
image_service => $image_service,
glance_api_servers => "${glance_api_servers_host}:${glance_api_servers_port}",
memcached_servers => $memcached_servers,
rabbit_host => $rabbit_host,
rabbit_hosts => $rabbit_hosts,
rabbit_password => $rabbit_password,
rabbit_port => $rabbit_port,
rabbit_userid => $rabbit_userid,
rabbit_virtual_host => $rabbit_virtual_host,
rabbit_use_ssl => $rabbit_use_ssl,
rabbit_ha_queues => $rabbit_ha_queues,
kombu_ssl_ca_certs => $kombu_ssl_ca_certs,
kombu_ssl_certfile => $kombu_ssl_certfile,
kombu_ssl_keyfile => $kombu_ssl_keyfile,
kombu_ssl_version => $kombu_ssl_version,
amqp_durable_queues => $amqp_durable_queues,
qpid_hostname => $qpid_hostname,
qpid_port => $qpid_port,
qpid_username => $qpid_username,
qpid_password => $qpid_password,
qpid_sasl_mechanisms => $qpid_sasl_mechanisms,
qpid_heartbeat => $qpid_heartbeat,
qpid_protocol => $qpid_protocol,
qpid_tcp_nodelay => $qpid_tcp_nodelay,
auth_strategy => $auth_strategy,
service_down_time => $service_down_time,
log_dir => $log_dir,
state_path => $state_path,
lock_path => $lock_path,
verbose => $verbose,
debug => $debug,
periodic_interval => $periodic_interval,
report_interval => $report_interval,
rootwrap_config => $rootwrap_config,
use_ssl => $use_ssl,
enabled_ssl_apis => $enabled_ssl_apis,
ca_file => $ca_file,
cert_file => $cert_file,
key_file => $key_file,
nova_user_id => $nova_user_id,
nova_group_id => $nova_group_id,
nova_public_key => $nova_public_key,
nova_private_key => $nova_private_key,
nova_shell => $nova_shell,
monitoring_notifications => $monitoring_notifications,
use_syslog => $use_syslog,
log_facility => $log_facility,
install_utilities => $install_utilities,
notification_driver => $notification_driver,
notification_topics => $notification_topics,
notify_api_faults => $notify_api_faults,
notify_on_state_change => $notify_on_state_change,
mysql_module => $mysql_module,
nova_cluster_id => $nova_cluster_id,
sql_idle_timeout => $sql_idle_timeout,
logdir => $logdir,
os_region_name => $os_region_name,
}

250
resources/nova_puppet/meta.yaml Normal file
View File

@ -0,0 +1,250 @@
id: nova
handler: puppet
puppet_module: nova
version: 1.0.0
input:
ensure_package:
schema: str
value: 'present'
database_connection:
schema: str
value: ''
slave_connection:
schema: str
value: ''
database_idle_timeout:
schema: int
value: 3600
rpc_backend:
schema: str
value: 'rabbit'
image_service:
schema: str
value: 'nova.image.glance.GlanceImageService'
glance_api_servers:
schema: str
value: 'localhost:9292'
memcached_servers:
schema: str
value: ''
rabbit_host:
schema: str
value: 'localhost'
rabbit_hosts:
schema: str
value: ''
rabbit_password:
schema: str!
value: 'guest'
rabbit_port:
schema: int
value: 5672
rabbit_userid:
schema: str
value: 'guest'
rabbit_virtual_host:
schema: str
value: '/'
rabbit_use_ssl:
schema: bool
value: false
rabbit_ha_queues:
schema: str
value: ''
kombu_ssl_ca_certs:
schema: str
value: ''
kombu_ssl_certfile:
schema: str
value: ''
kombu_ssl_keyfile:
schema: str
value: ''
kombu_ssl_version:
schema: str
value: 'TLSv1'
amqp_durable_queues:
schema: bool
value: false
qpid_hostname:
schema: str
value: 'localhost'
qpid_port:
schema: int
value: 5672
qpid_username:
schema: str
value: 'guest'
qpid_password:
schema: str!
value: 'guest'
qpid_sasl_mechanisms:
schema: bool
value: false
qpid_heartbeat:
schema: int
value: 60
qpid_protocol:
schema: str
value: 'tcp'
qpid_tcp_nodelay:
schema: bool
value: true
auth_strategy:
schema: str
value: 'keystone'
service_down_time:
schema: int
value: 60
log_dir:
schema: str
value: '/var/log/nova'
state_path:
schema: str
value: '/var/lib/nova'
lock_path:
schema: str
value: '/var/lock/nova'
verbose:
schema: bool
value: false
debug:
schema: bool
value: false
periodic_interval:
schema: int
value: 60
report_interval:
schema: int
value: 10
rootwrap_config:
schema: str
value: '/etc/nova/rootwrap.conf'
use_ssl:
schema: bool
value: false
enabled_ssl_apis:
schema: [str]
value: ['ec2', 'metadata', 'osapi_compute']
ca_file:
schema: str
value: ''
cert_file:
schema: str
value: ''
key_file:
schema: str
value: ''
nova_user_id:
schema: str
value: ''
nova_group_id:
schema: str
value: ''
nova_public_key:
schema: str
value: ''
nova_private_key:
schema: str
value: ''
nova_shell:
schema: str
value: '/bin/false'
monitoring_notifications:
schema: bool
value: false
use_syslog:
schema: bool
value: false
log_facility:
schema: str
value: 'LOG_USER'
install_utilities:
schema: bool
value: true
notification_driver:
schema: [str]
value: []
notification_topics:
schema: str
value: 'notifications'
notify_api_faults:
schema: bool
value: false
notify_on_state_change:
schema: str
value: ''
mysql_module:
schema: str
value: ''
nova_cluster_id:
schema: str
value: ''
sql_connection:
schema: str
value: ''
sql_idle_timeout:
schema: str
value: ''
logdir:
schema: str
value: ''
os_region_name:
schema: str
value: ''
db_user:
schema: str!
value: nova
db_password:
schema: str!
value:
db_name:
schema: str!
value:
db_host:
schema: str!
value:
keystone_password:
schema: str!
value:
keystone_port:
schema: int!
value:
keystone_host:
schema: str!
value:
keystone_tenant:
schema: str!
value:
keystone_user:
schema: str!
value:
glance_api_servers_port:
schema: int
value: 9292
glance_api_servers_host:
schema: 'str'
value: 'localhost'
port:
schema: int!
value: 8774
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-nova', branch: '5.1.0'}
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
tags: [resource/nova_service, resources/nova]

2
solar/solar/core/validation.py
View File

@ -192,4 +192,4 @@ def validate_token(
log.debug('%s TOKEN: %s', user, token)
return token
return token, token_data.json()

8
templates/nodes.yml
View File

@ -1,4 +1,4 @@
id: mariadb_service
id: simple_multinode
resources:
- id: node1
from: resources/ro_node
@ -6,3 +6,9 @@ resources:
ip: '10.0.0.3'
ssh_key: '/vagrant/.vagrant/machines/solar-dev1/virtualbox/private_key'
ssh_user: 'vagrant'
- id: node2
from: resources/ro_node
values:
ip: '10.0.0.4'
ssh_key: '/vagrant/.vagrant/machines/solar-dev2/virtualbox/private_key'
ssh_user: 'vagrant'