Merge "Possibility to detach neutron from controllers"

deployment/puppet/openstack/manifests/network.pp

@@ -71,18 +71,20 @@ class openstack::network (
   $private_interface,
   $public_interface,
   $fixed_range,
-  $floating_range       = false,
-  $network_manager      = 'nova.network.manager.FlatDHCPManager',
-  $network_config       = {},
-  $create_networks      = true,
-  $num_networks         = 1,
-  $network_size         = 255,
-  $nameservers          = undef,
-  $enable_nova_net      = false,
-  $integration_bridge   = undef, #'br-int'
-  $nova_neutron         = false, #Enable to run nova::network::neutron, usefull for computes and controllers, but not routers
-  $nova_admin_password  = 'secret',
-  $nova_url             = 'http://127.0.0.1:8774/v2',
+  $floating_range         = false,
+  $network_manager        = 'nova.network.manager.FlatDHCPManager',
+  $network_config         = {},
+  $create_networks        = true,
+  $num_networks           = 1,
+  $network_size           = 255,
+  $nameservers            = undef,
+  $enable_nova_net        = false,
+  $integration_bridge     = undef, #'br-int'
+  $nova_neutron           = false, #Enable to run nova::network::neutron, usefull for computes and controllers, but not routers
+  $nova_admin_username    = 'nova',
+  $nova_admin_tenant_name = 'services',
+  $nova_admin_password    = 'secret',
+  $nova_url               = 'http://127.0.0.1:8774/v2',
 
   # Neutron
   $neutron_server   = false,
@@ -203,8 +205,8 @@ class openstack::network (
         class { 'neutron::server::notifications':
           nova_url                => $nova_url,
           nova_admin_auth_url     => $auth_url,
-          nova_admin_username     => 'nova', # Default
-          nova_admin_tenant_name  => 'services', # Default
+          nova_admin_username     => $nova_admin_username,
+          nova_admin_tenant_name  => $nova_admin_tenant_name,
           nova_admin_password     => $nova_admin_password,
         }
 

deployment/puppet/osnailyfacter/modular/globals/globals.pp

@@ -105,7 +105,7 @@ $storage_netmask               = get_network_role_property('storage', 'netmask')
 
 if $use_neutron {
   $novanetwork_params            = {}
-  $neutron_config                = hiera('quantum_settings')
+  $neutron_config                = hiera_hash('quantum_settings')
   $network_provider              = 'neutron'
   $neutron_db_password           = $neutron_config['database']['passwd']
   $neutron_user_password         = $neutron_config['keystone']['admin_password']

deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute.pp

@@ -1,9 +1,10 @@
 notice('MODULAR: openstack-network-compute.pp')
 
 $use_neutron                    = hiera('use_neutron', false)
-$nova_hash                      = hiera('nova', {})
+$nova_hash                      = hiera_hash('nova', {})
 $internal_address               = hiera('internal_address')
-$service_endpoint               = hiera('management_vip')
+$management_vip                 = hiera('management_vip')
+$service_endpoint               = hiera('service_endpoint', $management_vip)
 $public_int                     = hiera('public_int', undef)
 $auto_assign_floating_ip        = hiera('auto_assign_floating_ip', false)
 $controllers                    = hiera('controllers')
@@ -11,17 +12,22 @@ $controller_internal_addresses  = nodes_to_hash($controllers,'name','internal_ad
 $controller_nodes               = ipsort(values($controller_internal_addresses))
 $rabbit_hash                    = hiera('rabbit_hash', {})
 $network_scheme                 = hiera('network_scheme', {})
+$keystone_endpoint              = hiera('keystone_endpoint', $service_endpoint)
+$neutron_endpoint               = hiera('neutron_endpoint', $service_endpoint)
 
 $floating_hash = {}
 
 # amqp settings
-if $internal_address in $controller_nodes {
+if hiera('amqp_nodes', false) {
+  $amqp_nodes = hiera('amqp_nodes')
+}
+elsif $internal_address in $controller_nodes {
   # prefer local MQ broker if it exists on this node
   $amqp_nodes = concat(['127.0.0.1'], fqdn_rotate(delete($controller_nodes, $internal_address)))
 } else {
   $amqp_nodes = fqdn_rotate($controller_nodes)
 }
-$amqp_port = '5673'
+$amqp_port = hiera('amqp_port', '5673')
 $amqp_hosts = inline_template("<%= @amqp_nodes.map {|x| x + ':' + @amqp_port}.join ',' %>")
 
 class { 'l23network' :
@@ -31,11 +37,13 @@ class { 'l23network' :
 if $use_neutron {
   $network_provider      = 'neutron'
   $novanetwork_params    = {}
-  $neutron_config        = hiera('quantum_settings')
-  $neutron_db_password   = $neutron_config['database']['passwd']
-  $neutron_user_password = $neutron_config['keystone']['admin_password']
+  $neutron_config        = hiera_hash('quantum_settings')
   $neutron_metadata_proxy_secret = $neutron_config['metadata']['metadata_proxy_shared_secret']
   $base_mac              = $neutron_config['L2']['base_mac']
+  # Neutron Keystone settings
+  $neutron_user_password = $neutron_config['keystone']['admin_password']
+  $keystone_user         = pick($neutron_config['keystone']['admin_user'], 'neutron')
+  $keystone_tenant       = pick($neutron_config['keystone']['admin_tenant'], 'services')
 } else {
   $network_provider   = 'nova'
   $floating_ips_range = hiera('floating_network_range')
@@ -105,7 +113,7 @@ if $network_provider == 'nova' {
       admin_password       => $nova_hash[user_password],
       enabled_apis         => $enabled_apis,
       api_bind_address     => $internal_address,
-      auth_host            => $service_endpoint,
+      auth_host            => $keystone_endpoint,
       ratelimits           => hiera('nova_rate_limits'),
       # NOTE(bogdando) 1 api worker for compute node is enough
       osapi_compute_workers => 1,
@@ -349,9 +357,11 @@ class { 'openstack::network':
   amqp_password  => $rabbit_hash['password'],
 
   # keystone
-  admin_password => $neutron_user_password,
-  auth_url       => "http://${service_endpoint}:35357/v2.0",
-  neutron_url    => "http://${service_endpoint}:9696",
+  admin_password    => $neutron_user_password,
+  auth_url          => "http://${keystone_endpoint}:35357/v2.0",
+  neutron_url       => "http://${neutron_endpoint}:9696",
+  admin_tenant_name => $keystone_tenant,
+  admin_username    => $keystone_user,
 
   # metadata
   shared_secret  => undef,

deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller.pp

@@ -8,26 +8,28 @@ $controller_internal_addresses  = nodes_to_hash($controllers,'name','internal_ad
 $controller_nodes               = ipsort(values($controller_internal_addresses))
 $rabbit_hash                    = hiera('rabbit_hash', {})
 $internal_address               = hiera('internal_address')
-$service_endpoint               = hiera('management_vip')
-$nova_hash                      = hiera('nova', {})
+$management_vip                 = hiera('management_vip')
+$service_endpoint               = hiera('service_endpoint', $management_vip)
+$nova_hash                      = hiera_hash('nova', {})
 $ceilometer_hash                = hiera('ceilometer',{})
 $network_scheme                 = hiera('network_scheme', {})
+$nova_endpoint                  = hiera('nova_endpoint', $service_endpoint)
+$keystone_endpoint              = hiera('keystone_endpoint', $service_endpoint)
+$neutron_endpoint               = hiera('neutron_endpoint', $service_endpoint)
 
 $floating_hash = {}
 
-# Neutron DB settings
-$neutron_db_user = 'neutron'
-$neutron_db_dbname = 'neutron'
-$db_host = hiera('management_vip')
-
 # amqp settings
-if $internal_address in $controller_nodes {
+if hiera('amqp_nodes', false) {
+  $amqp_nodes = hiera('amqp_nodes')
+}
+elsif $internal_address in $controller_nodes {
   # prefer local MQ broker if it exists on this node
   $amqp_nodes = concat(['127.0.0.1'], fqdn_rotate(delete($controller_nodes, $internal_address)))
 } else {
   $amqp_nodes = fqdn_rotate($controller_nodes)
 }
-$amqp_port = '5673'
+$amqp_port = hiera('amqp_port', '5673')
 $amqp_hosts = inline_template("<%= @amqp_nodes.map {|x| x + ':' + @amqp_port}.join ',' %>")
 
 class { 'l23network' :
@@ -37,10 +39,17 @@ class { 'l23network' :
 if $use_neutron {
   $network_provider      = 'neutron'
   $novanetwork_params    = {}
-  $neutron_config        = hiera('quantum_settings')
-  $neutron_db_password   = $neutron_config['database']['passwd']
-  $neutron_user_password = $neutron_config['keystone']['admin_password']
+  $neutron_config        = hiera_hash('quantum_settings')
   $neutron_metadata_proxy_secret = $neutron_config['metadata']['metadata_proxy_shared_secret']
+  # Neutron Keystone settings
+  $neutron_user_password = $neutron_config['keystone']['admin_password']
+  $keystone_user         = pick($neutron_config['keystone']['admin_user'], 'neutron')
+  $keystone_tenant       = pick($neutron_config['keystone']['admin_tenant'], 'services')
+  # Neutron DB settings
+  $neutron_db_password   = $neutron_config['database']['passwd']
+  $neutron_db_user       = pick($neutron_config['database']['user'], 'neutron')
+  $neutron_db_name       = pick($neutron_config['database']['name'], 'neutron')
+  $neutron_db_host       = pick($neutron_config['database']['host'], $management_vip)
   $base_mac              = $neutron_config['L2']['base_mac']
 } else {
   $network_provider   = 'nova'
@@ -61,7 +70,7 @@ $openstack_version = {
 }
 
 if $network_provider == 'neutron' {
-  $neutron_db_uri = "mysql://${neutron_db_user}:${neutron_db_password}@${db_host}/${neutron_db_dbname}?&read_timeout=60"
+  $neutron_db_uri = "mysql://${neutron_db_user}:${neutron_db_password}@${neutron_db_host}/${neutron_db_name}?&read_timeout=60"
   $neutron_server = true
 
   # We need to restart nova-api after making changes via nova_config
@@ -76,7 +85,7 @@ if $network_provider == 'neutron' {
   # FIXME(xarses) Nearly everything between here and the class
   # should be moved into osnaily or nailgun but will stay here
   # in the interum.
-  $neutron_settings = hiera('quantum_settings')
+  $neutron_settings = $neutron_config
   $nets = $neutron_settings['predefined_networks']
 
   if $primary_controller {
@@ -206,7 +215,10 @@ if $network_provider == 'neutron' {
 class { 'openstack::network':
   network_provider    => $network_provider,
   agents              => [$agent, 'metadata', 'dhcp', 'l3'],
-  ha_agents           => $primary_controller ? {true => 'primary', default  => 'slave'},
+  ha_agents           => $neutron_config['ha_agents'] ? {
+    default => $neutron_config['ha_agents'],
+    undef   => $primary_controller ? {true => 'primary', default  => 'slave'},
+  },
   verbose             => true,
   debug               => hiera('debug', true),
   use_syslog          => hiera('use_syslog', true),
@@ -235,30 +247,34 @@ class { 'openstack::network':
   amqp_password   => $rabbit_hash['password'],
 
   # keystone
-  admin_password  => $neutron_user_password,
-  auth_host       => $service_endpoint,
-  auth_url        => "http://${service_endpoint}:35357/v2.0",
-  neutron_url     => "http://${service_endpoint}:9696",
+  admin_password    => $neutron_user_password,
+  auth_host         => $keystone_endpoint,
+  auth_url          => "http://${keystone_endpoint}:35357/v2.0",
+  neutron_url       => "http://${neutron_endpoint}:9696",
+  admin_tenant_name => $keystone_tenant,
+  admin_username    => $keystone_user,
 
   # Ceilometer notifications
   ceilometer => $ceilometer_hash['enabled'],
 
   #metadata
   shared_secret   => $neutron_metadata_proxy_secret,
-  metadata_ip     => $service_endpoint,
+  metadata_ip     => $nova_endpoint,
 
   #nova settings
-  private_interface   => $use_neutron ? { true=>false, default=>hiera('private_int', undef)},
-  public_interface    => hiera('public_int', undef),
-  fixed_range         => $use_neutron ? { true =>false, default =>hiera('fixed_network_range', undef)},
-  floating_range      => $use_neutron ? { true =>$floating_hash, default  =>false},
-  network_manager     => hiera('network_manager', undef),
-  network_config      => hiera('network_config', {}),
-  create_networks     => $primary_controller,
-  num_networks        => hiera('num_networks', undef),
-  network_size        => hiera('network_size', undef),
-  nameservers         => hiera('dns_nameservers', undef),
-  enable_nova_net     => false,  # just setup networks, but don't start nova-network service on controllers
-  nova_admin_password => $nova_hash[user_password],
-  nova_url            => "http://${service_endpoint}:8774/v2",
+  private_interface      => $use_neutron ? { true=>false, default=>hiera('private_int', undef)},
+  public_interface       => hiera('public_int', undef),
+  fixed_range            => $use_neutron ? { true =>false, default =>hiera('fixed_network_range', undef)},
+  floating_range         => $use_neutron ? { true =>$floating_hash, default  =>false},
+  network_manager        => hiera('network_manager', undef),
+  network_config         => hiera('network_config', {}),
+  create_networks        => $primary_controller,
+  num_networks           => hiera('num_networks', undef),
+  network_size           => hiera('network_size', undef),
+  nameservers            => hiera('dns_nameservers', undef),
+  enable_nova_net        => false,  # just setup networks, but don't start nova-network service on controllers
+  nova_admin_username    => $nova_hash['user'],
+  nova_admin_tenant_name => $nova_hash['tenant'],
+  nova_admin_password    => $nova_hash['user_password'],
+  nova_url               => "http://${nova_endpoint}:8774/v2",
 }