diff --git a/deployment/puppet/openstack/manifests/network.pp b/deployment/puppet/openstack/manifests/network.pp index 055a8bf4da..8d32de3b24 100644 --- a/deployment/puppet/openstack/manifests/network.pp +++ b/deployment/puppet/openstack/manifests/network.pp @@ -71,18 +71,20 @@ class openstack::network ( $private_interface, $public_interface, $fixed_range, - $floating_range = false, - $network_manager = 'nova.network.manager.FlatDHCPManager', - $network_config = {}, - $create_networks = true, - $num_networks = 1, - $network_size = 255, - $nameservers = undef, - $enable_nova_net = false, - $integration_bridge = undef, #'br-int' - $nova_neutron = false, #Enable to run nova::network::neutron, usefull for computes and controllers, but not routers - $nova_admin_password = 'secret', - $nova_url = 'http://127.0.0.1:8774/v2', + $floating_range = false, + $network_manager = 'nova.network.manager.FlatDHCPManager', + $network_config = {}, + $create_networks = true, + $num_networks = 1, + $network_size = 255, + $nameservers = undef, + $enable_nova_net = false, + $integration_bridge = undef, #'br-int' + $nova_neutron = false, #Enable to run nova::network::neutron, usefull for computes and controllers, but not routers + $nova_admin_username = 'nova', + $nova_admin_tenant_name = 'services', + $nova_admin_password = 'secret', + $nova_url = 'http://127.0.0.1:8774/v2', # Neutron $neutron_server = false, @@ -203,8 +205,8 @@ class openstack::network ( class { 'neutron::server::notifications': nova_url => $nova_url, nova_admin_auth_url => $auth_url, - nova_admin_username => 'nova', # Default - nova_admin_tenant_name => 'services', # Default + nova_admin_username => $nova_admin_username, + nova_admin_tenant_name => $nova_admin_tenant_name, nova_admin_password => $nova_admin_password, } diff --git a/deployment/puppet/osnailyfacter/modular/globals/globals.pp b/deployment/puppet/osnailyfacter/modular/globals/globals.pp index a98fc0ee51..d5c2883377 100644 --- a/deployment/puppet/osnailyfacter/modular/globals/globals.pp +++ b/deployment/puppet/osnailyfacter/modular/globals/globals.pp @@ -105,7 +105,7 @@ $storage_netmask = get_network_role_property('storage', 'netmask') if $use_neutron { $novanetwork_params = {} - $neutron_config = hiera('quantum_settings') + $neutron_config = hiera_hash('quantum_settings') $network_provider = 'neutron' $neutron_db_password = $neutron_config['database']['passwd'] $neutron_user_password = $neutron_config['keystone']['admin_password'] diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute.pp index 07f1594ee5..399741b1fe 100644 --- a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute.pp +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute.pp @@ -1,9 +1,10 @@ notice('MODULAR: openstack-network-compute.pp') $use_neutron = hiera('use_neutron', false) -$nova_hash = hiera('nova', {}) +$nova_hash = hiera_hash('nova', {}) $internal_address = hiera('internal_address') -$service_endpoint = hiera('management_vip') +$management_vip = hiera('management_vip') +$service_endpoint = hiera('service_endpoint', $management_vip) $public_int = hiera('public_int', undef) $auto_assign_floating_ip = hiera('auto_assign_floating_ip', false) $controllers = hiera('controllers') @@ -11,17 +12,22 @@ $controller_internal_addresses = nodes_to_hash($controllers,'name','internal_ad $controller_nodes = ipsort(values($controller_internal_addresses)) $rabbit_hash = hiera('rabbit_hash', {}) $network_scheme = hiera('network_scheme', {}) +$keystone_endpoint = hiera('keystone_endpoint', $service_endpoint) +$neutron_endpoint = hiera('neutron_endpoint', $service_endpoint) $floating_hash = {} # amqp settings -if $internal_address in $controller_nodes { +if hiera('amqp_nodes', false) { + $amqp_nodes = hiera('amqp_nodes') +} +elsif $internal_address in $controller_nodes { # prefer local MQ broker if it exists on this node $amqp_nodes = concat(['127.0.0.1'], fqdn_rotate(delete($controller_nodes, $internal_address))) } else { $amqp_nodes = fqdn_rotate($controller_nodes) } -$amqp_port = '5673' +$amqp_port = hiera('amqp_port', '5673') $amqp_hosts = inline_template("<%= @amqp_nodes.map {|x| x + ':' + @amqp_port}.join ',' %>") class { 'l23network' : @@ -31,11 +37,13 @@ class { 'l23network' : if $use_neutron { $network_provider = 'neutron' $novanetwork_params = {} - $neutron_config = hiera('quantum_settings') - $neutron_db_password = $neutron_config['database']['passwd'] - $neutron_user_password = $neutron_config['keystone']['admin_password'] + $neutron_config = hiera_hash('quantum_settings') $neutron_metadata_proxy_secret = $neutron_config['metadata']['metadata_proxy_shared_secret'] $base_mac = $neutron_config['L2']['base_mac'] + # Neutron Keystone settings + $neutron_user_password = $neutron_config['keystone']['admin_password'] + $keystone_user = pick($neutron_config['keystone']['admin_user'], 'neutron') + $keystone_tenant = pick($neutron_config['keystone']['admin_tenant'], 'services') } else { $network_provider = 'nova' $floating_ips_range = hiera('floating_network_range') @@ -105,7 +113,7 @@ if $network_provider == 'nova' { admin_password => $nova_hash[user_password], enabled_apis => $enabled_apis, api_bind_address => $internal_address, - auth_host => $service_endpoint, + auth_host => $keystone_endpoint, ratelimits => hiera('nova_rate_limits'), # NOTE(bogdando) 1 api worker for compute node is enough osapi_compute_workers => 1, @@ -349,9 +357,11 @@ class { 'openstack::network': amqp_password => $rabbit_hash['password'], # keystone - admin_password => $neutron_user_password, - auth_url => "http://${service_endpoint}:35357/v2.0", - neutron_url => "http://${service_endpoint}:9696", + admin_password => $neutron_user_password, + auth_url => "http://${keystone_endpoint}:35357/v2.0", + neutron_url => "http://${neutron_endpoint}:9696", + admin_tenant_name => $keystone_tenant, + admin_username => $keystone_user, # metadata shared_secret => undef, diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller.pp index 2a261d5f16..a3245dc963 100644 --- a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller.pp +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller.pp @@ -8,26 +8,28 @@ $controller_internal_addresses = nodes_to_hash($controllers,'name','internal_ad $controller_nodes = ipsort(values($controller_internal_addresses)) $rabbit_hash = hiera('rabbit_hash', {}) $internal_address = hiera('internal_address') -$service_endpoint = hiera('management_vip') -$nova_hash = hiera('nova', {}) +$management_vip = hiera('management_vip') +$service_endpoint = hiera('service_endpoint', $management_vip) +$nova_hash = hiera_hash('nova', {}) $ceilometer_hash = hiera('ceilometer',{}) $network_scheme = hiera('network_scheme', {}) +$nova_endpoint = hiera('nova_endpoint', $service_endpoint) +$keystone_endpoint = hiera('keystone_endpoint', $service_endpoint) +$neutron_endpoint = hiera('neutron_endpoint', $service_endpoint) $floating_hash = {} -# Neutron DB settings -$neutron_db_user = 'neutron' -$neutron_db_dbname = 'neutron' -$db_host = hiera('management_vip') - # amqp settings -if $internal_address in $controller_nodes { +if hiera('amqp_nodes', false) { + $amqp_nodes = hiera('amqp_nodes') +} +elsif $internal_address in $controller_nodes { # prefer local MQ broker if it exists on this node $amqp_nodes = concat(['127.0.0.1'], fqdn_rotate(delete($controller_nodes, $internal_address))) } else { $amqp_nodes = fqdn_rotate($controller_nodes) } -$amqp_port = '5673' +$amqp_port = hiera('amqp_port', '5673') $amqp_hosts = inline_template("<%= @amqp_nodes.map {|x| x + ':' + @amqp_port}.join ',' %>") class { 'l23network' : @@ -37,10 +39,17 @@ class { 'l23network' : if $use_neutron { $network_provider = 'neutron' $novanetwork_params = {} - $neutron_config = hiera('quantum_settings') - $neutron_db_password = $neutron_config['database']['passwd'] - $neutron_user_password = $neutron_config['keystone']['admin_password'] + $neutron_config = hiera_hash('quantum_settings') $neutron_metadata_proxy_secret = $neutron_config['metadata']['metadata_proxy_shared_secret'] + # Neutron Keystone settings + $neutron_user_password = $neutron_config['keystone']['admin_password'] + $keystone_user = pick($neutron_config['keystone']['admin_user'], 'neutron') + $keystone_tenant = pick($neutron_config['keystone']['admin_tenant'], 'services') + # Neutron DB settings + $neutron_db_password = $neutron_config['database']['passwd'] + $neutron_db_user = pick($neutron_config['database']['user'], 'neutron') + $neutron_db_name = pick($neutron_config['database']['name'], 'neutron') + $neutron_db_host = pick($neutron_config['database']['host'], $management_vip) $base_mac = $neutron_config['L2']['base_mac'] } else { $network_provider = 'nova' @@ -61,7 +70,7 @@ $openstack_version = { } if $network_provider == 'neutron' { - $neutron_db_uri = "mysql://${neutron_db_user}:${neutron_db_password}@${db_host}/${neutron_db_dbname}?&read_timeout=60" + $neutron_db_uri = "mysql://${neutron_db_user}:${neutron_db_password}@${neutron_db_host}/${neutron_db_name}?&read_timeout=60" $neutron_server = true # We need to restart nova-api after making changes via nova_config @@ -76,7 +85,7 @@ if $network_provider == 'neutron' { # FIXME(xarses) Nearly everything between here and the class # should be moved into osnaily or nailgun but will stay here # in the interum. - $neutron_settings = hiera('quantum_settings') + $neutron_settings = $neutron_config $nets = $neutron_settings['predefined_networks'] if $primary_controller { @@ -206,7 +215,10 @@ if $network_provider == 'neutron' { class { 'openstack::network': network_provider => $network_provider, agents => [$agent, 'metadata', 'dhcp', 'l3'], - ha_agents => $primary_controller ? {true => 'primary', default => 'slave'}, + ha_agents => $neutron_config['ha_agents'] ? { + default => $neutron_config['ha_agents'], + undef => $primary_controller ? {true => 'primary', default => 'slave'}, + }, verbose => true, debug => hiera('debug', true), use_syslog => hiera('use_syslog', true), @@ -235,30 +247,34 @@ class { 'openstack::network': amqp_password => $rabbit_hash['password'], # keystone - admin_password => $neutron_user_password, - auth_host => $service_endpoint, - auth_url => "http://${service_endpoint}:35357/v2.0", - neutron_url => "http://${service_endpoint}:9696", + admin_password => $neutron_user_password, + auth_host => $keystone_endpoint, + auth_url => "http://${keystone_endpoint}:35357/v2.0", + neutron_url => "http://${neutron_endpoint}:9696", + admin_tenant_name => $keystone_tenant, + admin_username => $keystone_user, # Ceilometer notifications ceilometer => $ceilometer_hash['enabled'], #metadata shared_secret => $neutron_metadata_proxy_secret, - metadata_ip => $service_endpoint, + metadata_ip => $nova_endpoint, #nova settings - private_interface => $use_neutron ? { true=>false, default=>hiera('private_int', undef)}, - public_interface => hiera('public_int', undef), - fixed_range => $use_neutron ? { true =>false, default =>hiera('fixed_network_range', undef)}, - floating_range => $use_neutron ? { true =>$floating_hash, default =>false}, - network_manager => hiera('network_manager', undef), - network_config => hiera('network_config', {}), - create_networks => $primary_controller, - num_networks => hiera('num_networks', undef), - network_size => hiera('network_size', undef), - nameservers => hiera('dns_nameservers', undef), - enable_nova_net => false, # just setup networks, but don't start nova-network service on controllers - nova_admin_password => $nova_hash[user_password], - nova_url => "http://${service_endpoint}:8774/v2", + private_interface => $use_neutron ? { true=>false, default=>hiera('private_int', undef)}, + public_interface => hiera('public_int', undef), + fixed_range => $use_neutron ? { true =>false, default =>hiera('fixed_network_range', undef)}, + floating_range => $use_neutron ? { true =>$floating_hash, default =>false}, + network_manager => hiera('network_manager', undef), + network_config => hiera('network_config', {}), + create_networks => $primary_controller, + num_networks => hiera('num_networks', undef), + network_size => hiera('network_size', undef), + nameservers => hiera('dns_nameservers', undef), + enable_nova_net => false, # just setup networks, but don't start nova-network service on controllers + nova_admin_username => $nova_hash['user'], + nova_admin_tenant_name => $nova_hash['tenant'], + nova_admin_password => $nova_hash['user_password'], + nova_url => "http://${nova_endpoint}:8774/v2", }