openstack/fuel-library
Code Issues Proposed changes

Sync Neutron module with upstream

Browse Source 
master commit eb496c6bbef4afcd55b2f72edbe624d32bc404d2

Fuel-CI: disable
Change-Id: I69b9a8bbb3380ccda27932b72b6320178408b466
This commit is contained in:
Sergey Kolekonov 2015-06-09 15:16:58 +03:00
parent fa5366b7a1
commit 7ace4d2b53
109 changed files with 3972 additions and 2481 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
deployment/puppet/neutron/.fixtures.yml
View File

@ -1,13 +1,16 @@
fixtures:
repositories:
"stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git"
"inifile": "git://github.com/puppetlabs/puppetlabs-inifile"
"keystone": "git://github.com/stackforge/puppet-keystone.git"
"mysql":
repo: "git://github.com/puppetlabs/puppetlabs-mysql.git"
ref: 'origin/0.x'
"nova": "git://github.com/stackforge/puppet-nova.git"
"vswitch": "git://github.com/stackforge/puppet-vswitch"
'concat':
'repo': 'git://github.com/puppetlabs/puppetlabs-concat.git'
'ref': '1.2.1'
'stdlib': 'git://github.com/puppetlabs/puppetlabs-stdlib.git'
'inifile': 'git://github.com/puppetlabs/puppetlabs-inifile'
'keystone': 'git://github.com/stackforge/puppet-keystone.git'
'mysql': 'git://github.com/puppetlabs/puppetlabs-mysql.git'
'nova': 'git://github.com/stackforge/puppet-nova.git'
'openstacklib': 'git://github.com/stackforge/puppet-openstacklib.git'
'postgresql': 'git://github.com/puppetlabs/puppet-postgresql.git'
'vswitch': 'git://github.com/stackforge/puppet-vswitch'
'sysctl': 'git://github.com/duritong/puppet-sysctl.git'
symlinks:
"neutron": "#{source_dir}"

31
deployment/puppet/neutron/Gemfile
View File

@ -1,12 +1,29 @@
source 'https://rubygems.org'
source ENV['GEM_SOURCE'] || "https://rubygems.org"
group :development, :test do
gem 'puppetlabs_spec_helper', :require => false
gem 'puppet-lint', '~> 0.3.2'
gem 'rake', '10.1.1'
gem 'rspec', '< 2.99'
gem 'json'
gem 'webmock'
gem 'puppetlabs_spec_helper', :require => 'false'
gem 'rspec-puppet', '~> 2.2.0', :require => 'false'
gem 'metadata-json-lint', :require => 'false'
gem 'puppet-lint-param-docs', :require => 'false'
gem 'puppet-lint-absolute_classname-check', :require => 'false'
gem 'puppet-lint-absolute_template_path', :require => 'false'
gem 'puppet-lint-trailing_newline-check', :require => 'false'
gem 'puppet-lint-unquoted_string-check', :require => 'false'
gem 'puppet-lint-leading_zero-check', :require => 'false'
gem 'puppet-lint-variable_contains_upcase', :require => 'false'
gem 'puppet-lint-numericvariable', :require => 'false'
gem 'json', :require => 'false'
gem 'webmock', :require => 'false'
end
group :system_tests do
gem 'beaker-rspec', :require => 'false'
end
if facterversion = ENV['FACTER_GEM_VERSION']
gem 'facter', facterversion, :require => false
else
gem 'facter', :require => false
end
if puppetversion = ENV['PUPPET_GEM_VERSION']

16
deployment/puppet/neutron/Modulefile
View File

@ -1,16 +0,0 @@
name 'puppetlabs-neutron'
version '4.0.0'
author 'StackForge Contributors'
license 'Apache License 2.0'
summary 'Puppet module for OpenStack Neutron'
description 'Installs and configures OpenStack Neutron (Networking).'
project_page 'https://launchpad.net/puppet-neutron'
source 'https://github.com/stackforge/puppet-neutron'
dependency 'puppetlabs/inifile', '>=1.0.0 <2.0.0'
dependency 'puppetlabs/keystone', '>=4.0.0 <5.0.0'
dependency 'puppetlabs/nova', '>=4.0.0 <5.0.0'
dependency 'puppetlabs/stdlib', '>=4.0.0 <5.0.0'
dependency 'puppetlabs/vswitch', '>=0.2.0 <1.0.0'
dependency 'duritong/sysctl', '>=0.0.1 <1.0.0'
dependency 'stackforge/openstacklib', '>=5.0.0'

124
deployment/puppet/neutron/README.md
View File

@ -1,7 +1,7 @@
neutron
===================================
4.0.0 - 2014.1.0 - Icehouse
5.1.0 - 2014.2 - Juno
#### Table of Contents
@ -17,7 +17,7 @@ neutron
Overview
--------
The neutron module is a part of [Stackforge](https://github.com/stackforge), an effort by the Openstack infrastructure team to provide continuous integration testing and code review for Openstack and Openstack community projects not part of the core software. The module itself is used to flexibly configure and manage the newtork service for Openstack.
The neutron module is a part of [Stackforge](https://github.com/stackforge), an effort by the Openstack infrastructure team to provide continuous integration testing and code review for Openstack and Openstack community projects not part of the core software. The module itself is used to flexibly configure and manage the network service for Openstack.
Module Description
------------------
@ -60,10 +60,13 @@ class { 'neutron::server':
sql_connection => 'mysql://neutron:neutron_sql_secret@127.0.0.1/neutron?charset=utf8',
}
# enable the Open VSwitch plugin server
class { 'neutron::plugins::ovs':
tenant_network_type => 'gre',
network_vlan_ranges => 'physnet:1000:2000',
# ml2 plugin with vxlan as ml2 driver and ovs as mechanism driver
class { '::neutron::plugins::ml2':
type_drivers => ['vxlan'],
tenant_network_types => ['vxlan'],
vxlan_group => '239.1.1.1',
mechanism_drivers => ['openvswitch'],
vni_ranges => ['0:300']
}
```
@ -98,9 +101,11 @@ Limitations
This module supports the following neutron plugins:
* Open vSwitch
* linuxbridge
* cisco-neutron
* Open vSwitch with ML2
* linuxbridge with ML2
* cisco-neutron with and without ML2
* NVP
* PLUMgrid
The following platforms are supported:
@ -109,6 +114,18 @@ The following platforms are supported:
* RHEL 6
* Fedora 18
Beaker-Rspec
------------
This module has beaker-rspec tests
To run:
```shell
bundle install
bundle exec rspec spec/acceptance
```
Development
-----------
@ -123,6 +140,95 @@ The github [contributor graph](https://github.com/stackforge/puppet-neutron/grap
Release Notes
-------------
**5.1.0**
* Fix l3_ha enablement
* spec: pin rspec-puppet to 1.0.1
* Switch to TLSv1
* Support SR-IOV mechanism driver in ML2
* Implement better nova_admin_tenant_id_setter exists? method
* OVS Agent with ML2: fix symlink on RH plateforms
* Adding portdb and fastpath_flood to n1kv.conf
* Make cisco plugin symlink coherent
* Fix status messages checks for neutron provider
* Make neutron_plugin_ml2 before db-sync
* Pin puppetlabs-concat to 1.2.1 in fixtures
* change default MySQL collate to utf8_general_ci
* Fix neutron file_line dependency
* Corrects "ip link set" command
* Adding vxlan network type support for neutron ML2 plug-in
* Raise puppet error, if nova-api unavailable
* Do not run neutron-ovs-cleanup for each Puppet run
* Unescape value in parse_allocation_pool
* Fix neutron_network for --router:external setting
* Add MidoNet plugin support
* Allow l3_ha to be turned back off after it has been enabled
* Update .gitreview file for project rename
* Fix support for auth_uri setting in neutron provider
* Reduce neutron API timeout to 10 seconds
**5.0.0**
* Stable Juno release
* Added neutron::policy to control policy.json
* Added parameter allow_automatic_l3agent_failover to neutron::agents::l3
* Added parameter metadata_memory_cache_ttl to neutron::agents::metadata
* Added l3_ext as a provider_network_type property for neutron_network type
* Changed user_group parameter in neutron::agents::lbaas to have different defaults depending on operating system
* Changed openswan package to libreswan for RHEL 7 for vpnaas
* Ensured neutron package was installed before nova_admin_tenant_id_setter is called
* Added api_extensions_path parameter to neutron class
* Added database tuning parameters
* Changed management of file lines in /etc/default/neutron-server only for Ubuntu
* Add parameters to enable DVR and HA support in neutron::agents::l3 for Juno
* Fixed meaning of manage_service parameter in neutron::agents::ovs
* Made keystone user creation optional when creating a service
* Fixed the enable_dhcp property of neutron_subnet
* Added the ability to override the keystone service name in neutron::keystone::auth
* Fixed bug in parsing allocation pools in neutron_subnet type
* Added relationship to refresh neutron-server when nova_admin_tenant_id_setter changes
* Migrated the neutron::db::mysql class to use openstacklib::db::mysql and deprecated the mysql_module parameter
* Fixed the relationship between the HA proxy package and the neutron-lbaas-agent package
* Added kombu_reconnect_delay parameter to neutron class
* Fixed plugin.ini error when cisco class is used
* Fixed relationship between vs_pridge types and the neutron-plugin-ovs service
* Added neutron::agents::n1kv_vem to deploy N1KV VEM
* Added SSL support for nova_admin_tenant_id_setter
* Fixed relationship between neutron-server package and neutron_plugin_ml2 types
* Stopped puppet from trying to manage the ovs cleanup service
* Deprecated the network_device_mtu parameter in neutron::agents::l3 and moved it to the neutron class
* Added vpnaas_agent_package parameter to neutron::services::fwaas to install the vpnaas agent package
**4.3.0**
* Added parameter to specify number of RPC workers to spawn
* Added ability to manage Neutron ML2 plugin
* Fixed ssl parameter requirements when using kombu and rabbit
* Added ability to hide secret neutron configs from logs and fixed password leaking
* Added neutron plugin config file specification in neutron-server config
* Fixed installation of ML2 plugin on Ubuntu
* Added support for Cisco ML2 Mech Driver
* Fixed quotas parameters in neutron config
* Added parameter to configure dhcp_agent_notification in neutron config
* Added class for linuxbridge support
* Fixed neutron-server restart
* Undeprecated enable_security_group parameter
**4.2.0**
* Added ml2/ovs support.
* Added multi-region support.
* Set default metadata backlog to 4096.
* Fixed neutron-server refresh bug.
**4.1.0**
* Added parameter to set veth MTU.
* Added RabbitMQ SSL support.
* Added support for '' as a valid value for gateway_ip.
* Fixed potential OVS resource duplication.
* Pinned major gems.
**4.0.0**
* Stable Icehouse release.

21
deployment/puppet/neutron/Rakefile
View File

@ -1,6 +1,21 @@
require 'puppetlabs_spec_helper/rake_tasks'
require 'puppet-lint/tasks/puppet-lint'
require 'puppet-syntax/tasks/puppet-syntax'
PuppetLint.configuration.fail_on_warnings = true
PuppetLint.configuration.send('disable_80chars')
PuppetLint.configuration.send('disable_class_parameter_defaults')
PuppetSyntax.exclude_paths ||= []
PuppetSyntax.exclude_paths << "spec/fixtures/**/*"
PuppetSyntax.exclude_paths << "pkg/**/*"
PuppetSyntax.exclude_paths << "vendor/**/*"
Rake::Task[:lint].clear
PuppetLint::RakeTask.new :lint do |config|
config.ignore_paths = ["spec/**/*.pp", "vendor/**/*.pp"]
config.fail_on_warnings = true
config.log_format = '%{path}:%{linenumber}:%{KIND}: %{message}'
config.disable_checks = ["80chars", "class_inherits_from_params_class", "class_parameter_defaults", "parameter_documentation"]
end
desc "Run acceptance tests"
RSpec::Core::RakeTask.new(:acceptance) do |t|
t.pattern = 'spec/acceptance'
end

4
deployment/puppet/neutron/examples/base_provision.pp
View File

@ -30,8 +30,8 @@ keystone_tenant { 'demo':
}
neutron_network { 'private':
ensure => present,
tenant_name => 'demo',
ensure => present,
tenant_name => 'demo',
}
neutron_subnet { 'private_subnet':

48
deployment/puppet/neutron/examples/neutron.pp
View File

@ -2,7 +2,7 @@
# General Neutron stuff
# Configures everything in neutron.conf
class { 'neutron':
class { '::neutron':
verbose => true,
allow_overlapping_ips => true,
rabbit_password => 'password',
@ -12,49 +12,44 @@ class { 'neutron':
}
# The API server talks to keystone for authorisation
class { 'neutron::server':
class { '::neutron::server':
keystone_password => 'password',
connection => 'mysql://neutron:password@192.168.1.1/neutron',
}
# Configure nova notifications system
class { 'neutron::server::notifications':
nova_admin_tenant_name => 'admin',
nova_admin_password => 'secrete',
class { '::neutron::server::notifications':
nova_admin_tenant_name => 'admin',
nova_admin_password => 'secrete',
}
# Various agents
class { 'neutron::agents::dhcp': }
class { 'neutron::agents::l3': }
class { 'neutron::agents::lbaas': }
class { 'neutron::agents::vpnaas': }
class { 'neutron::agents::metering': }
class { '::neutron::agents::dhcp': }
class { '::neutron::agents::l3': }
class { '::neutron::agents::lbaas': }
class { '::neutron::agents::vpnaas': }
class { '::neutron::agents::metering': }
# This plugin configures Neutron for OVS on the server
# Agent
class { 'neutron::agents::ovs':
class { '::neutron::agents::ml2::ovs':
local_ip => '192.168.1.1',
enable_tunneling => true,
}
# Plugin
class { 'neutron::plugins::ovs':
tenant_network_type => 'gre',
}
# ml2 plugin with vxlan as ml2 driver and ovs as mechanism driver
class { 'neutron::plugins::ml2':
type_drivers => ['vxlan'],
tenant_network_types => ['vxlan'],
vxlan_group => '239.1.1.1',
mechanism_drivers => ['openvswitch'],
vni_ranges => ['0:300']
class { '::neutron::plugins::ml2':
type_drivers => ['vxlan'],
tenant_network_types => ['vxlan'],
vxlan_group => '239.1.1.1',
mechanism_drivers => ['openvswitch'],
vni_ranges => ['0:300']
}
### Compute Nodes:
# Generally, any machine with a neutron element running on it talks
# over Rabbit and needs to know if overlapping IPs (namespaces) are in use
class { 'neutron':
class { '::neutron':
allow_overlapping_ips => true,
rabbit_password => 'password',
rabbit_user => 'guest',
@ -63,12 +58,7 @@ class { 'neutron':
# The agent/plugin combo also needs installed on clients
# Agent
class { 'neutron::agents::ovs':
class { '::neutron::agents::ml2::ovs':
local_ip => '192.168.1.11',
enable_tunneling => true,
}
# Plugin
class { 'neutron::plugins::ovs':
tenant_network_type => 'gre',
}

8
deployment/puppet/neutron/examples/neutron_with_pacemaker.pp
View File

@ -22,25 +22,25 @@
#
# sudo pcs constraint colocation add neutron_server_service with neutron_vip
class { 'neutron':
class { '::neutron':
verbose => true,
allow_overlapping_ips => true,
service_plugins => [ 'dhcp', 'l3' ]
}
class { 'neutron::server':
class { '::neutron::server':
enabled => false,
manage_service => false,
keystone_password => 'password',
connection => 'mysql://neutron:password@192.168.1.1/neutron',
}
class { 'neutron::agents::dhcp':
class { '::neutron::agents::dhcp':
enabled => false,
manage_service => false,
}
class { 'neutron::agents::l3':
class { '::neutron::agents::l3':
enabled => false,
manage_service => false,
}

37
deployment/puppet/neutron/lib/puppet/provider/neutron.rb
View File

@ -26,13 +26,21 @@ class Puppet::Provider::Neutron < Puppet::Provider
end
def self.get_neutron_credentials
auth_keys = ['auth_host', 'auth_port', 'auth_protocol',
'admin_tenant_name', 'admin_user', 'admin_password']
auth_keys = ['admin_tenant_name', 'admin_user', 'admin_password']
deprecated_auth_url = ['auth_host', 'auth_port', 'auth_protocol']
conf = neutron_conf
if conf and conf['keystone_authtoken'] and
auth_keys.all?{|k| !conf['keystone_authtoken'][k].nil?}
auth_keys.all?{|k| !conf['keystone_authtoken'][k].nil?} and
( deprecated_auth_url.all?{|k| !conf['keystone_authtoken'][k].nil?} or
!conf['keystone_authtoken']['auth_uri'].nil? )
creds = Hash[ auth_keys.map \
{ |k| [k, conf['keystone_authtoken'][k].strip] } ]
if !conf['keystone_authtoken']['auth_uri'].nil?
creds['auth_uri'] = conf['keystone_authtoken']['auth_uri']
else
q = conf['keystone_authtoken']
creds['auth_uri'] = "#{q['auth_protocol']}://#{q['auth_host']}:#{q['auth_port']}/v2.0/"
end
if conf['DEFAULT'] and !conf['DEFAULT']['nova_region_name'].nil?
creds['nova_region_name'] = conf['DEFAULT']['nova_region_name']
end
@ -54,7 +62,11 @@ correctly configured.")
def self.get_auth_endpoint
q = neutron_credentials
"#{q['auth_protocol']}://#{q['auth_host']}:#{q['auth_port']}/v2.0/"
if q['auth_uri'].nil?
return "#{q['auth_protocol']}://#{q['auth_host']}:#{q['auth_port']}/v2.0/"
else
return "#{q['auth_uri']}".strip
end
end
def self.neutron_conf
@ -70,14 +82,13 @@ correctly configured.")
:OS_AUTH_URL => self.auth_endpoint,
:OS_USERNAME => q['admin_user'],
:OS_TENANT_NAME => q['admin_tenant_name'],
:OS_PASSWORD => q['admin_password'],
:OS_ENDPOINT_TYPE => 'internalURL'
:OS_PASSWORD => q['admin_password']
}
if q.key?('nova_region_name')
authenv[:OS_REGION_NAME] = q['nova_region_name']
end
rv = nil
timeout = 120
timeout = 10
end_time = Time.now.to_i + timeout
loop do
begin
@ -101,8 +112,7 @@ correctly configured.")
break
else
wait = end_time - current_time
Puppet::debug("Non-fatal error: \"#{e.message}\"")
notice("Neutron API not avalaible. Wait up to #{wait} sec.")
notice("Unable to complete neutron request due to non-fatal error: \"#{e.message}\". Retrying for #{wait} sec.")
end
sleep(2)
# Note(xarses): Don't remove, we know that there is one of the
@ -125,10 +135,8 @@ correctly configured.")
ids = []
list = auth_neutron("#{type}-list", '--format=csv',
'--column=id', '--quote=none')
# NOTE(bogdando) contribute change to upstream #1384101:
# raise Puppet exception, if resources list is empty
if list.nil?
raise(Puppet::ExecutionFailure, "Can't prefetch #{type}-list Neutron or Keystone API is not avalaible.")
raise(Puppet::ExecutionFailure, "Can't retrieve #{type}-list because Neutron or Keystone API is not available.")
end
(list.split("\n")[1..-1] || []).compact.collect do |line|
@ -140,11 +148,10 @@ correctly configured.")
def self.get_neutron_resource_attrs(type, id)
attrs = {}
net = auth_neutron("#{type}-show", '--format=shell', id)
# NOTE(bogdando) contribute change to upstream #1384101:
# raise Puppet exception, if list of resources' attributes is empty
if net.nil?
raise(Puppet::ExecutionFailure, "Can't prefetch #{type}-show Neutron or Keystone API is not avalaible.")
raise(Puppet::ExecutionFailure, "Can't retrieve #{type}-show because Neutron or Keystone API is not available.")
end
last_key = nil
(net.split("\n") || []).compact.collect do |line|
if line.include? '='

22
deployment/puppet/neutron/lib/puppet/provider/neutron_agent_linuxbridge/ini_setting.rb Normal file
View File

@ -0,0 +1,22 @@
Puppet::Type.type(:neutron_agent_linuxbridge).provide(
:ini_setting,
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
) do
def section
resource[:name].split('/', 2).first
end
def setting
resource[:name].split('/', 2).last
end
def separator
'='
end
def file_path
'/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini'
end
end

26
deployment/puppet/neutron/lib/puppet/provider/neutron_agent_ovs/ini_setting.rb Normal file
View File

@ -0,0 +1,26 @@
Puppet::Type.type(:neutron_agent_ovs).provide(
:ini_setting,
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
) do
def section
resource[:name].split('/', 2).first
end
def setting
resource[:name].split('/', 2).last
end
def separator
'='
end
def file_path
if Facter['operatingsystem'].value == 'Ubuntu'
'/etc/neutron/plugins/ml2/ml2_conf.ini'
else
'/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini'
end
end
end

2
deployment/puppet/neutron/lib/puppet/provider/neutron_l3_ovs_bridge/neutron.rb
View File

@ -42,7 +42,7 @@ Puppet::Type.type(:neutron_l3_ovs_bridge).provide(:neutron) do
def create
ip('addr', 'add', gateway_ip, 'dev', @resource[:name])
ip('link', 'set', @resource[:name], 'up')
ip('link', 'set', 'dev', @resource[:name], 'up')
@property_hash[:ensure] = :present
end

15
deployment/puppet/neutron/lib/puppet/provider/neutron_network/neutron.rb
View File

@ -12,7 +12,6 @@ Puppet::Type.type(:neutron_network).provide(
EOT
commands :neutron => 'neutron'
commands :keystone => 'keystone'
mk_resource_methods
@ -54,15 +53,13 @@ Puppet::Type.type(:neutron_network).provide(
def create
network_opts = Array.new
if @resource[:shared] =~ /true/i
if @resource[:shared]
network_opts << '--shared'
end
if @resource[:tenant_name]
tenant_id = self.class.get_tenant_id(model.catalog,
@resource[:tenant_name])
notice("***N*** neutron_network::create *** tenant_id='#{tenant_id.inspect}'")
network_opts << "--tenant_id=#{tenant_id}"
elsif @resource[:tenant_id]
network_opts << "--tenant_id=#{@resource[:tenant_id]}"
@ -83,8 +80,8 @@ Puppet::Type.type(:neutron_network).provide(
"--provider:segmentation_id=#{@resource[:provider_segmentation_id]}"
end
if @resource[:router_external]
network_opts << "--router:external=#{@resource[:router_external]}"
if @resource[:router_external] == 'True'
network_opts << '--router:external'
end
results = auth_neutron('net-create', '--format=shell',
@ -123,7 +120,11 @@ Puppet::Type.type(:neutron_network).provide(
end
def router_external=(value)
auth_neutron('net-update', "--router:external=#{value}", name)
if value == 'False'
auth_neutron('net-update', "--router:external=#{value}", name)
else
auth_neutron('net-update', "--router:external", name)
end
end
[

22
deployment/puppet/neutron/lib/puppet/provider/neutron_plugin_midonet/ini_setting.rb Normal file
View File

@ -0,0 +1,22 @@
Puppet::Type.type(:neutron_plugin_midonet).provide(
:ini_setting,
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
) do
def section
resource[:name].split('/', 2).first
end
def setting
resource[:name].split('/', 2).last
end
def separator
'='
end
def file_path
'/etc/neutron/plugins/midonet/midonet.ini'
end
end

22
deployment/puppet/neutron/lib/puppet/provider/neutron_plugin_plumgrid/ini_setting.rb Normal file
View File

@ -0,0 +1,22 @@
Puppet::Type.type(:neutron_plugin_plumgrid).provide(
:ini_setting,
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
) do
def section
resource[:name].split('/', 2).first
end
def setting
resource[:name].split('/', 2).last
end
def separator
'='
end
def file_path
'/etc/neutron/plugins/plumgrid/plumgrid.ini'
end
end

22
deployment/puppet/neutron/lib/puppet/provider/neutron_plumlib_plumgrid/ini_setting.rb Normal file
View File

@ -0,0 +1,22 @@
Puppet::Type.type(:neutron_plumlib_plumgrid).provide(
:ini_setting,
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
) do
def section
resource[:name].split('/', 2).first
end
def setting
resource[:name].split('/', 2).last
end
def separator
'='
end
def file_path
'/etc/neutron/plugins/plumgrid/plumlib.ini'
end
end

1
deployment/puppet/neutron/lib/puppet/provider/neutron_port/neutron.rb
View File

@ -13,7 +13,6 @@ Puppet::Type.type(:neutron_port).provide(
#TODO No security group support
commands :neutron => "neutron"
commands :keystone => 'keystone'
mk_resource_methods

1
deployment/puppet/neutron/lib/puppet/provider/neutron_router/neutron.rb
View File

@ -12,7 +12,6 @@ Puppet::Type.type(:neutron_router).provide(
EOT
commands :neutron => 'neutron'
commands :keystone => 'keystone'
mk_resource_methods

3
deployment/puppet/neutron/lib/puppet/provider/neutron_subnet/neutron.rb
View File

@ -12,7 +12,6 @@ Puppet::Type.type(:neutron_subnet).provide(
EOT
commands :neutron => 'neutron'
commands :keystone => 'keystone'
mk_resource_methods
@ -70,7 +69,7 @@ Puppet::Type.type(:neutron_subnet).provide(
host_routes = []
return [] if values.empty?
for value in Array(values)
matchdata = /\{\s*"destination"\s*:\s*"(.*)"\s*,\s*"nexthop"\s*:\s*"(.*)"\s*\}/.match(value)
matchdata = /\{\s*"destination"\s*:\s*"(.*)"\s*,\s*"nexthop"\s*:\s*"(.*)"\s*\}/.match(value.gsub(/\\"/,'"'))
destination = matchdata[1]
nexthop = matchdata[2]
host_routes << "destination=#{destination},nexthop=#{nexthop}"

53
deployment/puppet/neutron/lib/puppet/provider/nova_admin_tenant_id_setter/ini_setting.rb
View File

@ -12,6 +12,7 @@ require 'rubygems'
require 'net/http'
require 'net/https'
require 'json'
require 'puppet/util/inifile'
class KeystoneError < Puppet::Error
end
@ -22,10 +23,6 @@ end
class KeystoneAPIError < KeystoneError
end
RETRY_COUNT = 10
RETRY_SLEEP = 3
# Provides common request handling semantics to the other methods in
# this module.
#
@ -33,10 +30,15 @@ RETRY_SLEEP = 3
# An HTTPRequest object
# +url+::
# A parsed URL (returned from URI.parse)
def handle_request(req, url)
def neutron_handle_request(req, url)
begin
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = url.scheme == 'https'
# There is issue with ipv6 where address has to be in brackets, this causes the
# underlying ruby TCPSocket to fail. Net::HTTP.new will fail without brackets on
# joining the ipv6 address with :port or passing brackets to TCPSocket. It was
# found that if we use Net::HTTP.start with url.hostname the incriminated code
# won't be hit.
use_ssl = url.scheme == "https" ? true : false
http = Net::HTTP.start(url.hostname, url.port, {:use_ssl => use_ssl})
res = http.request(req)
if res.code != '200'
@ -101,7 +103,7 @@ def keystone_v2_authenticate(auth_url,
req['content-type'] = 'application/json'
req.body = post_args.to_json
res = handle_request(req, url)
res = neutron_handle_request(req, url)
data = JSON.parse res.body
return data['access']['token']['id']
end
@ -124,12 +126,14 @@ def keystone_v2_tenants(auth_url,
req['content-type'] = 'application/json'
req['x-auth-token'] = token
res = handle_request(req, url)
res = neutron_handle_request(req, url)
data = JSON.parse res.body
data['tenants']
end
Puppet::Type.type(:nova_admin_tenant_id_setter).provide(:ruby) do
@tenant_id = nil
def authenticate
keystone_v2_authenticate(
@resource[:auth_url],
@ -148,13 +152,19 @@ Puppet::Type.type(:nova_admin_tenant_id_setter).provide(:ruby) do
end
def exists?
false
ini_file = Puppet::Util::IniConfig::File.new
ini_file.read("/etc/neutron/neutron.conf")
ini_file['DEFAULT'] && ini_file['DEFAULT']['nova_admin_tenant_id'] && ini_file['DEFAULT']['nova_admin_tenant_id'] == tenant_id
end
def create
config
end
def tenant_id
@tenant_id ||= get_tenant_id
end
# This looks for the tenant specified by the 'tenant_name' parameter to
# the resource and returns the corresponding UUID if there is a single
# match.
@ -164,30 +174,21 @@ Puppet::Type.type(:nova_admin_tenant_id_setter).provide(:ruby) do
# - There are multiple matches, or
# - There are zero matches
def get_tenant_id
RETRY_COUNT.times do |n|
begin
tenants = find_tenant_by_name(authenticate)
rescue => e
debug "Request failed: '#{e.message}' Retry: '#{n}'"
sleep RETRY_SLEEP
next
end
token = authenticate
tenants = find_tenant_by_name(token)
if tenants.length == 1
return tenants[0]['id']
return tenants[0]['id']
elsif tenants.length > 1
name = tenants[0]['name']
raise KeystoneAPIError, "Found multiple matches for domain name: '#{name}'"
raise KeystoneAPIError, 'Found multiple matches for tenant name'
else
debug "Tenant '#{@resource[:domain_name]}' not found! Retry: '#{n}'"
sleep RETRY_SLEEP
next
raise KeystoneAPIError, 'Unable to find matching tenant'
end
end
end
def config
Puppet::Type.type(:neutron_config).new(
{:name => 'DEFAULT/nova_admin_tenant_id', :value => "#{get_tenant_id}"}
{:name => 'DEFAULT/nova_admin_tenant_id', :value => "#{tenant_id}"}
).create
end

18
deployment/puppet/neutron/lib/puppet/type/neutron_agent_linuxbridge.rb Normal file
View File

@ -0,0 +1,18 @@
Puppet::Type.newtype(:neutron_agent_linuxbridge) do
ensurable
newparam(:name, :namevar => true) do
desc 'Section/setting name to manage from linuxbridge agent config.'
newvalues(/\S+\/\S+/)
end
newproperty(:value) do
desc 'The value of the setting to be defined.'
munge do |value|
value = value.to_s.strip
value.capitalize! if value =~ /^(true|false)$/i
value
end
end
end

18
deployment/puppet/neutron/lib/puppet/type/neutron_agent_ovs.rb Normal file
View File

@ -0,0 +1,18 @@
Puppet::Type.newtype(:neutron_agent_ovs) do
ensurable
newparam(:name, :namevar => true) do
desc 'Section/setting name to manage from ovs agent config.'
newvalues(/\S+\/\S+/)
end
newproperty(:value) do
desc 'The value of the setting to be defined.'
munge do |value|
value = value.to_s.strip
value.capitalize! if value =~ /^(true|false)$/i
value
end
end
end

5
deployment/puppet/neutron/lib/puppet/type/neutron_network.rb
View File

@ -17,6 +17,7 @@ Puppet::Type.newtype(:neutron_network) do
newproperty(:admin_state_up) do
desc 'The administrative status of the network'
newvalues(/(t|T)rue/, /(f|F)alse/)
defaultto 'True'
munge do |v|
v.to_s.capitalize
end
@ -25,6 +26,7 @@ Puppet::Type.newtype(:neutron_network) do
newproperty(:shared) do
desc 'Whether this network should be shared across all tenants or not'
newvalues(/(t|T)rue/, /(f|F)alse/)
defaultto 'False'
munge do |v|
v.to_s.capitalize
end
@ -40,7 +42,7 @@ Puppet::Type.newtype(:neutron_network) do
newproperty(:provider_network_type) do
desc 'The physical mechanism by which the virtual network is realized.'
newvalues(:flat, :vlan, :local, :gre, :l3_ext)
newvalues(:flat, :vlan, :local, :gre, :l3_ext, :vxlan)
end
newproperty(:provider_physical_network) do
@ -61,6 +63,7 @@ Puppet::Type.newtype(:neutron_network) do
newproperty(:router_external) do
desc 'Whether this router will route traffic to an external network'
newvalues(/(t|T)rue/, /(f|F)alse/)
defaultto 'False'
munge do |v|
v.to_s.capitalize
end

49
deployment/puppet/neutron/lib/puppet/type/neutron_plugin_midonet.rb Normal file
View File

@ -0,0 +1,49 @@
Puppet::Type.newtype(:neutron_plugin_midonet) do
ensurable
newparam(:name, :namevar => true) do
desc 'Section/setting name to manage from midonet.ini'
newvalues(/\S+\/\S+/)
end
autorequire(:file) do
['/etc/neutron/plugins/midonet']
end
autorequire(:package) do ['neutron'] end
newproperty(:value) do
desc 'The value of the setting to be defined.'
munge do |value|
value = value.to_s.strip
value.capitalize! if value =~ /^(true|false)$/i
value
end
def is_to_s( currentvalue )
if resource.secret?
return '[old secret redacted]'
else
return currentvalue
end
end
def should_to_s( newvalue )
if resource.secret?
return '[new secret redacted]'
else
return newvalue
end
end
end
newparam(:secret, :boolean => true) do
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
newvalues(:true, :false)
defaultto false
end
end

47
deployment/puppet/neutron/lib/puppet/type/neutron_plugin_plumgrid.rb Normal file
View File

@ -0,0 +1,47 @@
Puppet::Type.newtype(:neutron_plugin_plumgrid) do
ensurable
newparam(:name, :namevar => true) do
desc 'Section/setting name to manage from plumgrid.ini'
newvalues(/\S+\/\S+/)
end
autorequire(:file) do
['/etc/neutron/plugins/plumgrid']
end
newproperty(:value) do
desc 'The value of the setting to be defined.'
munge do |value|
value = value.to_s.strip
value.capitalize! if value =~ /^(true|false)$/i
value
end
def is_to_s( currentvalue )
if resource.secret?
return '[old secret redacted]'
else
return currentvalue
end
end
def should_to_s( newvalue )
if resource.secret?
return '[new secret redacted]'
else
return newvalue
end
end
end
newparam(:secret, :boolean => true) do
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
newvalues(:true, :false)
defaultto false
end
end

47
deployment/puppet/neutron/lib/puppet/type/neutron_plumlib_plumgrid.rb Normal file
View File

@ -0,0 +1,47 @@
Puppet::Type.newtype(:neutron_plumlib_plumgrid) do
ensurable
newparam(:name, :namevar => true) do
desc 'Section/setting name to manage from plumlib.ini'
newvalues(/\S+\/\S+/)
end
autorequire(:file) do
['/etc/neutron/plugins/plumgrid']
end
newproperty(:value) do
desc 'The value of the setting to be defined.'
munge do |value|
value = value.to_s.strip
value.capitalize! if value =~ /^(true|false)$/i
value
end
def is_to_s( currentvalue )
if resource.secret?
return '[old secret redacted]'
else
return currentvalue
end
end
def should_to_s( newvalue )
if resource.secret?
return '[new secret redacted]'
else
return newvalue
end
end
end
newparam(:secret, :boolean => true) do
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
newvalues(:true, :false)
defaultto false
end
end

16
deployment/puppet/neutron/manifests/agents/dhcp.pp
View File

@ -29,6 +29,10 @@
# [*interface_driver*]
# (optional) Defaults to 'neutron.agent.linux.interface.OVSInterfaceDriver'.
#
# [*dhcp_domain*]
# (optional) domain to use for building the hostnames
# Defaults to 'openstacklocal'
#
# [*dhcp_driver*]
# (optional) Defaults to 'neutron.agent.linux.dhcp.Dnsmasq'.
#
@ -69,6 +73,7 @@ class neutron::agents::dhcp (
$state_path = '/var/lib/neutron',
$resync_interval = 30,
$interface_driver = 'neutron.agent.linux.interface.OVSInterfaceDriver',
$dhcp_domain = 'openstacklocal',
$dhcp_driver = 'neutron.agent.linux.dhcp.Dnsmasq',
$root_helper = 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf',
$use_namespaces = true,
@ -78,7 +83,7 @@ class neutron::agents::dhcp (
$enable_metadata_network = false
) {
include neutron::params
include ::neutron::params
Neutron_config<||> ~> Service['neutron-dhcp-service']
Neutron_dhcp_agent_config<||> ~> Service['neutron-dhcp-service']
@ -88,6 +93,9 @@ class neutron::agents::dhcp (
Package[$::neutron::params::dnsmasq_packages] -> Package<| title == 'neutron-dhcp-agent' |>
ensure_packages($::neutron::params::dnsmasq_packages)
}
/^midonet.*/: {
ensure_packages($::neutron::params::midonet_server_package)
}
default: {
fail("Unsupported dhcp_driver ${dhcp_driver}")
}
@ -110,6 +118,7 @@ class neutron::agents::dhcp (
'DEFAULT/state_path': value => $state_path;
'DEFAULT/resync_interval': value => $resync_interval;
'DEFAULT/interface_driver': value => $interface_driver;
'DEFAULT/dhcp_domain': value => $dhcp_domain;
'DEFAULT/dhcp_driver': value => $dhcp_driver;
'DEFAULT/use_namespaces': value => $use_namespaces;
'DEFAULT/root_helper': value => $root_helper;
@ -131,8 +140,9 @@ class neutron::agents::dhcp (
Package['neutron-dhcp-agent'] -> Neutron_config<||>
Package['neutron-dhcp-agent'] -> Neutron_dhcp_agent_config<||>
package { 'neutron-dhcp-agent':
ensure => $package_ensure,
name => $::neutron::params::dhcp_agent_package,
ensure => $package_ensure,
name => $::neutron::params::dhcp_agent_package,
tag => 'openstack',
}
} else {
# Some platforms (RedHat) do not provide a neutron DHCP agent package.

112
deployment/puppet/neutron/manifests/agents/l3.pp
View File

@ -76,54 +76,99 @@
# (optional) namespaces can be deleted cleanly on the host running the L3 agent
# Defaults to False
#
# [*ha_enabled*]
# (optional) Enabled or not HA for L3 agent.
# Defaults to false
#
# [*ha_vrrp_auth_type*]
# (optional) VRRP authentication type. Can be AH or PASS.
# Defaults to "PASS"
#
# [*ha_vrrp_auth_password*]
# (optional) VRRP authentication password. Required if ha_enabled = true.
# Defaults to undef
#
# [*ha_vrrp_advert_int*]
# (optional) The advertisement interval in seconds.
# Defaults to '2'
#
# [*agent_mode*]
# (optional) The working mode for the agent.
# 'legacy': default behavior (without DVR)
# 'dvr': enable DVR for an L3 agent running on compute node (DVR in production)
# 'dvr_snat': enable DVR with centralized SNAT support (DVR for single-host, for testing only)
# Defaults to 'legacy'
#
# [*allow_automatic_l3agent_failover*]
# DEPRECATED: Has no effect in this class. Use the same parameter in neutron::server instead.
#
class neutron::agents::l3 (
$package_ensure = 'present',
$enabled = true,
$manage_service = true,
$debug = false,
$external_network_bridge = 'br-ex',
$use_namespaces = true,
$interface_driver = 'neutron.agent.linux.interface.OVSInterfaceDriver',
$router_id = undef,
$gateway_external_network_id = undef,
$handle_internal_only_routers = true,
$metadata_port = '9697',
$send_arp_for_ha = '3',
$periodic_interval = '40',
$periodic_fuzzy_delay = '5',
$enable_metadata_proxy = true,
$network_device_mtu = undef,
$router_delete_namespaces = false
$package_ensure = 'present',
$enabled = true,
$manage_service = true,
$debug = false,
$external_network_bridge = 'br-ex',
$use_namespaces = true,
$interface_driver = 'neutron.agent.linux.interface.OVSInterfaceDriver',
$router_id = undef,
$gateway_external_network_id = undef,
$handle_internal_only_routers = true,
$metadata_port = '9697',
$send_arp_for_ha = '3',
$periodic_interval = '40',
$periodic_fuzzy_delay = '5',
$enable_metadata_proxy = true,
$network_device_mtu = undef,
$router_delete_namespaces = false,
$ha_enabled = false,
$ha_vrrp_auth_type = 'PASS',
$ha_vrrp_auth_password = undef,
$ha_vrrp_advert_int = '3',
$agent_mode = 'legacy',
# DEPRECATED PARAMETERS
$allow_automatic_l3agent_failover = false,
) {
include neutron::params
include ::neutron::params
Neutron_config<||> ~> Service['neutron-l3']
Neutron_l3_agent_config<||> ~> Service['neutron-l3']
if $allow_automatic_l3agent_failover {
notice('parameter allow_automatic_l3agent_failover is deprecated, use parameter in neutron::server instead')
}
if $ha_enabled {
neutron_l3_agent_config {
'DEFAULT/ha_vrrp_auth_type': value => $ha_vrrp_auth_type;
'DEFAULT/ha_vrrp_auth_password': value => $ha_vrrp_auth_password;
'DEFAULT/ha_vrrp_advert_int': value => $ha_vrrp_advert_int;
}
}
neutron_l3_agent_config {
'DEFAULT/debug': value => $debug;
'DEFAULT/external_network_bridge': value => $external_network_bridge;
'DEFAULT/use_namespaces': value => $use_namespaces;
'DEFAULT/interface_driver': value => $interface_driver;
'DEFAULT/router_id': value => $router_id;
'DEFAULT/gateway_external_network_id': value => $gateway_external_network_id;
'DEFAULT/handle_internal_only_routers': value => $handle_internal_only_routers;
'DEFAULT/metadata_port': value => $metadata_port;
'DEFAULT/send_arp_for_ha': value => $send_arp_for_ha;
'DEFAULT/periodic_interval': value => $periodic_interval;
'DEFAULT/periodic_fuzzy_delay': value => $periodic_fuzzy_delay;
'DEFAULT/enable_metadata_proxy': value => $enable_metadata_proxy;
'DEFAULT/router_delete_namespaces': value => $router_delete_namespaces;
'DEFAULT/debug': value => $debug;
'DEFAULT/external_network_bridge': value => $external_network_bridge;
'DEFAULT/use_namespaces': value => $use_namespaces;
'DEFAULT/interface_driver': value => $interface_driver;
'DEFAULT/router_id': value => $router_id;
'DEFAULT/gateway_external_network_id': value => $gateway_external_network_id;
'DEFAULT/handle_internal_only_routers': value => $handle_internal_only_routers;
'DEFAULT/metadata_port': value => $metadata_port;
'DEFAULT/send_arp_for_ha': value => $send_arp_for_ha;
'DEFAULT/periodic_interval': value => $periodic_interval;
'DEFAULT/periodic_fuzzy_delay': value => $periodic_fuzzy_delay;
'DEFAULT/enable_metadata_proxy': value => $enable_metadata_proxy;
'DEFAULT/router_delete_namespaces': value => $router_delete_namespaces;
'DEFAULT/agent_mode': value => $agent_mode;
}
if $network_device_mtu {
warning('The neutron::l3_agent::newtork_device_mtu parameter is deprecated, use neutron::newtork_device_mtu instead.')
warning('The neutron::agents::l3::network_device_mtu parameter is deprecated, use neutron::network_device_mtu instead.')
neutron_l3_agent_config {
'DEFAULT/network_device_mtu': value => $network_device_mtu;
}
} else {
warning('The neutron::l3_agent::newtork_device_mtu parameter is deprecated, use neutron::newtork_device_mtu instead.')
neutron_l3_agent_config {
'DEFAULT/network_device_mtu': ensure => absent;
}
@ -135,6 +180,7 @@ class neutron::agents::l3 (
ensure => $package_ensure,
name => $::neutron::params::l3_agent_package,
require => Package['neutron'],
tag => 'openstack',
}
} else {
# Some platforms (RedHat) does not provide a neutron L3 agent package.

31
deployment/puppet/neutron/manifests/agents/lbaas.pp
View File

@ -21,7 +21,7 @@
# (optional) Defaults to 'neutron.agent.linux.interface.OVSInterfaceDriver'.
#
# [*device_driver*]
# (optional) Defaults to 'neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver'.
# (optional) Defaults to 'neutron_lbaas.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver'.
#
# [*use_namespaces*]
# (optional) Allow overlapping IP (Must have kernel build with
@ -29,7 +29,8 @@
# Defaults to true.
#
# [*user_group*]
# (optional) The user group. Defaults to nogroup.
# (optional) The user group.
# Defaults to $::neutron::params::nobody_user_group
#
# [*manage_haproxy_package*]
# (optional) Whether to manage the haproxy package.
@ -42,13 +43,13 @@ class neutron::agents::lbaas (
$manage_service = true,
$debug = false,
$interface_driver = 'neutron.agent.linux.interface.OVSInterfaceDriver',
$device_driver = 'neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver',
$device_driver = 'neutron_lbaas.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver',
$use_namespaces = true,
$user_group = 'nogroup',
$user_group = $::neutron::params::nobody_user_group,
$manage_haproxy_package = true,
) {
include neutron::params
include ::neutron::params
Neutron_config<||> ~> Service['neutron-lbaas-service']
Neutron_lbaas_agent_config<||> ~> Service['neutron-lbaas-service']
@ -76,20 +77,14 @@ class neutron::agents::lbaas (
'haproxy/user_group': value => $user_group;
}
if $::neutron::params::lbaas_agent_package {
Package['neutron'] -> Package['neutron-lbaas-agent']
Package['neutron-lbaas-agent'] -> Neutron_config<||>
Package['neutron-lbaas-agent'] -> Neutron_lbaas_agent_config<||>
package { 'neutron-lbaas-agent':
ensure => $package_ensure,
name => $::neutron::params::lbaas_agent_package,
}
} else {
# Some platforms (RedHat) do not provide a neutron LBaaS agent package.
# The neutron LBaaS agent config file is provided by the neutron package.
Package['neutron'] -> Neutron_lbaas_agent_config<||>
Package['neutron'] -> Package['neutron-lbaas-agent']
Package['neutron-lbaas-agent'] -> Neutron_config<||>
Package['neutron-lbaas-agent'] -> Neutron_lbaas_agent_config<||>
package { 'neutron-lbaas-agent':
ensure => $package_ensure,
name => $::neutron::params::lbaas_agent_package,
tag => 'openstack',
}
if $manage_service {
if $enabled {
$service_ensure = 'running'

79
deployment/puppet/neutron/manifests/agents/linuxbridge.pp
View File

@ -1,79 +0,0 @@
# == Class: neutron::agents::linuxbridge
#
# Setups linuxbridge neutron agent.
#
# === Parameters
#
# [*physical_interface_mappings*]
# (required) Comma-separated list of <physical_network>:<physical_interface>
# tuples mapping physical network names to agent's node-specific physical
# network interfaces.
#
# [*firewall_driver*]
# (optional) Firewall driver for realizing neutron security group function.
# Defaults to 'neutron.agent.linux.iptables_firewall.IptablesFirewallDriver'.
#
# [*package_ensure*]
# (optional) Ensure state for package. Defaults to 'present'.
#
# [*enable*]
# (optional) Enable state for service. Defaults to 'true'.
#
# [*manage_service*]
# (optional) Whether to start/stop the service
# Defaults to true
#
class neutron::agents::linuxbridge (
$physical_interface_mappings,
$firewall_driver = 'neutron.agent.linux.iptables_firewall.IptablesFirewallDriver',
$package_ensure = 'present',
$enable = true,
$manage_service = true
) {
include neutron::params
Neutron_config<||> ~> Service['neutron-plugin-linuxbridge-service']
Neutron_plugin_linuxbridge<||> ~> Service<| title == 'neutron-plugin-linuxbridge-service' |>
if $::neutron::params::linuxbridge_agent_package {
Package['neutron'] -> Package['neutron-plugin-linuxbridge-agent']
Package['neutron-plugin-linuxbridge-agent'] -> Neutron_plugin_linuxbridge<||>
Package['neutron-plugin-linuxbridge-agent'] -> Service['neutron-plugin-linuxbridge-service']
package { 'neutron-plugin-linuxbridge-agent':
ensure => $package_ensure,
name => $::neutron::params::linuxbridge_agent_package,
}
} else {
# Some platforms (RedHat) do not provide a separate neutron plugin
# linuxbridge agent package. The configuration file for the linuxbridge
# agent is provided by the neutron linuxbridge plugin package.
Package['neutron-plugin-linuxbridge'] -> Neutron_plugin_linuxbridge<||>
if ! defined(Package['neutron-plugin-linuxbridge']) {
package { 'neutron-plugin-linuxbridge':
ensure => $package_ensure,
name => $::neutron::params::linuxbridge_server_package,
}
}
}
neutron_plugin_linuxbridge {
'LINUX_BRIDGE/physical_interface_mappings': value => $physical_interface_mappings;
'SECURITYGROUP/firewall_driver': value => $firewall_driver;
}
if $manage_service {
if $enable {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
service { 'neutron-plugin-linuxbridge-service':
ensure => $service_ensure,
name => $::neutron::params::linuxbridge_agent_service,
enable => $enable,
}
}

73
deployment/puppet/neutron/manifests/agents/metadata.pp
View File

@ -40,7 +40,7 @@
# CA cert to check against with for ssl keystone. (Defaults to undef)
#
# [*auth_region*]
# The authentication region. Defaults to 'RegionOne'.
# The authentication region. (Defaults to undef)
#
# [*metadata_ip*]
# The IP address of the metadata service. Defaults to '127.0.0.1'.
@ -48,6 +48,9 @@
# [*metadata_port*]
# The TCP port of the metadata service. Defaults to 8775.
#
# [*metadata_protocol*]
# The protocol to use for requests to Nova metadata server. Defaults to 'http'.
#
# [*metadata_workers*]
# (optional) Number of separate worker processes to spawn.
# The default, count of machine's processors, runs the worker thread in the
@ -60,27 +63,36 @@
# (optional) Number of backlog requests to configure the metadata server socket with.
# Defaults to 4096
#
# [*metadata_memory_cache_ttl*]
# (optional) Specifies time in seconds a metadata cache entry is valid in
# memory caching backend.
# Set to 0 will cause cache entries to never expire.
# Set to undef or false to disable cache.
# Defaults to 5
#
class neutron::agents::metadata (
$auth_password,
$shared_secret,
$package_ensure = 'present',
$enabled = true,
$manage_service = true,
$debug = false,
$auth_tenant = 'services',
$auth_user = 'neutron',
$auth_url = 'http://localhost:35357/v2.0',
$auth_insecure = false,
$auth_ca_cert = undef,
$auth_region = 'RegionOne',
$metadata_ip = '127.0.0.1',
$metadata_port = '8775',
$metadata_workers = $::processorcount,
$metadata_backlog = '4096'
$package_ensure = 'present',
$enabled = true,
$manage_service = true,
$debug = false,
$auth_tenant = 'services',
$auth_user = 'neutron',
$auth_url = 'http://localhost:35357/v2.0',
$auth_insecure = false,
$auth_ca_cert = undef,
$auth_region = undef,
$metadata_ip = '127.0.0.1',
$metadata_port = '8775',
$metadata_protocol = 'http',
$metadata_workers = $::processorcount,
$metadata_backlog = '4096',
$metadata_memory_cache_ttl = 5,
) {
include neutron::params
include ::neutron::params
Package['neutron'] -> Neutron_metadata_agent_config<||>
Neutron_config<||> ~> Service['neutron-metadata']
@ -90,24 +102,44 @@ class neutron::agents::metadata (
'DEFAULT/debug': value => $debug;
'DEFAULT/auth_url': value => $auth_url;
'DEFAULT/auth_insecure': value => $auth_insecure;
'DEFAULT/auth_region': value => $auth_region;
'DEFAULT/admin_tenant_name': value => $auth_tenant;
'DEFAULT/admin_user': value => $auth_user;
'DEFAULT/admin_password': value => $auth_password, secret => true;
'DEFAULT/nova_metadata_ip': value => $metadata_ip;
'DEFAULT/nova_metadata_port': value => $metadata_port;
'DEFAULT/nova_metadata_protocol': value => $metadata_protocol;
'DEFAULT/metadata_proxy_shared_secret': value => $shared_secret;
'DEFAULT/metadata_workers': value => $metadata_workers;
'DEFAULT/metadata_backlog': value => $metadata_backlog;
}
if $auth_ca_cert {
if $auth_region {
neutron_metadata_agent_config {
'DEFAULT/auth_ca_cert': value => $auth_ca_cert;
'DEFAULT/auth_region': value => $auth_region;
}
} else {
neutron_metadata_agent_config {
'DEFAULT/auth_ca_cert': ensure => absent;
'DEFAULT/auth_region': ensure => absent;
}
}
if $metadata_memory_cache_ttl {
neutron_metadata_agent_config {
'DEFAULT/cache_url': value => "memory://?default_ttl=${metadata_memory_cache_ttl}";
}
} else {
neutron_metadata_agent_config {
'DEFAULT/cache_url': ensure => absent;
}
}
if $auth_ca_cert {
neutron_metadata_agent_config {
'DEFAULT/auth_ca_cert': value => $auth_ca_cert;
}
} else {
neutron_metadata_agent_config {
'DEFAULT/auth_ca_cert': ensure => absent;
}
}
@ -118,6 +150,7 @@ class neutron::agents::metadata (
ensure => $package_ensure,
name => $::neutron::params::metadata_agent_package,
require => Package['neutron'],
tag => 'openstack',
}
}

7
deployment/puppet/neutron/manifests/agents/metering.pp
View File

@ -62,7 +62,7 @@ class neutron::agents::metering (
$report_interval = '300'
) {
include neutron::params
include ::neutron::params
Neutron_config<||> ~> Service['neutron-metering-service']
Neutron_metering_agent_config<||> ~> Service['neutron-metering-service']
@ -83,8 +83,9 @@ class neutron::agents::metering (
Package['neutron-metering-agent'] -> Neutron_config<||>
Package['neutron-metering-agent'] -> Neutron_metering_agent_config<||>
package { 'neutron-metering-agent':
ensure => $package_ensure,
name => $::neutron::params::metering_agent_package,
ensure => $package_ensure,
name => $::neutron::params::metering_agent_package,
tag => 'openstack',
}
} else {
# Default dependency if the system does not provide a neutron metering agent package.

38
deployment/puppet/neutron/manifests/agents/ml2/linuxbridge.pp
View File

@ -71,10 +71,10 @@ class neutron::agents::ml2::linuxbridge (
validate_array($tunnel_types)
validate_array($physical_interface_mappings)
include neutron::params
include ::neutron::params
Package['neutron-plugin-linuxbridge-agent'] -> Neutron_plugin_linuxbridge<||>
Neutron_plugin_linuxbridge<||> ~> Service['neutron-plugin-linuxbridge-agent']
Package['neutron-plugin-linuxbridge-agent'] -> Neutron_agent_linuxbridge<||>
Neutron_agent_linuxbridge<||> ~> Service['neutron-plugin-linuxbridge-agent']
if ('vxlan' in $tunnel_types) {
@ -83,30 +83,30 @@ class neutron::agents::ml2::linuxbridge (
}
if $vxlan_group {
neutron_plugin_linuxbridge { 'vxlan/vxlan_group': value => $vxlan_group }
neutron_agent_linuxbridge { 'vxlan/vxlan_group': value => $vxlan_group }
} else {
neutron_plugin_linuxbridge { 'vxlan/vxlan_group': ensure => absent }
neutron_agent_linuxbridge { 'vxlan/vxlan_group': ensure => absent }
}
if $vxlan_ttl {
neutron_plugin_linuxbridge { 'vxlan/vxlan_ttl': value => $vxlan_ttl }
neutron_agent_linuxbridge { 'vxlan/vxlan_ttl': value => $vxlan_ttl }
} else {
neutron_plugin_linuxbridge { 'vxlan/vxlan_ttl': ensure => absent }
neutron_agent_linuxbridge { 'vxlan/vxlan_ttl': ensure => absent }
}
if $vxlan_tos {
neutron_plugin_linuxbridge { 'vxlan/vxlan_tos': value => $vxlan_tos }
neutron_agent_linuxbridge { 'vxlan/vxlan_tos': value => $vxlan_tos }
} else {
neutron_plugin_linuxbridge { 'vxlan/vxlan_tos': ensure => absent }
neutron_agent_linuxbridge { 'vxlan/vxlan_tos': ensure => absent }
}
neutron_plugin_linuxbridge {
neutron_agent_linuxbridge {
'vxlan/enable_vxlan': value => true;
'vxlan/local_ip': value => $local_ip;
'vxlan/l2_population': value => $l2_population;
}
} else {
neutron_plugin_linuxbridge {
neutron_agent_linuxbridge {
'vxlan/enable_vxlan': value => false;
'vxlan/local_ip': ensure => absent;
'vxlan/vxlan_group': ensure => absent;
@ -114,29 +114,31 @@ class neutron::agents::ml2::linuxbridge (
}
}
neutron_plugin_linuxbridge {
neutron_agent_linuxbridge {
'agent/polling_interval': value => $polling_interval;
'linux_bridge/physical_interface_mappings': value => join($physical_interface_mappings, ',');
}
if $firewall_driver {
neutron_plugin_linuxbridge { 'securitygroup/firewall_driver': value => $firewall_driver }
neutron_agent_linuxbridge { 'securitygroup/firewall_driver': value => $firewall_driver }
} else {
neutron_plugin_linuxbridge { 'securitygroup/firewall_driver': ensure => absent }
neutron_agent_linuxbridge { 'securitygroup/firewall_driver': ensure => absent }
}
if $::neutron::params::linuxbridge_agent_package {
package { 'neutron-plugin-linuxbridge-agent':
ensure => $package_ensure,
name => $::neutron::params::linuxbridge_agent_package,
ensure => $package_ensure,
name => $::neutron::params::linuxbridge_agent_package,
tag => 'openstack',
}
} else {
# Some platforms (RedHat) do not provide a separate
# neutron plugin linuxbridge agent package.
if ! defined(Package['neutron-plugin-linuxbridge-agent']) {
package { 'neutron-plugin-linuxbridge-agent':
ensure => $package_ensure,
name => $::neutron::params::linuxbridge_server_package,
ensure => $package_ensure,
name => $::neutron::params::linuxbridge_server_package,
tag => 'openstack',
}
}
}

183
deployment/puppet/neutron/manifests/agents/ml2/ovs.pp
View File

@ -83,39 +83,42 @@
# (optional) Firewall driver for realizing neutron security group function.
# Defaults to 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'.
#
# [*enable_distributed_routing*]
# (optional) Set to True on L2 agents to enable support
# for distributed virtual routing.
# Defaults to false
#
class neutron::agents::ml2::ovs (
$package_ensure = 'present',
$enabled = true,
# TODO(bogdando) contribute change to upstream:
# new manage_service param is required for pacemaker OCF control plane.
# perhaps, could be removed once pacemaker wrappers implemented
$manage_service = true,
$bridge_uplinks = [],
$bridge_mappings = [],
$integration_bridge = 'br-int',
$enable_tunneling = false,
$tunnel_types = [],
$local_ip = false,
$tunnel_bridge = 'br-tun',
$vxlan_udp_port = 4789,
$polling_interval = 2,
$l2_population = false,
$arp_responder = false,
$firewall_driver = 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
$package_ensure = 'present',
$enabled = true,
$bridge_uplinks = [],
$bridge_mappings = [],
$integration_bridge = 'br-int',
$enable_tunneling = false,
$tunnel_types = [],
$local_ip = false,
$tunnel_bridge = 'br-tun',
$vxlan_udp_port = 4789,
$polling_interval = 2,
$l2_population = false,
$arp_responder = false,
$firewall_driver = 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver',
$enable_distributed_routing = false,
) {
include neutron::params
# TODO(bogdando) contribute change to upstream:
# replace vswitch::ovs with l23network, once its ready to be contributed
# FIXME(xarses): Need to come up with a better method to support vswitch and
# l23network at the same time
#require vswitch::ovs
include ::neutron::params
require vswitch::ovs
if $enable_tunneling and ! $local_ip {
fail('Local ip for ovs agent must be set when tunneling is enabled')
}
Neutron_plugin_ml2<||> ~> Service['neutron-ovs-agent-service']
if $enable_distributed_routing and ! $l2_population {
fail('L2 population must be enabled when DVR is enabled')
}
Package['neutron-ovs-agent'] -> Neutron_agent_ovs<||>
Neutron_agent_ovs<||> ~> Service['neutron-ovs-agent-service']
if ($bridge_mappings != []) {
# bridge_mappings are used to describe external networks that are
@ -133,59 +136,60 @@ class neutron::agents::ml2::ovs (
# Set config for bridges that we're going to create
# The OVS neutron plugin will talk in terms of the networks in the bridge_mappings
$br_map_str = join($bridge_mappings, ',')
neutron_plugin_ml2 {
neutron_agent_ovs {
'ovs/bridge_mappings': value => $br_map_str;
}
# TODO(bogdando) contribute change to upstream:
# replace neutron::plugins::ovs::bridge with l23network,
# once its ready to be contributed
# FIXME(xarses): Need to come up with a better method to support vswitch and
# l23network at the same time
#neutron::plugins::ovs::bridge{ $bridge_mappings:
# before => Service['neutron-ovs-agent-service'],
#}
#neutron::plugins::ovs::port{ $bridge_uplinks:
# before => Service['neutron-ovs-agent-service'],
#}
}
neutron_plugin_ml2 {
'agent/polling_interval': value => $polling_interval;
'agent/l2_population': value => $l2_population;
'agent/arp_responder': value => $arp_responder;
'ovs/integration_bridge': value => $integration_bridge;
}
if ($firewall_driver) {
neutron_plugin_ml2 { 'securitygroup/firewall_driver':
value => $firewall_driver
neutron::plugins::ovs::bridge{ $bridge_mappings:
before => Service['neutron-ovs-agent-service'],
}
neutron::plugins::ovs::port{ $bridge_uplinks:
before => Service['neutron-ovs-agent-service'],
}
}
neutron_agent_ovs {
'agent/polling_interval': value => $polling_interval;
'agent/l2_population': value => $l2_population;
'agent/arp_responder': value => $arp_responder;
'agent/enable_distributed_routing': value => $enable_distributed_routing;
'ovs/integration_bridge': value => $integration_bridge;
}
if $firewall_driver {
neutron_agent_ovs { 'securitygroup/firewall_driver': value => $firewall_driver }
} else {
neutron_plugin_ml2 { 'securitygroup/firewall_driver': ensure => absent }
neutron_agent_ovs { 'securitygroup/firewall_driver': ensure => absent }
}
vs_bridge { $integration_bridge:
ensure => present,
before => Service['neutron-ovs-agent-service'],
}
if $enable_tunneling {
neutron_plugin_ml2 {
vs_bridge { $tunnel_bridge:
ensure => present,
before => Service['neutron-ovs-agent-service'],
}
neutron_agent_ovs {
'ovs/enable_tunneling': value => true;
'ovs/tunnel_bridge': value => $tunnel_bridge;
'ovs/local_ip': value => $local_ip;
'agent/dont_fragment': value => false;
}
if size($tunnel_types) > 0 {
neutron_plugin_ml2 {
neutron_agent_ovs {
'agent/tunnel_types': value => join($tunnel_types, ',');
}
}
if 'vxlan' in $tunnel_types {
validate_vxlan_udp_port($vxlan_udp_port)
neutron_plugin_ml2 {
neutron_agent_ovs {
'agent/vxlan_udp_port': value => $vxlan_udp_port;
}
}
} else {
neutron_plugin_ml2 {
neutron_agent_ovs {
'ovs/enable_tunneling': value => false;
'ovs/tunnel_bridge': ensure => absent;
'ovs/local_ip': ensure => absent;
@ -194,55 +198,42 @@ class neutron::agents::ml2::ovs (
if $::neutron::params::ovs_agent_package {
Package['neutron-ovs-agent'] -> Neutron_plugin_ml2<||>
package { 'neutron-ovs-agent':
ensure => $package_ensure,
name => $::neutron::params::ovs_agent_package,
ensure => $package_ensure,
name => $::neutron::params::ovs_agent_package,
tag => 'openstack',
}
} else {
# Some platforms (RedHat) do not provide a separate
# neutron plugin ovs agent package. The configuration file for
# the ovs agent is provided by the neutron ovs plugin package.
Package['neutron-ovs-agent'] -> Neutron_plugin_ml2<||>
Package['neutron-ovs-agent'] -> Service['ovs-cleanup-service']
if ! defined(Package['neutron-ovs-agent']) {
package { 'neutron-ovs-agent':
ensure => $package_ensure,
name => $::neutron::params::ovs_server_package,
} ->
# https://bugzilla.redhat.com/show_bug.cgi?id=1087647
# Causes init script for agent to load the old ovs file
# instead of the ml2 config file.
file { '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini':
ensure => link,
target => '/etc/neutron/plugin.ini'
} ~> Service<| title == 'neutron-ovs-agent-service' |>
}
}
# TODO(bogdando) contribute change to upstream:
# new manage_service param is required for pacemaker OCF control plane
# perhaps, could be removed once pacemaker wrappers implemented
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
service { 'neutron-ovs-agent-service':
ensure => $service_ensure,
name => $::neutron::params::ovs_agent_service,
enable => $enabled,
require => Class['neutron'],
}
if $::neutron::params::ovs_cleanup_service {
service {'ovs-cleanup-service':
ensure => $service_ensure,
name => $::neutron::params::ovs_cleanup_service,
enable => $enabled,
ensure => $package_ensure,
name => $::neutron::params::ovs_server_package,
tag => 'openstack',
}
}
}
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
service { 'neutron-ovs-agent-service':
ensure => $service_ensure,
name => $::neutron::params::ovs_agent_service,
enable => $enabled,
require => Class['neutron'],
}
if $::neutron::params::ovs_cleanup_service {
Package['neutron-ovs-agent'] -> Service['ovs-cleanup-service']
service { 'ovs-cleanup-service':
name => $::neutron::params::ovs_cleanup_service,
enable => $enabled,
}
}
}

89
deployment/puppet/neutron/manifests/agents/ml2/sriov.pp Normal file
View File

@ -0,0 +1,89 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: neutron::agents::ml2::sriov
#
# Setups SR-IOV neutron agent when using ML2 plugin
#
# === Parameters
#
# [*package_ensure*]
# (optional) The state of the package
# Defaults to 'present'
#
# [*enabled*]
# (required) Whether or not to enable the OVS Agent
# Defaults to true
#
# [*physical_device_mappings*]
# (optional) List of <physical_network>:<physical device>
# All physical networks listed in network_vlan_ranges
# on the server should have mappings to appropriate
# interfaces on each agent.
# Defaults to empty list
#
# [*polling_interval*]
# (optional) The number of seconds the agent will wait between
# polling for local device changes.
# Defaults to '2"
#
# [*exclude_devices*]
# (optional) List of <network_device>:<excluded_devices> mapping
# network_device to the agent's node-specific list of virtual functions
# that should not be used for virtual networking. excluded_devices is a
# semicolon separated list of virtual functions to exclude from network_device.
# The network_device in the mapping should appear in the physical_device_mappings list.
class neutron::agents::ml2::sriov (
$package_ensure = 'present',
$enabled = true,
$physical_device_mappings = [],
$polling_interval = 2,
$exclude_devices = [],
) {
include ::neutron::params
Neutron_plugin_ml2<||> ~> Service['neutron-sriov-nic-agent-service']
neutron_plugin_ml2 {
'sriov_nic/polling_interval': value => $polling_interval;
'sriov_nic/exclude_devices': value => join($exclude_devices, ',');
'sriov_nic/physical_device_mappings': value => join($physical_device_mappings, ',');
}
Package['neutron-sriov-nic-agent'] -> Neutron_plugin_ml2<||>
package { 'neutron-sriov-nic-agent':
ensure => $package_ensure,
name => $::neutron::params::sriov_nic_agent_package,
tag => 'openstack',
}
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
service { 'neutron-sriov-nic-agent-service':
ensure => $service_ensure,
name => $::neutron::params::sriov_nic_agent_service,
enable => $enabled,
require => Class['neutron'],
}
}

26
deployment/puppet/neutron/manifests/agents/n1kv_vem.pp
View File

@ -91,6 +91,14 @@
# (optional) Whether to start/stop the service
# Defaults to true
#
# [*portdb*]
# (optional) PortDB (ovs|vem)
# Defaults to ovs
#
# [*fastpath_flood*]
# (optional) Handle broadcast floods and unknown pkts in fastpath(KLM)
# Defaults to enable
#
class neutron::agents::n1kv_vem (
$n1kv_vsm_ip = '127.0.0.1',
$n1kv_vsm_domain_id = 1000,
@ -103,10 +111,13 @@ class neutron::agents::n1kv_vem (
$n1kv_version = 'present',
$package_ensure = 'present',
$enable = true,
$manage_service = true
$manage_service = true,
$portdb = 'ovs',
$fastpath_flood = 'enable'
) {
include neutron::params
include ::neutron::params
require vswitch::ovs
Exec { path => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/' ] }
@ -134,11 +145,6 @@ class neutron::agents::n1kv_vem (
name => $::neutron::params::libnl_package
}
package { 'openvswitch':
ensure => $package_ensure,
name => $::neutron::params::ovs_package
}
file {
'/etc/n1kv':
ensure => directory,
@ -176,6 +182,7 @@ class neutron::agents::n1kv_vem (
ensure => $n1kv_version,
provider => $::neutron::params::package_provider,
source => $vemtgtimg,
tag => 'openstack',
require => File[$vemtgtimg]
}
} else {
@ -192,7 +199,8 @@ class neutron::agents::n1kv_vem (
}
}
package {'nexus1000v':
ensure => $package_ensure
ensure => $package_ensure,
tag => 'openstack',
}
}
@ -229,7 +237,7 @@ class neutron::agents::n1kv_vem (
}
Package['libnl'] -> Package['nexus1000v']
Package['openvswitch'] -> Package['nexus1000v']
Service['openvswitch'] ~> Package['nexus1000v']
File['/etc/n1kv/n1kv.conf'] -> Package['nexus1000v']
Package['nexus1000v'] ~> Service['nexus1000v']
}

163
deployment/puppet/neutron/manifests/agents/ovs.pp
View File

@ -1,163 +0,0 @@
# == Class: neutron::agents::ovs
#
# Setups OVS neutron agent.
#
# === Parameters
#
# [*firewall_driver*]
# (optional) Firewall driver for realizing neutron security group function.
# Defaults to 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'.
#
class neutron::agents::ovs (
$package_ensure = 'present',
$manage_service = true,
$enabled = true,
$bridge_uplinks = [],
$bridge_mappings = [],
$integration_bridge = 'br-int',
$enable_tunneling = false,
$tunnel_types = [],
$local_ip = false,
$tunnel_bridge = 'br-tun',
$vxlan_udp_port = 4789,
$polling_interval = 2,
$firewall_driver = 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver',
$veth_mtu = undef
) {
include neutron::params
require vswitch::ovs
if $enable_tunneling and ! $local_ip {
fail('Local ip for ovs agent must be set when tunneling is enabled')
}
if $enabled {
Neutron_config<||> ~> Service['neutron-plugin-ovs-service']
Neutron_plugin_ovs<||> ~> Service['neutron-plugin-ovs-service']
Neutron::Plugins::Ovs::Bridge<||> -> Service['neutron-plugin-ovs-service']
Neutron::Plugins::Ovs::Port<||> -> Service['neutron-plugin-ovs-service']
Vs_bridge<||> -> Service['neutron-plugin-ovs-service']
}
if ($bridge_mappings != []) {
# bridge_mappings are used to describe external networks that are
# *directly* attached to this machine.
# (This has nothing to do with VM-VM comms over neutron virtual networks.)
# Typically, the network node - running L3 agent - will want one external
# network (often this is on the control node) and the other nodes (all the
# compute nodes) will want none at all. The only other reason you will
# want to add networks here is if you're using provider networks, in which
# case you will name the network with bridge_mappings and add the server's
# interfaces that are attached to that network with bridge_uplinks.
# (The bridge names can be nearly anything, they just have to match between
# mappings and uplinks; they're what the OVS switches will get named.)
# Set config for bridges that we're going to create
# The OVS neutron plugin will talk in terms of the networks in the bridge_mappings
$br_map_str = join($bridge_mappings, ',')
neutron_plugin_ovs {
'OVS/bridge_mappings': value => $br_map_str;
}
neutron::plugins::ovs::bridge{ $bridge_mappings: }
neutron::plugins::ovs::port{ $bridge_uplinks: }
}
neutron_plugin_ovs {
'AGENT/polling_interval': value => $polling_interval;
'OVS/integration_bridge': value => $integration_bridge;
}
if ($firewall_driver) {
neutron_plugin_ovs { 'SECURITYGROUP/firewall_driver':
value => $firewall_driver
}
} else {
neutron_plugin_ovs { 'SECURITYGROUP/firewall_driver': ensure => absent }
}
vs_bridge { $integration_bridge:
ensure => present,
}
if $enable_tunneling {
vs_bridge { $tunnel_bridge:
ensure => present,
before => Service['neutron-plugin-ovs-service'],
}
neutron_plugin_ovs {
'OVS/enable_tunneling': value => true;
'OVS/tunnel_bridge': value => $tunnel_bridge;
'OVS/local_ip': value => $local_ip;
}
if size($tunnel_types) > 0 {
neutron_plugin_ovs {
'agent/tunnel_types': value => join($tunnel_types, ',');
}
}
if 'vxlan' in $tunnel_types {
validate_vxlan_udp_port($vxlan_udp_port)
neutron_plugin_ovs {
'agent/vxlan_udp_port': value => $vxlan_udp_port;
}
}
} else {
neutron_plugin_ovs {
'OVS/enable_tunneling': value => false;
'OVS/tunnel_bridge': ensure => absent;
'OVS/local_ip': ensure => absent;
}
}
if $::neutron::params::ovs_agent_package {
Package['neutron-plugin-ovs-agent'] -> Neutron_plugin_ovs<||>
package { 'neutron-plugin-ovs-agent':
ensure => $package_ensure,
name => $::neutron::params::ovs_agent_package,
}
} else {
# Some platforms (RedHat) do not provide a separate
# neutron plugin ovs agent package. The configuration file for
# the ovs agent is provided by the neutron ovs plugin package.
Package['neutron-plugin-ovs'] -> Neutron_plugin_ovs<||>
Package['neutron-plugin-ovs'] -> Service['ovs-cleanup-service']
ensure_resource('package', 'neutron-plugin-ovs', {
ensure => $package_ensure,
name => $::neutron::params::ovs_server_package,
})
}
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
# TODO(bogdando) contribute change to upstream:
# manage_service param should control services definitions as well.
# Required for pacemaker OCF control plane,
# perhaps, could be undone once pacemaker wrappers implemented
service { 'neutron-plugin-ovs-service':
ensure => $service_ensure,
name => $::neutron::params::ovs_agent_service,
enable => $enabled,
require => Class['neutron'],
}
if $::neutron::params::ovs_cleanup_service {
service {'ovs-cleanup-service':
name => $::neutron::params::ovs_cleanup_service,
enable => $enabled,
}
}
}
if $veth_mtu {
neutron_plugin_ovs { 'AGENT/veth_mtu': value => $veth_mtu }
} else {
neutron_plugin_ovs { 'AGENT/veth_mtu': ensure => absent }
}
}

7
deployment/puppet/neutron/manifests/agents/vpnaas.pp
View File

@ -53,7 +53,7 @@ class neutron::agents::vpnaas (
$ipsec_status_check_interval = '60'
) {
include neutron::params
include ::neutron::params
Neutron_config<||> ~> Service['neutron-vpnaas-service']
Neutron_vpnaas_agent_config<||> ~> Service['neutron-vpnaas-service']
@ -94,8 +94,9 @@ class neutron::agents::vpnaas (
Package['neutron'] -> Package['neutron-vpnaas-agent']
Package['neutron-vpnaas-agent'] -> Neutron_vpnaas_agent_config<||>
package { 'neutron-vpnaas-agent':
ensure => $package_ensure,
name => $::neutron::params::vpnaas_agent_package,
ensure => $package_ensure,
name => $::neutron::params::vpnaas_agent_package,
tag => 'openstack',
}
} else {
Package['neutron'] -> Neutron_vpnaas_agent_config<||>

3
deployment/puppet/neutron/manifests/client.pp
View File

@ -12,11 +12,12 @@ class neutron::client (
$package_ensure = present
) {
include neutron::params
include ::neutron::params
package { 'python-neutronclient':
ensure => $package_ensure,
name => $::neutron::params::client_package,
tag => 'openstack',
}
}

12
deployment/puppet/neutron/manifests/config.pp
View File

@ -54,6 +54,12 @@
# [**plugin_cisco_config**]
# (optional) Manage configuration of cisco_plugins.ini
#
# [**plugin_midonet_config**]
# (optional) Manage configuration of plugins/midonet/midonet.ini
#
# [**plugin_plumgrid_config**]
# (optional) Manage configuration of plugins/plumgrid/plumgrid.ini
#
# [**plugin_ml2_config**]
# (optional) Manage configuration of ml2_conf.ini
#
@ -76,6 +82,8 @@ class neutron::config (
$plugin_cisco_db_conn_config = {},
$plugin_cisco_l2network_config = {},
$plugin_cisco_config = {},
$plugin_midonet_config = {},
$plugin_plumgrid_config = {},
$plugin_ml2_config = {},
$plugin_ovs_config = {},
) {
@ -92,6 +100,8 @@ class neutron::config (
validate_hash($plugin_cisco_db_conn_config)
validate_hash($plugin_cisco_l2network_config)
validate_hash($plugin_cisco_config)
validate_hash($plugin_midonet_config)
validate_hash($plugin_plumgrid_config)
validate_hash($plugin_ml2_config)
validate_hash($plugin_ovs_config)
@ -106,6 +116,8 @@ class neutron::config (
create_resources('neutron_plugin_cisco_db_conn', $plugin_cisco_db_conn_config)
create_resources('neutron_plugin_cisco_l2network', $plugin_cisco_l2network_config)
create_resources('neutron_plugin_cisco', $plugin_cisco_config)
create_resources('neutron_plugin_midonet', $plugin_midonet_config)
create_resources('neutron_plugin_plumgrid', $plugin_plumgrid_config)
create_resources('neutron_plugin_ml2', $plugin_ml2_config)
create_resources('neutron_plugin_ovs', $plugin_ovs_config)
}

87
deployment/puppet/neutron/manifests/db/mysql.pp
View File

@ -1,13 +1,34 @@
# The neutron::db::mysql class creates a MySQL database for neutron.
# It must be used on the MySQL server
#
# [*mysql_module*]
# (optional) The mysql puppet module version to use. Tested versions
# include 0.9 and 2.2
# Default to '0.9'
# == Parameters
#
# [*password*]
# password to connect to the database. Mandatory.
#
# [*dbname*]
# name of the database. Optional. Defaults to neutron.
#
# [*user*]
# user to connect to the database. Optional. Defaults to neutron.
#
# [*host*]
# the default source host user is allowed to connect from.
# Optional. Defaults to 'localhost'
#
# [*allowed_hosts*]
# other hosts the user is allowd to connect from.
# Optional. Defaults to undef.
#
# [*charset*]
# the database charset. Optional. Defaults to 'utf8'
#
# [*collate*]
# the database collation. Optional. Defaults to 'utf8_general_ci'
#
# [*mysql_module*]
# (optional) Deprecated. Does nothing.
#
# TODO(bogdando) sync this manifest with upstream once puppet-openstacklib
# synced in Fuel as well. We cannot sync it for now.
class neutron::db::mysql (
$password,
$dbname = 'neutron',
@ -15,45 +36,27 @@ class neutron::db::mysql (
$host = '127.0.0.1',
$allowed_hosts = undef,
$charset = 'utf8',
$collate = 'utf8_unicode_ci',
$collate = 'utf8_general_ci',
$cluster_id = 'localzone',
$mysql_module = '0.9'
$mysql_module = undef,
) {
if ($mysql_module >= 2.2) {
mysql::db { $dbname:
user => $user,
password => $password,
host => $host,
charset => $charset,
collate => $collate,
require => Class['mysql::server'],
} -> Service <| title == 'neutron-server' |>
} else {
require mysql::python
mysql::db { $dbname:
user => $user,
password => $password,
host => $host,
charset => $charset,
require => Class['mysql::config'],
}
if $mysql_module {
warning('The mysql_module parameter is deprecated. The latest 2.x mysql module will be used.')
}
# Check allowed_hosts to avoid duplicate resource declarations
if is_array($allowed_hosts) and delete($allowed_hosts,$host) != [] {
$real_allowed_hosts = delete($allowed_hosts,$host)
} elsif is_string($allowed_hosts) and ($allowed_hosts != $host) {
$real_allowed_hosts = $allowed_hosts
}
validate_string($password)
if $real_allowed_hosts {
neutron::db::mysql::host_access { $real_allowed_hosts:
user => $user,
password => $password,
database => $dbname,
mysql_module => $mysql_module,
}
::openstacklib::db::mysql { 'neutron':
user => $user,
password_hash => mysql_password($password),
dbname => $dbname,
host => $host,
charset => $charset,
collate => $collate,
allowed_hosts => $allowed_hosts,
}
::Openstacklib::Db::Mysql['neutron'] ~> Service <| title == 'neutron-server' |>
::Openstacklib::Db::Mysql['neutron'] ~> Exec <| title == 'neutron-db-sync' |>
}

35
deployment/puppet/neutron/manifests/db/mysql/host_access.pp
View File

@ -1,35 +0,0 @@
#
# Used to grant access to the neutron mysql DB
#
# TODO(bogdando) sync this manifest with upstream once puppet-openstacklib
# synced in Fuel as well. We cannot sync it for now.
define neutron::db::mysql::host_access ($user, $password, $database, $mysql_module = '0.9') {
if ($mysql_module >= 2.2) {
mysql_user { "${user}@${name}":
password_hash => mysql_password($password),
require => Mysql_database[$database],
}
mysql_grant { "${user}@${name}/${database}.*":
privileges => ['ALL'],
options => ['GRANT'],
table => "${database}.*",
require => Mysql_user["${user}@${name}"],
user => "${user}@${name}"
}
} else {
database_user { "${user}@${name}":
password_hash => mysql_password($password),
provider => 'mysql',
require => Database[$database],
}
database_grant { "${user}@${name}/${database}":
# TODO figure out which privileges to grant.
privileges => 'all',
provider => 'mysql',
require => Database_user["${user}@${name}"]
}
}
}

45
deployment/puppet/neutron/manifests/db/postgresql.pp Normal file
View File

@ -0,0 +1,45 @@
# == Class: neutron::db::postgresql
#
# Class that configures postgresql for neutron
# Requires the Puppetlabs postgresql module.
#
# === Parameters
#
# [*password*]
# (Required) Password to connect to the database.
#
# [*dbname*]
# (Optional) Name of the database.
# Defaults to 'neutron'.
#
# [*user*]
# (Optional) User to connect to the database.
# Defaults to 'neutron'.
#
# [*encoding*]
# (Optional) The charset to use for the database.
# Default to undef.
#
# [*privileges*]
# (Optional) Privileges given to the database user.
# Default to 'ALL'
#
class neutron::db::postgresql(
$password,
$dbname = 'neutron',
$user = 'neutron',
$encoding = undef,
$privileges = 'ALL',
) {
::openstacklib::db::postgresql { 'neutron':
password_hash => postgresql_password($user, $password),
dbname => $dbname,
user => $user,
encoding => $encoding,
privileges => $privileges,
}
::Openstacklib::Db::Postgresql['neutron'] ~> Service <| title == 'neutron-server' |>
::Openstacklib::Db::Postgresql['neutron'] ~> Exec <| title == 'neutron-db-sync' |>
}

99
deployment/puppet/neutron/manifests/init.pp
View File

@ -85,6 +85,11 @@
# (optional) Enables network namespaces
# Defaults to false
#
# [*api_extensions_path*]
# (optional) Specify additional paths for API extensions that the
# module in use needs to load.
# Defaults to undef
#
# [*report_interval*]
# (optional) Seconds between nodes reporting state to server; should be less than
# agent_down_time, best if it is half or less than agent_down_time.
@ -92,6 +97,10 @@
# report_interval is a config for neutron agents, set by class neutron
# Defaults to: 30
#
# [memcache_servers]
# List of memcache servers in format of server:port.
# Optional. Defaults to false. Example: ['localhost:11211']
#
# [*control_exchange*]
# (optional) What RPC queue/exchange to use
# Defaults to neutron
@ -132,7 +141,7 @@
# (optional) SSL version to use (valid only if SSL enabled).
# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be
# available on some distributions.
# Defaults to 'SSLv3'
# Defaults to 'TLSv1'
#
# [*kombu_reconnect_delay*]
# (optional) The amount of time to wait before attempting to reconnect
@ -189,6 +198,16 @@
# If set to boolean false, it will not log to any directory
# Defaults to /var/log/neutron
#
# [*state_path*]
# (optional) Where to store state files. This directory must be writable
# by the user executing the agent
# Defaults to: /var/lib/neutron
#
# [*lock_path*]
# (optional) Where to store lock files. This directory must be writeable
# by the user executing the agent
# Defaults to: /var/lib/neutron/lock
#
class neutron (
$enabled = true,
$package_ensure = 'present',
@ -209,8 +228,10 @@ class neutron (
$allow_pagination = false,
$allow_sorting = false,
$allow_overlapping_ips = false,
$api_extensions_path = undef,
$root_helper = 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf',
$report_interval = '30',
$memcache_servers = false,
$control_exchange = 'neutron',
$rpc_backend = 'neutron.openstack.common.rpc.impl_kombu',
$rabbit_password = false,
@ -223,7 +244,7 @@ class neutron (
$kombu_ssl_ca_certs = undef,
$kombu_ssl_certfile = undef,
$kombu_ssl_keyfile = undef,
$kombu_ssl_version = 'SSLv3',
$kombu_ssl_version = 'TLSv1',
$kombu_reconnect_delay = '1.0',
$qpid_hostname = 'localhost',
$qpid_port = '5672',
@ -246,11 +267,14 @@ class neutron (
$log_facility = 'LOG_USER',
$log_file = false,
$log_dir = '/var/log/neutron',
$state_path = '/var/lib/neutron',
$lock_path = '/var/lib/neutron/lock',
) {
include neutron::params
include ::neutron::params
Package['neutron'] -> Neutron_config<||>
Package['neutron'] -> Nova_Admin_Tenant_Id_Setter<||>
if $use_ssl {
if !$cert_file {
@ -278,16 +302,18 @@ class neutron (
fail('The kombu_ssl_certfile and kombu_ssl_keyfile parameters must be used together')
}
if $memcache_servers {
validate_array($memcache_servers)
}
File {
require => Package['neutron'],
owner => 'root',
group => 'neutron',
mode => '0640',
}
file { '/etc/neutron':
ensure => directory,
mode => '0750',
ensure => directory,
}
file { '/etc/neutron/neutron.conf': }
@ -295,6 +321,7 @@ class neutron (
package { 'neutron':
ensure => $package_ensure,
name => $::neutron::params::package_name,
tag => 'openstack',
}
neutron_config {
@ -315,6 +342,9 @@ class neutron (
'DEFAULT/allow_overlapping_ips': value => $allow_overlapping_ips;
'DEFAULT/control_exchange': value => $control_exchange;
'DEFAULT/rpc_backend': value => $rpc_backend;
'DEFAULT/api_extensions_path': value => $api_extensions_path;
'DEFAULT/state_path': value => $state_path;
'DEFAULT/lock_path': value => $lock_path;
'agent/root_helper': value => $root_helper;
'agent/report_interval': value => $report_interval;
}
@ -357,60 +387,71 @@ class neutron (
}
}
if $memcache_servers {
neutron_config {
'DEFAULT/memcached_servers': value => join($memcache_servers, ',');
}
} else {
neutron_config {
'DEFAULT/memcached_servers': ensure => absent;
}
}
if $rpc_backend == 'neutron.openstack.common.rpc.impl_kombu' {
if ! $rabbit_password {
fail('When rpc_backend is rabbitmq, you must set rabbit password')
}
if $rabbit_hosts {
neutron_config { 'DEFAULT/rabbit_hosts': value => join($rabbit_hosts, ',') }
neutron_config { 'DEFAULT/rabbit_ha_queues': value => true }
neutron_config { 'oslo_messaging_rabbit/rabbit_hosts': value => join($rabbit_hosts, ',') }
neutron_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true }
} else {
neutron_config { 'DEFAULT/rabbit_host': value => $rabbit_host }
neutron_config { 'DEFAULT/rabbit_port': value => $rabbit_port }
neutron_config { 'DEFAULT/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}" }
neutron_config { 'DEFAULT/rabbit_ha_queues': value => false }
neutron_config { 'oslo_messaging_rabbit/rabbit_host': value => $rabbit_host }
neutron_config { 'oslo_messaging_rabbit/rabbit_port': value => $rabbit_port }
neutron_config { 'oslo_messaging_rabbit/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}" }
neutron_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false }
}
neutron_config {
'DEFAULT/rabbit_userid': value => $rabbit_user;
'DEFAULT/rabbit_password': value => $rabbit_password, secret => true;
'DEFAULT/rabbit_virtual_host': value => $rabbit_virtual_host;
'DEFAULT/rabbit_use_ssl': value => $rabbit_use_ssl;
'DEFAULT/kombu_reconnect_delay': value => $kombu_reconnect_delay;
'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_user;
'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true;
'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host;
'oslo_messaging_rabbit/rabbit_use_ssl': value => $rabbit_use_ssl;
'oslo_messaging_rabbit/kombu_reconnect_delay': value => $kombu_reconnect_delay;
}
if $rabbit_use_ssl {
if $kombu_ssl_ca_certs {
neutron_config { 'DEFAULT/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs; }
neutron_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs; }
} else {
neutron_config { 'DEFAULT/kombu_ssl_ca_certs': ensure => absent; }
neutron_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; }
}
if $kombu_ssl_certfile or $kombu_ssl_keyfile {
neutron_config {
'DEFAULT/kombu_ssl_certfile': value => $kombu_ssl_certfile;
'DEFAULT/kombu_ssl_keyfile': value => $kombu_ssl_keyfile;
'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile;
'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile;
}
} else {
neutron_config {
'DEFAULT/kombu_ssl_certfile': ensure => absent;
'DEFAULT/kombu_ssl_keyfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent;
}
}
if $kombu_ssl_version {
neutron_config { 'DEFAULT/kombu_ssl_version': value => $kombu_ssl_version; }
neutron_config { 'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version; }
} else {
neutron_config { 'DEFAULT/kombu_ssl_version': ensure => absent; }
neutron_config { 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; }
}
} else {
neutron_config {
'DEFAULT/kombu_ssl_ca_certs': ensure => absent;
'DEFAULT/kombu_ssl_certfile': ensure => absent;
'DEFAULT/kombu_ssl_keyfile': ensure => absent;
'DEFAULT/kombu_ssl_version': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent;
'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent;
}
}

234
deployment/puppet/neutron/manifests/keystone/auth.pp
View File

@ -19,96 +19,192 @@
# [*configure_endpoint*]
# Should Neutron endpoint be configured? Defaults to 'true'.
#
# [*configure_user*]
# Should the Neutron service user be configured? Defaults to 'true'.
#
# [*configure_user_role*]
# Should the admin role be configured for the service user?
# Defaults to 'true'.
#
# [*service_name*]
# Name of the service. Defaults to the value of auth_name.
#
# [*service_type*]
# Type of service. Defaults to 'network'.
#
# [*public_protocol*]
# Protocol for public endpoint. Defaults to 'http'.
#
# [*public_address*]
# Public address for endpoint. Defaults to '127.0.0.1'.
#
# [*admin_protocol*]
# Protocol for admin endpoint. Defaults to 'http'.
#
# [*admin_address*]
# Admin address for endpoint. Defaults to '127.0.0.1'.
#
# [*internal_protocol*]
# Protocol for internal endpoint. Defaults to 'http'.
#
# [*internal_address*]
# Internal address for endpoint. Defaults to '127.0.0.1'.
#
# [*port*]
# Port for endpoint. Defaults to '9696'.
#
# [*public_port*]
# Port for public endpoint. Defaults to $port.
#
# [*region*]
# Region for endpoint. Defaults to 'RegionOne'.
#
# [*public_url*]
# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:9696')
# This url should *not* contain any trailing '/'.
#
# [*admin_url*]
# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:9696')
# This url should *not* contain any trailing '/'.
#
# [*internal_url*]
# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:9696')
# This url should *not* contain any trailing '/'.
#
# [*port*]
# (optional) DEPRECATED: Use public_url, internal_url and admin_url instead.
# Default port for endpoints. (Defaults to 9696)
# Setting this parameter overrides public_url, internal_url and admin_url parameters.
#
# [*public_port*]
# (optional) DEPRECATED: Use public_url instead.
# Default port for endpoints. (Defaults to 9696)
# Setting this parameter overrides public_url parameter.
#
# [*public_protocol*]
# (optional) DEPRECATED: Use public_url instead.
# Protocol for public endpoint. (Defaults to 'http')
# Setting this parameter overrides public_url parameter.
#
# [*public_address*]
# (optional) DEPRECATED: Use public_url instead.
# Public address for endpoint. (Defaults to '127.0.0.1')
# Setting this parameter overrides public_url parameter.
#
# [*internal_protocol*]
# (optional) DEPRECATED: Use internal_url instead.
# Protocol for internal endpoint. (Defaults to 'http')
# Setting this parameter overrides internal_url parameter.
#
# [*internal_address*]
# (optional) DEPRECATED: Use internal_url instead.
# Internal address for endpoint. (Defaults to '127.0.0.1')
# Setting this parameter overrides internal_url parameter.
#
# [*admin_protocol*]
# (optional) DEPRECATED: Use admin_url instead.
# Protocol for admin endpoint. (Defaults to 'http')
# Setting this parameter overrides admin_url parameter.
#
# [*admin_address*]
# (optional) DEPRECATED: Use admin_url instead.
# Admin address for endpoint. (Defaults to '127.0.0.1')
# Setting this parameter overrides admin_url parameter.
#
# === Deprecation notes
#
# If any value is provided for public_protocol, public_address or port parameters,
# public_url will be completely ignored. The same applies for internal and admin parameters.
#
# === Examples
#
# class { 'neutron::keystone::auth':
# public_url => 'https://10.0.0.10:9696',
# internal_url => 'https://10.0.0.11:9696',
# admin_url => 'https://10.0.0.11:9696',
# }
#
#
class neutron::keystone::auth (
$password,
$auth_name = 'neutron',
$email = 'neutron@localhost',
$tenant = 'services',
$configure_endpoint = true,
$service_name = undef,
$service_type = 'network',
$public_protocol = 'http',
$public_address = '127.0.0.1',
$admin_protocol = 'http',
$admin_address = '127.0.0.1',
$internal_protocol = 'http',
$internal_address = '127.0.0.1',
$port = '9696',
$public_port = undef,
$region = 'RegionOne'
$auth_name = 'neutron',
$email = 'neutron@localhost',
$tenant = 'services',
$configure_endpoint = true,
$configure_user = true,
$configure_user_role = true,
$service_name = undef,
$service_type = 'network',
$region = 'RegionOne',
$public_url = 'http://127.0.0.1:9696',
$admin_url = 'http://127.0.0.1:9696',
$internal_url = 'http://127.0.0.1:9696',
# DEPRECATED PARAMETERS
$port = undef,
$public_protocol = undef,
$public_address = undef,
$public_port = undef,
$internal_protocol = undef,
$internal_address = undef,
$admin_protocol = undef,
$admin_address = undef,
) {
if $service_name == undef {
$real_service_name = $auth_name
if $port {
warning('The port parameter is deprecated, use public_url, internal_url and admin_url instead.')
}
if $public_protocol {
warning('The public_protocol parameter is deprecated, use public_url instead.')
}
if $internal_protocol {
warning('The internal_protocol parameter is deprecated, use internal_url instead.')
}
if $admin_protocol {
warning('The admin_protocol parameter is deprecated, use admin_url instead.')
}
if $public_address {
warning('The public_address parameter is deprecated, use public_url instead.')
}
if $internal_address {
warning('The internal_address parameter is deprecated, use internal_url instead.')
}
if $admin_address {
warning('The admin_address parameter is deprecated, use admin_url instead.')
}
if ($public_protocol or $public_address or $port or $public_port) {
$public_url_real = sprintf('%s://%s:%s',
pick($public_protocol, 'http'),
pick($public_address, '127.0.0.1'),
pick($public_port, $port, '9696'))
} else {
$real_service_name = $service_name
$public_url_real = $public_url
}
Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'neutron-server' |>
Keystone_endpoint["${region}/${real_service_name}"] ~> Service <| name == 'neutron-server' |>
if ! $public_port {
$real_public_port = $port
if ($admin_protocol or $admin_address or $port) {
$admin_url_real = sprintf('%s://%s:%s',
pick($admin_protocol, 'http'),
pick($admin_address, '127.0.0.1'),
pick($port, '9696'))
} else {
$real_public_port = $public_port
$admin_url_real = $admin_url
}
keystone_user { $auth_name:
ensure => present,
password => $password,
email => $email,
tenant => $tenant,
}
keystone_user_role { "${auth_name}@${tenant}":
ensure => present,
roles => 'admin',
}
keystone_service { $real_service_name:
ensure => present,
type => $service_type,
description => 'Neutron Networking Service',
if ($internal_protocol or $internal_address or $port) {
$internal_url_real = sprintf('%s://%s:%s',
pick($internal_protocol, 'http'),
pick($internal_address, '127.0.0.1'),
pick($port, '9696'))
} else {
$internal_url_real = $internal_url
}
$real_service_name = pick($service_name, $auth_name)
if $configure_endpoint {
keystone_endpoint { "${region}/${real_service_name}":
ensure => present,
public_url => "${public_protocol}://${public_address}:${real_public_port}/",
internal_url => "${internal_protocol}://${internal_address}:${port}/",
admin_url => "${admin_protocol}://${admin_address}:${port}/",
}
Keystone_endpoint["${region}/${real_service_name}"] ~> Service <| title == 'neutron-server' |>
}
if $configure_user_role {
Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| title == 'neutron-server' |>
}
keystone::resource::service_identity { $auth_name:
configure_user => $configure_user,
configure_user_role => $configure_user_role,
configure_endpoint => $configure_endpoint,
service_type => $service_type,
service_description => 'Neutron Networking Service',
service_name => $real_service_name,
region => $region,
password => $password,
email => $email,
tenant => $tenant,
public_url => $public_url_real,
admin_url => $admin_url_real,
internal_url => $internal_url_real,
}
}

40
deployment/puppet/neutron/manifests/params.pp
View File

@ -2,6 +2,8 @@
class neutron::params {
if($::osfamily == 'Redhat') {
$nobody_user_group = 'nobody'
$package_name = 'openstack-neutron'
$server_package = false
$server_service = 'neutron-server'
@ -22,10 +24,20 @@ class neutron::params {
$linuxbridge_server_package = 'openstack-neutron-linuxbridge'
$linuxbridge_config_file = '/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini'
$sriov_nic_agent_service = 'neutron-sriov-nic-agent'
$sriov_nic_agent_package = 'openstack-neutron-sriov-nic-agent'
$cisco_server_package = 'openstack-neutron-cisco'
$cisco_config_file = '/etc/neutron/plugins/cisco/cisco_plugins.ini'
$cisco_ml2_config_file = '/etc/neutron/plugins/ml2/ml2_conf_cisco.ini'
$midonet_server_package = 'python-neutron-plugin-midonet'
$midonet_config_file = '/etc/neutron/plugins/midonet/midonet.ini'
$plumgrid_plugin_package = 'openstack-neutron-plumgrid'
$plumgrid_pythonlib_package = 'plumgrid-pythonlib'
$plumgrid_config_file = '/etc/neutron/plugins/plumgrid/plumgrid.ini'
$nvp_server_package = 'openstack-neutron-nicira'
$dhcp_agent_package = false
@ -33,7 +45,7 @@ class neutron::params {
$dnsmasq_packages = ['dnsmasq', 'dnsmasq-utils']
$lbaas_agent_package = false
$lbaas_agent_package = 'openstack-neutron-lbaas'
$lbaas_agent_service = 'neutron-lbaas-agent'
$haproxy_package = 'haproxy'
@ -43,13 +55,17 @@ class neutron::params {
$vpnaas_agent_package = 'openstack-neutron-vpn-agent'
$vpnaas_agent_service = 'neutron-vpn-agent'
$openswan_package = 'openswan'
if $::operatingsystemrelease =~ /^7.*/ or $::operatingsystem == 'Fedora' {
$openswan_package = 'libreswan'
} else {
$openswan_package = 'openswan'
}
$l3_agent_package = false
$l3_agent_service = 'neutron-l3-agent'
# TODO(bogdando) contribute change to upstream:
# new metadata_agent_package param
$metadata_agent_package = false
$fwaas_package = 'openstack-neutron-fwaas'
$metadata_agent_service = 'neutron-metadata-agent'
$cliff_package = 'python-cliff'
@ -58,6 +74,8 @@ class neutron::params {
} elsif($::osfamily == 'Debian') {
$nobody_user_group = 'nogroup'
$package_name = 'neutron-common'
$server_package = 'neutron-server'
$server_service = 'neutron-server'
@ -82,10 +100,20 @@ class neutron::params {
$linuxbridge_server_package = 'neutron-plugin-linuxbridge'
$linuxbridge_config_file = '/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini'
$sriov_nic_agent_service = 'neutron-plugin-sriov-agent'
$sriov_nic_agent_package = 'neutron-plugin-sriov-agent'
$cisco_server_package = 'neutron-plugin-cisco'
$cisco_config_file = '/etc/neutron/plugins/cisco/cisco_plugins.ini'
$cisco_ml2_config_file = '/etc/neutron/plugins/ml2/ml2_conf_cisco.ini'
$midonet_server_package = 'python-neutron-plugin-midonet'
$midonet_config_file = '/etc/neutron/plugins/midonet/midonet.ini'
$plumgrid_plugin_package = 'neutron-plugin-plumgrid'
$plumgrid_pythonlib_package = 'plumgrid-pythonlib'
$plumgrid_config_file = '/etc/neutron/plugins/plumgrid/plumgrid.ini'
$nvp_server_package = 'neutron-plugin-nicira'
$dhcp_agent_package = 'neutron-dhcp-agent'
@ -114,6 +142,8 @@ class neutron::params {
$l3_agent_package = 'neutron-l3-agent'
$l3_agent_service = 'neutron-l3-agent'
$fwaas_package = 'python-neutron-fwaas'
$cliff_package = 'python-cliff'
$kernel_headers = "linux-headers-${::kernelrelease}"

16
deployment/puppet/neutron/manifests/plugins/cisco.pp
View File

@ -122,6 +122,7 @@ class neutron::plugins::cisco(
package { 'neutron-plugin-cisco':
ensure => $package_ensure,
name => $::neutron::params::cisco_server_package,
tag => 'openstack',
}
@ -171,9 +172,14 @@ class neutron::plugins::cisco(
# In RH, this link is used to start Neutron process but in Debian, it's used only
# to manage database synchronization.
ensure_resource('file', '/etc/neutron/plugin.ini', {
ensure => link,
target => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini',
require => Package['neutron-plugin-ovs']
})
if defined(File['/etc/neutron/plugin.ini']) {
File <| path == '/etc/neutron/plugin.ini' |> { target => '/etc/neutron/plugins/cisco/cisco_plugins.ini' }
}
else {
file {'/etc/neutron/plugin.ini':
ensure => link,
target => '/etc/neutron/plugins/cisco/cisco_plugins.ini',
require => Package['neutron-plugin-cisco'],
}
}
}

73
deployment/puppet/neutron/manifests/plugins/linuxbridge.pp
View File

@ -1,73 +0,0 @@
# == Class: neutron::plugins::linuxbridge
#
# Setups linuxbridge plugin for neutron server.
#
# === Parameters
#
# [*sql_connection*]
# sql_connection is no longer configured in the plugin.ini.
# Use $connection in the nuetron::server class to configure the SQL
# connection string.
#
# [*network_vlan_ranges*]
# (required) Comma-separated list of <physical_network>[:<vlan_min>:<vlan_max>]
# tuples enumerating ranges of VLAN IDs on named physical networks that are
# available for allocation.
#
# [*tenant_network_type*]
# (optional) Type of network to allocate for tenant networks.
# Defaults to 'vlan'.
#
# [*package_ensure*]
# (optional) Ensure state for package. Defaults to 'present'.
#
class neutron::plugins::linuxbridge (
$sql_connection = false,
$network_vlan_ranges = 'physnet1:1000:2000',
$tenant_network_type = 'vlan',
$package_ensure = 'present'
) {
include neutron::params
Package['neutron'] -> Package['neutron-plugin-linuxbridge']
Package['neutron-plugin-linuxbridge'] -> Neutron_plugin_linuxbridge<||>
Neutron_plugin_linuxbridge<||> ~> Service<| title == 'neutron-server' |>
Package['neutron-plugin-linuxbridge'] -> Service<| title == 'neutron-server' |>
if $::operatingsystem == 'Ubuntu' {
file_line { '/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG':
path => '/etc/default/neutron-server',
match => '^NEUTRON_PLUGIN_CONFIG=(.*)$',
line => "NEUTRON_PLUGIN_CONFIG=${::neutron::params::linuxbridge_config_file}",
require => [
Package['neutron-plugin-linuxbridge'],
Package['neutron-server'],
],
notify => Service['neutron-server'],
}
}
package { 'neutron-plugin-linuxbridge':
ensure => $package_ensure,
name => $::neutron::params::linuxbridge_server_package,
}
if $sql_connection {
warning('sql_connection is deprecated for connection in the neutron::server class')
}
neutron_plugin_linuxbridge {
'VLANS/tenant_network_type': value => $tenant_network_type;
'VLANS/network_vlan_ranges': value => $network_vlan_ranges;
}
# In RH, this link is used to start Neutron process but in Debian, it's used only
# to manage database synchronization.
file {'/etc/neutron/plugin.ini':
ensure => link,
target => '/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini',
require => Package['neutron-plugin-linuxbridge']
}
}

144
deployment/puppet/neutron/manifests/plugins/midonet.pp Normal file
View File

@ -0,0 +1,144 @@
# == Class: midonet::neutron_plugin
#
# Install and configure Midonet Neutron Plugin. Please note that this manifest
# does not install the 'python-neutron-midonet-plugin' package, it only
# configures Neutron to do so needed for this deployment. Check out the
# MidoNet module to do so.
#
# === Parameters
#
# [*midonet_api_ip*]
# IP address of the MidoNet api service
# [*midonet_api_port*]
# IP address of the MidoNet port service. MidoNet runs in a Tomcat, so 8080
# is used by default.
# [*keystone_username*]
# Username from which midonet api will authenticate against Keystone (neutron
# service is desirable and defaulted)
# [*keystone_password*]
# Password from which midonet api will authenticate against Keystone
# [*keystone_tenant*]
# Tenant from which midonet api will authenticate against Keystone (services
# tenant is desirable and defaulted)
# [*sync_db*]
# Whether 'midonet-db-manage' should run to create and/or syncrhonize the database
# with MidoNet specific tables. Defaults to false
#
# === Examples
#
# An example call would be:
#
# class {'neutron:plugins::midonet':
# midonet_api_ip => '23.123.5.32',
# midonet_api_port => '8080',
# keystone_username => 'neutron',
# keystone_password => '32kjaxT0k3na',
# keystone_tenant => 'services',
# sync_db => true
# }
#
# You can alternatively use the Hiera's yaml style:
# neutron::plugin::midonet::midonet_api_ip: '23.213.5.32'
# neutron::plugin::midonet::port: '8080'
# neutron::plugin::midonet::keystone_username: 'neutron'
# neutron::plugin::midonet::keystone_password: '32.kjaxT0k3na'
# neutron::plugin::midonet::keystone_tenant: 'services'
# neutron::plugin::midonet::sync_db: true
#
# === Authors
#
# Midonet (http://MidoNet.org)
#
# === Copyright
#
# Copyright (c) 2015 Midokura SARL, All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
class neutron::plugins::midonet (
$midonet_api_ip = '127.0.0.1',
$midonet_api_port = '8080',
$keystone_username = 'neutron',
$keystone_password = undef,
$keystone_tenant = 'services',
$sync_db = false
) {
include ::neutron::params
Neutron_plugin_midonet<||> ~> Service['neutron-server']
ensure_resource('file', '/etc/neutron/plugins/midonet', {
ensure => directory,
owner => 'root',
group => 'neutron',
mode => '0640'}
)
# Ensure the neutron package is installed before config is set
# under both RHEL and Ubuntu
if ($::neutron::params::server_package) {
Package['neutron-server'] -> Neutron_plugin_midonet<||>
} else {
Package['neutron'] -> Neutron_plugin_midonet<||>
}
# Although this manifest does not install midonet plugin package because it
# is not available in common distro repos, this statement forces you to
# have an orchestrator/wrapper manifest that does that job.
Package[$::neutron::params::midonet_server_package] -> Neutron_plugin_midonet<||>
neutron_plugin_midonet {
'MIDONET/midonet_uri': value => "http://${midonet_api_ip}:${midonet_api_port}/midonet-api";
'MIDONET/username': value => $keystone_username;
'MIDONET/password': value => $keystone_password, secret =>true;
'MIDONET/project_id': value => $keystone_tenant;
}
if $::osfamily == 'Debian' {
file_line { '/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG':
path => '/etc/default/neutron-server',
match => '^NEUTRON_PLUGIN_CONFIG=(.*)$',
line => "NEUTRON_PLUGIN_CONFIG=${::neutron::params::midonet_config_file}",
require => [ Package['neutron-server'], Package[$::neutron::params::midonet_server_package] ],
notify => Service['neutron-server'],
}
}
# In RH, this link is used to start Neutron process but in Debian, it's used only
# to manage database synchronization.
if defined(File['/etc/neutron/plugin.ini']) {
File <| path == '/etc/neutron/plugin.ini' |> { target => $::neutron::params::midonet_config_file }
}
else {
file {'/etc/neutron/plugin.ini':
ensure => link,
target => $::neutron::params::midonet_config_file,
require => Package[$::neutron::params::midonet_server_package]
}
}
if $sync_db {
Package<| title == $::neutron::params::midonet_server_package |> ~> Exec['midonet-db-sync']
exec { 'midonet-db-sync':
command => 'midonet-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head',
path => '/usr/bin',
before => Service['neutron-server'],
subscribe => Neutron_config['database/connection'],
refreshonly => true
}
}
}

65
deployment/puppet/neutron/manifests/plugins/ml2.pp
View File

@ -42,7 +42,7 @@
# entrypoints to be loaded from the neutron.ml2.mechanism_drivers namespace.
# Should be an array that can have these elements:
# logger, test, linuxbridge, openvswitch, hyperv, ncs, arista, cisco_nexus,
# l2population.
# l2population, sriovnicswitch
# Default to ['openvswitch', 'linuxbridge'].
#
# [*flat_networks*]
@ -88,21 +88,35 @@
# It should be false when you use nova security group.
# Defaults to true.
#
# [*supported_pci_vendor_devs*]
# (optional) Supported PCI vendor devices, defined by
# vendor_id:product_id according to the PCI ID
# Repository. Should be an array of devices.
# Defaults to ['15b3:1004', '8086:10ca'] (Intel & Mellanox SR-IOV capable NICs)
#
# [*sriov_agent_required*]
# (optional) SRIOV neutron agent is required for port binding.
# Only set to true if SRIOV network adapters support VF link state setting
# and if admin state management is desired.
# Defaults to false.
#
class neutron::plugins::ml2 (
$type_drivers = ['local', 'flat', 'vlan', 'gre', 'vxlan'],
$tenant_network_types = ['local', 'flat', 'vlan', 'gre', 'vxlan'],
$mechanism_drivers = ['openvswitch', 'linuxbridge'],
$flat_networks = ['*'],
$network_vlan_ranges = ['physnet1:1000:2999'],
$tunnel_id_ranges = ['20:100'],
$vxlan_group = '224.0.0.1',
$vni_ranges = ['10:100'],
$enable_security_group = true,
$package_ensure = 'present'
$type_drivers = ['local', 'flat', 'vlan', 'gre', 'vxlan'],
$tenant_network_types = ['local', 'flat', 'vlan', 'gre', 'vxlan'],
$mechanism_drivers = ['openvswitch', 'linuxbridge'],
$flat_networks = ['*'],
$network_vlan_ranges = ['physnet1:1000:2999'],
$tunnel_id_ranges = ['20:100'],
$vxlan_group = '224.0.0.1',
$vni_ranges = ['10:100'],
$enable_security_group = true,
$package_ensure = 'present',
$supported_pci_vendor_devs = ['15b3:1004', '8086:10ca'],
$sriov_agent_required = false,
) {
include neutron::params
include ::neutron::params
Neutron_plugin_ml2<||> ~> Service<| title == 'neutron-server' |>
@ -118,21 +132,22 @@ class neutron::plugins::ml2 (
line => 'NEUTRON_PLUGIN_CONFIG=/etc/neutron/plugin.ini',
require => File['/etc/default/neutron-server','/etc/neutron/plugin.ini'],
}
File_line['/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG']
Package<| title == 'neutron-server' |>
-> File_line['/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG']
~> Service<| title == 'neutron-server' |>
}
# In RH, the link is used to start Neutron process but in Debian, it's used only
# to manage database synchronization.
file {'/etc/neutron/plugin.ini':
ensure => link,
target => '/etc/neutron/plugins/ml2/ml2_conf.ini'
ensure => link,
target => '/etc/neutron/plugins/ml2/ml2_conf.ini'
}
file {'/etc/default/neutron-server':
ensure => present,
owner => 'root',
group => 'root',
mode => '0644'
ensure => present,
owner => 'root',
group => 'root',
mode => '0644'
}
# Some platforms do not have a dedicated ml2 plugin package
@ -140,6 +155,7 @@ class neutron::plugins::ml2 (
package { 'neutron-plugin-ml2':
ensure => $package_ensure,
name => $::neutron::params::ml2_server_package,
tag => 'openstack',
}
Package['neutron-plugin-ml2'] -> Neutron_plugin_ml2<||>
Package['neutron-plugin-ml2'] -> File['/etc/neutron/plugin.ini']
@ -150,7 +166,7 @@ class neutron::plugins::ml2 (
Package['neutron'] -> File['/etc/default/neutron-server']
}
neutron::plugins::ml2::driver { $type_drivers:
neutron::plugins::ml2::type_driver { $type_drivers:
flat_networks => $flat_networks,
tunnel_id_ranges => $tunnel_id_ranges,
network_vlan_ranges => $network_vlan_ranges,
@ -158,6 +174,11 @@ class neutron::plugins::ml2 (
vxlan_group => $vxlan_group,
}
neutron::plugins::ml2::mech_driver { $mechanism_drivers:
supported_pci_vendor_devs => $supported_pci_vendor_devs,
sriov_agent_required => $sriov_agent_required,
}
neutron_plugin_ml2 {
'ml2/type_drivers': value => join($type_drivers, ',');
'ml2/tenant_network_types': value => join($tenant_network_types, ',');
@ -165,8 +186,6 @@ class neutron::plugins::ml2 (
'securitygroup/enable_security_group': value => $enable_security_group;
}
#NOTE(bogdando) contribute change to upstream #1384119:
Neutron_plugin_ml2<||> -> Exec<| title == 'neutron-db-sync' |>
Neutron_plugin_ml2<||> ~> Exec<| title == 'neutron-db-sync' |>
}

1
deployment/puppet/neutron/manifests/plugins/ml2/cisco/nexus.pp
View File

@ -33,6 +33,7 @@ class neutron::plugins::ml2::cisco::nexus (
# and install it manually
package { 'python-ncclient':
ensure => installed,
tag => 'openstack',
} ~> Service['neutron-server']
Neutron_plugin_ml2<||> ->

31
deployment/puppet/neutron/manifests/plugins/ml2/mech_driver.pp Normal file
View File

@ -0,0 +1,31 @@
#
# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
#
# Author: Emilien Macchi <emilien.macchi@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# neutron::plugins::ml2::mech_driver used by neutron::plugins::ml2
#
define neutron::plugins::ml2::mech_driver (
$supported_pci_vendor_devs,
$sriov_agent_required,
){
if ($name == 'sriovnicswitch') {
neutron_plugin_ml2 {
'ml2_sriov/supported_pci_vendor_dev': value => join($supported_pci_vendor_devs, ',');
'ml2_sriov/agent_required': value => $sriov_agent_required;
}
}
}

4
deployment/puppet/neutron/manifests/plugins/ml2/driver.pp → deployment/puppet/neutron/manifests/plugins/ml2/type_driver.pp
View File

@ -15,10 +15,10 @@
# License for the specific language governing permissions and limitations
# under the License.
#
# neutron::plugins::ml2::drivers used by neutron::plugins::ml2
# neutron::plugins::ml2::type_driver used by neutron::plugins::ml2
#
define neutron::plugins::ml2::driver (
define neutron::plugins::ml2::type_driver (
$flat_networks,
$tunnel_id_ranges,
$network_vlan_ranges,

7
deployment/puppet/neutron/manifests/plugins/nvp.pp
View File

@ -30,7 +30,7 @@ class neutron::plugins::nvp (
$package_ensure = 'present'
) {
include neutron::params
include ::neutron::params
Package['neutron'] -> Package['neutron-plugin-nvp']
Package['neutron-plugin-nvp'] -> Neutron_plugin_nvp<||>
@ -38,8 +38,9 @@ class neutron::plugins::nvp (
Package['neutron-plugin-nvp'] -> Service<| title == 'neutron-server' |>
package { 'neutron-plugin-nvp':
ensure => $package_ensure,
name => $::neutron::params::nvp_server_package
ensure => $package_ensure,
name => $::neutron::params::nvp_server_package,
tag => 'openstack',
}
validate_array($nvp_controllers)

105
deployment/puppet/neutron/manifests/plugins/ovs.pp
View File

@ -1,105 +0,0 @@
# Configure the neutron server to use the OVS plugin.
# This configures the plugin for the API server, but does nothing
# about configuring the agents that must also run and share a config
# file with the OVS plugin if both are on the same machine.
#
# === Parameters
#
class neutron::plugins::ovs (
$package_ensure = 'present',
$sql_connection = false,
$sql_max_retries = false,
$sql_idle_timeout = false,
$reconnect_interval = false,
$tenant_network_type = 'vlan',
# NB: don't need tunnel ID range when using VLANs,
# *but* you do need the network vlan range regardless of type,
# because the list of networks there is still important
# even if the ranges aren't specified
# if type is vlan or flat, a default of physnet1:1000:2000 is used
# otherwise this will not be set by default.
$network_vlan_ranges = undef,
$tunnel_id_ranges = '1:1000',
$vxlan_udp_port = 4789
) {
include neutron::params
Package['neutron'] -> Package['neutron-plugin-ovs']
Package['neutron-plugin-ovs'] -> Neutron_plugin_ovs<||>
Neutron_plugin_ovs<||> ~> Service<| title == 'neutron-server' |>
Package['neutron-plugin-ovs'] -> Service<| title == 'neutron-server' |>
if ! defined(Package['neutron-plugin-ovs']) {
package { 'neutron-plugin-ovs':
ensure => $package_ensure,
name => $::neutron::params::ovs_server_package,
}
}
if $sql_connection {
warning('sql_connection is deprecated for connection in the neutron::server class')
}
if $sql_max_retries {
warning('sql_max_retries is deprecated for max_retries in the neutron::server class')
}
if $sql_idle_timeout {
warning('sql_idle_timeout is deprecated for idle_timeout in the neutron::server class')
}
if $reconnect_interval {
warning('reconnect_interval is deprecated for retry_interval in the neutron::server class')
}
neutron_plugin_ovs {
'OVS/tenant_network_type': value => $tenant_network_type;
}
if $tenant_network_type in ['gre', 'vxlan'] {
validate_tunnel_id_ranges($tunnel_id_ranges)
neutron_plugin_ovs {
# this is set by the plugin and the agent - since the plugin node has the agent installed
# we rely on it setting it.
# TODO(ijw): do something with a virtualised node
# 'OVS/enable_tunneling': value => 'True';
'OVS/tunnel_id_ranges': value => $tunnel_id_ranges;
'OVS/tunnel_type': value => $tenant_network_type;
}
}
validate_vxlan_udp_port($vxlan_udp_port)
neutron_plugin_ovs { 'OVS/vxlan_udp_port': value => $vxlan_udp_port; }
if ! $network_vlan_ranges {
# If the user hasn't specified vlan_ranges, fail for the modes where
# it is required, otherwise keep it absent
if $tenant_network_type in ['vlan', 'flat'] {
fail('When using the vlan network type, network_vlan_ranges is required')
} else {
neutron_plugin_ovs { 'OVS/network_vlan_ranges': ensure => absent }
}
} else {
# This might be set by the user for the gre or vxlan case where
# provider networks are in use
if !is_array($network_vlan_ranges) {
$arr_network_vlan_ranges = strip(split($network_vlan_ranges, ','))
} else {
$arr_network_vlan_ranges = $network_vlan_ranges
}
validate_network_vlan_ranges($arr_network_vlan_ranges)
neutron_plugin_ovs {
'OVS/network_vlan_ranges': value => join($arr_network_vlan_ranges, ',');
}
}
# In RH, this link is used to start Neutron process but in Debian, it's used only
# to manage database synchronization.
file {'/etc/neutron/plugin.ini':
ensure => link,
target => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini',
require => Package['neutron-plugin-ovs']
}
}

108
deployment/puppet/neutron/manifests/plugins/plumgrid.pp Normal file
View File

@ -0,0 +1,108 @@
# This class installs and configures Plumgrid Neutron Plugin.
#
# === Parameters
#
# [*director_server*]
# IP address of the PLUMgrid Director Server
# Defaults to 127.0.0.1
# [*director_server_port*]
# Port of the PLUMgrid Director Server.
# Defaults to 443
# [*username*]
# PLUMgrid platform username
# [*password*]
# PLUMgrid platform password
# [*servertimeout*]
# Request timeout duration (seconds) to PLUMgrid paltform
# Defaults to 99
# [*connection*]
# Database connection
# Defaults to http://127.0.0.1:35357/v2.0
# [*admin_password*]
# Keystone admin password
# [*controller_priv_host*]
# Controller private host IP
# Defaults to 127.0.0.1
class neutron::plugins::plumgrid (
$director_server = '127.0.0.1',
$director_server_port = '443',
$username = undef,
$password = undef,
$servertimeout = '99',
$connection = 'http://127.0.0.1:35357/v2.0',
$admin_password = undef,
$controller_priv_host = '127.0.0.1',
$package_ensure = 'present'
) {
include ::neutron::params
Package[neutron-plugin-plumgrid] -> Neutron_plugin_plumgrid<||>
Neutron_plugin_plumgrid<||> ~> Service['neutron-server']
Package[neutron-plumlib-plumgrid] -> Neutron_plumlib_plumgrid<||>
Neutron_plumlib_plumgrid<||> ~> Service['neutron-server']
ensure_resource('file', '/etc/neutron/plugins/plumgrid', {
ensure => directory,
owner => 'root',
group => 'neutron',
mode => '0640'}
)
# Ensure the neutron package is installed before config is set
# under both RHEL and Ubuntu
if ($::neutron::params::server_package) {
Package['neutron-server'] -> Neutron_plugin_plumgrid<||>
Package['neutron-server'] -> Neutron_plumlib_plumgrid<||>
} else {
Package['neutron'] -> Neutron_plugin_plumgrid<||>
Package['neutron'] -> Neutron_plumlib_plumgrid<||>
}
package { 'neutron-plugin-plumgrid':
ensure => $package_ensure,
name => $::neutron::params::plumgrid_plugin_package
}
package { 'neutron-plumlib-plumgrid':
ensure => $package_ensure,
name => $::neutron::params::plumgrid_pythonlib_package
}
if $::osfamily == 'Debian' {
file_line { '/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG':
path => '/etc/default/neutron-server',
match => '^NEUTRON_PLUGIN_CONFIG=(.*)$',
line => "NEUTRON_PLUGIN_CONFIG=${::neutron::params::plumgrid_config_file}",
require => [ Package['neutron-server'], Package['neutron-plugin-plumgrid'] ],
notify => Service['neutron-server'],
}
}
if $::osfamily == 'Redhat' {
file { '/etc/neutron/plugin.ini':
ensure => link,
target => $::neutron::params::plumgrid_config_file,
require => Package['neutron-plugin-plumgrid'],
}
}
neutron_plugin_plumgrid {
'PLUMgridDirector/director_server': value => $director_server;
'PLUMgridDirector/director_server_port': value => $director_server_port;
'PLUMgridDirector/username': value => $username;
'PLUMgridDirector/password': value => $password, secret =>true;
'PLUMgridDirector/servertimeout': value => $servertimeout;
'database/connection': value => $connection;
}
neutron_plumlib_plumgrid {
'keystone_authtoken/admin_user' : value => 'admin';
'keystone_authtoken/admin_password': value => $admin_password, secret =>true;
'keystone_authtoken/auth_uri': value => "http://${controller_priv_host}:35357/v2.0";
'keystone_authtoken/admin_tenant_name': value => 'admin';
'PLUMgridMetadata/enable_pg_metadata' : value => 'True';
'PLUMgridMetadata/metadata_mode': value => 'local';
}
}

39
deployment/puppet/neutron/manifests/policy.pp Normal file
View File

@ -0,0 +1,39 @@
# == Class: neutron::policy
#
# Configure the neutron policies
#
# === Parameters
#
# [*policies*]
# (optional) Set of policies to configure for neutron
# Example :
# {
# 'neutron-context_is_admin' => {
# 'key' => 'context_is_admin',
# 'value' => 'true'
# },
# 'neutron-default' => {
# 'key' => 'default',
# 'value' => 'rule:admin_or_owner'
# }
# }
# Defaults to empty hash.
#
# [*policy_path*]
# (optional) Path to the neutron policy.json file
# Defaults to /etc/neutron/policy.json
#
class neutron::policy (
$policies = {},
$policy_path = '/etc/neutron/policy.json',
) {
validate_hash($policies)
Openstacklib::Policy::Base {
file_path => $policy_path,
}
create_resources('openstacklib::policy::base', $policies)
}

415
deployment/puppet/neutron/manifests/server.pp
View File

@ -16,6 +16,10 @@
# (optional) Whether to start/stop the service
# Defaults to true
#
# [*service_name*]
# (optional) The name of the neutron-server service
# Defaults to 'neutron-server'
#
# [*log_file*]
# REMOVED: Use log_file of neutron class instead.
#
@ -31,16 +35,16 @@
# Defaults to 'keystone'. Can other be 'noauth'
#
# [*auth_host*]
# (optional) The keystone host
# Defaults to localhost
# (optional) DEPRECATED. The keystone host
# Defaults to localhost.
#
# [*auth_protocol*]
# (optional) The protocol used to access the auth host
# (optional) DEPRECATED. The protocol used to access the auth host
# Defaults to http.
#
# [*auth_port*]
# (optional) The keystone auth port
# Defaults to 35357
# (optional) DEPRECATED. The keystone auth port
# Defaults to 35357.
#
# [*auth_admin_prefix*]
# (optional) The admin_prefix used to admin endpoint of the auth host
@ -48,11 +52,6 @@
# (where '/keystone' is the admin prefix)
# Defaults to false for empty. If defined, should be a string with a leading '/' and no trailing '/'.
#
# [*auth_region*]
# (optional) The authentication region. Note this value is case-sensitive and
# must match the endpoint region defined in Keystone.
# Defaults to undef
#
# [*auth_tenant*]
# (optional) The tenant of the auth user
# Defaults to services
@ -61,13 +60,13 @@
# (optional) The name of the auth user
# Defaults to neutron
#
# [*auth_protocol*]
# (optional) The protocol to connect to keystone
# Defaults to http
#
# [*auth_uri*]
# (optional) Complete public Identity API endpoint.
# Defaults to: $auth_protocol://$auth_host:5000/
# Defaults to: false
#
# [*identity_uri*]
# (optional) Complete admin Identity API endpoint.
# Defaults to: false
#
# [*database_connection*]
# (optional) Connection url for the neutron database.
@ -110,6 +109,18 @@
# [*retry_interval*]
# DEPRECATED: Use database_retry_interval instead.
#
# [*database_min_pool_size*]
# (optional) Minimum number of SQL connections to keep open in a pool.
# Defaults to: 1
#
# [*database_max_pool_size*]
# (optional) Maximum number of SQL connections to keep open in a pool.
# Defaults to: 10
#
# [*database_max_overflow*]
# (optional) If set, use this value for max_overflow with sqlalchemy.
# Defaults to: 20
#
# [*sync_db*]
# (optional) Run neutron-db-manage on api nodes after installing the package.
# Defaults to false
@ -138,12 +149,10 @@
# Defaults to: 75
#
# [*state_path*]
# (optional) Where to store dnsmasq state files. This directory must be
# writable by the user executing the agent. Defaults to '/var/lib/neutron'.
# (optional) Deprecated. Use state_path parameter on base neutron class instead.
#
# [*lock_path*]
# (optional) Where to store dnsmasq lock files. This directory must be
# writable by the user executing the agent. Defaults to '/var/lib/neutron/lock'.
# (optional) Deprecated. Use lock_path parameter on base neutron class instead.
#
# [*router_scheduler_driver*]
# (optional) Driver to use for scheduling router to a default L3 agent. Could be:
@ -154,122 +163,111 @@
# [*mysql_module*]
# (optional) Deprecated. Does nothing.
#
# [*router_distributed*]
# (optional) Setting the "router_distributed" flag to "True" will default to the creation
# of distributed tenant routers.
# Also can be the type of the router on the create request (admin-only attribute).
# Defaults to false
#
# [*allow_automatic_l3agent_failover*]
# (optional) Allow automatic rescheduling of routers from dead L3 agents with
# admin_state_up set to True to alive agents.
# Defaults to false
#
# [*l3_ha*]
# (optional) Enable high availability for virtual routers.
# Defaults to false
#
# [*max_l3_agents_per_router*]
# (optional) Maximum number of l3 agents which a HA router will be scheduled on. If set to '0', a router will be scheduled on every agent.
# Defaults to '3'
#
# [*min_l3_agents_per_router*]
# (optional) Minimum number of l3 agents which a HA router will be scheduled on.
# Defaults to '2'
#
# [*l3_ha_net_cidr*]
# (optional) CIDR of the administrative network if HA mode is enabled.
# Defaults to '169.254.192.0/18'
#
class neutron::server (
$package_ensure = 'present',
$enabled = true,
$manage_service = true,
$auth_password = false,
$auth_region = undef,
$auth_type = 'keystone',
$auth_host = 'localhost',
$auth_port = '35357',
$auth_admin_prefix = false,
$auth_tenant = 'services',
$auth_user = 'neutron',
$auth_protocol = 'http',
$auth_uri = false,
$database_connection = 'sqlite:////var/lib/neutron/ovs.sqlite',
$database_max_retries = 10,
$database_idle_timeout = 3600,
$database_retry_interval = 10,
$sync_db = false,
$api_workers = $::processorcount,
$rpc_workers = $::processorcount,
$agent_down_time = '75',
$state_path = '/var/lib/neutron',
$lock_path = '/var/lib/neutron/lock',
$router_scheduler_driver = 'neutron.scheduler.l3_agent_scheduler.ChanceScheduler',
$package_ensure = 'present',
$enabled = true,
$manage_service = true,
$service_name = $::neutron::params::server_service,
$auth_password = false,
$auth_type = 'keystone',
$auth_tenant = 'services',
$auth_user = 'neutron',
$auth_uri = false,
$identity_uri = false,
$database_connection = 'sqlite:////var/lib/neutron/ovs.sqlite',
$database_max_retries = 10,
$database_idle_timeout = 3600,
$database_retry_interval = 10,
$database_min_pool_size = 1,
$database_max_pool_size = 10,
$database_max_overflow = 20,
$sync_db = false,
$api_workers = $::processorcount,
$rpc_workers = $::processorcount,
$agent_down_time = '75',
$router_scheduler_driver = 'neutron.scheduler.l3_agent_scheduler.ChanceScheduler',
$router_distributed = false,
$allow_automatic_l3agent_failover = false,
$l3_ha = false,
$max_l3_agents_per_router = 3,
$min_l3_agents_per_router = 2,
$l3_ha_net_cidr = '169.254.192.0/18',
# DEPRECATED PARAMETERS
# TODO(bogdando) undone the change once puppet-openstacklibs supported in Fuel
$mysql_module = '0.9',
$sql_connection = undef,
$connection = undef,
$sql_max_retries = undef,
$max_retries = undef,
$sql_idle_timeout = undef,
$idle_timeout = undef,
$sql_reconnect_interval = undef,
$retry_interval = undef,
$log_dir = undef,
$log_file = undef,
$report_interval = undef,
$auth_host = 'localhost',
$auth_port = '35357',
$auth_protocol = 'http',
$auth_admin_prefix = false,
$mysql_module = undef,
$log_dir = undef,
$log_file = undef,
$report_interval = undef,
$state_path = undef,
$lock_path = undef,
) {
include neutron::params
include ::neutron::params
include ::neutron::policy
require keystone::python
Nova_admin_tenant_id_setter<||> ~> Service['neutron-server']
Neutron_config<||> ~> Service['neutron-server']
Neutron_api_config<||> ~> Service['neutron-server']
Class['neutron::policy'] ~> Service['neutron-server']
if $l3_ha {
if $min_l3_agents_per_router <= $max_l3_agents_per_router or $max_l3_agents_per_router == 0 {
neutron_config {
'DEFAULT/l3_ha': value => true;
'DEFAULT/max_l3_agents_per_router': value => $max_l3_agents_per_router;
'DEFAULT/min_l3_agents_per_router': value => $min_l3_agents_per_router;
'DEFAULT/l3_ha_net_cidr': value => $l3_ha_net_cidr;
}
} else {
fail('min_l3_agents_per_router should be less than or equal to max_l3_agents_per_router.')
}
} else {
neutron_config {
'DEFAULT/l3_ha': value => false;
}
}
if $mysql_module {
warning('The mysql_module parameter is deprecated. The latest 2.x mysql module will be used.')
}
if $sql_connection {
warning('The sql_connection parameter is deprecated, use database_connection instead.')
$database_connection_real = $sql_connection
} elsif $connection {
warning('The connection parameter is deprecated, use database_connection instead.')
$database_connection_real = $connection
} else {
$database_connection_real = $database_connection
}
validate_re($database_connection, '(sqlite|mysql|postgresql):\/\/(\S+:\S+@\S+\/\S+)?')
if $sql_max_retries {
warning('The sql_max_retries parameter is deprecated, use database_max_retries instead.')
$database_max_retries_real = $sql_max_retries
} elsif $max_retries {
warning('The max_retries parameter is deprecated, use database_max_retries instead.')
$database_max_retries_real = $max_retries
} else {
$database_max_retries_real = $database_max_retries
}
if $sql_idle_timeout {
warning('The sql_idle_timeout parameter is deprecated, use database_idle_timeout instead.')
$database_idle_timeout_real = $sql_idle_timeout
} elsif $idle_timeout {
warning('The dle_timeout parameter is deprecated, use database_idle_timeout instead.')
$database_idle_timeout_real = $idle_timeout
} else {
$database_idle_timeout_real = $database_idle_timeout
}
if $sql_reconnect_interval {
warning('The sql_reconnect_interval parameter is deprecated, use database_retry_interval instead.')
$database_retry_interval_real = $sql_reconnect_interval
} elsif $retry_interval {
warning('The retry_interval parameter is deprecated, use database_retry_interval instead.')
$database_retry_interval_real = $retry_interval
} else {
$database_retry_interval_real = $database_retry_interval
}
if $log_dir {
fail('The log_dir parameter is removed, use log_dir of neutron class instead.')
}
if $log_file {
fail('The log_file parameter is removed, use log_file of neutron class instead.')
}
if $report_interval {
fail('The report_interval is removed, use report_interval of neutron class instead.')
}
validate_re($database_connection_real, '(sqlite|mysql|postgresql):\/\/(\S+:\S+@\S+\/\S+)?')
case $database_connection_real {
case $database_connection {
/mysql:\/\/\S+:\S+@\S+\/\S+/: {
# TODO(bogdando) undone the change once puppet-openstacklibs supported in Fuel.
# we cannot remove deprecated mysql_module for now
if ($mysql_module >= 2.2) {
require 'mysql::bindings'
require 'mysql::bindings::python'
} else {
require 'mysql::python'
}
require 'mysql::bindings'
require 'mysql::bindings::python'
}
/postgresql:\/\/\S+:\S+@\S+\/\S+/: {
$backend_package = 'python-psycopg2'
@ -278,7 +276,7 @@ class neutron::server (
$backend_package = 'python-pysqlite2'
}
default: {
fail("Invalid database_connection parameter: ${database_connection_real}")
fail("Invalid database_connection parameter: ${database_connection}")
}
}
@ -290,46 +288,69 @@ class neutron::server (
# RH platforms
Package<| title == 'neutron' |> ~> Exec['neutron-db-sync']
}
exec { 'neutron-db-sync':
command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head',
path => '/usr/bin',
before => Service['neutron-server'],
require => Neutron_config['database/connection'],
refreshonly => true,
tries => 10,
# TODO(bogdando) contribute change to upstream:
# new try_sleep param for sleep driven development (SDD)
try_sleep => 20,
subscribe => Neutron_config['database/connection'],
refreshonly => true
}
#NOTE(bogdando) contribute change to upstream #1384133
Neutron_config<||> -> Exec['neutron-db-sync']
Exec['neutron-db-sync'] -> Service['neutron-server']
Neutron_config<||> ~> Exec['neutron-db-sync']
}
neutron_config {
'DEFAULT/api_workers': value => $api_workers;
'DEFAULT/rpc_workers': value => $rpc_workers;
'DEFAULT/agent_down_time': value => $agent_down_time;
'DEFAULT/router_scheduler_driver': value => $router_scheduler_driver;
'DEFAULT/state_path': value => $state_path;
'DEFAULT/lock_path': value => $lock_path;
'database/connection': value => $database_connection_real, secret => true;
'database/idle_timeout': value => $database_idle_timeout_real;
'database/retry_interval': value => $database_retry_interval_real;
'database/max_retries': value => $database_max_retries_real;
'DEFAULT/api_workers': value => $api_workers;
'DEFAULT/rpc_workers': value => $rpc_workers;
'DEFAULT/agent_down_time': value => $agent_down_time;
'DEFAULT/router_scheduler_driver': value => $router_scheduler_driver;
'DEFAULT/router_distributed': value => $router_distributed;
'DEFAULT/allow_automatic_l3agent_failover': value => $allow_automatic_l3agent_failover;
'database/connection': value => $database_connection, secret => true;
'database/idle_timeout': value => $database_idle_timeout;
'database/retry_interval': value => $database_retry_interval;
'database/max_retries': value => $database_max_retries;
'database/min_pool_size': value => $database_min_pool_size;
'database/max_pool_size': value => $database_max_pool_size;
'database/max_overflow': value => $database_max_overflow;
}
if $state_path {
# If we got state_path here, display deprecation warning and override the value from
# the base class. This preserves the behavior of before state_path was deprecated.
warning('The state_path parameter is deprecated. Use the state_path parameter on the base neutron class instead.')
Neutron_config <| title == 'DEFAULT/state_path' |> {
value => $state_path,
}
}
if $lock_path {
# If we got lock_path here, display deprecation warning and override the value from
# the base class. This preserves the behavior of before lock_path was deprecated.
warning('The lock_path parameter is deprecated. Use the lock_path parameter on the base neutron class instead.')
Neutron_config <| title == 'DEFAULT/lock_path' |> {
value => $lock_path,
}
}
if ($::neutron::params::server_package) {
Package['neutron-server'] -> Neutron_api_config<||>
Package['neutron-server'] -> Neutron_config<||>
Package['neutron-server'] -> Service['neutron-server']
Package['neutron-server'] -> Class['neutron::policy']
package { 'neutron-server':
ensure => $package_ensure,
name => $::neutron::params::server_package,
tag => 'openstack',
}
} else {
# Some platforms (RedHat) does not provide a neutron-server package.
# The neutron api config file is provided by the neutron package.
Package['neutron'] -> Class['neutron::policy']
Package['neutron'] -> Neutron_api_config<||>
}
@ -338,62 +359,134 @@ class neutron::server (
if ($auth_password == false) {
fail('$auth_password must be set when using keystone authentication.')
} else {
neutron_config {
'keystone_authtoken/auth_host': value => $auth_host;
'keystone_authtoken/auth_port': value => $auth_port;
'keystone_authtoken/auth_protocol': value => $auth_protocol;
'keystone_authtoken/admin_tenant_name': value => $auth_tenant;
'keystone_authtoken/admin_user': value => $auth_user;
'keystone_authtoken/admin_password': value => $auth_password, secret => true;
}
neutron_api_config {
'filter:authtoken/auth_host': value => $auth_host;
'filter:authtoken/auth_port': value => $auth_port;
'filter:authtoken/auth_protocol': value => $auth_protocol;
'filter:authtoken/admin_tenant_name': value => $auth_tenant;
'filter:authtoken/admin_user': value => $auth_user;
'filter:authtoken/admin_password': value => $auth_password, secret => true;
}
if $auth_admin_prefix {
validate_re($auth_admin_prefix, '^(/.+[^/])?$')
neutron_config {
'keystone_authtoken/auth_admin_prefix': value => $auth_admin_prefix;
# if both auth_uri and identity_uri are set we skip these deprecated settings entirely
if !$auth_uri or !$identity_uri {
if $auth_admin_prefix {
warning('The auth_admin_prefix parameter is deprecated. Please use auth_uri and identity_uri instead.')
validate_re($auth_admin_prefix, '^(/.+[^/])?$')
neutron_config {
'keystone_authtoken/auth_admin_prefix': value => $auth_admin_prefix;
}
neutron_api_config {
'filter:authtoken/auth_admin_prefix': value => $auth_admin_prefix;
}
} else {
neutron_config {
'keystone_authtoken/auth_admin_prefix': ensure => absent;
}
neutron_api_config {
'filter:authtoken/auth_admin_prefix': ensure => absent;
}
}
neutron_api_config {
'filter:authtoken/auth_admin_prefix': value => $auth_admin_prefix;
if $auth_host {
warning('The auth_host parameter is deprecated. Please use auth_uri and identity_uri instead.')
neutron_config {
'keystone_authtoken/auth_host': value => $auth_host;
}
neutron_api_config {
'filter:authtoken/auth_host': value => $auth_host;
}
} else{
neutron_config {
'keystone_authtoken/auth_host': ensure => absent;
}
neutron_api_config {
'filter:authtoken/auth_host': ensure => absent;
}
}
if $auth_port {
warning('The auth_port parameter is deprecated. Please use auth_uri and identity_uri instead.')
neutron_config {
'keystone_authtoken/auth_port': value => $auth_port;
}
neutron_api_config {
'filter:authtoken/auth_port': value => $auth_port;
}
} else{
neutron_config {
'keystone_authtoken/auth_port': ensure => absent;
}
neutron_api_config {
'filter:authtoken/auth_port': ensure => absent;
}
}
if $auth_protocol {
warning('The auth_protocol parameter is deprecated. Please use auth_uri and identity_uri instead.')
neutron_config {
'keystone_authtoken/auth_protocol': value => $auth_protocol;
}
neutron_api_config {
'filter:authtoken/auth_protocol': value => $auth_protocol;
}
} else{
neutron_config {
'keystone_authtoken/auth_protocol': ensure => absent;
}
neutron_api_config {
'filter:authtoken/auth_protocol': ensure => absent;
}
}
} else {
neutron_config {
'keystone_authtoken/auth_admin_prefix': ensure => absent;
'keystone_authtoken/auth_host': ensure => absent;
'keystone_authtoken/auth_port': ensure => absent;
'keystone_authtoken/auth_protocol': ensure => absent;
}
neutron_api_config {
'filter:authtoken/auth_admin_prefix': ensure => absent;
'filter:authtoken/auth_host': ensure => absent;
'filter:authtoken/auth_port': ensure => absent;
'filter:authtoken/auth_protocol': ensure => absent;
}
}
if $auth_uri {
$auth_uri_real = $auth_uri
} elsif $auth_host and $auth_protocol and $auth_port {
$auth_uri_real = "${auth_protocol}://${auth_host}:5000/"
}
neutron_config {
'keystone_authtoken/auth_uri': value => $auth_uri_real;
}
neutron_api_config {
'filter:authtoken/auth_uri': value => $auth_uri_real;
}
if $identity_uri {
neutron_config {
'keystone_authtoken/auth_uri': value => $auth_uri;
'keystone_authtoken/identity_uri': value => $identity_uri;
}
neutron_api_config {
'filter:authtoken/auth_uri': value => $auth_uri;
'filter:authtoken/identity_uri': value => $identity_uri;
}
} else {
neutron_config {
'keystone_authtoken/auth_uri': value => "${auth_protocol}://${auth_host}:5000/";
'keystone_authtoken/identity_uri': ensure => absent;
}
neutron_api_config {
'filter:authtoken/auth_uri': value => "${auth_protocol}://${auth_host}:5000/";
'filter:authtoken/identity_uri': ensure => absent;
}
}
if $auth_region {
neutron_config {
'keystone_authtoken/auth_region': value => $auth_region;
}
}
}
}
@ -408,7 +501,7 @@ class neutron::server (
service { 'neutron-server':
ensure => $service_ensure,
name => $::neutron::params::server_service,
name => $service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,

17
deployment/puppet/neutron/manifests/server/notifications.pp
View File

@ -57,7 +57,7 @@
# [*nova_region_name*]
# (optional) Name of nova region to use. Useful if keystone manages more than
# one region.
# Defaults to 'RegionOne'
# Defaults to undef
#
class neutron::server::notifications (
@ -70,7 +70,7 @@ class neutron::server::notifications (
$nova_admin_tenant_name = 'services',
$nova_admin_tenant_id = undef,
$nova_admin_password = false,
$nova_region_name = 'RegionOne',
$nova_region_name = undef,
) {
# Depend on the specified keystone_user resource, if it exists.
@ -80,7 +80,7 @@ class neutron::server::notifications (
fail('nova_admin_password must be set.')
}
if ! ( $nova_admin_tenant_id or $nova_admin_tenant_name ) {
if ! ($nova_admin_tenant_id or $nova_admin_tenant_name) {
fail('You must provide either nova_admin_tenant_name or nova_admin_tenant_id.')
}
@ -92,7 +92,16 @@ class neutron::server::notifications (
'DEFAULT/nova_admin_auth_url': value => $nova_admin_auth_url;
'DEFAULT/nova_admin_username': value => $nova_admin_username;
'DEFAULT/nova_admin_password': value => $nova_admin_password, secret => true;
'DEFAULT/nova_region_name': value => $nova_region_name;
}
if $nova_region_name {
neutron_config {
'DEFAULT/nova_region_name': value => $nova_region_name;
}
} else {
neutron_config {
'DEFAULT/nova_region_name': ensure => absent;
}
}
if $nova_admin_tenant_id {

24
deployment/puppet/neutron/manifests/services/fwaas.pp
View File

@ -43,25 +43,31 @@ class neutron::services::fwaas (
$vpnaas_agent_package = false
) {
include neutron::params
include ::neutron::params
if ($::osfamily == 'Debian') {
# Debian platforms
if $vpnaas_agent_package {
ensure_resource( 'package', $::neutron::params::vpnaas_agent_package,
{ 'ensure' => $neutron::package_ensure })
ensure_resource( 'package', $::neutron::params::vpnaas_agent_package, {
'ensure' => $neutron::package_ensure,
'tag' => 'openstack'
})
Package[$::neutron::params::vpnaas_agent_package] -> Neutron_fwaas_service_config<||>
}
else {
ensure_resource( 'package', $::neutron::params::l3_agent_package,
{ 'ensure' => $neutron::package_ensure })
Package[$::neutron::params::l3_agent_package] -> Neutron_fwaas_service_config<||>
ensure_resource( 'package', $::neutron::params::fwaas_package, {
'ensure' => $neutron::package_ensure,
'tag' => 'openstack'
})
Package[$::neutron::params::fwaas_package] -> Neutron_fwaas_service_config<||>
}
} elsif($::osfamily == 'Redhat') {
# RH platforms
ensure_resource( 'package', $::neutron::params::package_name,
{ 'ensure' => $neutron::package_ensure })
Package[$::neutron::params::package_name] -> Neutron_fwaas_service_config<||>
ensure_resource( 'package', $::neutron::params::fwaas_package, {
'ensure' => $neutron::package_ensure,
'tag' => 'openstack'
})
Package[$::neutron::params::fwaas_package] -> Neutron_fwaas_service_config<||>
}
neutron_fwaas_service_config {

42
deployment/puppet/neutron/metadata.json Normal file
View File

@ -0,0 +1,42 @@
{
"name": "stackforge-neutron",
"version": "5.1.0",
"author": "OpenStack Contributors",
"summary": "Puppet module for OpenStack Neutron",
"license": "Apache-2.0",
"source": "git://github.com/openstack/puppet-neutron.git",
"project_page": "https://launchpad.net/puppet-neutron",
"issues_url": "https://bugs.launchpad.net/puppet-neutron",
"requirements": [
{ "name": "pe","version_requirement": "3.x" },
{ "name": "puppet","version_requirement": "3.x" }
],
"operatingsystem_support": [
{
"operatingsystem": "Debian",
"operatingsystemrelease": ["7"]
},
{
"operatingsystem": "Fedora",
"operatingsystemrelease": ["20"]
},
{
"operatingsystem": "RedHat",
"operatingsystemrelease": ["6.5","7"]
},
{
"operatingsystem": "Ubuntu",
"operatingsystemrelease": ["12.04","14.04"]
}
],
"description": "Installs and configures OpenStack Neutron (Networking).",
"dependencies": [
{ "name": "puppetlabs/inifile", "version_requirement": ">=1.0.0 <2.0.0" },
{ "name": "stackforge/keystone", "version_requirement": ">=5.0.0 <6.0.0" },
{ "name": "stackforge/nova", "version_requirement": ">=5.0.0 <6.0.0" },
{ "name": "puppetlabs/stdlib", "version_requirement": ">=4.0.0 <5.0.0" },
{ "name": "stackforge/vswitch", "version_requirement": ">=1.0.0 <2.0.0" },
{ "name": "duritong/sysctl", "version_requirement": ">=0.0.1 <1.0.0" },
{ "name": "stackforge/openstacklib", "version_requirement": ">=5.0.0 <6.0.0" }
]
}

141
deployment/puppet/neutron/spec/acceptance/basic_neutron_spec.rb Normal file
View File

@ -0,0 +1,141 @@
require 'spec_helper_acceptance'
describe 'basic neutron' do
context 'default parameters' do
it 'should work with no errors' do
pp= <<-EOS
Exec { logoutput => 'on_failure' }
# Common resources
case $::osfamily {
'Debian': {
include ::apt
class { '::openstack_extras::repo::debian::ubuntu':
release => 'kilo',
package_require => true,
}
$package_provider = 'apt'
}
'RedHat': {
class { '::openstack_extras::repo::redhat::redhat':
# Kilo is not GA yet, so let's use the testing repo
manage_rdo => false,
repo_hash => {
'rdo-kilo-testing' => {
'baseurl' => 'https://repos.fedorapeople.org/repos/openstack/openstack-kilo/testing/el7/',
# packages are not GA so not signed
'gpgcheck' => '0',
'priority' => 97,
},
},
}
$package_provider = 'yum'
}
default: {
fail("Unsupported osfamily (${::osfamily})")
}
}
class { '::mysql::server': }
class { '::rabbitmq':
delete_guest_user => true,
erlang_cookie => 'secrete',
package_provider => $package_provider,
}
rabbitmq_vhost { '/':
provider => 'rabbitmqctl',
require => Class['rabbitmq'],
}
rabbitmq_user { 'neutron':
admin => true,
password => 'an_even_bigger_secret',
provider => 'rabbitmqctl',
require => Class['rabbitmq'],
}
rabbitmq_user_permissions { 'neutron@/':
configure_permission => '.*',
write_permission => '.*',
read_permission => '.*',
provider => 'rabbitmqctl',
require => Class['rabbitmq'],
}
# Keystone resources, needed by Neutron to run
class { '::keystone::db::mysql':
password => 'keystone',
}
class { '::keystone':
verbose => true,
debug => true,
database_connection => 'mysql://keystone:keystone@127.0.0.1/keystone',
admin_token => 'admin_token',
enabled => true,
}
class { '::keystone::roles::admin':
email => 'test@example.tld',
password => 'a_big_secret',
}
class { '::keystone::endpoint':
public_url => "https://${::fqdn}:5000/",
admin_url => "https://${::fqdn}:35357/",
}
# Neutron resources
class { '::neutron':
rabbit_user => 'neutron',
rabbit_password => 'an_even_bigger_secret',
rabbit_host => '127.0.0.1',
allow_overlapping_ips => true,
core_plugin => 'ml2',
service_plugins => [
'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin',
'neutron.services.loadbalancer.plugin.LoadBalancerPlugin',
'neutron.services.metering.metering_plugin.MeteringPlugin',
],
}
class { '::neutron::db::mysql':
password => 'a_big_secret',
}
class { '::neutron::keystone::auth':
password => 'a_big_secret',
}
class { '::neutron::server':
database_connection => 'mysql://neutron:a_big_secret@127.0.0.1/neutron?charset=utf8',
auth_password => 'a_big_secret',
identity_uri => 'http://127.0.0.1:35357/',
sync_db => true,
}
class { '::neutron::client': }
class { '::neutron::quota': }
class { '::neutron::agents::dhcp': }
class { '::neutron::agents::l3': }
class { '::neutron::agents::lbaas':
device_driver => 'neutron_lbaas.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver',
}
class { '::neutron::agents::metering': }
class { '::neutron::agents::ml2::ovs':
enable_tunneling => true,
local_ip => '127.0.0.1',
tunnel_types => ['vxlan'],
}
class { '::neutron::plugins::ml2':
type_drivers => ['vxlan'],
tenant_network_types => ['vxlan'],
mechanism_drivers => ['openvswitch']
}
EOS
# Run it twice and test for idempotency
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
end
end
end

9
deployment/puppet/neutron/spec/acceptance/nodesets/default.yml Normal file
View File

@ -0,0 +1,9 @@
HOSTS:
ubuntu-14.04-amd64:
roles:
- master
platform: ubuntu-14.04-amd64
hypervisor : none
ip: 127.0.0.1
CONFIG:
type: foss

10
deployment/puppet/neutron/spec/acceptance/nodesets/nodepool-centos7.yml Normal file
View File

@ -0,0 +1,10 @@
HOSTS:
centos-70-x64:
roles:
- master
platform: el-7-x86_64
hypervisor : none
ip: 127.0.0.1
CONFIG:
type: foss
set_env: false

10
deployment/puppet/neutron/spec/acceptance/nodesets/nodepool-trusty.yml Normal file
View File

@ -0,0 +1,10 @@
HOSTS:
ubuntu-14.04-amd64:
roles:
- master
platform: ubuntu-14.04-amd64
hypervisor : none
ip: 127.0.0.1
CONFIG:
type: foss
set_env: false

73
deployment/puppet/neutron/spec/classes/neutron_agents_dhcp_spec.rb
View File

@ -17,6 +17,7 @@ describe 'neutron::agents::dhcp' do
:state_path => '/var/lib/neutron',
:resync_interval => 30,
:interface_driver => 'neutron.agent.linux.interface.OVSInterfaceDriver',
:dhcp_domain => 'openstacklocal',
:dhcp_driver => 'neutron.agent.linux.dhcp.Dnsmasq',
:root_helper => 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf',
:use_namespaces => true,
@ -26,45 +27,52 @@ describe 'neutron::agents::dhcp' do
:enable_metadata_network => false }
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
shared_examples_for 'neutron dhcp agent' do
let :p do
default_params.merge(params)
end
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it_configures 'dnsmasq dhcp_driver'
it 'configures dhcp_agent.ini' do
should contain_neutron_dhcp_agent_config('DEFAULT/debug').with_value(p[:debug]);
should contain_neutron_dhcp_agent_config('DEFAULT/state_path').with_value(p[:state_path]);
should contain_neutron_dhcp_agent_config('DEFAULT/resync_interval').with_value(p[:resync_interval]);
should contain_neutron_dhcp_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver]);
should contain_neutron_dhcp_agent_config('DEFAULT/dhcp_driver').with_value(p[:dhcp_driver]);
should contain_neutron_dhcp_agent_config('DEFAULT/root_helper').with_value(p[:root_helper]);
should contain_neutron_dhcp_agent_config('DEFAULT/use_namespaces').with_value(p[:use_namespaces]);
should contain_neutron_dhcp_agent_config('DEFAULT/dhcp_delete_namespaces').with_value(p[:dhcp_delete_namespaces]);
should contain_neutron_dhcp_agent_config('DEFAULT/enable_isolated_metadata').with_value(p[:enable_isolated_metadata]);
should contain_neutron_dhcp_agent_config('DEFAULT/enable_metadata_network').with_value(p[:enable_metadata_network]);
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/debug').with_value(p[:debug]);
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/state_path').with_value(p[:state_path]);
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/resync_interval').with_value(p[:resync_interval]);
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver]);
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/dhcp_domain').with_value(p[:dhcp_domain]);
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/dhcp_driver').with_value(p[:dhcp_driver]);
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/root_helper').with_value(p[:root_helper]);
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/use_namespaces').with_value(p[:use_namespaces]);
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/dhcp_delete_namespaces').with_value(p[:dhcp_delete_namespaces]);
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/enable_isolated_metadata').with_value(p[:enable_isolated_metadata]);
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/enable_metadata_network').with_value(p[:enable_metadata_network]);
end
it 'installs neutron dhcp agent package' do
if platform_params.has_key?(:dhcp_agent_package)
should contain_package('neutron-dhcp-agent').with(
is_expected.to contain_package('neutron-dhcp-agent').with(
:name => platform_params[:dhcp_agent_package],
:ensure => p[:package_ensure]
:ensure => p[:package_ensure],
:tag => 'openstack'
)
should contain_package('neutron').with_before(/Package\[neutron-dhcp-agent\]/)
should contain_package('neutron-dhcp-agent').with_before(/Neutron_dhcp_agent_config\[.+\]/)
should contain_package('neutron-dhcp-agent').with_before(/Neutron_config\[.+\]/)
is_expected.to contain_package('neutron').with_before(/Package\[neutron-dhcp-agent\]/)
is_expected.to contain_package('neutron-dhcp-agent').with_before(/Neutron_dhcp_agent_config\[.+\]/)
is_expected.to contain_package('neutron-dhcp-agent').with_before(/Neutron_config\[.+\]/)
else
should contain_package('neutron').with_before(/Neutron_dhcp_agent_config\[.+\]/)
is_expected.to contain_package('neutron').with_before(/Neutron_dhcp_agent_config\[.+\]/)
end
end
it 'configures neutron dhcp agent service' do
should contain_service('neutron-dhcp-service').with(
is_expected.to contain_service('neutron-dhcp-service').with(
:name => platform_params[:dhcp_agent_service],
:enable => true,
:ensure => 'running',
@ -77,7 +85,7 @@ describe 'neutron::agents::dhcp' do
params.merge!(:manage_service => false)
end
it 'should not start/stop service' do
should contain_service('neutron-dhcp-service').without_ensure
is_expected.to contain_service('neutron-dhcp-service').without_ensure
end
end
@ -86,8 +94,8 @@ describe 'neutron::agents::dhcp' do
params.merge!(:enable_isolated_metadata => true, :enable_metadata_network => false)
end
it 'should enable isolated_metadata only' do
should contain_neutron_dhcp_agent_config('DEFAULT/enable_isolated_metadata').with_value('true');
should contain_neutron_dhcp_agent_config('DEFAULT/enable_metadata_network').with_value('false');
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/enable_isolated_metadata').with_value('true');
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/enable_metadata_network').with_value('false');
end
end
@ -96,8 +104,8 @@ describe 'neutron::agents::dhcp' do
params.merge!(:enable_isolated_metadata => true, :enable_metadata_network => true)
end
it 'should enable both isolated_metadata and metadata_network' do
should contain_neutron_dhcp_agent_config('DEFAULT/enable_isolated_metadata').with_value('true');
should contain_neutron_dhcp_agent_config('DEFAULT/enable_metadata_network').with_value('true');
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/enable_isolated_metadata').with_value('true');
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/enable_metadata_network').with_value('true');
end
end
@ -105,9 +113,8 @@ describe 'neutron::agents::dhcp' do
before :each do
params.merge!(:enable_isolated_metadata => false, :enable_metadata_network => true)
end
it 'should fails to configure metadata_network without isolated_metadata' do
expect { subject }.to raise_error(Puppet::Error, /enable_metadata_network to true requires enable_isolated_metadata also enabled./)
end
it_raises 'a Puppet::Error', /enable_metadata_network to true requires enable_isolated_metadata also enabled./
end
end
@ -118,21 +125,21 @@ describe 'neutron::agents::dhcp' do
)
end
it 'configures dnsmasq_config_file' do
should contain_neutron_dhcp_agent_config('DEFAULT/dnsmasq_config_file').with_value(params[:dnsmasq_config_file])
is_expected.to contain_neutron_dhcp_agent_config('DEFAULT/dnsmasq_config_file').with_value(params[:dnsmasq_config_file])
end
end
shared_examples_for 'dnsmasq dhcp_driver' do
it 'installs dnsmasq packages' do
if platform_params.has_key?(:dhcp_agent_package)
should contain_package(platform_params[:dnsmasq_base_package]).with_before('Package[neutron-dhcp-agent]')
should contain_package(platform_params[:dnsmasq_utils_package]).with_before('Package[neutron-dhcp-agent]')
is_expected.to contain_package(platform_params[:dnsmasq_base_package]).with_before(['Package[neutron-dhcp-agent]'])
is_expected.to contain_package(platform_params[:dnsmasq_utils_package]).with_before(['Package[neutron-dhcp-agent]'])
end
should contain_package(platform_params[:dnsmasq_base_package]).with(
is_expected.to contain_package(platform_params[:dnsmasq_base_package]).with(
:ensure => 'present',
:name => platform_params[:dnsmasq_base_package]
)
should contain_package(platform_params[:dnsmasq_utils_package]).with(
is_expected.to contain_package(platform_params[:dnsmasq_utils_package]).with(
:ensure => 'present',
:name => platform_params[:dnsmasq_utils_package]
)
@ -142,7 +149,7 @@ describe 'neutron::agents::dhcp' do
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
let :platform_params do
@ -158,7 +165,7 @@ describe 'neutron::agents::dhcp' do
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
let :platform_params do

113
deployment/puppet/neutron/spec/classes/neutron_agents_l3_spec.rb
View File

@ -7,22 +7,33 @@ describe 'neutron::agents::l3' do
end
let :default_params do
{ :package_ensure => 'present',
:enabled => true,
:debug => false,
:external_network_bridge => 'br-ex',
:use_namespaces => true,
:interface_driver => 'neutron.agent.linux.interface.OVSInterfaceDriver',
:router_id => nil,
:gateway_external_network_id => nil,
:handle_internal_only_routers => true,
:metadata_port => '9697',
:send_arp_for_ha => '3',
:periodic_interval => '40',
:periodic_fuzzy_delay => '5',
:enable_metadata_proxy => true,
:network_device_mtu => nil,
:router_delete_namespaces => false }
{ :package_ensure => 'present',
:enabled => true,
:debug => false,
:external_network_bridge => 'br-ex',
:use_namespaces => true,
:interface_driver => 'neutron.agent.linux.interface.OVSInterfaceDriver',
:router_id => nil,
:gateway_external_network_id => nil,
:handle_internal_only_routers => true,
:metadata_port => '9697',
:send_arp_for_ha => '3',
:periodic_interval => '40',
:periodic_fuzzy_delay => '5',
:enable_metadata_proxy => true,
:network_device_mtu => nil,
:router_delete_namespaces => false,
:ha_enabled => false,
:ha_vrrp_auth_type => 'PASS',
:ha_vrrp_auth_password => nil,
:ha_vrrp_advert_int => '3',
:agent_mode => 'legacy' }
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
let :params do
@ -34,40 +45,41 @@ describe 'neutron::agents::l3' do
default_params.merge(params)
end
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it 'configures l3_agent.ini' do
should contain_neutron_l3_agent_config('DEFAULT/debug').with_value(p[:debug])
should contain_neutron_l3_agent_config('DEFAULT/external_network_bridge').with_value(p[:external_network_bridge])
should contain_neutron_l3_agent_config('DEFAULT/use_namespaces').with_value(p[:use_namespaces])
should contain_neutron_l3_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver])
should contain_neutron_l3_agent_config('DEFAULT/router_id').with_value(p[:router_id])
should contain_neutron_l3_agent_config('DEFAULT/gateway_external_network_id').with_value(p[:gateway_external_network_id])
should contain_neutron_l3_agent_config('DEFAULT/handle_internal_only_routers').with_value(p[:handle_internal_only_routers])
should contain_neutron_l3_agent_config('DEFAULT/metadata_port').with_value(p[:metadata_port])
should contain_neutron_l3_agent_config('DEFAULT/send_arp_for_ha').with_value(p[:send_arp_for_ha])
should contain_neutron_l3_agent_config('DEFAULT/periodic_interval').with_value(p[:periodic_interval])
should contain_neutron_l3_agent_config('DEFAULT/periodic_fuzzy_delay').with_value(p[:periodic_fuzzy_delay])
should contain_neutron_l3_agent_config('DEFAULT/enable_metadata_proxy').with_value(p[:enable_metadata_proxy])
should contain_neutron_l3_agent_config('DEFAULT/network_device_mtu').with_ensure('absent')
should contain_neutron_l3_agent_config('DEFAULT/router_delete_namespaces').with_value(p[:router_delete_namespaces])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/debug').with_value(p[:debug])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/external_network_bridge').with_value(p[:external_network_bridge])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/use_namespaces').with_value(p[:use_namespaces])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/router_id').with_value(p[:router_id])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/gateway_external_network_id').with_value(p[:gateway_external_network_id])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/handle_internal_only_routers').with_value(p[:handle_internal_only_routers])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/metadata_port').with_value(p[:metadata_port])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/send_arp_for_ha').with_value(p[:send_arp_for_ha])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/periodic_interval').with_value(p[:periodic_interval])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/periodic_fuzzy_delay').with_value(p[:periodic_fuzzy_delay])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/enable_metadata_proxy').with_value(p[:enable_metadata_proxy])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/network_device_mtu').with_ensure('absent')
is_expected.to contain_neutron_l3_agent_config('DEFAULT/router_delete_namespaces').with_value(p[:router_delete_namespaces])
end
it 'installs neutron l3 agent package' do
if platform_params.has_key?(:l3_agent_package)
should contain_package('neutron-l3').with(
is_expected.to contain_package('neutron-l3').with(
:name => platform_params[:l3_agent_package],
:ensure => p[:package_ensure],
:require => 'Package[neutron]'
:require => 'Package[neutron]',
:tag => 'openstack'
)
should contain_package('neutron-l3').with_before(/Neutron_l3_agent_config\[.+\]/)
is_expected.to contain_package('neutron-l3').with_before(/Neutron_l3_agent_config\[.+\]/)
else
should contain_package('neutron').with_before(/Neutron_l3_agent_config\[.+\]/)
is_expected.to contain_package('neutron').with_before(/Neutron_l3_agent_config\[.+\]/)
end
end
it 'configures neutron l3 agent service' do
should contain_service('neutron-l3').with(
is_expected.to contain_service('neutron-l3').with(
:name => platform_params[:l3_agent_service],
:enable => true,
:ensure => 'running',
@ -80,7 +92,28 @@ describe 'neutron::agents::l3' do
params.merge!(:manage_service => false)
end
it 'should not start/stop service' do
should contain_service('neutron-l3').without_ensure
is_expected.to contain_service('neutron-l3').without_ensure
end
end
context 'with DVR' do
before :each do
params.merge!(:agent_mode => 'dvr')
end
it 'should enable DVR mode' do
is_expected.to contain_neutron_l3_agent_config('DEFAULT/agent_mode').with_value(p[:agent_mode])
end
end
context 'with HA routers' do
before :each do
params.merge!(:ha_enabled => true,
:ha_vrrp_auth_password => 'secrete')
end
it 'should configure VRRP' do
is_expected.to contain_neutron_l3_agent_config('DEFAULT/ha_vrrp_auth_type').with_value(p[:ha_vrrp_auth_type])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/ha_vrrp_auth_password').with_value(p[:ha_vrrp_auth_password])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/ha_vrrp_advert_int').with_value(p[:ha_vrrp_advert_int])
end
end
end
@ -92,13 +125,13 @@ describe 'neutron::agents::l3' do
)
end
it 'configures network_device_mtu' do
should contain_neutron_l3_agent_config('DEFAULT/network_device_mtu').with_value(params[:network_device_mtu])
is_expected.to contain_neutron_l3_agent_config('DEFAULT/network_device_mtu').with_value(params[:network_device_mtu])
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
let :platform_params do
@ -112,7 +145,7 @@ describe 'neutron::agents::l3' do
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
let :platform_params do

73
deployment/puppet/neutron/spec/classes/neutron_agents_lbaas_spec.rb
View File

@ -15,48 +15,50 @@ describe 'neutron::agents::lbaas' do
:enabled => true,
:debug => false,
:interface_driver => 'neutron.agent.linux.interface.OVSInterfaceDriver',
:device_driver => 'neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver',
:device_driver => 'neutron_lbaas.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver',
:use_namespaces => true,
:user_group => 'nogroup',
:manage_haproxy_package => true
}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
shared_examples_for 'neutron lbaas agent' do
let :p do
default_params.merge(params)
end
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it_configures 'haproxy lbaas_driver'
it_configures 'haproxy lbaas_driver without package'
it 'configures lbaas_agent.ini' do
should contain_neutron_lbaas_agent_config('DEFAULT/debug').with_value(p[:debug]);
should contain_neutron_lbaas_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver]);
should contain_neutron_lbaas_agent_config('DEFAULT/device_driver').with_value(p[:device_driver]);
should contain_neutron_lbaas_agent_config('DEFAULT/use_namespaces').with_value(p[:use_namespaces]);
should contain_neutron_lbaas_agent_config('haproxy/user_group').with_value(p[:user_group]);
is_expected.to contain_neutron_lbaas_agent_config('DEFAULT/debug').with_value(p[:debug]);
is_expected.to contain_neutron_lbaas_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver]);
is_expected.to contain_neutron_lbaas_agent_config('DEFAULT/device_driver').with_value(p[:device_driver]);
is_expected.to contain_neutron_lbaas_agent_config('DEFAULT/use_namespaces').with_value(p[:use_namespaces]);
is_expected.to contain_neutron_lbaas_agent_config('haproxy/user_group').with_value(platform_params[:nobody_user_group]);
end
it 'installs neutron lbaas agent package' do
if platform_params.has_key?(:lbaas_agent_package)
should contain_package('neutron-lbaas-agent').with(
:name => platform_params[:lbaas_agent_package],
:ensure => p[:package_ensure]
)
should contain_package('neutron').with_before(/Package\[neutron-lbaas-agent\]/)
should contain_package('neutron-lbaas-agent').with_before(/Neutron_lbaas_agent_config\[.+\]/)
should contain_package('neutron-lbaas-agent').with_before(/Neutron_config\[.+\]/)
else
should contain_package('neutron').with_before(/Neutron_lbaas_agent_config\[.+\]/)
end
is_expected.to contain_package('neutron-lbaas-agent').with(
:name => platform_params[:lbaas_agent_package],
:ensure => p[:package_ensure],
:tag => 'openstack'
)
is_expected.to contain_package('neutron').with_before(/Package\[neutron-lbaas-agent\]/)
is_expected.to contain_package('neutron-lbaas-agent').with_before(/Neutron_lbaas_agent_config\[.+\]/)
is_expected.to contain_package('neutron-lbaas-agent').with_before(/Neutron_config\[.+\]/)
end
it 'configures neutron lbaas agent service' do
should contain_service('neutron-lbaas-service').with(
is_expected.to contain_service('neutron-lbaas-service').with(
:name => platform_params[:lbaas_agent_service],
:enable => true,
:ensure => 'running',
@ -69,7 +71,7 @@ describe 'neutron::agents::lbaas' do
params.merge!(:manage_service => false)
end
it 'should not start/stop service' do
should contain_service('neutron-lbaas-service').without_ensure
is_expected.to contain_service('neutron-lbaas-service').without_ensure
end
end
end
@ -77,9 +79,9 @@ describe 'neutron::agents::lbaas' do
shared_examples_for 'haproxy lbaas_driver' do
it 'installs haproxy packages' do
if platform_params.has_key?(:lbaas_agent_package)
should contain_package(platform_params[:haproxy_package]).with_before('Package[neutron-lbaas-agent]')
is_expected.to contain_package(platform_params[:haproxy_package]).with_before(['Package[neutron-lbaas-agent]'])
end
should contain_package(platform_params[:haproxy_package]).with(
is_expected.to contain_package(platform_params[:haproxy_package]).with(
:ensure => 'present'
)
end
@ -96,7 +98,7 @@ describe 'neutron::agents::lbaas' do
params.merge!(:manage_haproxy_package => false)
end
it 'installs haproxy package via haproxy module' do
should contain_package(platform_params[:haproxy_package]).with(
is_expected.to contain_package(platform_params[:haproxy_package]).with(
:ensure => 'present'
)
end
@ -104,14 +106,17 @@ describe 'neutron::agents::lbaas' do
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian',
:concat_basedir => '/dne'
}
default_facts.merge(
{ :osfamily => 'Debian',
:concat_basedir => '/dne'
}
)
end
let :platform_params do
{ :haproxy_package => 'haproxy',
{ :haproxy_package => 'haproxy',
:lbaas_agent_package => 'neutron-lbaas-agent',
:nobody_user_group => 'nogroup',
:lbaas_agent_service => 'neutron-lbaas-agent' }
end
@ -120,13 +125,17 @@ describe 'neutron::agents::lbaas' do
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat',
:concat_basedir => '/dne'
}
default_facts.merge(
{ :osfamily => 'RedHat',
:concat_basedir => '/dne'
}
)
end
let :platform_params do
{ :haproxy_package => 'haproxy',
{ :haproxy_package => 'haproxy',
:lbaas_agent_package => 'openstack-neutron-lbaas',
:nobody_user_group => 'nobody',
:lbaas_agent_service => 'neutron-lbaas-agent' }
end

89
deployment/puppet/neutron/spec/classes/neutron_agents_linuxbridge_spec.rb
View File

@ -1,89 +0,0 @@
require 'spec_helper'
describe 'neutron::agents::linuxbridge' do
let :pre_condition do
"class { 'neutron': rabbit_password => 'passw0rd' }\n" +
"class { 'neutron::plugins::linuxbridge': }"
end
let :params do
{ :physical_interface_mappings => 'physnet:eth0',
:firewall_driver => 'neutron.agent.linux.iptables_firewall.IptablesFirewallDriver',
:package_ensure => 'present',
:enable => true
}
end
shared_examples_for 'neutron linuxbridge agent' do
it { should contain_class('neutron::params') }
it 'configures neutron linuxbridge agent service' do
should contain_service('neutron-plugin-linuxbridge-service').with(
:ensure => 'running',
:name => platform_params[:linuxbridge_agent_service],
:enable => params[:enable]
)
end
context 'with manage_service as false' do
before :each do
params.merge!(:manage_service => false)
end
it 'should not start/stop service' do
should contain_service('neutron-plugin-linuxbridge-service').without_ensure
end
end
it 'configures linuxbridge_conf.ini' do
should contain_neutron_plugin_linuxbridge('LINUX_BRIDGE/physical_interface_mappings').with(
:value => params[:physical_interface_mappings]
)
should contain_neutron_plugin_linuxbridge('SECURITYGROUP/firewall_driver').with(
:value => params[:firewall_driver]
)
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
end
let :platform_params do
{ :linuxbridge_agent_package => 'neutron-plugin-linuxbridge-agent',
:linuxbridge_agent_service => 'neutron-plugin-linuxbridge-agent' }
end
it_configures 'neutron linuxbridge agent'
it 'installs neutron linuxbridge agent package' do
should contain_package('neutron-plugin-linuxbridge-agent').with(
:ensure => params[:package_ensure],
:name => platform_params[:linuxbridge_agent_package]
)
end
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
end
let :platform_params do
{ :linuxbridge_server_package => 'openstack-neutron-linuxbridge',
:linuxbridge_agent_service => 'neutron-linuxbridge-agent' }
end
it_configures 'neutron linuxbridge agent'
it 'installs neutron linuxbridge package' do
should contain_package('neutron-plugin-linuxbridge').with(
:ensure => params[:package_ensure],
:name => platform_params[:linuxbridge_server_package]
)
end
end
end

89
deployment/puppet/neutron/spec/classes/neutron_agents_metadata_spec.rb
View File

@ -7,28 +7,36 @@ describe 'neutron::agents::metadata' do
end
let :params do
{ :package_ensure => 'present',
:debug => false,
:enabled => true,
:auth_url => 'http://localhost:35357/v2.0',
:auth_insecure => false,
:auth_region => 'RegionOne',
:auth_tenant => 'services',
:auth_user => 'neutron',
:auth_password => 'password',
:metadata_ip => '127.0.0.1',
:metadata_port => '8775',
:metadata_backlog => '4096',
:shared_secret => 'metadata-secret'
{ :package_ensure => 'present',
:debug => false,
:enabled => true,
:auth_url => 'http://localhost:35357/v2.0',
:auth_insecure => false,
:auth_region => 'RegionOne',
:auth_tenant => 'services',
:auth_user => 'neutron',
:auth_password => 'password',
:metadata_ip => '127.0.0.1',
:metadata_port => '8775',
:metadata_protocol => 'http',
:metadata_backlog => '4096',
:shared_secret => 'metadata-secret'
}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default',
:processorcount => '2'
}
end
shared_examples_for 'neutron metadata agent' do
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it 'configures neutron metadata agent service' do
should contain_service('neutron-metadata').with(
is_expected.to contain_service('neutron-metadata').with(
:name => platform_params[:metadata_agent_service],
:enable => params[:enabled],
:ensure => 'running',
@ -41,25 +49,27 @@ describe 'neutron::agents::metadata' do
params.merge!(:manage_service => false)
end
it 'should not start/stop service' do
should contain_service('neutron-metadata').without_ensure
is_expected.to contain_service('neutron-metadata').without_ensure
end
end
it 'configures metadata_agent.ini' do
should contain_neutron_metadata_agent_config('DEFAULT/debug').with(:value => params[:debug])
should contain_neutron_metadata_agent_config('DEFAULT/auth_url').with(:value => params[:auth_url])
should contain_neutron_metadata_agent_config('DEFAULT/auth_insecure').with(:value => params[:auth_insecure])
should contain_neutron_metadata_agent_config('DEFAULT/auth_ca_cert').with_ensure('absent')
should contain_neutron_metadata_agent_config('DEFAULT/auth_region').with(:value => params[:auth_region])
should contain_neutron_metadata_agent_config('DEFAULT/admin_tenant_name').with(:value => params[:auth_tenant])
should contain_neutron_metadata_agent_config('DEFAULT/admin_user').with(:value => params[:auth_user])
should contain_neutron_metadata_agent_config('DEFAULT/admin_password').with(:value => params[:auth_password])
should contain_neutron_metadata_agent_config('DEFAULT/admin_password').with_secret( true )
should contain_neutron_metadata_agent_config('DEFAULT/nova_metadata_ip').with(:value => params[:metadata_ip])
should contain_neutron_metadata_agent_config('DEFAULT/nova_metadata_port').with(:value => params[:metadata_port])
should contain_neutron_metadata_agent_config('DEFAULT/metadata_workers').with(:value => facts[:processorcount])
should contain_neutron_metadata_agent_config('DEFAULT/metadata_backlog').with(:value => params[:metadata_backlog])
should contain_neutron_metadata_agent_config('DEFAULT/metadata_proxy_shared_secret').with(:value => params[:shared_secret])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/debug').with(:value => params[:debug])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/auth_url').with(:value => params[:auth_url])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/auth_insecure').with(:value => params[:auth_insecure])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/auth_ca_cert').with_ensure('absent')
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/auth_region').with(:value => params[:auth_region])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/admin_tenant_name').with(:value => params[:auth_tenant])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/admin_user').with(:value => params[:auth_user])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/admin_password').with(:value => params[:auth_password])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/admin_password').with_secret( true )
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/nova_metadata_ip').with(:value => params[:metadata_ip])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/nova_metadata_port').with(:value => params[:metadata_port])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/nova_metadata_protocol').with(:value => params[:metadata_protocol])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/metadata_workers').with(:value => facts[:processorcount])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/metadata_backlog').with(:value => params[:metadata_backlog])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/metadata_proxy_shared_secret').with(:value => params[:shared_secret])
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/cache_url').with(:value => 'memory://?default_ttl=5')
end
end
@ -73,15 +83,16 @@ describe 'neutron::agents::metadata' do
end
it 'configures certificate' do
should contain_neutron_metadata_agent_config('DEFAULT/auth_ca_cert').with_value('/some/cert')
should contain_neutron_metadata_agent_config('DEFAULT/auth_insecure').with_value('true')
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/auth_ca_cert').with_value('/some/cert')
is_expected.to contain_neutron_metadata_agent_config('DEFAULT/auth_insecure').with_value('true')
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian',
:processorcount => '2' }
default_facts.merge(
{ :osfamily => 'Debian' }
)
end
let :platform_params do
@ -90,9 +101,10 @@ describe 'neutron::agents::metadata' do
end
it 'installs neutron metadata agent package' do
should contain_package('neutron-metadata').with(
is_expected.to contain_package('neutron-metadata').with(
:ensure => params[:package_ensure],
:name => platform_params[:metadata_agent_package]
:name => platform_params[:metadata_agent_package],
:tag => 'openstack'
)
end
@ -103,8 +115,9 @@ describe 'neutron::agents::metadata' do
context 'on Red Hat platforms' do
let :facts do
{ :osfamily => 'RedHat',
:processorcount => '2' }
default_facts.merge(
{ :osfamily => 'RedHat' }
)
end
let :platform_params do

38
deployment/puppet/neutron/spec/classes/neutron_agents_metering_spec.rb
View File

@ -43,38 +43,44 @@ describe 'neutron::agents::metering' do
}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
shared_examples_for 'neutron metering agent' do
let :p do
default_params.merge(params)
end
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it 'configures metering_agent.ini' do
should contain_neutron_metering_agent_config('DEFAULT/debug').with_value(p[:debug]);
should contain_neutron_metering_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver]);
should contain_neutron_metering_agent_config('DEFAULT/use_namespaces').with_value(p[:use_namespaces]);
should contain_neutron_metering_agent_config('DEFAULT/measure_interval').with_value(p[:measure_interval]);
should contain_neutron_metering_agent_config('DEFAULT/report_interval').with_value(p[:report_interval]);
is_expected.to contain_neutron_metering_agent_config('DEFAULT/debug').with_value(p[:debug]);
is_expected.to contain_neutron_metering_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver]);
is_expected.to contain_neutron_metering_agent_config('DEFAULT/use_namespaces').with_value(p[:use_namespaces]);
is_expected.to contain_neutron_metering_agent_config('DEFAULT/measure_interval').with_value(p[:measure_interval]);
is_expected.to contain_neutron_metering_agent_config('DEFAULT/report_interval').with_value(p[:report_interval]);
end
it 'installs neutron metering agent package' do
if platform_params.has_key?(:metering_agent_package)
should contain_package('neutron-metering-agent').with(
is_expected.to contain_package('neutron-metering-agent').with(
:name => platform_params[:metering_agent_package],
:ensure => p[:package_ensure]
:ensure => p[:package_ensure],
:tag => 'openstack'
)
should contain_package('neutron').with_before(/Package\[neutron-metering-agent\]/)
should contain_package('neutron-metering-agent').with_before(/Neutron_metering_agent_config\[.+\]/)
should contain_package('neutron-metering-agent').with_before(/Neutron_config\[.+\]/)
is_expected.to contain_package('neutron').with_before(/Package\[neutron-metering-agent\]/)
is_expected.to contain_package('neutron-metering-agent').with_before(/Neutron_metering_agent_config\[.+\]/)
is_expected.to contain_package('neutron-metering-agent').with_before(/Neutron_config\[.+\]/)
else
should contain_package('neutron').with_before(/Neutron_metering_agent_config\[.+\]/)
is_expected.to contain_package('neutron').with_before(/Neutron_metering_agent_config\[.+\]/)
end
end
it 'configures neutron metering agent service' do
should contain_service('neutron-metering-service').with(
is_expected.to contain_service('neutron-metering-service').with(
:name => platform_params[:metering_agent_service],
:enable => true,
:ensure => 'running',
@ -87,14 +93,14 @@ describe 'neutron::agents::metering' do
params.merge!(:manage_service => false)
end
it 'should not start/stop service' do
should contain_service('neutron-metering-service').without_ensure
is_expected.to contain_service('neutron-metering-service').without_ensure
end
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
let :platform_params do
@ -107,7 +113,7 @@ describe 'neutron::agents::metering' do
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
let :platform_params do

65
deployment/puppet/neutron/spec/classes/neutron_agents_ml2_linuxbridge_spec.rb
View File

@ -20,6 +20,12 @@ describe 'neutron::agents::ml2::linuxbridge' do
:firewall_driver => 'neutron.agent.linux.iptables_firewall.IptablesFirewallDriver' }
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
let :params do
{}
end
@ -27,12 +33,12 @@ describe 'neutron::agents::ml2::linuxbridge' do
shared_examples_for 'neutron plugin linuxbridge agent with ml2 plugin' do
context 'with default parameters' do
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it 'configures ml2_conf.ini' do
should contain_neutron_plugin_linuxbridge('agent/polling_interval').with_value(default_params[:polling_interval])
should contain_neutron_plugin_linuxbridge('linux_bridge/physical_interface_mappings').with_value(default_params[:physical_interface_mappings].join(','))
should contain_neutron_plugin_linuxbridge('securitygroup/firewall_driver').with_value(default_params[:firewall_driver])
is_expected.to contain_neutron_agent_linuxbridge('agent/polling_interval').with_value(default_params[:polling_interval])
is_expected.to contain_neutron_agent_linuxbridge('linux_bridge/physical_interface_mappings').with_value(default_params[:physical_interface_mappings].join(','))
is_expected.to contain_neutron_agent_linuxbridge('securitygroup/firewall_driver').with_value(default_params[:firewall_driver])
end
it 'installs neutron linuxbridge agent package' do
@ -42,16 +48,17 @@ describe 'neutron::agents::ml2::linuxbridge' do
linuxbridge_agent_package = platform_params[:linuxbridge_server_package]
end
should contain_package('neutron-plugin-linuxbridge-agent').with(
is_expected.to contain_package('neutron-plugin-linuxbridge-agent').with(
:name => linuxbridge_agent_package,
:ensure => default_params[:package_ensure]
:ensure => default_params[:package_ensure],
:tag => 'openstack'
)
should contain_package('neutron-plugin-linuxbridge-agent').with_before(/Neutron_plugin_linuxbridge\[.+\]/)
is_expected.to contain_package('neutron-plugin-linuxbridge-agent').with_before(/Neutron_agent_linuxbridge\[.+\]/)
end
it 'configures neutron linuxbridge agent service' do
should contain_service('neutron-plugin-linuxbridge-agent').with(
is_expected.to contain_service('neutron-plugin-linuxbridge-agent').with(
:name => platform_params[:linuxbridge_agent_service],
:enable => true,
:ensure => 'running',
@ -60,10 +67,10 @@ describe 'neutron::agents::ml2::linuxbridge' do
end
it 'does not configre VXLAN tunneling' do
should contain_neutron_plugin_linuxbridge('vxlan/enable_vxlan').with_value(false)
should contain_neutron_plugin_linuxbridge('vxlan/local_ip').with_ensure('absent')
should contain_neutron_plugin_linuxbridge('vxlan/vxlan_group').with_ensure('absent')
should contain_neutron_plugin_linuxbridge('vxlan/l2_population').with_ensure('absent')
is_expected.to contain_neutron_agent_linuxbridge('vxlan/enable_vxlan').with_value(false)
is_expected.to contain_neutron_agent_linuxbridge('vxlan/local_ip').with_ensure('absent')
is_expected.to contain_neutron_agent_linuxbridge('vxlan/vxlan_group').with_ensure('absent')
is_expected.to contain_neutron_agent_linuxbridge('vxlan/l2_population').with_ensure('absent')
end
end
@ -77,12 +84,12 @@ describe 'neutron::agents::ml2::linuxbridge' do
context 'when providing all parameters' do
it 'configures ml2_conf.ini' do
should contain_neutron_plugin_linuxbridge('vxlan/enable_vxlan').with_value(true)
should contain_neutron_plugin_linuxbridge('vxlan/local_ip').with_value(params[:local_ip])
should contain_neutron_plugin_linuxbridge('vxlan/vxlan_group').with_value(default_params[:vxlan_group])
should contain_neutron_plugin_linuxbridge('vxlan/vxlan_ttl').with_ensure('absent')
should contain_neutron_plugin_linuxbridge('vxlan/vxlan_tos').with_ensure('absent')
should contain_neutron_plugin_linuxbridge('vxlan/l2_population').with_value(default_params[:l2_population])
is_expected.to contain_neutron_agent_linuxbridge('vxlan/enable_vxlan').with_value(true)
is_expected.to contain_neutron_agent_linuxbridge('vxlan/local_ip').with_value(params[:local_ip])
is_expected.to contain_neutron_agent_linuxbridge('vxlan/vxlan_group').with_value(default_params[:vxlan_group])
is_expected.to contain_neutron_agent_linuxbridge('vxlan/vxlan_ttl').with_ensure('absent')
is_expected.to contain_neutron_agent_linuxbridge('vxlan/vxlan_tos').with_ensure('absent')
is_expected.to contain_neutron_agent_linuxbridge('vxlan/l2_population').with_value(default_params[:l2_population])
end
end
@ -97,12 +104,12 @@ describe 'neutron::agents::ml2::linuxbridge' do
end
it 'configures ml2_conf.ini' do
should contain_neutron_plugin_linuxbridge('vxlan/enable_vxlan').with_value(true)
should contain_neutron_plugin_linuxbridge('vxlan/local_ip').with_value(params[:local_ip])
should contain_neutron_plugin_linuxbridge('vxlan/vxlan_group').with_value(params[:vxlan_group])
should contain_neutron_plugin_linuxbridge('vxlan/vxlan_ttl').with_value(params[:vxlan_ttl])
should contain_neutron_plugin_linuxbridge('vxlan/vxlan_tos').with_value(params[:vxlan_tos])
should contain_neutron_plugin_linuxbridge('vxlan/l2_population').with_value(params[:l2_population])
is_expected.to contain_neutron_agent_linuxbridge('vxlan/enable_vxlan').with_value(true)
is_expected.to contain_neutron_agent_linuxbridge('vxlan/local_ip').with_value(params[:local_ip])
is_expected.to contain_neutron_agent_linuxbridge('vxlan/vxlan_group').with_value(params[:vxlan_group])
is_expected.to contain_neutron_agent_linuxbridge('vxlan/vxlan_ttl').with_value(params[:vxlan_ttl])
is_expected.to contain_neutron_agent_linuxbridge('vxlan/vxlan_tos').with_value(params[:vxlan_tos])
is_expected.to contain_neutron_agent_linuxbridge('vxlan/l2_population').with_value(params[:l2_population])
end
end
end
@ -113,7 +120,7 @@ describe 'neutron::agents::ml2::linuxbridge' do
end
it 'configures physical interface mappings' do
should contain_neutron_plugin_linuxbridge('linux_bridge/physical_interface_mappings').with_value(
is_expected.to contain_neutron_agent_linuxbridge('linux_bridge/physical_interface_mappings').with_value(
params[:physical_interface_mappings].join(',')
)
end
@ -124,14 +131,14 @@ describe 'neutron::agents::ml2::linuxbridge' do
params.merge!(:firewall_driver => false)
end
it 'removes firewall driver configuration' do
should contain_neutron_plugin_linuxbridge('securitygroup/firewall_driver').with_ensure('absent')
is_expected.to contain_neutron_agent_linuxbridge('securitygroup/firewall_driver').with_ensure('absent')
end
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
let :platform_params do
@ -144,14 +151,12 @@ describe 'neutron::agents::ml2::linuxbridge' do
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
let :platform_params do
{ :linuxbridge_server_package => 'openstack-neutron-linuxbridge',
:linuxbridge_agent_service => 'neutron-linuxbridge-agent' }
end
it_configures 'neutron plugin linuxbridge agent with ml2 plugin'
end
end

128
deployment/puppet/neutron/spec/classes/neutron_agents_ml2_ovs_spec.rb
View File

@ -7,18 +7,25 @@ describe 'neutron::agents::ml2::ovs' do
end
let :default_params do
{ :package_ensure => 'present',
:enabled => true,
:bridge_uplinks => [],
:bridge_mappings => [],
:integration_bridge => 'br-int',
:enable_tunneling => false,
:local_ip => false,
:tunnel_bridge => 'br-tun',
:polling_interval => 2,
:l2_population => false,
:arp_responder => false,
:firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' }
{ :package_ensure => 'present',
:enabled => true,
:bridge_uplinks => [],
:bridge_mappings => [],
:integration_bridge => 'br-int',
:enable_tunneling => false,
:local_ip => false,
:tunnel_bridge => 'br-tun',
:polling_interval => 2,
:l2_population => false,
:arp_responder => false,
:enable_distributed_routing => false,
:firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' }
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
let :params do
@ -30,41 +37,42 @@ describe 'neutron::agents::ml2::ovs' do
default_params.merge(params)
end
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it 'configures ovs_neutron_plugin.ini' do
should contain_neutron_plugin_ml2('agent/polling_interval').with_value(p[:polling_interval])
should contain_neutron_plugin_ml2('agent/l2_population').with_value(p[:l2_population])
should contain_neutron_plugin_ml2('agent/arp_responder').with_value(p[:arp_responder])
should contain_neutron_plugin_ml2('ovs/integration_bridge').with_value(p[:integration_bridge])
should contain_neutron_plugin_ml2('securitygroup/firewall_driver').\
is_expected.to contain_neutron_agent_ovs('agent/polling_interval').with_value(p[:polling_interval])
is_expected.to contain_neutron_agent_ovs('agent/l2_population').with_value(p[:l2_population])
is_expected.to contain_neutron_agent_ovs('agent/arp_responder').with_value(p[:arp_responder])
is_expected.to contain_neutron_agent_ovs('ovs/integration_bridge').with_value(p[:integration_bridge])
is_expected.to contain_neutron_agent_ovs('securitygroup/firewall_driver').\
with_value(p[:firewall_driver])
should contain_neutron_plugin_ml2('ovs/enable_tunneling').with_value(false)
should contain_neutron_plugin_ml2('ovs/tunnel_bridge').with_ensure('absent')
should contain_neutron_plugin_ml2('ovs/local_ip').with_ensure('absent')
is_expected.to contain_neutron_agent_ovs('ovs/enable_tunneling').with_value(false)
is_expected.to contain_neutron_agent_ovs('ovs/tunnel_bridge').with_ensure('absent')
is_expected.to contain_neutron_agent_ovs('ovs/local_ip').with_ensure('absent')
end
it 'configures vs_bridge' do
should contain_vs_bridge(p[:integration_bridge]).with(
is_expected.to contain_vs_bridge(p[:integration_bridge]).with(
:ensure => 'present',
:before => 'Service[neutron-ovs-agent-service]'
)
should_not contain_vs_brige(p[:integration_bridge])
is_expected.not_to contain_vs_brige(p[:integration_bridge])
end
it 'installs neutron ovs agent package' do
if platform_params.has_key?(:ovs_agent_package)
should contain_package('neutron-ovs-agent').with(
is_expected.to contain_package('neutron-ovs-agent').with(
:name => platform_params[:ovs_agent_package],
:ensure => p[:package_ensure]
:ensure => p[:package_ensure],
:tag => 'openstack'
)
should contain_package('neutron-ovs-agent').with_before(/Neutron_plugin_ml2\[.+\]/)
is_expected.to contain_package('neutron-ovs-agent').with_before(/Neutron_agent_ovs\[.+\]/)
else
end
end
it 'configures neutron ovs agent service' do
should contain_service('neutron-ovs-agent-service').with(
is_expected.to contain_service('neutron-ovs-agent-service').with(
:name => platform_params[:ovs_agent_service],
:enable => true,
:ensure => 'running',
@ -77,7 +85,7 @@ describe 'neutron::agents::ml2::ovs' do
params.merge!(:firewall_driver => false)
end
it 'should configure firewall driver' do
should contain_neutron_plugin_ml2('securitygroup/firewall_driver').with_ensure('absent')
is_expected.to contain_neutron_agent_ovs('securitygroup/firewall_driver').with_ensure('absent')
end
end
@ -86,7 +94,17 @@ describe 'neutron::agents::ml2::ovs' do
params.merge!(:arp_responder => true)
end
it 'should enable ARP responder' do
should contain_neutron_plugin_ml2('agent/arp_responder').with_value(true)
is_expected.to contain_neutron_agent_ovs('agent/arp_responder').with_value(true)
end
end
context 'when enabling DVR' do
before :each do
params.merge!(:enable_distributed_routing => true,
:l2_population => true )
end
it 'should enable DVR' do
is_expected.to contain_neutron_agent_ovs('agent/enable_distributed_routing').with_value(true)
end
end
@ -96,17 +114,17 @@ describe 'neutron::agents::ml2::ovs' do
end
it 'configures bridge mappings' do
should contain_neutron_plugin_ml2('ovs/bridge_mappings')
is_expected.to contain_neutron_agent_ovs('ovs/bridge_mappings')
end
it 'should configure bridge mappings' do
should contain_neutron__plugins__ovs__bridge(params[:bridge_mappings].join(',')).with(
is_expected.to contain_neutron__plugins__ovs__bridge(params[:bridge_mappings].join(',')).with(
:before => 'Service[neutron-ovs-agent-service]'
)
end
it 'should configure bridge uplinks' do
should contain_neutron__plugins__ovs__port(params[:bridge_uplinks].join(',')).with(
is_expected.to contain_neutron__plugins__ovs__port(params[:bridge_uplinks].join(',')).with(
:before => 'Service[neutron-ovs-agent-service]'
)
end
@ -117,21 +135,18 @@ describe 'neutron::agents::ml2::ovs' do
before :each do
params.merge!(:enable_tunneling => true)
end
it 'should fail' do
expect do
subject
end.to raise_error(Puppet::Error, /Local ip for ovs agent must be set when tunneling is enabled/)
end
it_raises 'a Puppet::Error', /Local ip for ovs agent must be set when tunneling is enabled/
end
context 'with default params' do
before :each do
params.merge!(:enable_tunneling => true, :local_ip => '127.0.0.1' )
end
it 'should configure ovs for tunneling' do
should contain_neutron_plugin_ml2('ovs/enable_tunneling').with_value(true)
should contain_neutron_plugin_ml2('ovs/tunnel_bridge').with_value(default_params[:tunnel_bridge])
should contain_neutron_plugin_ml2('ovs/local_ip').with_value('127.0.0.1')
should contain_vs_bridge(default_params[:tunnel_bridge]).with(
is_expected.to contain_neutron_agent_ovs('ovs/enable_tunneling').with_value(true)
is_expected.to contain_neutron_agent_ovs('ovs/tunnel_bridge').with_value(default_params[:tunnel_bridge])
is_expected.to contain_neutron_agent_ovs('ovs/local_ip').with_value('127.0.0.1')
is_expected.to contain_vs_bridge(default_params[:tunnel_bridge]).with(
:ensure => 'present',
:before => 'Service[neutron-ovs-agent-service]'
)
@ -147,16 +162,25 @@ describe 'neutron::agents::ml2::ovs' do
end
it 'should perform vxlan network configuration' do
should contain_neutron_plugin_ml2('agent/tunnel_types').with_value(params[:tunnel_types])
should contain_neutron_plugin_ml2('agent/vxlan_udp_port').with_value(params[:vxlan_udp_port])
is_expected.to contain_neutron_agent_ovs('agent/tunnel_types').with_value(params[:tunnel_types])
is_expected.to contain_neutron_agent_ovs('agent/vxlan_udp_port').with_value(params[:vxlan_udp_port])
end
end
context 'when l2 population is disabled and DVR enabled' do
before :each do
params.merge!(:enable_distributed_routing => true,
:l2_population => false )
end
it_raises 'a Puppet::Error', /L2 population must be enabled when DVR is enabled/
end
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
let :platform_params do
@ -169,7 +193,7 @@ describe 'neutron::agents::ml2::ovs' do
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
let :platform_params do
@ -180,19 +204,11 @@ describe 'neutron::agents::ml2::ovs' do
it_configures 'neutron plugin ovs agent with ml2 plugin'
it 'configures neutron ovs cleanup service' do
should contain_service('ovs-cleanup-service').with(
is_expected.to contain_service('ovs-cleanup-service').with(
:name => platform_params[:ovs_cleanup_service],
:enable => true,
:ensure => 'running'
)
should contain_package('neutron-ovs-agent').with_before(/Service\[ovs-cleanup-service\]/)
end
it 'links from ovs config to plugin config' do
should contain_file('/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini').with(
:ensure => 'link',
:target => '/etc/neutron/plugin.ini'
:enable => true
)
is_expected.to contain_package('neutron-ovs-agent').with_before(/Service\[ovs-cleanup-service\]/)
end
end
end

97
deployment/puppet/neutron/spec/classes/neutron_agents_ml2_sriov_spec.rb Normal file
View File

@ -0,0 +1,97 @@
require 'spec_helper'
describe 'neutron::agents::ml2::sriov' do
let :pre_condition do
"class { 'neutron': rabbit_password => 'passw0rd' }"
end
let :default_params do
{ :package_ensure => 'present',
:enabled => true,
:physical_device_mappings => [],
:exclude_devices => [],
:polling_interval => 2,
}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
let :params do
{}
end
shared_examples_for 'neutron sriov-nic agent with ml2 plugin' do
let :p do
default_params.merge(params)
end
it { is_expected.to contain_class('neutron::params') }
it 'configures ovs_neutron_plugin.ini' do
is_expected.to contain_neutron_plugin_ml2('sriov_nic/polling_interval').with_value(p[:polling_interval])
is_expected.to contain_neutron_plugin_ml2('sriov_nic/exclude_devices').with_value(p[:exclude_devices].join(','))
is_expected.to contain_neutron_plugin_ml2('sriov_nic/physical_device_mappings').with_value(p[:physical_device_mappings].join(','))
end
it 'installs neutron sriov-nic agent package' do
is_expected.to contain_package('neutron-sriov-nic-agent').with(
:name => platform_params[:sriov_nic_agent_package],
:ensure => p[:package_ensure],
:tag => 'openstack'
)
is_expected.to contain_package('neutron-sriov-nic-agent').with_before(/Neutron_plugin_ml2\[.+\]/)
end
it 'configures neutron ovs agent service' do
is_expected.to contain_service('neutron-sriov-nic-agent-service').with(
:name => platform_params[:sriov_nic_agent_service],
:enable => true,
:ensure => 'running',
:require => 'Class[Neutron]'
)
end
context 'when supplying device mapping' do
before :each do
params.merge!(:physical_device_mappings => ['physnet1:eth1'],
:exclude_devices => ['physnet1:eth2'])
end
it 'configures physical device mappings with exclusion' do
is_expected.to contain_neutron_plugin_ml2('sriov_nic/exclude_devices').with_value(['physnet1:eth2'])
is_expected.to contain_neutron_plugin_ml2('sriov_nic/physical_device_mappings').with_value(['physnet1:eth1'])
end
end
end
context 'on Debian platforms' do
let :facts do
default_facts.merge({ :osfamily => 'Debian' })
end
let :platform_params do
{ :sriov_nic_agent_package => 'neutron-plugin-sriov-agent',
:sriov_nic_agent_service => 'neutron-plugin-sriov-agent' }
end
it_configures 'neutron sriov-nic agent with ml2 plugin'
end
context 'on RedHat platforms' do
let :facts do
default_facts.merge({ :osfamily => 'RedHat' })
end
let :platform_params do
{ :sriov_nic_agent_package => 'openstack-neutron-sriov-nic-agent',
:sriov_nic_agent_service => 'neutron-sriov-nic-agent' }
end
it_configures 'neutron sriov-nic agent with ml2 plugin'
end
end

102
deployment/puppet/neutron/spec/classes/neutron_agents_n1kv_vem_spec.rb
View File

@ -3,11 +3,13 @@ require 'spec_helper'
describe 'neutron::agents::n1kv_vem' do
let :facts do
{ :osfamily => 'RedHat' }
{ :operatingsystem => 'RedHat',
:operatingsystemrelease => '7',
:osfamily => 'RedHat' }
end
it 'should have a n1kv-vem config file' do
should contain_file('/etc/n1kv/n1kv.conf').with(
is_expected.to contain_file('/etc/n1kv/n1kv.conf').with(
:ensure => 'present',
:owner => 'root',
:group => 'root',
@ -16,10 +18,10 @@ describe 'neutron::agents::n1kv_vem' do
end
it 'install n1kv-vem' do
should contain_package('libnl').with_before('Package[nexus1000v]')
should contain_package('openvswitch').with_before('Package[nexus1000v]')
should contain_package('nexus1000v').with_notify('Service[nexus1000v]')
should contain_service('nexus1000v').with_ensure('running')
is_expected.to contain_package('libnl').with_before(['Package[nexus1000v]'])
is_expected.to contain_service('openvswitch').with_notify(['Package[nexus1000v]'])
is_expected.to contain_package('nexus1000v').with_notify(['Service[nexus1000v]'])
is_expected.to contain_service('nexus1000v').with_ensure('running')
end
context 'with local file vem rpm' do
@ -30,9 +32,9 @@ describe 'neutron::agents::n1kv_vem' do
end
it 'verify dependency' do
should contain_package('nexus1000v').with_source('/var/n1kv/vem.rpm')
should contain_file('/var/n1kv/vem.rpm').that_requires('File[/var/n1kv]')
should contain_file('/var/n1kv/vem.rpm').with(
is_expected.to contain_package('nexus1000v').with_source('/var/n1kv/vem.rpm')
is_expected.to contain_file('/var/n1kv/vem.rpm').that_requires('File[/var/n1kv]')
is_expected.to contain_file('/var/n1kv/vem.rpm').with(
:owner => 'root',
:group => 'root',
:mode => '0664'
@ -48,8 +50,8 @@ describe 'neutron::agents::n1kv_vem' do
end
it 'verify dependency' do
should contain_package('nexus1000v').without_source
should contain_yumrepo('cisco-vem-repo').with(
is_expected.to contain_package('nexus1000v').without_source
is_expected.to contain_yumrepo('cisco-vem-repo').with(
:baseurl => 'http://www.cisco.com/repo',
:enabled => 1
)
@ -57,7 +59,7 @@ describe 'neutron::agents::n1kv_vem' do
end
it 'execute reread config upon config change' do
should contain_exec('vemcmd reread config') \
is_expected.to contain_exec('vemcmd reread config') \
.that_subscribes_to('File[/etc/n1kv/n1kv.conf]')
end
@ -66,22 +68,28 @@ describe 'neutron::agents::n1kv_vem' do
{
:n1kv_vsm_ip => '9.0.0.1',
:n1kv_vsm_domain_id => 900,
:host_mgmt_intf => 'eth9'
:host_mgmt_intf => 'eth9',
:portdb => 'ovs',
:fastpath_flood => 'enable'
}
end
it do
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^l3control-ipaddr 9.0.0.1/)
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^switch-domain 900/)
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^host-mgmt-intf eth9/)
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^portdb ovs/)
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.without_content(/^phys/)
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.without_content(/^virt/)
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^node-type compute/)
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^fastpath-flood enable/)
end
end
@ -92,13 +100,41 @@ describe 'neutron::agents::n1kv_vem' do
}
end
it do
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^node-type network/)
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.without_content(/^node-type compute/)
end
end
context 'verify portdb' do
let :params do
{
:portdb => 'vem',
}
end
it do
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^portdb vem/)
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.without_content(/^portdb ovs/)
end
end
context 'verify fastpath_flood' do
let :params do
{
:fastpath_flood => 'disable',
}
end
it do
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^fastpath-flood disable/)
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.without_content(/^fastpath-flood enable/)
end
end
context 'verify n1kv.conf with uplinks' do
let :params do
{
@ -108,9 +144,9 @@ describe 'neutron::agents::n1kv_vem' do
}
end
it do
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^phys eth1 profile prof1/)
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^phys eth2 profile prof2/)
end
@ -131,9 +167,9 @@ describe 'neutron::agents::n1kv_vem' do
}
end
it do
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^virt vtep1 profile profint mode dhcp/)
should contain_file('/etc/n1kv/n1kv.conf') \
is_expected.to contain_file('/etc/n1kv/n1kv.conf') \
.with_content(/^virt vtep2 profile profint mode static/)
end
@ -146,7 +182,7 @@ describe 'neutron::agents::n1kv_vem' do
}
end
it 'should not start/stop service' do
should contain_service('nexus1000v').without_ensure
is_expected.to contain_service('nexus1000v').without_ensure
end
end
@ -158,7 +194,7 @@ describe 'neutron::agents::n1kv_vem' do
}
end
it 'should stop service' do
should contain_service('nexus1000v').with_ensure('stopped')
is_expected.to contain_service('nexus1000v').with_ensure('stopped')
end
end
@ -169,12 +205,12 @@ describe 'neutron::agents::n1kv_vem' do
}
end
it do
should contain_sysctl__value('net.ipv4.conf.default.rp_filter').with_value('2')
should contain_sysctl__value('net.ipv4.conf.all.rp_filter').with_value('2')
should contain_sysctl__value('net.ipv4.conf.default.arp_ignore').with_value('1')
should contain_sysctl__value('net.ipv4.conf.all.arp_ignore').with_value('1')
should contain_sysctl__value('net.ipv4.conf.all.arp_announce').with_value('2')
should contain_sysctl__value('net.ipv4.conf.default.arp_announce').with_value('2')
is_expected.to contain_sysctl__value('net.ipv4.conf.default.rp_filter').with_value('2')
is_expected.to contain_sysctl__value('net.ipv4.conf.all.rp_filter').with_value('2')
is_expected.to contain_sysctl__value('net.ipv4.conf.default.arp_ignore').with_value('1')
is_expected.to contain_sysctl__value('net.ipv4.conf.all.arp_ignore').with_value('1')
is_expected.to contain_sysctl__value('net.ipv4.conf.all.arp_announce').with_value('2')
is_expected.to contain_sysctl__value('net.ipv4.conf.default.arp_announce').with_value('2')
end
end

200
deployment/puppet/neutron/spec/classes/neutron_agents_ovs_spec.rb
View File

@ -1,200 +0,0 @@
require 'spec_helper'
describe 'neutron::agents::ovs' do
let :pre_condition do
"class { 'neutron': rabbit_password => 'passw0rd' }\n" +
"class { 'neutron::plugins::ovs': network_vlan_ranges => 'physnet1:1000:2000' }"
end
let :default_params do
{ :package_ensure => 'present',
:manage_service => true,
:enabled => true,
:bridge_uplinks => [],
:bridge_mappings => [],
:integration_bridge => 'br-int',
:enable_tunneling => false,
:local_ip => false,
:tunnel_bridge => 'br-tun',
:polling_interval => 2,
:firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver',
:veth_mtu => ''
}
end
let :params do
{}
end
shared_examples_for 'neutron plugin ovs agent' do
let :p do
default_params.merge(params)
end
it { should contain_class('neutron::params') }
it 'configures ovs_neutron_plugin.ini' do
should contain_neutron_plugin_ovs('AGENT/polling_interval').with_value(p[:polling_interval])
should contain_neutron_plugin_ovs('OVS/integration_bridge').with_value(p[:integration_bridge])
should contain_neutron_plugin_ovs('SECURITYGROUP/firewall_driver').\
with_value(p[:firewall_driver])
should contain_neutron_plugin_ovs('OVS/enable_tunneling').with_value(false)
should contain_neutron_plugin_ovs('OVS/tunnel_bridge').with_ensure('absent')
should contain_neutron_plugin_ovs('OVS/local_ip').with_ensure('absent')
should contain_neutron_plugin_ovs('AGENT/veth_mtu').with_ensure('absent')
end
it 'configures vs_bridge' do
should contain_vs_bridge(p[:integration_bridge]).with_ensure('present')
end
it 'installs neutron ovs agent package' do
if platform_params.has_key?(:ovs_agent_package)
should contain_package('neutron-plugin-ovs-agent').with(
:name => platform_params[:ovs_agent_package],
:ensure => p[:package_ensure]
)
should contain_package('neutron-plugin-ovs-agent').with_before(/Neutron_plugin_ovs\[.+\]/)
else
should contain_package('neutron-plugin-ovs').with_before(/Neutron_plugin_ovs\[.+\]/)
end
end
it 'configures neutron ovs agent service' do
should contain_service('neutron-plugin-ovs-service').with(
:name => platform_params[:ovs_agent_service],
:enable => true,
:ensure => 'running',
:require => 'Class[Neutron]'
)
end
context 'with veth_mtu set' do
before :each do
params.merge(:veth_mtu => '9000')
end
it 'should set the veth_mtu on the ovs agent' do
should contain_neutron_plugin_ovs('AGENT/veth_mtu').with_value(params[:veth_mtu])
end
end
context 'when not installing ovs agent package' do
before :each do
params.merge!(:package_ensure => 'absent')
end
it 'uninstalls neutron ovs agent package' do
if platform_params.has_key?(:ovs_agent_package)
should contain_package('neutron-plugin-ovs-agent').with(
:name => platform_params[:ovs_agent_package],
:ensure => p[:package_ensure]
)
end
end
end
context 'when supplying a firewall driver' do
before :each do
params.merge!(:firewall_driver => false)
end
it 'should configure firewall driver' do
should contain_neutron_plugin_ovs('SECURITYGROUP/firewall_driver').with_ensure('absent')
end
end
context 'when supplying bridge mappings for provider networks' do
before :each do
params.merge!(:bridge_uplinks => ['br-ex:eth2'],:bridge_mappings => ['default:br-ex'])
end
it 'configures bridge mappings' do
should contain_neutron_plugin_ovs('OVS/bridge_mappings')
end
it 'should configure bridge mappings' do
should contain_neutron__plugins__ovs__bridge(params[:bridge_mappings].join(',')).with(
:before => 'Service[neutron-plugin-ovs-service]'
)
end
it 'should configure bridge uplinks' do
should contain_neutron__plugins__ovs__port(params[:bridge_uplinks].join(',')).with(
:before => 'Service[neutron-plugin-ovs-service]'
)
end
end
context 'when enabling tunneling' do
context 'without local ip address' do
before :each do
params.merge!(:enable_tunneling => true)
end
it 'should fail' do
expect do
subject
end.to raise_error(Puppet::Error, /Local ip for ovs agent must be set when tunneling is enabled/)
end
end
context 'with default params' do
before :each do
params.merge!(:enable_tunneling => true, :local_ip => '127.0.0.1' )
end
it 'should configure ovs for tunneling' do
should contain_neutron_plugin_ovs('OVS/enable_tunneling').with_value(true)
should contain_neutron_plugin_ovs('OVS/tunnel_bridge').with_value(default_params[:tunnel_bridge])
should contain_neutron_plugin_ovs('OVS/local_ip').with_value('127.0.0.1')
should contain_vs_bridge(default_params[:tunnel_bridge]).with_ensure('present')
end
end
context 'with vxlan tunneling' do
before :each do
params.merge!(:enable_tunneling => true,
:local_ip => '127.0.0.1',
:tunnel_types => ['vxlan'],
:vxlan_udp_port => '4789')
end
it 'should perform vxlan network configuration' do
should contain_neutron_plugin_ovs('agent/tunnel_types').with_value(params[:tunnel_types])
should contain_neutron_plugin_ovs('agent/vxlan_udp_port').with_value(params[:vxlan_udp_port])
end
end
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
end
let :platform_params do
{ :ovs_agent_package => 'neutron-plugin-openvswitch-agent',
:ovs_agent_service => 'neutron-plugin-openvswitch-agent' }
end
it_configures 'neutron plugin ovs agent'
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
end
let :platform_params do
{ :ovs_cleanup_service => 'neutron-ovs-cleanup',
:ovs_agent_service => 'neutron-openvswitch-agent' }
end
it_configures 'neutron plugin ovs agent'
it 'configures neutron ovs cleanup service' do
should contain_service('ovs-cleanup-service').with(
:name => platform_params[:ovs_cleanup_service],
:enable => true
)
should contain_package('neutron-plugin-ovs').with_before(/Service\[ovs-cleanup-service\]/)
end
end
end

64
deployment/puppet/neutron/spec/classes/neutron_agents_vpnaas_spec.rb
View File

@ -39,21 +39,26 @@ describe 'neutron::agents::vpnaas' do
}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
shared_examples_for 'neutron vpnaas agent' do
let :p do
default_params.merge(params)
end
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it_configures 'openswan vpnaas_driver'
it 'configures vpnaas_agent.ini' do
should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(p[:vpn_device_driver]);
should contain_neutron_vpnaas_agent_config('ipsec/ipsec_status_check_interval').with_value(p[:ipsec_status_check_interval]);
should contain_neutron_vpnaas_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver]);
should contain_neutron_vpnaas_agent_config('DEFAULT/external_network_bridge').with_ensure('absent');
is_expected.to contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(p[:vpn_device_driver]);
is_expected.to contain_neutron_vpnaas_agent_config('ipsec/ipsec_status_check_interval').with_value(p[:ipsec_status_check_interval]);
is_expected.to contain_neutron_vpnaas_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver]);
is_expected.to contain_neutron_vpnaas_agent_config('DEFAULT/external_network_bridge').with_ensure('absent');
end
context 'with external_network_bridge as br-ex' do
@ -64,25 +69,26 @@ describe 'neutron::agents::vpnaas' do
end
it 'configures vpnaas_agent.ini' do
should contain_neutron_vpnaas_agent_config('DEFAULT/external_network_bridge').with_value(p[:external_network_bridge]);
is_expected.to contain_neutron_vpnaas_agent_config('DEFAULT/external_network_bridge').with_value(p[:external_network_bridge]);
end
end
it 'installs neutron vpnaas agent package' do
if platform_params.has_key?(:vpnaas_agent_package)
should contain_package('neutron-vpnaas-agent').with(
is_expected.to contain_package('neutron-vpnaas-agent').with(
:name => platform_params[:vpnaas_agent_package],
:ensure => p[:package_ensure]
:ensure => p[:package_ensure],
:tag => 'openstack'
)
should contain_package('neutron').with_before(/Package\[neutron-vpnaas-agent\]/)
should contain_package('neutron-vpnaas-agent').with_before(/Neutron_vpnaas_agent_config\[.+\]/)
is_expected.to contain_package('neutron').with_before(/Package\[neutron-vpnaas-agent\]/)
is_expected.to contain_package('neutron-vpnaas-agent').with_before(/Neutron_vpnaas_agent_config\[.+\]/)
else
should contain_package('neutron').with_before(/Neutron_vpnaas_agent_config\[.+\]/)
is_expected.to contain_package('neutron').with_before(/Neutron_vpnaas_agent_config\[.+\]/)
end
end
it 'configures neutron vpnaas agent service' do
should contain_service('neutron-vpnaas-service').with(
is_expected.to contain_service('neutron-vpnaas-service').with(
:name => platform_params[:vpnaas_agent_service],
:enable => true,
:ensure => 'running',
@ -95,7 +101,7 @@ describe 'neutron::agents::vpnaas' do
params.merge!(:manage_service => false)
end
it 'should not start/stop service' do
should contain_service('neutron-vpnaas-service').without_ensure
is_expected.to contain_service('neutron-vpnaas-service').without_ensure
end
end
end
@ -103,9 +109,9 @@ describe 'neutron::agents::vpnaas' do
shared_examples_for 'openswan vpnaas_driver' do
it 'installs openswan packages' do
if platform_params.has_key?(:vpnaas_agent_package)
should contain_package('openswan').with_before('Package[neutron-vpnaas-agent]')
is_expected.to contain_package('openswan').with_before(['Package[neutron-vpnaas-agent]'])
end
should contain_package('openswan').with(
is_expected.to contain_package('openswan').with(
:ensure => 'present',
:name => platform_params[:openswan_package]
)
@ -114,7 +120,7 @@ describe 'neutron::agents::vpnaas' do
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
let :platform_params do
@ -126,13 +132,33 @@ describe 'neutron::agents::vpnaas' do
it_configures 'neutron vpnaas agent'
end
context 'on RedHat platforms' do
context 'on RedHat 6 platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge(
{ :osfamily => 'RedHat',
:operatingsystemrelease => '6.5',
:operatingsystemmajrelease => 6 })
end
let :platform_params do
{ :openswan_package => 'openswan',
{ :openswan_package => 'openswan',
:vpnaas_agent_package => 'openstack-neutron-vpn-agent',
:vpnaas_agent_service => 'neutron-vpn-agent'}
end
it_configures 'neutron vpnaas agent'
end
context 'on RedHat 7 platforms' do
let :facts do
default_facts.merge(
{ :osfamily => 'RedHat',
:operatingsystemrelease => '7.1.2',
:operatingsystemmajrelease => 7 })
end
let :platform_params do
{ :openswan_package => 'libreswan',
:vpnaas_agent_package => 'openstack-neutron-vpn-agent',
:vpnaas_agent_service => 'neutron-vpn-agent'}
end

14
deployment/puppet/neutron/spec/classes/neutron_client_spec.rb
View File

@ -2,19 +2,25 @@ require 'spec_helper'
describe 'neutron::client' do
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
it { should contain_class('neutron::client') }
it { is_expected.to contain_class('neutron::client') }
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
it { should contain_class('neutron::client') }
it { is_expected.to contain_class('neutron::client') }
end
end

21
deployment/puppet/neutron/spec/classes/neutron_db_mysql_spec.rb
View File

@ -10,34 +10,39 @@ describe 'neutron::db::mysql' do
{ :password => 'passw0rd',
}
end
let :facts do
{ :osfamily => 'Debian' }
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
it { should contain_openstacklib__db__mysql('neutron').with(
it { is_expected.to contain_openstacklib__db__mysql('neutron').with(
:user => 'neutron',
:password_hash => '*74B1C21ACE0C2D6B0678A5E503D2A60E8F9651A3',
:host => '127.0.0.1',
:charset => 'utf8'
:charset => 'utf8',
:collate => 'utf8_general_ci',
) }
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
it { should contain_openstacklib__db__mysql('neutron').with(
it { is_expected.to contain_openstacklib__db__mysql('neutron').with(
:user => 'neutron',
:password_hash => '*74B1C21ACE0C2D6B0678A5E503D2A60E8F9651A3',
:host => '127.0.0.1',
:charset => 'utf8'
:charset => 'utf8',
:collate => 'utf8_general_ci',
) }
end

64
deployment/puppet/neutron/spec/classes/neutron_db_postgresql_spec.rb Normal file
View File

@ -0,0 +1,64 @@
require 'spec_helper'
describe 'neutron::db::postgresql' do
let :req_params do
{ :password => 'pw' }
end
let :pre_condition do
'include postgresql::server'
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
context 'on a RedHat osfamily' do
let :facts do
default_facts.merge({
:osfamily => 'RedHat',
:operatingsystemrelease => '7.0',
:concat_basedir => '/var/lib/puppet/concat'
})
end
context 'with only required parameters' do
let :params do
req_params
end
it { is_expected.to contain_postgresql__server__db('neutron').with(
:user => 'neutron',
:password => 'md5696acd1dd66513a556a18a1beccd03d1'
)}
end
end
context 'on a Debian osfamily' do
let :facts do
default_facts.merge({
:operatingsystemrelease => '7.8',
:operatingsystem => 'Debian',
:osfamily => 'Debian',
:concat_basedir => '/var/lib/puppet/concat'
})
end
context 'with only required parameters' do
let :params do
req_params
end
it { is_expected.to contain_postgresql__server__db('neutron').with(
:user => 'neutron',
:password => 'md5696acd1dd66513a556a18a1beccd03d1'
)}
end
end
end

204
deployment/puppet/neutron/spec/classes/neutron_init_spec.rb
View File

@ -19,6 +19,12 @@ describe 'neutron' do
}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
shared_examples_for 'neutron' do
context 'and if rabbit_host parameter is provided' do
@ -44,8 +50,8 @@ describe 'neutron' do
end
it 'configures logging' do
should contain_neutron_config('DEFAULT/log_file').with_ensure('absent')
should contain_neutron_config('DEFAULT/log_dir').with_value(params[:log_dir])
is_expected.to contain_neutron_config('DEFAULT/log_file').with_ensure('absent')
is_expected.to contain_neutron_config('DEFAULT/log_dir').with_value(params[:log_dir])
end
end
@ -65,83 +71,87 @@ describe 'neutron' do
it_configures 'with logging disabled'
it_configures 'without service_plugins'
it_configures 'with service_plugins'
it_configures 'without memcache_servers'
it_configures 'with memcache_servers'
end
shared_examples_for 'a neutron base installation' do
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it 'configures neutron configuration folder' do
should contain_file('/etc/neutron/').with(
is_expected.to contain_file('/etc/neutron/').with(
:ensure => 'directory',
:owner => 'root',
:group => 'neutron',
:mode => '0750',
:require => 'Package[neutron]'
)
end
it 'configures neutron configuration file' do
should contain_file('/etc/neutron/neutron.conf').with(
is_expected.to contain_file('/etc/neutron/neutron.conf').with(
:owner => 'root',
:group => 'neutron',
:mode => '0640',
:require => 'Package[neutron]'
)
end
it 'installs neutron package' do
should contain_package('neutron').with(
is_expected.to contain_package('neutron').with(
:ensure => 'present',
:name => platform_params[:common_package_name]
:name => platform_params[:common_package_name],
:tag => 'openstack'
)
end
it 'configures credentials for rabbit' do
should contain_neutron_config('DEFAULT/rabbit_userid').with_value( params[:rabbit_user] )
should contain_neutron_config('DEFAULT/rabbit_password').with_value( params[:rabbit_password] )
should contain_neutron_config('DEFAULT/rabbit_password').with_secret( true )
should contain_neutron_config('DEFAULT/rabbit_virtual_host').with_value( params[:rabbit_virtual_host] )
should contain_neutron_config('DEFAULT/kombu_reconnect_delay').with_value( params[:kombu_reconnect_delay] )
is_expected.to contain_neutron_config('oslo_messaging_rabbit/rabbit_userid').with_value( params[:rabbit_user] )
is_expected.to contain_neutron_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] )
is_expected.to contain_neutron_config('oslo_messaging_rabbit/rabbit_password').with_secret( true )
is_expected.to contain_neutron_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value( params[:rabbit_virtual_host] )
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_reconnect_delay').with_value( params[:kombu_reconnect_delay] )
end
it 'configures neutron.conf' do
should contain_neutron_config('DEFAULT/verbose').with_value( params[:verbose] )
should contain_neutron_config('DEFAULT/bind_host').with_value('0.0.0.0')
should contain_neutron_config('DEFAULT/bind_port').with_value('9696')
should contain_neutron_config('DEFAULT/auth_strategy').with_value('keystone')
should contain_neutron_config('DEFAULT/core_plugin').with_value( params[:core_plugin] )
should contain_neutron_config('DEFAULT/base_mac').with_value('fa:16:3e:00:00:00')
should contain_neutron_config('DEFAULT/mac_generation_retries').with_value(16)
should contain_neutron_config('DEFAULT/dhcp_lease_duration').with_value(86400)
should contain_neutron_config('DEFAULT/dhcp_agents_per_network').with_value(1)
should contain_neutron_config('DEFAULT/network_device_mtu').with_ensure('absent')
should contain_neutron_config('DEFAULT/dhcp_agent_notification').with_value(true)
should contain_neutron_config('DEFAULT/allow_bulk').with_value(true)
should contain_neutron_config('DEFAULT/allow_pagination').with_value(false)
should contain_neutron_config('DEFAULT/allow_sorting').with_value(false)
should contain_neutron_config('DEFAULT/allow_overlapping_ips').with_value(false)
should contain_neutron_config('DEFAULT/control_exchange').with_value('neutron')
should contain_neutron_config('agent/root_helper').with_value('sudo neutron-rootwrap /etc/neutron/rootwrap.conf')
should contain_neutron_config('agent/report_interval').with_value('30')
is_expected.to contain_neutron_config('DEFAULT/verbose').with_value( params[:verbose] )
is_expected.to contain_neutron_config('DEFAULT/bind_host').with_value('0.0.0.0')
is_expected.to contain_neutron_config('DEFAULT/bind_port').with_value('9696')
is_expected.to contain_neutron_config('DEFAULT/auth_strategy').with_value('keystone')
is_expected.to contain_neutron_config('DEFAULT/core_plugin').with_value( params[:core_plugin] )
is_expected.to contain_neutron_config('DEFAULT/base_mac').with_value('fa:16:3e:00:00:00')
is_expected.to contain_neutron_config('DEFAULT/mac_generation_retries').with_value(16)
is_expected.to contain_neutron_config('DEFAULT/dhcp_lease_duration').with_value(86400)
is_expected.to contain_neutron_config('DEFAULT/dhcp_agents_per_network').with_value(1)
is_expected.to contain_neutron_config('DEFAULT/network_device_mtu').with_ensure('absent')
is_expected.to contain_neutron_config('DEFAULT/dhcp_agent_notification').with_value(true)
is_expected.to contain_neutron_config('DEFAULT/allow_bulk').with_value(true)
is_expected.to contain_neutron_config('DEFAULT/allow_pagination').with_value(false)
is_expected.to contain_neutron_config('DEFAULT/allow_sorting').with_value(false)
is_expected.to contain_neutron_config('DEFAULT/allow_overlapping_ips').with_value(false)
is_expected.to contain_neutron_config('DEFAULT/api_extensions_path').with_value(nil)
is_expected.to contain_neutron_config('DEFAULT/control_exchange').with_value('neutron')
is_expected.to contain_neutron_config('DEFAULT/state_path').with_value('/var/lib/neutron')
is_expected.to contain_neutron_config('DEFAULT/lock_path').with_value('/var/lib/neutron/lock')
is_expected.to contain_neutron_config('agent/root_helper').with_value('sudo neutron-rootwrap /etc/neutron/rootwrap.conf')
is_expected.to contain_neutron_config('agent/report_interval').with_value('30')
end
end
shared_examples_for 'rabbit HA with a single virtual host' do
it 'in neutron.conf' do
should_not contain_neutron_config('DEFAULT/rabbit_host')
should_not contain_neutron_config('DEFAULT/rabbit_port')
should contain_neutron_config('DEFAULT/rabbit_hosts').with_value( params[:rabbit_hosts] )
should contain_neutron_config('DEFAULT/rabbit_ha_queues').with_value(true)
is_expected.not_to contain_neutron_config('oslo_messaging_rabbit/rabbit_host')
is_expected.not_to contain_neutron_config('oslo_messaging_rabbit/rabbit_port')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/rabbit_hosts').with_value( params[:rabbit_hosts] )
is_expected.to contain_neutron_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(true)
end
end
shared_examples_for 'rabbit HA with multiple hosts' do
it 'in neutron.conf' do
should_not contain_neutron_config('DEFAULT/rabbit_host')
should_not contain_neutron_config('DEFAULT/rabbit_port')
should contain_neutron_config('DEFAULT/rabbit_hosts').with_value( params[:rabbit_hosts].join(',') )
should contain_neutron_config('DEFAULT/rabbit_ha_queues').with_value(true)
is_expected.not_to contain_neutron_config('oslo_messaging_rabbit/rabbit_host')
is_expected.not_to contain_neutron_config('oslo_messaging_rabbit/rabbit_port')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/rabbit_hosts').with_value( params[:rabbit_hosts].join(',') )
is_expected.to contain_neutron_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(true)
end
end
@ -155,10 +165,10 @@ describe 'neutron' do
)
end
it { should contain_neutron_config('DEFAULT/use_ssl').with_value('true') }
it { should contain_neutron_config('DEFAULT/ssl_cert_file').with_value('/path/to/cert') }
it { should contain_neutron_config('DEFAULT/ssl_key_file').with_value('/path/to/key') }
it { should contain_neutron_config('DEFAULT/ssl_ca_file').with_value('/path/to/ca') }
it { is_expected.to contain_neutron_config('DEFAULT/use_ssl').with_value('true') }
it { is_expected.to contain_neutron_config('DEFAULT/ssl_cert_file').with_value('/path/to/cert') }
it { is_expected.to contain_neutron_config('DEFAULT/ssl_key_file').with_value('/path/to/key') }
it { is_expected.to contain_neutron_config('DEFAULT/ssl_ca_file').with_value('/path/to/ca') }
end
shared_examples_for 'with SSL socket options set with wrong parameters' do
@ -183,10 +193,10 @@ describe 'neutron' do
)
end
it { should contain_neutron_config('DEFAULT/use_ssl').with_value('false') }
it { should contain_neutron_config('DEFAULT/ssl_cert_file').with_ensure('absent') }
it { should contain_neutron_config('DEFAULT/ssl_key_file').with_ensure('absent') }
it { should contain_neutron_config('DEFAULT/ssl_ca_file').with_ensure('absent') }
it { is_expected.to contain_neutron_config('DEFAULT/use_ssl').with_value('false') }
it { is_expected.to contain_neutron_config('DEFAULT/ssl_cert_file').with_ensure('absent') }
it { is_expected.to contain_neutron_config('DEFAULT/ssl_key_file').with_ensure('absent') }
it { is_expected.to contain_neutron_config('DEFAULT/ssl_ca_file').with_ensure('absent') }
end
shared_examples_for 'with SSL socket options set and no ca_file' do
@ -198,10 +208,10 @@ describe 'neutron' do
)
end
it { should contain_neutron_config('DEFAULT/use_ssl').with_value('true') }
it { should contain_neutron_config('DEFAULT/ssl_cert_file').with_value('/path/to/cert') }
it { should contain_neutron_config('DEFAULT/ssl_key_file').with_value('/path/to/key') }
it { should contain_neutron_config('DEFAULT/ssl_ca_file').with_ensure('absent') }
it { is_expected.to contain_neutron_config('DEFAULT/use_ssl').with_value('true') }
it { is_expected.to contain_neutron_config('DEFAULT/ssl_cert_file').with_value('/path/to/cert') }
it { is_expected.to contain_neutron_config('DEFAULT/ssl_key_file').with_value('/path/to/key') }
it { is_expected.to contain_neutron_config('DEFAULT/ssl_ca_file').with_ensure('absent') }
end
shared_examples_for 'with SSL socket options disabled with ca_file' do
@ -216,7 +226,7 @@ describe 'neutron' do
end
shared_examples_for 'with syslog disabled' do
it { should contain_neutron_config('DEFAULT/use_syslog').with_value(false) }
it { is_expected.to contain_neutron_config('DEFAULT/use_syslog').with_value(false) }
end
shared_examples_for 'with SSL enabled with kombu' do
@ -226,16 +236,16 @@ describe 'neutron' do
:kombu_ssl_ca_certs => '/path/to/ssl/ca/certs',
:kombu_ssl_certfile => '/path/to/ssl/cert/file',
:kombu_ssl_keyfile => '/path/to/ssl/keyfile',
:kombu_ssl_version => 'SSLv3'
:kombu_ssl_version => 'TLSv1'
)
end
it do
should contain_neutron_config('DEFAULT/rabbit_use_ssl').with_value('true')
should contain_neutron_config('DEFAULT/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs')
should contain_neutron_config('DEFAULT/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file')
should contain_neutron_config('DEFAULT/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile')
should contain_neutron_config('DEFAULT/kombu_ssl_version').with_value('SSLv3')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1')
end
end
@ -247,11 +257,11 @@ describe 'neutron' do
end
it do
should contain_neutron_config('DEFAULT/rabbit_use_ssl').with_value('true')
should contain_neutron_config('DEFAULT/kombu_ssl_ca_certs').with_ensure('absent')
should contain_neutron_config('DEFAULT/kombu_ssl_certfile').with_ensure('absent')
should contain_neutron_config('DEFAULT/kombu_ssl_keyfile').with_ensure('absent')
should contain_neutron_config('DEFAULT/kombu_ssl_version').with_value('SSLv3')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1')
end
end
@ -259,16 +269,16 @@ describe 'neutron' do
before do
params.merge!(
:rabbit_use_ssl => false,
:kombu_ssl_version => 'SSLv3'
:kombu_ssl_version => 'TLSv1'
)
end
it do
should contain_neutron_config('DEFAULT/rabbit_use_ssl').with_value('false')
should contain_neutron_config('DEFAULT/kombu_ssl_ca_certs').with_ensure('absent')
should contain_neutron_config('DEFAULT/kombu_ssl_certfile').with_ensure('absent')
should contain_neutron_config('DEFAULT/kombu_ssl_keyfile').with_ensure('absent')
should contain_neutron_config('DEFAULT/kombu_ssl_version').with_ensure('absent')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent')
is_expected.to contain_neutron_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent')
end
end
@ -326,8 +336,8 @@ describe 'neutron' do
end
it do
should contain_neutron_config('DEFAULT/use_syslog').with_value(true)
should contain_neutron_config('DEFAULT/syslog_log_facility').with_value('LOG_USER')
is_expected.to contain_neutron_config('DEFAULT/use_syslog').with_value(true)
is_expected.to contain_neutron_config('DEFAULT/syslog_log_facility').with_value('LOG_USER')
end
end
@ -340,8 +350,8 @@ describe 'neutron' do
end
it do
should contain_neutron_config('DEFAULT/use_syslog').with_value(true)
should contain_neutron_config('DEFAULT/syslog_log_facility').with_value('LOG_LOCAL0')
is_expected.to contain_neutron_config('DEFAULT/use_syslog').with_value(true)
is_expected.to contain_neutron_config('DEFAULT/syslog_log_facility').with_value('LOG_LOCAL0')
end
end
@ -353,8 +363,8 @@ describe 'neutron' do
)
end
it 'configures logging' do
should contain_neutron_config('DEFAULT/log_file').with_value(params[:log_file])
should contain_neutron_config('DEFAULT/log_dir').with_value(params[:log_dir])
is_expected.to contain_neutron_config('DEFAULT/log_file').with_value(params[:log_file])
is_expected.to contain_neutron_config('DEFAULT/log_dir').with_value(params[:log_dir])
end
end
@ -364,13 +374,24 @@ describe 'neutron' do
:log_dir => false
)}
it {
should contain_neutron_config('DEFAULT/log_file').with_ensure('absent')
should contain_neutron_config('DEFAULT/log_dir').with_ensure('absent')
is_expected.to contain_neutron_config('DEFAULT/log_file').with_ensure('absent')
is_expected.to contain_neutron_config('DEFAULT/log_dir').with_ensure('absent')
}
end
shared_examples_for 'with state and lock paths set' do
before { params.merge!(
:state_path => 'state_path',
:lock_path => 'lock_path'
)}
it {
is_expected.to contain_neutron_config('DEFAULT/state_path').with_value('state_path')
is_expected.to contain_neutron_config('DEFAULT/lock_path').with_value('lock_path')
}
end
shared_examples_for 'without service_plugins' do
it { should_not contain_neutron_config('DEFAULT/service_plugins') }
it { is_expected.not_to contain_neutron_config('DEFAULT/service_plugins') }
end
shared_examples_for 'with service_plugins' do
@ -381,7 +402,24 @@ describe 'neutron' do
end
it do
should contain_neutron_config('DEFAULT/service_plugins').with_value('router,firewall,lbaas,vpnaas,metering')
is_expected.to contain_neutron_config('DEFAULT/service_plugins').with_value('router,firewall,lbaas,vpnaas,metering')
end
end
shared_examples_for 'without memcache_servers' do
it { is_expected.to contain_neutron_config('DEFAULT/memcached_servers').with_ensure('absent') }
end
shared_examples_for 'with memcache_servers' do
before do
params.merge!(
:memcache_servers => ['memcache1','memcache2','memcache3']
)
end
it do
is_expected.to contain_neutron_config('DEFAULT/memcached_servers').with_value('memcache1,memcache2,memcache3')
end
end
@ -394,13 +432,13 @@ describe 'neutron' do
end
it do
should contina_neutron_config('DEFAULT/network_device_mtu').with_value(params[:newtork_device_mtu])
is_expected.to contain_neutron_config('DEFAULT/network_device_mtu').with_value(params[:network_device_mtu])
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
let :platform_params do
@ -412,7 +450,7 @@ describe 'neutron' do
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
let :platform_params do

141
deployment/puppet/neutron/spec/classes/neutron_keystone_auth_spec.rb
View File

@ -2,6 +2,12 @@ require 'spec_helper'
describe 'neutron::keystone::auth' do
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
describe 'with default class parameters' do
let :params do
{
@ -10,28 +16,28 @@ describe 'neutron::keystone::auth' do
}
end
it { should contain_keystone_user('neutron').with(
it { is_expected.to contain_keystone_user('neutron').with(
:ensure => 'present',
:password => 'neutron_password',
:tenant => 'foobar'
) }
it { should contain_keystone_user_role('neutron@foobar').with(
it { is_expected.to contain_keystone_user_role('neutron@foobar').with(
:ensure => 'present',
:roles => 'admin'
:roles => ['admin']
)}
it { should contain_keystone_service('neutron').with(
it { is_expected.to contain_keystone_service('neutron').with(
:ensure => 'present',
:type => 'network',
:description => 'Neutron Networking Service'
) }
it { should contain_keystone_endpoint('RegionOne/neutron').with(
it { is_expected.to contain_keystone_endpoint('RegionOne/neutron').with(
:ensure => 'present',
:public_url => "http://127.0.0.1:9696/",
:admin_url => "http://127.0.0.1:9696/",
:internal_url => "http://127.0.0.1:9696/"
:public_url => "http://127.0.0.1:9696",
:admin_url => "http://127.0.0.1:9696",
:internal_url => "http://127.0.0.1:9696"
) }
end
@ -42,7 +48,7 @@ describe 'neutron::keystone::auth' do
end
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
let :params do
@ -52,49 +58,48 @@ describe 'neutron::keystone::auth' do
}
end
it { should contain_keystone_endpoint('RegionOne/neutron').with_notify('Service[neutron-server]') }
it { is_expected.to contain_keystone_endpoint('RegionOne/neutron').with_notify(['Service[neutron-server]']) }
end
describe 'when overriding public_protocol, public_port and public address' do
describe 'with endpoint URL parameters' do
let :params do
{
:password => 'neutron_password',
:public_protocol => 'https',
:public_port => '80',
:public_address => '10.10.10.10',
:port => '81',
:internal_address => '10.10.10.11',
:admin_address => '10.10.10.12'
:password => 'neutron_password',
:public_url => 'https://10.10.10.10:80',
:internal_url => 'https://10.10.10.11:81',
:admin_url => 'https://10.10.10.12:81'
}
end
it { should contain_keystone_endpoint('RegionOne/neutron').with(
it { is_expected.to contain_keystone_endpoint('RegionOne/neutron').with(
:ensure => 'present',
:public_url => "https://10.10.10.10:80/",
:internal_url => "http://10.10.10.11:81/",
:admin_url => "http://10.10.10.12:81/"
:public_url => 'https://10.10.10.10:80',
:internal_url => 'https://10.10.10.11:81',
:admin_url => 'https://10.10.10.12:81'
) }
end
describe 'when overriding admin_protocol and internal_protocol' do
describe 'with deprecated endpoint parameters' do
let :params do
{
:password => 'neutron_password',
:admin_protocol => 'https',
:public_protocol => 'https',
:public_port => '80',
:public_address => '10.10.10.10',
:port => '81',
:internal_protocol => 'https',
:internal_address => '10.10.10.11',
:admin_protocol => 'https',
:admin_address => '10.10.10.12'
}
end
it { should contain_keystone_endpoint('RegionOne/neutron').with(
it { is_expected.to contain_keystone_endpoint('RegionOne/neutron').with(
:ensure => 'present',
:public_url => "http://127.0.0.1:9696/",
:admin_url => "https://127.0.0.1:9696/",
:internal_url => "https://127.0.0.1:9696/"
:public_url => "https://10.10.10.10:80",
:internal_url => "https://10.10.10.11:81",
:admin_url => "https://10.10.10.12:81"
) }
end
describe 'when overriding auth name' do
@ -106,13 +111,13 @@ describe 'neutron::keystone::auth' do
}
end
it { should contain_keystone_user('neutrony') }
it { is_expected.to contain_keystone_user('neutrony') }
it { should contain_keystone_user_role('neutrony@services') }
it { is_expected.to contain_keystone_user_role('neutrony@services') }
it { should contain_keystone_service('neutrony') }
it { is_expected.to contain_keystone_service('neutrony') }
it { should contain_keystone_endpoint('RegionOne/neutrony') }
it { is_expected.to contain_keystone_endpoint('RegionOne/neutrony') }
end
@ -125,10 +130,66 @@ describe 'neutron::keystone::auth' do
}
end
it { should contain_keystone_user('neutron') }
it { should contain_keystone_user_role('neutron@services') }
it { should contain_keystone_service('neutron_service') }
it { should contain_keystone_endpoint('RegionOne/neutron_service') }
it { is_expected.to contain_keystone_user('neutron') }
it { is_expected.to contain_keystone_user_role('neutron@services') }
it { is_expected.to contain_keystone_service('neutron_service') }
it { is_expected.to contain_keystone_endpoint('RegionOne/neutron_service') }
end
describe 'when disabling user configuration' do
let :params do
{
:password => 'neutron_password',
:configure_user => false
}
end
it { is_expected.not_to contain_keystone_user('neutron') }
it { is_expected.to contain_keystone_user_role('neutron@services') }
it { is_expected.to contain_keystone_service('neutron').with(
:ensure => 'present',
:type => 'network',
:description => 'Neutron Networking Service'
) }
end
describe 'when disabling user and user role configuration' do
let :params do
{
:password => 'neutron_password',
:configure_user => false,
:configure_user_role => false
}
end
it { is_expected.not_to contain_keystone_user('neutron') }
it { is_expected.not_to contain_keystone_user_role('neutron@services') }
it { is_expected.to contain_keystone_service('neutron').with(
:ensure => 'present',
:type => 'network',
:description => 'Neutron Networking Service'
) }
end
describe 'when disabling endpoint configuration' do
let :params do
{
:password => 'neutron_password',
:configure_endpoint => false
}
end
it { is_expected.to_not contain_keystone_endpoint('RegionOne/neutron') }
end

14
deployment/puppet/neutron/spec/classes/neutron_plugins_cisco_ml2_spec.rb
View File

@ -24,13 +24,14 @@ describe 'neutron::plugins::ml2::cisco::nexus' do
end
let :facts do
{ :osfamily => 'Debian' }
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default',
:osfamily => 'Debian'
}
end
context 'fail when missing nexus_config' do
it 'should fails to configure cisco nexus driver' do
expect { subject }.to raise_error(Puppet::Error, /No nexus config specified/)
end
it_raises 'a Puppet::Error', /No nexus config specified/
end
context 'when using cisco' do
@ -52,8 +53,9 @@ describe 'neutron::plugins::ml2::cisco::nexus' do
end
it 'installs ncclient package' do
should contain_package('python-ncclient').with(
:ensure => 'installed'
is_expected.to contain_package('python-ncclient').with(
:ensure => 'installed',
:tag => 'openstack'
)
end

62
deployment/puppet/neutron/spec/classes/neutron_plugins_cisco_spec.rb
View File

@ -33,6 +33,12 @@ describe 'neutron::plugins::cisco' do
}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
shared_examples_for 'default cisco plugin' do
before do
@ -40,15 +46,15 @@ describe 'neutron::plugins::cisco' do
end
it 'should create plugin symbolic link' do
should contain_file('/etc/neutron/plugin.ini').with(
is_expected.to contain_file('/etc/neutron/plugin.ini').with(
:ensure => 'link',
:target => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini',
:require => 'Package[neutron-plugin-ovs]'
:target => '/etc/neutron/plugins/cisco/cisco_plugins.ini',
:require => 'Package[neutron-plugin-cisco]'
)
end
it 'should have a plugin config folder' do
should contain_file('/etc/neutron/plugins').with(
is_expected.to contain_file('/etc/neutron/plugins').with(
:ensure => 'directory',
:owner => 'root',
:group => 'neutron',
@ -57,7 +63,7 @@ describe 'neutron::plugins::cisco' do
end
it 'should have a cisco plugin config folder' do
should contain_file('/etc/neutron/plugins/cisco').with(
is_expected.to contain_file('/etc/neutron/plugins/cisco').with(
:ensure => 'directory',
:owner => 'root',
:group => 'neutron',
@ -66,54 +72,54 @@ describe 'neutron::plugins::cisco' do
end
it 'should perform default l2 configuration' do
should contain_neutron_plugin_cisco_l2network('VLANS/vlan_start').\
is_expected.to contain_neutron_plugin_cisco_l2network('VLANS/vlan_start').\
with_value(params[:vlan_start])
should contain_neutron_plugin_cisco_l2network('VLANS/vlan_end').\
is_expected.to contain_neutron_plugin_cisco_l2network('VLANS/vlan_end').\
with_value(params[:vlan_end])
should contain_neutron_plugin_cisco_l2network('VLANS/vlan_name_prefix').\
is_expected.to contain_neutron_plugin_cisco_l2network('VLANS/vlan_name_prefix').\
with_value(params[:vlan_name_prefix])
should contain_neutron_plugin_cisco_l2network('MODEL/model_class').\
is_expected.to contain_neutron_plugin_cisco_l2network('MODEL/model_class').\
with_value(params[:model_class])
should contain_neutron_plugin_cisco_l2network('PORTS/max_ports').\
is_expected.to contain_neutron_plugin_cisco_l2network('PORTS/max_ports').\
with_value(params[:max_ports])
should contain_neutron_plugin_cisco_l2network('PORTPROFILES/max_port_profiles').\
is_expected.to contain_neutron_plugin_cisco_l2network('PORTPROFILES/max_port_profiles').\
with_value(params[:max_port_profiles])
should contain_neutron_plugin_cisco_l2network('NETWORKS/max_networks').\
is_expected.to contain_neutron_plugin_cisco_l2network('NETWORKS/max_networks').\
with_value(params[:max_networks])
should contain_neutron_plugin_cisco_l2network('SEGMENTATION/manager_class').\
is_expected.to contain_neutron_plugin_cisco_l2network('SEGMENTATION/manager_class').\
with_value(params[:manager_class])
end
it 'should create a dummy inventory item' do
should contain_neutron_plugin_cisco('INVENTORY/dummy').\
is_expected.to contain_neutron_plugin_cisco('INVENTORY/dummy').\
with_value('dummy')
end
it 'should configure the db connection' do
should contain_neutron_plugin_cisco_db_conn('DATABASE/name').\
is_expected.to contain_neutron_plugin_cisco_db_conn('DATABASE/name').\
with_value(params[:database_name])
should contain_neutron_plugin_cisco_db_conn('DATABASE/user').\
is_expected.to contain_neutron_plugin_cisco_db_conn('DATABASE/user').\
with_value(params[:database_user])
should contain_neutron_plugin_cisco_db_conn('DATABASE/pass').\
is_expected.to contain_neutron_plugin_cisco_db_conn('DATABASE/pass').\
with_value(params[:database_pass])
should contain_neutron_plugin_cisco_db_conn('DATABASE/host').\
is_expected.to contain_neutron_plugin_cisco_db_conn('DATABASE/host').\
with_value(params[:database_host])
end
it 'should configure the admin credentials' do
should contain_neutron_plugin_cisco_credentials('keystone/username').\
is_expected.to contain_neutron_plugin_cisco_credentials('keystone/username').\
with_value(params[:keystone_username])
should contain_neutron_plugin_cisco_credentials('keystone/password').\
is_expected.to contain_neutron_plugin_cisco_credentials('keystone/password').\
with_value(params[:keystone_password])
should contain_neutron_plugin_cisco_credentials('keystone/password').with_secret( true )
should contain_neutron_plugin_cisco_credentials('keystone/auth_url').\
is_expected.to contain_neutron_plugin_cisco_credentials('keystone/password').with_secret( true )
is_expected.to contain_neutron_plugin_cisco_credentials('keystone/auth_url').\
with_value(params[:keystone_auth_url])
should contain_neutron_plugin_cisco_credentials('keystone/tenant').\
is_expected.to contain_neutron_plugin_cisco_credentials('keystone/tenant').\
with_value(params[:keystone_tenant])
end
it 'should perform vswitch plugin configuration' do
should contain_neutron_plugin_cisco('PLUGINS/vswitch_plugin').\
is_expected.to contain_neutron_plugin_cisco('PLUGINS/vswitch_plugin').\
with_value('neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2')
end
@ -123,7 +129,7 @@ describe 'neutron::plugins::cisco' do
end
it 'should perform nexus plugin configuration' do
should contain_neutron_plugin_cisco('PLUGINS/nexus_plugin').\
is_expected.to contain_neutron_plugin_cisco('PLUGINS/nexus_plugin').\
with_value('neutron.plugins.cisco.nexus.cisco_nexus_plugin_v2.NexusPlugin')
end
end
@ -131,7 +137,7 @@ describe 'neutron::plugins::cisco' do
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
context 'on Ubuntu operating systems' do
@ -140,7 +146,7 @@ describe 'neutron::plugins::cisco' do
end
it 'configures /etc/default/neutron-server' do
should contain_file_line('/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG').with(
is_expected.to contain_file_line('/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG').with(
:path => '/etc/default/neutron-server',
:match => '^NEUTRON_PLUGIN_CONFIG=(.*)$',
:line => 'NEUTRON_PLUGIN_CONFIG=/etc/neutron/plugins/cisco/cisco_plugins.ini',
@ -162,7 +168,7 @@ describe 'neutron::plugins::cisco' do
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
it_configures 'default cisco plugin'

92
deployment/puppet/neutron/spec/classes/neutron_plugins_linuxbridge_spec.rb
View File

@ -1,92 +0,0 @@
require 'spec_helper'
describe 'neutron::plugins::linuxbridge' do
let :pre_condition do
"class { 'neutron': rabbit_password => 'passw0rd' }"
end
let :params do
{ :sql_connection => false,
:network_vlan_ranges => 'physnet0:100:109',
:tenant_network_type => 'vlan',
:package_ensure => 'installed'
}
end
shared_examples_for 'neutron linuxbridge plugin' do
it { should contain_class('neutron::params') }
it 'installs neutron linuxbridge plugin package' do
should contain_package('neutron-plugin-linuxbridge').with(
:ensure => params[:package_ensure],
:name => platform_params[:linuxbridge_plugin_package]
)
end
it 'configures linuxbridge_conf.ini' do
should contain_neutron_plugin_linuxbridge('VLANS/tenant_network_type').with(
:value => params[:tenant_network_type]
)
should contain_neutron_plugin_linuxbridge('VLANS/network_vlan_ranges').with(
:value => params[:network_vlan_ranges]
)
end
it 'should create plugin symbolic link' do
should contain_file('/etc/neutron/plugin.ini').with(
:ensure => 'link',
:target => '/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini',
:require => 'Package[neutron-plugin-linuxbridge]'
)
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
end
let :platform_params do
{ :linuxbridge_plugin_package => 'neutron-plugin-linuxbridge' }
end
context 'on Ubuntu operating systems' do
before do
facts.merge!({:operatingsystem => 'Ubuntu'})
end
it 'configures /etc/default/neutron-server' do
should contain_file_line('/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG').with(
:path => '/etc/default/neutron-server',
:match => '^NEUTRON_PLUGIN_CONFIG=(.*)$',
:line => 'NEUTRON_PLUGIN_CONFIG=/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini',
:require => ['Package[neutron-plugin-linuxbridge]', 'Package[neutron-server]'],
:notify => 'Service[neutron-server]'
)
end
it_configures 'neutron linuxbridge plugin'
end
context 'on Debian operating systems' do
before do
facts.merge!({:operatingsystem => 'Debian'})
end
it_configures 'neutron linuxbridge plugin'
end
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
end
let :platform_params do
{ :linuxbridge_plugin_package => 'openstack-neutron-linuxbridge' }
end
it_configures 'neutron linuxbridge plugin'
end
end

77
deployment/puppet/neutron/spec/classes/neutron_plugins_midonet_spec.rb Normal file
View File

@ -0,0 +1,77 @@
require 'spec_helper'
describe 'neutron::plugins::midonet' do
let :pre_condition do
"class { 'neutron::server': auth_password => 'password' }
class { 'neutron': rabbit_password => 'passw0rd' }
package { 'python-neutron-plugin-midonet': }"
end
let :default_params do
{
:midonet_api_ip => '127.0.0.1',
:midonet_api_port => '8080',
:keystone_username => 'neutron',
:keystone_password => 'test_midonet',
:keystone_tenant => 'services'
}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
shared_examples_for 'neutron midonet plugin' do
let :params do
{}
end
before do
params.merge!(default_params)
end
it 'should create plugin symbolic link' do
is_expected.to contain_file('/etc/neutron/plugin.ini').with(
:ensure => 'link',
:target => '/etc/neutron/plugins/midonet/midonet.ini',
:require => 'Package[python-neutron-plugin-midonet]')
end
it 'should perform default configuration of' do
midonet_uri = "http://" + params[:midonet_api_ip] + ":" + params[:midonet_api_port] + "/midonet-api";
is_expected.to contain_neutron_plugin_midonet('MIDONET/midonet_uri').with_value(midonet_uri)
is_expected.to contain_neutron_plugin_midonet('MIDONET/username').with_value(params[:keystone_username])
is_expected.to contain_neutron_plugin_midonet('MIDONET/password').with_value(params[:keystone_password])
is_expected.to contain_neutron_plugin_midonet('MIDONET/project_id').with_value(params[:keystone_tenant])
end
end
context 'on Debian platforms' do
let :facts do
default_facts.merge({ :osfamily => 'Debian'})
end
it 'configures /etc/default/neutron-server' do
is_expected.to contain_file_line('/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG').with(
:path => '/etc/default/neutron-server',
:match => '^NEUTRON_PLUGIN_CONFIG=(.*)$',
:line => 'NEUTRON_PLUGIN_CONFIG=/etc/neutron/plugins/midonet/midonet.ini',
:require => ['Package[neutron-server]', 'Package[python-neutron-plugin-midonet]'],
:notify => 'Service[neutron-server]'
)
end
it_configures 'neutron midonet plugin'
end
context 'on RedHat platforms' do
let :facts do
default_facts.merge({ :osfamily => 'RedHat'})
end
it_configures 'neutron midonet plugin'
end
end

91
deployment/puppet/neutron/spec/classes/neutron_plugins_ml2_spec.rb
View File

@ -40,6 +40,12 @@ describe 'neutron::plugins::ml2' do
:package_ensure => 'present' }
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
let :params do
{}
end
@ -49,20 +55,20 @@ describe 'neutron::plugins::ml2' do
default_params.merge(params)
end
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it 'configures neutron.conf' do
should contain_neutron_config('DEFAULT/core_plugin').with_value('neutron.plugins.ml2.plugin.Ml2Plugin')
is_expected.to contain_neutron_config('DEFAULT/core_plugin').with_value('neutron.plugins.ml2.plugin.Ml2Plugin')
end
it 'configures ml2_conf.ini' do
should contain_neutron_plugin_ml2('ml2/type_drivers').with_value(p[:type_drivers].join(','))
should contain_neutron_plugin_ml2('ml2/tenant_network_types').with_value(p[:tenant_network_types].join(','))
should contain_neutron_plugin_ml2('ml2/mechanism_drivers').with_value(p[:mechanism_drivers].join(','))
is_expected.to contain_neutron_plugin_ml2('ml2/type_drivers').with_value(p[:type_drivers].join(','))
is_expected.to contain_neutron_plugin_ml2('ml2/tenant_network_types').with_value(p[:tenant_network_types].join(','))
is_expected.to contain_neutron_plugin_ml2('ml2/mechanism_drivers').with_value(p[:mechanism_drivers].join(','))
end
it 'creates plugin symbolic link' do
should contain_file('/etc/neutron/plugin.ini').with(
is_expected.to contain_file('/etc/neutron/plugin.ini').with(
:ensure => 'link',
:target => '/etc/neutron/plugins/ml2/ml2_conf.ini'
)
@ -70,11 +76,12 @@ describe 'neutron::plugins::ml2' do
it 'installs ml2 package (if any)' do
if platform_params.has_key?(:ml2_server_package)
should contain_package('neutron-plugin-ml2').with(
is_expected.to contain_package('neutron-plugin-ml2').with(
:name => platform_params[:ml2_server_package],
:ensure => p[:package_ensure]
:ensure => p[:package_ensure],
:tag => 'openstack'
)
should contain_package('neutron-plugin-ml2').with_before(/Neutron_plugin_ml2\[.+\]/)
is_expected.to contain_package('neutron-plugin-ml2').with_before(/Neutron_plugin_ml2\[.+\]/)
end
end
@ -82,9 +89,8 @@ describe 'neutron::plugins::ml2' do
before :each do
params.merge!(:type_drivers => ['foobar'])
end
it 'fails to configure ml2 because foobar is not a valid driver' do
expect { subject }.to raise_error(Puppet::Error, /type_driver unknown./)
end
it_raises 'a Puppet::Error', /type_driver unknown./
end
context 'when using flat driver' do
@ -92,7 +98,7 @@ describe 'neutron::plugins::ml2' do
params.merge!(:flat_networks => ['eth1', 'eth2'])
end
it 'configures flat_networks' do
should contain_neutron_plugin_ml2('ml2_type_flat/flat_networks').with_value(p[:flat_networks].join(','))
is_expected.to contain_neutron_plugin_ml2('ml2_type_flat/flat_networks').with_value(p[:flat_networks].join(','))
end
end
@ -101,7 +107,7 @@ describe 'neutron::plugins::ml2' do
params.merge!(:tunnel_id_ranges => ['0:20', '40:60'])
end
it 'configures gre_networks with valid ranges' do
should contain_neutron_plugin_ml2('ml2_type_gre/tunnel_id_ranges').with_value(p[:tunnel_id_ranges].join(','))
is_expected.to contain_neutron_plugin_ml2('ml2_type_gre/tunnel_id_ranges').with_value(p[:tunnel_id_ranges].join(','))
end
end
@ -109,9 +115,8 @@ describe 'neutron::plugins::ml2' do
before :each do
params.merge!(:tunnel_id_ranges => ['0:20', '40:100000000'])
end
it 'fails to configure gre_networks because of too big range' do
expect { subject }.to raise_error(Puppet::Error, /tunnel id ranges are to large./)
end
it_raises 'a Puppet::Error', /tunnel id ranges are to large./
end
context 'when using vlan driver with valid values' do
@ -119,7 +124,7 @@ describe 'neutron::plugins::ml2' do
params.merge!(:network_vlan_ranges => ['1:20', '400:4094'])
end
it 'configures vlan_networks with 1:20 and 400:4094 VLAN ranges' do
should contain_neutron_plugin_ml2('ml2_type_vlan/network_vlan_ranges').with_value(p[:network_vlan_ranges].join(','))
is_expected.to contain_neutron_plugin_ml2('ml2_type_vlan/network_vlan_ranges').with_value(p[:network_vlan_ranges].join(','))
end
end
@ -127,18 +132,16 @@ describe 'neutron::plugins::ml2' do
before :each do
params.merge!(:network_vlan_ranges => ['1:20', '400:4099'])
end
it 'fails to configure vlan_networks because of 400:4099 VLAN range' do
expect { subject }.to raise_error(Puppet::Error, /vlan id are invalid./)
end
it_raises 'a Puppet::Error', /vlan id are invalid./
end
context 'when using vlan driver with invalid vlan range' do
before :each do
params.merge!(:network_vlan_ranges => ['2938:1'])
end
it 'fails to configure network_vlan_ranges with 2938:1 range' do
expect { subject }.to raise_error(Puppet::Error, /vlan ranges are invalid./)
end
it_raises 'a Puppet::Error', /vlan ranges are invalid./
end
context 'when using vxlan driver with valid values' do
@ -146,8 +149,8 @@ describe 'neutron::plugins::ml2' do
params.merge!(:vni_ranges => ['40:300', '500:1000'], :vxlan_group => '224.1.1.1')
end
it 'configures vxlan_networks with 224.1.1.1 vxlan group' do
should contain_neutron_plugin_ml2('ml2_type_vxlan/vni_ranges').with_value(p[:vni_ranges].join(','))
should contain_neutron_plugin_ml2('ml2_type_vxlan/vxlan_group').with_value(p[:vxlan_group])
is_expected.to contain_neutron_plugin_ml2('ml2_type_vxlan/vni_ranges').with_value(p[:vni_ranges].join(','))
is_expected.to contain_neutron_plugin_ml2('ml2_type_vxlan/vxlan_group').with_value(p[:vxlan_group])
end
end
@ -155,18 +158,16 @@ describe 'neutron::plugins::ml2' do
before :each do
params.merge!(:vxlan_group => '192.1.1.1')
end
it 'fails to configure vxlan_group with 192.1.1.1 vxlan group' do
expect { subject }.to raise_error(Puppet::Error, /is not valid for vxlan_group./)
end
it_raises 'a Puppet::Error', /is not valid for vxlan_group./
end
context 'when using vxlan driver with invalid vni_range' do
before :each do
params.merge!(:vni_ranges => ['2938:1'])
end
it 'fails to configure vni_ranges with 2938:1 range' do
expect { subject }.to raise_error(Puppet::Error, /vni ranges are invalid./)
end
it_raises 'a Puppet::Error', /vni ranges are invalid./
end
context 'when overriding package ensure state' do
@ -175,25 +176,39 @@ describe 'neutron::plugins::ml2' do
end
it 'overrides package ensure state (if possible)' do
if platform_params.has_key?(:ml2_server_package)
should contain_package('neutron-plugin-ml2').with(
is_expected.to contain_package('neutron-plugin-ml2').with(
:name => platform_params[:ml2_server_package],
:ensure => params[:package_ensure]
:ensure => params[:package_ensure],
:tag => 'openstack'
)
end
end
end
context 'when running sriov mechanism driver' do
before :each do
params.merge!(
:mechanism_drivers => ['openvswitch', 'sriovnicswitch'],
:sriov_agent_required => true,
)
end
it 'configures sriov mechanism driver with agent_enabled' do
is_expected.to contain_neutron_plugin_ml2('ml2_sriov/supported_pci_vendor_dev').with_value(['15b3:1004,8086:10ca'])
is_expected.to contain_neutron_plugin_ml2('ml2_sriov/agent_required').with_value('true')
end
end
context 'on Ubuntu operating systems' do
before do
facts.merge!({:operatingsystem => 'Ubuntu'})
end
it 'configures /etc/default/neutron-server' do
should contain_file_line('/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG').with(
is_expected.to contain_file_line('/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG').with(
:path => '/etc/default/neutron-server',
:match => '^NEUTRON_PLUGIN_CONFIG=(.*)$',
:line => 'NEUTRON_PLUGIN_CONFIG=/etc/neutron/plugin.ini',
:require => ['File[/etc/neutron/plugin.ini]']
:require => ['File[/etc/default/neutron-server]','File[/etc/neutron/plugin.ini]']
)
end
end
@ -201,7 +216,7 @@ describe 'neutron::plugins::ml2' do
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
let :platform_params do
@ -228,7 +243,7 @@ describe 'neutron::plugins::ml2' do
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
let :platform_params do

42
deployment/puppet/neutron/spec/classes/neutron_plugins_nvp_spec.rb
View File

@ -14,6 +14,12 @@ describe 'neutron::plugins::nvp' do
:package_ensure => 'present'}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
let :params do
{
:default_tz_uuid => '0344130f-1add-4e86-b36e-ad1c44fe40dc',
@ -31,21 +37,22 @@ describe 'neutron::plugins::nvp' do
default_params.merge(params)
end
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it 'should have' do
should contain_package('neutron-plugin-nvp').with(
is_expected.to contain_package('neutron-plugin-nvp').with(
:name => platform_params[:nvp_server_package],
:ensure => p[:package_ensure]
:ensure => p[:package_ensure],
:tag => 'openstack'
)
end
it 'should configure neutron.conf' do
should contain_neutron_config('DEFAULT/core_plugin').with_value('neutron.plugins.nicira.NeutronPlugin.NvpPluginV2')
is_expected.to contain_neutron_config('DEFAULT/core_plugin').with_value('neutron.plugins.nicira.NeutronPlugin.NvpPluginV2')
end
it 'should create plugin symbolic link' do
should contain_file('/etc/neutron/plugin.ini').with(
is_expected.to contain_file('/etc/neutron/plugin.ini').with(
:ensure => 'link',
:target => '/etc/neutron/plugins/nicira/nvp.ini',
:require => 'Package[neutron-plugin-nvp]'
@ -53,13 +60,13 @@ describe 'neutron::plugins::nvp' do
end
it 'should configure nvp.ini' do
should contain_neutron_plugin_nvp('DEFAULT/default_tz_uuid').with_value(p[:default_tz_uuid])
should contain_neutron_plugin_nvp('nvp/metadata_mode').with_value(p[:metadata_mode])
should contain_neutron_plugin_nvp('DEFAULT/nvp_controllers').with_value(p[:nvp_controllers].join(','))
should contain_neutron_plugin_nvp('DEFAULT/nvp_user').with_value(p[:nvp_user])
should contain_neutron_plugin_nvp('DEFAULT/nvp_password').with_value(p[:nvp_password])
should contain_neutron_plugin_nvp('DEFAULT/nvp_password').with_secret( true )
should_not contain_neutron_plugin_nvp('DEFAULT/default_l3_gw_service_uuid').with_value(p[:default_l3_gw_service_uuid])
is_expected.to contain_neutron_plugin_nvp('DEFAULT/default_tz_uuid').with_value(p[:default_tz_uuid])
is_expected.to contain_neutron_plugin_nvp('nvp/metadata_mode').with_value(p[:metadata_mode])
is_expected.to contain_neutron_plugin_nvp('DEFAULT/nvp_controllers').with_value(p[:nvp_controllers].join(','))
is_expected.to contain_neutron_plugin_nvp('DEFAULT/nvp_user').with_value(p[:nvp_user])
is_expected.to contain_neutron_plugin_nvp('DEFAULT/nvp_password').with_value(p[:nvp_password])
is_expected.to contain_neutron_plugin_nvp('DEFAULT/nvp_password').with_secret( true )
is_expected.not_to contain_neutron_plugin_nvp('DEFAULT/default_l3_gw_service_uuid').with_value(p[:default_l3_gw_service_uuid])
end
context 'configure nvp with optional params' do
@ -68,7 +75,7 @@ describe 'neutron::plugins::nvp' do
end
it 'should configure nvp.ini' do
should contain_neutron_plugin_nvp('DEFAULT/default_l3_gw_service_uuid').with_value(params[:default_l3_gw_service_uuid])
is_expected.to contain_neutron_plugin_nvp('DEFAULT/default_l3_gw_service_uuid').with_value(params[:default_l3_gw_service_uuid])
end
end
@ -78,16 +85,15 @@ describe 'neutron::plugins::nvp' do
rabbit_password => 'passw0rd',
core_plugin => 'foo' }"
end
it 'should fail to configure nvp because core_plugin should contain NvpPluginV2 class' do
expect { subject }.to raise_error(Puppet::Error, /nvp plugin should be the core_plugin in neutron.conf/)
end
it_raises 'a Puppet::Error', /nvp plugin should be the core_plugin in neutron.conf/
end
end
begin
context 'on Debian platforms' do
let :facts do
{:osfamily => 'Debian'}
default_facts.merge({:osfamily => 'Debian'})
end
let :platform_params do
@ -99,7 +105,7 @@ describe 'neutron::plugins::nvp' do
context 'on RedHat platforms' do
let :facts do
{:osfamily => 'RedHat'}
default_facts.merge({:osfamily => 'RedHat'})
end
let :platform_params do

214
deployment/puppet/neutron/spec/classes/neutron_plugins_ovs_spec.rb
View File

@ -1,214 +0,0 @@
require 'spec_helper'
describe 'neutron::plugins::ovs' do
let :pre_condition do
"class { 'neutron': rabbit_password => 'passw0rd' }"
end
let :default_params do
{
:package_ensure => 'present',
:sql_connection => false,
:sql_max_retries => false,
:sql_idle_timeout => false,
:reconnect_interval => false,
:tunnel_id_ranges => '1:1000',
:network_vlan_ranges => 'physnet1:1000:2000'
}
end
let :params do
{ }
end
shared_examples_for 'neutron ovs plugin' do
before do
params.merge!(default_params) { |key, v1, v2| v1 }
end
let :params do
{ :tenant_network_type => 'vlan' }
end
it 'should create plugin symbolic link' do
should contain_file('/etc/neutron/plugin.ini').with(
:ensure => 'link',
:target => '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini',
:require => 'Package[neutron-plugin-ovs]'
)
end
it 'should perform default configuration of' do
should contain_neutron_plugin_ovs('OVS/tenant_network_type').with_value(params[:tenant_network_type])
should contain_package('neutron-plugin-ovs').with(
:name => platform_params[:ovs_server_package],
:ensure => params[:package_ensure]
)
should_not contain_class('vswitch::ovs')
end
context 'with vlan mode' do
let :params do
{ :tenant_network_type => 'vlan' }
end
it 'should perform vlan network configuration' do
should contain_neutron_plugin_ovs('OVS/tenant_network_type').with_value(params[:tenant_network_type])
should contain_neutron_plugin_ovs('OVS/network_vlan_ranges').with_value(params[:network_vlan_ranges])
end
end
context 'with gre tunneling' do
let :params do
{ :tenant_network_type => 'gre', :tunnel_id_ranges => '1:1000'}
end
before do
params.delete(:network_vlan_ranges)
end
it 'should perform gre network configuration' do
should contain_neutron_plugin_ovs('OVS/tenant_network_type').with_value(params[:tenant_network_type])
should contain_neutron_plugin_ovs('OVS/tunnel_id_ranges').with_value(params[:tunnel_id_ranges])
should contain_neutron_plugin_ovs('OVS/network_vlan_ranges').with_ensure('absent')
end
end
context 'with gre tunneling and provider networks' do
let :params do
{ :tenant_network_type => 'gre',
:network_vlan_ranges => 'physnet1:1000:2000',
:tunnel_id_ranges => '1:1000'}
end
it 'should perform gre network configuration' do
should contain_neutron_plugin_ovs('OVS/network_vlan_ranges').with_value(params[:network_vlan_ranges])
should contain_neutron_plugin_ovs('OVS/tenant_network_type').with_value(params[:tenant_network_type])
should contain_neutron_plugin_ovs('OVS/tunnel_id_ranges').with_value(params[:tunnel_id_ranges])
end
end
context 'with vxlan tunneling' do
let :params do
{ :tenant_network_type => 'vxlan',
:vxlan_udp_port => '4789'}
end
before do
params.delete(:network_vlan_ranges)
end
it 'should perform vxlan network configuration' do
should contain_neutron_plugin_ovs('OVS/tenant_network_type').with_value(params[:tenant_network_type])
should contain_neutron_plugin_ovs('OVS/vxlan_udp_port').with_value(params[:vxlan_udp_port])
should contain_neutron_plugin_ovs('OVS/network_vlan_ranges').with_ensure('absent')
end
end
context 'with vxlan tunnelling using bad vxlan_udp_port' do
let :params do
{ :tenant_network_type => 'vxlan',
:vxlan_udp_port => '1',}
end
it 'should fail if invalid port is passed' do
expect { subject }.to raise_error(Puppet::Error, /vxlan udp port is invalid./)
end
end
context 'with vxlan tunnelling using bad tunnel_id_ranges' do
let :params do
{ :tenant_network_type => 'vxlan',
:tunnel_id_ranges => '100:9',}
end
it 'should fail if invalid id range is passed' do
expect { subject }.to raise_error(Puppet::Error, /tunnel id ranges are invalid./)
end
end
context 'with vxlan tunneling and provider networks using bad network_vlan_ranges' do
let :params do
{ :tenant_network_type => 'vxlan',
:network_vlan_ranges => 'physnet1:200:1'}
end
it 'should fail if invalid vlan range is passed' do
expect { subject }.to raise_error(Puppet::Error, /network vlan ranges are invalid./)
end
end
context 'with vxlan tunneling using bad multiple network_vlan_ranges' do
let :params do
{ :tenant_network_type => 'vxlan',
:network_vlan_ranges => ['physnet1:0:100', 'physnet2:1000:1']}
end
it 'should fail if invalid network vlan range is passed' do
expect { subject }.to raise_error(Puppet::Error, /network vlan ranges are invalid/)
end
end
context 'with vxlan tunneling and provider networks' do
let :params do
{ :tenant_network_type => 'vxlan',
:network_vlan_ranges => 'physnet1:1000:2000'}
end
it 'should perform vxlan network configuration' do
should contain_neutron_plugin_ovs('OVS/network_vlan_ranges').with_value(params[:network_vlan_ranges])
should contain_neutron_plugin_ovs('OVS/tenant_network_type').with_value(params[:tenant_network_type])
end
end
context 'with a flat network' do
let :params do
{ :tenant_network_type => 'flat'}
end
it { should contain_neutron_plugin_ovs('OVS/network_vlan_ranges').with_value(params[:network_vlan_ranges]) }
end
context 'with comma separated vlan ranges' do
let :params do
{ :network_vlan_ranges => 'physint1:1000:2000,physext1:100:200' }
end
it { should contain_neutron_plugin_ovs('OVS/network_vlan_ranges').with_value(params[:network_vlan_ranges]) }
end
context 'with vlan ranges in array' do
let :params do
{ :network_vlan_ranges => ['physint1:1000:2000', 'physext1:100:200'] }
end
it { should contain_neutron_plugin_ovs('OVS/network_vlan_ranges').with_value(params[:network_vlan_ranges].join(',')) }
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
end
let :platform_params do
{ :ovs_server_package => 'neutron-plugin-openvswitch' }
end
it_configures 'neutron ovs plugin'
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
end
let :params do
{ :network_vlan_ranges => 'physnet1:1000:2000' }
end
let :platform_params do
{ :ovs_server_package => 'openstack-neutron-openvswitch' }
end
it_configures 'neutron ovs plugin'
end
end

102
deployment/puppet/neutron/spec/classes/neutron_plugins_plumgrid_spec.rb Normal file
View File

@ -0,0 +1,102 @@
require 'spec_helper'
describe 'neutron::plugins::plumgrid' do
let :pre_condition do
"class { 'neutron::server': auth_password => 'password' }
class { 'neutron': rabbit_password => 'passw0rd' }"
end
let :default_params do
{
:director_server => '127.0.0.1',
:director_server_port => '443',
:servertimeout => '99',
:connection => 'http://127.0.0.1:35357/v2.0',
:controller_priv_host => '127.0.0.1'
}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
shared_examples_for 'neutron plumgrid plugin' do
let :params do
{}
end
before do
params.merge!(default_params)
end
it 'installs plumgrid plugin package' do
is_expected.to contain_package('neutron-plugin-plumgrid').with(
:ensure => 'present'
)
end
it 'installs plumgrid plumlib package' do
is_expected.to contain_package('neutron-plumlib-plumgrid').with(
:ensure => 'present'
)
end
it 'should perform default configuration of plumgrid plugin' do
is_expected.to contain_neutron_plugin_plumgrid('PLUMgridDirector/director_server').with_value(params[:director_server])
is_expected.to contain_neutron_plugin_plumgrid('PLUMgridDirector/director_server_port').with_value(params[:director_server_port])
is_expected.to contain_neutron_plugin_plumgrid('PLUMgridDirector/username').with_value(params[:username])
is_expected.to contain_neutron_plugin_plumgrid('PLUMgridDirector/password').with_value(params[:password])
is_expected.to contain_neutron_plugin_plumgrid('PLUMgridDirector/servertimeout').with_value(params[:servertimeout])
is_expected.to contain_neutron_plugin_plumgrid('database/connection').with_value(params[:connection])
end
it 'should perform default configuration of plumgrid plumlib' do
is_expected.to contain_neutron_plumlib_plumgrid('keystone_authtoken/admin_user').with_value('admin')
is_expected.to contain_neutron_plumlib_plumgrid('keystone_authtoken/admin_password').with_value(params[:admin_password])
is_expected.to contain_neutron_plumlib_plumgrid('keystone_authtoken/admin_tenant_name').with_value('admin')
auth_uri = "http://" + params[:controller_priv_host] + ":" + "35357/v2.0";
is_expected.to contain_neutron_plumlib_plumgrid('keystone_authtoken/auth_uri').with_value(auth_uri)
is_expected.to contain_neutron_plumlib_plumgrid('PLUMgridMetadata/enable_pg_metadata').with_value('True')
is_expected.to contain_neutron_plumlib_plumgrid('PLUMgridMetadata/metadata_mode').with_value('local')
end
end
context 'on Debian platforms' do
let :facts do
default_facts.merge({ :osfamily => 'Debian'})
end
it 'configures /etc/default/neutron-server' do
is_expected.to contain_file_line('/etc/default/neutron-server:NEUTRON_PLUGIN_CONFIG').with(
:path => '/etc/default/neutron-server',
:match => '^NEUTRON_PLUGIN_CONFIG=(.*)$',
:line => 'NEUTRON_PLUGIN_CONFIG=/etc/neutron/plugins/plumgrid/plumgrid.ini',
:require => ['Package[neutron-server]', 'Package[neutron-plugin-plumgrid]'],
:notify => 'Service[neutron-server]'
)
end
it_configures 'neutron plumgrid plugin'
end
context 'on RedHat platforms' do
let :facts do
default_facts.merge({ :osfamily => 'RedHat'})
end
it 'should create plugin symbolic link' do
is_expected.to contain_file('/etc/neutron/plugin.ini').with(
:ensure => 'link',
:target => '/etc/neutron/plugins/plumgrid/plumgrid.ini',
:require => 'Package[neutron-plugin-plumgrid]')
end
it_configures 'neutron plumgrid plugin'
end
end

47
deployment/puppet/neutron/spec/classes/neutron_policy_spec.rb Normal file
View File

@ -0,0 +1,47 @@
require 'spec_helper'
describe 'neutron::policy' do
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
shared_examples_for 'neutron policies' do
let :params do
{
:policy_path => '/etc/neutron/policy.json',
:policies => {
'context_is_admin' => {
'key' => 'context_is_admin',
'value' => 'foo:bar'
}
}
}
end
it 'set up the policies' do
is_expected.to contain_openstacklib__policy__base('context_is_admin').with({
:key => 'context_is_admin',
:value => 'foo:bar'
})
end
end
context 'on Debian platforms' do
let :facts do
default_facts.merge({ :osfamily => 'Debian' })
end
it_configures 'neutron policies'
end
context 'on RedHat platforms' do
let :facts do
default_facts.merge({ :osfamily => 'RedHat' })
end
it_configures 'neutron policies'
end
end

8
deployment/puppet/neutron/spec/classes/neutron_quota_spec.rb
View File

@ -28,6 +28,12 @@ describe 'neutron::quota' do
:quota_vip => 10 }
end
let :facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
shared_examples_for 'neutron quota' do
let :params_hash do
default_params.merge(params)
@ -35,7 +41,7 @@ describe 'neutron::quota' do
it 'configures quota in neutron.conf' do
params_hash.each_pair do |config,value|
should contain_neutron_config("quotas/#{config}").with_value( value )
is_expected.to contain_neutron_config("quotas/#{config}").with_value( value )
end
end
end

84
deployment/puppet/neutron/spec/classes/neutron_server_notifications_spec.rb
View File

@ -17,7 +17,7 @@ require 'spec_helper'
describe 'neutron::server::notifications' do
let :pre_condition do
'define keystone_user ($name) {}'
'define keystone_user() {}'
end
let :default_params do
@ -29,10 +29,16 @@ describe 'neutron::server::notifications' do
:nova_admin_auth_url => 'http://127.0.0.1:35357/v2.0',
:nova_admin_username => 'nova',
:nova_admin_tenant_name => 'services',
:nova_region_name => 'RegionOne'
:nova_region_name => nil,
}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
let :params do
{
:nova_admin_password => 'secrete',
@ -46,16 +52,16 @@ describe 'neutron::server::notifications' do
end
it 'configure neutron.conf' do
should contain_neutron_config('DEFAULT/notify_nova_on_port_status_changes').with_value(true)
should contain_neutron_config('DEFAULT/notify_nova_on_port_data_changes').with_value(true)
should contain_neutron_config('DEFAULT/send_events_interval').with_value('2')
should contain_neutron_config('DEFAULT/nova_url').with_value('http://127.0.0.1:8774/v2')
should contain_neutron_config('DEFAULT/nova_admin_auth_url').with_value('http://127.0.0.1:35357/v2.0')
should contain_neutron_config('DEFAULT/nova_admin_username').with_value('nova')
should contain_neutron_config('DEFAULT/nova_admin_password').with_value('secrete')
should contain_neutron_config('DEFAULT/nova_admin_password').with_secret( true )
should contain_neutron_config('DEFAULT/nova_region_name').with_value('RegionOne')
should contain_neutron_config('DEFAULT/nova_admin_tenant_id').with_value('UUID')
is_expected.to contain_neutron_config('DEFAULT/notify_nova_on_port_status_changes').with_value(true)
is_expected.to contain_neutron_config('DEFAULT/notify_nova_on_port_data_changes').with_value(true)
is_expected.to contain_neutron_config('DEFAULT/send_events_interval').with_value('2')
is_expected.to contain_neutron_config('DEFAULT/nova_url').with_value('http://127.0.0.1:8774/v2')
is_expected.to contain_neutron_config('DEFAULT/nova_admin_auth_url').with_value('http://127.0.0.1:35357/v2.0')
is_expected.to contain_neutron_config('DEFAULT/nova_admin_username').with_value('nova')
is_expected.to contain_neutron_config('DEFAULT/nova_admin_password').with_value('secrete')
is_expected.to contain_neutron_config('DEFAULT/nova_admin_password').with_secret( true )
is_expected.to contain_neutron_config('DEFAULT/nova_admin_tenant_id').with_value('UUID')
is_expected.to contain_neutron_config('DEFAULT/nova_region_name').with_ensure('absent')
end
context 'when overriding parameters' do
@ -72,49 +78,47 @@ describe 'neutron::server::notifications' do
)
end
it 'should configure neutron server with overrided parameters' do
should contain_neutron_config('DEFAULT/notify_nova_on_port_status_changes').with_value(false)
should contain_neutron_config('DEFAULT/notify_nova_on_port_data_changes').with_value(false)
should contain_neutron_config('DEFAULT/send_events_interval').with_value('10')
should contain_neutron_config('DEFAULT/nova_url').with_value('http://nova:8774/v3')
should contain_neutron_config('DEFAULT/nova_admin_auth_url').with_value('http://keystone:35357/v2.0')
should contain_neutron_config('DEFAULT/nova_admin_username').with_value('joe')
should contain_neutron_config('DEFAULT/nova_admin_password').with_value('secrete')
should contain_neutron_config('DEFAULT/nova_admin_password').with_secret( true )
should contain_neutron_config('DEFAULT/nova_region_name').with_value('MyRegion')
should contain_neutron_config('DEFAULT/nova_admin_tenant_id').with_value('UUID2')
is_expected.to contain_neutron_config('DEFAULT/notify_nova_on_port_status_changes').with_value(false)
is_expected.to contain_neutron_config('DEFAULT/notify_nova_on_port_data_changes').with_value(false)
is_expected.to contain_neutron_config('DEFAULT/send_events_interval').with_value('10')
is_expected.to contain_neutron_config('DEFAULT/nova_url').with_value('http://nova:8774/v3')
is_expected.to contain_neutron_config('DEFAULT/nova_admin_auth_url').with_value('http://keystone:35357/v2.0')
is_expected.to contain_neutron_config('DEFAULT/nova_admin_username').with_value('joe')
is_expected.to contain_neutron_config('DEFAULT/nova_admin_password').with_value('secrete')
is_expected.to contain_neutron_config('DEFAULT/nova_admin_password').with_secret( true )
is_expected.to contain_neutron_config('DEFAULT/nova_region_name').with_value('MyRegion')
is_expected.to contain_neutron_config('DEFAULT/nova_admin_tenant_id').with_value('UUID2')
end
end
context 'when no nova_admin_password is specified' do
before :each do
params.merge!(:nova_admin_password => '')
end
it 'should fail to configure neutron server' do
expect { subject }.to raise_error(Puppet::Error, /nova_admin_password must be set./)
params.merge!({ :nova_admin_password => false })
end
it_raises 'a Puppet::Error', /nova_admin_password must be set./
end
context 'when no nova_admin_tenant_id and nova_admin_tenant_name specified' do
before :each do
params.merge!(
:nova_admin_tenant_id => '',
:nova_admin_tenant_name => ''
)
end
it 'should fail to configure neutron server' do
expect { subject }.to raise_error(Puppet::Error, /You must provide either nova_admin_tenant_name or nova_admin_tenant_id./)
params.merge!({
:nova_admin_tenant_name => false,
:nova_admin_tenant_id => false,
})
end
it_raises 'a Puppet::Error', /You must provide either nova_admin_tenant_name or nova_admin_tenant_id./
end
context 'when providing a tenant name' do
before :each do
params.merge!(
:nova_admin_tenant_id => '',
:nova_admin_tenant_name => 'services'
)
params.merge!({
:nova_admin_tenant_name => 'services',
:nova_admin_tenant_id => false,
})
end
it 'should configure nova admin tenant id' do
should contain_nova_admin_tenant_id_setter('nova_admin_tenant_id').with(
is_expected.to contain_nova_admin_tenant_id_setter('nova_admin_tenant_id').with(
:ensure => 'present',
:tenant_name => 'services',
:auth_url => 'http://127.0.0.1:35357/v2.0',
@ -127,7 +131,7 @@ describe 'neutron::server::notifications' do
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
default_facts.merge({ :osfamily => 'Debian' })
end
let :platform_params do
@ -139,7 +143,7 @@ describe 'neutron::server::notifications' do
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
let :platform_params do

322
deployment/puppet/neutron/spec/classes/neutron_server_spec.rb
View File

@ -12,22 +12,35 @@ describe 'neutron::server' do
end
let :default_params do
{ :package_ensure => 'present',
:enabled => true,
:auth_type => 'keystone',
:auth_host => 'localhost',
:auth_port => '35357',
:auth_tenant => 'services',
:auth_user => 'neutron',
:database_connection => 'sqlite:////var/lib/neutron/ovs.sqlite',
:database_max_retries => '10',
:state_path => '/var/lib/neutron',
:lock_path => '/var/lib/neutron/lock',
:database_idle_timeout => '3600',
:database_retry_interval => '10',
:sync_db => false,
:agent_down_time => '75',
:router_scheduler_driver => 'neutron.scheduler.l3_agent_scheduler.ChanceScheduler',
{ :package_ensure => 'present',
:enabled => true,
:auth_type => 'keystone',
:auth_host => 'localhost',
:auth_port => '35357',
:auth_tenant => 'services',
:auth_user => 'neutron',
:database_connection => 'sqlite:////var/lib/neutron/ovs.sqlite',
:database_max_retries => 10,
:database_idle_timeout => 3600,
:database_retry_interval => 10,
:database_min_pool_size => 1,
:database_max_pool_size => 10,
:database_max_overflow => 20,
:sync_db => false,
:agent_down_time => 75,
:router_scheduler_driver => 'neutron.scheduler.l3_agent_scheduler.ChanceScheduler',
:router_distributed => false,
:l3_ha => false,
:max_l3_agents_per_router => 3,
:min_l3_agents_per_router => 2,
:l3_ha_net_cidr => '169.254.192.0/18',
:allow_automatic_l3agent_failover => false
}
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
@ -37,57 +50,61 @@ describe 'neutron::server' do
end
it 'should perform default database configuration of' do
should contain_neutron_config('database/connection').with_value(p[:database_connection])
should contain_neutron_config('database/connection').with_secret( true )
should contain_neutron_config('database/max_retries').with_value(p[:database_max_retries])
should contain_neutron_config('database/idle_timeout').with_value(p[:database_idle_timeout])
should contain_neutron_config('database/retry_interval').with_value(p[:database_retry_interval])
is_expected.to contain_neutron_config('database/connection').with_value(p[:database_connection])
is_expected.to contain_neutron_config('database/connection').with_secret( true )
is_expected.to contain_neutron_config('database/max_retries').with_value(p[:database_max_retries])
is_expected.to contain_neutron_config('database/idle_timeout').with_value(p[:database_idle_timeout])
is_expected.to contain_neutron_config('database/retry_interval').with_value(p[:database_retry_interval])
is_expected.to contain_neutron_config('database/min_pool_size').with_value(p[:database_min_pool_size])
is_expected.to contain_neutron_config('database/max_pool_size').with_value(p[:database_max_pool_size])
is_expected.to contain_neutron_config('database/max_overflow').with_value(p[:database_max_overflow])
end
it { should contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::params') }
it { is_expected.to contain_class('neutron::policy') }
it 'configures authentication middleware' do
should contain_neutron_api_config('filter:authtoken/auth_host').with_value(p[:auth_host]);
should contain_neutron_api_config('filter:authtoken/auth_port').with_value(p[:auth_port]);
should contain_neutron_api_config('filter:authtoken/admin_tenant_name').with_value(p[:auth_tenant]);
should contain_neutron_api_config('filter:authtoken/admin_user').with_value(p[:auth_user]);
should contain_neutron_api_config('filter:authtoken/admin_password').with_value(p[:auth_password]);
should contain_neutron_api_config('filter:authtoken/admin_password').with_secret( true )
should contain_neutron_api_config('filter:authtoken/auth_admin_prefix').with(:ensure => 'absent')
should contain_neutron_api_config('filter:authtoken/auth_uri').with_value("http://localhost:5000/");
is_expected.to contain_neutron_api_config('filter:authtoken/auth_host').with_value(p[:auth_host]);
is_expected.to contain_neutron_api_config('filter:authtoken/auth_port').with_value(p[:auth_port]);
is_expected.to contain_neutron_api_config('filter:authtoken/admin_tenant_name').with_value(p[:auth_tenant]);
is_expected.to contain_neutron_api_config('filter:authtoken/admin_user').with_value(p[:auth_user]);
is_expected.to contain_neutron_api_config('filter:authtoken/admin_password').with_value(p[:auth_password]);
is_expected.to contain_neutron_api_config('filter:authtoken/admin_password').with_secret( true )
is_expected.to contain_neutron_api_config('filter:authtoken/auth_admin_prefix').with(:ensure => 'absent')
is_expected.to contain_neutron_api_config('filter:authtoken/auth_uri').with_value("http://localhost:5000/");
end
it 'installs neutron server package' do
if platform_params.has_key?(:server_package)
should contain_package('neutron-server').with(
is_expected.to contain_package('neutron-server').with(
:name => platform_params[:server_package],
:ensure => p[:package_ensure]
:ensure => p[:package_ensure],
:tag => 'openstack'
)
should contain_package('neutron-server').with_before(/Neutron_api_config\[.+\]/)
should contain_package('neutron-server').with_before(/Neutron_config\[.+\]/)
should contain_package('neutron-server').with_before(/Service\[neutron-server\]/)
is_expected.to contain_package('neutron-server').with_before(/Neutron_api_config\[.+\]/)
is_expected.to contain_package('neutron-server').with_before(/Neutron_config\[.+\]/)
is_expected.to contain_package('neutron-server').with_before(/Service\[neutron-server\]/)
else
should contain_package('neutron').with_before(/Neutron_api_config\[.+\]/)
is_expected.to contain_package('neutron').with_before(/Neutron_api_config\[.+\]/)
end
end
it 'configures neutron server service' do
should contain_service('neutron-server').with(
is_expected.to contain_service('neutron-server').with(
:name => platform_params[:server_service],
:enable => true,
:ensure => 'running',
:require => 'Class[Neutron]'
)
should_not contain_exec('neutron-db-sync')
should contain_neutron_api_config('filter:authtoken/auth_admin_prefix').with(
is_expected.not_to contain_exec('neutron-db-sync')
is_expected.to contain_neutron_api_config('filter:authtoken/auth_admin_prefix').with(
:ensure => 'absent'
)
should contain_neutron_config('DEFAULT/api_workers').with_value(facts[:processorcount])
should contain_neutron_config('DEFAULT/rpc_workers').with_value(facts[:processorcount])
should contain_neutron_config('DEFAULT/agent_down_time').with_value(p[:agent_down_time])
should contain_neutron_config('DEFAULT/router_scheduler_driver').with_value(p[:router_scheduler_driver])
should contain_neutron_config('DEFAULT/state_path').with_value(p[:state_path])
should contain_neutron_config('DEFAULT/lock_path').with_value(p[:lock_path])
is_expected.to contain_service('neutron-server').with_name('neutron-server')
is_expected.to contain_neutron_config('DEFAULT/api_workers').with_value(facts[:processorcount])
is_expected.to contain_neutron_config('DEFAULT/rpc_workers').with_value(facts[:processorcount])
is_expected.to contain_neutron_config('DEFAULT/agent_down_time').with_value(p[:agent_down_time])
is_expected.to contain_neutron_config('DEFAULT/router_scheduler_driver').with_value(p[:router_scheduler_driver])
end
context 'with manage_service as false' do
@ -95,13 +112,89 @@ describe 'neutron::server' do
params.merge!(:manage_service => false)
end
it 'should not start/stop service' do
should contain_service('neutron-server').without_ensure
is_expected.to contain_service('neutron-server').without_ensure
end
end
context 'with DVR enabled' do
before :each do
params.merge!(:router_distributed => true)
end
it 'should enable DVR' do
is_expected.to contain_neutron_config('DEFAULT/router_distributed').with_value(true)
end
end
context 'with HA routers enabled' do
before :each do
params.merge!(:l3_ha => true)
end
it 'should enable HA routers' do
is_expected.to contain_neutron_config('DEFAULT/l3_ha').with_value(true)
is_expected.to contain_neutron_config('DEFAULT/max_l3_agents_per_router').with_value(3)
is_expected.to contain_neutron_config('DEFAULT/min_l3_agents_per_router').with_value(2)
is_expected.to contain_neutron_config('DEFAULT/l3_ha_net_cidr').with_value('169.254.192.0/18')
end
end
context 'with HA routers disabled' do
before :each do
params.merge!(:l3_ha => false)
end
it 'should disable HA routers' do
is_expected.to contain_neutron_config('DEFAULT/l3_ha').with_value(false)
end
end
context 'with HA routers enabled with unlimited l3 agents per router' do
before :each do
params.merge!(:l3_ha => true,
:max_l3_agents_per_router => 0 )
end
it 'should enable HA routers' do
is_expected.to contain_neutron_config('DEFAULT/max_l3_agents_per_router').with_value(0)
end
end
context 'with HA routers enabled and wrong parameters' do
before :each do
params.merge!(:l3_ha => true,
:max_l3_agents_per_router => 2,
:min_l3_agents_per_router => 3 )
end
it_raises 'a Puppet::Error', /min_l3_agents_per_router should be less than or equal to max_l3_agents_per_router./
end
context 'with custom service name' do
before :each do
params.merge!(:service_name => 'custom-service-name')
end
it 'should configure proper service name' do
is_expected.to contain_service('neutron-server').with_name('custom-service-name')
end
end
context 'with state_path and lock_path parameters' do
before :each do
params.merge!(:state_path => 'state_path',
:lock_path => 'lock_path' )
end
it 'should override state_path and lock_path from base class' do
is_expected.to contain_neutron_config('DEFAULT/state_path').with_value(p[:state_path])
is_expected.to contain_neutron_config('DEFAULT/lock_path').with_value(p[:lock_path])
end
end
context 'with allow_automatic_l3agent_failover in neutron.conf' do
it 'should configure allow_automatic_l3agent_failover' do
is_expected.to contain_neutron_config('DEFAULT/allow_automatic_l3agent_failover').with_value(p[:allow_automatic_l3agent_failover])
end
end
end
shared_examples_for 'a neutron server with auth_admin_prefix set' do
[ '/keystone', '/keystone/admin', '' ].each do |auth_admin_prefix|
[ '/keystone', '/keystone/admin' ].each do |auth_admin_prefix|
describe "with keystone_auth_admin_prefix containing incorrect value #{auth_admin_prefix}" do
before do
params.merge!({
@ -109,7 +202,7 @@ describe 'neutron::server' do
})
end
it do
should contain_neutron_api_config('filter:authtoken/auth_admin_prefix').with(
is_expected.to contain_neutron_api_config('filter:authtoken/auth_admin_prefix').with(
:value => params[:auth_admin_prefix]
)
end
@ -125,11 +218,7 @@ describe 'neutron::server' do
:auth_admin_prefix => auth_admin_prefix,
})
end
it do
expect {
should contain_neutron_api_config('filter:authtoken/auth_admin_prefix')
}.to raise_error(Puppet::Error, /validate_re\(\): "#{auth_admin_prefix}" does not match/)
end
it_raises 'a Puppet::Error', /validate_re\(\): "#{auth_admin_prefix}" does not match/
end
end
end
@ -141,16 +230,6 @@ describe 'neutron::server' do
it_raises 'a Puppet::Error', /auth_password must be set/
end
shared_examples_for 'a neutron server with removed log_dir parameter' do
before { params.merge!({ :log_dir => '/var/log/neutron' })}
it_raises 'a Puppet::Error', /log_dir parameter is removed/
end
shared_examples_for 'a neutron server with removed log_file parameter' do
before { params.merge!({ :log_file => '/var/log/neutron/blah.log' })}
it_raises 'a Puppet::Error', /log_file parameter is removed/
end
shared_examples_for 'a neutron server without database synchronization' do
before do
params.merge!(
@ -158,63 +237,16 @@ describe 'neutron::server' do
)
end
it 'should exec neutron-db-sync' do
should contain_exec('neutron-db-sync').with(
is_expected.to contain_exec('neutron-db-sync').with(
:command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head',
:path => '/usr/bin',
:before => 'Service[neutron-server]',
:require => 'Neutron_config[database/connection]',
:subscribe => 'Neutron_config[database/connection]',
:refreshonly => true
)
end
end
shared_examples_for 'a neutron server with deprecated parameters' do
context 'first generation' do
before do
params.merge!({
:sql_connection => 'sqlite:////var/lib/neutron/ovs-deprecated_parameter.sqlite',
:database_connection => 'sqlite:////var/lib/neutron/ovs-IGNORED_parameter.sqlite',
:sql_max_retries => 20,
:database_max_retries => 90,
:sql_idle_timeout => 21,
:database_idle_timeout => 91,
:sql_reconnect_interval => 22,
:database_retry_interval => 92,
})
end
it 'configures database connection with deprecated parameters' do
should contain_neutron_config('database/connection').with_value(params[:sql_connection])
should contain_neutron_config('database/max_retries').with_value(params[:sql_max_retries])
should contain_neutron_config('database/idle_timeout').with_value(params[:sql_idle_timeout])
should contain_neutron_config('database/retry_interval').with_value(params[:sql_reconnect_interval])
end
end
context 'second generation' do
before do
params.merge!({
:connection => 'sqlite:////var/lib/neutron/ovs-deprecated_parameter.sqlite',
:database_connection => 'sqlite:////var/lib/neutron/ovs-IGNORED_parameter.sqlite',
:max_retries => 20,
:database_max_retries => 90,
:idle_timeout => 21,
:database_idle_timeout => 91,
:retry_interval => 22,
:database_retry_interval => 92,
})
end
it 'configures database connection with deprecated parameters' do
should contain_neutron_config('database/connection').with_value(params[:connection])
should contain_neutron_config('database/max_retries').with_value(params[:max_retries])
should contain_neutron_config('database/idle_timeout').with_value(params[:idle_timeout])
should contain_neutron_config('database/retry_interval').with_value(params[:retry_interval])
end
end
end
shared_examples_for 'a neutron server with database_connection specified' do
before do
params.merge!(
@ -222,13 +254,13 @@ describe 'neutron::server' do
)
end
it 'configures database connection' do
should contain_neutron_config('database/connection').with_value(params[:database_connection])
is_expected.to contain_neutron_config('database/connection').with_value(params[:database_connection])
end
end
describe "with custom keystone auth_uri" do
let :facts do
{ :osfamily => 'RedHat' }
default_facts.merge({ :osfamily => 'RedHat' })
end
before do
params.merge!({
@ -236,14 +268,59 @@ describe 'neutron::server' do
})
end
it 'configures auth_uri' do
should contain_neutron_api_config('filter:authtoken/auth_uri').with_value("https://foo.bar:1234/");
is_expected.to contain_neutron_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:1234/");
# since only auth_uri is set the deprecated auth parameters should
# still get set in case they are still in use
is_expected.to contain_neutron_config('keystone_authtoken/auth_host').with_value('localhost');
is_expected.to contain_neutron_config('keystone_authtoken/auth_port').with_value('35357');
is_expected.to contain_neutron_config('keystone_authtoken/auth_protocol').with_value('http');
end
end
describe "with custom keystone identity_uri" do
let :facts do
default_facts.merge({ :osfamily => 'RedHat' })
end
before do
params.merge!({
:identity_uri => 'https://foo.bar:1234/',
})
end
it 'configures identity_uri' do
is_expected.to contain_neutron_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:1234/");
# since only auth_uri is set the deprecated auth parameters should
# still get set in case they are still in use
is_expected.to contain_neutron_config('keystone_authtoken/auth_host').with_value('localhost');
is_expected.to contain_neutron_config('keystone_authtoken/auth_port').with_value('35357');
is_expected.to contain_neutron_config('keystone_authtoken/auth_protocol').with_value('http');
end
end
describe "with custom keystone identity_uri and auth_uri" do
let :facts do
default_facts.merge({ :osfamily => 'RedHat' })
end
before do
params.merge!({
:identity_uri => 'https://foo.bar:35357/',
:auth_uri => 'https://foo.bar:5000/v2.0/',
})
end
it 'configures identity_uri and auth_uri but deprecates old auth settings' do
is_expected.to contain_neutron_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:35357/");
is_expected.to contain_neutron_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:5000/v2.0/");
is_expected.to contain_neutron_config('keystone_authtoken/auth_admin_prefix').with(:ensure => 'absent')
is_expected.to contain_neutron_config('keystone_authtoken/auth_port').with(:ensure => 'absent')
is_expected.to contain_neutron_config('keystone_authtoken/auth_protocol').with(:ensure => 'absent')
is_expected.to contain_neutron_config('keystone_authtoken/auth_host').with(:ensure => 'absent')
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian',
:processorcount => '2' }
default_facts.merge(
{ :osfamily => 'Debian',
:processorcount => '2' })
end
let :platform_params do
@ -255,17 +332,15 @@ describe 'neutron::server' do
it_configures 'a neutron server with broken authentication'
it_configures 'a neutron server with auth_admin_prefix set'
it_configures 'a neutron server with some incorrect auth_admin_prefix set'
it_configures 'a neutron server with deprecated parameters'
it_configures 'a neutron server with database_connection specified'
it_configures 'a neutron server without database synchronization'
it_configures 'a neutron server with removed log_file parameter'
it_configures 'a neutron server with removed log_dir parameter'
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat',
:processorcount => '2' }
default_facts.merge(
{ :osfamily => 'RedHat',
:processorcount => '2' })
end
let :platform_params do
@ -276,10 +351,7 @@ describe 'neutron::server' do
it_configures 'a neutron server with broken authentication'
it_configures 'a neutron server with auth_admin_prefix set'
it_configures 'a neutron server with some incorrect auth_admin_prefix set'
it_configures 'a neutron server with deprecated parameters'
it_configures 'a neutron server with database_connection specified'
it_configures 'a neutron server without database synchronization'
it_configures 'a neutron server with removed log_file parameter'
it_configures 'a neutron server with removed log_dir parameter'
end
end

66
deployment/puppet/neutron/spec/classes/neutron_services_fwaas_spec.rb
View File

@ -25,6 +25,12 @@ describe 'neutron::services::fwaas' do
"class { 'neutron': rabbit_password => 'passw0rd' }"
end
let :default_facts do
{ :operatingsystem => 'default',
:operatingsystemrelease => 'default'
}
end
let :params do
{}
end
@ -41,36 +47,48 @@ describe 'neutron::services::fwaas' do
end
it 'configures driver in fwaas_driver.ini' do
should contain_neutron_fwaas_service_config('fwaas/driver').with_value('neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver')
should contain_neutron_fwaas_service_config('fwaas/enabled').with_value('true')
is_expected.to contain_neutron_fwaas_service_config('fwaas/driver').with_value('neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver')
is_expected.to contain_neutron_fwaas_service_config('fwaas/enabled').with_value('true')
end
end
context 'on Debian platforms' do
context 'on Ubuntu platforms' do
let :facts do
{ :osfamily => 'Debian' }
end
let :platform_params do
{ :l3_agent_package => 'neutron-l3-agent',
:vpnaas_agent_package => 'neutron-vpn-agent'}
default_facts.merge(
{ :osfamily => 'Debian',
:operatingsystem => 'Ubuntu' })
end
it_configures 'neutron fwaas service plugin'
it 'installs neutron l3 agent package' do
should contain_package('neutron-l3-agent').with_ensure('present')
it 'installs neutron fwaas package' do
is_expected.to contain_package('python-neutron-fwaas').with(
:ensure => 'present',
:tag => 'openstack'
)
end
end
context 'on Debian platforms without VPNaaS' do
let :facts do
default_facts.merge(
{ :osfamily => 'Debian',
:operatingsystem => 'Debian' })
end
it_configures 'neutron fwaas service plugin'
it 'installs neutron fwaas package' do
is_expected.to contain_package('python-neutron-fwaas').with(
:ensure => 'present',
:tag => 'openstack'
)
end
end
context 'on Debian platforms with VPNaaS' do
let :facts do
{ :osfamily => 'Debian' }
end
let :platform_params do
{ :l3_agent_package => 'neutron-l3-agent',
:vpnaas_agent_package => 'neutron-vpn-agent' }
default_facts.merge({ :osfamily => 'Debian' })
end
let :params do
@ -80,21 +98,23 @@ describe 'neutron::services::fwaas' do
it_configures 'neutron fwaas service plugin'
it 'installs neutron vpnaas agent package' do
should contain_package('neutron-vpn-agent').with_ensure('present')
is_expected.to contain_package('neutron-vpn-agent').with(
:ensure => 'present',
:tag => 'openstack'
)
end
end
context 'on Red Hat platforms' do
let :facts do
{ :osfamily => 'RedHat' }
end
let :platform_params do
{ :package_name => 'openstack-neutron' }
default_facts.merge({ :osfamily => 'RedHat' })
end
it_configures 'neutron fwaas service plugin'
it 'installs neutron fwaas service package' do
is_expected.to contain_package('openstack-neutron-fwaas').with_ensure('present')
end
end
end

2
deployment/puppet/neutron/spec/shared_examples.rb
View File

@ -1,5 +1,5 @@
shared_examples_for "a Puppet::Error" do |description|
it "with message matching #{description.inspect}" do
expect { should have_class_count(1) }.to raise_error(Puppet::Error, description)
expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description)
end
end

11
deployment/puppet/neutron/spec/spec_helper.rb
View File

@ -1,13 +1,10 @@
require 'puppetlabs_spec_helper/module_spec_helper'
require 'shared_examples'
require 'webmock/rspec'
require 'json'
fixture_path = File.expand_path(File.join(__FILE__, '..', 'fixtures'))
RSpec.configure do |c|
c.alias_it_should_behave_like_to :it_configures, 'configures'
c.alias_it_should_behave_like_to :it_raises, 'raises'
c.module_path = File.join(fixture_path, 'modules')
c.manifest_dir = File.join(fixture_path, 'manifests')
c.alias_it_should_behave_like_to :it_configures, 'configures'
c.alias_it_should_behave_like_to :it_raises, 'raises'
end
at_exit { RSpec::Puppet::Coverage.report! }

52
deployment/puppet/neutron/spec/spec_helper_acceptance.rb Normal file
View File

@ -0,0 +1,52 @@
require 'beaker-rspec'
hosts.each do |host|
install_puppet
on host, "mkdir -p #{host['distmoduledir']}"
end
RSpec.configure do |c|
# Project root
proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..'))
# Readable test descriptions
c.formatter = :documentation
# Configure all nodes in nodeset
c.before :suite do
# Install module and dependencies
hosts.each do |host|
# install git
install_package host, 'git'
# clean out any module cruft
shell('rm -fr /etc/puppet/modules/*')
# install library modules from the forge
on host, puppet('module','install','puppetlabs-mysql'), { :acceptable_exit_codes => 0 }
on host, puppet('module','install','dprince/qpid'), { :acceptable_exit_codes => 0 }
on host, puppet('module','install','duritong/sysctl'), { :acceptable_exit_codes => 0 }
# pin apt module until openstack_extras use >= 2.0.0 version
on host, puppet('module','install','puppetlabs-apt','--version','1.8.0'), { :acceptable_exit_codes => 0 }
on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => 0 }
on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 }
# install puppet modules from git, use master
shell('git clone https://git.openstack.org/openstack/puppet-openstacklib /etc/puppet/modules/openstacklib')
shell('git clone https://git.openstack.org/openstack/puppet-vswitch /etc/puppet/modules/vswitch')
shell('git clone https://git.openstack.org/openstack/puppet-keystone /etc/puppet/modules/keystone')
shell('git clone https://git.openstack.org/openstack/puppet-openstack_extras /etc/puppet/modules/openstack_extras')
# TODO(EmilienM) Cloning RabbitMQ module for now because we wait for a release including
# https://github.com/enovance/puppetlabs-rabbitmq/commit/0227f762070ffbbea3c28d6a60174de98fa4cc1c
shell('git clone https://github.com/puppetlabs/puppetlabs-rabbitmq/ /etc/puppet/modules/rabbitmq')
# Install the module being tested
puppet_module_install(:source => proj_root, :module_name => 'neutron')
# List modules installed to help with debugging
on hosts[0], puppet('module','list'), { :acceptable_exit_codes => 0 }
end
end
end

44
deployment/puppet/neutron/spec/unit/provider/neutron_agent_linuxbridge/ini_setting_spec.rb Normal file
View File

@ -0,0 +1,44 @@
$LOAD_PATH.push(
File.join(
File.dirname(__FILE__),
'..',
'..',
'..',
'fixtures',
'modules',
'inifile',
'lib')
)
require 'spec_helper'
provider_class = Puppet::Type.type(:neutron_agent_linuxbridge).provider(:ini_setting)
describe provider_class do
it 'should default to the default setting when no other one is specified' do
resource = Puppet::Type::Neutron_agent_linuxbridge.new(
{
:name => 'DEFAULT/foo',
:value => 'bar'
}
)
provider = provider_class.new(resource)
expect(provider.section).to eq('DEFAULT')
expect(provider.setting).to eq('foo')
expect(provider.file_path).to eq('/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini')
end
it 'should allow setting to be set explicitly' do
resource = Puppet::Type::Neutron_agent_linuxbridge.new(
{
:name => 'dude/foo',
:value => 'bar'
}
)
provider = provider_class.new(resource)
expect(provider.section).to eq('dude')
expect(provider.setting).to eq('foo')
expect(provider.file_path).to eq('/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini')
end
end

45
deployment/puppet/neutron/spec/unit/provider/neutron_agent_ovs/ini_setting_spec.rb Normal file
View File

@ -0,0 +1,45 @@
$LOAD_PATH.push(
File.join(
File.dirname(__FILE__),
'..',
'..',
'..',
'fixtures',
'modules',
'inifile',
'lib')
)
require 'spec_helper'
provider_class = Puppet::Type.type(:neutron_agent_ovs).provider(:ini_setting)
describe provider_class do
let(:resource ) do
Puppet::Type::Neutron_agent_ovs.new({
:name => 'DEFAULT/foo',
:value => 'bar',
})
end
let (:provider) { resource.provider }
[ 'RedHat', 'Debian' ].each do |os|
context "on #{os} with default setting" do
it 'it should fall back to default and use ovs_neutron_plugin.ini' do
Facter.fact(:operatingsystem).stubs(:value).returns("#{os}")
expect(provider.section).to eq('DEFAULT')
expect(provider.setting).to eq('foo')
expect(provider.file_path).to eq('/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini')
end
end
end
context 'on Ubuntu with default setting' do
it 'it should fall back to default and use ml2_conf.ini' do
Facter.fact(:operatingsystem).stubs(:value).returns('Ubuntu')
expect(provider.section).to eq('DEFAULT')
expect(provider.setting).to eq('foo')
expect(provider.file_path).to eq('/etc/neutron/plugins/ml2/ml2_conf.ini')
end
end
end

Some files were not shown because too many files have changed in this diff Show More