openstack
/
fuel-library
Code Issues Proposed changes

Configure Glance vSphere backend, compute-vmware, cinder-vmware SSL verification settings 

These changes will allow the cover use cases for
cinder-vmware, compute-vmware and Glance vSphere
backend:

1. Bypass vCenter certificate verification
(default). Certificate verification turn off.
This case is useful for faster deployment and
for testing environment.

2. vCenter is using a Self-Signed certificate.
In this case the user must upload custom CA bundle
file certificate.

3. vCenter server certificate was emitted by know
CA (e.g.GeoTrust). In this case user have to leave
CA certificate bundle upload field empty.

Change-Id: I34e3396fe68efd73f7e9a9534c7eb9a5e34477e0
Implements: blueprint custom-ca-bundle-verify-vcenter-cert
(cherry picked from commit 4ba8b61114)
This commit is contained in:
Alexander Arzhanov 2016-08-11 17:15:41 +03:00
parent 0ac8f8bd15
commit de76d49a13
36 changed files with 2878 additions and 500 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

122
deployment/puppet/openstack_tasks/manifests/glance/glance.pp
View File

@ -2,32 +2,32 @@ class openstack_tasks::glance::glance {
notice('MODULAR: glance/glance.pp')
$network_scheme = hiera_hash('network_scheme', {})
$network_scheme = hiera_hash('network_scheme', {})
$network_metadata = hiera_hash('network_metadata', {})
prepare_network_config($network_scheme)
$glance_hash = hiera_hash('glance', {})
$glance_glare_hash = hiera_hash('glance_glare', {})
$verbose = pick($glance_hash['verbose'], hiera('verbose', true))
$debug = pick($glance_hash['debug'], hiera('debug', false))
$management_vip = hiera('management_vip')
$database_vip = hiera('database_vip')
$service_endpoint = hiera('service_endpoint')
$storage_hash = hiera('storage')
$use_syslog = hiera('use_syslog', true)
$use_stderr = hiera('use_stderr', false)
$syslog_log_facility = hiera('syslog_log_facility_glance')
$rabbit_hash = hiera_hash('rabbit', {})
$max_pool_size = hiera('max_pool_size')
$max_overflow = hiera('max_overflow')
$ceilometer_hash = hiera_hash('ceilometer', {})
$region = hiera('region','RegionOne')
$workers_max = hiera('workers_max', 16)
$service_workers = pick($glance_hash['glance_workers'],
min(max($::processorcount, 2), $workers_max))
$ironic_hash = hiera_hash('ironic', {})
$primary_controller = hiera('primary_controller')
$kombu_compression = hiera('kombu_compression', '')
$glance_hash = hiera_hash('glance', {})
$glance_glare_hash = hiera_hash('glance_glare', {})
$verbose = pick($glance_hash['verbose'], hiera('verbose', true))
$debug = pick($glance_hash['debug'], hiera('debug', false))
$management_vip = hiera('management_vip')
$database_vip = hiera('database_vip')
$service_endpoint = hiera('service_endpoint')
$storage_hash = hiera('storage')
$use_syslog = hiera('use_syslog', true)
$use_stderr = hiera('use_stderr', false)
$syslog_log_facility = hiera('syslog_log_facility_glance')
$rabbit_hash = hiera_hash('rabbit', {})
$max_pool_size = hiera('max_pool_size')
$max_overflow = hiera('max_overflow')
$ceilometer_hash = hiera_hash('ceilometer', {})
$region = hiera('region','RegionOne')
$workers_max = hiera('workers_max', 16)
$service_workers = pick($glance_hash['glance_workers'],
min(max($::processorcount, 2), $workers_max))
$ironic_hash = hiera_hash('ironic', {})
$primary_controller = hiera('primary_controller')
$kombu_compression = hiera('kombu_compression', '')
$override_configuration = hiera_hash('configuration', {})
@ -53,11 +53,11 @@ class openstack_tasks::glance::glance {
Override_resources <||> ~> Service <| tag == 'glance-service' |>
$db_type = 'mysql'
$db_host = pick($glance_hash['db_host'], $database_vip)
$db_user = pick($glance_hash['db_user'], 'glance')
$db_password = $glance_hash['db_password']
$db_name = pick($glance_hash['db_name'], 'glance')
$db_type = 'mysql'
$db_host = pick($glance_hash['db_host'], $database_vip)
$db_user = pick($glance_hash['db_user'], 'glance')
$db_password = $glance_hash['db_password']
$db_name = pick($glance_hash['db_name'], 'glance')
# LP#1526938 - python-mysqldb supports this, python-pymysql does not
if $::os_package_type == 'debian' {
$extra_params = { 'charset' => 'utf8', 'read_timeout' => 60 }
@ -95,6 +95,7 @@ class openstack_tasks::glance::glance {
$glance_vcenter_datacenter = $glance_hash['vc_datacenter']
$glance_vcenter_datastore = $glance_hash['vc_datastore']
$glance_vcenter_image_dir = $glance_hash['vc_image_dir']
$glance_vcenter_insecure = $glance_hash['vc_insecure']
$glance_vcenter_api_retry_count = '20'
$glance_vcenter_ca_file = pick($glance_hash['vc_ca_file'], {})
$glance_vcenter_ca_content = pick($glance_vcenter_ca_file['content'], {})
@ -112,19 +113,19 @@ class openstack_tasks::glance::glance {
$auth_uri = "${internal_auth_protocol}://${internal_auth_address}:5000/"
$identity_uri = "${admin_auth_protocol}://${admin_auth_address}:35357/"
$rados_connect_timeout = '30'
$rados_connect_timeout = '30'
if ($storage_hash['images_ceph'] and !$ironic_hash['enabled']) {
$glance_backend = 'ceph'
$known_stores = [ 'glance.store.rbd.Store', 'glance.store.http.Store' ]
$known_stores = [ 'glance.store.rbd.Store', 'glance.store.http.Store' ]
$show_image_direct_url = pick($glance_hash['show_image_direct_url'], true)
} elsif ($storage_hash['images_vcenter']) {
$glance_backend = 'vmware'
$known_stores = [ 'glance.store.vmware_datastore.Store', 'glance.store.http.Store' ]
$known_stores = [ 'glance.store.vmware_datastore.Store', 'glance.store.http.Store' ]
$show_image_direct_url = pick($glance_hash['show_image_direct_url'], true)
} else {
$glance_backend = 'swift'
$known_stores = [ 'glance.store.swift.Store', 'glance.store.http.Store' ]
$known_stores = [ 'glance.store.swift.Store', 'glance.store.http.Store' ]
$swift_store_large_object_size = $glance_large_object_size
$show_image_direct_url = pick($glance_hash['show_image_direct_url'], false)
}
@ -188,12 +189,12 @@ class openstack_tasks::glance::glance {
}
class { '::glance::glare::logging':
use_syslog => $use_syslog,
use_stderr => $use_stderr,
log_facility => $syslog_log_facility,
verbose => $verbose,
debug => $debug,
default_log_levels => hiera('default_log_levels'),
use_syslog => $use_syslog,
use_stderr => $use_stderr,
log_facility => $syslog_log_facility,
verbose => $verbose,
debug => $debug,
default_log_levels => hiera('default_log_levels'),
}
class { '::glance::glare::db':
@ -205,21 +206,21 @@ class openstack_tasks::glance::glance {
}
class { '::glance::glare':
bind_host => $glare_bind_host,
auth_type => 'keystone',
auth_uri => $auth_uri,
identity_uri => $identity_uri,
keystone_user => $glance_glare_user,
keystone_password => $glance_glare_user_password,
keystone_tenant => $glance_glare_tenant,
enabled => $enabled,
stores => $known_stores,
workers => $service_workers,
pipeline => $pipeline,
os_region_name => $region,
auth_region => $region,
signing_dir => '/tmp/keystone-signing-glance',
token_cache_time => '-1',
bind_host => $glare_bind_host,
auth_type => 'keystone',
auth_uri => $auth_uri,
identity_uri => $identity_uri,
keystone_user => $glance_glare_user,
keystone_password => $glance_glare_user_password,
keystone_tenant => $glance_glare_tenant,
enabled => $enabled,
stores => $known_stores,
workers => $service_workers,
pipeline => $pipeline,
os_region_name => $region,
auth_region => $region,
signing_dir => '/tmp/keystone-signing-glance',
token_cache_time => '-1',
}
glance_api_config {
@ -321,29 +322,30 @@ class openstack_tasks::glance::glance {
}
}
'vmware': {
if ! empty($glance_vcenter_ca_content) {
$vcenter_ca_filename = $glance_vcenter_ca_file['name']
$vcenter_ca_filepath = "/etc/glance/${vcenter_ca_filename}"
$glance_vcenter_datastores = "${glance_vcenter_datacenter}:${glance_vcenter_datastore}"
if ! empty($glance_vcenter_ca_content) and ! $glance_vcenter_insecure {
$vcenter_ca_filepath = '/etc/glance/vcenter-ca.pem'
$glance_vcenter_insecure_real = false
file { $vcenter_ca_filepath:
ensure => file,
content => $glance_vcenter_ca_file['content'],
content => $glance_vcenter_ca_content,
mode => '0644',
owner => 'root',
group => 'root',
}
Class['::glance::backend::vsphere']->File[$vcenter_ca_filepath]
} else {
$vcenter_ca_filepath = undef
$vcenter_ca_filepath = $::os_service_default
$glance_vcenter_insecure_real = $glance_vcenter_insecure
}
$glance_vcenter_datastores = "${glance_vcenter_datacenter}:${glance_vcenter_datastore}"
class { '::glance::backend::vsphere':
vcenter_host => $glance_vcenter_host,
vcenter_user => $glance_vcenter_user,
vcenter_password => $glance_vcenter_password,
vcenter_datastores => $glance_vcenter_datastores,
vcenter_insecure => $glance_vcenter_insecure_real,
vcenter_image_dir => $glance_vcenter_image_dir,
vcenter_api_retry_count => $glance_vcenter_api_retry_count,
vcenter_ca_file => $vcenter_ca_filepath,

7
deployment/puppet/osnailyfacter/manifests/vmware/cinder_vmware.pp
View File

@ -2,12 +2,11 @@ class osnailyfacter::vmware::cinder_vmware {
notice('MODULAR: vmware/cinder_vmware.pp')
$cinder_hash = hiera_hash('cinder', {})
$cinder_hash = hiera_hash('cinder', {})
if roles_include(['cinder-vmware']) {
$debug = pick($cinder_hash['debug'], hiera('debug', true))
$volumes = get_cinder_vmware_data($cinder_hash['instances'], $debug)
$debug = pick($cinder_hash['debug'], hiera('debug', true))
$volumes = get_cinder_vmware_data($cinder_hash['instances'], $debug)
create_resources(vmware::cinder::vmdk, $volumes)
}
}

14
deployment/puppet/osnailyfacter/manifests/vmware/compute_vmware.pp
View File

@ -2,10 +2,10 @@ class osnailyfacter::vmware::compute_vmware {
notice('MODULAR: vmware/compute_vmware.pp')
$debug = hiera('debug', true)
$debug = hiera('debug', true)
$vcenter_hash = hiera_hash('vcenter', {})
$computes = $vcenter_hash['computes']
$vcenter_hash = hiera_hash('vcenter', {})
$computes = $vcenter_hash['computes']
$computes_hash = parse_vcenter_settings($computes)
$defaults = {
@ -15,7 +15,7 @@ class osnailyfacter::vmware::compute_vmware {
create_resources(vmware::compute_vmware, $computes_hash, $defaults)
$ceilometer_hash = hiera_hash('ceilometer', {})
$ceilometer_hash = hiera_hash('ceilometer', {})
$ceilometer_enabled = $ceilometer_hash['enabled']
if $ceilometer_enabled and $computes {
@ -30,8 +30,8 @@ class osnailyfacter::vmware::compute_vmware {
$auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http')
$auth_host = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [hiera('keystone_endpoint', ''), $service_endpoint, $management_vip])
$auth_port = '5000'
$identity_uri = "${auth_protocol}://${auth_host}:${auth_port}"
$auth_port = '5000'
$identity_uri = "${auth_protocol}://${auth_host}:${auth_port}"
class { '::vmware::ceilometer::compute_vmware':
debug => $debug,
@ -40,6 +40,8 @@ class osnailyfacter::vmware::compute_vmware {
vc_host => $compute['vc_host'],
vc_user => $compute['vc_user'],
vc_password => $compute['vc_password'],
vc_insecure => $compute['vc_insecure'],
vc_ca_file => $compute['vc_ca_file'],
service_name => $compute['service_name'],
identity_uri => $identity_uri,
auth_user => 'ceilometer',

2
deployment/puppet/vmware/.fixtures.yml
View File

@ -8,3 +8,5 @@ fixtures:
vmware: "#{source_dir}"
oslo: "#{source_dir}/../oslo"
cinder: "#{source_dir}/../cinder"
openstacklib: "#{source_dir}/../openstacklib"
tweaks: "#{source_dir}/../tweaks"

25
deployment/puppet/vmware/lib/puppet/parser/functions/vmware_index.rb
View File

@ -1,25 +0,0 @@
# Eventually this functions should be revised and removed.
# Such data structure forming should be done by nailgun.
Puppet::Parser::Functions::newfunction(
:vmware_index,
:type => :rvalue,
:doc => <<-EOS
Split string that contains array of vSphere clusters and enumerate them
EOS
) do |args|
unless args.size > 0
raise Puppet::ParseError, "You should give an array of clusters!"
end
cluster_names = args[0]
index_name = args[1] || 'index'
clusters_hash = {}
cluster_names.split(',').each_with_index do |name, index|
cluster = {
index_name => index.to_s,
}
clusters_hash[name] = cluster
end
clusters_hash
end

93
deployment/puppet/vmware/manifests/ceilometer.pp
View File

@ -1,34 +1,115 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: vmware::ceilometer
#
# Deploys nova-compute service and configures it for use
# with vmwareapi.VCDriver (vCenter server as hypervisor)
# on OpenStack controller nodes. Nova-compute is configured
# to work under Pacemaker supervision.
#
# === Parameters
#
# [*vcenter_settings*]
# (optional) Computes hash in format of:
# Example:
# "[ {"availability_zone_name"=>"vcenter", "datastore_regex"=>".*",
# "service_name"=>"vm_cluster1", "target_node"=>"controllers",
# "vc_cluster"=>"Cluster1", "vc_host"=>"172.16.0.254",
# "vc_password"=>"Qwer!1234", "vc_user"=>"administrator@vsphere.local"},
# {"availability_zone_name"=>"vcenter", "datastore_regex"=>".*",
# "service_name"=>"vm_cluster2", "target_node"=>"node-65",
# "vc_cluster"=>"Cluster2", "vc_host"=>"172.16.0.254",
# "vc_password"=>"Qwer!1234", "vc_user"=>"administrator@vsphere.local"} ]"
# Defaults to undef.
#
# [*vcenter_user*]
# (optional) Username for connection to VMware vCenter host.
# Defaults to 'user'.
#
# [*vcenter_password*]
# (optional) Password for connection to VMware vCenter host.
# Defaults to 'password'.
#
# [*vcenter_host_ip*]
# (optional) Hostname or IP address for connection to VMware vCenter host.
# Defaults to '10.10.10.10'.
#
# [*vcenter_cluster*]
# (optional) Name of a VMware Cluster ComputeResource.
# Defaults to 'cluster'.
#
# [*hypervisor_inspector*]
# (optional) Inspector to use for inspecting the hypervisor layer. Known
# inspectors are libvirt, hyperv, vmware, xenapi and powervm.
# Defaults to 'vmware'.
#
# [*api_retry_count*]
# (optional) Number of times a VMware vSphere API may be retried.
# Defaults to '5'.
#
# [*task_poll_interval*]
# (optional) Sleep time in seconds for polling an ongoing async task.
# Defaults to '5.0'.
#
# [*wsdl_location*]
# (optional) Optional vim service WSDL location
# e.g http://<server>/vimService.wsdl. Optional over-ride to default location
# for bug work-arounds.
# Defaults to false.
#
# [*debug*]
# (optional) Flag that turn debug logging.
# Defaults to false.
#
class vmware::ceilometer (
$vcenter_settings = undef,
$vcenter_user = 'user',
$vcenter_password = 'password',
$vcenter_host_ip = '10.10.10.10',
$vcenter_cluster = 'cluster',
$hypervisor_inspector = 'vsphere',
$hypervisor_inspector = 'vmware',
$api_retry_count = '5',
$task_poll_interval = '5.0',
$wsdl_location = false,
$debug = false,
) {
# $default_log_levels gets used in template file. Do not remove.
if $debug {
# Enable debug for rabbit and vmware only
# Enable debug for rabbit and VMware only
$default_log_levels = 'amqp=DEBUG,amqplib=DEBUG,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,oslo.vmware=DEBUG'
} else {
$default_log_levels = 'amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,oslo.vmware=WARN'
}
$vsphere_clusters = vmware_index($vcenter_cluster)
$computes_hash = parse_vcenter_settings($vcenter_settings)
include ceilometer::params
$defaults = {
default_log_levels => $default_log_levels,
hypervisor_inspector => $hypervisor_inspector,
api_retry_count => $api_retry_count,
task_poll_interval => $task_poll_interval
}
include ::ceilometer::params
package { 'ceilometer-agent-compute':
ensure => present,
name => $::ceilometer::params::agent_compute_package_name,
}
create_resources(vmware::ceilometer::ha, parse_vcenter_settings($vcenter_settings))
create_resources(vmware::ceilometer::ha, $computes_hash, $defaults)
Package['ceilometer-agent-compute']->
Vmware::Ceilometer::Ha<||>

102
deployment/puppet/vmware/manifests/ceilometer/compute_vmware.pp
View File

@ -1,39 +1,85 @@
# == Class: vmware::ceilometer::compute_vmware
# Class configures ceilometer compute agent on compute-vmware node.
#
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: vmware::ceilometer::compute_vmware
#
# Class configures ceilometer compute agent on compute-vmware node.
# It does the following:
# - configure keystone auth parameters
# - reload ceilometer polling agent service, package is already
# installed by ceilometer-compute deployment task
# - configure keystone auth parameters
# - reload ceilometer polling agent service, package is already
# installed by ceilometer-compute deployment task
#
# === Parameters
#
# [*availability_zone_name*]
# (required) Availability zone name that will be used to form host parameter
# (required) Availability zone name that will be used to form host parameter.
#
# [*vc_cluster*]
# (required) vCenter cluster name that is going to be monitored
# (required) vCenter cluster name that is going to be monitored.
#
# [*vc_host*]
# (required) vCenter cluster name that is going to be monitored
# (required) IP address of the VMware vSphere host.
#
# [*vc_user*]
# (required) vCenter user name to use
# (required) Username of VMware vSphere.
#
# [*vc_password*]
# (required) Password for above vCenter user
# (required) Password of VMware vSphere.
#
# [*service_name*]
# (required) Parameter to form 'host' parameter
# (required) Parameter to form 'host' parameter.
#
# [*target_node*]
# (optional) Parameter that specifies on which node service will be placed
# (optional) Parameter that specifies on which node service will be placed.
# Defaults to undef.
#
# [*vc_insecure*]
# (optional) If true, the vCenter server certificate is not verified. If
# false, then the default CA truststore is used for verification. This option
# is ignored if “ca_file” is set.
# Defaults to 'True'.
#
# [*vc_ca_file*]
# (optional) The hash name of the CA bundle file and data in format of:
# Example:
# "{"vc_ca_file"=>{"content"=>"RSA", "name"=>"vcenter-ca.pem"}}"
# Defaults to undef.
#
# [*datastore_regex*]
# (optional) Regex which match datastore that will be used for openstack vms
# (optional) Regex which match datastore that will be used for openstack vms.
# Defaults to undef.
#
# [*debug*]
# (optional) Flag that turn debug logging
# (optional) Flag that turn debug logging.
# Defaults to undef.
#
# [*identity_uri*]
# (optional) URL to access Keystone service
# (optional) URL to access Keystone service.
# Defaults to undef.
#
# [*auth_user*]
# (optional) Keystone user
# (optional) Keystone user.
# Defaults to undef.
#
# [*auth_password*]
# (optional) Keystone password
# (optional) Keystone password.
# Defaults to undef.
#
# [*tenant*]
# (optional) Admin tenant name
# (optional) Admin tenant name.
# Defaults to undef.
#
class vmware::ceilometer::compute_vmware(
$availability_zone_name,
@ -43,6 +89,8 @@ class vmware::ceilometer::compute_vmware(
$vc_password,
$service_name,
$target_node = undef,
$vc_insecure = true,
$vc_ca_file = undef,
$datastore_regex = undef,
$debug = undef,
$identity_uri = undef,
@ -50,6 +98,7 @@ class vmware::ceilometer::compute_vmware(
$auth_password = undef,
$tenant = undef,
) {
if $debug {
# Enable debug for rabbit and vmware only
$default_log_levels = 'amqp=DEBUG,amqplib=DEBUG,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,oslo.vmware=DEBUG'
@ -57,20 +106,31 @@ class vmware::ceilometer::compute_vmware(
$default_log_levels = 'amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,oslo.vmware=WARN'
}
class { '::vmware::ssl':
vc_insecure => $vc_insecure,
vc_ca_file => $vc_ca_file,
vc_ca_filepath => '/etc/ceilometer/vmware-ca.pem',
}
$ceilometer_vcenter_ca_filepath = $::vmware::ssl::vcenter_ca_filepath
$ceilometer_vcenter_insecure_real = $::vmware::ssl::vcenter_insecure_real
ceilometer_config {
'DEFAULT/default_log_levels': value => $default_log_levels;
'DEFAULT/hypervisor_inspector': value => 'vsphere';
'DEFAULT/hypervisor_inspector': value => 'vmware';
'DEFAULT/host': value => "${availability_zone_name}-${service_name}";
'vmware/host_ip': value => $vc_host;
'vmware/host_username': value => $vc_user;
'vmware/host_password': value => $vc_password;
'vmware/ca_file': value => $ceilometer_vcenter_ca_filepath;
'vmware/insecure': value => $ceilometer_vcenter_insecure_real;
'keystone_authtoken/admin_user': value => $auth_user;
'keystone_authtoken/admin_password': value => $auth_password;
'keystone_authtoken/admin_tenant_name': value => $tenant;
'keystone_authtoken/identity_uri': value => $identity_uri;
}
include ceilometer::params
include ::ceilometer::params
package { 'ceilometer-polling':
ensure => latest,

130
deployment/puppet/vmware/manifests/ceilometer/ha.pp
View File

@ -1,3 +1,92 @@
#
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Define: vmware::ceilometer::ha
#
# This type creates nova-compute service for provided vSphere cluster
# (cluster that is formed of ESXi hosts and is managed by vCenter server).
#
# === Parameters
#
# [*availability_zone_name*]
# (required) Availability zone which nova-compute will be assigned.
#
# [*vc_cluster*]
# (required) Name of a VMware Cluster ComputeResource.
#
# [*vc_host*]
# (required) Hostname or IP address for connection to VMware vCenter host.
#
# [*vc_user*]
# (required) Username for connection to VMware vCenter host.
#
# [*vc_password*]
# (required) Password for connection to VMware vCenter host.
#
# [*service_name*]
# (required) Parameter to form 'host' parameter.
#
# [*target_node*]
# (required) Parameter that specifies on which node service will be placed.
#
# [*default_log_levels*]
# (required) List of package logging levels in logger=LEVEL pairs. This option
# is ignored if log_config_append is set.
#
# [*hypervisor_inspector*]
# (optional) Inspector to use for inspecting the hypervisor layer. Known
# inspectors are libvirt, hyperv, vmware, xenapi and powervm.
# Defaults to 'vmware'.
#
# [*api_retry_count*]
# (optional) Number of times a VMware vSphere API may be retried.
# Defaults to '5'.
#
# [*task_poll_interval*]
# (optional) Sleep time in seconds for polling an ongoing async task.
# Defaults to '5.0'.
#
# [*vc_insecure*]
# (optional) If true, the vCenter server certificate is not verified.
# If false, then the default CA truststore is used for verification. This
# option is ignored if “ca_file” is set.
# Defaults to 'True'.
#
# [*vc_ca_file*]
# (optional) The hash name of the CA bundle file and data in format of:
# Example:
# "{"vc_ca_file"=>{"content"=>"RSA", "name"=>"vcenter-ca.pem"}}"
# Defaults to undef.
#
# [*datastore_regex*]
# (optional) Regex to match the name of a datastore.
# Defaults to undef.
#
# [*amqp_port*]
# (optional) The listening port number of the AMQP server. Mandatory to
# perform a monitor check.
# Defaults to '5673'.
#
# [*ceilometer_config*]
# (required) Path used for ceilometer conf.
# Defaults to '/etc/ceilometer/ceilometer.conf'.
#
# [*ceilometer_conf_dir*]
# (optional) The base directory used for ceilometer configs.
# Defaults to '/etc/ceilometer/ceilometer-compute.d'.
#
define vmware::ceilometer::ha (
$availability_zone_name,
$vc_cluster,
@ -6,23 +95,48 @@ define vmware::ceilometer::ha (
$vc_password,
$service_name,
$target_node,
$datastore_regex = undef,
$amqp_port = '5673',
$ceilometer_config = '/etc/ceilometer/ceilometer.conf',
$ceilometer_conf_dir = '/etc/ceilometer/ceilometer-compute.d',
$default_log_levels,
$hypervisor_inspector = 'vmware',
$api_retry_count = '5',
$task_poll_interval = '5.0',
$vc_insecure = true,
$vc_ca_file = undef,
$datastore_regex = undef,
$amqp_port = '5673',
$ceilometer_config = '/etc/ceilometer/ceilometer.conf',
$ceilometer_conf_dir = '/etc/ceilometer/ceilometer-compute.d',
) {
if ($target_node == 'controllers') {
$ceilometer_compute_conf = "${ceilometer_conf_dir}/vmware-${availability_zone_name}_${service_name}.conf"
$vcenter_ca_file = pick($vc_ca_file, {})
$vcenter_ca_content = pick($vcenter_ca_file['content'], {})
$vcenter_ca_filepath = "${ceilometer_conf_dir}/vmware-${availability_zone_name}_${service_name}-ca.pem"
if ! defined(File[$ceilometer_conf_dir]) {
file { $ceilometer_conf_dir:
ensure => directory,
owner => 'ceilometer',
group => 'ceilometer',
mode => '0750'
mode => '0750',
}
}
if ! empty($vcenter_ca_content) and ! $vc_insecure {
$ceilometer_vcenter_ca_filepath = $vcenter_ca_filepath
$ceilometer_vcenter_insecure_real = false
file { $vcenter_ca_filepath:
ensure => file,
content => $vcenter_ca_content,
mode => '0644',
owner => 'root',
group => 'root',
}
} else {
$ceilometer_vcenter_ca_filepath = $::os_service_default
$ceilometer_vcenter_insecure_real = $vc_insecure
}
if ! defined(File[$ceilometer_compute_conf]) {
file { $ceilometer_compute_conf:
ensure => present,
@ -46,7 +160,7 @@ define vmware::ceilometer::ha (
'amqp_server_port' => $amqp_port,
'config' => $ceilometer_config,
'pid' => "/var/run/ceilometer/ceilometer-agent-compute-${availability_zone_name}_${service_name}.pid",
'user' => "ceilometer",
'user' => 'ceilometer',
'additional_parameters' => "--config-file=${ceilometer_compute_conf}",
}
$operations = {
@ -77,8 +191,8 @@ define vmware::ceilometer::ha (
enable => true,
}
File["${ceilometer_conf_dir}"]->
File["${ceilometer_compute_conf}"]->
File[$ceilometer_conf_dir]->
File[$ceilometer_compute_conf]->
Pcmk_resource[$primitive_name]->
Service[$primitive_name]
}

64
deployment/puppet/vmware/manifests/cinder/vmdk.pp
View File

@ -1,4 +1,5 @@
# Copyright 2015 Mirantis, Inc.
#
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
@ -12,7 +13,7 @@
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: vmware::cinder::vmdk
# == Define: vmware::cinder::vmdk
#
# This type creates cinder-volume service with VMDK backend,
# which provides block storage solution for
@ -20,12 +21,23 @@
#
# === Parameters
#
# [*vc_insecure*]
# (optional) If true, the ESX/vCenter server certificate is not verified.
# If false, then the default CA truststore is used for verification.
# Defaults to 'True'.
#
# [*vc_ca_file*]
# (optional) The hash name of the CA bundle file and data in format of:
# Example:
# "{"vc_ca_file"=>{"content"=>"RSA", "name"=>"vcenter-ca.pem"}}"
# Defaults to undef.
#
# [*vc_host*]
# (required) IP address for connecting to VMware vCenter server.
# Defaults to '1.2.3.4'.
#
#
# [*vc_user*]
# (required) Username for authenticating with VMware vCenter server.
# (required) Username for authenticating with VMware vCenter server.
# Defaults to 'user'.
#
# [*vc_password*]
@ -98,6 +110,8 @@
# Defaults to false.
#
define vmware::cinder::vmdk(
$vc_insecure = true,
$vc_ca_file = undef,
$vc_host = '1.2.3.4',
$vc_user = 'user',
$vc_password = 'password',
@ -115,12 +129,14 @@ define vmware::cinder::vmdk(
$debug = false,
)
{
include ::cinder::params
$index = $availability_zone_name
$cinder_volume_conf = "${cinder_conf_dir}/vmware-${index}.conf"
$az_name = $availability_zone_name
$cinder_volume_conf = "${cinder_conf_dir}/vmware-${az_name}.conf"
$cinder_volume_vmware = "${::cinder::params::volume_service}-vmware"
$storage_hash = hiera_hash('storage', {})
$vcenter_ca_file = pick($vc_ca_file, {})
$vcenter_ca_content = pick($vcenter_ca_file['content'], {})
$vcenter_ca_filepath = "${cinder_conf_dir}/vmware-${az_name}-ca.pem"
if ($storage_hash['volumes_ceph']) and
(roles_include(['primary-controller']) or
@ -137,6 +153,22 @@ define vmware::cinder::vmdk(
}
}
if ! empty($vcenter_ca_content) and ! $vc_insecure {
$cinder_vcenter_ca_filepath = $vcenter_ca_filepath
$cinder_vcenter_insecure_real = false
file { $vcenter_ca_filepath:
ensure => file,
content => $vcenter_ca_content,
mode => '0644',
owner => 'root',
group => 'root',
}
} else {
$cinder_vcenter_ca_filepath = $::os_service_default
$cinder_vcenter_insecure_real = $vc_insecure
}
if ! defined (File[$cinder_volume_conf]) {
file { $cinder_volume_conf:
ensure => present,
@ -158,10 +190,10 @@ define vmware::cinder::vmdk(
}
}
if ! defined(Service["cinder_volume_vmware_${index}"]) {
service { "cinder_volume_vmware_${index}":
if ! defined(Service["cinder_volume_vmware_${az_name}"]) {
service { "cinder_volume_vmware_${az_name}":
ensure => running,
name => "${cinder_volume_vmware}-${index}",
name => "${cinder_volume_vmware}-${az_name}",
enable => true,
}
}
@ -172,7 +204,7 @@ define vmware::cinder::vmdk(
$dst_init = '/etc/init.d'
$file_perm = '0755'
$cinder_volume_vmware_init = "${dst_init}/${cinder_volume_vmware}"
$init_link = "${cinder_volume_vmware_init}-${index}"
$init_link = "${cinder_volume_vmware_init}-${az_name}"
if ! defined(File[$init_link]) {
file { $init_link:
ensure => link,
@ -180,7 +212,7 @@ define vmware::cinder::vmdk(
}
}
$cinder_volume_default = "/etc/sysconfig/${cinder_volume_vmware}-${index}"
$cinder_volume_default = "/etc/sysconfig/${cinder_volume_vmware}-${az_name}"
if ! defined(File[$cinder_volume_default]){
file { $cinder_volume_default:
ensure => present,
@ -188,11 +220,11 @@ define vmware::cinder::vmdk(
}
}
File[$cinder_volume_default]~>
Service["cinder_volume_vmware_${index}"]->
Service["cinder_volume_vmware_${az_name}"]->
Service['cinder_volume_vmware']
}
'Debian': {
$cinder_volume_default = "/etc/default/${cinder_volume_vmware}-${index}"
$cinder_volume_default = "/etc/default/${cinder_volume_vmware}-${az_name}"
$src_init = "${cinder_volume_vmware}.conf"
$dst_init = '/etc/init'
$file_perm = '0644'
@ -208,7 +240,7 @@ define vmware::cinder::vmdk(
}
$cinder_volume_vmware_init = "${dst_init}/${cinder_volume_vmware}.conf"
$init_link = "/etc/init/${cinder_volume_vmware}-${index}.conf"
$init_link = "${dst_init}/${cinder_volume_vmware}-${az_name}.conf"
if ! defined(File[$init_link]) {
file { $init_link:
ensure => link,
@ -227,7 +259,7 @@ define vmware::cinder::vmdk(
File[$cinder_volume_default]~>
Exec[$init_reload]->
Service["cinder_volume_vmware_${index}"]->
Service["cinder_volume_vmware_${az_name}"]->
Service['cinder_volume_vmware']
}
default: {

177
deployment/puppet/vmware/manifests/compute/ha.pp
View File

@ -1,21 +1,105 @@
# Copyright 2014 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
# Copyright 2016 Mirantis, Inc.
#
# http://www.apache.org/licenses/LICENSE-2.0
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Define: vmware::compute::ha
#
# This type creates nova-compute service for provided vSphere cluster
# (cluster that is formed of ESXi hosts and is managed by vCenter server).
#
# === Parameters
#
# [*availability_zone_name*]
# (required) Availability zone which nova-compute will be assigned.
#
# [*vc_cluster*]
# (required) Name of a VMware Cluster ComputeResource.
#
# [*vc_host*]
# (required) Hostname or IP address for connection to VMware vCenter host.
#
# [*vc_user*]
# (required) Username for connection to VMware vCenter host.
#
# [*vc_password*]
# (required) Password for connection to VMware vCenter host.
#
# [*service_name*]
# (required) Name that will form hypervisor name together with
# 'availability_zone_name' in nova-compute.conf.
#
# [*target_node*]
# (required) Name of node where nova-compute must be deployed. If it matches
# 'current_node' we are deploying nova-compute service.
#
# [*vc_insecure*]
# (optional) If true, the vCenter server certificate is not verified.
# If false, then the default CA truststore is used for verification. This
# option is ignored if “ca_file” is set.
# Defaults to 'True'.
#
# [*vc_ca_file*]
# (optional) The hash name of the CA bundle file and data in format of:
# Example:
# "{"vc_ca_file"=>{"content"=>"RSA", "name"=>"vcenter-ca.pem"}}"
# Defaults to undef.
#
# [*datastore_regex*]
# (optional) Regex to match the name of a datastore.
# Defaults to undef.
#
# [*amqp_port*]
# (optional) The listening port number of the AMQP server. Mandatory to
# perform a monitor check.
# Defaults to '5673'.
#
# [*api_retry_count*]
# (required) The number of times we retry on failures, e.g.,
# socket error, etc.
# Defaults to '5'.
#
# [*maximum_objects*]
# (required) The maximum number of ObjectContent data objects that should be
# returned in a single result. A positive value will cause the operation to
# suspend the retrieval when the count of objects reaches the specified
# maximum. The server may still limit the count to something less than the
# configured value. Any remaining objects may be retrieved with additional
# requests.
# Defaults to '100'.
#
# [*nova_conf*]
# (required) Path used for nova conf.
# Defaults to '/etc/nova/nova.conf'.
#
# [*nova_conf_dir*]
# (optional) The base directory used for compute-vmware configs.
# Defaults to '/etc/nova/nova-compute.d'.
#
# [*task_poll_interval*]
# (required) The interval used for polling of remote tasks.
# Defaults to '5.0'.
#
# [*use_linked_clone*]
# (required) Whether to use linked clone.
# Defaults to true.
#
# [*wsdl_location*]
# (optional) Optional VIM Service WSDL Location
# e.g 'http://<server>/vimService.wsdl'. Optional over-ride to default
# location for bug workarounds.
# Defaults to undef.
#
# This type creates nova-compute service for provided vSphere
# cluster (cluster that is formed of ESXi hosts and is managed by vCenter
# server).
define vmware::compute::ha(
$availability_zone_name,
$vc_cluster,
@ -24,34 +108,52 @@ define vmware::compute::ha(
$vc_password,
$service_name,
$target_node,
$datastore_regex = undef,
$amqp_port = '5673',
$api_retry_count = '5',
$maximum_objects = '100',
$nova_conf = '/etc/nova/nova.conf',
$nova_conf_dir = '/etc/nova/nova-compute.d',
$vc_insecure = true,
$vc_ca_file = undef,
$datastore_regex = undef,
$amqp_port = '5673',
$api_retry_count = '5',
$maximum_objects = '100',
$nova_conf = '/etc/nova/nova.conf',
$nova_conf_dir = '/etc/nova/nova-compute.d',
$task_poll_interval = '5.0',
$use_linked_clone = true,
$wsdl_location = undef
$use_linked_clone = true,
$wsdl_location = undef,
) {
# We deploy nova-compute on controller node only if
# $target_node contains 'controllers' otherwise
# service will be deployed on separate node
# We deploy nova-compute on controller node only if $target_node contains
# 'controllers' otherwise service will be deployed on separate node.
if ($target_node == 'controllers') {
$nova_compute_conf = "${nova_conf_dir}/vmware-${availability_zone_name}_${service_name}.conf"
$nova_compute_conf = "${nova_conf_dir}/vmware-${availability_zone_name}_${service_name}.conf"
$vcenter_ca_file = pick($vc_ca_file, {})
$vcenter_ca_content = pick($vcenter_ca_file['content'], {})
$vcenter_ca_filepath = "${nova_conf_dir}/vmware-${availability_zone_name}_${service_name}-ca.pem"
if ! defined(File[$nova_conf_dir]) {
file { $nova_conf_dir:
ensure => 'directory',
owner => 'nova',
group => 'nova',
mode => '0750'
mode => '0750',
}
}
if ! empty($vcenter_ca_content) and ! $vc_insecure {
$compute_vcenter_ca_filepath = $vcenter_ca_filepath
$compute_vcenter_insecure_real = false
file { $vcenter_ca_filepath:
ensure => file,
content => $vcenter_ca_content,
mode => '0644',
owner => 'root',
group => 'root',
}
} else {
$compute_vcenter_ca_filepath = $::os_service_default
$compute_vcenter_insecure_real = $vc_insecure
}
if ! defined(File[$nova_compute_conf]) {
# $cluster is used inside template
$cluster = $name
file { $nova_compute_conf:
ensure => 'present',
content => template('vmware/nova-compute.conf.erb'),
@ -89,13 +191,13 @@ define vmware::compute::ha(
}
pacemaker::service { $primitive_name :
prefix => false,
primitive_class => $primitive_class,
prefix => false,
primitive_class => $primitive_class,
primitive_provider => $primitive_provider,
primitive_type => $primitive_type,
metadata => $metadata,
parameters => $parameters,
operations => $operations,
primitive_type => $primitive_type,
metadata => $metadata,
parameters => $parameters,
operations => $operations,
}
service { $primitive_name :
@ -103,10 +205,9 @@ define vmware::compute::ha(
enable => true,
}
File["${nova_conf_dir}"]->
File["${nova_compute_conf}"]->
File[$nova_conf_dir]->
File[$nova_compute_conf]->
Pcmk_resource[$primitive_name]->
Service[$primitive_name]
}
}

165
deployment/puppet/vmware/manifests/compute_vmware.pp
View File

@ -1,25 +1,107 @@
# Copyright 2015 Mirantis, Inc.
# FIXME(mattymo): Use standard class documentation format
# vmware::compute_vmware resource deploys nova-compute service and configures it for use
# with vmwareapi.VCDriver (vCenter server as hypervisor). Depends on nova::params class.
# Variables:
# availability_zone_name - availability zone which nova-compute will be assigned
# vc_cluster - name of vSphere cluster
# vc_host - IP address or hostname of the vCenter server
# vc_user - username for vCenter server
# vc_password - password for vCenter server
# service_name - name that will form hypervisor name together with
# 'availability_zone_name' in nova-compute.conf
# current_node - name of node that we are executing manifets (e.g. 'node-4')
# target_node - name of node where nova-compute must be deployed
# if it matches current_node we are deploying nova-compute service
# datastore_regex - regex that specifies vCenter datastores to use
# api_retry_count - number of tries on failures
# use_quantum - shows if neutron is enabled
# service_enabled - manage nova-compute service (Default: false)
#
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Define: vmware::compute_vmware
#
# This resource deploys nova-compute service and configures it for use with
# vmwareapi.VCDriver (vCenter server as hypervisor).
# Depends on nova::params class.
#
# === Parameters
#
# [*availability_zone_name*]
# (required) Availability zone which nova-compute will be assigned.
#
# [*vc_cluster*]
# (required) Name of a VMware Cluster ComputeResource.
#
# [*vc_host*]
# (required) Hostname or IP address for connection to VMware vCenter host.
#
# [*vc_user*]
# (required) Username for connection to VMware vCenter host.
#
# [*vc_password*]
# (required) Password for connection to VMware vCenter host.
#
# [*service_name*]
# (required) Name that will form hypervisor name together with
# 'availability_zone_name' in nova-compute.conf.
#
# [*current_node*]
# (required) Name of node that we are executing manifest (e.g. 'node-4').
#
# [*target_node*]
# (required) Name of node where nova-compute must be deployed. If it matches
# 'current_node' we are deploying nova-compute service.
#
# [*vlan_interface*]
# (optional) Physical ethernet adapter name for vlan networking.
#
# [*vc_insecure*]
# (optional) If true, the vCenter server certificate is not verified.
# If false, then the default CA truststore is used for verification. This
# option is ignored if “ca_file” is set.
# Defaults to 'True'.
#
# [*vc_ca_file*]
# (optional) The hash name of the CA bundle file and data in format of:
# Example:
# "{"vc_ca_file"=>{"content"=>"RSA", "name"=>"vcenter-ca.pem"}}"
# Defaults to undef.
#
# [*datastore_regex*]
# (optional) Regex to match the name of a datastore.
# Defaults to undef.
#
# [*api_retry_count*]
# (required) The number of times we retry on failures, e.g.,
# socket error, etc.
# Defaults to '5'.
#
# [*maximum_objects*]
# (required) The maximum number of ObjectContent data objects that should be
# returned in a single result. A positive value will cause the operation to
# suspend the retrieval when the count of objects reaches the specified
# maximum. The server may still limit the count to something less than the
# configured value. Any remaining objects may be retrieved with additional
# requests.
# Defaults to '100'.
#
# [*nova_compute_conf*]
# (required) Path used for compute-vmware conf.
# Defaults to '/etc/nova/nova-compute.conf'.
#
# [*task_poll_interval*]
# (required) The interval used for polling of remote tasks.
# Defaults to '5.0'.
#
# [*use_linked_clone*]
# (required) Whether to use linked clone.
# Defaults to true.
#
# [*wsdl_location*]
# (optional) Optional VIM Service WSDL Location
# e.g 'http://<server>/vimService.wsdl'. Optional over-ride to default
# location for bug workarounds.
# Defaults to undef.
#
# [*service_enabled*]
# (optional) Manage nova-compute service.
# Defaults to false.
#
define vmware::compute_vmware(
$availability_zone_name,
$vc_cluster,
@ -30,22 +112,47 @@ define vmware::compute_vmware(
$current_node,
$target_node,
$vlan_interface,
$vc_insecure = true,
$vc_ca_file = undef,
$datastore_regex = undef,
$api_retry_count = 5,
$maximum_objects = 100,
$api_retry_count = '5',
$maximum_objects = '100',
$nova_compute_conf = '/etc/nova/nova-compute.conf',
$task_poll_interval = 5.0,
$task_poll_interval = '5.0',
$use_linked_clone = true,
$wsdl_location = undef,
$service_enabled = false,
)
{
include nova::params
include ::nova::params
$vcenter_ca_file = pick($vc_ca_file, {})
$vcenter_ca_content = pick($vcenter_ca_file['content'], {})
$vcenter_ca_filepath = '/etc/nova/vmware-ca.pem'
# We skip deployment if current node name is not same as target_node
if $service_enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
# We skip deployment if current node name is not same as target_node.
if ($target_node == $current_node) {
# $cluster is used inside template
$cluster = $name
if ! empty($vcenter_ca_content) and ! $vc_insecure {
$compute_vcenter_ca_filepath = $vcenter_ca_filepath
$compute_vcenter_insecure_real = false
file { $vcenter_ca_filepath:
ensure => file,
content => $vcenter_ca_content,
mode => '0644',
owner => 'root',
group => 'root',
}
} else {
$compute_vcenter_ca_filepath = $::os_service_default
$compute_vcenter_insecure_real = $vc_insecure
}
file { $nova_compute_conf:
ensure => present,
content => template('vmware/nova-compute.conf.erb'),

32
deployment/puppet/vmware/manifests/controller.pp
View File

@ -1,4 +1,4 @@
# Copyright 2014 Mirantis, Inc.
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
@ -23,7 +23,6 @@
#
# [*vcenter_settings*]
# (optional) Computes hash in format of:
# Defaults to undef.
# Example:
# "[ {"availability_zone_name"=>"vcenter", "datastore_regex"=>".*",
# "service_name"=>"vm_cluster1", "target_node"=>"controllers",
@ -33,22 +32,22 @@
# "service_name"=>"vm_cluster2", "target_node"=>"node-65",
# "vc_cluster"=>"Cluster2", "vc_host"=>"172.16.0.254",
# "vc_password"=>"Qwer!1234", "vc_user"=>"administrator@vsphere.local"} ]"
# Defaults to undef.
#
# [*vcenter_host_ip*]
# (required) vCenter server hostname or IP address.
# Defaults to 10.10.10.10.
# (optional) Hostname or IP address for connection to VMware vCenter host.
# Defaults to '10.10.10.10'.
#
# [*vcenter_user*]
# (required) Username for authenticating with vCenter server.
# Defaults to user.
# (optional) Username for connection to VMware vCenter host.
# Defaults to 'user'.
#
# [*vcenter_password*]
# (required) Password for authenticating with vCenter server.
# Defaults to password.
# (optional) Password for connection to VMware vCenter host.
# Defaults to 'password'.
#
# [*vlan_interface*]
# (optional) VLAN interface on which networks will be provisioned
# if VLANManager is used for nova-network.
# (optional) Physical ethernet adapter name for vlan networking.
# Defaults to undef.
#
# [*vncproxy_host*]
@ -56,17 +55,17 @@
# Defaults to undef.
#
# [*vncproxy_protocol*]
# (optional) The protocol to communicate with the VNC proxy server.
# Defaults to http.
# (required) The protocol to communicate with the VNC proxy server.
# Defaults to 'http'.
#
# [*vncproxy_port*]
# (optional) The port to communicate with the VNC proxy server.
# Defaults to 6080.
# Defaults to '6080'.
#
# [*vncproxy_path*]
# (optional) The path at the end of the uri for communication
# with the VNC proxy server.
# Defaults to "/vnc_auto.html".
# Defaults to '/vnc_auto.html'.
#
# [*use_quantum*]
# (optional) Shows if neutron is enabled.
@ -93,6 +92,7 @@ class vmware::controller (
{
include ::nova::params
$vncproxy_base_url = "${vncproxy_protocol}://${vncproxy_host}:${vncproxy_port}${vncproxy_path}"
$computes_hash = parse_vcenter_settings($vcenter_settings)
# Stubs from nova class in order to not include whole class
if ! defined(Class['nova']) {
@ -110,7 +110,7 @@ class vmware::controller (
}
}
$libvirt_type = hiera('libvirt_type')
$libvirt_type = hiera('libvirt_type', 'qemu')
tweaks::ubuntu_service_override { 'nova-compute':
package_name => "nova-compute-${libvirt_type}",
}
@ -127,7 +127,7 @@ class vmware::controller (
}
# Create nova-compute per vSphere cluster.
create_resources(vmware::compute::ha, parse_vcenter_settings($vcenter_settings))
create_resources(vmware::compute::ha, $computes_hash)
Package['nova-compute']->
Service['nova-compute']->

131
deployment/puppet/vmware/manifests/init.pp
View File

@ -1,33 +1,92 @@
# Copyright 2014 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
# Copyright 2016 Mirantis, Inc.
#
# http://www.apache.org/licenses/LICENSE-2.0
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: vmware
#
# This is the main VMware integration class. It should check the variables and
# basing on them call needed subclasses in order to setup VMware integration
# with OpenStack.
#
# === Parameters
#
# [*vcenter_settings*]
# (required) Computes hash in format of:
# Example:
# "[ {"availability_zone_name"=>"vcenter", "datastore_regex"=>".*",
# "service_name"=>"vm_cluster1", "target_node"=>"controllers",
# "vc_cluster"=>"Cluster1", "vc_host"=>"172.16.0.254",
# "vc_password"=>"Qwer!1234", "vc_user"=>"administrator@vsphere.local"},
# {"availability_zone_name"=>"vcenter", "datastore_regex"=>".*",
# "service_name"=>"vm_cluster2", "target_node"=>"node-65",
# "vc_cluster"=>"Cluster2", "vc_host"=>"172.16.0.254",
# "vc_password"=>"Qwer!1234", "vc_user"=>"administrator@vsphere.local"} ]"
# Defaults to undef.
#
# [*vcenter_user*]
# (optional) Username for connection to VMware vCenter host.
# Defaults to 'user'.
#
# [*vcenter_password*]
# (optional) Password for connection to VMware vCenter host.
# Defaults to 'password'.
#
# [*vcenter_host_ip*]
# (optional) Hostname or IP address for connection to VMware vCenter host.
# Defaults to '10.10.10.10'.
#
# [*vcenter_cluster*]
# (optional) Name of a VMware Cluster ComputeResource.
# Defaults to 'cluster'.
#
# [*vlan_interface*]
# (optional) Physical ethernet adapter name for vlan networking.
# Defaults to undef.
#
# [*use_quantum*]
# (optional) Shows if neutron is enabled.
# Defaults to true.
#
# [*vncproxy_protocol*]
# (required) The protocol to communicate with the VNC proxy server.
# Defaults to 'http'.
#
# [*vncproxy_host*]
# (required) IP address on which VNC server will be listening on.
# Defaults to undef.
#
# [*nova_hash*]
# (required) Nova hash in format of:
# Example:
# {"db_password"=>"JC4W0MTwtb6I0f8gBcKjJdiT", "enable_hugepages"=>false,
# "state_path"=>"/var/lib/nova", "user_password"=>"xT4rEWlhmI4KCyo2pGCMJwsz",
# "vncproxy_protocol"=>"http", "nova_rate_limits"=> {"POST"=>"100000",
# "POST_SERVERS"=>"100000", "PUT"=>"1000", "GET"=>"100000",
# "DELETE"=>"100000"}, "nova_report_interval"=>"60",
# "nova_service_down_time"=>"180", "num_networks"=>nil, "network_size"=>nil,
# "network_manager"=>nil}
# Defaults to {}.
#
# [*ceilometer*]
# (optional) IP address on which VNC server will be listening on.
# Defaults to 'false'.
#
# [*debug*]
# (optional) If set to true, the logging level will be set to DEBUG instead of
# the default INFO level.
# Defaults to 'false'.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# This is the main VMWare integration class
# It should check the variables and basing on them call needed
# subclasses in order to setup VMWare integration with OpenStack
# Variables:
# vcenter_user - contents user name which should be used for configuring
# integration with vCenter
# vcenter_password - vCenter user password
# vcenter_host_ip - contents IP address of the vCenter host
# vcenter_cluster - contents vCenter cluster name
# vcenter_datastore_regex - the datastore_regex setting specifies the data stores to use with Compute
# vlan_interface - interface which is used on ESXi hosts when nova-network uses VlanManager
# use_quantum - shows if neutron enabled
# vncproxy_protocol - Protocol to use for access vnc proxy
# vncproxy_host - Host that serves as vnc proxy
class vmware (
$vcenter_settings = undef,
$vcenter_user = 'user',
@ -35,7 +94,7 @@ class vmware (
$vcenter_host_ip = '10.10.10.10',
$vcenter_cluster = 'cluster',
$vlan_interface = undef,
$use_quantum = false,
$use_quantum = true,
$vncproxy_protocol = 'http',
$vncproxy_host = undef,
$nova_hash = {},
@ -43,7 +102,7 @@ class vmware (
$debug = false,
)
{
class { 'vmware::controller':
class { '::vmware::controller':
vcenter_settings => $vcenter_settings,
vcenter_user => $vcenter_user,
vcenter_password => $vcenter_password,
@ -56,13 +115,13 @@ class vmware (
}
if $ceilometer {
class { 'vmware::ceilometer':
vcenter_settings => $vcenter_settings,
vcenter_user => $vcenter_user,
vcenter_password => $vcenter_password,
vcenter_host_ip => $vcenter_host_ip,
vcenter_cluster => $vcenter_cluster,
debug => $debug,
class { '::vmware::ceilometer':
vcenter_settings => $vcenter_settings,
vcenter_user => $vcenter_user,
vcenter_password => $vcenter_password,
vcenter_host_ip => $vcenter_host_ip,
vcenter_cluster => $vcenter_cluster,
debug => $debug,
}
}
}

56
deployment/puppet/vmware/manifests/network.pp
View File

@ -1,32 +1,36 @@
# Copyright 2014 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
# Copyright 2016 Mirantis, Inc.
#
# http://www.apache.org/licenses/LICENSE-2.0
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: vmware::network
#
# VMware related network configuration class. It handles whether we use neutron
# or nova-network and call for an appropriate class.
#
# === Parameters
#
# [*use_quantum*]
# (optional) Shows if neutron is enabled.
# Defaults to false.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# VMWare related network configuration class
# It handles whether we use neutron or nova-network and call for an appropriate class
class vmware::network (
$use_quantum = false,
)
{ # begin of class
if $use_quantum { # for quantum
class { 'vmware::network::neutron': }
} else { # for nova network
class { 'vmware::network::nova': }
} # end of network check
} # end of class
{
if $use_quantum {
class { '::vmware::network::neutron': }
} else {
class { '::vmware::network::nova': }
}
}

35
deployment/puppet/vmware/manifests/network/neutron.pp
View File

@ -1,22 +1,23 @@
# Copyright 2014 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
# Copyright 2016 Mirantis, Inc.
#
# http://www.apache.org/licenses/LICENSE-2.0
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: vmware::network::neutron
#
# VMware related neutron configuration.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# VMWare related neutron configuration
class vmware::network::neutron (
)
{ # begin of the class
# Fuel doesn't have vCenter + Neutron now. So just do nothing here.
} # end of the class
{
}

79
deployment/puppet/vmware/manifests/network/nova.pp
View File

@ -1,26 +1,49 @@
# Copyright 2014 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
# Copyright 2016 Mirantis, Inc.
#
# http://www.apache.org/licenses/LICENSE-2.0
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: vmware::network
#
# VMware network class for nova-network.
#
# === Parameters
#
# [*ensure_package*]
# (optional) What state the package should be in.
# Defaults to 'present'.
#
# [*amqp_port*]
# (optional) The listening port number of the AMQP server. Mandatory to
# perform a monitor check.
# Defaults to '5673'.
#
# [*nova_network_config*]
# (required) Path used for nova conf.
# Defaults to '/etc/nova/nova.conf'.
#
# [*nova_network_config_dir*]
# (required) The base directory used for nova-network configs.
# Defaults to '/etc/nova/nova-network.d'.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# VMWare network class for nova-network
class vmware::network::nova (
$ensure_package = 'present',
$amqp_port = '5673',
$nova_network_config = '/etc/nova/nova.conf',
$nova_network_config_dir = '/etc/nova/nova-network.d'
) {
include nova::params
$ensure_package = 'present',
$amqp_port = '5673',
$nova_network_config = '/etc/nova/nova.conf',
$nova_network_config_dir = '/etc/nova/nova-network.d',
)
{
include ::nova::params
$nova_network_config_ha = "${nova_network_config_dir}/nova-network-ha.conf"
@ -29,7 +52,7 @@ class vmware::network::nova (
ensure => 'directory',
owner => 'nova',
group => 'nova',
mode => '0750'
mode => '0750',
}
}
@ -43,12 +66,12 @@ class vmware::network::nova (
}
}
$nova_user = 'nova'
$nova_hash = hiera('nova')
$nova_password = $nova_hash['user_password']
$nova_user = 'nova'
$nova_hash = hiera_hash('nova', {})
$nova_password = $nova_hash['user_password']
$management_vip = hiera('management_vip')
$auth_url = "http://${management_vip}:5000/v2.0"
$region = hiera('region', 'RegionOne')
$auth_url = "http://${management_vip}:5000/v2.0"
$region = hiera('region', 'RegionOne')
$service_name = 'p_vcenter_nova_network'
$primitive_class = 'ocf'
@ -91,13 +114,13 @@ class vmware::network::nova (
if ($::operatingsystem == 'Ubuntu') {
tweaks::ubuntu_service_override { 'nova-network':
package_name => 'nova-network'
package_name => 'nova-network',
}
}
service { $service_name :
ensure => 'running',
enable => true,
ensure => 'running',
enable => true,
}
package { 'nova-network':

77
deployment/puppet/vmware/manifests/ssl.pp Normal file
View File

@ -0,0 +1,77 @@
#
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: vmware::ssl
#
# The VMware driver for cinder-volume, nova-compute, ceilometer, etc establishes
# connections to vCenter over HTTPS, and VMware driver support the vCenter
# server certificate verification as part of the connection process.
# Class configures ssl verification for next cases:
# 1. Bypass vCenter certificate verification. Certificate
# verification turn off. This case is useful for faster deployment
# and for testing environment.
# 2. vCenter is using a Self-Signed certificate. In this case the
# user must upload custom CA bundle file certificate.
# 3. vCenter server certificate was emitted by know CA (e.g. GeoTrust).
# In this case user have to leave CA certificate bundle upload field empty.
#
# === Parameters
#
# [*vc_insecure*]
# (optional) If true, the vCenter server certificate is not verified. If
# false, then the default CA truststore is used for verification. This option
# is ignored if “ca_file” is set.
# Defaults to 'True'.
#
# [*vc_ca_file*]
# (optional) The hash name of the CA bundle file and data in format of:
# Example:
# "{"vc_ca_file"=>{"content"=>"RSA", "name"=>"vcenter-ca.pem"}}"
# Defaults to undef.
#
# [*vc_ca_filepath*]
# (required) Path CA bundle file to use in verifying the vCenter server
# certificate.
# Defaults to $::os_service_default.
#
class vmware::ssl(
$vc_insecure = true,
$vc_ca_file = undef,
$vc_ca_filepath = $::os_service_default,
) {
$vcenter_ca_file = pick($vc_ca_file, {})
$vcenter_ca_content = pick($vcenter_ca_file['content'], {})
if ! empty($vcenter_ca_content) and ! $vc_insecure {
if is_service_default($vc_ca_filepath) {
fail("The vc_ca_filepath parameter is required when vc_insecure is set \
to false and vcenter_ca_content not empty")
}
$vcenter_ca_filepath = $vc_ca_filepath
$vcenter_insecure_real = false
file { $vcenter_ca_filepath:
ensure => file,
content => $vcenter_ca_content,
mode => '0644',
owner => 'root',
group => 'root',
}
} else {
$vcenter_ca_filepath = $::os_service_default
$vcenter_insecure_real = $vc_insecure
}
}

18
deployment/puppet/vmware/spec/classes/ceilometer_spec.rb
View File

@ -1,18 +0,0 @@
require 'spec_helper'
describe 'vmware::ceilometer' do
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) { facts }
it { is_expected.to compile.with_all_deps }
xit 'should enable ceilometer-polling' do
should contain_service('ceilometer-polling').with({
'enabled' => 'true'
})
end
end
end
end

32
deployment/puppet/vmware/spec/classes/controller_spec.rb
View File

@ -1,32 +0,0 @@
require 'spec_helper'
describe 'vmware::controller' do
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) { facts }
xit { is_expected.to compile.with_all_deps }
xit 'must disable nova-compute' do
should contain_nova__generic_service('compute').with({
'enabled' => 'false'
})
end
xit 'must properly configure novncproxy_base_url' do
should contain_nova_config('DEFAULT/novncproxy_base_url').with({
'value' => "http://0.0.0.0:6080/vnc_auto.html",
})
end
xit 'must install cirros-testvmware package' do
should contain_package('cirros-testvmware')
end
xit 'must install python-suds package' do
should contain_package('python-suds')
end
end
end
end

165
deployment/puppet/vmware/spec/classes/vmware_ceilometer_compute_vmware_spec.rb Normal file
View File

@ -0,0 +1,165 @@
require 'spec_helper'
describe 'vmware::ceilometer::compute_vmware' do
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) { facts }
context 'with custom ca file' do
let(:params) do
{
:debug => true,
:availability_zone_name => 'vcenter',
:vc_cluster => 'Cluster1',
:vc_host => '172.16.0.254',
:vc_user => 'administrator@vsphere.local',
:vc_password => 'Qwer!1234',
:vc_insecure => false,
:vc_ca_file => {
'content' => 'RSA',
'name' => 'vcenter-ca.pem' },
:service_name => 'vmcluster1',
:identity_uri => 'http://172.16.1.4:5000',
:auth_user => 'ceilometer',
:auth_password => 'GCqFEGzzDHvQSVYBJsX4qGhO',
:tenant => 'services',
}
end
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_class('vmware::ssl').with(
:vc_insecure => params[:vc_insecure],
:vc_ca_file => params[:vc_ca_file],
:vc_ca_filepath => '/etc/ceilometer/vmware-ca.pem',
) }
it { is_expected.to contain_ceilometer_config('DEFAULT/default_log_levels') \
.with_value('amqp=DEBUG,amqplib=DEBUG,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,oslo.vmware=DEBUG') }
it { is_expected.to contain_ceilometer_config('DEFAULT/hypervisor_inspector') \
.with_value('vmware') }
it { is_expected.to contain_ceilometer_config('DEFAULT/host') \
.with_value("#{params[:availability_zone_name]}-#{params[:service_name]}") }
it { is_expected.to contain_ceilometer_config('vmware/host_ip') \
.with_value(params[:vc_host]) }
it { is_expected.to contain_ceilometer_config('vmware/host_username') \
.with_value(params[:vc_user]) }
it { is_expected.to contain_ceilometer_config('vmware/host_password') \
.with_value(params[:vc_password]) }
it { is_expected.to contain_ceilometer_config('vmware/ca_file') \
.with_value('/etc/ceilometer/vmware-ca.pem') }
it { is_expected.to contain_ceilometer_config('vmware/insecure') \
.with_value(params[:vc_insecure]) }
it { is_expected.to contain_ceilometer_config('keystone_authtoken/admin_user') \
.with_value(params[:auth_user]) }
it { is_expected.to contain_ceilometer_config('keystone_authtoken/admin_password') \
.with_value(params[:auth_password]) }
it { is_expected.to contain_ceilometer_config('keystone_authtoken/admin_tenant_name') \
.with_value(params[:tenant]) }
it { is_expected.to contain_ceilometer_config('keystone_authtoken/identity_uri') \
.with_value(params[:identity_uri]) }
it { is_expected.to contain_class('ceilometer::params') }
it { is_expected.to contain_package('ceilometer-polling').with(
:ensure => 'latest',
:name => 'ceilometer-polling',
) }
it { is_expected.to contain_service('ceilometer-polling').with(
:ensure => 'running',
:name => 'ceilometer-polling',
) }
end
context 'without custom ca file' do
let(:params) do
{
:debug => false,
:availability_zone_name => 'vcenter',
:vc_cluster => 'Cluster1',
:vc_host => '172.16.0.254',
:vc_user => 'administrator@vsphere.local',
:vc_password => 'Qwer!1234',
:vc_insecure => true,
:vc_ca_file => '',
:service_name => 'vmcluster1',
:identity_uri => 'http://172.16.1.4:5000',
:auth_user => 'ceilometer',
:auth_password => 'GCqFEGzzDHvQSVYBJsX4qGhO',
:tenant => 'services',
}
end
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_class('vmware::ssl').with(
:vc_insecure => params[:vc_insecure],
:vc_ca_file => params[:vc_ca_file],
:vc_ca_filepath => '/etc/ceilometer/vmware-ca.pem',
) }
it { is_expected.to contain_ceilometer_config('DEFAULT/default_log_levels') \
.with_value('amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,oslo.vmware=WARN') }
it { is_expected.to contain_ceilometer_config('DEFAULT/hypervisor_inspector') \
.with_value('vmware') }
it { is_expected.to contain_ceilometer_config('DEFAULT/host') \
.with_value("#{params[:availability_zone_name]}-#{params[:service_name]}") }
it { is_expected.to contain_ceilometer_config('vmware/host_ip') \
.with_value(params[:vc_host]) }
it { is_expected.to contain_ceilometer_config('vmware/host_username') \
.with_value(params[:vc_user]) }
it { is_expected.to contain_ceilometer_config('vmware/host_password') \
.with_value(params[:vc_password]) }
it { is_expected.to contain_ceilometer_config('vmware/ca_file') \
.with_value(nil) }
it { is_expected.to contain_ceilometer_config('vmware/insecure') \
.with_value(params[:vc_insecure]) }
it { is_expected.to contain_ceilometer_config('keystone_authtoken/admin_user') \
.with_value(params[:auth_user]) }
it { is_expected.to contain_ceilometer_config('keystone_authtoken/admin_password') \
.with_value(params[:auth_password]) }
it { is_expected.to contain_ceilometer_config('keystone_authtoken/admin_tenant_name') \
.with_value(params[:tenant]) }
it { is_expected.to contain_ceilometer_config('keystone_authtoken/identity_uri') \
.with_value(params[:identity_uri]) }
it { is_expected.to contain_class('ceilometer::params') }
it { is_expected.to contain_package('ceilometer-polling').with(
:ensure => 'latest',
:name => 'ceilometer-polling',
) }
it { is_expected.to contain_service('ceilometer-polling').with(
:ensure => 'running',
:name => 'ceilometer-polling',
) }
end
end
end
end

66
deployment/puppet/vmware/spec/classes/vmware_ceilometer_spec.rb Normal file
View File

@ -0,0 +1,66 @@
require 'spec_helper'
describe 'vmware::ceilometer' do
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) { facts }
context 'with custom ca file' do
let(:params) do
{
:vcenter_settings => {
'availability_zone_name' => 'vcenter', 'datastore_regex' => '.*',
'service_name' => 'srv_cluster1', 'target_node' => 'controllers',
'vc_cluster' => 'Cluster1', 'vc_host' => '172.16.0.145',
'vc_password' => 'vmware', 'vc_user' => 'root',
'vc_insecure' => 'false', 'vc_ca_file' => {
'content' => 'RSA', 'name' => 'vcenter-ca.pem'} },
:vcenter_user => 'user',
:vcenter_password => 'password',
:vcenter_host_ip => '10.10.10.10',
:vcenter_cluster => 'cluster',
:debug => true,
}
end
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_class('ceilometer::params') }
it { is_expected.to contain_package('ceilometer-agent-compute').with(
:ensure => 'present',
:name => 'ceilometer-agent-compute',
) }
end
context 'without custom ca file' do
let(:params) do
{
:vcenter_settings => {
'availability_zone_name' => 'vcenter', 'datastore_regex' => '.*',
'service_name' => 'srv_cluster1', 'target_node' => 'controllers',
'vc_cluster' => 'Cluster1', 'vc_host' => '172.16.0.145',
'vc_password' => 'vmware', 'vc_user' => 'root',
'vc_insecure' => 'true', 'vc_ca_file' => '' },
:vcenter_user => 'user',
:vcenter_password => 'password',
:vcenter_host_ip => '10.10.10.10',
:vcenter_cluster => 'cluster',
:debug => true,
}
end
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_class('ceilometer::params') }
it { is_expected.to contain_package('ceilometer-agent-compute').with(
:ensure => 'present',
:name => 'ceilometer-agent-compute',
) }
end
end
end
end

118
deployment/puppet/vmware/spec/classes/vmware_controller_spec.rb Normal file
View File

@ -0,0 +1,118 @@
require 'spec_helper'
describe 'vmware::controller' do
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) { facts }
context 'with custom ca file' do
let(:params) do
{
:vcenter_settings => {
'availability_zone_name' => 'vcenter', 'datastore_regex' => '.*',
'service_name' => 'srv_cluster1', 'target_node' => 'controllers',
'vc_cluster' => 'Cluster1', 'vc_host' => '172.16.0.145',
'vc_password' => 'vmware', 'vc_user' => 'root',
'vc_insecure' => 'false', 'vc_ca_file' => {
'content' => 'RSA', 'name' => 'vcenter-ca.pem'} },
:vcenter_user => 'user',
:vcenter_password => 'password',
:vcenter_host_ip => '10.10.10.10',
:vlan_interface => '',
:use_quantum => true,
:vncproxy_protocol => 'https',
:vncproxy_host => '172.16.0.4',
:vncproxy_port => '',
}
end
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_class('nova::params') }
it { is_expected.to contain_package('nova-compute').with(
:ensure => 'present',
:name => 'nova-compute',
).that_comes_before('Service[nova-compute]') }
it { is_expected.to contain_service('nova-compute').with(
:ensure => 'stopped',
:name => 'nova-compute',
) }
it { is_expected.to contain_class('vmware::network').with(
:use_quantum => params[:use_quantum],
) }
it { is_expected.to contain_nova_config('DEFAULT/enabled_apis') \
.with_value('ec2,osapi_compute,metadata') }
it { is_expected.to contain_nova_config('vnc/novncproxy_base_url') \
.with_value("#{params[:vncproxy_protocol]}://#{params[:vncproxy_host]}:#{params[:vncproxy_port]}/vnc_auto.html") }
it { is_expected.to contain_package('cirros-testvmware').with(
:ensure => 'present',
) }
it { is_expected.to contain_package('python-suds').with(
:ensure => 'present',
) }
end
context 'without custom ca file' do
let(:params) do
{
:vcenter_settings => {
'availability_zone_name' => 'vcenter', 'datastore_regex' => '.*',
'service_name' => 'srv_cluster1', 'target_node' => 'controllers',
'vc_cluster' => 'Cluster1', 'vc_host' => '172.16.0.145',
'vc_password' => 'vmware', 'vc_user' => 'root',
'vc_insecure' => 'true', 'vc_ca_file' => '' },
:vcenter_user => 'user',
:vcenter_password => 'password',
:vcenter_host_ip => '10.10.10.10',
:vlan_interface => '',
:use_quantum => true,
:vncproxy_protocol => 'https',
:vncproxy_host => '172.16.0.4',
:vncproxy_port => '',
}
end
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_class('nova::params') }
it { is_expected.to contain_package('nova-compute').with(
:ensure => 'present',
:name => 'nova-compute',
).that_comes_before('Service[nova-compute]') }
it { is_expected.to contain_service('nova-compute').with(
:ensure => 'stopped',
:name => 'nova-compute',
) }
it { is_expected.to contain_class('vmware::network').with(
:use_quantum => params[:use_quantum],
) }
it { is_expected.to contain_nova_config('DEFAULT/enabled_apis') \
.with_value('ec2,osapi_compute,metadata') }
it { is_expected.to contain_nova_config('vnc/novncproxy_base_url') \
.with_value("#{params[:vncproxy_protocol]}://#{params[:vncproxy_host]}:#{params[:vncproxy_port]}/vnc_auto.html") }
it { is_expected.to contain_package('cirros-testvmware').with(
:ensure => 'present',
) }
it { is_expected.to contain_package('python-suds').with(
:ensure => 'present',
) }
end
end
end
end

84
deployment/puppet/vmware/spec/classes/vmware_spec.rb Normal file
View File

@ -0,0 +1,84 @@
require 'spec_helper'
describe 'vmware' do
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) { facts }
context 'with default parameters' do
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_class('vmware::controller').with(
:vcenter_settings => nil,
:vcenter_user => 'user',
:vcenter_password => 'password',
:vcenter_host_ip => '10.10.10.10',
:vlan_interface => nil,
:use_quantum => true,
:vncproxy_protocol => 'http',
:vncproxy_host => nil,
:vncproxy_port => '6080',
) }
end
context 'with custom parameters' do
let(:params) do
{
:vcenter_settings => {
'availability_zone_name' => 'vcenter', 'datastore_regex' => '.*',
'service_name' => 'srv_cluster1', 'target_node' => 'controllers',
'vc_cluster' => 'Cluster1', 'vc_host' => '172.16.0.145',
'vc_password' => 'vmware', 'vc_user' => 'root',
'vc_insecure' => 'false', 'vc_ca_file' => {
'content' => 'RSA', 'name' => 'vcenter-ca.pem'} },
:vcenter_user => 'user',
:vcenter_password => 'password',
:vcenter_host_ip => '10.10.10.10',
:vcenter_cluster => 'cluster',
:vlan_interface => '',
:use_quantum => true,
:vncproxy_protocol => 'https',
:vncproxy_host => '172.16.0.4',
:nova_hash => {
'db_password' => 'JoF3Wti3kn2Hm2RaD12SVvbI',
'enable_hugepages' => false, 'state_path' => '/var/lib/nova',
'user_password' => 'tEHRJ4biwyk4Z1JOempJVnXp',
'vncproxy_protocol' => 'http', 'nova_rate_limits' => {
'POST' => '100000', 'POST_SERVERS' => '100000', 'PUT' => '1000',
'GET' => '100000', 'DELETE' => '100000' },
'nova_report_interval' => '60', 'nova_service_down_time' => '180',
'num_networks' => nil, 'network_size' => nil, 'network_manager' => nil },
:ceilometer => true,
:debug => true,
}
end
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_class('vmware::controller').with(
:vcenter_settings => params[:vcenter_settings],
:vcenter_user => params[:vcenter_user],
:vcenter_password => params[:vcenter_password],
:vcenter_host_ip => params[:vcenter_host_ip],
:vlan_interface => params[:vlan_interface],
:use_quantum => params[:use_quantum],
:vncproxy_protocol => params[:vncproxy_protocol],
:vncproxy_host => params[:vncproxy_host],
:vncproxy_port => '6080',
) }
it { is_expected.to contain_class('vmware::ceilometer').with(
:vcenter_settings => params[:vcenter_settings],
:vcenter_user => params[:vcenter_user],
:vcenter_password => params[:vcenter_password],
:vcenter_host_ip => params[:vcenter_host_ip],
:vcenter_cluster => params[:vcenter_cluster],
:debug => params[:debug],
) }
end
end
end
end

38
deployment/puppet/vmware/spec/classes/vmware_ssl_spec.rb Normal file
View File

@ -0,0 +1,38 @@
require 'spec_helper'
describe 'vmware::ssl' do
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) { facts }
context 'with default parameters' do
it { is_expected.to compile.with_all_deps }
end
context 'with custom parameters' do
let(:params) do
{
:vc_insecure => false,
:vc_ca_file => {
'content' => 'RSA',
'name' => 'vcenter-ca.pem' },
:vc_ca_filepath => '/etc/nova/vmware-ca.pem',
}
end
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_file(params[:vc_ca_filepath]).with(
:ensure => 'file',
:content => 'RSA',
:mode => '0644',
:owner => 'root',
:group => 'root',
) }
end
end
end
end

316
deployment/puppet/vmware/spec/defines/vmware_ceilometer_ha_spec.rb
View File

@ -1,45 +1,301 @@
require 'spec_helper'
describe 'vmware::ceilometer::ha' do
describe 'vmware::ceilometer::ha', type: :define do
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) { facts }
xit { is_expected.to compile.with_all_deps }
context 'with custom ca file' do
let(:params) do
{
:availability_zone_name => 'vcenter',
:service_name => 'srv_cluster1',
:target_node => 'controllers',
:default_log_levels => 'amqp=DEBUG,amqplib=DEBUG,boto=WARN',
:vc_cluster => 'Cluster1',
:vc_host => '172.16.0.254',
:vc_password => 'Qwer!1234',
:vc_user => 'administrator@vsphere.local',
:vc_insecure => false,
:vc_ca_file => {
'content' => 'RSA',
'name' => 'vcenter-ca.pem' },
}
end
let(:params) do
{
:availability_zone_name => 'vCenter',
:vc_cluster => 'prod-cluster',
:vc_host => '10.10.0.1',
:vc_user => 'admin@vsphere.local',
:vc_password => 'pass',
:service_name => 'prod'
}
let(:title) { '0' }
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_vmware__ceilometer__ha('0') }
it { is_expected.to contain_file('/etc/ceilometer/ceilometer-compute.d').with(
:ensure => 'directory',
:owner => 'ceilometer',
:group => 'ceilometer',
:mode => '0750',
).that_comes_before('File[/etc/ceilometer/ceilometer-compute.d/vmware-vcenter_srv_cluster1.conf]') }
it { is_expected.to contain_file('/etc/ceilometer/ceilometer-compute.d/vmware-vcenter_srv_cluster1-ca.pem').with(
:ensure => 'file',
:content => 'RSA',
:mode => '0644',
:owner => 'root',
:group => 'root',
) }
it do
content = <<-eof
[DEFAULT]
# Name of this node, which must be valid in an AMQP key. Can be an opaque
# identifier. For ZeroMQ only, must be a valid host name, FQDN, or IP address.
#host=localhost
host=vcenter-srv_cluster1
# Inspector to use for inspecting the hypervisor layer. Known inspectors are
# libvirt, hyperv, vmware, xenapi and powervm.
#hypervisor_inspector=libvirt
hypervisor_inspector=vmware
# List of package logging levels in logger=LEVEL pairs. This option is ignored
# if log_config_append is set.
#default_log_levels=amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN,
#sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN,
#requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN,
#websocket=WARN, requests.packages.urllib3.util.retry=WARN,
#urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN,
#stevedore=WARN, taskflow=WARN, keystoneauth=WARN, oslo.cache=INFO,
#dogpile.core.dogpile=INFO
default_log_levels=amqp=DEBUG,amqplib=DEBUG,boto=WARN
# Name of log file to send logging output to. If no default is set, logging will
# go to stderr as defined by use_stderr. This option is ignored if
# log_config_append is set.
#log_file=None
log_file=ceilometer-agent-compute-vmware-vcenter-srv_cluster1.log
[vmware]
# Number of times a VMware vSphere API may be retried.
#api_retry_count=10
api_retry_count=5
# CA bundle file to use in verifying the vCenter server certificate.
#ca_file=None
ca_file=/etc/ceilometer/ceilometer-compute.d/vmware-vcenter_srv_cluster1-ca.pem
# IP address of the VMware vSphere host.
#host_ip=
host_ip=172.16.0.254
# Password of VMware vSphere.
#host_password=
host_password=Qwer!1234
# Port of the VMware vSphere host.
#host_port=443
# Username of VMware vSphere.
#host_username=
host_username=administrator@vsphere.local
# If true, the vCenter server certificate is not verified. If false, then the
# default CA truststore is used for verification. This option is ignored if
# “ca_file” is set.
#insecure=False
insecure=false
# Sleep time in seconds for polling an ongoing async task.
#task_poll_interval=0.5
task_poll_interval=5.0
# Optional vim service WSDL location e.g http://<server>/vimService.wsdl.
# Optional over-ride to default location for bug work-arounds.
#wsdl_location=None
eof
parameters = {
:ensure => 'present',
:mode => '0600',
:owner => 'ceilometer',
:group => 'ceilometer',
:content => content,
}
is_expected.to contain_file('/etc/ceilometer/ceilometer-compute.d/vmware-vcenter_srv_cluster1.conf') \
.with(parameters).that_comes_before('Pcmk_resource[p_ceilometer_agent_compute_vmware_vcenter_srv_cluster1]')
end
it { is_expected.to contain_pcmk_resource('p_ceilometer_agent_compute_vmware_vcenter_srv_cluster1').with(
:primitive_class => 'ocf',
:primitive_provider => 'fuel',
:primitive_type => 'ceilometer-agent-compute',
:metadata => {
'target-role' => 'stopped',
'resource-stickiness' => '1' },
:parameters => {
'amqp_server_port' => '5673',
'config' => '/etc/ceilometer/ceilometer.conf',
'pid' => '/var/run/ceilometer/ceilometer-agent-compute-vcenter_srv_cluster1.pid',
'user' => 'ceilometer',
'additional_parameters' => '--config-file=/etc/ceilometer/ceilometer-compute.d/vmware-vcenter_srv_cluster1.conf', },
:operations => {
'monitor' => {
'timeout' => '20',
'interval' => '30', },
'start' => {
'timeout' => '360', },
'stop' => {
'timeout' => '360', } },
).that_comes_before('Service[p_ceilometer_agent_compute_vmware_vcenter_srv_cluster1]') }
it { is_expected.to contain_service('p_ceilometer_agent_compute_vmware_vcenter_srv_cluster1').with(
:ensure => 'running',
:enable => true,
) }
end
xit 'must create /etc/ceilometer/ceilometer-compute.d directory' do
should contain_file('/etc/ceilometer/ceilometer-compute.d').with({
'ensure' => 'directory',
'owner' => 'ceilometer',
'group' => 'ceilometer',
'mode' => '0750'
})
end
context 'without custom ca file' do
let(:params) do
{
:availability_zone_name => 'vcenter',
:service_name => 'srv_cluster2',
:target_node => 'controllers',
:default_log_levels => 'amqp=DEBUG,amqplib=DEBUG,boto=WARN',
:vc_cluster => 'Cluster2',
:vc_host => '172.16.0.254',
:vc_password => 'Qwer!1234',
:vc_user => 'administrator@vsphere.local',
:vc_insecure => true,
:vc_ca_file => '',
}
end
xit 'should create service p_ceilometer_agent_compute_vmware_vCenter_prod' do
should contain_pcmk_resource('p_ceilometer_agent_compute_vmware_vCenter_prod').with({
'primitive_class' => 'ocf',
'primitive_provider' => 'fuel',
})
end
let(:title) { '1' }
xit 'should create service p_ceilometer_agent_compute_vmware_vCenter_prod' do
should contain_service('p_ceilometer_agent_compute_vmware_vCenter_prod')
end
it { is_expected.to compile.with_all_deps }
xit 'should apply configuration file before corosync resource' do
should contain_file('/etc/ceilometer/ceilometer-compute.d/vmware-vCenter_prod.conf').that_comes_before('Pcmk_resource[p_ceilometer_agent_compute_vmware_vCenter_prod]')
it { is_expected.to contain_vmware__ceilometer__ha('1') }
it { is_expected.to contain_file('/etc/ceilometer/ceilometer-compute.d').with(
:ensure => 'directory',
:owner => 'ceilometer',
:group => 'ceilometer',
:mode => '0750',
).that_comes_before('File[/etc/ceilometer/ceilometer-compute.d/vmware-vcenter_srv_cluster2.conf]') }
it do
content = <<-eof
[DEFAULT]
# Name of this node, which must be valid in an AMQP key. Can be an opaque
# identifier. For ZeroMQ only, must be a valid host name, FQDN, or IP address.
#host=localhost
host=vcenter-srv_cluster2
# Inspector to use for inspecting the hypervisor layer. Known inspectors are
# libvirt, hyperv, vmware, xenapi and powervm.
#hypervisor_inspector=libvirt
hypervisor_inspector=vmware
# List of package logging levels in logger=LEVEL pairs. This option is ignored
# if log_config_append is set.
#default_log_levels=amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN,
#sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN,
#requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN,
#websocket=WARN, requests.packages.urllib3.util.retry=WARN,
#urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN,
#stevedore=WARN, taskflow=WARN, keystoneauth=WARN, oslo.cache=INFO,
#dogpile.core.dogpile=INFO
default_log_levels=amqp=DEBUG,amqplib=DEBUG,boto=WARN
# Name of log file to send logging output to. If no default is set, logging will
# go to stderr as defined by use_stderr. This option is ignored if
# log_config_append is set.
#log_file=None
log_file=ceilometer-agent-compute-vmware-vcenter-srv_cluster2.log
[vmware]
# Number of times a VMware vSphere API may be retried.
#api_retry_count=10
api_retry_count=5
# CA bundle file to use in verifying the vCenter server certificate.
#ca_file=None
# IP address of the VMware vSphere host.
#host_ip=
host_ip=172.16.0.254
# Password of VMware vSphere.
#host_password=
host_password=Qwer!1234
# Port of the VMware vSphere host.
#host_port=443
# Username of VMware vSphere.
#host_username=
host_username=administrator@vsphere.local
# If true, the vCenter server certificate is not verified. If false, then the
# default CA truststore is used for verification. This option is ignored if
# “ca_file” is set.
#insecure=False
insecure=true
# Sleep time in seconds for polling an ongoing async task.
#task_poll_interval=0.5
task_poll_interval=5.0
# Optional vim service WSDL location e.g http://<server>/vimService.wsdl.
# Optional over-ride to default location for bug work-arounds.
#wsdl_location=None
eof
parameters = {
:ensure => 'present',
:mode => '0600',
:owner => 'ceilometer',
:group => 'ceilometer',
:content => content,
}
is_expected.to contain_file('/etc/ceilometer/ceilometer-compute.d/vmware-vcenter_srv_cluster2.conf') \
.with(parameters).that_comes_before('Pcmk_resource[p_ceilometer_agent_compute_vmware_vcenter_srv_cluster2]')
end
it { is_expected.to contain_pcmk_resource('p_ceilometer_agent_compute_vmware_vcenter_srv_cluster2').with(
:primitive_class => 'ocf',
:primitive_provider => 'fuel',
:primitive_type => 'ceilometer-agent-compute',
:metadata => {
'target-role' => 'stopped',
'resource-stickiness' => '1' },
:parameters => {
'amqp_server_port' => '5673',
'config' => '/etc/ceilometer/ceilometer.conf',
'pid' => '/var/run/ceilometer/ceilometer-agent-compute-vcenter_srv_cluster2.pid',
'user' => 'ceilometer',
'additional_parameters' => '--config-file=/etc/ceilometer/ceilometer-compute.d/vmware-vcenter_srv_cluster2.conf', },
:operations => {
'monitor' => {
'timeout' => '20',
'interval' => '30', },
'start' => {
'timeout' => '360', },
'stop' => {
'timeout' => '360', } },
).that_comes_before('Service[p_ceilometer_agent_compute_vmware_vcenter_srv_cluster2]') }
it { is_expected.to contain_service('p_ceilometer_agent_compute_vmware_vcenter_srv_cluster2').with(
:ensure => 'running',
:enable => true,
) }
end
end

155
deployment/puppet/vmware/spec/defines/vmware_cinder_vmdk_spec.rb
View File

@ -5,6 +5,32 @@ describe 'vmware::cinder::vmdk', type: :define do
context "on #{os}" do
let(:facts) { facts }
let(:p_param) do
case facts[:osfamily]
when 'Debian'
{
:service => 'cinder-volume',
:file_perm => '0644',
:src_init => 'cinder-volume-vmware.conf',
:dst_init => '/etc/init',
:volume_def => '/etc/default/cinder-volume-vmware',
:opts => "CINDER_VOLUME_OPTS='--config-file=/etc/cinder/cinder.d/vmware",
:conf => '.conf'
}
when 'RedHat'
{
:service => 'openstack-cinder-volume',
:file_perm => '0755',
:src_init => 'openstack-cinder-volume-vmware',
:dst_init => '/etc/init.d',
:volume_def => '/etc/sysconfig/openstack-cinder-volume-vmware',
:opts => "OPTIONS='--config-file=/etc/cinder/cinder.d/vmware",
:conf => ''
}
end
end
context 'with default parameters' do
let(:title) do
'non-nova'
@ -14,9 +40,14 @@ describe 'vmware::cinder::vmdk', type: :define do
it { is_expected.to contain_vmware__cinder__vmdk('non-nova') }
it { is_expected.to contain_file('/etc/cinder/cinder.d') }
it { is_expected.to contain_class('cinder::params') }
it { is_expected.to contain_service('cinder_volume_vmware') }
it { is_expected.to contain_file('/etc/cinder/cinder.d').with(
:ensure => 'directory',
:owner => 'cinder',
:group => 'cinder',
:mode => '0750',
).that_comes_before('File[/etc/cinder/cinder.d/vmware-non-nova.conf]') }
it do
content = <<-eof
@ -88,7 +119,6 @@ vmware_host_username=user
# value)
#vmware_host_version = <None>
# Timeout in seconds for VMDK volume transfer between Cinder and Glance.
# (integer value)
#vmware_image_transfer_timeout_secs = 7200
@ -98,7 +128,7 @@ vmware_image_transfer_timeout_secs=7200
# default CA truststore is used for verification. This option is ignored if
# "vmware_ca_file" is set. (boolean value)
#vmware_insecure = false
vmware_insecure = True
vmware_insecure=true
# Max number of objects to be retrieved per batch. Query results will be
# obtained in batches from the server and not in one shot. Server may still
@ -129,25 +159,59 @@ vmware_volume_folder=cinder-volumes
eof
parameters = {
:ensure => 'present',
:mode => '0600',
:owner => 'cinder',
:group => 'cinder',
:content => content,
:ensure => 'present',
:mode => '0600',
:owner => 'cinder',
:group => 'cinder',
:content => content,
}
is_expected.to contain_file('/etc/cinder/cinder.d/vmware-non-nova.conf').with(parameters)
end
it { is_expected.to contain_service('cinder_volume_vmware').with(
:ensure => 'stopped',
:enable => false,
:name => "#{p_param[:service]}-vmware",
:hasstatus => true,
) }
it { is_expected.to contain_service('cinder_volume_vmware_non-nova').with(
:ensure => 'running',
:name => "#{p_param[:service]}-vmware-non-nova",
:enable => true,
) }
it { is_expected.to contain_file("#{p_param[:src_init]}").with(
:source => "puppet:///modules/vmware/#{p_param[:src_init]}",
:path => "#{p_param[:dst_init]}/#{p_param[:src_init]}",
:owner => 'root',
:group => 'root',
:mode => p_param[:file_perm],
).that_comes_before("File[#{p_param[:dst_init]}/#{p_param[:service]}-vmware-non-nova#{p_param[:conf]}]") }
it { is_expected.to contain_file("#{p_param[:volume_def]}-non-nova").with(
:ensure => 'present',
:content => "#{p_param[:opts]}-non-nova.conf'",
) }
it { is_expected.to contain_file("#{p_param[:dst_init]}/#{p_param[:service]}-vmware-non-nova#{p_param[:conf]}").with(
:ensure => 'link',
:target => "#{p_param[:dst_init]}/#{p_param[:service]}-vmware#{p_param[:conf]}",
).that_comes_before("File[#{p_param[:volume_def]}-non-nova]") }
end
context 'with custom parameters' do
let(:params) do
{
:availability_zone_name => 'vcenter',
:vc_host => '172.16.0.254',
:vc_password => 'Qwer!1234',
:vc_user => 'administrator@vsphere.local',
:debug => false,
:availability_zone_name => 'vcenter',
:vc_insecure => false,
:vc_ca_file => {
'content' => 'RSA',
'name' => 'vcenter-ca.pem' },
:vc_host => '172.16.0.254',
:vc_password => 'Qwer!1234',
:vc_user => 'administrator@vsphere.local',
:debug => true,
}
end
@ -159,9 +223,22 @@ vmware_volume_folder=cinder-volumes
it { is_expected.to contain_vmware__cinder__vmdk('vcenter') }
it { is_expected.to contain_file('/etc/cinder/cinder.d') }
it { is_expected.to contain_class('cinder::params') }
it { is_expected.to contain_service('cinder_volume_vmware') }
it { is_expected.to contain_file('/etc/cinder/cinder.d').with(
:ensure => 'directory',
:owner => 'cinder',
:group => 'cinder',
:mode => '0750',
).that_comes_before('File[/etc/cinder/cinder.d/vmware-vcenter.conf]') }
it { is_expected.to contain_file('/etc/cinder/cinder.d/vmware-vcenter-ca.pem').with(
:ensure => 'file',
:content => 'RSA',
:mode => '0644',
:owner => 'root',
:group => 'root',
) }
it do
content = <<-eof
@ -185,7 +262,7 @@ default_availability_zone=vcenter-cinder
# If set to true, the logging level will be set to DEBUG instead of the default
# INFO level. (boolean value)
#debug = false
debug=false
debug=true
[VMwareVcVmdk-backend]
@ -210,6 +287,7 @@ vmware_api_retry_count=10
# CA bundle file to use in verifying the vCenter server certificate. (string
# value)
#vmware_ca_file = <None>
vmware_ca_file=/etc/cinder/cinder.d/vmware-vcenter-ca.pem
# Name of a vCenter compute cluster where volumes should be created. (multi
# valued)
@ -233,7 +311,6 @@ vmware_host_username=administrator@vsphere.local
# value)
#vmware_host_version = <None>
# Timeout in seconds for VMDK volume transfer between Cinder and Glance.
# (integer value)
#vmware_image_transfer_timeout_secs = 7200
@ -243,7 +320,7 @@ vmware_image_transfer_timeout_secs=7200
# default CA truststore is used for verification. This option is ignored if
# "vmware_ca_file" is set. (boolean value)
#vmware_insecure = false
vmware_insecure = True
vmware_insecure=false
# Max number of objects to be retrieved per batch. Query results will be
# obtained in batches from the server and not in one shot. Server may still
@ -274,15 +351,45 @@ vmware_volume_folder=cinder-volumes
eof
parameters = {
:ensure => 'present',
:mode => '0600',
:owner => 'cinder',
:group => 'cinder',
:content => content,
:ensure => 'present',
:mode => '0600',
:owner => 'cinder',
:group => 'cinder',
:content => content,
}
is_expected.to contain_file('/etc/cinder/cinder.d/vmware-vcenter.conf').with(parameters)
end
it { is_expected.to contain_service('cinder_volume_vmware').with(
:ensure => 'stopped',
:enable => false,
:name => "#{p_param[:service]}-vmware",
:hasstatus => true,
) }
it { is_expected.to contain_service('cinder_volume_vmware_vcenter').with(
:ensure => 'running',
:name => "#{p_param[:service]}-vmware-vcenter",
:enable => true,
) }
it { is_expected.to contain_file("#{p_param[:src_init]}").with(
:source => "puppet:///modules/vmware/#{p_param[:src_init]}",
:path => "#{p_param[:dst_init]}/#{p_param[:src_init]}",
:owner => 'root',
:group => 'root',
:mode => p_param[:file_perm],
).that_comes_before("File[#{p_param[:dst_init]}/#{p_param[:service]}-vmware-vcenter#{p_param[:conf]}]") }
it { is_expected.to contain_file("#{p_param[:volume_def]}-vcenter").with(
:ensure => 'present',
:content => "#{p_param[:opts]}-vcenter.conf'",
) }
it { is_expected.to contain_file("#{p_param[:dst_init]}/#{p_param[:service]}-vmware-vcenter#{p_param[:conf]}").with(
:ensure => 'link',
:target => "#{p_param[:dst_init]}/#{p_param[:service]}-vmware#{p_param[:conf]}",
).that_comes_before("File[#{p_param[:volume_def]}-vcenter]") }
end
end

436
deployment/puppet/vmware/spec/defines/vmware_compute_ha_spec.rb
View File

@ -1,45 +1,423 @@
require 'spec_helper'
describe 'vmware::compute::ha' do
describe 'vmware::compute::ha', type: :define do
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) { facts }
xit { is_expected.to compile.with_all_deps }
context 'with custom ca file' do
let(:params) do
{
:availability_zone_name => 'vcenter',
:vc_cluster => 'Cluster1',
:vc_host => '172.16.0.254',
:vc_user => 'administrator@vsphere.local',
:vc_password => 'Qwer!1234',
:service_name => 'srv_cluster1',
:target_node => 'controllers',
:vc_insecure => false,
:vc_ca_file => {
'content' => 'RSA',
'name' => 'vcenter-ca.pem' },
:datastore_regex => '.*',
}
end
let(:title) { '0' }
let(:title) { '0' }
let(:params) { {
:availability_zone_name => 'vCenter',
:vc_cluster => 'prod-cluster',
:vc_host => '10.10.0.1',
:vc_user => 'admin@vsphere.local',
:vc_password => 'pass',
:service_name => 'prod'
} }
it { is_expected.to compile.with_all_deps }
xit 'must create /etc/nova/nova-compute.d directory' do
should contain_file('/etc/nova/nova-compute.d').with({
'ensure' => 'directory',
'owner' => 'nova',
'group' => 'nova',
'mode' => '0750'
})
it { is_expected.to contain_vmware__compute__ha('0') }
it { is_expected.to contain_file('/etc/nova/nova-compute.d').with(
:ensure => 'directory',
:owner => 'nova',
:group => 'nova',
:mode => '0750',
).that_comes_before('File[/etc/nova/nova-compute.d/vmware-vcenter_srv_cluster1.conf]') }
it { is_expected.to contain_file('/etc/nova/nova-compute.d/vmware-vcenter_srv_cluster1-ca.pem').with(
:ensure => 'file',
:content => 'RSA',
:mode => '0644',
:owner => 'root',
:group => 'root',
) }
it do
content = <<-eof
[DEFAULT]
# Driver to use for controlling virtualization.
# Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver,
# ironic.IronicDriver, vmwareapi.VMwareVCDriver, hyperv.HyperVDriver
#compute_driver=None
compute_driver=vmwareapi.VMwareVCDriver
# Name of log file to output to. If no default is set, logging will go to
# stdout. This option is ignored if log_config_append is set.
#log_file=None
log_file=nova-compute-vmware-vcenter-srv_cluster1.log
# Name of this node. This can be an opaque identifier. It is not necessarily a
# hostname, FQDN, or IP address. However, the node name must be valid within an
# AMQP key, and if using ZeroMQ, a valid hostname, FQDN, or IP address.
#host=localhost
host=vcenter-srv_cluster1
# Amount of memory in MB to reserve for the host.
#reserved_host_memory_mb=512
reserved_host_memory_mb = 0
# Force injection to take place on a config drive.
#force_config_drive = False
force_config_drive=False
[vmware]
# The number of times we retry on failures, e.g., socket error, etc.
#api_retry_count=10
api_retry_count=5
# Specify a CA bundle file to use in verifying the vCenter server certificate.
#ca_file=None
ca_file=/etc/nova/nova-compute.d/vmware-vcenter_srv_cluster1-ca.pem
# The prefix for where cached images are stored. This is NOT the full path -
# just a folder prefix. This should only be used when a datastore cache should
# be shared between compute nodes. Note: this should only be used when the
# compute nodes have a shared file system.
#cache_prefix=None
cache_prefix=$host
# Name of a VMware Cluster ComputeResource.
#cluster_name=None
cluster_name=Cluster1
# Set this value if affected by an increased network latency causing repeated
# characters when typing in a remote console.
#console_delay_seconds=None
# Regex to match the name of a datastore.
#datastore_regex=None
datastore_regex=.*
# Hostname or IP address for connection to VMware vCenter host.
#host_ip=None
host_ip=172.16.0.254
# Password for connection to VMware vCenter host.
#host_password=None
host_password=Qwer!1234
# Port for connection to VMware vCenter host.
#host_port = 443
# Username for connection to VMware vCenter host.
#host_username=None
host_username=administrator@vsphere.local
# If true, the vCenter server certificate is not verified. If false, then the
# default CA truststore is used for verification. This option is ignored if
# “ca_file” is set.
#insecure = False
insecure=false
# This option should be configured only when using the NSX-MH Neutron plugin.
# This is the name of the integration bridge on the ESXi. This should not be set
# for any other Neutron plugin. Hence the default value is not set.
#integration_bridge=None
# The maximum number of ObjectContent data objects that should be returned in a
# single result. A positive value will cause the operation to suspend the
# retrieval when the count of objects reaches the specified maximum. The server
# may still limit the count to something less than the configured value. Any
# remaining objects may be retrieved with additional requests.
#maximum_objects = 100
maximum_objects=100
# The PBM default policy. If pbm_wsdl_location is set and there is no defined
# storage policy for the specific request then this policy will be used.
#pbm_default_policy=None
# The PBM status.
#pbm_enabled=False
# PBM service WSDL file location URL.
# e.g. file:///opt/SDK/spbm/wsdl/pbmService.wsdl Not setting this will disable
# storage policy based placement of instances.
#pbm_wsdl_location=None
# Identifies a proxy service that provides network access to the
# serial_port_service_uri. This option is ignored if serial_port_service_uri is
# not specified.
#serial_port_proxy_uri=None
# Identifies the remote system that serial port traffic will be sent to. If this
# is not set, no serial ports will be added to the created VMs.
#serial_port_service_uri=None
# The interval used for polling of remote tasks.
#task_poll_interval=0.5
task_poll_interval=5.0
# Whether to use linked clone
#use_linked_clone=True
use_linked_clone=true
# Optional VIM Service WSDL Location e.g http://<server>/vimService.wsdl.
# Optional over-ride to default location for bug work-arounds.
#wsdl_location=None
# Physical ethernet adapter name for vlan networking
#vlan_interface=vmnic0
# VNC starting port.
#vnc_port=5900
# Total number of VNC ports
#vnc_port_total=10000
eof
parameters = {
:ensure => 'present',
:mode => '0600',
:owner => 'nova',
:group => 'nova',
:content => content,
}
is_expected.to contain_file('/etc/nova/nova-compute.d/vmware-vcenter_srv_cluster1.conf') \
.with(parameters).that_comes_before('Pcmk_resource[p_nova_compute_vmware_vcenter-srv_cluster1]')
end
it { is_expected.to contain_pcmk_resource('p_nova_compute_vmware_vcenter-srv_cluster1').with(
:primitive_class => 'ocf',
:primitive_provider => 'fuel',
:primitive_type => 'nova-compute',
:metadata => {
'resource-stickiness' => '1' },
:parameters => {
'amqp_server_port' => '5673',
'config' => '/etc/nova/nova.conf',
'pid' => '/var/run/nova/nova-compute-vcenter-srv_cluster1.pid',
'additional_parameters' => '--config-file=/etc/nova/nova-compute.d/vmware-vcenter_srv_cluster1.conf', },
:operations => {
'monitor' => {
'timeout' => '10',
'interval' => '20', },
'start' => {
'timeout' => '30', },
'stop' => {
'timeout' => '30', } },
).that_comes_before('Service[p_nova_compute_vmware_vcenter-srv_cluster1]') }
it { is_expected.to contain_service('p_nova_compute_vmware_vcenter-srv_cluster1').with(
:ensure => 'running',
:enable => true,
) }
end
xit 'should create service p_nova_compute_vmware_vCenter-prod' do
should contain_pcmk_resource('p_nova_compute_vmware_vCenter-prod').with({
'primitive_class' => 'ocf',
'primitive_provider' => 'fuel',
})
end
context 'without custom ca file' do
let(:params) do
{
:availability_zone_name => 'vcenter',
:vc_cluster => 'Cluster2',
:vc_host => '172.16.0.254',
:vc_user => 'administrator@vsphere.local',
:vc_password => 'Qwer!1234',
:service_name => 'srv_cluster2',
:target_node => 'controllers',
:vc_insecure => true,
:vc_ca_file => '',
:datastore_regex => '.*',
}
end
xit 'should create service p_nova_compute_vmware_vCenter-prod' do
should contain_service('p_nova_compute_vmware_vCenter-prod')
end
let(:title) { '1' }
xit 'should apply configuration file before corosync resource' do
should contain_file('/etc/nova/nova-compute.d/vmware-vCenter_prod.conf').that_comes_before('Pcmk_resource[p_nova_compute_vmware_vCenter-prod]')
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_vmware__compute__ha('1') }
it { is_expected.to contain_file('/etc/nova/nova-compute.d').with(
:ensure => 'directory',
:owner => 'nova',
:group => 'nova',
:mode => '0750',
).that_comes_before('File[/etc/nova/nova-compute.d/vmware-vcenter_srv_cluster2.conf]') }
it do
content = <<-eof
[DEFAULT]
# Driver to use for controlling virtualization.
# Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver,
# ironic.IronicDriver, vmwareapi.VMwareVCDriver, hyperv.HyperVDriver
#compute_driver=None
compute_driver=vmwareapi.VMwareVCDriver
# Name of log file to output to. If no default is set, logging will go to
# stdout. This option is ignored if log_config_append is set.
#log_file=None
log_file=nova-compute-vmware-vcenter-srv_cluster2.log
# Name of this node. This can be an opaque identifier. It is not necessarily a
# hostname, FQDN, or IP address. However, the node name must be valid within an
# AMQP key, and if using ZeroMQ, a valid hostname, FQDN, or IP address.
#host=localhost
host=vcenter-srv_cluster2
# Amount of memory in MB to reserve for the host.
#reserved_host_memory_mb=512
reserved_host_memory_mb = 0
# Force injection to take place on a config drive.
#force_config_drive = False
force_config_drive=False
[vmware]
# The number of times we retry on failures, e.g., socket error, etc.
#api_retry_count=10
api_retry_count=5
# Specify a CA bundle file to use in verifying the vCenter server certificate.
#ca_file=None
# The prefix for where cached images are stored. This is NOT the full path -
# just a folder prefix. This should only be used when a datastore cache should
# be shared between compute nodes. Note: this should only be used when the
# compute nodes have a shared file system.
#cache_prefix=None
cache_prefix=$host
# Name of a VMware Cluster ComputeResource.
#cluster_name=None
cluster_name=Cluster2
# Set this value if affected by an increased network latency causing repeated
# characters when typing in a remote console.
#console_delay_seconds=None
# Regex to match the name of a datastore.
#datastore_regex=None
datastore_regex=.*
# Hostname or IP address for connection to VMware vCenter host.
#host_ip=None
host_ip=172.16.0.254
# Password for connection to VMware vCenter host.
#host_password=None
host_password=Qwer!1234
# Port for connection to VMware vCenter host.
#host_port = 443
# Username for connection to VMware vCenter host.
#host_username=None
host_username=administrator@vsphere.local
# If true, the vCenter server certificate is not verified. If false, then the
# default CA truststore is used for verification. This option is ignored if
# “ca_file” is set.
#insecure = False
insecure=true
# This option should be configured only when using the NSX-MH Neutron plugin.
# This is the name of the integration bridge on the ESXi. This should not be set
# for any other Neutron plugin. Hence the default value is not set.
#integration_bridge=None
# The maximum number of ObjectContent data objects that should be returned in a
# single result. A positive value will cause the operation to suspend the
# retrieval when the count of objects reaches the specified maximum. The server
# may still limit the count to something less than the configured value. Any
# remaining objects may be retrieved with additional requests.
#maximum_objects = 100
maximum_objects=100
# The PBM default policy. If pbm_wsdl_location is set and there is no defined
# storage policy for the specific request then this policy will be used.
#pbm_default_policy=None
# The PBM status.
#pbm_enabled=False
# PBM service WSDL file location URL.
# e.g. file:///opt/SDK/spbm/wsdl/pbmService.wsdl Not setting this will disable
# storage policy based placement of instances.
#pbm_wsdl_location=None
# Identifies a proxy service that provides network access to the
# serial_port_service_uri. This option is ignored if serial_port_service_uri is
# not specified.
#serial_port_proxy_uri=None
# Identifies the remote system that serial port traffic will be sent to. If this
# is not set, no serial ports will be added to the created VMs.
#serial_port_service_uri=None
# The interval used for polling of remote tasks.
#task_poll_interval=0.5
task_poll_interval=5.0
# Whether to use linked clone
#use_linked_clone=True
use_linked_clone=true
# Optional VIM Service WSDL Location e.g http://<server>/vimService.wsdl.
# Optional over-ride to default location for bug work-arounds.
#wsdl_location=None
# Physical ethernet adapter name for vlan networking
#vlan_interface=vmnic0
# VNC starting port.
#vnc_port=5900
# Total number of VNC ports
#vnc_port_total=10000
eof
parameters = {
:ensure => 'present',
:mode => '0600',
:owner => 'nova',
:group => 'nova',
:content => content,
}
is_expected.to contain_file('/etc/nova/nova-compute.d/vmware-vcenter_srv_cluster2.conf') \
.with(parameters).that_comes_before('Pcmk_resource[p_nova_compute_vmware_vcenter-srv_cluster2]')
end
it { is_expected.to contain_pcmk_resource('p_nova_compute_vmware_vcenter-srv_cluster2').with(
:primitive_class => 'ocf',
:primitive_provider => 'fuel',
:primitive_type => 'nova-compute',
:metadata => {
'resource-stickiness' => '1' },
:parameters => {
'amqp_server_port' => '5673',
'config' => '/etc/nova/nova.conf',
'pid' => '/var/run/nova/nova-compute-vcenter-srv_cluster2.pid',
'additional_parameters' => '--config-file=/etc/nova/nova-compute.d/vmware-vcenter_srv_cluster2.conf', },
:operations => {
'monitor' => {
'timeout' => '10',
'interval' => '20', },
'start' => {
'timeout' => '30', },
'stop' => {
'timeout' => '30', } },
).that_comes_before('Service[p_nova_compute_vmware_vcenter-srv_cluster2]') }
it { is_expected.to contain_service('p_nova_compute_vmware_vcenter-srv_cluster2').with(
:ensure => 'running',
:enable => true,
) }
end
end

398
deployment/puppet/vmware/spec/defines/vmware_compute_vmware_spec.rb Normal file
View File

@ -0,0 +1,398 @@
require 'spec_helper'
describe 'vmware::compute_vmware', type: :define do
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) { facts }
context 'with custom ca file' do
let(:params) do
{
:availability_zone_name => 'vcenter',
:vc_cluster => 'Cluster1',
:vc_host => '172.16.0.254',
:vc_user => 'administrator@vsphere.local',
:vc_password => 'Qwer!1234',
:service_name => 'srv_cluster1',
:current_node => 'node-2',
:target_node => 'node-2',
:vlan_interface => 'vmnic0',
:vc_insecure => false,
:vc_ca_file => {
'content' => 'RSA',
'name' => 'vcenter-ca.pem' },
:datastore_regex => '.*',
}
end
let(:title) { '0' }
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_vmware__compute_vmware('0') }
it { is_expected.to contain_class('nova::params') }
it { is_expected.to contain_file('/etc/nova/vmware-ca.pem').with(
:ensure => 'file',
:content => 'RSA',
:mode => '0644',
:owner => 'root',
:group => 'root',
) }
it do
content = <<-eof
[DEFAULT]
# Driver to use for controlling virtualization.
# Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver,
# ironic.IronicDriver, vmwareapi.VMwareVCDriver, hyperv.HyperVDriver
#compute_driver=None
compute_driver=vmwareapi.VMwareVCDriver
# Name of log file to output to. If no default is set, logging will go to
# stdout. This option is ignored if log_config_append is set.
#log_file=None
log_file=nova-compute-vmware-vcenter-srv_cluster1.log
# Name of this node. This can be an opaque identifier. It is not necessarily a
# hostname, FQDN, or IP address. However, the node name must be valid within an
# AMQP key, and if using ZeroMQ, a valid hostname, FQDN, or IP address.
#host=localhost
host=vcenter-srv_cluster1
# Amount of memory in MB to reserve for the host.
#reserved_host_memory_mb=512
reserved_host_memory_mb = 0
# Force injection to take place on a config drive.
#force_config_drive = False
force_config_drive=False
[vmware]
# The number of times we retry on failures, e.g., socket error, etc.
#api_retry_count=10
api_retry_count=5
# Specify a CA bundle file to use in verifying the vCenter server certificate.
#ca_file=None
ca_file=/etc/nova/vmware-ca.pem
# The prefix for where cached images are stored. This is NOT the full path -
# just a folder prefix. This should only be used when a datastore cache should
# be shared between compute nodes. Note: this should only be used when the
# compute nodes have a shared file system.
#cache_prefix=None
cache_prefix=$host
# Name of a VMware Cluster ComputeResource.
#cluster_name=None
cluster_name=Cluster1
# Set this value if affected by an increased network latency causing repeated
# characters when typing in a remote console.
#console_delay_seconds=None
# Regex to match the name of a datastore.
#datastore_regex=None
datastore_regex=.*
# Hostname or IP address for connection to VMware vCenter host.
#host_ip=None
host_ip=172.16.0.254
# Password for connection to VMware vCenter host.
#host_password=None
host_password=Qwer!1234
# Port for connection to VMware vCenter host.
#host_port = 443
# Username for connection to VMware vCenter host.
#host_username=None
host_username=administrator@vsphere.local
# If true, the vCenter server certificate is not verified. If false, then the
# default CA truststore is used for verification. This option is ignored if
# “ca_file” is set.
#insecure = False
insecure=false
# This option should be configured only when using the NSX-MH Neutron plugin.
# This is the name of the integration bridge on the ESXi. This should not be set
# for any other Neutron plugin. Hence the default value is not set.
#integration_bridge=None
# The maximum number of ObjectContent data objects that should be returned in a
# single result. A positive value will cause the operation to suspend the
# retrieval when the count of objects reaches the specified maximum. The server
# may still limit the count to something less than the configured value. Any
# remaining objects may be retrieved with additional requests.
#maximum_objects = 100
maximum_objects=100
# The PBM default policy. If pbm_wsdl_location is set and there is no defined
# storage policy for the specific request then this policy will be used.
#pbm_default_policy=None
# The PBM status.
#pbm_enabled=False
# PBM service WSDL file location URL.
# e.g. file:///opt/SDK/spbm/wsdl/pbmService.wsdl Not setting this will disable
# storage policy based placement of instances.
#pbm_wsdl_location=None
# Identifies a proxy service that provides network access to the
# serial_port_service_uri. This option is ignored if serial_port_service_uri is
# not specified.
#serial_port_proxy_uri=None
# Identifies the remote system that serial port traffic will be sent to. If this
# is not set, no serial ports will be added to the created VMs.
#serial_port_service_uri=None
# The interval used for polling of remote tasks.
#task_poll_interval=0.5
task_poll_interval=5.0
# Whether to use linked clone
#use_linked_clone=True
use_linked_clone=true
# Optional VIM Service WSDL Location e.g http://<server>/vimService.wsdl.
# Optional over-ride to default location for bug work-arounds.
#wsdl_location=None
# Physical ethernet adapter name for vlan networking
#vlan_interface=vmnic0
vlan_interface=vmnic0
# VNC starting port.
#vnc_port=5900
# Total number of VNC ports
#vnc_port_total=10000
eof
parameters = {
:ensure => 'present',
:mode => '0600',
:owner => 'nova',
:group => 'nova',
:content => content,
}
is_expected.to contain_file('/etc/nova/nova-compute.conf') \
.with(parameters).that_comes_before('Service[nova-compute]')
end
it { is_expected.to contain_package('nova-compute').with(
:ensure => 'installed',
:name => 'nova-compute',
).that_comes_before('File[/etc/nova/nova-compute.conf]') }
it { is_expected.to contain_package('python-oslo.vmware').with(
:ensure => 'installed',
).that_comes_before('Package[nova-compute]') }
it { is_expected.to contain_service('nova-compute').with(
:ensure => 'running',
:name => 'nova-compute',
:enable => false,
) }
end
context 'without custom ca file' do
let(:params) do
{
:availability_zone_name => 'vcenter',
:vc_cluster => 'Cluster2',
:vc_host => '172.16.0.254',
:vc_user => 'administrator@vsphere.local',
:vc_password => 'Qwer!1234',
:service_name => 'srv_cluster2',
:current_node => 'node-3',
:target_node => 'node-3',
:vlan_interface => '',
:vc_insecure => true,
:vc_ca_file => '',
:datastore_regex => '.*',
}
end
let(:title) { '1' }
it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_vmware__compute_vmware('1') }
it { is_expected.to contain_class('nova::params') }
it do
content = <<-eof
[DEFAULT]
# Driver to use for controlling virtualization.
# Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver,
# ironic.IronicDriver, vmwareapi.VMwareVCDriver, hyperv.HyperVDriver
#compute_driver=None
compute_driver=vmwareapi.VMwareVCDriver
# Name of log file to output to. If no default is set, logging will go to
# stdout. This option is ignored if log_config_append is set.
#log_file=None
log_file=nova-compute-vmware-vcenter-srv_cluster2.log
# Name of this node. This can be an opaque identifier. It is not necessarily a
# hostname, FQDN, or IP address. However, the node name must be valid within an
# AMQP key, and if using ZeroMQ, a valid hostname, FQDN, or IP address.
#host=localhost
host=vcenter-srv_cluster2
# Amount of memory in MB to reserve for the host.
#reserved_host_memory_mb=512
reserved_host_memory_mb = 0
# Force injection to take place on a config drive.
#force_config_drive = False
force_config_drive=False
[vmware]
# The number of times we retry on failures, e.g., socket error, etc.
#api_retry_count=10
api_retry_count=5
# Specify a CA bundle file to use in verifying the vCenter server certificate.
#ca_file=None
# The prefix for where cached images are stored. This is NOT the full path -
# just a folder prefix. This should only be used when a datastore cache should
# be shared between compute nodes. Note: this should only be used when the
# compute nodes have a shared file system.
#cache_prefix=None
cache_prefix=$host
# Name of a VMware Cluster ComputeResource.
#cluster_name=None
cluster_name=Cluster2
# Set this value if affected by an increased network latency causing repeated
# characters when typing in a remote console.
#console_delay_seconds=None
# Regex to match the name of a datastore.
#datastore_regex=None
datastore_regex=.*
# Hostname or IP address for connection to VMware vCenter host.
#host_ip=None
host_ip=172.16.0.254
# Password for connection to VMware vCenter host.
#host_password=None
host_password=Qwer!1234
# Port for connection to VMware vCenter host.
#host_port = 443
# Username for connection to VMware vCenter host.
#host_username=None
host_username=administrator@vsphere.local
# If true, the vCenter server certificate is not verified. If false, then the
# default CA truststore is used for verification. This option is ignored if
# “ca_file” is set.
#insecure = False
insecure=true
# This option should be configured only when using the NSX-MH Neutron plugin.
# This is the name of the integration bridge on the ESXi. This should not be set
# for any other Neutron plugin. Hence the default value is not set.
#integration_bridge=None
# The maximum number of ObjectContent data objects that should be returned in a
# single result. A positive value will cause the operation to suspend the
# retrieval when the count of objects reaches the specified maximum. The server
# may still limit the count to something less than the configured value. Any
# remaining objects may be retrieved with additional requests.
#maximum_objects = 100
maximum_objects=100
# The PBM default policy. If pbm_wsdl_location is set and there is no defined
# storage policy for the specific request then this policy will be used.
#pbm_default_policy=None
# The PBM status.
#pbm_enabled=False
# PBM service WSDL file location URL.
# e.g. file:///opt/SDK/spbm/wsdl/pbmService.wsdl Not setting this will disable
# storage policy based placement of instances.
#pbm_wsdl_location=None
# Identifies a proxy service that provides network access to the
# serial_port_service_uri. This option is ignored if serial_port_service_uri is
# not specified.
#serial_port_proxy_uri=None
# Identifies the remote system that serial port traffic will be sent to. If this
# is not set, no serial ports will be added to the created VMs.
#serial_port_service_uri=None
# The interval used for polling of remote tasks.
#task_poll_interval=0.5
task_poll_interval=5.0
# Whether to use linked clone
#use_linked_clone=True
use_linked_clone=true
# Optional VIM Service WSDL Location e.g http://<server>/vimService.wsdl.
# Optional over-ride to default location for bug work-arounds.
#wsdl_location=None
# Physical ethernet adapter name for vlan networking
#vlan_interface=vmnic0
# VNC starting port.
#vnc_port=5900
# Total number of VNC ports
#vnc_port_total=10000
eof
parameters = {
:ensure => 'present',
:mode => '0600',
:owner => 'nova',
:group => 'nova',
:content => content,
}
is_expected.to contain_file('/etc/nova/nova-compute.conf') \
.with(parameters).that_comes_before('Service[nova-compute]')
end
it { is_expected.to contain_package('nova-compute').with(
:ensure => 'installed',
:name => 'nova-compute',
).that_comes_before('File[/etc/nova/nova-compute.conf]') }
it { is_expected.to contain_package('python-oslo.vmware').with(
:ensure => 'installed',
).that_comes_before('Package[nova-compute]') }
it { is_expected.to contain_service('nova-compute').with(
:ensure => 'running',
:name => 'nova-compute',
:enable => false,
) }
end
end
end
end

4
deployment/puppet/vmware/spec/functions/vmware_index_spec.rb
View File

@ -1,4 +0,0 @@
require 'spec_helper'
describe 'vmware_index' do
end

5
deployment/puppet/vmware/spec/spec_helper.rb
View File

@ -2,3 +2,8 @@ require 'rubygems'
require 'puppetlabs_spec_helper/module_spec_helper'
require 'rspec-puppet-facts'
include RspecPuppetFacts
RSpec.configure do |c|
c.alias_it_should_behave_like_to :it_configures, 'configures'
c.alias_it_should_behave_like_to :it_raises, 'raises'
end

67
deployment/puppet/vmware/templates/ceilometer-compute.conf.erb
View File

@ -1,17 +1,74 @@
[DEFAULT]
# Name of this node, which must be valid in an AMQP key. Can be an opaque
# identifier. For ZeroMQ only, must be a valid host name, FQDN, or IP address.
#host=localhost
host=<%= @availability_zone_name %>-<%= @service_name %>
hypervisor_inspector=<%= scope.lookupvar('vmware::ceilometer::hypervisor_inspector') %>
default_log_levels=<%= scope.lookupvar('vmware::ceilometer::default_log_levels') %>
# Inspector to use for inspecting the hypervisor layer. Known inspectors are
# libvirt, hyperv, vmware, xenapi and powervm.
#hypervisor_inspector=libvirt
hypervisor_inspector=<%= @hypervisor_inspector %>
# List of package logging levels in logger=LEVEL pairs. This option is ignored
# if log_config_append is set.
#default_log_levels=amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN,
#sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN,
#requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN,
#websocket=WARN, requests.packages.urllib3.util.retry=WARN,
#urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN,
#stevedore=WARN, taskflow=WARN, keystoneauth=WARN, oslo.cache=INFO,
#dogpile.core.dogpile=INFO
default_log_levels=<%= @default_log_levels %>
# Name of log file to send logging output to. If no default is set, logging will
# go to stderr as defined by use_stderr. This option is ignored if
# log_config_append is set.
#log_file=None
log_file=ceilometer-agent-compute-vmware-<%= @availability_zone_name %>-<%= @service_name %>.log
force_config_drive=False
[vmware]
# Number of times a VMware vSphere API may be retried.
#api_retry_count=10
api_retry_count=<%= @api_retry_count %>
# CA bundle file to use in verifying the vCenter server certificate.
#ca_file=None
<% if @ceilometer_vcenter_ca_filepath and @ceilometer_vcenter_ca_filepath \
!= "<SERVICE DEFAULT>" and !@ceilometer_vcenter_ca_filepath.empty? -%>
ca_file=<%= @ceilometer_vcenter_ca_filepath %>
<% end -%>
# IP address of the VMware vSphere host.
#host_ip=
host_ip=<%= @vc_host %>
host_username=<%= @vc_user %>
# Password of VMware vSphere.
#host_password=
host_password=<%= @vc_password %>
api_retry_count=<%= @api_retry_count %>
# Port of the VMware vSphere host.
#host_port=443
# Username of VMware vSphere.
#host_username=
host_username=<%= @vc_user %>
# If true, the vCenter server certificate is not verified. If false, then the
# default CA truststore is used for verification. This option is ignored if
# “ca_file” is set.
#insecure=False
insecure=<%= @ceilometer_vcenter_insecure_real %>
# Sleep time in seconds for polling an ongoing async task.
#task_poll_interval=0.5
task_poll_interval=<%= @task_poll_interval %>
# Optional vim service WSDL location e.g http://<server>/vimService.wsdl.
# Optional over-ride to default location for bug work-arounds.
#wsdl_location=None
<% if @wsdl_location -%>
wsdl_location=<%= @wsdl_location %>
<% end -%>

9
deployment/puppet/vmware/templates/cinder-volume.conf.erb
View File

@ -25,7 +25,7 @@ debug=<%= @debug %>
# Backend override of host value. (string value)
# Deprecated group/name - [DEFAULT]/host
#backend_host = <None>
backend_host=<%= @index %>
backend_host=<%= @az_name %>
# The backend name for a given driver implementation (string value)
#volume_backend_name = <None>
@ -43,6 +43,10 @@ vmware_api_retry_count=<%= @vc_api_retry_count %>
# CA bundle file to use in verifying the vCenter server certificate. (string
# value)
#vmware_ca_file = <None>
<% if @cinder_vcenter_ca_filepath and @cinder_vcenter_ca_filepath \
!= "<SERVICE DEFAULT>" and !@cinder_vcenter_ca_filepath.empty? -%>
vmware_ca_file=<%= @cinder_vcenter_ca_filepath %>
<% end -%>
# Name of a vCenter compute cluster where volumes should be created. (multi
# valued)
@ -68,7 +72,6 @@ vmware_host_username=<%= @vc_user %>
<% if !@vc_host_version.empty? %>
vmware_host_version=<%= @vc_host_version %>
<% end %>
# Timeout in seconds for VMDK volume transfer between Cinder and Glance.
# (integer value)
#vmware_image_transfer_timeout_secs = 7200
@ -78,7 +81,7 @@ vmware_image_transfer_timeout_secs=<%= @vc_image_transfer_timeout_secs %>
# default CA truststore is used for verification. This option is ignored if
# "vmware_ca_file" is set. (boolean value)
#vmware_insecure = false
vmware_insecure = True
vmware_insecure=<%= @cinder_vcenter_insecure_real %>
# Max number of objects to be retrieved per batch. Query results will be
# obtained in batches from the server and not in one shot. Server may still

132
deployment/puppet/vmware/templates/nova-compute.conf.erb
View File

@ -1,31 +1,143 @@
[DEFAULT]
# Driver to use for controlling virtualization.
# Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver,
# ironic.IronicDriver, vmwareapi.VMwareVCDriver, hyperv.HyperVDriver
#compute_driver=None
compute_driver=vmwareapi.VMwareVCDriver
# Name of log file to output to. If no default is set, logging will go to
# stdout. This option is ignored if log_config_append is set.
#log_file=None
log_file=nova-compute-vmware-<%= @availability_zone_name %>-<%= @service_name %>.log
# Name of this node. This can be an opaque identifier. It is not necessarily a
# hostname, FQDN, or IP address. However, the node name must be valid within an
# AMQP key, and if using ZeroMQ, a valid hostname, FQDN, or IP address.
#host=localhost
host=<%= @availability_zone_name %>-<%= @service_name %>
# Amount of memory in MB to reserve for the host.
#reserved_host_memory_mb=512
reserved_host_memory_mb = 0
# Force injection to take place on a config drive.
#force_config_drive = False
force_config_drive=False
[vmware]
# The number of times we retry on failures, e.g., socket error, etc.
#api_retry_count=10
api_retry_count=<%= @api_retry_count %>
# Specify a CA bundle file to use in verifying the vCenter server certificate.
#ca_file=None
<% if @compute_vcenter_ca_filepath and @compute_vcenter_ca_filepath \
!= "<SERVICE DEFAULT>" and !@compute_vcenter_ca_filepath.empty? -%>
ca_file=<%= @compute_vcenter_ca_filepath %>
<% end -%>
# The prefix for where cached images are stored. This is NOT the full path -
# just a folder prefix. This should only be used when a datastore cache should
# be shared between compute nodes. Note: this should only be used when the
# compute nodes have a shared file system.
#cache_prefix=None
cache_prefix=$host
# Name of a VMware Cluster ComputeResource.
#cluster_name=None
cluster_name=<%= @vc_cluster %>
host_ip=<%= @vc_host %>
host_username=<%= @vc_user %>
host_password=<%= @vc_password %>
insecure=True
# Set this value if affected by an increased network latency causing repeated
# characters when typing in a remote console.
#console_delay_seconds=None
api_retry_count=<%= @api_retry_count %>
maximum_objects=<%= @maximum_objects %>
task_poll_interval=<%= @task_poll_interval %>
# Regex to match the name of a datastore.
#datastore_regex=None
<% if @datastore_regex and !@datastore_regex.empty? -%>
datastore_regex=<%= @datastore_regex %>
<% end -%>
<% if @vlan_interface and !@vlan_interface.empty? -%>
vlan_interface=<%= @vlan_interface %>
<% end -%>
# Hostname or IP address for connection to VMware vCenter host.
#host_ip=None
host_ip=<%= @vc_host %>
# Password for connection to VMware vCenter host.
#host_password=None
host_password=<%= @vc_password %>
# Port for connection to VMware vCenter host.
#host_port = 443
# Username for connection to VMware vCenter host.
#host_username=None
host_username=<%= @vc_user %>
# If true, the vCenter server certificate is not verified. If false, then the
# default CA truststore is used for verification. This option is ignored if
# “ca_file” is set.
#insecure = False
insecure=<%= @compute_vcenter_insecure_real %>
# This option should be configured only when using the NSX-MH Neutron plugin.
# This is the name of the integration bridge on the ESXi. This should not be set
# for any other Neutron plugin. Hence the default value is not set.
#integration_bridge=None
# The maximum number of ObjectContent data objects that should be returned in a
# single result. A positive value will cause the operation to suspend the
# retrieval when the count of objects reaches the specified maximum. The server
# may still limit the count to something less than the configured value. Any
# remaining objects may be retrieved with additional requests.
#maximum_objects = 100
maximum_objects=<%= @maximum_objects %>
# The PBM default policy. If pbm_wsdl_location is set and there is no defined
# storage policy for the specific request then this policy will be used.
#pbm_default_policy=None
# The PBM status.
#pbm_enabled=False
# PBM service WSDL file location URL.
# e.g. file:///opt/SDK/spbm/wsdl/pbmService.wsdl Not setting this will disable
# storage policy based placement of instances.
#pbm_wsdl_location=None
# Identifies a proxy service that provides network access to the
# serial_port_service_uri. This option is ignored if serial_port_service_uri is
# not specified.
#serial_port_proxy_uri=None
# Identifies the remote system that serial port traffic will be sent to. If this
# is not set, no serial ports will be added to the created VMs.
#serial_port_service_uri=None
# The interval used for polling of remote tasks.
#task_poll_interval=0.5
task_poll_interval=<%= @task_poll_interval %>
# Whether to use linked clone
#use_linked_clone=True
use_linked_clone=<%= @use_linked_clone %>
# Optional VIM Service WSDL Location e.g http://<server>/vimService.wsdl.
# Optional over-ride to default location for bug work-arounds.
#wsdl_location=None
<% if @wsdl_location -%>
wsdl_location=<%= @wsdl_location %>
<% end -%>
# Physical ethernet adapter name for vlan networking
#vlan_interface=vmnic0
<% if @vlan_interface and !@vlan_interface.empty? -%>
vlan_interface=<%= @vlan_interface %>
<% end -%>
# VNC starting port.
#vnc_port=5900
# Total number of VNC ports
#vnc_port_total=10000

5
deployment/puppet/vmware/templates/nova-network-ha.conf.erb
View File

@ -1,2 +1,7 @@
[DEFAULT]
# Name of this node. This can be an opaque identifier. It is not necessarily a
# hostname, FQDN, or IP address. However, the node name must be valid within an
# AMQP key, and if using ZeroMQ, a valid hostname, FQDN, or IP address.
#host=localhost
host=nova-network-ha

17
tests/noop/spec/hosts/glance/glance_spec.rb
View File

@ -49,6 +49,7 @@ describe manifest do
glance_vc_datacenter = Noop.hiera_structure 'glance/vc_datacenter', 'Datacenter'
glance_vc_datastore = Noop.hiera_structure 'glance/vc_datastore', 'nfs'
glance_vc_image_dir = Noop.hiera_structure 'glance/vc_image_dir'
glance_vc_insecure = Noop.hiera_structure 'glance/vc_insecure', 'false'
glance_vc_ca_file = Noop.hiera_structure 'glance/vc_ca_file', {'content' => 'RSA', 'name' => 'vcenter-ca.pem'}
let(:ssl_hash) { Noop.hiera_hash 'use_ssl', {} }
@ -202,9 +203,10 @@ describe manifest do
should contain_class('glance::backend::vsphere').with(:vcenter_user => glance_vc_user)
should contain_class('glance::backend::vsphere').with(:vcenter_password => glance_vc_password)
should contain_class('glance::backend::vsphere').with(:vcenter_datastores => "#{glance_vc_datacenter}:#{glance_vc_datastore}")
should contain_class('glance::backend::vsphere').with(:vcenter_insecure => glance_vc_insecure)
should contain_class('glance::backend::vsphere').with(:vcenter_image_dir => glance_vc_image_dir)
should contain_class('glance::backend::vsphere').with(:vcenter_api_retry_count => '20')
should contain_class('glance::backend::vsphere').with(:vcenter_ca_file => "/etc/glance/#{glance_vc_ca_file['name']}")
should contain_class('glance::backend::vsphere').with(:vcenter_ca_file => '/etc/glance/vcenter-ca.pem')
should contain_class('glance::backend::vsphere').with(:glare_enabled => true)
end
it 'should configure vmware_server_host setting' do
@ -223,6 +225,10 @@ describe manifest do
should contain_glance_api_config('glance_store/vmware_datastores').with_value("#{glance_vc_datacenter}:#{glance_vc_datastore}")
should contain_glance_glare_config('glance_store/vmware_datastores').with_value("#{glance_vc_datacenter}:#{glance_vc_datastore}")
end
it 'should configure vmware_insecure setting' do
should contain_glance_api_config('glance_store/vmware_insecure').with_value(glance_vc_insecure)
should contain_glance_glare_config('glance_store/vmware_insecure').with_value(glance_vc_insecure)
end
it 'should configure vmware_store_image_dir setting' do
should contain_glance_api_config('glance_store/vmware_store_image_dir').with_value(glance_vc_image_dir)
should contain_glance_glare_config('glance_store/vmware_store_image_dir').with_value(glance_vc_image_dir)
@ -231,13 +237,9 @@ describe manifest do
should contain_glance_api_config('glance_store/vmware_api_retry_count').with_value('20')
should contain_glance_glare_config('glance_store/vmware_api_retry_count').with_value('20')
end
it 'should configure vmware_insecure setting' do
should contain_glance_api_config('glance_store/vmware_insecure').with_value('True')
should contain_glance_glare_config('glance_store/vmware_insecure').with_value('True')
end
it 'should configure vmware_ca_file setting' do
should contain_glance_api_config('glance_store/vmware_ca_file').with_value("/etc/glance/#{glance_vc_ca_file['name']}")
should contain_glance_glare_config('glance_store/vmware_ca_file').with_value("/etc/glance/#{glance_vc_ca_file['name']}")
should contain_glance_api_config('glance_store/vmware_ca_file').with_value('/etc/glance/vcenter-ca.pem')
should contain_glance_glare_config('glance_store/vmware_ca_file').with_value('/etc/glance/vcenter-ca.pem')
end
it 'should configure default_store setting' do
should contain_glance_api_config('glance_store/default_store').with_value('vsphere')
@ -284,4 +286,3 @@ describe manifest do
test_ubuntu_and_centos manifest
end

2
tests/noop/spec/hosts/vmware/cinder-vmware_spec.rb
View File

@ -70,7 +70,7 @@ describe manifest do
%r{\n\s*vmware_image_transfer_timeout_secs=7200\n}
)
should contain_file('/etc/cinder/cinder.d/vmware-vcenter.conf').with_content(
%r{\n\s*vmware_insecure = True\n}
%r{\n\s*vmware_insecure=true\n}
)
should contain_file('/etc/cinder/cinder.d/vmware-vcenter.conf').with_content(
%r{\n\s*vmware_max_objects_retrieval=100\n}