openstack
/
fuel-library
Code Issues Proposed changes

Remove deprecated parameters 

Change-Id: I7f093413d2c2b258b25508419a0ab58a85f8778f
Closes-Bug: #1390099
This commit is contained in:
Alexey Deryugin 2016-06-30 18:02:19 +03:00
parent bc75c4d457
commit eb0ae0e597
32 changed files with 150 additions and 179 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
deployment/puppet/haproxy/manifests/balancermember.pp
View File

@ -95,7 +95,6 @@ define haproxy::balancermember (
$ports = undef,
$server_names = $::hostname,
$ipaddresses = $::ipaddress,
$ensure = 'present',
$order = '20',
$options = '',
$define_cookies = false,
@ -105,7 +104,6 @@ define haproxy::balancermember (
# Template uses $ipaddresses, $server_name, $ports, $option
concat::fragment { "${listening_service}_balancermember_${name}":
ensure => $ensure,
order => $use_include ? {
true => "01-${name}",
false => "${order}-${listening_service}-01-${name}",

2
deployment/puppet/haproxy/spec/defines/balancermember_spec.rb
View File

@ -35,14 +35,12 @@ describe 'haproxy::balancermember' do
:name => 'tyler',
:listening_service => 'croy',
:ports => '18140',
:ensure => 'absent'
}
end
it { should contain_concat__fragment('croy_balancermember_tyler').with(
'order' => '20-croy-01-tyler',
'target' => '/etc/haproxy/haproxy.cfg',
'ensure' => 'absent',
'content' => " server dero 1.1.1.1:18140 \n"
) }
end

10
deployment/puppet/l23network/manifests/l2/port.pp
View File

@ -130,9 +130,13 @@ define l23network::l2::port (
}
# Merge offloading data with rings rx/tx
$netrings_maximums = try_get_value($::netrings, "${port_name}/maximums")
if $netrings_maximums {
$ethtool_opts = deep_merge({ 'rings' => $netrings_maximums }, $ethtool)
if is_hash($::netrings) {
$netrings_maximums = dig($::netrings, [$port_name, 'maximums'])
if $netrings_maximums {
$ethtool_opts = deep_merge({ 'rings' => $netrings_maximums }, $ethtool)
} else {
$ethtool_opts = $ethtool
}
} else {
$ethtool_opts = $ethtool
}

2
deployment/puppet/openstack/lib/puppet/parser/functions/prepare_firewall_rules.rb
View File

@ -41,7 +41,7 @@ prepare_firewall_rules(['10.20.0.0/24','10.20.0.1']','020 ssh', 'accept',
# Add params only if nonempty
fw_rules[name]['action'] = action unless [nil, ''].include?(action)
fw_rules[name]['chain'] = chain unless [nil, ''].include?(chain)
fw_rules[name]['port'] = port unless [nil, ''].include?(port)
fw_rules[name]['dport'] = port unless [nil, ''].include?(port)
fw_rules[name]['proto'] = proto unless [nil, ''].include?(proto)
fw_rules[name]['source'] = source_net
end

2
deployment/puppet/openstack/spec/defines/firewall_multi_net_spec.rb
View File

@ -18,7 +18,7 @@ describe 'openstack::firewall::multi_net' do
it 'contains ssh firewall rule' do
should contain_firewall("020 ssh from 10.20.0.0/24").with(
:action => 'accept',
:port => '22',
:dport => '22',
:proto => 'tcp',
:source => '10.20.0.0/24',
)

4
deployment/puppet/openstack/spec/functions/prepare_firewall_rules__spec.rb
View File

@ -53,11 +53,11 @@ describe 'function to prepare hash of firewall rules for multiple networks' do
it 'should be able to prepare an ssh rule' do
result = {
'020 ssh from 10.0.0.0/24' => {'action' => 'accept',
'port' => '22',
'dport' => '22',
'proto' => 'tcp',
'source' => '10.0.0.0/24'},
'020 ssh from 10.0.1.0/24' => {'action' => 'accept',
'port' => '22',
'dport' => '22',
'proto' => 'tcp',
'source' => '10.0.1.0/24'},
}

2
deployment/puppet/openstack_tasks/manifests/aodh/aodh.pp
View File

@ -28,7 +28,6 @@ class openstack_tasks::aodh::aodh {
$tenant = pick($aodh_hash['tenant'], 'services')
$debug = pick($aodh_hash['debug'], hiera('debug', false))
$verbose = pick($aodh_hash['verbose'], hiera('verbose', true))
$database_vip = hiera('database_vip')
@ -97,7 +96,6 @@ class openstack_tasks::aodh::aodh {
class { '::aodh':
debug => $debug,
verbose => $verbose,
notification_topics => $notification_topics,
rpc_backend => $rpc_backend,
rabbit_userid => $rabbit_userid,

4
deployment/puppet/openstack_tasks/manifests/ceilometer/compute.pp
View File

@ -17,7 +17,6 @@ class openstack_tasks::ceilometer::compute {
'http_timeout' => '600',
'event_time_to_live' => '604800',
'metering_time_to_live' => '604800',
'alarm_history_time_to_live' => '604800',
}
$region = hiera('region', 'RegionOne')
@ -28,7 +27,6 @@ class openstack_tasks::ceilometer::compute {
$amqp_user = $rabbit_hash['user']
$kombu_compression = hiera('kombu_compression', $::os_service_default)
$ceilometer_metering_secret = $ceilometer_hash['metering_secret']
$verbose = pick($ceilometer_hash['verbose'], hiera('verbose', true))
$debug = pick($ceilometer_hash['debug'], hiera('debug', false))
$ssl_hash = hiera_hash('use_ssl', {})
@ -62,12 +60,10 @@ class openstack_tasks::ceilometer::compute {
http_timeout => $ceilometer_hash['http_timeout'],
event_time_to_live => $ceilometer_hash['event_time_to_live'],
metering_time_to_live => $ceilometer_hash['metering_time_to_live'],
alarm_history_time_to_live => $ceilometer_hash['alarm_history_time_to_live'],
rabbit_hosts => split(hiera('amqp_hosts',''), ','),
rabbit_userid => $amqp_user,
rabbit_password => $amqp_password,
metering_secret => $ceilometer_metering_secret,
verbose => $verbose,
debug => $debug,
use_syslog => $use_syslog,
use_stderr => $use_stderr,

4
deployment/puppet/openstack_tasks/manifests/ceilometer/controller.pp
View File

@ -10,11 +10,9 @@ class openstack_tasks::ceilometer::controller {
'http_timeout' => '600',
'event_time_to_live' => '604800',
'metering_time_to_live' => '604800',
'alarm_history_time_to_live' => '604800',
}
$ceilometer_hash = hiera_hash('ceilometer', $default_ceilometer_hash)
$verbose = pick($ceilometer_hash['verbose'], hiera('verbose', true))
$debug = pick($ceilometer_hash['debug'], hiera('debug', false))
$use_syslog = hiera('use_syslog', true)
$use_stderr = hiera('use_stderr', false)
@ -141,12 +139,10 @@ class openstack_tasks::ceilometer::controller {
http_timeout => $ceilometer_hash['http_timeout'],
event_time_to_live => $ceilometer_hash['event_time_to_live'],
metering_time_to_live => $ceilometer_hash['metering_time_to_live'],
alarm_history_time_to_live => $ceilometer_hash['alarm_history_time_to_live'],
rabbit_hosts => split(hiera('amqp_hosts',''), ','),
rabbit_userid => $amqp_user,
rabbit_password => $amqp_password,
metering_secret => $ceilometer_metering_secret,
verbose => $verbose,
debug => $debug,
use_syslog => $use_syslog,
use_stderr => $use_stderr,

6
deployment/puppet/openstack_tasks/manifests/glance/glance.pp
View File

@ -8,7 +8,6 @@ class openstack_tasks::glance::glance {
$glance_hash = hiera_hash('glance', {})
$glance_glare_hash = hiera_hash('glance_glare', {})
$verbose = pick($glance_hash['verbose'], hiera('verbose', true))
$debug = pick($glance_hash['debug'], hiera('debug', false))
$management_vip = hiera('management_vip')
$database_vip = hiera('database_vip')
@ -145,7 +144,6 @@ class openstack_tasks::glance::glance {
# Install and configure glance-api
class { '::glance::api':
verbose => $verbose,
debug => $debug,
bind_host => $api_bind_host,
auth_type => 'keystone',
@ -167,7 +165,7 @@ class openstack_tasks::glance::glance {
database_max_overflow => $max_overflow,
show_image_direct_url => $show_image_direct_url,
pipeline => $pipeline,
known_stores => $known_stores,
stores => $known_stores,
os_region_name => $region,
delayed_delete => false,
scrub_time => '43200',
@ -191,7 +189,6 @@ class openstack_tasks::glance::glance {
use_syslog => $use_syslog,
use_stderr => $use_stderr,
log_facility => $syslog_log_facility,
verbose => $verbose,
debug => $debug,
default_log_levels => hiera('default_log_levels'),
}
@ -232,7 +229,6 @@ class openstack_tasks::glance::glance {
# Install and configure glance-registry
class { '::glance::registry':
verbose => $verbose,
debug => $debug,
bind_host => $api_bind_host,
auth_uri => $auth_uri,

6
deployment/puppet/openstack_tasks/manifests/horizon/horizon.pp
View File

@ -36,12 +36,12 @@ class openstack_tasks::horizon::horizon {
# of the MOS package set. This should be contributed upstream and then we can
# use this as the default.
#if !$::os_package_type or $::os_package_type == 'debian' {
# $cache_backend = try_get_value($horizon_hash, 'cache_backend', 'horizon.backends.memcached.HorizonMemcached')
# $cache_backend = dig($horizon_hash, ['cache_backend'], 'horizon.backends.memcached.HorizonMemcached')
#} else {
# $cache_backend = try_get_value($horizon_hash, 'cache_backend', 'django.core.cache.backends.memcached.MemcachedCache')
# $cache_backend = dig($horizon_hash, ['cache_backend'], 'django.core.cache.backends.memcached.MemcachedCache')
#}
# Don't use custom backend until its code lands to MOS 9.0.
$cache_backend = try_get_value($horizon_hash, 'cache_backend', 'django.core.cache.backends.memcached.MemcachedCache')
$cache_backend = dig($horizon_hash, ['cache_backend'], 'django.core.cache.backends.memcached.MemcachedCache')
#Changing from internal addressing to public should resolve any security concerns about exposing 'internal' to public facing login.
#However, this should eventually be removed altogether from Horizon.

2
deployment/puppet/openstack_tasks/manifests/keystone/keystone.pp
View File

@ -13,7 +13,6 @@ class openstack_tasks::keystone::keystone {
prepare_network_config($network_scheme)
$keystone_hash = hiera_hash('keystone', {})
$verbose = pick($keystone_hash['verbose'], hiera('verbose', true))
$debug = pick($keystone_hash['debug'], hiera('debug', false))
$use_syslog = hiera('use_syslog', true)
$use_stderr = hiera('use_stderr', false)
@ -296,7 +295,6 @@ class openstack_tasks::keystone::keystone {
if $enabled {
class { '::keystone':
enable_bootstrap => true,
verbose => $verbose,
debug => $debug,
catalog_type => 'sql',
admin_token => $admin_token,

2
deployment/puppet/openstack_tasks/manifests/openstack_cinder/openstack_cinder.pp
View File

@ -104,7 +104,6 @@ class openstack_tasks::openstack_cinder::openstack_cinder {
$iscsi_bind_host = get_network_role_property('cinder/iscsi', 'ipaddr')
$use_syslog = hiera('use_syslog', true)
$use_stderr = hiera('use_stderr', false)
$verbose = pick($cinder_hash['verbose'], hiera('verbose', true))
$debug = pick($cinder_hash['debug'], hiera('debug', true))
######### Cinder Controller Services ########
@ -145,7 +144,6 @@ class openstack_tasks::openstack_cinder::openstack_cinder {
rabbit_userid => $rabbit_hash['user'],
rabbit_password => $rabbit_hash['password'],
database_connection => $db_connection,
verbose => $verbose,
use_syslog => $use_syslog,
use_stderr => $use_stderr,
log_facility => hiera('syslog_log_facility_cinder', 'LOG_LOCAL3'),

5
deployment/puppet/openstack_tasks/manifests/openstack_network/agents/dhcp.pp
View File

@ -10,10 +10,11 @@ class openstack_tasks::openstack_network::agents::dhcp {
$debug = hiera('debug', true)
$resync_interval = '30'
$isolated_metadata = try_get_value($neutron_config, 'metadata/isolated_metadata', true)
$neutron_config = hiera_hash('neutron_config')
$isolated_metadata = dig($neutron_config, ['metadata', 'isolated_metadata'], true)
$neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { })
$ha_agent = try_get_value($neutron_advanced_config, 'dhcp_agent_ha', true)
$ha_agent = dig($neutron_advanced_config, ['dhcp_agent_ha'], true)
class { '::neutron::agents::dhcp':
debug => $debug,

14
deployment/puppet/openstack_tasks/manifests/openstack_network/agents/l3.pp
View File

@ -36,15 +36,15 @@ class openstack_tasks::openstack_network::agents::l3 {
prepare_network_config($network_scheme)
$ha_agent = try_get_value($neutron_advanced_config, 'l3_agent_ha', true)
$ha_agent = dig($neutron_advanced_config, ['l3_agent_ha'], true)
class { '::neutron::agents::l3':
debug => $debug,
metadata_port => $metadata_port,
external_network_bridge => ' ',
manage_service => true,
enabled => true,
agent_mode => $agent_mode,
debug => $debug,
metadata_port => $metadata_port,
external_network_bridge => ' ',
manage_service => true,
enabled => true,
agent_mode => $agent_mode,
}
if ($ha_agent) and !($compute) {

4
deployment/puppet/openstack_tasks/manifests/openstack_network/agents/metadata.pp
View File

@ -29,10 +29,10 @@ class openstack_tasks::openstack_network::agents::metadata {
if $controller or ($dvr and $compute) {
$debug = hiera('debug', true)
$ha_agent = try_get_value($neutron_advanced_config, 'metadata_agent_ha', true)
$ha_agent = dig($neutron_advanced_config, ['metadata_agent_ha'], true)
$service_endpoint = hiera('service_endpoint')
$management_vip = hiera('management_vip')
$shared_secret = try_get_value($neutron_config, 'metadata/metadata_proxy_shared_secret')
$shared_secret = dig($neutron_config, ['metadata', 'metadata_proxy_shared_secret'])
$nova_endpoint = hiera('nova_endpoint', $management_vip)
$nova_metadata_protocol = hiera('nova_metadata_protocol', 'http')
$ssl_hash = hiera_hash('use_ssl', {})

13
deployment/puppet/openstack_tasks/manifests/openstack_network/common_config.pp
View File

@ -47,7 +47,7 @@ class openstack_tasks::openstack_network::common_config {
$kombu_compression = hiera('kombu_compression', $::os_service_default)
$segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type')
$segmentation_type = dig($neutron_config, ['L2', 'segmentation_type'])
$nets = $neutron_config['predefined_networks']
@ -84,12 +84,11 @@ class openstack_tasks::openstack_network::common_config {
}
class { '::neutron::logging':
verbose => $verbose,
debug => $debug,
use_syslog => $use_syslog,
use_stderr => $use_stderr,
log_facility => $log_facility,
default_log_levels => $default_log_levels,
debug => $debug,
use_syslog => $use_syslog,
use_stderr => $use_stderr,
syslog_log_facility => $log_facility,
default_log_levels => $default_log_levels,
}
### SYSCTL ###

6
deployment/puppet/openstack_tasks/manifests/openstack_network/compute_nova.pp
View File

@ -13,9 +13,9 @@ class openstack_tasks::openstack_network::compute_nova {
$management_vip = hiera('management_vip')
$service_endpoint = hiera('service_endpoint', $management_vip)
$admin_password = try_get_value($neutron_config, 'keystone/admin_password')
$admin_tenant_name = try_get_value($neutron_config, 'keystone/admin_tenant', 'services')
$admin_username = try_get_value($neutron_config, 'keystone/admin_user', 'neutron')
$admin_password = dig($neutron_config, ['keystone', 'admin_password'])
$admin_tenant_name = dig($neutron_config, ['keystone', 'admin_tenant'], 'services')
$admin_username = dig($neutron_config, ['keystone', 'admin_user'], 'neutron')
$region_name = hiera('region', 'RegionOne')
$auth_api_version = 'v3'
$ssl_hash = hiera_hash('use_ssl', {})

60
deployment/puppet/openstack_tasks/manifests/openstack_network/networks.pp
View File

@ -5,43 +5,43 @@ class openstack_tasks::openstack_network::networks {
$access_hash = hiera_hash('access', {})
$keystone_admin_tenant = $access_hash['tenant']
$neutron_config = hiera_hash('neutron_config')
$floating_net = try_get_value($neutron_config, 'default_floating_net', 'net04_ext')
$private_net = try_get_value($neutron_config, 'default_private_net', 'net04')
$default_router = try_get_value($neutron_config, 'default_router', 'router04')
$segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type')
$floating_net = dig($neutron_config, ['default_floating_net'], 'net04_ext')
$private_net = dig($neutron_config, ['default_private_net'], 'net04')
$default_router = dig($neutron_config, ['default_router'], 'router04')
$segmentation_type = dig($neutron_config, ['L2', 'segmentation_type'])
$nets = $neutron_config['predefined_networks']
if $segmentation_type == 'vlan' {
$network_type = 'vlan'
$segmentation_id_range = split(try_get_value($neutron_config, 'L2/phys_nets/physnet2/vlan_range', ''), ':')
$segmentation_id_range = split(dig($neutron_config, ['L2', 'phys_nets', 'physnet2', 'vlan_range'], ''), ':')
} elsif $segmentation_type == 'gre' {
$network_type = 'gre'
$segmentation_id_range = split(try_get_value($neutron_config, 'L2/tunnel_id_ranges', ''), ':')
$segmentation_id_range = split(dig($neutron_config, ['L2', 'tunnel_id_ranges'], ''), ':')
} else {
$network_type = 'vxlan'
$segmentation_id_range = split(try_get_value($neutron_config, 'L2/tunnel_id_ranges', ''), ':')
$segmentation_id_range = split(dig($neutron_config, ['L2', 'tunnel_id_ranges'], ''), ':')
}
$fallback_segment_id = $segmentation_id_range[0]
$private_net_segment_id = try_get_value($nets, "${private_net}/L2/segment_id", $fallback_segment_id)
$private_net_physnet = try_get_value($nets, "${private_net}/L2/physnet", false)
$private_net_shared = try_get_value($nets, "${private_net}/shared", false)
$private_net_segment_id = dig($nets, [$private_net, 'L2', 'segment_id'], $fallback_segment_id)
$private_net_physnet = dig($nets, [$private_net, 'L2', 'physnet'], false)
$private_net_shared = dig($nets, [$private_net, 'shared'], false)
$private_net_router_external = false
$floating_net_type = try_get_value($nets, "${floating_net}/L2/network_type", 'local')
$floating_net_type = dig($nets, [$floating_net, 'L2', 'network_type'], 'local')
$floating_net_physnet = $floating_net_type ? {
'local' => false,
default => try_get_value($nets, "${floating_net}/L2/physnet", false),
default => dig($nets, [$floating_net, 'L2', 'physnet'], false),
}
$floating_net_router_external = try_get_value($nets, "${floating_net}/L2/router_ext")
$floating_net_floating_range = try_get_value($nets, "${floating_net}/L3/floating", '')
$floating_net_shared = try_get_value($nets, "${floating_net}/shared", false)
$floating_net_router_external = dig($nets, [$floating_net, 'L2', 'router_ext'])
$floating_net_floating_range = dig($nets, [$floating_net, 'L3', 'floating'], '')
$floating_net_shared = dig($nets, [$floating_net, 'shared'], false)
if !empty($floating_net_floating_range) {
$floating_cidr = try_get_value($nets, "${floating_net}/L3/subnet")
$floating_cidr = dig($nets, [$floating_net, 'L3', 'subnet'])
$floating_net_allocation_pool = format_allocation_pools($floating_net_floating_range, $floating_cidr)
}
$tenant_name = try_get_value($access_hash, 'tenant', 'admin')
$tenant_name = dig($access_hash, ['tenant'], 'admin')
neutron_network { $floating_net :
ensure => 'present',
@ -54,10 +54,10 @@ class openstack_tasks::openstack_network::networks {
neutron_subnet { "${floating_net}__subnet" :
ensure => 'present',
cidr => try_get_value($nets, "${floating_net}/L3/subnet"),
cidr => dig($nets, [$floating_net, 'L3', 'subnet']),
network_name => $floating_net,
tenant_name => $tenant_name,
gateway_ip => try_get_value($nets, "${floating_net}/L3/gateway"),
gateway_ip => dig($nets, [$floating_net, 'L3', 'gateway']),
enable_dhcp => false,
allocation_pools => $floating_net_allocation_pool,
}
@ -74,19 +74,19 @@ class openstack_tasks::openstack_network::networks {
neutron_subnet { "${private_net}__subnet" :
ensure => 'present',
cidr => try_get_value($nets, "${private_net}/L3/subnet"),
cidr => dig($nets, [$private_net, 'L3', 'subnet']),
network_name => $private_net,
tenant_name => $tenant_name,
gateway_ip => try_get_value($nets, "${private_net}/L3/gateway"),
gateway_ip => dig($nets, [$private_net, 'L3', 'gateway']),
enable_dhcp => true,
dns_nameservers => try_get_value($nets, "${private_net}/L3/nameservers"),
dns_nameservers => dig($nets, [$private_net, 'L3', 'nameservers']),
}
if has_key($nets, 'baremetal') {
$baremetal_physnet = try_get_value($nets, 'baremetal/L2/physnet', false)
$baremetal_segment_id = try_get_value($nets, 'baremetal/L2/segment_id')
$baremetal_router_external = try_get_value($nets, 'baremetal/L2/router_ext')
$baremetal_shared = try_get_value($nets, 'baremetal/shared', false)
$baremetal_physnet = dig($nets, ['baremetal', 'L2', 'physnet'], false)
$baremetal_segment_id = dig($nets, ['baremetal', 'L2', 'segment_id'])
$baremetal_router_external = dig($nets, ['baremetal', 'L2', 'router_ext'])
$baremetal_shared = dig($nets, ['baremetal', 'shared'], false)
neutron_network { 'baremetal' :
ensure => 'present',
@ -100,13 +100,13 @@ class openstack_tasks::openstack_network::networks {
neutron_subnet { 'baremetal__subnet' :
ensure => 'present',
cidr => try_get_value($nets, 'baremetal/L3/subnet'),
cidr => dig($nets, ['baremetal', 'L3', 'subnet']),
network_name => 'baremetal',
tenant_name => $tenant_name,
gateway_ip => try_get_value($nets, 'baremetal/L3/gateway'),
gateway_ip => dig($nets, ['baremetal', 'L3', 'gateway']),
enable_dhcp => true,
dns_nameservers => try_get_value($nets, 'baremetal/L3/nameservers'),
allocation_pools => format_allocation_pools(try_get_value($nets, 'baremetal/L3/floating')),
dns_nameservers => dig($nets, ['baremetal', 'L3', 'nameservers']),
allocation_pools => format_allocation_pools(dig($nets, ['baremetal', 'L3', 'floating'])),
}
}
}

8
deployment/puppet/openstack_tasks/manifests/openstack_network/plugins/ml2.pp
View File

@ -42,10 +42,10 @@ class openstack_tasks::openstack_network::plugins::ml2 {
prepare_network_config($network_scheme)
$neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { })
$l2_population = try_get_value($neutron_advanced_config, 'neutron_l2_pop', false)
$dvr = try_get_value($neutron_advanced_config, 'neutron_dvr', false)
$l2_population = dig($neutron_advanced_config, ['neutron_l2_pop'], false)
$dvr = dig($neutron_advanced_config, ['neutron_dvr'], false)
$enable_qos = pick($neutron_advanced_config['neutron_qos'], false)
$segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type')
$segmentation_type = dig($neutron_config, ['L2', 'segmentation_type'])
if $compute and ! $dvr {
$do_floating = false
@ -160,7 +160,7 @@ class openstack_tasks::openstack_network::plugins::ml2 {
refreshonly => true,
}
$ha_agent = try_get_value($neutron_advanced_config, 'l2_agent_ha', true)
$ha_agent = dig($neutron_advanced_config, ['l2_agent_ha'], true)
if $ha_agent {
#Exec<| title == 'waiting-for-neutron-api' |> ->
class { '::cluster::neutron::ovs' :

8
deployment/puppet/openstack_tasks/manifests/openstack_network/routers.pp
View File

@ -13,10 +13,10 @@ class openstack_tasks::openstack_network::routers {
$access_hash = hiera_hash('access', {})
$keystone_admin_tenant = pick($access_hash['tenant'], 'admin')
$neutron_config = hiera_hash('neutron_config')
$floating_net = try_get_value($neutron_config, 'default_floating_net', 'net04_ext')
$private_net = try_get_value($neutron_config, 'default_private_net', 'net04')
$default_router = try_get_value($neutron_config, 'default_router', 'router04')
$baremetal_router = try_get_value($neutron_config, 'baremetal_router', 'baremetal')
$floating_net = dig($neutron_config, ['default_floating_net'], 'net04_ext')
$private_net = dig($neutron_config, ['default_private_net'], 'net04')
$default_router = dig($neutron_config, ['default_router'], 'router04')
$baremetal_router = dig($neutron_config, ['baremetal_router'], 'baremetal')
$nets = $neutron_config['predefined_networks']
if ($l3_ha) and ($controllers_num < 2) {

21
deployment/puppet/openstack_tasks/manifests/openstack_network/server_config.pp
View File

@ -30,9 +30,9 @@ class openstack_tasks::openstack_network::server_config {
$db_type = 'mysql'
$db_password = $neutron_config['database']['passwd']
$db_user = try_get_value($neutron_config, 'database/user', 'neutron')
$db_name = try_get_value($neutron_config, 'database/name', 'neutron')
$db_host = try_get_value($neutron_config, 'database/host', $database_vip)
$db_user = dig($neutron_config, ['database', 'user'], 'neutron')
$db_name = dig($neutron_config, ['database', 'name'], 'neutron')
$db_host = dig($neutron_config, ['database', 'host'], $database_vip)
# LP#1526938 - python-mysqldb supports this, python-pymysql does not
if $::os_package_type == 'debian' {
$extra_params = { 'charset' => 'utf8', 'read_timeout' => 60 }
@ -72,20 +72,16 @@ class openstack_tasks::openstack_network::server_config {
$admin_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
$admin_auth_endpoint = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [$service_endpoint, $management_vip])
$nova_internal_protocol = get_ssl_property($ssl_hash, {}, 'nova', 'internal', 'protocol', 'http')
$nova_internal_endpoint = get_ssl_property($ssl_hash, {}, 'nova', 'internal', 'hostname', [$nova_endpoint])
$auth_api_version = 'v2.0'
$auth_uri = "${internal_auth_protocol}://${internal_auth_endpoint}:5000/"
$auth_url = "${internal_auth_protocol}://${internal_auth_endpoint}:35357/"
$nova_admin_auth_url = "${admin_auth_protocol}://${admin_auth_endpoint}:35357/"
$nova_url = "${nova_internal_protocol}://${nova_internal_endpoint}:8774/v2"
$workers_max = hiera('workers_max', 16)
$service_workers = pick($neutron_config['workers'], min(max($::processorcount, 1), $workers_max))
$neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { })
$l2_population = try_get_value($neutron_advanced_config, 'neutron_l2_pop', false)
$l2_population = dig($neutron_advanced_config, ['neutron_l2_pop'], false)
$dvr = pick($neutron_advanced_config['neutron_dvr'], false)
$l3_ha = pick($neutron_advanced_config['neutron_l3_ha'], false)
$l3agent_failover = $l3_ha ? { true => false, default => true}
@ -107,9 +103,9 @@ class openstack_tasks::openstack_network::server_config {
$default_mechanism_drivers = ['openvswitch']
$l2_population_mech_driver = $l2_population ? { true => ['l2population'], default => []}
$sriov_mech_driver = $use_sriov ? { true => ['sriovnicswitch'], default => []}
$mechanism_drivers = delete(try_get_value($neutron_config, 'L2/mechanism_drivers', concat($default_mechanism_drivers,$l2_population_mech_driver,$sriov_mech_driver)), '')
$mechanism_drivers = delete(dig($neutron_config, ['L2', 'mechanism_drivers'], concat($default_mechanism_drivers,$l2_population_mech_driver,$sriov_mech_driver)), '')
$flat_networks = ['*']
$segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type')
$segmentation_type = dig($neutron_config, ['L2', 'segmentation_type'])
$network_scheme = hiera_hash('network_scheme', {})
prepare_network_config($network_scheme)
@ -123,7 +119,7 @@ class openstack_tasks::openstack_network::server_config {
Class['::neutron::plugins::ml2'] -> Augeas['/etc/default/neutron-server:ml2_sriov_config']
}
$_path_mtu = try_get_value($neutron_config, 'L2/path_mtu', undef)
$_path_mtu = dig($neutron_config, ['L2', 'path_mtu'], undef)
if $segmentation_type == 'vlan' {
$net_role_property = 'neutron/private'
@ -150,7 +146,7 @@ class openstack_tasks::openstack_network::server_config {
$net_role_property = 'neutron/mesh'
$tunneling_ip = get_network_role_property($net_role_property, 'ipaddr')
$iface = get_network_role_property($net_role_property, 'phys_dev')
$tunnel_id_ranges = [try_get_value($neutron_config, 'L2/tunnel_id_ranges')]
$tunnel_id_ranges = [dig($neutron_config, ['L2', 'tunnel_id_ranges'])]
$physical_network_mtus = generate_physnet_mtus($neutron_config, $network_scheme, {
'do_floating' => $do_floating,
'do_tenant' => false,
@ -241,7 +237,6 @@ class openstack_tasks::openstack_network::server_config {
}
class { '::neutron::server::notifications':
nova_url => $nova_url,
auth_url => $nova_admin_auth_url,
username => $nova_auth_user,
project_name => $nova_auth_tenant,

6
deployment/puppet/openstack_tasks/manifests/openstack_network/server_nova.pp
View File

@ -6,9 +6,9 @@ class openstack_tasks::openstack_network::server_nova {
$management_vip = hiera('management_vip')
$service_endpoint = hiera('service_endpoint', $management_vip)
$neutron_endpoint = hiera('neutron_endpoint', $management_vip)
$admin_password = try_get_value($neutron_config, 'keystone/admin_password')
$admin_tenant_name = try_get_value($neutron_config, 'keystone/admin_tenant', 'services')
$admin_username = try_get_value($neutron_config, 'keystone/admin_user', 'neutron')
$admin_password = dig($neutron_config, ['keystone', 'admin_password'])
$admin_tenant_name = dig($neutron_config, ['keystone', 'admin_tenant'], 'services')
$admin_username = dig($neutron_config, ['keystone', 'admin_user'], 'neutron')
$region_name = hiera('region', 'RegionOne')
$auth_api_version = 'v3'
$ssl_hash = hiera_hash('use_ssl', {})

24
deployment/puppet/osnailyfacter/manifests/firewall/firewall.pp
View File

@ -200,7 +200,7 @@ class osnailyfacter::firewall::firewall {
}
firewall {'340 vxlan_udp_port':
port => $vxlan_udp_port,
dport => $vxlan_udp_port,
proto => 'udp',
action => 'accept',
}
@ -245,7 +245,7 @@ class osnailyfacter::firewall::firewall {
}
firewall { '100 http':
port => [$http_port, $https_port],
dport => [$http_port, $https_port],
proto => 'tcp',
action => 'accept',
}
@ -265,19 +265,19 @@ class osnailyfacter::firewall::firewall {
}
firewall {'103 swift':
port => [$swift_proxy_port, $swift_object_port, $swift_container_port, $swift_account_port, $swift_proxy_check_port],
dport => [$swift_proxy_port, $swift_object_port, $swift_container_port, $swift_account_port, $swift_proxy_check_port],
proto => 'tcp',
action => 'accept',
}
firewall {'104 glance':
port => [$glance_api_port, $glance_glare_port, $glance_reg_port, $glance_nova_api_ec2_port,],
dport => [$glance_api_port, $glance_glare_port, $glance_reg_port, $glance_nova_api_ec2_port,],
proto => 'tcp',
action => 'accept',
}
firewall {'105 nova':
port => [$nova_api_compute_port, $nova_api_volume_port, $nova_vncproxy_port],
dport => [$nova_api_compute_port, $nova_api_volume_port, $nova_vncproxy_port],
proto => 'tcp',
action => 'accept',
}
@ -339,7 +339,7 @@ class osnailyfacter::firewall::firewall {
}
firewall {'111 dhcp-server':
port => $dhcp_server_port,
dport => $dhcp_server_port,
proto => 'udp',
action => 'accept',
}
@ -373,13 +373,13 @@ class osnailyfacter::firewall::firewall {
}
firewall {'121 ceilometer':
port => $ceilometer_port,
dport => $ceilometer_port,
proto => 'tcp',
action => 'accept',
}
firewall {'122 aodh':
port => $aodh_port,
dport => $aodh_port,
proto => 'tcp',
action => 'accept',
}
@ -391,19 +391,19 @@ class osnailyfacter::firewall::firewall {
}
firewall {'204 heat-api':
port => $heat_api_port,
dport => $heat_api_port,
proto => 'tcp',
action => 'accept',
}
firewall {'205 heat-api-cfn':
port => $heat_api_cfn_port,
dport => $heat_api_cfn_port,
proto => 'tcp',
action => 'accept',
}
firewall {'206 heat-api-cloudwatch':
port => $heat_api_cloudwatch_port,
dport => $heat_api_cloudwatch_port,
proto => 'tcp',
action => 'accept',
}
@ -436,7 +436,7 @@ class osnailyfacter::firewall::firewall {
if member($roles, 'primary-mongo') or member($roles, 'mongo') {
firewall {'120 mongodb':
port => $mongodb_port,
dport => $mongodb_port,
proto => 'tcp',
action => 'accept',
}

14
deployment/puppet/osnailyfacter/manifests/globals/globals.pp
View File

@ -236,18 +236,16 @@ class osnailyfacter::globals::globals {
$vips = $network_metadata['vips']
# TODO(mpolenchuk): try_get_value() is deprecated,
# replace with dig() once stdlib 4.12 will be available
$public_vip = try_get_value($vips, 'public/ipaddr',
$public_vip = dig($vips, ['public', 'ipaddr'],
get_network_role_property('public/vip', 'ipaddr')
)
$management_vip = try_get_value($vips, 'management/ipaddr',
$management_vip = dig($vips, ['management', 'ipaddr'],
get_network_role_property('mgmt/vip', 'ipaddr')
)
$public_vrouter_vip = try_get_value($vips, 'vrouter_pub/ipaddr', undef)
$management_vrouter_vip = try_get_value($vips, 'vrouter/ipaddr', undef)
$database_vip = try_get_value($vips, 'database/ipaddr', $management_vip)
$service_endpoint = try_get_value($vips, 'service_endpoint/ipaddr', $management_vip)
$public_vrouter_vip = dig($vips, ['vrouter_pub', 'ipaddr'], undef)
$management_vrouter_vip = dig($vips, ['vrouter', 'ipaddr'], undef)
$database_vip = dig($vips, ['database', 'ipaddr'], $management_vip)
$service_endpoint = dig($vips, ['service_endpoint', 'ipaddr'], $management_vip)
$neutron_config = hiera_hash('quantum_settings')
$network_provider = 'neutron'

27
deployment/puppet/osnailyfacter/manifests/rabbitmq/rabbitmq.pp
View File

@ -183,22 +183,30 @@ class osnailyfacter::rabbitmq::rabbitmq {
Class['::rabbitmq::install'] -> Exec['epmd_daemon']
-> Rabbitmq_plugin<| |> -> Rabbitmq_exchange<| |>
rabbitmq_user { $rabbit_hash['user']:
admin => true,
password => $rabbit_hash['password'],
provider => 'rabbitmqctl',
}
rabbitmq_user_permissions { "${rabbit_hash['user']}@/":
configure_permission => '.*',
write_permission => '.*',
read_permission => '.*',
provider => 'rabbitmqctl',
}
rabbitmq_vhost { $virtual_host:
provider => 'rabbitmqctl',
}
if ($use_pacemaker) {
# Install rabbit-fence daemon
class { '::cluster::rabbitmq_fence':
enabled => $enabled,
require => Class['::rabbitmq']
}
}
class { '::nova::rabbitmq':
enabled => $enabled,
userid => $rabbit_hash['user'],
password => $rabbit_hash['password'],
require => Class['::rabbitmq'],
}
if ($use_pacemaker) {
class { '::cluster::rabbitmq_ocf':
command_timeout => $command_timeout,
debug => $debug,
@ -206,7 +214,6 @@ class osnailyfacter::rabbitmq::rabbitmq {
admin_user => $rabbit_hash['user'],
admin_pass => $rabbit_hash['password'],
host_ip => $rabbitmq_bind_ip_address,
before => Class['::nova::rabbitmq'],
enable_rpc_ha => $enable_rpc_ha,
enable_notifications_ha => $enable_notifications_ha,
fqdn_prefix => $fqdn_prefix,

12
deployment/puppet/osnailyfacter/manifests/ssl/ssl_dns_setup.pp
View File

@ -19,25 +19,25 @@ class osnailyfacter::ssl::ssl_dns_setup {
$public_vip = hiera('public_vip')
$management_vip = hiera('management_vip')
$public_hostname = try_get_value($ssl_hash, "${service}_public_hostname", '')
$internal_hostname = try_get_value($ssl_hash, "${service}_internal_hostname", '')
$admin_hostname = try_get_value($ssl_hash, "${service}_admin_hostname", $internal_hostname)
$public_hostname = dig($ssl_hash, ["${service}_public_hostname"], '')
$internal_hostname = dig($ssl_hash, ["${service}_internal_hostname"], '')
$admin_hostname = dig($ssl_hash, ["${service}_admin_hostname"], $internal_hostname)
$service_public_ip = try_get_value($ssl_hash, "${service}_public_ip", '')
$service_public_ip = dig($ssl_hash, ["${service}_public_ip"], '')
if !empty($service_public_ip) {
$public_ip = $service_public_ip
} else {
$public_ip = $public_vip
}
$service_internal_ip = try_get_value($ssl_hash, "${service}_internal_ip", '')
$service_internal_ip = dig($ssl_hash, ["${service}_internal_ip"], '')
if !empty($service_internal_ip) {
$internal_ip = $service_internal_ip
} else {
$internal_ip = $management_vip
}
$service_admin_ip = try_get_value($ssl_hash, "${service}_admin_ip", '')
$service_admin_ip = dig($ssl_hash, ["${service}_admin_ip"], '')
if !empty($service_admin_ip) {
$admin_ip = $service_admin_ip
} else {

20
deployment/puppet/osnailyfacter/manifests/ssl/ssl_keys_saving.pp
View File

@ -4,7 +4,7 @@ class osnailyfacter::ssl::ssl_keys_saving {
$public_ssl_hash = hiera_hash('public_ssl')
$ssl_hash = hiera_hash('use_ssl', {})
$pub_certificate_content = try_get_value($public_ssl_hash, 'cert_data/content', '')
$pub_certificate_content = dig($public_ssl_hash, ['cert_data', 'content'], '')
$base_path = '/etc/pki/tls/certs'
$pki_path = [ '/etc/pki', '/etc/pki/tls' ]
$astute_base_path = '/var/lib/astute/haproxy'
@ -28,15 +28,15 @@ class osnailyfacter::ssl::ssl_keys_saving {
){
$service = $name
$public_service = try_get_value($ssl_hash, "${service}_public", false)
$public_usercert = try_get_value($ssl_hash, "${service}_public_usercert", false)
$public_certdata = try_get_value($ssl_hash, "${service}_public_certdata/content", '')
$internal_service = try_get_value($ssl_hash, "${service}_internal", false)
$internal_usercert = try_get_value($ssl_hash, "${service}_internal_usercert", false)
$internal_certdata = try_get_value($ssl_hash, "${service}_internal_certdata/content", '')
$admin_service = try_get_value($ssl_hash, "${service}_admin", false)
$admin_usercert = try_get_value($ssl_hash, "${service}_admin_usercert", false)
$admin_certdata = try_get_value($ssl_hash, "${service}_admin_certdata/content", '')
$public_service = dig($ssl_hash, ["${service}_public"], false)
$public_usercert = dig($ssl_hash, ["${service}_public_usercert"], false)
$public_certdata = dig($ssl_hash, ["${service}_public_certdata", 'content'], '')
$internal_service = dig($ssl_hash, ["${service}_internal"], false)
$internal_usercert = dig($ssl_hash, ["${service}_internal_usercert"], false)
$internal_certdata = dig($ssl_hash, ["${service}_internal_certdata", 'content'], '')
$admin_service = dig($ssl_hash, ["${service}_admin"], false)
$admin_usercert = dig($ssl_hash, ["${service}_admin_usercert"], false)
$admin_certdata = dig($ssl_hash, ["${service}_admin_certdata", 'content'], '')
if $ssl_hash["${service}"] {
if $public_service and $public_usercert and !empty($public_certdata) {

22
tests/noop/spec/hosts/firewall/firewall_spec.rb
View File

@ -126,7 +126,7 @@ describe manifest do
it 'should accept connections to nova' do
should contain_firewall('105 nova').with(
'port' => [ 8774, 8776, 6080 ],
'dport' => [ 8774, 8776, 6080 ],
'proto' => 'tcp',
'action' => 'accept',
)
@ -135,7 +135,7 @@ describe manifest do
it 'should accept connections to nova without ssl' do
management_nets.each do |source|
should contain_firewall("105 nova internal - no ssl from #{source}").with(
'port' => [ 8775, '5900-6100' ],
'dport' => [ 8775, '5900-6100' ],
'proto' => 'tcp',
'action' => 'accept',
'source' => source,
@ -146,7 +146,7 @@ describe manifest do
it 'should accept connections to iscsi' do
storage_nets.each do |source|
should contain_firewall("109 iscsi from #{source}").with(
'port' => [ 3260 ],
'dport' => [ 3260 ],
'proto' => 'tcp',
'action' => 'accept',
'source' => source,
@ -164,17 +164,17 @@ describe manifest do
it 'should create rules for heat' do
should contain_firewall('204 heat-api').with(
'port' => [ 8004 ],
'dport' => [ 8004 ],
'proto' => 'tcp',
'action' => 'accept',
)
should contain_firewall('205 heat-api-cfn').with(
'port' => [ 8000 ],
'dport' => [ 8000 ],
'proto' => 'tcp',
'action' => 'accept',
)
should contain_firewall('206 heat-api-cloudwatch').with(
'port' => [ 8003 ],
'dport' => [ 8003 ],
'proto' => 'tcp',
'action' => 'accept',
)
@ -182,7 +182,7 @@ describe manifest do
it 'should create rules for glance' do
should contain_firewall('104 glance').with(
'port' => [ 9292, 9494, 9191, 8773 ],
'dport' => [ 9292, 9494, 9191, 8773 ],
'proto' => 'tcp',
'action' => 'accept',
)
@ -198,7 +198,7 @@ describe manifest do
it 'should accept connections to nova without ssl' do
management_nets.each do |source|
should contain_firewall("105 nova vnc from #{source}").with(
'port' => [ '5900-6100' ],
'dport' => [ '5900-6100' ],
'proto' => 'tcp',
'action' => 'accept',
'source' => source,
@ -209,7 +209,7 @@ describe manifest do
it 'should accept connections to libvirt' do
management_nets.each do |source|
should contain_firewall("118 libvirt from #{source}").with(
'port' => [ 16509 ],
'dport' => [ 16509 ],
'proto' => 'tcp',
'action' => 'accept',
'source' => source,
@ -220,7 +220,7 @@ describe manifest do
it 'should allow libvirt vm migration' do
management_nets.each do |source|
should contain_firewall("119 libvirt-migration from #{source}").with(
'port' => [ '49152-49215' ],
'dport' => [ '49152-49215' ],
'proto' => 'tcp',
'action' => 'accept',
'source' => source,
@ -229,7 +229,7 @@ describe manifest do
end
elsif Noop.puppet_function 'member', roles, 'primary-mongo' or Noop.puppet_function 'member', roles, 'mongo'
it 'should create firewall rules' do
should contain_firewall('120 mongodb').with('port' => mongodb_port)
should contain_firewall('120 mongodb').with('dport' => mongodb_port)
end
end

3
tests/noop/spec/hosts/openstack-network/common-config_spec.rb
View File

@ -50,9 +50,8 @@ describe manifest do
it { should contain_class('neutron::logging').with('use_syslog' => Noop.hiera('use_syslog', true))}
it { should contain_class('neutron::logging').with('use_stderr' => Noop.hiera('use_stderr', false))}
it { should contain_class('neutron::logging').with('log_facility' => Noop.hiera('syslog_log_facility_neutron', 'LOG_LOCAL4'))}
it { should contain_class('neutron::logging').with('syslog_log_facility' => Noop.hiera('syslog_log_facility_neutron', 'LOG_LOCAL4'))}
it { should contain_class('neutron::logging').with('default_log_levels' => Noop.hiera('default_log_levels'))}
it { should contain_class('neutron::logging').with('verbose' => Noop.hiera('verbose', true))}
it { should contain_class('neutron::logging').with('debug' => Noop.hiera('debug', true))}
it {

2
tests/noop/spec/hosts/openstack-network/server-config_spec.rb
View File

@ -116,7 +116,6 @@ describe manifest do
auth_url = "#{internal_auth_protocol}://#{internal_auth_endpoint}:35357/"
auth_uri = "#{internal_auth_protocol}://#{internal_auth_endpoint}:5000/"
nova_admin_auth_url = "#{admin_auth_protocol}://#{admin_auth_endpoint}:35357/"
nova_url = "#{nova_internal_protocol}://#{nova_internal_endpoint}:8774/v2"
workers_max = Noop.hiera('workers_max', '16')
@ -300,7 +299,6 @@ describe manifest do
it 'should configure neutron::server::notifications' do
should contain_class('neutron::server::notifications').with(
'nova_url' => nova_url,
'auth_url' => nova_admin_auth_url,
'region_name' => region_name,
'username' => nova_auth_user,

12
tests/noop/spec/hosts/rabbitmq/rabbitmq_spec.rb
View File

@ -145,18 +145,10 @@ describe manifest do
it 'should configure rabbit fence class' do
if use_pacemaker
should contain_class('cluster::rabbitmq_fence').with(
:enabled => enabled).that_requires('Class[rabbitmq]')
:enabled => enabled)
end
end
it 'should configure rabbit for nova' do
should contain_class('nova::rabbitmq').with(
:enabled => enabled,
:userid => rabbit_hash['user'],
:password => rabbit_hash['password'],
).that_requires('Class[rabbitmq]')
end
it 'should configure pacemaker RA' do
if use_pacemaker
should contain_class('cluster::rabbitmq_ocf').with(
@ -180,7 +172,7 @@ describe manifest do
:slave_mon_interval => rabbit_ocf[:slave_mon_interval],
:master_mon_interval => rabbit_ocf[:master_mon_interval],
:mon_interval => rabbit_ocf[:mon_interval],
).that_comes_before('Class[nova::rabbitmq]')
)
should contain_class('cluster::rabbitmq_ocf').that_requires(
'Class[rabbitmq::install]')
should contain_service_status('rabbitmq').that_requires('Service[rabbitmq-server]')