diff --git a/deployment/puppet/haproxy/manifests/balancermember.pp b/deployment/puppet/haproxy/manifests/balancermember.pp index 54a0f63388..d7fedacd04 100644 --- a/deployment/puppet/haproxy/manifests/balancermember.pp +++ b/deployment/puppet/haproxy/manifests/balancermember.pp @@ -95,7 +95,6 @@ define haproxy::balancermember ( $ports = undef, $server_names = $::hostname, $ipaddresses = $::ipaddress, - $ensure = 'present', $order = '20', $options = '', $define_cookies = false, @@ -105,7 +104,6 @@ define haproxy::balancermember ( # Template uses $ipaddresses, $server_name, $ports, $option concat::fragment { "${listening_service}_balancermember_${name}": - ensure => $ensure, order => $use_include ? { true => "01-${name}", false => "${order}-${listening_service}-01-${name}", diff --git a/deployment/puppet/haproxy/spec/defines/balancermember_spec.rb b/deployment/puppet/haproxy/spec/defines/balancermember_spec.rb index 82afdd0541..a8611dfdb0 100644 --- a/deployment/puppet/haproxy/spec/defines/balancermember_spec.rb +++ b/deployment/puppet/haproxy/spec/defines/balancermember_spec.rb @@ -35,14 +35,12 @@ describe 'haproxy::balancermember' do :name => 'tyler', :listening_service => 'croy', :ports => '18140', - :ensure => 'absent' } end it { should contain_concat__fragment('croy_balancermember_tyler').with( 'order' => '20-croy-01-tyler', 'target' => '/etc/haproxy/haproxy.cfg', - 'ensure' => 'absent', 'content' => " server dero 1.1.1.1:18140 \n" ) } end diff --git a/deployment/puppet/l23network/manifests/l2/port.pp b/deployment/puppet/l23network/manifests/l2/port.pp index a0f20600ad..95d7037156 100644 --- a/deployment/puppet/l23network/manifests/l2/port.pp +++ b/deployment/puppet/l23network/manifests/l2/port.pp @@ -130,9 +130,13 @@ define l23network::l2::port ( } # Merge offloading data with rings rx/tx - $netrings_maximums = try_get_value($::netrings, "${port_name}/maximums") - if $netrings_maximums { - $ethtool_opts = deep_merge({ 'rings' => $netrings_maximums }, $ethtool) + if is_hash($::netrings) { + $netrings_maximums = dig($::netrings, [$port_name, 'maximums']) + if $netrings_maximums { + $ethtool_opts = deep_merge({ 'rings' => $netrings_maximums }, $ethtool) + } else { + $ethtool_opts = $ethtool + } } else { $ethtool_opts = $ethtool } diff --git a/deployment/puppet/openstack/lib/puppet/parser/functions/prepare_firewall_rules.rb b/deployment/puppet/openstack/lib/puppet/parser/functions/prepare_firewall_rules.rb index 542892509e..608e11f940 100644 --- a/deployment/puppet/openstack/lib/puppet/parser/functions/prepare_firewall_rules.rb +++ b/deployment/puppet/openstack/lib/puppet/parser/functions/prepare_firewall_rules.rb @@ -41,7 +41,7 @@ prepare_firewall_rules(['10.20.0.0/24','10.20.0.1']','020 ssh', 'accept', # Add params only if nonempty fw_rules[name]['action'] = action unless [nil, ''].include?(action) fw_rules[name]['chain'] = chain unless [nil, ''].include?(chain) - fw_rules[name]['port'] = port unless [nil, ''].include?(port) + fw_rules[name]['dport'] = port unless [nil, ''].include?(port) fw_rules[name]['proto'] = proto unless [nil, ''].include?(proto) fw_rules[name]['source'] = source_net end diff --git a/deployment/puppet/openstack/spec/defines/firewall_multi_net_spec.rb b/deployment/puppet/openstack/spec/defines/firewall_multi_net_spec.rb index 234e69b629..0026d337ad 100644 --- a/deployment/puppet/openstack/spec/defines/firewall_multi_net_spec.rb +++ b/deployment/puppet/openstack/spec/defines/firewall_multi_net_spec.rb @@ -18,7 +18,7 @@ describe 'openstack::firewall::multi_net' do it 'contains ssh firewall rule' do should contain_firewall("020 ssh from 10.20.0.0/24").with( :action => 'accept', - :port => '22', + :dport => '22', :proto => 'tcp', :source => '10.20.0.0/24', ) diff --git a/deployment/puppet/openstack/spec/functions/prepare_firewall_rules__spec.rb b/deployment/puppet/openstack/spec/functions/prepare_firewall_rules__spec.rb index e38f1a6e13..b189c5782a 100644 --- a/deployment/puppet/openstack/spec/functions/prepare_firewall_rules__spec.rb +++ b/deployment/puppet/openstack/spec/functions/prepare_firewall_rules__spec.rb @@ -53,11 +53,11 @@ describe 'function to prepare hash of firewall rules for multiple networks' do it 'should be able to prepare an ssh rule' do result = { '020 ssh from 10.0.0.0/24' => {'action' => 'accept', - 'port' => '22', + 'dport' => '22', 'proto' => 'tcp', 'source' => '10.0.0.0/24'}, '020 ssh from 10.0.1.0/24' => {'action' => 'accept', - 'port' => '22', + 'dport' => '22', 'proto' => 'tcp', 'source' => '10.0.1.0/24'}, } diff --git a/deployment/puppet/openstack_tasks/manifests/aodh/aodh.pp b/deployment/puppet/openstack_tasks/manifests/aodh/aodh.pp index f9c4fc353c..9a553a5e27 100644 --- a/deployment/puppet/openstack_tasks/manifests/aodh/aodh.pp +++ b/deployment/puppet/openstack_tasks/manifests/aodh/aodh.pp @@ -28,7 +28,6 @@ class openstack_tasks::aodh::aodh { $tenant = pick($aodh_hash['tenant'], 'services') $debug = pick($aodh_hash['debug'], hiera('debug', false)) - $verbose = pick($aodh_hash['verbose'], hiera('verbose', true)) $database_vip = hiera('database_vip') @@ -97,7 +96,6 @@ class openstack_tasks::aodh::aodh { class { '::aodh': debug => $debug, - verbose => $verbose, notification_topics => $notification_topics, rpc_backend => $rpc_backend, rabbit_userid => $rabbit_userid, diff --git a/deployment/puppet/openstack_tasks/manifests/ceilometer/compute.pp b/deployment/puppet/openstack_tasks/manifests/ceilometer/compute.pp index b54b815730..11d4ea360c 100644 --- a/deployment/puppet/openstack_tasks/manifests/ceilometer/compute.pp +++ b/deployment/puppet/openstack_tasks/manifests/ceilometer/compute.pp @@ -17,7 +17,6 @@ class openstack_tasks::ceilometer::compute { 'http_timeout' => '600', 'event_time_to_live' => '604800', 'metering_time_to_live' => '604800', - 'alarm_history_time_to_live' => '604800', } $region = hiera('region', 'RegionOne') @@ -28,7 +27,6 @@ class openstack_tasks::ceilometer::compute { $amqp_user = $rabbit_hash['user'] $kombu_compression = hiera('kombu_compression', $::os_service_default) $ceilometer_metering_secret = $ceilometer_hash['metering_secret'] - $verbose = pick($ceilometer_hash['verbose'], hiera('verbose', true)) $debug = pick($ceilometer_hash['debug'], hiera('debug', false)) $ssl_hash = hiera_hash('use_ssl', {}) @@ -62,12 +60,10 @@ class openstack_tasks::ceilometer::compute { http_timeout => $ceilometer_hash['http_timeout'], event_time_to_live => $ceilometer_hash['event_time_to_live'], metering_time_to_live => $ceilometer_hash['metering_time_to_live'], - alarm_history_time_to_live => $ceilometer_hash['alarm_history_time_to_live'], rabbit_hosts => split(hiera('amqp_hosts',''), ','), rabbit_userid => $amqp_user, rabbit_password => $amqp_password, metering_secret => $ceilometer_metering_secret, - verbose => $verbose, debug => $debug, use_syslog => $use_syslog, use_stderr => $use_stderr, diff --git a/deployment/puppet/openstack_tasks/manifests/ceilometer/controller.pp b/deployment/puppet/openstack_tasks/manifests/ceilometer/controller.pp index 8787b3951c..c025273f91 100644 --- a/deployment/puppet/openstack_tasks/manifests/ceilometer/controller.pp +++ b/deployment/puppet/openstack_tasks/manifests/ceilometer/controller.pp @@ -10,11 +10,9 @@ class openstack_tasks::ceilometer::controller { 'http_timeout' => '600', 'event_time_to_live' => '604800', 'metering_time_to_live' => '604800', - 'alarm_history_time_to_live' => '604800', } $ceilometer_hash = hiera_hash('ceilometer', $default_ceilometer_hash) - $verbose = pick($ceilometer_hash['verbose'], hiera('verbose', true)) $debug = pick($ceilometer_hash['debug'], hiera('debug', false)) $use_syslog = hiera('use_syslog', true) $use_stderr = hiera('use_stderr', false) @@ -141,12 +139,10 @@ class openstack_tasks::ceilometer::controller { http_timeout => $ceilometer_hash['http_timeout'], event_time_to_live => $ceilometer_hash['event_time_to_live'], metering_time_to_live => $ceilometer_hash['metering_time_to_live'], - alarm_history_time_to_live => $ceilometer_hash['alarm_history_time_to_live'], rabbit_hosts => split(hiera('amqp_hosts',''), ','), rabbit_userid => $amqp_user, rabbit_password => $amqp_password, metering_secret => $ceilometer_metering_secret, - verbose => $verbose, debug => $debug, use_syslog => $use_syslog, use_stderr => $use_stderr, diff --git a/deployment/puppet/openstack_tasks/manifests/glance/glance.pp b/deployment/puppet/openstack_tasks/manifests/glance/glance.pp index 40722a0a06..d15c36af21 100644 --- a/deployment/puppet/openstack_tasks/manifests/glance/glance.pp +++ b/deployment/puppet/openstack_tasks/manifests/glance/glance.pp @@ -8,7 +8,6 @@ class openstack_tasks::glance::glance { $glance_hash = hiera_hash('glance', {}) $glance_glare_hash = hiera_hash('glance_glare', {}) - $verbose = pick($glance_hash['verbose'], hiera('verbose', true)) $debug = pick($glance_hash['debug'], hiera('debug', false)) $management_vip = hiera('management_vip') $database_vip = hiera('database_vip') @@ -145,7 +144,6 @@ class openstack_tasks::glance::glance { # Install and configure glance-api class { '::glance::api': - verbose => $verbose, debug => $debug, bind_host => $api_bind_host, auth_type => 'keystone', @@ -167,7 +165,7 @@ class openstack_tasks::glance::glance { database_max_overflow => $max_overflow, show_image_direct_url => $show_image_direct_url, pipeline => $pipeline, - known_stores => $known_stores, + stores => $known_stores, os_region_name => $region, delayed_delete => false, scrub_time => '43200', @@ -191,7 +189,6 @@ class openstack_tasks::glance::glance { use_syslog => $use_syslog, use_stderr => $use_stderr, log_facility => $syslog_log_facility, - verbose => $verbose, debug => $debug, default_log_levels => hiera('default_log_levels'), } @@ -232,7 +229,6 @@ class openstack_tasks::glance::glance { # Install and configure glance-registry class { '::glance::registry': - verbose => $verbose, debug => $debug, bind_host => $api_bind_host, auth_uri => $auth_uri, diff --git a/deployment/puppet/openstack_tasks/manifests/horizon/horizon.pp b/deployment/puppet/openstack_tasks/manifests/horizon/horizon.pp index 1e4664d925..0f7456d319 100644 --- a/deployment/puppet/openstack_tasks/manifests/horizon/horizon.pp +++ b/deployment/puppet/openstack_tasks/manifests/horizon/horizon.pp @@ -36,12 +36,12 @@ class openstack_tasks::horizon::horizon { # of the MOS package set. This should be contributed upstream and then we can # use this as the default. #if !$::os_package_type or $::os_package_type == 'debian' { - # $cache_backend = try_get_value($horizon_hash, 'cache_backend', 'horizon.backends.memcached.HorizonMemcached') + # $cache_backend = dig($horizon_hash, ['cache_backend'], 'horizon.backends.memcached.HorizonMemcached') #} else { - # $cache_backend = try_get_value($horizon_hash, 'cache_backend', 'django.core.cache.backends.memcached.MemcachedCache') + # $cache_backend = dig($horizon_hash, ['cache_backend'], 'django.core.cache.backends.memcached.MemcachedCache') #} # Don't use custom backend until its code lands to MOS 9.0. - $cache_backend = try_get_value($horizon_hash, 'cache_backend', 'django.core.cache.backends.memcached.MemcachedCache') + $cache_backend = dig($horizon_hash, ['cache_backend'], 'django.core.cache.backends.memcached.MemcachedCache') #Changing from internal addressing to public should resolve any security concerns about exposing 'internal' to public facing login. #However, this should eventually be removed altogether from Horizon. diff --git a/deployment/puppet/openstack_tasks/manifests/keystone/keystone.pp b/deployment/puppet/openstack_tasks/manifests/keystone/keystone.pp index 3e59cc7b62..2d14709ad6 100644 --- a/deployment/puppet/openstack_tasks/manifests/keystone/keystone.pp +++ b/deployment/puppet/openstack_tasks/manifests/keystone/keystone.pp @@ -13,7 +13,6 @@ class openstack_tasks::keystone::keystone { prepare_network_config($network_scheme) $keystone_hash = hiera_hash('keystone', {}) - $verbose = pick($keystone_hash['verbose'], hiera('verbose', true)) $debug = pick($keystone_hash['debug'], hiera('debug', false)) $use_syslog = hiera('use_syslog', true) $use_stderr = hiera('use_stderr', false) @@ -296,7 +295,6 @@ class openstack_tasks::keystone::keystone { if $enabled { class { '::keystone': enable_bootstrap => true, - verbose => $verbose, debug => $debug, catalog_type => 'sql', admin_token => $admin_token, diff --git a/deployment/puppet/openstack_tasks/manifests/openstack_cinder/openstack_cinder.pp b/deployment/puppet/openstack_tasks/manifests/openstack_cinder/openstack_cinder.pp index ad45116099..e3bd2fa2ab 100644 --- a/deployment/puppet/openstack_tasks/manifests/openstack_cinder/openstack_cinder.pp +++ b/deployment/puppet/openstack_tasks/manifests/openstack_cinder/openstack_cinder.pp @@ -104,7 +104,6 @@ class openstack_tasks::openstack_cinder::openstack_cinder { $iscsi_bind_host = get_network_role_property('cinder/iscsi', 'ipaddr') $use_syslog = hiera('use_syslog', true) $use_stderr = hiera('use_stderr', false) - $verbose = pick($cinder_hash['verbose'], hiera('verbose', true)) $debug = pick($cinder_hash['debug'], hiera('debug', true)) ######### Cinder Controller Services ######## @@ -145,7 +144,6 @@ class openstack_tasks::openstack_cinder::openstack_cinder { rabbit_userid => $rabbit_hash['user'], rabbit_password => $rabbit_hash['password'], database_connection => $db_connection, - verbose => $verbose, use_syslog => $use_syslog, use_stderr => $use_stderr, log_facility => hiera('syslog_log_facility_cinder', 'LOG_LOCAL3'), diff --git a/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/dhcp.pp b/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/dhcp.pp index 1644513a7d..d7541a382c 100644 --- a/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/dhcp.pp +++ b/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/dhcp.pp @@ -10,10 +10,11 @@ class openstack_tasks::openstack_network::agents::dhcp { $debug = hiera('debug', true) $resync_interval = '30' - $isolated_metadata = try_get_value($neutron_config, 'metadata/isolated_metadata', true) + $neutron_config = hiera_hash('neutron_config') + $isolated_metadata = dig($neutron_config, ['metadata', 'isolated_metadata'], true) $neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { }) - $ha_agent = try_get_value($neutron_advanced_config, 'dhcp_agent_ha', true) + $ha_agent = dig($neutron_advanced_config, ['dhcp_agent_ha'], true) class { '::neutron::agents::dhcp': debug => $debug, diff --git a/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/l3.pp b/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/l3.pp index 418057e9bb..81d4b09229 100644 --- a/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/l3.pp +++ b/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/l3.pp @@ -36,15 +36,15 @@ class openstack_tasks::openstack_network::agents::l3 { prepare_network_config($network_scheme) - $ha_agent = try_get_value($neutron_advanced_config, 'l3_agent_ha', true) + $ha_agent = dig($neutron_advanced_config, ['l3_agent_ha'], true) class { '::neutron::agents::l3': - debug => $debug, - metadata_port => $metadata_port, - external_network_bridge => ' ', - manage_service => true, - enabled => true, - agent_mode => $agent_mode, + debug => $debug, + metadata_port => $metadata_port, + external_network_bridge => ' ', + manage_service => true, + enabled => true, + agent_mode => $agent_mode, } if ($ha_agent) and !($compute) { diff --git a/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/metadata.pp b/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/metadata.pp index 2927d92ed1..44bdb4f875 100644 --- a/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/metadata.pp +++ b/deployment/puppet/openstack_tasks/manifests/openstack_network/agents/metadata.pp @@ -29,10 +29,10 @@ class openstack_tasks::openstack_network::agents::metadata { if $controller or ($dvr and $compute) { $debug = hiera('debug', true) - $ha_agent = try_get_value($neutron_advanced_config, 'metadata_agent_ha', true) + $ha_agent = dig($neutron_advanced_config, ['metadata_agent_ha'], true) $service_endpoint = hiera('service_endpoint') $management_vip = hiera('management_vip') - $shared_secret = try_get_value($neutron_config, 'metadata/metadata_proxy_shared_secret') + $shared_secret = dig($neutron_config, ['metadata', 'metadata_proxy_shared_secret']) $nova_endpoint = hiera('nova_endpoint', $management_vip) $nova_metadata_protocol = hiera('nova_metadata_protocol', 'http') $ssl_hash = hiera_hash('use_ssl', {}) diff --git a/deployment/puppet/openstack_tasks/manifests/openstack_network/common_config.pp b/deployment/puppet/openstack_tasks/manifests/openstack_network/common_config.pp index 1e2070342c..251c4a89b4 100644 --- a/deployment/puppet/openstack_tasks/manifests/openstack_network/common_config.pp +++ b/deployment/puppet/openstack_tasks/manifests/openstack_network/common_config.pp @@ -47,7 +47,7 @@ class openstack_tasks::openstack_network::common_config { $kombu_compression = hiera('kombu_compression', $::os_service_default) - $segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type') + $segmentation_type = dig($neutron_config, ['L2', 'segmentation_type']) $nets = $neutron_config['predefined_networks'] @@ -84,12 +84,11 @@ class openstack_tasks::openstack_network::common_config { } class { '::neutron::logging': - verbose => $verbose, - debug => $debug, - use_syslog => $use_syslog, - use_stderr => $use_stderr, - log_facility => $log_facility, - default_log_levels => $default_log_levels, + debug => $debug, + use_syslog => $use_syslog, + use_stderr => $use_stderr, + syslog_log_facility => $log_facility, + default_log_levels => $default_log_levels, } ### SYSCTL ### diff --git a/deployment/puppet/openstack_tasks/manifests/openstack_network/compute_nova.pp b/deployment/puppet/openstack_tasks/manifests/openstack_network/compute_nova.pp index 4ffa8dc4f4..80d6621066 100644 --- a/deployment/puppet/openstack_tasks/manifests/openstack_network/compute_nova.pp +++ b/deployment/puppet/openstack_tasks/manifests/openstack_network/compute_nova.pp @@ -13,9 +13,9 @@ class openstack_tasks::openstack_network::compute_nova { $management_vip = hiera('management_vip') $service_endpoint = hiera('service_endpoint', $management_vip) - $admin_password = try_get_value($neutron_config, 'keystone/admin_password') - $admin_tenant_name = try_get_value($neutron_config, 'keystone/admin_tenant', 'services') - $admin_username = try_get_value($neutron_config, 'keystone/admin_user', 'neutron') + $admin_password = dig($neutron_config, ['keystone', 'admin_password']) + $admin_tenant_name = dig($neutron_config, ['keystone', 'admin_tenant'], 'services') + $admin_username = dig($neutron_config, ['keystone', 'admin_user'], 'neutron') $region_name = hiera('region', 'RegionOne') $auth_api_version = 'v3' $ssl_hash = hiera_hash('use_ssl', {}) diff --git a/deployment/puppet/openstack_tasks/manifests/openstack_network/networks.pp b/deployment/puppet/openstack_tasks/manifests/openstack_network/networks.pp index 62aabbf393..ab5f821bcd 100644 --- a/deployment/puppet/openstack_tasks/manifests/openstack_network/networks.pp +++ b/deployment/puppet/openstack_tasks/manifests/openstack_network/networks.pp @@ -5,43 +5,43 @@ class openstack_tasks::openstack_network::networks { $access_hash = hiera_hash('access', {}) $keystone_admin_tenant = $access_hash['tenant'] $neutron_config = hiera_hash('neutron_config') - $floating_net = try_get_value($neutron_config, 'default_floating_net', 'net04_ext') - $private_net = try_get_value($neutron_config, 'default_private_net', 'net04') - $default_router = try_get_value($neutron_config, 'default_router', 'router04') - $segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type') + $floating_net = dig($neutron_config, ['default_floating_net'], 'net04_ext') + $private_net = dig($neutron_config, ['default_private_net'], 'net04') + $default_router = dig($neutron_config, ['default_router'], 'router04') + $segmentation_type = dig($neutron_config, ['L2', 'segmentation_type']) $nets = $neutron_config['predefined_networks'] if $segmentation_type == 'vlan' { $network_type = 'vlan' - $segmentation_id_range = split(try_get_value($neutron_config, 'L2/phys_nets/physnet2/vlan_range', ''), ':') + $segmentation_id_range = split(dig($neutron_config, ['L2', 'phys_nets', 'physnet2', 'vlan_range'], ''), ':') } elsif $segmentation_type == 'gre' { $network_type = 'gre' - $segmentation_id_range = split(try_get_value($neutron_config, 'L2/tunnel_id_ranges', ''), ':') + $segmentation_id_range = split(dig($neutron_config, ['L2', 'tunnel_id_ranges'], ''), ':') } else { $network_type = 'vxlan' - $segmentation_id_range = split(try_get_value($neutron_config, 'L2/tunnel_id_ranges', ''), ':') + $segmentation_id_range = split(dig($neutron_config, ['L2', 'tunnel_id_ranges'], ''), ':') } $fallback_segment_id = $segmentation_id_range[0] - $private_net_segment_id = try_get_value($nets, "${private_net}/L2/segment_id", $fallback_segment_id) - $private_net_physnet = try_get_value($nets, "${private_net}/L2/physnet", false) - $private_net_shared = try_get_value($nets, "${private_net}/shared", false) + $private_net_segment_id = dig($nets, [$private_net, 'L2', 'segment_id'], $fallback_segment_id) + $private_net_physnet = dig($nets, [$private_net, 'L2', 'physnet'], false) + $private_net_shared = dig($nets, [$private_net, 'shared'], false) $private_net_router_external = false - $floating_net_type = try_get_value($nets, "${floating_net}/L2/network_type", 'local') + $floating_net_type = dig($nets, [$floating_net, 'L2', 'network_type'], 'local') $floating_net_physnet = $floating_net_type ? { 'local' => false, - default => try_get_value($nets, "${floating_net}/L2/physnet", false), + default => dig($nets, [$floating_net, 'L2', 'physnet'], false), } - $floating_net_router_external = try_get_value($nets, "${floating_net}/L2/router_ext") - $floating_net_floating_range = try_get_value($nets, "${floating_net}/L3/floating", '') - $floating_net_shared = try_get_value($nets, "${floating_net}/shared", false) + $floating_net_router_external = dig($nets, [$floating_net, 'L2', 'router_ext']) + $floating_net_floating_range = dig($nets, [$floating_net, 'L3', 'floating'], '') + $floating_net_shared = dig($nets, [$floating_net, 'shared'], false) if !empty($floating_net_floating_range) { - $floating_cidr = try_get_value($nets, "${floating_net}/L3/subnet") + $floating_cidr = dig($nets, [$floating_net, 'L3', 'subnet']) $floating_net_allocation_pool = format_allocation_pools($floating_net_floating_range, $floating_cidr) } - $tenant_name = try_get_value($access_hash, 'tenant', 'admin') + $tenant_name = dig($access_hash, ['tenant'], 'admin') neutron_network { $floating_net : ensure => 'present', @@ -54,10 +54,10 @@ class openstack_tasks::openstack_network::networks { neutron_subnet { "${floating_net}__subnet" : ensure => 'present', - cidr => try_get_value($nets, "${floating_net}/L3/subnet"), + cidr => dig($nets, [$floating_net, 'L3', 'subnet']), network_name => $floating_net, tenant_name => $tenant_name, - gateway_ip => try_get_value($nets, "${floating_net}/L3/gateway"), + gateway_ip => dig($nets, [$floating_net, 'L3', 'gateway']), enable_dhcp => false, allocation_pools => $floating_net_allocation_pool, } @@ -74,19 +74,19 @@ class openstack_tasks::openstack_network::networks { neutron_subnet { "${private_net}__subnet" : ensure => 'present', - cidr => try_get_value($nets, "${private_net}/L3/subnet"), + cidr => dig($nets, [$private_net, 'L3', 'subnet']), network_name => $private_net, tenant_name => $tenant_name, - gateway_ip => try_get_value($nets, "${private_net}/L3/gateway"), + gateway_ip => dig($nets, [$private_net, 'L3', 'gateway']), enable_dhcp => true, - dns_nameservers => try_get_value($nets, "${private_net}/L3/nameservers"), + dns_nameservers => dig($nets, [$private_net, 'L3', 'nameservers']), } if has_key($nets, 'baremetal') { - $baremetal_physnet = try_get_value($nets, 'baremetal/L2/physnet', false) - $baremetal_segment_id = try_get_value($nets, 'baremetal/L2/segment_id') - $baremetal_router_external = try_get_value($nets, 'baremetal/L2/router_ext') - $baremetal_shared = try_get_value($nets, 'baremetal/shared', false) + $baremetal_physnet = dig($nets, ['baremetal', 'L2', 'physnet'], false) + $baremetal_segment_id = dig($nets, ['baremetal', 'L2', 'segment_id']) + $baremetal_router_external = dig($nets, ['baremetal', 'L2', 'router_ext']) + $baremetal_shared = dig($nets, ['baremetal', 'shared'], false) neutron_network { 'baremetal' : ensure => 'present', @@ -100,13 +100,13 @@ class openstack_tasks::openstack_network::networks { neutron_subnet { 'baremetal__subnet' : ensure => 'present', - cidr => try_get_value($nets, 'baremetal/L3/subnet'), + cidr => dig($nets, ['baremetal', 'L3', 'subnet']), network_name => 'baremetal', tenant_name => $tenant_name, - gateway_ip => try_get_value($nets, 'baremetal/L3/gateway'), + gateway_ip => dig($nets, ['baremetal', 'L3', 'gateway']), enable_dhcp => true, - dns_nameservers => try_get_value($nets, 'baremetal/L3/nameservers'), - allocation_pools => format_allocation_pools(try_get_value($nets, 'baremetal/L3/floating')), + dns_nameservers => dig($nets, ['baremetal', 'L3', 'nameservers']), + allocation_pools => format_allocation_pools(dig($nets, ['baremetal', 'L3', 'floating'])), } } } diff --git a/deployment/puppet/openstack_tasks/manifests/openstack_network/plugins/ml2.pp b/deployment/puppet/openstack_tasks/manifests/openstack_network/plugins/ml2.pp index 99b4a28269..c800716e71 100644 --- a/deployment/puppet/openstack_tasks/manifests/openstack_network/plugins/ml2.pp +++ b/deployment/puppet/openstack_tasks/manifests/openstack_network/plugins/ml2.pp @@ -42,10 +42,10 @@ class openstack_tasks::openstack_network::plugins::ml2 { prepare_network_config($network_scheme) $neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { }) - $l2_population = try_get_value($neutron_advanced_config, 'neutron_l2_pop', false) - $dvr = try_get_value($neutron_advanced_config, 'neutron_dvr', false) + $l2_population = dig($neutron_advanced_config, ['neutron_l2_pop'], false) + $dvr = dig($neutron_advanced_config, ['neutron_dvr'], false) $enable_qos = pick($neutron_advanced_config['neutron_qos'], false) - $segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type') + $segmentation_type = dig($neutron_config, ['L2', 'segmentation_type']) if $compute and ! $dvr { $do_floating = false @@ -160,7 +160,7 @@ class openstack_tasks::openstack_network::plugins::ml2 { refreshonly => true, } - $ha_agent = try_get_value($neutron_advanced_config, 'l2_agent_ha', true) + $ha_agent = dig($neutron_advanced_config, ['l2_agent_ha'], true) if $ha_agent { #Exec<| title == 'waiting-for-neutron-api' |> -> class { '::cluster::neutron::ovs' : diff --git a/deployment/puppet/openstack_tasks/manifests/openstack_network/routers.pp b/deployment/puppet/openstack_tasks/manifests/openstack_network/routers.pp index 4033c926ac..d18aac900c 100644 --- a/deployment/puppet/openstack_tasks/manifests/openstack_network/routers.pp +++ b/deployment/puppet/openstack_tasks/manifests/openstack_network/routers.pp @@ -13,10 +13,10 @@ class openstack_tasks::openstack_network::routers { $access_hash = hiera_hash('access', {}) $keystone_admin_tenant = pick($access_hash['tenant'], 'admin') $neutron_config = hiera_hash('neutron_config') - $floating_net = try_get_value($neutron_config, 'default_floating_net', 'net04_ext') - $private_net = try_get_value($neutron_config, 'default_private_net', 'net04') - $default_router = try_get_value($neutron_config, 'default_router', 'router04') - $baremetal_router = try_get_value($neutron_config, 'baremetal_router', 'baremetal') + $floating_net = dig($neutron_config, ['default_floating_net'], 'net04_ext') + $private_net = dig($neutron_config, ['default_private_net'], 'net04') + $default_router = dig($neutron_config, ['default_router'], 'router04') + $baremetal_router = dig($neutron_config, ['baremetal_router'], 'baremetal') $nets = $neutron_config['predefined_networks'] if ($l3_ha) and ($controllers_num < 2) { diff --git a/deployment/puppet/openstack_tasks/manifests/openstack_network/server_config.pp b/deployment/puppet/openstack_tasks/manifests/openstack_network/server_config.pp index 4b3439ea68..570e94b8c9 100644 --- a/deployment/puppet/openstack_tasks/manifests/openstack_network/server_config.pp +++ b/deployment/puppet/openstack_tasks/manifests/openstack_network/server_config.pp @@ -30,9 +30,9 @@ class openstack_tasks::openstack_network::server_config { $db_type = 'mysql' $db_password = $neutron_config['database']['passwd'] - $db_user = try_get_value($neutron_config, 'database/user', 'neutron') - $db_name = try_get_value($neutron_config, 'database/name', 'neutron') - $db_host = try_get_value($neutron_config, 'database/host', $database_vip) + $db_user = dig($neutron_config, ['database', 'user'], 'neutron') + $db_name = dig($neutron_config, ['database', 'name'], 'neutron') + $db_host = dig($neutron_config, ['database', 'host'], $database_vip) # LP#1526938 - python-mysqldb supports this, python-pymysql does not if $::os_package_type == 'debian' { $extra_params = { 'charset' => 'utf8', 'read_timeout' => 60 } @@ -72,20 +72,16 @@ class openstack_tasks::openstack_network::server_config { $admin_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http') $admin_auth_endpoint = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [$service_endpoint, $management_vip]) - $nova_internal_protocol = get_ssl_property($ssl_hash, {}, 'nova', 'internal', 'protocol', 'http') - $nova_internal_endpoint = get_ssl_property($ssl_hash, {}, 'nova', 'internal', 'hostname', [$nova_endpoint]) - $auth_api_version = 'v2.0' $auth_uri = "${internal_auth_protocol}://${internal_auth_endpoint}:5000/" $auth_url = "${internal_auth_protocol}://${internal_auth_endpoint}:35357/" $nova_admin_auth_url = "${admin_auth_protocol}://${admin_auth_endpoint}:35357/" - $nova_url = "${nova_internal_protocol}://${nova_internal_endpoint}:8774/v2" $workers_max = hiera('workers_max', 16) $service_workers = pick($neutron_config['workers'], min(max($::processorcount, 1), $workers_max)) $neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { }) - $l2_population = try_get_value($neutron_advanced_config, 'neutron_l2_pop', false) + $l2_population = dig($neutron_advanced_config, ['neutron_l2_pop'], false) $dvr = pick($neutron_advanced_config['neutron_dvr'], false) $l3_ha = pick($neutron_advanced_config['neutron_l3_ha'], false) $l3agent_failover = $l3_ha ? { true => false, default => true} @@ -107,9 +103,9 @@ class openstack_tasks::openstack_network::server_config { $default_mechanism_drivers = ['openvswitch'] $l2_population_mech_driver = $l2_population ? { true => ['l2population'], default => []} $sriov_mech_driver = $use_sriov ? { true => ['sriovnicswitch'], default => []} - $mechanism_drivers = delete(try_get_value($neutron_config, 'L2/mechanism_drivers', concat($default_mechanism_drivers,$l2_population_mech_driver,$sriov_mech_driver)), '') + $mechanism_drivers = delete(dig($neutron_config, ['L2', 'mechanism_drivers'], concat($default_mechanism_drivers,$l2_population_mech_driver,$sriov_mech_driver)), '') $flat_networks = ['*'] - $segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type') + $segmentation_type = dig($neutron_config, ['L2', 'segmentation_type']) $network_scheme = hiera_hash('network_scheme', {}) prepare_network_config($network_scheme) @@ -123,7 +119,7 @@ class openstack_tasks::openstack_network::server_config { Class['::neutron::plugins::ml2'] -> Augeas['/etc/default/neutron-server:ml2_sriov_config'] } - $_path_mtu = try_get_value($neutron_config, 'L2/path_mtu', undef) + $_path_mtu = dig($neutron_config, ['L2', 'path_mtu'], undef) if $segmentation_type == 'vlan' { $net_role_property = 'neutron/private' @@ -150,7 +146,7 @@ class openstack_tasks::openstack_network::server_config { $net_role_property = 'neutron/mesh' $tunneling_ip = get_network_role_property($net_role_property, 'ipaddr') $iface = get_network_role_property($net_role_property, 'phys_dev') - $tunnel_id_ranges = [try_get_value($neutron_config, 'L2/tunnel_id_ranges')] + $tunnel_id_ranges = [dig($neutron_config, ['L2', 'tunnel_id_ranges'])] $physical_network_mtus = generate_physnet_mtus($neutron_config, $network_scheme, { 'do_floating' => $do_floating, 'do_tenant' => false, @@ -241,7 +237,6 @@ class openstack_tasks::openstack_network::server_config { } class { '::neutron::server::notifications': - nova_url => $nova_url, auth_url => $nova_admin_auth_url, username => $nova_auth_user, project_name => $nova_auth_tenant, diff --git a/deployment/puppet/openstack_tasks/manifests/openstack_network/server_nova.pp b/deployment/puppet/openstack_tasks/manifests/openstack_network/server_nova.pp index 0fc41607d7..e30387287f 100644 --- a/deployment/puppet/openstack_tasks/manifests/openstack_network/server_nova.pp +++ b/deployment/puppet/openstack_tasks/manifests/openstack_network/server_nova.pp @@ -6,9 +6,9 @@ class openstack_tasks::openstack_network::server_nova { $management_vip = hiera('management_vip') $service_endpoint = hiera('service_endpoint', $management_vip) $neutron_endpoint = hiera('neutron_endpoint', $management_vip) - $admin_password = try_get_value($neutron_config, 'keystone/admin_password') - $admin_tenant_name = try_get_value($neutron_config, 'keystone/admin_tenant', 'services') - $admin_username = try_get_value($neutron_config, 'keystone/admin_user', 'neutron') + $admin_password = dig($neutron_config, ['keystone', 'admin_password']) + $admin_tenant_name = dig($neutron_config, ['keystone', 'admin_tenant'], 'services') + $admin_username = dig($neutron_config, ['keystone', 'admin_user'], 'neutron') $region_name = hiera('region', 'RegionOne') $auth_api_version = 'v3' $ssl_hash = hiera_hash('use_ssl', {}) diff --git a/deployment/puppet/osnailyfacter/manifests/firewall/firewall.pp b/deployment/puppet/osnailyfacter/manifests/firewall/firewall.pp index ad6b79d0aa..001fdeacf5 100644 --- a/deployment/puppet/osnailyfacter/manifests/firewall/firewall.pp +++ b/deployment/puppet/osnailyfacter/manifests/firewall/firewall.pp @@ -200,7 +200,7 @@ class osnailyfacter::firewall::firewall { } firewall {'340 vxlan_udp_port': - port => $vxlan_udp_port, + dport => $vxlan_udp_port, proto => 'udp', action => 'accept', } @@ -245,7 +245,7 @@ class osnailyfacter::firewall::firewall { } firewall { '100 http': - port => [$http_port, $https_port], + dport => [$http_port, $https_port], proto => 'tcp', action => 'accept', } @@ -265,19 +265,19 @@ class osnailyfacter::firewall::firewall { } firewall {'103 swift': - port => [$swift_proxy_port, $swift_object_port, $swift_container_port, $swift_account_port, $swift_proxy_check_port], + dport => [$swift_proxy_port, $swift_object_port, $swift_container_port, $swift_account_port, $swift_proxy_check_port], proto => 'tcp', action => 'accept', } firewall {'104 glance': - port => [$glance_api_port, $glance_glare_port, $glance_reg_port, $glance_nova_api_ec2_port,], + dport => [$glance_api_port, $glance_glare_port, $glance_reg_port, $glance_nova_api_ec2_port,], proto => 'tcp', action => 'accept', } firewall {'105 nova': - port => [$nova_api_compute_port, $nova_api_volume_port, $nova_vncproxy_port], + dport => [$nova_api_compute_port, $nova_api_volume_port, $nova_vncproxy_port], proto => 'tcp', action => 'accept', } @@ -339,7 +339,7 @@ class osnailyfacter::firewall::firewall { } firewall {'111 dhcp-server': - port => $dhcp_server_port, + dport => $dhcp_server_port, proto => 'udp', action => 'accept', } @@ -373,13 +373,13 @@ class osnailyfacter::firewall::firewall { } firewall {'121 ceilometer': - port => $ceilometer_port, + dport => $ceilometer_port, proto => 'tcp', action => 'accept', } firewall {'122 aodh': - port => $aodh_port, + dport => $aodh_port, proto => 'tcp', action => 'accept', } @@ -391,19 +391,19 @@ class osnailyfacter::firewall::firewall { } firewall {'204 heat-api': - port => $heat_api_port, + dport => $heat_api_port, proto => 'tcp', action => 'accept', } firewall {'205 heat-api-cfn': - port => $heat_api_cfn_port, + dport => $heat_api_cfn_port, proto => 'tcp', action => 'accept', } firewall {'206 heat-api-cloudwatch': - port => $heat_api_cloudwatch_port, + dport => $heat_api_cloudwatch_port, proto => 'tcp', action => 'accept', } @@ -436,7 +436,7 @@ class osnailyfacter::firewall::firewall { if member($roles, 'primary-mongo') or member($roles, 'mongo') { firewall {'120 mongodb': - port => $mongodb_port, + dport => $mongodb_port, proto => 'tcp', action => 'accept', } diff --git a/deployment/puppet/osnailyfacter/manifests/globals/globals.pp b/deployment/puppet/osnailyfacter/manifests/globals/globals.pp index 74711e419a..376f18070f 100644 --- a/deployment/puppet/osnailyfacter/manifests/globals/globals.pp +++ b/deployment/puppet/osnailyfacter/manifests/globals/globals.pp @@ -236,18 +236,16 @@ class osnailyfacter::globals::globals { $vips = $network_metadata['vips'] - # TODO(mpolenchuk): try_get_value() is deprecated, - # replace with dig() once stdlib 4.12 will be available - $public_vip = try_get_value($vips, 'public/ipaddr', + $public_vip = dig($vips, ['public', 'ipaddr'], get_network_role_property('public/vip', 'ipaddr') ) - $management_vip = try_get_value($vips, 'management/ipaddr', + $management_vip = dig($vips, ['management', 'ipaddr'], get_network_role_property('mgmt/vip', 'ipaddr') ) - $public_vrouter_vip = try_get_value($vips, 'vrouter_pub/ipaddr', undef) - $management_vrouter_vip = try_get_value($vips, 'vrouter/ipaddr', undef) - $database_vip = try_get_value($vips, 'database/ipaddr', $management_vip) - $service_endpoint = try_get_value($vips, 'service_endpoint/ipaddr', $management_vip) + $public_vrouter_vip = dig($vips, ['vrouter_pub', 'ipaddr'], undef) + $management_vrouter_vip = dig($vips, ['vrouter', 'ipaddr'], undef) + $database_vip = dig($vips, ['database', 'ipaddr'], $management_vip) + $service_endpoint = dig($vips, ['service_endpoint', 'ipaddr'], $management_vip) $neutron_config = hiera_hash('quantum_settings') $network_provider = 'neutron' diff --git a/deployment/puppet/osnailyfacter/manifests/rabbitmq/rabbitmq.pp b/deployment/puppet/osnailyfacter/manifests/rabbitmq/rabbitmq.pp index 8f2b8113eb..1124a7007a 100644 --- a/deployment/puppet/osnailyfacter/manifests/rabbitmq/rabbitmq.pp +++ b/deployment/puppet/osnailyfacter/manifests/rabbitmq/rabbitmq.pp @@ -183,22 +183,30 @@ class osnailyfacter::rabbitmq::rabbitmq { Class['::rabbitmq::install'] -> Exec['epmd_daemon'] -> Rabbitmq_plugin<| |> -> Rabbitmq_exchange<| |> + rabbitmq_user { $rabbit_hash['user']: + admin => true, + password => $rabbit_hash['password'], + provider => 'rabbitmqctl', + } + + rabbitmq_user_permissions { "${rabbit_hash['user']}@/": + configure_permission => '.*', + write_permission => '.*', + read_permission => '.*', + provider => 'rabbitmqctl', + } + + rabbitmq_vhost { $virtual_host: + provider => 'rabbitmqctl', + } + if ($use_pacemaker) { # Install rabbit-fence daemon class { '::cluster::rabbitmq_fence': enabled => $enabled, require => Class['::rabbitmq'] } - } - class { '::nova::rabbitmq': - enabled => $enabled, - userid => $rabbit_hash['user'], - password => $rabbit_hash['password'], - require => Class['::rabbitmq'], - } - - if ($use_pacemaker) { class { '::cluster::rabbitmq_ocf': command_timeout => $command_timeout, debug => $debug, @@ -206,7 +214,6 @@ class osnailyfacter::rabbitmq::rabbitmq { admin_user => $rabbit_hash['user'], admin_pass => $rabbit_hash['password'], host_ip => $rabbitmq_bind_ip_address, - before => Class['::nova::rabbitmq'], enable_rpc_ha => $enable_rpc_ha, enable_notifications_ha => $enable_notifications_ha, fqdn_prefix => $fqdn_prefix, diff --git a/deployment/puppet/osnailyfacter/manifests/ssl/ssl_dns_setup.pp b/deployment/puppet/osnailyfacter/manifests/ssl/ssl_dns_setup.pp index ffcd315f9f..da4a1a1c1b 100644 --- a/deployment/puppet/osnailyfacter/manifests/ssl/ssl_dns_setup.pp +++ b/deployment/puppet/osnailyfacter/manifests/ssl/ssl_dns_setup.pp @@ -19,25 +19,25 @@ class osnailyfacter::ssl::ssl_dns_setup { $public_vip = hiera('public_vip') $management_vip = hiera('management_vip') - $public_hostname = try_get_value($ssl_hash, "${service}_public_hostname", '') - $internal_hostname = try_get_value($ssl_hash, "${service}_internal_hostname", '') - $admin_hostname = try_get_value($ssl_hash, "${service}_admin_hostname", $internal_hostname) + $public_hostname = dig($ssl_hash, ["${service}_public_hostname"], '') + $internal_hostname = dig($ssl_hash, ["${service}_internal_hostname"], '') + $admin_hostname = dig($ssl_hash, ["${service}_admin_hostname"], $internal_hostname) - $service_public_ip = try_get_value($ssl_hash, "${service}_public_ip", '') + $service_public_ip = dig($ssl_hash, ["${service}_public_ip"], '') if !empty($service_public_ip) { $public_ip = $service_public_ip } else { $public_ip = $public_vip } - $service_internal_ip = try_get_value($ssl_hash, "${service}_internal_ip", '') + $service_internal_ip = dig($ssl_hash, ["${service}_internal_ip"], '') if !empty($service_internal_ip) { $internal_ip = $service_internal_ip } else { $internal_ip = $management_vip } - $service_admin_ip = try_get_value($ssl_hash, "${service}_admin_ip", '') + $service_admin_ip = dig($ssl_hash, ["${service}_admin_ip"], '') if !empty($service_admin_ip) { $admin_ip = $service_admin_ip } else { diff --git a/deployment/puppet/osnailyfacter/manifests/ssl/ssl_keys_saving.pp b/deployment/puppet/osnailyfacter/manifests/ssl/ssl_keys_saving.pp index 9de7b1cc04..2ba1f922d5 100644 --- a/deployment/puppet/osnailyfacter/manifests/ssl/ssl_keys_saving.pp +++ b/deployment/puppet/osnailyfacter/manifests/ssl/ssl_keys_saving.pp @@ -4,7 +4,7 @@ class osnailyfacter::ssl::ssl_keys_saving { $public_ssl_hash = hiera_hash('public_ssl') $ssl_hash = hiera_hash('use_ssl', {}) - $pub_certificate_content = try_get_value($public_ssl_hash, 'cert_data/content', '') + $pub_certificate_content = dig($public_ssl_hash, ['cert_data', 'content'], '') $base_path = '/etc/pki/tls/certs' $pki_path = [ '/etc/pki', '/etc/pki/tls' ] $astute_base_path = '/var/lib/astute/haproxy' @@ -28,15 +28,15 @@ class osnailyfacter::ssl::ssl_keys_saving { ){ $service = $name - $public_service = try_get_value($ssl_hash, "${service}_public", false) - $public_usercert = try_get_value($ssl_hash, "${service}_public_usercert", false) - $public_certdata = try_get_value($ssl_hash, "${service}_public_certdata/content", '') - $internal_service = try_get_value($ssl_hash, "${service}_internal", false) - $internal_usercert = try_get_value($ssl_hash, "${service}_internal_usercert", false) - $internal_certdata = try_get_value($ssl_hash, "${service}_internal_certdata/content", '') - $admin_service = try_get_value($ssl_hash, "${service}_admin", false) - $admin_usercert = try_get_value($ssl_hash, "${service}_admin_usercert", false) - $admin_certdata = try_get_value($ssl_hash, "${service}_admin_certdata/content", '') + $public_service = dig($ssl_hash, ["${service}_public"], false) + $public_usercert = dig($ssl_hash, ["${service}_public_usercert"], false) + $public_certdata = dig($ssl_hash, ["${service}_public_certdata", 'content'], '') + $internal_service = dig($ssl_hash, ["${service}_internal"], false) + $internal_usercert = dig($ssl_hash, ["${service}_internal_usercert"], false) + $internal_certdata = dig($ssl_hash, ["${service}_internal_certdata", 'content'], '') + $admin_service = dig($ssl_hash, ["${service}_admin"], false) + $admin_usercert = dig($ssl_hash, ["${service}_admin_usercert"], false) + $admin_certdata = dig($ssl_hash, ["${service}_admin_certdata", 'content'], '') if $ssl_hash["${service}"] { if $public_service and $public_usercert and !empty($public_certdata) { diff --git a/tests/noop/spec/hosts/firewall/firewall_spec.rb b/tests/noop/spec/hosts/firewall/firewall_spec.rb index 8f2bdc5af4..81e156dc8d 100644 --- a/tests/noop/spec/hosts/firewall/firewall_spec.rb +++ b/tests/noop/spec/hosts/firewall/firewall_spec.rb @@ -126,7 +126,7 @@ describe manifest do it 'should accept connections to nova' do should contain_firewall('105 nova').with( - 'port' => [ 8774, 8776, 6080 ], + 'dport' => [ 8774, 8776, 6080 ], 'proto' => 'tcp', 'action' => 'accept', ) @@ -135,7 +135,7 @@ describe manifest do it 'should accept connections to nova without ssl' do management_nets.each do |source| should contain_firewall("105 nova internal - no ssl from #{source}").with( - 'port' => [ 8775, '5900-6100' ], + 'dport' => [ 8775, '5900-6100' ], 'proto' => 'tcp', 'action' => 'accept', 'source' => source, @@ -146,7 +146,7 @@ describe manifest do it 'should accept connections to iscsi' do storage_nets.each do |source| should contain_firewall("109 iscsi from #{source}").with( - 'port' => [ 3260 ], + 'dport' => [ 3260 ], 'proto' => 'tcp', 'action' => 'accept', 'source' => source, @@ -164,17 +164,17 @@ describe manifest do it 'should create rules for heat' do should contain_firewall('204 heat-api').with( - 'port' => [ 8004 ], + 'dport' => [ 8004 ], 'proto' => 'tcp', 'action' => 'accept', ) should contain_firewall('205 heat-api-cfn').with( - 'port' => [ 8000 ], + 'dport' => [ 8000 ], 'proto' => 'tcp', 'action' => 'accept', ) should contain_firewall('206 heat-api-cloudwatch').with( - 'port' => [ 8003 ], + 'dport' => [ 8003 ], 'proto' => 'tcp', 'action' => 'accept', ) @@ -182,7 +182,7 @@ describe manifest do it 'should create rules for glance' do should contain_firewall('104 glance').with( - 'port' => [ 9292, 9494, 9191, 8773 ], + 'dport' => [ 9292, 9494, 9191, 8773 ], 'proto' => 'tcp', 'action' => 'accept', ) @@ -198,7 +198,7 @@ describe manifest do it 'should accept connections to nova without ssl' do management_nets.each do |source| should contain_firewall("105 nova vnc from #{source}").with( - 'port' => [ '5900-6100' ], + 'dport' => [ '5900-6100' ], 'proto' => 'tcp', 'action' => 'accept', 'source' => source, @@ -209,7 +209,7 @@ describe manifest do it 'should accept connections to libvirt' do management_nets.each do |source| should contain_firewall("118 libvirt from #{source}").with( - 'port' => [ 16509 ], + 'dport' => [ 16509 ], 'proto' => 'tcp', 'action' => 'accept', 'source' => source, @@ -220,7 +220,7 @@ describe manifest do it 'should allow libvirt vm migration' do management_nets.each do |source| should contain_firewall("119 libvirt-migration from #{source}").with( - 'port' => [ '49152-49215' ], + 'dport' => [ '49152-49215' ], 'proto' => 'tcp', 'action' => 'accept', 'source' => source, @@ -229,7 +229,7 @@ describe manifest do end elsif Noop.puppet_function 'member', roles, 'primary-mongo' or Noop.puppet_function 'member', roles, 'mongo' it 'should create firewall rules' do - should contain_firewall('120 mongodb').with('port' => mongodb_port) + should contain_firewall('120 mongodb').with('dport' => mongodb_port) end end diff --git a/tests/noop/spec/hosts/openstack-network/common-config_spec.rb b/tests/noop/spec/hosts/openstack-network/common-config_spec.rb index c34263f6a1..8defd997a1 100644 --- a/tests/noop/spec/hosts/openstack-network/common-config_spec.rb +++ b/tests/noop/spec/hosts/openstack-network/common-config_spec.rb @@ -50,9 +50,8 @@ describe manifest do it { should contain_class('neutron::logging').with('use_syslog' => Noop.hiera('use_syslog', true))} it { should contain_class('neutron::logging').with('use_stderr' => Noop.hiera('use_stderr', false))} - it { should contain_class('neutron::logging').with('log_facility' => Noop.hiera('syslog_log_facility_neutron', 'LOG_LOCAL4'))} + it { should contain_class('neutron::logging').with('syslog_log_facility' => Noop.hiera('syslog_log_facility_neutron', 'LOG_LOCAL4'))} it { should contain_class('neutron::logging').with('default_log_levels' => Noop.hiera('default_log_levels'))} - it { should contain_class('neutron::logging').with('verbose' => Noop.hiera('verbose', true))} it { should contain_class('neutron::logging').with('debug' => Noop.hiera('debug', true))} it { diff --git a/tests/noop/spec/hosts/openstack-network/server-config_spec.rb b/tests/noop/spec/hosts/openstack-network/server-config_spec.rb index 613193eb9b..159f11bae8 100644 --- a/tests/noop/spec/hosts/openstack-network/server-config_spec.rb +++ b/tests/noop/spec/hosts/openstack-network/server-config_spec.rb @@ -116,7 +116,6 @@ describe manifest do auth_url = "#{internal_auth_protocol}://#{internal_auth_endpoint}:35357/" auth_uri = "#{internal_auth_protocol}://#{internal_auth_endpoint}:5000/" nova_admin_auth_url = "#{admin_auth_protocol}://#{admin_auth_endpoint}:35357/" - nova_url = "#{nova_internal_protocol}://#{nova_internal_endpoint}:8774/v2" workers_max = Noop.hiera('workers_max', '16') @@ -300,7 +299,6 @@ describe manifest do it 'should configure neutron::server::notifications' do should contain_class('neutron::server::notifications').with( - 'nova_url' => nova_url, 'auth_url' => nova_admin_auth_url, 'region_name' => region_name, 'username' => nova_auth_user, diff --git a/tests/noop/spec/hosts/rabbitmq/rabbitmq_spec.rb b/tests/noop/spec/hosts/rabbitmq/rabbitmq_spec.rb index fc37659883..faf6e741aa 100644 --- a/tests/noop/spec/hosts/rabbitmq/rabbitmq_spec.rb +++ b/tests/noop/spec/hosts/rabbitmq/rabbitmq_spec.rb @@ -145,18 +145,10 @@ describe manifest do it 'should configure rabbit fence class' do if use_pacemaker should contain_class('cluster::rabbitmq_fence').with( - :enabled => enabled).that_requires('Class[rabbitmq]') + :enabled => enabled) end end - it 'should configure rabbit for nova' do - should contain_class('nova::rabbitmq').with( - :enabled => enabled, - :userid => rabbit_hash['user'], - :password => rabbit_hash['password'], - ).that_requires('Class[rabbitmq]') - end - it 'should configure pacemaker RA' do if use_pacemaker should contain_class('cluster::rabbitmq_ocf').with( @@ -180,7 +172,7 @@ describe manifest do :slave_mon_interval => rabbit_ocf[:slave_mon_interval], :master_mon_interval => rabbit_ocf[:master_mon_interval], :mon_interval => rabbit_ocf[:mon_interval], - ).that_comes_before('Class[nova::rabbitmq]') + ) should contain_class('cluster::rabbitmq_ocf').that_requires( 'Class[rabbitmq::install]') should contain_service_status('rabbitmq').that_requires('Service[rabbitmq-server]')