Remove deprecated parameters
Change-Id: I7f093413d2c2b258b25508419a0ab58a85f8778f Closes-Bug: #1390099
This commit is contained in:
parent
bc75c4d457
commit
eb0ae0e597
|
@ -95,7 +95,6 @@ define haproxy::balancermember (
|
|||
$ports = undef,
|
||||
$server_names = $::hostname,
|
||||
$ipaddresses = $::ipaddress,
|
||||
$ensure = 'present',
|
||||
$order = '20',
|
||||
$options = '',
|
||||
$define_cookies = false,
|
||||
|
@ -105,7 +104,6 @@ define haproxy::balancermember (
|
|||
|
||||
# Template uses $ipaddresses, $server_name, $ports, $option
|
||||
concat::fragment { "${listening_service}_balancermember_${name}":
|
||||
ensure => $ensure,
|
||||
order => $use_include ? {
|
||||
true => "01-${name}",
|
||||
false => "${order}-${listening_service}-01-${name}",
|
||||
|
|
|
@ -35,14 +35,12 @@ describe 'haproxy::balancermember' do
|
|||
:name => 'tyler',
|
||||
:listening_service => 'croy',
|
||||
:ports => '18140',
|
||||
:ensure => 'absent'
|
||||
}
|
||||
end
|
||||
|
||||
it { should contain_concat__fragment('croy_balancermember_tyler').with(
|
||||
'order' => '20-croy-01-tyler',
|
||||
'target' => '/etc/haproxy/haproxy.cfg',
|
||||
'ensure' => 'absent',
|
||||
'content' => " server dero 1.1.1.1:18140 \n"
|
||||
) }
|
||||
end
|
||||
|
|
|
@ -130,12 +130,16 @@ define l23network::l2::port (
|
|||
}
|
||||
|
||||
# Merge offloading data with rings rx/tx
|
||||
$netrings_maximums = try_get_value($::netrings, "${port_name}/maximums")
|
||||
if is_hash($::netrings) {
|
||||
$netrings_maximums = dig($::netrings, [$port_name, 'maximums'])
|
||||
if $netrings_maximums {
|
||||
$ethtool_opts = deep_merge({ 'rings' => $netrings_maximums }, $ethtool)
|
||||
} else {
|
||||
$ethtool_opts = $ethtool
|
||||
}
|
||||
} else {
|
||||
$ethtool_opts = $ethtool
|
||||
}
|
||||
|
||||
L23_stored_config <| title == $port_name |> {
|
||||
ensure => $ensure,
|
||||
|
|
|
@ -41,7 +41,7 @@ prepare_firewall_rules(['10.20.0.0/24','10.20.0.1']','020 ssh', 'accept',
|
|||
# Add params only if nonempty
|
||||
fw_rules[name]['action'] = action unless [nil, ''].include?(action)
|
||||
fw_rules[name]['chain'] = chain unless [nil, ''].include?(chain)
|
||||
fw_rules[name]['port'] = port unless [nil, ''].include?(port)
|
||||
fw_rules[name]['dport'] = port unless [nil, ''].include?(port)
|
||||
fw_rules[name]['proto'] = proto unless [nil, ''].include?(proto)
|
||||
fw_rules[name]['source'] = source_net
|
||||
end
|
||||
|
|
|
@ -18,7 +18,7 @@ describe 'openstack::firewall::multi_net' do
|
|||
it 'contains ssh firewall rule' do
|
||||
should contain_firewall("020 ssh from 10.20.0.0/24").with(
|
||||
:action => 'accept',
|
||||
:port => '22',
|
||||
:dport => '22',
|
||||
:proto => 'tcp',
|
||||
:source => '10.20.0.0/24',
|
||||
)
|
||||
|
|
|
@ -53,11 +53,11 @@ describe 'function to prepare hash of firewall rules for multiple networks' do
|
|||
it 'should be able to prepare an ssh rule' do
|
||||
result = {
|
||||
'020 ssh from 10.0.0.0/24' => {'action' => 'accept',
|
||||
'port' => '22',
|
||||
'dport' => '22',
|
||||
'proto' => 'tcp',
|
||||
'source' => '10.0.0.0/24'},
|
||||
'020 ssh from 10.0.1.0/24' => {'action' => 'accept',
|
||||
'port' => '22',
|
||||
'dport' => '22',
|
||||
'proto' => 'tcp',
|
||||
'source' => '10.0.1.0/24'},
|
||||
}
|
||||
|
|
|
@ -28,7 +28,6 @@ class openstack_tasks::aodh::aodh {
|
|||
$tenant = pick($aodh_hash['tenant'], 'services')
|
||||
|
||||
$debug = pick($aodh_hash['debug'], hiera('debug', false))
|
||||
$verbose = pick($aodh_hash['verbose'], hiera('verbose', true))
|
||||
|
||||
$database_vip = hiera('database_vip')
|
||||
|
||||
|
@ -97,7 +96,6 @@ class openstack_tasks::aodh::aodh {
|
|||
|
||||
class { '::aodh':
|
||||
debug => $debug,
|
||||
verbose => $verbose,
|
||||
notification_topics => $notification_topics,
|
||||
rpc_backend => $rpc_backend,
|
||||
rabbit_userid => $rabbit_userid,
|
||||
|
|
|
@ -17,7 +17,6 @@ class openstack_tasks::ceilometer::compute {
|
|||
'http_timeout' => '600',
|
||||
'event_time_to_live' => '604800',
|
||||
'metering_time_to_live' => '604800',
|
||||
'alarm_history_time_to_live' => '604800',
|
||||
}
|
||||
|
||||
$region = hiera('region', 'RegionOne')
|
||||
|
@ -28,7 +27,6 @@ class openstack_tasks::ceilometer::compute {
|
|||
$amqp_user = $rabbit_hash['user']
|
||||
$kombu_compression = hiera('kombu_compression', $::os_service_default)
|
||||
$ceilometer_metering_secret = $ceilometer_hash['metering_secret']
|
||||
$verbose = pick($ceilometer_hash['verbose'], hiera('verbose', true))
|
||||
$debug = pick($ceilometer_hash['debug'], hiera('debug', false))
|
||||
$ssl_hash = hiera_hash('use_ssl', {})
|
||||
|
||||
|
@ -62,12 +60,10 @@ class openstack_tasks::ceilometer::compute {
|
|||
http_timeout => $ceilometer_hash['http_timeout'],
|
||||
event_time_to_live => $ceilometer_hash['event_time_to_live'],
|
||||
metering_time_to_live => $ceilometer_hash['metering_time_to_live'],
|
||||
alarm_history_time_to_live => $ceilometer_hash['alarm_history_time_to_live'],
|
||||
rabbit_hosts => split(hiera('amqp_hosts',''), ','),
|
||||
rabbit_userid => $amqp_user,
|
||||
rabbit_password => $amqp_password,
|
||||
metering_secret => $ceilometer_metering_secret,
|
||||
verbose => $verbose,
|
||||
debug => $debug,
|
||||
use_syslog => $use_syslog,
|
||||
use_stderr => $use_stderr,
|
||||
|
|
|
@ -10,11 +10,9 @@ class openstack_tasks::ceilometer::controller {
|
|||
'http_timeout' => '600',
|
||||
'event_time_to_live' => '604800',
|
||||
'metering_time_to_live' => '604800',
|
||||
'alarm_history_time_to_live' => '604800',
|
||||
}
|
||||
|
||||
$ceilometer_hash = hiera_hash('ceilometer', $default_ceilometer_hash)
|
||||
$verbose = pick($ceilometer_hash['verbose'], hiera('verbose', true))
|
||||
$debug = pick($ceilometer_hash['debug'], hiera('debug', false))
|
||||
$use_syslog = hiera('use_syslog', true)
|
||||
$use_stderr = hiera('use_stderr', false)
|
||||
|
@ -141,12 +139,10 @@ class openstack_tasks::ceilometer::controller {
|
|||
http_timeout => $ceilometer_hash['http_timeout'],
|
||||
event_time_to_live => $ceilometer_hash['event_time_to_live'],
|
||||
metering_time_to_live => $ceilometer_hash['metering_time_to_live'],
|
||||
alarm_history_time_to_live => $ceilometer_hash['alarm_history_time_to_live'],
|
||||
rabbit_hosts => split(hiera('amqp_hosts',''), ','),
|
||||
rabbit_userid => $amqp_user,
|
||||
rabbit_password => $amqp_password,
|
||||
metering_secret => $ceilometer_metering_secret,
|
||||
verbose => $verbose,
|
||||
debug => $debug,
|
||||
use_syslog => $use_syslog,
|
||||
use_stderr => $use_stderr,
|
||||
|
|
|
@ -8,7 +8,6 @@ class openstack_tasks::glance::glance {
|
|||
|
||||
$glance_hash = hiera_hash('glance', {})
|
||||
$glance_glare_hash = hiera_hash('glance_glare', {})
|
||||
$verbose = pick($glance_hash['verbose'], hiera('verbose', true))
|
||||
$debug = pick($glance_hash['debug'], hiera('debug', false))
|
||||
$management_vip = hiera('management_vip')
|
||||
$database_vip = hiera('database_vip')
|
||||
|
@ -145,7 +144,6 @@ class openstack_tasks::glance::glance {
|
|||
|
||||
# Install and configure glance-api
|
||||
class { '::glance::api':
|
||||
verbose => $verbose,
|
||||
debug => $debug,
|
||||
bind_host => $api_bind_host,
|
||||
auth_type => 'keystone',
|
||||
|
@ -167,7 +165,7 @@ class openstack_tasks::glance::glance {
|
|||
database_max_overflow => $max_overflow,
|
||||
show_image_direct_url => $show_image_direct_url,
|
||||
pipeline => $pipeline,
|
||||
known_stores => $known_stores,
|
||||
stores => $known_stores,
|
||||
os_region_name => $region,
|
||||
delayed_delete => false,
|
||||
scrub_time => '43200',
|
||||
|
@ -191,7 +189,6 @@ class openstack_tasks::glance::glance {
|
|||
use_syslog => $use_syslog,
|
||||
use_stderr => $use_stderr,
|
||||
log_facility => $syslog_log_facility,
|
||||
verbose => $verbose,
|
||||
debug => $debug,
|
||||
default_log_levels => hiera('default_log_levels'),
|
||||
}
|
||||
|
@ -232,7 +229,6 @@ class openstack_tasks::glance::glance {
|
|||
|
||||
# Install and configure glance-registry
|
||||
class { '::glance::registry':
|
||||
verbose => $verbose,
|
||||
debug => $debug,
|
||||
bind_host => $api_bind_host,
|
||||
auth_uri => $auth_uri,
|
||||
|
|
|
@ -36,12 +36,12 @@ class openstack_tasks::horizon::horizon {
|
|||
# of the MOS package set. This should be contributed upstream and then we can
|
||||
# use this as the default.
|
||||
#if !$::os_package_type or $::os_package_type == 'debian' {
|
||||
# $cache_backend = try_get_value($horizon_hash, 'cache_backend', 'horizon.backends.memcached.HorizonMemcached')
|
||||
# $cache_backend = dig($horizon_hash, ['cache_backend'], 'horizon.backends.memcached.HorizonMemcached')
|
||||
#} else {
|
||||
# $cache_backend = try_get_value($horizon_hash, 'cache_backend', 'django.core.cache.backends.memcached.MemcachedCache')
|
||||
# $cache_backend = dig($horizon_hash, ['cache_backend'], 'django.core.cache.backends.memcached.MemcachedCache')
|
||||
#}
|
||||
# Don't use custom backend until its code lands to MOS 9.0.
|
||||
$cache_backend = try_get_value($horizon_hash, 'cache_backend', 'django.core.cache.backends.memcached.MemcachedCache')
|
||||
$cache_backend = dig($horizon_hash, ['cache_backend'], 'django.core.cache.backends.memcached.MemcachedCache')
|
||||
|
||||
#Changing from internal addressing to public should resolve any security concerns about exposing 'internal' to public facing login.
|
||||
#However, this should eventually be removed altogether from Horizon.
|
||||
|
|
|
@ -13,7 +13,6 @@ class openstack_tasks::keystone::keystone {
|
|||
prepare_network_config($network_scheme)
|
||||
|
||||
$keystone_hash = hiera_hash('keystone', {})
|
||||
$verbose = pick($keystone_hash['verbose'], hiera('verbose', true))
|
||||
$debug = pick($keystone_hash['debug'], hiera('debug', false))
|
||||
$use_syslog = hiera('use_syslog', true)
|
||||
$use_stderr = hiera('use_stderr', false)
|
||||
|
@ -296,7 +295,6 @@ class openstack_tasks::keystone::keystone {
|
|||
if $enabled {
|
||||
class { '::keystone':
|
||||
enable_bootstrap => true,
|
||||
verbose => $verbose,
|
||||
debug => $debug,
|
||||
catalog_type => 'sql',
|
||||
admin_token => $admin_token,
|
||||
|
|
|
@ -104,7 +104,6 @@ class openstack_tasks::openstack_cinder::openstack_cinder {
|
|||
$iscsi_bind_host = get_network_role_property('cinder/iscsi', 'ipaddr')
|
||||
$use_syslog = hiera('use_syslog', true)
|
||||
$use_stderr = hiera('use_stderr', false)
|
||||
$verbose = pick($cinder_hash['verbose'], hiera('verbose', true))
|
||||
$debug = pick($cinder_hash['debug'], hiera('debug', true))
|
||||
|
||||
######### Cinder Controller Services ########
|
||||
|
@ -145,7 +144,6 @@ class openstack_tasks::openstack_cinder::openstack_cinder {
|
|||
rabbit_userid => $rabbit_hash['user'],
|
||||
rabbit_password => $rabbit_hash['password'],
|
||||
database_connection => $db_connection,
|
||||
verbose => $verbose,
|
||||
use_syslog => $use_syslog,
|
||||
use_stderr => $use_stderr,
|
||||
log_facility => hiera('syslog_log_facility_cinder', 'LOG_LOCAL3'),
|
||||
|
|
|
@ -10,10 +10,11 @@ class openstack_tasks::openstack_network::agents::dhcp {
|
|||
|
||||
$debug = hiera('debug', true)
|
||||
$resync_interval = '30'
|
||||
$isolated_metadata = try_get_value($neutron_config, 'metadata/isolated_metadata', true)
|
||||
$neutron_config = hiera_hash('neutron_config')
|
||||
$isolated_metadata = dig($neutron_config, ['metadata', 'isolated_metadata'], true)
|
||||
|
||||
$neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { })
|
||||
$ha_agent = try_get_value($neutron_advanced_config, 'dhcp_agent_ha', true)
|
||||
$ha_agent = dig($neutron_advanced_config, ['dhcp_agent_ha'], true)
|
||||
|
||||
class { '::neutron::agents::dhcp':
|
||||
debug => $debug,
|
||||
|
|
|
@ -36,7 +36,7 @@ class openstack_tasks::openstack_network::agents::l3 {
|
|||
|
||||
prepare_network_config($network_scheme)
|
||||
|
||||
$ha_agent = try_get_value($neutron_advanced_config, 'l3_agent_ha', true)
|
||||
$ha_agent = dig($neutron_advanced_config, ['l3_agent_ha'], true)
|
||||
|
||||
class { '::neutron::agents::l3':
|
||||
debug => $debug,
|
||||
|
|
|
@ -29,10 +29,10 @@ class openstack_tasks::openstack_network::agents::metadata {
|
|||
|
||||
if $controller or ($dvr and $compute) {
|
||||
$debug = hiera('debug', true)
|
||||
$ha_agent = try_get_value($neutron_advanced_config, 'metadata_agent_ha', true)
|
||||
$ha_agent = dig($neutron_advanced_config, ['metadata_agent_ha'], true)
|
||||
$service_endpoint = hiera('service_endpoint')
|
||||
$management_vip = hiera('management_vip')
|
||||
$shared_secret = try_get_value($neutron_config, 'metadata/metadata_proxy_shared_secret')
|
||||
$shared_secret = dig($neutron_config, ['metadata', 'metadata_proxy_shared_secret'])
|
||||
$nova_endpoint = hiera('nova_endpoint', $management_vip)
|
||||
$nova_metadata_protocol = hiera('nova_metadata_protocol', 'http')
|
||||
$ssl_hash = hiera_hash('use_ssl', {})
|
||||
|
|
|
@ -47,7 +47,7 @@ class openstack_tasks::openstack_network::common_config {
|
|||
|
||||
$kombu_compression = hiera('kombu_compression', $::os_service_default)
|
||||
|
||||
$segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type')
|
||||
$segmentation_type = dig($neutron_config, ['L2', 'segmentation_type'])
|
||||
|
||||
$nets = $neutron_config['predefined_networks']
|
||||
|
||||
|
@ -84,11 +84,10 @@ class openstack_tasks::openstack_network::common_config {
|
|||
}
|
||||
|
||||
class { '::neutron::logging':
|
||||
verbose => $verbose,
|
||||
debug => $debug,
|
||||
use_syslog => $use_syslog,
|
||||
use_stderr => $use_stderr,
|
||||
log_facility => $log_facility,
|
||||
syslog_log_facility => $log_facility,
|
||||
default_log_levels => $default_log_levels,
|
||||
}
|
||||
|
||||
|
|
|
@ -13,9 +13,9 @@ class openstack_tasks::openstack_network::compute_nova {
|
|||
|
||||
$management_vip = hiera('management_vip')
|
||||
$service_endpoint = hiera('service_endpoint', $management_vip)
|
||||
$admin_password = try_get_value($neutron_config, 'keystone/admin_password')
|
||||
$admin_tenant_name = try_get_value($neutron_config, 'keystone/admin_tenant', 'services')
|
||||
$admin_username = try_get_value($neutron_config, 'keystone/admin_user', 'neutron')
|
||||
$admin_password = dig($neutron_config, ['keystone', 'admin_password'])
|
||||
$admin_tenant_name = dig($neutron_config, ['keystone', 'admin_tenant'], 'services')
|
||||
$admin_username = dig($neutron_config, ['keystone', 'admin_user'], 'neutron')
|
||||
$region_name = hiera('region', 'RegionOne')
|
||||
$auth_api_version = 'v3'
|
||||
$ssl_hash = hiera_hash('use_ssl', {})
|
||||
|
|
|
@ -5,43 +5,43 @@ class openstack_tasks::openstack_network::networks {
|
|||
$access_hash = hiera_hash('access', {})
|
||||
$keystone_admin_tenant = $access_hash['tenant']
|
||||
$neutron_config = hiera_hash('neutron_config')
|
||||
$floating_net = try_get_value($neutron_config, 'default_floating_net', 'net04_ext')
|
||||
$private_net = try_get_value($neutron_config, 'default_private_net', 'net04')
|
||||
$default_router = try_get_value($neutron_config, 'default_router', 'router04')
|
||||
$segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type')
|
||||
$floating_net = dig($neutron_config, ['default_floating_net'], 'net04_ext')
|
||||
$private_net = dig($neutron_config, ['default_private_net'], 'net04')
|
||||
$default_router = dig($neutron_config, ['default_router'], 'router04')
|
||||
$segmentation_type = dig($neutron_config, ['L2', 'segmentation_type'])
|
||||
$nets = $neutron_config['predefined_networks']
|
||||
|
||||
if $segmentation_type == 'vlan' {
|
||||
$network_type = 'vlan'
|
||||
$segmentation_id_range = split(try_get_value($neutron_config, 'L2/phys_nets/physnet2/vlan_range', ''), ':')
|
||||
$segmentation_id_range = split(dig($neutron_config, ['L2', 'phys_nets', 'physnet2', 'vlan_range'], ''), ':')
|
||||
} elsif $segmentation_type == 'gre' {
|
||||
$network_type = 'gre'
|
||||
$segmentation_id_range = split(try_get_value($neutron_config, 'L2/tunnel_id_ranges', ''), ':')
|
||||
$segmentation_id_range = split(dig($neutron_config, ['L2', 'tunnel_id_ranges'], ''), ':')
|
||||
} else {
|
||||
$network_type = 'vxlan'
|
||||
$segmentation_id_range = split(try_get_value($neutron_config, 'L2/tunnel_id_ranges', ''), ':')
|
||||
$segmentation_id_range = split(dig($neutron_config, ['L2', 'tunnel_id_ranges'], ''), ':')
|
||||
}
|
||||
|
||||
$fallback_segment_id = $segmentation_id_range[0]
|
||||
$private_net_segment_id = try_get_value($nets, "${private_net}/L2/segment_id", $fallback_segment_id)
|
||||
$private_net_physnet = try_get_value($nets, "${private_net}/L2/physnet", false)
|
||||
$private_net_shared = try_get_value($nets, "${private_net}/shared", false)
|
||||
$private_net_segment_id = dig($nets, [$private_net, 'L2', 'segment_id'], $fallback_segment_id)
|
||||
$private_net_physnet = dig($nets, [$private_net, 'L2', 'physnet'], false)
|
||||
$private_net_shared = dig($nets, [$private_net, 'shared'], false)
|
||||
$private_net_router_external = false
|
||||
$floating_net_type = try_get_value($nets, "${floating_net}/L2/network_type", 'local')
|
||||
$floating_net_type = dig($nets, [$floating_net, 'L2', 'network_type'], 'local')
|
||||
$floating_net_physnet = $floating_net_type ? {
|
||||
'local' => false,
|
||||
default => try_get_value($nets, "${floating_net}/L2/physnet", false),
|
||||
default => dig($nets, [$floating_net, 'L2', 'physnet'], false),
|
||||
}
|
||||
$floating_net_router_external = try_get_value($nets, "${floating_net}/L2/router_ext")
|
||||
$floating_net_floating_range = try_get_value($nets, "${floating_net}/L3/floating", '')
|
||||
$floating_net_shared = try_get_value($nets, "${floating_net}/shared", false)
|
||||
$floating_net_router_external = dig($nets, [$floating_net, 'L2', 'router_ext'])
|
||||
$floating_net_floating_range = dig($nets, [$floating_net, 'L3', 'floating'], '')
|
||||
$floating_net_shared = dig($nets, [$floating_net, 'shared'], false)
|
||||
|
||||
if !empty($floating_net_floating_range) {
|
||||
$floating_cidr = try_get_value($nets, "${floating_net}/L3/subnet")
|
||||
$floating_cidr = dig($nets, [$floating_net, 'L3', 'subnet'])
|
||||
$floating_net_allocation_pool = format_allocation_pools($floating_net_floating_range, $floating_cidr)
|
||||
}
|
||||
|
||||
$tenant_name = try_get_value($access_hash, 'tenant', 'admin')
|
||||
$tenant_name = dig($access_hash, ['tenant'], 'admin')
|
||||
|
||||
neutron_network { $floating_net :
|
||||
ensure => 'present',
|
||||
|
@ -54,10 +54,10 @@ class openstack_tasks::openstack_network::networks {
|
|||
|
||||
neutron_subnet { "${floating_net}__subnet" :
|
||||
ensure => 'present',
|
||||
cidr => try_get_value($nets, "${floating_net}/L3/subnet"),
|
||||
cidr => dig($nets, [$floating_net, 'L3', 'subnet']),
|
||||
network_name => $floating_net,
|
||||
tenant_name => $tenant_name,
|
||||
gateway_ip => try_get_value($nets, "${floating_net}/L3/gateway"),
|
||||
gateway_ip => dig($nets, [$floating_net, 'L3', 'gateway']),
|
||||
enable_dhcp => false,
|
||||
allocation_pools => $floating_net_allocation_pool,
|
||||
}
|
||||
|
@ -74,19 +74,19 @@ class openstack_tasks::openstack_network::networks {
|
|||
|
||||
neutron_subnet { "${private_net}__subnet" :
|
||||
ensure => 'present',
|
||||
cidr => try_get_value($nets, "${private_net}/L3/subnet"),
|
||||
cidr => dig($nets, [$private_net, 'L3', 'subnet']),
|
||||
network_name => $private_net,
|
||||
tenant_name => $tenant_name,
|
||||
gateway_ip => try_get_value($nets, "${private_net}/L3/gateway"),
|
||||
gateway_ip => dig($nets, [$private_net, 'L3', 'gateway']),
|
||||
enable_dhcp => true,
|
||||
dns_nameservers => try_get_value($nets, "${private_net}/L3/nameservers"),
|
||||
dns_nameservers => dig($nets, [$private_net, 'L3', 'nameservers']),
|
||||
}
|
||||
|
||||
if has_key($nets, 'baremetal') {
|
||||
$baremetal_physnet = try_get_value($nets, 'baremetal/L2/physnet', false)
|
||||
$baremetal_segment_id = try_get_value($nets, 'baremetal/L2/segment_id')
|
||||
$baremetal_router_external = try_get_value($nets, 'baremetal/L2/router_ext')
|
||||
$baremetal_shared = try_get_value($nets, 'baremetal/shared', false)
|
||||
$baremetal_physnet = dig($nets, ['baremetal', 'L2', 'physnet'], false)
|
||||
$baremetal_segment_id = dig($nets, ['baremetal', 'L2', 'segment_id'])
|
||||
$baremetal_router_external = dig($nets, ['baremetal', 'L2', 'router_ext'])
|
||||
$baremetal_shared = dig($nets, ['baremetal', 'shared'], false)
|
||||
|
||||
neutron_network { 'baremetal' :
|
||||
ensure => 'present',
|
||||
|
@ -100,13 +100,13 @@ class openstack_tasks::openstack_network::networks {
|
|||
|
||||
neutron_subnet { 'baremetal__subnet' :
|
||||
ensure => 'present',
|
||||
cidr => try_get_value($nets, 'baremetal/L3/subnet'),
|
||||
cidr => dig($nets, ['baremetal', 'L3', 'subnet']),
|
||||
network_name => 'baremetal',
|
||||
tenant_name => $tenant_name,
|
||||
gateway_ip => try_get_value($nets, 'baremetal/L3/gateway'),
|
||||
gateway_ip => dig($nets, ['baremetal', 'L3', 'gateway']),
|
||||
enable_dhcp => true,
|
||||
dns_nameservers => try_get_value($nets, 'baremetal/L3/nameservers'),
|
||||
allocation_pools => format_allocation_pools(try_get_value($nets, 'baremetal/L3/floating')),
|
||||
dns_nameservers => dig($nets, ['baremetal', 'L3', 'nameservers']),
|
||||
allocation_pools => format_allocation_pools(dig($nets, ['baremetal', 'L3', 'floating'])),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -42,10 +42,10 @@ class openstack_tasks::openstack_network::plugins::ml2 {
|
|||
prepare_network_config($network_scheme)
|
||||
|
||||
$neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { })
|
||||
$l2_population = try_get_value($neutron_advanced_config, 'neutron_l2_pop', false)
|
||||
$dvr = try_get_value($neutron_advanced_config, 'neutron_dvr', false)
|
||||
$l2_population = dig($neutron_advanced_config, ['neutron_l2_pop'], false)
|
||||
$dvr = dig($neutron_advanced_config, ['neutron_dvr'], false)
|
||||
$enable_qos = pick($neutron_advanced_config['neutron_qos'], false)
|
||||
$segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type')
|
||||
$segmentation_type = dig($neutron_config, ['L2', 'segmentation_type'])
|
||||
|
||||
if $compute and ! $dvr {
|
||||
$do_floating = false
|
||||
|
@ -160,7 +160,7 @@ class openstack_tasks::openstack_network::plugins::ml2 {
|
|||
refreshonly => true,
|
||||
}
|
||||
|
||||
$ha_agent = try_get_value($neutron_advanced_config, 'l2_agent_ha', true)
|
||||
$ha_agent = dig($neutron_advanced_config, ['l2_agent_ha'], true)
|
||||
if $ha_agent {
|
||||
#Exec<| title == 'waiting-for-neutron-api' |> ->
|
||||
class { '::cluster::neutron::ovs' :
|
||||
|
|
|
@ -13,10 +13,10 @@ class openstack_tasks::openstack_network::routers {
|
|||
$access_hash = hiera_hash('access', {})
|
||||
$keystone_admin_tenant = pick($access_hash['tenant'], 'admin')
|
||||
$neutron_config = hiera_hash('neutron_config')
|
||||
$floating_net = try_get_value($neutron_config, 'default_floating_net', 'net04_ext')
|
||||
$private_net = try_get_value($neutron_config, 'default_private_net', 'net04')
|
||||
$default_router = try_get_value($neutron_config, 'default_router', 'router04')
|
||||
$baremetal_router = try_get_value($neutron_config, 'baremetal_router', 'baremetal')
|
||||
$floating_net = dig($neutron_config, ['default_floating_net'], 'net04_ext')
|
||||
$private_net = dig($neutron_config, ['default_private_net'], 'net04')
|
||||
$default_router = dig($neutron_config, ['default_router'], 'router04')
|
||||
$baremetal_router = dig($neutron_config, ['baremetal_router'], 'baremetal')
|
||||
$nets = $neutron_config['predefined_networks']
|
||||
|
||||
if ($l3_ha) and ($controllers_num < 2) {
|
||||
|
|
|
@ -30,9 +30,9 @@ class openstack_tasks::openstack_network::server_config {
|
|||
|
||||
$db_type = 'mysql'
|
||||
$db_password = $neutron_config['database']['passwd']
|
||||
$db_user = try_get_value($neutron_config, 'database/user', 'neutron')
|
||||
$db_name = try_get_value($neutron_config, 'database/name', 'neutron')
|
||||
$db_host = try_get_value($neutron_config, 'database/host', $database_vip)
|
||||
$db_user = dig($neutron_config, ['database', 'user'], 'neutron')
|
||||
$db_name = dig($neutron_config, ['database', 'name'], 'neutron')
|
||||
$db_host = dig($neutron_config, ['database', 'host'], $database_vip)
|
||||
# LP#1526938 - python-mysqldb supports this, python-pymysql does not
|
||||
if $::os_package_type == 'debian' {
|
||||
$extra_params = { 'charset' => 'utf8', 'read_timeout' => 60 }
|
||||
|
@ -72,20 +72,16 @@ class openstack_tasks::openstack_network::server_config {
|
|||
$admin_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
|
||||
$admin_auth_endpoint = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [$service_endpoint, $management_vip])
|
||||
|
||||
$nova_internal_protocol = get_ssl_property($ssl_hash, {}, 'nova', 'internal', 'protocol', 'http')
|
||||
$nova_internal_endpoint = get_ssl_property($ssl_hash, {}, 'nova', 'internal', 'hostname', [$nova_endpoint])
|
||||
|
||||
$auth_api_version = 'v2.0'
|
||||
$auth_uri = "${internal_auth_protocol}://${internal_auth_endpoint}:5000/"
|
||||
$auth_url = "${internal_auth_protocol}://${internal_auth_endpoint}:35357/"
|
||||
$nova_admin_auth_url = "${admin_auth_protocol}://${admin_auth_endpoint}:35357/"
|
||||
$nova_url = "${nova_internal_protocol}://${nova_internal_endpoint}:8774/v2"
|
||||
|
||||
$workers_max = hiera('workers_max', 16)
|
||||
$service_workers = pick($neutron_config['workers'], min(max($::processorcount, 1), $workers_max))
|
||||
|
||||
$neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { })
|
||||
$l2_population = try_get_value($neutron_advanced_config, 'neutron_l2_pop', false)
|
||||
$l2_population = dig($neutron_advanced_config, ['neutron_l2_pop'], false)
|
||||
$dvr = pick($neutron_advanced_config['neutron_dvr'], false)
|
||||
$l3_ha = pick($neutron_advanced_config['neutron_l3_ha'], false)
|
||||
$l3agent_failover = $l3_ha ? { true => false, default => true}
|
||||
|
@ -107,9 +103,9 @@ class openstack_tasks::openstack_network::server_config {
|
|||
$default_mechanism_drivers = ['openvswitch']
|
||||
$l2_population_mech_driver = $l2_population ? { true => ['l2population'], default => []}
|
||||
$sriov_mech_driver = $use_sriov ? { true => ['sriovnicswitch'], default => []}
|
||||
$mechanism_drivers = delete(try_get_value($neutron_config, 'L2/mechanism_drivers', concat($default_mechanism_drivers,$l2_population_mech_driver,$sriov_mech_driver)), '')
|
||||
$mechanism_drivers = delete(dig($neutron_config, ['L2', 'mechanism_drivers'], concat($default_mechanism_drivers,$l2_population_mech_driver,$sriov_mech_driver)), '')
|
||||
$flat_networks = ['*']
|
||||
$segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type')
|
||||
$segmentation_type = dig($neutron_config, ['L2', 'segmentation_type'])
|
||||
|
||||
$network_scheme = hiera_hash('network_scheme', {})
|
||||
prepare_network_config($network_scheme)
|
||||
|
@ -123,7 +119,7 @@ class openstack_tasks::openstack_network::server_config {
|
|||
Class['::neutron::plugins::ml2'] -> Augeas['/etc/default/neutron-server:ml2_sriov_config']
|
||||
}
|
||||
|
||||
$_path_mtu = try_get_value($neutron_config, 'L2/path_mtu', undef)
|
||||
$_path_mtu = dig($neutron_config, ['L2', 'path_mtu'], undef)
|
||||
|
||||
if $segmentation_type == 'vlan' {
|
||||
$net_role_property = 'neutron/private'
|
||||
|
@ -150,7 +146,7 @@ class openstack_tasks::openstack_network::server_config {
|
|||
$net_role_property = 'neutron/mesh'
|
||||
$tunneling_ip = get_network_role_property($net_role_property, 'ipaddr')
|
||||
$iface = get_network_role_property($net_role_property, 'phys_dev')
|
||||
$tunnel_id_ranges = [try_get_value($neutron_config, 'L2/tunnel_id_ranges')]
|
||||
$tunnel_id_ranges = [dig($neutron_config, ['L2', 'tunnel_id_ranges'])]
|
||||
$physical_network_mtus = generate_physnet_mtus($neutron_config, $network_scheme, {
|
||||
'do_floating' => $do_floating,
|
||||
'do_tenant' => false,
|
||||
|
@ -241,7 +237,6 @@ class openstack_tasks::openstack_network::server_config {
|
|||
}
|
||||
|
||||
class { '::neutron::server::notifications':
|
||||
nova_url => $nova_url,
|
||||
auth_url => $nova_admin_auth_url,
|
||||
username => $nova_auth_user,
|
||||
project_name => $nova_auth_tenant,
|
||||
|
|
|
@ -6,9 +6,9 @@ class openstack_tasks::openstack_network::server_nova {
|
|||
$management_vip = hiera('management_vip')
|
||||
$service_endpoint = hiera('service_endpoint', $management_vip)
|
||||
$neutron_endpoint = hiera('neutron_endpoint', $management_vip)
|
||||
$admin_password = try_get_value($neutron_config, 'keystone/admin_password')
|
||||
$admin_tenant_name = try_get_value($neutron_config, 'keystone/admin_tenant', 'services')
|
||||
$admin_username = try_get_value($neutron_config, 'keystone/admin_user', 'neutron')
|
||||
$admin_password = dig($neutron_config, ['keystone', 'admin_password'])
|
||||
$admin_tenant_name = dig($neutron_config, ['keystone', 'admin_tenant'], 'services')
|
||||
$admin_username = dig($neutron_config, ['keystone', 'admin_user'], 'neutron')
|
||||
$region_name = hiera('region', 'RegionOne')
|
||||
$auth_api_version = 'v3'
|
||||
$ssl_hash = hiera_hash('use_ssl', {})
|
||||
|
|
|
@ -200,7 +200,7 @@ class osnailyfacter::firewall::firewall {
|
|||
}
|
||||
|
||||
firewall {'340 vxlan_udp_port':
|
||||
port => $vxlan_udp_port,
|
||||
dport => $vxlan_udp_port,
|
||||
proto => 'udp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
@ -245,7 +245,7 @@ class osnailyfacter::firewall::firewall {
|
|||
}
|
||||
|
||||
firewall { '100 http':
|
||||
port => [$http_port, $https_port],
|
||||
dport => [$http_port, $https_port],
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
@ -265,19 +265,19 @@ class osnailyfacter::firewall::firewall {
|
|||
}
|
||||
|
||||
firewall {'103 swift':
|
||||
port => [$swift_proxy_port, $swift_object_port, $swift_container_port, $swift_account_port, $swift_proxy_check_port],
|
||||
dport => [$swift_proxy_port, $swift_object_port, $swift_container_port, $swift_account_port, $swift_proxy_check_port],
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
||||
firewall {'104 glance':
|
||||
port => [$glance_api_port, $glance_glare_port, $glance_reg_port, $glance_nova_api_ec2_port,],
|
||||
dport => [$glance_api_port, $glance_glare_port, $glance_reg_port, $glance_nova_api_ec2_port,],
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
||||
firewall {'105 nova':
|
||||
port => [$nova_api_compute_port, $nova_api_volume_port, $nova_vncproxy_port],
|
||||
dport => [$nova_api_compute_port, $nova_api_volume_port, $nova_vncproxy_port],
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
@ -339,7 +339,7 @@ class osnailyfacter::firewall::firewall {
|
|||
}
|
||||
|
||||
firewall {'111 dhcp-server':
|
||||
port => $dhcp_server_port,
|
||||
dport => $dhcp_server_port,
|
||||
proto => 'udp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
@ -373,13 +373,13 @@ class osnailyfacter::firewall::firewall {
|
|||
}
|
||||
|
||||
firewall {'121 ceilometer':
|
||||
port => $ceilometer_port,
|
||||
dport => $ceilometer_port,
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
||||
firewall {'122 aodh':
|
||||
port => $aodh_port,
|
||||
dport => $aodh_port,
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
@ -391,19 +391,19 @@ class osnailyfacter::firewall::firewall {
|
|||
}
|
||||
|
||||
firewall {'204 heat-api':
|
||||
port => $heat_api_port,
|
||||
dport => $heat_api_port,
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
||||
firewall {'205 heat-api-cfn':
|
||||
port => $heat_api_cfn_port,
|
||||
dport => $heat_api_cfn_port,
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
||||
firewall {'206 heat-api-cloudwatch':
|
||||
port => $heat_api_cloudwatch_port,
|
||||
dport => $heat_api_cloudwatch_port,
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
@ -436,7 +436,7 @@ class osnailyfacter::firewall::firewall {
|
|||
|
||||
if member($roles, 'primary-mongo') or member($roles, 'mongo') {
|
||||
firewall {'120 mongodb':
|
||||
port => $mongodb_port,
|
||||
dport => $mongodb_port,
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
|
|
@ -236,18 +236,16 @@ class osnailyfacter::globals::globals {
|
|||
|
||||
$vips = $network_metadata['vips']
|
||||
|
||||
# TODO(mpolenchuk): try_get_value() is deprecated,
|
||||
# replace with dig() once stdlib 4.12 will be available
|
||||
$public_vip = try_get_value($vips, 'public/ipaddr',
|
||||
$public_vip = dig($vips, ['public', 'ipaddr'],
|
||||
get_network_role_property('public/vip', 'ipaddr')
|
||||
)
|
||||
$management_vip = try_get_value($vips, 'management/ipaddr',
|
||||
$management_vip = dig($vips, ['management', 'ipaddr'],
|
||||
get_network_role_property('mgmt/vip', 'ipaddr')
|
||||
)
|
||||
$public_vrouter_vip = try_get_value($vips, 'vrouter_pub/ipaddr', undef)
|
||||
$management_vrouter_vip = try_get_value($vips, 'vrouter/ipaddr', undef)
|
||||
$database_vip = try_get_value($vips, 'database/ipaddr', $management_vip)
|
||||
$service_endpoint = try_get_value($vips, 'service_endpoint/ipaddr', $management_vip)
|
||||
$public_vrouter_vip = dig($vips, ['vrouter_pub', 'ipaddr'], undef)
|
||||
$management_vrouter_vip = dig($vips, ['vrouter', 'ipaddr'], undef)
|
||||
$database_vip = dig($vips, ['database', 'ipaddr'], $management_vip)
|
||||
$service_endpoint = dig($vips, ['service_endpoint', 'ipaddr'], $management_vip)
|
||||
|
||||
$neutron_config = hiera_hash('quantum_settings')
|
||||
$network_provider = 'neutron'
|
||||
|
|
|
@ -183,22 +183,30 @@ class osnailyfacter::rabbitmq::rabbitmq {
|
|||
Class['::rabbitmq::install'] -> Exec['epmd_daemon']
|
||||
-> Rabbitmq_plugin<| |> -> Rabbitmq_exchange<| |>
|
||||
|
||||
rabbitmq_user { $rabbit_hash['user']:
|
||||
admin => true,
|
||||
password => $rabbit_hash['password'],
|
||||
provider => 'rabbitmqctl',
|
||||
}
|
||||
|
||||
rabbitmq_user_permissions { "${rabbit_hash['user']}@/":
|
||||
configure_permission => '.*',
|
||||
write_permission => '.*',
|
||||
read_permission => '.*',
|
||||
provider => 'rabbitmqctl',
|
||||
}
|
||||
|
||||
rabbitmq_vhost { $virtual_host:
|
||||
provider => 'rabbitmqctl',
|
||||
}
|
||||
|
||||
if ($use_pacemaker) {
|
||||
# Install rabbit-fence daemon
|
||||
class { '::cluster::rabbitmq_fence':
|
||||
enabled => $enabled,
|
||||
require => Class['::rabbitmq']
|
||||
}
|
||||
}
|
||||
|
||||
class { '::nova::rabbitmq':
|
||||
enabled => $enabled,
|
||||
userid => $rabbit_hash['user'],
|
||||
password => $rabbit_hash['password'],
|
||||
require => Class['::rabbitmq'],
|
||||
}
|
||||
|
||||
if ($use_pacemaker) {
|
||||
class { '::cluster::rabbitmq_ocf':
|
||||
command_timeout => $command_timeout,
|
||||
debug => $debug,
|
||||
|
@ -206,7 +214,6 @@ class osnailyfacter::rabbitmq::rabbitmq {
|
|||
admin_user => $rabbit_hash['user'],
|
||||
admin_pass => $rabbit_hash['password'],
|
||||
host_ip => $rabbitmq_bind_ip_address,
|
||||
before => Class['::nova::rabbitmq'],
|
||||
enable_rpc_ha => $enable_rpc_ha,
|
||||
enable_notifications_ha => $enable_notifications_ha,
|
||||
fqdn_prefix => $fqdn_prefix,
|
||||
|
|
|
@ -19,25 +19,25 @@ class osnailyfacter::ssl::ssl_dns_setup {
|
|||
$public_vip = hiera('public_vip')
|
||||
$management_vip = hiera('management_vip')
|
||||
|
||||
$public_hostname = try_get_value($ssl_hash, "${service}_public_hostname", '')
|
||||
$internal_hostname = try_get_value($ssl_hash, "${service}_internal_hostname", '')
|
||||
$admin_hostname = try_get_value($ssl_hash, "${service}_admin_hostname", $internal_hostname)
|
||||
$public_hostname = dig($ssl_hash, ["${service}_public_hostname"], '')
|
||||
$internal_hostname = dig($ssl_hash, ["${service}_internal_hostname"], '')
|
||||
$admin_hostname = dig($ssl_hash, ["${service}_admin_hostname"], $internal_hostname)
|
||||
|
||||
$service_public_ip = try_get_value($ssl_hash, "${service}_public_ip", '')
|
||||
$service_public_ip = dig($ssl_hash, ["${service}_public_ip"], '')
|
||||
if !empty($service_public_ip) {
|
||||
$public_ip = $service_public_ip
|
||||
} else {
|
||||
$public_ip = $public_vip
|
||||
}
|
||||
|
||||
$service_internal_ip = try_get_value($ssl_hash, "${service}_internal_ip", '')
|
||||
$service_internal_ip = dig($ssl_hash, ["${service}_internal_ip"], '')
|
||||
if !empty($service_internal_ip) {
|
||||
$internal_ip = $service_internal_ip
|
||||
} else {
|
||||
$internal_ip = $management_vip
|
||||
}
|
||||
|
||||
$service_admin_ip = try_get_value($ssl_hash, "${service}_admin_ip", '')
|
||||
$service_admin_ip = dig($ssl_hash, ["${service}_admin_ip"], '')
|
||||
if !empty($service_admin_ip) {
|
||||
$admin_ip = $service_admin_ip
|
||||
} else {
|
||||
|
|
|
@ -4,7 +4,7 @@ class osnailyfacter::ssl::ssl_keys_saving {
|
|||
|
||||
$public_ssl_hash = hiera_hash('public_ssl')
|
||||
$ssl_hash = hiera_hash('use_ssl', {})
|
||||
$pub_certificate_content = try_get_value($public_ssl_hash, 'cert_data/content', '')
|
||||
$pub_certificate_content = dig($public_ssl_hash, ['cert_data', 'content'], '')
|
||||
$base_path = '/etc/pki/tls/certs'
|
||||
$pki_path = [ '/etc/pki', '/etc/pki/tls' ]
|
||||
$astute_base_path = '/var/lib/astute/haproxy'
|
||||
|
@ -28,15 +28,15 @@ class osnailyfacter::ssl::ssl_keys_saving {
|
|||
){
|
||||
$service = $name
|
||||
|
||||
$public_service = try_get_value($ssl_hash, "${service}_public", false)
|
||||
$public_usercert = try_get_value($ssl_hash, "${service}_public_usercert", false)
|
||||
$public_certdata = try_get_value($ssl_hash, "${service}_public_certdata/content", '')
|
||||
$internal_service = try_get_value($ssl_hash, "${service}_internal", false)
|
||||
$internal_usercert = try_get_value($ssl_hash, "${service}_internal_usercert", false)
|
||||
$internal_certdata = try_get_value($ssl_hash, "${service}_internal_certdata/content", '')
|
||||
$admin_service = try_get_value($ssl_hash, "${service}_admin", false)
|
||||
$admin_usercert = try_get_value($ssl_hash, "${service}_admin_usercert", false)
|
||||
$admin_certdata = try_get_value($ssl_hash, "${service}_admin_certdata/content", '')
|
||||
$public_service = dig($ssl_hash, ["${service}_public"], false)
|
||||
$public_usercert = dig($ssl_hash, ["${service}_public_usercert"], false)
|
||||
$public_certdata = dig($ssl_hash, ["${service}_public_certdata", 'content'], '')
|
||||
$internal_service = dig($ssl_hash, ["${service}_internal"], false)
|
||||
$internal_usercert = dig($ssl_hash, ["${service}_internal_usercert"], false)
|
||||
$internal_certdata = dig($ssl_hash, ["${service}_internal_certdata", 'content'], '')
|
||||
$admin_service = dig($ssl_hash, ["${service}_admin"], false)
|
||||
$admin_usercert = dig($ssl_hash, ["${service}_admin_usercert"], false)
|
||||
$admin_certdata = dig($ssl_hash, ["${service}_admin_certdata", 'content'], '')
|
||||
|
||||
if $ssl_hash["${service}"] {
|
||||
if $public_service and $public_usercert and !empty($public_certdata) {
|
||||
|
|
|
@ -126,7 +126,7 @@ describe manifest do
|
|||
|
||||
it 'should accept connections to nova' do
|
||||
should contain_firewall('105 nova').with(
|
||||
'port' => [ 8774, 8776, 6080 ],
|
||||
'dport' => [ 8774, 8776, 6080 ],
|
||||
'proto' => 'tcp',
|
||||
'action' => 'accept',
|
||||
)
|
||||
|
@ -135,7 +135,7 @@ describe manifest do
|
|||
it 'should accept connections to nova without ssl' do
|
||||
management_nets.each do |source|
|
||||
should contain_firewall("105 nova internal - no ssl from #{source}").with(
|
||||
'port' => [ 8775, '5900-6100' ],
|
||||
'dport' => [ 8775, '5900-6100' ],
|
||||
'proto' => 'tcp',
|
||||
'action' => 'accept',
|
||||
'source' => source,
|
||||
|
@ -146,7 +146,7 @@ describe manifest do
|
|||
it 'should accept connections to iscsi' do
|
||||
storage_nets.each do |source|
|
||||
should contain_firewall("109 iscsi from #{source}").with(
|
||||
'port' => [ 3260 ],
|
||||
'dport' => [ 3260 ],
|
||||
'proto' => 'tcp',
|
||||
'action' => 'accept',
|
||||
'source' => source,
|
||||
|
@ -164,17 +164,17 @@ describe manifest do
|
|||
|
||||
it 'should create rules for heat' do
|
||||
should contain_firewall('204 heat-api').with(
|
||||
'port' => [ 8004 ],
|
||||
'dport' => [ 8004 ],
|
||||
'proto' => 'tcp',
|
||||
'action' => 'accept',
|
||||
)
|
||||
should contain_firewall('205 heat-api-cfn').with(
|
||||
'port' => [ 8000 ],
|
||||
'dport' => [ 8000 ],
|
||||
'proto' => 'tcp',
|
||||
'action' => 'accept',
|
||||
)
|
||||
should contain_firewall('206 heat-api-cloudwatch').with(
|
||||
'port' => [ 8003 ],
|
||||
'dport' => [ 8003 ],
|
||||
'proto' => 'tcp',
|
||||
'action' => 'accept',
|
||||
)
|
||||
|
@ -182,7 +182,7 @@ describe manifest do
|
|||
|
||||
it 'should create rules for glance' do
|
||||
should contain_firewall('104 glance').with(
|
||||
'port' => [ 9292, 9494, 9191, 8773 ],
|
||||
'dport' => [ 9292, 9494, 9191, 8773 ],
|
||||
'proto' => 'tcp',
|
||||
'action' => 'accept',
|
||||
)
|
||||
|
@ -198,7 +198,7 @@ describe manifest do
|
|||
it 'should accept connections to nova without ssl' do
|
||||
management_nets.each do |source|
|
||||
should contain_firewall("105 nova vnc from #{source}").with(
|
||||
'port' => [ '5900-6100' ],
|
||||
'dport' => [ '5900-6100' ],
|
||||
'proto' => 'tcp',
|
||||
'action' => 'accept',
|
||||
'source' => source,
|
||||
|
@ -209,7 +209,7 @@ describe manifest do
|
|||
it 'should accept connections to libvirt' do
|
||||
management_nets.each do |source|
|
||||
should contain_firewall("118 libvirt from #{source}").with(
|
||||
'port' => [ 16509 ],
|
||||
'dport' => [ 16509 ],
|
||||
'proto' => 'tcp',
|
||||
'action' => 'accept',
|
||||
'source' => source,
|
||||
|
@ -220,7 +220,7 @@ describe manifest do
|
|||
it 'should allow libvirt vm migration' do
|
||||
management_nets.each do |source|
|
||||
should contain_firewall("119 libvirt-migration from #{source}").with(
|
||||
'port' => [ '49152-49215' ],
|
||||
'dport' => [ '49152-49215' ],
|
||||
'proto' => 'tcp',
|
||||
'action' => 'accept',
|
||||
'source' => source,
|
||||
|
@ -229,7 +229,7 @@ describe manifest do
|
|||
end
|
||||
elsif Noop.puppet_function 'member', roles, 'primary-mongo' or Noop.puppet_function 'member', roles, 'mongo'
|
||||
it 'should create firewall rules' do
|
||||
should contain_firewall('120 mongodb').with('port' => mongodb_port)
|
||||
should contain_firewall('120 mongodb').with('dport' => mongodb_port)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -50,9 +50,8 @@ describe manifest do
|
|||
|
||||
it { should contain_class('neutron::logging').with('use_syslog' => Noop.hiera('use_syslog', true))}
|
||||
it { should contain_class('neutron::logging').with('use_stderr' => Noop.hiera('use_stderr', false))}
|
||||
it { should contain_class('neutron::logging').with('log_facility' => Noop.hiera('syslog_log_facility_neutron', 'LOG_LOCAL4'))}
|
||||
it { should contain_class('neutron::logging').with('syslog_log_facility' => Noop.hiera('syslog_log_facility_neutron', 'LOG_LOCAL4'))}
|
||||
it { should contain_class('neutron::logging').with('default_log_levels' => Noop.hiera('default_log_levels'))}
|
||||
it { should contain_class('neutron::logging').with('verbose' => Noop.hiera('verbose', true))}
|
||||
it { should contain_class('neutron::logging').with('debug' => Noop.hiera('debug', true))}
|
||||
|
||||
it {
|
||||
|
|
|
@ -116,7 +116,6 @@ describe manifest do
|
|||
auth_url = "#{internal_auth_protocol}://#{internal_auth_endpoint}:35357/"
|
||||
auth_uri = "#{internal_auth_protocol}://#{internal_auth_endpoint}:5000/"
|
||||
nova_admin_auth_url = "#{admin_auth_protocol}://#{admin_auth_endpoint}:35357/"
|
||||
nova_url = "#{nova_internal_protocol}://#{nova_internal_endpoint}:8774/v2"
|
||||
|
||||
workers_max = Noop.hiera('workers_max', '16')
|
||||
|
||||
|
@ -300,7 +299,6 @@ describe manifest do
|
|||
|
||||
it 'should configure neutron::server::notifications' do
|
||||
should contain_class('neutron::server::notifications').with(
|
||||
'nova_url' => nova_url,
|
||||
'auth_url' => nova_admin_auth_url,
|
||||
'region_name' => region_name,
|
||||
'username' => nova_auth_user,
|
||||
|
|
|
@ -145,18 +145,10 @@ describe manifest do
|
|||
it 'should configure rabbit fence class' do
|
||||
if use_pacemaker
|
||||
should contain_class('cluster::rabbitmq_fence').with(
|
||||
:enabled => enabled).that_requires('Class[rabbitmq]')
|
||||
:enabled => enabled)
|
||||
end
|
||||
end
|
||||
|
||||
it 'should configure rabbit for nova' do
|
||||
should contain_class('nova::rabbitmq').with(
|
||||
:enabled => enabled,
|
||||
:userid => rabbit_hash['user'],
|
||||
:password => rabbit_hash['password'],
|
||||
).that_requires('Class[rabbitmq]')
|
||||
end
|
||||
|
||||
it 'should configure pacemaker RA' do
|
||||
if use_pacemaker
|
||||
should contain_class('cluster::rabbitmq_ocf').with(
|
||||
|
@ -180,7 +172,7 @@ describe manifest do
|
|||
:slave_mon_interval => rabbit_ocf[:slave_mon_interval],
|
||||
:master_mon_interval => rabbit_ocf[:master_mon_interval],
|
||||
:mon_interval => rabbit_ocf[:mon_interval],
|
||||
).that_comes_before('Class[nova::rabbitmq]')
|
||||
)
|
||||
should contain_class('cluster::rabbitmq_ocf').that_requires(
|
||||
'Class[rabbitmq::install]')
|
||||
should contain_service_status('rabbitmq').that_requires('Service[rabbitmq-server]')
|
||||
|
|
Loading…
Reference in New Issue