205 lines
8.2 KiB
Puppet
205 lines
8.2 KiB
Puppet
class openstack_tasks::murano::murano {
|
|
|
|
notice('MODULAR: murano/murano.pp')
|
|
|
|
prepare_network_config(hiera_hash('network_scheme', {}))
|
|
|
|
$murano_hash = hiera_hash('murano', {})
|
|
$murano_settings_hash = hiera_hash('murano_settings', {})
|
|
$rabbit_hash = hiera_hash('rabbit', {})
|
|
$ceilometer_hash = hiera_hash('ceilometer', {})
|
|
$neutron_config = hiera_hash('neutron_config', {})
|
|
$public_ip = hiera('public_vip')
|
|
$database_ip = hiera('database_vip')
|
|
$management_ip = hiera('management_vip')
|
|
$region = hiera('region', 'RegionOne')
|
|
$use_neutron = hiera('use_neutron', false)
|
|
$service_endpoint = hiera('service_endpoint')
|
|
$syslog_log_facility_murano = hiera('syslog_log_facility_murano')
|
|
$debug = pick($murano_hash['debug'], hiera('debug', false))
|
|
$verbose = pick($murano_hash['verbose'], hiera('verbose', true))
|
|
$default_log_levels = hiera_hash('default_log_levels')
|
|
$use_syslog = hiera('use_syslog', true)
|
|
$use_stderr = hiera('use_stderr', false)
|
|
$rabbit_ha_queues = hiera('rabbit_ha_queues')
|
|
$amqp_port = hiera('amqp_port')
|
|
$amqp_hosts = hiera('amqp_hosts')
|
|
$external_dns = hiera_hash('external_dns', {})
|
|
$public_ssl_hash = hiera_hash('public_ssl', {})
|
|
$ssl_hash = hiera_hash('use_ssl', {})
|
|
$primary_controller = hiera('primary_controller')
|
|
$kombu_compression = hiera('kombu_compression', '')
|
|
|
|
$public_auth_protocol = get_ssl_property($ssl_hash, $public_ssl_hash, 'keystone', 'public', 'protocol', 'http')
|
|
$public_auth_address = get_ssl_property($ssl_hash, $public_ssl_hash, 'keystone', 'public', 'hostname', [$public_ip])
|
|
|
|
$internal_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http')
|
|
$internal_auth_address = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [hiera('keystone_endpoint', ''), $service_endpoint, $management_vip])
|
|
|
|
$admin_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
|
|
$admin_auth_address = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [hiera('keystone_endpoint', ''), $service_endpoint, $management_vip])
|
|
|
|
$api_bind_host = get_network_role_property('murano/api', 'ipaddr')
|
|
|
|
$external_lb = hiera('external_lb', false)
|
|
|
|
$murano_plugins = pick($murano_hash['plugins'], {})
|
|
|
|
#################################################################
|
|
|
|
if $murano_hash['enabled'] {
|
|
|
|
$firewall_rule = '202 murano-api'
|
|
|
|
$api_bind_port = '8082'
|
|
|
|
$murano_user = pick($murano_hash['user'], 'murano')
|
|
$tenant = pick($murano_hash['tenant'], 'services')
|
|
|
|
$db_type = 'mysql'
|
|
$db_user = pick($murano_hash['db_user'], 'murano')
|
|
$db_name = pick($murano_hash['db_name'], 'murano')
|
|
$db_password = pick($murano_hash['db_password'])
|
|
$db_host = pick($murano_hash['db_host'], $database_ip)
|
|
# LP#1526938 - python-mysqldb supports this, python-pymysql does not
|
|
if $::os_package_type == 'debian' {
|
|
$extra_params = { 'charset' => 'utf8', 'read_timeout' => 60 }
|
|
} else {
|
|
$extra_params = { 'charset' => 'utf8' }
|
|
}
|
|
$db_connection = os_database_connection({
|
|
'dialect' => $db_type,
|
|
'host' => $db_host,
|
|
'database' => $db_name,
|
|
'username' => $db_user,
|
|
'password' => $db_password,
|
|
'extra' => $extra_params
|
|
})
|
|
|
|
$external_network = $use_neutron ? {
|
|
true => get_ext_net_name($neutron_config['predefined_networks']),
|
|
default => undef,
|
|
}
|
|
|
|
$repository_url = has_key($murano_settings_hash, 'murano_repo_url') ? {
|
|
true => $murano_settings_hash['murano_repo_url'],
|
|
default => 'http://storage.apps.openstack.org',
|
|
}
|
|
|
|
####### Disable upstart startup on install #######
|
|
tweaks::ubuntu_service_override { ['murano-api', 'murano-engine']:
|
|
package_name => 'murano',
|
|
}
|
|
|
|
firewall { $firewall_rule :
|
|
dport => $api_bind_port,
|
|
proto => 'tcp',
|
|
action => 'accept',
|
|
}
|
|
|
|
|
|
# NOTE(aschultz): UCA does not have the glance artifacts plugin package
|
|
# we can remove the os_package_type once UCA provides the package
|
|
# TODO(aschultz): switch to dig at some point
|
|
if $murano_plugins and $murano_plugins['glance_artifacts_plugin'] and $murano_plugins['glance_artifacts_plugin']['enabled'] and ($::os_package_type == 'debian') {
|
|
$packages_service = 'glance'
|
|
$enable_glare = true
|
|
} else {
|
|
$packages_service = 'murano'
|
|
$enable_glare = false
|
|
}
|
|
|
|
class { '::murano' :
|
|
verbose => $verbose,
|
|
debug => $debug,
|
|
use_syslog => $use_syslog,
|
|
use_stderr => $use_stderr,
|
|
log_facility => $syslog_log_facility_murano,
|
|
database_connection => $db_connection,
|
|
sync_db => $primary_controller,
|
|
auth_uri => "${public_auth_protocol}://${public_auth_address}:5000/",
|
|
admin_user => $murano_user,
|
|
admin_password => $murano_hash['user_password'],
|
|
admin_tenant_name => $tenant,
|
|
identity_uri => "${admin_auth_protocol}://${admin_auth_address}:35357/",
|
|
notification_driver => $ceilometer_hash['notification_driver'],
|
|
use_neutron => $use_neutron,
|
|
packages_service => $packages_service,
|
|
rabbit_os_user => $rabbit_hash['user'],
|
|
rabbit_os_password => $rabbit_hash['password'],
|
|
rabbit_os_port => $amqp_port,
|
|
rabbit_os_host => split($amqp_hosts, ','),
|
|
rabbit_ha_queues => $rabbit_ha_queues,
|
|
rabbit_own_host => $public_ip,
|
|
rabbit_own_port => $murano_hash['rabbit']['port'],
|
|
rabbit_own_vhost => $murano_hash['rabbit']['vhost'],
|
|
rabbit_own_user => $rabbit_hash['user'],
|
|
rabbit_own_password => $rabbit_hash['password'],
|
|
default_router => 'murano-default-router',
|
|
default_nameservers => pick($external_dns['dns_list'], '8.8.8.8'),
|
|
service_host => $api_bind_host,
|
|
service_port => $api_bind_port,
|
|
external_network => $external_network,
|
|
use_trusts => true,
|
|
}
|
|
|
|
class { '::murano::api':
|
|
host => $api_bind_host,
|
|
port => $api_bind_port,
|
|
sync_db => false,
|
|
}
|
|
|
|
class { '::murano::engine':
|
|
sync_db => false,
|
|
}
|
|
|
|
class { '::murano::client': }
|
|
|
|
class { '::murano::dashboard':
|
|
enable_glare => $enable_glare,
|
|
repo_url => $repository_url,
|
|
sync_db => false,
|
|
}
|
|
|
|
$haproxy_stats_url = "http://${management_ip}:10000/;csv"
|
|
|
|
$murano_protocol = get_ssl_property($ssl_hash, {}, 'murano', 'internal', 'protocol', 'http')
|
|
$murano_address = get_ssl_property($ssl_hash, {}, 'murano', 'internal', 'hostname', [$service_endpoint, $management_vip])
|
|
$murano_url = "${murano_protocol}://${murano_address}:${api_bind_port}"
|
|
|
|
$lb_defaults = { 'provider' => 'haproxy', 'url' => $haproxy_stats_url }
|
|
|
|
if $external_lb {
|
|
$lb_backend_provider = 'http'
|
|
$lb_url = $murano_url
|
|
}
|
|
|
|
$lb_hash = {
|
|
'murano-api' => {
|
|
name => 'murano-api',
|
|
provider => $lb_backend_provider,
|
|
url => $lb_url
|
|
}
|
|
}
|
|
|
|
::osnailyfacter::wait_for_backend {'murano-api':
|
|
lb_hash => $lb_hash,
|
|
lb_defaults => $lb_defaults
|
|
}
|
|
|
|
Firewall[$firewall_rule] -> Class['::murano::api']
|
|
Service['murano-api'] -> ::Osnailyfacter::Wait_for_backend['murano-api']
|
|
|
|
# TODO (iberezovskiy): remove this workaround in N when murano module
|
|
# will be switched to puppet-oslo usage for rabbit configuration
|
|
if $kombu_compression in ['gzip','bz2'] {
|
|
if !defined(Oslo::Messaging_rabbit['murano_config']) and !defined(Murano_config['oslo_messaging_rabbit/kombu_compression']) {
|
|
murano_config { 'oslo_messaging_rabbit/kombu_compression': value => $kombu_compression; }
|
|
} else {
|
|
Murano_config<| title == 'oslo_messaging_rabbit/kombu_compression' |> { value => $kombu_compression }
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|