367 lines
15 KiB
Puppet
367 lines
15 KiB
Puppet
notice('MODULAR: compute.pp')
|
|
|
|
$network_scheme = hiera_hash('network_scheme', {})
|
|
$override_configuration = hiera_hash('configuration', {})
|
|
$network_metadata = hiera_hash('network_metadata', {})
|
|
prepare_network_config($network_scheme)
|
|
|
|
# Pulling hiera
|
|
$compute_hash = hiera_hash('compute', {})
|
|
$node_name = hiera('node_name')
|
|
$public_int = hiera('public_int', undef)
|
|
$public_vip = hiera('public_vip')
|
|
$management_vip = hiera('management_vip')
|
|
$database_vip = hiera('database_vip')
|
|
$service_endpoint = hiera('service_endpoint')
|
|
$primary_controller = hiera('primary_controller')
|
|
$use_neutron = hiera('use_neutron', false)
|
|
$sahara_hash = hiera('sahara', {})
|
|
$murano_hash = hiera('murano', {})
|
|
$mp_hash = hiera('mp')
|
|
$verbose = pick($compute_hash['verbose'], true)
|
|
$debug = pick($compute_hash['debug'], hiera('debug', true))
|
|
$use_monit = false
|
|
$auto_assign_floating_ip = hiera('auto_assign_floating_ip', false)
|
|
$nodes_hash = hiera('nodes', {})
|
|
$storage_hash = hiera_hash('storage_hash', {})
|
|
$vcenter_hash = hiera('vcenter', {})
|
|
$nova_hash = hiera_hash('nova_hash', {})
|
|
$nova_custom_hash = hiera_hash('nova_custom_hash', {})
|
|
$rabbit_hash = hiera_hash('rabbit_hash', {})
|
|
$glance_hash = hiera_hash('glance_hash', {})
|
|
$keystone_hash = hiera_hash('keystone_hash', {})
|
|
$swift_hash = hiera_hash('swift_hash', {})
|
|
$cinder_hash = hiera_hash('cinder_hash', {})
|
|
$ceilometer_hash = hiera_hash('ceilometer_hash',{})
|
|
$access_hash = hiera('access', {})
|
|
$swift_proxies = hiera('swift_proxies')
|
|
$swift_master_role = hiera('swift_master_role', 'primary-controller')
|
|
$neutron_mellanox = hiera('neutron_mellanox', false)
|
|
$syslog_hash = hiera('syslog', {})
|
|
$base_syslog_hash = hiera('base_syslog', {})
|
|
$use_syslog = hiera('use_syslog', true)
|
|
$use_stderr = hiera('use_stderr', false)
|
|
$syslog_log_facility_glance = hiera('syslog_log_facility_glance', 'LOG_LOCAL2')
|
|
$syslog_log_facility_cinder = hiera('syslog_log_facility_cinder', 'LOG_LOCAL3')
|
|
$syslog_log_facility_neutron = hiera('syslog_log_facility_neutron', 'LOG_LOCAL4')
|
|
$syslog_log_facility_nova = hiera('syslog_log_facility_nova','LOG_LOCAL6')
|
|
$syslog_log_facility_keystone = hiera('syslog_log_facility_keystone', 'LOG_LOCAL7')
|
|
$syslog_log_facility_murano = hiera('syslog_log_facility_murano', 'LOG_LOCAL0')
|
|
$syslog_log_facility_sahara = hiera('syslog_log_facility_sahara','LOG_LOCAL0')
|
|
$nova_rate_limits = hiera('nova_rate_limits')
|
|
$nova_report_interval = hiera('nova_report_interval')
|
|
$nova_service_down_time = hiera('nova_service_down_time')
|
|
$config_drive_format = 'vfat'
|
|
$public_ssl_hash = hiera('public_ssl')
|
|
$ssl_hash = hiera_hash('use_ssl', {})
|
|
|
|
$glance_protocol = get_ssl_property($ssl_hash, {}, 'glance', 'internal', 'protocol', 'http')
|
|
$glance_endpoint = get_ssl_property($ssl_hash, {}, 'glance', 'internal', 'hostname', [hiera('glance_endpoint', $management_vip)])
|
|
$glance_internal_ssl = get_ssl_property($ssl_hash, {}, 'glance', 'internal', 'usage', false)
|
|
if $glance_internal_ssl {
|
|
$glance_api_servers = "${glance_protocol}://${glance_endpoint}:9292"
|
|
} else {
|
|
$glance_api_servers = hiera('glance_api_servers', "${management_vip}:9292")
|
|
}
|
|
|
|
$vncproxy_protocol = get_ssl_property($ssl_hash, $public_ssl_hash, 'nova', 'public', 'protocol', [$nova_hash['vncproxy_protocol'], 'http'])
|
|
$vncproxy_host = get_ssl_property($ssl_hash, $public_ssl_hash, 'nova', 'public', 'hostname', [$public_vip])
|
|
|
|
$db_host = pick($nova_hash['db_host'], $database_vip)
|
|
|
|
$block_device_allocate_retries = hiera('block_device_allocate_retries', 300)
|
|
$block_device_allocate_retries_interval = hiera('block_device_allocate_retries_interval', 3)
|
|
|
|
# TODO: openstack_version is confusing, there's such string var in hiera and hardcoded hash
|
|
$hiera_openstack_version = hiera('openstack_version')
|
|
$openstack_version = {
|
|
'keystone' => 'installed',
|
|
'glance' => 'installed',
|
|
'horizon' => 'installed',
|
|
'nova' => 'installed',
|
|
'novncproxy' => 'installed',
|
|
'cinder' => 'installed',
|
|
}
|
|
|
|
$queue_provider = hiera('queue_provider', 'rabbitmq')
|
|
|
|
# Do the stuff
|
|
if $neutron_mellanox {
|
|
$mellanox_mode = $neutron_mellanox['plugin']
|
|
} else {
|
|
$mellanox_mode = 'disabled'
|
|
}
|
|
|
|
if $use_neutron {
|
|
$novanetwork_params = {}
|
|
$network_provider = 'neutron'
|
|
$neutron_config = hiera_hash('quantum_settings')
|
|
$neutron_db_password = $neutron_config['database']['passwd']
|
|
$neutron_user_password = $neutron_config['keystone']['admin_password']
|
|
$neutron_metadata_proxy_secret = $neutron_config['metadata']['metadata_proxy_shared_secret']
|
|
$base_mac = $neutron_config['L2']['base_mac']
|
|
} else {
|
|
$network_provider = 'nova'
|
|
$floating_ips_range = hiera('floating_network_range')
|
|
$neutron_config = {}
|
|
$novanetwork_params = hiera('novanetwork_parameters')
|
|
}
|
|
|
|
if $primary_controller {
|
|
if ($mellanox_mode == 'ethernet') {
|
|
$test_vm_pkg = 'cirros-testvm-mellanox'
|
|
} else {
|
|
$test_vm_pkg = 'cirros-testvm'
|
|
}
|
|
package { 'cirros-testvm' :
|
|
ensure => 'installed',
|
|
name => $test_vm_pkg,
|
|
}
|
|
}
|
|
|
|
if !$rabbit_hash['user'] {
|
|
$rabbit_hash['user'] = 'nova'
|
|
}
|
|
|
|
$floating_hash = {}
|
|
|
|
##CALCULATED PARAMETERS
|
|
|
|
$memcached_server = hiera('memcached_addresses')
|
|
$memcached_port = hiera('memcache_server_port', '11211')
|
|
##TODO: simply parse nodes array
|
|
$roles = $network_metadata['nodes'][$node_name]['node_roles']
|
|
$mountpoints = filter_hash($mp_hash,'point')
|
|
|
|
# SQLAlchemy backend configuration
|
|
$max_pool_size = min($::processorcount * 5 + 0, 30 + 0)
|
|
$max_overflow = min($::processorcount * 5 + 0, 60 + 0)
|
|
$max_retries = '-1'
|
|
$idle_timeout = '3600'
|
|
|
|
if ($storage_hash['volumes_lvm']) {
|
|
nova_config { 'keymgr/fixed_key':
|
|
value => $cinder_hash[fixed_key];
|
|
}
|
|
}
|
|
|
|
# Determine who should get the volume service
|
|
|
|
if (member($roles, 'cinder') and $storage_hash['volumes_lvm']) {
|
|
$manage_volumes = 'iscsi'
|
|
} elsif (member($roles, 'cinder') and $storage_hash['volumes_vmdk']) {
|
|
$manage_volumes = 'vmdk'
|
|
} elsif ($storage_hash['volumes_ceph']) {
|
|
$manage_volumes = 'ceph'
|
|
} else {
|
|
$manage_volumes = false
|
|
}
|
|
|
|
#Determine who should be the default backend
|
|
|
|
if ($storage_hash['images_ceph']) {
|
|
$glance_backend = 'ceph'
|
|
$glance_known_stores = [ 'glance.store.rbd.Store', 'glance.store.http.Store' ]
|
|
} elsif ($storage_hash['images_vcenter']) {
|
|
$glance_backend = 'vmware'
|
|
$glance_known_stores = [ 'glance.store.vmware_datastore.Store', 'glance.store.http.Store' ]
|
|
} else {
|
|
$glance_backend = 'swift'
|
|
$glance_known_stores = [ 'glance.store.swift.Store', 'glance.store.http.Store' ]
|
|
}
|
|
|
|
# Use Swift if it isn't replaced by vCenter, Ceph for BOTH images and objects
|
|
if !($storage_hash['images_ceph'] and $storage_hash['objects_ceph']) and !$storage_hash['images_vcenter'] {
|
|
$use_swift = true
|
|
} else {
|
|
$use_swift = false
|
|
}
|
|
|
|
# Get reserved host memory straight value if we've ceph neighbor
|
|
$r_hostmem = member($roles, 'ceph-osd') ? {
|
|
true => min(max(floor($::memorysize_mb*0.2), 512), 1536),
|
|
false => undef,
|
|
}
|
|
|
|
# NOTE(bogdando) for controller nodes running Corosync with Pacemaker
|
|
# we delegate all of the monitor functions to RA instead of monit.
|
|
if member($roles, 'controller') or member($roles, 'primary-controller') {
|
|
$use_monit_real = false
|
|
} else {
|
|
$use_monit_real = $use_monit
|
|
}
|
|
|
|
if $use_monit_real {
|
|
# Configure service names for monit watchdogs and 'service' system path
|
|
# FIXME(bogdando) replace service_path to systemd, once supported
|
|
include nova::params
|
|
include cinder::params
|
|
include neutron::params
|
|
$nova_compute_name = $::nova::params::compute_service_name
|
|
$nova_api_name = $::nova::params::api_service_name
|
|
$nova_network_name = $::nova::params::network_service_name
|
|
$cinder_volume_name = $::cinder::params::volume_service
|
|
$ovs_vswitchd_name = $::l23network::params::ovs_service_name
|
|
case $::osfamily {
|
|
'RedHat' : {
|
|
$service_path = '/sbin/service'
|
|
}
|
|
'Debian' : {
|
|
$service_path = '/usr/sbin/service'
|
|
}
|
|
default : {
|
|
fail("Unsupported osfamily: ${osfamily} for os ${operatingsystem}")
|
|
}
|
|
}
|
|
}
|
|
|
|
#HARDCODED PARAMETERS
|
|
if hiera('use_vcenter', false) {
|
|
$multi_host = false
|
|
} else {
|
|
$multi_host = true
|
|
}
|
|
|
|
$mirror_type = 'external'
|
|
Exec { logoutput => true }
|
|
|
|
include osnailyfacter::test_compute
|
|
|
|
if ($::mellanox_mode == 'ethernet') {
|
|
$neutron_private_net = pick($neutron_config['default_private_net'], 'net04')
|
|
$physnet = $neutron_config['predefined_networks'][$neutron_private_net]['L2']['physnet']
|
|
class { 'mellanox_openstack::compute':
|
|
physnet => $physnet,
|
|
physifc => $neutron_mellanox['physical_port'],
|
|
}
|
|
}
|
|
|
|
# NOTE(bogdando) deploy compute node with disabled nova-compute
|
|
# service #LP1398817. The orchestration will start and enable it back
|
|
# after the deployment is done.
|
|
# FIXME(bogdando) This should be changed once the host aggregates implemented, bp disable-new-computes
|
|
class { 'openstack::compute':
|
|
enabled => false,
|
|
public_interface => $public_int ? { undef=>'', default=>$public_int},
|
|
private_interface => $use_neutron ? { true=>false, default=>hiera('private_int', undef)},
|
|
internal_address => get_network_role_property('nova/api', 'ipaddr'),
|
|
libvirt_type => hiera('libvirt_type', undef),
|
|
# FIXME(bogdando) remove after fixed upstream https://review.openstack.org/131710
|
|
host_uuid => hiera('host_uuid', generate('/bin/sh', '-c', 'uuidgen')),
|
|
fixed_range => $use_neutron ? { true=>false, default=>hiera('fixed_network_range', undef)},
|
|
network_manager => hiera('network_manager', undef),
|
|
network_config => hiera('network_config', {}),
|
|
multi_host => $multi_host,
|
|
queue_provider => $queue_provider,
|
|
amqp_hosts => hiera('amqp_hosts',''),
|
|
amqp_user => $rabbit_hash['user'],
|
|
amqp_password => $rabbit_hash['password'],
|
|
rabbit_ha_queues => $rabbit_ha_queues,
|
|
auto_assign_floating_ip => $auto_assign_floating_ip,
|
|
glance_api_servers => $glance_api_servers,
|
|
vncproxy_protocol => $vncproxy_protocol,
|
|
vncproxy_host => $vncproxy_host,
|
|
vncserver_listen => '0.0.0.0',
|
|
migration_support => true,
|
|
debug => $debug,
|
|
verbose => $verbose,
|
|
use_stderr => $use_stderr,
|
|
cinder_volume_group => 'cinder',
|
|
vnc_enabled => true,
|
|
manage_volumes => $manage_volumes,
|
|
nova_user_password => $nova_hash[user_password],
|
|
nova_hash => merge({'reserved_host_memory' => $r_hostmem}, $nova_hash),
|
|
cache_server_ip => $memcached_server,
|
|
cache_server_port => $memcached_port,
|
|
service_endpoint => $service_endpoint,
|
|
cinder => true,
|
|
cinder_iscsi_bind_addr => get_network_role_property('cinder/iscsi', 'ipaddr'),
|
|
cinder_user_password => $cinder_hash[user_password],
|
|
cinder_db_password => $cinder_hash[db_password],
|
|
ceilometer => $ceilometer_hash[enabled],
|
|
ceilometer_metering_secret => $ceilometer_hash[metering_secret],
|
|
ceilometer_user_password => $ceilometer_hash[user_password],
|
|
db_host => $db_host,
|
|
network_provider => $network_provider,
|
|
neutron_user_password => $use_neutron ? { true=>$neutron_config['keystone']['admin_password'], default=>undef},
|
|
base_mac => $base_mac,
|
|
|
|
use_syslog => $use_syslog,
|
|
syslog_log_facility => $syslog_log_facility_nova,
|
|
syslog_log_facility_neutron => $syslog_log_facility_neutron,
|
|
nova_rate_limits => $nova_rate_limits,
|
|
nova_report_interval => $nova_report_interval,
|
|
nova_service_down_time => $nova_service_down_time,
|
|
state_path => $nova_hash[state_path],
|
|
neutron_settings => $neutron_config,
|
|
storage_hash => $storage_hash,
|
|
config_drive_format => $config_drive_format,
|
|
}
|
|
|
|
# Required for fping API extension, see LP#1486404
|
|
ensure_packages('fping')
|
|
|
|
$nova_config_hash = {
|
|
'DEFAULT/resume_guests_state_on_host_boot' => { value => hiera('resume_guests_state_on_host_boot', 'False') },
|
|
'DEFAULT/use_cow_images' => { value => hiera('use_cow_images', 'True') },
|
|
'DEFAULT/block_device_allocate_retries' => { value => $block_device_allocate_retries },
|
|
'DEFAULT/block_device_allocate_retries_interval' => { value => $block_device_allocate_retries_interval },
|
|
'libvirt/libvirt_inject_key' => { value => 'true' },
|
|
'libvirt/libvirt_inject_password' => { value => 'true' },
|
|
}
|
|
|
|
$nova_complete_hash = merge($nova_config_hash, $nova_custom_hash)
|
|
|
|
class {'nova::config':
|
|
nova_config => $nova_complete_hash,
|
|
}
|
|
|
|
# Configure monit watchdogs
|
|
# FIXME(bogdando) replace service_path and action to systemd, once supported
|
|
if $use_monit_real {
|
|
monit::process { $nova_compute_name :
|
|
ensure => running,
|
|
matching => '/usr/bin/python /usr/bin/nova-compute',
|
|
start_command => "${service_path} ${nova_compute_name} restart",
|
|
stop_command => "${service_path} ${nova_compute_name} stop",
|
|
pidfile => false,
|
|
}
|
|
if $use_neutron {
|
|
monit::process { $ovs_vswitchd_name :
|
|
ensure => running,
|
|
start_command => "${service_path} ${ovs_vswitchd_name} restart",
|
|
stop_command => "${service_path} ${ovs_vswitchd_name} stop",
|
|
pidfile => '/var/run/openvswitch/ovs-vswitchd.pid',
|
|
}
|
|
} else {
|
|
monit::process { $nova_network_name :
|
|
ensure => running,
|
|
matching => '/usr/bin/python /usr/bin/nova-network',
|
|
start_command => "${service_path} ${nova_network_name} restart",
|
|
stop_command => "${service_path} ${nova_network_name} stop",
|
|
pidfile => false,
|
|
}
|
|
monit::process { $nova_api_name :
|
|
ensure => running,
|
|
matching => '/usr/bin/python /usr/bin/nova-api',
|
|
start_command => "${service_path} ${nova_api_name} restart",
|
|
stop_command => "${service_path} ${nova_api_name} stop",
|
|
pidfile => false,
|
|
}
|
|
}
|
|
}
|
|
|
|
# override nova options
|
|
override_resources { 'nova_config':
|
|
data => $override_configuration['nova_config']
|
|
}
|
|
|
|
# override nova-api options
|
|
override_resources { 'nova_paste_api_ini':
|
|
data => $override_configuration['nova_paste_api_ini']
|
|
}
|
|
########################################################################
|
|
|
|
|
|
# vim: set ts=2 sw=2 et :
|