openstack/fuel-library
Code Issues Proposed changes
cd6dcdab96
fuel-library/deployment/puppet/nova/manifests/init.pp
Bogdan Dobrelya e2cbdd0649 Sync puppet-nova 
109d4825e5cdd15aa529c1ef7bcccc05f6a78178 4.0.0

Partial blueprint merge-openstack-puppet-modules

Change-Id: I672620f149e4a63240144f0ce20e84b084cfd459
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2014-07-04 09:01:26 +03:00

624 lines
20 KiB
Puppet
Raw Blame History

# == Class: nova
#
# This class is used to specify configuration parameters that are common
# across all nova services.
#
# === Parameters:
#
# [*ensure_package*]
# (optional) The state of nova packages
# Defaults to 'present'
#
# [*nova_cluster_id*]
# (optional) Deprecated. This parameter does nothing and will be removed.
# Defaults to 'localcluster'
#
# [*sql_connection*]
# (optional) Deprecated. Use database_connection instead.
# Defaults to false
#
# [*sql_idle_timeout*]
# (optional) Deprecated. Use database_idle_timeout instead
# Defaults to false
#
# [*database_connection*]
# (optional) Connection url to connect to nova database.
# Defaults to false
#
# [*database_idle_timeout*]
# (optional) Timeout before idle db connections are reaped.
# Defaults to 3600
#
# [*rpc_backend*]
# (optional) The rpc backend implementation to use, can be:
# nova.openstack.common.rpc.impl_kombu (for rabbitmq)
# nova.openstack.common.rpc.impl_qpid (for qpid)
# Defaults to 'nova.openstack.common.rpc.impl_kombu'
#
# [*image_service*]
# (optional) Service used to search for and retrieve images.
# Defaults to 'nova.image.local.LocalImageService'
#
# [*glance_api_servers*]
# (optional) List of addresses for api servers.
# Defaults to 'localhost:9292'
#
# [*memcached_servers*]
# (optional) Use memcached instead of in-process cache. Supply a list of memcached server IP's:Memcached Port.
# Defaults to false
#
# [*rabbit_host*]
# (optional) Location of rabbitmq installation.
# Defaults to 'localhost'
#
# [*rabbit_hosts*]
# (optional) List of clustered rabbit servers.
# Defaults to false
#
# [*rabbit_port*]
# (optional) Port for rabbitmq instance.
# Defaults to '5672'
#
# [*rabbit_password*]
# (optional) Password used to connect to rabbitmq.
# Defaults to 'guest'
#
# [*rabbit_userid*]
# (optional) User used to connect to rabbitmq.
# Defaults to 'guest'
#
# [*rabbit_virtual_host*]
# (optional) The RabbitMQ virtual host.
# Defaults to '/'
#
# [*rabbit_use_ssl*]
# (optional) Connect over SSL for RabbitMQ
# Defaults to false
#
# [*kombu_ssl_ca_certs*]
# (optional) SSL certification authority file (valid only if SSL enabled).
# Defaults to undef
#
# [*kombu_ssl_certfile*]
# (optional) SSL cert file (valid only if SSL enabled).
# Defaults to undef
#
# [*kombu_ssl_keyfile*]
# (optional) SSL key file (valid only if SSL enabled).
# Defaults to undef
#
# [*kombu_ssl_version*]
# (optional) SSL version to use (valid only if SSL enabled).
# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be
# available on some distributions.
# Defaults to 'SSLv3'
#
# [*amqp_durable_queues*]
# (optional) Define queues as "durable" to rabbitmq.
# Defaults to false
#
# [*qpid_hostname*]
# (optional) Location of qpid server
# Defaults to 'localhost'
#
# [*qpid_port*]
# (optional) Port for qpid server
# Defaults to '5672'
#
# [*qpid_username*]
# (optional) Username to use when connecting to qpid
# Defaults to 'guest'
#
# [*qpid_password*]
# (optional) Password to use when connecting to qpid
# Defaults to 'guest'
#
# [*qpid_heartbeat*]
# (optional) Seconds between connection keepalive heartbeats
# Defaults to 60
#
# [*qpid_protocol*]
# (optional) Transport to use, either 'tcp' or 'ssl''
# Defaults to 'tcp'
#
# [*qpid_sasl_mechanisms*]
# (optional) Enable one or more SASL mechanisms
# Defaults to false
#
# [*qpid_tcp_nodelay*]
# (optional) Disable Nagle algorithm
# Defaults to true
#
# [*service_down_time*]
# (optional) Maximum time since last check-in for up service.
# Defaults to 60
#
# [*logdir*]
# (optional) Deprecated. Use log_dir instead.
# Defaults to false
#
# [*log_dir*]
# (optional) Directory where logs should be stored.
# If set to boolean false, it will not log to any directory.
# Defaults to '/var/log/nova'
#
# [*state_path*]
# (optional) Directory for storing state.
# Defaults to '/var/lib/nova'
#
# [*lock_path*]
# (optional) Directory for lock files.
# On RHEL will be '/var/lib/nova/tmp' and on Debian '/var/lock/nova'
# Defaults to $::nova::params::lock_path
#
# [*verbose*]
# (optional) Set log output to verbose output.
# Defaults to false
#
# [*periodic_interval*]
# (optional) Seconds between running periodic tasks.
# Defaults to '60'
#
# [*report_interval*]
# (optional) Interval at which nodes report to data store.
# Defaults to '10'
#
# [*monitoring_notifications*]
# (optional) Whether or not to send system usage data notifications out on the message queue. Only valid for stable/essex.
# Defaults to false
#
# [*use_syslog*]
# (optional) Use syslog for logging
# Defaults to false
#
# [*log_facility*]
# (optional) Syslog facility to receive log lines.
# Defaults to 'LOG_USER'
#
# [*nova_user_id*]
# (optional) Create the nova user with the specified gid.
# Changing to a new uid after specifying a different uid previously,
# or using this option after the nova account already exists will break
# the ownership of all files/dirs owned by nova.
# Defaults to undef.
#
# [*nova_group_id*]
# (optional) Create the nova user with the specified gid.
# Changing to a new uid after specifying a different uid previously,
# or using this option after the nova account already exists will break
# the ownership of all files/dirs owned by nova.
# Defaults to undef.
#
# [*nova_public_key*]
# (optional) Install public key in .ssh/authorized_keys for the 'nova' user.
# Expects a hash of the form { type => 'key-type', key => 'key-data' } where
# 'key-type' is one of (ssh-rsa, ssh-dsa, ssh-ecdsa) and 'key-data' is the
# actual key data (e.g, 'AAAA...').
#
# [*nova_private_key*]
# (optional) Install private key into .ssh/id_rsa (or appropriate equivalent
# for key type). Expects a hash of the form { type => 'key-type', key =>
# 'key-data' }, where 'key-type' is one of (ssh-rsa, ssh-dsa, ssh-ecdsa) and
# 'key-data' is the contents of the private key file.
#
# [*nova_shell*]
# (optional) Set shell for 'nova' user to the specified value.
# Defaults to '/bin/false'.
#
# [*mysql_module*]
# (optional) Mysql module version to use. Tested versions
# are 0.9 and 2.2
# Defaults to '0.9'
#
# [*notification_driver*]
# (optional) Driver or drivers to handle sending notifications.
# Value can be a string or a list.
# Defaults to []
#
# [*notification_topics*]
# (optional) AMQP topic used for OpenStack notifications
# Defaults to 'notifications'
#
# [*notify_api_faults*]
# (optional) If set, send api.fault notifications on caught
# exceptions in the API service
# Defaults to false
#
# [*notify_on_state_change*]
# (optional) If set, send compute.instance.update notifications
# on instance state changes. Valid values are None for no notifications,
# "vm_state" for notifications on VM state changes, or "vm_and_task_state"
# for notifications on VM and task state changes.
# Defaults to undef
#
class nova(
$ensure_package = 'present',
$database_connection = false,
$database_idle_timeout = 3600,
$rpc_backend = 'nova.openstack.common.rpc.impl_kombu',
$image_service = 'nova.image.glance.GlanceImageService',
# these glance params should be optional
# this should probably just be configured as a glance client
$glance_api_servers = 'localhost:9292',
$memcached_servers = false,
$rabbit_host = 'localhost',
$rabbit_hosts = false,
$rabbit_password = 'guest',
$rabbit_port = '5672',
$rabbit_userid = 'guest',
$rabbit_virtual_host = '/',
$rabbit_use_ssl = false,
$kombu_ssl_ca_certs = undef,
$kombu_ssl_certfile = undef,
$kombu_ssl_keyfile = undef,
$kombu_ssl_version = 'SSLv3',
$amqp_durable_queues = false,
$qpid_hostname = 'localhost',
$qpid_port = '5672',
$qpid_username = 'guest',
$qpid_password = 'guest',
$qpid_sasl_mechanisms = false,
$qpid_heartbeat = 60,
$qpid_protocol = 'tcp',
$qpid_tcp_nodelay = true,
$auth_strategy = 'keystone',
$service_down_time = 60,
$log_dir = '/var/log/nova',
$state_path = '/var/lib/nova',
$lock_path = $::nova::params::lock_path,
$verbose = false,
$debug = false,
$periodic_interval = '60',
$report_interval = '10',
$rootwrap_config = '/etc/nova/rootwrap.conf',
$nova_user_id = undef,
$nova_group_id = undef,
$nova_public_key = undef,
$nova_private_key = undef,
$nova_shell = '/bin/false',
# deprecated in folsom
#$root_helper = $::nova::params::root_helper,
$monitoring_notifications = false,
$use_syslog = false,
$log_facility = 'LOG_USER',
$install_utilities = true,
$mysql_module = '0.9',
$notification_driver = [],
$notification_topics = 'notifications',
$notify_api_faults = false,
$notify_on_state_change = undef,
# DEPRECATED PARAMETERS
# this is how to query all resources from our clutser
$nova_cluster_id = undef,
$sql_connection = false,
$sql_idle_timeout = false,
$logdir = false,
) inherits nova::params {
if $nova_cluster_id {
warning('The nova_cluster_id parameter is deprecated and has no effect.')
}
group { 'nova':
ensure => present,
system => true,
gid => $nova_group_id,
before => User['nova'],
}
user { 'nova':
ensure => present,
system => true,
groups => 'nova',
home => '/var/lib/nova',
managehome => false,
shell => $nova_shell,
uid => $nova_user_id,
gid => $nova_group_id,
}
if $nova_public_key or $nova_private_key {
file { '/var/lib/nova/.ssh':
ensure => directory,
mode => '0700',
owner => nova,
group => nova,
}
if $nova_public_key {
if ! $nova_public_key[key] or ! $nova_public_key[type] {
fail('You must provide both a key type and key data.')
}
ssh_authorized_key { 'nova-migration-public-key':
ensure => present,
key => $nova_public_key[key],
type => $nova_public_key[type],
user => 'nova',
require => File['/var/lib/nova/.ssh'],
}
}
if $nova_private_key {
if ! $nova_private_key[key] or ! $nova_private_key[type] {
fail('You must provide both a key type and key data.')
}
$nova_private_key_file = $nova_private_key[type] ? {
'ssh-rsa' => '/var/lib/nova/.ssh/id_rsa',
'ssh-dsa' => '/var/lib/nova/.ssh/id_dsa',
'ssh-ecdsa' => '/var/lib/nova/.ssh/id_ecdsa',
default => undef
}
if ! $nova_private_key_file {
fail("Unable to determine name of private key file. Type specified was '${nova_private_key[type]}' but should be one of: ssh-rsa, ssh-dsa, ssh-ecdsa.")
}
file { $nova_private_key_file:
content => $nova_private_key[key],
mode => '0600',
owner => nova,
group => nova,
require => File['/var/lib/nova/.ssh'],
}
}
}
# all nova_config resources should be applied
# after the nova common package
# before the file resource for nova.conf is managed
# and before the post config resource
Package['nova-common'] -> Nova_config<| |> -> File['/etc/nova/nova.conf']
Nova_config<| |> ~> Exec['post-nova_config']
File {
require => Package['nova-common'],
owner => 'nova',
group => 'nova',
}
# TODO - see if these packages can be removed
# they should be handled as package deps by the OS
package { 'python':
ensure => present,
}
package { 'python-greenlet':
ensure => present,
require => Package['python'],
}
if $install_utilities {
class { 'nova::utilities': }
}
# this anchor is used to simplify the graph between nova components by
# allowing a resource to serve as a point where the configuration of nova begins
anchor { 'nova-start': }
package { 'python-nova':
ensure => $ensure_package,
require => Package['python-greenlet']
}
package { 'nova-common':
ensure => $ensure_package,
name => $::nova::params::common_package_name,
require => [Package['python-nova'], Anchor['nova-start'], User['nova']]
}
file { '/etc/nova/nova.conf':
mode => '0640',
}
# used by debian/ubuntu in nova::network_bridge to refresh
# interfaces based on /etc/network/interfaces
exec { 'networking-refresh':
command => '/sbin/ifdown -a ; /sbin/ifup -a',
refreshonly => true,
}
if $sql_connection {
warning('The sql_connection parameter is deprecated, use database_connection instead.')
$database_connection_real = $sql_connection
} else {
$database_connection_real = $database_connection
}
if $sql_idle_timeout {
warning('The sql_idle_timeout parameter is deprecated, use database_idle_timeout instead.')
$database_idle_timeout_real = $sql_idle_timeout
} else {
$database_idle_timeout_real = $database_idle_timeout
}
# both the database_connection and rabbit_host are things
# that may need to be collected from a remote host
if $database_connection_real {
if($database_connection_real =~ /mysql:\/\/\S+:\S+@\S+\/\S+/) {
if ($mysql_module >= 2.2) {
require 'mysql::bindings'
require 'mysql::bindings::python'
} else {
require 'mysql::python'
}
} elsif($database_connection_real =~ /postgresql:\/\/\S+:\S+@\S+\/\S+/) {
} elsif($database_connection_real =~ /sqlite:\/\//) {
} else {
fail("Invalid db connection ${database_connection_real}")
}
nova_config {
'database/connection': value => $database_connection_real, secret => true;
'database/idle_timeout': value => $database_idle_timeout_real;
}
}
nova_config { 'DEFAULT/image_service': value => $image_service }
if $image_service == 'nova.image.glance.GlanceImageService' {
if $glance_api_servers {
nova_config { 'DEFAULT/glance_api_servers': value => $glance_api_servers }
}
}
nova_config { 'DEFAULT/auth_strategy': value => $auth_strategy }
if $memcached_servers {
nova_config { 'DEFAULT/memcached_servers': value => join($memcached_servers, ',') }
} else {
nova_config { 'DEFAULT/memcached_servers': ensure => absent }
}
if $rpc_backend == 'nova.openstack.common.rpc.impl_kombu' {
# I may want to support exporting and collecting these
nova_config {
'DEFAULT/rabbit_password': value => $rabbit_password, secret => true;
'DEFAULT/rabbit_userid': value => $rabbit_userid;
'DEFAULT/rabbit_virtual_host': value => $rabbit_virtual_host;
'DEFAULT/rabbit_use_ssl': value => $rabbit_use_ssl;
'DEFAULT/amqp_durable_queues': value => $amqp_durable_queues;
}
if $rabbit_use_ssl {
if $kombu_ssl_ca_certs {
nova_config { 'DEFAULT/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs }
} else {
nova_config { 'DEFAULT/kombu_ssl_ca_certs': ensure => absent}
}
if $kombu_ssl_certfile {
nova_config { 'DEFAULT/kombu_ssl_certfile': value => $kombu_ssl_certfile }
} else {
nova_config { 'DEFAULT/kombu_ssl_certfile': ensure => absent}
}
if $kombu_ssl_keyfile {
nova_config { 'DEFAULT/kombu_ssl_keyfile': value => $kombu_ssl_keyfile }
} else {
nova_config { 'DEFAULT/kombu_ssl_keyfile': ensure => absent}
}
if $kombu_ssl_version {
nova_config { 'DEFAULT/kombu_ssl_version': value => $kombu_ssl_version }
} else {
nova_config { 'DEFAULT/kombu_ssl_version': ensure => absent}
}
} else {
nova_config {
'DEFAULT/kombu_ssl_ca_certs': ensure => absent;
'DEFAULT/kombu_ssl_certfile': ensure => absent;
'DEFAULT/kombu_ssl_keyfile': ensure => absent;
'DEFAULT/kombu_ssl_version': ensure => absent;
}
}
if $rabbit_hosts {
nova_config { 'DEFAULT/rabbit_hosts': value => join($rabbit_hosts, ',') }
nova_config { 'DEFAULT/rabbit_ha_queues': value => true }
} else {
nova_config { 'DEFAULT/rabbit_host': value => $rabbit_host }
nova_config { 'DEFAULT/rabbit_port': value => $rabbit_port }
nova_config { 'DEFAULT/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}" }
nova_config { 'DEFAULT/rabbit_ha_queues': value => false }
}
}
if $rpc_backend == 'nova.openstack.common.rpc.impl_qpid' {
nova_config {
'DEFAULT/qpid_hostname': value => $qpid_hostname;
'DEFAULT/qpid_port': value => $qpid_port;
'DEFAULT/qpid_username': value => $qpid_username;
'DEFAULT/qpid_password': value => $qpid_password, secret => true;
'DEFAULT/qpid_heartbeat': value => $qpid_heartbeat;
'DEFAULT/qpid_protocol': value => $qpid_protocol;
'DEFAULT/qpid_tcp_nodelay': value => $qpid_tcp_nodelay;
}
if is_array($qpid_sasl_mechanisms) {
nova_config {
'DEFAULT/qpid_sasl_mechanisms': value => join($qpid_sasl_mechanisms, ' ');
}
}
elsif $qpid_sasl_mechanisms {
nova_config {
'DEFAULT/qpid_sasl_mechanisms': value => $qpid_sasl_mechanisms;
}
}
else {
nova_config {
'DEFAULT/qpid_sasl_mechanisms': ensure => absent;
}
}
}
if $logdir {
warning('The logdir parameter is deprecated, use log_dir instead.')
$log_dir_real = $logdir
} else {
$log_dir_real = $log_dir
}
if $log_dir_real {
file { $log_dir_real:
ensure => directory,
mode => '0750',
}
nova_config { 'DEFAULT/log_dir': value => $log_dir_real;}
} else {
nova_config { 'DEFAULT/log_dir': ensure => absent;}
}
if $monitoring_notifications {
warning('The monitoring_notifications parameter is deprecated, use notification_driver instead.')
$notification_driver_real = 'nova.openstack.common.notifier.rpc_notifier'
} else {
$notification_driver_real = is_string($notification_driver) ? {
true => $notification_driver,
default => join($notification_driver, ',')
}
}
nova_config {
'DEFAULT/verbose': value => $verbose;
'DEFAULT/debug': value => $debug;
'DEFAULT/rpc_backend': value => $rpc_backend;
'DEFAULT/notification_driver': value => $notification_driver_real;
'DEFAULT/notification_topics': value => $notification_topics;
'DEFAULT/notify_api_faults': value => $notify_api_faults;
# Following may need to be broken out to different nova services
'DEFAULT/state_path': value => $state_path;
'DEFAULT/lock_path': value => $lock_path;
'DEFAULT/service_down_time': value => $service_down_time;
'DEFAULT/rootwrap_config': value => $rootwrap_config;
'DEFAULT/report_interval': value => $report_interval;
}
if $notify_on_state_change and $notify_on_state_change in ['vm_state', 'vm_and_task_state'] {
nova_config {
'DEFAULT/notify_on_state_change': value => $notify_on_state_change;
}
} else {
nova_config { 'DEFAULT/notify_on_state_change': ensure => absent; }
}
# Syslog configuration
if $use_syslog {
nova_config {
'DEFAULT/use_syslog': value => true;
'DEFAULT/syslog_log_facility': value => $log_facility;
}
} else {
nova_config {
'DEFAULT/use_syslog': value => false;
}
}
exec { 'post-nova_config':
command => '/bin/echo "Nova config has changed"',
refreshonly => true,
}
}
View Git Blame Copy Permalink