Update plugin for using with base Murano

Now Murano plugin can be used with Murano installed from ISO. Also add YAQL syntax and minor typo syntax fixes. Change-Id: I96ed7c2632e989d5ee3dfac7a102e2be62f8de43
2016-06-22 15:32:14 +03:00 · 2016-06-22 15:32:14 +03:00 · a1a510e0ce
parent 9a6f20db04
commit a1a510e0ce
14 changed files with 243 additions and 134 deletions
--- a/components.yaml
+++ b/components.yaml
@ -15,5 +15,4 @@
    - name: additional_service:sahara
    - name: additional_service:ceilometer
    - name: additional_service:ironic
-  incompatible:
    - name: additional_service:murano
--- a/deployment_scripts/manifests/murano.pp
+++ b/deployment_scripts/manifests/murano.pp
@ -9,7 +9,7 @@ $neutron_config             = hiera_hash('neutron_config', {})
 $public_ssl_hash            = hiera_hash('public_ssl', {})
 $ssl_hash                   = hiera_hash('use_ssl', {})
 $external_dns               = hiera_hash('external_dns', {})
-$primary_murano             = roles_include(['primary-murano-node'])
+$primary_murano             = roles_include(['primary-murano-node', 'primary-controller'])
 $public_ip                  = hiera('public_vip')
 $database_ip                = hiera('database_vip')
 $management_ip              = hiera('management_vip')
@ -87,16 +87,13 @@ firewall { $firewall_rule :

 if $murano_plugins and has_key($murano_plugins, 'glance_artifacts_plugin') and $murano_plugins['glance_artifacts_plugin']['enabled'] {
  $packages_service = 'glance'
-
-  package {'murano-glance-artifacts-plugin':
-    ensure  => installed,
-  }
 } else {
  $packages_service = 'murano'
 }

 class { '::murano' :
  verbose             => $verbose,
+  package_ensure      => 'latest',
  debug               => $debug,
  use_syslog          => $use_syslog,
  use_stderr          => $use_stderr,
@ -130,8 +127,9 @@ class { '::murano' :
 }

 class { '::murano::api':
-  host    => $api_bind_host,
-  port    => $api_bind_port,
+  host           => $api_bind_host,
+  port           => $api_bind_port,
+  package_ensure => 'latest',
 }

 include ::murano::engine
--- a/deployment_scripts/manifests/murano_cfapi.pp
+++ b/deployment_scripts/manifests/murano_cfapi.pp
@ -4,13 +4,10 @@ prepare_network_config(hiera_hash('network_scheme', {}))

 $access_hash       = hiera_hash('access', {})
 $murano_cfapi_hash = hiera_hash('murano_cfapi', {})
-$cfapi_enabled     = $murano_cfapi_hash['enabled']
 $public_ip         = hiera('public_vip')
 $management_ip     = hiera('management_vip')
 $public_ssl_hash   = hiera_hash('public_ssl', {})
 $ssl_hash          = hiera_hash('use_ssl', {})
-$service_endpoint  = hiera('service_endpoint')
-$external_lb       = hiera('external_lb', false)

 $public_auth_protocol = get_ssl_property($ssl_hash, $public_ssl_hash, 'keystone', 'public', 'protocol', 'http')
 $public_auth_address  = get_ssl_property($ssl_hash, $public_ssl_hash, 'keystone', 'public', 'hostname', [$public_ip])
@ -32,38 +29,11 @@ tweaks::ubuntu_service_override { ['murano-cfapi']:
 }

 class { '::murano::cfapi' :
-  tenant    => $access_hash['tenant'],
-  enabled   => $cfapi_enabled,
-  bind_host => $cfapi_bind_host,
-  bind_port => $cfapi_bind_port,
-  auth_url  => "${public_auth_protocol}://${public_auth_address}:5000/",
-}
-
-if $cfapi_enabled {
-  $haproxy_stats_url     = "http://${management_ip}:10000/;csv"
-  $murano_cfapi_protocol = get_ssl_property($ssl_hash, {}, 'murano', 'internal', 'protocol', 'http')
-  $murano_cfapi_address  = get_ssl_property($ssl_hash, {}, 'murano', 'internal', 'hostname', [$service_endpoint, $management_ip])
-  $murano_cfapi_url      = "${murano_cfapi_protocol}://${murano_cfapi_address}:${cfapi_bind_port}"
-  $lb_defaults           = { 'provider' => 'haproxy', 'url' => $haproxy_stats_url }
-
-  if $external_lb {
-    $lb_backend_provider = 'http'
-    $lb_url = $murano_cfapi_url
-  }
-
-  $lb_hash = {
-    'murano-cfapi' => {
-      name     => 'murano-cfapi',
-      provider => $lb_backend_provider,
-      url      => $lb_url
-    }
-  }
-
-  ::osnailyfacter::wait_for_backend {'murano-cfapi':
-    lb_hash     => $lb_hash,
-    lb_defaults => $lb_defaults
-  }
-  Service['murano-cfapi'] -> ::Osnailyfacter::Wait_for_backend['murano-cfapi']
+  package_ensure => 'latest',
+  tenant         => $access_hash['tenant'],
+  bind_host      => $cfapi_bind_host,
+  bind_port      => $cfapi_bind_port,
+  auth_url       => "${public_auth_protocol}://${public_auth_address}:5000/",
 }

 Firewall[$firewall_rule] -> Class['murano::cfapi']
--- a/deployment_scripts/manifests/murano_dashboard.pp
+++ b/deployment_scripts/manifests/murano_dashboard.pp
@ -8,6 +8,9 @@ $repository_url = has_key($murano_hash, 'murano_repo_url') ? {
 }
 if has_key($murano_plugins, 'glance_artifacts_plugin') and $murano_plugins['glance_artifacts_plugin']['enabled'] {
  $use_glare = true
+  package {'murano-glance-artifacts-plugin':
+    ensure  => 'latest',
+  }
 } else {
  $use_glare = false
 }
@ -24,7 +27,10 @@ ensure_resource('service', 'httpd', {
 })

 class { '::murano::dashboard':
-  enable_glare => $use_glare,
-  repo_url     => $repository_url,
-  sync_db      => false,
+  enable_glare   => $use_glare,
+  repo_url       => $repository_url,
+  sync_db        => false,
+  package_ensure => 'latest'
 }
+
+Concat<||> ~> Service['httpd']
--- a/deployment_scripts/manifests/murano_haproxy.pp
+++ b/deployment_scripts/manifests/murano_haproxy.pp
@ -1,4 +1,4 @@
-notice('MURANO PLUGIN: haproxy_murano.pp')
+notice('MURANO PLUGIN: murano_haproxy.pp')

 $murano_hash        = hiera_hash('murano',{})
 $murano_cfapi_hash  = hiera_hash('murano_cfapi', {})
--- a/deployment_scripts/manifests/murano_hiera_override.pp
+++ b/deployment_scripts/manifests/murano_hiera_override.pp
@ -1,27 +1,50 @@
 notice('MURANO PLUGIN: murano_hiera_override.pp')

-$detach_murano_plugin = hiera('detach-murano', undef)
+$murano_plugin = hiera('detach-murano', undef)
 $hiera_dir = '/etc/hiera/plugins'
 $plugin_name = 'detach-murano'
 $plugin_yaml = "${plugin_name}.yaml"

-if $detach_murano_plugin {
-  $network_metadata           = hiera_hash('network_metadata')
-  $murano_nodes               = get_nodes_hash_by_roles($network_metadata, ['primary-murano-node', 'murano-node'])
-  $murano_address_map         = get_node_to_ipaddr_map_by_network_role($murano_nodes, 'management')
-  $murano_nodes_ips           = values($murano_address_map)
-  $murano_nodes_names         = keys($murano_address_map)
-  $murano_cfapi_enabled       = $detach_murano_plugin['murano_cfapi']
-  $murano_repo_url            = $detach_murano_plugin['murano_repo_url']
-  $murano_glance_artifacts    = $detach_murano_plugin['murano_glance_artifacts']
+if $murano_plugin {
+  $additional_settings = parseyaml($murano_plugin['yaml_additional_config']) # stdlib 4.9.x tag in mitaka supports only 1 argument
+  if is_bool($additional_settings) {
+    $settings_hash = {}
+  } else {
+    $settings_hash = $additional_settings
+  }
+  $network_metadata   = hiera_hash('network_metadata')
+  $murano_base_hash   = hiera_hash('murano', {})
+  $murano_role_exists = empty(nodes_with_roles(['primary-murano-node'])) ? {
+    true    => false,
+    default => true,
+  }
+  if $murano_role_exists {
+    $murano_nodes       = get_nodes_hash_by_roles($network_metadata, ['primary-murano-node', 'murano-node'])
+    $murano_address_map = get_node_to_ipaddr_map_by_network_role($murano_nodes, 'management')
+    $murano_nodes_ips   = values($murano_address_map)
+    $murano_nodes_names = keys($murano_address_map)
+  } else {
+    $murano_nodes       = get_nodes_hash_by_roles($network_metadata, ['primary-controller', 'controller'])
+    $murano_address_map = get_node_to_ipaddr_map_by_network_role($murano_nodes, 'management')
+    $murano_nodes_ips   = values($murano_address_map)
+    $murano_nodes_names = keys($murano_address_map)
+  }
+  $murano_db_password   = pick($settings_hash['murano_db_password'], $murano_base_hash['db_password'])
+  $murano_user_password = pick($settings_hash['murano_user_password'], $murano_base_hash['user_password'])
+  $murano_rabbit_host   = pick($settings_hash['murano_rabbit_vhost'], $murano_base_hash['rabbit']['vhost'])
+  $murano_rabbit_port   = pick($settings_hash['murano_rabbit_port'], $murano_base_hash['rabbit']['port'])
+
+  $murano_cfapi_enabled       = $murano_plugin['murano_cfapi']
+  $murano_repo_url            = $murano_plugin['murano_repo_url']
+  $murano_glance_artifacts    = $murano_plugin['murano_glance_artifacts']
  $syslog_log_facility_murano = hiera('syslog_log_facility_murano', 'LOG_LOCAL0')
  $default_log_levels         = hiera('default_log_levels')
-  $murano_db_password         = $detach_murano_plugin['murano_db_password']
-  $murano_user_password       = $detach_murano_plugin['murano_user_password']

  ###################
  $calculated_content = inline_template('
 murano:
+  murano_old_config: <% @murano_base_hash %>
+  murano_standalone: <%= @murano_role_exists %>
  murano_ipaddresses:
 <%
@murano_nodes_ips.each do |muranoip|
@ -33,8 +56,8 @@ murano:
 %>    - <%= muranoname %>
 <% end -%>
  rabbit:
-    vhost: "/"
-    port: "55572"
+    vhost: <%= @murano_rabbit_host %>
+    port: <%= @murano_rabbit_port %>
  db_password: <%= @murano_db_password %>
  user_password: <%= @murano_user_password %>
  murano_repo_url: <%= @murano_repo_url %>
--- a/deployment_scripts/manifests/murano_logging.pp
+++ b/deployment_scripts/manifests/murano_logging.pp
@ -1,7 +1,7 @@
-notice('MURANO PLUGIN: logging-murano.pp')
+notice('MURANO PLUGIN: murano_logging.pp')

-$content=':syslogtag, contains, "murano" -/var/log/murano-all.log\n
-### stop further processing for the matched entries\n
+$content=':syslogtag, contains, "murano" -/var/log/murano-all.log
+### stop further processing for the matched entries
 & ~'

 include ::rsyslog::params
--- a/deployment_scripts/manifests/murano_rabbitmq.pp
+++ b/deployment_scripts/manifests/murano_rabbitmq.pp
@ -1,4 +1,4 @@
-notice('MODULAR: murano/rabbitmq.pp')
+notice('MODULAR: murano_rabbitmq.pp')

 $rabbit_hash = hiera_hash('rabbit', {})
 $murano_hash = hiera_hash('murano', {})
@ -13,14 +13,13 @@ if !$rabbit_hash['password'] {
 $rabbit_user          = pick($rabbit_hash['user'], 'nova')
 $rabbit_password      = $rabbit_hash['password']
 $rabbit_vhost         = $murano_hash['rabbit']['vhost']
-
 $rabbit_node_name     = 'murano@localhost'
 $rabbit_service_name  = 'murano-rabbitmq'

 #################################################################

 package { 'murano-rabbitmq':
-  ensure => present,
+  ensure => latest,
 }

 service { $rabbit_service_name :
--- a/deployment_scripts/manifests/pin_murano_plugin_repo.pp
+++ b/deployment_scripts/manifests/pin_murano_plugin_repo.pp
@ -0,0 +1,16 @@
+notice('MURANO PLUGIN: pin_murano_plugin_repo.pp')
+
+$detach_murano  = hiera_hash('detach-murano')
+$plugin_version = $detach_murano['metadata']['plugin_version']
+
+# Murano plugin repo doesn't have originator, release
+$pins =  { "detach-murano-${plugin_version}" =>
+              {
+                 'priority' => 1200,
+                 'label'    => 'murano-plugin',
+              },
+          }
+
+if ! empty($pins) {
+  create_resources(apt::pin, $pins)
+}
--- a/deployment_tasks.yaml
+++ b/deployment_tasks.yaml
@ -27,7 +27,7 @@
      type: parallel

 - id: hiera-murano-override
-  version: 2.0.0
+  version: 2.1.0
  type: puppet
  groups: ['primary-controller', 'controller', 'primary-murano-node', 'murano-node']
  required_for: [logging]
@ -40,10 +40,30 @@
  reexecute_on:
    - deploy_changes

+- id: pin-murano-plugin-repo
+  version: 2.1.0
+  type: puppet
+  groups: ['primary-controller', 'controller', 'primary-murano-node', 'murano-node' ]
+  condition:
+    yaql_exp: >
+      $.get('detach-murano', {}).get('metadata', {}).get('enabled', false) and
+      changedAny($.get('detach-murano').metadata.plugin_version)
+  required_for: [hiera-murano-override]
+  requires: [globals]
+  parameters:
+    puppet_manifest: manifests/pin_murano_plugin_repo.pp
+    puppet_modules: /etc/puppet/modules
+    timeout: 120
+
 - id: murano-keystone-endpoints
-  version: 2.0.0
+  version: 2.1.0
  type: puppet
  groups: ['primary-controller']
+  condition:
+    yaql_exp: >
+      $.get('detach-murano', {}).get('metadata', {}).get('enabled', false) and
+      changedAny($.get('detach-murano'), $.network_metadata.vips,
+      $.get('region', 'RegionOne'), $.public_ssl, $.get('use_ssl'))
  required_for: [murano-controller-end]
  requires: [primary-keystone, keystone]
  cross-depends:
@ -52,14 +72,18 @@
    puppet_manifest: manifests/murano_keystone.pp
    puppet_modules: /etc/puppet/modules:modules
    timeout: 1800
-  # reexecute_on is needed for scale-down operations
-  reexecute_on:
-    - deploy_changes

 - id: murano-database
-  version: 2.0.0
+  version: 2.1.0
  type: puppet
  groups: ['primary-controller']
+  condition:
+    yaql_exp: >
+      $.get('detach-murano', {}).get('metadata', {}).get('enabled', false) and
+      changedAny($.network_metadata.nodes.values().where($.fqdn = new($.fqdn)),
+      $.get('detach-murano').metadata.plugin_version,
+      $.get('detach-murano').yaml_additional_config, $.mysql,
+      $.network_metadata.vips, $.get('database_vip'))
  cross-depends:
    - name: /(primary-)?database/
  required_for: [murano-controller-end]
@ -68,35 +92,48 @@
    puppet_manifest: manifests/murano_db.pp
    puppet_modules: /etc/puppet/modules:modules
    timeout: 1800
-  # reexecute_on is needed for scale-down operations
-  reexecute_on:
-    - deploy_changes

 - id: murano-dashboard
-  version: 2.0.0
+  version: 2.1.0
  type: puppet
  groups: ['primary-controller','controller']
  required_for: [murano-controller-end]
  requires: [horizon]
+  condition:
+    yaql_exp: >
+      $.get('detach-murano', {}).get('metadata', {}).get('enabled', false) and
+      changedAny($.get('detach-murano').murano_glance_artifacts,
+      $.get('detach-murano').murano_repo_url,
+      $.get('detach-murano').metadata.plugin_version, $.network_scheme,
+      $.horizon, $.get('memcached_addresses'),
+      $.get('memcache_roles'),
+      $.network_metadata.nodes.values().where(
+        ('controller' in $.node_roles) or
+        ('primary-controller' in $.node_roles)),
+      $.storage, $.neutron_advanced_configuration, $.public_ssl,
+      $.get('horizon_use_ssl'), $.get('external_lb'), $.get('use_ssl'),
+      $.nova_quota, $.debug, $.get('verbose'), $.get('apache_ports'))
  parameters:
    puppet_manifest: manifests/murano_dashboard.pp
    puppet_modules: /etc/puppet/modules:modules
    timeout: 1800
-  # reexecute_on is needed for scale-down operations
-  reexecute_on:
-    - deploy_changes

 - id: murano-controller-end
-  version: 2.0.0
+  version: 2.1.0
  type: skipped
  groups: ['primary-controller','controller']
  required_for: [deploy_end]
  requires: []

 - id: murano-update-openrc
-  version: 2.0.0
+  version: 2.1.0
  type: puppet
  groups: ['primary-controller', 'controller']
+  condition:
+    yaql_exp: >
+      $.get('detach-murano', {}).get('metadata', {}).get('enabled', false) and
+      changedAny($.get('detach-murano').murano_glance_artifacts,
+      $.get('detach-murano').murano_repo_url)
  required_for: [murano-controller-end]
  requires: [primary-keystone, keystone]
  cross-depends:
@ -105,16 +142,28 @@
    puppet_manifest: manifests/update_openrc.pp
    puppet_modules: /etc/puppet/modules
    timeout: 120
-  # reexecute_on is needed for scale-down operations
-  reexecute_on:
-    - deploy_changes

 - id: murano-haproxy
-  version: 2.0.0
+  version: 2.1.0
  type: puppet
  groups: ['primary-controller', 'controller']
  required_for: [murano-controller-end]
  requires: [deploy_start, primary-cluster-haproxy, cluster-haproxy]
+  condition:
+    yaql_exp: >
+      $.get('detach-murano', {}).get('metadata', {}).get('enabled', false) and
+      (changedAny($.get('detach-murano'),
+      $.public_ssl, $.get('use_ssl'), $.get('external_lb'),
+      $.network_metadata.nodes.values().where(
+         ('murano-node' in $.node_roles) or
+         ('primary-murano-node' in $.node_roles)),
+      $.network_metadata.vips) or
+      (not $.network_metadata.nodes.values().any(
+         ('murano-node' in $.node_roles) or
+         ('primary-murano-node' in $.node_roles)) and
+      changedAny($.network_metadata.nodes.values().where(
+         ('controller' in $.node_roles) or
+         ('primary-controller' in $.node_roles)))))
  cross-depends:
    - name: /(primary-)?cluster-haproxy/
      role: self
@ -122,14 +171,16 @@
    puppet_manifest: manifests/murano_haproxy.pp
    puppet_modules: /etc/puppet/modules
    timeout: 300
-  # reexecute_on is needed for scale-down operations
-  reexecute_on:
-    - deploy_changes

 - id: murano-logging
-  version: 2.0.0
+  version: 2.1.0
  type: puppet
-  groups: ['primary-murano-node', 'murano-node']
+  groups: ['primary-controller', 'controller', 'primary-murano-node', 'murano-node']
+  condition:
+    yaql_exp: >
+      $.get('detach-murano', {}).get('metadata', {}).get('enabled', false) and
+      ($.roles.any($.matches('(primary-)?murano-node')) or
+      not ($.murano.enabled or $.roles.any($.matches('(primary-)?murano-node'))))
  required_for: [murano-services]
  requires: [logging]
  parameters:
@ -138,9 +189,24 @@
    timeout: 1800

 - id: murano-services
-  version: 2.0.0
+  version: 2.1.0
  type: puppet
-  groups: ['primary-murano-node', 'murano-node']
+  groups: ['primary-controller', 'controller', 'primary-murano-node', 'murano-node']
+  condition:
+    yaql_exp: >
+      $.get('detach-murano', {}).get('metadata', {}).get('enabled', false) and
+      ($.roles.any($.matches('(primary-)?murano-node')) or
+      not $.network_metadata.nodes.values().any(
+         ('murano-node' in $.node_roles) or
+         ('primary-murano-node' in $.node_roles))) and
+      changedAny($.get('detach-murano'), $.rabbit, $.ceilometer,
+      $.quantum_settings, $.network_metadata.vips, $.get('database_vip'),
+      $.get('region', 'RegionOne'), $.quantum, $.network_metadata,
+      $.get('syslog_log_facility_murano'), $.debug,
+      $.get('default_log_levels'), $.get('use_syslog'),
+      $.get('use_stderr'), $.get('rabbit_ha_queues'), $.get('amqp_port'),
+      $.get('amqp_hosts'), $.external_dns, $.public_ssl, $.get('use_ssl'),
+      $.get('kombu_compression'), $.get('external_lb'), $.get('keystone_endpoint'))
  required_for: [deploy_end]
  requires: [hosts]
  cross-depends:
@ -151,9 +217,17 @@
    timeout: 3600

 - id: murano-node-rabbitmq
-  version: 2.0.0
+  version: 2.1.0
  type: puppet
-  groups: ['primary-murano-node', 'murano-node']
+  groups: ['primary-controller', 'controller', 'primary-murano-node', 'murano-node']
+  condition:
+    yaql_exp: >
+      $.get('detach-murano', {}).get('metadata', {}).get('enabled', false) and
+      ($.roles.any($.matches('(primary-)?murano-node')) or
+      not $.network_metadata.nodes.values().any(
+         ('murano-node' in $.node_roles) or
+         ('primary-murano-node' in $.node_roles))) and
+      changedAny($.get('detach-murano'), $.rabbit)
  required_for: [murano-services]
  requires: [hosts]
  parameters:
@ -162,13 +236,46 @@
    timeout: 1800

 - id: murano-node-cfapi
-  version: 2.0.0
+  version: 2.1.0
  type: puppet
-  groups: ['primary-murano-node', 'murano-node']
+  groups: ['primary-controller', 'controller', 'primary-murano-node', 'murano-node']
+  condition:
+    yaql_exp: >
+      $.get('detach-murano', {}).get('murano_cfapi', false) and
+      ($.roles.any($.matches('(primary-)?murano-node')) or
+      not $.network_metadata.nodes.values().any(
+         ('murano-node' in $.node_roles) or
+         ('primary-murano-node' in $.node_roles))) and
+      changedAny($.public_ssl,
+      $.network_metadata.vips, $.get('use_ssl'), $.network_metadata)
  required_for: [deploy_end]
  requires: [murano-services]
  parameters:
    puppet_manifest: manifests/murano_cfapi.pp
    puppet_modules: /etc/puppet/modules:modules
    timeout: 3600
-  condition: "settings:detach-murano.murano_cfapi.value == true"
+
+# skip base murano tasks
+- id: murano
+  type: skipped
+
+- id: murano-db
+  type: skipped
+
+- id: murano-keystone
+  type: skipped
+
+- id: murano-rabbitmq
+  type: skipped
+
+- id: murano-cfapi
+  type: skipped
+
+- id: murano-cfapi-keystone
+  type: skipped
+
+- id: openstack-haproxy-murano
+  type: skipped
+
+- id: upload_murano_package
+  type: skipped
--- a/environment_config.yaml
+++ b/environment_config.yaml
@ -1,9 +1,6 @@
 attributes:
  metadata:
    group: 'openstack_services'
-    restrictions:
-      - condition: "settings:additional_components.murano.value == true"
-        message: "Murano plugin can't be deployed with enabled Murano from box"
  murano_repo_url:
    value: "http://storage.apps.openstack.org/"
    label: "Murano Repository URL"
@ -13,24 +10,6 @@ attributes:
    regex:
      source: '^(http(s?):\/\/)?([a-zA-Z\d]+[a-zA-Z\d_\-.]*)(:[0-9]+)?(\/[a-zA-Z0-9_\-\s.\/\?%#&=]*)?$'
      error: "Invalid URL, ie: http://storage.apps.openstack.org/"
-  murano_user_password:
-    value: ''
-    label: 'User password'
-    description: 'The password of the Murano user'
-    weight: 11
-    type: "password"
-    regex:
-      source: '^[\S]{4,}$'
-      error: "You must provide a password with at least 4 characters"
-  murano_db_password:
-    value: ''
-    label: 'DB User password'
-    description: 'The password of the Murano user in database'
-    weight: 12
-    type: "password"
-    regex:
-      source: '^[\S]{4,}$'
-      error: "You must provide a password with at least 4 characters"
  murano_cfapi:
    value: false
    label: "Install Murano service broker for Cloud Foundry"
@ -43,3 +22,15 @@ attributes:
    description: "If selected glance artifact repository will be enabled"
    weight: 30
    type: "checkbox"
+  yaml_additional_config:
+    description: |
+      This field contains free form YAML to provide extra parameters.
+    type: "textarea"
+    weight: 35
+    value: |
+      #Uncomment to add custom settings
+      #murano_db_password: database_password
+      #murano_user_password: keystone_user_password
+      #murano_rabbit_vhost: "/"
+      #murano_rabbit_port: 55572
+    label: "Additional config"
--- a/functions.sh
+++ b/functions.sh
@ -22,19 +22,17 @@ DEB_REPO="${ROOT}"/repositories/ubuntu/

 # Download RPM or DEB packages and store them in the local repository directory
 function download_package {
-    while [ $# -gt 0 ]; do
-        if [[ "$1" == *.deb ]]; then
-            REPO=$DEB_REPO
-        elif [[ "$1" == *.rpm ]]; then
-            REPO=$RPM_REPO
-        else
-            echo "Invalid URL for download_package(): $1"
-        fi
+    local package_type=$1
+    local url=$2
+    if [[ "$package_type" == 'deb' ]]; then
+      REPO=$DEB_REPO
+    elif [[ "$package_type" == 'rpm' ]]; then
+      REPO=$RPM_REPO
+    else
+      echo "Invalid package type: $1"
+    fi

-        FILE=$(basename "$1")
-        wget -qO - "$1" > "$REPO"/"$FILE"
-        shift
-    done
+    wget -P "$REPO" -A "$package_type" -nd -r -l 1 "$url"
 }

 # Download official Puppet module and store it in the local directory
--- a/node_roles.yaml
+++ b/node_roles.yaml
@ -4,5 +4,3 @@ murano-node:
  has_primary: true
  public_ip_required: false
  weight: 100
-  limits:
-    min: 1
--- a/6
+++ b/6
@ -3,7 +3,11 @@ set -eux

 . "$(dirname "$(readlink -f "$0")")"/functions.sh

-MURANO_REF="master"
+MURANO_REF="stable/mitaka"
+MURANO_PACKAGE_RELEASE='9.0'
 MURANO_TARBALL_URL="https://github.com/openstack/puppet-murano/archive/${MURANO_REF}.tar.gz"
+MURANO_PACKAGE_URL="http://mirror.fuel-infra.org/mos-repos/ubuntu/${MURANO_PACKAGE_RELEASE}/pool/main/m/murano/"
+
+download_package 'deb' ${MURANO_PACKAGE_URL}

 download_puppet_module "murano" ${MURANO_TARBALL_URL}