Refactorise the code of Keystone resources management with backward
compatibility since we don't modify the unit tests.
Change-Id: I8fc27ea6cc49a4c0c518f7314b3277d6980491b4
Implements: blueprint common-openstack-identity-resource
Currently, in the policy.pp file the class openstacklib::policy
is called. The same apply for all components resulting in a
Duplicate Ressource issue. Using directly the underlying ressource
openstacklib::policy::base we prevent this issue.
Change-Id: I7c71e957fbae4caa7a4fc3309c58a0abd057e412
In case of L3 agent failure, allow to reschedule automatically a virtual
router.
It's another way to provide HA for virtual routers with medium downtime.
The best way stays in using keepalived + DVR features but this
parameters allows another way to provide HA.
Change-Id: I0527e4a368e2b90b83877d3c7861e86674f9ae8a
This commit allow a deployer to manage the policies via this module
It relies on augeas to change only the policy needed. The init takes
a hash of policies and apply them.
Change-Id: Iea6e7dccc2332045a2ebe191981538d045918f46
* add config metadata_memory_cache_ttl to enable caching metadata
in memory
* set default to 5 as project neutron/master
Change-Id: Ib6a05ae5033c53c4196f736373752370012d82a6
Change user_group default parameter:
* nobody for Red Hat systems
* nogroup for Debian systems
Closes-bug #1378519
Change-Id: Ic2940c2e3d6510d8c6147d09e2af67d8bee7ac9d
Juno brings two new big features:
- distributed routers
- router high availability
This patchs aims to allow the users to configure DVR and/or HA routers.
Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>
Change-Id: Iaab5ab7e63f2627381ca1d5bb1cfd836433d734e
Currently, the "neutron" class does not support the direct configuration
of the "api_extensions_path" by means of a parameter. However, there is
at least one plugin -- OpenContrail -- which currently requires exactly
this parameter to be set to work. It is hence desireable to be able to
set the parameter directly from within the "neutron" class instead of
having to fiddle with "neutron_config" in local site manifests.
This commit adds the desired functionality and allows the parameter via
"api_extensions_path" to be set directly for the "neutron" class.
Change-Id: I660848100073a3a0067ffb42791bfd80b66c808e
The nova_admin_tenant_id_setter class internally generates a
neutron_config resource that isn't collected by the normal
Neutron_Config collector. This means we need an explicit dependency
between the neutron package and any nova_admin_tenant_id_setter
resources, to ensure that the config files exist.
Change-Id: I713bd6a9cc496947f10faa3ccc67f8362c872839
The /etc/default/neutron-server file is only present in Ubuntu packages,
not in Debian.
Let's change the fact to detect Ubuntu instead of Debian operating
system.
Change-Id: Iac73b475bfc8ac7f9f97a858ab836a4d07afac5f
In order to improve scalability of neutron-server and
neutron-metadata-agent we need to spawn multiple processes. This patch
changes default of api, rpc and metadata workers according to processors
count on physical machine.
Change-Id: I0480f1652b181e50a8c10230c293d6dfdec3a670
In some cases it is useful to be able to just configure
the service in Keystone and not the service user. This
is the case when e.g. a read only LDAP backend is used.
Added parameters configure_user and configure_user_role
(default to true).
Change-Id: I6b0b7e2554e982550d71d8427ce2ea94f04f55e8
Closes-Bug: 1360232
Number of separate RPC worker processes to spawn.
The default, 0, runs the worker thread in the current process.
Greater than 0 launches that number of child processes as workers.
The parent process manages them.
Closes-bug: #1340316
Change-Id: I7218390a90b4ad082471900cbf2e9f32a88abe28
The amount of time to wait before attempting to reconnect
to MQ provider. This is used in some cases where you may need to wait
for the provider to propery premote the master before attempting to
reconnect.
Change-Id: I1966d9b018d056ccfe6c6346e42c4cf0ff01caa2
closes-bug: #1340310
Using manage_service=>false in class neutron::agents::ovs generates
error. This patch is fixing the issue and makes mentioned use-case
installable.
Change-Id: I5a3205c3e21e1312463f47d938f5854a189c5d38
Closes-bug: #1359823
The kombu_ssl_* parameters should not be required when rabbit_use_ssl => true
Rather, rabbit_use_ssl must be set to true if the kombu_ssl_* parameters are
used.
Change-Id: Ia3d71eaccdfb736068478b935e5be46719eb49db
Closes-Bug: 1356083
Instead of forcing the name of the service in the service catalog to
match auth_name, this allows the ability to explicitly set the service
name, spearately from auth_name.
If service_name is not specified, it's value defaults to the value
of auth_name (which maintains the current behavior.)
Closes-bug: #1359755
Change-Id: Ieec7cdaab792b48c4640f6e1f2470e48640387d7
Introduce the package_ensure parameter to add the ability
to manage Neutron ML2 plugin package state.
Closes-bug: #1355370
Change-Id: I3bf6ed68015c13cf61db1b43dfbf4fd3c845d00f
Background on 'N1KV-VEM’: It is the host-side component of N1KV
implementing the notion of Virtual Ports for VM Interfaces and also
handling the VM data-traffic. VEM is implemented as a couple of
user-space processes and also has a KLM for efficient data-path
switching.
VEM manifests does: setting up the Config-File for VEM service,
Starting VEM service and finally adding physical ports (along with
port-profile) to the VEM
Change-Id: Ibc8f1c4d2d743589e452ae6d1d87b5bfa123bc3a
Debian platforms uses /etc/default/neutron-server to tell
neutron-server service which plugin configuration file to load.
Configure it.
Change-Id: I0638d2584ad327ae1ed77f672d5efb1c28064aa2
Closes-bug: #1357431
The ca_file parameter should not be required when use_ssl => true. Rather,
use_ssl must be true when ca_file is specified.
Change-Id: Ifb4b5acccdce0be63e763b4d837eb452827cd6d4
Closes-Bug: 1356089
Currently secrets like rabbit_password, admin_password or database connection
are laked in puppet logs when changed. This commit changes neutron_*_config and
neutron_*_ini types adding a new parameter that triggers obfuscation the values
in puppet logs.
Change-Id: I7dc59ce9580bfb1d4afdfbced668d0cb2979458a
Closes-Bug: #1328448
This fix resolves the issue where the ssh keyscan
uses username instead of ip address and clean up
unneeded file path code.
Change-Id: Ie6c7889937f56b40dc72b551eb859dfc2d670193