Merge pull request #66 from bodepd/dev

Nova fixes

examples/all.pp

@@ -24,22 +24,22 @@ resources { 'nova_config':
   purge => true,
 }
 
-if $::osfamily == 'Debian' {
-  # temporarily update this to use the
-  # latest tested packages from precise
-  # eventually, these packages need to be moved
-  # to the openstack module
-  stage { 'nova_ppa':
-    before => Stage['main']
-  }
-
-  class { 'apt':
-    stage => 'nova_ppa',
-  }
-  class { 'keystone::repo::trunk':
-    stage => 'nova_ppa',
-  }
-}
+#if $::osfamily == 'Debian' {
+#  # temporarily update this to use the
+#  # latest tested packages from precise
+#  # eventually, these packages need to be moved
+#  # to the openstack module
+#  stage { 'nova_ppa':
+#    before => Stage['main']
+#  }
+#
+#  class { 'apt':
+#    stage => 'nova_ppa',
+#  }
+#  class { 'keystone::repo::trunk':
+#    stage => 'nova_ppa',
+#  }
+#}
 
 # this is a hack that I have to do b/c openstack nova
 # sets up a route to reroute calls to the metadata server
@@ -191,7 +191,7 @@ class { 'nova::compute::libvirt':
 }
 
 nova::network::bridge { 'br100':
-  ip      => '192.168.188.1',
+  ip      => '11.0.0.1',
   netmask => '255.255.255.0',
 }
 

examples/multi.pp

@@ -0,0 +1,250 @@
+
+# params needed by both the compute and controller
+$rabbit_password    = 'rabbit_pw'
+$rabbit_user        = 'nova'
+$nova_db_password   = 'nova_pass'
+$nova_user_password = 'nova_pass'
+
+#
+# indicates that all nova config entries that we did
+# not specifify in Puppet should be purged from file
+#
+resources { 'nova_config':
+  purge => true,
+}
+
+if $::osfamily == 'Debian' {
+  # temporarily update this to use the
+  # latest tested packages from precise
+  # eventually, these packages need to be moved
+  # to the openstack module
+  stage { 'nova_ppa':
+    before => Stage['main']
+  }
+
+  class { 'apt':
+    stage => 'nova_ppa',
+  }
+  class { 'keystone::repo::trunk':
+    stage => 'nova_ppa',
+  }
+}
+
+Exec {
+  logoutput => true,
+}
+
+# this is a hack that I have to do b/c openstack nova
+# sets up a route to reroute calls to the metadata server
+# to its own server which fails
+file { '/usr/lib/ruby/1.8/facter/ec2.rb':
+  ensure => absent,
+}
+
+node /controller/ {
+
+  # hostname that works internally in ec2
+  $controller_host = $hostname
+
+  $glance_api_servers = "${controller_host}:9292"
+
+  $mysql_root_password  = 'sql_pass'
+  $keystone_db_password = 'keystone_pass'
+  $keystone_admin_token = 'keystone_admin_token'
+
+  $admin_email         = 'dan@puppetlabs.com'
+  $admin_user_password = 'ChangeMe'
+
+  $glance_db_password   = 'glance_pass'
+  $glance_user_password = 'glance_pass'
+
+  $nova_db = "mysql://nova:${nova_db_password}@${controller_host}/nova"
+
+  # export all of the things that will be needed by the clients
+  @@nova_config { 'rabbit_host': value => $controller_host }
+  Nova_config <| title == 'rabbit_host' |>
+  @@nova_config { 'sql_connection': value => $nova_db }
+  Nova_config <| title == 'sql_connection' |>
+  @@nova_config { 'glance_api_servers': value => $glance_api_servers }
+  Nova_config <| title == 'glance_api_servers' |>
+
+  # set up mysql server
+  class { 'mysql::server':
+    config_hash => {
+      # the priv grant fails on precise if I set a root password
+      # 'root_password' => $mysql_root_password,
+      'bind_address'  => '0.0.0.0'
+    }
+  }
+
+  ####### KEYSTONE ###########
+
+  # set up keystone database
+  class { 'keystone::mysql':
+    password => $keystone_db_password,
+  }
+  # set up the keystone config for mysql
+  class { 'keystone::config::mysql':
+    password => $keystone_db_password,
+  }
+  # set up keystone
+  class { 'keystone':
+    admin_token  => $keystone_admin_token,
+    bind_host    => '127.0.0.1',
+    log_verbose  => true,
+    log_debug    => true,
+    catalog_type => 'sql',
+  }
+  # set up keystone admin users
+  class { 'keystone::roles::admin':
+    email    => $admin_email,
+    password => $admin_user_password,
+  }
+  # set up the keystone service and endpoint
+  class { 'keystone::endpoint': }
+
+  ######## END KEYSTONE ##########
+
+  ######## BEGIN GLANCE ##########
+
+  class { 'glance::keystone::auth':
+    password => $glance_user_password,
+  }
+
+  class { 'glance::db':
+    host     => '127.0.0.1',
+    password => $glance_db_password,
+  }
+
+  class { 'glance::api':
+    log_verbose       => 'True',
+    log_debug         => 'True',
+    auth_type         => 'keystone',
+    auth_host         => '127.0.0.1',
+    auth_port         => '35357',
+    keystone_tenant   => 'services',
+    keystone_user     => 'glance',
+    keystone_password => $glance_user_password,
+  }
+  class { 'glance::backend::file': }
+
+  class { 'glance::registry':
+    log_verbose       => 'True',
+    log_debug         => 'True',
+    auth_type         => 'keystone',
+    auth_host         => '127.0.0.1',
+    auth_port         => '35357',
+    keystone_tenant   => 'services',
+    keystone_user     => 'glance',
+    keystone_password => $glance_user_password,
+    sql_connection    => "mysql://glance:${glance_db_password}@127.0.0.1/glance",
+  }
+
+
+  ######## END GLANCE ###########
+
+  ######## BEGIN NOVA ###########
+
+  class { 'nova::keystone::auth':
+    password => $nova_user_password,
+  }
+
+  class { 'nova::rabbitmq':
+    userid   => $rabbit_user,
+    password => $rabbit_password,
+  }
+
+  class { 'nova::db':
+    password      => $nova_db_password,
+    host          => 'localhost',
+    allowed_hosts => ['%', $controller_host],
+  }
+
+  class { 'nova':
+    sql_connection     => false,
+    # this is false b/c we are exporting
+    rabbit_host        => false,
+    rabbit_userid      => $rabbit_user,
+    rabbit_password    => $rabbit_password,
+    image_service      => 'nova.image.glance.GlanceImageService',
+    glance_api_servers => false,
+    network_manager    => 'nova.network.manager.FlatDHCPManager',
+    admin_password     => $nova_user_password,
+  }
+
+  class { 'nova::api':
+    enabled => true
+  }
+
+  class { 'nova::scheduler':
+    enabled => true
+  }
+
+  class { 'nova::network':
+    enabled => true
+  }
+
+  nova::manage::network { "nova-vm-net":
+    network       => '11.0.0.0/24',
+    available_ips => 128,
+  }
+
+  nova::manage::floating { "nova-vm-floating":
+    network       => '10.128.0.0/24',
+  }
+
+  class { 'nova::objectstore':
+    enabled => true
+  }
+
+  ######## Horizon ########
+
+  class { 'memcached':
+    listen_ip => '127.0.0.1',
+  }
+
+  class { 'horizon': }
+
+
+  ######## End Horizon #####
+
+  ######## Credentails and tests ###
+
+  # lay down a file with credentials stored in it
+  file { '/root/auth':
+    content =>
+  '
+  export OS_TENANT_NAME=openstack
+  export OS_USERNAME=admin
+  export OS_PASSWORD=ChangeMe
+  export OS_AUTH_URL="http://localhost:5000/v2.0/"
+  '
+  }
+}
+
+####### tests ###
+
+node /compute/ {
+
+  class { 'nova':
+    # set sql and rabbit to false so that the resources will be collected
+    sql_connection     => false,
+    rabbit_host        => false,
+    image_service      => 'nova.image.glance.GlanceImageService',
+    glance_api_servers => false,
+    rabbit_userid      => $rabbit_user,
+    rabbit_password    => $rabbit_password,
+    network_manager    => 'nova.network.manager.FlatDHCPManager',
+    admin_password     => $nova_user_password,
+  }
+
+  class { 'nova::compute':
+    enabled => true,
+  }
+
+  class { 'nova::compute::libvirt':
+    libvirt_type                => 'qemu',
+    flat_network_bridge_ip      => '11.0.0.1',
+    flat_network_bridge_netmask => '255.255.255.0',
+  }
+}

ext/nova.sh

@@ -1,19 +1,24 @@
 #!/bin/bash
-# Extract creds
-cd ~
-sudo nova-manage project zipfile nova novaadmin
-unzip nova.zip
-source novarc
-euca-add-keypair openstack > ~/cert.pem
-# List
-nova flavor-list
-nova image-list
+#
+# assumes that resonable credentials have been stored at
+# /root/auth
+source /root/auth
 
-# Run instance
-euca-run-instances ami-00000003 -k openstack -t m1.tiny
-euca-describe-instances
+# get an image to test with
+wget http://uec-images.ubuntu.com/releases/11.10/release/ubuntu-11.10-server-cloudimg-amd64-disk1.img
 
-echo 'log into your controller VM'
-echo 'check the status of your VM with euca-describe-instances'
-echo 'when it is in the running state, verify that you can login'
-echo 'using ssh -i ~/cert.pem root@ip.address'
+# import that image into glance
+glance add name="Ubuntu 11.10 cloudimg amd64" is_public=true container_format=ovf disk_format=qcow2 < ubuntu-11.10-server-cloudimg-amd64-disk1.img
+
+IMAGE_ID=`glance index | grep 'Ubuntu 11.10 cloudimg amd64' | head -1 |  awk -F' ' '{print $1}'`
+
+# create a pub key
+ssh-keygen -f /tmp/id_rsa -t rsa -N ''
+nova keypair-add --pub_key /tmp/id_rsa.pub key1
+
+nova boot --flavor 1 --image ${IMAGE_ID} --key_name key1 dans_vm
+
+nova show dans_vm
+
+# create ec2 credentials
+keystone ec2-credentials-create

manifests/compute/libvirt.pp

@@ -4,12 +4,19 @@ class nova::compute::libvirt (
 
   include nova::params
 
+  if($::nova::params::compute_package_name) {
+    package { "nova-compute-${libvirt_type}":
+      ensure => present,
+      before => Package['nova-compute'],
+    }
+  }
+
   package { 'libvirt':
     name   => $::nova::params::libvirt_package_name,
     ensure => present,
   }
 
-  service {"libvirt" :
+  service { 'libvirt' :
     name     => $::nova::params::libvirt_service_name,
     ensure   => running,
     provider => $::nova::params::special_service_provider,

manifests/db.pp

@@ -12,13 +12,6 @@ class nova::db(
   Mysql::Db[$dbname] -> Anchor<| title == "nova-start" |>
   Mysql::Db[$dbname] ~> Exec<| title == 'initial-db-sync' |>
 
-  # TODO - worry about the security implications
-  # I am not sure if I want to use storeconfigs for this...
-  @@nova_config { 'database_url':
-    value => "mysql://${user}:${password}@${host}/${dbname}",
-    tag   => $zone,
-  }
-
   mysql::db { $dbname:
     user         => $user,
     password     => $password,

manifests/init.pp

@@ -115,13 +115,37 @@ class nova(
   }
 
 
-  # query out the config for our db connection
-  # TODO - I am not sure if resource collection should be the default
+  # both the sql_connection and rabbit_host are things
+  # that may need to be collected from a remote host
   if $sql_connection {
     nova_config { 'sql_connection': value => $sql_connection }
-  } else{
-    Nova_config<<| tag == $cluster_id and value == 'sql_connection' |>>
+  } else {
+    Nova_config <<| title == 'sql_connection' |>>
   }
+  if $rabbit_host {
+    nova_config { 'rabbit_host': value => $rabbit_host }
+  } else {
+    Nova_config <<| title == 'rabbit_host' |>>
+  }
+  if $image_service == 'nova.image.glance.GlanceImageService' {
+    if $glance_api_servers {
+      nova_config {
+        'glance_api_servers': value => $glance_api_servers
+      }
+    } else {
+      # TODO this only supports setting a single address for the api server
+      Nova_config <<| title == $glance_api_servers |>>
+    }
+  }
+
+  # I may want to support exporting and collecting these
+  nova_config {
+    'rabbit_password': value => $rabbit_password;
+    'rabbit_port': value => $rabbit_port;
+    'rabbit_userid': value => $rabbit_userid;
+    'rabbit_virtual_host': value => $rabbit_virtual_host;
+  }
+
 
   nova_config {
     'verbose': value => $verbose;
@@ -129,11 +153,6 @@ class nova(
     'logdir': value => $logdir;
     'image_service': value => $image_service;
     'allow_admin_api': value => $allow_admin_api;
-    'rabbit_host': value => $rabbit_host;
-    'rabbit_password': value => $rabbit_password;
-    'rabbit_port': value => $rabbit_port;
-    'rabbit_userid': value => $rabbit_userid;
-    'rabbit_virtual_host': value => $rabbit_virtual_host;
     # Following may need to be broken out to different nova services
     'state_path': value => $state_path;
     'lock_path': value => $lock_path;
@@ -147,6 +166,7 @@ class nova(
     'auth_strategy': value => $auth_strategy;
   }
 
+
   exec { 'post-nova_config':
     command => '/bin/echo "Nova config has changed"',
     refreshonly => true,
@@ -178,9 +198,4 @@ class nova(
     }
   }
 
-  if $image_service == 'nova.image.glance.GlanceImageService' {
-    nova_config {
-      'glance_api_servers': value => $glance_api_servers;
-    }
-  }
 }