openstack/puppet-octavia
Code Issues Proposed changes
42f05dc08c
puppet-octavia/manifests/worker.pp
Tobias Urdin 9825c437e5 Use validate_legacy 
This changes all the puppet 3 validate_* functions
to use the validate_legacy function.

The validate_legacy function has been available since
about three years but require Puppet >= 4.4.0 and since
there is Puppet 4.10.12 as latest we should assume people
are running a fairly new Puppet 4 version.

This is the first step to then remove all validate function
calls and use proper types for parameter as described in spec [1].

[1] https://review.openstack.org/#/c/568929/

Change-Id: I12c38f4e42684b65d55d1d94ca6d6fb4042a6a8b
2019-02-23 22:25:00 +01:00

241 lines
7.4 KiB
Puppet
Raw Blame History

# Installs & configure the octavia controller worker service
#
# == Parameters
#
# [*enabled*]
# (optional) Should the service be enabled.
# Defaults to true
#
# [*manage_service*]
# (optional) Whether the service should be managed by Puppet.
# Defaults to true.
#
# [*package_ensure*]
# (optional) ensure state for package.
# Defaults to 'present'
#
# [*workers*]
# (optional) Number of worker processes.
# Defaults to $::os_service_default
#
# [*manage_nova_flavor*]
# (optional) Whether or not manage Nova flavor for the Amphora.
# Defaults to true.
#
# [*nova_flavor_config*]
# (optional) Nova flavor config hash.
# Should be an hash.
# Exemple:
# $nova_flavor_config = { 'ram' => '2048' }
# Possible options are documented in puppet-nova nova_flavor type.
# Defaults to {}.
#
# [*key_path*]
# (optional) full path to the private key for the amphora SSH key
# Defaults to '/etc/octavia/.ssh/octavia_ssh_key'
#
# [*manage_keygen*]
# (optional) Whether or not create OpenStack keypair for communicating with amphora
# Defaults to false
#
# [*amp_project_name*]
# (optional) Set the project to be used for creating load balancer instances.
# Defaults to undef
#
# DEPRECATED PARAMETERS
#
# [*amp_flavor_id*]
# (optional) Nova instance flavor id for the Amphora.
# Note: since we set manage_nova_flavor to True by default, we need
# to set a valid amp_flavor_id by default, 65 was picked randomly.
# Defaults to undef
#
# [*amp_image_tag*]
# Glance image tag for Amphora image. Allows the Amphora image to be
# referred to by a tag instead of an ID, allowing the Amphora image to
# be updated without requiring reconfiguration of Octavia.
# Defaults to undef
#
# [*amp_secgroup_list*]
# List of security groups to use for Amphorae.
# Defaults to undef
#
# [*amp_boot_network_list*]
# List of networks to attach to Amphorae.
# Defaults to undef
#
# [*loadbalancer_topology*]
# (optional) Load balancer topology configuration
# Defaults to undef
#
# [*amphora_driver*]
# (optional) Name of driver for communicating with amphorae
# Defaults to undef
#
# [*compute_driver*]
# (optional) Name of driver for managing amphorae VMs
# Defaults to undef
#
# [*network_driver*]
# (optional) Name of network driver for configuring networking
# for amphorae.
# Defaults to undef
#
# [*amp_ssh_key_name*]
# (optional) Name of Openstack SSH keypair for communicating with amphora
# Defaults to undef
#
# [*enable_ssh_access*]
# (optional) Enable SSH key configuration for amphorae. Note that setting
# to false disables configuration of SSH key related properties.
# Defaults to undef
#
# [*timeout_client_data*]
# (optional) Frontend client inactivity timeout.
# Defaults to undef
#
# [*timeout_member_connect*]
# (optional) Backend member connection timeout.
# Defaults to undef
#
# [*timeout_member_data*]
# (optional) Backend member inactivity timeout.'
# Defaults to undef
#
# [*timeout_tcp_inspect*]
# (optional) Time to wait for TCP packets for content inspection.
# Defaults to undef
#
class octavia::worker (
$manage_service = true,
$enabled = true,
$package_ensure = 'present',
$workers = $::os_service_default,
$manage_nova_flavor = true,
$nova_flavor_config = {},
$key_path = '/etc/octavia/.ssh/octavia_ssh_key',
$manage_keygen = false,
$amp_project_name = undef,
# DEPRECATED PARAMETERS
$amp_flavor_id = undef,
$amp_image_tag = undef,
$amp_secgroup_list = undef,
$amp_boot_network_list = undef,
$loadbalancer_topology = undef,
$amphora_driver = undef,
$compute_driver = undef,
$network_driver = undef,
$amp_ssh_key_name = undef,
$enable_ssh_access = undef,
$timeout_client_data = undef,
$timeout_member_connect = undef,
$timeout_member_data = undef,
$timeout_tcp_inspect = undef,
) inherits octavia::params {
include ::octavia::deps
if !defined(Class['octavia::controller']) {
include ::octavia::controller
}
if ($amp_flavor_id or $amp_image_tag or $amp_secgroup_list or $amp_boot_network_list or $loadbalancer_topology or $amphora_driver or
$compute_driver or $network_driver or $amp_ssh_key_name or $enable_ssh_access or $timeout_client_data or $timeout_member_connect or
$timeout_member_data or $timeout_tcp_inspect ) {
warning('The amp_flavor_id, amp_image_tag, amp_secgroup_list, amp_boot_network_list, loadbalancer_topology, amphora_driver,
compute_driver, network_driver, amp_ssh_key_name, enable_ssh_access, timeout_member_connect, timeout_member_data and
timeout_tcp_inspect parameters are deprecated and have been moved to octavia::controller class. Please set them there, you must
set octavia::controller class before octavia::worker!')
}
validate_legacy(Hash, 'validate_hash', $nova_flavor_config)
if ! $::octavia::controller::amp_flavor_id_real {
if $manage_nova_flavor {
fail('When managing Nova flavor, octavia::controller::amp_flavor_id is required.')
} else {
warning('octavia::controller::amp_flavor_id is empty, Octavia Worker might not work correctly.')
}
} else {
if $manage_nova_flavor {
$octavia_flavor = { "octavia_${::octavia::controller::amp_flavor_id_real}" =>
{ 'id' => $::octavia::controller::amp_flavor_id_real,
'project' => $amp_project_name
}
}
$octavia_flavor_defaults = {
'ensure' => 'present',
'ram' => '1024',
'disk' => '2',
'vcpus' => '1',
'is_public' => false,
'tag' => ['octavia']
}
$nova_flavor_defaults = merge($octavia_flavor_defaults, $nova_flavor_config)
create_resources('nova_flavor', $octavia_flavor, $nova_flavor_defaults)
Nova_flavor<| tag == 'octavia' |> ~> Service['octavia-worker']
}
}
package { 'octavia-worker':
ensure => $package_ensure,
name => $::octavia::params::worker_package_name,
tag => ['openstack', 'octavia-package'],
}
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
service { 'octavia-worker':
ensure => $service_ensure,
name => $::octavia::params::worker_service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => ['octavia-service'],
}
if $manage_keygen and ! $::octavia::controller::enable_ssh_access_real {
fail('SSH key management cannot be enabled when SSH key access is disabled')
}
if $manage_keygen {
exec {'create_amp_key_dir':
path => ['/bin', '/usr/bin'],
command => "mkdir -p ${key_path}",
creates => $key_path
}
file { 'amp_key_dir':
ensure => directory,
path => $key_path,
mode => '0700',
group => 'octavia',
owner => 'octavia'
}
ssh_keygen { $::octavia::controller::amp_ssh_key_name_real:
user => 'octavia',
type => 'rsa',
bits => 2048,
filename => "${key_path}/${::octavia::controller::amp_ssh_key_name_real}",
comment => 'Used for Octavia Service VM'
}
Package<| tag == 'octavia-package' |>
-> Exec['create_amp_key_dir']
-> File['amp_key_dir']
-> Ssh_keygen[$::octavia::controller::amp_ssh_key_name_real]
}
octavia_config {
'controller_worker/workers' : value => $workers;
}
}
View Git Blame Copy Permalink