From 09f92d2aba850da0e9315c1b6b2213feb071737e Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <tkajinam@redhat.com>
Date: Sun, 6 Feb 2022 22:57:05 +0900
Subject: [PATCH] Add manifest for Octavia deployment

This is a prep work to enable Octavia in integration tests and
introduces the basic manifest to set up Octavia.

Change-Id: If7fc02d5f9db49e00b540825286431ef4cc972fc
---
 manifests/octavia.pp | 112 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 112 insertions(+)
 create mode 100644 manifests/octavia.pp

diff --git a/manifests/octavia.pp b/manifests/octavia.pp
new file mode 100644
index 000000000..c228672b0
--- /dev/null
+++ b/manifests/octavia.pp
@@ -0,0 +1,112 @@
+# Configure the octavia service
+#
+# [*notification_topics*]
+#   (optional) AMQP topic used for OpenStack notifications
+#   Defaults to $::os_service_default.
+#
+class openstack_integration::octavia (
+  $notification_topics = $::os_service_default,
+) {
+
+  include openstack_integration::config
+  include openstack_integration::params
+
+  openstack_integration::mq_user { 'octavia':
+    password => 'an_even_bigger_secret',
+    before   => Anchor['octavia::service::begin'],
+  }
+
+  if $::openstack_integration::config::ssl {
+    openstack_integration::ssl_key { 'octavia':
+      notify  => Service['httpd'],
+      require => Package['octavia'],
+    }
+    Exec['update-ca-certificates'] ~> Service['httpd']
+  }
+
+  class { 'octavia::logging':
+    debug => true,
+  }
+  class { 'octavia::db':
+    database_connection => 'mysql+pymysql://octavia:octavia@127.0.0.1/octavia?charset=utf8',
+  }
+  class { 'octavia':
+    default_transport_url      => os_transport_url({
+      'transport' => $::openstack_integration::config::messaging_default_proto,
+      'host'      => $::openstack_integration::config::host,
+      'port'      => $::openstack_integration::config::messaging_default_port,
+      'username'  => 'octavia',
+      'password'  => 'an_even_bigger_secret',
+    }),
+    notification_transport_url => os_transport_url({
+      'transport' => $::openstack_integration::config::messaging_notify_proto,
+      'host'      => $::openstack_integration::config::host,
+      'port'      => $::openstack_integration::config::messaging_notify_port,
+      'username'  => 'octavia',
+      'password'  => 'an_even_bigger_secret',
+    }),
+    rabbit_use_ssl             => $::openstack_integration::config::ssl,
+    amqp_sasl_mechanisms       => 'PLAIN',
+    notification_topics        => $notification_topics,
+    notification_driver        => 'messagingv2',
+  }
+  class { 'octavia::db::mysql':
+    charset  => $::openstack_integration::params::mysql_charset,
+    password => 'octavia',
+  }
+  class { 'octavia::keystone::auth':
+    public_url   => "${::openstack_integration::config::base_url}:9876",
+    internal_url => "${::openstack_integration::config::base_url}:9876",
+    admin_url    => "${::openstack_integration::config::base_url}:9876",
+    password     => 'a_big_secret',
+  }
+  class { 'octavia::keystone::authtoken':
+    password             => 'a_big_secret',
+    user_domain_name     => 'Default',
+    project_domain_name  => 'Default',
+    auth_url             => $::openstack_integration::config::keystone_admin_uri,
+    www_authenticate_uri => $::openstack_integration::config::keystone_auth_uri,
+    memcached_servers    => $::openstack_integration::config::memcached_servers,
+  }
+  class { 'octavia::api':
+    enabled      => true,
+    service_name => 'httpd',
+    sync_db      => true,
+  }
+  include apache
+  class { 'octavia::wsgi::apache':
+    bind_host => $::openstack_integration::config::ip_for_url,
+    ssl       => $::openstack_integration::config::ssl,
+    ssl_key   => "/etc/octavia/ssl/private/${::fqdn}.pem",
+    ssl_cert  => $::openstack_integration::params::cert_path,
+    workers   => 2,
+  }
+  class { 'octavia::client': }
+
+  class { 'octavia::controller':
+    amp_flavor_id  => '65',
+    amphora_driver => 'amphora_noop_driver',
+    compute_driver => 'compute_noop_driver',
+    image_driver   => 'image_noop_driver',
+    network_driver => 'network_noop_driver',
+  }
+  class { 'octavia::worker':
+  }
+  class { 'octavia::health_manager':
+    heartbeat_key => 'abcdefghijkl',
+  }
+  class { 'octavia::housekeeping':
+  }
+  class { 'octavia::driver_agent':
+  }
+  # TODO(tkajinam): Consider using some of these values by defaults.
+  class { 'octavia::service_auth':
+    auth_url            => $::openstack_integration::config::keystone_admin_uri,
+    username            => 'octavia',
+    user_domain_name    => 'Default',
+    project_name        => 'services',
+    project_domain_name => 'Default',
+    password            => 'a_big_secret',
+    auth_type           => 'password'
+  }
+}