scenario002/centos7: switch RabbitMQ and OpenStack to IPv6
This is a first iteration of testing IPv6 deployment. This patch will deploy scenario002 on centos7 by using IPv6 network. To make it work on Ubuntu, it will require more work, that will be done in future iterations. During my testing, I found some bugs and did not investigate because I wanted a first scenario working on v6. Same for scenario001 and scenario003, they'll be tested later. Change-Id: Ib28b379645b5a3d351438e0408a9de62b9f48302
This commit is contained in:
parent
cf864be1bc
commit
4ed8366f07
@ -16,11 +16,13 @@
|
||||
|
||||
case $::osfamily {
|
||||
'Debian': {
|
||||
$ipv6 = false
|
||||
# ironic-conductor is broken for Ubuntu Trusty
|
||||
# https://bugs.launchpad.net/cloud-archive/+bug/1530869
|
||||
$ironic_enabled = false
|
||||
}
|
||||
'RedHat': {
|
||||
$ipv6 = true
|
||||
$ironic_enabled = true
|
||||
}
|
||||
default: {
|
||||
@ -30,7 +32,8 @@ case $::osfamily {
|
||||
|
||||
include ::openstack_integration
|
||||
class { '::openstack_integration::config':
|
||||
ssl => true,
|
||||
ssl => true,
|
||||
ipv6 => $ipv6,
|
||||
}
|
||||
include ::openstack_integration::cacert
|
||||
include ::openstack_integration::rabbitmq
|
||||
|
@ -29,11 +29,17 @@ class openstack_integration::cinder (
|
||||
password => 'cinder',
|
||||
}
|
||||
class { '::cinder::keystone::auth':
|
||||
password => 'a_big_secret',
|
||||
public_url => "http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",
|
||||
internal_url => "http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",
|
||||
admin_url => "http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",
|
||||
public_url_v2 => "http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",
|
||||
internal_url_v2 => "http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",
|
||||
admin_url_v2 => "http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
class { '::cinder':
|
||||
database_connection => 'mysql+pymysql://cinder:cinder@127.0.0.1/cinder?charset=utf8',
|
||||
rabbit_host => $::openstack_integration::config::rabbit_host,
|
||||
rabbit_host => $::openstack_integration::config::ip_for_url,
|
||||
rabbit_port => $::openstack_integration::config::rabbit_port,
|
||||
rabbit_userid => 'cinder',
|
||||
rabbit_password => 'an_even_bigger_secret',
|
||||
@ -47,6 +53,8 @@ class openstack_integration::cinder (
|
||||
identity_uri => $::openstack_integration::config::keystone_admin_uri,
|
||||
default_volume_type => 'BACKEND_1',
|
||||
service_workers => 2,
|
||||
public_endpoint => "http://${::openstack_integration::config::ip_for_url}:8776",
|
||||
bind_host => $::openstack_integration::config::host,
|
||||
}
|
||||
class { '::cinder::quota': }
|
||||
class { '::cinder::scheduler': }
|
||||
@ -56,7 +64,7 @@ class openstack_integration::cinder (
|
||||
}
|
||||
class { '::cinder::cron::db_purge': }
|
||||
class { '::cinder::glance':
|
||||
glance_api_servers => "${::openstack_integration::config::proto}://127.0.0.1:9292",
|
||||
glance_api_servers => "${::openstack_integration::config::base_url}:9292",
|
||||
}
|
||||
case $backend {
|
||||
'iscsi': {
|
||||
|
@ -22,19 +22,23 @@ class openstack_integration::config (
|
||||
}
|
||||
|
||||
if $ipv6 {
|
||||
$rabbit_host = '[::1]'
|
||||
$rabbit_env = {
|
||||
'RABBITMQ_NODE_IP_ADDRESS' => '::1',
|
||||
$host = '::1'
|
||||
$rabbit_env = {
|
||||
'RABBITMQ_NODE_IP_ADDRESS' => $host,
|
||||
'RABBITMQ_SERVER_START_ARGS' => '"-proto_dist inet6_tcp"',
|
||||
}
|
||||
$ip_version = '6'
|
||||
} else {
|
||||
$rabbit_host = '127.0.0.1'
|
||||
$host = '127.0.0.1'
|
||||
$rabbit_env = {}
|
||||
$ip_version = '4'
|
||||
}
|
||||
|
||||
$keystone_auth_uri = "${proto}://127.0.0.1:5000"
|
||||
$keystone_admin_uri = "${proto}://127.0.0.1:35357"
|
||||
# in URL, brackets are needed
|
||||
$ip_for_url = normalize_ip_for_uri($host)
|
||||
|
||||
$base_url = "${proto}://${ip_for_url}"
|
||||
$keystone_auth_uri = "${base_url}:5000"
|
||||
$keystone_admin_uri = "${base_url}:35357"
|
||||
|
||||
}
|
||||
|
@ -46,9 +46,9 @@ class openstack_integration::glance (
|
||||
include ::glance
|
||||
include ::glance::client
|
||||
class { '::glance::keystone::auth':
|
||||
public_url => "${::openstack_integration::config::proto}://127.0.0.1:9292",
|
||||
internal_url => "${::openstack_integration::config::proto}://127.0.0.1:9292",
|
||||
admin_url => "${::openstack_integration::config::proto}://127.0.0.1:9292",
|
||||
public_url => "${::openstack_integration::config::base_url}:9292",
|
||||
internal_url => "${::openstack_integration::config::base_url}:9292",
|
||||
admin_url => "${::openstack_integration::config::base_url}:9292",
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
case $backend {
|
||||
@ -72,7 +72,7 @@ class openstack_integration::glance (
|
||||
swift_store_user => 'services:glance',
|
||||
swift_store_key => 'a_big_secret',
|
||||
swift_store_create_container_on_put => 'True',
|
||||
swift_store_auth_address => "${::openstack_integration::config::proto}://127.0.0.1:5000/v2.0",
|
||||
swift_store_auth_address => "${::openstack_integration::config::base_url}:5000/v2.0",
|
||||
}
|
||||
}
|
||||
default: {
|
||||
@ -89,11 +89,13 @@ class openstack_integration::glance (
|
||||
workers => 2,
|
||||
stores => $glance_stores,
|
||||
default_store => $backend,
|
||||
bind_host => $::openstack_integration::config::host,
|
||||
auth_uri => $::openstack_integration::config::keystone_auth_uri,
|
||||
identity_uri => $::openstack_integration::config::keystone_admin_uri,
|
||||
registry_client_protocol => $::openstack_integration::config::proto,
|
||||
registry_client_cert_file => $crt_file,
|
||||
registry_client_key_file => $key_file,
|
||||
registry_host => $::openstack_integration::config::host,
|
||||
cert_file => $crt_file,
|
||||
key_file => $key_file,
|
||||
}
|
||||
@ -102,6 +104,7 @@ class openstack_integration::glance (
|
||||
verbose => true,
|
||||
database_connection => 'mysql+pymysql://glance:glance@127.0.0.1/glance?charset=utf8',
|
||||
keystone_password => 'a_big_secret',
|
||||
bind_host => $::openstack_integration::config::host,
|
||||
workers => 2,
|
||||
auth_uri => $::openstack_integration::config::keystone_auth_uri,
|
||||
identity_uri => $::openstack_integration::config::keystone_admin_uri,
|
||||
@ -111,7 +114,7 @@ class openstack_integration::glance (
|
||||
class { '::glance::notify::rabbitmq':
|
||||
rabbit_userid => 'glance',
|
||||
rabbit_password => 'an_even_bigger_secret',
|
||||
rabbit_host => $::openstack_integration::config::rabbit_host,
|
||||
rabbit_host => $::openstack_integration::config::ip_for_url,
|
||||
rabbit_port => $::openstack_integration::config::rabbit_port,
|
||||
notification_driver => 'messagingv2',
|
||||
rabbit_use_ssl => $::openstack_integration::config::ssl,
|
||||
|
@ -28,7 +28,7 @@ class openstack_integration::ironic {
|
||||
class { '::ironic':
|
||||
rabbit_userid => 'ironic',
|
||||
rabbit_password => 'an_even_bigger_secret',
|
||||
rabbit_host => $::openstack_integration::config::rabbit_host,
|
||||
rabbit_host => $::openstack_integration::config::ip_for_url,
|
||||
rabbit_port => $::openstack_integration::config::rabbit_port,
|
||||
rabbit_use_ssl => $::openstack_integration::config::ssl,
|
||||
database_connection => 'mysql+pymysql://ironic:ironic@127.0.0.1/ironic?charset=utf8',
|
||||
@ -40,25 +40,26 @@ class openstack_integration::ironic {
|
||||
password => 'ironic',
|
||||
}
|
||||
class { '::ironic::keystone::auth':
|
||||
public_url => "${::openstack_integration::config::proto}://127.0.0.1:6385",
|
||||
internal_url => "${::openstack_integration::config::proto}://127.0.0.1:6385",
|
||||
admin_url => "${::openstack_integration::config::proto}://127.0.0.1:6385",
|
||||
public_url => "${::openstack_integration::config::base_url}:6385",
|
||||
internal_url => "${::openstack_integration::config::base_url}:6385",
|
||||
admin_url => "${::openstack_integration::config::base_url}:6385",
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
class { '::ironic::client': }
|
||||
class { '::ironic::api':
|
||||
auth_uri => $::openstack_integration::config::keystone_auth_uri,
|
||||
identity_uri => $::openstack_integration::config::keystone_admin_uri,
|
||||
neutron_url => 'http://127.0.0.1:9696',
|
||||
neutron_url => "http://${::openstack_integration::config::ip_for_url}:9696",
|
||||
admin_password => 'a_big_secret',
|
||||
service_name => 'httpd',
|
||||
}
|
||||
include ::apache
|
||||
class { '::ironic::wsgi::apache':
|
||||
ssl => $::openstack_integration::config::ssl,
|
||||
ssl_key => "/etc/ironic/ssl/private/${::fqdn}.pem",
|
||||
ssl_cert => $::openstack_integration::params::cert_path,
|
||||
workers => 2,
|
||||
bind_host => $::openstack_integration::config::ip_for_url,
|
||||
ssl => $::openstack_integration::config::ssl,
|
||||
ssl_key => "/etc/ironic/ssl/private/${::fqdn}.pem",
|
||||
ssl_cert => $::openstack_integration::params::cert_path,
|
||||
workers => 2,
|
||||
}
|
||||
class { '::ironic::conductor': }
|
||||
Rabbitmq_user_permissions['ironic@/'] -> Service<| tag == 'ironic-service' |>
|
||||
|
@ -42,13 +42,17 @@ class openstack_integration::keystone (
|
||||
default_domain => $default_domain,
|
||||
using_domain_config => $using_domain_config,
|
||||
enable_ssl => $::openstack_integration::config::ssl,
|
||||
public_bind_host => $::openstack_integration::config::host,
|
||||
admin_bind_host => $::openstack_integration::config::host,
|
||||
}
|
||||
include ::apache
|
||||
class { '::keystone::wsgi::apache':
|
||||
ssl => $::openstack_integration::config::ssl,
|
||||
ssl_key => "/etc/keystone/ssl/private/${::fqdn}.pem",
|
||||
ssl_cert => $::openstack_integration::params::cert_path,
|
||||
workers => 2,
|
||||
bind_host => $::openstack_integration::config::ip_for_url,
|
||||
admin_bind_host => $::openstack_integration::config::ip_for_url,
|
||||
ssl => $::openstack_integration::config::ssl,
|
||||
ssl_key => "/etc/keystone/ssl/private/${::fqdn}.pem",
|
||||
ssl_cert => $::openstack_integration::params::cert_path,
|
||||
workers => 2,
|
||||
}
|
||||
class { '::keystone::roles::admin':
|
||||
email => 'test@example.tld',
|
||||
|
@ -20,12 +20,15 @@ class openstack_integration::neutron {
|
||||
password => 'neutron',
|
||||
}
|
||||
class { '::neutron::keystone::auth':
|
||||
password => 'a_big_secret',
|
||||
public_url => "http://${::openstack_integration::config::ip_for_url}:9696",
|
||||
internal_url => "http://${::openstack_integration::config::ip_for_url}:9696",
|
||||
admin_url => "http://${::openstack_integration::config::ip_for_url}:9696",
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
class { '::neutron':
|
||||
rabbit_user => 'neutron',
|
||||
rabbit_password => 'an_even_bigger_secret',
|
||||
rabbit_host => $::openstack_integration::config::rabbit_host,
|
||||
rabbit_host => $::openstack_integration::config::ip_for_url,
|
||||
rabbit_port => $::openstack_integration::config::rabbit_port,
|
||||
rabbit_use_ssl => $::openstack_integration::config::ssl,
|
||||
allow_overlapping_ips => true,
|
||||
@ -33,6 +36,7 @@ class openstack_integration::neutron {
|
||||
service_plugins => ['router', 'metering', 'firewall'],
|
||||
debug => true,
|
||||
verbose => true,
|
||||
bind_host => $::openstack_integration::config::host,
|
||||
}
|
||||
class { '::neutron::client': }
|
||||
class { '::neutron::server':
|
||||
|
@ -41,23 +41,24 @@ class openstack_integration::nova (
|
||||
password => 'nova',
|
||||
}
|
||||
class { '::nova::keystone::auth':
|
||||
public_url => "${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s",
|
||||
public_url_v3 => "${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s",
|
||||
internal_url => "${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s",
|
||||
internal_url_v3 => "${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s",
|
||||
admin_url => "${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s",
|
||||
admin_url_v3 => "${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s",
|
||||
public_url => "${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",
|
||||
internal_url => "${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",
|
||||
admin_url => "${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",
|
||||
public_url_v3 => "${::openstack_integration::config::base_url}:8774/v3",
|
||||
internal_url_v3 => "${::openstack_integration::config::base_url}:8774/v3",
|
||||
admin_url_v3 => "${::openstack_integration::config::base_url}:8774/v3",
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
class { '::nova':
|
||||
database_connection => 'mysql+pymysql://nova:nova@127.0.0.1/nova?charset=utf8',
|
||||
api_database_connection => 'mysql+pymysql://nova_api:nova@127.0.0.1/nova_api?charset=utf8',
|
||||
rabbit_host => $::openstack_integration::config::rabbit_host,
|
||||
rabbit_host => $::openstack_integration::config::ip_for_url,
|
||||
rabbit_port => $::openstack_integration::config::rabbit_port,
|
||||
rabbit_userid => 'nova',
|
||||
rabbit_password => 'an_even_bigger_secret',
|
||||
rabbit_use_ssl => $::openstack_integration::config::ssl,
|
||||
glance_api_servers => "${::openstack_integration::config::proto}://127.0.0.1:9292",
|
||||
use_ipv6 => $::openstack_integration::config::ipv6,
|
||||
glance_api_servers => "${::openstack_integration::config::base_url}:9292",
|
||||
verbose => true,
|
||||
debug => true,
|
||||
notification_driver => 'messagingv2',
|
||||
@ -67,6 +68,7 @@ class openstack_integration::nova (
|
||||
admin_password => 'a_big_secret',
|
||||
auth_uri => $::openstack_integration::config::keystone_auth_uri,
|
||||
identity_uri => $::openstack_integration::config::keystone_admin_uri,
|
||||
api_bind_address => $::openstack_integration::config::host,
|
||||
osapi_v3 => true,
|
||||
neutron_metadata_proxy_shared_secret => 'a_big_secret',
|
||||
metadata_workers => 2,
|
||||
@ -76,10 +78,11 @@ class openstack_integration::nova (
|
||||
}
|
||||
include ::apache
|
||||
class { '::nova::wsgi::apache':
|
||||
ssl_key => "/etc/nova/ssl/private/${::fqdn}.pem",
|
||||
ssl_cert => $::openstack_integration::params::cert_path,
|
||||
ssl => $::openstack_integration::config::ssl,
|
||||
workers => '2',
|
||||
bind_host => $::openstack_integration::config::ip_for_url,
|
||||
ssl_key => "/etc/nova/ssl/private/${::fqdn}.pem",
|
||||
ssl_cert => $::openstack_integration::params::cert_path,
|
||||
ssl => $::openstack_integration::config::ssl,
|
||||
workers => '2',
|
||||
}
|
||||
class { '::nova::client': }
|
||||
class { '::nova::conductor': }
|
||||
@ -114,6 +117,7 @@ class openstack_integration::nova (
|
||||
|
||||
class { '::nova::network::neutron':
|
||||
neutron_auth_url => "${::openstack_integration::config::keystone_admin_uri}/v3",
|
||||
neutron_url => "http://${::openstack_integration::config::ip_for_url}:9696",
|
||||
neutron_password => 'a_big_secret',
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user