scenario002/centos7: switch RabbitMQ and OpenStack to IPv6

This is a first iteration of testing IPv6 deployment.
This patch will deploy scenario002 on centos7 by using IPv6 network.

To make it work on Ubuntu, it will require more work, that will be done
in future iterations. During my testing, I found some bugs and did not
investigate because I wanted a first scenario working on v6.

Same for scenario001 and scenario003, they'll be tested later.

Change-Id: Ib28b379645b5a3d351438e0408a9de62b9f48302
This commit is contained in:
Emilien Macchi 2016-03-02 19:09:05 -05:00
parent cf864be1bc
commit 4ed8366f07
8 changed files with 73 additions and 42 deletions

@ -16,11 +16,13 @@
case $::osfamily {
'Debian': {
$ipv6 = false
# ironic-conductor is broken for Ubuntu Trusty
# https://bugs.launchpad.net/cloud-archive/+bug/1530869
$ironic_enabled = false
}
'RedHat': {
$ipv6 = true
$ironic_enabled = true
}
default: {
@ -30,7 +32,8 @@ case $::osfamily {
include ::openstack_integration
class { '::openstack_integration::config':
ssl => true,
ssl => true,
ipv6 => $ipv6,
}
include ::openstack_integration::cacert
include ::openstack_integration::rabbitmq

@ -29,11 +29,17 @@ class openstack_integration::cinder (
password => 'cinder',
}
class { '::cinder::keystone::auth':
password => 'a_big_secret',
public_url => "http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",
internal_url => "http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",
admin_url => "http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",
public_url_v2 => "http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",
internal_url_v2 => "http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",
admin_url_v2 => "http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",
password => 'a_big_secret',
}
class { '::cinder':
database_connection => 'mysql+pymysql://cinder:cinder@127.0.0.1/cinder?charset=utf8',
rabbit_host => $::openstack_integration::config::rabbit_host,
rabbit_host => $::openstack_integration::config::ip_for_url,
rabbit_port => $::openstack_integration::config::rabbit_port,
rabbit_userid => 'cinder',
rabbit_password => 'an_even_bigger_secret',
@ -47,6 +53,8 @@ class openstack_integration::cinder (
identity_uri => $::openstack_integration::config::keystone_admin_uri,
default_volume_type => 'BACKEND_1',
service_workers => 2,
public_endpoint => "http://${::openstack_integration::config::ip_for_url}:8776",
bind_host => $::openstack_integration::config::host,
}
class { '::cinder::quota': }
class { '::cinder::scheduler': }
@ -56,7 +64,7 @@ class openstack_integration::cinder (
}
class { '::cinder::cron::db_purge': }
class { '::cinder::glance':
glance_api_servers => "${::openstack_integration::config::proto}://127.0.0.1:9292",
glance_api_servers => "${::openstack_integration::config::base_url}:9292",
}
case $backend {
'iscsi': {

@ -22,19 +22,23 @@ class openstack_integration::config (
}
if $ipv6 {
$rabbit_host = '[::1]'
$rabbit_env = {
'RABBITMQ_NODE_IP_ADDRESS' => '::1',
$host = '::1'
$rabbit_env = {
'RABBITMQ_NODE_IP_ADDRESS' => $host,
'RABBITMQ_SERVER_START_ARGS' => '"-proto_dist inet6_tcp"',
}
$ip_version = '6'
} else {
$rabbit_host = '127.0.0.1'
$host = '127.0.0.1'
$rabbit_env = {}
$ip_version = '4'
}
$keystone_auth_uri = "${proto}://127.0.0.1:5000"
$keystone_admin_uri = "${proto}://127.0.0.1:35357"
# in URL, brackets are needed
$ip_for_url = normalize_ip_for_uri($host)
$base_url = "${proto}://${ip_for_url}"
$keystone_auth_uri = "${base_url}:5000"
$keystone_admin_uri = "${base_url}:35357"
}

@ -46,9 +46,9 @@ class openstack_integration::glance (
include ::glance
include ::glance::client
class { '::glance::keystone::auth':
public_url => "${::openstack_integration::config::proto}://127.0.0.1:9292",
internal_url => "${::openstack_integration::config::proto}://127.0.0.1:9292",
admin_url => "${::openstack_integration::config::proto}://127.0.0.1:9292",
public_url => "${::openstack_integration::config::base_url}:9292",
internal_url => "${::openstack_integration::config::base_url}:9292",
admin_url => "${::openstack_integration::config::base_url}:9292",
password => 'a_big_secret',
}
case $backend {
@ -72,7 +72,7 @@ class openstack_integration::glance (
swift_store_user => 'services:glance',
swift_store_key => 'a_big_secret',
swift_store_create_container_on_put => 'True',
swift_store_auth_address => "${::openstack_integration::config::proto}://127.0.0.1:5000/v2.0",
swift_store_auth_address => "${::openstack_integration::config::base_url}:5000/v2.0",
}
}
default: {
@ -89,11 +89,13 @@ class openstack_integration::glance (
workers => 2,
stores => $glance_stores,
default_store => $backend,
bind_host => $::openstack_integration::config::host,
auth_uri => $::openstack_integration::config::keystone_auth_uri,
identity_uri => $::openstack_integration::config::keystone_admin_uri,
registry_client_protocol => $::openstack_integration::config::proto,
registry_client_cert_file => $crt_file,
registry_client_key_file => $key_file,
registry_host => $::openstack_integration::config::host,
cert_file => $crt_file,
key_file => $key_file,
}
@ -102,6 +104,7 @@ class openstack_integration::glance (
verbose => true,
database_connection => 'mysql+pymysql://glance:glance@127.0.0.1/glance?charset=utf8',
keystone_password => 'a_big_secret',
bind_host => $::openstack_integration::config::host,
workers => 2,
auth_uri => $::openstack_integration::config::keystone_auth_uri,
identity_uri => $::openstack_integration::config::keystone_admin_uri,
@ -111,7 +114,7 @@ class openstack_integration::glance (
class { '::glance::notify::rabbitmq':
rabbit_userid => 'glance',
rabbit_password => 'an_even_bigger_secret',
rabbit_host => $::openstack_integration::config::rabbit_host,
rabbit_host => $::openstack_integration::config::ip_for_url,
rabbit_port => $::openstack_integration::config::rabbit_port,
notification_driver => 'messagingv2',
rabbit_use_ssl => $::openstack_integration::config::ssl,

@ -28,7 +28,7 @@ class openstack_integration::ironic {
class { '::ironic':
rabbit_userid => 'ironic',
rabbit_password => 'an_even_bigger_secret',
rabbit_host => $::openstack_integration::config::rabbit_host,
rabbit_host => $::openstack_integration::config::ip_for_url,
rabbit_port => $::openstack_integration::config::rabbit_port,
rabbit_use_ssl => $::openstack_integration::config::ssl,
database_connection => 'mysql+pymysql://ironic:ironic@127.0.0.1/ironic?charset=utf8',
@ -40,25 +40,26 @@ class openstack_integration::ironic {
password => 'ironic',
}
class { '::ironic::keystone::auth':
public_url => "${::openstack_integration::config::proto}://127.0.0.1:6385",
internal_url => "${::openstack_integration::config::proto}://127.0.0.1:6385",
admin_url => "${::openstack_integration::config::proto}://127.0.0.1:6385",
public_url => "${::openstack_integration::config::base_url}:6385",
internal_url => "${::openstack_integration::config::base_url}:6385",
admin_url => "${::openstack_integration::config::base_url}:6385",
password => 'a_big_secret',
}
class { '::ironic::client': }
class { '::ironic::api':
auth_uri => $::openstack_integration::config::keystone_auth_uri,
identity_uri => $::openstack_integration::config::keystone_admin_uri,
neutron_url => 'http://127.0.0.1:9696',
neutron_url => "http://${::openstack_integration::config::ip_for_url}:9696",
admin_password => 'a_big_secret',
service_name => 'httpd',
}
include ::apache
class { '::ironic::wsgi::apache':
ssl => $::openstack_integration::config::ssl,
ssl_key => "/etc/ironic/ssl/private/${::fqdn}.pem",
ssl_cert => $::openstack_integration::params::cert_path,
workers => 2,
bind_host => $::openstack_integration::config::ip_for_url,
ssl => $::openstack_integration::config::ssl,
ssl_key => "/etc/ironic/ssl/private/${::fqdn}.pem",
ssl_cert => $::openstack_integration::params::cert_path,
workers => 2,
}
class { '::ironic::conductor': }
Rabbitmq_user_permissions['ironic@/'] -> Service<| tag == 'ironic-service' |>

@ -42,13 +42,17 @@ class openstack_integration::keystone (
default_domain => $default_domain,
using_domain_config => $using_domain_config,
enable_ssl => $::openstack_integration::config::ssl,
public_bind_host => $::openstack_integration::config::host,
admin_bind_host => $::openstack_integration::config::host,
}
include ::apache
class { '::keystone::wsgi::apache':
ssl => $::openstack_integration::config::ssl,
ssl_key => "/etc/keystone/ssl/private/${::fqdn}.pem",
ssl_cert => $::openstack_integration::params::cert_path,
workers => 2,
bind_host => $::openstack_integration::config::ip_for_url,
admin_bind_host => $::openstack_integration::config::ip_for_url,
ssl => $::openstack_integration::config::ssl,
ssl_key => "/etc/keystone/ssl/private/${::fqdn}.pem",
ssl_cert => $::openstack_integration::params::cert_path,
workers => 2,
}
class { '::keystone::roles::admin':
email => 'test@example.tld',

@ -20,12 +20,15 @@ class openstack_integration::neutron {
password => 'neutron',
}
class { '::neutron::keystone::auth':
password => 'a_big_secret',
public_url => "http://${::openstack_integration::config::ip_for_url}:9696",
internal_url => "http://${::openstack_integration::config::ip_for_url}:9696",
admin_url => "http://${::openstack_integration::config::ip_for_url}:9696",
password => 'a_big_secret',
}
class { '::neutron':
rabbit_user => 'neutron',
rabbit_password => 'an_even_bigger_secret',
rabbit_host => $::openstack_integration::config::rabbit_host,
rabbit_host => $::openstack_integration::config::ip_for_url,
rabbit_port => $::openstack_integration::config::rabbit_port,
rabbit_use_ssl => $::openstack_integration::config::ssl,
allow_overlapping_ips => true,
@ -33,6 +36,7 @@ class openstack_integration::neutron {
service_plugins => ['router', 'metering', 'firewall'],
debug => true,
verbose => true,
bind_host => $::openstack_integration::config::host,
}
class { '::neutron::client': }
class { '::neutron::server':

@ -41,23 +41,24 @@ class openstack_integration::nova (
password => 'nova',
}
class { '::nova::keystone::auth':
public_url => "${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s",
public_url_v3 => "${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s",
internal_url => "${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s",
internal_url_v3 => "${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s",
admin_url => "${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s",
admin_url_v3 => "${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s",
public_url => "${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",
internal_url => "${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",
admin_url => "${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",
public_url_v3 => "${::openstack_integration::config::base_url}:8774/v3",
internal_url_v3 => "${::openstack_integration::config::base_url}:8774/v3",
admin_url_v3 => "${::openstack_integration::config::base_url}:8774/v3",
password => 'a_big_secret',
}
class { '::nova':
database_connection => 'mysql+pymysql://nova:nova@127.0.0.1/nova?charset=utf8',
api_database_connection => 'mysql+pymysql://nova_api:nova@127.0.0.1/nova_api?charset=utf8',
rabbit_host => $::openstack_integration::config::rabbit_host,
rabbit_host => $::openstack_integration::config::ip_for_url,
rabbit_port => $::openstack_integration::config::rabbit_port,
rabbit_userid => 'nova',
rabbit_password => 'an_even_bigger_secret',
rabbit_use_ssl => $::openstack_integration::config::ssl,
glance_api_servers => "${::openstack_integration::config::proto}://127.0.0.1:9292",
use_ipv6 => $::openstack_integration::config::ipv6,
glance_api_servers => "${::openstack_integration::config::base_url}:9292",
verbose => true,
debug => true,
notification_driver => 'messagingv2',
@ -67,6 +68,7 @@ class openstack_integration::nova (
admin_password => 'a_big_secret',
auth_uri => $::openstack_integration::config::keystone_auth_uri,
identity_uri => $::openstack_integration::config::keystone_admin_uri,
api_bind_address => $::openstack_integration::config::host,
osapi_v3 => true,
neutron_metadata_proxy_shared_secret => 'a_big_secret',
metadata_workers => 2,
@ -76,10 +78,11 @@ class openstack_integration::nova (
}
include ::apache
class { '::nova::wsgi::apache':
ssl_key => "/etc/nova/ssl/private/${::fqdn}.pem",
ssl_cert => $::openstack_integration::params::cert_path,
ssl => $::openstack_integration::config::ssl,
workers => '2',
bind_host => $::openstack_integration::config::ip_for_url,
ssl_key => "/etc/nova/ssl/private/${::fqdn}.pem",
ssl_cert => $::openstack_integration::params::cert_path,
ssl => $::openstack_integration::config::ssl,
workers => '2',
}
class { '::nova::client': }
class { '::nova::conductor': }
@ -114,6 +117,7 @@ class openstack_integration::nova (
class { '::nova::network::neutron':
neutron_auth_url => "${::openstack_integration::config::keystone_admin_uri}/v3",
neutron_url => "http://${::openstack_integration::config::ip_for_url}:9696",
neutron_password => 'a_big_secret',
}