diff --git a/.fixtures.yml b/.fixtures.yml index c88edfe..9d42299 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -6,5 +6,6 @@ fixtures: "nova": "git://github.com/puppetlabs/puppetlabs-nova.git" "stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git" "sysctl": "git://github.com/duritong/puppet-sysctl.git" + 'inifile': 'git://github.com/cprice-puppet/puppetlabs-inifile' symlinks: "openstack": "#{source_dir}" diff --git a/README.md b/README.md index 454016d..5304329 100644 --- a/README.md +++ b/README.md @@ -50,9 +50,9 @@ These modules are based on the adminstrative guides for openstack called br100 that bridges into the ip address specified on that NIC All interfaces that are used to bridge traffic for the internal network - need to have permiscous mode set. + need to have promiscuous mode set. - Below is an example of setting permiscuos mode on an interface on Ubuntu. + Below is an example of setting promiscuous mode on an interface on Ubuntu. #/etc/network/interfaces diff --git a/manifests/all.pp b/manifests/all.pp index 6c4200d..f6ac7cc 100644 --- a/manifests/all.pp +++ b/manifests/all.pp @@ -3,9 +3,8 @@ # # Class that performs a basic openstack all in one installation. # -# === Parameterrs +# === Parameters # -# TODO public address should be optional. # [public_address] Public address used by vnchost. Required. # [public_interface] The interface used to route public traffic by the # network service. @@ -35,16 +34,21 @@ # [purge_nova_config] Whether unmanaged nova.conf entries should be purged. Optional. Defaults to true. # [libvirt_type] The virualization type being controlled by libvirt. Optional. Defaults to 'kvm'. # [nova_volume] The name of the volume group to use for nova volume allocation. Optional. Defaults to 'nova-volumes'. -# # === Examples # # class { 'openstack::all': -# public_address => '192.168.0.3', -# public_interface => eth0, -# private_interface => eth1, -# admin_email => my_email@mw.com, +# public_address => '192.168.1.1', +# mysql_root_password => 'changeme', +# rabbit_password => 'changeme', +# keystone_db_password => 'changeme', +# keystone_admin_token => '12345', +# admin_email => 'my_email@mw.com', # admin_password => 'my_admin_password', -# libvirt_type => 'kvm', +# nova_db_password => 'changeme', +# nova_user_password => 'changeme', +# glance_db_password => 'changeme', +# glance_user_password => 'changeme', +# secret_key => 'dummy_secret_key', # } # # === Authors @@ -52,38 +56,127 @@ # Dan Bode # # -class openstack::all( - # passing in the public ipaddress is required +class openstack::all ( + # Network Required $public_address, - $public_interface, - $private_interface, - $floating_range = false, + # MySQL Required + $mysql_root_password = 'sql_pass', + # Rabbit Required + $rabbit_password = 'rabbitpw', + # Keystone Required + $keystone_db_password = 'keystone_pass', + $keystone_admin_token = 'keystone_admin_token', + $admin_email = 'some_user@some_fake_email_address.foo', + $admin_password = 'ChangeMe', + # Nova Required + $nova_db_password = 'nova_pass', + $nova_user_password = 'nova_pass', + # Glance Required + $glance_db_password = 'glance_pass', + $glance_user_password = 'glance_pass', + # Horizon Required + $secret_key = 'dummy_secret_key', + # Network + $public_interface = 'eth0', + $private_interface = 'eth1', $fixed_range = '10.0.0.0/24', $network_manager = 'nova.network.manager.FlatDHCPManager', $network_config = {}, - # middleware credentials - $mysql_root_password = undef, - $rabbit_password = 'rabbit_pw', - $rabbit_user = 'nova', - # opestack credentials - $admin_email = 'someuser@some_fake_email_address.foo', - $admin_password = 'ChangeMe', - $keystone_db_password = 'keystone_pass', - $keystone_admin_token = 'keystone_admin_token', - $keystone_admin_tenant = 'openstack', - $nova_db_password = 'nova_pass', - $nova_user_password = 'nova_pass', - $glance_db_password = 'glance_pass', - $glance_user_password = 'glance_pass', - $secret_key = 'dummy_secret_key', - # config - $verbose = false, $auto_assign_floating_ip = false, + $floating_range = false, + $create_networks = true, + $num_networks = 1, + # MySQL + $db_type = 'mysql', + $mysql_account_security = true, + $allowed_hosts = ['127.0.0.%'], + # Rabbit + $rabbit_user = 'nova', + # Keystone + $keystone_db_user = 'keystone', + $keystone_db_dbname = 'keystone', + $keystone_admin_tenant = 'admin', + # Nova + $nova_db_user = 'nova', + $nova_db_dbname = 'nova', $purge_nova_config = true, + # Glance + $glance_db_user = 'glance', + $glance_db_dbname = 'glance', + # Horizon + $cache_server_ip = '127.0.0.1', + $cache_server_port = '11211', + $swift = false, + $quantum = false, + $horizon_app_links = undef, + # Virtaulization $libvirt_type = 'kvm', - $nova_volume = 'nova-volumes' + # Volume + $nova_volume = 'nova-volumes', + # VNC + $vnc_enabled = true, + # General + $enabled = true, + $verbose = 'False' ) { + # Ensure things are run in order + Class['openstack::db::mysql'] -> Class['openstack::keystone'] + Class['openstack::db::mysql'] -> Class['openstack::glance'] + Class['openstack::db::mysql'] -> Class['openstack::nova::controller'] + + # set up mysql server + case $db_type { + 'mysql': { + class { 'openstack::db::mysql': + mysql_root_password => $mysql_root_password, + mysql_bind_address => '127.0.0.1', + mysql_account_security => $mysql_account_security, + keystone_db_user => $keystone_db_user, + keystone_db_password => $keystone_db_password, + keystone_db_dbname => $keystone_db_dbname, + glance_db_user => $glance_db_user, + glance_db_password => $glance_db_password, + glance_db_dbname => $glance_db_dbname, + nova_db_user => $nova_db_user, + nova_db_password => $nova_db_password, + nova_db_dbname => $nova_db_dbname, + allowed_hosts => $allowed_hosts, + } + } + } + + ####### KEYSTONE ########### + class { 'openstack::keystone': + verbose => $verbose, + db_type => $db_type, + db_host => '127.0.0.1', + keystone_db_password => $keystone_db_password, + keystone_db_dbname => $keystone_db_dbname, + keystone_db_user => $keystone_db_user, + keystone_admin_token => $keystone_admin_token, + keystone_admin_tenant => $keystone_admin_tenant, + admin_email => $admin_email, + admin_password => $admin_password, + public_address => $public_address, + internal_address => '127.0.0.1', + admin_address => '127.0.0.1', + glance_user_password => $glance_user_password, + nova_user_password => $nova_user_password, + } + + ######## GLANCE ########## + class { 'openstack::glance': + verbose => $verbose, + db_type => $db_type, + db_host => '127.0.0.1', + glance_db_user => $glance_db_user, + glance_db_dbname => $glance_db_dbname, + glance_db_password => $glance_db_password, + glance_user_password => $glance_user_password, + } + + ######## NOVA ########### # # indicates that all nova config entries that we did @@ -95,184 +188,78 @@ class openstack::all( } } - # set up mysql server - class { 'mysql::server': - config_hash => { - # the priv grant fails on precise if I set a root password - 'root_password' => $mysql_root_password, - 'bind_address' => '127.0.0.1' - } + class { 'openstack::nova::controller': + # Network + network_manager => $network_manager, + network_config => $network_config, + private_interface => $private_interface, + public_interface => $public_interface, + floating_range => $floating_range, + fixed_range => $fixed_range, + public_address => $public_address, + admin_address => '127.0.0.1', + internal_address => '127.0.0.1', + auto_assign_floating_ip => $auto_assign_floating_ip, + create_networks => $create_networks, + num_networks => $num_networks, + multi_host => false, + # Database + db_host => '127.0.0.1', + # Nova + nova_user_password => $nova_user_password, + nova_db_password => $nova_db_password, + nova_db_user => $nova_db_user, + nova_db_dbname => $nova_db_dbname, + # Rabbit + rabbit_user => $rabbit_user, + rabbit_password => $rabbit_password, + # Glance + glance_api_servers => '127.0.0.1:9292', + # VNC + vnc_enabled => $vnc_enabled, + # General + verbose => $verbose, + enabled => $enabled, + exported_resources => false, } - ####### KEYSTONE ########### - - # set up keystone database - class { 'keystone::db::mysql': - password => $keystone_db_password, - } - # set up the keystone config for mysql - class { 'keystone::config::mysql': - password => $keystone_db_password, - } - # set up keystone - class { 'keystone': - admin_token => $keystone_admin_token, - bind_host => '0.0.0.0', - log_verbose => $verbose, - log_debug => $verbose, - catalog_type => 'sql', - } - # set up keystone admin users - class { 'keystone::roles::admin': - email => $admin_email, - password => $admin_password, - admin_tenant => $keystone_admin_tenant, - } - # set up the keystone service and endpoint - class { 'keystone::endpoint': } - - ######## END KEYSTONE ########## - - ######## BEGIN GLANCE ########## - - # set up keystone user, endpoint, service - class { 'glance::keystone::auth': - password => $glance_user_password, - public_address => $public_address, - } - - # creat glance db/user/grants - class { 'glance::db::mysql': - host => '127.0.0.1', - password => $glance_db_password, - } - - # configure glance api - class { 'glance::api': - log_verbose => $verbose, - log_debug => $verbose, - auth_type => 'keystone', - auth_host => '127.0.0.1', - auth_port => '35357', - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => $glance_user_password, - } - - # configure glance to store images to disk - class { 'glance::backend::file': } - - class { 'glance::registry': - log_verbose => $verbose, - log_debug => $verbose, - auth_type => 'keystone', - auth_host => '127.0.0.1', - auth_port => '35357', - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => $glance_user_password, - sql_connection => "mysql://glance:${glance_db_password}@127.0.0.1/glance", - } - - - ######## END GLANCE ########### - - ######## BEGIN NOVA ########### - - class { 'nova::keystone::auth': - password => $nova_user_password, - public_address => $public_address, - } - - class { 'nova::rabbitmq': - userid => $rabbit_user, - password => $rabbit_password, - } - - class { 'nova::db::mysql': - password => $nova_db_password, - host => 'localhost', - } - - class { 'nova': - sql_connection => "mysql://nova:${nova_db_password}@localhost/nova", - rabbit_userid => $rabbit_user, - rabbit_password => $rabbit_password, - image_service => 'nova.image.glance.GlanceImageService', - glance_api_servers => '127.0.0.1:9292', - verbose => $verbose, - } - - class { 'nova::api': - enabled => true, - admin_password => $nova_user_password, - } - - # set up networking - class { 'nova::network': - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - floating_range => $floating_range, - install_service => true, - enabled => true, - network_manager => $network_manager, - config_overrides => $network_config, - create_networks => true, - } - - if $auto_assign_floating_ip { - nova_config { 'auto_assign_floating_ip': value => 'True'; } - } - - # a bunch of nova services that require no configuration - class { [ - 'nova::scheduler', - 'nova::objectstore', - 'nova::volume', - 'nova::cert', - 'nova::consoleauth' - ]: - enabled => true - } - - class { 'nova::vncproxy': - enabled => true, - host => $public_hostname, - } - - class { 'nova::compute': - enabled => true, - vnc_enabled => true, - vncserver_proxyclient_address => '127.0.0.1', + class { 'openstack::nova::compute': + # Network + public_address => $public_address, + private_interface => $private_interface, + public_interface => $public_interface, + fixed_range => $fixed_range, + network_manager => $network_manager, + network_config => $network_config, + multi_host => false, + internal_address => '127.0.0.1', + # Virtualization + libvirt_type => $libvirt_type, + # Volumes + nova_volume => $nova_volume, + manage_volumes => true, + iscsi_ip_address => '127.0.0.1', + # VNC + vnc_enabled => $vnc_enabled, vncproxy_host => $public_address, + # Nova + nova_user_password => $nova_user_password, + # Rabbit + rabbit_password => $rabbit_password, + # General + verbose => $verbose, + exported_resources => false, + enabled => $enabled, } - class { 'nova::compute::libvirt': - libvirt_type => $libvirt_type, - vncserver_listen => '127.0.0.1', - } - - class { 'nova::volume::iscsi': - volume_group => $nova_volume, - iscsi_ip_address => '127.0.0.1', - } - -# nova::network::bridge { 'br100': -# ip => '11.0.0.1', -# netmask => '255.255.255.0', -# } - ######## Horizon ######## - - class { 'memcached': - listen_ip => '127.0.0.1', + class { 'openstack::horizon': + secret_key => $secret_key, + cache_server_ip => $cache_server_ip, + cache_server_port => $cache_server_port, + swift => $swift, + quantum => $quantum, + horizon_app_links => $horizon_app_links, } - class { 'horizon': - secret_key => $secret_key, - } - - ######## End Horizon ##### - } diff --git a/manifests/auth_file.pp b/manifests/auth_file.pp index 1d1aaad..9cc60db 100644 --- a/manifests/auth_file.pp +++ b/manifests/auth_file.pp @@ -8,7 +8,7 @@ class openstack::auth_file( $controller_node = '127.0.0.1', $keystone_admin_token = 'keystone_admin_token', $admin_user = 'admin', - $admin_tenant = 'openstack' + $admin_tenant = 'admin' ) { file { '/root/openrc': content => diff --git a/manifests/cinder.pp b/manifests/cinder.pp new file mode 100644 index 0000000..d45b509 --- /dev/null +++ b/manifests/cinder.pp @@ -0,0 +1,25 @@ +class openstack::cinder( + $sql_connection, + $rabbit_password, + $rabbit_host = '127.0.0.1', + $volume_group = 'nova-volumes', + $enabled = true +) { + + class { 'cinder::base': + rabbit_password => $rabbit_password, + rabbit_host => $rabbit_host, + sql_connection => $sql_connection, + verbose => $verbose, + } + + # Install / configure nova-volume + class { 'cinder::volume': + enabled => $enabled, + } + if $enabled { + class { 'cinder::volume::iscsi': + volume_group => $volume_group, + } + } +} diff --git a/manifests/compute.pp b/manifests/compute.pp index 27f0df9..455aa1d 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -1,92 +1,82 @@ # -# This class is intended to serve as -# a way of deploying compute nodes. +# == Class: openstack::compute # -# This currently makes the following assumptions: -# - libvirt is used to manage the hypervisors -# - flatdhcp networking is used -# - glance is used as the backend for the image service +# Manifest to install/configure nova-compute # -# TODO - I need to make the choise of networking configurable +# === Parameters # +# See params.pp # -# [private_interface] Interface used for vm networking connectivity. Required. -# [internal_address] Internal address used for management. Required. -# [public_interface] Public interface used to route public traffic. Optional. -# Defaults to false. -# [fixed_range] Range of ipv4 network for vms. -# [network_manager] Nova network manager to use. -# [multi_host] Rather node should support multi-host networking mode for HA. -# Optional. Defaults to false. -# [network_config] Hash that can be used to pass implementation specifc -# network settings. Optioal. Defaults to {} -# [sql_connection] SQL connection information. Optional. Defaults to false -# which indicates that exported resources will be used to determine connection -# information. -# [nova_user_password] Nova service password. -# [rabbit_host] RabbitMQ host. False indicates it should be collected. -# Optional. Defaults to false, -# [rabbit_password] RabbitMQ password. Optional. Defaults to 'rabbit_pw', -# [rabbit_user] RabbitMQ user. Optional. Defaults to 'nova', -# [glance_api_servers] List of glance api servers of the form HOST:PORT -# delimited by ':'. False indicates that the resource should be collected. -# Optional. Defaults to false, -# [libvirt_type] Underlying libvirt supported hypervisor. -# Optional. Defaults to 'kvm', -# [vncproxy_host] Host that serves as vnc proxy. Optional. -# Defaults to false. False indicates that a vnc proxy should not be configured. -# [vnc_enabled] Rather vnc console should be enabled. -# Optional. Defaults to 'true', -# [verbose] Rather components should log verbosely. -# Optional. Defaults to false. -# [manage_volumes] Rather nova-volume should be enabled on this compute node. -# Optional. Defaults to false. -# [nova_volumes] Name of volume group in which nova-volume will create logical volumes. -# Optional. Defaults to nova-volumes. +# === Examples # -class openstack::compute( - $private_interface, +# class { 'openstack::nova::compute': +# internal_address => '192.168.2.2', +# vncproxy_host => '192.168.1.1', +# nova_user_password => 'changeme', +# } + +class openstack::compute ( + # Required Network $internal_address, - # networking config - $public_interface = undef, - $fixed_range = '10.0.0.0/16', - $network_manager = 'nova.network.manager.FlatDHCPManager', - $multi_host = false, - $network_config = {}, - # my address - # conection information - $sql_connection = false, - $nova_user_password = 'nova_pass', - $rabbit_host = false, - $rabbit_password = 'rabbit_pw', - $rabbit_user = 'nova', - $glance_api_servers = false, - # nova compute configuration parameters - $libvirt_type = 'kvm', - $vncproxy_host = false, - $vnc_enabled = 'true', - $verbose = false, - $manage_volumes = false, - $nova_volume = 'nova-volumes' + # Required Nova + $nova_user_password, + # Required Rabbit + $rabbit_password, + # Network + # DB + $sql_connection = false, + # Nova + $purge_nova_config = true, + # Rabbit + $rabbit_host = false, + $rabbit_user = 'nova', + # Glance + $glance_api_servers = false, + # Virtualization + $libvirt_type = 'kvm', + # VNC + $vnc_enabled = true, + $vncproxy_host = undef, + # General + $verbose = 'False', + $enabled = true ) { + # + # indicates that all nova config entries that we did + # not specifify in Puppet should be purged from file + # + if ! defined( Resources[nova_config] ) { + if ($purge_nova_config) { + resources { 'nova_config': + purge => true, + } + } + } + + $final_sql_connection = $sql_connection + $glance_connection = $glance_api_servers + $rabbit_connection = $rabbit_host + class { 'nova': sql_connection => $sql_connection, - rabbit_host => $rabbit_host, rabbit_userid => $rabbit_user, rabbit_password => $rabbit_password, image_service => 'nova.image.glance.GlanceImageService', glance_api_servers => $glance_api_servers, verbose => $verbose, + rabbit_host => $rabbit_host, } - class { 'nova::compute': - enabled => true, - vnc_enabled => $vnc_enabled, - vncserver_proxyclient_address => $internal_address, - vncproxy_host => $vncproxy_host, + # Install / configure nova-compute + class { '::nova::compute': + enabled => $enabled, + vnc_enabled => $vnc_enabled, + vncserver_proxyclient_address => $internal_address, + vncproxy_host => $vncproxy_host, } + # Configure libvirt for nova-compute class { 'nova::compute::libvirt': libvirt_type => $libvirt_type, vncserver_listen => $internal_address, @@ -95,54 +85,40 @@ class openstack::compute( # if the compute node should be configured as a multi-host # compute installation if $multi_host { - include keystone::python - - nova_config { - 'multi_host': value => 'True'; - 'send_arp_for_ha': value => 'True'; - } - if ! $public_interface { - fail('public_interface must be defined for multi host compute nodes') - } - $enable_network_service = true + #nova_config { + # 'multi_host': value => 'True'; + # 'send_arp_for_ha': value => 'True'; + #} + #if ! $public_interface { + # fail('public_interface must be defined for multi host compute nodes') + #} + #$enable_network_service = true class { 'nova::api': enabled => true, admin_tenant_name => 'services', admin_user => 'nova', admin_password => $nova_user_password, + # TODO override enabled_apis } } else { - $enable_network_service = false - nova_config { - 'multi_host': value => 'False'; - 'send_arp_for_ha': value => 'False'; - } + #$enable_network_service = false + #nova_config { + # 'multi_host': value => 'False'; + # 'send_arp_for_ha': value => 'False'; + #} } - # set up configuration for networking - class { 'nova::network': - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - floating_range => false, - network_manager => $network_manager, - config_overrides => $network_config, - create_networks => false, - enabled => $enable_network_service, - install_service => $enable_network_service, - } - - if $manage_volumes { - - class { 'nova::volume': - enabled => true, - } - - class { 'nova::volume::iscsi': - volume_group => $nova_volume, - iscsi_ip_address => $internal_address, - } - } + #class { 'nova::network': + # private_interface => $private_interface, + # public_interface => $public_interface, + # fixed_range => $fixed_range, + # floating_range => false, + # network_manager => $network_manager, + # config_overrides => $network_config, + # create_networks => false, + # enabled => $enable_network_service, + # install_service => $enable_network_service, + #} } diff --git a/manifests/controller.pp b/manifests/controller.pp index 0257018..d0d54d8 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -1,8 +1,7 @@ # # This can be used to build out the simplest openstack controller # -# -# $export_resources - Whether resources should be exported +# === Parameters # # [public_interface] Public interface used to route public traffic. Required. # [public_address] Public address for public endpoints. Required. @@ -31,7 +30,7 @@ # Defaults to false. # [network_config] Hash that can be used to pass implementation specifc # network settings. Optioal. Defaults to {} -# [verbose] Rahter to log services at verbose. +# [verbose] Whether to log services at verbose. # [export_resources] Rather to export resources. # Horizon related config - assumes puppetlabs-horizon code # [secret_key] secret key to encode cookies, … @@ -43,285 +42,243 @@ # There is no specific requirement for these apps to be for monitoring, that's just the defacto purpose. # Each app is defined in two parts, the display name, and the URI # [horizon_app_links] array as in '[ ["Nagios","http://nagios_addr:port/path"],["Ganglia","http://ganglia_addr"] ]' -# # [enabled] Whether services should be enabled. This parameter can be used to # implement services in active-passive modes for HA. Optional. Defaults to true. -class openstack::controller( - # my address +# +# === Examples +# +# class { 'openstack::controller': +# public_address => '192.168.0.3', +# mysql_root_password => 'changeme', +# allowed_hosts => ['127.0.0.%', '192.168.1.%'], +# admin_email => 'my_email@mw.com', +# admin_password => 'my_admin_password', +# keystone_db_password => 'changeme', +# keystone_admin_token => '12345', +# glance_db_password => 'changeme', +# glance_user_password => 'changeme', +# nova_db_password => 'changeme', +# nova_user_password => 'changeme', +# secret_key => 'dummy_secret_key', +# } +# +class openstack::controller ( + # Required Network $public_address, $public_interface, $private_interface, - $internal_address, - $admin_address = $internal_address, - # connection information - $mysql_root_password = undef, + # Required Database + $mysql_root_password = 'sql_pass', + # Required Keystone $admin_email = 'some_user@some_fake_email_address.foo', $admin_password = 'ChangeMe', $keystone_db_password = 'keystone_pass', $keystone_admin_token = 'keystone_admin_token', - $keystone_admin_tenant = 'openstack', + # Required Glance $glance_db_password = 'glance_pass', $glance_user_password = 'glance_pass', + # Required Nova $nova_db_password = 'nova_pass', $nova_user_password = 'nova_pass', - $rabbit_password = 'rabbit_pw', - $rabbit_user = 'nova', - # network configuration - # this assumes that it is a flat network manager + # Required Horizon + $secret_key = 'dummy_secret_key', + # not sure if this works correctly + $internal_address = $public_address, + $admin_address = $public_address, $network_manager = 'nova.network.manager.FlatDHCPManager', - # this number has been reduced for performance during testing - $fixed_range = '10.0.0.0/16', + $fixed_range = '10.0.0.0/24', $floating_range = false, $create_networks = true, $num_networks = 1, $multi_host = false, $auto_assign_floating_ip = false, - # TODO need to reconsider this design... - # this is where the config options that are specific to the network - # types go. I am not extremely happy with this.... $network_config = {}, - # I do not think that this needs a bridge? - $verbose = false, - $export_resources = true, - $secret_key = 'dummy_secret_key', + # Database + $db_host = '127.0.0.1', + $db_type = 'mysql', + $mysql_account_security = true, + $mysql_bind_address = '0.0.0.0', + $allowed_hosts = '%', + # Keystone + $keystone_db_user = 'keystone', + $keystone_db_dbname = 'keystone', + $keystone_admin_tenant = 'admin', + # Glance + $glance_db_user = 'glance', + $glance_db_dbname = 'glance', + $glance_api_servers = undef, + # Nova + $nova_db_user = 'nova', + $nova_db_dbname = 'nova', + $purge_nova_config = true, + # Rabbit + $rabbit_password = 'rabbit_pw', + $rabbit_user = 'nova', + # Horizon $cache_server_ip = '127.0.0.1', $cache_server_port = '11211', $swift = false, $quantum = false, - $horizon_app_links = false, + $cinder = false, + $horizon_app_links = undef, + # General + $verbose = 'False', + $export_resources = true, + # if the cinder management components should be installed + $cinder_user_password = 'cinder_user_pass', + $cinder_db_password = 'cinder_db_pass', + $cinder_db_user = 'cinder', + $cinder_db_dbname = 'cinder', + # + $quantum_user_password = 'quantum_user_pass', + $quantum_db_password = 'quantum_db_pass', + $quantum_db_user = 'quantum', + $quantum_db_dbname = 'quantum', $enabled = true ) { - $glance_api_servers = "${internal_address}:9292" - $nova_db = "mysql://nova:${nova_db_password}@${internal_address}/nova" - - if ($export_resources) { - # export all of the things that will be needed by the clients - @@nova_config { 'rabbit_host': value => $internal_address } - Nova_config <| title == 'rabbit_host' |> - @@nova_config { 'sql_connection': value => $nova_db } - Nova_config <| title == 'sql_connection' |> - @@nova_config { 'glance_api_servers': value => $glance_api_servers } - Nova_config <| title == 'glance_api_servers' |> - @@nova_config { 'novncproxy_base_url': value => "http://${public_address}:6080/vnc_auto.html" } - $sql_connection = false - $glance_connection = false - $rabbit_connection = false - } else { - $sql_connection = $nova_db - $glance_connection = $glance_api_servers - $rabbit_connection = $internal_address - } + # Ensure things are run in order + Class['openstack::db::mysql'] -> Class['openstack::keystone'] + Class['openstack::db::mysql'] -> Class['openstack::glance'] + Class['openstack::db::mysql'] -> Class['openstack::nova::controller'] ####### DATABASE SETUP ###### - # set up mysql server - class { 'mysql::server': - config_hash => { - # the priv grant fails on precise if I set a root password - # TODO I should make sure that this works - 'root_password' => $mysql_root_password, - 'bind_address' => '0.0.0.0' - }, - enabled => $enabled, - } - if ($enabled) { - # set up all openstack databases, users, grants - class { 'keystone::db::mysql': - password => $keystone_db_password, + if ($db_type == 'mysql') { + if ($enabled) { + Class['glance::db::mysql'] -> Class['glance::registry'] } - Class['glance::db::mysql'] -> Class['glance::registry'] - class { 'glance::db::mysql': - host => '127.0.0.1', - password => $glance_db_password, - } - # TODO should I allow all hosts to connect? - class { 'nova::db::mysql': - password => $nova_db_password, - host => $internal_address, - allowed_hosts => '%', + class { 'openstack::db::mysql': + mysql_root_password => $mysql_root_password, + mysql_bind_address => $mysql_bind_address, + mysql_account_security => $mysql_account_security, + keystone_db_user => $keystone_db_user, + keystone_db_password => $keystone_db_password, + keystone_db_dbname => $keystone_db_dbname, + glance_db_user => $glance_db_user, + glance_db_password => $glance_db_password, + glance_db_dbname => $glance_db_dbname, + nova_db_user => $nova_db_user, + nova_db_password => $nova_db_password, + nova_db_dbname => $nova_db_dbname, + cinder => $cinder, + cinder_db_user => $cinder_db_user, + cinder_db_password => $cinder_db_password, + cinder_db_dbname => $cinder_db_dbname, + quantum => $quantum, + quantum_db_user => $quantum_db_user, + quantum_db_password => $quantum_db_password, + quantum_db_dbname => $quantum_db_dbname, + allowed_hosts => $allowed_hosts, + enabled => $enabled, } } ####### KEYSTONE ########### - - # set up keystone - class { 'keystone': - admin_token => $keystone_admin_token, - # we are binding keystone on all interfaces - # the end user may want to be more restrictive - bind_host => '0.0.0.0', - log_verbose => $verbose, - log_debug => $verbose, - catalog_type => 'sql', - enabled => $enabled, - } - # set up keystone database - # set up the keystone config for mysql - class { 'keystone::config::mysql': - password => $keystone_db_password, + class { 'openstack::keystone': + verbose => $verbose, + db_type => $db_type, + db_host => $db_host, + db_password => $keystone_db_password, + db_name => $keystone_db_dbname, + db_user => $keystone_db_user, + admin_token => $keystone_admin_token, + admin_tenant => $keystone_admin_tenant, + admin_email => $admin_email, + admin_password => $admin_password, + public_address => $public_address, + internal_address => $internal_address, + admin_address => $admin_address, + glance_user_password => $glance_user_password, + nova_user_password => $nova_user_password, + cinder => $cinder, + cinder_user_password => $cinder_user_password, + quantum => $quantum, + quantum_user_password => $quantum_user_password, + enabled => $enabled, } - if ($enabled) { - # set up keystone admin users - class { 'keystone::roles::admin': - email => $admin_email, - password => $admin_password, - admin_tenant => $keystone_admin_tenant, - } - # set up the keystone service and endpoint - class { 'keystone::endpoint': - public_address => $public_address, - internal_address => $internal_address, - admin_address => $admin_address, - } - # set up glance service,user,endpoint - class { 'glance::keystone::auth': - password => $glance_user_password, - public_address => $public_address, - internal_address => $internal_address, - admin_address => $admin_address, - before => [Class['glance::api'], Class['glance::registry']] - } - # set up nova serice,user,endpoint - class { 'nova::keystone::auth': - password => $nova_user_password, - public_address => $public_address, - internal_address => $internal_address, - admin_address => $admin_address, - before => Class['nova::api'], - } - } - - ######## END KEYSTONE ########## ######## BEGIN GLANCE ########## - - - class { 'glance::api': - log_verbose => $verbose, - log_debug => $verbose, - auth_type => 'keystone', - auth_host => '127.0.0.1', - auth_port => '35357', - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => $glance_user_password, - enabled => $enabled, + class { 'openstack::glance': + verbose => $verbose, + db_type => $db_type, + db_host => $db_host, + glance_db_user => $glance_db_user, + glance_db_dbname => $glance_db_dbname, + glance_db_password => $glance_db_password, + glance_user_password => $glance_user_password, + enabled => $enabled, } - class { 'glance::backend::file': } - - class { 'glance::registry': - log_verbose => $verbose, - log_debug => $verbose, - auth_type => 'keystone', - auth_host => '127.0.0.1', - auth_port => '35357', - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => $glance_user_password, - sql_connection => "mysql://glance:${glance_db_password}@127.0.0.1/glance", - enabled => $enabled, - } - - ######## END GLANCE ########### ######## BEGIN NOVA ########### - - - class { 'nova::rabbitmq': - userid => $rabbit_user, - password => $rabbit_password, - enabled => $enabled, - } - - # TODO I may need to figure out if I need to set the connection information - # or if I should collect it - class { 'nova': - sql_connection => $sql_connection, - # this is false b/c we are exporting - rabbit_host => $rabbit_connection, - rabbit_userid => $rabbit_user, - rabbit_password => $rabbit_password, - image_service => 'nova.image.glance.GlanceImageService', - glance_api_servers => $glance_connection, - verbose => $verbose, - } - - class { 'nova::api': - enabled => $enabled, - # TODO this should be the nova service credentials - #admin_tenant_name => 'openstack', - #admin_user => 'admin', - #admin_password => $admin_service_password, - admin_tenant_name => 'services', - admin_user => 'nova', - admin_password => $nova_user_password, - } - - class { [ - 'nova::cert', - 'nova::consoleauth', - 'nova::scheduler', - 'nova::objectstore', - 'nova::vncproxy' - ]: - enabled => $enabled, - } - - if $multi_host { - nova_config { 'multi_host': value => 'True'; } - $enable_network_service = false - } else { - if $enabled == true { - $enable_network_service = true - } else { - $enable_network_service = false + # + # indicates that all nova config entries that we did + # not specifify in Puppet should be purged from file + # + if ($purge_nova_config) { + resources { 'nova_config': + purge => true, } } - if $enabled { - $really_create_networks = $create_networks + class { 'openstack::nova::controller': + # Database + db_host => $db_host, + # Network + network_manager => $network_manager, + floating_range => $floating_range, + fixed_range => $fixed_range, + public_address => $public_address, + admin_address => $admin_address, + internal_address => $internal_address, + auto_assign_floating_ip => $auto_assign_floating_ip, + create_networks => $create_networks, + num_networks => $num_networks, + multi_host => $multi_host, + quantum => $quantum, + # Nova + nova_user_password => $nova_user_password, + nova_db_password => $nova_db_password, + nova_db_user => $nova_db_user, + nova_db_dbname => $nova_db_dbname, + # Rabbit + rabbit_user => $rabbit_user, + rabbit_password => $rabbit_password, + # Glance + glance_api_servers => $glance_api_servers, + # General + verbose => $verbose, + enabled => $enabled, + exported_resources => $export_resources, + } + + ######### Cinder Controller Services ######## + if ($cinder) { + class { "cinder::base": + verbose => $verbose, + sql_connection => "mysql://${cinder_db_user}:${cinder_db_password}@${db_host}/${cinder_db_dbname}?charset=utf8", + rabbit_password => $rabbit_password, + } + + class { 'cinder::api': + keystone_password => $cinder_user_password, + } + + class { 'cinder::scheduler': } } else { - $really_create_networks = false + # Set up nova-volume } - # set up networking - class { 'nova::network': - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - floating_range => $floating_range, - network_manager => $network_manager, - config_overrides => $network_config, - create_networks => $really_create_networks, - num_networks => $num_networks, - enabled => $enable_network_service, - install_service => $enable_network_service, - } - - if $auto_assign_floating_ip { - nova_config { 'auto_assign_floating_ip': value => 'True'; } - } ######## Horizon ######## - - # TOOO - what to do about HA for horizon? - - class { 'memcached': - listen_ip => '127.0.0.1', - } - - class { 'horizon': - secret_key => $secret_key, - cache_server_ip => $cache_server_ip, + class { 'openstack::horizon': + secret_key => $secret_key, + cache_server_ip => $cache_server_ip, cache_server_port => $cache_server_port, - swift => $swift, - quantum => $quantum, + swift => $swift, + quantum => $quantum, horizon_app_links => $horizon_app_links, } - - ######## End Horizon ##### - } diff --git a/manifests/db/mysql.pp b/manifests/db/mysql.pp new file mode 100644 index 0000000..68a3825 --- /dev/null +++ b/manifests/db/mysql.pp @@ -0,0 +1,125 @@ +# +# === Class: openstack::db::mysql +# +# Create MySQL databases for all components of +# OpenStack that require a database +# +# === Parameters +# +# [mysql_root_password] Root password for mysql. Required. +# [keystone_db_password] Password for keystone database. Required. +# [glance_db_password] Password for glance database. Required. +# [nova_db_password] Password for nova database. Required. +# [mysql_bind_address] Address that mysql will bind to. Optional .Defaults to '0.0.0.0'. +# [mysql_account_security] If a secure mysql db should be setup. Optional .Defaults to true. +# [keystone_db_user] DB user for keystone. Optional. Defaults to 'keystone'. +# [keystone_db_dbname] DB name for keystone. Optional. Defaults to 'keystone'. +# [glance_db_user] DB user for glance. Optional. Defaults to 'glance'. +# [glance_db_dbname]. Name of glance DB. Optional. Defaults to 'glance'. +# [nova_db_user]. Name of nova DB user. Optional. Defaults to 'nova'. +# [nova_db_dbname]. Name of nova DB. Optional. Defaults to 'nova'. +# [allowed_hosts] List of hosts that are allowed access. Optional. Defaults to false. +# [enabled] If the db service should be started. Optional. Defaults to true. +# +# === Example +# +# class { 'openstack::db::mysql': +# mysql_root_password => 'changeme', +# keystone_db_password => 'changeme', +# glance_db_password => 'changeme', +# nova_db_password => 'changeme', +# allowed_hosts => ['127.0.0.1', '10.0.0.%'], +# } +class openstack::db::mysql ( + # Required MySQL + # passwords + $mysql_root_password, + $keystone_db_password, + $glance_db_password, + $nova_db_password, + $cinder_db_password, + $quantum_db_password, + # MySQL + $mysql_bind_address = '0.0.0.0', + $mysql_account_security = true, + # Keystone + $keystone_db_user = 'keystone', + $keystone_db_dbname = 'keystone', + # Glance + $glance_db_user = 'glance', + $glance_db_dbname = 'glance', + # Nova + $nova_db_user = 'nova', + $nova_db_dbname = 'nova', + $allowed_hosts = false, + # Cinder + $cinder = true, + $cinder_db_user = 'cinder', + $cinder_db_dbname = 'cinder', + # quantum + $quantum = true, + $quantum_db_user = 'quantum', + $quantum_db_dbname = 'quantum', + $enabled = true +) { + + # Install and configure MySQL Server + class { 'mysql::server': + config_hash => { + 'root_password' => $mysql_root_password, + 'bind_address' => $mysql_bind_address, + }, + enabled => $enabled, + } + + # This removes default users and guest access + if $mysql_account_security { + class { 'mysql::server::account_security': } + } + + if ($enabled) { + # Create the Keystone db + class { 'keystone::db::mysql': + user => $keystone_db_user, + password => $keystone_db_password, + dbname => $keystone_db_dbname, + allowed_hosts => $allowed_hosts, + } + + # Create the Glance db + class { 'glance::db::mysql': + user => $glance_db_user, + password => $glance_db_password, + dbname => $glance_db_dbname, + allowed_hosts => $allowed_hosts, + } + + # Create the Nova db + class { 'nova::db::mysql': + user => $nova_db_user, + password => $nova_db_password, + dbname => $nova_db_dbname, + allowed_hosts => $allowed_hosts, + } + + # create cinder db + if ($cinder) { + class { 'cinder::db::mysql': + user => $cinder_db_user, + password => $cinder_db_password, + dbname => $cinder_db_dbname, + allowed_hosts => $allowed_hosts, + } + } + + # create quantum db + if ($quantum) { + class { 'quantum::db::mysql': + user => $quantum_db_user, + password => $quantum_db_password, + dbname => $quantum_db_dbname, + allowed_hosts => $allowed_hosts, + } + } + } +} diff --git a/manifests/glance.pp b/manifests/glance.pp new file mode 100644 index 0000000..f1ddfae --- /dev/null +++ b/manifests/glance.pp @@ -0,0 +1,84 @@ +# +# == Class: openstack::glance +# +# Installs and configures Glance +# Assumes the following: +# - Keystone for authentication +# - keystone tenant: services +# - keystone username: glance +# - storage backend: file +# +# === Parameters +# +# [db_host] Host where DB resides. Required. +# [glance_user_password] Password for glance auth user. Required. +# [glance_db_password] Password for glance DB. Required. +# [keystone_host] Host whre keystone is running. Optional. Defaults to '127.0.0.1' +# [auth_uri] URI used for auth. Optional. Defaults to "http://${keystone_host}:5000/" +# [db_type] Type of sql databse to use. Optional. Defaults to 'mysql' +# [glance_db_user] Name of glance DB user. Optional. Defaults to 'glance' +# [glance_db_dbname] Name of glance DB. Optional. Defaults to 'glance' +# [verbose] Log verbosely. Optional. Defaults to 'False' +# [enabled] Used to indicate if the service should be active (true) or passive (false). +# Optional. Defaults to true +# +# === Example +# +# class { 'openstack::glance': +# glance_user_password => 'changeme', +# db_password => 'changeme', +# db_host => '127.0.0.1', +# } + +class openstack::glance ( + $db_host, + $glance_user_password, + $glance_db_password, + $keystone_host = '127.0.0.1', + $auth_uri = "http://127.0.0.1:5000/", + $db_type = 'mysql', + $glance_db_user = 'glance', + $glance_db_dbname = 'glance', + $verbose = 'False', + $enabled = true +) { + + # Configure the db string + case $db_type { + 'mysql': { + $sql_connection = "mysql://${glance_db_user}:${glance_db_password}@${db_host}/${glance_db_dbname}" + } + } + + # Install and configure glance-api + class { 'glance::api': + verbose => $verbose, + debug => $verbose, + auth_type => 'keystone', + auth_port => '35357', + auth_host => $keystone_host, + keystone_tenant => 'services', + keystone_user => 'glance', + keystone_password => $glance_user_password, + sql_connection => $sql_connection, + enabled => $enabled, + } + + # Install and configure glance-registry + class { 'glance::registry': + verbose => $verbose, + debug => $verbose, + auth_host => $keystone_host, + auth_port => '35357', + auth_type => 'keystone', + keystone_tenant => 'services', + keystone_user => 'glance', + keystone_password => $glance_user_password, + sql_connection => $sql_connection, + enabled => $enabled, + } + + # Configure file storage backend + class { 'glance::backend::file': } + +} diff --git a/manifests/horizon.pp b/manifests/horizon.pp new file mode 100644 index 0000000..fffb063 --- /dev/null +++ b/manifests/horizon.pp @@ -0,0 +1,55 @@ +# +# == Class: openstack::horizon +# +# Class to install / configure horizon. +# Will eventually include apache and ssl. +# +# NOTE: Will the inclusion of memcache be an issue? +# Such as if the server already has memcache installed? +# -jtopjian +# +# === Parameters +# +# See params.pp +# +# === Examples +# +# class { 'openstack::horizon': +# secret_key => 'dummy_secret_key', +# } +# + +class openstack::horizon ( + $secret_key, + $cache_server_ip = '127.0.0.1', + $cache_server_port = '11211', + $swift = false, + $quantum = false, + $horizon_app_links = undef, + $keystone_host = '127.0.0.1', + $keystone_scheme = 'http', + $keystone_default_role = 'Member', + $django_debug = 'False', + $api_result_limit = 1000 +) { + + class { 'memcached': + listen_ip => $cache_server_ip, + tcp_port => $cache_server_port, + udp_port => $cache_server_port, + } + + class { '::horizon': + cache_server_ip => $cache_server_ip, + cache_server_port => $cache_server_port, + secret_key => $secret_key, + swift => $swift, + quantum => $quantum, + horizon_app_links => $horizon_app_links, + keystone_host => $keystone_host, + keystone_scheme => $keystone_scheme, + keystone_default_role => $keystone_default_role, + django_debug => $django_debug, + api_result_limit => $api_result_limit, + } +} diff --git a/manifests/keystone.pp b/manifests/keystone.pp new file mode 100644 index 0000000..df74088 --- /dev/null +++ b/manifests/keystone.pp @@ -0,0 +1,221 @@ +# +# == Class: openstack::keystone +# +# Installs and configures Keystone +# +# === Parameters +# +# [db_host] Host where DB resides. Required. +# [keystone_db_password] Password for keystone DB. Required. +# [keystone_admin_token]. Auth token for keystone admin. Required. +# [admin_email] Email address of system admin. Required. +# [admin_password] +# [glance_user_password] Auth password for glance user. Required. +# [nova_user_password] Auth password for nova user. Required. +# [public_address] Public address where keystone can be accessed. Required. +# [db_type] Type of DB used. Currently only supports mysql. Optional. Defaults to 'mysql' +# [keystone_db_user] Name of keystone db user. Optional. Defaults to 'keystone' +# [keystone_db_dbname] Name of keystone DB. Optional. Defaults to 'keystone' +# [keystone_admin_tenant] Name of keystone admin tenant. Optional. Defaults to 'admin' +# [verbose] Log verbosely. Optional. Defaults to 'False' +# [bind_host] Address that keystone binds to. Optional. Defaults to '0.0.0.0' +# [internal_address] Internal address for keystone. Optional. Defaults to $public_address +# [admin_address] Keystone admin address. Optional. Defaults to $internal_address +# [glance] Set up glance endpoints and auth. Optional. Defaults to true +# [nova] Set up nova endpoints and auth. Optional. Defaults to true +# [enabled] If the service is active (true) or passive (false). +# Optional. Defaults to true +# +# === Example +# +# class { 'openstack::keystone': +# db_host => '127.0.0.1', +# keystone_db_password => 'changeme', +# keystone_admin_token => '12345', +# admin_email => 'root@localhost', +# admin_password => 'changeme', +# public_address => '192.168.1.1', +# } + +class openstack::keystone ( + $db_host, + $db_password, + $admin_token, + $admin_email, + $admin_password, + $glance_user_password, + $nova_user_password, + $cinder_user_password, + $quantum_user_password, + $public_address, + $db_type = 'mysql', + $db_user = 'keystone', + $db_name = 'keystone', + $admin_tenant = 'admin', + $verbose = 'False', + $bind_host = '0.0.0.0', + $internal_address = false, + $admin_address = false, + $glance_public_address = false, + $glance_internal_address = false, + $glance_admin_address = false, + $nova_public_address = false, + $nova_internal_address = false, + $nova_admin_address = false, + $cinder_public_address = false, + $cinder_internal_address = false, + $cinder_admin_address = false, + $quantum_public_address = false, + $quantum_internal_address = false, + $quantum_admin_address = false, + $glance = true, + $nova = true, + $cinder = true, + $quantum = true, + $enabled = true +) { + + # Install and configure Keystone + if $db_type == 'mysql' { + $sql_conn = "mysql://${$db_user}:${db_password}@${db_host}/${db_name}" + } else { + fail("db_type ${db_type} is not supported") + } + + # I have to do all of this crazy munging b/c parameters are not + # set procedurally in Pupet + if($internal_address) { + $internal_real = $internal_address + } else { + $internal_real = $public_address + } + if($admin_address) { + $admin_real = $admin_address + } else { + $admin_real = $internal_real + } + if($glance_public_address) { + $glance_public_real = $public_public_address + } else { + $glance_public_real = $public_address + } + if($glance_internal_address) { + $glance_internal_real = $glance_internal_address + } else { + $glance_internal_real = $glance_public_real + } + if($glance_admin_address) { + $glance_admin_real = $glance_admin_address + } else { + $glance_admin_real = $glance_internal_real + } + if($nova_public_address) { + $nova_public_real = $nova_public_address + } else { + $nova_public_real = $public_address + } + if($nova_internal_address) { + $nova_internal_real = $nova_internal_address + } else { + $nova_internal_real = $nova_public_real + } + if($nova_admin_address) { + $nova_admin_real = $nova_admin_address + } else { + $nova_admin_real = $nova_internal_real + } + if($cinder_public_address) { + $cinder_public_real = $cinder_public_address + } else { + $cinder_public_real = $public_address + } + if($cinder_internal_address) { + $cinder_internal_real = $cinder_internal_address + } else { + $cinder_internal_real = $cinder_public_real + } + if($cinder_admin_address) { + $cinder_admin_real = $cinder_admin_address + } else { + $cinder_admin_real = $cinder_internal_real + } + if($quantum_public_address) { + $quantum_public_real = $quantum_public_address + } else { + $quantum_public_real = $public_address + } + if($quantum_internal_address) { + $quantum_internal_real = $quantum_internal_address + } else { + $quantum_internal_real = $quantum_public_real + } + if($quantum_admin_address) { + $quantum_admin_real = $quantum_admin_address + } else { + $quantum_admin_real = $quantum_internal_real + } + + class { '::keystone': + verbose => $verbose, + debug => $verbose, + catalog_type => 'sql', + admin_token => $admin_token, + enabled => $enabled, + sql_connection => $sql_conn, + } + + if ($enabled) { + # Setup the admin user + class { 'keystone::roles::admin': + email => $admin_email, + password => $admin_password, + admin_tenant => $admin_tenant, + } + + # Setup the Keystone Identity Endpoint + class { 'keystone::endpoint': + public_address => $public_address, + admin_address => $admin_real, + internal_address => $internal_real, + } + + # Configure Glance endpoint in Keystone + if $glance { + class { 'glance::keystone::auth': + password => $glance_user_password, + public_address => $glance_public_real, + admin_address => $glance_admin_real, + internal_address => $glance_internal_real, + } + } + + # Configure Nova endpoint in Keystone + if $nova { + class { 'nova::keystone::auth': + password => $nova_user_password, + public_address => $nova_public_real, + admin_address => $nova_admin_real, + internal_address => $nova_internal_real, + } + } + + # Configure Nova endpoint in Keystone + if $cinder { + class { 'cinder::keystone::auth': + password => $cinder_user_password, + public_address => $cinder_public_real, + admin_address => $cinder_admin_real, + internal_address => $cinder_internal_real, + } + } + if $quantum { + class { 'quantum::keystone::auth': + password => $quantum_user_password, + public_address => $quantum_public_real, + admin_address => $quantum_admin_real, + internal_address => $quantum_internal_real, + } + } + } + +} diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp new file mode 100644 index 0000000..187ef24 --- /dev/null +++ b/manifests/nova/controller.pp @@ -0,0 +1,172 @@ +# +# == Class: openstack::nova::controller +# +# Class to define nova components used in a controller architecture. +# Basically everything but nova-compute and nova-volume +# +# === Parameters +# +# See params.pp +# +# === Examples +# +# class { 'openstack::nova::controller': +# public_address => '192.168.1.1', +# db_host => '127.0.0.1', +# rabbit_password => 'changeme', +# nova_user_password => 'changeme', +# nova_db_password => 'changeme', +# } +# + +class openstack::nova::controller ( + # Network Required + $public_address, + # Database Required + $db_host, + # Rabbit Required + $rabbit_password, + # Nova Required + $nova_user_password, + $nova_db_password, + # Network + $fixed_range = '10.0.0.0/24', + $floating_range = false, + $internal_address = $public_address, + $admin_address = $public_address, + $auto_assign_floating_ip = false, + $create_networks = true, + $num_networks = 1, + $multi_host = false, + $network_manager = 'nova.network.manager.FlatDHCPManager', + $quantum = true, + # Nova + $nova_db_user = 'nova', + $nova_db_dbname = 'nova', + # Rabbit + $rabbit_user = 'nova', + # Database + $db_type = 'mysql', + # Glance + $glance_api_servers = undef, + # VNC + $vnc_enabled = true, + # General + $keystone_host = '127.0.0.1', + $verbose = 'False', + $enabled = true, + $exported_resources = true +) { + + # Configure the db string + case $db_type { + 'mysql': { + $nova_db = "mysql://${nova_db_user}:${nova_db_password}@${db_host}/${nova_db_dbname}" + } + } + + if ($glance_api_servers == undef) { + $real_glance_api_servers = "${public_address}:9292" + } else { + $real_glance_api_servers = $glance_api_servers + } + if ($exported_resources) { + # export all of the things that will be needed by the clients + @@nova_config { 'rabbit_host': value => $internal_address } + Nova_config <| title == 'rabbit_host' |> + + @@nova_config { 'sql_connection': value => $nova_db } + Nova_config <| title == 'sql_connection' |> + + @@nova_config { 'glance_api_servers': value => $real_glance_api_servers } + Nova_config <| title == 'glance_api_servers' |> + + $sql_connection = false + $glance_connection = false + $rabbit_connection = false + } else { + $sql_connection = $nova_db + $glance_connection = $real_glance_api_servers + $rabbit_connection = $internal_address + } + + # Install / configure rabbitmq + class { 'nova::rabbitmq': + userid => $rabbit_user, + password => $rabbit_password, + enabled => $enabled, + } + + # Configure Nova + class { 'nova': + sql_connection => $sql_connection, + rabbit_userid => $rabbit_user, + rabbit_password => $rabbit_password, + image_service => 'nova.image.glance.GlanceImageService', + glance_api_servers => $glance_connection, + verbose => $verbose, + rabbit_host => $rabbit_connection, + } + + # Configure nova-api + class { 'nova::api': + enabled => $enabled, + admin_password => $nova_user_password, + auth_host => $keystone_host, + } + + # Configure nova-network + if $multi_host { + nova_config { 'multi_host': value => 'True' } + $enable_network_service = false + } else { + if $enabled { + $enable_network_service = true + } else { + $enable_network_service = false + } + } + + if $enabled { + $really_create_networks = $create_networks + } else { + $really_create_networks = false + } + + if $quantum == false { + class { 'nova::network': + private_interface => $private_interface, + public_interface => $public_interface, + fixed_range => $fixed_range, + floating_range => $floating_range, + network_manager => $network_manager, + config_overrides => $network_config, + create_networks => $really_create_networks, + num_networks => $num_networks, + enabled => $enable_network_service, + install_service => $enable_network_service, + } + } + + if $auto_assign_floating_ip { + nova_config { 'auto_assign_floating_ip': value => 'True' } + } + + # a bunch of nova services that require no configuration + class { [ + 'nova::scheduler', + 'nova::objectstore', + 'nova::cert', + 'nova::consoleauth' + ]: + enabled => $enabled, + } + + if $vnc_enabled { + class { 'nova::vncproxy': + host => $public_address, + enabled => $enabled, + } + } + +} diff --git a/manifests/test_file.pp b/manifests/test_file.pp index 564e1e7..6dac6da 100644 --- a/manifests/test_file.pp +++ b/manifests/test_file.pp @@ -2,8 +2,7 @@ # Class that can be used to create a test script for testing an # installed openstack environment. # -# -# +# == Parameters # # [path] Path of test file to be created. Optional. Defaults to /tmp/test_nova.sh # [rc_file_path] Path of openrc file that sets up all authentication environment @@ -13,16 +12,18 @@ # [sleep_time] Used to tune how long to sleep for. Optional. Defaults to 60. # [floating_ip] Rather to test flating ip address allocation. Optional. # Defaults to true. +# class openstack::test_file( $path = '/tmp/test_nova.sh', $rc_file_path = '/root/openrc', $image_type = 'cirros', $sleep_time = '15', - $floating_ip = true + $floating_ip = true, + $quantum = true ) { file { $path: content => template('openstack/test_nova.sh.erb'), - } + } } diff --git a/spec/classes/openstack_compute_spec.rb b/spec/classes/openstack_compute_spec.rb index 0a29651..3422050 100644 --- a/spec/classes/openstack_compute_spec.rb +++ b/spec/classes/openstack_compute_spec.rb @@ -15,18 +15,106 @@ describe 'openstack::compute' do :osfamily => 'Debian', } end - describe "when using default class paramaters" do + + describe "when using default class parameters" do let :params do default_params end it { - should contain_nova_config('multi_host').with({ 'value' => 'False' }) + should contain_class('nova').with( + :sql_connection => false, + :rabbit_host => false, + :rabbit_userid => 'nova', + :rabbit_password => 'rabbit_pw', + :image_service => 'nova.image.glance.GlanceImageService', + :glance_api_servers => false, + :verbose => false + ) + should contain_class('nova::compute').with( + :enabled => true, + :vnc_enabled => true, + :vncserver_proxyclient_address => '0.0.0.0', + :vncproxy_host => false + ) + should contain_class('nova::compute::libvirt').with( + :libvirt_type => 'kvm', + :vncserver_listen => '0.0.0.0' + ) + should contain_nova_config('multi_host').with( :value => 'False' ) + should contain_nova_config('send_arp_for_ha').with( :value => 'False' ) should_not contain_class('nova::api') should_not contain_class('nova::volume') should_not contain_class('nova::volume::iscsi') should contain_class('nova::network').with({ - 'enabled' => false, - 'install_service' => false + :enabled => false, + :install_service => false, + :private_interface => 'eth0', + :public_interface => nil, + :fixed_range => '10.0.0.0/16', + :floating_range => false, + :network_manager => 'nova.network.manager.FlatDHCPManager', + :config_overrides => {}, + :create_networks => false, + :enabled => false, + :install_service => false + }) + } + end + + describe "when overriding parameters, but not enabling multi-host or volume management" do + let :override_params do + { + :private_interface => 'eth1', + :internal_address => '127.0.0.1', + :public_interface => 'eth2', + :sql_connection => 'mysql://user:passwd@host/name', + :nova_user_password => 'nova_pass', + :rabbit_host => 'my_host', + :rabbit_password => 'my_rabbit_pw', + :rabbit_user => 'my_rabbit_user', + :glance_api_servers => ['controller:9292'], + :libvirt_type => 'qemu', + :vncproxy_host => '127.0.0.2', + :vnc_enabled => false, + :verbose => true, + } + end + let :params do + default_params.merge(override_params) + end + it { + should contain_class('nova').with( + :sql_connection => 'mysql://user:passwd@host/name', + :rabbit_host => 'my_host', + :rabbit_userid => 'my_rabbit_user', + :rabbit_password => 'my_rabbit_pw', + :image_service => 'nova.image.glance.GlanceImageService', + :glance_api_servers => ['controller:9292'], + :verbose => true + ) + should contain_class('nova::compute').with( + :enabled => true, + :vnc_enabled => false, + :vncserver_proxyclient_address => '127.0.0.1', + :vncproxy_host => '127.0.0.2' + ) + should contain_class('nova::compute::libvirt').with( + :libvirt_type => 'qemu', + :vncserver_listen => '127.0.0.1' + ) + should contain_nova_config('multi_host').with( :value => 'False' ) + should contain_nova_config('send_arp_for_ha').with( :value => 'False' ) + should_not contain_class('nova::api') + should_not contain_class('nova::volume') + should_not contain_class('nova::volume::iscsi') + should contain_class('nova::network').with({ + :enabled => false, + :install_service => false, + :private_interface => 'eth1', + :public_interface => 'eth2', + :create_networks => false, + :enabled => false, + :install_service => false }) } end @@ -38,16 +126,34 @@ describe 'openstack::compute' do }) end - it { + it do should contain_nova_config('multi_host').with({ 'value' => 'False'}) should_not contain_class('nova::api') - should contain_class('nova::volume') - should contain_class('nova::volume::iscsi') + should contain_class('nova::volume').with(:enabled => true) should contain_class('nova::network').with({ 'enabled' => false, 'install_service' => false }) - } + end + describe 'with default volume settings' do + it { should contain_class('nova::volume::iscsi').with( + :volume_group => 'nova-volumes', + :iscsi_ip_address => '0.0.0.0' + )} + end + describe 'when overriding volume parameters' do + let :params do + default_params.merge({ + :manage_volumes => true, + :nova_volume => 'nova-volumes2', + :internal_address => '127.0.0.1' + }) + end + it { should contain_class('nova::volume::iscsi').with( + :volume_group => 'nova-volumes2', + :iscsi_ip_address => '127.0.0.1' + ) } + end end describe "when configuring for multi host" do @@ -59,8 +165,9 @@ describe 'openstack::compute' do end it { + should contain_class('keystone::python') should contain_nova_config('multi_host').with({ 'value' => 'True'}) - should contain_class('nova::api') + should contain_nova_config('send_arp_for_ha').with(:value => 'True') should_not contain_class('nova::volume') should_not contain_class('nova::volume::iscsi') should contain_class('nova::network').with({ @@ -68,6 +175,26 @@ describe 'openstack::compute' do 'install_service' => true }) } + describe 'with defaults' do + it { should contain_class('nova::api').with( + :enabled => true, + :admin_tenant_name => 'services', + :admin_user => 'nova', + :admin_password => 'nova_pass' + )} + end + describe 'when overrding nova volumes' do + let :params do + default_params.merge({ + :multi_host => true, + :public_interface => 'eth0', + :nova_user_password => 'foo' + }) + end + it { should contain_class('nova::api').with( + :admin_password => 'foo' + )} + end end describe "when configuring for multi host without a public interface" do @@ -102,4 +229,31 @@ describe 'openstack::compute' do }) } end + + describe 'when overriding network params' do + let :params do + default_params.merge({ + :multi_host => true, + :public_interface => 'eth0', + :manage_volumes => true, + :private_interface => 'eth1', + :public_interface => 'eth2', + :fixed_range => '12.0.0.0/24', + :network_manager => 'nova.network.manager.VlanManager', + :network_config => {'vlan_interface' => 'eth0'} + }) + end + it { should contain_class('nova::network').with({ + :private_interface => 'eth1', + :public_interface => 'eth2', + :fixed_range => '12.0.0.0/24', + :floating_range => false, + :network_manager => 'nova.network.manager.VlanManager', + :config_overrides => {'vlan_interface' => 'eth0'}, + :create_networks => false, + 'enabled' => true, + 'install_service' => true + })} + + end end diff --git a/spec/classes/openstack_controller_spec.rb b/spec/classes/openstack_controller_spec.rb index 76335fd..45cdaa9 100644 --- a/spec/classes/openstack_controller_spec.rb +++ b/spec/classes/openstack_controller_spec.rb @@ -1,5 +1,385 @@ require 'spec_helper' describe 'openstack::controller' do + let :default_params do + { + :private_interface => 'eth0', + :public_interface => 'eth1', + :internal_address => '127.0.0.1', + :public_address => '10.0.0.1', + :export_resources => false, + } + end + + let :facts do + { + :operatingsystem => 'Ubuntu', + :osfamily => 'Debian', + :concat_basedir => '/tmp/', + :puppetversion => '2.7.x', + :memorysize => '2GB', + :processorcount => '2' + } + end + let :params do + default_params + end + + it { should_not contain_nova_config('auto_assign_floating_ip') } + describe 'when auto assign floating ip is assigned' do + let :params do + default_params.merge(:auto_assign_floating_ip => 'true') + end + it { should contain_nova_config('auto_assign_floating_ip').with(:value => 'True')} + end + + it do + should contain_class('mysql::server').with( + :config_hash => {'bind_address' => '0.0.0.0', 'root_password' => 'sql_pass' } + ) + should contain_class('memcached').with( + :listen_ip => '127.0.0.1' + ) + end + + describe 'when enabled' do + it 'should contain enabled database configs' do + should contain_class('mysql::server').with( + :enabled => true + ) + should contain_class('keystone::db::mysql').with( + :password => 'keystone_pass' + ) + should contain_class('glance::db::mysql').with( + :host => '127.0.0.1', + :password => 'glance_pass', + :before => ["Class[Glance::Registry]", "Exec[glance-manage db_sync]"] + ) + should contain_class('nova::db::mysql').with( + :password => 'nova_pass', + :host => '127.0.0.1', + :allowed_hosts => '%' + ) + end + it 'should contain enabled keystone configs with defaults' do + + should contain_class('keystone').with( + :admin_token => 'keystone_admin_token', + :bind_host => '0.0.0.0', + :verbose => false, + :debug => false, + :catalog_type => 'sql', + :enabled => true + ) + should contain_class('keystone::config::mysql').with( + :password => 'keystone_pass' + ) + should contain_class('keystone::roles::admin').with( + :email => 'some_user@some_fake_email_address.foo', + :password => 'ChangeMe' + ) + should contain_class('keystone::endpoint').with( + :public_address => '10.0.0.1', + :internal_address => '127.0.0.1', + :admin_address => '127.0.0.1' + ) + should contain_class('glance::keystone::auth').with( + :password => 'glance_pass', + :public_address => '10.0.0.1', + :internal_address => '127.0.0.1', + :admin_address => '127.0.0.1' + #:before => ['Class[glance::api]', 'Class[glance::registry]'] + ) + should contain_class('nova::keystone::auth').with( + :password => 'nova_pass', + :public_address => '10.0.0.1', + :internal_address => '127.0.0.1', + :admin_address => '127.0.0.1' + #:before => 'Class[nova::api]' + ) + should contain_class('glance::api').with( + :verbose => false, + :debug => false, + :auth_type => 'keystone', + :auth_host => '127.0.0.1', + :auth_port => '35357', + :keystone_tenant => 'services', + :keystone_user => 'glance', + :keystone_password => 'glance_pass', + :enabled => true + ) + should contain_class('glance::backend::file') + + should contain_class('glance::registry').with( + :verbose => false, + :debug => false, + :auth_type => 'keystone', + :auth_host => '127.0.0.1', + :auth_port => '35357', + :keystone_tenant => 'services', + :keystone_user => 'glance', + :keystone_password => 'glance_pass', + :sql_connection => "mysql://glance:glance_pass@127.0.0.1/glance", + :enabled => true + ) + should contain_class('nova::rabbitmq').with( + :userid => 'nova', + :password => 'rabbit_pw', + :enabled => true + ) + should contain_class('nova').with( + :sql_connection => 'mysql://nova:nova_pass@127.0.0.1/nova', + :rabbit_host => '127.0.0.1', + :rabbit_userid => 'nova', + :rabbit_password => 'rabbit_pw', + :image_service => 'nova.image.glance.GlanceImageService', + :glance_api_servers => '10.0.0.1:9292', + :verbose => false + ) + should contain_class('nova::api').with( + :enabled => true, + :admin_tenant_name => 'services', + :admin_user => 'nova', + :admin_password => 'nova_pass' + ) + should contain_class('nova::cert').with(:enabled => true) + should contain_class('nova::consoleauth').with(:enabled => true) + should contain_class('nova::scheduler').with(:enabled => true) + should contain_class('nova::objectstore').with(:enabled => true) + should contain_class('nova::vncproxy').with(:enabled => true) + should contain_class('horizon').with( + :secret_key => 'dummy_secret_key', + :cache_server_ip => '127.0.0.1', + :cache_server_port => '11211', + :swift => false, + :quantum => false, + :horizon_app_links => false + ) + + end + describe 'when overriding params' do + let :params do + default_params.merge( + :keystone_db_password => 'pass', + :glance_db_password => 'pass2', + :nova_db_password => 'pass3', + :verbose => true, + :keystone_admin_token => 'foo', + :nova_user_password => 'pass5', + :glance_user_password => 'pass6', + :admin_email => 'dan@puppetlabs.com', + :admin_address => '127.0.0.2', + :admin_password => 'pass7', + :rabbit_user => 'rabby', + :rabbit_password => 'rabby_pw', + :fixed_range => '10.0.0.0/24', + :floating_range => '11.0.0.0/24', + :network_manager => 'nova.network.manager.VlanManager', + :network_config => {'vlan_interface' => 'eth4'}, + :num_networks => 2, + :secret_key => 'real_secret_key', + :cache_server_ip => '127.0.0.2', + :cache_server_port => '11212', + :swift => true, + :quantum => true, + :horizon_app_links => true, + :glance_api_servers => '127.0.0.1:9292' + ) + end + it 'should override db config' do + should contain_class('keystone::db::mysql').with( + :password => 'pass' + ) + should contain_class('glance::db::mysql').with( + :password => 'pass2' + ) + should contain_class('nova::db::mysql').with( + :password => 'pass3' + ) + end + + it 'should override keystone config' do + should contain_class('keystone').with( + :verbose => true, + :debug => true, + :admin_token => 'foo' + ) + should contain_class('keystone::config::mysql').with( + :password => 'pass' + ) + should contain_class('keystone::endpoint').with( + :admin_address => '127.0.0.2' + ) + should contain_class('keystone::roles::admin').with( + :email => 'dan@puppetlabs.com', + :password => 'pass7' + ) + should contain_class('glance::keystone::auth').with( + :password => 'pass6', + :admin_address => '127.0.0.2' + ) + should contain_class('nova::keystone::auth').with( + :password => 'pass5', + :admin_address => '127.0.0.2' + ) + end + it 'should override glance config' do + should contain_class('glance::api').with( + :verbose => true, + :debug => true, + :keystone_password => 'pass6', + :enabled => true + ) + should contain_class('glance::registry').with( + :verbose => true, + :debug => true, + :keystone_password => 'pass6', + :sql_connection => "mysql://glance:pass2@127.0.0.1/glance", + :enabled => true + ) + end + it 'should override nova config' do + should contain_class('nova::rabbitmq').with( + :userid => 'rabby', + :password => 'rabby_pw', + :enabled => true + ) + should contain_class('nova').with( + :sql_connection => 'mysql://nova:pass3@127.0.0.1/nova', + :rabbit_host => '127.0.0.1', + :rabbit_userid => 'rabby', + :rabbit_password => 'rabby_pw', + :image_service => 'nova.image.glance.GlanceImageService', + :glance_api_servers => '127.0.0.1:9292', + :verbose => true + ) + should contain_class('nova::api').with( + :enabled => true, + :admin_tenant_name => 'services', + :admin_user => 'nova', + :admin_password => 'pass5' + ) + should contain_class('nova::network').with( + :fixed_range => '10.0.0.0/24', + :floating_range => '11.0.0.0/24', + :network_manager => 'nova.network.manager.VlanManager', + :config_overrides => {'vlan_interface' => 'eth4'}, + :num_networks => 2 + ) + end + describe 'it should override horizon params' do + it { should contain_class('horizon').with( + :secret_key => 'real_secret_key', + :cache_server_ip => '127.0.0.2', + :cache_server_port => '11212', + :swift => true, + :quantum => true, + :horizon_app_links => true + )} + end + end + end + + describe 'when not enabled' do + let :params do + default_params.merge(:enabled => false) + end + it do + should contain_class('mysql::server').with( + :enabled => false + ) + should_not contain_class('keystone::db::mysql') + should_not contain_class('glance::db::mysql') + should_not contain_class('nova::db::mysql') + should contain_class('keystone::config::mysql') + should contain_class('keystone').with(:enabled => false) + should_not contain_class('keystone::roles::admin') + should_not contain_class('keystone::endpoint') + should_not contain_class('glance::keystone::auth') + should_not contain_class('nova::keystone::auth') + should contain_class('glance::api').with(:enabled => false) + should contain_class('glance::backend::file') + should contain_class('glance::registry').with(:enabled => false) + should contain_class('nova::rabbitmq').with(:enabled => false) + should contain_class('nova::api').with(:enabled => false) + should contain_class('nova::cert').with(:enabled => false) + should contain_class('nova::consoleauth').with(:enabled => false) + should contain_class('nova::scheduler').with(:enabled => false) + should contain_class('nova::objectstore').with(:enabled => false) + should contain_class('nova::vncproxy').with(:enabled => false) + end + end + + describe 'nova network config' do + + describe 'when enabled' do + + describe 'when multihost is not set' do + + it {should contain_class('nova::network').with( + :private_interface => 'eth0', + :public_interface => 'eth1', + :fixed_range => '10.0.0.0/24', + :floating_range => false, + :network_manager => 'nova.network.manager.FlatDHCPManager', + :config_overrides => {}, + :create_networks => true, + :num_networks => 1, + :enabled => true, + :install_service => true + )} + + end + describe 'when multihost is set' do + let :params do + default_params.merge(:multi_host => true) + end + it { should contain_nova_config('multi_host').with(:value => 'True')} + it {should contain_class('nova::network').with( + :create_networks => true, + :enabled => false, + :install_service => false + )} + + end + + end + + describe 'when not enabled' do + + describe 'when multihost is set' do + let :params do + default_params.merge( + :multi_host => true, + :enabled => false + ) + end + + it {should contain_class('nova::network').with( + :create_networks => false, + :enabled => false, + :install_service => false + )} + + end + describe 'when multihost is not set' do + let :params do + default_params.merge( + :multi_host => false, + :enabled => false + ) + end + + it {should contain_class('nova::network').with( + :create_networks => false, + :enabled => false, + :install_service => false + )} + + end + + end + + end end diff --git a/templates/test_nova.sh.erb b/templates/test_nova.sh.erb index 715241f..d1a2f06 100644 --- a/templates/test_nova.sh.erb +++ b/templates/test_nova.sh.erb @@ -24,44 +24,51 @@ wget http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd6 glance add name="precise-amd64" is_public=true container_format=ovf disk_format=qcow2 < precise-server-cloudimg-amd64-disk1.img # Caputre the Image ID so taht we can call the right UUID for this image IMAGE_ID=`glance index | grep 'precise-amd64' | head -1 | awk -F' ' '{print $1}'` +<% end -%> login_user='ubuntu' -<% end -%> # create a pub/priv keypair ssh-keygen -f /tmp/id_rsa -t rsa -N '' #add the public key to nova. -nova keypair-add --pub_key /tmp/id_rsa.pub key_cirros +nova --no-cache keypair-add --pub_key /tmp/id_rsa.pub key_cirros -<% if floating_ip -%> -# create a security group so that we can allow ssh, http, and ping traffic -# when we add a floating IP (assuming you are adding floating IPs) -nova secgroup-create nova_test 'Cirros test security group' -nova secgroup-add-rule nova_test tcp 22 22 0.0.0.0/0 -nova secgroup-add-rule nova_test tcp 80 80 0.0.0.0/0 -nova secgroup-add-rule nova_test icmp -1 -1 0.0.0.0/0 - -# request a floating IP address, and extract the address from the results message -floating_ip=`nova floating-ip-create | grep None | awk '{print $2}'` -<% end -%> instance_name='<%= image_type %>_test_vm' -# Boot the added image against the "1" flavor which by default maps to a micro instance. <% if floating_ip -%> Include the cirros_test group so our address will work when we add it later <% end %> -nova boot --flavor 1 <% if floating_ip -%>--security_groups nova_test<% end %> --image ${IMAGE_ID} --key_name key_cirros $instance_name + +<% if quantum -%> +quantum net-create net1 +quantum subnet-create net1 10.0.0.0/24 +quantum_net=`quantum net-list | grep net1 | awk -F' ' '{print $2}'` +nova --no-cache boot --flavor 1 --image $IMAGE_ID --key_name key_cirros --nic net-id=$quantum_net $instance_name +<% else -%> + <% if floating_ip -%> +# create a security group so that we can allow ssh, http, and ping traffic +# when we add a floating IP (assuming you are adding floating IPs) +nova --no-cache secgroup-create nova_test 'Cirros test security group' +nova --no-cache secgroup-add-rule nova_test tcp 22 22 0.0.0.0/0 +nova --no-cache secgroup-add-rule nova_test tcp 80 80 0.0.0.0/0 +nova --no-cache secgroup-add-rule nova_test icmp -1 -1 0.0.0.0/0 +# request a floating IP address, and extract the address from the results message +floating_ip=`nova --no-cache floating-ip-create | grep None | awk '{print $2}'` + <% end -%> + # Boot the added image against the "1" flavor which by default maps to a micro instance. <% if floating_ip -%> Include the cirros_test group so our address will work when we add it later <% end %> +nova --no-cache boot --flavor 1 <% if floating_ip -%>--security_groups nova_test<% end %> --image ${IMAGE_ID} --key_name key_cirros $instance_name +<% end -%> # let the system catch up sleep <%= sleep_time %> # Show the state of the system we just requested. -nova show $instance_name +nova --no-cache show $instance_name # wait for the server to boot sleep <%= sleep_time %> <% if floating_ip -%> # Now add the floating IP we reserved earlier to the machine. -nova add-floating-ip $instance_name $floating_ip +nova --no-cache add-floating-ip $instance_name $floating_ip # Wait and then try to SSH to the node, leveraging the private key # we generated earlier. sleep <%= sleep_time %> diff --git a/tests/all.pp b/tests/all.pp new file mode 100644 index 0000000..56758ee --- /dev/null +++ b/tests/all.pp @@ -0,0 +1,15 @@ +class { 'openstack::all': + public_address => $::ipaddress_eth0, + mysql_root_password => 'password', + rabbit_password => 'password', + keystone_db_password => 'password', + keystone_admin_token => '12345', + admin_email => 'root@localhost', + admin_password => 'password', + nova_db_password => 'password', + nova_user_password => 'password', + glance_db_password => 'password', + glance_user_password => 'password', + libvirt_type => 'qemu', + secret_key => '12345', +} diff --git a/tests/cloudcontroller.pp b/tests/cloudcontroller.pp new file mode 100644 index 0000000..79b2453 --- /dev/null +++ b/tests/cloudcontroller.pp @@ -0,0 +1,16 @@ +class { 'openstack::controller': + public_address => $::ipaddress_eth0, + mysql_root_password => 'password', + allowed_hosts => ['127.0.0.%', '192.168.1.%'], + rabbit_password => 'password', + keystone_db_password => 'password', + keystone_admin_token => '12345', + admin_email => 'root@localhost', + admin_password => 'password', + nova_db_password => 'password', + nova_user_password => 'password', + glance_db_password => 'password', + glance_user_password => 'password', + secret_key => '12345', + exported_resources => false, +} diff --git a/tests/compute.pp b/tests/compute.pp new file mode 100644 index 0000000..6dd835d --- /dev/null +++ b/tests/compute.pp @@ -0,0 +1,10 @@ +class { 'openstack::nova::compute': + exported_resources => false, + sql_connection => 'mysql://foo:bar@192.168.1.1/nova', + glance_api_servers => '192.168.1.1:9292', + internal_address => $::ipaddress_eth1, + rabbit_password => 'password', + nova_user_password => 'password', + libvirt_type => 'qemu', + vncproxy_host => '192.168.1.1', +}