From 89beb232e4942a933f899f1f5ee1416d40d60123 Mon Sep 17 00:00:00 2001 From: Joe Topjian Date: Thu, 12 Jul 2012 05:33:18 +0000 Subject: [PATCH 01/43] Beginning cleanup/refactor of puppetlabs-openstack. Started to create individual manifests for core openstack components such as Glance, keystone, nova, and horizon. Began to incorporate those manifests into main manifests. Wrote some tests. Fixed some typos. --- README.md | 4 +- manifests/all.pp | 410 ++++++++++++++------------------ manifests/auth_file.pp | 14 +- manifests/compute.pp | 223 ++++++++--------- manifests/controller.pp | 449 ++++++++++++----------------------- manifests/db/mysql.pp | 79 ++++++ manifests/glance.pp | 77 ++++++ manifests/horizon.pp | 33 +++ manifests/keystone.pp | 74 ++++++ manifests/nova/compute.pp | 107 +++++++++ manifests/nova/controller.pp | 165 +++++++++++++ manifests/params.pp | 362 ++++++++++++++++++++++++++++ tests/all.pp | 1 + tests/cloudcontroller.pp | 1 + tests/compute.pp | 4 + 15 files changed, 1339 insertions(+), 664 deletions(-) create mode 100644 manifests/db/mysql.pp create mode 100644 manifests/glance.pp create mode 100644 manifests/horizon.pp create mode 100644 manifests/keystone.pp create mode 100644 manifests/nova/compute.pp create mode 100644 manifests/nova/controller.pp create mode 100644 manifests/params.pp create mode 100644 tests/all.pp create mode 100644 tests/cloudcontroller.pp create mode 100644 tests/compute.pp diff --git a/README.md b/README.md index 454016d..5304329 100644 --- a/README.md +++ b/README.md @@ -50,9 +50,9 @@ These modules are based on the adminstrative guides for openstack called br100 that bridges into the ip address specified on that NIC All interfaces that are used to bridge traffic for the internal network - need to have permiscous mode set. + need to have promiscuous mode set. - Below is an example of setting permiscuos mode on an interface on Ubuntu. + Below is an example of setting promiscuous mode on an interface on Ubuntu. #/etc/network/interfaces diff --git a/manifests/all.pp b/manifests/all.pp index 6c4200d..7c01e90 100644 --- a/manifests/all.pp +++ b/manifests/all.pp @@ -3,46 +3,17 @@ # # Class that performs a basic openstack all in one installation. # -# === Parameterrs +# === Parameters # -# TODO public address should be optional. -# [public_address] Public address used by vnchost. Required. -# [public_interface] The interface used to route public traffic by the -# network service. -# [private_interface] The private interface used to bridge the VMs into a common network. -# [floating_range] The floating ip range to be created. If it is false, then no floating ip range is created. -# Optional. Defaults to false. -# [fixed_range] The fixed private ip range to be created for the private VM network. Optional. Defaults to '10.0.0.0/24'. -# [network_manager] The network manager to use for the nova network service. -# Optional. Defaults to 'nova.network.manager.FlatDHCPManager'. -# [auto_assign_floating_ip] Rather configured to automatically allocate and -# assign a floating IP address to virtual instances when they are launched. -# Defaults to false. -# [network_config] Used to specify network manager specific parameters .Optional. Defualts to {}. -# [mysql_root_password] The root password to set for the mysql database. Optional. Defaults to sql_pass'. -# [rabbit_password] The password to use for the rabbitmq user. Optional. Defaults to rabbit_pw' -# [rabbit_user] The rabbitmq user to use for auth. Optional. Defaults to nova'. -# [admin_email] The admin's email address. Optional. Defaults to someuser@some_fake_email_address.foo'. -# [admin_password] The default password of the keystone admin. Optional. Defaults to ChangeMe'. -# [keystone_db_password] The default password for the keystone db user. Optional. Defaults to keystone_pass'. -# [keystone_admin_token] The default auth token for keystone. Optional. Defaults to keystone_admin_token'. -# [nova_db_password] The nova db password. Optional. Defaults to nova_pass'. -# [nova_user_password] The password of the keystone user for the nova service. Optional. Defaults to nova_pass'. -# [glance_db_password] The password for the db user for glance. Optional. Defaults to 'glance_pass'. -# [glance_user_password] The password of the glance service user. Optional. Defaults to 'glance_pass'. -# [secret_key] The secret key for horizon. Optional. Defaults to 'dummy_secret_key'. -# [verbose] If the services should log verbosely. Optional. Defaults to false. -# [purge_nova_config] Whether unmanaged nova.conf entries should be purged. Optional. Defaults to true. -# [libvirt_type] The virualization type being controlled by libvirt. Optional. Defaults to 'kvm'. -# [nova_volume] The name of the volume group to use for nova volume allocation. Optional. Defaults to 'nova-volumes'. +# See params.pp # # === Examples # # class { 'openstack::all': # public_address => '192.168.0.3', -# public_interface => eth0, -# private_interface => eth1, -# admin_email => my_email@mw.com, +# public_interface => 'eth0', +# private_interface => 'eth1', +# admin_email => 'my_email@mw.com', # admin_password => 'my_admin_password', # libvirt_type => 'kvm', # } @@ -52,38 +23,111 @@ # Dan Bode # # -class openstack::all( - # passing in the public ipaddress is required - $public_address, - $public_interface, - $private_interface, - $floating_range = false, - $fixed_range = '10.0.0.0/24', - $network_manager = 'nova.network.manager.FlatDHCPManager', - $network_config = {}, - # middleware credentials - $mysql_root_password = undef, - $rabbit_password = 'rabbit_pw', - $rabbit_user = 'nova', - # opestack credentials - $admin_email = 'someuser@some_fake_email_address.foo', - $admin_password = 'ChangeMe', - $keystone_db_password = 'keystone_pass', - $keystone_admin_token = 'keystone_admin_token', - $keystone_admin_tenant = 'openstack', - $nova_db_password = 'nova_pass', - $nova_user_password = 'nova_pass', - $glance_db_password = 'glance_pass', - $glance_user_password = 'glance_pass', - $secret_key = 'dummy_secret_key', - # config - $verbose = false, - $auto_assign_floating_ip = false, - $purge_nova_config = true, - $libvirt_type = 'kvm', - $nova_volume = 'nova-volumes' -) { +class openstack::all ( + # Network + $public_address = $::openstack::params::public_address, + $public_interface = $::openstack::params::public_interface, + $private_interface = $::openstack::params::private_interface, + $fixed_range = $::openstack::params::fixed_range, + $network_manager = $::openstack::params::network_manager, + $network_config = $::openstack::params::network_config, + $auto_assign_floating_ip = $::openstack::params::auto_assign_floating_ip, + $floating_range = $::openstack::params::floating_range, + $create_networks = $::openstack::params::create_networks, + $num_networks = $::openstack::params::num_networks, + # MySQL + $db_type = $::openstack::params::db_type, + $mysql_root_password = $::openstack::params::mysql_root_password, + $mysql_account_security = $::openstack::params::mysql_account_security, + # Rabbit + $rabbit_password = $::openstack::params::rabbit_password, + $rabbit_user = $::openstack::params::rabbit_user, + # Keystone + $admin_email = $::openstack::params::admin_email, + $admin_password = $::openstack::params::admin_password, + $keystone_db_user = $::openstack::params::keystone_db_user, + $keystone_db_password = $::openstack::params::keystone_db_password, + $keystone_db_dbname = $::openstack::params::keystone_db_dbname, + $keystone_admin_token = $::openstack::params::keystone_admin_token, + # Nova + $nova_db_user = $::openstack::params::nova_db_user, + $nova_db_password = $::openstack::params::nova_db_password, + $nova_user_password = $::openstack::params::nova_user_password, + $nova_db_dbname = $::openstack::params::nova_db_dbname, + $purge_nova_config = $::openstack::params::purge_nova_config, + # Glance + $glance_db_user = $::openstack::params::glance_db_user, + $glance_db_password = $::openstack::params::glance_db_password, + $glance_db_dbname = $::openstack::params::glance_db_dbname, + $glance_user_password = $::openstack::params::glance_user_password, + # Horizon + $secret_key = $::openstack::params::secret_key, + $cache_server_ip = $::openstack::params::cache_server_ip, + $cache_server_port = $::openstack::params::cache_server_port, + $swift = $::openstack::params::swift, + $quantum = $::openstack::params::quantum, + $horizon_app_links = $::openstack::params::horizon_app_links, + # Virtaulization + $libvirt_type = $::openstack::params::libvirt_type, + # Volume + $nova_volume = $::openstack::params::nova_volume, + # VNC + $vnc_enabled = $::openstack::params::vnc_enabled, + # General + $enabled = $::openstack::params::enabled, + $verbose = $::openstack::params::verbose +) inherits openstack::params { + # set up mysql server + case $db_type { + 'mysql': { + class { 'openstack::db::mysql': + mysql_root_password => $mysql_root_password, + mysql_bind_address => '127.0.0.1', + mysql_account_security => $mysql_account_security, + keystone_db_user => $keystone_db_user, + keystone_db_password => $keystone_db_password, + keystone_db_dbname => $keystone_db_dbname, + glance_db_user => $glance_db_user, + glance_db_password => $glance_db_password, + glance_db_dbname => $glance_db_dbname, + nova_db_user => $nova_db_user, + nova_db_password => $nova_db_password, + nova_db_dbname => $nova_db_dbname, + } + } + } + ####### KEYSTONE ########### + class { 'openstack::keystone': + verbose => $verbose, + db_type => $db_type, + db_host => '127.0.0.1', + keystone_db_password => $keystone_db_password, + keystone_db_dbname => $keystone_db_dbname, + keystone_db_user => $keystone_db_user, + keystone_admin_token => $keystone_admin_token, + admin_email => $admin_email, + admin_password => $admin_password, + public_address => $public_address, + internal_address => '127.0.0.1', + admin_address => '127.0.0.1', + } + + ######## GLANCE ########## + class { 'openstack::glance': + verbose => $verbose, + db_type => $db_type, + db_host => '127.0.0.1', + glance_db_user => $glance_db_user, + glance_db_dbname => $glance_db_dbname, + glance_db_password => $glance_db_password, + glance_user_password => $glance_user_password, + public_address => $public_address, + admin_address => '127.0.0.1', + internal_address => '127.0.0.1', + } + + ######## NOVA ########### # # indicates that all nova config entries that we did @@ -95,184 +139,78 @@ class openstack::all( } } - # set up mysql server - class { 'mysql::server': - config_hash => { - # the priv grant fails on precise if I set a root password - 'root_password' => $mysql_root_password, - 'bind_address' => '127.0.0.1' - } + class { 'openstack::nova::controller': + # Network + network_manager => $network_manager, + network_config => $network_config, + private_interface => $private_interface, + public_interface => $public_interface, + floating_range => $floating_range, + fixed_range => $fixed_range, + public_address => $public_address, + admin_address => '127.0.0.1', + internal_address => '127.0.0.1', + auto_assign_floating_ip => $auto_assign_floating_ip, + create_networks => $create_networks, + num_networks => $num_networks, + multi_host => false, + # Nova + nova_user_password => $nova_user_password, + nova_db_password => $nova_db_password, + nova_db_user => $nova_db_user, + nova_db_dbname => $nova_db_dbname, + # Rabbit + rabbit_user => $rabbit_user, + rabbit_password => $rabbit_password, + # Glance + glance_api_servers => '127.0.0.1:9292', + # VNC + vnc_enabled => $vnc_enabled, + # General + verbose => $verbose, + enabled => $enabled, + exported_resources => false, } - ####### KEYSTONE ########### - - # set up keystone database - class { 'keystone::db::mysql': - password => $keystone_db_password, - } - # set up the keystone config for mysql - class { 'keystone::config::mysql': - password => $keystone_db_password, - } - # set up keystone - class { 'keystone': - admin_token => $keystone_admin_token, - bind_host => '0.0.0.0', - log_verbose => $verbose, - log_debug => $verbose, - catalog_type => 'sql', - } - # set up keystone admin users - class { 'keystone::roles::admin': - email => $admin_email, - password => $admin_password, - admin_tenant => $keystone_admin_tenant, - } - # set up the keystone service and endpoint - class { 'keystone::endpoint': } - - ######## END KEYSTONE ########## - - ######## BEGIN GLANCE ########## - - # set up keystone user, endpoint, service - class { 'glance::keystone::auth': - password => $glance_user_password, - public_address => $public_address, - } - - # creat glance db/user/grants - class { 'glance::db::mysql': - host => '127.0.0.1', - password => $glance_db_password, - } - - # configure glance api - class { 'glance::api': - log_verbose => $verbose, - log_debug => $verbose, - auth_type => 'keystone', - auth_host => '127.0.0.1', - auth_port => '35357', - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => $glance_user_password, - } - - # configure glance to store images to disk - class { 'glance::backend::file': } - - class { 'glance::registry': - log_verbose => $verbose, - log_debug => $verbose, - auth_type => 'keystone', - auth_host => '127.0.0.1', - auth_port => '35357', - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => $glance_user_password, - sql_connection => "mysql://glance:${glance_db_password}@127.0.0.1/glance", - } - - - ######## END GLANCE ########### - - ######## BEGIN NOVA ########### - - class { 'nova::keystone::auth': - password => $nova_user_password, - public_address => $public_address, - } - - class { 'nova::rabbitmq': - userid => $rabbit_user, - password => $rabbit_password, - } - - class { 'nova::db::mysql': - password => $nova_db_password, - host => 'localhost', - } - - class { 'nova': - sql_connection => "mysql://nova:${nova_db_password}@localhost/nova", - rabbit_userid => $rabbit_user, - rabbit_password => $rabbit_password, - image_service => 'nova.image.glance.GlanceImageService', - glance_api_servers => '127.0.0.1:9292', - verbose => $verbose, - } - - class { 'nova::api': - enabled => true, - admin_password => $nova_user_password, - } - - # set up networking - class { 'nova::network': - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - floating_range => $floating_range, - install_service => true, - enabled => true, - network_manager => $network_manager, - config_overrides => $network_config, - create_networks => true, - } - - if $auto_assign_floating_ip { - nova_config { 'auto_assign_floating_ip': value => 'True'; } - } - - # a bunch of nova services that require no configuration - class { [ - 'nova::scheduler', - 'nova::objectstore', - 'nova::volume', - 'nova::cert', - 'nova::consoleauth' - ]: - enabled => true - } - - class { 'nova::vncproxy': - enabled => true, - host => $public_hostname, - } - - class { 'nova::compute': - enabled => true, - vnc_enabled => true, + class { 'openstack::nova::compute': + # Network + public_address => $public_address, + private_interface => $private_interface, + public_interface => $public_interface, + fixed_range => $fixed_range, + network_manager => $network_manager, + network_config => $network_config, + multi_host => false, + # Virtualization + libvirt_type => $libvirt_type, + # Volumes + nova_volume => $nova_volume, + manage_volumes => true, + iscsi_ip_address => '127.0.0.1', + # VNC + vnc_enabled => $vnc_enabled, + vncserver_listen => $vnc_server_listen, vncserver_proxyclient_address => '127.0.0.1', - vncproxy_host => $public_address, + vncproxy_host => '127.0.0.1', + # Nova + nova_user_password => $nova_user_password, + # General + verbose => $verbose, + exported_resources => false, + enabled => $enabled, } - class { 'nova::compute::libvirt': - libvirt_type => $libvirt_type, - vncserver_listen => '127.0.0.1', - } - - class { 'nova::volume::iscsi': - volume_group => $nova_volume, - iscsi_ip_address => '127.0.0.1', - } - -# nova::network::bridge { 'br100': -# ip => '11.0.0.1', -# netmask => '255.255.255.0', -# } - ######## Horizon ######## - - class { 'memcached': - listen_ip => '127.0.0.1', + class { 'openstack::horizon': + secret_key => $secret_key, + cache_server_ip => $cache_server_ip, + cache_server_port => $cache_server_port, + swift => $swift, + quantum => $quantum, + horizon_app_links => $horizon_app_links, } - class { 'horizon': - secret_key => $secret_key, - } - - ######## End Horizon ##### + ######## auth file ######## + class { 'openstack::auth_file': } } diff --git a/manifests/auth_file.pp b/manifests/auth_file.pp index 1d1aaad..e0256d5 100644 --- a/manifests/auth_file.pp +++ b/manifests/auth_file.pp @@ -4,11 +4,11 @@ # against a keystone server. # class openstack::auth_file( - $admin_password, - $controller_node = '127.0.0.1', - $keystone_admin_token = 'keystone_admin_token', - $admin_user = 'admin', - $admin_tenant = 'openstack' + $admin_password = $::openstack::params::admin_password, + $public_address = $::openstack::params::public_address, + $keystone_admin_token = $::openstack::params::keystone_admin_token, + $admin_tenant = $::openstack::params::keystone_admin_tenant, + $admin_user = 'admin' ) { file { '/root/openrc': content => @@ -16,10 +16,10 @@ class openstack::auth_file( export OS_TENANT_NAME=${admin_tenant} export OS_USERNAME=${admin_user} export OS_PASSWORD=${admin_password} - export OS_AUTH_URL=\"http://${controller_node}:5000/v2.0/\" + export OS_AUTH_URL=\"http://${public_address}:5000/v2.0/\" export OS_AUTH_STRATEGY=keystone export SERVICE_TOKEN=${keystone_admin_token} - export SERVICE_ENDPOINT=http://${controller_node}:35357/v2.0/ + export SERVICE_ENDPOINT=http://${public_address}:35357/v2.0/ " } } diff --git a/manifests/compute.pp b/manifests/compute.pp index 27f0df9..172d1c1 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -1,4 +1,6 @@ # +# == Class: openstack::compute +# # This class is intended to serve as # a way of deploying compute nodes. # @@ -7,142 +9,115 @@ # - flatdhcp networking is used # - glance is used as the backend for the image service # -# TODO - I need to make the choise of networking configurable +# === Parameters # +# See params.pp # -# [private_interface] Interface used for vm networking connectivity. Required. -# [internal_address] Internal address used for management. Required. -# [public_interface] Public interface used to route public traffic. Optional. -# Defaults to false. -# [fixed_range] Range of ipv4 network for vms. -# [network_manager] Nova network manager to use. -# [multi_host] Rather node should support multi-host networking mode for HA. -# Optional. Defaults to false. -# [network_config] Hash that can be used to pass implementation specifc -# network settings. Optioal. Defaults to {} -# [sql_connection] SQL connection information. Optional. Defaults to false -# which indicates that exported resources will be used to determine connection -# information. -# [nova_user_password] Nova service password. -# [rabbit_host] RabbitMQ host. False indicates it should be collected. -# Optional. Defaults to false, -# [rabbit_password] RabbitMQ password. Optional. Defaults to 'rabbit_pw', -# [rabbit_user] RabbitMQ user. Optional. Defaults to 'nova', -# [glance_api_servers] List of glance api servers of the form HOST:PORT -# delimited by ':'. False indicates that the resource should be collected. -# Optional. Defaults to false, -# [libvirt_type] Underlying libvirt supported hypervisor. -# Optional. Defaults to 'kvm', -# [vncproxy_host] Host that serves as vnc proxy. Optional. -# Defaults to false. False indicates that a vnc proxy should not be configured. -# [vnc_enabled] Rather vnc console should be enabled. -# Optional. Defaults to 'true', -# [verbose] Rather components should log verbosely. -# Optional. Defaults to false. -# [manage_volumes] Rather nova-volume should be enabled on this compute node. -# Optional. Defaults to false. -# [nova_volumes] Name of volume group in which nova-volume will create logical volumes. -# Optional. Defaults to nova-volumes. +# === Examples # -class openstack::compute( - $private_interface, - $internal_address, - # networking config - $public_interface = undef, - $fixed_range = '10.0.0.0/16', - $network_manager = 'nova.network.manager.FlatDHCPManager', - $multi_host = false, - $network_config = {}, - # my address - # conection information - $sql_connection = false, - $nova_user_password = 'nova_pass', - $rabbit_host = false, - $rabbit_password = 'rabbit_pw', - $rabbit_user = 'nova', +# class { 'openstack::compute': +# libvirt_type => 'kvm', +# } +# + +class openstack::compute ( + # Network + $public_address = $::openstack::params::public_address, + $public_interface = $::openstack::params::public_interface, + $private_interface = $::openstack::params::private_interface, + $internal_address = $::openstack::params::internal_address, + $fixed_range = $::openstack::params::fixed_range, + $network_manager = $::openstack::params::network_manager, + $multi_host = $::openstack::params::multi_host, + $network_config = $::openstack::params::network_config, + # DB + $sql_connection = $::openstack::params::sql_connection, + # Nova + $nova_user_password = $::openstack::params::nova_user_password, + $purge_nova_config = $::openstack::params::purge_nova_config, + # Rabbit + $rabbit_host = $::openstack::params::rabbit_host, + $rabbit_password = $::openstack::params::rabbit_password, + $rabbit_user = $::openstack::params::rabbit_user, + # Glance $glance_api_servers = false, - # nova compute configuration parameters - $libvirt_type = 'kvm', - $vncproxy_host = false, - $vnc_enabled = 'true', - $verbose = false, - $manage_volumes = false, - $nova_volume = 'nova-volumes' -) { + # Virtualization + $libvirt_type = $::openstack::params::libvirt_type, + # VNC + $vncproxy_host = $::openstack::params::vncproxy_host, + $vnc_enabled = $::openstack::params::vnc_enabled, + $vncserver_proxyclient_address = $::openstack::params::vncserver_proxyclient_address, + # Volumes + $manage_volumes = $::openstack::params::manage_volumes, + $nova_volume = $::openstack::params::nova_volume, + # General + $verbose = $::openstack::params::verbose, + $exported_resources = $::openstack::params::exported_resources, + $enabled = $::openstack::params::enabled +) inherits openstack::params { - class { 'nova': - sql_connection => $sql_connection, - rabbit_host => $rabbit_host, - rabbit_userid => $rabbit_user, - rabbit_password => $rabbit_password, - image_service => 'nova.image.glance.GlanceImageService', - glance_api_servers => $glance_api_servers, - verbose => $verbose, + # + # indicates that all nova config entries that we did + # not specifify in Puppet should be purged from file + # + if ($purge_nova_config) { + resources { 'nova_config': + purge => true, + } } - class { 'nova::compute': - enabled => true, - vnc_enabled => $vnc_enabled, - vncserver_proxyclient_address => $internal_address, - vncproxy_host => $vncproxy_host, - } - - class { 'nova::compute::libvirt': - libvirt_type => $libvirt_type, - vncserver_listen => $internal_address, - } - - # if the compute node should be configured as a multi-host - # compute installation - if $multi_host { - - include keystone::python - - nova_config { - 'multi_host': value => 'True'; - 'send_arp_for_ha': value => 'True'; - } - if ! $public_interface { - fail('public_interface must be defined for multi host compute nodes') - } - $enable_network_service = true - class { 'nova::api': - enabled => true, - admin_tenant_name => 'services', - admin_user => 'nova', - admin_password => $nova_user_password, - } + if $exported_resources { + Nova_config <<||>> + $final_sql_connection = false + $glance_connection = false + $rabbit_connection = false } else { - $enable_network_service = false - nova_config { - 'multi_host': value => 'False'; - 'send_arp_for_ha': value => 'False'; + $final_sql_connection = $sql_connection + $glance_connection = $glance_api_servers + $rabbit_connection = $rabbit_host + } + + # Configure Nova + if $enabled { + class { 'nova': + sql_connection => $final_sql_connection, + rabbit_userid => $rabbit_user, + rabbit_password => $rabbit_password, + image_service => 'nova.image.glance.GlanceImageService', + glance_api_servers => $glance_connection, + verbose => $verbose, + rabbit_host => $rabbit_connection, } } - # set up configuration for networking - class { 'nova::network': - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - floating_range => false, - network_manager => $network_manager, - config_overrides => $network_config, - create_networks => false, - enabled => $enable_network_service, - install_service => $enable_network_service, - } - - if $manage_volumes { - - class { 'nova::volume': - enabled => true, + if $enabled { + class { 'openstack::nova::compute': + # Network + public_address => $public_address, + private_interface => $private_interface, + public_interface => $public_interface, + fixed_range => $fixed_range, + network_manager => $network_manager, + network_config => $network_config, + multi_host => $multi_host, + # Virtualization + libvirt_type => $libvirt_type, + # Volumes + nova_volume => $nova_volume, + manage_volumes => $manage_volumes, + iscsi_ip_address => $iscsi_ip_address, + # VNC + vnc_enabled => $vnc_enabled, + vncserver_listen => $vnc_server_listen, + vncserver_proxyclient_address => $vncserver_proxyclient_address, + vncproxy_host => $vncproxy_host, + # Nova + nova_user_password => $nova_user_password, + # General + verbose => $verbose, + exported_resources => $exported_resources, + enabled => $enabled, } - - class { 'nova::volume::iscsi': - volume_group => $nova_volume, - iscsi_ip_address => $internal_address, - } } } diff --git a/manifests/controller.pp b/manifests/controller.pp index 0257018..a2189a0 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -1,327 +1,186 @@ # # This can be used to build out the simplest openstack controller # +# === Parameters # -# $export_resources - Whether resources should be exported +# See params.pp # -# [public_interface] Public interface used to route public traffic. Required. -# [public_address] Public address for public endpoints. Required. -# [private_interface] Interface used for vm networking connectivity. Required. -# [internal_address] Internal address used for management. Required. -# [mysql_root_password] Root password for mysql server. -# [admin_email] Admin email. -# [admin_password] Admin password. -# [keystone_db_password] Keystone database password. -# [keystone_admin_token] Admin token for keystone. -# [glance_db_password] Glance DB password. -# [glance_user_password] Glance service user password. -# [nova_db_password] Nova DB password. -# [nova_user_password] Nova service password. -# [rabbit_password] Rabbit password. -# [rabbit_user] Rabbit User. -# [network_manager] Nova network manager to use. -# [fixed_range] Range of ipv4 network for vms. -# [floating_range] Floating ip range to create. -# [create_networks] Rather network and floating ips should be created. -# [num_networks] Number of networks that fixed range should be split into. -# [multi_host] Rather node should support multi-host networking mode for HA. -# Optional. Defaults to false. -# [auto_assign_floating_ip] Rather configured to automatically allocate and -# assign a floating IP address to virtual instances when they are launched. -# Defaults to false. -# [network_config] Hash that can be used to pass implementation specifc -# network settings. Optioal. Defaults to {} -# [verbose] Rahter to log services at verbose. -# [export_resources] Rather to export resources. -# Horizon related config - assumes puppetlabs-horizon code -# [secret_key] secret key to encode cookies, … -# [cache_server_ip] local memcached instance ip -# [cache_server_port] local memcached instance port -# [swift] (bool) is swift installed -# [quantum] (bool) is quantum installed -# The next is an array of arrays, that can be used to add call-out links to the dashboard for other apps. -# There is no specific requirement for these apps to be for monitoring, that's just the defacto purpose. -# Each app is defined in two parts, the display name, and the URI -# [horizon_app_links] array as in '[ ["Nagios","http://nagios_addr:port/path"],["Ganglia","http://ganglia_addr"] ]' +# === Examples # -# [enabled] Whether services should be enabled. This parameter can be used to -# implement services in active-passive modes for HA. Optional. Defaults to true. -class openstack::controller( - # my address - $public_address, - $public_interface, - $private_interface, - $internal_address, - $admin_address = $internal_address, - # connection information - $mysql_root_password = undef, - $admin_email = 'some_user@some_fake_email_address.foo', - $admin_password = 'ChangeMe', - $keystone_db_password = 'keystone_pass', - $keystone_admin_token = 'keystone_admin_token', - $keystone_admin_tenant = 'openstack', - $glance_db_password = 'glance_pass', - $glance_user_password = 'glance_pass', - $nova_db_password = 'nova_pass', - $nova_user_password = 'nova_pass', - $rabbit_password = 'rabbit_pw', - $rabbit_user = 'nova', - # network configuration - # this assumes that it is a flat network manager - $network_manager = 'nova.network.manager.FlatDHCPManager', - # this number has been reduced for performance during testing - $fixed_range = '10.0.0.0/16', - $floating_range = false, - $create_networks = true, - $num_networks = 1, - $multi_host = false, - $auto_assign_floating_ip = false, - # TODO need to reconsider this design... - # this is where the config options that are specific to the network - # types go. I am not extremely happy with this.... - $network_config = {}, - # I do not think that this needs a bridge? - $verbose = false, - $export_resources = true, - $secret_key = 'dummy_secret_key', - $cache_server_ip = '127.0.0.1', - $cache_server_port = '11211', - $swift = false, - $quantum = false, - $horizon_app_links = false, - $enabled = true -) { - - $glance_api_servers = "${internal_address}:9292" - $nova_db = "mysql://nova:${nova_db_password}@${internal_address}/nova" - - if ($export_resources) { - # export all of the things that will be needed by the clients - @@nova_config { 'rabbit_host': value => $internal_address } - Nova_config <| title == 'rabbit_host' |> - @@nova_config { 'sql_connection': value => $nova_db } - Nova_config <| title == 'sql_connection' |> - @@nova_config { 'glance_api_servers': value => $glance_api_servers } - Nova_config <| title == 'glance_api_servers' |> - @@nova_config { 'novncproxy_base_url': value => "http://${public_address}:6080/vnc_auto.html" } - $sql_connection = false - $glance_connection = false - $rabbit_connection = false - } else { - $sql_connection = $nova_db - $glance_connection = $glance_api_servers - $rabbit_connection = $internal_address - } +# class { 'openstack::controller': +# public_address => '192.168.0.3', +# public_interface => 'eth0', +# private_interface => 'eth1', +# admin_email => 'my_email@mw.com', +# admin_password => 'my_admin_password', +# } +# +class openstack::controller ( + # Network + $public_address = $::openstack::params::public_address, + $public_interface = $::openstack::params::public_interface, + $private_interface = $::openstack::params::private_interface, + $internal_address = $::openstack::params::internal_address, + $admin_address = $::openstack::params::admin_address, + $network_manager = $::openstack::params::network_manager, + $fixed_range = $::openstack::params::fixed_range, + $floating_range = $::openstack::params::floating_range, + $create_networks = $::openstack::params::create_networks, + $num_networks = $::openstack::params::num_networks, + $multi_host = $::openstack::params::multi_host, + $auto_assign_floating_ip = $::openstack::params::auto_assign_floating_ip, + $network_config = $::openstack::params::network_config, + # Database + $db_type = $::openstack::params::db_type, + $mysql_root_password = $::openstack::params::mysql_root_password, + $mysql_account_security = $::openstack::params::mysql_account_security, + $mysql_bind_address = $::openstack::params::mysql_bind_address, + # Keystone + $admin_email = $::openstack::params::admin_email, + $admin_password = $::openstack::params::admin_password, + $keystone_db_user = $::openstack::params::keystone_db_user, + $keystone_db_password = $::openstack::params::keystone_db_password, + $keystone_db_dbname = $::openstack::params::keystone_db_dbname, + $keystone_admin_token = $::openstack::params::keystone_admin_token, + # Glance + $glance_db_user = $::openstack::params::glance_db_user, + $glance_db_password = $::openstack::params::glance_db_password, + $glance_db_dbname = $::openstack::params::glance_db_dbname, + $glance_user_password = $::openstack::params::glance_user_password, + $glance_api_servers = $::openstack::params::glance_api_servers, + # Nova + $nova_db_user = $::openstack::params::nova_db_user, + $nova_db_password = $::openstack::params::nova_db_password, + $nova_user_password = $::openstack::params::nova_user_password, + $nova_db_dbname = $::openstack::params::nova_db_dbname, + $purge_nova_config = $::openstack::params::purge_nova_config, + # Rabbit + $rabbit_password = $::openstack::params::rabbit_password, + $rabbit_user = $::openstack::params::rabbit_user, + # Horizon + $secret_key = $::openstack::params::secret_key, + $cache_server_ip = $::openstack::params::cache_server_ip, + $cache_server_port = $::openstack::params::cache_server_port, + $swift = $::openstack::params::swift, + $quantum = $::openstack::params::quantum, + $horizon_app_links = $::openstack::params::horizon_app_links, + # General + $verbose = $::openstack::params::verbose, + $exported_resources = $::openstack::params::exported_resources, + $enabled = $::openstack::params::enabled +) inherits openstack::params { ####### DATABASE SETUP ###### - - # set up mysql server - class { 'mysql::server': - config_hash => { - # the priv grant fails on precise if I set a root password - # TODO I should make sure that this works - 'root_password' => $mysql_root_password, - 'bind_address' => '0.0.0.0' - }, - enabled => $enabled, - } - if ($enabled) { - # set up all openstack databases, users, grants - class { 'keystone::db::mysql': - password => $keystone_db_password, - } - Class['glance::db::mysql'] -> Class['glance::registry'] - class { 'glance::db::mysql': - host => '127.0.0.1', - password => $glance_db_password, - } - # TODO should I allow all hosts to connect? - class { 'nova::db::mysql': - password => $nova_db_password, - host => $internal_address, - allowed_hosts => '%', + if $enabled { + # set up mysql server + case $db_type { + 'mysql': { + class { 'openstack::db::mysql': + mysql_root_password => $mysql_root_password, + mysql_bind_address => $mysql_bind_address, + mysql_account_security => $mysql_account_security, + keystone_db_user => $keystone_db_user, + keystone_db_password => $keystone_db_password, + keystone_db_dbname => $keystone_db_dbname, + glance_db_user => $glance_db_user, + glance_db_password => $glance_db_password, + glance_db_dbname => $glance_db_dbname, + nova_db_user => $nova_db_user, + nova_db_password => $nova_db_password, + nova_db_dbname => $nova_db_dbname, + } + } } } ####### KEYSTONE ########### - - # set up keystone - class { 'keystone': - admin_token => $keystone_admin_token, - # we are binding keystone on all interfaces - # the end user may want to be more restrictive - bind_host => '0.0.0.0', - log_verbose => $verbose, - log_debug => $verbose, - catalog_type => 'sql', - enabled => $enabled, - } - # set up keystone database - # set up the keystone config for mysql - class { 'keystone::config::mysql': - password => $keystone_db_password, - } - if ($enabled) { - # set up keystone admin users - class { 'keystone::roles::admin': - email => $admin_email, - password => $admin_password, - admin_tenant => $keystone_admin_tenant, - } - # set up the keystone service and endpoint - class { 'keystone::endpoint': - public_address => $public_address, - internal_address => $internal_address, - admin_address => $admin_address, - } - # set up glance service,user,endpoint - class { 'glance::keystone::auth': - password => $glance_user_password, - public_address => $public_address, - internal_address => $internal_address, - admin_address => $admin_address, - before => [Class['glance::api'], Class['glance::registry']] - } - # set up nova serice,user,endpoint - class { 'nova::keystone::auth': - password => $nova_user_password, - public_address => $public_address, - internal_address => $internal_address, - admin_address => $admin_address, - before => Class['nova::api'], + class { 'openstack::keystone': + verbose => $verbose, + db_type => $db_type, + db_host => '127.0.0.1', + keystone_db_password => $keystone_db_password, + keystone_db_dbname => $keystone_db_dbname, + keystone_db_user => $keystone_db_user, + keystone_admin_token => $keystone_admin_token, + admin_email => $admin_email, + admin_password => $admin_password, + public_address => $public_address, + internal_address => $internal_address, + admin_address => $admin_address, } } - ######## END KEYSTONE ########## - ######## BEGIN GLANCE ########## - - - class { 'glance::api': - log_verbose => $verbose, - log_debug => $verbose, - auth_type => 'keystone', - auth_host => '127.0.0.1', - auth_port => '35357', - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => $glance_user_password, - enabled => $enabled, + if ($enabled) { + class { 'openstack::glance': + verbose => $verbose, + db_type => $db_type, + db_host => '127.0.0.1', + glance_db_user => $glance_db_user, + glance_db_dbname => $glance_db_dbname, + glance_db_password => $glance_db_password, + glance_user_password => $glance_user_password, + public_address => $public_address, + admin_address => $admin_address, + internal_address => $internal_addrss, + } } - class { 'glance::backend::file': } - - class { 'glance::registry': - log_verbose => $verbose, - log_debug => $verbose, - auth_type => 'keystone', - auth_host => '127.0.0.1', - auth_port => '35357', - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => $glance_user_password, - sql_connection => "mysql://glance:${glance_db_password}@127.0.0.1/glance", - enabled => $enabled, - } - - ######## END GLANCE ########### ######## BEGIN NOVA ########### - - - class { 'nova::rabbitmq': - userid => $rabbit_user, - password => $rabbit_password, - enabled => $enabled, - } - - # TODO I may need to figure out if I need to set the connection information - # or if I should collect it - class { 'nova': - sql_connection => $sql_connection, - # this is false b/c we are exporting - rabbit_host => $rabbit_connection, - rabbit_userid => $rabbit_user, - rabbit_password => $rabbit_password, - image_service => 'nova.image.glance.GlanceImageService', - glance_api_servers => $glance_connection, - verbose => $verbose, - } - - class { 'nova::api': - enabled => $enabled, - # TODO this should be the nova service credentials - #admin_tenant_name => 'openstack', - #admin_user => 'admin', - #admin_password => $admin_service_password, - admin_tenant_name => 'services', - admin_user => 'nova', - admin_password => $nova_user_password, - } - - class { [ - 'nova::cert', - 'nova::consoleauth', - 'nova::scheduler', - 'nova::objectstore', - 'nova::vncproxy' - ]: - enabled => $enabled, - } - - if $multi_host { - nova_config { 'multi_host': value => 'True'; } - $enable_network_service = false - } else { - if $enabled == true { - $enable_network_service = true - } else { - $enable_network_service = false + # + # indicates that all nova config entries that we did + # not specifify in Puppet should be purged from file + # + if ($purge_nova_config) { + resources { 'nova_config': + purge => true, } } if $enabled { - $really_create_networks = $create_networks - } else { - $really_create_networks = false - } - - # set up networking - class { 'nova::network': - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - floating_range => $floating_range, - network_manager => $network_manager, - config_overrides => $network_config, - create_networks => $really_create_networks, - num_networks => $num_networks, - enabled => $enable_network_service, - install_service => $enable_network_service, - } - - if $auto_assign_floating_ip { - nova_config { 'auto_assign_floating_ip': value => 'True'; } + class { 'openstack::nova::controller': + # Network + network_manager => $network_manager, + network_config => $network_config, + private_interface => $private_interface, + public_interface => $public_interface, + floating_range => $floating_range, + fixed_range => $fixed_range, + public_address => $public_address, + admin_address => $admin_address, + internal_address => $internal_address, + auto_assign_floating_ip => $auto_assign_floating_ip, + create_networks => $create_networks, + num_networks => $num_networks, + multi_host => $multi_host, + # Nova + nova_user_password => $nova_user_password, + nova_db_password => $nova_db_password, + nova_db_user => $nova_db_user, + nova_db_dbname => $nova_db_dbname, + # Rabbit + rabbit_user => $rabbit_user, + rabbit_password => $rabbit_password, + # Glance + glance_api_servers => $glance_api_servers, + # General + verbose => $verbose, + enabled => $enabled, + exported_resources => $exported_resources, + } } ######## Horizon ######## - - # TOOO - what to do about HA for horizon? - - class { 'memcached': - listen_ip => '127.0.0.1', - } - - class { 'horizon': - secret_key => $secret_key, - cache_server_ip => $cache_server_ip, + class { 'openstack::horizon': + secret_key => $secret_key, + cache_server_ip => $cache_server_ip, cache_server_port => $cache_server_port, - swift => $swift, - quantum => $quantum, + swift => $swift, + quantum => $quantum, horizon_app_links => $horizon_app_links, } - - ######## End Horizon ##### - + ######## auth file ######## + class { 'openstack::auth_file': } } diff --git a/manifests/db/mysql.pp b/manifests/db/mysql.pp new file mode 100644 index 0000000..aace0fa --- /dev/null +++ b/manifests/db/mysql.pp @@ -0,0 +1,79 @@ +# +# === Class: openstack::db::mysql +# +# Create MySQL databases for all components of +# OpenStack that require a database +# +# === Parameters +# +# See params.pp +# +# === Example +# +# class { 'openstack::db::mysql': +# mysql_root_password => 'changeme', +# keystone_db_password => 'changeme', +# glance_db_password => 'changeme', +# nova_db_password => 'changeme', +# allowed_hosts => ['127.0.0.1', '10.0.0.%'], +# } + + +class openstack::db::mysql ( + # MySQL + $mysql_bind_address = $::openstack::params::mysql_bind_address, + $allowed_hosts = $::openstack::params::mysql_allowed_hosts, + $mysql_root_password = $::openstack::params::mysql_root_password, + $mysql_account_security = $::openstack::params::mysql_account_security, + # Keystone + $keystone_db_user = $::openstack::params::keystone_db_user, + $keystone_db_dbname = $::openstack::params::keystone_db_dbname, + $keystone_db_password = $::openstack::params::keystone_db_password, + # Glance + $glance_db_user = $::openstack::params::glance_db_user, + $glance_db_dbname = $::openstack::params::glance_db_dbname, + $glance_db_password = $::openstack::params::glance_db_password, + # Nova + $nova_db_user = $::openstack::params::nova_db_user, + $nova_db_dbname = $::openstack::params::nova_db_dbname, + $nova_db_password = $::openstack::params::nova_db_password +) { + + # Install and configure MySQL Server + class { 'mysql::server': + config_hash => { + 'root_password' => $mysql_root_password, + 'bind_address' => $mysql_bind_address, + } + } + + # If enabled, secure the mysql installation + # This removes default users and guest access + if $mysql_account_security { + class { 'mysql::server::account_security': } + } + + # Create the Keystone db + class { 'keystone::db::mysql': + user => $keystone_db_user, + password => $keystone_db_password, + dbname => $keystone_db_dbname, + allowed_hosts => $allowed_hosts, + } + + # Create the Glance db + class { 'glance::db::mysql': + user => $glance_db_user, + password => $glance_db_password, + dbname => $glance_db_dbname, + allowed_hosts => $allowed_hosts, + } + + # Create the Nova db + class { 'nova::db::mysql': + user => $nova_db_user, + password => $nova_db_password, + dbname => $nova_db_dbname, + allowed_hosts => $allowed_hosts, + } +} diff --git a/manifests/glance.pp b/manifests/glance.pp new file mode 100644 index 0000000..d3124d6 --- /dev/null +++ b/manifests/glance.pp @@ -0,0 +1,77 @@ +# +# == Class: openstack::glance +# +# Installs and configures Glance +# Assumes the following: +# - Keystone for authentication +# - keystone tenant: services +# - keystone username: glance +# - storage backend: file +# +# === Parameters +# +# See params.pp +# +# === Example +# +# class { 'openstack::glance': +# glance_user_password => 'changeme', +# db_password => 'changeme', +# public_address => '192.168.1.1', +# admin_addresss => '192.168.1.1', +# internal_address => '192.168.1.1', +# } + +class openstack::glance ( + $db_type = $::openstack::params::db_type, + $db_host = $::openstack::params::db_host, + $glance_db_user = $::openstack::params::glance_db_user, + $glance_db_dbname = $::openstack::params::glance_db_dbname, + $glance_user_password = $::openstack::params::glance_user_password, + $glance_db_password = $::openstack::params::glance_db_password, + $public_address = $::openstack::params::public_address, + $admin_address = $::openstack::params::admin_address, + $internal_address = $::openstack::params::internal_address, + $verbose = $::openstack::params::verbose +) inherits openstack::params { + + # Configure the db string + case $db_type { + 'mysql': { + $sql_connection = "mysql://${glance_db_user}:${glance_db_password}@${db_host}/${glance_db_dbname}" + } + } + + # Install and configure glance-api + class { 'glance::api': + log_verbose => $verbose, + log_debug => $verbose, + auth_type => 'keystone', + keystone_tenant => 'services', + keystone_user => 'glance', + keystone_password => $glance_user_password, + } + + # Install and configure glance-registry + class { 'glance::registry': + log_verbose => $verbose, + log_debug => $verbose, + auth_type => 'keystone', + keystone_tenant => 'services', + keystone_user => 'glance', + keystone_password => $glance_user_password, + sql_connection => $sql_connection, + } + + # Configure file storage backend + class { 'glance::backend::file': } + + # Configure Glance to use Keystone + class { 'glance::keystone::auth': + password => $glance_user_password, + public_address => $public_address, + admin_address => $admin_address, + internal_address => $internal_address, + } + +} diff --git a/manifests/horizon.pp b/manifests/horizon.pp new file mode 100644 index 0000000..5dfabd0 --- /dev/null +++ b/manifests/horizon.pp @@ -0,0 +1,33 @@ +# +# == Class: openstack::horizon +# +# Class to install / configure horizon. +# Will eventually include apache and ssl. +# +# === Parameters +# +# See params.pp +# + +class openstack::horizon ( + $secret_key = $::openstack::params::secret_key, + $cache_server_ip = $::openstack::params::cache_server_ip, + $cache_server_port = $::openstack::params::cache_server_port, + $swift = $::openstack::params::swift, + $quantum = $::openstack::params::quantum, + $horizon_app_links = $::openstack::params::horizon_app_links +) { + + class { 'memcached': + listen_ip => $cache_server_ip, + tcp_port => $cache_server_port, + udp_port => $cache_server_port, + } + + class { '::horizon': + secret_key => $secret_key, + swift => $swift, + quantum => $quantum, + horizon_app_links => $horizon_app_links, + } +} diff --git a/manifests/keystone.pp b/manifests/keystone.pp new file mode 100644 index 0000000..d7db56d --- /dev/null +++ b/manifests/keystone.pp @@ -0,0 +1,74 @@ +# +# == Class: openstack::keystone +# +# Installs and configures Keystone +# +# === Parameters +# +# See params.pp +# +# === Example +# +# class { 'openstack::keystone': +# db_password => 'changeme', +# admin_token => '12345', +# admin_email => 'root@localhost', +# admin_password => 'changeme', +# public_address => '192.168.1.1', +# admin_addresss => '192.168.1.1', +# internal_address => '192.168.1.1', +# } + +class openstack::keystone ( + $db_type = $::openstack::params::db_type, + $db_host = $::openstack::params::db_host, + $keystone_db_user = $::openstack::params::keystone_db_user, + $keystone_db_password = $::openstack::params::keystone_db_password, + $keystone_db_dbname = $::openstack::params::keystone_db_dbname, + $keystone_admin_tenant = $::openstack::params::keystone_admin_tenant, + $keystone_admin_token = $::openstack::params::keystone_admin_token, + $admin_email = $::openstack::params::admin_email, + $admin_password = $::openstack::params::admin_password, + $public_address = $::openstack::params::public_address, + $admin_address = $::openstack::params::admin_address, + $internal_address = $::openstack::params::internal_address, + $verbose = $::openstack::params::verbose +) inherits openstack::params { + + # Install and configure Keystone + class { '::keystone': + log_verbose => $verbose, + log_debug => $verbose, + catalog_type => 'sql', + admin_token => $keystone_admin_token, + } + + # Setup the admin user + class { 'keystone::roles::admin': + email => $admin_email, + password => $admin_password, + admin_tenant => $keystone_admin_tenant, + } + + # Setup the Keystone Identity Endpoint + class { 'keystone::endpoint': + public_address => $public_address, + admin_address => $admin_address, + internal_address => $internal_address, + } + + # Configure the Keystone database + case $db_type { + + 'mysql': { + class { 'keystone::config::mysql': + user => $keystone_db_user, + password => $keystone_db_password, + host => $db_host, + dbname => $keystone_db_dbname, + } + } + + } + +} diff --git a/manifests/nova/compute.pp b/manifests/nova/compute.pp new file mode 100644 index 0000000..a5d4f23 --- /dev/null +++ b/manifests/nova/compute.pp @@ -0,0 +1,107 @@ +# +# == Class: openstack::nova::compute +# +# Manifest to install/configure nova-compute and nova-volume +# +# === Parameters +# +# See params.pp +# + +class openstack::nova::compute ( + # Network + $public_address = $::openstack::params::public_address, + $private_interface = $::openstack::params::private_interface, + $public_interface = $::openstack::params::public_interface, + $fixed_range = $::openstack::params::fixed_range, + $network_manager = $::openstack::params::network_manager, + $network_config = $::openstack::params::network_config, + $multi_host = $::openstack::params::multi_host, + # Virtualization + $libvirt_type = $::openstack::params::libvirt_type, + # Volumes + $nova_volume = $::openstack::params::nova_volume, + $manage_volumes = $::openstack::params::manage_volume, + $iscsi_ip_address = $::openstack::params::iscsi_ip_address, + # VNC + $vnc_enabled = $::openstack::params::vnc_enabled, + $vncserver_listen = $::openstack::params::vncserver_listen, + $vncserver_proxyclient_address = $::openstack::params::vncserver_proxyclient_address, + $vncproxy_host = $::openstack::params::vncproxy_host, + # Nova + $nova_user_password = $::openstack::params::nova_user_password, + # General + $verbose = $::openstack::params::verbose, + $exported_resources = $::openstack::params::exported_resources, + $enabled = $::openstack::params::enabled +) inherits openstack::params { + + # Install / configure nova-compute + class { '::nova::compute': + enabled => true, + vnc_enabled => $vnc_enabled, + vncserver_proxyclient_address => $vncserver_proxyclient_address, + vncproxy_host => $vncproxy_host, + } + + # Configure libvirt for nova-compute + class { 'nova::compute::libvirt': + libvirt_type => $libvirt_type, + vncserver_listen => $vncserver_listen, + } + + # if the compute node should be configured as a multi-host + # compute installation + if $multi_host { + include keystone::python + nova_config { + 'multi_host': value => 'True'; + 'send_arp_for_ha': value => 'True'; + } + if ! $public_interface { + fail('public_interface must be defined for multi host compute nodes') + } + $enable_network_service = true + class { 'nova::api': + enabled => $enabled, + admin_tenant_name => 'services', + admin_user => 'nova', + admin_password => $nova_user_password, + } + } else { + $enable_network-service = false + nova_config { + 'multi_host': value => 'False'; + 'send_arp_for_ha': value => 'False'; + } + } + + # set up configuration for networking + if $enable_network_service { + class { 'nova::network': + private_interface => $private_interface, + public_interface => $public_interface, + fixed_range => $fixed_range, + floating_range => false, # double check + network_manager => $network_manager, + config_overrides => $network_config, + create_networks => false, # double check + enabled => $enable_network_service, + install_service => $enable_network_service, + } + } + + if $manage_volumes { + # Install / configure nova-volume + class { 'nova::volume': + enabled => $enabled, + } + if $enabled { + class { 'nova::volume::iscsi': + volume_group => $nova_volume, + iscsi_ip_address => $internal_address, + } + } + } + +} diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp new file mode 100644 index 0000000..0ff235f --- /dev/null +++ b/manifests/nova/controller.pp @@ -0,0 +1,165 @@ +# +# == Class: openstack::nova::controller +# +# Class to define nova components used in a controller architecture. +# Basically everything but nova-compute and nova-volume +# +# === Parameters +# +# See params.pp +# + +class openstack::nova::controller ( + # Network + $network_manager = $::openstack::params::network_manager, + $network_config = $::openstack::params::network_config, + $private_interface = $::openstack::params::private_interface, + $public_interface = $::openstack::params::public_interface, + $floating_range = $::openstack::params::floating_range, + $fixed_range = $::openstack::params::fixed_range, + $public_address = $::openstack::params::public_address, + $admin_address = $::openstack::params::admin_address, + $internal_address = $::openstack::params::internal_address, + $auto_assign_floating_ip = $::openstack::params::auto_assign_floating_ip, + $create_networks = $::openstack::params::create_networks, + $num_networks = $::openstack::params::num_networks, + $multi_host = $::openstack::params::multi_host, + # Nova + $nova_user_password = $::openstack::params::nova_user_password, + $nova_db_user = $::openstack::params::nova_db_user, + $nova_db_password = $::openstack::params::nova_db_password, + $nova_db_dbname = $::openstack::params::nova_db_dbname, + # Rabbit + $rabbit_user = $::openstack::params::rabbit_user, + $rabbit_password = $::openstack::params::rabbit_password, + # Database + $db_type = $::openstack::params::db_type, + $db_host = $::openstack::params::db_host, + # Glance + $glance_api_servers = $::openstack::params::glance_api_servers, + # VNC + $vnc_enabled = $::openstack::params::vnc_enabled, + # General + $verbose = $::openstack::params::verbose, + $enabled = $::openstack::params::enabled, + $exported_resources = $::openstack::params::exported_resources +) inherits openstack::params { + + # Configure the db string + case $db_type { + 'mysql': { + $nova_db = "mysql://${nova_db_user}:${nova_db_password}@${db_host}/${nova_db_dbname}" + } + } + + # Might need fixed + # $glance_api_servers = "${internal_address}:9292" + + if ($export_resources) { + # export all of the things that will be needed by the clients + @@nova_config { 'rabbit_host': value => $internal_address } + Nova_config <| title == 'rabbit_host' |> + + @@nova_config { 'sql_connection': value => $nova_db } + Nova_config <| title == 'sql_connection' |> + + @@nova_config { 'glance_api_servers': value => $glance_api_servers } + Nova_config <| title == 'glance_api_servers' |> + + @@nova_config { 'novncproxy_base_url': value => "http://${public_address}:6080/vnc_auto.html" } + + $sql_connection = false + $glance_connection = false + $rabbit_connection = false + } else { + $sql_connection = $nova_db + $glance_connection = $glance_api_servers + $rabbit_connection = $internal_address + } + + + # Install / configure rabbitmq + class { 'nova::rabbitmq': + userid => $rabbit_user, + password => $rabbit_password, + } + + # Configure Nova to use Keystone + class { 'nova::keystone::auth': + password => $nova_user_password, + public_address => $public_address, + admin_address => $admin_address, + internal_address => $internal_address, + } + + # Configure Nova + class { 'nova': + sql_connection => $sql_connection, + rabbit_userid => $rabbit_user, + rabbit_password => $rabbit_password, + image_service => 'nova.image.glance.GlanceImageService', + glance_api_servers => $glance_connection, + verbose => $verbose, + rabbit_host => $rabbit_connection, + } + + # Configure nova-api + class { 'nova::api': + enabled => $enabled, + admin_password => $nova_user_password, + } + + # Configure nova-network + if $multi_host { + nova_config { 'multi_host': value => 'True' } + $enable_network_service = false + } else { + if $enabled == true { + $enable_network_service = true + } else { + $enable_network-service = false + } + } + + if $enabled { + $really_create_networks = $create_networks + } else { + $really_create_networks = false + } + + class { 'nova::network': + private_interface => $private_interface, + public_interface => $public_interface, + fixed_range => $fixed_range, + floating_range => $floating_range, + network_manager => $network_manager, + config_overrides => $network_config, + create_networks => $really_create_networks, + num_networks => $num_networks, + enabled => $enable_network_service, + install_service => $enable_network_service, + } + + if $auto_assign_floating_ip { + nova_config { 'auto_assign_floating_ip': value => 'True' } + } + + # a bunch of nova services that require no configuration + class { [ + 'nova::scheduler', + 'nova::objectstore', + 'nova::volume', + 'nova::cert', + 'nova::consoleauth' + ]: + enabled => true + } + + if $vnc_enabled { + class { 'nova::vncproxy': + enabled => true, + host => $public_address, + } + } + +} diff --git a/manifests/params.pp b/manifests/params.pp new file mode 100644 index 0000000..0d1ef06 --- /dev/null +++ b/manifests/params.pp @@ -0,0 +1,362 @@ +# +# == Class: Parameters +# +# Convenient location to store default parameters. +# Able to be overridden in individual classes. +# +# === Parameters +# +# ==== General +# +# [enabled] +# - Whether services should be enabled. This parameter can be used to +# implement services in active-passive modes for HA. Optional. +# - Defaults to true. +# +# [verbose] +# - If the services should log verbosely. Optional. +# - Defaults to false. +# +# [exported_resources] +# - Whether or not to use exported resources +# - Defautlts to true +# +# ==== Network +# +# [public_address] +# - Public address used by vnchost. Optional. +# - Defaults to ipaddress_eth0 +# +# [public_interface] +# - The interface used to route public traffic by the network service. Optional. +# - Defaults to eth0 +# +# [private_interface] +# - The private interface used to bridge the VMs into a common network. Optional. +# - Defaults to eth1 +# +# [internal_address] +# - Internal address used for management. +# - Defaults to ipaddress_eth1 +# +# [public_address] +# [admin_address] +# - IP addresses for Keystone services +# - default: ipaddress_eth0 +# +# [floating_range] +# - The floating ip range to be created. If it is false, then no floating ip range is created. Optional. +# - Defaults to false. +# +# [fixed_range] +# - The fixed private ip range to be created for the private VM network. Optional. +# - Defaults to '10.0.0.0/24'. +# +# [network_manager] +# - The network manager to use for the nova network service. Optional. +# - Defaults to 'nova.network.manager.FlatDHCPManager'. +# +# [iscsi_ip_address] +# - The IP address to use in the iscsi address +# - Defaults to $internal_address +# +# [auto_assign_floating_ip] +# - Rather configured to automatically allocate and assign a floating IP address to virtual instances when they are launched. +# - Defaults to false. +# +# [network_config] +# - Used to specify network manager specific parameters. Optional. +# - Defualts to {}. +# +# [create_networks] +# - Rather network and floating ips should be created. +# - Defaults to true +# +# [num_networks] +# - Number of networks that fixed range should be split into. +# - Defaults to 1 +# +# [multi_host] +# - Node should support multi-host networking mode for HA. +# - Optional. Defaults to false. +# +# +# ==== Virtualization +# +# [libvirt_type] +# - The virualization type being controlled by libvirt. Optional. +# - Defaults to 'kvm'. +# +# ==== Volumes +# +# [nova_volume] +# - The name of the volume group to use for nova volume allocation. Optional. +# - Defaults to 'nova-volumes'. +# +# [manage_volumes] +# - Rather nova-volume should be enabled on this compute node. +# - Defaults to false. +# +# ==== Database +# +# [db_type] +# - which type of database to use +# - Defaults to 'mysql' +# +# [db_host] +# - where the db server is located +# - default: 127.0.0.1 +# +# [sql_connection] +# - SQL connection information. +# - Defaults to false which indicates that exported resources will be used to determine connection information. +# +# ==== MySQL +# +# [mysql_root_password] +# - The root password to set for the mysql database. Optional. +# - Defaults to 'sql_pass'. +# +# [mysql_bind_address] +# - address for mysql to listen on +# - default: 0.0.0.0 +# +# [mysql_account_security] +# - whether to secure the mysql installation +# - default: true +# +# [allowed_hosts] +# - array of hosts that can access the mysql server +# - default: ['127.0.0.1'] +# +# ==== Rabbit +# +# [rabbit_password] +# - The password to use for the rabbitmq user. Optional. +# - Defaults to 'rabbit_pw' +# +# [rabbit_user] +# - The rabbitmq user to use for auth. Optional. +# - Defaults to 'nova'. +# +# [admin_email] +# - The admin's email address. Optional. +# - Defaults to 'root@localhost' +# +# [rabbit_host] +# - RabbitMQ host. False indicates it should be collected. +# - Defaults to false which indicates that exported resources will be used to determine connection information. +# +# ==== Keystone +# +# [keystone_db_user] +# - The name of the Keystone db user +# - Defaults to 'keystone' +# +# [keystone_db_password] +# - The default password for the keystone db user. Optional. +# - Defaults to 'keystone_pass'. +# +# [keystone_db_dbname] +# - The Keystone database name +# - Defaults to 'keystone' +# +# [keystone_admin_tenant] +# - The admin tenant name in Keystone +# - Defaults to 'admin' +# +# [keystone_admin_token] +# - The default auth token for keystone. Optional. +# - Defaults to 'keystone_admin_token'. +# +# [admin_email] +# - The email address for the Keystone admin user +# - Defaults to 'root@localhost' +# +# [admin_password] +# - The default password of the keystone admin. Optional. +# - Defaults to 'ChangeMe'. +# +# ==== Nova +# +# [nova_db_user] +# - The database user for Nova +# - Defaults to 'nova' +# +# [nova_db_password] +# - The nova db password. Optional. +# - Defaults to 'nova_pass'. +# +# [nova_user_password] +# - The password of the keystone user for the nova service. Optional. +# - Defaults to 'nova_pass'. +# +# [nova_db_dbname] +# - The database name for the Nova database +# - Defaults to 'nova' +# +# [purge_nova_config] +# - Whether unmanaged nova.conf entries should be purged. Optional. +# - Defaults to true. +# +# ==== Glance +# +# [glance_db_user] +# - The database user for Glance +# - Defaults to 'glance' +# +# [glance_db_password] +# - The password for the db user for glance. Optional. +# - Defaults to 'glance_pass'. +# +# [glance_user_password] +# - The password of the glance service user. Optional. +# - Defaults to 'glance_pass'. +# +# [glance_db_dbname] +# - The database name for the Glance database +# - Defaults to 'glance' +# +# [glance_api_servers] +# - List of glance api servers of the form HOST:PORT +# - Defaults to false which indicates that exported resources will be used to determine connection information. +# +# === Horizon related config - assumes puppetlabs-horizon code +# +# [secret_key] +# - secret key to encode cookies, +# - Defaults to 'dummy_secret_key' +# +# [cache_server_ip] +# - local memcached instance ip +# - Defaults to '127.0.0.1' +# +# [cache_server_port] +# - local memcached instance port +# - Defaults to '11211' +# +# [swift] +# - (bool) is swift installed +# - Defaults to false +# +# [quantum] +# - (bool) is quantum installed +# - Defaults to false +# +# [horizon_app_links] +# - array as in '[ ["Nagios","http://nagios_addr:port/path"],["Ganglia","http://ganglia_addr"] ]' +# - an array of arrays, that can be used to add call-out links to the dashboard for other apps. +# - There is no specific requirement for these apps to be for monitoring, that's just the defacto purpose. +# - Each app is defined in two parts, the display name, and the URI +# - Defaults to false +# +# === VNC +# +# [vnc_enabled] +# - Rather vnc console should be enabled. +# - Defaults to 'true', +# +# [vncserver_listen] +# - The address on the compute node where VNC should listen +# - Defaults to $internal_address +# +# [vncserver_proxyclient_address] +# - The address where the controller should contact the vnc server on the compute node +# - Defaults to $internal_address +# +# [vncproxy_host] +# - Host that serves as vnc proxy. This should be the public address of your controller. +# - Defaults to $public_address +# + +class openstack::params { + + # Generic + $enabled = true + $verbose = false + $exported_resources = true + + # Network + $public_address = $::ipaddress_eth0 + $public_interface = 'eth0' + $internal_address = $::ipaddress_eth1 + $admin_address = $internal_address + $private_interface = 'eth2' + $fixed_range = '192.168.30.0/24' + $floating_range = false + $network_manager = 'nova.network.manager.FlatDHCPManager' + $iscsi_ip_address = $internal_address + $auto_assign_floating_ip = false + $network_config = {} + $create_networks = true + $num_networks = 1 + $multi_host = false + + # Virtualization + $libvirt_type = 'qemu' + + # Volumes + $nova_volume = 'nova-volumes' + $manage_volumes = false + + # Database + $db_type = 'mysql' + $db_host = $internal_address + $sql_connection = false + + # MySQL params + $mysql_root_password = 'sql_pass' + $mysql_bind_address = '0.0.0.0' + $mysql_allowed_hosts = ['127.0.0.%', '10.0.0.%'] + $mysql_account_security = true + + # Rabbit params + $rabbit_password = 'rabbit_pw' + $rabbit_user = 'nova' + $rabbit_host = false + + # Keystone params + $keystone_db_user = 'keystone' + $keystone_db_password = 'keystone_pass' + $keystone_db_dbname = 'keystone' + $keystone_admin_tenant = 'admin' + $keystone_admin_token = 'keystone_admin_token' + $admin_email = 'root@localhost' + $admin_password = 'ChangeMe' + + # Glance params + $glance_db_user = 'glance' + $glance_db_password = 'glance_pass' + $glance_user_password = 'glance_pass' + $glance_db_dbname = 'glance' + $glance_api_servers = "${public_address}:9292" + + # Nova params + $nova_db_user = 'nova' + $nova_db_password = 'nova_pass' + $nova_user_password = 'nova_pass' + $nova_db_dbname = 'nova' + $purge_nova_config = true + + # Horizon params + $secret_key = 'dummy_secret_key' + $cache_server_ip = '127.0.0.1' + $cache_server_port = '11211' + $swift = false + $quantum = false + $horizon_app_links = undef + + # vnc + $vnc_enabled = true + $vncserver_listen = $internal_address + $vncserver_proxyclient_address = $internal_address + $vncproxy_host = $public_address + + # OS-specific params + case $::osfamily { + 'Debian': { + } + 'RedHat': { + } + } +} diff --git a/tests/all.pp b/tests/all.pp new file mode 100644 index 0000000..2f43b70 --- /dev/null +++ b/tests/all.pp @@ -0,0 +1 @@ +class { 'openstack::all': } diff --git a/tests/cloudcontroller.pp b/tests/cloudcontroller.pp new file mode 100644 index 0000000..31f396a --- /dev/null +++ b/tests/cloudcontroller.pp @@ -0,0 +1 @@ +class { 'openstack::controller': } diff --git a/tests/compute.pp b/tests/compute.pp new file mode 100644 index 0000000..d0f3238 --- /dev/null +++ b/tests/compute.pp @@ -0,0 +1,4 @@ +class { 'openstack::compute': + sql_connection => 'mysql://foo:bar@192.168.1.1/nova', + glance_api_servers => '192.168.1.1:9292', +} From 7acaad1c54e3faeb22134c11066e75ae540e3d95 Mon Sep 17 00:00:00 2001 From: Joe Topjian Date: Wed, 25 Jul 2012 22:11:47 +0000 Subject: [PATCH 02/43] Began putting params in individual manifests instead of a single params.pp file. --- manifests/all.pp | 108 ++++++----- manifests/compute.pp | 92 ++++++--- manifests/controller.pp | 128 ++++++++----- manifests/db/mysql.pp | 30 +-- manifests/glance.pp | 40 ++-- manifests/horizon.pp | 18 +- manifests/keystone.pp | 58 +++--- manifests/nova/compute.pp | 92 ++++++--- manifests/nova/controller.pp | 92 ++++++--- manifests/params.pp | 362 ----------------------------------- tests/all.pp | 16 +- tests/cloudcontroller.pp | 17 +- tests/compute.pp | 10 +- 13 files changed, 464 insertions(+), 599 deletions(-) delete mode 100644 manifests/params.pp diff --git a/manifests/all.pp b/manifests/all.pp index 7c01e90..b430cd5 100644 --- a/manifests/all.pp +++ b/manifests/all.pp @@ -10,12 +10,18 @@ # === Examples # # class { 'openstack::all': -# public_address => '192.168.0.3', -# public_interface => 'eth0', -# private_interface => 'eth1', +# public_address => '192.168.1.1', +# mysql_root_password => 'changeme', +# rabbit_password => 'changeme', +# keystone_db_password => 'changeme', +# keystone_admin_token => '12345', # admin_email => 'my_email@mw.com', # admin_password => 'my_admin_password', -# libvirt_type => 'kvm', +# nova_db_password => 'changeme', +# nova_user_password => 'changeme', +# glance_db_password => 'changeme', +# glance_user_password => 'changeme', +# secret_key => 'dummy_secret_key', # } # # === Authors @@ -25,57 +31,65 @@ # class openstack::all ( # Network - $public_address = $::openstack::params::public_address, - $public_interface = $::openstack::params::public_interface, - $private_interface = $::openstack::params::private_interface, - $fixed_range = $::openstack::params::fixed_range, - $network_manager = $::openstack::params::network_manager, - $network_config = $::openstack::params::network_config, - $auto_assign_floating_ip = $::openstack::params::auto_assign_floating_ip, - $floating_range = $::openstack::params::floating_range, - $create_networks = $::openstack::params::create_networks, - $num_networks = $::openstack::params::num_networks, + $public_interface = 'eth0', + $private_interface = 'eth1', + $fixed_range = '10.0.0.0/24', + $network_manager = 'nova.network.manager.FlatDHCPManager', + $network_config = {}, + $auto_assign_floating_ip = false, + $floating_range = false, + $create_networks = true, + $num_networks = 1, # MySQL - $db_type = $::openstack::params::db_type, - $mysql_root_password = $::openstack::params::mysql_root_password, - $mysql_account_security = $::openstack::params::mysql_account_security, + $db_type = 'mysql', + $mysql_account_security = true, + $allowed_hosts = ['127.0.0.%'], # Rabbit - $rabbit_password = $::openstack::params::rabbit_password, - $rabbit_user = $::openstack::params::rabbit_user, + $rabbit_user = 'nova', # Keystone - $admin_email = $::openstack::params::admin_email, - $admin_password = $::openstack::params::admin_password, - $keystone_db_user = $::openstack::params::keystone_db_user, - $keystone_db_password = $::openstack::params::keystone_db_password, - $keystone_db_dbname = $::openstack::params::keystone_db_dbname, - $keystone_admin_token = $::openstack::params::keystone_admin_token, + $keystone_db_user = 'keystone', + $keystone_db_dbname = 'keystone', # Nova - $nova_db_user = $::openstack::params::nova_db_user, - $nova_db_password = $::openstack::params::nova_db_password, - $nova_user_password = $::openstack::params::nova_user_password, - $nova_db_dbname = $::openstack::params::nova_db_dbname, - $purge_nova_config = $::openstack::params::purge_nova_config, + $nova_db_user = 'nova', + $nova_db_dbname = 'nova', + $purge_nova_config = true, # Glance - $glance_db_user = $::openstack::params::glance_db_user, - $glance_db_password = $::openstack::params::glance_db_password, - $glance_db_dbname = $::openstack::params::glance_db_dbname, - $glance_user_password = $::openstack::params::glance_user_password, + $glance_db_user = 'glance', + $glance_db_dbname = 'glance', # Horizon - $secret_key = $::openstack::params::secret_key, - $cache_server_ip = $::openstack::params::cache_server_ip, - $cache_server_port = $::openstack::params::cache_server_port, - $swift = $::openstack::params::swift, - $quantum = $::openstack::params::quantum, - $horizon_app_links = $::openstack::params::horizon_app_links, + $cache_server_ip = '127.0.0.1', + $cache_server_port = '11211', + $swift = false, + $quantum = false, + $horizon_app_links = undef, # Virtaulization - $libvirt_type = $::openstack::params::libvirt_type, + $libvirt_type = 'kvm', # Volume - $nova_volume = $::openstack::params::nova_volume, + $nova_volume = 'nova-volumes', # VNC - $vnc_enabled = $::openstack::params::vnc_enabled, + $vnc_enabled = true, # General - $enabled = $::openstack::params::enabled, - $verbose = $::openstack::params::verbose + $enabled = true, + $verbose = false, + # Network Required + $public_address, + # MySQL Required + $mysql_root_password, + # Rabbit Required + $rabbit_password, + # Keystone Required + $keystone_db_password, + $keystone_admin_token, + $admin_email, + $admin_password, + # Nova Required + $nova_db_password, + $nova_user_password, + # Glance Required + $glance_db_password, + $glance_user_password, + # Horizon Required + $secret_key, ) inherits openstack::params { # set up mysql server @@ -94,6 +108,7 @@ class openstack::all ( nova_db_user => $nova_db_user, nova_db_password => $nova_db_password, nova_db_dbname => $nova_db_dbname, + allowed_hosts => $allowed_hosts, } } } @@ -154,6 +169,8 @@ class openstack::all ( create_networks => $create_networks, num_networks => $num_networks, multi_host => false, + # Database + db_host => '127.0.0.1', # Nova nova_user_password => $nova_user_password, nova_db_password => $nova_db_password, @@ -181,6 +198,7 @@ class openstack::all ( network_manager => $network_manager, network_config => $network_config, multi_host => false, + internal_address => '127.0.0.1', # Virtualization libvirt_type => $libvirt_type, # Volumes diff --git a/manifests/compute.pp b/manifests/compute.pp index 172d1c1..318b0df 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -16,44 +16,51 @@ # === Examples # # class { 'openstack::compute': -# libvirt_type => 'kvm', +# internal_address => '192.168.1.12', +# vncproxy_host => '192.168.1.1', +# nova_user_password => 'changeme', +# rabbit_password => 'changeme', # } # class openstack::compute ( # Network - $public_address = $::openstack::params::public_address, - $public_interface = $::openstack::params::public_interface, - $private_interface = $::openstack::params::private_interface, - $internal_address = $::openstack::params::internal_address, - $fixed_range = $::openstack::params::fixed_range, - $network_manager = $::openstack::params::network_manager, - $multi_host = $::openstack::params::multi_host, - $network_config = $::openstack::params::network_config, + $public_address = undef, + $public_interface = 'eth0', + $private_interface = 'eth1', + $fixed_range = '10.0.0.0/24', + $network_manager = 'nova.network.manager.FlatDHCPManager', + $multi_host = false, + $network_config = {}, # DB - $sql_connection = $::openstack::params::sql_connection, + $sql_connection = false, # Nova - $nova_user_password = $::openstack::params::nova_user_password, - $purge_nova_config = $::openstack::params::purge_nova_config, + $purge_nova_config = true, # Rabbit - $rabbit_host = $::openstack::params::rabbit_host, - $rabbit_password = $::openstack::params::rabbit_password, - $rabbit_user = $::openstack::params::rabbit_user, + $rabbit_host = false, + $rabbit_user = 'nova', # Glance $glance_api_servers = false, # Virtualization - $libvirt_type = $::openstack::params::libvirt_type, + $libvirt_type = 'kvm', # VNC - $vncproxy_host = $::openstack::params::vncproxy_host, - $vnc_enabled = $::openstack::params::vnc_enabled, - $vncserver_proxyclient_address = $::openstack::params::vncserver_proxyclient_address, + $vnc_enabled = true, + $vncserver_listen = undef, + $vncproxy_host = undef, + $vncserver_proxyclient_address = undef, # Volumes - $manage_volumes = $::openstack::params::manage_volumes, - $nova_volume = $::openstack::params::nova_volume, + $manage_volumes = true, + $nova_volume = 'nova-volumes', # General - $verbose = $::openstack::params::verbose, - $exported_resources = $::openstack::params::exported_resources, - $enabled = $::openstack::params::enabled + $verbose = false, + $exported_resources = true, + $enabled = true, + # Required Network + $internal_address, + # Required Nova + $nova_user_password, + # Required Rabbit + $rabbit_password ) inherits openstack::params { # @@ -90,10 +97,41 @@ class openstack::compute ( } } + # Configure VNC variables + if ($vnc_enabled == true) { + if ($vncserver_listen == undef) { + $real_vncserver_listen = $internal_address + } else { + $real_vncserver_listen = $vncserver_listen + } + + if ($vncserver_proxyclient_address == undef) { + $real_vncserver_proxyclient_address = $internal_address + } else { + $real_vncserver_proxyclient_address = $vncserver_proxyclient_address + } + + if ($vncproxy_host == undef) { + if ($multi_host == true and $public_address != undef) { + $real_vncproxy_host = $public_address + } else { + fail('vncproxy_host must be set.') + } + } else { + # This should be the public IP of the cloud controller... + $real_vncproxy_host = $vncproxy_host + } + } else { + $real_vncserver_listen = undef + $real_vncserver_proxyclient_address = undef + $real_vncproxy_host = undef + } + if $enabled { class { 'openstack::nova::compute': # Network public_address => $public_address, + internal_address => $internal_address, private_interface => $private_interface, public_interface => $public_interface, fixed_range => $fixed_range, @@ -108,9 +146,9 @@ class openstack::compute ( iscsi_ip_address => $iscsi_ip_address, # VNC vnc_enabled => $vnc_enabled, - vncserver_listen => $vnc_server_listen, - vncserver_proxyclient_address => $vncserver_proxyclient_address, - vncproxy_host => $vncproxy_host, + vncserver_listen => $real_vncserver_listen, + vncserver_proxyclient_address => $real_vncserver_proxyclient_address, + vncproxy_host => $real_vncproxy_host, # Nova nova_user_password => $nova_user_password, # General diff --git a/manifests/controller.pp b/manifests/controller.pp index a2189a0..91d0127 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -8,68 +8,95 @@ # === Examples # # class { 'openstack::controller': -# public_address => '192.168.0.3', -# public_interface => 'eth0', -# private_interface => 'eth1', -# admin_email => 'my_email@mw.com', -# admin_password => 'my_admin_password', +# public_address => '192.168.0.3', +# mysql_root_password => 'changeme', +# allowed_hosts => ['127.0.0.%', '192.168.1.%'], +# admin_email => 'my_email@mw.com', +# admin_password => 'my_admin_password', +# keystone_db_password => 'changeme', +# keystone_admin_token => '12345', +# glance_db_password => 'changeme', +# glance_user_password => 'changeme', +# nova_db_password => 'changeme', +# nova_user_password => 'changeme', +# secret_key => 'dummy_secret_key', # } # class openstack::controller ( # Network - $public_address = $::openstack::params::public_address, - $public_interface = $::openstack::params::public_interface, - $private_interface = $::openstack::params::private_interface, - $internal_address = $::openstack::params::internal_address, - $admin_address = $::openstack::params::admin_address, - $network_manager = $::openstack::params::network_manager, - $fixed_range = $::openstack::params::fixed_range, - $floating_range = $::openstack::params::floating_range, - $create_networks = $::openstack::params::create_networks, - $num_networks = $::openstack::params::num_networks, - $multi_host = $::openstack::params::multi_host, - $auto_assign_floating_ip = $::openstack::params::auto_assign_floating_ip, - $network_config = $::openstack::params::network_config, + $public_interface = 'eth0', + $private_interface = 'eth1', + $internal_address = undef, + $admin_address = undef, + $network_manager = 'nova.network.manager.FlatDHCPManager', + $fixed_range = '10.0.0.0/24', + $floating_range = false, + $create_networks = true, + $num_networks = 1, + $multi_host = false, + $auto_assign_floating_ip = false, + $network_config = {}, # Database - $db_type = $::openstack::params::db_type, - $mysql_root_password = $::openstack::params::mysql_root_password, - $mysql_account_security = $::openstack::params::mysql_account_security, - $mysql_bind_address = $::openstack::params::mysql_bind_address, + $db_type = 'mysql', + $mysql_account_security = true, + $mysql_bind_address = '0.0.0.0', + $allowed_hosts = ['127.0.0.%'], # Keystone - $admin_email = $::openstack::params::admin_email, - $admin_password = $::openstack::params::admin_password, - $keystone_db_user = $::openstack::params::keystone_db_user, - $keystone_db_password = $::openstack::params::keystone_db_password, - $keystone_db_dbname = $::openstack::params::keystone_db_dbname, - $keystone_admin_token = $::openstack::params::keystone_admin_token, + $keystone_db_user = 'keystone', + $keystone_db_dbname = 'keystone', # Glance - $glance_db_user = $::openstack::params::glance_db_user, - $glance_db_password = $::openstack::params::glance_db_password, - $glance_db_dbname = $::openstack::params::glance_db_dbname, - $glance_user_password = $::openstack::params::glance_user_password, - $glance_api_servers = $::openstack::params::glance_api_servers, + $glance_db_user = 'glance', + $glance_db_dbname = 'glance', + $glance_api_servers = undef, # Nova - $nova_db_user = $::openstack::params::nova_db_user, - $nova_db_password = $::openstack::params::nova_db_password, - $nova_user_password = $::openstack::params::nova_user_password, - $nova_db_dbname = $::openstack::params::nova_db_dbname, - $purge_nova_config = $::openstack::params::purge_nova_config, + $nova_db_user = 'nova', + $nova_db_dbname = 'nova', + $purge_nova_config = true, # Rabbit - $rabbit_password = $::openstack::params::rabbit_password, - $rabbit_user = $::openstack::params::rabbit_user, + $rabbit_password, + $rabbit_user = 'nova', # Horizon - $secret_key = $::openstack::params::secret_key, - $cache_server_ip = $::openstack::params::cache_server_ip, - $cache_server_port = $::openstack::params::cache_server_port, - $swift = $::openstack::params::swift, - $quantum = $::openstack::params::quantum, - $horizon_app_links = $::openstack::params::horizon_app_links, + $cache_server_ip = '127.0.0.1', + $cache_server_port = '11211', + $swift = false, + $quantum = false, + $horizon_app_links = undef, # General - $verbose = $::openstack::params::verbose, - $exported_resources = $::openstack::params::exported_resources, - $enabled = $::openstack::params::enabled + $verbose = false, + $exported_resources = true, + $enabled = true, + # Required Network + $public_address, + # Required Database + $mysql_root_password, + # Required Keystone + $admin_email, + $admin_password, + $keystone_db_password, + $keystone_admin_token, + # Required Glance + $glance_db_password, + $glance_user_password, + # Required Nova + $nova_db_password, + $nova_user_password, + # Required Horizon + $secret_key ) inherits openstack::params { + # Configure admin_address and internal address if needed. + if (admin_address == undef) { + $real_admin_address = $public_address + } else { + $real_admin_address = $admin_address + } + + if (internal_address == undef) { + $real_internal_address = $public_address + } else { + $real_internal_address = $internal_address + } + ####### DATABASE SETUP ###### if $enabled { # set up mysql server @@ -79,6 +106,7 @@ class openstack::controller ( mysql_root_password => $mysql_root_password, mysql_bind_address => $mysql_bind_address, mysql_account_security => $mysql_account_security, + allowed_hosts => $allowed_hosts, keystone_db_user => $keystone_db_user, keystone_db_password => $keystone_db_password, keystone_db_dbname => $keystone_db_dbname, @@ -140,6 +168,8 @@ class openstack::controller ( if $enabled { class { 'openstack::nova::controller': + # Database + db_host => '127.0.0.1', # Network network_manager => $network_manager, network_config => $network_config, diff --git a/manifests/db/mysql.pp b/manifests/db/mysql.pp index aace0fa..967c5b3 100644 --- a/manifests/db/mysql.pp +++ b/manifests/db/mysql.pp @@ -11,7 +11,7 @@ # === Example # # class { 'openstack::db::mysql': -# mysql_root_password => 'changeme', +# mysql_root_password => 'changeme', # keystone_db_password => 'changeme', # glance_db_password => 'changeme', # nova_db_password => 'changeme', @@ -21,22 +21,24 @@ class openstack::db::mysql ( # MySQL - $mysql_bind_address = $::openstack::params::mysql_bind_address, - $allowed_hosts = $::openstack::params::mysql_allowed_hosts, - $mysql_root_password = $::openstack::params::mysql_root_password, - $mysql_account_security = $::openstack::params::mysql_account_security, + $mysql_bind_address = '0.0.0.0', + $mysql_account_security = true, # Keystone - $keystone_db_user = $::openstack::params::keystone_db_user, - $keystone_db_dbname = $::openstack::params::keystone_db_dbname, - $keystone_db_password = $::openstack::params::keystone_db_password, + $keystone_db_user = 'keystone', + $keystone_db_dbname = 'keystone', # Glance - $glance_db_user = $::openstack::params::glance_db_user, - $glance_db_dbname = $::openstack::params::glance_db_dbname, - $glance_db_password = $::openstack::params::glance_db_password, + $glance_db_user = 'glance', + $glance_db_dbname = 'glance', # Nova - $nova_db_user = $::openstack::params::nova_db_user, - $nova_db_dbname = $::openstack::params::nova_db_dbname, - $nova_db_password = $::openstack::params::nova_db_password + $nova_db_user = 'nova', + $nova_db_dbname = 'nova', + # Required MySQL + $allowed_hosts, + # Passwords + $mysql_root_password, + $keystone_db_password, + $glance_db_password, + $nova_db_password ) { # Install and configure MySQL Server diff --git a/manifests/glance.pp b/manifests/glance.pp index d3124d6..8513778 100644 --- a/manifests/glance.pp +++ b/manifests/glance.pp @@ -18,23 +18,35 @@ # glance_user_password => 'changeme', # db_password => 'changeme', # public_address => '192.168.1.1', -# admin_addresss => '192.168.1.1', -# internal_address => '192.168.1.1', +# db_host => '127.0.0.1', # } class openstack::glance ( - $db_type = $::openstack::params::db_type, - $db_host = $::openstack::params::db_host, - $glance_db_user = $::openstack::params::glance_db_user, - $glance_db_dbname = $::openstack::params::glance_db_dbname, - $glance_user_password = $::openstack::params::glance_user_password, - $glance_db_password = $::openstack::params::glance_db_password, - $public_address = $::openstack::params::public_address, - $admin_address = $::openstack::params::admin_address, - $internal_address = $::openstack::params::internal_address, - $verbose = $::openstack::params::verbose + $db_type = 'mysql', + $glance_db_user = 'glance', + $glance_db_dbname = 'glance', + $admin_address = undef, + $internal_address = undef, + $verbose = false, + $db_host, + $glance_user_password, + $glance_db_password, + $public_address, ) inherits openstack::params { + # Configure admin_address and internal address if needed. + if (admin_address == undef) { + $real_admin_address = $public_address + } else { + $real_admin_address = $admin_address + } + + if (internal_address == undef) { + $real_internal_address = $public_address + } else { + $real_internal_address = $internal_address + } + # Configure the db string case $db_type { 'mysql': { @@ -70,8 +82,8 @@ class openstack::glance ( class { 'glance::keystone::auth': password => $glance_user_password, public_address => $public_address, - admin_address => $admin_address, - internal_address => $internal_address, + admin_address => $real_admin_address, + internal_address => $real_internal_address, } } diff --git a/manifests/horizon.pp b/manifests/horizon.pp index 5dfabd0..43e5055 100644 --- a/manifests/horizon.pp +++ b/manifests/horizon.pp @@ -8,14 +8,20 @@ # # See params.pp # +# === Examples +# +# class { 'openstack::horizon': +# secret_key => 'dummy_secret_key', +# } +# class openstack::horizon ( - $secret_key = $::openstack::params::secret_key, - $cache_server_ip = $::openstack::params::cache_server_ip, - $cache_server_port = $::openstack::params::cache_server_port, - $swift = $::openstack::params::swift, - $quantum = $::openstack::params::quantum, - $horizon_app_links = $::openstack::params::horizon_app_links + $cache_server_ip = '127.0.0.1', + $cache_server_port = '11211', + $swift = false, + $quantum = false, + $horizon_app_links = undef, + $secret_key ) { class { 'memcached': diff --git a/manifests/keystone.pp b/manifests/keystone.pp index d7db56d..97f2757 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -10,31 +10,43 @@ # === Example # # class { 'openstack::keystone': -# db_password => 'changeme', -# admin_token => '12345', -# admin_email => 'root@localhost', -# admin_password => 'changeme', -# public_address => '192.168.1.1', -# admin_addresss => '192.168.1.1', -# internal_address => '192.168.1.1', +# db_host => '127.0.0.1', +# keystone_db_password => 'changeme', +# keystone_admin_token => '12345', +# admin_email => 'root@localhost', +# admin_password => 'changeme', +# public_address => '192.168.1.1', # } class openstack::keystone ( - $db_type = $::openstack::params::db_type, - $db_host = $::openstack::params::db_host, - $keystone_db_user = $::openstack::params::keystone_db_user, - $keystone_db_password = $::openstack::params::keystone_db_password, - $keystone_db_dbname = $::openstack::params::keystone_db_dbname, - $keystone_admin_tenant = $::openstack::params::keystone_admin_tenant, - $keystone_admin_token = $::openstack::params::keystone_admin_token, - $admin_email = $::openstack::params::admin_email, - $admin_password = $::openstack::params::admin_password, - $public_address = $::openstack::params::public_address, - $admin_address = $::openstack::params::admin_address, - $internal_address = $::openstack::params::internal_address, - $verbose = $::openstack::params::verbose + $db_type = 'mysql', + $keystone_db_user = 'keystone', + $keystone_db_dbname = 'keystone', + $keystone_admin_tenant = 'admin', + $admin_address = undef, + $internal_address = undef, + $verbose = false, + $db_host, + $keystone_db_password, + $keystone_admin_token, + $admin_email, + $admin_password, + $public_address ) inherits openstack::params { + # Configure admin_address and internal address if needed. + if (admin_address == undef) { + $real_admin_address = $public_address + } else { + $real_admin_address = $admin_address + } + + if (internal_address == undef) { + $real_internal_address = $public_address + } else { + $real_internal_address = $internal_address + } + # Install and configure Keystone class { '::keystone': log_verbose => $verbose, @@ -53,13 +65,12 @@ class openstack::keystone ( # Setup the Keystone Identity Endpoint class { 'keystone::endpoint': public_address => $public_address, - admin_address => $admin_address, - internal_address => $internal_address, + admin_address => $real_admin_address, + internal_address => $real_internal_address, } # Configure the Keystone database case $db_type { - 'mysql': { class { 'keystone::config::mysql': user => $keystone_db_user, @@ -68,7 +79,6 @@ class openstack::keystone ( dbname => $keystone_db_dbname, } } - } } diff --git a/manifests/nova/compute.pp b/manifests/nova/compute.pp index a5d4f23..8a81473 100644 --- a/manifests/nova/compute.pp +++ b/manifests/nova/compute.pp @@ -7,47 +7,93 @@ # # See params.pp # +# === Examples +# +# class { 'openstack::nova::compute': +# internal_address => '192.168.2.2', +# vncproxy_host => '192.168.1.1', +# nova_user_password => 'changeme', +# } class openstack::nova::compute ( # Network - $public_address = $::openstack::params::public_address, - $private_interface = $::openstack::params::private_interface, - $public_interface = $::openstack::params::public_interface, - $fixed_range = $::openstack::params::fixed_range, - $network_manager = $::openstack::params::network_manager, - $network_config = $::openstack::params::network_config, - $multi_host = $::openstack::params::multi_host, + $public_address = undef, + $public_interface = 'eth0', + $private_interface = 'eth1', + $fixed_range = '10.0.0.0/24', + $network_manager = 'nova.network.manager.FlatDHCPManager', + $network_config = {}, + $multi_host = false, # Virtualization - $libvirt_type = $::openstack::params::libvirt_type, + $libvirt_type = 'kvm', # Volumes - $nova_volume = $::openstack::params::nova_volume, - $manage_volumes = $::openstack::params::manage_volume, - $iscsi_ip_address = $::openstack::params::iscsi_ip_address, + $nova_volume = 'nova-volumes', + $manage_volumes = true, + $iscsi_ip_address = undef, # VNC - $vnc_enabled = $::openstack::params::vnc_enabled, - $vncserver_listen = $::openstack::params::vncserver_listen, - $vncserver_proxyclient_address = $::openstack::params::vncserver_proxyclient_address, - $vncproxy_host = $::openstack::params::vncproxy_host, - # Nova - $nova_user_password = $::openstack::params::nova_user_password, + $vnc_enabled = true, + $vncserver_listen = undef, + $vncserver_proxyclient_address = undef, + $vncproxy_host = undef, # General - $verbose = $::openstack::params::verbose, - $exported_resources = $::openstack::params::exported_resources, - $enabled = $::openstack::params::enabled + $verbose = false, + $exported_resources = true, + $enabled = true, + # Required Network + $internal_address, + # Required Nova + $nova_user_password ) inherits openstack::params { + # Set iscsi ip address if not set + if ($iscsi_ip_address == undef) { + $real_iscsi_ip_address = $internal_address + } else { + $real_iscsi_ip_address = $iscsi_ip_address + } + + # Configure VNC variables + if ($vnc_enabled == true) { + if ($vncserver_listen == undef) { + $real_vncserver_listen = $internal_address + } else { + $real_vncserver_listen = $vncserver_listen + } + + if ($vncserver_proxyclient_address == undef) { + $real_vncserver_proxyclient_address = $internal_address + } else { + $real_vncserver_proxyclient_address = $vncserver_proxyclient_address + } + + if ($vncproxy_host == undef) { + if ($multi_host == true and $public_address != undef) { + $real_vncproxy_host = $public_address + } else { + fail('vncproxy_host must be set.') + } + } else { + # This should be the public IP of the cloud controller... + $real_vncproxy_host = $vncproxy_host + } + } else { + $real_vncserver_listen = undef + $real_vncserver_proxyclient_address = undef + $real_vncproxy_host = undef + } + # Install / configure nova-compute class { '::nova::compute': enabled => true, vnc_enabled => $vnc_enabled, - vncserver_proxyclient_address => $vncserver_proxyclient_address, - vncproxy_host => $vncproxy_host, + vncserver_proxyclient_address => $real_vncserver_proxyclient_address, + vncproxy_host => $real_vncproxy_host, } # Configure libvirt for nova-compute class { 'nova::compute::libvirt': libvirt_type => $libvirt_type, - vncserver_listen => $vncserver_listen, + vncserver_listen => $real_vncserver_listen, } # if the compute node should be configured as a multi-host diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp index 0ff235f..bc23cf3 100644 --- a/manifests/nova/controller.pp +++ b/manifests/nova/controller.pp @@ -8,43 +8,71 @@ # # See params.pp # +# === Examples +# +# class { 'openstack::nova::controller': +# public_address => '192.168.1.1', +# db_host => '127.0.0.1', +# rabbit_password => 'changeme', +# nova_user_password => 'changeme', +# nova_db_password => 'changeme', +# } +# class openstack::nova::controller ( # Network - $network_manager = $::openstack::params::network_manager, - $network_config = $::openstack::params::network_config, - $private_interface = $::openstack::params::private_interface, - $public_interface = $::openstack::params::public_interface, - $floating_range = $::openstack::params::floating_range, - $fixed_range = $::openstack::params::fixed_range, - $public_address = $::openstack::params::public_address, - $admin_address = $::openstack::params::admin_address, - $internal_address = $::openstack::params::internal_address, - $auto_assign_floating_ip = $::openstack::params::auto_assign_floating_ip, - $create_networks = $::openstack::params::create_networks, - $num_networks = $::openstack::params::num_networks, - $multi_host = $::openstack::params::multi_host, + $network_manager = 'nova.network.manager.FlatDHCPManager', + $network_config = {}, + $public_interface = 'eth0', + $private_interface = 'eth1', + $fixed_range = '10.0.0.0/24', + $floating_range = false, + $admin_address = undef, + $internal_address = undef, + $auto_assign_floating_ip = false, + $create_networks = true, + $num_networks = 1, + $multi_host = false, # Nova - $nova_user_password = $::openstack::params::nova_user_password, - $nova_db_user = $::openstack::params::nova_db_user, - $nova_db_password = $::openstack::params::nova_db_password, - $nova_db_dbname = $::openstack::params::nova_db_dbname, + $nova_db_user = 'nova', + $nova_db_dbname = 'nova', # Rabbit - $rabbit_user = $::openstack::params::rabbit_user, - $rabbit_password = $::openstack::params::rabbit_password, + $rabbit_user = 'nova', # Database - $db_type = $::openstack::params::db_type, - $db_host = $::openstack::params::db_host, + $db_type = 'mysql', # Glance - $glance_api_servers = $::openstack::params::glance_api_servers, + $glance_api_servers = undef, # VNC - $vnc_enabled = $::openstack::params::vnc_enabled, + $vnc_enabled = true, # General - $verbose = $::openstack::params::verbose, - $enabled = $::openstack::params::enabled, - $exported_resources = $::openstack::params::exported_resources + $verbose = false, + $enabled = true, + $exported_resources = true, + # Network Required + $public_address, + # Database Required + $db_host, + # Rabbit Required + $rabbit_password, + # Nova Required + $nova_user_password, + $nova_db_password, + ) inherits openstack::params { + # Configure admin_address and internal address if needed. + if (admin_address == undef) { + $real_admin_address = $public_address + } else { + $real_admin_address = $admin_address + } + + if (internal_address == undef) { + $real_internal_address = $public_address + } else { + $real_internal_address = $internal_address + } + # Configure the db string case $db_type { 'mysql': { @@ -52,8 +80,11 @@ class openstack::nova::controller ( } } - # Might need fixed - # $glance_api_servers = "${internal_address}:9292" + if ($glance_api_servers == undef) { + $real_glance_api_servers = "${public_address}:9292" + } else { + $real_glance_api_servers = $glance_api_servers + } if ($export_resources) { # export all of the things that will be needed by the clients @@ -63,7 +94,7 @@ class openstack::nova::controller ( @@nova_config { 'sql_connection': value => $nova_db } Nova_config <| title == 'sql_connection' |> - @@nova_config { 'glance_api_servers': value => $glance_api_servers } + @@nova_config { 'glance_api_servers': value => $real_glance_api_servers } Nova_config <| title == 'glance_api_servers' |> @@nova_config { 'novncproxy_base_url': value => "http://${public_address}:6080/vnc_auto.html" } @@ -73,7 +104,7 @@ class openstack::nova::controller ( $rabbit_connection = false } else { $sql_connection = $nova_db - $glance_connection = $glance_api_servers + $glance_connection = $real_glance_api_servers $rabbit_connection = $internal_address } @@ -148,7 +179,6 @@ class openstack::nova::controller ( class { [ 'nova::scheduler', 'nova::objectstore', - 'nova::volume', 'nova::cert', 'nova::consoleauth' ]: diff --git a/manifests/params.pp b/manifests/params.pp deleted file mode 100644 index 0d1ef06..0000000 --- a/manifests/params.pp +++ /dev/null @@ -1,362 +0,0 @@ -# -# == Class: Parameters -# -# Convenient location to store default parameters. -# Able to be overridden in individual classes. -# -# === Parameters -# -# ==== General -# -# [enabled] -# - Whether services should be enabled. This parameter can be used to -# implement services in active-passive modes for HA. Optional. -# - Defaults to true. -# -# [verbose] -# - If the services should log verbosely. Optional. -# - Defaults to false. -# -# [exported_resources] -# - Whether or not to use exported resources -# - Defautlts to true -# -# ==== Network -# -# [public_address] -# - Public address used by vnchost. Optional. -# - Defaults to ipaddress_eth0 -# -# [public_interface] -# - The interface used to route public traffic by the network service. Optional. -# - Defaults to eth0 -# -# [private_interface] -# - The private interface used to bridge the VMs into a common network. Optional. -# - Defaults to eth1 -# -# [internal_address] -# - Internal address used for management. -# - Defaults to ipaddress_eth1 -# -# [public_address] -# [admin_address] -# - IP addresses for Keystone services -# - default: ipaddress_eth0 -# -# [floating_range] -# - The floating ip range to be created. If it is false, then no floating ip range is created. Optional. -# - Defaults to false. -# -# [fixed_range] -# - The fixed private ip range to be created for the private VM network. Optional. -# - Defaults to '10.0.0.0/24'. -# -# [network_manager] -# - The network manager to use for the nova network service. Optional. -# - Defaults to 'nova.network.manager.FlatDHCPManager'. -# -# [iscsi_ip_address] -# - The IP address to use in the iscsi address -# - Defaults to $internal_address -# -# [auto_assign_floating_ip] -# - Rather configured to automatically allocate and assign a floating IP address to virtual instances when they are launched. -# - Defaults to false. -# -# [network_config] -# - Used to specify network manager specific parameters. Optional. -# - Defualts to {}. -# -# [create_networks] -# - Rather network and floating ips should be created. -# - Defaults to true -# -# [num_networks] -# - Number of networks that fixed range should be split into. -# - Defaults to 1 -# -# [multi_host] -# - Node should support multi-host networking mode for HA. -# - Optional. Defaults to false. -# -# -# ==== Virtualization -# -# [libvirt_type] -# - The virualization type being controlled by libvirt. Optional. -# - Defaults to 'kvm'. -# -# ==== Volumes -# -# [nova_volume] -# - The name of the volume group to use for nova volume allocation. Optional. -# - Defaults to 'nova-volumes'. -# -# [manage_volumes] -# - Rather nova-volume should be enabled on this compute node. -# - Defaults to false. -# -# ==== Database -# -# [db_type] -# - which type of database to use -# - Defaults to 'mysql' -# -# [db_host] -# - where the db server is located -# - default: 127.0.0.1 -# -# [sql_connection] -# - SQL connection information. -# - Defaults to false which indicates that exported resources will be used to determine connection information. -# -# ==== MySQL -# -# [mysql_root_password] -# - The root password to set for the mysql database. Optional. -# - Defaults to 'sql_pass'. -# -# [mysql_bind_address] -# - address for mysql to listen on -# - default: 0.0.0.0 -# -# [mysql_account_security] -# - whether to secure the mysql installation -# - default: true -# -# [allowed_hosts] -# - array of hosts that can access the mysql server -# - default: ['127.0.0.1'] -# -# ==== Rabbit -# -# [rabbit_password] -# - The password to use for the rabbitmq user. Optional. -# - Defaults to 'rabbit_pw' -# -# [rabbit_user] -# - The rabbitmq user to use for auth. Optional. -# - Defaults to 'nova'. -# -# [admin_email] -# - The admin's email address. Optional. -# - Defaults to 'root@localhost' -# -# [rabbit_host] -# - RabbitMQ host. False indicates it should be collected. -# - Defaults to false which indicates that exported resources will be used to determine connection information. -# -# ==== Keystone -# -# [keystone_db_user] -# - The name of the Keystone db user -# - Defaults to 'keystone' -# -# [keystone_db_password] -# - The default password for the keystone db user. Optional. -# - Defaults to 'keystone_pass'. -# -# [keystone_db_dbname] -# - The Keystone database name -# - Defaults to 'keystone' -# -# [keystone_admin_tenant] -# - The admin tenant name in Keystone -# - Defaults to 'admin' -# -# [keystone_admin_token] -# - The default auth token for keystone. Optional. -# - Defaults to 'keystone_admin_token'. -# -# [admin_email] -# - The email address for the Keystone admin user -# - Defaults to 'root@localhost' -# -# [admin_password] -# - The default password of the keystone admin. Optional. -# - Defaults to 'ChangeMe'. -# -# ==== Nova -# -# [nova_db_user] -# - The database user for Nova -# - Defaults to 'nova' -# -# [nova_db_password] -# - The nova db password. Optional. -# - Defaults to 'nova_pass'. -# -# [nova_user_password] -# - The password of the keystone user for the nova service. Optional. -# - Defaults to 'nova_pass'. -# -# [nova_db_dbname] -# - The database name for the Nova database -# - Defaults to 'nova' -# -# [purge_nova_config] -# - Whether unmanaged nova.conf entries should be purged. Optional. -# - Defaults to true. -# -# ==== Glance -# -# [glance_db_user] -# - The database user for Glance -# - Defaults to 'glance' -# -# [glance_db_password] -# - The password for the db user for glance. Optional. -# - Defaults to 'glance_pass'. -# -# [glance_user_password] -# - The password of the glance service user. Optional. -# - Defaults to 'glance_pass'. -# -# [glance_db_dbname] -# - The database name for the Glance database -# - Defaults to 'glance' -# -# [glance_api_servers] -# - List of glance api servers of the form HOST:PORT -# - Defaults to false which indicates that exported resources will be used to determine connection information. -# -# === Horizon related config - assumes puppetlabs-horizon code -# -# [secret_key] -# - secret key to encode cookies, -# - Defaults to 'dummy_secret_key' -# -# [cache_server_ip] -# - local memcached instance ip -# - Defaults to '127.0.0.1' -# -# [cache_server_port] -# - local memcached instance port -# - Defaults to '11211' -# -# [swift] -# - (bool) is swift installed -# - Defaults to false -# -# [quantum] -# - (bool) is quantum installed -# - Defaults to false -# -# [horizon_app_links] -# - array as in '[ ["Nagios","http://nagios_addr:port/path"],["Ganglia","http://ganglia_addr"] ]' -# - an array of arrays, that can be used to add call-out links to the dashboard for other apps. -# - There is no specific requirement for these apps to be for monitoring, that's just the defacto purpose. -# - Each app is defined in two parts, the display name, and the URI -# - Defaults to false -# -# === VNC -# -# [vnc_enabled] -# - Rather vnc console should be enabled. -# - Defaults to 'true', -# -# [vncserver_listen] -# - The address on the compute node where VNC should listen -# - Defaults to $internal_address -# -# [vncserver_proxyclient_address] -# - The address where the controller should contact the vnc server on the compute node -# - Defaults to $internal_address -# -# [vncproxy_host] -# - Host that serves as vnc proxy. This should be the public address of your controller. -# - Defaults to $public_address -# - -class openstack::params { - - # Generic - $enabled = true - $verbose = false - $exported_resources = true - - # Network - $public_address = $::ipaddress_eth0 - $public_interface = 'eth0' - $internal_address = $::ipaddress_eth1 - $admin_address = $internal_address - $private_interface = 'eth2' - $fixed_range = '192.168.30.0/24' - $floating_range = false - $network_manager = 'nova.network.manager.FlatDHCPManager' - $iscsi_ip_address = $internal_address - $auto_assign_floating_ip = false - $network_config = {} - $create_networks = true - $num_networks = 1 - $multi_host = false - - # Virtualization - $libvirt_type = 'qemu' - - # Volumes - $nova_volume = 'nova-volumes' - $manage_volumes = false - - # Database - $db_type = 'mysql' - $db_host = $internal_address - $sql_connection = false - - # MySQL params - $mysql_root_password = 'sql_pass' - $mysql_bind_address = '0.0.0.0' - $mysql_allowed_hosts = ['127.0.0.%', '10.0.0.%'] - $mysql_account_security = true - - # Rabbit params - $rabbit_password = 'rabbit_pw' - $rabbit_user = 'nova' - $rabbit_host = false - - # Keystone params - $keystone_db_user = 'keystone' - $keystone_db_password = 'keystone_pass' - $keystone_db_dbname = 'keystone' - $keystone_admin_tenant = 'admin' - $keystone_admin_token = 'keystone_admin_token' - $admin_email = 'root@localhost' - $admin_password = 'ChangeMe' - - # Glance params - $glance_db_user = 'glance' - $glance_db_password = 'glance_pass' - $glance_user_password = 'glance_pass' - $glance_db_dbname = 'glance' - $glance_api_servers = "${public_address}:9292" - - # Nova params - $nova_db_user = 'nova' - $nova_db_password = 'nova_pass' - $nova_user_password = 'nova_pass' - $nova_db_dbname = 'nova' - $purge_nova_config = true - - # Horizon params - $secret_key = 'dummy_secret_key' - $cache_server_ip = '127.0.0.1' - $cache_server_port = '11211' - $swift = false - $quantum = false - $horizon_app_links = undef - - # vnc - $vnc_enabled = true - $vncserver_listen = $internal_address - $vncserver_proxyclient_address = $internal_address - $vncproxy_host = $public_address - - # OS-specific params - case $::osfamily { - 'Debian': { - } - 'RedHat': { - } - } -} diff --git a/tests/all.pp b/tests/all.pp index 2f43b70..56758ee 100644 --- a/tests/all.pp +++ b/tests/all.pp @@ -1 +1,15 @@ -class { 'openstack::all': } +class { 'openstack::all': + public_address => $::ipaddress_eth0, + mysql_root_password => 'password', + rabbit_password => 'password', + keystone_db_password => 'password', + keystone_admin_token => '12345', + admin_email => 'root@localhost', + admin_password => 'password', + nova_db_password => 'password', + nova_user_password => 'password', + glance_db_password => 'password', + glance_user_password => 'password', + libvirt_type => 'qemu', + secret_key => '12345', +} diff --git a/tests/cloudcontroller.pp b/tests/cloudcontroller.pp index 31f396a..79b2453 100644 --- a/tests/cloudcontroller.pp +++ b/tests/cloudcontroller.pp @@ -1 +1,16 @@ -class { 'openstack::controller': } +class { 'openstack::controller': + public_address => $::ipaddress_eth0, + mysql_root_password => 'password', + allowed_hosts => ['127.0.0.%', '192.168.1.%'], + rabbit_password => 'password', + keystone_db_password => 'password', + keystone_admin_token => '12345', + admin_email => 'root@localhost', + admin_password => 'password', + nova_db_password => 'password', + nova_user_password => 'password', + glance_db_password => 'password', + glance_user_password => 'password', + secret_key => '12345', + exported_resources => false, +} diff --git a/tests/compute.pp b/tests/compute.pp index d0f3238..f5e122b 100644 --- a/tests/compute.pp +++ b/tests/compute.pp @@ -1,4 +1,10 @@ class { 'openstack::compute': - sql_connection => 'mysql://foo:bar@192.168.1.1/nova', - glance_api_servers => '192.168.1.1:9292', + exported_resources => false, + sql_connection => 'mysql://foo:bar@192.168.1.1/nova', + glance_api_servers => '192.168.1.1:9292', + internal_address => $::ipaddress_eth1, + rabbit_password => 'password', + nova_user_password => 'password', + libvirt_type => 'qemu', + vncproxy_host => '192.168.1.1', } From 1e95338230adccef6b660a5f56a3e863037e3b85 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Thu, 26 Jul 2012 10:30:10 -0700 Subject: [PATCH 03/43] temporary commit. This commit contains changes and notes related to the initial code review between joe topjian and myself. It is not intended to be merged, but it part of an ongoing collaboration for a refactor of this module. --- manifests/all.pp | 41 ++++++++++---------- manifests/auth_file.pp | 10 ++--- manifests/controller.pp | 5 +++ manifests/db/mysql.pp | 72 +++++++++++++++++++----------------- manifests/glance.pp | 42 ++++++--------------- manifests/horizon.pp | 2 +- manifests/keystone.pp | 8 ++++ manifests/nova/compute.pp | 71 ++++++++++------------------------- manifests/nova/controller.pp | 5 +-- manifests/test_file.pp | 2 +- 10 files changed, 113 insertions(+), 145 deletions(-) diff --git a/manifests/all.pp b/manifests/all.pp index b430cd5..d4002f6 100644 --- a/manifests/all.pp +++ b/manifests/all.pp @@ -30,6 +30,25 @@ # # class openstack::all ( + # Network Required + $public_address, + # MySQL Required + $mysql_root_password, + # Rabbit Required + $rabbit_password, + # Keystone Required + $keystone_db_password, + $keystone_admin_token, + $admin_email, + $admin_password, + # Nova Required + $nova_db_password, + $nova_user_password, + # Glance Required + $glance_db_password, + $glance_user_password, + # Horizon Required + $secret_key, # Network $public_interface = 'eth0', $private_interface = 'eth1', @@ -70,26 +89,7 @@ class openstack::all ( $vnc_enabled = true, # General $enabled = true, - $verbose = false, - # Network Required - $public_address, - # MySQL Required - $mysql_root_password, - # Rabbit Required - $rabbit_password, - # Keystone Required - $keystone_db_password, - $keystone_admin_token, - $admin_email, - $admin_password, - # Nova Required - $nova_db_password, - $nova_user_password, - # Glance Required - $glance_db_password, - $glance_user_password, - # Horizon Required - $secret_key, + $verbose = false ) inherits openstack::params { # set up mysql server @@ -112,6 +112,7 @@ class openstack::all ( } } } + ####### KEYSTONE ########### class { 'openstack::keystone': verbose => $verbose, diff --git a/manifests/auth_file.pp b/manifests/auth_file.pp index e0256d5..bd1bf7d 100644 --- a/manifests/auth_file.pp +++ b/manifests/auth_file.pp @@ -4,11 +4,11 @@ # against a keystone server. # class openstack::auth_file( - $admin_password = $::openstack::params::admin_password, - $public_address = $::openstack::params::public_address, - $keystone_admin_token = $::openstack::params::keystone_admin_token, - $admin_tenant = $::openstack::params::keystone_admin_tenant, - $admin_user = 'admin' + $admin_password, + $controller_node = '127.0.0.1', + $keystone_admin_token = 'keystone_admin_token', + $admin_user = 'admin', + $admin_tenant = 'openstack' ) { file { '/root/openrc': content => diff --git a/manifests/controller.pp b/manifests/controller.pp index 91d0127..0fc6726 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -84,6 +84,11 @@ class openstack::controller ( $secret_key ) inherits openstack::params { + + ## NOTE Class['glance::db::mysql'] -> Class['glance::registry'] + ## this dependency needs to exist (I forgot exactly why?) + # the db migration needs to happen after the dbs are created + # Configure admin_address and internal address if needed. if (admin_address == undef) { $real_admin_address = $public_address diff --git a/manifests/db/mysql.pp b/manifests/db/mysql.pp index 967c5b3..d57fe03 100644 --- a/manifests/db/mysql.pp +++ b/manifests/db/mysql.pp @@ -20,6 +20,12 @@ class openstack::db::mysql ( + # Required MySQL + # passwords + $mysql_root_password, + $keystone_db_password, + $glance_db_password, + $nova_db_password # MySQL $mysql_bind_address = '0.0.0.0', $mysql_account_security = true, @@ -32,50 +38,48 @@ class openstack::db::mysql ( # Nova $nova_db_user = 'nova', $nova_db_dbname = 'nova', - # Required MySQL - $allowed_hosts, - # Passwords - $mysql_root_password, - $keystone_db_password, - $glance_db_password, - $nova_db_password + $allowed_hosts = false, + $enabled = true ) { # Install and configure MySQL Server - class { 'mysql::server': - config_hash => { + class { 'mysql::server': + config_hash => { 'root_password' => $mysql_root_password, 'bind_address' => $mysql_bind_address, } + enabled => $enabled, } - # If enabled, secure the mysql installation - # This removes default users and guest access - if $mysql_account_security { - class { 'mysql::server::account_security': } - } + if $enabled { + # If enabled, secure the mysql installation + # This removes default users and guest access + if $mysql_account_security { + class { 'mysql::server::account_security': } + } - # Create the Keystone db - class { 'keystone::db::mysql': - user => $keystone_db_user, - password => $keystone_db_password, - dbname => $keystone_db_dbname, - allowed_hosts => $allowed_hosts, - } + # Create the Keystone db + class { 'keystone::db::mysql': + user => $keystone_db_user, + password => $keystone_db_password, + dbname => $keystone_db_dbname, + allowed_hosts => $allowed_hosts, + } - # Create the Glance db - class { 'glance::db::mysql': - user => $glance_db_user, - password => $glance_db_password, - dbname => $glance_db_dbname, - allowed_hosts => $allowed_hosts, - } + # Create the Glance db + class { 'glance::db::mysql': + user => $glance_db_user, + password => $glance_db_password, + dbname => $glance_db_dbname, + allowed_hosts => $allowed_hosts, + } - # Create the Nova db - class { 'nova::db::mysql': - user => $nova_db_user, - password => $nova_db_password, - dbname => $nova_db_dbname, - allowed_hosts => $allowed_hosts, + # Create the Nova db + class { 'nova::db::mysql': + user => $nova_db_user, + password => $nova_db_password, + dbname => $nova_db_dbname, + allowed_hosts => $allowed_hosts, + } } } diff --git a/manifests/glance.pp b/manifests/glance.pp index 8513778..69c04e6 100644 --- a/manifests/glance.pp +++ b/manifests/glance.pp @@ -17,35 +17,20 @@ # class { 'openstack::glance': # glance_user_password => 'changeme', # db_password => 'changeme', -# public_address => '192.168.1.1', # db_host => '127.0.0.1', # } class openstack::glance ( - $db_type = 'mysql', - $glance_db_user = 'glance', - $glance_db_dbname = 'glance', - $admin_address = undef, - $internal_address = undef, - $verbose = false, + $keystone_host, $db_host, $glance_user_password, $glance_db_password, - $public_address, -) inherits openstack::params { - - # Configure admin_address and internal address if needed. - if (admin_address == undef) { - $real_admin_address = $public_address - } else { - $real_admin_address = $admin_address - } - - if (internal_address == undef) { - $real_internal_address = $public_address - } else { - $real_internal_address = $internal_address - } + $db_type = 'mysql', + $glance_db_user = 'glance', + $glance_db_dbname = 'glance', + $verbose = false, + $enabled = true +) { # Configure the db string case $db_type { @@ -59,31 +44,28 @@ class openstack::glance ( log_verbose => $verbose, log_debug => $verbose, auth_type => 'keystone', + auth_port => '35357', keystone_tenant => 'services', keystone_user => 'glance', keystone_password => $glance_user_password, + enabled => $enabled, } # Install and configure glance-registry class { 'glance::registry': log_verbose => $verbose, log_debug => $verbose, + auth_host => $keystone_host, + auth_port => '35357', auth_type => 'keystone', keystone_tenant => 'services', keystone_user => 'glance', keystone_password => $glance_user_password, sql_connection => $sql_connection, + enabled => $enabled, } # Configure file storage backend class { 'glance::backend::file': } - # Configure Glance to use Keystone - class { 'glance::keystone::auth': - password => $glance_user_password, - public_address => $public_address, - admin_address => $real_admin_address, - internal_address => $real_internal_address, - } - } diff --git a/manifests/horizon.pp b/manifests/horizon.pp index 43e5055..cc9405a 100644 --- a/manifests/horizon.pp +++ b/manifests/horizon.pp @@ -10,7 +10,7 @@ # # === Examples # -# class { 'openstack::horizon': +# class { 'openstack::horizon': # secret_key => 'dummy_secret_key', # } # diff --git a/manifests/keystone.pp b/manifests/keystone.pp index 97f2757..292b962 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -69,6 +69,14 @@ class openstack::keystone ( internal_address => $real_internal_address, } + # Configure Glance to use Keystone + class { 'glance::keystone::auth': + password => $glance_user_password, + public_address => $public_address, + admin_address => $real_admin_address, + internal_address => $real_internal_address, + } + # Configure the Keystone database case $db_type { 'mysql': { diff --git a/manifests/nova/compute.pp b/manifests/nova/compute.pp index 8a81473..82ddb44 100644 --- a/manifests/nova/compute.pp +++ b/manifests/nova/compute.pp @@ -15,7 +15,18 @@ # nova_user_password => 'changeme', # } +# NOTE this file should not actually change from the old openstack::compute +# class its worth doing a diff of the old file to better understadn the differneces + +# +# NOTE move this to openstack::compute +# NOTE grab all of the missing logic from openstack::compute + class openstack::nova::compute ( + # Required Network + $internal_address, + # Required Nova + $nova_user_password, # Network $public_address = undef, $public_interface = 'eth0', @@ -29,65 +40,23 @@ class openstack::nova::compute ( # Volumes $nova_volume = 'nova-volumes', $manage_volumes = true, - $iscsi_ip_address = undef, + $iscsi_ip_address = $internal_address, # VNC $vnc_enabled = true, - $vncserver_listen = undef, $vncserver_proxyclient_address = undef, $vncproxy_host = undef, # General $verbose = false, $exported_resources = true, - $enabled = true, - # Required Network - $internal_address, - # Required Nova - $nova_user_password -) inherits openstack::params { - - # Set iscsi ip address if not set - if ($iscsi_ip_address == undef) { - $real_iscsi_ip_address = $internal_address - } else { - $real_iscsi_ip_address = $iscsi_ip_address - } - - # Configure VNC variables - if ($vnc_enabled == true) { - if ($vncserver_listen == undef) { - $real_vncserver_listen = $internal_address - } else { - $real_vncserver_listen = $vncserver_listen - } - - if ($vncserver_proxyclient_address == undef) { - $real_vncserver_proxyclient_address = $internal_address - } else { - $real_vncserver_proxyclient_address = $vncserver_proxyclient_address - } - - if ($vncproxy_host == undef) { - if ($multi_host == true and $public_address != undef) { - $real_vncproxy_host = $public_address - } else { - fail('vncproxy_host must be set.') - } - } else { - # This should be the public IP of the cloud controller... - $real_vncproxy_host = $vncproxy_host - } - } else { - $real_vncserver_listen = undef - $real_vncserver_proxyclient_address = undef - $real_vncproxy_host = undef - } + $enabled = true +) { # Install / configure nova-compute class { '::nova::compute': enabled => true, vnc_enabled => $vnc_enabled, - vncserver_proxyclient_address => $real_vncserver_proxyclient_address, - vncproxy_host => $real_vncproxy_host, + vncserver_proxyclient_address => $internal_address, + vncproxy_host => $vncproxy_host, } # Configure libvirt for nova-compute @@ -109,7 +78,7 @@ class openstack::nova::compute ( } $enable_network_service = true class { 'nova::api': - enabled => $enabled, + enabled => true, admin_tenant_name => 'services', admin_user => 'nova', admin_password => $nova_user_password, @@ -128,10 +97,10 @@ class openstack::nova::compute ( private_interface => $private_interface, public_interface => $public_interface, fixed_range => $fixed_range, - floating_range => false, # double check + floating_range => false, network_manager => $network_manager, config_overrides => $network_config, - create_networks => false, # double check + create_networks => false, enabled => $enable_network_service, install_service => $enable_network_service, } @@ -145,7 +114,7 @@ class openstack::nova::compute ( if $enabled { class { 'nova::volume::iscsi': volume_group => $nova_volume, - iscsi_ip_address => $internal_address, + iscsi_ip_address => $iscsi_ip_address, } } } diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp index bc23cf3..cd6a9cc 100644 --- a/manifests/nova/controller.pp +++ b/manifests/nova/controller.pp @@ -85,7 +85,6 @@ class openstack::nova::controller ( } else { $real_glance_api_servers = $glance_api_servers } - if ($export_resources) { # export all of the things that will be needed by the clients @@nova_config { 'rabbit_host': value => $internal_address } @@ -108,11 +107,11 @@ class openstack::nova::controller ( $rabbit_connection = $internal_address } - # Install / configure rabbitmq class { 'nova::rabbitmq': userid => $rabbit_user, password => $rabbit_password, + enabled => $enabled, } # Configure Nova to use Keystone @@ -148,7 +147,7 @@ class openstack::nova::controller ( if $enabled == true { $enable_network_service = true } else { - $enable_network-service = false + $enable_network_service = false } } diff --git a/manifests/test_file.pp b/manifests/test_file.pp index 564e1e7..b39a1a4 100644 --- a/manifests/test_file.pp +++ b/manifests/test_file.pp @@ -23,6 +23,6 @@ class openstack::test_file( file { $path: content => template('openstack/test_nova.sh.erb'), - } + } } From 55f7f2b01c4c4cefcfe66e70c2cdbdfff273baad Mon Sep 17 00:00:00 2001 From: Joe Topjian Date: Mon, 30 Jul 2012 17:09:32 +0000 Subject: [PATCH 04/43] Further edits. --- manifests/all.pp | 31 +++-- manifests/auth_file.pp | 3 +- manifests/compute.pp | 161 ------------------------- manifests/controller.pp | 225 +++++++++++++++++------------------ manifests/db/mysql.pp | 55 ++++----- manifests/glance.pp | 8 +- manifests/horizon.pp | 34 ++++-- manifests/keystone.pp | 66 +++++----- manifests/nova/compute.pp | 62 ++++++++-- manifests/nova/controller.pp | 13 +- tests/compute.pp | 2 +- 11 files changed, 276 insertions(+), 384 deletions(-) delete mode 100644 manifests/compute.pp diff --git a/manifests/all.pp b/manifests/all.pp index d4002f6..4bd12fb 100644 --- a/manifests/all.pp +++ b/manifests/all.pp @@ -68,6 +68,7 @@ class openstack::all ( # Keystone $keystone_db_user = 'keystone', $keystone_db_dbname = 'keystone', + $keystone_admin_tenant = 'admin', # Nova $nova_db_user = 'nova', $nova_db_dbname = 'nova', @@ -89,8 +90,13 @@ class openstack::all ( $vnc_enabled = true, # General $enabled = true, - $verbose = false -) inherits openstack::params { + $verbose = 'False' +) { + + # Ensure things are run in order + Class['openstack::db::mysql'] -> Class['openstack::keystone'] + Class['openstack::db::mysql'] -> Class['openstack::glance'] + Class['openstack::db::mysql'] -> Class['openstack::nova::controller'] # set up mysql server case $db_type { @@ -122,11 +128,14 @@ class openstack::all ( keystone_db_dbname => $keystone_db_dbname, keystone_db_user => $keystone_db_user, keystone_admin_token => $keystone_admin_token, + keystone_admin_tenant => $keystone_admin_tenant, admin_email => $admin_email, admin_password => $admin_password, public_address => $public_address, internal_address => '127.0.0.1', - admin_address => '127.0.0.1', + admin_address => '127.0.0.1', + glance_user_password => $glance_user_password, + nova_user_password => $nova_user_password, } ######## GLANCE ########## @@ -138,9 +147,6 @@ class openstack::all ( glance_db_dbname => $glance_db_dbname, glance_db_password => $glance_db_password, glance_user_password => $glance_user_password, - public_address => $public_address, - admin_address => '127.0.0.1', - internal_address => '127.0.0.1', } ######## NOVA ########### @@ -208,11 +214,11 @@ class openstack::all ( iscsi_ip_address => '127.0.0.1', # VNC vnc_enabled => $vnc_enabled, - vncserver_listen => $vnc_server_listen, - vncserver_proxyclient_address => '127.0.0.1', - vncproxy_host => '127.0.0.1', + vncproxy_host => $public_address, # Nova nova_user_password => $nova_user_password, + # Rabbit + rabbit_password => $rabbit_password, # General verbose => $verbose, exported_resources => false, @@ -230,6 +236,11 @@ class openstack::all ( } ######## auth file ######## - class { 'openstack::auth_file': } + class { 'openstack::auth_file': + public_address => $public_address, + admin_password => $admin_password, + keystone_admin_token => $keystone_admin_token, + admin_tenant => $keystone_admin_tenant, + } } diff --git a/manifests/auth_file.pp b/manifests/auth_file.pp index bd1bf7d..f35ef8c 100644 --- a/manifests/auth_file.pp +++ b/manifests/auth_file.pp @@ -5,10 +5,11 @@ # class openstack::auth_file( $admin_password, + $public_address, $controller_node = '127.0.0.1', $keystone_admin_token = 'keystone_admin_token', $admin_user = 'admin', - $admin_tenant = 'openstack' + $admin_tenant = 'admin' ) { file { '/root/openrc': content => diff --git a/manifests/compute.pp b/manifests/compute.pp deleted file mode 100644 index 318b0df..0000000 --- a/manifests/compute.pp +++ /dev/null @@ -1,161 +0,0 @@ -# -# == Class: openstack::compute -# -# This class is intended to serve as -# a way of deploying compute nodes. -# -# This currently makes the following assumptions: -# - libvirt is used to manage the hypervisors -# - flatdhcp networking is used -# - glance is used as the backend for the image service -# -# === Parameters -# -# See params.pp -# -# === Examples -# -# class { 'openstack::compute': -# internal_address => '192.168.1.12', -# vncproxy_host => '192.168.1.1', -# nova_user_password => 'changeme', -# rabbit_password => 'changeme', -# } -# - -class openstack::compute ( - # Network - $public_address = undef, - $public_interface = 'eth0', - $private_interface = 'eth1', - $fixed_range = '10.0.0.0/24', - $network_manager = 'nova.network.manager.FlatDHCPManager', - $multi_host = false, - $network_config = {}, - # DB - $sql_connection = false, - # Nova - $purge_nova_config = true, - # Rabbit - $rabbit_host = false, - $rabbit_user = 'nova', - # Glance - $glance_api_servers = false, - # Virtualization - $libvirt_type = 'kvm', - # VNC - $vnc_enabled = true, - $vncserver_listen = undef, - $vncproxy_host = undef, - $vncserver_proxyclient_address = undef, - # Volumes - $manage_volumes = true, - $nova_volume = 'nova-volumes', - # General - $verbose = false, - $exported_resources = true, - $enabled = true, - # Required Network - $internal_address, - # Required Nova - $nova_user_password, - # Required Rabbit - $rabbit_password -) inherits openstack::params { - - # - # indicates that all nova config entries that we did - # not specifify in Puppet should be purged from file - # - if ($purge_nova_config) { - resources { 'nova_config': - purge => true, - } - } - - if $exported_resources { - Nova_config <<||>> - $final_sql_connection = false - $glance_connection = false - $rabbit_connection = false - } else { - $final_sql_connection = $sql_connection - $glance_connection = $glance_api_servers - $rabbit_connection = $rabbit_host - } - - # Configure Nova - if $enabled { - class { 'nova': - sql_connection => $final_sql_connection, - rabbit_userid => $rabbit_user, - rabbit_password => $rabbit_password, - image_service => 'nova.image.glance.GlanceImageService', - glance_api_servers => $glance_connection, - verbose => $verbose, - rabbit_host => $rabbit_connection, - } - } - - # Configure VNC variables - if ($vnc_enabled == true) { - if ($vncserver_listen == undef) { - $real_vncserver_listen = $internal_address - } else { - $real_vncserver_listen = $vncserver_listen - } - - if ($vncserver_proxyclient_address == undef) { - $real_vncserver_proxyclient_address = $internal_address - } else { - $real_vncserver_proxyclient_address = $vncserver_proxyclient_address - } - - if ($vncproxy_host == undef) { - if ($multi_host == true and $public_address != undef) { - $real_vncproxy_host = $public_address - } else { - fail('vncproxy_host must be set.') - } - } else { - # This should be the public IP of the cloud controller... - $real_vncproxy_host = $vncproxy_host - } - } else { - $real_vncserver_listen = undef - $real_vncserver_proxyclient_address = undef - $real_vncproxy_host = undef - } - - if $enabled { - class { 'openstack::nova::compute': - # Network - public_address => $public_address, - internal_address => $internal_address, - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - network_manager => $network_manager, - network_config => $network_config, - multi_host => $multi_host, - # Virtualization - libvirt_type => $libvirt_type, - # Volumes - nova_volume => $nova_volume, - manage_volumes => $manage_volumes, - iscsi_ip_address => $iscsi_ip_address, - # VNC - vnc_enabled => $vnc_enabled, - vncserver_listen => $real_vncserver_listen, - vncserver_proxyclient_address => $real_vncserver_proxyclient_address, - vncproxy_host => $real_vncproxy_host, - # Nova - nova_user_password => $nova_user_password, - # General - verbose => $verbose, - exported_resources => $exported_resources, - enabled => $enabled, - } - } - -} diff --git a/manifests/controller.pp b/manifests/controller.pp index 0fc6726..ecbc2e4 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -23,11 +23,28 @@ # } # class openstack::controller ( + # Required Network + $public_address, + # Required Database + $mysql_root_password, + # Required Keystone + $admin_email, + $admin_password, + $keystone_db_password, + $keystone_admin_token, + # Required Glance + $glance_db_password, + $glance_user_password, + # Required Nova + $nova_db_password, + $nova_user_password, + # Required Horizon + $secret_key, # Network $public_interface = 'eth0', $private_interface = 'eth1', - $internal_address = undef, - $admin_address = undef, + $internal_address = $public_address, + $admin_address = $public_address, $network_manager = 'nova.network.manager.FlatDHCPManager', $fixed_range = '10.0.0.0/24', $floating_range = false, @@ -44,6 +61,7 @@ class openstack::controller ( # Keystone $keystone_db_user = 'keystone', $keystone_db_dbname = 'keystone', + $keystone_admin_tenant = 'admin', # Glance $glance_db_user = 'glance', $glance_db_dbname = 'glance', @@ -64,100 +82,66 @@ class openstack::controller ( # General $verbose = false, $exported_resources = true, - $enabled = true, - # Required Network - $public_address, - # Required Database - $mysql_root_password, - # Required Keystone - $admin_email, - $admin_password, - $keystone_db_password, - $keystone_admin_token, - # Required Glance - $glance_db_password, - $glance_user_password, - # Required Nova - $nova_db_password, - $nova_user_password, - # Required Horizon - $secret_key -) inherits openstack::params { + $enabled = true +) { - - ## NOTE Class['glance::db::mysql'] -> Class['glance::registry'] - ## this dependency needs to exist (I forgot exactly why?) - # the db migration needs to happen after the dbs are created - - # Configure admin_address and internal address if needed. - if (admin_address == undef) { - $real_admin_address = $public_address - } else { - $real_admin_address = $admin_address - } - - if (internal_address == undef) { - $real_internal_address = $public_address - } else { - $real_internal_address = $internal_address - } + # Ensure things are run in order + Class['openstack::db::mysql'] -> Class['openstack::keystone'] + Class['openstack::db::mysql'] -> Class['openstack::glance'] + Class['openstack::db::mysql'] -> Class['openstack::nova::controller'] ####### DATABASE SETUP ###### - if $enabled { - # set up mysql server - case $db_type { - 'mysql': { - class { 'openstack::db::mysql': - mysql_root_password => $mysql_root_password, - mysql_bind_address => $mysql_bind_address, - mysql_account_security => $mysql_account_security, - allowed_hosts => $allowed_hosts, - keystone_db_user => $keystone_db_user, - keystone_db_password => $keystone_db_password, - keystone_db_dbname => $keystone_db_dbname, - glance_db_user => $glance_db_user, - glance_db_password => $glance_db_password, - glance_db_dbname => $glance_db_dbname, - nova_db_user => $nova_db_user, - nova_db_password => $nova_db_password, - nova_db_dbname => $nova_db_dbname, - } + # set up mysql server + case $db_type { + 'mysql': { + class { 'openstack::db::mysql': + mysql_root_password => $mysql_root_password, + mysql_bind_address => $mysql_bind_address, + mysql_account_security => $mysql_account_security, + keystone_db_user => $keystone_db_user, + keystone_db_password => $keystone_db_password, + keystone_db_dbname => $keystone_db_dbname, + glance_db_user => $glance_db_user, + glance_db_password => $glance_db_password, + glance_db_dbname => $glance_db_dbname, + nova_db_user => $nova_db_user, + nova_db_password => $nova_db_password, + nova_db_dbname => $nova_db_dbname, + allowed_hosts => $allowed_hosts, } } } ####### KEYSTONE ########### - if ($enabled) { - class { 'openstack::keystone': - verbose => $verbose, - db_type => $db_type, - db_host => '127.0.0.1', - keystone_db_password => $keystone_db_password, - keystone_db_dbname => $keystone_db_dbname, - keystone_db_user => $keystone_db_user, - keystone_admin_token => $keystone_admin_token, - admin_email => $admin_email, - admin_password => $admin_password, - public_address => $public_address, - internal_address => $internal_address, - admin_address => $admin_address, - } + class { 'openstack::keystone': + verbose => $verbose, + db_type => $db_type, + db_host => '127.0.0.1', + keystone_db_password => $keystone_db_password, + keystone_db_dbname => $keystone_db_dbname, + keystone_db_user => $keystone_db_user, + keystone_admin_token => $keystone_admin_token, + keystone_admin_tenant => $keystone_admin_tenant, + admin_email => $admin_email, + admin_password => $admin_password, + public_address => $public_address, + internal_address => $internal_address, + admin_address => $admin_address, + glance_user_password => $glance_user_password, + nova_user_password => $nova_user_password, + enabled => $enabled, } ######## BEGIN GLANCE ########## - if ($enabled) { - class { 'openstack::glance': - verbose => $verbose, - db_type => $db_type, - db_host => '127.0.0.1', - glance_db_user => $glance_db_user, - glance_db_dbname => $glance_db_dbname, - glance_db_password => $glance_db_password, - glance_user_password => $glance_user_password, - public_address => $public_address, - admin_address => $admin_address, - internal_address => $internal_addrss, - } + class { 'openstack::glance': + verbose => $verbose, + db_type => $db_type, + db_host => '127.0.0.1', + glance_db_user => $glance_db_user, + glance_db_dbname => $glance_db_dbname, + glance_db_password => $glance_db_password, + glance_user_password => $glance_user_password, + enabled => $enabled, } ######## BEGIN NOVA ########### @@ -171,39 +155,37 @@ class openstack::controller ( } } - if $enabled { - class { 'openstack::nova::controller': - # Database - db_host => '127.0.0.1', - # Network - network_manager => $network_manager, - network_config => $network_config, - private_interface => $private_interface, - public_interface => $public_interface, - floating_range => $floating_range, - fixed_range => $fixed_range, - public_address => $public_address, - admin_address => $admin_address, - internal_address => $internal_address, - auto_assign_floating_ip => $auto_assign_floating_ip, - create_networks => $create_networks, - num_networks => $num_networks, - multi_host => $multi_host, - # Nova - nova_user_password => $nova_user_password, - nova_db_password => $nova_db_password, - nova_db_user => $nova_db_user, - nova_db_dbname => $nova_db_dbname, - # Rabbit - rabbit_user => $rabbit_user, - rabbit_password => $rabbit_password, - # Glance - glance_api_servers => $glance_api_servers, - # General - verbose => $verbose, - enabled => $enabled, - exported_resources => $exported_resources, - } + class { 'openstack::nova::controller': + # Database + db_host => '127.0.0.1', + # Network + network_manager => $network_manager, + network_config => $network_config, + private_interface => $private_interface, + public_interface => $public_interface, + floating_range => $floating_range, + fixed_range => $fixed_range, + public_address => $public_address, + admin_address => $admin_address, + internal_address => $internal_address, + auto_assign_floating_ip => $auto_assign_floating_ip, + create_networks => $create_networks, + num_networks => $num_networks, + multi_host => $multi_host, + # Nova + nova_user_password => $nova_user_password, + nova_db_password => $nova_db_password, + nova_db_user => $nova_db_user, + nova_db_dbname => $nova_db_dbname, + # Rabbit + rabbit_user => $rabbit_user, + rabbit_password => $rabbit_password, + # Glance + glance_api_servers => $glance_api_servers, + # General + verbose => $verbose, + enabled => $enabled, + exported_resources => $exported_resources, } ######## Horizon ######## @@ -217,5 +199,10 @@ class openstack::controller ( } ######## auth file ######## - class { 'openstack::auth_file': } + class { 'openstack::auth_file': + public_address => $public_address, + admin_password => $admin_password, + keystone_admin_token => $keystone_admin_token, + admin_tenant => $keystone_admin_tenant, + } } diff --git a/manifests/db/mysql.pp b/manifests/db/mysql.pp index d57fe03..69b1e09 100644 --- a/manifests/db/mysql.pp +++ b/manifests/db/mysql.pp @@ -25,7 +25,7 @@ class openstack::db::mysql ( $mysql_root_password, $keystone_db_password, $glance_db_password, - $nova_db_password + $nova_db_password, # MySQL $mysql_bind_address = '0.0.0.0', $mysql_account_security = true, @@ -47,39 +47,36 @@ class openstack::db::mysql ( config_hash => { 'root_password' => $mysql_root_password, 'bind_address' => $mysql_bind_address, - } + }, enabled => $enabled, } - if $enabled { - # If enabled, secure the mysql installation - # This removes default users and guest access - if $mysql_account_security { - class { 'mysql::server::account_security': } - } + # This removes default users and guest access + if $mysql_account_security { + class { 'mysql::server::account_security': } + } - # Create the Keystone db - class { 'keystone::db::mysql': - user => $keystone_db_user, - password => $keystone_db_password, - dbname => $keystone_db_dbname, - allowed_hosts => $allowed_hosts, - } + # Create the Keystone db + class { 'keystone::db::mysql': + user => $keystone_db_user, + password => $keystone_db_password, + dbname => $keystone_db_dbname, + allowed_hosts => $allowed_hosts, + } - # Create the Glance db - class { 'glance::db::mysql': - user => $glance_db_user, - password => $glance_db_password, - dbname => $glance_db_dbname, - allowed_hosts => $allowed_hosts, - } + # Create the Glance db + class { 'glance::db::mysql': + user => $glance_db_user, + password => $glance_db_password, + dbname => $glance_db_dbname, + allowed_hosts => $allowed_hosts, + } - # Create the Nova db - class { 'nova::db::mysql': - user => $nova_db_user, - password => $nova_db_password, - dbname => $nova_db_dbname, - allowed_hosts => $allowed_hosts, - } + # Create the Nova db + class { 'nova::db::mysql': + user => $nova_db_user, + password => $nova_db_password, + dbname => $nova_db_dbname, + allowed_hosts => $allowed_hosts, } } diff --git a/manifests/glance.pp b/manifests/glance.pp index 69c04e6..ad4a60f 100644 --- a/manifests/glance.pp +++ b/manifests/glance.pp @@ -21,14 +21,15 @@ # } class openstack::glance ( - $keystone_host, $db_host, $glance_user_password, $glance_db_password, + $keystone_host = '127.0.0.1', + $auth_uri = "http://${keystone_host}:5000/", $db_type = 'mysql', $glance_db_user = 'glance', $glance_db_dbname = 'glance', - $verbose = false, + $verbose = 'False', $enabled = true ) { @@ -45,6 +46,8 @@ class openstack::glance ( log_debug => $verbose, auth_type => 'keystone', auth_port => '35357', + auth_uri => $auth_uri, + auth_host => $keystone_host, keystone_tenant => 'services', keystone_user => 'glance', keystone_password => $glance_user_password, @@ -58,6 +61,7 @@ class openstack::glance ( auth_host => $keystone_host, auth_port => '35357', auth_type => 'keystone', + auth_uri => $auth_uri, keystone_tenant => 'services', keystone_user => 'glance', keystone_password => $glance_user_password, diff --git a/manifests/horizon.pp b/manifests/horizon.pp index cc9405a..93ecc30 100644 --- a/manifests/horizon.pp +++ b/manifests/horizon.pp @@ -4,6 +4,10 @@ # Class to install / configure horizon. # Will eventually include apache and ssl. # +# NOTE: Will the inclusion of memcache be an issue? +# Such as if the server already has memcache installed? +# -jtopjian +# # === Parameters # # See params.pp @@ -16,12 +20,17 @@ # class openstack::horizon ( - $cache_server_ip = '127.0.0.1', - $cache_server_port = '11211', - $swift = false, - $quantum = false, - $horizon_app_links = undef, - $secret_key + $secret_key, + $cache_server_ip = '127.0.0.1', + $cache_server_port = '11211', + $swift = false, + $quantum = false, + $horizon_app_links = undef, + $keystone_host = '127.0.0.1', + $keystone_scheme = 'http', + $keystone_default_role = 'Member', + $django_debug = 'False', + $api_result_limit = 1000 ) { class { 'memcached': @@ -31,9 +40,14 @@ class openstack::horizon ( } class { '::horizon': - secret_key => $secret_key, - swift => $swift, - quantum => $quantum, - horizon_app_links => $horizon_app_links, + secret_key => $secret_key, + swift => $swift, + quantum => $quantum, + horizon_app_links => $horizon_app_links, + keystone_host => $keystone_host, + keystone_scheme => $keystone_scheme, + keystone_default_role => $keystone_default_role, + django_debug => $django_debug, + api_result_limit => $api_result_limit, } } diff --git a/manifests/keystone.pp b/manifests/keystone.pp index 292b962..32466df 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -19,33 +19,26 @@ # } class openstack::keystone ( - $db_type = 'mysql', - $keystone_db_user = 'keystone', - $keystone_db_dbname = 'keystone', - $keystone_admin_tenant = 'admin', - $admin_address = undef, - $internal_address = undef, - $verbose = false, $db_host, $keystone_db_password, $keystone_admin_token, $admin_email, $admin_password, - $public_address -) inherits openstack::params { - - # Configure admin_address and internal address if needed. - if (admin_address == undef) { - $real_admin_address = $public_address - } else { - $real_admin_address = $admin_address - } - - if (internal_address == undef) { - $real_internal_address = $public_address - } else { - $real_internal_address = $internal_address - } + $glance_user_password, + $nova_user_password, + $public_address, + $db_type = 'mysql', + $keystone_db_user = 'keystone', + $keystone_db_dbname = 'keystone', + $keystone_admin_tenant = 'admin', + $verbose = 'False', + $bind_host = '0.0.0.0', + $admin_address = $public_address, + $internal_address = $public_address, + $glance = true, + $nova = true, + $enabled = true, +) { # Install and configure Keystone class { '::keystone': @@ -53,6 +46,7 @@ class openstack::keystone ( log_debug => $verbose, catalog_type => 'sql', admin_token => $keystone_admin_token, + enabled => $enabled, } # Setup the admin user @@ -65,16 +59,28 @@ class openstack::keystone ( # Setup the Keystone Identity Endpoint class { 'keystone::endpoint': public_address => $public_address, - admin_address => $real_admin_address, - internal_address => $real_internal_address, + admin_address => $admin_address, + internal_address => $internal_address, } - # Configure Glance to use Keystone - class { 'glance::keystone::auth': - password => $glance_user_password, - public_address => $public_address, - admin_address => $real_admin_address, - internal_address => $real_internal_address, + # Configure Glance endpoint in Keystone + if $glance { + class { 'glance::keystone::auth': + password => $glance_user_password, + public_address => $public_address, + admin_address => $admin_address, + internal_address => $internal_address, + } + } + + # Configure Nova endpoint in Keystone + if $nova { + class { 'nova::keystone::auth': + password => $nova_user_password, + public_address => $public_address, + admin_address => $admin_address, + internal_address => $internal_address, + } } # Configure the Keystone database diff --git a/manifests/nova/compute.pp b/manifests/nova/compute.pp index 82ddb44..18837cd 100644 --- a/manifests/nova/compute.pp +++ b/manifests/nova/compute.pp @@ -1,5 +1,5 @@ # -# == Class: openstack::nova::compute +# == Class: openstack::compute # # Manifest to install/configure nova-compute and nova-volume # @@ -15,18 +15,13 @@ # nova_user_password => 'changeme', # } -# NOTE this file should not actually change from the old openstack::compute -# class its worth doing a diff of the old file to better understadn the differneces - -# -# NOTE move this to openstack::compute -# NOTE grab all of the missing logic from openstack::compute - class openstack::nova::compute ( # Required Network $internal_address, # Required Nova $nova_user_password, + # Required Rabbit + $rabbit_password, # Network $public_address = undef, $public_interface = 'eth0', @@ -35,6 +30,15 @@ class openstack::nova::compute ( $network_manager = 'nova.network.manager.FlatDHCPManager', $network_config = {}, $multi_host = false, + # DB + $sql_connection = false, + # Nova + $purge_nova_config = true, + # Rabbit + $rabbit_host = false, + $rabbit_user = 'nova', + # Glance + $glance_api_servers = false, # Virtualization $libvirt_type = 'kvm', # Volumes @@ -43,7 +47,6 @@ class openstack::nova::compute ( $iscsi_ip_address = $internal_address, # VNC $vnc_enabled = true, - $vncserver_proxyclient_address = undef, $vncproxy_host = undef, # General $verbose = false, @@ -51,9 +54,45 @@ class openstack::nova::compute ( $enabled = true ) { + # + # indicates that all nova config entries that we did + # not specifify in Puppet should be purged from file + # + if ! defined( Resources[nova_config] ) { + if ($purge_nova_config) { + resources { 'nova_config': + purge => true, + } + } + } + + if $exported_resources { + Nova_config <<||>> + $final_sql_connection = false + $glance_connection = false + $rabbit_connection = false + } else { + $final_sql_connection = $sql_connection + $glance_connection = $glance_api_servers + $rabbit_connection = $rabbit_host + } + + # Configure Nova + if ! defined( Class[nova] ) { + class { 'nova': + sql_connection => $final_sql_connection, + rabbit_userid => $rabbit_user, + rabbit_password => $rabbit_password, + image_service => 'nova.image.glance.GlanceImageService', + glance_api_servers => $glance_connection, + verbose => $verbose, + rabbit_host => $rabbit_connection, + } + } + # Install / configure nova-compute class { '::nova::compute': - enabled => true, + enabled => $enabled, vnc_enabled => $vnc_enabled, vncserver_proxyclient_address => $internal_address, vncproxy_host => $vncproxy_host, @@ -62,7 +101,7 @@ class openstack::nova::compute ( # Configure libvirt for nova-compute class { 'nova::compute::libvirt': libvirt_type => $libvirt_type, - vncserver_listen => $real_vncserver_listen, + vncserver_listen => $internal_address, } # if the compute node should be configured as a multi-host @@ -92,6 +131,7 @@ class openstack::nova::compute ( } # set up configuration for networking + # NOTE should the if block be removed? -jtopjian if $enable_network_service { class { 'nova::network': private_interface => $private_interface, diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp index cd6a9cc..e58fee9 100644 --- a/manifests/nova/controller.pp +++ b/manifests/nova/controller.pp @@ -58,7 +58,7 @@ class openstack::nova::controller ( $nova_user_password, $nova_db_password, -) inherits openstack::params { +) { # Configure admin_address and internal address if needed. if (admin_address == undef) { @@ -114,14 +114,6 @@ class openstack::nova::controller ( enabled => $enabled, } - # Configure Nova to use Keystone - class { 'nova::keystone::auth': - password => $nova_user_password, - public_address => $public_address, - admin_address => $admin_address, - internal_address => $internal_address, - } - # Configure Nova class { 'nova': sql_connection => $sql_connection, @@ -181,9 +173,10 @@ class openstack::nova::controller ( 'nova::cert', 'nova::consoleauth' ]: - enabled => true + enabled => $enabled, } + # NOTE should this just be enabled => $vnc_enabled? -jtopjian if $vnc_enabled { class { 'nova::vncproxy': enabled => true, diff --git a/tests/compute.pp b/tests/compute.pp index f5e122b..6dd835d 100644 --- a/tests/compute.pp +++ b/tests/compute.pp @@ -1,4 +1,4 @@ -class { 'openstack::compute': +class { 'openstack::nova::compute': exported_resources => false, sql_connection => 'mysql://foo:bar@192.168.1.1/nova', glance_api_servers => '192.168.1.1:9292', From 0f7f03284c8603e94b0d29548666c7106999b558 Mon Sep 17 00:00:00 2001 From: Joe Topjian Date: Mon, 6 Aug 2012 18:38:56 +0000 Subject: [PATCH 05/43] Further edits --- manifests/controller.pp | 7 +++--- manifests/nova/compute.pp | 2 +- manifests/nova/controller.pp | 44 ++++++++++++------------------------ 3 files changed, 19 insertions(+), 34 deletions(-) diff --git a/manifests/controller.pp b/manifests/controller.pp index ecbc2e4..eb16db9 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -54,6 +54,7 @@ class openstack::controller ( $auto_assign_floating_ip = false, $network_config = {}, # Database + $db_host = '127.0.0.1', $db_type = 'mysql', $mysql_account_security = true, $mysql_bind_address = '0.0.0.0', @@ -116,7 +117,7 @@ class openstack::controller ( class { 'openstack::keystone': verbose => $verbose, db_type => $db_type, - db_host => '127.0.0.1', + db_host => $db_host, keystone_db_password => $keystone_db_password, keystone_db_dbname => $keystone_db_dbname, keystone_db_user => $keystone_db_user, @@ -136,7 +137,7 @@ class openstack::controller ( class { 'openstack::glance': verbose => $verbose, db_type => $db_type, - db_host => '127.0.0.1', + db_host => $db_host, glance_db_user => $glance_db_user, glance_db_dbname => $glance_db_dbname, glance_db_password => $glance_db_password, @@ -157,7 +158,7 @@ class openstack::controller ( class { 'openstack::nova::controller': # Database - db_host => '127.0.0.1', + db_host => $db_host, # Network network_manager => $network_manager, network_config => $network_config, diff --git a/manifests/nova/compute.pp b/manifests/nova/compute.pp index 18837cd..5253272 100644 --- a/manifests/nova/compute.pp +++ b/manifests/nova/compute.pp @@ -49,7 +49,7 @@ class openstack::nova::compute ( $vnc_enabled = true, $vncproxy_host = undef, # General - $verbose = false, + $verbose = 'False', $exported_resources = true, $enabled = true ) { diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp index e58fee9..a288d40 100644 --- a/manifests/nova/controller.pp +++ b/manifests/nova/controller.pp @@ -20,6 +20,15 @@ # class openstack::nova::controller ( + # Network Required + $public_address, + # Database Required + $db_host, + # Rabbit Required + $rabbit_password, + # Nova Required + $nova_user_password, + $nova_db_password, # Network $network_manager = 'nova.network.manager.FlatDHCPManager', $network_config = {}, @@ -27,8 +36,8 @@ class openstack::nova::controller ( $private_interface = 'eth1', $fixed_range = '10.0.0.0/24', $floating_range = false, - $admin_address = undef, - $internal_address = undef, + $internal_address = $public_address, + $admin_address = $public_address, $auto_assign_floating_ip = false, $create_networks = true, $num_networks = 1, @@ -45,34 +54,11 @@ class openstack::nova::controller ( # VNC $vnc_enabled = true, # General - $verbose = false, + $verbose = 'False', $enabled = true, - $exported_resources = true, - # Network Required - $public_address, - # Database Required - $db_host, - # Rabbit Required - $rabbit_password, - # Nova Required - $nova_user_password, - $nova_db_password, - + $exported_resources = true ) { - # Configure admin_address and internal address if needed. - if (admin_address == undef) { - $real_admin_address = $public_address - } else { - $real_admin_address = $admin_address - } - - if (internal_address == undef) { - $real_internal_address = $public_address - } else { - $real_internal_address = $internal_address - } - # Configure the db string case $db_type { 'mysql': { @@ -85,7 +71,7 @@ class openstack::nova::controller ( } else { $real_glance_api_servers = $glance_api_servers } - if ($export_resources) { + if ($exported_resources) { # export all of the things that will be needed by the clients @@nova_config { 'rabbit_host': value => $internal_address } Nova_config <| title == 'rabbit_host' |> @@ -96,8 +82,6 @@ class openstack::nova::controller ( @@nova_config { 'glance_api_servers': value => $real_glance_api_servers } Nova_config <| title == 'glance_api_servers' |> - @@nova_config { 'novncproxy_base_url': value => "http://${public_address}:6080/vnc_auto.html" } - $sql_connection = false $glance_connection = false $rabbit_connection = false From 9644278f54af766c9ca0919f5690fb2da7242d33 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:28:11 -0700 Subject: [PATCH 06/43] Expand tests for compute and controller This commit contains tests that were added to capture the complete functionality of the current compute and controller classes. These tests were created in order to help accepting this commit series and its significant refactor by capturing the current working state of the previous code. After these tests were created against the former version, they were applied against this commit series to verify that this patch worked exactly the same as the previous code. --- spec/classes/openstack_compute_spec.rb | 172 +++++++++- spec/classes/openstack_controller_spec.rb | 380 ++++++++++++++++++++++ 2 files changed, 543 insertions(+), 9 deletions(-) diff --git a/spec/classes/openstack_compute_spec.rb b/spec/classes/openstack_compute_spec.rb index 0a29651..3422050 100644 --- a/spec/classes/openstack_compute_spec.rb +++ b/spec/classes/openstack_compute_spec.rb @@ -15,18 +15,106 @@ describe 'openstack::compute' do :osfamily => 'Debian', } end - describe "when using default class paramaters" do + + describe "when using default class parameters" do let :params do default_params end it { - should contain_nova_config('multi_host').with({ 'value' => 'False' }) + should contain_class('nova').with( + :sql_connection => false, + :rabbit_host => false, + :rabbit_userid => 'nova', + :rabbit_password => 'rabbit_pw', + :image_service => 'nova.image.glance.GlanceImageService', + :glance_api_servers => false, + :verbose => false + ) + should contain_class('nova::compute').with( + :enabled => true, + :vnc_enabled => true, + :vncserver_proxyclient_address => '0.0.0.0', + :vncproxy_host => false + ) + should contain_class('nova::compute::libvirt').with( + :libvirt_type => 'kvm', + :vncserver_listen => '0.0.0.0' + ) + should contain_nova_config('multi_host').with( :value => 'False' ) + should contain_nova_config('send_arp_for_ha').with( :value => 'False' ) should_not contain_class('nova::api') should_not contain_class('nova::volume') should_not contain_class('nova::volume::iscsi') should contain_class('nova::network').with({ - 'enabled' => false, - 'install_service' => false + :enabled => false, + :install_service => false, + :private_interface => 'eth0', + :public_interface => nil, + :fixed_range => '10.0.0.0/16', + :floating_range => false, + :network_manager => 'nova.network.manager.FlatDHCPManager', + :config_overrides => {}, + :create_networks => false, + :enabled => false, + :install_service => false + }) + } + end + + describe "when overriding parameters, but not enabling multi-host or volume management" do + let :override_params do + { + :private_interface => 'eth1', + :internal_address => '127.0.0.1', + :public_interface => 'eth2', + :sql_connection => 'mysql://user:passwd@host/name', + :nova_user_password => 'nova_pass', + :rabbit_host => 'my_host', + :rabbit_password => 'my_rabbit_pw', + :rabbit_user => 'my_rabbit_user', + :glance_api_servers => ['controller:9292'], + :libvirt_type => 'qemu', + :vncproxy_host => '127.0.0.2', + :vnc_enabled => false, + :verbose => true, + } + end + let :params do + default_params.merge(override_params) + end + it { + should contain_class('nova').with( + :sql_connection => 'mysql://user:passwd@host/name', + :rabbit_host => 'my_host', + :rabbit_userid => 'my_rabbit_user', + :rabbit_password => 'my_rabbit_pw', + :image_service => 'nova.image.glance.GlanceImageService', + :glance_api_servers => ['controller:9292'], + :verbose => true + ) + should contain_class('nova::compute').with( + :enabled => true, + :vnc_enabled => false, + :vncserver_proxyclient_address => '127.0.0.1', + :vncproxy_host => '127.0.0.2' + ) + should contain_class('nova::compute::libvirt').with( + :libvirt_type => 'qemu', + :vncserver_listen => '127.0.0.1' + ) + should contain_nova_config('multi_host').with( :value => 'False' ) + should contain_nova_config('send_arp_for_ha').with( :value => 'False' ) + should_not contain_class('nova::api') + should_not contain_class('nova::volume') + should_not contain_class('nova::volume::iscsi') + should contain_class('nova::network').with({ + :enabled => false, + :install_service => false, + :private_interface => 'eth1', + :public_interface => 'eth2', + :create_networks => false, + :enabled => false, + :install_service => false }) } end @@ -38,16 +126,34 @@ describe 'openstack::compute' do }) end - it { + it do should contain_nova_config('multi_host').with({ 'value' => 'False'}) should_not contain_class('nova::api') - should contain_class('nova::volume') - should contain_class('nova::volume::iscsi') + should contain_class('nova::volume').with(:enabled => true) should contain_class('nova::network').with({ 'enabled' => false, 'install_service' => false }) - } + end + describe 'with default volume settings' do + it { should contain_class('nova::volume::iscsi').with( + :volume_group => 'nova-volumes', + :iscsi_ip_address => '0.0.0.0' + )} + end + describe 'when overriding volume parameters' do + let :params do + default_params.merge({ + :manage_volumes => true, + :nova_volume => 'nova-volumes2', + :internal_address => '127.0.0.1' + }) + end + it { should contain_class('nova::volume::iscsi').with( + :volume_group => 'nova-volumes2', + :iscsi_ip_address => '127.0.0.1' + ) } + end end describe "when configuring for multi host" do @@ -59,8 +165,9 @@ describe 'openstack::compute' do end it { + should contain_class('keystone::python') should contain_nova_config('multi_host').with({ 'value' => 'True'}) - should contain_class('nova::api') + should contain_nova_config('send_arp_for_ha').with(:value => 'True') should_not contain_class('nova::volume') should_not contain_class('nova::volume::iscsi') should contain_class('nova::network').with({ @@ -68,6 +175,26 @@ describe 'openstack::compute' do 'install_service' => true }) } + describe 'with defaults' do + it { should contain_class('nova::api').with( + :enabled => true, + :admin_tenant_name => 'services', + :admin_user => 'nova', + :admin_password => 'nova_pass' + )} + end + describe 'when overrding nova volumes' do + let :params do + default_params.merge({ + :multi_host => true, + :public_interface => 'eth0', + :nova_user_password => 'foo' + }) + end + it { should contain_class('nova::api').with( + :admin_password => 'foo' + )} + end end describe "when configuring for multi host without a public interface" do @@ -102,4 +229,31 @@ describe 'openstack::compute' do }) } end + + describe 'when overriding network params' do + let :params do + default_params.merge({ + :multi_host => true, + :public_interface => 'eth0', + :manage_volumes => true, + :private_interface => 'eth1', + :public_interface => 'eth2', + :fixed_range => '12.0.0.0/24', + :network_manager => 'nova.network.manager.VlanManager', + :network_config => {'vlan_interface' => 'eth0'} + }) + end + it { should contain_class('nova::network').with({ + :private_interface => 'eth1', + :public_interface => 'eth2', + :fixed_range => '12.0.0.0/24', + :floating_range => false, + :network_manager => 'nova.network.manager.VlanManager', + :config_overrides => {'vlan_interface' => 'eth0'}, + :create_networks => false, + 'enabled' => true, + 'install_service' => true + })} + + end end diff --git a/spec/classes/openstack_controller_spec.rb b/spec/classes/openstack_controller_spec.rb index 76335fd..bfa58fb 100644 --- a/spec/classes/openstack_controller_spec.rb +++ b/spec/classes/openstack_controller_spec.rb @@ -1,5 +1,385 @@ require 'spec_helper' describe 'openstack::controller' do + let :default_params do + { + :private_interface => 'eth0', + :public_interface => 'eth1', + :internal_address => '127.0.0.1', + :public_address => '10.0.0.1', + :export_resources => false, + } + end + + let :facts do + { + :operatingsystem => 'Ubuntu', + :osfamily => 'Debian', + :concat_basedir => '/tmp/', + :puppetversion => '2.7.x', + :memorysize => '2GB', + :processorcount => '2' + } + end + let :params do + default_params + end + + it { should_not contain_nova_config('auto_assign_floating_ip') } + describe 'when auto assign floating ip is assigned' do + let :params do + default_params.merge(:auto_assign_floating_ip => 'true') + end + it { should contain_nova_config('auto_assign_floating_ip').with(:value => 'True')} + end + + it do + should contain_class('mysql::server').with( + :config_hash => {'bind_address' => '0.0.0.0', 'root_password' => 'sql_pass' } + ) + should contain_class('memcached').with( + :listen_ip => '127.0.0.1' + ) + end + + describe 'when enabled' do + it 'should contain enabled database configs' do + should contain_class('mysql::server').with( + :enabled => true + ) + should contain_class('keystone::db::mysql').with( + :password => 'keystone_pass' + ) + should contain_class('glance::db::mysql').with( + :host => '127.0.0.1', + :password => 'glance_pass', + :before => ["Class[Glance::Registry]", "Exec[glance-manage db_sync]"] + ) + should contain_class('nova::db::mysql').with( + :password => 'nova_pass', + :host => '127.0.0.1', + :allowed_hosts => '%' + ) + end + it 'should contain enabled keystone configs with defaults' do + + should contain_class('keystone').with( + :admin_token => 'keystone_admin_token', + :bind_host => '0.0.0.0', + :log_verbose => false, + :log_debug => false, + :catalog_type => 'sql', + :enabled => true + ) + should contain_class('keystone::config::mysql').with( + :password => 'keystone_pass' + ) + should contain_class('keystone::roles::admin').with( + :email => 'some_user@some_fake_email_address.foo', + :password => 'ChangeMe' + ) + should contain_class('keystone::endpoint').with( + :public_address => '10.0.0.1', + :internal_address => '127.0.0.1', + :admin_address => '127.0.0.1' + ) + should contain_class('glance::keystone::auth').with( + :password => 'glance_pass', + :public_address => '10.0.0.1', + :internal_address => '127.0.0.1', + :admin_address => '127.0.0.1' + #:before => ['Class[glance::api]', 'Class[glance::registry]'] + ) + should contain_class('nova::keystone::auth').with( + :password => 'nova_pass', + :public_address => '10.0.0.1', + :internal_address => '127.0.0.1', + :admin_address => '127.0.0.1' + #:before => 'Class[nova::api]' + ) + should contain_class('glance::api').with( + :log_verbose => false, + :log_debug => false, + :auth_type => 'keystone', + :auth_host => '127.0.0.1', + :auth_port => '35357', + :keystone_tenant => 'services', + :keystone_user => 'glance', + :keystone_password => 'glance_pass', + :enabled => true + ) + should contain_class('glance::backend::file') + + should contain_class('glance::registry').with( + :log_verbose => false, + :log_debug => false, + :auth_type => 'keystone', + :auth_host => '127.0.0.1', + :auth_port => '35357', + :keystone_tenant => 'services', + :keystone_user => 'glance', + :keystone_password => 'glance_pass', + :sql_connection => "mysql://glance:glance_pass@127.0.0.1/glance", + :enabled => true + ) + should contain_class('nova::rabbitmq').with( + :userid => 'nova', + :password => 'rabbit_pw', + :enabled => true + ) + should contain_class('nova').with( + :sql_connection => 'mysql://nova:nova_pass@127.0.0.1/nova', + :rabbit_host => '127.0.0.1', + :rabbit_userid => 'nova', + :rabbit_password => 'rabbit_pw', + :image_service => 'nova.image.glance.GlanceImageService', + :glance_api_servers => '10.0.0.1:9292', + :verbose => false + ) + should contain_class('nova::api').with( + :enabled => true, + :admin_tenant_name => 'services', + :admin_user => 'nova', + :admin_password => 'nova_pass' + ) + should contain_class('nova::cert').with(:enabled => true) + should contain_class('nova::consoleauth').with(:enabled => true) + should contain_class('nova::scheduler').with(:enabled => true) + should contain_class('nova::objectstore').with(:enabled => true) + should contain_class('nova::vncproxy').with(:enabled => true) + should contain_class('horizon').with( + :secret_key => 'dummy_secret_key', + :cache_server_ip => '127.0.0.1', + :cache_server_port => '11211', + :swift => false, + :quantum => false, + :horizon_app_links => false + ) + + end + describe 'when overriding params' do + let :params do + default_params.merge( + :keystone_db_password => 'pass', + :glance_db_password => 'pass2', + :nova_db_password => 'pass3', + :verbose => true, + :keystone_admin_token => 'foo', + :nova_user_password => 'pass5', + :glance_user_password => 'pass6', + :admin_email => 'dan@puppetlabs.com', + :admin_address => '127.0.0.2', + :admin_password => 'pass7', + :rabbit_user => 'rabby', + :rabbit_password => 'rabby_pw', + :fixed_range => '10.0.0.0/24', + :floating_range => '11.0.0.0/24', + :network_manager => 'nova.network.manager.VlanManager', + :network_config => {'vlan_interface' => 'eth4'}, + :num_networks => 2, + :secret_key => 'real_secret_key', + :cache_server_ip => '127.0.0.2', + :cache_server_port => '11212', + :swift => true, + :quantum => true, + :horizon_app_links => true, + :glance_api_servers => '127.0.0.1:9292' + ) + end + it 'should override db config' do + should contain_class('keystone::db::mysql').with( + :password => 'pass' + ) + should contain_class('glance::db::mysql').with( + :password => 'pass2' + ) + should contain_class('nova::db::mysql').with( + :password => 'pass3' + ) + end + + it 'should override keystone config' do + should contain_class('keystone').with( + :log_verbose => true, + :log_debug => true, + :admin_token => 'foo' + ) + should contain_class('keystone::config::mysql').with( + :password => 'pass' + ) + should contain_class('keystone::endpoint').with( + :admin_address => '127.0.0.2' + ) + should contain_class('keystone::roles::admin').with( + :email => 'dan@puppetlabs.com', + :password => 'pass7' + ) + should contain_class('glance::keystone::auth').with( + :password => 'pass6', + :admin_address => '127.0.0.2' + ) + should contain_class('nova::keystone::auth').with( + :password => 'pass5', + :admin_address => '127.0.0.2' + ) + end + it 'should override glance config' do + should contain_class('glance::api').with( + :log_verbose => true, + :log_debug => true, + :keystone_password => 'pass6', + :enabled => true + ) + should contain_class('glance::registry').with( + :log_verbose => true, + :log_debug => true, + :keystone_password => 'pass6', + :sql_connection => "mysql://glance:pass2@127.0.0.1/glance", + :enabled => true + ) + end + it 'should override nova config' do + should contain_class('nova::rabbitmq').with( + :userid => 'rabby', + :password => 'rabby_pw', + :enabled => true + ) + should contain_class('nova').with( + :sql_connection => 'mysql://nova:pass3@127.0.0.1/nova', + :rabbit_host => '127.0.0.1', + :rabbit_userid => 'rabby', + :rabbit_password => 'rabby_pw', + :image_service => 'nova.image.glance.GlanceImageService', + :glance_api_servers => '127.0.0.1:9292', + :verbose => true + ) + should contain_class('nova::api').with( + :enabled => true, + :admin_tenant_name => 'services', + :admin_user => 'nova', + :admin_password => 'pass5' + ) + should contain_class('nova::network').with( + :fixed_range => '10.0.0.0/24', + :floating_range => '11.0.0.0/24', + :network_manager => 'nova.network.manager.VlanManager', + :config_overrides => {'vlan_interface' => 'eth4'}, + :num_networks => 2 + ) + end + describe 'it should override horizon params' do + it { should contain_class('horizon').with( + :secret_key => 'real_secret_key', + :cache_server_ip => '127.0.0.2', + :cache_server_port => '11212', + :swift => true, + :quantum => true, + :horizon_app_links => true + )} + end + end + end + + describe 'when not enabled' do + let :params do + default_params.merge(:enabled => false) + end + it do + should contain_class('mysql::server').with( + :enabled => false + ) + should_not contain_class('keystone::db::mysql') + should_not contain_class('glance::db::mysql') + should_not contain_class('nova::db::mysql') + should contain_class('keystone::config::mysql') + should contain_class('keystone').with(:enabled => false) + should_not contain_class('keystone::roles::admin') + should_not contain_class('keystone::endpoint') + should_not contain_class('glance::keystone::auth') + should_not contain_class('nova::keystone::auth') + should contain_class('glance::api').with(:enabled => false) + should contain_class('glance::backend::file') + should contain_class('glance::registry').with(:enabled => false) + should contain_class('nova::rabbitmq').with(:enabled => false) + should contain_class('nova::api').with(:enabled => false) + should contain_class('nova::cert').with(:enabled => false) + should contain_class('nova::consoleauth').with(:enabled => false) + should contain_class('nova::scheduler').with(:enabled => false) + should contain_class('nova::objectstore').with(:enabled => false) + should contain_class('nova::vncproxy').with(:enabled => false) + end + end + + describe 'nova network config' do + + describe 'when enabled' do + + describe 'when multihost is not set' do + + it {should contain_class('nova::network').with( + :private_interface => 'eth0', + :public_interface => 'eth1', + :fixed_range => '10.0.0.0/24', + :floating_range => false, + :network_manager => 'nova.network.manager.FlatDHCPManager', + :config_overrides => {}, + :create_networks => true, + :num_networks => 1, + :enabled => true, + :install_service => true + )} + + end + describe 'when multihost is set' do + let :params do + default_params.merge(:multi_host => true) + end + it { should contain_nova_config('multi_host').with(:value => 'True')} + it {should contain_class('nova::network').with( + :create_networks => true, + :enabled => false, + :install_service => false + )} + + end + + end + + describe 'when not enabled' do + + describe 'when multihost is set' do + let :params do + default_params.merge( + :multi_host => true, + :enabled => false + ) + end + + it {should contain_class('nova::network').with( + :create_networks => false, + :enabled => false, + :install_service => false + )} + + end + describe 'when multihost is not set' do + let :params do + default_params.merge( + :multi_host => false, + :enabled => false + ) + end + + it {should contain_class('nova::network').with( + :create_networks => false, + :enabled => false, + :install_service => false + )} + + end + + end + + end end From 90a7a67becd4a03da45a643e7f7fb45984968a8b Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:29:37 -0700 Subject: [PATCH 07/43] Fix bug in variable naming This commit fixes a bug in the naming of a variable. was enable_network-service has been update to enable_network_service --- manifests/nova/compute.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/nova/compute.pp b/manifests/nova/compute.pp index 5253272..a72588d 100644 --- a/manifests/nova/compute.pp +++ b/manifests/nova/compute.pp @@ -123,7 +123,7 @@ class openstack::nova::compute ( admin_password => $nova_user_password, } } else { - $enable_network-service = false + $enable_network_service = false nova_config { 'multi_host': value => 'False'; 'send_arp_for_ha': value => 'False'; From 7f16726e57551eb8a7b8069e98f5e3ebe9e78666 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:37:26 -0700 Subject: [PATCH 08/43] Remove collection code from openstack::nova::compute This commit removes the collection code from openstack::nova::compute. Having this class collect all nova_config entries seems incorrect (and dangerous). I prefer requiring users to pass in all of their connection data. --- manifests/nova/compute.pp | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/manifests/nova/compute.pp b/manifests/nova/compute.pp index a72588d..4446456 100644 --- a/manifests/nova/compute.pp +++ b/manifests/nova/compute.pp @@ -50,7 +50,6 @@ class openstack::nova::compute ( $vncproxy_host = undef, # General $verbose = 'False', - $exported_resources = true, $enabled = true ) { @@ -66,16 +65,9 @@ class openstack::nova::compute ( } } - if $exported_resources { - Nova_config <<||>> - $final_sql_connection = false - $glance_connection = false - $rabbit_connection = false - } else { - $final_sql_connection = $sql_connection - $glance_connection = $glance_api_servers - $rabbit_connection = $rabbit_host - } + $final_sql_connection = $sql_connection + $glance_connection = $glance_api_servers + $rabbit_connection = $rabbit_host # Configure Nova if ! defined( Class[nova] ) { From 4e2684090fbddb2705af43fd2fca04b2ecb8a9c6 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:38:50 -0700 Subject: [PATCH 09/43] Pass enabled flag to nova::vncproxy This commit passes the openstack::nova::controller parameter enabled to nova::vncproxy to allow nova controller to be built where this service is installed but not currently enabled. This is intended to support active-passive HA. --- manifests/nova/controller.pp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp index a288d40..0e15f35 100644 --- a/manifests/nova/controller.pp +++ b/manifests/nova/controller.pp @@ -160,11 +160,10 @@ class openstack::nova::controller ( enabled => $enabled, } - # NOTE should this just be enabled => $vnc_enabled? -jtopjian if $vnc_enabled { class { 'nova::vncproxy': - enabled => true, host => $public_address, + enabled => $enabled, } } From afafbd355fac0d57e01f28f1c31e01dec06b15fa Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:40:47 -0700 Subject: [PATCH 10/43] Always create nova class This commit removes the defined statement that was used for conditionally creating the nova class in openstack::nova::compute. This usage of ! defined introduced ordering issues that would make it extremely difficult to understand how nova would be configured. --- manifests/nova/compute.pp | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/manifests/nova/compute.pp b/manifests/nova/compute.pp index 4446456..d68796d 100644 --- a/manifests/nova/compute.pp +++ b/manifests/nova/compute.pp @@ -69,17 +69,14 @@ class openstack::nova::compute ( $glance_connection = $glance_api_servers $rabbit_connection = $rabbit_host - # Configure Nova - if ! defined( Class[nova] ) { - class { 'nova': - sql_connection => $final_sql_connection, - rabbit_userid => $rabbit_user, - rabbit_password => $rabbit_password, - image_service => 'nova.image.glance.GlanceImageService', - glance_api_servers => $glance_connection, - verbose => $verbose, - rabbit_host => $rabbit_connection, - } + class { 'nova': + sql_connection => $sql_connection, + rabbit_userid => $rabbit_user, + rabbit_password => $rabbit_password, + image_service => 'nova.image.glance.GlanceImageService', + glance_api_servers => $glance_api_servers, + verbose => $verbose, + rabbit_host => $rabbit_host, } # Install / configure nova-compute From bb96698ab3688fc5a2ed656dce3012d9145de777 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:41:30 -0700 Subject: [PATCH 11/43] unset default for public_interface This commit unsets the public_interface default. This is to make the code behave more like the previous iteration. --- manifests/nova/compute.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/nova/compute.pp b/manifests/nova/compute.pp index d68796d..6fce77c 100644 --- a/manifests/nova/compute.pp +++ b/manifests/nova/compute.pp @@ -24,7 +24,7 @@ class openstack::nova::compute ( $rabbit_password, # Network $public_address = undef, - $public_interface = 'eth0', + $public_interface = undef, $private_interface = 'eth1', $fixed_range = '10.0.0.0/24', $network_manager = 'nova.network.manager.FlatDHCPManager', From c6dd87ec37e33f7e0b2dd91b4b9c87549cdf48a5 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:42:50 -0700 Subject: [PATCH 12/43] Always configure network This network class is used to configure both nodes hosting the network service as well as compute nodes that are utilizing an external network service. This commit ensures that this class is always created. --- manifests/nova/compute.pp | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/manifests/nova/compute.pp b/manifests/nova/compute.pp index 6fce77c..52fbe3c 100644 --- a/manifests/nova/compute.pp +++ b/manifests/nova/compute.pp @@ -119,20 +119,16 @@ class openstack::nova::compute ( } } - # set up configuration for networking - # NOTE should the if block be removed? -jtopjian - if $enable_network_service { - class { 'nova::network': - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - floating_range => false, - network_manager => $network_manager, - config_overrides => $network_config, - create_networks => false, - enabled => $enable_network_service, - install_service => $enable_network_service, - } + class { 'nova::network': + private_interface => $private_interface, + public_interface => $public_interface, + fixed_range => $fixed_range, + floating_range => false, + network_manager => $network_manager, + config_overrides => $network_config, + create_networks => false, + enabled => $enable_network_service, + install_service => $enable_network_service, } if $manage_volumes { From 1a8a61aaa21185d13be628be738ef432a0bca6bf Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:43:41 -0700 Subject: [PATCH 13/43] Support enabled for keystone This commit adds support for keystone servers running in passive mode. --- manifests/keystone.pp | 52 ++++++++++++++++++++++--------------------- 1 file changed, 27 insertions(+), 25 deletions(-) diff --git a/manifests/keystone.pp b/manifests/keystone.pp index 32466df..29a502c 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -49,37 +49,39 @@ class openstack::keystone ( enabled => $enabled, } - # Setup the admin user - class { 'keystone::roles::admin': - email => $admin_email, - password => $admin_password, - admin_tenant => $keystone_admin_tenant, - } + if ($enabled) { + # Setup the admin user + class { 'keystone::roles::admin': + email => $admin_email, + password => $admin_password, + admin_tenant => $keystone_admin_tenant, + } - # Setup the Keystone Identity Endpoint - class { 'keystone::endpoint': - public_address => $public_address, - admin_address => $admin_address, - internal_address => $internal_address, - } - - # Configure Glance endpoint in Keystone - if $glance { - class { 'glance::keystone::auth': - password => $glance_user_password, + # Setup the Keystone Identity Endpoint + class { 'keystone::endpoint': public_address => $public_address, admin_address => $admin_address, internal_address => $internal_address, } - } - # Configure Nova endpoint in Keystone - if $nova { - class { 'nova::keystone::auth': - password => $nova_user_password, - public_address => $public_address, - admin_address => $admin_address, - internal_address => $internal_address, + # Configure Glance endpoint in Keystone + if $glance { + class { 'glance::keystone::auth': + password => $glance_user_password, + public_address => $public_address, + admin_address => $admin_address, + internal_address => $internal_address, + } + } + + # Configure Nova endpoint in Keystone + if $nova { + class { 'nova::keystone::auth': + password => $nova_user_password, + public_address => $public_address, + admin_address => $admin_address, + internal_address => $internal_address, + } } } From bcb75dda9ef590616c8d5f7126920f44d4dc9486 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:44:00 -0700 Subject: [PATCH 14/43] Add configuration for cache_server setting in horizon. --- manifests/horizon.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/horizon.pp b/manifests/horizon.pp index 93ecc30..6118d7e 100644 --- a/manifests/horizon.pp +++ b/manifests/horizon.pp @@ -40,6 +40,8 @@ class openstack::horizon ( } class { '::horizon': + cache_server_ip => $cache_server_ip, + cache_server_port => $cache_server_port, secret_key => $secret_key, swift => $swift, quantum => $quantum, From f1e8a37300d5250efa39e1e99743471ac145ad7f Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:44:23 -0700 Subject: [PATCH 15/43] Support passive mysql servers Adds code to support passive mysql instances. --- manifests/db/mysql.pp | 44 +++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/manifests/db/mysql.pp b/manifests/db/mysql.pp index 69b1e09..368b968 100644 --- a/manifests/db/mysql.pp +++ b/manifests/db/mysql.pp @@ -17,8 +17,6 @@ # nova_db_password => 'changeme', # allowed_hosts => ['127.0.0.1', '10.0.0.%'], # } - - class openstack::db::mysql ( # Required MySQL # passwords @@ -56,27 +54,29 @@ class openstack::db::mysql ( class { 'mysql::server::account_security': } } - # Create the Keystone db - class { 'keystone::db::mysql': - user => $keystone_db_user, - password => $keystone_db_password, - dbname => $keystone_db_dbname, - allowed_hosts => $allowed_hosts, - } + if ($enabled) { + # Create the Keystone db + class { 'keystone::db::mysql': + user => $keystone_db_user, + password => $keystone_db_password, + dbname => $keystone_db_dbname, + allowed_hosts => $allowed_hosts, + } - # Create the Glance db - class { 'glance::db::mysql': - user => $glance_db_user, - password => $glance_db_password, - dbname => $glance_db_dbname, - allowed_hosts => $allowed_hosts, - } + # Create the Glance db + class { 'glance::db::mysql': + user => $glance_db_user, + password => $glance_db_password, + dbname => $glance_db_dbname, + allowed_hosts => $allowed_hosts, + } - # Create the Nova db - class { 'nova::db::mysql': - user => $nova_db_user, - password => $nova_db_password, - dbname => $nova_db_dbname, - allowed_hosts => $allowed_hosts, + # Create the Nova db + class { 'nova::db::mysql': + user => $nova_db_user, + password => $nova_db_password, + dbname => $nova_db_dbname, + allowed_hosts => $allowed_hosts, + } } } From c8895dcee34a4d180a76abd1098727431d48cc4e Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:44:49 -0700 Subject: [PATCH 16/43] Add openstack::compute This commit adds openstack::compute for backwards compatibility. --- manifests/compute.pp | 96 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 96 insertions(+) create mode 100644 manifests/compute.pp diff --git a/manifests/compute.pp b/manifests/compute.pp new file mode 100644 index 0000000..83b3bf7 --- /dev/null +++ b/manifests/compute.pp @@ -0,0 +1,96 @@ +# +# This class is intended to serve as +# a way of deploying compute nodes. +# +# This currently makes the following assumptions: +# - libvirt is used to manage the hypervisors +# - flatdhcp networking is used +# - glance is used as the backend for the image service +# +# TODO - I need to make the choise of networking configurable +# +# +# [private_interface] Interface used for vm networking connectivity. Required. +# [internal_address] Internal address used for management. Required. +# [public_interface] Public interface used to route public traffic. Optional. +# Defaults to false. +# [fixed_range] Range of ipv4 network for vms. +# [network_manager] Nova network manager to use. +# [multi_host] Rather node should support multi-host networking mode for HA. +# Optional. Defaults to false. +# [network_config] Hash that can be used to pass implementation specifc +# network settings. Optioal. Defaults to {} +# [sql_connection] SQL connection information. Optional. Defaults to false +# which indicates that exported resources will be used to determine connection +# information. +# [nova_user_password] Nova service password. +# [rabbit_host] RabbitMQ host. False indicates it should be collected. +# Optional. Defaults to false, +# [rabbit_password] RabbitMQ password. Optional. Defaults to 'rabbit_pw', +# [rabbit_user] RabbitMQ user. Optional. Defaults to 'nova', +# [glance_api_servers] List of glance api servers of the form HOST:PORT +# delimited by ':'. False indicates that the resource should be collected. +# Optional. Defaults to false, +# [libvirt_type] Underlying libvirt supported hypervisor. +# Optional. Defaults to 'kvm', +# [vncproxy_host] Host that serves as vnc proxy. Optional. +# Defaults to false. False indicates that a vnc proxy should not be configured. +# [vnc_enabled] Rather vnc console should be enabled. +# Optional. Defaults to 'true', +# [verbose] Rather components should log verbosely. +# Optional. Defaults to false. +# [manage_volumes] Rather nova-volume should be enabled on this compute node. +# Optional. Defaults to false. +# [nova_volumes] Name of volume group in which nova-volume will create logical volumes. +# Optional. Defaults to nova-volumes. +# +class openstack::compute( + $private_interface, + $internal_address, + # networking config + $public_interface = undef, + $fixed_range = '10.0.0.0/16', + $network_manager = 'nova.network.manager.FlatDHCPManager', + $multi_host = false, + $network_config = {}, + # my address + # conection information + $sql_connection = false, + $nova_user_password = 'nova_pass', + $rabbit_host = false, + $rabbit_password = 'rabbit_pw', + $rabbit_user = 'nova', + $glance_api_servers = false, + # nova compute configuration parameters + $libvirt_type = 'kvm', + $vncproxy_host = false, + $vnc_enabled = 'true', + $verbose = false, + $manage_volumes = false, + $nova_volume = 'nova-volumes' +) { + + warning('This class will be deprecated in favor of openstack::nova::compute') + class { 'openstack::nova::compute': + private_interface => $private_interface, + internal_address => $internal_address, + public_interface => $public_interface, + fixed_range => $fixed_range, + network_manager => $network_manager, + multi_host => $multi_host, + network_config => $network_config, + sql_connection => $sql_connection, + nova_user_password => $nova_user_password, + rabbit_host => $rabbit_host, + rabbit_password => $rabbit_password, + rabbit_user => $rabbit_user, + glance_api_servers => $glance_api_servers, + libvirt_type => $libvirt_type, + vncproxy_host => $vncproxy_host, + vnc_enabled => $vnc_enabled, + verbose => $verbose, + manage_volumes => $manage_volumes, + nova_volume => $nova_volume, + } + +} From 67a317b82bb8cc81445ef34262ced845b1f66afa Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:45:45 -0700 Subject: [PATCH 17/43] change exported_resources param to export_resources for backwards compatibility --- manifests/controller.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/controller.pp b/manifests/controller.pp index eb16db9..712c989 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -82,7 +82,7 @@ class openstack::controller ( $horizon_app_links = undef, # General $verbose = false, - $exported_resources = true, + $export_resources = true, $enabled = true ) { @@ -186,7 +186,7 @@ class openstack::controller ( # General verbose => $verbose, enabled => $enabled, - exported_resources => $exported_resources, + exported_resources => $export_resources, } ######## Horizon ######## From f6085946b93ff317687930179081fa961bf4ef2d Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:47:21 -0700 Subject: [PATCH 18/43] Add conditional dependency Add a conditional dependency that glance::registry should be configured only after its database is created. This code only needs to be created on active nodes. --- manifests/controller.pp | 36 +++++++++++++++++++----------------- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/manifests/controller.pp b/manifests/controller.pp index 712c989..1374bc5 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -93,23 +93,25 @@ class openstack::controller ( ####### DATABASE SETUP ###### # set up mysql server - case $db_type { - 'mysql': { - class { 'openstack::db::mysql': - mysql_root_password => $mysql_root_password, - mysql_bind_address => $mysql_bind_address, - mysql_account_security => $mysql_account_security, - keystone_db_user => $keystone_db_user, - keystone_db_password => $keystone_db_password, - keystone_db_dbname => $keystone_db_dbname, - glance_db_user => $glance_db_user, - glance_db_password => $glance_db_password, - glance_db_dbname => $glance_db_dbname, - nova_db_user => $nova_db_user, - nova_db_password => $nova_db_password, - nova_db_dbname => $nova_db_dbname, - allowed_hosts => $allowed_hosts, - } + if ($db_type == 'mysql') { + if ($enabled) { + Class['glance::db::mysql'] -> Class['glance::registry'] + } + class { 'openstack::db::mysql': + mysql_root_password => $mysql_root_password, + mysql_bind_address => $mysql_bind_address, + mysql_account_security => $mysql_account_security, + keystone_db_user => $keystone_db_user, + keystone_db_password => $keystone_db_password, + keystone_db_dbname => $keystone_db_dbname, + glance_db_user => $glance_db_user, + glance_db_password => $glance_db_password, + glance_db_dbname => $glance_db_dbname, + nova_db_user => $nova_db_user, + nova_db_password => $nova_db_password, + nova_db_dbname => $nova_db_dbname, + allowed_hosts => $allowed_hosts, + enabled => $enabled, } } From 45eccb2a186339e52c4f6a32aad1149b103b0759 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 19 Aug 2012 00:47:58 -0700 Subject: [PATCH 19/43] Refactor parameter defaults Add more parameter defaults to support backwards compatibility. --- manifests/controller.pp | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/manifests/controller.pp b/manifests/controller.pp index 1374bc5..6d42f06 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -25,26 +25,25 @@ class openstack::controller ( # Required Network $public_address, + $public_interface, + $private_interface, # Required Database - $mysql_root_password, + $mysql_root_password = 'sql_pass', # Required Keystone - $admin_email, - $admin_password, - $keystone_db_password, - $keystone_admin_token, + $admin_email = 'some_user@some_fake_email_address.foo', + $admin_password = 'ChangeMe', + $keystone_db_password = 'keystone_pass', + $keystone_admin_token = 'keystone_admin_token', # Required Glance - $glance_db_password, - $glance_user_password, + $glance_db_password = 'glance_pass', + $glance_user_password = 'glance_pass', # Required Nova - $nova_db_password, - $nova_user_password, + $nova_db_password = 'nova_pass', + $nova_user_password = 'nova_pass', # Required Horizon - $secret_key, - # Network - $public_interface = 'eth0', - $private_interface = 'eth1', + $secret_key = 'dummy_secret_key', $internal_address = $public_address, - $admin_address = $public_address, + $admin_address = $internal_address, $network_manager = 'nova.network.manager.FlatDHCPManager', $fixed_range = '10.0.0.0/24', $floating_range = false, @@ -58,7 +57,7 @@ class openstack::controller ( $db_type = 'mysql', $mysql_account_security = true, $mysql_bind_address = '0.0.0.0', - $allowed_hosts = ['127.0.0.%'], + $allowed_hosts = '%', # Keystone $keystone_db_user = 'keystone', $keystone_db_dbname = 'keystone', @@ -72,13 +71,13 @@ class openstack::controller ( $nova_db_dbname = 'nova', $purge_nova_config = true, # Rabbit - $rabbit_password, + $rabbit_password = 'rabbit_pw', $rabbit_user = 'nova', # Horizon $cache_server_ip = '127.0.0.1', $cache_server_port = '11211', $swift = false, - $quantum = false, + $quantum = false, $horizon_app_links = undef, # General $verbose = false, @@ -135,6 +134,7 @@ class openstack::controller ( enabled => $enabled, } + ######## BEGIN GLANCE ########## class { 'openstack::glance': verbose => $verbose, @@ -202,7 +202,7 @@ class openstack::controller ( } ######## auth file ######## - class { 'openstack::auth_file': + class { 'openstack::auth_file': public_address => $public_address, admin_password => $admin_password, keystone_admin_token => $keystone_admin_token, From 92c80bd8ff0a3cd8a79377a2c298677fdabdef7b Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Mon, 20 Aug 2012 04:12:31 -0700 Subject: [PATCH 20/43] Update class parameter documentation This commit adds relevant class parameters to all classes. --- manifests/all.pp | 31 ++++++++++++++++++++++++++++-- manifests/compute.pp | 3 --- manifests/controller.pp | 42 ++++++++++++++++++++++++++++++++++++++++- manifests/db/mysql.pp | 15 ++++++++++++++- manifests/glance.pp | 12 +++++++++++- manifests/horizon.pp | 2 +- manifests/keystone.pp | 23 ++++++++++++++++++++-- manifests/test_file.pp | 4 ++-- 8 files changed, 119 insertions(+), 13 deletions(-) diff --git a/manifests/all.pp b/manifests/all.pp index 4bd12fb..3d33f6f 100644 --- a/manifests/all.pp +++ b/manifests/all.pp @@ -5,8 +5,35 @@ # # === Parameters # -# See params.pp -# +# [public_address] Public address used by vnchost. Required. +# [public_interface] The interface used to route public traffic by the +# network service. +# [private_interface] The private interface used to bridge the VMs into a common network. +# [floating_range] The floating ip range to be created. If it is false, then no floating ip range is created. +# Optional. Defaults to false. +# [fixed_range] The fixed private ip range to be created for the private VM network. Optional. Defaults to '10.0.0.0/24'. +# [network_manager] The network manager to use for the nova network service. +# Optional. Defaults to 'nova.network.manager.FlatDHCPManager'. +# [auto_assign_floating_ip] Rather configured to automatically allocate and +# assign a floating IP address to virtual instances when they are launched. +# Defaults to false. +# [network_config] Used to specify network manager specific parameters .Optional. Defualts to {}. +# [mysql_root_password] The root password to set for the mysql database. Optional. Defaults to sql_pass'. +# [rabbit_password] The password to use for the rabbitmq user. Optional. Defaults to rabbit_pw' +# [rabbit_user] The rabbitmq user to use for auth. Optional. Defaults to nova'. +# [admin_email] The admin's email address. Optional. Defaults to someuser@some_fake_email_address.foo'. +# [admin_password] The default password of the keystone admin. Optional. Defaults to ChangeMe'. +# [keystone_db_password] The default password for the keystone db user. Optional. Defaults to keystone_pass'. +# [keystone_admin_token] The default auth token for keystone. Optional. Defaults to keystone_admin_token'. +# [nova_db_password] The nova db password. Optional. Defaults to nova_pass'. +# [nova_user_password] The password of the keystone user for the nova service. Optional. Defaults to nova_pass'. +# [glance_db_password] The password for the db user for glance. Optional. Defaults to 'glance_pass'. +# [glance_user_password] The password of the glance service user. Optional. Defaults to 'glance_pass'. +# [secret_key] The secret key for horizon. Optional. Defaults to 'dummy_secret_key'. +# [verbose] If the services should log verbosely. Optional. Defaults to false. +# [purge_nova_config] Whether unmanaged nova.conf entries should be purged. Optional. Defaults to true. +# [libvirt_type] The virualization type being controlled by libvirt. Optional. Defaults to 'kvm'. +# [nova_volume] The name of the volume group to use for nova volume allocation. Optional. Defaults to 'nova-volumes'. # === Examples # # class { 'openstack::all': diff --git a/manifests/compute.pp b/manifests/compute.pp index 83b3bf7..dc289a9 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -7,9 +7,6 @@ # - flatdhcp networking is used # - glance is used as the backend for the image service # -# TODO - I need to make the choise of networking configurable -# -# # [private_interface] Interface used for vm networking connectivity. Required. # [internal_address] Internal address used for management. Required. # [public_interface] Public interface used to route public traffic. Optional. diff --git a/manifests/controller.pp b/manifests/controller.pp index 6d42f06..3d35ac6 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -3,7 +3,47 @@ # # === Parameters # -# See params.pp +# [public_interface] Public interface used to route public traffic. Required. +# [public_address] Public address for public endpoints. Required. +# [private_interface] Interface used for vm networking connectivity. Required. +# [internal_address] Internal address used for management. Required. +# [mysql_root_password] Root password for mysql server. +# [admin_email] Admin email. +# [admin_password] Admin password. +# [keystone_db_password] Keystone database password. +# [keystone_admin_token] Admin token for keystone. +# [glance_db_password] Glance DB password. +# [glance_user_password] Glance service user password. +# [nova_db_password] Nova DB password. +# [nova_user_password] Nova service password. +# [rabbit_password] Rabbit password. +# [rabbit_user] Rabbit User. +# [network_manager] Nova network manager to use. +# [fixed_range] Range of ipv4 network for vms. +# [floating_range] Floating ip range to create. +# [create_networks] Rather network and floating ips should be created. +# [num_networks] Number of networks that fixed range should be split into. +# [multi_host] Rather node should support multi-host networking mode for HA. +# Optional. Defaults to false. +# [auto_assign_floating_ip] Rather configured to automatically allocate and +# assign a floating IP address to virtual instances when they are launched. +# Defaults to false. +# [network_config] Hash that can be used to pass implementation specifc +# network settings. Optioal. Defaults to {} +# [verbose] Rahter to log services at verbose. +# [export_resources] Rather to export resources. +# Horizon related config - assumes puppetlabs-horizon code +# [secret_key] secret key to encode cookies, … +# [cache_server_ip] local memcached instance ip +# [cache_server_port] local memcached instance port +# [swift] (bool) is swift installed +# [quantum] (bool) is quantum installed +# The next is an array of arrays, that can be used to add call-out links to the dashboard for other apps. +# There is no specific requirement for these apps to be for monitoring, that's just the defacto purpose. +# Each app is defined in two parts, the display name, and the URI +# [horizon_app_links] array as in '[ ["Nagios","http://nagios_addr:port/path"],["Ganglia","http://ganglia_addr"] ]' +# [enabled] Whether services should be enabled. This parameter can be used to +# implement services in active-passive modes for HA. Optional. Defaults to true. # # === Examples # diff --git a/manifests/db/mysql.pp b/manifests/db/mysql.pp index 368b968..c8cf142 100644 --- a/manifests/db/mysql.pp +++ b/manifests/db/mysql.pp @@ -6,7 +6,20 @@ # # === Parameters # -# See params.pp +# [mysql_root_password] Root password for mysql. Required. +# [keystone_db_password] Password for keystone database. Required. +# [glance_db_password] Password for glance database. Required. +# [nova_db_password] Password for nova database. Required. +# [mysql_bind_address] Address that mysql will bind to. Optional .Defaults to '0.0.0.0'. +# [mysql_account_security] If a secure mysql db should be setup. Optional .Defaults to true. +# [keystone_db_user] DB user for keystone. Optional. Defaults to 'keystone'. +# [keystone_db_dbname] DB name for keystone. Optional. Defaults to 'keystone'. +# [glance_db_user] DB user for glance. Optional. Defaults to 'glance'. +# [glance_db_dbname]. Name of glance DB. Optional. Defaults to 'glance'. +# [nova_db_user]. Name of nova DB user. Optional. Defaults to 'nova'. +# [nova_db_dbname]. Name of nova DB. Optional. Defaults to 'nova'. +# [allowed_hosts] List of hosts that are allowed access. Optional. Defaults to false. +# [enabled] If the db service should be started. Optional. Defaults to true. # # === Example # diff --git a/manifests/glance.pp b/manifests/glance.pp index ad4a60f..f08e4a6 100644 --- a/manifests/glance.pp +++ b/manifests/glance.pp @@ -10,7 +10,17 @@ # # === Parameters # -# See params.pp +# [db_host] Host where DB resides. Required. +# [glance_user_password] Password for glance auth user. Required. +# [glance_db_password] Password for glance DB. Required. +# [keystone_host] Host whre keystone is running. Optional. Defaults to '127.0.0.1' +# [auth_uri] URI used for auth. Optional. Defaults to "http://${keystone_host}:5000/" +# [db_type] Type of sql databse to use. Optional. Defaults to 'mysql' +# [glance_db_user] Name of glance DB user. Optional. Defaults to 'glance' +# [glance_db_dbname] Name of glance DB. Optional. Defaults to 'glance' +# [verbose] Log verbosely. Optional. Defaults to 'False' +# [enabled] Used to indicate if the service should be active (true) or passive (false). +# Optional. Defaults to true # # === Example # diff --git a/manifests/horizon.pp b/manifests/horizon.pp index 6118d7e..fffb063 100644 --- a/manifests/horizon.pp +++ b/manifests/horizon.pp @@ -4,7 +4,7 @@ # Class to install / configure horizon. # Will eventually include apache and ssl. # -# NOTE: Will the inclusion of memcache be an issue? +# NOTE: Will the inclusion of memcache be an issue? # Such as if the server already has memcache installed? # -jtopjian # diff --git a/manifests/keystone.pp b/manifests/keystone.pp index 29a502c..7720f60 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -4,8 +4,27 @@ # Installs and configures Keystone # # === Parameters -# -# See params.pp +# +# [db_host] Host where DB resides. Required. +# [keystone_db_password] Password for keystone DB. Required. +# [keystone_admin_token]. Auth token for keystone admin. Required. +# [admin_email] Email address of system admin. Required. +# [admin_password] +# [glance_user_password] Auth password for glance user. Required. +# [nova_user_password] Auth password for nova user. Required. +# [public_address] Public address where keystone can be accessed. Required. +# [db_type] Type of DB used. Currently only supports mysql. Optional. Defaults to 'mysql' +# [keystone_db_user] Name of keystone db user. Optional. Defaults to 'keystone' +# [keystone_db_dbname] Name of keystone DB. Optional. Defaults to 'keystone' +# [keystone_admin_tenant] Name of keystone admin tenant. Optional. Defaults to 'admin' +# [verbose] Log verbosely. Optional. Defaults to 'False' +# [bind_host] Address that keystone binds to. Optional. Defaults to '0.0.0.0' +# [internal_address] Internal address for keystone. Optional. Defaults to $public_address +# [admin_address] Keystone admin address. Optional. Defaults to $internal_address +# [glance] Set up glance endpoints and auth. Optional. Defaults to true +# [nova] Set up nova endpoints and auth. Optional. Defaults to true +# [enabled] If the service is active (true) or passive (false). +# Optional. Defaults to true # # === Example # diff --git a/manifests/test_file.pp b/manifests/test_file.pp index b39a1a4..2a081c4 100644 --- a/manifests/test_file.pp +++ b/manifests/test_file.pp @@ -2,8 +2,7 @@ # Class that can be used to create a test script for testing an # installed openstack environment. # -# -# +# == Parameters # # [path] Path of test file to be created. Optional. Defaults to /tmp/test_nova.sh # [rc_file_path] Path of openrc file that sets up all authentication environment @@ -13,6 +12,7 @@ # [sleep_time] Used to tune how long to sleep for. Optional. Defaults to 60. # [floating_ip] Rather to test flating ip address allocation. Optional. # Defaults to true. +# class openstack::test_file( $path = '/tmp/test_nova.sh', $rc_file_path = '/root/openrc', From c1600bcab5d370bf6727dedf041f7cc926656dfe Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Mon, 20 Aug 2012 04:13:12 -0700 Subject: [PATCH 21/43] Update default for keystone admin_address This updates the default for the keystone admin address to use internal_address. This is a more reasonable default than using the public_address. --- manifests/keystone.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/keystone.pp b/manifests/keystone.pp index 7720f60..af06a9f 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -52,8 +52,8 @@ class openstack::keystone ( $keystone_admin_tenant = 'admin', $verbose = 'False', $bind_host = '0.0.0.0', - $admin_address = $public_address, $internal_address = $public_address, + $admin_address = $internal_address, $glance = true, $nova = true, $enabled = true, From d85d6f23fac71c97853354e5010ef641859edecf Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Mon, 20 Aug 2012 04:14:30 -0700 Subject: [PATCH 22/43] Remove auth_file This commit removes the auth_file from the controller and all classes. For backwards compatibility. --- manifests/all.pp | 8 -------- manifests/controller.pp | 7 ------- 2 files changed, 15 deletions(-) diff --git a/manifests/all.pp b/manifests/all.pp index 3d33f6f..8664ba3 100644 --- a/manifests/all.pp +++ b/manifests/all.pp @@ -262,12 +262,4 @@ class openstack::all ( horizon_app_links => $horizon_app_links, } - ######## auth file ######## - class { 'openstack::auth_file': - public_address => $public_address, - admin_password => $admin_password, - keystone_admin_token => $keystone_admin_token, - admin_tenant => $keystone_admin_tenant, - } - } diff --git a/manifests/controller.pp b/manifests/controller.pp index 3d35ac6..b75954f 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -241,11 +241,4 @@ class openstack::controller ( horizon_app_links => $horizon_app_links, } - ######## auth file ######## - class { 'openstack::auth_file': - public_address => $public_address, - admin_password => $admin_password, - keystone_admin_token => $keystone_admin_token, - admin_tenant => $keystone_admin_tenant, - } } From 16cedd9642e8cf20c85c72137ddfadcb17b4d204 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Mon, 20 Aug 2012 04:16:04 -0700 Subject: [PATCH 23/43] Remove unused public controller node. This commit removes the unused parameter controller node. --- manifests/auth_file.pp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/manifests/auth_file.pp b/manifests/auth_file.pp index f35ef8c..7a7a049 100644 --- a/manifests/auth_file.pp +++ b/manifests/auth_file.pp @@ -5,8 +5,7 @@ # class openstack::auth_file( $admin_password, - $public_address, - $controller_node = '127.0.0.1', + $public_address = '127.0.0.1', $keystone_admin_token = 'keystone_admin_token', $admin_user = 'admin', $admin_tenant = 'admin' From e1392b36eef839f5e437db8bbada959ec19dbc1e Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Mon, 20 Aug 2012 04:16:42 -0700 Subject: [PATCH 24/43] Set defaults in openstack::all class This commit specifies defaults for the openstack::all class. --- manifests/all.pp | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/manifests/all.pp b/manifests/all.pp index 8664ba3..f6ac7cc 100644 --- a/manifests/all.pp +++ b/manifests/all.pp @@ -60,22 +60,22 @@ class openstack::all ( # Network Required $public_address, # MySQL Required - $mysql_root_password, + $mysql_root_password = 'sql_pass', # Rabbit Required - $rabbit_password, + $rabbit_password = 'rabbitpw', # Keystone Required - $keystone_db_password, - $keystone_admin_token, - $admin_email, - $admin_password, + $keystone_db_password = 'keystone_pass', + $keystone_admin_token = 'keystone_admin_token', + $admin_email = 'some_user@some_fake_email_address.foo', + $admin_password = 'ChangeMe', # Nova Required - $nova_db_password, - $nova_user_password, + $nova_db_password = 'nova_pass', + $nova_user_password = 'nova_pass', # Glance Required - $glance_db_password, - $glance_user_password, + $glance_db_password = 'glance_pass', + $glance_user_password = 'glance_pass', # Horizon Required - $secret_key, + $secret_key = 'dummy_secret_key', # Network $public_interface = 'eth0', $private_interface = 'eth1', @@ -160,7 +160,7 @@ class openstack::all ( admin_password => $admin_password, public_address => $public_address, internal_address => '127.0.0.1', - admin_address => '127.0.0.1', + admin_address => '127.0.0.1', glance_user_password => $glance_user_password, nova_user_password => $nova_user_password, } From fd305d2bb71248b92e74cb9ce9b7e934d777eeed Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Mon, 20 Aug 2012 04:19:29 -0700 Subject: [PATCH 25/43] change public_address back to controller_node To avoid breaking backwards compatibility. --- manifests/auth_file.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/auth_file.pp b/manifests/auth_file.pp index 7a7a049..103238a 100644 --- a/manifests/auth_file.pp +++ b/manifests/auth_file.pp @@ -5,7 +5,7 @@ # class openstack::auth_file( $admin_password, - $public_address = '127.0.0.1', + $controller_node = '127.0.0.1', $keystone_admin_token = 'keystone_admin_token', $admin_user = 'admin', $admin_tenant = 'admin' @@ -16,10 +16,10 @@ class openstack::auth_file( export OS_TENANT_NAME=${admin_tenant} export OS_USERNAME=${admin_user} export OS_PASSWORD=${admin_password} - export OS_AUTH_URL=\"http://${public_address}:5000/v2.0/\" + export OS_AUTH_URL=\"http://${controller_node}:5000/v2.0/\" export OS_AUTH_STRATEGY=keystone export SERVICE_TOKEN=${keystone_admin_token} - export SERVICE_ENDPOINT=http://${public_address}:35357/v2.0/ + export SERVICE_ENDPOINT=http://${controller_node}:35357/v2.0/ " } } From 1a62606836d1969b5ccc25e73b783afc5d2d0a94 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Tue, 9 Oct 2012 22:33:57 -0700 Subject: [PATCH 26/43] shorten names of keystone db class params removed the extra keystone_ prefix. --- manifests/controller.pp | 32 ++++++++++++++++---------------- manifests/keystone.pp | 12 ++++++------ 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/manifests/controller.pp b/manifests/controller.pp index b75954f..19f10ba 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -156,22 +156,22 @@ class openstack::controller ( ####### KEYSTONE ########### class { 'openstack::keystone': - verbose => $verbose, - db_type => $db_type, - db_host => $db_host, - keystone_db_password => $keystone_db_password, - keystone_db_dbname => $keystone_db_dbname, - keystone_db_user => $keystone_db_user, - keystone_admin_token => $keystone_admin_token, - keystone_admin_tenant => $keystone_admin_tenant, - admin_email => $admin_email, - admin_password => $admin_password, - public_address => $public_address, - internal_address => $internal_address, - admin_address => $admin_address, - glance_user_password => $glance_user_password, - nova_user_password => $nova_user_password, - enabled => $enabled, + verbose => $verbose, + db_type => $db_type, + db_host => $db_host, + db_password => $keystone_db_password, + db_name => $keystone_db_dbname, + db_user => $keystone_db_user, + admin_token => $keystone_admin_token, + admin_tenant => $keystone_admin_tenant, + admin_email => $admin_email, + admin_password => $admin_password, + public_address => $public_address, + internal_address => $internal_address, + admin_address => $admin_address, + glance_user_password => $glance_user_password, + nova_user_password => $nova_user_password, + enabled => $enabled, } diff --git a/manifests/keystone.pp b/manifests/keystone.pp index af06a9f..ba2f82e 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -9,7 +9,7 @@ # [keystone_db_password] Password for keystone DB. Required. # [keystone_admin_token]. Auth token for keystone admin. Required. # [admin_email] Email address of system admin. Required. -# [admin_password] +# [admin_password] # [glance_user_password] Auth password for glance user. Required. # [nova_user_password] Auth password for nova user. Required. # [public_address] Public address where keystone can be accessed. Required. @@ -39,16 +39,13 @@ class openstack::keystone ( $db_host, - $keystone_db_password, - $keystone_admin_token, + $db_password, + $admin_token, $admin_email, $admin_password, $glance_user_password, $nova_user_password, $public_address, - $db_type = 'mysql', - $keystone_db_user = 'keystone', - $keystone_db_dbname = 'keystone', $keystone_admin_tenant = 'admin', $verbose = 'False', $bind_host = '0.0.0.0', @@ -57,6 +54,9 @@ class openstack::keystone ( $glance = true, $nova = true, $enabled = true, + $db_type = 'mysql', + $db_user = 'keystone', + $db_name = 'keystone', ) { # Install and configure Keystone From c51463d66826311d008ab68ada4d44e51f511f2a Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Tue, 9 Oct 2012 22:34:21 -0700 Subject: [PATCH 27/43] remove openstack::nova::compute it is the same as openstack::compute --- manifests/nova/compute.pp | 147 -------------------------------------- 1 file changed, 147 deletions(-) delete mode 100644 manifests/nova/compute.pp diff --git a/manifests/nova/compute.pp b/manifests/nova/compute.pp deleted file mode 100644 index 52fbe3c..0000000 --- a/manifests/nova/compute.pp +++ /dev/null @@ -1,147 +0,0 @@ -# -# == Class: openstack::compute -# -# Manifest to install/configure nova-compute and nova-volume -# -# === Parameters -# -# See params.pp -# -# === Examples -# -# class { 'openstack::nova::compute': -# internal_address => '192.168.2.2', -# vncproxy_host => '192.168.1.1', -# nova_user_password => 'changeme', -# } - -class openstack::nova::compute ( - # Required Network - $internal_address, - # Required Nova - $nova_user_password, - # Required Rabbit - $rabbit_password, - # Network - $public_address = undef, - $public_interface = undef, - $private_interface = 'eth1', - $fixed_range = '10.0.0.0/24', - $network_manager = 'nova.network.manager.FlatDHCPManager', - $network_config = {}, - $multi_host = false, - # DB - $sql_connection = false, - # Nova - $purge_nova_config = true, - # Rabbit - $rabbit_host = false, - $rabbit_user = 'nova', - # Glance - $glance_api_servers = false, - # Virtualization - $libvirt_type = 'kvm', - # Volumes - $nova_volume = 'nova-volumes', - $manage_volumes = true, - $iscsi_ip_address = $internal_address, - # VNC - $vnc_enabled = true, - $vncproxy_host = undef, - # General - $verbose = 'False', - $enabled = true -) { - - # - # indicates that all nova config entries that we did - # not specifify in Puppet should be purged from file - # - if ! defined( Resources[nova_config] ) { - if ($purge_nova_config) { - resources { 'nova_config': - purge => true, - } - } - } - - $final_sql_connection = $sql_connection - $glance_connection = $glance_api_servers - $rabbit_connection = $rabbit_host - - class { 'nova': - sql_connection => $sql_connection, - rabbit_userid => $rabbit_user, - rabbit_password => $rabbit_password, - image_service => 'nova.image.glance.GlanceImageService', - glance_api_servers => $glance_api_servers, - verbose => $verbose, - rabbit_host => $rabbit_host, - } - - # Install / configure nova-compute - class { '::nova::compute': - enabled => $enabled, - vnc_enabled => $vnc_enabled, - vncserver_proxyclient_address => $internal_address, - vncproxy_host => $vncproxy_host, - } - - # Configure libvirt for nova-compute - class { 'nova::compute::libvirt': - libvirt_type => $libvirt_type, - vncserver_listen => $internal_address, - } - - # if the compute node should be configured as a multi-host - # compute installation - if $multi_host { - include keystone::python - nova_config { - 'multi_host': value => 'True'; - 'send_arp_for_ha': value => 'True'; - } - if ! $public_interface { - fail('public_interface must be defined for multi host compute nodes') - } - $enable_network_service = true - class { 'nova::api': - enabled => true, - admin_tenant_name => 'services', - admin_user => 'nova', - admin_password => $nova_user_password, - } - } else { - $enable_network_service = false - nova_config { - 'multi_host': value => 'False'; - 'send_arp_for_ha': value => 'False'; - } - } - - class { 'nova::network': - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - floating_range => false, - network_manager => $network_manager, - config_overrides => $network_config, - create_networks => false, - enabled => $enable_network_service, - install_service => $enable_network_service, - } - - if $manage_volumes { - # Install / configure nova-volume - class { 'nova::volume': - enabled => $enabled, - } - if $enabled { - class { 'nova::volume::iscsi': - volume_group => $nova_volume, - iscsi_ip_address => $iscsi_ip_address, - } - } - } - -} From f06d4d9f29845c8bcc943bbc94a11ae6e6fbe1f7 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Tue, 9 Oct 2012 22:34:53 -0700 Subject: [PATCH 28/43] add keystone_host to the controller for the case where they are not installed on the same machine. --- manifests/nova/controller.pp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp index 0e15f35..667a8be 100644 --- a/manifests/nova/controller.pp +++ b/manifests/nova/controller.pp @@ -54,6 +54,7 @@ class openstack::nova::controller ( # VNC $vnc_enabled = true, # General + $keystone_host = '127.0.0.1', $verbose = 'False', $enabled = true, $exported_resources = true @@ -111,8 +112,9 @@ class openstack::nova::controller ( # Configure nova-api class { 'nova::api': - enabled => $enabled, - admin_password => $nova_user_password, + enabled => $enabled, + admin_password => $nova_user_password, + auth_host => $keystone_host, } # Configure nova-network From eaf3d80f0f9dde38f1e79dfc70d406283bd37993 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Tue, 9 Oct 2012 22:36:44 -0700 Subject: [PATCH 29/43] remove some class param default chains It is not clear if puppet supports the ability to use class param values as the defaults for other class params. I am refactoring my code to assume this does not work. --- manifests/controller.pp | 3 +- manifests/glance.pp | 3 +- manifests/keystone.pp | 102 ++++++++++++++++++++++++++-------------- 3 files changed, 72 insertions(+), 36 deletions(-) diff --git a/manifests/controller.pp b/manifests/controller.pp index 19f10ba..730256e 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -82,8 +82,9 @@ class openstack::controller ( $nova_user_password = 'nova_pass', # Required Horizon $secret_key = 'dummy_secret_key', + # not sure if this works correctly $internal_address = $public_address, - $admin_address = $internal_address, + $admin_address = $public_address, $network_manager = 'nova.network.manager.FlatDHCPManager', $fixed_range = '10.0.0.0/24', $floating_range = false, diff --git a/manifests/glance.pp b/manifests/glance.pp index f08e4a6..d6624e7 100644 --- a/manifests/glance.pp +++ b/manifests/glance.pp @@ -35,7 +35,7 @@ class openstack::glance ( $glance_user_password, $glance_db_password, $keystone_host = '127.0.0.1', - $auth_uri = "http://${keystone_host}:5000/", + $auth_uri = "http://127.0.0.1:5000/", $db_type = 'mysql', $glance_db_user = 'glance', $glance_db_dbname = 'glance', @@ -61,6 +61,7 @@ class openstack::glance ( keystone_tenant => 'services', keystone_user => 'glance', keystone_password => $glance_user_password, + sql_connection => $sql_connection, enabled => $enabled, } diff --git a/manifests/keystone.pp b/manifests/keystone.pp index ba2f82e..d47b733 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -46,26 +46,72 @@ class openstack::keystone ( $glance_user_password, $nova_user_password, $public_address, - $keystone_admin_tenant = 'admin', - $verbose = 'False', - $bind_host = '0.0.0.0', - $internal_address = $public_address, - $admin_address = $internal_address, - $glance = true, - $nova = true, - $enabled = true, $db_type = 'mysql', $db_user = 'keystone', $db_name = 'keystone', + $admin_tenant = 'admin', + $verbose = 'False', + $bind_host = '0.0.0.0', + $internal_address = $public_address, + $admin_address = false, + $glance_public_address = $public_address, + $glance_internal_address = false, + $glance_admin_address = false, + $nova_public_address = $public_address, + $nova_internal_address = false, + $nova_admin_address = false, + $glance = true, + $nova = true, + $enabled = true, ) { # Install and configure Keystone + if $db_type == 'mysql' { + $sql_conn = "mysql://${$db_user}:${db_password}@${db_host}/${db_name}" + } else { + fail("db_type ${db_type} is not supported") + } + + # I have to do all of this crazy munging b/c parameters are not + # set procedurally in Pupet + if($internal_address) { + $internal_real = $internal_address + } else { + $internal_real = $public_address + } + if($admin_address) { + $admin_real = $admin_address + } else { + $admin_real = $internal_real + } + if($glance_internal_address) { + $glance_internal_real = $glance_internal_address + } else { + $glance_internal_real = $glance_public_address + } + if($glance_admin_address) { + $glance_admin_real = $glance_admin_address + } else { + $glance_admin_real = $glance_internal_real + } + if($nova_internal_address) { + $nova_internal_real = $nova_internal_address + } else { + $nova_internal_real = $nova_public_address + } + if($nova_admin_address) { + $nova_admin_real = $nova_admin_address + } else { + $nova_admin_real = $nova_internal_real + } + class { '::keystone': - log_verbose => $verbose, - log_debug => $verbose, - catalog_type => 'sql', - admin_token => $keystone_admin_token, - enabled => $enabled, + log_verbose => $verbose, + log_debug => $verbose, + catalog_type => 'sql', + admin_token => $admin_token, + enabled => $enabled, + sql_connection => $sql_conn, } if ($enabled) { @@ -73,23 +119,23 @@ class openstack::keystone ( class { 'keystone::roles::admin': email => $admin_email, password => $admin_password, - admin_tenant => $keystone_admin_tenant, + admin_tenant => $admin_tenant, } # Setup the Keystone Identity Endpoint class { 'keystone::endpoint': public_address => $public_address, - admin_address => $admin_address, - internal_address => $internal_address, + admin_address => $admin_real, + internal_address => $internal_real, } # Configure Glance endpoint in Keystone if $glance { class { 'glance::keystone::auth': password => $glance_user_password, - public_address => $public_address, - admin_address => $admin_address, - internal_address => $internal_address, + public_address => $glance_public_address, + admin_address => $glance_admin_real, + internal_address => $glance_internal_real, } } @@ -97,21 +143,9 @@ class openstack::keystone ( if $nova { class { 'nova::keystone::auth': password => $nova_user_password, - public_address => $public_address, - admin_address => $admin_address, - internal_address => $internal_address, - } - } - } - - # Configure the Keystone database - case $db_type { - 'mysql': { - class { 'keystone::config::mysql': - user => $keystone_db_user, - password => $keystone_db_password, - host => $db_host, - dbname => $keystone_db_dbname, + public_address => $nova_public_address, + admin_address => $nova_admin_real, + internal_address => $nova_internal_real, } } } From 83952b9f4e1c3610dc3a64b3ac002c32eb9b0f4d Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Tue, 9 Oct 2012 22:37:17 -0700 Subject: [PATCH 30/43] add --no-cahce to all nova calls in tests for some reason folsom is integrated with some local keychain service in a way that makes it difficult to use. --- templates/test_nova.sh.erb | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/templates/test_nova.sh.erb b/templates/test_nova.sh.erb index 715241f..78938cf 100644 --- a/templates/test_nova.sh.erb +++ b/templates/test_nova.sh.erb @@ -32,36 +32,36 @@ login_user='ubuntu' ssh-keygen -f /tmp/id_rsa -t rsa -N '' #add the public key to nova. -nova keypair-add --pub_key /tmp/id_rsa.pub key_cirros +nova --no-cache keypair-add --pub_key /tmp/id_rsa.pub key_cirros <% if floating_ip -%> # create a security group so that we can allow ssh, http, and ping traffic # when we add a floating IP (assuming you are adding floating IPs) -nova secgroup-create nova_test 'Cirros test security group' -nova secgroup-add-rule nova_test tcp 22 22 0.0.0.0/0 -nova secgroup-add-rule nova_test tcp 80 80 0.0.0.0/0 -nova secgroup-add-rule nova_test icmp -1 -1 0.0.0.0/0 +nova --no-cache secgroup-create nova_test 'Cirros test security group' +nova --no-cache secgroup-add-rule nova_test tcp 22 22 0.0.0.0/0 +nova --no-cache secgroup-add-rule nova_test tcp 80 80 0.0.0.0/0 +nova --no-cache secgroup-add-rule nova_test icmp -1 -1 0.0.0.0/0 # request a floating IP address, and extract the address from the results message -floating_ip=`nova floating-ip-create | grep None | awk '{print $2}'` +floating_ip=`nova --no-cache floating-ip-create | grep None | awk '{print $2}'` <% end -%> instance_name='<%= image_type %>_test_vm' # Boot the added image against the "1" flavor which by default maps to a micro instance. <% if floating_ip -%> Include the cirros_test group so our address will work when we add it later <% end %> -nova boot --flavor 1 <% if floating_ip -%>--security_groups nova_test<% end %> --image ${IMAGE_ID} --key_name key_cirros $instance_name +nova --no-cache boot --flavor 1 <% if floating_ip -%>--security_groups nova_test<% end %> --image ${IMAGE_ID} --key_name key_cirros $instance_name # let the system catch up sleep <%= sleep_time %> # Show the state of the system we just requested. -nova show $instance_name +nova --no-cache show $instance_name # wait for the server to boot sleep <%= sleep_time %> <% if floating_ip -%> # Now add the floating IP we reserved earlier to the machine. -nova add-floating-ip $instance_name $floating_ip +nova --no-cache add-floating-ip $instance_name $floating_ip # Wait and then try to SSH to the node, leveraging the private key # we generated earlier. sleep <%= sleep_time %> From 49173c6f403f254065ce21545389afffd1a96b3a Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Tue, 9 Oct 2012 22:37:31 -0700 Subject: [PATCH 31/43] total refactor of openstack::compute --- manifests/compute.pp | 213 +++++++++++++++++++++++++++---------------- 1 file changed, 134 insertions(+), 79 deletions(-) diff --git a/manifests/compute.pp b/manifests/compute.pp index dc289a9..c84189e 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -1,93 +1,148 @@ # -# This class is intended to serve as -# a way of deploying compute nodes. +# == Class: openstack::compute # -# This currently makes the following assumptions: -# - libvirt is used to manage the hypervisors -# - flatdhcp networking is used -# - glance is used as the backend for the image service +# Manifest to install/configure nova-compute and nova-volume # -# [private_interface] Interface used for vm networking connectivity. Required. -# [internal_address] Internal address used for management. Required. -# [public_interface] Public interface used to route public traffic. Optional. -# Defaults to false. -# [fixed_range] Range of ipv4 network for vms. -# [network_manager] Nova network manager to use. -# [multi_host] Rather node should support multi-host networking mode for HA. -# Optional. Defaults to false. -# [network_config] Hash that can be used to pass implementation specifc -# network settings. Optioal. Defaults to {} -# [sql_connection] SQL connection information. Optional. Defaults to false -# which indicates that exported resources will be used to determine connection -# information. -# [nova_user_password] Nova service password. -# [rabbit_host] RabbitMQ host. False indicates it should be collected. -# Optional. Defaults to false, -# [rabbit_password] RabbitMQ password. Optional. Defaults to 'rabbit_pw', -# [rabbit_user] RabbitMQ user. Optional. Defaults to 'nova', -# [glance_api_servers] List of glance api servers of the form HOST:PORT -# delimited by ':'. False indicates that the resource should be collected. -# Optional. Defaults to false, -# [libvirt_type] Underlying libvirt supported hypervisor. -# Optional. Defaults to 'kvm', -# [vncproxy_host] Host that serves as vnc proxy. Optional. -# Defaults to false. False indicates that a vnc proxy should not be configured. -# [vnc_enabled] Rather vnc console should be enabled. -# Optional. Defaults to 'true', -# [verbose] Rather components should log verbosely. -# Optional. Defaults to false. -# [manage_volumes] Rather nova-volume should be enabled on this compute node. -# Optional. Defaults to false. -# [nova_volumes] Name of volume group in which nova-volume will create logical volumes. -# Optional. Defaults to nova-volumes. +# === Parameters # -class openstack::compute( - $private_interface, +# See params.pp +# +# === Examples +# +# class { 'openstack::nova::compute': +# internal_address => '192.168.2.2', +# vncproxy_host => '192.168.1.1', +# nova_user_password => 'changeme', +# } + +class openstack::compute ( + # Required Network $internal_address, - # networking config - $public_interface = undef, - $fixed_range = '10.0.0.0/16', - $network_manager = 'nova.network.manager.FlatDHCPManager', - $multi_host = false, - $network_config = {}, - # my address - # conection information - $sql_connection = false, - $nova_user_password = 'nova_pass', - $rabbit_host = false, - $rabbit_password = 'rabbit_pw', - $rabbit_user = 'nova', - $glance_api_servers = false, - # nova compute configuration parameters - $libvirt_type = 'kvm', - $vncproxy_host = false, - $vnc_enabled = 'true', - $verbose = false, - $manage_volumes = false, - $nova_volume = 'nova-volumes' + # Required Nova + $nova_user_password, + # Required Rabbit + $rabbit_password, + # Network + $public_address = undef, + $public_interface = undef, + $private_interface = 'eth1', + $fixed_range = '10.0.0.0/24', + $network_manager = 'nova.network.manager.FlatDHCPManager', + $network_config = {}, + $multi_host = false, + # DB + $sql_connection = false, + # Nova + $purge_nova_config = true, + # Rabbit + $rabbit_host = false, + $rabbit_user = 'nova', + # Glance + $glance_api_servers = false, + # Virtualization + $libvirt_type = 'kvm', + # Volumes + $nova_volume = 'nova-volumes', + $manage_volumes = true, + # TODO - not sure if using a variable as a default really works + $iscsi_ip_address = $internal_address, + # VNC + $vnc_enabled = true, + $vncproxy_host = undef, + # General + $verbose = 'False', + $enabled = true ) { - warning('This class will be deprecated in favor of openstack::nova::compute') - class { 'openstack::nova::compute': - private_interface => $private_interface, - internal_address => $internal_address, - public_interface => $public_interface, - fixed_range => $fixed_range, - network_manager => $network_manager, - multi_host => $multi_host, - network_config => $network_config, + # + # indicates that all nova config entries that we did + # not specifify in Puppet should be purged from file + # + if ! defined( Resources[nova_config] ) { + if ($purge_nova_config) { + resources { 'nova_config': + purge => true, + } + } + } + + $final_sql_connection = $sql_connection + $glance_connection = $glance_api_servers + $rabbit_connection = $rabbit_host + + class { 'nova': sql_connection => $sql_connection, - nova_user_password => $nova_user_password, - rabbit_host => $rabbit_host, + rabbit_userid => $rabbit_user, rabbit_password => $rabbit_password, - rabbit_user => $rabbit_user, + image_service => 'nova.image.glance.GlanceImageService', glance_api_servers => $glance_api_servers, - libvirt_type => $libvirt_type, - vncproxy_host => $vncproxy_host, - vnc_enabled => $vnc_enabled, verbose => $verbose, - manage_volumes => $manage_volumes, - nova_volume => $nova_volume, + rabbit_host => $rabbit_host, + } + + # Install / configure nova-compute + class { '::nova::compute': + enabled => $enabled, + vnc_enabled => $vnc_enabled, + vncserver_proxyclient_address => $internal_address, + vncproxy_host => $vncproxy_host, + } + + # Configure libvirt for nova-compute + class { 'nova::compute::libvirt': + libvirt_type => $libvirt_type, + vncserver_listen => $internal_address, + } + + # if the compute node should be configured as a multi-host + # compute installation + if $multi_host { + include keystone::python + nova_config { + 'multi_host': value => 'True'; + 'send_arp_for_ha': value => 'True'; + } + if ! $public_interface { + fail('public_interface must be defined for multi host compute nodes') + } + $enable_network_service = true + class { 'nova::api': + enabled => true, + admin_tenant_name => 'services', + admin_user => 'nova', + admin_password => $nova_user_password, + } + } else { + $enable_network_service = false + nova_config { + 'multi_host': value => 'False'; + 'send_arp_for_ha': value => 'False'; + } + } + + class { 'nova::network': + private_interface => $private_interface, + public_interface => $public_interface, + fixed_range => $fixed_range, + floating_range => false, + network_manager => $network_manager, + config_overrides => $network_config, + create_networks => false, + enabled => $enable_network_service, + install_service => $enable_network_service, + } + + if $manage_volumes { + # Install / configure nova-volume + class { 'nova::volume': + enabled => $enabled, + } + if $enabled { + class { 'nova::volume::iscsi': + volume_group => $nova_volume, + iscsi_ip_address => $iscsi_ip_address, + } + } } } From 0ee00d71130643433468ab1d04e9310d80aab148 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Thu, 11 Oct 2012 02:10:22 -0700 Subject: [PATCH 32/43] Add cinder support remove volume management from openstack::compute add cinder server services to openstack::controller add cinder db code --- manifests/cinder.pp | 25 +++++++++++++++++++++++++ manifests/compute.pp | 21 ++------------------- manifests/controller.pp | 26 ++++++++++++++++++++++++-- manifests/db/mysql.pp | 14 +++++++++++++- manifests/keystone.pp | 30 ++++++++++++++++++++++++++++++ 5 files changed, 94 insertions(+), 22 deletions(-) create mode 100644 manifests/cinder.pp diff --git a/manifests/cinder.pp b/manifests/cinder.pp new file mode 100644 index 0000000..d45b509 --- /dev/null +++ b/manifests/cinder.pp @@ -0,0 +1,25 @@ +class openstack::cinder( + $sql_connection, + $rabbit_password, + $rabbit_host = '127.0.0.1', + $volume_group = 'nova-volumes', + $enabled = true +) { + + class { 'cinder::base': + rabbit_password => $rabbit_password, + rabbit_host => $rabbit_host, + sql_connection => $sql_connection, + verbose => $verbose, + } + + # Install / configure nova-volume + class { 'cinder::volume': + enabled => $enabled, + } + if $enabled { + class { 'cinder::volume::iscsi': + volume_group => $volume_group, + } + } +} diff --git a/manifests/compute.pp b/manifests/compute.pp index c84189e..0ee4920 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -1,7 +1,7 @@ # # == Class: openstack::compute # -# Manifest to install/configure nova-compute and nova-volume +# Manifest to install/configure nova-compute # # === Parameters # @@ -41,11 +41,6 @@ class openstack::compute ( $glance_api_servers = false, # Virtualization $libvirt_type = 'kvm', - # Volumes - $nova_volume = 'nova-volumes', - $manage_volumes = true, - # TODO - not sure if using a variable as a default really works - $iscsi_ip_address = $internal_address, # VNC $vnc_enabled = true, $vncproxy_host = undef, @@ -111,6 +106,7 @@ class openstack::compute ( admin_tenant_name => 'services', admin_user => 'nova', admin_password => $nova_user_password, + # TODO override enabled_apis } } else { $enable_network_service = false @@ -132,17 +128,4 @@ class openstack::compute ( install_service => $enable_network_service, } - if $manage_volumes { - # Install / configure nova-volume - class { 'nova::volume': - enabled => $enabled, - } - if $enabled { - class { 'nova::volume::iscsi': - volume_group => $nova_volume, - iscsi_ip_address => $iscsi_ip_address, - } - } - } - } diff --git a/manifests/controller.pp b/manifests/controller.pp index 730256e..e4636a4 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -30,7 +30,7 @@ # Defaults to false. # [network_config] Hash that can be used to pass implementation specifc # network settings. Optioal. Defaults to {} -# [verbose] Rahter to log services at verbose. +# [verbose] Whether to log services at verbose. # [export_resources] Rather to export resources. # Horizon related config - assumes puppetlabs-horizon code # [secret_key] secret key to encode cookies, … @@ -121,8 +121,13 @@ class openstack::controller ( $quantum = false, $horizon_app_links = undef, # General - $verbose = false, + $verbose = 'False', $export_resources = true, + # if the cinder management components should be installed + $cinder_user_password = 'cinder_user_pass', + $cinder_db_password = 'cinder_db_pass', + $cinder_db_user = 'cinder', + $cinder_db_dbname = 'cinder', $enabled = true ) { @@ -150,6 +155,9 @@ class openstack::controller ( nova_db_user => $nova_db_user, nova_db_password => $nova_db_password, nova_db_dbname => $nova_db_dbname, + cinder_db_user => $cinder_db_user, + cinder_db_password => $cinder_db_password, + cinder_db_dbname => $cinder_db_dbname, allowed_hosts => $allowed_hosts, enabled => $enabled, } @@ -172,6 +180,7 @@ class openstack::controller ( admin_address => $admin_address, glance_user_password => $glance_user_password, nova_user_password => $nova_user_password, + cinder_user_password => $cinder_user_password, enabled => $enabled, } @@ -232,6 +241,19 @@ class openstack::controller ( exported_resources => $export_resources, } + ######### Cinder Controller Services ######## + class { "cinder::base": + verbose => $verbose, + sql_connection => "mysql://${cinder_db_user}:${cinder_db_password}@${db_host}/${cinder_db_dbname}?charset=utf8", + rabbit_password => $rabbit_password, + } + + class { 'cinder::api': + keystone_password => $cinder_user_password, + } + + class { 'cinder::scheduler': } + ######## Horizon ######## class { 'openstack::horizon': secret_key => $secret_key, diff --git a/manifests/db/mysql.pp b/manifests/db/mysql.pp index c8cf142..ac8952f 100644 --- a/manifests/db/mysql.pp +++ b/manifests/db/mysql.pp @@ -37,6 +37,7 @@ class openstack::db::mysql ( $keystone_db_password, $glance_db_password, $nova_db_password, + $cinder_db_password, # MySQL $mysql_bind_address = '0.0.0.0', $mysql_account_security = true, @@ -50,13 +51,16 @@ class openstack::db::mysql ( $nova_db_user = 'nova', $nova_db_dbname = 'nova', $allowed_hosts = false, + # Cinder + $cinder_db_user = 'cinder', + $cinder_db_dbname = 'cinder', $enabled = true ) { # Install and configure MySQL Server class { 'mysql::server': config_hash => { - 'root_password' => $mysql_root_password, + #'root_password' => $mysql_root_password, 'bind_address' => $mysql_bind_address, }, enabled => $enabled, @@ -91,5 +95,13 @@ class openstack::db::mysql ( dbname => $nova_db_dbname, allowed_hosts => $allowed_hosts, } + + # create cinder db + class { 'cinder::db::mysql': + user => $cinder_db_user, + password => $cinder_db_password, + dbname => $cinder_db_dbname, + allowed_hosts => $allowed_hosts, + } } } diff --git a/manifests/keystone.pp b/manifests/keystone.pp index d47b733..53fc152 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -45,6 +45,7 @@ class openstack::keystone ( $admin_password, $glance_user_password, $nova_user_password, + $cinder_user_password, $public_address, $db_type = 'mysql', $db_user = 'keystone', @@ -60,9 +61,13 @@ class openstack::keystone ( $nova_public_address = $public_address, $nova_internal_address = false, $nova_admin_address = false, + $cinder_public_address = false, + $cinder_internal_address = false, + $cinder_admin_address = false, $glance = true, $nova = true, $enabled = true, + $cinder = true, ) { # Install and configure Keystone @@ -104,6 +109,21 @@ class openstack::keystone ( } else { $nova_admin_real = $nova_internal_real } + if($cinder_public_address) { + $cinder_public_real = $cinder_public_address + } else { + $cinder_public_real = $public_address + } + if($cinder_internal_address) { + $cinder_internal_real = $cinder_internal_address + } else { + $cinder_internal_real = $cinder_public_real + } + if($cinder_admin_address) { + $cinder_admin_real = $cinder_admin_address + } else { + $cinder_admin_real = $cinder_internal_real + } class { '::keystone': log_verbose => $verbose, @@ -148,6 +168,16 @@ class openstack::keystone ( internal_address => $nova_internal_real, } } + + # Configure Nova endpoint in Keystone + if $cinder { + class { 'cinder::keystone::auth': + password => $cinder_user_password, + public_address => $cinder_public_real, + admin_address => $cinder_admin_real, + internal_address => $cinder_internal_real, + } + } } } From cca646e76d1b996a854aa78acbce7131730cf087 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Thu, 11 Oct 2012 02:10:56 -0700 Subject: [PATCH 33/43] class params cannot be dep on other class params --- manifests/keystone.pp | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/manifests/keystone.pp b/manifests/keystone.pp index 53fc152..75971c2 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -53,12 +53,12 @@ class openstack::keystone ( $admin_tenant = 'admin', $verbose = 'False', $bind_host = '0.0.0.0', - $internal_address = $public_address, + $internal_address = false, $admin_address = false, - $glance_public_address = $public_address, + $glance_public_address = false, $glance_internal_address = false, $glance_admin_address = false, - $nova_public_address = $public_address, + $nova_public_address = false, $nova_internal_address = false, $nova_admin_address = false, $cinder_public_address = false, @@ -66,8 +66,8 @@ class openstack::keystone ( $cinder_admin_address = false, $glance = true, $nova = true, - $enabled = true, $cinder = true, + $enabled = true ) { # Install and configure Keystone @@ -89,20 +89,30 @@ class openstack::keystone ( } else { $admin_real = $internal_real } + if($glance_public_address) { + $glance_public_real = $public_public_address + } else { + $glance_public_real = $public_address + } if($glance_internal_address) { $glance_internal_real = $glance_internal_address } else { - $glance_internal_real = $glance_public_address + $glance_internal_real = $glance_public_real } if($glance_admin_address) { $glance_admin_real = $glance_admin_address } else { $glance_admin_real = $glance_internal_real } + if($nova_public_address) { + $nova_public_real = $nova_public_address + } else { + $nova_public_real = $public_address + } if($nova_internal_address) { $nova_internal_real = $nova_internal_address } else { - $nova_internal_real = $nova_public_address + $nova_internal_real = $nova_public_real } if($nova_admin_address) { $nova_admin_real = $nova_admin_address @@ -153,7 +163,7 @@ class openstack::keystone ( if $glance { class { 'glance::keystone::auth': password => $glance_user_password, - public_address => $glance_public_address, + public_address => $glance_public_real, admin_address => $glance_admin_real, internal_address => $glance_internal_real, } @@ -163,7 +173,7 @@ class openstack::keystone ( if $nova { class { 'nova::keystone::auth': password => $nova_user_password, - public_address => $nova_public_address, + public_address => $nova_public_real, admin_address => $nova_admin_real, internal_address => $nova_internal_real, } From c612934570ccc9988622486620ce4b46be080189 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Fri, 12 Oct 2012 20:49:12 -0700 Subject: [PATCH 34/43] replaced nova::nework with quantum. --- manifests/compute.pp | 52 +++++++++++++-------------- manifests/controller.pp | 48 ++++++++++++++----------- manifests/db/mysql.pp | 11 ++++++ manifests/keystone.pp | 70 +++++++++++++++++++++++++----------- manifests/nova/controller.pp | 28 +++++++-------- 5 files changed, 123 insertions(+), 86 deletions(-) diff --git a/manifests/compute.pp b/manifests/compute.pp index 0ee4920..0ff4313 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -25,11 +25,7 @@ class openstack::compute ( # Network $public_address = undef, $public_interface = undef, - $private_interface = 'eth1', - $fixed_range = '10.0.0.0/24', $network_manager = 'nova.network.manager.FlatDHCPManager', - $network_config = {}, - $multi_host = false, # DB $sql_connection = false, # Nova @@ -93,14 +89,14 @@ class openstack::compute ( # compute installation if $multi_host { include keystone::python - nova_config { - 'multi_host': value => 'True'; - 'send_arp_for_ha': value => 'True'; - } - if ! $public_interface { - fail('public_interface must be defined for multi host compute nodes') - } - $enable_network_service = true + #nova_config { + # 'multi_host': value => 'True'; + # 'send_arp_for_ha': value => 'True'; + #} + #if ! $public_interface { + # fail('public_interface must be defined for multi host compute nodes') + #} + #$enable_network_service = true class { 'nova::api': enabled => true, admin_tenant_name => 'services', @@ -109,23 +105,23 @@ class openstack::compute ( # TODO override enabled_apis } } else { - $enable_network_service = false - nova_config { - 'multi_host': value => 'False'; - 'send_arp_for_ha': value => 'False'; - } + #$enable_network_service = false + #nova_config { + # 'multi_host': value => 'False'; + # 'send_arp_for_ha': value => 'False'; + #} } - class { 'nova::network': - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - floating_range => false, - network_manager => $network_manager, - config_overrides => $network_config, - create_networks => false, - enabled => $enable_network_service, - install_service => $enable_network_service, - } + #class { 'nova::network': + # private_interface => $private_interface, + # public_interface => $public_interface, + # fixed_range => $fixed_range, + # floating_range => false, + # network_manager => $network_manager, + # config_overrides => $network_config, + # create_networks => false, + # enabled => $enable_network_service, + # install_service => $enable_network_service, + #} } diff --git a/manifests/controller.pp b/manifests/controller.pp index e4636a4..d1a3c8b 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -128,6 +128,11 @@ class openstack::controller ( $cinder_db_password = 'cinder_db_pass', $cinder_db_user = 'cinder', $cinder_db_dbname = 'cinder', + # + $quantum_user_password = 'quantum_user_pass', + $quantum_db_password = 'quantum_db_pass', + $quantum_db_user = 'quantum', + $quantum_db_dbname = 'quantum', $enabled = true ) { @@ -158,6 +163,9 @@ class openstack::controller ( cinder_db_user => $cinder_db_user, cinder_db_password => $cinder_db_password, cinder_db_dbname => $cinder_db_dbname, + quantum_db_user => $quantum_db_user, + quantum_db_password => $quantum_db_password, + quantum_db_dbname => $quantum_db_dbname, allowed_hosts => $allowed_hosts, enabled => $enabled, } @@ -165,23 +173,24 @@ class openstack::controller ( ####### KEYSTONE ########### class { 'openstack::keystone': - verbose => $verbose, - db_type => $db_type, - db_host => $db_host, - db_password => $keystone_db_password, - db_name => $keystone_db_dbname, - db_user => $keystone_db_user, - admin_token => $keystone_admin_token, - admin_tenant => $keystone_admin_tenant, - admin_email => $admin_email, - admin_password => $admin_password, - public_address => $public_address, - internal_address => $internal_address, - admin_address => $admin_address, - glance_user_password => $glance_user_password, - nova_user_password => $nova_user_password, - cinder_user_password => $cinder_user_password, - enabled => $enabled, + verbose => $verbose, + db_type => $db_type, + db_host => $db_host, + db_password => $keystone_db_password, + db_name => $keystone_db_dbname, + db_user => $keystone_db_user, + admin_token => $keystone_admin_token, + admin_tenant => $keystone_admin_tenant, + admin_email => $admin_email, + admin_password => $admin_password, + public_address => $public_address, + internal_address => $internal_address, + admin_address => $admin_address, + glance_user_password => $glance_user_password, + nova_user_password => $nova_user_password, + cinder_user_password => $cinder_user_password, + quantum_user_password => $quantum_user_password, + enabled => $enabled, } @@ -212,10 +221,7 @@ class openstack::controller ( # Database db_host => $db_host, # Network - network_manager => $network_manager, - network_config => $network_config, - private_interface => $private_interface, - public_interface => $public_interface, + #network_manager => $network_manager, floating_range => $floating_range, fixed_range => $fixed_range, public_address => $public_address, diff --git a/manifests/db/mysql.pp b/manifests/db/mysql.pp index ac8952f..63760f8 100644 --- a/manifests/db/mysql.pp +++ b/manifests/db/mysql.pp @@ -38,6 +38,7 @@ class openstack::db::mysql ( $glance_db_password, $nova_db_password, $cinder_db_password, + $quantum_db_password, # MySQL $mysql_bind_address = '0.0.0.0', $mysql_account_security = true, @@ -54,6 +55,9 @@ class openstack::db::mysql ( # Cinder $cinder_db_user = 'cinder', $cinder_db_dbname = 'cinder', + # quantum + $quantum_db_user = 'quantum', + $quantum_db_dbname = 'quantum', $enabled = true ) { @@ -103,5 +107,12 @@ class openstack::db::mysql ( dbname => $cinder_db_dbname, allowed_hosts => $allowed_hosts, } + + class { 'quantum::db::mysql': + user => $quantum_db_user, + password => $quantum_db_password, + dbname => $quantum_db_dbname, + allowed_hosts => $allowed_hosts, + } } } diff --git a/manifests/keystone.pp b/manifests/keystone.pp index 75971c2..4702974 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -46,28 +46,33 @@ class openstack::keystone ( $glance_user_password, $nova_user_password, $cinder_user_password, + $quantum_user_password, $public_address, - $db_type = 'mysql', - $db_user = 'keystone', - $db_name = 'keystone', - $admin_tenant = 'admin', - $verbose = 'False', - $bind_host = '0.0.0.0', - $internal_address = false, - $admin_address = false, - $glance_public_address = false, - $glance_internal_address = false, - $glance_admin_address = false, - $nova_public_address = false, - $nova_internal_address = false, - $nova_admin_address = false, - $cinder_public_address = false, - $cinder_internal_address = false, - $cinder_admin_address = false, - $glance = true, - $nova = true, - $cinder = true, - $enabled = true + $db_type = 'mysql', + $db_user = 'keystone', + $db_name = 'keystone', + $admin_tenant = 'admin', + $verbose = 'False', + $bind_host = '0.0.0.0', + $internal_address = false, + $admin_address = false, + $glance_public_address = false, + $glance_internal_address = false, + $glance_admin_address = false, + $nova_public_address = false, + $nova_internal_address = false, + $nova_admin_address = false, + $cinder_public_address = false, + $cinder_internal_address = false, + $cinder_admin_address = false, + $quantum_public_address = false, + $quantum_internal_address = false, + $quantum_admin_address = false, + $glance = true, + $nova = true, + $cinder = true, + $quantum = true, + $enabled = true ) { # Install and configure Keystone @@ -134,6 +139,21 @@ class openstack::keystone ( } else { $cinder_admin_real = $cinder_internal_real } + if($quantum_public_address) { + $quantum_public_real = $quantum_public_address + } else { + $quantum_public_real = $public_address + } + if($quantum_internal_address) { + $quantum_internal_real = $quantum_internal_address + } else { + $quantum_internal_real = $quantum_public_real + } + if($quantum_admin_address) { + $quantum_admin_real = $quantum_admin_address + } else { + $quantum_admin_real = $quantum_internal_real + } class { '::keystone': log_verbose => $verbose, @@ -188,6 +208,14 @@ class openstack::keystone ( internal_address => $cinder_internal_real, } } + if $quantum { + class { 'quantum::keystone::auth': + password => $quantum_user_password, + public_address => $quantum_public_real, + admin_address => $quantum_admin_real, + internal_address => $quantum_internal_real, + } + } } } diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp index 667a8be..5aa4be7 100644 --- a/manifests/nova/controller.pp +++ b/manifests/nova/controller.pp @@ -30,10 +30,6 @@ class openstack::nova::controller ( $nova_user_password, $nova_db_password, # Network - $network_manager = 'nova.network.manager.FlatDHCPManager', - $network_config = {}, - $public_interface = 'eth0', - $private_interface = 'eth1', $fixed_range = '10.0.0.0/24', $floating_range = false, $internal_address = $public_address, @@ -135,18 +131,18 @@ class openstack::nova::controller ( $really_create_networks = false } - class { 'nova::network': - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - floating_range => $floating_range, - network_manager => $network_manager, - config_overrides => $network_config, - create_networks => $really_create_networks, - num_networks => $num_networks, - enabled => $enable_network_service, - install_service => $enable_network_service, - } + #class { 'nova::network': + # private_interface => $private_interface, + # public_interface => $public_interface, + # fixed_range => $fixed_range, + # floating_range => $floating_range, + # network_manager => $network_manager, + # config_overrides => $network_config, + # create_networks => $really_create_networks, + # num_networks => $num_networks, + # enabled => $enable_network_service, + # install_service => $enable_network_service, + #} if $auto_assign_floating_ip { nova_config { 'auto_assign_floating_ip': value => 'True' } From 8200961537f14c3d035e8a6a656f07390e8cabed Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sat, 13 Oct 2012 02:59:00 -0700 Subject: [PATCH 35/43] set root_password --- manifests/db/mysql.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/db/mysql.pp b/manifests/db/mysql.pp index 63760f8..5bb8e21 100644 --- a/manifests/db/mysql.pp +++ b/manifests/db/mysql.pp @@ -64,7 +64,7 @@ class openstack::db::mysql ( # Install and configure MySQL Server class { 'mysql::server': config_hash => { - #'root_password' => $mysql_root_password, + 'root_password' => $mysql_root_password, 'bind_address' => $mysql_bind_address, }, enabled => $enabled, From d8747ed6e7152a77ef3827b22031aa2d9ded0eb3 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sat, 13 Oct 2012 19:49:35 -0700 Subject: [PATCH 36/43] update test file to work with quantum --- manifests/test_file.pp | 3 ++- templates/test_nova.sh.erb | 21 ++++++++++++++------- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/manifests/test_file.pp b/manifests/test_file.pp index 2a081c4..6dac6da 100644 --- a/manifests/test_file.pp +++ b/manifests/test_file.pp @@ -18,7 +18,8 @@ class openstack::test_file( $rc_file_path = '/root/openrc', $image_type = 'cirros', $sleep_time = '15', - $floating_ip = true + $floating_ip = true, + $quantum = true ) { file { $path: diff --git a/templates/test_nova.sh.erb b/templates/test_nova.sh.erb index 78938cf..d1a2f06 100644 --- a/templates/test_nova.sh.erb +++ b/templates/test_nova.sh.erb @@ -24,9 +24,9 @@ wget http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd6 glance add name="precise-amd64" is_public=true container_format=ovf disk_format=qcow2 < precise-server-cloudimg-amd64-disk1.img # Caputre the Image ID so taht we can call the right UUID for this image IMAGE_ID=`glance index | grep 'precise-amd64' | head -1 | awk -F' ' '{print $1}'` +<% end -%> login_user='ubuntu' -<% end -%> # create a pub/priv keypair ssh-keygen -f /tmp/id_rsa -t rsa -N '' @@ -34,21 +34,28 @@ ssh-keygen -f /tmp/id_rsa -t rsa -N '' #add the public key to nova. nova --no-cache keypair-add --pub_key /tmp/id_rsa.pub key_cirros -<% if floating_ip -%> + +instance_name='<%= image_type %>_test_vm' + +<% if quantum -%> +quantum net-create net1 +quantum subnet-create net1 10.0.0.0/24 +quantum_net=`quantum net-list | grep net1 | awk -F' ' '{print $2}'` +nova --no-cache boot --flavor 1 --image $IMAGE_ID --key_name key_cirros --nic net-id=$quantum_net $instance_name +<% else -%> + <% if floating_ip -%> # create a security group so that we can allow ssh, http, and ping traffic # when we add a floating IP (assuming you are adding floating IPs) nova --no-cache secgroup-create nova_test 'Cirros test security group' nova --no-cache secgroup-add-rule nova_test tcp 22 22 0.0.0.0/0 nova --no-cache secgroup-add-rule nova_test tcp 80 80 0.0.0.0/0 nova --no-cache secgroup-add-rule nova_test icmp -1 -1 0.0.0.0/0 - # request a floating IP address, and extract the address from the results message floating_ip=`nova --no-cache floating-ip-create | grep None | awk '{print $2}'` -<% end -%> - -instance_name='<%= image_type %>_test_vm' -# Boot the added image against the "1" flavor which by default maps to a micro instance. <% if floating_ip -%> Include the cirros_test group so our address will work when we add it later <% end %> + <% end -%> + # Boot the added image against the "1" flavor which by default maps to a micro instance. <% if floating_ip -%> Include the cirros_test group so our address will work when we add it later <% end %> nova --no-cache boot --flavor 1 <% if floating_ip -%>--security_groups nova_test<% end %> --image ${IMAGE_ID} --key_name key_cirros $instance_name +<% end -%> # let the system catch up sleep <%= sleep_time %> From 07d66ad8093d059ef2738d384d33b655d076dc3e Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sat, 13 Oct 2012 19:50:05 -0700 Subject: [PATCH 37/43] Removed unused network configs --- manifests/compute.pp | 3 --- 1 file changed, 3 deletions(-) diff --git a/manifests/compute.pp b/manifests/compute.pp index 0ff4313..455aa1d 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -23,9 +23,6 @@ class openstack::compute ( # Required Rabbit $rabbit_password, # Network - $public_address = undef, - $public_interface = undef, - $network_manager = 'nova.network.manager.FlatDHCPManager', # DB $sql_connection = false, # Nova From c9e1ed4f9a9261bb7c3d1f81af511dab6562541e Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sat, 13 Oct 2012 21:19:49 -0700 Subject: [PATCH 38/43] Change log_verbose and log_debug to verbose and debug to make it compatible with the concurrent changes to keystone. --- manifests/keystone.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/keystone.pp b/manifests/keystone.pp index 4702974..df74088 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -156,8 +156,8 @@ class openstack::keystone ( } class { '::keystone': - log_verbose => $verbose, - log_debug => $verbose, + verbose => $verbose, + debug => $verbose, catalog_type => 'sql', admin_token => $admin_token, enabled => $enabled, From 346e51d9a92c2748afad1aeade781caf9d4bb873 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 14 Oct 2012 00:26:29 -0700 Subject: [PATCH 39/43] update log_debug,log_verbose to debug,verbose --- manifests/glance.pp | 8 +++---- spec/classes/openstack_controller_spec.rb | 26 +++++++++++------------ 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/manifests/glance.pp b/manifests/glance.pp index d6624e7..a7fbbc3 100644 --- a/manifests/glance.pp +++ b/manifests/glance.pp @@ -52,8 +52,8 @@ class openstack::glance ( # Install and configure glance-api class { 'glance::api': - log_verbose => $verbose, - log_debug => $verbose, + verbose => $verbose, + debug => $verbose, auth_type => 'keystone', auth_port => '35357', auth_uri => $auth_uri, @@ -67,8 +67,8 @@ class openstack::glance ( # Install and configure glance-registry class { 'glance::registry': - log_verbose => $verbose, - log_debug => $verbose, + verbose => $verbose, + debug => $verbose, auth_host => $keystone_host, auth_port => '35357', auth_type => 'keystone', diff --git a/spec/classes/openstack_controller_spec.rb b/spec/classes/openstack_controller_spec.rb index bfa58fb..45cdaa9 100644 --- a/spec/classes/openstack_controller_spec.rb +++ b/spec/classes/openstack_controller_spec.rb @@ -66,8 +66,8 @@ describe 'openstack::controller' do should contain_class('keystone').with( :admin_token => 'keystone_admin_token', :bind_host => '0.0.0.0', - :log_verbose => false, - :log_debug => false, + :verbose => false, + :debug => false, :catalog_type => 'sql', :enabled => true ) @@ -98,8 +98,8 @@ describe 'openstack::controller' do #:before => 'Class[nova::api]' ) should contain_class('glance::api').with( - :log_verbose => false, - :log_debug => false, + :verbose => false, + :debug => false, :auth_type => 'keystone', :auth_host => '127.0.0.1', :auth_port => '35357', @@ -111,8 +111,8 @@ describe 'openstack::controller' do should contain_class('glance::backend::file') should contain_class('glance::registry').with( - :log_verbose => false, - :log_debug => false, + :verbose => false, + :debug => false, :auth_type => 'keystone', :auth_host => '127.0.0.1', :auth_port => '35357', @@ -200,9 +200,9 @@ describe 'openstack::controller' do it 'should override keystone config' do should contain_class('keystone').with( - :log_verbose => true, - :log_debug => true, - :admin_token => 'foo' + :verbose => true, + :debug => true, + :admin_token => 'foo' ) should contain_class('keystone::config::mysql').with( :password => 'pass' @@ -225,14 +225,14 @@ describe 'openstack::controller' do end it 'should override glance config' do should contain_class('glance::api').with( - :log_verbose => true, - :log_debug => true, + :verbose => true, + :debug => true, :keystone_password => 'pass6', :enabled => true ) should contain_class('glance::registry').with( - :log_verbose => true, - :log_debug => true, + :verbose => true, + :debug => true, :keystone_password => 'pass6', :sql_connection => "mysql://glance:pass2@127.0.0.1/glance", :enabled => true From 6b84c12fa7e6cd457447e93ef787e12b27133b4a Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 14 Oct 2012 01:03:35 -0700 Subject: [PATCH 40/43] update params --- manifests/glance.pp | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/manifests/glance.pp b/manifests/glance.pp index a7fbbc3..f1ddfae 100644 --- a/manifests/glance.pp +++ b/manifests/glance.pp @@ -52,11 +52,10 @@ class openstack::glance ( # Install and configure glance-api class { 'glance::api': - verbose => $verbose, - debug => $verbose, + verbose => $verbose, + debug => $verbose, auth_type => 'keystone', auth_port => '35357', - auth_uri => $auth_uri, auth_host => $keystone_host, keystone_tenant => 'services', keystone_user => 'glance', @@ -67,12 +66,11 @@ class openstack::glance ( # Install and configure glance-registry class { 'glance::registry': - verbose => $verbose, - debug => $verbose, + verbose => $verbose, + debug => $verbose, auth_host => $keystone_host, auth_port => '35357', auth_type => 'keystone', - auth_uri => $auth_uri, keystone_tenant => 'services', keystone_user => 'glance', keystone_password => $glance_user_password, From 03546bc90c0058c3654280a189aa455a10b0e5b0 Mon Sep 17 00:00:00 2001 From: Joe Topjian Date: Mon, 15 Oct 2012 07:09:43 +0000 Subject: [PATCH 41/43] nova-network work. cinder and quantum logic --- manifests/auth_file.pp | 2 +- manifests/controller.pp | 33 ++++++++++++++++++++++----------- manifests/db/mysql.pp | 27 +++++++++++++++++---------- manifests/nova/controller.pp | 30 +++++++++++++++++------------- 4 files changed, 57 insertions(+), 35 deletions(-) diff --git a/manifests/auth_file.pp b/manifests/auth_file.pp index 103238a..9cc60db 100644 --- a/manifests/auth_file.pp +++ b/manifests/auth_file.pp @@ -5,7 +5,7 @@ # class openstack::auth_file( $admin_password, - $controller_node = '127.0.0.1', + $controller_node = '127.0.0.1', $keystone_admin_token = 'keystone_admin_token', $admin_user = 'admin', $admin_tenant = 'admin' diff --git a/manifests/controller.pp b/manifests/controller.pp index d1a3c8b..c689451 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -119,6 +119,7 @@ class openstack::controller ( $cache_server_port = '11211', $swift = false, $quantum = false, + $cinder = false, $horizon_app_links = undef, # General $verbose = 'False', @@ -160,10 +161,12 @@ class openstack::controller ( nova_db_user => $nova_db_user, nova_db_password => $nova_db_password, nova_db_dbname => $nova_db_dbname, + cinder => $cinder, cinder_db_user => $cinder_db_user, cinder_db_password => $cinder_db_password, cinder_db_dbname => $cinder_db_dbname, - quantum_db_user => $quantum_db_user, + quantum => $quantum, + quantum_db_user => $quantum_db_user, quantum_db_password => $quantum_db_password, quantum_db_dbname => $quantum_db_dbname, allowed_hosts => $allowed_hosts, @@ -188,7 +191,9 @@ class openstack::controller ( admin_address => $admin_address, glance_user_password => $glance_user_password, nova_user_password => $nova_user_password, + cinder => $cinder, cinder_user_password => $cinder_user_password, + quantum => $quantum, quantum_user_password => $quantum_user_password, enabled => $enabled, } @@ -221,7 +226,7 @@ class openstack::controller ( # Database db_host => $db_host, # Network - #network_manager => $network_manager, + network_manager => $network_manager, floating_range => $floating_range, fixed_range => $fixed_range, public_address => $public_address, @@ -231,6 +236,7 @@ class openstack::controller ( create_networks => $create_networks, num_networks => $num_networks, multi_host => $multi_host, + quantum => $quantum, # Nova nova_user_password => $nova_user_password, nova_db_password => $nova_db_password, @@ -248,17 +254,22 @@ class openstack::controller ( } ######### Cinder Controller Services ######## - class { "cinder::base": - verbose => $verbose, - sql_connection => "mysql://${cinder_db_user}:${cinder_db_password}@${db_host}/${cinder_db_dbname}?charset=utf8", - rabbit_password => $rabbit_password, + if ($cinder) { + class { "cinder::base": + verbose => $verbose, + sql_connection => "mysql://${cinder_db_user}:${cinder_db_password}@${db_host}/${cinder_db_dbname}?charset=utf8", + rabbit_password => $rabbit_password, + } + + class { 'cinder::api': + keystone_password => $cinder_user_password, + } + + class { 'cinder::scheduler': } + } else { + # Set up nova-volume } - class { 'cinder::api': - keystone_password => $cinder_user_password, - } - - class { 'cinder::scheduler': } ######## Horizon ######## class { 'openstack::horizon': diff --git a/manifests/db/mysql.pp b/manifests/db/mysql.pp index 5bb8e21..68a3825 100644 --- a/manifests/db/mysql.pp +++ b/manifests/db/mysql.pp @@ -53,9 +53,11 @@ class openstack::db::mysql ( $nova_db_dbname = 'nova', $allowed_hosts = false, # Cinder + $cinder = true, $cinder_db_user = 'cinder', $cinder_db_dbname = 'cinder', # quantum + $quantum = true, $quantum_db_user = 'quantum', $quantum_db_dbname = 'quantum', $enabled = true @@ -101,18 +103,23 @@ class openstack::db::mysql ( } # create cinder db - class { 'cinder::db::mysql': - user => $cinder_db_user, - password => $cinder_db_password, - dbname => $cinder_db_dbname, - allowed_hosts => $allowed_hosts, + if ($cinder) { + class { 'cinder::db::mysql': + user => $cinder_db_user, + password => $cinder_db_password, + dbname => $cinder_db_dbname, + allowed_hosts => $allowed_hosts, + } } - class { 'quantum::db::mysql': - user => $quantum_db_user, - password => $quantum_db_password, - dbname => $quantum_db_dbname, - allowed_hosts => $allowed_hosts, + # create quantum db + if ($quantum) { + class { 'quantum::db::mysql': + user => $quantum_db_user, + password => $quantum_db_password, + dbname => $quantum_db_dbname, + allowed_hosts => $allowed_hosts, + } } } } diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp index 5aa4be7..fa70373 100644 --- a/manifests/nova/controller.pp +++ b/manifests/nova/controller.pp @@ -38,6 +38,8 @@ class openstack::nova::controller ( $create_networks = true, $num_networks = 1, $multi_host = false, + $network_manager = 'nova.network.manager.FlatDHCPManager', + $quantum = true, # Nova $nova_db_user = 'nova', $nova_db_dbname = 'nova', @@ -118,7 +120,7 @@ class openstack::nova::controller ( nova_config { 'multi_host': value => 'True' } $enable_network_service = false } else { - if $enabled == true { + if $enabled { $enable_network_service = true } else { $enable_network_service = false @@ -131,18 +133,20 @@ class openstack::nova::controller ( $really_create_networks = false } - #class { 'nova::network': - # private_interface => $private_interface, - # public_interface => $public_interface, - # fixed_range => $fixed_range, - # floating_range => $floating_range, - # network_manager => $network_manager, - # config_overrides => $network_config, - # create_networks => $really_create_networks, - # num_networks => $num_networks, - # enabled => $enable_network_service, - # install_service => $enable_network_service, - #} + if $quantum == false { + class { 'nova::network': + private_interface => $private_interface, + public_interface => $public_interface, + fixed_range => $fixed_range, + floating_range => $floating_range, + network_manager => $network_manager, + config_overrides => $network_config, + create_networks => $really_create_networks, + num_networks => $num_networks, + enabled => $enable_network_service, + install_service => $enable_network_service, + } + } if $auto_assign_floating_ip { nova_config { 'auto_assign_floating_ip': value => 'True' } From 52871a35954221542bbb0d3ec959233ab8cfc33a Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Sun, 14 Oct 2012 17:42:48 -0700 Subject: [PATCH 42/43] add inifile repo as a testing dep --- .fixtures.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.fixtures.yml b/.fixtures.yml index c88edfe..9d42299 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -6,5 +6,6 @@ fixtures: "nova": "git://github.com/puppetlabs/puppetlabs-nova.git" "stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git" "sysctl": "git://github.com/duritong/puppet-sysctl.git" + 'inifile': 'git://github.com/cprice-puppet/puppetlabs-inifile' symlinks: "openstack": "#{source_dir}" From f001bfa157cb12753dc240fd68d014a86d80629c Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Mon, 15 Oct 2012 00:43:44 -0700 Subject: [PATCH 43/43] removed trailing whitespace. --- manifests/controller.pp | 4 ++-- manifests/nova/controller.pp | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/controller.pp b/manifests/controller.pp index c689451..d0d54d8 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -260,11 +260,11 @@ class openstack::controller ( sql_connection => "mysql://${cinder_db_user}:${cinder_db_password}@${db_host}/${cinder_db_dbname}?charset=utf8", rabbit_password => $rabbit_password, } - + class { 'cinder::api': keystone_password => $cinder_user_password, } - + class { 'cinder::scheduler': } } else { # Set up nova-volume diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp index fa70373..187ef24 100644 --- a/manifests/nova/controller.pp +++ b/manifests/nova/controller.pp @@ -133,7 +133,7 @@ class openstack::nova::controller ( $really_create_networks = false } - if $quantum == false { + if $quantum == false { class { 'nova::network': private_interface => $private_interface, public_interface => $public_interface,