diff --git a/.fixtures.yml b/.fixtures.yml index c3cb7bc..36a1df7 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -6,7 +6,7 @@ fixtures: "glance": "git://github.com/stackforge/puppet-glance.git" 'horizon': 'git://github.com/stackforge/puppet-horizon' 'swift' : 'git://github.com/stackforge/puppet-swift' - 'quantum': 'git://github.com/bodepd/puppet-quantum' + 'quantum': 'git://github.com/stackforge/puppet-quantum' "apt": "git://github.com/puppetlabs/puppetlabs-apt.git" "apache": "git://github.com/puppetlabs/puppetlabs-apache.git" "concat": "git://github.com/ripienaar/puppet-concat.git" diff --git a/manifests/all.pp b/manifests/all.pp index 915f336..8484fce 100644 --- a/manifests/all.pp +++ b/manifests/all.pp @@ -20,7 +20,7 @@ # [network_config] Used to specify network manager specific parameters .Optional. Defualts to {}. # [mysql_root_password] The root password to set for the mysql database. Optional. Defaults to sql_pass'. # [rabbit_password] The password to use for the rabbitmq user. Optional. Defaults to rabbit_pw' -# [rabbit_user] The rabbitmq user to use for auth. Optional. Defaults to nova'. +# [rabbit_user] The rabbitmq user to use for auth. Optional. Defaults to openstack. # [admin_email] The admin's email address. Optional. Defaults to someuser@some_fake_email_address.foo'. # [admin_password] The default password of the keystone admin. Optional. Defaults to ChangeMe'. # [keystone_db_password] The default password for the keystone db user. Optional. Defaults to keystone_pass'. @@ -107,7 +107,7 @@ class openstack::all ( $network_config = {}, $quantum = true, # Rabbit - $rabbit_user = 'nova', + $rabbit_user = 'openstack', # Horizon $horizon = true, $cache_server_ip = '127.0.0.1', diff --git a/manifests/compute.pp b/manifests/compute.pp index c5bd191..1fea68f 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -5,8 +5,6 @@ # # === Parameters # -# See params.pp -# # === Examples # # class { 'openstack::nova::compute': @@ -33,17 +31,25 @@ class openstack::compute ( $multi_host = false, $enabled_apis = 'ec2,osapi_compute,metadata', # Quantum - $quantum = false, - $quantum_host = false, + $quantum = true, $quantum_user_password = false, - $keystone_host = false, + $quantum_admin_tenant_name = 'services', + $quantum_admin_user = 'quantum', + $enable_ovs_agent = true, + $enable_l3_agent = false, + $enable_dhcp_agent = false, + $quantum_auth_url = "http://127.0.0.1:35357/v2.0", + $keystone_host = '127.0.0.1', + $quantum_host = '127.0.0.1', + $ovs_local_ip = false, # Nova $nova_admin_tenant_name = 'services', $nova_admin_user = 'nova', $purge_nova_config = true, + $libvirt_vif_driver = 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver', # Rabbit $rabbit_host = '127.0.0.1', - $rabbit_user = 'nova', + $rabbit_user = 'openstack', $rabbit_virtual_host = '/', # Glance $glance_api_servers = false, @@ -65,6 +71,12 @@ class openstack::compute ( $enabled = true ) { + if $ovs_local_ip { + $ovs_local_ip_real = $ovs_local_ip + } else { + $ovs_local_ip_real = $internal_address + } + if $vncserver_listen { $vncserver_listen_real = $vncserver_listen } else { @@ -156,9 +168,6 @@ class openstack::compute ( } } else { - if ! $quantum_host { - fail('quantum host must be specified when quantum is installed on compute instances') - } if ! $quantum_user_password { fail('quantum user password must be set when quantum is configured') } @@ -166,37 +175,45 @@ class openstack::compute ( fail('keystone host must be configured when quantum is installed') } - class { 'quantum': - verbose => $verbose, - debug => $verbose, - rabbit_host => $rabbit_host, - rabbit_user => $rabbit_user, - rabbit_password => $rabbit_password, - #sql_connection => $quantum_sql_connection, + class { 'openstack::quantum': + # Database + db_host => $db_host, + # Networking + ovs_local_ip => $ovs_local_ip_real, + # Rabbit + rabbit_host => $rabbit_host, + rabbit_user => $rabbit_user, + rabbit_password => $rabbit_password, + # Quantum OVS + enable_ovs_agent => $enable_ovs_agent, + firewall_driver => false, + # Quantum L3 Agent + enable_l3_agent => $enable_l3_agent, + enable_dhcp_agent => $enable_dhcp_agent, + auth_url => $quantum_auth_url, + user_password => $quantum_user_password, + # Keystone + keystone_host => $keystone_host, + # General + enabled => $enabled, + enable_server => false, + verbose => $verbose, } - class { 'quantum::agents::ovs': - enable_tunneling => true, - local_ip => $internal_address, + class { 'nova::compute::quantum': + libvirt_vif_driver => $libvirt_vif_driver, } - class { 'nova::compute::quantum': } - - # does this have to be installed on the compute node? - # NOTE + # Configures nova.conf entries applicable to Quantum. class { 'nova::network::quantum': quantum_admin_password => $quantum_user_password, quantum_auth_strategy => 'keystone', - quantum_url => "http://${keystone_host}:9696", - quantum_admin_tenant_name => 'services', - quantum_admin_username => 'quantum', - quantum_admin_auth_url => "http://${keystone_host}:35357/v2.0" + quantum_url => "http://${quantum_host}:9696", + quantum_admin_username => $quantum_admin_user, + quantum_admin_tenant_name => $quantum_admin_tenant_name, + quantum_admin_auth_url => "http://${keystone_host}:35357/v2.0", } - nova_config { - 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver'; - 'DEFAULT/linuxnet_ovs_integration_bridge': value => 'br-int'; - } } if $manage_volumes { diff --git a/manifests/controller.pp b/manifests/controller.pp index 4f159da..5e8eb40 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -19,7 +19,7 @@ # [nova_db_password] Nova DB password. # [nova_user_password] Nova service password. # [rabbit_password] Rabbit password. -# [rabbit_user] Rabbit User. +# [rabbit_user] Rabbit User. Optional. Defaults to openstack. # [rabbit_virtual_host] Rabbit virtual host path for Nova. Defaults to '/'. # [network_manager] Nova network manager to use. # [fixed_range] Range of ipv4 network for vms. @@ -43,6 +43,18 @@ # The next is an array of arrays, that can be used to add call-out links to the dashboard for other apps. # There is no specific requirement for these apps to be for monitoring, that's just the defacto purpose. # Each app is defined in two parts, the display name, and the URI +# [metadata_shared_secret] +# Shared secret used by nova and quantum to authenticate metadata. +# (optional) Defaults to false. +# +# [firewall_driver] +# Driver used to implement firewall rules. +# (optional) Defaults to 'quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'. +# +# [quantum_auth_url] +# Url used to quantum to contact the authentication service. +# (optional) Default to http://127.0.0.1:35357/v2.0. +# # [horizon_app_links] array as in '[ ["Nagios","http://nagios_addr:port/path"],["Ganglia","http://ganglia_addr"] ]' # [enabled] Whether services should be enabled. This parameter can be used to # implement services in active-passive modes for HA. Optional. Defaults to true. @@ -67,8 +79,6 @@ class openstack::controller ( # Required Network $public_address, - $public_interface, - $private_interface, $admin_email, # required password $admin_password, @@ -82,8 +92,8 @@ class openstack::controller ( $secret_key, # cinder and quantum password are not required b/c they are # optional. Not sure what to do about this. - $quantum_user_password = 'quantum_pass', - $quantum_db_password = 'quantum_pass', + $quantum_user_password = false, + $quantum_db_password = false, $cinder_user_password = false, $cinder_db_password = false, # Database @@ -94,6 +104,7 @@ class openstack::controller ( $mysql_bind_address = '0.0.0.0', $allowed_hosts = '%', # Keystone + $keystone_host = '127.0.0.1', $keystone_db_user = 'keystone', $keystone_db_dbname = 'keystone', $keystone_admin_tenant = 'admin', @@ -114,7 +125,9 @@ class openstack::controller ( $nova_db_dbname = 'nova', $purge_nova_config = true, $enabled_apis = 'ec2,osapi_compute,metadata', - # Network + # Nova Networking + $public_interface = false, + $private_interface = false, $internal_address = false, $admin_address = false, $network_manager = 'nova.network.manager.FlatDHCPManager', @@ -126,7 +139,7 @@ class openstack::controller ( $auto_assign_floating_ip = false, $network_config = {}, # Rabbit - $rabbit_user = 'nova', + $rabbit_user = 'openstack', $rabbit_virtual_host = '/', # Horizon $horizon = true, @@ -143,13 +156,30 @@ class openstack::controller ( $cinder = true, $cinder_db_user = 'cinder', $cinder_db_dbname = 'cinder', - # quantum - $quantum = false, + # Quantum + $quantum = true, + $bridge_interface = undef, + $external_bridge_name = 'br-ex', + $enable_ovs_agent = false, + $enable_dhcp_agent = true, + $enable_l3_agent = true, + $enable_metadata_agent = true, + $metadata_shared_secret = false, + $firewall_driver = 'quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver', $quantum_db_user = 'quantum', - $quantum_db_dbname = 'quantum', + $quantum_db_name = 'quantum', + $quantum_auth_url = 'http://127.0.0.1:35357/v2.0', + $enable_quantum_server = true, + $ovs_local_ip = false, $enabled = true ) { + if $ovs_local_ip { + $ovs_local_ip_real = $ovs_local_ip + } else { + $ovs_local_ip_real = $internal_address + } + if $internal_address { $internal_address_real = $internal_address } else { @@ -279,9 +309,7 @@ class openstack::controller ( # Quantum quantum => $quantum, quantum_user_password => $quantum_user_password, - quantum_db_password => $quantum_db_password, - quantum_db_user => $quantum_db_user, - quantum_db_dbname => $quantum_db_dbname, + metadata_shared_secret => $metadata_shared_secret, # Nova nova_admin_tenant_name => $nova_admin_tenant_name, nova_admin_user => $nova_admin_user, @@ -304,6 +332,55 @@ class openstack::controller ( enabled => $enabled, } + ######### Quantum Controller Services ######## + if ($quantum) { + + if ! $quantum_user_password { + fail('quantum_user_password must be set when configuring quantum') + } + + if ! $quantum_db_password { + fail('quantum_db_password must be set when configuring quantum') + } + + if ! $bridge_interface { + fail('bridge_interface must be set when configuring quantum') + } + + class { 'openstack::quantum': + # Database + db_host => $db_host, + # Rabbit + rabbit_host => $rabbit_host, + rabbit_user => $rabbit_user, + rabbit_password => $rabbit_password, + rabbit_virtual_host => $rabbit_virtual_host, + # Quantum OVS + ovs_local_ip => $ovs_local_ip_real, + bridge_uplinks => ["${external_bridge_name}:${bridge_interface}"], + bridge_mappings => ["default:${external_bridge_name}"], + enable_ovs_agent => $enable_ovs_agent, + firewall_driver => $firewall_driver, + # Database + db_name => $quantum_db_name, + db_user => $quantum_db_user, + db_password => $quantum_db_password, + # Quantum agents + enable_dhcp_agent => $enable_dhcp_agent, + enable_l3_agent => $enable_l3_agent, + enable_metadata_agent => $enable_metadata_agent, + auth_url => $quantum_auth_url, + user_password => $quantum_user_password, + shared_secret => $metadata_shared_secret, + # Keystone + keystone_host => $keystone_host, + # General + enabled => $enabled, + enable_server => $enable_quantum_server, + verbose => $verbose, + } + } + ######### Cinder Controller Services ######## if ($cinder) { diff --git a/manifests/nova/controller.pp b/manifests/nova/controller.pp index e7984ac..1d7ca22 100644 --- a/manifests/nova/controller.pp +++ b/manifests/nova/controller.pp @@ -6,7 +6,16 @@ # # === Parameters # -# See params.pp +# [quantum] +# Specifies if nova should be configured to use quantum. +# (optional) Defaults to false (indicating nova-networks should be used) +# +# [quantum_user_password] +# password that nova uses to authenticate with quantum. +# +# [metadata_shared_secret] Secret used to authenticate between nova and the +# quantum metadata services. +# (Optional). Defaults to undef. # # === Examples # @@ -43,11 +52,9 @@ class openstack::nova::controller ( $public_interface = undef, $private_interface = undef, # quantum - $quantum = false, - $quantum_db_dbname = 'quantum', - $quantum_db_user = 'quantum', - $quantum_db_password = 'quantum_pass', - $quantum_user_password = 'quantum_pass', + $quantum = true, + $quantum_user_password = false, + $metadata_shared_secret = undef, # Nova $nova_admin_tenant_name = 'services', $nova_admin_user = 'nova', @@ -55,7 +62,7 @@ class openstack::nova::controller ( $nova_db_dbname = 'nova', $enabled_apis = 'ec2,osapi_compute,metadata', # Rabbit - $rabbit_user = 'nova', + $rabbit_user = 'openstack', $rabbit_virtual_host = '/', # Database $db_type = 'mysql', @@ -64,9 +71,10 @@ class openstack::nova::controller ( # VNC $vnc_enabled = true, $vncproxy_host = undef, - # General + # Keystone $keystone_host = '127.0.0.1', - $verbose = 'False', + # General + $verbose = false, $enabled = true ) { @@ -114,12 +122,13 @@ class openstack::nova::controller ( # Configure nova-api class { 'nova::api': - enabled => $enabled, - admin_tenant_name => $nova_admin_tenant_name, - admin_user => $nova_admin_user, - admin_password => $nova_user_password, - enabled_apis => $enabled_apis, - auth_host => $keystone_host, + enabled => $enabled, + admin_tenant_name => $nova_admin_tenant_name, + admin_user => $nova_admin_user, + admin_password => $nova_user_password, + enabled_apis => $enabled_apis, + auth_host => $keystone_host, + quantum_metadata_proxy_shared_secret => $metadata_shared_secret, } @@ -142,6 +151,13 @@ class openstack::nova::controller ( } } + if ! $private_interface { + fail('private interface must be set when nova networking is used') + } + if ! $public_interface { + fail('public interface must be set when nova networking is used') + } + class { 'nova::network': private_interface => $private_interface, public_interface => $public_interface, @@ -155,39 +171,10 @@ class openstack::nova::controller ( install_service => $enable_network_service, } } else { - # Set up Quantum - $quantum_sql_connection = "mysql://${quantum_db_user}:${quantum_db_password}@${db_host}/${quantum_db_dbname}?charset=utf8" - class { 'quantum': - rabbit_user => $rabbit_user, - rabbit_password => $rabbit_password, - #sql_connection => $quantum_sql_connection, - verbose => $verbose, - debug => $verbose, - } + # Configure Nova for Quantum networking - class { 'quantum::server': - auth_password => $quantum_user_password, - } - - class { 'quantum::plugins::ovs': - sql_connection => $quantum_sql_connection, - tenant_network_type => 'gre', - } - - class { 'quantum::agents::ovs': - bridge_uplinks => ["br-ex:${public_interface}"], - bridge_mappings => ['external:br-ex'], - enable_tunneling => true, - local_ip => $internal_address, - } - - class { 'quantum::agents::dhcp': - use_namespaces => False, - } - - class { 'quantum::agents::l3': - external_network_bridge => 'br-ex', - auth_password => $quantum_user_password, + if ! $quantum_user_password { + fail('quantum_user_password must be specified when quantum is configured') } class { 'nova::network::quantum': diff --git a/manifests/quantum.pp b/manifests/quantum.pp new file mode 100644 index 0000000..4d2fa7d --- /dev/null +++ b/manifests/quantum.pp @@ -0,0 +1,242 @@ +# +# == Class: openstack::quantum +# +# Class to define quantum components for openstack. This class can +# be configured to provide all quantum related functionality. +# +# === Parameters +# +# [user_password] +# Password used for authentication. +# (required) +# +# [rabbit_password] +# Password used to connect to rabbitmq +# (required) +# +# [enabled] +# state of the quantum services. +# (optional) Defaults to true. +# +# [enable_server] +# If the server should be installed. +# (optional) Defaults to true. +# +# [enable_dhcp_agent] +# Whether the dhcp agent should be enabled. +# (optional) Defaults to false. +# +# [enable_l3_agent] +# Whether the l3 agent should be enabled. +# (optional) Defaults to false. +# +# [enable_metadata_agent] +# Whether the metadata agent should be enabled. +# (optional) Defaults to false. +# +# [enable_ovs_agent] +# Whether the ovs agent should be enabled. +# (optional) Defaults to false. +# +# [bridge_uplinks] +# OVS external bridge name and physical bridge interface tuple. +# (optional) Defaults to []. +# +# [bridge_mappings] +# Physical network name and OVS external bridge name tuple. Only needed for flat and VLAN networking. +# (optional) Defaults to []. +# +# [auth_url] +# Url used to contact the authentication service. +# (optional) Defaults to 'http://localhost:35357/v2.0'. +# +# [shared_secret] +# Shared secret used for the metadata service. +# (optional) Defaults to false indicating the metadata service is not configured. +# +# [metadata_ip] +# Ip address of metadata service. +# (optional) Defaults to '127.0.0.1'. +# +# [db_password] +# Password used to connect to quantum database. +# (required) +# +# [db_type] +# Type of database to use. Only accepts mysql at the moment. +# (optional) +# +# [ovs_local_ip] +# Ip address to use for tunnel endpoint. +# Only required when ovs is enabled. No default. +# +# [ovs_enable_tunneling] +# Whether ovs tunnels should be enabled. +# (optional) Defaults to true. +# +# [firewall_driver] +# Firewall driver to use. +# (optional) Defaults to undef. +# +# [rabbit_user] +# Name of rabbit user. +# (optional) defaults to rabbit_user. +# +# [rabbit_host] +# Host where rabbitmq is running. +# (optional) 127.0.0.1 +# +# [rabbit_virtual_host] +# Virtual host to use for rabbitmq. +# (optional) Defaults to '/'. +# +# [db_host] +# Host where db is running. +# (optional) Defaults to 127.0.0.1. +# +# [db_name] +# Name of quantum database. +# (optional) Defaults to quantum. +# +# [db_user] +# User to connect to quantum database as. +# (optional) Defaults to quantum. +# +# [bind_address] +# Address quantum api server should bind to. +# (optional) Defaults to 0.0.0.0. +# +# [keystone_host] +# Host running keystone. +# (optional) Defaults to 127.0.0.1. +# +# [verbose] +# Enables verbose for quantum services. +# (optional) Defaults to false. +# +# [debug] +# Enables debug for quantum services. +# (optional) Defaults to false. +# +# === Examples +# +# class { 'openstack::quantum': +# db_password => 'quantum_db_pass', +# user_password => 'keystone_user_pass', +# rabbit_password => 'quantum_rabbit_pass', +# bridge_uplinks => '[br-ex:eth0]', +# bridge_mappings => '[default:br-ex], +# enable_ovs_agent => true, +# ovs_local_ip => '10.10.10.10', +# } +# + +class openstack::quantum ( + # Passwords + $user_password, + $rabbit_password, + # enable or disable quantum + $enabled = true, + $enable_server = true, + # Set DHCP/L3 Agents on Primary Controller + $enable_dhcp_agent = false, + $enable_l3_agent = false, + $enable_metadata_agent = false, + $enable_ovs_agent = false, + # OVS settings + $ovs_local_ip = false, + $ovs_enable_tunneling = true, + $bridge_uplinks = [], + $bridge_mappings = [], + # rely on the default set in ovs + $firewall_driver = undef, + # networking and Interface Information + # Metadata configuration + $shared_secret = false, + $metadata_ip = '127.0.0.1', + # Quantum Authentication Information + $auth_url = 'http://localhost:35357/v2.0', + # Rabbit Information + $rabbit_user = 'rabbit_user', + $rabbit_host = '127.0.0.1', + $rabbit_virtual_host = '/', + # Database. Currently mysql is the only option. + $db_type = 'mysql', + $db_password = false, + $db_host = '127.0.0.1', + $db_name = 'quantum', + $db_user = 'quantum', + # General + $bind_address = '0.0.0.0', + $keystone_host = '127.0.0.1', + $verbose = false, + $debug = false, +) { + + class { '::quantum': + enabled => $enabled, + bind_host => $bind_address, + rabbit_host => $rabbit_host, + rabbit_virtual_host => $rabbit_virtual_host, + rabbit_user => $rabbit_user, + rabbit_password => $rabbit_password, + verbose => $verbose, + debug => $debug, + } + + if $enable_server { + if ! $db_password { + fail('db password must be set when configuring a quantum server') + } + if ($db_type == 'mysql') { + $sql_connection = "mysql://${db_user}:${db_password}@${db_host}/${db_name}?charset=utf8" + } else { + fail("Unsupported db type: ${db_type}. Only mysql is currently supported.") + } + class { 'quantum::server': + auth_host => $keystone_host, + auth_password => $user_password, + } + class { 'quantum::plugins::ovs': + sql_connection => $sql_connection, + tenant_network_type => 'gre', + } + } + + if $enable_ovs_agent { + if ! $ovs_local_ip { + fail('ovs_local_ip parameter must be set when using ovs agent') + } + class { 'quantum::agents::ovs': + bridge_uplinks => $bridge_uplinks, + bridge_mappings => $bridge_mappings, + enable_tunneling => $ovs_enable_tunneling, + local_ip => $ovs_local_ip, + firewall_driver => $firewall_driver, + } + } + + if $enable_dhcp_agent { + class { 'quantum::agents::dhcp': + use_namespaces => true, + } + } + if $enable_l3_agent { + class {"quantum::agents::l3": + use_namespaces => true, + } + } + + if $enable_metadata_agent { + if ! $shared_secret { + fail('Shared secret parameter must be set when using metadata agent') + } + class { 'quantum::agents::metadata': + auth_password => $user_password, + shared_secret => $shared_secret, + auth_url => $auth_url, + metadata_ip => $metadata_ip, + } + } + +} diff --git a/spec/classes/openstack_compute_spec.rb b/spec/classes/openstack_compute_spec.rb index 1da36a4..f6c5edf 100644 --- a/spec/classes/openstack_compute_spec.rb +++ b/spec/classes/openstack_compute_spec.rb @@ -32,7 +32,7 @@ describe 'openstack::compute' do should contain_class('nova').with( :sql_connection => 'mysql://user:pass@host/dbname', :rabbit_host => '127.0.0.1', - :rabbit_userid => 'nova', + :rabbit_userid => 'openstack', :rabbit_password => 'rabbit_pw', :rabbit_virtual_host => '/', :image_service => 'nova.image.glance.GlanceImageService', @@ -68,7 +68,7 @@ describe 'openstack::compute' do should contain_class('openstack::cinder::storage').with( :sql_connection => 'mysql://user:pass@host/dbcinder', :rabbit_password => 'rabbit_pw', - :rabbit_userid => 'nova', + :rabbit_userid => 'openstack', :rabbit_host => '127.0.0.1', :rabbit_virtual_host => '/', :volume_group => 'cinder-volumes', @@ -165,6 +165,7 @@ describe 'openstack::compute' do 'enabled' => true, 'install_service' => true }) + should_not contain_class('openstack::quantum') end describe 'with defaults' do @@ -241,32 +242,48 @@ describe 'openstack::compute' do :internal_address => '127.0.0.1', :public_interface => 'eth3', :quantum => true, - :keystone_host => '127.0.0.1', - :quantum_host => '127.0.0.1', + :keystone_host => '127.0.0.3', + :quantum_host => '127.0.0.2', :quantum_user_password => 'quantum_user_password' ) end it 'should configure quantum' do - should contain_class('quantum').with( - :verbose => false, - :debug => false, - :rabbit_host => params[:rabbit_host], - :rabbit_password => params[:rabbit_password] + should contain_class('openstack::quantum').with( + :db_host => '127.0.0.1', + :ovs_local_ip => params[:internal_address], + :rabbit_host => params[:rabbit_host], + :rabbit_user => 'openstack', + :rabbit_password => params[:rabbit_password], + :enable_ovs_agent => true, + :firewall_driver => false, + :enable_l3_agent => false, + :enable_dhcp_agent => false, + :auth_url => 'http://127.0.0.1:35357/v2.0', + :user_password => params[:quantum_user_password], + :keystone_host => params[:keystone_host], + :enabled => true, + :enable_server => false, + :verbose => false ) - should contain_class('quantum::agents::ovs').with( - :enable_tunneling => true, - :local_ip => '127.0.0.1' + + should contain_class('nova::compute::quantum').with( + :libvirt_vif_driver => 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' ) - should contain_class('nova::compute::quantum') + should contain_class('nova::network::quantum').with( :quantum_admin_password => 'quantum_user_password', :quantum_auth_strategy => 'keystone', - :quantum_url => "http://127.0.0.1:9696", + :quantum_url => "http://127.0.0.2:9696", :quantum_admin_tenant_name => 'services', :quantum_admin_username => 'quantum', - :quantum_admin_auth_url => "http://127.0.0.1:35357/v2.0" + :quantum_admin_auth_url => "http://127.0.0.3:35357/v2.0" ) + + should_not contain_class('quantum::server') + should_not contain_class('quantum::plugins::ovs') + should_not contain_class('quantum::agents::dhcp') + should_not contain_class('quantum::agents::l3') end end diff --git a/spec/classes/openstack_controller_spec.rb b/spec/classes/openstack_controller_spec.rb index d449f6e..e6db45d 100644 --- a/spec/classes/openstack_controller_spec.rb +++ b/spec/classes/openstack_controller_spec.rb @@ -64,10 +64,14 @@ describe 'openstack::controller' do let :params do default_params.merge( - :enabled => true, - :db_type => 'mysql', - :quantum => true, - :cinder => true + :enabled => true, + :db_type => 'mysql', + :quantum => true, + :metadata_shared_secret => 'secret', + :bridge_interface => 'eth1', + :quantum_user_password => 'q_pass', + :quantum_db_password => 'q_db_pass', + :cinder => true ) end @@ -105,7 +109,7 @@ describe 'openstack::controller' do ) should contain_class('quantum::db::mysql').with( :user => 'quantum', - :password => 'quantum_pass', + :password => 'q_db_pass', :dbname => 'quantum', :allowed_hosts => '%' ) @@ -341,7 +345,7 @@ describe 'openstack::controller' do it 'should contain enabled nova services' do should contain_class('nova::rabbitmq').with( - :userid => 'nova', + :userid => 'openstack', :password => 'rabbit_pw', :virtual_host => '/', :enabled => true @@ -349,7 +353,7 @@ describe 'openstack::controller' do should contain_class('nova').with( :sql_connection => 'mysql://nova:nova_pass@127.0.0.1/nova', :rabbit_host => '127.0.0.1', - :rabbit_userid => 'nova', + :rabbit_userid => 'openstack', :rabbit_password => 'rabbit_pw', :rabbit_virtual_host => '/', :image_service => 'nova.image.glance.GlanceImageService', @@ -479,8 +483,11 @@ describe 'openstack::controller' do default_params.merge({ :quantum => true, :verbose => true, - :quantum_user_password => 'q_pass', - :public_interface => 'eth_27' + :quantum_user_password => 'q_pass', + :bridge_interface => 'eth_27', + :internal_address => '10.0.0.3', + :quantum_db_password => 'q_db_pass', + :metadata_shared_secret => 'secret' }) end @@ -488,46 +495,31 @@ describe 'openstack::controller' do it 'should configure quantum' do - should contain_class('quantum').with({ - :rabbit_user => 'nova', - :rabbit_password => 'rabbit_pw', - :verbose => true, - :debug => true, - }) - - should contain_class('quantum::server').with({ - :auth_password => 'q_pass', - }) - - should contain_class('quantum::plugins::ovs').with({ - :sql_connection => 'mysql://quantum:quantum_pass@127.0.0.1/quantum?charset=utf8', - - }) - - should contain_class('quantum::agents::ovs').with( { - :bridge_uplinks => ["br-ex:eth_27"], - :bridge_mappings => ['external:br-ex'], - :enable_tunneling => true, - :local_ip => '127.0.0.1', - } ) - - should contain_class('quantum::agents::dhcp').with( { - :use_namespaces => 'False', - } ) - - should contain_class('quantum::agents::l3').with( { - :external_network_bridge => 'br-ex', - :auth_password => 'q_pass', - } ) - - should contain_class('nova::network::quantum').with({ - :quantum_admin_password => 'q_pass', - :quantum_auth_strategy => 'keystone', - :quantum_url => "http://127.0.0.1:9696", - :quantum_admin_tenant_name => 'services', - :quantum_admin_username => 'quantum', - :quantum_admin_auth_url => "http://127.0.0.1:35357/v2.0", - }) + should contain_class('openstack::quantum').with( + :db_host => '127.0.0.1', + :rabbit_host => '127.0.0.1', + :rabbit_user => 'openstack', + :rabbit_password => 'rabbit_pw', + :rabbit_virtual_host => '/', + :ovs_local_ip => '10.0.0.3', + :bridge_uplinks => ["br-ex:eth_27"], + :bridge_mappings => ["default:br-ex"], + :enable_ovs_agent => false, + :firewall_driver => 'quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver', + :db_name => 'quantum', + :db_user => 'quantum', + :db_password => 'q_db_pass', + :enable_dhcp_agent => true, + :enable_l3_agent => true, + :enable_metadata_agent => true, + :auth_url => 'http://127.0.0.1:35357/v2.0', + :user_password => 'q_pass', + :shared_secret => 'secret', + :keystone_host => '127.0.0.1', + :enabled => true, + :enable_server => true, + :verbose => true + ) end diff --git a/spec/classes/openstack_nova_controller_spec.rb b/spec/classes/openstack_nova_controller_spec.rb new file mode 100644 index 0000000..0aa2412 --- /dev/null +++ b/spec/classes/openstack_nova_controller_spec.rb @@ -0,0 +1,77 @@ +require 'spec_helper' + +describe 'openstack::nova::controller' do + + let :params do + { + :public_address => '127.0.0.1', + :db_host => '127.0.0.1', + :rabbit_password => 'rabbit_pass', + :nova_user_password => 'nova_user_pass', + :quantum_user_password => 'quantum_user_pass', + :nova_db_password => 'nova_db_pass', + :quantum => true, + :metadata_shared_secret => 'secret' + } + end + + let :facts do + {:osfamily => 'Debian' } + end + + it { should contain_class('openstack::nova::controller') } + + context 'when configuring quantum' do + + it 'should configure nova with quantum' do + + should contain_class('nova::rabbitmq').with( + :userid => 'openstack', + :password => 'rabbit_pass', + :enabled => true, + :virtual_host => '/' + ) + should contain_class('nova').with( + :sql_connection => 'mysql://nova:nova_db_pass@127.0.0.1/nova', + :rabbit_userid => 'openstack', + :rabbit_password => 'rabbit_pass', + :rabbit_virtual_host => '/', + :image_service => 'nova.image.glance.GlanceImageService', + :glance_api_servers => '127.0.0.1:9292', + :verbose => false, + :rabbit_host => '127.0.0.1' + ) + + should contain_class('nova::api').with( + :enabled => true, + :admin_tenant_name => 'services', + :admin_user => 'nova', + :admin_password => 'nova_user_pass', + :enabled_apis => 'ec2,osapi_compute,metadata', + :auth_host => '127.0.0.1', + :quantum_metadata_proxy_shared_secret => 'secret' + ) + + should contain_class('nova::network::quantum').with( + :quantum_admin_password => 'quantum_user_pass', + :quantum_auth_strategy => 'keystone', + :quantum_url => "http://127.0.0.1:9696", + :quantum_admin_tenant_name => 'services', + :quantum_admin_username => 'quantum', + :quantum_admin_auth_url => "http://127.0.0.1:35357/v2.0" + ) + + ['nova::scheduler', 'nova::objectstore', 'nova::cert', 'nova::consoleauth', 'nova::conductor'].each do |x| + should contain_class(x).with_enabled(true) + end + + should contain_class('nova::vncproxy').with( + :host => '127.0.0.1', + :enabled => true + ) + + + end + end + +end diff --git a/spec/classes/openstack_quantum_spec.rb b/spec/classes/openstack_quantum_spec.rb new file mode 100644 index 0000000..6ee8b0a --- /dev/null +++ b/spec/classes/openstack_quantum_spec.rb @@ -0,0 +1,145 @@ +require 'spec_helper' + +describe 'openstack::quantum' do + + let :facts do + {:osfamily => 'Redhat'} + end + + let :params do + { + :user_password => 'q_user_pass', + :rabbit_password => 'rabbit_pass', + :db_password => 'bar' + } + end + + context 'install quantum with default settings' do + before do + params.delete(:db_password) + end + it 'should fail b/c database password is required' do + expect do + subject + end.to raise_error(Puppet::Error, /db password must be set/) + end + end + context 'install quantum with default and database password' do + it 'should perform default configuration' do + should contain_class('quantum').with( + :enabled => true, + :bind_host => '0.0.0.0', + :rabbit_host => '127.0.0.1', + :rabbit_virtual_host => '/', + :rabbit_user => 'rabbit_user', + :rabbit_password => 'rabbit_pass', + :verbose => false, + :debug => false + ) + should contain_class('quantum::server').with( + :auth_host => '127.0.0.1', + :auth_password => 'q_user_pass' + ) + should contain_class('quantum::plugins::ovs').with( + :sql_connection => "mysql://quantum:bar@127.0.0.1/quantum?charset=utf8", + :tenant_network_type => 'gre' + ) + end + end + + context 'when server is disabled' do + before do + params.merge!(:enable_server => false) + end + it 'should not configure server' do + should_not contain_class('quantum::server') + should_not contain_class('quantum::plugins::ovs') + end + end + + context 'when ovs agent is enabled with all required params' do + before do + params.merge!( + :enable_ovs_agent => true, + :bridge_uplinks => ['br-ex:eth0'], + :bridge_mappings => ['default:br-ex'], + :ovs_local_ip => '10.0.0.2' + ) + end + it { should contain_class('quantum::agents::ovs').with( + :bridge_uplinks => ['br-ex:eth0'], + :bridge_mappings => ['default:br-ex'], + :enable_tunneling => true, + :local_ip => '10.0.0.2', + :firewall_driver => 'quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' + )} + + context 'without ovs_local_ip' do + before do + params.delete(:ovs_local_ip) + end + it 'should fail' do + expect do + subject + end.to raise_error(Puppet::Error, /ovs_local_ip parameter must be set/) + end + end + + end + + context 'when dhcp agent is enabled' do + before do + params.merge!(:enable_dhcp_agent => true) + end + it { should contain_class('quantum::agents::dhcp').with( + :use_namespaces => true + ) } + end + + context 'when l3 agent is enabled' do + before do + params.merge!(:enable_l3_agent => true) + end + it { should contain_class('quantum::agents::l3').with( + :use_namespaces => true + ) } + end + + context 'when metadata agent is enabled' do + before do + params.merge!( + :enable_metadata_agent => true + ) + end + it 'should fail' do + expect do + subject + end.to raise_error(Puppet::Error, /Shared secret parameter must be set/) + end + context 'with a shared secret' do + before do + params.merge!( + :shared_secret => 'foo' + ) + end + it { should contain_class('quantum::agents::metadata').with( + :auth_password => 'q_user_pass', + :shared_secret => 'foo', + :auth_url => 'http://localhost:35357/v2.0', + :metadata_ip => '127.0.0.1' + ) } + end + end + + context 'with invalid db_type' do + before do + params.merge!(:db_type => 'foo', :db_password => 'bar') + end + it 'should fail' do + expect do + subject + end.to raise_error(Puppet::Error, /Unsupported db type: foo./) + end + end + +end