From 9076f371fa1d9e75ceab3a69acc8cc465e4236bb Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Wed, 4 Sep 2013 13:29:53 -0700 Subject: [PATCH] first pass for data mapping refactor update hiera.yaml file moved all data to data directory added globals that need to drive config to site.pp --- Puppetfile | 2 +- data/README.md | 56 ++ data/TODO | 1 + data/class_groups/README.md | 4 + data/class_groups/common.yaml | 3 + data/class_groups/mysql_database.yaml | 3 + data/config.yaml | 9 +- data/data_mappings/common.yaml | 526 ++++++++++++------ data/hiera_data/common.yaml | 9 + data/hiera_data/compute.yaml | 3 +- data/hiera_data/controller.yaml | 7 + data/hiera_data/file.yaml | 0 data/hiera_data/iscsi.yaml | 0 data/hiera_data/mysql.yaml | 1 + .../network_plugin/linuxbridge.yaml | 4 + data/hiera_data/network_plugin/ovs.yaml | 7 + .../network_type/per-tenant-router.yaml | 4 + .../network_type/provider-router.yaml | 4 + data/hiera_data/network_type/single-flat.yaml | 4 + data/hiera_data/openstack.yaml | 32 +- data/hiera_data/rbd.yaml | 7 + data/hiera_data/rpc_type/qpid.yaml | 8 + data/hiera_data/rpc_type/rabbitmq.yaml | 8 + data/hiera_data/swift.yaml | 4 + data/hiera_data/tenant_network_type/gre.yaml | 13 + data/hiera_data/tenant_network_type/vlan.yaml | 6 + data/scenarios/2_node.yaml | 8 + data/scenarios/3_node.pp | 7 + data/scenarios/all_in_one.yaml | 6 + manifests/setup.pp | 9 +- manifests/site.pp | 29 +- 31 files changed, 593 insertions(+), 191 deletions(-) create mode 100644 data/README.md create mode 100644 data/TODO create mode 100644 data/class_groups/README.md create mode 100644 data/class_groups/common.yaml create mode 100644 data/class_groups/mysql_database.yaml create mode 100644 data/hiera_data/file.yaml create mode 100644 data/hiera_data/iscsi.yaml create mode 100644 data/hiera_data/mysql.yaml create mode 100644 data/hiera_data/network_plugin/linuxbridge.yaml create mode 100644 data/hiera_data/network_plugin/ovs.yaml create mode 100644 data/hiera_data/network_type/per-tenant-router.yaml create mode 100644 data/hiera_data/network_type/provider-router.yaml create mode 100644 data/hiera_data/network_type/single-flat.yaml create mode 100644 data/hiera_data/rbd.yaml create mode 100644 data/hiera_data/rpc_type/qpid.yaml create mode 100644 data/hiera_data/rpc_type/rabbitmq.yaml create mode 100644 data/hiera_data/swift.yaml create mode 100644 data/hiera_data/tenant_network_type/gre.yaml create mode 100644 data/hiera_data/tenant_network_type/vlan.yaml create mode 100644 data/scenarios/2_node.yaml create mode 100644 data/scenarios/3_node.pp create mode 100644 data/scenarios/all_in_one.yaml diff --git a/Puppetfile b/Puppetfile index 240c122..7d38608 100644 --- a/Puppetfile +++ b/Puppetfile @@ -79,7 +79,7 @@ mod 'puppetlabs/puppetdb', :git => "#{base_url}/puppetlabs/puppetlabs-puppetdb", mod 'puppetlabs/vcsrepo', :git => "#{base_url}/puppetlabs/puppetlabs-vcsrepo", :ref => 'master' mod 'ripienaar/ruby-puppetdb', :git => "#{base_url}/ripienaar/ruby-puppetdb" mod 'ripienaar/catalog-diff', :git => "#{base_url}/ripienaar/puppet-catalog-diff", :ref => 'master' -mod 'hastexo/kickstack', :git => "#{base_url}/bodepd/kickstack", :ref => 'origin/neutron_support' +mod 'hastexo/kickstack', :git => "#{base_url}/bodepd/kickstack", :ref => 'origin/data_refactor' # do I really need this firewall module? mod 'puppetlabs/firewall', :git => "#{base_url}/puppetlabs/puppetlabs-firewall", :ref => 'master' # stephenrjohnson diff --git a/data/README.md b/data/README.md new file mode 100644 index 0000000..046948e --- /dev/null +++ b/data/README.md @@ -0,0 +1,56 @@ +# notes + +As I went through the process of reimplementing kickstack using this +model, I learned the following: + +I assumed that all class parameters would mapping to a single piece of hiera +data. This was not entirely correct. + +# Issue 1 + +some data values map to multiple combined values: + + ex: mysql\_connection => db\_name, password, host, user, type + +## solutions + +1. accept sql\_connection from hiera for each service + +This is problematic b/c it will lead to data suplication, and not take advantage of +reasonable defaults + +2. patch the components to accept the parts of the password and not the whole thing + +That may not be the only occurrence. + +It will have to be done in a backwards compat way + +3. allow the value of the lookup to be resolvable as multiple lookups (and not a single one) + +# Issue number 2 + +Some data effects the static values of what needs to be passed to other services + +Ex: depending on the rpc\_type, the actual rpc\_backend passed to cinder is differnet. + +## solutions + +1. add an extra parameter called rpc\_type to the class interfaces + +2. add rpc\_type to the global data that drives configuration, and make it a variable +that drives the hierarchical configuration + +# Issue 3 + +There is no way to have hiera drive whether or not individual components need to be installed + +For now, this will need to be stored as global data that contains a list of the services that +you want to install + +# Issue 4 + +where do we set assumed defaults? + +examples: + - cinder simple scheduler + - charset for database (can we just set this as a default for the database?) diff --git a/data/TODO b/data/TODO new file mode 100644 index 0000000..213fca4 --- /dev/null +++ b/data/TODO @@ -0,0 +1 @@ +do swift please :) diff --git a/data/class_groups/README.md b/data/class_groups/README.md new file mode 100644 index 0000000..d9c5a4e --- /dev/null +++ b/data/class_groups/README.md @@ -0,0 +1,4 @@ +# what is this? + +class groups are intended to be a place where we can group lists of classes +together as sets that can be deployed as a part of your roles. diff --git a/data/class_groups/common.yaml b/data/class_groups/common.yaml new file mode 100644 index 0000000..afebdf7 --- /dev/null +++ b/data/class_groups/common.yaml @@ -0,0 +1,3 @@ +volume: + - cinder::volume + - cinder::volume::%{cinder_backend} diff --git a/data/class_groups/mysql_database.yaml b/data/class_groups/mysql_database.yaml new file mode 100644 index 0000000..bb5abf4 --- /dev/null +++ b/data/class_groups/mysql_database.yaml @@ -0,0 +1,3 @@ +mysql::server: +mysql::config: +mysql::server::account_security: diff --git a/data/config.yaml b/data/config.yaml index c1b9b87..ed83a83 100644 --- a/data/config.yaml +++ b/data/config.yaml @@ -2,7 +2,14 @@ apt_cache: '192.168.242.99' # Apt cache server, set to 'false' to disable apt_mirror: 'us.archive.ubuntu.com' domain: 'domain.name' -verbose: false +verbose: + +#$db_type = 'mysql' +#$rpc_type = 'rabbitmq' +#$cinder_backend = 'iscsi' +#$network_type = 'quantum' +#$services_enabled = ['nova', 'glance', 'cinder', 'keystone', 'nova', 'swift', 'network'] + # operatingsystem: 'ubuntu' # base OS for build node, use 'ubuntu' or 'redhat' # select one node_group to determine the nodes available for provisioning # node_group: multi_node diff --git a/data/data_mappings/common.yaml b/data/data_mappings/common.yaml index 88160c0..2dd2db0 100644 --- a/data/data_mappings/common.yaml +++ b/data/data_mappings/common.yaml @@ -1,240 +1,400 @@ +# central log level config +enabled: + - nova::cert::enabled + - nova::api::enabled + - nova::compute::enabled + - nova::conductor::enabled + - nova::consoleauth::enabled + - nova::network::enabled + - nova::objectstore::enabled + - nova::qpid::enabled + - nova::scheduler::enabled + - nova::vncproxy::enabled + - nova::volume::enabled + debug: - kickstack::network::config::debug - kickstack::network::agent::dhcp::debug - kickstack::network::agent::metadata::debug - kickstack::debug - kickstack::glance::api::debug - kickstack::horizon::debug - kickstack::cinder::config::debug - kickstack::glance::registry::debug + #- kickstack::horizon::debug + - cinder::debug + - glance::api::debug + - glance::registry::debug + - horizon::django_debug + - keystone::debug + - quantum::debug + - neutron::debug + - quatum::agents::dhcp::debug + - quatum::agents::metadata::debug verbose: - kickstack::network::config::verbose - kickstack::keystone::api::verbose - kickstack::keystone::api::debug - kickstack::verbose - kickstack::glance::api::verbose - kickstack::horizon::verbose - kickstack::cinder::config::verbose - kickstack::glance::registry::verbose + #- kickstack::horizon::verbose + - cinder::verbose + - glance::api::verbose + - glance::registry::verbose + - keystone::verbose + - quantum::verbose + - neutron::verbose +# end log level config package_ensure: - kickstack::cinder::volume::package_ensure - kickstack::keystone::api::package_ensure - kickstack::package_ensure - kickstack::glance::config::package_ensure - kickstack::cinder::api::package_ensure - kickstack::nova::vncproxy::package_ensure - kickstack::cinder::scheduler::package_ensure - kickstack::nova::service::package_ensure - + - cinder::api::package_ensure + - cinder::scheduler::package_ensure + - cinder::volume::package_ensure + - glance::package_ensure + - keystone::package_ensure + - nova::api::ensure_package + - nova::cert::ensure_package + - nova::client::ensure + - nova::compute::ensure_package + - nova::conductor::ensure_package + - nova::consoleauth::ensure_package + - nova::ensure_package + - nova::network::ensure_package + - nova::objectstore::ensure_package + - nova::scheduler::ensure_package + - nova::vncproxy::ensure_package enable_nova: - kickstack::database::databases::enable_nova - kickstack::keystone::endpoints::enable_nova + - kickstack::database::databases::enable_nova + - kickstack::keystone::endpoints::enable_nova enable_glance: - kickstack::database::databases::enable_glance - kickstack::keystone::endpoints::enable_glance + - kickstack::database::databases::enable_glance + - kickstack::keystone::endpoints::enable_glance enable_keystone: - kickstack::database::databases::enable_keystone - kickstack::keystone::endpoints::enable_keystone + - kickstack::database::databases::enable_keystone + - kickstack::keystone::endpoints::enable_keystone enable_network: - kickstack::database::databases::enable_network - kickstack::keystone::endpoints::enable_network + - kickstack::database::databases::enable_network + - kickstack::keystone::endpoints::enable_network enable_cinder: - kickstack::database::databases::enable_cinder - kickstack::keystone::endpoints::enable_cinder + - kickstack::database::databases::enable_cinder + - kickstack::keystone::endpoints::enable_cinder enable_swift: - kickstack::database::databases::enable_swift - kickstack::keystone::endpoints::enable_swift - -database_bind_address: - kickstack::database::postgresql::bind_address - kickstack::database::mysql::bind_address + - kickstack::database::databases::enable_swift + - kickstack::keystone::endpoints::enable_swift # data base config +"%{db_type}://%{cinder_db_user}:%{cinder_db_password}@%{db_host}/%{cinder_db_name}": + - cinder::sql_connection +"%{db_type}://%{glance_db_user}:%{glance_db_password}@%{db_host}/%{glance_db_name}": + - glance::api::sql_connection + - glance::registry::sql_connection +"%{db_type}://%{keystone_db_user}:%{keystone_db_password}@%{db_host}/%{keystone_db_name}": + - keystone::sql_connection +"%{db_type}://%{nova_db_user}:%{nova_db_password}@%{db_host}/%{nova_db_name}": + - nova::sql_connection +"%{db_type}://%{network_db_user}:%{network_db_password}@%{db_host}/%{network_db_name}": + - quantum::plugins::ovs::sql_connection + - quantum::plugins::linuxbridge::sql_connection + - neutron::plugins::ovs::sql_connection + - neutron::plugins::linuxbridge::sql_connection +cinder_db_name: + - cinder::db::mysql::dbname + - cinder::db::postgresql::dbname +cinder_db_user: + - cinder::db::mysql::user + - cinder::db::postgresql::user +cinder_db_password: + - cinder::db::mysql::password + - cinder::db::postgresql::password glance_db_name: - kickstack::glance::api::db_name - kickstack::glance::registry::db_name + - glance::db::mysql::dbname + - glance::db::postgresql::dbname glance_db_user: - kickstack::glance::api::db_user - kickstack::glance::registry::db_user + - glance::db::mysql::user + - glance::db::postgresql::user glance_db_password: - kickstack::glance::api::db_password - kickstack::glance::registry::db_password + - glance::db::mysql::password + - glance::db::postgresql::password +keystone_db_name: + - keystone::db::mysql::dbname + - keystone::db::postgresql::dbname +keystone_db_user: + - keystone::db::mysql::user + - keystone::db::postgresql::user +keystone_db_password: + - keystone::db::mysql::password + - keystone::db::postgresql::password +nova_db_name: + - nova::db::mysql::dbname + - nova::db::postgresql::dbname +nova_db_user: + - nova::db::mysql::user + - nova::db::postgresql::user +nova_db_password: + - nova::db::mysql::password + - nova::db::postgresql::password network_db_name: - kickstack::network::plugin::db_name - kickstack::network::db::db_name + - quantum::db::mysql::dbname + - quantum::db::postgresql::dbname + - neutron::db::mysql::dbname + - neutron::db::postgresql::dbname network_db_user: - kickstack::network::plugin::db_user - kickstack::network::db::user + - quantum::db::mysql::user + - quantum::db::postgresql::user + - neutron::db::mysql::user + - neutron::db::postgresql::user network_db_password: - kickstack::network::plugin::db_password - kickstack::network::db::password + - quantum::db::mysql::password + - quantum::db::postgresql::password + - neutron::db::mysql::password + - neutron::db::postgresql::password database_root_password: - kickstack::database::postgresql::root_password - kickstack::database::mysql::root_password -db_allowed_hosts: - kickstack::network::db::allowed_hosts - kickstack::db::allowed_hosts + - mysql::config::root_password + - postgresql::config::postgres_password +database_bind_address: + - postgresql::config::listen_addresses + - mysql::config::bind_address # keystone auth information -network_service_user: - kickstack::network::endpoint::service_user - kickstack::network::server::service_user - kickstack::network::agent::metadata::service_user -glance_service_password: - kickstack::glance::api::service_password - kickstack::glance::registry::service_password +cinder_service_user: + - cinder::api::keystone_user + - cinder::keystone::auth::auth_name +cinder_service_password: + - cinder::api::keystone_password + - cinder::keystone::auth::password +cinder_public_address: + - cinder::keystone::auth::public_address +cinder_internal_address: + - cinder::keystone::auth::internal_address +cinder_admin_address: + - cinder::keystone::auth::admin_address glance_service_user: - kickstack::glance::api::service_user - kickstack::glance::registry::service_user + - glance::keystone::auth::auth_name + - glance::api::keystone_user + - glance::registry::keystone_user +glance_service_password: + - glance::keystone::auth::password + - glance::api::keystone_password + - glance::registry::keystone_password +glance_public_address: + - glance::keystone::auth::public_address +glance_internal_address: + - glance::keystone::auth::internal_address +glance_admin_address: + - glance::keystone::auth::admin_address +nova_service_user: + - nova::keystone::auth::auth_name + - nova::api::admin_user +nova_service_password: + - nova::keystone::auth::password + - nova::api::admin_password +nova_public_address: + - nova::keystone::auth::public_address +nova_internal_address: + - nova::keystone::auth::internal_address +nova_admin_address: + - nova::keystone::auth::admin_address +admin_token: + - keystone::admin_token +admin_password: + - keystone::roles::admin::password +admin_email: + - keystone::roles::admin::email +admin_tenant: + - keystone::roles::admin::admin_tenant +auth_public_address: + - keystone::endpoint::public_address +auth_internal_address: + - cinder::api::keystone_auth_host + - keystone::endpoint::internal_address + - glance::api::auth_host + - glance::registry::auth_host + - horizon::keystone_host + - nova::api::auth_host + - quantum::server::auth_host + - neutron::server::auth_host +auth_admin_address: + - keystone::endpoint::admin_address +network_service_user: + - quantum::keystone::auth::auth_name + - neutron::keystone::auth::auth_name + - nova::network::quantum::quantum_admin_username + - nova::network::neutron::neutron_admin_username + - quantum::server::auth_user + - neutron::server::auth_user + - quantum::agents::metadata::auth_user + - neutron::agents::metadata::auth_user network_service_password: - kickstack::network::endpoint::service_password - kickstack::network::server::service_password - kickstack::network::agent::metadata::service_password - kickstack::nova::networkclient::network_auth_password + - quantum::keystone::auth::password + - neutron::keystone::auth::password + - quantum::server::auth_password + - neutron::server::auth_password + - nova::network::quantum::quantum_admin_password + - nova::network::neutron::neutron_admin_password + - quantum::agents::metadata::auth_password + - neutron::agents::metadata::auth_password +network_public_address: + - quantum::keystone::auth::public_address + - neutron::keystone::auth::public_address +network_internal_address: + - quantum::keystone::auth::internal_address + - neutron::keystone::auth::internal_address +network_admin_address: + - quantum::keystone::auth::admin_address + - neutron::keystone::auth::admin_address service_tenant: - kickstack::network::endpoint::service_tenant - kickstack::network::server::service_tenant - kickstack::keystone::api::service_tenant - kickstack::keystone::endpoint::service_tenant - kickstack::network::agent::metadata::service_tenant - kickstack::auth_service_tenant - kickstack::nova::api::service_tenant - kickstack::glance::api::service_tenant - kickstack::glance::registry::service_tenant - kickstack::endpoint::service_tenant + - glance:keystone::auth::tenant + - nova:keystone::auth::tenant + - quantum:keystone::auth::tenant + - neutron::keystone::auth::tenant + - cinder::keystone::auth::tenant + - keystone::roles::admin::service_tenant + - nova::admin_tenant_name + + - cinder::api::keystone_tenant + - glance::api::keystone_tenant + - glance::registry::keystone_tenant + - nova::network::quantumclient::quantum_admin_tenant_name + - nova::network::neutronclient::neutron_admin_tenant_name + - quantum::server::auth_tenant + - neutron::server::auth_tenant + - quantum::agents::metadata::auth_tenant + - neutron::agents::metadata::auth_tenant region: - kickstack::network::endpoint::service_region - kickstack::keystone::endpoint::service_region - kickstack::endpoint::service_region + - cinder::keystone::auth::region + - glance:keystone::auth::region + - nova:keystone::auth::region + - quantum:keystone::auth::region + - neutron::keystone::auth::region + - keystone::endpoint::region + - nova::network::quantumclient::quantum_region_name + - nova::network::neutronclient::neutron_region_name + - quantum::agents::metadata::auth_region + - neutron::agents::metadata::auth_region # where is cinder,nova,etc.. #end auth users # service connection information -auth_internal_address: - kickstack::keystone::endpoint::service_internal_address - kickstack::network::agent::metadata::auth_host - kickstack::nova::api::auth_host - kickstack::nova::networkclient::auth_host - kickstack::glance::api::auth_host - kickstack::cinder::api::auth_host - kickstack::glance::registry::auth_host -rpc_host: - kickstack::network::config::rpc_host - kickstack::nova::config::rpc_host - kickstack::cinder::config::rpc_host -network_internal_address: - kickstack::network::endpoint::service_internal_address - kickstack::nova::networkclient::network_host +db_allowed_hosts: + - ceilometer::db::mysql::allowed_hosts + - cinder::db:mysql::allowed_hosts + - glance::db:mysql::allowed_hosts + - keystone::db::mysql::allowed_hosts + - nova::db:mysql::allowed_hosts + - quantum::db::mysql::allowed_hosts + - neutron::db::mysql::allowed_hosts db_host: - kickstack::keystone::api::db_host - kickstack::nova::config::db_host - kickstack::network::plugin::db_host - kickstack::network::db::host - kickstack::glance::api::db_host - kickstack::cinder::config::db_host - kickstack::glance::registry::db_host - kickstack::db::host - -# configurable backends -cinder_backend: - kickstack::cinder::volume::backend - kickstack::cinder_backend - -glance_backend: - kickstack::glance_backend - kickstack::glance::api::glance_backend - kickstack::glance::all::backend - + - ceilometer::db::mysql::host + - cinder::db:mysql::host + - glance::db:mysql::host + - keystone::db::mysql::host + - nova:db:mysql::host + - quantum::db:mysql::host + - neutron::db::mysql::host # end backends -management_nic: - kickstack::rpc::rabbitmq::management_nic - kickstack::database::postgresql::management_nic - kickstack::network::server::management_nic - kickstack::keystone::api::management_nic - kickstack::database::mysql::management_nic - kickstack::rpc::qpid::management_nic - kickstack::management_nic - kickstack::nova::api::management_nic - kickstack::glance::api::management_nic - kickstack::glance::registry::management_nic +# can I just put this somewhere else? +public_ip_address: + - nova::vncproxy::host # type of rpc backend to use -rpc_type: - kickstack::network::config::rpc_type - kickstack::rpc_type - kickstack::rpc::rpc_type - kickstack::cinder::config::rpc_type +rpc_host: + - cinder::qpid_hostname + - cinder::rabbit_host + - nova::rabbit_host + - nova::qpid_hostname + - quantum::rabbit_host + - quantum::qpid_hostname + - neutron::qpid_hostname + - neutron::rabbit_host rpc_user: - kickstack::rpc::rabbitmq::user - kickstack::network::config::rpc_user - kickstack::nova::config::rpc_user - kickstack::rpc::qpid::user - kickstack::cinder::config::rpc_user + - cinder::qpid_username + - cinder::rabbit_userid + - nova::qpid::user + - nova::rabbitmq::userid + - nova::rabbit_userid + - nova::qpid_username + - quantum::rabbit_user + - neutron::rabbit_user + - quantum::qpid_username + - neutron::qpid_username rpc_password: - kickstack::rpc::rabbitmq::password - kickstack::network::config::rpc_password - kickstack::nova::config::rpc_password - kickstack::rpc::qpid::password - kickstack::cinder::config::rpc_password + - cinder::rabbit_password + - cinder::qpid_password + - nova::qpid::password + - nova::rabbitmq::password + - nova::rabbit_password + - nova::qpid_password + - quantum::rabbit_password + - quantum::qpid_password + - neutron::rabbit_password + - neutron::qpid_password +qpid_realm: + - nova::qpid::realm # end rpc config metadata_shared_secret: - kickstack::network::agent::metadata::shared_secret - kickstack::nova::api::metadata_shared_secret + - quantum::agents::metadata::shared_secret + - neutron::agents::metadata::shared_secret + - nova::api::quantum_metadata_proxy_shared_secret +# TODO - I ned to figure out what to do about this volume_on_compute: - kickstack::nova::controller::volume_on_compute - kickstack::compute::volume_on_compute + - kickstack::nova::controller::volume_on_compute + - kickstack::compute::volume_on_compute -# type of database to use -db_type: - kickstack::keystone::api::db_type - kickstack::nova::config::db_type - kickstack::database::db_type - kickstack::network::plugin::db_type - kickstack::db_type - kickstack::network::db::type - kickstack::glance::api::db_type - kickstack::cinder::config::db_type - kickstack::glance::registry::db_type - kickstack::db::type - -# network configuration data_nic: - kickstack::network::agent::l2::network::data_nic - kickstack::network::agent::l2::compute::data_nic + - kickstack::network::agent::l2::network::data_nic + - kickstack::network::agent::l2::compute::data_nic network_physnet: - kickstack::network::agent::l2::network::physnet - kickstack::network::agent::l2::compute::physnet + - kickstack::network::agent::l2::network::physnet + - kickstack::network::agent::l2::compute::physnet network_plugin: - kickstack::network::config::plugin - kickstack::network::plugin::plugin - kickstack::network::agent::l2::network::plugin - kickstack::network::agent::dhcp::plugin - kickstack::network::agent::l2::compute::plugin - kickstack::network::agent::l3::plugin + - kickstack::network::config::plugin + - kickstack::network::plugin::plugin + - kickstack::network::agent::l2::network::plugin + - kickstack::network::agent::dhcp::plugin + - kickstack::network::agent::l2::compute::plugin + - kickstack::network::agent::l3::plugin network_tunnel_bridge: - kickstack::network::agent::l2::network::tunnel_bridge - kickstack::network::agent::l2::compute::tunnel_bridge + - kickstack::network::agent::l2::network::tunnel_bridge + - kickstack::network::agent::l2::compute::tunnel_bridge network_external_bridge: - kickstack::network::agent::l2::network::external_bridge - kickstack::network::agent::l3::external_bridge + - kickstack::network::agent::l2::network::external_bridge + - kickstack::network::agent::l3::external_bridge tenant_network_type: - kickstack::network::plugin::tenant_network_type - kickstack::network::agent::l2::network::tenant_network_type - kickstack::network::agent::l2::compute::tenant_network_type + - kickstack::network::plugin::tenant_network_type + - kickstack::network::agent::l2::network::tenant_network_type + - kickstack::network::agent::l2::compute::tenant_network_type network_type: - kickstack::network::config::network_type - kickstack::network::agent::l2::network::network_type - kickstack::network::agent::dhcp::network_type - kickstack::network::agent::l3::network_type + - kickstack::network::config::network_type + - kickstack::network::agent::l2::network::network_type + - kickstack::network::agent::dhcp::network_type + - kickstack::network::agent::l3::network_type # end network config + +glance_registry_host: + - glance::api::registry_host + +horizon_secret_key: + - horizon::secret_key +# I need to add an option so that I can collapse this into verbose and debug +horizon_log_level: + - horizon::log_level + +vncproxy_host: + - nova::compute::vncproxy_host + +vncserver_proxyclient_address: + - nova::compute::vncserver_proxyclient_address + +glance_api_servers: + - nova::glance_api_servers + +# like the sql_connection params, I am not happy about this +"http://%{network_internal_address}:9696": + - nova::network::quantum::quantum_url + - nova::network::neutron::neutron_url +"http://%{auth_internal_address}:35357/v2.0": + - nova::network::quantum::quantum_admin_auth_url + - nova::network::neutron::neutron_admin_auth_url + - quantum::agents::metadata::auth_url + - neutron::agents::metadata::auth_url + +nova_metadata_ip: + - quantum::agents::metadata::metadata_ip + - neutron::agents::metadata::metadata_ip diff --git a/data/hiera_data/common.yaml b/data/hiera_data/common.yaml index a10c5a5..b14c4d8 100644 --- a/data/hiera_data/common.yaml +++ b/data/hiera_data/common.yaml @@ -1,3 +1,12 @@ +# put some default data here that I do not want to change +nova::db::mysql::charset: utf8 +glance::db::mysql::charset: utf8 +keystone::db::mysql::charset: utf8 +quantum::db::mysql::charset: utf8 +neutron::db::mysql::charset: utf8 + + + # time servers ntp_servers: - time-server.domain.name diff --git a/data/hiera_data/compute.yaml b/data/hiera_data/compute.yaml index 1725cae..a34ee13 100644 --- a/data/hiera_data/compute.yaml +++ b/data/hiera_data/compute.yaml @@ -1,4 +1,5 @@ # configuration only relevant to compute node -libvirt_type: qemu +nova::compute::libvirt::libvirt_type: qemu +nova::compute::libvirt::vncserver_listen: 127.0.0.1 internal_ip: %{ipaddress_eth3} vncserver_proxyclient_address: %{ipaddress_eth3} diff --git a/data/hiera_data/controller.yaml b/data/hiera_data/controller.yaml index cb914bb..22e8fb1 100644 --- a/data/hiera_data/controller.yaml +++ b/data/hiera_data/controller.yaml @@ -2,13 +2,19 @@ # openstack controller admin_email: root@localhost database_root_password: mysql_pass +database_bind_address: 0.0.0.0 # networking related config auto_assign_floating_ip: false +keystone_db_name: keystone +keystone_db_user: keystone keystone_db_password: keystone_db_password # glance config +glance_db_name: glance +glance_db_user: glance glance_db_password: glance_pass +glance_service_user: glance glance_service_password: glance_pass glance_backend: file @@ -28,6 +34,7 @@ metadata_shared_secret: metadata_shared_secret, #auth_internal_address: 127.0.0.1 #quantum_internal_address: 127.0.0.1 db_host: 127.0.0.1 +db_allowed_hosts: % rpc_host: 192.168.242.10 vncproxy_host: 192.168.242.10 diff --git a/data/hiera_data/file.yaml b/data/hiera_data/file.yaml new file mode 100644 index 0000000..e69de29 diff --git a/data/hiera_data/iscsi.yaml b/data/hiera_data/iscsi.yaml new file mode 100644 index 0000000..e69de29 diff --git a/data/hiera_data/mysql.yaml b/data/hiera_data/mysql.yaml new file mode 100644 index 0000000..676c41c --- /dev/null +++ b/data/hiera_data/mysql.yaml @@ -0,0 +1 @@ +db_type: mysql diff --git a/data/hiera_data/network_plugin/linuxbridge.yaml b/data/hiera_data/network_plugin/linuxbridge.yaml new file mode 100644 index 0000000..1531dfb --- /dev/null +++ b/data/hiera_data/network_plugin/linuxbridge.yaml @@ -0,0 +1,4 @@ +quantum::core_plugin: quantum.plugins.linuxbridge.lb_quantum_plugin.LinuxBridgePluginV2 +neutron::core_plugin: neutron.plugins.linuxbridge.lb_neutron_plugin.LinuxBridgePluginV2 +quantum::agents::l3::interface_driver: quantum.agent.linux.interface.BridgeInterfaceDriver +neutron::agents::l3::interface_driver: neutron.agent.linux.interface.BridgeInterfaceDriver diff --git a/data/hiera_data/network_plugin/ovs.yaml b/data/hiera_data/network_plugin/ovs.yaml new file mode 100644 index 0000000..265005c --- /dev/null +++ b/data/hiera_data/network_plugin/ovs.yaml @@ -0,0 +1,7 @@ +quantum::core_plugin: quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2 +neutron::core_plugin: neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2 +quantum::tunnel_id_ranges: '1:1000' +neutron::tunnel_id_ranges: '1:1000' +quantum::agents::l3::interface_driver: quantum.agent.linux.interface.OVSInterfaceDriver +neutron::agents::l3::interface_driver: neutron.agent.linux.interface.OVSInterfaceDriver + diff --git a/data/hiera_data/network_type/per-tenant-router.yaml b/data/hiera_data/network_type/per-tenant-router.yaml new file mode 100644 index 0000000..57e59e8 --- /dev/null +++ b/data/hiera_data/network_type/per-tenant-router.yaml @@ -0,0 +1,4 @@ +quantum::allow_overlapping_ips: true +neutron::allow_overlapping_ips: true +quantum::agents::l3::use_namespaces: true +neutron::agents::l3::use_namespaces: true diff --git a/data/hiera_data/network_type/provider-router.yaml b/data/hiera_data/network_type/provider-router.yaml new file mode 100644 index 0000000..bb19320 --- /dev/null +++ b/data/hiera_data/network_type/provider-router.yaml @@ -0,0 +1,4 @@ +quantum::allow_overlapping_ips: false +neutron::allow_overlapping_ips: false +quantum::agents::l3::use_namespaces: false +neutron::agents::l3::use_namespaces: false diff --git a/data/hiera_data/network_type/single-flat.yaml b/data/hiera_data/network_type/single-flat.yaml new file mode 100644 index 0000000..a074398 --- /dev/null +++ b/data/hiera_data/network_type/single-flat.yaml @@ -0,0 +1,4 @@ +quantum::allow_overlapping_ips: true +neutron::allow_overlapping_ips: true +quantum::agents::l3::use_namespaces: false +neutron::agents::l3::use_namespaces: false diff --git a/data/hiera_data/openstack.yaml b/data/hiera_data/openstack.yaml index e3a0403..cf8b775 100644 --- a/data/hiera_data/openstack.yaml +++ b/data/hiera_data/openstack.yaml @@ -10,6 +10,8 @@ cinder_public_address: 192.168.242.10 cinder_internal_address: 192.168.242.10 cinder_admin_address: 192.168.242.10 +cinder::volume::iscsi::bind_address: 0.0.0.0 +cinder::volume::iscsi::volume_group: cinder-volume auth_public_address: 192.168.242.10 auth_internal_address: 192.168.242.10 @@ -61,9 +63,17 @@ rpc_password: openstack_rabbit_password rpc_user: openstack_rabbit_user # ovs config -tunnel_ip: %{ipaddress_eth3} +tunnel_ip: "%{ipaddress_eth3}" cinder_db_password: cinder_pass +cinder_db_name: cinder +cinder_db_user: cinder + +nova_db_user: nova +nova_db_name: nova + +network_db_user: quantum +network_db_name: quantum # used by test_file test_file_image_type: cirros @@ -96,3 +106,23 @@ public_nic: eth1 package_ensure: present name_resolution: false + +cinder::scheduler::scheduler_driver: 'cinder.scheduler.simple.SimpleScheduler' +# does it matter if I have data that only applies to +# the case where I am using mysql? +cinder::db::mysql::charset: utf8 + +db_type: mysql + +service_tenant: services +admin_tenant: admin + +quantum::plugins::ovs::tenant_network_type: "%{tenant_network_type}" +neutron::plugins::ovs::tenant_network_type: "%{tenant_network_type}" + +quantum::agents::ovs::integration_bridge: br-int + + +enabled: true + +vncproxy_host: 192.168.242.10 diff --git a/data/hiera_data/rbd.yaml b/data/hiera_data/rbd.yaml new file mode 100644 index 0000000..5dc3fab --- /dev/null +++ b/data/hiera_data/rbd.yaml @@ -0,0 +1,7 @@ +# I am not a fan of having to do this twice. +# should I set up conditional data mappings? +cinder::volume::rbd_pool: 'cinder' +cinder::volume::rbd_user: 'openstack' +glance::backend::rbd::rbd_store_user: 'openstack' +glance::backend::rbd::rbd_store_pool: 'glance' +cinder::volume::rbd_secret_uuid: 'rbd_secret' diff --git a/data/hiera_data/rpc_type/qpid.yaml b/data/hiera_data/rpc_type/qpid.yaml new file mode 100644 index 0000000..7b3d1e7 --- /dev/null +++ b/data/hiera_data/rpc_type/qpid.yaml @@ -0,0 +1,8 @@ +cinder::rpc_type: + 'cinder.openstack.common.rpc.impl_qpid' +nova::rpc_backend: + 'nova.openstack.common.rpc.impl_qpid' +quantum::rpc_backend: + 'neutron.openstack.common.rpc.impl_qpid' +neutron::rpc_backend: + 'neutron.openstack.common.rpc.impl_qpid' diff --git a/data/hiera_data/rpc_type/rabbitmq.yaml b/data/hiera_data/rpc_type/rabbitmq.yaml new file mode 100644 index 0000000..9ceaf62 --- /dev/null +++ b/data/hiera_data/rpc_type/rabbitmq.yaml @@ -0,0 +1,8 @@ +cinder::rpc_type: + 'cinder.openstack.common.rpc.impl_kombu' +nova::rpc_backend: + 'nova.openstack.common.rpc.impl_kombu' +quantum::rpc_backend: + 'quantum.openstack.common.rpc.impl_kombu' +neutron::rpc_backend: + 'quantum.openstack.common.rpc.impl_kombu' diff --git a/data/hiera_data/swift.yaml b/data/hiera_data/swift.yaml new file mode 100644 index 0000000..f08fb78 --- /dev/null +++ b/data/hiera_data/swift.yaml @@ -0,0 +1,4 @@ +glance::backend::swift::swift_store_user: swift_user +glance::backend::swift::swift_store_key: secret_key +glance::backend::swift::swift_store_auth_address: '127.0.0.1' +glance::backend::swift::swift_store_create_container_on_put: true diff --git a/data/hiera_data/tenant_network_type/gre.yaml b/data/hiera_data/tenant_network_type/gre.yaml new file mode 100644 index 0000000..cb7c582 --- /dev/null +++ b/data/hiera_data/tenant_network_type/gre.yaml @@ -0,0 +1,13 @@ +quantum::agents::ovs::bridge_mappings: ["${external_bridge}:${external_nic}"] +quantum::agents::ovs::bridge_uplinks: + - "br-ex:eth2" +quantum::agents::ovs::bridge_mappings: + - "default:br-ex" +quantum::agents::ovs::enable_tunneling: true +quantum::agents::ovs::tunnel_bridge: br-tun +quantum::agents::ovs::local_ip: "%{ipaddress_eth3}" +neutron::agents::ovs::bridge_uplinks: [] +neutron::agents::ovs::bridge_mappings: [] +neutron::agents::ovs::enable_tunneling: true +neutron::agents::ovs::tunnel_bridge: br-tun +neutron::agents::ovs::local_ip: "%{ipaddress_eth3}" diff --git a/data/hiera_data/tenant_network_type/vlan.yaml b/data/hiera_data/tenant_network_type/vlan.yaml new file mode 100644 index 0000000..9ac05ad --- /dev/null +++ b/data/hiera_data/tenant_network_type/vlan.yaml @@ -0,0 +1,6 @@ +# TODO - finish vlan config +quantum::plugins::ovs::network_vlan_ranges: physnet1:1000:2000 +quantum::plugins::ovs::bridge_mappings: + - + - +neutron::plugins::ovs::network_vlan_ranges: physnet1:1000:2000 diff --git a/data/scenarios/2_node.yaml b/data/scenarios/2_node.yaml new file mode 100644 index 0000000..525ec4e --- /dev/null +++ b/data/scenarios/2_node.yaml @@ -0,0 +1,8 @@ +# +# the two node +# +roles: + controller: + classes: + compute: + classes: diff --git a/data/scenarios/3_node.pp b/data/scenarios/3_node.pp new file mode 100644 index 0000000..76acdd0 --- /dev/null +++ b/data/scenarios/3_node.pp @@ -0,0 +1,7 @@ +roles: + controller: + classes: + compute: + classes: + network_controller: + classes: diff --git a/data/scenarios/all_in_one.yaml b/data/scenarios/all_in_one.yaml new file mode 100644 index 0000000..c2eac32 --- /dev/null +++ b/data/scenarios/all_in_one.yaml @@ -0,0 +1,6 @@ +# +# scenario for all_one +# +roles: + all_in_one: + classes: diff --git a/manifests/setup.pp b/manifests/setup.pp index 196709b..97d3939 100644 --- a/manifests/setup.pp +++ b/manifests/setup.pp @@ -50,6 +50,13 @@ file { "${settings::confdir}/hiera.yaml": - data_mapper :hierarchy: - "%{hostname}" + - "rpc_type/%{rpc_type}" + - "db_type/%{db_type}" + - "tenant_network_type/%{tenant_network_type}" + - "network_type/%{network_type}" + - "network_plugin/%{network_plugin}" + - "%{cinder_backend}" + - "%{glance_backend}" - jenkins - "%{scenario}" - "%{openstack_role}" @@ -59,7 +66,7 @@ file { "${settings::confdir}/hiera.yaml": :datadir: /etc/puppet/data/hiera_data :data_mapper: # this should be contained in a module - :datadir: /etc/puppet/data/data_mappings/data_mappings + :datadir: /etc/puppet/data/data_mappings ' } diff --git a/manifests/site.pp b/manifests/site.pp index b9f7014..b026c8f 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -16,15 +16,38 @@ node /control-tempest-server/ { } -node /control-server/ { +# define some globals that will drive the configuration +$role = 'openstack' + +$db_type = 'mysql' +$rpc_type = 'rabbitmq' +$cinder_backend = 'iscsi' +$glance_backend = 'file' +$compute_type = 'qemu' +# networking options +$network_service = 'quantum' +# supports linuxbridge and ovs +$network_plugin = 'ovs' +# supports single-flat, provider-router, and per-tenant-router +$network_type = 'per-tenant-router' +# supports gre or vlan +$tenant_network_type = 'gre' +# end networking top scope vars +$enabled_services = ['glance', 'cinder', 'keystone', 'nova', 'network'] + +node openstack-base { + + +} + +node /control-server/ inherits openstack-base { - $role = 'openstack' $openstack_role = 'controller' include coi::roles::controller } -node /compute-server\d+/ { +node /compute-server\d+/ inherits openstack-base { $role = 'openstack' $openstack_role = 'compute'