From ec56923ecaf2081330b8fa6bf8e4616642275a9b Mon Sep 17 00:00:00 2001 From: Joseph Richard Date: Fri, 10 Nov 2017 16:31:33 -0500 Subject: [PATCH 1/8] Roll up TIS patches --- .../ini_setting.rb | 22 ++++++ .../type/neutron_nuage_metadata_agent_config.rb | 42 +++++++++++ manifests/agents/dhcp.pp | 9 ++- manifests/agents/l3.pp | 10 ++- manifests/agents/metadata.pp | 9 ++- manifests/agents/ml2/sriov.pp | 2 + manifests/agents/nuage_metadata.pp | 86 ++++++++++++++++++++++ manifests/db/sync.pp | 3 + manifests/init.pp | 27 +++++++ manifests/params.pp | 75 ++++++++++--------- manifests/plugins/ml2.pp | 5 ++ manifests/plugins/ml2/type_driver.pp | 5 +- manifests/server.pp | 4 + manifests/server/notifications.pp | 10 +++ 18 files changed, 437 insertions(+), 38 deletions(-) create mode 100644 lib/puppet/provider/neutron_nuage_metadata_agent_config/ini_setting.rb create mode 100644 lib/puppet/type/neutron_nuage_metadata_agent_config.rb create mode 100644 manifests/agents/nuage_metadata.pp diff --git a/lib/puppet/provider/neutron_nuage_metadata_agent_config/ini_setting.rb b/lib/puppet/provider/neutron_nuage_metadata_agent_config/ini_setting.rb new file mode 100644 index 0000000..d1d9c4e --- /dev/null +++ b/lib/puppet/provider/neutron_nuage_metadata_agent_config/ini_setting.rb @@ -0,0 +1,22 @@ +Puppet::Type.type(:neutron_nuage_metadata_agent_config).provide( + :ini_setting, + :parent => Puppet::Type.type(:ini_setting).provider(:ruby) +) do + + def section + resource[:name].split('/', 2).first + end + + def setting + resource[:name].split('/', 2).last + end + + def separator + '=' + end + + def file_path + '/etc/default/nuage-metadata-agent' + end + +end diff --git a/lib/puppet/type/neutron_nuage_metadata_agent_config.rb b/lib/puppet/type/neutron_nuage_metadata_agent_config.rb new file mode 100644 index 0000000..0559841 --- /dev/null +++ b/lib/puppet/type/neutron_nuage_metadata_agent_config.rb @@ -0,0 +1,42 @@ +Puppet::Type.newtype(:neutron_nuage_metadata_agent_config) do + + ensurable + + newparam(:name, :namevar => true) do + desc 'Section/setting name to manage from nuage-metadata-agent' + newvalues(/\S*\/\S+/) + end + + newproperty(:value) do + desc 'The value of the setting to be defined.' + munge do |value| + value = value.to_s.strip + value + end + + def is_to_s( currentvalue ) + if resource.secret? + return '[old secret redacted]' + else + return currentvalue + end + end + + def should_to_s( newvalue ) + if resource.secret? + return '[new secret redacted]' + else + return newvalue + end + end + end + + newparam(:secret, :boolean => true) do + desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' + + newvalues(:true, :false) + + defaultto false + end + +end diff --git a/manifests/agents/dhcp.pp b/manifests/agents/dhcp.pp index 0f5f26f..e8ca41b 100644 --- a/manifests/agents/dhcp.pp +++ b/manifests/agents/dhcp.pp @@ -162,10 +162,17 @@ class neutron::agents::dhcp ( } } + # WRS disabling this in CentOS ?? + if $::operatingsystem == 'CentOS' { + $real_enabled = false + } else { + $real_enabled = $enabled + } + service { 'neutron-dhcp-service': ensure => $service_ensure, name => $::neutron::params::dhcp_agent_service, - enable => $enabled, + enable => $real_enabled, tag => 'neutron-service', } } diff --git a/manifests/agents/l3.pp b/manifests/agents/l3.pp index 651c750..c02d132 100644 --- a/manifests/agents/l3.pp +++ b/manifests/agents/l3.pp @@ -159,10 +159,18 @@ class neutron::agents::l3 ( } else { $service_ensure = 'stopped' } + + # WRS. + if $::operatingsystem == 'CentOS' { + $real_enabled = false + } else { + $real_enabled = $enabled + } + service { 'neutron-l3': ensure => $service_ensure, name => $::neutron::params::l3_agent_service, - enable => $enabled, + enable => $real_enabled, tag => 'neutron-service', } } diff --git a/manifests/agents/metadata.pp b/manifests/agents/metadata.pp index 0619a59..b0691e2 100644 --- a/manifests/agents/metadata.pp +++ b/manifests/agents/metadata.pp @@ -135,10 +135,17 @@ class neutron::agents::metadata ( } } + # WRS + if $::operatingsystem == 'CentOS' { + $real_enabled = false + } else { + $real_enabled = $enabled + } + service { 'neutron-metadata': ensure => $service_ensure, name => $::neutron::params::metadata_agent_service, - enable => $enabled, + enable => $real_enabled, tag => 'neutron-service', } } diff --git a/manifests/agents/ml2/sriov.pp b/manifests/agents/ml2/sriov.pp index 9b25b43..736cbee 100644 --- a/manifests/agents/ml2/sriov.pp +++ b/manifests/agents/ml2/sriov.pp @@ -114,6 +114,8 @@ class neutron::agents::ml2::sriov ( } else { $service_ensure = 'stopped' } + } else { + $service_ensure = 'stopped' } service { 'neutron-sriov-nic-agent-service': diff --git a/manifests/agents/nuage_metadata.pp b/manifests/agents/nuage_metadata.pp new file mode 100644 index 0000000..776a3db --- /dev/null +++ b/manifests/agents/nuage_metadata.pp @@ -0,0 +1,86 @@ +# == Class: neutron::agents::nuage_metadata +# +# Setup and configure Neutron nuage metadata agent. +# +# === Parameters +# +# [*metadata_port*] +# The TCP Port used by Nuage metadata agent. Defaults to 9697. +# +# [*nova_metadata_ip*] +# (required) IP address used by Nova metadata server. +# +# [*nova_metadata_port*] +# The TCP Port used by Nova metadata server. Defaults to 8775. +# +# [*metadata_proxy_shared_secret*] +# (required) Used to sign the Instance-ID header. +# +# [*nova_client_version*] +# Version of nova client. Defaults to 2. +# +# [*nova_os_username*] +# (required) Nova username. +# +# [*nova_os_password*] +# (required) Nova password. +# +# [*nova_os_tenant_name*] +# (required) Nova tenant name. +# +# [*nova_os_auth_url*] +# (required) Nova auth URL. Format: http://:5000/v2.0 +# +# [*nova_metadata_agent_start_with_ovs*] +# If nuage-metadata-agent needs to be started with nuage-openvswitch-switch. +# Defaults to true. +# +# [*nova_api_endpoint_type*] +# Nova API endpoint type (one of publicURL, internalURL, adminURL). +# Defaults to publicURL. +# +# [*nova_region_name*] +# (required) Nova region name. +# + +class neutron::agents::nuage_metadata ( + $metadata_port = '9697', + $nova_metadata_ip = undef, + $nova_metadata_port = '8775', + $metadata_proxy_shared_secret, + $nova_client_version = '2', + $nova_os_username = undef, + $nova_os_password, + $nova_os_tenant_name = undef, + $nova_os_auth_url = undef, + $nova_metadata_agent_start_with_ovs = 'true', + $nova_api_endpoint_type = 'publicURL', + $nova_region_name = undef, + ) { + + Neutron_config<||> ~> Service['nuage-metadata-agent'] + Neutron_nuage_metadata_agent_config<||> ~> Service['nuage-metadata-agent'] + + neutron_nuage_metadata_agent_config { + '/METADATA_PORT': value => $metadata_port; + '/NOVA_METADATA_IP': value => $nova_metadata_ip; + '/NOVA_METADATA_PORT': value => $nova_metadata_port; + '/METADATA_PROXY_SHARED_SECRET': value => $metadata_proxy_shared_secret; + '/NOVA_CLIENT_VERSION': value => $nova_client_version; + '/NOVA_OS_USERNAME': value => $nova_os_username; + '/NOVA_OS_PASSWORD': value => $nova_os_password; + '/NOVA_OS_TENANT_NAME': value => $nova_os_tenant_name; + '/NOVA_OS_AUTH_URL': value => $nova_os_auth_url; + '/NUAGE_METADATA_AGENT_START_WITH_OVS': value=> $nova_metadata_agent_start_with_ovs; + '/NOVA_API_ENDPOINT_TYPE': value => $nova_api_endpoint_type; + '/NOVA_REGION_NAME': value => $nova_region_name; + } + + service { 'nuage-metadata-agent': + ensure => 'running', + enable => false, + hasstatus => false, + hasrestart => true, + require => Class['neutron'], + } +} diff --git a/manifests/db/sync.pp b/manifests/db/sync.pp index 6e6a8b9..98679f6 100644 --- a/manifests/db/sync.pp +++ b/manifests/db/sync.pp @@ -37,5 +37,8 @@ class neutron::db::sync( Anchor['neutron::dbsync::begin'] ], notify => Anchor['neutron::dbsync::end'], + # Only do the db sync if both controllers are running the same software + # version. Avoids impacting mate controller during an upgrade. + onlyif => "test $::controller_sw_versions_match = true", } } diff --git a/manifests/init.pp b/manifests/init.pp index 92e49b6..6f611ef 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -329,6 +329,23 @@ # transport://user:pass@host1:port[,hostN:portN]/virtual_host # Defaults to $::os_service_default. # +# +# WRS PARAMETERS +# +# [*host_driver*] +# (optional) Sets a specific object class to be used as the host +# management driver +# +# [*fm_driver*] +# (optional) Sets a specific object class to be used as the fault +# management driver +# +# +# [*vlan_transparent*] +# (optional) Allow networks to be created with vlan_transparent attribute +# +# +# # DEPRECATED PARAMETERS # # [*rabbit_password*] @@ -422,6 +439,10 @@ class neutron ( $notification_driver = $::os_service_default, $notification_topics = $::os_service_default, $notification_transport_url = $::os_service_default, + # WRS + $host_driver = 'neutron.drivers.host.NoopHostDriver', + $fm_driver = 'neutron.drivers.fm.NoopFmDriver', + $vlan_transparent = false, # DEPRECATED PARAMETERS $rabbit_password = $::os_service_default, $rabbit_host = $::os_service_default, @@ -485,6 +506,8 @@ instead.") purge => $purge_config, } + $ceilometer_driver = "[ messagingv2 ] " + neutron_config { 'DEFAULT/bind_host': value => $bind_host; 'DEFAULT/bind_port': value => $bind_port; @@ -504,6 +527,10 @@ instead.") 'agent/root_helper': value => $root_helper; 'agent/root_helper_daemon': value => $root_helper_daemon; 'agent/report_interval': value => $report_interval; + # WRS + 'DEFAULT/host_driver': value => $host_driver; + 'DEFAULT/fm_driver': value => $fm_driver; + 'DEFAULT/vlan_transparent': value => $vlan_transparent; } oslo::messaging::default { 'neutron_config': diff --git a/manifests/params.pp b/manifests/params.pp index fdb0645..aeb5c66 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -7,28 +7,29 @@ class neutron::params { $client_package = 'python-neutronclient' $server_service = 'neutron-server' - $ovs_agent_service = 'neutron-openvswitch-agent' - $linuxbridge_agent_service = 'neutron-linuxbridge-agent' - $cisco_config_file = '/etc/neutron/plugins/cisco/cisco_plugins.ini' + #$ovs_agent_service = 'neutron-openvswitch-agent' + #$linuxbridge_agent_service = 'neutron-linuxbridge-agent' + #$cisco_config_file = '/etc/neutron/plugins/cisco/cisco_plugins.ini' $opencontrail_plugin_package = 'neutron-plugin-contrail' $opencontrail_config_file = '/etc/neutron/plugins/opencontrail/ContrailPlugin.ini' - $midonet_server_package = 'python-networking-midonet' - $midonet_server_package_ext = 'python-networking-midonet-ext' - $midonet_config_file = '/etc/neutron/plugins/midonet/midonet.ini' + #$midonet_server_package = 'python-networking-midonet' + #$midonet_server_package_ext = 'python-networking-midonet-ext' + #$midonet_config_file = '/etc/neutron/plugins/midonet/midonet.ini' $ovn_plugin_package = 'python-networking-ovn' $vpp_plugin_package = 'python-networking-vpp' $vpp_agent_service = 'neutron-vpp-agent' - $plumgrid_plugin_package = 'networking-plumgrid' - $plumgrid_pythonlib_package = 'plumgrid-pythonlib' - $plumgrid_config_file = '/etc/neutron/plugins/plumgrid/plumgrid.ini' + #$plumgrid_plugin_package = 'networking-plumgrid' + #$plumgrid_pythonlib_package = 'plumgrid-pythonlib' + #$plumgrid_config_file = '/etc/neutron/plugins/plumgrid/plumgrid.ini' $nuage_config_file = '/etc/neutron/plugins/nuage/plugin.ini' $dhcp_agent_service = 'neutron-dhcp-agent' $lbaasv2_agent_service = 'neutron-lbaasv2-agent' $haproxy_package = 'haproxy' - $metering_agent_service = 'neutron-metering-agent' + #$metering_agent_service = 'neutron-metering-agent' - $vpnaas_agent_service = 'neutron-vpn-agent' + #$vpnaas_agent_service = 'neutron-vpn-agent' - $l3_agent_service = 'neutron-l3-agent' + $l3_agent_service = 'neutron-l3-agent' $metadata_agent_service = 'neutron-metadata-agent' + $metadata_agent_package = undef $bagpipe_bgp_package = 'openstack-bagpipe-bgp' $bgpvpn_bagpipe_package = 'python-networking-bagpipe' $bgpvpn_bagpipe_service = 'bagpipe-bgp' @@ -36,41 +37,47 @@ class neutron::params { $l2gw_agent_service = 'neutron-l2gw-agent' $nsx_plugin_package = 'vmware-nsx' $nsx_config_file = '/etc/neutron/plugins/vmware/nsx.ini' + $vswitch_agent_service = '' + $router_scheduler_driver = 'neutron.scheduler.l3_agent_scheduler.HostBasedScheduler' + $network_scheduler_driver = 'neutron.scheduler.dhcp_agent_scheduler.HostBasedScheduler' + $router_status_managed = true + # CentOS is in the Redhat osfamily if($::osfamily == 'Redhat') { $nobody_user_group = 'nobody' $package_name = 'openstack-neutron' $server_package = false - $ml2_server_package = 'openstack-neutron-ml2' - $ovs_agent_package = false - $ovs_server_package = 'openstack-neutron-openvswitch' - $ovs_cleanup_service = 'neutron-ovs-cleanup' - $libnl_package = 'libnl' - $package_provider = 'rpm' - $linuxbridge_agent_package = false - $linuxbridge_server_package = 'openstack-neutron-linuxbridge' + #$ml2_server_package = 'openstack-neutron-ml2' + $ml2_server_package = false + #$ovs_agent_package = false + #$ovs_server_package = 'openstack-neutron-openvswitch' + #$ovs_cleanup_service = 'neutron-ovs-cleanup' + #$libnl_package = 'libnl' + #$package_provider = 'rpm' + #$linuxbridge_agent_package = false + #$linuxbridge_server_package = 'openstack-neutron-linuxbridge' $sriov_nic_agent_service = 'neutron-sriov-nic-agent' $sriov_nic_agent_package = 'openstack-neutron-sriov-nic-agent' $bigswitch_lldp_package = 'openstack-neutron-bigswitch-lldp' - $bigswitch_agent_package = 'openstack-neutron-bigswitch-agent' - $bigswitch_lldp_service = 'neutron-bsn-lldp' - $bigswitch_agent_service = 'neutron-bsn-agent' - $cisco_server_package = 'openstack-neutron-cisco' - $nvp_server_package = 'openstack-neutron-nicira' + #$bigswitch_agent_package = 'openstack-neutron-bigswitch-agent' + #$bigswitch_lldp_service = 'neutron-bsn-lldp' + #$bigswitch_agent_service = 'neutron-bsn-agent' + #$cisco_server_package = 'openstack-neutron-cisco' + #$nvp_server_package = 'openstack-neutron-nicira' $dhcp_agent_package = false - $lbaasv2_agent_package = 'openstack-neutron-lbaas' - $metering_agent_package = 'openstack-neutron-metering-agent' - $vpnaas_agent_package = 'openstack-neutron-vpnaas' + #$lbaasv2_agent_package = 'openstack-neutron-lbaas' + #$metering_agent_package = 'openstack-neutron-metering-agent' + #$vpnaas_agent_package = 'openstack-neutron-vpnaas' $l2gw_agent_package = 'openstack-neutron-l2gw-agent' $l2gw_package = 'python2-networking-l2gw' - if $::operatingsystemrelease =~ /^7.*/ or $::operatingsystem == 'Fedora' { - $openswan_package = 'libreswan' - } else { - $openswan_package = 'openswan' - } - $libreswan_package = 'libreswan' + #if $::operatingsystemrelease =~ /^7.*/ or $::operatingsystem == 'Fedora' { + # $openswan_package = 'libreswan' + #} else { + # $openswan_package = 'openswan' + #} + #$libreswan_package = 'libreswan' $l3_agent_package = false - $fwaas_package = 'openstack-neutron-fwaas' + #$fwaas_package = 'openstack-neutron-fwaas' $neutron_wsgi_script_path = '/var/www/cgi-bin/neutron' $neutron_wsgi_script_source = '/usr/bin/neutron-api' } elsif($::osfamily == 'Debian') { @@ -99,7 +106,7 @@ class neutron::params { $vpnaas_agent_package = 'neutron-vpn-agent' $openswan_package = 'openswan' $libreswan_package = false - $metadata_agent_package = 'neutron-metadata-agent' + $metadata_agent_package = undef $l3_agent_package = 'neutron-l3-agent' $fwaas_package = 'python-neutron-fwaas' $l2gw_agent_package = 'neutron-l2gateway-agent' diff --git a/manifests/plugins/ml2.pp b/manifests/plugins/ml2.pp index b943593..92fb5b4 100644 --- a/manifests/plugins/ml2.pp +++ b/manifests/plugins/ml2.pp @@ -152,6 +152,8 @@ class neutron::plugins::ml2 ( $purge_config = false, $max_header_size = $::os_service_default, $overlay_ip_version = $::os_service_default, + $ensure_default_security_group = true, + $notify_interval = 0, # DEPRECATED PARAMETERS $supported_pci_vendor_devs = undef, ) { @@ -230,6 +232,9 @@ class neutron::plugins::ml2 ( 'ml2/overlay_ip_version': value => $overlay_ip_version; 'securitygroup/enable_security_group': value => $enable_security_group; 'securitygroup/firewall_driver': value => $firewall_driver; + # WRS + 'securitygroup/ensure_default_security_group': value => $ensure_default_security_group; + 'securitygroup/notify_interval': value => $notify_interval; } if is_service_default($physical_network_mtus) { diff --git a/manifests/plugins/ml2/type_driver.pp b/manifests/plugins/ml2/type_driver.pp index b158695..20141f0 100644 --- a/manifests/plugins/ml2/type_driver.pp +++ b/manifests/plugins/ml2/type_driver.pp @@ -112,6 +112,9 @@ define neutron::plugins::ml2::type_driver ( elsif ($name == 'local') { warning('local type_driver is useful only for single-box, because it provides no connectivity between hosts') } + elsif ($name == 'managed_flat' or $name == 'managed_vlan' or $name == 'managed_vxlan') { + debug('managed_flat, managed_vlan, and managed_vxlan type_driver requires further runtime configuration') + } elsif ($name == 'nexus_vxlan') { # Nexus_vxlan type driver has its own class separate from this one } @@ -130,6 +133,6 @@ define neutron::plugins::ml2::type_driver ( } else { # detect an invalid type_drivers value - warning('type_driver unknown.') + warning('type_driver (${name}) unknown.') } } diff --git a/manifests/server.pp b/manifests/server.pp index 785c59c..8a1a3f7 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -256,6 +256,8 @@ class neutron::server ( $service_providers = $::os_service_default, $auth_strategy = 'keystone', $enable_proxy_headers_parsing = $::os_service_default, + # WRS + $router_status_managed = $neutron::params::router_status_managed, # DEPRECATED PARAMETERS $log_dir = undef, $log_file = undef, @@ -340,6 +342,8 @@ class neutron::server ( 'DEFAULT/default_availability_zones': value => join(any2array($default_availability_zones), ','); 'DEFAULT/network_auto_schedule': value => $network_auto_schedule; 'service_providers/service_provider': value => $service_providers; + # WRS + 'DEFAULT/router_status_managed': value => $router_status_managed; } if $state_path { diff --git a/manifests/server/notifications.pp b/manifests/server/notifications.pp index d398245..f55751d 100644 --- a/manifests/server/notifications.pp +++ b/manifests/server/notifications.pp @@ -50,6 +50,10 @@ # (optional) The name of the admin nova tenant # Defaults to 'services' # +# [*project_domain_name*] +# (optional) Nova project's domain name +# Defaults to 'Default' +# # [*project_domain_id*] # (optional) Nova project's domain ID # Defaults to 'default' @@ -62,6 +66,10 @@ # (optional) Nova project's name # Defaults to 'services' # +# [*user_domain_name*] +# (optional) User's domain name for connection to nova in admin context +# Defaults to 'Default' +# # [*user_domain_id*] # (optional) User's domain ID for connection to nova in admin context # Defaults to 'default' @@ -105,6 +113,7 @@ class neutron::server::notifications ( $user_domain_name = 'Default', $auth_url = 'http://127.0.0.1:35357', $region_name = $::os_service_default, + $endpoint_type = 'public', # DEPRECATED PARAMETERS $auth_plugin = $::os_service_default, ) { @@ -121,6 +130,7 @@ class neutron::server::notifications ( 'nova/password': value => $password, secret => true; 'nova/project_domain_id': value => $project_domain_id; 'nova/project_domain_name': value => $project_domain_name; + 'nova/endpoint_type': value => $endpoint_type; 'nova/project_name': value => $project_name; 'nova/user_domain_id': value => $user_domain_id; 'nova/user_domain_name': value => $user_domain_name; -- 1.8.3.1