Browse Source

Add setters for images and neutron

Change-Id: I2d7555f5d5f5276509fa9752a2922244cc6f0f2d
Andrey Shestakov 3 years ago
parent
commit
e09382edd6
60 changed files with 4374 additions and 4 deletions
  1. 0
    3
      .gitmodules
  2. 41
    0
      deployment_scripts/puppet/manifests/ironic-conductor-config.pp
  3. 0
    1
      deployment_scripts/puppet/modules/ironic
  4. 14
    0
      deployment_scripts/puppet/modules/ironic/.fixtures.yml
  5. 5
    0
      deployment_scripts/puppet/modules/ironic/.gitignore
  6. 4
    0
      deployment_scripts/puppet/modules/ironic/.gitreview
  7. 4
    0
      deployment_scripts/puppet/modules/ironic/CHANGELOG.md
  8. 30
    0
      deployment_scripts/puppet/modules/ironic/Gemfile
  9. 176
    0
      deployment_scripts/puppet/modules/ironic/LICENSE
  10. 105
    0
      deployment_scripts/puppet/modules/ironic/README.md
  11. 9
    0
      deployment_scripts/puppet/modules/ironic/Rakefile
  12. 119
    0
      deployment_scripts/puppet/modules/ironic/examples/ironic.pp
  13. 150
    0
      deployment_scripts/puppet/modules/ironic/lib/puppet/provider/ironic.rb
  14. 27
    0
      deployment_scripts/puppet/modules/ironic/lib/puppet/provider/ironic_config/ini_setting.rb
  15. 150
    0
      deployment_scripts/puppet/modules/ironic/lib/puppet/provider/ironic_images_setter/ini_setting.rb
  16. 140
    0
      deployment_scripts/puppet/modules/ironic/lib/puppet/provider/ironic_neutron_setter/ini_setting.rb
  17. 47
    0
      deployment_scripts/puppet/modules/ironic/lib/puppet/type/ironic_config.rb
  18. 31
    0
      deployment_scripts/puppet/modules/ironic/lib/puppet/type/ironic_images_setter.rb
  19. 31
    0
      deployment_scripts/puppet/modules/ironic/lib/puppet/type/ironic_neutron_setter.rb
  20. 182
    0
      deployment_scripts/puppet/modules/ironic/manifests/api.pp
  21. 202
    0
      deployment_scripts/puppet/modules/ironic/manifests/bifrost.pp
  22. 41
    0
      deployment_scripts/puppet/modules/ironic/manifests/client.pp
  23. 83
    0
      deployment_scripts/puppet/modules/ironic/manifests/conductor.pp
  24. 30
    0
      deployment_scripts/puppet/modules/ironic/manifests/config.pp
  25. 77
    0
      deployment_scripts/puppet/modules/ironic/manifests/db/mysql.pp
  26. 47
    0
      deployment_scripts/puppet/modules/ironic/manifests/db/postgresql.pp
  27. 26
    0
      deployment_scripts/puppet/modules/ironic/manifests/db/sync.pp
  28. 37
    0
      deployment_scripts/puppet/modules/ironic/manifests/drivers/ipmi.pp
  29. 110
    0
      deployment_scripts/puppet/modules/ironic/manifests/drivers/pxe.pp
  30. 402
    0
      deployment_scripts/puppet/modules/ironic/manifests/init.pp
  31. 214
    0
      deployment_scripts/puppet/modules/ironic/manifests/keystone/auth.pp
  32. 48
    0
      deployment_scripts/puppet/modules/ironic/manifests/params.pp
  33. 29
    0
      deployment_scripts/puppet/modules/ironic/manifests/policy.pp
  34. 40
    0
      deployment_scripts/puppet/modules/ironic/metadata.json
  35. 130
    0
      deployment_scripts/puppet/modules/ironic/spec/acceptance/basic_ironic_spec.rb
  36. 9
    0
      deployment_scripts/puppet/modules/ironic/spec/acceptance/nodesets/default.yml
  37. 10
    0
      deployment_scripts/puppet/modules/ironic/spec/acceptance/nodesets/nodepool-centos7.yml
  38. 10
    0
      deployment_scripts/puppet/modules/ironic/spec/acceptance/nodesets/nodepool-trusty.yml
  39. 120
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_api_spec.rb
  40. 84
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_bifrost_spec.rb
  41. 40
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_client_spec.rb
  42. 106
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_conductor_spec.rb
  43. 20
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_config_spec.rb
  44. 89
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_db_mysql_spec.rb
  45. 58
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_db_postgresql_spec.rb
  46. 44
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_db_sync_spec.rb
  47. 69
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_drivers_ipmi_spec.rb
  48. 104
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_drivers_pxe_spec.rb
  49. 315
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_init_spec.rb
  50. 177
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_keystone_auth_spec.rb
  51. 41
    0
      deployment_scripts/puppet/modules/ironic/spec/classes/ironic_policy_spec.rb
  52. 5
    0
      deployment_scripts/puppet/modules/ironic/spec/shared_examples.rb
  53. 7
    0
      deployment_scripts/puppet/modules/ironic/spec/spec_helper.rb
  54. 56
    0
      deployment_scripts/puppet/modules/ironic/spec/spec_helper_acceptance.rb
  55. 42
    0
      deployment_scripts/puppet/modules/ironic/spec/unit/provider/ironic_config/ini_setting_spec.rb
  56. 111
    0
      deployment_scripts/puppet/modules/ironic/spec/unit/provider/ironic_spec.rb
  57. 19
    0
      deployment_scripts/puppet/modules/ironic/spec/unit/type/ironic_config_spec.rb
  58. 3
    0
      deployment_scripts/puppet/modules/ironic/templates/baremetal.json.erb
  59. 44
    0
      deployment_scripts/puppet/modules/ironic/templates/group_vars_all.erb
  60. 10
    0
      deployment_tasks.yaml

+ 0
- 3
.gitmodules View File

@@ -1,6 +1,3 @@
1 1
 [submodule "deployment_scripts/puppet/modules/tftp"]
2 2
 	path = deployment_scripts/puppet/modules/tftp
3 3
 	url = https://github.com/puppetlabs/puppetlabs-tftp
4
-[submodule "deployment_scripts/puppet/modules/ironic"]
5
-	path = deployment_scripts/puppet/modules/ironic
6
-	url = https://github.com/openstack/puppet-ironic

+ 41
- 0
deployment_scripts/puppet/manifests/ironic-conductor-config.pp View File

@@ -0,0 +1,41 @@
1
+notice('MODULAR: ironic/ironic-conductor-config.pp')
2
+
3
+$ironic_hash                = hiera_hash('fuel-plugin-ironic', {})
4
+$management_vip             = hiera('management_vip')
5
+$keystone_endpoint          = hiera('keystone_endpoint', $management_vip)
6
+$neutron_endpoint           = hiera('neutron_endpoint', $management_vip)
7
+
8
+$ironic_tenant              = pick($ironic_hash['tenant'],'services')
9
+$ironic_user                = pick($ironic_hash['user'],'ironic')
10
+$ironic_user_password       = pick($ironic_hash['password'],'ironic')
11
+
12
+include ::ironic::params
13
+
14
+ironic_images_setter {'ironic_images':
15
+  ensure           => present,
16
+  auth_url         => "http://${keystone_endpoint}:5000/v2.0/",
17
+  auth_username    => $ironic_user,
18
+  auth_password    => $ironic_user_password,
19
+  auth_tenant_name => $ironic_tenant,
20
+  glance_url       => "http://${management_vip}:9292/v2.0/",
21
+}
22
+
23
+ironic_neutron_setter {'ironic_network':
24
+  ensure           => present,
25
+  auth_url         => "http://${keystone_endpoint}:5000/v2.0/",
26
+  auth_username    => $ironic_user,
27
+  auth_password    => $ironic_user_password,
28
+  auth_tenant_name => $ironic_tenant,
29
+  neutron_url      => "http://${neutron_endpoint}:9696/v2.0/",
30
+}
31
+
32
+service { 'ironic-conductor':
33
+  ensure    => 'running',
34
+  name      => $::ironic::params::conductor_service,
35
+  enable    => true,
36
+  hasstatus => true,
37
+  tag       => 'ironic-service',
38
+}
39
+
40
+Ironic_images_setter<||> ~> Service['ironic-conductor']
41
+Ironic_neutron_setter<||> ~> Service['ironic-conductor']

+ 0
- 1
deployment_scripts/puppet/modules/ironic

@@ -1 +0,0 @@
1
-Subproject commit 69fa70013893a323a7cf62bc57963bd7a86bab04

+ 14
- 0
deployment_scripts/puppet/modules/ironic/.fixtures.yml View File

@@ -0,0 +1,14 @@
1
+fixtures:
2
+  repositories:
3
+    'inifile':  'git://github.com/puppetlabs/puppetlabs-inifile'
4
+    'concat':
5
+      'repo': 'git://github.com/puppetlabs/puppetlabs-concat.git'
6
+      'ref': '1.2.1'
7
+    'keystone': 'git://github.com/openstack/puppet-keystone.git'
8
+    'mysql': 'git://github.com/puppetlabs/puppetlabs-mysql.git'
9
+    'openstacklib': 'git://github.com/openstack/puppet-openstacklib.git'
10
+    'postgresql': 'git://github.com/puppetlabs/puppet-postgresql.git'
11
+    'stdlib': 'git://github.com/puppetlabs/puppetlabs-stdlib.git'
12
+    'vcsrepo': 'git://github.com/puppetlabs/puppetlabs-vcsrepo.git'
13
+  symlinks:
14
+    'ironic': "#{source_dir}"

+ 5
- 0
deployment_scripts/puppet/modules/ironic/.gitignore View File

@@ -0,0 +1,5 @@
1
+*.swp
2
+spec/fixtures/modules/*
3
+spec/fixtures/manifests/site.pp
4
+Gemfile.lock
5
+.vendor

+ 4
- 0
deployment_scripts/puppet/modules/ironic/.gitreview View File

@@ -0,0 +1,4 @@
1
+[gerrit]
2
+host=review.openstack.org
3
+port=29418
4
+project=openstack/puppet-ironic.git

+ 4
- 0
deployment_scripts/puppet/modules/ironic/CHANGELOG.md View File

@@ -0,0 +1,4 @@
1
+##2015-07-08 - 6.0.0
2
+###Summary
3
+
4
+- Initial release of the puppet-ironic module

+ 30
- 0
deployment_scripts/puppet/modules/ironic/Gemfile View File

@@ -0,0 +1,30 @@
1
+source 'https://rubygems.org'
2
+
3
+group :development, :test do
4
+  gem 'puppetlabs_spec_helper', :require => false
5
+  gem 'rspec-puppet', '~> 2.1.0', :require => false
6
+
7
+  gem 'metadata-json-lint'
8
+  gem 'puppet-lint-absolute_classname-check'
9
+  gem 'puppet-lint-absolute_template_path'
10
+  gem 'puppet-lint-trailing_newline-check'
11
+
12
+  # Puppet 4.x related lint checks
13
+  gem 'puppet-lint-unquoted_string-check'
14
+  gem 'puppet-lint-leading_zero-check'
15
+  gem 'puppet-lint-variable_contains_upcase'
16
+  gem 'puppet-lint-numericvariable'
17
+
18
+  gem 'beaker-rspec', :require => false
19
+  gem 'beaker-puppet_install_helper', :require => false
20
+  gem 'json'
21
+  gem 'webmock'
22
+end
23
+
24
+if puppetversion = ENV['PUPPET_GEM_VERSION']
25
+  gem 'puppet', puppetversion, :require => false
26
+else
27
+  gem 'puppet', :require => false
28
+end
29
+
30
+# vim:ft=ruby

+ 176
- 0
deployment_scripts/puppet/modules/ironic/LICENSE View File

@@ -0,0 +1,176 @@
1
+
2
+                                 Apache License
3
+                           Version 2.0, January 2004
4
+                        http://www.apache.org/licenses/
5
+
6
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
7
+
8
+   1. Definitions.
9
+
10
+      "License" shall mean the terms and conditions for use, reproduction,
11
+      and distribution as defined by Sections 1 through 9 of this document.
12
+
13
+      "Licensor" shall mean the copyright owner or entity authorized by
14
+      the copyright owner that is granting the License.
15
+
16
+      "Legal Entity" shall mean the union of the acting entity and all
17
+      other entities that control, are controlled by, or are under common
18
+      control with that entity. For the purposes of this definition,
19
+      "control" means (i) the power, direct or indirect, to cause the
20
+      direction or management of such entity, whether by contract or
21
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
22
+      outstanding shares, or (iii) beneficial ownership of such entity.
23
+
24
+      "You" (or "Your") shall mean an individual or Legal Entity
25
+      exercising permissions granted by this License.
26
+
27
+      "Source" form shall mean the preferred form for making modifications,
28
+      including but not limited to software source code, documentation
29
+      source, and configuration files.
30
+
31
+      "Object" form shall mean any form resulting from mechanical
32
+      transformation or translation of a Source form, including but
33
+      not limited to compiled object code, generated documentation,
34
+      and conversions to other media types.
35
+
36
+      "Work" shall mean the work of authorship, whether in Source or
37
+      Object form, made available under the License, as indicated by a
38
+      copyright notice that is included in or attached to the work
39
+      (an example is provided in the Appendix below).
40
+
41
+      "Derivative Works" shall mean any work, whether in Source or Object
42
+      form, that is based on (or derived from) the Work and for which the
43
+      editorial revisions, annotations, elaborations, or other modifications
44
+      represent, as a whole, an original work of authorship. For the purposes
45
+      of this License, Derivative Works shall not include works that remain
46
+      separable from, or merely link (or bind by name) to the interfaces of,
47
+      the Work and Derivative Works thereof.
48
+
49
+      "Contribution" shall mean any work of authorship, including
50
+      the original version of the Work and any modifications or additions
51
+      to that Work or Derivative Works thereof, that is intentionally
52
+      submitted to Licensor for inclusion in the Work by the copyright owner
53
+      or by an individual or Legal Entity authorized to submit on behalf of
54
+      the copyright owner. For the purposes of this definition, "submitted"
55
+      means any form of electronic, verbal, or written communication sent
56
+      to the Licensor or its representatives, including but not limited to
57
+      communication on electronic mailing lists, source code control systems,
58
+      and issue tracking systems that are managed by, or on behalf of, the
59
+      Licensor for the purpose of discussing and improving the Work, but
60
+      excluding communication that is conspicuously marked or otherwise
61
+      designated in writing by the copyright owner as "Not a Contribution."
62
+
63
+      "Contributor" shall mean Licensor and any individual or Legal Entity
64
+      on behalf of whom a Contribution has been received by Licensor and
65
+      subsequently incorporated within the Work.
66
+
67
+   2. Grant of Copyright License. Subject to the terms and conditions of
68
+      this License, each Contributor hereby grants to You a perpetual,
69
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
70
+      copyright license to reproduce, prepare Derivative Works of,
71
+      publicly display, publicly perform, sublicense, and distribute the
72
+      Work and such Derivative Works in Source or Object form.
73
+
74
+   3. Grant of Patent License. Subject to the terms and conditions of
75
+      this License, each Contributor hereby grants to You a perpetual,
76
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
77
+      (except as stated in this section) patent license to make, have made,
78
+      use, offer to sell, sell, import, and otherwise transfer the Work,
79
+      where such license applies only to those patent claims licensable
80
+      by such Contributor that are necessarily infringed by their
81
+      Contribution(s) alone or by combination of their Contribution(s)
82
+      with the Work to which such Contribution(s) was submitted. If You
83
+      institute patent litigation against any entity (including a
84
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
85
+      or a Contribution incorporated within the Work constitutes direct
86
+      or contributory patent infringement, then any patent licenses
87
+      granted to You under this License for that Work shall terminate
88
+      as of the date such litigation is filed.
89
+
90
+   4. Redistribution. You may reproduce and distribute copies of the
91
+      Work or Derivative Works thereof in any medium, with or without
92
+      modifications, and in Source or Object form, provided that You
93
+      meet the following conditions:
94
+
95
+      (a) You must give any other recipients of the Work or
96
+          Derivative Works a copy of this License; and
97
+
98
+      (b) You must cause any modified files to carry prominent notices
99
+          stating that You changed the files; and
100
+
101
+      (c) You must retain, in the Source form of any Derivative Works
102
+          that You distribute, all copyright, patent, trademark, and
103
+          attribution notices from the Source form of the Work,
104
+          excluding those notices that do not pertain to any part of
105
+          the Derivative Works; and
106
+
107
+      (d) If the Work includes a "NOTICE" text file as part of its
108
+          distribution, then any Derivative Works that You distribute must
109
+          include a readable copy of the attribution notices contained
110
+          within such NOTICE file, excluding those notices that do not
111
+          pertain to any part of the Derivative Works, in at least one
112
+          of the following places: within a NOTICE text file distributed
113
+          as part of the Derivative Works; within the Source form or
114
+          documentation, if provided along with the Derivative Works; or,
115
+          within a display generated by the Derivative Works, if and
116
+          wherever such third-party notices normally appear. The contents
117
+          of the NOTICE file are for informational purposes only and
118
+          do not modify the License. You may add Your own attribution
119
+          notices within Derivative Works that You distribute, alongside
120
+          or as an addendum to the NOTICE text from the Work, provided
121
+          that such additional attribution notices cannot be construed
122
+          as modifying the License.
123
+
124
+      You may add Your own copyright statement to Your modifications and
125
+      may provide additional or different license terms and conditions
126
+      for use, reproduction, or distribution of Your modifications, or
127
+      for any such Derivative Works as a whole, provided Your use,
128
+      reproduction, and distribution of the Work otherwise complies with
129
+      the conditions stated in this License.
130
+
131
+   5. Submission of Contributions. Unless You explicitly state otherwise,
132
+      any Contribution intentionally submitted for inclusion in the Work
133
+      by You to the Licensor shall be under the terms and conditions of
134
+      this License, without any additional terms or conditions.
135
+      Notwithstanding the above, nothing herein shall supersede or modify
136
+      the terms of any separate license agreement you may have executed
137
+      with Licensor regarding such Contributions.
138
+
139
+   6. Trademarks. This License does not grant permission to use the trade
140
+      names, trademarks, service marks, or product names of the Licensor,
141
+      except as required for reasonable and customary use in describing the
142
+      origin of the Work and reproducing the content of the NOTICE file.
143
+
144
+   7. Disclaimer of Warranty. Unless required by applicable law or
145
+      agreed to in writing, Licensor provides the Work (and each
146
+      Contributor provides its Contributions) on an "AS IS" BASIS,
147
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
148
+      implied, including, without limitation, any warranties or conditions
149
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
150
+      PARTICULAR PURPOSE. You are solely responsible for determining the
151
+      appropriateness of using or redistributing the Work and assume any
152
+      risks associated with Your exercise of permissions under this License.
153
+
154
+   8. Limitation of Liability. In no event and under no legal theory,
155
+      whether in tort (including negligence), contract, or otherwise,
156
+      unless required by applicable law (such as deliberate and grossly
157
+      negligent acts) or agreed to in writing, shall any Contributor be
158
+      liable to You for damages, including any direct, indirect, special,
159
+      incidental, or consequential damages of any character arising as a
160
+      result of this License or out of the use or inability to use the
161
+      Work (including but not limited to damages for loss of goodwill,
162
+      work stoppage, computer failure or malfunction, or any and all
163
+      other commercial damages or losses), even if such Contributor
164
+      has been advised of the possibility of such damages.
165
+
166
+   9. Accepting Warranty or Additional Liability. While redistributing
167
+      the Work or Derivative Works thereof, You may choose to offer,
168
+      and charge a fee for, acceptance of support, warranty, indemnity,
169
+      or other liability obligations and/or rights consistent with this
170
+      License. However, in accepting such obligations, You may act only
171
+      on Your own behalf and on Your sole responsibility, not on behalf
172
+      of any other Contributor, and only if You agree to indemnify,
173
+      defend, and hold each Contributor harmless for any liability
174
+      incurred by, or claims asserted against, such Contributor by reason
175
+      of your accepting any such warranty or additional liability.
176
+

+ 105
- 0
deployment_scripts/puppet/modules/ironic/README.md View File

@@ -0,0 +1,105 @@
1
+puppet-ironic
2
+=============
3
+
4
+6.0.0 - 2015.1 - Kilo
5
+
6
+#### Table of Contents
7
+
8
+1. [Overview - What is the ironic module?](#overview)
9
+2. [Module Description - What does the module do?](#module-description)
10
+3. [Setup - The basics of getting started with ironic](#setup)
11
+4. [Implementation - An under-the-hood peek at what the module is doing](#implementation)
12
+5. [Limitations - OS compatibility, etc.](#limitations)
13
+6. [Development - Guide for contributing to the module](#development)
14
+7. [Contributors - Those with commits](#contributors)
15
+
16
+Overview
17
+--------
18
+
19
+The ironic module is a part of [OpenStack](https://github.com/openstack), an effort by the Openstack infrastructure team to provide continuous integration testing and code review for Openstack and Openstack community projects as part of the core software. The module itself is used to flexibly configure and manage the baremetal service for Openstack.
20
+
21
+Module Description
22
+------------------
23
+
24
+Setup
25
+-----
26
+
27
+**What the ironic module affects:**
28
+
29
+* [Ironic](https://wiki.openstack.org/wiki/Ironic), the baremetal service for Openstack.
30
+
31
+### Installing Ironic
32
+
33
+    puppet module install openstack/ironic
34
+
35
+### Beginning with ironic
36
+
37
+To utilize the ironic module's functionality you will need to declare multiple resources.
38
+The following is a modified excerpt from the [openstack module](httpd://github.com/stackforge/puppet-openstack).
39
+This is not an exhaustive list of all the components needed. We recommend that you consult and understand the
40
+[openstack module](https://github.com/stackforge/puppet-openstack) and the [core openstack](http://docs.openstack.org)
41
+documentation to assist you in understanding the available deployment options.
42
+
43
+```puppet
44
+# enable Ironic resources
45
+class { '::ironic':
46
+  rabbit_userid       => 'ironic',
47
+  rabbit_password     => 'an_even_bigger_secret',
48
+  rabbit_host         => '127.0.0.1',
49
+  database_connection => 'mysql://ironic:a_big_secret@127.0.0.1/ironic?charset=utf8',
50
+}
51
+
52
+class { '::ironic::db::mysql':
53
+  password => 'a_big_secret',
54
+}
55
+
56
+class { '::ironic::keystone::auth':
57
+  password => 'a_big_secret',
58
+}
59
+
60
+class { '::ironic::client': }
61
+
62
+class { '::ironic::conductor': }
63
+
64
+class { '::ironic::api':
65
+  admin_password => 'a_big_secret',
66
+}
67
+
68
+class { '::ironic::drivers::ipmi': }
69
+```
70
+
71
+Examples of usage also can be found in the *examples* directory.
72
+
73
+Implementation
74
+--------------
75
+
76
+### puppet-ironic
77
+
78
+puppet-ironic is a combination of Puppet manifest and ruby code to delivery configuration and extra functionality through types and providers.
79
+
80
+Limitations
81
+-----------
82
+
83
+Beaker-Rspec
84
+------------
85
+
86
+This module has beaker-rspec tests
87
+
88
+To run:
89
+
90
+``shell
91
+bundle install
92
+bundle exec rspec spec/acceptance
93
+``
94
+
95
+Development
96
+-----------
97
+
98
+Developer documentation for the entire puppet-openstack project.
99
+
100
+* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation
101
+
102
+Contributors
103
+------------
104
+
105
+* https://github.com/openstack/puppet-ironic/graphs/contributors

+ 9
- 0
deployment_scripts/puppet/modules/ironic/Rakefile View File

@@ -0,0 +1,9 @@
1
+require 'puppetlabs_spec_helper/rake_tasks'
2
+require 'puppet-lint/tasks/puppet-lint'
3
+
4
+PuppetLint.configuration.fail_on_warnings = true
5
+PuppetLint.configuration.send('disable_80chars')
6
+PuppetLint.configuration.send('disable_class_parameter_defaults')
7
+
8
+task(:default).clear
9
+task :default => [:spec, :lint]

+ 119
- 0
deployment_scripts/puppet/modules/ironic/examples/ironic.pp View File

@@ -0,0 +1,119 @@
1
+#
2
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
3
+#
4
+# Author: Emilien Macchi <emilien.macchi@enovance.com>
5
+#
6
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
7
+# not use this file except in compliance with the License. You may obtain
8
+# a copy of the License at
9
+#
10
+#      http://www.apache.org/licenses/LICENSE-2.0
11
+#
12
+# Unless required by applicable law or agreed to in writing, software
13
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15
+# License for the specific language governing permissions and limitations
16
+# under the License.
17
+#
18
+# Deploy Ironic
19
+#
20
+
21
+$db_host     = 'db'
22
+$db_username = 'ironic'
23
+$db_name     = 'ironic'
24
+$db_password = 'password'
25
+$rabbit_user     = 'ironic'
26
+$rabbit_password = 'ironic'
27
+$rabbit_vhost    = '/'
28
+$rabbit_hosts    = ['rabbitmq:5672']
29
+$rabbit_port     = '5672'
30
+$glance_api_servers = 'glance:9292'
31
+$deploy_kernel  = 'glance://deploy_kernel_uuid'
32
+$deploy_ramdisk = 'glance://deploy_ramdisk_uuid'
33
+$baremetal_json_hosts = '
34
+  "ironic-bm-test.bifrost.example": {
35
+    "ansible_ssh_host": "1.1.1.1",
36
+    "uuid": "11111111-1111-1111-1111-111111111111",
37
+    "driver_info": {
38
+      "power": {
39
+        "ipmi_address": "10.0.0.1",
40
+        "ipmi_username": "admin",
41
+        "ipmi_password": "pass"
42
+      },
43
+    },
44
+    "nics": [
45
+      {
46
+        "mac": "ff:ff:ff:ff:ff:ff"
47
+      }
48
+    ],
49
+    "driver": "agent_ipmitool",
50
+    "ipv4_address": "1.1.1.1",
51
+    "properties": {
52
+      "cpu_arch": "x86_64",
53
+      "ram": null,
54
+       "disk_size": null,
55
+       "cpus": null
56
+    },
57
+    "name": "ironic-bm-test.bifrost.example"
58
+  }
59
+'
60
+
61
+node 'db' {
62
+
63
+  class { '::mysql::server':
64
+    config_hash => {
65
+      'bind_address' => '0.0.0.0',
66
+    },
67
+  }
68
+
69
+  class { '::mysql::ruby': }
70
+
71
+  class { '::ironic::db::mysql':
72
+    password      => $db_password,
73
+    dbname        => $db_name,
74
+    user          => $db_username,
75
+    host          => $clientcert,
76
+    allowed_hosts => ['controller'],
77
+  }
78
+
79
+}
80
+
81
+node controller {
82
+
83
+  class { '::ironic':
84
+    db_password         => $db_password,
85
+    db_name             => $db_name,
86
+    db_user             => $db_username,
87
+    db_host             => $db_host,
88
+
89
+    rabbit_password     => $rabbit_password,
90
+    rabbit_userid       => $rabbit_user,
91
+    rabbit_virtual_host => $rabbit_vhost,
92
+    rabbit_hosts        => $rabbit_hosts,
93
+
94
+    glance_api_servers  => $glance_api_servers,
95
+  }
96
+
97
+  class { '::ironic::api': }
98
+
99
+  class { '::ironic::conductor': }
100
+
101
+  class { '::ironic::drivers::ipmi': }
102
+
103
+  class { '::ironic::drivers::pxe':
104
+    deploy_kernel  => $deploy_kernel,
105
+    deploy_ramdisk => $deploy_ramdisk,
106
+  }
107
+
108
+}
109
+
110
+node bifrost-controller {
111
+
112
+  class { '::ironic::bifrost':
113
+    network_interface    => 'eth1',
114
+    ironic_db_password   => 'changeme',
115
+    mysql_password       => 'changemetoo',
116
+    baremetal_json_hosts => $baremetal_json_hosts,
117
+  }
118
+
119
+}

+ 150
- 0
deployment_scripts/puppet/modules/ironic/lib/puppet/provider/ironic.rb View File

@@ -0,0 +1,150 @@
1
+require 'csv'
2
+require 'puppet/util/inifile'
3
+
4
+class Puppet::Provider::Ironic < Puppet::Provider
5
+
6
+  def self.conf_filename
7
+    '/etc/ironic/ironic.conf'
8
+  end
9
+
10
+  def self.withenv(hash, &block)
11
+    saved = ENV.to_hash
12
+    hash.each do |name, val|
13
+      ENV[name.to_s] = val
14
+    end
15
+
16
+    yield
17
+  ensure
18
+    ENV.clear
19
+    saved.each do |name, val|
20
+      ENV[name] = val
21
+    end
22
+  end
23
+
24
+  def self.ironic_credentials
25
+    @ironic_credentials ||= get_ironic_credentials
26
+  end
27
+
28
+  def self.get_ironic_credentials
29
+    auth_keys = ['auth_host', 'auth_port', 'auth_protocol',
30
+                 'admin_tenant_name', 'admin_user', 'admin_password']
31
+    conf = ironic_conf
32
+    if conf and conf['keystone_authtoken'] and
33
+        auth_keys.all?{|k| !conf['keystone_authtoken'][k].nil?}
34
+      return Hash[ auth_keys.map \
35
+                   { |k| [k, conf['keystone_authtoken'][k].strip] } ]
36
+    else
37
+      raise(Puppet::Error, "File: #{conf_filename} does not contain all \
38
+required sections.  Ironic types will not work if ironic is not \
39
+correctly configured.")
40
+    end
41
+  end
42
+
43
+  def ironic_credentials
44
+    self.class.ironic_credentials
45
+  end
46
+
47
+  def self.auth_endpoint
48
+    @auth_endpoint ||= get_auth_endpoint
49
+  end
50
+
51
+  def self.get_auth_endpoint
52
+    q = ironic_credentials
53
+    "#{q['auth_protocol']}://#{q['auth_host']}:#{q['auth_port']}/v2.0/"
54
+  end
55
+
56
+  def self.ironic_conf
57
+    return @ironic_conf if @ironic_conf
58
+    @ironic_conf = Puppet::Util::IniConfig::File.new
59
+    @ironic_conf.read(conf_filename)
60
+    @ironic_conf
61
+  end
62
+
63
+  def self.auth_ironic(*args)
64
+    q = ironic_credentials
65
+    authenv = {
66
+      :OS_AUTH_URL    => self.auth_endpoint,
67
+      :OS_USERNAME    => q['admin_user'],
68
+      :OS_TENANT_NAME => q['admin_tenant_name'],
69
+      :OS_PASSWORD    => q['admin_password']
70
+    }
71
+    begin
72
+      withenv authenv do
73
+        ironic(args)
74
+      end
75
+    rescue Exception => e
76
+      if (e.message =~ /\[Errno 111\] Connection refused/) or
77
+          (e.message =~ /\(HTTP 400\)/)
78
+        sleep 10
79
+        withenv authenv do
80
+          ironic(args)
81
+        end
82
+      else
83
+       raise(e)
84
+      end
85
+    end
86
+  end
87
+
88
+  def auth_ironic(*args)
89
+    self.class.auth_ironic(args)
90
+  end
91
+
92
+  def self.reset
93
+    @ironic_conf        = nil
94
+    @ironic_credentials = nil
95
+  end
96
+
97
+  def self.list_ironic_resources(type)
98
+    ids = []
99
+    list = auth_ironic("#{type}-list", '--format=csv',
100
+                        '--column=id', '--quote=none')
101
+    (list.split("\n")[1..-1] || []).compact.collect do |line|
102
+      ids << line.strip
103
+    end
104
+    return ids
105
+  end
106
+
107
+  def self.get_ironic_resource_attrs(type, id)
108
+    attrs = {}
109
+    net = auth_ironic("#{type}-show", '--format=shell', id)
110
+    last_key = nil
111
+    (net.split("\n") || []).compact.collect do |line|
112
+      if line.include? '='
113
+        k, v = line.split('=', 2)
114
+        attrs[k] = v.gsub(/\A"|"\Z/, '')
115
+        last_key = k
116
+      else
117
+        # Handle the case of a list of values
118
+        v = line.gsub(/\A"|"\Z/, '')
119
+        attrs[last_key] = [attrs[last_key], v]
120
+      end
121
+    end
122
+    return attrs
123
+  end
124
+
125
+  def self.get_tenant_id(catalog, name)
126
+    instance_type = 'keystone_tenant'
127
+    instance = catalog.resource("#{instance_type.capitalize!}[#{name}]")
128
+    if ! instance
129
+      instance = Puppet::Type.type(instance_type).instances.find do |i|
130
+        i.provider.name == name
131
+      end
132
+    end
133
+    if instance
134
+      return instance.provider.id
135
+    else
136
+      fail("Unable to find #{instance_type} for name #{name}")
137
+    end
138
+  end
139
+
140
+  def self.parse_creation_output(data)
141
+    hash = {}
142
+    data.split("\n").compact.each do |line|
143
+      if line.include? '='
144
+        hash[line.split('=').first] = line.split('=', 2)[1].gsub(/\A"|"\Z/, '')
145
+      end
146
+    end
147
+    hash
148
+  end
149
+
150
+end

+ 27
- 0
deployment_scripts/puppet/modules/ironic/lib/puppet/provider/ironic_config/ini_setting.rb View File

@@ -0,0 +1,27 @@
1
+Puppet::Type.type(:ironic_config).provide(
2
+  :ini_setting,
3
+  :parent => Puppet::Type.type(:ini_setting).provider(:ruby)
4
+) do
5
+
6
+  def section
7
+    resource[:name].split('/', 2).first
8
+  end
9
+
10
+  def setting
11
+    resource[:name].split('/', 2).last
12
+  end
13
+
14
+  def separator
15
+    '='
16
+  end
17
+
18
+  def self.file_path
19
+    '/etc/ironic/ironic.conf'
20
+  end
21
+
22
+  # added for backwards compatibility with older versions of inifile
23
+  def file_path
24
+    self.class.file_path
25
+  end
26
+
27
+end

+ 150
- 0
deployment_scripts/puppet/modules/ironic/lib/puppet/provider/ironic_images_setter/ini_setting.rb View File

@@ -0,0 +1,150 @@
1
+require 'rubygems'
2
+require 'net/http'
3
+require 'net/https'
4
+require 'json'
5
+require 'puppet/util/inifile'
6
+
7
+class KeystoneError < Puppet::Error
8
+end
9
+
10
+class KeystoneConnectionError < KeystoneError
11
+end
12
+
13
+class KeystoneAPIError < KeystoneError
14
+end
15
+
16
+RETRY_COUNT = 10
17
+RETRY_SLEEP = 3
18
+
19
+def handle_request(req, url)
20
+    begin
21
+        use_ssl = url.scheme == "https" ? true : false
22
+        http = Net::HTTP.start(url.hostname, url.port, {:use_ssl => use_ssl})
23
+        res = http.request(req)
24
+
25
+        if res.code != '200'
26
+            raise KeystoneAPIError, "Received error response from Keystone server at #{url}: #{res.message}"
27
+        end
28
+    rescue Errno::ECONNREFUSED => detail
29
+        raise KeystoneConnectionError, "Failed to connect to Keystone server at #{url}: #{detail}"
30
+    rescue SocketError => detail
31
+        raise KeystoneConnectionError, "Failed to connect to Keystone server at #{url}: #{detail}"
32
+    end
33
+
34
+    res
35
+end
36
+
37
+def keystone_v2_authenticate(auth_url,
38
+                             username,
39
+                             password,
40
+                             tenantId=nil,
41
+                             tenantName=nil)
42
+
43
+    post_args = {
44
+        'auth' => {
45
+            'passwordCredentials' => {
46
+                'username' => username,
47
+                'password' => password
48
+            },
49
+        }}
50
+
51
+    if tenantId
52
+        post_args['auth']['tenantId'] = tenantId
53
+    end
54
+
55
+    if tenantName
56
+        post_args['auth']['tenantName'] = tenantName
57
+    end
58
+
59
+    url = URI.parse("#{auth_url}/tokens")
60
+    req = Net::HTTP::Post.new url.path
61
+    req['content-type'] = 'application/json'
62
+    req.body = post_args.to_json
63
+
64
+    res = handle_request(req, url)
65
+    data = JSON.parse res.body
66
+    return data['access']['token']['id']
67
+end
68
+
69
+def glance_images(glance_url, token)
70
+
71
+    url = URI.parse("#{glance_url}/images")
72
+    req = Net::HTTP::Get.new url.path
73
+    req['content-type'] = 'application/json'
74
+    req['x-auth-token'] = token
75
+
76
+    res = handle_request(req, url)
77
+    data = JSON.parse res.body
78
+    data['images']
79
+end
80
+
81
+Puppet::Type.type(:ironic_images_setter).provide(:ruby) do
82
+    @ironic_images = nil
83
+
84
+    def authenticate
85
+        keystone_v2_authenticate(
86
+          @resource[:auth_url],
87
+          @resource[:auth_username],
88
+          @resource[:auth_password],
89
+          nil,
90
+          @resource[:auth_tenant_name])
91
+    end
92
+
93
+    def find_image_by_name(images, name)
94
+        found_images = images.select{|image| image['name'] == name}
95
+        if found_images.length == 1
96
+          return found_images[0]['id']
97
+        elsif found_images.length == 0
98
+          raise KeystoneAPIError, "Image with name '#{name}' not found."
99
+        elsif found_images.length > 1
100
+          raise KeystoneAPIError, "Found multiple matches for name: '#{name}'"
101
+        end
102
+    end
103
+
104
+    def exists?
105
+      ini_file = Puppet::Util::IniConfig::File.new
106
+      ini_file.read("/etc/ironic/ironic.conf")
107
+      ironic_images.each do |setting, id|
108
+        if ! ( ini_file['fuel'] && ini_file['fuel'][setting] && ini_file['fuel'][setting] == id)
109
+          return nil
110
+        end
111
+      end
112
+    end
113
+
114
+    def create
115
+        config
116
+    end
117
+
118
+    def ironic_images
119
+      @ironic_images ||= get_ironic_images
120
+    end
121
+
122
+    def get_ironic_images
123
+      token = authenticate
124
+      RETRY_COUNT.times do |n|
125
+        begin
126
+          all_images = glance_images(@resource[:glance_url], token)
127
+        rescue => e
128
+          debug "Request failed: '#{e.message}' Retry: '#{n}'"
129
+          if n == RETRY_COUNT - 1
130
+            raise KeystoneAPIError, 'Unable to get images.'
131
+          end
132
+          sleep RETRY_SLEEP
133
+          next
134
+        end
135
+        ironic_images = Hash.new
136
+        ironic_images['deploy_kernel'] = find_image_by_name(all_images, 'ironic-deploy-linux')
137
+        ironic_images['deploy_ramdisk'] = find_image_by_name(all_images, 'ironic-deploy-initramfs')
138
+        ironic_images['deploy_squashfs'] = find_image_by_name(all_images, 'ironic-deploy-squashfs')
139
+        return ironic_images
140
+      end
141
+    end
142
+
143
+    def config
144
+      ironic_images.each do |setting, id|
145
+        Puppet::Type.type(:ironic_config).new(
146
+            {:name => "fuel/#{setting}", :value => id}
147
+        ).provider.create
148
+      end
149
+    end
150
+end

+ 140
- 0
deployment_scripts/puppet/modules/ironic/lib/puppet/provider/ironic_neutron_setter/ini_setting.rb View File

@@ -0,0 +1,140 @@
1
+require 'rubygems'
2
+require 'net/http'
3
+require 'net/https'
4
+require 'json'
5
+require 'puppet/util/inifile'
6
+
7
+class KeystoneError < Puppet::Error
8
+end
9
+
10
+class KeystoneConnectionError < KeystoneError
11
+end
12
+
13
+class KeystoneAPIError < KeystoneError
14
+end
15
+
16
+RETRY_COUNT = 10
17
+RETRY_SLEEP = 3
18
+
19
+def handle_request(req, url)
20
+    begin
21
+        use_ssl = url.scheme == "https" ? true : false
22
+        http = Net::HTTP.start(url.hostname, url.port, {:use_ssl => use_ssl})
23
+        res = http.request(req)
24
+
25
+        if res.code != '200'
26
+            raise KeystoneAPIError, "Received error response from Keystone server at #{url}: #{res.message}"
27
+        end
28
+    rescue Errno::ECONNREFUSED => detail
29
+        raise KeystoneConnectionError, "Failed to connect to Keystone server at #{url}: #{detail}"
30
+    rescue SocketError => detail
31
+        raise KeystoneConnectionError, "Failed to connect to Keystone server at #{url}: #{detail}"
32
+    end
33
+
34
+    res
35
+end
36
+
37
+def keystone_v2_authenticate(auth_url,
38
+                             username,
39
+                             password,
40
+                             tenantId=nil,
41
+                             tenantName=nil)
42
+
43
+    post_args = {
44
+        'auth' => {
45
+            'passwordCredentials' => {
46
+                'username' => username,
47
+                'password' => password
48
+            },
49
+        }}
50
+
51
+    if tenantId
52
+        post_args['auth']['tenantId'] = tenantId
53
+    end
54
+
55
+    if tenantName
56
+        post_args['auth']['tenantName'] = tenantName
57
+    end
58
+
59
+    url = URI.parse("#{auth_url}/tokens")
60
+    req = Net::HTTP::Post.new url.path
61
+    req['content-type'] = 'application/json'
62
+    req.body = post_args.to_json
63
+
64
+    res = handle_request(req, url)
65
+    data = JSON.parse res.body
66
+    return data['access']['token']['id']
67
+end
68
+
69
+def neutron_networks(neutron_url, token)
70
+
71
+    url = URI.parse("#{neutron_url}/networks")
72
+    req = Net::HTTP::Get.new url.path
73
+    req['content-type'] = 'application/json'
74
+    req['x-auth-token'] = token
75
+
76
+    res = handle_request(req, url)
77
+    data = JSON.parse res.body
78
+    data['networks']
79
+end
80
+
81
+Puppet::Type.type(:ironic_neutron_setter).provide(:ruby) do
82
+    @neutron_network = nil
83
+
84
+    def authenticate
85
+        keystone_v2_authenticate(
86
+          @resource[:auth_url],
87
+          @resource[:auth_username],
88
+          @resource[:auth_password],
89
+          nil,
90
+          @resource[:auth_tenant_name])
91
+    end
92
+
93
+    def find_network_by_name(networks, name)
94
+        found_networks = networks.select{|net| net['name'] == name}
95
+        if found_networks.length == 1
96
+          return found_networks[0]['id']
97
+        elsif found_networks.length == 0
98
+          raise KeystoneAPIError, "Network with name '#{name}' not found."
99
+        elsif found_networks.length > 1
100
+          raise KeystoneAPIError, "Found multiple matches for name: '#{name}'"
101
+        end
102
+    end
103
+
104
+    def exists?
105
+      ini_file = Puppet::Util::IniConfig::File.new
106
+      ini_file.read("/etc/ironic/ironic.conf")
107
+      ini_file['neutron'] && ini_file['neutron']['cleaning_network_uuid'] && ini_file['neutron']['cleaning_network_uuid'] == neutron_network
108
+    end
109
+
110
+    def create
111
+        config
112
+    end
113
+
114
+    def neutron_network
115
+      @neutron_network ||= get_neutron_network
116
+    end
117
+
118
+    def get_neutron_network
119
+      token = authenticate
120
+      RETRY_COUNT.times do |n|
121
+        begin
122
+          all_networks = neutron_networks(@resource[:neutron_url], token)
123
+        rescue => e
124
+          debug "Request failed: '#{e.message}' Retry: '#{n}'"
125
+          if n == RETRY_COUNT - 1
126
+            raise KeystoneAPIError, 'Unable to get networks.'
127
+          end
128
+          sleep RETRY_SLEEP
129
+          next
130
+        end
131
+        return find_network_by_name(all_networks, 'baremetal')
132
+      end
133
+    end
134
+
135
+    def config
136
+      Puppet::Type.type(:ironic_config).new(
137
+        {:name => "neutron/cleaning_network_uuid", :value => neutron_network}
138
+      ).provider.create
139
+    end
140
+end

+ 47
- 0
deployment_scripts/puppet/modules/ironic/lib/puppet/type/ironic_config.rb View File

@@ -0,0 +1,47 @@
1
+Puppet::Type.newtype(:ironic_config) do
2
+
3
+  ensurable
4
+
5
+  newparam(:name, :namevar => true) do
6
+    desc 'Section/setting name to manage from /etc/ironic/ironic.conf'
7
+    newvalues(/\S+\/\S+/)
8
+  end
9
+
10
+  newproperty(:value) do
11
+    desc 'The value of the setting to be defined.'
12
+    munge do |value|
13
+      value = value.to_s.strip
14
+      value.capitalize! if value =~ /^(true|false)$/i
15
+      value
16
+    end
17
+
18
+    def is_to_s( currentvalue )
19
+      if resource.secret?
20
+        return '[old secret redacted]'
21
+      else
22
+        return currentvalue
23
+      end
24
+    end
25
+
26
+    def should_to_s( newvalue )
27
+      if resource.secret?
28
+        return '[new secret redacted]'
29
+      else
30
+        return newvalue
31
+      end
32
+    end
33
+  end
34
+
35
+  newparam(:secret, :boolean => true) do
36
+    desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
37
+
38
+    newvalues(:true, :false)
39
+
40
+    defaultto false
41
+  end
42
+
43
+  autorequire(:package) do
44
+    'ironic-common'
45
+  end
46
+
47
+end

+ 31
- 0
deployment_scripts/puppet/modules/ironic/lib/puppet/type/ironic_images_setter.rb View File

@@ -0,0 +1,31 @@
1
+Puppet::Type.newtype(:ironic_images_setter) do
2
+
3
+    ensurable
4
+
5
+    newparam(:name, :namevar => true) do
6
+        desc 'The name of the setting to update'
7
+    end
8
+
9
+    newparam(:auth_url) do
10
+        desc 'The Keystone endpoint URL'
11
+        defaultto 'http://localhost:35357/v2.0'
12
+    end
13
+
14
+    newparam(:auth_username) do
15
+        desc 'Username with which to authenticate'
16
+        defaultto 'admin'
17
+    end
18
+
19
+    newparam(:auth_password) do
20
+        desc 'Password with which to authenticate'
21
+    end
22
+
23
+    newparam(:auth_tenant_name) do
24
+        desc 'Tenant name with which to authenticate'
25
+        defaultto 'admin'
26
+    end
27
+
28
+    newparam(:glance_url) do
29
+        desc 'Glance endpoint'
30
+    end
31
+end

+ 31
- 0
deployment_scripts/puppet/modules/ironic/lib/puppet/type/ironic_neutron_setter.rb View File

@@ -0,0 +1,31 @@
1
+Puppet::Type.newtype(:ironic_neutron_setter) do
2
+
3
+    ensurable
4
+
5
+    newparam(:name, :namevar => true) do
6
+        desc 'The name of the setting to update'
7
+    end
8
+
9
+    newparam(:auth_url) do
10
+        desc 'The Keystone endpoint URL'
11
+        defaultto 'http://localhost:35357/v2.0'
12
+    end
13
+
14
+    newparam(:auth_username) do
15
+        desc 'Username with which to authenticate'
16
+        defaultto 'admin'
17
+    end
18
+
19
+    newparam(:auth_password) do
20
+        desc 'Password with which to authenticate'
21
+    end
22
+
23
+    newparam(:auth_tenant_name) do
24
+        desc 'Tenant name with which to authenticate'
25
+        defaultto 'admin'
26
+    end
27
+
28
+    newparam(:neutron_url) do
29
+        desc 'Neutron endpoint'
30
+    end
31
+end

+ 182
- 0
deployment_scripts/puppet/modules/ironic/manifests/api.pp View File

@@ -0,0 +1,182 @@
1
+#
2
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
3
+#
4
+# Author: Emilien Macchi <emilien.macchi@enovance.com>
5
+#
6
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
7
+# not use this file except in compliance with the License. You may obtain
8
+# a copy of the License at
9
+#
10
+#      http://www.apache.org/licenses/LICENSE-2.0
11
+#
12
+# Unless required by applicable law or agreed to in writing, software
13
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15
+# License for the specific language governing permissions and limitations
16
+# under the License.
17
+
18
+# Configure the API service in Ironic
19
+#
20
+# === Parameters
21
+#
22
+# [*package_ensure*]
23
+#   (optional) Control the ensure parameter for the package ressource.
24
+#   Defaults to 'present'.
25
+#
26
+# [*enabled*]
27
+#   (optional) Define if the service must be enabled or not.
28
+#   Defaults to true.
29
+#
30
+# [*host_ip*]
31
+#   (optional) The listen IP for the Ironic API server.
32
+#   Should be an valid IP address
33
+#   Defaults to '0.0.0.0'.
34
+#
35
+# [*port*]
36
+#   (optional) The port for the Ironic API server.
37
+#   Should be an valid port
38
+#   Defaults to '0.0.0.0'.
39
+#
40
+# [*max_limit*]
41
+#   (optional) The maximum number of items returned in a single response
42
+#   from a collection resource.
43
+#   Should be an valid interger
44
+#   Defaults to '1000'.
45
+#
46
+# [*auth_host*]
47
+#   (optional) The IP of the server running keystone
48
+#   Defaults to '127.0.0.1'
49
+#
50
+# [*auth_port*]
51
+#   (optional) The port to use when authenticating against Keystone
52
+#   Defaults to 35357
53
+#
54
+# [*auth_protocol*]
55
+#   (optional) The protocol to use when authenticating against Keystone
56
+#   Defaults to 'http'
57
+#
58
+# [*auth_uri*]
59
+#   (optional) The uri of a Keystone service to authenticate against
60
+#   Defaults to false
61
+#
62
+# [*auth_admin_prefix*]
63
+#   (optional) Prefix to prepend at the beginning of the keystone path
64
+#   Defaults to false
65
+#
66
+# [*auth_version*]
67
+#   (optional) API version of the admin Identity API endpoint
68
+#   for example, use 'v3.0' for the keystone version 3.0 api
69
+#   Defaults to false
70
+#
71
+# [*admin_tenant_name*]
72
+#   (optional) The name of the tenant to create in keystone for use by the ironic services
73
+#   Defaults to 'services'
74
+#
75
+# [*admin_user*]
76
+#   (optional) The name of the user to create in keystone for use by the ironic services
77
+#   Defaults to 'ironic'
78
+#
79
+# [*neutron_url*]
80
+#   (optional) The Neutron URL to be used for requests from ironic
81
+#   Defaults to false
82
+#
83
+# [*admin_password*]
84
+#   (required) The password to set for the ironic admin user in keystone
85
+#
86
+
87
+class ironic::api (
88
+  $package_ensure    = 'present',
89
+  $enabled           = true,
90
+  $host_ip           = '0.0.0.0',
91
+  $port              = '6385',
92
+  $max_limit         = '1000',
93
+  $auth_host         = '127.0.0.1',
94
+  $auth_port         = '35357',
95
+  $auth_protocol     = 'http',
96
+  $auth_uri          = false,
97
+  $auth_admin_prefix = false,
98
+  $auth_version      = false,
99
+  $admin_tenant_name = 'services',
100
+  $admin_user        = 'ironic',
101
+  $neutron_url       = false,
102
+  $admin_password,
103
+) {
104
+
105
+  include ::ironic::params
106
+  include ::ironic::policy
107
+
108
+  Ironic_config<||> ~> Service['ironic-api']
109
+  Class['ironic::policy'] ~> Service['ironic-api']
110
+
111
+  # Configure ironic.conf
112
+  ironic_config {
113
+    'api/host_ip':   value => $host_ip;
114
+    'api/port':      value => $port;
115
+    'api/max_limit': value => $max_limit;
116
+  }
117
+
118
+  # Install package
119
+  if $::ironic::params::api_package {
120
+    Package['ironic-api'] -> Class['ironic::policy']
121
+    Package['ironic-api'] -> Service['ironic-api']
122
+    package { 'ironic-api':
123
+      ensure => $package_ensure,
124
+      name   => $::ironic::params::api_package,
125
+      tag    => ['openstack', 'ironic-package'],
126
+    }
127
+  }
128
+
129
+  if $enabled {
130
+    $ensure = 'running'
131
+  } else {
132
+    $ensure = 'stopped'
133
+  }
134
+
135
+  # Manage service
136
+  service { 'ironic-api':
137
+    ensure    => $ensure,
138
+    name      => $::ironic::params::api_service,
139
+    enable    => $enabled,
140
+    hasstatus => true,
141
+    tag       => 'ironic-service',
142
+  }
143
+
144
+  if $neutron_url {
145
+    ironic_config { 'neutron/url': value => $neutron_url; }
146
+  } else {
147
+    ironic_config { 'neutron/url': value => "${auth_protocol}://${auth_host}:9696/"; }
148
+  }
149
+
150
+  if $auth_uri {
151
+    ironic_config { 'keystone_authtoken/auth_uri': value => $auth_uri; }
152
+  } else {
153
+    ironic_config { 'keystone_authtoken/auth_uri': value => "${auth_protocol}://${auth_host}:5000/"; }
154
+  }
155
+
156
+  if $auth_version {
157
+    ironic_config { 'keystone_authtoken/auth_version': value => $auth_version; }
158
+  } else {
159
+    ironic_config { 'keystone_authtoken/auth_version': ensure => absent; }
160
+  }
161
+
162
+  ironic_config {
163
+    'keystone_authtoken/auth_host':         value => $auth_host;
164
+    'keystone_authtoken/auth_port':         value => $auth_port;
165
+    'keystone_authtoken/auth_protocol':     value => $auth_protocol;
166
+    'keystone_authtoken/admin_tenant_name': value => $admin_tenant_name;
167
+    'keystone_authtoken/admin_user':        value => $admin_user;
168
+    'keystone_authtoken/admin_password':    value => $admin_password, secret => true;
169
+  }
170
+
171
+  if $auth_admin_prefix {
172
+    validate_re($auth_admin_prefix, '^(/.+[^/])?$')
173
+    ironic_config {
174
+      'keystone_authtoken/auth_admin_prefix': value => $auth_admin_prefix;
175
+    }
176
+  } else {
177
+    ironic_config {
178
+      'keystone_authtoken/auth_admin_prefix': ensure => absent;
179
+    }
180
+  }
181
+
182
+}

+ 202
- 0
deployment_scripts/puppet/modules/ironic/manifests/bifrost.pp View File

@@ -0,0 +1,202 @@
1
+# Copyright 2015 Hewlett-Packard Development Company, L.P.
2
+#
3
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
4
+# not use this file except in compliance with the License. You may obtain
5
+# a copy of the License at
6
+#
7
+#      http://www.apache.org/licenses/LICENSE-2.0
8
+#
9
+# Unless required by applicable law or agreed to in writing, software
10
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12
+# License for the specific language governing permissions and limitations
13
+# under the License.
14
+
15
+# == Class: ironic::bifrost
16
+#
17
+# Installs and configures Bifrost
18
+# Bifrost is a set of Ansible playbooks that automates the task of deploying a
19
+# base image onto a set of known hardware using Ironic. It provides modular
20
+# utility for one-off operating system deployment with as few operational requirements
21
+# as reasonably possible.
22
+# Bifrost also allows to install Ironic in a stand-alone fashion. In this kind of setup,
23
+# neither Keystone nor Neutron is installed, and dnsmasq is used to provide PXE booting.
24
+#
25
+# [*ironic_db_password*]
26
+#   (required) The Ironic DB password
27
+#
28
+# [*mysql_password*]
29
+#   (required) The mysql server password
30
+#
31
+# [*baremetal_json_hosts*]
32
+#   (required) Baremetal hosts in JSON format, will be included in baremetal.json
33
+#
34
+# [*git_source_repo*]
35
+#   (optional) Git repository location for pulling Bifrost
36
+#   Defaults to 'https://git.openstack.org/openstack/bifrost'
37
+#
38
+# [*revision*]
39
+#   (optional) The branch or commit to checkout on Bifrost repository
40
+#   Defaults to 'master'
41
+#
42
+# [*ensure*]
43
+#   (optional) Ensure value for cloning the Bifrost repository.
44
+#   This is a pass-thru variable for vcsrepo, acceptable values are
45
+#   present/bare/absent/latest
46
+#   Typically, you may want to set this value to either present or absent and use
47
+#   revision for setting the branch or commit to clone.
48
+#   Defaults to 'present'
49
+#
50
+# [*revision*]
51
+#   (optional) The branch or commit to checkout on Bifrost repository
52
+#   Defaults to 'master'
53
+#
54
+# [*git_dest_repo_folder*]
55
+#   (optional) Folder to clone the Bifrost git repository
56
+#   Defaults to '/opt/stack/bifrost'
57
+#
58
+# [*ironic_url*]
59
+#   (optional) The URL of the Ironic server
60
+#   Defaults to '"http://localhost:6385"'
61
+#
62
+# [*network_interface*]
63
+#   (optional) The network interface DHCP will serve requests on
64
+#    Defaults to '"virbr0"'
65
+#
66
+# [*testing*]
67
+#   (optional) If true, Ironic will provision libvirt and VMs instead of baremetal
68
+#   Defaults to 'false'
69
+#
70
+# [*testing_user*]
71
+#   (optional) VM default user in case testing is enabled
72
+#   Defaults to 'ubuntu'
73
+#
74
+# [*http_boot_folder*]
75
+#   (optional) gPXE folder location for HTTP PXE boot
76
+#   Defaults to '/httpboot'
77
+#
78
+# [*nginx_port*]
79
+#   (optional) NGINX HTTP port
80
+#   Defaults to 8080
81
+
82
+# [*ssh_public_key_path*]
83
+#   (optional) SSH public key location, this will be injected in provisioned servers
84
+#    Defaults to '"{{ ansible_env.HOME }}/.ssh/id_rsa.pub"'
85
+#
86
+# [*deploy_kernel*]
87
+#   (optional) Kernel to PXE boot from
88
+#   Defaults to '"{{http_boot_folder}}/coreos_production_pxe.vmlinuz"'
89
+#
90
+# [*deploy_ramdisk*]
91
+#   (optional) Ramdisk to load after kernel boot
92
+#   Defaults to '"{{http_boot_folder}}/coreos_production_pxe_image-oem.cpio.gz"'
93
+#
94
+# [*deploy_kernel_url*]
95
+#   (optional) Kernel URL
96
+#   Defaults to '"http://{{ hostvars[inventory_hostname][\'ansible_\' + network_interface][\'ipv4\'][\'address\'] }}:{{nginx_port}}/coreos_production_pxe.vmlinuz"'
97
+#
98
+# [*deploy_ramdisk_url*]
99
+#   (optional) Ramdisk URL
100
+#   Defaults to '"http://{{ hostvars[inventory_hostname][\'ansible_\' + network_interface][\'ipv4\'][\'address\'] }}:{{nginx_port}}/coreos_production_pxe_image-oem.cpio.gz"'
101
+#
102
+# [*deploy_image_filename*]
103
+#   (optional) Deploy image filename
104
+#   Defaults to '"deployment_image.qcow2"'
105
+#
106
+# [*deploy_image*]
107
+#   (optional) URL for the deployment image
108
+#   Defaults to '"{{http_boot_folder}}/{{deploy_image_filename}}"'
109
+#
110
+# [*create_image_via_dib*]
111
+#   (optional) Flag to enable/disable image creation with diskimage-builder
112
+#   Defaults to 'true'
113
+#
114
+# [*transform_boot_image*]
115
+#   (optional) Flag to prepend a partition image with boot sector and partition table
116
+#    Defaults to 'false'
117
+#
118
+# [*node_default_network_interface*]
119
+#   (optional) Default network interface to configure with configdrive settings
120
+#   Defaults to 'eth0'
121
+#
122
+# [*ipv4_subnet_mask*]
123
+#   (optional) Subnet mask for configured NIC
124
+#   Defaults to '255.255.255.0'
125
+#
126
+# [*ipv4_gateway*]
127
+#   (optional) Gateway for configured NIC
128
+#   Defaults to '192.168.1.1'
129
+#
130
+# [*ipv4_nameserver*]
131
+#   (optional) Nameserver for DNS configuration
132
+#   Defaults to '8.8.8.8'
133
+#
134
+# [*network_mtu*]
135
+#   (optional) MTU for configured NIC
136
+#   Defaults to '1500'
137
+#
138
+# [*dhcp_pool_start*]
139
+#   (optional) Dnsmasq DHCP pool start
140
+#   Defaults to '192.168.1.200'
141
+#
142
+# [*dhcp_pool_end*]
143
+#   (optional) Dnsmasq DHCP pool end
144
+#   Defaults to '192.168.1.250'
145
+#
146
+# [*ipmi_bridging*]
147
+#   (optional) Flag to enable/disable IPMI bridging
148
+#   Defaults to 'no'
149
+
150
+class ironic::bifrost (
151
+  $ironic_db_password,
152
+  $mysql_password,
153
+  $baremetal_json_hosts,
154
+  $git_source_repo                = 'https://git.openstack.org/openstack/bifrost',
155
+  $ensure                         = present,
156
+  $revision                       = 'master',
157
+  $git_dest_repo_folder           = '/opt/stack/bifrost',
158
+  $ironic_url                     = '"http://localhost:6385/"',
159
+  $network_interface              = '"virbr0"',
160
+  $testing                        = false,
161
+  $testing_user                   = 'ubuntu',
162
+  $http_boot_folder               = '/httpboot',
163
+  $nginx_port                     = 8080,
164
+  $ssh_public_key_path            = '"{{ ansible_env.HOME }}/.ssh/id_rsa.pub"',
165
+  $deploy_kernel                  = '"{{http_boot_folder}}/coreos_production_pxe.vmlinuz"',
166
+  $deploy_ramdisk                 = '"{{http_boot_folder}}/coreos_production_pxe_image-oem.cpio.gz"',
167
+  $deploy_kernel_url              = '"http://{{ hostvars[inventory_hostname][\'ansible_\' + network_interface][\'ipv4\'][\'address\'] }}:{{nginx_port}}/coreos_production_pxe.vmlinuz"',
168
+  $deploy_ramdisk_url             = '"http://{{ hostvars[inventory_hostname][\'ansible_\' + network_interface][\'ipv4\'][\'address\'] }}:{{nginx_port}}/coreos_production_pxe_image-oem.cpio.gz"',
169
+  $deploy_image_filename          = '"deployment_image.qcow2"',
170
+  $deploy_image                   = '"{{http_boot_folder}}/{{deploy_image_filename}}"',
171
+  $create_image_via_dib           = true,
172
+  $transform_boot_image           = false,
173
+  $node_default_network_interface = 'eth0',
174
+  $ipv4_subnet_mask               = '255.255.255.0',
175
+  $ipv4_gateway                   = '192.168.1.1',
176
+  $ipv4_nameserver                = '8.8.8.8',
177
+  $network_mtu                    = '1500',
178
+  $dhcp_pool_start                = '192.168.1.200',
179
+  $dhcp_pool_end                  = '192.168.1.250',
180
+  $ipmi_bridging                  = 'no',
181
+) {
182
+
183
+  vcsrepo { $git_dest_repo_folder:
184
+    ensure   => $ensure,
185
+    provider => git,
186
+    revision => $revision,
187
+    source   => $git_source_repo,
188
+  }
189
+
190
+  file { "${git_dest_repo_folder}/playbooks/inventory/group_vars/all":
191
+    ensure  => present,
192
+    content => template('ironic/group_vars_all.erb'),
193
+    require => Vcsrepo[$git_dest_repo_folder],
194
+  }
195
+
196
+  file { "${git_dest_repo_folder}/baremetal.json":
197
+    ensure  => present,
198
+    content => template('ironic/baremetal.json.erb'),
199
+    require => Vcsrepo[$git_dest_repo_folder],
200
+  }
201
+}
202
+

+ 41
- 0
deployment_scripts/puppet/modules/ironic/manifests/client.pp View File

@@ -0,0 +1,41 @@
1
+#
2
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
3
+#
4
+# Author: Emilien Macchi <emilien.macchi@enovance.com>
5
+#
6
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
7
+# not use this file except in compliance with the License. You may obtain
8
+# a copy of the License at
9
+#
10
+#      http://www.apache.org/licenses/LICENSE-2.0
11
+#
12
+# Unless required by applicable law or agreed to in writing, software
13
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15
+# License for the specific language governing permissions and limitations
16
+# under the License.
17
+
18
+# ironic::client
19
+#
20
+# Manages the ironic client package on systems
21
+#
22
+# === Parameters:
23
+#
24
+# [*package_ensure*]
25
+#   (optional) The state of the package
26
+#   Defaults to present
27
+#
28
+
29
+class ironic::client (
30
+  $package_ensure = present
31
+) {
32
+
33
+  include ::ironic::params
34
+
35
+  package { 'python-ironicclient':
36
+    ensure => $package_ensure,
37
+    name   => $::ironic::params::client_package,
38
+    tag    => 'openstack',
39
+  }
40
+
41
+}

+ 83
- 0
deployment_scripts/puppet/modules/ironic/manifests/conductor.pp View File

@@ -0,0 +1,83 @@
1
+#
2
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
3
+#
4
+# Author: Emilien Macchi <emilien.macchi@enovance.com>
5
+#
6
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
7
+# not use this file except in compliance with the License. You may obtain
8
+# a copy of the License at
9
+#
10
+#      http://www.apache.org/licenses/LICENSE-2.0
11
+#
12
+# Unless required by applicable law or agreed to in writing, software
13
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15
+# License for the specific language governing permissions and limitations
16
+# under the License.
17
+
18
+# Configure the conductor service in Ironic
19
+#
20
+# === Parameters
21
+#
22
+# [*package_ensure*]
23
+#   (optional) Control the ensure parameter for the package ressource.
24
+#   Defaults to 'present'.
25
+#
26
+# [*enabled*]
27
+#   (optional) Define if the service must be enabled or not.
28
+#   Defaults to true.
29
+#
30
+# [*max_time_interval*]
31
+#   (optional) Maximum time, in seconds, since the last check-in of a conductor.
32
+#   Should be an interger value
33
+#   Defaults to '120'.
34
+#
35
+# [*force_power_state_during_sync*]
36
+#   (optional) Should the hardware power state be set to the state recorded in
37
+#   the database (True) or should the database be updated based on the hardware
38
+#   state (False).
39
+#   Defaults to true.
40
+#
41
+class ironic::conductor (
42
+  $package_ensure                = 'present',
43
+  $enabled                       = true,
44
+  $max_time_interval             = '120',
45
+  $force_power_state_during_sync = true,
46
+) {
47
+
48
+  include ::ironic::params
49
+
50
+  Ironic_config<||> ~> Service['ironic-conductor']
51
+
52
+  # Configure ironic.conf
53
+  ironic_config {
54
+    'conductor/max_time_interval': value => $max_time_interval;
55
+    'conductor/force_power_state_during_sync': value => $force_power_state_during_sync;
56
+  }
57
+
58
+  # Install package
59
+  if $::ironic::params::conductor_package {
60
+    Package['ironic-conductor'] -> Service['ironic-conductor']
61
+    package { 'ironic-conductor':
62
+      ensure => $package_ensure,
63
+      name   => $::ironic::params::conductor_package,
64
+      tag    => ['openstack', 'ironic-package'],
65
+    }
66
+  }
67
+
68
+  if $enabled {
69
+    $ensure = 'running'
70
+  } else {
71
+    $ensure = 'stopped'
72
+  }
73
+
74
+  # Manage service
75
+  service { 'ironic-conductor':
76
+    ensure    => $ensure,
77
+    name      => $::ironic::params::conductor_service,
78
+    enable    => $enabled,
79
+    hasstatus => true,
80
+    tag       => 'ironic-service',
81
+  }
82
+
83
+}

+ 30
- 0
deployment_scripts/puppet/modules/ironic/manifests/config.pp View File

@@ -0,0 +1,30 @@
1
+# == Class: ironic::config
2
+#
3
+# This class is used to manage arbitrary Ironic configurations.
4
+#
5
+# === Parameters
6
+#
7
+# [*ironic_config*]
8
+#   (optional) Allow configuration of arbitrary Ironic configurations.
9
+#   The value is an hash of ironic_config resources. Example:
10
+#   { 'DEFAULT/foo' => { value => 'fooValue'},
11
+#     'DEFAULT/bar' => { value => 'barValue'}
12
+#   }
13
+#   In yaml format, Example:
14
+#   ironic_config:
15
+#     DEFAULT/foo:
16
+#       value: fooValue
17
+#     DEFAULT/bar:
18
+#       value: barValue
19
+#
20
+#   NOTE: The configuration MUST NOT be already handled by this module
21
+#   or Puppet catalog compilation will fail with duplicate resources.
22
+#
23
+class ironic::config (
24
+  $ironic_config        = {},
25
+) {
26
+
27
+  validate_hash($ironic_config)
28
+
29
+  create_resources('ironic_config', $ironic_config)
30
+}

+ 77
- 0
deployment_scripts/puppet/modules/ironic/manifests/db/mysql.pp View File

@@ -0,0 +1,77 @@
1
+#
2
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
3
+#
4
+# Author: Emilien Macchi <emilien.macchi@enovance.com>
5
+#
6
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
7
+# not use this file except in compliance with the License. You may obtain
8
+# a copy of the License at
9
+#
10
+#      http://www.apache.org/licenses/LICENSE-2.0
11
+#
12
+# Unless required by applicable law or agreed to in writing, software
13
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15
+# License for the specific language governing permissions and limitations
16
+# under the License.
17
+#
18
+# ironic::db::mysql
19
+#
20
+# [*password*]
21
+#   Password to use for the nova user
22
+#
23
+# [*dbname*]
24
+#   (optional) The name of the database
25
+#   Defaults to 'nova'
26
+#
27
+# [*user*]
28
+#   (optional) The mysql user to create
29
+#   Defaults to 'nova'
30
+#
31
+# [*host*]
32
+#   (optional) The IP address of the mysql server
33
+#   Defaults to '127.0.0.1'
34
+#
35
+# [*charset*]
36
+#   (optional) The charset to use for the nova database
37
+#   Defaults to 'utf8'
38
+#
39
+# [*collate*]
40
+#   (optional) The collate to use for the nova database
41
+#   Defaults to 'utf8_general_ci'
42
+#
43
+# [*allowed_hosts*]
44
+#   (optional) Additional hosts that are allowed to access this DB
45
+#   Defaults to undef
46
+#
47
+# [*cluster_id*]
48
+#   (optional) Deprecated. Does nothing
49
+
50
+class ironic::db::mysql (
51
+  $password,
52
+  $dbname        = 'ironic',
53
+  $user          = 'ironic',
54
+  $host          = '127.0.0.1',
55
+  $allowed_hosts = undef,
56
+  $charset       = 'utf8',
57
+  $collate       = 'utf8_general_ci',
58
+  $cluster_id    = undef,
59
+) {
60
+
61
+  if $cluster_id {
62
+    warning('The cluster_id parameter is deprecated and has no effect.')
63
+  }
64
+
65
+  ::openstacklib::db::mysql { 'ironic':
66
+    user          => $user,
67
+    password_hash => mysql_password($password),
68
+    dbname        => $dbname,
69
+    host          => $host,
70
+    charset       => $charset,
71
+    collate       => $collate,
72
+    allowed_hosts => $allowed_hosts,
73
+  }
74
+
75
+  ::Openstacklib::Db::Mysql['ironic'] ~> Exec<| title == 'ironic-dbsync' |>
76
+
77
+}

+ 47
- 0
deployment_scripts/puppet/modules/ironic/manifests/db/postgresql.pp View File

@@ -0,0 +1,47 @@
1
+# == Class: ironic::db::postgresql
2
+#
3
+# Class that configures postgresql for ironic
4
+# Requires the Puppetlabs postgresql module.
5
+#
6
+# === Parameters
7
+#
8
+# [*password*]
9
+#   (Required) Password to connect to the database.
10
+#
11
+# [*dbname*]
12
+#   (Optional) Name of the database.
13
+#   Defaults to 'ironic'.
14
+#
15
+# [*user*]
16
+#   (Optional) User to connect to the database.
17
+#   Defaults to 'ironic'.
18
+#
19
+#  [*encoding*]
20
+#    (Optional) The charset to use for the database.
21
+#    Default to undef.
22
+#
23
+#  [*privileges*]
24
+#    (Optional) Privileges given to the database user.
25
+#    Default to 'ALL'
26
+#
27
+class ironic::db::postgresql(
28
+  $password,
29
+  $dbname     = 'ironic',
30
+  $user       = 'ironic',
31
+  $encoding   = undef,
32
+  $privileges = 'ALL',
33
+) {
34
+
35
+  Class['ironic::db::postgresql'] -> Service<| title == 'ironic' |>
36
+
37
+  ::openstacklib::db::postgresql { 'ironic':
38
+    password_hash => postgresql_password($user, $password),
39
+    dbname        => $dbname,
40
+    user          => $user,
41
+    encoding      => $encoding,
42
+    privileges    => $privileges,
43
+  }
44
+
45
+  ::Openstacklib::Db::Postgresql['ironic'] ~> Exec<| title == 'ironic-dbsync' |>
46
+
47
+}

+ 26
- 0
deployment_scripts/puppet/modules/ironic/manifests/db/sync.pp View File

@@ -0,0 +1,26 @@
1
+#
2
+# Class to execute ironic dbsync
3
+#
4
+class ironic::db::sync {
5
+
6
+  include ::ironic::params
7
+
8
+  Package<| tag == 'ironic-package' |> ~> Exec['ironic-dbsync']
9
+  Exec['ironic-dbsync'] ~> Service <| tag == 'ironic-service' |>
10
+
11
+  Ironic_config<||> -> Exec['ironic-dbsync']
12
+  Ironic_config<| title == 'database/connection' |> ~> Exec['ironic-dbsync']
13
+
14
+  exec { 'ironic-dbsync':
15
+    command     => $::ironic::params::dbsync_command,
16
+    path        => '/usr/bin',
17
+    # Ubuntu packaging is running dbsync command as root during ironic-common
18
+    # postinstall script so when Puppet tries to run dbsync again, it fails
19
+    # because it is run with ironic user.
20
+    # This is a temporary patch until it's changed in Packaging
21
+    # https://bugs.launchpad.net/cloud-archive/+bug/1450942
22
+    user        => 'root',
23
+    refreshonly => true,
24
+    logoutput   => on_failure,
25
+  }
26
+}

+ 37
- 0
deployment_scripts/puppet/modules/ironic/manifests/drivers/ipmi.pp View File

@@ -0,0 +1,37 @@
1
+#
2
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
3
+#
4
+# Author: Emilien Macchi <emilien.macchi@enovance.com>
5
+#
6
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
7
+# not use this file except in compliance with the License. You may obtain
8
+# a copy of the License at
9
+#
10
+#      http://www.apache.org/licenses/LICENSE-2.0
11
+#
12
+# Unless required by applicable law or agreed to in writing, software
13
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15
+# License for the specific language governing permissions and limitations
16
+# under the License.
17
+
18
+# Configure the IPMI driver in Ironic
19
+#
20
+# === Parameters
21
+#
22
+# [*retry_timeout*]
23
+#   (optional) Maximum time in seconds to retry IPMI operations.
24
+#   Should be an interger value
25
+#   Defaults to '10'.
26
+#
27
+
28
+class ironic::drivers::ipmi (
29
+  $retry_timeout = '10'
30
+) {
31
+
32
+  # Configure ironic.conf
33
+  ironic_config {
34
+    'ipmi/retry_timeout': value => $retry_timeout;
35
+  }
36
+
37
+}

+ 110
- 0
deployment_scripts/puppet/modules/ironic/manifests/drivers/pxe.pp View File

@@ -0,0 +1,110 @@
1
+#
2
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
3
+#
4
+# Author: Emilien Macchi <emilien.macchi@enovance.com>
5
+#
6
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
7
+# not use this file except in compliance with the License. You may obtain
8
+# a copy of the License at
9
+#
10
+#      http://www.apache.org/licenses/LICENSE-2.0
11
+#
12
+# Unless required by applicable law or agreed to in writing, software
13
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15
+# License for the specific language governing permissions and limitations
16
+# under the License.
17
+
18
+# Configure the PXE driver in Ironic
19
+#
20
+# === Parameters
21
+#
22
+# [*deploy_kernel*]
23
+#   (optional) Default kernel image ID used in deployment phase.
24
+#   Should be an valid id
25
+#   Defaults to undef.
26
+#
27
+# [*deploy_ramdisk*]
28
+#   (optional) Default kernel image ID used in deployment phase.
29
+#   Should be an valid id
30
+#   Defaults to undef.
31
+#
32
+# [*pxe_append_params*]
33
+#   (optional) Additional append parameters for baremetal PXE boot.
34
+#   Should be valid pxe parameters
35
+#   Defaults to 'nofb nomodeset vga=normal'.
36
+#
37
+# [*pxe_config_template*]
38
+#   (optional) Template file for PXE configuration.
39
+#   Should be an valid template file
40
+#   Defaults to '$pybasedir/drivers/modules/pxe_config.template'.
41
+#
42
+# [*pxe_deploy_timeout*]
43
+#   (optional) Timeout for PXE deployments.
44
+#   Should be an valid integer
45
+#   Defaults to '0' for unlimited.
46
+#
47
+# [*tftp_server*]
48
+#   (optional) IP address of Ironic compute node's tftp server.
49
+#   Should be an valid IP address
50
+#   Defaults to '$my_ip'.
51
+#
52
+# [*tftp_root*]
53
+#   (optional) Ironic compute node's tftp root path.
54
+#   Should be an valid path
55
+#   Defaults to '/tftpboot'.
56
+#
57
+# [*images_path*]
58
+#   (optional) Directory where images are stored on disk.
59
+#   Should be an valid directory
60
+#   Defaults to '/tftpboot'.
61
+#
62
+# [*tftp_master_path*]
63
+#   (optional) Directory where master tftp images are stored on disk.
64
+#   Should be an valid directory
65
+#   Defaults to '/tftpboot/master_images'.
66
+#
67
+# [*instance_master_path*]
68
+#   (optional) Directory where master tftp images are stored on disk.
69
+#   Should be an valid directory
70
+#   Defaults to '/var/lib/ironic/master_images'.
71
+#
72
+
73
+class ironic::drivers::pxe (
74
+  $deploy_kernel        = undef,
75
+  $deploy_ramdisk       = undef,
76
+  $pxe_append_params    = 'nofb nomodeset vga=normal',
77
+  $pxe_config_template  = '$pybasedir/drivers/modules/pxe_config.template',
78
+  $pxe_deploy_timeout   = '0',
79
+  $tftp_server          = '$my_ip',
80
+  $tftp_root            = '/tftpboot',
81
+  $images_path          = '/var/lib/ironic/images/',
82
+  $tftp_master_path     = '/tftpboot/master_images',
83
+  $instance_master_path = '/var/lib/ironic/master_images',
84
+) {
85
+
86
+  # Configure ironic.conf
87
+  ironic_config {
88
+    'pxe/pxe_append_params': value    => $pxe_append_params;
89
+    'pxe/pxe_config_template': value  => $pxe_config_template;
90
+    'pxe/pxe_deploy_timeout': value   => $pxe_deploy_timeout;
91
+    'pxe/tftp_server': value          => $tftp_server;
92
+    'pxe/tftp_root': value            => $tftp_root;
93
+    'pxe/images_path': value          => $images_path;
94
+    'pxe/tftp_master_path': value     => $tftp_master_path;
95
+    'pxe/instance_master_path': value => $instance_master_path;
96
+  }
97
+
98
+  if $deploy_kernel {
99
+    ironic_config {
100
+      'pxe/deploy_kernel': value => $deploy_kernel;
101
+    }
102
+  }
103
+
104
+  if $deploy_ramdisk {
105
+    ironic_config {
106
+      'pxe/deploy_ramdisk': value => $deploy_ramdisk;
107
+    }
108
+  }
109
+
110
+}

+ 402
- 0
deployment_scripts/puppet/modules/ironic/manifests/init.pp View File

@@ -0,0 +1,402 @@
1
+#
2
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
3
+#
4
+# Author: Emilien Macchi <emilien.macchi@enovance.com>
5
+#
6
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
7
+# not use this file except in compliance with the License. You may obtain
8
+# a copy of the License at
9
+#
10
+#      http://www.apache.org/licenses/LICENSE-2.0
11
+#
12
+# Unless required by applicable law or agreed to in writing, software
13
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15
+# License for the specific language governing permissions and limitations
16
+# under the License.
17
+#
18
+# == Class: ironic
19
+#
20
+# Installs the ironic package and configures /etc/ironic/ironic.conf
21
+#
22
+# === Parameters:
23
+#
24
+# [*enabled*]
25
+#   (required) Whether or not to enable the ironic service
26
+#   true/false
27
+#
28
+# [*package_ensure*]
29
+#   (optional) The state of the package
30
+#   Defaults to 'present'
31
+#
32
+# [*verbose*]
33
+#   (optional) Verbose logging
34
+#   Defaults to False
35
+#
36
+# [*debug*]
37
+#   (optional) Print debug messages in the logs
38
+#   Defaults to False
39
+#
40
+# [*auth_strategy*]
41
+#   (optional) Default protocol to use when connecting to glance
42
+#   Defaults to 'keystone'. 'https' is the only other valid option for SSL
43
+#
44
+# [*enabled_drivers*]
45
+#  (optional) Array of drivers to load during service
46
+#  initialization.
47
+#  Defaults to ['pxe_ipmitool'].
48
+#
49
+# [*control_exchange*]
50
+#   (optional) What RPC queue/exchange to use
51
+#   Defaults to openstack
52
+#
53
+# [*rpc_backend*]
54
+#   (optional) what rpc/queuing service to use
55
+#   Defaults to impl_kombu (rabbitmq)
56
+#
57
+# [*rabbit_host*]
58
+#   (Optional) IP or hostname of the rabbit server.
59
+#   Defaults to 'localhost'
60
+#
61
+# [*rabbit_port*]
62
+#   (Optional) Port of the rabbit server.
63
+#   Defaults to 5672.
64
+#
65
+# [*rabbit_hosts*]
66
+#   (Optional) Array of host:port (used with HA queues).
67
+#   If defined, will remove rabbit_host & rabbit_port parameters from config
68
+#   Defaults to undef.
69
+#
70
+# [*rabbit_user*]
71
+#   (Optional) User to connect to the rabbit server.
72
+#   Defaults to undef.
73
+#   Deprecated, use rabbit_userid instead.
74
+#
75
+# [*rabbit_userid*]
76
+#   (Optional) User to connect to the rabbit server.
77
+#   Defaults to 'guest'
78
+#
79
+# [*rabbit_password*]
80
+#   (Optional) Password to connect to the rabbit_server.
81
+#   Defaults to empty.
82
+#
83
+# [*rabbit_virtual_host*]
84
+#   (Optional) Virtual_host to use.
85
+#   Defaults to '/'
86
+#
87
+# [*rabbit_use_ssl*]
88
+#   (optional) Connect over SSL for RabbitMQ
89
+#   Defaults to false
90
+#
91
+# [*kombu_ssl_ca_certs*]
92
+#   (optional) SSL certification authority file (valid only if SSL enabled).
93
+#   Defaults to undef
94
+#
95
+# [*kombu_ssl_certfile*]
96
+#   (optional) SSL cert file (valid only if SSL enabled).
97
+#   Defaults to undef
98
+#
99
+# [*kombu_ssl_keyfile*]
100
+#   (optional) SSL key file (valid only if SSL enabled).
101
+#   Defaults to undef
102
+#
103
+# [*kombu_ssl_version*]
104
+#   (optional) SSL version to use (valid only if SSL enabled).
105
+#   Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be
106
+#   available on some distributions.
107
+#   Defaults to 'TLSv1'
108
+#
109
+# [*amqp_durable_queues*]
110
+#   Use durable queues in amqp.
111
+#   (Optional) Defaults to false.
112
+#
113
+# [*rabbit_virtual_host*]
114
+#   (optional) Various rabbitmq settings
115
+#
116
+# [*rabbit_hosts*]
117
+#   (optional) array of rabbitmq servers for HA.
118
+#   A single IP address, such as a VIP, can be used for load-balancing
119
+#   multiple RabbitMQ Brokers.
120
+#   Defaults to false
121
+#
122
+# [*qpid_hostname*]
123
+# [*qpid_port*]
124
+# [*qpid_username*]
125
+# [*qpid_password*]
126
+# [*qpid_heartbeat*]
127
+# [*qpid_protocol*]
128
+# [*qpid_tcp_nodelay*]
129
+# [*qpid_reconnect*]
130
+# [*qpid_reconnect_timeout*]
131
+# [*qpid_reconnect_limit*]
132
+# [*qpid_reconnect_interval*]
133
+# [*qpid_reconnect_interval_min*]
134
+# [*qpid_reconnect_interval_max*]
135
+#   (optional) various QPID options
136
+#
137
+# [*use_syslog*]
138
+#   (optional) Use syslog for logging
139
+#   Defaults to false
140
+#
141
+# [*log_facility*]
142
+#   (optional) Syslog facility to receive log lines
143
+#   Defaults to LOG_USER
144
+#
145
+# [*database_connection*]
146
+#   (optional) Connection url for the ironic database.
147
+#   Defaults to: sqlite:////var/lib/ironic/ironic.sqlite
148
+#
149
+# [*database_max_retries*]
150
+#   (optional) Database reconnection retry times.
151
+#   Defaults to: 10
152
+#
153
+# [*database_idle_timeout*]
154
+#   (optional) Timeout before idle db connections are reaped.
155
+#   Defaults to: 3600
156
+#
157
+# [*database_reconnect_interval*]
158
+#   (optional) Database reconnection interval in seconds.
159
+#   Defaults to: 10
160
+#
161
+# [*database_retry_interval*]
162
+#   (optional) Database reconnection interval in seconds.
163
+#   Defaults to: 10
164
+#
165
+# [*glance_api_servers*]
166
+#   (optional) A list of the glance api servers available to ironic.
167
+#   Should be an array with [hostname|ip]:port
168
+#   Defaults to undef
169
+#
170
+# [*glance_num_retries*]
171
+#   (optional) Number retries when downloading an image from glance.
172
+#   Defaults to 0
173
+#
174
+# [*glance_api_insecure*]
175
+#   (optional) Allow to perform insecure SSL (https) requests to glance.
176
+#   Defaults to false
177
+#
178
+# [*sync_db*]
179
+#   Enable dbsync
180
+#   Defaults to true
181
+#
182
+class ironic (
183
+  $enabled                     = true,
184
+  $package_ensure              = 'present',
185
+  $verbose                     = false,
186
+  $debug                       = false,
187
+  $auth_strategy               = 'keystone',
188
+  $enabled_drivers             = ['pxe_ipmitool'],
189
+  $control_exchange            = 'openstack',
190
+  $rpc_backend                 = 'ironic.openstack.common.rpc.impl_kombu',
191
+  $rabbit_hosts                = false,
192
+  $rabbit_virtual_host         = '/',
193
+  $rabbit_host                 = 'localhost',
194
+  $rabbit_port                 = 5672,
195
+  $rabbit_hosts                = false,
196
+  $rabbit_virtual_host         = '/',
197
+  $rabbit_userid               = 'guest',
198
+  $rabbit_password             = false,
199
+  $rabbit_use_ssl              = false,
200
+  $kombu_ssl_ca_certs          = undef,
201
+  $kombu_ssl_certfile          = undef,
202
+  $kombu_ssl_keyfile           = undef,
203
+  $kombu_ssl_version           = 'TLSv1',
204
+  $amqp_durable_queues         = false,
205
+  $qpid_hostname               = 'localhost',
206
+  $qpid_port                   = '5672',
207
+  $qpid_username               = 'guest',
208
+  $qpid_password               = 'guest',
209
+  $qpid_heartbeat              = 60,
210
+  $qpid_protocol               = 'tcp',
211
+  $qpid_tcp_nodelay            = true,
212
+  $qpid_reconnect              = true,
213
+  $qpid_reconnect_timeout      = 0,
214
+  $qpid_reconnect_limit        = 0,
215
+  $qpid_reconnect_interval_min = 0,
216
+  $qpid_reconnect_interval_max = 0,
217
+  $qpid_reconnect_interval     = 0,
218
+  $use_syslog                  = false,
219
+  $log_facility                = 'LOG_USER',
220
+  $database_connection         = 'sqlite:////var/lib/ironic/ovs.sqlite',
221
+  $database_max_retries        = '10',
222
+  $database_idle_timeout       = '3600',
223
+  $database_reconnect_interval = '10',
224
+  $database_retry_interval     = '10',
225
+  $glance_api_servers          = undef,
226
+  $glance_num_retries          = '0',
227
+  $glance_api_insecure         = false,
228
+  $sync_db                     = true,
229
+  # DEPRECATED PARAMETERS
230
+  $rabbit_user                 = undef,
231
+) {
232
+
233
+  include ::ironic::params
234
+
235
+  if $rabbit_user {
236
+    warning('The rabbit_user parameter is deprecated. Please use rabbit_userid instead.')
237
+    $rabbit_user_real = $rabbit_user
238
+  } else {
239
+    $rabbit_user_real = $rabbit_userid
240
+  }
241
+
242
+  file { '/etc/ironic':
243
+    ensure  => directory,
244
+    require => Package['ironic-common'],
245
+    group   => 'ironic',
246
+  }
247
+
248
+  file { '/etc/ironic/ironic.conf':
249
+    require => Package['ironic-common'],
250
+    group   => 'ironic',
251
+  }
252
+
253
+  package { 'ironic-common':
254
+    ensure => $package_ensure,
255
+    name   => $::ironic::params::common_package_name,
256
+    tag    => ['openstack', 'ironic-package'],
257
+    notify => Exec['ironic-dbsync'],
258
+  }
259
+
260
+  validate_re($database_connection, '(sqlite|mysql|postgresql):\/\/(\S+:\S+@\S+\/\S+)?')
261
+  validate_array($enabled_drivers)
262
+
263
+  case $database_connection {
264
+    /mysql:\/\/\S+:\S+@\S+\/\S+/: {
265
+      $database_backend_package = false
266
+      require 'mysql::bindings'
267
+      require 'mysql::bindings::python'
268
+    }
269
+    /postgresql:\/\/\S+:\S+@\S+\/\S+/: {
270
+      $database_backend_package = 'python-psycopg2'
271
+    }
272
+    /sqlite:\/\//: {
273
+      $database_backend_package = 'python-pysqlite2'
274
+    }
275
+    default: {
276
+      fail("Invalid database connection: ${database_connection}")
277
+    }
278
+  }
279
+
280
+  if $database_backend_package and !defined(Package[$database_backend_package]) {
281
+    package { 'ironic-database-backend':
282
+      ensure => present,
283
+      name   => $database_backend_package,
284
+      tag    => 'openstack',
285
+    }
286
+  }
287
+
288
+  if is_array($glance_api_servers) {
289
+    ironic_config {
290
+      'glance/glance_api_servers': value => join($glance_api_servers, ',');
291
+    }
292
+  } elsif is_string($glance_api_servers) {
293
+    ironic_config {
294
+      'glance/glance_api_servers': value => $glance_api_servers;
295
+    }
296
+  }
297
+
298
+  ironic_config {
299
+    'DEFAULT/verbose':                 value => $verbose;
300
+    'DEFAULT/debug':                   value => $debug;
301
+    'DEFAULT/auth_strategy':           value => $auth_strategy;
302
+    'DEFAULT/rpc_backend':             value => $rpc_backend;
303
+    'DEFAULT/enabled_drivers':         value => join($enabled_drivers, ',');
304
+    'database/connection':             value => $database_connection, secret => true;
305
+    'database/idle_timeout':           value => $database_idle_timeout;
306
+    'database/retry_interval':         value => $database_retry_interval;
307
+    'database/max_retries':            value => $database_max_retries;
308
+    'glance/glance_num_retries':       value => $glance_num_retries;
309
+    'glance/glance_api_insecure':      value => $glance_api_insecure;
310
+  }
311
+
312
+  if $sync_db {
313
+    include ::ironic::db::sync
314
+  }
315
+
316
+  if $rpc_backend == 'ironic.openstack.common.rpc.impl_kombu' {
317
+
318
+    if ! $rabbit_password {
319
+      fail('When rpc_backend is rabbitmq, you must set rabbit password')
320
+    }
321
+
322
+    ironic_config {
323
+      'oslo_messaging_rabbit/rabbit_userid':       value => $rabbit_user_real;
324
+      'oslo_messaging_rabbit/rabbit_password':     value => $rabbit_password, secret => true;
325
+      'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host;
326
+      'oslo_messaging_rabbit/rabbit_use_ssl':      value => $rabbit_use_ssl;
327
+      'DEFAULT/control_exchange':    value => $control_exchange;
328
+      'DEFAULT/amqp_durable_queues': value => $amqp_durable_queues;
329
+    }
330
+
331
+    if $rabbit_hosts {
332
+      ironic_config { 'oslo_messaging_rabbit/rabbit_hosts':     value  => join($rabbit_hosts, ',') }
333
+      ironic_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value  => true }
334
+      ironic_config { 'oslo_messaging_rabbit/rabbit_host':      ensure => absent }
335
+      ironic_config { 'oslo_messaging_rabbit/rabbit_port':      ensure => absent }
336
+    } else  {
337
+      ironic_config { 'oslo_messaging_rabbit/rabbit_host':      value => $rabbit_host }
338
+      ironic_config { 'oslo_messaging_rabbit/rabbit_port':      value => $rabbit_port }
339
+      ironic_config { 'oslo_messaging_rabbit/rabbit_hosts':     value => "${rabbit_host}:${rabbit_port}" }
340
+      ironic_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false }
341
+    }
342
+
343
+    if $rabbit_use_ssl {
344
+      ironic_config { 'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version }
345
+
346
+      if $kombu_ssl_ca_certs {
347
+        ironic_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs }
348
+      } else {
349
+        ironic_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent}
350
+      }
351
+
352
+      if $kombu_ssl_certfile {
353
+        ironic_config { 'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile }
354
+      } else {
355
+        ironic_config { 'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent}
356
+      }
357
+
358
+      if $kombu_ssl_keyfile {
359
+        ironic_config { 'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile }
360
+      } else {
361
+        ironic_config { 'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent}
362
+      }
363
+    } else {
364
+      ironic_config {
365
+        'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent;
366
+        'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent;
367
+        'oslo_messaging_rabbit/kombu_ssl_keyfile':  ensure => absent;
368
+        'oslo_messaging_rabbit/kombu_ssl_version':  ensure => absent;
369
+      }
370
+    }
371
+  }
372
+
373
+  if $rpc_backend == 'ironic.openstack.common.rpc.impl_qpid' {
374
+    ironic_config {
375
+      'DEFAULT/qpid_hostname':               value => $qpid_hostname;
376
+      'DEFAULT/qpid_port':                   value => $qpid_port;
377
+      'DEFAULT/qpid_username':               value => $qpid_username;
378
+      'DEFAULT/qpid_password':               value => $qpid_password, secret => true;
379
+      'DEFAULT/qpid_heartbeat':              value => $qpid_heartbeat;
380
+      'DEFAULT/qpid_protocol':               value => $qpid_protocol;
381
+      'DEFAULT/qpid_tcp_nodelay':            value => $qpid_tcp_nodelay;
382
+      'DEFAULT/qpid_reconnect':              value => $qpid_reconnect;
383
+      'DEFAULT/qpid_reconnect_timeout':      value => $qpid_reconnect_timeout;
384
+      'DEFAULT/qpid_reconnect_limit':        value => $qpid_reconnect_limit;
385
+      'DEFAULT/qpid_reconnect_interval_min': value => $qpid_reconnect_interval_min;
386
+      'DEFAULT/qpid_reconnect_interval_max': value => $qpid_reconnect_interval_max;
387
+      'DEFAULT/qpid_reconnect_interval':     value => $qpid_reconnect_interval;
388
+    }
389
+  }
390
+
391
+  if $use_syslog {
392
+    ironic_config {
393
+      'DEFAULT/use_syslog':           value => true;
394
+      'DEFAULT/syslog_log_facility':  value => $log_facility;
395
+    }
396
+  } else {
397
+    ironic_config {
398
+      'DEFAULT/use_syslog':           value => false;
399
+    }
400
+  }
401
+
402
+}

+ 214
- 0
deployment_scripts/puppet/modules/ironic/manifests/keystone/auth.pp View File

@@ -0,0 +1,214 @@
1
+#
2
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
3
+#
4
+# Author: Emilien Macchi <emilien.macchi@enovance.com>
5
+#
6
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
7
+# not use this file except in compliance with the License. You may obtain
8
+# a copy of the License at
9
+#
10
+#      http://www.apache.org/licenses/LICENSE-2.0
11
+#
12
+# Unless required by applicable law or agreed to in writing, software
13
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15
+# License for the specific language governing permissions and limitations
16
+# under the License.
17
+#
18
+# ironic::keystone::auth
19
+#
20
+# Configures Ironic user, service and endpoint in Keystone.
21
+#
22
+# === Parameters
23
+#
24
+# [*password*]
25
+#   (required) Password for Ironic user.
26
+#
27
+# [*auth_name*]
28
+#   Username for Ironic service. Defaults to 'ironic'.
29
+#
30
+# [*email*]
31
+#   Email for Ironic user. Defaults to 'ironic@localhost'.
32
+#
33
+# [*tenant*]
34
+#   Tenant for Ironic user. Defaults to 'services'.
35
+#
36
+# [*configure_endpoint*]
37
+#   Should Ironic endpoint be configured? Defaults to 'true'.
38
+#
39
+# [*configure_user*]
40
+#   (Optional) Should the service user be configured?
41
+#   Defaults to 'true'.
42
+#
43
+# [*configure_user_role*]
44
+#   (Optional) Should the admin role be configured for the service user?
45
+#   Defaults to 'true'.
46
+#
47
+# [*service_name*]
48
+#   (Optional) Name of the service.
49
+#   Defaults to the value of auth_name, but must differ from the value.
50
+#
51
+# [*service_type*]
52
+#   Type of service. Defaults to 'baremetal'.
53
+#
54
+# [*service_description*]
55
+#   (Optional) Description for keystone service.
56
+#   Defaults to 'Ironic Bare Metal Provisioning Service'.
57
+#
58
+# [*region*]
59
+#   Region for endpoint. Defaults to 'RegionOne'.
60
+#
61
+# [*public_url*]
62
+#   (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:6385')
63
+#   This url should *not* contain any trailing '/'.
64
+#
65
+# [*admin_url*]
66
+#   (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:6385')
67
+#   This url should *not* contain any trailing '/'.
68
+#
69
+# [*internal_url*]
70
+#   (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:6385')
71
+#   This url should *not* contain any trailing '/'.
72
+#
73
+# [*port*]
74
+#   (optional) DEPRECATED: Use public_url, internal_url and admin_url instead.
75
+#   Default port for endpoints. (Defaults to 6385)
76
+#   Setting this parameter overrides public_url, internal_url and admin_url parameters.
77
+#
78
+# [*public_protocol*]
79
+#   (optional) DEPRECATED: Use public_url instead.
80
+#   Protocol for public endpoint. (Defaults to 'http')
81
+#   Setting this parameter overrides public_url parameter.
82
+#
83
+# [*public_port*]
84
+#   (optional) DEPRECATED: Use public_url instead.
85
+#   Default port for endpoints. (Defaults to $port)
86
+#   Setting this parameter overrides public_url parameter.
87
+#
88
+# [*public_address*]
89
+#   (optional) DEPRECATED: Use public_url instead.
90
+#   Public address for endpoint. (Defaults to '127.0.0.1')
91
+#   Setting this parameter overrides public_url parameter.
92
+#
93
+# [*internal_address*]
94
+#   (optional) DEPRECATED: Use internal_url instead.
95
+#   Internal address for endpoint. (Defaults to '127.0.0.1')
96
+#   Setting this parameter overrides internal_url parameter.
97
+#
98
+# [*admin_address*]
99
+#   (optional) DEPRECATED: Use admin_url instead.
100
+#   Admin address for endpoint. (Defaults to '127.0.0.1')
101
+#   Setting this parameter overrides admin_url parameter.
102
+#
103
+# === Deprecation notes
104
+#
105
+# If any value is provided for public_protocol, public_address or port parameters,
106
+# public_url will be completely ignored. The same applies for internal and admin parameters.
107
+#
108
+# === Examples
109
+#
110
+#  class { 'ironic::keystone::auth':
111
+#    public_url   => 'https://10.0.0.10:6385',
112
+#    internal_url => 'https://10.0.0.11:6385',
113
+#    admin_url    => 'https://10.0.0.11:6385',
114
+#  }
115
+#
116
+class ironic::keystone::auth (
117
+  $password,
118
+  $auth_name           = 'ironic',
119
+  $email               = 'ironic@localhost',
120
+  $tenant              = 'services',
121
+  $configure_endpoint  = true,
122
+  $configure_user      = true,
123
+  $configure_user_role = true,
124
+  $service_name        = undef,
125
+  $service_type        = 'baremetal',
126
+  $service_description = 'Ironic Bare Metal Provisioning Service',
127
+  $public_protocol     = 'http',
128
+  $region              = 'RegionOne',
129
+  $public_url          = 'http://127.0.0.1:6385',
130
+  $admin_url           = 'http://127.0.0.1:6385',
131
+  $internal_url        = 'http://127.0.0.1:6385',
132
+  # DEPRECATED PARAMETERS
133
+  $port                = undef,
134
+  $public_protocol     = undef,
135
+  $public_address      = undef,
136
+  $public_port         = undef,
137
+  $internal_address    = undef,
138
+  $admin_address       = undef,
139
+) {
140
+
141
+  if $port {
142
+    warning('The port parameter is deprecated, use public_url, internal_url and admin_url instead.')
143
+  }
144
+
145
+  if $public_port {
146
+    warning('The public_port parameter is deprecated, use public_url instead.')
147
+  }
148
+
149
+  if $public_protocol {
150
+    warning('The public_protocol parameter is deprecated, use public_url instead.')
151
+  }
152
+
153
+  if $public_address {
154
+    warning('The public_address parameter is deprecated, use public_url instead.')
155
+  }
156
+
157
+  if $internal_address {
158
+    warning('The internal_address parameter is deprecated, use internal_url instead.')
159
+  }
160
+
161
+  if $admin_address {
162
+    warning('The admin_address parameter is deprecated, use admin_url instead.')
163
+  }
164
+
165
+  if ($public_protocol or $public_address or $port or $public_port) {
166
+    $public_url_real = sprintf('%s://%s:%s',
167
+      pick($public_protocol, 'http'),
168
+      pick($public_address, '127.0.0.1'),
169
+      pick($public_port, $port, '6385'))
170
+  } else {
171
+    $public_url_real = $public_url
172
+  }
173
+
174