Fix Bugs on 9.1 Plugin
Fixed a race condition for zookeeper/cassandra Removed unused variables Fixed WS endpoints Allow SSL Horizon Endpoint Change-Id: I6434b57825a7f69151a769fe2d5a9b3474e20a48
This commit is contained in:
parent
e493a201e9
commit
e298c21bae
|
@ -14,7 +14,6 @@ if($old_config != 'notfound')
|
|||
$access_data = $old_config['access']
|
||||
$keystone_admin_tenant = $access_data['tenant']
|
||||
$net_metadata = $old_config['network_metadata']
|
||||
$node_roles = $net_metadata['nodes'][$::hostname]['node_roles']
|
||||
$neutron_settings = $old_config['quantum_settings']
|
||||
$external_net_name = $neutron_settings['default_floating_net']
|
||||
$tenant_net_name = $neutron_settings['default_private_net']
|
||||
|
|
|
@ -14,7 +14,6 @@ if($old_config != 'notfound')
|
|||
$access_data = $old_config['access']
|
||||
$keystone_admin_tenant = $access_data['tenant']
|
||||
$net_metadata = $old_config['network_metadata']
|
||||
$node_roles = $net_metadata['nodes'][$::hostname]['node_roles']
|
||||
$neutron_settings = $old_config['quantum_settings']
|
||||
$external_net_name = $neutron_settings['default_floating_net']
|
||||
$tenant_net_name = $neutron_settings['default_private_net']
|
||||
|
|
|
@ -19,7 +19,6 @@ include ::stdlib
|
|||
$access_data = hiera_hash('access')
|
||||
$keystone_admin_tenant = $access_data['tenant']
|
||||
$net_metadata = hiera_hash('network_metadata')
|
||||
$node_roles = $net_metadata['nodes'][$::hostname]['node_roles']
|
||||
$neutron_settings = hiera('neutron_config')
|
||||
$external_net_name = $neutron_settings['default_floating_net']
|
||||
$tenant_net_name = $neutron_settings['default_private_net']
|
||||
|
|
|
@ -17,8 +17,6 @@ include ::stdlib
|
|||
# Extract data from hiera
|
||||
$access_data = hiera_hash('access')
|
||||
$keystone_admin_tenant = $access_data['tenant']
|
||||
$net_metadata = hiera_hash('network_metadata')
|
||||
$node_roles = $net_metadata['nodes'][$::hostname]['node_roles']
|
||||
$neutron_settings = hiera('neutron_config')
|
||||
$external_net_name = $neutron_settings['default_floating_net']
|
||||
$tenant_net_name = $neutron_settings['default_private_net']
|
||||
|
|
|
@ -16,8 +16,6 @@ notice('MODULAR: midonet-edge-router-setup.pp')
|
|||
# Extract data from hiera
|
||||
$access_data = hiera_hash('access')
|
||||
$keystone_admin_tenant = $access_data['tenant']
|
||||
$net_metadata = hiera_hash('network_metadata')
|
||||
$node_roles = $net_metadata['nodes'][$::hostname]['node_roles']
|
||||
$neutron_settings = hiera('neutron_config')
|
||||
$external_net_name = $neutron_settings['default_floating_net']
|
||||
$tenant_net_name = $neutron_settings['default_private_net']
|
||||
|
|
|
@ -0,0 +1,35 @@
|
|||
# Copyright 2016 Midokura, SARL.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
notice('MODULAR: midonet-horizon-lb-firewall.pp')
|
||||
include ::stdlib
|
||||
|
||||
service { 'apache2':
|
||||
ensure => running,
|
||||
enable => true,
|
||||
hasrestart => true,
|
||||
hasstatus => true,
|
||||
}
|
||||
|
||||
file_line { 'firewall enable horizon':
|
||||
path => '/etc/openstack-dashboard/local_settings.py',
|
||||
line => " 'enable_firewall': True,",
|
||||
match => '^\ \ \ \ \'enable_firewall.*$',
|
||||
} ->
|
||||
|
||||
file_line { 'lb enable horizon':
|
||||
path => '/etc/openstack-dashboard/local_settings.py',
|
||||
line => " 'enable_lb': True,",
|
||||
match => '^\ \ \ \ \'enable_lb.*$',
|
||||
notify => Service['apache2']
|
||||
}
|
|
@ -12,10 +12,8 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
notice('MODULAR: midonet-install-cluster.pp')
|
||||
|
||||
# Extract data from hiera
|
||||
$ssl_hash = hiera_hash('use_ssl', {})
|
||||
|
||||
$midonet_settings = hiera('midonet')
|
||||
$net_metadata = hiera_hash('network_metadata')
|
||||
$controllers_map = get_nodes_hash_by_roles($net_metadata, ['controller', 'primary-controller'])
|
||||
|
@ -33,14 +31,11 @@ $mem = $midonet_settings['mem']
|
|||
$admin_identity_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
|
||||
$metadata_hash = hiera_hash('quantum_settings', {})
|
||||
$metadata_secret = pick($metadata_hash['metadata']['metadata_proxy_shared_secret'], 'root')
|
||||
|
||||
$ana_hash = get_nodes_hash_by_roles($net_metadata, ['midonet-analytics'])
|
||||
$ana_mgmt_ip_hash = get_node_to_ipaddr_map_by_network_role($ana_hash, 'management')
|
||||
$ana_mgmt_ip_list = values($ana_mgmt_ip_hash)
|
||||
$ana_keys = keys($ana_hash)
|
||||
|
||||
$ana_mgmt_ip = empty($ana_keys)? {true => $public_vip , default => $ana_mgmt_ip_list[0] }
|
||||
|
||||
$insights = $midonet_settings['mem_insights']
|
||||
|
||||
include ::stdlib
|
||||
|
@ -59,18 +54,15 @@ class {'::midonet::cluster':
|
|||
max_heap_size => '2048M',
|
||||
heap_newsize => '1024M'
|
||||
}
|
||||
|
||||
# HA proxy configuration
|
||||
Haproxy::Service { use_include => true }
|
||||
Haproxy::Balancermember { use_include => true }
|
||||
|
||||
Openstack::Ha::Haproxy_service {
|
||||
server_names => keys($controllers_mgmt_ips),
|
||||
ipaddresses => values($controllers_mgmt_ips),
|
||||
public_virtual_ip => $public_vip,
|
||||
internal_virtual_ip => $management_vip
|
||||
internal_virtual_ip => $management_vip,
|
||||
}
|
||||
|
||||
openstack::ha::haproxy_service { 'midonetcluster':
|
||||
order => 199,
|
||||
listen_port => 8181,
|
||||
|
@ -84,7 +76,6 @@ openstack::ha::haproxy_service { 'midonetcluster':
|
|||
},
|
||||
balancermember_options => 'check',
|
||||
}
|
||||
|
||||
exec { 'haproxy reload':
|
||||
command => 'export OCF_ROOT="/usr/lib/ocf"; (ip netns list | grep haproxy) && ip netns exec haproxy /usr/lib/ocf/resource.d/fuel/ns_haproxy reload',
|
||||
path => '/usr/bin:/usr/sbin:/bin:/sbin',
|
||||
|
@ -94,12 +85,9 @@ exec { 'haproxy reload':
|
|||
try_sleep => 10,
|
||||
returns => [0, ''],
|
||||
}
|
||||
|
||||
Haproxy::Listen <||> -> Exec['haproxy reload']
|
||||
Haproxy::Balancermember <||> -> Exec['haproxy reload']
|
||||
|
||||
class { 'firewall': }
|
||||
|
||||
firewall {'502 Midonet cluster':
|
||||
port => '8181',
|
||||
proto => 'tcp',
|
||||
|
|
|
@ -13,10 +13,8 @@
|
|||
# under the License.
|
||||
notice('MODULAR: midonet-install-mem.pp')
|
||||
include ::stdlib
|
||||
|
||||
# Extract data from hiera
|
||||
$ssl_hash = hiera_hash('use_ssl', {})
|
||||
|
||||
$midonet_settings = hiera('midonet')
|
||||
$net_metadata = hiera_hash('network_metadata')
|
||||
$controllers_map = get_nodes_hash_by_roles($net_metadata, ['controller', 'primary-controller'])
|
||||
|
@ -34,27 +32,19 @@ $mem = $midonet_settings['mem']
|
|||
$admin_identity_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
|
||||
$metadata_hash = hiera_hash('quantum_settings', {})
|
||||
$metadata_secret = pick($metadata_hash['metadata']['metadata_proxy_shared_secret'], 'root')
|
||||
|
||||
$ana_hash = get_nodes_hash_by_roles($net_metadata, ['midonet-analytics'])
|
||||
$ana_mgmt_ip_hash = get_node_to_ipaddr_map_by_network_role($ana_hash, 'management')
|
||||
$ana_mgmt_ip_list = values($ana_mgmt_ip_hash)
|
||||
$ana_keys = keys($ana_hash)
|
||||
|
||||
$ana_mgmt_ip = empty($ana_keys)? {true => $public_vip , default => $ana_mgmt_ip_list[0] }
|
||||
|
||||
|
||||
$public_ssl = hiera_hash('public_ssl')
|
||||
$ssl_horizon = $public_ssl['horizon']
|
||||
|
||||
$ssl_horizon = $public_ssl_hash['horizon']
|
||||
$is_insights = $midonet_settings['mem_insights']
|
||||
|
||||
service { 'apache2':
|
||||
ensure => running,
|
||||
enable => true,
|
||||
hasrestart => true,
|
||||
hasstatus => true,
|
||||
}
|
||||
|
||||
#Add MEM manager class
|
||||
class {'midonet::mem':
|
||||
cluster_ip => $public_vip,
|
||||
|
@ -67,6 +57,43 @@ class {'midonet::mem':
|
|||
mem_fabric_port => '',
|
||||
}
|
||||
|
||||
|
||||
|
||||
if ($public_ssl_hash['horizon'])
|
||||
{
|
||||
exec { 'https override':
|
||||
command => "sed -i 's/http:/https:/g' /var/www/html/midonet-manager/config/client.js",
|
||||
path => '/usr/bin:/usr/sbin:/bin:/sbin',
|
||||
logoutput => true,
|
||||
provider => 'shell',
|
||||
tries => 10,
|
||||
try_sleep => 10,
|
||||
returns => [0, ''],
|
||||
require => File['midonet-manager-config']
|
||||
}
|
||||
exec { 'wss override':
|
||||
command => "sed -i 's/ws:/wss:/g' /var/www/html/midonet-manager/config/client.js",
|
||||
path => '/usr/bin:/usr/sbin:/bin:/sbin',
|
||||
logoutput => true,
|
||||
provider => 'shell',
|
||||
tries => 10,
|
||||
try_sleep => 10,
|
||||
returns => [0, ''],
|
||||
require => File['midonet-manager-config']
|
||||
}
|
||||
}
|
||||
else {
|
||||
exec { 'wss override':
|
||||
command => "sed -i 's/wss:/ws:/g' /var/www/html/midonet-manager/config/client.js",
|
||||
path => '/usr/bin:/usr/sbin:/bin:/sbin',
|
||||
logoutput => true,
|
||||
provider => 'shell',
|
||||
tries => 10,
|
||||
try_sleep => 10,
|
||||
returns => [0, ''],
|
||||
require => File['midonet-manager-config']
|
||||
}
|
||||
}
|
||||
exec { 'a2enmod headers':
|
||||
path => '/usr/bin:/usr/sbin:/bin',
|
||||
alias => 'enable-mod-headers',
|
||||
|
@ -74,7 +101,6 @@ class {'midonet::mem':
|
|||
notify => Service['apache2'],
|
||||
tag => 'a2enmod-mem'
|
||||
}
|
||||
|
||||
exec { 'a2enmod proxy':
|
||||
path => '/usr/bin:/usr/sbin:/bin',
|
||||
alias => 'enable-mod-proxy',
|
||||
|
@ -82,7 +108,6 @@ class {'midonet::mem':
|
|||
notify => Service['apache2'],
|
||||
tag => 'a2enmod-mem'
|
||||
}
|
||||
|
||||
exec { 'a2enmod proxy_http':
|
||||
path => '/usr/bin:/usr/sbin:/bin',
|
||||
alias => 'enable-mod-proxy-http',
|
||||
|
@ -90,7 +115,6 @@ class {'midonet::mem':
|
|||
notify => Service['apache2'],
|
||||
tag => 'a2enmod-mem'
|
||||
}
|
||||
|
||||
exec { 'a2enmod proxy_wstunnel':
|
||||
path => '/usr/bin:/usr/sbin:/bin',
|
||||
alias => 'enable-mod-proxy-wstunnel',
|
||||
|
@ -98,7 +122,6 @@ class {'midonet::mem':
|
|||
notify => Service['apache2'],
|
||||
tag => 'a2enmod-mem'
|
||||
}
|
||||
|
||||
exec { 'a2enmod ssl':
|
||||
path => '/usr/bin:/usr/sbin:/bin',
|
||||
alias => 'enable-mod-ssl',
|
||||
|
@ -106,37 +129,31 @@ class {'midonet::mem':
|
|||
notify => Service['apache2'],
|
||||
tag => 'a2enmod-mem'
|
||||
}
|
||||
|
||||
file { 'mem-vhost':
|
||||
ensure => present,
|
||||
path => '/etc/apache2/sites-available/30-midonet-mem.conf',
|
||||
content => template('/etc/fuel/plugins/midonet-4.1/puppet/templates/vhost_mem_manager.erb'),
|
||||
}
|
||||
|
||||
exec { 'a2ensite 30-midonet-mem':
|
||||
path => '/usr/bin:/usr/sbin:/bin',
|
||||
alias => 'enable-mem-vhost',
|
||||
creates => '/etc/apache2/sites-enabled/30-midonet-mem.conf',
|
||||
notify => Service['apache2'],
|
||||
}
|
||||
|
||||
Exec<| tag == 'a2enmod-mem' |>
|
||||
-> File['mem-vhost']
|
||||
-> Exec['a2ensite 30-midonet-mem']
|
||||
|
||||
if ($is_insights)
|
||||
{
|
||||
# HA proxy configuration
|
||||
Haproxy::Service { use_include => true }
|
||||
Haproxy::Balancermember { use_include => true }
|
||||
|
||||
Openstack::Ha::Haproxy_service {
|
||||
server_names => keys($controllers_mgmt_ips),
|
||||
ipaddresses => values($controllers_mgmt_ips),
|
||||
public_virtual_ip => $public_vip,
|
||||
internal_virtual_ip => $management_vip
|
||||
internal_virtual_ip => $management_vip,
|
||||
}
|
||||
|
||||
openstack::ha::haproxy_service { 'midonetsubscriptions':
|
||||
order => 200,
|
||||
listen_port => 8007,
|
||||
|
@ -150,7 +167,6 @@ if ($is_insights)
|
|||
},
|
||||
balancermember_options => 'check',
|
||||
}
|
||||
|
||||
openstack::ha::haproxy_service { 'midonettrace':
|
||||
order => 201,
|
||||
listen_port => 8460,
|
||||
|
@ -164,7 +180,6 @@ if ($is_insights)
|
|||
},
|
||||
balancermember_options => 'check',
|
||||
}
|
||||
|
||||
openstack::ha::haproxy_service { 'midonetfabric':
|
||||
order => 202,
|
||||
listen_port => 8009,
|
||||
|
@ -178,7 +193,6 @@ if ($is_insights)
|
|||
},
|
||||
balancermember_options => 'check',
|
||||
}
|
||||
|
||||
exec { 'haproxy reload':
|
||||
command => 'export OCF_ROOT="/usr/lib/ocf"; (ip netns list | grep haproxy) && ip netns exec haproxy /usr/lib/ocf/resource.d/fuel/ns_haproxy reload',
|
||||
path => '/usr/bin:/usr/sbin:/bin:/sbin',
|
||||
|
@ -188,28 +202,22 @@ if ($is_insights)
|
|||
try_sleep => 10,
|
||||
returns => [0, ''],
|
||||
}
|
||||
|
||||
Haproxy::Listen <||> -> Exec['haproxy reload']
|
||||
Haproxy::Balancermember <||> -> Exec['haproxy reload']
|
||||
|
||||
class { 'firewall': }
|
||||
|
||||
firewall {'504 Midonet subscription':
|
||||
port => '8007',
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
||||
firewall {'505 Midonet trace':
|
||||
port => '8460',
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
||||
firewall {'506 Midonet fabric':
|
||||
port => '8009',
|
||||
proto => 'tcp',
|
||||
action => 'accept',
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -17,7 +17,6 @@ notice('MODULAR: midonet-neutron-networks.pp')
|
|||
$access_data = hiera_hash('access')
|
||||
$keystone_admin_tenant = $access_data['tenant']
|
||||
$net_metadata = hiera_hash('network_metadata')
|
||||
$node_roles = $net_metadata['nodes'][$::hostname]['node_roles']
|
||||
$neutron_settings = hiera('neutron_config')
|
||||
$external_net_name = $neutron_settings['default_floating_net']
|
||||
$tenant_net_name = $neutron_settings['default_private_net']
|
||||
|
|
|
@ -15,8 +15,8 @@ notice('MODULAR: midonet-nsdb.pp')
|
|||
|
||||
# Extract data from hiera
|
||||
$fuel_settings = parseyaml($astute_settings_yaml)
|
||||
$network_metadata = hiera_hash('network_metadata')
|
||||
$nsdb_map = get_nodes_hash_by_roles($network_metadata, ['nsdb'])
|
||||
$net_metadata = hiera_hash('network_metadata')
|
||||
$nsdb_map = get_nodes_hash_by_roles($net_metadata, ['nsdb'])
|
||||
$zoo_hash = generate_zookeeper_hash($nsdb_map)
|
||||
$nsdb_mgmt_map = get_node_to_ipaddr_map_by_network_role($nsdb_map, 'management')
|
||||
|
||||
|
|
|
@ -200,6 +200,8 @@
|
|||
- firewall
|
||||
- primary-cluster-haproxy
|
||||
- cluster-haproxy
|
||||
cross-depends:
|
||||
- name: zookeeper_and_cassandra_midonet
|
||||
version: 2.0.0
|
||||
type: puppet
|
||||
reexecute_on:
|
||||
|
@ -822,6 +824,24 @@
|
|||
condition:
|
||||
yaql_exp: "$.midonet.mem = true"
|
||||
|
||||
- id: mem-horizon-enable-lb
|
||||
role:
|
||||
- controller
|
||||
- primary-controller
|
||||
required_for:
|
||||
- post_deployment_end
|
||||
requires:
|
||||
- post_deployment_start
|
||||
- mem-install
|
||||
version: 2.0.0
|
||||
reexecute_on:
|
||||
- deploy_changes
|
||||
type: puppet
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/midonet-horizon-lb-firewall.pp
|
||||
puppet_modules: "puppet/modules/:/etc/puppet/modules/"
|
||||
timeout: 720
|
||||
|
||||
- id: mem-restart-cluster
|
||||
role:
|
||||
- controller
|
||||
|
|
Loading…
Reference in New Issue