diff --git a/packstack/installer/output_messages.py b/packstack/installer/output_messages.py index 295d6fdde..13e5a4806 100644 --- a/packstack/installer/output_messages.py +++ b/packstack/installer/output_messages.py @@ -67,6 +67,8 @@ WARN_WEAK_PASS = "Warning: Weak Password." WARN_NM_ENABLED = ("Warning: NetworkManager is active on %s. OpenStack " "networking currently does not work on systems that have " "the Network Manager service enabled.") +WARN_IPV6_OVS = ("Warning: IPv6 and ovs tunneling is not yet supported and " + "will fail on host %s see https://bugzilla.redhat.com/show_bug.cgi?id=1100360.") ERR_PING = "Error: the provided hostname is unreachable" ERR_SSH = "Error: could not connect to the ssh server: %s" diff --git a/packstack/installer/utils/network.py b/packstack/installer/utils/network.py index be2118bb7..bfe4bc072 100644 --- a/packstack/installer/utils/network.py +++ b/packstack/installer/utils/network.py @@ -12,9 +12,14 @@ # See the License for the specific language governing permissions and # limitations under the License. +netaddr_available = True +try: + import netaddr +except ImportError: + netaddr_available = False + import re import socket - from ..exceptions import NetworkError from .shell import execute from .shell import ScriptRunner @@ -78,11 +83,33 @@ def host2ip(hostname, allow_localhost=False): raise NetworkError('Unknown error appeared: %s' % repr(ex)) -def force_ip(host, allow_localhost=False): +def is_ipv6(host): + if not netaddr_available: + raise ImportError( + "netaddr module unavailable, install with pip install netaddr" + ) host = host.strip() - ipv4_regex = re.compile('\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}') - ipv6_regex = re.compile('[abcdef\d\:]+') - if not ipv4_regex.match(host) or not ipv6_regex.match(host): + try: + return netaddr.IPAddress(host).version == 6 + except netaddr.core.AddrFormatError: + # Most probably a hostname, no need for bracket everywhere. + return False + + +def is_ipv4(host): + if not netaddr_available: + raise ImportError( + "netaddr module unavailable, install with pip install netaddr" + ) + host = host.strip() + try: + return netaddr.IPAddress(host).version == 4 + except netaddr.core.AddrFormatError: + return True + + +def force_ip(host, allow_localhost=False): + if not is_ipv6(host) or not is_ipv4(host): host = host2ip(host, allow_localhost=allow_localhost) return host diff --git a/packstack/plugins/amqp_002.py b/packstack/plugins/amqp_002.py index b2808baf0..9104fe8ba 100644 --- a/packstack/plugins/amqp_002.py +++ b/packstack/plugins/amqp_002.py @@ -255,6 +255,11 @@ def create_manifest(config, messages): manifestfile = "%s_amqp.pp" % config['CONFIG_AMQP_HOST'] manifestdata = getManifestTemplate('amqp') + if config['CONFIG_IP_VERSION'] == 'ipv6': + config['CONFIG_AMQP_HOST_URL'] = "[%s]" % config['CONFIG_AMQP_HOST'] + else: + config['CONFIG_AMQP_HOST_URL'] = config['CONFIG_AMQP_HOST'] + fw_details = dict() # All hosts should be able to talk to amqp for host in filtered_hosts(config, exclude=False): diff --git a/packstack/plugins/ceilometer_800.py b/packstack/plugins/ceilometer_800.py index b4ad91223..f301ce045 100644 --- a/packstack/plugins/ceilometer_800.py +++ b/packstack/plugins/ceilometer_800.py @@ -253,9 +253,20 @@ def create_manifest(config, messages): # fallbacks for use in coordination url. sentinel_hosts = split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']) sentinel_port = config['CONFIG_REDIS_SENTINEL_PORT'] + sentinel_host = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST'] + if config['CONFIG_IP_VERSION'] == 'ipv6': + config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = "[%s]" % ( + sentinel_host) + else: + config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = sentinel_host + sentinel_contact = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST'] if len(sentinel_hosts) > 1: - sentinel_fallbacks = '&'.join(['sentinel_fallback=%s:%s' % + sentinel_format = 'sentinel_fallback=%s:%s' + if config['CONFIG_IP_VERSION'] == 'ipv6': + sentinel_format = 'sentinel_fallback=[%s]:%s' + + sentinel_fallbacks = '&'.join([sentinel_format % (host, sentinel_port) for host in sentinel_hosts if host != sentinel_contact]) @@ -282,6 +293,11 @@ def create_manifest(config, messages): def create_mongodb_manifest(config, messages): + host = config['CONFIG_MONGODB_HOST'] + if config['CONFIG_IP_VERSION'] == 'ipv6': + config['CONFIG_MONGODB_HOST_URL'] = "[%s]" % host + else: + config['CONFIG_MONGODB_HOST_URL'] = host manifestfile = "%s_mongodb.pp" % config['CONFIG_MONGODB_HOST'] manifestdata = getManifestTemplate("mongodb") @@ -301,6 +317,11 @@ def create_mongodb_manifest(config, messages): def create_redis_manifest(config, messages): if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis': + redis_master_host = config['CONFIG_REDIS_MASTER_HOST'] + if config['CONFIG_IP_VERSION'] == 'ipv6': + config['CONFIG_REDIS_MASTER_HOST_URL'] = "[%s]" % redis_master_host + else: + config['CONFIG_REDIS_MASTER_HOST_URL'] = redis_master_host # master manifestfile = "%s_redis.pp" % config['CONFIG_REDIS_MASTER_HOST'] diff --git a/packstack/plugins/cinder_250.py b/packstack/plugins/cinder_250.py index 98ffc17e8..186f01416 100644 --- a/packstack/plugins/cinder_250.py +++ b/packstack/plugins/cinder_250.py @@ -581,8 +581,6 @@ def check_netapp_eseries_options(config): def check_cinder_vg(config, messages): cinders_volume = 'cinder-volumes' - if config['CONFIG_UNSUPPORTED'] != 'y': - config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] # Do we have a cinder-volumes vg? have_cinders_volume = False @@ -613,18 +611,12 @@ def check_cinder_vg(config, messages): def create_keystone_manifest(config, messages): - if config['CONFIG_UNSUPPORTED'] != 'y': - config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] - manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_cinder") appendManifestFile(manifestfile, manifestdata) def create_manifest(config, messages): - if config['CONFIG_UNSUPPORTED'] != 'y': - config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] - manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestdata += getManifestTemplate("cinder") diff --git a/packstack/plugins/glance_200.py b/packstack/plugins/glance_200.py index 426e02b76..d79575ee6 100644 --- a/packstack/plugins/glance_200.py +++ b/packstack/plugins/glance_200.py @@ -112,18 +112,12 @@ def process_backend(value, param_name, config): # -------------------------- step functions -------------------------- def create_keystone_manifest(config, messages): - if config['CONFIG_UNSUPPORTED'] != 'y': - config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] - manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone_glance") appendManifestFile(manifestfile, manifestdata) def create_manifest(config, messages): - if config['CONFIG_UNSUPPORTED'] != 'y': - config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] - manifestfile = "%s_glance.pp" % config['CONFIG_STORAGE_HOST'] manifestdata = getManifestTemplate("glance") if config['CONFIG_CEILOMETER_INSTALL'] == 'y': diff --git a/packstack/plugins/ironic_275.py b/packstack/plugins/ironic_275.py index 2b83d6b3e..9f2679da7 100644 --- a/packstack/plugins/ironic_275.py +++ b/packstack/plugins/ironic_275.py @@ -91,9 +91,6 @@ def initSequences(controller): def create_manifest(config, messages): - if config['CONFIG_UNSUPPORTED'] != 'y': - config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] - manifestfile = "%s_ironic.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate(get_mq(config, "ironic")) manifestdata += getManifestTemplate("ironic.pp") diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index b88a8b2d9..750924086 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -765,6 +765,12 @@ def create_manifest(config, messages): manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestdata = getManifestTemplate("keystone") + if config['CONFIG_IP_VERSION'] == 'ipv6': + host = config['CONFIG_CONTROLLER_HOST'] + config['CONFIG_KEYSTONE_HOST_URL'] = "[%s]" % host + else: + config['CONFIG_KEYSTONE_HOST_URL'] = config['CONFIG_CONTROLLER_HOST'] + fw_details = dict() key = "keystone" fw_details.setdefault(key, {}) diff --git a/packstack/plugins/mariadb_003.py b/packstack/plugins/mariadb_003.py index 4a7eb32e7..82dbd2067 100644 --- a/packstack/plugins/mariadb_003.py +++ b/packstack/plugins/mariadb_003.py @@ -105,6 +105,11 @@ def create_manifest(config, messages): suffix = 'noinstall' host = config['CONFIG_CONTROLLER_HOST'] + if config['CONFIG_IP_VERSION'] == 'ipv6': + config['CONFIG_MARIADB_HOST_URL'] = "[%s]" % host + else: + config['CONFIG_MARIADB_HOST_URL'] = host + manifestfile = "%s_mariadb.pp" % host manifestdata = [getManifestTemplate('mariadb_%s' % suffix)] diff --git a/packstack/plugins/neutron_350.py b/packstack/plugins/neutron_350.py index a307e365e..f73bbf2d3 100644 --- a/packstack/plugins/neutron_350.py +++ b/packstack/plugins/neutron_350.py @@ -552,6 +552,10 @@ def create_manifests(config, messages): # We also need to open VXLAN/GRE port for agent manifest_data = "" if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): + if config['CONFIG_IP_VERSION'] == 'ipv6': + msg = output_messages.WARN_IPV6_OVS + messages.append(utils.color_text(msg % host, 'red')) + for n_host in network_hosts | compute_hosts: cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s" % (host, n_host)) diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 1682852d8..7ce66efaa 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -653,8 +653,8 @@ def create_common_manifest(config, messages): perms = "nova:%s" % config['CONFIG_NOVA_DB_PW'] pw_in_sqlconn = True - sqlconn = "mysql://%s@%s/nova" % (perms, - config['CONFIG_MARIADB_HOST']) + mariadb_host_url = config['CONFIG_MARIADB_HOST_URL'] + sqlconn = "mysql://%s@%s/nova" % (perms, mariadb_host_url) if pw_in_sqlconn: config['CONFIG_NOVA_SQL_CONN_PW'] = sqlconn else: diff --git a/packstack/plugins/prescript_000.py b/packstack/plugins/prescript_000.py index 93369e8c2..3066dc76c 100644 --- a/packstack/plugins/prescript_000.py +++ b/packstack/plugins/prescript_000.py @@ -851,6 +851,8 @@ def initConfig(controller): def initSequences(controller): prescript_steps = [ + {'title': 'Discovering ip protocol version', + 'functions': [choose_ip_version]}, {'title': 'Setting up ssh keys', 'functions': [install_keys]}, {'title': 'Preparing servers', @@ -1115,6 +1117,23 @@ def manage_rdo(host, config): # -------------------------- step functions -------------------------- +def choose_ip_version(config, messages): + use_ipv6 = False + use_ipv4 = False + for hostname in filtered_hosts(config): + if '/' in hostname: + hostname = hostname.split('/')[0] + use_ipv6 |= utils.network.is_ipv6(hostname) + use_ipv4 |= utils.network.is_ipv4(hostname) + if use_ipv6 and use_ipv4: + msg = "IPv6 together with IPv4 installation is not supported" + raise exceptions.ParamValidationError(msg) + elif use_ipv6: + config['CONFIG_IP_VERSION'] = 'ipv6' + else: + config['CONFIG_IP_VERSION'] = 'ipv4' + + def install_keys_on_host(hostname, sshkeydata): server = utils.ScriptRunner(hostname) # TODO replace all that with ssh-copy-id @@ -1295,6 +1314,14 @@ def create_manifest(config, messages): key = 'CONFIG_DEBUG_MODE' config[key] = config[key] == 'y' and True or False + if config['CONFIG_UNSUPPORTED'] != 'y': + config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] + if config['CONFIG_IP_VERSION'] == 'ipv6': + storage_host = config['CONFIG_STORAGE_HOST'] + config['CONFIG_STORAGE_HOST_URL'] = "[%s]" % storage_host + else: + config['CONFIG_STORAGE_HOST_URL'] = config['CONFIG_STORAGE_HOST'] + for hostname in filtered_hosts(config): manifestfile = "%s_prescript.pp" % hostname manifestdata = getManifestTemplate("prescript") diff --git a/packstack/plugins/provision_700.py b/packstack/plugins/provision_700.py index 69ba27cd1..be154216c 100644 --- a/packstack/plugins/provision_700.py +++ b/packstack/plugins/provision_700.py @@ -344,9 +344,6 @@ def create_demo_manifest(config, messages): def create_storage_manifest(config, messages): if config['CONFIG_GLANCE_INSTALL'] == 'y': - if config['CONFIG_UNSUPPORTED'] != 'y': - config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] - if config['CONFIG_PROVISION_TEMPEST']: template = "provision_tempest_glance" else: diff --git a/packstack/plugins/puppet_950.py b/packstack/plugins/puppet_950.py index 6fdaa6ab1..732e8edda 100644 --- a/packstack/plugins/puppet_950.py +++ b/packstack/plugins/puppet_950.py @@ -142,14 +142,14 @@ def run_cleanup(config, messages): def copy_puppet_modules(config, messages): os_modules = ' '.join(('apache', 'ceilometer', 'certmonger', 'cinder', - 'concat', 'firewall', 'glance', 'heat', 'horizon', - 'inifile', 'ironic', 'keystone', 'manila', - 'memcached', 'mongodb', 'mysql', 'neutron', 'nova', - 'nssdb', 'openstack', 'packstack', 'qpid', - 'rabbitmq', 'redis', 'remote', 'rsync', 'sahara', - 'ssh', 'stdlib', 'swift', 'sysctl', 'tempest', - 'trove', 'vcsrepo', 'vlan', 'vswitch', 'xinetd', - 'openstacklib')) + 'concat', 'firewall', 'glance', 'galera', 'heat', + 'horizon', 'inifile', 'ironic', 'keystone', + 'manila', 'memcached', 'mongodb', 'mysql', + 'neutron', 'nova', 'nssdb', 'openstack', + 'packstack', 'qpid', 'rabbitmq', 'redis', 'remote', + 'rsync', 'sahara', 'ssh', 'stdlib', 'swift', + 'sysctl', 'tempest', 'trove', 'vcsrepo', 'vlan', + 'vswitch', 'xinetd', 'openstacklib')) # write puppet manifest to disk manifestfiles.writeManifests() diff --git a/packstack/plugins/sahara_800.py b/packstack/plugins/sahara_800.py index 41b463fdd..dd7ba557c 100644 --- a/packstack/plugins/sahara_800.py +++ b/packstack/plugins/sahara_800.py @@ -97,9 +97,6 @@ def create_keystone_manifest(config, messages): def create_manifest(config, messages): - if config['CONFIG_UNSUPPORTED'] != 'y': - config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST'] - manifestfile = "%s_sahara.pp" % config['CONFIG_STORAGE_HOST'] manifestdata = getManifestTemplate(get_mq(config, "sahara")) manifestdata += getManifestTemplate("sahara.pp") diff --git a/packstack/plugins/swift_600.py b/packstack/plugins/swift_600.py index c869c8077..afbd367ac 100644 --- a/packstack/plugins/swift_600.py +++ b/packstack/plugins/swift_600.py @@ -265,13 +265,13 @@ def create_builder_manifest(config, messages): ' weight => 10, }\n') return fmt % (dev_type, host, dev_port, devicename, zone) - manifestfile = "%s_ring_swift.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestfile = "%s_ring_swift.pp" % config['CONFIG_STORAGE_HOST'] manifestdata = getManifestTemplate("swift_builder") # Add each device to the ring devicename = 0 for device in devices: - host = config['CONFIG_CONTROLLER_HOST'] + host = config['CONFIG_STORAGE_HOST_URL'] devicename = device['device_name'] zone = device['zone'] for dev_type, dev_port in [('ring_object_device', 6000), @@ -283,7 +283,7 @@ def create_builder_manifest(config, messages): def create_proxy_manifest(config, messages): - manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestfile = "%s_swift.pp" % config['CONFIG_STORAGE_HOST'] manifestdata = getManifestTemplate("swift_proxy") fw_details = dict() @@ -303,12 +303,12 @@ def create_proxy_manifest(config, messages): def create_storage_manifest(config, messages): global devices - manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] + manifestfile = "%s_swift.pp" % config['CONFIG_STORAGE_HOST'] manifestdata = getManifestTemplate("swift_storage") # this need to happen once per storage device for device in devices: - host = config['CONFIG_CONTROLLER_HOST'] + host = config['CONFIG_STORAGE_HOST'] devicename = device['device_name'] device = device['device'] fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"] @@ -323,7 +323,7 @@ def create_storage_manifest(config, messages): manifestdata += "\n" + getManifestTemplate("swift_loopback") # set allowed hosts for firewall - hosts = set([config['CONFIG_CONTROLLER_HOST']]) + hosts = set([config['CONFIG_STORAGE_HOST']]) if config['CONFIG_NOVA_INSTALL'] == 'y': hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) diff --git a/packstack/puppet/modules/packstack/manifests/firewall.pp b/packstack/puppet/modules/packstack/manifests/firewall.pp index 2370070fd..50ec401c2 100644 --- a/packstack/puppet/modules/packstack/manifests/firewall.pp +++ b/packstack/puppet/modules/packstack/manifests/firewall.pp @@ -3,10 +3,22 @@ # using FIREWALL_CHAIN define packstack::firewall($host, $service_name, $chain = "INPUT", $ports = undef, $proto = 'tcp') { + $ip_version = hiera('CONFIG_IP_VERSION') + + $provider = $ip_version ? { + 'ipv6' => 'ip6tables', + 'ipv4' => 'iptables', + default => fail("IP version cannot be ${ip_version}") + } + $source = $host ? { - 'ALL' => '0.0.0.0/0', + 'ALL' => $ip_version ? { + 'ipv6' => '::/0', + default => '0.0.0.0/0' + }, default => $host, } + $heading = $chain ? { 'OUTPUT' => 'outgoing', default => 'incoming', @@ -18,6 +30,7 @@ define packstack::firewall($host, $service_name, $chain = "INPUT", $ports = unde proto => $proto, action => 'accept', source => $source, + provider => $provider, } } else { @@ -27,6 +40,7 @@ define packstack::firewall($host, $service_name, $chain = "INPUT", $ports = unde dport => $ports, action => 'accept', source => $source, + provider => $provider, } } } diff --git a/packstack/puppet/templates/ceilometer.pp b/packstack/puppet/templates/ceilometer.pp index 2b182c07e..b6d1c2241 100644 --- a/packstack/puppet/templates/ceilometer.pp +++ b/packstack/puppet/templates/ceilometer.pp @@ -1,17 +1,19 @@ -$config_mongodb_host = hiera('CONFIG_MONGODB_HOST') + +$config_mongodb_host = hiera('CONFIG_MONGODB_HOST_URL') $config_ceilometer_coordination_backend = hiera('CONFIG_CEILOMETER_COORDINATION_BACKEND') if $config_ceilometer_coordination_backend == 'redis' { $redis_ha = hiera('CONFIG_REDIS_HA') - $redis_host = hiera('CONFIG_REDIS_MASTER_HOST') + $redis_host = hiera('CONFIG_REDIS_MASTER_HOST_URL') $redis_port = hiera('CONFIG_REDIS_PORT') $sentinel_host = hiera('CONFIG_REDIS_SENTINEL_CONTACT_HOST') + $sentinel_host_url = hiera('CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL') $sentinel_fallbacks = hiera('CONFIG_REDIS_SENTINEL_FALLBACKS') if ($sentinel_host != '' and $redis_ha == 'y') { $master_name = hiera('CONFIG_REDIS_MASTER_NAME') $sentinel_port = hiera('CONFIG_REDIS_SENTINEL_PORT') - $base_coordination_url = "redis://${sentinel_host}:${sentinel_port}?sentinel=${master_name}" + $base_coordination_url = "redis://${sentinel_host_url}:${sentinel_port}?sentinel=${master_name}" if $sentinel_fallbacks != '' { $coordination_url = "${base_coordination_url}&${sentinel_fallbacks}" } else { @@ -32,7 +34,7 @@ class { '::ceilometer::collector': } class { '::ceilometer::agent::notification': } -$config_controller_host = hiera('CONFIG_CONTROLLER_HOST') +$config_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::ceilometer::agent::auth': auth_url => "http://${config_controller_host}:35357/v2.0", @@ -49,7 +51,12 @@ class { '::ceilometer::alarm::evaluator': coordination_url => $coordination_url, } +$bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', +} class { '::ceilometer::api': - keystone_host => hiera('CONFIG_CONTROLLER_HOST'), + host => $bind_host, + keystone_host => hiera('CONFIG_KEYSTONE_HOST_URL'), keystone_password => hiera('CONFIG_CEILOMETER_KS_PW'), } diff --git a/packstack/puppet/templates/ceilometer_qpid.pp b/packstack/puppet/templates/ceilometer_qpid.pp index 0fac81ee8..658feee0b 100644 --- a/packstack/puppet/templates/ceilometer_qpid.pp +++ b/packstack/puppet/templates/ceilometer_qpid.pp @@ -1,6 +1,6 @@ class { '::ceilometer': metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), - qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), rpc_backend => 'ceilometer.openstack.common.rpc.impl_qpid', diff --git a/packstack/puppet/templates/ceilometer_rabbitmq.pp b/packstack/puppet/templates/ceilometer_rabbitmq.pp index c6bf744f1..3a8854a49 100644 --- a/packstack/puppet/templates/ceilometer_rabbitmq.pp +++ b/packstack/puppet/templates/ceilometer_rabbitmq.pp @@ -2,7 +2,7 @@ class { '::ceilometer': metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), verbose => true, debug => hiera('CONFIG_DEBUG_MODE'), - rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/cinder.pp b/packstack/puppet/templates/cinder.pp index 006a9ffe4..c2fb15b5d 100644 --- a/packstack/puppet/templates/cinder.pp +++ b/packstack/puppet/templates/cinder.pp @@ -1,16 +1,22 @@ cinder_config { - 'DEFAULT/glance_host': value => hiera('CONFIG_STORAGE_HOST'); + 'DEFAULT/glance_host': value => hiera('CONFIG_STORAGE_HOST_URL'); } package { 'python-keystone': notify => Class['cinder::api'], } +$bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', +} + class { '::cinder::api': + bind_host => $bind_host, keystone_password => hiera('CONFIG_CINDER_KS_PW'), keystone_tenant => 'services', keystone_user => 'cinder', - keystone_auth_host => hiera('CONFIG_CONTROLLER_HOST'), + keystone_auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), } class { '::cinder::scheduler': } @@ -19,7 +25,7 @@ class { '::cinder::volume': } class { '::cinder::client': } -$cinder_config_controller_host = hiera('CONFIG_CONTROLLER_HOST') +$cinder_config_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL') # Cinder::Type requires keystone credentials Cinder::Type { diff --git a/packstack/puppet/templates/cinder_backup.pp b/packstack/puppet/templates/cinder_backup.pp index 6698567ef..a85dd1a68 100644 --- a/packstack/puppet/templates/cinder_backup.pp +++ b/packstack/puppet/templates/cinder_backup.pp @@ -1,6 +1,6 @@ class { '::cinder::backup': } -$cinder_backup_conf_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$cinder_backup_conf_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::cinder::backup::swift': backup_swift_url => "http://${cinder_config_controller_host}:8080/v1/AUTH_", diff --git a/packstack/puppet/templates/cinder_lvm.pp b/packstack/puppet/templates/cinder_lvm.pp index 891c9c48b..6905ade2d 100644 --- a/packstack/puppet/templates/cinder_lvm.pp +++ b/packstack/puppet/templates/cinder_lvm.pp @@ -80,7 +80,7 @@ file_line { 'snapshot_autoextend_percent': } cinder::backend::iscsi { 'lvm': - iscsi_ip_address => hiera('CONFIG_STORAGE_HOST'), + iscsi_ip_address => hiera('CONFIG_STORAGE_HOST_URL'), require => Package['lvm2'], } diff --git a/packstack/puppet/templates/cinder_qpid.pp b/packstack/puppet/templates/cinder_qpid.pp index 8cd5d2141..9073418e6 100644 --- a/packstack/puppet/templates/cinder_qpid.pp +++ b/packstack/puppet/templates/cinder_qpid.pp @@ -1,9 +1,9 @@ $cinder_qpid_cfg_cinder_db_pw = hiera('CONFIG_CINDER_DB_PW') -$cinder_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') +$cinder_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') class { '::cinder': rpc_backend => 'cinder.openstack.common.rpc.impl_qpid', - qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/cinder_rabbitmq.pp b/packstack/puppet/templates/cinder_rabbitmq.pp index fd09e3aa4..68545c259 100644 --- a/packstack/puppet/templates/cinder_rabbitmq.pp +++ b/packstack/puppet/templates/cinder_rabbitmq.pp @@ -1,8 +1,8 @@ $cinder_rab_cfg_cinder_db_pw = hiera('CONFIG_CINDER_DB_PW') -$cinder_rab_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') +$cinder_rab_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') class { '::cinder': - rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/glance.pp b/packstack/puppet/templates/glance.pp index bbcc0401c..5a800d75c 100644 --- a/packstack/puppet/templates/glance.pp +++ b/packstack/puppet/templates/glance.pp @@ -1,8 +1,21 @@ $glance_ks_pw = hiera('CONFIG_GLANCE_DB_PW') -$glance_mariadb_host = hiera('CONFIG_MARIADB_HOST') -$glance_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$glance_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') +$glance_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') + +# glance option bind_host requires address without brackets +$bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', +} +# magical hack for magical config - glance option registry_host requires brackets +$registry_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '[::0]', + 'ipv4' => '0.0.0.0', +} class { '::glance::api': + bind_host => $bind_host, + registry_host => $registry_host, auth_uri => "http://${glance_cfg_ctrl_host}:5000/", identity_uri => "http://${glance_cfg_ctrl_host}:35357", keystone_tenant => 'services', @@ -18,6 +31,7 @@ class { '::glance::api': class { '::glance::registry': auth_uri => "http://${glance_cfg_ctrl_host}:5000/", identity_uri => "http://${glance_cfg_ctrl_host}:35357", + bind_host => $bind_host, keystone_tenant => 'services', keystone_user => 'glance', keystone_password => hiera('CONFIG_GLANCE_KS_PW'), diff --git a/packstack/puppet/templates/glance_ceilometer_qpid.pp b/packstack/puppet/templates/glance_ceilometer_qpid.pp index 8984154bb..3a4e387e7 100644 --- a/packstack/puppet/templates/glance_ceilometer_qpid.pp +++ b/packstack/puppet/templates/glance_ceilometer_qpid.pp @@ -2,7 +2,7 @@ class { '::glance::notify::qpid': qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), - qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), } diff --git a/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp b/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp index 14650d742..d2ecb0356 100644 --- a/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp +++ b/packstack/puppet/templates/glance_ceilometer_rabbitmq.pp @@ -1,6 +1,6 @@ class { '::glance::notify::rabbitmq': - rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/glance_swift.pp b/packstack/puppet/templates/glance_swift.pp index d1e55610b..28ff14b4e 100644 --- a/packstack/puppet/templates/glance_swift.pp +++ b/packstack/puppet/templates/glance_swift.pp @@ -1,4 +1,4 @@ -$gla_bd_ct_h = hiera('CONFIG_CONTROLLER_HOST') +$gla_bd_ct_h = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::glance::backend::swift': swift_store_user => 'services:glance', diff --git a/packstack/puppet/templates/heat.pp b/packstack/puppet/templates/heat.pp index 19e5dddab..85aafd040 100644 --- a/packstack/puppet/templates/heat.pp +++ b/packstack/puppet/templates/heat.pp @@ -1,7 +1,7 @@ class { '::heat::api': } -$heat_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$heat_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::heat::engine': heat_metadata_server_url => "http://${heat_cfg_ctrl_host}:8000", diff --git a/packstack/puppet/templates/heat_cfn.pp b/packstack/puppet/templates/heat_cfn.pp index 6c4c13376..66d529185 100644 --- a/packstack/puppet/templates/heat_cfn.pp +++ b/packstack/puppet/templates/heat_cfn.pp @@ -1,7 +1,7 @@ class { '::heat::api_cfn': } -$heat_cfn_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$heat_cfn_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::heat::keystone::auth_cfn': admin_address => $heat_cfn_cfg_ctrl_host, @@ -9,4 +9,3 @@ class { '::heat::keystone::auth_cfn': internal_address => $heat_cfn_cfg_ctrl_host, password => hiera('CONFIG_HEAT_KS_PW'), } - diff --git a/packstack/puppet/templates/heat_qpid.pp b/packstack/puppet/templates/heat_qpid.pp index 14df3326f..22cb3e73f 100644 --- a/packstack/puppet/templates/heat_qpid.pp +++ b/packstack/puppet/templates/heat_qpid.pp @@ -1,6 +1,6 @@ -$heat_qpid_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$heat_qpid_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') $heat_qpid_cfg_heat_db_pw = hiera('CONFIG_HEAT_DB_PW') -$heat_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') +$heat_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') class { '::heat': keystone_host => $heat_cfn_cfg_ctrl_host, @@ -8,7 +8,7 @@ class { '::heat': auth_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", keystone_ec2_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", rpc_backend => 'heat.openstack.common.rpc.impl_qpid', - qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), diff --git a/packstack/puppet/templates/heat_rabbitmq.pp b/packstack/puppet/templates/heat_rabbitmq.pp index b4961a678..d8d9fc141 100644 --- a/packstack/puppet/templates/heat_rabbitmq.pp +++ b/packstack/puppet/templates/heat_rabbitmq.pp @@ -1,6 +1,6 @@ -$heat_rabbitmq_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$heat_rabbitmq_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') $heat_rabbitmq_cfg_heat_db_pw = hiera('CONFIG_HEAT_DB_PW') -$heat_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') +$heat_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') class { '::heat': keystone_host => $heat_rabbitmq_cfg_ctrl_host, @@ -8,7 +8,7 @@ class { '::heat': auth_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", keystone_ec2_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", rpc_backend => 'heat.openstack.common.rpc.impl_kombu', - rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index de86e854b..b6e723ad6 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -1,6 +1,6 @@ include ::packstack::apache_common -$keystone_host = hiera('CONFIG_CONTROLLER_HOST') +$keystone_host = hiera('CONFIG_KEYSTONE_HOST_URL') $horizon_packages = ['python-memcached', 'python-netaddr'] @@ -14,6 +14,11 @@ $is_django_debug = hiera('CONFIG_DEBUG_MODE') ? { false => 'False', } +$bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', +} + class {'::horizon': secret_key => hiera('CONFIG_HORIZON_SECRET_KEY'), keystone_url => "http://${keystone_host}:5000/v2.0", @@ -68,7 +73,9 @@ if $is_horizon_ssl == true { } } -class { '::memcached': } +class { '::memcached': + listen_ip => $bind_host, +} $firewall_port = hiera('CONFIG_HORIZON_PORT') diff --git a/packstack/puppet/templates/ironic.pp b/packstack/puppet/templates/ironic.pp index 2850314b8..64d455cb3 100644 --- a/packstack/puppet/templates/ironic.pp +++ b/packstack/puppet/templates/ironic.pp @@ -1,9 +1,9 @@ ironic_config { - 'glance/glance_host': value => hiera('CONFIG_STORAGE_HOST'); + 'glance/glance_host': value => hiera('CONFIG_STORAGE_HOST_URL'); } class { '::ironic::api': - auth_host => hiera('CONFIG_CONTROLLER_HOST'), + auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), admin_password => hiera('CONFIG_IRONIC_KS_PW'), } diff --git a/packstack/puppet/templates/ironic_qpid.pp b/packstack/puppet/templates/ironic_qpid.pp index f8345df87..97aceb363 100644 --- a/packstack/puppet/templates/ironic_qpid.pp +++ b/packstack/puppet/templates/ironic_qpid.pp @@ -1,9 +1,9 @@ $ironic_qpid_cfg_ironic_db_pw = hiera('CONFIG_IRONIC_DB_PW') -$ironic_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') +$ironic_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') class { '::ironic': rpc_backend => 'ironic.openstack.common.rpc.impl_qpid', - qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/ironic_rabbitmq.pp b/packstack/puppet/templates/ironic_rabbitmq.pp index 60bd97523..12be93e86 100644 --- a/packstack/puppet/templates/ironic_rabbitmq.pp +++ b/packstack/puppet/templates/ironic_rabbitmq.pp @@ -1,9 +1,9 @@ $ironic_rabbitmq_cfg_ironic_db_pw = hiera('CONFIG_IRONIC_DB_PW') -$ironic_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') +$ironic_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') class { '::ironic': rpc_backend => 'ironic.openstack.common.rpc.impl_kombu', - rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_user => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index bea86f54b..f836a039b 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -1,11 +1,15 @@ $keystone_use_ssl = false $keystone_cfg_ks_db_pw = hiera('CONFIG_KEYSTONE_DB_PW') -$keystone_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') -$keystone_endpoint_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$keystone_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') +$keystone_endpoint_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') $keystone_token_provider_str = downcase(hiera('CONFIG_KEYSTONE_TOKEN_FORMAT')) $keystone_api_version_str = hiera('CONFIG_KEYSTONE_API_VERSION') $keystone_url = "http://${keystone_endpoint_cfg_ctrl_host}:5000/${keystone_api_version_str}" $keystone_admin_url = "http://${keystone_endpoint_cfg_ctrl_host}:35357/${keystone_api_version_str}" +$bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', +} if hiera('CONFIG_KEYSTONE_SERVICE_NAME') == 'keystone' { $keystone_service_name = 'openstack-keystone' @@ -21,6 +25,8 @@ class { '::keystone': debug => hiera('CONFIG_DEBUG_MODE'), service_name => $keystone_service_name, enable_ssl => $keystone_use_ssl, + public_bind_host => $bind_host, + admin_bind_host => $bind_host, } if $keystone_service_name == 'httpd' { @@ -119,4 +125,3 @@ service { 'crond': ensure => 'running', enable => true, } - diff --git a/packstack/puppet/templates/keystone_ceilometer.pp b/packstack/puppet/templates/keystone_ceilometer.pp index 18d4ba066..0b732efc1 100644 --- a/packstack/puppet/templates/keystone_ceilometer.pp +++ b/packstack/puppet/templates/keystone_ceilometer.pp @@ -2,7 +2,7 @@ class { '::ceilometer::keystone::auth': region => hiera('CONFIG_KEYSTONE_REGION'), password => hiera('CONFIG_CEILOMETER_KS_PW'), - public_address => hiera('CONFIG_CONTROLLER_HOST'), - admin_address => hiera('CONFIG_CONTROLLER_HOST'), - internal_address => hiera('CONFIG_CONTROLLER_HOST'), + public_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'), } diff --git a/packstack/puppet/templates/keystone_cinder.pp b/packstack/puppet/templates/keystone_cinder.pp index d603a303f..b15eda3de 100644 --- a/packstack/puppet/templates/keystone_cinder.pp +++ b/packstack/puppet/templates/keystone_cinder.pp @@ -2,8 +2,8 @@ class { '::cinder::keystone::auth': region => hiera('CONFIG_KEYSTONE_REGION'), password => hiera('CONFIG_CINDER_KS_PW'), - public_address => hiera('CONFIG_STORAGE_HOST'), - admin_address => hiera('CONFIG_STORAGE_HOST'), - internal_address => hiera('CONFIG_STORAGE_HOST'), + public_address => hiera('CONFIG_STORAGE_HOST_URL'), + admin_address => hiera('CONFIG_STORAGE_HOST_URL'), + internal_address => hiera('CONFIG_STORAGE_HOST_URL'), } diff --git a/packstack/puppet/templates/keystone_glance.pp b/packstack/puppet/templates/keystone_glance.pp index cadbe2536..88f15104f 100644 --- a/packstack/puppet/templates/keystone_glance.pp +++ b/packstack/puppet/templates/keystone_glance.pp @@ -2,7 +2,7 @@ class { '::glance::keystone::auth': region => hiera('CONFIG_KEYSTONE_REGION'), password => hiera('CONFIG_GLANCE_KS_PW'), - public_address => hiera('CONFIG_STORAGE_HOST'), - admin_address => hiera('CONFIG_STORAGE_HOST'), - internal_address => hiera('CONFIG_STORAGE_HOST'), + public_address => hiera('CONFIG_STORAGE_HOST_URL'), + admin_address => hiera('CONFIG_STORAGE_HOST_URL'), + internal_address => hiera('CONFIG_STORAGE_HOST_URL'), } diff --git a/packstack/puppet/templates/keystone_heat.pp b/packstack/puppet/templates/keystone_heat.pp index 1a786dde1..a20c7baa2 100644 --- a/packstack/puppet/templates/keystone_heat.pp +++ b/packstack/puppet/templates/keystone_heat.pp @@ -2,9 +2,9 @@ class { '::heat::keystone::auth': region => hiera('CONFIG_KEYSTONE_REGION'), password => hiera('CONFIG_HEAT_KS_PW'), - public_address => hiera('CONFIG_CONTROLLER_HOST'), - admin_address => hiera('CONFIG_CONTROLLER_HOST'), - internal_address => hiera('CONFIG_CONTROLLER_HOST'), + public_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'), configure_delegated_roles => true, } @@ -14,8 +14,8 @@ if $is_heat_cfn_install == 'y' { # heat::keystone::cfn class { '::heat::keystone::auth_cfn': password => hiera('CONFIG_HEAT_KS_PW'), - public_address => hiera('CONFIG_CONTROLLER_HOST'), - admin_address => hiera('CONFIG_CONTROLLER_HOST'), - internal_address => hiera('CONFIG_CONTROLLER_HOST'), + public_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'), } } diff --git a/packstack/puppet/templates/keystone_ironic.pp b/packstack/puppet/templates/keystone_ironic.pp index ac55d93b4..43b633a55 100644 --- a/packstack/puppet/templates/keystone_ironic.pp +++ b/packstack/puppet/templates/keystone_ironic.pp @@ -2,8 +2,8 @@ class { '::ironic::keystone::auth': region => hiera('CONFIG_KEYSTONE_REGION'), password => hiera('CONFIG_IRONIC_KS_PW'), - public_address => hiera('CONFIG_CONTROLLER_HOST'), - admin_address => hiera('CONFIG_CONTROLLER_HOST'), - internal_address => hiera('CONFIG_CONTROLLER_HOST'), + public_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'), } diff --git a/packstack/puppet/templates/keystone_manila.pp b/packstack/puppet/templates/keystone_manila.pp index 3b3b45a62..6888055ee 100644 --- a/packstack/puppet/templates/keystone_manila.pp +++ b/packstack/puppet/templates/keystone_manila.pp @@ -1,7 +1,7 @@ class { '::manila::keystone::auth': password => hiera('CONFIG_MANILA_KS_PW'), - public_address => hiera('CONFIG_CONTROLLER_HOST'), - admin_address => hiera('CONFIG_CONTROLLER_HOST'), - internal_address => hiera('CONFIG_CONTROLLER_HOST'), + public_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'), } diff --git a/packstack/puppet/templates/keystone_neutron.pp b/packstack/puppet/templates/keystone_neutron.pp index 77d1b10bc..7e5b5116e 100644 --- a/packstack/puppet/templates/keystone_neutron.pp +++ b/packstack/puppet/templates/keystone_neutron.pp @@ -2,7 +2,7 @@ class { '::neutron::keystone::auth': region => hiera('CONFIG_KEYSTONE_REGION'), password => hiera('CONFIG_NEUTRON_KS_PW'), - public_address => hiera('CONFIG_CONTROLLER_HOST'), - admin_address => hiera('CONFIG_CONTROLLER_HOST'), - internal_address => hiera('CONFIG_CONTROLLER_HOST'), + public_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'), } diff --git a/packstack/puppet/templates/keystone_nova.pp b/packstack/puppet/templates/keystone_nova.pp index fd6ad6c7c..d78ffa95b 100644 --- a/packstack/puppet/templates/keystone_nova.pp +++ b/packstack/puppet/templates/keystone_nova.pp @@ -2,7 +2,7 @@ class { '::nova::keystone::auth': region => hiera('CONFIG_KEYSTONE_REGION'), password => hiera('CONFIG_NOVA_KS_PW'), - public_address => hiera('CONFIG_CONTROLLER_HOST'), - admin_address => hiera('CONFIG_CONTROLLER_HOST'), - internal_address => hiera('CONFIG_CONTROLLER_HOST'), + public_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'), } diff --git a/packstack/puppet/templates/keystone_swift.pp b/packstack/puppet/templates/keystone_swift.pp index dff38e39b..3c4937463 100644 --- a/packstack/puppet/templates/keystone_swift.pp +++ b/packstack/puppet/templates/keystone_swift.pp @@ -1,5 +1,5 @@ class { '::swift::keystone::auth': - public_address => hiera('CONFIG_CONTROLLER_HOST'), + public_address => hiera('CONFIG_KEYSTONE_HOST_URL'), region => hiera('CONFIG_KEYSTONE_REGION'), password => hiera('CONFIG_SWIFT_KS_PW'), } diff --git a/packstack/puppet/templates/keystone_trove.pp b/packstack/puppet/templates/keystone_trove.pp index e4d7e0d92..9f08b7acb 100644 --- a/packstack/puppet/templates/keystone_trove.pp +++ b/packstack/puppet/templates/keystone_trove.pp @@ -2,7 +2,7 @@ class { '::trove::keystone::auth': region => hiera('CONFIG_KEYSTONE_REGION'), password => hiera('CONFIG_TROVE_KS_PW'), - public_address => hiera('CONFIG_CONTROLLER_HOST'), - admin_address => hiera('CONFIG_CONTROLLER_HOST'), - internal_address => hiera('CONFIG_CONTROLLER_HOST'), + public_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'), } diff --git a/packstack/puppet/templates/manila.pp b/packstack/puppet/templates/manila.pp index b2d8f52dd..c17a0cc7c 100644 --- a/packstack/puppet/templates/manila.pp +++ b/packstack/puppet/templates/manila.pp @@ -1,16 +1,22 @@ manila_config { - 'DEFAULT/glance_host': value => hiera('CONFIG_CONTROLLER_HOST'); + 'DEFAULT/glance_host': value => hiera('CONFIG_STORAGE_HOST_URL'); } package { 'python-keystone': notify => Class['manila::api'], } +$bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', +} + class { '::manila::api': + bind_host => $bind_host, keystone_password => hiera('CONFIG_MANILA_KS_PW'), keystone_tenant => 'services', keystone_user => 'manila', - keystone_auth_host => hiera('CONFIG_CONTROLLER_HOST'), + keystone_auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), } class { '::manila::network::neutron': diff --git a/packstack/puppet/templates/manila_qpid.pp b/packstack/puppet/templates/manila_qpid.pp index 813113532..1ba4c38d4 100644 --- a/packstack/puppet/templates/manila_qpid.pp +++ b/packstack/puppet/templates/manila_qpid.pp @@ -1,10 +1,10 @@ $db_pw = hiera('CONFIG_MANILA_DB_PW') -$mariadb_host = hiera('CONFIG_MARIADB_HOST') +$mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') class { '::manila': rpc_backend => 'manila.openstack.common.rpc.impl_qpid', - qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/manila_rabbitmq.pp b/packstack/puppet/templates/manila_rabbitmq.pp index c231f83ab..2fe783180 100644 --- a/packstack/puppet/templates/manila_rabbitmq.pp +++ b/packstack/puppet/templates/manila_rabbitmq.pp @@ -1,9 +1,9 @@ $db_pw = hiera('CONFIG_MANILA_DB_PW') -$mariadb_host = hiera('CONFIG_MARIADB_HOST') +$mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') class { '::manila': - rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/mariadb_install.pp b/packstack/puppet/templates/mariadb_install.pp index ad4c5713a..286f04523 100644 --- a/packstack/puppet/templates/mariadb_install.pp +++ b/packstack/puppet/templates/mariadb_install.pp @@ -4,13 +4,27 @@ package { 'mariadb-server': ensure => absent, } +$bind_address = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::', + 'ipv4' => '0.0.0.0', +} + +# hack around galera packaging issue, they are duplicating +# bind-address config option in galera.cnf +class { '::galera::server': + wsrep_bind_address => $bind_address, + manage_service => false, + wsrep_provider => 'none', + create_mysql_resource => false, +} + class { '::mysql::server': package_name => 'mariadb-galera-server', restart => true, root_password => hiera('CONFIG_MARIADB_PW'), require => Package['mariadb-server'], override_options => { - 'mysqld' => { bind_address => '0.0.0.0', + 'mysqld' => { bind_address => $bind_address, default_storage_engine => 'InnoDB', max_connections => '1024', open_files_limit => '-1', diff --git a/packstack/puppet/templates/mongodb.pp b/packstack/puppet/templates/mongodb.pp index 8114a31ad..fc2b14a80 100644 --- a/packstack/puppet/templates/mongodb.pp +++ b/packstack/puppet/templates/mongodb.pp @@ -1,7 +1,11 @@ $mongodb_host = hiera('CONFIG_MONGODB_HOST') class { '::mongodb::server': + ipv6 => hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => true, + default => false, + }, smallfiles => true, - bind_ip => [$mongodb_host], + bind_ip => $mongodb_host, } diff --git a/packstack/puppet/templates/nagios_server.pp b/packstack/puppet/templates/nagios_server.pp index 3e33cb425..246e3f43f 100644 --- a/packstack/puppet/templates/nagios_server.pp +++ b/packstack/puppet/templates/nagios_server.pp @@ -54,7 +54,7 @@ class nagios_configs(){ } $nagios_cfg_ks_adm_pw = hiera('CONFIG_KEYSTONE_ADMIN_PW') - $nagios_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') + $nagios_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') file { '/etc/nagios/keystonerc_admin': ensure => file, diff --git a/packstack/puppet/templates/neutron.pp b/packstack/puppet/templates/neutron.pp index 085d7bfe7..5fb90f457 100644 --- a/packstack/puppet/templates/neutron.pp +++ b/packstack/puppet/templates/neutron.pp @@ -1,4 +1,4 @@ -$neutron_db_host = hiera('CONFIG_MARIADB_HOST') +$neutron_db_host = hiera('CONFIG_MARIADB_HOST_URL') $neutron_db_name = hiera('CONFIG_NEUTRON_L2_DBNAME') $neutron_db_user = 'neutron' $neutron_db_password = hiera('CONFIG_NEUTRON_DB_PW') diff --git a/packstack/puppet/templates/neutron_api.pp b/packstack/puppet/templates/neutron_api.pp index 7bb66f104..b9923d8f5 100644 --- a/packstack/puppet/templates/neutron_api.pp +++ b/packstack/puppet/templates/neutron_api.pp @@ -1,7 +1,7 @@ class { '::neutron::server': database_connection => $neutron_sql_connection, auth_password => $neutron_user_password, - auth_host => hiera('CONFIG_CONTROLLER_HOST'), + auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), enabled => true, } diff --git a/packstack/puppet/templates/neutron_metadata.pp b/packstack/puppet/templates/neutron_metadata.pp index 9ba899be3..a36ab5307 100644 --- a/packstack/puppet/templates/neutron_metadata.pp +++ b/packstack/puppet/templates/neutron_metadata.pp @@ -1,10 +1,10 @@ -$neutron_metadata_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$neutron_metadata_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::neutron::agents::metadata': auth_password => hiera('CONFIG_NEUTRON_KS_PW'), auth_url => "http://${neutron_metadata_cfg_ctrl_host}:35357/v2.0", auth_region => hiera('CONFIG_KEYSTONE_REGION'), shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW'), - metadata_ip => hiera('CONFIG_CONTROLLER_HOST'), + metadata_ip => hiera('CONFIG_KEYSTONE_HOST_URL'), debug => hiera('CONFIG_DEBUG_MODE'), } diff --git a/packstack/puppet/templates/neutron_notifications.pp b/packstack/puppet/templates/neutron_notifications.pp index 452eafa2f..33d4f4f0d 100644 --- a/packstack/puppet/templates/neutron_notifications.pp +++ b/packstack/puppet/templates/neutron_notifications.pp @@ -1,4 +1,4 @@ -$neutron_notif_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$neutron_notif_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') # Configure nova notifications system class { '::neutron::server::notifications': diff --git a/packstack/puppet/templates/neutron_qpid.pp b/packstack/puppet/templates/neutron_qpid.pp index f7f5900a8..892cad891 100644 --- a/packstack/puppet/templates/neutron_qpid.pp +++ b/packstack/puppet/templates/neutron_qpid.pp @@ -1,7 +1,12 @@ +$bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', +} class { '::neutron': + bind_host => $bind_host, rpc_backend => 'neutron.openstack.common.rpc.impl_qpid', - qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), diff --git a/packstack/puppet/templates/neutron_rabbitmq.pp b/packstack/puppet/templates/neutron_rabbitmq.pp index cc1c86cd1..1fadc5d92 100644 --- a/packstack/puppet/templates/neutron_rabbitmq.pp +++ b/packstack/puppet/templates/neutron_rabbitmq.pp @@ -1,6 +1,11 @@ +$bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', +} class { '::neutron': - rabbit_host => hiera('CONFIG_AMQP_HOST'), + bind_host => $bind_host, + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_user => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/nova_api.pp b/packstack/puppet/templates/nova_api.pp index a83fc1c98..b714f20b4 100644 --- a/packstack/puppet/templates/nova_api.pp +++ b/packstack/puppet/templates/nova_api.pp @@ -1,8 +1,15 @@ require 'keystone::python' +$bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', +} + class { '::nova::api': + api_bind_address => $bind_host, + metadata_listen => $bind_host, enabled => true, - auth_host => hiera('CONFIG_CONTROLLER_HOST'), + auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), admin_password => hiera('CONFIG_NOVA_KS_PW'), neutron_metadata_proxy_shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW_UNQUOTED'), } diff --git a/packstack/puppet/templates/nova_ceilometer.pp b/packstack/puppet/templates/nova_ceilometer.pp index 5ce850bc4..5e0e682b3 100644 --- a/packstack/puppet/templates/nova_ceilometer.pp +++ b/packstack/puppet/templates/nova_ceilometer.pp @@ -1,4 +1,4 @@ -$nova_ceil_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$nova_ceil_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::ceilometer::agent::auth': auth_url => "http://${nova_ceil_cfg_ctrl_host}:35357/v2.0", diff --git a/packstack/puppet/templates/nova_ceilometer_qpid.pp b/packstack/puppet/templates/nova_ceilometer_qpid.pp index a01b87c82..a52b43218 100644 --- a/packstack/puppet/templates/nova_ceilometer_qpid.pp +++ b/packstack/puppet/templates/nova_ceilometer_qpid.pp @@ -1,7 +1,7 @@ class { '::ceilometer': metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), - qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), diff --git a/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp b/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp index 7d21869cd..44199e2b5 100644 --- a/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp +++ b/packstack/puppet/templates/nova_ceilometer_rabbitmq.pp @@ -1,7 +1,7 @@ class { '::ceilometer': metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), - rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/nova_common_qpid.pp b/packstack/puppet/templates/nova_common_qpid.pp index d22ba3203..096bbedb5 100644 --- a/packstack/puppet/templates/nova_common_qpid.pp +++ b/packstack/puppet/templates/nova_common_qpid.pp @@ -7,11 +7,11 @@ $public_key = { key => hiera('NOVA_MIGRATION_KEY_PUBLIC'), } -$nova_common_qpid_cfg_storage_host = hiera('CONFIG_STORAGE_HOST') +$nova_common_qpid_cfg_storage_host = hiera('CONFIG_STORAGE_HOST_URL') class { '::nova': glance_api_servers => "${nova_common_qpid_cfg_storage_host}:9292", - qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), rpc_backend => 'nova.openstack.common.rpc.impl_qpid', diff --git a/packstack/puppet/templates/nova_common_rabbitmq.pp b/packstack/puppet/templates/nova_common_rabbitmq.pp index 876946b3d..b60bbe73f 100644 --- a/packstack/puppet/templates/nova_common_rabbitmq.pp +++ b/packstack/puppet/templates/nova_common_rabbitmq.pp @@ -7,11 +7,11 @@ $public_key = { key => hiera('NOVA_MIGRATION_KEY_PUBLIC'), } -$nova_common_rabbitmq_cfg_storage_host = hiera('CONFIG_STORAGE_HOST') +$nova_common_rabbitmq_cfg_storage_host = hiera('CONFIG_STORAGE_HOST_URL') class { '::nova': glance_api_servers => "${nova_common_rabbitmq_cfg_storage_host}:9292", - rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/nova_compute.pp b/packstack/puppet/templates/nova_compute.pp index 23dfdcad4..04b8841fb 100644 --- a/packstack/puppet/templates/nova_compute.pp +++ b/packstack/puppet/templates/nova_compute.pp @@ -48,7 +48,7 @@ if ($::fqdn == '' or $::fqdn =~ /localhost/) { class { '::nova::compute': enabled => true, - vncproxy_host => hiera('CONFIG_CONTROLLER_HOST'), + vncproxy_host => hiera('CONFIG_KEYSTONE_HOST_URL'), vncproxy_protocol => $vncproxy_protocol, vncserver_proxyclient_address => $vncproxy_server, compute_manager => hiera('CONFIG_NOVA_COMPUTE_MANAGER'), diff --git a/packstack/puppet/templates/nova_compute_ironic.pp b/packstack/puppet/templates/nova_compute_ironic.pp index 2a0a3aafb..603b793ae 100644 --- a/packstack/puppet/templates/nova_compute_ironic.pp +++ b/packstack/puppet/templates/nova_compute_ironic.pp @@ -1,4 +1,4 @@ -$ironic_config_controller_host = hiera('CONFIG_CONTROLLER_HOST') +$ironic_config_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::nova::compute::ironic': admin_user => 'ironic', diff --git a/packstack/puppet/templates/nova_compute_libvirt.pp b/packstack/puppet/templates/nova_compute_libvirt.pp index 8d7501283..01de52648 100644 --- a/packstack/puppet/templates/nova_compute_libvirt.pp +++ b/packstack/puppet/templates/nova_compute_libvirt.pp @@ -18,10 +18,15 @@ exec { 'qemu-kvm': before => Class['nova::compute::libvirt'], } +$libvirt_vnc_bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', +} + class { '::nova::compute::libvirt': libvirt_virt_type => $libvirt_virt_type, libvirt_cpu_mode => $libvirt_cpu_mode, - vncserver_listen => '0.0.0.0', + vncserver_listen => $libvirt_vnc_bind_host, migration_support => true, libvirt_inject_partition => '-1', } diff --git a/packstack/puppet/templates/nova_neutron.pp b/packstack/puppet/templates/nova_neutron.pp index 0065c1418..b34b29427 100644 --- a/packstack/puppet/templates/nova_neutron.pp +++ b/packstack/puppet/templates/nova_neutron.pp @@ -1,5 +1,5 @@ -$nova_neutron_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$nova_neutron_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::nova::network::neutron': neutron_admin_password => hiera('CONFIG_NEUTRON_KS_PW'), diff --git a/packstack/puppet/templates/nova_vncproxy.pp b/packstack/puppet/templates/nova_vncproxy.pp index d015dbe1a..ff3563103 100644 --- a/packstack/puppet/templates/nova_vncproxy.pp +++ b/packstack/puppet/templates/nova_vncproxy.pp @@ -10,18 +10,14 @@ if $is_horizon_ssl == true { } } -if $vncproxy_protocol == undef { - $vncproxy_protocol = $is_horizon_ssl ? { - true => 'https', - false => 'http', - default => 'http', - } +$vnc_bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', } class { '::nova::vncproxy': - enabled => true, - host => hiera('CONFIG_CONTROLLER_HOST'), - vncproxy_protocol => $vncproxy_protocol, + enabled => true, + host => $vnc_bind_host, } class { '::nova::consoleauth': diff --git a/packstack/puppet/templates/provision_demo.pp b/packstack/puppet/templates/provision_demo.pp index aa87b2826..59f0086dc 100644 --- a/packstack/puppet/templates/provision_demo.pp +++ b/packstack/puppet/templates/provision_demo.pp @@ -19,6 +19,7 @@ $setup_ovs_bridge = hiera('CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') $public_bridge_name = hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE') $provision_neutron_avail = hiera('PROVISION_NEUTRON_AVAILABLE') + $ip_version = hiera('CONFIG_IP_VERSION') ## Users @@ -42,8 +43,9 @@ } ## Neutron - - if $provision_neutron_avail { + # IPv6 support is not yet available for public network in packstack. It can + # be done manually. Here we just ensure that we don't fail. + if $provision_neutron_avail and $ip_version != 'ipv6' { $neutron_deps = [Neutron_network[$public_network_name]] neutron_network { $public_network_name: @@ -89,7 +91,7 @@ } } -if $setup_ovs_bridge { +if $setup_ovs_bridge and $ip_version != 'ipv6' { firewall { '000 nat': chain => 'POSTROUTING', jump => 'MASQUERADE', diff --git a/packstack/puppet/templates/sahara.pp b/packstack/puppet/templates/sahara.pp index 34cde2749..f73585b27 100644 --- a/packstack/puppet/templates/sahara.pp +++ b/packstack/puppet/templates/sahara.pp @@ -1,18 +1,18 @@ $sahara_cfg_sahara_db_pw = hiera('CONFIG_SAHARA_DB_PW') -$sahara_cfg_sahara_mariadb_host = hiera('CONFIG_MARIADB_HOST') +$sahara_cfg_sahara_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') $sahara_cfg_config_neutron_install = hiera('CONFIG_NEUTRON_INSTALL') -$sahara_cfg_controller_host = hiera('CONFIG_CONTROLLER_HOST') +$sahara_cfg_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::sahara': database_connection => "mysql://sahara:${sahara_cfg_sahara_db_pw}@${sahara_cfg_sahara_mariadb_host}/sahara", verbose => true, debug => hiera('CONFIG_DEBUG_MODE'), - os_username => 'admin', - os_password => hiera('CONFIG_KEYSTONE_ADMIN_PW'), - os_tenant_name => 'admin', - os_auth_url => "http://${sahara_cfg_controller_host}:5000/v2.0", + keystone_username => 'admin', + keystone_password => hiera('CONFIG_KEYSTONE_ADMIN_PW'), + keystone_tenant => 'admin', + keystone_url => "http://${sahara_cfg_controller_host}:5000/v2.0", identity_url => "http://${sahara_cfg_controller_host}:35357/", use_neutron => ($sahara_cfg_config_neutron_install == 'y'), service_host => hiera('CONFIG_SAHARA_HOST'), diff --git a/packstack/puppet/templates/sahara_qpid.pp b/packstack/puppet/templates/sahara_qpid.pp index b0329871e..56cbec823 100644 --- a/packstack/puppet/templates/sahara_qpid.pp +++ b/packstack/puppet/templates/sahara_qpid.pp @@ -1,5 +1,5 @@ class { '::sahara::notify::qpid': - qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/sahara_rabbitmq.pp b/packstack/puppet/templates/sahara_rabbitmq.pp index 9c0562d5d..11b620f38 100644 --- a/packstack/puppet/templates/sahara_rabbitmq.pp +++ b/packstack/puppet/templates/sahara_rabbitmq.pp @@ -1,5 +1,5 @@ class { '::sahara::notify::rabbitmq': - rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/swift_builder.pp b/packstack/puppet/templates/swift_builder.pp index 0417cfc43..1fb1a2d81 100644 --- a/packstack/puppet/templates/swift_builder.pp +++ b/packstack/puppet/templates/swift_builder.pp @@ -8,7 +8,7 @@ class { '::swift::ringbuilder': # sets up an rsync db that can be used to sync the ring DB class { '::swift::ringserver': - local_net_ip => hiera('CONFIG_CONTROLLER_HOST'), + local_net_ip => hiera('CONFIG_STORAGE_HOST_URL'), } if str2bool($::selinux) { diff --git a/packstack/puppet/templates/swift_proxy.pp b/packstack/puppet/templates/swift_proxy.pp index 1373f4d68..c4bab13cd 100644 --- a/packstack/puppet/templates/swift_proxy.pp +++ b/packstack/puppet/templates/swift_proxy.pp @@ -1,10 +1,17 @@ package { 'curl': ensure => present } -class { '::memcached': } +$bind_host = hiera('CONFIG_IP_VERSION') ? { + 'ipv6' => '::0', + 'ipv4' => '0.0.0.0', +} + +class { '::memcached': + listen_ip => $bind_host, +} class { '::swift::proxy': - proxy_local_net_ip => hiera('CONFIG_CONTROLLER_HOST'), + proxy_local_net_ip => hiera('CONFIG_STORAGE_HOST_URL'), pipeline => [ 'catch_errors', 'bulk', @@ -63,6 +70,6 @@ class { '::swift::proxy::authtoken': admin_tenant_name => 'services', admin_password => hiera('CONFIG_SWIFT_KS_PW'), # assume that the controller host is the swift api server - auth_host => hiera('CONFIG_CONTROLLER_HOST'), + auth_host => hiera('CONFIG_STORAGE_HOST_URL'), } diff --git a/packstack/puppet/templates/swift_storage.pp b/packstack/puppet/templates/swift_storage.pp index 1902a61a1..b32cb4b8a 100644 --- a/packstack/puppet/templates/swift_storage.pp +++ b/packstack/puppet/templates/swift_storage.pp @@ -1,7 +1,7 @@ # install all swift storage servers together class { '::swift::storage::all': - storage_local_net_ip => hiera('CONFIG_CONTROLLER_HOST'), + storage_local_net_ip => hiera('CONFIG_STORAGE_HOST_URL'), allow_versions => true, require => Class['swift'], } @@ -16,7 +16,7 @@ if (!defined(File['/srv/node'])) { } swift::ringsync{ ['account', 'container', 'object']: - ring_server => hiera('CONFIG_CONTROLLER_HOST'), + ring_server => hiera('CONFIG_STORAGE_HOST_URL'), before => Class['swift::storage::all'], require => Class['swift'], } diff --git a/packstack/puppet/templates/trove.pp b/packstack/puppet/templates/trove.pp index 9f51cb878..48b18d9e7 100644 --- a/packstack/puppet/templates/trove.pp +++ b/packstack/puppet/templates/trove.pp @@ -1,7 +1,7 @@ class { '::trove::api': enabled => true, keystone_password => hiera('CONFIG_TROVE_KS_PW'), - auth_host => hiera('CONFIG_CONTROLLER_HOST'), + auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), auth_port => 35357, cert_file => false, key_file => false, @@ -10,7 +10,7 @@ class { '::trove::api': debug => hiera('CONFIG_DEBUG_MODE'), } -$trove_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') +$trove_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::trove::conductor': auth_url => "http://${trove_cfg_ctrl_host}:5000/v2.0", diff --git a/packstack/puppet/templates/trove_qpid.pp b/packstack/puppet/templates/trove_qpid.pp index 60d5aa350..68575cdba 100644 --- a/packstack/puppet/templates/trove_qpid.pp +++ b/packstack/puppet/templates/trove_qpid.pp @@ -1,10 +1,10 @@ $trove_qpid_cfg_trove_db_pw = hiera('CONFIG_TROVE_DB_PW') -$trove_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') -$trove_qpid_cfg_controller_host = hiera('CONFIG_CONTROLLER_HOST') +$trove_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') +$trove_qpid_cfg_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::trove': rpc_backend => 'trove.openstack.common.rpc.impl_qpid', - qpid_hostname => hiera('CONFIG_AMQP_HOST'), + qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), @@ -18,4 +18,3 @@ class { '::trove': swift_url => "http://${trove_qpid_cfg_controller_host}:8080/v1/AUTH_", use_neutron => hiera('CONFIG_NEUTRON_INSTALL'), } - diff --git a/packstack/puppet/templates/trove_rabbitmq.pp b/packstack/puppet/templates/trove_rabbitmq.pp index 6988ef317..7578ab14c 100644 --- a/packstack/puppet/templates/trove_rabbitmq.pp +++ b/packstack/puppet/templates/trove_rabbitmq.pp @@ -1,13 +1,13 @@ $trove_rabmq_cfg_trove_db_pw = hiera('CONFIG_TROVE_DB_PW') -$trove_rabmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') -$trove_rabmq_cfg_controller_host = hiera('CONFIG_CONTROLLER_HOST') +$trove_rabmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') +$trove_rabmq_cfg_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::trove': rpc_backend => 'trove.openstack.common.rpc.impl_kombu', - rabbit_host => hiera('CONFIG_AMQP_HOST'), + rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), + rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), - rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), database_connection => "mysql://trove:${trove_rabmq_cfg_trove_db_pw}@${trove_rabmq_cfg_mariadb_host}/trove", nova_proxy_admin_user => hiera('CONFIG_TROVE_NOVA_USER'), diff --git a/tools/test-requires b/tools/test-requires index a6c88f59d..1c9867b72 100644 --- a/tools/test-requires +++ b/tools/test-requires @@ -1,2 +1,4 @@ nose coverage +hacking>=0.9.5,<0.10 +netaddr diff --git a/tox.ini b/tox.ini index eb334ce24..ac5583fa5 100644 --- a/tox.ini +++ b/tox.ini @@ -16,7 +16,6 @@ sitepackages = True downloadcache = ~/cache/pip [testenv:pep8] -deps=hacking>=0.9.5,<0.10 commands = flake8 [testenv:cover]