x/packstack
Code Issues Proposed changes

[Packstack] enchange ipv6 support

Browse Source 
We should support ipv6 or ipv4 only installation and we should
set firewall according to ip version.

Resolves-Bug: rhbz#1185652
Change-Id: I7bacf81373a6e0567e0c3fdebacf47cd5c683ad2
This commit is contained in:
Lukas Bezdicka
2015-03-30 13:01:04 +02:00
committed by Gael Chamoulaud
parent b1049fd9f9
commit aa45027939
83 changed files with 360 additions and 183 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
packstack/installer/output_messages.py
View File

@@ -67,6 +67,8 @@ WARN_WEAK_PASS = "Warning: Weak Password."
WARN_NM_ENABLED = ("Warning: NetworkManager is active on %s. OpenStack " WARN_NM_ENABLED = ("Warning: NetworkManager is active on %s. OpenStack "
"networking currently does not work on systems that have " "networking currently does not work on systems that have "
"the Network Manager service enabled.") "the Network Manager service enabled.")
WARN_IPV6_OVS = ("Warning: IPv6 and ovs tunneling is not yet supported and "
"will fail on host %s see https://bugzilla.redhat.com/show_bug.cgi?id=1100360.")
ERR_PING = "Error: the provided hostname is unreachable" ERR_PING = "Error: the provided hostname is unreachable"
ERR_SSH = "Error: could not connect to the ssh server: %s" ERR_SSH = "Error: could not connect to the ssh server: %s"

37
packstack/installer/utils/network.py
View File

@@ -12,9 +12,14 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
netaddr_available = True
try:
import netaddr
except ImportError:
netaddr_available = False
import re import re
import socket import socket
from ..exceptions import NetworkError from ..exceptions import NetworkError
from .shell import execute from .shell import execute
from .shell import ScriptRunner from .shell import ScriptRunner
@@ -78,11 +83,33 @@ def host2ip(hostname, allow_localhost=False):
raise NetworkError('Unknown error appeared: %s' % repr(ex)) raise NetworkError('Unknown error appeared: %s' % repr(ex))
def force_ip(host, allow_localhost=False): def is_ipv6(host):
if not netaddr_available:
raise ImportError(
"netaddr module unavailable, install with pip install netaddr"
)
host = host.strip() host = host.strip()
ipv4_regex = re.compile('\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}') try:
ipv6_regex = re.compile('[abcdef\d\:]+') return netaddr.IPAddress(host).version == 6
if not ipv4_regex.match(host) or not ipv6_regex.match(host): except netaddr.core.AddrFormatError:
# Most probably a hostname, no need for bracket everywhere.
return False
def is_ipv4(host):
if not netaddr_available:
raise ImportError(
"netaddr module unavailable, install with pip install netaddr"
)
host = host.strip()
try:
return netaddr.IPAddress(host).version == 4
except netaddr.core.AddrFormatError:
return True
def force_ip(host, allow_localhost=False):
if not is_ipv6(host) or not is_ipv4(host):
host = host2ip(host, allow_localhost=allow_localhost) host = host2ip(host, allow_localhost=allow_localhost)
return host return host

5
packstack/plugins/amqp_002.py
View File

@@ -255,6 +255,11 @@ def create_manifest(config, messages):
manifestfile = "%s_amqp.pp" % config['CONFIG_AMQP_HOST'] manifestfile = "%s_amqp.pp" % config['CONFIG_AMQP_HOST']
manifestdata = getManifestTemplate('amqp') manifestdata = getManifestTemplate('amqp')
if config['CONFIG_IP_VERSION'] == 'ipv6':
config['CONFIG_AMQP_HOST_URL'] = "[%s]" % config['CONFIG_AMQP_HOST']
else:
config['CONFIG_AMQP_HOST_URL'] = config['CONFIG_AMQP_HOST']
fw_details = dict() fw_details = dict()
# All hosts should be able to talk to amqp # All hosts should be able to talk to amqp
for host in filtered_hosts(config, exclude=False): for host in filtered_hosts(config, exclude=False):

23
packstack/plugins/ceilometer_800.py
View File

@@ -253,9 +253,20 @@ def create_manifest(config, messages):
# fallbacks for use in coordination url. # fallbacks for use in coordination url.
sentinel_hosts = split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS']) sentinel_hosts = split_hosts(config['CONFIG_REDIS_SENTINEL_HOSTS'])
sentinel_port = config['CONFIG_REDIS_SENTINEL_PORT'] sentinel_port = config['CONFIG_REDIS_SENTINEL_PORT']
sentinel_host = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST']
if config['CONFIG_IP_VERSION'] == 'ipv6':
config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = "[%s]" % (
sentinel_host)
else:
config['CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL'] = sentinel_host
sentinel_contact = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST'] sentinel_contact = config['CONFIG_REDIS_SENTINEL_CONTACT_HOST']
if len(sentinel_hosts) > 1: if len(sentinel_hosts) > 1:
sentinel_fallbacks = '&'.join(['sentinel_fallback=%s:%s' % sentinel_format = 'sentinel_fallback=%s:%s'
if config['CONFIG_IP_VERSION'] == 'ipv6':
sentinel_format = 'sentinel_fallback=[%s]:%s'
sentinel_fallbacks = '&'.join([sentinel_format %
(host, sentinel_port) (host, sentinel_port)
for host in sentinel_hosts for host in sentinel_hosts
if host != sentinel_contact]) if host != sentinel_contact])
@@ -282,6 +293,11 @@ def create_manifest(config, messages):
def create_mongodb_manifest(config, messages): def create_mongodb_manifest(config, messages):
host = config['CONFIG_MONGODB_HOST']
if config['CONFIG_IP_VERSION'] == 'ipv6':
config['CONFIG_MONGODB_HOST_URL'] = "[%s]" % host
else:
config['CONFIG_MONGODB_HOST_URL'] = host
manifestfile = "%s_mongodb.pp" % config['CONFIG_MONGODB_HOST'] manifestfile = "%s_mongodb.pp" % config['CONFIG_MONGODB_HOST']
manifestdata = getManifestTemplate("mongodb") manifestdata = getManifestTemplate("mongodb")
@@ -301,6 +317,11 @@ def create_mongodb_manifest(config, messages):
def create_redis_manifest(config, messages): def create_redis_manifest(config, messages):
if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis': if config['CONFIG_CEILOMETER_COORDINATION_BACKEND'] == 'redis':
redis_master_host = config['CONFIG_REDIS_MASTER_HOST']
if config['CONFIG_IP_VERSION'] == 'ipv6':
config['CONFIG_REDIS_MASTER_HOST_URL'] = "[%s]" % redis_master_host
else:
config['CONFIG_REDIS_MASTER_HOST_URL'] = redis_master_host
# master # master
manifestfile = "%s_redis.pp" % config['CONFIG_REDIS_MASTER_HOST'] manifestfile = "%s_redis.pp" % config['CONFIG_REDIS_MASTER_HOST']

8
packstack/plugins/cinder_250.py
View File

@@ -581,8 +581,6 @@ def check_netapp_eseries_options(config):
def check_cinder_vg(config, messages): def check_cinder_vg(config, messages):
cinders_volume = 'cinder-volumes' cinders_volume = 'cinder-volumes'
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
# Do we have a cinder-volumes vg? # Do we have a cinder-volumes vg?
have_cinders_volume = False have_cinders_volume = False
@@ -613,18 +611,12 @@ def check_cinder_vg(config, messages):
def create_keystone_manifest(config, messages): def create_keystone_manifest(config, messages):
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate("keystone_cinder") manifestdata = getManifestTemplate("keystone_cinder")
appendManifestFile(manifestfile, manifestdata) appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): def create_manifest(config, messages):
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate(get_mq(config, "cinder")) manifestdata = getManifestTemplate(get_mq(config, "cinder"))
manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST'] manifestfile = "%s_cinder.pp" % config['CONFIG_STORAGE_HOST']
manifestdata += getManifestTemplate("cinder") manifestdata += getManifestTemplate("cinder")

6
packstack/plugins/glance_200.py
View File

@@ -112,18 +112,12 @@ def process_backend(value, param_name, config):
# -------------------------- step functions -------------------------- # -------------------------- step functions --------------------------
def create_keystone_manifest(config, messages): def create_keystone_manifest(config, messages):
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate("keystone_glance") manifestdata = getManifestTemplate("keystone_glance")
appendManifestFile(manifestfile, manifestdata) appendManifestFile(manifestfile, manifestdata)
def create_manifest(config, messages): def create_manifest(config, messages):
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
manifestfile = "%s_glance.pp" % config['CONFIG_STORAGE_HOST'] manifestfile = "%s_glance.pp" % config['CONFIG_STORAGE_HOST']
manifestdata = getManifestTemplate("glance") manifestdata = getManifestTemplate("glance")
if config['CONFIG_CEILOMETER_INSTALL'] == 'y': if config['CONFIG_CEILOMETER_INSTALL'] == 'y':

3
packstack/plugins/ironic_275.py
View File

@@ -91,9 +91,6 @@ def initSequences(controller):
def create_manifest(config, messages): def create_manifest(config, messages):
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
manifestfile = "%s_ironic.pp" % config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_ironic.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate(get_mq(config, "ironic")) manifestdata = getManifestTemplate(get_mq(config, "ironic"))
manifestdata += getManifestTemplate("ironic.pp") manifestdata += getManifestTemplate("ironic.pp")

6
packstack/plugins/keystone_100.py
View File

@@ -765,6 +765,12 @@ def create_manifest(config, messages):
manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate("keystone") manifestdata = getManifestTemplate("keystone")
if config['CONFIG_IP_VERSION'] == 'ipv6':
host = config['CONFIG_CONTROLLER_HOST']
config['CONFIG_KEYSTONE_HOST_URL'] = "[%s]" % host
else:
config['CONFIG_KEYSTONE_HOST_URL'] = config['CONFIG_CONTROLLER_HOST']
fw_details = dict() fw_details = dict()
key = "keystone" key = "keystone"
fw_details.setdefault(key, {}) fw_details.setdefault(key, {})

5
packstack/plugins/mariadb_003.py
View File

@@ -105,6 +105,11 @@ def create_manifest(config, messages):
suffix = 'noinstall' suffix = 'noinstall'
host = config['CONFIG_CONTROLLER_HOST'] host = config['CONFIG_CONTROLLER_HOST']
if config['CONFIG_IP_VERSION'] == 'ipv6':
config['CONFIG_MARIADB_HOST_URL'] = "[%s]" % host
else:
config['CONFIG_MARIADB_HOST_URL'] = host
manifestfile = "%s_mariadb.pp" % host manifestfile = "%s_mariadb.pp" % host
manifestdata = [getManifestTemplate('mariadb_%s' % suffix)] manifestdata = [getManifestTemplate('mariadb_%s' % suffix)]

4
packstack/plugins/neutron_350.py
View File

@@ -552,6 +552,10 @@ def create_manifests(config, messages):
# We also need to open VXLAN/GRE port for agent # We also need to open VXLAN/GRE port for agent
manifest_data = "" manifest_data = ""
if use_openvswitch_vxlan(config) or use_openvswitch_gre(config): if use_openvswitch_vxlan(config) or use_openvswitch_gre(config):
if config['CONFIG_IP_VERSION'] == 'ipv6':
msg = output_messages.WARN_IPV6_OVS
messages.append(utils.color_text(msg % host, 'red'))
for n_host in network_hosts | compute_hosts: for n_host in network_hosts | compute_hosts:
cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s" cf_fw_nt_key = ("FIREWALL_NEUTRON_TUNNEL_RULES_%s_%s"
% (host, n_host)) % (host, n_host))

4
packstack/plugins/nova_300.py
View File

@@ -653,8 +653,8 @@ def create_common_manifest(config, messages):
perms = "nova:%s" % config['CONFIG_NOVA_DB_PW'] perms = "nova:%s" % config['CONFIG_NOVA_DB_PW']
pw_in_sqlconn = True pw_in_sqlconn = True
sqlconn = "mysql://%s@%s/nova" % (perms, mariadb_host_url = config['CONFIG_MARIADB_HOST_URL']
config['CONFIG_MARIADB_HOST']) sqlconn = "mysql://%s@%s/nova" % (perms, mariadb_host_url)
if pw_in_sqlconn: if pw_in_sqlconn:
config['CONFIG_NOVA_SQL_CONN_PW'] = sqlconn config['CONFIG_NOVA_SQL_CONN_PW'] = sqlconn
else: else:

27
packstack/plugins/prescript_000.py
View File

@@ -851,6 +851,8 @@ def initConfig(controller):
def initSequences(controller): def initSequences(controller):
prescript_steps = [ prescript_steps = [
{'title': 'Discovering ip protocol version',
'functions': [choose_ip_version]},
{'title': 'Setting up ssh keys', {'title': 'Setting up ssh keys',
'functions': [install_keys]}, 'functions': [install_keys]},
{'title': 'Preparing servers', {'title': 'Preparing servers',
@@ -1115,6 +1117,23 @@ def manage_rdo(host, config):
# -------------------------- step functions -------------------------- # -------------------------- step functions --------------------------
def choose_ip_version(config, messages):
use_ipv6 = False
use_ipv4 = False
for hostname in filtered_hosts(config):
if '/' in hostname:
hostname = hostname.split('/')[0]
use_ipv6 |= utils.network.is_ipv6(hostname)
use_ipv4 |= utils.network.is_ipv4(hostname)
if use_ipv6 and use_ipv4:
msg = "IPv6 together with IPv4 installation is not supported"
raise exceptions.ParamValidationError(msg)
elif use_ipv6:
config['CONFIG_IP_VERSION'] = 'ipv6'
else:
config['CONFIG_IP_VERSION'] = 'ipv4'
def install_keys_on_host(hostname, sshkeydata): def install_keys_on_host(hostname, sshkeydata):
server = utils.ScriptRunner(hostname) server = utils.ScriptRunner(hostname)
# TODO replace all that with ssh-copy-id # TODO replace all that with ssh-copy-id
@@ -1295,6 +1314,14 @@ def create_manifest(config, messages):
key = 'CONFIG_DEBUG_MODE' key = 'CONFIG_DEBUG_MODE'
config[key] = config[key] == 'y' and True or False config[key] = config[key] == 'y' and True or False
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
if config['CONFIG_IP_VERSION'] == 'ipv6':
storage_host = config['CONFIG_STORAGE_HOST']
config['CONFIG_STORAGE_HOST_URL'] = "[%s]" % storage_host
else:
config['CONFIG_STORAGE_HOST_URL'] = config['CONFIG_STORAGE_HOST']
for hostname in filtered_hosts(config): for hostname in filtered_hosts(config):
manifestfile = "%s_prescript.pp" % hostname manifestfile = "%s_prescript.pp" % hostname
manifestdata = getManifestTemplate("prescript") manifestdata = getManifestTemplate("prescript")

3
packstack/plugins/provision_700.py
View File

@@ -344,9 +344,6 @@ def create_demo_manifest(config, messages):
def create_storage_manifest(config, messages): def create_storage_manifest(config, messages):
if config['CONFIG_GLANCE_INSTALL'] == 'y': if config['CONFIG_GLANCE_INSTALL'] == 'y':
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
if config['CONFIG_PROVISION_TEMPEST']: if config['CONFIG_PROVISION_TEMPEST']:
template = "provision_tempest_glance" template = "provision_tempest_glance"
else: else:

16
packstack/plugins/puppet_950.py
View File

@@ -142,14 +142,14 @@ def run_cleanup(config, messages):
def copy_puppet_modules(config, messages): def copy_puppet_modules(config, messages):
os_modules = ' '.join(('apache', 'ceilometer', 'certmonger', 'cinder', os_modules = ' '.join(('apache', 'ceilometer', 'certmonger', 'cinder',
'concat', 'firewall', 'glance', 'heat', 'horizon', 'concat', 'firewall', 'glance', 'galera', 'heat',
'inifile', 'ironic', 'keystone', 'manila', 'horizon', 'inifile', 'ironic', 'keystone',
'memcached', 'mongodb', 'mysql', 'neutron', 'nova', 'manila', 'memcached', 'mongodb', 'mysql',
'nssdb', 'openstack', 'packstack', 'qpid', 'neutron', 'nova', 'nssdb', 'openstack',
'rabbitmq', 'redis', 'remote', 'rsync', 'sahara', 'packstack', 'qpid', 'rabbitmq', 'redis', 'remote',
'ssh', 'stdlib', 'swift', 'sysctl', 'tempest', 'rsync', 'sahara', 'ssh', 'stdlib', 'swift',
'trove', 'vcsrepo', 'vlan', 'vswitch', 'xinetd', 'sysctl', 'tempest', 'trove', 'vcsrepo', 'vlan',
'openstacklib')) 'vswitch', 'xinetd', 'openstacklib'))
# write puppet manifest to disk # write puppet manifest to disk
manifestfiles.writeManifests() manifestfiles.writeManifests()

3
packstack/plugins/sahara_800.py
View File

@@ -97,9 +97,6 @@ def create_keystone_manifest(config, messages):
def create_manifest(config, messages): def create_manifest(config, messages):
if config['CONFIG_UNSUPPORTED'] != 'y':
config['CONFIG_STORAGE_HOST'] = config['CONFIG_CONTROLLER_HOST']
manifestfile = "%s_sahara.pp" % config['CONFIG_STORAGE_HOST'] manifestfile = "%s_sahara.pp" % config['CONFIG_STORAGE_HOST']
manifestdata = getManifestTemplate(get_mq(config, "sahara")) manifestdata = getManifestTemplate(get_mq(config, "sahara"))
manifestdata += getManifestTemplate("sahara.pp") manifestdata += getManifestTemplate("sahara.pp")

12
packstack/plugins/swift_600.py
View File

@@ -265,13 +265,13 @@ def create_builder_manifest(config, messages):
' weight => 10, }\n') ' weight => 10, }\n')
return fmt % (dev_type, host, dev_port, devicename, zone) return fmt % (dev_type, host, dev_port, devicename, zone)
manifestfile = "%s_ring_swift.pp" % config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_ring_swift.pp" % config['CONFIG_STORAGE_HOST']
manifestdata = getManifestTemplate("swift_builder") manifestdata = getManifestTemplate("swift_builder")
# Add each device to the ring # Add each device to the ring
devicename = 0 devicename = 0
for device in devices: for device in devices:
host = config['CONFIG_CONTROLLER_HOST'] host = config['CONFIG_STORAGE_HOST_URL']
devicename = device['device_name'] devicename = device['device_name']
zone = device['zone'] zone = device['zone']
for dev_type, dev_port in [('ring_object_device', 6000), for dev_type, dev_port in [('ring_object_device', 6000),
@@ -283,7 +283,7 @@ def create_builder_manifest(config, messages):
def create_proxy_manifest(config, messages): def create_proxy_manifest(config, messages):
manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_swift.pp" % config['CONFIG_STORAGE_HOST']
manifestdata = getManifestTemplate("swift_proxy") manifestdata = getManifestTemplate("swift_proxy")
fw_details = dict() fw_details = dict()
@@ -303,12 +303,12 @@ def create_proxy_manifest(config, messages):
def create_storage_manifest(config, messages): def create_storage_manifest(config, messages):
global devices global devices
manifestfile = "%s_swift.pp" % config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_swift.pp" % config['CONFIG_STORAGE_HOST']
manifestdata = getManifestTemplate("swift_storage") manifestdata = getManifestTemplate("swift_storage")
# this need to happen once per storage device # this need to happen once per storage device
for device in devices: for device in devices:
host = config['CONFIG_CONTROLLER_HOST'] host = config['CONFIG_STORAGE_HOST']
devicename = device['device_name'] devicename = device['device_name']
device = device['device'] device = device['device']
fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"] fstype = config["CONFIG_SWIFT_STORAGE_FSTYPE"]
@@ -323,7 +323,7 @@ def create_storage_manifest(config, messages):
manifestdata += "\n" + getManifestTemplate("swift_loopback") manifestdata += "\n" + getManifestTemplate("swift_loopback")
# set allowed hosts for firewall # set allowed hosts for firewall
hosts = set([config['CONFIG_CONTROLLER_HOST']]) hosts = set([config['CONFIG_STORAGE_HOST']])
if config['CONFIG_NOVA_INSTALL'] == 'y': if config['CONFIG_NOVA_INSTALL'] == 'y':
hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS']) hosts |= split_hosts(config['CONFIG_COMPUTE_HOSTS'])

16
packstack/puppet/modules/packstack/manifests/firewall.pp
View File

@@ -3,10 +3,22 @@
# using FIREWALL_CHAIN # using FIREWALL_CHAIN
define packstack::firewall($host, $service_name, $chain = "INPUT", $ports = undef, $proto = 'tcp') { define packstack::firewall($host, $service_name, $chain = "INPUT", $ports = undef, $proto = 'tcp') {
$ip_version = hiera('CONFIG_IP_VERSION')
$provider = $ip_version ? {
'ipv6' => 'ip6tables',
'ipv4' => 'iptables',
default => fail("IP version cannot be ${ip_version}")
}
$source = $host ? { $source = $host ? {
'ALL' => '0.0.0.0/0', 'ALL' => $ip_version ? {
'ipv6' => '::/0',
default => '0.0.0.0/0'
},
default => $host, default => $host,
} }
$heading = $chain ? { $heading = $chain ? {
'OUTPUT' => 'outgoing', 'OUTPUT' => 'outgoing',
default => 'incoming', default => 'incoming',
@@ -18,6 +30,7 @@ define packstack::firewall($host, $service_name, $chain = "INPUT", $ports = unde
proto => $proto, proto => $proto,
action => 'accept', action => 'accept',
source => $source, source => $source,
provider => $provider,
} }
} }
else { else {
@@ -27,6 +40,7 @@ define packstack::firewall($host, $service_name, $chain = "INPUT", $ports = unde
dport => $ports, dport => $ports,
action => 'accept', action => 'accept',
source => $source, source => $source,
provider => $provider,
} }
} }
} }

17
packstack/puppet/templates/ceilometer.pp
View File

@@ -1,17 +1,19 @@
$config_mongodb_host = hiera('CONFIG_MONGODB_HOST')
$config_mongodb_host = hiera('CONFIG_MONGODB_HOST_URL')
$config_ceilometer_coordination_backend = hiera('CONFIG_CEILOMETER_COORDINATION_BACKEND') $config_ceilometer_coordination_backend = hiera('CONFIG_CEILOMETER_COORDINATION_BACKEND')
if $config_ceilometer_coordination_backend == 'redis' { if $config_ceilometer_coordination_backend == 'redis' {
$redis_ha = hiera('CONFIG_REDIS_HA') $redis_ha = hiera('CONFIG_REDIS_HA')
$redis_host = hiera('CONFIG_REDIS_MASTER_HOST') $redis_host = hiera('CONFIG_REDIS_MASTER_HOST_URL')
$redis_port = hiera('CONFIG_REDIS_PORT') $redis_port = hiera('CONFIG_REDIS_PORT')
$sentinel_host = hiera('CONFIG_REDIS_SENTINEL_CONTACT_HOST') $sentinel_host = hiera('CONFIG_REDIS_SENTINEL_CONTACT_HOST')
$sentinel_host_url = hiera('CONFIG_REDIS_SENTINEL_CONTACT_HOST_URL')
$sentinel_fallbacks = hiera('CONFIG_REDIS_SENTINEL_FALLBACKS') $sentinel_fallbacks = hiera('CONFIG_REDIS_SENTINEL_FALLBACKS')
if ($sentinel_host != '' and $redis_ha == 'y') { if ($sentinel_host != '' and $redis_ha == 'y') {
$master_name = hiera('CONFIG_REDIS_MASTER_NAME') $master_name = hiera('CONFIG_REDIS_MASTER_NAME')
$sentinel_port = hiera('CONFIG_REDIS_SENTINEL_PORT') $sentinel_port = hiera('CONFIG_REDIS_SENTINEL_PORT')
$base_coordination_url = "redis://${sentinel_host}:${sentinel_port}?sentinel=${master_name}" $base_coordination_url = "redis://${sentinel_host_url}:${sentinel_port}?sentinel=${master_name}"
if $sentinel_fallbacks != '' { if $sentinel_fallbacks != '' {
$coordination_url = "${base_coordination_url}&${sentinel_fallbacks}" $coordination_url = "${base_coordination_url}&${sentinel_fallbacks}"
} else { } else {
@@ -32,7 +34,7 @@ class { '::ceilometer::collector': }
class { '::ceilometer::agent::notification': } class { '::ceilometer::agent::notification': }
$config_controller_host = hiera('CONFIG_CONTROLLER_HOST') $config_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::ceilometer::agent::auth': class { '::ceilometer::agent::auth':
auth_url => "http://${config_controller_host}:35357/v2.0", auth_url => "http://${config_controller_host}:35357/v2.0",
@@ -49,7 +51,12 @@ class { '::ceilometer::alarm::evaluator':
coordination_url => $coordination_url, coordination_url => $coordination_url,
} }
$bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0',
'ipv4' => '0.0.0.0',
}
class { '::ceilometer::api': class { '::ceilometer::api':
keystone_host => hiera('CONFIG_CONTROLLER_HOST'), host => $bind_host,
keystone_host => hiera('CONFIG_KEYSTONE_HOST_URL'),
keystone_password => hiera('CONFIG_CEILOMETER_KS_PW'), keystone_password => hiera('CONFIG_CEILOMETER_KS_PW'),
} }

2
packstack/puppet/templates/ceilometer_qpid.pp
View File

@@ -1,6 +1,6 @@
class { '::ceilometer': class { '::ceilometer':
metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), metering_secret => hiera('CONFIG_CEILOMETER_SECRET'),
qpid_hostname => hiera('CONFIG_AMQP_HOST'), qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'),
qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'),
qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'),
rpc_backend => 'ceilometer.openstack.common.rpc.impl_qpid', rpc_backend => 'ceilometer.openstack.common.rpc.impl_qpid',

2
packstack/puppet/templates/ceilometer_rabbitmq.pp
View File

@@ -2,7 +2,7 @@ class { '::ceilometer':
metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), metering_secret => hiera('CONFIG_CEILOMETER_SECRET'),
verbose => true, verbose => true,
debug => hiera('CONFIG_DEBUG_MODE'), debug => hiera('CONFIG_DEBUG_MODE'),
rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_host => hiera('CONFIG_AMQP_HOST_URL'),
rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'),

12
packstack/puppet/templates/cinder.pp
View File

@@ -1,16 +1,22 @@
cinder_config { cinder_config {
'DEFAULT/glance_host': value => hiera('CONFIG_STORAGE_HOST'); 'DEFAULT/glance_host': value => hiera('CONFIG_STORAGE_HOST_URL');
} }
package { 'python-keystone': package { 'python-keystone':
notify => Class['cinder::api'], notify => Class['cinder::api'],
} }
$bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0',
'ipv4' => '0.0.0.0',
}
class { '::cinder::api': class { '::cinder::api':
bind_host => $bind_host,
keystone_password => hiera('CONFIG_CINDER_KS_PW'), keystone_password => hiera('CONFIG_CINDER_KS_PW'),
keystone_tenant => 'services', keystone_tenant => 'services',
keystone_user => 'cinder', keystone_user => 'cinder',
keystone_auth_host => hiera('CONFIG_CONTROLLER_HOST'), keystone_auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'),
} }
class { '::cinder::scheduler': } class { '::cinder::scheduler': }
@@ -19,7 +25,7 @@ class { '::cinder::volume': }
class { '::cinder::client': } class { '::cinder::client': }
$cinder_config_controller_host = hiera('CONFIG_CONTROLLER_HOST') $cinder_config_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL')
# Cinder::Type requires keystone credentials # Cinder::Type requires keystone credentials
Cinder::Type { Cinder::Type {

2
packstack/puppet/templates/cinder_backup.pp
View File

@@ -1,6 +1,6 @@
class { '::cinder::backup': } class { '::cinder::backup': }
$cinder_backup_conf_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $cinder_backup_conf_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::cinder::backup::swift': class { '::cinder::backup::swift':
backup_swift_url => "http://${cinder_config_controller_host}:8080/v1/AUTH_", backup_swift_url => "http://${cinder_config_controller_host}:8080/v1/AUTH_",

2
packstack/puppet/templates/cinder_lvm.pp
View File

@@ -80,7 +80,7 @@ file_line { 'snapshot_autoextend_percent':
} }
cinder::backend::iscsi { 'lvm': cinder::backend::iscsi { 'lvm':
iscsi_ip_address => hiera('CONFIG_STORAGE_HOST'), iscsi_ip_address => hiera('CONFIG_STORAGE_HOST_URL'),
require => Package['lvm2'], require => Package['lvm2'],
} }

4
packstack/puppet/templates/cinder_qpid.pp
View File

@@ -1,9 +1,9 @@
$cinder_qpid_cfg_cinder_db_pw = hiera('CONFIG_CINDER_DB_PW') $cinder_qpid_cfg_cinder_db_pw = hiera('CONFIG_CINDER_DB_PW')
$cinder_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') $cinder_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
class { '::cinder': class { '::cinder':
rpc_backend => 'cinder.openstack.common.rpc.impl_qpid', rpc_backend => 'cinder.openstack.common.rpc.impl_qpid',
qpid_hostname => hiera('CONFIG_AMQP_HOST'), qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'),
qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'),
qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'),

4
packstack/puppet/templates/cinder_rabbitmq.pp
View File

@@ -1,8 +1,8 @@
$cinder_rab_cfg_cinder_db_pw = hiera('CONFIG_CINDER_DB_PW') $cinder_rab_cfg_cinder_db_pw = hiera('CONFIG_CINDER_DB_PW')
$cinder_rab_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') $cinder_rab_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
class { '::cinder': class { '::cinder':
rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_host => hiera('CONFIG_AMQP_HOST_URL'),
rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'),

18
packstack/puppet/templates/glance.pp
View File

@@ -1,8 +1,21 @@
$glance_ks_pw = hiera('CONFIG_GLANCE_DB_PW') $glance_ks_pw = hiera('CONFIG_GLANCE_DB_PW')
$glance_mariadb_host = hiera('CONFIG_MARIADB_HOST') $glance_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
$glance_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $glance_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
# glance option bind_host requires address without brackets
$bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0',
'ipv4' => '0.0.0.0',
}
# magical hack for magical config - glance option registry_host requires brackets
$registry_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '[::0]',
'ipv4' => '0.0.0.0',
}
class { '::glance::api': class { '::glance::api':
bind_host => $bind_host,
registry_host => $registry_host,
auth_uri => "http://${glance_cfg_ctrl_host}:5000/", auth_uri => "http://${glance_cfg_ctrl_host}:5000/",
identity_uri => "http://${glance_cfg_ctrl_host}:35357", identity_uri => "http://${glance_cfg_ctrl_host}:35357",
keystone_tenant => 'services', keystone_tenant => 'services',
@@ -18,6 +31,7 @@ class { '::glance::api':
class { '::glance::registry': class { '::glance::registry':
auth_uri => "http://${glance_cfg_ctrl_host}:5000/", auth_uri => "http://${glance_cfg_ctrl_host}:5000/",
identity_uri => "http://${glance_cfg_ctrl_host}:35357", identity_uri => "http://${glance_cfg_ctrl_host}:35357",
bind_host => $bind_host,
keystone_tenant => 'services', keystone_tenant => 'services',
keystone_user => 'glance', keystone_user => 'glance',
keystone_password => hiera('CONFIG_GLANCE_KS_PW'), keystone_password => hiera('CONFIG_GLANCE_KS_PW'),

2
packstack/puppet/templates/glance_ceilometer_qpid.pp
View File

@@ -2,7 +2,7 @@
class { '::glance::notify::qpid': class { '::glance::notify::qpid':
qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'),
qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'),
qpid_hostname => hiera('CONFIG_AMQP_HOST'), qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'),
qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'),
} }

2
packstack/puppet/templates/glance_ceilometer_rabbitmq.pp
View File

@@ -1,6 +1,6 @@
class { '::glance::notify::rabbitmq': class { '::glance::notify::rabbitmq':
rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_host => hiera('CONFIG_AMQP_HOST_URL'),
rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'),

2
packstack/puppet/templates/glance_swift.pp
View File

@@ -1,4 +1,4 @@
$gla_bd_ct_h = hiera('CONFIG_CONTROLLER_HOST') $gla_bd_ct_h = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::glance::backend::swift': class { '::glance::backend::swift':
swift_store_user => 'services:glance', swift_store_user => 'services:glance',

2
packstack/puppet/templates/heat.pp
View File

@@ -1,7 +1,7 @@
class { '::heat::api': } class { '::heat::api': }
$heat_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $heat_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::heat::engine': class { '::heat::engine':
heat_metadata_server_url => "http://${heat_cfg_ctrl_host}:8000", heat_metadata_server_url => "http://${heat_cfg_ctrl_host}:8000",

3
packstack/puppet/templates/heat_cfn.pp
View File

@@ -1,7 +1,7 @@
class { '::heat::api_cfn': } class { '::heat::api_cfn': }
$heat_cfn_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $heat_cfn_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::heat::keystone::auth_cfn': class { '::heat::keystone::auth_cfn':
admin_address => $heat_cfn_cfg_ctrl_host, admin_address => $heat_cfn_cfg_ctrl_host,
@@ -9,4 +9,3 @@ class { '::heat::keystone::auth_cfn':
internal_address => $heat_cfn_cfg_ctrl_host, internal_address => $heat_cfn_cfg_ctrl_host,
password => hiera('CONFIG_HEAT_KS_PW'), password => hiera('CONFIG_HEAT_KS_PW'),
} }

6
packstack/puppet/templates/heat_qpid.pp
View File

@@ -1,6 +1,6 @@
$heat_qpid_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $heat_qpid_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
$heat_qpid_cfg_heat_db_pw = hiera('CONFIG_HEAT_DB_PW') $heat_qpid_cfg_heat_db_pw = hiera('CONFIG_HEAT_DB_PW')
$heat_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') $heat_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
class { '::heat': class { '::heat':
keystone_host => $heat_cfn_cfg_ctrl_host, keystone_host => $heat_cfn_cfg_ctrl_host,
@@ -8,7 +8,7 @@ class { '::heat':
auth_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", auth_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0",
keystone_ec2_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", keystone_ec2_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0",
rpc_backend => 'heat.openstack.common.rpc.impl_qpid', rpc_backend => 'heat.openstack.common.rpc.impl_qpid',
qpid_hostname => hiera('CONFIG_AMQP_HOST'), qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'),
qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'),
qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'),
qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),

6
packstack/puppet/templates/heat_rabbitmq.pp
View File

@@ -1,6 +1,6 @@
$heat_rabbitmq_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $heat_rabbitmq_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
$heat_rabbitmq_cfg_heat_db_pw = hiera('CONFIG_HEAT_DB_PW') $heat_rabbitmq_cfg_heat_db_pw = hiera('CONFIG_HEAT_DB_PW')
$heat_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') $heat_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
class { '::heat': class { '::heat':
keystone_host => $heat_rabbitmq_cfg_ctrl_host, keystone_host => $heat_rabbitmq_cfg_ctrl_host,
@@ -8,7 +8,7 @@ class { '::heat':
auth_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", auth_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0",
keystone_ec2_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", keystone_ec2_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0",
rpc_backend => 'heat.openstack.common.rpc.impl_kombu', rpc_backend => 'heat.openstack.common.rpc.impl_kombu',
rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_host => hiera('CONFIG_AMQP_HOST_URL'),
rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'),

11
packstack/puppet/templates/horizon.pp
View File

@@ -1,6 +1,6 @@
include ::packstack::apache_common include ::packstack::apache_common
$keystone_host = hiera('CONFIG_CONTROLLER_HOST') $keystone_host = hiera('CONFIG_KEYSTONE_HOST_URL')
$horizon_packages = ['python-memcached', 'python-netaddr'] $horizon_packages = ['python-memcached', 'python-netaddr']
@@ -14,6 +14,11 @@ $is_django_debug = hiera('CONFIG_DEBUG_MODE') ? {
false => 'False', false => 'False',
} }
$bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0',
'ipv4' => '0.0.0.0',
}
class {'::horizon': class {'::horizon':
secret_key => hiera('CONFIG_HORIZON_SECRET_KEY'), secret_key => hiera('CONFIG_HORIZON_SECRET_KEY'),
keystone_url => "http://${keystone_host}:5000/v2.0", keystone_url => "http://${keystone_host}:5000/v2.0",
@@ -68,7 +73,9 @@ if $is_horizon_ssl == true {
} }
} }
class { '::memcached': } class { '::memcached':
listen_ip => $bind_host,
}
$firewall_port = hiera('CONFIG_HORIZON_PORT') $firewall_port = hiera('CONFIG_HORIZON_PORT')

4
packstack/puppet/templates/ironic.pp
View File

@@ -1,9 +1,9 @@
ironic_config { ironic_config {
'glance/glance_host': value => hiera('CONFIG_STORAGE_HOST'); 'glance/glance_host': value => hiera('CONFIG_STORAGE_HOST_URL');
} }
class { '::ironic::api': class { '::ironic::api':
auth_host => hiera('CONFIG_CONTROLLER_HOST'), auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'),
admin_password => hiera('CONFIG_IRONIC_KS_PW'), admin_password => hiera('CONFIG_IRONIC_KS_PW'),
} }

4
packstack/puppet/templates/ironic_qpid.pp
View File

@@ -1,9 +1,9 @@
$ironic_qpid_cfg_ironic_db_pw = hiera('CONFIG_IRONIC_DB_PW') $ironic_qpid_cfg_ironic_db_pw = hiera('CONFIG_IRONIC_DB_PW')
$ironic_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') $ironic_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
class { '::ironic': class { '::ironic':
rpc_backend => 'ironic.openstack.common.rpc.impl_qpid', rpc_backend => 'ironic.openstack.common.rpc.impl_qpid',
qpid_hostname => hiera('CONFIG_AMQP_HOST'), qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'),
qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'),
qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'),

4
packstack/puppet/templates/ironic_rabbitmq.pp
View File

@@ -1,9 +1,9 @@
$ironic_rabbitmq_cfg_ironic_db_pw = hiera('CONFIG_IRONIC_DB_PW') $ironic_rabbitmq_cfg_ironic_db_pw = hiera('CONFIG_IRONIC_DB_PW')
$ironic_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') $ironic_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
class { '::ironic': class { '::ironic':
rpc_backend => 'ironic.openstack.common.rpc.impl_kombu', rpc_backend => 'ironic.openstack.common.rpc.impl_kombu',
rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_host => hiera('CONFIG_AMQP_HOST_URL'),
rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_user => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_user => hiera('CONFIG_AMQP_AUTH_USER'),

11
packstack/puppet/templates/keystone.pp
View File

@@ -1,11 +1,15 @@
$keystone_use_ssl = false $keystone_use_ssl = false
$keystone_cfg_ks_db_pw = hiera('CONFIG_KEYSTONE_DB_PW') $keystone_cfg_ks_db_pw = hiera('CONFIG_KEYSTONE_DB_PW')
$keystone_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') $keystone_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
$keystone_endpoint_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $keystone_endpoint_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
$keystone_token_provider_str = downcase(hiera('CONFIG_KEYSTONE_TOKEN_FORMAT')) $keystone_token_provider_str = downcase(hiera('CONFIG_KEYSTONE_TOKEN_FORMAT'))
$keystone_api_version_str = hiera('CONFIG_KEYSTONE_API_VERSION') $keystone_api_version_str = hiera('CONFIG_KEYSTONE_API_VERSION')
$keystone_url = "http://${keystone_endpoint_cfg_ctrl_host}:5000/${keystone_api_version_str}" $keystone_url = "http://${keystone_endpoint_cfg_ctrl_host}:5000/${keystone_api_version_str}"
$keystone_admin_url = "http://${keystone_endpoint_cfg_ctrl_host}:35357/${keystone_api_version_str}" $keystone_admin_url = "http://${keystone_endpoint_cfg_ctrl_host}:35357/${keystone_api_version_str}"
$bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0',
'ipv4' => '0.0.0.0',
}
if hiera('CONFIG_KEYSTONE_SERVICE_NAME') == 'keystone' { if hiera('CONFIG_KEYSTONE_SERVICE_NAME') == 'keystone' {
$keystone_service_name = 'openstack-keystone' $keystone_service_name = 'openstack-keystone'
@@ -21,6 +25,8 @@ class { '::keystone':
debug => hiera('CONFIG_DEBUG_MODE'), debug => hiera('CONFIG_DEBUG_MODE'),
service_name => $keystone_service_name, service_name => $keystone_service_name,
enable_ssl => $keystone_use_ssl, enable_ssl => $keystone_use_ssl,
public_bind_host => $bind_host,
admin_bind_host => $bind_host,
} }
if $keystone_service_name == 'httpd' { if $keystone_service_name == 'httpd' {
@@ -119,4 +125,3 @@ service { 'crond':
ensure => 'running', ensure => 'running',
enable => true, enable => true,
} }

6
packstack/puppet/templates/keystone_ceilometer.pp
View File

@@ -2,7 +2,7 @@
class { '::ceilometer::keystone::auth': class { '::ceilometer::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_CEILOMETER_KS_PW'), password => hiera('CONFIG_CEILOMETER_KS_PW'),
public_address => hiera('CONFIG_CONTROLLER_HOST'), public_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
admin_address => hiera('CONFIG_CONTROLLER_HOST'), admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
internal_address => hiera('CONFIG_CONTROLLER_HOST'), internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
} }

6
packstack/puppet/templates/keystone_cinder.pp
View File

@@ -2,8 +2,8 @@
class { '::cinder::keystone::auth': class { '::cinder::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_CINDER_KS_PW'), password => hiera('CONFIG_CINDER_KS_PW'),
public_address => hiera('CONFIG_STORAGE_HOST'), public_address => hiera('CONFIG_STORAGE_HOST_URL'),
admin_address => hiera('CONFIG_STORAGE_HOST'), admin_address => hiera('CONFIG_STORAGE_HOST_URL'),
internal_address => hiera('CONFIG_STORAGE_HOST'), internal_address => hiera('CONFIG_STORAGE_HOST_URL'),
} }

6
packstack/puppet/templates/keystone_glance.pp
View File

@@ -2,7 +2,7 @@
class { '::glance::keystone::auth': class { '::glance::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_GLANCE_KS_PW'), password => hiera('CONFIG_GLANCE_KS_PW'),
public_address => hiera('CONFIG_STORAGE_HOST'), public_address => hiera('CONFIG_STORAGE_HOST_URL'),
admin_address => hiera('CONFIG_STORAGE_HOST'), admin_address => hiera('CONFIG_STORAGE_HOST_URL'),
internal_address => hiera('CONFIG_STORAGE_HOST'), internal_address => hiera('CONFIG_STORAGE_HOST_URL'),
} }

12
packstack/puppet/templates/keystone_heat.pp
View File

@@ -2,9 +2,9 @@
class { '::heat::keystone::auth': class { '::heat::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_HEAT_KS_PW'), password => hiera('CONFIG_HEAT_KS_PW'),
public_address => hiera('CONFIG_CONTROLLER_HOST'), public_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
admin_address => hiera('CONFIG_CONTROLLER_HOST'), admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
internal_address => hiera('CONFIG_CONTROLLER_HOST'), internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
configure_delegated_roles => true, configure_delegated_roles => true,
} }
@@ -14,8 +14,8 @@ if $is_heat_cfn_install == 'y' {
# heat::keystone::cfn # heat::keystone::cfn
class { '::heat::keystone::auth_cfn': class { '::heat::keystone::auth_cfn':
password => hiera('CONFIG_HEAT_KS_PW'), password => hiera('CONFIG_HEAT_KS_PW'),
public_address => hiera('CONFIG_CONTROLLER_HOST'), public_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
admin_address => hiera('CONFIG_CONTROLLER_HOST'), admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
internal_address => hiera('CONFIG_CONTROLLER_HOST'), internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
} }
} }

6
packstack/puppet/templates/keystone_ironic.pp
View File

@@ -2,8 +2,8 @@
class { '::ironic::keystone::auth': class { '::ironic::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_IRONIC_KS_PW'), password => hiera('CONFIG_IRONIC_KS_PW'),
public_address => hiera('CONFIG_CONTROLLER_HOST'), public_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
admin_address => hiera('CONFIG_CONTROLLER_HOST'), admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
internal_address => hiera('CONFIG_CONTROLLER_HOST'), internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
} }

6
packstack/puppet/templates/keystone_manila.pp
View File

@@ -1,7 +1,7 @@
class { '::manila::keystone::auth': class { '::manila::keystone::auth':
password => hiera('CONFIG_MANILA_KS_PW'), password => hiera('CONFIG_MANILA_KS_PW'),
public_address => hiera('CONFIG_CONTROLLER_HOST'), public_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
admin_address => hiera('CONFIG_CONTROLLER_HOST'), admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
internal_address => hiera('CONFIG_CONTROLLER_HOST'), internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
} }

6
packstack/puppet/templates/keystone_neutron.pp
View File

@@ -2,7 +2,7 @@
class { '::neutron::keystone::auth': class { '::neutron::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_NEUTRON_KS_PW'), password => hiera('CONFIG_NEUTRON_KS_PW'),
public_address => hiera('CONFIG_CONTROLLER_HOST'), public_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
admin_address => hiera('CONFIG_CONTROLLER_HOST'), admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
internal_address => hiera('CONFIG_CONTROLLER_HOST'), internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
} }

6
packstack/puppet/templates/keystone_nova.pp
View File

@@ -2,7 +2,7 @@
class { '::nova::keystone::auth': class { '::nova::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_NOVA_KS_PW'), password => hiera('CONFIG_NOVA_KS_PW'),
public_address => hiera('CONFIG_CONTROLLER_HOST'), public_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
admin_address => hiera('CONFIG_CONTROLLER_HOST'), admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
internal_address => hiera('CONFIG_CONTROLLER_HOST'), internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
} }

2
packstack/puppet/templates/keystone_swift.pp
View File

@@ -1,5 +1,5 @@
class { '::swift::keystone::auth': class { '::swift::keystone::auth':
public_address => hiera('CONFIG_CONTROLLER_HOST'), public_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_SWIFT_KS_PW'), password => hiera('CONFIG_SWIFT_KS_PW'),
} }

6
packstack/puppet/templates/keystone_trove.pp
View File

@@ -2,7 +2,7 @@
class { '::trove::keystone::auth': class { '::trove::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_TROVE_KS_PW'), password => hiera('CONFIG_TROVE_KS_PW'),
public_address => hiera('CONFIG_CONTROLLER_HOST'), public_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
admin_address => hiera('CONFIG_CONTROLLER_HOST'), admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
internal_address => hiera('CONFIG_CONTROLLER_HOST'), internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'),
} }

10
packstack/puppet/templates/manila.pp
View File

@@ -1,16 +1,22 @@
manila_config { manila_config {
'DEFAULT/glance_host': value => hiera('CONFIG_CONTROLLER_HOST'); 'DEFAULT/glance_host': value => hiera('CONFIG_STORAGE_HOST_URL');
} }
package { 'python-keystone': package { 'python-keystone':
notify => Class['manila::api'], notify => Class['manila::api'],
} }
$bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0',
'ipv4' => '0.0.0.0',
}
class { '::manila::api': class { '::manila::api':
bind_host => $bind_host,
keystone_password => hiera('CONFIG_MANILA_KS_PW'), keystone_password => hiera('CONFIG_MANILA_KS_PW'),
keystone_tenant => 'services', keystone_tenant => 'services',
keystone_user => 'manila', keystone_user => 'manila',
keystone_auth_host => hiera('CONFIG_CONTROLLER_HOST'), keystone_auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'),
} }
class { '::manila::network::neutron': class { '::manila::network::neutron':

4
packstack/puppet/templates/manila_qpid.pp
View File

@@ -1,10 +1,10 @@
$db_pw = hiera('CONFIG_MANILA_DB_PW') $db_pw = hiera('CONFIG_MANILA_DB_PW')
$mariadb_host = hiera('CONFIG_MARIADB_HOST') $mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
class { '::manila': class { '::manila':
rpc_backend => 'manila.openstack.common.rpc.impl_qpid', rpc_backend => 'manila.openstack.common.rpc.impl_qpid',
qpid_hostname => hiera('CONFIG_AMQP_HOST'), qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'),
qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'),
qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'),

4
packstack/puppet/templates/manila_rabbitmq.pp
View File

@@ -1,9 +1,9 @@
$db_pw = hiera('CONFIG_MANILA_DB_PW') $db_pw = hiera('CONFIG_MANILA_DB_PW')
$mariadb_host = hiera('CONFIG_MARIADB_HOST') $mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
class { '::manila': class { '::manila':
rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_host => hiera('CONFIG_AMQP_HOST_URL'),
rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'),

16
packstack/puppet/templates/mariadb_install.pp
View File

@@ -4,13 +4,27 @@ package { 'mariadb-server':
ensure => absent, ensure => absent,
} }
$bind_address = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::',
'ipv4' => '0.0.0.0',
}
# hack around galera packaging issue, they are duplicating
# bind-address config option in galera.cnf
class { '::galera::server':
wsrep_bind_address => $bind_address,
manage_service => false,
wsrep_provider => 'none',
create_mysql_resource => false,
}
class { '::mysql::server': class { '::mysql::server':
package_name => 'mariadb-galera-server', package_name => 'mariadb-galera-server',
restart => true, restart => true,
root_password => hiera('CONFIG_MARIADB_PW'), root_password => hiera('CONFIG_MARIADB_PW'),
require => Package['mariadb-server'], require => Package['mariadb-server'],
override_options => { override_options => {
'mysqld' => { bind_address => '0.0.0.0', 'mysqld' => { bind_address => $bind_address,
default_storage_engine => 'InnoDB', default_storage_engine => 'InnoDB',
max_connections => '1024', max_connections => '1024',
open_files_limit => '-1', open_files_limit => '-1',

6
packstack/puppet/templates/mongodb.pp
View File

@@ -1,7 +1,11 @@
$mongodb_host = hiera('CONFIG_MONGODB_HOST') $mongodb_host = hiera('CONFIG_MONGODB_HOST')
class { '::mongodb::server': class { '::mongodb::server':
ipv6 => hiera('CONFIG_IP_VERSION') ? {
'ipv6' => true,
default => false,
},
smallfiles => true, smallfiles => true,
bind_ip => [$mongodb_host], bind_ip => $mongodb_host,
} }

2
packstack/puppet/templates/nagios_server.pp
View File

@@ -54,7 +54,7 @@ class nagios_configs(){
} }
$nagios_cfg_ks_adm_pw = hiera('CONFIG_KEYSTONE_ADMIN_PW') $nagios_cfg_ks_adm_pw = hiera('CONFIG_KEYSTONE_ADMIN_PW')
$nagios_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $nagios_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
file { '/etc/nagios/keystonerc_admin': file { '/etc/nagios/keystonerc_admin':
ensure => file, ensure => file,

2
packstack/puppet/templates/neutron.pp
View File

@@ -1,4 +1,4 @@
$neutron_db_host = hiera('CONFIG_MARIADB_HOST') $neutron_db_host = hiera('CONFIG_MARIADB_HOST_URL')
$neutron_db_name = hiera('CONFIG_NEUTRON_L2_DBNAME') $neutron_db_name = hiera('CONFIG_NEUTRON_L2_DBNAME')
$neutron_db_user = 'neutron' $neutron_db_user = 'neutron'
$neutron_db_password = hiera('CONFIG_NEUTRON_DB_PW') $neutron_db_password = hiera('CONFIG_NEUTRON_DB_PW')

2
packstack/puppet/templates/neutron_api.pp
View File

@@ -1,7 +1,7 @@
class { '::neutron::server': class { '::neutron::server':
database_connection => $neutron_sql_connection, database_connection => $neutron_sql_connection,
auth_password => $neutron_user_password, auth_password => $neutron_user_password,
auth_host => hiera('CONFIG_CONTROLLER_HOST'), auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'),
enabled => true, enabled => true,
} }

4
packstack/puppet/templates/neutron_metadata.pp
View File

@@ -1,10 +1,10 @@
$neutron_metadata_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $neutron_metadata_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::neutron::agents::metadata': class { '::neutron::agents::metadata':
auth_password => hiera('CONFIG_NEUTRON_KS_PW'), auth_password => hiera('CONFIG_NEUTRON_KS_PW'),
auth_url => "http://${neutron_metadata_cfg_ctrl_host}:35357/v2.0", auth_url => "http://${neutron_metadata_cfg_ctrl_host}:35357/v2.0",
auth_region => hiera('CONFIG_KEYSTONE_REGION'), auth_region => hiera('CONFIG_KEYSTONE_REGION'),
shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW'), shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW'),
metadata_ip => hiera('CONFIG_CONTROLLER_HOST'), metadata_ip => hiera('CONFIG_KEYSTONE_HOST_URL'),
debug => hiera('CONFIG_DEBUG_MODE'), debug => hiera('CONFIG_DEBUG_MODE'),
} }

2
packstack/puppet/templates/neutron_notifications.pp
View File

@@ -1,4 +1,4 @@
$neutron_notif_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $neutron_notif_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
# Configure nova notifications system # Configure nova notifications system
class { '::neutron::server::notifications': class { '::neutron::server::notifications':

7
packstack/puppet/templates/neutron_qpid.pp
View File

@@ -1,7 +1,12 @@
$bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0',
'ipv4' => '0.0.0.0',
}
class { '::neutron': class { '::neutron':
bind_host => $bind_host,
rpc_backend => 'neutron.openstack.common.rpc.impl_qpid', rpc_backend => 'neutron.openstack.common.rpc.impl_qpid',
qpid_hostname => hiera('CONFIG_AMQP_HOST'), qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'),
qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'),
qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'),
qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),

7
packstack/puppet/templates/neutron_rabbitmq.pp
View File

@@ -1,6 +1,11 @@
$bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0',
'ipv4' => '0.0.0.0',
}
class { '::neutron': class { '::neutron':
rabbit_host => hiera('CONFIG_AMQP_HOST'), bind_host => $bind_host,
rabbit_host => hiera('CONFIG_AMQP_HOST_URL'),
rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_user => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_user => hiera('CONFIG_AMQP_AUTH_USER'),

9
packstack/puppet/templates/nova_api.pp
View File

@@ -1,8 +1,15 @@
require 'keystone::python' require 'keystone::python'
$bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0',
'ipv4' => '0.0.0.0',
}
class { '::nova::api': class { '::nova::api':
api_bind_address => $bind_host,
metadata_listen => $bind_host,
enabled => true, enabled => true,
auth_host => hiera('CONFIG_CONTROLLER_HOST'), auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'),
admin_password => hiera('CONFIG_NOVA_KS_PW'), admin_password => hiera('CONFIG_NOVA_KS_PW'),
neutron_metadata_proxy_shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW_UNQUOTED'), neutron_metadata_proxy_shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW_UNQUOTED'),
} }

2
packstack/puppet/templates/nova_ceilometer.pp
View File

@@ -1,4 +1,4 @@
$nova_ceil_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $nova_ceil_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::ceilometer::agent::auth': class { '::ceilometer::agent::auth':
auth_url => "http://${nova_ceil_cfg_ctrl_host}:35357/v2.0", auth_url => "http://${nova_ceil_cfg_ctrl_host}:35357/v2.0",

2
packstack/puppet/templates/nova_ceilometer_qpid.pp
View File

@@ -1,7 +1,7 @@
class { '::ceilometer': class { '::ceilometer':
metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), metering_secret => hiera('CONFIG_CEILOMETER_SECRET'),
qpid_hostname => hiera('CONFIG_AMQP_HOST'), qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'),
qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'),
qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'),
qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),

2
packstack/puppet/templates/nova_ceilometer_rabbitmq.pp
View File

@@ -1,7 +1,7 @@
class { '::ceilometer': class { '::ceilometer':
metering_secret => hiera('CONFIG_CEILOMETER_SECRET'), metering_secret => hiera('CONFIG_CEILOMETER_SECRET'),
rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_host => hiera('CONFIG_AMQP_HOST_URL'),
rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'),

4
packstack/puppet/templates/nova_common_qpid.pp
View File

@@ -7,11 +7,11 @@ $public_key = {
key => hiera('NOVA_MIGRATION_KEY_PUBLIC'), key => hiera('NOVA_MIGRATION_KEY_PUBLIC'),
} }
$nova_common_qpid_cfg_storage_host = hiera('CONFIG_STORAGE_HOST') $nova_common_qpid_cfg_storage_host = hiera('CONFIG_STORAGE_HOST_URL')
class { '::nova': class { '::nova':
glance_api_servers => "${nova_common_qpid_cfg_storage_host}:9292", glance_api_servers => "${nova_common_qpid_cfg_storage_host}:9292",
qpid_hostname => hiera('CONFIG_AMQP_HOST'), qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'),
qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'),
qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), qpid_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'),
rpc_backend => 'nova.openstack.common.rpc.impl_qpid', rpc_backend => 'nova.openstack.common.rpc.impl_qpid',

4
packstack/puppet/templates/nova_common_rabbitmq.pp
View File

@@ -7,11 +7,11 @@ $public_key = {
key => hiera('NOVA_MIGRATION_KEY_PUBLIC'), key => hiera('NOVA_MIGRATION_KEY_PUBLIC'),
} }
$nova_common_rabbitmq_cfg_storage_host = hiera('CONFIG_STORAGE_HOST') $nova_common_rabbitmq_cfg_storage_host = hiera('CONFIG_STORAGE_HOST_URL')
class { '::nova': class { '::nova':
glance_api_servers => "${nova_common_rabbitmq_cfg_storage_host}:9292", glance_api_servers => "${nova_common_rabbitmq_cfg_storage_host}:9292",
rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_host => hiera('CONFIG_AMQP_HOST_URL'),
rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'),

2
packstack/puppet/templates/nova_compute.pp
View File

@@ -48,7 +48,7 @@ if ($::fqdn == '' or $::fqdn =~ /localhost/) {
class { '::nova::compute': class { '::nova::compute':
enabled => true, enabled => true,
vncproxy_host => hiera('CONFIG_CONTROLLER_HOST'), vncproxy_host => hiera('CONFIG_KEYSTONE_HOST_URL'),
vncproxy_protocol => $vncproxy_protocol, vncproxy_protocol => $vncproxy_protocol,
vncserver_proxyclient_address => $vncproxy_server, vncserver_proxyclient_address => $vncproxy_server,
compute_manager => hiera('CONFIG_NOVA_COMPUTE_MANAGER'), compute_manager => hiera('CONFIG_NOVA_COMPUTE_MANAGER'),

2
packstack/puppet/templates/nova_compute_ironic.pp
View File

@@ -1,4 +1,4 @@
$ironic_config_controller_host = hiera('CONFIG_CONTROLLER_HOST') $ironic_config_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::nova::compute::ironic': class { '::nova::compute::ironic':
admin_user => 'ironic', admin_user => 'ironic',

7
packstack/puppet/templates/nova_compute_libvirt.pp
View File

@@ -18,10 +18,15 @@ exec { 'qemu-kvm':
before => Class['nova::compute::libvirt'], before => Class['nova::compute::libvirt'],
} }
$libvirt_vnc_bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0',
'ipv4' => '0.0.0.0',
}
class { '::nova::compute::libvirt': class { '::nova::compute::libvirt':
libvirt_virt_type => $libvirt_virt_type, libvirt_virt_type => $libvirt_virt_type,
libvirt_cpu_mode => $libvirt_cpu_mode, libvirt_cpu_mode => $libvirt_cpu_mode,
vncserver_listen => '0.0.0.0', vncserver_listen => $libvirt_vnc_bind_host,
migration_support => true, migration_support => true,
libvirt_inject_partition => '-1', libvirt_inject_partition => '-1',
} }

2
packstack/puppet/templates/nova_neutron.pp
View File

@@ -1,5 +1,5 @@
$nova_neutron_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $nova_neutron_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::nova::network::neutron': class { '::nova::network::neutron':
neutron_admin_password => hiera('CONFIG_NEUTRON_KS_PW'), neutron_admin_password => hiera('CONFIG_NEUTRON_KS_PW'),

12
packstack/puppet/templates/nova_vncproxy.pp
View File

@@ -10,18 +10,14 @@ if $is_horizon_ssl == true {
} }
} }
if $vncproxy_protocol == undef { $vnc_bind_host = hiera('CONFIG_IP_VERSION') ? {
$vncproxy_protocol = $is_horizon_ssl ? { 'ipv6' => '::0',
true => 'https', 'ipv4' => '0.0.0.0',
false => 'http',
default => 'http',
}
} }
class { '::nova::vncproxy': class { '::nova::vncproxy':
enabled => true, enabled => true,
host => hiera('CONFIG_CONTROLLER_HOST'), host => $vnc_bind_host,
vncproxy_protocol => $vncproxy_protocol,
} }
class { '::nova::consoleauth': class { '::nova::consoleauth':

8
packstack/puppet/templates/provision_demo.pp
View File

@@ -19,6 +19,7 @@
$setup_ovs_bridge = hiera('CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') $setup_ovs_bridge = hiera('CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE')
$public_bridge_name = hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE') $public_bridge_name = hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE')
$provision_neutron_avail = hiera('PROVISION_NEUTRON_AVAILABLE') $provision_neutron_avail = hiera('PROVISION_NEUTRON_AVAILABLE')
$ip_version = hiera('CONFIG_IP_VERSION')
## Users ## Users
@@ -42,8 +43,9 @@
} }
## Neutron ## Neutron
# IPv6 support is not yet available for public network in packstack. It can
if $provision_neutron_avail { # be done manually. Here we just ensure that we don't fail.
if $provision_neutron_avail and $ip_version != 'ipv6' {
$neutron_deps = [Neutron_network[$public_network_name]] $neutron_deps = [Neutron_network[$public_network_name]]
neutron_network { $public_network_name: neutron_network { $public_network_name:
@@ -89,7 +91,7 @@
} }
} }
if $setup_ovs_bridge { if $setup_ovs_bridge and $ip_version != 'ipv6' {
firewall { '000 nat': firewall { '000 nat':
chain => 'POSTROUTING', chain => 'POSTROUTING',
jump => 'MASQUERADE', jump => 'MASQUERADE',

12
packstack/puppet/templates/sahara.pp
View File

@@ -1,18 +1,18 @@
$sahara_cfg_sahara_db_pw = hiera('CONFIG_SAHARA_DB_PW') $sahara_cfg_sahara_db_pw = hiera('CONFIG_SAHARA_DB_PW')
$sahara_cfg_sahara_mariadb_host = hiera('CONFIG_MARIADB_HOST') $sahara_cfg_sahara_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
$sahara_cfg_config_neutron_install = hiera('CONFIG_NEUTRON_INSTALL') $sahara_cfg_config_neutron_install = hiera('CONFIG_NEUTRON_INSTALL')
$sahara_cfg_controller_host = hiera('CONFIG_CONTROLLER_HOST') $sahara_cfg_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::sahara': class { '::sahara':
database_connection => database_connection =>
"mysql://sahara:${sahara_cfg_sahara_db_pw}@${sahara_cfg_sahara_mariadb_host}/sahara", "mysql://sahara:${sahara_cfg_sahara_db_pw}@${sahara_cfg_sahara_mariadb_host}/sahara",
verbose => true, verbose => true,
debug => hiera('CONFIG_DEBUG_MODE'), debug => hiera('CONFIG_DEBUG_MODE'),
os_username => 'admin', keystone_username => 'admin',
os_password => hiera('CONFIG_KEYSTONE_ADMIN_PW'), keystone_password => hiera('CONFIG_KEYSTONE_ADMIN_PW'),
os_tenant_name => 'admin', keystone_tenant => 'admin',
os_auth_url => "http://${sahara_cfg_controller_host}:5000/v2.0", keystone_url => "http://${sahara_cfg_controller_host}:5000/v2.0",
identity_url => "http://${sahara_cfg_controller_host}:35357/", identity_url => "http://${sahara_cfg_controller_host}:35357/",
use_neutron => ($sahara_cfg_config_neutron_install == 'y'), use_neutron => ($sahara_cfg_config_neutron_install == 'y'),
service_host => hiera('CONFIG_SAHARA_HOST'), service_host => hiera('CONFIG_SAHARA_HOST'),

2
packstack/puppet/templates/sahara_qpid.pp
View File

@@ -1,5 +1,5 @@
class { '::sahara::notify::qpid': class { '::sahara::notify::qpid':
qpid_hostname => hiera('CONFIG_AMQP_HOST'), qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'),
qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'),
qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'),

2
packstack/puppet/templates/sahara_rabbitmq.pp
View File

@@ -1,5 +1,5 @@
class { '::sahara::notify::rabbitmq': class { '::sahara::notify::rabbitmq':
rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_host => hiera('CONFIG_AMQP_HOST_URL'),
rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'), rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'),

2
packstack/puppet/templates/swift_builder.pp
View File

@@ -8,7 +8,7 @@ class { '::swift::ringbuilder':
# sets up an rsync db that can be used to sync the ring DB # sets up an rsync db that can be used to sync the ring DB
class { '::swift::ringserver': class { '::swift::ringserver':
local_net_ip => hiera('CONFIG_CONTROLLER_HOST'), local_net_ip => hiera('CONFIG_STORAGE_HOST_URL'),
} }
if str2bool($::selinux) { if str2bool($::selinux) {

13
packstack/puppet/templates/swift_proxy.pp
View File

@@ -1,10 +1,17 @@
package { 'curl': ensure => present } package { 'curl': ensure => present }
class { '::memcached': } $bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0',
'ipv4' => '0.0.0.0',
}
class { '::memcached':
listen_ip => $bind_host,
}
class { '::swift::proxy': class { '::swift::proxy':
proxy_local_net_ip => hiera('CONFIG_CONTROLLER_HOST'), proxy_local_net_ip => hiera('CONFIG_STORAGE_HOST_URL'),
pipeline => [ pipeline => [
'catch_errors', 'catch_errors',
'bulk', 'bulk',
@@ -63,6 +70,6 @@ class { '::swift::proxy::authtoken':
admin_tenant_name => 'services', admin_tenant_name => 'services',
admin_password => hiera('CONFIG_SWIFT_KS_PW'), admin_password => hiera('CONFIG_SWIFT_KS_PW'),
# assume that the controller host is the swift api server # assume that the controller host is the swift api server
auth_host => hiera('CONFIG_CONTROLLER_HOST'), auth_host => hiera('CONFIG_STORAGE_HOST_URL'),
} }

4
packstack/puppet/templates/swift_storage.pp
View File

@@ -1,7 +1,7 @@
# install all swift storage servers together # install all swift storage servers together
class { '::swift::storage::all': class { '::swift::storage::all':
storage_local_net_ip => hiera('CONFIG_CONTROLLER_HOST'), storage_local_net_ip => hiera('CONFIG_STORAGE_HOST_URL'),
allow_versions => true, allow_versions => true,
require => Class['swift'], require => Class['swift'],
} }
@@ -16,7 +16,7 @@ if (!defined(File['/srv/node'])) {
} }
swift::ringsync{ ['account', 'container', 'object']: swift::ringsync{ ['account', 'container', 'object']:
ring_server => hiera('CONFIG_CONTROLLER_HOST'), ring_server => hiera('CONFIG_STORAGE_HOST_URL'),
before => Class['swift::storage::all'], before => Class['swift::storage::all'],
require => Class['swift'], require => Class['swift'],
} }

4
packstack/puppet/templates/trove.pp
View File

@@ -1,7 +1,7 @@
class { '::trove::api': class { '::trove::api':
enabled => true, enabled => true,
keystone_password => hiera('CONFIG_TROVE_KS_PW'), keystone_password => hiera('CONFIG_TROVE_KS_PW'),
auth_host => hiera('CONFIG_CONTROLLER_HOST'), auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'),
auth_port => 35357, auth_port => 35357,
cert_file => false, cert_file => false,
key_file => false, key_file => false,
@@ -10,7 +10,7 @@ class { '::trove::api':
debug => hiera('CONFIG_DEBUG_MODE'), debug => hiera('CONFIG_DEBUG_MODE'),
} }
$trove_cfg_ctrl_host = hiera('CONFIG_CONTROLLER_HOST') $trove_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::trove::conductor': class { '::trove::conductor':
auth_url => "http://${trove_cfg_ctrl_host}:5000/v2.0", auth_url => "http://${trove_cfg_ctrl_host}:5000/v2.0",

7
packstack/puppet/templates/trove_qpid.pp
View File

@@ -1,10 +1,10 @@
$trove_qpid_cfg_trove_db_pw = hiera('CONFIG_TROVE_DB_PW') $trove_qpid_cfg_trove_db_pw = hiera('CONFIG_TROVE_DB_PW')
$trove_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') $trove_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
$trove_qpid_cfg_controller_host = hiera('CONFIG_CONTROLLER_HOST') $trove_qpid_cfg_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::trove': class { '::trove':
rpc_backend => 'trove.openstack.common.rpc.impl_qpid', rpc_backend => 'trove.openstack.common.rpc.impl_qpid',
qpid_hostname => hiera('CONFIG_AMQP_HOST'), qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'),
qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), qpid_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'), qpid_protocol => hiera('CONFIG_AMQP_PROTOCOL'),
qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'),
@@ -18,4 +18,3 @@ class { '::trove':
swift_url => "http://${trove_qpid_cfg_controller_host}:8080/v1/AUTH_", swift_url => "http://${trove_qpid_cfg_controller_host}:8080/v1/AUTH_",
use_neutron => hiera('CONFIG_NEUTRON_INSTALL'), use_neutron => hiera('CONFIG_NEUTRON_INSTALL'),
} }

8
packstack/puppet/templates/trove_rabbitmq.pp
View File

@@ -1,13 +1,13 @@
$trove_rabmq_cfg_trove_db_pw = hiera('CONFIG_TROVE_DB_PW') $trove_rabmq_cfg_trove_db_pw = hiera('CONFIG_TROVE_DB_PW')
$trove_rabmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST') $trove_rabmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL')
$trove_rabmq_cfg_controller_host = hiera('CONFIG_CONTROLLER_HOST') $trove_rabmq_cfg_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::trove': class { '::trove':
rpc_backend => 'trove.openstack.common.rpc.impl_kombu', rpc_backend => 'trove.openstack.common.rpc.impl_kombu',
rabbit_host => hiera('CONFIG_AMQP_HOST'), rabbit_host => hiera('CONFIG_AMQP_HOST_URL'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'),
rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'), rabbit_userid => hiera('CONFIG_AMQP_AUTH_USER'),
rabbit_use_ssl => hiera('CONFIG_AMQP_ENABLE_SSL'),
rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'), rabbit_password => hiera('CONFIG_AMQP_AUTH_PASSWORD'),
database_connection => "mysql://trove:${trove_rabmq_cfg_trove_db_pw}@${trove_rabmq_cfg_mariadb_host}/trove", database_connection => "mysql://trove:${trove_rabmq_cfg_trove_db_pw}@${trove_rabmq_cfg_mariadb_host}/trove",
nova_proxy_admin_user => hiera('CONFIG_TROVE_NOVA_USER'), nova_proxy_admin_user => hiera('CONFIG_TROVE_NOVA_USER'),

2
tools/test-requires
View File

@@ -1,2 +1,4 @@
nose nose
coverage coverage
hacking>=0.9.5,<0.10
netaddr

1
tox.ini
View File

@@ -16,7 +16,6 @@ sitepackages = True
downloadcache = ~/cache/pip downloadcache = ~/cache/pip
[testenv:pep8] [testenv:pep8]
deps=hacking>=0.9.5,<0.10
commands = flake8 commands = flake8
[testenv:cover] [testenv:cover]