Provision Demo/Tempest Separation
Packstack should be able to deploy Tempest in a standalone mode or in a full configuration (with the user demo or another one given by the user). Change-Id: I4874540edd60fa87cb853cdfdc6cc169600f5a50 Fixes: rhbz#1111969
This commit is contained in:
parent
bd36954ab4
commit
d7a9e6db04
|
@ -454,6 +454,12 @@ Provision Config Parameters
|
|||
**CONFIG_PROVISION_TEMPEST**
|
||||
Whether to configure tempest for testing.
|
||||
|
||||
**CONFIG_PROVISION_TEMPEST_USER**
|
||||
The name of the Tempest Provisioning user. If you don't provide a user name, Tempest will be configured in a standalone mode. If you choose the **demo** user, packstack will use the password from **CONFIG_KEYSTONE_DEMO_PW** if **CONFIG_PROVISION_DEMO** is enabled. If not, the **CONFIG_PROVISION_TEMPEST_USER_PW** will be used.
|
||||
|
||||
**CONFIG_PROVISION_TEMPEST_USER_PW**
|
||||
The password to use for the Tempest Provisioning user.
|
||||
|
||||
**CONFIG_PROVISION_TEMPEST_REPO_REVISION**
|
||||
The revision of the tempest git repository to use.
|
||||
|
||||
|
|
|
@ -5,6 +5,7 @@ Installs and configures neutron
|
|||
"""
|
||||
|
||||
import logging
|
||||
import uuid
|
||||
|
||||
from packstack.installer import utils
|
||||
from packstack.installer import validators
|
||||
|
@ -57,6 +58,36 @@ def initConfig(controller):
|
|||
"USE_DEFAULT": False,
|
||||
"NEED_CONFIRM": False,
|
||||
"CONDITION": False},
|
||||
|
||||
{"CMD_OPTION": "provision-tempest-user",
|
||||
"USAGE": "The name of the Tempest Provisioning user. If you "
|
||||
"don't provide a user name, Tempest will be configured "
|
||||
"in a standalone mode",
|
||||
"PROMPT": ("Enter the name of the Tempest Provisioning user "
|
||||
"(if blank, "),
|
||||
"OPTION_LIST": False,
|
||||
"VALIDATORS": False,
|
||||
"DEFAULT_VALUE": "",
|
||||
"MASK_INPUT": False,
|
||||
"LOOSE_VALIDATION": True,
|
||||
"CONF_NAME": "CONFIG_PROVISION_TEMPEST_USER",
|
||||
"USE_DEFAULT": False,
|
||||
"NEED_CONFIRM": False,
|
||||
"CONDITION": False},
|
||||
|
||||
{"CMD_OPTION": "provision-tempest-user-passwd",
|
||||
"USAGE": "The password to use for the Tempest Provisioning user",
|
||||
"PROMPT": "Enter the password for the Tempest Provisioning user",
|
||||
"OPTION_LIST": [],
|
||||
"VALIDATORS": [validators.validate_not_empty],
|
||||
"DEFAULT_VALUE": uuid.uuid4().hex[:16],
|
||||
"MASK_INPUT": True,
|
||||
"LOOSE_VALIDATION": False,
|
||||
"CONF_NAME": "CONFIG_PROVISION_TEMPEST_USER_PW",
|
||||
"USE_DEFAULT": False,
|
||||
"NEED_CONFIRM": True,
|
||||
"CONDITION": False},
|
||||
|
||||
],
|
||||
|
||||
"PROVISION_DEMO": [
|
||||
|
@ -121,8 +152,7 @@ def initConfig(controller):
|
|||
}
|
||||
|
||||
def check_provisioning_demo(config):
|
||||
return (config.get('CONFIG_PROVISION_DEMO', 'n') == 'y' or
|
||||
config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y')
|
||||
return (config.get('CONFIG_PROVISION_DEMO', 'n') == 'y')
|
||||
|
||||
def check_provisioning_tempest(config):
|
||||
return (config.get('CONFIG_PROVISION_TEMPEST', 'n') == 'y')
|
||||
|
@ -179,22 +209,28 @@ def initConfig(controller):
|
|||
|
||||
def initSequences(controller):
|
||||
config = controller.CONF
|
||||
provisioning_required = (
|
||||
config['CONFIG_PROVISION_DEMO'] == 'y'
|
||||
or
|
||||
config['CONFIG_PROVISION_TEMPEST'] == 'y'
|
||||
)
|
||||
|
||||
if not provisioning_required:
|
||||
if (config['CONFIG_PROVISION_DEMO'] != "y" and
|
||||
config['CONFIG_PROVISION_TEMPEST'] != "y"):
|
||||
return
|
||||
|
||||
marshall_conf_bool(config, 'CONFIG_PROVISION_TEMPEST')
|
||||
marshall_conf_bool(config, 'CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE')
|
||||
|
||||
provision_steps = [
|
||||
{'title': 'Adding Provisioning manifest entries',
|
||||
'functions': [create_manifest]}
|
||||
]
|
||||
provision_steps = []
|
||||
|
||||
if config['CONFIG_PROVISION_DEMO'] == "y":
|
||||
provision_steps.append(
|
||||
{'title': 'Adding Provisioning Demo manifest entries',
|
||||
'functions': [create_demo_manifest]}
|
||||
)
|
||||
|
||||
if config['CONFIG_PROVISION_TEMPEST']:
|
||||
provision_steps.append(
|
||||
{'title': 'Adding Provisioning Tempest manifest entries',
|
||||
'functions': [create_tempest_manifest]}
|
||||
)
|
||||
|
||||
controller.addSequence("Provisioning for Demo and Testing Usage",
|
||||
[], [], provision_steps)
|
||||
|
||||
|
@ -208,9 +244,7 @@ def marshall_conf_bool(conf, key):
|
|||
conf[key] = 'false'
|
||||
|
||||
|
||||
#-------------------------- step functions --------------------------
|
||||
|
||||
def create_manifest(config, messages):
|
||||
def using_neutron(config):
|
||||
# Using the neutron or nova api servers as the provisioning target
|
||||
# will suffice for the all-in-one case.
|
||||
if config['CONFIG_NEUTRON_INSTALL'] != "y":
|
||||
|
@ -225,6 +259,19 @@ def create_manifest(config, messages):
|
|||
config['PROVISION_NEUTRON_AVAILABLE'] = config['CONFIG_NEUTRON_INSTALL']
|
||||
marshall_conf_bool(config, 'PROVISION_NEUTRON_AVAILABLE')
|
||||
|
||||
manifest_file = '%s_provision.pp' % config['CONFIG_CONTROLLER_HOST']
|
||||
manifest_data = getManifestTemplate("provision.pp")
|
||||
|
||||
#-------------------------- step functions --------------------------
|
||||
|
||||
def create_demo_manifest(config, messages):
|
||||
using_neutron(config)
|
||||
manifest_file = '%s_provision_demo.pp' % config['CONFIG_CONTROLLER_HOST']
|
||||
manifest_data = getManifestTemplate("provision_demo.pp")
|
||||
appendManifestFile(manifest_file, manifest_data)
|
||||
|
||||
|
||||
def create_tempest_manifest(config, messages):
|
||||
using_neutron(config)
|
||||
manifest_file = '%s_provision_tempest.pp' % \
|
||||
config['CONFIG_CONTROLLER_HOST']
|
||||
manifest_data = getManifestTemplate("provision_tempest.pp")
|
||||
appendManifestFile(manifest_file, manifest_data)
|
||||
|
|
|
@ -0,0 +1,134 @@
|
|||
## Keystone
|
||||
# non admin user
|
||||
$username = 'demo'
|
||||
$password = '%(CONFIG_KEYSTONE_DEMO_PW)s'
|
||||
$tenant_name = 'demo'
|
||||
# admin user
|
||||
$admin_username = 'admin'
|
||||
$admin_password = '%(CONFIG_KEYSTONE_ADMIN_PW)s'
|
||||
$admin_tenant_name = 'admin'
|
||||
|
||||
## Glance
|
||||
$image_name = 'cirros'
|
||||
$image_source = 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img'
|
||||
$image_ssh_user = 'cirros'
|
||||
|
||||
## Neutron
|
||||
$public_network_name = 'public'
|
||||
$public_subnet_name = 'public_subnet'
|
||||
$floating_range = '%(CONFIG_PROVISION_DEMO_FLOATRANGE)s'
|
||||
$private_network_name = 'private'
|
||||
$private_subnet_name = 'private_subnet'
|
||||
$fixed_range = '10.0.0.0/24'
|
||||
$router_name = 'router1'
|
||||
$setup_ovs_bridge = %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s
|
||||
$public_bridge_name = '%(CONFIG_PROVISION_DEMO_FLOATRANGE)s'
|
||||
|
||||
## Users
|
||||
|
||||
keystone_tenant { $tenant_name:
|
||||
ensure => present,
|
||||
enabled => true,
|
||||
description => 'default tenant',
|
||||
}
|
||||
keystone_user { $username:
|
||||
ensure => present,
|
||||
enabled => true,
|
||||
tenant => $tenant_name,
|
||||
password => $password,
|
||||
}
|
||||
|
||||
keystone_tenant { $alt_tenant_name:
|
||||
ensure => present,
|
||||
enabled => true,
|
||||
description => 'alt tenant',
|
||||
}
|
||||
keystone_user { $alt_username:
|
||||
ensure => present,
|
||||
enabled => true,
|
||||
tenant => $alt_tenant_name,
|
||||
password => $alt_password,
|
||||
}
|
||||
|
||||
## Images
|
||||
|
||||
glance_image { $image_name:
|
||||
ensure => present,
|
||||
is_public => 'yes',
|
||||
container_format => 'bare',
|
||||
disk_format => 'qcow2',
|
||||
source => $image_source,
|
||||
}
|
||||
|
||||
## Neutron
|
||||
|
||||
if %(PROVISION_NEUTRON_AVAILABLE)s {
|
||||
$neutron_deps = [Neutron_network[$public_network_name]]
|
||||
|
||||
neutron_network { $public_network_name:
|
||||
ensure => present,
|
||||
router_external => true,
|
||||
tenant_name => $admin_tenant_name,
|
||||
}
|
||||
neutron_subnet { $public_subnet_name:
|
||||
ensure => 'present',
|
||||
cidr => $floating_range,
|
||||
enable_dhcp => false,
|
||||
network_name => $public_network_name,
|
||||
tenant_name => $admin_tenant_name,
|
||||
}
|
||||
neutron_network { $private_network_name:
|
||||
ensure => present,
|
||||
tenant_name => $tenant_name,
|
||||
}
|
||||
neutron_subnet { $private_subnet_name:
|
||||
ensure => present,
|
||||
cidr => $fixed_range,
|
||||
network_name => $private_network_name,
|
||||
tenant_name => $tenant_name,
|
||||
}
|
||||
# Tenant-owned router - assumes network namespace isolation
|
||||
neutron_router { $router_name:
|
||||
ensure => present,
|
||||
tenant_name => $tenant_name,
|
||||
gateway_network_name => $public_network_name,
|
||||
# A neutron_router resource must explicitly declare a dependency on
|
||||
# the first subnet of the gateway network.
|
||||
require => Neutron_subnet[$public_subnet_name],
|
||||
}
|
||||
neutron_router_interface { "${router_name}:${private_subnet_name}":
|
||||
ensure => present,
|
||||
}
|
||||
|
||||
if $setup_ovs_bridge {
|
||||
neutron_l3_ovs_bridge { $public_bridge_name:
|
||||
ensure => present,
|
||||
subnet_name => $public_subnet_name,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s {
|
||||
firewall { '000 nat':
|
||||
chain => 'POSTROUTING',
|
||||
jump => 'MASQUERADE',
|
||||
source => $::openstack::provision::floating_range,
|
||||
outiface => $::gateway_device,
|
||||
table => 'nat',
|
||||
proto => 'all',
|
||||
}
|
||||
|
||||
firewall { '000 forward out':
|
||||
chain => 'FORWARD',
|
||||
action => 'accept',
|
||||
outiface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s',
|
||||
proto => 'all',
|
||||
}
|
||||
|
||||
firewall { '000 forward in':
|
||||
chain => 'FORWARD',
|
||||
action => 'accept',
|
||||
iniface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s',
|
||||
proto => 'all',
|
||||
}
|
||||
}
|
|
@ -1,8 +1,17 @@
|
|||
|
||||
if '%(CONFIG_PROVISION_TEMPEST_USER)s' != '' {
|
||||
## Keystone
|
||||
# non admin user
|
||||
$username = 'demo'
|
||||
$password = '%(CONFIG_KEYSTONE_DEMO_PW)s'
|
||||
$tenant_name = 'demo'
|
||||
$username = '%(CONFIG_PROVISION_TEMPEST_USER)s'
|
||||
|
||||
if '%(CONFIG_PROVISION_TEMPEST_USER)s' == 'demo' and
|
||||
'%(CONFIG_PROVISION_DEMO)s' == 'y' {
|
||||
$password = '%(CONFIG_KEYSTONE_DEMO_PW)s'
|
||||
} else {
|
||||
$password = '%(CONFIG_PROVISION_TEMPEST_USER_PW)s'
|
||||
}
|
||||
|
||||
$tenant_name = '%(CONFIG_PROVISION_TEMPEST_USER)s'
|
||||
# admin user
|
||||
$admin_username = 'admin'
|
||||
$admin_password = '%(CONFIG_KEYSTONE_ADMIN_PW)s'
|
||||
|
@ -54,6 +63,7 @@
|
|||
enabled => true,
|
||||
description => 'default tenant',
|
||||
}
|
||||
|
||||
keystone_user { $username:
|
||||
ensure => present,
|
||||
enabled => true,
|
||||
|
@ -66,6 +76,7 @@
|
|||
enabled => true,
|
||||
description => 'alt tenant',
|
||||
}
|
||||
|
||||
keystone_user { $alt_username:
|
||||
ensure => present,
|
||||
enabled => true,
|
||||
|
@ -124,6 +135,7 @@
|
|||
router_external => true,
|
||||
tenant_name => $admin_tenant_name,
|
||||
}
|
||||
|
||||
neutron_subnet { $public_subnet_name:
|
||||
ensure => 'present',
|
||||
cidr => $floating_range,
|
||||
|
@ -131,16 +143,19 @@
|
|||
network_name => $public_network_name,
|
||||
tenant_name => $admin_tenant_name,
|
||||
}
|
||||
|
||||
neutron_network { $private_network_name:
|
||||
ensure => present,
|
||||
tenant_name => $tenant_name,
|
||||
}
|
||||
|
||||
neutron_subnet { $private_subnet_name:
|
||||
ensure => present,
|
||||
cidr => $fixed_range,
|
||||
network_name => $private_network_name,
|
||||
tenant_name => $tenant_name,
|
||||
}
|
||||
|
||||
# Tenant-owned router - assumes network namespace isolation
|
||||
neutron_router { $router_name:
|
||||
ensure => present,
|
||||
|
@ -150,6 +165,7 @@
|
|||
# the first subnet of the gateway network.
|
||||
require => Neutron_subnet[$public_subnet_name],
|
||||
}
|
||||
|
||||
neutron_router_interface { "${router_name}:${private_subnet_name}":
|
||||
ensure => present,
|
||||
}
|
||||
|
@ -205,27 +221,46 @@
|
|||
}
|
||||
}
|
||||
|
||||
if %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s {
|
||||
firewall { '000 nat':
|
||||
chain => 'POSTROUTING',
|
||||
jump => 'MASQUERADE',
|
||||
source => $::openstack::provision::floating_range,
|
||||
outiface => $::gateway_device,
|
||||
table => 'nat',
|
||||
proto => 'all',
|
||||
}
|
||||
if %(CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE)s {
|
||||
firewall { '000 nat':
|
||||
chain => 'POSTROUTING',
|
||||
jump => 'MASQUERADE',
|
||||
source => $::openstack::provision::floating_range,
|
||||
outiface => $::gateway_device,
|
||||
table => 'nat',
|
||||
proto => 'all',
|
||||
}
|
||||
|
||||
firewall { '000 forward out':
|
||||
chain => 'FORWARD',
|
||||
action => 'accept',
|
||||
outiface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s',
|
||||
proto => 'all',
|
||||
}
|
||||
firewall { '000 forward out':
|
||||
chain => 'FORWARD',
|
||||
action => 'accept',
|
||||
outiface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s',
|
||||
proto => 'all',
|
||||
}
|
||||
|
||||
firewall { '000 forward in':
|
||||
chain => 'FORWARD',
|
||||
action => 'accept',
|
||||
iniface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s',
|
||||
proto => 'all',
|
||||
firewall { '000 forward in':
|
||||
chain => 'FORWARD',
|
||||
action => 'accept',
|
||||
iniface => '%(CONFIG_NEUTRON_L3_EXT_BRIDGE)s',
|
||||
proto => 'all',
|
||||
}
|
||||
}
|
||||
} else {
|
||||
## Standalone Tempest installation
|
||||
class { 'tempest':
|
||||
tempest_repo_uri => '%(CONFIG_PROVISION_TEMPEST_REPO_URI)s',
|
||||
tempest_clone_path => '/var/lib/tempest',
|
||||
tempest_clone_owner => 'root',
|
||||
setup_venv => false,
|
||||
tempest_repo_revision => '%(CONFIG_PROVISION_TEMPEST_REPO_REVISION)s',
|
||||
configure_images => false,
|
||||
configure_networks => false,
|
||||
cinder_available => undef,
|
||||
glance_available => true,
|
||||
heat_available => undef,
|
||||
horizon_available => undef,
|
||||
neutron_available => false,
|
||||
nova_available => true,
|
||||
swift_available => undef,
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue