x/packstack
Code Issues Proposed changes

Update rake version in puppet module Gemfile, fix linter

Browse Source 
We needed to update the Rake version required by the Gemfile inside
the Packstack Puppet module directory. After that, a rake lint
execution showed many linter errors, so fixing them.

Change-Id: Ib58e62768f5b71e68b79002e01f0d779d1c6138b
This commit is contained in:
Javier Pena 2020-04-30 12:34:51 +02:00 committed by Javier Peña
parent b6df8c7ad0
commit ad67a6c01b
54 changed files with 387 additions and 391 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
packstack/puppet/modules/packstack/Gemfile
View File

@ -2,9 +2,9 @@ source 'https://rubygems.org'
group :development, :test do group :development, :test do
gem 'puppetlabs_spec_helper', :require => false gem 'puppetlabs_spec_helper', :require => false
gem 'puppet-lint', '~> 0.3.2' gem 'puppet-lint', '>= 1.0.0'
gem 'rake', '10.1.1' gem 'rake', '< 13.0.0'
gem 'rspec', '< 2.99' gem 'rspec'
end end
if puppetversion = ENV['PUPPET_GEM_VERSION'] if puppetversion = ENV['PUPPET_GEM_VERSION']

96
packstack/puppet/modules/packstack/manifests/amqp.pp
View File

@ -1,86 +1,26 @@
define packstack::amqp::enable_rabbitmq {
create_resources(packstack::firewall, hiera('FIREWALL_AMQP_RULES', {}))
$amqp_enable_ssl = hiera('CONFIG_AMQP_SSL_ENABLED')
if $amqp_enable_ssl {
$kombu_ssl_ca_certs = hiera('CONFIG_AMQP_SSL_CACERT_FILE', undef)
$kombu_ssl_keyfile = '/etc/pki/tls/private/ssl_amqp.key'
$kombu_ssl_certfile = '/etc/pki/tls/certs/ssl_amqp.crt'
$files_to_set_owner = [ $kombu_ssl_keyfile, $kombu_ssl_certfile ]
file { $files_to_set_owner:
owner => 'rabbitmq',
group => 'rabbitmq',
require => Package['rabbitmq-server'],
notify => Service['rabbitmq-server'],
}
file { $kombu_ssl_ca_certs:
mode => '0644',
require => Package['rabbitmq-server'],
notify => Service['rabbitmq-server'],
}
class { '::rabbitmq':
port => undef,
ssl_port => 0 + hiera('CONFIG_AMQP_CLIENTS_PORT'),
ssl_only => true,
ssl => true,
ssl_cacert => $kombu_ssl_ca_certs,
ssl_cert => $kombu_ssl_certfile,
ssl_key => $kombu_ssl_keyfile,
default_user => hiera('CONFIG_AMQP_AUTH_USER'),
default_pass => hiera('CONFIG_AMQP_AUTH_PASSWORD'),
package_provider => 'yum',
repos_ensure => false,
admin_enable => false,
loopback_users => [],
# FIXME: it's ugly to not to require client certs
ssl_fail_if_no_peer_cert => true,
config_ranch => false,
tcp_keepalive => true,
tcp_backlog => 128,
}
} else {
class { '::rabbitmq':
port => 0 + hiera('CONFIG_AMQP_CLIENTS_PORT'),
ssl => false,
default_user => hiera('CONFIG_AMQP_AUTH_USER'),
default_pass => hiera('CONFIG_AMQP_AUTH_PASSWORD'),
package_provider => 'yum',
repos_ensure => false,
admin_enable => false,
loopback_users => [],
config_ranch => false,
tcp_keepalive => true,
tcp_backlog => 128,
}
}
}
class packstack::amqp () class packstack::amqp ()
{ {
$amqp = hiera('CONFIG_AMQP_BACKEND') $amqp = hiera('CONFIG_AMQP_BACKEND')
case $amqp { case $amqp {
'rabbitmq': { 'rabbitmq': {
packstack::amqp::enable_rabbitmq { 'rabbitmq': } packstack::amqp::enable_rabbitmq { 'rabbitmq': }
# The following kernel parameters help alleviate some RabbitMQ # The following kernel parameters help alleviate some RabbitMQ
# connection issues # connection issues
sysctl::value { 'net.ipv4.tcp_keepalive_intvl': sysctl::value { 'net.ipv4.tcp_keepalive_intvl':
value => '1', value => '1',
} }
sysctl::value { 'net.ipv4.tcp_keepalive_probes': sysctl::value { 'net.ipv4.tcp_keepalive_probes':
value => '5', value => '5',
} }
sysctl::value { 'net.ipv4.tcp_keepalive_time': sysctl::value { 'net.ipv4.tcp_keepalive_time':
value => '5', value => '5',
} }
} }
default: {} default: {}
} }
} }

59
packstack/puppet/modules/packstack/manifests/amqp/enable_rabbitmq.pp Normal file
View File

@ -0,0 +1,59 @@
define packstack::amqp::enable_rabbitmq {
create_resources(packstack::firewall, hiera('FIREWALL_AMQP_RULES', {}))
$amqp_enable_ssl = hiera('CONFIG_AMQP_SSL_ENABLED')
if $amqp_enable_ssl {
$kombu_ssl_ca_certs = hiera('CONFIG_AMQP_SSL_CACERT_FILE', undef)
$kombu_ssl_keyfile = '/etc/pki/tls/private/ssl_amqp.key'
$kombu_ssl_certfile = '/etc/pki/tls/certs/ssl_amqp.crt'
$files_to_set_owner = [ $kombu_ssl_keyfile, $kombu_ssl_certfile ]
file { $files_to_set_owner:
owner => 'rabbitmq',
group => 'rabbitmq',
require => Package['rabbitmq-server'],
notify => Service['rabbitmq-server'],
}
file { $kombu_ssl_ca_certs:
mode => '0644',
require => Package['rabbitmq-server'],
notify => Service['rabbitmq-server'],
}
class { '::rabbitmq':
port => undef,
ssl_port => 0 + hiera('CONFIG_AMQP_CLIENTS_PORT'),
ssl_only => true,
ssl => true,
ssl_cacert => $kombu_ssl_ca_certs,
ssl_cert => $kombu_ssl_certfile,
ssl_key => $kombu_ssl_keyfile,
default_user => hiera('CONFIG_AMQP_AUTH_USER'),
default_pass => hiera('CONFIG_AMQP_AUTH_PASSWORD'),
package_provider => 'yum',
repos_ensure => false,
admin_enable => false,
loopback_users => [],
# FIXME: it's ugly to not to require client certs
ssl_fail_if_no_peer_cert => true,
config_ranch => false,
tcp_keepalive => true,
tcp_backlog => 128,
}
} else {
class { '::rabbitmq':
port => 0 + hiera('CONFIG_AMQP_CLIENTS_PORT'),
ssl => false,
default_user => hiera('CONFIG_AMQP_AUTH_USER'),
default_pass => hiera('CONFIG_AMQP_AUTH_PASSWORD'),
package_provider => 'yum',
repos_ensure => false,
admin_enable => false,
loopback_users => [],
config_ranch => false,
tcp_keepalive => true,
tcp_backlog => 128,
}
}
}

2
packstack/puppet/modules/packstack/manifests/aodh.pp
View File

@ -30,7 +30,7 @@ class packstack::aodh ()
class { '::aodh::auth': class { '::aodh::auth':
auth_password => hiera('CONFIG_AODH_KS_PW'), auth_password => hiera('CONFIG_AODH_KS_PW'),
auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL_VERSIONLESS'), auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL_VERSIONLESS'),
} }
class { '::aodh::evaluator': class { '::aodh::evaluator':
coordination_url => $coordination_url, coordination_url => $coordination_url,

10
packstack/puppet/modules/packstack/manifests/aodh/rabbitmq.pp
View File

@ -28,11 +28,11 @@ class packstack::aodh::rabbitmq ()
} }
class { '::aodh': class { '::aodh':
rabbit_use_ssl => hiera('CONFIG_AMQP_SSL_ENABLED'), rabbit_use_ssl => hiera('CONFIG_AMQP_SSL_ENABLED'),
default_transport_url => "rabbit://${rabbit_userid}:${rabbit_password}@${rabbit_host}:${rabbit_port}/", default_transport_url => "rabbit://${rabbit_userid}:${rabbit_password}@${rabbit_host}:${rabbit_port}/",
kombu_ssl_ca_certs => $kombu_ssl_ca_certs, kombu_ssl_ca_certs => $kombu_ssl_ca_certs,
kombu_ssl_keyfile => $kombu_ssl_keyfile, kombu_ssl_keyfile => $kombu_ssl_keyfile,
kombu_ssl_certfile => $kombu_ssl_certfile, kombu_ssl_certfile => $kombu_ssl_certfile,
database_connection => "mysql+pymysql://aodh:${aodh_db_pw}@${aodh_mariadb_host}/aodh", database_connection => "mysql+pymysql://aodh:${aodh_db_pw}@${aodh_mariadb_host}/aodh",
} }
} }

4
packstack/puppet/modules/packstack/manifests/apache.pp
View File

@ -4,10 +4,10 @@ class packstack::apache ()
if ($::operatingsystem == 'Fedora') or ($::osfamily == 'RedHat' and Integer.new($::operatingsystemmajrelease) > 7) { if ($::operatingsystem == 'Fedora') or ($::osfamily == 'RedHat' and Integer.new($::operatingsystemmajrelease) > 7) {
class { '::apache': class { '::apache':
purge_configs => false, purge_configs => false,
mod_packages => merge($::apache::params::mod_packages, { mod_packages => merge($::apache::params::mod_packages, {
'wsgi' => 'python3-mod_wsgi', 'wsgi' => 'python3-mod_wsgi',
}), }),
mod_libs => merge($::apache::params::mod_libs, { mod_libs => merge($::apache::params::mod_libs, {
'wsgi' => 'mod_wsgi_python3.so', 'wsgi' => 'mod_wsgi_python3.so',
}) })
} }

12
packstack/puppet/modules/packstack/manifests/ceilometer.pp
View File

@ -7,7 +7,7 @@ class packstack::ceilometer ()
$config_gnocchi_host = hiera('CONFIG_KEYSTONE_HOST_URL') $config_gnocchi_host = hiera('CONFIG_KEYSTONE_HOST_URL')
if ($::operatingsystem == 'Fedora') or if ($::operatingsystem == 'Fedora') or
($::osfamily == 'RedHat' and Integer.new($::operatingsystemmajrelease) > 7) { ($::osfamily == 'RedHat' and Integer.new($::operatingsystemmajrelease) > 7) {
$pyvers = '3' $pyvers = '3'
} else { } else {
$pyvers = '' $pyvers = ''
@ -18,7 +18,7 @@ class packstack::ceilometer ()
$redis_port = hiera('CONFIG_REDIS_PORT') $redis_port = hiera('CONFIG_REDIS_PORT')
$coordination_url = "redis://${redis_host}:${redis_port}" $coordination_url = "redis://${redis_host}:${redis_port}"
ensure_resource('package', "python-redis", { ensure_resource('package', 'python-redis', {
name => "python${pyvers}-redis", name => "python${pyvers}-redis",
tag => 'openstack', tag => 'openstack',
}) })
@ -35,12 +35,12 @@ class packstack::ceilometer ()
tries => 20 tries => 20
} }
Keystone::Resource::Service_identity<||> -> Exec['ceilometer-db-upgrade'] ~> Keystone::Resource::Service_identity<||> -> Exec['ceilometer-db-upgrade']
Service['ceilometer-agent-notification'] ~> Service['ceilometer-agent-notification']
class { '::ceilometer::agent::notification': class { '::ceilometer::agent::notification':
manage_event_pipeline => true, manage_event_pipeline => true,
event_pipeline_publishers => ["gnocchi://", "panko://"], event_pipeline_publishers => ['gnocchi://', 'panko://'],
} }
class { '::ceilometer::agent::auth': class { '::ceilometer::agent::auth':
@ -50,7 +50,7 @@ class packstack::ceilometer ()
} }
class { '::ceilometer::agent::polling': class { '::ceilometer::agent::polling':
manage_polling => true, manage_polling => true,
coordination_url => $coordination_url, coordination_url => $coordination_url,
} }

10
packstack/puppet/modules/packstack/manifests/ceilometer/rabbitmq.pp
View File

@ -24,11 +24,11 @@ class packstack::ceilometer::rabbitmq ()
} }
class { '::ceilometer': class { '::ceilometer':
telemetry_secret => hiera('CONFIG_CEILOMETER_SECRET'), telemetry_secret => hiera('CONFIG_CEILOMETER_SECRET'),
rabbit_use_ssl => hiera('CONFIG_AMQP_SSL_ENABLED'), rabbit_use_ssl => hiera('CONFIG_AMQP_SSL_ENABLED'),
default_transport_url => "rabbit://${rabbit_userid}:${rabbit_password}@${rabbit_host}:${rabbit_port}/", default_transport_url => "rabbit://${rabbit_userid}:${rabbit_password}@${rabbit_host}:${rabbit_port}/",
kombu_ssl_ca_certs => $kombu_ssl_ca_certs, kombu_ssl_ca_certs => $kombu_ssl_ca_certs,
kombu_ssl_keyfile => $kombu_ssl_keyfile, kombu_ssl_keyfile => $kombu_ssl_keyfile,
kombu_ssl_certfile => $kombu_ssl_certfile, kombu_ssl_certfile => $kombu_ssl_certfile,
} }
} }

14
packstack/puppet/modules/packstack/manifests/chrony.pp
View File

@ -91,11 +91,11 @@ class packstack::chrony ()
hasrestart => true, hasrestart => true,
} }
Package['chrony'] -> Package['chrony']
Package['ntpdate'] -> -> Package['ntpdate']
File['chrony_conf'] -> -> File['chrony_conf']
Exec['stop-chronyd'] -> -> Exec['stop-chronyd']
Service['ntpd'] -> -> Service['ntpd']
Exec['ntpdate'] -> -> Exec['ntpdate']
Service['chronyd'] -> Service['chronyd']
} }

6
packstack/puppet/modules/packstack/manifests/cinder.pp
View File

@ -32,9 +32,9 @@ class packstack::cinder ()
} }
class { '::cinder::api': class { '::cinder::api':
bind_host => $bind_host, bind_host => $bind_host,
service_workers => hiera('CONFIG_SERVICE_WORKERS'), service_workers => hiera('CONFIG_SERVICE_WORKERS'),
default_volume_type => $default_volume_type, default_volume_type => $default_volume_type,
} }
class { '::cinder::scheduler': } class { '::cinder::scheduler': }

2
packstack/puppet/modules/packstack/manifests/cinder/backend/gluster.pp
View File

@ -10,7 +10,7 @@ class packstack::cinder::backend::gluster ()
cinder_type { 'glusterfs': cinder_type { 'glusterfs':
ensure => present, ensure => present,
properties => ["volume_backend_name=gluster"], properties => ['volume_backend_name=gluster'],
require => Class['cinder::api'], require => Class['cinder::api'],
} }
} }

10
packstack/puppet/modules/packstack/manifests/cinder/backend/lvm.pp
View File

@ -20,8 +20,8 @@ class packstack::cinder::backend::lvm ()
file_line{ 'rc.local_losetup_cinder_volume': file_line{ 'rc.local_losetup_cinder_volume':
path => '/etc/rc.d/rc.local', path => '/etc/rc.d/rc.local',
match => "^.*/var/lib/cinder/$cinder_volume_name.*$", match => "^.*/var/lib/cinder/${cinder_volume_name}.*$",
line => "losetup -f /var/lib/cinder/$cinder_volume_name && service openstack-cinder-volume restart", line => "losetup -f /var/lib/cinder/${cinder_volume_name} && service openstack-cinder-volume restart",
} }
file { '/etc/rc.d/rc.local': file { '/etc/rc.d/rc.local':
@ -42,8 +42,8 @@ class packstack::cinder::backend::lvm ()
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/usr/bin/sh -c \'/usr/sbin/losetup -j /var/lib/cinder/$cinder_volume_name | /usr/bin/grep /var/lib/cinder/$cinder_volume_name || /usr/sbin/losetup -f /var/lib/cinder/$cinder_volume_name\' ExecStart=/usr/bin/sh -c \'/usr/sbin/losetup -j /var/lib/cinder/${cinder_volume_name} | /usr/bin/grep /var/lib/cinder/${cinder_volume_name} || /usr/sbin/losetup -f /var/lib/cinder/${cinder_volume_name}\'
ExecStop=/usr/bin/sh -c \'/usr/sbin/losetup -j /var/lib/cinder/$cinder_volume_name | /usr/bin/cut -d : -f 1 | /usr/bin/xargs /usr/sbin/losetup -d\' ExecStop=/usr/bin/sh -c \'/usr/sbin/losetup -j /var/lib/cinder/${cinder_volume_name} | /usr/bin/cut -d : -f 1 | /usr/bin/xargs /usr/sbin/losetup -d\'
TimeoutSec=60 TimeoutSec=60
RemainAfterExit=yes RemainAfterExit=yes
@ -92,7 +92,7 @@ class packstack::cinder::backend::lvm ()
cinder_type { 'iscsi': cinder_type { 'iscsi':
ensure => present, ensure => present,
properties => ["volume_backend_name=lvm"], properties => ['volume_backend_name=lvm'],
require => Class['cinder::api'], require => Class['cinder::api'],
} }
} }

4
packstack/puppet/modules/packstack/manifests/cinder/backend/nfs.pp
View File

@ -10,7 +10,7 @@ class packstack::cinder::backend::nfs ()
cinder_type { 'nfs': cinder_type { 'nfs':
ensure => present, ensure => present,
properties => ["volume_backend_name=nfs"], properties => ['volume_backend_name=nfs'],
require => Class['cinder::api'], require => Class['cinder::api'],
} }
} }

8
packstack/puppet/modules/packstack/manifests/cinder/backend/solidfire.pp
View File

@ -4,10 +4,10 @@ class packstack::cinder::backend::solidfire ()
$solidfire_backend_name = 'solidfire' $solidfire_backend_name = 'solidfire'
cinder::backend::solidfire { $solidfire_backend_name : cinder::backend::solidfire { $solidfire_backend_name :
san_ip => hiera('CONFIG_CINDER_SOLIDFIRE_LOGIN'), san_ip => hiera('CONFIG_CINDER_SOLIDFIRE_LOGIN'),
san_login => hiera('CONFIG_CINDER_SOLIDFIRE_PASSWORD'), san_login => hiera('CONFIG_CINDER_SOLIDFIRE_PASSWORD'),
san_password => hiera('CONFIG_CINDER_SOLIDFIRE_HOSTNAME'), san_password => hiera('CONFIG_CINDER_SOLIDFIRE_HOSTNAME'),
volume_backend_name => $solidfire_backend_name, volume_backend_name => $solidfire_backend_name,
} }
ensure_packages(['iscsi-initiator-utils'], {'ensure' => 'present'}) ensure_packages(['iscsi-initiator-utils'], {'ensure' => 'present'})

2
packstack/puppet/modules/packstack/manifests/cinder/backend/vmdk.pp
View File

@ -8,7 +8,7 @@ class packstack::cinder::backend::vmdk ()
cinder_type { 'vmdk': cinder_type { 'vmdk':
ensure => present, ensure => present,
properties => ["volume_backend_name=vmdk"], properties => ['volume_backend_name=vmdk'],
require => Class['cinder::api'], require => Class['cinder::api'],
} }
} }

6
packstack/puppet/modules/packstack/manifests/heat.pp
View File

@ -17,8 +17,8 @@ class packstack::heat ()
} }
class { '::heat::keystone::domain': class { '::heat::keystone::domain':
domain_name => hiera('CONFIG_HEAT_DOMAIN'), domain_name => hiera('CONFIG_HEAT_DOMAIN'),
domain_admin => hiera('CONFIG_HEAT_DOMAIN_ADMIN'), domain_admin => hiera('CONFIG_HEAT_DOMAIN_ADMIN'),
domain_password => hiera('CONFIG_HEAT_DOMAIN_PASSWORD'), domain_password => hiera('CONFIG_HEAT_DOMAIN_PASSWORD'),
} }
} }

6
packstack/puppet/modules/packstack/manifests/heat/cfn.pp
View File

@ -9,9 +9,9 @@ class packstack::heat::cfn ()
$heat_cfn_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') $heat_cfn_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL')
class { '::heat::keystone::auth_cfn': class { '::heat::keystone::auth_cfn':
admin_url => "http://$heat_cfn_cfg_ctrl_host:8000/v1", admin_url => "http://${heat_cfn_cfg_ctrl_host}:8000/v1",
public_url => "http://$heat_cfn_cfg_ctrl_host:8000/v1", public_url => "http://${heat_cfn_cfg_ctrl_host}:8000/v1",
internal_url => "http://$heat_cfn_cfg_ctrl_host:8000/v1", internal_url => "http://${heat_cfn_cfg_ctrl_host}:8000/v1",
password => hiera('CONFIG_HEAT_KS_PW'), password => hiera('CONFIG_HEAT_KS_PW'),
} }
} }

14
packstack/puppet/modules/packstack/manifests/heat/rabbitmq.pp
View File

@ -39,13 +39,13 @@ class packstack::heat::rabbitmq ()
} }
class { '::heat': class { '::heat':
keystone_ec2_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), keystone_ec2_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'),
rabbit_use_ssl => hiera('CONFIG_AMQP_SSL_ENABLED'), rabbit_use_ssl => hiera('CONFIG_AMQP_SSL_ENABLED'),
default_transport_url => "rabbit://${rabbit_userid}:${rabbit_password}@${rabbit_host}:${rabbit_port}/", default_transport_url => "rabbit://${rabbit_userid}:${rabbit_password}@${rabbit_host}:${rabbit_port}/",
database_connection => "mysql+pymysql://heat:${heat_rabbitmq_cfg_heat_db_pw}@${heat_rabbitmq_cfg_mariadb_host}/heat", database_connection => "mysql+pymysql://heat:${heat_rabbitmq_cfg_heat_db_pw}@${heat_rabbitmq_cfg_mariadb_host}/heat",
kombu_ssl_ca_certs => $kombu_ssl_ca_certs, kombu_ssl_ca_certs => $kombu_ssl_ca_certs,
kombu_ssl_keyfile => $kombu_ssl_keyfile, kombu_ssl_keyfile => $kombu_ssl_keyfile,
kombu_ssl_certfile => $kombu_ssl_certfile, kombu_ssl_certfile => $kombu_ssl_certfile,
notification_driver => $heat_notification_driver, notification_driver => $heat_notification_driver,
} }
} }

2
packstack/puppet/modules/packstack/manifests/keystone.pp
View File

@ -33,7 +33,7 @@ class packstack::keystone ()
class { '::keystone': class { '::keystone':
database_connection => "mysql+pymysql://keystone_admin:${keystone_cfg_ks_db_pw}@${keystone_cfg_mariadb_host}/keystone", database_connection => "mysql+pymysql://keystone_admin:${keystone_cfg_ks_db_pw}@${keystone_cfg_mariadb_host}/keystone",
token_provider => "${keystone_token_provider_str}", token_provider => $keystone_token_provider_str,
enable_fernet_setup => true, enable_fernet_setup => true,
service_name => 'httpd', service_name => 'httpd',
enable_ssl => $keystone_use_ssl, enable_ssl => $keystone_use_ssl,

2
packstack/puppet/modules/packstack/manifests/keystone/cinder.pp
View File

@ -3,7 +3,7 @@ class packstack::keystone::cinder ()
$cinder_protocol = 'http' $cinder_protocol = 'http'
$cinder_host = hiera('CONFIG_STORAGE_HOST_URL') $cinder_host = hiera('CONFIG_STORAGE_HOST_URL')
$cinder_port = '8776' $cinder_port = '8776'
$cinder_url = "${cinder_protocol}://${cinder_host}:$cinder_port" $cinder_url = "${cinder_protocol}://${cinder_host}:${cinder_port}"
class { '::cinder::keystone::auth': class { '::cinder::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),

2
packstack/puppet/modules/packstack/manifests/keystone/ironic.pp
View File

@ -3,7 +3,7 @@ class packstack::keystone::ironic ()
$ironic_protocol = 'http' $ironic_protocol = 'http'
$ironic_host = hiera('CONFIG_KEYSTONE_HOST_URL') $ironic_host = hiera('CONFIG_KEYSTONE_HOST_URL')
$ironic_port = '6385' $ironic_port = '6385'
$ironic_url = "${ironic_protocol}://${ironic_host}:$ironic_port" $ironic_url = "${ironic_protocol}://${ironic_host}:${ironic_port}"
class { '::ironic::keystone::auth': class { '::ironic::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),

12
packstack/puppet/modules/packstack/manifests/keystone/magnum.pp
View File

@ -3,14 +3,14 @@ class packstack::keystone::magnum ()
$magnum_protocol = 'http' $magnum_protocol = 'http'
$magnum_host = hiera('CONFIG_KEYSTONE_HOST_URL') $magnum_host = hiera('CONFIG_KEYSTONE_HOST_URL')
$magnum_port = '9511' $magnum_port = '9511'
$magnum_url = "${magnum_protocol}://${magnum_host}:$magnum_port/v1" $magnum_url = "${magnum_protocol}://${magnum_host}:${magnum_port}/v1"
class { '::magnum::keystone::auth': class { '::magnum::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_MAGNUM_KS_PW'), password => hiera('CONFIG_MAGNUM_KS_PW'),
public_url => $magnum_url, public_url => $magnum_url,
admin_url => $magnum_url, admin_url => $magnum_url,
internal_url => $magnum_url internal_url => $magnum_url
} }
class { '::magnum::keystone::domain': class { '::magnum::keystone::domain':

4
packstack/puppet/modules/packstack/manifests/keystone/manila.pp
View File

@ -3,8 +3,8 @@ class packstack::keystone::manila ()
$manila_protocol = 'http' $manila_protocol = 'http'
$manila_host = hiera('CONFIG_STORAGE_HOST_URL') $manila_host = hiera('CONFIG_STORAGE_HOST_URL')
$manila_port = '8786' $manila_port = '8786'
$manila_url = "${manila_protocol}://${manila_host}:$manila_port/v1/%(tenant_id)s" $manila_url = "${manila_protocol}://${manila_host}:${manila_port}/v1/%(tenant_id)s"
$manila_url_v2 = "${manila_protocol}://${manila_host}:$manila_port/v2/%(tenant_id)s" $manila_url_v2 = "${manila_protocol}://${manila_host}:${manila_port}/v2/%(tenant_id)s"
class { '::manila::keystone::auth': class { '::manila::keystone::auth':
password => hiera('CONFIG_MANILA_KS_PW'), password => hiera('CONFIG_MANILA_KS_PW'),

2
packstack/puppet/modules/packstack/manifests/keystone/neutron.pp
View File

@ -3,7 +3,7 @@ class packstack::keystone::neutron ()
$neutron_protocol = 'http' $neutron_protocol = 'http'
$neutron_host = hiera('CONFIG_KEYSTONE_HOST_URL') $neutron_host = hiera('CONFIG_KEYSTONE_HOST_URL')
$neutron_port = '9696' $neutron_port = '9696'
$neutron_url = "${neutron_protocol}://${neutron_host}:$neutron_port" $neutron_url = "${neutron_protocol}://${neutron_host}:${neutron_port}"
class { '::neutron::keystone::auth': class { '::neutron::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),

10
packstack/puppet/modules/packstack/manifests/keystone/nova.pp
View File

@ -7,10 +7,10 @@ class packstack::keystone::nova ()
class { '::nova::keystone::auth': class { '::nova::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_NOVA_KS_PW'), password => hiera('CONFIG_NOVA_KS_PW'),
public_url => $nova_url, public_url => $nova_url,
admin_url => $nova_url, admin_url => $nova_url,
internal_url => $nova_url, internal_url => $nova_url,
} }
} }

2
packstack/puppet/modules/packstack/manifests/keystone/sahara.pp
View File

@ -3,7 +3,7 @@ class packstack::keystone::sahara ()
$sahara_protocol = 'http' $sahara_protocol = 'http'
$sahara_host = hiera('CONFIG_KEYSTONE_HOST_URL') $sahara_host = hiera('CONFIG_KEYSTONE_HOST_URL')
$sahara_port = '8386' $sahara_port = '8386'
$sahara_url = "${sahara_protocol}://${sahara_host}:$sahara_port" $sahara_url = "${sahara_protocol}://${sahara_host}:${sahara_port}"
class { '::sahara::keystone::auth': class { '::sahara::keystone::auth':
password => hiera('CONFIG_SAHARA_KS_PW'), password => hiera('CONFIG_SAHARA_KS_PW'),

16
packstack/puppet/modules/packstack/manifests/keystone/swift.pp
View File

@ -3,15 +3,15 @@ class packstack::keystone::swift ()
$swift_protocol = 'http' $swift_protocol = 'http'
$swift_host = hiera('CONFIG_STORAGE_HOST_URL') $swift_host = hiera('CONFIG_STORAGE_HOST_URL')
$swift_port = '8080' $swift_port = '8080'
$swift_url = "${swift_protocol}://${swift_host}:$swift_port/v1/AUTH_%(tenant_id)s" $swift_url = "${swift_protocol}://${swift_host}:${swift_port}/v1/AUTH_%(tenant_id)s"
class { '::swift::keystone::auth': class { '::swift::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),
password => hiera('CONFIG_SWIFT_KS_PW'), password => hiera('CONFIG_SWIFT_KS_PW'),
operator_roles => ['admin', 'SwiftOperator', 'ResellerAdmin'], operator_roles => ['admin', 'SwiftOperator', 'ResellerAdmin'],
public_url => $swift_url, public_url => $swift_url,
internal_url => $swift_url, internal_url => $swift_url,
admin_url => $swift_url, admin_url => $swift_url,
configure_s3_endpoint => false, configure_s3_endpoint => false,
} }
} }

2
packstack/puppet/modules/packstack/manifests/keystone/trove.pp
View File

@ -3,7 +3,7 @@ class packstack::keystone::trove ()
$trove_protocol = 'http' $trove_protocol = 'http'
$trove_host = hiera('CONFIG_KEYSTONE_HOST_URL') $trove_host = hiera('CONFIG_KEYSTONE_HOST_URL')
$trove_port = '8779' $trove_port = '8779'
$trove_url = "${trove_protocol}://${trove_host}:$trove_port/v1.0/%(tenant_id)s" $trove_url = "${trove_protocol}://${trove_host}:${trove_port}/v1.0/%(tenant_id)s"
class { '::trove::keystone::auth': class { '::trove::keystone::auth':
region => hiera('CONFIG_KEYSTONE_REGION'), region => hiera('CONFIG_KEYSTONE_REGION'),

2
packstack/puppet/modules/packstack/manifests/magnum.pp
View File

@ -11,7 +11,7 @@ class packstack::magnum ()
$magnum_protocol = 'http' $magnum_protocol = 'http'
$magnum_host = hiera('CONFIG_KEYSTONE_HOST_URL') $magnum_host = hiera('CONFIG_KEYSTONE_HOST_URL')
$magnum_port = '9511' $magnum_port = '9511'
$magnum_url = "${magnum_protocol}://${magnum_host}:$magnum_port/v1" $magnum_url = "${magnum_protocol}://${magnum_host}:${magnum_port}/v1"
class { '::magnum::keystone::authtoken': class { '::magnum::keystone::authtoken':
www_authenticate_uri => "${magnum_protocol}://${magnum_host}:5000/v3", www_authenticate_uri => "${magnum_protocol}://${magnum_host}:5000/v3",
auth_url => "${magnum_protocol}://${magnum_host}:5000", auth_url => "${magnum_protocol}://${magnum_host}:5000",

24
packstack/puppet/modules/packstack/manifests/manila/backend/generic.pp
View File

@ -16,18 +16,18 @@ class packstack::manila::backend::generic ()
$keystone_url = hiera('CONFIG_KEYSTONE_PUBLIC_URL') $keystone_url = hiera('CONFIG_KEYSTONE_PUBLIC_URL')
nova_flavor { 'm1.manila': nova_flavor { 'm1.manila':
ensure => present, ensure => present,
id => '66', id => '66',
ram => '512', ram => '512',
disk => '1', disk => '1',
vcpus => '1', vcpus => '1',
require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ], require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ],
} -> }
manila::service_instance{ 'generic': -> manila::service_instance{ 'generic':
service_image_location => hiera('CONFIG_MANILA_SERVICE_IMAGE_LOCATION'), service_image_location => hiera('CONFIG_MANILA_SERVICE_IMAGE_LOCATION'),
service_instance_user => hiera('CONFIG_MANILA_SERVICE_INSTANCE_USER'), service_instance_user => hiera('CONFIG_MANILA_SERVICE_INSTANCE_USER'),
service_instance_password => hiera('CONFIG_MANILA_SERVICE_INSTANCE_PASSWORD'), service_instance_password => hiera('CONFIG_MANILA_SERVICE_INSTANCE_PASSWORD'),
service_instance_flavor_id => 66, service_instance_flavor_id => 66,
} }
class { '::manila::compute::nova': class { '::manila::compute::nova':
@ -39,6 +39,6 @@ class packstack::manila::backend::generic ()
class { '::manila::volume::cinder': class { '::manila::volume::cinder':
auth_type => 'password', auth_type => 'password',
auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL_VERSIONLESS'), auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL_VERSIONLESS'),
password => hiera('CONFIG_CINDER_KS_PW'), password => hiera('CONFIG_CINDER_KS_PW'),
} }
} }

52
packstack/puppet/modules/packstack/manifests/mariadb/services.pp
View File

@ -8,12 +8,12 @@ class packstack::mariadb::services ()
} }
if hiera('CONFIG_CINDER_INSTALL') == 'y' { if hiera('CONFIG_CINDER_INSTALL') == 'y' {
class { '::cinder::db::mysql': class { '::cinder::db::mysql':
password => hiera('CONFIG_CINDER_DB_PW'), password => hiera('CONFIG_CINDER_DB_PW'),
host => '%', host => '%',
allowed_hosts => '%', allowed_hosts => '%',
charset => 'utf8', charset => 'utf8',
} }
} }
if hiera('CONFIG_GLANCE_INSTALL') == 'y' { if hiera('CONFIG_GLANCE_INSTALL') == 'y' {
@ -34,7 +34,7 @@ class packstack::mariadb::services ()
} }
if hiera('CONFIG_AODH_INSTALL') == 'y' and if hiera('CONFIG_AODH_INSTALL') == 'y' and
hiera('CONFIG_CEILOMETER_INSTALL') == 'y' { hiera('CONFIG_CEILOMETER_INSTALL') == 'y' {
class { '::aodh::db::mysql': class { '::aodh::db::mysql':
password => hiera('CONFIG_AODH_DB_PW'), password => hiera('CONFIG_AODH_DB_PW'),
host => '%', host => '%',
@ -43,30 +43,30 @@ class packstack::mariadb::services ()
} }
if hiera('CONFIG_HEAT_INSTALL') == 'y' { if hiera('CONFIG_HEAT_INSTALL') == 'y' {
class { '::heat::db::mysql': class { '::heat::db::mysql':
password => hiera('CONFIG_HEAT_DB_PW'), password => hiera('CONFIG_HEAT_DB_PW'),
host => '%', host => '%',
allowed_hosts => '%', allowed_hosts => '%',
charset => 'utf8', charset => 'utf8',
} }
} }
if hiera('CONFIG_MAGNUM_INSTALL') == 'y' { if hiera('CONFIG_MAGNUM_INSTALL') == 'y' {
class { '::magnum::db::mysql': class { '::magnum::db::mysql':
password => hiera('CONFIG_MAGNUM_DB_PW'), password => hiera('CONFIG_MAGNUM_DB_PW'),
host => '%', host => '%',
allowed_hosts => '%', allowed_hosts => '%',
charset => 'utf8', charset => 'utf8',
} }
} }
if hiera('CONFIG_IRONIC_INSTALL') == 'y' { if hiera('CONFIG_IRONIC_INSTALL') == 'y' {
class { '::ironic::db::mysql': class { '::ironic::db::mysql':
password => hiera('CONFIG_IRONIC_DB_PW'), password => hiera('CONFIG_IRONIC_DB_PW'),
host => '%', host => '%',
allowed_hosts => '%', allowed_hosts => '%',
charset => 'utf8', charset => 'utf8',
} }
} }
if hiera('CONFIG_MANILA_INSTALL') == 'y' { if hiera('CONFIG_MANILA_INSTALL') == 'y' {
@ -109,7 +109,7 @@ class packstack::mariadb::services ()
} }
if hiera('CONFIG_PANKO_INSTALL') == 'y' and if hiera('CONFIG_PANKO_INSTALL') == 'y' and
hiera('CONFIG_CEILOMETER_INSTALL') == 'y' { hiera('CONFIG_CEILOMETER_INSTALL') == 'y' {
class { '::panko::db::mysql': class { '::panko::db::mysql':
password => hiera('CONFIG_PANKO_DB_PW'), password => hiera('CONFIG_PANKO_DB_PW'),
host => '%', host => '%',

100
packstack/puppet/modules/packstack/manifests/mariadb/services_remote.pp
View File

@ -1,62 +1,62 @@
class packstack::mariadb::services_remote () { class packstack::mariadb::services_remote () {
remote_database { 'keystone': remote_database { 'keystone':
ensure => 'present', ensure => 'present',
charset => 'utf8', charset => 'utf8',
db_host => hiera('CONFIG_MARIADB_HOST'), db_host => hiera('CONFIG_MARIADB_HOST'),
db_user => hiera('CONFIG_MARIADB_USER'), db_user => hiera('CONFIG_MARIADB_USER'),
db_password => hiera('CONFIG_MARIADB_PW'), db_password => hiera('CONFIG_MARIADB_PW'),
provider => 'mysql', provider => 'mysql',
} }
$mariadb_keystone_noinstall_db_pw = hiera('CONFIG_KEYSTONE_DB_PW') $mariadb_keystone_noinstall_db_pw = hiera('CONFIG_KEYSTONE_DB_PW')
remote_database_user { 'keystone_admin@%': remote_database_user { 'keystone_admin@%':
password_hash => mysql_password($mariadb_keystone_noinstall_db_pw), password_hash => mysql_password($mariadb_keystone_noinstall_db_pw),
db_host => hiera('CONFIG_MARIADB_HOST'), db_host => hiera('CONFIG_MARIADB_HOST'),
db_user => hiera('CONFIG_MARIADB_USER'), db_user => hiera('CONFIG_MARIADB_USER'),
db_password => hiera('CONFIG_MARIADB_PW'), db_password => hiera('CONFIG_MARIADB_PW'),
provider => 'mysql', provider => 'mysql',
require => Remote_database['keystone'], require => Remote_database['keystone'],
} }
remote_database_grant { 'keystone_admin@%/keystone': remote_database_grant { 'keystone_admin@%/keystone':
privileges => 'all', privileges => 'all',
db_host => hiera('CONFIG_MARIADB_HOST'), db_host => hiera('CONFIG_MARIADB_HOST'),
db_user => hiera('CONFIG_MARIADB_USER'), db_user => hiera('CONFIG_MARIADB_USER'),
db_password => hiera('CONFIG_MARIADB_PW'), db_password => hiera('CONFIG_MARIADB_PW'),
provider => 'mysql', provider => 'mysql',
require => Remote_database_user['keystone_admin@%'], require => Remote_database_user['keystone_admin@%'],
} }
if hiera('CONFIG_CINDER_INSTALL') == 'y' { if hiera('CONFIG_CINDER_INSTALL') == 'y' {
remote_database { 'cinder': remote_database { 'cinder':
ensure => 'present', ensure => 'present',
charset => 'utf8', charset => 'utf8',
db_host => hiera('CONFIG_MARIADB_HOST'), db_host => hiera('CONFIG_MARIADB_HOST'),
db_user => hiera('CONFIG_MARIADB_USER'), db_user => hiera('CONFIG_MARIADB_USER'),
db_password => hiera('CONFIG_MARIADB_PW'), db_password => hiera('CONFIG_MARIADB_PW'),
provider => 'mysql', provider => 'mysql',
} }
$mariadb_cinder_noinstall_db_pw = hiera('CONFIG_CINDER_DB_PW') $mariadb_cinder_noinstall_db_pw = hiera('CONFIG_CINDER_DB_PW')
remote_database_user { 'cinder@%': remote_database_user { 'cinder@%':
password_hash => mysql_password($mariadb_cinder_noinstall_db_pw), password_hash => mysql_password($mariadb_cinder_noinstall_db_pw),
db_host => hiera('CONFIG_MARIADB_HOST'), db_host => hiera('CONFIG_MARIADB_HOST'),
db_user => hiera('CONFIG_MARIADB_USER'), db_user => hiera('CONFIG_MARIADB_USER'),
db_password => hiera('CONFIG_MARIADB_PW'), db_password => hiera('CONFIG_MARIADB_PW'),
provider => 'mysql', provider => 'mysql',
require => Remote_database['cinder'], require => Remote_database['cinder'],
} }
remote_database_grant { 'cinder@%/cinder': remote_database_grant { 'cinder@%/cinder':
privileges => 'all', privileges => 'all',
db_host => hiera('CONFIG_MARIADB_HOST'), db_host => hiera('CONFIG_MARIADB_HOST'),
db_user => hiera('CONFIG_MARIADB_USER'), db_user => hiera('CONFIG_MARIADB_USER'),
db_password => hiera('CONFIG_MARIADB_PW'), db_password => hiera('CONFIG_MARIADB_PW'),
provider => 'mysql', provider => 'mysql',
require => Remote_database_user['cinder@%'], require => Remote_database_user['cinder@%'],
} }
} }
if hiera('CONFIG_GLANCE_INSTALL') == 'y' { if hiera('CONFIG_GLANCE_INSTALL') == 'y' {

4
packstack/puppet/modules/packstack/manifests/neutron/api.pp
View File

@ -31,8 +31,8 @@ class packstack::neutron::api ()
} }
file { '/etc/neutron/api-paste.ini': file { '/etc/neutron/api-paste.ini':
ensure => file, ensure => file,
mode => '0640', mode => '0640',
} }
if $neutron_vpnaas_enabled { if $neutron_vpnaas_enabled {

4
packstack/puppet/modules/packstack/manifests/neutron/dhcp.pp
View File

@ -4,7 +4,7 @@ class packstack::neutron::dhcp ()
create_resources(packstack::firewall, hiera('FIREWALL_NEUTRON_DHCPOUT_RULES', {})) create_resources(packstack::firewall, hiera('FIREWALL_NEUTRON_DHCPOUT_RULES', {}))
class { '::neutron::agents::dhcp': class { '::neutron::agents::dhcp':
interface_driver => hiera('CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'), interface_driver => hiera('CONFIG_NEUTRON_DHCP_INTERFACE_DRIVER'),
debug => hiera('CONFIG_DEBUG_MODE'), debug => hiera('CONFIG_DEBUG_MODE'),
} }
} }

4
packstack/puppet/modules/packstack/manifests/neutron/fwaas.pp
View File

@ -1,8 +1,8 @@
class packstack::neutron::fwaas () class packstack::neutron::fwaas ()
{ {
class { '::neutron::services::fwaas': class { '::neutron::services::fwaas':
enabled => true, enabled => true,
agent_version => 'v2', agent_version => 'v2',
driver => 'neutron_fwaas.services.firewall.service_drivers.agents.drivers.linux.iptables_fwaas_v2.IptablesFwaasDriver', driver => 'neutron_fwaas.services.firewall.service_drivers.agents.drivers.linux.iptables_fwaas_v2.IptablesFwaasDriver',
} }
} }

10
packstack/puppet/modules/packstack/manifests/neutron/l3.pp
View File

@ -13,11 +13,11 @@ class packstack::neutron::l3 ()
} }
class { '::neutron::agents::l3': class { '::neutron::agents::l3':
interface_driver => hiera('CONFIG_NEUTRON_L3_INTERFACE_DRIVER'), interface_driver => hiera('CONFIG_NEUTRON_L3_INTERFACE_DRIVER'),
manage_service => $start_l3_agent, manage_service => $start_l3_agent,
enabled => $start_l3_agent, enabled => $start_l3_agent,
debug => hiera('CONFIG_DEBUG_MODE'), debug => hiera('CONFIG_DEBUG_MODE'),
extensions => $extensions extensions => $extensions
} }
if defined(Class['neutron::services::fwaas']) { if defined(Class['neutron::services::fwaas']) {

4
packstack/puppet/modules/packstack/manifests/neutron/lb_agent.pp
View File

@ -18,8 +18,8 @@ class packstack::neutron::lb_agent ()
if ( 'vxlan' in hiera_array('CONFIG_NEUTRON_ML2_TYPE_DRIVERS') ){ if ( 'vxlan' in hiera_array('CONFIG_NEUTRON_ML2_TYPE_DRIVERS') ){
class { '::neutron::agents::ml2::linuxbridge': class { '::neutron::agents::ml2::linuxbridge':
physical_interface_mappings => force_interface($neutron_lb_interface_mappings, $use_subnets), physical_interface_mappings => force_interface($neutron_lb_interface_mappings, $use_subnets),
tunnel_types => ['vxlan'], tunnel_types => ['vxlan'],
local_ip => $bind_host, local_ip => $bind_host,
} }
} }
else { else {

34
packstack/puppet/modules/packstack/manifests/neutron/ml2.pp
View File

@ -7,24 +7,24 @@ class packstack::neutron::ml2 ()
} }
class { '::neutron::plugins::ml2': class { '::neutron::plugins::ml2':
type_drivers => hiera_array('CONFIG_NEUTRON_ML2_TYPE_DRIVERS'), type_drivers => hiera_array('CONFIG_NEUTRON_ML2_TYPE_DRIVERS'),
tenant_network_types => hiera_array('CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'), tenant_network_types => hiera_array('CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES'),
mechanism_drivers => hiera_array('CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'), mechanism_drivers => hiera_array('CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS'),
flat_networks => hiera_array('CONFIG_NEUTRON_ML2_FLAT_NETWORKS'), flat_networks => hiera_array('CONFIG_NEUTRON_ML2_FLAT_NETWORKS'),
network_vlan_ranges => hiera_array('CONFIG_NEUTRON_ML2_VLAN_RANGES'), network_vlan_ranges => hiera_array('CONFIG_NEUTRON_ML2_VLAN_RANGES'),
tunnel_id_ranges => hiera_array('CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES'), tunnel_id_ranges => hiera_array('CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES'),
vxlan_group => $vxlan_group_value, vxlan_group => $vxlan_group_value,
vni_ranges => hiera_array('CONFIG_NEUTRON_ML2_VNI_RANGES'), vni_ranges => hiera_array('CONFIG_NEUTRON_ML2_VNI_RANGES'),
enable_security_group => true, enable_security_group => true,
firewall_driver => hiera('FIREWALL_DRIVER'), firewall_driver => hiera('FIREWALL_DRIVER'),
extension_drivers => 'port_security,qos', extension_drivers => 'port_security,qos',
max_header_size => 38, max_header_size => 38,
} }
if hiera('CONFIG_NEUTRON_L2_AGENT') == 'ovn' { if hiera('CONFIG_NEUTRON_L2_AGENT') == 'ovn' {
class {'::neutron::plugins::ml2::ovn': class {'::neutron::plugins::ml2::ovn':
ovn_nb_connection => "tcp:${hiera('CONFIG_CONTROLLER_HOST')}:6641", ovn_nb_connection => "tcp:${hiera('CONFIG_CONTROLLER_HOST')}:6641",
ovn_sb_connection => "tcp:${hiera('CONFIG_CONTROLLER_HOST')}:6642", ovn_sb_connection => "tcp:${hiera('CONFIG_CONTROLLER_HOST')}:6642",
ovn_metadata_enabled => true, ovn_metadata_enabled => true,
} }
} }
@ -32,8 +32,8 @@ class packstack::neutron::ml2 ()
# For cases where "neutron-db-manage upgrade" command is called # For cases where "neutron-db-manage upgrade" command is called
# we need to fill config file first # we need to fill config file first
if defined(Exec['neutron-db-manage upgrade']) { if defined(Exec['neutron-db-manage upgrade']) {
Neutron_plugin_ml2<||> -> Neutron_plugin_ml2<||>
File['/etc/neutron/plugin.ini'] -> -> File['/etc/neutron/plugin.ini']
Exec['neutron-db-manage upgrade'] -> Exec['neutron-db-manage upgrade']
} }
} }

8
packstack/puppet/modules/packstack/manifests/neutron/ovn_metadata.pp
View File

@ -4,10 +4,10 @@ class packstack::neutron::ovn_metadata ()
class { '::neutron::agents::ovn_metadata': class { '::neutron::agents::ovn_metadata':
ovn_sb_connection => $ovn_southd, ovn_sb_connection => $ovn_southd,
shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW'), shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW'),
metadata_ip => force_ip(hiera('CONFIG_KEYSTONE_HOST_URL')), metadata_ip => force_ip(hiera('CONFIG_KEYSTONE_HOST_URL')),
debug => hiera('CONFIG_DEBUG_MODE'), debug => hiera('CONFIG_DEBUG_MODE'),
metadata_workers => hiera('CONFIG_SERVICE_WORKERS'), metadata_workers => hiera('CONFIG_SERVICE_WORKERS'),
} }
Service<| title == 'controller' |> -> Service<| title == 'ovn-metadata' |> Service<| title == 'controller' |> -> Service<| title == 'ovn-metadata' |>
} }

14
packstack/puppet/modules/packstack/manifests/neutron/ovs_agent.pp
View File

@ -44,12 +44,12 @@ class packstack::neutron::ovs_agent ()
} }
class { '::neutron::agents::ml2::ovs': class { '::neutron::agents::ml2::ovs':
bridge_uplinks => $bridge_uplinks, bridge_uplinks => $bridge_uplinks,
bridge_mappings => $bridge_mappings, bridge_mappings => $bridge_mappings,
tunnel_types => hiera_array('CONFIG_NEUTRON_OVS_TUNNEL_TYPES'), tunnel_types => hiera_array('CONFIG_NEUTRON_OVS_TUNNEL_TYPES'),
local_ip => force_ip($localip), local_ip => force_ip($localip),
vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT',undef), vxlan_udp_port => hiera('CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT',undef),
l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'), l2_population => hiera('CONFIG_NEUTRON_USE_L2POPULATION'),
firewall_driver => hiera('FIREWALL_DRIVER'), firewall_driver => hiera('FIREWALL_DRIVER'),
} }
} }

36
packstack/puppet/modules/packstack/manifests/nova.pp
View File

@ -62,24 +62,24 @@ class packstack::nova ()
} }
class { '::nova': class { '::nova':
glance_api_servers => "http://${nova_common_rabbitmq_cfg_storage_host}:9292", glance_api_servers => "http://${nova_common_rabbitmq_cfg_storage_host}:9292",
default_transport_url => "rabbit://${rabbit_userid}:${rabbit_password}@${rabbit_host}:${rabbit_port}/", default_transport_url => "rabbit://${rabbit_userid}:${rabbit_password}@${rabbit_host}:${rabbit_port}/",
rabbit_use_ssl => hiera('CONFIG_AMQP_SSL_ENABLED'), rabbit_use_ssl => hiera('CONFIG_AMQP_SSL_ENABLED'),
nova_public_key => $public_key, nova_public_key => $public_key,
nova_private_key => $private_key, nova_private_key => $private_key,
kombu_ssl_ca_certs => $kombu_ssl_ca_certs, kombu_ssl_ca_certs => $kombu_ssl_ca_certs,
kombu_ssl_keyfile => $kombu_ssl_keyfile, kombu_ssl_keyfile => $kombu_ssl_keyfile,
kombu_ssl_certfile => $kombu_ssl_certfile, kombu_ssl_certfile => $kombu_ssl_certfile,
notification_driver => $nova_common_notification_driver, notification_driver => $nova_common_notification_driver,
notify_on_state_change => $notify_on_state_change, notify_on_state_change => $notify_on_state_change,
database_connection => "mysql+pymysql://nova:${nova_db_pw}@${nova_mariadb_host}/nova", database_connection => "mysql+pymysql://nova:${nova_db_pw}@${nova_mariadb_host}/nova",
api_database_connection => "mysql+pymysql://nova_api:${nova_db_pw}@${nova_mariadb_host}/nova_api", api_database_connection => "mysql+pymysql://nova_api:${nova_db_pw}@${nova_mariadb_host}/nova_api",
cpu_allocation_ratio => hiera('CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO'), cpu_allocation_ratio => hiera('CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO'),
ram_allocation_ratio => hiera('CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO'), ram_allocation_ratio => hiera('CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO'),
host => $novahost, host => $novahost,
ssl_only => $ssl_only, ssl_only => $ssl_only,
cert => $cert, cert => $cert,
key => $key, key => $key,
} }
} }

66
packstack/puppet/modules/packstack/manifests/nova/api.pp
View File

@ -24,14 +24,14 @@ class packstack::nova::api ()
} }
class { '::nova::api': class { '::nova::api':
api_bind_address => $bind_host, api_bind_address => $bind_host,
enabled => true, enabled => true,
sync_db => false, sync_db => false,
sync_db_api => false, sync_db_api => false,
osapi_compute_workers => hiera('CONFIG_SERVICE_WORKERS'), osapi_compute_workers => hiera('CONFIG_SERVICE_WORKERS'),
allow_resize_to_same_host => hiera('CONFIG_NOVA_ALLOW_RESIZE_TO_SAME'), allow_resize_to_same_host => hiera('CONFIG_NOVA_ALLOW_RESIZE_TO_SAME'),
nova_metadata_wsgi_enabled => true, nova_metadata_wsgi_enabled => true,
service_name => 'httpd', service_name => 'httpd',
} }
class { '::nova::metadata': class { '::nova::metadata':
@ -84,47 +84,47 @@ class packstack::nova::api ()
Class['::keystone'] -> Nova_flavor<||> Class['::keystone'] -> Nova_flavor<||>
nova_flavor { 'm1.tiny': nova_flavor { 'm1.tiny':
ensure => present, ensure => present,
id => '1', id => '1',
ram => '512', ram => '512',
disk => '1', disk => '1',
vcpus => '1', vcpus => '1',
require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ], require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ],
} }
nova_flavor { 'm1.small': nova_flavor { 'm1.small':
ensure => present, ensure => present,
id => '2', id => '2',
ram => '2048', ram => '2048',
disk => '20', disk => '20',
vcpus => '1', vcpus => '1',
require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ], require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ],
} }
nova_flavor { 'm1.medium': nova_flavor { 'm1.medium':
ensure => present, ensure => present,
id => '3', id => '3',
ram => '4096', ram => '4096',
disk => '40', disk => '40',
vcpus => '2', vcpus => '2',
require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ], require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ],
} }
nova_flavor { 'm1.large': nova_flavor { 'm1.large':
ensure => present, ensure => present,
id => '4', id => '4',
ram => '8192', ram => '8192',
disk => '80', disk => '80',
vcpus => '4', vcpus => '4',
require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ], require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ],
} }
nova_flavor { 'm1.xlarge': nova_flavor { 'm1.xlarge':
ensure => present, ensure => present,
id => '5', id => '5',
ram => '16384', ram => '16384',
disk => '160', disk => '160',
vcpus => '8', vcpus => '8',
require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ], require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ],
} }
} }

6
packstack/puppet/modules/packstack/manifests/nova/compute.pp
View File

@ -43,9 +43,9 @@ class packstack::nova::compute ()
'set Match[Condition/User = "nova_migration"]/Settings/ForceCommand /bin/nova-migration-wrapper', 'set Match[Condition/User = "nova_migration"]/Settings/ForceCommand /bin/nova-migration-wrapper',
'set Match[Condition/User = "nova_migration"]/Settings/PasswordAuthentication no', 'set Match[Condition/User = "nova_migration"]/Settings/PasswordAuthentication no',
'set Match[Condition/User = "nova_migration"]/Settings/X11Forwarding no', 'set Match[Condition/User = "nova_migration"]/Settings/X11Forwarding no',
], ],
onlyif => 'match Match[Condition/User = "nova_migration"] size == 0', onlyif => 'match Match[Condition/User = "nova_migration"] size == 0',
notify => Service['sshd'] notify => Service['sshd']
} }
service {'sshd': service {'sshd':

26
packstack/puppet/modules/packstack/manifests/nova/compute/libvirt.pp
View File

@ -15,16 +15,16 @@ class packstack::nova::compute::libvirt ()
# Workaround for bad /dev/kvm permissions # Workaround for bad /dev/kvm permissions
# https://bugzilla.redhat.com/show_bug.cgi?id=950436 # https://bugzilla.redhat.com/show_bug.cgi?id=950436
file { '/dev/kvm': file { '/dev/kvm':
owner => 'root', owner => 'root',
group => 'kvm', group => 'kvm',
mode => '666', mode => '0666',
} }
# We have to fix the permissions after the installation has been done # We have to fix the permissions after the installation has been done
# and before the service is started. # and before the service is started.
Package <| title == 'libvirt' |> -> Package <| title == 'libvirt' |>
File['/dev/kvm'] -> -> File['/dev/kvm']
Service <| title == 'libvirt' |> -> Service <| title == 'libvirt' |>
} }
$migrate_transport = hiera('CONFIG_NOVA_COMPUTE_MIGRATE_PROTOCOL') $migrate_transport = hiera('CONFIG_NOVA_COMPUTE_MIGRATE_PROTOCOL')
@ -37,16 +37,16 @@ class packstack::nova::compute::libvirt ()
} }
class { '::nova::migration::libvirt': class { '::nova::migration::libvirt':
transport => $migrate_transport, transport => $migrate_transport,
client_user => 'nova_migration', client_user => 'nova_migration',
client_extraparams => $client_extraparams, client_extraparams => $client_extraparams,
require => Class['::nova::compute::libvirt'] require => Class['::nova::compute::libvirt']
} }
class { '::nova::compute::libvirt': class { '::nova::compute::libvirt':
libvirt_virt_type => $libvirt_virt_type, libvirt_virt_type => $libvirt_virt_type,
vncserver_listen => $libvirt_vnc_bind_host, vncserver_listen => $libvirt_vnc_bind_host,
migration_support => true, migration_support => true,
} }
# Remove libvirt's default network (usually virbr0) as it's unnecessary and # Remove libvirt's default network (usually virbr0) as it's unnecessary and
@ -65,7 +65,6 @@ class packstack::nova::compute::libvirt ()
$libvirt_debug = hiera('CONFIG_DEBUG_MODE') $libvirt_debug = hiera('CONFIG_DEBUG_MODE')
if $libvirt_debug { if $libvirt_debug {
file_line { '/etc/libvirt/libvirt.conf log_filters': file_line { '/etc/libvirt/libvirt.conf log_filters':
path => '/etc/libvirt/libvirtd.conf', path => '/etc/libvirt/libvirtd.conf',
line => 'log_filters = "1:libvirt 1:qemu 1:conf 1:security 3:event 3:json 3:file 1:util"', line => 'log_filters = "1:libvirt 1:qemu 1:conf 1:security 3:event 3:json 3:file 1:util"',
@ -79,6 +78,5 @@ class packstack::nova::compute::libvirt ()
match => 'log_outputs =', match => 'log_outputs =',
notify => Service['libvirt'], notify => Service['libvirt'],
} }
} }
} }

2
packstack/puppet/modules/packstack/manifests/nova/gluster.pp
View File

@ -1,4 +1,4 @@
class packstack::nova::gluster () class packstack::nova::gluster ()
{ {
ensure_packages(['glusterfs-fuse'], {'ensure' => 'present'}) ensure_packages(['glusterfs-fuse'], {'ensure' => 'present'})
} }

2
packstack/puppet/modules/packstack/manifests/nova/nfs.pp
View File

@ -1,4 +1,4 @@
class packstack::nova::nfs () class packstack::nova::nfs ()
{ {
ensure_packages(['nfs-utils'], {'ensure' => 'present'}) ensure_packages(['nfs-utils'], {'ensure' => 'present'})
} }

4
packstack/puppet/modules/packstack/manifests/panko.pp
View File

@ -18,8 +18,8 @@ class packstack::panko ()
} }
$bind_host = hiera('CONFIG_IP_VERSION') ? { $bind_host = hiera('CONFIG_IP_VERSION') ? {
'ipv6' => '::0', 'ipv6' => '::0',
default => '0.0.0.0', default => '0.0.0.0',
} }
class { '::panko::keystone::authtoken': class { '::panko::keystone::authtoken':

4
packstack/puppet/modules/packstack/manifests/prereqs.pp
View File

@ -10,8 +10,8 @@ class packstack::prereqs ()
package { 'audit': package { 'audit':
ensure => present, ensure => present,
} -> }
service { 'auditd': -> service { 'auditd':
ensure => running, ensure => running,
enable => true, enable => true,
} }

5
packstack/puppet/modules/packstack/manifests/provision.pp
View File

@ -10,15 +10,14 @@ class packstack::provision ()
$password = hiera('CONFIG_KEYSTONE_DEMO_PW') $password = hiera('CONFIG_KEYSTONE_DEMO_PW')
$tenant_name = 'demo' $tenant_name = 'demo'
$floating_range = hiera('CONFIG_PROVISION_DEMO_FLOATRANGE') $floating_range = hiera('CONFIG_PROVISION_DEMO_FLOATRANGE')
$allocation_pools = hiera( $allocation_pools = hiera('CONFIG_PROVISION_DEMO_ALLOCATION_POOLS')
'CONFIG_PROVISION_DEMO_ALLOCATION_POOLS')
} elsif $provision_tempest { } elsif $provision_tempest {
$username = hiera('CONFIG_PROVISION_TEMPEST_USER') $username = hiera('CONFIG_PROVISION_TEMPEST_USER')
$password = hiera('CONFIG_PROVISION_TEMPEST_USER_PW') $password = hiera('CONFIG_PROVISION_TEMPEST_USER_PW')
$tenant_name = 'tempest' $tenant_name = 'tempest'
$floating_range = hiera('CONFIG_PROVISION_TEMPEST_FLOATRANGE') $floating_range = hiera('CONFIG_PROVISION_TEMPEST_FLOATRANGE')
$allocation_pools = [] $allocation_pools = []
if (empty($tempest_user) or empty($tempest_password)) { if (empty($username) or empty($password)) {
fail("Both CONFIG_PROVISION_TEMPEST_USER and fail("Both CONFIG_PROVISION_TEMPEST_USER and
CONFIG_PROVISION_TEMPEST_USER_PW need to be configured.") CONFIG_PROVISION_TEMPEST_USER_PW need to be configured.")
} }

2
packstack/puppet/modules/packstack/manifests/provision/bridge.pp
View File

@ -25,8 +25,8 @@ class packstack::provision::bridge ()
if $provision_neutron_br and $setup_ovs_bridge { if $provision_neutron_br and $setup_ovs_bridge {
Neutron_config<||> -> Neutron_l3_ovs_bridge['demo_bridge'] Neutron_config<||> -> Neutron_l3_ovs_bridge['demo_bridge']
neutron_l3_ovs_bridge { 'demo_bridge': neutron_l3_ovs_bridge { 'demo_bridge':
name => $public_bridge_name,
ensure => present, ensure => present,
name => $public_bridge_name,
subnet_name => 'public_subnet', subnet_name => 'public_subnet',
} }

24
packstack/puppet/modules/packstack/manifests/provision/tempest.pp
View File

@ -54,31 +54,31 @@ class packstack::provision::tempest ()
$tempest_password = hiera('CONFIG_PROVISION_TEMPEST_USER_PW') $tempest_password = hiera('CONFIG_PROVISION_TEMPEST_USER_PW')
$tempest_flavor_name = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_NAME') $tempest_flavor_name = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_NAME')
$tempest_flavor_ref = "42" $tempest_flavor_ref = '42'
$tempest_flavor_ram = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_RAM') $tempest_flavor_ram = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_RAM')
$tempest_flavor_disk = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_DISK') $tempest_flavor_disk = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_DISK')
$tempest_flavor_vcpus= hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_VCPUS') $tempest_flavor_vcpus= hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_VCPUS')
$tempest_flavor_alt_name = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_ALT_NAME') $tempest_flavor_alt_name = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_ALT_NAME')
$tempest_flavor_alt_ref = "84" $tempest_flavor_alt_ref = '84'
$tempest_flavor_alt_ram = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_ALT_RAM') $tempest_flavor_alt_ram = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_ALT_RAM')
$tempest_flavor_alt_disk = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_ALT_DISK') $tempest_flavor_alt_disk = hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_ALT_DISK')
$tempest_flavor_alt_vcpus= hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_ALT_VCPUS') $tempest_flavor_alt_vcpus= hiera('CONFIG_PROVISION_TEMPEST_FLAVOR_ALT_VCPUS')
nova_flavor { $tempest_flavor_name : nova_flavor { $tempest_flavor_name :
ensure => present, ensure => present,
id => $tempest_flavor_ref, id => $tempest_flavor_ref,
ram => $tempest_flavor_ram, ram => $tempest_flavor_ram,
disk => $tempest_flavor_disk, disk => $tempest_flavor_disk,
vcpus => $tempest_flavor_vcpus, vcpus => $tempest_flavor_vcpus,
require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ], require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ],
} }
nova_flavor { $tempest_flavor_alt_name : nova_flavor { $tempest_flavor_alt_name :
ensure => present, ensure => present,
id => $tempest_flavor_alt_ref, id => $tempest_flavor_alt_ref,
ram => $tempest_flavor_alt_ram, ram => $tempest_flavor_alt_ram,
disk => $tempest_flavor_alt_disk, disk => $tempest_flavor_alt_disk,
vcpus => $tempest_flavor_alt_vcpus, vcpus => $tempest_flavor_alt_vcpus,
require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ], require => [ Class['::nova::api'], Class['::nova::keystone::auth'] ],
} }

10
packstack/puppet/modules/packstack/manifests/redis.pp
View File

@ -6,11 +6,11 @@ class packstack::redis ()
$redis_host = hiera('CONFIG_REDIS_HOST') $redis_host = hiera('CONFIG_REDIS_HOST')
class { '::redis': class { '::redis':
bind => $redis_host, bind => $redis_host,
port => $redis_port, port => $redis_port,
appendonly => true, appendonly => true,
daemonize => false, daemonize => false,
unixsocket => undef, unixsocket => undef,
unixsocketperm => '0700', unixsocketperm => '0700',
} }
} }

2
packstack/puppet/modules/packstack/manifests/swift/proxy.pp
View File

@ -12,7 +12,7 @@ class packstack::swift::proxy ()
include '::packstack::memcached' include '::packstack::memcached'
if hiera('CONFIG_CEILOMETER_INSTALL') == 'y' and if hiera('CONFIG_CEILOMETER_INSTALL') == 'y' and
hiera('CONFIG_ENABLE_CEILOMETER_MIDDLEWARE') == 'y' { hiera('CONFIG_ENABLE_CEILOMETER_MIDDLEWARE') == 'y' {
$swift_pipeline = [ $swift_pipeline = [
'catch_errors', 'catch_errors',
'bulk', 'bulk',

4
packstack/puppet/modules/packstack/manifests/trove/rabbitmq.pp
View File

@ -16,8 +16,8 @@ class packstack::trove::rabbitmq ()
if $kombu_ssl_keyfile { if $kombu_ssl_keyfile {
$files_to_set_owner = [ $kombu_ssl_keyfile, $kombu_ssl_certfile ] $files_to_set_owner = [ $kombu_ssl_keyfile, $kombu_ssl_certfile ]
file { $files_to_set_owner: file { $files_to_set_owner:
owner => 'trove', owner => 'trove',
group => 'trove', group => 'trove',
} }
Package<|tag=='trove'|> -> File[$files_to_set_owner] Package<|tag=='trove'|> -> File[$files_to_set_owner]
File[$files_to_set_owner] ~> Service<| tag == 'trove-service' |> File[$files_to_set_owner] ~> Service<| tag == 'trove-service' |>