Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

(WIP) Various upcoming changes #175

Closed
wants to merge 19 commits into from

1 participant

@cmurphy

Some of these commits will get cherry-picked into their own pull requests, but this WIP indicates where we're heading.

cmurphy added some commits
@cmurphy cmurphy Remove class dependencies from firewall profile
Profiles should be self-contained, not interdependent. Removing the
dependency relationship between the firewallchain resources and the
repository classes causes no ill effects, plus it simplifies the code
because it is no longer conditional on osfamily.
e48780b
@cmurphy cmurphy Use garethr/erlang to install erlang
Also remove the erlang repo manifest since the garethr module takes
care of the repo.
6fa3610
@cmurphy cmurphy Use openstack_extras::auth_file instead of our own
The work is already done for us, so we just add openstack_extras
as a dependency and use that instead of openstack::resources::auth_file.
f011a4c
@cmurphy cmurphy Update ssh module to v2.5.0
The latest ssh version has bugfixes and is compatible with our needs.

We don't need to update the metadata because the swift module pulls
this in.
1a6c058
@cmurphy cmurphy Use openstack_extras::repo instead of our own
The openstack_extras repo can take care of installing epel/RDO and UCA
for us.
e5b6bc5
@cmurphy cmurphy Remove openstack::resources::connectors class
For the most part these strings aren't shared, so this abstraction
provides little value. It's also a class, not a resource, so it's place
here is confusing. Just remove it and set up the strings where they
are used.
bd9d2e2
@cmurphy cmurphy Remove openstack::resources::controller class
This class does not provision any resources, it only does error
checking. The error checking is restrictive and not very valuable, and
it hinders reusability. This patch removes the class and all similar
error checking not contained in the class.
78dd180
@cmurphy cmurphy Remove openstack::setup::cirros class
Having a class that sets up a single hard-coded image is not very
useful, except for demos. This change moves the image data into the
example hiera files and uses create_resources on a hash of data to
create as many images as the user wants. We move this into
openstack::profile::glance::api since now a one-line function does not
need its own class.
c274ee4
@cmurphy cmurphy Remove router and sharednetwork setup classes
The openstack::setup::router and openstack::setup::sharednetwork
classes only create two networks and one router with very little
configuration options. This change moves the network data into the
example hiera files and uses create_resources on a hash to create as
many networks, subnets, and routers are the user wants. We move this
into openstack::profile::neutron::router since these resources will
always reside on the network node.
260ead5
@cmurphy cmurphy Ignore lint errors in examples directory 09366bb
@cmurphy cmurphy Remove openstack::resources::tenant resource
This abstraction provided no value to the user.
6aea7ea
@cmurphy cmurphy Remove all mysql_module parameters
The mysql_module parameters does nothing anymore. Remove all references
to it.
49eb792
@cmurphy cmurphy Ensure device mapper package is latest
Nova images won't boot with the version of device-mapper installed by
default on RedHat. We need to make sure we have the latest available
version, and it needs to refresh the libvirt and then the nova-compute
service after being updated.
3b4deb0
@cmurphy cmurphy Remove common::glance
The glance::api class is not common, it should only be used on the
glance api server. We move it to the api profile and remove the common
class.
a6f0803
@cmurphy cmurphy Remove uncommon things from common::nova
Classes that should be included only on the Nova API server or only on
the compute node should not be in a "common" class. This patch splits
classes out of openstack::common::nova onto the API server or the
compute node.
7a3d5de
@cmurphy cmurphy Remove uncommon things from common::ceilometer
Most of the resources in common::ceilometer are not common across nodes
and actually have well defined places on the API server or the agent.
We split these out and just leave the base ceilometer class, which is
the only common class for ceilometer.
c380fbb
@cmurphy cmurphy Move admin setup to keystone server
Setting up the admin user and tenant only needs to happen once, on the
keystone node.
4332850
@cmurphy cmurphy Remove common::ml2 class
The ml2 plugin only needs to be configured on the neutron server, not
the router.
6056647
@cmurphy cmurphy Move notifications to neutron server profile
This only needs to be configured on the controller, so let's move
it out of "common".
fd14b70
@cmurphy cmurphy closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Apr 20, 2015
  1. @cmurphy

    Remove class dependencies from firewall profile

    cmurphy authored
    Profiles should be self-contained, not interdependent. Removing the
    dependency relationship between the firewallchain resources and the
    repository classes causes no ill effects, plus it simplifies the code
    because it is no longer conditional on osfamily.
  2. @cmurphy

    Use garethr/erlang to install erlang

    cmurphy authored
    Also remove the erlang repo manifest since the garethr module takes
    care of the repo.
Commits on Apr 24, 2015
  1. @cmurphy

    Use openstack_extras::auth_file instead of our own

    cmurphy authored
    The work is already done for us, so we just add openstack_extras
    as a dependency and use that instead of openstack::resources::auth_file.
  2. @cmurphy

    Update ssh module to v2.5.0

    cmurphy authored
    The latest ssh version has bugfixes and is compatible with our needs.
    
    We don't need to update the metadata because the swift module pulls
    this in.
  3. @cmurphy

    Use openstack_extras::repo instead of our own

    cmurphy authored
    The openstack_extras repo can take care of installing epel/RDO and UCA
    for us.
  4. @cmurphy

    Remove openstack::resources::connectors class

    cmurphy authored
    For the most part these strings aren't shared, so this abstraction
    provides little value. It's also a class, not a resource, so it's place
    here is confusing. Just remove it and set up the strings where they
    are used.
  5. @cmurphy

    Remove openstack::resources::controller class

    cmurphy authored
    This class does not provision any resources, it only does error
    checking. The error checking is restrictive and not very valuable, and
    it hinders reusability. This patch removes the class and all similar
    error checking not contained in the class.
  6. @cmurphy

    Remove openstack::setup::cirros class

    cmurphy authored
    Having a class that sets up a single hard-coded image is not very
    useful, except for demos. This change moves the image data into the
    example hiera files and uses create_resources on a hash of data to
    create as many images as the user wants. We move this into
    openstack::profile::glance::api since now a one-line function does not
    need its own class.
  7. @cmurphy

    Remove router and sharednetwork setup classes

    cmurphy authored
    The openstack::setup::router and openstack::setup::sharednetwork
    classes only create two networks and one router with very little
    configuration options. This change moves the network data into the
    example hiera files and uses create_resources on a hash to create as
    many networks, subnets, and routers are the user wants. We move this
    into openstack::profile::neutron::router since these resources will
    always reside on the network node.
  8. @cmurphy
  9. @cmurphy

    Remove openstack::resources::tenant resource

    cmurphy authored
    This abstraction provided no value to the user.
  10. @cmurphy

    Remove all mysql_module parameters

    cmurphy authored
    The mysql_module parameters does nothing anymore. Remove all references
    to it.
  11. @cmurphy

    Ensure device mapper package is latest

    cmurphy authored
    Nova images won't boot with the version of device-mapper installed by
    default on RedHat. We need to make sure we have the latest available
    version, and it needs to refresh the libvirt and then the nova-compute
    service after being updated.
  12. @cmurphy

    Remove common::glance

    cmurphy authored
    The glance::api class is not common, it should only be used on the
    glance api server. We move it to the api profile and remove the common
    class.
  13. @cmurphy

    Remove uncommon things from common::nova

    cmurphy authored
    Classes that should be included only on the Nova API server or only on
    the compute node should not be in a "common" class. This patch splits
    classes out of openstack::common::nova onto the API server or the
    compute node.
  14. @cmurphy

    Remove uncommon things from common::ceilometer

    cmurphy authored
    Most of the resources in common::ceilometer are not common across nodes
    and actually have well defined places on the API server or the agent.
    We split these out and just leave the base ceilometer class, which is
    the only common class for ceilometer.
  15. @cmurphy

    Move admin setup to keystone server

    cmurphy authored
    Setting up the admin user and tenant only needs to happen once, on the
    keystone node.
  16. @cmurphy

    Remove common::ml2 class

    cmurphy authored
    The ml2 plugin only needs to be configured on the neutron server, not
    the router.
  17. @cmurphy

    Move notifications to neutron server profile

    cmurphy authored
    This only needs to be configured on the controller, so let's move
    it out of "common".
This page is out of date. Refresh to see the latest.
Showing with 377 additions and 608 deletions.
  1. +10 −2 Puppetfile
  2. +1 −1  Rakefile
  3. +43 −9 examples/allinone.yaml
  4. +43 −9 examples/common.yaml
  5. +0 −31 manifests/common/ceilometer.pp
  6. +7 −2 manifests/common/cinder.pp
  7. +0 −22 manifests/common/glance.pp
  8. +6 −8 manifests/common/keystone.pp
  9. +0 −14 manifests/common/ml2.pp
  10. +6 −13 manifests/common/neutron.pp
  11. +6 −38 manifests/common/nova.pp
  12. +5 −0 manifests/config.pp
  13. +77 −23 manifests/init.pp
  14. +5 −5 manifests/profile/auth_file.pp
  15. +0 −3  manifests/profile/base.pp
  16. +7 −1 manifests/profile/ceilometer/agent.pp
  17. +23 −6 manifests/profile/ceilometer/api.pp
  18. +0 −1  manifests/profile/cinder/api.pp
  19. +6 −11 manifests/profile/firewall/pre.pp
  20. +23 −25 manifests/profile/glance/api.pp
  21. +1 −2  manifests/profile/glance/auth.pp
  22. +5 −3 manifests/profile/heat/api.pp
  23. +7 −2 manifests/profile/keystone.pp
  24. +0 −9 manifests/profile/mongodb.pp
  25. +0 −9 manifests/profile/mysql.pp
  26. +0 −1  manifests/profile/neutron/agent.pp
  27. +7 −1 manifests/profile/neutron/router.pp
  28. +22 −2 manifests/profile/neutron/server.pp
  29. +28 −1 manifests/profile/nova/api.pp
  30. +16 −4 manifests/profile/nova/compute.pp
  31. +1 −10 manifests/profile/rabbitmq.pp
  32. +0 −1  manifests/profile/swift/proxy.pp
  33. +0 −58 manifests/resources/auth_file.pp
  34. +0 −35 manifests/resources/connectors.pp
  35. +0 −18 manifests/resources/controller.pp
  36. +0 −1  manifests/resources/database.pp
  37. +20 −17 manifests/resources/repo.pp
  38. +0 −8 manifests/resources/repo/epel.pp
  39. +0 −18 manifests/resources/repo/erlang.pp
  40. +0 −34 manifests/resources/repo/rdo.pp
  41. +0 −18 manifests/resources/repo/uca.pp
  42. +0 −8 manifests/resources/repo/yum_refresh.pp
  43. +0 −12 manifests/resources/tenant.pp
  44. +0 −4 manifests/role/allinone.pp
  45. +0 −1  manifests/role/network.pp
  46. +0 −2  manifests/role/storage.pp
  47. +0 −10 manifests/setup/cirros.pp
  48. +0 −22 manifests/setup/router.pp
  49. +0 −56 manifests/setup/sharednetwork.pp
  50. +2 −0  metadata.json
  51. +0 −17 templates/openrc.erb
View
12 Puppetfile
@@ -20,7 +20,7 @@ mod "cinder",
mod "neutron",
:git => "git://github.com/stackforge/puppet-neutron",
- :ref => "master"
+ :ref => "no_lbaas"
mod "nova",
:git => "git://github.com/stackforge/puppet-nova",
@@ -42,6 +42,10 @@ mod "openstacklib",
:git => "git://github.com/stackforge/puppet-openstacklib",
:ref => "master"
+mod "openstack_extras",
+ :git => "git://github.com/stackforge/puppet-openstack_extras",
+ :ref => "master"
+
mod "tempest",
:git => "git://github.com/stackforge/puppet-tempest",
:ref => "master"
@@ -62,6 +66,10 @@ mod "epel",
:git => "git://github.com/stahnma/puppet-module-epel",
:ref => "master"
+mod "erlang",
+ :git => "git://github.com/garethr/garethr-erlang",
+ :ref => "master"
+
mod "inifile",
:git => "git://github.com/puppetlabs/puppetlabs-inifile",
:ref => "1.0.x"
@@ -92,7 +100,7 @@ mod "memcached",
mod "ssh",
:git => "git://github.com/saz/puppet-ssh",
- :ref => "a0f5d5da20c91775c76c77d3b57b41f4245a260a"
+ :ref => "v2.5.0"
mod "qpid",
:git => "git://github.com/dprince/puppet-qpid",
View
2  Rakefile
@@ -8,4 +8,4 @@ PuppetLint.configuration.send('disable_class_inherits_from_params_class')
PuppetLint.configuration.send('disable_class_parameter_defaults')
PuppetLint.configuration.send('disable_documentation')
PuppetLint.configuration.send('disable_single_quote_string_with_variables')
-PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"]
+PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp", "examples/**/*.pp"]
View
52 examples/allinone.yaml
@@ -3,18 +3,46 @@ openstack::region: 'openstack'
######## Networks
openstack::network::api: '192.168.11.0/24'
openstack::network::external: '192.168.22.0/24'
+openstack::networks:
+ public:
+ tenant_name: 'services'
+ provider_network_type: 'gre'
+ router_external: true
+ provider_segmentation_id: 3604
+ shared: true
+ private:
+ tenant_name: 'services'
+ provider_network_type: 'gre'
+ router_external: false
+ provider_segmentation_id: 4063
+ shared: true
+openstack::subnets:
+ '192.168.22.0/24':
+ cidr: '192.168.22.0/24'
+ ip_version: '4'
+ gateway_ip: 192.168.22.2
+ enable_dhcp: false
+ network_name: 'public'
+ tenant_name: 'services'
+ allocation_pools: ['start=192.168.22.100,end=192.168.22.200']
+ dns_nameservers: [192.168.22.2]
+ '10.0.0.0/24':
+ cidr: '10.0.0.0/24'
+ ip_version: '4'
+ enable_dhcp: true
+ network_name: 'private'
+ tenant_name: 'services'
+ dns_nameservers: [192.168.22.2]
+openstack::routers:
+ test:
+ tenant_name: 'test'
+ gateway_network_name: 'public'
+openstack::router_interfaces:
+ 'test:10.0.0.0/24': {}
+
openstack::network::management: '172.16.33.0/24'
openstack::network::data: '172.16.44.0/24'
-openstack::network::external::ippool::start: 192.168.22.100
-openstack::network::external::ippool::end: 192.168.22.200
-openstack::network::external::gateway: 192.168.22.2
-openstack::network::external::dns: 192.168.22.2
-
-######## Private Neutron Network
-
-openstack::network::neutron::private: '10.0.0.0/24'
-
######## Fixed IPs (controllers)
openstack::controller::address::api: '192.168.11.4'
@@ -84,6 +112,12 @@ openstack::keystone::users:
######## Glance
+openstack::images:
+ Cirros:
+ container_format: 'bare'
+ disk_format: 'qcow2'
+ source: 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img'
+
openstack::glance::password: 'na-mu-va'
######## Cinder
View
52 examples/common.yaml
@@ -3,18 +3,46 @@ openstack::region: 'openstack'
######## Networks
openstack::network::api: '192.168.11.0/24'
openstack::network::external: '192.168.22.0/24'
+openstack::networks:
+ public:
+ tenant_name: 'services'
+ provider_network_type: 'gre'
+ router_external: true
+ provider_segmentation_id: 3604
+ shared: true
+ private:
+ tenant_name: 'services'
+ provider_network_type: 'gre'
+ router_external: false
+ provider_segmentation_id: 4063
+ shared: true
+openstack::subnets:
+ '192.168.22.0/24':
+ cidr: '192.168.22.0/24'
+ ip_version: '4'
+ gateway_ip: 192.168.22.2
+ enable_dhcp: false
+ network_name: 'public'
+ tenant_name: 'services'
+ allocation_pools: ['start=192.168.22.100,end=192.168.22.200']
+ dns_nameservers: [192.168.22.2]
+ '10.0.0.0/24':
+ cidr: '10.0.0.0/24'
+ ip_version: '4'
+ enable_dhcp: true
+ network_name: 'private'
+ tenant_name: 'services'
+ dns_nameservers: [192.168.22.2]
+openstack::routers:
+ test:
+ tenant_name: 'test'
+ gateway_network_name: 'public'
+openstack::router_interfaces:
+ 'test:10.0.0.0/24': {}
+
openstack::network::management: '172.16.33.0/24'
openstack::network::data: '172.16.44.0/24'
-openstack::network::external::ippool::start: 192.168.22.100
-openstack::network::external::ippool::end: 192.168.22.200
-openstack::network::external::gateway: 192.168.22.2
-openstack::network::external::dns: 192.168.22.2
-
-######## Private Neutron Network
-
-openstack::network::neutron::private: '10.0.0.0/24'
-
######## Fixed IPs (controllers)
openstack::controller::address::api: '192.168.11.4'
@@ -84,6 +112,12 @@ openstack::keystone::users:
######## Glance
+openstack::images:
+ Cirros:
+ container_format: 'bare'
+ disk_format: 'qcow2'
+ source: 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img'
+
openstack::glance::password: 'na-mu-va'
######## Cinder
View
31 manifests/common/ceilometer.pp
@@ -1,19 +1,6 @@
# Common class for ceilometer installation
# Private, and should not be used on its own
class openstack::common::ceilometer {
- $is_controller = $::openstack::profile::base::is_controller
-
- $ceilometer_management_address = $::openstack::config::ceilometer_address_management
- $controller_management_address = $::openstack::config::controller_address_management
-
- $mongo_username = $::openstack::config::ceilometer_mongo_username
- $mongo_password = $::openstack::config::ceilometer_mongo_password
-
- if ! $mongo_username or ! $mongo_password {
- $mongo_connection = "mongodb://${ceilometer_management_address}:27017/ceilometer"
- } else {
- $mongo_connection = "mongodb://${mongo_username}:${mongo_password}@${ceilometer_management_address}:27017/ceilometer"
- }
class { '::ceilometer':
metering_secret => $::openstack::config::ceilometer_meteringsecret,
@@ -24,23 +11,5 @@
rabbit_password => $::openstack::config::rabbitmq_password,
}
- if $is_controller {
- class { '::ceilometer::api':
- enabled => $is_controller,
- keystone_host => $controller_management_address,
- keystone_password => $::openstack::config::ceilometer_password,
- }
- }
-
- class { '::ceilometer::db':
- database_connection => $mongo_connection,
- mysql_module => '2.2',
- }
-
- class { '::ceilometer::agent::auth':
- auth_url => "http://${controller_management_address}:5000/v2.0",
- auth_password => $::openstack::config::ceilometer_password,
- auth_region => $::openstack::config::region,
- }
}
View
9 manifests/common/cinder.pp
@@ -1,14 +1,19 @@
# Common class for cinder installation
# Private, and should not be used on its own
class openstack::common::cinder {
+
+ $management_address = $::openstack::config::controller_address_management
+ $user = $::openstack::config::mysql_user_cinder
+ $pass = $::openstack::config::mysql_pass_cinder
+ $database_connection = "mysql://${user}:${pass}@${management_address}/cinder"
+
class { '::cinder':
- database_connection => $::openstack::resources::connectors::cinder,
+ database_connection => $database_connection,
rabbit_host => $::openstack::config::controller_address_management,
rabbit_userid => $::openstack::config::rabbitmq_user,
rabbit_password => $::openstack::config::rabbitmq_password,
debug => $::openstack::config::debug,
verbose => $::openstack::config::verbose,
- mysql_module => '2.2',
}
$storage_server = $::openstack::config::storage_address_api
View
22 manifests/common/glance.pp
@@ -1,22 +0,0 @@
-# Common class for Glance installation
-# Private, and should not be used on its own
-# The purpose is to have basic Glance auth configuration options
-# set so that services like Tempest can access credentials
-# on the controller
-class openstack::common::glance {
- if $::openstack::profile::base::is_storage {
- class { '::glance::api':
- keystone_password => $::openstack::config::glance_password,
- auth_host => $::openstack::config::controller_address_management,
- keystone_tenant => 'services',
- keystone_user => 'glance',
- database_connection => $::openstack::resources::connectors::glance,
- registry_host => $::openstack::config::storage_address_management,
- verbose => $::openstack::config::verbose,
- debug => $::openstack::config::debug,
- enabled => $::openstack::profile::base::is_storage,
- mysql_module => '2.2',
- os_region_name => $::openstack::region,
- }
- }
-}
View
14 manifests/common/keystone.pp
@@ -11,21 +11,19 @@
$service_name = undef
}
+ $management_address = $::openstack::config::controller_address_management
+ $user = $::openstack::config::mysql_user_keystone
+ $pass = $::openstack::config::mysql_pass_keystone
+ $database_connection = "mysql://${user}:${pass}@${management_address}/keystone"
+
class { '::keystone':
admin_token => $::openstack::config::keystone_admin_token,
- database_connection => $::openstack::resources::connectors::keystone,
+ database_connection => $database_connection,
verbose => $::openstack::config::verbose,
debug => $::openstack::config::debug,
enabled => $::openstack::profile::base::is_controller,
admin_bind_host => $admin_bind_host,
- mysql_module => '2.2',
service_name => $service_name,
}
- class { '::keystone::roles::admin':
- email => $::openstack::config::keystone_admin_email,
- password => $::openstack::config::keystone_admin_password,
- admin_tenant => 'admin',
- }
-
}
View
14 manifests/common/ml2.pp
@@ -1,14 +0,0 @@
-# Private class
-class openstack::common::ml2 {
- $tenant_network_type = $::openstack::config::neutron_tenant_network_type # ['gre']
- $type_drivers = $::openstack::config::neutron_type_drivers # ['gre']
- $mechanism_drivers = $::openstack::config::neutron_mechanism_drivers # ['openvswitch']
- $tunnel_id_ranges = $::openstack::config::neutron_tunnel_id_ranges # ['1:1000']
-
- class { '::neutron::plugins::ml2':
- type_drivers => $type_drivers,
- tenant_network_types => $tenant_network_type,
- mechanism_drivers => $mechanism_drivers,
- tunnel_id_ranges => $tunnel_id_ranges
- }
-}
View
19 manifests/common/neutron.pp
@@ -14,6 +14,11 @@
# neutron auth depends upon a keystone configuration
include ::openstack::common::keystone
+ $user = $::openstack::config::mysql_user_neutron
+ $pass = $::openstack::config::mysql_pass_neutron
+ $database_connection = "mysql://${user}:${pass}@${controller_management_address}/neutron"
+
+
class { '::neutron':
rabbit_host => $controller_management_address,
core_plugin => $::openstack::config::neutron_core_plugin,
@@ -37,21 +42,9 @@
class { '::neutron::server':
auth_host => $::openstack::config::controller_address_management,
auth_password => $::openstack::config::neutron_password,
- database_connection => $::openstack::resources::connectors::neutron,
+ database_connection => $database_connection,
enabled => $is_controller,
sync_db => $is_controller,
- mysql_module => '2.2',
- }
-
- if $is_controller {
- anchor { 'neutron_common_first': } ->
- class { '::neutron::server::notifications':
- nova_url => "http://${controller_management_address}:8774/v2/",
- nova_admin_auth_url => "http://${controller_management_address}:35357/v2.0/",
- nova_admin_password => $::openstack::config::nova_password,
- nova_region_name => $::openstack::config::region,
- }
- anchor { 'neutron_common_last': }
}
if $::osfamily == 'redhat' {
View
44 manifests/common/nova.pp
@@ -3,8 +3,7 @@
# usage: include from controller, declare from worker
# This is to handle dependency
# depends on openstack::profile::base having been added to a node
-class openstack::common::nova ($is_compute = false) {
- $is_controller = $::openstack::profile::base::is_controller
+class openstack::common::nova {
$management_network = $::openstack::config::network_management
$management_address = ip_for_network($management_network)
@@ -12,8 +11,12 @@
$storage_management_address = $::openstack::config::storage_address_management
$controller_management_address = $::openstack::config::controller_address_management
+ $user = $::openstack::config::mysql_user_nova
+ $pass = $::openstack::config::mysql_pass_nova
+ $database_connection = "mysql://${user}:${pass}@${controller_management_address}/nova"
+
class { '::nova':
- database_connection => $::openstack::resources::connectors::nova,
+ database_connection => $database_connection,
glance_api_servers => join($::openstack::config::glance_api_servers, ','),
memcached_servers => ["${controller_management_address}:11211"],
rabbit_hosts => $::openstack::config::rabbitmq_hosts,
@@ -21,45 +24,10 @@
rabbit_password => $::openstack::config::rabbitmq_password,
debug => $::openstack::config::debug,
verbose => $::openstack::config::verbose,
- mysql_module => '2.2',
}
nova_config { 'DEFAULT/default_floating_pool': value => 'public' }
- if $is_controller {
- class { '::nova::api':
- admin_password => $::openstack::config::nova_password,
- auth_host => $controller_management_address,
- enabled => $is_controller,
- neutron_metadata_proxy_shared_secret => $::openstack::config::neutron_shared_secret,
- }
-
- class { '::nova::vncproxy':
- host => $::openstack::config::controller_address_api,
- enabled => $is_controller,
- }
-
- class { [
- 'nova::scheduler',
- 'nova::objectstore',
- 'nova::cert',
- 'nova::consoleauth',
- 'nova::conductor'
- ]:
- enabled => $is_controller,
- }
- }
-
- # TODO: it's important to set up the vnc properly
- class { '::nova::compute':
- enabled => $is_compute,
- vnc_enabled => true,
- vncserver_proxyclient_address => $management_address,
- vncproxy_host => $::openstack::config::controller_address_api,
- }
-
- class { '::nova::compute::neutron': }
-
class { '::nova::network::neutron':
neutron_admin_password => $::openstack::config::neutron_password,
neutron_region_name => $::openstack::config::region,
View
5 manifests/config.pp
@@ -3,6 +3,10 @@
$use_hiera = undef,
$region = undef,
$network_api = undef,
+ $networks = undef,
+ $subnets = undef,
+ $routers = undef,
+ $router_interfaces = undef,
$network_external = undef,
$network_management = undef,
$network_data = undef,
@@ -41,6 +45,7 @@
$keystone_use_httpd = undef,
$glance_password = undef,
$glance_api_servers = undef,
+ $images = undef,
$cinder_password = undef,
$cinder_volume_size = undef,
$swift_password = undef,
View
100 manifests/init.pp
@@ -24,6 +24,61 @@
# The CIDR of the api network. This is the network that all public
# api calls are made on, as well as the network to access Horizon.
#
+# [*networks*]
+# (optional) Hash of neutron networks. Example:
+# {
+# 'public' => {
+# 'tenant_name' => 'services',
+# 'provider_network_type' => 'gre',
+# 'router_external' => true,
+# 'provider_segmentation_id' => 3604,
+# 'shared' => true,
+# }
+# }
+# Consult the neutron_network documentation for more information.
+# Defaults to {}.
+#
+# [*subnets*]
+# (optional) Hash of neutron subnets. Example:
+# {
+# '192.168.22.0/24' => {
+# 'cidr' => '192.168.22.0/24',
+# 'ip_version' => '4',
+# 'gateway_ip' => '192.168.22.2',
+# 'enable_dhcp' => false,
+# 'network_name' => 'public',
+# 'tenant_name' => 'services',
+# 'allocation_pools' => ['start=192.168.22.100,end=192.168.22.200'],
+# 'dns_nameservers' => [192.168.22.2],
+# }
+# }
+# Consult the neutron_subnet documentation for more information.
+# Defaults to {}.
+#
+# [*routers*]
+# (optional) Hash of neutron routers. Example:
+# {
+# 'test' => {
+# 'tenant_name' => 'test',
+# 'gateway_network_name' => 'public',
+# }
+# }
+# Consult the neutron_router documentation for more information.
+# Defaults to {}.
+#
+# [*router_interfaces*]
+# (optional) Hash of neutron router interfaces. The key has the form
+# tenant:subnet where the subnet is one of the subnets given by the
+# $subnets parameter. Example:
+# {
+# 'test:10.0.0.0/24' => {
+# ensure => present,
+# }
+# }
+# Consult the neutron_router_interface documentation for more
+# information.
+# Defaults to {}.
+#
# [*network_external*]
# The CIDR of the external network. May be the same as network_api.
# This is the network that floating IP addresses are allocated in
@@ -35,24 +90,6 @@
# [*network_data*]
# The CIDR of the data network. May be the same as network_management.
#
-# [*network_external_ippool_start*]
-# The starting address of the external network IP pool. Must be contained
-# within the network_external CIDR range.
-#
-# [*network_external_ippool_end*]
-# The end address of the external network IP pool. Must be contained within
-# the network_external CIDR range, and greater than network_external_ippool_start.
-#
-# [*network_external_gateway*]
-# The gateway address for the external network.
-#
-# [*network_external_dns*]
-# The DNS server for the external network.
-#
-# == Private Neutron Network
-# [*network_neutron_private*]
-# The CIDR of the automatically created private network.
-#
# == Fixed IPs (controllers)
# [*controller_address_api*]
# The API IP address of the controller node. Must be in the network_api CIDR.
@@ -154,6 +191,17 @@
# Defaults to false.
#
# == Glance
+# [*images*]
+# (optional) Hash of glance_images resources. Example:
+# {
+# 'Cirros' => {
+# 'container_format' => 'bare',
+# 'disk_format' => 'qcow2',
+# 'source' => 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img',
+# }
+# }
+# Consult the glance_image documentation for more information.
+#
# [*glance_password*]
# The password for the glance user in Keystone.
#
@@ -343,6 +391,7 @@
$keystone_use_httpd = false,
$glance_password = undef,
$glance_api_servers = undef,
+ $images = undef,
$cinder_password = undef,
$cinder_volume_size = undef,
$swift_password = undef,
@@ -389,14 +438,13 @@
class { '::openstack::config':
region => hiera(openstack::region),
network_api => hiera(openstack::network::api),
+ networks => hiera(openstack::networks, {}),
+ subnets => hiera(openstack::subnets, {}),
+ routers => hiera(openstack::routers, {}),
+ router_interfaces => hiera(openstack::router_interfaces, {}),
network_external => hiera(openstack::network::external),
network_management => hiera(openstack::network::management),
network_data => hiera(openstack::network::data),
- network_external_ippool_start => hiera(openstack::network::external::ippool::start),
- network_external_ippool_end => hiera(openstack::network::external::ippool::end),
- network_external_gateway => hiera(openstack::network::external::gateway),
- network_external_dns => hiera(openstack::network::external::dns),
- network_neutron_private => hiera(openstack::network::neutron::private),
controller_address_api => hiera(openstack::controller::address::api),
controller_address_management => hiera(openstack::controller::address::management),
storage_address_api => hiera(openstack::storage::address::api),
@@ -427,6 +475,7 @@
keystone_use_httpd => hiera(openstack::keystone::use_httpd, false),
glance_password => hiera(openstack::glance::password),
glance_api_servers => hiera(openstack::glance::api_servers),
+ images => hiera(openstack::images),
cinder_password => hiera(openstack::cinder::password),
cinder_volume_size => hiera(openstack::cinder::volume_size),
swift_password => hiera(openstack::swift::password),
@@ -473,6 +522,10 @@
class { '::openstack::config':
region => $region,
network_api => $network_api,
+ networks => $networks,
+ subnets => $subnets,
+ routers => $routers,
+ router_interfaces => $router_interfaces,
network_external => $network_external,
network_management => $network_management,
network_data => $network_data,
@@ -511,6 +564,7 @@
keystone_use_httpd => $keystone_use_httpd,
glance_password => $glance_password,
glance_api_servers => $glance_api_servers,
+ images => $images,
cinder_password => $cinder_password,
cinder_volume_size => $cinder_volume_size,
swift_password => $swift_password,
View
10 manifests/profile/auth_file.pp
@@ -1,9 +1,9 @@
# The profile to install an OpenStack specific mysql server
class openstack::profile::auth_file {
- class { '::openstack::resources::auth_file':
- admin_tenant => 'admin',
- admin_password => $::openstack::config::keystone_admin_password,
- region_name => $::openstack::config::region,
- controller_node => $::openstack::config::controller_address_api,
+ class { '::openstack_extras::auth_file':
+ tenant_name => 'admin',
+ password => $::openstack::config::keystone_admin_password,
+ auth_url => "http://${::openstack::config::controller_address_api}:5000/v2.0/",
+ region_name => $::openstack::config::region,
}
}
View
3  manifests/profile/base.pp
@@ -9,9 +9,6 @@
# all nodes need the OpenStack repository
class { '::openstack::resources::repo': }
- # database connectors
- class { '::openstack::resources::connectors': }
-
# database anchor
anchor { 'database-service': }
View
8 manifests/profile/ceilometer/agent.pp
@@ -1,4 +1,10 @@
class openstack::profile::ceilometer::agent {
- class { '::openstack::common::ceilometer': } ->
+ $controller_management_address = $::openstack::config::controller_address_management
+ include ::openstack::common::ceilometer
+ class { '::ceilometer::agent::auth':
+ auth_url => "http://${controller_management_address}:5000/v2.0",
+ auth_password => $::openstack::config::ceilometer_password,
+ auth_region => $::openstack::config::region,
+ }
class { '::ceilometer::agent::compute': }
}
View
29 manifests/profile/ceilometer/api.pp
@@ -2,12 +2,25 @@
# For co-located api and worker nodes this appear
# after openstack::profile::ceilometer::agent
class openstack::profile::ceilometer::api {
- openstack::resources::controller { 'ceilometer': }
+
+ $mongo_username = $::openstack::ceilometer_mongo_username
+ $mongo_password = $::openstack::ceilometer_mongo_password
+ $ceilometer_management_address = $::openstack::ceilometer_address_management
+ $controller_management_address = $::openstack::controller_address_management
+
+
+ if ! $mongo_username or ! $mongo_password {
+ $mongo_connection = "mongodb://${ceilometer_management_address}:27017/ceilometer"
+ } else {
+ $mongo_connection = "mongodb://${mongo_username}:${mongo_password}@${ceilometer_management_address}:27017/ceilometer"
+ }
openstack::resources::firewall { 'Ceilometer API':
port => '8777',
}
+ include ::openstack::common::ceilometer
+
class { '::ceilometer::keystone::auth':
password => $::openstack::config::ceilometer_password,
public_address => $::openstack::config::controller_address_api,
@@ -16,6 +29,15 @@
region => $::openstack::config::region,
}
+ class { '::ceilometer::api':
+ keystone_host => $controller_management_address,
+ keystone_password => $::openstack::ceilometer_password,
+ }
+
+ class { '::ceilometer::db':
+ database_connection => $mongo_connection,
+ }
+
class { '::ceilometer::agent::central':
}
@@ -37,17 +59,12 @@
class { '::ceilometer::collector': }
- include ::openstack::common::ceilometer
-
mongodb_database { 'ceilometer':
ensure => present,
tries => 20,
require => Class['mongodb::server'],
}
- $mongo_username = $::openstack::config::ceilometer_mongo_username
- $mongo_password = $::openstack::config::ceilometer_mongo_password
-
if $mongo_username and $mongo_password {
mongodb_user { $mongo_username:
ensure => present,
View
1  manifests/profile/cinder/api.pp
@@ -1,7 +1,6 @@
# The profile for installing the Cinder API
class openstack::profile::cinder::api {
- openstack::resources::controller { 'cinder': }
openstack::resources::database { 'cinder': }
openstack::resources::firewall { 'Cinder API': port => '8776', }
View
17 manifests/profile/firewall/pre.pp
@@ -5,20 +5,15 @@
# Set up the initial firewall rules for all nodes
if $::osfamily == 'RedHat' {
firewallchain { 'INPUT:filter:IPv4':
- purge => true,
- ignore => ['neutron','virbr0'],
- before => Firewall['0001 - related established'],
- require => [
- Class['::openstack::resources::repo::epel'],
- Class['::openstack::resources::repo::rdo'],
- ],
+ purge => true,
+ ignore => ['neutron','virbr0'],
+ before => Firewall['0001 - related established'],
}
} elsif $::osfamily == 'Debian' {
firewallchain { 'INPUT:filter:IPv4':
- purge => true,
- ignore => ['neutron','virbr0'],
- before => Firewall['0001 - related established'],
- require => [ Class['::openstack::resources::repo::uca'] ],
+ purge => true,
+ ignore => ['neutron','virbr0'],
+ before => Firewall['0001 - related established'],
}
}
View
48 manifests/profile/glance/api.pp
@@ -5,46 +5,40 @@
$api_network = $::openstack::config::network_api
$api_address = ip_for_network($api_network)
- $management_network = $::openstack::config::network_management
- $management_address = ip_for_network($management_network)
+ $management_network = $::openstack::config::network_management
+ $management_address = ip_for_network($management_network)
- $explicit_management_address = $::openstack::config::storage_address_management
- $explicit_api_address = $::openstack::config::storage_address_api
-
- $controller_address = $::openstack::config::controller_address_management
-
- if $management_address != $explicit_management_address {
- fail("Glance Auth setup failed. The inferred location of Glance from
- the openstack::network::management hiera value is
- ${management_address}. The explicit address from
- openstack::storage::address::management is ${explicit_management_address}.
- Please correct this difference.")
- }
-
- if $api_address != $explicit_api_address {
- fail("Glance Auth setup failed. The inferred location of Glance from
- the openstack::network::management hiera value is
- ${api_address}. The explicit address from
- openstack::storage::address::api is ${explicit_api_address}.
- Please correct this difference.")
- }
+ $controller_address = $::openstack::config::controller_address_management
+ $user = $::openstack::config::mysql_user_glance
+ $pass = $::openstack::config::mysql_pass_glance
+ $database_connection = "mysql://${user}:${pass}@${controller_address}/glance"
openstack::resources::firewall { 'Glance API': port => '9292', }
openstack::resources::firewall { 'Glance Registry': port => '9191', }
- include ::openstack::common::glance
+ class { '::glance::api':
+ keystone_password => $::openstack::config::glance_password,
+ auth_host => $::openstack::config::controller_address_management,
+ keystone_tenant => 'services',
+ keystone_user => 'glance',
+ database_connection => $database_connection,
+ registry_host => $::openstack::config::storage_address_management,
+ verbose => $::openstack::config::verbose,
+ debug => $::openstack::config::debug,
+ enabled => $::openstack::profile::base::is_storage,
+ os_region_name => $::openstack::config::region,
+ }
class { '::glance::backend::file': }
class { '::glance::registry':
keystone_password => $::openstack::config::glance_password,
- database_connection => $::openstack::resources::connectors::glance,
+ database_connection => $database_connection,
auth_host => $::openstack::config::controller_address_management,
keystone_tenant => 'services',
keystone_user => 'glance',
verbose => $::openstack::config::verbose,
debug => $::openstack::config::debug,
- mysql_module => '2.2',
}
class { '::glance::notify::rabbitmq':
@@ -52,4 +46,8 @@
rabbit_userid => $::openstack::config::rabbitmq_user,
rabbit_host => $::openstack::config::controller_address_management,
}
+
+ $images = $::openstack::config::images
+
+ create_resources('glance_image', $images)
}
View
3  manifests/profile/glance/auth.pp
@@ -1,7 +1,7 @@
# The profile to set up the endpoints, auth, and database for Glance
# Because of the include, api must come before auth if colocated
class openstack::profile::glance::auth {
- openstack::resources::controller { 'glance': }
+
openstack::resources::database { 'glance': }
class { '::glance::keystone::auth':
@@ -12,5 +12,4 @@
region => $::openstack::config::region,
}
- include ::openstack::common::glance
}
View
8 manifests/profile/heat/api.pp
@@ -1,11 +1,14 @@
# The profile for installing the heat API
class openstack::profile::heat::api {
- openstack::resources::controller { 'heat': }
+
openstack::resources::database { 'heat': }
openstack::resources::firewall { 'Heat API': port => '8004', }
openstack::resources::firewall { 'Heat CFN API': port => '8000', }
$controller_management_address = $::openstack::config::controller_address_management
+ $user = $::openstack::config::mysql_user_heat
+ $pass = $::openstack::config::mysql_pass_heat
+ $database_connection = "mysql://${user}:${pass}@${controller_management_address}/heat"
class { '::heat::keystone::auth':
password => $::openstack::config::heat_password,
@@ -24,7 +27,7 @@
}
class { '::heat':
- database_connection => $::openstack::resources::connectors::heat,
+ database_connection => $database_connection,
rabbit_host => $::openstack::config::controller_address_management,
rabbit_userid => $::openstack::config::rabbitmq_user,
rabbit_password => $::openstack::config::rabbitmq_password,
@@ -32,7 +35,6 @@
verbose => $::openstack::config::verbose,
keystone_host => $::openstack::config::controller_address_management,
keystone_password => $::openstack::config::heat_password,
- mysql_module => '2.2',
}
class { '::heat::api':
View
9 manifests/profile/keystone.pp
@@ -1,12 +1,17 @@
# The profile to install the Keystone service
class openstack::profile::keystone {
- openstack::resources::controller { 'keystone': }
openstack::resources::database { 'keystone': }
openstack::resources::firewall { 'Keystone API': port => '5000', }
include ::openstack::common::keystone
+ class { '::keystone::roles::admin':
+ email => $::openstack::config::keystone_admin_email,
+ password => $::openstack::config::keystone_admin_password,
+ admin_tenant => 'admin',
+ }
+
class { 'keystone::endpoint':
public_url => "http://${::openstack::config::controller_address_api}:5000",
admin_url => "http://${::openstack::config::controller_address_management}:35357",
@@ -22,6 +27,6 @@
$tenants = $::openstack::config::keystone_tenants
$users = $::openstack::config::keystone_users
- create_resources('openstack::resources::tenant', $tenants)
+ create_resources('keystone_tenant', $tenants)
create_resources('openstack::resources::user', $users)
}
View
9 manifests/profile/mongodb.pp
@@ -1,15 +1,6 @@
# The profile to install an OpenStack specific MongoDB server
class openstack::profile::mongodb {
$management_network = $::openstack::config::network_management
- $inferred_address = ip_for_network($management_network)
- $explicit_address = $::openstack::config::controller_address_management
-
- if $inferred_address != $explicit_address {
- fail("MongoDB setup failed. The inferred location of the database based on the
- openstack::network::management hiera value is ${inferred_address}. The
- explicit address from openstack::controller::address::management
- is ${explicit_address}. Please correct this difference.")
- }
class { '::mongodb::globals':
manage_package_repo => true,
View
9 manifests/profile/mysql.pp
@@ -2,15 +2,6 @@
class openstack::profile::mysql {
$management_network = $::openstack::config::network_management
- $inferred_address = ip_for_network($management_network)
- $explicit_address = $::openstack::config::controller_address_management
-
- if $inferred_address != $explicit_address {
- fail("MySQL setup failed. The inferred location of the database based on the
- openstack::network::management hiera value is ${inferred_address}. The
- explicit address from openstack::controller::address::management
- is ${explicit_address}. Please correct this difference.")
- }
class { '::mysql::server':
root_password => $::openstack::config::mysql_root_password,
View
1  manifests/profile/neutron/agent.pp
@@ -2,5 +2,4 @@
class openstack::profile::neutron::agent {
include ::openstack::common::neutron
include ::openstack::common::ml2::ovs
- include ::openstack::common::ml2
}
View
8 manifests/profile/neutron/router.pp
@@ -8,7 +8,6 @@
include ::openstack::common::neutron
include ::openstack::common::ml2::ovs
- include ::openstack::common::ml2
### Router service installation
@@ -65,4 +64,11 @@
# External bridge already has the external device's IP, thus the external
# device has already been linked
}
+
+ $defaults = { 'ensure' => 'present' }
+ create_resources('neutron_network', $::openstack::config::networks, $defaults)
+ create_resources('neutron_subnet', $::openstack::config::subnets, $defaults)
+ create_resources('neutron_router', $::openstack::config::routers, $defaults)
+ create_resources('neutron_router_interface', $::openstack::config::router_interfaces, $defaults)
+
}
View
24 manifests/profile/neutron/server.pp
@@ -1,11 +1,31 @@
# The profile to set up the neutron server
class openstack::profile::neutron::server {
- openstack::resources::controller { 'neutron': }
+
openstack::resources::database { 'neutron': }
openstack::resources::firewall { 'Neutron API': port => '9696', }
include ::openstack::common::neutron
- include ::openstack::common::ml2
+
+ $tenant_network_type = $::openstack::config::neutron_tenant_network_type # ['gre']
+ $type_drivers = $::openstack::config::neutron_type_drivers # ['gre']
+ $mechanism_drivers = $::openstack::config::neutron_mechanism_drivers # ['openvswitch']
+ $tunnel_id_ranges = $::openstack::config::neutron_tunnel_id_ranges # ['1:1000']
+ $controller_management_address = $::openstack::config::controller_address_management
+
+ class { '::neutron::plugins::ml2':
+ type_drivers => $type_drivers,
+ tenant_network_types => $tenant_network_type,
+ mechanism_drivers => $mechanism_drivers,
+ tunnel_id_ranges => $tunnel_id_ranges
+ }
+
+ class { '::neutron::server::notifications':
+ nova_url => "http://${controller_management_address}:8774/v2/",
+ nova_admin_auth_url => "http://${controller_management_address}:35357/v2.0/",
+ nova_admin_password => $::openstack::config::nova_password,
+ nova_region_name => $::openstack::config::region,
+ }
+ contain ::neutron::server::notifications
Class['::neutron::db::mysql'] -> Exec['neutron-db-sync']
}
View
29 manifests/profile/nova/api.pp
@@ -1,6 +1,9 @@
# The profile to set up the Nova controller (several services)
class openstack::profile::nova::api {
- openstack::resources::controller { 'nova': }
+
+ $is_controller = $::openstack::profile::base::is_controller
+ $controller_management_address = $::openstack::controller_address_management
+
openstack::resources::database { 'nova': }
openstack::resources::firewall { 'Nova API': port => '8774', }
openstack::resources::firewall { 'Nova Metadata': port => '8775', }
@@ -17,4 +20,28 @@
}
include ::openstack::common::nova
+
+ class { '::nova::api':
+ admin_password => $::openstack::config::nova_password,
+ auth_host => $controller_management_address,
+ enabled => $is_controller,
+ neutron_metadata_proxy_shared_secret => $::openstack::config::neutron_shared_secret,
+ }
+
+ class { '::nova::compute::neutron': }
+
+ class { '::nova::vncproxy':
+ host => $::openstack::controller_address_api,
+ enabled => $is_controller,
+ }
+
+ class { [
+ 'nova::scheduler',
+ 'nova::objectstore',
+ 'nova::cert',
+ 'nova::consoleauth',
+ 'nova::conductor'
+ ]:
+ enabled => $is_controller,
+ }
}
View
20 manifests/profile/nova/compute.pp
@@ -1,10 +1,16 @@
# The puppet module to set up a Nova Compute node
class openstack::profile::nova::compute {
- $management_network = $::openstack::config::network_management
- $management_address = ip_for_network($management_network)
+ $management_network = $::openstack::config::network_management
+ $management_address = ip_for_network($management_network)
+ $controller_management_address = $::openstack::config::controller_address_management
- class { 'openstack::common::nova':
- is_compute => true,
+ include ::openstack::common::nova
+
+ class { '::nova::compute':
+ enabled => true,
+ vnc_enabled => true,
+ vncserver_proxyclient_address => $management_address,
+ vncproxy_host => $::openstack::config::controller_address_api,
}
class { '::nova::compute::libvirt':
@@ -24,5 +30,11 @@
notify => Service['libvirt'],
}
+ if $::osfamily == 'RedHat' {
+ package { 'device-mapper':
+ ensure => latest
+ }
+ Package['device-mapper'] ~> Service['libvirtd'] ~> Service['nova-compute']
+ }
Package['libvirt'] -> File['/etc/libvirt/qemu.conf']
}
View
11 manifests/profile/rabbitmq.pp
@@ -2,16 +2,7 @@
class openstack::profile::rabbitmq {
$management_address = $::openstack::config::controller_address_management
- if $::osfamily == 'RedHat' {
- package { 'erlang':
- ensure => installed,
- before => Package['rabbitmq-server'],
- }
- # Erlang solutions doesn't have a yum repo for Fedora >= 17, but Fedora has an up-to-date erlang
- if $::operatingsystem != 'Fedora' {
- Yumrepo['erlang-solutions'] -> Package['erlang']
- }
- }
+ include erlang
rabbitmq_user { $::openstack::config::rabbitmq_user:
admin => true,
View
1  manifests/profile/swift/proxy.pp
@@ -1,7 +1,6 @@
# The profile for installing the Swift Proxy
class openstack::profile::swift::proxy {
- openstack::resources::controller { 'swift': }
openstack::resources::firewall { 'Swift Proxy': port => '8080', }
class { 'swift::keystone::auth':
View
58 manifests/resources/auth_file.pp
@@ -1,58 +0,0 @@
-# == Class: openstack::resources::auth_file
-#
-# Creates an auth file that can be used to export
-# environment variables that can be used to authenticate
-# against a keystone server.
-#
-# === Parameters
-#
-# [*admin_password*]
-# (required) Admin password.
-# [*controller_node*]
-# (optional) Keystone address. Defaults to '127.0.0.1'.
-# [*keystone_admin_token*]
-# (optional) Admin token.
-# NOTE: This setting will trigger a warning from keystone.
-# Authentication credentials will be ignored by keystone client
-# in favor of token authentication. Defaults to undef.
-# [*admin_user*]
-# (optional) Defaults to 'admin'.
-# [*admin_tenant*]
-# (optional) Defaults to 'openstack'.
-# [*region_name*]
-# (optional) Defaults to 'RegionOne'.
-# [*use_no_cache*]
-# (optional) Do not use the auth token cache. Defaults to true.
-# [*cinder_endpoint_type*]
-# (optional) Defaults to 'publicURL'.
-# [*glance_endpoint_type*]
-# (optional) Defaults to 'publicURL'.
-# [*keystone_endpoint_type*]
-# (optional) Defaults to 'publicURL'.
-# [*nova_endpoint_type*]
-# (optional) Defaults to 'publicURL'.
-# [*neutron_endpoint_type*]
-# (optional) Defaults to 'publicURL'.
-#
-class openstack::resources::auth_file(
- $admin_password,
- $controller_node = '127.0.0.1',
- $keystone_admin_token = undef,
- $admin_user = 'admin',
- $admin_tenant = 'openstack',
- $region_name = 'RegionOne',
- $use_no_cache = true,
- $cinder_endpoint_type = 'publicURL',
- $glance_endpoint_type = 'publicURL',
- $keystone_endpoint_type = 'publicURL',
- $nova_endpoint_type = 'publicURL',
- $neutron_endpoint_type = 'publicURL',
-) {
-
- file { '/root/openrc':
- owner => 'root',
- group => 'root',
- mode => '0700',
- content => template("${module_name}/openrc.erb")
- }
-}
View
35 manifests/resources/connectors.pp
@@ -1,35 +0,0 @@
-class openstack::resources::connectors {
-
- $management_address = $::openstack::config::controller_address_management
- $password = $::openstack::config::mysql_service_password
-
- # keystone
- $user_keystone = $::openstack::config::mysql_user_keystone
- $pass_keystone = $::openstack::config::mysql_pass_keystone
- $keystone = "mysql://${user_keystone}:${pass_keystone}@${management_address}/keystone"
-
- # cinder
- $user_cinder = $::openstack::config::mysql_user_cinder
- $pass_cinder = $::openstack::config::mysql_pass_cinder
- $cinder = "mysql://${user_cinder}:${pass_cinder}@${management_address}/cinder"
-
- # glance
- $user_glance = $::openstack::config::mysql_user_glance
- $pass_glance = $::openstack::config::mysql_pass_glance
- $glance = "mysql://${user_glance}:${pass_glance}@${management_address}/glance"
-
- # nova
- $user_nova = $::openstack::config::mysql_user_nova
- $pass_nova = $::openstack::config::mysql_pass_nova
- $nova = "mysql://${user_nova}:${pass_nova}@${management_address}/nova"
-
- # neutron
- $user_neutron = $::openstack::config::mysql_user_neutron
- $pass_neutron = $::openstack::config::mysql_pass_neutron
- $neutron = "mysql://${user_neutron}:${pass_neutron}@${management_address}/neutron"
-
- # heat
- $user_heat = $::openstack::config::mysql_user_heat
- $pass_heat = $::openstack::config::mysql_pass_heat
- $heat = "mysql://${user_heat}:${pass_heat}@${management_address}/heat"
-}
View
18 manifests/resources/controller.pp
@@ -1,18 +0,0 @@
-# A basic defined resource that only checks for controller
-# configuration consistency with the Hiera data
-define openstack::resources::controller () {
- $api_address = $::openstack::config::controller_address_api
- $management_address = $::openstack::config::controller_address_management
-
- unless has_ip_address($api_address) {
- fail("${title} setup failed. This node is listed
- as a controller, but does not have the api ip address
- ${api_address}.")
- }
-
- unless has_ip_address($management_address) {
- fail("${title} setup failed. This node is listed
- as a controller, but does not have the management ip address
- ${management_address}.")
- }
-}
View
1  manifests/resources/database.pp
@@ -7,7 +7,6 @@
password => $password,
dbname => $title,
allowed_hosts => $::openstack::config::mysql_allowed_hosts,
- mysql_module => '2.2',
require => Anchor['database-service'],
}
}
View
37 manifests/resources/repo.pp
@@ -1,22 +1,25 @@
-#
-# Sets up the package repos necessary to use OpenStack
-# on RHEL-alikes and Ubuntu
-#
class openstack::resources::repo(
- $release = 'juno'
-) {
- case $release {
- 'juno', 'icehouse', 'havana', 'grizzly': {
- if $::osfamily == 'RedHat' {
- class {'openstack::resources::repo::rdo': release => $release }
- class {'openstack::resources::repo::erlang': }
- class {'openstack::resources::repo::yum_refresh': }
- } elsif $::osfamily == 'Debian' {
- class {'openstack::resources::repo::uca': release => $release }
+ $release = 'juno',
+){
+ if $::osfamily == 'Debian' {
+ if $::operatingsystem == 'Ubuntu' {
+ class { '::openstack_extras::repo::debian::ubuntu':
+ release => $release,
+ package_require => true,
}
+ } elsif $::operatingsystem == 'Debian' {
+ class { '::openstack_extras::repo::debian::debian':
+ release => $release,
+ package_require => true,
+ }
+ } else {
+ fail("Operating system ${::operatingsystem} is not supported.")
}
- default: {
- fail { "FAIL: openstack::resources::repo parameter 'release' of '${release}' not recognized; please use one of 'juno', 'icehouse', 'havana', 'grizzly'.": }
- }
+ } elsif $::osfamily == 'RedHat' {
+ class { '::openstack_extras::repo::redhat::redhat':
+ release => $release
+ }
+ } else {
+ fail("Operating system family ${::osfamily} is not supported.")
}
}
View
8 manifests/resources/repo/epel.pp
@@ -1,8 +0,0 @@
-class openstack::resources::repo::epel {
- if ($::osfamily == 'RedHat' and
- $::operatingsystem != 'Fedora' and
- $::operatingsystemmajrelease >= 6) {
-
- include ::epel
- }
-}
View
18 manifests/resources/repo/erlang.pp
@@ -1,18 +0,0 @@
-class openstack::resources::repo::erlang {
- if $::osfamily == 'RedHat' and $::operatingsystem != 'Fedora' {
- $dist = 'centos' # There isn't a repo for fedora >= 17
-
- $osver = regsubst($::operatingsystemrelease, '(\d+)\..*', '\1')
-
- # http://packages.erlang-solutions.com/rpm/centos/6/x86_64/
-
- yumrepo { 'erlang-solutions':
- name => 'erlang-solutions',
- descr => 'Erlang Solutions Repository',
- baseurl => "http://binaries.erlang-solutions.com/rpm/${dist}/${osver}/x86_64",
- gpgcheck => 0,
- gpgkey => 'http://binaries.erlang-solutions.com/debian/erlang_solutions.asc',
- enabled => 1,
- }
- }
-}
View
34 manifests/resources/repo/rdo.pp
@@ -1,34 +0,0 @@
-# RDO repo (supports both RHEL-alikes and Fedora, requires EPEL)
-class openstack::resources::repo::rdo(
- $release = 'icehouse'
-) {
- include openstack::resources::repo::epel
-
- $release_cap = capitalize($release)
-
- if $::osfamily == 'RedHat' {
- case $::operatingsystem {
- fedora: { $dist = 'fedora' }
- default: { $dist = 'epel' }
- }
- # $lsbmajdistrelease is only available with redhat-lsb installed
- $osver = regsubst($::operatingsystemrelease, '(\d+)\..*', '\1')
-
- yumrepo { 'rdo-release':
- baseurl => "http://repos.fedorapeople.org/repos/openstack/openstack-${release}/${dist}-${osver}/",
- descr => "OpenStack ${release_cap} Repository",
- enabled => 1,
- gpgcheck => 1,
- gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RDO-${release_cap}",
- priority => 98,
- }
- file { "/etc/pki/rpm-gpg/RPM-GPG-KEY-RDO-${release_cap}":
- source => "puppet:///modules/openstack/RPM-GPG-KEY-RDO-${release_cap}",
- owner => root,
- group => root,
- mode => '0644',
- before => Yumrepo['rdo-release'],
- }
- Yumrepo<||> -> Package<||>
- }
-}
View
18 manifests/resources/repo/uca.pp
@@ -1,18 +0,0 @@
-# Ubuntu Cloud Archive repo
-class openstack::resources::repo::uca(
- $release = 'juno',
- $repo = 'updates'
-) {
- if ($::operatingsystem == 'Ubuntu') {
- include apt::update
-
- apt::source { 'ubuntu-cloud-archive':
- location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu',
- release => "${::lsbdistcodename}-${repo}/${release}",
- repos => 'main',
- required_packages => 'ubuntu-cloud-keyring',
- }
-
- Exec['apt_update'] -> Package<||>
- }
-}
View
8 manifests/resources/repo/yum_refresh.pp
@@ -1,8 +0,0 @@
-# Make sure to refresh yum database after adding repos and before installing packages
-class openstack::resources::repo::yum_refresh {
- exec { 'yum_refresh':
- command => '/usr/bin/yum clean all',
- refreshonly => true,
- }
- Yumrepo<||> ~> Exec['yum_refresh'] -> Package<||>
-}
View
12 manifests/resources/tenant.pp
@@ -1,12 +0,0 @@
-define openstack::resources::tenant (
- $description,
- $enabled = true,
-) {
-
- keystone_tenant { $name:
- ensure => present,
- description => $description,
- enabled => $enabled,
- }
-
-}
View
4 manifests/role/allinone.pp
@@ -18,9 +18,5 @@
class { '::openstack::profile::heat::api': }
class { '::openstack::profile::horizon': }
class { '::openstack::profile::auth_file': }
- class { '::openstack::setup::sharednetwork': }
- class { '::openstack::setup::cirros': }
- Class['::openstack::profile::ceilometer::api'] -> Class['::openstack::setup::cirros']
- Class['::openstack::profile::keystone'] -> Class['::openstack::setup::cirros']
}
View
1  manifests/role/network.pp
@@ -1,5 +1,4 @@
class openstack::role::network inherits ::openstack::role {
class { '::openstack::profile::firewall': }
class { '::openstack::profile::neutron::router': }
- class { '::openstack::setup::sharednetwork': }
}
View
2  manifests/role/storage.pp
@@ -2,6 +2,4 @@
class { '::openstack::profile::firewall': }
class { '::openstack::profile::glance::api': }
class { '::openstack::profile::cinder::volume': }
-
- class { '::openstack::setup::cirros': }
}
View
10 manifests/setup/cirros.pp
@@ -1,10 +0,0 @@
-class openstack::setup::cirros {
- glance_image { 'Cirros':
- ensure => present,
- name => 'Cirros',
- is_public => 'yes',
- container_format => 'bare',
- disk_format => 'qcow2',
- source => 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img',
- }
-}
View
22 manifests/setup/router.pp
@@ -1,22 +0,0 @@
-# A convenience method to set up a router between
-# a private subnet and the public network. The
-# $title of the resource is 'tenant:subnet',
-# where tenant is the name of the tenant to assign
-# the router to and subnet is the name of the
-# subnet to connect the router to.
-
-define openstack::setup::router {
- $valarray = split($title, ':')
- $tenant = $valarray[0]
- $subnet = $valarray[1]
-
- neutron_router { $tenant:
- tenant_name => $tenant,
- gateway_network_name => 'public',
- require => [Neutron_network['public'], Neutron_subnet[$subnet]]
- } ->
-
- neutron_router_interface { $title:
- ensure => present
- }
-}
View
56 manifests/setup/sharednetwork.pp
@@ -1,56 +0,0 @@
-# A static class to set up a shared network. Should appear on the
-# controller node. It sets up the public network, a private network,
-# two subnets (one for admin, one for test), and the routers that
-# connect the subnets to the public network.
-#
-# After this class has run, you should have a functional network
-# avaiable for your test user to launch and connect machines to.
-class openstack::setup::sharednetwork {
-
- $external_network = $::openstack::config::network_external
- $start_ip = $::openstack::config::network_external_ippool_start
- $end_ip = $::openstack::config::network_external_ippool_end
- $ip_range = "start=${start_ip},end=${end_ip}"
- $gateway = $::openstack::config::network_external_gateway
- $dns = $::openstack::config::network_external_dns
-
- $private_network = $::openstack::config::network_neutron_private
-
- neutron_network { 'public':
- tenant_name => 'services',
- provider_network_type => 'gre',
- router_external => true,
- provider_segmentation_id => 3604,
- shared => true,
- } ->
-
- neutron_subnet { $external_network:
- cidr => $external_network,
- ip_version => '4',
- gateway_ip => $gateway,
- enable_dhcp => false,
- network_name => 'public',
- tenant_name => 'services',
- allocation_pools => [$ip_range],
- dns_nameservers => [$dns],
- }
-
- neutron_network { 'private':
- tenant_name => 'services',
- provider_network_type => 'gre',
- router_external => false,
- provider_segmentation_id => 4063,
- shared => true,
- } ->
-
- neutron_subnet { $private_network:
- cidr => $private_network,
- ip_version => '4',
- enable_dhcp => true,
- network_name => 'private',
- tenant_name => 'services',
- dns_nameservers => [$dns],
- }
-
- openstack::setup::router { "test:${private_network}": }
-}
View
2  metadata.json
@@ -35,6 +35,7 @@
{ "name": "stackforge/keystone", "version_requirement": ">=5.0.0 <6.0.0" },
{ "name": "stackforge/neutron", "version_requirement": ">=5.0.0 <6.0.0" },
{ "name": "stackforge/nova", "version_requirement": ">=5.0.0 <6.0.0" },
+ { "name": "stackforge/openstack_extras", "version_requirement": ">=5.0.0 <6.0.0" },
{ "name": "stackforge/swift", "version_requirement": ">=5.0.0 <6.0.0" },
{ "name": "stackforge/tempest", "version_requirement": ">=5.0.0 <6.0.0" },
@@ -46,6 +47,7 @@
{ "name": "puppetlabs/rabbitmq", "version_requirement": ">=3.0.0 <4.0.0" },
{ "name": "stackforge/vswitch", "version_requirement": ">=1.0.0 <2.0.0" },
+ { "name": "garethr/erlang", "version_requirement": "0.3.0" },
{ "name": "duritong/sysctl", "version_requirement": "0.0.1" }
]
}
View
17 templates/openrc.erb
@@ -1,17 +0,0 @@
-#!/bin/sh
-<% if @keystone_admin_token -%>
-export OS_SERVICE_TOKEN='<%= @keystone_admin_token.gsub(/'/){ %q(\') } %>'
-export OS_SERVICE_ENDPOINT='http://<%= @controller_node %>:35357/v2.0/'
-<% end -%>
-export OS_NO_CACHE='<%= @use_no_cache %>'
-export OS_TENANT_NAME='<%= @admin_tenant %>'
-export OS_USERNAME='<%= @admin_user %>'
-export OS_PASSWORD='<%= @admin_password.gsub(/'/){ %q(\') } %>'
-export OS_AUTH_URL='http://<%= @controller_node %>:5000/v2.0/'
-export OS_AUTH_STRATEGY='keystone'
-export OS_REGION_NAME='<%= @region_name %>'
-export CINDER_ENDPOINT_TYPE='<%= @cinder_endpoint_type %>'
-export GLANCE_ENDPOINT_TYPE='<%= @glance_endpoint_type %>'
-export KEYSTONE_ENDPOINT_TYPE='<%= @keystone_endpoint_type %>'
-export NOVA_ENDPOINT_TYPE='<%= @nova_endpoint_type %>'
-export NEUTRON_ENDPOINT_TYPE='<%= @neutron_endpoint_type %>'
Something went wrong with that request. Please try again.