openstack/puppet-openstack-integration
Code Issues Proposed changes

Merge "scenario002/centos7: switch RabbitMQ and OpenStack to IPv6"

Browse Source
This commit is contained in:
Jenkins 2016-03-29 20:19:46 +00:00 committed by Gerrit Code Review
commit 301f3247ae
8 changed files with 73 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
fixtures/scenario002.pp
View File

@ -16,11 +16,13 @@
case $::osfamily { case $::osfamily {
'Debian': { 'Debian': {
$ipv6 = false
# ironic-conductor is broken for Ubuntu Trusty # ironic-conductor is broken for Ubuntu Trusty
# https://bugs.launchpad.net/cloud-archive/+bug/1530869 # https://bugs.launchpad.net/cloud-archive/+bug/1530869
$ironic_enabled = false $ironic_enabled = false
} }
'RedHat': { 'RedHat': {
$ipv6 = true
$ironic_enabled = true $ironic_enabled = true
} }
default: { default: {
@ -30,7 +32,8 @@ case $::osfamily {
include ::openstack_integration include ::openstack_integration
class { '::openstack_integration::config': class { '::openstack_integration::config':
ssl => true, ssl => true,
ipv6 => $ipv6,
} }
include ::openstack_integration::cacert include ::openstack_integration::cacert
include ::openstack_integration::rabbitmq include ::openstack_integration::rabbitmq

14
manifests/cinder.pp
View File

@ -29,11 +29,17 @@ class openstack_integration::cinder (
password => 'cinder', password => 'cinder',
} }
class { '::cinder::keystone::auth': class { '::cinder::keystone::auth':
password => 'a_big_secret', public_url => "http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",
internal_url => "http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",
admin_url => "http://${::openstack_integration::config::ip_for_url}:8776/v1/%(tenant_id)s",
public_url_v2 => "http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",
internal_url_v2 => "http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",
admin_url_v2 => "http://${::openstack_integration::config::ip_for_url}:8776/v2/%(tenant_id)s",
password => 'a_big_secret',
} }
class { '::cinder': class { '::cinder':
database_connection => 'mysql+pymysql://cinder:cinder@127.0.0.1/cinder?charset=utf8', database_connection => 'mysql+pymysql://cinder:cinder@127.0.0.1/cinder?charset=utf8',
rabbit_host => $::openstack_integration::config::rabbit_host, rabbit_host => $::openstack_integration::config::ip_for_url,
rabbit_port => $::openstack_integration::config::rabbit_port, rabbit_port => $::openstack_integration::config::rabbit_port,
rabbit_userid => 'cinder', rabbit_userid => 'cinder',
rabbit_password => 'an_even_bigger_secret', rabbit_password => 'an_even_bigger_secret',
@ -47,6 +53,8 @@ class openstack_integration::cinder (
identity_uri => $::openstack_integration::config::keystone_admin_uri, identity_uri => $::openstack_integration::config::keystone_admin_uri,
default_volume_type => 'BACKEND_1', default_volume_type => 'BACKEND_1',
service_workers => 2, service_workers => 2,
public_endpoint => "http://${::openstack_integration::config::ip_for_url}:8776",
bind_host => $::openstack_integration::config::host,
} }
class { '::cinder::quota': } class { '::cinder::quota': }
class { '::cinder::scheduler': } class { '::cinder::scheduler': }
@ -56,7 +64,7 @@ class openstack_integration::cinder (
} }
class { '::cinder::cron::db_purge': } class { '::cinder::cron::db_purge': }
class { '::cinder::glance': class { '::cinder::glance':
glance_api_servers => "${::openstack_integration::config::proto}://127.0.0.1:9292", glance_api_servers => "${::openstack_integration::config::base_url}:9292",
} }
case $backend { case $backend {
'iscsi': { 'iscsi': {

16
manifests/config.pp
View File

@ -22,19 +22,23 @@ class openstack_integration::config (
} }
if $ipv6 { if $ipv6 {
$rabbit_host = '[::1]' $host = '::1'
$rabbit_env = { $rabbit_env = {
'RABBITMQ_NODE_IP_ADDRESS' => '::1', 'RABBITMQ_NODE_IP_ADDRESS' => $host,
'RABBITMQ_SERVER_START_ARGS' => '"-proto_dist inet6_tcp"', 'RABBITMQ_SERVER_START_ARGS' => '"-proto_dist inet6_tcp"',
} }
$ip_version = '6' $ip_version = '6'
} else { } else {
$rabbit_host = '127.0.0.1' $host = '127.0.0.1'
$rabbit_env = {} $rabbit_env = {}
$ip_version = '4' $ip_version = '4'
} }
$keystone_auth_uri = "${proto}://127.0.0.1:5000" # in URL, brackets are needed
$keystone_admin_uri = "${proto}://127.0.0.1:35357" $ip_for_url = normalize_ip_for_uri($host)
$base_url = "${proto}://${ip_for_url}"
$keystone_auth_uri = "${base_url}:5000"
$keystone_admin_uri = "${base_url}:35357"
} }

13
manifests/glance.pp
View File

@ -46,9 +46,9 @@ class openstack_integration::glance (
include ::glance include ::glance
include ::glance::client include ::glance::client
class { '::glance::keystone::auth': class { '::glance::keystone::auth':
public_url => "${::openstack_integration::config::proto}://127.0.0.1:9292", public_url => "${::openstack_integration::config::base_url}:9292",
internal_url => "${::openstack_integration::config::proto}://127.0.0.1:9292", internal_url => "${::openstack_integration::config::base_url}:9292",
admin_url => "${::openstack_integration::config::proto}://127.0.0.1:9292", admin_url => "${::openstack_integration::config::base_url}:9292",
password => 'a_big_secret', password => 'a_big_secret',
} }
case $backend { case $backend {
@ -72,7 +72,7 @@ class openstack_integration::glance (
swift_store_user => 'services:glance', swift_store_user => 'services:glance',
swift_store_key => 'a_big_secret', swift_store_key => 'a_big_secret',
swift_store_create_container_on_put => 'True', swift_store_create_container_on_put => 'True',
swift_store_auth_address => "${::openstack_integration::config::proto}://127.0.0.1:5000/v2.0", swift_store_auth_address => "${::openstack_integration::config::base_url}:5000/v2.0",
} }
} }
default: { default: {
@ -89,11 +89,13 @@ class openstack_integration::glance (
workers => 2, workers => 2,
stores => $glance_stores, stores => $glance_stores,
default_store => $backend, default_store => $backend,
bind_host => $::openstack_integration::config::host,
auth_uri => $::openstack_integration::config::keystone_auth_uri, auth_uri => $::openstack_integration::config::keystone_auth_uri,
identity_uri => $::openstack_integration::config::keystone_admin_uri, identity_uri => $::openstack_integration::config::keystone_admin_uri,
registry_client_protocol => $::openstack_integration::config::proto, registry_client_protocol => $::openstack_integration::config::proto,
registry_client_cert_file => $crt_file, registry_client_cert_file => $crt_file,
registry_client_key_file => $key_file, registry_client_key_file => $key_file,
registry_host => $::openstack_integration::config::host,
cert_file => $crt_file, cert_file => $crt_file,
key_file => $key_file, key_file => $key_file,
} }
@ -102,6 +104,7 @@ class openstack_integration::glance (
verbose => true, verbose => true,
database_connection => 'mysql+pymysql://glance:glance@127.0.0.1/glance?charset=utf8', database_connection => 'mysql+pymysql://glance:glance@127.0.0.1/glance?charset=utf8',
keystone_password => 'a_big_secret', keystone_password => 'a_big_secret',
bind_host => $::openstack_integration::config::host,
workers => 2, workers => 2,
auth_uri => $::openstack_integration::config::keystone_auth_uri, auth_uri => $::openstack_integration::config::keystone_auth_uri,
identity_uri => $::openstack_integration::config::keystone_admin_uri, identity_uri => $::openstack_integration::config::keystone_admin_uri,
@ -111,7 +114,7 @@ class openstack_integration::glance (
class { '::glance::notify::rabbitmq': class { '::glance::notify::rabbitmq':
rabbit_userid => 'glance', rabbit_userid => 'glance',
rabbit_password => 'an_even_bigger_secret', rabbit_password => 'an_even_bigger_secret',
rabbit_host => $::openstack_integration::config::rabbit_host, rabbit_host => $::openstack_integration::config::ip_for_url,
rabbit_port => $::openstack_integration::config::rabbit_port, rabbit_port => $::openstack_integration::config::rabbit_port,
notification_driver => 'messagingv2', notification_driver => 'messagingv2',
rabbit_use_ssl => $::openstack_integration::config::ssl, rabbit_use_ssl => $::openstack_integration::config::ssl,

19
manifests/ironic.pp
View File

@ -28,7 +28,7 @@ class openstack_integration::ironic {
class { '::ironic': class { '::ironic':
rabbit_userid => 'ironic', rabbit_userid => 'ironic',
rabbit_password => 'an_even_bigger_secret', rabbit_password => 'an_even_bigger_secret',
rabbit_host => $::openstack_integration::config::rabbit_host, rabbit_host => $::openstack_integration::config::ip_for_url,
rabbit_port => $::openstack_integration::config::rabbit_port, rabbit_port => $::openstack_integration::config::rabbit_port,
rabbit_use_ssl => $::openstack_integration::config::ssl, rabbit_use_ssl => $::openstack_integration::config::ssl,
database_connection => 'mysql+pymysql://ironic:ironic@127.0.0.1/ironic?charset=utf8', database_connection => 'mysql+pymysql://ironic:ironic@127.0.0.1/ironic?charset=utf8',
@ -40,25 +40,26 @@ class openstack_integration::ironic {
password => 'ironic', password => 'ironic',
} }
class { '::ironic::keystone::auth': class { '::ironic::keystone::auth':
public_url => "${::openstack_integration::config::proto}://127.0.0.1:6385", public_url => "${::openstack_integration::config::base_url}:6385",
internal_url => "${::openstack_integration::config::proto}://127.0.0.1:6385", internal_url => "${::openstack_integration::config::base_url}:6385",
admin_url => "${::openstack_integration::config::proto}://127.0.0.1:6385", admin_url => "${::openstack_integration::config::base_url}:6385",
password => 'a_big_secret', password => 'a_big_secret',
} }
class { '::ironic::client': } class { '::ironic::client': }
class { '::ironic::api': class { '::ironic::api':
auth_uri => $::openstack_integration::config::keystone_auth_uri, auth_uri => $::openstack_integration::config::keystone_auth_uri,
identity_uri => $::openstack_integration::config::keystone_admin_uri, identity_uri => $::openstack_integration::config::keystone_admin_uri,
neutron_url => 'http://127.0.0.1:9696', neutron_url => "http://${::openstack_integration::config::ip_for_url}:9696",
admin_password => 'a_big_secret', admin_password => 'a_big_secret',
service_name => 'httpd', service_name => 'httpd',
} }
include ::apache include ::apache
class { '::ironic::wsgi::apache': class { '::ironic::wsgi::apache':
ssl => $::openstack_integration::config::ssl, bind_host => $::openstack_integration::config::ip_for_url,
ssl_key => "/etc/ironic/ssl/private/${::fqdn}.pem", ssl => $::openstack_integration::config::ssl,
ssl_cert => $::openstack_integration::params::cert_path, ssl_key => "/etc/ironic/ssl/private/${::fqdn}.pem",
workers => 2, ssl_cert => $::openstack_integration::params::cert_path,
workers => 2,
} }
class { '::ironic::conductor': } class { '::ironic::conductor': }
Rabbitmq_user_permissions['ironic@/'] -> Service<| tag == 'ironic-service' |> Rabbitmq_user_permissions['ironic@/'] -> Service<| tag == 'ironic-service' |>

12
manifests/keystone.pp
View File

@ -42,13 +42,17 @@ class openstack_integration::keystone (
default_domain => $default_domain, default_domain => $default_domain,
using_domain_config => $using_domain_config, using_domain_config => $using_domain_config,
enable_ssl => $::openstack_integration::config::ssl, enable_ssl => $::openstack_integration::config::ssl,
public_bind_host => $::openstack_integration::config::host,
admin_bind_host => $::openstack_integration::config::host,
} }
include ::apache include ::apache
class { '::keystone::wsgi::apache': class { '::keystone::wsgi::apache':
ssl => $::openstack_integration::config::ssl, bind_host => $::openstack_integration::config::ip_for_url,
ssl_key => "/etc/keystone/ssl/private/${::fqdn}.pem", admin_bind_host => $::openstack_integration::config::ip_for_url,
ssl_cert => $::openstack_integration::params::cert_path, ssl => $::openstack_integration::config::ssl,
workers => 2, ssl_key => "/etc/keystone/ssl/private/${::fqdn}.pem",
ssl_cert => $::openstack_integration::params::cert_path,
workers => 2,
} }
class { '::keystone::roles::admin': class { '::keystone::roles::admin':
email => 'test@example.tld', email => 'test@example.tld',

8
manifests/neutron.pp
View File

@ -20,12 +20,15 @@ class openstack_integration::neutron {
password => 'neutron', password => 'neutron',
} }
class { '::neutron::keystone::auth': class { '::neutron::keystone::auth':
password => 'a_big_secret', public_url => "http://${::openstack_integration::config::ip_for_url}:9696",
internal_url => "http://${::openstack_integration::config::ip_for_url}:9696",
admin_url => "http://${::openstack_integration::config::ip_for_url}:9696",
password => 'a_big_secret',
} }
class { '::neutron': class { '::neutron':
rabbit_user => 'neutron', rabbit_user => 'neutron',
rabbit_password => 'an_even_bigger_secret', rabbit_password => 'an_even_bigger_secret',
rabbit_host => $::openstack_integration::config::rabbit_host, rabbit_host => $::openstack_integration::config::ip_for_url,
rabbit_port => $::openstack_integration::config::rabbit_port, rabbit_port => $::openstack_integration::config::rabbit_port,
rabbit_use_ssl => $::openstack_integration::config::ssl, rabbit_use_ssl => $::openstack_integration::config::ssl,
allow_overlapping_ips => true, allow_overlapping_ips => true,
@ -33,6 +36,7 @@ class openstack_integration::neutron {
service_plugins => ['router', 'metering', 'firewall'], service_plugins => ['router', 'metering', 'firewall'],
debug => true, debug => true,
verbose => true, verbose => true,
bind_host => $::openstack_integration::config::host,
} }
class { '::neutron::client': } class { '::neutron::client': }
class { '::neutron::server': class { '::neutron::server':

28
manifests/nova.pp
View File

@ -41,23 +41,24 @@ class openstack_integration::nova (
password => 'nova', password => 'nova',
} }
class { '::nova::keystone::auth': class { '::nova::keystone::auth':
public_url => "${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s", public_url => "${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",
public_url_v3 => "${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s", internal_url => "${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",
internal_url => "${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s", admin_url => "${::openstack_integration::config::base_url}:8774/v2/%(tenant_id)s",
internal_url_v3 => "${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s", public_url_v3 => "${::openstack_integration::config::base_url}:8774/v3",
admin_url => "${::openstack_integration::config::proto}://127.0.0.1:8774/v2/%(tenant_id)s", internal_url_v3 => "${::openstack_integration::config::base_url}:8774/v3",
admin_url_v3 => "${::openstack_integration::config::proto}://127.0.0.1:8774/v3/%(tenant_id)s", admin_url_v3 => "${::openstack_integration::config::base_url}:8774/v3",
password => 'a_big_secret', password => 'a_big_secret',
} }
class { '::nova': class { '::nova':
database_connection => 'mysql+pymysql://nova:nova@127.0.0.1/nova?charset=utf8', database_connection => 'mysql+pymysql://nova:nova@127.0.0.1/nova?charset=utf8',
api_database_connection => 'mysql+pymysql://nova_api:nova@127.0.0.1/nova_api?charset=utf8', api_database_connection => 'mysql+pymysql://nova_api:nova@127.0.0.1/nova_api?charset=utf8',
rabbit_host => $::openstack_integration::config::rabbit_host, rabbit_host => $::openstack_integration::config::ip_for_url,
rabbit_port => $::openstack_integration::config::rabbit_port, rabbit_port => $::openstack_integration::config::rabbit_port,
rabbit_userid => 'nova', rabbit_userid => 'nova',
rabbit_password => 'an_even_bigger_secret', rabbit_password => 'an_even_bigger_secret',
rabbit_use_ssl => $::openstack_integration::config::ssl, rabbit_use_ssl => $::openstack_integration::config::ssl,
glance_api_servers => "${::openstack_integration::config::proto}://127.0.0.1:9292", use_ipv6 => $::openstack_integration::config::ipv6,
glance_api_servers => "${::openstack_integration::config::base_url}:9292",
verbose => true, verbose => true,
debug => true, debug => true,
notification_driver => 'messagingv2', notification_driver => 'messagingv2',
@ -67,6 +68,7 @@ class openstack_integration::nova (
admin_password => 'a_big_secret', admin_password => 'a_big_secret',
auth_uri => $::openstack_integration::config::keystone_auth_uri, auth_uri => $::openstack_integration::config::keystone_auth_uri,
identity_uri => $::openstack_integration::config::keystone_admin_uri, identity_uri => $::openstack_integration::config::keystone_admin_uri,
api_bind_address => $::openstack_integration::config::host,
osapi_v3 => true, osapi_v3 => true,
neutron_metadata_proxy_shared_secret => 'a_big_secret', neutron_metadata_proxy_shared_secret => 'a_big_secret',
metadata_workers => 2, metadata_workers => 2,
@ -76,10 +78,11 @@ class openstack_integration::nova (
} }
include ::apache include ::apache
class { '::nova::wsgi::apache': class { '::nova::wsgi::apache':
ssl_key => "/etc/nova/ssl/private/${::fqdn}.pem", bind_host => $::openstack_integration::config::ip_for_url,
ssl_cert => $::openstack_integration::params::cert_path, ssl_key => "/etc/nova/ssl/private/${::fqdn}.pem",
ssl => $::openstack_integration::config::ssl, ssl_cert => $::openstack_integration::params::cert_path,
workers => '2', ssl => $::openstack_integration::config::ssl,
workers => '2',
} }
class { '::nova::client': } class { '::nova::client': }
class { '::nova::conductor': } class { '::nova::conductor': }
@ -114,6 +117,7 @@ class openstack_integration::nova (
class { '::nova::network::neutron': class { '::nova::network::neutron':
neutron_auth_url => "${::openstack_integration::config::keystone_admin_uri}/v3", neutron_auth_url => "${::openstack_integration::config::keystone_admin_uri}/v3",
neutron_url => "http://${::openstack_integration::config::ip_for_url}:9696",
neutron_password => 'a_big_secret', neutron_password => 'a_big_secret',
} }