a52d9564c0
This patch refactors all creation of RabbitMQ resources such as users and ACLs to a define called openstack_integration::mq_user. This will make sure RabbitMQ is automatically installed as well, as there are times where dependencies to RabbitMQ are added to things like Keystone which break Beaker tests in other repos (but we don't know they're broken until the change merges). In addition, instead of setting up dependencies on the tagged services, we use the anchors provided which should hopefully test against them as well. Change-Id: Ib122ddd105529de5e12389cc9db2e4e09ec4ad54
94 lines
3.3 KiB
Puppet
94 lines
3.3 KiB
Puppet
class openstack_integration::vitrage {
|
|
|
|
include ::openstack_integration::config
|
|
include ::openstack_integration::params
|
|
|
|
openstack_integration::mq_user { 'vitrage':
|
|
password => 'an_even_bigger_secret',
|
|
before => Anchor['vitrage::service::begin'],
|
|
}
|
|
|
|
if $::openstack_integration::config::ssl {
|
|
openstack_integration::ssl_key { 'vitrage':
|
|
notify => Service['httpd'],
|
|
require => Package['vitrage'],
|
|
}
|
|
Exec['update-ca-certificates'] ~> Service['httpd']
|
|
}
|
|
|
|
|
|
class { '::vitrage':
|
|
# TODO(ansmith): separate transports when bug/1711716 closed
|
|
default_transport_url => os_transport_url({
|
|
'transport' => $::openstack_integration::config::messaging_notify_proto,
|
|
'host' => $::openstack_integration::config::host,
|
|
'port' => $::openstack_integration::config::messaging_notify_port,
|
|
'username' => 'vitrage',
|
|
'password' => 'an_even_bigger_secret',
|
|
}),
|
|
notification_transport_url => os_transport_url({
|
|
'transport' => $::openstack_integration::config::messaging_notify_proto,
|
|
'host' => $::openstack_integration::config::host,
|
|
'port' => $::openstack_integration::config::messaging_notify_port,
|
|
'username' => 'vitrage',
|
|
'password' => 'an_even_bigger_secret',
|
|
}),
|
|
rabbit_use_ssl => $::openstack_integration::config::ssl,
|
|
amqp_sasl_mechanisms => 'PLAIN',
|
|
debug => true,
|
|
snapshots_interval => 120,
|
|
types => 'nova.host,nova.instance,nova.zone,cinder.volume,neutron.port,neutron.network,doctor'
|
|
}
|
|
|
|
# Make sure tempest can read the configuration files
|
|
# default installation has a 640 premission
|
|
-> file { '/etc/vitrage':
|
|
ensure => directory,
|
|
recurse => true,
|
|
mode => '0644',
|
|
}
|
|
|
|
# Make sure tempest can write to the log directory
|
|
# default installation has a 755 premission
|
|
-> file { '/var/log/vitrage':
|
|
ensure => directory,
|
|
mode => '0766',
|
|
}
|
|
|
|
class { '::vitrage::keystone::auth':
|
|
public_url => "${::openstack_integration::config::base_url}:8999",
|
|
internal_url => "${::openstack_integration::config::base_url}:8999",
|
|
admin_url => "${::openstack_integration::config::base_url}:8999",
|
|
password => 'a_big_secret',
|
|
}
|
|
class { '::vitrage::keystone::authtoken':
|
|
password => 'a_big_secret',
|
|
user_domain_name => 'Default',
|
|
project_domain_name => 'Default',
|
|
auth_url => $::openstack_integration::config::keystone_admin_uri,
|
|
auth_uri => $::openstack_integration::config::keystone_auth_uri,
|
|
memcached_servers => $::openstack_integration::config::memcached_servers,
|
|
}
|
|
class { '::vitrage::api':
|
|
enabled => true,
|
|
service_name => 'httpd',
|
|
}
|
|
include ::apache
|
|
class { '::vitrage::wsgi::apache':
|
|
bind_host => $::openstack_integration::config::ip_for_url,
|
|
ssl => $::openstack_integration::config::ssl,
|
|
ssl_key => "/etc/vitrage/ssl/private/${::fqdn}.pem",
|
|
ssl_cert => $::openstack_integration::params::cert_path,
|
|
workers => 2,
|
|
}
|
|
class { '::vitrage::auth':
|
|
auth_url => $::openstack_integration::config::keystone_auth_uri,
|
|
auth_password => 'a_big_secret',
|
|
}
|
|
class { '::vitrage::graph': }
|
|
class { '::vitrage::notifier': }
|
|
class { '::vitrage::collector': }
|
|
class { '::vitrage::client': }
|
|
|
|
}
|