From a6416cc98563f016f17302c52361a3e40ff19812 Mon Sep 17 00:00:00 2001 From: Emilien Macchi Date: Wed, 29 Oct 2014 22:14:26 -0400 Subject: [PATCH 1/6] heat: ensure admin has heat_stack_owner role To avoid a bug in Heat [1], ensure "admin" user from "admin" tenant has "heat_stack_owner" role. [1] https://bugs.launchpad.net/heat/ --- manifests/orchestration/engine.pp | 9 +++- .../cloud_orchestration_engine_spec.rb | 48 ++++++++++--------- 2 files changed, 34 insertions(+), 23 deletions(-) diff --git a/manifests/orchestration/engine.pp b/manifests/orchestration/engine.pp index 88713c72..23b2f3ed 100644 --- a/manifests/orchestration/engine.pp +++ b/manifests/orchestration/engine.pp @@ -23,7 +23,8 @@ class cloud::orchestration::engine( $ks_heat_password = 'heatpassword', $ks_heat_cfn_public_port = 8000, $ks_heat_cloudwatch_public_port = 8003, - $auth_encryption_key = 'secrete' + $auth_encryption_key = 'secrete', + $ks_admin_tenant = 'admin', ) { include 'cloud::orchestration' @@ -36,4 +37,10 @@ class cloud::orchestration::engine( heat_watch_server_url => "${ks_heat_public_proto}://${ks_heat_public_host}:${ks_heat_cloudwatch_public_port}" } + # to avoid bug https://bugs.launchpad.net/heat/+bug/1306665 + keystone_user_role { "admin@${ks_admin_tenant}": + ensure => present, + roles => 'heat_stack_owner', + } + } diff --git a/spec/classes/cloud_orchestration_engine_spec.rb b/spec/classes/cloud_orchestration_engine_spec.rb index a1950675..bf7b0d00 100644 --- a/spec/classes/cloud_orchestration_engine_spec.rb +++ b/spec/classes/cloud_orchestration_engine_spec.rb @@ -57,33 +57,37 @@ describe 'cloud::orchestration::engine' do it 'configure heat common' do is_expected.to contain_class('heat').with( - :verbose => true, - :debug => true, - :log_facility => 'LOG_LOCAL0', - :use_syslog => true, - :rabbit_userid => 'heat', - :rabbit_hosts => ['10.0.0.1'], - :rabbit_password => 'secrete', - :keystone_host => '10.0.0.1', - :keystone_port => '5000', - :keystone_protocol => 'http', - :keystone_password => 'secrete', - :auth_uri => 'http://10.0.0.1:5000/v2.0', - :keystone_ec2_uri => 'http://10.0.0.1:5000/v2.0/ec2tokens', - :sql_connection => 'mysql://heat:secrete@10.0.0.1/heat?charset=utf8', - :log_dir => false - ) + :verbose => true, + :debug => true, + :log_facility => 'LOG_LOCAL0', + :use_syslog => true, + :rabbit_userid => 'heat', + :rabbit_hosts => ['10.0.0.1'], + :rabbit_password => 'secrete', + :keystone_host => '10.0.0.1', + :keystone_port => '5000', + :keystone_protocol => 'http', + :keystone_password => 'secrete', + :auth_uri => 'http://10.0.0.1:5000/v2.0', + :keystone_ec2_uri => 'http://10.0.0.1:5000/v2.0/ec2tokens', + :sql_connection => 'mysql://heat:secrete@10.0.0.1/heat?charset=utf8', + :log_dir => false + ) is_expected.to contain_heat_config('clients/endpoint_type').with('value' => 'internalURL') end it 'configure heat engine' do is_expected.to contain_class('heat::engine').with( - :enabled => true, - :auth_encryption_key => 'secrete', - :heat_metadata_server_url => 'http://10.0.0.1:8000', - :heat_waitcondition_server_url => 'http://10.0.0.1:8000/v1/waitcondition', - :heat_watch_server_url => 'http://10.0.0.1:8003' - ) + :enabled => true, + :auth_encryption_key => 'secrete', + :heat_metadata_server_url => 'http://10.0.0.1:8000', + :heat_waitcondition_server_url => 'http://10.0.0.1:8000/v1/waitcondition', + :heat_watch_server_url => 'http://10.0.0.1:8003' + ) + is_expected.to contain_keystone_user_role('admin@admin').with( + :ensure => 'present', + :roles => 'heat_stack_owner', + ) end end From 524c698f0efc5169687406e8b445c15dbd8e7432 Mon Sep 17 00:00:00 2001 From: AlexandreNo Date: Tue, 14 Oct 2014 13:58:26 +0200 Subject: [PATCH 2/6] Allow to dedicate a journal by OSD. The device name for an OSD or for a journal can be specified as a full-qualifed name (eg. /dev/sde) or a short-qualifed device name (eg. sde). --- manifests/storage/rbd/osd.pp | 17 +++++++++++++---- spec/classes/cloud_storage_rbd_osd_spec.rb | 15 +++++++++++---- 2 files changed, 24 insertions(+), 8 deletions(-) diff --git a/manifests/storage/rbd/osd.pp b/manifests/storage/rbd/osd.pp index e85608cc..16e5d5dc 100644 --- a/manifests/storage/rbd/osd.pp +++ b/manifests/storage/rbd/osd.pp @@ -16,7 +16,7 @@ class cloud::storage::rbd::osd ( $public_address = '127.0.0.1', $cluster_address = '127.0.0.1', - $devices = ['sdb','sdc'], + $devices = ['sdb','/dev/sdc'], ) { include 'cloud::storage::rbd' @@ -26,7 +26,16 @@ class cloud::storage::rbd::osd ( cluster_address => $cluster_address, } - $osd_ceph = prefix($devices,'/dev/') - ceph::osd::device { $osd_ceph: } - + if is_array($devices) { + if '/dev/' in $devices { + ceph::osd::device { $devices: } + } + else { + $osd_ceph = prefix($devices,'/dev/') + ceph::osd::device { $osd_ceph: } + } + } + elsif is_hash($devices) { + create_resources('ceph::osd::device', $devices) + } } diff --git a/spec/classes/cloud_storage_rbd_osd_spec.rb b/spec/classes/cloud_storage_rbd_osd_spec.rb index a53cc667..b36ed791 100644 --- a/spec/classes/cloud_storage_rbd_osd_spec.rb +++ b/spec/classes/cloud_storage_rbd_osd_spec.rb @@ -31,8 +31,7 @@ describe 'cloud::storage::rbd::osd' do let :params do { :public_address => '10.0.0.1', - :cluster_address => '192.168.0.1', - :devices => ['sdb','sdc','sdd'] } + :cluster_address => '192.168.0.1' } end it 'configure ceph common' do @@ -50,7 +49,16 @@ describe 'cloud::storage::rbd::osd' do :public_address => '10.0.0.1', :cluster_address => '192.168.0.1' ) - is_expected.to contain_ceph__osd__device('/dev/sdb','/dev/sdc','/dev/sdd') + end + + context 'without specified journal' do + before :each do + params.merge!( :devices => ['sdb','sdc','sdd'] ) + end + + it 'configure ceph osd with a mixed full-qualified and short device name' do + is_expected.to contain_ceph__osd__device('/dev/sdb','/dev/sdc','sdd') + end end end @@ -61,7 +69,6 @@ describe 'cloud::storage::rbd::osd' do :concat_basedir => '/var/lib/puppet/concat', :uniqueid => '123' } end - it_configures 'ceph osd' end From a881a4aa4e4c67b5f72dd66feeebac9e154f4e3e Mon Sep 17 00:00:00 2001 From: Dimitri Savineau Date: Fri, 24 Oct 2014 15:43:25 -0400 Subject: [PATCH 3/6] dashboard: Allow override of neutron_options When using specific neutron driver like cisco n1kv we need to have cisco profile enable in horizon. This patch allow to override neutron_options in horizon class in order to enable cisco profile. It's also useful when we need to activate vpnaas or fwaas in the dashboard. https://blueprints.launchpad.net/horizon/+spec/horizon-cisco-n1k Signed-off-by: Dimitri Savineau --- manifests/dashboard.pp | 15 ++++++++++++--- spec/classes/cloud_dashboard_spec.rb | 18 ++++++++++++++++++ 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/manifests/dashboard.pp b/manifests/dashboard.pp index e5c9fad2..782bba43 100644 --- a/manifests/dashboard.pp +++ b/manifests/dashboard.pp @@ -75,6 +75,11 @@ # Useful when activating SSL binding on HAproxy and not in Horizon. # Defaults to false # +# [*neutron_extra_options*] +# (optional) Enable optional services provided by neutron +# Useful when using cisco n1kv plugin, vpnaas or fwaas. +# Default to {} + class cloud::dashboard( $ks_keystone_internal_host = '127.0.0.1', $secret_key = 'secrete', @@ -94,6 +99,7 @@ class cloud::dashboard( $os_endpoint_type = undef, $allowed_hosts = $::fqdn, $vhost_extra_params = {}, + $neutron_extra_options = {}, ) { # We build the param needed for horizon class @@ -111,6 +117,11 @@ class cloud::dashboard( } $vhost_extra_params_real = merge ($vhost_extra_params, $extra_params) + $neutron_options = { + 'enable_lb' => true + } + $neutron_options_real = merge ($neutron_options, $neutron_extra_options) + ensure_resource('class', 'apache', { default_vhost => false }) @@ -124,9 +135,7 @@ class cloud::dashboard( keystone_url => $keystone_url, cache_server_ip => false, django_debug => $debug, - neutron_options => { - 'enable_lb' => true - }, + neutron_options => $neutron_options_real, listen_ssl => $listen_ssl, horizon_cert => $horizon_cert, horizon_key => $horizon_key, diff --git a/spec/classes/cloud_dashboard_spec.rb b/spec/classes/cloud_dashboard_spec.rb index 92e243f7..5dffa024 100644 --- a/spec/classes/cloud_dashboard_spec.rb +++ b/spec/classes/cloud_dashboard_spec.rb @@ -79,6 +79,24 @@ describe 'cloud::dashboard' do end end + context 'with cisco plugin enabled' do + before do + params.merge!( + :neutron_extra_options => { + 'profile_support' => 'cisco' + }) + end + + it 'configure horizon with cisco support' do + is_expected.to contain_class('horizon').with( + :neutron_options => { + 'enable_lb' => true, + 'profile_support' => 'cisco' + }, + ) + end + end + context 'with multiple allowed_hosts' do before do params.merge!(:allowed_hosts => ['horizon.openstack.org', 'vip.openstack.org']) From 66b1aeb4bc858d0980071ff626dd772004ff104a Mon Sep 17 00:00:00 2001 From: Dimitri Savineau Date: Thu, 30 Oct 2014 16:45:25 -0400 Subject: [PATCH 4/6] dashboard: Fix merge parameters When there is a duplicate key, the key in the rightmost hash will "win." Currently extra_params default values can never be overriden by vhost_extra_params if we have duplicate key. This patch allows it. https://forge.puppetlabs.com/puppetlabs/stdlib#merge Signed-off-by: Dimitri Savineau --- manifests/dashboard.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/dashboard.pp b/manifests/dashboard.pp index 782bba43..295612c8 100644 --- a/manifests/dashboard.pp +++ b/manifests/dashboard.pp @@ -115,7 +115,7 @@ class cloud::dashboard( 'add_listen' => true, 'setenvif' => $setenvif } - $vhost_extra_params_real = merge ($vhost_extra_params, $extra_params) + $vhost_extra_params_real = merge ($extra_params, $vhost_extra_params) $neutron_options = { 'enable_lb' => true From 606e1ef545c1533fb4a256281ccb77f4ee0cb166 Mon Sep 17 00:00:00 2001 From: Dimitri Savineau Date: Thu, 30 Oct 2014 17:29:04 -0400 Subject: [PATCH 5/6] Puppetfile: Update puppet-ceph refs Fix osd uuid detection Signed-off-by: Dimitri Savineau --- .fixtures.yml | 2 +- Puppetfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index 6353b51a..21f4ec4a 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -41,7 +41,7 @@ fixtures: ref: '58682faf74cdfc6c8d921d2be9322368c8a96cf9' 'ceph': repo: 'git://github.com/enovance/puppet-ceph.git' - ref: 'd5de9a5c41c8d3090a1d2e26bb49f15dd23d166d' + ref: 'c50d91a6f790058a2b6975d6e1d6189f7c8b6687' 'concat': repo: 'git://github.com/enovance/puppet-concat.git' ref: '04356974f72b90a1d0f57346a00e95a717924e43' diff --git a/Puppetfile b/Puppetfile index 98064562..b92aaf84 100644 --- a/Puppetfile +++ b/Puppetfile @@ -63,7 +63,7 @@ mod 'boolean', :ref => '157011a4eaa27f1202a9d94335ee4876b26d377e' mod 'ceph', :git => 'git://github.com/enovance/puppet-ceph.git', - :ref => 'd5de9a5c41c8d3090a1d2e26bb49f15dd23d166d' + :ref => 'c50d91a6f790058a2b6975d6e1d6189f7c8b6687' #FIXME mod 'cloud', :git => 'git://github.com/enovance/puppet-openstack-cloud.git', From 9838aa5f041968a77953fe4c7f5d90854cbe44d4 Mon Sep 17 00:00:00 2001 From: Yanis Guenane Date: Fri, 31 Oct 2014 16:08:28 -0400 Subject: [PATCH 6/6] Revert "heat: ensure admin has heat_stack_owner role" This reverts commit a6416cc98563f016f17302c52361a3e40ff19812. --- manifests/orchestration/engine.pp | 9 +--- .../cloud_orchestration_engine_spec.rb | 48 +++++++++---------- 2 files changed, 23 insertions(+), 34 deletions(-) diff --git a/manifests/orchestration/engine.pp b/manifests/orchestration/engine.pp index 23b2f3ed..88713c72 100644 --- a/manifests/orchestration/engine.pp +++ b/manifests/orchestration/engine.pp @@ -23,8 +23,7 @@ class cloud::orchestration::engine( $ks_heat_password = 'heatpassword', $ks_heat_cfn_public_port = 8000, $ks_heat_cloudwatch_public_port = 8003, - $auth_encryption_key = 'secrete', - $ks_admin_tenant = 'admin', + $auth_encryption_key = 'secrete' ) { include 'cloud::orchestration' @@ -37,10 +36,4 @@ class cloud::orchestration::engine( heat_watch_server_url => "${ks_heat_public_proto}://${ks_heat_public_host}:${ks_heat_cloudwatch_public_port}" } - # to avoid bug https://bugs.launchpad.net/heat/+bug/1306665 - keystone_user_role { "admin@${ks_admin_tenant}": - ensure => present, - roles => 'heat_stack_owner', - } - } diff --git a/spec/classes/cloud_orchestration_engine_spec.rb b/spec/classes/cloud_orchestration_engine_spec.rb index bf7b0d00..a1950675 100644 --- a/spec/classes/cloud_orchestration_engine_spec.rb +++ b/spec/classes/cloud_orchestration_engine_spec.rb @@ -57,37 +57,33 @@ describe 'cloud::orchestration::engine' do it 'configure heat common' do is_expected.to contain_class('heat').with( - :verbose => true, - :debug => true, - :log_facility => 'LOG_LOCAL0', - :use_syslog => true, - :rabbit_userid => 'heat', - :rabbit_hosts => ['10.0.0.1'], - :rabbit_password => 'secrete', - :keystone_host => '10.0.0.1', - :keystone_port => '5000', - :keystone_protocol => 'http', - :keystone_password => 'secrete', - :auth_uri => 'http://10.0.0.1:5000/v2.0', - :keystone_ec2_uri => 'http://10.0.0.1:5000/v2.0/ec2tokens', - :sql_connection => 'mysql://heat:secrete@10.0.0.1/heat?charset=utf8', - :log_dir => false - ) + :verbose => true, + :debug => true, + :log_facility => 'LOG_LOCAL0', + :use_syslog => true, + :rabbit_userid => 'heat', + :rabbit_hosts => ['10.0.0.1'], + :rabbit_password => 'secrete', + :keystone_host => '10.0.0.1', + :keystone_port => '5000', + :keystone_protocol => 'http', + :keystone_password => 'secrete', + :auth_uri => 'http://10.0.0.1:5000/v2.0', + :keystone_ec2_uri => 'http://10.0.0.1:5000/v2.0/ec2tokens', + :sql_connection => 'mysql://heat:secrete@10.0.0.1/heat?charset=utf8', + :log_dir => false + ) is_expected.to contain_heat_config('clients/endpoint_type').with('value' => 'internalURL') end it 'configure heat engine' do is_expected.to contain_class('heat::engine').with( - :enabled => true, - :auth_encryption_key => 'secrete', - :heat_metadata_server_url => 'http://10.0.0.1:8000', - :heat_waitcondition_server_url => 'http://10.0.0.1:8000/v1/waitcondition', - :heat_watch_server_url => 'http://10.0.0.1:8003' - ) - is_expected.to contain_keystone_user_role('admin@admin').with( - :ensure => 'present', - :roles => 'heat_stack_owner', - ) + :enabled => true, + :auth_encryption_key => 'secrete', + :heat_metadata_server_url => 'http://10.0.0.1:8000', + :heat_waitcondition_server_url => 'http://10.0.0.1:8000/v1/waitcondition', + :heat_watch_server_url => 'http://10.0.0.1:8003' + ) end end