From 5eb021ce0e15ac77f5e5aa47d987a8ec7644b500 Mon Sep 17 00:00:00 2001 From: Emilien Macchi Date: Thu, 2 Jan 2014 16:57:11 +0100 Subject: [PATCH] Correctly bind OpenStack process to *_eth Signed-off-by: Emilien Macchi --- manifests/compute/controller.pp | 1 + manifests/identity.pp | 2 ++ manifests/image.pp | 23 ++++++++++++----------- manifests/network.pp | 2 ++ manifests/object/controller.pp | 2 +- manifests/object/storage.pp | 16 ++++++++-------- manifests/orchestration/api.pp | 29 +++++++++++++++++++---------- manifests/telemetry/server.pp | 2 +- manifests/volume/controller.pp | 5 +++-- 9 files changed, 49 insertions(+), 33 deletions(-) diff --git a/manifests/compute/controller.pp b/manifests/compute/controller.pp index 474576e3..1325a327 100644 --- a/manifests/compute/controller.pp +++ b/manifests/compute/controller.pp @@ -39,6 +39,7 @@ class privatecloud::compute::controller( enabled => true, auth_host => $ks_keystone_internal_host, admin_password => $ks_nova_password, + api_bind_address => $api_eth, neutron_metadata_proxy_shared_secret => $neutron_metadata_proxy_shared_secret, } diff --git a/manifests/identity.pp b/manifests/identity.pp index b118ad05..a668cae3 100644 --- a/manifests/identity.pp +++ b/manifests/identity.pp @@ -331,6 +331,8 @@ class privatecloud::identity ( token_format => 'UUID', use_syslog => true, verbose => $verbose, + bind_host => $api_eth, + bind_port => $ks_keystone_internal_port } keystone_config { diff --git a/manifests/image.pp b/manifests/image.pp index 20bebb19..486a2723 100644 --- a/manifests/image.pp +++ b/manifests/image.pp @@ -35,7 +35,7 @@ # (optional) Internal Hostname or IP to connect to Keystone API # Default value in params # -# [*ks_glance_public_port*] +# [*ks_glance_internal_port*] # (optional) TCP port to connect to Glance API from internal network # Default value in params # @@ -61,7 +61,7 @@ class privatecloud::image( $glance_db_user = $os_params::glance_db_user, $glance_db_password = $os_params::glance_db_password, $ks_keystone_internal_host = $os_params::ks_keystone_internal_host, - $ks_glance_public_port = $os_params::ks_glance_public_port, + $ks_glance_internal_port = $os_params::ks_glance_internal_port, $ks_glance_password = $os_params::ks_glance_password, $rabbit_password = $os_params::rabbit_password, $rabbit_host = $os_params::rabbit_hosts[0], @@ -72,15 +72,16 @@ class privatecloud::image( $encoded_glance_password = uriescape($glance_db_password) class { ['glance::api', 'glance::registry']: - sql_connection => "mysql://${encoded_glance_user}:${encoded_glance_password}@${glance_db_host}/glance", - verbose => false, - debug => false, - auth_host => $ks_keystone_internal_host, - keystone_password => $ks_glance_password, - keystone_tenant => 'services', - keystone_user => 'glance', - log_facility => 'LOG_LOCAL0', - use_syslog => true + sql_connection => "mysql://${encoded_glance_user}:${encoded_glance_password}@${glance_db_host}/glance", + verbose => false, + debug => false, + auth_host => $ks_keystone_internal_host, + keystone_password => $ks_glance_password, + keystone_tenant => 'services', + keystone_user => 'glance', + log_facility => 'LOG_LOCAL0', + bind_host => $api_eth, + use_syslog => true } class { 'glance::notify::rabbitmq': diff --git a/manifests/network.pp b/manifests/network.pp index 8edc6330..14a4bb33 100644 --- a/manifests/network.pp +++ b/manifests/network.pp @@ -46,6 +46,7 @@ class privatecloud::network( $rabbit_hosts = $os_params::rabbit_hosts, $rabbit_password = $os_params::rabbit_password, $tunnel_eth = $os_params::tunnel_eth, + $api_eth = $os_params::api_eth ) { class { 'neutron': @@ -56,6 +57,7 @@ class privatecloud::network( rabbit_hosts => $rabbit_hosts, rabbit_password => $rabbit_password, rabbit_virtual_host => '/', + bind_host => $api_eth, dhcp_agents_per_network => '2', core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin', service_plugins => ['neutron.services.loadbalancer.plugin.LoadBalancerPlugin','neutron.services.metering.metering_plugin.MeteringPlugin','neutron.services.l3_router.l3_router_plugin.L3RouterPlugin'] diff --git a/manifests/object/controller.pp b/manifests/object/controller.pp index 1056a51b..41134482 100644 --- a/manifests/object/controller.pp +++ b/manifests/object/controller.pp @@ -33,7 +33,7 @@ class privatecloud::object::controller( include 'privatecloud::object' class { 'swift::proxy': - proxy_local_net_ip => $::ipaddress_eth0, + proxy_local_net_ip => $api_eth, port => $ks_swift_internal_port, pipeline => [ #'catch_errors', 'healthcheck', 'cache', 'bulk', 'ratelimit', diff --git a/manifests/object/storage.pp b/manifests/object/storage.pp index cc8f4323..da11a336 100644 --- a/manifests/object/storage.pp +++ b/manifests/object/storage.pp @@ -28,7 +28,7 @@ define set_io_scheduler(){ # swift storage class privatecloud::object::storage ( - $api_eth = $os_params::api_eth, + $storage_eth = $os_params::storage_eth, $swift_zone = undef, $object_port = '6000', $container_port = '6001', @@ -39,7 +39,7 @@ class privatecloud::object::storage ( include 'privatecloud::object' class { 'swift::storage': - storage_local_net_ip => $api_eth, + storage_local_net_ip => $storage_eth, } Rsync::Server::Module { @@ -49,7 +49,7 @@ class privatecloud::object::storage ( Swift::Storage::Server { #devices => $devices, - storage_local_net_ip => $api_eth, + storage_local_net_ip => $storage_eth, workers => inline_template('<%= @processorcount.to_i / 2 %>'), replicator_concurrency => 2, updater_concurrency => 1, @@ -98,22 +98,22 @@ allow_versions = on set_io_scheduler{'sdb':} set_io_scheduler{$object_nodes:} - @@ring_container_device { "${api_eth}:${container_port}/sdb": + @@ring_container_device { "${storage_eth}:${container_port}/sdb": zone => $swift_zone, weight => '100.0', } - @@ring_account_device { "${api_eth}:${account_port}/sdb": + @@ring_account_device { "${storage_eth}:${account_port}/sdb": zone => $swift_zone, weight => '100.0', } - $object_urls = prefix($object_nodes, "${api_eth}:${object_port}/") + $object_urls = prefix($object_nodes, "${storage_eth}:${object_port}/") @@ring_object_device {$object_urls: zone => $swift_zone, weight => '100.0', } - class{[ - 'swift::storage::object', + class{ + ['swift::storage::object', 'swift::storage::container', 'swift::storage::account']: } diff --git a/manifests/orchestration/api.pp b/manifests/orchestration/api.pp index 2134440e..0b42ae3c 100644 --- a/manifests/orchestration/api.pp +++ b/manifests/orchestration/api.pp @@ -17,25 +17,34 @@ # class privatecloud::orchestration::api( - $ks_heat_public_port = $os_params::ks_heat_public_port, - $ks_heat_cfn_public_port = $os_params::ks_heat_cfn_public_port, - $ks_heat_cloudwatch_public_port = $os_params::ks_heat_cloudwatch_public_port, - $api_eth = $os_params::api_eth, + $ks_heat_internal_port = $os_params::ks_heat_internal_port, + $ks_heat_cfn_internal_port = $os_params::ks_heat_cfn_internal_port, + $ks_heat_cloudwatch_internal_port = $os_params::ks_heat_cloudwatch_internal_port, + $api_eth = $os_params::api_eth, ) { include 'privatecloud::orchestration' - class { 'heat::api': } + class { 'heat::api': + bind_host => $api_eth, + bind_port => $ks_heat_internal_port + } - class { 'heat::api_cfn': } + class { 'heat::api_cfn': + bind_host => $api_eth, + bind_port => $ks_heat_cfn_internal_port + } - class { 'heat::api_cloudwatch': } + class { 'heat::api_cloudwatch': + bind_host => $api_eth, + bind_port => $ks_heat_cloudwatch_internal_port + } @@haproxy::balancermember{"${::fqdn}-heat_api": listening_service => 'heat_api_cluster', server_names => $::hostname, ipaddresses => $api_eth, - ports => $ks_heat_public_port, + ports => $ks_heat_internal_port, options => 'check inter 2000 rise 2 fall 5' } @@ -43,7 +52,7 @@ class privatecloud::orchestration::api( listening_service => 'heat_cfn_api_cluster', server_names => $::hostname, ipaddresses => $api_eth, - ports => $ks_heat_cfn_public_port, + ports => $ks_heat_cfn_internal_port, options => 'check inter 2000 rise 2 fall 5' } @@ -51,7 +60,7 @@ class privatecloud::orchestration::api( listening_service => 'heat_cloudwatch_api_cluster', server_names => $::hostname, ipaddresses => $api_eth, - ports => $ks_heat_cloudwatch_public_port, + ports => $ks_heat_cloudwatch_internal_port, options => 'check inter 2000 rise 2 fall 5' } diff --git a/manifests/telemetry/server.pp b/manifests/telemetry/server.pp index 55bea15c..417438e8 100644 --- a/manifests/telemetry/server.pp +++ b/manifests/telemetry/server.pp @@ -19,7 +19,7 @@ class privatecloud::telemetry::server( $ks_keystone_internal_host = $os_params::ks_keystone_internal_host, $ks_keystone_internal_proto = $os_params::ks_keystone_internal_proto, - $ks_ceilometer_internal_port = $os_params::ks_keystone_internal_port, + $ks_ceilometer_internal_port = $os_params::ks_ceilometer_internal_port, $ks_ceilometer_password = $os_params::ks_ceilometer_password, $ceilometer_database_connection = $os_params::ceilometer_database_connection, $api_eth = $os_params::api_eth, diff --git a/manifests/volume/controller.pp b/manifests/volume/controller.pp index eb405c25..a21caaf9 100644 --- a/manifests/volume/controller.pp +++ b/manifests/volume/controller.pp @@ -31,8 +31,9 @@ class privatecloud::volume::controller( class { 'cinder::scheduler': } class { 'cinder::api': - keystone_password => $ks_cinder_password, - keystone_auth_host => $ks_keystone_internal_host, + keystone_password => $ks_cinder_password, + keystone_auth_host => $ks_keystone_internal_host, + bind_host => $api_eth } class { 'cinder::backup': }