From 691c6212a6d209eddb4f10f396790c3447727f60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Han?= Date: Thu, 30 Jan 2014 15:28:17 +0100 Subject: [PATCH] Add glance-registry to the loadbalancer and cleanup namings The glance-registry server wasn't configured on the loadbalancers. This can be problematic at some point. Moreover the glance registry server was listening on 0.0.0.0, this should be the public eth. I also cleaned up all glance naming to reflect the difference between glance_api and glance_registry. The glance_registry option has been added to the glance template. --- manifests/compute.pp | 6 +- manifests/identity.pp | 8 +- manifests/image.pp | 61 +++++++++---- manifests/loadbalancer.pp | 87 ++++++++++--------- spec/classes/cloud_compute_controller_spec.rb | 2 +- spec/classes/cloud_compute_hypervisor_spec.rb | 2 +- spec/classes/cloud_image_spec.rb | 26 +++--- spec/classes/cloud_loadbalancer_spec.rb | 77 ++++++++-------- 8 files changed, 153 insertions(+), 116 deletions(-) diff --git a/manifests/compute.pp b/manifests/compute.pp index f248cc4e..f39180a1 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -43,7 +43,7 @@ # (optional) Internal Hostname or IP to connect to Glance API # Default value in params # -# [*glance_port*] +# [*glance_api_port*] # (optional) TCP port to connect to Glance API # Default value in params # @@ -63,7 +63,7 @@ class cloud::compute( $rabbit_hosts = $os_params::rabbit_hosts, $rabbit_password = $os_params::rabbit_password, $ks_glance_internal_host = $os_params::ks_glance_internal_host, - $glance_port = $os_params::ks_glance_internal_port, + $glance_api_port = $os_params::ks_glance_api_internal_port, $verbose = $os_params::verbose, $debug = $os_params::debug ) { @@ -82,7 +82,7 @@ class cloud::compute( rabbit_userid => 'nova', rabbit_hosts => $rabbit_hosts, rabbit_password => $rabbit_password, - glance_api_servers => "http://${ks_glance_internal_host}:${glance_port}", + glance_api_servers => "http://${ks_glance_internal_host}:${glance_api_port}", verbose => $verbose, debug => $debug } diff --git a/manifests/identity.pp b/manifests/identity.pp index 9510f7c8..24572841 100644 --- a/manifests/identity.pp +++ b/manifests/identity.pp @@ -287,11 +287,11 @@ # (optional) TCP port to connect to Heat API from admin network # Default value in params # -# [*ks_glance_internal_port*] +# [*ks_glance_api_internal_port*] # (optional) TCP port to connect to Glance API from internal network # Default value in params # -# [*ks_glance_public_port*] +# [*ks_glance_api_public_port*] # (optional) TCP port to connect to Glance API from public network # Default value in params # @@ -343,7 +343,7 @@ class cloud::identity ( $ks_glance_password = $os_params::ks_glance_password, $ks_glance_public_host = $os_params::ks_glance_public_host, $ks_glance_public_proto = $os_params::ks_glance_public_proto, - $ks_glance_public_port = $os_params::ks_glance_public_port, + $ks_glance_api_public_port = $os_params::ks_glance_api_public_port, $ks_heat_admin_host = $os_params::ks_heat_admin_host, $ks_heat_internal_host = $os_params::ks_heat_internal_host, $ks_heat_password = $os_params::ks_heat_password, @@ -502,7 +502,7 @@ class cloud::identity ( admin_address => $ks_glance_admin_host, internal_address => $ks_glance_internal_host, public_address => $ks_glance_public_host, - port => $ks_glance_public_port, + port => $ks_glance_api_public_port, region => $region, password => $ks_glance_password } diff --git a/manifests/image.pp b/manifests/image.pp index c777eb20..6431eed7 100644 --- a/manifests/image.pp +++ b/manifests/image.pp @@ -35,10 +35,14 @@ # (optional) Internal Hostname or IP to connect to Keystone API # Default value in params # -# [*ks_glance_internal_port*] +# [*ks_glance_api_internal_port*] # (optional) TCP port to connect to Glance API from internal network # Default value in params # +# [*ks_glance_registry_internal_port*] +# (optional) TCP port to connect to Glance Registry from internal network +# Default value in params +# # [*ks_glance_password*] # (optional) Password used by Glance to connect to Keystone API # Default value in params @@ -57,25 +61,40 @@ # class cloud::image( - $glance_db_host = $os_params::glance_db_host, - $glance_db_user = $os_params::glance_db_user, - $glance_db_password = $os_params::glance_db_password, - $ks_keystone_internal_host = $os_params::ks_keystone_internal_host, - $ks_glance_internal_port = $os_params::ks_glance_internal_port, - $ks_glance_password = $os_params::ks_glance_password, - $rabbit_password = $os_params::rabbit_password, - $rabbit_host = $os_params::rabbit_hosts[0], - $api_eth = $os_params::api_eth, - $rbd_store_pool = $os_params::glance_rbd_pool, - $rbd_store_user = $os_params::glance_rbd_user, - $verbose = $os_params::verbose, - $debug = $os_params::debug + $glance_db_host = $os_params::glance_db_host, + $glance_db_user = $os_params::glance_db_user, + $glance_db_password = $os_params::glance_db_password, + $ks_keystone_internal_host = $os_params::ks_keystone_internal_host, + $ks_glance_api_internal_port = $os_params::ks_glance_api_internal_port, + $ks_glance_registry_internal_port = $os_params::ks_glance_registry_internal_port, + $ks_glance_password = $os_params::ks_glance_password, + $rabbit_password = $os_params::rabbit_password, + $rabbit_host = $os_params::rabbit_hosts[0], + $api_eth = $os_params::api_eth, + $rbd_store_pool = $os_params::glance_rbd_pool, + $rbd_store_user = $os_params::glance_rbd_user, + $verbose = $os_params::verbose, + $debug = $os_params::debug ) { $encoded_glance_user = uriescape($glance_db_user) $encoded_glance_password = uriescape($glance_db_password) - class { ['glance::api', 'glance::registry']: + class { 'glance::api': + sql_connection => "mysql://${encoded_glance_user}:${encoded_glance_password}@${glance_db_host}/glance", + registry_host => $ks_glance_internal_host, + verbose => $verbose, + debug => $debug, + auth_host => $ks_keystone_internal_host, + keystone_password => $ks_glance_password, + keystone_tenant => 'services', + keystone_user => 'glance', + log_facility => 'LOG_LOCAL0', + bind_host => $api_eth, + use_syslog => true + } + + class { 'glance::registry': sql_connection => "mysql://${encoded_glance_user}:${encoded_glance_password}@${glance_db_host}/glance", verbose => $verbose, debug => $debug, @@ -103,11 +122,19 @@ class cloud::image( class { 'glance::cache::pruner': } # TODO(EmilienM) For later, I'll also add internal network support in HAproxy for all OpenStack API, to optimize North / South network traffic - @@haproxy::balancermember{"${::fqdn}-public_api": + @@haproxy::balancermember{"${::fqdn}-glance_api": listening_service => 'glance_api_cluster', server_names => $::hostname, ipaddresses => $api_eth, - ports => $ks_glance_internal_port, + ports => $ks_glance_api_internal_port, + options => 'check inter 2000 rise 2 fall 5' + } + +@@haproxy::balancermember{"${::fqdn}-glance_registry": + listening_service => 'glance_registry_cluster', + server_names => $::hostname, + ipaddresses => $api_eth, + ports => $ks_glance_registry_internal_port, options => 'check inter 2000 rise 2 fall 5' } diff --git a/manifests/loadbalancer.pp b/manifests/loadbalancer.pp index efa517e5..45931777 100644 --- a/manifests/loadbalancer.pp +++ b/manifests/loadbalancer.pp @@ -16,44 +16,46 @@ # HAproxy nodes # class cloud::loadbalancer( - $ceilometer_api = true, - $cinder_api = true, - $glance_api = true, - $neutron_api = true, - $heat_api = true, - $heat_cfn_api = true, - $heat_cloudwatch_api = true, - $nova_api = true, - $ec2_api = true, - $metadata_api = true, - $swift_api = true, - $keystone_api_admin = true, - $keystone_api = true, - $horizon = true, - $spice = true, - $haproxy_auth = $os_params::haproxy_auth, - $keepalived_state = 'BACKUP', - $keepalived_priority = 50, - $keepalived_interface = $os_params::keepalived_interface, - $keepalived_ipvs = [$os_params::vip_public_ip,$os_params::galera_ip], - $keepalived_localhost_ip = $os_params::keepalived_localhost_ip, - $ks_cinder_public_port = $os_params::ks_cinder_public_port, - $ks_ceilometer_public_port = $os_params::ks_ceilometer_public_port, - $ks_ec2_public_port = $os_params::ks_ec2_public_port, - $ks_glance_public_port = $os_params::ks_glance_public_port, - $ks_heat_public_port = $os_params::ks_heat_public_port, - $ks_heat_cfn_public_port = $os_params::ks_heat_cfn_public_port, - $ks_heat_cloudwatch_public_port = $os_params::ks_heat_cloudwatch_public_port, - $ks_keystone_admin_port = $os_params::ks_keystone_admin_port, - $ks_keystone_public_port = $os_params::ks_keystone_public_port, - $ks_metadata_public_port = $os_params::ks_metadata_public_port, - $ks_neutron_public_port = $os_params::ks_neutron_public_port, - $ks_nova_public_port = $os_params::ks_nova_public_port, - $ks_swift_public_port = $os_params::ks_swift_public_port, - $horizon_port = $os_params::horizon_port, - $spice_port = $os_params::spice_port, - $vip_public_ip = $os_params::vip_public_ip, - $galera_ip = $os_params::galera_ip + $ceilometer_api = true, + $cinder_api = true, + $glance_api = true, + $glance_registry = true, + $neutron_api = true, + $heat_api = true, + $heat_cfn_api = true, + $heat_cloudwatch_api = true, + $nova_api = true, + $ec2_api = true, + $metadata_api = true, + $swift_api = true, + $keystone_api_admin = true, + $keystone_api = true, + $horizon = true, + $spice = true, + $haproxy_auth = $os_params::haproxy_auth, + $keepalived_state = 'BACKUP', + $keepalived_priority = 50, + $keepalived_interface = $os_params::keepalived_interface, + $keepalived_ipvs = [$os_params::vip_public_ip,$os_params::galera_ip], + $keepalived_localhost_ip = $os_params::keepalived_localhost_ip, + $ks_cinder_public_port = $os_params::ks_cinder_public_port, + $ks_ceilometer_public_port = $os_params::ks_ceilometer_public_port, + $ks_ec2_public_port = $os_params::ks_ec2_public_port, + $ks_glance_api_public_port = $os_params::ks_glance_api_public_port, + $ks_glance_registry_internal_port = $os_params::ks_glance_registry_internal_port, + $ks_heat_public_port = $os_params::ks_heat_public_port, + $ks_heat_cfn_public_port = $os_params::ks_heat_cfn_public_port, + $ks_heat_cloudwatch_public_port = $os_params::ks_heat_cloudwatch_public_port, + $ks_keystone_admin_port = $os_params::ks_keystone_admin_port, + $ks_keystone_public_port = $os_params::ks_keystone_public_port, + $ks_metadata_public_port = $os_params::ks_metadata_public_port, + $ks_neutron_public_port = $os_params::ks_neutron_public_port, + $ks_nova_public_port = $os_params::ks_nova_public_port, + $ks_swift_public_port = $os_params::ks_swift_public_port, + $horizon_port = $os_params::horizon_port, + $spice_port = $os_params::spice_port, + $vip_public_ip = $os_params::vip_public_ip, + $galera_ip = $os_params::galera_ip ){ class { 'haproxy': @@ -145,7 +147,14 @@ class cloud::loadbalancer( if $glance_api { cloud::loadbalancer::listen_http{ 'glance_api_cluster': - ports => $ks_glance_public_port, + ports => $ks_glance_api_public_port, + listen_ip => $vip_public_ip; + } + } + if $glance_registry { + cloud::loadbalancer::listen_http{ + 'glance_registry_cluster': + ports => $ks_glance_registry_internal_port, listen_ip => $vip_public_ip; } } diff --git a/spec/classes/cloud_compute_controller_spec.rb b/spec/classes/cloud_compute_controller_spec.rb index 3afc3560..b656c6c5 100644 --- a/spec/classes/cloud_compute_controller_spec.rb +++ b/spec/classes/cloud_compute_controller_spec.rb @@ -30,7 +30,7 @@ describe 'cloud::compute::controller' do rabbit_hosts => ['10.0.0.1'], rabbit_password => 'secrete', ks_glance_internal_host => '10.0.0.1', - glance_port => '9292', + glance_api_port => '9292', verbose => true, debug => true }" end diff --git a/spec/classes/cloud_compute_hypervisor_spec.rb b/spec/classes/cloud_compute_hypervisor_spec.rb index e2fa88b2..94d26c86 100644 --- a/spec/classes/cloud_compute_hypervisor_spec.rb +++ b/spec/classes/cloud_compute_hypervisor_spec.rb @@ -30,7 +30,7 @@ describe 'cloud::compute::hypervisor' do rabbit_hosts => ['10.0.0.1'], rabbit_password => 'secrete', ks_glance_internal_host => '10.0.0.1', - glance_port => '9292', + glance_api_port => '9292', verbose => true, debug => true }" end diff --git a/spec/classes/cloud_image_spec.rb b/spec/classes/cloud_image_spec.rb index 4134691a..69d45fae 100644 --- a/spec/classes/cloud_image_spec.rb +++ b/spec/classes/cloud_image_spec.rb @@ -23,19 +23,19 @@ describe 'cloud::image' do shared_examples_for 'openstack image' do let :params do - { :glance_db_host => '10.0.0.1', - :glance_db_user => 'glance', - :glance_db_password => 'secrete', - :ks_keystone_internal_host => '10.0.0.1', - :ks_glance_internal_port => '9292', - :ks_glance_password => 'secrete', - :rabbit_host => '10.0.0.1', - :rabbit_password => 'secrete', - :rbd_store_user => 'glance', - :rbd_store_pool => 'images', - :debug => true, - :verbose => true, - :api_eth => '10.0.0.1' } + { :glance_db_host => '10.0.0.1', + :glance_db_user => 'glance', + :glance_db_password => 'secrete', + :ks_keystone_internal_host => '10.0.0.1', + :ks_glance_api_internal_port => '9292', + :ks_glance_password => 'secrete', + :rabbit_host => '10.0.0.1', + :rabbit_password => 'secrete', + :rbd_store_user => 'glance', + :rbd_store_pool => 'images', + :debug => true, + :verbose => true, + :api_eth => '10.0.0.1' } end it 'configure glance-api' do diff --git a/spec/classes/cloud_loadbalancer_spec.rb b/spec/classes/cloud_loadbalancer_spec.rb index 3fb171f6..ad4c650c 100644 --- a/spec/classes/cloud_loadbalancer_spec.rb +++ b/spec/classes/cloud_loadbalancer_spec.rb @@ -23,44 +23,45 @@ describe 'cloud::loadbalancer' do shared_examples_for 'openstack loadbalancer' do let :params do - { :ceilometer_api => true, - :cinder_api => true, - :glance_api => true, - :neutron_api => true, - :heat_api => true, - :heat_cfn_api => true, - :heat_cloudwatch_api => true, - :nova_api => true, - :ec2_api => true, - :metadata_api => true, - :swift_api => true, - :keystone_api_admin => true, - :keystone_api => true, - :horizon => true, - :spice => true, - :haproxy_auth => 'root:secrete', - :keepalived_state => 'BACKUP', - :keepalived_priority => 50, - :keepalived_interface => 'eth0', - :keepalived_ipvs => ['10.0.0.1', '10.0.0.2'], - :keepalived_localhost_ip => '127.0.0.1', - :horizon_port => '80', - :spice_port => '6082', - :vip_public_ip => '10.0.0.3', - :galera_ip => '10.0.0.4', - :ks_ceilometer_public_port => '8777', - :ks_nova_public_port => '8774', - :ks_ec2_public_port => '8773', - :ks_metadata_public_port => '8777', - :ks_glance_public_port => '9292', - :ks_swift_public_port => '8080', - :ks_keystone_public_port => '5000', - :ks_keystone_admin_port => '35357', - :ks_cinder_public_port => '8776', - :ks_neutron_public_port => '9696', - :ks_heat_public_port => '8004', - :ks_heat_cfn_public_port => '8000', - :ks_heat_cloudwatch_public_port => '8003' } + { :ceilometer_api => true, + :cinder_api => true, + :glance_api => true, + :neutron_api => true, + :heat_api => true, + :heat_cfn_api => true, + :heat_cloudwatch_api => true, + :nova_api => true, + :ec2_api => true, + :metadata_api => true, + :swift_api => true, + :keystone_api_admin => true, + :keystone_api => true, + :horizon => true, + :spice => true, + :haproxy_auth => 'root:secrete', + :keepalived_state => 'BACKUP', + :keepalived_priority => 50, + :keepalived_interface => 'eth0', + :keepalived_ipvs => ['10.0.0.1', '10.0.0.2'], + :keepalived_localhost_ip => '127.0.0.1', + :horizon_port => '80', + :spice_port => '6082', + :vip_public_ip => '10.0.0.3', + :galera_ip => '10.0.0.4', + :ks_ceilometer_public_port => '8777', + :ks_nova_public_port => '8774', + :ks_ec2_public_port => '8773', + :ks_metadata_public_port => '8777', + :ks_glance_api_public_port => '9292', + :ks_glance_registry_internal_port => '9191', + :ks_swift_public_port => '8080', + :ks_keystone_public_port => '5000', + :ks_keystone_admin_port => '35357', + :ks_cinder_public_port => '8776', + :ks_neutron_public_port => '9696', + :ks_heat_public_port => '8004', + :ks_heat_cfn_public_port => '8000', + :ks_heat_cloudwatch_public_port => '8003' } end it 'configure haproxy server' do