Lint parameter documentation and add missing doc

Added puppet lint on documentation also, and fix all missing parameters documentation. We now have a full documentation support (and ready for puppet-strings) Co-Authored-By: Emilien Macchi <emilien.macchi@enovance.com> Change-Id: I5891f4c2ff917102aa6d1a7e6692e8cb6d583ee7
2014-12-07 23:04:44 +01:00 · 2014-12-07 23:04:44 +01:00 · bd2dbe308b
commit bd2dbe308b
parent 19307b9c50
46 changed files with 1489 additions and 86 deletions
--- a/1
+++ b/1
@ -3,6 +3,7 @@ source 'https://rubygems.org'
 group :development, :test do
  gem 'puppetlabs_spec_helper', :require => false
  gem 'puppet-lint'
+  gem 'puppet-lint-param-docs', '1.1.0'
  gem 'metadata-json-lint'
  gem 'rake', '10.1.1'
  gem 'puppet-syntax'
--- a/manifests/compute.pp
+++ b/manifests/compute.pp
@ -48,6 +48,10 @@
 #   (optional) Internal Hostname or IP to connect to Glance API
 #   Defaults to '127.0.0.1'
 #
+# [*ks_glance_internal_proto*]
+#   (optional) Internal protocol to connect to Glance API
+#   Defaults to 'http'
+#
 # [*glance_api_port*]
 #   (optional) TCP port to connect to Glance API
 #   Defaults to '9292'
@ -68,10 +72,34 @@
 #   (optional) Syslog facility to receive log lines
 #   Defaults to 'LOG_LOCAL0'
 #
+# [*neutron_endpoint*]
+#   (optional) Host running auth service.
+#   Defaults to '127.0.0.1'
+#
+# [*neutron_protocol*]
+#   (optional) Protocol to connect to Neutron service.
+#   Defaults to 'http'
+#
+# [*neutron_password*]
+#   (optional) Password to connect to Neutron service.
+#   Defaults to 'neutronpassword'
+#
+# [*neutron_region_name*]
+#   (optional) Name of the Neutron Region.
+#   Defaults to 'RegionOne'
+#
 # [*memcache_servers*]
 #   (optionnal) Memcached servers used by Keystone. Should be an array.
 #   Defaults to ['127.0.0.1:11211']
 #
+# [*availability_zone*]
+#   (optional) Name of the default Nova availability zone.
+#   Defaults to 'RegionOne'
+#
+# [*cinder_endpoint_type*]
+#   (optional) Cinder endpoint type to use.
+#   Defaults to 'publicURL'
+#
 class cloud::compute(
  $nova_db_host             = '127.0.0.1',
  $nova_db_use_slave        = false,
@ -157,7 +185,7 @@ class cloud::compute(
  # Note(EmilienM):
  # We check if DB tables are created, if not we populate Nova DB.
  # It's a hack to fit with our setup where we run MySQL/Galera
-  # TODO(Gonéri)
+  # TODO(Goneri)
  # We have to do this only on the primary node of the galera cluster to avoid race condition
  # https://github.com/enovance/puppet-openstack-cloud/issues/156
  exec {'nova_db_sync':
--- a/manifests/compute/api.pp
+++ b/manifests/compute/api.pp
@ -19,6 +19,39 @@
 #
 # === Parameters:
 #
+# [*ks_keystone_internal_host*]
+#   (optional) Internal Hostname or IP to connect to Keystone API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_keystone_internal_proto*]
+#   (optional) Protocol used to connect to Keystone API.
+#   Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_nova_password*]
+#   (optional) Password used by Nova to connect to Keystone API
+#   Defaults to 'novapassword'
+#
+# [*neutron_metadata_proxy_shared_secret*]
+#   (optional) Shared secret to validate proxies Neutron metadata requests
+#   Defaults to 'metadatapassword'
+#
+# [*api_eth*]
+#   (optional) Hostname or IP to bind Nova API.
+#   Defaults to '127.0.0.1'
+#
+# [*ks_nova_public_port*]
+#   (optional) TCP port for bind Nova API.
+#   Defaults to '8774'
+#
+# [*ks_ec2_public_port*]
+#   (optional) TCP port for bind Nova EC2 API.
+#   Defaults to '8773'
+#
+# [*ks_metadata_public_port*]
+#   (optional) TCP port for bind Nova metadata API.
+#   Defaults to '8775'
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
--- a/manifests/compute/consoleproxy.pp
+++ b/manifests/compute/consoleproxy.pp
@ -13,8 +13,25 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class: cloud::compute::consoleproxy
+#
 # Compute Proxy Console node
 #
+# === Parameters:
+#
+# [*api_eth*]
+#   (optional) Hostname or IP to bind Nova spicehtmlproxy service.
+#   Defaults to '127.0.0.1'
+#
+# [*spice_port*]
+#   (optional) TCP port to bind Nova spicehtmlproxy service.
+#   Defaults to '6082'
+#
+# [*firewall_settings*]
+#   (optional) Allow to add custom parameters to firewall rules
+#   Should be an hash.
+#   Default to {}
+#
 class cloud::compute::consoleproxy(
  $api_eth           = '127.0.0.1',
  $spice_port        = '6082',
--- a/manifests/compute/hypervisor.pp
+++ b/manifests/compute/hypervisor.pp
@ -19,6 +19,51 @@
 #
 # === Parameters:
 #
+# [*server_proxyclient_address*]
+#   (optional) Hostname or IP used to connect to Spice service.
+#   Defaults to '127.0.0.1'
+#
+# [*libvirt_type*]
+#   (optional) Libvirt domain type. Options are: kvm, lxc, qemu, uml, xen
+#   Replaces libvirt_type
+#   Defaults to 'kvm'
+#
+# [*ks_nova_public_proto*]
+#   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_nova_public_host*]
+#   (optional) Public Hostname or IP to connect to Nova API
+#   Defaults to '127.0.0.1'
+#
+# [*nova_ssh_public_key*]
+#   (optional) Install public key in .ssh/authorized_keys for the 'nova' user.
+#   Note: this parameter use the 'content' provider of Puppet, in consequence
+#   you must provide the entire ssh public key in this parameter.
+#   Defaults to undef
+#
+# [*nova_ssh_private_key*]
+#   (optional) Install private key into .ssh/id_rsa.
+#   Note: this parameter use the 'content' provider of Puppet, in consequence
+#   you must provide the entire ssh privatekey in this parameter.
+#   Defaults to undef
+#
+# [*spice_port*]
+#   (optional) TCP port to connect to Nova spicehtmlproxy service.
+#   Defaults to '6082'
+#
+# [*cinder_rbd_user*]
+#   (optional) The RADOS client name for accessing rbd volumes.
+#   Defaults to 'cinder'
+#
+# [*nova_rbd_pool*]
+#   (optional) The RADOS pool in which rbd volumes are stored.
+#   Defaults to 'vms'
+#
+# [*nova_rbd_secret_uuid*]
+#   (optional) The libvirt uuid of the secret for the cinder_rbd_user.
+#   Defaults to undef
+#
 # [*vm_rbd*]
 #   (optional) Enable or not ceph capabilities on compute node to store
 #   nova instances on ceph storage.
@ -61,6 +106,14 @@
 #   Need to be a valid shell path.
 #   Defaults to false
 #
+# [*ks_spice_public_proto*]
+#   (optional) Protocol used to connect to Spice service.
+#   Defaults to false (use nova_public_proto)
+#
+# [*ks_spice_public_host*]
+#   (optional) Hostname or IP used to connect to Spice service.
+#   Defaults to false (use nova_public_host)
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
--- a/manifests/dashboard.pp
+++ b/manifests/dashboard.pp
@ -32,6 +32,10 @@
 #   (optional) Port used to connect to OpenStack Dashboard
 #   Defaults to '80'
 #
+# [*horizon_ssl_port*]
+#   (optional) Port used to connect to OpenStack Dashboard using SSL
+#   Defaults to '443'
+#
 # [*api_eth*]
 #   (optional) Which interface we bind the Horizon server.
 #   Defaults to '127.0.0.1'
@ -75,6 +79,21 @@
 #   Useful when activating SSL binding on HAproxy and not in Horizon.
 #   Defaults to false
 #
+#  [*os_endpoint_type*]
+#    (optional) endpoint type to use for the endpoints in the Keystone
+#    service catalog. Defaults to 'undef'.
+#
+#  [*allowed_hosts*]
+#    (optional) List of hosts which will be set as value of ALLOWED_HOSTS
+#    parameter in settings_local.py. This is used by Django for
+#    security reasons. Can be set to * in environments where security is
+#    deemed unimportant.
+#    Defaults to ::fqdn.
+#
+#  [*vhost_extra_params*]
+#    (optionnal) extra parameter to pass to the apache::vhost class
+#    Defaults to {}
+#
 # [*neutron_extra_options*]
 #   (optional) Enable optional services provided by neutron
 #   Useful when using cisco n1kv plugin, vpnaas or fwaas.
@ -152,7 +171,7 @@ class cloud::dashboard(
  }

  if ($::osfamily == 'Debian') {
-    # TODO(Gonéri): HACK to ensure Horizon can cache its files
+    # TODO(Goneri): HACK to ensure Horizon can cache its files
    $horizon_var_dir = ['/var/lib/openstack-dashboard/static/js','/var/lib/openstack-dashboard/static/css']
    file {$horizon_var_dir:
      ensure => directory,
--- a/manifests/database/dbaas.pp
+++ b/manifests/database/dbaas.pp
@ -39,17 +39,17 @@
 #   (optional) Password to connect to nova queues.
 #   Defaults to 'rabbitpassword'
 #
-# [*nova_proxy_admin_user*]
-#   (optional) Admin username used to connect to nova.
-#   Defaults to 'admin'
+# [*nova_admin_username*]
+#   (optional) Trove username used to connect to nova.
+#   Defaults to 'trove'
 #
-# [*nova_proxy_admin_pass*]
-#   (optional) Admin password used to connect to nova.
+# [*nova_admin_password*]
+#   (optional) Trove password used to connect to nova.
 #   Defaults to 'trovepassword'
 #
-# [*nova_proxy_admin_tenant_name*]
-#   (optional) Admin tenant name used to connect to nova.
-#   Defaults to 'admin'
+# [*nova_admin_tenant_name*]
+#   (optional) Trove tenant name used to connect to nova.
+#   Defaults to 'services'
 #
 class cloud::database::dbaas(
  $trove_db_host                = '127.0.0.1',
--- a/manifests/database/dbaas/api.pp
+++ b/manifests/database/dbaas/api.pp
@ -19,6 +19,43 @@
 #
 # === Parameters:
 #
+# [*ks_trove_password*]
+#   (required) Password used by trove for Keystone authentication.
+#   Default: 'trovepassword'
+#
+# [*verbose*]
+#   (optional) Rather to log the trove api service at verbose level.
+#   Default: true
+#
+# [*debug*]
+#   (optional) Rather to log the trove api service at debug level.
+#   Default: true
+#
+# [*use_syslog*]
+#   (optional) Use syslog for logging.
+#   Defaults to true
+#
+# [*api_eth*]
+#   (optional) Hostname or IP to bind Trove API.
+#   Defaults to '127.0.0.1'
+#
+# [*ks_trove_public_port*]
+#   (optional) TCP public port used to connect to Trove API.
+#   Defaults to '8779'
+#
+# [*ks_keystone_internal_host*]
+#   (optional) Internal Hostname or IP to connect to Keystone API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_keystone_internal_port*]
+#   (optional) TCP internal port used to connect to Keystone API.
+#   Defaults to '5000'
+#
+# [*ks_keystone_internal_proto*]
+#   (optional) Protocol used to connect to Keystone API.
+#   Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
--- a/manifests/database/dbaas/conductor.pp
+++ b/manifests/database/dbaas/conductor.pp
@ -17,6 +17,32 @@
 #
 # Class to install Conductor service of OpenStack Database as a Service (Trove)
 #
+# === Parameters:
+#
+# [*ks_keystone_internal_host*]
+#   (optional) Internal Hostname or IP to connect to Keystone API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_keystone_internal_port*]
+#   (optional) TCP internal port used to connect to Keystone API.
+#   Defaults to '5000'
+#
+# [*ks_keystone_internal_proto*]
+#   (optional) Protocol used to connect to Keystone API.
+#   Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*verbose*]
+#   (optional) Rather to log the trove api service at verbose level.
+#   Default: true
+#
+# [*debug*]
+#   (optional) Rather to log the trove api service at debug level.
+#   Default: true
+#
+# [*use_syslog*]
+#   (optional) Use syslog for logging.
+#   Defaults to true
 #
 class cloud::database::dbaas::conductor(
  $ks_keystone_internal_host  = '127.0.0.1',
--- a/manifests/database/dbaas/taskmanager.pp
+++ b/manifests/database/dbaas/taskmanager.pp
@ -17,6 +17,32 @@
 #
 # Class to install Taskmanager service of OpenStack Database as a Service (Trove)
 #
+# === Parameters:
+#
+# [*ks_keystone_internal_host*]
+#   (optional) Internal Hostname or IP to connect to Keystone API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_keystone_internal_port*]
+#   (optional) TCP internal port used to connect to Keystone API.
+#   Defaults to '5000'
+#
+# [*ks_keystone_internal_proto*]
+#   (optional) Protocol used to connect to Keystone API.
+#   Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*verbose*]
+#   (optional) Rather to log the trove api service at verbose level.
+#   Default: true
+#
+# [*debug*]
+#   (optional) Rather to log the trove api service at debug level.
+#   Default: true
+#
+# [*use_syslog*]
+#   (optional) Use syslog for logging.
+#   Defaults to true
 #
 class cloud::database::dbaas::taskmanager(
  $ks_keystone_internal_host  = '127.0.0.1',
--- a/manifests/database/sql.pp
+++ b/manifests/database/sql.pp
@ -7,7 +7,7 @@
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
-# Unless required by applicable law or agreed to in writing, software
+# Unless optional by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and limitations
@ -17,18 +17,172 @@
 #
 # === Parameters
 #
+# [*api_eth*]
+#   (optional) Hostname or IP to bind MySQL daemon.
+#   Defaults to '127.0.0.1'
+#
+# [*galera_master_name*]
+#   (optional) Hostname or IP of the Galera master node, databases and users
+#   resources are created on this node and propagated on the cluster.
+#   Defaults to 'mgmt001'
+#
 # [*galera_internal_ips*]
-#   Array of internal ip of the galera nodes.
+#   (optional) Array of internal ip of the galera nodes.
 #   Defaults to ['127.0.0.1']
 #
+# [*galera_gcache*]
+#   (optional) Size of the Galera gcache
+#   wsrep_provider_options, for master/slave mode
+#   Defaults to '1G'
+#
+# [*keystone_db_host*]
+#   (optional) Host where user should be allowed all privileges for database.
+#   Defaults to 127.0.0.1
+#
+# [*keystone_db_user*]
+#   (optional) Name of keystone DB user.
+#   Defaults to trove
+#
+# [*keystone_db_password*]
+#   (optional) Password that will be used for the Keystone db user.
+#   Defaults to 'keystonepassword'
+#
+# [*keystone_db_allowed_hosts*]
+#   (optional) Hosts allowed to use the database
+#   Defaults to ['127.0.0.1']
+#
+# [*cinder_db_host*]
+#   (optional) Host where user should be allowed all privileges for database.
+#   Defaults to 127.0.0.1
+#
+# [*cinder_db_user*]
+#   (optional) Name of cinder DB user.
+#   Defaults to trove
+#
+# [*cinder_db_password*]
+#   (optional) Password that will be used for the cinder db user.
+#   Defaults to 'cinderpassword'
+#
+# [*cinder_db_allowed_hosts*]
+#   (optional) Hosts allowed to use the database
+#   Defaults to ['127.0.0.1']
+#
+# [*glance_db_host*]
+#   (optional) Host where user should be allowed all privileges for database.
+#   Defaults to 127.0.0.1
+#
+# [*glance_db_user*]
+#   (optional) Name of glance DB user.
+#   Defaults to trove
+#
+# [*glance_db_password*]
+#   (optional) Password that will be used for the glance db user.
+#   Defaults to 'glancepassword'
+#
+# [*glance_db_allowed_hosts*]
+#   (optional) Hosts allowed to use the database
+#   Defaults to ['127.0.0.1']
+#
+# [*heat_db_host*]
+#   (optional) Host where user should be allowed all privileges for database.
+#   Defaults to 127.0.0.1
+#
+# [*heat_db_user*]
+#   (optional) Name of heat DB user.
+#   Defaults to trove
+#
+# [*heat_db_password*]
+#   (optional) Password that will be used for the heat db user.
+#   Defaults to 'heatpassword'
+#
+# [*heat_db_allowed_hosts*]
+#   (optional) Hosts allowed to use the database
+#   Defaults to ['127.0.0.1']
+#
+# [*nova_db_host*]
+#   (optional) Host where user should be allowed all privileges for database.
+#   Defaults to 127.0.0.1
+#
+# [*nova_db_user*]
+#   (optional) Name of nova DB user.
+#   Defaults to trove
+#
+# [*nova_db_password*]
+#   (optional) Password that will be used for the nova db user.
+#   Defaults to 'novapassword'
+#
+# [*nova_db_allowed_hosts*]
+#   (optional) Hosts allowed to use the database
+#   Defaults to ['127.0.0.1']
+#
+# [*neutron_db_host*]
+#   (optional) Host where user should be allowed all privileges for database.
+#   Defaults to 127.0.0.1
+#
+# [*neutron_db_user*]
+#   (optional) Name of neutron DB user.
+#   Defaults to trove
+#
+# [*neutron_db_password*]
+#   (optional) Password that will be used for the neutron db user.
+#   Defaults to 'neutronpassword'
+#
+# [*neutron_db_allowed_hosts*]
+#   (optional) Hosts allowed to use the database
+#   Defaults to ['127.0.0.1']
+#
+# [*trove_db_host*]
+#   (optional) Host where user should be allowed all privileges for database.
+#   Defaults to 127.0.0.1
+#
+# [*trove_db_user*]
+#   (optional) Name of trove DB user.
+#   Defaults to trove
+#
+# [*trove_db_password*]
+#   (optional) Password that will be used for the trove db user.
+#   Defaults to 'trovepassword'
+#
+# [*trove_db_allowed_hosts*]
+#   (optional) Hosts allowed to use the database
+#   Defaults to ['127.0.0.1']
+#
+# [*mysql_root_password*]
+#   (optional) The MySQL root password.
+#   Puppet will attempt to set the root password and update `/root/.my.cnf` with it.
+#   Defaults to 'rootpassword'
+#
+# [*mysql_sys_maint_password*]
+#   (optional) The MySQL debian-sys-maint password.
+#   Debian only parameter.
+#   Defaults to 'sys_maint'
+#
+# [*galera_clustercheck_dbuser*]
+#   (optional) The MySQL username for Galera cluster check (using monitoring database)
+#   Defaults to 'clustercheckdbuser'
+#
+# [*galera_clustercheck_dbpassword*]
+#   (optional) The MySQL password for Galera cluster check
+#   Defaults to 'clustercheckpassword'
+#
+# [*galera_clustercheck_ipaddress*]
+#   (optional) The name or ip address of host running monitoring database (clustercheck)
+#   Defaults to '127.0.0.1'
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
 #   Default to {}
 #
+# ==== Deprecated parameters:
+#
+# [*service_provider*]
+#   Previously used to choose between sysv and systemd, yes suppressed
+#   because this subject is potentially a troll :-D
+#   Defaults to 'sysv'
+#
 class cloud::database::sql (
    $api_eth                        = '127.0.0.1',
-    $service_provider               = 'sysv',
    $galera_master_name             = 'mgmt001',
    $galera_internal_ips            = ['127.0.0.1'],
    $galera_gcache                  = '1G',
@ -66,6 +220,8 @@ class cloud::database::sql (
    $galera_clustercheck_dbpassword = 'clustercheckpassword',
    $galera_clustercheck_ipaddress  = '127.0.0.1',
    $firewall_settings              = {},
+    # DEPRECATED PARAMETERS
+    $service_provider               = 'sysv',
 ) {

  include 'xinetd'
@ -328,7 +484,7 @@ class cloud::database::sql (

  # The puppet-xinetd module do not correctly reload
  # the configuration on “notify”
-  # TODO(Gonéri): remove this once https://github.com/puppetlabs/puppetlabs-xinetd/pull/9
+  # TODO(Goneri): remove this once https://github.com/puppetlabs/puppetlabs-xinetd/pull/9
  # get merged
  exec{ 'reload_xinetd':
    command     => '/usr/bin/pkill -F /var/run/xinetd.pid --signal HUP',
--- a/manifests/firewall/post.pp
+++ b/manifests/firewall/post.pp
@ -17,6 +17,17 @@
 #
 # Firewall rules during 'post' Puppet stage
 #
+# === Parameters:
+#
+# [*debug*]
+#   (optional) Set log output to debug output
+#   Defaults to false
+#
+# [*firewall_settings*]
+#   (optional) Allow to add custom parameters to firewall rules
+#   Should be an hash.
+#   Default to {}
+#
 class cloud::firewall::post(
  $debug             = false,
  $firewall_settings = {},
--- a/manifests/firewall/pre.pp
+++ b/manifests/firewall/pre.pp
@ -17,6 +17,13 @@
 #
 # Firewall rules during 'pre' Puppet stage
 #
+# === Parameters:
+#
+# [*firewall_settings*]
+#   (optional) Allow to add custom parameters to firewall rules
+#   Should be an hash.
+#   Default to {}
+#
 class cloud::firewall::pre(
  $firewall_settings = {},
 ){
--- a/manifests/identity.pp
+++ b/manifests/identity.pp
@ -35,6 +35,10 @@
 #   (optional) Password to connect to keystone database
 #   Defaults to 'keystonepassword'
 #
+# [*memcache_servers*]
+#   (optionnal) Memcached servers used by Keystone. Should be an array.
+#   Defaults to ['127.0.0.1:11211']
+#
 # [*ks_admin_email*]
 #   (optional) Email address of admin user in Keystone
 #   Defaults to 'no-reply@keystone.openstack'
@ -194,46 +198,114 @@
 #   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
 #   Defaults to 'http'
 #
+# [*ks_swift_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_swift_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
 # [*ks_ceilometer_public_proto*]
 #   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
 #   Defaults to 'http'
 #
+# [*ks_ceilometer_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_ceilometer_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
 # [*ks_heat_public_proto*]
 #   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
 #   Defaults to 'http'
 #
+# [*ks_heat_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_heat_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_keystone_public_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_keystone_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_keystone_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
 # [*ks_nova_public_proto*]
 #   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
 #   Defaults to 'http'
 #
+# [*ks_nova_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_nova_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
 # [*ks_neutron_public_proto*]
 #   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
 #   Defaults to 'http'
 #
+# [*ks_neutron_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_neutron_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
 # [*ks_trove_public_proto*]
 #   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
 #   Defaults to 'http'
 #
+# [*ks_trove_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_trove_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
 # [*ks_glance_public_proto*]
 #   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
 #   Defaults to 'http'
 #
+# [*ks_glance_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_glance_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
 # [*ks_cinder_public_proto*]
 #   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
 #   Defaults to 'http'
 #
+# [*ks_cinder_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_cinder_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
 # [*ks_ceilometer_public_port*]
 #   (optional) TCP port to connect to Ceilometer API from public network
 #   Defaults to '8777'
 #
-# [*ks_ceilometer_admin_port*]
-#   (optional) TCP port to connect to Ceilometer API from admin network
-#   Defaults to '8777'
-#
-# [*ks_ceilometer_internal_port*]
-#   (optional) TCP port to connect to Ceilometer API from internal network
-#   Defaults to '8777'
-#
 # [*ks_keystone_internal_port*]
 #   (optional) TCP port to connect to Keystone API from internal network
 #   Defaults to '5000'
@ -250,22 +322,10 @@
 #   (optional) TCP port to connect to Swift API from public network
 #   Defaults to '8080'
 #
-# [*ks_nova_internal_port*]
-#   (optional) TCP port to connect to Nova API from internal network
-#   Defaults to '8774'
-#
-# [*ks_trove_internal_port*]
-#   (optional) TCP port to connect to Trove API from internal network
-#   Defaults to '8779'
-#
 # [*ks_trove_public_port*]
 #   (optional) TCP port to connect to Trove API from public network
 #   Defaults to '8779'
 #
-# [*ks_trove_admin_port*]
-#   (optional) TCP port to connect to Trove API from admin network
-#   Defaults to '8779'
-#
 # [*ks_nova_public_port*]
 #   (optional) TCP port to connect to Nova API from public network
 #   Defaults to '8774'
@ -274,50 +334,31 @@
 #   (optional) TCP port to connect to EC2 API from public network
 #   Defaults to '8773'
 #
-# [*ks_nova_admin_port*]
-#   (optional) TCP port to connect to Nova API from admin network
-#   Defaults to '8774'
-#
-# [*ks_cinder_internal_port*]
-#   (optional) TCP port to connect to Cinder API from internal network
-#   Defaults to '8776'
+# [*ks_swift_dispersion_password*]
+#   (optional) Password of the dispersion tenant, used for swift-dispersion-report
+#   and swift-dispersion-populate tools.
+#   Defaults to 'dispersion'
 #
 # [*ks_cinder_public_port*]
 #   (optional) TCP port to connect to Cinder API from public network
 #   Defaults to '8776'
 #
-# [*ks_cinder_admin_port*]
-#   (optional) TCP port to connect to Cinder API from admin network
-#   Defaults to '8776'
-#
-# [*ks_neutron_internal_port*]
-#   (optional) TCP port to connect to Neutron API from internal network
-#   Defaults to '9696'
-#
 # [*ks_neutron_public_port*]
 #   (optional) TCP port to connect to Neutron API from public network
 #   Defaults to '9696'
 #
-# [*ks_neutron_admin_port*]
-#   (optional) TCP port to connect to Neutron API from admin network
-#   Defaults to '9696'
-#
 # [*ks_heat_public_port*]
 #   (optional) TCP port to connect to Heat API from public network
+#   Defaults to '8004'
+#
+# [*ks_heat_cfn_public_port*]
+#   (optional) TCP port to connect to Heat API from public network
 #   Defaults to '8000'
 #
-# [*ks_glance_api_internal_port*]
-#   (optional) TCP port to connect to Glance API from internal network
-#   Defaults to '9292'
-#
 # [*ks_glance_api_public_port*]
 #   (optional) TCP port to connect to Glance API from public network
 #   Defaults to '9292'
 #
-# [*ks_glance_api_admin_port*]
-#   (optional) TCP port to connect to Glance API from admin network
-#   Defaults to '9292'
-#
 # [*api_eth*]
 #   (optional) Which interface we bind the Keystone server.
 #   Defaults to '127.0.0.1'
@ -355,6 +396,14 @@
 #   Experimental feature.
 #   Defaults to false
 #
+# [*swift_enabled*]
+#   (optional) Enable or not OpenStack Swift (Stockage as a Service)
+#   Defaults to true
+#
+# [*ks_token_expiration*]
+#   (optional) Amount of time a token should remain valid (seconds).
+#   Defaults to 3600 (1 hour).
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
@ -656,7 +705,7 @@ class cloud::identity (
  # Note(EmilienM):
  # We check if DB tables are created, if not we populate Keystone DB.
  # It's a hack to fit with our setup where we run MySQL/Galera
-  # TODO(Gonéri)
+  # TODO(Goneri)
  # We have to do this only on the primary node of the galera cluster to avoid race condition
  # https://github.com/enovance/puppet-openstack-cloud/issues/156
  exec {'keystone_db_sync':
--- a/manifests/image/api.pp
+++ b/manifests/image/api.pp
@ -35,10 +35,22 @@
 #   (optional) Internal Hostname or IP to connect to Keystone API
 #   Defaults to '127.0.0.1'
 #
+# [*ks_keystone_internal_proto*]
+#   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_glance_internal_host*]
+#   (optional) Internal Hostname or IP to connect to Glance
+#   Defaults to '127.0.0.1'
+#
 # [*ks_glance_api_internal_port*]
 #   (optional) TCP port to connect to Glance API from internal network
 #   Defaults to '9292'
 #
+# [*ks_glance_registry_internal_proto*]
+#   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
 # [*ks_glance_registry_internal_port*]
 #   (optional) TCP port to connect to Glance Registry from internal network
 #   Defaults to '9191'
@ -59,6 +71,26 @@
 #   (optional) Which interface we bind the Glance API server.
 #   Defaults to '127.0.0.1'
 #
+# [*openstack_vip*]
+#   (optional) Hostname of IP used to connect to Glance registry
+#   Defaults to '127.0.0.1'
+#
+# [*glance_rbd_pool*]
+#   (optional) Name of the Ceph pool which which store the glance images
+#   Defaults to 'images'
+#
+# [*glance_rbd_user*]
+#   (optional) User name used to acces to the glance rbd pool
+#   Defaults to 'glance'
+#
+# [*verbose*]
+#   (optional) Set log output to verbose output
+#   Defaults to true
+#
+# [*debug*]
+#   (optional) Set log output to debug output
+#   Defaults to true
+#
 # [*use_syslog*]
 #   (optional) Use syslog for logging
 #   Defaults to true
--- a/manifests/image/registry.pp
+++ b/manifests/image/registry.pp
@ -35,6 +35,14 @@
 #   (optional) Internal Hostname or IP to connect to Keystone API
 #   Defaults to '127.0.0.1'
 #
+# [*ks_keystone_internal_proto*]
+#   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_glance_internal_host*]
+#   (optional) Internal Hostname or IP to connect to Glance
+#   Defaults to '127.0.0.1'
+#
 # [*ks_glance_registry_internal_port*]
 #   (optional) TCP port to connect to Glance Registry from internal network
 #   Defaults to '9191'
@ -47,6 +55,14 @@
 #   (optional) Which interface we bind the Glance API server.
 #   Defaults to '127.0.0.1'
 #
+# [*verbose*]
+#   (optional) Set log output to verbose output
+#   Defaults to true
+#
+# [*debug*]
+#   (optional) Set log output to debug output
+#   Defaults to true
+#
 # [*use_syslog*]
 #   (optional) Use syslog for logging
 #   Defaults to true
--- a/manifests/init.pp
+++ b/manifests/init.pp
@ -13,10 +13,79 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
-# Class: cloud
+# == Class: cloud
 #
 # Installs the system requirements
 #
+# === Parameters:
+#
+#  [*rhn_registration*]
+#   (optional) The RedHat network authentication token
+#   Defaults to undef
+#
+#  [*root_password*]
+#   (optional) Unix root password
+#   Defaults to 'root'
+#
+#  [*dns_ips*]
+#   (optional) Hostname or IP of the Domain Name Server (dns) used
+#   Should by an array.
+#   Defaults to google public dns ['8.8.8.8', '8.8.4.4']
+#
+#  [*site_domain*]
+#   (optional) Domain name (used for search and domain fields
+#   of resolv.conf configuration file
+#   Defaults to 'mydomain'
+#
+#  [*motd_title*]
+#   (optional) A string used in the top of the server's motd
+#   Defaults to 'eNovance IT Operations'
+#
+# [*selinux_mode*]
+#   (optional) SELinux mode the system should be in
+#   Defaults to 'permissive'
+#   Possible values : disabled, permissive, enforcing
+#
+# [*selinux_directory*]
+#   (optional) Path where to find the SELinux modules
+#   Defaults to '/usr/share/selinux'
+#
+# [*selinux_booleans*]
+#   (optional) Set of booleans to persistently enables
+#   SELinux booleans are the one getsebool -a returns
+#   Defaults []
+#   Example: ['rsync_full_access', 'haproxy_connect_any']
+#
+# [*selinux_modules*]
+#   (optional) Set of modules to load on the system
+#   Defaults []
+#   Example: ['module1', 'module2']
+#   Note: Those module should be in the $directory path
+#
+# [*manage_firewall*]
+#  (optional) Completely enable or disable firewall settings
+#  (false means disabled, and true means enabled)
+#  Defaults to false
+#
+# [*firewall_rules*]
+#   (optional) Allow to add custom firewall rules
+#   Should be an hash.
+#   Default to {}
+#
+# [*purge_firewall_rules*]
+#   (optional) Boolean, purge all firewall resources
+#   Defaults to false
+#
+# [*firewall_pre_extras*]
+#   (optional) Allow to add custom parameters to firewall rules (pre stage)
+#   Should be an hash.
+#   Default to {}
+#
+# [*firewall_post_extras*]
+#   (optional) Allow to add custom parameters to firewall rules (post stage)
+#   Should be an hash.
+#   Default to {}
+#
 class cloud(
  $rhn_registration     = undef,
  $root_password        = 'root',
@ -40,7 +109,7 @@ class cloud(
    fail("OS family unsuppored yet (${::osfamily}), module puppet-openstack-cloud only support RedHat or Debian")
  }

-# motd
+  # motd
  file
  {
    '/etc/motd':
@ -61,16 +130,16 @@ This node is under the control of Puppet ${::puppetversion}.
 ";
  }

-# DNS
+  # DNS
  class { 'dnsclient':
    nameservers => $dns_ips,
    domain      => $site_domain
  }

-# NTP
+  # NTP
  include ::ntp

-# SELinux
+  # SELinux
  if $::osfamily == 'RedHat' {
    class {'cloud::selinux' :
      mode      => $selinux_mode,
@ -81,7 +150,7 @@ This node is under the control of Puppet ${::puppetversion}.
    }
  }

-# Strong root password for all servers
+  # Strong root password for all servers
  user { 'root':
    ensure   => 'present',
    gid      => '0',
--- a/manifests/loadbalancer.pp
+++ b/manifests/loadbalancer.pp
@ -18,6 +18,7 @@
 # Install Load-Balancer node (HAproxy + Keepalived)
 #
 # === Parameters:
+#
 # [*keepalived_vrrp_interface*]
 #  (optional) Networking interface to bind the vrrp traffic.
 #  Defaults to false (disabled)
@ -128,6 +129,20 @@
 #   If set to false, no binding will be configure
 #   Defaults to true
 #
+# [*horizon*]
+#   (optional) Enable or not Horizon public binding.
+#   If true, both public and internal will attempt to be created except if vip_internal_ip is set to false.
+#   If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
+#   If set to false, no binding will be configure
+#   Defaults to true
+#
+# [*horizon_ssl*]
+#   (optional) Enable or not Horizon SSL public binding.
+#   If true, both public and internal will attempt to be created except if vip_internal_ip is set to false.
+#   If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
+#   If set to false, no binding will be configure
+#   Defaults to true
+#
 # [*ec2_api*]
 #   (optional) Enable or not EC2 public binding.
 #   If true, both public and internal will attempt to be created except if vip_internal_ip is set to false.
@ -135,6 +150,13 @@
 #   If set to false, no binding will be configure
 #   Defaults to true
 #
+# [*spice*]
+#   (optional) Enable or not spice binding.
+#   If true, both public and internal will attempt to be created except if vip_internal_ip is set to false.
+#   If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options.
+#   If set to false, no binding will be configure.
+#   Defaults to false
+#
 # [*metadata_api*]
 #   (optional) Enable or not Metadata public binding.
 #   If true, both public and internal will attempt to be created except if vip_internal_ip is set to false.
@ -163,6 +185,194 @@
 #   If set to false, no binding will be configure
 #   Defaults to true
 #
+# [*haproxy_auth*]
+#  (optional) The HTTP sytle basic credentials (using login:password form)
+#  Defaults to 'admin:changeme'
+#
+# [*keepalived_state*]
+#  (optional) TODO
+#  Defaults to 'BACKUP'
+#
+# [*keepalived_priority*]
+#  (optional) TODO
+#  Defaults to '50'
+#
+# [*ceilometer_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*cinder_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*ec2_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*glance_api_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*glance_registry_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*heat_cfn_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*heat_cloudwatch_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*heat_api_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*keystone_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*keystone_admin_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*metadata_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*neutron_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*nova_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*trove_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*swift_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*spice_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*horizon_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*horizon_ssl_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*rabbitmq_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*galera_bind_options*]
+#   (optional) A hash of options that are inserted into the HAproxy listening
+#   service configuration block.
+#   Defaults to []
+#
+# [*ks_ceilometer_public_port*]
+#   (optional) TCP port to connect to Ceilometer API from public network
+#   Defaults to '8777'
+#
+# [*ks_cinder_public_port*]
+#   (optional) TCP port to connect to Cinder API from public network
+#   Defaults to '8776'
+#
+# [*ks_ec2_public_port*]
+#   (optional) TCP port to connect to EC2 API from public network
+#   Defaults to '8773'
+#
+# [*ks_glance_api_public_port*]
+#   (optional) TCP port to connect to Glance API from public network
+#   Defaults to '9292'
+#
+# [*ks_glance_registry_internal_port*]
+#   (optional) TCP port to connect to Glance API from public network
+#   Defaults to '9191'
+#
+# [*ks_heat_cfn_public_port*]
+#   (optional) TCP port to connect to Heat API from public network
+#   Defaults to '8000'
+#
+# [*ks_heat_cloudwatch_public_port*]
+#   (optional) TCP port to connect to Heat API from public network
+#   Defaults to '8003'
+#
+# [*ks_heat_public_port*]
+#   (optional) TCP port to connect to Heat API from public network
+#   Defaults to '8004'
+#
+# [*ks_keystone_admin_port*]
+#   (optional) TCP port to connect to Keystone Admin API from public network
+#   Defaults to '35357'
+#
+# [*ks_keystone_public_port*]
+#   (optional) TCP port to connect to Keystone API from public network
+#   Defaults to '5000'
+#
+# [*ks_metadata_public_port*]
+#   (optional) TCP port to connect to Keystone metadata API from public network
+#   Defaults to '8775'
+#
+# [*ks_swift_public_port*]
+#   (optional) TCP port to connect to Swift API from public network
+#   Defaults to '8080'
+#
+# [*ks_trove_public_port*]
+#   (optional) TCP port to connect to Trove API from public network
+#   Defaults to '8779'
+#
+# [*ks_nova_public_port*]
+#   (optional) TCP port to connect to Nova API from public network
+#   Defaults to '8774'
+#
+# [*ks_neutron_public_port*]
+#   (optional) TCP port to connect to Neutron API from public network
+#   Defaults to '9696'
+#
+# [*horizon_port*]
+#   (optional) Port used to connect to OpenStack Dashboard
+#   Defaults to '80'
+#
+# [*horizon_ssl_port*]
+#   (optional) Port used to connect to OpenStack Dashboard using SSL
+#   Defaults to '443'
+#
+# [*spice_port*]
+#   (optional) TCP port to connect to Nova spicehtmlproxy service.
+#   Defaults to '6082'
+#
+# [*rabbitmq_port*]
+#   (optional) Port of RabbitMQ service.
+#   Defaults to '5672'
+#
 # [*vip_public_ip*]
 #  (optional) Array or string for public VIP
 #  Should be part of keepalived_public_ips
@ -177,6 +387,14 @@
 #  (optional) Array or string for monitor VIP
 #  Defaults to false
 #
+# [*galera_ip*]
+#  (optional) An array of Galera IP
+#  Defaults to ['127.0.0.1']
+#
+# [*galera_slave*]
+#  (optional) A boolean to configure galera slave
+#  Defaults to false
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
--- a/manifests/network.pp
+++ b/manifests/network.pp
@ -35,16 +35,9 @@
 #   (optional) Set log output to debug output
 #   Defaults to true
 #
-# [*provider_vlan_ranges*]
-#   (optionnal) VLAN range for provider networks
-#   Defaults to ['physnet1:1000:2999']
-#
-# [*flat_networks*]
-#   (optionnal) List of physical_network names with which flat networks
-#   can be created. Use * to allow flat networks with arbitrary
-#   physical_network names.
-#   Should be an array.
-#   Default to ['public'].
+# [*api_eth*]
+#   (optional) Which interface we bind the Neutron API server.
+#   Defaults to '127.0.0.1'
 #
 # [*use_syslog*]
 #   (optional) Use syslog for logging
--- a/manifests/network/controller.pp
+++ b/manifests/network/controller.pp
@ -17,6 +17,73 @@
 #
 # === Parameters:
 #
+# [*neutron_db_host*]
+#   (optional) Host where user should be allowed all privileges for database.
+#   Defaults to 127.0.0.1
+#
+# [*neutron_db_user*]
+#   (optional) Name of neutron DB user.
+#   Defaults to trove
+#
+# [*neutron_db_password*]
+#   (optional) Password that will be used for the neutron db user.
+#   Defaults to 'neutronpassword'
+#
+# [*ks_neutron_password*]
+#   (optional) Password used by Neutron to connect to Keystone API
+#   Defaults to 'neutronpassword'
+#
+# [*ks_keystone_admin_host*]
+#   (optional) Admin Hostname or IP to connect to Keystone API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_keystone_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_keystone_public_port*]
+#   (optional) TCP port to connect to Keystone API from public network
+#   Defaults to '5000'
+#
+# [*ks_neutron_public_port*]
+#   (optional) TCP port to connect to Neutron API from public network
+#   Defaults to '9696'
+#
+# [*api_eth*]
+#   (optional) Which interface we bind the Neutron server.
+#   Defaults to '127.0.0.1'
+#
+# [*ks_admin_tenant*]
+#   (optional) Admin tenant name in Keystone
+#   Defaults to 'admin'
+#
+#
+# [*nova_url*]
+#   (optional) URL for connection to nova (Only supports one nova region
+#   currently).
+#   Defaults to 'http://127.0.0.1:8774/v2'
+#
+# [*nova_admin_auth_url*]
+#   (optional) Authorization URL for connection to nova in admin context.
+#   Defaults to 'http://127.0.0.1:5000/v2.0'
+#
+# [*nova_admin_username*]
+#   (optional) Username for connection to nova in admin context
+#   Defaults to 'nova'
+#
+# [*nova_admin_tenant_name*]
+#   (optional) The name of the admin nova tenant
+#   Defaults to 'services'
+#
+# [*nova_admin_password*]
+#   (optional) Password for connection to nova in admin context.
+#   Defaults to 'novapassword'
+#
+# [*nova_region_name*]
+#   (optional) Name of nova region to use. Useful if keystone manages more than
+#   one region.
+#   Defaults to 'RegionOne'
+#
 # [*manage_ext_network*]
 #   (optionnal) Manage or not external network with provider network API
 #   Defaults to false.
@ -41,6 +108,29 @@
 #   Supported values: 'ml2', 'n1kv'.
 #   Defaults to 'ml2'
 #
+# [*ks_keystone_admin_port*]
+#   (optional) TCP port to connect to Keystone API from admin network
+#   Defaults to '35357'
+#
+# [*provider_vlan_ranges*]
+#   (optionnal) VLAN range for provider networks
+#   Defaults to ['physnet1:1000:2999']
+#
+# [*flat_networks*]
+#   (optionnal) List of physical_network names with which flat networks
+#   can be created. Use * to allow flat networks with arbitrary
+#   physical_network names.
+#   Should be an array.
+#   Default to ['public'].
+#
+# [*n1kv_vsm_ip*]
+#   (required) N1KV VSM (Virtual Supervisor Module) VM's IP.
+#   Defaults to 127.0.0.1
+#
+# [*n1kv_vsm_password*]
+#   (required) N1KV VSM (Virtual Supervisor Module) password.
+#   Defaults to secrete
+#
 class cloud::network::controller(
  $neutron_db_host         = '127.0.0.1',
  $neutron_db_user         = 'neutron',
--- a/manifests/network/dhcp.pp
+++ b/manifests/network/dhcp.pp
@ -13,8 +13,29 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class:
+#
 # Network DHCP node
 #
+# === Parameters:
+#
+# [*veth_mtu*]
+#   (optional) Enforce the default virtual interface MTU (option 26)
+#   Defaults to 1500
+#
+# [*debug*]
+#   (optional) Set log output to debug output
+#   Defaults to true
+#
+# [*dnsmasq_dns_servers*]
+#   (optional) An array of DNS IP used to configure Virtual server resolver
+#   Defaults to false
+#
+# [*firewall_settings*]
+#   (optional) Allow to add custom parameters to firewall rules
+#   Should be an hash.
+#   Default to {}
+#
 class cloud::network::dhcp(
  $veth_mtu           = 1500,
  $debug              = true,
--- a/manifests/network/l3.pp
+++ b/manifests/network/l3.pp
@ -13,8 +13,28 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class:
+#
 # Network L3 node
 #
+# === Parameters:
+#
+# [*debug*]
+#   (optional) Set log output to debug output
+#   Defaults to true
+#
+# [*ext_provider_net*]
+#   (optional) Manage L3 with another provider
+#   Defaults to false
+#
+# [*external_int*]
+#   (optional) The name of the external nic
+#   Defaults to eth1
+#
+# [*manage_tso*]
+#  (optional) Disable TSO on Neutron interfaces
+#  Defaults to true
+#
 class cloud::network::l3(
  $external_int     = 'eth1',
  $ext_provider_net = false,
--- a/manifests/network/lbaas.pp
+++ b/manifests/network/lbaas.pp
@ -13,8 +13,20 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class:
+#
 # Network LBaaS node
 #
+# === Parameters:
+#
+# [*debug*]
+#   (optional) Set log output to debug output
+#   Defaults to true
+#
+# [*manage_haproxy_pkg*]
+#   (optional) Manage or not HAproxy package
+#   Defaults to true
+#
 class cloud::network::lbaas(
  $debug              = true,
  $manage_haproxy_pkg = true
--- a/manifests/network/metadata.pp
+++ b/manifests/network/metadata.pp
@ -16,6 +16,48 @@
 # Network Metadata node (need to be run once)
 # Could be managed by spof_node manifest
 #
+# === Parameters:
+#
+# [*enabled*]
+#   (optional) State of the metadata service.
+#   Defaults to true
+#
+# [*debug*]
+#   (optional) Set log output to debug output
+#   Defaults to true
+#
+# [*ks_neutron_password*]
+#   (optional) Password used by Neutron to connect to Keystone API
+#   Defaults to 'neutronpassword'
+#
+# [*neutron_metadata_proxy_shared_secret*]
+#   (optional) Shared secret to validate proxies Neutron metadata requests
+#   Defaults to 'metadatapassword'
+#
+# [*nova_metadata_server*]
+#   (optional) Hostname or IP of the Nova metadata server
+#   Defaults to '127.0.0.1'
+#
+# [*ks_keystone_admin_host*]
+#   (optional) Admin Hostname or IP to connect to Keystone API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_keystone_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_keystone_admin_port*]
+#   (optional) TCP port to connect to Keystone API from admin network
+#   Defaults to '35357'
+#
+# [*ks_nova_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*auth_region*]
+#   (optional) OpenStack Region Name
+#   Defaults to 'RegionOne'
+#
 class cloud::network::metadata(
  $enabled                              = true,
  $debug                                = true,
--- a/manifests/network/vswitch.pp
+++ b/manifests/network/vswitch.pp
@ -120,6 +120,15 @@
 #       Not applicable if 'n1kv_source' is a file. (Option-B above)
 #   Defaults to 'present'
 #
+# [*tunnel_types*]
+#   (optional) List of types of tunnels to use when utilizing tunnels.
+#   Supported tunnel types are: vxlan.
+#   Defaults to ['gre']
+#
+# [*n1kv_vsm_domain_id*]
+#   (optional) N1000 KV Domain ID (does nothing?)
+#   Defaults to 1000
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
--- a/manifests/object/controller.pp
+++ b/manifests/object/controller.pp
@ -19,6 +19,59 @@
 #
 # === Parameters:
 #
+# [*ks_keystone_admin_host*]
+#   (optional) Admin Hostname or IP to connect to Keystone API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_keystone_admin_port*]
+#   (optional) TCP port to connect to Keystone API from admin network
+#   Defaults to '35357'
+#
+# [*ks_keystone_internal_host*]
+#   (optional) Internal Hostname or IP to connect to Keystone API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_keystone_internal_port*]
+#   (optional) TCP port to connect to Keystone API from internal network
+#   Defaults to '5000'
+#
+# [*ks_keystone_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_keystone_admin_proto*]
+#   (optional) Protocol for admin endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_swift_internal_port*]
+#   (optional) TCP port to connect to Swift from internal network
+#   Defaults to '8080'
+#
+# [*ks_swift_password*]
+#   (optional) Password used by Swift to connect to Keystone API
+#   Defaults to 'swiftpassword'
+#
+# [*ks_swift_dispersion_password*]
+#   (optional) Password of the dispersion tenant, used for swift-dispersion-report
+#   and swift-dispersion-populate tools.
+#   Defaults to 'dispersion'
+#
+# [*api_eth*]
+#   (optional) Which interface we bind the Swift proxy server.
+#   Defaults to '127.0.0.1'
+#
+# [*memcache_servers*]
+#   (optionnal) Memcached servers used by Keystone. Should be an array.
+#   Defaults to ['127.0.0.1:11211']
+#
+# [*statsd_host*]
+#   (optional) Hostname or IP of the statd server.
+#   Defaults to '127.0.0.1'
+#
+# [*statsd_port*]
+#   (optional) TCP port of the statd server
+#   Defaults to '4125'
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
--- a/manifests/object/ringbuilder.pp
+++ b/manifests/object/ringbuilder.pp
@ -13,13 +13,33 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class: cloud::object::ringbuilder
+#
 # Swift ring builder node
 #
+# === Parameters:
+#
+# [*enabled*]
+#   (optional) Enable or not the Swift ringbuilder rsync server
+#   Defaults to false
+#
+# [*rsyncd_ipaddress*]
+#   (optional) Hostname or IP of the swift ringbuilder rsync daemon
+#   Defaults to '127.0.0.1'
+#
+# [*replicas*]
+#   (optional) Number of replicas to kept
+#   Defaults to '3'
+#
+# [*swift_rsync_max_connections*]
+#   (optional) Max number of connections to the rsync daemon
+#   Defaults to '5'
+#
 class cloud::object::ringbuilder(
-    $enabled                     = false,
-    $rsyncd_ipaddress            = '127.0.0.1',
-    $replicas                    = 3,
-    $swift_rsync_max_connections = 5,
+  $enabled                     = false,
+  $rsyncd_ipaddress            = '127.0.0.1',
+  $replicas                    = 3,
+  $swift_rsync_max_connections = 5,
 ) {

  include cloud::object
--- a/manifests/object/storage.pp
+++ b/manifests/object/storage.pp
@ -19,12 +19,48 @@
 #
 # === Parameters:
 #
+# [*storage_eth*]
+#   (optional) IP or hostname of the Swift storage node
+#   Defaults to '127.0.0.1'
+#
+# [*swift_zone*]
+#   (optional) Name of the swift zone
+#   Defaults to undef
+#
+# [*object_port*]
+#   (optional) TCP port number of the Object middleware
+#   Defaults to '6000'
+#
+# [*container_port*]
+#   (optional) TCP port number of the container middleware
+#   Defaults to '6001'
+#
+# [*account_port*]
+#   (optional) TCP port number of the account middleware
+#   Defaults to '6002'
+#
+# [*fstype*]
+#   (optional) Name of the File-System type
+#   Defaults to 'xfs'
+#
+# [*device_config_hash*]
+#   (optional) A hash of options to pass to io scheduler
+#   Defaults to {}
+#
+# [*ring_container_device*]
+#   (optional) The name of the container device
+#   Defaults to 'sdb'
+#
+# [*ring_account_device*]
+#   (optional) The name of the account device
+#   Defaults to 'sdb'
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
 #   Default to {}
 #
-class cloud::object::storage (
+class cloud::object::storage(
  $storage_eth           = '127.0.0.1',
  $swift_zone            = undef,
  $object_port           = '6000',
--- a/manifests/orchestration.pp
+++ b/manifests/orchestration.pp
@ -91,6 +91,10 @@
 #   (optional) Syslog facility to receive log lines
 #   Defaults to 'LOG_LOCAL0'
 #
+# [*os_endpoint_type*]
+#   (optional) The type of the OpenStack endpoint (public/internal/admin) URL
+#   Defaults to 'publicURL'
+#
 class cloud::orchestration(
  $ks_keystone_internal_host  = '127.0.0.1',
  $ks_keystone_internal_port  = '5000',
@ -151,7 +155,7 @@ class cloud::orchestration(
  # Note(EmilienM):
  # We check if DB tables are created, if not we populate Heat DB.
  # It's a hack to fit with our setup where we run MySQL/Galera
-  # TODO(Gonéri)
+  # TODO(Goneri)
  # We have to do this only on the primary node of the galera cluster to avoid race condition
  # https://github.com/enovance/puppet-openstack-cloud/issues/156
  exec {'heat_db_sync':
--- a/manifests/orchestration/api.pp
+++ b/manifests/orchestration/api.pp
@ -19,6 +19,26 @@
 #
 # === Parameters:
 #
+# [*ks_heat_internal_port*]
+#   (optional) TCP port to connect to Heat API from public network
+#   Defaults to '8004'
+#
+# [*ks_heat_cfn_internal_port*]
+#   (optional) TCP port to connect to Heat API from public network
+#   Defaults to '8000'
+#
+# [*ks_heat_cloudwatch_internal_port*]
+#   (optional) TCP port to connect to Heat API from public network
+#   Defaults to '8003'
+#
+# [*api_eth*]
+#   (optional) Which interface we bind the Heat server.
+#   Defaults to '127.0.0.1'
+#
+# [*workers*]
+#   (optional) The number of Heat API workers
+#   Defaults to $::processorcount
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
--- a/manifests/orchestration/engine.pp
+++ b/manifests/orchestration/engine.pp
@ -13,9 +13,41 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class: cloud::orchestration::engine
+#
 # Orchestration engine node (should be run once)
 # Could be managed by spof node as Active / Passive.
 #
+# === Parameters:
+#
+# [*enabled*]
+#   (optional) State of the orchestration engine service.
+#   Defaults to true
+#
+# [*ks_heat_public_host*]
+#   (optional) Public Hostname or IP to connect to Heat API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_heat_public_proto*]
+#   (optional) Protocol used to connect to API. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_heat_password*]
+#   (optional) Password used by Heat to connect to Keystone API
+#   Defaults to 'heatpassword'
+#
+# [*ks_heat_cfn_public_port*]
+#   (optional) TCP port to connect to Heat API from public network
+#   Defaults to '8000'
+#
+# [*ks_heat_cloudwatch_public_port*]
+#   (optional) TCP port to connect to Heat API from public network
+#   Defaults to '8003'
+#
+#  [*auth_encryption_key*]
+#    (optional) Encryption key used for authentication info in database
+#    Defaults to 'secrete'
+#
 class cloud::orchestration::engine(
  $enabled                        = true,
  $ks_heat_public_host            = '127.0.0.1',
--- a/manifests/selinux.pp
+++ b/manifests/selinux.pp
@ -29,7 +29,7 @@
 #   Defaults to '/usr/share/selinux'
 #
 # [*booleans*]
-#   (optional) Set of booleans to persistenly enables
+#   (optional) Set of booleans to persistently enables
 #   SELinux booleans are the one getsebool -a returns
 #   Defaults []
 #   Example: ['rsync_full_access', 'haproxy_connect_any']
--- a/manifests/spof.pp
+++ b/manifests/spof.pp
@ -35,6 +35,10 @@
 #   Should be an hash.
 #   Default to {}
 #
+# [*cluster_password*]
+#   (optionnal) Password of the pacemaker cluster
+#   Defaults to 'secrete'
+#
 class cloud::spof(
  $cluster_ip        = '127.0.0.1',
  $cluster_members   = false,
--- a/manifests/storage/rbd.pp
+++ b/manifests/storage/rbd.pp
@ -13,6 +13,21 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class: cloud::storage::rbd
+#
+# === Parameters:
+#
+# [*fsid*] The cluster's fsid.
+#   Mandatory. Get one with `uuidgen -r`.
+#
+# [*cluster_network*]
+#   (optional) The cluster internal network
+#   Defaults to '127.0.0.1/24'
+#
+# [*public_network*]
+#   (optional) The cluster public (where clients are) network
+#   Defaults to '127.0.0.1/24'
+#
 class cloud::storage::rbd (
  $fsid            = undef,
  $cluster_network = '127.0.0.1/24',
--- a/manifests/storage/rbd/key.pp
+++ b/manifests/storage/rbd/key.pp
@ -13,6 +13,14 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class: cloud::storage::rbd::key
+#
+# === Parameters:
+#
+# [*enabled*]
+#   (optional) Configure or not the ceph admin keyring
+#   Defaults to true
+#
 class cloud::storage::rbd::key (
  $enabled = false
 ) {
--- a/manifests/storage/rbd/monitor.pp
+++ b/manifests/storage/rbd/monitor.pp
@ -13,6 +13,29 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class: cloud::storage::rbd::monitor
+#
+# Ceph monitor
+#
+# === Parameters:
+#
+# [*id*]
+#   (optional) Then uuid of the cluster
+#   Defaults to $::uniqueid
+#
+# [*mon_addr*]
+#   (optional) Which interface we bind the Ceph monitor
+#   Defaults to '127.0.0.1'
+#
+# [*monitor_secret*]]
+#   (optional) Password of the Ceph monitor
+#   Defaults to 'cephsecret'
+#
+# [*firewall_settings*]
+#   (optional) Allow to add custom parameters to firewall rules
+#   Should be an hash.
+#   Default to {}
+#
 class cloud::storage::rbd::monitor (
  $id                = $::uniqueid,
  $mon_addr          = '127.0.0.1',
--- a/manifests/storage/rbd/osd.pp
+++ b/manifests/storage/rbd/osd.pp
@ -13,6 +13,30 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class: cloud::storage::rbd::osd
+#
+# Ceph OSD
+#
+# === Parameters:
+#
+# [*public_address*]
+#   (optional) Which interface we bind the Ceph OSD
+#   Defaults to '127.0.0.1'
+#
+# [*cluster_address*]
+#   (optional) Which interface we bind internal the Ceph OSD
+#   Defaults to '127.0.0.1'
+#
+# [*devices*]]
+#   (optional) An array of device, should be full-qualified or short.
+#   Defaults to ['sdb','/dev/sdc']
+#
+# [*firewall_settings*]
+#   (optional) Allow to add custom parameters to firewall rules
+#   Should be an hash.
+#   Default to {}
+#
+
 class cloud::storage::rbd::osd (
  $public_address    = '127.0.0.1',
  $cluster_address   = '127.0.0.1',
--- a/manifests/storage/rbd/pools.pp
+++ b/manifests/storage/rbd/pools.pp
@ -13,6 +13,47 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class: cloud::storage::rbd::pools
+#
+# Configure Ceph RBD pools (images,volumes,backup,nova)
+#
+# === Parameters:
+#
+# [*setup_pools*]
+#   (optional) Create or not Ceph pools
+#   Defaults to false
+#
+# [*glance_rbd_pool*]
+#   (optional) Name of the Ceph pool which which store the glance images
+#   Defaults to 'images'
+#
+# [*glance_rbd_user*]
+#   (optional) User name used to acces to the glance rbd pool
+#   Defaults to 'glance'
+#
+# [*ceph_fsid*] The cluster's fsid.
+#   Mandatory. Get one with `uuidgen -r`.
+#
+# [*cinder_backup_pool*]
+#   (optional) Name of the Ceph pool which which store the cinder backups
+#   Defaults to 'volumes'
+#
+# [*cinder_backup_user*]
+#   (optional) User name used to acces to the backup rbd pool
+#   Defaults to 'cinder'
+#
+# [*cinder_rbd_pool*]
+#   (optional) Name of the Ceph pool which which store the cinder images
+#   Defaults to 'volumes'
+#
+# [*cinder_rbd_user*]
+#   (optional) User name used to acces to the cinder rbd pool
+#   Defaults to 'cinder'
+#
+# [*nova_rbd_pool*]
+#   (optional) The RADOS pool in which rbd volumes are stored.
+#   Defaults to 'vms'
+#
 class cloud::storage::rbd::pools(
  $setup_pools          = false,
  $glance_rbd_user      = 'glance',
--- a/manifests/telemetry.pp
+++ b/manifests/telemetry.pp
@ -36,6 +36,14 @@
 #   (optional) Internal Hostname or IP to connect to Keystone API
 #   Defaults to '127.0.0.1'
 #
+# [*ks_keystone_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_keystone_internal_port*]
+#   (optional) TCP port to connect to Keystone API from internal network
+#   Defaults to '5000'
+#
 # [*ks_keystone_admin_host*]
 #   (optional) Admin Hostname or IP to connect to Keystone API
 #   Defaults to '127.0.0.1'
@ -68,6 +76,10 @@
 #   (optional) the keystone region of this node
 #   Defaults to 'RegionOne'
 #
+# [*os_endpoint_type*]
+#   (optional) The type of the OpenStack endpoint (public/internal/admin) URL
+#   Defaults to 'publicURL'
+#
 class cloud::telemetry(
  $ceilometer_secret          = 'ceilometersecret',
  $rabbit_hosts               = ['127.0.0.1:5672'],
--- a/manifests/telemetry/api.pp
+++ b/manifests/telemetry/api.pp
@ -19,6 +19,26 @@
 #
 # === Parameters:
 #
+# [*ks_keystone_internal_host*]
+#   (optional) Internal Hostname or IP to connect to Keystone API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_keystone_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_ceilometer_password*]
+#   (optional) Password used by Ceilometer to connect to Keystone API
+#   Defaults to 'ceilometerpassword'
+#
+# [*ks_ceilometer_internal_port*]
+#   (optional) TCP port to connect to Ceilometer API from public network
+#   Defaults to '8777'
+#
+# [*api_eth*]
+#   (optional) Which interface we bind the Ceilometer API server.
+#   Defaults to '127.0.0.1'
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
--- a/manifests/telemetry/centralagent.pp
+++ b/manifests/telemetry/centralagent.pp
@ -13,9 +13,18 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+#
+# == Class: cloud::telemetry::centralagent
+#
 # Telemetry Central Agent node (should be run once)
 # Could be managed by spof node as Active / Passive.
 #
+# === Parameters:
+#
+# [*enabled*]
+#   (optional) State of the telemetry central agent service.
+#   Defaults to true
+#
 class cloud::telemetry::centralagent(
  $enabled = true,
 ){
--- a/manifests/telemetry/collector.pp
+++ b/manifests/telemetry/collector.pp
@ -13,8 +13,21 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+#
+# == Class: cloud::telemetry::collector
+#
 # Telemetry Collector nodes
 #
+# === Parameters:
+#
+# [*mongo_nodes*]
+#   (optional) An array of mongo db nodes
+#   Defaults to ['127.0.0.1:27017']
+#
+# [*replicaset_enabled*]
+#   (optional) Enable or not mongo replicat (using ceilometer name)
+#   Defaults to true
+#
 class cloud::telemetry::collector(
  $mongo_nodes        = ['127.0.0.1:27017'],
  $replicaset_enabled = true,
--- a/manifests/volume.pp
+++ b/manifests/volume.pp
@ -56,6 +56,14 @@
 #   (optional) Syslog facility to receive log lines
 #   Defaults to 'LOG_LOCAL0'
 #
+# [*storage_availability_zone*]
+#   (optional) The storage availability zone
+#   Defaults to 'nova'
+#
+# [*nova_endpoint_type*]
+#   (optional) The type of the OpenStack endpoint (public/internal/admin) URL
+#   Defaults to 'publicURL'
+#
 class cloud::volume(
  $cinder_db_host             = '127.0.0.1',
  $cinder_db_user             = 'cinder',
@ -111,7 +119,7 @@ class cloud::volume(
  # Note(EmilienM):
  # We check if DB tables are created, if not we populate Cinder DB.
  # It's a hack to fit with our setup where we run MySQL/Galera
-  # TODO(Gonéri)
+  # TODO(Goneri)
  # We have to do this only on the primary node of the galera cluster to avoid race condition
  # https://github.com/enovance/puppet-openstack-cloud/issues/156
  exec {'cinder_db_sync':
--- a/manifests/volume/api.pp
+++ b/manifests/volume/api.pp
@ -19,6 +19,44 @@
 #
 # === Parameters:
 #
+# [*default_volume_type*]
+#   (required) default volume type to use.
+#   This should contain the name of the default volume type to use.
+#   If not configured, it produces an error when creating a volume
+#   without specifying a type.
+#
+# [*ks_cinder_internal_port*]
+#   (optional) TCP port to connect to Cinder API from public network
+#   Defaults to '8776'
+#
+# [*ks_keystone_internal_host*]
+#   (optional) Internal Hostname or IP to connect to Keystone API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_keystone_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
+# [*ks_glance_internal_host*]
+#   (optional) Internal Hostname or IP to connect to Glance API
+#   Defaults to '127.0.0.1'
+#
+# [*ks_cinder_password*]
+#   (optional) Password used by Cinder to connect to Keystone API
+#   Defaults to 'cinderpassword'
+#
+# [*ks_glance_api_internal_port*]
+#   (optional) TCP port to connect to Glance API from public network
+#   Defaults to '9292'
+#
+# [*api_eth*]
+#   (optional) Which interface we bind the Cinder API server.
+#   Defaults to '127.0.0.1'
+#
+# [*ks_glance_internal_proto*]
+#   (optional) Protocol for public endpoint. Could be 'http' or 'https'.
+#   Defaults to 'http'
+#
 # [*firewall_settings*]
 #   (optional) Allow to add custom parameters to firewall rules
 #   Should be an hash.
--- a/manifests/volume/backup.pp
+++ b/manifests/volume/backup.pp
@ -13,8 +13,20 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
+# == Class:
+#
 # Volume Backup node
 #
+# === Parameters
+#
+# [*backup_ceph_pool*]
+#   (optional) Name of the Ceph pool which which store the cinder backups
+#   Defaults to 'backup'
+#
+# [*backup_ceph_user*]
+#   (optional) User name used to acces to the backup rbd pool
+#   Defaults to 'cinder'
+#
 class cloud::volume::backup(
  $backup_ceph_pool = 'backup',
  $backup_ceph_user = 'cinder'
--- a/manifests/volume/storage.pp
+++ b/manifests/volume/storage.pp
@ -47,6 +47,32 @@
 #   }
 #   Defaults to undef
 #
+# [*cinder_rbd_pool*]
+#   (optional) Name of the Ceph pool which which store the cinder images
+#   Defaults to 'volumes'
+#
+# [*cinder_rbd_user*]
+#   (optional) User name used to acces to the cinder rbd pool
+#   Defaults to 'cinder'
+#
+# [*cinder_rbd_secret_uuid*]
+#   (optional) A required parameter to use cephx.
+#   Defaults to false
+#
+# [*cinder_rbd_conf*]
+#   (optional) Path to the ceph configuration file to use
+#   Defaults to '/etc/ceph/ceph.conf'
+#
+# [*cinder_rbd_flatten_volume_from_snapshot*]
+#   (optional) Enable flatten volumes created from snapshots.
+#   Defaults to false
+#
+# [*cinder_rbd_max_clone_depth*]
+#   (optional) Maximum number of nested clones that can be taken of a
+#   volume before enforcing a flatten prior to next clone.
+#   A value of zero disables cloning
+#   Defaults to '5'
+#
 class cloud::volume::storage(
  $cinder_backends                         = undef,
  $ks_keystone_internal_proto              = 'http',