diff --git a/Gemfile b/Gemfile index c9a158a7..790afc57 100644 --- a/Gemfile +++ b/Gemfile @@ -3,6 +3,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false gem 'puppet-lint' + gem 'puppet-lint-param-docs', '1.1.0' gem 'metadata-json-lint' gem 'rake', '10.1.1' gem 'puppet-syntax' diff --git a/manifests/compute.pp b/manifests/compute.pp index e67173ab..33b10c07 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -48,6 +48,10 @@ # (optional) Internal Hostname or IP to connect to Glance API # Defaults to '127.0.0.1' # +# [*ks_glance_internal_proto*] +# (optional) Internal protocol to connect to Glance API +# Defaults to 'http' +# # [*glance_api_port*] # (optional) TCP port to connect to Glance API # Defaults to '9292' @@ -68,10 +72,34 @@ # (optional) Syslog facility to receive log lines # Defaults to 'LOG_LOCAL0' # +# [*neutron_endpoint*] +# (optional) Host running auth service. +# Defaults to '127.0.0.1' +# +# [*neutron_protocol*] +# (optional) Protocol to connect to Neutron service. +# Defaults to 'http' +# +# [*neutron_password*] +# (optional) Password to connect to Neutron service. +# Defaults to 'neutronpassword' +# +# [*neutron_region_name*] +# (optional) Name of the Neutron Region. +# Defaults to 'RegionOne' +# # [*memcache_servers*] # (optionnal) Memcached servers used by Keystone. Should be an array. # Defaults to ['127.0.0.1:11211'] # +# [*availability_zone*] +# (optional) Name of the default Nova availability zone. +# Defaults to 'RegionOne' +# +# [*cinder_endpoint_type*] +# (optional) Cinder endpoint type to use. +# Defaults to 'publicURL' +# class cloud::compute( $nova_db_host = '127.0.0.1', $nova_db_use_slave = false, @@ -157,7 +185,7 @@ class cloud::compute( # Note(EmilienM): # We check if DB tables are created, if not we populate Nova DB. # It's a hack to fit with our setup where we run MySQL/Galera - # TODO(Gonéri) + # TODO(Goneri) # We have to do this only on the primary node of the galera cluster to avoid race condition # https://github.com/enovance/puppet-openstack-cloud/issues/156 exec {'nova_db_sync': diff --git a/manifests/compute/api.pp b/manifests/compute/api.pp index 7c745f88..75abc2a3 100644 --- a/manifests/compute/api.pp +++ b/manifests/compute/api.pp @@ -19,6 +19,39 @@ # # === Parameters: # +# [*ks_keystone_internal_host*] +# (optional) Internal Hostname or IP to connect to Keystone API +# Defaults to '127.0.0.1' +# +# [*ks_keystone_internal_proto*] +# (optional) Protocol used to connect to Keystone API. +# Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_nova_password*] +# (optional) Password used by Nova to connect to Keystone API +# Defaults to 'novapassword' +# +# [*neutron_metadata_proxy_shared_secret*] +# (optional) Shared secret to validate proxies Neutron metadata requests +# Defaults to 'metadatapassword' +# +# [*api_eth*] +# (optional) Hostname or IP to bind Nova API. +# Defaults to '127.0.0.1' +# +# [*ks_nova_public_port*] +# (optional) TCP port for bind Nova API. +# Defaults to '8774' +# +# [*ks_ec2_public_port*] +# (optional) TCP port for bind Nova EC2 API. +# Defaults to '8773' +# +# [*ks_metadata_public_port*] +# (optional) TCP port for bind Nova metadata API. +# Defaults to '8775' +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. diff --git a/manifests/compute/consoleproxy.pp b/manifests/compute/consoleproxy.pp index 69ecb5dc..30cda4db 100644 --- a/manifests/compute/consoleproxy.pp +++ b/manifests/compute/consoleproxy.pp @@ -13,8 +13,25 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: cloud::compute::consoleproxy +# # Compute Proxy Console node # +# === Parameters: +# +# [*api_eth*] +# (optional) Hostname or IP to bind Nova spicehtmlproxy service. +# Defaults to '127.0.0.1' +# +# [*spice_port*] +# (optional) TCP port to bind Nova spicehtmlproxy service. +# Defaults to '6082' +# +# [*firewall_settings*] +# (optional) Allow to add custom parameters to firewall rules +# Should be an hash. +# Default to {} +# class cloud::compute::consoleproxy( $api_eth = '127.0.0.1', $spice_port = '6082', diff --git a/manifests/compute/hypervisor.pp b/manifests/compute/hypervisor.pp index 6ad5b08c..d37c4d7c 100644 --- a/manifests/compute/hypervisor.pp +++ b/manifests/compute/hypervisor.pp @@ -19,6 +19,51 @@ # # === Parameters: # +# [*server_proxyclient_address*] +# (optional) Hostname or IP used to connect to Spice service. +# Defaults to '127.0.0.1' +# +# [*libvirt_type*] +# (optional) Libvirt domain type. Options are: kvm, lxc, qemu, uml, xen +# Replaces libvirt_type +# Defaults to 'kvm' +# +# [*ks_nova_public_proto*] +# (optional) Protocol used to connect to API. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_nova_public_host*] +# (optional) Public Hostname or IP to connect to Nova API +# Defaults to '127.0.0.1' +# +# [*nova_ssh_public_key*] +# (optional) Install public key in .ssh/authorized_keys for the 'nova' user. +# Note: this parameter use the 'content' provider of Puppet, in consequence +# you must provide the entire ssh public key in this parameter. +# Defaults to undef +# +# [*nova_ssh_private_key*] +# (optional) Install private key into .ssh/id_rsa. +# Note: this parameter use the 'content' provider of Puppet, in consequence +# you must provide the entire ssh privatekey in this parameter. +# Defaults to undef +# +# [*spice_port*] +# (optional) TCP port to connect to Nova spicehtmlproxy service. +# Defaults to '6082' +# +# [*cinder_rbd_user*] +# (optional) The RADOS client name for accessing rbd volumes. +# Defaults to 'cinder' +# +# [*nova_rbd_pool*] +# (optional) The RADOS pool in which rbd volumes are stored. +# Defaults to 'vms' +# +# [*nova_rbd_secret_uuid*] +# (optional) The libvirt uuid of the secret for the cinder_rbd_user. +# Defaults to undef +# # [*vm_rbd*] # (optional) Enable or not ceph capabilities on compute node to store # nova instances on ceph storage. @@ -61,6 +106,14 @@ # Need to be a valid shell path. # Defaults to false # +# [*ks_spice_public_proto*] +# (optional) Protocol used to connect to Spice service. +# Defaults to false (use nova_public_proto) +# +# [*ks_spice_public_host*] +# (optional) Hostname or IP used to connect to Spice service. +# Defaults to false (use nova_public_host) +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. diff --git a/manifests/dashboard.pp b/manifests/dashboard.pp index 916e5d88..d455f786 100644 --- a/manifests/dashboard.pp +++ b/manifests/dashboard.pp @@ -32,6 +32,10 @@ # (optional) Port used to connect to OpenStack Dashboard # Defaults to '80' # +# [*horizon_ssl_port*] +# (optional) Port used to connect to OpenStack Dashboard using SSL +# Defaults to '443' +# # [*api_eth*] # (optional) Which interface we bind the Horizon server. # Defaults to '127.0.0.1' @@ -75,6 +79,21 @@ # Useful when activating SSL binding on HAproxy and not in Horizon. # Defaults to false # +# [*os_endpoint_type*] +# (optional) endpoint type to use for the endpoints in the Keystone +# service catalog. Defaults to 'undef'. +# +# [*allowed_hosts*] +# (optional) List of hosts which will be set as value of ALLOWED_HOSTS +# parameter in settings_local.py. This is used by Django for +# security reasons. Can be set to * in environments where security is +# deemed unimportant. +# Defaults to ::fqdn. +# +# [*vhost_extra_params*] +# (optionnal) extra parameter to pass to the apache::vhost class +# Defaults to {} +# # [*neutron_extra_options*] # (optional) Enable optional services provided by neutron # Useful when using cisco n1kv plugin, vpnaas or fwaas. @@ -152,7 +171,7 @@ class cloud::dashboard( } if ($::osfamily == 'Debian') { - # TODO(Gonéri): HACK to ensure Horizon can cache its files + # TODO(Goneri): HACK to ensure Horizon can cache its files $horizon_var_dir = ['/var/lib/openstack-dashboard/static/js','/var/lib/openstack-dashboard/static/css'] file {$horizon_var_dir: ensure => directory, diff --git a/manifests/database/dbaas.pp b/manifests/database/dbaas.pp index 51f83ec3..2c1ee47b 100644 --- a/manifests/database/dbaas.pp +++ b/manifests/database/dbaas.pp @@ -39,17 +39,17 @@ # (optional) Password to connect to nova queues. # Defaults to 'rabbitpassword' # -# [*nova_proxy_admin_user*] -# (optional) Admin username used to connect to nova. -# Defaults to 'admin' +# [*nova_admin_username*] +# (optional) Trove username used to connect to nova. +# Defaults to 'trove' # -# [*nova_proxy_admin_pass*] -# (optional) Admin password used to connect to nova. +# [*nova_admin_password*] +# (optional) Trove password used to connect to nova. # Defaults to 'trovepassword' # -# [*nova_proxy_admin_tenant_name*] -# (optional) Admin tenant name used to connect to nova. -# Defaults to 'admin' +# [*nova_admin_tenant_name*] +# (optional) Trove tenant name used to connect to nova. +# Defaults to 'services' # class cloud::database::dbaas( $trove_db_host = '127.0.0.1', diff --git a/manifests/database/dbaas/api.pp b/manifests/database/dbaas/api.pp index e0213987..1c7b4b11 100644 --- a/manifests/database/dbaas/api.pp +++ b/manifests/database/dbaas/api.pp @@ -19,6 +19,43 @@ # # === Parameters: # +# [*ks_trove_password*] +# (required) Password used by trove for Keystone authentication. +# Default: 'trovepassword' +# +# [*verbose*] +# (optional) Rather to log the trove api service at verbose level. +# Default: true +# +# [*debug*] +# (optional) Rather to log the trove api service at debug level. +# Default: true +# +# [*use_syslog*] +# (optional) Use syslog for logging. +# Defaults to true +# +# [*api_eth*] +# (optional) Hostname or IP to bind Trove API. +# Defaults to '127.0.0.1' +# +# [*ks_trove_public_port*] +# (optional) TCP public port used to connect to Trove API. +# Defaults to '8779' +# +# [*ks_keystone_internal_host*] +# (optional) Internal Hostname or IP to connect to Keystone API +# Defaults to '127.0.0.1' +# +# [*ks_keystone_internal_port*] +# (optional) TCP internal port used to connect to Keystone API. +# Defaults to '5000' +# +# [*ks_keystone_internal_proto*] +# (optional) Protocol used to connect to Keystone API. +# Could be 'http' or 'https'. +# Defaults to 'http' +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. diff --git a/manifests/database/dbaas/conductor.pp b/manifests/database/dbaas/conductor.pp index 90177b3c..6787b0ba 100644 --- a/manifests/database/dbaas/conductor.pp +++ b/manifests/database/dbaas/conductor.pp @@ -17,6 +17,32 @@ # # Class to install Conductor service of OpenStack Database as a Service (Trove) # +# === Parameters: +# +# [*ks_keystone_internal_host*] +# (optional) Internal Hostname or IP to connect to Keystone API +# Defaults to '127.0.0.1' +# +# [*ks_keystone_internal_port*] +# (optional) TCP internal port used to connect to Keystone API. +# Defaults to '5000' +# +# [*ks_keystone_internal_proto*] +# (optional) Protocol used to connect to Keystone API. +# Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*verbose*] +# (optional) Rather to log the trove api service at verbose level. +# Default: true +# +# [*debug*] +# (optional) Rather to log the trove api service at debug level. +# Default: true +# +# [*use_syslog*] +# (optional) Use syslog for logging. +# Defaults to true # class cloud::database::dbaas::conductor( $ks_keystone_internal_host = '127.0.0.1', diff --git a/manifests/database/dbaas/taskmanager.pp b/manifests/database/dbaas/taskmanager.pp index 3c3349c5..47b72785 100644 --- a/manifests/database/dbaas/taskmanager.pp +++ b/manifests/database/dbaas/taskmanager.pp @@ -17,6 +17,32 @@ # # Class to install Taskmanager service of OpenStack Database as a Service (Trove) # +# === Parameters: +# +# [*ks_keystone_internal_host*] +# (optional) Internal Hostname or IP to connect to Keystone API +# Defaults to '127.0.0.1' +# +# [*ks_keystone_internal_port*] +# (optional) TCP internal port used to connect to Keystone API. +# Defaults to '5000' +# +# [*ks_keystone_internal_proto*] +# (optional) Protocol used to connect to Keystone API. +# Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*verbose*] +# (optional) Rather to log the trove api service at verbose level. +# Default: true +# +# [*debug*] +# (optional) Rather to log the trove api service at debug level. +# Default: true +# +# [*use_syslog*] +# (optional) Use syslog for logging. +# Defaults to true # class cloud::database::dbaas::taskmanager( $ks_keystone_internal_host = '127.0.0.1', diff --git a/manifests/database/sql.pp b/manifests/database/sql.pp index 0b524075..9ed76716 100644 --- a/manifests/database/sql.pp +++ b/manifests/database/sql.pp @@ -7,7 +7,7 @@ # # http://www.apache.org/licenses/LICENSE-2.0 # -# Unless required by applicable law or agreed to in writing, software +# Unless optional by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations @@ -17,18 +17,172 @@ # # === Parameters # +# [*api_eth*] +# (optional) Hostname or IP to bind MySQL daemon. +# Defaults to '127.0.0.1' +# +# [*galera_master_name*] +# (optional) Hostname or IP of the Galera master node, databases and users +# resources are created on this node and propagated on the cluster. +# Defaults to 'mgmt001' +# # [*galera_internal_ips*] -# Array of internal ip of the galera nodes. +# (optional) Array of internal ip of the galera nodes. # Defaults to ['127.0.0.1'] # +# [*galera_gcache*] +# (optional) Size of the Galera gcache +# wsrep_provider_options, for master/slave mode +# Defaults to '1G' +# +# [*keystone_db_host*] +# (optional) Host where user should be allowed all privileges for database. +# Defaults to 127.0.0.1 +# +# [*keystone_db_user*] +# (optional) Name of keystone DB user. +# Defaults to trove +# +# [*keystone_db_password*] +# (optional) Password that will be used for the Keystone db user. +# Defaults to 'keystonepassword' +# +# [*keystone_db_allowed_hosts*] +# (optional) Hosts allowed to use the database +# Defaults to ['127.0.0.1'] +# +# [*cinder_db_host*] +# (optional) Host where user should be allowed all privileges for database. +# Defaults to 127.0.0.1 +# +# [*cinder_db_user*] +# (optional) Name of cinder DB user. +# Defaults to trove +# +# [*cinder_db_password*] +# (optional) Password that will be used for the cinder db user. +# Defaults to 'cinderpassword' +# +# [*cinder_db_allowed_hosts*] +# (optional) Hosts allowed to use the database +# Defaults to ['127.0.0.1'] +# +# [*glance_db_host*] +# (optional) Host where user should be allowed all privileges for database. +# Defaults to 127.0.0.1 +# +# [*glance_db_user*] +# (optional) Name of glance DB user. +# Defaults to trove +# +# [*glance_db_password*] +# (optional) Password that will be used for the glance db user. +# Defaults to 'glancepassword' +# +# [*glance_db_allowed_hosts*] +# (optional) Hosts allowed to use the database +# Defaults to ['127.0.0.1'] +# +# [*heat_db_host*] +# (optional) Host where user should be allowed all privileges for database. +# Defaults to 127.0.0.1 +# +# [*heat_db_user*] +# (optional) Name of heat DB user. +# Defaults to trove +# +# [*heat_db_password*] +# (optional) Password that will be used for the heat db user. +# Defaults to 'heatpassword' +# +# [*heat_db_allowed_hosts*] +# (optional) Hosts allowed to use the database +# Defaults to ['127.0.0.1'] +# +# [*nova_db_host*] +# (optional) Host where user should be allowed all privileges for database. +# Defaults to 127.0.0.1 +# +# [*nova_db_user*] +# (optional) Name of nova DB user. +# Defaults to trove +# +# [*nova_db_password*] +# (optional) Password that will be used for the nova db user. +# Defaults to 'novapassword' +# +# [*nova_db_allowed_hosts*] +# (optional) Hosts allowed to use the database +# Defaults to ['127.0.0.1'] +# +# [*neutron_db_host*] +# (optional) Host where user should be allowed all privileges for database. +# Defaults to 127.0.0.1 +# +# [*neutron_db_user*] +# (optional) Name of neutron DB user. +# Defaults to trove +# +# [*neutron_db_password*] +# (optional) Password that will be used for the neutron db user. +# Defaults to 'neutronpassword' +# +# [*neutron_db_allowed_hosts*] +# (optional) Hosts allowed to use the database +# Defaults to ['127.0.0.1'] +# +# [*trove_db_host*] +# (optional) Host where user should be allowed all privileges for database. +# Defaults to 127.0.0.1 +# +# [*trove_db_user*] +# (optional) Name of trove DB user. +# Defaults to trove +# +# [*trove_db_password*] +# (optional) Password that will be used for the trove db user. +# Defaults to 'trovepassword' +# +# [*trove_db_allowed_hosts*] +# (optional) Hosts allowed to use the database +# Defaults to ['127.0.0.1'] +# +# [*mysql_root_password*] +# (optional) The MySQL root password. +# Puppet will attempt to set the root password and update `/root/.my.cnf` with it. +# Defaults to 'rootpassword' +# +# [*mysql_sys_maint_password*] +# (optional) The MySQL debian-sys-maint password. +# Debian only parameter. +# Defaults to 'sys_maint' +# +# [*galera_clustercheck_dbuser*] +# (optional) The MySQL username for Galera cluster check (using monitoring database) +# Defaults to 'clustercheckdbuser' +# +# [*galera_clustercheck_dbpassword*] +# (optional) The MySQL password for Galera cluster check +# Defaults to 'clustercheckpassword' +# +# [*galera_clustercheck_ipaddress*] +# (optional) The name or ip address of host running monitoring database (clustercheck) +# Defaults to '127.0.0.1' +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. # Default to {} # +# ==== Deprecated parameters: +# +# [*service_provider*] +# Previously used to choose between sysv and systemd, yes suppressed +# because this subject is potentially a troll :-D +# Defaults to 'sysv' +# class cloud::database::sql ( $api_eth = '127.0.0.1', - $service_provider = 'sysv', $galera_master_name = 'mgmt001', $galera_internal_ips = ['127.0.0.1'], $galera_gcache = '1G', @@ -66,6 +220,8 @@ class cloud::database::sql ( $galera_clustercheck_dbpassword = 'clustercheckpassword', $galera_clustercheck_ipaddress = '127.0.0.1', $firewall_settings = {}, + # DEPRECATED PARAMETERS + $service_provider = 'sysv', ) { include 'xinetd' @@ -328,7 +484,7 @@ class cloud::database::sql ( # The puppet-xinetd module do not correctly reload # the configuration on “notify” - # TODO(Gonéri): remove this once https://github.com/puppetlabs/puppetlabs-xinetd/pull/9 + # TODO(Goneri): remove this once https://github.com/puppetlabs/puppetlabs-xinetd/pull/9 # get merged exec{ 'reload_xinetd': command => '/usr/bin/pkill -F /var/run/xinetd.pid --signal HUP', diff --git a/manifests/firewall/post.pp b/manifests/firewall/post.pp index 69600527..33a80bbe 100644 --- a/manifests/firewall/post.pp +++ b/manifests/firewall/post.pp @@ -17,6 +17,17 @@ # # Firewall rules during 'post' Puppet stage # +# === Parameters: +# +# [*debug*] +# (optional) Set log output to debug output +# Defaults to false +# +# [*firewall_settings*] +# (optional) Allow to add custom parameters to firewall rules +# Should be an hash. +# Default to {} +# class cloud::firewall::post( $debug = false, $firewall_settings = {}, diff --git a/manifests/firewall/pre.pp b/manifests/firewall/pre.pp index f2975aca..9d9b73f3 100644 --- a/manifests/firewall/pre.pp +++ b/manifests/firewall/pre.pp @@ -17,6 +17,13 @@ # # Firewall rules during 'pre' Puppet stage # +# === Parameters: +# +# [*firewall_settings*] +# (optional) Allow to add custom parameters to firewall rules +# Should be an hash. +# Default to {} +# class cloud::firewall::pre( $firewall_settings = {}, ){ diff --git a/manifests/identity.pp b/manifests/identity.pp index f18719ee..43ecd0af 100644 --- a/manifests/identity.pp +++ b/manifests/identity.pp @@ -35,6 +35,10 @@ # (optional) Password to connect to keystone database # Defaults to 'keystonepassword' # +# [*memcache_servers*] +# (optionnal) Memcached servers used by Keystone. Should be an array. +# Defaults to ['127.0.0.1:11211'] +# # [*ks_admin_email*] # (optional) Email address of admin user in Keystone # Defaults to 'no-reply@keystone.openstack' @@ -194,46 +198,114 @@ # (optional) Protocol used to connect to API. Could be 'http' or 'https'. # Defaults to 'http' # +# [*ks_swift_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_swift_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# # [*ks_ceilometer_public_proto*] # (optional) Protocol used to connect to API. Could be 'http' or 'https'. # Defaults to 'http' # +# [*ks_ceilometer_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_ceilometer_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# # [*ks_heat_public_proto*] # (optional) Protocol used to connect to API. Could be 'http' or 'https'. # Defaults to 'http' # +# [*ks_heat_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_heat_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_keystone_public_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_keystone_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_keystone_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# # [*ks_nova_public_proto*] # (optional) Protocol used to connect to API. Could be 'http' or 'https'. # Defaults to 'http' # +# [*ks_nova_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_nova_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# # [*ks_neutron_public_proto*] # (optional) Protocol used to connect to API. Could be 'http' or 'https'. # Defaults to 'http' # +# [*ks_neutron_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_neutron_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# # [*ks_trove_public_proto*] # (optional) Protocol used to connect to API. Could be 'http' or 'https'. # Defaults to 'http' # +# [*ks_trove_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_trove_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# # [*ks_glance_public_proto*] # (optional) Protocol used to connect to API. Could be 'http' or 'https'. # Defaults to 'http' # +# [*ks_glance_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_glance_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# # [*ks_cinder_public_proto*] # (optional) Protocol used to connect to API. Could be 'http' or 'https'. # Defaults to 'http' # +# [*ks_cinder_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_cinder_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# # [*ks_ceilometer_public_port*] # (optional) TCP port to connect to Ceilometer API from public network # Defaults to '8777' # -# [*ks_ceilometer_admin_port*] -# (optional) TCP port to connect to Ceilometer API from admin network -# Defaults to '8777' -# -# [*ks_ceilometer_internal_port*] -# (optional) TCP port to connect to Ceilometer API from internal network -# Defaults to '8777' -# # [*ks_keystone_internal_port*] # (optional) TCP port to connect to Keystone API from internal network # Defaults to '5000' @@ -250,22 +322,10 @@ # (optional) TCP port to connect to Swift API from public network # Defaults to '8080' # -# [*ks_nova_internal_port*] -# (optional) TCP port to connect to Nova API from internal network -# Defaults to '8774' -# -# [*ks_trove_internal_port*] -# (optional) TCP port to connect to Trove API from internal network -# Defaults to '8779' -# # [*ks_trove_public_port*] # (optional) TCP port to connect to Trove API from public network # Defaults to '8779' # -# [*ks_trove_admin_port*] -# (optional) TCP port to connect to Trove API from admin network -# Defaults to '8779' -# # [*ks_nova_public_port*] # (optional) TCP port to connect to Nova API from public network # Defaults to '8774' @@ -274,50 +334,31 @@ # (optional) TCP port to connect to EC2 API from public network # Defaults to '8773' # -# [*ks_nova_admin_port*] -# (optional) TCP port to connect to Nova API from admin network -# Defaults to '8774' -# -# [*ks_cinder_internal_port*] -# (optional) TCP port to connect to Cinder API from internal network -# Defaults to '8776' +# [*ks_swift_dispersion_password*] +# (optional) Password of the dispersion tenant, used for swift-dispersion-report +# and swift-dispersion-populate tools. +# Defaults to 'dispersion' # # [*ks_cinder_public_port*] # (optional) TCP port to connect to Cinder API from public network # Defaults to '8776' # -# [*ks_cinder_admin_port*] -# (optional) TCP port to connect to Cinder API from admin network -# Defaults to '8776' -# -# [*ks_neutron_internal_port*] -# (optional) TCP port to connect to Neutron API from internal network -# Defaults to '9696' -# # [*ks_neutron_public_port*] # (optional) TCP port to connect to Neutron API from public network # Defaults to '9696' # -# [*ks_neutron_admin_port*] -# (optional) TCP port to connect to Neutron API from admin network -# Defaults to '9696' -# # [*ks_heat_public_port*] # (optional) TCP port to connect to Heat API from public network +# Defaults to '8004' +# +# [*ks_heat_cfn_public_port*] +# (optional) TCP port to connect to Heat API from public network # Defaults to '8000' # -# [*ks_glance_api_internal_port*] -# (optional) TCP port to connect to Glance API from internal network -# Defaults to '9292' -# # [*ks_glance_api_public_port*] # (optional) TCP port to connect to Glance API from public network # Defaults to '9292' # -# [*ks_glance_api_admin_port*] -# (optional) TCP port to connect to Glance API from admin network -# Defaults to '9292' -# # [*api_eth*] # (optional) Which interface we bind the Keystone server. # Defaults to '127.0.0.1' @@ -355,6 +396,14 @@ # Experimental feature. # Defaults to false # +# [*swift_enabled*] +# (optional) Enable or not OpenStack Swift (Stockage as a Service) +# Defaults to true +# +# [*ks_token_expiration*] +# (optional) Amount of time a token should remain valid (seconds). +# Defaults to 3600 (1 hour). +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. @@ -656,7 +705,7 @@ class cloud::identity ( # Note(EmilienM): # We check if DB tables are created, if not we populate Keystone DB. # It's a hack to fit with our setup where we run MySQL/Galera - # TODO(Gonéri) + # TODO(Goneri) # We have to do this only on the primary node of the galera cluster to avoid race condition # https://github.com/enovance/puppet-openstack-cloud/issues/156 exec {'keystone_db_sync': diff --git a/manifests/image/api.pp b/manifests/image/api.pp index 8dce3028..1955cf79 100644 --- a/manifests/image/api.pp +++ b/manifests/image/api.pp @@ -35,10 +35,22 @@ # (optional) Internal Hostname or IP to connect to Keystone API # Defaults to '127.0.0.1' # +# [*ks_keystone_internal_proto*] +# (optional) Protocol used to connect to API. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_glance_internal_host*] +# (optional) Internal Hostname or IP to connect to Glance +# Defaults to '127.0.0.1' +# # [*ks_glance_api_internal_port*] # (optional) TCP port to connect to Glance API from internal network # Defaults to '9292' # +# [*ks_glance_registry_internal_proto*] +# (optional) Protocol used to connect to API. Could be 'http' or 'https'. +# Defaults to 'http' +# # [*ks_glance_registry_internal_port*] # (optional) TCP port to connect to Glance Registry from internal network # Defaults to '9191' @@ -59,6 +71,26 @@ # (optional) Which interface we bind the Glance API server. # Defaults to '127.0.0.1' # +# [*openstack_vip*] +# (optional) Hostname of IP used to connect to Glance registry +# Defaults to '127.0.0.1' +# +# [*glance_rbd_pool*] +# (optional) Name of the Ceph pool which which store the glance images +# Defaults to 'images' +# +# [*glance_rbd_user*] +# (optional) User name used to acces to the glance rbd pool +# Defaults to 'glance' +# +# [*verbose*] +# (optional) Set log output to verbose output +# Defaults to true +# +# [*debug*] +# (optional) Set log output to debug output +# Defaults to true +# # [*use_syslog*] # (optional) Use syslog for logging # Defaults to true diff --git a/manifests/image/registry.pp b/manifests/image/registry.pp index 9169e0bc..6a222a5f 100644 --- a/manifests/image/registry.pp +++ b/manifests/image/registry.pp @@ -35,6 +35,14 @@ # (optional) Internal Hostname or IP to connect to Keystone API # Defaults to '127.0.0.1' # +# [*ks_keystone_internal_proto*] +# (optional) Protocol used to connect to API. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_glance_internal_host*] +# (optional) Internal Hostname or IP to connect to Glance +# Defaults to '127.0.0.1' +# # [*ks_glance_registry_internal_port*] # (optional) TCP port to connect to Glance Registry from internal network # Defaults to '9191' @@ -47,6 +55,14 @@ # (optional) Which interface we bind the Glance API server. # Defaults to '127.0.0.1' # +# [*verbose*] +# (optional) Set log output to verbose output +# Defaults to true +# +# [*debug*] +# (optional) Set log output to debug output +# Defaults to true +# # [*use_syslog*] # (optional) Use syslog for logging # Defaults to true diff --git a/manifests/init.pp b/manifests/init.pp index 1d87913c..945665de 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -13,10 +13,79 @@ # License for the specific language governing permissions and limitations # under the License. # -# Class: cloud +# == Class: cloud # # Installs the system requirements # +# === Parameters: +# +# [*rhn_registration*] +# (optional) The RedHat network authentication token +# Defaults to undef +# +# [*root_password*] +# (optional) Unix root password +# Defaults to 'root' +# +# [*dns_ips*] +# (optional) Hostname or IP of the Domain Name Server (dns) used +# Should by an array. +# Defaults to google public dns ['8.8.8.8', '8.8.4.4'] +# +# [*site_domain*] +# (optional) Domain name (used for search and domain fields +# of resolv.conf configuration file +# Defaults to 'mydomain' +# +# [*motd_title*] +# (optional) A string used in the top of the server's motd +# Defaults to 'eNovance IT Operations' +# +# [*selinux_mode*] +# (optional) SELinux mode the system should be in +# Defaults to 'permissive' +# Possible values : disabled, permissive, enforcing +# +# [*selinux_directory*] +# (optional) Path where to find the SELinux modules +# Defaults to '/usr/share/selinux' +# +# [*selinux_booleans*] +# (optional) Set of booleans to persistently enables +# SELinux booleans are the one getsebool -a returns +# Defaults [] +# Example: ['rsync_full_access', 'haproxy_connect_any'] +# +# [*selinux_modules*] +# (optional) Set of modules to load on the system +# Defaults [] +# Example: ['module1', 'module2'] +# Note: Those module should be in the $directory path +# +# [*manage_firewall*] +# (optional) Completely enable or disable firewall settings +# (false means disabled, and true means enabled) +# Defaults to false +# +# [*firewall_rules*] +# (optional) Allow to add custom firewall rules +# Should be an hash. +# Default to {} +# +# [*purge_firewall_rules*] +# (optional) Boolean, purge all firewall resources +# Defaults to false +# +# [*firewall_pre_extras*] +# (optional) Allow to add custom parameters to firewall rules (pre stage) +# Should be an hash. +# Default to {} +# +# [*firewall_post_extras*] +# (optional) Allow to add custom parameters to firewall rules (post stage) +# Should be an hash. +# Default to {} +# class cloud( $rhn_registration = undef, $root_password = 'root', @@ -40,7 +109,7 @@ class cloud( fail("OS family unsuppored yet (${::osfamily}), module puppet-openstack-cloud only support RedHat or Debian") } -# motd + # motd file { '/etc/motd': @@ -61,16 +130,16 @@ This node is under the control of Puppet ${::puppetversion}. "; } -# DNS + # DNS class { 'dnsclient': nameservers => $dns_ips, domain => $site_domain } -# NTP + # NTP include ::ntp -# SELinux + # SELinux if $::osfamily == 'RedHat' { class {'cloud::selinux' : mode => $selinux_mode, @@ -81,7 +150,7 @@ This node is under the control of Puppet ${::puppetversion}. } } -# Strong root password for all servers + # Strong root password for all servers user { 'root': ensure => 'present', gid => '0', diff --git a/manifests/loadbalancer.pp b/manifests/loadbalancer.pp index 73782827..01a73137 100644 --- a/manifests/loadbalancer.pp +++ b/manifests/loadbalancer.pp @@ -18,6 +18,7 @@ # Install Load-Balancer node (HAproxy + Keepalived) # # === Parameters: +# # [*keepalived_vrrp_interface*] # (optional) Networking interface to bind the vrrp traffic. # Defaults to false (disabled) @@ -128,6 +129,20 @@ # If set to false, no binding will be configure # Defaults to true # +# [*horizon*] +# (optional) Enable or not Horizon public binding. +# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false. +# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options. +# If set to false, no binding will be configure +# Defaults to true +# +# [*horizon_ssl*] +# (optional) Enable or not Horizon SSL public binding. +# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false. +# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options. +# If set to false, no binding will be configure +# Defaults to true +# # [*ec2_api*] # (optional) Enable or not EC2 public binding. # If true, both public and internal will attempt to be created except if vip_internal_ip is set to false. @@ -135,6 +150,13 @@ # If set to false, no binding will be configure # Defaults to true # +# [*spice*] +# (optional) Enable or not spice binding. +# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false. +# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options. +# If set to false, no binding will be configure. +# Defaults to false +# # [*metadata_api*] # (optional) Enable or not Metadata public binding. # If true, both public and internal will attempt to be created except if vip_internal_ip is set to false. @@ -163,6 +185,194 @@ # If set to false, no binding will be configure # Defaults to true # +# [*haproxy_auth*] +# (optional) The HTTP sytle basic credentials (using login:password form) +# Defaults to 'admin:changeme' +# +# [*keepalived_state*] +# (optional) TODO +# Defaults to 'BACKUP' +# +# [*keepalived_priority*] +# (optional) TODO +# Defaults to '50' +# +# [*ceilometer_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*cinder_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*ec2_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*glance_api_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*glance_registry_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*heat_cfn_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*heat_cloudwatch_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*heat_api_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*keystone_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*keystone_admin_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*metadata_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*neutron_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*nova_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*trove_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*swift_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*spice_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*horizon_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*horizon_ssl_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*rabbitmq_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*galera_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*ks_ceilometer_public_port*] +# (optional) TCP port to connect to Ceilometer API from public network +# Defaults to '8777' +# +# [*ks_cinder_public_port*] +# (optional) TCP port to connect to Cinder API from public network +# Defaults to '8776' +# +# [*ks_ec2_public_port*] +# (optional) TCP port to connect to EC2 API from public network +# Defaults to '8773' +# +# [*ks_glance_api_public_port*] +# (optional) TCP port to connect to Glance API from public network +# Defaults to '9292' +# +# [*ks_glance_registry_internal_port*] +# (optional) TCP port to connect to Glance API from public network +# Defaults to '9191' +# +# [*ks_heat_cfn_public_port*] +# (optional) TCP port to connect to Heat API from public network +# Defaults to '8000' +# +# [*ks_heat_cloudwatch_public_port*] +# (optional) TCP port to connect to Heat API from public network +# Defaults to '8003' +# +# [*ks_heat_public_port*] +# (optional) TCP port to connect to Heat API from public network +# Defaults to '8004' +# +# [*ks_keystone_admin_port*] +# (optional) TCP port to connect to Keystone Admin API from public network +# Defaults to '35357' +# +# [*ks_keystone_public_port*] +# (optional) TCP port to connect to Keystone API from public network +# Defaults to '5000' +# +# [*ks_metadata_public_port*] +# (optional) TCP port to connect to Keystone metadata API from public network +# Defaults to '8775' +# +# [*ks_swift_public_port*] +# (optional) TCP port to connect to Swift API from public network +# Defaults to '8080' +# +# [*ks_trove_public_port*] +# (optional) TCP port to connect to Trove API from public network +# Defaults to '8779' +# +# [*ks_nova_public_port*] +# (optional) TCP port to connect to Nova API from public network +# Defaults to '8774' +# +# [*ks_neutron_public_port*] +# (optional) TCP port to connect to Neutron API from public network +# Defaults to '9696' +# +# [*horizon_port*] +# (optional) Port used to connect to OpenStack Dashboard +# Defaults to '80' +# +# [*horizon_ssl_port*] +# (optional) Port used to connect to OpenStack Dashboard using SSL +# Defaults to '443' +# +# [*spice_port*] +# (optional) TCP port to connect to Nova spicehtmlproxy service. +# Defaults to '6082' +# +# [*rabbitmq_port*] +# (optional) Port of RabbitMQ service. +# Defaults to '5672' +# # [*vip_public_ip*] # (optional) Array or string for public VIP # Should be part of keepalived_public_ips @@ -177,6 +387,14 @@ # (optional) Array or string for monitor VIP # Defaults to false # +# [*galera_ip*] +# (optional) An array of Galera IP +# Defaults to ['127.0.0.1'] +# +# [*galera_slave*] +# (optional) A boolean to configure galera slave +# Defaults to false +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. diff --git a/manifests/network.pp b/manifests/network.pp index 41f4f981..0b16f7bc 100644 --- a/manifests/network.pp +++ b/manifests/network.pp @@ -35,16 +35,9 @@ # (optional) Set log output to debug output # Defaults to true # -# [*provider_vlan_ranges*] -# (optionnal) VLAN range for provider networks -# Defaults to ['physnet1:1000:2999'] -# -# [*flat_networks*] -# (optionnal) List of physical_network names with which flat networks -# can be created. Use * to allow flat networks with arbitrary -# physical_network names. -# Should be an array. -# Default to ['public']. +# [*api_eth*] +# (optional) Which interface we bind the Neutron API server. +# Defaults to '127.0.0.1' # # [*use_syslog*] # (optional) Use syslog for logging diff --git a/manifests/network/controller.pp b/manifests/network/controller.pp index 54e9e294..af9450e8 100644 --- a/manifests/network/controller.pp +++ b/manifests/network/controller.pp @@ -17,6 +17,73 @@ # # === Parameters: # +# [*neutron_db_host*] +# (optional) Host where user should be allowed all privileges for database. +# Defaults to 127.0.0.1 +# +# [*neutron_db_user*] +# (optional) Name of neutron DB user. +# Defaults to trove +# +# [*neutron_db_password*] +# (optional) Password that will be used for the neutron db user. +# Defaults to 'neutronpassword' +# +# [*ks_neutron_password*] +# (optional) Password used by Neutron to connect to Keystone API +# Defaults to 'neutronpassword' +# +# [*ks_keystone_admin_host*] +# (optional) Admin Hostname or IP to connect to Keystone API +# Defaults to '127.0.0.1' +# +# [*ks_keystone_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_keystone_public_port*] +# (optional) TCP port to connect to Keystone API from public network +# Defaults to '5000' +# +# [*ks_neutron_public_port*] +# (optional) TCP port to connect to Neutron API from public network +# Defaults to '9696' +# +# [*api_eth*] +# (optional) Which interface we bind the Neutron server. +# Defaults to '127.0.0.1' +# +# [*ks_admin_tenant*] +# (optional) Admin tenant name in Keystone +# Defaults to 'admin' +# +# +# [*nova_url*] +# (optional) URL for connection to nova (Only supports one nova region +# currently). +# Defaults to 'http://127.0.0.1:8774/v2' +# +# [*nova_admin_auth_url*] +# (optional) Authorization URL for connection to nova in admin context. +# Defaults to 'http://127.0.0.1:5000/v2.0' +# +# [*nova_admin_username*] +# (optional) Username for connection to nova in admin context +# Defaults to 'nova' +# +# [*nova_admin_tenant_name*] +# (optional) The name of the admin nova tenant +# Defaults to 'services' +# +# [*nova_admin_password*] +# (optional) Password for connection to nova in admin context. +# Defaults to 'novapassword' +# +# [*nova_region_name*] +# (optional) Name of nova region to use. Useful if keystone manages more than +# one region. +# Defaults to 'RegionOne' +# # [*manage_ext_network*] # (optionnal) Manage or not external network with provider network API # Defaults to false. @@ -41,6 +108,29 @@ # Supported values: 'ml2', 'n1kv'. # Defaults to 'ml2' # +# [*ks_keystone_admin_port*] +# (optional) TCP port to connect to Keystone API from admin network +# Defaults to '35357' +# +# [*provider_vlan_ranges*] +# (optionnal) VLAN range for provider networks +# Defaults to ['physnet1:1000:2999'] +# +# [*flat_networks*] +# (optionnal) List of physical_network names with which flat networks +# can be created. Use * to allow flat networks with arbitrary +# physical_network names. +# Should be an array. +# Default to ['public']. +# +# [*n1kv_vsm_ip*] +# (required) N1KV VSM (Virtual Supervisor Module) VM's IP. +# Defaults to 127.0.0.1 +# +# [*n1kv_vsm_password*] +# (required) N1KV VSM (Virtual Supervisor Module) password. +# Defaults to secrete +# class cloud::network::controller( $neutron_db_host = '127.0.0.1', $neutron_db_user = 'neutron', diff --git a/manifests/network/dhcp.pp b/manifests/network/dhcp.pp index d4abee4f..6dab1ccc 100644 --- a/manifests/network/dhcp.pp +++ b/manifests/network/dhcp.pp @@ -13,8 +13,29 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: +# # Network DHCP node # +# === Parameters: +# +# [*veth_mtu*] +# (optional) Enforce the default virtual interface MTU (option 26) +# Defaults to 1500 +# +# [*debug*] +# (optional) Set log output to debug output +# Defaults to true +# +# [*dnsmasq_dns_servers*] +# (optional) An array of DNS IP used to configure Virtual server resolver +# Defaults to false +# +# [*firewall_settings*] +# (optional) Allow to add custom parameters to firewall rules +# Should be an hash. +# Default to {} +# class cloud::network::dhcp( $veth_mtu = 1500, $debug = true, diff --git a/manifests/network/l3.pp b/manifests/network/l3.pp index 6264da55..0b7f407e 100644 --- a/manifests/network/l3.pp +++ b/manifests/network/l3.pp @@ -13,8 +13,28 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: +# # Network L3 node # +# === Parameters: +# +# [*debug*] +# (optional) Set log output to debug output +# Defaults to true +# +# [*ext_provider_net*] +# (optional) Manage L3 with another provider +# Defaults to false +# +# [*external_int*] +# (optional) The name of the external nic +# Defaults to eth1 +# +# [*manage_tso*] +# (optional) Disable TSO on Neutron interfaces +# Defaults to true +# class cloud::network::l3( $external_int = 'eth1', $ext_provider_net = false, diff --git a/manifests/network/lbaas.pp b/manifests/network/lbaas.pp index 0e8c2455..c65a4f23 100644 --- a/manifests/network/lbaas.pp +++ b/manifests/network/lbaas.pp @@ -13,8 +13,20 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: +# # Network LBaaS node # +# === Parameters: +# +# [*debug*] +# (optional) Set log output to debug output +# Defaults to true +# +# [*manage_haproxy_pkg*] +# (optional) Manage or not HAproxy package +# Defaults to true +# class cloud::network::lbaas( $debug = true, $manage_haproxy_pkg = true diff --git a/manifests/network/metadata.pp b/manifests/network/metadata.pp index 34908795..929f9b37 100644 --- a/manifests/network/metadata.pp +++ b/manifests/network/metadata.pp @@ -16,6 +16,48 @@ # Network Metadata node (need to be run once) # Could be managed by spof_node manifest # +# === Parameters: +# +# [*enabled*] +# (optional) State of the metadata service. +# Defaults to true +# +# [*debug*] +# (optional) Set log output to debug output +# Defaults to true +# +# [*ks_neutron_password*] +# (optional) Password used by Neutron to connect to Keystone API +# Defaults to 'neutronpassword' +# +# [*neutron_metadata_proxy_shared_secret*] +# (optional) Shared secret to validate proxies Neutron metadata requests +# Defaults to 'metadatapassword' +# +# [*nova_metadata_server*] +# (optional) Hostname or IP of the Nova metadata server +# Defaults to '127.0.0.1' +# +# [*ks_keystone_admin_host*] +# (optional) Admin Hostname or IP to connect to Keystone API +# Defaults to '127.0.0.1' +# +# [*ks_keystone_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_keystone_admin_port*] +# (optional) TCP port to connect to Keystone API from admin network +# Defaults to '35357' +# +# [*ks_nova_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*auth_region*] +# (optional) OpenStack Region Name +# Defaults to 'RegionOne' +# class cloud::network::metadata( $enabled = true, $debug = true, diff --git a/manifests/network/vswitch.pp b/manifests/network/vswitch.pp index ad7f7ad3..6e637cfe 100644 --- a/manifests/network/vswitch.pp +++ b/manifests/network/vswitch.pp @@ -120,6 +120,15 @@ # Not applicable if 'n1kv_source' is a file. (Option-B above) # Defaults to 'present' # +# [*tunnel_types*] +# (optional) List of types of tunnels to use when utilizing tunnels. +# Supported tunnel types are: vxlan. +# Defaults to ['gre'] +# +# [*n1kv_vsm_domain_id*] +# (optional) N1000 KV Domain ID (does nothing?) +# Defaults to 1000 +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. diff --git a/manifests/object/controller.pp b/manifests/object/controller.pp index 28d59fdb..1e05007c 100644 --- a/manifests/object/controller.pp +++ b/manifests/object/controller.pp @@ -19,6 +19,59 @@ # # === Parameters: # +# [*ks_keystone_admin_host*] +# (optional) Admin Hostname or IP to connect to Keystone API +# Defaults to '127.0.0.1' +# +# [*ks_keystone_admin_port*] +# (optional) TCP port to connect to Keystone API from admin network +# Defaults to '35357' +# +# [*ks_keystone_internal_host*] +# (optional) Internal Hostname or IP to connect to Keystone API +# Defaults to '127.0.0.1' +# +# [*ks_keystone_internal_port*] +# (optional) TCP port to connect to Keystone API from internal network +# Defaults to '5000' +# +# [*ks_keystone_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_keystone_admin_proto*] +# (optional) Protocol for admin endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_swift_internal_port*] +# (optional) TCP port to connect to Swift from internal network +# Defaults to '8080' +# +# [*ks_swift_password*] +# (optional) Password used by Swift to connect to Keystone API +# Defaults to 'swiftpassword' +# +# [*ks_swift_dispersion_password*] +# (optional) Password of the dispersion tenant, used for swift-dispersion-report +# and swift-dispersion-populate tools. +# Defaults to 'dispersion' +# +# [*api_eth*] +# (optional) Which interface we bind the Swift proxy server. +# Defaults to '127.0.0.1' +# +# [*memcache_servers*] +# (optionnal) Memcached servers used by Keystone. Should be an array. +# Defaults to ['127.0.0.1:11211'] +# +# [*statsd_host*] +# (optional) Hostname or IP of the statd server. +# Defaults to '127.0.0.1' +# +# [*statsd_port*] +# (optional) TCP port of the statd server +# Defaults to '4125' +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. diff --git a/manifests/object/ringbuilder.pp b/manifests/object/ringbuilder.pp index 56bfe389..6519dbd2 100644 --- a/manifests/object/ringbuilder.pp +++ b/manifests/object/ringbuilder.pp @@ -13,13 +13,33 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: cloud::object::ringbuilder +# # Swift ring builder node # +# === Parameters: +# +# [*enabled*] +# (optional) Enable or not the Swift ringbuilder rsync server +# Defaults to false +# +# [*rsyncd_ipaddress*] +# (optional) Hostname or IP of the swift ringbuilder rsync daemon +# Defaults to '127.0.0.1' +# +# [*replicas*] +# (optional) Number of replicas to kept +# Defaults to '3' +# +# [*swift_rsync_max_connections*] +# (optional) Max number of connections to the rsync daemon +# Defaults to '5' +# class cloud::object::ringbuilder( - $enabled = false, - $rsyncd_ipaddress = '127.0.0.1', - $replicas = 3, - $swift_rsync_max_connections = 5, + $enabled = false, + $rsyncd_ipaddress = '127.0.0.1', + $replicas = 3, + $swift_rsync_max_connections = 5, ) { include cloud::object diff --git a/manifests/object/storage.pp b/manifests/object/storage.pp index 3cc98180..5d755943 100644 --- a/manifests/object/storage.pp +++ b/manifests/object/storage.pp @@ -19,12 +19,48 @@ # # === Parameters: # +# [*storage_eth*] +# (optional) IP or hostname of the Swift storage node +# Defaults to '127.0.0.1' +# +# [*swift_zone*] +# (optional) Name of the swift zone +# Defaults to undef +# +# [*object_port*] +# (optional) TCP port number of the Object middleware +# Defaults to '6000' +# +# [*container_port*] +# (optional) TCP port number of the container middleware +# Defaults to '6001' +# +# [*account_port*] +# (optional) TCP port number of the account middleware +# Defaults to '6002' +# +# [*fstype*] +# (optional) Name of the File-System type +# Defaults to 'xfs' +# +# [*device_config_hash*] +# (optional) A hash of options to pass to io scheduler +# Defaults to {} +# +# [*ring_container_device*] +# (optional) The name of the container device +# Defaults to 'sdb' +# +# [*ring_account_device*] +# (optional) The name of the account device +# Defaults to 'sdb' +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. # Default to {} # -class cloud::object::storage ( +class cloud::object::storage( $storage_eth = '127.0.0.1', $swift_zone = undef, $object_port = '6000', diff --git a/manifests/orchestration.pp b/manifests/orchestration.pp index 40ef37cd..1435b11a 100644 --- a/manifests/orchestration.pp +++ b/manifests/orchestration.pp @@ -91,6 +91,10 @@ # (optional) Syslog facility to receive log lines # Defaults to 'LOG_LOCAL0' # +# [*os_endpoint_type*] +# (optional) The type of the OpenStack endpoint (public/internal/admin) URL +# Defaults to 'publicURL' +# class cloud::orchestration( $ks_keystone_internal_host = '127.0.0.1', $ks_keystone_internal_port = '5000', @@ -151,7 +155,7 @@ class cloud::orchestration( # Note(EmilienM): # We check if DB tables are created, if not we populate Heat DB. # It's a hack to fit with our setup where we run MySQL/Galera - # TODO(Gonéri) + # TODO(Goneri) # We have to do this only on the primary node of the galera cluster to avoid race condition # https://github.com/enovance/puppet-openstack-cloud/issues/156 exec {'heat_db_sync': diff --git a/manifests/orchestration/api.pp b/manifests/orchestration/api.pp index 3a3c3d4d..31df0154 100644 --- a/manifests/orchestration/api.pp +++ b/manifests/orchestration/api.pp @@ -19,6 +19,26 @@ # # === Parameters: # +# [*ks_heat_internal_port*] +# (optional) TCP port to connect to Heat API from public network +# Defaults to '8004' +# +# [*ks_heat_cfn_internal_port*] +# (optional) TCP port to connect to Heat API from public network +# Defaults to '8000' +# +# [*ks_heat_cloudwatch_internal_port*] +# (optional) TCP port to connect to Heat API from public network +# Defaults to '8003' +# +# [*api_eth*] +# (optional) Which interface we bind the Heat server. +# Defaults to '127.0.0.1' +# +# [*workers*] +# (optional) The number of Heat API workers +# Defaults to $::processorcount +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. diff --git a/manifests/orchestration/engine.pp b/manifests/orchestration/engine.pp index 3af899dc..d79723b0 100644 --- a/manifests/orchestration/engine.pp +++ b/manifests/orchestration/engine.pp @@ -13,9 +13,41 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: cloud::orchestration::engine +# # Orchestration engine node (should be run once) # Could be managed by spof node as Active / Passive. # +# === Parameters: +# +# [*enabled*] +# (optional) State of the orchestration engine service. +# Defaults to true +# +# [*ks_heat_public_host*] +# (optional) Public Hostname or IP to connect to Heat API +# Defaults to '127.0.0.1' +# +# [*ks_heat_public_proto*] +# (optional) Protocol used to connect to API. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_heat_password*] +# (optional) Password used by Heat to connect to Keystone API +# Defaults to 'heatpassword' +# +# [*ks_heat_cfn_public_port*] +# (optional) TCP port to connect to Heat API from public network +# Defaults to '8000' +# +# [*ks_heat_cloudwatch_public_port*] +# (optional) TCP port to connect to Heat API from public network +# Defaults to '8003' +# +# [*auth_encryption_key*] +# (optional) Encryption key used for authentication info in database +# Defaults to 'secrete' +# class cloud::orchestration::engine( $enabled = true, $ks_heat_public_host = '127.0.0.1', diff --git a/manifests/selinux.pp b/manifests/selinux.pp index 3f583333..0e478cf0 100644 --- a/manifests/selinux.pp +++ b/manifests/selinux.pp @@ -29,7 +29,7 @@ # Defaults to '/usr/share/selinux' # # [*booleans*] -# (optional) Set of booleans to persistenly enables +# (optional) Set of booleans to persistently enables # SELinux booleans are the one getsebool -a returns # Defaults [] # Example: ['rsync_full_access', 'haproxy_connect_any'] diff --git a/manifests/spof.pp b/manifests/spof.pp index abd733ad..f77605a7 100644 --- a/manifests/spof.pp +++ b/manifests/spof.pp @@ -35,6 +35,10 @@ # Should be an hash. # Default to {} # +# [*cluster_password*] +# (optionnal) Password of the pacemaker cluster +# Defaults to 'secrete' +# class cloud::spof( $cluster_ip = '127.0.0.1', $cluster_members = false, diff --git a/manifests/storage/rbd.pp b/manifests/storage/rbd.pp index 3c58310b..48ce025d 100644 --- a/manifests/storage/rbd.pp +++ b/manifests/storage/rbd.pp @@ -13,6 +13,21 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: cloud::storage::rbd +# +# === Parameters: +# +# [*fsid*] The cluster's fsid. +# Mandatory. Get one with `uuidgen -r`. +# +# [*cluster_network*] +# (optional) The cluster internal network +# Defaults to '127.0.0.1/24' +# +# [*public_network*] +# (optional) The cluster public (where clients are) network +# Defaults to '127.0.0.1/24' +# class cloud::storage::rbd ( $fsid = undef, $cluster_network = '127.0.0.1/24', diff --git a/manifests/storage/rbd/key.pp b/manifests/storage/rbd/key.pp index 25c1cd2b..9fe8a19c 100644 --- a/manifests/storage/rbd/key.pp +++ b/manifests/storage/rbd/key.pp @@ -13,6 +13,14 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: cloud::storage::rbd::key +# +# === Parameters: +# +# [*enabled*] +# (optional) Configure or not the ceph admin keyring +# Defaults to true +# class cloud::storage::rbd::key ( $enabled = false ) { diff --git a/manifests/storage/rbd/monitor.pp b/manifests/storage/rbd/monitor.pp index 21b69b27..5bf7e1cb 100644 --- a/manifests/storage/rbd/monitor.pp +++ b/manifests/storage/rbd/monitor.pp @@ -13,6 +13,29 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: cloud::storage::rbd::monitor +# +# Ceph monitor +# +# === Parameters: +# +# [*id*] +# (optional) Then uuid of the cluster +# Defaults to $::uniqueid +# +# [*mon_addr*] +# (optional) Which interface we bind the Ceph monitor +# Defaults to '127.0.0.1' +# +# [*monitor_secret*]] +# (optional) Password of the Ceph monitor +# Defaults to 'cephsecret' +# +# [*firewall_settings*] +# (optional) Allow to add custom parameters to firewall rules +# Should be an hash. +# Default to {} +# class cloud::storage::rbd::monitor ( $id = $::uniqueid, $mon_addr = '127.0.0.1', diff --git a/manifests/storage/rbd/osd.pp b/manifests/storage/rbd/osd.pp index b4e362ea..2105f6a5 100644 --- a/manifests/storage/rbd/osd.pp +++ b/manifests/storage/rbd/osd.pp @@ -13,6 +13,30 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: cloud::storage::rbd::osd +# +# Ceph OSD +# +# === Parameters: +# +# [*public_address*] +# (optional) Which interface we bind the Ceph OSD +# Defaults to '127.0.0.1' +# +# [*cluster_address*] +# (optional) Which interface we bind internal the Ceph OSD +# Defaults to '127.0.0.1' +# +# [*devices*]] +# (optional) An array of device, should be full-qualified or short. +# Defaults to ['sdb','/dev/sdc'] +# +# [*firewall_settings*] +# (optional) Allow to add custom parameters to firewall rules +# Should be an hash. +# Default to {} +# + class cloud::storage::rbd::osd ( $public_address = '127.0.0.1', $cluster_address = '127.0.0.1', diff --git a/manifests/storage/rbd/pools.pp b/manifests/storage/rbd/pools.pp index bb17fd3b..2a99da4a 100644 --- a/manifests/storage/rbd/pools.pp +++ b/manifests/storage/rbd/pools.pp @@ -13,6 +13,47 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: cloud::storage::rbd::pools +# +# Configure Ceph RBD pools (images,volumes,backup,nova) +# +# === Parameters: +# +# [*setup_pools*] +# (optional) Create or not Ceph pools +# Defaults to false +# +# [*glance_rbd_pool*] +# (optional) Name of the Ceph pool which which store the glance images +# Defaults to 'images' +# +# [*glance_rbd_user*] +# (optional) User name used to acces to the glance rbd pool +# Defaults to 'glance' +# +# [*ceph_fsid*] The cluster's fsid. +# Mandatory. Get one with `uuidgen -r`. +# +# [*cinder_backup_pool*] +# (optional) Name of the Ceph pool which which store the cinder backups +# Defaults to 'volumes' +# +# [*cinder_backup_user*] +# (optional) User name used to acces to the backup rbd pool +# Defaults to 'cinder' +# +# [*cinder_rbd_pool*] +# (optional) Name of the Ceph pool which which store the cinder images +# Defaults to 'volumes' +# +# [*cinder_rbd_user*] +# (optional) User name used to acces to the cinder rbd pool +# Defaults to 'cinder' +# +# [*nova_rbd_pool*] +# (optional) The RADOS pool in which rbd volumes are stored. +# Defaults to 'vms' +# class cloud::storage::rbd::pools( $setup_pools = false, $glance_rbd_user = 'glance', diff --git a/manifests/telemetry.pp b/manifests/telemetry.pp index 32599f4d..7048f740 100644 --- a/manifests/telemetry.pp +++ b/manifests/telemetry.pp @@ -36,6 +36,14 @@ # (optional) Internal Hostname or IP to connect to Keystone API # Defaults to '127.0.0.1' # +# [*ks_keystone_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_keystone_internal_port*] +# (optional) TCP port to connect to Keystone API from internal network +# Defaults to '5000' +# # [*ks_keystone_admin_host*] # (optional) Admin Hostname or IP to connect to Keystone API # Defaults to '127.0.0.1' @@ -68,6 +76,10 @@ # (optional) the keystone region of this node # Defaults to 'RegionOne' # +# [*os_endpoint_type*] +# (optional) The type of the OpenStack endpoint (public/internal/admin) URL +# Defaults to 'publicURL' +# class cloud::telemetry( $ceilometer_secret = 'ceilometersecret', $rabbit_hosts = ['127.0.0.1:5672'], diff --git a/manifests/telemetry/api.pp b/manifests/telemetry/api.pp index a8769531..7963918a 100644 --- a/manifests/telemetry/api.pp +++ b/manifests/telemetry/api.pp @@ -19,6 +19,26 @@ # # === Parameters: # +# [*ks_keystone_internal_host*] +# (optional) Internal Hostname or IP to connect to Keystone API +# Defaults to '127.0.0.1' +# +# [*ks_keystone_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_ceilometer_password*] +# (optional) Password used by Ceilometer to connect to Keystone API +# Defaults to 'ceilometerpassword' +# +# [*ks_ceilometer_internal_port*] +# (optional) TCP port to connect to Ceilometer API from public network +# Defaults to '8777' +# +# [*api_eth*] +# (optional) Which interface we bind the Ceilometer API server. +# Defaults to '127.0.0.1' +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. diff --git a/manifests/telemetry/centralagent.pp b/manifests/telemetry/centralagent.pp index 72a66cfe..cb16069b 100644 --- a/manifests/telemetry/centralagent.pp +++ b/manifests/telemetry/centralagent.pp @@ -13,9 +13,18 @@ # License for the specific language governing permissions and limitations # under the License. # +# +# == Class: cloud::telemetry::centralagent +# # Telemetry Central Agent node (should be run once) # Could be managed by spof node as Active / Passive. # +# === Parameters: +# +# [*enabled*] +# (optional) State of the telemetry central agent service. +# Defaults to true +# class cloud::telemetry::centralagent( $enabled = true, ){ diff --git a/manifests/telemetry/collector.pp b/manifests/telemetry/collector.pp index 9bffb0a4..fa59e017 100644 --- a/manifests/telemetry/collector.pp +++ b/manifests/telemetry/collector.pp @@ -13,8 +13,21 @@ # License for the specific language governing permissions and limitations # under the License. # +# +# == Class: cloud::telemetry::collector +# # Telemetry Collector nodes # +# === Parameters: +# +# [*mongo_nodes*] +# (optional) An array of mongo db nodes +# Defaults to ['127.0.0.1:27017'] +# +# [*replicaset_enabled*] +# (optional) Enable or not mongo replicat (using ceilometer name) +# Defaults to true +# class cloud::telemetry::collector( $mongo_nodes = ['127.0.0.1:27017'], $replicaset_enabled = true, diff --git a/manifests/volume.pp b/manifests/volume.pp index 4ee5f8ee..45bb58e0 100644 --- a/manifests/volume.pp +++ b/manifests/volume.pp @@ -56,6 +56,14 @@ # (optional) Syslog facility to receive log lines # Defaults to 'LOG_LOCAL0' # +# [*storage_availability_zone*] +# (optional) The storage availability zone +# Defaults to 'nova' +# +# [*nova_endpoint_type*] +# (optional) The type of the OpenStack endpoint (public/internal/admin) URL +# Defaults to 'publicURL' +# class cloud::volume( $cinder_db_host = '127.0.0.1', $cinder_db_user = 'cinder', @@ -111,7 +119,7 @@ class cloud::volume( # Note(EmilienM): # We check if DB tables are created, if not we populate Cinder DB. # It's a hack to fit with our setup where we run MySQL/Galera - # TODO(Gonéri) + # TODO(Goneri) # We have to do this only on the primary node of the galera cluster to avoid race condition # https://github.com/enovance/puppet-openstack-cloud/issues/156 exec {'cinder_db_sync': diff --git a/manifests/volume/api.pp b/manifests/volume/api.pp index 3f601c36..41e9f03b 100644 --- a/manifests/volume/api.pp +++ b/manifests/volume/api.pp @@ -19,6 +19,44 @@ # # === Parameters: # +# [*default_volume_type*] +# (required) default volume type to use. +# This should contain the name of the default volume type to use. +# If not configured, it produces an error when creating a volume +# without specifying a type. +# +# [*ks_cinder_internal_port*] +# (optional) TCP port to connect to Cinder API from public network +# Defaults to '8776' +# +# [*ks_keystone_internal_host*] +# (optional) Internal Hostname or IP to connect to Keystone API +# Defaults to '127.0.0.1' +# +# [*ks_keystone_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# +# [*ks_glance_internal_host*] +# (optional) Internal Hostname or IP to connect to Glance API +# Defaults to '127.0.0.1' +# +# [*ks_cinder_password*] +# (optional) Password used by Cinder to connect to Keystone API +# Defaults to 'cinderpassword' +# +# [*ks_glance_api_internal_port*] +# (optional) TCP port to connect to Glance API from public network +# Defaults to '9292' +# +# [*api_eth*] +# (optional) Which interface we bind the Cinder API server. +# Defaults to '127.0.0.1' +# +# [*ks_glance_internal_proto*] +# (optional) Protocol for public endpoint. Could be 'http' or 'https'. +# Defaults to 'http' +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. diff --git a/manifests/volume/backup.pp b/manifests/volume/backup.pp index 3982cc31..26e70181 100644 --- a/manifests/volume/backup.pp +++ b/manifests/volume/backup.pp @@ -13,8 +13,20 @@ # License for the specific language governing permissions and limitations # under the License. # +# == Class: +# # Volume Backup node # +# === Parameters +# +# [*backup_ceph_pool*] +# (optional) Name of the Ceph pool which which store the cinder backups +# Defaults to 'backup' +# +# [*backup_ceph_user*] +# (optional) User name used to acces to the backup rbd pool +# Defaults to 'cinder' +# class cloud::volume::backup( $backup_ceph_pool = 'backup', $backup_ceph_user = 'cinder' diff --git a/manifests/volume/storage.pp b/manifests/volume/storage.pp index 3e96c4ae..bc6b642b 100644 --- a/manifests/volume/storage.pp +++ b/manifests/volume/storage.pp @@ -47,6 +47,32 @@ # } # Defaults to undef # +# [*cinder_rbd_pool*] +# (optional) Name of the Ceph pool which which store the cinder images +# Defaults to 'volumes' +# +# [*cinder_rbd_user*] +# (optional) User name used to acces to the cinder rbd pool +# Defaults to 'cinder' +# +# [*cinder_rbd_secret_uuid*] +# (optional) A required parameter to use cephx. +# Defaults to false +# +# [*cinder_rbd_conf*] +# (optional) Path to the ceph configuration file to use +# Defaults to '/etc/ceph/ceph.conf' +# +# [*cinder_rbd_flatten_volume_from_snapshot*] +# (optional) Enable flatten volumes created from snapshots. +# Defaults to false +# +# [*cinder_rbd_max_clone_depth*] +# (optional) Maximum number of nested clones that can be taken of a +# volume before enforcing a flatten prior to next clone. +# A value of zero disables cloning +# Defaults to '5' +# class cloud::volume::storage( $cinder_backends = undef, $ks_keystone_internal_proto = 'http',