diff options
134 files changed, 6604 insertions, 271 deletions
diff --git a/lib/facter/galera_bootstrapped.rb b/lib/facter/alt_fqdns.rb index ea9fe8c..24d6ef1 100644 --- a/lib/facter/galera_bootstrapped.rb +++ b/lib/facter/alt_fqdns.rb @@ -1,4 +1,4 @@ -# Copyright 2015 Red Hat, Inc. +# Copyright 2016 Red Hat, Inc. # All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -12,8 +12,22 @@ # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. -Facter.add('galera_bootstrapped') do - setcode do - FileTest.exists?('/var/lib/mysql/grastate.dat') +[ + 'external', + 'internalapi', + 'storage', + 'storagemgmt', + 'tenant', + 'management', +].each do |network| + Facter.add('fqdn_' + network) do + setcode do + external_hostname_parts = [ + Facter.value(:hostname), + network, + Facter.value(:domain), + ].reject { |part| part.empty? } + external_hostname_parts.join(".") + end end end diff --git a/lib/puppet/parser/functions/lookup_hiera_hash.rb b/lib/puppet/parser/functions/lookup_hiera_hash.rb new file mode 100644 index 0000000..d96d65f --- /dev/null +++ b/lib/puppet/parser/functions/lookup_hiera_hash.rb @@ -0,0 +1,22 @@ +module Puppet::Parser::Functions + newfunction(:lookup_hiera_hash, :arity => 2, :type => :rvalue, + :doc => "Lookup a key->value from a Hiera hash") do |args| + hash_name = args[0] + key_name = args[1] + unless hash_name.is_a?(String) and key_name.is_a?(String) + raise Puppet::ParseError, "The hash name and the key name must be given as strings." + end + if defined? call_function + hash = call_function('hiera', [hash_name]) + else + hash = function_hiera([hash_name]) + end + unless hash.is_a?(Hash) + raise Puppet::ParseError, "The value Hiera returned for #{hash_name} is not a Hash." + end + unless hash.key?(key_name) + raise Puppet::ParseError, "The Hiera hash #{hash_name} does not contain key #{key_name}." + end + return hash[key_name] + end +end diff --git a/manifests/firewall/pre.pp b/manifests/firewall/pre.pp index 2d7203a..7af7fbc 100644 --- a/manifests/firewall/pre.pp +++ b/manifests/firewall/pre.pp @@ -50,7 +50,7 @@ class tripleo::firewall::pre( } tripleo::firewall::rule{ '003 accept ssh': - port => '22', + dport => '22', extras => $firewall_settings, } diff --git a/manifests/firewall/rule.pp b/manifests/firewall/rule.pp index ca9c6d0..c63162b 100644 --- a/manifests/firewall/rule.pp +++ b/manifests/firewall/rule.pp @@ -23,6 +23,14 @@ # (optional) The port associated to the rule. # Defaults to undef # +# [*dport*] +# (optional) The destination port associated to the rule. +# Defaults to undef +# +# [*sport*] +# (optional) The source port associated to the rule. +# Defaults to undef +# # [*proto*] # (optional) The protocol associated to the rule. # Defaults to 'tcp' @@ -57,6 +65,8 @@ # define tripleo::firewall::rule ( $port = undef, + $dport = undef, + $sport = undef, $proto = 'tcp', $action = 'accept', $state = ['NEW'], @@ -69,6 +79,8 @@ define tripleo::firewall::rule ( $basic = { 'port' => $port, + 'dport' => $dport, + 'sport' => $sport, 'proto' => $proto, 'action' => $action, 'state' => $state, diff --git a/manifests/loadbalancer.pp b/manifests/haproxy.pp index 664590b..e3e48ce 100644 --- a/manifests/loadbalancer.pp +++ b/manifests/haproxy.pp @@ -13,13 +13,13 @@ # License for the specific language governing permissions and limitations # under the License. -# == Class: tripleo::loadbalancer +# == Class: tripleo::haproxy # -# Configure an HAProxy/keepalived loadbalancer for TripleO. +# Configure HAProxy for TripleO. # # === Parameters: # -# [*manage_vip*] +# [*keepalived*] # Whether to configure keepalived to manage the VIPs or not. # Defaults to true # @@ -53,57 +53,27 @@ # The IPv4, IPv6 or filesystem socket path of the syslog server. # Defaults to '/dev/log' # -# [*controller_host*] -# (Deprecated)Host or group of hosts to load-balance the services -# Can be a string or an array. -# Defaults to undef -# # [*controller_hosts*] # IPs of host or group of hosts to load-balance the services # Can be a string or an array. -# Defaults to undef +# Defaults tohiera('controller_node_ips') # # [*controller_hosts_names*] # Names of host or group of hosts to load-balance the services # Can be a string or an array. -# Defaults to undef +# Defaults to hiera('controller_node_names', undef) # # [*controller_virtual_ip*] # Control IP or group of IPs to bind the pools # Can be a string or an array. # Defaults to undef # -# [*control_virtual_interface*] -# Interface to bind the control VIP -# Can be a string or an array. -# Defaults to undef -# -# [*public_virtual_interface*] -# Interface to bind the public VIP -# Can be a string or an array. -# Defaults to undef -# # [*public_virtual_ip*] # Public IP or group of IPs to bind the pools # Can be a string or an array. # Defaults to undef -# -# [*internal_api_virtual_ip*] -# Virtual IP on the internal API network. -# A string. -# Defaults to false -# -# [*storage_virtual_ip*] -# Virtual IP on the storage network. -# A string. -# Defaults to false -# -# [*storage_mgmt_virtual_ip*] -# Virtual IP on the storage mgmt network. -# A string. -# Defaults to false -# # [*haproxy_stats_user*] +# # Username for haproxy stats authentication. # A string. # Defaults to 'admin' @@ -175,10 +145,6 @@ # (optional) Enable or not Glance registry binding # Defaults to false # -# [*nova_ec2*] -# (optional) Enable or not Nova EC2 API binding -# Defaults to false -# # [*nova_osapi*] # (optional) Enable or not Nova API binding # Defaults to false @@ -269,7 +235,7 @@ # 'heat_api_port' (Defaults to 8004) # 'heat_api_ssl_port' (Defaults to 13004) # 'heat_cfn_port' (Defaults to 8000) -# 'heat_cfn_ssl_port' (Defaults to 13800) +# 'heat_cfn_ssl_port' (Defaults to 13005) # 'heat_cw_port' (Defaults to 8003) # 'heat_cw_ssl_port' (Defaults to 13003) # 'ironic_api_port' (Defaults to 6385) @@ -284,8 +250,6 @@ # 'neutron_api_ssl_port' (Defaults to 13696) # 'nova_api_port' (Defaults to 8774) # 'nova_api_ssl_port' (Defaults to 13774) -# 'nova_ec2_port' (Defaults to 8773) -# 'nova_ec2_ssl_port' (Defaults to 13773) # 'nova_metadata_port' (Defaults to 8775) # 'nova_novnc_port' (Defaults to 6080) # 'nova_novnc_ssl_port' (Defaults to 13080) @@ -297,15 +261,10 @@ # 'trove_api_ssl_port' (Defaults to 13779) # Defaults to {} # -class tripleo::loadbalancer ( +class tripleo::haproxy ( $controller_virtual_ip, - $control_virtual_interface, - $public_virtual_interface, $public_virtual_ip, - $internal_api_virtual_ip = false, - $storage_virtual_ip = false, - $storage_mgmt_virtual_ip = false, - $manage_vip = true, + $keepalived = true, $haproxy_service_manage = true, $haproxy_global_maxconn = 20480, $haproxy_default_maxconn = 4096, @@ -315,9 +274,8 @@ class tripleo::loadbalancer ( $haproxy_log_address = '/dev/log', $haproxy_stats_user = 'admin', $haproxy_stats_password = undef, - $controller_host = undef, - $controller_hosts = undef, - $controller_hosts_names = undef, + $controller_hosts = hiera('controller_node_ips'), + $controller_hosts_names = hiera('controller_node_names', undef), $service_certificate = undef, $internal_certificate = undef, $ssl_cipher_suite = '!SSLv2:kEECDH:kRSA:kEDH:kPSK:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES', @@ -332,7 +290,6 @@ class tripleo::loadbalancer ( $manila = false, $glance_api = false, $glance_registry = false, - $nova_ec2 = false, $nova_osapi = false, $nova_metadata = false, $nova_novncproxy = false, @@ -368,7 +325,7 @@ class tripleo::loadbalancer ( heat_api_port => 8004, heat_api_ssl_port => 13004, heat_cfn_port => 8000, - heat_cfn_ssl_port => 13800, + heat_cfn_ssl_port => 13005, heat_cw_port => 8003, heat_cw_ssl_port => 13003, ironic_api_port => 6385, @@ -383,8 +340,6 @@ class tripleo::loadbalancer ( neutron_api_ssl_port => 13696, nova_api_port => 8774, nova_api_ssl_port => 13774, - nova_ec2_port => 8773, - nova_ec2_ssl_port => 13773, nova_metadata_port => 8775, nova_novnc_port => 6080, nova_novnc_ssl_port => 13080, @@ -397,100 +352,16 @@ class tripleo::loadbalancer ( } $ports = merge($default_service_ports, $service_ports) - if !$controller_host and !$controller_hosts { - fail('$controller_hosts or $controller_host (now deprecated) is a mandatory parameter') - } - if $controller_hosts { - $controller_hosts_real = $controller_hosts - } else { - warning('$controller_host has been deprecated in favor of $controller_hosts') - $controller_hosts_real = $controller_host - } - - if !$controller_hosts_names { + $controller_hosts_real = any2array(split($controller_hosts, ',')) + if ! $controller_hosts_names { $controller_hosts_names_real = $controller_hosts_real } else { - $controller_hosts_names_real = $controller_hosts_names - } - - if $manage_vip { - case $::osfamily { - 'RedHat': { - $keepalived_name_is_process = false - $keepalived_vrrp_script = 'systemctl status haproxy.service' - } # RedHat - 'Debian': { - $keepalived_name_is_process = true - $keepalived_vrrp_script = undef - } - default: { - warning('Please configure keepalived defaults in tripleo::loadbalancer.') - $keepalived_name_is_process = undef - $keepalived_vrrp_script = undef - } - } - - class { '::keepalived': } - keepalived::vrrp_script { 'haproxy': - name_is_process => $keepalived_name_is_process, - script => $keepalived_vrrp_script, - } - - # KEEPALIVE INSTANCE CONTROL - keepalived::instance { '51': - interface => $control_virtual_interface, - virtual_ips => [join([$controller_virtual_ip, ' dev ', $control_virtual_interface])], - state => 'MASTER', - track_script => ['haproxy'], - priority => 101, - } - - # KEEPALIVE INSTANCE PUBLIC - keepalived::instance { '52': - interface => $public_virtual_interface, - virtual_ips => [join([$public_virtual_ip, ' dev ', $public_virtual_interface])], - state => 'MASTER', - track_script => ['haproxy'], - priority => 101, - } - - - if $internal_api_virtual_ip and $internal_api_virtual_ip != $controller_virtual_ip { - $internal_api_virtual_interface = interface_for_ip($internal_api_virtual_ip) - # KEEPALIVE INTERNAL API NETWORK - keepalived::instance { '53': - interface => $internal_api_virtual_interface, - virtual_ips => [join([$internal_api_virtual_ip, ' dev ', $internal_api_virtual_interface])], - state => 'MASTER', - track_script => ['haproxy'], - priority => 101, - } - } - - if $storage_virtual_ip and $storage_virtual_ip != $controller_virtual_ip { - $storage_virtual_interface = interface_for_ip($storage_virtual_ip) - # KEEPALIVE STORAGE NETWORK - keepalived::instance { '54': - interface => $storage_virtual_interface, - virtual_ips => [join([$storage_virtual_ip, ' dev ', $storage_virtual_interface])], - state => 'MASTER', - track_script => ['haproxy'], - priority => 101, - } - } - - if $storage_mgmt_virtual_ip and $storage_mgmt_virtual_ip != $controller_virtual_ip { - $storage_mgmt_virtual_interface = interface_for_ip($storage_mgmt_virtual_ip) - # KEEPALIVE STORAGE MANAGEMENT NETWORK - keepalived::instance { '55': - interface => $storage_mgmt_virtual_interface, - virtual_ips => [join([$storage_mgmt_virtual_ip, ' dev ', $storage_mgmt_virtual_interface])], - state => 'MASTER', - track_script => ['haproxy'], - priority => 101, - } - } + $controller_hosts_names_real = downcase(any2array(split($controller_hosts_names, ','))) + } + # This code will be removed once we switch undercloud and overcloud to use both haproxy & keepalived roles. + if $keepalived { + include ::tripleo::keepalived } # TODO(bnemec): When we have support for SSL on private and admin endpoints, @@ -579,7 +450,7 @@ class tripleo::loadbalancer ( }, } - Tripleo::Loadbalancer::Endpoint { + Tripleo::Haproxy::Endpoint { haproxy_listen_bind_param => $haproxy_listen_bind_param, member_options => $haproxy_member_options, public_certificate => $service_certificate, @@ -602,7 +473,7 @@ class tripleo::loadbalancer ( } if $keystone_admin { - ::tripleo::loadbalancer::endpoint { 'keystone_admin': + ::tripleo::haproxy::endpoint { 'keystone_admin': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('keystone_admin_api_vip', $controller_virtual_ip), service_port => $ports[keystone_admin_api_port], @@ -619,7 +490,7 @@ class tripleo::loadbalancer ( } if $keystone_public { - ::tripleo::loadbalancer::endpoint { 'keystone_public': + ::tripleo::haproxy::endpoint { 'keystone_public': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('keystone_public_api_vip', $controller_virtual_ip), service_port => $ports[keystone_public_api_port], @@ -636,7 +507,7 @@ class tripleo::loadbalancer ( } if $neutron { - ::tripleo::loadbalancer::endpoint { 'neutron': + ::tripleo::haproxy::endpoint { 'neutron': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('neutron_api_vip', $controller_virtual_ip), service_port => $ports[neutron_api_port], @@ -647,7 +518,7 @@ class tripleo::loadbalancer ( } if $cinder { - ::tripleo::loadbalancer::endpoint { 'cinder': + ::tripleo::haproxy::endpoint { 'cinder': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('cinder_api_vip', $controller_virtual_ip), service_port => $ports[cinder_api_port], @@ -664,7 +535,7 @@ class tripleo::loadbalancer ( } if $manila { - ::tripleo::loadbalancer::endpoint { 'manila': + ::tripleo::haproxy::endpoint { 'manila': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('manila_api_vip', $controller_virtual_ip), service_port => $ports[manila_api_port], @@ -675,7 +546,7 @@ class tripleo::loadbalancer ( } if $sahara { - ::tripleo::loadbalancer::endpoint { 'sahara': + ::tripleo::haproxy::endpoint { 'sahara': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('sahara_api_vip', $controller_virtual_ip), service_port => $ports[sahara_api_port], @@ -686,7 +557,7 @@ class tripleo::loadbalancer ( } if $trove { - ::tripleo::loadbalancer::endpoint { 'trove': + ::tripleo::haproxy::endpoint { 'trove': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('trove_api_vip', $controller_virtual_ip), service_port => $ports[trove_api_port], @@ -697,7 +568,7 @@ class tripleo::loadbalancer ( } if $glance_api { - ::tripleo::loadbalancer::endpoint { 'glance_api': + ::tripleo::haproxy::endpoint { 'glance_api': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('glance_api_vip', $controller_virtual_ip), service_port => $ports[glance_api_port], @@ -708,7 +579,7 @@ class tripleo::loadbalancer ( } if $glance_registry { - ::tripleo::loadbalancer::endpoint { 'glance_registry': + ::tripleo::haproxy::endpoint { 'glance_registry': internal_ip => hiera('glance_registry_vip', $controller_virtual_ip), service_port => $ports[glance_registry_port], ip_addresses => hiera('glance_registry_node_ips', $controller_hosts_real), @@ -717,19 +588,8 @@ class tripleo::loadbalancer ( } $nova_api_vip = hiera('nova_api_vip', $controller_virtual_ip) - if $nova_ec2 { - ::tripleo::loadbalancer::endpoint { 'nova_ec2': - public_virtual_ip => $public_virtual_ip, - internal_ip => $nova_api_vip, - service_port => $ports[nova_ec2_port], - ip_addresses => hiera('nova_api_node_ips', $controller_hosts_real), - server_names => $controller_hosts_names_real, - public_ssl_port => $ports[nova_ec2_ssl_port], - } - } - if $nova_osapi { - ::tripleo::loadbalancer::endpoint { 'nova_osapi': + ::tripleo::haproxy::endpoint { 'nova_osapi': public_virtual_ip => $public_virtual_ip, internal_ip => $nova_api_vip, service_port => $ports[nova_api_port], @@ -746,7 +606,7 @@ class tripleo::loadbalancer ( } if $nova_metadata { - ::tripleo::loadbalancer::endpoint { 'nova_metadata': + ::tripleo::haproxy::endpoint { 'nova_metadata': internal_ip => hiera('nova_metadata_vip', $controller_virtual_ip), service_port => $ports[nova_metadata_port], ip_addresses => hiera('nova_metadata_node_ips', $controller_hosts_real), @@ -755,7 +615,7 @@ class tripleo::loadbalancer ( } if $nova_novncproxy { - ::tripleo::loadbalancer::endpoint { 'nova_novncproxy': + ::tripleo::haproxy::endpoint { 'nova_novncproxy': public_virtual_ip => $public_virtual_ip, internal_ip => $nova_api_vip, service_port => $ports[nova_novnc_port], @@ -770,7 +630,7 @@ class tripleo::loadbalancer ( } if $ceilometer { - ::tripleo::loadbalancer::endpoint { 'ceilometer': + ::tripleo::haproxy::endpoint { 'ceilometer': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('ceilometer_api_vip', $controller_virtual_ip), service_port => $ports[ceilometer_api_port], @@ -781,7 +641,7 @@ class tripleo::loadbalancer ( } if $aodh { - ::tripleo::loadbalancer::endpoint { 'aodh': + ::tripleo::haproxy::endpoint { 'aodh': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('aodh_api_vip', $controller_virtual_ip), service_port => $ports[aodh_api_port], @@ -792,7 +652,7 @@ class tripleo::loadbalancer ( } if $gnocchi { - ::tripleo::loadbalancer::endpoint { 'gnocchi': + ::tripleo::haproxy::endpoint { 'gnocchi': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('gnocchi_api_vip', $controller_virtual_ip), service_port => $ports[gnocchi_api_port], @@ -803,7 +663,7 @@ class tripleo::loadbalancer ( } if $swift_proxy_server { - ::tripleo::loadbalancer::endpoint { 'swift_proxy_server': + ::tripleo::haproxy::endpoint { 'swift_proxy_server': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('swift_proxy_vip', $controller_virtual_ip), service_port => $ports[swift_proxy_port], @@ -829,7 +689,7 @@ class tripleo::loadbalancer ( } if $heat_api { - ::tripleo::loadbalancer::endpoint { 'heat_api': + ::tripleo::haproxy::endpoint { 'heat_api': public_virtual_ip => $public_virtual_ip, internal_ip => $heat_api_vip, service_port => $ports[heat_api_port], @@ -842,7 +702,7 @@ class tripleo::loadbalancer ( } if $heat_cloudwatch { - ::tripleo::loadbalancer::endpoint { 'heat_cloudwatch': + ::tripleo::haproxy::endpoint { 'heat_cloudwatch': public_virtual_ip => $public_virtual_ip, internal_ip => $heat_api_vip, service_port => $ports[heat_cw_port], @@ -855,7 +715,7 @@ class tripleo::loadbalancer ( } if $heat_cfn { - ::tripleo::loadbalancer::endpoint { 'heat_cfn': + ::tripleo::haproxy::endpoint { 'heat_cfn': public_virtual_ip => $public_virtual_ip, internal_ip => $heat_api_vip, service_port => $ports[heat_cfn_port], @@ -884,7 +744,7 @@ class tripleo::loadbalancer ( } if $ironic { - ::tripleo::loadbalancer::endpoint { 'ironic': + ::tripleo::haproxy::endpoint { 'ironic': public_virtual_ip => $public_virtual_ip, internal_ip => hiera('ironic_api_vip', $controller_virtual_ip), service_port => $ports[ironic_api_port], diff --git a/manifests/loadbalancer/endpoint.pp b/manifests/haproxy/endpoint.pp index f75f79a..94bfcff 100644 --- a/manifests/loadbalancer/endpoint.pp +++ b/manifests/haproxy/endpoint.pp @@ -13,7 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -# == Class: tripleo::loadbalancer::endpoint +# == Class: tripleo::haproxy::endpoint # # Configure a HAProxy listen endpoint # @@ -68,7 +68,7 @@ # Certificate path used to enable TLS for the internal proxy endpoint. # Defaults to undef. # -define tripleo::loadbalancer::endpoint ( +define tripleo::haproxy::endpoint ( $internal_ip, $service_port, $ip_addresses, diff --git a/manifests/keepalived.pp b/manifests/keepalived.pp new file mode 100644 index 0000000..45d772e --- /dev/null +++ b/manifests/keepalived.pp @@ -0,0 +1,144 @@ +# Copyright 2014 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# == Class: tripleo::keepalived +# +# Configure keepalived for TripleO. +# +# === Parameters: +# +# [*controller_virtual_ip*] +# Control IP or group of IPs to bind the pools +# Can be a string or an array. +# Defaults to undef +# +# [*control_virtual_interface*] +# Interface to bind the control VIP +# Can be a string or an array. +# Defaults to undef +# +# [*public_virtual_interface*] +# Interface to bind the public VIP +# Can be a string or an array. +# Defaults to undef +# +# [*public_virtual_ip*] +# Public IP or group of IPs to bind the pools +# Can be a string or an array. +# Defaults to undef +# +# [*internal_api_virtual_ip*] +# Virtual IP on the internal API network. +# A string. +# Defaults to false +# +# [*storage_virtual_ip*] +# Virtual IP on the storage network. +# A string. +# Defaults to false +# +# [*storage_mgmt_virtual_ip*] +# Virtual IP on the storage mgmt network. +# A string. +# Defaults to false +# +class tripleo::keepalived ( + $controller_virtual_ip, + $control_virtual_interface, + $public_virtual_interface, + $public_virtual_ip, + $internal_api_virtual_ip = false, + $storage_virtual_ip = false, + $storage_mgmt_virtual_ip = false, +) { + + case $::osfamily { + 'RedHat': { + $keepalived_name_is_process = false + $keepalived_vrrp_script = 'systemctl status haproxy.service' + } # RedHat + 'Debian': { + $keepalived_name_is_process = true + $keepalived_vrrp_script = undef + } + default: { + warning('Please configure keepalived defaults in tripleo::keepalived.') + $keepalived_name_is_process = undef + $keepalived_vrrp_script = undef + } + } + + class { '::keepalived': } + keepalived::vrrp_script { 'haproxy': + name_is_process => $keepalived_name_is_process, + script => $keepalived_vrrp_script, + } + + # KEEPALIVE INSTANCE CONTROL + keepalived::instance { '51': + interface => $control_virtual_interface, + virtual_ips => [join([$controller_virtual_ip, ' dev ', $control_virtual_interface])], + state => 'MASTER', + track_script => ['haproxy'], + priority => 101, + } + + # KEEPALIVE INSTANCE PUBLIC + keepalived::instance { '52': + interface => $public_virtual_interface, + virtual_ips => [join([$public_virtual_ip, ' dev ', $public_virtual_interface])], + state => 'MASTER', + track_script => ['haproxy'], + priority => 101, + } + + + if $internal_api_virtual_ip and $internal_api_virtual_ip != $controller_virtual_ip { + $internal_api_virtual_interface = interface_for_ip($internal_api_virtual_ip) + # KEEPALIVE INTERNAL API NETWORK + keepalived::instance { '53': + interface => $internal_api_virtual_interface, + virtual_ips => [join([$internal_api_virtual_ip, ' dev ', $internal_api_virtual_interface])], + state => 'MASTER', + track_script => ['haproxy'], + priority => 101, + } + } + + if $storage_virtual_ip and $storage_virtual_ip != $controller_virtual_ip { + $storage_virtual_interface = interface_for_ip($storage_virtual_ip) + # KEEPALIVE STORAGE NETWORK + keepalived::instance { '54': + interface => $storage_virtual_interface, + virtual_ips => [join([$storage_virtual_ip, ' dev ', $storage_virtual_interface])], + state => 'MASTER', + track_script => ['haproxy'], + priority => 101, + } + } + + if $storage_mgmt_virtual_ip and $storage_mgmt_virtual_ip != $controller_virtual_ip { + $storage_mgmt_virtual_interface = interface_for_ip($storage_mgmt_virtual_ip) + # KEEPALIVE STORAGE MANAGEMENT NETWORK + keepalived::instance { '55': + interface => $storage_mgmt_virtual_interface, + virtual_ips => [join([$storage_mgmt_virtual_ip, ' dev ', $storage_mgmt_virtual_interface])], + state => 'MASTER', + track_script => ['haproxy'], + priority => 101, + } + } + +} diff --git a/manifests/profile/base/ceilometer.pp b/manifests/profile/base/ceilometer.pp new file mode 100644 index 0000000..97e1bb8 --- /dev/null +++ b/manifests/profile/base/ceilometer.pp @@ -0,0 +1,41 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ceilometer +# +# Ceilometer profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to true +# +class tripleo::profile::base::ceilometer ( + $step = hiera('step'), + $sync_db = true, +) { + + if $step >= 4 or ($step >= 3 and $sync_db) { + include ::ceilometer + include ::ceilometer::db + include ::ceilometer::config + } + +} diff --git a/manifests/profile/base/ceilometer/agent/central.pp b/manifests/profile/base/ceilometer/agent/central.pp new file mode 100644 index 0000000..02d6d1a --- /dev/null +++ b/manifests/profile/base/ceilometer/agent/central.pp @@ -0,0 +1,38 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ceilometer::agent::central +# +# Ceilometer Central Agent profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::base::ceilometer::agent::central ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::ceilometer + + if $step >= 4 { + include ::ceilometer::agent::auth + include ::ceilometer::agent::central + } + +} diff --git a/manifests/profile/base/ceilometer/agent/compute.pp b/manifests/profile/base/ceilometer/agent/compute.pp new file mode 100644 index 0000000..3a7aa50 --- /dev/null +++ b/manifests/profile/base/ceilometer/agent/compute.pp @@ -0,0 +1,38 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ceilometer::agent::compute +# +# Ceilometer Compute Agent profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::base::ceilometer::agent::compute ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::ceilometer + + if $step >= 4 { + include ::ceilometer::agent::auth + include ::ceilometer::agent::compute + } + +} diff --git a/manifests/profile/base/ceilometer/agent/notification.pp b/manifests/profile/base/ceilometer/agent/notification.pp new file mode 100644 index 0000000..83a0234 --- /dev/null +++ b/manifests/profile/base/ceilometer/agent/notification.pp @@ -0,0 +1,38 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ceilometer::agent::notification +# +# Ceilometer Notification Agent profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::base::ceilometer::agent::notification ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::ceilometer + + if $step >= 4 { + include ::ceilometer::agent::auth + include ::ceilometer::agent::notification + } + +} diff --git a/manifests/profile/base/ceilometer/api.pp b/manifests/profile/base/ceilometer/api.pp new file mode 100644 index 0000000..e324c00 --- /dev/null +++ b/manifests/profile/base/ceilometer/api.pp @@ -0,0 +1,37 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ceilometer::api +# +# Ceilometer API profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::base::ceilometer::api ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::ceilometer + + if $step >= 4 { + include ::ceilometer::api + } + +} diff --git a/manifests/profile/base/ceilometer/collector.pp b/manifests/profile/base/ceilometer/collector.pp new file mode 100644 index 0000000..34ee90b --- /dev/null +++ b/manifests/profile/base/ceilometer/collector.pp @@ -0,0 +1,50 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ceilometer::collector +# +# Ceilometer Collector profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to true +# + +class tripleo::profile::base::ceilometer::collector ( + $step = hiera('step'), + $sync_db = true, +) { + + include ::tripleo::profile::base::ceilometer + + if $step >= 3 and $sync_db { + $ceilometer_backend = downcase(hiera('ceilometer_backend', 'mongodb')) + if $ceilometer_backend == 'mysql' { + include ::ceilometer::db::mysql + } + } + + if $step >= 4 { + include ::ceilometer::collector + include ::ceilometer::dispatcher::gnocchi + } + +} diff --git a/manifests/profile/base/ceilometer/expirer.pp b/manifests/profile/base/ceilometer/expirer.pp new file mode 100644 index 0000000..43d8c26 --- /dev/null +++ b/manifests/profile/base/ceilometer/expirer.pp @@ -0,0 +1,38 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ceilometer::expirer +# +# Ceilometer Expirer profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::base::ceilometer::expirer ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::ceilometer + + if $step >= 4 { + include ::ceilometer::expirer + Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } + } + +} diff --git a/manifests/profile/base/ceph.pp b/manifests/profile/base/ceph.pp new file mode 100644 index 0000000..94166ac --- /dev/null +++ b/manifests/profile/base/ceph.pp @@ -0,0 +1,80 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ceph +# +# Ceph base profile for tripleo +# +# === Parameters +# +# [*ceph_ipv6*] +# (Optional) Force daemons to bind on IPv6 addresses +# Defaults to false +# +# [*ceph_mon_initial_members*] +# (Optional) List of IP addresses to use as mon_initial_members +# Defaults to undef +# +# [*ceph_mon_host*] +# (Optional) List of IP addresses to use as mon_host +# Deftauls to undef +# +# [*ceph_mon_host_v6*] +# (Optional) List of IPv6 addresses, surrounded by brackets, used as +# mon_host when ceph_ipv6 is true +# Defaults to undef +# +# [*enable_ceph_storage*] +# (Optional) enable_ceph_storage +# Deprecated: defaults to false +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::ceph ( + $ceph_ipv6 = false, + $ceph_mon_initial_members = undef, + $ceph_mon_host = undef, + $ceph_mon_host_v6 = undef, + $enable_ceph_storage = false, + $step = hiera('step'), +) { + + if $step >= 2 { + if $ceph_mon_initial_members { + $mon_initial_members = downcase($ceph_mon_initial_members) + } else { + $mon_initial_members = undef + } + if $ceph_ipv6 { + $mon_host = $ceph_mon_host_v6 + } else { + $mon_host = $ceph_mon_host + } + + class { '::ceph::profile::params': + mon_initial_members => $mon_initial_members, + mon_host => $mon_host, + } + + include ::ceph::conf + } + + # TODO: deprecated boolean + if $enable_ceph_storage { + include ::tripleo::profile::base::ceph::osd + } +} diff --git a/manifests/profile/base/ceph/client.pp b/manifests/profile/base/ceph/client.pp new file mode 100644 index 0000000..851324a --- /dev/null +++ b/manifests/profile/base/ceph/client.pp @@ -0,0 +1,35 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ceph::client +# +# Ceph client profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::ceph::client ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::ceph + + if $step >= 2 { + include ::ceph::profile::client + } +} diff --git a/manifests/profile/base/ceph/mon.pp b/manifests/profile/base/ceph/mon.pp new file mode 100644 index 0000000..48c3721 --- /dev/null +++ b/manifests/profile/base/ceph/mon.pp @@ -0,0 +1,48 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ceph::mon +# +# Ceph Monitor profile for tripleo +# +# === Parameters +# +# [*ceph_pools*] +# (Optional) List of pools to create +# Defaults to [] +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::ceph::mon ( + $ceph_pools = [], + $step = hiera('step'), +) { + + include ::tripleo::profile::base::ceph + + if $step >= 2 { + include ::ceph::profile::mon + } + + if $step >= 4 { + ceph::pool { $ceph_pools : + pg_num => hiera('ceph::profile::params::osd_pool_default_pg_num'), + pgp_num => hiera('ceph::profile::params::osd_pool_default_pgp_num'), + size => hiera('ceph::profile::params::osd_pool_default_size'), + } + } +} diff --git a/manifests/profile/base/ceph/osd.pp b/manifests/profile/base/ceph/osd.pp new file mode 100644 index 0000000..a9224d3 --- /dev/null +++ b/manifests/profile/base/ceph/osd.pp @@ -0,0 +1,54 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ceph::osd +# +# Ceph OSD profile for tripleo +# +# === Parameters +# +# [*ceph_osd_selinux_permissive*] +# (Optional) Wheter to configure SELinux in permissive mode +# Default to false +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::ceph::osd ( + $ceph_osd_selinux_permissive = false, + $step = hiera('step'), +) { + + include ::tripleo::profile::base::ceph + + if $step >= 2 { + if $ceph_osd_selinux_permissive { + exec { 'set selinux to permissive on boot': + command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config", + onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config", + path => ['/usr/bin', '/usr/sbin'], + } + + exec { 'set selinux to permissive': + command => 'setenforce 0', + onlyif => "which setenforce && getenforce | grep -i 'enforcing'", + path => ['/usr/bin', '/usr/sbin'], + } -> Class['ceph::profile::osd'] + } + + include ::ceph::profile::osd + } +} diff --git a/manifests/profile/base/cinder.pp b/manifests/profile/base/cinder.pp new file mode 100644 index 0000000..27dc277 --- /dev/null +++ b/manifests/profile/base/cinder.pp @@ -0,0 +1,52 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::cinder +# +# Cinder common profile for tripleo +# +# === Parameters +# +# [*cinder_enable_db_purge*] +# (Optional) Wheter to enable db purging +# Defaults to true +# +# [*pacemaker_master*] +# (Optional) The master node runs some tasks +# one step earlier than others; disable to +# the node is not the master. +# Defaults to true +# +# [*step*] +# (Optional) The current step of the deployment +# Defaults to hiera('step') +# +class tripleo::profile::base::cinder ( + $cinder_enable_db_purge = true, + $pacemaker_master = true, + $step = hiera('step'), +) { + + if $step >= 4 or ($step >= 3 and $pacemaker_master) { + include ::cinder + include ::cinder::config + } + + if $step >= 5 { + if $cinder_enable_db_purge { + include ::cinder::cron::db_purge + } + } + +} diff --git a/manifests/profile/base/cinder/api.pp b/manifests/profile/base/cinder/api.pp new file mode 100644 index 0000000..a2da25f --- /dev/null +++ b/manifests/profile/base/cinder/api.pp @@ -0,0 +1,49 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::cinder::api +# +# Cinder API profile for tripleo +# +# === Parameters +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to true +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::cinder::api ( + $sync_db = true, + $step = hiera('step'), +) { + + class { '::tripleo::profile::base::cinder': + pacemaker_master => $sync_db, + } + + if $step >= 3 and $sync_db { + include ::cinder::db::mysql + } + + if $step >= 4 or ($step >= 3 and $sync_db) { + include ::cinder::api + include ::cinder::ceilometer + include ::cinder::glance + } + +} diff --git a/manifests/profile/base/cinder/scheduler.pp b/manifests/profile/base/cinder/scheduler.pp new file mode 100644 index 0000000..68f2813 --- /dev/null +++ b/manifests/profile/base/cinder/scheduler.pp @@ -0,0 +1,36 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::cinder::scheduler +# +# Cinder Scheduler profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::cinder::scheduler ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::cinder + + if $step >= 4 { + include ::cinder::scheduler + } + +} diff --git a/manifests/profile/base/cinder/volume.pp b/manifests/profile/base/cinder/volume.pp new file mode 100644 index 0000000..96cd06a --- /dev/null +++ b/manifests/profile/base/cinder/volume.pp @@ -0,0 +1,118 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::cinder::volume +# +# Cinder Volume profile for tripleo +# +# === Parameters +# +# [*cinder_enable_dellsc_backend*] +# (Optional) Whether to enable the delsc backend +# Defaults to true +# +# [*cinder_enable_eqlx_backend*] +# (Optional) Whether to enable the eqlx backend +# Defaults to true +# +# [*cinder_enable_iscsi_backend*] +# (Optional) Whether to enable the iscsi backend +# Defaults to true +# +# [*cinder_enable_netapp_backend*] +# (Optional) Whether to enable the netapp backend +# Defaults to true +# +# [*cinder_enable_nfs_backend*] +# (Optional) Whether to enable the nfs backend +# Defaults to true +# +# [*cinder_enable_rbd_backend*] +# (Optional) Whether to enable the rbd backend +# Defaults to true +# +# [*cinder_user_enabled_backends*] +# (Optional) List of additional backend stanzas to activate +# Defaults to hiera('cinder_user_enabled_backends') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::cinder::volume ( + $cinder_enable_dellsc_backend = false, + $cinder_enable_eqlx_backend = false, + $cinder_enable_iscsi_backend = true, + $cinder_enable_netapp_backend = false, + $cinder_enable_nfs_backend = false, + $cinder_enable_rbd_backend = false, + $cinder_user_enabled_backends = hiera('cinder_user_enabled_backends', undef), + $step = hiera('step'), +) { + + include ::tripleo::profile::base::cinder + + if $step >= 4 { + include ::cinder::volume + + if $cinder_enable_dellsc_backend { + include ::tripleo::profile::base::cinder::volume::dellsc + $cinder_dellsc_backend_name = hiera('cinder::backend::dellsc_iscsi::volume_backend_name', 'tripleo_dellsc') + } else { + $cinder_dellsc_backend_name = undef + } + + if $cinder_enable_eqlx_backend { + include ::tripleo::profile::base::cinder::volume::eqlx + $cinder_eqlx_backend_name = hiera('cinder::backend::eqlx::volume_backend_name', 'tripleo_eqlx') + } else { + $cinder_eqlx_backend_name = undef + } + + if $cinder_enable_iscsi_backend { + include ::tripleo::profile::base::cinder::volume::iscsi + $cinder_iscsi_backend_name = hiera('cinder::backend::iscsi::volume_backend_name', 'tripleo_iscsi') + } else { + $cinder_iscsi_backend_name = undef + } + + if $cinder_enable_netapp_backend { + include ::tripleo::profile::base::cinder::volume::netapp + $cinder_netapp_backend_name = hiera('cinder::backend::netapp::volume_backend_name', 'tripleo_netapp') + } else { + $cinder_netapp_backend_name = undef + } + + if $cinder_enable_nfs_backend { + include ::tripleo::profile::base::cinder::volume::nfs + $cinder_nfs_backend_name = hiera('cinder::backend::nfs::volume_backend_name', 'tripleo_nfs') + } else { + $cinder_nfs_backend_name = undef + } + + if $cinder_enable_rbd_backend { + include ::tripleo::profile::base::cinder::volume::rbd + $cinder_rbd_backend_name = hiera('cinder::backend::rbd::volume_backend_name', 'tripleo_ceph') + } else { + $cinder_rbd_backend_name = undef + } + + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend_name, $cinder_rbd_backend_name, $cinder_eqlx_backend_name, $cinder_dellsc_backend_name, $cinder_netapp_backend_name, $cinder_nfs_backend_name, $cinder_user_enabled_backends]) + class { '::cinder::backends' : + enabled_backends => $cinder_enabled_backends, + } + } + +} diff --git a/manifests/profile/base/cinder/volume/dellsc.pp b/manifests/profile/base/cinder/volume/dellsc.pp new file mode 100644 index 0000000..6f7922d --- /dev/null +++ b/manifests/profile/base/cinder/volume/dellsc.pp @@ -0,0 +1,51 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::cinder::volume::dellsc +# +# Cinder Volume dellsc profile for tripleo +# +# === Parameters +# +# [*backend_name*] +# (Optional) Name given to the Cinder backend stanza +# Defaults to 'tripleo_dellsc' +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::cinder::volume::dellsc ( + $backend_name = hiera('cinder::backend::dellsc_iscsi::volume_backend_name', 'tripleo_dellsc'), + $step = hiera('step'), +) { + + include ::tripleo::profile::base::cinder::volume + + if $step >= 4 { + cinder::backend::dellsc_iscsi { $backend_name : + san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef), + san_login => hiera('cinder::backend::dellsc_iscsi::san_login', undef), + san_password => hiera('cinder::backend::dellsc_iscsi::san_password', undef), + dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef), + iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef), + iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef), + dell_sc_api_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_api_port', undef), + dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef), + dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef), + } + } + +} diff --git a/manifests/profile/base/cinder/volume/eqlx.pp b/manifests/profile/base/cinder/volume/eqlx.pp new file mode 100644 index 0000000..a18270d --- /dev/null +++ b/manifests/profile/base/cinder/volume/eqlx.pp @@ -0,0 +1,51 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::cinder::volume::eqlx +# +# Cinder Volume eqlx profile for tripleo +# +# === Parameters +# +# [*backend_name*] +# (Optional) Name given to the Cinder backend stanza +# Defaults to 'tripleo_eqlx' +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::cinder::volume::eqlx ( + $backend_name = hiera('cinder::backend::eqlx::volume_backend_name', 'tripleo_eqlx'), + $step = hiera('step'), +) { + + include ::tripleo::profile::base::cinder::volume + + if $step >= 4 { + cinder::backend::eqlx { $backend_name : + san_ip => hiera('cinder::backend::eqlx::san_ip', undef), + san_login => hiera('cinder::backend::eqlx::san_login', undef), + san_password => hiera('cinder::backend::eqlx::san_password', undef), + san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef), + eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef), + eqlx_pool => hiera('cinder::backend::eqlx::eqlx_pool', undef), + eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef), + eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef), + eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef), + } + } + +} diff --git a/manifests/profile/base/cinder/volume/iscsi.pp b/manifests/profile/base/cinder/volume/iscsi.pp new file mode 100644 index 0000000..d857caa --- /dev/null +++ b/manifests/profile/base/cinder/volume/iscsi.pp @@ -0,0 +1,62 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::cinder::volume::iscsi +# +# Cinder Volume iscsi profile for tripleo +# +# === Parameters +# +# [*cinder_iscsi_address*] +# The address where to bind the iscsi targets daemon +# +# [*cinder_iscsi_helper*] +# (Optional) The iscsi helper to use +# Defaults to 'tgtadm' +# +# [*cinder_lvm_loop_device_size*] +# (Optional) The size (in MB) of the LVM loopback volume +# Defaults to '10280' +# +# [*backend_name*] +# (Optional) Name given to the Cinder backend stanza +# Defaults to 'tripleo_iscsi' +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::cinder::volume::iscsi ( + $cinder_iscsi_address, + $cinder_iscsi_helper = 'tgtadm', + $cinder_lvm_loop_device_size = '10280', + $backend_name = hiera('cinder::backend::iscsi::volume_backend_name', 'tripleo_iscsi'), + $step = hiera('step'), +) { + + include ::tripleo::profile::base::cinder::volume + + if $step >= 4 { + class { '::cinder::setup_test_volume': + size => join([$cinder_lvm_loop_device_size, 'M']), + } + + cinder::backend::iscsi { $backend_name : + iscsi_ip_address => $cinder_iscsi_address, + iscsi_helper => $cinder_iscsi_helper, + } + } + +} diff --git a/manifests/profile/base/cinder/volume/netapp.pp b/manifests/profile/base/cinder/volume/netapp.pp new file mode 100644 index 0000000..bae541f --- /dev/null +++ b/manifests/profile/base/cinder/volume/netapp.pp @@ -0,0 +1,66 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::cinder::volume::netapp +# +# Cinder Volume netapp profile for tripleo +# +# === Parameters +# +# [*backend_name*] +# (Optional) Name given to the Cinder backend stanza +# Defaults to 'tripleo_netapp' +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::cinder::volume::netapp ( + $backend_name = hiera('cinder::backend::netapp::volume_backend_name', 'tripleo_netapp'), + $step = hiera('step'), +) { + + include ::tripleo::profile::base::cinder::volume + + if $step >= 4 { + if hiera('cinder::backend::netapp::nfs_shares', undef) { + $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',') + } + + cinder::backend::netapp { $backend_name : + netapp_login => hiera('cinder::backend::netapp::netapp_login', undef), + netapp_password => hiera('cinder::backend::netapp::netapp_password', undef), + netapp_server_hostname => hiera('cinder::backend::netapp::netapp_server_hostname', undef), + netapp_server_port => hiera('cinder::backend::netapp::netapp_server_port', undef), + netapp_size_multiplier => hiera('cinder::backend::netapp::netapp_size_multiplier', undef), + netapp_storage_family => hiera('cinder::backend::netapp::netapp_storage_family', undef), + netapp_storage_protocol => hiera('cinder::backend::netapp::netapp_storage_protocol', undef), + netapp_transport_type => hiera('cinder::backend::netapp::netapp_transport_type', undef), + netapp_vfiler => hiera('cinder::backend::netapp::netapp_vfiler', undef), + netapp_volume_list => hiera('cinder::backend::netapp::netapp_volume_list', undef), + netapp_vserver => hiera('cinder::backend::netapp::netapp_vserver', undef), + netapp_partner_backend_name => hiera('cinder::backend::netapp::netapp_partner_backend_name', undef), + nfs_shares => $cinder_netapp_nfs_shares, + nfs_shares_config => hiera('cinder::backend::netapp::nfs_shares_config', undef), + netapp_copyoffload_tool_path => hiera('cinder::backend::netapp::netapp_copyoffload_tool_path', undef), + netapp_controller_ips => hiera('cinder::backend::netapp::netapp_controller_ips', undef), + netapp_sa_password => hiera('cinder::backend::netapp::netapp_sa_password', undef), + netapp_storage_pools => hiera('cinder::backend::netapp::netapp_storage_pools', undef), + netapp_eseries_host_type => hiera('cinder::backend::netapp::netapp_eseries_host_type', undef), + netapp_webservice_path => hiera('cinder::backend::netapp::netapp_webservice_path', undef), + } + } + +} diff --git a/manifests/profile/base/cinder/volume/nfs.pp b/manifests/profile/base/cinder/volume/nfs.pp new file mode 100644 index 0000000..a26c50e --- /dev/null +++ b/manifests/profile/base/cinder/volume/nfs.pp @@ -0,0 +1,62 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::cinder::volume::nfs +# +# Cinder Volume nfs profile for tripleo +# +# === Parameters +# +# [*cinder_nfs_mount_options*] +# (Optional) List of mount options for the NFS share +# Defaults to '' +# +# [*cinder_nfs_servers*] +# List of NFS shares to mount +# +# [*backend_name*] +# (Optional) Name given to the Cinder backend stanza +# Defaults to 'tripleo_nfs' +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::cinder::volume::nfs ( + $cinder_nfs_mount_options = '', + $cinder_nfs_servers, + $backend_name = hiera('cinder::backend::nfs::volume_backend_name', 'tripleo_nfs'), + $step = hiera('step'), +) { + + include ::tripleo::profile::base::cinder::volume + + if $step >= 4 { + if str2bool($::selinux) { + selboolean { 'virt_use_nfs': + value => on, + persistent => true, + } -> Package['nfs-utils'] + } + + package {'nfs-utils': } -> + cinder::backend::nfs { $backend_name : + nfs_servers => $cinder_nfs_servers, + nfs_mount_options => $cinder_nfs_mount_options, + nfs_shares_config => '/etc/cinder/shares-nfs.conf', + } + } + +} diff --git a/manifests/profile/base/cinder/volume/rbd.pp b/manifests/profile/base/cinder/volume/rbd.pp new file mode 100644 index 0000000..6c8341a --- /dev/null +++ b/manifests/profile/base/cinder/volume/rbd.pp @@ -0,0 +1,66 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::cinder::volume::rbd +# +# Cinder Volume rbd profile for tripleo +# +# === Parameters +# +# [*cinder_rbd_backend_host*] +# (Optional) String to use as backend_host in the backend stanza +# Defaults to 'cinder::host' +# +# [*cinder_rbd_pool_name*] +# (Optional) The name of the RBD pool to use +# Defaults to 'volumes' +# +# [*cinder_rbd_secret_uuid*] +# (Optional) UUID of the of the libvirt secret storing the Cephx key +# Defaults to 'ceph::profile::params::fsid' +# +# [*cinder_rbd_user_name*] +# (Optional) The user name for the RBD client +# Defaults to 'openstack' +# +# [*backend_name*] +# (Optional) Name given to the Cinder backend stanza +# Defaults to 'tripleo_ceph' +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::cinder::volume::rbd ( + $cinder_rbd_backend_host = hiera('cinder::host', 'hostgroup'), + $cinder_rbd_pool_name = 'volumes', + $cinder_rbd_secret_uuid = hiera('ceph::profile::params::fsid', undef), + $cinder_rbd_user_name = 'openstack', + $backend_name = hiera('cinder::backend::rbd::volume_backend_name', 'tripleo_ceph'), + $step = hiera('step'), +) { + + include ::tripleo::profile::base::cinder::volume + + if $step >= 4 { + cinder::backend::rbd { $backend_name : + backend_host => $cinder_rbd_backend_host, + rbd_pool => $cinder_rbd_pool_name, + rbd_user => $cinder_rbd_user_name, + rbd_secret_uuid => $cinder_rbd_secret_uuid, + } + } + +} diff --git a/manifests/profile/base/database/mongodb.pp b/manifests/profile/base/database/mongodb.pp new file mode 100644 index 0000000..4c53c9c --- /dev/null +++ b/manifests/profile/base/database/mongodb.pp @@ -0,0 +1,54 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::database::mongodb +# +# Mongodb profile for tripleo +# +# === Parameters +# +# [*mongodb_replset*] +# Mongodb replicaset name +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::database::mongodb ( + $mongodb_replset, + $bootstrap_node = downcase(hiera('bootstrap_nodeid')), + $step = hiera('step'), +) { + + if $step >= 2 { + + include ::mongodb::globals + include ::mongodb::client + include ::mongodb::server + + include ::tripleo::profile::base::database::mongodbcommon + + if $bootstrap_node == $::hostname { + mongodb_replset { $mongodb_replset : + members => $tripleo::profile::base::database::mongodbcommon::mongo_node_ips_with_port_nobr, + } + } + + } +} diff --git a/manifests/profile/base/database/mongodbcommon.pp b/manifests/profile/base/database/mongodbcommon.pp new file mode 100644 index 0000000..6530730 --- /dev/null +++ b/manifests/profile/base/database/mongodbcommon.pp @@ -0,0 +1,52 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::database::mongodb +# +# Mongodb profile for tripleo +# +# === Parameters +# +# [*mongodb_node_ips*] +# List of The mongodb node ip addresses +# +# [*mongodb_ipv6_enabled*] +# A boolean value for mongodb server ipv6 is enabled or not +# Defaults to false +# +class tripleo::profile::base::database::mongodbcommon ( + $mongodb_node_ips = hiera('mongo_node_ips'), + $mongodb_ipv6_enabled = false, +) { + + $port = '27017' + + # NOTE(gfidente): the following vars are needed on all nodes so they + # need to stay out of pacemaker_master conditional. + # The addresses mangling will hopefully go away when we'll be able to + # configure the connection string via hostnames, until then, we need to pass + # the list of IPv6 addresses *with* port and without the brackets as 'members' + # argument for the 'mongodb_replset' resource. + if str2bool($mongodb_ipv6_enabled) { + $mongo_node_ips_with_port_prefixed = prefix($mongodb_node_ips, '[') + $mongo_node_ips_with_port = suffix( + $mongo_node_ips_with_port_prefixed, "]:${port}") + $mongo_node_ips_with_port_nobr = suffix($mongodb_node_ips, ":${port}") + } else { + $mongo_node_ips_with_port = suffix($mongodb_node_ips, ":${port}") + $mongo_node_ips_with_port_nobr = suffix($mongodb_node_ips, ":${port}") + } + $mongo_node_string = join($mongo_node_ips_with_port, ',') + +} diff --git a/manifests/profile/base/database/redis.pp b/manifests/profile/base/database/redis.pp new file mode 100644 index 0000000..3a5200c --- /dev/null +++ b/manifests/profile/base/database/redis.pp @@ -0,0 +1,57 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::database::redis +# +# Redis profile for tripleo +# +# === Parameters +# +# [*redis_node_ips*] +# (Optional) List of Redis node ips +# Defaults to hiera('redis_node_ips') +# +# [*bootstrap_nodeid*] +# (Optional) Hostname of Redis master +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::base::database::redis ( + $redis_node_ips = hiera('redis_node_ips'), + $bootstrap_nodeid = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + if $step >= 2 { + if $bootstrap_nodeid == $::hostname { + $slaveof = undef + } else { + $slaveof = "${bootstrap_nodeid} 6379" + } + class { '::redis' : + slaveof => $slaveof, + } + + if count($redis_node_ips) > 1 { + Class['::tripleo::redis_notification'] -> Service['redis-sentinel'] + include ::redis::sentinel + include ::tripleo::redis_notification + } + } +} diff --git a/manifests/profile/base/glance/api.pp b/manifests/profile/base/glance/api.pp index b216665..fd43732 100644 --- a/manifests/profile/base/glance/api.pp +++ b/manifests/profile/base/glance/api.pp @@ -18,14 +18,6 @@ # # === Parameters # -# [*manage_service*] -# (Optional) Whether to manage the glance service -# Defaults to undef -# -# [*enabled*] -# (Optional) Whether to enable the glance service -# Defaults to undef -# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. @@ -36,8 +28,6 @@ # Defaults to downcase(hiera('glance_backend', 'swift')) # class tripleo::profile::base::glance::api ( - $manage_service = undef, - $enabled = undef, $step = hiera('step'), $glance_backend = downcase(hiera('glance_backend', 'swift')), ) { @@ -56,9 +46,7 @@ class tripleo::profile::base::glance::api ( include ::glance include ::glance::config class { '::glance::api': - known_stores => $glance_store, - manage_service => $manage_service, - enabled => $enabled, + stores => $glance_store, } include ::glance::notify::rabbitmq include join(['::glance::backend::', $glance_backend]) diff --git a/manifests/profile/base/glance/registry.pp b/manifests/profile/base/glance/registry.pp index 32ed6b7..774f646 100644 --- a/manifests/profile/base/glance/registry.pp +++ b/manifests/profile/base/glance/registry.pp @@ -22,14 +22,6 @@ # (Optional) Whether to run db sync # Defaults to true # -# [*manage_service*] -# (Optional) Whether to manage the glance service -# Defaults to undef -# -# [*enabled*] -# (Optional) Whether to enable the glance service -# Defaults to undef -# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. @@ -41,13 +33,11 @@ # class tripleo::profile::base::glance::registry ( $sync_db = true, - $manage_service = undef, - $enabled = undef, $step = hiera('step'), $glance_backend = downcase(hiera('glance_backend', 'swift')), ) { - if $step >= 2 and $sync_db { + if $step >= 3 and $sync_db { include ::glance::db::mysql } @@ -57,8 +47,6 @@ class tripleo::profile::base::glance::registry ( include ::glance::config class { '::glance::registry' : sync_db => $sync_db, - manage_service => $manage_service, - enabled => $enabled, } include ::glance::notify::rabbitmq include join(['::glance::backend::', $glance_backend]) diff --git a/manifests/profile/base/gnocchi.pp b/manifests/profile/base/gnocchi.pp new file mode 100644 index 0000000..ee903cb --- /dev/null +++ b/manifests/profile/base/gnocchi.pp @@ -0,0 +1,36 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::gnocchi +# +# Gnocchi profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::base::gnocchi ( + $step = hiera('step'), +) { + + if $step >= 3 { + include ::gnocchi + include ::gnocchi::config + include ::gnocchi::client + } +} diff --git a/manifests/profile/base/gnocchi/api.pp b/manifests/profile/base/gnocchi/api.pp new file mode 100644 index 0000000..d415ee9 --- /dev/null +++ b/manifests/profile/base/gnocchi/api.pp @@ -0,0 +1,58 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::gnocchi::api +# +# Gnocchi profile for tripleo api +# +# === Parameters +# +# [*gnocchi_backend*] +# (Optional) Gnocchi backend string file, swift or rbd +# Defaults to swift +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to undef + +class tripleo::profile::base::gnocchi::api ( + $gnocchi_backend = downcase(hiera('gnocchi_backend', 'swift')), + $step = hiera('step'), + $sync_db = true, +) { + + include ::tripleo::profile::base::gnocchi + + if $step >= 3 and $sync_db { + include ::gnocchi::db::mysql + include ::gnocchi::db::sync + } + + if $step >= 4 { + include ::gnocchi::api + include ::gnocchi::wsgi::apache + include ::gnocchi::storage + case $gnocchi_backend { + 'swift': { include ::gnocchi::storage::swift } + 'file': { include ::gnocchi::storage::file } + 'rbd': { include ::gnocchi::storage::ceph } + default: { fail('Unrecognized gnocchi_backend parameter.') } + } + } +} diff --git a/manifests/profile/base/gnocchi/metricd.pp b/manifests/profile/base/gnocchi/metricd.pp new file mode 100644 index 0000000..29cf882 --- /dev/null +++ b/manifests/profile/base/gnocchi/metricd.pp @@ -0,0 +1,36 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::gnocchi::metricd +# +# Gnocchi metricd profile +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::base::gnocchi::metricd ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::gnocchi + + if $step >= 4 { + include ::gnocchi::metricd + } +} diff --git a/manifests/profile/base/gnocchi/statsd.pp b/manifests/profile/base/gnocchi/statsd.pp new file mode 100644 index 0000000..830a128 --- /dev/null +++ b/manifests/profile/base/gnocchi/statsd.pp @@ -0,0 +1,36 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::gnocchi::statsd +# +# Gnocchi statsd profile +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::base::gnocchi::statsd ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::gnocchi + + if $step >= 4 { + include ::gnocchi::statsd + } +} diff --git a/manifests/profile/base/haproxy.pp b/manifests/profile/base/haproxy.pp new file mode 100644 index 0000000..31a5415 --- /dev/null +++ b/manifests/profile/base/haproxy.pp @@ -0,0 +1,42 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::haproxy +# +# Loadbalancer profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*enable_load_balancer*] +# (Optional) Whether or not loadbalancer is enabled. +# Defaults to hiera('enable_load_balancer', true). +# +class tripleo::profile::base::haproxy ( + $enable_load_balancer = hiera('enable_load_balancer', true), + $step = hiera('step'), +) { + + if $step >= 1 { + if $enable_load_balancer { + include ::tripleo::haproxy + } + } + +} + diff --git a/manifests/profile/base/heat.pp b/manifests/profile/base/heat.pp new file mode 100644 index 0000000..0fc30d8 --- /dev/null +++ b/manifests/profile/base/heat.pp @@ -0,0 +1,72 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::heat +# +# Heat profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*notification_driver*] +# (Optional) Heat notification driver to use. +# Defaults to 'messaging' +# +# [*bootstrap_master*] +# (Optional) The hostname of the node responsible for bootstrapping +# Defaults to downcase(hiera('bootstrap_nodeid')) +# +# [*manage_db_purge*] +# (Optional) Whether keystone token flushing should be enabled +# Defaults to hiera('keystone_enable_db_purge', true) +# +class tripleo::profile::base::heat ( + $step = hiera('step'), + $notification_driver = 'messaging', + $bootstrap_master = downcase(hiera('bootstrap_nodeid')), + $manage_db_purge = hiera('heat_enable_db_purge', true), +) { + + if $step >= 4 { + class { '::heat' : + notification_driver => $notification_driver, + } + include ::heat::config + } + + if $step >= 5 { + if $manage_db_purge { + include ::heat::cron::purge_deleted + } + if $bootstrap_master == $::hostname { + # Class ::heat::keystone::domain has to run on bootstrap node + # because it creates DB entities via API calls. + include ::heat::keystone::domain + + Class['::keystone::roles::admin'] -> Class['::heat::keystone::domain'] + } else { + # On non-bootstrap node we don't need to create Keystone resources again + class { '::heat::keystone::domain': + manage_domain => false, + manage_user => false, + manage_role => false, + } + } + } +} + diff --git a/manifests/profile/base/heat/api.pp b/manifests/profile/base/heat/api.pp new file mode 100644 index 0000000..67a0bfc --- /dev/null +++ b/manifests/profile/base/heat/api.pp @@ -0,0 +1,35 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::heat::api +# +# Heat API profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::heat::api ( + $step = hiera('step'), +) { + + if $step >= 4 { + include ::tripleo::profile::base::heat + include ::heat::api + } +} + diff --git a/manifests/profile/base/heat/api_cfn.pp b/manifests/profile/base/heat/api_cfn.pp new file mode 100644 index 0000000..2813826 --- /dev/null +++ b/manifests/profile/base/heat/api_cfn.pp @@ -0,0 +1,35 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::heat::api_cfn +# +# Heat CloudFormation API profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::heat::api_cfn ( + $step = hiera('step'), +) { + + if $step >= 4 { + include ::tripleo::profile::base::heat + include ::heat::api_cfn + } +} + diff --git a/manifests/profile/base/heat/api_cloudwatch.pp b/manifests/profile/base/heat/api_cloudwatch.pp new file mode 100644 index 0000000..b2adf92 --- /dev/null +++ b/manifests/profile/base/heat/api_cloudwatch.pp @@ -0,0 +1,35 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::heat::api_cloudwatch +# +# Heat CloudWatch API profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::heat::api_cloudwatch ( + $step = hiera('step'), +) { + + if $step >= 4 { + include ::tripleo::profile::base::heat + include ::heat::api_cloudwatch + } +} + diff --git a/manifests/profile/base/heat/engine.pp b/manifests/profile/base/heat/engine.pp new file mode 100644 index 0000000..b48837c --- /dev/null +++ b/manifests/profile/base/heat/engine.pp @@ -0,0 +1,44 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::heat::engine +# +# Heat Engine profile for tripleo +# +# === Parameters +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to undef +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::heat::engine ( + $sync_db = true, + $step = hiera('step'), +) { + + if $step >= 3 and $sync_db { + include ::heat::db::mysql + } + + if $step >= 4 or ( $step >= 3 and $sync_db ) { + include ::tripleo::profile::base::heat + include ::heat::engine + } + +} diff --git a/manifests/profile/base/ironic.pp b/manifests/profile/base/ironic.pp new file mode 100644 index 0000000..139654b --- /dev/null +++ b/manifests/profile/base/ironic.pp @@ -0,0 +1,43 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ironic +# +# Ironic profile for TripleO +# +# === Parameters +# +# [*step*] +# (Optional) The current step of the deployment +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to true +# +class tripleo::profile::base::ironic ( + $step = hiera('step'), + $sync_db = true, +) { + + if $step >= 3 { + include ::ironic + + # Database is accessed by both API and conductor, hence it's here. + if $sync_db { + include ::ironic::db::mysql + include ::ironic::db::sync + } + } +} diff --git a/manifests/profile/base/ironic/api.pp b/manifests/profile/base/ironic/api.pp new file mode 100644 index 0000000..1406e2d --- /dev/null +++ b/manifests/profile/base/ironic/api.pp @@ -0,0 +1,33 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ironic::conductor +# +# Ironic API profile for TripleO +# +# === Parameters +# +# [*step*] +# (Optional) The current step of the deployment +# Defaults to hiera('step') +# +class tripleo::profile::base::ironic::api ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::ironic + if $step >= 4 { + include ::ironic::api + } +} diff --git a/manifests/profile/base/ironic/conductor.pp b/manifests/profile/base/ironic/conductor.pp new file mode 100644 index 0000000..7a587a5 --- /dev/null +++ b/manifests/profile/base/ironic/conductor.pp @@ -0,0 +1,37 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ironic::conductor +# +# Ironic conductor profile for TripleO +# +# === Parameters +# +# [*step*] +# (Optional) The current step of the deployment +# Defaults to hiera('step') +# +class tripleo::profile::base::ironic::conductor ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::ironic + + if $step >= 4 { + include ::ironic::drivers::deploy + include ::ironic::drivers::ipmi + include ::ironic::drivers::pxe + include ::ironic::conductor + } +} diff --git a/manifests/profile/base/keepalived.pp b/manifests/profile/base/keepalived.pp new file mode 100644 index 0000000..af7c095 --- /dev/null +++ b/manifests/profile/base/keepalived.pp @@ -0,0 +1,42 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::keepalived +# +# Loadbalancer profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*enable_load_balancer*] +# (Optional) Whether or not loadbalancer is enabled. +# Defaults to hiera('enable_load_balancer', true). +# +class tripleo::profile::base::keepalived ( + $enable_load_balancer = hiera('enable_load_balancer', true), + $step = hiera('step'), +) { + + if $step >= 1 { + if $enable_load_balancer and hiera('enable_keepalived', true){ + include ::tripleo::keepalived + } + } + +} + diff --git a/manifests/ssl/cinder_config.pp b/manifests/profile/base/kernel.pp index e1ed113..db0280f 100644 --- a/manifests/ssl/cinder_config.pp +++ b/manifests/profile/base/kernel.pp @@ -12,17 +12,15 @@ # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. - -# == Class: tripleo::ssl::cinder_config # -# Enable SSL middleware for the cinder service's pipeline. +# == Class: tripleo::profile::base::kernel +# +# Load and configure Kernel modules. # +class tripleo::profile::base::kernel { + + create_resources(kmod::load, hiera('kernel_modules'), { }) + create_resources(sysctl::value, hiera('sysctl_settings'), { }) + Exec <| tag == 'kmod::load' |> -> Sysctl <| |> -class tripleo::ssl::cinder_config { - cinder_api_paste_ini { - 'filter:ssl_header_handler/paste.filter_factory': - value => 'oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory'; - 'pipeline:apiversions/pipeline': - value => 'ssl_header_handler faultwrap osvolumeversionapp'; - } } diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp index f7674df..706b78f 100644 --- a/manifests/profile/base/keystone.pp +++ b/manifests/profile/base/keystone.pp @@ -22,18 +22,6 @@ # (Optional) Whether to run db sync # Defaults to true # -# [*manage_service*] -# (Optional) Whether to manage the keystone service -# Defaults to undef -# -# [*enabled*] -# (Optional) Whether to enable the keystone service -# Defaults to undef -# -# [*bootstrap_master*] -# (Optional) The hostname of the node responsible for bootstrapping -# Defaults to hiera('bootstrap_nodeid') -# # [*manage_roles*] # (Optional) whether to create keystone admin role # Defaults to true @@ -52,26 +40,21 @@ # Defaults to hiera('step') # class tripleo::profile::base::keystone ( - $sync_db = true, - $manage_service = undef, - $enabled = undef, - $bootstrap_master = undef, - $manage_roles = true, - $manage_endpoint = true, - $manage_db_purge = hiera('keystone_enable_db_purge', true), - $step = hiera('step'), + $sync_db = true, + $manage_roles = true, + $manage_endpoint = true, + $manage_db_purge = hiera('keystone_enable_db_purge', true), + $step = hiera('step'), ) { - if $step >= 2 and $sync_db { + if $step >= 3 and $sync_db { include ::keystone::db::mysql } if $step >= 4 or ( $step >= 3 and $sync_db ) { class { '::keystone': sync_db => $sync_db, - manage_service => $manage_service, - enabled => $enabled, - enable_bootstrap => $bootstrap_master, + enable_bootstrap => $sync_db, } include ::keystone::config @@ -96,21 +79,21 @@ class tripleo::profile::base::keystone ( content => hiera('keystone_signing_certificate'), owner => 'keystone', group => 'keystone', - notify => Service['keystone'], + notify => Service[$::apache::params::service_name], require => File['/etc/keystone/ssl/certs'], } file { '/etc/keystone/ssl/private/signing_key.pem': content => hiera('keystone_signing_key'), owner => 'keystone', group => 'keystone', - notify => Service['keystone'], + notify => Service[$::apache::params::service_name], require => File['/etc/keystone/ssl/private'], } file { '/etc/keystone/ssl/certs/ca.pem': content => hiera('keystone_ca_certificate'), owner => 'keystone', group => 'keystone', - notify => Service['keystone'], + notify => Service[$::apache::params::service_name], require => File['/etc/keystone/ssl/certs'], } } diff --git a/manifests/profile/base/manila/api.pp b/manifests/profile/base/manila/api.pp new file mode 100644 index 0000000..c1188ec --- /dev/null +++ b/manifests/profile/base/manila/api.pp @@ -0,0 +1,35 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::manila::api +# +# Manila API profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::manila::api ( + $step = hiera('step'), +) { + + if $step >= 4 { + include ::manila + include ::manila::api + } +} + diff --git a/manifests/profile/base/manila/scheduler.pp b/manifests/profile/base/manila/scheduler.pp new file mode 100644 index 0000000..b6d7593 --- /dev/null +++ b/manifests/profile/base/manila/scheduler.pp @@ -0,0 +1,46 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::manila::scheduler +# +# Manila Scheduler profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optiona) Whether to run db sync. +# Defaults to true. +# +class tripleo::profile::base::manila::scheduler ( + $step = hiera('step'), + $sync_db = true, +) { + + if $step >= 3 and $sync_db { + include ::manila::db::mysql + } + + if $step >= 4 { + include ::manila::compute::nova + include ::manila::network::neutron + include ::manila::scheduler + } + +} + diff --git a/manifests/profile/base/manila/share.pp b/manifests/profile/base/manila/share.pp new file mode 100644 index 0000000..932e013 --- /dev/null +++ b/manifests/profile/base/manila/share.pp @@ -0,0 +1,35 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::manila::share +# +# Manila share profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::manila::share ( + $step = hiera('step'), +) { + + if $step >= 4 { + include ::manila::share + } + +} + diff --git a/manifests/profile/base/memcached.pp b/manifests/profile/base/memcached.pp new file mode 100644 index 0000000..54d12c8 --- /dev/null +++ b/manifests/profile/base/memcached.pp @@ -0,0 +1,34 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::memcached +# +# Memcached profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# +class tripleo::profile::base::memcached ( + $step = hiera('step'), +) { + + if $step >= 1 { + include ::memcached + } +} diff --git a/manifests/profile/base/neutron.pp b/manifests/profile/base/neutron.pp new file mode 100644 index 0000000..d5efa81 --- /dev/null +++ b/manifests/profile/base/neutron.pp @@ -0,0 +1,37 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron +# +# Neutron server profile for tripleo +# +# === Parameters +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to true +# +# [*step*] +# (Optional) The current step of the deployment +# Defaults to hiera('step') +# +class tripleo::profile::base::neutron ( + $sync_db = true, + $step = hiera('step'), +) { + if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) { + include ::neutron + include ::neutron::config + } +} diff --git a/manifests/profile/base/neutron/dhcp.pp b/manifests/profile/base/neutron/dhcp.pp new file mode 100644 index 0000000..180fd37 --- /dev/null +++ b/manifests/profile/base/neutron/dhcp.pp @@ -0,0 +1,48 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron::dhcp +# +# Neutron DHCP Agent profile for tripleo +# +# === Parameters +# +# [*neutron_dnsmasq_options*] +# (Optional) +# Defaults to hiera('neutron_dnsmasq_options') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::neutron::dhcp ( + $neutron_dnsmasq_options = hiera('neutron_dnsmasq_options', ''), + $step = hiera('step'), +) { + if $step >= 4 { + include ::tripleo::profile::base::neutron + include ::neutron::agents::dhcp + + file { '/etc/neutron/dnsmasq-neutron.conf': + content => $neutron_dnsmasq_options, + owner => 'neutron', + group => 'neutron', + notify => Service['neutron-dhcp-service'], + require => Package['neutron'], + } + + Service<| title == 'neutron-server' |> -> Service <| title == 'neutron-dhcp' |> + } +} diff --git a/manifests/profile/base/neutron/l3.pp b/manifests/profile/base/neutron/l3.pp new file mode 100644 index 0000000..2b57555 --- /dev/null +++ b/manifests/profile/base/neutron/l3.pp @@ -0,0 +1,39 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron::l3 +# +# Neutron L3 Agent server profile for tripleo +# +# === Parameters +# +# [*neutron_ovs_use_veth*] +# (Optional) Whether to set ovs_use_veth (for older kernel support) +# Defaults to hiera('neutron_ovs_use_veth', false) +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::neutron::l3 ( + $step = hiera('step'), +) { + if $step >= 4 { + include ::tripleo::profile::base::neutron + include ::neutron::agents::l3 + + Service<| title == 'neutron-server' |> -> Service <| title == 'neutron-l3' |> + } +} diff --git a/manifests/profile/base/neutron/metadata.pp b/manifests/profile/base/neutron/metadata.pp new file mode 100644 index 0000000..d7b4c99 --- /dev/null +++ b/manifests/profile/base/neutron/metadata.pp @@ -0,0 +1,35 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron::metadata +# +# Neutron Metadata Agent profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::neutron::metadata ( + $step = hiera('step'), +) { + if $step >= 4 { + include ::tripleo::profile::base::neutron + include ::neutron::agents::metadata + + Service<| title == 'neutron-server' |> -> Service<| title == 'neutron-metadata' |> + } +} diff --git a/manifests/profile/base/neutron/midonet.pp b/manifests/profile/base/neutron/midonet.pp new file mode 100644 index 0000000..972856f --- /dev/null +++ b/manifests/profile/base/neutron/midonet.pp @@ -0,0 +1,129 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron::midonet +# +# Midonet Neutron profile for tripleo +# +# === Parameters +# +# [*vip*] +# (Optional) Public Virtual IP Address for this cloud +# Defaults to hiera('public_virtual_ip') +# +# [*keystone_admin_token*] +# (Optional) The Keystone Admin Token +# Defaults to hiera('keystone::admin_token') +# +# [*zookeeper_client_ip*] +# (Optional) The IP of the Zookeeper Client +# Defaults to hiera('neutron::bind_host') +# +# [*zookeeper_hostnames*] +# (Optional) The IPs of the Zookeeper Servers +# Defaults to hiera('controller_node_names') +# +# [*neutron_api_node_ips*] +# (Optional) The IPs of the Neutron API hosts +# Defaults to hiera('neutron_api_node_ips') +# +# [*bind_address*] +# (Optional) The address to bind Cassandra and Midonet API to +# Defaults to hiera('neutron::bind_host') +# +# [*admin_password*] +# (Optional) Admin Password for Midonet API +# Defaults to hiera('admin_password') +# +# [*zk_on_controller*] +# (Optional) Whether to put zookeeper on the controllers +# Defaults to hiera('enable_zookeeper_on_controller') +# +# [*neutron_auth_tenant*] +# (Optional) Tenant to use for Neutron authentication +# Defaults to hiera('neutron::server::auth_tenant') +# +# [*neutron_auth_password*] +# (Optional) Password to use for Neutron authentication +# Defaults to hiera('neutron::server::auth_password') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*step*] +# (Optional) The current step of the deployment +# Defaults to hiera('step') +# +class tripleo::profile::base::neutron::midonet ( + $vip = hiera('public_virtual_ip'), + $keystone_admin_token = hiera('keystone::admin_token', ''), + $zookeeper_client_ip = hiera('neutron::bind_host', ''), + $zookeeper_hostnames = hiera('controller_node_names', ''), + $neutron_api_node_ips = hiera('neutron_api_node_ips', ''), + $bind_address = hiera('neutron::bind_host', ''), + $admin_password = hiera('admin_password', ''), + $zk_on_controller = hiera('enable_zookeeper_on_controller', ''), + $neutron_auth_tenant = hiera('neutron::server::auth_tenant', ''), + $neutron_auth_password = hiera('neutron::server::auth_password', ''), + $step = hiera('step'), +) { + + include ::tripleo::profile::base::neutron + + if $step >= 4 { + class { '::neutron': + service_plugins => [] + } + + # Run zookeeper in the controller if configured + if zk_on_controller { + class {'::tripleo::cluster::zookeeper': + zookeeper_server_ips => $neutron_api_node_ips, + # TODO: create a 'bind' hiera key for zookeeper + zookeeper_client_ip => $zookeeper_client_ip, + zookeeper_hostnames => split($zookeeper_hostnames, ',') + } + } + + # Run cassandra in the controller if configured + if hiera('enable_cassandra_on_controller') { + class {'::tripleo::cluster::cassandra': + cassandra_servers => $neutron_api_node_ips, + cassandra_ip => $bind_address, + } + } + + class {'::tripleo::network::midonet::agent': + zookeeper_servers => $neutron_api_node_ips, + cassandra_seeds => $neutron_api_node_ips + } + + class {'::tripleo::network::midonet::api': + zookeeper_servers => $neutron_api_node_ips, + vip => $vip, + keystone_ip => $vip, + keystone_admin_token => $keystone_admin_token, + bind_address => $bind_address, + admin_password => $admin_password, + } + + class {'::neutron::plugins::midonet': + midonet_api_ip => $vip, + keystone_tenant => $neutron_auth_tenant, + keystone_password => $neutron_auth_password + } + } +} diff --git a/manifests/profile/base/neutron/n1k.pp b/manifests/profile/base/neutron/n1k.pp new file mode 100644 index 0000000..8c8cfbd --- /dev/null +++ b/manifests/profile/base/neutron/n1k.pp @@ -0,0 +1,54 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron::n1k +# +# Neutron N1k Mechanism Driver profile for tripleo +# +# === Parameters +# +# [*n1kv_source*] +# (Optional) The source location for the N1Kv +# Defaults to hiera('n1kv_vem_source', undef) +# +# [*n1kv_version*] +# (Optional) The version of N1Kv to use +# Defaults to hiera('n1kv_vem_version', undef) +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::neutron::n1k ( + $n1kv_source = hiera('n1kv_vem_source', undef), + $n1kv_version = hiera('n1kv_vem_version', undef), + $step = hiera('step'), +) { + include ::neutron::plugins::ml2::cisco::nexus1000v + include ::tripleo::profile::base::neutron + + if $step >= 4 { + class { '::neutron::agents::n1kv_vem': + n1kv_source => $n1kv_source, + n1kv_version => $n1kv_version, + } + + class { '::n1k_vsm': + n1kv_source => $n1kv_source, + n1kv_version => $n1kv_version, + pacemaker_control => false, + } + } +} diff --git a/manifests/profile/base/neutron/ovs.pp b/manifests/profile/base/neutron/ovs.pp new file mode 100644 index 0000000..f801511 --- /dev/null +++ b/manifests/profile/base/neutron/ovs.pp @@ -0,0 +1,39 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron::ovs +# +# Neutron OVS Agent profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::neutron::ovs( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::neutron + + if $step >= 4 { + include ::neutron::agents::ml2::ovs + + # Optional since manage_service may be false and neutron server may not be colocated. + Service<| title == 'neutron-server' |> -> Service<| title == 'neutron-ovs-agent-service' |> + } + +} diff --git a/manifests/profile/base/neutron/plugins/ml2.pp b/manifests/profile/base/neutron/plugins/ml2.pp new file mode 100644 index 0000000..8218c9e --- /dev/null +++ b/manifests/profile/base/neutron/plugins/ml2.pp @@ -0,0 +1,62 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron::plugins::ml2 +# +# Neutron ML2 plugin profile for tripleo +# +# === Parameters +# +# [*mechanism_drivers*] +# (Optional) The mechanism drivers to use with the Ml2 plugin +# Defaults to hiera('neutron::plugins::ml2::mechanism_drivers') +# +# [*sync_db*] +# (Optional) Whether to run Neutron DB sync operations +# Defaults to undef +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::neutron::plugins::ml2 ( + $mechanism_drivers = hiera('neutron::plugins::ml2::mechanism_drivers'), + $sync_db = true, + $step = hiera('step'), +) { + + include ::tripleo::profile::base::neutron + + if $step >= 4 or ( $step >= 3 and $sync_db ) { + include ::neutron::plugins::ml2 + + if 'cisco_n1kv' in $mechanism_drivers { + include ::tripleo::profile::base::neutron::n1k + } + + if 'cisco_ucsm' in $mechanism_drivers { + include ::neutron::plugins::ml2::cisco::ucsm + } + + if 'cisco_nexus' in $mechanism_drivers { + include ::neutron::plugins::ml2::cisco::nexus + include ::neutron::plugins::ml2::cisco::type_nexus_vxlan + } + + if 'bsn_ml2' in $mechanism_drivers { + include ::neutron::plugins::ml2::bigswitch::restproxy + } + } +} diff --git a/manifests/profile/base/neutron/plugins/nuage.pp b/manifests/profile/base/neutron/plugins/nuage.pp new file mode 100644 index 0000000..5d3661e --- /dev/null +++ b/manifests/profile/base/neutron/plugins/nuage.pp @@ -0,0 +1,38 @@ +# Copyright 2014 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron::plugins::nuage +# +# Nuage Neutron profile for tripleo +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run Neutron DB sync operations +# Defaults to undef +# +class tripleo::profile::base::neutron::plugins::nuage ( + $step = hiera('step'), + $sync_db = true, +) { + + include ::tripleo::profile::base::neutron + + if $step >= 4 or ( $step >= 3 and $sync_db ) { + include ::neutron::plugins::nuage + } +} diff --git a/manifests/profile/base/neutron/plugins/opencontrail.pp b/manifests/profile/base/neutron/plugins/opencontrail.pp new file mode 100644 index 0000000..96d7421 --- /dev/null +++ b/manifests/profile/base/neutron/plugins/opencontrail.pp @@ -0,0 +1,38 @@ +# Copyright 2014 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron::plugins::opencontrail +# +# Opencontrail Neutron profile for tripleo +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run Neutron DB sync operations +# Defaults to undef +# +class tripleo::profile::base::neutron::plugins::opencontrail ( + $step = hiera('step'), + $sync_db = true, +) { + + include ::tripleo::profile::base::neutron + + if $step >= 4 or ( $step >= 3 and $sync_db ) { + include ::neutron::plugins::opencontrail + } +} diff --git a/manifests/profile/base/neutron/plugins/plumgrid.pp b/manifests/profile/base/neutron/plugins/plumgrid.pp new file mode 100644 index 0000000..f5cd273 --- /dev/null +++ b/manifests/profile/base/neutron/plugins/plumgrid.pp @@ -0,0 +1,40 @@ +# Copyright 2016 PLUMgrid, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron::plugins::plumgrid +# +# PLUMgrid Neutron profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run Neutron DB sync operations +# Defaults to undef +# +class tripleo::profile::base::neutron::plugins::plumgrid ( + $step = hiera('step'), + $sync_db = true, +) { + + include ::tripleo::profile::base::neutron + + if $step >= 4 or ( $step >= 3 and $sync_db ) { + include ::neutron::plugins::plumgrid + } +} diff --git a/manifests/profile/base/neutron/server.pp b/manifests/profile/base/neutron/server.pp new file mode 100644 index 0000000..8b5539e --- /dev/null +++ b/manifests/profile/base/neutron/server.pp @@ -0,0 +1,41 @@ +# Copyright 2014 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::neutron::server +# +# Neutron server profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::neutron::server ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::neutron + + if $step >= 3 { + include ::neutron::db::mysql + } + + if $step >= 4 { + include ::neutron::server::notifications + include ::neutron::server + } + +} diff --git a/manifests/profile/base/nova.pp b/manifests/profile/base/nova.pp new file mode 100644 index 0000000..52a4c73 --- /dev/null +++ b/manifests/profile/base/nova.pp @@ -0,0 +1,69 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::nova +# +# Nova base profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step of the deployment +# Defaults to hiera('step') +# +# [*manage_migration*] +# (Optional) Whether or not manage Nova Live migration +# Defaults to false +# +# [*libvirt_enabled*] +# (Optional) Whether or not Libvirt is enabled. +# Defaults to false +# +# [*nova_compute_enabled*] +# (Optional) Whether or not nova-compute is enabled. +# Defaults to false +# +class tripleo::profile::base::nova ( + $step = hiera('step'), + $manage_migration = false, + $libvirt_enabled = false, + $nova_compute_enabled = false, +) { + + if hiera('nova::use_ipv6', false) { + $memcached_servers = suffix(hiera('memcache_node_ips_v6'), ':11211') + } else { + $memcached_servers = suffix(hiera('memcache_node_ips'), ':11211') + } + if $step >= 3 { + include ::nova + # TODO(emilien): once we merge https://review.openstack.org/#/c/325983/ + # let's override the value this way. + warning('Overriding memcached_servers from puppet-tripleo until 325983 lands.') + Nova { + memcached_servers => $memcached_servers, + } + include ::nova::config + } + + if $step >= 4 { + if $manage_migration { + class { '::nova::migration::libvirt': + configure_libvirt => $libvirt_enabled, + configure_nova => $nova_compute_enabled, + } + } + } + +} diff --git a/manifests/profile/base/nova/api.pp b/manifests/profile/base/nova/api.pp new file mode 100644 index 0000000..3b36c57 --- /dev/null +++ b/manifests/profile/base/nova/api.pp @@ -0,0 +1,50 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::nova::api +# +# Nova API profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to true +# +class tripleo::profile::base::nova::api ( + $step = hiera('step'), + $sync_db = true, +) { + + include ::tripleo::profile::base::nova + + if $step >= 3 and $sync_db { + include ::nova::db::mysql + include ::nova::db::mysql_api + } + + if $step >= 4 or ($step >= 3 and $sync_db) { + class { '::nova::api': + sync_db => $sync_db, + sync_db_api => $sync_db, + } + include ::nova::network::neutron + } +} + diff --git a/manifests/profile/base/nova/compute.pp b/manifests/profile/base/nova/compute.pp new file mode 100644 index 0000000..16b61df --- /dev/null +++ b/manifests/profile/base/nova/compute.pp @@ -0,0 +1,59 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::nova::compute +# +# Nova Compute profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*cinder_nfs_backend*] +# (Optional) Whether or not Cinder is backed by NFS. +# Defaults to hiera('cinder_enable_nfs_backend', false) +# +class tripleo::profile::base::nova::compute ( + $step = hiera('step'), + $cinder_nfs_backend = hiera('cinder_enable_nfs_backend', false), +) { + + if $step >= 4 { + # deploy basic bits for nova + include ::tripleo::profile::base::nova + + # deploy basic bits for nova-compute + include ::nova::compute + + # deploy bits to connect nova compute to neutron + include ::nova::network::neutron + } + + # If NFS is used as a Cinder backend + if $cinder_nfs_backend { + ensure_packages('nfs-utils', { ensure => present }) + Package['nfs-utils'] -> Service['nova-compute'] + if str2bool($::selinux) { + selboolean { 'virt_use_nfs': + value => on, + persistent => true, + } + Selboolean['virt_use_nfs'] -> Package['nfs-utils'] + } + } + +} diff --git a/manifests/profile/base/nova/compute/libvirt.pp b/manifests/profile/base/nova/compute/libvirt.pp new file mode 100644 index 0000000..5b6f895 --- /dev/null +++ b/manifests/profile/base/nova/compute/libvirt.pp @@ -0,0 +1,66 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::nova::compute::libvirt +# +# Nova Compute Libvirt profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::nova::compute::libvirt ( + $step = hiera('step'), +) { + + if $step >= 4 { + include ::tripleo::profile::base::nova::compute + + # Ceph + Libvirt + $rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false) + $rbd_persistent_storage = hiera('rbd_persistent_storage', false) + if $rbd_ephemeral_storage or $rbd_persistent_storage { + $client_keys = hiera('ceph::profile::params::client_keys') + $client_user = join(['client.', hiera('nova::compute::rbd::libvirt_rbd_user')]) + class { '::nova::compute::rbd': + libvirt_rbd_secret_key => $client_keys[$client_user]['secret'], + } + } + + # TODO(emilien): Some work needs to be done in puppet-nova to separate nova-compute config + # when running libvirt and libvirt itself, so we allow micro-services deployments. + if str2bool(hiera('nova::use_ipv6', false)) { + $vncserver_listen = '::0' + } else { + $vncserver_listen = '0.0.0.0' + } + + if $rbd_ephemeral_storage { + class { '::nova::compute::libvirt': + libvirt_disk_cachemodes => ['network=writeback'], + libvirt_hw_disk_discard => 'unmap', + vncserver_listen => $vncserver_listen, + } + } else { + class { '::nova::compute::libvirt' : + vncserver_listen => $vncserver_listen, + } + } + + } + +} diff --git a/manifests/profile/base/nova/conductor.pp b/manifests/profile/base/nova/conductor.pp new file mode 100644 index 0000000..04c9d06 --- /dev/null +++ b/manifests/profile/base/nova/conductor.pp @@ -0,0 +1,35 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::nova::conductor +# +# Nova Conductor profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::nova::conductor ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::nova + if $step >= 4 { + include ::nova::conductor + } + +} diff --git a/manifests/profile/base/nova/consoleauth.pp b/manifests/profile/base/nova/consoleauth.pp new file mode 100644 index 0000000..442cf84 --- /dev/null +++ b/manifests/profile/base/nova/consoleauth.pp @@ -0,0 +1,35 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::nova::consoleauth +# +# Nova Consoleauth profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::nova::consoleauth ( + $step = hiera('step'), +) { + + if $step >= 4 { + include ::tripleo::profile::base::nova + include ::nova::consoleauth + } + +} diff --git a/manifests/profile/base/nova/libvirt.pp b/manifests/profile/base/nova/libvirt.pp new file mode 100644 index 0000000..29ef372 --- /dev/null +++ b/manifests/profile/base/nova/libvirt.pp @@ -0,0 +1,49 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::nova::libvirt +# +# Libvirt profile for tripleo. It will deploy Libvirt service and configure it. +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::nova::libvirt ( + $step = hiera('step'), +) { + + if $step >= 4 { + include ::tripleo::profile::base::nova + include ::nova::compute::libvirt::services + + file { ['/etc/libvirt/qemu/networks/autostart/default.xml', + '/etc/libvirt/qemu/networks/default.xml']: + ensure => absent, + before => Service['libvirt'], + } + + # in case libvirt has been already running before the Puppet run, make + # sure the default network is destroyed + exec { 'libvirt-default-net-destroy': + command => '/usr/bin/virsh net-destroy default', + onlyif => '/usr/bin/virsh net-info default | /bin/grep -i "^active:\s*yes"', + before => Service['libvirt'], + } + } + +} diff --git a/manifests/profile/base/nova/scheduler.pp b/manifests/profile/base/nova/scheduler.pp new file mode 100644 index 0000000..13b4e82 --- /dev/null +++ b/manifests/profile/base/nova/scheduler.pp @@ -0,0 +1,36 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::nova::scheduler +# +# Nova Scheduler profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::nova::scheduler ( + $step = hiera('step'), +) { + + if $step >= 4 { + include ::tripleo::profile::base::nova + include ::nova::scheduler + include ::nova::scheduler::filter + } + +} diff --git a/manifests/profile/base/nova/vncproxy.pp b/manifests/profile/base/nova/vncproxy.pp new file mode 100644 index 0000000..aa0cc7b --- /dev/null +++ b/manifests/profile/base/nova/vncproxy.pp @@ -0,0 +1,35 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::nova::vncproxy +# +# Nova vncproxy profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::nova::vncproxy ( + $step = hiera('step'), +) { + + if $step >= 4 { + include ::tripleo::profile::base::nova + include ::nova::vncproxy + } + +} diff --git a/manifests/profile/base/rabbitmq.pp b/manifests/profile/base/rabbitmq.pp new file mode 100644 index 0000000..6e86eab --- /dev/null +++ b/manifests/profile/base/rabbitmq.pp @@ -0,0 +1,96 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::rabbitmq +# +# RabbitMQ profile for tripleo +# +# === Parameters +# +# [*nodes*] +# (Optional) Array of host(s) for RabbitMQ nodes. +# Defaults to hiera('rabbit_node_ips', []). +# +# [*ipv6*] +# (Optional) Whether to deploy RabbitMQ on IPv6 network. +# Defaults to str2bool(hiera('rabbit_ipv6', false)). +# +# [*environment*] +# (Optional) RabbitMQ environment. +# Defaults to hiera('rabbitmq_environment'). +# +# [*kernel_variables*] +# (Optional) RabbitMQ environment. +# Defaults to hiera('rabbitmq_environment'). +# +# [*config_variables*] +# (Optional) RabbitMQ environment. +# Defaults to hiera('rabbitmq_config_variables'). +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::rabbitmq ( + $nodes = hiera('rabbit_node_ips', []), + $ipv6 = str2bool(hiera('rabbit_ipv6', false)), + $environment = hiera('rabbitmq_environment'), + $kernel_variables = hiera('rabbitmq_kernel_variables'), + $config_variables = hiera('rabbitmq_config_variables'), + $step = hiera('step'), +) { + + # IPv6 environment, necessary for RabbitMQ. + if $ipv6 { + $rabbit_env = merge($environment, { + 'RABBITMQ_SERVER_START_ARGS' => '"-proto_dist inet6_tcp"' + }) + } else { + $rabbit_env = $environment + } + + $manage_service = hiera('rabbitmq::service_manage', true) + if $step >= 1 { + # Specific configuration for multi-nodes or when running with Pacemaker. + if count($nodes) > 1 or ! $manage_service { + class { '::rabbitmq': + config_cluster => $manage_service, + cluster_nodes => $nodes, + tcp_keepalive => false, + config_kernel_variables => $kernel_variables, + config_variables => $config_variables, + environment_variables => $rabbit_env, + } + # when running multi-nodes without Pacemaker + if $manage_service { + rabbitmq_policy { 'ha-all@/': + pattern => '^(?!amq\.).*', + definition => { + 'ha-mode' => 'all', + }, + } + } + } else { + # Standard configuration + class { '::rabbitmq': + tcp_keepalive => false, + config_kernel_variables => $kernel_variables, + config_variables => $config_variables, + environment_variables => $rabbit_env, + } + } + } + +} diff --git a/manifests/profile/base/sahara.pp b/manifests/profile/base/sahara.pp new file mode 100644 index 0000000..befb5d3 --- /dev/null +++ b/manifests/profile/base/sahara.pp @@ -0,0 +1,31 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::sahara +# +# Sahara server profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step of the deployment +# Defaults to hiera('step') +# +class tripleo::profile::base::sahara ( + $step = hiera('step'), +) { + if $step >= 4 { + include ::sahara + } +} diff --git a/manifests/profile/base/sahara/api.pp b/manifests/profile/base/sahara/api.pp new file mode 100644 index 0000000..e9149b1 --- /dev/null +++ b/manifests/profile/base/sahara/api.pp @@ -0,0 +1,33 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::sahara::api +# +# Sahara API profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::sahara::api ( + $step = hiera('step'), +) { + if $step >= 4 { + include ::tripleo::profile::base::sahara + include ::sahara::api + } +} diff --git a/manifests/profile/base/sahara/engine.pp b/manifests/profile/base/sahara/engine.pp new file mode 100644 index 0000000..28aff7b --- /dev/null +++ b/manifests/profile/base/sahara/engine.pp @@ -0,0 +1,42 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::sahara::engine +# +# Sahara API profile for tripleo +# +# === Parameters +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to true +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::base::sahara::engine ( + $sync_db = true, + $step = hiera('step'), +) { + if $step >= 3 and $sync_db { + include ::sahara::db::mysql + } + + if $step >= 4 or ($step >= 3 and $sync_db) { + include ::tripleo::profile::base::sahara + include ::sahara::engine + } +} diff --git a/manifests/profile/base/snmp.pp b/manifests/profile/base/snmp.pp new file mode 100644 index 0000000..40f7393 --- /dev/null +++ b/manifests/profile/base/snmp.pp @@ -0,0 +1,50 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::snmp +# +# SNMP profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*snmpd_user*] +# The SNMP username +# Defaults to hiera('snmpd_readonly_user_name') +# +# [*snmpd_password*] +# The SNMP password +# Defaults to hiera('snmpd_readonly_user_password') +# +class tripleo::profile::base::snmp ( + $step = hiera('step'), + $snmpd_user = hiera('snmpd_readonly_user_name'), + $snmpd_password = hiera('snmpd_readonly_user_password'), +) { + + if $step >= 4 { + snmp::snmpv3_user { $snmpd_user: + authtype => 'MD5', + authpass => $snmpd_password, + } + class { '::snmp': + agentaddress => ['udp:161','udp6:[::1]:161'], + snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']), join(['rouser ', $snmpd_user]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], + } + } +} diff --git a/manifests/profile/base/swift/proxy.pp b/manifests/profile/base/swift/proxy.pp new file mode 100644 index 0000000..40e61ae --- /dev/null +++ b/manifests/profile/base/swift/proxy.pp @@ -0,0 +1,45 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::swift::proxy +# +# Swift proxy profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# +class tripleo::profile::base::swift::proxy ( + $step = hiera('step'), +) { + + if $step >= 4 { + include ::swift::proxy + include ::swift::proxy::proxy_logging + include ::swift::proxy::healthcheck + include ::swift::proxy::cache + include ::swift::proxy::keystone + include ::swift::proxy::authtoken + include ::swift::proxy::staticweb + include ::swift::proxy::ratelimit + include ::swift::proxy::catch_errors + include ::swift::proxy::tempurl + include ::swift::proxy::formpost + include ::swift::proxy::bulk + } +} diff --git a/manifests/profile/base/swift/storage.pp b/manifests/profile/base/swift/storage.pp new file mode 100644 index 0000000..371cb0d --- /dev/null +++ b/manifests/profile/base/swift/storage.pp @@ -0,0 +1,52 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::swift::storage +# +# Swift storage profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*enable_swift_storage*] +# (Optional) enable_swift_storage +# Deprecated: defaults to true +# +class tripleo::profile::base::swift::storage ( + $step = hiera('step'), + # Deprecated conditional to support ControllerEnableSwiftStorage parameter + $enable_swift_storage = true, +) { + + if $step >= 4 { + if $enable_swift_storage { + include ::swift::storage::all + if(!defined(File['/srv/node'])) { + file { '/srv/node': + ensure => directory, + owner => 'swift', + group => 'swift', + require => Package['openstack-swift'], + } + } + $swift_components = ['account', 'container', 'object'] + swift::storage::filter::recon { $swift_components : } + swift::storage::filter::healthcheck { $swift_components : } + } + } +} diff --git a/manifests/profile/pacemaker/ceilometer.pp b/manifests/profile/pacemaker/ceilometer.pp new file mode 100644 index 0000000..0c21807 --- /dev/null +++ b/manifests/profile/pacemaker/ceilometer.pp @@ -0,0 +1,138 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::ceilometer +# +# Ceilometer Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to undef +# +class tripleo::profile::pacemaker::ceilometer ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), + $sync_db = true, +) { + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::base::ceilometer + + if $step >= 5 and $pacemaker_master { + $ceilometer_backend = downcase(hiera('ceilometer_backend', 'mongodb')) + case $ceilometer_backend { + /mysql/: { + pacemaker::resource::service { $::ceilometer::params::agent_central_service_name: + clone_params => 'interleave=true', + require => Pacemaker::Resource::Ocf['openstack-core'], + } + } + default: { + pacemaker::resource::service { $::ceilometer::params::agent_central_service_name: + clone_params => 'interleave=true', + require => [Pacemaker::Resource::Ocf['openstack-core'], + Pacemaker::Resource::Service[$::mongodb::params::service_name]], + } + } + } + + if $sync_db { + if $ceilometer_backend == 'mysql' { + class { '::ceilometer::db::mysql': + require => Exec['galera-ready'], + } + } + } + + # NOTE(emilien): the constraints won't live forever here as we're moving to + # pacemaker-lite architecture. + + # Fedora doesn't know `require-all` parameter for constraints yet + if $::operatingsystem == 'Fedora' { + $redis_ceilometer_constraint_params = undef + } else { + $redis_ceilometer_constraint_params = 'require-all=false' + } + pacemaker::constraint::base { 'redis-then-ceilometer-central-constraint': + constraint_type => 'order', + first_resource => 'redis-master', + second_resource => "${::ceilometer::params::agent_central_service_name}-clone", + first_action => 'promote', + second_action => 'start', + constraint_params => $redis_ceilometer_constraint_params, + require => [Pacemaker::Resource::Ocf['redis'], + Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name]], + } + pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint': + constraint_type => 'order', + first_resource => 'openstack-core-clone', + second_resource => "${::ceilometer::params::agent_central_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], + Pacemaker::Resource::Ocf['openstack-core']], + } + pacemaker::constraint::base { 'keystone-then-ceilometer-notification-constraint': + constraint_type => 'order', + first_resource => 'openstack-core-clone', + second_resource => "${::ceilometer::params::agent_notification_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], + Pacemaker::Resource::Ocf['openstack-core']], + } + pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint': + constraint_type => 'order', + first_resource => "${::ceilometer::params::agent_central_service_name}-clone", + second_resource => "${::ceilometer::params::collector_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], + Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]], + } + pacemaker::constraint::base { 'ceilometer-collector-then-ceilometer-api-constraint': + constraint_type => 'order', + first_resource => "${::ceilometer::params::collector_service_name}-clone", + second_resource => "${::ceilometer::params::api_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name], + Pacemaker::Resource::Service[$::ceilometer::params::api_service_name]], + } + pacemaker::constraint::colocation { 'ceilometer-api-with-ceilometer-collector-colocation': + source => "${::ceilometer::params::api_service_name}-clone", + target => "${::ceilometer::params::collector_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name], + Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]], + } + } + +} diff --git a/manifests/profile/pacemaker/ceilometer/agent/central.pp b/manifests/profile/pacemaker/ceilometer/agent/central.pp new file mode 100644 index 0000000..e227614 --- /dev/null +++ b/manifests/profile/pacemaker/ceilometer/agent/central.pp @@ -0,0 +1,58 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::ceilometer::agent::central +# +# Ceilometer Central Agent Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::ceilometer::agent::central ( + $pacemaker_master = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + include ::ceilometer::params + include ::tripleo::profile::pacemaker::ceilometer + include ::tripleo::profile::base::ceilometer::agent::central + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + $ceilometer_backend = downcase(hiera('ceilometer_backend', 'mongodb')) + case downcase(hiera('ceilometer_backend')) { + /mysql/: { + pacemaker::resource::service { $::ceilometer::params::agent_central_service_name: + clone_params => 'interleave=true', + require => Pacemaker::Resource::Ocf['openstack-core'], + } + } + default: { + pacemaker::resource::service { $::ceilometer::params::agent_central_service_name: + clone_params => 'interleave=true', + require => [Pacemaker::Resource::Ocf['openstack-core'], + Pacemaker::Resource::Service[$::mongodb::params::service_name]], + } + } + } + } + +} diff --git a/manifests/profile/pacemaker/ceilometer/agent/notification.pp b/manifests/profile/pacemaker/ceilometer/agent/notification.pp new file mode 100644 index 0000000..868bb22 --- /dev/null +++ b/manifests/profile/pacemaker/ceilometer/agent/notification.pp @@ -0,0 +1,45 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::ceilometer::agent::notification +# +# Ceilometer Notification Agent Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::ceilometer::agent::notification ( + $pacemaker_master = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + include ::ceilometer::params + include ::tripleo::profile::pacemaker::ceilometer + include ::tripleo::profile::base::ceilometer::agent::notification + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + pacemaker::resource::service { $::ceilometer::params::agent_notification_service_name : + clone_params => 'interleave=true', + } + } + +} diff --git a/manifests/profile/pacemaker/ceilometer/api.pp b/manifests/profile/pacemaker/ceilometer/api.pp new file mode 100644 index 0000000..cfe103a --- /dev/null +++ b/manifests/profile/pacemaker/ceilometer/api.pp @@ -0,0 +1,52 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::ceilometer::api +# +# Ceilometer API Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::ceilometer::api ( + $pacemaker_master = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + include ::ceilometer::params + include ::tripleo::profile::pacemaker::ceilometer + include ::tripleo::profile::base::ceilometer::api + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + pacemaker::resource::service { $::ceilometer::params::api_service_name : + clone_params => 'interleave=true', + } + pacemaker::constraint::colocation { 'ceilometer-delay-with-ceilometer-api-colocation': + source => 'delay-clone', + target => "${::ceilometer::params::api_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name], + Pacemaker::Resource::Ocf['delay']], + } + } + +} diff --git a/manifests/profile/pacemaker/ceilometer/collector.pp b/manifests/profile/pacemaker/ceilometer/collector.pp new file mode 100644 index 0000000..2a838f2 --- /dev/null +++ b/manifests/profile/pacemaker/ceilometer/collector.pp @@ -0,0 +1,57 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::ceilometer::collector +# +# Ceilometer Collector Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to undef +# +class tripleo::profile::pacemaker::ceilometer::collector ( + $pacemaker_master = hiera('bootstrap_nodeid'), + $step = hiera('step'), + $sync_db = true, +) { + + include ::ceilometer::params + include ::tripleo::profile::pacemaker::ceilometer + + class { '::tripleo::profile::base::ceilometer::collector': + sync_db => (downcase($::hostname) == $pacemaker_master), + } + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + $ceilometer_backend = downcase(hiera('ceilometer_backend', 'mongodb')) + if $ceilometer_backend == 'mysql' { + Exec<| title == 'galera-ready'|> -> Class['ceilometer::db::mysql'] + } + pacemaker::resource::service { $::ceilometer::params::collector_service_name : + clone_params => 'interleave=true', + } + } + +} diff --git a/manifests/profile/pacemaker/cinder/api.pp b/manifests/profile/pacemaker/cinder/api.pp new file mode 100644 index 0000000..2c9cedf --- /dev/null +++ b/manifests/profile/pacemaker/cinder/api.pp @@ -0,0 +1,67 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::cinder::api +# +# Cinder API Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::cinder::api ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + Service <| tag == 'cinder-service' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + class { '::tripleo::profile::base::cinder::api': + sync_db => $pacemaker_master, + } + + if $step >= 5 and $pacemaker_master { + pacemaker::resource::service { $::cinder::params::api_service : + clone_params => 'interleave=true', + require => Pacemaker::Resource::Ocf['openstack-core'], + } + pacemaker::constraint::base { 'keystone-then-cinder-api-constraint': + constraint_type => 'order', + first_resource => 'openstack-core-clone', + second_resource => "${::cinder::params::api_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Ocf['openstack-core'], + Pacemaker::Resource::Service[$::cinder::params::api_service]], + } + } +} diff --git a/manifests/profile/pacemaker/cinder/scheduler.pp b/manifests/profile/pacemaker/cinder/scheduler.pp new file mode 100644 index 0000000..9b79903 --- /dev/null +++ b/manifests/profile/pacemaker/cinder/scheduler.pp @@ -0,0 +1,72 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::cinder::scheduler +# +# Cinder Scheduler Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::cinder::scheduler ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + Service <| tag == 'cinder-service' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::base::cinder::scheduler + + if $step >= 5 and $pacemaker_master { + pacemaker::resource::service { $::cinder::params::scheduler_service : + clone_params => 'interleave=true', + } + pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint': + constraint_type => 'order', + first_resource => "${::cinder::params::api_service}-clone", + second_resource => "${::cinder::params::scheduler_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::cinder::params::api_service], + Pacemaker::Resource::Service[$::cinder::params::scheduler_service]], + } + pacemaker::constraint::colocation { 'cinder-scheduler-with-cinder-api-colocation': + source => "${::cinder::params::scheduler_service}-clone", + target => "${::cinder::params::api_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::cinder::params::api_service], + Pacemaker::Resource::Service[$::cinder::params::scheduler_service]], + } + } + +} diff --git a/manifests/profile/pacemaker/cinder/volume.pp b/manifests/profile/pacemaker/cinder/volume.pp new file mode 100644 index 0000000..a4f251e --- /dev/null +++ b/manifests/profile/pacemaker/cinder/volume.pp @@ -0,0 +1,70 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::cinder::volume +# +# Cinder Volume Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::cinder::volume ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + Service <| tag == 'cinder-service' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::base::cinder::volume + + if $step >= 5 and $pacemaker_master { + pacemaker::resource::service { $::cinder::params::volume_service : } + pacemaker::constraint::base { 'cinder-scheduler-then-cinder-volume-constraint': + constraint_type => 'order', + first_resource => "${::cinder::params::scheduler_service}-clone", + second_resource => $::cinder::params::volume_service, + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service], + Pacemaker::Resource::Service[$::cinder::params::volume_service]], + } + pacemaker::constraint::colocation { 'cinder-volume-with-cinder-scheduler-colocation': + source => $::cinder::params::volume_service, + target => "${::cinder::params::scheduler_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service], + Pacemaker::Resource::Service[$::cinder::params::volume_service]], + } + } + +} diff --git a/manifests/profile/pacemaker/database/mongodb.pp b/manifests/profile/pacemaker/database/mongodb.pp new file mode 100644 index 0000000..15c84d7 --- /dev/null +++ b/manifests/profile/pacemaker/database/mongodb.pp @@ -0,0 +1,74 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::database::mongodb +# +# Mongodb Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*mongodb_replset*] +# Mongodb replicaset name +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::database::mongodb ( + $mongodb_replset, + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + if $step >= 1 { + include ::mongodb::globals + include ::mongodb::client + include ::mongodb::server + } + + if $step >= 2 { + + include ::tripleo::profile::base::database::mongodbcommon + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + if $pacemaker_master { + pacemaker::resource::service { $::mongodb::params::service_name : + op_params => 'start timeout=370s stop timeout=200s', + clone_params => true, + require => Class['::mongodb::server'], + } + # NOTE (spredzy) : The replset can only be run + # once all the nodes have joined the cluster. + tripleo::profile::pacemaker::database::mongodbvalidator { + $tripleo::profile::base::database::mongodbcommon::mongodb_node_ips : + port => $tripleo::profile::base::database::mongodbcommon::port, + require => Pacemaker::Resource::Service[$::mongodb::params::service_name], + before => Mongodb_replset[$mongodb_replset], + } + mongodb_replset { $mongodb_replset : + members => $tripleo::profile::base::database::mongodbcommon::mongo_node_ips_with_port_nobr, + } + } + } +} diff --git a/manifests/profile/pacemaker/database/mongodbvalidator.pp b/manifests/profile/pacemaker/database/mongodbvalidator.pp new file mode 100644 index 0000000..95d3bd7 --- /dev/null +++ b/manifests/profile/pacemaker/database/mongodbvalidator.pp @@ -0,0 +1,37 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::database::mongodb::conn_validator +# +# Connection validator for a node that serves MongoDB. This is done to be able +# to iterate through the different servers in a more seamless way. +# +# === Parameters +# +# [*title*] +# the title or namevar of the resource will be used as the server of the +# actual mongodb_conn_validator. +# +# [*port*] +# The port in which the MongoDB server is listening on. +# +define tripleo::profile::pacemaker::database::mongodbvalidator( + $port, +) { + mongodb_conn_validator { "${title}_conn_validator" : + server => $title, + port => $port, + timeout => '600', + } +} diff --git a/manifests/profile/pacemaker/database/redis.pp b/manifests/profile/pacemaker/database/redis.pp new file mode 100644 index 0000000..9bb96ae --- /dev/null +++ b/manifests/profile/pacemaker/database/redis.pp @@ -0,0 +1,63 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::database::redis +# +# OpenStack Redis Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*redis_vip*] +# Redis virtual IP +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*enable_load_balancer*] +# (Optional) Whether load balancing is enabled for this cluster +# Defaults to hiera('enable_load_balancer', true) +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::pacemaker::database::redis ( + $redis_vip, + $bootstrap_node = hiera('bootstrap_nodeid'), + $enable_load_balancer = hiera('enable_load_balancer', true), + $step = hiera('step'), +) { + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + if $step >= 1 { + include ::redis + } + + if $step >= 2 and $pacemaker_master { + pacemaker::resource::ocf { 'redis': + ocf_agent_name => 'heartbeat:redis', + master_params => '', + meta_params => 'notify=true ordered=true interleave=true', + resource_params => 'wait_last_known_master=true', + require => Class['::redis'], + } + } +} diff --git a/manifests/profile/pacemaker/glance.pp b/manifests/profile/pacemaker/glance.pp index cb2add1..10f4f03 100644 --- a/manifests/profile/pacemaker/glance.pp +++ b/manifests/profile/pacemaker/glance.pp @@ -62,20 +62,22 @@ class tripleo::profile::pacemaker::glance ( $glance_file_pcmk_options = hiera('glance_file_pcmk_options', ''), ) { + Service <| tag == 'glance-service' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + if $::hostname == downcase($bootstrap_node) { $pacemaker_master = true } else { $pacemaker_master = false } - class { '::tripleo::profile::base::glance::api': - manage_service => false, - enabled => false, - } + include ::tripleo::profile::base::glance::api class { '::tripleo::profile::base::glance::registry': sync_db => $pacemaker_master, - manage_service => false, - enabled => false, } if $step >= 4 { diff --git a/manifests/profile/pacemaker/gnocchi.pp b/manifests/profile/pacemaker/gnocchi.pp new file mode 100644 index 0000000..ad566b1 --- /dev/null +++ b/manifests/profile/pacemaker/gnocchi.pp @@ -0,0 +1,90 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::gnocchi +# +# Gnocchi Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*gnocchi_indexer_backend*] +# (Optional) Gnocchi indexer backend +# Defaults to mysql +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to undef +# + +class tripleo::profile::pacemaker::gnocchi ( + $gnocchi_indexer_backend = downcase(hiera('gnocchi_indexer_backend', 'mysql')), + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), + $sync_db = true, +) { + + Service <| tag == 'gnocchi-service' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + if $step >= 3 and $sync_db { + include ::gnocchi + include ::gnocchi::config + include ::gnocchi::client + if $gnocchi_indexer_backend == 'mysql' { + class { '::gnocchi::db::mysql': + require => Exec['galera-ready'], + } + } + include ::gnocchi::db::sync + } + + if $step >= 5 and $pacemaker_master { + + pacemaker::constraint::base { 'gnocchi-metricd-then-gnocchi-statsd-constraint': + constraint_type => 'order', + first_resource => "${::gnocchi::params::metricd_service_name}-clone", + second_resource => "${::gnocchi::params::statsd_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::gnocchi::params::metricd_service_name], + Pacemaker::Resource::Service[$::gnocchi::params::statsd_service_name]], + } + pacemaker::constraint::colocation { 'gnocchi-statsd-with-metricd-colocation': + source => "${::gnocchi::params::statsd_service_name}-clone", + target => "${::gnocchi::params::metricd_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::gnocchi::params::metricd_service_name], + Pacemaker::Resource::Service[$::gnocchi::params::statsd_service_name]], + } + } +} diff --git a/manifests/profile/pacemaker/gnocchi/api.pp b/manifests/profile/pacemaker/gnocchi/api.pp new file mode 100644 index 0000000..684527f --- /dev/null +++ b/manifests/profile/pacemaker/gnocchi/api.pp @@ -0,0 +1,46 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::gnocchi::api +# +# Gnocchi profile for tripleo api +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*sync_db*] +# (Optional) Whether to run db sync +# Defaults to undef + +class tripleo::profile::pacemaker::gnocchi::api ( + $pacemaker_master = hiera('bootstrap_nodeid'), + $step = hiera('step'), + $sync_db = true, +) { + + include ::tripleo::profile::pacemaker::gnocchi + + class { '::tripleo::profile::base::gnocchi::api': + step => $step, + sync_db => (downcase($::hostname) == $pacemaker_master), + } +} diff --git a/manifests/profile/pacemaker/gnocchi/metricd.pp b/manifests/profile/pacemaker/gnocchi/metricd.pp new file mode 100644 index 0000000..4ac5e74 --- /dev/null +++ b/manifests/profile/pacemaker/gnocchi/metricd.pp @@ -0,0 +1,47 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::gnocchi::metricd +# +# Gnocchi metricd profile +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::pacemaker::gnocchi::metricd ( + $pacemaker_master = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + include ::gnocchi::params + include ::tripleo::profile::pacemaker::gnocchi + + if $step >= 4 and downcase($::hostname) == $pacemaker_master { + + include ::gnocchi::metricd + + pacemaker::resource::service { $::gnocchi::params::metricd_service_name : + clone_params => 'interleave=true', + } + } +} diff --git a/manifests/profile/pacemaker/gnocchi/statsd.pp b/manifests/profile/pacemaker/gnocchi/statsd.pp new file mode 100644 index 0000000..526dcac --- /dev/null +++ b/manifests/profile/pacemaker/gnocchi/statsd.pp @@ -0,0 +1,47 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::gnocchi::statsd +# +# Gnocchi statsd profile +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# + +class tripleo::profile::pacemaker::gnocchi::statsd ( + $pacemaker_master = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + include ::gnocchi::params + include ::tripleo::profile::pacemaker::gnocchi + + if $step >= 4 and downcase($::hostname) == $pacemaker_master { + + include ::gnocchi::statsd + + pacemaker::resource::service { $::gnocchi::params::statsd_service_name : + clone_params => 'interleave=true', + } + } +} diff --git a/manifests/profile/pacemaker/haproxy.pp b/manifests/profile/pacemaker/haproxy.pp new file mode 100644 index 0000000..a7aca58 --- /dev/null +++ b/manifests/profile/pacemaker/haproxy.pp @@ -0,0 +1,99 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::haproxy +# +# HAproxy with Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*enable_load_balancer*] +# (Optional) Whether load balancing is enabled for this cluster +# Defaults to hiera('enable_load_balancer', true) +# +class tripleo::profile::pacemaker::haproxy ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), + $enable_load_balancer = hiera('enable_load_balancer', true) +) { + + include ::tripleo::profile::base::haproxy + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + if $step >= 2 and $pacemaker_master and $enable_load_balancer { + # FIXME: we should not have to access tripleo::haproxy class + # parameters here to configure pacemaker VIPs. The configuration + # of pacemaker VIPs could move into puppet-tripleo or we should + # make use of less specific hiera parameters here for the settings. + pacemaker::resource::service { 'haproxy': + clone_params => true, + } + + $control_vip = hiera('controller_virtual_ip') + tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_control_vip': + vip_name => 'control', + ip_address => $control_vip, + } + + $public_vip = hiera('public_virtual_ip') + tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_public_vip': + ensure => $public_vip and $public_vip != $control_vip, + vip_name => 'public', + ip_address => $public_vip, + } + + $redis_vip = hiera('redis_vip') + tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_redis_vip': + ensure => $redis_vip and $redis_vip != $control_vip, + vip_name => 'redis', + ip_address => $redis_vip, + } + + $internal_api_vip = hiera('internal_api_virtual_ip') + tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_internal_api_vip': + ensure => $internal_api_vip and $internal_api_vip != $control_vip, + vip_name => 'internal_api', + ip_address => $internal_api_vip, + } + + $storage_vip = hiera('storage_virtual_ip') + tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_storage_vip': + ensure => $storage_vip and $storage_vip != $control_vip, + vip_name => 'storage', + ip_address => $storage_vip, + } + + $storage_mgmt_vip = hiera('storage_mgmt_virtual_ip') + tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_storage_mgmt_vip': + ensure => $storage_mgmt_vip and $storage_mgmt_vip != $control_vip, + vip_name => 'storage_mgmt', + ip_address => $storage_mgmt_vip, + } + } + +} diff --git a/manifests/profile/pacemaker/heat.pp b/manifests/profile/pacemaker/heat.pp new file mode 100644 index 0000000..e72f02a --- /dev/null +++ b/manifests/profile/pacemaker/heat.pp @@ -0,0 +1,46 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::heat +# +# Heat Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::heat ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + Service <| tag == 'heat-service' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + class { '::tripleo::profile::base::heat': + bootstrap_master => $bootstrap_node, + } + +} diff --git a/manifests/profile/pacemaker/heat/api.pp b/manifests/profile/pacemaker/heat/api.pp new file mode 100644 index 0000000..ed9ca5b --- /dev/null +++ b/manifests/profile/pacemaker/heat/api.pp @@ -0,0 +1,50 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::heat +# +# Heat API Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::heat::api ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::pacemaker::heat + include ::tripleo::profile::base::heat::api + + if $step >= 5 and $pacemaker_master { + pacemaker::resource::service { $::heat::params::api_service_name : + clone_params => 'interleave=true', + } + } + +} diff --git a/manifests/profile/pacemaker/heat/api_cfn.pp b/manifests/profile/pacemaker/heat/api_cfn.pp new file mode 100644 index 0000000..d3ba6e4 --- /dev/null +++ b/manifests/profile/pacemaker/heat/api_cfn.pp @@ -0,0 +1,50 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::heat +# +# Heat Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::heat::api_cfn ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::pacemaker::heat + include ::tripleo::profile::base::heat::api_cfn + + if $step >= 5 and $pacemaker_master { + pacemaker::resource::service { $::heat::params::api_cfn_service_name : + clone_params => 'interleave=true', + } + } + +} diff --git a/manifests/profile/pacemaker/heat/api_cloudwatch.pp b/manifests/profile/pacemaker/heat/api_cloudwatch.pp new file mode 100644 index 0000000..a7784fb --- /dev/null +++ b/manifests/profile/pacemaker/heat/api_cloudwatch.pp @@ -0,0 +1,51 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::heat +# +# Heat Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::heat::api_cloudwatch ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::pacemaker::heat + include ::tripleo::profile::base::heat::api_cloudwatch + + if $step >= 5 and $pacemaker_master { + # Heat + pacemaker::resource::service { $::heat::params::api_cloudwatch_service_name : + clone_params => 'interleave=true', + } + } + +} diff --git a/manifests/profile/pacemaker/heat/engine.pp b/manifests/profile/pacemaker/heat/engine.pp new file mode 100644 index 0000000..47b8a09 --- /dev/null +++ b/manifests/profile/pacemaker/heat/engine.pp @@ -0,0 +1,52 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::heat +# +# Heat Engine Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::heat::engine ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::pacemaker::heat + class { '::tripleo::profile::base::heat::engine': + sync_db => $pacemaker_master, + } + + if $step >= 5 and $pacemaker_master { + pacemaker::resource::service { $::heat::params::engine_service_name : + clone_params => 'interleave=true', + } + } + +} diff --git a/manifests/profile/pacemaker/keystone.pp b/manifests/profile/pacemaker/keystone.pp index f2bc827..46a40db 100644 --- a/manifests/profile/pacemaker/keystone.pp +++ b/manifests/profile/pacemaker/keystone.pp @@ -37,27 +37,25 @@ class tripleo::profile::pacemaker::keystone ( $enable_load_balancer = hiera('enable_load_balancer', true) ) { - if $::hostname == downcase($bootstrap_node) { - $pacemaker_master = true - } else { - $pacemaker_master = false + Service <| tag == 'keystone-service' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', } - if $step >= 6 and $pacemaker_master { + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true $manage_roles = true - Pacemaker::Resource::Service[$::apache::params::service_name] -> Class['::keystone::roles::admin'] - Pacemaker::Resource::Service[$::apache::params::service_name] -> Class['::keystone::endpoint'] } else { + $pacemaker_master = false $manage_roles = false } class { '::tripleo::profile::base::keystone': - sync_db => $pacemaker_master, - manage_service => false, - enabled => false, - bootstrap_master => $pacemaker_master, - manage_roles => $manage_roles, - manage_endpoint => $manage_roles + sync_db => $pacemaker_master, + manage_roles => $manage_roles, + manage_endpoint => $manage_roles } if $step >= 5 and $pacemaker_master and $enable_load_balancer { @@ -67,6 +65,7 @@ class tripleo::profile::pacemaker::keystone ( second_resource => 'openstack-core-clone', first_action => 'start', second_action => 'start', + before => Pacemaker::Resource::Service[$::apache::params::service_name], require => [Pacemaker::Resource::Service['haproxy'], Pacemaker::Resource::Ocf['openstack-core']], } @@ -79,6 +78,7 @@ class tripleo::profile::pacemaker::keystone ( second_resource => 'openstack-core-clone', first_action => 'start', second_action => 'start', + before => Pacemaker::Resource::Service[$::apache::params::service_name], require => [Pacemaker::Resource::Ocf['rabbitmq'], Pacemaker::Resource::Ocf['openstack-core']], } diff --git a/manifests/profile/pacemaker/manila.pp b/manifests/profile/pacemaker/manila.pp new file mode 100644 index 0000000..37cab9f --- /dev/null +++ b/manifests/profile/pacemaker/manila.pp @@ -0,0 +1,162 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::manila +# +# Manila Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*manila_generic_enable*] +# (Optional) Enable the generic backend. +# Defaults to hiera('manila_generic_enable_backend', 'false') +# +# [*driver_handles_share_servers*] +# (Optional) +# Defaults to hiera('manila::backend::generic::driver_handles_share_servers') +# +# [*smb_template_config_path*] +# (Optional) +# Defaults to hiera('manila::backend::generic::smb_template_config_path') +# +# [*volume_name_template*] +# (Optional) +# Defaults to hiera('manila::backend::generic::volume_name_template') + +# [*volume_snapshot_name_template*] +# (Optional) +# Defaults to hiera('manila::backend::generic::volume_snapshot_name_template') +# +# [*share_mount_path*] +# (Optional) +# Defaults to hiera('manila::backend::generic::share_mount_path') +# +# [*max_time_to_create_volume*] +# (Optional) +# Defaults to hiera('manila::backend::generic::max_time_to_create_volume') +# +# [*max_time_to_attach*] +# (Optional) +# Defaults to hiera('manila::backend::generic::max_time_to_attach') +# +# [*service_instance_smb_config_path*] +# (Optional) +# Defaults to downcase(hiera('manila::backend::generic::service_instance_smb_config_path')) +# +# [*share_volume_fstype*] +# (Optional) +# Defaults to hiera('manila::backend::generic::share_volume_fstype') +# +# [*cinder_volume_type*] +# (Optional) +# Defaults to hiera('manila::backend::generic::cinder_volume_type', '') +# +# [*service_instance_user*] +# (Optional) +# Defaults to hiera('manila::service_instance::service_instance_user') + +# [*service_instance_password*] +# (Optional) +# Defaults to hiera('manila::service_instance::service_instance_password') + +# [*service_instance_flavor_id*] +# (Optional) +# Defaults to hiera('manila::service_instance::service_instance_flavor_id') +# +class tripleo::profile::pacemaker::manila ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), + $manila_generic_enable = hiera('manila_generic_enable_backend', false), + $driver_handles_share_servers = hiera('manila::backend::generic::driver_handles_share_servers'), + $smb_template_config_path = hiera('manila::backend::generic::smb_template_config_path'), + $volume_name_template = hiera('manila::backend::generic::volume_name_template'), + $volume_snapshot_name_template = hiera('manila::backend::generic::volume_snapshot_name_template'), + $share_mount_path = hiera('manila::backend::generic::share_mount_path'), + $max_time_to_create_volume = hiera('manila::backend::generic::max_time_to_create_volume'), + $max_time_to_attach = hiera('manila::backend::generic::max_time_to_attach'), + $service_instance_smb_config_path = hiera('manila::backend::generic::service_instance_smb_config_path'), + $share_volume_fstype = hiera('manila::backend::generic::share_volume_fstype'), + $cinder_volume_type = hiera('manila::backend::generic::cinder_volume_type', ''), + $service_instance_user = hiera('manila::service_instance::service_instance_user'), + $service_instance_password = hiera('manila::service_instance::service_instance_password'), + $service_instance_flavor_id = hiera('manila::service_instance::service_instance_flavor_id'), +) { + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + # make it so puppet can't restart the manila-share service, since that is + # the only pacemaker managed one + Service <| tag == 'manila-share' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $step >= 4 { + include ::tripleo::profile::base::manila::api + include ::tripleo::profile::base::manila::scheduler + include ::tripleo::profile::base::manila::share + + $manila_generic_enable = hiera('manila_generic_enable_backend', false) + if $manila_generic_enable { + $manila_generic_backend = hiera('manila::backend::generic::title') + manila::backend::generic { $manila_generic_backend : + driver_handles_share_servers => $driver_handles_share_servers, + smb_template_config_path => $smb_template_config_path, + volume_name_template => $volume_name_template , + volume_snapshot_name_template => $volume_snapshot_name_template, + share_mount_path => $share_mount_path, + max_time_to_create_volume => $max_time_to_create_volume, + max_time_to_attach => $max_time_to_attach, + service_instance_smb_config_path => $service_instance_smb_config_path, + share_volume_fstype => $share_volume_fstype, + cinder_volume_type => $cinder_volume_type, + } + + manila_config { + "${manila_generic_backend}/service_instance_user": value => $service_instance_user; + "${manila_generic_backend}/service_instance_password": value => $service_instance_password; + "${manila_generic_backend}/service_instance_flavor_id": value => $service_instance_flavor_id; + } + + include ::manila::volume::cinder + } + + $manila_enabled_backends = delete_undef_values([$manila_generic_backend]) + class { '::manila::backends' : + enabled_share_backends => $manila_enabled_backends, + } + } + + if $step >= 5 and $pacemaker_master { + + # only manila-share is pacemaker managed, and in a/p + pacemaker::resource::service { $::manila::params::share_service : } + + } +} diff --git a/manifests/profile/pacemaker/memcached.pp b/manifests/profile/pacemaker/memcached.pp new file mode 100644 index 0000000..09af5d6 --- /dev/null +++ b/manifests/profile/pacemaker/memcached.pp @@ -0,0 +1,61 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::memcached +# +# Memcached Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::memcached ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::base::memcached + + if $step >= 2 and $pacemaker_master { + pacemaker::resource::service { $::memcached::params::service_name : + clone_params => 'interleave=true', + require => Class['::memcached'], + } + } + + if $step >= 5 and $pacemaker_master { + pacemaker::constraint::base { 'memcached-then-openstack-core-constraint': + constraint_type => 'order', + first_resource => 'memcached-clone', + second_resource => 'openstack-core-clone', + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service['memcached'], + Pacemaker::Resource::Ocf['openstack-core']], + } + } +} diff --git a/manifests/profile/pacemaker/neutron.pp b/manifests/profile/pacemaker/neutron.pp new file mode 100644 index 0000000..fff731d --- /dev/null +++ b/manifests/profile/pacemaker/neutron.pp @@ -0,0 +1,187 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::neutron +# +# Neutron server profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The step in the deployment +# Defaults to hiera('step') +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid', undef) +# +# [*enable_l3*] +# (Optional) Whether to include the Neutron L3 agent pacemaker profile +# Defaults to hiera('neutron::enable_l3_agent', false) +# +# [*enable_dhcp*] +# (Optional) Whether to include the Neutron DHCP agent pacemaker profile +# Defaults to hiera('neutron::enable_dhcp_agent', false) +# +# [*enable_metadata*] +# (Optional) Whether to include the Neutron Metadata agent pacemaker profile +# Defaults to hiera('neutron::enable_metadata_agent', false) +# +# [*enable_ovs*] +# (Optional) Whether to include the Neutron OVS agent pacemaker profile +# Defaults to hiera('neutron::enable_ovs_agent', false) +# +class tripleo::profile::pacemaker::neutron ( + $step = hiera('step'), + $pacemaker_master = hiera('bootstrap_nodeid', undef), + # We can drop the hiera defaults once the neutron roles are decomposed + $enable_l3 = hiera('neutron::enable_l3_agent', false), + $enable_dhcp = hiera('neutron::enable_dhcp_agent', false), + $enable_metadata = hiera('neutron::enable_metadata_agent', false), + $enable_ovs = hiera('neutron::enable_ovs_agent', false), +) { + + Service <| + tag == 'neutron-service' + |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + class { '::tripleo::profile::base::neutron': + sync_db => ($::hostname == downcase($pacemaker_master)), + } + + if $step >= 4 { + include ::neutron::params + + # To be removed when puppet-oslo comes into service + neutron_config { + 'DEFAULT/notification_driver': value => 'messaging'; + } + } + + if $step >= 5 and $pacemaker_master == downcase($::hostname) { + if $step == 5 { + # Neutron + # NOTE(gfidente): Neutron will try to populate the database with some data + # as soon as neutron-server is started; to avoid races we want to make this + # happen only on one node, before normal Pacemaker initialization + # https://bugzilla.redhat.com/show_bug.cgi?id=1233061 + # NOTE(emilien): we need to run this Exec only at Step 4 otherwise this exec + # will try to start the service while it's already started by Pacemaker + # It would result to a deployment failure since systemd would return 1 to Puppet + # and the overcloud would fail to deploy (6 would be returned). + # This conditional prevents from a race condition during the deployment. + # https://bugzilla.redhat.com/show_bug.cgi?id=1290582 + exec { 'neutron-server-systemd-start-sleep' : + command => 'systemctl start neutron-server && /usr/bin/sleep 5', + path => '/usr/bin', + unless => '/sbin/pcs resource show neutron-server', + } -> + pacemaker::resource::service { $::neutron::params::server_service: + clone_params => 'interleave=true', + require => Pacemaker::Resource::Ocf['openstack-core'] + } + } else { + pacemaker::resource::service { $::neutron::params::server_service: + clone_params => 'interleave=true', + require => Pacemaker::Resource::Ocf['openstack-core'] + } + } + + pacemaker::constraint::base { 'keystone-to-neutron-server-constraint': + constraint_type => 'order', + first_resource => 'openstack-core-clone', + second_resource => "${::neutron::params::server_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Ocf['openstack-core'], + Pacemaker::Resource::Service[$::neutron::params::server_service]], + } + + if $enable_ovs { + pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::ovs_agent_service}-clone", + second_resource => "${::neutron::params::dhcp_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service], + Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]], + } + } + + if $enable_dhcp and $enable_ovs { + pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::server_service}-clone", + second_resource => "${::neutron::params::ovs_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::server_service], + Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], + } + + pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation': + source => "${::neutron::params::dhcp_agent_service}-clone", + target => "${::neutron::params::ovs_agent_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service], + Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]], + } + } + + if $enable_dhcp and $enable_l3 { + pacemaker::constraint::base { 'neutron-dhcp-agent-to-l3-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::dhcp_agent_service}-clone", + second_resource => "${::neutron::params::l3_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service], + Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]] + } + + pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-l3-agent-colocation': + source => "${::neutron::params::l3_agent_service}-clone", + target => "${::neutron::params::dhcp_agent_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service], + Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]] + } + } + + if $enable_l3 and $enable_metadata { + pacemaker::constraint::base { 'neutron-l3-agent-to-metadata-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::l3_agent_service}-clone", + second_resource => "${::neutron::params::metadata_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service], + Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]] + } + pacemaker::constraint::colocation { 'neutron-l3-agent-to-metadata-agent-colocation': + source => "${::neutron::params::metadata_agent_service}-clone", + target => "${::neutron::params::l3_agent_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service], + Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]] + } + } + } +} diff --git a/manifests/profile/pacemaker/neutron/dhcp.pp b/manifests/profile/pacemaker/neutron/dhcp.pp new file mode 100644 index 0000000..d738f21 --- /dev/null +++ b/manifests/profile/pacemaker/neutron/dhcp.pp @@ -0,0 +1,44 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::neutron::dhcp +# +# Neutron DHCP Agent server profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid', undef) +# +class tripleo::profile::pacemaker::neutron::dhcp ( + $step = hiera('step'), + $pacemaker_master = hiera('bootstrap_nodeid', undef), +) { + + include ::neutron::params + include ::tripleo::profile::pacemaker::neutron + include ::tripleo::profile::base::neutron::dhcp + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + pacemaker::resource::service { $::neutron::params::dhcp_agent_service: + clone_params => 'interleave=true', + } + } +} diff --git a/manifests/profile/pacemaker/neutron/l3.pp b/manifests/profile/pacemaker/neutron/l3.pp new file mode 100644 index 0000000..fec4af2 --- /dev/null +++ b/manifests/profile/pacemaker/neutron/l3.pp @@ -0,0 +1,44 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::neutron::l3 +# +# Neutron L3 Agent server profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid', undef) +# +class tripleo::profile::pacemaker::neutron::l3 ( + $step = hiera('step'), + $pacemaker_master = hiera('bootstrap_nodeid', undef), +) { + + include ::neutron::params + include ::tripleo::profile::pacemaker::neutron + include ::tripleo::profile::base::neutron::l3 + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + pacemaker::resource::service { $::neutron::params::l3_agent_service: + clone_params => 'interleave=true', + } + } +} diff --git a/manifests/profile/pacemaker/neutron/metadata.pp b/manifests/profile/pacemaker/neutron/metadata.pp new file mode 100644 index 0000000..4fccea2 --- /dev/null +++ b/manifests/profile/pacemaker/neutron/metadata.pp @@ -0,0 +1,44 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::neutron::metadata +# +# Neutron Metadata Agent server profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid', undef) +# +class tripleo::profile::pacemaker::neutron::metadata ( + $step = hiera('step'), + $pacemaker_master = hiera('bootstrap_nodeid', undef), +) { + + include ::neutron::params + include ::tripleo::profile::pacemaker::neutron + include ::tripleo::profile::base::neutron::metadata + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + pacemaker::resource::service { $::neutron::params::metadata_agent_service: + clone_params => 'interleave=true', + } + } +} diff --git a/manifests/profile/pacemaker/neutron/midonet.pp b/manifests/profile/pacemaker/neutron/midonet.pp new file mode 100644 index 0000000..9d380f0 --- /dev/null +++ b/manifests/profile/pacemaker/neutron/midonet.pp @@ -0,0 +1,80 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::neutron::midonet +# +# Neutron Midonet driver Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid', undef) +# +class tripleo::profile::pacemaker::neutron::midonet ( + $step = hiera('step'), + $pacemaker_master = hiera('bootstrap_nodeid', undef), +) { + include ::neutron::params + include ::tripleo::profile::pacemaker::neutron + include ::tripleo::profile::base::neutron::midonet + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + + pacemaker::resource::service {'tomcat': + clone_params => 'interleave=true', + } + + #midonet-chain chain keystone-->neutron-server-->dhcp-->metadata->tomcat + pacemaker::constraint::base { 'neutron-server-to-dhcp-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::server_service}-clone", + second_resource => "${::neutron::params::dhcp_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::server_service], + Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]], + } + pacemaker::constraint::base { 'neutron-dhcp-agent-to-metadata-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::dhcp_agent_service}-clone", + second_resource => "${::neutron::params::metadata_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service], + Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]], + } + pacemaker::constraint::base { 'neutron-metadata-agent-to-tomcat-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::metadata_agent_service}-clone", + second_resource => 'tomcat-clone', + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service], + Pacemaker::Resource::Service['tomcat']], + } + pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-metadata-agent-colocation': + source => "${::neutron::params::metadata_agent_service}-clone", + target => "${::neutron::params::dhcp_agent_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service], + Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]], + } + } +} diff --git a/manifests/profile/pacemaker/neutron/ovs.pp b/manifests/profile/pacemaker/neutron/ovs.pp new file mode 100644 index 0000000..a330de1 --- /dev/null +++ b/manifests/profile/pacemaker/neutron/ovs.pp @@ -0,0 +1,88 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::neutron::ovs +# +# Neutron OVS Agent Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid', undef) +# +class tripleo::profile::pacemaker::neutron::ovs ( + $step = hiera('step'), + $pacemaker_master = hiera('bootstrap_nodeid', undef), +) { + + include ::neutron::params + include ::tripleo::profile::pacemaker::neutron + include ::tripleo::profile::base::neutron::ovs + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + + pacemaker::resource::service { $::neutron::params::ovs_agent_service: + clone_params => 'interleave=true', + } + + pacemaker::resource::ocf { $::neutron::params::ovs_cleanup_service: + ocf_agent_name => 'neutron:OVSCleanup', + clone_params => 'interleave=true', + } + pacemaker::resource::ocf { 'neutron-netns-cleanup': + ocf_agent_name => 'neutron:NetnsCleanup', + clone_params => 'interleave=true', + } + + # neutron - one chain ovs-cleanup-->netns-cleanup-->ovs-agent + pacemaker::constraint::base { 'neutron-ovs-cleanup-to-netns-cleanup-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::ovs_cleanup_service}-clone", + second_resource => 'neutron-netns-cleanup-clone', + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service], + Pacemaker::Resource::Ocf['neutron-netns-cleanup']], + } + pacemaker::constraint::colocation { 'neutron-ovs-cleanup-to-netns-cleanup-colocation': + source => 'neutron-netns-cleanup-clone', + target => "${::neutron::params::ovs_cleanup_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service], + Pacemaker::Resource::Ocf['neutron-netns-cleanup']], + } + pacemaker::constraint::base { 'neutron-netns-cleanup-to-openvswitch-agent-constraint': + constraint_type => 'order', + first_resource => 'neutron-netns-cleanup-clone', + second_resource => "${::neutron::params::ovs_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'], + Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], + } + pacemaker::constraint::colocation { 'neutron-netns-cleanup-to-openvswitch-agent-colocation': + source => "${::neutron::params::ovs_agent_service}-clone", + target => 'neutron-netns-cleanup-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'], + Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]], + } + } +} diff --git a/manifests/profile/pacemaker/neutron/plugins/ml2.pp b/manifests/profile/pacemaker/neutron/plugins/ml2.pp new file mode 100644 index 0000000..6c9d8b1 --- /dev/null +++ b/manifests/profile/pacemaker/neutron/plugins/ml2.pp @@ -0,0 +1,36 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::neutron::plugins::ml2 +# +# Neutron ML2 driver Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid', undef) +# +class tripleo::profile::pacemaker::neutron::plugins::ml2 ( + $pacemaker_master = hiera('bootstrap_nodeid', undef), +) { + + include ::neutron::params + include ::tripleo::profile::pacemaker::neutron + + class { '::tripleo::profile::base::neutron::plugins::ml2': + sync_db => ($::hostname == downcase($pacemaker_master)) + } + +} diff --git a/manifests/profile/pacemaker/neutron/plugins/nuage.pp b/manifests/profile/pacemaker/neutron/plugins/nuage.pp new file mode 100644 index 0000000..ea40d38 --- /dev/null +++ b/manifests/profile/pacemaker/neutron/plugins/nuage.pp @@ -0,0 +1,33 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::neutron::plugins::nuage +# +# Nuage Neutron profile for tripleo pacemaker +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid', undef) +# +class tripleo::profile::pacemaker::neutron::plugins::nuage ( + $pacemaker_master = hiera('bootstrap_nodeid', undef), +) { + + class { '::tripleo::profile::base::neutron::plugins::nuage': + sync_db => ($::hostname == downcase($pacemaker_master)) + } + +} diff --git a/manifests/profile/pacemaker/neutron/plugins/opencontrail.pp b/manifests/profile/pacemaker/neutron/plugins/opencontrail.pp new file mode 100644 index 0000000..8db3cb2 --- /dev/null +++ b/manifests/profile/pacemaker/neutron/plugins/opencontrail.pp @@ -0,0 +1,33 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::neutron::plugins::opencontrail +# +# Opencontrail Neutron profile for tripleo pacemaker +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid', undef) +# +class tripleo::profile::pacemaker::neutron::plugins::opencontrail ( + $pacemaker_master = hiera('bootstrap_nodeid', undef), +) { + + class { '::tripleo::profile::base::neutron::plugins::opencontrail': + sync_db => ($::hostname == downcase($pacemaker_master)) + } + +} diff --git a/manifests/profile/pacemaker/neutron/plugins/plumgrid.pp b/manifests/profile/pacemaker/neutron/plugins/plumgrid.pp new file mode 100644 index 0000000..57f9e31 --- /dev/null +++ b/manifests/profile/pacemaker/neutron/plugins/plumgrid.pp @@ -0,0 +1,33 @@ +# Copyright 2016 PLUMgrid, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::neutron::plugins::plumgrid +# +# PLUMgrid Neutron profile for tripleo pacemaker +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid', undef) +# +class tripleo::profile::pacemaker::neutron::plugins::plumgrid ( + $pacemaker_master = hiera('bootstrap_nodeid', undef), +) { + + class { '::tripleo::profile::base::neutron::plugins::plumgrid': + sync_db => ($::hostname == downcase($pacemaker_master)) + } + +} diff --git a/manifests/profile/pacemaker/neutron/server.pp b/manifests/profile/pacemaker/neutron/server.pp new file mode 100644 index 0000000..acd7993 --- /dev/null +++ b/manifests/profile/pacemaker/neutron/server.pp @@ -0,0 +1,48 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::neutron::server +# +# Neutron Server Pacemaker profile for tripleo +# +# === Parameters +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid', undef) +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::neutron::server ( + $pacemaker_master = hiera('bootstrap_nodeid', undef), + $step = hiera('step'), +) { + + include ::neutron::params + include ::tripleo::profile::pacemaker::neutron + + $sync_db = ($::hostname == downcase($pacemaker_master)) + if $step >= 3 and $sync_db { + include ::neutron::db::mysql + } + + if $step >= 4 or ( $step >= 3 and $sync_db ) { + include ::neutron::server::notifications + include ::neutron::server + } + +} diff --git a/manifests/profile/pacemaker/nova.pp b/manifests/profile/pacemaker/nova.pp new file mode 100644 index 0000000..13c6128 --- /dev/null +++ b/manifests/profile/pacemaker/nova.pp @@ -0,0 +1,31 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::nova +# +# Nova base with Pacemaker profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The step in the deployment +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::nova ( + $step = hiera('step'), +) { + + include ::tripleo::profile::base::nova + +} diff --git a/manifests/profile/pacemaker/nova/api.pp b/manifests/profile/pacemaker/nova/api.pp new file mode 100644 index 0000000..30ab733 --- /dev/null +++ b/manifests/profile/pacemaker/nova/api.pp @@ -0,0 +1,55 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::nova::api +# +# Nova API with Pacemaker profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to downcase(hiera('bootstrap_nodeid')) +# +class tripleo::profile::pacemaker::nova::api ( + $step = hiera('step'), + $pacemaker_master = downcase(hiera('bootstrap_nodeid')), +) { + + include ::nova::params + include ::tripleo::profile::pacemaker::nova + + Service<| title == 'nova-api' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + class { '::tripleo::profile::base::nova::api': + sync_db => (downcase($::hostname) == $pacemaker_master), + } + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + pacemaker::resource::service { $::nova::params::api_service_name: + clone_params => 'interleave=true', + } + } + +} diff --git a/manifests/profile/pacemaker/nova/conductor.pp b/manifests/profile/pacemaker/nova/conductor.pp new file mode 100644 index 0000000..495c92e --- /dev/null +++ b/manifests/profile/pacemaker/nova/conductor.pp @@ -0,0 +1,52 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::nova::conductor +# +# Nova Conductor with Pacemaker profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid') +# +class tripleo::profile::pacemaker::nova::conductor ( + $step = hiera('step'), + $pacemaker_master = hiera('bootstrap_nodeid'), +) { + + include ::nova::params + include ::tripleo::profile::pacemaker::nova + include ::tripleo::profile::base::nova::conductor + + Service<| title == 'nova-conductor' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + pacemaker::resource::service { $::nova::params::conductor_service_name: + clone_params => 'interleave=true', + } + } + +} diff --git a/manifests/profile/pacemaker/nova/consoleauth.pp b/manifests/profile/pacemaker/nova/consoleauth.pp new file mode 100644 index 0000000..fb9428a --- /dev/null +++ b/manifests/profile/pacemaker/nova/consoleauth.pp @@ -0,0 +1,52 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::nova::consoleauth +# +# Nova Consoleauth with Pacemaker profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid') +# +class tripleo::profile::pacemaker::nova::consoleauth ( + $step = hiera('step'), + $pacemaker_master = hiera('bootstrap_nodeid'), +) { + + include ::nova::params + include ::tripleo::profile::pacemaker::nova + include ::tripleo::profile::base::nova::consoleauth + + Service<| title == 'nova-consoleauth' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + pacemaker::resource::service { $::nova::params::consoleauth_service_name: + clone_params => 'interleave=true', + } + } + +} diff --git a/manifests/profile/pacemaker/nova/scheduler.pp b/manifests/profile/pacemaker/nova/scheduler.pp new file mode 100644 index 0000000..9e78c30 --- /dev/null +++ b/manifests/profile/pacemaker/nova/scheduler.pp @@ -0,0 +1,52 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::nova::scheduler +# +# Nova Scheduler with Pacemaker profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid') +# +class tripleo::profile::pacemaker::nova::scheduler ( + $step = hiera('step'), + $pacemaker_master = hiera('bootstrap_nodeid'), +) { + + include ::nova::params + include ::tripleo::profile::pacemaker::nova + include ::tripleo::profile::base::nova::scheduler + + Service<| title == 'nova-scheduler' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + pacemaker::resource::service { $::nova::params::scheduler_service_name: + clone_params => 'interleave=true', + } + } + +} diff --git a/manifests/profile/pacemaker/nova/vncproxy.pp b/manifests/profile/pacemaker/nova/vncproxy.pp new file mode 100644 index 0000000..ec71ca7 --- /dev/null +++ b/manifests/profile/pacemaker/nova/vncproxy.pp @@ -0,0 +1,52 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::nova::vncproxy +# +# Nova vncproxy with Pacemaker profile for tripleo +# +# === Parameters +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*pacemaker_master*] +# (Optional) The hostname of the pacemaker master +# Defaults to hiera('bootstrap_nodeid') +# +class tripleo::profile::pacemaker::nova::vncproxy ( + $step = hiera('step'), + $pacemaker_master = hiera('bootstrap_nodeid'), +) { + + include ::nova::params + include ::tripleo::profile::pacemaker::nova + include ::tripleo::profile::base::nova::vncproxy + + Service<| title == 'nova-vncproxy' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $step >= 5 and downcase($::hostname) == $pacemaker_master { + pacemaker::resource::service { $::nova::params::vncproxy_service_name: + clone_params => 'interleave=true', + } + } + +} diff --git a/manifests/profile/pacemaker/rabbitmq.pp b/manifests/profile/pacemaker/rabbitmq.pp new file mode 100644 index 0000000..efb91b5 --- /dev/null +++ b/manifests/profile/pacemaker/rabbitmq.pp @@ -0,0 +1,67 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::rabbitmq +# +# RabbitMQ Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*erlang_cookie*] +# (Optional) Content of erlang cookie. +# Defaults to hiera('rabbitmq::erlang_cookie'). +# +class tripleo::profile::pacemaker::rabbitmq ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), + $erlang_cookie = hiera('rabbitmq::erlang_cookie'), +) { + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::base::rabbitmq + + file { '/var/lib/rabbitmq/.erlang.cookie': + ensure => file, + owner => 'rabbitmq', + group => 'rabbitmq', + mode => '0400', + content => $erlang_cookie, + replace => true, + require => Class['::rabbitmq'], + } + + if $step >= 2 and $pacemaker_master { + pacemaker::resource::ocf { 'rabbitmq': + ocf_agent_name => 'heartbeat:rabbitmq-cluster', + resource_params => 'set_policy=\'ha-all ^(?!amq\.).* {"ha-mode":"all"}\'', + clone_params => 'ordered=true interleave=true', + meta_params => 'notify=true', + require => Class['::rabbitmq'], + } + } +} diff --git a/manifests/profile/pacemaker/sahara.pp b/manifests/profile/pacemaker/sahara.pp new file mode 100644 index 0000000..04b4edf --- /dev/null +++ b/manifests/profile/pacemaker/sahara.pp @@ -0,0 +1,81 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::sahara +# +# Sahara Pacemaker HA profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::sahara ( + $bootstrap_node = hiera('bootstrap_nodeid'), + $step = hiera('step'), +) { + + Service <| tag == 'sahara-service' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::base::sahara-api + class { '::tripleo::profile::base::sahara-engine': + sync_db => $pacemaker_master, + } + + if $step >= 5 and $pacemaker_master { + # Sahara + pacemaker::resource::service { $::sahara::params::api_service_name : + clone_params => 'interleave=true', + require => Pacemaker::Resource::Ocf['openstack-core'], + } + pacemaker::resource::service { $::sahara::params::engine_service_name : + clone_params => 'interleave=true', + } + pacemaker::constraint::base { 'keystone-then-sahara-api-constraint': + constraint_type => 'order', + first_resource => 'openstack-core-clone', + second_resource => "${::sahara::params::api_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name], + Pacemaker::Resource::Ocf['openstack-core']], + } + pacemaker::constraint::base { 'sahara-api-then-sahara-engine-constraint': + constraint_type => 'order', + first_resource => "${::sahara::params::api_service_name}-clone", + second_resource => "${::sahara::params::engine_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name], + Pacemaker::Resource::Service[$::sahara::params::engine_service_name]], + } + } +} diff --git a/manifests/selinux.pp b/manifests/selinux.pp new file mode 100644 index 0000000..c5d13e2 --- /dev/null +++ b/manifests/selinux.pp @@ -0,0 +1,96 @@ +# +# Copyright (C) 2014 eNovance SAS <licensing@enovance.com> +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::selinux +# +# Helper class to configure SELinux on nodes +# +# === Parameters: +# +# [*mode*] +# (optional) SELinux mode the system should be in +# Defaults to 'enforcing' +# Possible values : disabled, permissive, enforcing +# +# [*directory*] +# (optional) Path where to find the SELinux modules +# Defaults to '/usr/share/selinux' +# +# [*booleans*] +# (optional) Set of booleans to persistently enables +# SELinux booleans are the one getsebool -a returns +# Defaults [] +# Example: ['rsync_full_access', 'haproxy_connect_any'] +# +# [*modules*] +# (optional) Set of modules to load on the system +# Defaults [] +# Example: ['module1', 'module2'] +# Note: Those module should be in the $directory path +# +class tripleo::selinux ( + $mode = 'enforcing', + $directory = '/usr/share/selinux/', + $booleans = [], + $modules = [], +) { + + if $::osfamily != 'RedHat' { + fail("OS family unsuppored yet (${::osfamily}), SELinux support is only limited to RedHat family OS") + } + + Selboolean { + persistent => true, + value => 'on', + } + + Selmodule { + ensure => present, + selmoduledir => $directory, + } + + file { '/etc/selinux/config': + ensure => present, + mode => '0444', + content => template('tripleo/selinux/sysconfig_selinux.erb') + } + + $current_mode = $::selinux? { + false => 'disabled', + default => $::selinux_current_mode, + } + + if $current_mode != $mode { + case $mode { + /^(disabled|permissive)$/: { + if $current_mode == 'enforcing' { + exec { '/sbin/setenforce 0': } + } + } + 'enforcing': { + exec { '/sbin/setenforce 1': } + } + default: { + fail('You must specify a mode (enforcing, permissive, or disabled)') + } + } + } + + selboolean { $booleans : + persistent => true, + } + selmodule { $modules: } + +} diff --git a/metadata.json b/metadata.json new file mode 100644 index 0000000..457f86e --- /dev/null +++ b/metadata.json @@ -0,0 +1,28 @@ +{ + "name": "openstack-tripleo", + "version": "1.0.0", + "author": "OpenStack Contributors", + "summary": "Puppet module for TripleO", + "license": "Apache-2.0", + "source": "git://github.com/openstack/puppet-tripleo.git", + "project_page": "https://launchpad.net/puppet-tripleo", + "issues_url": "https://bugs.launchpad.net/puppet-tripleo", + "description": "Installs and configures Tripleo.", + "requirements": [ + { "name": "pe","version_requirement": "3.x" }, + { "name": "puppet","version_requirement": "3.x" } + ], + "operatingsystem_support": [ + { + "operatingsystem": "Fedora", + "operatingsystemrelease": ["20"] + }, + { + "operatingsystem": "RedHat", + "operatingsystemrelease": ["7"] + } + ], + "dependencies": [ + { "name": "puppetlabs/stdlib", "version_requirement": ">= 3.2.0 < 5.0.0" } + ] +} diff --git a/spec/classes/tripleo_firewall_spec.rb b/spec/classes/tripleo_firewall_spec.rb index aa5d1d7..27ac62a 100644 --- a/spec/classes/tripleo_firewall_spec.rb +++ b/spec/classes/tripleo_firewall_spec.rb @@ -51,7 +51,7 @@ describe 'tripleo::firewall' do :state => ['NEW'], ) is_expected.to contain_firewall('003 accept ssh').with( - :port => '22', + :dport => '22', :proto => 'tcp', :action => 'accept', :state => ['NEW'], @@ -74,7 +74,9 @@ describe 'tripleo::firewall' do :firewall_rules => { '300 add custom application 1' => {'port' => '999', 'proto' => 'udp', 'action' => 'accept'}, '301 add custom application 2' => {'port' => '8081', 'proto' => 'tcp', 'action' => 'accept'}, - '302 fwd custom cidr 1' => {'chain' => 'FORWARD', 'destination' => '192.0.2.0/24'} + '302 fwd custom cidr 1' => {'chain' => 'FORWARD', 'destination' => '192.0.2.0/24'}, + '303 add custom application 3' => {'dport' => '8081', 'proto' => 'tcp', 'action' => 'accept'}, + '304 add custom application 4' => {'sport' => '1000', 'proto' => 'tcp', 'action' => 'accept'} } ) end @@ -95,6 +97,18 @@ describe 'tripleo::firewall' do :chain => 'FORWARD', :destination => '192.0.2.0/24', ) + is_expected.to contain_firewall('303 add custom application 3').with( + :dport => '8081', + :proto => 'tcp', + :action => 'accept', + :state => ['NEW'], + ) + is_expected.to contain_firewall('304 add custom application 4').with( + :sport => '1000', + :proto => 'tcp', + :action => 'accept', + :state => ['NEW'], + ) end end diff --git a/spec/classes/tripleo_selinux_spec.rb b/spec/classes/tripleo_selinux_spec.rb new file mode 100644 index 0000000..301006b --- /dev/null +++ b/spec/classes/tripleo_selinux_spec.rb @@ -0,0 +1,106 @@ +# Copyright (C) 2014 eNovance SAS <licensing@enovance.com> +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# Unit tests for tripleo::selinux +# + +require 'spec_helper' + +describe 'tripleo::selinux' do + + shared_examples_for 'manage selinux' do + + context 'with selinux enforcing' do + before :each do + facts.merge!( :selinux_current_mode => 'enforcing' ) + end + + let :params do + { :mode => 'disabled', + :booleans => ['foo', 'bar'], + :modules => ['module1', 'module2'], + :directory => '/path/to/modules'} + end + + it 'runs setenforce 0' do + is_expected.to contain_exec('/sbin/setenforce 0') + end + + it 'enables the SELinux boolean' do + is_expected.to contain_selboolean('foo').with( + :persistent => true, + :value => 'on', + ) + end + + it 'enables the SELinux modules' do + is_expected.to contain_selmodule('module1').with( + :ensure => 'present', + :selmoduledir => '/path/to/modules', + ) + end + + end + + context 'with selinux disabled' do + before :each do + facts.merge!( :selinux => 'false' ) + end + + let :params do + { :mode => 'enforcing', + :booleans => ['foo', 'bar'], + :modules => ['module1', 'module2'], + :directory => '/path/to/modules'} + end + + it 'runs setenforce 1' do + is_expected.to contain_exec('/sbin/setenforce 1') + end + + it 'enables the SELinux boolean' do + is_expected.to contain_selboolean('foo').with( + :persistent => true, + :value => 'on', + ) + end + + it 'enables the SELinux modules' do + is_expected.to contain_selmodule('module1').with( + :ensure => 'present', + :selmoduledir => '/path/to/modules', + ) + end + + end + + end + + context 'on Debian platforms' do + let :facts do + { :osfamily => 'Debian' } + end + + it_raises 'a Puppet::Error', /OS family unsuppored yet \(Debian\), SELinux support is only limited to RedHat family OS/ + end + + context 'on RedHat platforms' do + let :facts do + { :osfamily => 'RedHat' } + end + + it_configures 'manage selinux' + end + +end diff --git a/spec/fixtures/hiera.yaml b/spec/fixtures/hiera.yaml new file mode 100644 index 0000000..1dc3360 --- /dev/null +++ b/spec/fixtures/hiera.yaml @@ -0,0 +1,7 @@ +--- +:backends: + - yaml +:yaml: + :datadir: './spec/fixtures/hieradata' +:hierarchy: + - default diff --git a/spec/fixtures/hieradata/default.yaml b/spec/fixtures/hieradata/default.yaml new file mode 100644 index 0000000..0d0c944 --- /dev/null +++ b/spec/fixtures/hieradata/default.yaml @@ -0,0 +1,3 @@ +my_hash: + network: '127.0.0.1' +not_hash: string diff --git a/spec/functions/lookup_hiera_hash_spec.rb b/spec/functions/lookup_hiera_hash_spec.rb new file mode 100644 index 0000000..ffaf8b5 --- /dev/null +++ b/spec/functions/lookup_hiera_hash_spec.rb @@ -0,0 +1,20 @@ +require 'spec_helper' +require 'puppet' + +# puppet 4.0 call_function() has no visibility of 3.x functions and will fail anyway +unless Puppet.version =~ /^4\.0/ + describe 'lookup_hiera_hash' do + # working version + it { should run.with_params('my_hash', 'network').and_return('127.0.0.1') } + # raise if key does not exist + it { should run.with_params('my_hash', 'not_network').and_raise_error(Puppet::ParseError) } + # raise if hash value returned by hiera is not a hash + it { should run.with_params('not_hash', 'key').and_raise_error(Puppet::ParseError) } + # raise if arguments are not two + it { should run.with_params('hash', 'key', 'unexpected').and_raise_error(ArgumentError) } + it { should run.with_params('hash').and_raise_error(ArgumentError) } + # raise if arguments are not strings + it { should run.with_params({}, 'key').and_raise_error(Puppet::ParseError) } + it { should run.with_params('hash', true).and_raise_error(Puppet::ParseError) } + end +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 15d5eab..251160e 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -6,6 +6,7 @@ fixture_path = File.expand_path(File.join(__FILE__, '..', 'fixtures')) RSpec.configure do |c| c.alias_it_should_behave_like_to :it_configures, 'configures' c.alias_it_should_behave_like_to :it_raises, 'raises' + c.hiera_config = File.join(fixture_path, 'hiera.yaml') c.module_path = File.join(fixture_path, 'modules') c.manifest_dir = File.join(fixture_path, 'manifests') diff --git a/templates/selinux/sysconfig_selinux.erb b/templates/selinux/sysconfig_selinux.erb new file mode 100644 index 0000000..dfb1e53 --- /dev/null +++ b/templates/selinux/sysconfig_selinux.erb @@ -0,0 +1,11 @@ +# This file controls the state of SELinux on the system. +# SELINUX= can take one of these three values: +# enforcing - SELinux security policy is enforced. +# permissive - SELinux prints warnings instead of enforcing. +# disabled - No SELinux policy is loaded. +SELINUX=<%= @mode %> +# SELINUXTYPE= can take one of these two values: +# targeted - Targeted processes are protected, +# minimum - Modification of targeted policy. Only selected processes are protected. +# mls - Multi Level Security protection. +SELINUXTYPE=targeted |