summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--manifests/haproxy.pp49
-rw-r--r--manifests/profile/base/aodh.pp2
-rw-r--r--manifests/profile/base/aodh/api.pp26
-rw-r--r--manifests/profile/base/aodh/evaluator.pp15
-rw-r--r--manifests/profile/base/aodh/listener.pp15
-rw-r--r--manifests/profile/base/aodh/notifier.pp15
-rw-r--r--manifests/profile/base/ceilometer/api.pp2
-rw-r--r--manifests/profile/base/ceilometer/collector.pp8
-rw-r--r--manifests/profile/base/cinder/backup.pp36
-rw-r--r--manifests/profile/base/cinder/backup/ceph.pp36
-rw-r--r--manifests/profile/base/cinder/backup/swift.pp36
-rw-r--r--manifests/profile/base/database/mongodbcommon.pp2
-rw-r--r--manifests/profile/base/heat.pp1
-rw-r--r--manifests/profile/base/horizon.pp4
-rw-r--r--manifests/profile/base/ironic.pp2
-rw-r--r--manifests/profile/base/kernel.pp10
-rw-r--r--manifests/profile/base/keystone.pp49
-rw-r--r--manifests/profile/base/mistral.pp1
-rw-r--r--manifests/profile/base/neutron/opendaylight.pp46
-rw-r--r--manifests/profile/base/neutron/plugins/ml2.pp5
-rw-r--r--manifests/profile/base/neutron/plugins/ml2/opendaylight.pp54
-rw-r--r--manifests/profile/base/neutron/plugins/ovs/opendaylight.pp73
-rw-r--r--manifests/profile/base/neutron/sriov.pp42
-rw-r--r--manifests/profile/base/nova.pp4
-rw-r--r--manifests/profile/base/rabbitmq.pp4
-rw-r--r--manifests/profile/base/swift/storage.pp1
-rw-r--r--manifests/profile/base/ui.pp24
-rw-r--r--manifests/profile/pacemaker/ceilometer.pp16
-rw-r--r--manifests/profile/pacemaker/ceilometer/api.pp5
-rw-r--r--manifests/profile/pacemaker/cinder/backup.pp54
-rw-r--r--manifests/profile/pacemaker/database/mysql.pp2
-rw-r--r--manifests/profile/pacemaker/manila.pp55
-rw-r--r--manifests/trusted_ca.pp39
-rw-r--r--manifests/trusted_cas.pp28
34 files changed, 669 insertions, 92 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index c979295..b2cc264 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -228,6 +228,10 @@
#
# [*zaqar_api*]
# (optional) Enable or not Zaqar Api binding
+# Defaults to false
+#
+# [*opendaylight*]
+# (optional) Enable or not OpenDaylight binding
# Defaults to false
#
# [*service_ports*]
@@ -329,6 +333,7 @@ class tripleo::haproxy (
$redis_password = undef,
$midonet_api = false,
$zaqar_api = false,
+ $opendaylight = false,
$service_ports = {}
) {
$default_service_ports = {
@@ -517,6 +522,21 @@ class tripleo::haproxy (
}
if $keystone_public {
+ $keystone_listen_opts = {
+ 'http-request' => [
+ 'set-header X-Forwarded-Proto https if { ssl_fc }',
+ 'set-header X-Forwarded-Proto http if !{ ssl_fc }'],
+ }
+ if $service_certificate {
+ $keystone_public_tls_listen_opts = {
+ 'rsprep' => '^Location:\ http://(.*) Location:\ https://\1',
+ # NOTE(jaosorior): We always redirect to https for the public_virtual_ip.
+ 'redirect' => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }",
+ 'option' => 'forwardfor',
+ }
+ } else {
+ $keystone_public_tls_listen_opts = {}
+ }
::tripleo::haproxy::endpoint { 'keystone_public':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('keystone_public_api_vip', $controller_virtual_ip),
@@ -524,11 +544,7 @@ class tripleo::haproxy (
ip_addresses => hiera('keystone_public_api_node_ips', $controller_hosts_real),
server_names => $controller_hosts_names_real,
mode => 'http',
- listen_options => {
- 'http-request' => [
- 'set-header X-Forwarded-Proto https if { ssl_fc }',
- 'set-header X-Forwarded-Proto http if !{ ssl_fc }'],
- },
+ listen_options => merge($keystone_listen_opts, $keystone_public_tls_listen_opts),
public_ssl_port => $ports[keystone_public_api_ssl_port],
}
}
@@ -918,4 +934,27 @@ class tripleo::haproxy (
public_ssl_port => $ports[zaqar_api_ssl_port],
}
}
+
+ $opendaylight_api_vip = hiera('opendaylight_api_vip', $controller_virtual_ip)
+ $opendaylight_bind_opts = {
+ "${opendaylight_api_vip}:8081" => [],
+ "${public_virtual_ip}:8081" => [],
+ }
+
+ if $opendaylight {
+ haproxy::listen { 'opendaylight':
+ bind => $opendaylight_bind_opts,
+ options => {
+ 'balance' => 'source',
+ },
+ collect_exported => false,
+ }
+ haproxy::balancermember { 'opendaylight':
+ listening_service => 'opendaylight',
+ ports => '8081',
+ ipaddresses => hiera('opendaylight_api_node_ips', $controller_hosts_real),
+ server_names => $controller_hosts_names_real,
+ options => ['check', 'inter 2000', 'rise 2', 'fall 5'],
+ }
+ }
}
diff --git a/manifests/profile/base/aodh.pp b/manifests/profile/base/aodh.pp
index 28156a0..07c0a88 100644
--- a/manifests/profile/base/aodh.pp
+++ b/manifests/profile/base/aodh.pp
@@ -42,7 +42,7 @@ class tripleo::profile::base::aodh (
include ::aodh::db::mysql
}
- if $step >= 4 and $sync_db {
+ if $step >= 4 or ($step >= 3 and $sync_db) {
include ::aodh
include ::aodh::auth
include ::aodh::config
diff --git a/manifests/profile/base/aodh/api.pp b/manifests/profile/base/aodh/api.pp
index 3aa436d..2dcf802 100644
--- a/manifests/profile/base/aodh/api.pp
+++ b/manifests/profile/base/aodh/api.pp
@@ -23,25 +23,27 @@
# for more details.
# Defaults to hiera('step')
#
-# [*bootstrap_node*]
-# (Optional) The hostname of the node responsible for bootstrapping tasks
-# Defaults to hiera('bootstrap_nodeid')
+# [*enable_combination_alarms*]
+# (optional) Setting to enable combination alarms
+# Defaults to: false
#
+
class tripleo::profile::base::aodh::api (
- $step = hiera('step'),
- $bootstrap_node = hiera('bootstrap_nodeid', undef),
+ $step = hiera('step'),
+ $enable_combination_alarms = false,
) {
- if $::hostname == downcase($bootstrap_node) {
- $sync_db = true
- } else {
- $sync_db = false
- }
-
include ::tripleo::profile::base::aodh
- if $step >= 4 and $sync_db {
+ if $step >= 4 {
include ::aodh::api
include ::aodh::wsgi::apache
+
+ #NOTE: Combination alarms are deprecated in newton and disabled by default.
+ # we need a way to override this setting for users still using this type
+ # of alarms.
+ aodh_config {
+ 'api/enable_combination_alarms' : value => $enable_combination_alarms;
+ }
}
}
diff --git a/manifests/profile/base/aodh/evaluator.pp b/manifests/profile/base/aodh/evaluator.pp
index 46d1d14..610d5a8 100644
--- a/manifests/profile/base/aodh/evaluator.pp
+++ b/manifests/profile/base/aodh/evaluator.pp
@@ -23,24 +23,13 @@
# for more details.
# Defaults to hiera('step')
#
-# [*bootstrap_node*]
-# (Optional) The hostname of the node responsible for bootstrapping tasks
-# Defaults to hiera('bootstrap_nodeid')
-#
class tripleo::profile::base::aodh::evaluator (
- $step = hiera('step'),
- $bootstrap_node = hiera('bootstrap_nodeid', undef),
+ $step = hiera('step'),
) {
- if $::hostname == downcase($bootstrap_node) {
- $sync_db = true
- } else {
- $sync_db = false
- }
-
include ::tripleo::profile::base::aodh
- if $step >= 4 and $sync_db {
+ if $step >= 4 {
include ::aodh::evaluator
}
diff --git a/manifests/profile/base/aodh/listener.pp b/manifests/profile/base/aodh/listener.pp
index 93f37fa..d36e1bb 100644
--- a/manifests/profile/base/aodh/listener.pp
+++ b/manifests/profile/base/aodh/listener.pp
@@ -23,24 +23,13 @@
# for more details.
# Defaults to hiera('step')
#
-# [*bootstrap_node*]
-# (Optional) The hostname of the node responsible for bootstrapping tasks
-# Defaults to hiera('bootstrap_nodeid')
-#
class tripleo::profile::base::aodh::listener (
- $step = hiera('step'),
- $bootstrap_node = hiera('bootstrap_nodeid', undef),
+ $step = hiera('step'),
) {
- if $::hostname == downcase($bootstrap_node) {
- $sync_db = true
- } else {
- $sync_db = false
- }
-
include ::tripleo::profile::base::aodh
- if $step >= 4 and $sync_db {
+ if $step >= 4 {
include ::aodh::listener
}
diff --git a/manifests/profile/base/aodh/notifier.pp b/manifests/profile/base/aodh/notifier.pp
index 0686012..d2a3945 100644
--- a/manifests/profile/base/aodh/notifier.pp
+++ b/manifests/profile/base/aodh/notifier.pp
@@ -23,24 +23,13 @@
# for more details.
# Defaults to hiera('step')
#
-# [*bootstrap_node*]
-# (Optional) The hostname of the node responsible for bootstrapping tasks
-# Defaults to hiera('bootstrap_nodeid')
-#
class tripleo::profile::base::aodh::notifier (
- $step = hiera('step'),
- $bootstrap_node = hiera('bootstrap_nodeid', undef),
+ $step = hiera('step'),
) {
- if $::hostname == downcase($bootstrap_node) {
- $sync_db = true
- } else {
- $sync_db = false
- }
-
include ::tripleo::profile::base::aodh
- if $step >= 4 and $sync_db {
+ if $step >= 4 {
include ::aodh::notifier
}
diff --git a/manifests/profile/base/ceilometer/api.pp b/manifests/profile/base/ceilometer/api.pp
index b300a91..da94da2 100644
--- a/manifests/profile/base/ceilometer/api.pp
+++ b/manifests/profile/base/ceilometer/api.pp
@@ -30,6 +30,6 @@ class tripleo::profile::base::ceilometer::api (
if $step >= 4 {
include ::ceilometer::api
+ include ::ceilometer::wsgi::apache
}
-
}
diff --git a/manifests/profile/base/ceilometer/collector.pp b/manifests/profile/base/ceilometer/collector.pp
index a8ca88b..baaf4c8 100644
--- a/manifests/profile/base/ceilometer/collector.pp
+++ b/manifests/profile/base/ceilometer/collector.pp
@@ -44,12 +44,12 @@ class tripleo::profile::base::ceilometer::collector (
# without the brackets as 'members' argument for the 'mongodb_replset'
# resource.
if str2bool(hiera('mongodb::server::ipv6', false)) {
- $mongo_node_ips_with_port_prefixed = prefix(hiera('mongo_node_ips'), '[')
+ $mongo_node_ips_with_port_prefixed = prefix(hiera('mongodb_node_ips'), '[')
$mongo_node_ips_with_port = suffix($mongo_node_ips_with_port_prefixed, ']:27017')
- $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
+ $mongo_node_ips_with_port_nobr = suffix(hiera('mongodb_node_ips'), ':27017')
} else {
- $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
- $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
+ $mongo_node_ips_with_port = suffix(hiera('mongodb_node_ips'), ':27017')
+ $mongo_node_ips_with_port_nobr = suffix(hiera('mongodb_node_ips'), ':27017')
}
$mongo_node_string = join($mongo_node_ips_with_port, ',')
diff --git a/manifests/profile/base/cinder/backup.pp b/manifests/profile/base/cinder/backup.pp
new file mode 100644
index 0000000..df015f7
--- /dev/null
+++ b/manifests/profile/base/cinder/backup.pp
@@ -0,0 +1,36 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::backup
+#
+# Cinder Backup profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::backup (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::cinder
+
+ if $step >= 4 {
+ include ::cinder::backup
+ }
+
+}
diff --git a/manifests/profile/base/cinder/backup/ceph.pp b/manifests/profile/base/cinder/backup/ceph.pp
new file mode 100644
index 0000000..67a666e
--- /dev/null
+++ b/manifests/profile/base/cinder/backup/ceph.pp
@@ -0,0 +1,36 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::backup::ceph
+#
+# Cinder Backup Ceph profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::backup::ceph (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::cinder::backup
+
+ if $step >= 4 {
+ include ::cinder::backup::ceph
+ }
+
+}
diff --git a/manifests/profile/base/cinder/backup/swift.pp b/manifests/profile/base/cinder/backup/swift.pp
new file mode 100644
index 0000000..12561bf
--- /dev/null
+++ b/manifests/profile/base/cinder/backup/swift.pp
@@ -0,0 +1,36 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::backup::swift
+#
+# Cinder Backup Ceph profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::backup::swift (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::cinder::backup
+
+ if $step >= 4 {
+ include ::cinder::backup::swift
+ }
+
+}
diff --git a/manifests/profile/base/database/mongodbcommon.pp b/manifests/profile/base/database/mongodbcommon.pp
index 13af899..c61e692 100644
--- a/manifests/profile/base/database/mongodbcommon.pp
+++ b/manifests/profile/base/database/mongodbcommon.pp
@@ -27,7 +27,7 @@
#
class tripleo::profile::base::database::mongodbcommon (
$mongodb_ipv6_enabled = false,
- $mongodb_node_ips = hiera('mongo_node_ips'),
+ $mongodb_node_ips = hiera('mongodb_node_ips'),
) {
$port = '27017'
diff --git a/manifests/profile/base/heat.pp b/manifests/profile/base/heat.pp
index dcf0f21..cafe95e 100644
--- a/manifests/profile/base/heat.pp
+++ b/manifests/profile/base/heat.pp
@@ -56,6 +56,7 @@ class tripleo::profile::base::heat (
notification_driver => $notification_driver,
}
include ::heat::config
+ include ::heat::cors
}
if $step >= 5 {
diff --git a/manifests/profile/base/horizon.pp b/manifests/profile/base/horizon.pp
index 1b7df19..be07c0e 100644
--- a/manifests/profile/base/horizon.pp
+++ b/manifests/profile/base/horizon.pp
@@ -38,9 +38,9 @@ class tripleo::profile::base::horizon (
$neutron_options = {'profile_support' => $_profile_support }
$memcached_ipv6 = hiera('memcached_ipv6', false)
if $memcached_ipv6 {
- $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]')
+ $horizon_memcached_servers = hiera('memcached_node_ips_v6', '[::1]')
} else {
- $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1')
+ $horizon_memcached_servers = hiera('memcached_node_ips', '127.0.0.1')
}
class { '::horizon':
cache_server_ip => $horizon_memcached_servers,
diff --git a/manifests/profile/base/ironic.pp b/manifests/profile/base/ironic.pp
index f098d37..da89839 100644
--- a/manifests/profile/base/ironic.pp
+++ b/manifests/profile/base/ironic.pp
@@ -45,5 +45,7 @@ class tripleo::profile::base::ironic (
class { '::ironic':
sync_db => $sync_db,
}
+
+ include ::ironic::cors
}
}
diff --git a/manifests/profile/base/kernel.pp b/manifests/profile/base/kernel.pp
index db0280f..df13a98 100644
--- a/manifests/profile/base/kernel.pp
+++ b/manifests/profile/base/kernel.pp
@@ -19,8 +19,12 @@
#
class tripleo::profile::base::kernel {
- create_resources(kmod::load, hiera('kernel_modules'), { })
- create_resources(sysctl::value, hiera('sysctl_settings'), { })
- Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
+ if hiera('kernel_modules', undef) {
+ create_resources(kmod::load, hiera('kernel_modules'), { })
+ }
+ if hiera('sysctl_settings', undef) {
+ create_resources(sysctl::value, hiera('sysctl_settings'), { })
+ }
+ Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
}
diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp
index d8c8e24..354d24c 100644
--- a/manifests/profile/base/keystone.pp
+++ b/manifests/profile/base/keystone.pp
@@ -58,6 +58,7 @@ class tripleo::profile::base::keystone (
include ::keystone::config
include ::keystone::wsgi::apache
+ include ::keystone::cors
if $manage_roles {
include ::keystone::roles::admin
@@ -72,5 +73,53 @@ class tripleo::profile::base::keystone (
if $step >= 5 and $manage_db_purge {
include ::keystone::cron::token_flush
}
+
+ if $step >= 5 and $manage_endpoint{
+ if hiera('aodh_api_enabled', false) {
+ include ::aodh::keystone::auth
+ }
+ if hiera('ceilometer_api_enabled', false) {
+ include ::ceilometer::keystone::auth
+ }
+ if hiera('cinder_api_enabled', false) {
+ include ::cinder::keystone::auth
+ }
+ if hiera('glance_api_enabled', false) {
+ include ::glance::keystone::auth
+ }
+ if hiera('gnocchi_api_enabled', false) {
+ include ::gnocchi::keystone::auth
+ }
+ if hiera('heat_api_enabled', false) {
+ include ::heat::keystone::auth
+ }
+ if hiera('heat_api_cfn_enabled', false) {
+ include ::heat::keystone::auth_cfn
+ }
+ if hiera('ironic_api_enabled', false) {
+ include ::ironic::keystone::auth
+ }
+ if hiera('manila_api_enabled', false) {
+ include ::manila::keystone::auth
+ }
+ if hiera('mistral_api_enabled', false) {
+ include ::mistral::keystone::auth
+ }
+ if hiera('neutron_api_enabled', false) {
+ include ::neutron::keystone::auth
+ }
+ if hiera('nova_api_enabled', false) {
+ include ::nova::keystone::auth
+ }
+ if hiera('sahara_api_enabled', false) {
+ include ::sahara::keystone::auth
+ }
+ if hiera('swift_proxy_enabled', false) {
+ include ::swift::keystone::auth
+ }
+ if hiera('trove_api_enabled', false) {
+ include ::trove::keystone::auth
+ }
+ }
}
diff --git a/manifests/profile/base/mistral.pp b/manifests/profile/base/mistral.pp
index 0c41193..cffb03e 100644
--- a/manifests/profile/base/mistral.pp
+++ b/manifests/profile/base/mistral.pp
@@ -46,5 +46,6 @@ class tripleo::profile::base::mistral (
include ::mistral::config
include ::mistral::client
include ::mistral::db::sync
+ include ::mistral::cors
}
}
diff --git a/manifests/profile/base/neutron/opendaylight.pp b/manifests/profile/base/neutron/opendaylight.pp
new file mode 100644
index 0000000..ffe28ce
--- /dev/null
+++ b/manifests/profile/base/neutron/opendaylight.pp
@@ -0,0 +1,46 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::opendaylight
+#
+# OpenDaylight Neutron profile for TripleO
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step of the deployment
+# Defaults to hiera('step')
+#
+# [*primary_controller*]
+# (Optional) The hostname of the first controller
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+class tripleo::profile::base::neutron::opendaylight (
+ $step = hiera('step'),
+ $primary_controller = hiera('bootstrap_nodeid', undef),
+) {
+
+ include ::tripleo::profile::base::neutron
+
+ if ! str2bool(hiera('opendaylight::enable_l3')) {
+ include ::tripleo::profile::base::neutron::l3
+ }
+
+ if $step >= 1 {
+ # Configure ODL only on first controller
+ if hiera('odl_on_controller') and $primary_controller == downcase($::hostname) {
+ include ::opendaylight
+ }
+ }
+}
diff --git a/manifests/profile/base/neutron/plugins/ml2.pp b/manifests/profile/base/neutron/plugins/ml2.pp
index c89bc02..401e627 100644
--- a/manifests/profile/base/neutron/plugins/ml2.pp
+++ b/manifests/profile/base/neutron/plugins/ml2.pp
@@ -63,5 +63,10 @@ class tripleo::profile::base::neutron::plugins::ml2 (
if 'bsn_ml2' in $mechanism_drivers {
include ::neutron::plugins::ml2::bigswitch::restproxy
}
+
+ if 'opendaylight' in $mechanism_drivers {
+ include ::tripleo::profile::base::neutron::plugins::ml2::opendaylight
+ }
+
}
}
diff --git a/manifests/profile/base/neutron/plugins/ml2/opendaylight.pp b/manifests/profile/base/neutron/plugins/ml2/opendaylight.pp
new file mode 100644
index 0000000..f25aea6
--- /dev/null
+++ b/manifests/profile/base/neutron/plugins/ml2/opendaylight.pp
@@ -0,0 +1,54 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::plugins::ml2::opendaylight
+#
+# OpenDaylight ML2 Neutron profile for TripleO
+#
+# === Parameters
+#
+# [*odl_port*]
+# (Optional) Port to use for OpenDaylight
+# Defaults to hiera('opendaylight::odl_rest_port')
+#
+# [*conn_proto*]
+# (Optional) Protocol to use to for ODL REST access
+# Defaults to hiera('opendaylight::nb_connection_protocol')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::plugins::ml2::opendaylight (
+ $odl_port = hiera('opendaylight::odl_rest_port'),
+ $conn_proto = hiera('opendaylight::nb_connection_protocol'),
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ # Figure out ODL IP
+ if hiera('odl_on_controller') {
+ $odl_url_ip = hiera('opendaylight_api_vip')
+ } else {
+ $odl_url_ip = hiera('opendaylight::odl_bind_ip')
+ }
+
+ if ! $odl_url_ip { fail('OpenDaylight Controller IP/VIP is Empty') }
+
+ class { '::neutron::plugins::ml2::opendaylight':
+ odl_url => "${conn_proto}://${odl_url_ip}:${odl_port}/controller/nb/v2/neutron";
+ }
+ }
+}
diff --git a/manifests/profile/base/neutron/plugins/ovs/opendaylight.pp b/manifests/profile/base/neutron/plugins/ovs/opendaylight.pp
new file mode 100644
index 0000000..7548046
--- /dev/null
+++ b/manifests/profile/base/neutron/plugins/ovs/opendaylight.pp
@@ -0,0 +1,73 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::plugins::ovs::opendaylight
+#
+# OpenDaylight Neutron OVS profile for TripleO
+#
+# === Parameters
+#
+# [*odl_port*]
+# (Optional) Port to use for OpenDaylight
+# Defaults to hiera('opendaylight::odl_rest_port')
+#
+# [*odl_check_url*]
+# (Optional) URL path used to check if ODL is up
+# Defaults to hiera('opendaylight_check_url')
+#
+# [*odl_api_ips*]
+# (Optional) List of OpenStack Controller IPs for ODL API
+# Defaults to hiera('opendaylight_api_node_ips')
+#
+# [*conn_proto*]
+# (Optional) Protocol to use to for ODL REST access
+# Defaults to hiera('opendaylight::nb_connection_protocol')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::plugins::ovs::opendaylight (
+ $odl_port = hiera('opendaylight::odl_rest_port'),
+ $odl_check_url = hiera('opendaylight_check_url'),
+ $odl_api_ips = hiera('opendaylight_api_node_ips'),
+ $conn_proto = hiera('opendaylight::nb_connection_protocol'),
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ # Figure out ODL IP (and VIP if on controller)
+ if hiera('odl_on_controller') {
+ $opendaylight_controller_ip = $odl_api_ips[0]
+ $odl_url_ip = hiera('opendaylight_api_vip')
+ } else {
+ $opendaylight_controller_ip = hiera('opendaylight::odl_bind_ip')
+ $odl_url_ip = $opendaylight_controller_ip
+ }
+
+ if ! $opendaylight_controller_ip { fail('OpenDaylight Controller IP is Empty') }
+
+ if ! $odl_url_ip { fail('OpenDaylight API VIP is Empty') }
+
+ # Build URL to check if ODL is up before connecting OVS
+ $opendaylight_url = "${conn_proto}://${odl_url_ip}:${odl_port}/${odl_check_url}"
+
+ class { '::neutron::plugins::ovs::opendaylight':
+ tunnel_ip => hiera('neutron::agents::ml2::ovs::local_ip'),
+ odl_check_url => $opendaylight_url,
+ odl_ovsdb_iface => "tcp:${opendaylight_controller_ip}:6640",
+ }
+ }
+}
diff --git a/manifests/profile/base/neutron/sriov.pp b/manifests/profile/base/neutron/sriov.pp
new file mode 100644
index 0000000..9b5f34c
--- /dev/null
+++ b/manifests/profile/base/neutron/sriov.pp
@@ -0,0 +1,42 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::sriov
+#
+# Neutron SR-IOV nic Agent profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*mechanism_drivers*]
+# (Optional) The mechanism drivers to use with the Ml2 plugin
+# Defaults to hiera('neutron::plugins::ml2::mechanism_drivers')
+#
+
+class tripleo::profile::base::neutron::sriov(
+ $step = hiera('step'),
+ $mechanism_drivers = hiera('neutron::plugins::ml2::mechanism_drivers'),
+) {
+
+ if $step >= 4 {
+ if 'sriovnicswitch' in $mechanism_drivers {
+ include ::neutron::agents::ml2::sriov
+ }
+ }
+
+}
diff --git a/manifests/profile/base/nova.pp b/manifests/profile/base/nova.pp
index 07c3be1..b43b8e8 100644
--- a/manifests/profile/base/nova.pp
+++ b/manifests/profile/base/nova.pp
@@ -52,9 +52,9 @@ class tripleo::profile::base::nova (
}
if hiera('nova::use_ipv6', false) {
- $memcache_servers = suffix(hiera('memcache_node_ips_v6'), ':11211')
+ $memcache_servers = suffix(hiera('memcached_node_ips_v6'), ':11211')
} else {
- $memcache_servers = suffix(hiera('memcache_node_ips'), ':11211')
+ $memcache_servers = suffix(hiera('memcached_node_ips'), ':11211')
}
if hiera('step') >= 4 or (hiera('step') >= 3 and $sync_db) {
diff --git a/manifests/profile/base/rabbitmq.pp b/manifests/profile/base/rabbitmq.pp
index dc6ea4d..2fd2347 100644
--- a/manifests/profile/base/rabbitmq.pp
+++ b/manifests/profile/base/rabbitmq.pp
@@ -36,7 +36,7 @@
#
# [*nodes*]
# (Optional) Array of host(s) for RabbitMQ nodes.
-# Defaults to hiera('rabbit_node_ips', []).
+# Defaults to hiera('rabbitmq_node_ips', []).
#
# [*step*]
# (Optional) The current step in deployment. See tripleo-heat-templates
@@ -48,7 +48,7 @@ class tripleo::profile::base::rabbitmq (
$environment = hiera('rabbitmq_environment'),
$ipv6 = str2bool(hiera('rabbit_ipv6', false)),
$kernel_variables = hiera('rabbitmq_kernel_variables'),
- $nodes = hiera('rabbit_node_ips', []),
+ $nodes = hiera('rabbitmq_node_ips', []),
$step = hiera('step'),
) {
# IPv6 environment, necessary for RabbitMQ.
diff --git a/manifests/profile/base/swift/storage.pp b/manifests/profile/base/swift/storage.pp
index 5e266a9..0b09ea6 100644
--- a/manifests/profile/base/swift/storage.pp
+++ b/manifests/profile/base/swift/storage.pp
@@ -34,6 +34,7 @@ class tripleo::profile::base::swift::storage (
) {
if $step >= 4 {
if $enable_swift_storage {
+ include ::swift::storage::disks
include ::swift::storage::all
if(!defined(File['/srv/node'])) {
file { '/srv/node':
diff --git a/manifests/profile/base/ui.pp b/manifests/profile/base/ui.pp
new file mode 100644
index 0000000..22371d1
--- /dev/null
+++ b/manifests/profile/base/ui.pp
@@ -0,0 +1,24 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ui
+#
+# UI profile for tripleo
+#
+class tripleo::profile::base::ui () {
+ package {'openstack-tripleo-ui': }
+
+ include ::apache
+}
+
diff --git a/manifests/profile/pacemaker/ceilometer.pp b/manifests/profile/pacemaker/ceilometer.pp
index 531b4bc..a31128d 100644
--- a/manifests/profile/pacemaker/ceilometer.pp
+++ b/manifests/profile/pacemaker/ceilometer.pp
@@ -87,22 +87,6 @@ class tripleo::profile::pacemaker::ceilometer (
require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
}
- pacemaker::constraint::base { 'ceilometer-collector-then-ceilometer-api-constraint':
- constraint_type => 'order',
- first_resource => "${::ceilometer::params::collector_service_name}-clone",
- second_resource => "${::ceilometer::params::api_service_name}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name],
- Pacemaker::Resource::Service[$::ceilometer::params::api_service_name]],
- }
- pacemaker::constraint::colocation { 'ceilometer-api-with-ceilometer-collector-colocation':
- source => "${::ceilometer::params::api_service_name}-clone",
- target => "${::ceilometer::params::collector_service_name}-clone",
- score => 'INFINITY',
- require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
- Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
- }
}
}
diff --git a/manifests/profile/pacemaker/ceilometer/api.pp b/manifests/profile/pacemaker/ceilometer/api.pp
index 0eddaec..169121b 100644
--- a/manifests/profile/pacemaker/ceilometer/api.pp
+++ b/manifests/profile/pacemaker/ceilometer/api.pp
@@ -34,10 +34,11 @@ class tripleo::profile::pacemaker::ceilometer::api (
include ::ceilometer::params
include ::tripleo::profile::pacemaker::ceilometer
include ::tripleo::profile::base::ceilometer::api
+ include ::tripleo::profile::pacemaker::apache
if $step >= 5 and downcase($::hostname) == $pacemaker_master {
- pacemaker::resource::service { $::ceilometer::params::api_service_name :
- clone_params => 'interleave=true',
+ class { '::tripleo::profile::base::ceilometer::api':
+ step => $step,
}
}
diff --git a/manifests/profile/pacemaker/cinder/backup.pp b/manifests/profile/pacemaker/cinder/backup.pp
new file mode 100644
index 0000000..20a0104
--- /dev/null
+++ b/manifests/profile/pacemaker/cinder/backup.pp
@@ -0,0 +1,54 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::cinder::backup
+#
+# Cinder Backup Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::cinder::backup (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ Service <| tag == 'cinder::backup' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ include ::tripleo::profile::base::cinder::backup
+
+ if $step >= 5 and $pacemaker_master {
+ pacemaker::resource::service { $::cinder::params::backup_service : }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/database/mysql.pp b/manifests/profile/pacemaker/database/mysql.pp
index 255b260..fceb415 100644
--- a/manifests/profile/pacemaker/database/mysql.pp
+++ b/manifests/profile/pacemaker/database/mysql.pp
@@ -71,7 +71,7 @@ class tripleo::profile::pacemaker::database::mysql (
mysql_server_options => $mysqld_options,
}
- if $step >= 2 and $pacemaker_master {
+ if $step >= 2 {
if $pacemaker_master {
pacemaker::resource::ocf { 'galera' :
ocf_agent_name => 'heartbeat:galera',
diff --git a/manifests/profile/pacemaker/manila.pp b/manifests/profile/pacemaker/manila.pp
index 43ae875..37c67ab 100644
--- a/manifests/profile/pacemaker/manila.pp
+++ b/manifests/profile/pacemaker/manila.pp
@@ -83,6 +83,34 @@
# (Optional)
# Defaults to hiera('manila::backend::generic::volume_snapshot_name_template')
#
+# [*manila_cephfsnative_enable*]
+# (Optional) Enable the CephFS Native backend.
+# Defaults to hiera('manila_cephfsnative_enable_backend', 'false')
+#
+# [*cephfs_handles_share_servers*]
+# (Optional)
+# Defaults to hiera('manila::backend::cephfsnative::driver_handles_share_servers', false)
+#
+# [*cephfs_backend_name*]
+# (Optional)
+# Defaults to hiera('manila::backend::cephfsnative::cephfs_backend_name')
+#
+# [*cephfs_conf_path*]
+# (Optional)
+# Defaults to hiera('manila::backend::cephfsnative::cephfs_conf_path')
+#
+# [*cephfs_auth_id*]
+# (Optional)
+# Defaults to hiera('manila::backend::cephfsnative::cephfs_auth_id')
+#
+# [*cephfs_cluster_name*]
+# (Optional)
+# Defaults to hiera('manila::backend::cephfsnative::cephfs_cluster_name')
+#
+# [*cephfs_enable_snapshots*]
+# (Optional)
+# Defaults to hiera('manila::backend::cephfsnative::cephfs_enable_snapshots')
+#
class tripleo::profile::pacemaker::manila (
$bootstrap_node = hiera('bootstrap_nodeid'),
$cinder_volume_type = hiera('manila::backend::generic::cinder_volume_type', ''),
@@ -100,6 +128,13 @@ class tripleo::profile::pacemaker::manila (
$step = hiera('step'),
$volume_name_template = hiera('manila::backend::generic::volume_name_template'),
$volume_snapshot_name_template = hiera('manila::backend::generic::volume_snapshot_name_template'),
+ $manila_cephfsnative_enable = hiera('manila::backend::cephfsnative::enable_backend', false),
+ $cephfs_handles_share_servers = hiera('manila::backend::cephfsnative::driver_handles_share_servers'),
+ $cephfs_backend_name = hiera('manila::backend::cephfsnative::cephfs_backend_name'),
+ $cephfs_conf_path = hiera('manila::backend::cephfsnative::cephfs_conf_path'),
+ $cephfs_auth_id = hiera('manila::backend::cephfsnative::cephfs_auth_id'),
+ $cephfs_cluster_name = hiera('manila::backend::cephfsnative::cephfs_cluster_name'),
+ $cephfs_enable_snapshots = hiera('manila::backend::cephfsnative::cephfs_enable_snapshots'),
) {
if $::hostname == downcase($bootstrap_node) {
$pacemaker_master = true
@@ -145,7 +180,25 @@ class tripleo::profile::pacemaker::manila (
include ::manila::volume::cinder
}
- $manila_enabled_backends = delete_undef_values([$manila_generic_backend])
+ # manila cephfsnative:
+ if $manila_cephfsnative_enable {
+ $manila_cephfsnative_backend = hiera('manila::backend::cephfsnative::title')
+ manila::backend::cephfsnative { $manila_cephfsnative_backend :
+ driver_handles_share_servers => $cephfs_handles_share_servers,
+ cephfs_backend_name => $cephfs_backend_name,
+ cephfs_conf_path => $cephfs_conf_path,
+ cephfs_auth_id => $cephfs_auth_id,
+ cephfs_cluster_name => $cephfs_cluster_name,
+ cephfs_enable_snapshots => $cephfs_enable_snapshots,
+ }
+ }
+
+ $manila_enabled_backends = delete_undef_values(
+ [
+ $manila_generic_backend,
+ $manila_cephfsnative_backend
+ ]
+ )
class { '::manila::backends' :
enabled_share_backends => $manila_enabled_backends,
}
diff --git a/manifests/trusted_ca.pp b/manifests/trusted_ca.pp
new file mode 100644
index 0000000..4e62418
--- /dev/null
+++ b/manifests/trusted_ca.pp
@@ -0,0 +1,39 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::trusted_ca
+#
+# Does the necessary action to deploy and trust a CA certificate.
+#
+# === Parameters
+#
+# [*content*]
+# The content of the CA certificate in PEM format.
+#
+define tripleo::trusted_ca(
+ $content,
+) {
+ file { "/etc/pki/ca-trust/source/anchors/${name}.pem":
+ content => $content,
+ mode => '0644',
+ owner => 'root',
+ group => 'root',
+ }
+ exec { "trust-ca-${name}":
+ command => 'update-ca-trust extract',
+ path => '/usr/bin',
+ subscribe => File["/etc/pki/ca-trust/source/anchors/${name}.pem"],
+ refreshonly => true,
+ }
+}
diff --git a/manifests/trusted_cas.pp b/manifests/trusted_cas.pp
new file mode 100644
index 0000000..265a700
--- /dev/null
+++ b/manifests/trusted_cas.pp
@@ -0,0 +1,28 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::trusted_cas
+#
+# Does the necessary actions to deploy and trust a set of CA certificates.
+#
+# === Parameters
+#
+# [*ca_map*]
+# The content of the CA certificate in PEM format.
+#
+class tripleo::trusted_cas(
+ $ca_map = {},
+) {
+ create_resources('::tripleo::trusted_ca', $ca_map)
+}