aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--lib/facter/alt_fqdns.rb (renamed from lib/facter/galera_bootstrapped.rb)22
-rw-r--r--lib/puppet/parser/functions/lookup_hiera_hash.rb22
-rw-r--r--manifests/firewall/pre.pp2
-rw-r--r--manifests/firewall/rule.pp12
-rw-r--r--manifests/haproxy.pp (renamed from manifests/loadbalancer.pp)220
-rw-r--r--manifests/haproxy/endpoint.pp (renamed from manifests/loadbalancer/endpoint.pp)4
-rw-r--r--manifests/keepalived.pp144
-rw-r--r--manifests/profile/base/ceilometer.pp41
-rw-r--r--manifests/profile/base/ceilometer/agent/central.pp38
-rw-r--r--manifests/profile/base/ceilometer/agent/compute.pp38
-rw-r--r--manifests/profile/base/ceilometer/agent/notification.pp38
-rw-r--r--manifests/profile/base/ceilometer/api.pp37
-rw-r--r--manifests/profile/base/ceilometer/collector.pp50
-rw-r--r--manifests/profile/base/ceilometer/expirer.pp38
-rw-r--r--manifests/profile/base/ceph.pp80
-rw-r--r--manifests/profile/base/ceph/client.pp35
-rw-r--r--manifests/profile/base/ceph/mon.pp48
-rw-r--r--manifests/profile/base/ceph/osd.pp54
-rw-r--r--manifests/profile/base/cinder.pp52
-rw-r--r--manifests/profile/base/cinder/api.pp49
-rw-r--r--manifests/profile/base/cinder/scheduler.pp36
-rw-r--r--manifests/profile/base/cinder/volume.pp118
-rw-r--r--manifests/profile/base/cinder/volume/dellsc.pp51
-rw-r--r--manifests/profile/base/cinder/volume/eqlx.pp51
-rw-r--r--manifests/profile/base/cinder/volume/iscsi.pp62
-rw-r--r--manifests/profile/base/cinder/volume/netapp.pp66
-rw-r--r--manifests/profile/base/cinder/volume/nfs.pp62
-rw-r--r--manifests/profile/base/cinder/volume/rbd.pp66
-rw-r--r--manifests/profile/base/database/mongodb.pp54
-rw-r--r--manifests/profile/base/database/mongodbcommon.pp52
-rw-r--r--manifests/profile/base/database/redis.pp57
-rw-r--r--manifests/profile/base/glance/api.pp14
-rw-r--r--manifests/profile/base/glance/registry.pp14
-rw-r--r--manifests/profile/base/gnocchi.pp36
-rw-r--r--manifests/profile/base/gnocchi/api.pp58
-rw-r--r--manifests/profile/base/gnocchi/metricd.pp36
-rw-r--r--manifests/profile/base/gnocchi/statsd.pp36
-rw-r--r--manifests/profile/base/haproxy.pp42
-rw-r--r--manifests/profile/base/heat.pp72
-rw-r--r--manifests/profile/base/heat/api.pp35
-rw-r--r--manifests/profile/base/heat/api_cfn.pp35
-rw-r--r--manifests/profile/base/heat/api_cloudwatch.pp35
-rw-r--r--manifests/profile/base/heat/engine.pp44
-rw-r--r--manifests/profile/base/ironic.pp43
-rw-r--r--manifests/profile/base/ironic/api.pp33
-rw-r--r--manifests/profile/base/ironic/conductor.pp37
-rw-r--r--manifests/profile/base/keepalived.pp42
-rw-r--r--manifests/profile/base/kernel.pp (renamed from manifests/ssl/cinder_config.pp)18
-rw-r--r--manifests/profile/base/keystone.pp37
-rw-r--r--manifests/profile/base/manila/api.pp35
-rw-r--r--manifests/profile/base/manila/scheduler.pp46
-rw-r--r--manifests/profile/base/manila/share.pp35
-rw-r--r--manifests/profile/base/memcached.pp34
-rw-r--r--manifests/profile/base/neutron.pp37
-rw-r--r--manifests/profile/base/neutron/dhcp.pp48
-rw-r--r--manifests/profile/base/neutron/l3.pp39
-rw-r--r--manifests/profile/base/neutron/metadata.pp35
-rw-r--r--manifests/profile/base/neutron/midonet.pp129
-rw-r--r--manifests/profile/base/neutron/n1k.pp54
-rw-r--r--manifests/profile/base/neutron/ovs.pp39
-rw-r--r--manifests/profile/base/neutron/plugins/ml2.pp62
-rw-r--r--manifests/profile/base/neutron/plugins/nuage.pp38
-rw-r--r--manifests/profile/base/neutron/plugins/opencontrail.pp38
-rw-r--r--manifests/profile/base/neutron/plugins/plumgrid.pp40
-rw-r--r--manifests/profile/base/neutron/server.pp41
-rw-r--r--manifests/profile/base/nova.pp69
-rw-r--r--manifests/profile/base/nova/api.pp50
-rw-r--r--manifests/profile/base/nova/compute.pp59
-rw-r--r--manifests/profile/base/nova/compute/libvirt.pp66
-rw-r--r--manifests/profile/base/nova/conductor.pp35
-rw-r--r--manifests/profile/base/nova/consoleauth.pp35
-rw-r--r--manifests/profile/base/nova/libvirt.pp49
-rw-r--r--manifests/profile/base/nova/scheduler.pp36
-rw-r--r--manifests/profile/base/nova/vncproxy.pp35
-rw-r--r--manifests/profile/base/rabbitmq.pp96
-rw-r--r--manifests/profile/base/sahara.pp31
-rw-r--r--manifests/profile/base/sahara/api.pp33
-rw-r--r--manifests/profile/base/sahara/engine.pp42
-rw-r--r--manifests/profile/base/snmp.pp50
-rw-r--r--manifests/profile/base/swift/proxy.pp45
-rw-r--r--manifests/profile/base/swift/storage.pp52
-rw-r--r--manifests/profile/pacemaker/ceilometer.pp138
-rw-r--r--manifests/profile/pacemaker/ceilometer/agent/central.pp58
-rw-r--r--manifests/profile/pacemaker/ceilometer/agent/notification.pp45
-rw-r--r--manifests/profile/pacemaker/ceilometer/api.pp52
-rw-r--r--manifests/profile/pacemaker/ceilometer/collector.pp57
-rw-r--r--manifests/profile/pacemaker/cinder/api.pp67
-rw-r--r--manifests/profile/pacemaker/cinder/scheduler.pp72
-rw-r--r--manifests/profile/pacemaker/cinder/volume.pp70
-rw-r--r--manifests/profile/pacemaker/database/mongodb.pp74
-rw-r--r--manifests/profile/pacemaker/database/mongodbvalidator.pp37
-rw-r--r--manifests/profile/pacemaker/database/redis.pp63
-rw-r--r--manifests/profile/pacemaker/glance.pp14
-rw-r--r--manifests/profile/pacemaker/gnocchi.pp90
-rw-r--r--manifests/profile/pacemaker/gnocchi/api.pp46
-rw-r--r--manifests/profile/pacemaker/gnocchi/metricd.pp47
-rw-r--r--manifests/profile/pacemaker/gnocchi/statsd.pp47
-rw-r--r--manifests/profile/pacemaker/haproxy.pp99
-rw-r--r--manifests/profile/pacemaker/heat.pp46
-rw-r--r--manifests/profile/pacemaker/heat/api.pp50
-rw-r--r--manifests/profile/pacemaker/heat/api_cfn.pp50
-rw-r--r--manifests/profile/pacemaker/heat/api_cloudwatch.pp51
-rw-r--r--manifests/profile/pacemaker/heat/engine.pp52
-rw-r--r--manifests/profile/pacemaker/keystone.pp26
-rw-r--r--manifests/profile/pacemaker/manila.pp162
-rw-r--r--manifests/profile/pacemaker/memcached.pp61
-rw-r--r--manifests/profile/pacemaker/neutron.pp187
-rw-r--r--manifests/profile/pacemaker/neutron/dhcp.pp44
-rw-r--r--manifests/profile/pacemaker/neutron/l3.pp44
-rw-r--r--manifests/profile/pacemaker/neutron/metadata.pp44
-rw-r--r--manifests/profile/pacemaker/neutron/midonet.pp80
-rw-r--r--manifests/profile/pacemaker/neutron/ovs.pp88
-rw-r--r--manifests/profile/pacemaker/neutron/plugins/ml2.pp36
-rw-r--r--manifests/profile/pacemaker/neutron/plugins/nuage.pp33
-rw-r--r--manifests/profile/pacemaker/neutron/plugins/opencontrail.pp33
-rw-r--r--manifests/profile/pacemaker/neutron/plugins/plumgrid.pp33
-rw-r--r--manifests/profile/pacemaker/neutron/server.pp48
-rw-r--r--manifests/profile/pacemaker/nova.pp31
-rw-r--r--manifests/profile/pacemaker/nova/api.pp55
-rw-r--r--manifests/profile/pacemaker/nova/conductor.pp52
-rw-r--r--manifests/profile/pacemaker/nova/consoleauth.pp52
-rw-r--r--manifests/profile/pacemaker/nova/scheduler.pp52
-rw-r--r--manifests/profile/pacemaker/nova/vncproxy.pp52
-rw-r--r--manifests/profile/pacemaker/rabbitmq.pp67
-rw-r--r--manifests/profile/pacemaker/sahara.pp81
-rw-r--r--manifests/selinux.pp96
-rw-r--r--metadata.json28
-rw-r--r--spec/classes/tripleo_firewall_spec.rb18
-rw-r--r--spec/classes/tripleo_selinux_spec.rb106
-rw-r--r--spec/fixtures/hiera.yaml7
-rw-r--r--spec/fixtures/hieradata/default.yaml3
-rw-r--r--spec/functions/lookup_hiera_hash_spec.rb20
-rw-r--r--spec/spec_helper.rb1
-rw-r--r--templates/selinux/sysconfig_selinux.erb11
134 files changed, 6604 insertions, 271 deletions
diff --git a/lib/facter/galera_bootstrapped.rb b/lib/facter/alt_fqdns.rb
index ea9fe8c..24d6ef1 100644
--- a/lib/facter/galera_bootstrapped.rb
+++ b/lib/facter/alt_fqdns.rb
@@ -1,4 +1,4 @@
-# Copyright 2015 Red Hat, Inc.
+# Copyright 2016 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -12,8 +12,22 @@
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
-Facter.add('galera_bootstrapped') do
- setcode do
- FileTest.exists?('/var/lib/mysql/grastate.dat')
+[
+ 'external',
+ 'internalapi',
+ 'storage',
+ 'storagemgmt',
+ 'tenant',
+ 'management',
+].each do |network|
+ Facter.add('fqdn_' + network) do
+ setcode do
+ external_hostname_parts = [
+ Facter.value(:hostname),
+ network,
+ Facter.value(:domain),
+ ].reject { |part| part.empty? }
+ external_hostname_parts.join(".")
+ end
end
end
diff --git a/lib/puppet/parser/functions/lookup_hiera_hash.rb b/lib/puppet/parser/functions/lookup_hiera_hash.rb
new file mode 100644
index 0000000..d96d65f
--- /dev/null
+++ b/lib/puppet/parser/functions/lookup_hiera_hash.rb
@@ -0,0 +1,22 @@
+module Puppet::Parser::Functions
+ newfunction(:lookup_hiera_hash, :arity => 2, :type => :rvalue,
+ :doc => "Lookup a key->value from a Hiera hash") do |args|
+ hash_name = args[0]
+ key_name = args[1]
+ unless hash_name.is_a?(String) and key_name.is_a?(String)
+ raise Puppet::ParseError, "The hash name and the key name must be given as strings."
+ end
+ if defined? call_function
+ hash = call_function('hiera', [hash_name])
+ else
+ hash = function_hiera([hash_name])
+ end
+ unless hash.is_a?(Hash)
+ raise Puppet::ParseError, "The value Hiera returned for #{hash_name} is not a Hash."
+ end
+ unless hash.key?(key_name)
+ raise Puppet::ParseError, "The Hiera hash #{hash_name} does not contain key #{key_name}."
+ end
+ return hash[key_name]
+ end
+end
diff --git a/manifests/firewall/pre.pp b/manifests/firewall/pre.pp
index 2d7203a..7af7fbc 100644
--- a/manifests/firewall/pre.pp
+++ b/manifests/firewall/pre.pp
@@ -50,7 +50,7 @@ class tripleo::firewall::pre(
}
tripleo::firewall::rule{ '003 accept ssh':
- port => '22',
+ dport => '22',
extras => $firewall_settings,
}
diff --git a/manifests/firewall/rule.pp b/manifests/firewall/rule.pp
index ca9c6d0..c63162b 100644
--- a/manifests/firewall/rule.pp
+++ b/manifests/firewall/rule.pp
@@ -23,6 +23,14 @@
# (optional) The port associated to the rule.
# Defaults to undef
#
+# [*dport*]
+# (optional) The destination port associated to the rule.
+# Defaults to undef
+#
+# [*sport*]
+# (optional) The source port associated to the rule.
+# Defaults to undef
+#
# [*proto*]
# (optional) The protocol associated to the rule.
# Defaults to 'tcp'
@@ -57,6 +65,8 @@
#
define tripleo::firewall::rule (
$port = undef,
+ $dport = undef,
+ $sport = undef,
$proto = 'tcp',
$action = 'accept',
$state = ['NEW'],
@@ -69,6 +79,8 @@ define tripleo::firewall::rule (
$basic = {
'port' => $port,
+ 'dport' => $dport,
+ 'sport' => $sport,
'proto' => $proto,
'action' => $action,
'state' => $state,
diff --git a/manifests/loadbalancer.pp b/manifests/haproxy.pp
index 664590b..e3e48ce 100644
--- a/manifests/loadbalancer.pp
+++ b/manifests/haproxy.pp
@@ -13,13 +13,13 @@
# License for the specific language governing permissions and limitations
# under the License.
-# == Class: tripleo::loadbalancer
+# == Class: tripleo::haproxy
#
-# Configure an HAProxy/keepalived loadbalancer for TripleO.
+# Configure HAProxy for TripleO.
#
# === Parameters:
#
-# [*manage_vip*]
+# [*keepalived*]
# Whether to configure keepalived to manage the VIPs or not.
# Defaults to true
#
@@ -53,57 +53,27 @@
# The IPv4, IPv6 or filesystem socket path of the syslog server.
# Defaults to '/dev/log'
#
-# [*controller_host*]
-# (Deprecated)Host or group of hosts to load-balance the services
-# Can be a string or an array.
-# Defaults to undef
-#
# [*controller_hosts*]
# IPs of host or group of hosts to load-balance the services
# Can be a string or an array.
-# Defaults to undef
+# Defaults tohiera('controller_node_ips')
#
# [*controller_hosts_names*]
# Names of host or group of hosts to load-balance the services
# Can be a string or an array.
-# Defaults to undef
+# Defaults to hiera('controller_node_names', undef)
#
# [*controller_virtual_ip*]
# Control IP or group of IPs to bind the pools
# Can be a string or an array.
# Defaults to undef
#
-# [*control_virtual_interface*]
-# Interface to bind the control VIP
-# Can be a string or an array.
-# Defaults to undef
-#
-# [*public_virtual_interface*]
-# Interface to bind the public VIP
-# Can be a string or an array.
-# Defaults to undef
-#
# [*public_virtual_ip*]
# Public IP or group of IPs to bind the pools
# Can be a string or an array.
# Defaults to undef
-#
-# [*internal_api_virtual_ip*]
-# Virtual IP on the internal API network.
-# A string.
-# Defaults to false
-#
-# [*storage_virtual_ip*]
-# Virtual IP on the storage network.
-# A string.
-# Defaults to false
-#
-# [*storage_mgmt_virtual_ip*]
-# Virtual IP on the storage mgmt network.
-# A string.
-# Defaults to false
-#
# [*haproxy_stats_user*]
+#
# Username for haproxy stats authentication.
# A string.
# Defaults to 'admin'
@@ -175,10 +145,6 @@
# (optional) Enable or not Glance registry binding
# Defaults to false
#
-# [*nova_ec2*]
-# (optional) Enable or not Nova EC2 API binding
-# Defaults to false
-#
# [*nova_osapi*]
# (optional) Enable or not Nova API binding
# Defaults to false
@@ -269,7 +235,7 @@
# 'heat_api_port' (Defaults to 8004)
# 'heat_api_ssl_port' (Defaults to 13004)
# 'heat_cfn_port' (Defaults to 8000)
-# 'heat_cfn_ssl_port' (Defaults to 13800)
+# 'heat_cfn_ssl_port' (Defaults to 13005)
# 'heat_cw_port' (Defaults to 8003)
# 'heat_cw_ssl_port' (Defaults to 13003)
# 'ironic_api_port' (Defaults to 6385)
@@ -284,8 +250,6 @@
# 'neutron_api_ssl_port' (Defaults to 13696)
# 'nova_api_port' (Defaults to 8774)
# 'nova_api_ssl_port' (Defaults to 13774)
-# 'nova_ec2_port' (Defaults to 8773)
-# 'nova_ec2_ssl_port' (Defaults to 13773)
# 'nova_metadata_port' (Defaults to 8775)
# 'nova_novnc_port' (Defaults to 6080)
# 'nova_novnc_ssl_port' (Defaults to 13080)
@@ -297,15 +261,10 @@
# 'trove_api_ssl_port' (Defaults to 13779)
# Defaults to {}
#
-class tripleo::loadbalancer (
+class tripleo::haproxy (
$controller_virtual_ip,
- $control_virtual_interface,
- $public_virtual_interface,
$public_virtual_ip,
- $internal_api_virtual_ip = false,
- $storage_virtual_ip = false,
- $storage_mgmt_virtual_ip = false,
- $manage_vip = true,
+ $keepalived = true,
$haproxy_service_manage = true,
$haproxy_global_maxconn = 20480,
$haproxy_default_maxconn = 4096,
@@ -315,9 +274,8 @@ class tripleo::loadbalancer (
$haproxy_log_address = '/dev/log',
$haproxy_stats_user = 'admin',
$haproxy_stats_password = undef,
- $controller_host = undef,
- $controller_hosts = undef,
- $controller_hosts_names = undef,
+ $controller_hosts = hiera('controller_node_ips'),
+ $controller_hosts_names = hiera('controller_node_names', undef),
$service_certificate = undef,
$internal_certificate = undef,
$ssl_cipher_suite = '!SSLv2:kEECDH:kRSA:kEDH:kPSK:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES',
@@ -332,7 +290,6 @@ class tripleo::loadbalancer (
$manila = false,
$glance_api = false,
$glance_registry = false,
- $nova_ec2 = false,
$nova_osapi = false,
$nova_metadata = false,
$nova_novncproxy = false,
@@ -368,7 +325,7 @@ class tripleo::loadbalancer (
heat_api_port => 8004,
heat_api_ssl_port => 13004,
heat_cfn_port => 8000,
- heat_cfn_ssl_port => 13800,
+ heat_cfn_ssl_port => 13005,
heat_cw_port => 8003,
heat_cw_ssl_port => 13003,
ironic_api_port => 6385,
@@ -383,8 +340,6 @@ class tripleo::loadbalancer (
neutron_api_ssl_port => 13696,
nova_api_port => 8774,
nova_api_ssl_port => 13774,
- nova_ec2_port => 8773,
- nova_ec2_ssl_port => 13773,
nova_metadata_port => 8775,
nova_novnc_port => 6080,
nova_novnc_ssl_port => 13080,
@@ -397,100 +352,16 @@ class tripleo::loadbalancer (
}
$ports = merge($default_service_ports, $service_ports)
- if !$controller_host and !$controller_hosts {
- fail('$controller_hosts or $controller_host (now deprecated) is a mandatory parameter')
- }
- if $controller_hosts {
- $controller_hosts_real = $controller_hosts
- } else {
- warning('$controller_host has been deprecated in favor of $controller_hosts')
- $controller_hosts_real = $controller_host
- }
-
- if !$controller_hosts_names {
+ $controller_hosts_real = any2array(split($controller_hosts, ','))
+ if ! $controller_hosts_names {
$controller_hosts_names_real = $controller_hosts_real
} else {
- $controller_hosts_names_real = $controller_hosts_names
- }
-
- if $manage_vip {
- case $::osfamily {
- 'RedHat': {
- $keepalived_name_is_process = false
- $keepalived_vrrp_script = 'systemctl status haproxy.service'
- } # RedHat
- 'Debian': {
- $keepalived_name_is_process = true
- $keepalived_vrrp_script = undef
- }
- default: {
- warning('Please configure keepalived defaults in tripleo::loadbalancer.')
- $keepalived_name_is_process = undef
- $keepalived_vrrp_script = undef
- }
- }
-
- class { '::keepalived': }
- keepalived::vrrp_script { 'haproxy':
- name_is_process => $keepalived_name_is_process,
- script => $keepalived_vrrp_script,
- }
-
- # KEEPALIVE INSTANCE CONTROL
- keepalived::instance { '51':
- interface => $control_virtual_interface,
- virtual_ips => [join([$controller_virtual_ip, ' dev ', $control_virtual_interface])],
- state => 'MASTER',
- track_script => ['haproxy'],
- priority => 101,
- }
-
- # KEEPALIVE INSTANCE PUBLIC
- keepalived::instance { '52':
- interface => $public_virtual_interface,
- virtual_ips => [join([$public_virtual_ip, ' dev ', $public_virtual_interface])],
- state => 'MASTER',
- track_script => ['haproxy'],
- priority => 101,
- }
-
-
- if $internal_api_virtual_ip and $internal_api_virtual_ip != $controller_virtual_ip {
- $internal_api_virtual_interface = interface_for_ip($internal_api_virtual_ip)
- # KEEPALIVE INTERNAL API NETWORK
- keepalived::instance { '53':
- interface => $internal_api_virtual_interface,
- virtual_ips => [join([$internal_api_virtual_ip, ' dev ', $internal_api_virtual_interface])],
- state => 'MASTER',
- track_script => ['haproxy'],
- priority => 101,
- }
- }
-
- if $storage_virtual_ip and $storage_virtual_ip != $controller_virtual_ip {
- $storage_virtual_interface = interface_for_ip($storage_virtual_ip)
- # KEEPALIVE STORAGE NETWORK
- keepalived::instance { '54':
- interface => $storage_virtual_interface,
- virtual_ips => [join([$storage_virtual_ip, ' dev ', $storage_virtual_interface])],
- state => 'MASTER',
- track_script => ['haproxy'],
- priority => 101,
- }
- }
-
- if $storage_mgmt_virtual_ip and $storage_mgmt_virtual_ip != $controller_virtual_ip {
- $storage_mgmt_virtual_interface = interface_for_ip($storage_mgmt_virtual_ip)
- # KEEPALIVE STORAGE MANAGEMENT NETWORK
- keepalived::instance { '55':
- interface => $storage_mgmt_virtual_interface,
- virtual_ips => [join([$storage_mgmt_virtual_ip, ' dev ', $storage_mgmt_virtual_interface])],
- state => 'MASTER',
- track_script => ['haproxy'],
- priority => 101,
- }
- }
+ $controller_hosts_names_real = downcase(any2array(split($controller_hosts_names, ',')))
+ }
+ # This code will be removed once we switch undercloud and overcloud to use both haproxy & keepalived roles.
+ if $keepalived {
+ include ::tripleo::keepalived
}
# TODO(bnemec): When we have support for SSL on private and admin endpoints,
@@ -579,7 +450,7 @@ class tripleo::loadbalancer (
},
}
- Tripleo::Loadbalancer::Endpoint {
+ Tripleo::Haproxy::Endpoint {
haproxy_listen_bind_param => $haproxy_listen_bind_param,
member_options => $haproxy_member_options,
public_certificate => $service_certificate,
@@ -602,7 +473,7 @@ class tripleo::loadbalancer (
}
if $keystone_admin {
- ::tripleo::loadbalancer::endpoint { 'keystone_admin':
+ ::tripleo::haproxy::endpoint { 'keystone_admin':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('keystone_admin_api_vip', $controller_virtual_ip),
service_port => $ports[keystone_admin_api_port],
@@ -619,7 +490,7 @@ class tripleo::loadbalancer (
}
if $keystone_public {
- ::tripleo::loadbalancer::endpoint { 'keystone_public':
+ ::tripleo::haproxy::endpoint { 'keystone_public':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('keystone_public_api_vip', $controller_virtual_ip),
service_port => $ports[keystone_public_api_port],
@@ -636,7 +507,7 @@ class tripleo::loadbalancer (
}
if $neutron {
- ::tripleo::loadbalancer::endpoint { 'neutron':
+ ::tripleo::haproxy::endpoint { 'neutron':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('neutron_api_vip', $controller_virtual_ip),
service_port => $ports[neutron_api_port],
@@ -647,7 +518,7 @@ class tripleo::loadbalancer (
}
if $cinder {
- ::tripleo::loadbalancer::endpoint { 'cinder':
+ ::tripleo::haproxy::endpoint { 'cinder':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('cinder_api_vip', $controller_virtual_ip),
service_port => $ports[cinder_api_port],
@@ -664,7 +535,7 @@ class tripleo::loadbalancer (
}
if $manila {
- ::tripleo::loadbalancer::endpoint { 'manila':
+ ::tripleo::haproxy::endpoint { 'manila':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('manila_api_vip', $controller_virtual_ip),
service_port => $ports[manila_api_port],
@@ -675,7 +546,7 @@ class tripleo::loadbalancer (
}
if $sahara {
- ::tripleo::loadbalancer::endpoint { 'sahara':
+ ::tripleo::haproxy::endpoint { 'sahara':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('sahara_api_vip', $controller_virtual_ip),
service_port => $ports[sahara_api_port],
@@ -686,7 +557,7 @@ class tripleo::loadbalancer (
}
if $trove {
- ::tripleo::loadbalancer::endpoint { 'trove':
+ ::tripleo::haproxy::endpoint { 'trove':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('trove_api_vip', $controller_virtual_ip),
service_port => $ports[trove_api_port],
@@ -697,7 +568,7 @@ class tripleo::loadbalancer (
}
if $glance_api {
- ::tripleo::loadbalancer::endpoint { 'glance_api':
+ ::tripleo::haproxy::endpoint { 'glance_api':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('glance_api_vip', $controller_virtual_ip),
service_port => $ports[glance_api_port],
@@ -708,7 +579,7 @@ class tripleo::loadbalancer (
}
if $glance_registry {
- ::tripleo::loadbalancer::endpoint { 'glance_registry':
+ ::tripleo::haproxy::endpoint { 'glance_registry':
internal_ip => hiera('glance_registry_vip', $controller_virtual_ip),
service_port => $ports[glance_registry_port],
ip_addresses => hiera('glance_registry_node_ips', $controller_hosts_real),
@@ -717,19 +588,8 @@ class tripleo::loadbalancer (
}
$nova_api_vip = hiera('nova_api_vip', $controller_virtual_ip)
- if $nova_ec2 {
- ::tripleo::loadbalancer::endpoint { 'nova_ec2':
- public_virtual_ip => $public_virtual_ip,
- internal_ip => $nova_api_vip,
- service_port => $ports[nova_ec2_port],
- ip_addresses => hiera('nova_api_node_ips', $controller_hosts_real),
- server_names => $controller_hosts_names_real,
- public_ssl_port => $ports[nova_ec2_ssl_port],
- }
- }
-
if $nova_osapi {
- ::tripleo::loadbalancer::endpoint { 'nova_osapi':
+ ::tripleo::haproxy::endpoint { 'nova_osapi':
public_virtual_ip => $public_virtual_ip,
internal_ip => $nova_api_vip,
service_port => $ports[nova_api_port],
@@ -746,7 +606,7 @@ class tripleo::loadbalancer (
}
if $nova_metadata {
- ::tripleo::loadbalancer::endpoint { 'nova_metadata':
+ ::tripleo::haproxy::endpoint { 'nova_metadata':
internal_ip => hiera('nova_metadata_vip', $controller_virtual_ip),
service_port => $ports[nova_metadata_port],
ip_addresses => hiera('nova_metadata_node_ips', $controller_hosts_real),
@@ -755,7 +615,7 @@ class tripleo::loadbalancer (
}
if $nova_novncproxy {
- ::tripleo::loadbalancer::endpoint { 'nova_novncproxy':
+ ::tripleo::haproxy::endpoint { 'nova_novncproxy':
public_virtual_ip => $public_virtual_ip,
internal_ip => $nova_api_vip,
service_port => $ports[nova_novnc_port],
@@ -770,7 +630,7 @@ class tripleo::loadbalancer (
}
if $ceilometer {
- ::tripleo::loadbalancer::endpoint { 'ceilometer':
+ ::tripleo::haproxy::endpoint { 'ceilometer':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('ceilometer_api_vip', $controller_virtual_ip),
service_port => $ports[ceilometer_api_port],
@@ -781,7 +641,7 @@ class tripleo::loadbalancer (
}
if $aodh {
- ::tripleo::loadbalancer::endpoint { 'aodh':
+ ::tripleo::haproxy::endpoint { 'aodh':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('aodh_api_vip', $controller_virtual_ip),
service_port => $ports[aodh_api_port],
@@ -792,7 +652,7 @@ class tripleo::loadbalancer (
}
if $gnocchi {
- ::tripleo::loadbalancer::endpoint { 'gnocchi':
+ ::tripleo::haproxy::endpoint { 'gnocchi':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('gnocchi_api_vip', $controller_virtual_ip),
service_port => $ports[gnocchi_api_port],
@@ -803,7 +663,7 @@ class tripleo::loadbalancer (
}
if $swift_proxy_server {
- ::tripleo::loadbalancer::endpoint { 'swift_proxy_server':
+ ::tripleo::haproxy::endpoint { 'swift_proxy_server':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('swift_proxy_vip', $controller_virtual_ip),
service_port => $ports[swift_proxy_port],
@@ -829,7 +689,7 @@ class tripleo::loadbalancer (
}
if $heat_api {
- ::tripleo::loadbalancer::endpoint { 'heat_api':
+ ::tripleo::haproxy::endpoint { 'heat_api':
public_virtual_ip => $public_virtual_ip,
internal_ip => $heat_api_vip,
service_port => $ports[heat_api_port],
@@ -842,7 +702,7 @@ class tripleo::loadbalancer (
}
if $heat_cloudwatch {
- ::tripleo::loadbalancer::endpoint { 'heat_cloudwatch':
+ ::tripleo::haproxy::endpoint { 'heat_cloudwatch':
public_virtual_ip => $public_virtual_ip,
internal_ip => $heat_api_vip,
service_port => $ports[heat_cw_port],
@@ -855,7 +715,7 @@ class tripleo::loadbalancer (
}
if $heat_cfn {
- ::tripleo::loadbalancer::endpoint { 'heat_cfn':
+ ::tripleo::haproxy::endpoint { 'heat_cfn':
public_virtual_ip => $public_virtual_ip,
internal_ip => $heat_api_vip,
service_port => $ports[heat_cfn_port],
@@ -884,7 +744,7 @@ class tripleo::loadbalancer (
}
if $ironic {
- ::tripleo::loadbalancer::endpoint { 'ironic':
+ ::tripleo::haproxy::endpoint { 'ironic':
public_virtual_ip => $public_virtual_ip,
internal_ip => hiera('ironic_api_vip', $controller_virtual_ip),
service_port => $ports[ironic_api_port],
diff --git a/manifests/loadbalancer/endpoint.pp b/manifests/haproxy/endpoint.pp
index f75f79a..94bfcff 100644
--- a/manifests/loadbalancer/endpoint.pp
+++ b/manifests/haproxy/endpoint.pp
@@ -13,7 +13,7 @@
# License for the specific language governing permissions and limitations
# under the License.
-# == Class: tripleo::loadbalancer::endpoint
+# == Class: tripleo::haproxy::endpoint
#
# Configure a HAProxy listen endpoint
#
@@ -68,7 +68,7 @@
# Certificate path used to enable TLS for the internal proxy endpoint.
# Defaults to undef.
#
-define tripleo::loadbalancer::endpoint (
+define tripleo::haproxy::endpoint (
$internal_ip,
$service_port,
$ip_addresses,
diff --git a/manifests/keepalived.pp b/manifests/keepalived.pp
new file mode 100644
index 0000000..45d772e
--- /dev/null
+++ b/manifests/keepalived.pp
@@ -0,0 +1,144 @@
+# Copyright 2014 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+# == Class: tripleo::keepalived
+#
+# Configure keepalived for TripleO.
+#
+# === Parameters:
+#
+# [*controller_virtual_ip*]
+# Control IP or group of IPs to bind the pools
+# Can be a string or an array.
+# Defaults to undef
+#
+# [*control_virtual_interface*]
+# Interface to bind the control VIP
+# Can be a string or an array.
+# Defaults to undef
+#
+# [*public_virtual_interface*]
+# Interface to bind the public VIP
+# Can be a string or an array.
+# Defaults to undef
+#
+# [*public_virtual_ip*]
+# Public IP or group of IPs to bind the pools
+# Can be a string or an array.
+# Defaults to undef
+#
+# [*internal_api_virtual_ip*]
+# Virtual IP on the internal API network.
+# A string.
+# Defaults to false
+#
+# [*storage_virtual_ip*]
+# Virtual IP on the storage network.
+# A string.
+# Defaults to false
+#
+# [*storage_mgmt_virtual_ip*]
+# Virtual IP on the storage mgmt network.
+# A string.
+# Defaults to false
+#
+class tripleo::keepalived (
+ $controller_virtual_ip,
+ $control_virtual_interface,
+ $public_virtual_interface,
+ $public_virtual_ip,
+ $internal_api_virtual_ip = false,
+ $storage_virtual_ip = false,
+ $storage_mgmt_virtual_ip = false,
+) {
+
+ case $::osfamily {
+ 'RedHat': {
+ $keepalived_name_is_process = false
+ $keepalived_vrrp_script = 'systemctl status haproxy.service'
+ } # RedHat
+ 'Debian': {
+ $keepalived_name_is_process = true
+ $keepalived_vrrp_script = undef
+ }
+ default: {
+ warning('Please configure keepalived defaults in tripleo::keepalived.')
+ $keepalived_name_is_process = undef
+ $keepalived_vrrp_script = undef
+ }
+ }
+
+ class { '::keepalived': }
+ keepalived::vrrp_script { 'haproxy':
+ name_is_process => $keepalived_name_is_process,
+ script => $keepalived_vrrp_script,
+ }
+
+ # KEEPALIVE INSTANCE CONTROL
+ keepalived::instance { '51':
+ interface => $control_virtual_interface,
+ virtual_ips => [join([$controller_virtual_ip, ' dev ', $control_virtual_interface])],
+ state => 'MASTER',
+ track_script => ['haproxy'],
+ priority => 101,
+ }
+
+ # KEEPALIVE INSTANCE PUBLIC
+ keepalived::instance { '52':
+ interface => $public_virtual_interface,
+ virtual_ips => [join([$public_virtual_ip, ' dev ', $public_virtual_interface])],
+ state => 'MASTER',
+ track_script => ['haproxy'],
+ priority => 101,
+ }
+
+
+ if $internal_api_virtual_ip and $internal_api_virtual_ip != $controller_virtual_ip {
+ $internal_api_virtual_interface = interface_for_ip($internal_api_virtual_ip)
+ # KEEPALIVE INTERNAL API NETWORK
+ keepalived::instance { '53':
+ interface => $internal_api_virtual_interface,
+ virtual_ips => [join([$internal_api_virtual_ip, ' dev ', $internal_api_virtual_interface])],
+ state => 'MASTER',
+ track_script => ['haproxy'],
+ priority => 101,
+ }
+ }
+
+ if $storage_virtual_ip and $storage_virtual_ip != $controller_virtual_ip {
+ $storage_virtual_interface = interface_for_ip($storage_virtual_ip)
+ # KEEPALIVE STORAGE NETWORK
+ keepalived::instance { '54':
+ interface => $storage_virtual_interface,
+ virtual_ips => [join([$storage_virtual_ip, ' dev ', $storage_virtual_interface])],
+ state => 'MASTER',
+ track_script => ['haproxy'],
+ priority => 101,
+ }
+ }
+
+ if $storage_mgmt_virtual_ip and $storage_mgmt_virtual_ip != $controller_virtual_ip {
+ $storage_mgmt_virtual_interface = interface_for_ip($storage_mgmt_virtual_ip)
+ # KEEPALIVE STORAGE MANAGEMENT NETWORK
+ keepalived::instance { '55':
+ interface => $storage_mgmt_virtual_interface,
+ virtual_ips => [join([$storage_mgmt_virtual_ip, ' dev ', $storage_mgmt_virtual_interface])],
+ state => 'MASTER',
+ track_script => ['haproxy'],
+ priority => 101,
+ }
+ }
+
+}
diff --git a/manifests/profile/base/ceilometer.pp b/manifests/profile/base/ceilometer.pp
new file mode 100644
index 0000000..97e1bb8
--- /dev/null
+++ b/manifests/profile/base/ceilometer.pp
@@ -0,0 +1,41 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ceilometer
+#
+# Ceilometer profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to true
+#
+class tripleo::profile::base::ceilometer (
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ if $step >= 4 or ($step >= 3 and $sync_db) {
+ include ::ceilometer
+ include ::ceilometer::db
+ include ::ceilometer::config
+ }
+
+}
diff --git a/manifests/profile/base/ceilometer/agent/central.pp b/manifests/profile/base/ceilometer/agent/central.pp
new file mode 100644
index 0000000..02d6d1a
--- /dev/null
+++ b/manifests/profile/base/ceilometer/agent/central.pp
@@ -0,0 +1,38 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ceilometer::agent::central
+#
+# Ceilometer Central Agent profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::base::ceilometer::agent::central (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::ceilometer
+
+ if $step >= 4 {
+ include ::ceilometer::agent::auth
+ include ::ceilometer::agent::central
+ }
+
+}
diff --git a/manifests/profile/base/ceilometer/agent/compute.pp b/manifests/profile/base/ceilometer/agent/compute.pp
new file mode 100644
index 0000000..3a7aa50
--- /dev/null
+++ b/manifests/profile/base/ceilometer/agent/compute.pp
@@ -0,0 +1,38 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ceilometer::agent::compute
+#
+# Ceilometer Compute Agent profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::base::ceilometer::agent::compute (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::ceilometer
+
+ if $step >= 4 {
+ include ::ceilometer::agent::auth
+ include ::ceilometer::agent::compute
+ }
+
+}
diff --git a/manifests/profile/base/ceilometer/agent/notification.pp b/manifests/profile/base/ceilometer/agent/notification.pp
new file mode 100644
index 0000000..83a0234
--- /dev/null
+++ b/manifests/profile/base/ceilometer/agent/notification.pp
@@ -0,0 +1,38 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ceilometer::agent::notification
+#
+# Ceilometer Notification Agent profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::base::ceilometer::agent::notification (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::ceilometer
+
+ if $step >= 4 {
+ include ::ceilometer::agent::auth
+ include ::ceilometer::agent::notification
+ }
+
+}
diff --git a/manifests/profile/base/ceilometer/api.pp b/manifests/profile/base/ceilometer/api.pp
new file mode 100644
index 0000000..e324c00
--- /dev/null
+++ b/manifests/profile/base/ceilometer/api.pp
@@ -0,0 +1,37 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ceilometer::api
+#
+# Ceilometer API profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::base::ceilometer::api (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::ceilometer
+
+ if $step >= 4 {
+ include ::ceilometer::api
+ }
+
+}
diff --git a/manifests/profile/base/ceilometer/collector.pp b/manifests/profile/base/ceilometer/collector.pp
new file mode 100644
index 0000000..34ee90b
--- /dev/null
+++ b/manifests/profile/base/ceilometer/collector.pp
@@ -0,0 +1,50 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ceilometer::collector
+#
+# Ceilometer Collector profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to true
+#
+
+class tripleo::profile::base::ceilometer::collector (
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ include ::tripleo::profile::base::ceilometer
+
+ if $step >= 3 and $sync_db {
+ $ceilometer_backend = downcase(hiera('ceilometer_backend', 'mongodb'))
+ if $ceilometer_backend == 'mysql' {
+ include ::ceilometer::db::mysql
+ }
+ }
+
+ if $step >= 4 {
+ include ::ceilometer::collector
+ include ::ceilometer::dispatcher::gnocchi
+ }
+
+}
diff --git a/manifests/profile/base/ceilometer/expirer.pp b/manifests/profile/base/ceilometer/expirer.pp
new file mode 100644
index 0000000..43d8c26
--- /dev/null
+++ b/manifests/profile/base/ceilometer/expirer.pp
@@ -0,0 +1,38 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ceilometer::expirer
+#
+# Ceilometer Expirer profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::base::ceilometer::expirer (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::ceilometer
+
+ if $step >= 4 {
+ include ::ceilometer::expirer
+ Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" }
+ }
+
+}
diff --git a/manifests/profile/base/ceph.pp b/manifests/profile/base/ceph.pp
new file mode 100644
index 0000000..94166ac
--- /dev/null
+++ b/manifests/profile/base/ceph.pp
@@ -0,0 +1,80 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ceph
+#
+# Ceph base profile for tripleo
+#
+# === Parameters
+#
+# [*ceph_ipv6*]
+# (Optional) Force daemons to bind on IPv6 addresses
+# Defaults to false
+#
+# [*ceph_mon_initial_members*]
+# (Optional) List of IP addresses to use as mon_initial_members
+# Defaults to undef
+#
+# [*ceph_mon_host*]
+# (Optional) List of IP addresses to use as mon_host
+# Deftauls to undef
+#
+# [*ceph_mon_host_v6*]
+# (Optional) List of IPv6 addresses, surrounded by brackets, used as
+# mon_host when ceph_ipv6 is true
+# Defaults to undef
+#
+# [*enable_ceph_storage*]
+# (Optional) enable_ceph_storage
+# Deprecated: defaults to false
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::ceph (
+ $ceph_ipv6 = false,
+ $ceph_mon_initial_members = undef,
+ $ceph_mon_host = undef,
+ $ceph_mon_host_v6 = undef,
+ $enable_ceph_storage = false,
+ $step = hiera('step'),
+) {
+
+ if $step >= 2 {
+ if $ceph_mon_initial_members {
+ $mon_initial_members = downcase($ceph_mon_initial_members)
+ } else {
+ $mon_initial_members = undef
+ }
+ if $ceph_ipv6 {
+ $mon_host = $ceph_mon_host_v6
+ } else {
+ $mon_host = $ceph_mon_host
+ }
+
+ class { '::ceph::profile::params':
+ mon_initial_members => $mon_initial_members,
+ mon_host => $mon_host,
+ }
+
+ include ::ceph::conf
+ }
+
+ # TODO: deprecated boolean
+ if $enable_ceph_storage {
+ include ::tripleo::profile::base::ceph::osd
+ }
+}
diff --git a/manifests/profile/base/ceph/client.pp b/manifests/profile/base/ceph/client.pp
new file mode 100644
index 0000000..851324a
--- /dev/null
+++ b/manifests/profile/base/ceph/client.pp
@@ -0,0 +1,35 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ceph::client
+#
+# Ceph client profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::ceph::client (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::ceph
+
+ if $step >= 2 {
+ include ::ceph::profile::client
+ }
+}
diff --git a/manifests/profile/base/ceph/mon.pp b/manifests/profile/base/ceph/mon.pp
new file mode 100644
index 0000000..48c3721
--- /dev/null
+++ b/manifests/profile/base/ceph/mon.pp
@@ -0,0 +1,48 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ceph::mon
+#
+# Ceph Monitor profile for tripleo
+#
+# === Parameters
+#
+# [*ceph_pools*]
+# (Optional) List of pools to create
+# Defaults to []
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::ceph::mon (
+ $ceph_pools = [],
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::ceph
+
+ if $step >= 2 {
+ include ::ceph::profile::mon
+ }
+
+ if $step >= 4 {
+ ceph::pool { $ceph_pools :
+ pg_num => hiera('ceph::profile::params::osd_pool_default_pg_num'),
+ pgp_num => hiera('ceph::profile::params::osd_pool_default_pgp_num'),
+ size => hiera('ceph::profile::params::osd_pool_default_size'),
+ }
+ }
+}
diff --git a/manifests/profile/base/ceph/osd.pp b/manifests/profile/base/ceph/osd.pp
new file mode 100644
index 0000000..a9224d3
--- /dev/null
+++ b/manifests/profile/base/ceph/osd.pp
@@ -0,0 +1,54 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ceph::osd
+#
+# Ceph OSD profile for tripleo
+#
+# === Parameters
+#
+# [*ceph_osd_selinux_permissive*]
+# (Optional) Wheter to configure SELinux in permissive mode
+# Default to false
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::ceph::osd (
+ $ceph_osd_selinux_permissive = false,
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::ceph
+
+ if $step >= 2 {
+ if $ceph_osd_selinux_permissive {
+ exec { 'set selinux to permissive on boot':
+ command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config",
+ onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config",
+ path => ['/usr/bin', '/usr/sbin'],
+ }
+
+ exec { 'set selinux to permissive':
+ command => 'setenforce 0',
+ onlyif => "which setenforce && getenforce | grep -i 'enforcing'",
+ path => ['/usr/bin', '/usr/sbin'],
+ } -> Class['ceph::profile::osd']
+ }
+
+ include ::ceph::profile::osd
+ }
+}
diff --git a/manifests/profile/base/cinder.pp b/manifests/profile/base/cinder.pp
new file mode 100644
index 0000000..27dc277
--- /dev/null
+++ b/manifests/profile/base/cinder.pp
@@ -0,0 +1,52 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder
+#
+# Cinder common profile for tripleo
+#
+# === Parameters
+#
+# [*cinder_enable_db_purge*]
+# (Optional) Wheter to enable db purging
+# Defaults to true
+#
+# [*pacemaker_master*]
+# (Optional) The master node runs some tasks
+# one step earlier than others; disable to
+# the node is not the master.
+# Defaults to true
+#
+# [*step*]
+# (Optional) The current step of the deployment
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder (
+ $cinder_enable_db_purge = true,
+ $pacemaker_master = true,
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 or ($step >= 3 and $pacemaker_master) {
+ include ::cinder
+ include ::cinder::config
+ }
+
+ if $step >= 5 {
+ if $cinder_enable_db_purge {
+ include ::cinder::cron::db_purge
+ }
+ }
+
+}
diff --git a/manifests/profile/base/cinder/api.pp b/manifests/profile/base/cinder/api.pp
new file mode 100644
index 0000000..a2da25f
--- /dev/null
+++ b/manifests/profile/base/cinder/api.pp
@@ -0,0 +1,49 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::api
+#
+# Cinder API profile for tripleo
+#
+# === Parameters
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to true
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::api (
+ $sync_db = true,
+ $step = hiera('step'),
+) {
+
+ class { '::tripleo::profile::base::cinder':
+ pacemaker_master => $sync_db,
+ }
+
+ if $step >= 3 and $sync_db {
+ include ::cinder::db::mysql
+ }
+
+ if $step >= 4 or ($step >= 3 and $sync_db) {
+ include ::cinder::api
+ include ::cinder::ceilometer
+ include ::cinder::glance
+ }
+
+}
diff --git a/manifests/profile/base/cinder/scheduler.pp b/manifests/profile/base/cinder/scheduler.pp
new file mode 100644
index 0000000..68f2813
--- /dev/null
+++ b/manifests/profile/base/cinder/scheduler.pp
@@ -0,0 +1,36 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::scheduler
+#
+# Cinder Scheduler profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::scheduler (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::cinder
+
+ if $step >= 4 {
+ include ::cinder::scheduler
+ }
+
+}
diff --git a/manifests/profile/base/cinder/volume.pp b/manifests/profile/base/cinder/volume.pp
new file mode 100644
index 0000000..96cd06a
--- /dev/null
+++ b/manifests/profile/base/cinder/volume.pp
@@ -0,0 +1,118 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::volume
+#
+# Cinder Volume profile for tripleo
+#
+# === Parameters
+#
+# [*cinder_enable_dellsc_backend*]
+# (Optional) Whether to enable the delsc backend
+# Defaults to true
+#
+# [*cinder_enable_eqlx_backend*]
+# (Optional) Whether to enable the eqlx backend
+# Defaults to true
+#
+# [*cinder_enable_iscsi_backend*]
+# (Optional) Whether to enable the iscsi backend
+# Defaults to true
+#
+# [*cinder_enable_netapp_backend*]
+# (Optional) Whether to enable the netapp backend
+# Defaults to true
+#
+# [*cinder_enable_nfs_backend*]
+# (Optional) Whether to enable the nfs backend
+# Defaults to true
+#
+# [*cinder_enable_rbd_backend*]
+# (Optional) Whether to enable the rbd backend
+# Defaults to true
+#
+# [*cinder_user_enabled_backends*]
+# (Optional) List of additional backend stanzas to activate
+# Defaults to hiera('cinder_user_enabled_backends')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::volume (
+ $cinder_enable_dellsc_backend = false,
+ $cinder_enable_eqlx_backend = false,
+ $cinder_enable_iscsi_backend = true,
+ $cinder_enable_netapp_backend = false,
+ $cinder_enable_nfs_backend = false,
+ $cinder_enable_rbd_backend = false,
+ $cinder_user_enabled_backends = hiera('cinder_user_enabled_backends', undef),
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::cinder
+
+ if $step >= 4 {
+ include ::cinder::volume
+
+ if $cinder_enable_dellsc_backend {
+ include ::tripleo::profile::base::cinder::volume::dellsc
+ $cinder_dellsc_backend_name = hiera('cinder::backend::dellsc_iscsi::volume_backend_name', 'tripleo_dellsc')
+ } else {
+ $cinder_dellsc_backend_name = undef
+ }
+
+ if $cinder_enable_eqlx_backend {
+ include ::tripleo::profile::base::cinder::volume::eqlx
+ $cinder_eqlx_backend_name = hiera('cinder::backend::eqlx::volume_backend_name', 'tripleo_eqlx')
+ } else {
+ $cinder_eqlx_backend_name = undef
+ }
+
+ if $cinder_enable_iscsi_backend {
+ include ::tripleo::profile::base::cinder::volume::iscsi
+ $cinder_iscsi_backend_name = hiera('cinder::backend::iscsi::volume_backend_name', 'tripleo_iscsi')
+ } else {
+ $cinder_iscsi_backend_name = undef
+ }
+
+ if $cinder_enable_netapp_backend {
+ include ::tripleo::profile::base::cinder::volume::netapp
+ $cinder_netapp_backend_name = hiera('cinder::backend::netapp::volume_backend_name', 'tripleo_netapp')
+ } else {
+ $cinder_netapp_backend_name = undef
+ }
+
+ if $cinder_enable_nfs_backend {
+ include ::tripleo::profile::base::cinder::volume::nfs
+ $cinder_nfs_backend_name = hiera('cinder::backend::nfs::volume_backend_name', 'tripleo_nfs')
+ } else {
+ $cinder_nfs_backend_name = undef
+ }
+
+ if $cinder_enable_rbd_backend {
+ include ::tripleo::profile::base::cinder::volume::rbd
+ $cinder_rbd_backend_name = hiera('cinder::backend::rbd::volume_backend_name', 'tripleo_ceph')
+ } else {
+ $cinder_rbd_backend_name = undef
+ }
+
+ $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend_name, $cinder_rbd_backend_name, $cinder_eqlx_backend_name, $cinder_dellsc_backend_name, $cinder_netapp_backend_name, $cinder_nfs_backend_name, $cinder_user_enabled_backends])
+ class { '::cinder::backends' :
+ enabled_backends => $cinder_enabled_backends,
+ }
+ }
+
+}
diff --git a/manifests/profile/base/cinder/volume/dellsc.pp b/manifests/profile/base/cinder/volume/dellsc.pp
new file mode 100644
index 0000000..6f7922d
--- /dev/null
+++ b/manifests/profile/base/cinder/volume/dellsc.pp
@@ -0,0 +1,51 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::volume::dellsc
+#
+# Cinder Volume dellsc profile for tripleo
+#
+# === Parameters
+#
+# [*backend_name*]
+# (Optional) Name given to the Cinder backend stanza
+# Defaults to 'tripleo_dellsc'
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::volume::dellsc (
+ $backend_name = hiera('cinder::backend::dellsc_iscsi::volume_backend_name', 'tripleo_dellsc'),
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::cinder::volume
+
+ if $step >= 4 {
+ cinder::backend::dellsc_iscsi { $backend_name :
+ san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef),
+ san_login => hiera('cinder::backend::dellsc_iscsi::san_login', undef),
+ san_password => hiera('cinder::backend::dellsc_iscsi::san_password', undef),
+ dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef),
+ iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef),
+ iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef),
+ dell_sc_api_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_api_port', undef),
+ dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef),
+ dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef),
+ }
+ }
+
+}
diff --git a/manifests/profile/base/cinder/volume/eqlx.pp b/manifests/profile/base/cinder/volume/eqlx.pp
new file mode 100644
index 0000000..a18270d
--- /dev/null
+++ b/manifests/profile/base/cinder/volume/eqlx.pp
@@ -0,0 +1,51 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::volume::eqlx
+#
+# Cinder Volume eqlx profile for tripleo
+#
+# === Parameters
+#
+# [*backend_name*]
+# (Optional) Name given to the Cinder backend stanza
+# Defaults to 'tripleo_eqlx'
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::volume::eqlx (
+ $backend_name = hiera('cinder::backend::eqlx::volume_backend_name', 'tripleo_eqlx'),
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::cinder::volume
+
+ if $step >= 4 {
+ cinder::backend::eqlx { $backend_name :
+ san_ip => hiera('cinder::backend::eqlx::san_ip', undef),
+ san_login => hiera('cinder::backend::eqlx::san_login', undef),
+ san_password => hiera('cinder::backend::eqlx::san_password', undef),
+ san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef),
+ eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef),
+ eqlx_pool => hiera('cinder::backend::eqlx::eqlx_pool', undef),
+ eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef),
+ eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef),
+ eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef),
+ }
+ }
+
+}
diff --git a/manifests/profile/base/cinder/volume/iscsi.pp b/manifests/profile/base/cinder/volume/iscsi.pp
new file mode 100644
index 0000000..d857caa
--- /dev/null
+++ b/manifests/profile/base/cinder/volume/iscsi.pp
@@ -0,0 +1,62 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::volume::iscsi
+#
+# Cinder Volume iscsi profile for tripleo
+#
+# === Parameters
+#
+# [*cinder_iscsi_address*]
+# The address where to bind the iscsi targets daemon
+#
+# [*cinder_iscsi_helper*]
+# (Optional) The iscsi helper to use
+# Defaults to 'tgtadm'
+#
+# [*cinder_lvm_loop_device_size*]
+# (Optional) The size (in MB) of the LVM loopback volume
+# Defaults to '10280'
+#
+# [*backend_name*]
+# (Optional) Name given to the Cinder backend stanza
+# Defaults to 'tripleo_iscsi'
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::volume::iscsi (
+ $cinder_iscsi_address,
+ $cinder_iscsi_helper = 'tgtadm',
+ $cinder_lvm_loop_device_size = '10280',
+ $backend_name = hiera('cinder::backend::iscsi::volume_backend_name', 'tripleo_iscsi'),
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::cinder::volume
+
+ if $step >= 4 {
+ class { '::cinder::setup_test_volume':
+ size => join([$cinder_lvm_loop_device_size, 'M']),
+ }
+
+ cinder::backend::iscsi { $backend_name :
+ iscsi_ip_address => $cinder_iscsi_address,
+ iscsi_helper => $cinder_iscsi_helper,
+ }
+ }
+
+}
diff --git a/manifests/profile/base/cinder/volume/netapp.pp b/manifests/profile/base/cinder/volume/netapp.pp
new file mode 100644
index 0000000..bae541f
--- /dev/null
+++ b/manifests/profile/base/cinder/volume/netapp.pp
@@ -0,0 +1,66 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::volume::netapp
+#
+# Cinder Volume netapp profile for tripleo
+#
+# === Parameters
+#
+# [*backend_name*]
+# (Optional) Name given to the Cinder backend stanza
+# Defaults to 'tripleo_netapp'
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::volume::netapp (
+ $backend_name = hiera('cinder::backend::netapp::volume_backend_name', 'tripleo_netapp'),
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::cinder::volume
+
+ if $step >= 4 {
+ if hiera('cinder::backend::netapp::nfs_shares', undef) {
+ $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',')
+ }
+
+ cinder::backend::netapp { $backend_name :
+ netapp_login => hiera('cinder::backend::netapp::netapp_login', undef),
+ netapp_password => hiera('cinder::backend::netapp::netapp_password', undef),
+ netapp_server_hostname => hiera('cinder::backend::netapp::netapp_server_hostname', undef),
+ netapp_server_port => hiera('cinder::backend::netapp::netapp_server_port', undef),
+ netapp_size_multiplier => hiera('cinder::backend::netapp::netapp_size_multiplier', undef),
+ netapp_storage_family => hiera('cinder::backend::netapp::netapp_storage_family', undef),
+ netapp_storage_protocol => hiera('cinder::backend::netapp::netapp_storage_protocol', undef),
+ netapp_transport_type => hiera('cinder::backend::netapp::netapp_transport_type', undef),
+ netapp_vfiler => hiera('cinder::backend::netapp::netapp_vfiler', undef),
+ netapp_volume_list => hiera('cinder::backend::netapp::netapp_volume_list', undef),
+ netapp_vserver => hiera('cinder::backend::netapp::netapp_vserver', undef),
+ netapp_partner_backend_name => hiera('cinder::backend::netapp::netapp_partner_backend_name', undef),
+ nfs_shares => $cinder_netapp_nfs_shares,
+ nfs_shares_config => hiera('cinder::backend::netapp::nfs_shares_config', undef),
+ netapp_copyoffload_tool_path => hiera('cinder::backend::netapp::netapp_copyoffload_tool_path', undef),
+ netapp_controller_ips => hiera('cinder::backend::netapp::netapp_controller_ips', undef),
+ netapp_sa_password => hiera('cinder::backend::netapp::netapp_sa_password', undef),
+ netapp_storage_pools => hiera('cinder::backend::netapp::netapp_storage_pools', undef),
+ netapp_eseries_host_type => hiera('cinder::backend::netapp::netapp_eseries_host_type', undef),
+ netapp_webservice_path => hiera('cinder::backend::netapp::netapp_webservice_path', undef),
+ }
+ }
+
+}
diff --git a/manifests/profile/base/cinder/volume/nfs.pp b/manifests/profile/base/cinder/volume/nfs.pp
new file mode 100644
index 0000000..a26c50e
--- /dev/null
+++ b/manifests/profile/base/cinder/volume/nfs.pp
@@ -0,0 +1,62 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::volume::nfs
+#
+# Cinder Volume nfs profile for tripleo
+#
+# === Parameters
+#
+# [*cinder_nfs_mount_options*]
+# (Optional) List of mount options for the NFS share
+# Defaults to ''
+#
+# [*cinder_nfs_servers*]
+# List of NFS shares to mount
+#
+# [*backend_name*]
+# (Optional) Name given to the Cinder backend stanza
+# Defaults to 'tripleo_nfs'
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::volume::nfs (
+ $cinder_nfs_mount_options = '',
+ $cinder_nfs_servers,
+ $backend_name = hiera('cinder::backend::nfs::volume_backend_name', 'tripleo_nfs'),
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::cinder::volume
+
+ if $step >= 4 {
+ if str2bool($::selinux) {
+ selboolean { 'virt_use_nfs':
+ value => on,
+ persistent => true,
+ } -> Package['nfs-utils']
+ }
+
+ package {'nfs-utils': } ->
+ cinder::backend::nfs { $backend_name :
+ nfs_servers => $cinder_nfs_servers,
+ nfs_mount_options => $cinder_nfs_mount_options,
+ nfs_shares_config => '/etc/cinder/shares-nfs.conf',
+ }
+ }
+
+}
diff --git a/manifests/profile/base/cinder/volume/rbd.pp b/manifests/profile/base/cinder/volume/rbd.pp
new file mode 100644
index 0000000..6c8341a
--- /dev/null
+++ b/manifests/profile/base/cinder/volume/rbd.pp
@@ -0,0 +1,66 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::cinder::volume::rbd
+#
+# Cinder Volume rbd profile for tripleo
+#
+# === Parameters
+#
+# [*cinder_rbd_backend_host*]
+# (Optional) String to use as backend_host in the backend stanza
+# Defaults to 'cinder::host'
+#
+# [*cinder_rbd_pool_name*]
+# (Optional) The name of the RBD pool to use
+# Defaults to 'volumes'
+#
+# [*cinder_rbd_secret_uuid*]
+# (Optional) UUID of the of the libvirt secret storing the Cephx key
+# Defaults to 'ceph::profile::params::fsid'
+#
+# [*cinder_rbd_user_name*]
+# (Optional) The user name for the RBD client
+# Defaults to 'openstack'
+#
+# [*backend_name*]
+# (Optional) Name given to the Cinder backend stanza
+# Defaults to 'tripleo_ceph'
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::cinder::volume::rbd (
+ $cinder_rbd_backend_host = hiera('cinder::host', 'hostgroup'),
+ $cinder_rbd_pool_name = 'volumes',
+ $cinder_rbd_secret_uuid = hiera('ceph::profile::params::fsid', undef),
+ $cinder_rbd_user_name = 'openstack',
+ $backend_name = hiera('cinder::backend::rbd::volume_backend_name', 'tripleo_ceph'),
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::cinder::volume
+
+ if $step >= 4 {
+ cinder::backend::rbd { $backend_name :
+ backend_host => $cinder_rbd_backend_host,
+ rbd_pool => $cinder_rbd_pool_name,
+ rbd_user => $cinder_rbd_user_name,
+ rbd_secret_uuid => $cinder_rbd_secret_uuid,
+ }
+ }
+
+}
diff --git a/manifests/profile/base/database/mongodb.pp b/manifests/profile/base/database/mongodb.pp
new file mode 100644
index 0000000..4c53c9c
--- /dev/null
+++ b/manifests/profile/base/database/mongodb.pp
@@ -0,0 +1,54 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::database::mongodb
+#
+# Mongodb profile for tripleo
+#
+# === Parameters
+#
+# [*mongodb_replset*]
+# Mongodb replicaset name
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::database::mongodb (
+ $mongodb_replset,
+ $bootstrap_node = downcase(hiera('bootstrap_nodeid')),
+ $step = hiera('step'),
+) {
+
+ if $step >= 2 {
+
+ include ::mongodb::globals
+ include ::mongodb::client
+ include ::mongodb::server
+
+ include ::tripleo::profile::base::database::mongodbcommon
+
+ if $bootstrap_node == $::hostname {
+ mongodb_replset { $mongodb_replset :
+ members => $tripleo::profile::base::database::mongodbcommon::mongo_node_ips_with_port_nobr,
+ }
+ }
+
+ }
+}
diff --git a/manifests/profile/base/database/mongodbcommon.pp b/manifests/profile/base/database/mongodbcommon.pp
new file mode 100644
index 0000000..6530730
--- /dev/null
+++ b/manifests/profile/base/database/mongodbcommon.pp
@@ -0,0 +1,52 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::database::mongodb
+#
+# Mongodb profile for tripleo
+#
+# === Parameters
+#
+# [*mongodb_node_ips*]
+# List of The mongodb node ip addresses
+#
+# [*mongodb_ipv6_enabled*]
+# A boolean value for mongodb server ipv6 is enabled or not
+# Defaults to false
+#
+class tripleo::profile::base::database::mongodbcommon (
+ $mongodb_node_ips = hiera('mongo_node_ips'),
+ $mongodb_ipv6_enabled = false,
+) {
+
+ $port = '27017'
+
+ # NOTE(gfidente): the following vars are needed on all nodes so they
+ # need to stay out of pacemaker_master conditional.
+ # The addresses mangling will hopefully go away when we'll be able to
+ # configure the connection string via hostnames, until then, we need to pass
+ # the list of IPv6 addresses *with* port and without the brackets as 'members'
+ # argument for the 'mongodb_replset' resource.
+ if str2bool($mongodb_ipv6_enabled) {
+ $mongo_node_ips_with_port_prefixed = prefix($mongodb_node_ips, '[')
+ $mongo_node_ips_with_port = suffix(
+ $mongo_node_ips_with_port_prefixed, "]:${port}")
+ $mongo_node_ips_with_port_nobr = suffix($mongodb_node_ips, ":${port}")
+ } else {
+ $mongo_node_ips_with_port = suffix($mongodb_node_ips, ":${port}")
+ $mongo_node_ips_with_port_nobr = suffix($mongodb_node_ips, ":${port}")
+ }
+ $mongo_node_string = join($mongo_node_ips_with_port, ',')
+
+}
diff --git a/manifests/profile/base/database/redis.pp b/manifests/profile/base/database/redis.pp
new file mode 100644
index 0000000..3a5200c
--- /dev/null
+++ b/manifests/profile/base/database/redis.pp
@@ -0,0 +1,57 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::database::redis
+#
+# Redis profile for tripleo
+#
+# === Parameters
+#
+# [*redis_node_ips*]
+# (Optional) List of Redis node ips
+# Defaults to hiera('redis_node_ips')
+#
+# [*bootstrap_nodeid*]
+# (Optional) Hostname of Redis master
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::base::database::redis (
+ $redis_node_ips = hiera('redis_node_ips'),
+ $bootstrap_nodeid = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ if $step >= 2 {
+ if $bootstrap_nodeid == $::hostname {
+ $slaveof = undef
+ } else {
+ $slaveof = "${bootstrap_nodeid} 6379"
+ }
+ class { '::redis' :
+ slaveof => $slaveof,
+ }
+
+ if count($redis_node_ips) > 1 {
+ Class['::tripleo::redis_notification'] -> Service['redis-sentinel']
+ include ::redis::sentinel
+ include ::tripleo::redis_notification
+ }
+ }
+}
diff --git a/manifests/profile/base/glance/api.pp b/manifests/profile/base/glance/api.pp
index b216665..fd43732 100644
--- a/manifests/profile/base/glance/api.pp
+++ b/manifests/profile/base/glance/api.pp
@@ -18,14 +18,6 @@
#
# === Parameters
#
-# [*manage_service*]
-# (Optional) Whether to manage the glance service
-# Defaults to undef
-#
-# [*enabled*]
-# (Optional) Whether to enable the glance service
-# Defaults to undef
-#
# [*step*]
# (Optional) The current step in deployment. See tripleo-heat-templates
# for more details.
@@ -36,8 +28,6 @@
# Defaults to downcase(hiera('glance_backend', 'swift'))
#
class tripleo::profile::base::glance::api (
- $manage_service = undef,
- $enabled = undef,
$step = hiera('step'),
$glance_backend = downcase(hiera('glance_backend', 'swift')),
) {
@@ -56,9 +46,7 @@ class tripleo::profile::base::glance::api (
include ::glance
include ::glance::config
class { '::glance::api':
- known_stores => $glance_store,
- manage_service => $manage_service,
- enabled => $enabled,
+ stores => $glance_store,
}
include ::glance::notify::rabbitmq
include join(['::glance::backend::', $glance_backend])
diff --git a/manifests/profile/base/glance/registry.pp b/manifests/profile/base/glance/registry.pp
index 32ed6b7..774f646 100644
--- a/manifests/profile/base/glance/registry.pp
+++ b/manifests/profile/base/glance/registry.pp
@@ -22,14 +22,6 @@
# (Optional) Whether to run db sync
# Defaults to true
#
-# [*manage_service*]
-# (Optional) Whether to manage the glance service
-# Defaults to undef
-#
-# [*enabled*]
-# (Optional) Whether to enable the glance service
-# Defaults to undef
-#
# [*step*]
# (Optional) The current step in deployment. See tripleo-heat-templates
# for more details.
@@ -41,13 +33,11 @@
#
class tripleo::profile::base::glance::registry (
$sync_db = true,
- $manage_service = undef,
- $enabled = undef,
$step = hiera('step'),
$glance_backend = downcase(hiera('glance_backend', 'swift')),
) {
- if $step >= 2 and $sync_db {
+ if $step >= 3 and $sync_db {
include ::glance::db::mysql
}
@@ -57,8 +47,6 @@ class tripleo::profile::base::glance::registry (
include ::glance::config
class { '::glance::registry' :
sync_db => $sync_db,
- manage_service => $manage_service,
- enabled => $enabled,
}
include ::glance::notify::rabbitmq
include join(['::glance::backend::', $glance_backend])
diff --git a/manifests/profile/base/gnocchi.pp b/manifests/profile/base/gnocchi.pp
new file mode 100644
index 0000000..ee903cb
--- /dev/null
+++ b/manifests/profile/base/gnocchi.pp
@@ -0,0 +1,36 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::gnocchi
+#
+# Gnocchi profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::base::gnocchi (
+ $step = hiera('step'),
+) {
+
+ if $step >= 3 {
+ include ::gnocchi
+ include ::gnocchi::config
+ include ::gnocchi::client
+ }
+}
diff --git a/manifests/profile/base/gnocchi/api.pp b/manifests/profile/base/gnocchi/api.pp
new file mode 100644
index 0000000..d415ee9
--- /dev/null
+++ b/manifests/profile/base/gnocchi/api.pp
@@ -0,0 +1,58 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::gnocchi::api
+#
+# Gnocchi profile for tripleo api
+#
+# === Parameters
+#
+# [*gnocchi_backend*]
+# (Optional) Gnocchi backend string file, swift or rbd
+# Defaults to swift
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to undef
+
+class tripleo::profile::base::gnocchi::api (
+ $gnocchi_backend = downcase(hiera('gnocchi_backend', 'swift')),
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ include ::tripleo::profile::base::gnocchi
+
+ if $step >= 3 and $sync_db {
+ include ::gnocchi::db::mysql
+ include ::gnocchi::db::sync
+ }
+
+ if $step >= 4 {
+ include ::gnocchi::api
+ include ::gnocchi::wsgi::apache
+ include ::gnocchi::storage
+ case $gnocchi_backend {
+ 'swift': { include ::gnocchi::storage::swift }
+ 'file': { include ::gnocchi::storage::file }
+ 'rbd': { include ::gnocchi::storage::ceph }
+ default: { fail('Unrecognized gnocchi_backend parameter.') }
+ }
+ }
+}
diff --git a/manifests/profile/base/gnocchi/metricd.pp b/manifests/profile/base/gnocchi/metricd.pp
new file mode 100644
index 0000000..29cf882
--- /dev/null
+++ b/manifests/profile/base/gnocchi/metricd.pp
@@ -0,0 +1,36 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::gnocchi::metricd
+#
+# Gnocchi metricd profile
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::base::gnocchi::metricd (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::gnocchi
+
+ if $step >= 4 {
+ include ::gnocchi::metricd
+ }
+}
diff --git a/manifests/profile/base/gnocchi/statsd.pp b/manifests/profile/base/gnocchi/statsd.pp
new file mode 100644
index 0000000..830a128
--- /dev/null
+++ b/manifests/profile/base/gnocchi/statsd.pp
@@ -0,0 +1,36 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::gnocchi::statsd
+#
+# Gnocchi statsd profile
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::base::gnocchi::statsd (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::gnocchi
+
+ if $step >= 4 {
+ include ::gnocchi::statsd
+ }
+}
diff --git a/manifests/profile/base/haproxy.pp b/manifests/profile/base/haproxy.pp
new file mode 100644
index 0000000..31a5415
--- /dev/null
+++ b/manifests/profile/base/haproxy.pp
@@ -0,0 +1,42 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::haproxy
+#
+# Loadbalancer profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*enable_load_balancer*]
+# (Optional) Whether or not loadbalancer is enabled.
+# Defaults to hiera('enable_load_balancer', true).
+#
+class tripleo::profile::base::haproxy (
+ $enable_load_balancer = hiera('enable_load_balancer', true),
+ $step = hiera('step'),
+) {
+
+ if $step >= 1 {
+ if $enable_load_balancer {
+ include ::tripleo::haproxy
+ }
+ }
+
+}
+
diff --git a/manifests/profile/base/heat.pp b/manifests/profile/base/heat.pp
new file mode 100644
index 0000000..0fc30d8
--- /dev/null
+++ b/manifests/profile/base/heat.pp
@@ -0,0 +1,72 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::heat
+#
+# Heat profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*notification_driver*]
+# (Optional) Heat notification driver to use.
+# Defaults to 'messaging'
+#
+# [*bootstrap_master*]
+# (Optional) The hostname of the node responsible for bootstrapping
+# Defaults to downcase(hiera('bootstrap_nodeid'))
+#
+# [*manage_db_purge*]
+# (Optional) Whether keystone token flushing should be enabled
+# Defaults to hiera('keystone_enable_db_purge', true)
+#
+class tripleo::profile::base::heat (
+ $step = hiera('step'),
+ $notification_driver = 'messaging',
+ $bootstrap_master = downcase(hiera('bootstrap_nodeid')),
+ $manage_db_purge = hiera('heat_enable_db_purge', true),
+) {
+
+ if $step >= 4 {
+ class { '::heat' :
+ notification_driver => $notification_driver,
+ }
+ include ::heat::config
+ }
+
+ if $step >= 5 {
+ if $manage_db_purge {
+ include ::heat::cron::purge_deleted
+ }
+ if $bootstrap_master == $::hostname {
+ # Class ::heat::keystone::domain has to run on bootstrap node
+ # because it creates DB entities via API calls.
+ include ::heat::keystone::domain
+
+ Class['::keystone::roles::admin'] -> Class['::heat::keystone::domain']
+ } else {
+ # On non-bootstrap node we don't need to create Keystone resources again
+ class { '::heat::keystone::domain':
+ manage_domain => false,
+ manage_user => false,
+ manage_role => false,
+ }
+ }
+ }
+}
+
diff --git a/manifests/profile/base/heat/api.pp b/manifests/profile/base/heat/api.pp
new file mode 100644
index 0000000..67a0bfc
--- /dev/null
+++ b/manifests/profile/base/heat/api.pp
@@ -0,0 +1,35 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::heat::api
+#
+# Heat API profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::heat::api (
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ include ::tripleo::profile::base::heat
+ include ::heat::api
+ }
+}
+
diff --git a/manifests/profile/base/heat/api_cfn.pp b/manifests/profile/base/heat/api_cfn.pp
new file mode 100644
index 0000000..2813826
--- /dev/null
+++ b/manifests/profile/base/heat/api_cfn.pp
@@ -0,0 +1,35 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::heat::api_cfn
+#
+# Heat CloudFormation API profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::heat::api_cfn (
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ include ::tripleo::profile::base::heat
+ include ::heat::api_cfn
+ }
+}
+
diff --git a/manifests/profile/base/heat/api_cloudwatch.pp b/manifests/profile/base/heat/api_cloudwatch.pp
new file mode 100644
index 0000000..b2adf92
--- /dev/null
+++ b/manifests/profile/base/heat/api_cloudwatch.pp
@@ -0,0 +1,35 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::heat::api_cloudwatch
+#
+# Heat CloudWatch API profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::heat::api_cloudwatch (
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ include ::tripleo::profile::base::heat
+ include ::heat::api_cloudwatch
+ }
+}
+
diff --git a/manifests/profile/base/heat/engine.pp b/manifests/profile/base/heat/engine.pp
new file mode 100644
index 0000000..b48837c
--- /dev/null
+++ b/manifests/profile/base/heat/engine.pp
@@ -0,0 +1,44 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::heat::engine
+#
+# Heat Engine profile for tripleo
+#
+# === Parameters
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to undef
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::heat::engine (
+ $sync_db = true,
+ $step = hiera('step'),
+) {
+
+ if $step >= 3 and $sync_db {
+ include ::heat::db::mysql
+ }
+
+ if $step >= 4 or ( $step >= 3 and $sync_db ) {
+ include ::tripleo::profile::base::heat
+ include ::heat::engine
+ }
+
+}
diff --git a/manifests/profile/base/ironic.pp b/manifests/profile/base/ironic.pp
new file mode 100644
index 0000000..139654b
--- /dev/null
+++ b/manifests/profile/base/ironic.pp
@@ -0,0 +1,43 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ironic
+#
+# Ironic profile for TripleO
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step of the deployment
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to true
+#
+class tripleo::profile::base::ironic (
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ if $step >= 3 {
+ include ::ironic
+
+ # Database is accessed by both API and conductor, hence it's here.
+ if $sync_db {
+ include ::ironic::db::mysql
+ include ::ironic::db::sync
+ }
+ }
+}
diff --git a/manifests/profile/base/ironic/api.pp b/manifests/profile/base/ironic/api.pp
new file mode 100644
index 0000000..1406e2d
--- /dev/null
+++ b/manifests/profile/base/ironic/api.pp
@@ -0,0 +1,33 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ironic::conductor
+#
+# Ironic API profile for TripleO
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step of the deployment
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::ironic::api (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::ironic
+ if $step >= 4 {
+ include ::ironic::api
+ }
+}
diff --git a/manifests/profile/base/ironic/conductor.pp b/manifests/profile/base/ironic/conductor.pp
new file mode 100644
index 0000000..7a587a5
--- /dev/null
+++ b/manifests/profile/base/ironic/conductor.pp
@@ -0,0 +1,37 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::ironic::conductor
+#
+# Ironic conductor profile for TripleO
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step of the deployment
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::ironic::conductor (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::ironic
+
+ if $step >= 4 {
+ include ::ironic::drivers::deploy
+ include ::ironic::drivers::ipmi
+ include ::ironic::drivers::pxe
+ include ::ironic::conductor
+ }
+}
diff --git a/manifests/profile/base/keepalived.pp b/manifests/profile/base/keepalived.pp
new file mode 100644
index 0000000..af7c095
--- /dev/null
+++ b/manifests/profile/base/keepalived.pp
@@ -0,0 +1,42 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::keepalived
+#
+# Loadbalancer profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*enable_load_balancer*]
+# (Optional) Whether or not loadbalancer is enabled.
+# Defaults to hiera('enable_load_balancer', true).
+#
+class tripleo::profile::base::keepalived (
+ $enable_load_balancer = hiera('enable_load_balancer', true),
+ $step = hiera('step'),
+) {
+
+ if $step >= 1 {
+ if $enable_load_balancer and hiera('enable_keepalived', true){
+ include ::tripleo::keepalived
+ }
+ }
+
+}
+
diff --git a/manifests/ssl/cinder_config.pp b/manifests/profile/base/kernel.pp
index e1ed113..db0280f 100644
--- a/manifests/ssl/cinder_config.pp
+++ b/manifests/profile/base/kernel.pp
@@ -12,17 +12,15 @@
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
-
-# == Class: tripleo::ssl::cinder_config
#
-# Enable SSL middleware for the cinder service's pipeline.
+# == Class: tripleo::profile::base::kernel
+#
+# Load and configure Kernel modules.
#
+class tripleo::profile::base::kernel {
+
+ create_resources(kmod::load, hiera('kernel_modules'), { })
+ create_resources(sysctl::value, hiera('sysctl_settings'), { })
+ Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
-class tripleo::ssl::cinder_config {
- cinder_api_paste_ini {
- 'filter:ssl_header_handler/paste.filter_factory':
- value => 'oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory';
- 'pipeline:apiversions/pipeline':
- value => 'ssl_header_handler faultwrap osvolumeversionapp';
- }
}
diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp
index f7674df..706b78f 100644
--- a/manifests/profile/base/keystone.pp
+++ b/manifests/profile/base/keystone.pp
@@ -22,18 +22,6 @@
# (Optional) Whether to run db sync
# Defaults to true
#
-# [*manage_service*]
-# (Optional) Whether to manage the keystone service
-# Defaults to undef
-#
-# [*enabled*]
-# (Optional) Whether to enable the keystone service
-# Defaults to undef
-#
-# [*bootstrap_master*]
-# (Optional) The hostname of the node responsible for bootstrapping
-# Defaults to hiera('bootstrap_nodeid')
-#
# [*manage_roles*]
# (Optional) whether to create keystone admin role
# Defaults to true
@@ -52,26 +40,21 @@
# Defaults to hiera('step')
#
class tripleo::profile::base::keystone (
- $sync_db = true,
- $manage_service = undef,
- $enabled = undef,
- $bootstrap_master = undef,
- $manage_roles = true,
- $manage_endpoint = true,
- $manage_db_purge = hiera('keystone_enable_db_purge', true),
- $step = hiera('step'),
+ $sync_db = true,
+ $manage_roles = true,
+ $manage_endpoint = true,
+ $manage_db_purge = hiera('keystone_enable_db_purge', true),
+ $step = hiera('step'),
) {
- if $step >= 2 and $sync_db {
+ if $step >= 3 and $sync_db {
include ::keystone::db::mysql
}
if $step >= 4 or ( $step >= 3 and $sync_db ) {
class { '::keystone':
sync_db => $sync_db,
- manage_service => $manage_service,
- enabled => $enabled,
- enable_bootstrap => $bootstrap_master,
+ enable_bootstrap => $sync_db,
}
include ::keystone::config
@@ -96,21 +79,21 @@ class tripleo::profile::base::keystone (
content => hiera('keystone_signing_certificate'),
owner => 'keystone',
group => 'keystone',
- notify => Service['keystone'],
+ notify => Service[$::apache::params::service_name],
require => File['/etc/keystone/ssl/certs'],
}
file { '/etc/keystone/ssl/private/signing_key.pem':
content => hiera('keystone_signing_key'),
owner => 'keystone',
group => 'keystone',
- notify => Service['keystone'],
+ notify => Service[$::apache::params::service_name],
require => File['/etc/keystone/ssl/private'],
}
file { '/etc/keystone/ssl/certs/ca.pem':
content => hiera('keystone_ca_certificate'),
owner => 'keystone',
group => 'keystone',
- notify => Service['keystone'],
+ notify => Service[$::apache::params::service_name],
require => File['/etc/keystone/ssl/certs'],
}
}
diff --git a/manifests/profile/base/manila/api.pp b/manifests/profile/base/manila/api.pp
new file mode 100644
index 0000000..c1188ec
--- /dev/null
+++ b/manifests/profile/base/manila/api.pp
@@ -0,0 +1,35 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::manila::api
+#
+# Manila API profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::manila::api (
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ include ::manila
+ include ::manila::api
+ }
+}
+
diff --git a/manifests/profile/base/manila/scheduler.pp b/manifests/profile/base/manila/scheduler.pp
new file mode 100644
index 0000000..b6d7593
--- /dev/null
+++ b/manifests/profile/base/manila/scheduler.pp
@@ -0,0 +1,46 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::manila::scheduler
+#
+# Manila Scheduler profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optiona) Whether to run db sync.
+# Defaults to true.
+#
+class tripleo::profile::base::manila::scheduler (
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ if $step >= 3 and $sync_db {
+ include ::manila::db::mysql
+ }
+
+ if $step >= 4 {
+ include ::manila::compute::nova
+ include ::manila::network::neutron
+ include ::manila::scheduler
+ }
+
+}
+
diff --git a/manifests/profile/base/manila/share.pp b/manifests/profile/base/manila/share.pp
new file mode 100644
index 0000000..932e013
--- /dev/null
+++ b/manifests/profile/base/manila/share.pp
@@ -0,0 +1,35 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::manila::share
+#
+# Manila share profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::manila::share (
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ include ::manila::share
+ }
+
+}
+
diff --git a/manifests/profile/base/memcached.pp b/manifests/profile/base/memcached.pp
new file mode 100644
index 0000000..54d12c8
--- /dev/null
+++ b/manifests/profile/base/memcached.pp
@@ -0,0 +1,34 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::memcached
+#
+# Memcached profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+#
+class tripleo::profile::base::memcached (
+ $step = hiera('step'),
+) {
+
+ if $step >= 1 {
+ include ::memcached
+ }
+}
diff --git a/manifests/profile/base/neutron.pp b/manifests/profile/base/neutron.pp
new file mode 100644
index 0000000..d5efa81
--- /dev/null
+++ b/manifests/profile/base/neutron.pp
@@ -0,0 +1,37 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron
+#
+# Neutron server profile for tripleo
+#
+# === Parameters
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to true
+#
+# [*step*]
+# (Optional) The current step of the deployment
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron (
+ $sync_db = true,
+ $step = hiera('step'),
+) {
+ if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) {
+ include ::neutron
+ include ::neutron::config
+ }
+}
diff --git a/manifests/profile/base/neutron/dhcp.pp b/manifests/profile/base/neutron/dhcp.pp
new file mode 100644
index 0000000..180fd37
--- /dev/null
+++ b/manifests/profile/base/neutron/dhcp.pp
@@ -0,0 +1,48 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::dhcp
+#
+# Neutron DHCP Agent profile for tripleo
+#
+# === Parameters
+#
+# [*neutron_dnsmasq_options*]
+# (Optional)
+# Defaults to hiera('neutron_dnsmasq_options')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::dhcp (
+ $neutron_dnsmasq_options = hiera('neutron_dnsmasq_options', ''),
+ $step = hiera('step'),
+) {
+ if $step >= 4 {
+ include ::tripleo::profile::base::neutron
+ include ::neutron::agents::dhcp
+
+ file { '/etc/neutron/dnsmasq-neutron.conf':
+ content => $neutron_dnsmasq_options,
+ owner => 'neutron',
+ group => 'neutron',
+ notify => Service['neutron-dhcp-service'],
+ require => Package['neutron'],
+ }
+
+ Service<| title == 'neutron-server' |> -> Service <| title == 'neutron-dhcp' |>
+ }
+}
diff --git a/manifests/profile/base/neutron/l3.pp b/manifests/profile/base/neutron/l3.pp
new file mode 100644
index 0000000..2b57555
--- /dev/null
+++ b/manifests/profile/base/neutron/l3.pp
@@ -0,0 +1,39 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::l3
+#
+# Neutron L3 Agent server profile for tripleo
+#
+# === Parameters
+#
+# [*neutron_ovs_use_veth*]
+# (Optional) Whether to set ovs_use_veth (for older kernel support)
+# Defaults to hiera('neutron_ovs_use_veth', false)
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::l3 (
+ $step = hiera('step'),
+) {
+ if $step >= 4 {
+ include ::tripleo::profile::base::neutron
+ include ::neutron::agents::l3
+
+ Service<| title == 'neutron-server' |> -> Service <| title == 'neutron-l3' |>
+ }
+}
diff --git a/manifests/profile/base/neutron/metadata.pp b/manifests/profile/base/neutron/metadata.pp
new file mode 100644
index 0000000..d7b4c99
--- /dev/null
+++ b/manifests/profile/base/neutron/metadata.pp
@@ -0,0 +1,35 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::metadata
+#
+# Neutron Metadata Agent profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::metadata (
+ $step = hiera('step'),
+) {
+ if $step >= 4 {
+ include ::tripleo::profile::base::neutron
+ include ::neutron::agents::metadata
+
+ Service<| title == 'neutron-server' |> -> Service<| title == 'neutron-metadata' |>
+ }
+}
diff --git a/manifests/profile/base/neutron/midonet.pp b/manifests/profile/base/neutron/midonet.pp
new file mode 100644
index 0000000..972856f
--- /dev/null
+++ b/manifests/profile/base/neutron/midonet.pp
@@ -0,0 +1,129 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::midonet
+#
+# Midonet Neutron profile for tripleo
+#
+# === Parameters
+#
+# [*vip*]
+# (Optional) Public Virtual IP Address for this cloud
+# Defaults to hiera('public_virtual_ip')
+#
+# [*keystone_admin_token*]
+# (Optional) The Keystone Admin Token
+# Defaults to hiera('keystone::admin_token')
+#
+# [*zookeeper_client_ip*]
+# (Optional) The IP of the Zookeeper Client
+# Defaults to hiera('neutron::bind_host')
+#
+# [*zookeeper_hostnames*]
+# (Optional) The IPs of the Zookeeper Servers
+# Defaults to hiera('controller_node_names')
+#
+# [*neutron_api_node_ips*]
+# (Optional) The IPs of the Neutron API hosts
+# Defaults to hiera('neutron_api_node_ips')
+#
+# [*bind_address*]
+# (Optional) The address to bind Cassandra and Midonet API to
+# Defaults to hiera('neutron::bind_host')
+#
+# [*admin_password*]
+# (Optional) Admin Password for Midonet API
+# Defaults to hiera('admin_password')
+#
+# [*zk_on_controller*]
+# (Optional) Whether to put zookeeper on the controllers
+# Defaults to hiera('enable_zookeeper_on_controller')
+#
+# [*neutron_auth_tenant*]
+# (Optional) Tenant to use for Neutron authentication
+# Defaults to hiera('neutron::server::auth_tenant')
+#
+# [*neutron_auth_password*]
+# (Optional) Password to use for Neutron authentication
+# Defaults to hiera('neutron::server::auth_password')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*step*]
+# (Optional) The current step of the deployment
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::midonet (
+ $vip = hiera('public_virtual_ip'),
+ $keystone_admin_token = hiera('keystone::admin_token', ''),
+ $zookeeper_client_ip = hiera('neutron::bind_host', ''),
+ $zookeeper_hostnames = hiera('controller_node_names', ''),
+ $neutron_api_node_ips = hiera('neutron_api_node_ips', ''),
+ $bind_address = hiera('neutron::bind_host', ''),
+ $admin_password = hiera('admin_password', ''),
+ $zk_on_controller = hiera('enable_zookeeper_on_controller', ''),
+ $neutron_auth_tenant = hiera('neutron::server::auth_tenant', ''),
+ $neutron_auth_password = hiera('neutron::server::auth_password', ''),
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::neutron
+
+ if $step >= 4 {
+ class { '::neutron':
+ service_plugins => []
+ }
+
+ # Run zookeeper in the controller if configured
+ if zk_on_controller {
+ class {'::tripleo::cluster::zookeeper':
+ zookeeper_server_ips => $neutron_api_node_ips,
+ # TODO: create a 'bind' hiera key for zookeeper
+ zookeeper_client_ip => $zookeeper_client_ip,
+ zookeeper_hostnames => split($zookeeper_hostnames, ',')
+ }
+ }
+
+ # Run cassandra in the controller if configured
+ if hiera('enable_cassandra_on_controller') {
+ class {'::tripleo::cluster::cassandra':
+ cassandra_servers => $neutron_api_node_ips,
+ cassandra_ip => $bind_address,
+ }
+ }
+
+ class {'::tripleo::network::midonet::agent':
+ zookeeper_servers => $neutron_api_node_ips,
+ cassandra_seeds => $neutron_api_node_ips
+ }
+
+ class {'::tripleo::network::midonet::api':
+ zookeeper_servers => $neutron_api_node_ips,
+ vip => $vip,
+ keystone_ip => $vip,
+ keystone_admin_token => $keystone_admin_token,
+ bind_address => $bind_address,
+ admin_password => $admin_password,
+ }
+
+ class {'::neutron::plugins::midonet':
+ midonet_api_ip => $vip,
+ keystone_tenant => $neutron_auth_tenant,
+ keystone_password => $neutron_auth_password
+ }
+ }
+}
diff --git a/manifests/profile/base/neutron/n1k.pp b/manifests/profile/base/neutron/n1k.pp
new file mode 100644
index 0000000..8c8cfbd
--- /dev/null
+++ b/manifests/profile/base/neutron/n1k.pp
@@ -0,0 +1,54 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::n1k
+#
+# Neutron N1k Mechanism Driver profile for tripleo
+#
+# === Parameters
+#
+# [*n1kv_source*]
+# (Optional) The source location for the N1Kv
+# Defaults to hiera('n1kv_vem_source', undef)
+#
+# [*n1kv_version*]
+# (Optional) The version of N1Kv to use
+# Defaults to hiera('n1kv_vem_version', undef)
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::n1k (
+ $n1kv_source = hiera('n1kv_vem_source', undef),
+ $n1kv_version = hiera('n1kv_vem_version', undef),
+ $step = hiera('step'),
+) {
+ include ::neutron::plugins::ml2::cisco::nexus1000v
+ include ::tripleo::profile::base::neutron
+
+ if $step >= 4 {
+ class { '::neutron::agents::n1kv_vem':
+ n1kv_source => $n1kv_source,
+ n1kv_version => $n1kv_version,
+ }
+
+ class { '::n1k_vsm':
+ n1kv_source => $n1kv_source,
+ n1kv_version => $n1kv_version,
+ pacemaker_control => false,
+ }
+ }
+}
diff --git a/manifests/profile/base/neutron/ovs.pp b/manifests/profile/base/neutron/ovs.pp
new file mode 100644
index 0000000..f801511
--- /dev/null
+++ b/manifests/profile/base/neutron/ovs.pp
@@ -0,0 +1,39 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::ovs
+#
+# Neutron OVS Agent profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::ovs(
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::neutron
+
+ if $step >= 4 {
+ include ::neutron::agents::ml2::ovs
+
+ # Optional since manage_service may be false and neutron server may not be colocated.
+ Service<| title == 'neutron-server' |> -> Service<| title == 'neutron-ovs-agent-service' |>
+ }
+
+}
diff --git a/manifests/profile/base/neutron/plugins/ml2.pp b/manifests/profile/base/neutron/plugins/ml2.pp
new file mode 100644
index 0000000..8218c9e
--- /dev/null
+++ b/manifests/profile/base/neutron/plugins/ml2.pp
@@ -0,0 +1,62 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::plugins::ml2
+#
+# Neutron ML2 plugin profile for tripleo
+#
+# === Parameters
+#
+# [*mechanism_drivers*]
+# (Optional) The mechanism drivers to use with the Ml2 plugin
+# Defaults to hiera('neutron::plugins::ml2::mechanism_drivers')
+#
+# [*sync_db*]
+# (Optional) Whether to run Neutron DB sync operations
+# Defaults to undef
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::plugins::ml2 (
+ $mechanism_drivers = hiera('neutron::plugins::ml2::mechanism_drivers'),
+ $sync_db = true,
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::neutron
+
+ if $step >= 4 or ( $step >= 3 and $sync_db ) {
+ include ::neutron::plugins::ml2
+
+ if 'cisco_n1kv' in $mechanism_drivers {
+ include ::tripleo::profile::base::neutron::n1k
+ }
+
+ if 'cisco_ucsm' in $mechanism_drivers {
+ include ::neutron::plugins::ml2::cisco::ucsm
+ }
+
+ if 'cisco_nexus' in $mechanism_drivers {
+ include ::neutron::plugins::ml2::cisco::nexus
+ include ::neutron::plugins::ml2::cisco::type_nexus_vxlan
+ }
+
+ if 'bsn_ml2' in $mechanism_drivers {
+ include ::neutron::plugins::ml2::bigswitch::restproxy
+ }
+ }
+}
diff --git a/manifests/profile/base/neutron/plugins/nuage.pp b/manifests/profile/base/neutron/plugins/nuage.pp
new file mode 100644
index 0000000..5d3661e
--- /dev/null
+++ b/manifests/profile/base/neutron/plugins/nuage.pp
@@ -0,0 +1,38 @@
+# Copyright 2014 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::plugins::nuage
+#
+# Nuage Neutron profile for tripleo
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run Neutron DB sync operations
+# Defaults to undef
+#
+class tripleo::profile::base::neutron::plugins::nuage (
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ include ::tripleo::profile::base::neutron
+
+ if $step >= 4 or ( $step >= 3 and $sync_db ) {
+ include ::neutron::plugins::nuage
+ }
+}
diff --git a/manifests/profile/base/neutron/plugins/opencontrail.pp b/manifests/profile/base/neutron/plugins/opencontrail.pp
new file mode 100644
index 0000000..96d7421
--- /dev/null
+++ b/manifests/profile/base/neutron/plugins/opencontrail.pp
@@ -0,0 +1,38 @@
+# Copyright 2014 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::plugins::opencontrail
+#
+# Opencontrail Neutron profile for tripleo
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run Neutron DB sync operations
+# Defaults to undef
+#
+class tripleo::profile::base::neutron::plugins::opencontrail (
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ include ::tripleo::profile::base::neutron
+
+ if $step >= 4 or ( $step >= 3 and $sync_db ) {
+ include ::neutron::plugins::opencontrail
+ }
+}
diff --git a/manifests/profile/base/neutron/plugins/plumgrid.pp b/manifests/profile/base/neutron/plugins/plumgrid.pp
new file mode 100644
index 0000000..f5cd273
--- /dev/null
+++ b/manifests/profile/base/neutron/plugins/plumgrid.pp
@@ -0,0 +1,40 @@
+# Copyright 2016 PLUMgrid, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::plugins::plumgrid
+#
+# PLUMgrid Neutron profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run Neutron DB sync operations
+# Defaults to undef
+#
+class tripleo::profile::base::neutron::plugins::plumgrid (
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ include ::tripleo::profile::base::neutron
+
+ if $step >= 4 or ( $step >= 3 and $sync_db ) {
+ include ::neutron::plugins::plumgrid
+ }
+}
diff --git a/manifests/profile/base/neutron/server.pp b/manifests/profile/base/neutron/server.pp
new file mode 100644
index 0000000..8b5539e
--- /dev/null
+++ b/manifests/profile/base/neutron/server.pp
@@ -0,0 +1,41 @@
+# Copyright 2014 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::server
+#
+# Neutron server profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::server (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::neutron
+
+ if $step >= 3 {
+ include ::neutron::db::mysql
+ }
+
+ if $step >= 4 {
+ include ::neutron::server::notifications
+ include ::neutron::server
+ }
+
+}
diff --git a/manifests/profile/base/nova.pp b/manifests/profile/base/nova.pp
new file mode 100644
index 0000000..52a4c73
--- /dev/null
+++ b/manifests/profile/base/nova.pp
@@ -0,0 +1,69 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::nova
+#
+# Nova base profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step of the deployment
+# Defaults to hiera('step')
+#
+# [*manage_migration*]
+# (Optional) Whether or not manage Nova Live migration
+# Defaults to false
+#
+# [*libvirt_enabled*]
+# (Optional) Whether or not Libvirt is enabled.
+# Defaults to false
+#
+# [*nova_compute_enabled*]
+# (Optional) Whether or not nova-compute is enabled.
+# Defaults to false
+#
+class tripleo::profile::base::nova (
+ $step = hiera('step'),
+ $manage_migration = false,
+ $libvirt_enabled = false,
+ $nova_compute_enabled = false,
+) {
+
+ if hiera('nova::use_ipv6', false) {
+ $memcached_servers = suffix(hiera('memcache_node_ips_v6'), ':11211')
+ } else {
+ $memcached_servers = suffix(hiera('memcache_node_ips'), ':11211')
+ }
+ if $step >= 3 {
+ include ::nova
+ # TODO(emilien): once we merge https://review.openstack.org/#/c/325983/
+ # let's override the value this way.
+ warning('Overriding memcached_servers from puppet-tripleo until 325983 lands.')
+ Nova {
+ memcached_servers => $memcached_servers,
+ }
+ include ::nova::config
+ }
+
+ if $step >= 4 {
+ if $manage_migration {
+ class { '::nova::migration::libvirt':
+ configure_libvirt => $libvirt_enabled,
+ configure_nova => $nova_compute_enabled,
+ }
+ }
+ }
+
+}
diff --git a/manifests/profile/base/nova/api.pp b/manifests/profile/base/nova/api.pp
new file mode 100644
index 0000000..3b36c57
--- /dev/null
+++ b/manifests/profile/base/nova/api.pp
@@ -0,0 +1,50 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::nova::api
+#
+# Nova API profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to true
+#
+class tripleo::profile::base::nova::api (
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ include ::tripleo::profile::base::nova
+
+ if $step >= 3 and $sync_db {
+ include ::nova::db::mysql
+ include ::nova::db::mysql_api
+ }
+
+ if $step >= 4 or ($step >= 3 and $sync_db) {
+ class { '::nova::api':
+ sync_db => $sync_db,
+ sync_db_api => $sync_db,
+ }
+ include ::nova::network::neutron
+ }
+}
+
diff --git a/manifests/profile/base/nova/compute.pp b/manifests/profile/base/nova/compute.pp
new file mode 100644
index 0000000..16b61df
--- /dev/null
+++ b/manifests/profile/base/nova/compute.pp
@@ -0,0 +1,59 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::nova::compute
+#
+# Nova Compute profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*cinder_nfs_backend*]
+# (Optional) Whether or not Cinder is backed by NFS.
+# Defaults to hiera('cinder_enable_nfs_backend', false)
+#
+class tripleo::profile::base::nova::compute (
+ $step = hiera('step'),
+ $cinder_nfs_backend = hiera('cinder_enable_nfs_backend', false),
+) {
+
+ if $step >= 4 {
+ # deploy basic bits for nova
+ include ::tripleo::profile::base::nova
+
+ # deploy basic bits for nova-compute
+ include ::nova::compute
+
+ # deploy bits to connect nova compute to neutron
+ include ::nova::network::neutron
+ }
+
+ # If NFS is used as a Cinder backend
+ if $cinder_nfs_backend {
+ ensure_packages('nfs-utils', { ensure => present })
+ Package['nfs-utils'] -> Service['nova-compute']
+ if str2bool($::selinux) {
+ selboolean { 'virt_use_nfs':
+ value => on,
+ persistent => true,
+ }
+ Selboolean['virt_use_nfs'] -> Package['nfs-utils']
+ }
+ }
+
+}
diff --git a/manifests/profile/base/nova/compute/libvirt.pp b/manifests/profile/base/nova/compute/libvirt.pp
new file mode 100644
index 0000000..5b6f895
--- /dev/null
+++ b/manifests/profile/base/nova/compute/libvirt.pp
@@ -0,0 +1,66 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::nova::compute::libvirt
+#
+# Nova Compute Libvirt profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::nova::compute::libvirt (
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ include ::tripleo::profile::base::nova::compute
+
+ # Ceph + Libvirt
+ $rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false)
+ $rbd_persistent_storage = hiera('rbd_persistent_storage', false)
+ if $rbd_ephemeral_storage or $rbd_persistent_storage {
+ $client_keys = hiera('ceph::profile::params::client_keys')
+ $client_user = join(['client.', hiera('nova::compute::rbd::libvirt_rbd_user')])
+ class { '::nova::compute::rbd':
+ libvirt_rbd_secret_key => $client_keys[$client_user]['secret'],
+ }
+ }
+
+ # TODO(emilien): Some work needs to be done in puppet-nova to separate nova-compute config
+ # when running libvirt and libvirt itself, so we allow micro-services deployments.
+ if str2bool(hiera('nova::use_ipv6', false)) {
+ $vncserver_listen = '::0'
+ } else {
+ $vncserver_listen = '0.0.0.0'
+ }
+
+ if $rbd_ephemeral_storage {
+ class { '::nova::compute::libvirt':
+ libvirt_disk_cachemodes => ['network=writeback'],
+ libvirt_hw_disk_discard => 'unmap',
+ vncserver_listen => $vncserver_listen,
+ }
+ } else {
+ class { '::nova::compute::libvirt' :
+ vncserver_listen => $vncserver_listen,
+ }
+ }
+
+ }
+
+}
diff --git a/manifests/profile/base/nova/conductor.pp b/manifests/profile/base/nova/conductor.pp
new file mode 100644
index 0000000..04c9d06
--- /dev/null
+++ b/manifests/profile/base/nova/conductor.pp
@@ -0,0 +1,35 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::nova::conductor
+#
+# Nova Conductor profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::nova::conductor (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::nova
+ if $step >= 4 {
+ include ::nova::conductor
+ }
+
+}
diff --git a/manifests/profile/base/nova/consoleauth.pp b/manifests/profile/base/nova/consoleauth.pp
new file mode 100644
index 0000000..442cf84
--- /dev/null
+++ b/manifests/profile/base/nova/consoleauth.pp
@@ -0,0 +1,35 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::nova::consoleauth
+#
+# Nova Consoleauth profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::nova::consoleauth (
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ include ::tripleo::profile::base::nova
+ include ::nova::consoleauth
+ }
+
+}
diff --git a/manifests/profile/base/nova/libvirt.pp b/manifests/profile/base/nova/libvirt.pp
new file mode 100644
index 0000000..29ef372
--- /dev/null
+++ b/manifests/profile/base/nova/libvirt.pp
@@ -0,0 +1,49 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::nova::libvirt
+#
+# Libvirt profile for tripleo. It will deploy Libvirt service and configure it.
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::nova::libvirt (
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ include ::tripleo::profile::base::nova
+ include ::nova::compute::libvirt::services
+
+ file { ['/etc/libvirt/qemu/networks/autostart/default.xml',
+ '/etc/libvirt/qemu/networks/default.xml']:
+ ensure => absent,
+ before => Service['libvirt'],
+ }
+
+ # in case libvirt has been already running before the Puppet run, make
+ # sure the default network is destroyed
+ exec { 'libvirt-default-net-destroy':
+ command => '/usr/bin/virsh net-destroy default',
+ onlyif => '/usr/bin/virsh net-info default | /bin/grep -i "^active:\s*yes"',
+ before => Service['libvirt'],
+ }
+ }
+
+}
diff --git a/manifests/profile/base/nova/scheduler.pp b/manifests/profile/base/nova/scheduler.pp
new file mode 100644
index 0000000..13b4e82
--- /dev/null
+++ b/manifests/profile/base/nova/scheduler.pp
@@ -0,0 +1,36 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::nova::scheduler
+#
+# Nova Scheduler profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::nova::scheduler (
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ include ::tripleo::profile::base::nova
+ include ::nova::scheduler
+ include ::nova::scheduler::filter
+ }
+
+}
diff --git a/manifests/profile/base/nova/vncproxy.pp b/manifests/profile/base/nova/vncproxy.pp
new file mode 100644
index 0000000..aa0cc7b
--- /dev/null
+++ b/manifests/profile/base/nova/vncproxy.pp
@@ -0,0 +1,35 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::nova::vncproxy
+#
+# Nova vncproxy profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::nova::vncproxy (
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ include ::tripleo::profile::base::nova
+ include ::nova::vncproxy
+ }
+
+}
diff --git a/manifests/profile/base/rabbitmq.pp b/manifests/profile/base/rabbitmq.pp
new file mode 100644
index 0000000..6e86eab
--- /dev/null
+++ b/manifests/profile/base/rabbitmq.pp
@@ -0,0 +1,96 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::rabbitmq
+#
+# RabbitMQ profile for tripleo
+#
+# === Parameters
+#
+# [*nodes*]
+# (Optional) Array of host(s) for RabbitMQ nodes.
+# Defaults to hiera('rabbit_node_ips', []).
+#
+# [*ipv6*]
+# (Optional) Whether to deploy RabbitMQ on IPv6 network.
+# Defaults to str2bool(hiera('rabbit_ipv6', false)).
+#
+# [*environment*]
+# (Optional) RabbitMQ environment.
+# Defaults to hiera('rabbitmq_environment').
+#
+# [*kernel_variables*]
+# (Optional) RabbitMQ environment.
+# Defaults to hiera('rabbitmq_environment').
+#
+# [*config_variables*]
+# (Optional) RabbitMQ environment.
+# Defaults to hiera('rabbitmq_config_variables').
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::rabbitmq (
+ $nodes = hiera('rabbit_node_ips', []),
+ $ipv6 = str2bool(hiera('rabbit_ipv6', false)),
+ $environment = hiera('rabbitmq_environment'),
+ $kernel_variables = hiera('rabbitmq_kernel_variables'),
+ $config_variables = hiera('rabbitmq_config_variables'),
+ $step = hiera('step'),
+) {
+
+ # IPv6 environment, necessary for RabbitMQ.
+ if $ipv6 {
+ $rabbit_env = merge($environment, {
+ 'RABBITMQ_SERVER_START_ARGS' => '"-proto_dist inet6_tcp"'
+ })
+ } else {
+ $rabbit_env = $environment
+ }
+
+ $manage_service = hiera('rabbitmq::service_manage', true)
+ if $step >= 1 {
+ # Specific configuration for multi-nodes or when running with Pacemaker.
+ if count($nodes) > 1 or ! $manage_service {
+ class { '::rabbitmq':
+ config_cluster => $manage_service,
+ cluster_nodes => $nodes,
+ tcp_keepalive => false,
+ config_kernel_variables => $kernel_variables,
+ config_variables => $config_variables,
+ environment_variables => $rabbit_env,
+ }
+ # when running multi-nodes without Pacemaker
+ if $manage_service {
+ rabbitmq_policy { 'ha-all@/':
+ pattern => '^(?!amq\.).*',
+ definition => {
+ 'ha-mode' => 'all',
+ },
+ }
+ }
+ } else {
+ # Standard configuration
+ class { '::rabbitmq':
+ tcp_keepalive => false,
+ config_kernel_variables => $kernel_variables,
+ config_variables => $config_variables,
+ environment_variables => $rabbit_env,
+ }
+ }
+ }
+
+}
diff --git a/manifests/profile/base/sahara.pp b/manifests/profile/base/sahara.pp
new file mode 100644
index 0000000..befb5d3
--- /dev/null
+++ b/manifests/profile/base/sahara.pp
@@ -0,0 +1,31 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::sahara
+#
+# Sahara server profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step of the deployment
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::sahara (
+ $step = hiera('step'),
+) {
+ if $step >= 4 {
+ include ::sahara
+ }
+}
diff --git a/manifests/profile/base/sahara/api.pp b/manifests/profile/base/sahara/api.pp
new file mode 100644
index 0000000..e9149b1
--- /dev/null
+++ b/manifests/profile/base/sahara/api.pp
@@ -0,0 +1,33 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::sahara::api
+#
+# Sahara API profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::sahara::api (
+ $step = hiera('step'),
+) {
+ if $step >= 4 {
+ include ::tripleo::profile::base::sahara
+ include ::sahara::api
+ }
+}
diff --git a/manifests/profile/base/sahara/engine.pp b/manifests/profile/base/sahara/engine.pp
new file mode 100644
index 0000000..28aff7b
--- /dev/null
+++ b/manifests/profile/base/sahara/engine.pp
@@ -0,0 +1,42 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::sahara::engine
+#
+# Sahara API profile for tripleo
+#
+# === Parameters
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to true
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::sahara::engine (
+ $sync_db = true,
+ $step = hiera('step'),
+) {
+ if $step >= 3 and $sync_db {
+ include ::sahara::db::mysql
+ }
+
+ if $step >= 4 or ($step >= 3 and $sync_db) {
+ include ::tripleo::profile::base::sahara
+ include ::sahara::engine
+ }
+}
diff --git a/manifests/profile/base/snmp.pp b/manifests/profile/base/snmp.pp
new file mode 100644
index 0000000..40f7393
--- /dev/null
+++ b/manifests/profile/base/snmp.pp
@@ -0,0 +1,50 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::snmp
+#
+# SNMP profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*snmpd_user*]
+# The SNMP username
+# Defaults to hiera('snmpd_readonly_user_name')
+#
+# [*snmpd_password*]
+# The SNMP password
+# Defaults to hiera('snmpd_readonly_user_password')
+#
+class tripleo::profile::base::snmp (
+ $step = hiera('step'),
+ $snmpd_user = hiera('snmpd_readonly_user_name'),
+ $snmpd_password = hiera('snmpd_readonly_user_password'),
+) {
+
+ if $step >= 4 {
+ snmp::snmpv3_user { $snmpd_user:
+ authtype => 'MD5',
+ authpass => $snmpd_password,
+ }
+ class { '::snmp':
+ agentaddress => ['udp:161','udp6:[::1]:161'],
+ snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']), join(['rouser ', $snmpd_user]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
+ }
+ }
+}
diff --git a/manifests/profile/base/swift/proxy.pp b/manifests/profile/base/swift/proxy.pp
new file mode 100644
index 0000000..40e61ae
--- /dev/null
+++ b/manifests/profile/base/swift/proxy.pp
@@ -0,0 +1,45 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::swift::proxy
+#
+# Swift proxy profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+#
+class tripleo::profile::base::swift::proxy (
+ $step = hiera('step'),
+) {
+
+ if $step >= 4 {
+ include ::swift::proxy
+ include ::swift::proxy::proxy_logging
+ include ::swift::proxy::healthcheck
+ include ::swift::proxy::cache
+ include ::swift::proxy::keystone
+ include ::swift::proxy::authtoken
+ include ::swift::proxy::staticweb
+ include ::swift::proxy::ratelimit
+ include ::swift::proxy::catch_errors
+ include ::swift::proxy::tempurl
+ include ::swift::proxy::formpost
+ include ::swift::proxy::bulk
+ }
+}
diff --git a/manifests/profile/base/swift/storage.pp b/manifests/profile/base/swift/storage.pp
new file mode 100644
index 0000000..371cb0d
--- /dev/null
+++ b/manifests/profile/base/swift/storage.pp
@@ -0,0 +1,52 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::swift::storage
+#
+# Swift storage profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*enable_swift_storage*]
+# (Optional) enable_swift_storage
+# Deprecated: defaults to true
+#
+class tripleo::profile::base::swift::storage (
+ $step = hiera('step'),
+ # Deprecated conditional to support ControllerEnableSwiftStorage parameter
+ $enable_swift_storage = true,
+) {
+
+ if $step >= 4 {
+ if $enable_swift_storage {
+ include ::swift::storage::all
+ if(!defined(File['/srv/node'])) {
+ file { '/srv/node':
+ ensure => directory,
+ owner => 'swift',
+ group => 'swift',
+ require => Package['openstack-swift'],
+ }
+ }
+ $swift_components = ['account', 'container', 'object']
+ swift::storage::filter::recon { $swift_components : }
+ swift::storage::filter::healthcheck { $swift_components : }
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/ceilometer.pp b/manifests/profile/pacemaker/ceilometer.pp
new file mode 100644
index 0000000..0c21807
--- /dev/null
+++ b/manifests/profile/pacemaker/ceilometer.pp
@@ -0,0 +1,138 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::ceilometer
+#
+# Ceilometer Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to undef
+#
+class tripleo::profile::pacemaker::ceilometer (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ include ::tripleo::profile::base::ceilometer
+
+ if $step >= 5 and $pacemaker_master {
+ $ceilometer_backend = downcase(hiera('ceilometer_backend', 'mongodb'))
+ case $ceilometer_backend {
+ /mysql/: {
+ pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
+ clone_params => 'interleave=true',
+ require => Pacemaker::Resource::Ocf['openstack-core'],
+ }
+ }
+ default: {
+ pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
+ clone_params => 'interleave=true',
+ require => [Pacemaker::Resource::Ocf['openstack-core'],
+ Pacemaker::Resource::Service[$::mongodb::params::service_name]],
+ }
+ }
+ }
+
+ if $sync_db {
+ if $ceilometer_backend == 'mysql' {
+ class { '::ceilometer::db::mysql':
+ require => Exec['galera-ready'],
+ }
+ }
+ }
+
+ # NOTE(emilien): the constraints won't live forever here as we're moving to
+ # pacemaker-lite architecture.
+
+ # Fedora doesn't know `require-all` parameter for constraints yet
+ if $::operatingsystem == 'Fedora' {
+ $redis_ceilometer_constraint_params = undef
+ } else {
+ $redis_ceilometer_constraint_params = 'require-all=false'
+ }
+ pacemaker::constraint::base { 'redis-then-ceilometer-central-constraint':
+ constraint_type => 'order',
+ first_resource => 'redis-master',
+ second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
+ first_action => 'promote',
+ second_action => 'start',
+ constraint_params => $redis_ceilometer_constraint_params,
+ require => [Pacemaker::Resource::Ocf['redis'],
+ Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name]],
+ }
+ pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint':
+ constraint_type => 'order',
+ first_resource => 'openstack-core-clone',
+ second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
+ Pacemaker::Resource::Ocf['openstack-core']],
+ }
+ pacemaker::constraint::base { 'keystone-then-ceilometer-notification-constraint':
+ constraint_type => 'order',
+ first_resource => 'openstack-core-clone',
+ second_resource => "${::ceilometer::params::agent_notification_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
+ Pacemaker::Resource::Ocf['openstack-core']],
+ }
+ pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint':
+ constraint_type => 'order',
+ first_resource => "${::ceilometer::params::agent_central_service_name}-clone",
+ second_resource => "${::ceilometer::params::collector_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
+ Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
+ }
+ pacemaker::constraint::base { 'ceilometer-collector-then-ceilometer-api-constraint':
+ constraint_type => 'order',
+ first_resource => "${::ceilometer::params::collector_service_name}-clone",
+ second_resource => "${::ceilometer::params::api_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name],
+ Pacemaker::Resource::Service[$::ceilometer::params::api_service_name]],
+ }
+ pacemaker::constraint::colocation { 'ceilometer-api-with-ceilometer-collector-colocation':
+ source => "${::ceilometer::params::api_service_name}-clone",
+ target => "${::ceilometer::params::collector_service_name}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
+ Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/ceilometer/agent/central.pp b/manifests/profile/pacemaker/ceilometer/agent/central.pp
new file mode 100644
index 0000000..e227614
--- /dev/null
+++ b/manifests/profile/pacemaker/ceilometer/agent/central.pp
@@ -0,0 +1,58 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::ceilometer::agent::central
+#
+# Ceilometer Central Agent Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::ceilometer::agent::central (
+ $pacemaker_master = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ include ::ceilometer::params
+ include ::tripleo::profile::pacemaker::ceilometer
+ include ::tripleo::profile::base::ceilometer::agent::central
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ $ceilometer_backend = downcase(hiera('ceilometer_backend', 'mongodb'))
+ case downcase(hiera('ceilometer_backend')) {
+ /mysql/: {
+ pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
+ clone_params => 'interleave=true',
+ require => Pacemaker::Resource::Ocf['openstack-core'],
+ }
+ }
+ default: {
+ pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
+ clone_params => 'interleave=true',
+ require => [Pacemaker::Resource::Ocf['openstack-core'],
+ Pacemaker::Resource::Service[$::mongodb::params::service_name]],
+ }
+ }
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/ceilometer/agent/notification.pp b/manifests/profile/pacemaker/ceilometer/agent/notification.pp
new file mode 100644
index 0000000..868bb22
--- /dev/null
+++ b/manifests/profile/pacemaker/ceilometer/agent/notification.pp
@@ -0,0 +1,45 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::ceilometer::agent::notification
+#
+# Ceilometer Notification Agent Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::ceilometer::agent::notification (
+ $pacemaker_master = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ include ::ceilometer::params
+ include ::tripleo::profile::pacemaker::ceilometer
+ include ::tripleo::profile::base::ceilometer::agent::notification
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ pacemaker::resource::service { $::ceilometer::params::agent_notification_service_name :
+ clone_params => 'interleave=true',
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/ceilometer/api.pp b/manifests/profile/pacemaker/ceilometer/api.pp
new file mode 100644
index 0000000..cfe103a
--- /dev/null
+++ b/manifests/profile/pacemaker/ceilometer/api.pp
@@ -0,0 +1,52 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::ceilometer::api
+#
+# Ceilometer API Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::ceilometer::api (
+ $pacemaker_master = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ include ::ceilometer::params
+ include ::tripleo::profile::pacemaker::ceilometer
+ include ::tripleo::profile::base::ceilometer::api
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ pacemaker::resource::service { $::ceilometer::params::api_service_name :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::constraint::colocation { 'ceilometer-delay-with-ceilometer-api-colocation':
+ source => 'delay-clone',
+ target => "${::ceilometer::params::api_service_name}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
+ Pacemaker::Resource::Ocf['delay']],
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/ceilometer/collector.pp b/manifests/profile/pacemaker/ceilometer/collector.pp
new file mode 100644
index 0000000..2a838f2
--- /dev/null
+++ b/manifests/profile/pacemaker/ceilometer/collector.pp
@@ -0,0 +1,57 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::ceilometer::collector
+#
+# Ceilometer Collector Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to undef
+#
+class tripleo::profile::pacemaker::ceilometer::collector (
+ $pacemaker_master = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ include ::ceilometer::params
+ include ::tripleo::profile::pacemaker::ceilometer
+
+ class { '::tripleo::profile::base::ceilometer::collector':
+ sync_db => (downcase($::hostname) == $pacemaker_master),
+ }
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ $ceilometer_backend = downcase(hiera('ceilometer_backend', 'mongodb'))
+ if $ceilometer_backend == 'mysql' {
+ Exec<| title == 'galera-ready'|> -> Class['ceilometer::db::mysql']
+ }
+ pacemaker::resource::service { $::ceilometer::params::collector_service_name :
+ clone_params => 'interleave=true',
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/cinder/api.pp b/manifests/profile/pacemaker/cinder/api.pp
new file mode 100644
index 0000000..2c9cedf
--- /dev/null
+++ b/manifests/profile/pacemaker/cinder/api.pp
@@ -0,0 +1,67 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::cinder::api
+#
+# Cinder API Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::cinder::api (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ Service <| tag == 'cinder-service' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ class { '::tripleo::profile::base::cinder::api':
+ sync_db => $pacemaker_master,
+ }
+
+ if $step >= 5 and $pacemaker_master {
+ pacemaker::resource::service { $::cinder::params::api_service :
+ clone_params => 'interleave=true',
+ require => Pacemaker::Resource::Ocf['openstack-core'],
+ }
+ pacemaker::constraint::base { 'keystone-then-cinder-api-constraint':
+ constraint_type => 'order',
+ first_resource => 'openstack-core-clone',
+ second_resource => "${::cinder::params::api_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Ocf['openstack-core'],
+ Pacemaker::Resource::Service[$::cinder::params::api_service]],
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/cinder/scheduler.pp b/manifests/profile/pacemaker/cinder/scheduler.pp
new file mode 100644
index 0000000..9b79903
--- /dev/null
+++ b/manifests/profile/pacemaker/cinder/scheduler.pp
@@ -0,0 +1,72 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::cinder::scheduler
+#
+# Cinder Scheduler Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::cinder::scheduler (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ Service <| tag == 'cinder-service' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ include ::tripleo::profile::base::cinder::scheduler
+
+ if $step >= 5 and $pacemaker_master {
+ pacemaker::resource::service { $::cinder::params::scheduler_service :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint':
+ constraint_type => 'order',
+ first_resource => "${::cinder::params::api_service}-clone",
+ second_resource => "${::cinder::params::scheduler_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
+ Pacemaker::Resource::Service[$::cinder::params::scheduler_service]],
+ }
+ pacemaker::constraint::colocation { 'cinder-scheduler-with-cinder-api-colocation':
+ source => "${::cinder::params::scheduler_service}-clone",
+ target => "${::cinder::params::api_service}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
+ Pacemaker::Resource::Service[$::cinder::params::scheduler_service]],
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/cinder/volume.pp b/manifests/profile/pacemaker/cinder/volume.pp
new file mode 100644
index 0000000..a4f251e
--- /dev/null
+++ b/manifests/profile/pacemaker/cinder/volume.pp
@@ -0,0 +1,70 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::cinder::volume
+#
+# Cinder Volume Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::cinder::volume (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ Service <| tag == 'cinder-service' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ include ::tripleo::profile::base::cinder::volume
+
+ if $step >= 5 and $pacemaker_master {
+ pacemaker::resource::service { $::cinder::params::volume_service : }
+ pacemaker::constraint::base { 'cinder-scheduler-then-cinder-volume-constraint':
+ constraint_type => 'order',
+ first_resource => "${::cinder::params::scheduler_service}-clone",
+ second_resource => $::cinder::params::volume_service,
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service],
+ Pacemaker::Resource::Service[$::cinder::params::volume_service]],
+ }
+ pacemaker::constraint::colocation { 'cinder-volume-with-cinder-scheduler-colocation':
+ source => $::cinder::params::volume_service,
+ target => "${::cinder::params::scheduler_service}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::cinder::params::scheduler_service],
+ Pacemaker::Resource::Service[$::cinder::params::volume_service]],
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/database/mongodb.pp b/manifests/profile/pacemaker/database/mongodb.pp
new file mode 100644
index 0000000..15c84d7
--- /dev/null
+++ b/manifests/profile/pacemaker/database/mongodb.pp
@@ -0,0 +1,74 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::database::mongodb
+#
+# Mongodb Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*mongodb_replset*]
+# Mongodb replicaset name
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::database::mongodb (
+ $mongodb_replset,
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ if $step >= 1 {
+ include ::mongodb::globals
+ include ::mongodb::client
+ include ::mongodb::server
+ }
+
+ if $step >= 2 {
+
+ include ::tripleo::profile::base::database::mongodbcommon
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ if $pacemaker_master {
+ pacemaker::resource::service { $::mongodb::params::service_name :
+ op_params => 'start timeout=370s stop timeout=200s',
+ clone_params => true,
+ require => Class['::mongodb::server'],
+ }
+ # NOTE (spredzy) : The replset can only be run
+ # once all the nodes have joined the cluster.
+ tripleo::profile::pacemaker::database::mongodbvalidator {
+ $tripleo::profile::base::database::mongodbcommon::mongodb_node_ips :
+ port => $tripleo::profile::base::database::mongodbcommon::port,
+ require => Pacemaker::Resource::Service[$::mongodb::params::service_name],
+ before => Mongodb_replset[$mongodb_replset],
+ }
+ mongodb_replset { $mongodb_replset :
+ members => $tripleo::profile::base::database::mongodbcommon::mongo_node_ips_with_port_nobr,
+ }
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/database/mongodbvalidator.pp b/manifests/profile/pacemaker/database/mongodbvalidator.pp
new file mode 100644
index 0000000..95d3bd7
--- /dev/null
+++ b/manifests/profile/pacemaker/database/mongodbvalidator.pp
@@ -0,0 +1,37 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::database::mongodb::conn_validator
+#
+# Connection validator for a node that serves MongoDB. This is done to be able
+# to iterate through the different servers in a more seamless way.
+#
+# === Parameters
+#
+# [*title*]
+# the title or namevar of the resource will be used as the server of the
+# actual mongodb_conn_validator.
+#
+# [*port*]
+# The port in which the MongoDB server is listening on.
+#
+define tripleo::profile::pacemaker::database::mongodbvalidator(
+ $port,
+) {
+ mongodb_conn_validator { "${title}_conn_validator" :
+ server => $title,
+ port => $port,
+ timeout => '600',
+ }
+}
diff --git a/manifests/profile/pacemaker/database/redis.pp b/manifests/profile/pacemaker/database/redis.pp
new file mode 100644
index 0000000..9bb96ae
--- /dev/null
+++ b/manifests/profile/pacemaker/database/redis.pp
@@ -0,0 +1,63 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::database::redis
+#
+# OpenStack Redis Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*redis_vip*]
+# Redis virtual IP
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*enable_load_balancer*]
+# (Optional) Whether load balancing is enabled for this cluster
+# Defaults to hiera('enable_load_balancer', true)
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::pacemaker::database::redis (
+ $redis_vip,
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $enable_load_balancer = hiera('enable_load_balancer', true),
+ $step = hiera('step'),
+) {
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ if $step >= 1 {
+ include ::redis
+ }
+
+ if $step >= 2 and $pacemaker_master {
+ pacemaker::resource::ocf { 'redis':
+ ocf_agent_name => 'heartbeat:redis',
+ master_params => '',
+ meta_params => 'notify=true ordered=true interleave=true',
+ resource_params => 'wait_last_known_master=true',
+ require => Class['::redis'],
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/glance.pp b/manifests/profile/pacemaker/glance.pp
index cb2add1..10f4f03 100644
--- a/manifests/profile/pacemaker/glance.pp
+++ b/manifests/profile/pacemaker/glance.pp
@@ -62,20 +62,22 @@ class tripleo::profile::pacemaker::glance (
$glance_file_pcmk_options = hiera('glance_file_pcmk_options', ''),
) {
+ Service <| tag == 'glance-service' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
if $::hostname == downcase($bootstrap_node) {
$pacemaker_master = true
} else {
$pacemaker_master = false
}
- class { '::tripleo::profile::base::glance::api':
- manage_service => false,
- enabled => false,
- }
+ include ::tripleo::profile::base::glance::api
class { '::tripleo::profile::base::glance::registry':
sync_db => $pacemaker_master,
- manage_service => false,
- enabled => false,
}
if $step >= 4 {
diff --git a/manifests/profile/pacemaker/gnocchi.pp b/manifests/profile/pacemaker/gnocchi.pp
new file mode 100644
index 0000000..ad566b1
--- /dev/null
+++ b/manifests/profile/pacemaker/gnocchi.pp
@@ -0,0 +1,90 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::gnocchi
+#
+# Gnocchi Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*gnocchi_indexer_backend*]
+# (Optional) Gnocchi indexer backend
+# Defaults to mysql
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to undef
+#
+
+class tripleo::profile::pacemaker::gnocchi (
+ $gnocchi_indexer_backend = downcase(hiera('gnocchi_indexer_backend', 'mysql')),
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ Service <| tag == 'gnocchi-service' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ if $step >= 3 and $sync_db {
+ include ::gnocchi
+ include ::gnocchi::config
+ include ::gnocchi::client
+ if $gnocchi_indexer_backend == 'mysql' {
+ class { '::gnocchi::db::mysql':
+ require => Exec['galera-ready'],
+ }
+ }
+ include ::gnocchi::db::sync
+ }
+
+ if $step >= 5 and $pacemaker_master {
+
+ pacemaker::constraint::base { 'gnocchi-metricd-then-gnocchi-statsd-constraint':
+ constraint_type => 'order',
+ first_resource => "${::gnocchi::params::metricd_service_name}-clone",
+ second_resource => "${::gnocchi::params::statsd_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::gnocchi::params::metricd_service_name],
+ Pacemaker::Resource::Service[$::gnocchi::params::statsd_service_name]],
+ }
+ pacemaker::constraint::colocation { 'gnocchi-statsd-with-metricd-colocation':
+ source => "${::gnocchi::params::statsd_service_name}-clone",
+ target => "${::gnocchi::params::metricd_service_name}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::gnocchi::params::metricd_service_name],
+ Pacemaker::Resource::Service[$::gnocchi::params::statsd_service_name]],
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/gnocchi/api.pp b/manifests/profile/pacemaker/gnocchi/api.pp
new file mode 100644
index 0000000..684527f
--- /dev/null
+++ b/manifests/profile/pacemaker/gnocchi/api.pp
@@ -0,0 +1,46 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::gnocchi::api
+#
+# Gnocchi profile for tripleo api
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*sync_db*]
+# (Optional) Whether to run db sync
+# Defaults to undef
+
+class tripleo::profile::pacemaker::gnocchi::api (
+ $pacemaker_master = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+ $sync_db = true,
+) {
+
+ include ::tripleo::profile::pacemaker::gnocchi
+
+ class { '::tripleo::profile::base::gnocchi::api':
+ step => $step,
+ sync_db => (downcase($::hostname) == $pacemaker_master),
+ }
+}
diff --git a/manifests/profile/pacemaker/gnocchi/metricd.pp b/manifests/profile/pacemaker/gnocchi/metricd.pp
new file mode 100644
index 0000000..4ac5e74
--- /dev/null
+++ b/manifests/profile/pacemaker/gnocchi/metricd.pp
@@ -0,0 +1,47 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::gnocchi::metricd
+#
+# Gnocchi metricd profile
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::pacemaker::gnocchi::metricd (
+ $pacemaker_master = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ include ::gnocchi::params
+ include ::tripleo::profile::pacemaker::gnocchi
+
+ if $step >= 4 and downcase($::hostname) == $pacemaker_master {
+
+ include ::gnocchi::metricd
+
+ pacemaker::resource::service { $::gnocchi::params::metricd_service_name :
+ clone_params => 'interleave=true',
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/gnocchi/statsd.pp b/manifests/profile/pacemaker/gnocchi/statsd.pp
new file mode 100644
index 0000000..526dcac
--- /dev/null
+++ b/manifests/profile/pacemaker/gnocchi/statsd.pp
@@ -0,0 +1,47 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::gnocchi::statsd
+#
+# Gnocchi statsd profile
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+
+class tripleo::profile::pacemaker::gnocchi::statsd (
+ $pacemaker_master = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ include ::gnocchi::params
+ include ::tripleo::profile::pacemaker::gnocchi
+
+ if $step >= 4 and downcase($::hostname) == $pacemaker_master {
+
+ include ::gnocchi::statsd
+
+ pacemaker::resource::service { $::gnocchi::params::statsd_service_name :
+ clone_params => 'interleave=true',
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/haproxy.pp b/manifests/profile/pacemaker/haproxy.pp
new file mode 100644
index 0000000..a7aca58
--- /dev/null
+++ b/manifests/profile/pacemaker/haproxy.pp
@@ -0,0 +1,99 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::haproxy
+#
+# HAproxy with Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*enable_load_balancer*]
+# (Optional) Whether load balancing is enabled for this cluster
+# Defaults to hiera('enable_load_balancer', true)
+#
+class tripleo::profile::pacemaker::haproxy (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+ $enable_load_balancer = hiera('enable_load_balancer', true)
+) {
+
+ include ::tripleo::profile::base::haproxy
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ if $step >= 2 and $pacemaker_master and $enable_load_balancer {
+ # FIXME: we should not have to access tripleo::haproxy class
+ # parameters here to configure pacemaker VIPs. The configuration
+ # of pacemaker VIPs could move into puppet-tripleo or we should
+ # make use of less specific hiera parameters here for the settings.
+ pacemaker::resource::service { 'haproxy':
+ clone_params => true,
+ }
+
+ $control_vip = hiera('controller_virtual_ip')
+ tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_control_vip':
+ vip_name => 'control',
+ ip_address => $control_vip,
+ }
+
+ $public_vip = hiera('public_virtual_ip')
+ tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_public_vip':
+ ensure => $public_vip and $public_vip != $control_vip,
+ vip_name => 'public',
+ ip_address => $public_vip,
+ }
+
+ $redis_vip = hiera('redis_vip')
+ tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_redis_vip':
+ ensure => $redis_vip and $redis_vip != $control_vip,
+ vip_name => 'redis',
+ ip_address => $redis_vip,
+ }
+
+ $internal_api_vip = hiera('internal_api_virtual_ip')
+ tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_internal_api_vip':
+ ensure => $internal_api_vip and $internal_api_vip != $control_vip,
+ vip_name => 'internal_api',
+ ip_address => $internal_api_vip,
+ }
+
+ $storage_vip = hiera('storage_virtual_ip')
+ tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_storage_vip':
+ ensure => $storage_vip and $storage_vip != $control_vip,
+ vip_name => 'storage',
+ ip_address => $storage_vip,
+ }
+
+ $storage_mgmt_vip = hiera('storage_mgmt_virtual_ip')
+ tripleo::pacemaker::haproxy_with_vip { 'haproxy_and_storage_mgmt_vip':
+ ensure => $storage_mgmt_vip and $storage_mgmt_vip != $control_vip,
+ vip_name => 'storage_mgmt',
+ ip_address => $storage_mgmt_vip,
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/heat.pp b/manifests/profile/pacemaker/heat.pp
new file mode 100644
index 0000000..e72f02a
--- /dev/null
+++ b/manifests/profile/pacemaker/heat.pp
@@ -0,0 +1,46 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::heat
+#
+# Heat Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::heat (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ Service <| tag == 'heat-service' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ class { '::tripleo::profile::base::heat':
+ bootstrap_master => $bootstrap_node,
+ }
+
+}
diff --git a/manifests/profile/pacemaker/heat/api.pp b/manifests/profile/pacemaker/heat/api.pp
new file mode 100644
index 0000000..ed9ca5b
--- /dev/null
+++ b/manifests/profile/pacemaker/heat/api.pp
@@ -0,0 +1,50 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::heat
+#
+# Heat API Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::heat::api (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ include ::tripleo::profile::pacemaker::heat
+ include ::tripleo::profile::base::heat::api
+
+ if $step >= 5 and $pacemaker_master {
+ pacemaker::resource::service { $::heat::params::api_service_name :
+ clone_params => 'interleave=true',
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/heat/api_cfn.pp b/manifests/profile/pacemaker/heat/api_cfn.pp
new file mode 100644
index 0000000..d3ba6e4
--- /dev/null
+++ b/manifests/profile/pacemaker/heat/api_cfn.pp
@@ -0,0 +1,50 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::heat
+#
+# Heat Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::heat::api_cfn (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ include ::tripleo::profile::pacemaker::heat
+ include ::tripleo::profile::base::heat::api_cfn
+
+ if $step >= 5 and $pacemaker_master {
+ pacemaker::resource::service { $::heat::params::api_cfn_service_name :
+ clone_params => 'interleave=true',
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/heat/api_cloudwatch.pp b/manifests/profile/pacemaker/heat/api_cloudwatch.pp
new file mode 100644
index 0000000..a7784fb
--- /dev/null
+++ b/manifests/profile/pacemaker/heat/api_cloudwatch.pp
@@ -0,0 +1,51 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::heat
+#
+# Heat Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::heat::api_cloudwatch (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ include ::tripleo::profile::pacemaker::heat
+ include ::tripleo::profile::base::heat::api_cloudwatch
+
+ if $step >= 5 and $pacemaker_master {
+ # Heat
+ pacemaker::resource::service { $::heat::params::api_cloudwatch_service_name :
+ clone_params => 'interleave=true',
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/heat/engine.pp b/manifests/profile/pacemaker/heat/engine.pp
new file mode 100644
index 0000000..47b8a09
--- /dev/null
+++ b/manifests/profile/pacemaker/heat/engine.pp
@@ -0,0 +1,52 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::heat
+#
+# Heat Engine Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::heat::engine (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ include ::tripleo::profile::pacemaker::heat
+ class { '::tripleo::profile::base::heat::engine':
+ sync_db => $pacemaker_master,
+ }
+
+ if $step >= 5 and $pacemaker_master {
+ pacemaker::resource::service { $::heat::params::engine_service_name :
+ clone_params => 'interleave=true',
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/keystone.pp b/manifests/profile/pacemaker/keystone.pp
index f2bc827..46a40db 100644
--- a/manifests/profile/pacemaker/keystone.pp
+++ b/manifests/profile/pacemaker/keystone.pp
@@ -37,27 +37,25 @@ class tripleo::profile::pacemaker::keystone (
$enable_load_balancer = hiera('enable_load_balancer', true)
) {
- if $::hostname == downcase($bootstrap_node) {
- $pacemaker_master = true
- } else {
- $pacemaker_master = false
+ Service <| tag == 'keystone-service' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
}
- if $step >= 6 and $pacemaker_master {
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
$manage_roles = true
- Pacemaker::Resource::Service[$::apache::params::service_name] -> Class['::keystone::roles::admin']
- Pacemaker::Resource::Service[$::apache::params::service_name] -> Class['::keystone::endpoint']
} else {
+ $pacemaker_master = false
$manage_roles = false
}
class { '::tripleo::profile::base::keystone':
- sync_db => $pacemaker_master,
- manage_service => false,
- enabled => false,
- bootstrap_master => $pacemaker_master,
- manage_roles => $manage_roles,
- manage_endpoint => $manage_roles
+ sync_db => $pacemaker_master,
+ manage_roles => $manage_roles,
+ manage_endpoint => $manage_roles
}
if $step >= 5 and $pacemaker_master and $enable_load_balancer {
@@ -67,6 +65,7 @@ class tripleo::profile::pacemaker::keystone (
second_resource => 'openstack-core-clone',
first_action => 'start',
second_action => 'start',
+ before => Pacemaker::Resource::Service[$::apache::params::service_name],
require => [Pacemaker::Resource::Service['haproxy'],
Pacemaker::Resource::Ocf['openstack-core']],
}
@@ -79,6 +78,7 @@ class tripleo::profile::pacemaker::keystone (
second_resource => 'openstack-core-clone',
first_action => 'start',
second_action => 'start',
+ before => Pacemaker::Resource::Service[$::apache::params::service_name],
require => [Pacemaker::Resource::Ocf['rabbitmq'],
Pacemaker::Resource::Ocf['openstack-core']],
}
diff --git a/manifests/profile/pacemaker/manila.pp b/manifests/profile/pacemaker/manila.pp
new file mode 100644
index 0000000..37cab9f
--- /dev/null
+++ b/manifests/profile/pacemaker/manila.pp
@@ -0,0 +1,162 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::manila
+#
+# Manila Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*manila_generic_enable*]
+# (Optional) Enable the generic backend.
+# Defaults to hiera('manila_generic_enable_backend', 'false')
+#
+# [*driver_handles_share_servers*]
+# (Optional)
+# Defaults to hiera('manila::backend::generic::driver_handles_share_servers')
+#
+# [*smb_template_config_path*]
+# (Optional)
+# Defaults to hiera('manila::backend::generic::smb_template_config_path')
+#
+# [*volume_name_template*]
+# (Optional)
+# Defaults to hiera('manila::backend::generic::volume_name_template')
+
+# [*volume_snapshot_name_template*]
+# (Optional)
+# Defaults to hiera('manila::backend::generic::volume_snapshot_name_template')
+#
+# [*share_mount_path*]
+# (Optional)
+# Defaults to hiera('manila::backend::generic::share_mount_path')
+#
+# [*max_time_to_create_volume*]
+# (Optional)
+# Defaults to hiera('manila::backend::generic::max_time_to_create_volume')
+#
+# [*max_time_to_attach*]
+# (Optional)
+# Defaults to hiera('manila::backend::generic::max_time_to_attach')
+#
+# [*service_instance_smb_config_path*]
+# (Optional)
+# Defaults to downcase(hiera('manila::backend::generic::service_instance_smb_config_path'))
+#
+# [*share_volume_fstype*]
+# (Optional)
+# Defaults to hiera('manila::backend::generic::share_volume_fstype')
+#
+# [*cinder_volume_type*]
+# (Optional)
+# Defaults to hiera('manila::backend::generic::cinder_volume_type', '')
+#
+# [*service_instance_user*]
+# (Optional)
+# Defaults to hiera('manila::service_instance::service_instance_user')
+
+# [*service_instance_password*]
+# (Optional)
+# Defaults to hiera('manila::service_instance::service_instance_password')
+
+# [*service_instance_flavor_id*]
+# (Optional)
+# Defaults to hiera('manila::service_instance::service_instance_flavor_id')
+#
+class tripleo::profile::pacemaker::manila (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+ $manila_generic_enable = hiera('manila_generic_enable_backend', false),
+ $driver_handles_share_servers = hiera('manila::backend::generic::driver_handles_share_servers'),
+ $smb_template_config_path = hiera('manila::backend::generic::smb_template_config_path'),
+ $volume_name_template = hiera('manila::backend::generic::volume_name_template'),
+ $volume_snapshot_name_template = hiera('manila::backend::generic::volume_snapshot_name_template'),
+ $share_mount_path = hiera('manila::backend::generic::share_mount_path'),
+ $max_time_to_create_volume = hiera('manila::backend::generic::max_time_to_create_volume'),
+ $max_time_to_attach = hiera('manila::backend::generic::max_time_to_attach'),
+ $service_instance_smb_config_path = hiera('manila::backend::generic::service_instance_smb_config_path'),
+ $share_volume_fstype = hiera('manila::backend::generic::share_volume_fstype'),
+ $cinder_volume_type = hiera('manila::backend::generic::cinder_volume_type', ''),
+ $service_instance_user = hiera('manila::service_instance::service_instance_user'),
+ $service_instance_password = hiera('manila::service_instance::service_instance_password'),
+ $service_instance_flavor_id = hiera('manila::service_instance::service_instance_flavor_id'),
+) {
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ # make it so puppet can't restart the manila-share service, since that is
+ # the only pacemaker managed one
+ Service <| tag == 'manila-share' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ if $step >= 4 {
+ include ::tripleo::profile::base::manila::api
+ include ::tripleo::profile::base::manila::scheduler
+ include ::tripleo::profile::base::manila::share
+
+ $manila_generic_enable = hiera('manila_generic_enable_backend', false)
+ if $manila_generic_enable {
+ $manila_generic_backend = hiera('manila::backend::generic::title')
+ manila::backend::generic { $manila_generic_backend :
+ driver_handles_share_servers => $driver_handles_share_servers,
+ smb_template_config_path => $smb_template_config_path,
+ volume_name_template => $volume_name_template ,
+ volume_snapshot_name_template => $volume_snapshot_name_template,
+ share_mount_path => $share_mount_path,
+ max_time_to_create_volume => $max_time_to_create_volume,
+ max_time_to_attach => $max_time_to_attach,
+ service_instance_smb_config_path => $service_instance_smb_config_path,
+ share_volume_fstype => $share_volume_fstype,
+ cinder_volume_type => $cinder_volume_type,
+ }
+
+ manila_config {
+ "${manila_generic_backend}/service_instance_user": value => $service_instance_user;
+ "${manila_generic_backend}/service_instance_password": value => $service_instance_password;
+ "${manila_generic_backend}/service_instance_flavor_id": value => $service_instance_flavor_id;
+ }
+
+ include ::manila::volume::cinder
+ }
+
+ $manila_enabled_backends = delete_undef_values([$manila_generic_backend])
+ class { '::manila::backends' :
+ enabled_share_backends => $manila_enabled_backends,
+ }
+ }
+
+ if $step >= 5 and $pacemaker_master {
+
+ # only manila-share is pacemaker managed, and in a/p
+ pacemaker::resource::service { $::manila::params::share_service : }
+
+ }
+}
diff --git a/manifests/profile/pacemaker/memcached.pp b/manifests/profile/pacemaker/memcached.pp
new file mode 100644
index 0000000..09af5d6
--- /dev/null
+++ b/manifests/profile/pacemaker/memcached.pp
@@ -0,0 +1,61 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::memcached
+#
+# Memcached Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::memcached (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ include ::tripleo::profile::base::memcached
+
+ if $step >= 2 and $pacemaker_master {
+ pacemaker::resource::service { $::memcached::params::service_name :
+ clone_params => 'interleave=true',
+ require => Class['::memcached'],
+ }
+ }
+
+ if $step >= 5 and $pacemaker_master {
+ pacemaker::constraint::base { 'memcached-then-openstack-core-constraint':
+ constraint_type => 'order',
+ first_resource => 'memcached-clone',
+ second_resource => 'openstack-core-clone',
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service['memcached'],
+ Pacemaker::Resource::Ocf['openstack-core']],
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/neutron.pp b/manifests/profile/pacemaker/neutron.pp
new file mode 100644
index 0000000..fff731d
--- /dev/null
+++ b/manifests/profile/pacemaker/neutron.pp
@@ -0,0 +1,187 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::neutron
+#
+# Neutron server profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The step in the deployment
+# Defaults to hiera('step')
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+# [*enable_l3*]
+# (Optional) Whether to include the Neutron L3 agent pacemaker profile
+# Defaults to hiera('neutron::enable_l3_agent', false)
+#
+# [*enable_dhcp*]
+# (Optional) Whether to include the Neutron DHCP agent pacemaker profile
+# Defaults to hiera('neutron::enable_dhcp_agent', false)
+#
+# [*enable_metadata*]
+# (Optional) Whether to include the Neutron Metadata agent pacemaker profile
+# Defaults to hiera('neutron::enable_metadata_agent', false)
+#
+# [*enable_ovs*]
+# (Optional) Whether to include the Neutron OVS agent pacemaker profile
+# Defaults to hiera('neutron::enable_ovs_agent', false)
+#
+class tripleo::profile::pacemaker::neutron (
+ $step = hiera('step'),
+ $pacemaker_master = hiera('bootstrap_nodeid', undef),
+ # We can drop the hiera defaults once the neutron roles are decomposed
+ $enable_l3 = hiera('neutron::enable_l3_agent', false),
+ $enable_dhcp = hiera('neutron::enable_dhcp_agent', false),
+ $enable_metadata = hiera('neutron::enable_metadata_agent', false),
+ $enable_ovs = hiera('neutron::enable_ovs_agent', false),
+) {
+
+ Service <|
+ tag == 'neutron-service'
+ |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ class { '::tripleo::profile::base::neutron':
+ sync_db => ($::hostname == downcase($pacemaker_master)),
+ }
+
+ if $step >= 4 {
+ include ::neutron::params
+
+ # To be removed when puppet-oslo comes into service
+ neutron_config {
+ 'DEFAULT/notification_driver': value => 'messaging';
+ }
+ }
+
+ if $step >= 5 and $pacemaker_master == downcase($::hostname) {
+ if $step == 5 {
+ # Neutron
+ # NOTE(gfidente): Neutron will try to populate the database with some data
+ # as soon as neutron-server is started; to avoid races we want to make this
+ # happen only on one node, before normal Pacemaker initialization
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1233061
+ # NOTE(emilien): we need to run this Exec only at Step 4 otherwise this exec
+ # will try to start the service while it's already started by Pacemaker
+ # It would result to a deployment failure since systemd would return 1 to Puppet
+ # and the overcloud would fail to deploy (6 would be returned).
+ # This conditional prevents from a race condition during the deployment.
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1290582
+ exec { 'neutron-server-systemd-start-sleep' :
+ command => 'systemctl start neutron-server && /usr/bin/sleep 5',
+ path => '/usr/bin',
+ unless => '/sbin/pcs resource show neutron-server',
+ } ->
+ pacemaker::resource::service { $::neutron::params::server_service:
+ clone_params => 'interleave=true',
+ require => Pacemaker::Resource::Ocf['openstack-core']
+ }
+ } else {
+ pacemaker::resource::service { $::neutron::params::server_service:
+ clone_params => 'interleave=true',
+ require => Pacemaker::Resource::Ocf['openstack-core']
+ }
+ }
+
+ pacemaker::constraint::base { 'keystone-to-neutron-server-constraint':
+ constraint_type => 'order',
+ first_resource => 'openstack-core-clone',
+ second_resource => "${::neutron::params::server_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Ocf['openstack-core'],
+ Pacemaker::Resource::Service[$::neutron::params::server_service]],
+ }
+
+ if $enable_ovs {
+ pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint':
+ constraint_type => 'order',
+ first_resource => "${::neutron::params::ovs_agent_service}-clone",
+ second_resource => "${::neutron::params::dhcp_agent_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service],
+ Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
+ }
+ }
+
+ if $enable_dhcp and $enable_ovs {
+ pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint':
+ constraint_type => 'order',
+ first_resource => "${::neutron::params::server_service}-clone",
+ second_resource => "${::neutron::params::ovs_agent_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
+ Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
+ }
+
+ pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation':
+ source => "${::neutron::params::dhcp_agent_service}-clone",
+ target => "${::neutron::params::ovs_agent_service}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service],
+ Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
+ }
+ }
+
+ if $enable_dhcp and $enable_l3 {
+ pacemaker::constraint::base { 'neutron-dhcp-agent-to-l3-agent-constraint':
+ constraint_type => 'order',
+ first_resource => "${::neutron::params::dhcp_agent_service}-clone",
+ second_resource => "${::neutron::params::l3_agent_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
+ Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]]
+ }
+
+ pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-l3-agent-colocation':
+ source => "${::neutron::params::l3_agent_service}-clone",
+ target => "${::neutron::params::dhcp_agent_service}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
+ Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]]
+ }
+ }
+
+ if $enable_l3 and $enable_metadata {
+ pacemaker::constraint::base { 'neutron-l3-agent-to-metadata-agent-constraint':
+ constraint_type => 'order',
+ first_resource => "${::neutron::params::l3_agent_service}-clone",
+ second_resource => "${::neutron::params::metadata_agent_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service],
+ Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]]
+ }
+ pacemaker::constraint::colocation { 'neutron-l3-agent-to-metadata-agent-colocation':
+ source => "${::neutron::params::metadata_agent_service}-clone",
+ target => "${::neutron::params::l3_agent_service}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service],
+ Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]]
+ }
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/neutron/dhcp.pp b/manifests/profile/pacemaker/neutron/dhcp.pp
new file mode 100644
index 0000000..d738f21
--- /dev/null
+++ b/manifests/profile/pacemaker/neutron/dhcp.pp
@@ -0,0 +1,44 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::neutron::dhcp
+#
+# Neutron DHCP Agent server profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+class tripleo::profile::pacemaker::neutron::dhcp (
+ $step = hiera('step'),
+ $pacemaker_master = hiera('bootstrap_nodeid', undef),
+) {
+
+ include ::neutron::params
+ include ::tripleo::profile::pacemaker::neutron
+ include ::tripleo::profile::base::neutron::dhcp
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ pacemaker::resource::service { $::neutron::params::dhcp_agent_service:
+ clone_params => 'interleave=true',
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/neutron/l3.pp b/manifests/profile/pacemaker/neutron/l3.pp
new file mode 100644
index 0000000..fec4af2
--- /dev/null
+++ b/manifests/profile/pacemaker/neutron/l3.pp
@@ -0,0 +1,44 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::neutron::l3
+#
+# Neutron L3 Agent server profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+class tripleo::profile::pacemaker::neutron::l3 (
+ $step = hiera('step'),
+ $pacemaker_master = hiera('bootstrap_nodeid', undef),
+) {
+
+ include ::neutron::params
+ include ::tripleo::profile::pacemaker::neutron
+ include ::tripleo::profile::base::neutron::l3
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ pacemaker::resource::service { $::neutron::params::l3_agent_service:
+ clone_params => 'interleave=true',
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/neutron/metadata.pp b/manifests/profile/pacemaker/neutron/metadata.pp
new file mode 100644
index 0000000..4fccea2
--- /dev/null
+++ b/manifests/profile/pacemaker/neutron/metadata.pp
@@ -0,0 +1,44 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::neutron::metadata
+#
+# Neutron Metadata Agent server profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+class tripleo::profile::pacemaker::neutron::metadata (
+ $step = hiera('step'),
+ $pacemaker_master = hiera('bootstrap_nodeid', undef),
+) {
+
+ include ::neutron::params
+ include ::tripleo::profile::pacemaker::neutron
+ include ::tripleo::profile::base::neutron::metadata
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ pacemaker::resource::service { $::neutron::params::metadata_agent_service:
+ clone_params => 'interleave=true',
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/neutron/midonet.pp b/manifests/profile/pacemaker/neutron/midonet.pp
new file mode 100644
index 0000000..9d380f0
--- /dev/null
+++ b/manifests/profile/pacemaker/neutron/midonet.pp
@@ -0,0 +1,80 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::neutron::midonet
+#
+# Neutron Midonet driver Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+class tripleo::profile::pacemaker::neutron::midonet (
+ $step = hiera('step'),
+ $pacemaker_master = hiera('bootstrap_nodeid', undef),
+) {
+ include ::neutron::params
+ include ::tripleo::profile::pacemaker::neutron
+ include ::tripleo::profile::base::neutron::midonet
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+
+ pacemaker::resource::service {'tomcat':
+ clone_params => 'interleave=true',
+ }
+
+ #midonet-chain chain keystone-->neutron-server-->dhcp-->metadata->tomcat
+ pacemaker::constraint::base { 'neutron-server-to-dhcp-agent-constraint':
+ constraint_type => 'order',
+ first_resource => "${::neutron::params::server_service}-clone",
+ second_resource => "${::neutron::params::dhcp_agent_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
+ Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
+ }
+ pacemaker::constraint::base { 'neutron-dhcp-agent-to-metadata-agent-constraint':
+ constraint_type => 'order',
+ first_resource => "${::neutron::params::dhcp_agent_service}-clone",
+ second_resource => "${::neutron::params::metadata_agent_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
+ Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]],
+ }
+ pacemaker::constraint::base { 'neutron-metadata-agent-to-tomcat-constraint':
+ constraint_type => 'order',
+ first_resource => "${::neutron::params::metadata_agent_service}-clone",
+ second_resource => 'tomcat-clone',
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service],
+ Pacemaker::Resource::Service['tomcat']],
+ }
+ pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-metadata-agent-colocation':
+ source => "${::neutron::params::metadata_agent_service}-clone",
+ target => "${::neutron::params::dhcp_agent_service}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
+ Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]],
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/neutron/ovs.pp b/manifests/profile/pacemaker/neutron/ovs.pp
new file mode 100644
index 0000000..a330de1
--- /dev/null
+++ b/manifests/profile/pacemaker/neutron/ovs.pp
@@ -0,0 +1,88 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::neutron::ovs
+#
+# Neutron OVS Agent Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+class tripleo::profile::pacemaker::neutron::ovs (
+ $step = hiera('step'),
+ $pacemaker_master = hiera('bootstrap_nodeid', undef),
+) {
+
+ include ::neutron::params
+ include ::tripleo::profile::pacemaker::neutron
+ include ::tripleo::profile::base::neutron::ovs
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+
+ pacemaker::resource::service { $::neutron::params::ovs_agent_service:
+ clone_params => 'interleave=true',
+ }
+
+ pacemaker::resource::ocf { $::neutron::params::ovs_cleanup_service:
+ ocf_agent_name => 'neutron:OVSCleanup',
+ clone_params => 'interleave=true',
+ }
+ pacemaker::resource::ocf { 'neutron-netns-cleanup':
+ ocf_agent_name => 'neutron:NetnsCleanup',
+ clone_params => 'interleave=true',
+ }
+
+ # neutron - one chain ovs-cleanup-->netns-cleanup-->ovs-agent
+ pacemaker::constraint::base { 'neutron-ovs-cleanup-to-netns-cleanup-constraint':
+ constraint_type => 'order',
+ first_resource => "${::neutron::params::ovs_cleanup_service}-clone",
+ second_resource => 'neutron-netns-cleanup-clone',
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service],
+ Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
+ }
+ pacemaker::constraint::colocation { 'neutron-ovs-cleanup-to-netns-cleanup-colocation':
+ source => 'neutron-netns-cleanup-clone',
+ target => "${::neutron::params::ovs_cleanup_service}-clone",
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Ocf[$::neutron::params::ovs_cleanup_service],
+ Pacemaker::Resource::Ocf['neutron-netns-cleanup']],
+ }
+ pacemaker::constraint::base { 'neutron-netns-cleanup-to-openvswitch-agent-constraint':
+ constraint_type => 'order',
+ first_resource => 'neutron-netns-cleanup-clone',
+ second_resource => "${::neutron::params::ovs_agent_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'],
+ Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
+ }
+ pacemaker::constraint::colocation { 'neutron-netns-cleanup-to-openvswitch-agent-colocation':
+ source => "${::neutron::params::ovs_agent_service}-clone",
+ target => 'neutron-netns-cleanup-clone',
+ score => 'INFINITY',
+ require => [Pacemaker::Resource::Ocf['neutron-netns-cleanup'],
+ Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/neutron/plugins/ml2.pp b/manifests/profile/pacemaker/neutron/plugins/ml2.pp
new file mode 100644
index 0000000..6c9d8b1
--- /dev/null
+++ b/manifests/profile/pacemaker/neutron/plugins/ml2.pp
@@ -0,0 +1,36 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::neutron::plugins::ml2
+#
+# Neutron ML2 driver Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+class tripleo::profile::pacemaker::neutron::plugins::ml2 (
+ $pacemaker_master = hiera('bootstrap_nodeid', undef),
+) {
+
+ include ::neutron::params
+ include ::tripleo::profile::pacemaker::neutron
+
+ class { '::tripleo::profile::base::neutron::plugins::ml2':
+ sync_db => ($::hostname == downcase($pacemaker_master))
+ }
+
+}
diff --git a/manifests/profile/pacemaker/neutron/plugins/nuage.pp b/manifests/profile/pacemaker/neutron/plugins/nuage.pp
new file mode 100644
index 0000000..ea40d38
--- /dev/null
+++ b/manifests/profile/pacemaker/neutron/plugins/nuage.pp
@@ -0,0 +1,33 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::neutron::plugins::nuage
+#
+# Nuage Neutron profile for tripleo pacemaker
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+class tripleo::profile::pacemaker::neutron::plugins::nuage (
+ $pacemaker_master = hiera('bootstrap_nodeid', undef),
+) {
+
+ class { '::tripleo::profile::base::neutron::plugins::nuage':
+ sync_db => ($::hostname == downcase($pacemaker_master))
+ }
+
+}
diff --git a/manifests/profile/pacemaker/neutron/plugins/opencontrail.pp b/manifests/profile/pacemaker/neutron/plugins/opencontrail.pp
new file mode 100644
index 0000000..8db3cb2
--- /dev/null
+++ b/manifests/profile/pacemaker/neutron/plugins/opencontrail.pp
@@ -0,0 +1,33 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::neutron::plugins::opencontrail
+#
+# Opencontrail Neutron profile for tripleo pacemaker
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+class tripleo::profile::pacemaker::neutron::plugins::opencontrail (
+ $pacemaker_master = hiera('bootstrap_nodeid', undef),
+) {
+
+ class { '::tripleo::profile::base::neutron::plugins::opencontrail':
+ sync_db => ($::hostname == downcase($pacemaker_master))
+ }
+
+}
diff --git a/manifests/profile/pacemaker/neutron/plugins/plumgrid.pp b/manifests/profile/pacemaker/neutron/plugins/plumgrid.pp
new file mode 100644
index 0000000..57f9e31
--- /dev/null
+++ b/manifests/profile/pacemaker/neutron/plugins/plumgrid.pp
@@ -0,0 +1,33 @@
+# Copyright 2016 PLUMgrid, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::neutron::plugins::plumgrid
+#
+# PLUMgrid Neutron profile for tripleo pacemaker
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+class tripleo::profile::pacemaker::neutron::plugins::plumgrid (
+ $pacemaker_master = hiera('bootstrap_nodeid', undef),
+) {
+
+ class { '::tripleo::profile::base::neutron::plugins::plumgrid':
+ sync_db => ($::hostname == downcase($pacemaker_master))
+ }
+
+}
diff --git a/manifests/profile/pacemaker/neutron/server.pp b/manifests/profile/pacemaker/neutron/server.pp
new file mode 100644
index 0000000..acd7993
--- /dev/null
+++ b/manifests/profile/pacemaker/neutron/server.pp
@@ -0,0 +1,48 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::neutron::server
+#
+# Neutron Server Pacemaker profile for tripleo
+#
+# === Parameters
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid', undef)
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::neutron::server (
+ $pacemaker_master = hiera('bootstrap_nodeid', undef),
+ $step = hiera('step'),
+) {
+
+ include ::neutron::params
+ include ::tripleo::profile::pacemaker::neutron
+
+ $sync_db = ($::hostname == downcase($pacemaker_master))
+ if $step >= 3 and $sync_db {
+ include ::neutron::db::mysql
+ }
+
+ if $step >= 4 or ( $step >= 3 and $sync_db ) {
+ include ::neutron::server::notifications
+ include ::neutron::server
+ }
+
+}
diff --git a/manifests/profile/pacemaker/nova.pp b/manifests/profile/pacemaker/nova.pp
new file mode 100644
index 0000000..13c6128
--- /dev/null
+++ b/manifests/profile/pacemaker/nova.pp
@@ -0,0 +1,31 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::nova
+#
+# Nova base with Pacemaker profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The step in the deployment
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::nova (
+ $step = hiera('step'),
+) {
+
+ include ::tripleo::profile::base::nova
+
+}
diff --git a/manifests/profile/pacemaker/nova/api.pp b/manifests/profile/pacemaker/nova/api.pp
new file mode 100644
index 0000000..30ab733
--- /dev/null
+++ b/manifests/profile/pacemaker/nova/api.pp
@@ -0,0 +1,55 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::nova::api
+#
+# Nova API with Pacemaker profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to downcase(hiera('bootstrap_nodeid'))
+#
+class tripleo::profile::pacemaker::nova::api (
+ $step = hiera('step'),
+ $pacemaker_master = downcase(hiera('bootstrap_nodeid')),
+) {
+
+ include ::nova::params
+ include ::tripleo::profile::pacemaker::nova
+
+ Service<| title == 'nova-api' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ class { '::tripleo::profile::base::nova::api':
+ sync_db => (downcase($::hostname) == $pacemaker_master),
+ }
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ pacemaker::resource::service { $::nova::params::api_service_name:
+ clone_params => 'interleave=true',
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/nova/conductor.pp b/manifests/profile/pacemaker/nova/conductor.pp
new file mode 100644
index 0000000..495c92e
--- /dev/null
+++ b/manifests/profile/pacemaker/nova/conductor.pp
@@ -0,0 +1,52 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::nova::conductor
+#
+# Nova Conductor with Pacemaker profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid')
+#
+class tripleo::profile::pacemaker::nova::conductor (
+ $step = hiera('step'),
+ $pacemaker_master = hiera('bootstrap_nodeid'),
+) {
+
+ include ::nova::params
+ include ::tripleo::profile::pacemaker::nova
+ include ::tripleo::profile::base::nova::conductor
+
+ Service<| title == 'nova-conductor' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ pacemaker::resource::service { $::nova::params::conductor_service_name:
+ clone_params => 'interleave=true',
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/nova/consoleauth.pp b/manifests/profile/pacemaker/nova/consoleauth.pp
new file mode 100644
index 0000000..fb9428a
--- /dev/null
+++ b/manifests/profile/pacemaker/nova/consoleauth.pp
@@ -0,0 +1,52 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::nova::consoleauth
+#
+# Nova Consoleauth with Pacemaker profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid')
+#
+class tripleo::profile::pacemaker::nova::consoleauth (
+ $step = hiera('step'),
+ $pacemaker_master = hiera('bootstrap_nodeid'),
+) {
+
+ include ::nova::params
+ include ::tripleo::profile::pacemaker::nova
+ include ::tripleo::profile::base::nova::consoleauth
+
+ Service<| title == 'nova-consoleauth' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ pacemaker::resource::service { $::nova::params::consoleauth_service_name:
+ clone_params => 'interleave=true',
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/nova/scheduler.pp b/manifests/profile/pacemaker/nova/scheduler.pp
new file mode 100644
index 0000000..9e78c30
--- /dev/null
+++ b/manifests/profile/pacemaker/nova/scheduler.pp
@@ -0,0 +1,52 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::nova::scheduler
+#
+# Nova Scheduler with Pacemaker profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid')
+#
+class tripleo::profile::pacemaker::nova::scheduler (
+ $step = hiera('step'),
+ $pacemaker_master = hiera('bootstrap_nodeid'),
+) {
+
+ include ::nova::params
+ include ::tripleo::profile::pacemaker::nova
+ include ::tripleo::profile::base::nova::scheduler
+
+ Service<| title == 'nova-scheduler' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ pacemaker::resource::service { $::nova::params::scheduler_service_name:
+ clone_params => 'interleave=true',
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/nova/vncproxy.pp b/manifests/profile/pacemaker/nova/vncproxy.pp
new file mode 100644
index 0000000..ec71ca7
--- /dev/null
+++ b/manifests/profile/pacemaker/nova/vncproxy.pp
@@ -0,0 +1,52 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::nova::vncproxy
+#
+# Nova vncproxy with Pacemaker profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*pacemaker_master*]
+# (Optional) The hostname of the pacemaker master
+# Defaults to hiera('bootstrap_nodeid')
+#
+class tripleo::profile::pacemaker::nova::vncproxy (
+ $step = hiera('step'),
+ $pacemaker_master = hiera('bootstrap_nodeid'),
+) {
+
+ include ::nova::params
+ include ::tripleo::profile::pacemaker::nova
+ include ::tripleo::profile::base::nova::vncproxy
+
+ Service<| title == 'nova-vncproxy' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ if $step >= 5 and downcase($::hostname) == $pacemaker_master {
+ pacemaker::resource::service { $::nova::params::vncproxy_service_name:
+ clone_params => 'interleave=true',
+ }
+ }
+
+}
diff --git a/manifests/profile/pacemaker/rabbitmq.pp b/manifests/profile/pacemaker/rabbitmq.pp
new file mode 100644
index 0000000..efb91b5
--- /dev/null
+++ b/manifests/profile/pacemaker/rabbitmq.pp
@@ -0,0 +1,67 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::rabbitmq
+#
+# RabbitMQ Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+# [*erlang_cookie*]
+# (Optional) Content of erlang cookie.
+# Defaults to hiera('rabbitmq::erlang_cookie').
+#
+class tripleo::profile::pacemaker::rabbitmq (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+ $erlang_cookie = hiera('rabbitmq::erlang_cookie'),
+) {
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ include ::tripleo::profile::base::rabbitmq
+
+ file { '/var/lib/rabbitmq/.erlang.cookie':
+ ensure => file,
+ owner => 'rabbitmq',
+ group => 'rabbitmq',
+ mode => '0400',
+ content => $erlang_cookie,
+ replace => true,
+ require => Class['::rabbitmq'],
+ }
+
+ if $step >= 2 and $pacemaker_master {
+ pacemaker::resource::ocf { 'rabbitmq':
+ ocf_agent_name => 'heartbeat:rabbitmq-cluster',
+ resource_params => 'set_policy=\'ha-all ^(?!amq\.).* {"ha-mode":"all"}\'',
+ clone_params => 'ordered=true interleave=true',
+ meta_params => 'notify=true',
+ require => Class['::rabbitmq'],
+ }
+ }
+}
diff --git a/manifests/profile/pacemaker/sahara.pp b/manifests/profile/pacemaker/sahara.pp
new file mode 100644
index 0000000..04b4edf
--- /dev/null
+++ b/manifests/profile/pacemaker/sahara.pp
@@ -0,0 +1,81 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::pacemaker::sahara
+#
+# Sahara Pacemaker HA profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::pacemaker::sahara (
+ $bootstrap_node = hiera('bootstrap_nodeid'),
+ $step = hiera('step'),
+) {
+
+ Service <| tag == 'sahara-service' |> {
+ hasrestart => true,
+ restart => '/bin/true',
+ start => '/bin/true',
+ stop => '/bin/true',
+ }
+
+ if $::hostname == downcase($bootstrap_node) {
+ $pacemaker_master = true
+ } else {
+ $pacemaker_master = false
+ }
+
+ include ::tripleo::profile::base::sahara-api
+ class { '::tripleo::profile::base::sahara-engine':
+ sync_db => $pacemaker_master,
+ }
+
+ if $step >= 5 and $pacemaker_master {
+ # Sahara
+ pacemaker::resource::service { $::sahara::params::api_service_name :
+ clone_params => 'interleave=true',
+ require => Pacemaker::Resource::Ocf['openstack-core'],
+ }
+ pacemaker::resource::service { $::sahara::params::engine_service_name :
+ clone_params => 'interleave=true',
+ }
+ pacemaker::constraint::base { 'keystone-then-sahara-api-constraint':
+ constraint_type => 'order',
+ first_resource => 'openstack-core-clone',
+ second_resource => "${::sahara::params::api_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name],
+ Pacemaker::Resource::Ocf['openstack-core']],
+ }
+ pacemaker::constraint::base { 'sahara-api-then-sahara-engine-constraint':
+ constraint_type => 'order',
+ first_resource => "${::sahara::params::api_service_name}-clone",
+ second_resource => "${::sahara::params::engine_service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name],
+ Pacemaker::Resource::Service[$::sahara::params::engine_service_name]],
+ }
+ }
+}
diff --git a/manifests/selinux.pp b/manifests/selinux.pp
new file mode 100644
index 0000000..c5d13e2
--- /dev/null
+++ b/manifests/selinux.pp
@@ -0,0 +1,96 @@
+#
+# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::selinux
+#
+# Helper class to configure SELinux on nodes
+#
+# === Parameters:
+#
+# [*mode*]
+# (optional) SELinux mode the system should be in
+# Defaults to 'enforcing'
+# Possible values : disabled, permissive, enforcing
+#
+# [*directory*]
+# (optional) Path where to find the SELinux modules
+# Defaults to '/usr/share/selinux'
+#
+# [*booleans*]
+# (optional) Set of booleans to persistently enables
+# SELinux booleans are the one getsebool -a returns
+# Defaults []
+# Example: ['rsync_full_access', 'haproxy_connect_any']
+#
+# [*modules*]
+# (optional) Set of modules to load on the system
+# Defaults []
+# Example: ['module1', 'module2']
+# Note: Those module should be in the $directory path
+#
+class tripleo::selinux (
+ $mode = 'enforcing',
+ $directory = '/usr/share/selinux/',
+ $booleans = [],
+ $modules = [],
+) {
+
+ if $::osfamily != 'RedHat' {
+ fail("OS family unsuppored yet (${::osfamily}), SELinux support is only limited to RedHat family OS")
+ }
+
+ Selboolean {
+ persistent => true,
+ value => 'on',
+ }
+
+ Selmodule {
+ ensure => present,
+ selmoduledir => $directory,
+ }
+
+ file { '/etc/selinux/config':
+ ensure => present,
+ mode => '0444',
+ content => template('tripleo/selinux/sysconfig_selinux.erb')
+ }
+
+ $current_mode = $::selinux? {
+ false => 'disabled',
+ default => $::selinux_current_mode,
+ }
+
+ if $current_mode != $mode {
+ case $mode {
+ /^(disabled|permissive)$/: {
+ if $current_mode == 'enforcing' {
+ exec { '/sbin/setenforce 0': }
+ }
+ }
+ 'enforcing': {
+ exec { '/sbin/setenforce 1': }
+ }
+ default: {
+ fail('You must specify a mode (enforcing, permissive, or disabled)')
+ }
+ }
+ }
+
+ selboolean { $booleans :
+ persistent => true,
+ }
+ selmodule { $modules: }
+
+}
diff --git a/metadata.json b/metadata.json
new file mode 100644
index 0000000..457f86e
--- /dev/null
+++ b/metadata.json
@@ -0,0 +1,28 @@
+{
+ "name": "openstack-tripleo",
+ "version": "1.0.0",
+ "author": "OpenStack Contributors",
+ "summary": "Puppet module for TripleO",
+ "license": "Apache-2.0",
+ "source": "git://github.com/openstack/puppet-tripleo.git",
+ "project_page": "https://launchpad.net/puppet-tripleo",
+ "issues_url": "https://bugs.launchpad.net/puppet-tripleo",
+ "description": "Installs and configures Tripleo.",
+ "requirements": [
+ { "name": "pe","version_requirement": "3.x" },
+ { "name": "puppet","version_requirement": "3.x" }
+ ],
+ "operatingsystem_support": [
+ {
+ "operatingsystem": "Fedora",
+ "operatingsystemrelease": ["20"]
+ },
+ {
+ "operatingsystem": "RedHat",
+ "operatingsystemrelease": ["7"]
+ }
+ ],
+ "dependencies": [
+ { "name": "puppetlabs/stdlib", "version_requirement": ">= 3.2.0 < 5.0.0" }
+ ]
+}
diff --git a/spec/classes/tripleo_firewall_spec.rb b/spec/classes/tripleo_firewall_spec.rb
index aa5d1d7..27ac62a 100644
--- a/spec/classes/tripleo_firewall_spec.rb
+++ b/spec/classes/tripleo_firewall_spec.rb
@@ -51,7 +51,7 @@ describe 'tripleo::firewall' do
:state => ['NEW'],
)
is_expected.to contain_firewall('003 accept ssh').with(
- :port => '22',
+ :dport => '22',
:proto => 'tcp',
:action => 'accept',
:state => ['NEW'],
@@ -74,7 +74,9 @@ describe 'tripleo::firewall' do
:firewall_rules => {
'300 add custom application 1' => {'port' => '999', 'proto' => 'udp', 'action' => 'accept'},
'301 add custom application 2' => {'port' => '8081', 'proto' => 'tcp', 'action' => 'accept'},
- '302 fwd custom cidr 1' => {'chain' => 'FORWARD', 'destination' => '192.0.2.0/24'}
+ '302 fwd custom cidr 1' => {'chain' => 'FORWARD', 'destination' => '192.0.2.0/24'},
+ '303 add custom application 3' => {'dport' => '8081', 'proto' => 'tcp', 'action' => 'accept'},
+ '304 add custom application 4' => {'sport' => '1000', 'proto' => 'tcp', 'action' => 'accept'}
}
)
end
@@ -95,6 +97,18 @@ describe 'tripleo::firewall' do
:chain => 'FORWARD',
:destination => '192.0.2.0/24',
)
+ is_expected.to contain_firewall('303 add custom application 3').with(
+ :dport => '8081',
+ :proto => 'tcp',
+ :action => 'accept',
+ :state => ['NEW'],
+ )
+ is_expected.to contain_firewall('304 add custom application 4').with(
+ :sport => '1000',
+ :proto => 'tcp',
+ :action => 'accept',
+ :state => ['NEW'],
+ )
end
end
diff --git a/spec/classes/tripleo_selinux_spec.rb b/spec/classes/tripleo_selinux_spec.rb
new file mode 100644
index 0000000..301006b
--- /dev/null
+++ b/spec/classes/tripleo_selinux_spec.rb
@@ -0,0 +1,106 @@
+# Copyright (C) 2014 eNovance SAS <licensing@enovance.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# Unit tests for tripleo::selinux
+#
+
+require 'spec_helper'
+
+describe 'tripleo::selinux' do
+
+ shared_examples_for 'manage selinux' do
+
+ context 'with selinux enforcing' do
+ before :each do
+ facts.merge!( :selinux_current_mode => 'enforcing' )
+ end
+
+ let :params do
+ { :mode => 'disabled',
+ :booleans => ['foo', 'bar'],
+ :modules => ['module1', 'module2'],
+ :directory => '/path/to/modules'}
+ end
+
+ it 'runs setenforce 0' do
+ is_expected.to contain_exec('/sbin/setenforce 0')
+ end
+
+ it 'enables the SELinux boolean' do
+ is_expected.to contain_selboolean('foo').with(
+ :persistent => true,
+ :value => 'on',
+ )
+ end
+
+ it 'enables the SELinux modules' do
+ is_expected.to contain_selmodule('module1').with(
+ :ensure => 'present',
+ :selmoduledir => '/path/to/modules',
+ )
+ end
+
+ end
+
+ context 'with selinux disabled' do
+ before :each do
+ facts.merge!( :selinux => 'false' )
+ end
+
+ let :params do
+ { :mode => 'enforcing',
+ :booleans => ['foo', 'bar'],
+ :modules => ['module1', 'module2'],
+ :directory => '/path/to/modules'}
+ end
+
+ it 'runs setenforce 1' do
+ is_expected.to contain_exec('/sbin/setenforce 1')
+ end
+
+ it 'enables the SELinux boolean' do
+ is_expected.to contain_selboolean('foo').with(
+ :persistent => true,
+ :value => 'on',
+ )
+ end
+
+ it 'enables the SELinux modules' do
+ is_expected.to contain_selmodule('module1').with(
+ :ensure => 'present',
+ :selmoduledir => '/path/to/modules',
+ )
+ end
+
+ end
+
+ end
+
+ context 'on Debian platforms' do
+ let :facts do
+ { :osfamily => 'Debian' }
+ end
+
+ it_raises 'a Puppet::Error', /OS family unsuppored yet \(Debian\), SELinux support is only limited to RedHat family OS/
+ end
+
+ context 'on RedHat platforms' do
+ let :facts do
+ { :osfamily => 'RedHat' }
+ end
+
+ it_configures 'manage selinux'
+ end
+
+end
diff --git a/spec/fixtures/hiera.yaml b/spec/fixtures/hiera.yaml
new file mode 100644
index 0000000..1dc3360
--- /dev/null
+++ b/spec/fixtures/hiera.yaml
@@ -0,0 +1,7 @@
+---
+:backends:
+ - yaml
+:yaml:
+ :datadir: './spec/fixtures/hieradata'
+:hierarchy:
+ - default
diff --git a/spec/fixtures/hieradata/default.yaml b/spec/fixtures/hieradata/default.yaml
new file mode 100644
index 0000000..0d0c944
--- /dev/null
+++ b/spec/fixtures/hieradata/default.yaml
@@ -0,0 +1,3 @@
+my_hash:
+ network: '127.0.0.1'
+not_hash: string
diff --git a/spec/functions/lookup_hiera_hash_spec.rb b/spec/functions/lookup_hiera_hash_spec.rb
new file mode 100644
index 0000000..ffaf8b5
--- /dev/null
+++ b/spec/functions/lookup_hiera_hash_spec.rb
@@ -0,0 +1,20 @@
+require 'spec_helper'
+require 'puppet'
+
+# puppet 4.0 call_function() has no visibility of 3.x functions and will fail anyway
+unless Puppet.version =~ /^4\.0/
+ describe 'lookup_hiera_hash' do
+ # working version
+ it { should run.with_params('my_hash', 'network').and_return('127.0.0.1') }
+ # raise if key does not exist
+ it { should run.with_params('my_hash', 'not_network').and_raise_error(Puppet::ParseError) }
+ # raise if hash value returned by hiera is not a hash
+ it { should run.with_params('not_hash', 'key').and_raise_error(Puppet::ParseError) }
+ # raise if arguments are not two
+ it { should run.with_params('hash', 'key', 'unexpected').and_raise_error(ArgumentError) }
+ it { should run.with_params('hash').and_raise_error(ArgumentError) }
+ # raise if arguments are not strings
+ it { should run.with_params({}, 'key').and_raise_error(Puppet::ParseError) }
+ it { should run.with_params('hash', true).and_raise_error(Puppet::ParseError) }
+ end
+end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 15d5eab..251160e 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -6,6 +6,7 @@ fixture_path = File.expand_path(File.join(__FILE__, '..', 'fixtures'))
RSpec.configure do |c|
c.alias_it_should_behave_like_to :it_configures, 'configures'
c.alias_it_should_behave_like_to :it_raises, 'raises'
+ c.hiera_config = File.join(fixture_path, 'hiera.yaml')
c.module_path = File.join(fixture_path, 'modules')
c.manifest_dir = File.join(fixture_path, 'manifests')
diff --git a/templates/selinux/sysconfig_selinux.erb b/templates/selinux/sysconfig_selinux.erb
new file mode 100644
index 0000000..dfb1e53
--- /dev/null
+++ b/templates/selinux/sysconfig_selinux.erb
@@ -0,0 +1,11 @@
+# This file controls the state of SELinux on the system.
+# SELINUX= can take one of these three values:
+# enforcing - SELinux security policy is enforced.
+# permissive - SELinux prints warnings instead of enforcing.
+# disabled - No SELinux policy is loaded.
+SELINUX=<%= @mode %>
+# SELINUXTYPE= can take one of these two values:
+# targeted - Targeted processes are protected,
+# minimum - Modification of targeted policy. Only selected processes are protected.
+# mls - Multi Level Security protection.
+SELINUXTYPE=targeted