diff options
-rw-r--r-- | Puppetfile_extras | 5 | ||||
-rw-r--r-- | manifests/haproxy.pp | 7 | ||||
-rw-r--r-- | manifests/profile/base/neutron/plugins/ml2/opendaylight.pp | 21 | ||||
-rw-r--r-- | manifests/profile/base/snmp.pp | 44 | ||||
-rw-r--r-- | manifests/profile/base/tuned.pp | 4 | ||||
-rw-r--r-- | manifests/profile/pacemaker/ovn_dbs_bundle.pp | 7 | ||||
-rw-r--r-- | manifests/profile/pacemaker/ovn_northd.pp | 6 | ||||
-rw-r--r-- | manifests/ui.pp | 5 | ||||
-rw-r--r-- | metadata.json | 2 | ||||
-rw-r--r-- | releasenotes/notes/disable-odl-port-status-117c1d9c2f3235e9.yaml | 6 | ||||
-rw-r--r-- | releasenotes/notes/haproxy_globals_override-7a573da1c8633f01.yaml | 5 | ||||
-rw-r--r-- | releasenotes/notes/snmdd_config-db21f3175967be4a.yaml | 11 | ||||
-rw-r--r-- | spec/classes/tripleo_profile_base_snmp_spec.rb | 83 | ||||
-rw-r--r-- | templates/ui/tripleo_ui_config.js.erb | 3 |
14 files changed, 174 insertions, 35 deletions
diff --git a/Puppetfile_extras b/Puppetfile_extras index 4bc9d3f..ce239c3 100644 --- a/Puppetfile_extras +++ b/Puppetfile_extras @@ -52,3 +52,8 @@ mod 'opendaylight', mod 'ssh', :git => 'https://github.com/saz/puppet-ssh', :ref => 'v3.0.1' + +mod 'snmp', + :git => 'https://github.com/razorsedge/puppet-snmp', + :ref => 'master' + diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp index e9b5b63..9206bb4 100644 --- a/manifests/haproxy.pp +++ b/manifests/haproxy.pp @@ -49,6 +49,10 @@ # The IPv4, IPv6 or filesystem socket path of the syslog server. # Defaults to '/dev/log' # +# [*haproxy_globals_override*] +# HAProxy global option we can append to the default base set in this class. +# If you enter an already existing key, it will override the default. +# # [*haproxy_daemon*] # Should haproxy run in daemon mode or not # Defaults to true @@ -573,6 +577,7 @@ class tripleo::haproxy ( $haproxy_listen_bind_param = [ 'transparent' ], $haproxy_member_options = [ 'check', 'inter 2000', 'rise 2', 'fall 5' ], $haproxy_log_address = '/dev/log', + $haproxy_globals_override = {}, $haproxy_daemon = true, $haproxy_socket_access_level = 'user', $haproxy_stats_user = 'admin', @@ -819,7 +824,7 @@ class tripleo::haproxy ( class { '::haproxy': service_manage => $haproxy_service_manage, - global_options => merge($haproxy_global_options, $haproxy_daemonize), + global_options => merge($haproxy_global_options, $haproxy_daemonize, $haproxy_globals_override), defaults_options => { 'mode' => 'tcp', 'log' => 'global', diff --git a/manifests/profile/base/neutron/plugins/ml2/opendaylight.pp b/manifests/profile/base/neutron/plugins/ml2/opendaylight.pp index c98f555..cb3e817 100644 --- a/manifests/profile/base/neutron/plugins/ml2/opendaylight.pp +++ b/manifests/profile/base/neutron/plugins/ml2/opendaylight.pp @@ -34,10 +34,6 @@ # (Optional) Virtual IP address for ODL Api Service # Defaults to hiera('opendaylight_api_vip') # -# [*odl_api_ips*] -# (Optional) List of OpenStack Controller IPs for ODL API -# Defaults to hiera('opendaylight_api_node_ips') -# # [*conn_proto*] # (Optional) Protocol to use to for ODL REST access # Defaults to hiera('opendaylight::nb_connection_protocol') @@ -52,7 +48,6 @@ class tripleo::profile::base::neutron::plugins::ml2::opendaylight ( $odl_username = hiera('opendaylight::username'), $odl_password = hiera('opendaylight::password'), $odl_url_ip = hiera('opendaylight_api_vip'), - $odl_api_ips = hiera('opendaylight_api_node_ips'), $conn_proto = hiera('opendaylight::nb_connection_protocol'), $step = Integer(hiera('step')), ) { @@ -60,24 +55,12 @@ class tripleo::profile::base::neutron::plugins::ml2::opendaylight ( if $step >= 4 { if ! $odl_url_ip { fail('OpenDaylight API VIP is Empty') } - $ml2_odl_params = { - 'odl_username' => $odl_username, - 'odl_password' => $odl_password, - 'odl_url' => "${conn_proto}://${odl_url_ip}:${odl_port}/controller/nb/v2/neutron", - } - - validate_array($odl_api_ips) - if size($odl_api_ips) > 2 { - $odl_features = 'False' - } else { - $odl_features = $::os_service_default - } - + # TODO(trozet) remove odl_features once ODL BZ: 9256, 9147 are fixed class { '::neutron::plugins::ml2::opendaylight': odl_username => $odl_username, odl_password => $odl_password, odl_url => "${conn_proto}://${odl_url_ip}:${odl_port}/controller/nb/v2/neutron", - odl_features => $odl_features; + odl_features => 'False'; } } } diff --git a/manifests/profile/base/snmp.pp b/manifests/profile/base/snmp.pp index ecef5ae..6c26e1c 100644 --- a/manifests/profile/base/snmp.pp +++ b/manifests/profile/base/snmp.pp @@ -18,6 +18,20 @@ # # === Parameters # +# [*snmpd_config*] +# An array of snmp config. +# Example: +# snmpd_config: +# - 'createUser ro_snmp_user MD5 "secrete"', +# - 'rouser ro_snmp_user' +# - 'proc neutron-server' +# - 'proc nova-api' +# Note: since we give total freedom to configure snmpd_config and don't +# verify the content, the user will have to ensure that the parameters +# related to user / password in the array, are the same given to +# THT via SnmpdReadonlyUserName and SnmpdReadonlyUserPassword. +# Defaults to undef. +# # [*snmpd_password*] # The SNMP password # Defaults to hiera('snmpd_readonly_user_password') @@ -32,6 +46,7 @@ # Defaults to hiera('step') # class tripleo::profile::base::snmp ( + $snmpd_config = undef, $snmpd_password = hiera('snmpd_readonly_user_password'), $snmpd_user = hiera('snmpd_readonly_user_name'), $step = Integer(hiera('step')), @@ -41,17 +56,24 @@ class tripleo::profile::base::snmp ( authtype => 'MD5', authpass => $snmpd_password, } - class { '::snmp': - snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']), - join(['rouser ', $snmpd_user]), - 'proc cron', - 'includeAllDisks 10%', - 'master agentx', - 'trapsink localhost public', - 'iquerySecName internalUser', - 'rouser internalUser', - 'defaultMonitors yes', - 'linkUpDownNotifications yes' ], + if $snmpd_config { + validate_array($snmpd_config) + class { '::snmp': + snmpd_config => $snmpd_config, + } + } else { + class { '::snmp': + snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']), + join(['rouser ', $snmpd_user]), + 'proc cron', + 'includeAllDisks 10%', + 'master agentx', + 'trapsink localhost public', + 'iquerySecName internalUser', + 'rouser internalUser', + 'defaultMonitors yes', + 'linkUpDownNotifications yes' ], + } } } } diff --git a/manifests/profile/base/tuned.pp b/manifests/profile/base/tuned.pp index 8dfcea0..48951bd 100644 --- a/manifests/profile/base/tuned.pp +++ b/manifests/profile/base/tuned.pp @@ -12,9 +12,11 @@ class tripleo::profile::base::tuned ( $profile = 'throughput-performance' ) { + ensure_resource('package', 'tuned', { ensure => 'present' }) exec { 'tuned-adm': path => ['/bin', '/usr/bin', '/sbin', '/usr/sbin'], command => "tuned-adm profile ${profile}", - unless => "tuned-adm active | grep -q '${profile}'" + unless => "tuned-adm active | grep -q '${profile}'", + require => Package['tuned'], } } diff --git a/manifests/profile/pacemaker/ovn_dbs_bundle.pp b/manifests/profile/pacemaker/ovn_dbs_bundle.pp index efe3e93..29ba85b 100644 --- a/manifests/profile/pacemaker/ovn_dbs_bundle.pp +++ b/manifests/profile/pacemaker/ovn_dbs_bundle.pp @@ -71,6 +71,13 @@ class tripleo::profile::pacemaker::ovn_dbs_bundle ( } if $step >= 3 { + + # Allow non local bind, because all the ovsdb-server's running in the + # cluster try to open a TCP socket on the VIP. + ensure_resource('sysctl::value', 'net.ipv4.ip_nonlocal_bind', { + 'value'=> 1, + }) + if $pacemaker_master { $ovndb_servers_resource_name = 'ovndb_servers' $ovndb_servers_ocf_name = 'ovn:ovndb-servers' diff --git a/manifests/profile/pacemaker/ovn_northd.pp b/manifests/profile/pacemaker/ovn_northd.pp index 4f39a7b..7b081b7 100644 --- a/manifests/profile/pacemaker/ovn_northd.pp +++ b/manifests/profile/pacemaker/ovn_northd.pp @@ -61,6 +61,12 @@ class tripleo::profile::pacemaker::ovn_northd ( tries => $pcs_tries, node => $::hostname, } + + # Allow non local bind, because all the ovsdb-server's running in the + # cluster try to open a TCP socket on the VIP. + ensure_resource('sysctl::value', 'net.ipv4.ip_nonlocal_bind', { + 'value'=> 1, + }) } if $step >= 3 and downcase($::hostname) == $pacemaker_master { diff --git a/manifests/ui.pp b/manifests/ui.pp index cb1da21..3caaf9b 100644 --- a/manifests/ui.pp +++ b/manifests/ui.pp @@ -96,6 +96,10 @@ # A string. # Defaults to 'tripleo' # +# [*enabled_loggers*] +# List of enabled loggers +# Defaults to ['console', 'zaqar'] +# class tripleo::ui ( $servername = $::fqdn, $bind_host = hiera('controller_host'), @@ -116,6 +120,7 @@ class tripleo::ui ( $endpoint_config_ironic_inspector = undef, $endpoint_config_mistral = undef, $endpoint_config_swift = undef, + $enabled_loggers = ['console', 'zaqar'], ) { package {'openstack-tripleo-ui': } diff --git a/metadata.json b/metadata.json index e8bef89..a8d97d0 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "openstack-tripleo", - "version": "7.4.1", + "version": "7.4.2", "author": "OpenStack Contributors", "summary": "Puppet module for TripleO", "license": "Apache-2.0", diff --git a/releasenotes/notes/disable-odl-port-status-117c1d9c2f3235e9.yaml b/releasenotes/notes/disable-odl-port-status-117c1d9c2f3235e9.yaml new file mode 100644 index 0000000..1bc03a4 --- /dev/null +++ b/releasenotes/notes/disable-odl-port-status-117c1d9c2f3235e9.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + Adds workaround to disable port status feature for OpenDaylight which + is currently broken in OpenDaylight. This fixes the inability to + launch nova instances. diff --git a/releasenotes/notes/haproxy_globals_override-7a573da1c8633f01.yaml b/releasenotes/notes/haproxy_globals_override-7a573da1c8633f01.yaml new file mode 100644 index 0000000..a6b6bfb --- /dev/null +++ b/releasenotes/notes/haproxy_globals_override-7a573da1c8633f01.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + This new parameter allows to set/override HAProxy global + options in a convenient way. diff --git a/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml b/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml new file mode 100644 index 0000000..4db033a --- /dev/null +++ b/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml @@ -0,0 +1,11 @@ +--- +features: + - | + Expose a new Puppet parameter to snmp profile, ``snmpd_config`` which + is an array definded to undef by default. + It can be used to override all snmpd configuration for advanced + deployments. + If used, all parameters have to be configured included users and + passwords, which should be the same as given to snmpd_password + and snmpd_user. There is no logic that will verify the content + of ``snmpd_config``. diff --git a/spec/classes/tripleo_profile_base_snmp_spec.rb b/spec/classes/tripleo_profile_base_snmp_spec.rb new file mode 100644 index 0000000..c8a7074 --- /dev/null +++ b/spec/classes/tripleo_profile_base_snmp_spec.rb @@ -0,0 +1,83 @@ +# +# Copyright (C) 2017 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::snmp' do + + shared_examples_for 'tripleo::profile::base::snmp' do + context 'with default configuration' do + let :params do + { + :snmpd_user => 'ro_snmp_user', + :snmpd_password => 'secrete', + :step => 4, + } + end + + it 'should configure snmpd' do + is_expected.to contain_class('snmp').with( + :snmpd_config => [ + 'createUser ro_snmp_user MD5 "secrete"', + 'rouser ro_snmp_user', + 'proc cron', + 'includeAllDisks 10%', + 'master agentx', + 'trapsink localhost public', + 'iquerySecName internalUser', + 'rouser internalUser', + 'defaultMonitors yes', + 'linkUpDownNotifications yes', + ] + ) + end + end + context 'with snmpd_config setting' do + let :params do + { + :snmpd_user => 'ro_snmp_user', + :snmpd_password => 'secrete', + :snmpd_config => [ + 'createUser ro_snmp_user MD5 "secrete"', + 'rouser ro_snmp_user', + 'proc neutron-server', + ], + :step => 4, + } + end + + it 'should configure snmpd with custom parameters' do + is_expected.to contain_class('snmp').with( + :snmpd_config => [ + 'createUser ro_snmp_user MD5 "secrete"', + 'rouser ro_snmp_user', + 'proc neutron-server', + ] + ) + end + end + end + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { + facts + } + + it_behaves_like 'tripleo::profile::base::snmp' + end + end +end diff --git a/templates/ui/tripleo_ui_config.js.erb b/templates/ui/tripleo_ui_config.js.erb index 613042b..10e7279 100644 --- a/templates/ui/tripleo_ui_config.js.erb +++ b/templates/ui/tripleo_ui_config.js.erb @@ -22,7 +22,6 @@ window.tripleOUiConfig = { // 'excludedLanguages': <%= @excluded_languages.to_json %>, - // Logging - // 'loggers': ['console'] + 'loggers': <%= @enabled_loggers.to_json %> }; |