7 files changed, 121 insertions, 63 deletions
diff --git a/manifests/profile/base/database/mysql/client.pp b/manifests/profile/base/database/mysql/client.pp
index 1e55f05..68d524b 100644
--- a/manifests/profile/base/database/mysql/client.pp
+++ b/manifests/profile/base/database/mysql/client.pp
@@ -53,13 +53,6 @@ class tripleo::profile::base::database::mysql::client (
   $step                      = Integer(hiera('step')),
 ) {
   if $step >= 1 {
-    # If the folder /etc/my.cnf.d does not exist (e.g. if mariadb is not
-    # present in the base image but installed as a package afterwards),
-    # create it. We do not want to touch the permissions in case it already
-    # exists due to the mariadb server package being pre-installed
-    # Note: We use exec instead of file in the case that the mysql class is
-    # included on this node as well (we'd get duplicate declaration in such a
-    # situation when using file)
     if $mysql_client_bind_address {
       $client_bind_changes = [
         "set ${mysql_read_default_group}/bind-address '${mysql_client_bind_address}'"
@@ -85,15 +78,37 @@ class tripleo::profile::base::database::mysql::client (
     $conf_changes = union($client_bind_changes, $changes_ssl)
 
     # Create /etc/my.cnf.d/tripleo.cnf
-    exec { 'directory-create-etc-my.cnf.d':
-      command => 'mkdir -p /etc/my.cnf.d',
-      unless  => 'test -d /etc/my.cnf.d',
-      path    => ['/usr/bin', '/usr/sbin', '/bin', '/sbin'],
-    } ->
+    # If the folder /etc/my.cnf.d does not exist (e.g. if mariadb is not
+    # present in the base image but installed as a package afterwards),
+    # create it. We do not want to touch the permissions in case it already
+    # exists due to the mariadb server package being pre-installed
+    if $::uuid == 'docker' {
+      # When generating configuration with docker-puppet, services do
+      # not include any profile that would ensure creation of /etc/my.cnf.d,
+      # so we enforce the check here.
+      file {'/etc/my.cnf.d':
+        ensure => 'directory'
+      }
+    } else {
+      # Otherwise, depending on the role, puppet may run this profile
+      # concurrently with the mysql profile, so we use an exec resource
+      # in order to avoid getting duplicate declaration errors
+      exec { 'directory-create-etc-my.cnf.d':
+        command => 'mkdir -p /etc/my.cnf.d',
+        unless  => 'test -d /etc/my.cnf.d',
+        path    => ['/usr/bin', '/usr/sbin', '/bin', '/sbin'],
+        before  => Augeas['tripleo-mysql-client-conf']
+      }
+    }
+
     augeas { 'tripleo-mysql-client-conf':
       incl    => $mysql_read_default_file,
       lens    => 'Puppet.lns',
       changes => $conf_changes,
     }
+
+    # If a profile created a file resource for the parent directory,
+    # ensure it is being run before the config file generation
+    File<| title == '/etc/my.cnf.d' |> -> Augeas['tripleo-mysql-client-conf']
   }
 }
diff --git a/manifests/profile/base/docker.pp b/manifests/profile/base/docker.pp
index cf3a914..2c9824a 100644
--- a/manifests/profile/base/docker.pp
+++ b/manifests/profile/base/docker.pp
@@ -19,14 +19,10 @@
 #
 # === Parameters
 #
-# [*docker_namespace*]
-#   The namespace to be used when setting INSECURE_REGISTRY
-#   this will be split on "/" to derive the docker registry
-#   (defaults to undef)
-#
-# [*insecure_registry*]
-#   Set docker_namespace to INSECURE_REGISTRY, used when a local registry
-#   is enabled (defaults to false)
+# [*insecure_registry_address*]
+#   The host/port combiniation of the insecure registry. This is used to configure
+#   /etc/sysconfig/docker so that a local (insecure) registry can be accessed.
+#   Example: 127.0.0.1:8787 (defaults to unset)
 #
 # [*registry_mirror*]
 #   Configure a registry-mirror in the /etc/docker/daemon.json file.
@@ -59,9 +55,19 @@
 #   List of TripleO services enabled on the role.
 #   Defaults to hiera('services_names')
 #
+# DEPRECATED PARAMETERS
+#
+# [*docker_namespace*]
+#   DEPRECATED: The namespace to be used when setting INSECURE_REGISTRY
+#   this will be split on "/" to derive the docker registry
+#   (defaults to undef)
+#
+# [*insecure_registry*]
+#   DEPRECATED: Set docker_namespace to INSECURE_REGISTRY, used when a local registry
+#   is enabled (defaults to false)
+#
 class tripleo::profile::base::docker (
-  $docker_namespace = undef,
-  $insecure_registry = false,
+  $insecure_registry_address = undef,
   $registry_mirror = false,
   $docker_options = '--log-driver=journald --signature-verification=false',
   $configure_storage = true,
@@ -69,7 +75,10 @@ class tripleo::profile::base::docker (
   $step = Integer(hiera('step')),
   $configure_libvirt_polkit = undef,
   $docker_nova_uid = 42436,
-  $services_enabled = hiera('service_names', [])
+  $services_enabled = hiera('service_names', []),
+  # DEPRECATED PARAMETERS
+  $docker_namespace = undef,
+  $insecure_registry = false,
 ) {
 
   if $configure_libvirt_polkit == undef {
@@ -104,11 +113,14 @@ class tripleo::profile::base::docker (
     }
 
     if $insecure_registry {
+      warning('The $insecure_registry and $docker_namespace are deprecated. Use $insecure_registry_address instead.')
       if $docker_namespace == undef {
         fail('You must provide a $docker_namespace in order to configure insecure registry')
       }
       $namespace = strip($docker_namespace.split('/')[0])
       $registry_changes = [ "set INSECURE_REGISTRY '\"--insecure-registry ${namespace}\"'" ]
+    } elsif $insecure_registry_address {
+      $registry_changes = [ "set INSECURE_REGISTRY '\"--insecure-registry ${insecure_registry_address}\"'" ]
     } else {
       $registry_changes = [ 'rm INSECURE_REGISTRY' ]
     }
diff --git a/manifests/profile/base/horizon.pp b/manifests/profile/base/horizon.pp
index 26ea20f..3f01d01 100644
--- a/manifests/profile/base/horizon.pp
+++ b/manifests/profile/base/horizon.pp
@@ -31,10 +31,15 @@
 #   (Optional) A hash of parameters to enable features specific to Neutron
 #   Defaults to hiera('horizon::neutron_options', {})
 #
+# [*memcached_ips*]
+#   (Optional) Array of ipv4 or ipv6 addresses for memcache.
+#   Defaults to hiera('memcached_node_ips')
+#
 class tripleo::profile::base::horizon (
   $step            = Integer(hiera('step')),
   $bootstrap_node  = hiera('bootstrap_nodeid', undef),
   $neutron_options = hiera('horizon::neutron_options', {}),
+  $memcached_ips   = hiera('memcached_node_ips')
 ) {
   if $::hostname == downcase($bootstrap_node) {
     $is_bootstrap = true
@@ -52,12 +57,14 @@ class tripleo::profile::base::horizon (
       $_profile_support = 'None'
     }
     $neutron_options_real = merge({'profile_support' => $_profile_support }, $neutron_options)
-    $memcached_ipv6 = hiera('memcached_ipv6', false)
-    if $memcached_ipv6 {
-      $horizon_memcached_servers = hiera('memcached_node_ips_v6', '[::1]')
+
+    if is_ipv6_address($memcached_ips[0]) {
+        $horizon_memcached_servers = prefix(any2array(normalize_ip_for_uri($memcached_ips)), 'inet6:')
+
     } else {
-      $horizon_memcached_servers = hiera('memcached_node_ips', '127.0.0.1')
+        $horizon_memcached_servers = any2array(normalize_ip_for_uri($memcached_ips))
     }
+
     class { '::horizon':
       cache_server_ip => $horizon_memcached_servers,
       neutron_options => $neutron_options_real,
diff --git a/manifests/profile/base/iscsid.pp b/manifests/profile/base/iscsid.pp
new file mode 100644
index 0000000..3637097
--- /dev/null
+++ b/manifests/profile/base/iscsid.pp
@@ -0,0 +1,45 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::iscsid
+#
+# Nova Compute profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+#   (Optional) The current step in deployment. See tripleo-heat-templates
+#   for more details.
+#   Defaults to hiera('step')
+#
+class tripleo::profile::base::iscsid (
+  $step               = Integer(hiera('step')),
+) {
+
+  if $step >= 2 {
+    # When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique
+    # https://bugzilla.redhat.com/show_bug.cgi?id=1244328
+    ensure_resource('package', 'iscsi-initiator-utils', { ensure => 'present' })
+    exec { 'reset-iscsi-initiator-name':
+      command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi',
+      onlyif  => '/usr/bin/test ! -f /etc/iscsi/.initiator_reset',
+      before  => File['/etc/iscsi/.initiator_reset'],
+      require => Package['iscsi-initiator-utils'],
+      tag     => 'iscsid_config'
+    }
+    file { '/etc/iscsi/.initiator_reset':
+      ensure => present,
+    }
+  }
+}
diff --git a/manifests/profile/base/nova.pp b/manifests/profile/base/nova.pp
index 16ba7be..eb6856f 100644
--- a/manifests/profile/base/nova.pp
+++ b/manifests/profile/base/nova.pp
@@ -70,6 +70,9 @@
 #   (Optional) The current step of the deployment
 #   Defaults to hiera('step')
 #
+# [*memcached_ips*]
+#   (Optional) Array of ipv4 or ipv6 addresses for memcache.
+#   Defaults to hiera('memcached_node_ips')
 
 class tripleo::profile::base::nova (
   $bootstrap_node          = hiera('bootstrap_nodeid', undef),
@@ -85,6 +88,7 @@ class tripleo::profile::base::nova (
   $oslomsg_notify_username = hiera('nova::rabbit_userid', 'guest'),
   $oslomsg_use_ssl         = hiera('nova::rabbit_use_ssl', '0'),
   $step                    = Integer(hiera('step')),
+  $memcached_ips            = hiera('memcached_node_ips'),
 ) {
 
   if $::hostname == downcase($bootstrap_node) {
@@ -93,10 +97,10 @@ class tripleo::profile::base::nova (
     $sync_db = false
   }
 
-  if hiera('nova::use_ipv6', false) {
-    $memcache_servers = suffix(hiera('memcached_node_ips_v6'), ':11211')
+  if is_ipv6_address($memcached_ips[0]) {
+    $memcache_servers = prefix(suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211'), 'inet6:')
   } else {
-    $memcache_servers = suffix(hiera('memcached_node_ips'), ':11211')
+    $memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
   }
 
   if $step >= 4 or ($step >= 3 and $sync_db) {
diff --git a/manifests/profile/base/nova/authtoken.pp b/manifests/profile/base/nova/authtoken.pp
index d8285ba..7eb37bc 100644
--- a/manifests/profile/base/nova/authtoken.pp
+++ b/manifests/profile/base/nova/authtoken.pp
@@ -21,34 +21,22 @@
 #   for more details.
 #   Defaults to hiera('step')
 #
-# [*use_ipv6*]
-#   (Optional) Flag indicating if ipv6 should be used for caching
-#   Defaults to hiera('nova::use_ipv6', false)
-#
-# [*memcache_nodes_ipv6*]
-#   (Optional) Array of ipv6 addresses for memcache.  Used if use_ipv6 is true.
-#   Defaults to hiera('memcached_node_ipvs_v6', ['::1'])
-#
-# [*memcache_nodes_ipv4*]
-#   (Optional) Array of ipv4 addresses for memcache. Used by default unless
-#   use_ipv6 is set to true.
-#   Defaults to hiera('memcached_node_ips', ['127.0.0.1'])
+# [*memcached_ips*]
+#   (Optional) Array of ipv4 or ipv6 addresses for memcache.
+#   Defaults to hiera('memcached_node_ips')
 #
 class tripleo::profile::base::nova::authtoken (
   $step                = Integer(hiera('step')),
-  $use_ipv6            = hiera('nova::use_ipv6', false),
-  $memcache_nodes_ipv6 = hiera('memcached_node_ips_v6', ['::1']),
-  $memcache_nodes_ipv4 = hiera('memcached_node_ips', ['127.0.0.1']),
+  $memcached_ips       = hiera('memcached_node_ips'),
 ) {
 
   if $step >= 3 {
-    $memcached_ips = $use_ipv6 ? {
-      true    => $memcache_nodes_ipv6,
-      default => $memcache_nodes_ipv4
+    if is_ipv6_address($memcached_ips[0]) {
+      $memcache_servers = prefix(suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211'), 'inet6:')
+    } else {
+      $memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
     }
 
-    $memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
-
     class { '::nova::keystone::authtoken':
       memcached_servers => $memcache_servers
     }
diff --git a/manifests/profile/base/nova/compute.pp b/manifests/profile/base/nova/compute.pp
index bd50204..3eae880 100644
--- a/manifests/profile/base/nova/compute.pp
+++ b/manifests/profile/base/nova/compute.pp
@@ -45,19 +45,6 @@ class tripleo::profile::base::nova::compute (
 
     # deploy bits to connect nova compute to neutron
     include ::nova::network::neutron
-
-    # When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique
-    # https://bugzilla.redhat.com/show_bug.cgi?id=1244328
-    ensure_resource('package', 'iscsi-initiator-utils', { ensure => 'present' })
-    exec { 'reset-iscsi-initiator-name':
-      command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi',
-      onlyif  => '/usr/bin/test ! -f /etc/iscsi/.initiator_reset',
-      before  => File['/etc/iscsi/.initiator_reset'],
-      require => Package['iscsi-initiator-utils'],
-    }
-    file { '/etc/iscsi/.initiator_reset':
-      ensure => present,
-    }
   }
 
   # If NFS is used as a Cinder backend