diff options
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/haproxy.pp | 7 | ||||
| -rw-r--r-- | manifests/haproxy/endpoint.pp | 6 | ||||
| -rw-r--r-- | manifests/host/sriov.pp | 27 | ||||
| -rw-r--r-- | manifests/host/sriov/numvfs_persistence.pp | 55 | ||||
| -rw-r--r-- | manifests/profile/base/ceilometer/expirer.pp | 3 | ||||
| -rw-r--r-- | manifests/profile/base/cinder/volume.pp | 8 | ||||
| -rw-r--r-- | manifests/profile/base/keystone.pp | 48 | ||||
| -rw-r--r-- | manifests/profile/base/neutron/sriov.pp | 1 | ||||
| -rw-r--r-- | manifests/profile/base/snmp.pp | 11 | ||||
| -rw-r--r-- | manifests/profile/pacemaker/database/mysql.pp | 6 | ||||
| -rw-r--r-- | manifests/profile/pacemaker/manila.pp | 55 |
11 files changed, 219 insertions, 8 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp index 075433b..b2cc264 100644 --- a/manifests/haproxy.pp +++ b/manifests/haproxy.pp @@ -886,7 +886,12 @@ class tripleo::haproxy ( options => { 'balance' => 'first', 'option' => ['tcp-check',], - 'tcp-check' => union($redis_tcp_check_options, ['send PING\r\n','expect string +PONG','send info\ replication\r\n','expect string role:master','send QUIT\r\n','expect string +OK']), + 'tcp-check' => union($redis_tcp_check_options, ['send PING\r\n', + 'expect string +PONG', + 'send info\ replication\r\n', + 'expect string role:master', + 'send QUIT\r\n', + 'expect string +OK']), }, collect_exported => false, } diff --git a/manifests/haproxy/endpoint.pp b/manifests/haproxy/endpoint.pp index ac6cb6c..b7403a4 100644 --- a/manifests/haproxy/endpoint.pp +++ b/manifests/haproxy/endpoint.pp @@ -88,7 +88,8 @@ define tripleo::haproxy::endpoint ( # service exposed to the public network if $public_certificate { - $public_bind_opts = list_to_hash(suffix(any2array($public_virtual_ip), ":${public_ssl_port}"), union($haproxy_listen_bind_param, ['ssl', 'crt', $public_certificate])) + $public_bind_opts = list_to_hash(suffix(any2array($public_virtual_ip), ":${public_ssl_port}"), + union($haproxy_listen_bind_param, ['ssl', 'crt', $public_certificate])) } else { $public_bind_opts = list_to_hash(suffix(any2array($public_virtual_ip), ":${service_port}"), $haproxy_listen_bind_param) } @@ -98,7 +99,8 @@ define tripleo::haproxy::endpoint ( } if $internal_certificate { - $internal_bind_opts = list_to_hash(suffix(any2array($internal_ip), ":${service_port}"), union($haproxy_listen_bind_param, ['ssl', 'crt', $public_certificate])) + $internal_bind_opts = list_to_hash(suffix(any2array($internal_ip), ":${service_port}"), + union($haproxy_listen_bind_param, ['ssl', 'crt', $public_certificate])) } else { $internal_bind_opts = list_to_hash(suffix(any2array($internal_ip), ":${service_port}"), $haproxy_listen_bind_param) } diff --git a/manifests/host/sriov.pp b/manifests/host/sriov.pp new file mode 100644 index 0000000..a30db42 --- /dev/null +++ b/manifests/host/sriov.pp @@ -0,0 +1,27 @@ +# == Class: tripleo::host::sriov +# +# Configures host configuration for the SR-IOV interfaces +# +# === Parameters +# +# [*number_of_vfs*] +# (optional) List of <physical_network>:<number_of_vfs> specifying the number +# VFs to be exposed per physical interface. +# For example, to configure two interface with number of VFs, specify +# it as ['eth1:4','eth2:10'] +# Defaults to [] +# +class tripleo::host::sriov ( + $number_of_vfs = [], +) { + + if !empty($number_of_vfs) { + sriov_vf_config { $number_of_vfs: ensure => present } + + # the numvfs configuration needs to be persisted for every boot + tripleo::host::sriov::numvfs_persistence {'persistent_numvfs': + vf_defs => $number_of_vfs, + content_string => "#!/bin/bash\n" + } + } +} diff --git a/manifests/host/sriov/numvfs_persistence.pp b/manifests/host/sriov/numvfs_persistence.pp new file mode 100644 index 0000000..1ee402c --- /dev/null +++ b/manifests/host/sriov/numvfs_persistence.pp @@ -0,0 +1,55 @@ +# +# tripleo::host::sriov::numvfs_persistence used by tripleo::host::sriov +# +# === Parameters: +# +# [*vf_defs*] +# (required) Array of of <physical_interface>:<numvfs>. +# Example: ['eth1:10','eth2:8'] +# +# [*content_string*] +# (required) String which shall be written to the script file. +# +define tripleo::host::sriov::numvfs_persistence( + $vf_defs, + $content_string +){ + # Since reduce isn't available, we use recursion to iterate each entries of + # "physical_interface:vfs" and accumulate the content that needs to be + # written to the script file. + include ::stdlib + + if empty($vf_defs) { + file { '/etc/sysconfig/allocate_vfs': + ensure => file, + content => $content_string, + group => 'root', + mode => '0755', + owner => 'root', + } + + file { '/sbin/ifup-local': + group => 'root', + mode => '0755', + owner => 'root', + content => '#!/bin/bash', + replace => false + } + + file_line { 'call_ifup-local': + path => '/sbin/ifup-local', + line => '/etc/sysconfig/allocate_vfs $1', + require => File['/sbin/ifup-local'], + } + } else { + $vfspec = split($vf_defs[0], ':') + $interface = $vfspec[0] + $count = $vfspec[1] + $vfdef_str = "${content_string}[ \"${interface}\" == \"\$1\" ] && echo ${count} > /sys/class/net/${interface}/device/sriov_numvfs\n" + tripleo::host::sriov::numvfs_persistence{"mapped ${interface}": + vf_defs => delete_at($vf_defs, 0), + content_string => $vfdef_str + } + } +} + diff --git a/manifests/profile/base/ceilometer/expirer.pp b/manifests/profile/base/ceilometer/expirer.pp index 0830307..eaaaefc 100644 --- a/manifests/profile/base/ceilometer/expirer.pp +++ b/manifests/profile/base/ceilometer/expirer.pp @@ -30,7 +30,8 @@ class tripleo::profile::base::ceilometer::expirer ( if $step >= 4 { include ::ceilometer::expirer - Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } + Cron <| title == 'ceilometer-expirer' |> + { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } } } diff --git a/manifests/profile/base/cinder/volume.pp b/manifests/profile/base/cinder/volume.pp index dfb034f..7d562ec 100644 --- a/manifests/profile/base/cinder/volume.pp +++ b/manifests/profile/base/cinder/volume.pp @@ -108,7 +108,13 @@ class tripleo::profile::base::cinder::volume ( $cinder_rbd_backend_name = undef } - $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend_name, $cinder_rbd_backend_name, $cinder_eqlx_backend_name, $cinder_dellsc_backend_name, $cinder_netapp_backend_name, $cinder_nfs_backend_name, $cinder_user_enabled_backends]) + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend_name, + $cinder_rbd_backend_name, + $cinder_eqlx_backend_name, + $cinder_dellsc_backend_name, + $cinder_netapp_backend_name, + $cinder_nfs_backend_name, + $cinder_user_enabled_backends]) class { '::cinder::backends' : enabled_backends => $cinder_enabled_backends, } diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp index ac97b66..354d24c 100644 --- a/manifests/profile/base/keystone.pp +++ b/manifests/profile/base/keystone.pp @@ -73,5 +73,53 @@ class tripleo::profile::base::keystone ( if $step >= 5 and $manage_db_purge { include ::keystone::cron::token_flush } + + if $step >= 5 and $manage_endpoint{ + if hiera('aodh_api_enabled', false) { + include ::aodh::keystone::auth + } + if hiera('ceilometer_api_enabled', false) { + include ::ceilometer::keystone::auth + } + if hiera('cinder_api_enabled', false) { + include ::cinder::keystone::auth + } + if hiera('glance_api_enabled', false) { + include ::glance::keystone::auth + } + if hiera('gnocchi_api_enabled', false) { + include ::gnocchi::keystone::auth + } + if hiera('heat_api_enabled', false) { + include ::heat::keystone::auth + } + if hiera('heat_api_cfn_enabled', false) { + include ::heat::keystone::auth_cfn + } + if hiera('ironic_api_enabled', false) { + include ::ironic::keystone::auth + } + if hiera('manila_api_enabled', false) { + include ::manila::keystone::auth + } + if hiera('mistral_api_enabled', false) { + include ::mistral::keystone::auth + } + if hiera('neutron_api_enabled', false) { + include ::neutron::keystone::auth + } + if hiera('nova_api_enabled', false) { + include ::nova::keystone::auth + } + if hiera('sahara_api_enabled', false) { + include ::sahara::keystone::auth + } + if hiera('swift_proxy_enabled', false) { + include ::swift::keystone::auth + } + if hiera('trove_api_enabled', false) { + include ::trove::keystone::auth + } + } } diff --git a/manifests/profile/base/neutron/sriov.pp b/manifests/profile/base/neutron/sriov.pp index 9b5f34c..00ecc21 100644 --- a/manifests/profile/base/neutron/sriov.pp +++ b/manifests/profile/base/neutron/sriov.pp @@ -36,6 +36,7 @@ class tripleo::profile::base::neutron::sriov( if $step >= 4 { if 'sriovnicswitch' in $mechanism_drivers { include ::neutron::agents::ml2::sriov + include ::tripleo::host::sriov } } diff --git a/manifests/profile/base/snmp.pp b/manifests/profile/base/snmp.pp index 2ed6752..301ac9a 100644 --- a/manifests/profile/base/snmp.pp +++ b/manifests/profile/base/snmp.pp @@ -43,7 +43,16 @@ class tripleo::profile::base::snmp ( } class { '::snmp': agentaddress => ['udp:161','udp6:[::1]:161'], - snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']), join(['rouser ', $snmpd_user]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], + snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']), + join(['rouser ', $snmpd_user]), + 'proc cron', + 'includeAllDisks 10%', + 'master agentx', + 'trapsink localhost public', + 'iquerySecName internalUser', + 'rouser internalUser', + 'defaultMonitors yes', + 'linkUpDownNotifications yes' ], } } } diff --git a/manifests/profile/pacemaker/database/mysql.pp b/manifests/profile/pacemaker/database/mysql.pp index 31d7d80..fceb415 100644 --- a/manifests/profile/pacemaker/database/mysql.pp +++ b/manifests/profile/pacemaker/database/mysql.pp @@ -150,8 +150,12 @@ MYSQL_HOST=localhost\n", # with proper credentials. This step happens on every node because this sql # statement does not automatically replicate across nodes. $mysql_root_password = hiera('mysql::server::root_password') + $galera_set_pwd = "/bin/touch /root/.my.cnf && \ + /bin/echo \"UPDATE mysql.user SET Password = PASSWORD('${mysql_root_password}') WHERE user = 'root'; \ + flush privileges;\" | \ + /bin/mysql --defaults-extra-file=/root/.my.cnf -u root" exec { 'galera-set-root-password': - command => "/bin/touch /root/.my.cnf && /bin/echo \"UPDATE mysql.user SET Password = PASSWORD('${mysql_root_password}') WHERE user = 'root'; flush privileges;\" | /bin/mysql --defaults-extra-file=/root/.my.cnf -u root", + command => $galera_set_pwd, } file { '/root/.my.cnf' : ensure => file, diff --git a/manifests/profile/pacemaker/manila.pp b/manifests/profile/pacemaker/manila.pp index 43ae875..37c67ab 100644 --- a/manifests/profile/pacemaker/manila.pp +++ b/manifests/profile/pacemaker/manila.pp @@ -83,6 +83,34 @@ # (Optional) # Defaults to hiera('manila::backend::generic::volume_snapshot_name_template') # +# [*manila_cephfsnative_enable*] +# (Optional) Enable the CephFS Native backend. +# Defaults to hiera('manila_cephfsnative_enable_backend', 'false') +# +# [*cephfs_handles_share_servers*] +# (Optional) +# Defaults to hiera('manila::backend::cephfsnative::driver_handles_share_servers', false) +# +# [*cephfs_backend_name*] +# (Optional) +# Defaults to hiera('manila::backend::cephfsnative::cephfs_backend_name') +# +# [*cephfs_conf_path*] +# (Optional) +# Defaults to hiera('manila::backend::cephfsnative::cephfs_conf_path') +# +# [*cephfs_auth_id*] +# (Optional) +# Defaults to hiera('manila::backend::cephfsnative::cephfs_auth_id') +# +# [*cephfs_cluster_name*] +# (Optional) +# Defaults to hiera('manila::backend::cephfsnative::cephfs_cluster_name') +# +# [*cephfs_enable_snapshots*] +# (Optional) +# Defaults to hiera('manila::backend::cephfsnative::cephfs_enable_snapshots') +# class tripleo::profile::pacemaker::manila ( $bootstrap_node = hiera('bootstrap_nodeid'), $cinder_volume_type = hiera('manila::backend::generic::cinder_volume_type', ''), @@ -100,6 +128,13 @@ class tripleo::profile::pacemaker::manila ( $step = hiera('step'), $volume_name_template = hiera('manila::backend::generic::volume_name_template'), $volume_snapshot_name_template = hiera('manila::backend::generic::volume_snapshot_name_template'), + $manila_cephfsnative_enable = hiera('manila::backend::cephfsnative::enable_backend', false), + $cephfs_handles_share_servers = hiera('manila::backend::cephfsnative::driver_handles_share_servers'), + $cephfs_backend_name = hiera('manila::backend::cephfsnative::cephfs_backend_name'), + $cephfs_conf_path = hiera('manila::backend::cephfsnative::cephfs_conf_path'), + $cephfs_auth_id = hiera('manila::backend::cephfsnative::cephfs_auth_id'), + $cephfs_cluster_name = hiera('manila::backend::cephfsnative::cephfs_cluster_name'), + $cephfs_enable_snapshots = hiera('manila::backend::cephfsnative::cephfs_enable_snapshots'), ) { if $::hostname == downcase($bootstrap_node) { $pacemaker_master = true @@ -145,7 +180,25 @@ class tripleo::profile::pacemaker::manila ( include ::manila::volume::cinder } - $manila_enabled_backends = delete_undef_values([$manila_generic_backend]) + # manila cephfsnative: + if $manila_cephfsnative_enable { + $manila_cephfsnative_backend = hiera('manila::backend::cephfsnative::title') + manila::backend::cephfsnative { $manila_cephfsnative_backend : + driver_handles_share_servers => $cephfs_handles_share_servers, + cephfs_backend_name => $cephfs_backend_name, + cephfs_conf_path => $cephfs_conf_path, + cephfs_auth_id => $cephfs_auth_id, + cephfs_cluster_name => $cephfs_cluster_name, + cephfs_enable_snapshots => $cephfs_enable_snapshots, + } + } + + $manila_enabled_backends = delete_undef_values( + [ + $manila_generic_backend, + $manila_cephfsnative_backend + ] + ) class { '::manila::backends' : enabled_share_backends => $manila_enabled_backends, } |