diff options
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/haproxy.pp | 73 | ||||
| -rw-r--r-- | manifests/profile/base/database/mysql.pp | 3 | ||||
| -rw-r--r-- | manifests/profile/base/keystone.pp | 4 | ||||
| -rw-r--r-- | manifests/profile/base/metrics/collectd.pp | 111 | ||||
| -rw-r--r-- | manifests/profile/base/metrics/collectd/collectd_plugin.pp | 6 | ||||
| -rw-r--r-- | manifests/profile/base/metrics/collectd/collectd_service.pp | 11 | ||||
| -rw-r--r-- | manifests/profile/base/nova/ec2api.pp (renamed from manifests/profile/base/glance/registry.pp) | 31 | ||||
| -rw-r--r-- | manifests/profile/base/pacemaker.pp | 8 | ||||
| -rw-r--r-- | manifests/profile/pacemaker/ceph/rbdmirror.pp | 77 |
9 files changed, 229 insertions, 95 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp index b8a27af..1c3daac 100644 --- a/manifests/haproxy.pp +++ b/manifests/haproxy.pp @@ -159,10 +159,6 @@ # (optional) Enable or not Glance API binding # Defaults to hiera('glance_api_enabled', false) # -# [*glance_registry*] -# (optional) Enable or not Glance registry binding -# Defaults to hiera('glance_registry_enabled', false) -# # [*nova_osapi*] # (optional) Enable or not Nova API binding # Defaults to hiera('nova_api_enabled', false) @@ -179,6 +175,14 @@ # (optional) Enable or not Nova novncproxy binding # Defaults to hiera('nova_vnc_proxy_enabled', false) # +# [*ec2_api*] +# (optional) Enable or not EC2 API binding +# Defaults to hiera('ec2_api_enabled', false) +# +# [*ec2_api_metadata*] +# (optional) Enable or not EC2 API metadata binding +# Defaults to hiera('ec2_api_enabled', false) +# # [*ceilometer*] # (optional) Enable or not Ceilometer API binding # Defaults to hiera('ceilometer_api_enabled', false) @@ -324,10 +328,6 @@ # (optional) Specify the network glance_api is running on. # Defaults to hiera('glance_api_network', undef) # -# [*glance_registry_network*] -# (optional) Specify the network glance_registry is running on. -# Defaults to hiera('glance_registry_network', undef) -# # [*gnocchi_network*] # (optional) Specify the network gnocchi is running on. # Defaults to hiera('gnocchi_api_network', undef) @@ -388,6 +388,14 @@ # (optional) Specify the network nova_placement is running on. # Defaults to hiera('nova_placement_network', undef) # +# [*ec2_api_network*] +# (optional) Specify the network ec2_api is running on. +# Defaults to hiera('ec2_api_network', undef) +# +# [*ec2_api_metadata_network*] +# (optional) Specify the network ec2_api_metadata is running on. +# Defaults to hiera('ec2_api_network', undef) +# # [*opendaylight_network*] # (optional) Specify the network opendaylight is running on. # Defaults to hiera('opendaylight_api_network', undef) @@ -431,7 +439,6 @@ # 'docker_registry_ssl_port' (Defaults to 13787) # 'glance_api_port' (Defaults to 9292) # 'glance_api_ssl_port' (Defaults to 13292) -# 'glance_registry_port' (Defaults to 9191) # 'gnocchi_api_port' (Defaults to 8041) # 'gnocchi_api_ssl_port' (Defaults to 13041) # 'mistral_api_port' (Defaults to 8989) @@ -512,11 +519,12 @@ class tripleo::haproxy ( $sahara = hiera('sahara_api_enabled', false), $trove = hiera('trove_api_enabled', false), $glance_api = hiera('glance_api_enabled', false), - $glance_registry = hiera('glance_registry_enabled', false), $nova_osapi = hiera('nova_api_enabled', false), $nova_placement = hiera('nova_placement_enabled', false), $nova_metadata = hiera('nova_api_enabled', false), $nova_novncproxy = hiera('nova_vnc_proxy_enabled', false), + $ec2_api = hiera('ec2_api_enabled', false), + $ec2_api_metadata = hiera('ec2_api_enabled', false), $ceilometer = hiera('ceilometer_api_enabled', false), $aodh = hiera('aodh_api_enabled', false), $panko = hiera('panko_api_enabled', false), @@ -552,7 +560,6 @@ class tripleo::haproxy ( $cinder_network = hiera('cinder_api_network', undef), $docker_registry_network = hiera('docker_registry_network', undef), $glance_api_network = hiera('glance_api_network', undef), - $glance_registry_network = hiera('glance_registry_network', undef), $gnocchi_network = hiera('gnocchi_api_network', undef), $heat_api_network = hiera('heat_api_network', undef), $heat_cfn_network = hiera('heat_api_cfn_network', undef), @@ -570,6 +577,8 @@ class tripleo::haproxy ( $nova_placement_network = hiera('nova_placement_network', undef), $panko_network = hiera('panko_api_network', undef), $ovn_dbs_network = hiera('ovn_dbs_network', undef), + $ec2_api_network = hiera('ec2_api_network', undef), + $ec2_api_metadata_network = hiera('ec2_api_network', undef), $sahara_network = hiera('sahara_api_network', undef), $swift_proxy_server_network = hiera('swift_proxy_network', undef), $trove_network = hiera('trove_api_network', undef), @@ -589,7 +598,6 @@ class tripleo::haproxy ( docker_registry_ssl_port => 13787, glance_api_port => 9292, glance_api_ssl_port => 13292, - glance_registry_port => 9191, gnocchi_api_port => 8041, gnocchi_api_ssl_port => 13041, mistral_api_port => 8989, @@ -625,6 +633,9 @@ class tripleo::haproxy ( panko_api_ssl_port => 13779, ovn_nbdb_port => 6641, ovn_sbdb_port => 6642, + ec2_api_port => 8788, + ec2_api_ssl_port => 13788, + ec2_api_metadata_port => 8789, sahara_api_port => 8386, sahara_api_ssl_port => 13386, swift_proxy_port => 8080, @@ -923,16 +934,6 @@ class tripleo::haproxy ( } } - if $glance_registry { - ::tripleo::haproxy::endpoint { 'glance_registry': - internal_ip => hiera('glance_registry_vip', $controller_virtual_ip), - service_port => $ports[glance_registry_port], - ip_addresses => hiera('glance_registry_node_ips', $controller_hosts_real), - server_names => hiera('glance_registry_node_names', $controller_hosts_names_real), - service_network => $glance_registry_network, - } - } - $nova_api_vip = hiera('nova_api_vip', $controller_virtual_ip) if $nova_osapi { ::tripleo::haproxy::endpoint { 'nova_osapi': @@ -999,6 +1000,34 @@ class tripleo::haproxy ( } } + if $ec2_api { + ::tripleo::haproxy::endpoint { 'ec2_api': + public_virtual_ip => $public_virtual_ip, + internal_ip => hiera('ec2_api_vip', $controller_virtual_ip), + service_port => $ports[ec2_api_port], + ip_addresses => hiera('ec2_api_node_ips', $controller_hosts_real), + server_names => hiera('ec2_api_node_names', $controller_hosts_names_real), + mode => 'http', + listen_options => { + 'http-request' => [ + 'set-header X-Forwarded-Proto https if { ssl_fc }', + 'set-header X-Forwarded-Proto http if !{ ssl_fc }'], + }, + public_ssl_port => $ports[ec2_api_ssl_port], + service_network => $ec2_api_network, + } + } + + if $ec2_api_metadata { + ::tripleo::haproxy::endpoint { 'ec2_api_metadata': + internal_ip => hiera('ec2_api_vip', $controller_virtual_ip), + service_port => $ports[ec2_api_metadata_port], + ip_addresses => hiera('ec2_api_node_ips', $controller_hosts_real), + server_names => hiera('ec2_api_node_names', $controller_hosts_names_real), + service_network => $ec2_api_metadata_network, + } + } + if $ceilometer { ::tripleo::haproxy::endpoint { 'ceilometer': public_virtual_ip => $public_virtual_ip, diff --git a/manifests/profile/base/database/mysql.pp b/manifests/profile/base/database/mysql.pp index 1692108..5154464 100644 --- a/manifests/profile/base/database/mysql.pp +++ b/manifests/profile/base/database/mysql.pp @@ -191,6 +191,9 @@ class tripleo::profile::base::database::mysql ( if hiera('panko_api_enabled', false) { include ::panko::db::mysql } + if hiera('ec2_api_enabled', false) { + include ::ec2api::db::mysql + } } } diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp index a388def..a3a39e9 100644 --- a/manifests/profile/base/keystone.pp +++ b/manifests/profile/base/keystone.pp @@ -255,6 +255,8 @@ class tripleo::profile::base::keystone ( include ::zaqar::keystone::auth include ::zaqar::keystone::auth_websocket } + if hiera('ec2_api_enabled', false) { + include ::ec2api::keystone::auth + } } } - diff --git a/manifests/profile/base/metrics/collectd.pp b/manifests/profile/base/metrics/collectd.pp index 0f738d1..d8e6f89 100644 --- a/manifests/profile/base/metrics/collectd.pp +++ b/manifests/profile/base/metrics/collectd.pp @@ -1,13 +1,27 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# # == Class: tripleo::profile::base::metrics::collectd # # Collectd configuration for TripleO # # === Parameters # -# [*collectd_plugins*] -# (Optional) List. A list of collectd plugins to configure (the -# corresponding collectd::plugin::NAME class must exist in the -# collectd package). +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') # # [*collectd_server*] # (Optional) String. The name or address of a collectd server to @@ -28,61 +42,62 @@ # [*collectd_securitylevel*] # (Optional) String. # -# [*collectd_interface*] -# (Optional) String. Name of a network interface. -# -# [*collectd_graphite_server*] -# (Optional) String. The name or address of a graphite server to -# which we should send metrics. -# -# [*collectd_graphite_port*] -# (Optional) Integer. This is the port to which we will connect on -# the graphite server. Defaults to 2004. -# -# [*collectd_graphite_prefix*] -# (Optional) String. Prefix to add to metric names. Defaults to -# 'overcloud.'. -# -# [*collectd_graphite_protocol*] -# (Optional) String. One of 'udp' or 'tcp'. -# +# [*service_names*] +# (Optional) List of strings. A list of active services in this tripleo +# deployment. This is used to look up service-specific plugins that +# need to be installed. class tripleo::profile::base::metrics::collectd ( - $collectd_plugins = [], + $step = hiera('step'), $collectd_server = undef, - $collectd_port = 25826, + $collectd_port = undef, $collectd_username = undef, $collectd_password = undef, $collectd_securitylevel = undef, - - $collectd_graphite_server = undef, - $collectd_graphite_port = 2004, - $collectd_graphite_prefix = undef, - $collectd_graphite_protocol = 'udp' + $service_names = hiera('service_names', []) ) { - include ::collectd - ::tripleo::profile::base::metrics::collectd::plugin_helper { $collectd_plugins: } + if $step >= 3 { + include ::collectd - if ! ($collectd_graphite_protocol in ['udp', 'tcp']) { - fail("collectd_graphite_protocol must be one of 'udp' or 'tcp'") - } + if ! ($collectd_securitylevel in [undef, 'None', 'Sign', 'Encrypt']) { + fail('collectd_securitylevel must be one of (None, Sign, Encrypt).') + } + + # Load per-service plugin configuration + ::tripleo::profile::base::metrics::collectd::collectd_service { + $service_names: } + + # Because THT doesn't allow us to default values to undef, we need + # to perform a number of transformations here to avoid passing a bunch of + # empty strings to the collectd plugins. - if $collectd_server { - ::collectd::plugin::network::server { $collectd_server: - username => $collectd_username, - password => $collectd_password, - port => $collectd_port, - securitylevel => $collectd_securitylevel, + $_collectd_username = empty($collectd_username) ? { + true => undef, + default => $collectd_username + } + + $_collectd_password = empty($collectd_password) ? { + true => undef, + default => $collectd_password } - } - if $collectd_graphite_server { - ::collectd::plugin::write_graphite::carbon { 'openstack_graphite': - graphitehost => $collectd_graphite_server, - graphiteport => $collectd_graphite_port, - graphiteprefix => $collectd_graphite_prefix, - protocol => $collectd_graphite_protocol, + $_collectd_port = empty($collectd_port) ? { + true => undef, + default => $collectd_port + } + + $_collectd_securitylevel = empty($collectd_securitylevel) ? { + true => undef, + default => $collectd_securitylevel + } + + if ! empty($collectd_server) { + ::collectd::plugin::network::server { $collectd_server: + username => $_collectd_username, + password => $_collectd_password, + port => $_collectd_port, + securitylevel => $_collectd_securitylevel, + } } } } - diff --git a/manifests/profile/base/metrics/collectd/collectd_plugin.pp b/manifests/profile/base/metrics/collectd/collectd_plugin.pp new file mode 100644 index 0000000..5ab940b --- /dev/null +++ b/manifests/profile/base/metrics/collectd/collectd_plugin.pp @@ -0,0 +1,6 @@ +# We use this to transform a list of unqualified plugin names +# (like ['disk', 'ntpd']) into the correct collectd plugin classes. +define tripleo::profile::base::metrics::collectd::collectd_plugin ( +) { + include "collectd::plugin::${title}" +} diff --git a/manifests/profile/base/metrics/collectd/collectd_service.pp b/manifests/profile/base/metrics/collectd/collectd_service.pp new file mode 100644 index 0000000..c1b3a60 --- /dev/null +++ b/manifests/profile/base/metrics/collectd/collectd_service.pp @@ -0,0 +1,11 @@ +# This is used to look up a list of service-specific collectd plugins +# in the hiera data provided by THT. +define tripleo::profile::base::metrics::collectd::collectd_service ( +) { + $plugins = hiera("tripleo.collectd.plugins.${title}", []) + + if $plugins { + ::tripleo::profile::base::metrics::collectd::collectd_plugin { + $plugins: } + } +} diff --git a/manifests/profile/base/glance/registry.pp b/manifests/profile/base/nova/ec2api.pp index cd40aeb..f34b071 100644 --- a/manifests/profile/base/glance/registry.pp +++ b/manifests/profile/base/nova/ec2api.pp @@ -12,39 +12,24 @@ # License for the specific language governing permissions and limitations # under the License. # -# == Class: tripleo::profile::base::glance::registry +# == Class: tripleo::profile::base::nova::ec2api # -# Glance Registry profile for tripleo +# EC2-compatible Nova API profile for tripleo # # === Parameters # -# [*bootstrap_node*] -# DEPRECATED -# (Optional) The hostname of the node responsible for bootstrapping tasks -# Defaults to hiera('bootstrap_nodeid') -# -# [*glance_backend*] -# (Optional) Glance backend(s) to use. -# Defaults to downcase(hiera('glance_backend', 'swift')) -# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. # Defaults to hiera('step') # -class tripleo::profile::base::glance::registry ( - $bootstrap_node = undef, - $glance_backend = downcase(hiera('glance_backend', 'swift')), - $step = hiera('step'), +class tripleo::profile::base::nova::ec2api ( + $step = hiera('step') ) { - if $step >= 4 { - # TODO: notifications, scrubber, etc. - include ::glance - include ::glance::config - include ::glance::registry - include ::glance::notify::rabbitmq - include join(['::glance::backend::', $glance_backend]) + include ::ec2api + include ::ec2api::api + include ::ec2api::db::sync + include ::ec2api::metadata } - } diff --git a/manifests/profile/base/pacemaker.pp b/manifests/profile/base/pacemaker.pp index 671f1e7..a5a2ccd 100644 --- a/manifests/profile/base/pacemaker.pp +++ b/manifests/profile/base/pacemaker.pp @@ -23,8 +23,13 @@ # for more details. # Defaults to hiera('step') # +# [*pcs_tries*] +# (Optional) The number of times pcs commands should be retried. +# Defaults to hiera('pcs_tries', 20) +# class tripleo::profile::base::pacemaker ( - $step = hiera('step'), + $step = hiera('step'), + $pcs_tries = hiera('pcs_tries', 20), ) { Pcmk_resource <| |> { tries => 10, @@ -58,6 +63,7 @@ class tripleo::profile::base::pacemaker ( } class { '::pacemaker::stonith': disable => !$enable_fencing, + tries => $pcs_tries, } if $enable_fencing { include ::tripleo::fencing diff --git a/manifests/profile/pacemaker/ceph/rbdmirror.pp b/manifests/profile/pacemaker/ceph/rbdmirror.pp new file mode 100644 index 0000000..8e2ff77 --- /dev/null +++ b/manifests/profile/pacemaker/ceph/rbdmirror.pp @@ -0,0 +1,77 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::pacemaker::ceph::rbdmirror +# +# Ceph RBD mirror Pacemaker profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('ceph_rbdmirror_bootstrap_short_node_name') +# +# [*client_name*] +# (Optional) Name assigned to the RBD mirror client +# Defaults to 'rbd-mirror' +# +# [*stack_action*] +# (Optional) Action executed on the stack. See tripleo-heat-templates +# for more details. +# Defaults to hiera('stack_action') +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +class tripleo::profile::pacemaker::ceph::rbdmirror ( + $bootstrap_node = hiera('ceph_rbdmirror_bootstrap_short_node_name'), + $client_name = 'openstack', + $stack_action = hiera('stack_action'), + $step = hiera('step'), +) { + Service <| tag == 'ceph-rbd-mirror' |> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', + } + + if $::hostname == downcase($bootstrap_node) { + $pacemaker_master = true + } else { + $pacemaker_master = false + } + + include ::tripleo::profile::base::ceph + + if $step >= 3 { + ceph::mirror { $client_name: + rbd_mirror_enable => false, + rbd_mirror_ensure => 'stopped', + } -> + pacemaker::resource::service { "ceph-rbd-mirror_${client_name}": + # NOTE(gfidente): systemd uses the @ sign but it is an invalid + # character in a pcmk resource name, so we need to use it only + # for the name of the service + service_name => "ceph-rbd-mirror@${client_name}" + } + } + + if $step >= 3 and $pacemaker_master and $stack_action == 'UPDATE' { + Ceph_config<||> ~> Tripleo::Pacemaker::Resource_restart_flag["ceph-rbd-mirror@${client_name}"] + tripleo::pacemaker::resource_restart_flag { "ceph-rbd-mirror@${client_name}": } + } +} |