diff options
Diffstat (limited to 'manifests')
26 files changed, 182 insertions, 99 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp index 6a81731..2cac604 100644 --- a/manifests/haproxy.pp +++ b/manifests/haproxy.pp @@ -439,11 +439,14 @@ class tripleo::haproxy ( "${public_virtual_ip}:443" => union($haproxy_listen_bind_param, ['ssl', 'crt', $service_certificate]), } $horizon_options = { - 'cookie' => 'SERVERID insert indirect nocache', - 'rsprep' => '^Location:\ http://(.*) Location:\ https://\1', + 'cookie' => 'SERVERID insert indirect nocache', + 'rsprep' => '^Location:\ http://(.*) Location:\ https://\1', # NOTE(jaosorior): We always redirect to https for the public_virtual_ip. - 'redirect' => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }", - 'option' => 'forwardfor', + 'redirect' => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }", + 'option' => 'forwardfor', + 'http-request' => [ + 'set-header X-Forwarded-Proto https if { ssl_fc }', + 'set-header X-Forwarded-Proto http if !{ ssl_fc }'], } } else { $horizon_bind_opts = { diff --git a/manifests/profile/base/aodh.pp b/manifests/profile/base/aodh.pp index 2fad5b3..49a543a 100644 --- a/manifests/profile/base/aodh.pp +++ b/manifests/profile/base/aodh.pp @@ -44,10 +44,6 @@ class tripleo::profile::base::aodh ( $sync_db = false } - if $step >= 3 and $sync_db { - include ::aodh::db::mysql - } - if $step >= 4 or ($step >= 3 and $sync_db) { class { '::aodh' : rabbit_hosts => $rabbit_hosts, diff --git a/manifests/profile/base/aodh/evaluator.pp b/manifests/profile/base/aodh/evaluator.pp index 610d5a8..d9b48b3 100644 --- a/manifests/profile/base/aodh/evaluator.pp +++ b/manifests/profile/base/aodh/evaluator.pp @@ -30,7 +30,9 @@ class tripleo::profile::base::aodh::evaluator ( include ::tripleo::profile::base::aodh if $step >= 4 { - include ::aodh::evaluator + class { '::aodh::evaluator': + coordination_url => join(['redis://:', hiera('aodh_redis_password'), '@', normalize_ip_for_uri(hiera('redis_vip')), ':6379/']), + } } } diff --git a/manifests/profile/base/ceilometer/agent/central.pp b/manifests/profile/base/ceilometer/agent/central.pp index c91e610..033d34c 100644 --- a/manifests/profile/base/ceilometer/agent/central.pp +++ b/manifests/profile/base/ceilometer/agent/central.pp @@ -30,7 +30,9 @@ class tripleo::profile::base::ceilometer::agent::central ( if $step >= 4 { include ::ceilometer::agent::auth - include ::ceilometer::agent::central + class { '::ceilometer::agent::central': + coordination_url => join(['redis://:', hiera('ceilometer_redis_password'), '@', normalize_ip_for_uri(hiera('redis_vip')), ':6379/']), + } } } diff --git a/manifests/profile/base/ceilometer/collector.pp b/manifests/profile/base/ceilometer/collector.pp index baaf4c8..e892478 100644 --- a/manifests/profile/base/ceilometer/collector.pp +++ b/manifests/profile/base/ceilometer/collector.pp @@ -59,10 +59,6 @@ class tripleo::profile::base::ceilometer::collector ( include ::tripleo::profile::base::ceilometer - if $step >= 2 and $sync_db and $ceilometer_backend == 'mysql' { - include ::ceilometer::db::mysql - } - if $step >= 3 and $sync_db { include ::ceilometer::db::sync } diff --git a/manifests/profile/base/cinder/api.pp b/manifests/profile/base/cinder/api.pp index 370b402..31635eb 100644 --- a/manifests/profile/base/cinder/api.pp +++ b/manifests/profile/base/cinder/api.pp @@ -39,10 +39,6 @@ class tripleo::profile::base::cinder::api ( include ::tripleo::profile::base::cinder - if $step >= 3 and $sync_db { - include ::cinder::db::mysql - } - if $step >= 4 or ($step >= 3 and $sync_db) { include ::cinder::api include ::cinder::ceilometer diff --git a/manifests/profile/base/cinder/volume/iscsi.pp b/manifests/profile/base/cinder/volume/iscsi.pp index 8baaf1c..4d333c8 100644 --- a/manifests/profile/base/cinder/volume/iscsi.pp +++ b/manifests/profile/base/cinder/volume/iscsi.pp @@ -29,6 +29,10 @@ # (Optional) The iscsi helper to use # Defaults to 'tgtadm' # +# [*cinder_iscsi_protocol*] +# (Optional) The iscsi protocol to use +# Defaults to 'iscsi' +# # [*cinder_lvm_loop_device_size*] # (Optional) The size (in MB) of the LVM loopback volume # Defaults to '10280' @@ -42,6 +46,7 @@ class tripleo::profile::base::cinder::volume::iscsi ( $cinder_iscsi_address, $backend_name = hiera('cinder::backend::iscsi::volume_backend_name', 'tripleo_iscsi'), $cinder_iscsi_helper = 'tgtadm', + $cinder_iscsi_protocol = 'iscsi', $cinder_lvm_loop_device_size = '10280', $step = hiera('step'), ) { @@ -58,6 +63,7 @@ class tripleo::profile::base::cinder::volume::iscsi ( cinder::backend::iscsi { $backend_name : iscsi_ip_address => normalize_ip_for_uri($cinder_iscsi_address), iscsi_helper => $cinder_iscsi_helper, + iscsi_protocol => $cinder_iscsi_protocol, } } diff --git a/manifests/profile/base/database/mysql.pp b/manifests/profile/base/database/mysql.pp index 49c9df3..9da1456 100644 --- a/manifests/profile/base/database/mysql.pp +++ b/manifests/profile/base/database/mysql.pp @@ -18,6 +18,14 @@ # # === Parameters # +# [*bind_address*] +# (Optional) The address that the local mysql instance should bind to. +# Defaults to $::hostname +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# # [*manage_resources*] # (Optional) Whether or not manage root user, root my.cnf, and service. # Defaults to true @@ -37,13 +45,20 @@ # Defaults to hiera('step') # class tripleo::profile::base::database::mysql ( + $bind_address = $::hostname, + $bootstrap_node = hiera('bootstrap_nodeid', undef), $manage_resources = true, $mysql_server_options = {}, $remove_default_accounts = true, $step = hiera('step'), - ) { + if $::hostname == downcase($bootstrap_node) { + $sync_db = true + } else { + $sync_db = false + } + validate_hash($mysql_server_options) # non-ha scenario @@ -59,14 +74,14 @@ class tripleo::profile::base::database::mysql ( } else { $mysql_config_file = '/etc/my.cnf.d/server.cnf' } - # TODO Galara + # TODO Galera # FIXME: due to https://bugzilla.redhat.com/show_bug.cgi?id=1298671 we # set bind-address to a hostname instead of an ip address; to move Mysql # from internal_api on another network we'll have to customize both # MysqlNetwork and ControllerHostnameResolveNetwork in ServiceNetMap $mysql_server_default = { 'mysqld' => { - 'bind-address' => $::hostname, + 'bind-address' => $bind_address, 'max_connections' => hiera('mysql_max_connections'), 'open_files_limit' => '-1', } @@ -83,4 +98,51 @@ class tripleo::profile::base::database::mysql ( } } + if $step >= 2 and $sync_db { + Class['::mysql::server'] -> Mysql_database<||> + if hiera('aodh_api_enabled', false) { + include ::aodh::db::mysql + } + if hiera('ceilometer_collector_enabled', false) { + include ::ceilometer::db::mysql + } + if hiera('cinder_api_enabled', false) { + include ::cinder::db::mysql + } + if hiera('glance_registry_enabled', false) { + include ::glance::db::mysql + } + if hiera('gnocchi_api_enabled', false) { + include ::gnocchi::db::mysql + } + if hiera('heat_engine_enabled', false) { + include ::heat::db::mysql + } + if hiera('ironic_api_enabled', false) { + include ::ironic::db::mysql + } + if hiera('keystone_enabled', false) { + include ::keystone::db::mysql + } + if hiera('manila_api_enabled', false) { + include ::manila::db::mysql + } + if hiera('mistral_api_enabled', false) { + include ::mistral::db::mysql + } + if hiera('neutron_api_enabled', false) { + include ::neutron::db::mysql + } + if hiera('nova_api_enabled', false) { + include ::nova::db::mysql + include ::nova::db::mysql_api + } + if hiera('sahara_api_enabled', false) { + include ::sahara::db::mysql + } + if hiera('trove_api_enabled', false) { + include ::trove::db::mysql + } + } + } diff --git a/manifests/profile/base/glance/registry.pp b/manifests/profile/base/glance/registry.pp index ac6796a..9e2be9d 100644 --- a/manifests/profile/base/glance/registry.pp +++ b/manifests/profile/base/glance/registry.pp @@ -42,10 +42,6 @@ class tripleo::profile::base::glance::registry ( $sync_db = false } - if $step >= 3 and $sync_db { - include ::glance::db::mysql - } - if $step >= 4 or ( $step >= 3 and $sync_db ) { # TODO: notifications, scrubber, etc. include ::glance diff --git a/manifests/profile/base/gnocchi/api.pp b/manifests/profile/base/gnocchi/api.pp index 5e7e215..9a08551 100644 --- a/manifests/profile/base/gnocchi/api.pp +++ b/manifests/profile/base/gnocchi/api.pp @@ -45,14 +45,16 @@ class tripleo::profile::base::gnocchi::api ( include ::tripleo::profile::base::gnocchi if $step >= 3 and $sync_db { - include ::gnocchi::db::mysql include ::gnocchi::db::sync } if $step >= 4 { include ::gnocchi::api include ::gnocchi::wsgi::apache - include ::gnocchi::storage + + class { '::gnocchi::storage': + coordination_url => join(['redis://:', hiera('gnocchi_redis_password'), '@', normalize_ip_for_uri(hiera('redis_vip')), ':6379/']), + } case $gnocchi_backend { 'swift': { include ::gnocchi::storage::swift } 'file': { include ::gnocchi::storage::file } diff --git a/manifests/profile/base/heat/engine.pp b/manifests/profile/base/heat/engine.pp index 112fad8..479e1c6 100644 --- a/manifests/profile/base/heat/engine.pp +++ b/manifests/profile/base/heat/engine.pp @@ -39,10 +39,6 @@ class tripleo::profile::base::heat::engine ( include ::tripleo::profile::base::heat - if $step >= 3 and $sync_db { - include ::heat::db::mysql - } - if $step >= 4 or ( $step >= 3 and $sync_db ) { include ::heat::engine } diff --git a/manifests/profile/base/ironic.pp b/manifests/profile/base/ironic.pp index 6c0769a..c4e525a 100644 --- a/manifests/profile/base/ironic.pp +++ b/manifests/profile/base/ironic.pp @@ -42,10 +42,6 @@ class tripleo::profile::base::ironic ( $sync_db = false } - if $step >= 3 and $sync_db { - include ::ironic::db::mysql - } - if $step >= 4 or ($step >= 3 and $sync_db) { class { '::ironic': sync_db => $sync_db, diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp index fd38869..d515f8f 100644 --- a/manifests/profile/base/keystone.pp +++ b/manifests/profile/base/keystone.pp @@ -51,10 +51,6 @@ class tripleo::profile::base::keystone ( $manage_endpoint = false } - if $step >= 3 and $sync_db { - include ::keystone::db::mysql - } - if $step >= 4 or ( $step >= 3 and $sync_db ) { class { '::keystone': sync_db => $sync_db, diff --git a/manifests/profile/base/manila.pp b/manifests/profile/base/manila.pp new file mode 100644 index 0000000..5210284 --- /dev/null +++ b/manifests/profile/base/manila.pp @@ -0,0 +1,50 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::manila +# +# Manila common profile for tripleo +# +# === Parameters +# +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# +# [*step*] +# (Optional) The current step of the deployment +# Defaults to hiera('step') +# +# [*rabbit_hosts*] +# list of the rabbbit host IPs +# Defaults to hiera('rabbitmq_node_ips') + +class tripleo::profile::base::manila ( + $bootstrap_node = hiera('bootstrap_nodeid', undef), + $step = hiera('step'), + $rabbit_hosts = hiera('rabbitmq_node_ips', undef), +) { + if $::hostname == downcase($bootstrap_node) { + $sync_db = true + } else { + $sync_db = false + } + + if $step >= 4 or ($step >= 3 and $sync_db) { + class { '::manila' : + rabbit_hosts => $rabbit_hosts, + } + include ::manila::config + } +} diff --git a/manifests/profile/base/manila/api.pp b/manifests/profile/base/manila/api.pp index 89ff810..1f78ab3 100644 --- a/manifests/profile/base/manila/api.pp +++ b/manifests/profile/base/manila/api.pp @@ -18,24 +18,28 @@ # # === Parameters # +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. # Defaults to hiera('step') -# -# [*rabbit_hosts*] -# list of the rabbbit host IPs -# Defaults to hiera('rabbitmq_node_ips') class tripleo::profile::base::manila::api ( - $step = hiera('step'), - $rabbit_hosts = hiera('rabbitmq_node_ips', undef), + $bootstrap_node = hiera('bootstrap_nodeid', undef), + $step = hiera('step'), ) { - if $step >= 4 { - class { '::manila' : - rabbit_hosts => $rabbit_hosts, - } + if $::hostname == downcase($bootstrap_node) { + $sync_db = true + } else { + $sync_db = false + } + + include ::tripleo::profile::base::manila + + if $step >= 4 or ($step >= 3 and $sync_db) { include ::manila::api } } - diff --git a/manifests/profile/base/manila/scheduler.pp b/manifests/profile/base/manila/scheduler.pp index 8581187..07ea676 100644 --- a/manifests/profile/base/manila/scheduler.pp +++ b/manifests/profile/base/manila/scheduler.pp @@ -18,34 +18,19 @@ # # === Parameters # -# [*bootstrap_node*] -# (Optional) The hostname of the node responsible for bootstrapping tasks -# Defaults to hiera('bootstrap_nodeid') -# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. # Defaults to hiera('step') # class tripleo::profile::base::manila::scheduler ( - $bootstrap_node = hiera('bootstrap_nodeid', undef), - $step = hiera('step'), + $step = hiera('step'), ) { - if $::hostname == downcase($bootstrap_node) { - $sync_db = true - } else { - $sync_db = false - } - - if $step >= 3 and $sync_db { - include ::manila::db::mysql - } + include ::tripleo::profile::base::manila if $step >= 4 { include ::manila::compute::nova include ::manila::network::neutron include ::manila::scheduler } - } - diff --git a/manifests/profile/base/manila/share.pp b/manifests/profile/base/manila/share.pp index ed64b29..d39c55c 100644 --- a/manifests/profile/base/manila/share.pp +++ b/manifests/profile/base/manila/share.pp @@ -26,8 +26,9 @@ class tripleo::profile::base::manila::share ( $step = hiera('step'), ) { + include ::tripleo::profile::base::manila + if $step >= 4 { include ::manila::share } } - diff --git a/manifests/profile/base/mistral.pp b/manifests/profile/base/mistral.pp index 3ebc3d5..9986d22 100644 --- a/manifests/profile/base/mistral.pp +++ b/manifests/profile/base/mistral.pp @@ -42,10 +42,6 @@ class tripleo::profile::base::mistral ( $sync_db = false } - if $step >= 3 and $sync_db { - include ::mistral::db::mysql - } - if $step >= 4 or ($step >= 3 and $sync_db) { class { '::mistral': rabbit_hosts => $rabbit_hosts, diff --git a/manifests/profile/base/neutron/server.pp b/manifests/profile/base/neutron/server.pp index 5a1b377..82c2d5f 100644 --- a/manifests/profile/base/neutron/server.pp +++ b/manifests/profile/base/neutron/server.pp @@ -39,10 +39,6 @@ class tripleo::profile::base::neutron::server ( include ::tripleo::profile::base::neutron - if $step >= 3 and $sync_db { - include ::neutron::db::mysql - } - # We start neutron-server on the bootstrap node first, because # it will try to populate tables and we need to make sure this happens # before it starts on other nodes diff --git a/manifests/profile/base/nova/api.pp b/manifests/profile/base/nova/api.pp index 285e0b7..3c472c5 100644 --- a/manifests/profile/base/nova/api.pp +++ b/manifests/profile/base/nova/api.pp @@ -37,11 +37,6 @@ class tripleo::profile::base::nova::api ( include ::tripleo::profile::base::nova - if $step >= 3 and $sync_db { - include ::nova::db::mysql - include ::nova::db::mysql_api - } - if $step >= 4 or ($step >= 3 and $sync_db) { class { '::nova::api': sync_db => $sync_db, diff --git a/manifests/profile/base/sahara/engine.pp b/manifests/profile/base/sahara/engine.pp index 4dbaa85..e2da0e7 100644 --- a/manifests/profile/base/sahara/engine.pp +++ b/manifests/profile/base/sahara/engine.pp @@ -39,10 +39,6 @@ class tripleo::profile::base::sahara::engine ( include ::tripleo::profile::base::sahara - if $step >= 3 and $sync_db { - include ::sahara::db::mysql - } - if $step >= 4 or ($step >= 3 and $sync_db) { include ::sahara::service::engine } diff --git a/manifests/profile/base/swift/ringbuilder.pp b/manifests/profile/base/swift/ringbuilder.pp index 98a09a0..c77d744 100644 --- a/manifests/profile/base/swift/ringbuilder.pp +++ b/manifests/profile/base/swift/ringbuilder.pp @@ -91,7 +91,7 @@ class tripleo::profile::base::swift::ringbuilder ( # rebalance swift::ringbuilder::rebalance{ ['object', 'account', 'container']: - seed => 999, + seed => '999', } Ring_object_device<| |> ~> Exec['rebalance_object'] diff --git a/manifests/profile/base/swift/storage.pp b/manifests/profile/base/swift/storage.pp index 0b09ea6..d1660de 100644 --- a/manifests/profile/base/swift/storage.pp +++ b/manifests/profile/base/swift/storage.pp @@ -41,7 +41,7 @@ class tripleo::profile::base::swift::storage ( ensure => directory, owner => 'swift', group => 'swift', - require => Package['openstack-swift'], + require => Package['swift'], } } $swift_components = ['account', 'container', 'object'] diff --git a/manifests/profile/base/trove/api.pp b/manifests/profile/base/trove/api.pp index 7a78171..bc16e6e 100644 --- a/manifests/profile/base/trove/api.pp +++ b/manifests/profile/base/trove/api.pp @@ -37,10 +37,6 @@ class tripleo::profile::base::trove::api ( $sync_db = false } - if $step >= 3 and $sync_db { - include ::trove::db::mysql - } - if $step >= 4 or ($step >= 3 and $sync_db) { include ::trove include ::trove::config diff --git a/manifests/profile/pacemaker/database/mysql.pp b/manifests/profile/pacemaker/database/mysql.pp index 4c54309..0169e16 100644 --- a/manifests/profile/pacemaker/database/mysql.pp +++ b/manifests/profile/pacemaker/database/mysql.pp @@ -18,20 +18,30 @@ # # === Parameters # +# [*bind_address*] +# (Optional) The address that the local mysql instance should bind to. +# Defaults to $::hostname +# +# [*gmcast_listen_addr*] +# (Optional) This variable defines the address on which the node listens to +# connections from other nodes in the cluster. +# Defaults to hiera('mysql_bind_host') +# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. # Defaults to hiera('step') # class tripleo::profile::pacemaker::database::mysql ( - $step = hiera('step'), + $bind_address = $::hostname, + $gmcast_listen_addr = hiera('mysql_bind_host'), + $step = hiera('step'), ) { if $::hostname == downcase(hiera('bootstrap_nodeid')) { $pacemaker_master = true } else { $pacemaker_master = false } - $mysql_bind_host = hiera('mysql_bind_host') # use only mysql_node_names when we land a patch in t-h-t that # switches to autogenerating these values from composable services @@ -52,7 +62,7 @@ class tripleo::profile::pacemaker::database::mysql ( 'innodb_locks_unsafe_for_binlog'=> '1', 'query_cache_size' => '0', 'query_cache_type' => '0', - 'bind-address' => $::hostname, + 'bind-address' => $bind_address, 'max_connections' => hiera('mysql_max_connections'), 'open_files_limit' => '-1', 'wsrep_on' => 'ON', @@ -70,7 +80,7 @@ class tripleo::profile::pacemaker::database::mysql ( 'wsrep_drupal_282555_workaround'=> '0', 'wsrep_causal_reads' => '0', 'wsrep_sst_method' => 'rsync', - 'wsrep_provider_options' => "gmcast.listen_addr=tcp://${mysql_bind_host}:4567;", + 'wsrep_provider_options' => "gmcast.listen_addr=tcp://${gmcast_listen_addr}:4567;", } } @@ -120,6 +130,11 @@ class tripleo::profile::pacemaker::database::mysql ( table => '*.*', user => 'clustercheck@localhost', } + + # We create databases for services at step 2 as well. This ensures + # Galara is up before those get created + Exec['galera-ready'] -> Mysql_database<||> + } # This step is to create a sysconfig clustercheck file with the root user and empty password # on the first install only (because later on the clustercheck db user will be used) diff --git a/manifests/profile/pacemaker/manila.pp b/manifests/profile/pacemaker/manila.pp index 45373f6..a1ff5ca 100644 --- a/manifests/profile/pacemaker/manila.pp +++ b/manifests/profile/pacemaker/manila.pp @@ -46,11 +46,11 @@ class tripleo::profile::pacemaker::manila ( stop => '/bin/true', } - if $step >= 4 { - include ::tripleo::profile::base::manila::api - include ::tripleo::profile::base::manila::scheduler - include ::tripleo::profile::base::manila::share + include ::tripleo::profile::base::manila::api + include ::tripleo::profile::base::manila::scheduler + include ::tripleo::profile::base::manila::share + if $step >= 4 { # manila generic: $manila_generic_enable = hiera('manila_generic_enable_backend', false) if $manila_generic_enable { |