aboutsummaryrefslogtreecommitdiffstats
path: root/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'manifests')
-rw-r--r--manifests/certmonger/haproxy.pp10
-rw-r--r--manifests/haproxy.pp9
-rw-r--r--manifests/profile/base/database/mongodb.pp7
-rw-r--r--manifests/profile/base/haproxy.pp3
-rw-r--r--manifests/profile/base/swift/add_devices.pp5
-rw-r--r--manifests/profile/base/validations.pp29
-rw-r--r--manifests/profile/pacemaker/database/mysql.pp2
-rw-r--r--manifests/profile/pacemaker/manila.pp122
8 files changed, 98 insertions, 89 deletions
diff --git a/manifests/certmonger/haproxy.pp b/manifests/certmonger/haproxy.pp
index 0168227..504acf3 100644
--- a/manifests/certmonger/haproxy.pp
+++ b/manifests/certmonger/haproxy.pp
@@ -47,6 +47,7 @@ define tripleo::certmonger::haproxy (
$postsave_cmd,
$principal = undef,
){
+ include ::haproxy::params
certmonger_certificate { "${title}-cert":
hostname => $hostname,
dnsname => $hostname,
@@ -56,10 +57,11 @@ define tripleo::certmonger::haproxy (
principal => $principal,
}
concat { $service_pem :
- ensure => present,
- mode => '0640',
- owner => 'haproxy',
- group => 'haproxy',
+ ensure => present,
+ mode => '0640',
+ owner => 'haproxy',
+ group => 'haproxy',
+ require => Package[$::haproxy::params::package_name],
}
concat::fragment { "${title}-cert-fragment":
target => $service_pem,
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index 6af287e..6a81731 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -155,7 +155,7 @@
#
# [*nova_novncproxy*]
# (optional) Enable or not Nova novncproxy binding
-# Defaults to hiera('nova_vncproxy_enabled', false)
+# Defaults to hiera('nova_vnc_proxy_enabled', false)
#
# [*ceilometer*]
# (optional) Enable or not Ceilometer API binding
@@ -328,7 +328,7 @@ class tripleo::haproxy (
$glance_registry = hiera('glance_registry_enabled', false),
$nova_osapi = hiera('nova_api_enabled', false),
$nova_metadata = hiera('nova_api_enabled', false),
- $nova_novncproxy = hiera('nova_vncproxy_enabled', false),
+ $nova_novncproxy = hiera('nova_vnc_proxy_enabled', false),
$ceilometer = hiera('ceilometer_api_enabled', false),
$aodh = hiera('aodh_api_enabled', false),
$gnocchi = hiera('gnocchi_api_enabled', false),
@@ -604,6 +604,11 @@ class tripleo::haproxy (
service_port => $ports[manila_api_port],
ip_addresses => hiera('manila_api_node_ips', $controller_hosts_real),
server_names => $controller_hosts_names_real,
+ listen_options => {
+ 'http-request' => [
+ 'set-header X-Forwarded-Proto https if { ssl_fc }',
+ 'set-header X-Forwarded-Proto http if !{ ssl_fc }'],
+ },
public_ssl_port => $ports[manila_api_ssl_port],
}
}
diff --git a/manifests/profile/base/database/mongodb.pp b/manifests/profile/base/database/mongodb.pp
index 1a19bb6..8967f5b 100644
--- a/manifests/profile/base/database/mongodb.pp
+++ b/manifests/profile/base/database/mongodb.pp
@@ -44,6 +44,13 @@ class tripleo::profile::base::database::mongodb (
include ::tripleo::profile::base::database::mongodbcommon
if $bootstrap_node == $::hostname {
+ # make sure we can connect to all servers before forming the replset
+ tripleo::profile::pacemaker::database::mongodbvalidator {
+ $tripleo::profile::base::database::mongodbcommon::mongodb_node_ips :
+ port => $tripleo::profile::base::database::mongodbcommon::port,
+ require => Service['mongodb'],
+ before => Mongodb_replset[$mongodb_replset],
+ }
mongodb_replset { $mongodb_replset :
members => $tripleo::profile::base::database::mongodbcommon::mongo_node_ips_with_port_nobr,
}
diff --git a/manifests/profile/base/haproxy.pp b/manifests/profile/base/haproxy.pp
index 68ff3e4..e018f36 100644
--- a/manifests/profile/base/haproxy.pp
+++ b/manifests/profile/base/haproxy.pp
@@ -79,6 +79,9 @@ class tripleo::profile::base::haproxy (
require => Class['::certmonger'],
}
create_resources('::tripleo::certmonger::haproxy', $certificates_specs)
+ # The haproxy fronends (or listen resources) depend on the certificate
+ # existing and need to be refreshed if it changed.
+ Tripleo::Certmonger::Haproxy<||> ~> Haproxy::Listen<||>
}
include ::tripleo::haproxy
diff --git a/manifests/profile/base/swift/add_devices.pp b/manifests/profile/base/swift/add_devices.pp
index bd4c91c..909ddd6 100644
--- a/manifests/profile/base/swift/add_devices.pp
+++ b/manifests/profile/base/swift/add_devices.pp
@@ -39,7 +39,10 @@ define tripleo::profile::base::swift::add_devices(
$zone = (($server_num%$swift_zones) + 1)
# add the rings
- $base = regsubst($name,'^r1.*-(.*)$','\1')
+ $base_notnormal = regsubst($name,'^r1.*-(.*)$','\1')
+ $ip_notnormal = regsubst($base_notnormal, ':%PORT%.*', '')
+ $ip = normalize_ip_for_uri($ip_notnormal)
+ $base = regsubst($base_notnormal, $ip_notnormal, $ip)
$object = regsubst($base, '%PORT%', '6000')
ring_object_device { $object:
zone => '1',
diff --git a/manifests/profile/base/validations.pp b/manifests/profile/base/validations.pp
new file mode 100644
index 0000000..50a1a8a
--- /dev/null
+++ b/manifests/profile/base/validations.pp
@@ -0,0 +1,29 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::validations
+#
+# Validations profile for tripleo
+#
+class tripleo::profile::base::validations {
+ package {'openstack-tripleo-validations': }
+ user {'validations':
+ ensure => present,
+ comment => 'TripleO validations',
+ managehome => true,
+ home => '/home/validations',
+ shell => '/sbin/nologin',
+ }
+}
+
diff --git a/manifests/profile/pacemaker/database/mysql.pp b/manifests/profile/pacemaker/database/mysql.pp
index 4dc3770..4c54309 100644
--- a/manifests/profile/pacemaker/database/mysql.pp
+++ b/manifests/profile/pacemaker/database/mysql.pp
@@ -70,7 +70,7 @@ class tripleo::profile::pacemaker::database::mysql (
'wsrep_drupal_282555_workaround'=> '0',
'wsrep_causal_reads' => '0',
'wsrep_sst_method' => 'rsync',
- 'wsrep_provider_options' => "gmcast.listen_addr=tcp://[${mysql_bind_host}]:4567;",
+ 'wsrep_provider_options' => "gmcast.listen_addr=tcp://${mysql_bind_host}:4567;",
}
}
diff --git a/manifests/profile/pacemaker/manila.pp b/manifests/profile/pacemaker/manila.pp
index a7f91fc..961278b 100644
--- a/manifests/profile/pacemaker/manila.pp
+++ b/manifests/profile/pacemaker/manila.pp
@@ -22,67 +22,11 @@
# (Optional) The hostname of the node responsible for bootstrapping tasks
# Defaults to hiera('bootstrap_nodeid')
#
-# [*cinder_volume_type*]
-# (Optional)
-# Defaults to hiera('manila::backend::generic::cinder_volume_type', '')
-#
-# [*driver_handles_share_servers*]
-# (Optional)
-# Defaults to hiera('manila::backend::generic::driver_handles_share_servers')
-#
-# [*manila_generic_enable*]
-# (Optional) Enable the generic backend.
-# Defaults to hiera('manila_generic_enable_backend', 'false')
-#
-# [*max_time_to_attach*]
-# (Optional)
-# Defaults to hiera('manila::backend::generic::max_time_to_attach')
-#
-# [*max_time_to_create_volume*]
-# (Optional)
-# Defaults to hiera('manila::backend::generic::max_time_to_create_volume')
-#
-# [*service_instance_flavor_id*]
-# (Optional)
-# Defaults to hiera('manila::service_instance::service_instance_flavor_id')
-#
-# [*service_instance_password*]
-# (Optional)
-# Defaults to hiera('manila::service_instance::service_instance_password')
-#
-# [*service_instance_smb_config_path*]
-# (Optional)
-# Defaults to downcase(hiera('manila::backend::generic::service_instance_smb_config_path'))
-#
-# [*service_instance_user*]
-# (Optional)
-# Defaults to hiera('manila::service_instance::service_instance_user')
-#
-# [*share_mount_path*]
-# (Optional)
-# Defaults to hiera('manila::backend::generic::share_mount_path')
-#
-# [*share_volume_fstype*]
-# (Optional)
-# Defaults to hiera('manila::backend::generic::share_volume_fstype')
-#
-# [*smb_template_config_path*]
-# (Optional)
-# Defaults to hiera('manila::backend::generic::smb_template_config_path')
-#
# [*step*]
# (Optional) The current step in deployment. See tripleo-heat-templates
# for more details.
# Defaults to hiera('step')
#
-# [*volume_name_template*]
-# (Optional)
-# Defaults to hiera('manila::backend::generic::volume_name_template')
-#
-# [*volume_snapshot_name_template*]
-# (Optional)
-# Defaults to hiera('manila::backend::generic::volume_snapshot_name_template')
-#
# [*manila_cephfsnative_enable*]
# (Optional) Enable the CephFS Native backend.
# Defaults to hiera('manila_cephfsnative_enable_backend', 'false')
@@ -113,21 +57,7 @@
#
class tripleo::profile::pacemaker::manila (
$bootstrap_node = hiera('bootstrap_nodeid'),
- $cinder_volume_type = hiera('manila::backend::generic::cinder_volume_type', ''),
- $driver_handles_share_servers = hiera('manila::backend::generic::driver_handles_share_servers'),
- $manila_generic_enable = hiera('manila_generic_enable_backend', false),
- $max_time_to_attach = hiera('manila::backend::generic::max_time_to_attach'),
- $max_time_to_create_volume = hiera('manila::backend::generic::max_time_to_create_volume'),
- $service_instance_flavor_id = hiera('manila::service_instance::service_instance_flavor_id'),
- $service_instance_password = hiera('manila::service_instance::service_instance_password'),
- $service_instance_smb_config_path = hiera('manila::backend::generic::service_instance_smb_config_path'),
- $service_instance_user = hiera('manila::service_instance::service_instance_user'),
- $share_mount_path = hiera('manila::backend::generic::share_mount_path'),
- $share_volume_fstype = hiera('manila::backend::generic::share_volume_fstype'),
- $smb_template_config_path = hiera('manila::backend::generic::smb_template_config_path'),
$step = hiera('step'),
- $volume_name_template = hiera('manila::backend::generic::volume_name_template'),
- $volume_snapshot_name_template = hiera('manila::backend::generic::volume_snapshot_name_template'),
$manila_cephfsnative_enable = hiera('manila::backend::cephfsnative::enable_backend', false),
$cephfs_handles_share_servers = hiera('manila::backend::cephfsnative::driver_handles_share_servers'),
$cephfs_backend_name = hiera('manila::backend::cephfsnative::cephfs_backend_name'),
@@ -156,21 +86,26 @@ class tripleo::profile::pacemaker::manila (
include ::tripleo::profile::base::manila::scheduler
include ::tripleo::profile::base::manila::share
+ # manila generic:
+ $manila_generic_enable = hiera('manila_generic_enable_backend', false)
if $manila_generic_enable {
$manila_generic_backend = hiera('manila::backend::generic::title')
manila::backend::generic { $manila_generic_backend :
- driver_handles_share_servers => $driver_handles_share_servers,
- smb_template_config_path => $smb_template_config_path,
- volume_name_template => $volume_name_template ,
- volume_snapshot_name_template => $volume_snapshot_name_template,
- share_mount_path => $share_mount_path,
- max_time_to_create_volume => $max_time_to_create_volume,
- max_time_to_attach => $max_time_to_attach,
- service_instance_smb_config_path => $service_instance_smb_config_path,
- share_volume_fstype => $share_volume_fstype,
- cinder_volume_type => $cinder_volume_type,
+ driver_handles_share_servers => hiera('manila::backend::generic::driver_handles_share_servers', true),
+ max_time_to_attach => hiera('manila::backend::generic::max_time_to_attach'),
+ max_time_to_create_volume => hiera('manila::backend::generic::max_time_to_create_volume'),
+ service_instance_smb_config_path => hiera('manila::backend::generic::service_instance_smb_config_path'),
+ share_mount_path => hiera('manila::backend::generic::share_mount_path'),
+ share_volume_fstype => hiera('manila::backend::generic::share_volume_fstype'),
+ smb_template_config_path => hiera('manila::backend::generic::smb_template_config_path'),
+ volume_name_template => hiera('manila::backend::generic::volume_name_template'),
+ volume_snapshot_name_template => hiera('manila::backend::generic::volume_snapshot_name_template'),
+ cinder_volume_type => hiera('manila::backend::generic::cinder_volume_type'),
}
+ $service_instance_user = hiera('manila::service_instance::service_instance_user')
+ $service_instance_password = hiera('manila::service_instance::service_instance_password')
+ $service_instance_flavor_id = hiera('manila::service_instance::service_instance_flavor_id')
manila_config {
"${manila_generic_backend}/service_instance_user": value => $service_instance_user;
"${manila_generic_backend}/service_instance_password": value => $service_instance_password;
@@ -193,10 +128,35 @@ class tripleo::profile::pacemaker::manila (
}
}
+ # manila netapp:
+ $manila_netapp_enable = hiera('manila_netapp_enable_backend', false)
+ if $manila_netapp_enable {
+ $manila_netapp_backend = hiera('manila::backend::netapp::title')
+ manila::backend::netapp { $manila_netapp_backend :
+ driver_handles_share_servers => hiera('manila::backend::netapp::driver_handles_share_servers', true),
+ netapp_login => hiera('manila::backend::netapp::netapp_login'),
+ netapp_password => hiera('manila::backend::netapp::netapp_password'),
+ netapp_server_hostname => hiera('manila::backend::netapp::netapp_server_hostname'),
+ netapp_transport_type => hiera('manila::backend::netapp::netapp_transport_type'),
+ netapp_storage_family => hiera('manila::backend::netapp::netapp_storage_family'),
+ netapp_server_port => hiera('manila::backend::netapp::netapp_server_port'),
+ netapp_volume_name_template => hiera('manila::backend::netapp::netapp_volume_name_template'),
+ netapp_vserver => hiera('manila::backend::netapp::netapp_vserver'),
+ netapp_vserver_name_template => hiera('manila::backend::netapp::netapp_vserver_name_template'),
+ netapp_lif_name_template => hiera('manila::backend::netapp::netapp_lif_name_template'),
+ netapp_aggregate_name_search_pattern => hiera('manila::backend::netapp::netapp_aggregate_name_search_pattern'),
+ netapp_root_volume_aggregate => hiera('manila::backend::netapp::netapp_root_volume_aggregate'),
+ netapp_root_volume_name => hiera('manila::backend::netapp::netapp_root_volume'),
+ netapp_port_name_search_pattern => hiera('manila::backend::netapp::netapp_port_name_search_pattern'),
+ netapp_trace_flags => hiera('manila::backend::netapp::netapp_trace_flags'),
+ }
+ }
+
$manila_enabled_backends = delete_undef_values(
[
$manila_generic_backend,
- $manila_cephfsnative_backend
+ $manila_cephfsnative_backend,
+ $manila_netapp_backend
]
)
class { '::manila::backends' :