Puppet: overcloud compute config

This patch provides an alternate implementation of
the OS::TripleO::Compute::SoftwareConfig which uses Puppet
to drive the configuration. Using this it is possible
to create a fully functional overcloud compute instance
which has the compute node configured via Puppet
stackforge modules.  This includes all the Nova, Neutron,
and Ceilometer configuration required to make things work.

In order to test this you'll want to build your images
with these elements:

 os-net-config
 heat-config-puppet
 puppet-modules
 hiera

None of the OpenStack specific TripleO elements
should be used with this approach (the nova/neutron/ceilometer
elements were NOT used to build the compute image).

Also, rather than use neutron-openvswitch-agent to configure
low level networking it is recommended that os-net-config
by configured directly via heat modeling rather than
parameter passing to init-neutron-ovs. This allows us to
configure the physical network while avoiding the coupling to
the neutron-openvswitch-element that our standard
parameter driven networking currently uses. (We still need
to move init-neutron-ovs so that it isn't coupled and/or deprecate
its use entirely because the heat drive stuff is more flexible.)

Packages may optionally be pre-installed via DIB using the
-p option (-p openstack-neutron,openstack-nova).

Change-Id: Ic36be25d70f0a94ca07ffda6e0005669b81c1ac7

7 files changed, 209 insertions, 0 deletions

diff --git a/compute-config-puppet.yaml b/compute-config-puppet.yaml
new file mode 100644
index 00000000..8414579c
--- /dev/null
+++ b/compute-config-puppet.yaml
@@ -0,0 +1,112 @@
+# Copyright 2014 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+heat_template_version: 2014-10-16
+
+description: >
+  Puppet Software Config for Nova Compute.
+
+parameters:
+  server_id:
+    type: string
+    hidden: true
+
+resources:
+
+  ComputePuppetConfig:
+    type: OS::Heat::SoftwareConfig
+    properties:
+      group: puppet
+      outputs:
+      - name: result
+      config:
+        get_file: puppet/overcloud_compute.pp
+
+  ComputePuppetDeployment:
+    type: OS::Heat::StructuredDeployment
+    properties:
+      server: {get_param: server_id}
+      config: {get_resource: ComputePuppetConfig}
+      signal_transport: NO_SIGNAL
+
+  NovaComputeConfigImpl:
+    type: OS::Heat::StructuredConfig
+    properties:
+      group: os-apply-config
+      config:
+        hiera:
+          hierarchy:
+            - heat_config_%{::deploy_config_name}
+            - compute
+            - common
+          datafiles:
+            common:
+              raw_data: {get_file: puppet/hieradata/common.yaml}
+            compute:
+              raw_data: {get_file: puppet/hieradata/compute.yaml}
+              oac_data:
+                nova::compute::vncserver_proxyclient_address: local-ipv4
+              mapped_data:
+                #nova::debug: {get_input: debug}
+                nova_compute_driver: {get_input: nova_compute_driver}
+                nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
+                nova_api_host: {get_input: nova_api_host}
+                nova::compute::vncproxy_host: {get_input: nova_public_ip}
+                nova_password: {get_input: nova_password}
+                #ceilometer::debug: {get_input: debug}
+                ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
+                ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
+                ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
+                snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
+                snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
+                glance_host: {get_input: glance_host}
+                glance_port: {get_input: glance_port}
+                glance_protocol: {get_input: glance_protocol}
+                keystone_host: {get_input: keystone_host}
+                #neutron::debug: {get_input: debug}
+                neutron_flat_networks: {get_input: neutron_flat_networks}
+                neutron_host: {get_input: neutron_host}
+                neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
+                neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
+                neutron_tunnel_types: {get_input: neutron_tunnel_types}
+                neutron::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
+                neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
+                neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
+                neutron_physical_bridge: {get_input: neutron_physical_bridge}
+                neutron_public_interface: {get_input: neutron_public_interface}
+                nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
+                neutron_router_distributed: {get_input: neutron_router_distributed}
+                neutron_agent_mode: {get_input: neutron_agent_mode}
+                neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
+                neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
+                neutron_allow_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
+                neutron_allow_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
+                neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
+                admin_password: {get_input: admin_password}
+                nova::rabbit_host: {get_input: rabbit_host}
+                neutron::rabbit_host: {get_input: rabbit_host}
+                ceilometer::rabbit_host: {get_input: rabbit_host}
+                nova::rabbit_userid: {get_input: rabbit_username}
+                neutron::rabbit_user: {get_input: rabbit_username}
+                ceilometer::rabbit_userid: {get_input: rabbit_username}
+                nova::rabbit_password: {get_input: rabbit_password}
+                neutron::rabbit_password: {get_input: rabbit_password}
+                ceilometer::rabbit_password: {get_input: rabbit_password}
+                ntp_server: {get_input: ntp_server}
+
+outputs:
+  config_id:
+    description: The ID of the NovaComputeConfigImpl resource.
+    value:
+      {get_resource: NovaComputeConfigImpl}
diff --git a/compute-config.yaml b/compute-config.yaml
index 45bb8e1e..8cc73103 100644
--- a/compute-config.yaml
+++ b/compute-config.yaml
@@ -3,6 +3,13 @@ heat_template_version: 2014-10-16
 description: >
   Software Config for Nova Compute.
 
+parameters:
+  # unused here but is a placeholder for other compute-config templates
+  # which may choose to create in-templates resources that require server
+  server_id:
+    type: string
+    hidden: true
+
 resources:
   NovaComputeConfigImpl:
     type: OS::Heat::StructuredConfig
diff --git a/compute.yaml b/compute.yaml
index c0a69afe..a7a7ab8c 100644
--- a/compute.yaml
+++ b/compute.yaml
@@ -257,6 +257,9 @@ resources:
 
   NovaComputeConfig:
     type: OS::TripleO::Compute::SoftwareConfig
+    properties:
+      # allow configs to create sub-resources attached to the server
+      server_id: {get_resource: NovaCompute}
 
   NovaComputeDeployment:
     type: OS::TripleO::SoftwareDeployment
diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml
new file mode 100644
index 00000000..30afa813
--- /dev/null
+++ b/overcloud-resource-registry-puppet.yaml
@@ -0,0 +1,8 @@
+resource_registry:
+  OS::TripleO::BlockStorage: cinder-storage.yaml
+  OS::TripleO::Compute: compute.yaml
+  OS::TripleO::Compute::SoftwareConfig: compute-config-puppet.yaml
+  OS::TripleO::SoftwareDeployment: OS::Heat::StructuredDeployment
+  OS::TripleO::Controller: controller.yaml
+  OS::TripleO::ObjectStorage: swift-storage.yaml
+  OS::TripleO::Net::SoftwareConfig: net-config-bridge.yaml
diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml
new file mode 100644
index 00000000..884be6af
--- /dev/null
+++ b/puppet/hieradata/common.yaml
@@ -0,0 +1 @@
+# Common Hiera data gets applied to all nodes
diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml
new file mode 100644
index 00000000..ffa716a4
--- /dev/null
+++ b/puppet/hieradata/compute.yaml
@@ -0,0 +1,20 @@
+# Hiera data here applies to all compute nodes
+
+nova::notify_on_state_change: 'vm_and_task_state'
+
+nova::compute::enabled: true
+nova::compute::instance_usage_audit: true
+nova::compute::instance_usage_audit_period: 'hour'
+nova::compute::vnc_enabled: true
+
+nova::compute::libvirt::vncserver_listen: '0.0.0.0'
+nova::compute::libvirt::migration_support: true
+
+nova::network::neutron::neutron_admin_tenant_name: 'service'
+nova::network::neutron::neutron_admin_username: 'neutron'
+nova::network::neutron::vif_plugging_is_fatal: false
+nova::network::neutron::vif_plugging_timeout: 30
+
+neutron::plugins::ml2::tunnel_id_ranges: ['1:1000']
+
+ceilometer::agent::auth::auth_tenant_name: 'service'
diff --git a/puppet/overcloud_compute.pp b/puppet/overcloud_compute.pp
new file mode 100644
index 00000000..798fb544
--- /dev/null
+++ b/puppet/overcloud_compute.pp
@@ -0,0 +1,58 @@
+# Copyright 2014 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+class { 'nova':
+  glance_api_servers => join([hiera('glance_protocol'), '://', hiera('glance_host'), ':', hiera('glance_port')]),
+}
+
+file { ['/etc/libvirt/qemu/networks/autostart/default.xml',
+        '/etc/libvirt/qemu/networks/default.xml']:
+  ensure => absent,
+  before => Service['libvirt']
+}
+
+include ::nova::compute
+
+nova_config {
+  'DEFAULT/my_ip':                     value => $ipaddress;
+  'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver';
+}
+
+include ::nova::compute::libvirt
+
+class { 'nova::network::neutron':
+  neutron_admin_auth_url => join(['http://', hiera('neutron_host'), ':35357/v2.0']),
+  neutron_url            => join(['http://', hiera('neutron_host'), ':9696']),
+}
+
+include ::neutron
+
+class { 'neutron::plugins::ml2':
+  flat_networks        => split(hiera('neutron_flat_networks'), ','),
+  tenant_network_types => [hiera('neutron_tenant_network_type')],
+  type_drivers         => [hiera('neutron_tenant_network_type')],
+}
+
+class { 'neutron::agents::ml2::ovs':
+  bridge_mappings => split(hiera('neutron_bridge_mappings'), ','),
+  tunnel_types    => split(hiera('neutron_tunnel_types'), ','),
+}
+
+include ::ceilometer
+include ::ceilometer::agent::compute
+
+class { 'ceilometer::agent::auth':
+  auth_url => join(['http://', hiera('keystone_host'), ':5000/v2.0']),
+}