Re-organizes Contrail services to the correct roles

In current setup some Contrail services belong to the wrong roles. The Contrail control plane can be impacted if the Analytics database has problems. Change-Id: I0d57a2324c38b5b20cc687c6217a7a364941f7e6 Depends-On: Id0dd35b95c5fe9d0fcc1e16c4b7d6cc601f10818 Closes-Bug: #1659560
author: Michael Henkel <mhenkel@juniper.net> 2017-01-26 15:24:04 +0100
committer: Michael Henkel <mhenkel@juniper.net> 2017-02-08 20:25:41 +0100
commit: da91bb6e1e041b4462765c87ff36458528d952e8 (patch)
tree: d0423a1cd45ced6af122dcaded289a90d0eab73d /puppet/services/network/contrail-base.yaml
parent: 4774913d09e62b433d99eb6aa3b04f8e3e13fa9c (diff)
1 files changed, 44 insertions, 41 deletions
diff --git a/puppet/services/network/contrail-base.yaml b/puppet/services/network/contrail-base.yaml
index b49b2add..bc56a3ca 100644
--- a/puppet/services/network/contrail-base.yaml
+++ b/puppet/services/network/contrail-base.yaml
@@ -18,47 +18,42 @@ parameters:
     description: Mapping of service endpoint -> protocol. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  ContrailAAAMode:
+    description: AAAmode can be no-auth, cloud-admin or rbac
+    type: string
+    default: 'rbac'
+  ContrailAAAModeAnalytics:
+    description: AAAmode for analytics can be no-auth, cloud-admin or rbac
+    type: string
+    default: 'no-auth'
   AdminPassword:
     description: Keystone admin user password
     type: string
+    hidden: true
   AdminTenantName:
     description: Keystone admin tenant name
     type: string
+    default: 'admin'
   AdminToken:
     description: Keystone admin token
     type: string
+    hidden: true
   AdminUser:
     description: Keystone admin user name
     type: string
-  AuthHost:
-    description: Keystone host IP address
-    type: string
-  AuthPort:
-    default: 35357
-    description: Keystone port
+    default: 'admin'
+  AuthPortSSL:
+    default: 13357
+    description: Keystone SSL port
+    type: number
+  AuthPortSSLPublic:
+    default: 13000
+    description: Keystone Public SSL port
     type: number
-  AuthProtocol:
-    default: 'http'
-    description: Keystone authentication protocol
-    type: string
-  ContrailDiscoveryServerIp:
-    description: Discovery server ip address
-    type: string
-  ContrailKafkaBrokerList:
-    description: List of kafka servers
-    type: comma_delimited_list
   ContrailAuth:
     default: 'keystone'
     description: Keystone authentication method
     type: string
-  ContrailCassandraServerList:
-    default: []
-    description: List of cassandra servers
-    type: comma_delimited_list
-  ContrailDiscoveryServerPort:
-    description: Discovery server port
-    type: number
-    default: 5998
   ContrailInsecure:
     default: false
     description: Keystone insecure mode
@@ -67,14 +62,18 @@ parameters:
     default: '127.0.0.1:12111'
     description: Memcached server
     type: string
-  ContrailMultiTenancy:
-    default: true
-    description: Turn on/off multi-tenancy
-    type: boolean
-  ContrailZkServerIp:
-    default: []
-    description: List of zookeeper servers
-    type: comma_delimited_list
+  RabbitPassword:
+    description: The password for RabbitMQ
+    type: string
+    hidden: true
+  RabbitUserName:
+    default: guest
+    description: The username for RabbitMQ
+    type: string
+  RabbitClientPort:
+    default: 5672
+    description: Set rabbit subscriber port, change this if using SSL
+    type: number
 
 outputs:
   role_data:
@@ -82,19 +81,23 @@ outputs:
     value:
       service_name: contrail_base
       config_settings:
+        contrail::aaa_mode: {get_param: ContrailAAAMode}
+        contrail::analytics_aaa_mode: {get_param: ContrailAAAModeAnalytics}
         contrail::admin_password: {get_param: AdminPassword}
         contrail::admin_tenant_name: {get_param: AdminTenantName}
         contrail::admin_token: {get_param: AdminToken}
         contrail::admin_user: {get_param: AdminUser}
-        contrail::auth_host: {get_param: [EndpointMap, KeystoneInternal, host] }
-        contrail::auth_port: {get_param: [EndpointMap, KeystoneInternal, port] }
-        contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] }
-        contrail::disc_server_ip: {get_param: ContrailDiscoveryServerIp}
-        contrail::kafka_broker_list: {get_param: ContrailKafkaBrokerList}
         contrail::auth: {get_param: ContrailAuth}
-        contrail::cassandra_server_list: {get_param: ContrailCassandraServerList}
-        contrail::disc_server_port: {get_param: ContrailDiscoveryServerPort}
+        contrail::auth_host: {get_param: [EndpointMap, KeystonePublic, host] }
+        contrail::auth_port: {get_param: [EndpointMap, KeystoneAdmin, port] }
+        contrail::auth_port_ssl: {get_param: AuthPortSSL }
+        contrail::auth_port_public: {get_param: [EndpointMap, KeystonePublic, port] }
+        contrail::auth_port_ssl_public: {get_param: AuthPortSSLPublic }
+        contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] }
+        contrail::api_port: {get_param: [EndpointMap, ContrailConfigInternal, port] }
+        contrail::disc_server_port: {get_param: [EndpointMap, ContrailDiscoveryInternal, port] }
         contrail::insecure: {get_param: ContrailInsecure}
         contrail::memcached_server: {get_param: ContrailMemcachedServer}
-        contrail::multi_tenancy: {get_param: ContrailMultiTenancy}
-        contrail::zk_server_ip: {get_param: ContrailZkServerIp}
+        contrail::rabbit_password: {get_param: RabbitPassword}
+        contrail::rabbit_user: {get_param: RabbitUserName}
+        contrail::rabbit_port: {get_param: RabbitClientPort}
author	Michael Henkel <mhenkel@juniper.net>	2017-01-26 15:24:04 +0100
committer	Michael Henkel <mhenkel@juniper.net>	2017-02-08 20:25:41 +0100
commit	da91bb6e1e041b4462765c87ff36458528d952e8 (patch)
tree	d0423a1cd45ced6af122dcaded289a90d0eab73d /puppet/services/network/contrail-base.yaml
parent	4774913d09e62b433d99eb6aa3b04f8e3e13fa9c (diff)