diff options
-rw-r--r-- | puppet/controller-post-puppet.yaml | 74 | ||||
-rw-r--r-- | puppet/controller-puppet.yaml | 5 | ||||
-rw-r--r-- | puppet/hieradata/controller.yaml | 18 | ||||
-rw-r--r-- | puppet/manifests/loadbalancer.pp | 386 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller.pp | 12 |
5 files changed, 44 insertions, 451 deletions
diff --git a/puppet/controller-post-puppet.yaml b/puppet/controller-post-puppet.yaml index 72b35793..38a7e599 100644 --- a/puppet/controller-post-puppet.yaml +++ b/puppet/controller-post-puppet.yaml @@ -9,64 +9,6 @@ parameters: resources: - # NOTE(dprince): this example uses a composition class - # on the puppet side (loadbalancer.pp). This seemed like the - # cleanest way to encapulate the puppet resources definitions - # for HAProxy and Keepalived. - ControllerLoadbalancerPuppetConfig: - type: OS::Heat::SoftwareConfig - properties: - group: puppet - options: - enable_hiera: True - enable_facter: False - inputs: - - name: tripleo::loadbalancer::keystone_admin - default: true - - name: tripleo::loadbalancer::keystone_public - default: true - - name: tripleo::loadbalancer::neutron - default: true - - name: tripleo::loadbalancer::cinder - default: true - - name: tripleo::loadbalancer::glance_api - default: true - - name: tripleo::loadbalancer::glance_registry - default: true - - name: tripleo::loadbalancer::nova_ec2 - default: true - - name: tripleo::loadbalancer::nova_osapi - default: true - - name: tripleo::loadbalancer::nova_metadata - default: true - - name: tripleo::loadbalancer::nova_novncproxy - default: true - - name: tripleo::loadbalancer::mysql - default: true - - name: tripleo::loadbalancer::rabbitmq - default: true - - name: tripleo::loadbalancer::swift_proxy_server - default: true - - name: tripleo::loadbalancer::ceilometer - default: true - - name: tripleo::loadbalancer::heat_api - default: true - - name: tripleo::loadbalancer::heat_cloudwatch - default: true - - name: tripleo::loadbalancer::heat_cfn - default: true - outputs: - - name: result - config: - get_file: manifests/loadbalancer.pp - - ControllerLoadbalancerPuppetDeployment: - type: OS::Heat::SoftwareDeployments - properties: - name: puppet_1 - servers: {get_param: servers} - config: {get_resource: ControllerLoadbalancerPuppetConfig} - ControllerPuppetConfig: type: OS::Heat::SoftwareConfig properties: @@ -74,8 +16,6 @@ resources: options: enable_hiera: True enable_facter: False - inputs: - - name: step outputs: - name: result config: @@ -84,6 +24,16 @@ resources: # Step through a series of Puppet runs using the same manifest. # NOTE(dprince): Heat breakpoints would make for a really cool way to step # through breakpoints in a controlled manner across the entire cluster + ControllerPuppetDeploymentLoadBalancer: + type: OS::Heat::StructuredDeployments + properties: + name: puppet_1 + servers: {get_param: servers} + config: {get_resource: ControllerPuppetConfig} + input_values: + step: 1 + actions: ['CREATE'] # no need for two passes on an UPDATE + ControllerPuppetDeploymentServicesBase: type: OS::Heat::StructuredDeployments properties: @@ -91,7 +41,7 @@ resources: servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: - step: 1 + step: 2 actions: ['CREATE'] # no need for two passes on an UPDATE ControllerRingbuilderPuppetConfig: @@ -121,4 +71,4 @@ resources: servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: - step: 2 + step: 3 diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml index 3e2957f9..d838f99b 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller-puppet.yaml @@ -730,6 +730,11 @@ resources: controller_virtual_ip: {get_input: controller_virtual_ip} public_virtual_interface: {get_input: public_virtual_interface} public_virtual_ip: {get_input: public_virtual_ip} + tripleo::loadbalancer::controller_host: {get_input: controller_host} + tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} + tripleo::loadbalancer::controller_virtual_ip: {get_input: controller_virtual_ip} + tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} + tripleo::loadbalancer::public_virtual_ip: {get_input: public_virtual_ip} enable_package_install: {get_input: enable_package_install} outputs: diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 39d2a487..47f358a9 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -71,3 +71,21 @@ heat::engine::configure_delegated_roles: false heat::engine::trusts_delegated_roles: [] mysql::server::manage_config_file: true + +tripleo::loadbalancer::keystone_admin: true +tripleo::loadbalancer::keystone_public: true +tripleo::loadbalancer::neutron: true +tripleo::loadbalancer::cinder: true +tripleo::loadbalancer::glance_api: true +tripleo::loadbalancer::glance_registry: true +tripleo::loadbalancer::nova_ec2: true +tripleo::loadbalancer::nova_osapi: true +tripleo::loadbalancer::nova_metadata: true +tripleo::loadbalancer::nova_novncproxy: true +tripleo::loadbalancer::mysql: true +tripleo::loadbalancer::rabbitmq: true +tripleo::loadbalancer::swift_proxy_server: true +tripleo::loadbalancer::ceilometer: true +tripleo::loadbalancer::heat_api: true +tripleo::loadbalancer::heat_cloudwatch: true +tripleo::loadbalancer::heat_cfn: true diff --git a/puppet/manifests/loadbalancer.pp b/puppet/manifests/loadbalancer.pp deleted file mode 100644 index 88e6bdd4..00000000 --- a/puppet/manifests/loadbalancer.pp +++ /dev/null @@ -1,386 +0,0 @@ -# Copyright 2014 Red Hat, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -if !str2bool(hiera('enable_package_install', 'false')) { - case $::osfamily { - 'RedHat': { - Package { provider => 'norpm' } # provided by tripleo-puppet - } - default: { - warning('enable_package_install option not supported.') - } - } -} - -class tripleo::loadbalancer ( - $keystone_admin = false, - $keystone_public = false, - $neutron = false, - $cinder = false, - $glance_api = false, - $glance_registry = false, - $nova_ec2 = false, - $nova_osapi = false, - $nova_metadata = false, - $nova_novncproxy = false, - $ceilometer = false, - $swift_proxy_server = false, - $heat_api = false, - $heat_cloudwatch = false, - $heat_cfn = false, - $horizon = false, - $mysql = false, - $rabbitmq = false, -) { - - case $::osfamily { - 'RedHat': { - $keepalived_name_is_process = false - $keepalived_vrrp_script = 'systemctl status haproxy.service' - } # RedHat - 'Debian': { - $keepalived_name_is_process = true - $keepalived_vrrp_script = undef - } - } - - class { 'keepalived': } - keepalived::vrrp_script { 'haproxy': - name_is_process => $keepalived_name_is_process, - script => $keepalived_vrrp_script, - } - - # KEEPALIVE INSTANCE CONTROL - keepalived::instance { '51': - interface => hiera('control_virtual_interface'), - virtual_ips => [join([hiera('controller_virtual_ip'), ' dev ', hiera('control_virtual_interface')])], - state => 'MASTER', - track_script => ['haproxy'], - priority => 101, - } - - # KEEPALIVE INSTANCE PUBLIC - keepalived::instance { '52': - interface => hiera('public_virtual_interface'), - virtual_ips => [join([hiera('public_virtual_ip'), ' dev ', hiera('public_virtual_interface')])], - state => 'MASTER', - track_script => ['haproxy'], - priority => 101, - } - - sysctl::value { 'net.ipv4.ip_nonlocal_bind': value => '1' } - - class { 'haproxy': - global_options => { - 'log' => '/dev/log local0', - 'pidfile' => '/var/run/haproxy.pid', - 'user' => 'haproxy', - 'group' => 'haproxy', - 'daemon' => '', - 'maxconn' => '4000', - }, - defaults_options => { - 'mode' => 'tcp', - 'log' => 'global', - 'retries' => '3', - 'maxconn' => '150', - 'option' => [ 'tcpka', 'tcplog' ], - 'timeout' => [ 'http-request 10s', 'queue 1m', 'connect 10s', 'client 1m', 'server 1m', 'check 10s' ], - }, - } - - haproxy::listen { 'haproxy.stats': - ipaddress => '*', - ports => '1993', - mode => 'http', - options => { - 'stats' => 'enable', - }, - collect_exported => false, - } - - if $keystone_admin { - haproxy::listen { 'keystone_admin': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 35357, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'keystone_admin': - listening_service => 'keystone_admin', - ports => '35357', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $keystone_public { - haproxy::listen { 'keystone_public': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 5000, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'keystone_public': - listening_service => 'keystone_public', - ports => '5000', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $neutron { - haproxy::listen { 'neutron': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 9696, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'neutron': - listening_service => 'neutron', - ports => '9696', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $cinder { - haproxy::listen { 'cinder': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 8776, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'cinder': - listening_service => 'cinder', - ports => '8776', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $glance_api { - haproxy::listen { 'glance_api': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 9292, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'glance_api': - listening_service => 'glance_api', - ports => '9292', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - - if $glance_registry { - haproxy::listen { 'glance_registry': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 9191, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'glance_registry': - listening_service => 'glance_registry', - ports => '9191', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $nova_ec2 { - haproxy::listen { 'nova_ec2': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 8773, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'nova_ec2': - listening_service => 'nova_ec2', - ports => '8773', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $nova_osapi { - haproxy::listen { 'nova_osapi': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 8774, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'nova_osapi': - listening_service => 'nova_osapi', - ports => '8774', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $nova_metadata { - haproxy::listen { 'nova_metadata': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 8775, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'nova_metadata': - listening_service => 'nova_metadata', - ports => '8775', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $nova_novncproxy { - haproxy::listen { 'nova_novncproxy': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 6080, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'nova_novncproxy': - listening_service => 'nova_novncproxy', - ports => '6080', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $ceilometer { - haproxy::listen { 'ceilometer': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 8777, - collect_exported => false, - } - haproxy::balancermember { 'ceilometer': - listening_service => 'ceilometer', - ports => '8777', - ipaddresses => hiera('controller_host'), - options => [], - } - } - - if $swift_proxy_server { - haproxy::listen { 'swift_proxy_server': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 8080, - options => { 'option' => [ 'httpchk GET /info' ] }, - collect_exported => false, - } - haproxy::balancermember { 'swift_proxy_server': - listening_service => 'swift_proxy_server', - ports => '8080', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $heat_api { - haproxy::listen { 'heat_api': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 8004, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'heat_api': - listening_service => 'heat_api', - ports => '8004', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $heat_cloudwatch { - haproxy::listen { 'heat_cloudwatch': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 8003, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'heat_cloudwatch': - listening_service => 'heat_cloudwatch', - ports => '8003', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $heat_cfn { - haproxy::listen { 'heat_cfn': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 8000, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'heat_cfn': - listening_service => 'heat_cfn', - ports => '8000', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $horizon { - haproxy::listen { 'horizon': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 80, - options => { 'option' => [ 'httpchk GET /' ] }, - collect_exported => false, - } - haproxy::balancermember { 'horizon': - listening_service => 'horizon', - ports => '80', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $mysql { - haproxy::listen { 'mysql': - ipaddress => [hiera('controller_virtual_ip')], - ports => 3306, - options => { 'timeout' => [ 'client 0', 'server 0' ] }, - collect_exported => false, - } - haproxy::balancermember { 'mysql': - listening_service => 'mysql', - ports => '3306', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - - if $rabbitmq { - haproxy::listen { 'rabbitmq': - ipaddress => [hiera('controller_virtual_ip'), hiera('public_virtual_ip')], - ports => 5672, - options => { 'timeout' => [ 'client 0', 'server 0' ] }, - collect_exported => false, - } - haproxy::balancermember { 'rabbitmq': - listening_service => 'rabbitmq', - ports => '5672', - ipaddresses => hiera('controller_host'), - options => ['check', 'inter 2000', 'rise 2', 'fall 5'], - } - } - -} - -include ::tripleo::loadbalancer diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index fef749c5..5b04b6d0 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -26,6 +26,12 @@ if !str2bool(hiera('enable_package_install', 'false')) { if hiera('step') >= 1 { + include ::tripleo::loadbalancer + +} + +if hiera('step') >= 2 { + if count(hiera('ntp::servers')) > 0 { include ::ntp } @@ -158,9 +164,9 @@ if hiera('step') >= 1 { include ::ceph::profile::mon } -} #END STEP 1 +} #END STEP 2 -if hiera('step') >= 2 { +if hiera('step') >= 3 { include ::keystone @@ -327,4 +333,4 @@ if hiera('step') >= 2 { snmpd_config => [ join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ], } -} #END STEP 2 +} #END STEP 3 |