summaryrefslogtreecommitdiffstats
path: root/puppet/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/manifests')
-rw-r--r--puppet/manifests/overcloud_cephstorage.pp67
-rw-r--r--puppet/manifests/overcloud_compute.pp340
-rw-r--r--puppet/manifests/overcloud_controller.pp25
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp65
-rw-r--r--puppet/manifests/overcloud_object.pp64
-rw-r--r--puppet/manifests/ringbuilder.pp5
6 files changed, 252 insertions, 314 deletions
diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp
index fd7faff1..4add2f02 100644
--- a/puppet/manifests/overcloud_cephstorage.pp
+++ b/puppet/manifests/overcloud_cephstorage.pp
@@ -16,41 +16,46 @@
include ::tripleo::packages
include ::tripleo::firewall
-create_resources(kmod::load, hiera('kernel_modules'), {})
-create_resources(sysctl::value, hiera('sysctl_settings'), {})
-Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
+if hiera('step') >= 1 {
-if count(hiera('ntp::servers')) > 0 {
- include ::ntp
-}
+ create_resources(kmod::load, hiera('kernel_modules'), {})
+ create_resources(sysctl::value, hiera('sysctl_settings'), {})
+ Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
-include ::timezone
+ include ::timezone
-if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
- exec { 'set selinux to permissive on boot':
- command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config",
- onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config",
- path => ['/usr/bin', '/usr/sbin'],
+ if count(hiera('ntp::servers')) > 0 {
+ include ::ntp
}
-
- exec { 'set selinux to permissive':
- command => 'setenforce 0',
- onlyif => "which setenforce && getenforce | grep -i 'enforcing'",
- path => ['/usr/bin', '/usr/sbin'],
- } -> Class['ceph::profile::osd']
}
-if str2bool(hiera('ceph_ipv6', false)) {
- $mon_host = hiera('ceph_mon_host_v6')
-} else {
- $mon_host = hiera('ceph_mon_host')
-}
-class { '::ceph::profile::params':
- mon_host => $mon_host,
-}
-include ::ceph::conf
-include ::ceph::profile::client
-include ::ceph::profile::osd
+if hiera('step') >= 3 {
+ if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
+ exec { 'set selinux to permissive on boot':
+ command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config",
+ onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config",
+ path => ['/usr/bin', '/usr/sbin'],
+ }
+
+ exec { 'set selinux to permissive':
+ command => 'setenforce 0',
+ onlyif => "which setenforce && getenforce | grep -i 'enforcing'",
+ path => ['/usr/bin', '/usr/sbin'],
+ } -> Class['ceph::profile::osd']
+ }
-hiera_include('ceph_classes')
-package_manifest{'/var/lib/tripleo/installed-packages/overcloud_ceph': ensure => present}
+ if str2bool(hiera('ceph_ipv6', false)) {
+ $mon_host = hiera('ceph_mon_host_v6')
+ } else {
+ $mon_host = hiera('ceph_mon_host')
+ }
+ class { '::ceph::profile::params':
+ mon_host => $mon_host,
+ }
+ include ::ceph::conf
+ include ::ceph::profile::client
+ include ::ceph::profile::osd
+
+ hiera_include('ceph_classes')
+ package_manifest{'/var/lib/tripleo/installed-packages/overcloud_ceph': ensure => present}
+}
diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp
index 43e87789..cf20c0ca 100644
--- a/puppet/manifests/overcloud_compute.pp
+++ b/puppet/manifests/overcloud_compute.pp
@@ -16,8 +16,8 @@
include ::tripleo::packages
include ::tripleo::firewall
-create_resources(kmod::load, hiera('kernel_modules'), {})
-create_resources(sysctl::value, hiera('sysctl_settings'), {})
+create_resources(kmod::load, hiera('kernel_modules'), { })
+create_resources(sysctl::value, hiera('sysctl_settings'), { })
Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
if count(hiera('ntp::servers')) > 0 {
@@ -26,200 +26,198 @@ if count(hiera('ntp::servers')) > 0 {
include ::timezone
-file { ['/etc/libvirt/qemu/networks/autostart/default.xml',
- '/etc/libvirt/qemu/networks/default.xml']:
- ensure => absent,
- before => Service['libvirt'],
-}
-# in case libvirt has been already running before the Puppet run, make
-# sure the default network is destroyed
-exec { 'libvirt-default-net-destroy':
- command => '/usr/bin/virsh net-destroy default',
- onlyif => '/usr/bin/virsh net-info default | /bin/grep -i "^active:\s*yes"',
- before => Service['libvirt'],
-}
-
-# When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique
-exec { 'reset-iscsi-initiator-name':
- command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi',
- onlyif => '/usr/bin/test ! -f /etc/iscsi/.initiator_reset',
-}->
-
-file { '/etc/iscsi/.initiator_reset':
- ensure => present,
-}
-
-include ::nova
-include ::nova::config
-include ::nova::compute
+if hiera('step') >= 4 {
-$rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false)
-$rbd_persistent_storage = hiera('rbd_persistent_storage', false)
-if $rbd_ephemeral_storage or $rbd_persistent_storage {
- if str2bool(hiera('ceph_ipv6', false)) {
- $mon_host = hiera('ceph_mon_host_v6')
- } else {
- $mon_host = hiera('ceph_mon_host')
+ file { ['/etc/libvirt/qemu/networks/autostart/default.xml',
+ '/etc/libvirt/qemu/networks/default.xml']:
+ ensure => absent,
+ before => Service['libvirt'],
}
- class { '::ceph::profile::params':
- mon_host => $mon_host,
+ # in case libvirt has been already running before the Puppet run, make
+ # sure the default network is destroyed
+ exec { 'libvirt-default-net-destroy':
+ command => '/usr/bin/virsh net-destroy default',
+ onlyif => '/usr/bin/virsh net-info default | /bin/grep -i "^active:\s*yes"',
+ before => Service['libvirt'],
}
- include ::ceph::conf
- include ::ceph::profile::client
- $client_keys = hiera('ceph::profile::params::client_keys')
- $client_user = join(['client.', hiera('ceph_client_user_name')])
- class { '::nova::compute::rbd':
- libvirt_rbd_secret_key => $client_keys[$client_user]['secret'],
+ # When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique
+ exec { 'reset-iscsi-initiator-name':
+ command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi',
+ onlyif => '/usr/bin/test ! -f /etc/iscsi/.initiator_reset',
+ }->
+
+ file { '/etc/iscsi/.initiator_reset':
+ ensure => present,
}
-}
-if hiera('cinder_enable_nfs_backend', false) {
- if str2bool($::selinux) {
- selboolean { 'virt_use_nfs':
- value => on,
- persistent => true,
- } -> Package['nfs-utils']
+ include ::nova
+ include ::nova::config
+ include ::nova::compute
+
+ $rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false)
+ $rbd_persistent_storage = hiera('rbd_persistent_storage', false)
+ if $rbd_ephemeral_storage or $rbd_persistent_storage {
+ if str2bool(hiera('ceph_ipv6', false)) {
+ $mon_host = hiera('ceph_mon_host_v6')
+ } else {
+ $mon_host = hiera('ceph_mon_host')
+ }
+ class { '::ceph::profile::params':
+ mon_host => $mon_host,
+ }
+ include ::ceph::conf
+ include ::ceph::profile::client
+
+ $client_keys = hiera('ceph::profile::params::client_keys')
+ $client_user = join(['client.', hiera('ceph_client_user_name')])
+ class { '::nova::compute::rbd':
+ libvirt_rbd_secret_key => $client_keys[$client_user]['secret'],
+ }
}
- package {'nfs-utils': } -> Service['nova-compute']
-}
+ if hiera('cinder_enable_nfs_backend', false) {
+ if str2bool($::selinux) {
+ selboolean { 'virt_use_nfs':
+ value => on,
+ persistent => true,
+ } -> Package['nfs-utils']
+ }
-if str2bool(hiera('nova::use_ipv6', false)) {
- $vncserver_listen = '::0'
-} else {
- $vncserver_listen = '0.0.0.0'
-}
+ package { 'nfs-utils': } -> Service['nova-compute']
+ }
-if $rbd_ephemeral_storage {
- class { '::nova::compute::libvirt':
- libvirt_disk_cachemodes => ['network=writeback'],
- libvirt_hw_disk_discard => 'unmap',
- vncserver_listen => $vncserver_listen,
+ if str2bool(hiera('nova::use_ipv6', false)) {
+ $vncserver_listen = '::0'
+ } else {
+ $vncserver_listen = '0.0.0.0'
}
-} else {
- class { '::nova::compute::libvirt' :
- vncserver_listen => $vncserver_listen,
+
+ if $rbd_ephemeral_storage {
+ class { '::nova::compute::libvirt':
+ libvirt_disk_cachemodes => ['network=writeback'],
+ libvirt_hw_disk_discard => 'unmap',
+ vncserver_listen => $vncserver_listen,
+ }
+ } else {
+ class { '::nova::compute::libvirt' :
+ vncserver_listen => $vncserver_listen,
+ }
}
-}
-nova_config {
- 'DEFAULT/my_ip': value => $ipaddress;
- 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver';
- 'DEFAULT/host': value => $fqdn;
- # TUNNELLED mode provides a security enhancement when using shared storage but is not
- # supported when not using shared storage.
- # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12
- # In future versions of QEMU (2.6, mostly), Dan's native encryption
- # work will obsolete the need to use TUNNELLED transport mode.
- 'libvirt/live_migration_tunnelled': value => $rbd_ephemeral_storage;
-}
+ nova_config {
+ 'DEFAULT/my_ip': value => $ipaddress;
+ 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver';
+ 'DEFAULT/host': value => $fqdn;
+ }
-if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
- file {'/etc/libvirt/qemu.conf':
- ensure => present,
- content => hiera('midonet_libvirt_qemu_data')
+ if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
+ file { '/etc/libvirt/qemu.conf':
+ ensure => present,
+ content => hiera('midonet_libvirt_qemu_data')
+ }
}
-}
-include ::nova::network::neutron
-include ::neutron
-include ::neutron::config
-
-# If the value of core plugin is set to 'nuage',
-# include nuage agent,
-# If the value of core plugin is set to 'midonet',
-# include midonet agent,
-# else use the default value of 'ml2'
-if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' {
- include ::nuage::vrs
- include ::nova::compute::neutron
-
- class { '::nuage::metadataagent':
- nova_os_tenant_name => hiera('nova::api::admin_tenant_name'),
- nova_os_password => hiera('nova_password'),
- nova_metadata_ip => hiera('nova_metadata_node_ips'),
- nova_auth_ip => hiera('keystone_public_api_virtual_ip'),
+ include ::nova::network::neutron
+ include ::neutron
+ include ::neutron::config
+
+ # If the value of core plugin is set to 'nuage',
+ # include nuage agent,
+ # If the value of core plugin is set to 'midonet',
+ # include midonet agent,
+ # else use the default value of 'ml2'
+ if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' {
+ include ::nuage::vrs
+ include ::nova::compute::neutron
+
+ class { '::nuage::metadataagent':
+ nova_os_tenant_name => hiera('nova::api::admin_tenant_name'),
+ nova_os_password => hiera('nova_password'),
+ nova_metadata_ip => hiera('nova_metadata_node_ips'),
+ nova_auth_ip => hiera('keystone_public_api_virtual_ip'),
+ }
}
-}
-elsif hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
+ elsif hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
- # TODO(devvesa) provide non-controller ips for these services
- $zookeeper_node_ips = hiera('neutron_api_node_ips')
- $cassandra_node_ips = hiera('neutron_api_node_ips')
+ # TODO(devvesa) provide non-controller ips for these services
+ $zookeeper_node_ips = hiera('neutron_api_node_ips')
+ $cassandra_node_ips = hiera('neutron_api_node_ips')
- class {'::tripleo::network::midonet::agent':
- zookeeper_servers => $zookeeper_node_ips,
- cassandra_seeds => $cassandra_node_ips
+ class { '::tripleo::network::midonet::agent':
+ zookeeper_servers => $zookeeper_node_ips,
+ cassandra_seeds => $cassandra_node_ips
+ }
}
-}
-elsif hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' {
-
- include ::contrail::vrouter
- # NOTE: it's not possible to use this class without a functional
- # contrail controller up and running
- #class {'::contrail::vrouter::provision_vrouter':
- # require => Class['contrail::vrouter'],
- #}
-}
-elsif hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' {
- # forward all ipv4 traffic
- # this is required for the vms to pass through the gateways public interface
- sysctl::value { 'net.ipv4.ip_forward': value => '1' }
-
- # ifc_ctl_pp needs to be invoked by root as part of the vif.py when a VM is powered on
- file { '/etc/sudoers.d/ifc_ctl_sudoers':
- ensure => file,
- owner => root,
- group => root,
- mode => '0440',
- content => "nova ALL=(root) NOPASSWD: /opt/pg/bin/ifc_ctl_pp *\n",
+ elsif hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' {
+
+ include ::contrail::vrouter
+ # NOTE: it's not possible to use this class without a functional
+ # contrail controller up and running
+ #class {'::contrail::vrouter::provision_vrouter':
+ # require => Class['contrail::vrouter'],
+ #}
}
-}
-else {
-
- # NOTE: this code won't live in puppet-neutron until Neutron OVS agent
- # can be gracefully restarted. See https://review.openstack.org/#/c/297211
- # In the meantime, it's safe to restart the agent on each change in neutron.conf,
- # because Puppet changes are supposed to be done during bootstrap and upgrades.
- # Some resource managed by Neutron_config (like messaging and logging options) require
- # a restart of OVS agent. This code does it.
- # In Newton, OVS agent will be able to be restarted gracefully so we'll drop the code
- # from here and fix it in puppet-neutron.
- Neutron_config<||> ~> Service['neutron-ovs-agent-service']
-
- include ::neutron::plugins::ml2
- include ::neutron::agents::ml2::ovs
-
- if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
- class { '::neutron::agents::n1kv_vem':
- n1kv_source => hiera('n1kv_vem_source', undef),
- n1kv_version => hiera('n1kv_vem_version', undef),
+ elsif hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' {
+ # forward all ipv4 traffic
+ # this is required for the vms to pass through the gateways public interface
+ sysctl::value { 'net.ipv4.ip_forward': value => '1' }
+
+ # ifc_ctl_pp needs to be invoked by root as part of the vif.py when a VM is powered on
+ file { '/etc/sudoers.d/ifc_ctl_sudoers':
+ ensure => file,
+ owner => root,
+ group => root,
+ mode => '0440',
+ content => "nova ALL=(root) NOPASSWD: /opt/pg/bin/ifc_ctl_pp *\n",
}
}
+ else {
+
+ # NOTE: this code won't live in puppet-neutron until Neutron OVS agent
+ # can be gracefully restarted. See https://review.openstack.org/#/c/297211
+ # In the meantime, it's safe to restart the agent on each change in neutron.conf,
+ # because Puppet changes are supposed to be done during bootstrap and upgrades.
+ # Some resource managed by Neutron_config (like messaging and logging options) require
+ # a restart of OVS agent. This code does it.
+ # In Newton, OVS agent will be able to be restarted gracefully so we'll drop the code
+ # from here and fix it in puppet-neutron.
+ Neutron_config<||> ~> Service['neutron-ovs-agent-service']
+
+ include ::neutron::plugins::ml2
+ include ::neutron::agents::ml2::ovs
+
+ if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
+ class { '::neutron::agents::n1kv_vem':
+ n1kv_source => hiera('n1kv_vem_source', undef),
+ n1kv_version => hiera('n1kv_vem_version', undef),
+ }
+ }
- if 'bsn_ml2' in hiera('neutron::plugins::ml2::mechanism_drivers') {
- include ::neutron::agents::bigswitch
+ if 'bsn_ml2' in hiera('neutron::plugins::ml2::mechanism_drivers') {
+ include ::neutron::agents::bigswitch
+ }
}
-}
-neutron_config {
- 'DEFAULT/host': value => $fqdn;
-}
+ neutron_config {
+ 'DEFAULT/host': value => $fqdn;
+ }
-include ::ceilometer
-include ::ceilometer::config
-include ::ceilometer::agent::compute
-include ::ceilometer::agent::auth
+ include ::ceilometer
+ include ::ceilometer::config
+ include ::ceilometer::agent::compute
+ include ::ceilometer::agent::auth
-$snmpd_user = hiera('snmpd_readonly_user_name')
-snmp::snmpv3_user { $snmpd_user:
- authtype => 'MD5',
- authpass => hiera('snmpd_readonly_user_password'),
-}
-class { '::snmp':
- agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
-}
+ $snmpd_user = hiera('snmpd_readonly_user_name')
+ snmp::snmpv3_user { $snmpd_user:
+ authtype => 'MD5',
+ authpass => hiera('snmpd_readonly_user_password'),
+ }
+ class { '::snmp':
+ agentaddress => ['udp:161','udp6:[::1]:161'],
+ snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
+ }
-hiera_include('compute_classes')
-package_manifest{'/var/lib/tripleo/installed-packages/overcloud_compute': ensure => present}
+ hiera_include('compute_classes')
+ package_manifest{ '/var/lib/tripleo/installed-packages/overcloud_compute': ensure => present }
+
+}
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index 8b2dc8b0..53bf62c7 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -117,9 +117,6 @@ if hiera('step') >= 2 {
include ::aodh::db::mysql
}
- # pre-install swift here so we can build rings
- include ::swift
-
$enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false)
if $enable_ceph {
@@ -225,8 +222,8 @@ if hiera('step') >= 4 {
class {'::tripleo::network::midonet::api':
zookeeper_servers => $zookeeper_node_ips,
- vip => hiera('tripleo::loadbalancer::public_virtual_ip'),
- keystone_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
+ vip => hiera('public_virtual_ip'),
+ keystone_ip => hiera('public_virtual_ip'),
keystone_admin_token => hiera('keystone::admin_token'),
# TODO: create a 'bind' hiera key for api
bind_address => hiera('neutron::bind_host'),
@@ -271,9 +268,9 @@ if hiera('step') >= 4 {
if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
class {'::neutron::plugins::midonet':
- midonet_api_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
+ midonet_api_ip => hiera('public_virtual_ip'),
keystone_tenant => hiera('neutron::server::auth_tenant'),
- keystone_password => hiera('neutron::server::auth_password')
+ keystone_password => hiera('neutron::server::password')
}
} else {
@@ -315,7 +312,6 @@ if hiera('step') >= 4 {
include ::cinder
include ::cinder::config
- include ::tripleo::ssl::cinder_config
include ::cinder::api
include ::cinder::glance
include ::cinder::scheduler
@@ -450,19 +446,6 @@ if hiera('step') >= 4 {
enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')),
}
- # swift proxy
- include ::swift::proxy
- include ::swift::proxy::proxy_logging
- include ::swift::proxy::healthcheck
- include ::swift::proxy::cache
- include ::swift::proxy::keystone
- include ::swift::proxy::authtoken
- include ::swift::proxy::staticweb
- include ::swift::proxy::ratelimit
- include ::swift::proxy::catch_errors
- include ::swift::proxy::tempurl
- include ::swift::proxy::formpost
-
# swift storage
if str2bool(hiera('enable_swift_storage', true)) {
class { '::swift::storage::all':
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index bbcf83d5..d6d14a83 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -318,9 +318,6 @@ if hiera('step') >= 2 {
}
}
- # pre-install swift here so we can build rings
- include ::swift
-
# Ceph
$enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false)
@@ -461,8 +458,8 @@ MYSQL_HOST=localhost\n",
class {'::tripleo::network::midonet::api':
zookeeper_servers => $zookeeper_node_ips,
- vip => hiera('tripleo::loadbalancer::public_virtual_ip'),
- keystone_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
+ vip => hiera('public_virtual_ip'),
+ keystone_ip => hiera('public_virtual_ip'),
keystone_admin_token => hiera('keystone::admin_token'),
# TODO: create a 'bind' hiera key for api
bind_address => hiera('neutron::bind_host'),
@@ -495,9 +492,9 @@ MYSQL_HOST=localhost\n",
}
if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
class {'::neutron::plugins::midonet':
- midonet_api_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
+ midonet_api_ip => hiera('public_virtual_ip'),
keystone_tenant => hiera('neutron::server::auth_tenant'),
- keystone_password => hiera('neutron::server::auth_password')
+ keystone_password => hiera('neutron::server::password')
}
}
if hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' {
@@ -542,7 +539,6 @@ MYSQL_HOST=localhost\n",
include ::cinder
include ::cinder::config
- include ::tripleo::ssl::cinder_config
class { '::cinder::api':
sync_db => $sync_db,
manage_service => false,
@@ -699,22 +695,6 @@ MYSQL_HOST=localhost\n",
enabled => false,
}
- # swift proxy
- class { '::swift::proxy' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
- }
- include ::swift::proxy::proxy_logging
- include ::swift::proxy::healthcheck
- include ::swift::proxy::cache
- include ::swift::proxy::keystone
- include ::swift::proxy::authtoken
- include ::swift::proxy::staticweb
- include ::swift::proxy::ratelimit
- include ::swift::proxy::catch_errors
- include ::swift::proxy::tempurl
- include ::swift::proxy::formpost
-
# swift storage
if str2bool(hiera('enable_swift_storage', true)) {
class {'::swift::storage::all':
@@ -1227,11 +1207,6 @@ password=\"${mysql_root_password}\"",
pacemaker::resource::service { $::ceilometer::params::agent_notification_service_name :
clone_params => 'interleave=true',
}
- pacemaker::resource::ocf { 'delay' :
- ocf_agent_name => 'heartbeat:Delay',
- clone_params => 'interleave=true',
- resource_params => 'startdelay=10',
- }
# Fedora doesn't know `require-all` parameter for constraints yet
if $::operatingsystem == 'Fedora' {
$redis_ceilometer_constraint_params = undef
@@ -1303,22 +1278,6 @@ password=\"${mysql_root_password}\"",
require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
}
- pacemaker::constraint::base { 'ceilometer-api-then-ceilometer-delay-constraint':
- constraint_type => 'order',
- first_resource => "${::ceilometer::params::api_service_name}-clone",
- second_resource => 'delay-clone',
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
- Pacemaker::Resource::Ocf['delay']],
- }
- pacemaker::constraint::colocation { 'ceilometer-delay-with-ceilometer-api-colocation':
- source => 'delay-clone',
- target => "${::ceilometer::params::api_service_name}-clone",
- score => 'INFINITY',
- require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
- Pacemaker::Resource::Ocf['delay']],
- }
# Aodh
pacemaker::resource::service { $::aodh::params::evaluator_service_name :
clone_params => 'interleave=true',
@@ -1329,22 +1288,6 @@ password=\"${mysql_root_password}\"",
pacemaker::resource::service { $::aodh::params::listener_service_name :
clone_params => 'interleave=true',
}
- pacemaker::constraint::base { 'aodh-delay-then-aodh-evaluator-constraint':
- constraint_type => 'order',
- first_resource => 'delay-clone',
- second_resource => "${::aodh::params::evaluator_service_name}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
- Pacemaker::Resource::Ocf['delay']],
- }
- pacemaker::constraint::colocation { 'aodh-evaluator-with-aodh-delay-colocation':
- source => "${::aodh::params::evaluator_service_name}-clone",
- target => 'delay-clone',
- score => 'INFINITY',
- require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
- Pacemaker::Resource::Ocf['delay']],
- }
pacemaker::constraint::base { 'aodh-evaluator-then-aodh-notifier-constraint':
constraint_type => 'order',
first_resource => "${::aodh::params::evaluator_service_name}-clone",
diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp
index ae074589..3585c993 100644
--- a/puppet/manifests/overcloud_object.pp
+++ b/puppet/manifests/overcloud_object.pp
@@ -16,42 +16,46 @@
include ::tripleo::packages
include ::tripleo::firewall
-create_resources(kmod::load, hiera('kernel_modules'), {})
-create_resources(sysctl::value, hiera('sysctl_settings'), {})
-Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
+if hiera('step') >= 1 {
+ create_resources(kmod::load, hiera('kernel_modules'), {})
+ create_resources(sysctl::value, hiera('sysctl_settings'), {})
+ Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
-if count(hiera('ntp::servers')) > 0 {
- include ::ntp
-}
-
-include ::timezone
+ include ::timezone
-include ::swift
-class { '::swift::storage::all':
- mount_check => str2bool(hiera('swift_mount_check')),
-}
-if(!defined(File['/srv/node'])) {
- file { '/srv/node':
- ensure => directory,
- owner => 'swift',
- group => 'swift',
- require => Package['openstack-swift'],
+ if count(hiera('ntp::servers')) > 0 {
+ include ::ntp
}
}
-$swift_components = ['account', 'container', 'object']
-swift::storage::filter::recon { $swift_components : }
-swift::storage::filter::healthcheck { $swift_components : }
+if hiera('step') >= 4 {
+ class { '::swift::storage::all':
+ mount_check => str2bool(hiera('swift_mount_check')),
+ }
+ if(!defined(File['/srv/node'])) {
+ file { '/srv/node':
+ ensure => directory,
+ owner => 'swift',
+ group => 'swift',
+ require => Package['openstack-swift'],
+ }
+ }
+
+ $swift_components = ['account', 'container', 'object']
+ swift::storage::filter::recon { $swift_components : }
+ swift::storage::filter::healthcheck { $swift_components : }
-$snmpd_user = hiera('snmpd_readonly_user_name')
-snmp::snmpv3_user { $snmpd_user:
- authtype => 'MD5',
- authpass => hiera('snmpd_readonly_user_password'),
-}
-class { '::snmp':
- agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
+ $snmpd_user = hiera('snmpd_readonly_user_name')
+ snmp::snmpv3_user { $snmpd_user:
+ authtype => 'MD5',
+ authpass => hiera('snmpd_readonly_user_password'),
+ }
+ class { '::snmp':
+ agentaddress => ['udp:161','udp6:[::1]:161'],
+ snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
+ }
+
+ hiera_include('object_classes')
}
-hiera_include('object_classes')
package_manifest{'/var/lib/tripleo/installed-packages/overcloud_object': ensure => present}
diff --git a/puppet/manifests/ringbuilder.pp b/puppet/manifests/ringbuilder.pp
index a623da29..2411ff84 100644
--- a/puppet/manifests/ringbuilder.pp
+++ b/puppet/manifests/ringbuilder.pp
@@ -89,6 +89,11 @@ class tripleo::ringbuilder (
}
}
+if hiera('step') >= 2 {
+ # pre-install swift here so we can build rings
+ include ::swift
+}
+
if hiera('step') >= 3 {
include ::tripleo::ringbuilder
}