4 files changed, 67 insertions, 21 deletions

diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp
index 13ae31c5..ee77518e 100644
--- a/puppet/manifests/overcloud_compute.pp
+++ b/puppet/manifests/overcloud_compute.pp
@@ -152,6 +152,20 @@ elsif hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencont
   #  require => Class['contrail::vrouter'],
   #}
 }
+elsif hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' {
+  # forward all ipv4 traffic
+  # this is required for the vms to pass through the gateways public interface
+  sysctl::value { 'net.ipv4.ip_forward': value => '1' }
+
+  # ifc_ctl_pp needs to be invoked by root as part of the vif.py when a VM is powered on
+  file { '/etc/sudoers.d/ifc_ctl_sudoers':
+    ensure  => file,
+    owner   => root,
+    group   => root,
+    mode    => '0440',
+    content => "nova ALL=(root) NOPASSWD: /opt/pg/bin/ifc_ctl_pp *\n",
+  }
+}
 else {
 
   include ::neutron::plugins::ml2
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index 5b3e8f77..c6667ae6 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -210,7 +210,7 @@ if hiera('step') >= 2 {
 
 } #END STEP 2
 
-if hiera('step') >= 3 {
+if hiera('step') >= 4 {
 
   include ::keystone
   include ::keystone::config
@@ -344,13 +344,21 @@ if hiera('step') >= 3 {
   include ::neutron::server
   include ::neutron::server::notifications
 
-  # If the value of core plugin is set to 'nuage' or 'opencontrail',
-  # include nuage or opencontrail core plugins, and it does not
-  # need the l3, dhcp and metadata agents
+  # If the value of core plugin is set to 'nuage' or'opencontrail' or 'plumgrid',
+  # include nuage or opencontrail or plumgrid core plugins
+  # else use the default value of 'ml2'
   if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' {
     include ::neutron::plugins::nuage
   } elsif hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' {
     include ::neutron::plugins::opencontrail
+  }
+  elsif hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' {
+    class { '::neutron::plugins::plumgrid' :
+      connection                   => hiera('neutron::server::database_connection'),
+      controller_priv_host         => hiera('keystone_admin_api_vip'),
+      admin_password               => hiera('admin_password'),
+      metadata_proxy_shared_secret => hiera('nova::api::neutron_metadata_proxy_shared_secret'),
+    }
   } else {
     include ::neutron::agents::l3
     include ::neutron::agents::dhcp
@@ -673,9 +681,9 @@ if hiera('step') >= 3 {
 
   hiera_include('controller_classes')
 
-} #END STEP 3
+} #END STEP 4
 
-if hiera('step') >= 4 {
+if hiera('step') >= 5 {
   $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true)
   $nova_enable_db_purge = hiera('nova_enable_db_purge', true)
   $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true)
@@ -710,7 +718,7 @@ if hiera('step') >= 4 {
     }
   }
 
-} #END STEP 4
+} #END STEP 5
 
 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')])
 package_manifest{$package_manifest_name: ensure => present}
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 7c5fd6bd..fd12c342 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -18,6 +18,24 @@ Pcmk_resource <| |> {
   try_sleep => 3,
 }
 
+# TODO(jistr): use pcs resource provider instead of just no-ops
+Service <|
+  tag == 'aodh-service' or
+  tag == 'cinder-service' or
+  tag == 'ceilometer-service' or
+  tag == 'glance-service' or
+  tag == 'heat-service' or
+  tag == 'keystone-service' or
+  tag == 'neutron-service' or
+  tag == 'nova-service' or
+  tag == 'sahara-service'
+|> {
+  hasrestart => true,
+  restart    => '/bin/true',
+  start      => '/bin/true',
+  stop       => '/bin/true',
+}
+
 include ::tripleo::packages
 include ::tripleo::firewall
 
@@ -29,13 +47,13 @@ if $::hostname == downcase(hiera('bootstrap_nodeid')) {
   $sync_db = false
 }
 
-$enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 5
+$enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 6
 $enable_load_balancer = hiera('enable_load_balancer', true)
 
 # When to start and enable services which haven't been Pacemakerized
 # FIXME: remove when we start all OpenStack services using Pacemaker
 # (occurrences of this variable will be gradually replaced with false)
-$non_pcmk_start = hiera('step') >= 4
+$non_pcmk_start = hiera('step') >= 5
 
 if hiera('step') >= 1 {
 
@@ -584,7 +602,7 @@ MYSQL_HOST=localhost\n",
 
 } #END STEP 2
 
-if hiera('step') >= 3 {
+if hiera('step') >= 4 {
 
   class { '::keystone':
     sync_db          => $sync_db,
@@ -774,6 +792,14 @@ if hiera('step') >= 3 {
       keystone_password => hiera('neutron::server::auth_password')
     }
   }
+  if hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' {
+    class { '::neutron::plugins::plumgrid' :
+      connection                   => hiera('neutron::server::database_connection'),
+      controller_priv_host         => hiera('keystone_admin_api_vip'),
+      admin_password               => hiera('admin_password'),
+      metadata_proxy_shared_secret => hiera('nova::api::neutron_metadata_proxy_shared_secret'),
+    }
+  }
   if hiera('neutron::enable_dhcp_agent',true) {
     class { '::neutron::agents::dhcp' :
       manage_service => false,
@@ -1169,9 +1195,9 @@ if hiera('step') >= 3 {
 
   hiera_include('controller_classes')
 
-} #END STEP 3
+} #END STEP 4
 
-if hiera('step') >= 4 {
+if hiera('step') >= 5 {
   $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true)
   $nova_enable_db_purge = hiera('nova_enable_db_purge', true)
   $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true)
@@ -1346,7 +1372,7 @@ if hiera('step') >= 4 {
                   Pacemaker::Resource::Service[$::glance::params::api_service_name]],
     }
 
-    if hiera('step') == 4 {
+    if hiera('step') == 5 {
       # Neutron
       # NOTE(gfidente): Neutron will try to populate the database with some data
       # as soon as neutron-server is started; to avoid races we want to make this
@@ -1932,9 +1958,9 @@ if hiera('step') >= 4 {
 
   }
 
-} #END STEP 4
+} #END STEP 5
 
-if hiera('step') >= 5 {
+if hiera('step') >= 6 {
 
   if $pacemaker_master {
 
@@ -1956,7 +1982,7 @@ if hiera('step') >= 5 {
     }
   }
 
-} #END STEP 5
+} #END STEP 6
 
 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')])
 package_manifest{$package_manifest_name: ensure => present}
diff --git a/puppet/manifests/ringbuilder.pp b/puppet/manifests/ringbuilder.pp
index 2d880d33..a623da29 100644
--- a/puppet/manifests/ringbuilder.pp
+++ b/puppet/manifests/ringbuilder.pp
@@ -13,8 +13,6 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-include ::tripleo::packages
-
 define add_devices(
   $swift_zones = '1'
 ){
@@ -91,6 +89,6 @@ class tripleo::ringbuilder (
   }
 }
 
-include ::tripleo::ringbuilder
-
-package_manifest{'/var/lib/tripleo/installed-packages/ringbuilder': ensure => present}
+if hiera('step') >= 3 {
+  include ::tripleo::ringbuilder
+}