aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/manifests')
-rw-r--r--puppet/manifests/overcloud_cephstorage.pp42
-rw-r--r--puppet/manifests/overcloud_compute.pp181
-rw-r--r--puppet/manifests/overcloud_controller.pp236
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp449
-rw-r--r--puppet/manifests/overcloud_object.pp38
-rw-r--r--puppet/manifests/overcloud_volume.pp45
6 files changed, 47 insertions, 944 deletions
diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp
index e69353b0..152694d9 100644
--- a/puppet/manifests/overcloud_cephstorage.pp
+++ b/puppet/manifests/overcloud_cephstorage.pp
@@ -16,43 +16,9 @@
include ::tripleo::packages
include ::tripleo::firewall
-if hiera('step') >= 1 {
-
- create_resources(kmod::load, hiera('kernel_modules'), {})
- create_resources(sysctl::value, hiera('sysctl_settings'), {})
- Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
-
- include ::timezone
-
-}
-
-if hiera('step') >= 3 {
- if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
- exec { 'set selinux to permissive on boot':
- command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config",
- onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config",
- path => ['/usr/bin', '/usr/sbin'],
- }
-
- exec { 'set selinux to permissive':
- command => 'setenforce 0',
- onlyif => "which setenforce && getenforce | grep -i 'enforcing'",
- path => ['/usr/bin', '/usr/sbin'],
- } -> Class['ceph::profile::osd']
- }
-
- if str2bool(hiera('ceph_ipv6', false)) {
- $mon_host = hiera('ceph_mon_host_v6')
- } else {
- $mon_host = hiera('ceph_mon_host')
- }
- class { '::ceph::profile::params':
- mon_host => $mon_host,
- }
- include ::ceph::conf
- include ::ceph::profile::client
- include ::ceph::profile::osd
-
+if hiera('step') >= 4 {
hiera_include('ceph_classes')
- package_manifest{'/var/lib/tripleo/installed-packages/overcloud_ceph': ensure => present}
}
+
+$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_ceph', hiera('step')])
+package_manifest{$package_manifest_name: ensure => present}
diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp
index da84927e..6e446fd8 100644
--- a/puppet/manifests/overcloud_compute.pp
+++ b/puppet/manifests/overcloud_compute.pp
@@ -16,195 +16,20 @@
include ::tripleo::packages
include ::tripleo::firewall
-create_resources(kmod::load, hiera('kernel_modules'), { })
-create_resources(sysctl::value, hiera('sysctl_settings'), { })
-Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
-
-include ::timezone
-
if hiera('step') >= 4 {
- file { ['/etc/libvirt/qemu/networks/autostart/default.xml',
- '/etc/libvirt/qemu/networks/default.xml']:
- ensure => absent,
- before => Service['libvirt'],
- }
- # in case libvirt has been already running before the Puppet run, make
- # sure the default network is destroyed
- exec { 'libvirt-default-net-destroy':
- command => '/usr/bin/virsh net-destroy default',
- onlyif => '/usr/bin/virsh net-info default | /bin/grep -i "^active:\s*yes"',
- before => Service['libvirt'],
- }
-
- # When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique
- exec { 'reset-iscsi-initiator-name':
- command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi',
- onlyif => '/usr/bin/test ! -f /etc/iscsi/.initiator_reset',
- }->
-
- file { '/etc/iscsi/.initiator_reset':
- ensure => present,
- }
-
- $rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false)
- $rbd_persistent_storage = hiera('rbd_persistent_storage', false)
- if $rbd_ephemeral_storage or $rbd_persistent_storage {
- if str2bool(hiera('ceph_ipv6', false)) {
- $mon_host = hiera('ceph_mon_host_v6')
- } else {
- $mon_host = hiera('ceph_mon_host')
- }
- class { '::ceph::profile::params':
- mon_host => $mon_host,
- }
- include ::ceph::conf
- include ::ceph::profile::client
-
- $client_keys = hiera('ceph::profile::params::client_keys')
- $client_user = join(['client.', hiera('tripleo::profile::base::cinder::volume::rbd::cinder_rbd_user_name')])
- class { '::nova::compute::rbd':
- libvirt_rbd_secret_key => $client_keys[$client_user]['secret'],
- }
- }
-
- if hiera('cinder_enable_nfs_backend', false) {
- if str2bool($::selinux) {
- selboolean { 'virt_use_nfs':
- value => on,
- persistent => true,
- } -> Package['nfs-utils']
- }
-
- package { 'nfs-utils': } -> Service['nova-compute']
- }
-
- if str2bool(hiera('nova::use_ipv6', false)) {
- $vncserver_listen = '::0'
- } else {
- $vncserver_listen = '0.0.0.0'
- }
-
- if $rbd_ephemeral_storage {
- class { '::nova::compute::libvirt':
- libvirt_disk_cachemodes => ['network=writeback'],
- libvirt_hw_disk_discard => 'unmap',
- vncserver_listen => $vncserver_listen,
- }
- } else {
- class { '::nova::compute::libvirt' :
- vncserver_listen => $vncserver_listen,
- }
- }
-
nova_config {
'DEFAULT/my_ip': value => $ipaddress;
'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver';
}
- if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
- file { '/etc/libvirt/qemu.conf':
- ensure => present,
- content => hiera('midonet_libvirt_qemu_data')
- }
- }
- include ::nova::network::neutron
- include ::neutron
- include ::neutron::config
-
- # If the value of core plugin is set to 'nuage',
- # include nuage agent,
- # If the value of core plugin is set to 'midonet',
- # include midonet agent,
- # else use the default value of 'ml2'
- if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' {
- include ::nuage::vrs
- include ::nova::compute::neutron
-
- class { '::nuage::metadataagent':
- nova_os_tenant_name => hiera('nova::api::admin_tenant_name'),
- nova_os_password => hiera('nova_password'),
- nova_metadata_ip => hiera('nova_metadata_node_ips'),
- nova_auth_ip => hiera('keystone_public_api_virtual_ip'),
- }
- }
- elsif hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
-
- # TODO(devvesa) provide non-controller ips for these services
- $zookeeper_node_ips = hiera('neutron_api_node_ips')
- $cassandra_node_ips = hiera('neutron_api_node_ips')
-
- class { '::tripleo::network::midonet::agent':
- zookeeper_servers => $zookeeper_node_ips,
- cassandra_seeds => $cassandra_node_ips
- }
- }
- elsif hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' {
-
- include ::contrail::vrouter
- # NOTE: it's not possible to use this class without a functional
- # contrail controller up and running
- #class {'::contrail::vrouter::provision_vrouter':
- # require => Class['contrail::vrouter'],
- #}
- }
- elsif hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' {
- # forward all ipv4 traffic
- # this is required for the vms to pass through the gateways public interface
- sysctl::value { 'net.ipv4.ip_forward': value => '1' }
-
- # ifc_ctl_pp needs to be invoked by root as part of the vif.py when a VM is powered on
- file { '/etc/sudoers.d/ifc_ctl_sudoers':
- ensure => file,
- owner => root,
- group => root,
- mode => '0440',
- content => "nova ALL=(root) NOPASSWD: /opt/pg/bin/ifc_ctl_pp *\n",
- }
- }
- else {
-
- # NOTE: this code won't live in puppet-neutron until Neutron OVS agent
- # can be gracefully restarted. See https://review.openstack.org/#/c/297211
- # In the meantime, it's safe to restart the agent on each change in neutron.conf,
- # because Puppet changes are supposed to be done during bootstrap and upgrades.
- # Some resource managed by Neutron_config (like messaging and logging options) require
- # a restart of OVS agent. This code does it.
- # In Newton, OVS agent will be able to be restarted gracefully so we'll drop the code
- # from here and fix it in puppet-neutron.
- Neutron_config<||> ~> Service['neutron-ovs-agent-service']
-
- include ::neutron::plugins::ml2
- include ::neutron::agents::ml2::ovs
-
- if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
- class { '::neutron::agents::n1kv_vem':
- n1kv_source => hiera('n1kv_vem_source', undef),
- n1kv_version => hiera('n1kv_vem_version', undef),
- }
- }
-
- if 'bsn_ml2' in hiera('neutron::plugins::ml2::mechanism_drivers') {
- include ::neutron::agents::bigswitch
- }
- }
-
include ::ceilometer
include ::ceilometer::config
include ::ceilometer::agent::compute
include ::ceilometer::agent::auth
- $snmpd_user = hiera('snmpd_readonly_user_name')
- snmp::snmpv3_user { $snmpd_user:
- authtype => 'MD5',
- authpass => hiera('snmpd_readonly_user_password'),
- }
- class { '::snmp':
- agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
- }
-
hiera_include('compute_classes')
- package_manifest{ '/var/lib/tripleo/installed-packages/overcloud_compute': ensure => present }
-
}
+
+$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_compute', hiera('step')])
+package_manifest{$package_manifest_name: ensure => present}
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index c07383c8..9cdbda0f 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -18,37 +18,7 @@ include ::tripleo::firewall
$enable_load_balancer = hiera('enable_load_balancer', true)
-if hiera('step') >= 1 {
-
- create_resources(kmod::load, hiera('kernel_modules'), {})
- create_resources(sysctl::value, hiera('sysctl_settings'), {})
- Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
-
-}
-
if hiera('step') >= 2 {
-
- include ::timezone
-
- # MongoDB
- if downcase(hiera('ceilometer_backend')) == 'mongodb' {
- # NOTE(gfidente): We need to pass the list of IPv6 addresses *with* port and
- # without the brackets as 'members' argument for the 'mongodb_replset'
- # resource.
- if str2bool(hiera('mongodb::server::ipv6', false)) {
- $mongo_node_ips_with_port_prefixed = prefix(hiera('mongo_node_ips'), '[')
- $mongo_node_ips_with_port = suffix($mongo_node_ips_with_port_prefixed, ']:27017')
- $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
- } else {
- $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017')
- $mongo_node_ips_with_port_nobr = suffix(hiera('mongo_node_ips'), ':27017')
- }
- $mongo_node_string = join($mongo_node_ips_with_port, ',')
-
- $mongodb_replset = hiera('mongodb::server::replset')
- $ceilometer_mongodb_conn_string = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}"
- }
-
if str2bool(hiera('enable_galera', true)) {
$mysql_config_file = '/etc/my.cnf.d/galera.cnf'
} else {
@@ -76,60 +46,8 @@ if hiera('step') >= 2 {
if downcase(hiera('gnocchi_indexer_backend')) == 'mysql' {
include ::gnocchi::db::mysql
}
- if downcase(hiera('ceilometer_backend')) == 'mysql' {
- include ::ceilometer::db::mysql
- }
include ::aodh::db::mysql
- $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false)
-
- if $enable_ceph {
- $mon_initial_members = downcase(hiera('ceph_mon_initial_members'))
- if str2bool(hiera('ceph_ipv6', false)) {
- $mon_host = hiera('ceph_mon_host_v6')
- } else {
- $mon_host = hiera('ceph_mon_host')
- }
- class { '::ceph::profile::params':
- mon_initial_members => $mon_initial_members,
- mon_host => $mon_host,
- }
- include ::ceph::conf
- include ::ceph::profile::mon
- }
-
- if str2bool(hiera('enable_ceph_storage', false)) {
- if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
- exec { 'set selinux to permissive on boot':
- command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config",
- onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config",
- path => ['/usr/bin', '/usr/sbin'],
- }
-
- exec { 'set selinux to permissive':
- command => 'setenforce 0',
- onlyif => "which setenforce && getenforce | grep -i 'enforcing'",
- path => ['/usr/bin', '/usr/sbin'],
- } -> Class['ceph::profile::osd']
- }
-
- include ::ceph::conf
- include ::ceph::profile::osd
- }
-
- if str2bool(hiera('enable_external_ceph', false)) {
- if str2bool(hiera('ceph_ipv6', false)) {
- $mon_host = hiera('ceph_mon_host_v6')
- } else {
- $mon_host = hiera('ceph_mon_host')
- }
- class { '::ceph::profile::params':
- mon_host => $mon_host,
- }
- include ::ceph::conf
- include ::ceph::profile::client
- }
-
} #END STEP 2
if hiera('step') >= 4 {
@@ -146,129 +64,6 @@ if hiera('step') >= 4 {
}
include ::nova::config
- if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
-
- # TODO(devvesa) provide non-controller ips for these services
- $zookeeper_node_ips = hiera('neutron_api_node_ips')
- $cassandra_node_ips = hiera('neutron_api_node_ips')
-
- # Run zookeeper in the controller if configured
- if hiera('enable_zookeeper_on_controller') {
- class {'::tripleo::cluster::zookeeper':
- zookeeper_server_ips => $zookeeper_node_ips,
- # TODO: create a 'bind' hiera key for zookeeper
- zookeeper_client_ip => hiera('neutron::bind_host'),
- zookeeper_hostnames => hiera('controller_node_names')
- }
- }
-
- # Run cassandra in the controller if configured
- if hiera('enable_cassandra_on_controller') {
- class {'::tripleo::cluster::cassandra':
- cassandra_servers => $cassandra_node_ips,
- # TODO: create a 'bind' hiera key for cassandra
- cassandra_ip => hiera('neutron::bind_host'),
- }
- }
-
- class {'::tripleo::network::midonet::agent':
- zookeeper_servers => $zookeeper_node_ips,
- cassandra_seeds => $cassandra_node_ips
- }
-
- class {'::tripleo::network::midonet::api':
- zookeeper_servers => $zookeeper_node_ips,
- vip => hiera('public_virtual_ip'),
- keystone_ip => hiera('public_virtual_ip'),
- keystone_admin_token => hiera('keystone::admin_token'),
- # TODO: create a 'bind' hiera key for api
- bind_address => hiera('neutron::bind_host'),
- admin_password => hiera('admin_password')
- }
-
- # TODO: find a way to get an empty list from hiera
- # TODO: when doing the composable midonet plugin, don't forget to
- # set service_plugins to an empty array in Hiera.
- class {'::neutron':
- service_plugins => []
- }
-
- }
-
- # If the value of core plugin is set to 'opencontrail'
- # include opencontrail core plugins
- # else use the default value of 'ml2'
- if hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' {
- include ::neutron::plugins::opencontrail
- } else {
-
- # If the value of core plugin is set to 'midonet',
- # skip all the ML2 configuration
- if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
-
- class {'::neutron::plugins::midonet':
- midonet_api_ip => hiera('public_virtual_ip'),
- keystone_tenant => hiera('neutron::server::auth_tenant'),
- keystone_password => hiera('neutron::server::password')
- }
- }
-
- Service['neutron-server'] -> Service['neutron-metadata']
-
- }
-
- if $enable_ceph {
- $ceph_pools = hiera('ceph_pools')
- ceph::pool { $ceph_pools :
- pg_num => hiera('ceph::profile::params::osd_pool_default_pg_num'),
- pgp_num => hiera('ceph::profile::params::osd_pool_default_pgp_num'),
- size => hiera('ceph::profile::params::osd_pool_default_size'),
- }
- }
-
- # swift storage
- if str2bool(hiera('enable_swift_storage', true)) {
- class { '::swift::storage::all':
- mount_check => str2bool(hiera('swift_mount_check')),
- }
- if(!defined(File['/srv/node'])) {
- file { '/srv/node':
- ensure => directory,
- owner => 'swift',
- group => 'swift',
- require => Package['openstack-swift'],
- }
- }
- $swift_components = ['account', 'container', 'object']
- swift::storage::filter::recon { $swift_components : }
- swift::storage::filter::healthcheck { $swift_components : }
- }
-
- # Ceilometer
- $ceilometer_backend = downcase(hiera('ceilometer_backend'))
- case $ceilometer_backend {
- /mysql/ : {
- $ceilometer_database_connection = hiera('ceilometer_mysql_conn_string')
- }
- default : {
- $ceilometer_database_connection = $ceilometer_mongodb_conn_string
- }
- }
- include ::ceilometer
- include ::ceilometer::config
- include ::ceilometer::api
- include ::ceilometer::agent::notification
- include ::ceilometer::agent::central
- include ::ceilometer::expirer
- include ::ceilometer::collector
- include ::ceilometer::agent::auth
- include ::ceilometer::dispatcher::gnocchi
- class { '::ceilometer::db' :
- database_connection => $ceilometer_database_connection,
- }
-
- Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" }
-
# Aodh
class { '::aodh' :
database_connection => hiera('aodh_mysql_conn_string'),
@@ -282,27 +77,6 @@ if hiera('step') >= 4 {
include ::aodh::listener
include ::aodh::client
- # Horizon
- include ::apache::mod::remoteip
- if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
- $_profile_support = 'cisco'
- } else {
- $_profile_support = 'None'
- }
- $neutron_options = {'profile_support' => $_profile_support }
-
- $memcached_ipv6 = hiera('memcached_ipv6', false)
- if $memcached_ipv6 {
- $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]')
- } else {
- $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1')
- }
-
- class { '::horizon':
- cache_server_ip => $horizon_memcached_servers,
- neutron_options => $neutron_options,
- }
-
# Gnocchi
$gnocchi_database_connection = hiera('gnocchi_mysql_conn_string')
class { '::gnocchi':
@@ -323,16 +97,6 @@ if hiera('step') >= 4 {
default: { fail('Unrecognized gnocchi_backend parameter.') }
}
- $snmpd_user = hiera('snmpd_readonly_user_name')
- snmp::snmpv3_user { $snmpd_user:
- authtype => 'MD5',
- authpass => hiera('snmpd_readonly_user_password'),
- }
- class { '::snmp':
- agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
- }
-
hiera_include('controller_classes')
} #END STEP 4
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 0bee6b00..cfa693be 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -21,10 +21,7 @@ Pcmk_resource <| |> {
# TODO(jistr): use pcs resource provider instead of just no-ops
Service <|
tag == 'aodh-service' or
- tag == 'ceilometer-service' or
- tag == 'gnocchi-service' or
- tag == 'neutron-service' or
- tag == 'nova-service'
+ tag == 'gnocchi-service'
|> {
hasrestart => true,
restart => '/bin/true',
@@ -53,12 +50,6 @@ $non_pcmk_start = hiera('step') >= 5
if hiera('step') >= 1 {
- create_resources(kmod::load, hiera('kernel_modules'), {})
- create_resources(sysctl::value, hiera('sysctl_settings'), {})
- Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
-
- include ::timezone
-
$pacemaker_cluster_members = downcase(regsubst(hiera('controller_node_names'), ',', ' ', 'G'))
$corosync_ipv6 = str2bool(hiera('corosync_ipv6', false))
if $corosync_ipv6 {
@@ -95,10 +86,6 @@ if hiera('step') >= 1 {
op_params => 'start timeout=200s stop timeout=200s',
}
- if downcase(hiera('ceilometer_backend')) == 'mongodb' {
- include ::mongodb::params
- }
-
# Galera
if str2bool(hiera('enable_galera', true)) {
$mysql_config_file = '/etc/my.cnf.d/galera.cnf'
@@ -194,48 +181,25 @@ if hiera('step') >= 2 {
require => Class['::mysql::server'],
before => Exec['galera-ready'],
}
- }
- $mysql_root_password = hiera('mysql::server::root_password')
- $mysql_clustercheck_password = hiera('mysql_clustercheck_password')
- # This step is to create a sysconfig clustercheck file with the root user and empty password
- # on the first install only (because later on the clustercheck db user will be used)
- # We are using exec and not file in order to not have duplicate definition errors in puppet
- # when we later set the the file to contain the clustercheck data
- exec { 'create-root-sysconfig-clustercheck':
- command => "/bin/echo 'MYSQL_USERNAME=root\nMYSQL_PASSWORD=\'\'\nMYSQL_HOST=localhost\n' > /etc/sysconfig/clustercheck",
- unless => '/bin/test -e /etc/sysconfig/clustercheck && grep -q clustercheck /etc/sysconfig/clustercheck',
- }
- exec { 'galera-ready' :
- command => '/usr/bin/clustercheck >/dev/null',
- timeout => 30,
- tries => 180,
- try_sleep => 10,
- environment => ['AVAILABLE_WHEN_READONLY=0'],
- require => Exec['create-root-sysconfig-clustercheck'],
- }
+ exec { 'galera-ready' :
+ command => '/usr/bin/clustercheck >/dev/null',
+ timeout => 30,
+ tries => 180,
+ try_sleep => 10,
+ environment => ['AVAILABLE_WHEN_READONLY=0'],
+ require => Exec['create-root-sysconfig-clustercheck'],
+ }
- xinetd::service { 'galera-monitor' :
- port => '9200',
- server => '/usr/bin/clustercheck',
- per_source => 'UNLIMITED',
- log_on_success => '',
- log_on_failure => 'HOST',
- flags => 'REUSE',
- service_type => 'UNLISTED',
- user => 'root',
- group => 'root',
- require => Exec['create-root-sysconfig-clustercheck'],
- }
- # We add a clustercheck db user and we will switch /etc/sysconfig/clustercheck
- # to it in a later step. We do this only on one node as it will replicate on
- # the other members. We also make sure that the permissions are the minimum necessary
- if $pacemaker_master {
+ # We add a clustercheck db user and we will switch /etc/sysconfig/clustercheck
+ # to it in a later step. We do this only on one node as it will replicate on
+ # the other members. We also make sure that the permissions are the minimum necessary
mysql_user { 'clustercheck@localhost':
ensure => 'present',
- password_hash => mysql_password($mysql_clustercheck_password),
+ password_hash => mysql_password(hiera('mysql_clustercheck_password')),
require => Exec['galera-ready'],
}
+
mysql_grant { 'clustercheck@localhost/*.*':
ensure => 'present',
options => ['GRANT'],
@@ -243,15 +207,6 @@ if hiera('step') >= 2 {
table => '*.*',
user => 'clustercheck@localhost',
}
- }
-
- # Create all the database schemas
- if $sync_db {
- if downcase(hiera('ceilometer_backend')) == 'mysql' {
- class { '::ceilometer::db::mysql':
- require => Exec['galera-ready'],
- }
- }
if downcase(hiera('gnocchi_indexer_backend')) == 'mysql' {
class { '::gnocchi::db::mysql':
@@ -261,65 +216,36 @@ if hiera('step') >= 2 {
class { '::aodh::db::mysql':
require => Exec['galera-ready'],
- }
- }
-
- # Ceph
- $enable_ceph = hiera('ceph_storage_count', 0) > 0 or hiera('enable_ceph_storage', false)
-
- if $enable_ceph {
- $mon_initial_members = downcase(hiera('ceph_mon_initial_members'))
- if str2bool(hiera('ceph_ipv6', false)) {
- $mon_host = hiera('ceph_mon_host_v6')
- } else {
- $mon_host = hiera('ceph_mon_host')
- }
- class { '::ceph::profile::params':
- mon_initial_members => $mon_initial_members,
- mon_host => $mon_host,
}
- include ::ceph::conf
- include ::ceph::profile::mon
}
-
- if str2bool(hiera('enable_ceph_storage', false)) {
- if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
- exec { 'set selinux to permissive on boot':
- command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config",
- onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config",
- path => ['/usr/bin', '/usr/sbin'],
- }
-
- exec { 'set selinux to permissive':
- command => 'setenforce 0',
- onlyif => "which setenforce && getenforce | grep -i 'enforcing'",
- path => ['/usr/bin', '/usr/sbin'],
- } -> Class['ceph::profile::osd']
- }
-
- include ::ceph::conf
- include ::ceph::profile::osd
+ # This step is to create a sysconfig clustercheck file with the root user and empty password
+ # on the first install only (because later on the clustercheck db user will be used)
+ # We are using exec and not file in order to not have duplicate definition errors in puppet
+ # when we later set the the file to contain the clustercheck data
+ exec { 'create-root-sysconfig-clustercheck':
+ command => "/bin/echo 'MYSQL_USERNAME=root\nMYSQL_PASSWORD=\'\'\nMYSQL_HOST=localhost\n' > /etc/sysconfig/clustercheck",
+ unless => '/bin/test -e /etc/sysconfig/clustercheck && grep -q clustercheck /etc/sysconfig/clustercheck',
}
- if str2bool(hiera('enable_external_ceph', false)) {
- if str2bool(hiera('ceph_ipv6', false)) {
- $mon_host = hiera('ceph_mon_host_v6')
- } else {
- $mon_host = hiera('ceph_mon_host')
- }
- class { '::ceph::profile::params':
- mon_host => $mon_host,
- }
- include ::ceph::conf
- include ::ceph::profile::client
+ xinetd::service { 'galera-monitor' :
+ port => '9200',
+ server => '/usr/bin/clustercheck',
+ per_source => 'UNLIMITED',
+ log_on_success => '',
+ log_on_failure => 'HOST',
+ flags => 'REUSE',
+ service_type => 'UNLISTED',
+ user => 'root',
+ group => 'root',
+ require => Exec['create-root-sysconfig-clustercheck'],
}
-
} #END STEP 2
if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) {
# At this stage we are guaranteed that the clustercheck db user exists
# so we switch the resource agent to use it.
+ $mysql_clustercheck_password = hiera('mysql_clustercheck_password')
file { '/etc/sysconfig/clustercheck' :
ensure => file,
mode => '0600',
@@ -343,170 +269,6 @@ MYSQL_HOST=localhost\n",
include ::nova::config
- if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
-
- # TODO(devvesa) provide non-controller ips for these services
- $zookeeper_node_ips = hiera('neutron_api_node_ips')
- $cassandra_node_ips = hiera('neutron_api_node_ips')
-
- # Run zookeeper in the controller if configured
- if hiera('enable_zookeeper_on_controller') {
- class {'::tripleo::cluster::zookeeper':
- zookeeper_server_ips => $zookeeper_node_ips,
- # TODO: create a 'bind' hiera key for zookeeper
- zookeeper_client_ip => hiera('neutron::bind_host'),
- zookeeper_hostnames => split(hiera('controller_node_names'), ',')
- }
- }
-
- # Run cassandra in the controller if configured
- if hiera('enable_cassandra_on_controller') {
- class {'::tripleo::cluster::cassandra':
- cassandra_servers => $cassandra_node_ips,
- # TODO: create a 'bind' hiera key for cassandra
- cassandra_ip => hiera('neutron::bind_host'),
- }
- }
-
- class {'::tripleo::network::midonet::agent':
- zookeeper_servers => $zookeeper_node_ips,
- cassandra_seeds => $cassandra_node_ips
- }
-
- class {'::tripleo::network::midonet::api':
- zookeeper_servers => $zookeeper_node_ips,
- vip => hiera('public_virtual_ip'),
- keystone_ip => hiera('public_virtual_ip'),
- keystone_admin_token => hiera('keystone::admin_token'),
- # TODO: create a 'bind' hiera key for api
- bind_address => hiera('neutron::bind_host'),
- admin_password => hiera('admin_password')
- }
-
- # Configure Neutron
- # TODO: when doing the composable midonet plugin, don't forget to
- # set service_plugins to an empty array in Hiera.
- class {'::neutron':
- service_plugins => []
- }
-
- }
-
- if hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' {
- include ::neutron::plugins::opencontrail
- }
- if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
- class {'::neutron::plugins::midonet':
- midonet_api_ip => hiera('public_virtual_ip'),
- keystone_tenant => hiera('neutron::server::auth_tenant'),
- keystone_password => hiera('neutron::server::password')
- }
- }
-
- if $enable_ceph {
- $ceph_pools = hiera('ceph_pools')
- ceph::pool { $ceph_pools :
- pg_num => hiera('ceph::profile::params::osd_pool_default_pg_num'),
- pgp_num => hiera('ceph::profile::params::osd_pool_default_pgp_num'),
- size => hiera('ceph::profile::params::osd_pool_default_size'),
- }
- }
-
- # swift storage
- if str2bool(hiera('enable_swift_storage', true)) {
- class {'::swift::storage::all':
- mount_check => str2bool(hiera('swift_mount_check')),
- }
- class {'::swift::storage::account':
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
- }
- class {'::swift::storage::container':
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
- }
- class {'::swift::storage::object':
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
- }
- if(!defined(File['/srv/node'])) {
- file { '/srv/node':
- ensure => directory,
- owner => 'swift',
- group => 'swift',
- require => Package['openstack-swift'],
- }
- }
- $swift_components = ['account', 'container', 'object']
- swift::storage::filter::recon { $swift_components : }
- swift::storage::filter::healthcheck { $swift_components : }
- }
-
- # Ceilometer
- case downcase(hiera('ceilometer_backend')) {
- /mysql/: {
- $ceilometer_database_connection = hiera('ceilometer_mysql_conn_string')
- }
- default: {
- $mongo_node_string = join($mongo_node_ips_with_port, ',')
- $ceilometer_database_connection = "mongodb://${mongo_node_string}/ceilometer?replicaSet=${mongodb_replset}"
- }
- }
- include ::ceilometer
- include ::ceilometer::config
- class { '::ceilometer::api' :
- manage_service => false,
- enabled => false,
- }
- class { '::ceilometer::agent::notification' :
- manage_service => false,
- enabled => false,
- }
- class { '::ceilometer::agent::central' :
- manage_service => false,
- enabled => false,
- }
- class { '::ceilometer::collector' :
- manage_service => false,
- enabled => false,
- }
- include ::ceilometer::expirer
- class { '::ceilometer::db' :
- database_connection => $ceilometer_database_connection,
- sync_db => $sync_db,
- }
- include ::ceilometer::agent::auth
- include ::ceilometer::dispatcher::gnocchi
-
- Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" }
-
- # httpd/apache and horizon
- # NOTE(gfidente): server-status can be consumed by the pacemaker resource agent
- class { '::apache' :
- service_enable => false,
- # service_manage => false, # <-- not supported with horizon&apache mod_wsgi?
- }
- include ::apache::mod::remoteip
- include ::apache::mod::status
- if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
- $_profile_support = 'cisco'
- } else {
- $_profile_support = 'None'
- }
- $neutron_options = {'profile_support' => $_profile_support }
-
- $memcached_ipv6 = hiera('memcached_ipv6', false)
- if $memcached_ipv6 {
- $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]')
- } else {
- $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1')
- }
-
- class { '::horizon':
- cache_server_ip => $horizon_memcached_servers,
- neutron_options => $neutron_options,
- }
-
# Aodh
class { '::aodh' :
database_connection => hiera('aodh_mysql_conn_string'),
@@ -567,16 +329,6 @@ MYSQL_HOST=localhost\n",
enabled => false,
}
- $snmpd_user = hiera('snmpd_readonly_user_name')
- snmp::snmpv3_user { $snmpd_user:
- authtype => 'MD5',
- authpass => hiera('snmpd_readonly_user_password'),
- }
- class { '::snmp':
- agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
- }
-
hiera_include('controller_classes')
} #END STEP 4
@@ -587,6 +339,7 @@ if hiera('step') >= 5 {
# password. On second runs or updates /root/.my.cnf will already be populated
# with proper credentials. This step happens on every node because this sql
# statement does not automatically replicate across nodes.
+ $mysql_root_password = hiera('mysql::server::root_password')
exec { 'galera-set-root-password':
command => "/bin/touch /root/.my.cnf && /bin/echo \"UPDATE mysql.user SET Password = PASSWORD('${mysql_root_password}') WHERE user = 'root'; flush privileges;\" | /bin/mysql --defaults-extra-file=/root/.my.cnf -u root",
}
@@ -632,49 +385,6 @@ password=\"${mysql_root_password}\"",
Pacemaker::Resource::Ocf['openstack-core']],
}
- if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
- pacemaker::resource::service {'tomcat':
- clone_params => 'interleave=true',
- }
- }
- if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
- #midonet-chain chain keystone-->neutron-server-->dhcp-->metadata->tomcat
- pacemaker::constraint::base { 'neutron-server-to-dhcp-agent-constraint':
- constraint_type => 'order',
- first_resource => "${::neutron::params::server_service}-clone",
- second_resource => "${::neutron::params::dhcp_agent_service}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
- Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
- }
- pacemaker::constraint::base { 'neutron-dhcp-agent-to-metadata-agent-constraint':
- constraint_type => 'order',
- first_resource => "${::neutron::params::dhcp_agent_service}-clone",
- second_resource => "${::neutron::params::metadata_agent_service}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
- Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]],
- }
- pacemaker::constraint::base { 'neutron-metadata-agent-to-tomcat-constraint':
- constraint_type => 'order',
- first_resource => "${::neutron::params::metadata_agent_service}-clone",
- second_resource => 'tomcat-clone',
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service],
- Pacemaker::Resource::Service['tomcat']],
- }
- pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-metadata-agent-colocation':
- source => "${::neutron::params::metadata_agent_service}-clone",
- target => "${::neutron::params::dhcp_agent_service}-clone",
- score => 'INFINITY',
- require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
- Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]],
- }
- }
-
# Nova
pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint':
constraint_type => 'order',
@@ -757,49 +467,12 @@ password=\"${mysql_root_password}\"",
Pacemaker::Resource::Service[$::nova::params::conductor_service_name]],
}
- # Ceilometer and Aodh
- case downcase(hiera('ceilometer_backend')) {
- /mysql/: {
- pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
- clone_params => 'interleave=true',
- require => Pacemaker::Resource::Ocf['openstack-core'],
- }
- }
- default: {
- pacemaker::resource::service { $::ceilometer::params::agent_central_service_name:
- clone_params => 'interleave=true',
- require => [Pacemaker::Resource::Ocf['openstack-core'],
- Pacemaker::Resource::Service[$::mongodb::params::service_name]],
- }
- }
- }
- pacemaker::resource::service { $::ceilometer::params::collector_service_name :
- clone_params => 'interleave=true',
- }
- pacemaker::resource::service { $::ceilometer::params::api_service_name :
- clone_params => 'interleave=true',
- }
- pacemaker::resource::service { $::ceilometer::params::agent_notification_service_name :
- clone_params => 'interleave=true',
- }
# Fedora doesn't know `require-all` parameter for constraints yet
if $::operatingsystem == 'Fedora' {
- $redis_ceilometer_constraint_params = undef
$redis_aodh_constraint_params = undef
} else {
- $redis_ceilometer_constraint_params = 'require-all=false'
$redis_aodh_constraint_params = 'require-all=false'
}
- pacemaker::constraint::base { 'redis-then-ceilometer-central-constraint':
- constraint_type => 'order',
- first_resource => 'redis-master',
- second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
- first_action => 'promote',
- second_action => 'start',
- constraint_params => $redis_ceilometer_constraint_params,
- require => [Pacemaker::Resource::Ocf['redis'],
- Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name]],
- }
pacemaker::constraint::base { 'redis-then-aodh-evaluator-constraint':
constraint_type => 'order',
first_resource => 'redis-master',
@@ -810,49 +483,6 @@ password=\"${mysql_root_password}\"",
require => [Pacemaker::Resource::Ocf['redis'],
Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name]],
}
- pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint':
- constraint_type => 'order',
- first_resource => 'openstack-core-clone',
- second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
- Pacemaker::Resource::Ocf['openstack-core']],
- }
- pacemaker::constraint::base { 'keystone-then-ceilometer-notification-constraint':
- constraint_type => 'order',
- first_resource => 'openstack-core-clone',
- second_resource => "${::ceilometer::params::agent_notification_service_name}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
- Pacemaker::Resource::Ocf['openstack-core']],
- }
- pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint':
- constraint_type => 'order',
- first_resource => "${::ceilometer::params::agent_central_service_name}-clone",
- second_resource => "${::ceilometer::params::collector_service_name}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
- Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
- }
- pacemaker::constraint::base { 'ceilometer-collector-then-ceilometer-api-constraint':
- constraint_type => 'order',
- first_resource => "${::ceilometer::params::collector_service_name}-clone",
- second_resource => "${::ceilometer::params::api_service_name}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name],
- Pacemaker::Resource::Service[$::ceilometer::params::api_service_name]],
- }
- pacemaker::constraint::colocation { 'ceilometer-api-with-ceilometer-collector-colocation':
- source => "${::ceilometer::params::api_service_name}-clone",
- target => "${::ceilometer::params::collector_service_name}-clone",
- score => 'INFINITY',
- require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name],
- Pacemaker::Resource::Service[$::ceilometer::params::collector_service_name]],
- }
# Aodh
pacemaker::resource::service { $::aodh::params::evaluator_service_name :
clone_params => 'interleave=true',
@@ -895,17 +525,6 @@ password=\"${mysql_root_password}\"",
require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
Pacemaker::Resource::Service[$::aodh::params::listener_service_name]],
}
- if downcase(hiera('ceilometer_backend')) == 'mongodb' {
- pacemaker::constraint::base { 'mongodb-then-ceilometer-central-constraint':
- constraint_type => 'order',
- first_resource => "${::mongodb::params::service_name}-clone",
- second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
- Pacemaker::Resource::Service[$::mongodb::params::service_name]],
- }
- }
# gnocchi
pacemaker::resource::service { $::gnocchi::params::metricd_service_name :
diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp
index 4fca8f5f..1f04c581 100644
--- a/puppet/manifests/overcloud_object.pp
+++ b/puppet/manifests/overcloud_object.pp
@@ -16,43 +16,9 @@
include ::tripleo::packages
include ::tripleo::firewall
-if hiera('step') >= 1 {
- create_resources(kmod::load, hiera('kernel_modules'), {})
- create_resources(sysctl::value, hiera('sysctl_settings'), {})
- Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
-
- include ::timezone
-
-}
-
if hiera('step') >= 4 {
- class { '::swift::storage::all':
- mount_check => str2bool(hiera('swift_mount_check')),
- }
- if(!defined(File['/srv/node'])) {
- file { '/srv/node':
- ensure => directory,
- owner => 'swift',
- group => 'swift',
- require => Package['openstack-swift'],
- }
- }
-
- $swift_components = ['account', 'container', 'object']
- swift::storage::filter::recon { $swift_components : }
- swift::storage::filter::healthcheck { $swift_components : }
-
- $snmpd_user = hiera('snmpd_readonly_user_name')
- snmp::snmpv3_user { $snmpd_user:
- authtype => 'MD5',
- authpass => hiera('snmpd_readonly_user_password'),
- }
- class { '::snmp':
- agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
- }
-
hiera_include('object_classes')
}
-package_manifest{'/var/lib/tripleo/installed-packages/overcloud_object': ensure => present}
+$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_object', hiera('step')])
+package_manifest{$package_manifest_name: ensure => present}
diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp
index 134dc43b..7c7da586 100644
--- a/puppet/manifests/overcloud_volume.pp
+++ b/puppet/manifests/overcloud_volume.pp
@@ -16,46 +16,9 @@
include ::tripleo::packages
include ::tripleo::firewall
-create_resources(kmod::load, hiera('kernel_modules'), {})
-create_resources(sysctl::value, hiera('sysctl_settings'), {})
-Exec <| tag == 'kmod::load' |> -> Sysctl <| |>
-
-if count(hiera('ntp::servers')) > 0 {
- include ::ntp
-}
-
-include ::timezone
-
-include ::cinder
-include ::cinder::config
-include ::cinder::glance
-include ::cinder::volume
-include ::cinder::setup_test_volume
-
-$cinder_enable_iscsi = hiera('cinder_enable_iscsi_backend', true)
-if $cinder_enable_iscsi {
- $cinder_iscsi_backend = 'tripleo_iscsi'
-
- cinder::backend::iscsi { $cinder_iscsi_backend :
- iscsi_ip_address => hiera('cinder_iscsi_ip_address'),
- iscsi_helper => hiera('cinder_iscsi_helper'),
- }
-}
-
-$cinder_enabled_backends = any2array($cinder_iscsi_backend)
-class { '::cinder::backends' :
- enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')),
-}
-
-$snmpd_user = hiera('snmpd_readonly_user_name')
-snmp::snmpv3_user { $snmpd_user:
- authtype => 'MD5',
- authpass => hiera('snmpd_readonly_user_password'),
-}
-class { '::snmp':
- agentaddress => ['udp:161','udp6:[::1]:161'],
- snmpd_config => [ join(['createUser ', hiera('snmpd_readonly_user_name'), ' MD5 "', hiera('snmpd_readonly_user_password'), '"']), join(['rouser ', hiera('snmpd_readonly_user_name')]), 'proc cron', 'includeAllDisks 10%', 'master agentx', 'trapsink localhost public', 'iquerySecName internalUser', 'rouser internalUser', 'defaultMonitors yes', 'linkUpDownNotifications yes' ],
+if hiera('step') >= 4 {
+ hiera_include('volume_classes')
}
-hiera_include('volume_classes')
-package_manifest{'/var/lib/tripleo/installed-packages/overcloud_volume': ensure => present}
+$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_volume', hiera('step')])
+package_manifest{$package_manifest_name: ensure => present}