diff options
Diffstat (limited to 'puppet')
-rw-r--r-- | puppet/cinder-storage-puppet.yaml | 14 | ||||
-rw-r--r-- | puppet/compute-puppet.yaml | 42 | ||||
-rw-r--r-- | puppet/controller-puppet.yaml | 27 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller.pp | 31 |
4 files changed, 68 insertions, 46 deletions
diff --git a/puppet/cinder-storage-puppet.yaml b/puppet/cinder-storage-puppet.yaml index 2f7a04c8..104130b3 100644 --- a/puppet/cinder-storage-puppet.yaml +++ b/puppet/cinder-storage-puppet.yaml @@ -76,6 +76,16 @@ parameters: RabbitUserName: default: '' type: string + RabbitClientUseSSL: + default: false + description: > + Rabbit client subscriber parameter to specify + an SSL connection to the RabbitMQ host. + type: string + RabbitClientPort: + default: 5672 + description: Set rabbit subscriber port, change this if using SSL + type: number SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes @@ -128,6 +138,8 @@ resources: host: {get_param: VirtualIP} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} + rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} + rabbit_client_port: {get_param: RabbitClientPort} ntp_servers: str_replace: template: '["server"]' @@ -162,6 +174,8 @@ resources: cinder::rabbit_hosts: {get_input: rabbit_hosts} cinder::rabbit_userid: {get_input: rabbit_username} cinder::rabbit_password: {get_input: rabbit_password} + cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + cinder::rabbit_port: {get_input: rabbit_client_port} cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend} ntp::servers: {get_input: ntp_servers} enable_package_install: {get_input: enable_package_install} diff --git a/puppet/compute-puppet.yaml b/puppet/compute-puppet.yaml index c98d1b0e..874afd75 100644 --- a/puppet/compute-puppet.yaml +++ b/puppet/compute-puppet.yaml @@ -222,6 +222,16 @@ parameters: default: guest description: The username for RabbitMQ type: string + RabbitClientUseSSL: + default: false + description: > + Rabbit client subscriber parameter to specify + an SSL connection to the RabbitMQ host. + type: string + RabbitClientPort: + default: 5672 + description: Set rabbit subscriber port, change this if using SSL + type: number SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes @@ -287,6 +297,11 @@ resources: nova::compute::vncserver_proxyclient_address: local-ipv4 mapped_data: #nova::debug: {get_input: debug} + nova::rabbit_hosts: {get_input: rabbit_hosts} + nova::rabbit_userid: {get_input: rabbit_username} + nova::rabbit_password: {get_input: rabbit_password} + nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + nova::rabbit_port: {get_input: rabbit_client_port} nova_compute_driver: {get_input: nova_compute_driver} nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type} nova_api_host: {get_input: nova_api_host} @@ -294,6 +309,11 @@ resources: nova_enable_rbd_backend: {get_input: nova_enable_rbd_backend} nova_password: {get_input: nova_password} #ceilometer::debug: {get_input: debug} + ceilometer::rabbit_hosts: {get_input: rabbit_hosts} + ceilometer::rabbit_userid: {get_input: rabbit_username} + ceilometer::rabbit_password: {get_input: rabbit_password} + ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + ceilometer::rabbit_port: {get_input: rabbit_client_port} ceilometer::metering_secret: {get_input: ceilometer_metering_secret} ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url} @@ -302,6 +322,11 @@ resources: snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} nova::glance_api_servers: {get_input: glance_api_servers} #neutron::debug: {get_input: debug} + neutron::rabbit_hosts: {get_input: rabbit_hosts} + neutron::rabbit_password: {get_input: rabbit_password} + neutron::rabbit_user: {get_input: rabbit_user} + neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + neutron::rabbit_port: {get_input: rabbit_client_port} neutron_flat_networks: {get_input: neutron_flat_networks} neutron_host: {get_input: neutron_host} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} @@ -323,15 +348,6 @@ resources: neutron_allow_l3agent_failover: {get_input: neutron_allow_l3agent_failover} neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device} admin_password: {get_input: admin_password} - nova::rabbit_host: {get_input: rabbit_host} - neutron::rabbit_host: {get_input: rabbit_host} - ceilometer::rabbit_host: {get_input: rabbit_host} - nova::rabbit_userid: {get_input: rabbit_username} - neutron::rabbit_user: {get_input: rabbit_username} - ceilometer::rabbit_userid: {get_input: rabbit_username} - nova::rabbit_password: {get_input: rabbit_password} - neutron::rabbit_password: {get_input: rabbit_password} - ceilometer::rabbit_password: {get_input: rabbit_password} ntp::servers: {get_input: ntp_servers} enable_package_install: {get_input: enable_package_install} @@ -398,9 +414,15 @@ resources: - {get_param: NeutronHost} - ':35357/v2.0' admin_password: {get_param: AdminPassword} - rabbit_host: {get_param: RabbitHost} + rabbit_hosts: + str_replace: + template: '["host"]' + params: + host: {get_param: RabbitHost} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} + rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} + rabbit_client_port: {get_param: RabbitClientPort} ntp_servers: str_replace: template: '["server"]' diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml index 0c623aaf..a2377db3 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller-puppet.yaml @@ -561,6 +561,11 @@ resources: - - 'mysql://nova:unset@' - {get_param: VirtualIP} - '/nova' + rabbit_hosts: + str_replace: + template: '["host"]' + params: + host: {get_param: VirtualIP} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} rabbit_cookie: {get_param: RabbitCookie} @@ -637,8 +642,11 @@ resources: cinder::api::auth_uri: {get_input: keystone_auth_uri} cinder::api::identity_uri: {get_input: keystone_identity_uri} cinder::api::bind_host: {get_input: controller_host} + cinder::rabbit_hosts: {get_input: rabbit_hosts} cinder::rabbit_userid: {get_input: rabbit_username} cinder::rabbit_password: {get_input: rabbit_password} + cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + cinder::rabbit_port: {get_input: rabbit_client_port} cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend} #cinder::debug: {get_input: debug} # Glance @@ -669,9 +677,11 @@ resources: heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url} heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url} heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key} + heat::rabbit_hosts: {get_input: rabbit_hosts} heat::rabbit_userid: {get_input: rabbit_username} heat::rabbit_password: {get_input: rabbit_password} - heat::rabbit_host: {get_input: controller_virtual_ip} + heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + heat::rabbit_port: {get_input: rabbit_client_port} heat::auth_uri: {get_input: keystone_auth_uri} heat::identity_uri: {get_input: keystone_identity_uri} heat::keystone_password: {get_input: heat_password} @@ -699,8 +709,11 @@ resources: mysql_cluster_name: {get_input: mysql_cluster_name} # Neutron neutron::bind_host: {get_input: controller_host} + neutron::rabbit_hosts: {get_input: rabbit_hosts} neutron::rabbit_password: {get_input: rabbit_password} neutron::rabbit_user: {get_input: rabbit_user} + neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + neutron::rabbit_port: {get_input: rabbit_client_port} #neutron::debug: {get_input: debug} neutron::server::auth_uri: {get_input: keystone_auth_uri} neutron::server::identity_uri: {get_input: keystone_identity_uri} @@ -728,9 +741,11 @@ resources: neutron_dsn: {get_input: neutron_dsn} # Ceilometer ceilometer::metering_secret: {get_input: ceilometer_metering_secret} + ceilometer::rabbit_hosts: {get_input: rabbit_hosts} ceilometer::rabbit_userid: {get_input: rabbit_username} ceilometer::rabbit_password: {get_input: rabbit_password} - ceilometer::rabbit_host: {get_input: controller_virtual_ip} + ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + ceilometer::rabbit_port: {get_input: rabbit_client_port} ceilometer::api::host: {get_input: controller_host} ceilometer::api::keystone_password: {get_input: ceilometer_password} ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri} @@ -740,8 +755,11 @@ resources: snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} # Nova + nova::rabbit_hosts: {get_input: rabbit_hosts} nova::rabbit_userid: {get_input: rabbit_username} nova::rabbit_password: {get_input: rabbit_password} + nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + nova::rabbit_port: {get_input: rabbit_client_port} nova::api::auth_uri: {get_input: keystone_auth_uri} nova::api::identity_uri: {get_input: keystone_identity_uri} nova::api::api_bind_address: {get_input: controller_host} @@ -752,12 +770,7 @@ resources: nova::network::neutron::neutron_admin_password: {get_input: neutron_password} nova::network::neutron::neutron_url: {get_input: neutron_url} nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url} - # Rabbit - rabbit_username: {get_input: rabbit_username} - rabbit_password: {get_input: rabbit_password} - rabbit_client_use_ssl: {get_input: rabbit_client_use_ssl} - rabbit_client_port: {get_input: rabbit_client_port} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} # Misc neutron_public_interface_ip: {get_input: neutron_public_interface_ip} diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 41363039..577f5052 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -129,29 +129,9 @@ if hiera('step') >= 2 { cluster_nodes => $rabbit_nodes, node_ip_address => hiera('controller_host'), } - rabbitmq_vhost { '/': provider => 'rabbitmqctl', } - rabbitmq_user { ['nova','glance','neutron','cinder','ceilometer','heat']: - admin => true, - password => hiera('rabbit_password'), - provider => 'rabbitmqctl', - } - - rabbitmq_user_permissions {[ - 'nova@/', - 'glance@/', - 'neutron@/', - 'cinder@/', - 'ceilometer@/', - 'heat@/', - ]: - configure_permission => '.*', - write_permission => '.*', - read_permission => '.*', - provider => 'rabbitmqctl', - } # pre-install swift here so we can build rings include ::swift @@ -220,7 +200,6 @@ if hiera('step') >= 3 { include ::glance::backend::swift class { 'nova': - rabbit_hosts => [hiera('controller_virtual_ip')], glance_api_servers => join([hiera('glance_protocol'), '://', hiera('controller_virtual_ip'), ':', hiera('glance_port')]), } @@ -232,10 +211,7 @@ if hiera('step') >= 3 { include ::nova::vncproxy include ::nova::scheduler - class {'neutron': - rabbit_hosts => [hiera('controller_virtual_ip')], - } - + include ::neutron include ::neutron::server include ::neutron::agents::dhcp include ::neutron::agents::l3 @@ -268,10 +244,7 @@ if hiera('step') >= 3 { Service['neutron-server'] -> Service['neutron-ovs-agent-service'] Service['neutron-server'] -> Service['neutron-metadata'] - class {'cinder': - rabbit_hosts => [hiera('controller_virtual_ip')], - } - + include ::cinder include ::cinder::api include ::cinder::glance include ::cinder::scheduler |