diff options
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/controller.yaml | 9 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_compute.pp | 23 |
2 files changed, 5 insertions, 27 deletions
diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 3ff0639c..14b70484 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -1194,16 +1194,9 @@ resources: rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} rabbit_ipv6: {get_param: RabbitIPv6} + rabbit_fd_limit: {get_param: RabbitFDLimit} mongodb_no_journal: {get_param: MongoDbNoJournal} mongodb_ipv6: {get_param: MongoDbIPv6} - # We need to force this into quotes or hiera will return integer causing - # the puppet module validation regexp to fail. - # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401 - rabbit_fd_limit: - str_replace: - template: "'LIMIT'" - params: - LIMIT: {get_param: RabbitFDLimit} ntp_servers: {get_param: NtpServer} timezone: {get_param: TimeZone} control_virtual_interface: {get_param: ControlVirtualInterface} diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index b7f65f53..13ae31c5 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -94,31 +94,16 @@ class { '::nova::compute::libvirt' : vncserver_listen => $vncserver_listen, } -# TUNNELLED mode provides a security enhancement when using shared storage but is not -# supported when not using shared storage. -# See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12 -if $rbd_ephemeral_storage { - $block_migration_flag = 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE, VIR_MIGRATE_TUNNELLED, VIR_MIGRATE_NON_SHARED_INC' - $live_migration_flag = 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE, VIR_MIGRATE_TUNNELLED' -} else { - $block_migration_flag = 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE, VIR_MIGRATE_NON_SHARED_INC' - $live_migration_flag = 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE' -} - nova_config { 'DEFAULT/my_ip': value => $ipaddress; 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver'; 'DEFAULT/host': value => $fqdn; - # In future versions of Nova, the live/block migration flags will be deprecated [1]. - # Tunnelling (encryption) will be handled via a single _new_ Nova - # config attribute 'live_migration_tunnelled'[2], thus - # avoiding users to have to supply libvirt flags. + # TUNNELLED mode provides a security enhancement when using shared storage but is not + # supported when not using shared storage. + # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12 # In future versions of QEMU (2.6, mostly), Dan's native encryption # work will obsolete the need to use TUNNELLED transport mode. - # [1] https://review.openstack.org/#/c/263436/ - # [2] https://review.openstack.org/#/c/263434/ - 'libvirt/block_migration_flag': value => $block_migration_flag; - 'libvirt/live_migration_flag': value => $live_migration_flag; + 'libvirt/live_migration_tunnelled': value => $rbd_ephemeral_storage; } if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { |