From da91bb6e1e041b4462765c87ff36458528d952e8 Mon Sep 17 00:00:00 2001
From: Michael Henkel <mhenkel@juniper.net>
Date: Thu, 26 Jan 2017 15:24:04 +0100
Subject: Re-organizes Contrail services to the correct roles

In current setup some Contrail services belong to the wrong roles.
The Contrail control plane can be impacted if the Analytics database has
problems.

Change-Id: I0d57a2324c38b5b20cc687c6217a7a364941f7e6
Depends-On: Id0dd35b95c5fe9d0fcc1e16c4b7d6cc601f10818
Closes-Bug: #1659560
---
 puppet/services/network/contrail-base.yaml | 85 ++++++++++++++++--------------
 1 file changed, 44 insertions(+), 41 deletions(-)

(limited to 'puppet/services/network/contrail-base.yaml')

diff --git a/puppet/services/network/contrail-base.yaml b/puppet/services/network/contrail-base.yaml
index b49b2add..bc56a3ca 100644
--- a/puppet/services/network/contrail-base.yaml
+++ b/puppet/services/network/contrail-base.yaml
@@ -18,47 +18,42 @@ parameters:
     description: Mapping of service endpoint -> protocol. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  ContrailAAAMode:
+    description: AAAmode can be no-auth, cloud-admin or rbac
+    type: string
+    default: 'rbac'
+  ContrailAAAModeAnalytics:
+    description: AAAmode for analytics can be no-auth, cloud-admin or rbac
+    type: string
+    default: 'no-auth'
   AdminPassword:
     description: Keystone admin user password
     type: string
+    hidden: true
   AdminTenantName:
     description: Keystone admin tenant name
     type: string
+    default: 'admin'
   AdminToken:
     description: Keystone admin token
     type: string
+    hidden: true
   AdminUser:
     description: Keystone admin user name
     type: string
-  AuthHost:
-    description: Keystone host IP address
-    type: string
-  AuthPort:
-    default: 35357
-    description: Keystone port
+    default: 'admin'
+  AuthPortSSL:
+    default: 13357
+    description: Keystone SSL port
+    type: number
+  AuthPortSSLPublic:
+    default: 13000
+    description: Keystone Public SSL port
     type: number
-  AuthProtocol:
-    default: 'http'
-    description: Keystone authentication protocol
-    type: string
-  ContrailDiscoveryServerIp:
-    description: Discovery server ip address
-    type: string
-  ContrailKafkaBrokerList:
-    description: List of kafka servers
-    type: comma_delimited_list
   ContrailAuth:
     default: 'keystone'
     description: Keystone authentication method
     type: string
-  ContrailCassandraServerList:
-    default: []
-    description: List of cassandra servers
-    type: comma_delimited_list
-  ContrailDiscoveryServerPort:
-    description: Discovery server port
-    type: number
-    default: 5998
   ContrailInsecure:
     default: false
     description: Keystone insecure mode
@@ -67,14 +62,18 @@ parameters:
     default: '127.0.0.1:12111'
     description: Memcached server
     type: string
-  ContrailMultiTenancy:
-    default: true
-    description: Turn on/off multi-tenancy
-    type: boolean
-  ContrailZkServerIp:
-    default: []
-    description: List of zookeeper servers
-    type: comma_delimited_list
+  RabbitPassword:
+    description: The password for RabbitMQ
+    type: string
+    hidden: true
+  RabbitUserName:
+    default: guest
+    description: The username for RabbitMQ
+    type: string
+  RabbitClientPort:
+    default: 5672
+    description: Set rabbit subscriber port, change this if using SSL
+    type: number
 
 outputs:
   role_data:
@@ -82,19 +81,23 @@ outputs:
     value:
       service_name: contrail_base
       config_settings:
+        contrail::aaa_mode: {get_param: ContrailAAAMode}
+        contrail::analytics_aaa_mode: {get_param: ContrailAAAModeAnalytics}
         contrail::admin_password: {get_param: AdminPassword}
         contrail::admin_tenant_name: {get_param: AdminTenantName}
         contrail::admin_token: {get_param: AdminToken}
         contrail::admin_user: {get_param: AdminUser}
-        contrail::auth_host: {get_param: [EndpointMap, KeystoneInternal, host] }
-        contrail::auth_port: {get_param: [EndpointMap, KeystoneInternal, port] }
-        contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] }
-        contrail::disc_server_ip: {get_param: ContrailDiscoveryServerIp}
-        contrail::kafka_broker_list: {get_param: ContrailKafkaBrokerList}
         contrail::auth: {get_param: ContrailAuth}
-        contrail::cassandra_server_list: {get_param: ContrailCassandraServerList}
-        contrail::disc_server_port: {get_param: ContrailDiscoveryServerPort}
+        contrail::auth_host: {get_param: [EndpointMap, KeystonePublic, host] }
+        contrail::auth_port: {get_param: [EndpointMap, KeystoneAdmin, port] }
+        contrail::auth_port_ssl: {get_param: AuthPortSSL }
+        contrail::auth_port_public: {get_param: [EndpointMap, KeystonePublic, port] }
+        contrail::auth_port_ssl_public: {get_param: AuthPortSSLPublic }
+        contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] }
+        contrail::api_port: {get_param: [EndpointMap, ContrailConfigInternal, port] }
+        contrail::disc_server_port: {get_param: [EndpointMap, ContrailDiscoveryInternal, port] }
         contrail::insecure: {get_param: ContrailInsecure}
         contrail::memcached_server: {get_param: ContrailMemcachedServer}
-        contrail::multi_tenancy: {get_param: ContrailMultiTenancy}
-        contrail::zk_server_ip: {get_param: ContrailZkServerIp}
+        contrail::rabbit_password: {get_param: RabbitPassword}
+        contrail::rabbit_user: {get_param: RabbitUserName}
+        contrail::rabbit_port: {get_param: RabbitClientPort}
-- 
cgit 1.2.3-korg