diff options
author | Aaron Smith <aasmith@redhat.com> | 2017-11-27 19:49:21 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@opnfv.org> | 2017-11-27 19:49:21 +0000 |
commit | 016ec072effd1638b52179eb056fda2891bd3777 (patch) | |
tree | ac331534786695b38cfb43ef907303af57a701e6 /puppet-barometer/manifests | |
parent | 8abbbfb5965b857c620de3737ba02cb4a6b7f62f (diff) | |
parent | cea670d32822b35502898c46a5a4b20b7363d46d (diff) |
Merge "puppet-barometer: add puppet module to barometer"
Diffstat (limited to 'puppet-barometer/manifests')
-rw-r--r-- | puppet-barometer/manifests/collectd.pp | 91 | ||||
-rw-r--r-- | puppet-barometer/manifests/config.pp | 30 | ||||
-rw-r--r-- | puppet-barometer/manifests/db.pp | 65 | ||||
-rw-r--r-- | puppet-barometer/manifests/db/mysql.pp | 69 | ||||
-rw-r--r-- | puppet-barometer/manifests/db/postgresql.pp | 55 | ||||
-rw-r--r-- | puppet-barometer/manifests/db/sync.pp | 26 | ||||
-rw-r--r-- | puppet-barometer/manifests/init.pp | 14 | ||||
-rw-r--r-- | puppet-barometer/manifests/keystone/auth.pp | 99 | ||||
-rw-r--r-- | puppet-barometer/manifests/keystone/authtoken.pp | 263 | ||||
-rw-r--r-- | puppet-barometer/manifests/logging.pp | 135 | ||||
-rw-r--r-- | puppet-barometer/manifests/params.pp | 16 | ||||
-rw-r--r-- | puppet-barometer/manifests/policy.pp | 41 | ||||
-rw-r--r-- | puppet-barometer/manifests/rdt.pp | 29 |
13 files changed, 933 insertions, 0 deletions
diff --git a/puppet-barometer/manifests/collectd.pp b/puppet-barometer/manifests/collectd.pp new file mode 100644 index 00000000..8d5536f7 --- /dev/null +++ b/puppet-barometer/manifests/collectd.pp @@ -0,0 +1,91 @@ +# Copyright 2017 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# == Class: ::barometer::collectd +# Add configuration files for all components. +# Start collectd service + +class barometer::collectd ( + $auth_url = barometer::collectd::auth_url, + $collectd_username = barometer::collectd::collectd_username, + $collectd_password = barometer::collectd::collectd_password, +) { + file { '/etc/collectd/collectd.conf.d/collectd-ceilometer-plugin.conf': + ensure => file, + content => template('barometer/collectd-gnocchi.conf.erb'), + } + file { '/etc/collectd/collectd.conf.d/aodh.conf': + ensure => file, + content => template('barometer/aodh.conf.erb'), + } + file { '/etc/collectd/collectd.conf.d/intel_rdt.conf': + ensure => file, + content => template('barometer/intel_rdt.conf.erb'), + } + file { '/etc/collectd/collectd.conf.d/01-logfile.conf': + ensure => file, + content => template('barometer/logfile.conf.erb'), + } + file { '/etc/collectd.conf': + ensure => file, + content => template('barometer/collectd.conf.erb'), + } + file { '/etc/collectd/collectd.conf.d/hugepages.conf': + ensure => file, + content => template('barometer/hugepages.conf.erb'), + } + file { '/etc/collectd/collectd.conf.d/mcelog.conf': + ensure => file, + content => template('barometer/mcelog.conf.erb'), + } + file { '/etc/mcelog/mcelog.conf': + ensure => file, + content => template('barometer/mcelog-client.conf.erb'), + } + file { '/etc/collectd/collectd.conf.d/ovs_events.conf': + ensure => file, + content => template('barometer/ovs_events.conf.erb'), + } + file { '/etc/collectd/collectd.conf.d/ovs_stats.conf': + ensure => file, + content => template('barometer/ovs_stats.conf.erb'), + } + file { '/etc/collectd/collectd.conf.d/snmp_agent.conf': + ensure => file, + content => template('barometer/snmp_agent.conf.erb'), + } + # Add path to libpqos + file { '/etc/ld.so.conf.d/pqos.conf': + ensure => file, + content => template('barometer/pqos.conf.erb'), + } + exec { 'ovs-vsctl set-manager': + command => 'ovs-vsctl set-manager ptcp:6640', + path => '/usr/bin', + } + # start services +# service { 'snmpd': +# ensure => 'running', +# enable => true, +# } + service { 'mcelog': + ensure => 'running', + enable => true, + } + service { 'collectd': + ensure => 'running', + enable => true, + } +} + diff --git a/puppet-barometer/manifests/config.pp b/puppet-barometer/manifests/config.pp new file mode 100644 index 00000000..8f620af9 --- /dev/null +++ b/puppet-barometer/manifests/config.pp @@ -0,0 +1,30 @@ +# == Class: barometer::config +# +# This class is used to manage arbitrary barometer configurations. +# +# === Parameters +# +# [*barometer_config*] +# (optional) Allow configuration of arbitrary barometer configurations. +# The value is an hash of barometer_config resources. Example: +# { 'DEFAULT/foo' => { value => 'fooValue'}, +# 'DEFAULT/bar' => { value => 'barValue'} +# } +# In yaml format, Example: +# barometer_config: +# DEFAULT/foo: +# value: fooValue +# DEFAULT/bar: +# value: barValue +# +# NOTE: The configuration MUST NOT be already handled by this module +# or Puppet catalog compilation will fail with duplicate resources. +# +class barometer::config ( + $barometer_config = {}, +) { + + validate_hash($barometer_config) + + create_resources('barometer_config', $barometer_config) +} diff --git a/puppet-barometer/manifests/db.pp b/puppet-barometer/manifests/db.pp new file mode 100644 index 00000000..83165784 --- /dev/null +++ b/puppet-barometer/manifests/db.pp @@ -0,0 +1,65 @@ +# == Class: barometer::db +# +# Configure the barometer database +# +# === Parameters +# +# [*database_connection*] +# (Optional) Url used to connect to database. +# Defaults to 'sqlite:////var/lib/barometer/barometer.sqlite'. +# +# [*database_idle_timeout*] +# (Optional) Timeout when db connections should be reaped. +# Defaults to $::os_service_default +# +# [*database_db_max_retries*] +# (optional) Maximum retries in case of connection error or deadlock error +# before error is raised. Set to -1 to specify an infinite retry count. +# Defaults to $::os_service_default +# +# [*database_max_retries*] +# (Optional) Maximum number of database connection retries during startup. +# Setting -1 implies an infinite retry count. +# Defaults to $::os_service_default +# +# [*database_retry_interval*] +# (Optional) Interval between retries of opening a database connection. +# Defaults to $::os_service_default +# +# [*database_min_pool_size*] +# (Optional) Minimum number of SQL connections to keep open in a pool. +# Defaults to $::os_service_default +# +# [*database_max_pool_size*] +# (Optional)Maximum number of SQL connections to keep open in a pool. +# Defaults to $::os_service_default +# +# [*database_max_overflow*] +# (Optional) If set, use this value for max_overflow with sqlalchemy. +# Defaults to $::os_service_default +# +class barometer::db ( + $database_connection = 'sqlite:////var/lib/barometer/barometer.sqlite', + $database_idle_timeout = $::os_service_default, + $database_min_pool_size = $::os_service_default, + $database_max_pool_size = $::os_service_default, + $database_db_max_retries = $::os_service_default, + $database_max_retries = $::os_service_default, + $database_retry_interval = $::os_service_default, + $database_max_overflow = $::os_service_default, +) { + + validate_re($database_connection, + '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') + + oslo::db { 'barometer_config': + connection => $database_connection, + idle_timeout => $database_idle_timeout, + min_pool_size => $database_min_pool_size, + db_max_retries => $database_db_max_retries, + max_retries => $database_max_retries, + retry_interval => $database_retry_interval, + max_pool_size => $database_max_pool_size, + max_overflow => $database_max_overflow, + } +} diff --git a/puppet-barometer/manifests/db/mysql.pp b/puppet-barometer/manifests/db/mysql.pp new file mode 100644 index 00000000..c9284082 --- /dev/null +++ b/puppet-barometer/manifests/db/mysql.pp @@ -0,0 +1,69 @@ +# The barometer::db::mysql class implements mysql backend for barometer +# +# This class can be used to create tables, users and grant +# privilege for a mysql barometer database. +# +# == parameters +# +# [*password*] +# (Mandatory) Password to connect to the database. +# Defaults to 'false'. +# +# [*dbname*] +# (Optional) Name of the database. +# Defaults to 'barometer'. +# +# [*user*] +# (Optional) User to connect to the database. +# Defaults to 'barometer'. +# +# [*host*] +# (Optional) The default source host user is allowed to connect from. +# Defaults to '127.0.0.1' +# +# [*allowed_hosts*] +# (Optional) Other hosts the user is allowed to connect from. +# Defaults to 'undef'. +# +# [*charset*] +# (Optional) The database charset. +# Defaults to 'utf8' +# +# [*collate*] +# (Optional) The database collate. +# Only used with mysql modules >= 2.2. +# Defaults to 'utf8_general_ci' +# +# == Dependencies +# Class['mysql::server'] +# +# == Examples +# +# == Authors +# +# == Copyright +# +class barometer::db::mysql( + $password, + $dbname = 'barometer', + $user = 'barometer', + $host = '127.0.0.1', + $charset = 'utf8', + $collate = 'utf8_general_ci', + $allowed_hosts = undef +) { + + validate_string($password) + + ::openstacklib::db::mysql { 'barometer': + user => $user, + password_hash => mysql_password($password), + dbname => $dbname, + host => $host, + charset => $charset, + collate => $collate, + allowed_hosts => $allowed_hosts, + } + + ::Openstacklib::Db::Mysql['barometer'] ~> Exec<| title == 'barometer-manage db_sync' |> +} diff --git a/puppet-barometer/manifests/db/postgresql.pp b/puppet-barometer/manifests/db/postgresql.pp new file mode 100644 index 00000000..35d9b58b --- /dev/null +++ b/puppet-barometer/manifests/db/postgresql.pp @@ -0,0 +1,55 @@ +# == Class: barometer::db::postgresql +# +# Class that configures postgresql for barometer +# Requires the Puppetlabs postgresql module. +# +# === Parameters +# +# [*password*] +# (Required) Password to connect to the database. +# +# [*dbname*] +# (Optional) Name of the database. +# Defaults to 'barometer'. +# +# [*user*] +# (Optional) User to connect to the database. +# Defaults to 'barometer'. +# +# [*encoding*] +# (Optional) The charset to use for the database. +# Default to undef. +# +# [*privileges*] +# (Optional) Privileges given to the database user. +# Default to 'ALL' +# +# == Dependencies +# +# == Examples +# +# == Authors +# +# == Copyright +# +class barometer::db::postgresql( + $password, + $dbname = 'barometer', + $user = 'barometer', + $encoding = undef, + $privileges = 'ALL', +) { + + Class['barometer::db::postgresql'] -> Service<| title == 'barometer' |> + + ::openstacklib::db::postgresql { 'barometer': + password_hash => postgresql_password($user, $password), + dbname => $dbname, + user => $user, + encoding => $encoding, + privileges => $privileges, + } + + ::Openstacklib::Db::Postgresql['barometer'] ~> Exec<| title == 'barometer-manage db_sync' |> + +} diff --git a/puppet-barometer/manifests/db/sync.pp b/puppet-barometer/manifests/db/sync.pp new file mode 100644 index 00000000..6a67bf2f --- /dev/null +++ b/puppet-barometer/manifests/db/sync.pp @@ -0,0 +1,26 @@ +# +# Class to execute barometer-manage db_sync +# +# == Parameters +# +# [*extra_params*] +# (optional) String of extra command line parameters to append +# to the barometer-dbsync command. +# Defaults to undef +# +class barometer::db::sync( + $extra_params = undef, +) { + exec { 'barometer-db-sync': + command => "barometer-manage db_sync ${extra_params}", + path => [ '/bin', '/usr/bin', ], + user => 'barometer', + refreshonly => true, + try_sleep => 5, + tries => 10, + logoutput => on_failure, + subscribe => [Package['barometer'], Barometer_config['database/connection']], + } + + Exec['barometer-manage db_sync'] ~> Service<| title == 'barometer' |> +} diff --git a/puppet-barometer/manifests/init.pp b/puppet-barometer/manifests/init.pp new file mode 100644 index 00000000..c3c4e402 --- /dev/null +++ b/puppet-barometer/manifests/init.pp @@ -0,0 +1,14 @@ +# == Class: barometer +# +# Full description of class barometer here. +# +# === Parameters +# +# [*sample_parameter*] +# Explanation of what this parameter affects and what it defaults to. +# +class barometer { + + include ::barometer::params + +} diff --git a/puppet-barometer/manifests/keystone/auth.pp b/puppet-barometer/manifests/keystone/auth.pp new file mode 100644 index 00000000..655b2c60 --- /dev/null +++ b/puppet-barometer/manifests/keystone/auth.pp @@ -0,0 +1,99 @@ +# == Class: barometer::keystone::auth +# +# Configures barometer user, service and endpoint in Keystone. +# +# === Parameters +# +# [*password*] +# (required) Password for barometer user. +# +# [*ensure*] +# (optional) Ensure state of keystone service identity. Defaults to 'present'. +# +# [*auth_name*] +# Username for barometer service. Defaults to 'barometer'. +# +# [*email*] +# Email for barometer user. Defaults to 'barometer@localhost'. +# +# [*tenant*] +# Tenant for barometer user. Defaults to 'services'. +# +# [*configure_endpoint*] +# Should barometer endpoint be configured? Defaults to 'true'. +# +# [*configure_user*] +# (Optional) Should the service user be configured? +# Defaults to 'true'. +# +# [*configure_user_role*] +# (Optional) Should the admin role be configured for the service user? +# Defaults to 'true'. +# +# [*service_type*] +# Type of service. Defaults to 'key-manager'. +# +# [*region*] +# Region for endpoint. Defaults to 'RegionOne'. +# +# [*service_name*] +# (optional) Name of the service. +# Defaults to the value of 'barometer'. +# +# [*service_description*] +# (optional) Description of the service. +# Default to 'barometer NFV Service' +# +# [*public_url*] +# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:9890') +# This url should *not* contain any trailing '/'. +# +# [*admin_url*] +# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:9890') +# This url should *not* contain any trailing '/'. +# +# [*internal_url*] +# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:9890') +# +class barometer::keystone::auth ( + $password, + $ensure = 'present', + $auth_name = 'barometer', + $email = 'barometer@localhost', + $tenant = 'services', + $configure_endpoint = true, + $configure_user = true, + $configure_user_role = true, + $service_name = 'barometer', + $service_description = 'barometer NFV Service', + $service_type = 'nfv-orchestration', + $region = 'RegionOne', + $public_url = 'http://127.0.0.1:9890', + $admin_url = 'http://127.0.0.1:9890', + $internal_url = 'http://127.0.0.1:9890', +) { + + if $configure_user_role { + Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'barometer-server' |> + } + Keystone_endpoint["${region}/${service_name}::${service_type}"] ~> Service <| name == 'barometer-server' |> + + keystone::resource::service_identity { 'barometer': + ensure => $ensure, + configure_user => $configure_user, + configure_user_role => $configure_user_role, + configure_endpoint => $configure_endpoint, + service_name => $service_name, + service_type => $service_type, + service_description => $service_description, + region => $region, + auth_name => $auth_name, + password => $password, + email => $email, + tenant => $tenant, + public_url => $public_url, + internal_url => $internal_url, + admin_url => $admin_url, + } + +} diff --git a/puppet-barometer/manifests/keystone/authtoken.pp b/puppet-barometer/manifests/keystone/authtoken.pp new file mode 100644 index 00000000..b9d3d007 --- /dev/null +++ b/puppet-barometer/manifests/keystone/authtoken.pp @@ -0,0 +1,263 @@ +# class: barometer::keystone::auth +# +# Configure the keystone_authtoken section in the configuration file +# +# === Parameters +# +# [*username*] +# (Optional) The name of the service user +# Defaults to 'barometer' +# +# [*password*] +# (Required) Password to create for the service user +# +# [*auth_url*] +# (Optional) The URL to use for authentication. +# Defaults to 'http://localhost:35357'. +# +# [*project_name*] +# (Optional) Service project name +# Defaults to 'services' +# +# [*user_domain_name*] +# (Optional) Name of domain for $username +# Defaults to $::os_service_default +# +# [*project_domain_name*] +# (Optional) Name of domain for $project_name +# Defaults to $::os_service_default +# +# [*insecure*] +# (Optional) If true, explicitly allow TLS without checking server cert +# against any certificate authorities. WARNING: not recommended. Use with +# caution. +# Defaults to $:os_service_default +# +# [*auth_section*] +# (Optional) Config Section from which to load plugin specific options +# Defaults to $::os_service_default. +# +# [*auth_type*] +# (Optional) Authentication type to load +# Defaults to 'password'. +# +# [*auth_uri*] +# (Optional) Complete public Identity API endpoint. +# Defaults to 'http://localhost:5000'. +# +# [*auth_version*] +# (Optional) API version of the admin Identity API endpoint. +# Defaults to $::os_service_default. +# +# [*cache*] +# (Optional) Env key for the swift cache. +# Defaults to $::os_service_default. +# +# [*cafile*] +# (Optional) A PEM encoded Certificate Authority to use when verifying HTTPs +# connections. +# Defaults to $::os_service_default. +# +# [*certfile*] +# (Optional) Required if identity server requires client certificate +# Defaults to $::os_service_default. +# +# [*check_revocations_for_cached*] +# (Optional) If true, the revocation list will be checked for cached tokens. +# This requires that PKI tokens are configured on the identity server. +# boolean value. +# Defaults to $::os_service_default. +# +# [*delay_auth_decision*] +# (Optional) Do not handle authorization requests within the middleware, but +# delegate the authorization decision to downstream WSGI components. Boolean +# value +# Defaults to $::os_service_default. +# +# [*enforce_token_bind*] +# (Optional) Used to control the use and type of token binding. Can be set +# to: "disabled" to not check token binding. "permissive" (default) to +# validate binding information if the bind type is of a form known to the +# server and ignore it if not. "strict" like "permissive" but if the bind +# type is unknown the token will be rejected. "required" any form of token +# binding is needed to be allowed. Finally the name of a binding method that +# must be present in tokens. String value. +# Defaults to $::os_service_default. +# +# [*hash_algorithms*] +# (Optional) Hash algorithms to use for hashing PKI tokens. This may be a +# single algorithm or multiple. The algorithms are those supported by Python +# standard hashlib.new(). The hashes will be tried in the order given, so put +# the preferred one first for performance. The result of the first hash will +# be stored in the cache. This will typically be set to multiple values only +# while migrating from a less secure algorithm to a more secure one. Once all +# the old tokens are expired this option should be set to a single value for +# better performance. List value. +# Defaults to $::os_service_default. +# +# [*http_connect_timeout*] +# (Optional) Request timeout value for communicating with Identity API +# server. +# Defaults to $::os_service_default. +# +# [*http_request_max_retries*] +# (Optional) How many times are we trying to reconnect when communicating +# with Identity API Server. Integer value +# Defaults to $::os_service_default. +# +# [*include_service_catalog*] +# (Optional) Indicate whether to set the X-Service-Catalog header. If False, +# middleware will not ask for service catalog on token validation and will +# not set the X-Service-Catalog header. Boolean value. +# Defaults to $::os_service_default. +# +# [*keyfile*] +# (Optional) Required if identity server requires client certificate +# Defaults to $::os_service_default. +# +# [*memcache_pool_conn_get_timeout*] +# (Optional) Number of seconds that an operation will wait to get a memcached +# client connection from the pool. Integer value +# Defaults to $::os_service_default. +# +# [*memcache_pool_dead_retry*] +# (Optional) Number of seconds memcached server is considered dead before it +# is tried again. Integer value +# Defaults to $::os_service_default. +# +# [*memcache_pool_maxsize*] +# (Optional) Maximum total number of open connections to every memcached +# server. Integer value +# Defaults to $::os_service_default. +# +# [*memcache_pool_socket_timeout*] +# (Optional) Number of seconds a connection to memcached is held unused in +# the pool before it is closed. Integer value +# Defaults to $::os_service_default. +# +# [*memcache_pool_unused_timeout*] +# (Optional) Number of seconds a connection to memcached is held unused in +# the pool before it is closed. Integer value +# Defaults to $::os_service_default. +# +# [*memcache_secret_key*] +# (Optional, mandatory if memcache_security_strategy is defined) This string +# is used for key derivation. +# Defaults to $::os_service_default. +# +# [*memcache_security_strategy*] +# (Optional) If defined, indicate whether token data should be authenticated +# or authenticated and encrypted. If MAC, token data is authenticated (with +# HMAC) in the cache. If ENCRYPT, token data is encrypted and authenticated in the +# cache. If the value is not one of these options or empty, auth_token will +# raise an exception on initialization. +# Defaults to $::os_service_default. +# +# [*memcache_use_advanced_pool*] +# (Optional) Use the advanced (eventlet safe) memcached client pool. The +# advanced pool will only work under python 2.x Boolean value +# Defaults to $::os_service_default. +# +# [*memcached_servers*] +# (Optional) Optionally specify a list of memcached server(s) to use for +# caching. If left undefined, tokens will instead be cached in-process. +# Defaults to $::os_service_default. +# +# [*manage_memcache_package*] +# (Optional) Whether to install the python-memcache package. +# Defaults to false. +# +# [*region_name*] +# (Optional) The region in which the identity server can be found. +# Defaults to $::os_service_default. +# +# [*revocation_cache_time*] +# (Optional) Determines the frequency at which the list of revoked tokens is +# retrieved from the Identity service (in seconds). A high number of +# revocation events combined with a low cache duration may significantly +# reduce performance. Only valid for PKI tokens. Integer value +# Defaults to $::os_service_default. +# +# [*token_cache_time*] +# (Optional) In order to prevent excessive effort spent validating tokens, +# the middleware caches previously-seen tokens for a configurable duration +# (in seconds). Set to -1 to disable caching completely. Integer value +# Defaults to $::os_service_default. +# +class barometer::keystone::authtoken( + $password, + $username = 'barometer', + $auth_url = 'http://localhost:35357', + $project_name = 'services', + $user_domain_name = $::os_service_default, + $project_domain_name = $::os_service_default, + $insecure = $::os_service_default, + $auth_section = $::os_service_default, + $auth_type = 'password', + $auth_uri = 'http://localhost:5000', + $auth_version = $::os_service_default, + $cache = $::os_service_default, + $cafile = $::os_service_default, + $certfile = $::os_service_default, + $check_revocations_for_cached = $::os_service_default, + $delay_auth_decision = $::os_service_default, + $enforce_token_bind = $::os_service_default, + $hash_algorithms = $::os_service_default, + $http_connect_timeout = $::os_service_default, + $http_request_max_retries = $::os_service_default, + $include_service_catalog = $::os_service_default, + $keyfile = $::os_service_default, + $memcache_pool_conn_get_timeout = $::os_service_default, + $memcache_pool_dead_retry = $::os_service_default, + $memcache_pool_maxsize = $::os_service_default, + $memcache_pool_socket_timeout = $::os_service_default, + $memcache_pool_unused_timeout = $::os_service_default, + $memcache_secret_key = $::os_service_default, + $memcache_security_strategy = $::os_service_default, + $memcache_use_advanced_pool = $::os_service_default, + $memcached_servers = $::os_service_default, + $manage_memcache_package = false, + $region_name = $::os_service_default, + $revocation_cache_time = $::os_service_default, + $token_cache_time = $::os_service_default, +) { + + keystone::resource::authtoken { 'barometer_config': + username => $username, + password => $password, + project_name => $project_name, + auth_url => $auth_url, + auth_uri => $auth_uri, + auth_version => $auth_version, + auth_type => $auth_type, + auth_section => $auth_section, + user_domain_name => $user_domain_name, + project_domain_name => $project_domain_name, + insecure => $insecure, + cache => $cache, + cafile => $cafile, + certfile => $certfile, + check_revocations_for_cached => $check_revocations_for_cached, + delay_auth_decision => $delay_auth_decision, + enforce_token_bind => $enforce_token_bind, + hash_algorithms => $hash_algorithms, + http_connect_timeout => $http_connect_timeout, + http_request_max_retries => $http_request_max_retries, + include_service_catalog => $include_service_catalog, + keyfile => $keyfile, + memcache_pool_conn_get_timeout => $memcache_pool_conn_get_timeout, + memcache_pool_dead_retry => $memcache_pool_dead_retry, + memcache_pool_maxsize => $memcache_pool_maxsize, + memcache_pool_socket_timeout => $memcache_pool_socket_timeout, + memcache_secret_key => $memcache_secret_key, + memcache_security_strategy => $memcache_security_strategy, + memcache_use_advanced_pool => $memcache_use_advanced_pool, + memcache_pool_unused_timeout => $memcache_pool_unused_timeout, + memcached_servers => $memcached_servers, + manage_memcache_package => $manage_memcache_package, + region_name => $region_name, + revocation_cache_time => $revocation_cache_time, + token_cache_time => $token_cache_time, + } +} + diff --git a/puppet-barometer/manifests/logging.pp b/puppet-barometer/manifests/logging.pp new file mode 100644 index 00000000..1069ea6c --- /dev/null +++ b/puppet-barometer/manifests/logging.pp @@ -0,0 +1,135 @@ +# Class barometer::logging +# +# barometer logging configuration +# +# == parameters +# +# [*debug*] +# (Optional) Should the daemons log debug messages +# Defaults to $::os_service_default +# +# [*use_syslog*] +# (Optional) Use syslog for logging. +# Defaults to $::os_service_default +# +# [*use_stderr*] +# (optional) Use stderr for logging +# Defaults to $::os_service_default +# +# [*syslog_log_facility*] +# (Optional) Syslog facility to receive log lines. +# Defaults to $::os_service_default +# +# [*log_dir*] +# (optional) Directory where logs should be stored. +# If set to boolean false, it will not log to any directory. +# Defaults to '/var/log/barometer'. +# +# [*log_file*] +# (optional) File where logs should be stored. +# Defaults to '/var/log/barometer/barometer.log' +# +# [*logging_context_format_string*] +# (optional) Format string to use for log messages with context. +# Defaults to $::os_service_default +# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ +# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' +# +# [*logging_default_format_string*] +# (optional) Format string to use for log messages without context. +# Defaults to $::os_service_default +# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ +# [-] %(instance)s%(message)s' +# +# [*logging_debug_format_suffix*] +# (optional) Formatted data to append to log format when level is DEBUG. +# Defaults to $::os_service_default +# Example: '%(funcName)s %(pathname)s:%(lineno)d' +# +# [*logging_exception_prefix*] +# (optional) Prefix each line of exception output with this format. +# Defaults to $::os_service_default +# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' +# +# [*log_config_append*] +# (optional) The name of an additional logging configuration file. +# Defaults to $::os_service_default +# See https://docs.python.org/2/howto/logging.html +# +# [*default_log_levels*] +# (optional) Hash of logger (keys) and level (values) pairs. +# Defaults to $::os_service_default +# Example: +# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', +# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', +# 'oslo.messaging' => 'INFO', 'iso8601' => 'WARN', +# 'requests.packages.urllib3.connectionpool' => 'WARN', +# 'urllib3.connectionpool' => 'WARN', +# 'websocket' => 'WARN', 'barometermiddleware' => 'WARN', +# 'routes.middleware' => 'WARN', stevedore => 'WARN' } +# +# [*publish_errors*] +# (optional) Publish error events (boolean value). +# Defaults to $::os_service_default +# +# [*fatal_deprecations*] +# (optional) Make deprecations fatal (boolean value) +# Defaults to $::os_service_default +# +# [*instance_format*] +# (optional) If an instance is passed with the log message, format it +# like this (string value). +# Defaults to undef. +# Example: '[instance: %(uuid)s] ' +# +# [*instance_uuid_format*] +# (optional) If an instance UUID is passed with the log message, format +# it like this (string value). +# Defaults to $::os_service_default +# Example: instance_uuid_format='[instance: %(uuid)s] ' +# +# [*log_date_format*] +# (optional) Format string for %%(asctime)s in log records. +# Defaults to $::os_service_default +# Example: 'Y-%m-%d %H:%M:%S' + +class barometer::logging( + $use_syslog = $::os_service_default, + $use_stderr = $::os_service_default, + $syslog_log_facility = $::os_service_default, + $log_dir = '/var/log/barometer', + $log_file = '/var/log/barometer/barometer.log', + $debug = $::os_service_default, + $logging_context_format_string = $::os_service_default, + $logging_default_format_string = $::os_service_default, + $logging_debug_format_suffix = $::os_service_default, + $logging_exception_prefix = $::os_service_default, + $log_config_append = $::os_service_default, + $default_log_levels = $::os_service_default, + $publish_errors = $::os_service_default, + $fatal_deprecations = $::os_service_default, + $instance_format = $::os_service_default, + $instance_uuid_format = $::os_service_default, + $log_date_format = $::os_service_default, +) { + + oslo::log { 'barometer_config': + use_stderr => $use_stderr, + use_syslog => $use_syslog, + log_dir => $log_dir, + log_file => $log_file, + debug => $debug, + logging_context_format_string => $logging_context_format_string, + logging_default_format_string => $logging_default_format_string, + logging_debug_format_suffix => $logging_debug_format_suffix, + logging_exception_prefix => $logging_exception_prefix, + log_config_append => $log_config_append, + default_log_levels => $default_log_levels, + publish_errors => $publish_errors, + fatal_deprecations => $fatal_deprecations, + instance_format => $instance_format, + instance_uuid_format => $instance_uuid_format, + log_date_format => $log_date_format, + syslog_log_facility => $syslog_log_facility, + } +} diff --git a/puppet-barometer/manifests/params.pp b/puppet-barometer/manifests/params.pp new file mode 100644 index 00000000..df09e909 --- /dev/null +++ b/puppet-barometer/manifests/params.pp @@ -0,0 +1,16 @@ +# Parameters for puppet-barometer +# +class barometer::params { + include ::openstacklib::defaults + + case $::osfamily { + 'RedHat': { + } + 'Debian': { + } + default: { + fail("Unsupported osfamily: ${::osfamily} operatingsystem") + } + + } # Case $::osfamily +} diff --git a/puppet-barometer/manifests/policy.pp b/puppet-barometer/manifests/policy.pp new file mode 100644 index 00000000..f2011dea --- /dev/null +++ b/puppet-barometer/manifests/policy.pp @@ -0,0 +1,41 @@ +# == Class: barometer::policy +# +# Configure the barometer policies +# +# === Parameters +# +# [*policies*] +# (optional) Set of policies to configure for barometer +# Example : +# { +# 'barometer-context_is_admin' => { +# 'key' => 'context_is_admin', +# 'value' => 'true' +# }, +# 'barometer-default' => { +# 'key' => 'default', +# 'value' => 'rule:admin_or_owner' +# } +# } +# Defaults to empty hash. +# +# [*policy_path*] +# (optional) Path to the nova policy.json file +# Defaults to /etc/barometer/policy.json +# +class barometer::policy ( + $policies = {}, + $policy_path = '/etc/barometer/policy.json', +) { + + validate_hash($policies) + + Openstacklib::Policy::Base { + file_path => $policy_path, + } + + create_resources('openstacklib::policy::base', $policies) + + oslo::policy { 'barometer_config': policy_file => $policy_path } + +} diff --git a/puppet-barometer/manifests/rdt.pp b/puppet-barometer/manifests/rdt.pp new file mode 100644 index 00000000..ff3b9978 --- /dev/null +++ b/puppet-barometer/manifests/rdt.pp @@ -0,0 +1,29 @@ +# Copyright 2017 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# == Class: ::barometer::rdt +# RDT preparation: ldconfig and load msr module +# Create .conf +class barometer::rdt ( +) { + exec { 'update linker cache': + path => '/usr/sbin', + command => 'ldconfig', + } + exec { 'load MSR module': + path => '/usr/sbin', + command => 'modprobe msr', + } +} + |