aboutsummaryrefslogtreecommitdiffstats
path: root/puppet-barometer/manifests
diff options
context:
space:
mode:
authorMaryam Tahhan <maryam.tahhan@intel.com>2017-11-15 10:19:45 +0000
committerMaryam Tahhan <maryam.tahhan@intel.com>2017-11-15 10:21:25 +0000
commitcea670d32822b35502898c46a5a4b20b7363d46d (patch)
tree56d6a6d87efda583cea03e3fbea1dab7520d6c5f /puppet-barometer/manifests
parentecf1ba1c5000718d1f0d90270af33039b488c835 (diff)
puppet-barometer: add puppet module to barometer
Port puppet module from https://github.com/johnhinman/puppet-barometer to barometer. Change-Id: I48499382307a184a34591a7202c439cd7c341c39 Signed-off-by: jhinman1 <john.hinman@intel.com> Signed-off-by: Maryam Tahhan <maryam.tahhan@intel.com>
Diffstat (limited to 'puppet-barometer/manifests')
-rw-r--r--puppet-barometer/manifests/collectd.pp91
-rw-r--r--puppet-barometer/manifests/config.pp30
-rw-r--r--puppet-barometer/manifests/db.pp65
-rw-r--r--puppet-barometer/manifests/db/mysql.pp69
-rw-r--r--puppet-barometer/manifests/db/postgresql.pp55
-rw-r--r--puppet-barometer/manifests/db/sync.pp26
-rw-r--r--puppet-barometer/manifests/init.pp14
-rw-r--r--puppet-barometer/manifests/keystone/auth.pp99
-rw-r--r--puppet-barometer/manifests/keystone/authtoken.pp263
-rw-r--r--puppet-barometer/manifests/logging.pp135
-rw-r--r--puppet-barometer/manifests/params.pp16
-rw-r--r--puppet-barometer/manifests/policy.pp41
-rw-r--r--puppet-barometer/manifests/rdt.pp29
13 files changed, 933 insertions, 0 deletions
diff --git a/puppet-barometer/manifests/collectd.pp b/puppet-barometer/manifests/collectd.pp
new file mode 100644
index 00000000..8d5536f7
--- /dev/null
+++ b/puppet-barometer/manifests/collectd.pp
@@ -0,0 +1,91 @@
+# Copyright 2017 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# == Class: ::barometer::collectd
+# Add configuration files for all components.
+# Start collectd service
+
+class barometer::collectd (
+ $auth_url = barometer::collectd::auth_url,
+ $collectd_username = barometer::collectd::collectd_username,
+ $collectd_password = barometer::collectd::collectd_password,
+) {
+ file { '/etc/collectd/collectd.conf.d/collectd-ceilometer-plugin.conf':
+ ensure => file,
+ content => template('barometer/collectd-gnocchi.conf.erb'),
+ }
+ file { '/etc/collectd/collectd.conf.d/aodh.conf':
+ ensure => file,
+ content => template('barometer/aodh.conf.erb'),
+ }
+ file { '/etc/collectd/collectd.conf.d/intel_rdt.conf':
+ ensure => file,
+ content => template('barometer/intel_rdt.conf.erb'),
+ }
+ file { '/etc/collectd/collectd.conf.d/01-logfile.conf':
+ ensure => file,
+ content => template('barometer/logfile.conf.erb'),
+ }
+ file { '/etc/collectd.conf':
+ ensure => file,
+ content => template('barometer/collectd.conf.erb'),
+ }
+ file { '/etc/collectd/collectd.conf.d/hugepages.conf':
+ ensure => file,
+ content => template('barometer/hugepages.conf.erb'),
+ }
+ file { '/etc/collectd/collectd.conf.d/mcelog.conf':
+ ensure => file,
+ content => template('barometer/mcelog.conf.erb'),
+ }
+ file { '/etc/mcelog/mcelog.conf':
+ ensure => file,
+ content => template('barometer/mcelog-client.conf.erb'),
+ }
+ file { '/etc/collectd/collectd.conf.d/ovs_events.conf':
+ ensure => file,
+ content => template('barometer/ovs_events.conf.erb'),
+ }
+ file { '/etc/collectd/collectd.conf.d/ovs_stats.conf':
+ ensure => file,
+ content => template('barometer/ovs_stats.conf.erb'),
+ }
+ file { '/etc/collectd/collectd.conf.d/snmp_agent.conf':
+ ensure => file,
+ content => template('barometer/snmp_agent.conf.erb'),
+ }
+ # Add path to libpqos
+ file { '/etc/ld.so.conf.d/pqos.conf':
+ ensure => file,
+ content => template('barometer/pqos.conf.erb'),
+ }
+ exec { 'ovs-vsctl set-manager':
+ command => 'ovs-vsctl set-manager ptcp:6640',
+ path => '/usr/bin',
+ }
+ # start services
+# service { 'snmpd':
+# ensure => 'running',
+# enable => true,
+# }
+ service { 'mcelog':
+ ensure => 'running',
+ enable => true,
+ }
+ service { 'collectd':
+ ensure => 'running',
+ enable => true,
+ }
+}
+
diff --git a/puppet-barometer/manifests/config.pp b/puppet-barometer/manifests/config.pp
new file mode 100644
index 00000000..8f620af9
--- /dev/null
+++ b/puppet-barometer/manifests/config.pp
@@ -0,0 +1,30 @@
+# == Class: barometer::config
+#
+# This class is used to manage arbitrary barometer configurations.
+#
+# === Parameters
+#
+# [*barometer_config*]
+# (optional) Allow configuration of arbitrary barometer configurations.
+# The value is an hash of barometer_config resources. Example:
+# { 'DEFAULT/foo' => { value => 'fooValue'},
+# 'DEFAULT/bar' => { value => 'barValue'}
+# }
+# In yaml format, Example:
+# barometer_config:
+# DEFAULT/foo:
+# value: fooValue
+# DEFAULT/bar:
+# value: barValue
+#
+# NOTE: The configuration MUST NOT be already handled by this module
+# or Puppet catalog compilation will fail with duplicate resources.
+#
+class barometer::config (
+ $barometer_config = {},
+) {
+
+ validate_hash($barometer_config)
+
+ create_resources('barometer_config', $barometer_config)
+}
diff --git a/puppet-barometer/manifests/db.pp b/puppet-barometer/manifests/db.pp
new file mode 100644
index 00000000..83165784
--- /dev/null
+++ b/puppet-barometer/manifests/db.pp
@@ -0,0 +1,65 @@
+# == Class: barometer::db
+#
+# Configure the barometer database
+#
+# === Parameters
+#
+# [*database_connection*]
+# (Optional) Url used to connect to database.
+# Defaults to 'sqlite:////var/lib/barometer/barometer.sqlite'.
+#
+# [*database_idle_timeout*]
+# (Optional) Timeout when db connections should be reaped.
+# Defaults to $::os_service_default
+#
+# [*database_db_max_retries*]
+# (optional) Maximum retries in case of connection error or deadlock error
+# before error is raised. Set to -1 to specify an infinite retry count.
+# Defaults to $::os_service_default
+#
+# [*database_max_retries*]
+# (Optional) Maximum number of database connection retries during startup.
+# Setting -1 implies an infinite retry count.
+# Defaults to $::os_service_default
+#
+# [*database_retry_interval*]
+# (Optional) Interval between retries of opening a database connection.
+# Defaults to $::os_service_default
+#
+# [*database_min_pool_size*]
+# (Optional) Minimum number of SQL connections to keep open in a pool.
+# Defaults to $::os_service_default
+#
+# [*database_max_pool_size*]
+# (Optional)Maximum number of SQL connections to keep open in a pool.
+# Defaults to $::os_service_default
+#
+# [*database_max_overflow*]
+# (Optional) If set, use this value for max_overflow with sqlalchemy.
+# Defaults to $::os_service_default
+#
+class barometer::db (
+ $database_connection = 'sqlite:////var/lib/barometer/barometer.sqlite',
+ $database_idle_timeout = $::os_service_default,
+ $database_min_pool_size = $::os_service_default,
+ $database_max_pool_size = $::os_service_default,
+ $database_db_max_retries = $::os_service_default,
+ $database_max_retries = $::os_service_default,
+ $database_retry_interval = $::os_service_default,
+ $database_max_overflow = $::os_service_default,
+) {
+
+ validate_re($database_connection,
+ '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?')
+
+ oslo::db { 'barometer_config':
+ connection => $database_connection,
+ idle_timeout => $database_idle_timeout,
+ min_pool_size => $database_min_pool_size,
+ db_max_retries => $database_db_max_retries,
+ max_retries => $database_max_retries,
+ retry_interval => $database_retry_interval,
+ max_pool_size => $database_max_pool_size,
+ max_overflow => $database_max_overflow,
+ }
+}
diff --git a/puppet-barometer/manifests/db/mysql.pp b/puppet-barometer/manifests/db/mysql.pp
new file mode 100644
index 00000000..c9284082
--- /dev/null
+++ b/puppet-barometer/manifests/db/mysql.pp
@@ -0,0 +1,69 @@
+# The barometer::db::mysql class implements mysql backend for barometer
+#
+# This class can be used to create tables, users and grant
+# privilege for a mysql barometer database.
+#
+# == parameters
+#
+# [*password*]
+# (Mandatory) Password to connect to the database.
+# Defaults to 'false'.
+#
+# [*dbname*]
+# (Optional) Name of the database.
+# Defaults to 'barometer'.
+#
+# [*user*]
+# (Optional) User to connect to the database.
+# Defaults to 'barometer'.
+#
+# [*host*]
+# (Optional) The default source host user is allowed to connect from.
+# Defaults to '127.0.0.1'
+#
+# [*allowed_hosts*]
+# (Optional) Other hosts the user is allowed to connect from.
+# Defaults to 'undef'.
+#
+# [*charset*]
+# (Optional) The database charset.
+# Defaults to 'utf8'
+#
+# [*collate*]
+# (Optional) The database collate.
+# Only used with mysql modules >= 2.2.
+# Defaults to 'utf8_general_ci'
+#
+# == Dependencies
+# Class['mysql::server']
+#
+# == Examples
+#
+# == Authors
+#
+# == Copyright
+#
+class barometer::db::mysql(
+ $password,
+ $dbname = 'barometer',
+ $user = 'barometer',
+ $host = '127.0.0.1',
+ $charset = 'utf8',
+ $collate = 'utf8_general_ci',
+ $allowed_hosts = undef
+) {
+
+ validate_string($password)
+
+ ::openstacklib::db::mysql { 'barometer':
+ user => $user,
+ password_hash => mysql_password($password),
+ dbname => $dbname,
+ host => $host,
+ charset => $charset,
+ collate => $collate,
+ allowed_hosts => $allowed_hosts,
+ }
+
+ ::Openstacklib::Db::Mysql['barometer'] ~> Exec<| title == 'barometer-manage db_sync' |>
+}
diff --git a/puppet-barometer/manifests/db/postgresql.pp b/puppet-barometer/manifests/db/postgresql.pp
new file mode 100644
index 00000000..35d9b58b
--- /dev/null
+++ b/puppet-barometer/manifests/db/postgresql.pp
@@ -0,0 +1,55 @@
+# == Class: barometer::db::postgresql
+#
+# Class that configures postgresql for barometer
+# Requires the Puppetlabs postgresql module.
+#
+# === Parameters
+#
+# [*password*]
+# (Required) Password to connect to the database.
+#
+# [*dbname*]
+# (Optional) Name of the database.
+# Defaults to 'barometer'.
+#
+# [*user*]
+# (Optional) User to connect to the database.
+# Defaults to 'barometer'.
+#
+# [*encoding*]
+# (Optional) The charset to use for the database.
+# Default to undef.
+#
+# [*privileges*]
+# (Optional) Privileges given to the database user.
+# Default to 'ALL'
+#
+# == Dependencies
+#
+# == Examples
+#
+# == Authors
+#
+# == Copyright
+#
+class barometer::db::postgresql(
+ $password,
+ $dbname = 'barometer',
+ $user = 'barometer',
+ $encoding = undef,
+ $privileges = 'ALL',
+) {
+
+ Class['barometer::db::postgresql'] -> Service<| title == 'barometer' |>
+
+ ::openstacklib::db::postgresql { 'barometer':
+ password_hash => postgresql_password($user, $password),
+ dbname => $dbname,
+ user => $user,
+ encoding => $encoding,
+ privileges => $privileges,
+ }
+
+ ::Openstacklib::Db::Postgresql['barometer'] ~> Exec<| title == 'barometer-manage db_sync' |>
+
+}
diff --git a/puppet-barometer/manifests/db/sync.pp b/puppet-barometer/manifests/db/sync.pp
new file mode 100644
index 00000000..6a67bf2f
--- /dev/null
+++ b/puppet-barometer/manifests/db/sync.pp
@@ -0,0 +1,26 @@
+#
+# Class to execute barometer-manage db_sync
+#
+# == Parameters
+#
+# [*extra_params*]
+# (optional) String of extra command line parameters to append
+# to the barometer-dbsync command.
+# Defaults to undef
+#
+class barometer::db::sync(
+ $extra_params = undef,
+) {
+ exec { 'barometer-db-sync':
+ command => "barometer-manage db_sync ${extra_params}",
+ path => [ '/bin', '/usr/bin', ],
+ user => 'barometer',
+ refreshonly => true,
+ try_sleep => 5,
+ tries => 10,
+ logoutput => on_failure,
+ subscribe => [Package['barometer'], Barometer_config['database/connection']],
+ }
+
+ Exec['barometer-manage db_sync'] ~> Service<| title == 'barometer' |>
+}
diff --git a/puppet-barometer/manifests/init.pp b/puppet-barometer/manifests/init.pp
new file mode 100644
index 00000000..c3c4e402
--- /dev/null
+++ b/puppet-barometer/manifests/init.pp
@@ -0,0 +1,14 @@
+# == Class: barometer
+#
+# Full description of class barometer here.
+#
+# === Parameters
+#
+# [*sample_parameter*]
+# Explanation of what this parameter affects and what it defaults to.
+#
+class barometer {
+
+ include ::barometer::params
+
+}
diff --git a/puppet-barometer/manifests/keystone/auth.pp b/puppet-barometer/manifests/keystone/auth.pp
new file mode 100644
index 00000000..655b2c60
--- /dev/null
+++ b/puppet-barometer/manifests/keystone/auth.pp
@@ -0,0 +1,99 @@
+# == Class: barometer::keystone::auth
+#
+# Configures barometer user, service and endpoint in Keystone.
+#
+# === Parameters
+#
+# [*password*]
+# (required) Password for barometer user.
+#
+# [*ensure*]
+# (optional) Ensure state of keystone service identity. Defaults to 'present'.
+#
+# [*auth_name*]
+# Username for barometer service. Defaults to 'barometer'.
+#
+# [*email*]
+# Email for barometer user. Defaults to 'barometer@localhost'.
+#
+# [*tenant*]
+# Tenant for barometer user. Defaults to 'services'.
+#
+# [*configure_endpoint*]
+# Should barometer endpoint be configured? Defaults to 'true'.
+#
+# [*configure_user*]
+# (Optional) Should the service user be configured?
+# Defaults to 'true'.
+#
+# [*configure_user_role*]
+# (Optional) Should the admin role be configured for the service user?
+# Defaults to 'true'.
+#
+# [*service_type*]
+# Type of service. Defaults to 'key-manager'.
+#
+# [*region*]
+# Region for endpoint. Defaults to 'RegionOne'.
+#
+# [*service_name*]
+# (optional) Name of the service.
+# Defaults to the value of 'barometer'.
+#
+# [*service_description*]
+# (optional) Description of the service.
+# Default to 'barometer NFV Service'
+#
+# [*public_url*]
+# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:9890')
+# This url should *not* contain any trailing '/'.
+#
+# [*admin_url*]
+# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:9890')
+# This url should *not* contain any trailing '/'.
+#
+# [*internal_url*]
+# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:9890')
+#
+class barometer::keystone::auth (
+ $password,
+ $ensure = 'present',
+ $auth_name = 'barometer',
+ $email = 'barometer@localhost',
+ $tenant = 'services',
+ $configure_endpoint = true,
+ $configure_user = true,
+ $configure_user_role = true,
+ $service_name = 'barometer',
+ $service_description = 'barometer NFV Service',
+ $service_type = 'nfv-orchestration',
+ $region = 'RegionOne',
+ $public_url = 'http://127.0.0.1:9890',
+ $admin_url = 'http://127.0.0.1:9890',
+ $internal_url = 'http://127.0.0.1:9890',
+) {
+
+ if $configure_user_role {
+ Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'barometer-server' |>
+ }
+ Keystone_endpoint["${region}/${service_name}::${service_type}"] ~> Service <| name == 'barometer-server' |>
+
+ keystone::resource::service_identity { 'barometer':
+ ensure => $ensure,
+ configure_user => $configure_user,
+ configure_user_role => $configure_user_role,
+ configure_endpoint => $configure_endpoint,
+ service_name => $service_name,
+ service_type => $service_type,
+ service_description => $service_description,
+ region => $region,
+ auth_name => $auth_name,
+ password => $password,
+ email => $email,
+ tenant => $tenant,
+ public_url => $public_url,
+ internal_url => $internal_url,
+ admin_url => $admin_url,
+ }
+
+}
diff --git a/puppet-barometer/manifests/keystone/authtoken.pp b/puppet-barometer/manifests/keystone/authtoken.pp
new file mode 100644
index 00000000..b9d3d007
--- /dev/null
+++ b/puppet-barometer/manifests/keystone/authtoken.pp
@@ -0,0 +1,263 @@
+# class: barometer::keystone::auth
+#
+# Configure the keystone_authtoken section in the configuration file
+#
+# === Parameters
+#
+# [*username*]
+# (Optional) The name of the service user
+# Defaults to 'barometer'
+#
+# [*password*]
+# (Required) Password to create for the service user
+#
+# [*auth_url*]
+# (Optional) The URL to use for authentication.
+# Defaults to 'http://localhost:35357'.
+#
+# [*project_name*]
+# (Optional) Service project name
+# Defaults to 'services'
+#
+# [*user_domain_name*]
+# (Optional) Name of domain for $username
+# Defaults to $::os_service_default
+#
+# [*project_domain_name*]
+# (Optional) Name of domain for $project_name
+# Defaults to $::os_service_default
+#
+# [*insecure*]
+# (Optional) If true, explicitly allow TLS without checking server cert
+# against any certificate authorities. WARNING: not recommended. Use with
+# caution.
+# Defaults to $:os_service_default
+#
+# [*auth_section*]
+# (Optional) Config Section from which to load plugin specific options
+# Defaults to $::os_service_default.
+#
+# [*auth_type*]
+# (Optional) Authentication type to load
+# Defaults to 'password'.
+#
+# [*auth_uri*]
+# (Optional) Complete public Identity API endpoint.
+# Defaults to 'http://localhost:5000'.
+#
+# [*auth_version*]
+# (Optional) API version of the admin Identity API endpoint.
+# Defaults to $::os_service_default.
+#
+# [*cache*]
+# (Optional) Env key for the swift cache.
+# Defaults to $::os_service_default.
+#
+# [*cafile*]
+# (Optional) A PEM encoded Certificate Authority to use when verifying HTTPs
+# connections.
+# Defaults to $::os_service_default.
+#
+# [*certfile*]
+# (Optional) Required if identity server requires client certificate
+# Defaults to $::os_service_default.
+#
+# [*check_revocations_for_cached*]
+# (Optional) If true, the revocation list will be checked for cached tokens.
+# This requires that PKI tokens are configured on the identity server.
+# boolean value.
+# Defaults to $::os_service_default.
+#
+# [*delay_auth_decision*]
+# (Optional) Do not handle authorization requests within the middleware, but
+# delegate the authorization decision to downstream WSGI components. Boolean
+# value
+# Defaults to $::os_service_default.
+#
+# [*enforce_token_bind*]
+# (Optional) Used to control the use and type of token binding. Can be set
+# to: "disabled" to not check token binding. "permissive" (default) to
+# validate binding information if the bind type is of a form known to the
+# server and ignore it if not. "strict" like "permissive" but if the bind
+# type is unknown the token will be rejected. "required" any form of token
+# binding is needed to be allowed. Finally the name of a binding method that
+# must be present in tokens. String value.
+# Defaults to $::os_service_default.
+#
+# [*hash_algorithms*]
+# (Optional) Hash algorithms to use for hashing PKI tokens. This may be a
+# single algorithm or multiple. The algorithms are those supported by Python
+# standard hashlib.new(). The hashes will be tried in the order given, so put
+# the preferred one first for performance. The result of the first hash will
+# be stored in the cache. This will typically be set to multiple values only
+# while migrating from a less secure algorithm to a more secure one. Once all
+# the old tokens are expired this option should be set to a single value for
+# better performance. List value.
+# Defaults to $::os_service_default.
+#
+# [*http_connect_timeout*]
+# (Optional) Request timeout value for communicating with Identity API
+# server.
+# Defaults to $::os_service_default.
+#
+# [*http_request_max_retries*]
+# (Optional) How many times are we trying to reconnect when communicating
+# with Identity API Server. Integer value
+# Defaults to $::os_service_default.
+#
+# [*include_service_catalog*]
+# (Optional) Indicate whether to set the X-Service-Catalog header. If False,
+# middleware will not ask for service catalog on token validation and will
+# not set the X-Service-Catalog header. Boolean value.
+# Defaults to $::os_service_default.
+#
+# [*keyfile*]
+# (Optional) Required if identity server requires client certificate
+# Defaults to $::os_service_default.
+#
+# [*memcache_pool_conn_get_timeout*]
+# (Optional) Number of seconds that an operation will wait to get a memcached
+# client connection from the pool. Integer value
+# Defaults to $::os_service_default.
+#
+# [*memcache_pool_dead_retry*]
+# (Optional) Number of seconds memcached server is considered dead before it
+# is tried again. Integer value
+# Defaults to $::os_service_default.
+#
+# [*memcache_pool_maxsize*]
+# (Optional) Maximum total number of open connections to every memcached
+# server. Integer value
+# Defaults to $::os_service_default.
+#
+# [*memcache_pool_socket_timeout*]
+# (Optional) Number of seconds a connection to memcached is held unused in
+# the pool before it is closed. Integer value
+# Defaults to $::os_service_default.
+#
+# [*memcache_pool_unused_timeout*]
+# (Optional) Number of seconds a connection to memcached is held unused in
+# the pool before it is closed. Integer value
+# Defaults to $::os_service_default.
+#
+# [*memcache_secret_key*]
+# (Optional, mandatory if memcache_security_strategy is defined) This string
+# is used for key derivation.
+# Defaults to $::os_service_default.
+#
+# [*memcache_security_strategy*]
+# (Optional) If defined, indicate whether token data should be authenticated
+# or authenticated and encrypted. If MAC, token data is authenticated (with
+# HMAC) in the cache. If ENCRYPT, token data is encrypted and authenticated in the
+# cache. If the value is not one of these options or empty, auth_token will
+# raise an exception on initialization.
+# Defaults to $::os_service_default.
+#
+# [*memcache_use_advanced_pool*]
+# (Optional) Use the advanced (eventlet safe) memcached client pool. The
+# advanced pool will only work under python 2.x Boolean value
+# Defaults to $::os_service_default.
+#
+# [*memcached_servers*]
+# (Optional) Optionally specify a list of memcached server(s) to use for
+# caching. If left undefined, tokens will instead be cached in-process.
+# Defaults to $::os_service_default.
+#
+# [*manage_memcache_package*]
+# (Optional) Whether to install the python-memcache package.
+# Defaults to false.
+#
+# [*region_name*]
+# (Optional) The region in which the identity server can be found.
+# Defaults to $::os_service_default.
+#
+# [*revocation_cache_time*]
+# (Optional) Determines the frequency at which the list of revoked tokens is
+# retrieved from the Identity service (in seconds). A high number of
+# revocation events combined with a low cache duration may significantly
+# reduce performance. Only valid for PKI tokens. Integer value
+# Defaults to $::os_service_default.
+#
+# [*token_cache_time*]
+# (Optional) In order to prevent excessive effort spent validating tokens,
+# the middleware caches previously-seen tokens for a configurable duration
+# (in seconds). Set to -1 to disable caching completely. Integer value
+# Defaults to $::os_service_default.
+#
+class barometer::keystone::authtoken(
+ $password,
+ $username = 'barometer',
+ $auth_url = 'http://localhost:35357',
+ $project_name = 'services',
+ $user_domain_name = $::os_service_default,
+ $project_domain_name = $::os_service_default,
+ $insecure = $::os_service_default,
+ $auth_section = $::os_service_default,
+ $auth_type = 'password',
+ $auth_uri = 'http://localhost:5000',
+ $auth_version = $::os_service_default,
+ $cache = $::os_service_default,
+ $cafile = $::os_service_default,
+ $certfile = $::os_service_default,
+ $check_revocations_for_cached = $::os_service_default,
+ $delay_auth_decision = $::os_service_default,
+ $enforce_token_bind = $::os_service_default,
+ $hash_algorithms = $::os_service_default,
+ $http_connect_timeout = $::os_service_default,
+ $http_request_max_retries = $::os_service_default,
+ $include_service_catalog = $::os_service_default,
+ $keyfile = $::os_service_default,
+ $memcache_pool_conn_get_timeout = $::os_service_default,
+ $memcache_pool_dead_retry = $::os_service_default,
+ $memcache_pool_maxsize = $::os_service_default,
+ $memcache_pool_socket_timeout = $::os_service_default,
+ $memcache_pool_unused_timeout = $::os_service_default,
+ $memcache_secret_key = $::os_service_default,
+ $memcache_security_strategy = $::os_service_default,
+ $memcache_use_advanced_pool = $::os_service_default,
+ $memcached_servers = $::os_service_default,
+ $manage_memcache_package = false,
+ $region_name = $::os_service_default,
+ $revocation_cache_time = $::os_service_default,
+ $token_cache_time = $::os_service_default,
+) {
+
+ keystone::resource::authtoken { 'barometer_config':
+ username => $username,
+ password => $password,
+ project_name => $project_name,
+ auth_url => $auth_url,
+ auth_uri => $auth_uri,
+ auth_version => $auth_version,
+ auth_type => $auth_type,
+ auth_section => $auth_section,
+ user_domain_name => $user_domain_name,
+ project_domain_name => $project_domain_name,
+ insecure => $insecure,
+ cache => $cache,
+ cafile => $cafile,
+ certfile => $certfile,
+ check_revocations_for_cached => $check_revocations_for_cached,
+ delay_auth_decision => $delay_auth_decision,
+ enforce_token_bind => $enforce_token_bind,
+ hash_algorithms => $hash_algorithms,
+ http_connect_timeout => $http_connect_timeout,
+ http_request_max_retries => $http_request_max_retries,
+ include_service_catalog => $include_service_catalog,
+ keyfile => $keyfile,
+ memcache_pool_conn_get_timeout => $memcache_pool_conn_get_timeout,
+ memcache_pool_dead_retry => $memcache_pool_dead_retry,
+ memcache_pool_maxsize => $memcache_pool_maxsize,
+ memcache_pool_socket_timeout => $memcache_pool_socket_timeout,
+ memcache_secret_key => $memcache_secret_key,
+ memcache_security_strategy => $memcache_security_strategy,
+ memcache_use_advanced_pool => $memcache_use_advanced_pool,
+ memcache_pool_unused_timeout => $memcache_pool_unused_timeout,
+ memcached_servers => $memcached_servers,
+ manage_memcache_package => $manage_memcache_package,
+ region_name => $region_name,
+ revocation_cache_time => $revocation_cache_time,
+ token_cache_time => $token_cache_time,
+ }
+}
+
diff --git a/puppet-barometer/manifests/logging.pp b/puppet-barometer/manifests/logging.pp
new file mode 100644
index 00000000..1069ea6c
--- /dev/null
+++ b/puppet-barometer/manifests/logging.pp
@@ -0,0 +1,135 @@
+# Class barometer::logging
+#
+# barometer logging configuration
+#
+# == parameters
+#
+# [*debug*]
+# (Optional) Should the daemons log debug messages
+# Defaults to $::os_service_default
+#
+# [*use_syslog*]
+# (Optional) Use syslog for logging.
+# Defaults to $::os_service_default
+#
+# [*use_stderr*]
+# (optional) Use stderr for logging
+# Defaults to $::os_service_default
+#
+# [*syslog_log_facility*]
+# (Optional) Syslog facility to receive log lines.
+# Defaults to $::os_service_default
+#
+# [*log_dir*]
+# (optional) Directory where logs should be stored.
+# If set to boolean false, it will not log to any directory.
+# Defaults to '/var/log/barometer'.
+#
+# [*log_file*]
+# (optional) File where logs should be stored.
+# Defaults to '/var/log/barometer/barometer.log'
+#
+# [*logging_context_format_string*]
+# (optional) Format string to use for log messages with context.
+# Defaults to $::os_service_default
+# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
+# [%(request_id)s %(user_identity)s] %(instance)s%(message)s'
+#
+# [*logging_default_format_string*]
+# (optional) Format string to use for log messages without context.
+# Defaults to $::os_service_default
+# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
+# [-] %(instance)s%(message)s'
+#
+# [*logging_debug_format_suffix*]
+# (optional) Formatted data to append to log format when level is DEBUG.
+# Defaults to $::os_service_default
+# Example: '%(funcName)s %(pathname)s:%(lineno)d'
+#
+# [*logging_exception_prefix*]
+# (optional) Prefix each line of exception output with this format.
+# Defaults to $::os_service_default
+# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s'
+#
+# [*log_config_append*]
+# (optional) The name of an additional logging configuration file.
+# Defaults to $::os_service_default
+# See https://docs.python.org/2/howto/logging.html
+#
+# [*default_log_levels*]
+# (optional) Hash of logger (keys) and level (values) pairs.
+# Defaults to $::os_service_default
+# Example:
+# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN',
+# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO',
+# 'oslo.messaging' => 'INFO', 'iso8601' => 'WARN',
+# 'requests.packages.urllib3.connectionpool' => 'WARN',
+# 'urllib3.connectionpool' => 'WARN',
+# 'websocket' => 'WARN', 'barometermiddleware' => 'WARN',
+# 'routes.middleware' => 'WARN', stevedore => 'WARN' }
+#
+# [*publish_errors*]
+# (optional) Publish error events (boolean value).
+# Defaults to $::os_service_default
+#
+# [*fatal_deprecations*]
+# (optional) Make deprecations fatal (boolean value)
+# Defaults to $::os_service_default
+#
+# [*instance_format*]
+# (optional) If an instance is passed with the log message, format it
+# like this (string value).
+# Defaults to undef.
+# Example: '[instance: %(uuid)s] '
+#
+# [*instance_uuid_format*]
+# (optional) If an instance UUID is passed with the log message, format
+# it like this (string value).
+# Defaults to $::os_service_default
+# Example: instance_uuid_format='[instance: %(uuid)s] '
+#
+# [*log_date_format*]
+# (optional) Format string for %%(asctime)s in log records.
+# Defaults to $::os_service_default
+# Example: 'Y-%m-%d %H:%M:%S'
+
+class barometer::logging(
+ $use_syslog = $::os_service_default,
+ $use_stderr = $::os_service_default,
+ $syslog_log_facility = $::os_service_default,
+ $log_dir = '/var/log/barometer',
+ $log_file = '/var/log/barometer/barometer.log',
+ $debug = $::os_service_default,
+ $logging_context_format_string = $::os_service_default,
+ $logging_default_format_string = $::os_service_default,
+ $logging_debug_format_suffix = $::os_service_default,
+ $logging_exception_prefix = $::os_service_default,
+ $log_config_append = $::os_service_default,
+ $default_log_levels = $::os_service_default,
+ $publish_errors = $::os_service_default,
+ $fatal_deprecations = $::os_service_default,
+ $instance_format = $::os_service_default,
+ $instance_uuid_format = $::os_service_default,
+ $log_date_format = $::os_service_default,
+) {
+
+ oslo::log { 'barometer_config':
+ use_stderr => $use_stderr,
+ use_syslog => $use_syslog,
+ log_dir => $log_dir,
+ log_file => $log_file,
+ debug => $debug,
+ logging_context_format_string => $logging_context_format_string,
+ logging_default_format_string => $logging_default_format_string,
+ logging_debug_format_suffix => $logging_debug_format_suffix,
+ logging_exception_prefix => $logging_exception_prefix,
+ log_config_append => $log_config_append,
+ default_log_levels => $default_log_levels,
+ publish_errors => $publish_errors,
+ fatal_deprecations => $fatal_deprecations,
+ instance_format => $instance_format,
+ instance_uuid_format => $instance_uuid_format,
+ log_date_format => $log_date_format,
+ syslog_log_facility => $syslog_log_facility,
+ }
+}
diff --git a/puppet-barometer/manifests/params.pp b/puppet-barometer/manifests/params.pp
new file mode 100644
index 00000000..df09e909
--- /dev/null
+++ b/puppet-barometer/manifests/params.pp
@@ -0,0 +1,16 @@
+# Parameters for puppet-barometer
+#
+class barometer::params {
+ include ::openstacklib::defaults
+
+ case $::osfamily {
+ 'RedHat': {
+ }
+ 'Debian': {
+ }
+ default: {
+ fail("Unsupported osfamily: ${::osfamily} operatingsystem")
+ }
+
+ } # Case $::osfamily
+}
diff --git a/puppet-barometer/manifests/policy.pp b/puppet-barometer/manifests/policy.pp
new file mode 100644
index 00000000..f2011dea
--- /dev/null
+++ b/puppet-barometer/manifests/policy.pp
@@ -0,0 +1,41 @@
+# == Class: barometer::policy
+#
+# Configure the barometer policies
+#
+# === Parameters
+#
+# [*policies*]
+# (optional) Set of policies to configure for barometer
+# Example :
+# {
+# 'barometer-context_is_admin' => {
+# 'key' => 'context_is_admin',
+# 'value' => 'true'
+# },
+# 'barometer-default' => {
+# 'key' => 'default',
+# 'value' => 'rule:admin_or_owner'
+# }
+# }
+# Defaults to empty hash.
+#
+# [*policy_path*]
+# (optional) Path to the nova policy.json file
+# Defaults to /etc/barometer/policy.json
+#
+class barometer::policy (
+ $policies = {},
+ $policy_path = '/etc/barometer/policy.json',
+) {
+
+ validate_hash($policies)
+
+ Openstacklib::Policy::Base {
+ file_path => $policy_path,
+ }
+
+ create_resources('openstacklib::policy::base', $policies)
+
+ oslo::policy { 'barometer_config': policy_file => $policy_path }
+
+}
diff --git a/puppet-barometer/manifests/rdt.pp b/puppet-barometer/manifests/rdt.pp
new file mode 100644
index 00000000..ff3b9978
--- /dev/null
+++ b/puppet-barometer/manifests/rdt.pp
@@ -0,0 +1,29 @@
+# Copyright 2017 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# == Class: ::barometer::rdt
+# RDT preparation: ldconfig and load msr module
+# Create .conf
+class barometer::rdt (
+) {
+ exec { 'update linker cache':
+ path => '/usr/sbin',
+ command => 'ldconfig',
+ }
+ exec { 'load MSR module':
+ path => '/usr/sbin',
+ command => 'modprobe msr',
+ }
+}
+