summaryrefslogtreecommitdiffstats
path: root/common/puppet-opnfv/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'common/puppet-opnfv/manifests')
-rw-r--r--common/puppet-opnfv/manifests/ceph_deploy.pp102
-rw-r--r--common/puppet-opnfv/manifests/compute.pp163
-rw-r--r--common/puppet-opnfv/manifests/controller.pp135
-rw-r--r--common/puppet-opnfv/manifests/controller_networker.pp438
-rw-r--r--common/puppet-opnfv/manifests/external_net_presetup.pp102
-rw-r--r--common/puppet-opnfv/manifests/external_net_setup.pp85
-rw-r--r--common/puppet-opnfv/manifests/init.pp44
-rw-r--r--common/puppet-opnfv/manifests/network.pp77
-rw-r--r--common/puppet-opnfv/manifests/ntp.pp72
-rw-r--r--common/puppet-opnfv/manifests/odl_docker.pp50
-rw-r--r--common/puppet-opnfv/manifests/odl_service.pp24
-rw-r--r--common/puppet-opnfv/manifests/repo.pp67
-rw-r--r--common/puppet-opnfv/manifests/resolver.pp62
-rw-r--r--common/puppet-opnfv/manifests/tempest.pp27
-rw-r--r--common/puppet-opnfv/manifests/templates/dockerfile/Dockerfile82
-rw-r--r--common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/check_feature.sh18
-rw-r--r--common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/speak.sh20
-rw-r--r--common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/start_odl_docker_container.sh48
-rw-r--r--common/puppet-opnfv/manifests/templates/ntp.conf.compute.erb22
-rw-r--r--common/puppet-opnfv/manifests/templates/ntp.conf.controller.erb22
20 files changed, 1660 insertions, 0 deletions
diff --git a/common/puppet-opnfv/manifests/ceph_deploy.pp b/common/puppet-opnfv/manifests/ceph_deploy.pp
new file mode 100644
index 000000000..57202aaf7
--- /dev/null
+++ b/common/puppet-opnfv/manifests/ceph_deploy.pp
@@ -0,0 +1,102 @@
+#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#Class installs and configures a ceph cluster
+#Creates a single OSD per host and configures host as a monitor
+#Inserts authentication keyrings for volumes and images users
+#Creates OSD pools for volumes and images (needed by OpenStack)
+#Depends on puppet module: https://github.com/stackforge/puppet-ceph/
+
+class opnfv::ceph_deploy (
+ $fsid = '904c8491-5c16-4dae-9cc3-6ce633a7f4cc',
+ $osd_pool_default_pg_num = '128',
+ $osd_pool_default_size = '1',
+ $osd_pool_default_min_size = '1',
+ $mon_initial_members = '',
+ $mon_host = '',
+ $cluster_network = "10.4.8.0/21",
+ $public_network = "10.4.8.0/21",
+ $osd_journal_size = '1000',
+ $osd_ip = '',
+ $mon_key = 'AQDcvhVV+H08DBAA5/0GGcfBQxz+/eKAdbJdTQ==',
+ $admin_key = 'AQDcvhVV+H08DBAA5/0GGcfBQxz+/eKAdbJdTQ==',
+ $images_key = 'AQAfHBdUKLnUFxAAtO7WPKQZ8QfEoGqH0CLd7A==',
+ $volumes_key = 'AQAfHBdUsFPTHhAAfqVqPq31FFCvyyO7oaOQXw==',
+ $boostrap_key = 'AQDcvhVV+H08DBAA5/0GGcfBQxz+/eKAdbJdTQ==',
+) {
+
+ class { 'ceph':
+ fsid => $fsid,
+ osd_pool_default_pg_num => $osd_pool_default_pg_num,
+ osd_pool_default_size => $osd_pool_default_size,
+ osd_pool_default_min_size => $osd_pool_default_min_size,
+ mon_initial_members => $mon_initial_members,
+ mon_host => $mon_host,
+ cluster_network => $cluster_network,
+ public_network => $public_network,
+ }
+ ->
+ ceph_config {
+ 'global/osd_journal_size': value => $osd_journal_size;
+ }
+ ->
+ ceph::mon { $::hostname:
+ public_addr => $osd_ip,
+ key => $mon_key,
+ }
+
+ Ceph::Key {
+ inject => true,
+ inject_as_id => 'mon.',
+ inject_keyring => "/var/lib/ceph/mon/ceph-${::hostname}/keyring",
+ }
+
+ ceph::key { 'client.admin':
+ secret => $admin_key,
+ cap_mon => 'allow *',
+ cap_osd => 'allow *',
+ cap_mds => 'allow',
+ mode => '0644',
+ }
+ ceph::key { 'client.images':
+ secret => $images_key,
+ cap_mon => 'allow r',
+ cap_osd => 'allow class-read object_prefix rbd_children, allow rwx pool=images',
+ inject => true,
+ mode => '0644',
+ }
+
+ ceph::key { 'client.volumes':
+ secret => $volumes_key,
+ cap_mon => 'allow r',
+ cap_osd => 'allow class-read object_prefix rbd_children, allow rwx pool=volumes',
+ inject => true,
+ mode => '0644',
+ }
+ ceph::key { 'client.bootstrap-osd':
+ secret => $boostrap_key,
+ cap_mon => 'allow profile bootstrap-osd',
+ keyring_path => '/var/lib/ceph/bootstrap-osd/ceph.keyring',
+ }
+ ->
+ ceph::osd { '/osd0': }
+ ->
+ exec { 'create volumes pool':
+ command => "/usr/bin/ceph osd pool create volumes $osd_pool_default_pg_num",
+ }
+ ->
+ exec { 'create images pool':
+ command => "/usr/bin/ceph osd pool create images $osd_pool_default_pg_num",
+ }
+}
diff --git a/common/puppet-opnfv/manifests/compute.pp b/common/puppet-opnfv/manifests/compute.pp
new file mode 100644
index 000000000..0b8175762
--- /dev/null
+++ b/common/puppet-opnfv/manifests/compute.pp
@@ -0,0 +1,163 @@
+#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#Provides a manifest to configure OpenStack compute node in HA or non-HA
+#environment, with Ceph configured as Cinder backend storage.
+#ha_flag set to true will use virtual IP addresses (VIPs provided by
+#global params) as the provider to the compute node for HA
+
+class opnfv::compute {
+ if ($odl_flag != '') and str2bool($odl_flag) {
+ $ml2_mech_drivers = ['opendaylight']
+ $this_agent = 'opendaylight'
+ }
+ else {
+ $ml2_mech_drivers = ['openvswitch','l2population']
+ $this_agent = 'ovs'
+ }
+
+ ##Common Parameters
+ if !$rbd_secret_uuid { $rbd_secret_uuid = '3b519746-4021-4f72-957e-5b9d991723be' }
+ if !$private_subnet { fail('private_subnet is empty')}
+ if !$ceph_public_network { $ceph_public_network = $private_subnet }
+ if !$ceph_fsid { $ceph_fsid = '904c8491-5c16-4dae-9cc3-6ce633a7f4cc' }
+ if !$ceph_images_key { $ceph_images_key = 'AQAfHBdUKLnUFxAAtO7WPKQZ8QfEoGqH0CLd7A==' }
+ if !$ceph_osd_journal_size { $ceph_osd_journal_size = '1000' }
+ if !$ceph_osd_pool_size { $ceph_osd_pool_size = '1' }
+ if !$ceph_volumes_key { $ceph_volumes_key = 'AQAfHBdUsFPTHhAAfqVqPq31FFCvyyO7oaOQXw==' }
+
+
+ ##Most users will only care about a single user/password for all services
+ ##so lets create one variable that can be used instead of separate usernames/passwords
+ if !$single_username { $single_username = 'octopus' }
+ if !$single_password { $single_password = 'octopus' }
+
+ if !$admin_password { $admin_password = $single_password }
+ if !$neutron_db_password { $neutron_db_password = $single_password }
+ if !$neutron_user_password { $neutron_user_password = $single_password }
+
+ if !$ceilometer_user_password { $ceilometer_user_password = $single_password }
+ if !$ceilometer_metering_secret { $ceilometer_metering_secret = $single_password }
+
+ ##HA Global params
+ if $ha_flag {
+ if $private_network == '' { fail('private_network is empty') }
+ if !$keystone_private_vip { fail('keystone_private_vip is empty') }
+ if !$glance_private_vip { fail('glance_private_vip is empty') }
+ if !$nova_private_vip { fail('nova_private_vip is empty') }
+ if !$nova_db_password { $nova_db_password = $single_password }
+ if !$nova_user_password { $nova_user_password = $single_password }
+ if !$controllers_ip_array { fail('controllers_ip_array is empty') }
+ if !$controllers_hostnames_array { fail('controllers_hostnames_array is empty') }
+ $controllers_ip_array = split($controllers_ip_array, ',')
+ $controllers_hostnames_array = split($controllers_hostnames_array, ',')
+ if !$odl_control_ip { $odl_control_ip = $controllers_ip_array[0] }
+ if !$db_vip { fail('db_vip is empty') }
+ $mysql_ip = $db_vip
+ if !$amqp_vip { fail('amqp_vip is empty') }
+ $amqp_ip = $amqp_vip
+ if !$amqp_username { $amqp_username = $single_username }
+ if !$amqp_password { $amqp_password = $single_password }
+ if !$ceph_mon_initial_members { $ceph_mon_initial_members = $controllers_hostnames_array }
+ if !$ceph_mon_host { $ceph_mon_host = $controllers_ip_array }
+ if !$neutron_private_vip { fail('neutron_private_vip is empty') }
+
+ ##Find private interface
+ $ovs_tunnel_if = get_nic_from_network("$private_network")
+
+ } else {
+ ##non HA params
+ if $ovs_tunnel_if == '' { fail('ovs_tunnel_if is empty') }
+ if !$private_ip { fail('private_ip is empty') }
+ $keystone_private_vip = $private_ip
+ $glance_private_vip = $private_ip
+ $nova_private_vip = $private_ip
+ $neutron_private_vip = $private_ip
+ if !$nova_db_password { fail('nova_db_password is empty') }
+ if !$nova_user_password { fail('nova_user_password is empty') }
+ if !$odl_control_ip { $odl_control_ip = $private_ip }
+ if !$mysql_ip { $mysql_ip = $private_ip }
+ if !$amqp_ip { $amqp_ip = $private_ip }
+ if !$amqp_username { $amqp_username = 'guest' }
+ if !$amqp_password { $amqp_password = 'guest' }
+ if !$ceph_mon_host { $ceph_mon_host= ["$private_ip"] }
+ if !$ceph_mon_initial_members { $ceph_mon_initial_members = ["$::hostname"] }
+ }
+
+ class { "quickstack::neutron::compute":
+ auth_host => $keystone_private_vip,
+ glance_host => $glance_private_vip,
+ libvirt_images_rbd_pool => 'volumes',
+ libvirt_images_rbd_ceph_conf => '/etc/ceph/ceph.conf',
+ libvirt_inject_password => 'false',
+ libvirt_inject_key => 'false',
+ libvirt_images_type => 'rbd',
+ nova_host => $nova_private_vip,
+ nova_db_password => $nova_db_password,
+ nova_user_password => $nova_user_password,
+ private_network => '',
+ private_iface => $ovs_tunnel_if,
+ private_ip => '',
+ rbd_user => 'volumes',
+ rbd_secret_uuid => $rbd_secret_uuid,
+ network_device_mtu => $quickstack::params::network_device_mtu,
+
+ admin_password => $admin_password,
+ ssl => false,
+
+ mysql_host => $mysql_ip,
+ mysql_ca => '/etc/ipa/ca.crt',
+ amqp_host => $amqp_ip,
+ amqp_username => $amqp_username,
+ amqp_password => $amqp_password,
+
+ ceilometer => 'false',
+ ceilometer_metering_secret => $ceilometer_metering_secret,
+ ceilometer_user_password => $ceilometer_user_password,
+
+ cinder_backend_gluster => $quickstack::params::cinder_backend_gluster,
+ cinder_backend_rbd => 'true',
+ glance_backend_rbd => 'true',
+ ceph_cluster_network => $ceph_public_network,
+ ceph_fsid => $ceph_fsid,
+ ceph_images_key => $ceph_images_key,
+ ceph_mon_host => $ceph_mon_host,
+ ceph_mon_initial_members => $ceph_mon_initial_members,
+ ceph_osd_pool_default_size => $ceph_osd_pool_size,
+ ceph_osd_journal_size => $ceph_osd_journal_size,
+ ceph_volumes_key => $ceph_volumes_key,
+
+ agent_type => $this_agent,
+ enable_tunneling => true,
+
+ ml2_mechanism_drivers => $ml2_mech_drivers,
+ odl_controller_ip => $odl_control_ip,
+
+ neutron_db_password => $neutron_db_password,
+ neutron_user_password => $neutron_user_password,
+ neutron_host => $neutron_private_vip,
+
+ ovs_tunnel_iface => $ovs_tunnel_if,
+ ovs_tunnel_network => '',
+ ovs_l2_population => 'false',
+
+ tenant_network_type => 'vxlan',
+ tunnel_id_ranges => '1:1000',
+ ovs_tunnel_types => ['vxlan'],
+
+ verbose => 'true',
+ security_group_api => 'neutron',
+
+ }
+}
diff --git a/common/puppet-opnfv/manifests/controller.pp b/common/puppet-opnfv/manifests/controller.pp
new file mode 100644
index 000000000..97b01813f
--- /dev/null
+++ b/common/puppet-opnfv/manifests/controller.pp
@@ -0,0 +1,135 @@
+#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+class opnfv::controller {
+ ###use 8081 as a default work around swift service
+ if $odl_rest_port == '' {$odl_rest_port = '8081'}
+
+ if ($odl_flag != '') and str2bool($odl_flag) {
+ $ml2_mech_drivers = ['opendaylight']
+ }
+ else {
+ $ml2_mech_drivers = ['openvswitch','l2population']
+ }
+
+
+ if $admin_email == '' { fail('admin_email is empty') }
+ if $admin_password == '' { fail('admin_password is empty') }
+
+ if $public_ip == '' { fail('public_ip is empty') }
+ if $private_ip == '' { fail('private_ip is empty') }
+
+ if $odl_control_ip == '' { fail('odl_controL_ip is empty, should be the IP of your network node private interface') }
+
+ if $mysql_ip == '' { fail('mysql_ip is empty') }
+ if $mysql_root_password == '' { fail('mysql_root_password is empty') }
+ if $amqp_ip == '' { fail('amqp_ip is empty') }
+
+ if $memcache_ip == '' { fail('memcache_ip is empty') }
+ if $neutron_ip == '' { fail('neutron_ip is empty') }
+
+ if $keystone_admin_token == '' { fail('keystone_admin_token is empty') }
+ if $keystone_db_password == '' { fail('keystone_db_password is empty') }
+
+ if $horizon_secret_key == '' { fail('horizon_secret_key is empty') }
+ #if $trystack_db_password == '' { fail('trystack_db_password is empty') }
+
+ if $nova_user_password == '' { fail('nova_user_password is empty') }
+ if $nova_db_password == '' { fail('nova_db_password is empty') }
+
+ if $cinder_user_password == '' { fail('cinder_user_password is empty') }
+ if $cinder_db_password == '' { fail('cinder_db_password is empty') }
+
+ if $glance_user_password == '' { fail('glance_user_password is empty') }
+ if $glance_db_password == '' { fail('glance_db_password is empty') }
+
+ if $neutron_user_password == '' { fail('neutron_user_password is empty') }
+ if $neutron_db_password == '' { fail('neutron_db_password is empty') }
+ if $neutron_metadata_shared_secret == '' { fail('neutron_metadata_shared_secret is empty') }
+
+ if $ceilometer_user_password == '' { fail('ceilometer_user_password is empty') }
+ if $ceilometer_metering_secret == '' { fail('ceilometer_user_password is empty') }
+
+ if $heat_user_password == '' { fail('heat_user_password is empty') }
+ if $heat_db_password == '' { fail('heat_db_password is empty') }
+ if $heat_auth_encrypt_key == '' { fail('heat_auth_encrypt_key is empty') }
+
+ if $swift_user_password == '' { fail('swift_user_password is empty') }
+ if $swift_shared_secret == '' { fail('swift_shared_secret is empty') }
+ if $swift_admin_password == '' { fail('swift_admin_password is empty') }
+
+ class { "quickstack::neutron::controller":
+ admin_email => $admin_email,
+ admin_password => $admin_password,
+ controller_admin_host => $private_ip,
+ controller_priv_host => $private_ip,
+ controller_pub_host => $public_ip,
+ ssl => false,
+ #support_profile => $quickstack::params::support_profile,
+ #freeipa => $quickstack::params::freeipa,
+
+ mysql_host => $mysql_ip,
+ mysql_root_password => $mysql_root_password,
+ #amqp_provider => $amqp_provider,
+ amqp_host => $amqp_ip,
+ amqp_username => 'guest',
+ amqp_password => 'guest',
+ #amqp_nssdb_password => $quickstack::params::amqp_nssdb_password,
+
+ keystone_admin_token => $keystone_admin_token,
+ keystone_db_password => $keystone_db_password,
+
+ ceilometer_metering_secret => $ceilometer_metering_secret,
+ ceilometer_user_password => $ceilometer_user_password,
+
+ cinder_backend_gluster => $quickstack::params::cinder_backend_gluster,
+ cinder_backend_gluster_name => $quickstack::params::cinder_backend_gluster_name,
+ cinder_gluster_shares => $quickstack::params::cinder_gluster_shares,
+ cinder_user_password => $cinder_user_password,
+ cinder_db_password => $cinder_db_password,
+
+ glance_db_password => $glance_db_password,
+ glance_user_password => $glance_user_password,
+
+ heat_cfn => true,
+ heat_cloudwatch => true,
+ heat_db_password => $heat_db_password,
+ heat_user_password => $heat_user_password,
+ heat_auth_encrypt_key => $heat_auth_encrypt_key,
+
+ horizon_secret_key => $horizon_secret_key,
+ horizon_ca => $quickstack::params::horizon_ca,
+ horizon_cert => $quickstack::params::horizon_cert,
+ horizon_key => $quickstack::params::horizon_key,
+
+ ml2_mechanism_drivers => $ml2_mech_drivers,
+ #neutron => true,
+ neutron_metadata_proxy_secret => $neutron_metadata_shared_secret,
+ neutron_db_password => $neutron_db_password,
+ neutron_user_password => $neutron_user_password,
+
+ nova_db_password => $nova_db_password,
+ nova_user_password => $nova_user_password,
+ odl_controller_ip => $odl_control_ip,
+ odl_controller_port => $odl_rest_port,
+
+ swift_shared_secret => $swift_shared_secret,
+ swift_admin_password => $swift_admin_password,
+ swift_ringserver_ip => '192.168.203.1',
+ swift_storage_ips => ["192.168.203.2","192.168.203.3","192.168.203.4"],
+ swift_storage_device => 'device1',
+ }
+
+}
diff --git a/common/puppet-opnfv/manifests/controller_networker.pp b/common/puppet-opnfv/manifests/controller_networker.pp
new file mode 100644
index 000000000..157bc8f24
--- /dev/null
+++ b/common/puppet-opnfv/manifests/controller_networker.pp
@@ -0,0 +1,438 @@
+#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#Provides HA or non-HA setup for OpenStack Controller with ODL integration
+#Mandatory common and HA variables are needed to setup each Controller
+#ha_flag set to true will provide OpenStack HA of the following services:
+#rabbitmq, galera mariadb, keystone, glance, nova, cinder, horizon, neutron
+#includes all sub-services of those features (i.e. neutron-server, neutron-lg-agent, etc)
+
+class opnfv::controller_networker {
+ if $odl_rest_port == '' { $odl_rest_port= '8081'}
+ if ($odl_flag != '') and str2bool($odl_flag) {
+ $ml2_mech_drivers = ['opendaylight']
+ $this_agent = 'opendaylight'
+ } else {
+ $ml2_mech_drivers = ['openvswitch','l2population']
+ $this_agent = 'ovs'
+ }
+
+ ##Mandatory Common variables
+ if $admin_email == '' { fail('admin_email is empty') }
+
+ ##Most users will only care about a single user/password for all services
+ ##so lets create one variable that can be used instead of separate usernames/passwords
+ if !$single_username { $single_username = 'octopus' }
+ if !$single_password { $single_password = 'octopus' }
+
+ if !$keystone_admin_token { $keystone_admin_token = $single_password }
+ if !$neutron_metadata_shared_secret { $neutron_metadata_shared_secret = $single_password }
+ if !$mysql_root_password { $mysql_root_password = $single_password }
+ if !$admin_password { $admin_password = $single_password }
+
+ ##Check for HA, if not leave old functionality alone
+ if $ha_flag and str2bool($ha_flag) {
+ ##Mandatory HA variables
+ if !$controllers_ip_array { fail('controllers_ip_array is empty') }
+ $controllers_ip_array_str = $controllers_ip_array
+ $controllers_ip_array = split($controllers_ip_array, ',')
+ if !$controllers_hostnames_array { fail('controllers_hostnames_array is empty') }
+ $controllers_hostnames_array_str = $controllers_hostnames_array
+ $controllers_hostnames_array = split($controllers_hostnames_array, ',')
+ if !$amqp_vip { fail('amqp_vip is empty') }
+ if !$private_subnet { fail('private_subnet is empty')}
+ if !$cinder_admin_vip { fail('cinder_admin_vip is empty') }
+ if !$cinder_private_vip { fail('cinder_private_vip is empty') }
+ if !$cinder_public_vip { fail('cinder_public_vip is empty') }
+ if !$db_vip { fail('db_vip is empty') }
+ if !$glance_admin_vip { fail('glance_admin_vip is empty') }
+ if !$glance_private_vip { fail('glance_private_vip is empty') }
+ if !$glance_public_vip { fail('glance_public_vip is empty') }
+ if !$horizon_admin_vip { fail('horizon_admin_vip is empty') }
+ if !$horizon_private_vip { fail('horizon_private_vip is empty') }
+ if !$horizon_public_vip { fail('horizon_public_vip is empty') }
+ if !$keystone_admin_vip { fail('keystone_admin_vip is empty') }
+ if !$keystone_private_vip { fail('keystone_private_vip is empty') }
+ if !$keystone_public_vip { fail('keystone_public_vip is empty') }
+ if !$loadbalancer_vip { fail('loadbalancer_vip is empty') }
+ if !$neutron_admin_vip { fail('neutron_admin_vip is empty') }
+ if !$neutron_private_vip { fail('neutron_private_vip is empty') }
+ if !$neutron_public_vip { fail('neutron_public_vip is empty') }
+ if !$nova_admin_vip { fail('nova_admin_vip is empty') }
+ if !$nova_private_vip { fail('nova_private_vip is empty') }
+ if !$nova_public_vip { fail('nova_public_vip is empty') }
+ if $private_network == '' { fail('private_network is empty') }
+ if !$heat_admin_vip { fail('heat_admin_vip is empty') }
+ if !$heat_private_vip { fail('heat_private_vip is empty') }
+ if !$heat_public_vip { fail('heat_public_vip is empty') }
+ if !$heat_cfn_admin_vip { fail('heat_cfn_admin_vip is empty') }
+ if !$heat_cfn_private_vip { fail('heat_cfn_private_vip is empty') }
+ if !$heat_cfn_public_vip { fail('heat_cfn_public_vip is empty') }
+
+ ##Find private interface
+ $ovs_tunnel_if = get_nic_from_network("$private_network")
+
+ ##Optional HA variables
+ if !$amqp_username { $amqp_username = $single_username }
+ if !$amqp_password { $amqp_password = $single_password }
+ if !$ceph_fsid { $ceph_fsid = '904c8491-5c16-4dae-9cc3-6ce633a7f4cc' }
+ if !$ceph_images_key { $ceph_images_key = 'AQAfHBdUKLnUFxAAtO7WPKQZ8QfEoGqH0CLd7A==' }
+ if !$ceph_mon_host { $ceph_mon_host= $controllers_ip_array }
+ if !$ceph_mon_initial_members { $ceph_mon_initial_members = $controllers_hostnames_array}
+ if !$ceph_osd_journal_size { $ceph_osd_journal_size = '1000' }
+ if !$ceph_osd_pool_size { $ceph_osd_pool_size = '1' }
+ if !$ceph_public_network { $ceph_public_network = $private_subnet }
+ if !$ceph_volumes_key { $ceph_volumes_key = 'AQAfHBdUsFPTHhAAfqVqPq31FFCvyyO7oaOQXw==' }
+ if !$cinder_db_password { $cinder_db_password = $single_password }
+ if !$cinder_user_password { $cinder_user_password = $single_password }
+ if !$cluster_control_ip { $cluster_control_ip = $controllers_ip_array[0] }
+ if !$horizon_secret { $horizon_secret = $single_password }
+ if !$glance_db_password { $glance_db_password = $single_password }
+ if !$glance_user_password { $glance_user_password = $single_password }
+ if !$keystone_db_password { $keystone_db_password = $single_password }
+ if !$keystone_user_password { $keystone_user_password = $single_password }
+ if !$lb_backend_server_addrs { $lb_backend_server_addrs = $controllers_ip_array }
+ if !$lb_backend_server_names { $lb_backend_server_names = $controllers_hostnames_array }
+ if !$neutron_db_password { $neutron_db_password = $single_password }
+ if !$neutron_user_password { $neutron_user_password = $single_password }
+ if !$neutron_metadata_proxy_secret { $neutron_metadata_proxy_secret = $single_password }
+ if !$nova_db_password { $nova_db_password = $single_password }
+ if !$nova_user_password { $nova_user_password = $single_password }
+ if !$pcmk_server_addrs {$pcmk_server_addrs = $controllers_ip_array}
+ if !$pcmk_server_names {$pcmk_server_names = ["pcmk-${controllers_hostnames_array[0]}", "pcmk-${controllers_hostnames_array[1]}", "pcmk-${controllers_hostnames_array[2]}"] }
+ if !$rbd_secret_uuid { $rbd_secret_uuid = '3b519746-4021-4f72-957e-5b9d991723be' }
+ if !$heat_user_password { $heat_user_password = $single_password }
+ if !$heat_db_password { $heat_db_password = $single_password }
+ if !$heat_cfn_user_password { $heat_cfn_user_password = $single_password }
+ if !$heat_auth_encryption_key { $heat_auth_encryption_key = 'octopus1octopus1' }
+ if !$storage_network {
+ $storage_iface = $ovs_tunnel_if
+ } else {
+ $storage_iface = get_nic_from_network("$storage_network")
+ }
+
+ ##we assume here that if not provided, the first controller is where ODL will reside
+ ##this is fine for now as we will replace ODL with ODL HA when it is ready
+ if $odl_control_ip == '' { $odl_control_ip = $controllers_ip_array[0] }
+
+ ###find interface ip of storage network
+ $osd_ip = find_ip("",
+ "$storage_iface",
+ "")
+
+ if ($external_network_flag != '') and str2bool($external_network_flag) {
+ class { "opnfv::external_net_presetup":
+ stage => presetup,
+ require => Class['opnfv::repo'],
+ }
+ }
+
+ class { "opnfv::ceph_deploy":
+ fsid => $ceph_fsid,
+ osd_pool_default_size => $ceph_osd_pool_size,
+ osd_journal_size => $ceph_osd_journal_size,
+ mon_initial_members => $controllers_hostnames_array_str,
+ mon_host => $controllers_ip_array_str,
+ osd_ip => $osd_ip,
+ public_network => $ceph_public_network,
+ cluster_network => $ceph_public_network,
+ images_key => $ceph_images_key,
+ volumes_key => $ceph_volumes_key,
+ }
+ ->
+ class { "quickstack::openstack_common": }
+ ->
+ class { "quickstack::pacemaker::params":
+ amqp_password => $amqp_password,
+ amqp_username => $amqp_username,
+ amqp_vip => $amqp_vip,
+ ceph_cluster_network => $private_subnet,
+ ceph_fsid => $ceph_fsid,
+ ceph_images_key => $ceph_images_key,
+ ceph_mon_host => $ceph_mon_host,
+ ceph_mon_initial_members => $ceph_mon_initial_members,
+ ceph_osd_journal_size => $ceph_osd_journal_size,
+ ceph_osd_pool_size => $ceph_osd_pool_size,
+ ceph_public_network => $ceph_public_network,
+ ceph_volumes_key => $ceph_volumes_key,
+ cinder_admin_vip => $cinder_admin_vip,
+ cinder_db_password => $cinder_db_password,
+ cinder_private_vip => $cinder_private_vip,
+ cinder_public_vip => $cinder_public_vip,
+ cinder_user_password => $cinder_user_password,
+ cluster_control_ip => $cluster_control_ip,
+ db_vip => $db_vip,
+ glance_admin_vip => $glance_admin_vip,
+ glance_db_password => $glance_db_password,
+ glance_private_vip => $glance_private_vip,
+ glance_public_vip => $glance_public_vip,
+ glance_user_password => $glance_user_password,
+ heat_auth_encryption_key => $heat_auth_encryption_key,
+ heat_cfn_admin_vip => $heat_cfn_admin_vip,
+ heat_cfn_private_vip => $heat_cfn_private_vip,
+ heat_cfn_public_vip => $heat_cfn_public_vip,
+ heat_cfn_user_password => $heat_cfn_user_password,
+ heat_cloudwatch_enabled => 'true',
+ heat_cfn_enabled => 'true',
+ heat_db_password => $heat_db_password,
+ heat_admin_vip => $heat_admin_vip,
+ heat_private_vip => $heat_private_vip,
+ heat_public_vip => $heat_public_vip,
+ heat_user_password => $heat_user_password,
+ horizon_admin_vip => $horizon_admin_vip,
+ horizon_private_vip => $horizon_private_vip,
+ horizon_public_vip => $horizon_public_vip,
+ include_ceilometer => 'false',
+ include_cinder => 'true',
+ include_glance => 'true',
+ include_heat => 'true',
+ include_horizon => 'true',
+ include_keystone => 'true',
+ include_neutron => 'true',
+ include_nosql => 'false',
+ include_nova => 'true',
+ include_swift => 'false',
+ keystone_admin_vip => $keystone_admin_vip,
+ keystone_db_password => $keystone_db_password,
+ keystone_private_vip => $keystone_private_vip,
+ keystone_public_vip => $keystone_public_vip,
+ keystone_user_password => $keystone_user_password,
+ lb_backend_server_addrs => $lb_backend_server_addrs,
+ lb_backend_server_names => $lb_backend_server_names,
+ loadbalancer_vip => $loadbalancer_vip,
+ neutron => 'true',
+ neutron_admin_vip => $neutron_admin_vip,
+ neutron_db_password => $neutron_db_password,
+ neutron_metadata_proxy_secret => $neutron_metadata_proxy_secret,
+ neutron_private_vip => $neutron_private_vip,
+ neutron_public_vip => $neutron_public_vip,
+ neutron_user_password => $neutron_user_password,
+ nova_admin_vip => $nova_admin_vip,
+ nova_db_password => $nova_db_password,
+ nova_private_vip => $nova_private_vip,
+ nova_public_vip => $nova_public_vip,
+ nova_user_password => $nova_user_password,
+ pcmk_iface => $ovs_tunnel_if,
+ pcmk_server_addrs => $pcmk_server_addrs,
+ pcmk_server_names => $pcmk_server_names,
+ private_iface => $ovs_tunnel_if,
+ }
+ ->
+ class { "quickstack::pacemaker::common": }
+ ->
+ class { "quickstack::pacemaker::load_balancer": }
+ ->
+ class { "quickstack::pacemaker::galera":
+ mysql_root_password => $mysql_root_password,
+ wsrep_cluster_members => $controllers_ip_array,
+ }
+ ->
+ class { "quickstack::pacemaker::qpid": }
+ ->
+ class { "quickstack::pacemaker::rabbitmq": }
+ ->
+ class { "quickstack::pacemaker::keystone":
+ admin_email => $admin_email,
+ admin_password => $admin_password,
+ admin_token => $keystone_admin_token,
+ cinder => 'true',
+ heat => 'true',
+ heat_cfn => 'true',
+ keystonerc => 'true',
+ use_syslog => 'true',
+ verbose => 'true',
+ }
+ ->
+ class { "quickstack::pacemaker::swift": }
+ ->
+ class { "quickstack::pacemaker::glance":
+ backend => 'rbd',
+ debug => true,
+ pcmk_fs_manage => 'false',
+ use_syslog => true,
+ verbose => true
+ }
+ ->
+ class { "quickstack::pacemaker::nova":
+ neutron_metadata_proxy_secret => $neutron_metadata_shared_secret,
+ }
+ ->
+ class { "quickstack::pacemaker::cinder":
+ backend_rbd => true,
+ rbd_secret_uuid => $rbd_secret_uuid,
+ use_syslog => true,
+ verbose => true,
+ volume => true,
+ }
+ ->
+ class { "quickstack::pacemaker::heat":
+ use_syslog => true,
+ verbose => true,
+ }
+ ->
+ class { "quickstack::pacemaker::constraints": }
+
+ class { "quickstack::pacemaker::nosql": }
+
+ class { "quickstack::pacemaker::memcached": }
+
+ class { "quickstack::pacemaker::ceilometer":
+ ceilometer_metering_secret => $single_password,
+ }
+
+ class { "quickstack::pacemaker::horizon":
+ horizon_ca => '/etc/ipa/ca.crt',
+ horizon_cert => '/etc/pki/tls/certs/PUB_HOST-horizon.crt',
+ horizon_key => '/etc/pki/tls/private/PUB_HOST-horizon.key',
+ secret_key => $horizon_secret,
+ verbose => 'true',
+ }
+
+ class { "quickstack::pacemaker::neutron":
+ agent_type => $this_agent,
+ enable_tunneling => 'true',
+ ml2_mechanism_drivers => $ml2_mech_drivers,
+ ml2_network_vlan_ranges => ["physnet1:10:50"],
+ odl_controller_ip => $odl_control_ip,
+ odl_controller_port => $odl_rest_port,
+ ovs_tunnel_iface => $ovs_tunnel_if,
+ ovs_tunnel_types => ["vxlan"],
+ verbose => 'true',
+ }
+
+ if ($external_network_flag != '') and str2bool($external_network_flag) {
+ class { "opnfv::external_net_setup": }
+ }
+
+ } else {
+ if $ovs_tunnel_if == '' { fail('ovs_tunnel_if is empty') }
+ if $public_ip == '' { fail('public_ip is empty') }
+ if $private_ip == '' { fail('private_ip is empty') }
+
+ if $odl_control_ip == '' { $odl_control_ip = $private_ip }
+
+ if $mysql_ip == '' { fail('mysql_ip is empty') }
+ if $mysql_root_password == '' { fail('mysql_root_password is empty') }
+ if $amqp_ip == '' { fail('amqp_ip is empty') }
+
+ if $memcache_ip == '' { fail('memcache_ip is empty') }
+ if $neutron_ip == '' { fail('neutron_ip is empty') }
+
+ if $keystone_db_password == '' { fail('keystone_db_password is empty') }
+
+ if $horizon_secret_key == '' { fail('horizon_secret_key is empty') }
+
+ if $nova_user_password == '' { fail('nova_user_password is empty') }
+ if $nova_db_password == '' { fail('nova_db_password is empty') }
+
+ if $cinder_user_password == '' { fail('cinder_user_password is empty') }
+ if $cinder_db_password == '' { fail('cinder_db_password is empty') }
+
+ if $glance_user_password == '' { fail('glance_user_password is empty') }
+ if $glance_db_password == '' { fail('glance_db_password is empty') }
+
+ if $neutron_user_password == '' { fail('neutron_user_password is empty') }
+ if $neutron_db_password == '' { fail('neutron_db_password is empty') }
+ if $neutron_metadata_shared_secret == '' { fail('neutron_metadata_shared_secret is empty') }
+
+ if $ceilometer_user_password == '' { fail('ceilometer_user_password is empty') }
+ if $ceilometer_metering_secret == '' { fail('ceilometer_user_password is empty') }
+
+ if $heat_user_password == '' { fail('heat_user_password is empty') }
+ if $heat_db_password == '' { fail('heat_db_password is empty') }
+ if $heat_auth_encrypt_key == '' { fail('heat_auth_encrypt_key is empty') }
+
+ if $swift_user_password == '' { fail('swift_user_password is empty') }
+ if $swift_shared_secret == '' { fail('swift_shared_secret is empty') }
+ if $swift_admin_password == '' { fail('swift_admin_password is empty') }
+
+ if !$amqp_username { $amqp_username = $single_username }
+ if !$amqp_password { $amqp_password = $single_password }
+
+
+ class { "quickstack::neutron::controller_networker":
+ admin_email => $admin_email,
+ admin_password => $admin_password,
+ agent_type => $this_agent,
+ enable_tunneling => true,
+ ovs_tunnel_iface => $ovs_tunnel_if,
+ ovs_tunnel_network => '',
+ ovs_tunnel_types => ['vxlan'],
+ ovs_l2_population => 'True',
+ external_network_bridge => 'br-ex',
+ tenant_network_type => 'vxlan',
+ tunnel_id_ranges => '1:1000',
+ controller_admin_host => $private_ip,
+ controller_priv_host => $private_ip,
+ controller_pub_host => $public_ip,
+ ssl => false,
+ #support_profile => $quickstack::params::support_profile,
+ #freeipa => $quickstack::params::freeipa,
+
+ mysql_host => $mysql_ip,
+ mysql_root_password => $mysql_root_password,
+ #amqp_provider => $amqp_provider,
+ amqp_host => $amqp_ip,
+ amqp_username => $amqp_username,
+ amqp_password => $amqp_password,
+ #amqp_nssdb_password => $quickstack::params::amqp_nssdb_password,
+
+ keystone_admin_token => $keystone_admin_token,
+ keystone_db_password => $keystone_db_password,
+
+ ceilometer_metering_secret => $ceilometer_metering_secret,
+ ceilometer_user_password => $ceilometer_user_password,
+
+ cinder_backend_gluster => $quickstack::params::cinder_backend_gluster,
+ cinder_backend_gluster_name => $quickstack::params::cinder_backend_gluster_name,
+ cinder_gluster_shares => $quickstack::params::cinder_gluster_shares,
+ cinder_user_password => $cinder_user_password,
+ cinder_db_password => $cinder_db_password,
+
+ glance_db_password => $glance_db_password,
+ glance_user_password => $glance_user_password,
+
+ heat_cfn => true,
+ heat_cloudwatch => true,
+ heat_db_password => $heat_db_password,
+ heat_user_password => $heat_user_password,
+ heat_auth_encrypt_key => $heat_auth_encrypt_key,
+
+ horizon_secret_key => $horizon_secret_key,
+ horizon_ca => $quickstack::params::horizon_ca,
+ horizon_cert => $quickstack::params::horizon_cert,
+ horizon_key => $quickstack::params::horizon_key,
+
+ ml2_mechanism_drivers => $ml2_mech_drivers,
+
+ #neutron => true,
+ neutron_metadata_proxy_secret => $neutron_metadata_shared_secret,
+ neutron_db_password => $neutron_db_password,
+ neutron_user_password => $neutron_user_password,
+
+ nova_db_password => $nova_db_password,
+ nova_user_password => $nova_user_password,
+
+ odl_controller_ip => $odl_control_ip,
+ odl_controller_port => $odl_rest_port,
+
+ swift_shared_secret => $swift_shared_secret,
+ swift_admin_password => $swift_admin_password,
+ swift_ringserver_ip => '192.168.203.1',
+ swift_storage_ips => ["192.168.203.2","192.168.203.3","192.168.203.4"],
+ swift_storage_device => 'device1',
+ }
+
+ }
+}
diff --git a/common/puppet-opnfv/manifests/external_net_presetup.pp b/common/puppet-opnfv/manifests/external_net_presetup.pp
new file mode 100644
index 000000000..b7c7c5f07
--- /dev/null
+++ b/common/puppet-opnfv/manifests/external_net_presetup.pp
@@ -0,0 +1,102 @@
+#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+class opnfv::external_net_presetup {
+
+ if $public_gateway == '' { fail('public_gateway is empty') }
+ if $public_dns == '' { fail('public_dns is empty') }
+ if $public_network == '' { fail('public_network is empty') }
+ if $public_subnet == '' { fail('public_subnet is empty') }
+ if $public_allocation_start == '' { fail('public_allocation_start is empty') }
+ if $public_allocation_end == '' { fail('public_allocation_end is empty') }
+ if !$controllers_hostnames_array { fail('controllers_hostnames_array is empty') }
+ $controllers_hostnames_array_str = $controllers_hostnames_array
+ $controllers_hostnames_array = split($controllers_hostnames_array, ',')
+
+ #find public NIC
+ $public_nic = get_nic_from_network("$public_network")
+ $public_nic_ip = get_ip_from_nic("$public_nic")
+ $public_nic_netmask = get_netmask_from_nic("$public_nic")
+
+ if ($public_nic == '') or ($public_nic_ip == '') or ($public_nic == "br-ex") or ($public_nic == "br_ex") {
+ notify {"Skipping augeas, public_nic ${public_nic}, public_nic_ip ${public_nic_ip}":}
+
+ exec {'ovs-vsctl -t 10 -- --may-exist add-br br-ex':
+ path => ["/usr/sbin/", "/usr/bin/"],
+ unless => 'ip addr show br-ex | grep "inet "',
+ before => Exec['restart-network-public-nic-ip'],
+ }
+ ~>
+ exec {'systemctl restart network':
+ path => ["/usr/sbin/", "/usr/bin/"],
+ refreshonly => 'true',
+ }
+
+ exec {'restart-network-public-nic-ip':
+ command => 'systemctl restart network',
+ path => ["/usr/sbin/", "/usr/bin/"],
+ onlyif => 'ip addr show | grep $(ip addr show br-ex | grep -Eo "inet [\.0-9]+" | cut -d " " -f2) | grep -v br-ex',
+ }
+
+ } else {
+ #reconfigure public interface to be ovsport
+ augeas { "main-$public_nic":
+ context => "/files/etc/sysconfig/network-scripts/ifcfg-$public_nic",
+ changes => [
+ "rm IPADDR",
+ "rm NETMASK",
+ "rm GATEWAY",
+ "rm DNS1",
+ "rm BOOTPROTO",
+ "rm DEFROUTE",
+ "rm IPV6_DEFROUTE",
+ "rm IPV6_PEERDNS",
+ "rm IPV6_PEERROUTES",
+ "rm PEERROUTES",
+ "set PEERDNS no",
+ "set BOOTPROTO static",
+ "set IPV6INIT no",
+ "set IPV6_AUTOCONF no",
+ "set ONBOOT yes",
+ "set TYPE OVSPort",
+ "set OVS_BRIDGE br-ex",
+ "set PROMISC yes"
+
+ ],
+ before => Class["quickstack::pacemaker::params"],
+ require => Service["openvswitch"],
+ }
+
+ ->
+ #create br-ex interface
+ file { 'external_bridge':
+ path => '/etc/sysconfig/network-scripts/ifcfg-br-ex',
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ content => template('trystack/br_ex.erb'),
+ before => Class["quickstack::pacemaker::params"],
+ }
+ ->
+ exec {'ovs-vsctl -t 10 -- --may-exist add-br br-ex':
+ path => ["/usr/sbin/", "/usr/bin/"],
+ }
+ ~>
+ exec {'systemctl restart network':
+ path => ["/usr/sbin/", "/usr/bin/"],
+ refreshonly => 'true',
+ }
+
+ }
+}
diff --git a/common/puppet-opnfv/manifests/external_net_setup.pp b/common/puppet-opnfv/manifests/external_net_setup.pp
new file mode 100644
index 000000000..af00f203e
--- /dev/null
+++ b/common/puppet-opnfv/manifests/external_net_setup.pp
@@ -0,0 +1,85 @@
+#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+class opnfv::external_net_setup {
+
+ if $public_gateway == '' { fail('public_gateway is empty') }
+ if $public_dns == '' { fail('public_dns is empty') }
+ if $public_network == '' { fail('public_network is empty') }
+ if $public_subnet == '' { fail('public_subnet is empty') }
+ if $public_allocation_start == '' { fail('public_allocation_start is empty') }
+ if $public_allocation_end == '' { fail('public_allocation_end is empty') }
+ if !$controllers_hostnames_array { fail('controllers_hostnames_array is empty') }
+ $controllers_hostnames_array_str = $controllers_hostnames_array
+ $controllers_hostnames_array = split($controllers_hostnames_array, ',')
+
+ #find public NIC
+ $public_nic = get_nic_from_network("$public_network")
+ $public_nic_ip = get_ip_from_nic("$public_nic")
+ $public_nic_netmask = get_netmask_from_nic("$public_nic")
+
+ Anchor[ 'neutron configuration anchor end' ]
+ ->
+ #update bridge-mappings to physnet1
+ file_line { 'ovs':
+ ensure => present,
+ path => '/etc/neutron/plugin.ini',
+ line => '[ovs]',
+ }
+ ->
+ #update bridge-mappings to physnet1
+ file_line { 'bridge_mapping':
+ ensure => present,
+ path => '/etc/neutron/plugin.ini',
+ line => 'bridge_mappings = physnet1:br-ex',
+ }
+ ->
+ Exec["pcs-neutron-server-set-up"]
+
+##this way we only let controller1 create the neutron resources
+##controller1 should be the active neutron-server at provisioining time
+
+ if $hostname == $controllers_hostnames_array[0] {
+ Exec["all-neutron-nodes-are-up"]
+ ->
+ neutron_network { 'provider_network':
+ ensure => present,
+ name => 'provider_network',
+ admin_state_up => true,
+ provider_network_type => flat,
+ provider_physical_network => 'physnet1',
+ router_external => true,
+ tenant_name => 'admin',
+ }
+ ->
+ neutron_subnet { 'provider_subnet':
+ ensure => present,
+ name => provider_subnet,
+ cidr => $public_subnet,
+ gateway_ip => $public_gateway,
+ allocation_pools => [ "start=${public_allocation_start},end=${public_allocation_end}" ],
+ dns_nameservers => $public_dns,
+ network_name => 'provider_network',
+ tenant_name => 'admin',
+ }
+ ->
+ neutron_router { 'provider_router':
+ ensure => present,
+ name => 'provider_router',
+ admin_state_up => true,
+ gateway_network_name => 'provider_network',
+ tenant_name => 'admin',
+ }
+ }
+}
diff --git a/common/puppet-opnfv/manifests/init.pp b/common/puppet-opnfv/manifests/init.pp
new file mode 100644
index 000000000..7b68df57a
--- /dev/null
+++ b/common/puppet-opnfv/manifests/init.pp
@@ -0,0 +1,44 @@
+#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+class opnfv {
+ if $::osfamily == 'Fuel' {
+ include opnfv::resolver
+ include opnfv::ntp
+ include opnfv::add_packages
+ include opnfv::odl_docker
+ include opnfv::opncheck
+ }
+
+ if $::osfamily == 'RedHat' {
+
+ include stdlib
+ stage { 'presetup':
+ before => Stage['setup'],
+ }
+
+ class { '::ntp':
+ stage => presetup,
+ }
+
+ class { "opnfv::repo":
+ stage => presetup,
+ }
+ ->
+ package { "python-rados":
+ ensure => latest,
+ }
+ }
+}
diff --git a/common/puppet-opnfv/manifests/network.pp b/common/puppet-opnfv/manifests/network.pp
new file mode 100644
index 000000000..91e769378
--- /dev/null
+++ b/common/puppet-opnfv/manifests/network.pp
@@ -0,0 +1,77 @@
+#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+class opnfv::network {
+ ###use 8081 as a default work around swift service
+ if $odl_rest_port == '' {$odl_rest_port = '8081'}
+
+ if ($odl_flag != '') and str2bool($odl_flag) {
+ $ml2_mech_drivers = ['opendaylight']
+ $this_agent = 'opendaylight'
+ class {"opendaylight":
+ odl_rest_port => $odl_rest_port,
+ extra_features => ['odl-base-all', 'odl-aaa-authn', 'odl-restconf', 'odl-nsf-all', 'odl-adsal-northbound', 'odl-mdsal-apidocs', 'odl-ovsdb-openstack', 'odl-ovsdb-northbound', 'odl-dlux-core'],
+ }
+ }
+ else {
+ $ml2_mech_drivers = ['openvswitch','l2population']
+ $this_agent = 'ovs'
+ }
+
+
+
+ if $ovs_tunnel_if == '' { fail('ovs_tunnel_if is empty') }
+ if $private_ip == '' { fail('private_ip is empty') }
+
+ if $odl_control_ip == '' { fail('odl_controL_ip is empty, should be the IP of your network node private interface') }
+
+ if $mysql_ip == '' { fail('mysql_ip is empty') }
+ if $amqp_ip == '' { fail('amqp_ip is empty') }
+
+ if $nova_user_password == '' { fail('nova_user_password is empty') }
+ if $nova_db_password == '' { fail('nova_db_password is empty') }
+
+ if $neutron_user_password == '' { fail('neutron_user_password is empty') }
+ if $neutron_db_password == '' { fail('neutron_db_password is empty') }
+ if $neutron_metadata_shared_secret == '' { fail('neutron_metadata_shared_secret is empty') }
+
+ class { "quickstack::neutron::networker":
+ agent_type => $this_agent,
+ neutron_metadata_proxy_secret => $neutron_metadata_shared_secret,
+ neutron_db_password => $neutron_db_password,
+ neutron_user_password => $neutron_user_password,
+ nova_db_password => $nova_db_password,
+ nova_user_password => $nova_user_password,
+
+ controller_priv_host => $private_ip,
+
+ enable_tunneling => true,
+ ovs_tunnel_iface => $ovs_tunnel_if,
+ ovs_tunnel_network => '',
+ ovs_l2_population => 'True',
+ ovs_tunnel_types => ['vxlan'],
+ external_network_bridge => 'br-ex',
+ tenant_network_type => 'vxlan',
+ tunnel_id_ranges => '1:1000',
+
+ mysql_host => $mysql_ip,
+ amqp_host => $amqp_ip,
+ amqp_username => 'guest',
+ amqp_password => 'guest',
+
+ ml2_mechanism_drivers => $ml2_mech_drivers,
+ odl_controller_ip => $odl_control_ip,
+ }
+}
diff --git a/common/puppet-opnfv/manifests/ntp.pp b/common/puppet-opnfv/manifests/ntp.pp
new file mode 100644
index 000000000..c27175ece
--- /dev/null
+++ b/common/puppet-opnfv/manifests/ntp.pp
@@ -0,0 +1,72 @@
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# stefan.k.berg@ericsson.com
+# jonas.bjurel@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+# Class: Ntp
+#
+# Add Ntp content passed through astute.yaml into ntp.conf depending on the role
+#
+# Suitable yaml content:
+# <begin>
+# opnfv:
+# ntp:
+# controller: |
+# line 1
+# line 2
+# compute: |
+# line 1
+# line 2
+# <end>
+#
+#
+#
+
+class opnfv::ntp(
+ $file='/etc/ntp.conf'
+) {
+
+ if $::fuel_settings['role'] {
+ if ($::fuel_settings['opnfv'] and
+ $::fuel_settings['opnfv']['ntp']) {
+ case $::fuel_settings['role'] {
+ /controller/: {
+ if $::fuel_settings['opnfv']['ntp']['controller'] {
+ $template = 'opnfv/ntp.conf.controller.erb'
+ $file_content = $::fuel_settings['opnfv']['ntp']['controller']
+ }
+ }
+ /compute/: {
+ if $::fuel_settings['opnfv']['ntp']['compute'] {
+ $template = 'opnfv/ntp.conf.compute.erb'
+ $file_content = $::fuel_settings['opnfv']['ntp']['compute']
+ }
+ }
+ }
+ }
+ }
+
+ if $file_content {
+ package { 'ntp':
+ ensure => installed,
+ }
+
+ file { $file:
+ content => template($template),
+ notify => Service['ntp'],
+ }
+
+ service { 'ntp':
+ ensure => running,
+ enable => true,
+ require => [ Package['ntp'], File[$file]]
+ }
+ }
+}
+
+
diff --git a/common/puppet-opnfv/manifests/odl_docker.pp b/common/puppet-opnfv/manifests/odl_docker.pp
new file mode 100644
index 000000000..6e70ba077
--- /dev/null
+++ b/common/puppet-opnfv/manifests/odl_docker.pp
@@ -0,0 +1,50 @@
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# daniel.smith@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+class opnfv::odl_docker
+{
+ case $::fuel_settings['role'] {
+ /controller/: {
+
+ file { "/opt":
+ ensure => "directory",
+ }
+
+ file { "/opt/opnfv":
+ ensure => "directory",
+ owner => "root",
+ group => "root",
+ mode => 777,
+ }
+
+ file { "/opt/opnfv/odl":
+ ensure => "directory",
+ }
+
+ file { "/opt/opnfv/odl/odl_docker_image.tar":
+ ensure => present,
+ source => "/etc/puppet/modules/opnfv/odl_docker/odl_docker_image.tar",
+ mode => 750,
+ }
+
+ file { "/opt/opnfv/odl/docker-latest":
+ ensure => present,
+ source => "/etc/puppet/modules/opnfv/odl_docker/docker-latest",
+ mode => 750,
+ }
+
+ file { "/opt/opnfv/odl/start_odl_conatiner.sh":
+ ensure => present,
+ source => "/etc/puppet/modules/opnfv/scripts/start_odl_container.sh",
+ mode => 750,
+ }
+ }
+ }
+}
+
diff --git a/common/puppet-opnfv/manifests/odl_service.pp b/common/puppet-opnfv/manifests/odl_service.pp
new file mode 100644
index 000000000..bbe8218f8
--- /dev/null
+++ b/common/puppet-opnfv/manifests/odl_service.pp
@@ -0,0 +1,24 @@
+#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#Class installs opendaylight with a default rest port of 8081
+#This is to work around OpenStack Swift which also uses common port 8080
+
+class opnfv::odl_service {
+ if !$odl_rest_port { $odl_rest_port = '8081'}
+ class {"opendaylight":
+ extra_features => ['odl-base-all', 'odl-aaa-authn', 'odl-restconf', 'odl-nsf-all', 'odl-adsal-northbound', 'odl-mdsal-apidocs', 'odl-ovsdb-openstack', 'odl-ovsdb-northbound', 'odl-dlux-core'],
+ odl_rest_port => $odl_rest_port,
+ }
+}
diff --git a/common/puppet-opnfv/manifests/repo.pp b/common/puppet-opnfv/manifests/repo.pp
new file mode 100644
index 000000000..fe8930565
--- /dev/null
+++ b/common/puppet-opnfv/manifests/repo.pp
@@ -0,0 +1,67 @@
+#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+class opnfv::repo {
+ if $::osfamily == 'RedHat' {
+ if $proxy_address != '' {
+ $myline= "proxy=${proxy_address}"
+ include stdlib
+ file_line { 'yumProxy':
+ ensure => present,
+ path => '/etc/yum.conf',
+ line => $myline,
+ before => Yumrepo['openstack-juno'],
+ }
+ }
+
+ yumrepo { "openstack-juno":
+ baseurl => "http://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/",
+ descr => "RDO Community repository",
+ enabled => 1,
+ gpgcheck => 0,
+ }
+
+ exec {'disable selinux':
+ command => '/usr/sbin/setenforce 0',
+ unless => '/usr/sbin/getenforce | grep Permissive',
+ }
+ ->
+ service { "network":
+ ensure => "running",
+ enable => "true",
+ hasrestart => true,
+ restart => '/usr/bin/systemctl restart network',
+ }
+ ->
+ service { 'NetworkManager':
+ ensure => "stopped",
+ enable => "false",
+ }
+ ~>
+ exec { 'restart-network-presetup':
+ command => 'systemctl restart network',
+ path => ["/usr/sbin/", "/usr/bin/"],
+ refreshonly => 'true',
+ }
+ ->
+ package { 'openvswitch':
+ ensure => installed,
+ }
+ ->
+ service {'openvswitch':
+ ensure => 'running',
+ }
+ }
+}
diff --git a/common/puppet-opnfv/manifests/resolver.pp b/common/puppet-opnfv/manifests/resolver.pp
new file mode 100644
index 000000000..2951f7e1f
--- /dev/null
+++ b/common/puppet-opnfv/manifests/resolver.pp
@@ -0,0 +1,62 @@
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# stefan.k.berg@ericsson.com
+# jonas.bjurel@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+# Class: opnfv::resolver
+#
+# Add resolver content passed through astute.yaml into resolv.conf
+# depending on the role
+#
+# Suitable yaml content:
+# <begin>
+# opnfv:
+# dns:
+# compute:
+# - 100.100.100.2
+# - 100.100.100.3
+# controller:
+# - 100.100.100.102
+# - 100.100.100.104
+# <end>
+#
+#
+#
+
+class opnfv::resolver()
+{
+ if $::fuel_settings['role'] {
+ if $::fuel_settings['role'] == 'primary-controller' {
+ $role = 'controller'
+ } else {
+ $role = $::fuel_settings['role']
+ }
+
+ if ($::fuel_settings['opnfv']
+ and $::fuel_settings['opnfv']['dns']
+ and $::fuel_settings['opnfv']['dns'][$role]) {
+ $nameservers=$::fuel_settings['opnfv']['dns'][$role]
+
+ file { '/etc/resolv.conf':
+ owner => root,
+ group => root,
+ mode => '0644',
+ content => template('opnfv/resolv.conf.erb'),
+ }
+# /etc/resolv.conf is re-generated at each boot by resolvconf, so we
+# need to store there as well.
+ file { '/etc/resolvconf/resolv.conf.d/head':
+ owner => root,
+ group => root,
+ mode => '0644',
+ content => template('opnfv/resolv.conf.erb'),
+ }
+ }
+ }
+}
+
diff --git a/common/puppet-opnfv/manifests/tempest.pp b/common/puppet-opnfv/manifests/tempest.pp
new file mode 100644
index 000000000..86f4212a9
--- /dev/null
+++ b/common/puppet-opnfv/manifests/tempest.pp
@@ -0,0 +1,27 @@
+#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+#The required package for tempest is missing in Khaleesi along with EPEL for CentOS.
+#This is a workaround for now since we require EPEL with Foreman/Puppet
+#Also is a good place to put anything additional that we wish to install on the tempest node.
+
+class opnfv::tempest {
+
+ if $::osfamily == 'RedHat' {
+ package { 'subunit-filters':
+ ensure => present,
+ }
+ }
+}
diff --git a/common/puppet-opnfv/manifests/templates/dockerfile/Dockerfile b/common/puppet-opnfv/manifests/templates/dockerfile/Dockerfile
new file mode 100644
index 000000000..80a92d8c5
--- /dev/null
+++ b/common/puppet-opnfv/manifests/templates/dockerfile/Dockerfile
@@ -0,0 +1,82 @@
+####################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# daniel.smith@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+#
+# DOCKERFILE TO CREATE ODL IN CONTAINER AND EXPOSE DLUX AND OVSDB TO ODL
+#
+#############################################################################
+
+
+#Set the base image - note: the current release of Karaf is using Jdk7 and alot of 12.04, so we will use it rather than 14.04 and backport a ton of stuff
+FROM ubuntu:12.04
+
+# Maintainer Info
+MAINTAINER Daniel Smith
+
+
+#Run apt-get update one start just to check for updates when building
+RUN echo "Updating APT"
+RUN apt-get update
+RUN echo "Adding wget"
+RUN apt-get install -y wget
+RUN apt-get install -y net-tools
+RUN apt-get install -y openjdk-7-jre
+RUN apt-get install -y openjdk-7-jdk
+RUN apt-get install -y openssh-server
+RUN apt-get install -y vim
+RUN apt-get install -y expect
+RUN apt-get install -y daemontools
+RUN mkdir -p /opt/odl_source
+RUN bash -c 'echo "export JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64" >> ~/.bashrc'
+
+
+
+#Now lets got and fetch the ODL distribution
+RUN echo "Fetching ODL"
+RUN wget https://nexus.opendaylight.org/content/groups/public/org/opendaylight/integration/distribution-karaf/0.2.3-Helium-SR3/distribution-karaf-0.2.3-Helium-SR3.tar.gz -O /opt/odl_source/distribution-karaf-0.2.3-Helium-SR3.tar.gz
+
+RUN echo "Untarring ODL inplace"
+RUN mkdir -p /opt/odl
+RUN tar zxvf /opt/odl_source/distribution-karaf-0.2.3-Helium-SR3.tar.gz -C /opt/odl
+
+RUN echo "Installing DLUX and other features into ODL"
+#COPY dockerfile/container_scripts/start_odl_docker.sh /etc/init.d/start_odl_docker.sh
+COPY container_scripts/start_odl_docker_container.sh /etc/init.d/
+COPY container_scripts/speak.sh /etc/init.d/
+#COPY dockerfile/container_scripts/speak.sh /etc/init.d/speak.sh
+RUN chmod 777 /etc/init.d/start_odl_docker_container.sh
+RUN chmod 777 /etc/init.d/speak.sh
+
+
+
+# Expose the ports
+
+# PORTS FOR BASE SYSTEM AND DLUX
+EXPOSE 8101
+EXPOSE 6633
+EXPOSE 1099
+EXPOSE 43506
+EXPOSE 8181
+EXPOSE 8185
+EXPOSE 9000
+EXPOSE 39378
+EXPOSE 33714
+EXPOSE 44444
+EXPOSE 6653
+
+# PORTS FOR OVSDB AND ODL CONTROL
+EXPOSE 12001
+EXPOSE 6640
+EXPOSE 8080
+EXPOSE 7800
+EXPOSE 55130
+EXPOSE 52150
+EXPOSE 36826
+
+# set the ENTRYPOINT - An entry point allows us to run this container as an exectuable
+CMD ["/etc/init.d/start_odl_docker_container.sh"]
diff --git a/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/check_feature.sh b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/check_feature.sh
new file mode 100644
index 000000000..533942eb3
--- /dev/null
+++ b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/check_feature.sh
@@ -0,0 +1,18 @@
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# daniel.smith@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+#!/usr/bin/expect
+spawn /opt/odl/distribution-karaf-0.2.3-Helium-SR3/bin/client
+expect "root>"
+send "feature:list | grep -i odl-restconf\r"
+send "\r\r\r"
+expect "root>"
+send "logout\r"
+
+
diff --git a/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/speak.sh b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/speak.sh
new file mode 100644
index 000000000..95bbaf4e6
--- /dev/null
+++ b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/speak.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# daniel.smith@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+#
+# Simple expect script to start up ODL client and load feature set for DLUX and OVSDB
+# NOTE: THIS WILL BE REPLACED WITH A PROGRAMATIC METHOD SHORTLY
+#################################################################################
+
+spawn /opt/odl/distribution-karaf-0.2.3-Helium-SR3/bin/client
+expect "root>"
+send "feature:install odl-base-all odl-aaa-authn odl-restconf odl-nsf-all odl-adsal-northbound odl-mdsal-apidocs odl-ovsdb-openstack odl-ovsdb-northbound odl-dlux-core"
+send "\r\r\r"
+expect "root>"
+send "logout\r"
diff --git a/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/start_odl_docker_container.sh b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/start_odl_docker_container.sh
new file mode 100644
index 000000000..8ae05f7bc
--- /dev/null
+++ b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/start_odl_docker_container.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# daniel.smith@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+#
+# Simple expect script to start up ODL client and load feature set for DLUX and OVSDB
+# NOTE: THIS WILL BE REPLACED WITH A PROGRAMATIC METHOD SHORTLY
+#################################################################################
+# Start up script for calling karaf / ODL inside a docker container.
+#
+# This script will also call a couple expect scripts to load the feature set that we want
+
+
+#ENV
+export JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64
+
+#MAIN
+echo "Starting up the da Sheilds..."
+/opt/odl/distribution-karaf-0.2.3-Helium-SR3/bin/karaf server &
+echo "Sleeping 5 bad hack"
+sleep 10
+echo "should see stuff listening now"
+netstat -na
+echo " should see proess running for karaf"
+ps -efa
+echo " Starting the packages we want"
+/etc/init.d/speak.sh
+echo "Printout the status - if its right, you should see 8181 appear now"
+netstat -na
+ps -efa
+
+
+
+## This is a loop that keeps our container going currently, prinout the "status of karaf" to the docker logs every minute
+## Cheap - but effective
+while true;
+do
+ echo "Checking status of ODL:"
+ /opt/odl/distribution-karaf-0.2.3-Helium-SR3/bin/status
+ sleep 60
+done
+
+
diff --git a/common/puppet-opnfv/manifests/templates/ntp.conf.compute.erb b/common/puppet-opnfv/manifests/templates/ntp.conf.compute.erb
new file mode 100644
index 000000000..ac6529314
--- /dev/null
+++ b/common/puppet-opnfv/manifests/templates/ntp.conf.compute.erb
@@ -0,0 +1,22 @@
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# stefan.k.berg@ericsson.com
+# jonas.bjurel@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+tinker panic 0
+driftfile /var/lib/ntp/ntp.drift
+statistics loopstats peerstats clockstats
+filegen loopstats file loopstats type day enable
+filegen peerstats file peerstats type day enable
+filegen clockstats file clockstats type day enable
+restrict -4 default kod notrap nomodify nopeer noquery
+restrict -6 default kod notrap nomodify nopeer noquery
+restrict 127.0.0.1
+restrict ::1
+<%= @file_content %>
+
diff --git a/common/puppet-opnfv/manifests/templates/ntp.conf.controller.erb b/common/puppet-opnfv/manifests/templates/ntp.conf.controller.erb
new file mode 100644
index 000000000..ac6529314
--- /dev/null
+++ b/common/puppet-opnfv/manifests/templates/ntp.conf.controller.erb
@@ -0,0 +1,22 @@
+##############################################################################
+# Copyright (c) 2015 Ericsson AB and others.
+# stefan.k.berg@ericsson.com
+# jonas.bjurel@ericsson.com
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+tinker panic 0
+driftfile /var/lib/ntp/ntp.drift
+statistics loopstats peerstats clockstats
+filegen loopstats file loopstats type day enable
+filegen peerstats file peerstats type day enable
+filegen clockstats file clockstats type day enable
+restrict -4 default kod notrap nomodify nopeer noquery
+restrict -6 default kod notrap nomodify nopeer noquery
+restrict 127.0.0.1
+restrict ::1
+<%= @file_content %>
+