diff options
Diffstat (limited to 'common/puppet-opnfv')
-rw-r--r-- | common/puppet-opnfv/manifests/controller_networker.pp | 471 |
1 files changed, 346 insertions, 125 deletions
diff --git a/common/puppet-opnfv/manifests/controller_networker.pp b/common/puppet-opnfv/manifests/controller_networker.pp index 1c65779..c4e7423 100644 --- a/common/puppet-opnfv/manifests/controller_networker.pp +++ b/common/puppet-opnfv/manifests/controller_networker.pp @@ -11,140 +11,361 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - +# +#Provides HA or non-HA setup for OpenStack Controller with ODL integration +#Mandatory common and HA variables are needed to setup each Controller +#ha_flag set to true will provide OpenStack HA of the following services: +#rabbitmq, galera mariadb, keystone, glance, nova, cinder, horizon, neutron +#includes all sub-services of those features (i.e. neutron-server, neutron-lg-agent, etc) class opnfv::controller_networker { - ###use 8081 as a default work around swift service - if $odl_rest_port == '' {$odl_rest_port = '8081'} - + if $odl_rest_port == '' { $odl_rest_port= '8081'} if ($odl_flag != '') and str2bool($odl_flag) { $ml2_mech_drivers = ['opendaylight'] $this_agent = 'opendaylight' - class {"opendaylight": - odl_rest_port => $odl_rest_port, - extra_features => ['odl-base-all', 'odl-aaa-authn', 'odl-restconf', 'odl-nsf-all', 'odl-adsal-northbound', 'odl-mdsal-apidocs', 'odl-ovsdb-openstack', 'odl-ovsdb-northbound', 'odl-dlux-core'], - } - } - else { + } else { $ml2_mech_drivers = ['openvswitch','l2population'] $this_agent = 'ovs' } - if $ovs_tunnel_if == '' { fail('ovs_tunnel_if is empty') } + + ##Mandatory Common variables if $admin_email == '' { fail('admin_email is empty') } - if $admin_password == '' { fail('admin_password is empty') } - - if $public_ip == '' { fail('public_ip is empty') } - if $private_ip == '' { fail('private_ip is empty') } - - if $odl_control_ip == '' { $odl_control_ip = $private_ip } - - if $mysql_ip == '' { fail('mysql_ip is empty') } - if $mysql_root_password == '' { fail('mysql_root_password is empty') } - if $amqp_ip == '' { fail('amqp_ip is empty') } - - if $memcache_ip == '' { fail('memcache_ip is empty') } - if $neutron_ip == '' { fail('neutron_ip is empty') } - - if $keystone_admin_token == '' { fail('keystone_admin_token is empty') } - if $keystone_db_password == '' { fail('keystone_db_password is empty') } - - if $horizon_secret_key == '' { fail('horizon_secret_key is empty') } - #if $trystack_db_password == '' { fail('trystack_db_password is empty') } - - if $nova_user_password == '' { fail('nova_user_password is empty') } - if $nova_db_password == '' { fail('nova_db_password is empty') } - - if $cinder_user_password == '' { fail('cinder_user_password is empty') } - if $cinder_db_password == '' { fail('cinder_db_password is empty') } - - if $glance_user_password == '' { fail('glance_user_password is empty') } - if $glance_db_password == '' { fail('glance_db_password is empty') } - - if $neutron_user_password == '' { fail('neutron_user_password is empty') } - if $neutron_db_password == '' { fail('neutron_db_password is empty') } - if $neutron_metadata_shared_secret == '' { fail('neutron_metadata_shared_secret is empty') } - - if $ceilometer_user_password == '' { fail('ceilometer_user_password is empty') } - if $ceilometer_metering_secret == '' { fail('ceilometer_user_password is empty') } - - if $heat_user_password == '' { fail('heat_user_password is empty') } - if $heat_db_password == '' { fail('heat_db_password is empty') } - if $heat_auth_encrypt_key == '' { fail('heat_auth_encrypt_key is empty') } - - if $swift_user_password == '' { fail('swift_user_password is empty') } - if $swift_shared_secret == '' { fail('swift_shared_secret is empty') } - if $swift_admin_password == '' { fail('swift_admin_password is empty') } - - class { "quickstack::neutron::controller_networker": - admin_email => $admin_email, - admin_password => $admin_password, - agent_type => $this_agent, - enable_tunneling => true, - ovs_tunnel_iface => $ovs_tunnel_if, - ovs_tunnel_network => '', - ovs_tunnel_types => ['vxlan'], - ovs_l2_population => 'True', - external_network_bridge => 'br-ex', - tenant_network_type => 'vxlan', - tunnel_id_ranges => '1:1000', - controller_admin_host => $private_ip, - controller_priv_host => $private_ip, - controller_pub_host => $public_ip, - ssl => false, - #support_profile => $quickstack::params::support_profile, - #freeipa => $quickstack::params::freeipa, - - mysql_host => $mysql_ip, - mysql_root_password => $mysql_root_password, - #amqp_provider => $amqp_provider, - amqp_host => $amqp_ip, - amqp_username => 'guest', - amqp_password => 'guest', - #amqp_nssdb_password => $quickstack::params::amqp_nssdb_password, - - keystone_admin_token => $keystone_admin_token, - keystone_db_password => $keystone_db_password, - - ceilometer_metering_secret => $ceilometer_metering_secret, - ceilometer_user_password => $ceilometer_user_password, - - cinder_backend_gluster => $quickstack::params::cinder_backend_gluster, - cinder_backend_gluster_name => $quickstack::params::cinder_backend_gluster_name, - cinder_gluster_shares => $quickstack::params::cinder_gluster_shares, - cinder_user_password => $cinder_user_password, - cinder_db_password => $cinder_db_password, - - glance_db_password => $glance_db_password, - glance_user_password => $glance_user_password, - - heat_cfn => true, - heat_cloudwatch => true, - heat_db_password => $heat_db_password, - heat_user_password => $heat_user_password, - heat_auth_encrypt_key => $heat_auth_encrypt_key, - - horizon_secret_key => $horizon_secret_key, - horizon_ca => $quickstack::params::horizon_ca, - horizon_cert => $quickstack::params::horizon_cert, - horizon_key => $quickstack::params::horizon_key, + if $ovs_tunnel_if == '' { fail('ovs_tunnel_if is empty') } + + ##Most users will only care about a single user/password for all services + ##so lets create one variable that can be used instead of separate usernames/passwords + if !$single_username { $single_username = 'octopus' } + if !$single_password { $single_password = 'octopus' } + + if !$keystone_admin_token { $keystone_admin_token = $single_password } + if !$neutron_metadata_shared_secret { $neutron_metadata_shared_secret = $single_password } + if !$mysql_root_password { $mysql_root_password = $single_password } + if !$admin_password { $admin_password = $single_password } + + ##Check for HA, if not leave old functionality alone + if $ha_flag and str2bool($ha_flag) { + ##Mandatory HA variables + if !$controllers_ip_array { fail('controllers_ip_array is empty') } + $controllers_ip_array = split($controllers_ip_array, ',') + if !$controllers_hostnames_array { fail('controllers_hostnames_array is empty') } + $controllers_hostnames_array = split($controllers_hostnames_array, ',') + if !$amqp_vip { fail('amqp_vip is empty') } + if !$private_subnet { fail('private_subnet is empty')} + if !$cinder_admin_vip { fail('cinder_admin_vip is empty') } + if !$cinder_private_vip { fail('cinder_private_vip is empty') } + if !$cinder_public_vip { fail('cinder_public_vip is empty') } + if !$db_vip { fail('db_vip is empty') } + if !$glance_admin_vip { fail('glance_admin_vip is empty') } + if !$glance_private_vip { fail('glance_private_vip is empty') } + if !$glance_public_vip { fail('glance_public_vip is empty') } + if !$horizon_admin_vip { fail('horizon_admin_vip is empty') } + if !$horizon_private_vip { fail('horizon_private_vip is empty') } + if !$horizon_public_vip { fail('horizon_public_vip is empty') } + if !$keystone_admin_vip { fail('keystone_admin_vip is empty') } + if !$keystone_private_vip { fail('keystone_private_vip is empty') } + if !$keystone_public_vip { fail('keystone_public_vip is empty') } + if !$loadbalancer_vip { fail('loadbalancer_vip is empty') } + if !$neutron_admin_vip { fail('neutron_admin_vip is empty') } + if !$neutron_private_vip { fail('neutron_private_vip is empty') } + if !$neutron_public_vip { fail('neutron_public_vip is empty') } + if !$nova_admin_vip { fail('nova_admin_vip is empty') } + if !$nova_private_vip { fail('nova_private_vip is empty') } + if !$nova_public_vip { fail('nova_public_vip is empty') } + + + ##Optional HA variables + if !$amqp_username { $amqp_username = $single_username } + if !$amqp_password { $amqp_password = $single_password } + if !$ceph_fsid { $ceph_fsid = '904c8491-5c16-4dae-9cc3-6ce633a7f4cc' } + if !$ceph_images_key { $ceph_images_key = 'AQAfHBdUKLnUFxAAtO7WPKQZ8QfEoGqH0CLd7A==' } + if !$ceph_mon_host { $ceph_mon_host= $controllers_ip_array } + if !$ceph_mon_initial_members { $ceph_mon_initial_members = $controllers_hostnames_array} + if !$ceph_osd_journal_size { $ceph_osd_journal_size = '1000' } + if !$ceph_osd_pool_size { $ceph_osd_pool_size = '1' } + if !$ceph_public_network { $ceph_public_network = $private_subnet } + if !$ceph_volumes_key { $ceph_volumes_key = 'AQAfHBdUsFPTHhAAfqVqPq31FFCvyyO7oaOQXw==' } + if !$cinder_db_password { $cinder_db_password = $single_password } + if !$cinder_user_password { $cinder_user_password = $single_password } + if !$cluster_control_ip { $cluster_control_ip = $controllers_ip_array[0] } + if !$horizon_secret { $horizon_secret = $single_password } + if !$glance_db_password { $glance_db_password = $single_password } + if !$keystone_db_password { $keystone_db_password = $single_password } + if !$keystone_user_password { $keystone_user_password = $single_password } + if !$lb_backend_server_addrs { $lb_backend_server_addrs = $controllers_ip_array } + if !$lb_backend_server_names { $lb_backend_server_names = $controllers_hostnames_array } + if !$neutron_db_password { $neutron_db_password = $single_password } + if !$neutron_user_password { $neutron_user_password = $single_password } + if !$nova_db_password { $nova_db_password = $single_password } + if !$nova_user_password { $nova_user_password = $single_password } + if !$pcmk_server_addrs {$pcmk_server_addrs = $controllers_ip_array} + if !$pcmk_server_names {$pcmk_server_names = ["pcmk-${controllers_hostnames_array[0]}", "pcmk-${controllers_hostnames_array[1]}", "pcmk-${controllers_hostnames_array[2]}"] } + if !$rbd_secret_uuid { $rbd_secret_uuid = '3b519746-4021-4f72-957e-5b9d991723be' } + + ##we assume here that if not provided, the first controller is where ODL will reside + ##this is fine for now as we will replace ODL with ODL HA when it is ready + if $odl_control_ip == '' { $odl_control_ip = $controllers_ip_array[0] } + + + class { "quickstack::openstack_common": } + -> + class { "quickstack::pacemaker::params": + amqp_password => $amqp_password, + amqp_username => $amqp_username, + amqp_vip => $amqp_vip, + ceph_cluster_network => $private_subnet, + ceph_fsid => $ceph_fsid, + ceph_images_key => $ceph_images_key, + ceph_mon_host => $ceph_mon_host, + ceph_mon_initial_members => $ceph_mon_initial_members, + ceph_osd_journal_size => $ceph_osd_journal_size, + ceph_osd_pool_size => $ceph_osd_pool_size, + ceph_public_network => $ceph_public_network, + ceph_volumes_key => $ceph_volumes_key, + cinder_admin_vip => $cinder_admin_vip, + cinder_db_password => $cinder_db_password, + cinder_private_vip => $cinder_private_vip, + cinder_public_vip => $cinder_public_vip, + cinder_user_password => $cinder_user_password, + cluster_control_ip => $cluster_control_ip, + db_vip => $db_vip, + glance_admin_vip => $glance_admin_vip, + glance_db_password => $glance_db_password, + glance_private_vip => $glance_private_vip, + glance_public_vip => $glance_public_vip, + glance_user_password => $glance_user_password, + heat_cfn_enabled => 'false', + horizon_admin_vip => $horizon_admin_vip, + horizon_private_vip => $horizon_private_vip, + horizon_public_vip => $horizon_public_vip, + include_ceilometer => 'false', + include_cinder => 'true', + include_glance => 'true', + include_heat => 'false', + include_horizon => 'true', + include_keystone => 'true', + include_neutron => 'true', + include_nosql => 'false', + include_nova => 'true', + include_swift => 'false', + keystone_admin_vip => $keystone_admin_vip, + keystone_db_password => $keystone_db_password, + keystone_private_vip => $keystone_private_vip, + keystone_public_vip => $keystone_public_vip, + keystone_user_password => $keystone_user_password, + lb_backend_server_addrs => $lb_backend_server_addrs, + lb_backend_server_names => $lb_backend_server_names, + loadbalancer_vip => $loadbalancer_vip, + neutron => 'true', + neutron_admin_vip => $neutron_admin_vip, + neutron_db_password => $neutron_db_password, + neutron_metadata_proxy_secret => $neutron_metadata_proxy_secret, + neutron_private_vip => $neutron_private_vip, + neutron_public_vip => $neutron_public_vip, + neutron_user_password => $neutron_user_password, + nova_admin_vip => $nova_admin_vip, + nova_db_password => $nova_db_password, + nova_private_vip => $nova_private_vip, + nova_public_vip => $nova_public_vip, + nova_user_password => $nova_user_password, + pcmk_iface => $ovs_tunnel_if, + pcmk_server_addrs => $pcmk_server_addrs, + pcmk_server_names => $pcmk_server_names, + private_iface => $ovs_tunnel_if, + } + -> + class { "quickstack::pacemaker::common": } + -> + class { "quickstack::pacemaker::load_balancer": } + -> + class { "quickstack::pacemaker::galera": + mysql_root_password => $mysql_root_password, + wsrep_cluster_members => $controllers_ip_array, + } + -> + class { "quickstack::pacemaker::qpid": } + -> + class { "quickstack::pacemaker::rabbitmq": } + -> + class { "quickstack::pacemaker::keystone": + admin_email => $admin_email, + admin_password => $admin_password, + admin_token => $keystone_admin_token, + cinder => 'true', + heat => 'false', + heat_cfn => 'false', + keystonerc => 'true', + use_syslog => 'true', + verbose => 'true', + } + -> + class { "quickstack::pacemaker::swift": } + -> + class { "quickstack::pacemaker::glance": + backend => 'rbd', + debug => true, + pcmk_fs_manage => 'false', + use_syslog => true, + verbose => true + } + -> + class { "quickstack::pacemaker::nova": + neutron_metadata_proxy_secret => $neutron_metadata_shared_secret, + } + -> + class { "quickstack::pacemaker::cinder": + backend_rbd => true, + rbd_secret_uuid => $rbd_secret_uuid, + use_syslog => true, + verbose => true, + volume => true, + } + -> + class { "quickstack::pacemaker::heat": } + -> + class { "quickstack::pacemaker::constraints": } + + class { "quickstack::pacemaker::nosql": } + + class { "quickstack::pacemaker::memcached": } + + class { "quickstack::pacemaker::ceilometer": + ceilometer_metering_secret => $single_password, + } + + class { "quickstack::pacemaker::horizon": + horizon_ca => '/etc/ipa/ca.crt', + horizon_cert => '/etc/pki/tls/certs/PUB_HOST-horizon.crt', + horizon_key => '/etc/pki/tls/private/PUB_HOST-horizon.key', + secret_key => $horizon_secret, + verbose => 'true', + } + + class { "quickstack::pacemaker::neutron": + agent_type => $this_agent, + enable_tunneling => 'true', + ml2_mechanism_drivers => $ml2_mech_drivers, + ml2_network_vlan_ranges => ["physnet1:10:50"], + odl_controller_ip => $odl_control_ip, + odl_controller_port => $odl_rest_port, + ovs_tunnel_iface => $ovs_tunnel_if, + ovs_tunnel_types => ["vxlan"], + verbose => 'true', + } + + } else { + + if $public_ip == '' { fail('public_ip is empty') } + if $private_ip == '' { fail('private_ip is empty') } + + if $odl_control_ip == '' { $odl_control_ip = $private_ip } + + if $mysql_ip == '' { fail('mysql_ip is empty') } + if $mysql_root_password == '' { fail('mysql_root_password is empty') } + if $amqp_ip == '' { fail('amqp_ip is empty') } + + if $memcache_ip == '' { fail('memcache_ip is empty') } + if $neutron_ip == '' { fail('neutron_ip is empty') } + + if $keystone_db_password == '' { fail('keystone_db_password is empty') } + + if $horizon_secret_key == '' { fail('horizon_secret_key is empty') } + + if $nova_user_password == '' { fail('nova_user_password is empty') } + if $nova_db_password == '' { fail('nova_db_password is empty') } + + if $cinder_user_password == '' { fail('cinder_user_password is empty') } + if $cinder_db_password == '' { fail('cinder_db_password is empty') } + + if $glance_user_password == '' { fail('glance_user_password is empty') } + if $glance_db_password == '' { fail('glance_db_password is empty') } + + if $neutron_user_password == '' { fail('neutron_user_password is empty') } + if $neutron_db_password == '' { fail('neutron_db_password is empty') } + if $neutron_metadata_shared_secret == '' { fail('neutron_metadata_shared_secret is empty') } + + if $ceilometer_user_password == '' { fail('ceilometer_user_password is empty') } + if $ceilometer_metering_secret == '' { fail('ceilometer_user_password is empty') } + + if $heat_user_password == '' { fail('heat_user_password is empty') } + if $heat_db_password == '' { fail('heat_db_password is empty') } + if $heat_auth_encrypt_key == '' { fail('heat_auth_encrypt_key is empty') } + + if $swift_user_password == '' { fail('swift_user_password is empty') } + if $swift_shared_secret == '' { fail('swift_shared_secret is empty') } + if $swift_admin_password == '' { fail('swift_admin_password is empty') } + + class { "quickstack::neutron::controller_networker": + admin_email => $admin_email, + admin_password => $admin_password, + agent_type => $this_agent, + enable_tunneling => true, + ovs_tunnel_iface => $ovs_tunnel_if, + ovs_tunnel_network => '', + ovs_tunnel_types => ['vxlan'], + ovs_l2_population => 'True', + external_network_bridge => 'br-ex', + tenant_network_type => 'vxlan', + tunnel_id_ranges => '1:1000', + controller_admin_host => $private_ip, + controller_priv_host => $private_ip, + controller_pub_host => $public_ip, + ssl => false, + #support_profile => $quickstack::params::support_profile, + #freeipa => $quickstack::params::freeipa, + + mysql_host => $mysql_ip, + mysql_root_password => $mysql_root_password, + #amqp_provider => $amqp_provider, + amqp_host => $amqp_ip, + amqp_username => 'guest', + amqp_password => 'guest', + #amqp_nssdb_password => $quickstack::params::amqp_nssdb_password, + + keystone_admin_token => $keystone_admin_token, + keystone_db_password => $keystone_db_password, + + ceilometer_metering_secret => $ceilometer_metering_secret, + ceilometer_user_password => $ceilometer_user_password, + + cinder_backend_gluster => $quickstack::params::cinder_backend_gluster, + cinder_backend_gluster_name => $quickstack::params::cinder_backend_gluster_name, + cinder_gluster_shares => $quickstack::params::cinder_gluster_shares, + cinder_user_password => $cinder_user_password, + cinder_db_password => $cinder_db_password, + + glance_db_password => $glance_db_password, + glance_user_password => $glance_user_password, + + heat_cfn => true, + heat_cloudwatch => true, + heat_db_password => $heat_db_password, + heat_user_password => $heat_user_password, + heat_auth_encrypt_key => $heat_auth_encrypt_key, + + horizon_secret_key => $horizon_secret_key, + horizon_ca => $quickstack::params::horizon_ca, + horizon_cert => $quickstack::params::horizon_cert, + horizon_key => $quickstack::params::horizon_key, - ml2_mechanism_drivers => $ml2_mech_drivers, - - #neutron => true, - neutron_metadata_proxy_secret => $neutron_metadata_shared_secret, - neutron_db_password => $neutron_db_password, - neutron_user_password => $neutron_user_password, - - nova_db_password => $nova_db_password, - nova_user_password => $nova_user_password, - - odl_controller_ip => $odl_control_ip, - odl_controller_port => $odl_rest_port, - swift_shared_secret => $swift_shared_secret, - swift_admin_password => $swift_admin_password, - swift_ringserver_ip => '192.168.203.1', - swift_storage_ips => ["192.168.203.2","192.168.203.3","192.168.203.4"], - swift_storage_device => 'device1', - } + ml2_mechanism_drivers => $ml2_mech_drivers, + + #neutron => true, + neutron_metadata_proxy_secret => $neutron_metadata_shared_secret, + neutron_db_password => $neutron_db_password, + neutron_user_password => $neutron_user_password, + + nova_db_password => $nova_db_password, + nova_user_password => $nova_user_password, + odl_controller_ip => $odl_control_ip, + odl_controller_port => $odl_rest_port, + + swift_shared_secret => $swift_shared_secret, + swift_admin_password => $swift_admin_password, + swift_ringserver_ip => '192.168.203.1', + swift_storage_ips => ["192.168.203.2","192.168.203.3","192.168.203.4"], + swift_storage_device => 'device1', + } + + } } |