starlingx
/
config
Code Issues Proposed changes
config/puppet-manifests/src/modules/openstack/manifests/neutron.pp

334 lines
8.3 KiB
Puppet
Raw Blame History

class openstack::neutron::params (
$api_port = 9696,
$bgp_port = 179,
$region_name = undef,
$service_name = 'openstack-neutron',
$bgp_router_id = undef,
$service_create = false,
$configure_endpoint = true,
$tunnel_csum = undef,
) { }
class openstack::neutron
inherits ::openstack::neutron::params {
include ::platform::params
include ::platform::amqp::params
include ::neutron::logging
class { '::neutron':
rabbit_use_ssl => $::platform::amqp::params::ssl_enabled,
default_transport_url => $::platform::amqp::params::transport_url,
}
}
define openstack::neutron::sdn::controller (
$transport,
$ip_address,
$port,
) {
include ::platform::params
include ::platform::network::oam::params
include ::platform::network::mgmt::params
$oam_interface = $::platform::network::oam::params::interface_name
$mgmt_subnet_network = $::platform::network::mgmt::params::subnet_network
$mgmt_subnet_prefixlen = $::platform::network::mgmt::params::subnet_prefixlen
$oam_address = $::platform::network::oam::params::controller_address
$system_type = $::platform::params::system_type
$mgmt_subnet = "${mgmt_subnet_network}/${mgmt_subnet_prefixlen}"
if $system_type == 'Standard' {
if $transport == 'tls' {
$firewall_proto_transport = 'tcp'
} else {
$firewall_proto_transport = $transport
}
platform::firewall::rule { $name:
service_name => $name,
table => 'nat',
chain => 'POSTROUTING',
proto => $firewall_proto_transport,
outiface => $oam_interface,
tosource => $oam_address,
destination => $ip_address,
host => $mgmt_subnet,
jump => 'SNAT',
}
}
}
class openstack::neutron::odl::params(
$username = undef,
$password= undef,
$url = undef,
$controller_config = {},
$port_binding_controller = undef,
) {}
class openstack::neutron::odl
inherits ::openstack::neutron::odl::params {
include ::platform::params
if $::platform::params::sdn_enabled {
create_resources('openstack::neutron::sdn::controller', $controller_config, {})
}
class {'::neutron::plugins::ml2::opendaylight':
odl_username => $username,
odl_password => $password,
odl_url => $url,
port_binding_controller => $port_binding_controller,
}
}
class openstack::neutron::bgp
inherits ::openstack::neutron::params {
if $bgp_router_id {
class {'::neutron::bgp':
bgp_router_id => $bgp_router_id,
}
class {'::neutron::services::bgpvpn':
}
exec { 'systemctl enable neutron-bgp-dragent.service':
command => "systemctl enable neutron-bgp-dragent.service",
}
exec { 'systemctl restart neutron-bgp-dragent.service':
command => "systemctl restart neutron-bgp-dragent.service",
}
file { '/etc/pmon.d/':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
}
file { "/etc/pmon.d/neutron-bgp-dragent.conf":
ensure => link,
target => "/etc/neutron/pmon/neutron-bgp-dragent.conf",
owner => 'root',
group => 'root',
}
} else {
exec { 'pmon-stop neutron-bgp-dragent':
command => "pmon-stop neutron-bgp-dragent",
} ->
exec { 'rm -f /etc/pmon.d/neutron-bgp-dragent.conf':
command => "rm -f /etc/pmon.d/neutron-bgp-dragent.conf",
} ->
exec { 'systemctl disable neutron-bgp-dragent.service':
command => "systemctl disable neutron-bgp-dragent.service",
} ->
exec { 'systemctl stop neutron-bgp-dragent.service':
command => "systemctl stop neutron-bgp-dragent.service",
}
}
}
class openstack::neutron::sfc (
$sfc_drivers = 'ovs',
$flowclassifier_drivers = 'ovs',
$sfc_quota_flow_classifier = undef,
$sfc_quota_port_chain = undef,
$sfc_quota_port_pair_group = undef,
$sfc_quota_port_pair = undef,
) inherits ::openstack::neutron::params {
if $sfc_drivers {
class {'::neutron::sfc':
sfc_drivers => $sfc_drivers,
flowclassifier_drivers => $flowclassifier_drivers,
quota_flow_classifier => $sfc_quota_flow_classifier,
quota_port_chain => $sfc_quota_port_chain,
quota_port_pair_group => $sfc_quota_port_pair_group,
quota_port_pair => $sfc_quota_port_pair,
}
}
}
class openstack::neutron::server {
include ::platform::params
if $::platform::params::init_database {
include ::neutron::db::postgresql
}
include ::neutron::plugins::ml2
include ::neutron::server::notifications
include ::neutron::keystone::authtoken
class { '::neutron::server':
api_workers => $::platform::params::eng_workers_by_2,
rpc_workers => $::platform::params::eng_workers_by_2,
sync_db => $::platform::params::init_database,
}
file { '/etc/neutron/api-paste.ini':
ensure => file,
mode => '0640',
}
Class['::neutron::server'] -> File['/etc/neutron/api-paste.ini']
include ::openstack::neutron::bgp
include ::openstack::neutron::odl
include ::openstack::neutron::sfc
}
class openstack::neutron::agents
inherits ::openstack::neutron::params {
include ::platform::kubernetes::params
if (str2bool($::disable_worker_services) or
$::platform::kubernetes::params::enabled) {
$pmon_ensure = absent
class {'::neutron::agents::l3':
enabled => false
}
class {'::neutron::agents::dhcp':
enabled => false
}
class {'::neutron::agents::metadata':
enabled => false,
}
class {'::neutron::agents::ml2::sriov':
enabled => false
}
class {'::neutron::agents::ml2::ovs':
enabled => false
}
} else {
$pmon_ensure = link
class {'::neutron::agents::metadata':
metadata_workers => $::platform::params::eng_workers_by_4
}
include ::neutron::agents::dhcp
include ::neutron::agents::l3
include ::neutron::agents::ml2::sriov
include ::neutron::agents::ml2::ovs
}
if $::platform::params::vswitch_type =~ '^ovs' {
# Ensure bridges and addresses are configured before agent is started
Platform::Vswitch::Ovs::Bridge<||> ~> Service['neutron-ovs-agent-service']
Platform::Vswitch::Ovs::Address<||> ~> Service['neutron-ovs-agent-service']
# Enable/disable tunnel checksum
neutron_agent_ovs {
'agent/tunnel_csum': value => $tunnel_csum;
}
}
file { "/etc/pmon.d/neutron-dhcp-agent.conf":
ensure => $pmon_ensure,
target => "/etc/neutron/pmon/neutron-dhcp-agent.conf",
owner => 'root',
group => 'root',
mode => '0755',
}
file { "/etc/pmon.d/neutron-metadata-agent.conf":
ensure => $pmon_ensure,
target => "/etc/neutron/pmon/neutron-metadata-agent.conf",
owner => 'root',
group => 'root',
mode => '0755',
}
file { "/etc/pmon.d/neutron-sriov-nic-agent.conf":
ensure => $pmon_ensure,
target => "/etc/neutron/pmon/neutron-sriov-nic-agent.conf",
owner => 'root',
group => 'root',
mode => '0755',
}
}
class openstack::neutron::firewall
inherits ::openstack::neutron::params {
platform::firewall::rule { 'neutron-api':
service_name => 'neutron',
ports => $api_port,
}
if $bgp_router_id {
platform::firewall::rule { 'ryu-bgp-port':
service_name => 'neutron',
ports => $bgp_port,
}
} else {
platform::firewall::rule { 'ryu-bgp-port':
service_name => 'neutron',
ports => $bgp_port,
ensure => absent
}
}
}
class openstack::neutron::haproxy
inherits ::openstack::neutron::params {
platform::haproxy::proxy { 'neutron-restapi':
server_name => 's-neutron',
public_port => $api_port,
private_port => $api_port,
}
}
class openstack::neutron::api
inherits ::openstack::neutron::params {
include ::platform::params
if ($::openstack::neutron::params::service_create and
$::platform::params::init_keystone) {
include ::neutron::keystone::auth
}
if $::openstack::neutron::params::configure_endpoint {
include ::openstack::neutron::firewall
include ::openstack::neutron::haproxy
}
}
class openstack::neutron::server::reload {
platform::sm::restart {'neutron-server': }
}
class openstack::neutron::server::runtime {
include ::openstack::neutron
include ::openstack::neutron::server
include ::openstack::neutron::firewall
class {'::openstack::neutron::server::reload':
stage => post
}
}
View Git Blame Copy Permalink