Remove unused puppet modules
* Remove the nova api proxy puppet module. * Remove openstack::swift puppet manifest. * Refactor openstack::nova::storage as platform::worker::storage. This requires the nova puppet code in sysinv to write to a different hiera target, and creation of /var/lib/nova. * Remove puppet modules from spec file for modules that are no longer being used. Story: 2004764 Task: 29840 Change-Id: Ifa0171b06e23fd77d373983d644df3f56ae4e2de Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
This commit is contained in:
parent
3b126c2f43
commit
37b041a04c
|
@ -12,7 +12,6 @@ puppet-manifests
|
||||||
puppet-modules-wrs/puppet-mtce
|
puppet-modules-wrs/puppet-mtce
|
||||||
puppet-modules-wrs/puppet-sshd
|
puppet-modules-wrs/puppet-sshd
|
||||||
puppet-modules-wrs/puppet-nfv
|
puppet-modules-wrs/puppet-nfv
|
||||||
puppet-modules-wrs/puppet-nova_api_proxy
|
|
||||||
puppet-modules-wrs/puppet-patching
|
puppet-modules-wrs/puppet-patching
|
||||||
puppet-modules-wrs/puppet-sysinv
|
puppet-modules-wrs/puppet-sysinv
|
||||||
puppet-modules-wrs/puppet-dcorch
|
puppet-modules-wrs/puppet-dcorch
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
SRC_DIR="src"
|
SRC_DIR="src"
|
||||||
TIS_PATCH_VER=81
|
TIS_PATCH_VER=82
|
||||||
|
|
|
@ -16,7 +16,6 @@ Requires: puppet-dcorch
|
||||||
Requires: puppet-dcmanager
|
Requires: puppet-dcmanager
|
||||||
Requires: puppet-mtce
|
Requires: puppet-mtce
|
||||||
Requires: puppet-nfv
|
Requires: puppet-nfv
|
||||||
Requires: puppet-nova_api_proxy
|
|
||||||
Requires: puppet-patching
|
Requires: puppet-patching
|
||||||
Requires: puppet-sysinv
|
Requires: puppet-sysinv
|
||||||
Requires: puppet-sshd
|
Requires: puppet-sshd
|
||||||
|
@ -24,27 +23,13 @@ Requires: puppet-smapi
|
||||||
Requires: puppet-fm
|
Requires: puppet-fm
|
||||||
|
|
||||||
# Openstack puppet modules
|
# Openstack puppet modules
|
||||||
Requires: puppet-aodh
|
|
||||||
Requires: puppet-barbican
|
Requires: puppet-barbican
|
||||||
Requires: puppet-ceilometer
|
|
||||||
Requires: puppet-ceph
|
Requires: puppet-ceph
|
||||||
Requires: puppet-cinder
|
|
||||||
Requires: puppet-glance
|
|
||||||
Requires: puppet-heat
|
|
||||||
Requires: puppet-horizon
|
Requires: puppet-horizon
|
||||||
Requires: puppet-keystone
|
Requires: puppet-keystone
|
||||||
Requires: puppet-neutron
|
|
||||||
Requires: puppet-nova
|
|
||||||
Requires: puppet-openstacklib
|
Requires: puppet-openstacklib
|
||||||
Requires: puppet-swift
|
|
||||||
Requires: puppet-tempest
|
|
||||||
Requires: puppet-vswitch
|
Requires: puppet-vswitch
|
||||||
Requires: puppet-murano
|
|
||||||
Requires: puppet-magnum
|
|
||||||
Requires: puppet-ironic
|
|
||||||
Requires: puppet-panko
|
|
||||||
Requires: puppet-memcached
|
Requires: puppet-memcached
|
||||||
Requires: puppet-gnocchi
|
|
||||||
|
|
||||||
# Puppetlabs puppet modules
|
# Puppetlabs puppet modules
|
||||||
Requires: puppet-concat
|
Requires: puppet-concat
|
||||||
|
@ -56,11 +41,8 @@ Requires: puppet-inifile
|
||||||
Requires: puppet-lvm
|
Requires: puppet-lvm
|
||||||
Requires: puppet-postgresql
|
Requires: puppet-postgresql
|
||||||
Requires: puppet-rabbitmq
|
Requires: puppet-rabbitmq
|
||||||
Requires: puppet-rsync
|
|
||||||
Requires: puppet-stdlib
|
Requires: puppet-stdlib
|
||||||
Requires: puppet-sysctl
|
Requires: puppet-sysctl
|
||||||
Requires: puppet-vcsrepo
|
|
||||||
Requires: puppet-xinetd
|
|
||||||
Requires: puppet-etcd
|
Requires: puppet-etcd
|
||||||
|
|
||||||
# 3rdparty puppet modules
|
# 3rdparty puppet modules
|
||||||
|
|
|
@ -92,9 +92,6 @@ include ::platform::dcorch::snmp
|
||||||
|
|
||||||
include ::platform::smapi
|
include ::platform::smapi
|
||||||
|
|
||||||
include ::openstack::swift
|
|
||||||
include ::openstack::swift::api
|
|
||||||
|
|
||||||
include ::openstack::barbican
|
include ::openstack::barbican
|
||||||
include ::openstack::barbican::api
|
include ::openstack::barbican::api
|
||||||
|
|
||||||
|
|
|
@ -36,7 +36,7 @@ include ::platform::kubernetes::worker
|
||||||
include ::platform::multipath
|
include ::platform::multipath
|
||||||
include ::platform::client
|
include ::platform::client
|
||||||
include ::platform::ceph::worker
|
include ::platform::ceph::worker
|
||||||
include ::openstack::nova::storage
|
include ::platform::worker::storage
|
||||||
|
|
||||||
class { '::platform::config::worker::post':
|
class { '::platform::config::worker::post':
|
||||||
stage => post,
|
stage => post,
|
||||||
|
|
|
@ -1,678 +0,0 @@
|
||||||
class openstack::nova::params (
|
|
||||||
$nova_api_port = 8774,
|
|
||||||
$nova_ec2_port = 8773,
|
|
||||||
$placement_port = 8778,
|
|
||||||
$nova_novnc_port = 6080,
|
|
||||||
$nova_serial_port = 6083,
|
|
||||||
$region_name = undef,
|
|
||||||
$service_name = 'openstack-nova',
|
|
||||||
$service_create = false,
|
|
||||||
$configure_endpoint = true,
|
|
||||||
$timeout = '55m',
|
|
||||||
) {
|
|
||||||
include ::platform::network::mgmt::params
|
|
||||||
include ::platform::network::infra::params
|
|
||||||
|
|
||||||
# migration is performed over the managemet network if configured, otherwise
|
|
||||||
# the management network is used
|
|
||||||
if $::platform::network::infra::params::interface_name {
|
|
||||||
$migration_version = $::platform::network::infra::params::subnet_version
|
|
||||||
$migration_ip = $::platform::network::infra::params::interface_address
|
|
||||||
$migration_network = $::platform::network::infra::params::subnet_network
|
|
||||||
$migration_prefixlen = $::platform::network::infra::params::subnet_prefixlen
|
|
||||||
} else {
|
|
||||||
$migration_version = $::platform::network::mgmt::params::subnet_version
|
|
||||||
$migration_ip = $::platform::network::mgmt::params::interface_address
|
|
||||||
$migration_network = $::platform::network::mgmt::params::subnet_network
|
|
||||||
$migration_prefixlen = $::platform::network::mgmt::params::subnet_prefixlen
|
|
||||||
}
|
|
||||||
|
|
||||||
# NOTE: this variable is used in the sshd_config, and therefore needs to
|
|
||||||
# match the Ruby ERB template.
|
|
||||||
$nova_migration_subnet = "${migration_network}/${migration_prefixlen}"
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova {
|
|
||||||
|
|
||||||
include ::platform::params
|
|
||||||
include ::platform::amqp::params
|
|
||||||
|
|
||||||
include ::platform::network::mgmt::params
|
|
||||||
$metadata_host = $::platform::network::mgmt::params::controller_address
|
|
||||||
|
|
||||||
class { '::nova':
|
|
||||||
rabbit_use_ssl => $::platform::amqp::params::ssl_enabled,
|
|
||||||
default_transport_url => $::platform::amqp::params::transport_url,
|
|
||||||
}
|
|
||||||
|
|
||||||
# User nova is created during python-nova rpm install.
|
|
||||||
# Just update it's permissions.
|
|
||||||
user { 'nova':
|
|
||||||
ensure => 'present',
|
|
||||||
groups => ['nova', $::platform::params::protected_group_name],
|
|
||||||
}
|
|
||||||
|
|
||||||
# TODO(mpeters): move to nova puppet module as formal parameters
|
|
||||||
nova_config {
|
|
||||||
'DEFAULT/notification_format': value => 'unversioned';
|
|
||||||
'DEFAULT/metadata_host': value => $metadata_host;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
class openstack::nova::sshd
|
|
||||||
inherits ::openstack::nova::params {
|
|
||||||
|
|
||||||
service { 'sshd':
|
|
||||||
ensure => 'running',
|
|
||||||
enable => true,
|
|
||||||
}
|
|
||||||
|
|
||||||
file { '/etc/ssh/sshd_config':
|
|
||||||
ensure => 'present' ,
|
|
||||||
notify => Service['sshd'],
|
|
||||||
mode => '0600',
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
content => template('sshd/sshd_config.erb'),
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
class openstack::nova::controller
|
|
||||||
inherits ::openstack::nova::params {
|
|
||||||
|
|
||||||
include ::platform::params
|
|
||||||
|
|
||||||
if $::platform::params::init_database {
|
|
||||||
include ::nova::db::postgresql
|
|
||||||
include ::nova::db::postgresql_api
|
|
||||||
}
|
|
||||||
|
|
||||||
include ::nova::pci
|
|
||||||
include ::nova::scheduler
|
|
||||||
include ::nova::scheduler::filter
|
|
||||||
include ::nova::compute::ironic
|
|
||||||
include ::nova::compute::serial
|
|
||||||
|
|
||||||
include ::openstack::nova::sshd
|
|
||||||
|
|
||||||
# TODO(mpeters): move to nova puppet module as formal parameters
|
|
||||||
nova_config{
|
|
||||||
'metrics/required': value => false;
|
|
||||||
}
|
|
||||||
|
|
||||||
class { '::nova::conductor':
|
|
||||||
workers => $::platform::params::eng_workers_by_2,
|
|
||||||
}
|
|
||||||
|
|
||||||
# Run nova-manage to purge deleted rows daily at 15 minute mark
|
|
||||||
cron { 'nova-purge-deleted':
|
|
||||||
ensure => 'present',
|
|
||||||
command => '/usr/bin/nova-purge-deleted-active',
|
|
||||||
environment => 'PATH=/bin:/usr/bin:/usr/sbin',
|
|
||||||
minute => '15',
|
|
||||||
hour => '*/24',
|
|
||||||
user => 'root',
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::compute (
|
|
||||||
$ssh_keys,
|
|
||||||
$host_private_key,
|
|
||||||
$host_public_key,
|
|
||||||
$host_public_header,
|
|
||||||
$host_key_type,
|
|
||||||
$migration_private_key,
|
|
||||||
$migration_public_key,
|
|
||||||
$migration_key_type,
|
|
||||||
$compute_monitors,
|
|
||||||
$iscsi_initiator_name = undef,
|
|
||||||
) inherits ::openstack::nova::params {
|
|
||||||
include ::nova::pci
|
|
||||||
include ::platform::params
|
|
||||||
|
|
||||||
include ::platform::network::mgmt::params
|
|
||||||
include ::platform::network::infra::params
|
|
||||||
include ::platform::multipath::params
|
|
||||||
include ::nova::keystone::authtoken
|
|
||||||
include ::nova::compute::neutron
|
|
||||||
|
|
||||||
include ::openstack::nova::sshd
|
|
||||||
|
|
||||||
$host_private_key_file = $host_key_type ? {
|
|
||||||
'ssh-rsa' => '/etc/ssh/ssh_host_rsa_key',
|
|
||||||
'ssh-dsa' => '/etc/ssh/ssh_host_dsa_key',
|
|
||||||
'ssh-ecdsa' => '/etc/ssh/ssh_host_ecdsa_key',
|
|
||||||
default => undef
|
|
||||||
}
|
|
||||||
|
|
||||||
if ! $host_private_key_file {
|
|
||||||
fail("Unable to determine name of private key file. Type specified was '${host_key_type}' but should be one of: ssh-rsa, ssh-dsa, ssh-ecdsa.") # lint:ignore:140chars
|
|
||||||
}
|
|
||||||
|
|
||||||
$host_public_key_file = $host_key_type ? {
|
|
||||||
'ssh-rsa' => '/etc/ssh/ssh_host_rsa_key.pub',
|
|
||||||
'ssh-dsa' => '/etc/ssh/ssh_host_dsa_key.pub',
|
|
||||||
'ssh-ecdsa' => '/etc/ssh/ssh_host_ecdsa_key.pub',
|
|
||||||
default => undef
|
|
||||||
}
|
|
||||||
|
|
||||||
if ! $host_public_key_file {
|
|
||||||
fail("Unable to determine name of public key file. Type specified was '${host_key_type}' but should be one of: ssh-rsa, ssh-dsa, ssh-ecdsa.") # lint:ignore:140chars
|
|
||||||
}
|
|
||||||
|
|
||||||
file { '/etc/ssh':
|
|
||||||
ensure => directory,
|
|
||||||
mode => '0700',
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
}
|
|
||||||
|
|
||||||
-> file { $host_private_key_file:
|
|
||||||
content => $host_private_key,
|
|
||||||
mode => '0600',
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
}
|
|
||||||
|
|
||||||
-> file { $host_public_key_file:
|
|
||||||
content => "${host_public_header} ${host_public_key}",
|
|
||||||
mode => '0644',
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
}
|
|
||||||
|
|
||||||
$migration_private_key_file = $migration_key_type ? {
|
|
||||||
'ssh-rsa' => '/root/.ssh/id_rsa',
|
|
||||||
'ssh-dsa' => '/root/.ssh/id_dsa',
|
|
||||||
'ssh-ecdsa' => '/root/.ssh/id_ecdsa',
|
|
||||||
default => undef
|
|
||||||
}
|
|
||||||
|
|
||||||
if ! $migration_private_key_file {
|
|
||||||
fail("Unable to determine name of private key file. Type specified was '${migration_key_type}' but should be one of: ssh-rsa, ssh-dsa, ssh-ecdsa.") # lint:ignore:140chars
|
|
||||||
}
|
|
||||||
|
|
||||||
$migration_auth_options = [
|
|
||||||
"from=\"${nova_migration_subnet}\"",
|
|
||||||
"command=\"/usr/bin/nova_authorized_cmds\"" ]
|
|
||||||
|
|
||||||
file { '/root/.ssh':
|
|
||||||
ensure => directory,
|
|
||||||
mode => '0700',
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
}
|
|
||||||
|
|
||||||
-> file { $migration_private_key_file:
|
|
||||||
content => $migration_private_key,
|
|
||||||
mode => '0600',
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
}
|
|
||||||
|
|
||||||
-> ssh_authorized_key { 'nova-migration-key-authorization':
|
|
||||||
ensure => present,
|
|
||||||
key => $migration_public_key,
|
|
||||||
type => $migration_key_type,
|
|
||||||
user => 'root',
|
|
||||||
require => File['/root/.ssh'],
|
|
||||||
options => $migration_auth_options,
|
|
||||||
}
|
|
||||||
|
|
||||||
# remove root user's known_hosts as a preventive measure
|
|
||||||
# to ensure it doesn't interfere client side authentication
|
|
||||||
# during VM migration.
|
|
||||||
file { '/root/.ssh/known_hosts':
|
|
||||||
ensure => absent,
|
|
||||||
}
|
|
||||||
|
|
||||||
create_resources(sshkey, $ssh_keys, {})
|
|
||||||
|
|
||||||
class { '::nova::compute':
|
|
||||||
vncserver_proxyclient_address => $::platform::params::hostname,
|
|
||||||
}
|
|
||||||
|
|
||||||
if str2bool($::is_virtual) {
|
|
||||||
# check that we actually support KVM virtualization
|
|
||||||
$kvm_exists = inline_template("<% if File.exists?('/dev/kvm') -%>true<% else %>false<% end -%>")
|
|
||||||
if $::virtual == 'kvm' and str2bool($kvm_exists) {
|
|
||||||
$libvirt_virt_type = 'kvm'
|
|
||||||
} else {
|
|
||||||
$libvirt_virt_type = 'qemu'
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$libvirt_virt_type = 'kvm'
|
|
||||||
}
|
|
||||||
|
|
||||||
$libvirt_vnc_bind_host = $migration_version ? {
|
|
||||||
4 => '0.0.0.0',
|
|
||||||
6 => '::0',
|
|
||||||
}
|
|
||||||
|
|
||||||
include ::openstack::glance::params
|
|
||||||
if 'rbd' in $::openstack::glance::params::enabled_backends {
|
|
||||||
$libvirt_inject_partition = '-2'
|
|
||||||
$libvirt_images_type = 'rbd'
|
|
||||||
} else {
|
|
||||||
$libvirt_inject_partition = '-1'
|
|
||||||
$libvirt_images_type = 'default'
|
|
||||||
}
|
|
||||||
|
|
||||||
class { '::nova::compute::libvirt':
|
|
||||||
libvirt_virt_type => $libvirt_virt_type,
|
|
||||||
vncserver_listen => $libvirt_vnc_bind_host,
|
|
||||||
libvirt_inject_partition => $libvirt_inject_partition,
|
|
||||||
}
|
|
||||||
|
|
||||||
# TODO(mpeters): convert hard coded config values to hiera class parameters
|
|
||||||
nova_config {
|
|
||||||
'DEFAULT/my_ip': value => $migration_ip;
|
|
||||||
|
|
||||||
'libvirt/libvirt_images_type': value => $libvirt_images_type;
|
|
||||||
'libvirt/live_migration_inbound_addr': value => "${::platform::params::hostname}-infra";
|
|
||||||
'libvirt/live_migration_uri': ensure => absent;
|
|
||||||
'libvirt/volume_use_multipath': value => $::platform::multipath::params::enabled;
|
|
||||||
|
|
||||||
# enable auto-converge by default
|
|
||||||
'libvirt/live_migration_permit_auto_converge': value => 'True';
|
|
||||||
|
|
||||||
# Change the nfs mount options to provide faster detection of unclean
|
|
||||||
# shutdown (e.g. if controller is powered down).
|
|
||||||
'DEFAULT/nfs_mount_options': value => $::platform::params::nfs_mount_options;
|
|
||||||
|
|
||||||
# WRS extension: compute_resource_debug
|
|
||||||
'DEFAULT/compute_resource_debug': value => 'False';
|
|
||||||
|
|
||||||
# WRS extension: reap running deleted VMs
|
|
||||||
'DEFAULT/running_deleted_instance_action': value => 'reap';
|
|
||||||
'DEFAULT/running_deleted_instance_poll_interval': value => '60';
|
|
||||||
|
|
||||||
# Delete rbd_user, for now
|
|
||||||
'DEFAULT/rbd_user': ensure => 'absent';
|
|
||||||
|
|
||||||
# write metadata to a special configuration drive
|
|
||||||
'DEFAULT/mkisofs_cmd': value => '/usr/bin/genisoimage';
|
|
||||||
|
|
||||||
# configure metrics
|
|
||||||
'DEFAULT/compute_available_monitors':
|
|
||||||
value => 'nova.compute.monitors.all_monitors';
|
|
||||||
'DEFAULT/compute_monitors': value => $compute_monitors;
|
|
||||||
|
|
||||||
# need retries under heavy I/O loads
|
|
||||||
'DEFAULT/network_allocate_retries': value => 2;
|
|
||||||
|
|
||||||
# TODO(mpeters): confirm if this is still required - deprecated
|
|
||||||
'DEFAULT/volume_api_class': value => 'nova.volume.cinder.API';
|
|
||||||
|
|
||||||
'DEFAULT/default_ephemeral_format': value => 'ext4';
|
|
||||||
|
|
||||||
# turn on service tokens
|
|
||||||
'service_user/send_service_user_token': value => true;
|
|
||||||
'service_user/project_name': value => $::nova::keystone::authtoken::project_name;
|
|
||||||
'service_user/password': value => $::nova::keystone::authtoken::password;
|
|
||||||
'service_user/username': value => $::nova::keystone::authtoken::username;
|
|
||||||
'service_user/region_name': value => $::nova::keystone::authtoken::region_name;
|
|
||||||
'service_user/auth_url': value => $::nova::keystone::authtoken::auth_url;
|
|
||||||
'service_user/user_domain_name': value => $::nova::keystone::authtoken::user_domain_name;
|
|
||||||
'service_user/project_domain_name': value => $::nova::keystone::authtoken::project_domain_name;
|
|
||||||
'service_user/auth_type': value => 'password';
|
|
||||||
}
|
|
||||||
|
|
||||||
file_line {'cgroup_controllers':
|
|
||||||
ensure => present,
|
|
||||||
path => '/etc/libvirt/qemu.conf',
|
|
||||||
line => 'cgroup_controllers = [ "cpu", "cpuacct" ]',
|
|
||||||
match => '^cgroup_controllers = .*',
|
|
||||||
}
|
|
||||||
|
|
||||||
if $iscsi_initiator_name {
|
|
||||||
$initiator_content = "InitiatorName=${iscsi_initiator_name}\n"
|
|
||||||
file { '/etc/iscsi/initiatorname.iscsi':
|
|
||||||
ensure => 'present',
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
mode => '0644',
|
|
||||||
content => $initiator_content,
|
|
||||||
}
|
|
||||||
-> exec { 'Restart iscsid.service':
|
|
||||||
command => "bash -c 'systemctl restart iscsid.service'",
|
|
||||||
onlyif => 'systemctl status iscsid.service',
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
define openstack::nova::storage::wipe_new_pv {
|
|
||||||
$cmd = join(['/sbin/pvs --nosuffix --noheadings ',$name,' 2>/dev/null | grep nova-local || true'])
|
|
||||||
$result = generate('/bin/sh', '-c', $cmd)
|
|
||||||
if $result !~ /nova-local/ {
|
|
||||||
exec { "Wipe New PV not in VG - ${name}":
|
|
||||||
provider => shell,
|
|
||||||
command => "wipefs -a ${name}",
|
|
||||||
before => Lvm::Volume[instances_lv],
|
|
||||||
require => Exec['remove device mapper mapping']
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
define openstack::nova::storage::wipe_pv_and_format {
|
|
||||||
if $name !~ /part/ {
|
|
||||||
exec { "Wipe removing PV ${name}":
|
|
||||||
provider => shell,
|
|
||||||
command => "wipefs -a ${name}",
|
|
||||||
require => File_line[disable_old_lvg_disks]
|
|
||||||
}
|
|
||||||
-> exec { "GPT format disk PV - ${name}":
|
|
||||||
provider => shell,
|
|
||||||
command => "parted -a optimal --script ${name} -- mktable gpt",
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
exec { "Wipe removing PV ${name}":
|
|
||||||
provider => shell,
|
|
||||||
command => "wipefs -a ${name}",
|
|
||||||
require => File_line[disable_old_lvg_disks]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
class openstack::nova::storage (
|
|
||||||
$adding_pvs,
|
|
||||||
$removing_pvs,
|
|
||||||
$final_pvs,
|
|
||||||
$lvm_global_filter = '[]',
|
|
||||||
$lvm_update_filter = '[]',
|
|
||||||
$instance_backing = 'image',
|
|
||||||
$concurrent_disk_operations = 2,
|
|
||||||
$images_rbd_pool = 'ephemeral',
|
|
||||||
$images_rbd_ceph_conf = '/etc/ceph/ceph.conf'
|
|
||||||
) {
|
|
||||||
$adding_pvs_str = join($adding_pvs,' ')
|
|
||||||
$removing_pvs_str = join($removing_pvs,' ')
|
|
||||||
|
|
||||||
# Ensure partitions update prior to local storage configuration
|
|
||||||
Class['::platform::partitions'] -> Class[$name]
|
|
||||||
|
|
||||||
case $instance_backing {
|
|
||||||
'image': {
|
|
||||||
$images_type = 'default'
|
|
||||||
$images_volume_group = absent
|
|
||||||
$round_to_extent = false
|
|
||||||
$local_monitor_state = 'disabled'
|
|
||||||
$images_rbd_pool_real = absent
|
|
||||||
$images_rbd_ceph_conf_real = absent
|
|
||||||
}
|
|
||||||
'remote': {
|
|
||||||
$images_type = 'rbd'
|
|
||||||
$images_volume_group = absent
|
|
||||||
$round_to_extent = false
|
|
||||||
$local_monitor_state = 'disabled'
|
|
||||||
$images_rbd_pool_real = $images_rbd_pool
|
|
||||||
$images_rbd_ceph_conf_real = $images_rbd_ceph_conf
|
|
||||||
}
|
|
||||||
default: {
|
|
||||||
fail("Unsupported instance backing: ${instance_backing}")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
nova_config {
|
|
||||||
'DEFAULT/concurrent_disk_operations': value => $concurrent_disk_operations;
|
|
||||||
}
|
|
||||||
|
|
||||||
::openstack::nova::storage::wipe_new_pv { $adding_pvs: }
|
|
||||||
::openstack::nova::storage::wipe_pv_and_format { $removing_pvs: }
|
|
||||||
|
|
||||||
file_line { 'enable_new_lvg_disks':
|
|
||||||
path => '/etc/lvm/lvm.conf',
|
|
||||||
line => " global_filter = ${lvm_update_filter}",
|
|
||||||
match => '^[ ]*global_filter =',
|
|
||||||
}
|
|
||||||
-> nova_config {
|
|
||||||
'libvirt/images_type': value => $images_type;
|
|
||||||
'libvirt/images_volume_group': value => $images_volume_group;
|
|
||||||
'libvirt/images_rbd_pool': value => $images_rbd_pool_real;
|
|
||||||
'libvirt/images_rbd_ceph_conf': value => $images_rbd_ceph_conf_real;
|
|
||||||
}
|
|
||||||
-> exec { 'umount /var/lib/nova/instances':
|
|
||||||
command => 'umount /var/lib/nova/instances; true',
|
|
||||||
}
|
|
||||||
-> exec { 'umount /dev/nova-local/instances_lv':
|
|
||||||
command => 'umount /dev/nova-local/instances_lv; true',
|
|
||||||
}
|
|
||||||
-> exec { 'remove udev leftovers':
|
|
||||||
unless => 'vgs nova-local',
|
|
||||||
command => 'rm -rf /dev/nova-local || true',
|
|
||||||
}
|
|
||||||
-> exec { 'remove device mapper mapping':
|
|
||||||
command => 'dmsetup remove /dev/mapper/nova--local-instances_lv || true',
|
|
||||||
}
|
|
||||||
-> file_line { 'disable_old_lvg_disks':
|
|
||||||
path => '/etc/lvm/lvm.conf',
|
|
||||||
line => " global_filter = ${lvm_global_filter}",
|
|
||||||
match => '^[ ]*global_filter =',
|
|
||||||
}
|
|
||||||
-> exec { 'add device mapper mapping':
|
|
||||||
command => 'lvchange -ay /dev/nova-local/instances_lv || true',
|
|
||||||
}
|
|
||||||
-> lvm::volume { 'instances_lv':
|
|
||||||
ensure => 'present',
|
|
||||||
vg => 'nova-local',
|
|
||||||
pv => $final_pvs,
|
|
||||||
size => 'max',
|
|
||||||
round_to_extent => $round_to_extent,
|
|
||||||
allow_reduce => true,
|
|
||||||
nuke_fs_on_resize_failure => true,
|
|
||||||
}
|
|
||||||
-> filesystem { '/dev/nova-local/instances_lv':
|
|
||||||
ensure => present,
|
|
||||||
fs_type => 'ext4',
|
|
||||||
options => '-F -F',
|
|
||||||
require => Logical_volume['instances_lv']
|
|
||||||
}
|
|
||||||
-> file { '/var/lib/nova/instances':
|
|
||||||
ensure => 'directory',
|
|
||||||
owner => 'root',
|
|
||||||
group => 'root',
|
|
||||||
mode => '0755',
|
|
||||||
}
|
|
||||||
-> exec { 'mount /dev/nova-local/instances_lv':
|
|
||||||
unless => 'mount | grep -q /var/lib/nova/instances',
|
|
||||||
command => 'mount -t ext4 /dev/nova-local/instances_lv /var/lib/nova/instances',
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::network {
|
|
||||||
include ::nova::network::neutron
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::placement {
|
|
||||||
include ::nova::placement
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::firewall
|
|
||||||
inherits ::openstack::nova::params {
|
|
||||||
|
|
||||||
platform::firewall::rule { 'nova-api-rules':
|
|
||||||
service_name => 'nova',
|
|
||||||
ports => $nova_api_port,
|
|
||||||
}
|
|
||||||
|
|
||||||
platform::firewall::rule { 'nova-placement-api':
|
|
||||||
service_name => 'placement',
|
|
||||||
ports => $placement_port,
|
|
||||||
}
|
|
||||||
|
|
||||||
platform::firewall::rule { 'nova-novnc':
|
|
||||||
service_name => 'nova-novnc',
|
|
||||||
ports => $nova_novnc_port,
|
|
||||||
}
|
|
||||||
|
|
||||||
platform::firewall::rule { 'nova-serial':
|
|
||||||
service_name => 'nova-serial',
|
|
||||||
ports => $nova_serial_port,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::haproxy
|
|
||||||
inherits ::openstack::nova::params {
|
|
||||||
|
|
||||||
platform::haproxy::proxy { 'nova-restapi':
|
|
||||||
server_name => 's-nova',
|
|
||||||
public_port => $nova_api_port,
|
|
||||||
private_port => $nova_api_port,
|
|
||||||
}
|
|
||||||
|
|
||||||
platform::haproxy::proxy { 'placement-restapi':
|
|
||||||
server_name => 's-placement',
|
|
||||||
public_port => $placement_port,
|
|
||||||
private_port => $placement_port,
|
|
||||||
}
|
|
||||||
|
|
||||||
platform::haproxy::proxy { 'nova-novnc':
|
|
||||||
server_name => 's-nova-novnc',
|
|
||||||
public_port => $nova_novnc_port,
|
|
||||||
private_port => $nova_novnc_port,
|
|
||||||
x_forwarded_proto => false,
|
|
||||||
}
|
|
||||||
|
|
||||||
platform::haproxy::proxy { 'nova-serial':
|
|
||||||
server_name => 's-nova-serial',
|
|
||||||
public_port => $nova_serial_port,
|
|
||||||
private_port => $nova_serial_port,
|
|
||||||
server_timeout => $timeout,
|
|
||||||
client_timeout => $timeout,
|
|
||||||
x_forwarded_proto => false,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::api::services
|
|
||||||
inherits ::openstack::nova::params {
|
|
||||||
|
|
||||||
include ::nova::pci
|
|
||||||
include ::platform::params
|
|
||||||
|
|
||||||
include ::nova::vncproxy
|
|
||||||
include ::nova::serialproxy
|
|
||||||
include ::nova::consoleauth
|
|
||||||
include ::nova_api_proxy::config
|
|
||||||
|
|
||||||
class {'::nova::api':
|
|
||||||
sync_db => $::platform::params::init_database,
|
|
||||||
sync_db_api => $::platform::params::init_database,
|
|
||||||
osapi_compute_workers => $::platform::params::eng_workers,
|
|
||||||
metadata_workers => $::platform::params::eng_workers_by_2,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::api
|
|
||||||
inherits ::openstack::nova::params {
|
|
||||||
|
|
||||||
include ::platform::kubernetes::params
|
|
||||||
include ::platform::params
|
|
||||||
|
|
||||||
if ($::openstack::nova::params::service_create and
|
|
||||||
$::platform::params::init_keystone) {
|
|
||||||
include ::nova::keystone::auth
|
|
||||||
include ::nova::keystone::auth_placement
|
|
||||||
}
|
|
||||||
|
|
||||||
include ::openstack::nova::api::services
|
|
||||||
|
|
||||||
if $::openstack::nova::params::configure_endpoint {
|
|
||||||
include ::openstack::nova::firewall
|
|
||||||
if $::platform::kubernetes::params::enabled != true {
|
|
||||||
include ::openstack::nova::haproxy
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::conductor::reload {
|
|
||||||
exec { 'signal-nova-conductor':
|
|
||||||
command => 'pkill -HUP nova-conductor',
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::api::reload {
|
|
||||||
platform::sm::restart {'nova-api': }
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::controller::runtime {
|
|
||||||
include ::openstack::nova
|
|
||||||
include ::openstack::nova::controller
|
|
||||||
include ::openstack::nova::api::services
|
|
||||||
|
|
||||||
class {'::openstack::nova::api::reload':
|
|
||||||
stage => post
|
|
||||||
}
|
|
||||||
|
|
||||||
class {'::openstack::nova::conductor::reload':
|
|
||||||
stage => post
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::api::runtime {
|
|
||||||
|
|
||||||
# both the service configuration and firewall/haproxy needs to be updated
|
|
||||||
include ::openstack::nova
|
|
||||||
include ::openstack::nova::api
|
|
||||||
include ::nova::compute::serial
|
|
||||||
|
|
||||||
class {'::openstack::nova::api::reload':
|
|
||||||
stage => post
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::compute::pci
|
|
||||||
(
|
|
||||||
$pci_pt_whitelist = [],
|
|
||||||
$pci_sriov_whitelist = undef,
|
|
||||||
) {
|
|
||||||
|
|
||||||
# The pci_passthrough option in the nova::compute class is not sufficient.
|
|
||||||
# In particular, it sets the pci_passthrough_whitelist in nova.conf to an
|
|
||||||
# empty string if the list is empty, causing the nova-compute process to fail.
|
|
||||||
if $pci_sriov_whitelist {
|
|
||||||
class { '::nova::compute::pci':
|
|
||||||
passthrough => generate('/usr/bin/nova-sriov',
|
|
||||||
$pci_pt_whitelist, $pci_sriov_whitelist),
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
class { '::nova::compute::pci':
|
|
||||||
passthrough => $pci_pt_whitelist,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::compute::reload {
|
|
||||||
include ::platform::kubernetes::params
|
|
||||||
|
|
||||||
if $::platform::kubernetes::params::enabled != true {
|
|
||||||
exec { 'pmon-restart-nova-compute':
|
|
||||||
command => 'pmon-restart nova-compute',
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::nova::compute::runtime {
|
|
||||||
include ::openstack::nova
|
|
||||||
include ::openstack::nova::compute
|
|
||||||
|
|
||||||
class {'::openstack::nova::compute::reload':
|
|
||||||
stage => post
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,135 +0,0 @@
|
||||||
class openstack::swift::params (
|
|
||||||
$swift_hash_path_suffix = 'swift_secret',
|
|
||||||
$service_name = 'openstack-swift',
|
|
||||||
$service_enabled = false,
|
|
||||||
$api_port = 8080,
|
|
||||||
$api_host = '127.0.0.1',
|
|
||||||
$fs_size_mb = '25',
|
|
||||||
) { }
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::swift::firewall
|
|
||||||
inherits ::openstack::swift::params {
|
|
||||||
|
|
||||||
if $service_enabled {
|
|
||||||
platform::firewall::rule { 'swift-api':
|
|
||||||
service_name => 'swift',
|
|
||||||
ports => $api_port,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::swift::haproxy
|
|
||||||
inherits ::openstack::swift::params {
|
|
||||||
|
|
||||||
if $service_enabled {
|
|
||||||
platform::haproxy::proxy { 'swift-restapi':
|
|
||||||
server_name => 's-swift',
|
|
||||||
public_port => $api_port,
|
|
||||||
private_port => $api_port,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::swift::api {
|
|
||||||
include ::openstack::swift::firewall
|
|
||||||
include ::openstack::swift::haproxy
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::swift
|
|
||||||
inherits ::openstack::swift::params {
|
|
||||||
|
|
||||||
include ::platform::params
|
|
||||||
include ::openstack::keystone::params
|
|
||||||
|
|
||||||
if $service_enabled {
|
|
||||||
if str2bool($::is_controller_active) or
|
|
||||||
str2bool($::is_standalone_controller) {
|
|
||||||
class { '::swift::keystone::auth':
|
|
||||||
configure_s3_endpoint => false,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
class { '::swift':
|
|
||||||
swift_hash_path_suffix => $swift_hash_path_suffix
|
|
||||||
}
|
|
||||||
|
|
||||||
include swift::proxy::healthcheck
|
|
||||||
include swift::proxy::proxy_logging
|
|
||||||
include swift::proxy::authtoken
|
|
||||||
include swift::proxy::keystone
|
|
||||||
include swift::proxy::container_quotas
|
|
||||||
class { 'swift::proxy':
|
|
||||||
account_autocreate => true,
|
|
||||||
proxy_local_net_ip => $api_host,
|
|
||||||
port => $api_port,
|
|
||||||
pipeline => ['healthcheck', 'authtoken', 'keystone', 'container-quotas' , 'proxy-logging', 'proxy-server'],
|
|
||||||
}
|
|
||||||
|
|
||||||
swift::storage::loopback { '1':
|
|
||||||
require => Class['swift'],
|
|
||||||
base_dir => '/srv/loopback-device',
|
|
||||||
mnt_base_dir => '/srv/node',
|
|
||||||
byte_size => '1024',
|
|
||||||
seek => $fs_size_mb*1024,
|
|
||||||
}
|
|
||||||
|
|
||||||
# remove dependency on xinetd
|
|
||||||
class { '::rsync::server':
|
|
||||||
use_xinetd => false,
|
|
||||||
address => $api_host,
|
|
||||||
use_chroot => 'no',
|
|
||||||
}
|
|
||||||
|
|
||||||
class { 'swift::storage::all':
|
|
||||||
storage_local_net_ip => $api_host,
|
|
||||||
object_port => '6200',
|
|
||||||
container_port => '6201',
|
|
||||||
account_port => '6202',
|
|
||||||
account_pipeline => ['healthcheck', 'recon', 'account-server'],
|
|
||||||
container_pipeline => ['healthcheck', 'recon', 'container-server'],
|
|
||||||
object_pipeline => ['healthcheck', 'recon', 'object-server'],
|
|
||||||
# Turn on support for object versioning
|
|
||||||
allow_versions => true,
|
|
||||||
}
|
|
||||||
|
|
||||||
$rings = [
|
|
||||||
'account',
|
|
||||||
'object',
|
|
||||||
'container']
|
|
||||||
swift::storage::filter::recon { $rings: }
|
|
||||||
swift::storage::filter::healthcheck { $rings: }
|
|
||||||
|
|
||||||
ring_object_device { "${api_host}:6200/1":
|
|
||||||
region => 1, # optional, defaults to 1
|
|
||||||
zone => 1,
|
|
||||||
weight => 1,
|
|
||||||
}
|
|
||||||
|
|
||||||
ring_container_device { "${api_host}:6201/1":
|
|
||||||
zone => 1,
|
|
||||||
weight => 1,
|
|
||||||
}
|
|
||||||
|
|
||||||
ring_account_device { "${api_host}:6202/1":
|
|
||||||
zone => 1,
|
|
||||||
weight => 1,
|
|
||||||
}
|
|
||||||
|
|
||||||
class { 'swift::ringbuilder':
|
|
||||||
part_power => '10',
|
|
||||||
# number of replicas can not be more than the number of nodes
|
|
||||||
replicas => '1',
|
|
||||||
min_part_hours => '1',
|
|
||||||
require => Class['swift'],
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
class openstack::swift::runtime {
|
|
||||||
include ::openstack::swift
|
|
||||||
}
|
|
|
@ -260,18 +260,6 @@ class platform::compute::allocate
|
||||||
}
|
}
|
||||||
# lint:endignore:variable_is_lowercase
|
# lint:endignore:variable_is_lowercase
|
||||||
|
|
||||||
class platform::compute::extend
|
|
||||||
inherits ::platform::compute::hugepage::params {
|
|
||||||
|
|
||||||
# nova-compute reads on init, extended nova compute options
|
|
||||||
# used with nova accounting
|
|
||||||
file { '/etc/nova/compute_extend.conf':
|
|
||||||
ensure => 'present',
|
|
||||||
replace => true,
|
|
||||||
content => template('platform/compute_extend.conf.erb')
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Mount resctrl to allow Cache Allocation Technology per VM
|
# Mount resctrl to allow Cache Allocation Technology per VM
|
||||||
class platform::compute::resctrl {
|
class platform::compute::resctrl {
|
||||||
|
|
||||||
|
@ -328,6 +316,5 @@ class platform::compute {
|
||||||
require ::platform::compute::allocate
|
require ::platform::compute::allocate
|
||||||
require ::platform::compute::pmqos
|
require ::platform::compute::pmqos
|
||||||
require ::platform::compute::resctrl
|
require ::platform::compute::resctrl
|
||||||
require ::platform::compute::extend
|
|
||||||
require ::platform::compute::config
|
require ::platform::compute::config
|
||||||
}
|
}
|
||||||
|
|
|
@ -142,7 +142,6 @@ class platform::haproxy::runtime {
|
||||||
include ::platform::dcorch::haproxy
|
include ::platform::dcorch::haproxy
|
||||||
}
|
}
|
||||||
include ::openstack::keystone::haproxy
|
include ::openstack::keystone::haproxy
|
||||||
include ::openstack::swift::haproxy
|
|
||||||
include ::openstack::barbican::haproxy
|
include ::openstack::barbican::haproxy
|
||||||
|
|
||||||
class {'::platform::haproxy::reload':
|
class {'::platform::haproxy::reload':
|
||||||
|
|
|
@ -74,7 +74,7 @@ class platform::lvm::vg::nova_local(
|
||||||
$vg_name = 'nova-local',
|
$vg_name = 'nova-local',
|
||||||
$physical_volumes = [],
|
$physical_volumes = [],
|
||||||
) inherits platform::lvm::params {
|
) inherits platform::lvm::params {
|
||||||
# TODO(rchurch): refactor portions of openstack::nova::storage an move here
|
# TODO(rchurch): refactor portions of platform::worker::storage and move here
|
||||||
}
|
}
|
||||||
|
|
||||||
##################
|
##################
|
||||||
|
|
|
@ -0,0 +1,134 @@
|
||||||
|
|
||||||
|
define platform::worker::storage::wipe_new_pv {
|
||||||
|
$cmd = join(['/sbin/pvs --nosuffix --noheadings ',$name,' 2>/dev/null | grep nova-local || true'])
|
||||||
|
$result = generate('/bin/sh', '-c', $cmd)
|
||||||
|
if $result !~ /nova-local/ {
|
||||||
|
exec { "Wipe New PV not in VG - ${name}":
|
||||||
|
provider => shell,
|
||||||
|
command => "wipefs -a ${name}",
|
||||||
|
before => Lvm::Volume[instances_lv],
|
||||||
|
require => Exec['remove device mapper mapping']
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
define platform::worker::storage::wipe_pv_and_format {
|
||||||
|
if $name !~ /part/ {
|
||||||
|
exec { "Wipe removing PV ${name}":
|
||||||
|
provider => shell,
|
||||||
|
command => "wipefs -a ${name}",
|
||||||
|
require => File_line[disable_old_lvg_disks]
|
||||||
|
}
|
||||||
|
-> exec { "GPT format disk PV - ${name}":
|
||||||
|
provider => shell,
|
||||||
|
command => "parted -a optimal --script ${name} -- mktable gpt",
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
exec { "Wipe removing PV ${name}":
|
||||||
|
provider => shell,
|
||||||
|
command => "wipefs -a ${name}",
|
||||||
|
require => File_line[disable_old_lvg_disks]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
class platform::worker::storage (
|
||||||
|
$adding_pvs,
|
||||||
|
$removing_pvs,
|
||||||
|
$final_pvs,
|
||||||
|
$lvm_global_filter = '[]',
|
||||||
|
$lvm_update_filter = '[]',
|
||||||
|
$instance_backing = 'image',
|
||||||
|
$images_rbd_pool = 'ephemeral',
|
||||||
|
$images_rbd_ceph_conf = '/etc/ceph/ceph.conf'
|
||||||
|
) {
|
||||||
|
$adding_pvs_str = join($adding_pvs,' ')
|
||||||
|
$removing_pvs_str = join($removing_pvs,' ')
|
||||||
|
|
||||||
|
# Ensure partitions update prior to local storage configuration
|
||||||
|
Class['::platform::partitions'] -> Class[$name]
|
||||||
|
|
||||||
|
case $instance_backing {
|
||||||
|
'image': {
|
||||||
|
$images_type = 'default'
|
||||||
|
$images_volume_group = absent
|
||||||
|
$round_to_extent = false
|
||||||
|
$local_monitor_state = 'disabled'
|
||||||
|
$images_rbd_pool_real = absent
|
||||||
|
$images_rbd_ceph_conf_real = absent
|
||||||
|
}
|
||||||
|
'remote': {
|
||||||
|
$images_type = 'rbd'
|
||||||
|
$images_volume_group = absent
|
||||||
|
$round_to_extent = false
|
||||||
|
$local_monitor_state = 'disabled'
|
||||||
|
$images_rbd_pool_real = $images_rbd_pool
|
||||||
|
$images_rbd_ceph_conf_real = $images_rbd_ceph_conf
|
||||||
|
}
|
||||||
|
default: {
|
||||||
|
fail("Unsupported instance backing: ${instance_backing}")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
::platform::worker::storage::wipe_new_pv { $adding_pvs: }
|
||||||
|
::platform::worker::storage::wipe_pv_and_format { $removing_pvs: }
|
||||||
|
|
||||||
|
file_line { 'enable_new_lvg_disks':
|
||||||
|
path => '/etc/lvm/lvm.conf',
|
||||||
|
line => " global_filter = ${lvm_update_filter}",
|
||||||
|
match => '^[ ]*global_filter =',
|
||||||
|
}
|
||||||
|
-> file { '/var/lib/nova':
|
||||||
|
ensure => 'directory',
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => '0755',
|
||||||
|
}
|
||||||
|
-> exec { 'umount /var/lib/nova/instances':
|
||||||
|
command => 'umount /var/lib/nova/instances; true',
|
||||||
|
}
|
||||||
|
-> exec { 'umount /dev/nova-local/instances_lv':
|
||||||
|
command => 'umount /dev/nova-local/instances_lv; true',
|
||||||
|
}
|
||||||
|
-> exec { 'remove udev leftovers':
|
||||||
|
unless => 'vgs nova-local',
|
||||||
|
command => 'rm -rf /dev/nova-local || true',
|
||||||
|
}
|
||||||
|
-> exec { 'remove device mapper mapping':
|
||||||
|
command => 'dmsetup remove /dev/mapper/nova--local-instances_lv || true',
|
||||||
|
}
|
||||||
|
-> file_line { 'disable_old_lvg_disks':
|
||||||
|
path => '/etc/lvm/lvm.conf',
|
||||||
|
line => " global_filter = ${lvm_global_filter}",
|
||||||
|
match => '^[ ]*global_filter =',
|
||||||
|
}
|
||||||
|
-> exec { 'add device mapper mapping':
|
||||||
|
command => 'lvchange -ay /dev/nova-local/instances_lv || true',
|
||||||
|
}
|
||||||
|
-> lvm::volume { 'instances_lv':
|
||||||
|
ensure => 'present',
|
||||||
|
vg => 'nova-local',
|
||||||
|
pv => $final_pvs,
|
||||||
|
size => 'max',
|
||||||
|
round_to_extent => $round_to_extent,
|
||||||
|
allow_reduce => true,
|
||||||
|
nuke_fs_on_resize_failure => true,
|
||||||
|
}
|
||||||
|
-> filesystem { '/dev/nova-local/instances_lv':
|
||||||
|
ensure => present,
|
||||||
|
fs_type => 'ext4',
|
||||||
|
options => '-F -F',
|
||||||
|
require => Logical_volume['instances_lv']
|
||||||
|
}
|
||||||
|
-> file { '/var/lib/nova/instances':
|
||||||
|
ensure => 'directory',
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => '0755',
|
||||||
|
}
|
||||||
|
-> exec { 'mount /dev/nova-local/instances_lv':
|
||||||
|
unless => 'mount | grep -q /var/lib/nova/instances',
|
||||||
|
command => 'mount -t ext4 /dev/nova-local/instances_lv /var/lib/nova/instances',
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,2 +0,0 @@
|
||||||
Name: puppet-nova_api_proxy
|
|
||||||
Version: 1.0.0
|
|
|
@ -1,2 +0,0 @@
|
||||||
SRC_DIR="src"
|
|
||||||
TIS_PATCH_VER=2
|
|
|
@ -1,33 +0,0 @@
|
||||||
%global module_dir nova_api_proxy
|
|
||||||
|
|
||||||
Name: puppet-%{module_dir}
|
|
||||||
Version: 1.0.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
Summary: Puppet Nova Api Proxy module
|
|
||||||
License: Apache-2.0
|
|
||||||
Packager: Wind River <info@windriver.com>
|
|
||||||
|
|
||||||
URL: unknown
|
|
||||||
|
|
||||||
Source0: %{name}-%{version}.tar.gz
|
|
||||||
|
|
||||||
BuildArch: noarch
|
|
||||||
|
|
||||||
BuildRequires: python2-devel
|
|
||||||
|
|
||||||
%description
|
|
||||||
A puppet module for Nova API Proxy
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup
|
|
||||||
|
|
||||||
#
|
|
||||||
# The src for this puppet module needs to be staged to packstack/puppet/modules
|
|
||||||
#
|
|
||||||
%install
|
|
||||||
make install \
|
|
||||||
MODULEDIR=%{buildroot}%{_datadir}/puppet/modules
|
|
||||||
|
|
||||||
%files
|
|
||||||
%license LICENSE
|
|
||||||
%{_datadir}/puppet/modules/%{module_dir}
|
|
|
@ -1,201 +0,0 @@
|
||||||
Apache License
|
|
||||||
Version 2.0, January 2004
|
|
||||||
http://www.apache.org/licenses/
|
|
||||||
|
|
||||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
||||||
|
|
||||||
1. Definitions.
|
|
||||||
|
|
||||||
"License" shall mean the terms and conditions for use, reproduction,
|
|
||||||
and distribution as defined by Sections 1 through 9 of this document.
|
|
||||||
|
|
||||||
"Licensor" shall mean the copyright owner or entity authorized by
|
|
||||||
the copyright owner that is granting the License.
|
|
||||||
|
|
||||||
"Legal Entity" shall mean the union of the acting entity and all
|
|
||||||
other entities that control, are controlled by, or are under common
|
|
||||||
control with that entity. For the purposes of this definition,
|
|
||||||
"control" means (i) the power, direct or indirect, to cause the
|
|
||||||
direction or management of such entity, whether by contract or
|
|
||||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
||||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
||||||
|
|
||||||
"You" (or "Your") shall mean an individual or Legal Entity
|
|
||||||
exercising permissions granted by this License.
|
|
||||||
|
|
||||||
"Source" form shall mean the preferred form for making modifications,
|
|
||||||
including but not limited to software source code, documentation
|
|
||||||
source, and configuration files.
|
|
||||||
|
|
||||||
"Object" form shall mean any form resulting from mechanical
|
|
||||||
transformation or translation of a Source form, including but
|
|
||||||
not limited to compiled object code, generated documentation,
|
|
||||||
and conversions to other media types.
|
|
||||||
|
|
||||||
"Work" shall mean the work of authorship, whether in Source or
|
|
||||||
Object form, made available under the License, as indicated by a
|
|
||||||
copyright notice that is included in or attached to the work
|
|
||||||
(an example is provided in the Appendix below).
|
|
||||||
|
|
||||||
"Derivative Works" shall mean any work, whether in Source or Object
|
|
||||||
form, that is based on (or derived from) the Work and for which the
|
|
||||||
editorial revisions, annotations, elaborations, or other modifications
|
|
||||||
represent, as a whole, an original work of authorship. For the purposes
|
|
||||||
of this License, Derivative Works shall not include works that remain
|
|
||||||
separable from, or merely link (or bind by name) to the interfaces of,
|
|
||||||
the Work and Derivative Works thereof.
|
|
||||||
|
|
||||||
"Contribution" shall mean any work of authorship, including
|
|
||||||
the original version of the Work and any modifications or additions
|
|
||||||
to that Work or Derivative Works thereof, that is intentionally
|
|
||||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
|
||||||
or by an individual or Legal Entity authorized to submit on behalf of
|
|
||||||
the copyright owner. For the purposes of this definition, "submitted"
|
|
||||||
means any form of electronic, verbal, or written communication sent
|
|
||||||
to the Licensor or its representatives, including but not limited to
|
|
||||||
communication on electronic mailing lists, source code control systems,
|
|
||||||
and issue tracking systems that are managed by, or on behalf of, the
|
|
||||||
Licensor for the purpose of discussing and improving the Work, but
|
|
||||||
excluding communication that is conspicuously marked or otherwise
|
|
||||||
designated in writing by the copyright owner as "Not a Contribution."
|
|
||||||
|
|
||||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
|
||||||
on behalf of whom a Contribution has been received by Licensor and
|
|
||||||
subsequently incorporated within the Work.
|
|
||||||
|
|
||||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
copyright license to reproduce, prepare Derivative Works of,
|
|
||||||
publicly display, publicly perform, sublicense, and distribute the
|
|
||||||
Work and such Derivative Works in Source or Object form.
|
|
||||||
|
|
||||||
3. Grant of Patent License. Subject to the terms and conditions of
|
|
||||||
this License, each Contributor hereby grants to You a perpetual,
|
|
||||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
||||||
(except as stated in this section) patent license to make, have made,
|
|
||||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
||||||
where such license applies only to those patent claims licensable
|
|
||||||
by such Contributor that are necessarily infringed by their
|
|
||||||
Contribution(s) alone or by combination of their Contribution(s)
|
|
||||||
with the Work to which such Contribution(s) was submitted. If You
|
|
||||||
institute patent litigation against any entity (including a
|
|
||||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
||||||
or a Contribution incorporated within the Work constitutes direct
|
|
||||||
or contributory patent infringement, then any patent licenses
|
|
||||||
granted to You under this License for that Work shall terminate
|
|
||||||
as of the date such litigation is filed.
|
|
||||||
|
|
||||||
4. Redistribution. You may reproduce and distribute copies of the
|
|
||||||
Work or Derivative Works thereof in any medium, with or without
|
|
||||||
modifications, and in Source or Object form, provided that You
|
|
||||||
meet the following conditions:
|
|
||||||
|
|
||||||
(a) You must give any other recipients of the Work or
|
|
||||||
Derivative Works a copy of this License; and
|
|
||||||
|
|
||||||
(b) You must cause any modified files to carry prominent notices
|
|
||||||
stating that You changed the files; and
|
|
||||||
|
|
||||||
(c) You must retain, in the Source form of any Derivative Works
|
|
||||||
that You distribute, all copyright, patent, trademark, and
|
|
||||||
attribution notices from the Source form of the Work,
|
|
||||||
excluding those notices that do not pertain to any part of
|
|
||||||
the Derivative Works; and
|
|
||||||
|
|
||||||
(d) If the Work includes a "NOTICE" text file as part of its
|
|
||||||
distribution, then any Derivative Works that You distribute must
|
|
||||||
include a readable copy of the attribution notices contained
|
|
||||||
within such NOTICE file, excluding those notices that do not
|
|
||||||
pertain to any part of the Derivative Works, in at least one
|
|
||||||
of the following places: within a NOTICE text file distributed
|
|
||||||
as part of the Derivative Works; within the Source form or
|
|
||||||
documentation, if provided along with the Derivative Works; or,
|
|
||||||
within a display generated by the Derivative Works, if and
|
|
||||||
wherever such third-party notices normally appear. The contents
|
|
||||||
of the NOTICE file are for informational purposes only and
|
|
||||||
do not modify the License. You may add Your own attribution
|
|
||||||
notices within Derivative Works that You distribute, alongside
|
|
||||||
or as an addendum to the NOTICE text from the Work, provided
|
|
||||||
that such additional attribution notices cannot be construed
|
|
||||||
as modifying the License.
|
|
||||||
|
|
||||||
You may add Your own copyright statement to Your modifications and
|
|
||||||
may provide additional or different license terms and conditions
|
|
||||||
for use, reproduction, or distribution of Your modifications, or
|
|
||||||
for any such Derivative Works as a whole, provided Your use,
|
|
||||||
reproduction, and distribution of the Work otherwise complies with
|
|
||||||
the conditions stated in this License.
|
|
||||||
|
|
||||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
||||||
any Contribution intentionally submitted for inclusion in the Work
|
|
||||||
by You to the Licensor shall be under the terms and conditions of
|
|
||||||
this License, without any additional terms or conditions.
|
|
||||||
Notwithstanding the above, nothing herein shall supersede or modify
|
|
||||||
the terms of any separate license agreement you may have executed
|
|
||||||
with Licensor regarding such Contributions.
|
|
||||||
|
|
||||||
6. Trademarks. This License does not grant permission to use the trade
|
|
||||||
names, trademarks, service marks, or product names of the Licensor,
|
|
||||||
except as required for reasonable and customary use in describing the
|
|
||||||
origin of the Work and reproducing the content of the NOTICE file.
|
|
||||||
|
|
||||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
||||||
agreed to in writing, Licensor provides the Work (and each
|
|
||||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
||||||
implied, including, without limitation, any warranties or conditions
|
|
||||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
||||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
||||||
appropriateness of using or redistributing the Work and assume any
|
|
||||||
risks associated with Your exercise of permissions under this License.
|
|
||||||
|
|
||||||
8. Limitation of Liability. In no event and under no legal theory,
|
|
||||||
whether in tort (including negligence), contract, or otherwise,
|
|
||||||
unless required by applicable law (such as deliberate and grossly
|
|
||||||
negligent acts) or agreed to in writing, shall any Contributor be
|
|
||||||
liable to You for damages, including any direct, indirect, special,
|
|
||||||
incidental, or consequential damages of any character arising as a
|
|
||||||
result of this License or out of the use or inability to use the
|
|
||||||
Work (including but not limited to damages for loss of goodwill,
|
|
||||||
work stoppage, computer failure or malfunction, or any and all
|
|
||||||
other commercial damages or losses), even if such Contributor
|
|
||||||
has been advised of the possibility of such damages.
|
|
||||||
|
|
||||||
9. Accepting Warranty or Additional Liability. While redistributing
|
|
||||||
the Work or Derivative Works thereof, You may choose to offer,
|
|
||||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
||||||
or other liability obligations and/or rights consistent with this
|
|
||||||
License. However, in accepting such obligations, You may act only
|
|
||||||
on Your own behalf and on Your sole responsibility, not on behalf
|
|
||||||
of any other Contributor, and only if You agree to indemnify,
|
|
||||||
defend, and hold each Contributor harmless for any liability
|
|
||||||
incurred by, or claims asserted against, such Contributor by reason
|
|
||||||
of your accepting any such warranty or additional liability.
|
|
||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
|
||||||
|
|
||||||
APPENDIX: How to apply the Apache License to your work.
|
|
||||||
|
|
||||||
To apply the Apache License to your work, attach the following
|
|
||||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
|
||||||
replaced with your own identifying information. (Don't include
|
|
||||||
the brackets!) The text should be enclosed in the appropriate
|
|
||||||
comment syntax for the file format. We also recommend that a
|
|
||||||
file or class name and description of purpose be included on the
|
|
||||||
same "printed page" as the copyright notice for easier
|
|
||||||
identification within third-party archives.
|
|
||||||
|
|
||||||
Copyright [yyyy] [name of copyright owner]
|
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
|
@ -1,6 +0,0 @@
|
||||||
The license source is:
|
|
||||||
|
|
||||||
https://github.com/openstack/puppet-nova/blob/stable/juno/LICENSE.
|
|
||||||
|
|
||||||
Similarly, the sources for puppet-nova_api_proxy come from that external
|
|
||||||
project.
|
|
|
@ -1,9 +0,0 @@
|
||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
|
|
||||||
MODULEDIR ?= /usr/share/puppet/modules
|
|
||||||
|
|
||||||
install:
|
|
||||||
install -d -m 0755 $(MODULEDIR)/nova_api_proxy
|
|
||||||
cp -R nova_api_proxy/ $(MODULEDIR)/
|
|
|
@ -1,37 +0,0 @@
|
||||||
#
|
|
||||||
# Files in this package are licensed under Apache; see LICENSE file.
|
|
||||||
#
|
|
||||||
# Copyright (c) 2015-2016 Wind River Systems, Inc.
|
|
||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# - Modify for integration
|
|
||||||
#
|
|
||||||
|
|
||||||
Puppet::Type.type(:proxy_paste_api_ini).provide(
|
|
||||||
:ini_setting,
|
|
||||||
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
|
|
||||||
) do
|
|
||||||
|
|
||||||
def section
|
|
||||||
resource[:name].split('/', 2).first
|
|
||||||
end
|
|
||||||
|
|
||||||
def setting
|
|
||||||
resource[:name].split('/', 2).last
|
|
||||||
end
|
|
||||||
|
|
||||||
def separator
|
|
||||||
'='
|
|
||||||
end
|
|
||||||
|
|
||||||
def self.file_path
|
|
||||||
'/etc/proxy/api-proxy-paste.ini'
|
|
||||||
end
|
|
||||||
|
|
||||||
# added for backwards compatibility with older versions of inifile
|
|
||||||
def file_path
|
|
||||||
self.class.file_path
|
|
||||||
end
|
|
||||||
|
|
||||||
end
|
|
|
@ -1,41 +0,0 @@
|
||||||
#
|
|
||||||
# Files in this package are licensed under Apache; see LICENSE file.
|
|
||||||
#
|
|
||||||
# Copyright (c) 2015-2016 Wind River Systems, Inc.
|
|
||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# - Modify for integration
|
|
||||||
#
|
|
||||||
|
|
||||||
Puppet::Type.type(:proxy_config).provide(
|
|
||||||
:ini_setting,
|
|
||||||
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
|
|
||||||
) do
|
|
||||||
|
|
||||||
# the setting is always default
|
|
||||||
# this if for backwards compat with the old puppet providers for nova_config
|
|
||||||
def section
|
|
||||||
resource[:name].split('/', 2)[0]
|
|
||||||
end
|
|
||||||
|
|
||||||
# assumes that the name was the setting
|
|
||||||
# this is to maintain backwards compat with the older stuff
|
|
||||||
def setting
|
|
||||||
resource[:name].split('/', 2)[1]
|
|
||||||
end
|
|
||||||
|
|
||||||
def separator
|
|
||||||
'='
|
|
||||||
end
|
|
||||||
|
|
||||||
def self.file_path
|
|
||||||
'/etc/proxy/nova-api-proxy.conf'
|
|
||||||
end
|
|
||||||
|
|
||||||
# added for backwards compatibility with older versions of inifile
|
|
||||||
def file_path
|
|
||||||
self.class.file_path
|
|
||||||
end
|
|
||||||
|
|
||||||
end
|
|
|
@ -1,52 +0,0 @@
|
||||||
#
|
|
||||||
# Files in this package are licensed under Apache; see LICENSE file.
|
|
||||||
#
|
|
||||||
# Copyright (c) 2015-2016 Wind River Systems, Inc.
|
|
||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# - Modify for integration
|
|
||||||
#
|
|
||||||
|
|
||||||
Puppet::Type.newtype(:proxy_api_paste_ini) do
|
|
||||||
|
|
||||||
ensurable
|
|
||||||
|
|
||||||
newparam(:name, :namevar => true) do
|
|
||||||
desc 'Section/setting name to manage from /etc/proxy/api-proxy-paste.ini'
|
|
||||||
newvalues(/\S+\/\S+/)
|
|
||||||
end
|
|
||||||
|
|
||||||
newproperty(:value) do
|
|
||||||
desc 'The value of the setting to be defined.'
|
|
||||||
munge do |value|
|
|
||||||
value = value.to_s.strip
|
|
||||||
value.capitalize! if value =~ /^(true|false)$/i
|
|
||||||
value
|
|
||||||
end
|
|
||||||
|
|
||||||
def is_to_s( currentvalue )
|
|
||||||
if resource.secret?
|
|
||||||
return '[old secret redacted]'
|
|
||||||
else
|
|
||||||
return currentvalue
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def should_to_s( newvalue )
|
|
||||||
if resource.secret?
|
|
||||||
return '[new secret redacted]'
|
|
||||||
else
|
|
||||||
return newvalue
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
newparam(:secret, :boolean => true) do
|
|
||||||
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
|
|
||||||
|
|
||||||
newvalues(:true, :false)
|
|
||||||
|
|
||||||
defaultto false
|
|
||||||
end
|
|
||||||
end
|
|
|
@ -1,52 +0,0 @@
|
||||||
#
|
|
||||||
# Files in this package are licensed under Apache; see LICENSE file.
|
|
||||||
#
|
|
||||||
# Copyright (c) 2015-2016 Wind River Systems, Inc.
|
|
||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# - Modify for integration
|
|
||||||
#
|
|
||||||
|
|
||||||
Puppet::Type.newtype(:proxy_config) do
|
|
||||||
|
|
||||||
ensurable
|
|
||||||
|
|
||||||
newparam(:name, :namevar => true) do
|
|
||||||
desc 'Section/setting name to manage from /etc/proxy/nova-api-proxy.conf'
|
|
||||||
newvalues(/\S+\/\S+/)
|
|
||||||
end
|
|
||||||
|
|
||||||
newproperty(:value) do
|
|
||||||
desc 'The value of the setting to be defined.'
|
|
||||||
munge do |value|
|
|
||||||
value = value.to_s.strip
|
|
||||||
value.capitalize! if value =~ /^(true|false)$/i
|
|
||||||
value
|
|
||||||
end
|
|
||||||
|
|
||||||
def is_to_s( currentvalue )
|
|
||||||
if resource.secret?
|
|
||||||
return '[old secret redacted]'
|
|
||||||
else
|
|
||||||
return currentvalue
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def should_to_s( newvalue )
|
|
||||||
if resource.secret?
|
|
||||||
return '[new secret redacted]'
|
|
||||||
else
|
|
||||||
return newvalue
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
newparam(:secret, :boolean => true) do
|
|
||||||
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
|
|
||||||
|
|
||||||
newvalues(:true, :false)
|
|
||||||
|
|
||||||
defaultto false
|
|
||||||
end
|
|
||||||
end
|
|
|
@ -1,142 +0,0 @@
|
||||||
#
|
|
||||||
# Files in this package are licensed under Apache; see LICENSE file.
|
|
||||||
#
|
|
||||||
# Copyright (c) 2015-2018 Wind River Systems, Inc.
|
|
||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# - Modify for integration
|
|
||||||
#
|
|
||||||
|
|
||||||
class nova_api_proxy::config (
|
|
||||||
$admin_password,
|
|
||||||
$enabled = false,
|
|
||||||
$ensure_package = 'present',
|
|
||||||
$auth_type = 'password',
|
|
||||||
$auth_strategy = 'keystone',
|
|
||||||
$auth_host = '127.0.0.1',
|
|
||||||
$auth_port = 5000,
|
|
||||||
$auth_protocol = 'http',
|
|
||||||
$auth_uri = false,
|
|
||||||
$auth_admin_prefix = false,
|
|
||||||
$auth_version = false,
|
|
||||||
$admin_tenant_name = 'services',
|
|
||||||
$admin_user = 'nova',
|
|
||||||
$osapi_proxy_listen = '0.0.0.0',
|
|
||||||
$osapi_compute_listen = '0.0.0.0',
|
|
||||||
$nfvi_compute_listen = '127.0.0.1',
|
|
||||||
$nfvi_compute_listen_port = 30003,
|
|
||||||
$use_ssl = false,
|
|
||||||
$ca_file = false,
|
|
||||||
$cert_file = false,
|
|
||||||
$key_file = false,
|
|
||||||
$identity_uri = undef,
|
|
||||||
$user_domain_name = 'Default',
|
|
||||||
$project_domain_name = 'Default',
|
|
||||||
$eventlet_pool_size = 128,
|
|
||||||
$use_syslog = false,
|
|
||||||
$log_facility = 'LOG_USER',
|
|
||||||
$use_stderr = false,
|
|
||||||
$log_file = 'nova-api-proxy.log',
|
|
||||||
$log_dir = '/var/log/nova',
|
|
||||||
) {
|
|
||||||
|
|
||||||
# SSL Options
|
|
||||||
if $use_ssl {
|
|
||||||
if !$cert_file {
|
|
||||||
fail('The cert_file parameter is required when use_ssl is set to true')
|
|
||||||
}
|
|
||||||
if !$key_file {
|
|
||||||
fail('The key_file parameter is required when use_ssl is set to true')
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
proxy_config {
|
|
||||||
'DEFAULT/auth_strategy': value => $auth_strategy;
|
|
||||||
'DEFAULT/osapi_proxy_listen': value => $osapi_proxy_listen;
|
|
||||||
'DEFAULT/osapi_compute_listen': value => $osapi_compute_listen;
|
|
||||||
'DEFAULT/nfvi_compute_listen': value => $nfvi_compute_listen;
|
|
||||||
'DEFAULT/nfvi_compute_listen_port': value => $nfvi_compute_listen_port;
|
|
||||||
'DEFAULT/pool_size': value => $eventlet_pool_size;
|
|
||||||
}
|
|
||||||
|
|
||||||
if $use_ssl {
|
|
||||||
proxy_config {
|
|
||||||
'DEFAULT/use_ssl' : value => $use_ssl;
|
|
||||||
'DEFAULT/ssl_cert_file' : value => $cert_file;
|
|
||||||
'DEFAULT/ssl_key_file' : value => $key_file;
|
|
||||||
}
|
|
||||||
if $ca_file {
|
|
||||||
proxy_config { 'DEFAULT/ssl_ca_file' :
|
|
||||||
value => $ca_file,
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
proxy_config { 'DEFAULT/ssl_ca_file' :
|
|
||||||
ensure => absent,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
proxy_config {
|
|
||||||
'DEFAULT/ssl_cert_file' : ensure => absent;
|
|
||||||
'DEFAULT/ssl_key_file' : ensure => absent;
|
|
||||||
'DEFAULT/ssl_ca_file' : ensure => absent;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if $use_syslog {
|
|
||||||
proxy_config {
|
|
||||||
'DEFAULT/use_syslog': value => true;
|
|
||||||
'DEFAULT/syslog_log_facility': value => $log_facility;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
proxy_config {
|
|
||||||
'DEFAULT/use_syslog': value => false;
|
|
||||||
'DEFAULT/use_stderr': value => false;
|
|
||||||
'DEFAULT/log_file' : value => $log_file;
|
|
||||||
'DEFAULT/log_dir' : value => $log_dir;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if $auth_uri {
|
|
||||||
$auth_uri_real = $auth_uri
|
|
||||||
} else {
|
|
||||||
$auth_uri_real = "${auth_protocol}://${auth_host}:5000/"
|
|
||||||
}
|
|
||||||
proxy_config { 'keystone_authtoken/auth_uri': value => $auth_uri_real; }
|
|
||||||
|
|
||||||
if $auth_version {
|
|
||||||
proxy_config { 'keystone_authtoken/auth_version': value => $auth_version; }
|
|
||||||
} else {
|
|
||||||
proxy_config { 'keystone_authtoken/auth_version': ensure => absent; }
|
|
||||||
}
|
|
||||||
|
|
||||||
if $identity_uri {
|
|
||||||
proxy_config { 'keystone_authtoken/auth_url': value => $identity_uri; }
|
|
||||||
}
|
|
||||||
|
|
||||||
proxy_config {
|
|
||||||
'keystone_authtoken/auth_type': value => $auth_type;
|
|
||||||
'keystone_authtoken/project_name': value => $admin_tenant_name;
|
|
||||||
'keystone_authtoken/username': value => $admin_user;
|
|
||||||
'keystone_authtoken/password': value => $admin_password, secret => true;
|
|
||||||
'keystone_authtoken/user_domain_name': value => $user_domain_name;
|
|
||||||
'keystone_authtoken/project_domain_name': value => $project_domain_name;
|
|
||||||
}
|
|
||||||
|
|
||||||
if $auth_admin_prefix {
|
|
||||||
validate_re($auth_admin_prefix, '^(/.+[^/])?$')
|
|
||||||
proxy_config {
|
|
||||||
'keystone_authtoken/auth_admin_prefix': value => $auth_admin_prefix;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
proxy_config {
|
|
||||||
'keystone_authtoken/auth_admin_prefix': ensure => absent;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if $enabled {
|
|
||||||
$ensure = 'running'
|
|
||||||
} else {
|
|
||||||
$ensure = 'stopped'
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,32 +0,0 @@
|
||||||
#
|
|
||||||
# Files in this package are licensed under Apache; see LICENSE file.
|
|
||||||
#
|
|
||||||
# Copyright (c) 2015-2016 Wind River Systems, Inc.
|
|
||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
# - Modify for integration
|
|
||||||
#
|
|
||||||
|
|
||||||
class nova_api_proxy (
|
|
||||||
) {
|
|
||||||
|
|
||||||
Package['nova-api-proxy'] -> Proxy_config<||>
|
|
||||||
Package['nova-api-proxy'] -> Proxy_api_paste_config<||>
|
|
||||||
|
|
||||||
# This anchor is used to simplify the graph between nfv components
|
|
||||||
# by allowing a resource to serve as a point where the configuration of
|
|
||||||
# nfv begins
|
|
||||||
anchor { 'proxy-start': }
|
|
||||||
|
|
||||||
package { 'nova_api_proxy':
|
|
||||||
name => 'nova-api-proxy',
|
|
||||||
require => Anchor['proxy-start'],
|
|
||||||
}
|
|
||||||
|
|
||||||
file { '/etc/proxy/nova-api-proxy.conf':
|
|
||||||
ensure => 'present',
|
|
||||||
require => Package['nova-api-proxy'],
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -447,8 +447,10 @@ class NovaPuppet(openstack.OpenstackBasePuppet):
|
||||||
def _get_storage_config(self, host):
|
def _get_storage_config(self, host):
|
||||||
pvs = self.dbapi.ipv_get_by_ihost(host.id)
|
pvs = self.dbapi.ipv_get_by_ihost(host.id)
|
||||||
|
|
||||||
|
# TODO(abailey) instance_backing is deprecated.
|
||||||
|
# local vs remote storage is now determined by a
|
||||||
|
# kubernetes label: common.LABEL_REMOTE_STORAGE
|
||||||
instance_backing = constants.LVG_NOVA_BACKING_IMAGE
|
instance_backing = constants.LVG_NOVA_BACKING_IMAGE
|
||||||
concurrent_disk_operations = constants.LVG_NOVA_PARAM_DISK_OPS_DEFAULT
|
|
||||||
|
|
||||||
final_pvs = []
|
final_pvs = []
|
||||||
adding_pvs = []
|
adding_pvs = []
|
||||||
|
@ -480,20 +482,16 @@ class NovaPuppet(openstack.OpenstackBasePuppet):
|
||||||
|
|
||||||
instance_backing = lvg.capabilities.get(
|
instance_backing = lvg.capabilities.get(
|
||||||
constants.LVG_NOVA_PARAM_BACKING)
|
constants.LVG_NOVA_PARAM_BACKING)
|
||||||
concurrent_disk_operations = lvg.capabilities.get(
|
|
||||||
constants.LVG_NOVA_PARAM_DISK_OPS)
|
|
||||||
|
|
||||||
global_filter, update_filter = self._get_lvm_global_filter(host)
|
global_filter, update_filter = self._get_lvm_global_filter(host)
|
||||||
|
|
||||||
values = {
|
values = {
|
||||||
'openstack::nova::storage::final_pvs': final_pvs,
|
'platform::worker::storage::final_pvs': final_pvs,
|
||||||
'openstack::nova::storage::adding_pvs': adding_pvs,
|
'platform::worker::storage::adding_pvs': adding_pvs,
|
||||||
'openstack::nova::storage::removing_pvs': removing_pvs,
|
'platform::worker::storage::removing_pvs': removing_pvs,
|
||||||
'openstack::nova::storage::lvm_global_filter': global_filter,
|
'platform::worker::storage::lvm_global_filter': global_filter,
|
||||||
'openstack::nova::storage::lvm_update_filter': update_filter,
|
'platform::worker::storage::lvm_update_filter': update_filter,
|
||||||
'openstack::nova::storage::instance_backing': instance_backing,
|
'platform::worker::storage::instance_backing': instance_backing}
|
||||||
'openstack::nova::storage::concurrent_disk_operations':
|
|
||||||
concurrent_disk_operations, }
|
|
||||||
|
|
||||||
# If NOVA is a service on a ceph-external backend, use the ephemeral_pool
|
# If NOVA is a service on a ceph-external backend, use the ephemeral_pool
|
||||||
# and ceph_conf file that are stored in that DB entry.
|
# and ceph_conf file that are stored in that DB entry.
|
||||||
|
|
Loading…
Reference in New Issue