From cbecbf7f0bec6ce6ba672b8ef949d3c4fc7800c0 Mon Sep 17 00:00:00 2001 From: Al Bailey Date: Tue, 5 Mar 2019 13:03:04 -0600 Subject: [PATCH] Update manifests to remove unused openstack components Cleanup unwanted openstack setup on bare metal. Preparing the manifests to have the services removed from SM. Bypass setting up openstack services on controller, worker and storage. Cleanup haproxy ports for services that will not be running on bare metal. Cleanup upgrade, remote logging, postgres, and anything else related to openstack services that no longer run on bare metal. Remove all manifests and templates that are no longer being used. Strip out any static hiera data that is no longer needed. Story: 2004764 Task: 29850 Depends-On: Ice10fe6da6b34f1d9206f26e112eb555e2088932 Depends-On: I3c1cc8673be5cf6ab15f9158199bc24fccb44f17 Depends-On: Ie43cf11ebf1edcf3a8bb357205c4c59d2962b4fa Change-Id: I2be8e9ab418835125ff433d06d2930df37534501 Signed-off-by: Al Bailey --- .../scripts/finish_install_clone.sh | 6 +- .../src/hieradata/controller.yaml | 333 -------- puppet-manifests/src/hieradata/global.yaml | 62 -- puppet-manifests/src/hieradata/storage.yaml | 6 - puppet-manifests/src/hieradata/worker.yaml | 63 -- puppet-manifests/src/manifests/bootstrap.pp | 2 - puppet-manifests/src/manifests/controller.pp | 40 - puppet-manifests/src/manifests/storage.pp | 2 - puppet-manifests/src/manifests/upgrade.pp | 4 - puppet-manifests/src/manifests/worker.pp | 10 - .../src/modules/openstack/manifests/aodh.pp | 119 --- .../modules/openstack/manifests/ceilometer.pp | 263 ------ .../src/modules/openstack/manifests/cinder.pp | 803 ------------------ .../src/modules/openstack/manifests/client.pp | 43 - .../src/modules/openstack/manifests/glance.pp | 209 ----- .../modules/openstack/manifests/gnocchi.pp | 122 --- .../src/modules/openstack/manifests/heat.pp | 237 ------ .../modules/openstack/manifests/horizon.pp | 14 - .../src/modules/openstack/manifests/ironic.pp | 176 ---- .../modules/openstack/manifests/keystone.pp | 52 +- .../src/modules/openstack/manifests/magnum.pp | 85 -- .../src/modules/openstack/manifests/murano.pp | 288 ------- .../modules/openstack/manifests/neutron.pp | 332 -------- .../src/modules/openstack/manifests/panko.pp | 117 --- .../openstack/templates/aodh-api.conf.erb | 1 - .../templates/ceilometer-api.conf.erb | 2 - .../openstack/templates/gnocchi-api.conf.erb | 3 - .../templates/gnocchi_resources.yaml.erb | 392 --------- .../openstack/templates/horizon-params.erb | 3 - .../templates/keystone-policy.json.erb | 19 +- .../templates/murano-rabbitmq-env.conf.erb | 4 - .../templates/murano-rabbitmq.config.erb | 18 - .../templates/murano-rabbitmq.config.ssl.erb | 30 - .../openstack/templates/openrc.admin.erb | 24 - .../openstack/templates/openrc.ldap.erb | 12 - .../openstack/templates/panko-api.conf.erb | 3 - .../openstack/templates/pipeline.yaml.erb | 106 --- .../openstack/templates/polling.yaml.erb | 68 -- .../src/modules/platform/manifests/client.pp | 5 + .../src/modules/platform/manifests/compute.pp | 1 - .../src/modules/platform/manifests/dcorch.pp | 20 +- .../src/modules/platform/manifests/dns.pp | 15 - .../src/modules/platform/manifests/drbd.pp | 15 +- .../modules/platform/manifests/filesystem.pp | 4 - .../src/modules/platform/manifests/haproxy.pp | 9 - .../src/modules/platform/manifests/mtce.pp | 3 - .../modules/platform/manifests/postgresql.pp | 13 - .../src/modules/platform/manifests/sm.pp | 695 +++------------ .../platform/templates/dnsmasq.conf.erb | 6 - .../platform/templates/remotelogging.conf.erb | 36 - 50 files changed, 164 insertions(+), 4731 deletions(-) delete mode 100644 puppet-manifests/src/modules/openstack/manifests/aodh.pp delete mode 100644 puppet-manifests/src/modules/openstack/manifests/ceilometer.pp delete mode 100644 puppet-manifests/src/modules/openstack/manifests/cinder.pp delete mode 100644 puppet-manifests/src/modules/openstack/manifests/client.pp delete mode 100644 puppet-manifests/src/modules/openstack/manifests/glance.pp delete mode 100644 puppet-manifests/src/modules/openstack/manifests/gnocchi.pp delete mode 100644 puppet-manifests/src/modules/openstack/manifests/heat.pp delete mode 100644 puppet-manifests/src/modules/openstack/manifests/ironic.pp delete mode 100644 puppet-manifests/src/modules/openstack/manifests/magnum.pp delete mode 100644 puppet-manifests/src/modules/openstack/manifests/murano.pp delete mode 100644 puppet-manifests/src/modules/openstack/manifests/neutron.pp delete mode 100644 puppet-manifests/src/modules/openstack/manifests/panko.pp delete mode 100644 puppet-manifests/src/modules/openstack/templates/aodh-api.conf.erb delete mode 100644 puppet-manifests/src/modules/openstack/templates/ceilometer-api.conf.erb delete mode 100644 puppet-manifests/src/modules/openstack/templates/gnocchi-api.conf.erb delete mode 100644 puppet-manifests/src/modules/openstack/templates/gnocchi_resources.yaml.erb delete mode 100644 puppet-manifests/src/modules/openstack/templates/murano-rabbitmq-env.conf.erb delete mode 100644 puppet-manifests/src/modules/openstack/templates/murano-rabbitmq.config.erb delete mode 100644 puppet-manifests/src/modules/openstack/templates/murano-rabbitmq.config.ssl.erb delete mode 100644 puppet-manifests/src/modules/openstack/templates/openrc.admin.erb delete mode 100644 puppet-manifests/src/modules/openstack/templates/openrc.ldap.erb delete mode 100644 puppet-manifests/src/modules/openstack/templates/panko-api.conf.erb delete mode 100644 puppet-manifests/src/modules/openstack/templates/pipeline.yaml.erb delete mode 100644 puppet-manifests/src/modules/openstack/templates/polling.yaml.erb diff --git a/controllerconfig/controllerconfig/scripts/finish_install_clone.sh b/controllerconfig/controllerconfig/scripts/finish_install_clone.sh index 5dd18fa3b0..e544083ff7 100644 --- a/controllerconfig/controllerconfig/scripts/finish_install_clone.sh +++ b/controllerconfig/controllerconfig/scripts/finish_install_clone.sh @@ -7,9 +7,9 @@ # ######################################################################## -NOVAOPENRC="/etc/nova/openrc" -if [ -e ${NOVAOPENRC} ] ; then - source ${NOVAOPENRC} &>/dev/null +PLATFORMOPENRC="/etc/platform/openrc" +if [ -e ${PLATFORMOPENRC} ] ; then + source ${PLATFORMOPENRC} &>/dev/null else echo "Admin credentials not found" exit diff --git a/puppet-manifests/src/hieradata/controller.yaml b/puppet-manifests/src/hieradata/controller.yaml index ef0ab3bf11..1131b15a82 100644 --- a/puppet-manifests/src/hieradata/controller.yaml +++ b/puppet-manifests/src/hieradata/controller.yaml @@ -193,339 +193,6 @@ keystone::roles::admin::admin_tenant: 'admin' platform::client::params::identity_auth_url: 'http://localhost:5000/v3' -# glance -glance::api::enabled: false -glance::api::pipeline: 'keystone' -glance::api::database_max_pool_size: 1 -glance::api::database_max_overflow: 10 -glance::api::verbose: false -glance::api::debug: false -glance::api::use_syslog: true -glance::api::log_facility: 'local2' -glance::api::log_file: '/dev/null' -glance::api::multi_store: true -glance::api::cinder_catalog_info: 'volume:cinder:internalURL' -glance::api::graceful_shutdown: true -glance::api::enable_proxy_headers_parsing: true -glance::api::image_cache_dir: '/opt/cgcs/glance/image-cache' -glance::api::cache_raw_conversion_dir: '/opt/img-conversions/glance' -glance::api::scrubber_datadir: '/opt/cgcs/glance/scrubber' - -glance::registry::enabled: false -glance::registry::database_max_pool_size: 1 -glance::registry::database_max_overflow: 10 -glance::registry::verbose: false -glance::registry::debug: false -glance::registry::use_syslog: true -glance::registry::log_facility: 'local2' -glance::registry::log_file: '/dev/null' -glance::registry::graceful_shutdown: true - -glance::backend::rbd::multi_store: true -glance::backend::rbd::rbd_store_user: glance - -glance::backend::file::multi_store: true -glance::backend::file::filesystem_store_datadir: '/opt/cgcs/glance/images/' - -glance::notify::rabbitmq::notification_driver: 'messagingv2' - -# nova -nova::conductor::enabled: false -nova::scheduler::enabled: false -nova::consoleauth::enabled: false -nova::vncproxy::enabled: false -nova::serialproxy::enabled: false - -nova::scheduler::filter::ram_weight_multiplier: 0.0 -nova::scheduler::filter::disk_weight_multiplier: 0.0 -nova::scheduler::filter::io_ops_weight_multiplier: -5.0 -nova::scheduler::filter::pci_weight_multiplier: 0.0 -nova::scheduler::filter::soft_affinity_weight_multiplier: 0.0 -nova::scheduler::filter::soft_anti_affinity_weight_multiplier: 0.0 - -nova::cron::archive_deleted_rows::hour: '*/12' -nova::cron::archive_deleted_rows::destination: '/dev/null' - -nova::api::enabled: false -nova::api::enable_proxy_headers_parsing: true -# nova-api runs on an internal 18774 port and api proxy runs on 8774 -nova::api::osapi_compute_listen_port: 18774 -nova::api::allow_resize_to_same_host: true - -nova::network::neutron::default_floating_pool: 'public' - -nova_api_proxy::config::enabled: false -nova_api_proxy::config::eventlet_pool_size: 256 -nova_api_proxy::config::use_syslog: true -nova_api_proxy::config::log_facility: 'local5' - - -# this will trigger simple_setup for cell_v2 -nova::db::sync_api::cellv2_setup: true - -# neutron - -neutron::server::enabled: false -neutron::server::database_idle_timeout: 60 -neutron::server::database_max_pool_size: 1 -neutron::server::database_max_overflow: 64 -neutron::server::enable_proxy_headers_parsing: true -neutron::server::network_scheduler_driver: 'neutron.scheduler.dhcp_host_agent_scheduler.HostBasedScheduler' -neutron::server::router_scheduler_driver: 'neutron.scheduler.l3_host_agent_scheduler.HostBasedScheduler' - -neutron::server::notifications::endpoint_type: 'internal' - -neutron::plugins::ml2::type_drivers: - - managed_flat - - managed_vlan - - managed_vxlan -neutron::plugins::ml2::tenant_network_types: - - vlan - - vxlan -neutron::plugins::ml2::mechanism_drivers: - - openvswitch - - sriovnicswitch - - l2population -neutron::plugins::ml2::enable_security_group: true -neutron::plugins::ml2::ensure_default_security_group: false -neutron::plugins::ml2::notify_interval: 10 -neutron::plugins::ml2::firewall_driver: 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' - -neutron::bgp::bgp_speaker_driver: 'neutron_dynamic_routing.services.bgp.agent.driver.ryu.driver.RyuBgpDriver' - -neutron::services::bgpvpn::service_providers: - - 'BGPVPN:DynamicRoutingBGPVPNDriver:networking_bgpvpn.neutron.services.service_drivers.neutron_dynamic_routing.dr.DynamicRoutingBGPVPNDriver:default' - - -# ceilometer -ceilometer::agent::auth::auth_endpoint_type: 'internalURL' -ceilometer::agent::notification::enabled: false -ceilometer::agent::notification::disable_non_metric_meters: false -ceilometer::agent::notification::manage_event_pipeline: true -ceilometer::agent::notification::event_pipeline_publishers: ['gnocchi://', 'direct://?dispatcher=panko'] - -ceilometer::agent::polling::central_namespace: true -ceilometer::agent::polling::compute_namespace: false -ceilometer::agent::polling::ipmi_namespace: true - -# Do not create endpoints for ceilometer as ceilometer-api is removed -ceilometer::keystone::auth::configure_endpoint: false - - -# gnocchi -gnocchi::api::service_name: 'openstack-gnocchi-api' -gnocchi::api::enable_proxy_headers_parsing: true -gnocchi::metricd::enabled: false -gnocchi::storage::file::file_basepath: '/opt/gnocchi' -gnocchi::db::sync::user: 'root' - - -# aodh -aodh::use_syslog: true -aodh::log_facility: 'local2' -aodh::database_idle_timeout: 60 -aodh::database_max_pool_size: 1 -aodh::database_max_overflow: 10 -aodh::alarm_history_time_to_live: 86400 - -aodh::auth::auth_endpoint_type: 'internalURL' - -aodh::db::sync::user: 'root' - -aodh::api::enabled: false -aodh::api::service_name: 'openstack-aodh-api' -aodh::api::enable_proxy_headers_parsing: true - -aodh::notifier::enabled: false -aodh::evaluator::enabled: false -aodh::listener::enabled: false - -# panko -openstack::panko::params::event_time_to_live: 86400 - -panko::api::enabled: false -panko::api::service_name: 'openstack-panko-api' -panko::api::enable_proxy_headers_parsing: true - -panko::db::database_idle_timeout: 60 -panko::db::database_max_pool_size: 1 -panko::db::database_max_overflow: 10 - -panko::logging::use_syslog: true -panko::logging::syslog_log_facility: 'local2' - -# cinder -cinder::use_syslog: true -cinder::log_facility: 'local2' -cinder::database_idle_timeout: 60 -cinder::database_max_pool_size: 1 -cinder::database_max_overflow: 50 -cinder::rpc_response_timeout: 180 -cinder::backend_host: 'controller' -cinder::image_conversion_dir: '/opt/img-conversions/cinder' - -cinder::api::nova_interface: 'internal' -cinder::api::enable_proxy_headers_parsing: true - -cinder::ceilometer::notification_driver: 'messaging' - -cinder::scheduler::enabled: false -cinder::volume::enabled: false - -cinder::backup::posix::backup_posix_path: '/opt/backups' - -# backup_file_size should be below 500MB to allow multiple backups -# to run in parallel and not consume all RAM. -# backup_file_size must be a multiple of backup_sha_block_size_bytes -# which has a default value of 32768 bytes. -cinder::backup::posix::backup_file_size: 499974144 - -cinder::policy::policies: - enable_consistencygroup_create: - key: 'consistencygroup:create' - value: '' - enable_consistencygroup_delete: - key: 'consistencygroup:delete' - value: '' - enable_consistencygroup_update: - key: 'consistencygroup:update' - value: '' - enable_consistencygroup_get: - key: 'consistencygroup:get' - value: '' - enable_consistencygroup_get_all: - key: 'consistencygroup:get_all' - value: '' - enable_consistencygroup_create_cgsnapshot: - key: 'consistencygroup:create_cgsnapshot' - value: '' - enable_consistencygroup_delete_cgsnapshot: - key: 'consistencygroup:delete_cgsnapshot' - value: '' - enable_consistencygroup_get_cgsnapshot: - key: 'consistencygroup:get_cgsnapshot' - value: '' - enable_consistencygroup_get_all_cgsnapshots: - key: 'consistencygroup:get_all_cgsnapshots' - value: '' - enable_snapshot_export_attributes: - key: 'volume_extension:snapshot_export_attributes' - value: 'rule:admin_or_owner' - enable_snapshot_backup_status_attribute: - key: 'volume_extension:snapshot_backup_status_attribute' - value: 'rule:admin_or_owner' - -# heat -heat::use_syslog: true -heat::log_facility: 'local6' -heat::database_idle_timeout: 60 -heat::database_max_pool_size: 1 -heat::database_max_overflow: 15 -heat::enable_proxy_headers_parsing: true -heat::heat_clients_insecure: true - -heat::api::enabled: false -heat::api_cfn::enabled: false -heat::api_cloudwatch::enabled: false - -heat::engine::enabled: false -heat::engine::deferred_auth_method: 'trusts' -# trusts_delegated_roles is set to empty list so all users can use heat -heat::engine::trusts_delegated_roles: [] -heat::engine::action_retry_limit: 1 -heat::engine::max_resources_per_stack: -1 -heat::engine::convergence_engine: false - -heat::keystone::domain::domain_name: 'heat' - -heat::keystone::auth_cfn::configure_user: false -heat::keystone::auth_cfn::configure_user_role: false - -# Murano -murano::db::postgresql::encoding: 'UTF8' -murano::use_syslog: true -murano::log_facility: 'local2' -murano::debug: 'False' -murano::engine::manage_service: true -murano::engine::enabled: false -openstack::murano::params::tcp_listen_options: '[binary, - {packet,raw}, - {reuseaddr,true}, - {backlog,128}, - {nodelay,true}, - {linger,{true,0}}, - {exit_on_close,false}, - {keepalive,true}]' -openstack::murano::params::rabbit_tcp_listen_options: - '[binary, - {packet, raw}, - {reuseaddr, true}, - {backlog, 128}, - {nodelay, true}, - {linger, {true, 0}}, - {exit_on_close, false}]' - -# SSL parameters -# this cipher list is taken from any cipher that is supported by rabbitmq and -# is currently in either lighttpd or haproxy's cipher lists -# constructed on 2017-04-05 -openstack::murano::params::rabbit_cipher_list: ["AES128-GCM-SHA256", - "AES128-SHA", - "AES128-SHA256", - "AES256-GCM-SHA384", - "AES256-SHA", - "AES256-SHA256", - "DHE-DSS-AES128-GCM-SHA256", - "DHE-DSS-AES128-SHA256", - "DHE-DSS-AES256-GCM-SHA384", - "DHE-DSS-AES256-SHA256", - "DHE-RSA-AES128-GCM-SHA256", - "DHE-RSA-AES128-SHA256", - "DHE-RSA-AES256-GCM-SHA384", - "DHE-RSA-AES256-SHA256", - "ECDH-ECDSA-AES128-GCM-SHA256", - "ECDH-ECDSA-AES128-SHA256", - "ECDH-ECDSA-AES256-GCM-SHA384", - "ECDH-ECDSA-AES256-SHA384", - "ECDHE-ECDSA-AES128-GCM-SHA256", - "ECDHE-ECDSA-AES128-SHA256", - "ECDHE-ECDSA-AES256-GCM-SHA384", - "ECDHE-ECDSA-AES256-SHA384", - "ECDHE-RSA-AES128-GCM-SHA256", - "ECDHE-RSA-AES128-SHA", - "ECDHE-RSA-AES128-SHA256", - "ECDHE-RSA-AES256-GCM-SHA384", - "ECDHE-RSA-AES256-SHA", - "ECDHE-RSA-AES256-SHA384", - "ECDH-RSA-AES128-GCM-SHA256", - "ECDH-RSA-AES128-SHA256", - "ECDH-RSA-AES256-GCM-SHA384", - "ECDH-RSA-AES256-SHA384"] - -# Magnum -magnum::logging::use_syslog: true -magnum::logging::log_facility: 'local2' -magnum::logging::debug: 'False' -magnum::db::postgresql::encoding: 'UTF8' -magnum::notification_driver: 'messagingv2' -magnum::conductor::enabled: false -magnum::password_symbols: '23456789,ABCDEFGHJKLMNPQRSTUVWXYZ,abcdefghijkmnopqrstuvwxyz,!@#$%^&*()<>{}+' -magnum::certificates::cert_manager_type: 'x509keypair' -magnum::clients::endpoint_type: 'internalURL' - -# Ironic -ironic::use_syslog: true -ironic::logging::log_facility: 'local2' -ironic::db::postgresql::encoding: 'UTF8' -ironic::logging::debug: false -ironic::api::enabled: false -ironic::conductor::enabled: false -ironic::conductor::enabled_drivers: ['pxe_ipmitool', 'pxe_ipmitool_socat'] -ironic::conductor::automated_clean: true -ironic::conductor::default_boot_option: 'local' -ironic::drivers::pxe::images_path: '/opt/img-conversions/ironic/images/' -ironic::drivers::pxe::instance_master_path: '/opt/img-conversions/ironic/master_images' - # Dcorch dcorch::use_syslog: true dcorch::log_facility: 'local2' diff --git a/puppet-manifests/src/hieradata/global.yaml b/puppet-manifests/src/hieradata/global.yaml index 75ebebe1ba..5572bfa500 100644 --- a/puppet-manifests/src/hieradata/global.yaml +++ b/puppet-manifests/src/hieradata/global.yaml @@ -24,68 +24,6 @@ sysinv::verbose: true sysinv::log_facility: 'local6' -# neutron -neutron::state_path: '/var/run/neutron' -neutron::lock_path: '/var/run/neutron/lock' -neutron::root_helper: 'sudo' -neutron::host_driver: 'neutron.plugins.wrs.drivers.host.DefaultHostDriver' -neutron::fm_driver: 'neutron.plugins.wrs.drivers.fm.DefaultFmDriver' - -neutron::logging::use_syslog: true -neutron::logging::syslog_log_facility: 'local2' -neutron::logging::log_dir: false -neutron::logging::verbose: false -neutron::logging::debug: false - -neutron::core_plugin: 'neutron.plugins.ml2.plugin.Ml2Plugin' -neutron::service_plugins: - - 'router' -neutron::allow_overlapping_ips: true -neutron::vlan_transparent: true -neutron::pnet_audit_enabled: false - -neutron::verbose: false -neutron::log_dir: false -neutron::use_syslog: true -neutron::notification_driver: ['messagingv2'] -neutron::dns_domain: 'openstacklocal' - - -# nova -nova::use_syslog: true -nova::debug: false -nova::log_facility: 'local6' -nova::notification_driver: 'messagingv2' -nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL' -nova::notify_on_state_change: 'vm_and_task_state' - -nova::database_idle_timeout: 60 -nova::database_max_pool_size: 1 -nova::database_max_overflow: 64 - - -# Set number of block device allocate retries and interval -# for volume create when VM boots and creates a new volume. -# The total block allocate retries time is set to 2 hours -# to satisfy the volume allocation time on slow RPM disks -# which may take 1 hour and a half per volume when several -# volumes are created in parallel. -nova::block_device_allocate_retries: 2400 -nova::block_device_allocate_retries_interval: 3 - -nova::disk_allocation_ratio: 1.0 -nova::cpu_allocation_ratio: 16.0 -nova::ram_allocation_ratio: 1.0 - -# require Nova Placement to use the internal endpoint only -nova::placement::os_interface: 'internal' - - -# ceilometer -ceilometer::telemetry_secret: '' -ceilometer::use_syslog: true -ceilometer::log_facility: 'local2' - # collectd: configuration platform::collectd::params::interval: 30 platform::collectd::params::timeout: 2 diff --git a/puppet-manifests/src/hieradata/storage.yaml b/puppet-manifests/src/hieradata/storage.yaml index 527f343447..02dedc3e69 100644 --- a/puppet-manifests/src/hieradata/storage.yaml +++ b/puppet-manifests/src/hieradata/storage.yaml @@ -1,8 +1,2 @@ # storage specific configuration data --- - -# ceilometer -ceilometer::agent::auth::auth_endpoint_type: 'internalURL' -ceilometer::agent::polling::central_namespace: false -ceilometer::agent::polling::compute_namespace: false -ceilometer::agent::polling::ipmi_namespace: true diff --git a/puppet-manifests/src/hieradata/worker.yaml b/puppet-manifests/src/hieradata/worker.yaml index f1945232a3..0e8669ac05 100644 --- a/puppet-manifests/src/hieradata/worker.yaml +++ b/puppet-manifests/src/hieradata/worker.yaml @@ -3,66 +3,3 @@ # vswitch vswitch::dpdk::memory_channels: 4 - - -# neutron -neutron::agents::dhcp::interface_driver: 'openvswitch' -neutron::agents::dhcp::enable_isolated_metadata: true -neutron::agents::dhcp::state_path: '/var/run/neutron' -neutron::agents::dhcp::root_helper: 'sudo' - -neutron::agents::l3::interface_driver: 'openvswitch' -neutron::agents::l3::metadata_port: 80 -neutron::agents::l3::agent_mode: 'dvr_snat' - -neutron::agents::ml2::ovs::manage_vswitch: false -neutron::agents::ml2::ovs::datapath_type: 'netdev' -neutron::agents::ml2::ovs::vhostuser_socket_dir: '/var/run/openvswitch' -neutron::agents::ml2::ovs::firewall_driver: 'noop' - -neutron::agents::ml2::sriov::manage_service: true -neutron::agents::ml2::sriov::polling_interval: 5 - - -# nova -nova::compute::manage_service: false -nova::compute::config_drive_format: 'iso9660' -nova::compute::instance_usage_audit: true -nova::compute::instance_usage_audit_period: 'hour' -nova::compute::allow_resize_to_same_host: true -nova::compute::force_raw_images: false -nova::compute::reserved_host_memory: 0 -# We want to start up instances on bootup -nova::compute::resume_guests_state_on_host_boot: true - -nova::compute::libvirt::compute_driver: 'libvirt.LibvirtDriver' -nova::compute::libvirt::migration_support: true -nova::compute::libvirt::libvirt_cpu_mode: 'none' -nova::compute::libvirt::live_migration_downtime: 500 -nova::compute::libvirt::live_migration_downtime_steps: 10 -nova::compute::libvirt::live_migration_downtime_delay: 75 -nova::compute::libvirt::live_migration_completion_timeout: 180 -nova::compute::libvirt::live_migration_progress_timeout: 0 -nova::compute::libvirt::mem_stats_period_seconds: 0 -nova::compute::libvirt::remove_unused_base_images: true -nova::compute::libvirt::remove_unused_resized_minimum_age_seconds: 86400 -nova::compute::libvirt::remove_unused_original_minimum_age_seconds: 3600 -nova::compute::libvirt::live_migration_flag: "VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE, VIR_MIGRATE_TUNNELLED" - -nova::network::neutron::neutron_username: 'neutron' -nova::network::neutron::neutron_project_name: 'services' -nova::network::neutron::neutron_user_domain_name: 'Default' -nova::network::neutron::neutron_project_domain_name: 'Default' -nova::network::neutron::neutron_region_name: RegionOne - -nova::compute::neutron::libvirt_vif_driver: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' - -openstack::nova::compute::compute_monitors: "cpu.virt_driver" - - -# ceilometer -ceilometer::agent::auth::auth_endpoint_type: 'internalURL' -ceilometer::agent::polling::central_namespace: false -ceilometer::agent::polling::compute_namespace: true -ceilometer::agent::polling::instance_discovery_method: 'workload_partitioning' -ceilometer::agent::polling::ipmi_namespace: true diff --git a/puppet-manifests/src/manifests/bootstrap.pp b/puppet-manifests/src/manifests/bootstrap.pp index 7c1103b620..566a3c9e56 100644 --- a/puppet-manifests/src/manifests/bootstrap.pp +++ b/puppet-manifests/src/manifests/bootstrap.pp @@ -17,7 +17,5 @@ include ::platform::amqp::bootstrap include ::openstack::keystone::bootstrap include ::openstack::barbican::bootstrap include ::platform::client::bootstrap -include ::openstack::client::bootstrap - include ::platform::sysinv::bootstrap diff --git a/puppet-manifests/src/manifests/controller.pp b/puppet-manifests/src/manifests/controller.pp index ad2b80e3c5..9359dcf832 100644 --- a/puppet-manifests/src/manifests/controller.pp +++ b/puppet-manifests/src/manifests/controller.pp @@ -75,51 +75,11 @@ include ::platform::fm::api include ::platform::multipath include ::platform::client -include ::openstack::client include ::openstack::keystone include ::openstack::keystone::api -include ::openstack::glance -include ::openstack::glance::api - -include ::openstack::cinder -include ::openstack::cinder::api - -include ::openstack::neutron -include ::openstack::neutron::api -include ::openstack::neutron::server - -include ::openstack::nova -include ::openstack::nova::api -include ::openstack::nova::network -include ::openstack::nova::controller -include ::openstack::nova::placement - -include ::openstack::gnocchi -include ::openstack::gnocchi::api -include ::openstack::gnocchi::metricd - -include ::openstack::ceilometer -include ::openstack::ceilometer::agent::notification -include ::openstack::ceilometer::polling - -include ::openstack::panko -include ::openstack::panko::api - -include ::openstack::heat -include ::openstack::heat::api - include ::openstack::horizon -include ::openstack::murano -include ::openstack::murano::api - -include ::openstack::magnum -include ::openstack::magnum::api - -include ::openstack::ironic -include ::openstack::ironic::api - include ::platform::dcmanager include ::platform::dcmanager::manager diff --git a/puppet-manifests/src/manifests/storage.pp b/puppet-manifests/src/manifests/storage.pp index fde2af783e..297731e284 100644 --- a/puppet-manifests/src/manifests/storage.pp +++ b/puppet-manifests/src/manifests/storage.pp @@ -29,8 +29,6 @@ include ::platform::collectd include ::platform::filesystem::storage include ::platform::docker include ::platform::ceph::storage -include ::openstack::ceilometer -include ::openstack::ceilometer::polling class { '::platform::config::storage::post': stage => post, diff --git a/puppet-manifests/src/manifests/upgrade.pp b/puppet-manifests/src/manifests/upgrade.pp index 78d08e3c37..e0a7b24826 100644 --- a/puppet-manifests/src/manifests/upgrade.pp +++ b/puppet-manifests/src/manifests/upgrade.pp @@ -17,7 +17,3 @@ include ::platform::amqp::upgrade include ::openstack::keystone::upgrade include ::platform::client::upgrade -include ::openstack::client::upgrade - -include ::openstack::murano::upgrade -include ::openstack::ironic::upgrade diff --git a/puppet-manifests/src/manifests/worker.pp b/puppet-manifests/src/manifests/worker.pp index 84fb8a6595..f3f95388af 100644 --- a/puppet-manifests/src/manifests/worker.pp +++ b/puppet-manifests/src/manifests/worker.pp @@ -36,17 +36,7 @@ include ::platform::kubernetes::worker include ::platform::multipath include ::platform::client include ::platform::ceph::worker -include ::openstack::client -include ::openstack::neutron -include ::openstack::neutron::agents -include ::openstack::nova -include ::openstack::nova::compute -include ::openstack::nova::compute::pci include ::openstack::nova::storage -include ::openstack::nova::network -include ::openstack::nova::placement -include ::openstack::ceilometer -include ::openstack::ceilometer::polling class { '::platform::config::worker::post': stage => post, diff --git a/puppet-manifests/src/modules/openstack/manifests/aodh.pp b/puppet-manifests/src/modules/openstack/manifests/aodh.pp deleted file mode 100644 index b07964fd9a..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/aodh.pp +++ /dev/null @@ -1,119 +0,0 @@ -class openstack::aodh::params ( - $api_port = 8042, - $region_name = undef, - $service_name = 'openstack-aodh', - $service_create = false, - $service_enabled = true, -) { } - - -class openstack::aodh - inherits ::openstack::aodh::params { - - if $service_enabled { - - include ::platform::params - include ::platform::amqp::params - - include ::aodh::auth - include ::aodh::client - include ::aodh::evaluator - include ::aodh::notifier - include ::aodh::listener - include ::aodh::keystone::authtoken - - if $::platform::params::init_database { - include ::aodh::db::postgresql - } - - aodh_config { - 'service_credentials/interface': value => 'internalURL' - } - - class { '::aodh': - rabbit_use_ssl => $::platform::amqp::params::ssl_enabled, - default_transport_url => $::platform::amqp::params::transport_url, - } - - # WRS register aodh-expirer-active in cron to run daily at the 35 minute mark - cron { 'aodh-expirer': - ensure => 'present', - command => '/usr/bin/aodh-expirer-active', - environment => 'PATH=/bin:/usr/bin:/usr/sbin', - minute => '35', - hour => '*/24', - user => 'root', - } - } -} - - -class openstack::aodh::firewall - inherits ::openstack::aodh::params { - - platform::firewall::rule { 'aodh-api': - service_name => 'aodh', - ports => $api_port, - } -} - - -class openstack::aodh::haproxy - inherits ::openstack::aodh::params { - - platform::haproxy::proxy { 'aodh-restapi': - server_name => 's-aodh-restapi', - public_port => $api_port, - private_port => $api_port, - } -} - - -class openstack::aodh::api - inherits ::openstack::aodh::params { - include ::platform::params - - # The aodh user and service are always required and they - # are used by subclouds when the service itself is disabled - # on System Controller - # whether it creates the endpoint is determined by - # aodh::keystone::auth::configure_endpoint which is - # set via sysinv puppet - if ($::openstack::aodh::params::service_create and - $::platform::params::init_keystone) { - include ::aodh::keystone::auth - } - - if $service_enabled { - - include ::platform::network::mgmt::params - $api_host = $::platform::network::mgmt::params::controller_address - $url_host = $::platform::network::mgmt::params::controller_address_url - - file { '/usr/share/aodh/aodh-api.conf': - ensure => file, - content => template('openstack/aodh-api.conf.erb'), - owner => 'root', - group => 'root', - mode => '0640', - } - -> class { '::aodh::api': - host => $api_host, - sync_db => $::platform::params::init_database, - enable_proxy_headers_parsing => true, - } - - include ::openstack::aodh::firewall - include ::openstack::aodh::haproxy - } -} - - -class openstack::aodh::runtime { - include ::platform::amqp::params - - class { '::aodh': - rabbit_use_ssl => $::platform::amqp::params::ssl_enabled, - default_transport_url => $::platform::amqp::params::transport_url, - } -} diff --git a/puppet-manifests/src/modules/openstack/manifests/ceilometer.pp b/puppet-manifests/src/modules/openstack/manifests/ceilometer.pp deleted file mode 100644 index 727b149e82..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/ceilometer.pp +++ /dev/null @@ -1,263 +0,0 @@ -class openstack::ceilometer::params ( - $api_port = 8777, - $region_name = undef, - $service_name = 'openstack-ceilometer', - $service_create = false, -) { } - - -class openstack::ceilometer { - include ::platform::amqp::params - include ::platform::params - include ::openstack::ceilometer::params - include ::platform::kubernetes::params - - class { '::ceilometer': - rabbit_use_ssl => $::platform::amqp::params::ssl_enabled, - default_transport_url => $::platform::amqp::params::transport_url, - rabbit_qos_prefetch_count => 100, - } - - if ($::openstack::ceilometer::params::service_create and - $::platform::params::init_keystone) { - include ::ceilometer::keystone::auth - - if ($::platform::params::distributed_cloud_role != 'systemcontroller' and - $::platform::kubernetes::params::enabled != true) { - include ::openstack::gnocchi::params - - class { '::ceilometer::db::sync': - extra_params => '--skip-metering-database', - require => [Keystone::Resource::Service_identity['ceilometer', 'gnocchi']] - } - - if $::platform::params::vswitch_type !~ '^ovs' { - include ::gnocchi::keystone::authtoken - - $os_auth_url = $::gnocchi::keystone::authtoken::auth_url - $os_username = $::gnocchi::keystone::authtoken::username - $os_user_domain = $::gnocchi::keystone::authtoken::user_domain_name - $os_project_name = $::gnocchi::keystone::authtoken::project_name - $os_project_domain = $::gnocchi::keystone::authtoken::project_domain_name - $os_region_name = $::gnocchi::keystone::authtoken::region_name - $os_auth_type = $::gnocchi::keystone::authtoken::auth_type - $os_password = $::gnocchi::keystone::authtoken::password - $os_interface = 'internalURL' - - Class['::ceilometer::db::sync'] - -> exec { 'Creating vswitch resource types': - command => 'gnocchi resource-type create vswitch_engine \ - -a cpu_id:number:true:min=0 \ - -a host:string:true:max_length=64; - gnocchi resource-type create vswitch_interface_and_port \ - -a host:string:false:max_length=64 \ - -a network_uuid:string:false:max_length=255 \ - -a network_id:string:false:max_length=255 \ - -a link-speed:number:false:min=0', - environment => ["OS_AUTH_URL=${os_auth_url}", - "OS_USERNAME=${os_username}", - "OS_USER_DOMAIN_NAME=${os_user_domain}", - "OS_PROJECT_NAME=${os_project_name}", - "OS_PROJECT_DOMAIN_NAME=${os_project_domain}", - "OS_REGION_NAME=${os_region_name}", - "OS_INTERFACE=${os_interface}", - "OS_AUTH_TYPE=${os_auth_type}", - "OS_PASSWORD=${os_password}"], - } - } - } - } - - include ::ceilometer::agent::auth - include ::openstack::cinder::params - include ::openstack::glance::params - - # FIXME(mpeters): generic parameter can be moved to the puppet module - ceilometer_config { - 'DEFAULT/executor_thread_pool_size': value => 16; - 'DEFAULT/shuffle_time_before_polling_task': value => 30; - 'DEFAULT/batch_polled_samples': value => true; - 'oslo_messaging_rabbit/rpc_conn_pool_size': value => 10; - 'oslo_messaging_rabbit/socket_timeout': value => 1.00; - 'compute/resource_update_interval': value => 60; - 'DEFAULT/region_name_for_services': value => $::openstack::ceilometer::params::region_name; - } - - - if $::personality == 'controller' { - include ::platform::memcached::params - - $memcache_ip = $::platform::memcached::params::listen_ip - $memcache_port = $::platform::memcached::params::tcp_port - $memcache_ip_version = $::platform::memcached::params::listen_ip_version - - $memcache_servers = $memcache_ip_version ? { - 4 => "'${memcache_ip}:${memcache_port}'", - 6 => "'inet6:[${memcache_ip}]:${memcache_port}'", - } - - oslo::cache { 'ceilometer_config': - enabled => true, - backend => 'dogpile.cache.memcached', - memcache_servers => $memcache_servers, - expiration_time => 86400, - } - } - - if $::platform::params::region_config { - if $::openstack::glance::params::region_name != $::platform::params::region_2_name { - $shared_service_glance = [$::openstack::glance::params::service_type] - } else { - $shared_service_glance = [] - } - # skip the check if cinder region name has not been configured - if ($::openstack::cinder::params::region_name != undef and - $::openstack::cinder::params::region_name != $::platform::params::region_2_name) { - $shared_service_cinder = [$::openstack::cinder::params::service_type, - $::openstack::cinder::params::service_type_v2, - $::openstack::cinder::params::service_type_v3] - } else { - $shared_service_cinder = [] - } - $shared_services = concat($shared_service_glance, $shared_service_cinder) - ceilometer_config { - 'DEFAULT/region_name_for_shared_services': value => $::platform::params::region_1_name; - 'DEFAULT/shared_services_types': value => join($shared_services,','); - } - } - -} - - -class openstack::ceilometer::agent::notification { - include ::platform::params - - $cgcs_fs_directory = '/opt/cgcs' - $ceilometer_directory = "${cgcs_fs_directory}/ceilometer" - $ceilometer_directory_csv = "${ceilometer_directory}/csv" - $ceilometer_directory_versioned = "${ceilometer_directory}/${::platform::params::software_version}" - - file { '/etc/ceilometer/pipeline.yaml': - ensure => 'present', - content => template('openstack/pipeline.yaml.erb'), - mode => '0640', - owner => 'root', - group => 'ceilometer', - tag => 'ceilometer-yamls', - } - -> file { $ceilometer_directory: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - -> file { $ceilometer_directory_csv: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - -> file { $ceilometer_directory_versioned: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - -> file { "${ceilometer_directory_versioned}/pipeline.yaml": - ensure => 'file', - source => '/etc/ceilometer/pipeline.yaml', - owner => 'root', - group => 'root', - mode => '0640', - } - - file { '/etc/ceilometer/gnocchi_resources.yaml': - ensure => 'present', - content => template('openstack/gnocchi_resources.yaml.erb'), - mode => '0640', - owner => 'root', - group => 'ceilometer', - tag => 'ceilometer-yamls', - } - - # Limit the number of ceilometer agent notification workers to 10 max - $agent_workers_count = min($::platform::params::eng_workers_by_2, 10) - - if $::platform::params::system_type == 'All-in-one' { - $batch_timeout = 25 - } else { - $batch_timeout = 5 - } - - # FIXME(mpeters): generic parameter can be moved to the puppet module - ceilometer_config { - 'DEFAULT/csv_location': value => $ceilometer_directory_csv; - 'DEFAULT/csv_location_strict': value => true; - 'notification/workers': value => $agent_workers_count; - 'notification/batch_size': value => 100; - 'notification/batch_timeout': value => $batch_timeout; - } -} - - -class openstack::ceilometer::polling ( - $instance_polling_interval = 600, - $instance_cpu_polling_interval = 30, - $instance_disk_polling_interval = 600, - $ipmi_polling_interval = 600, - $ceph_polling_interval = 600, - $image_polling_interval = 600, - $volume_polling_interval = 600, -) { - include ::platform::params - include ::platform::kubernetes::params - - file { '/etc/ceilometer/polling.yaml': - ensure => 'present', - content => template('openstack/polling.yaml.erb'), - mode => '0640', - owner => 'root', - group => 'ceilometer', - tag => 'ceilometer-yamls', - } - - if $::personality == 'controller' { - $central_namespace = true - } else { - $central_namespace = false - } - - if (str2bool($::disable_worker_services) or - $::platform::kubernetes::params::enabled) { - $agent_enable = false - $compute_namespace = false - - file { '/etc/pmon.d/ceilometer-polling.conf': - ensure => absent, - } - } else { - $agent_enable = true - - if str2bool($::is_worker_subfunction) { - $pmon_target = '/etc/ceilometer/ceilometer-polling-compute.conf.pmon' - $compute_namespace = true - } else { - $pmon_target = '/etc/ceilometer/ceilometer-polling.conf.pmon' - $compute_namespace = false - } - - file { '/etc/pmon.d/ceilometer-polling.conf': - ensure => link, - target => $pmon_target, - owner => 'root', - group => 'root', - mode => '0640', - } - } - - class { '::ceilometer::agent::polling': - enabled => $agent_enable, - central_namespace => $central_namespace, - compute_namespace => $compute_namespace, - } -} diff --git a/puppet-manifests/src/modules/openstack/manifests/cinder.pp b/puppet-manifests/src/modules/openstack/manifests/cinder.pp deleted file mode 100644 index a3873450e2..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/cinder.pp +++ /dev/null @@ -1,803 +0,0 @@ -# TODO (rchurch): Make sure all includes have the correct global scope -class openstack::cinder::params ( - $service_enabled = false, - $api_port = 8776, - $api_proxy_port = 28776, - $region_name = undef, - $service_name = 'openstack-cinder', - $service_type = 'volume', - $service_type_v2 = 'volumev2', - $service_type_v3 = 'volumev3', - $configure_endpoint = true, - $enabled_backends = [], - $cinder_address = undef, - $cinder_directory = '/opt/cgcs/cinder', - $cinder_image_conversion_dir = '/opt/img-conversions/cinder', - $cinder_device = '', - $cinder_size = undef, - $cinder_fs_device = '/dev/drbd4', - $cinder_vg_name = 'cinder-volumes', - $drbd_resource = 'drbd-cinder', - $iscsi_ip_address = undef, - $is_ceph_external = false, - # Flag files - $initial_cinder_config_flag = "${::platform::params::config_path}/.initial_cinder_config_complete", - $initial_cinder_lvm_config_flag = "${::platform::params::config_path}/.initial_cinder_lvm_config_complete", - $initial_cinder_ceph_config_flag = "${::platform::params::config_path}/.initial_cinder_ceph_config_complete", - $node_cinder_lvm_config_flag = '/etc/platform/.node_cinder_lvm_config_complete', - ) { - $cinder_disk = regsubst($cinder_device, '-part\d+$', '') - - # Take appropriate actions based on the service states defined by: - # - $is_initial_cinder => first time ever when cinder is configured; - # - $is_initial_cinder_lvm => first time ever when LVM cinder is configured on the system; - # - $is_initial_cinder_ceph => first time ever when Ceph cinder is configured on the system; - # - $is_node_cinder_lvm => cinder LVM is configured/reconfigured on a node; - # - $is_node_cinder_ceph => cinder Ceph is configured/reconfigured on a node. - # These states are dependent on two aspects: - # 1. A flag file present on the disk either in: - # - DRBD synced /opt/platform, for system flags or in - # - local folder /etc/platform, for node specific flags - # 2. Controller standby or active state. Sometimes manifests are applied at the same time on both - # controllers with most configuration happenning on the active node and minimal on the standby. - if $service_enabled { - # Check if this is the first time we ever configure cinder on this system - if str2bool($::is_controller_active) and str2bool($::is_initial_cinder_config) { - $is_initial_cinder = true - } else { - $is_initial_cinder = false - } - - if 'lvm' in $enabled_backends { - # Check if this is the first time we ever configure LVM on this system - if str2bool($::is_controller_active) and str2bool($::is_initial_cinder_lvm_config) { - $is_initial_cinder_lvm = true - } else { - $is_initial_cinder_lvm = false - } - # Check if we should configure/reconfigure cinder LVM for this node. - # True in case of node reinstalls, device replacements, reconfigurations etc. - if str2bool($::is_node_cinder_lvm_config) { - $is_node_cinder_lvm = true - } else { - $is_node_cinder_lvm = false - } - } else { - $is_initial_cinder_lvm = false - $is_node_cinder_lvm = false - } - - if 'ceph' in $enabled_backends or $is_ceph_external { - # Check if this is the first time we ever configure Ceph on this system - if str2bool($::is_controller_active) and str2bool($::is_initial_cinder_ceph_config) { - $is_initial_cinder_ceph = true - } else { - $is_initial_cinder_ceph = false - } - } else { - $is_initial_cinder_ceph = false - } - - # Cinder needs to be running on initial configuration of either Ceph or LVM - if str2bool($::is_controller_active) and ($is_initial_cinder_lvm or $is_initial_cinder_ceph) { - $enable_cinder_service = true - } else { - $enable_cinder_service = false - } - - } else { - $is_initial_cinder = false - $is_initial_cinder_lvm = false - $is_node_cinder_lvm = false - $is_initial_cinder_ceph = false - $is_node_cinder_ceph = false - $enable_cinder_service = false - } -} - - -# Called from controller manifest -class openstack::cinder - inherits ::openstack::cinder::params { - - # TODO (rchurch): This will create the cinder DB on a system that may never run cinder. This make sense? - #if $is_initial_cinder { - if $::platform::params::init_database { - include platform::postgresql::server - include ::cinder::db::postgresql - } - - # TODO (rchurch): Make this happen after config_controller? If we do that we should - # exec 'cinder-manage db sync' as root instead of 'cinder' user - #if $is_initial_cinder { - if str2bool($::is_initial_config_primary) { - include ::cinder::db::sync - } - - include ::platform::params - include ::platform::amqp::params - - include ::platform::network::mgmt::params - $controller_address = $::platform::network::mgmt::params::controller_address - - group { 'cinder': - ensure => 'present', - gid => '165', - } - - user { 'cinder': - ensure => 'present', - comment => 'OpenStack Cinder Daemons', - gid => '165', - groups => ['nobody', 'cinder', $::platform::params::protected_group_name], - home => '/var/lib/cinder', - password => '!!', - password_max_age => '-1', - password_min_age => '-1', - shell => '/sbin/nologin', - uid => '165', - } - - if $service_enabled { - file { $cinder_directory: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - -> file { $cinder_image_conversion_dir: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - -> file { "${cinder_directory}/data": - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - } else { - file { $cinder_directory: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - -> file { "${cinder_directory}/data": - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - } - - class { '::cinder': - rabbit_use_ssl => $::platform::amqp::params::ssl_enabled, - default_transport_url => $::platform::amqp::params::transport_url, - } - - include ::cinder::keystone::authtoken - include ::cinder::scheduler - include ::cinder::client - include ::cinder::volume - include ::cinder::ceilometer - include ::cinder::glance - - include ::openstack::cinder::config - include ::openstack::cinder::backends - - include ::openstack::cinder::backup - include ::platform::multipath::params - - # TODO(mpeters): move to puppet module formal parameters - cinder_config { - 'DEFAULT/my_ip': value => $controller_address; - 'DEFAULT/state_path': value => "${cinder_directory}/data"; - # Reduce the number of RPCs that can be handled in parallel from the - # default of 64. Doing too much at once (e.g. creating volumes) results - # in a lot of thrashing and operations time out. - # Liberty renamed this from rpc_thread_pool_size to executor_thread_pool_size - 'DEFAULT/executor_thread_pool_size': value => '32'; - 'DEFAULT/enable_force_upload': value => true; - 'DEFAULT/use_multipath_for_image_xfer': value => $::platform::multipath::params::enabled; - 'backend_defaults/use_multipath_for_image_xfer': value => $::platform::multipath::params::enabled; - } - - # Run cinder-manage to purge deleted rows daily at the 30 minute mark - cron { 'cinder-purge-deleted': - ensure => 'present', - command => '/usr/bin/cinder-purge-deleted-active', - environment => 'PATH=/bin:/usr/bin:/usr/sbin', - minute => '30', - hour => '*/24', - user => 'root', - } -} - - -class openstack::cinder::config::default( - $config_params -) inherits ::openstack::cinder::params { - # Realize any service parameter provided DEFAULT section params of cinder.conf - create_resources('cinder_config', hiera_hash('openstack::cinder::config::default::config_params', {})) -} - - -class openstack::cinder::config - inherits ::openstack::cinder::params { - include ::openstack::cinder::config::default -} - -class openstack::cinder::backup - inherits ::openstack::cinder::params { - - # For now only support file backend backup - include ::cinder::backup::posix -} - - -class openstack::cinder::backends::san - inherits ::openstack::cinder::params { - include ::openstack::cinder::emc_vnx - include ::openstack::cinder::backends::hpe3par - include ::openstack::cinder::hpelefthand - } - - -class openstack::cinder::backends - inherits ::openstack::cinder::params { - - class { '::cinder::backends': - enabled_backends => $enabled_backends - } - - if 'lvm' in $enabled_backends { - include ::openstack::cinder::lvm - } - - if 'ceph' in $enabled_backends or $is_ceph_external { - include ::openstack::cinder::backends::ceph - } - - include openstack::cinder::backends::san -} - - -class openstack::cinder::lvm::filesystem::drbd ( - $device = '/dev/drbd4', - $lv_name = 'cinder-lv', - $mountpoint = '/opt/cinder', - $port = '7792', - $vg_name = 'cinder-volumes', - $drbd_handoff = true, -) inherits ::openstack::cinder::params { - - include ::platform::drbd::params - include ::platform::drbd::cgcs::params - - if str2bool($::is_primary_disk_rotational) { - $resync_after = $::platform::drbd::cgcs::params::resource_name - } else { - $resync_after = undef - } - - if (str2bool($::is_controller_active) or - (str2bool($::is_standalone_controller) and $is_node_cinder_lvm) - ) { - # Run DRBD cinder initial setup in two cases - # 1) first time Cinder LVM is configured, - # 2) when cinder's disk is replaced on a standalone controller - # (mostly to accommodate SX disk replacement). - # Note: Cinder disk replacement is triggered from sysinv by removing - # the checkpoint file behind is_node_cinder_lvm. - $ha_primary = true - $initial_setup = true - $service_enable = true - $service_ensure = 'running' - } else { - $ha_primary = false - $initial_setup = false - $service_enable = false - $service_ensure = 'stopped' - } - - if $is_node_cinder_lvm { - - # prepare disk for drbd - file { '/etc/udev/mount.blacklist': - ensure => present, - mode => '0644', - owner => 'root', - group => 'root', - } - -> file_line { "blacklist ${cinder_disk} automount": - ensure => present, - line => $cinder_disk, - path => '/etc/udev/mount.blacklist', - } - } - - drbd::resource { $drbd_resource: - disk => "\"${cinder_device}\"", - port => $port, - device => $device, - mountpoint => $mountpoint, - handlers => { - before-resync-target => - "/usr/local/sbin/sm-notify -s ${drbd_resource} -e sync-start", - after-resync-target => - "/usr/local/sbin/sm-notify -s ${drbd_resource} -e sync-end", - }, - host1 => $::platform::drbd::params::host1, - host2 => $::platform::drbd::params::host2, - ip1 => $::platform::drbd::params::ip1, - ip2 => $::platform::drbd::params::ip2, - manage => $is_node_cinder_lvm, - ha_primary => $ha_primary, - initial_setup => $initial_setup, - automount => $::platform::drbd::params::automount, - fs_type => $::platform::drbd::params::fs_type, - link_util => $::platform::drbd::params::link_util, - link_speed => $::platform::drbd::params::link_speed, - num_parallel => $::platform::drbd::params::num_parallel, - rtt_ms => $::platform::drbd::params::rtt_ms, - cpumask => $::platform::drbd::params::cpumask, - resync_after => $resync_after, - require => [ Class['::platform::partitions'], File_line['final filter: update lvm global_filter'] ] - } - - if ($is_initial_cinder_lvm or - (str2bool($::is_standalone_controller) and $is_node_cinder_lvm) - ){ - # Recreate cinder-volumes in two cases: - # 1) first time Cinder LVM is configured, - # 2) when cinder's disk is replaced on a standalone controller - # (mostly to accommodate SX disk replacement). - # Note: Cinder disk replacement is triggered from sysinv by removing - # the checkpoint file behind is_node_cinder_lvm. - physical_volume { $device: - ensure => present, - require => Drbd::Resource[$drbd_resource] - } - -> volume_group { $vg_name: - ensure => present, - physical_volumes => $device, - } - # Create an initial LV, because the LVM ocf resource does not work with - # an empty VG. - -> logical_volume { 'anchor-lv': - ensure => present, - volume_group => $vg_name, - size => '1M', - size_is_minsize => true, - } - # Deactivate the VG now. If this isn't done, it prevents DRBD from - # being stopped later by the SM. - -> exec { 'Deactivate VG': - command => "vgchange -a ln ${vg_name}", - } - # Make sure the primary resource is in the correct state so that on swact to - # controller-1 sm has the resource in an acceptable state to become managed - # and primary. But, if this primary is a single controller we will restart - # SM so keep it primary - - # TODO (rchurch): fix up the drbd_handoff logic. - -> exec { 'Set $drbd_resource role': - command => str2bool($drbd_handoff) ? {true => "drbdadm secondary ${drbd_resource}", default => '/bin/true'}, - unless => "drbdadm role ${drbd_resource} | egrep '^Secondary'", - } - } -} - - -class openstack::cinder::lvm( - $lvm_type = 'thin', -) inherits ::openstack::cinder::params { - -# if $::platform::params::system_mode != 'simplex' { -# include ::openstack::cinder::lvm::filesystem::drbd -# } else { -# include ::openstack::cinder::lvm::filesystem::simplex -# } - include ::openstack::cinder::lvm::filesystem::drbd - - file_line { 'snapshot_autoextend_threshold': - path => '/etc/lvm/lvm.conf', - match => '^\s*snapshot_autoextend_threshold +=.*', - line => ' snapshot_autoextend_threshold = 80', - } - - file_line { 'snapshot_autoextend_percent': - path => '/etc/lvm/lvm.conf', - match => '^\s*snapshot_autoextend_percent +=.*', - line => ' snapshot_autoextend_percent = 20', - } - - file { "${cinder_directory}/iscsi-target": - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - require => File[$cinder_directory], - } - -> file { "${cinder_directory}/iscsi-target/saveconfig.json": - ensure => 'present', - owner => 'root', - group => 'root', - mode => '0600', - content => '{ - "fabric_modules": [], - "storage_objects": [], - "targets": [] - }', - } - - if $lvm_type == 'thin' { - $iscsi_lvm_config = { - 'lvm/iscsi_target_flags' => {'value' => 'direct'}, - 'lvm/lvm_type' => {'value' => 'thin'}, - 'DEFAULT/max_over_subscription_ratio' => {'value' => 1.0} - } - } else { - $iscsi_lvm_config = { - 'lvm/iscsi_target_flags' => {'value' => 'direct'}, - 'lvm/lvm_type' => {'value' => 'default'}, - 'lvm/volume_clear' => {'value' => 'none'} - } - } - - cinder::backend::iscsi { 'lvm': - iscsi_ip_address => $iscsi_ip_address, - extra_options => $iscsi_lvm_config , - volumes_dir => "${cinder_directory}/data/volumes", - } -} - -define openstack::cinder::backend::ceph( - $backend_name, - $rbd_pool, - $backend_enabled = false, - $rbd_user = 'cinder', - $rbd_ceph_conf = '/etc/ceph/ceph.conf' -) { - - if $backend_enabled { - cinder::backend::rbd {$backend_name: - backend_host => '$host', - rbd_pool => $rbd_pool, - rbd_user => $rbd_user, - rbd_ceph_conf => $rbd_ceph_conf, - } - } else { - cinder_config { - "${backend_name}/volume_backend_name": ensure => absent; - "${backend_name}/volume_driver": ensure => absent; - "${backend_name}/backend_host": ensure => absent; - "${backend_name}/rbd_ceph_conf": ensure => absent; - "${backend_name}/rbd_pool": ensure => absent; - } - } -} - - -class openstack::cinder::backends::ceph ( - $ceph_backend_configs = {} -) inherits ::openstack::cinder::params { - create_resources('openstack::cinder::backend::ceph', $ceph_backend_configs) -} - - -class openstack::cinder::emc_vnx( - $feature_enabled, - $config_params -) inherits ::openstack::cinder::params { - create_resources('cinder_config', hiera_hash('openstack::cinder::emc_vnx::config_params', {})) - - if $feature_enabled { - $scsi_id_ensure = 'link' - } else { - $scsi_id_ensure = 'absent' - } - - #TODO(rchurch): Evaluate this with Pike... Still needed? - # During creating EMC cinder bootable volume, linuxscsi.py in - # python2-os-brick-1.1.0-1.el7.noarch invokes "scsi_id" command and - # fails as "scsi_id" is not in the search PATH. So create a symlink - # here. The fix is already in the later version of os-brick. We - # can remove this code when python2-os-brick is upgraded. - file { '/usr/bin/scsi_id': - ensure => $scsi_id_ensure, - owner => 'root', - group => 'root', - target => '/lib/udev/scsi_id', - } -} - - -define openstack::cinder::backend::hpe3par -{ - $hiera_params = "openstack::cinder::${name}::config_params" - $feature_enabled = "openstack::cinder::${name}::feature_enabled" - - create_resources('cinder_config', hiera_hash($hiera_params, {})) - - if $feature_enabled { - exec {"Including ${name} configuration": - path => [ '/usr/bin', '/usr/sbin', '/bin', '/sbin' ], - command => "echo Including ${name} configuration", - } - } -} - - -class openstack::cinder::backends::hpe3par ( - $sections = [] -) inherits ::openstack::cinder::params { - ::openstack::cinder::backend::hpe3par {$sections:} -} - - -class openstack::cinder::hpelefthand( - $feature_enabled, - $config_params -) inherits ::openstack::cinder::params { - create_resources('cinder_config', hiera_hash('openstack::cinder::hpelefthand::config_params', {})) - - # As HP SANs are addon PS supported options, make sure we have explicit - # logging showing this is being included when the feature is enabled. - if $feature_enabled { - exec {'Including hpelefthand configuration': - path => [ '/usr/bin', '/usr/sbin', '/bin', '/sbin' ], - command => 'echo Including hpelefthand configuration', - } - } -} - - -class openstack::cinder::firewall - inherits ::openstack::cinder::params { - - if $service_enabled { - platform::firewall::rule { 'cinder-api': - service_name => 'cinder', - ports => $api_port, - } - } -} - - -class openstack::cinder::haproxy - inherits ::openstack::cinder::params { - - if $service_enabled { - platform::haproxy::proxy { 'cinder-restapi': - server_name => 's-cinder', - public_port => $api_port, - private_port => $api_port, - } - } -} - - -define openstack::cinder::api::backend( - $backend_name, - $type_name, - $type_enabled = false, -) { - # Run it on the active controller, otherwise the prefetch step tries to query - # cinder and can fail - if str2bool($::is_controller_active) { - if $type_enabled { - cinder_type { $type_name: - ensure => present, - properties => ["volume_backend_name=${backend_name}"] - } - } else { - cinder_type { $type_name: - ensure => absent - } - } - } -} - - -class openstack::cinder::api::backends( - $ceph_type_configs = {} -) inherits ::openstack::cinder::params { - - # Only include cinder_type the first time an lvm or ceph backend is - # initialized - if $is_initial_cinder_lvm { - ::openstack::cinder::api::backend { 'lvm-store': - type_enabled => true, - type_name => 'iscsi', - backend_name => 'lvm' - } - } - - # Add/Remove any additional cinder ceph tier types - create_resources('openstack::cinder::api::backend', $ceph_type_configs) - - # Add SAN volume types here when/if required -} - - -# Called from the controller manifest -class openstack::cinder::api - inherits ::openstack::cinder::params { - - include ::platform::params - $api_workers = $::platform::params::eng_workers - - include ::platform::network::mgmt::params - $api_host = $::platform::network::mgmt::params::controller_address - - $upgrade = $::platform::params::controller_upgrade - if $service_enabled and (str2bool($::is_controller_active) or $upgrade) { - include ::cinder::keystone::auth - if $::platform::params::distributed_cloud_role == 'systemcontroller' { - include ::dcorch::keystone::auth - include ::platform::dcorch::firewall - include ::platform::dcorch::haproxy - } - } - - class { '::cinder::api': - bind_host => $api_host, - service_workers => $api_workers, - sync_db => $::platform::params::init_database, - enabled => str2bool($enable_cinder_service) - } - - if $::openstack::cinder::params::configure_endpoint { - include ::openstack::cinder::firewall - include ::openstack::cinder::haproxy - } - if $service_enabled { - include ::openstack::cinder::api::backends - } - - class { '::openstack::cinder::pre': - stage => pre - } - - class { '::openstack::cinder::post': - stage => post - } -} - - -class openstack::cinder::pre { - include ::openstack::cinder::params - $enabled = str2bool($::openstack::cinder::params::enable_cinder_service) - if $::platform::params::distributed_cloud_role =='systemcontroller' and $enabled { - # need to enable cinder-api-proxy in order to apply the cinder manifest - exec { 'Enable Dcorch Cinder API Proxy': - command => 'systemctl enable dcorch-cinder-api-proxy; systemctl start dcorch-cinder-api-proxy', - } - } -} - - -class openstack::cinder::post - inherits ::openstack::cinder::params { - - # Ensure that phases are marked as complete - if $is_initial_cinder { - file { $initial_cinder_config_flag: - ensure => present - } - } - - if $is_initial_cinder_lvm { - file { $initial_cinder_lvm_config_flag: - ensure => present - } - } - - if $is_initial_cinder_ceph { - file { $initial_cinder_ceph_config_flag: - ensure => present - } - } - - # To workaround an upstream bug in rbd code, we need to create - # an empty file /etc/ceph/ceph.client.None.keyring in order to - # do cinder backup and restore. - file { '/etc/ceph/ceph.client.None.keyring': - ensure => file, - owner => 'root', - group => 'root', - mode => '0644', - } - - if $is_node_cinder_lvm { - file { $node_cinder_lvm_config_flag: - ensure => present - } - } - - # cinder-api needs to be running in order to apply the cinder manifest, - # however, it needs to be stopped/disabled to allow SM to manage the service. - # To allow for the transition it must be explicitly stopped. Once puppet - # can directly handle SM managed services, then this can be removed. - exec { 'Disable OpenStack - Cinder API': - command => 'systemctl stop openstack-cinder-api; systemctl disable openstack-cinder-api', - require => Class['openstack::cinder'], - } - - if $::platform::params::distributed_cloud_role =='systemcontroller' { - # stop and disable the cinder api proxy to allow SM to manage the service - exec { 'Disable Dcorch Cinder API Proxy': - command => 'systemctl stop dcorch-cinder-api-proxy; systemctl disable dcorch-cinder-api-proxy', - require => Class['openstack::cinder'], - } - } -} - - -class openstack::cinder::reload { - platform::sm::restart {'cinder-scheduler': } - platform::sm::restart {'cinder-volume': } - platform::sm::restart {'cinder-backup': } - platform::sm::restart {'cinder-api': } -} - - -# Called for runtime changes -class openstack::cinder::runtime - inherits ::openstack::cinder::params { - - include ::openstack::cinder - include ::openstack::cinder::api - - class { '::openstack::cinder::reload': - stage => post - } -} - - -# Called for runtime changes on region -class openstack::cinder::endpoint::runtime { - if str2bool($::is_controller_active) { - include ::cinder::keystone::auth - } -} - - -# Called for service_parameter runtime changes: -# - Currently cinder.conf only changes -# - external SAN backend sections -# - default section changes -class openstack::cinder::service_param::runtime - inherits ::openstack::cinder::params { - class { '::cinder::backends': - enabled_backends => $enabled_backends - } - - include ::openstack::cinder::config::default - include ::openstack::cinder::backends::san - - class { '::openstack::cinder::reload': - stage => post - } -} - - -# Called for rbd backend runtime changes -class openstack::cinder::backends::ceph::runtime - inherits ::openstack::cinder::params { - class { '::cinder::backends': - enabled_backends => $enabled_backends - } - - if $service_enabled { - include ::openstack::cinder::backends::ceph - include ::openstack::cinder::api::backends - } - - class { '::openstack::cinder::reload': - stage => post - } -} diff --git a/puppet-manifests/src/modules/openstack/manifests/client.pp b/puppet-manifests/src/modules/openstack/manifests/client.pp deleted file mode 100644 index 86c54870a7..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/client.pp +++ /dev/null @@ -1,43 +0,0 @@ -class openstack::client { - - include ::platform::client::params - $admin_username = $::platform::client::params::admin_username - $identity_auth_url = $::platform::client::params::identity_auth_url - $identity_region = $::platform::client::params::identity_region - $identity_api_version = $::platform::client::params::identity_api_version - $admin_user_domain = $::platform::client::params::admin_user_domain - $admin_project_domain = $::platform::client::params::admin_project_domain - $admin_project_name = $::platform::client::params::admin_project_name - $keystone_identity_region = $::platform::client::params::keystone_identity_region - - include ::platform::client::credentials::params - $keyring_file = $::platform::client::credentials::params::keyring_file - - file {'/etc/nova/openrc': - ensure => 'present', - mode => '0640', - owner => 'nova', - group => 'root', - content => template('openstack/openrc.admin.erb'), - } - - file {'/etc/nova/ldap_openrc_template': - ensure => 'present', - mode => '0644', - content => template('openstack/openrc.ldap.erb'), - } - - file {'/etc/bash_completion.d/openstack': - ensure => 'present', - mode => '0644', - content => generate('/usr/bin/openstack', 'complete'), - } -} - -class openstack::client::bootstrap { - include ::openstack::client -} - -class openstack::client::upgrade { - include ::openstack::client -} diff --git a/puppet-manifests/src/modules/openstack/manifests/glance.pp b/puppet-manifests/src/modules/openstack/manifests/glance.pp deleted file mode 100644 index 2c708b269b..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/glance.pp +++ /dev/null @@ -1,209 +0,0 @@ -class openstack::glance::params ( - $api_host, - $service_enabled = true, - $api_port = 9292, - $region_name = undef, - $service_type = 'image', - $glance_directory = '/opt/cgcs/glance', - $glance_image_conversion_dir = '/opt/img-conversions/glance', - $enabled_backends = [], - $service_create = false, - $configured_registry_host = '0.0.0.0', - $remote_registry_region_name = undef, - $glance_cached = false, - $glance_delete_interval = 6, - $rbd_store_pool = 'images', - $rbd_store_ceph_conf = '/etc/ceph/ceph.conf', -) { } - - -class openstack::glance - inherits ::openstack::glance::params { - - if $service_enabled { - include ::platform::params - include ::platform::amqp::params - - file { $glance_directory: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - -> file { "${glance_directory}/image-cache": - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - -> file { "${glance_directory}/images": - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - -> file { $glance_image_conversion_dir: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - - $bind_host = $::platform::network::mgmt::params::subnet_version ? { - 6 => '::', - default => '0.0.0.0', - } - - if $::platform::params::init_database { - class { '::glance::db::postgresql': - encoding => 'UTF8', - } - } - - include ::glance::api::authtoken - include ::glance::registry::authtoken - - class { '::glance::registry': - bind_host => $bind_host, - workers => $::platform::params::eng_workers, - } - - # Run glance-manage to purge deleted rows daily at the 45 minute mark - cron { 'glance-purge-deleted': - ensure => 'present', - command => '/usr/bin/glance-purge-deleted-active', - environment => 'PATH=/bin:/usr/bin:/usr/sbin', - minute => '45', - hour => '*/24', - user => 'root', - } - - cron { 'glance-cleaner': - ensure => 'present', - command => "/usr/bin/glance-cleaner --config-file /etc/glance/glance-api.conf --delete-interval ${glance_delete_interval}", - environment => 'PATH=/bin:/usr/bin:/usr/sbin', - minute => '35', - hour => "*/${glance_delete_interval}", - user => 'root', - } - - # In glance cached mode run the pruner once every 6 hours to clean - # stale or orphaned images - if $::openstack::glance::params::glance_cached { - cron { 'glance-cache-pruner': - ensure => 'present', - command => '/usr/bin/glance-cache-pruner --config-file /etc/glance/glance-api.conf', - environment => 'PATH=/bin:/usr/bin:/usr/sbin', - minute => '15', - hour => '*/6', - user => 'root', - } - } - - class { '::glance::notify::rabbitmq': - rabbit_use_ssl => $::platform::amqp::params::ssl_enabled, - default_transport_url => $::platform::amqp::params::transport_url, - } - - if 'file' in $enabled_backends { - include ::glance::backend::file - } - } -} - - -class openstack::glance::firewall - inherits ::openstack::glance::params { - - platform::firewall::rule { 'glance-api': - service_name => 'glance', - ports => $api_port, - } -} - - -class openstack::glance::haproxy - inherits ::openstack::glance::params { - - platform::haproxy::proxy { 'glance-restapi': - server_name => 's-glance', - public_port => $api_port, - private_port => $api_port, - private_ip_address => $api_host, - } -} - - -class openstack::glance::api - inherits ::openstack::glance::params { - include ::platform::params - - if $service_enabled { - if ($::openstack::glance::params::service_create and - $::platform::params::init_keystone) { - include ::glance::keystone::auth - } - - include ::platform::params - $api_workers = $::platform::params::eng_workers - - include ::platform::network::mgmt::params - # magical hack for magical config - glance option registry_host requires brackets - if $configured_registry_host == '0.0.0.0' { - $registry_host = $::platform::network::mgmt::params::subnet_version ? { - 6 => '::0', - default => '0.0.0.0', - # TO-DO(mmagr): Add IPv6 support when hostnames are used - } - } else { - $registry_host = $configured_registry_host - } - - # enable copy-on-write cloning from glance to cinder only for rbd - # this speeds up creation of volumes from images - $show_image_direct_url = ('rbd' in $enabled_backends) - - if ($::platform::params::distributed_cloud_role == 'subcloud') { - $api_use_user_token = false - } else { - $api_use_user_token = true - } - - class { '::glance::api': - bind_host => $api_host, - use_user_token => $api_use_user_token, - registry_host => $registry_host, - remote_registry_region_name => $remote_registry_region_name, - workers => $api_workers, - sync_db => $::platform::params::init_database, - show_image_direct_url => $show_image_direct_url, - } - - if 'rbd' in $enabled_backends { - class { '::glance::backend::rbd': - rbd_store_pool => $rbd_store_pool, - rbd_store_ceph_conf => $rbd_store_ceph_conf, - } - } - - include ::openstack::glance::firewall - include ::openstack::glance::haproxy - } -} - - -class openstack::glance::api::reload { - platform::sm::restart {'glance-api': } -} - -class openstack::glance::api::runtime - inherits ::openstack::glance::params { - - if $service_enabled { - include ::openstack::glance::api - - class { '::openstack::glance::api::reload': - stage => post - } - } -} diff --git a/puppet-manifests/src/modules/openstack/manifests/gnocchi.pp b/puppet-manifests/src/modules/openstack/manifests/gnocchi.pp deleted file mode 100644 index 66a0d2c64f..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/gnocchi.pp +++ /dev/null @@ -1,122 +0,0 @@ -class openstack::gnocchi::params ( - $api_port = 8041, - $region_name = undef, - $service_name = 'openstack-gnocchi', - $service_create = false, - $service_enabled = true, -) { } - -class openstack::gnocchi - inherits ::openstack::gnocchi::params { - - if $service_enabled { - - include ::platform::params - - include ::gnocchi - include ::gnocchi::api - include ::gnocchi::client - include ::gnocchi::keystone::authtoken - include ::gnocchi::storage::file - - if $::platform::params::init_database { - include ::gnocchi::db::postgresql - } - - } -} - - -class openstack::gnocchi::firewall - inherits ::openstack::gnocchi::params { - - platform::firewall::rule { 'gnocchi-api': - service_name => 'gnocchi', - ports => $api_port, - } -} - -class openstack::gnocchi::haproxy - inherits ::openstack::gnocchi::params { - - platform::haproxy::proxy { 'gnocchi-restapi': - server_name => 's-gnocchi-restapi', - public_port => $api_port, - private_port => $api_port, - } -} - -class openstack::gnocchi::metricd - inherits ::openstack::gnocchi::params { - - if $service_enabled { - - include ::platform::params - $metricd_workers = $::platform::params::eng_workers_by_2 - - class { '::gnocchi::metricd': - workers => $metricd_workers - } - - if $metricd_workers > 1 { - gnocchi_config { - 'DEFAULT/coordination_url': value => 'file:///opt/gnocchi/locks'; - } - } - - } -} - -class openstack::gnocchi::api - inherits ::openstack::gnocchi::params { - - include ::platform::params - - # The gnocchi user and service are always required and they - # are used by subclouds when the service itself is disabled - # on System Controller - # whether it creates the endpoint is determined by - # gnocchi::keystone::auth::configure_endpoint which is - # set via sysinv puppet - if $::openstack::gnocchi::params::service_create and - $::platform::params::init_keystone { - include ::gnocchi::keystone::auth - } - - if $service_enabled { - - $api_workers = $::platform::params::eng_workers_by_2 - - include ::platform::network::mgmt::params - $url_host = $::platform::network::mgmt::params::controller_address_url - - file { '/usr/share/gnocchi/gnocchi-api.conf': - ensure => file, - content => template('openstack/gnocchi-api.conf.erb'), - owner => 'root', - group => 'root', - mode => '0640', - } - - $storage_configured = inline_template("<% if File.exists?('/opt/gnocchi/tmp/gnocchi-config') -%>true<% else %>false<% end -%>") - if ! str2bool($storage_configured) { - include ::openstack::gnocchi::metricd - $sacks_number = $::openstack::gnocchi::metricd::metricd_workers + 2 - - if $::platform::params::init_database { - $options = "--sacks-number ${sacks_number}" - } else { - $options = "--sacks-number ${sacks_number} --skip-index --skip-archive-policies-creation" - } - - class { '::gnocchi::db::sync': - extra_opts => $options - } - } - - include ::openstack::gnocchi::firewall - include ::openstack::gnocchi::haproxy - } -} - - diff --git a/puppet-manifests/src/modules/openstack/manifests/heat.pp b/puppet-manifests/src/modules/openstack/manifests/heat.pp deleted file mode 100644 index 142d82d0bb..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/heat.pp +++ /dev/null @@ -1,237 +0,0 @@ -class openstack::heat::params ( - $api_port = 8004, - $cfn_port = 8000, - $cloudwatch_port = 8003, - $region_name = undef, - $domain_name = undef, - $domain_admin = undef, - $domain_pwd = undef, - $service_name = 'openstack-heat', - $service_tenant = undef, - $default_endpoint_type = 'internalURL', - $service_create = false, - $service_enabled = true, -) { - include ::platform::params - $api_workers = $::platform::params::eng_workers - - include ::platform::network::mgmt::params - $api_host = $::platform::network::mgmt::params::controller_address -} - - -class openstack::heat - inherits ::openstack::heat::params { - - include ::platform::params - - if $service_enabled { - include ::platform::amqp::params - - if $::platform::params::init_database { - include ::heat::db::postgresql - } - include ::heat::keystone::authtoken - - class { '::heat': - rabbit_use_ssl => $::platform::amqp::params::ssl_enabled, - default_transport_url => $::platform::amqp::params::transport_url, - heat_clients_endpoint_type => $default_endpoint_type, - sync_db => $::platform::params::init_database, - } - - class { '::heat::engine': - num_engine_workers => $::platform::params::eng_workers - } - } - - if $::platform::params::region_config { - if $::openstack::glance::params::region_name != $::platform::params::region_2_name { - $shared_service_glance = [$::openstack::glance::params::service_type] - } else { - $shared_service_glance = [] - } - # skip the check if cinder region name has not been configured - if ($::openstack::cinder::params::region_name != undef and - $::openstack::cinder::params::region_name != $::platform::params::region_2_name) { - $shared_service_cinder = [$::openstack::cinder::params::service_type, - $::openstack::cinder::params::service_type_v2, - $::openstack::cinder::params::service_type_v3] - } else { - $shared_service_cinder = [] - } - $shared_services = concat($shared_service_glance, $shared_service_cinder) - heat_config { - 'DEFAULT/region_name_for_shared_services': value => $::platform::params::region_1_name; - 'DEFAULT/shared_services_types': value => join($shared_services,','); - } - # Subclouds use the region one service tenant and heat domain. In region - # mode we duplicate these in each region. - if $::platform::params::distributed_cloud_role != 'subcloud' { - keystone_tenant { $service_tenant: - ensure => present, - enabled => true, - description => "Tenant for ${::platform::params::region_2_name}", - } - class { '::heat::keystone::domain': - domain_name => $domain_name, - domain_admin => $domain_admin, - manage_domain => true, - manage_user => true, - manage_role => true, - } - } - } - else { - if str2bool($::is_initial_config_primary) { - # Only setup roles and domain information on the controller during initial config - if $service_enabled { - keystone_user_role { 'admin@admin': - ensure => present, - roles => ['admin', '_member_', 'heat_stack_owner'], - require => Class['::heat::engine'], - } - } else { - keystone_user_role { 'admin@admin': - ensure => present, - roles => ['admin', '_member_', 'heat_stack_owner'], - } - } - - # Heat stack owner needs to be created - keystone_role { 'heat_stack_owner': - ensure => present, - } - - class { '::heat::keystone::domain': - manage_domain => true, - manage_user => true, - manage_role => true, - } - } else { - # Second controller does not invoke keystone, but does need configuration - class { '::heat::keystone::domain': - manage_domain => false, - manage_user => false, - manage_role => false, - } - } - } - - if $service_enabled { - # clients_heat endpoint type is publicURL to support wait conditions - heat_config { - 'clients_neutron/endpoint_type': value => $default_endpoint_type; - 'clients_nova/endpoint_type': value => $default_endpoint_type; - 'clients_glance/endpoint_type': value => $default_endpoint_type; - 'clients_cinder/endpoint_type': value => $default_endpoint_type; - 'clients_ceilometer/endpoint_type':value => $default_endpoint_type; - 'clients_heat/endpoint_type': value => 'publicURL'; - 'clients_keystone/endpoint_type': value => $default_endpoint_type; - } - - # Run heat-manage purge_deleted daily at the 20 minute mark - cron { 'heat-purge-deleted': - ensure => 'present', - command => '/usr/bin/heat-purge-deleted-active', - environment => 'PATH=/bin:/usr/bin:/usr/sbin', - minute => '20', - hour => '*/24', - user => 'root', - } - } -} - - - -class openstack::heat::firewall - inherits ::openstack::heat::params { - - platform::firewall::rule { 'heat-api': - service_name => 'heat', - ports => $api_port, - } - - platform::firewall::rule { 'heat-cfn': - service_name => 'heat-cfn', - ports => $cfn_port, - } - - platform::firewall::rule { 'heat-cloudwatch': - service_name => 'heat-cloudwatch', - ports => $cloudwatch_port, - } -} - - -class openstack::heat::haproxy - inherits ::openstack::heat::params { - - platform::haproxy::proxy { 'heat-restapi': - server_name => 's-heat', - public_port => $api_port, - private_port => $api_port, - } - - platform::haproxy::proxy { 'heat-cfn-restapi': - server_name => 's-heat-cfn', - public_port => $cfn_port, - private_port => $cfn_port, - } - - platform::haproxy::proxy { 'heat-cloudwatch': - server_name => 's-heat-cloudwatch', - public_port => $cloudwatch_port, - private_port => $cloudwatch_port, - } -} - - -class openstack::heat::api - inherits ::openstack::heat::params { - - # The heat user and service are always required and they - # are used by subclouds when the service itself is disabled - # on System Controller - # whether it creates the endpoint is determined by - # heat::keystone::auth::configure_endpoint which is - # set via sysinv puppet - if ($::openstack::heat::params::service_create and - $::platform::params::init_keystone) { - include ::heat::keystone::auth - include ::heat::keystone::auth_cfn - } - - if $service_enabled { - class { '::heat::api': - bind_host => $api_host, - workers => $api_workers, - } - - class { '::heat::api_cfn': - bind_host => $api_host, - workers => $api_workers, - } - - class { '::heat::api_cloudwatch': - bind_host => $api_host, - workers => $api_workers, - } - - include ::openstack::heat::firewall - include ::openstack::heat::haproxy - } -} - - -class openstack::heat::engine::reload { - platform::sm::restart {'heat-engine': } -} - -class openstack::heat::engine::runtime { - include ::openstack::heat - - class {'::openstack::heat::engine::reload': - stage => post - } -} diff --git a/puppet-manifests/src/modules/openstack/manifests/horizon.pp b/puppet-manifests/src/modules/openstack/manifests/horizon.pp index 2f9cb2b189..ded50fe504 100755 --- a/puppet-manifests/src/modules/openstack/manifests/horizon.pp +++ b/puppet-manifests/src/modules/openstack/manifests/horizon.pp @@ -82,20 +82,6 @@ class openstack::horizon $workers = $::platform::params::eng_workers_by_2 - include ::openstack::murano::params - if $::openstack::murano::params::service_enabled { - $murano_enabled = 'True' - } else { - $murano_enabled = 'False' - } - - include ::openstack::magnum::params - if $::openstack::magnum::params::service_enabled { - $magnum_enabled = 'True' - } else { - $magnum_enabled = 'False' - } - if str2bool($::is_initial_config) { exec { 'Stop lighttpd': command => 'systemctl stop lighttpd; systemctl disable lighttpd', diff --git a/puppet-manifests/src/modules/openstack/manifests/ironic.pp b/puppet-manifests/src/modules/openstack/manifests/ironic.pp deleted file mode 100644 index f095d116cb..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/ironic.pp +++ /dev/null @@ -1,176 +0,0 @@ -class openstack::ironic::params ( - $api_port = 6485, - $service_enabled = false, - $service_name = 'openstack-ironic', - $region_name = undef, - $default_endpoint_type = 'internalURL', - $tftp_server = undef, - $provisioning_network = undef, - $controller_0_if = undef, - $controller_1_if = undef, - $netmask = undef, -) { - include ::platform::network::mgmt::params - $api_host = $::platform::network::mgmt::params::controller_address - - include ::platform::params - $sw_version = $::platform::params::software_version - $ironic_basedir = '/opt/cgcs/ironic' - $ironic_versioned_dir = "${ironic_basedir}/${sw_version}" - $ironic_tftpboot_dir = "${ironic_versioned_dir}/tftpboot" -} - - -class openstack::ironic::firewall - inherits ::openstack::ironic::params { - - if $service_enabled { - platform::firewall::rule { 'ironic-api': - service_name => 'ironic', - ports => $api_port, - } - } -} - -class openstack::ironic::haproxy - inherits ::openstack::ironic::params { - - if $service_enabled { - platform::haproxy::proxy { 'ironic-restapi': - server_name => 's-ironic-restapi', - public_port => $api_port, - private_port => $api_port, - } - - platform::haproxy::proxy { 'ironic-tftp-restapi': - server_name => 's-ironic-tftp-restapi', - public_port => $api_port, - private_port => $api_port, - public_ip_address => $tftp_server, - enable_https => false, - } - } -} - -class openstack::ironic - inherits ::openstack::ironic::params { - - include ::platform::params - include ::platform::amqp::params - include ::platform::network::mgmt::params - include ::ironic::neutron - include ::ironic::glance - - if $::platform::params::init_database { - include ::ironic::db::postgresql - } - - if str2bool($::is_initial_config_primary) { - include ::ironic::db::sync - } - - class {'::ironic': - rabbit_use_ssl => $::platform::amqp::params::ssl_enabled, - default_transport_url => $::platform::amqp::params::transport_url, - sync_db => false, - my_ip => $api_host, - } - if $tftp_server != undef { - $ipa_api_url = "http://${tftp_server}:${api_port}" - } - else { - $ipa_api_url = undef - } - - # provisioning and cleaning networks are intentionally the same - class {'::ironic::conductor': - provisioning_network => $provisioning_network, - cleaning_network => $provisioning_network, - api_url => $ipa_api_url, - } - - $tftp_master_path = "${ironic_tftpboot_dir}/master_images" - class {'::ironic::drivers::pxe': - tftp_server => $tftp_server, - tftp_root => $ironic_tftpboot_dir, - tftp_master_path => $tftp_master_path, - pxe_append_params => 'nofb nomodeset vga=normal console=ttyS0,115200n8', - } - - # configure tftp root directory - if $::platform::params::init_database { - $ironic_tftp_root_dir = "/opt/cgcs/ironic/${sw_version}" - file { $ironic_basedir: - ensure => 'directory', - owner => 'ironic', - group => 'root', - mode => '0755', - } - -> file { $ironic_versioned_dir: - ensure => 'directory', - owner => 'ironic', - group => 'root', - mode => '0755', - } - -> file { $ironic_tftpboot_dir: - ensure => 'directory', - owner => 'ironic', - group => 'root', - mode => '0755', - } - } - if str2bool($::is_controller_active) { - file { "${ironic_tftpboot_dir}/pxelinux.0": - owner => 'root', - group => 'root', - mode => '0755', - source => '/usr/share/syslinux/pxelinux.0' - } - file { "${ironic_tftpboot_dir}/chain.c32": - owner => 'root', - group => 'root', - mode => '0755', - source => '/usr/share/syslinux/chain.c32' - } - } -} - -class openstack::ironic::api - inherits ::openstack::ironic::params { - - class { '::ironic::api': - port => $api_port, - host_ip => $api_host, - } - - if $service_enabled { - include ::ironic::keystone::auth - } - - include ::openstack::ironic::haproxy - include ::openstack::ironic::firewall - -} - -class openstack::ironic::upgrade - inherits ::openstack::ironic::params{ - - file { $ironic_basedir: - ensure => 'directory', - owner => 'ironic', - group => 'root', - mode => '0755', - } - -> file { $ironic_versioned_dir: - ensure => 'directory', - owner => 'ironic', - group => 'root', - mode => '0755', - } - -> file { $ironic_tftpboot_dir: - ensure => 'directory', - owner => 'ironic', - group => 'root', - mode => '0755', - } -} diff --git a/puppet-manifests/src/modules/openstack/manifests/keystone.pp b/puppet-manifests/src/modules/openstack/manifests/keystone.pp index 29f4d7151a..276d4b8c96 100644 --- a/puppet-manifests/src/modules/openstack/manifests/keystone.pp +++ b/puppet-manifests/src/modules/openstack/manifests/keystone.pp @@ -52,7 +52,7 @@ class openstack::keystone ( $bind_host = $::platform::network::mgmt::params::controller_address_url } - Class[$name] -> Class['::platform::client'] -> Class['::openstack::client'] + Class[$name] -> Class['::platform::client'] include ::keystone::client @@ -217,7 +217,7 @@ class openstack::keystone::bootstrap( include ::keystone::db::postgresql - Class[$name] -> Class['::platform::client'] -> Class['::openstack::client'] + Class[$name] -> Class['::platform::client'] # Create the parent directory for fernet keys repository file { $keystone_key_repo_path: @@ -320,7 +320,6 @@ class openstack::keystone::endpointgroup class openstack::keystone::server::runtime { include ::platform::client - include ::openstack::client include ::openstack::keystone class {'::openstack::keystone::reload': @@ -339,52 +338,6 @@ class openstack::keystone::endpoint::runtime { include ::nfv::keystone::auth include ::fm::keystone::auth - include ::ceilometer::keystone::auth - - include ::openstack::heat::params - if $::openstack::heat::params::service_enabled { - include ::heat::keystone::auth - include ::heat::keystone::auth_cfn - } - - include ::neutron::keystone::auth - include ::nova::keystone::auth - include ::nova::keystone::auth_placement - - include ::openstack::panko::params - if $::openstack::panko::params::service_enabled { - include ::panko::keystone::auth - } - - include ::openstack::gnocchi::params - if $::openstack::gnocchi::params::service_enabled { - include ::gnocchi::keystone::auth - } - - include ::openstack::cinder::params - if $::openstack::cinder::params::service_enabled { - include ::cinder::keystone::auth - } - - include ::openstack::glance::params - include ::glance::keystone::auth - - include ::openstack::murano::params - if $::openstack::murano::params::service_enabled { - include ::murano::keystone::auth - } - - include ::openstack::magnum::params - if $::openstack::magnum::params::service_enabled { - include ::magnum::keystone::auth - include ::magnum::keystone::domain - } - - include ::openstack::ironic::params - if $::openstack::ironic::params::service_enabled { - include ::ironic::keystone::auth - } - include ::platform::ceph::params if $::platform::ceph::params::service_enabled { include ::platform::ceph::rgw::keystone::auth @@ -401,7 +354,6 @@ class openstack::keystone::endpoint::runtime { } include ::smapi::keystone::auth - } } diff --git a/puppet-manifests/src/modules/openstack/manifests/magnum.pp b/puppet-manifests/src/modules/openstack/manifests/magnum.pp deleted file mode 100644 index 19f7dee06b..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/magnum.pp +++ /dev/null @@ -1,85 +0,0 @@ -class openstack::magnum::params ( - $api_port = 9511, - $service_enabled = false, - $service_name = 'openstack-magnum', -) {} - - -class openstack::magnum - inherits ::openstack::magnum::params { - - if $::platform::params::init_database { - include ::magnum::db::postgresql - } - - if str2bool($::is_initial_config_primary) { - class { '::magnum::db::sync': } - } - - include ::platform::params - include ::platform::amqp::params - - include ::magnum::client - include ::magnum::clients - include ::magnum::db - include ::magnum::logging - include ::magnum::conductor - include ::magnum::certificates - - class {'::magnum': - rabbit_use_ssl => $::platform::amqp::params::ssl_enabled, - default_transport_url => $::platform::amqp::params::transport_url, - } - - if $::platform::params::init_database { - include ::magnum::db::postgresql - } -} - -class openstack::magnum::firewall - inherits ::openstack::magnum::params { - - if $service_enabled { - platform::firewall::rule { 'magnum-api': - service_name => 'magnum', - ports => $api_port, - } - } -} - - -class openstack::magnum::haproxy - inherits ::openstack::magnum::params { - - if $service_enabled { - platform::haproxy::proxy { 'magnum-restapi': - server_name => 's-magnum', - public_port => $api_port, - private_port => $api_port, - } - } -} - -class openstack::magnum::api - inherits ::openstack::magnum::params { - - include ::platform::network::mgmt::params - $api_host = $::platform::network::mgmt::params::controller_address - - if $service_enabled { - include ::magnum::keystone::auth - include ::magnum::keystone::authtoken - include ::magnum::keystone::domain - } - - class { '::magnum::api': - enabled => false, - host => $api_host, - sync_db => false, - } - - include ::openstack::magnum::haproxy - include ::openstack::magnum::firewall - -} - diff --git a/puppet-manifests/src/modules/openstack/manifests/murano.pp b/puppet-manifests/src/modules/openstack/manifests/murano.pp deleted file mode 100644 index a82c21488d..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/murano.pp +++ /dev/null @@ -1,288 +0,0 @@ -class openstack::murano::params ( - $tcp_listen_options, - $rabbit_tcp_listen_options, - $rabbit_cipher_list, - $api_port = 8082, - $auth_password = 'guest', - $auth_user = 'guest', - $service_enabled = false, - $disable_murano_agent = true, - $service_name = 'openstack-murano', - $database_idle_timeout = 60, - $database_max_pool_size = 1, - $database_max_overflow = 10, - $rabbit_normal_port = '5672', - $rabbit_ssl_port = '5671', - $rabbit_certs_dir = '/etc/ssl/private/murano-rabbit', - $tlsv2 = 'tlsv1.2', - $tlsv1 = 'tlsv1.1', - $ssl_fail_if_no_peer_cert = true, - $disk_free_limit = '10000000', - $heartbeat = '30', - $ssl = false, -) {} - -class openstack::murano::firewall - inherits ::openstack::murano::params { - - if $service_enabled { - platform::firewall::rule { 'murano-api': - service_name => 'murano', - ports => $api_port, - } - - if $disable_murano_agent != true { - if $ssl == true { - platform::firewall::rule { 'murano-rabbit-ssl': - service_name => 'murano-rabbit-ssl', - ports => 5671, - } - platform::firewall::rule { 'murano-rabbit-regular': - ensure => absent, - ports => 5672, - service_name => 'murano-rabbit-regular', - } - } else { - platform::firewall::rule { 'murano-rabbit-regular': - service_name => 'murano-rabbit-regular', - ports => 5672, - } - platform::firewall::rule { 'murano-rabbit-ssl': - ensure => absent, - ports => 5671, - service_name => 'murano-rabbit-ssl', - } - } - } else { - platform::firewall::rule { 'murano-rabbit-regular': - ensure => absent, - ports => 5672, - service_name => 'murano-rabbit-regular', - } - platform::firewall::rule { 'murano-rabbit-ssl': - ensure => absent, - ports => 5671, - service_name => 'murano-rabbit-ssl', - } - } - } -} - -class openstack::murano::haproxy - inherits ::openstack::murano::params { - - if $service_enabled { - platform::haproxy::proxy { 'murano-restapi': - server_name => 's-murano-restapi', - public_port => $api_port, - private_port => $api_port, - } - } -} - -class openstack::murano - inherits ::openstack::murano::params { - - if $::platform::params::init_database { - include ::murano::db::postgresql - } - - if str2bool($::is_initial_config_primary) { - class { '::murano::db::sync': } - } - - include ::platform::params - include ::platform::amqp::params - - include ::murano::client - - class { '::murano::dashboard': - sync_db => false, - } - - class { '::murano::engine': - workers => $::platform::params::eng_workers_by_4, - } - - if $ssl { - $murano_rabbit_port = $rabbit_ssl_port - $murano_cacert = "${rabbit_certs_dir}/ca-cert.pem" - } else { - $murano_rabbit_port = $rabbit_normal_port - $murano_cacert = undef - } - - include ::murano::params - - class {'::murano': - use_syslog => true, - log_facility => 'local2', - service_host => $::platform::network::mgmt::params::controller_address, - service_port => '8082', - database_idle_timeout => $database_idle_timeout, - database_max_pool_size => $database_max_pool_size, - database_max_overflow => $database_max_overflow, - sync_db => false, - rabbit_own_user => $::openstack::murano::params::auth_user, - rabbit_own_password => $::openstack::murano::params::auth_password, - rabbit_own_host => $::platform::network::oam::params::controller_address, - rabbit_own_port => $murano_rabbit_port, - rabbit_own_vhost => '/', - rabbit_own_use_ssl => $ssl, - rabbit_own_ca_certs => $murano_cacert, - disable_murano_agent => $disable_murano_agent, - api_workers => $::platform::params::eng_workers_by_4, - default_transport_url => $::platform::amqp::params::transport_url, - } - - # this rabbitmq is separate from the main one and used only for murano - case $::platform::amqp::params::backend { - 'rabbitmq': { - enable_murano_agent_rabbitmq { 'rabbitmq': } - } - default: {} - } -} - -class openstack::murano::api - inherits ::openstack::murano::params { - include ::platform::params - - class { '::murano::api': - enabled => false, - host => $::platform::network::mgmt::params::controller_address, - } - - $upgrade = $::platform::params::controller_upgrade - if $service_enabled and (str2bool($::is_controller_active) or $upgrade) { - include ::murano::keystone::auth - } - - include ::openstack::murano::haproxy - include ::openstack::murano::firewall - -} - -define enable_murano_agent_rabbitmq { - include ::openstack::murano::params - include ::platform::params - - # Rabbit configuration parameters - $amqp_platform_sw_version = $::platform::params::software_version - $kombu_ssl_ca_certs = "${::openstack::murano::params::rabbit_certs_dir}/ca-cert.pem" - $kombu_ssl_keyfile = "${::openstack::murano::params::rabbit_certs_dir}/key.pem" - $kombu_ssl_certfile = "${::openstack::murano::params::rabbit_certs_dir}/cert.pem" - - $murano_rabbit_dir = '/var/lib/rabbitmq/murano' - $rabbit_home = "${murano_rabbit_dir}/${amqp_platform_sw_version}" - $mnesia_base = "${rabbit_home}/mnesia" - $rabbit_node = $::platform::amqp::params::node - $murano_rabbit_node = "murano-${rabbit_node}" - $default_user = $::openstack::murano::params::auth_user - $default_pass = $::openstack::murano::params::auth_password - $disk_free_limit = $::openstack::murano::params::disk_free_limit - $heartbeat = $::openstack::murano::params::heartbeat - $port = $::openstack::murano::params::rabbit_normal_port - - $rabbit_cipher_list = $::openstack::murano::params::rabbit_cipher_list - - $ssl_interface = $::platform::network::oam::params::controller_address - $ssl_port = $::openstack::murano::params::rabbit_ssl_port - $tlsv2 = $::openstack::murano::params::tlsv2 - $tlsv1 = $::openstack::murano::params::tlsv1 - $fail_if_no_peer_cert = $::openstack::murano::params::ssl_fail_if_no_peer_cert - - $tcp_listen_options = $::openstack::murano::params::tcp_listen_options - $rabbit_tcp_listen_options = $::openstack::murano::params::rabbit_tcp_listen_options - - # murano rabbit ssl certificates are placed here - file { $::openstack::murano::params::rabbit_certs_dir: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - - if $::platform::params::init_database { - file { $murano_rabbit_dir: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - - -> file { $rabbit_home: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - - -> file { $mnesia_base: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } -> Class['::rabbitmq'] - } - - if $::openstack::murano::params::ssl { - $files_to_set_owner = [ $kombu_ssl_keyfile, $kombu_ssl_certfile ] - file { $files_to_set_owner: - owner => 'rabbitmq', - group => 'rabbitmq', - require => Package['rabbitmq-server'], - notify => Service['rabbitmq-server'], - } - $rabbitmq_conf_template= 'openstack/murano-rabbitmq.config.ssl.erb' - - } else { - $rabbitmq_conf_template= 'openstack/murano-rabbitmq.config.erb' - } - - file { '/etc/rabbitmq/murano-rabbitmq.config': - ensure => present, - owner => 'rabbitmq', - group => 'rabbitmq', - mode => '0640', - content => template($rabbitmq_conf_template), - } - - file { '/etc/rabbitmq/murano-rabbitmq-env.conf': - ensure => present, - owner => 'rabbitmq', - group => 'rabbitmq', - mode => '0640', - content => template('openstack/murano-rabbitmq-env.conf.erb'), - } -} - -class openstack::murano::upgrade { - include ::platform::params - - $amqp_platform_sw_version = $::platform::params::software_version - $murano_rabbit_dir = '/var/lib/rabbitmq/murano' - $rabbit_home = "${murano_rabbit_dir}/${amqp_platform_sw_version}" - $mnesia_base = "${rabbit_home}/mnesia" - - file { $murano_rabbit_dir: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - - -> file { $rabbit_home: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } - - -> file { $mnesia_base: - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0755', - } -} diff --git a/puppet-manifests/src/modules/openstack/manifests/neutron.pp b/puppet-manifests/src/modules/openstack/manifests/neutron.pp deleted file mode 100644 index 532430fe95..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/neutron.pp +++ /dev/null @@ -1,332 +0,0 @@ -class openstack::neutron::params ( - $api_port = 9696, - $bgp_port = 179, - $region_name = undef, - $service_name = 'openstack-neutron', - $bgp_router_id = undef, - $service_create = false, - $configure_endpoint = true, - $tunnel_csum = undef, -) { } - -class openstack::neutron - inherits ::openstack::neutron::params { - - include ::platform::params - include ::platform::amqp::params - - include ::neutron::logging - - class { '::neutron': - rabbit_use_ssl => $::platform::amqp::params::ssl_enabled, - default_transport_url => $::platform::amqp::params::transport_url, - } -} - - -define openstack::neutron::sdn::controller ( - $transport, - $ip_address, - $port, -) { - include ::platform::params - include ::platform::network::oam::params - include ::platform::network::mgmt::params - - $oam_interface = $::platform::network::oam::params::interface_name - $mgmt_subnet_network = $::platform::network::mgmt::params::subnet_network - $mgmt_subnet_prefixlen = $::platform::network::mgmt::params::subnet_prefixlen - $oam_address = $::platform::network::oam::params::controller_address - $system_type = $::platform::params::system_type - - $mgmt_subnet = "${mgmt_subnet_network}/${mgmt_subnet_prefixlen}" - - if $system_type == 'Standard' { - if $transport == 'tls' { - $firewall_proto_transport = 'tcp' - } else { - $firewall_proto_transport = $transport - } - - platform::firewall::rule { $name: - service_name => $name, - table => 'nat', - chain => 'POSTROUTING', - proto => $firewall_proto_transport, - outiface => $oam_interface, - tosource => $oam_address, - destination => $ip_address, - host => $mgmt_subnet, - jump => 'SNAT', - } - } -} - - -class openstack::neutron::odl::params( - $username = undef, - $password= undef, - $url = undef, - $controller_config = {}, - $port_binding_controller = undef, -) {} - -class openstack::neutron::odl - inherits ::openstack::neutron::odl::params { - - include ::platform::params - - if $::platform::params::sdn_enabled { - create_resources('openstack::neutron::sdn::controller', $controller_config, {}) - } - class {'::neutron::plugins::ml2::opendaylight': - odl_username => $username, - odl_password => $password, - odl_url => $url, - port_binding_controller => $port_binding_controller, - } -} - - -class openstack::neutron::bgp - inherits ::openstack::neutron::params { - - if $bgp_router_id { - class {'::neutron::bgp': - bgp_router_id => $bgp_router_id, - } - - class {'::neutron::services::bgpvpn': - } - - exec { 'systemctl enable neutron-bgp-dragent.service': - command => 'systemctl enable neutron-bgp-dragent.service', - } - - exec { 'systemctl restart neutron-bgp-dragent.service': - command => 'systemctl restart neutron-bgp-dragent.service', - } - - file { '/etc/pmon.d/': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - } - - file { '/etc/pmon.d/neutron-bgp-dragent.conf': - ensure => link, - target => '/etc/neutron/pmon/neutron-bgp-dragent.conf', - owner => 'root', - group => 'root', - } - } else { - exec { 'pmon-stop neutron-bgp-dragent': - command => 'pmon-stop neutron-bgp-dragent', - } - -> exec { 'rm -f /etc/pmon.d/neutron-bgp-dragent.conf': - command => 'rm -f /etc/pmon.d/neutron-bgp-dragent.conf', - } - -> exec { 'systemctl disable neutron-bgp-dragent.service': - command => 'systemctl disable neutron-bgp-dragent.service', - } - -> exec { 'systemctl stop neutron-bgp-dragent.service': - command => 'systemctl stop neutron-bgp-dragent.service', - } - } -} - - -class openstack::neutron::sfc ( - $sfc_drivers = 'ovs', - $flowclassifier_drivers = 'ovs', - $sfc_quota_flow_classifier = undef, - $sfc_quota_port_chain = undef, - $sfc_quota_port_pair_group = undef, - $sfc_quota_port_pair = undef, -) inherits ::openstack::neutron::params { - - if $sfc_drivers { - class {'::neutron::sfc': - sfc_drivers => $sfc_drivers, - flowclassifier_drivers => $flowclassifier_drivers, - quota_flow_classifier => $sfc_quota_flow_classifier, - quota_port_chain => $sfc_quota_port_chain, - quota_port_pair_group => $sfc_quota_port_pair_group, - quota_port_pair => $sfc_quota_port_pair, - } - } -} - - -class openstack::neutron::server { - - include ::platform::params - if $::platform::params::init_database { - include ::neutron::db::postgresql - } - include ::neutron::plugins::ml2 - - include ::neutron::server::notifications - - include ::neutron::keystone::authtoken - - class { '::neutron::server': - api_workers => $::platform::params::eng_workers_by_2, - rpc_workers => $::platform::params::eng_workers_by_2, - sync_db => $::platform::params::init_database, - } - - file { '/etc/neutron/api-paste.ini': - ensure => file, - mode => '0640', - } - - Class['::neutron::server'] -> File['/etc/neutron/api-paste.ini'] - - include ::openstack::neutron::bgp - include ::openstack::neutron::odl - include ::openstack::neutron::sfc -} - - -class openstack::neutron::agents - inherits ::openstack::neutron::params { - - include ::platform::kubernetes::params - - if (str2bool($::disable_worker_services) or - $::platform::kubernetes::params::enabled) { - $pmon_ensure = absent - - class {'::neutron::agents::l3': - enabled => false - } - class {'::neutron::agents::dhcp': - enabled => false - } - class {'::neutron::agents::metadata': - enabled => false, - } - class {'::neutron::agents::ml2::sriov': - enabled => false - } - class {'::neutron::agents::ml2::ovs': - enabled => false - } - } else { - $pmon_ensure = link - - class {'::neutron::agents::metadata': - metadata_workers => $::platform::params::eng_workers_by_4 - } - - include ::neutron::agents::dhcp - include ::neutron::agents::l3 - include ::neutron::agents::ml2::sriov - include ::neutron::agents::ml2::ovs - } - - if $::platform::params::vswitch_type =~ '^ovs' { - # Ensure bridges and addresses are configured before agent is started - Platform::Vswitch::Ovs::Bridge<||> ~> Service['neutron-ovs-agent-service'] - Platform::Vswitch::Ovs::Address<||> ~> Service['neutron-ovs-agent-service'] - - # Enable/disable tunnel checksum - neutron_agent_ovs { - 'agent/tunnel_csum': value => $tunnel_csum; - } - } - - file { '/etc/pmon.d/neutron-dhcp-agent.conf': - ensure => $pmon_ensure, - target => '/etc/neutron/pmon/neutron-dhcp-agent.conf', - owner => 'root', - group => 'root', - mode => '0755', - } - - file { '/etc/pmon.d/neutron-metadata-agent.conf': - ensure => $pmon_ensure, - target => '/etc/neutron/pmon/neutron-metadata-agent.conf', - owner => 'root', - group => 'root', - mode => '0755', - } - - file { '/etc/pmon.d/neutron-sriov-nic-agent.conf': - ensure => $pmon_ensure, - target => '/etc/neutron/pmon/neutron-sriov-nic-agent.conf', - owner => 'root', - group => 'root', - mode => '0755', - } -} - - -class openstack::neutron::firewall - inherits ::openstack::neutron::params { - - platform::firewall::rule { 'neutron-api': - service_name => 'neutron', - ports => $api_port, - } - - if $bgp_router_id { - platform::firewall::rule { 'ryu-bgp-port': - service_name => 'neutron', - ports => $bgp_port, - } - } else { - platform::firewall::rule { 'ryu-bgp-port': - ensure => absent, - service_name => 'neutron', - ports => $bgp_port, - } - } -} - - -class openstack::neutron::haproxy - inherits ::openstack::neutron::params { - - platform::haproxy::proxy { 'neutron-restapi': - server_name => 's-neutron', - public_port => $api_port, - private_port => $api_port, - } -} - - -class openstack::neutron::api - inherits ::openstack::neutron::params { - - include ::platform::params - - if ($::openstack::neutron::params::service_create and - $::platform::params::init_keystone) { - - include ::neutron::keystone::auth - } - - if $::openstack::neutron::params::configure_endpoint { - include ::openstack::neutron::firewall - include ::openstack::neutron::haproxy - } -} - - -class openstack::neutron::server::reload { - platform::sm::restart {'neutron-server': } -} - - -class openstack::neutron::server::runtime { - include ::openstack::neutron - include ::openstack::neutron::server - include ::openstack::neutron::firewall - - class {'::openstack::neutron::server::reload': - stage => post - } -} diff --git a/puppet-manifests/src/modules/openstack/manifests/panko.pp b/puppet-manifests/src/modules/openstack/manifests/panko.pp deleted file mode 100644 index c76848ca9d..0000000000 --- a/puppet-manifests/src/modules/openstack/manifests/panko.pp +++ /dev/null @@ -1,117 +0,0 @@ -class openstack::panko::params ( - $api_port = 8977, - $region_name = undef, - $service_name = 'openstack-panko', - $service_create = false, - $event_time_to_live = '-1', - $service_enabled = true, -) { } - -class openstack::panko - inherits ::openstack::panko::params { - - if $service_enabled { - - include ::platform::params - - include ::panko::client - include ::panko::keystone::authtoken - - if $::platform::params::init_database { - include ::panko::db::postgresql - } - - class { '::panko::db': - } - - panko_config { - 'database/event_time_to_live': value => $event_time_to_live; - } - - # WRS register panko-expirer-active in cron to run once each hour - cron { 'panko-expirer': - ensure => 'present', - command => '/usr/bin/panko-expirer-active', - environment => 'PATH=/bin:/usr/bin:/usr/sbin', - minute => 10, - hour => '*', - monthday => '*', - user => 'root', - } - } -} - - -class openstack::panko::firewall - inherits ::openstack::panko::params { - - platform::firewall::rule { 'panko-api': - service_name => 'panko', - ports => $api_port, - } -} - -class openstack::panko::haproxy - inherits ::openstack::panko::params { - - platform::haproxy::proxy { 'panko-restapi': - server_name => 's-panko-restapi', - public_port => $api_port, - private_port => $api_port, - } -} - - -class openstack::panko::api - inherits ::openstack::panko::params { - - include ::platform::params - - # The panko user and service are always required and they - # are used by subclouds when the service itself is disabled - # on System Controller - # whether it creates the endpoint is determined by - # panko::keystone::auth::configure_endpoint which is - # set via sysinv puppet - if $::openstack::panko::params::service_create and - $::platform::params::init_keystone { - include ::panko::keystone::auth - } - - if $service_enabled { - - $api_workers = $::platform::params::eng_workers_by_2 - - include ::platform::network::mgmt::params - $api_host = $::platform::network::mgmt::params::controller_address - $url_host = $::platform::network::mgmt::params::controller_address_url - - if $::platform::params::init_database { - include ::panko::db::postgresql - } - - file { '/usr/share/panko/panko-api.conf': - ensure => file, - content => template('openstack/panko-api.conf.erb'), - owner => 'root', - group => 'root', - mode => '0640', - } - -> class { '::panko::api': - host => $api_host, - workers => $api_workers, - sync_db => $::platform::params::init_database, - } - - include ::openstack::panko::firewall - include ::openstack::panko::haproxy - } -} - -class openstack::panko::runtime - inherits ::openstack::panko::params { - - panko_config { - 'database/event_time_to_live': value => $event_time_to_live; - } -} diff --git a/puppet-manifests/src/modules/openstack/templates/aodh-api.conf.erb b/puppet-manifests/src/modules/openstack/templates/aodh-api.conf.erb deleted file mode 100644 index f6a5176cc5..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/aodh-api.conf.erb +++ /dev/null @@ -1 +0,0 @@ -bind='<%= @url_host %>:<%= @api_port %>' diff --git a/puppet-manifests/src/modules/openstack/templates/ceilometer-api.conf.erb b/puppet-manifests/src/modules/openstack/templates/ceilometer-api.conf.erb deleted file mode 100644 index 766f1e417c..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/ceilometer-api.conf.erb +++ /dev/null @@ -1,2 +0,0 @@ -bind='<%= @url_host %>:<%= @api_port %>' -workers=<%= @api_workers %> diff --git a/puppet-manifests/src/modules/openstack/templates/gnocchi-api.conf.erb b/puppet-manifests/src/modules/openstack/templates/gnocchi-api.conf.erb deleted file mode 100644 index 763aac83ed..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/gnocchi-api.conf.erb +++ /dev/null @@ -1,3 +0,0 @@ -bind='<%= @url_host %>:<%= @api_port %>' -workers=<%= @api_workers %> - diff --git a/puppet-manifests/src/modules/openstack/templates/gnocchi_resources.yaml.erb b/puppet-manifests/src/modules/openstack/templates/gnocchi_resources.yaml.erb deleted file mode 100644 index 319f4ac5e1..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/gnocchi_resources.yaml.erb +++ /dev/null @@ -1,392 +0,0 @@ ---- -archive_policy_default: ceilometer-low -archive_policies: - - name: ceilometer-low - aggregation_methods: - - mean - back_window: 0 - definition: - - granularity: 5 minutes - timespan: 7 days - - name: ceilometer-low-rate - aggregation_methods: - - mean - - rate:mean - back_window: 0 - definition: - - granularity: 5 minutes - timespan: 7 days - -resources: - - resource_type: identity - metrics: - identity.authenticate.success: - identity.authenticate.pending: - identity.authenticate.failure: - identity.user.created: - identity.user.deleted: - identity.user.updated: - identity.group.created: - identity.group.deleted: - identity.group.updated: - identity.role.created: - identity.role.deleted: - identity.role.updated: - identity.project.created: - identity.project.deleted: - identity.project.updated: - identity.trust.created: - identity.trust.deleted: - identity.role_assignment.created: - identity.role_assignment.deleted: - - - resource_type: ceph_account - metrics: - radosgw.objects: - radosgw.objects.size: - radosgw.objects.containers: - radosgw.api.request: - radosgw.containers.objects: - radosgw.containers.objects.size: - - - resource_type: instance - metrics: - memory: - memory.usage: - memory.resident: - memory.swap.in: - memory.swap.out: - memory.bandwidth.total: - memory.bandwidth.local: - vcpus: - archive_policy_name: ceilometer-low-rate - vcpu_util: - cpu: - archive_policy_name: ceilometer-low-rate - cpu.delta: - cpu_util: - cpu_l3_cache: - disk.root.size: - disk.ephemeral.size: - disk.read.requests: - archive_policy_name: ceilometer-low-rate - disk.read.requests.rate: - disk.write.requests: - archive_policy_name: ceilometer-low-rate - disk.write.requests.rate: - disk.read.bytes: - archive_policy_name: ceilometer-low-rate - disk.read.bytes.rate: - disk.write.bytes: - archive_policy_name: ceilometer-low-rate - disk.write.bytes.rate: - disk.latency: - disk.iops: - disk.capacity: - disk.allocation: - disk.usage: - compute.instance.booting.time: - perf.cpu.cycles: - perf.instructions: - perf.cache.references: - perf.cache.misses: - attributes: - host: resource_metadata.(instance_host|host) - image_ref: resource_metadata.image_ref - display_name: resource_metadata.display_name - flavor_id: resource_metadata.(instance_flavor_id|(flavor.id)|flavor_id) - flavor_name: resource_metadata.(instance_type|(flavor.name)|flavor_name) - server_group: resource_metadata.user_metadata.server_group - event_delete: compute.instance.delete.start - event_attributes: - id: instance_id - event_associated_resources: - instance_network_interface: '{"=": {"instance_id": "%s"}}' - instance_disk: '{"=": {"instance_id": "%s"}}' - - - resource_type: instance_network_interface - metrics: - network.outgoing.packets.rate: - network.incoming.packets.rate: - network.outgoing.packets: - archive_policy_name: ceilometer-low-rate - network.incoming.packets: - archive_policy_name: ceilometer-low-rate - network.outgoing.packets.drop: - archive_policy_name: ceilometer-low-rate - network.incoming.packets.drop: - archive_policy_name: ceilometer-low-rate - network.outgoing.packets.error: - archive_policy_name: ceilometer-low-rate - network.incoming.packets.error: - archive_policy_name: ceilometer-low-rate - network.outgoing.bytes.rate: - network.incoming.bytes.rate: - network.outgoing.bytes: - archive_policy_name: ceilometer-low-rate - network.incoming.bytes: - archive_policy_name: ceilometer-low-rate - attributes: - name: resource_metadata.vnic_name - instance_id: resource_metadata.instance_id - - - resource_type: instance_disk - metrics: - disk.device.read.requests: - archive_policy_name: ceilometer-low-rate - disk.device.read.requests.rate: - disk.device.write.requests: - archive_policy_name: ceilometer-low-rate - disk.device.write.requests.rate: - disk.device.read.bytes: - archive_policy_name: ceilometer-low-rate - disk.device.read.bytes.rate: - disk.device.write.bytes: - archive_policy_name: ceilometer-low-rate - disk.device.write.bytes.rate: - disk.device.latency: - disk.device.read.latency: - disk.device.write.latency: - disk.device.iops: - disk.device.capacity: - disk.device.allocation: - disk.device.usage: - attributes: - name: resource_metadata.disk_name - instance_id: resource_metadata.instance_id - - - resource_type: image - metrics: - image.size: - image.download: - image.serve: - attributes: - name: resource_metadata.name - container_format: resource_metadata.container_format - disk_format: resource_metadata.disk_format - event_delete: image.delete - event_attributes: - id: resource_id - - - resource_type: ipmi - metrics: - hardware.ipmi.node.power: - hardware.ipmi.node.temperature: - hardware.ipmi.node.inlet_temperature: - hardware.ipmi.node.outlet_temperature: - hardware.ipmi.node.fan: - hardware.ipmi.node.current: - hardware.ipmi.node.voltage: - hardware.ipmi.node.airflow: - hardware.ipmi.node.cups: - hardware.ipmi.node.cpu_util: - hardware.ipmi.node.mem_util: - hardware.ipmi.node.io_util: - hardware.ipmi.temperature: - hardware.ipmi.voltage: - hardware.ipmi.current: - hardware.ipmi.fan: - - - resource_type: network - metrics: - bandwidth: - ip.floating: - event_delete: floatingip.delete.end - event_attributes: - id: resource_id - - - resource_type: stack - metrics: - stack.create: - stack.update: - stack.delete: - stack.resume: - stack.suspend: - - - resource_type: swift_account - metrics: - storage.objects.incoming.bytes: - storage.objects.outgoing.bytes: - storage.api.request: - storage.objects.size: - storage.objects: - storage.objects.containers: - storage.containers.objects: - storage.containers.objects.size: - - - resource_type: volume - metrics: - volume: - volume.size: - snapshot.size: - volume.snapshot.size: - volume.backup.size: - attributes: - display_name: resource_metadata.(display_name|name) - volume_type: resource_metadata.volume_type - event_delete: volume.delete.start - event_attributes: - id: resource_id - - - resource_type: volume_provider - metrics: - volume.provider.capacity.total: - volume.provider.capacity.free: - volume.provider.capacity.allocated: - volume.provider.capacity.provisioned: - volume.provider.capacity.virtual_free: - - - resource_type: volume_provider_pool - metrics: - volume.provider.pool.capacity.total: - volume.provider.pool.capacity.free: - volume.provider.pool.capacity.allocated: - volume.provider.pool.capacity.provisioned: - volume.provider.pool.capacity.virtual_free: - attributes: - provider: resource_metadata.provider - - - resource_type: host - metrics: - hardware.cpu.load.1min: - hardware.cpu.load.5min: - hardware.cpu.load.15min: - hardware.cpu.util: - hardware.memory.total: - hardware.memory.used: - hardware.memory.swap.total: - hardware.memory.swap.avail: - hardware.memory.buffer: - hardware.memory.cached: - hardware.network.ip.outgoing.datagrams: - hardware.network.ip.incoming.datagrams: - hardware.system_stats.cpu.idle: - hardware.system_stats.io.outgoing.blocks: - hardware.system_stats.io.incoming.blocks: - attributes: - host_name: resource_metadata.resource_url - - - resource_type: host_disk - metrics: - hardware.disk.size.total: - hardware.disk.size.used: - hardware.disk.read.bytes: - hardware.disk.write.bytes: - hardware.disk.read.requests: - hardware.disk.write.requests: - attributes: - host_name: resource_metadata.resource_url - device_name: resource_metadata.device - - - resource_type: host_network_interface - metrics: - hardware.network.incoming.bytes: - hardware.network.outgoing.bytes: - hardware.network.outgoing.errors: - attributes: - host_name: resource_metadata.resource_url - device_name: resource_metadata.name - - - resource_type: nova_compute - metrics: - compute.node.cpu.frequency: - compute.node.cpu.idle.percent: - compute.node.cpu.idle.time: - compute.node.cpu.iowait.percent: - compute.node.cpu.iowait.time: - compute.node.cpu.kernel.percent: - compute.node.cpu.kernel.time: - compute.node.cpu.percent: - compute.node.cpu.user.percent: - compute.node.cpu.user.time: - attributes: - host_name: resource_metadata.host - - - resource_type: manila_share - metrics: - manila.share.size: - attributes: - name: resource_metadata.name - host: resource_metadata.host - status: resource_metadata.status - availability_zone: resource_metadata.availability_zone - protocol: resource_metadata.protocol - - - resource_type: switch - metrics: - switch: - switch.ports: - attributes: - controller: resource_metadata.controller - - - resource_type: switch_port - metrics: - switch.port: - switch.port.uptime: - switch.port.receive.packets: - switch.port.transmit.packets: - switch.port.receive.bytes: - switch.port.transmit.bytes: - switch.port.receive.drops: - switch.port.transmit.drops: - switch.port.receive.errors: - switch.port.transmit.errors: - switch.port.receive.frame_error: - switch.port.receive.overrun_error: - switch.port.receive.crc_error: - switch.port.collision.count: - attributes: - switch: resource_metadata.switch - port_number_on_switch: resource_metadata.port_number_on_switch - neutron_port_id: resource_metadata.neutron_port_id - controller: resource_metadata.controller - - - resource_type: port - metrics: - port: - port.uptime: - port.receive.packets: - port.transmit.packets: - port.receive.bytes: - port.transmit.bytes: - port.receive.drops: - port.receive.errors: - attributes: - controller: resource_metadata.controller - - - resource_type: switch_table - metrics: - switch.table.active.entries: - attributes: - controller: resource_metadata.controller - switch: resource_metadata.switch - - - resource_type: vswitch_engine - metrics: - vswitch.engine.util: - vswitch.engine.receive.discard: - vswitch.engine.transmit.discard: - attributes: - host: resource_metadata.host - cpu_id: resource_metadata.cpu_id - - - resource_type: vswitch_interface_and_port - metrics: - vswitch.interface.receive.errors: - vswitch.interface.transmit.errors: - vswitch.interface.receive.discards: - vswitch.interface.transmit.discards: - vswitch.port.receive.bytes: - vswitch.port.receive.packets: - vswitch.port.receive.util: - vswitch.port.transmit.bytes: - vswitch.port.transmit.packets: - vswitch.port.transmit.util: - vswitch.port.receive.errors: - vswitch.port.receive.missed: - vswitch.port.transmit.errors: - attributes: - host: resource_metadata.host - network_uuid: resource_metadata.network_uuid - network_id: resource_metadata.network_id - link-speed: resource_metadata.link-speed diff --git a/puppet-manifests/src/modules/openstack/templates/horizon-params.erb b/puppet-manifests/src/modules/openstack/templates/horizon-params.erb index 115fa83209..aa64d9e2f7 100644 --- a/puppet-manifests/src/modules/openstack/templates/horizon-params.erb +++ b/puppet-manifests/src/modules/openstack/templates/horizon-params.erb @@ -3,9 +3,6 @@ https_enabled = <%= @enable_https %> [auth] lockout_period = <%= @lockout_period %> lockout_retries = <%= @lockout_retries %> -[optional_tabs] -murano_enabled = <%= @murano_enabled %> -magnum_enabled = <%= @magnum_enabled %> [deployment] workers = <%= @workers %> diff --git a/puppet-manifests/src/modules/openstack/templates/keystone-policy.json.erb b/puppet-manifests/src/modules/openstack/templates/keystone-policy.json.erb index 42f858aaff..2d6c6f142e 100644 --- a/puppet-manifests/src/modules/openstack/templates/keystone-policy.json.erb +++ b/puppet-manifests/src/modules/openstack/templates/keystone-policy.json.erb @@ -8,25 +8,14 @@ "admin_or_token_subject": "rule:admin_required or rule:token_subject", "service_admin_or_token_subject": "rule:service_or_admin or rule:token_subject", - "protected_domains": "'heat':%(target.domain.name)s or 'magnum':%(target.domain.name)s", + "protected_domains": "", "protected_projects": "'admin':%(target.project.name)s or 'services':%(target.project.name)s", - "protected_admins": "'admin':%(target.user.name)s or 'heat_admin':%(target.user.name)s or 'dcmanager':%(target.user.name)s", - "protected_roles": "'admin':%(target.role.name)s or 'heat_admin':%(target.user.name)s", - "protected_services": [["'aodh':%(target.user.name)s"], - ["'barbican':%(target.user.name)s"], - ["'ceilometer':%(target.user.name)s"], - ["'cinder':%(target.user.name)s"], - ["'glance':%(target.user.name)s"], - ["'heat':%(target.user.name)s"], - ["'neutron':%(target.user.name)s"], - ["'nova':%(target.user.name)s"], + "protected_admins": "'admin':%(target.user.name)s or 'dcmanager':%(target.user.name)s", + "protected_roles": "'admin':%(target.role.name)s", + "protected_services": [["'barbican':%(target.user.name)s"], ["'patching':%(target.user.name)s"], ["'sysinv':%(target.user.name)s"], ["'mtce':%(target.user.name)s"], - ["'magnum':%(target.user.name)s"], - ["'murano':%(target.user.name)s"], - ["'panko':%(target.user.name)s"], - ["'gnocchi':%(target.user.name)s"], ["'fm':%(target.user.name)s"]], "identity:delete_service": "rule:admin_required and not rule:protected_services", diff --git a/puppet-manifests/src/modules/openstack/templates/murano-rabbitmq-env.conf.erb b/puppet-manifests/src/modules/openstack/templates/murano-rabbitmq-env.conf.erb deleted file mode 100644 index 9af749e826..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/murano-rabbitmq-env.conf.erb +++ /dev/null @@ -1,4 +0,0 @@ -HOME=<%= @rabbit_home %> -NODE_PORT=<%= @port %> -RABBITMQ_MNESIA_BASE=<%= @mnesia_base %> -RABBITMQ_NODENAME=<%= @murano_rabbit_node %> diff --git a/puppet-manifests/src/modules/openstack/templates/murano-rabbitmq.config.erb b/puppet-manifests/src/modules/openstack/templates/murano-rabbitmq.config.erb deleted file mode 100644 index 9ff729a81e..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/murano-rabbitmq.config.erb +++ /dev/null @@ -1,18 +0,0 @@ -% This file managed by Puppet -% Template Path: rabbitmq/templates/rabbitmq.config -[ - {rabbit, [ - {tcp_listen_options, - <%= @rabbit_tcp_listen_options %> - }, - {disk_free_limit, <%= @disk_free_limit %>}, - {heartbeat, <%= @heartbeat %>}, - {tcp_listen_options, <%= @tcp_listen_options %>}, - {default_user, <<"<%= @default_user %>">>}, - {default_pass, <<"<%= @default_pass %>">>} - ]}, - {kernel, [ - - ]} -]. -% EOF \ No newline at end of file diff --git a/puppet-manifests/src/modules/openstack/templates/murano-rabbitmq.config.ssl.erb b/puppet-manifests/src/modules/openstack/templates/murano-rabbitmq.config.ssl.erb deleted file mode 100644 index 3c317bbfe9..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/murano-rabbitmq.config.ssl.erb +++ /dev/null @@ -1,30 +0,0 @@ -% This file managed by Puppet -% Template Path: rabbitmq/templates/rabbitmq.config -[ - {ssl, [{versions, ['<%= @tlsv2 %>', '<%= @tlsv1 %>']}]}, - {rabbit, [ - {tcp_listen_options, - <%= @rabbit_tcp_listen_options %> - }, - {tcp_listeners, []}, - {ssl_listeners, [{"<%= @ssl_interface %>", <%= @ssl_port %>}]}, - {ssl_options, [ - {cacertfile,"<%= @kombu_ssl_ca_certs %>"}, - {certfile,"<%= @kombu_ssl_certfile %>"}, - {keyfile,"<%= @kombu_ssl_keyfile %>"}, - {verify,verify_none}, - {fail_if_no_peer_cert,<%= @fail_if_no_peer_cert %>} - ,{versions, ['<%= @tlsv2 %>', '<%= @tlsv1 %>']} - ,{ciphers,<%= @rabbit_cipher_list %>} - ]}, - {disk_free_limit, <%= @disk_free_limit %>}, - {heartbeat, <%= @heartbeat %>}, - {tcp_listen_options, <%= @tcp_listen_options %>}, - {default_user, <<"<%= @default_user %>">>}, - {default_pass, <<"<%= @default_pass %>">>} - ]}, - {kernel, [ - - ]} -]. -% EOF diff --git a/puppet-manifests/src/modules/openstack/templates/openrc.admin.erb b/puppet-manifests/src/modules/openstack/templates/openrc.admin.erb deleted file mode 100644 index 680cfae0a0..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/openrc.admin.erb +++ /dev/null @@ -1,24 +0,0 @@ -unset OS_SERVICE_TOKEN - -export OS_ENDPOINT_TYPE=internalURL -export CINDER_ENDPOINT_TYPE=internalURL - -export OS_USERNAME=<%= @admin_username %> -export OS_PASSWORD=`TERM=linux <%= @keyring_file %> 2>/dev/null` -export OS_AUTH_TYPE=password -export OS_AUTH_URL=<%= @identity_auth_url %> - -export OS_PROJECT_NAME=<%= @admin_project_name %> -export OS_USER_DOMAIN_NAME=<%= @admin_user_domain %> -export OS_PROJECT_DOMAIN_NAME=<%= @admin_project_domain %> -export OS_IDENTITY_API_VERSION=<%= @identity_api_version %> -export OS_REGION_NAME=<%= @identity_region %> -export OS_KEYSTONE_REGION_NAME=<%= @keystone_identity_region %> -export OS_INTERFACE=internal - -if [ ! -z "${OS_PASSWORD}" ]; then - export PS1='[\u@\h \W(keystone_$OS_USERNAME)]\$ ' -else - echo 'Openstack Admin credentials can only be loaded from the active controller.' - export PS1='\h:\w\$ ' -fi diff --git a/puppet-manifests/src/modules/openstack/templates/openrc.ldap.erb b/puppet-manifests/src/modules/openstack/templates/openrc.ldap.erb deleted file mode 100644 index dd43beaece..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/openrc.ldap.erb +++ /dev/null @@ -1,12 +0,0 @@ -unset OS_SERVICE_TOKEN -export OS_ENDPOINT_TYPE=internalURL -export CINDER_ENDPOINT_TYPE=internalURL - -export OS_AUTH_URL=<%= @identity_auth_url %> - -export OS_PROJECT_NAME=admin -export OS_USER_DOMAIN_NAME=<%= @admin_user_domain %> -export OS_PROJECT_DOMAIN_NAME=<%= @admin_project_domain %> -export OS_IDENTITY_API_VERSION=<%= @identity_api_version %> -export OS_REGION_NAME=<%= @identity_region %> -export OS_KEYSTONE_REGION_NAME=<%= @keystone_identity_region %> diff --git a/puppet-manifests/src/modules/openstack/templates/panko-api.conf.erb b/puppet-manifests/src/modules/openstack/templates/panko-api.conf.erb deleted file mode 100644 index 763aac83ed..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/panko-api.conf.erb +++ /dev/null @@ -1,3 +0,0 @@ -bind='<%= @url_host %>:<%= @api_port %>' -workers=<%= @api_workers %> - diff --git a/puppet-manifests/src/modules/openstack/templates/pipeline.yaml.erb b/puppet-manifests/src/modules/openstack/templates/pipeline.yaml.erb deleted file mode 100644 index 696655c1f7..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/pipeline.yaml.erb +++ /dev/null @@ -1,106 +0,0 @@ ---- -sources: - - name: meter_source - meters: - - "*" - sinks: - - meter_sink - - csv_sink - - name: cpu_source - meters: - - "cpu" - sinks: - - cpu_sink - - cpu_delta_sink - - vcpu_sink - - name: disk_source - meters: - - "disk.read.bytes" - - "disk.read.requests" - - "disk.write.bytes" - - "disk.write.requests" - - "disk.device.read.bytes" - - "disk.device.read.requests" - - "disk.device.write.bytes" - - "disk.device.write.requests" - sinks: - - disk_sink - - name: network_source - meters: - - "network.incoming.bytes" - - "network.incoming.packets" - - "network.outgoing.bytes" - - "network.outgoing.packets" - sinks: - - network_sink -sinks: - - name: meter_sink - transformers: - publishers: - - gnocchi:// - - name: cpu_sink - transformers: - - name: "rate_of_change" - parameters: - target: - name: "cpu_util" - unit: "%" - type: "gauge" - max: 100 - scale: "100.0 / (10**9 * (resource_metadata.cpu_number or 1))" - publishers: - - gnocchi:// - - name: cpu_delta_sink - transformers: - - name: "delta" - parameters: - target: - name: "cpu.delta" - growth_only: True - publishers: - - gnocchi:// - - name: vcpu_sink - transformers: - - name: "rate_of_change" - parameters: - target: - name: "vcpu_util" - unit: "%" - type: "gauge" - max: 100 - scale: "100.0 / (10**9 * (resource_metadata.vcpu_number or 1))" - publishers: - - gnocchi:// - - name: disk_sink - transformers: - - name: "rate_of_change" - parameters: - source: - map_from: - name: "(disk\\.device|disk)\\.(read|write)\\.(bytes|requests)" - unit: "(B|request)" - target: - map_to: - name: "\\1.\\2.\\3.rate" - unit: "\\1/s" - type: "gauge" - publishers: - - gnocchi:// - - name: network_sink - transformers: - - name: "rate_of_change" - parameters: - source: - map_from: - name: "network\\.(incoming|outgoing)\\.(bytes|packets)" - unit: "(B|packet)" - target: - map_to: - name: "network.\\1.\\2.rate" - unit: "\\1/s" - type: "gauge" - publishers: - - gnocchi:// - - name: csv_sink - publishers: - - csvfile:///opt/cgcs/ceilometer/csv/pm.csv?max_bytes=10000000&backup_count=5&compress=True&enabled=True diff --git a/puppet-manifests/src/modules/openstack/templates/polling.yaml.erb b/puppet-manifests/src/modules/openstack/templates/polling.yaml.erb deleted file mode 100644 index 2d253503a3..0000000000 --- a/puppet-manifests/src/modules/openstack/templates/polling.yaml.erb +++ /dev/null @@ -1,68 +0,0 @@ ---- -sources: - - name: instance_pollster - interval: <%= @instance_polling_interval %> - meters: - - disk.read.bytes - - disk.read.bytes.rate - - disk.read.requests - - disk.read.requests.rate - - disk.write.bytes - - disk.write.bytes.rate - - disk.write.requests - - disk.write.requests.rate - - disk.capacity - - disk.allocation - - disk.usage - - name: instance_cpu_pollster - interval: <%= @instance_cpu_polling_interval %> - meters: - - cpu - - name: instance_disk_pollster - interval: <%= @instance_disk_polling_interval %> - meters: - - disk.device.read.requests - - disk.device.read.requests.rate - - disk.device.write.requests - - disk.device.write.requests.rate - - disk.device.read.bytes - - disk.device.read.bytes.rate - - disk.device.write.bytes - - disk.device.write.bytes.rate - - disk.device.capacity - - disk.device.allocation - - disk.device.usage - - name: ipmi_pollster - interval: <%= @ipmi_polling_interval %> - meters: - - hardware.ipmi.node.power - - hardware.ipmi.node.temperature - - hardware.ipmi.node.outlet_temperature - - hardware.ipmi.node.airflow - - hardware.ipmi.node.cups - - hardware.ipmi.node.cpu_util - - hardware.ipmi.node.mem_util - - hardware.ipmi.node.io_util - - hardware.ipmi.temperature - - hardware.ipmi.voltage - - hardware.ipmi.current - - hardware.ipmi.fan - - name: ceph_pollster - interval: <%= @ceph_polling_interval %> - meters: - - radosgw.objects - - radosgw.objects.size - - radosgw.objects.containers - - radosgw.api.request - - radosgw.containers.objects - - radosgw.containers.objects.size - - name: image_pollster - interval: <%= @image_polling_interval %> - meters: - - image.size - - name: volume_pollster - interval: <%= @volume_polling_interval %> - meters: - - volume.size - - volume.snapshot.size - - volume.backup.size diff --git a/puppet-manifests/src/modules/platform/manifests/client.pp b/puppet-manifests/src/modules/platform/manifests/client.pp index 98ebca7707..9d21c84542 100644 --- a/puppet-manifests/src/modules/platform/manifests/client.pp +++ b/puppet-manifests/src/modules/platform/manifests/client.pp @@ -22,6 +22,11 @@ class platform::client group => 'root', content => template('platform/openrc.admin.erb'), } + -> file {'/etc/bash_completion.d/openstack': + ensure => 'present', + mode => '0644', + content => generate('/usr/bin/openstack', 'complete'), + } } class platform::client::credentials::params ( diff --git a/puppet-manifests/src/modules/platform/manifests/compute.pp b/puppet-manifests/src/modules/platform/manifests/compute.pp index 3337a293b9..3db19193b9 100644 --- a/puppet-manifests/src/modules/platform/manifests/compute.pp +++ b/puppet-manifests/src/modules/platform/manifests/compute.pp @@ -322,7 +322,6 @@ class platform::compute::pmqos ( class platform::compute { Class[$name] -> Class['::platform::vswitch'] - Class[$name] -> Class['::nova::compute'] require ::platform::compute::grub::audit require ::platform::compute::hugetlbf diff --git a/puppet-manifests/src/modules/platform/manifests/dcorch.pp b/puppet-manifests/src/modules/platform/manifests/dcorch.pp index b0bab4d6e8..c5846e08a6 100644 --- a/puppet-manifests/src/modules/platform/manifests/dcorch.pp +++ b/puppet-manifests/src/modules/platform/manifests/dcorch.pp @@ -47,7 +47,6 @@ class platform::dcorch class platform::dcorch::firewall inherits ::platform::dcorch::params { if $::platform::params::distributed_cloud_role =='systemcontroller' { - include ::openstack::cinder::params platform::firewall::rule { 'dcorch-api': service_name => 'dcorch', ports => $api_port, @@ -64,11 +63,9 @@ class platform::dcorch::firewall service_name => 'dcorch-neutron-api-proxy', ports => $neutron_api_proxy_port, } - if $::openstack::cinder::params::service_enabled { - platform::firewall::rule { 'dcorch-cinder-api-proxy': - service_name => 'dcorch-cinder-api-proxy', - ports => $cinder_api_proxy_port, - } + platform::firewall::rule { 'dcorch-cinder-api-proxy': + service_name => 'dcorch-cinder-api-proxy', + ports => $cinder_api_proxy_port, } platform::firewall::rule { 'dcorch-patch-api-proxy': service_name => 'dcorch-patch-api-proxy', @@ -85,7 +82,6 @@ class platform::dcorch::firewall class platform::dcorch::haproxy inherits ::platform::dcorch::params { if $::platform::params::distributed_cloud_role =='systemcontroller' { - include ::openstack::cinder::params platform::haproxy::proxy { 'dcorch-neutron-api-proxy': server_name => 's-dcorch-neutron-api-proxy', public_port => $neutron_api_proxy_port, @@ -101,12 +97,10 @@ class platform::dcorch::haproxy public_port => $sysinv_api_proxy_port, private_port => $sysinv_api_proxy_port, } - if $::openstack::cinder::params::service_enabled { - platform::haproxy::proxy { 'dcorch-cinder-api-proxy': - server_name => 's-cinder-dc-api-proxy', - public_port => $cinder_api_proxy_port, - private_port => $cinder_api_proxy_port, - } + platform::haproxy::proxy { 'dcorch-cinder-api-proxy': + server_name => 's-cinder-dc-api-proxy', + public_port => $cinder_api_proxy_port, + private_port => $cinder_api_proxy_port, } platform::haproxy::proxy { 'dcorch-patch-api-proxy': server_name => 's-dcorch-patch-api-proxy', diff --git a/puppet-manifests/src/modules/platform/manifests/dns.pp b/puppet-manifests/src/modules/platform/manifests/dns.pp index 550fd5ba1f..9f4f540782 100644 --- a/puppet-manifests/src/modules/platform/manifests/dns.pp +++ b/puppet-manifests/src/modules/platform/manifests/dns.pp @@ -48,21 +48,6 @@ class platform::dns::dnsmasq { $infra_subnet_netmask = $::platform::network::infra::params::subnet_prefixlen } - include ::openstack::ironic::params - $ironic_tftp_dir_version = $::platform::params::software_version - $ironic_tftpboot_dir = $::openstack::ironic::params::ironic_tftpboot_dir - case $::hostname { - $::platform::params::controller_0_hostname: { - $ironic_tftp_interface = $::openstack::ironic::params::controller_0_if - } - $::platform::params::controller_1_hostname: { - $ironic_tftp_interface = $::openstack::ironic::params::controller_1_if - } - default: { - $ironic_tftp_interface = undef - } - } - include ::platform::kubernetes::params $service_domain = $::platform::kubernetes::params::service_domain $dns_service_ip = $::platform::kubernetes::params::dns_service_ip diff --git a/puppet-manifests/src/modules/platform/manifests/drbd.pp b/puppet-manifests/src/modules/platform/manifests/drbd.pp index 80ac5d87f9..d5f4207390 100644 --- a/puppet-manifests/src/modules/platform/manifests/drbd.pp +++ b/puppet-manifests/src/modules/platform/manifests/drbd.pp @@ -238,13 +238,9 @@ class platform::drbd::extension ( ) inherits ::platform::drbd::extension::params { include ::platform::params - include ::openstack::cinder::params include ::platform::drbd::cgcs::params - if ($::platform::params::system_mode != 'simplex' and - 'lvm' in $::openstack::cinder::params::enabled_backends) { - $resync_after = $::openstack::cinder::params::drbd_resource - } elsif str2bool($::is_primary_disk_rotational) { + if str2bool($::is_primary_disk_rotational) { $resync_after = $::platform::drbd::cgcs::params::resource_name } else { $resync_after = undef @@ -448,14 +444,9 @@ class platform::drbd( $service_enable = false, $service_ensure = 'stopped', ) { - if (str2bool($::is_initial_config_primary) or - ('lvm' in $openstack::cinder::params::enabled_backends and - str2bool($::is_standalone_controller) and str2bool($::is_node_cinder_lvm_config)) + if (str2bool($::is_initial_config_primary) ){ - # Enable DRBD in two cases: - # 1) At config_controller, - # 2) When cinder volumes disk is replaced on a standalone controller - # (e.g. AIO SX). + # Enable DRBD at config_controller class { '::drbd': service_enable => true, service_ensure => 'running', diff --git a/puppet-manifests/src/modules/platform/manifests/filesystem.pp b/puppet-manifests/src/modules/platform/manifests/filesystem.pp index b15574ce4a..183b605a19 100644 --- a/puppet-manifests/src/modules/platform/manifests/filesystem.pp +++ b/puppet-manifests/src/modules/platform/manifests/filesystem.pp @@ -200,8 +200,6 @@ class platform::filesystem::img_conversions::params ( class platform::filesystem::img_conversions inherits ::platform::filesystem::img_conversions::params { - include ::openstack::cinder::params - include ::openstack::glance::params platform::filesystem { $lv_name: lv_name => $lv_name, @@ -308,8 +306,6 @@ class platform::filesystem::docker::runtime { class platform::filesystem::img_conversions::runtime { include ::platform::filesystem::img_conversions::params - include ::openstack::cinder::params - include ::openstack::glance::params $lv_name = $::platform::filesystem::img_conversions::params::lv_name $lv_size = $::platform::filesystem::img_conversions::params::lv_size $devmapper = $::platform::filesystem::img_conversions::params::devmapper diff --git a/puppet-manifests/src/modules/platform/manifests/haproxy.pp b/puppet-manifests/src/modules/platform/manifests/haproxy.pp index 379f3abce1..de15cc1213 100644 --- a/puppet-manifests/src/modules/platform/manifests/haproxy.pp +++ b/puppet-manifests/src/modules/platform/manifests/haproxy.pp @@ -142,15 +142,6 @@ class platform::haproxy::runtime { include ::platform::dcorch::haproxy } include ::openstack::keystone::haproxy - include ::openstack::neutron::haproxy - include ::openstack::glance::haproxy - include ::openstack::cinder::haproxy - include ::openstack::heat::haproxy - include ::openstack::murano::haproxy - include ::openstack::magnum::haproxy - include ::openstack::ironic::haproxy - include ::openstack::panko::haproxy - include ::openstack::gnocchi::haproxy include ::openstack::swift::haproxy include ::openstack::barbican::haproxy diff --git a/puppet-manifests/src/modules/platform/manifests/mtce.pp b/puppet-manifests/src/modules/platform/manifests/mtce.pp index f48f30b3b8..f1e4993a16 100644 --- a/puppet-manifests/src/modules/platform/manifests/mtce.pp +++ b/puppet-manifests/src/modules/platform/manifests/mtce.pp @@ -25,9 +25,6 @@ class platform::mtce::params ( class platform::mtce inherits ::platform::mtce::params { - include ::openstack::ceilometer::params - $ceilometer_port = $::openstack::ceilometer::params::api_port - include ::platform::client::credentials::params $keyring_directory = $::platform::client::credentials::params::keyring_directory diff --git a/puppet-manifests/src/modules/platform/manifests/postgresql.pp b/puppet-manifests/src/modules/platform/manifests/postgresql.pp index 7a53765f86..6fbbbbe7a8 100644 --- a/puppet-manifests/src/modules/platform/manifests/postgresql.pp +++ b/puppet-manifests/src/modules/platform/manifests/postgresql.pp @@ -197,22 +197,9 @@ class platform::postgresql::upgrade -> class {'::postgresql::server': } - include ::aodh::db::postgresql include ::barbican::db::postgresql - include ::cinder::db::postgresql - include ::glance::db::postgresql - include ::gnocchi::db::postgresql - include ::heat::db::postgresql - include ::murano::db::postgresql - include ::magnum::db::postgresql - include ::neutron::db::postgresql - include ::nova::db::postgresql - include ::nova::db::postgresql_api - include ::panko::db::postgresql include ::sysinv::db::postgresql include ::keystone::db::postgresql - include ::ironic::db::postgresql include ::fm::db::postgresql - } diff --git a/puppet-manifests/src/modules/platform/manifests/sm.pp b/puppet-manifests/src/modules/platform/manifests/sm.pp index 47f114164e..4a00982f43 100644 --- a/puppet-manifests/src/modules/platform/manifests/sm.pp +++ b/puppet-manifests/src/modules/platform/manifests/sm.pp @@ -102,9 +102,6 @@ class platform::sm $amqp_server_port = $::platform::amqp::params::port $rabbit_node_name = $::platform::amqp::params::node $rabbit_mnesia_base = "/var/lib/rabbitmq/${platform_sw_version}/mnesia" - $murano_rabbit_node_name = "murano-${rabbit_node_name}" - $murano_rabbit_mnesia_base = "/var/lib/rabbitmq/murano/${platform_sw_version}/mnesia" - $murano_rabbit_config_file = '/etc/rabbitmq/murano-rabbitmq' include ::platform::ldap::params $ldapserver_remote = $::platform::ldap::params::ldapserver_remote @@ -112,10 +109,6 @@ class platform::sm # This variable is used also in create_sm_db.sql. # please change that one as well when modifying this variable $rabbit_pid = '/var/run/rabbitmq/rabbitmq.pid' - $murano_rabbit_env_config_file = '/etc/rabbitmq/murano-rabbitmq-env.conf' - - $murano_rabbit_pid = '/var/run/rabbitmq/murano-rabbit.pid' - $murano_rabbit_dist_port = 25673 $rabbitmq_server = '/usr/lib/rabbitmq/bin/rabbitmq-server' $rabbitmqctl = '/usr/lib/rabbitmq/bin/rabbitmqctl' @@ -180,62 +173,10 @@ class platform::sm $os_user_domain_name = $::platform::client::params::admin_user_domain $os_project_domain_name = $::platform::client::params::admin_project_domain - # Nova - $db_server_port = '5432' - - include ::openstack::nova::params - $novnc_console_port = $::openstack::nova::params::nova_novnc_port - - # Heat - include ::openstack::heat::params - $heat_api_cfn_port = $::openstack::heat::params::cfn_port - $heat_api_cloudwatch_port = $::openstack::heat::params::cloudwatch_port - $heat_api_port = $::openstack::heat::params::api_port - - # Neutron - include ::openstack::neutron::params - $neutron_region_name = $::openstack::neutron::params::region_name - $neutron_plugin_config = '/etc/neutron/plugin.ini' - $neutron_sriov_plugin_config = '/etc/neutron/plugins/ml2/ml2_conf_sriov.ini' - - # Cinder - include ::openstack::cinder::params - $cinder_service_enabled = $::openstack::cinder::params::service_enabled - $cinder_region_name = $::openstack::cinder::params::region_name - $cinder_backends = $::openstack::cinder::params::enabled_backends - $cinder_drbd_resource = $::openstack::cinder::params::drbd_resource - $cinder_vg_name = $::openstack::cinder::params::cinder_vg_name - - # Glance - include ::openstack::glance::params - $glance_region_name = $::openstack::glance::params::region_name - $glance_cached = $::openstack::glance::params::glance_cached - - # Murano - include ::openstack::murano::params - $disable_murano_agent = $::openstack::murano::params::disable_murano_agent - - # Magnum - include ::openstack::magnum::params - - # Ironic - include ::openstack::ironic::params - $ironic_tftp_ip = $::openstack::ironic::params::tftp_server - $ironic_controller_0_nic = $::openstack::ironic::params::controller_0_if - $ironic_controller_1_nic = $::openstack::ironic::params::controller_1_if - $ironic_netmask = $::openstack::ironic::params::netmask - $ironic_tftproot = $::openstack::ironic::params::ironic_tftpboot_dir - # Ceph-Rados-Gateway include ::platform::ceph::params $ceph_configured = $::platform::ceph::params::service_enabled - # Gnocchi - include ::openstack::gnocchi::params - - # Panko - include ::openstack::panko::params - if $system_mode == 'simplex' { $hostunit = '0' $management_my_unit_ip = $::platform::network::mgmt::params::controller0_address @@ -282,16 +223,6 @@ class platform::sm shell => '/bin/sh' } - # Workaround for the time being to prevent SM from enabling the openstack - # services when kubernetes is enabled to avoid making changes to individual - # openstack manifests - $heat_service_enabled = false - $murano_configured = false - $ironic_configured = false - $magnum_configured = false - $gnocchi_enabled = false - $panko_enabled = false - # lint:ignore:140chars if str2bool($::is_virtual) { @@ -503,36 +434,8 @@ class platform::sm } $configure_keystone = false } - - if $glance_region_name != $region_2_name { - $configure_glance = false - - exec { 'Deprovision OpenStack - Glance Registry (service-group-member)': - command => 'sm-deprovision service-group-member cloud-services glance-registry', - } - -> exec { 'Deprovision OpenStack - Glance Registry (service)': - command => 'sm-deprovision service glance-registry', - } - -> exec { 'Deprovision OpenStack - Glance API (service-group-member)': - command => 'sm-deprovision service-group-member cloud-services glance-api', - } - -> exec { 'Deprovision OpenStack - Glance API (service)': - command => 'sm-deprovision service glance-api', - } - } else { - $configure_glance = true - if $glance_cached { - exec { 'Deprovision OpenStack - Glance Registry (service-group-member)': - command => 'sm-deprovision service-group-member cloud-services glance-registry', - } - -> exec { 'Deprovision OpenStack - Glance Registry (service)': - command => 'sm-deprovision service glance-registry', - } - } - } } else { $configure_keystone = true - $configure_glance = false } if $configure_keystone { @@ -556,173 +459,53 @@ class platform::sm } } - if $configure_glance { - if !$glance_cached { - exec { 'Configure OpenStack - Glance Registry': - command => "sm-configure service_instance glance-registry glance-registry \"config=/etc/glance/glance-registry.conf,user=root,os_username=${os_username},os_project_name=${os_project_name},os_user_domain_name=${os_user_domain_name},os_project_domain_name=${os_project_domain_name},keystone_get_token_url=${os_auth_url}/tokens\"", - } - -> exec { 'Provision OpenStack - Glance Registry (service-group-member)': - command => 'sm-provision service-group-member cloud-services glance-registry', - } - -> exec { 'Provision OpenStack - Glance Registry (service)': - command => 'sm-provision service glance-registry', - } - } - - exec { 'Configure OpenStack - Glance API': - command => "sm-configure service_instance glance-api glance-api \"config=/etc/glance/glance-api.conf,user=root,os_username=${os_username},os_project_name=${os_project_name},os_user_domain_name=${os_user_domain_name},os_project_domain_name=${os_project_domain_name},os_auth_url=${os_auth_url}\"", - } - -> exec { 'Provision OpenStack - Glance API (service-group-member)': - command => 'sm-provision service-group-member cloud-services glance-api', - } - -> exec { 'Provision OpenStack - Glance API (service)': - command => 'sm-provision service glance-api', - } - } else { - # Deprovision Glance API and Glance Registry incase of a kubernetes config - exec { 'Deprovision OpenStack - Glance Registry (service-group-member)': - command => 'sm-deprovision service-group-member cloud-services glance-registry', - } - -> exec { 'Deprovision OpenStack - Glance Registry(service)': - command => 'sm-deprovision service glance-registry', - } - - exec { 'Deprovision OpenStack - Glance API (service-group-member)': - command => 'sm-deprovision service-group-member cloud-services glance-api', - } - -> exec { 'Deprovision OpenStack - Glance API(service)': - command => 'sm-deprovision service glance-api', - } + # Glance + exec { 'Deprovision OpenStack - Glance Registry (service-group-member)': + command => 'sm-deprovision service-group-member cloud-services glance-registry', + } + -> exec { 'Deprovision OpenStack - Glance Registry(service)': + command => 'sm-deprovision service glance-registry', } - if $cinder_service_enabled { - exec { 'Configure OpenStack - Cinder API': - command => "sm-configure service_instance cinder-api cinder-api \"config=/etc/cinder/cinder.conf,user=root,os_username=${os_username},os_project_name=${os_project_name},os_user_domain_name=${os_user_domain_name},os_project_domain_name=${os_project_domain_name},keystone_get_token_url=${os_auth_url}/tokens\"", - } - -> exec { 'Provision OpenStack - Cinder API (service-group-member)': - command => 'sm-provision service-group-member cloud-services cinder-api', - } - -> exec { 'Provision OpenStack - Cinder API (service)': - command => 'sm-provision service cinder-api', - } + exec { 'Deprovision OpenStack - Glance API (service-group-member)': + command => 'sm-deprovision service-group-member cloud-services glance-api', + } + -> exec { 'Deprovision OpenStack - Glance API(service)': + command => 'sm-deprovision service glance-api', + } - exec { 'Configure OpenStack - Cinder Scheduler': - command => "sm-configure service_instance cinder-scheduler cinder-scheduler \"config=/etc/cinder/cinder.conf,user=root,amqp_server_port=${amqp_server_port}\"", - } - -> exec { 'Provision OpenStack - Cinder Scheduler (service-group-member)': - command => 'sm-provision service-group-member cloud-services cinder-scheduler', - } - -> exec { 'Provision OpenStack - Cinder Scheduler (service)': - command => 'sm-provision service cinder-scheduler', - } - - exec { 'Configure OpenStack - Cinder Volume': - command => "sm-configure service_instance cinder-volume cinder-volume \"config=/etc/cinder/cinder.conf,user=root,amqp_server_port=${amqp_server_port},multibackend=true\"", - } - -> exec { 'Provision OpenStack - Cinder Volume (service-group-member)': - command => 'sm-provision service-group-member cloud-services cinder-volume', - } - -> exec { 'Configure Cinder Volume in SM': - command => 'sm-provision service cinder-volume', - } - - exec { 'Configure OpenStack - Cinder Backup': - command => "sm-configure service_instance cinder-backup cinder-backup \"config=/etc/cinder/cinder.conf,user=root,amqp_server_port=${amqp_server_port}\"", - } - -> exec { 'Provision OpenStack - Cinder Backup (service-group-member)': - command => 'sm-provision service-group-member cloud-services cinder-backup', - } - -> exec { 'Provision OpenStack - Cinder Backup (service)': - command => 'sm-provision service cinder-backup', - } - - if 'lvm' in $cinder_backends { - # Cinder DRBD - exec { 'Configure Cinder LVM in SM (service-group-member drbd-cinder)': - command => 'sm-provision service-group-member controller-services drbd-cinder', - } - -> exec { 'Configure Cinder LVM in SM (service drbd-cinder)': - command => 'sm-provision service drbd-cinder', - } - - # Cinder LVM - -> exec { 'Configure Cinder LVM in SM (service-group-member cinder-lvm)': - command => 'sm-provision service-group-member controller-services cinder-lvm', - } - -> exec { 'Configure Cinder LVM in SM (service cinder-lvm)': - command => 'sm-provision service cinder-lvm', - } - - # TGTd - -> exec { 'Configure Cinder LVM in SM (service-group-member iscsi)': - command => 'sm-provision service-group-member controller-services iscsi', - } - -> exec { 'Configure Cinder LVM in SM (service iscsi)': - command => 'sm-provision service iscsi', - } - - -> exec { 'Configure Cinder DRBD service instance': - command => "sm-configure service_instance drbd-cinder drbd-cinder:${hostunit} drbd_resource=${cinder_drbd_resource}", - } - exec { 'Configure Cinder LVM service instance': - command => "sm-configure service_instance cinder-lvm cinder-lvm \"rmon_rsc_name=volume-storage,volgrpname=${cinder_vg_name}\"", - } - exec { 'Configure iscsi service instance': - command => "sm-configure service_instance iscsi iscsi \"\"", - } - - - # Cinder IP - exec { 'Configure Cinder LVM in SM (service-group-member cinder-ip)': - command => 'sm-provision service-group-member controller-services cinder-ip', - } - -> exec { 'Configure Cinder LVM in SM (service cinder-ip)': - command => 'sm-provision service cinder-ip', - } - - if $system_mode == 'duplex-direct' or $system_mode == 'simplex' { - exec { 'Configure Cinder IP service instance': - command => "sm-configure service_instance cinder-ip cinder-ip \"ip=${cinder_ip_param_ip},cidr_netmask=${cinder_ip_param_mask},nic=${cinder_ip_interface},arp_count=7,dc=yes\"", - } - } else { - exec { 'Configure Cinder IP service instance': - command => "sm-configure service_instance cinder-ip cinder-ip \"ip=${cinder_ip_param_ip},cidr_netmask=${cinder_ip_param_mask},nic=${cinder_ip_interface},arp_count=7\"", - } - } - } - } else { - exec { 'Deprovision OpenStack - Cinder API (service-group-member)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service-group-member cloud-services cinder-api', - } - -> exec { 'Deprovision OpenStack - Cinder API (service)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service cinder-api', - } - -> exec { 'Deprovision OpenStack - Cinder Scheduler (service-group-member)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service-group-member cloud-services cinder-scheduler', - } - -> exec { 'Deprovision OpenStack - Cinder Scheduler (service)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service cinder-scheduler', - } - -> exec { 'Deprovision OpenStack - Cinder Volume (service-group-member)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service-group-member cloud-services cinder-volume', - } - -> exec { 'Deprovision OpenStack - Cinder Volume (service)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service cinder-volume', - } - -> exec { 'Deprovision OpenStack - Cinder Backup (service-group-member)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service-group-member cloud-services cinder-backup', - } - -> exec { 'Deprovision OpenStack - Cinder Backup (service)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service cinder-backup', - } + # Cinder + exec { 'Deprovision OpenStack - Cinder API (service-group-member)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service-group-member cloud-services cinder-api', + } + -> exec { 'Deprovision OpenStack - Cinder API (service)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service cinder-api', + } + -> exec { 'Deprovision OpenStack - Cinder Scheduler (service-group-member)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service-group-member cloud-services cinder-scheduler', + } + -> exec { 'Deprovision OpenStack - Cinder Scheduler (service)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service cinder-scheduler', + } + -> exec { 'Deprovision OpenStack - Cinder Volume (service-group-member)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service-group-member cloud-services cinder-volume', + } + -> exec { 'Deprovision OpenStack - Cinder Volume (service)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service cinder-volume', + } + -> exec { 'Deprovision OpenStack - Cinder Backup (service-group-member)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service-group-member cloud-services cinder-backup', + } + -> exec { 'Deprovision OpenStack - Cinder Backup (service)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service cinder-backup', } # Re-using cinder-ip for cluster-host-ip for now @@ -745,30 +528,6 @@ class platform::sm } } - # TODO: revisit region mode - if $region_config { - if $neutron_region_name != $region_2_name { - $configure_neturon = false - - exec { 'Deprovision OpenStack - Neutron Server (service-group-member)': - command => 'sm-deprovision service-group-member cloud-services neutron-server', - } - -> exec { 'Deprovision OpenStack - Neutron Server (service)': - command => 'sm-deprovision service neutron-server', - } - } else { - $configure_neturon = true - } - } else { - $configure_neturon = false - } - - if $configure_neturon { - exec { 'Configure OpenStack - Neutron Server': - command => "sm-configure service_instance neutron-server neutron-server \"config=/etc/neutron/neutron.conf,plugin_config=${neutron_plugin_config},sriov_plugin_config=${neutron_sriov_plugin_config},user=root,os_username=${os_username},os_project_name=${os_project_name},os_user_domain_name=${os_user_domain_name},os_project_domain_name=${os_project_domain_name},keystone_get_token_url=${os_auth_url}/tokens\"", - } - } - # TODO: this entire section needs to be removed from SM. # After these are removed from SM, this entire section of # deprovision calls will not be needed @@ -840,91 +599,62 @@ class platform::sm command => 'sm-deprovision service neutron-server', } - if $heat_service_enabled { - exec { 'Configure OpenStack - Heat Engine': - command => "sm-configure service_instance heat-engine heat-engine \"config=/etc/heat/heat.conf,user=root,database_server_port=${db_server_port},amqp_server_port=${amqp_server_port}\"", - } + # Heat + exec { 'Deprovision OpenStack - Heat Engine (service-group-member)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service-group-member cloud-services heat-engine', + } + -> exec { 'Deprovision OpenStack - Heat Engine(service)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service heat-engine', + } - exec { 'Configure OpenStack - Heat API': - command => "sm-configure service_instance heat-api heat-api \"config=/etc/heat/heat.conf,user=root,server_port=${heat_api_port}\"", - } + exec { 'Deprovision OpenStack - Heat API (service-group-member)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service-group-member cloud-services heat-api', + } + -> exec { 'Deprovision OpenStack - Heat API (service)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service heat-api', + } - exec { 'Configure OpenStack - Heat API CFN': - command => "sm-configure service_instance heat-api-cfn heat-api-cfn \"config=/etc/heat/heat.conf,user=root,server_port=${heat_api_cfn_port}\"", - } + exec { 'Deprovision OpenStack - Heat API CFN (service-group-member)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service-group-member cloud-services heat-api-cfn', + } + -> exec { 'Deprovision OpenStack - Heat API CFN (service)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service heat-api-cfn', + } - exec { 'Configure OpenStack - Heat API CloudWatch': - command => "sm-configure service_instance heat-api-cloudwatch heat-api-cloudwatch \"config=/etc/heat/heat.conf,user=root,server_port=${heat_api_cloudwatch_port}\"", - } - } else { - exec { 'Deprovision OpenStack - Heat Engine (service-group-member)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service-group-member cloud-services heat-engine', - } - -> exec { 'Deprovision OpenStack - Heat Engine(service)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service heat-engine', - } - - exec { 'Deprovision OpenStack - Heat API (service-group-member)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service-group-member cloud-services heat-api', - } - -> exec { 'Deprovision OpenStack - Heat API (service)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service heat-api', - } - - exec { 'Deprovision OpenStack - Heat API CFN (service-group-member)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service-group-member cloud-services heat-api-cfn', - } - -> exec { 'Deprovision OpenStack - Heat API CFN (service)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service heat-api-cfn', - } - - exec { 'Deprovision OpenStack - Heat API CloudWatch (service-group-member)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service-group-member cloud-services heat-api-cloudwatch', - } - -> exec { 'Deprovision OpenStack - Heat API CloudWatch (service)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service heat-api-cloudwatch', - } + exec { 'Deprovision OpenStack - Heat API CloudWatch (service-group-member)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service-group-member cloud-services heat-api-cloudwatch', + } + -> exec { 'Deprovision OpenStack - Heat API CloudWatch (service)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service heat-api-cloudwatch', } # Gnocchi - if $gnocchi_enabled { - - exec { 'Configure OpenStack - Gnocchi API': - command => "sm-configure service_instance gnocchi-api gnocchi-api \"config=/etc/gnocchi/gnocchi.conf\"", - } - - exec { 'Configure OpenStack - Gnocchi metricd': - command => "sm-configure service_instance gnocchi-metricd gnocchi-metricd \"config=/etc/gnocchi/gnocchi.conf\"", - } - } else { - exec { 'Deprovision OpenStack - Gnocchi API (service-group-member)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service-group-member cloud-services gnocchi-api', - } - -> exec { 'Deprovision OpenStack - Gnocchi API (service)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service gnocchi-api', - } - - exec { 'Deprovision OpenStack - Gnocchi metricd (service-group-member)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service-group-member cloud-services gnocchi-metricd', - } - -> exec { 'Deprovision OpenStack - Gnocchi metricd (service)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service gnocchi-metricd', - } + exec { 'Deprovision OpenStack - Gnocchi API (service-group-member)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service-group-member cloud-services gnocchi-api', + } + -> exec { 'Deprovision OpenStack - Gnocchi API (service)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service gnocchi-api', + } + exec { 'Deprovision OpenStack - Gnocchi metricd (service-group-member)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service-group-member cloud-services gnocchi-metricd', + } + -> exec { 'Deprovision OpenStack - Gnocchi metricd (service)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service gnocchi-metricd', } - # AODH (not enabled) + # AODH exec { 'Deprovision OpenStack - AODH API (service-group-member)': path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], command => 'sm-deprovision service-group-member cloud-services aodh-api', @@ -962,64 +692,15 @@ class platform::sm } # Panko - if $panko_enabled { - exec { 'Configure OpenStack - Panko API': - command => "sm-configure service_instance panko-api panko-api \"config=/etc/panko/panko.conf\"", - } - } else { - exec { 'Deprovision OpenStack - Panko API (service-group-member)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service-group-member cloud-services panko-api', - } - -> exec { 'Deprovision OpenStack - Panko API (service)': - path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], - command => 'sm-deprovision service panko-api', - } + exec { 'Deprovision OpenStack - Panko API (service-group-member)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service-group-member cloud-services panko-api', } - - # Murano - exec { 'Configure OpenStack - Murano API': - command => "sm-configure service_instance murano-api murano-api \"config=/etc/murano/murano.conf\"", + -> exec { 'Deprovision OpenStack - Panko API (service)': + path => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ], + command => 'sm-deprovision service panko-api', } - exec { 'Configure OpenStack - Murano Engine': - command => "sm-configure service_instance murano-engine murano-engine \"config=/etc/murano/murano.conf\"", - } - - # Magnum - exec { 'Configure OpenStack - Magnum API': - command => "sm-configure service_instance magnum-api magnum-api \"config=/etc/magnum/magnum.conf\"", - } - - exec { 'Configure OpenStack - Magnum Conductor': - command => "sm-configure service_instance magnum-conductor magnum-conductor \"config=/etc/magnum/magnum.conf\"", - } - - # Ironic - exec { 'Configure OpenStack - Ironic API': - command => "sm-configure service_instance ironic-api ironic-api \"config=/etc/ironic/ironic.conf\"", - } - - exec { 'Configure OpenStack - Ironic Conductor': - command => "sm-configure service_instance ironic-conductor ironic-conductor \"config=/etc/ironic/ironic.conf,tftproot=${ironic_tftproot}\"", - } - - exec { 'Configure OpenStack - Nova Compute': - command => "sm-configure service_instance nova-compute nova-compute \"config=/etc/nova/nova-ironic.conf\"", - } - - exec { 'Configure OpenStack - Nova Serialproxy': - command => "sm-configure service_instance nova-serialproxy nova-serialproxy \"config=/etc/nova/nova-ironic.conf\"", - } - - #exec { 'Configure Power Management Conductor': - # command => "sm-configure service_instance power-mgmt-conductor power-mgmt-conductor \"config=/etc/power_mgmt/power-mgmt-conductor.ini\"", - #} - - #exec { 'Configure Power Management API': - # command => "sm-configure service_instance power-mgmt-api power-mgmt-api \"config=/etc/power_mgmt/power-mgmt-api.ini\"", - #} - exec { 'Configure NFS Management': command => "sm-configure service_instance nfs-mgmt nfs-mgmt \"exports=${nfs_server_mgmt_exports},mounts=${nfs_server_mgmt_mounts}\"", } @@ -1250,42 +931,14 @@ class platform::sm } } - exec { 'Configure Murano Rabbit': - command => "sm-configure service_instance murano-rabbit murano-rabbit \"server=${rabbitmq_server},ctl=${rabbitmqctl},nodename=${murano_rabbit_node_name},mnesia_base=${murano_rabbit_mnesia_base},ip=${oam_ip_param_ip},config_file=${murano_rabbit_config_file},env_config_file=${murano_rabbit_env_config_file},pid_file=${murano_rabbit_pid},dist_port=${murano_rabbit_dist_port}\"", - } - - # optionally bring up/down Murano and murano agent's rabbitmq - if $disable_murano_agent { + # Murano exec { 'Deprovision Murano Rabbitmq (service-group-member)': command => 'sm-deprovision service-group-member controller-services murano-rabbit', } -> exec { 'Deprovision Murano Rabbitmq (service)': command => 'sm-deprovision service murano-rabbit', } - } else { - exec { 'Provision Murano Rabbitmq (service-group-member)': - command => 'sm-provision service-group-member controller-services murano-rabbit', - } - -> exec { 'Provision Murano Rabbitmq (service)': - command => 'sm-provision service murano-rabbit', - } - } - - if $murano_configured { - exec { 'Provision OpenStack - Murano API (service-group-member)': - command => 'sm-provision service-group-member cloud-services murano-api', - } - -> exec { 'Provision OpenStack - Murano API (service)': - command => 'sm-provision service murano-api', - } - -> exec { 'Provision OpenStack - Murano Engine (service-group-member)': - command => 'sm-provision service-group-member cloud-services murano-engine', - } - -> exec { 'Provision OpenStack - Murano Engine (service)': - command => 'sm-provision service murano-engine', - } - } else { - exec { 'Deprovision OpenStack - Murano API (service-group-member)': + -> exec { 'Deprovision OpenStack - Murano API (service-group-member)': command => 'sm-deprovision service-group-member cloud-services murano-api', } -> exec { 'Deprovision OpenStack - Murano API (service)': @@ -1297,23 +950,8 @@ class platform::sm -> exec { 'Deprovision OpenStack - Murano Engine (service)': command => 'sm-deprovision service murano-engine', } - } - # optionally bring up/down Magnum - if $magnum_configured { - exec { 'Provision OpenStack - Magnum API (service-group-member)': - command => 'sm-provision service-group-member cloud-services magnum-api', - } - -> exec { 'Provision OpenStack - Magnum API (service)': - command => 'sm-provision service magnum-api', - } - -> exec { 'Provision OpenStack - Magnum Conductor (service-group-member)': - command => 'sm-provision service-group-member cloud-services magnum-conductor', - } - -> exec { 'Provision OpenStack - Magnum Conductor (service)': - command => 'sm-provision service magnum-conductor', - } - } else { + # Magnum exec { 'Deprovision OpenStack - Magnum API (service-group-member)': command => 'sm-deprovision service-group-member cloud-services magnum-api', } @@ -1326,88 +964,37 @@ class platform::sm -> exec { 'Deprovision OpenStack - Magnum Conductor (service)': command => 'sm-deprovision service magnum-conductor', } + + # Ironic + exec { 'Deprovision OpenStack - Ironic API (service-group-member)': + command => 'sm-deprovision service-group-member cloud-services ironic-api', } - - # optionally bring up/down Ironic - if $ironic_configured { - exec { 'Provision OpenStack - Ironic API (service-group-member)': - command => 'sm-provision service-group-member cloud-services ironic-api', - } - -> exec { 'Provision OpenStack - Ironic API (service)': - command => 'sm-provision service ironic-api', - } - -> exec { 'Provision OpenStack - Ironic Conductor (service-group-member)': - command => 'sm-provision service-group-member cloud-services ironic-conductor', - } - -> exec { 'Provision OpenStack - Ironic Conductor (service)': - command => 'sm-provision service ironic-conductor', - } - -> exec { 'Provision OpenStack - Nova Compute (service-group-member)': - command => 'sm-provision service-group-member cloud-services nova-compute', - } - -> exec { 'Provision OpenStack - Nova Compute (service)': - command => 'sm-provision service nova-compute', - } - -> exec { 'Provision OpenStack - Nova Serialproxy (service-group-member)': - command => 'sm-provision service-group-member cloud-services nova-serialproxy', - } - -> exec { 'Provision OpenStack - Nova Serialproxy (service)': - command => 'sm-provision service nova-serialproxy', - } - if $ironic_tftp_ip != undef { - case $::hostname { - $controller_0_hostname: { - exec { 'Configure Ironic TFTP IP service instance': - command => "sm-configure service_instance ironic-tftp-ip ironic-tftp-ip \"ip=${ironic_tftp_ip},cidr_netmask=${ironic_netmask},nic=${ironic_controller_0_nic},arp_count=7\"", - } - } - $controller_1_hostname: { - exec { 'Configure Ironic TFTP IP service instance': - command => "sm-configure service_instance ironic-tftp-ip ironic-tftp-ip \"ip=${ironic_tftp_ip},cidr_netmask=${ironic_netmask},nic=${ironic_controller_1_nic},arp_count=7\"", - } - } - default: { - } - } - - exec { 'Provision Ironic TFTP Floating IP (service-group-member)': - command => 'sm-provision service-group-member controller-services ironic-tftp-ip', - } - -> exec { 'Provision Ironic TFTP Floating IP (service)': - command => 'sm-provision service ironic-tftp-ip', - } - } - } else { - exec { 'Deprovision OpenStack - Ironic API (service-group-member)': - command => 'sm-deprovision service-group-member cloud-services ironic-api', - } - -> exec { 'Deprovision OpenStack - Ironic API (service)': - command => 'sm-deprovision service ironic-api', - } - -> exec { 'Deprovision OpenStack - Ironic Conductor (service-group-member)': - command => 'sm-deprovision service-group-member cloud-services ironic-conductor', - } - -> exec { 'Deprovision OpenStack - Ironic Conductor (service)': - command => 'sm-deprovision service ironic-conductor', - } - -> exec { 'Deprovision OpenStack - Nova Compute (service-group-member)': - command => 'sm-deprovision service-group-member cloud-services nova-compute', - } - -> exec { 'Deprovision OpenStack - Nova Compute (service)': - command => 'sm-deprovision service nova-compute', - } - -> exec { 'Deprovision OpenStack - Nova Serialproxy (service-group-member)': - command => 'sm-deprovision service-group-member cloud-services nova-serialproxy', - } - -> exec { 'Deprovision OpenStack - Nova Serialproxy (service)': - command => 'sm-deprovision service nova-serialproxy', - } - -> exec { 'Provision Ironic TFTP Floating IP (service-group-member)': - command => 'sm-deprovision service-group-member controller-services ironic-tftp-ip', - } - -> exec { 'Provision Ironic TFTP Floating IP (service)': - command => 'sm-deprovision service ironic-tftp-ip', - } + -> exec { 'Deprovision OpenStack - Ironic API (service)': + command => 'sm-deprovision service ironic-api', + } + -> exec { 'Deprovision OpenStack - Ironic Conductor (service-group-member)': + command => 'sm-deprovision service-group-member cloud-services ironic-conductor', + } + -> exec { 'Deprovision OpenStack - Ironic Conductor (service)': + command => 'sm-deprovision service ironic-conductor', + } + -> exec { 'Deprovision OpenStack - Nova Compute (service-group-member)': + command => 'sm-deprovision service-group-member cloud-services nova-compute', + } + -> exec { 'Deprovision OpenStack - Nova Compute (service)': + command => 'sm-deprovision service nova-compute', + } + -> exec { 'Deprovision OpenStack - Nova Serialproxy (service-group-member)': + command => 'sm-deprovision service-group-member cloud-services nova-serialproxy', + } + -> exec { 'Deprovision OpenStack - Nova Serialproxy (service)': + command => 'sm-deprovision service nova-serialproxy', + } + -> exec { 'Provision Ironic TFTP Floating IP (service-group-member)': + command => 'sm-deprovision service-group-member controller-services ironic-tftp-ip', + } + -> exec { 'Provision Ironic TFTP Floating IP (service)': + command => 'sm-deprovision service ironic-tftp-ip', } if $ceph_configured { @@ -1587,17 +1174,15 @@ class platform::sm -> exec { 'Configure OpenStack - DCOrch-patch-api-proxy': command => "sm-configure service_instance dcorch-patch-api-proxy dcorch-patch-api-proxy \"\"", } - if $cinder_service_enabled { - notice('Enable cinder-api-proxy') - exec { 'Provision DCOrch-Cinder-Api-Proxy (service-group-member dcorch-cinder-api-proxy)': - command => 'sm-provision service-group-member distributed-cloud-services dcorch-cinder-api-proxy', - } - -> exec { 'Provision DCOrch-Cinder-Api-Proxy in SM (service dcorch-cinder-api-proxy)': - command => 'sm-provision service dcorch-cinder-api-proxy', - } - -> exec { 'Configure OpenStack - DCOrch-cinder-api-proxy': - command => "sm-configure service_instance dcorch-cinder-api-proxy dcorch-cinder-api-proxy \"\"", - } + + exec { 'Provision DCOrch-Cinder-Api-Proxy (service-group-member dcorch-cinder-api-proxy)': + command => 'sm-provision service-group-member distributed-cloud-services dcorch-cinder-api-proxy', + } + -> exec { 'Provision DCOrch-Cinder-Api-Proxy in SM (service dcorch-cinder-api-proxy)': + command => 'sm-provision service dcorch-cinder-api-proxy', + } + -> exec { 'Configure OpenStack - DCOrch-cinder-api-proxy': + command => "sm-configure service_instance dcorch-cinder-api-proxy dcorch-cinder-api-proxy \"\"", } } diff --git a/puppet-manifests/src/modules/platform/templates/dnsmasq.conf.erb b/puppet-manifests/src/modules/platform/templates/dnsmasq.conf.erb index 7fd5f7c80c..4667f7b0c8 100644 --- a/puppet-manifests/src/modules/platform/templates/dnsmasq.conf.erb +++ b/puppet-manifests/src/modules/platform/templates/dnsmasq.conf.erb @@ -6,9 +6,6 @@ interface=<%= @mgmt_interface %> <%- if @infra_interface != nil -%> interface=<%= @infra_interface %> <%- end -%> -<%- if @ironic_tftp_interface != nil -%> -interface=<%= @ironic_tftp_interface %> -<%- end -%> bind-interfaces # Serve addresses from the pxeboot subnet @@ -92,9 +89,6 @@ tftp-root=/pxeboot,<%= @pxeboot_interface %> <%- else -%> tftp-root=/pxeboot,<%= @mgmt_interface %> <%- end -%> -<%- if @ironic_tftp_interface != nil -%> -tftp-root=<%= @ironic_tftpboot_dir %>,<%= @ironic_tftp_interface %> -<%- end -%> dhcp-boot=tag:bios,tag:pxeboot,pxelinux.0,<%= @pxeboot_hostname %>,<%= @pxeboot_controller_address %> dhcp-boot=tag:bios,tag:mgmt,pxelinux.0,<%= @mgmt_hostname %>,<%= @mgmt_controller_address %> diff --git a/puppet-manifests/src/modules/platform/templates/remotelogging.conf.erb b/puppet-manifests/src/modules/platform/templates/remotelogging.conf.erb index 3ed1d83eca..9494a7c7df 100644 --- a/puppet-manifests/src/modules/platform/templates/remotelogging.conf.erb +++ b/puppet-manifests/src/modules/platform/templates/remotelogging.conf.erb @@ -10,12 +10,6 @@ # ################################################################################ rewrite r_rewrite_set{ - set("<%= @system_name %> aodh-api.log ${HOST}", value("HOST") condition(filter(f_aodhapi))); - set("<%= @system_name %> aodh-dbsync.log ${HOST}", value("HOST") condition(filter(f_aodhdbsync))); - set("<%= @system_name %> aodh-evaluator.log ${HOST}", value("HOST") condition(filter(f_aodhevaluator))); - set("<%= @system_name %> aodh-expirer.log ${HOST}", value("HOST") condition(filter(f_aodhexpirer))); - set("<%= @system_name %> aodh-listener.log ${HOST}", value("HOST") condition(filter(f_aodhlistener))); - set("<%= @system_name %> aodh-notifier.log ${HOST}", value("HOST") condition(filter(f_aodhnotifier))); set("<%= @system_name %> auth.log ${HOST}", value("HOST") condition(filter(f_auth))); set("<%= @system_name %> barbican-api.log ${HOST}", value("HOST") condition(filter(f_barbicanapi))); set("<%= @system_name %> barbican-dbsync.log ${HOST}", value("HOST") condition(filter(f_barbicandbsync))); @@ -23,11 +17,6 @@ rewrite r_rewrite_set{ set("<%= @system_name %> barbican-worker.log ${HOST}", value("HOST") condition(filter(f_barbicanworker))); set("<%= @system_name %> barbican-cleaner.log ${HOST}", value("HOST") condition(filter(f_barbicancleaner))); set("<%= @system_name %> bash.log ${HOST}", value("HOST") condition(filter(f_bash))); - set("<%= @system_name %> ceilometer-agent-notification.log ${HOST}", value("HOST") condition(filter(f_ceilometeragentnotification))); - set("<%= @system_name %> ceilometer-upgrade.log ${HOST}", value("HOST") condition(filter(f_ceilometerupgrade))); - set("<%= @system_name %> cinder-api.log ${HOST}", value("HOST") condition(filter(f_cinderapi))); - set("<%= @system_name %> cinder-scheduler.log ${HOST}", value("HOST") condition(filter(f_cinderscheduler))); - set("<%= @system_name %> cinder-volume.log ${HOST}", value("HOST") condition(filter(f_cindervolume))); set("<%= @system_name %> cron.log ${HOST}", value("HOST") condition(filter(f_cron))); set("<%= @system_name %> daemon.log ${HOST}", value("HOST") condition(filter(f_daemon))); set("<%= @system_name %> daemon-ocf.log ${HOST}", value("HOST") condition(filter(f_daemon_ocf))); @@ -37,56 +26,32 @@ rewrite r_rewrite_set{ set("<%= @system_name %> fm-manager.log ${HOST}", value("HOST") condition(filter(f_fm_manager))); set("<%= @system_name %> ima.log ${HOST}", value("HOST") condition(filter(f_ima))); set("<%= @system_name %> fsmond.log ${HOST}", value("HOST") condition(filter(f_fsmon))); - set("<%= @system_name %> glance-api.log ${HOST}", value("HOST") condition(filter(f_glanceapi))); - set("<%= @system_name %> glance-registry.log ${HOST}", value("HOST") condition(filter(f_glanceregistry))); - set("<%= @system_name %> glance-registry-api.log ${HOST}", value("HOST") condition(filter(f_glanceregistryrest))); set("<%= @system_name %> guestAgent.log ${HOST}", value("HOST") condition(filter(f_guestagent))); set("<%= @system_name %> guestServer.log ${HOST}", value("HOST") condition(filter(f_guestserver))); set("<%= @system_name %> hbsAgent.log ${HOST}", value("HOST") condition(filter(f_hbsagent))); set("<%= @system_name %> hbsClient.log ${HOST}", value("HOST") condition(filter(f_hbsclient))); - set("<%= @system_name %> heat-api-cfn.log ${HOST}", value("HOST") condition(filter(f_heatapicfn))); - set("<%= @system_name %> heat-api-cloudwatch.log ${HOST}", value("HOST") condition(filter(f_heatapicloud))); - set("<%= @system_name %> heat-api.log ${HOST}", value("HOST") condition(filter(f_heatapi))); - set("<%= @system_name %> heat-engine.log ${HOST}", value("HOST") condition(filter(f_heatengine))); set("<%= @system_name %> horizon.log ${HOST}", value("HOST") condition(filter(f_horizon))); set("<%= @system_name %> hostwd.log ${HOST}", value("HOST") condition(filter(f_hostw))); set("<%= @system_name %> hwmond.log ${HOST}", value("HOST") condition(filter(f_hwmon))); - set("<%= @system_name %> ironic-api.log ${HOST}", value("HOST") condition(filter(f_ironicapi))); - set("<%= @system_name %> ironic-conductor.log ${HOST}", value("HOST") condition(filter(f_ironicconductor))); set("<%= @system_name %> kern.log ${HOST}", value("HOST") condition(filter(f_kern))); set("<%= @system_name %> keystone-api.log ${HOST}", value("HOST") condition(filter(f_keystoneapi))); set("<%= @system_name %> keystone-all.log ${HOST}", value("HOST") condition(filter(f_keystoneall))); set("<%= @system_name %> libvirtd.log ${HOST}", value("HOST") condition(filter(f_libvirtd))); set("<%= @system_name %> local4.log ${HOST}", value("HOST") condition(filter(f_local4))); set("<%= @system_name %> lpr.log ${HOST}", value("HOST") condition(filter(f_lpr))); - set("<%= @system_name %> magnum-api.log ${HOST}", value("HOST") condition(filter(f_magnumapi))); - set("<%= @system_name %> magnum-conductor.log ${HOST}", value("HOST") condition(filter(f_magnumconductor))); set("<%= @system_name %> mail.log ${HOST}", value("HOST") condition(filter(f_mail))); set("<%= @system_name %> mtcAgent_alarm.log ${HOST}", value("HOST") condition(filter(f_mtcagentalarm))); set("<%= @system_name %> mtcAgent_api.log ${HOST}", value("HOST") condition(filter(f_mtcagentapi))); set("<%= @system_name %> mtcAgent_event.log ${HOST}", value("HOST") condition(filter(f_mtcagentevent))); set("<%= @system_name %> mtcAgent.log ${HOST}", value("HOST") condition(filter(f_mtcagent))); set("<%= @system_name %> mtcClient.log ${HOST}", value("HOST") condition(filter(f_mtcclient))); - set("<%= @system_name %> murano-api.log ${HOST}", value("HOST") condition(filter(f_muranoapi))); - set("<%= @system_name %> murano-engine.log ${HOST}", value("HOST") condition(filter(f_muranoengine))); set("<%= @system_name %> news.crit ${HOST}", value("HOST") condition(filter(f_newscrit))); set("<%= @system_name %> news.err ${HOST}", value("HOST") condition(filter(f_newserr))); set("<%= @system_name %> news.notice ${HOST}", value("HOST") condition(filter(f_newsnotice))); set("<%= @system_name %> nfv-vim-api.log ${HOST}", value("HOST") condition(filter(f_vim_api))); set("<%= @system_name %> nfv-vim.log ${HOST}", value("HOST") condition(filter(f_vim))); set("<%= @system_name %> nfv-vim-webserver.log ${HOST}", value("HOST") condition(filter(f_vim_webserver))); - set("<%= @system_name %> nova-api.log ${HOST}", value("HOST") condition(filter(f_novaapi))); - set("<%= @system_name %> nova-compute.log ${HOST}", value("HOST") condition(filter(f_novacompute))); - set("<%= @system_name %> nova-conductor.log ${HOST}", value("HOST") condition(filter(f_novaconductor))); - set("<%= @system_name %> nova-consoleauth.log ${HOST}", value("HOST") condition(filter(f_novaconsole))); - set("<%= @system_name %> nova-manage.log ${HOST}", value("HOST") condition(filter(f_novamanage))); - set("<%= @system_name %> nova-scheduler.log ${HOST}", value("HOST") condition(filter(f_novascheduler))); - set("<%= @system_name %> nova-placement-api.log ${HOST}", value("HOST") condition(filter(f_novaplacementapi))); - set("<%= @system_name %> neutron-api.log ${HOST}", value("HOST") condition(filter(f_neutronapi))); set("<%= @system_name %> openstack.log ${HOST}", value("HOST") condition(filter(f_local2))); - set("<%= @system_name %> panko-api.log ${HOST}", value("HOST") condition(filter(f_pankoapi))); - set("<%= @system_name %> panko-dbsync.log ${HOST}", value("HOST") condition(filter(f_pankodbsync))); - set("<%= @system_name %> panko-expirer.log ${HOST}", value("HOST") condition(filter(f_pankoexpirer))); set("<%= @system_name %> platform.log ${HOST}", value("HOST") condition(filter(f_local1))); set("<%= @system_name %> pmond.log ${HOST}", value("HOST") condition(filter(f_pmon))); set("<%= @system_name %> postgres.log ${HOST}", value("HOST") condition(filter(f_local0))); @@ -94,7 +59,6 @@ rewrite r_rewrite_set{ set("<%= @system_name %> rmond_notify.log ${HOST}", value("HOST") condition(filter(f_rmon_notify))); set("<%= @system_name %> sm.log ${HOST}", value("HOST") condition(filter(f_local3))); set("<%= @system_name %> sysinv-api.log ${HOST}", value("HOST") condition(filter(f_sysinvapi))); - set("<%= @system_name %> nova-api-proxy.log ${HOST}", value("HOST") condition(filter(f_novaapiproxy))); set("<%= @system_name %> sysinv.log ${HOST}", value("HOST") condition(filter(f_sysinv))); set("<%= @system_name %> syslog ${HOST}", value("HOST") condition(filter(f_syslog))); set("<%= @system_name %> user.log ${HOST}", value("HOST") condition(filter(f_user)));