openstack
/
cookbook-openstack-compute
Code Issues Proposed changes

refactoring final step 

* added endpoint attributes (moved from common)
* removed qpid as a messaging option (can be incuded in a wrapper)
* removed os-bare-metal dependencies
* deleted default attributes from nova.conf.rb originated in
  openstack-common
* removed fedora and suse as supported platform
* adapted optimized endpoint logic
* removed rubocop exceptions in recipes and regenerated the
  .rubocop_todo.yaml containing all remaining exceptions
* added versionbumb for refactored os-identity and common
* moved version up to 13.0.0 for mitaka release
* adapted the specs (unit tests) to work again
* refactored spec_helper.rb method "expect_creates_api_paste"
* added new logic into templates/default/nova.conf.erb
* refactored attributes throughout all recipes that were connected to
  the attributes used for the nova.conf.erb template to adapt the new
  template attribute syntax
* moved all attributes from attributes/default.rb that were used in
  nova_conf.erb to attributes/nova_conf.rb
* refactored attributes to fit upcomming template logic
* refactored recipes/nova_common.rb to fit upcomming template logic
* removed all attributes from default.rb and nova.conf.erb which are set
  as default in attributes, openstack doc and used to render the template
* removed nova-network as a supported config option

Depends-On: I9cc1b5cc069987ac83e064322c2291772505ff5f
Depends-On: Ifa5a7f4e1df47a3961976e64f654224864c3dcb4
Depends-On: I3262b2e6f792f37c32a446e6567790b82bdd4613
Depends-On: I0547182085eed91d05384fdd7734408a839a9a2c
Implements: blueprint cookbook-refactoring
Change-Id: I9ac9eeb29ab27f31394830e4b6f999d5870cc0e4
This commit is contained in:
Christoph Albers 2015-11-23 15:18:03 +01:00
parent a7ce50ea7a
commit 799029519b
43 changed files with 568 additions and 3264 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
.rubocop_todo.yml
View File

@ -1,30 +1,66 @@
# This configuration was generated by `rubocop --auto-gen-config`
# on 2015-05-28 15:42:49 -0500 using RuboCop version 0.29.1.
# The point is for the user to remove these configuration records
# one by one as the offenses are removed from the code base.
# Note that changes in the inspected code, or installation of new
# versions of RuboCop, may require this file to be generated again.
# Offense count: 1
# Cop supports --auto-correct.
Lint/UnusedMethodArgument:
Enabled: false
# Offense count: 2
Metrics/AbcSize:
Max: 69
# Offense count: 9
# Configuration parameters: EnforcedStyle, SupportedStyles.
Style/ClassAndModuleChildren:
Enabled: false
# Offense count: 2
# Configuration parameters: MinBodyLength.
Style/GuardClause:
Enabled: false
# Offense count: 1
# Configuration parameters: EnforcedStyle, MinBodyLength, SupportedStyles.
Style/Next:
Enabled: false
# This configuration was generated by
# `rubocop --auto-gen-config`
# on 2016-01-14 11:18:26 +0100 using RuboCop version 0.35.1.
# The point is for the user to remove these configuration records
# one by one as the offenses are removed from the code base.
# Note that changes in the inspected code, or installation of new
# versions of RuboCop, may require this file to be generated again.
# Offense count: 1
# Cop supports --auto-correct.
# Configuration parameters: AllowUnusedKeywordArguments, IgnoreEmptyMethods.
Lint/UnusedMethodArgument:
Exclude:
- 'recipes/libvirt.rb'
# Offense count: 1
Metrics/AbcSize:
Max: 16
# Offense count: 2
# Configuration parameters: CountComments.
Metrics/MethodLength:
Max: 19
# Offense count: 9
# Configuration parameters: EnforcedStyle, SupportedStyles.
Style/ClassAndModuleChildren:
Exclude:
- 'recipes/api-ec2.rb'
- 'recipes/api-metadata.rb'
- 'recipes/api-os-compute.rb'
- 'recipes/client.rb'
- 'recipes/compute.rb'
- 'recipes/identity_registration.rb'
- 'recipes/libvirt_rbd.rb'
- 'recipes/nova-common.rb'
- 'recipes/nova-setup.rb'
# Offense count: 9
# Configuration parameters: Exclude.
Style/Documentation:
Exclude:
- 'spec/**/*'
- 'test/**/*'
- 'recipes/api-ec2.rb'
- 'recipes/api-metadata.rb'
- 'recipes/api-os-compute.rb'
- 'recipes/client.rb'
- 'recipes/compute.rb'
- 'recipes/identity_registration.rb'
- 'recipes/libvirt_rbd.rb'
- 'recipes/nova-common.rb'
- 'recipes/nova-setup.rb'
# Offense count: 2
# Configuration parameters: MinBodyLength.
Style/GuardClause:
Exclude:
- 'recipes/libvirt.rb'
# Offense count: 1
# Cop supports --auto-correct.
# Configuration parameters: EnforcedStyle, MinBodyLength, SupportedStyles.
Style/Next:
Exclude:
- 'recipes/libvirt.rb'

2
Berksfile
View File

@ -2,8 +2,6 @@ source "https://supermarket.chef.io"
metadata
cookbook "openstack-bare-metal",
github: "openstack/cookbook-openstack-bare-metal"
cookbook "openstack-image",
github: "openstack/cookbook-openstack-image"
cookbook "openstack-identity",

551
attributes/default.rb
View File

@ -2,7 +2,7 @@
#
########################################################################
# Toggles - These can be overridden at the environment level
default['enable_monit'] = false # OS provides packages
default['enable_monit'] = false # OS provides packages
########################################################################
# Set to some text value if you want templated config files
@ -16,72 +16,23 @@ default['openstack']['compute']['custom_template_banner'] = '
# that Nova uses
default['openstack']['compute']['rabbit_server_chef_role'] = 'os-ops-messaging'
default['openstack']['compute']['verbose'] = 'False'
default['openstack']['compute']['debug'] = 'False'
default['openstack']['compute']['state_path'] = '/var/lib/nova'
default['openstack']['compute']['instances_path'] =
"#{node['openstack']['compute']['state_path']}/instances"
default['openstack']['compute']['network_allocate_retries'] = 0
default['openstack']['compute']['instance_name_template'] = 'instance-%08x'
# The lock_path normally uses /var/lock/nova, but it's not allowed in openSUSE,
# so setting lock_path to $state_path/lock like in Neutron.
default['openstack']['compute']['lock_path'] =
"#{node['openstack']['compute']['state_path']}/lock"
# Workers
# nova will default to number of cpus
default['openstack']['compute']['ec2_workers'] = nil
default['openstack']['compute']['osapi_compute_workers'] = nil
default['openstack']['compute']['metadata_workers'] = nil
# Set dbsync command timeout value
default['openstack']['compute']['dbsync_timeout'] = 3600
# The name of the Chef role that sets up the Keystone Service API
default['openstack']['compute']['identity_service_chef_role'] = 'os-identity'
# The dnsmasq config file path
default['openstack']['compute']['dnsmasq_config_file'] = ''
# Disallow non-encrypted connections
default['openstack']['compute']['ssl_only'] = false
# SSL certificate file
default['openstack']['compute']['cert'] = 'self.pem'
# SSL key file (if separate from cert)
default['openstack']['compute']['key'] = ''
# Common rpc definitions
default['openstack']['compute']['rpc_thread_pool_size'] = 64
default['openstack']['compute']['rpc_conn_pool_size'] = 30
default['openstack']['compute']['rpc_response_timeout'] = 60
case node['openstack']['mq']['service_type']
when 'rabbitmq'
default['openstack']['compute']['rpc_backend'] = 'nova.openstack.common.rpc.impl_kombu'
when 'qpid'
default['openstack']['compute']['rpc_backend'] = 'nova.openstack.common.rpc.impl_qpid'
end
default['openstack']['compute']['service_tenant_name'] = 'service'
default['openstack']['compute']['service_user'] = 'nova'
default['openstack']['compute']['service_role'] = 'admin'
case platform_family
when 'fedora', 'rhel', 'debian'
when 'rhel', 'debian'
default['openstack']['compute']['user'] = 'nova'
default['openstack']['compute']['group'] = 'nova'
when 'suse'
default['openstack']['compute']['user'] = 'openstack-nova'
default['openstack']['compute']['group'] = 'openstack-nova'
end
# Logging stuff
default['openstack']['compute']['log_dir'] = '/var/log/nova'
default['openstack']['compute']['syslog']['use'] = false
default['openstack']['compute']['syslog']['facility'] = 'LOG_LOCAL1'
default['openstack']['compute']['syslog']['config_facility'] = 'local1'
@ -89,17 +40,6 @@ default['openstack']['compute']['region'] = node['openstack']['region']
default['openstack']['compute']['floating_cmd'] = '/usr/local/bin/add_floaters.py'
# Support multiple network types. Default network type is 'nova'
# with the other option supported being 'neutron'
default['openstack']['compute']['network']['service_type'] = 'nova'
# if the network type is not nova, we will load the following
# plugins from openstack-network
default['openstack']['compute']['network']['plugins'] = ['openvswitch']
# Enable guestfs debug
default['openstack']['compute']['guestfs']['debug'] = false
# rootwrap.conf
default['openstack']['compute']['rootwrap']['filters_path'] = '/etc/nova/rootwrap.d,/usr/share/nova/rootwrap'
default['openstack']['compute']['rootwrap']['exec_dirs'] = '/sbin,/usr/sbin,/bin,/usr/bin'
@ -107,201 +47,9 @@ default['openstack']['compute']['rootwrap']['use_syslog'] = 'False'
default['openstack']['compute']['rootwrap']['syslog_log_facility'] = 'syslog'
default['openstack']['compute']['rootwrap']['syslog_log_level'] = 'ERROR'
# If True, this indicates that glance-api allows the client to perform
# insecure SSL(https) requests; this should be the same as the setting
# in the glance-api service.
default['openstack']['compute']['image']['glance_insecure'] = false
# CA certificate file to use to verify connecting clients
default['openstack']['compute']['image']['ssl']['ca_file'] = nil
# Certificate file to use when starting the server securely
default['openstack']['compute']['image']['ssl']['cert_file'] = nil
# Private key file to use when starting the server securely
default['openstack']['compute']['image']['ssl']['key_file'] = nil
# A list of url scheme that can be downloaded directly
# via the direct_url. Currently supported schemes: [file].
default['openstack']['compute']['image']['allowed_direct_url_schemes'] = []
# Image file url support
# For each entry in the filesystem list a new configuration section must be
# added with the following format:
#
# filesystem name:
#
# id:
# An opaque string. In order for this module to know that the remote
# FS is the same one that is mounted locally it must share information
# with the glance deployment. Both glance and nova-compute must be
# configured with a unique matching string. This ensures that the
# file:// advertised URL is describing a file system that is known
# to nova-compute
# mountpoint:
# The location at which the file system is locally mounted. Glance
# may mount a shared file system on a different path than nova-compute.
# This value will be compared against the metadata advertised with
# glance and paths will be adjusted to ensure that the correct file
# is copied.
#
# For example: {
# 'some_fs' => {
# 'id' => '00000000-0000-0000-0000-000000000000',
# 'mountpoint' => '/mount/some_fs/images'
# },
# 'another_fs' => {
# 'id' => '1111111-1111-1111-1111-1111111111111',
# 'mountpoint' => '/mount/another_fs/images'
# }
# }
#
# This will produce the following in nova.conf
#
# [image_file_url]
# filesystems=some_fs,another_fs
# [image_file_url:some_fs]
# id=00000000-0000-0000-0000-000000000000
# mountpoint=/mount/some_fs/images
# [image_file_url:another_fs]
# id=1111111-1111-1111-1111-1111111111111
# mountpoint=/mount/another_fs/images
default['openstack']['compute']['image']['filesystems'] = nil
# Neutron options
# If True, this indicates that neutron api allows the client to perform
# insecure SSL (https) requests. This should be the same as the setting
# in the neutron api service.
default['openstack']['compute']['network']['neutron']['insecure'] = false
default['openstack']['compute']['network']['neutron']['network_api_class'] = 'nova.network.neutronv2.api.API'
default['openstack']['compute']['network']['neutron']['auth_strategy'] = 'keystone'
default['openstack']['compute']['network']['neutron']['admin_tenant_name'] = 'service'
default['openstack']['compute']['network']['neutron']['admin_username'] = 'neutron'
default['openstack']['compute']['network']['neutron']['libvirt_vif_driver'] = 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver'
default['openstack']['compute']['network']['neutron']['linuxnet_interface_driver'] = 'nova.network.linux_net.LinuxOVSInterfaceDriver'
default['openstack']['compute']['network']['neutron']['security_group_api'] = 'neutron'
default['openstack']['compute']['network']['neutron']['service_neutron_metadata_proxy'] = true
default['openstack']['compute']['network']['neutron']['metadata_secret_name'] = 'neutron_metadata_shared_secret'
default['openstack']['compute']['network']['neutron']['public_network_name'] = 'public'
default['openstack']['compute']['network']['neutron']['dns_server'] = '8.8.8.8'
# Timeout value for connecting to neutron in seconds
default['openstack']['compute']['network']['neutron']['timeout'] = 30
# Region name for connecting to neutron in admin context
default['openstack']['compute']['network']['neutron']['region_name'] = nil
# Name of Integration Bridge used by Open vSwitch
default['openstack']['compute']['network']['neutron']['ovs_bridge'] = 'br-int'
# Number of seconds before querying neutron for extensions
default['openstack']['compute']['network']['neutron']['extension_sync_interval'] = 600
# Location of CA certificates file to use for neutron client requests
default['openstack']['compute']['network']['neutron']['cafile'] = nil
# TODO(shep): This should probably be ['openstack']['compute']['network']['fixed']
default['openstack']['compute']['networks'] = [
{
'label' => 'public',
'ipv4_cidr' => '192.168.100.0/24',
'num_networks' => '1',
'network_size' => '255',
'bridge' => 'br100',
'bridge_dev' => 'eth2',
'dns1' => '8.8.8.8',
'dns2' => '8.8.4.4',
'multi_host' => 'T'
},
{
'label' => 'private',
'ipv4_cidr' => '192.168.200.0/24',
'num_networks' => '1',
'network_size' => '255',
'bridge' => 'br200',
'bridge_dev' => 'eth3',
'dns1' => '8.8.8.8',
'dns2' => '8.8.4.4',
'multi_host' => 'T'
}
]
# For VLAN Networking, do the following:
#
# default['openstack']['compute']['network']['network_manager'] = 'nova.network.manager.VlanManager'
# default['openstack']['compute']['network']['vlan_interface'] = 'eth1' # Or 'eth2', 'bond1', etc...
#
# In addition to the above, you typically either want to do one of the following:
#
# 1) Set default['openstack']['compute']['networks'] to an empty Array ([]) and create your
# VLAN networks (using nova-manage network create) **when you create a tenant**.
#
# 2) Set default['openstack']['compute']['networks'] to an Array of VLAN networks that get created
# **without a tenant assignment** for tenants to use when they are created later.
# Such an array might look like this:
#
# default['openstack']['compute']['networks'] = [
# {
# 'label': 'vlan100',
# 'vlan': '100',
# 'ipv4_cidr': '10.0.100.0/24'
# },
# {
# 'label': 'vlan101',
# 'vlan': '101',
# 'ipv4_cidr': '10.0.101.0/24'
# },
# {
# 'label': 'vlan102',
# 'vlan': '102',
# 'ipv4_cidr': '10.0.102.0/24'
# },
# ]
default['openstack']['compute']['network']['multi_host'] = false
# DMZ CIDR is a range of IP addresses that should not
# have their addresses SNAT'ed by the nova network controller
default['openstack']['compute']['network']['dmz_cidr'] = '10.128.0.0/24'
default['openstack']['compute']['network']['network_manager'] = 'nova.network.manager.FlatDHCPManager'
default['openstack']['compute']['network']['public_interface'] = 'eth0'
default['openstack']['compute']['network']['vlan_interface'] = 'eth0'
# Options for floating ips for Nova
default['openstack']['compute']['network']['auto_assign_floating_ip'] = false
# The following two attributes can be used to enabled floating ip addresses.
# For nova networking, you can use either the cidr or the range.
# For neutron networking, you can use the cidr and not the range.
# Example of valid cidr and range values.
# ['openstack']['compute']['network']['floating']['ipv4_cidr'] = '10.10.10.0/24'
# ['openstack']['compute']['network']['floating']['ipv4_range'] = '10.10.10.1,10.10.10.5'
# https://bugs.launchpad.net/nova/+bug/1075859
default['openstack']['compute']['network']['use_single_default_gateway'] = false
default['openstack']['compute']['network']['use_ipv6'] = false
default['openstack']['compute']['scheduler']['scheduler_manager'] = 'nova.scheduler.manager.SchedulerManager'
default['openstack']['compute']['scheduler']['scheduler_driver'] = 'nova.scheduler.filter_scheduler.FilterScheduler'
default['openstack']['compute']['scheduler']['scheduler_host_manager'] = 'nova.scheduler.host_manager.HostManager'
default['openstack']['compute']['scheduler']['available_filters'] = 'nova.scheduler.filters.all_filters'
default['openstack']['compute']['scheduler']['default_filters'] = %w(
RetryFilter
AvailabilityZoneFilter
RamFilter
ComputeFilter
ComputeCapabilitiesFilter
ImagePropertiesFilter
ServerGroupAntiAffinityFilter
ServerGroupAffinityFilter)
default['openstack']['compute']['driver'] = 'libvirt.LibvirtDriver'
default['openstack']['compute']['manager'] = 'nova.compute.manager.ComputeManager'
default['openstack']['compute']['default_ephemeral_format'] = nil
default['openstack']['compute']['preallocate_images'] = 'none'
default['openstack']['compute']['use_cow_images'] = true
default['openstack']['compute']['vif_plugging_is_fatal'] = true
default['openstack']['compute']['vif_plugging_timeout'] = 300
default['openstack']['compute']['libvirt']['virt_type'] = 'kvm'
default['openstack']['compute']['libvirt']['auth_tcp'] = 'none'
default['openstack']['compute']['libvirt']['remove_unused_base_images'] = true
default['openstack']['compute']['libvirt']['remove_unused_resized_minimum_age_seconds'] = 3600
default['openstack']['compute']['libvirt']['remove_unused_original_minimum_age_seconds'] = 3600
default['openstack']['compute']['libvirt']['checksum_base_images'] = false
# libvirt.max_clients (default: 20)
default['openstack']['compute']['libvirt']['max_clients'] = 20
# libvirt.max_workers (default: 20)
@ -310,25 +58,9 @@ default['openstack']['compute']['libvirt']['max_workers'] = 20
default['openstack']['compute']['libvirt']['max_requests'] = 20
# libvirt.max_client_requests (default: 5)
default['openstack']['compute']['libvirt']['max_client_requests'] = 5
if node['platform'] == 'suse'
default['openstack']['compute']['libvirt']['group'] = 'libvirt'
else
default['openstack']['compute']['libvirt']['group'] = 'libvirtd'
end
default['openstack']['compute']['libvirt']['group'] = 'libvirtd'
default['openstack']['compute']['libvirt']['unix_sock_rw_perms'] = '0770'
default['openstack']['compute']['libvirt']['libvirt_inject_key'] = true
default['openstack']['compute']['libvirt']['libvirt_inject_password'] = false
default['openstack']['compute']['libvirt']['libvirt_inject_partition'] = -2
# A path to a device that will be used as source of entropy on the host. Permitted options are: /dev/random or /dev/hwrng (string value)
default['openstack']['compute']['libvirt']['rng_dev_path'] = nil
# VM Images format. Acceptable values are: raw, qcow2, lvm,
# rbd, default. If default is specified, then use_cow_images
# flag is used instead of this one. (string value)
# (The cookbook doesn't set that value, so if you want cow, set qcow2 here.)
default['openstack']['compute']['libvirt']['images_type'] = 'default'
# lvm
default['openstack']['compute']['libvirt']['volume_group'] = nil
default['openstack']['compute']['libvirt']['sparse_logical_volumes'] = false
# rbd
default['openstack']['compute']['libvirt']['rbd']['ceph_conf'] = '/etc/ceph/ceph.conf'
# use a different backend for volumes, allowed options: rbd
@ -336,29 +68,9 @@ default['openstack']['compute']['libvirt']['volume_backend'] = nil
default['openstack']['compute']['libvirt']['rbd']['cinder']['pool'] = 'volumes'
default['openstack']['compute']['libvirt']['rbd']['glance']['pool'] = 'images'
default['openstack']['compute']['libvirt']['rbd']['nova']['pool'] = 'instances'
default['openstack']['compute']['libvirt']['rbd']['cinder']['user'] = 'cinder'
default['openstack']['compute']['libvirt']['rbd']['cinder']['secret_uuid'] = '00000000-0000-0000-0000-000000000000'
# live migration
default['openstack']['compute']['libvirt']['live_migration_bandwidth'] = 0
default['openstack']['compute']['libvirt']['live_migration_flag'] = 'VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST'
default['openstack']['compute']['libvirt']['block_migration_flag'] = 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_NON_SHARED_INC'
default['openstack']['compute']['libvirt']['live_migration_uri'] = 'qemu+tcp://%s/system'
# Explicitly set the cpu_mode option under libvirt section
# When this option is set, it will override all other logics related to cpu_mode
default['openstack']['compute']['libvirt']['cpu_mode'] = nil
# Sync virtual and real mouse cursors in Windows VMs (boolean value)
default['openstack']['compute']['config']['use_usb_tablet'] = 'true'
default['openstack']['compute']['config']['availability_zone'] = 'nova'
default['openstack']['compute']['config']['default_schedule_zone'] = 'nova'
default['openstack']['compute']['config']['force_raw_images'] = false
default['openstack']['compute']['config']['allow_same_net_traffic'] = true
# The maximum number of items returned in a single
# response from a collection resource
default['openstack']['compute']['config']['osapi_max_limit'] = 1000
# Base URL that will be presented to users in links
# to the OpenStack Compute API
default['openstack']['compute']['config']['osapi_compute_link_prefix'] = nil
@ -366,72 +78,12 @@ default['openstack']['compute']['config']['osapi_compute_link_prefix'] = nil
# to glance resources
default['openstack']['compute']['config']['osapi_glance_link_prefix'] = nil
default['openstack']['compute']['config']['cpu_allocation_ratio'] = 16.0
default['openstack']['compute']['config']['ram_allocation_ratio'] = 1.5
default['openstack']['compute']['config']['disk_allocation_ratio'] = 1.0
default['openstack']['compute']['config']['snapshot_image_format'] = 'qcow2'
default['openstack']['compute']['config']['allow_resize_to_same_host'] = false
default['openstack']['compute']['config']['resize_confirm_window'] = 0
default['openstack']['compute']['config']['heal_instance_info_cache_interval'] = 60
default['openstack']['compute']['config']['reserved_host_disk_mb'] = 0
default['openstack']['compute']['config']['reserved_host_memory_mb'] = 512
# `start` will cause nova-compute to error out if a VM is already running, where
# `resume` checks to see if it is running first.
default['openstack']['compute']['config']['start_guests_on_host_boot'] = false
# requires https://review.openstack.org/#/c/8423/
default['openstack']['compute']['config']['resume_guests_state_on_host_boot'] = true
# force_config_drive can be nil or 'always',
# if it's 'always', nova will create a config drive regardless of if the user specified --config-drive true in their nova boot call
default['openstack']['compute']['config']['force_config_drive'] = nil
# Config drive format, should be one of iso9660 or vfat
default['openstack']['compute']['config']['config_drive_format'] = 'iso9660'
default['openstack']['compute']['config']['mkisofs_cmd'] = 'genisoimage'
default['openstack']['compute']['config']['injected_network_template'] = '$pybasedir/nova/virt/interfaces.template'
default['openstack']['compute']['config']['flat_injected'] = false
# Volume API class (driver)
default['openstack']['compute']['config']['volume_api_class'] = 'nova.volume.cinder.API'
# Cinder options
# Location of ca certificates file to use for cinder client requests.
default['openstack']['compute']['block-storage']['cinder_cafile'] = nil
# Allow to perform insecure SSL requests to cinder
default['openstack']['compute']['block-storage']['cinder_insecure'] = false
# Info to match when looking for cinder in the service catalog
default['openstack']['compute']['block-storage']['cinder_catalog_info'] = 'volumev2:cinderv2:publicURL'
# quota settings
default['openstack']['compute']['config']['quota_security_groups'] = 50
default['openstack']['compute']['config']['quota_security_group_rules'] = 20
# (StrOpt) default driver to use for quota checks (default: nova.quota.DbQuotaDriver)
default['openstack']['compute']['config']['quota_driver'] = 'nova.quota.DbQuotaDriver'
# number of instance cores allowed per project (default: 20)
default['openstack']['compute']['config']['quota_cores'] = 20
# number of fixed ips allowed per project (this should be at least the number of instances allowed) (default: -1)
default['openstack']['compute']['config']['quota_fixed_ips'] = -1
# number of floating ips allowed per project (default: 10)
default['openstack']['compute']['config']['quota_floating_ips'] = 10
# number of bytes allowed per injected file (default: 10240)
default['openstack']['compute']['config']['quota_injected_file_content_bytes'] = 10240
# number of bytes allowed per injected file path (default: 255)
default['openstack']['compute']['config']['quota_injected_file_path_length'] = 255
# number of injected files allowed (default: 5)
default['openstack']['compute']['config']['quota_injected_files'] = 5
# number of instances allowed per project (defailt: 10)
default['openstack']['compute']['config']['quota_instances'] = 10
# number of key pairs per user (default: 100)
default['openstack']['compute']['config']['quota_key_pairs'] = 100
# number of metadata items allowed per instance (default: 128)
default['openstack']['compute']['config']['quota_metadata_items'] = 128
# megabytes of instance ram allowed per project (default: 51200)
default['openstack']['compute']['config']['quota_ram'] = 51200
# disk cache modes
default['openstack']['compute']['config']['disk_cachemodes'] = nil
# Number of 1 second retries needed in live_migration
default['openstack']['compute']['config']['live_migration_retry_count'] = 30
default['openstack']['compute']['ratelimit']['settings'] = {
'generic-post-limit' => { 'verb' => 'POST', 'uri' => '*', 'regex' => '.*', 'limit' => '10', 'interval' => 'MINUTE' },
'create-servers-limit' => { 'verb' => 'POST', 'uri' => '*/servers', 'regex' => '^/servers', 'limit' => '50', 'interval' => 'DAY' },
@ -441,7 +93,7 @@ default['openstack']['compute']['ratelimit']['settings'] = {
}
# Metering settings
default['openstack']['compute']['metering'] = false
default['openstack']['compute']['metering'] = false ####
# Notification settings
if node['openstack']['compute']['metering']
@ -460,44 +112,20 @@ end
# Monitor settings
default['openstack']['compute']['config']['compute_available_monitors'] = ['nova.compute.monitors.all_monitors']
default['openstack']['compute']['config']['compute_monitors'] = []
# Keystone settings
default['openstack']['compute']['api']['auth_strategy'] = 'keystone'
default['openstack']['compute']['api']['auth']['version'] = node['openstack']['api']['auth']['version']
# A list of memcached server(s) for caching
default['openstack']['compute']['api']['auth']['memcached_servers'] = nil
# Whether token data should be authenticated or authenticated and encrypted. Acceptable values are MAC or ENCRYPT.
default['openstack']['compute']['api']['auth']['memcache_security_strategy'] = nil
# This string is used for key derivation.
default['openstack']['compute']['api']['auth']['memcache_secret_key'] = nil
# Hash algorithms to use for hashing PKI tokens.
default['openstack']['compute']['api']['auth']['hash_algorithms'] = 'md5'
# A PEM encoded Certificate Authority to use when verifying HTTPs connections.
default['openstack']['compute']['api']['auth']['cafile'] = nil
# Whether to allow the client to perform insecure SSL (https) requests
default['openstack']['compute']['api']['auth']['insecure'] = false
# Keystone PKI signing directories
default['openstack']['compute']['api']['auth']['cache_dir'] = '/var/cache/nova/api'
# Conductor settings
# Perform nova-conductor operations locally (boolean value)
default['openstack']['compute']['conductor']['use_local'] = 'False'
# nova-conductor will default to number of cpus
default['openstack']['compute']['conductor']['workers'] = nil
default['openstack']['compute']['network']['force_dhcp_release'] = true
case platform_family
when 'fedora', 'rhel', 'suse' # :pragma-foodcritic: ~FC024 - won't fix this
when 'rhel' # :pragma-foodcritic: ~FC024 - won't fix this
default['openstack']['compute']['platform'] = {
'api_ec2_packages' => ['openstack-nova-api'],
'api_ec2_service' => 'openstack-nova-api',
@ -512,8 +140,6 @@ when 'fedora', 'rhel', 'suse' # :pragma-foodcritic: ~FC024 - won't fix this
'qemu_compute_packages' => [],
'kvm_compute_packages' => [],
'compute_compute_service' => 'openstack-nova-compute',
'compute_network_packages' => ['iptables', 'openstack-nova-network'],
'compute_network_service' => 'openstack-nova-network',
'compute_scheduler_packages' => ['openstack-nova-scheduler'],
'compute_scheduler_service' => 'openstack-nova-scheduler',
'compute_conductor_packages' => ['openstack-nova-conductor'],
@ -533,23 +159,10 @@ when 'fedora', 'rhel', 'suse' # :pragma-foodcritic: ~FC024 - won't fix this
'mysql_service' => 'mysqld',
'common_packages' => ['openstack-nova-common'],
'iscsi_helper' => 'ietadm',
'nfs_packages' => ['nfs-utils', 'nfs-utils-lib'],
'volume_packages' => ['sysfsutils', 'sg3_utils', 'device-mapper-multipath'],
'docker_build_pkgs' => ['git', 'python-devel', 'gcc'],
'package_overrides' => ''
}
if platform_family == 'suse'
default['openstack']['compute']['platform']['dbus_service'] = 'dbus'
default['openstack']['compute']['platform']['neutron_python_packages'] = ['python-neutronclient', 'python-pyparsing']
default['openstack']['compute']['platform']['common_packages'] = ['openstack-nova']
default['openstack']['compute']['platform']['kvm_packages'] = ['kvm']
default['openstack']['compute']['platform']['xen_packages'] = ['kernel-xen', 'xen', 'xen-tools']
default['openstack']['compute']['platform']['lxc_packages'] = ['lxc']
default['openstack']['compute']['platform']['nfs_packages'] = ['nfs-utils']
end
# Since the bug (https://bugzilla.redhat.com/show_bug.cgi?id=788485) not released in epel yet
# For 'fedora', 'redhat', 'centos', we need set the default value of force_dhcp_release is 'false'
default['openstack']['compute']['network']['force_dhcp_release'] = false
when 'debian'
default['openstack']['compute']['platform'] = {
'api_ec2_packages' => ['nova-api-ec2'],
@ -565,8 +178,6 @@ when 'debian'
'qemu_compute_packages' => ['nova-compute-qemu'],
'kvm_compute_packages' => ['nova-compute-kvm'],
'compute_compute_service' => 'nova-compute',
'compute_network_packages' => ['iptables', 'nova-network'],
'compute_network_service' => 'nova-network',
'compute_scheduler_packages' => ['nova-scheduler'],
'compute_scheduler_service' => 'nova-scheduler',
'compute_conductor_packages' => ['nova-conductor'],
@ -587,24 +198,12 @@ when 'debian'
'mysql_service' => 'mysql',
'common_packages' => ['nova-common'],
'iscsi_helper' => 'tgtadm',
'nfs_packages' => ['nfs-common'],
'volume_packages' => ['sysfsutils', 'sg3-utils', 'multipath-tools'],
'docker_build_pkgs' => ['git', 'python-dev', 'gcc'],
'package_overrides' => "-o Dpkg::Options::='--force-confold' -o Dpkg::Options::='--force-confdef'"
}
end
# Enable VNC related features (boolean value)
default['openstack']['compute']['vnc']['enabled'] = 'true'
# VNC keymap
default['openstack']['compute']['vnc']['keymap'] = 'en-us'
# plugins
default['openstack']['compute']['plugins'] = nil
# Array of options for `nova.conf` (e.g. ['option1=value1', 'option2=value2'])
default['openstack']['compute']['misc_nova'] = nil
# Array of options for `api-paste.ini` (e.g. ['option1=value1', ...])
default['openstack']['compute']['misc_paste'] = nil
@ -614,91 +213,13 @@ default['openstack']['compute']['misc_paste'] = nil
# NOTE: api-metadata. By default the api-metadata recipe is included in
# NOTE: the os-compute-api role which is included in the
# NOTE: os-compute-single-controller role.
default['openstack']['compute']['enabled_apis'] = 'ec2,osapi_compute'
# VMware driver
default['openstack']['compute']['vmware']['secret_name'] = 'openstack_vmware_secret_name'
# URL for connection to VMware ESX/VC host. (string value)
default['openstack']['compute']['vmware']['host_ip'] = ''
# Username for connection to VMware ESX/VC host. (string value)
default['openstack']['compute']['vmware']['host_username'] = ''
# Name of a VMware Cluster ComputeResource. Used only if compute_driver is vmwareapi.VMwareVCDriver. (multi valued)
default['openstack']['compute']['vmware']['cluster_name'] = []
# Regex to match the name of a datastore. (string value)
default['openstack']['compute']['vmware']['datastore_regex'] = nil
# The interval used for polling of remote tasks. (floating point value, default 0.5)
default['openstack']['compute']['vmware']['task_poll_interval'] = 0.5
# The number of times we retry on failures, e.g., socket error, etc. (integer value, default 10)
default['openstack']['compute']['vmware']['api_retry_count'] = 10
# VNC starting port (integer value, default 5900)
default['openstack']['compute']['vmware']['vnc_port'] = 5900
# Total number of VNC ports (integer value, default 10000)
default['openstack']['compute']['vmware']['vnc_port_total'] = 10000
# Whether to use linked clone (boolean value, default true)
default['openstack']['compute']['vmware']['use_linked_clone'] = true
# Physical ethernet adapter name for vlan networking (string value, default vmnic0)
default['openstack']['compute']['vmware']['vlan_interface'] = 'vmnic0'
# Optional VIM Service WSDL Location, you must specify this location of the WSDL files when you try to connect vSphere vCenter versions 5.0 and earlier.
default['openstack']['compute']['vmware']['wsdl_location'] = nil
# The maximum number of ObjectContent data objects that should be returned in a single result. (integer value, default 100)
default['openstack']['compute']['vmware']['maximum_objects'] = 100
# Name of Integration Bridge (string value, default br-int)
default['openstack']['compute']['vmware']['integration_bridge'] = 'br-int'
# Ironic options
default['openstack']['compute']['bare-metal']['admin_username'] = 'ironic'
default['openstack']['compute']['bare-metal']['admin_tenant_name'] = 'service'
# Keymgr options
default['openstack']['compute']['keymgr']['api_class'] = 'nova.keymgr.conf_key_mgr.ConfKeyManager'
default['openstack']['compute']['keymgr']['fixed_key'] = nil
# Boolean to decide whether to use baremetal_scheduler_default_filters or not.
default['openstack']['compute']['scheduler']['use_baremetal_filters'] = false
default['openstack']['compute']['scheduler']['baremetal_default_filters'] = %w(
RetryFilter
AvailabilityZoneFilter
ComputeFilter
ComputeCapabilitiesFilter
ImagePropertiesFilter
ExactRamFilter
ExactDiskFilter
ExactCoreFilter)
# For true case, this logic allows the following ironic-related attribtes to be overwritten automatically.
if node['openstack']['compute']['scheduler']['use_baremetal_filters']
default['openstack']['compute']['driver'] = 'nova.virt.ironic.IronicDriver'
default['openstack']['compute']['manager'] = 'ironic.nova.compute.manager.ClusteredComputeManager'
default['openstack']['compute']['scheduler']['scheduler_host_manager'] = 'nova.scheduler.ironic_host_manager.IronicHostManager'
default['openstack']['compute']['config']['ram_allocation_ratio'] = 1.0
default['openstack']['compute']['config']['reserved_host_memory_mb'] = 0
end
# Lock the version of RPC messages and allow live upgrading of the services
# without interruption caused by version mismatch.
# The configuration options allow the specification of RPC version numbers if desired,
# but release name alias are also supported.
# options e.g.:
# default['openstack']['compute']['upgrade_levels'] = {
# 'baseapi' => 'liberty',
# 'console' => 'liberty',
# 'consoleauth' => 'liberty',
# 'cert' => 'liberty',
# 'scheduler' => 'liberty',
# 'compute' => 'liberty',
# 'intercell' => 'liberty',
# 'conductor' => '2.0',
# 'network' => '3.0',
# 'cells' => 'liberty'
# }
# choose the needed ones to set
default['openstack']['compute']['upgrade_levels'] = nil
# Docker configurations
# Docker compute configuration is supported only in Rhel and Ubuntu
# This is to be true to make a compute docker type and use nova docker driver as compute driver
default['openstack']['compute']['docker']['enable'] = false
default['openstack']['compute']['docker']['enable'] = false
# The nova docker driver that will be configured in a docker type compute
default['openstack']['compute']['docker']['driver'] = 'novadocker.virt.docker.driver.DockerDriver'
# Additional python packages required for nova docker driver build and installation from git source
@ -716,8 +237,56 @@ default['openstack']['compute']['docker']['service_sock_mode'] = 666
# Docker group which will be created and added with openstack compute user
default['openstack']['compute']['docker']['group'] = 'docker'
# Serial console configurations
# Enable serial console related features
default['openstack']['compute']['serial_console']['enable'] = 'False'
# Range of TCP ports to use for serial ports on compute hosts
default['openstack']['compute']['serial_console']['port_range'] = '10000:20000'
# ****************** OpenStack Compute Endpoints ******************************
# The OpenStack Compute (Nova) XVPvnc endpoint
%w(compute-xvpvnc-bind compute-xvpvnc compute-novnc-bind compute-novnc
compute-ec2-admin-bind compute-ec2 compute-metadata-api compute-vnc-bind
compute-vnc compute-vnc-proxy-bind compute-metadata-api-bind
compute-api-bind compute-api compute-ec2-api-bind compute-ec2-api
compute-serial-console-bind compute-serial-proxy).each do |service|
%w(public internal admin).each do |type|
default['openstack']['endpoints'][service][type]['host'] = '127.0.0.1'
default['openstack']['endpoints'][service][type]['port'] = '6081'
default['openstack']['endpoints'][service][type]['bind_interface'] = '127.0.0.1'
default['openstack']['endpoints'][service][type]['scheme'] = 'http'
default['openstack']['endpoints'][service][type]['path'] = '/console'
default['openstack']['endpoints'][service][type]['bind_interface'] = nil
end
end
%w(public internal admin).each do |type|
default['openstack']['endpoints']['compute-api'][type]['port'] = '8774'
default['openstack']['endpoints']['compute-api'][type]['path'] = '/v2/%(tenant_id)s'
# The OpenStack Compute (Nova) novnc endpoint
default['openstack']['endpoints']['compute-novnc-bind'][type]['port'] = '6080'
default['openstack']['endpoints']['compute-novnc'][type]['port'] = '6080'
default['openstack']['endpoints']['compute-novnc'][type]['path'] = '/vnc_auto.html'
# The OpenStack Compute (Nova) EC2 Admin API endpoint
default['openstack']['endpoints']['compute-ec2-admin-bind'][type]['port'] = '8773'
default['openstack']['endpoints']['compute-ec2']['admin']['port'] = '8773'
default['openstack']['endpoints']['compute-ec2']['admin']['path'] = '/services/Admin'
default['openstack']['endpoints']['compute-metadata-api'][type]['port'] = '8775'
default['openstack']['endpoints']['compute-metadata-api'][type]['path'] = nil
default['openstack']['endpoints']['compute-vnc'][type]['scheme'] = nil
default['openstack']['endpoints']['compute-vnc'][type]['port'] = nil
default['openstack']['endpoints']['compute-vnc'][type]['path'] = nil
# The OpenStack Compute (Nova) metadata API endpoint
default['openstack']['endpoints']['compute-metadata-api-bind'][type]['port'] = '8775'
# The OpenStack Compute (Nova) Native API endpoint
default['openstack']['endpoints']['compute-api-bind'][type]['port'] = '8774'
# The OpenStack Compute (Nova) EC2 API endpoint
default['openstack']['endpoints']['compute-ec2-api-bind'][type]['port'] = '8773'
default['openstack']['endpoints']['compute-ec2-api'][type]['port'] = '8773'
default['openstack']['endpoints']['compute-ec2-api'][type]['path'] = '/services/Cloud'
# The OpenStack Compute (Nova) serial proxy endpoint
default['openstack']['endpoints']['compute-serial-proxy'][type]['scheme'] = 'ws'
default['openstack']['endpoints']['compute-serial-proxy'][type]['port'] = '6083'
default['openstack']['endpoints']['compute-serial-proxy'][type]['path'] = '/'
end

59
attributes/nova_conf.rb Normal file
View File

@ -0,0 +1,59 @@
default['openstack']['compute']['conf_secrets'] = {}
default['openstack']['compute']['conf'].tap do |conf|
# [DEFAULT] section
conf['DEFAULT']['log_dir'] = '/var/log/nova'
conf['DEFAULT']['state_path'] = '/var/lib/nova'
conf['DEFAULT']['compute_driver'] = 'libvirt.LibvirtDriver'
conf['DEFAULT']['auth_version'] = node['openstack']['api']['auth']['version']
conf['DEFAULT']['rpc_backend'] = node['openstack']['mq']['service_type']
conf['DEFAULT']['instances_path'] = "#{node['openstack']['compute']['conf']['DEFAULT']['state_path']}/instances"
conf['DEFAULT']['enabled_apis'] = 'ec2,osapi_compute'
if node['openstack']['compute']['syslog']['use'] #= false
conf['DEFAULT']['log_config'] = '/etc/openstack/logging.conf'
end
conf['DEFAULT']['network_api_class'] = 'nova.network.neutronv2.api.API' # nova.network.api.API
conf['DEFAULT']['linuxnet_interface_driver'] = 'nova.network.linux_net.LinuxOVSInterfaceDriver'
conf['DEFAULT']['firewall_driver'] = 'nova.virt.firewall.NoopFirewallDriver'
conf['DEFAULT']['security_group_api'] = 'neutron'
conf['DEFAULT']['default_floating_pool'] = 'public' # not listed
conf['DEFAULT']['dns_server'] = '8.8.8.8' # [] in docs
# [keystone_authtoken]
conf['keystone_authtoken']['signing_dir'] = '/var/cache/nova/api'
conf['keystone_authtoken']['auth_plugin'] = 'v2password'
conf['keystone_authtoken']['region_name'] = node['openstack']['region']
conf['keystone_authtoken']['username'] = 'nova'
conf['keystone_authtoken']['tenant_name'] = 'service'
# [libvirt]
conf['libvirt']['virt_type'] = 'kvm'
conf['libvirt']['images_type'] = 'default'
if node['openstack']['compute']['conf']['libvirt']['images_type'] == 'lvm'
conf['libvirt']['images_volume_group'] = nil
conf['libvirt']['sparse_logical_volumes'] = false
elsif node['openstack']['compute']['conf']['libvirt']['images_type'] == 'rbd'
conf['libvirt']['images_rbd_pool'] = 'instances'
conf['libvirt']['images_rbd_ceph_conf'] = '/etc/ceph/ceph.conf' # nil
conf['libvirt']['rbd_user'] = 'cinder' # none
conf['libvirt']['rbd_secret_uuid'] = node['openstack']['compute']['libvirt']['rbd']['cinder']['secret_uuid']
end
# [neutron]
conf['neutron']['auth_plugin'] = 'v2password'
conf['neutron']['region_name'] = node['openstack']['region']
conf['neutron']['username'] = 'neutron'
conf['neutron']['tenant_name'] = 'service'
conf['neutron']['service_metadata_proxy'] = true
# [cinder] section
conf['cinder']['os_region_name'] = node['openstack']['region']
# [oslo_concurrency] section
conf['oslo_concurrency']['lock_path'] = "#{node['openstack']['compute']['conf']['DEFAULT']['state_path']}/lock"
end

148
files/default/add_floaters.py
View File

@ -1,148 +0,0 @@
#! /usr/bin/env python
# vim: tabstop=4 shiftwidth=4 softtabstop=4
# Copyright 2013 AT&T Services, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import argparse
import subprocess
import netaddr
DESCRIPTION = "A `nova-manage floating create` and `neutron net create` wrapper."
class FloatingAddress(object):
"""
A simple wrapper class for creating networks. Often
times there are reserved addresses at the start of a
network, nova-manage doesn't account for this.
TODO(retr0h): This should really be added to nova-manage.
TODO(jaypipes): Instead of subprocess calls, just use the neutronclient
"""
def __init__(self, args):
self._args = args
def nova_add_cidr(self, cidr):
"""
Validates the provided cider address, and passes it to nova-manage.
:param cidr: A string containing a valid CIDR address.
"""
netaddr.IPNetwork(cidr)
self.nova_add_floating(cidr)
def nova_add_range(self, start, end):
"""
Takes a start and end range, and creates individual host addresses.
:param start: A string containing the start of the range.
:param end: A string containing the end of the range.
"""
ip_list = list(netaddr.iter_iprange(start, end))
for ip in ip_list:
self.nova_add_floating(ip)
def nova_add_floating(self, ip):
cmd = "nova-manage floating create --ip_range={0}".format(ip)
if self._args.pool:
cmd += ' --pool={0}'.format(self._args.pool)
if self._args.interface:
cmd += ' --interface={0}'.format(self._args.interface)
subprocess.check_call(cmd, shell=True)
def neutron_add_floating(self, cidr):
# convert cidr string to IPNetwork object
cidr = netaddr.IPNetwork(cidr)
# ensure we have a public network and we only ever create one
cmd = "NETLIST=$(neutron net-list -c name); if [ $? -eq 0 ]; then if ! echo $NETLIST | grep -q %s; then neutron net-create %s -- --router:external=True; fi; fi;" % (self._args.pool, self._args.pool)
try:
subprocess.check_call(cmd, shell=True)
except:
# we failed to query the quanutm api, we'll ignore this error
# and return now so any surrounding chef runs can continue
# since this script may actually be running on the neutron api
print "ERROR: Failed to query the neutron api for the public network"
return
cmd = "neutron subnet-list -Fcidr -fcsv --quote=none | grep '%s'" % cidr
res = subprocess.call(cmd, shell=True)
if res == 0:
# Subnet has already been created...
return
# calculate the start and end values
ip_start = cidr.ip
ip_end = netaddr.IPAddress(cidr.last-1)
# create a new subnet
cmd = "neutron subnet-create --allocation-pool start=%s,end=%s %s %s -- --enable_dhcp=False" % \
(ip_start, ip_end, self._args.pool, cidr)
subprocess.check_call(cmd, shell=True)
def parse_args():
ap = argparse.ArgumentParser(description=DESCRIPTION)
subparsers = ap.add_subparsers(help='sub-command help', dest='subparser_name')
# create the parser for the "nova" command
parser_nova = subparsers.add_parser('nova', help='Use Nova Backend')
parser_nova.add_argument('--pool',
required=True,
help="Name of the floating pool")
parser_nova.add_argument('--interface',
required=False,
help="Network interface to bring the floating "
"addresses up on")
group = parser_nova.add_mutually_exclusive_group(required=True)
group.add_argument('--cidr',
help="A CIDR notation of addresses to add "
"(e.g. 192.168.0.0/24)")
group.add_argument('--ip-range',
help="A range of addresses to add "
"(e.g. 192.168.0.10,192.168.0.50)")
# create the parser for the "neutron command"
parser_neutron = subparsers.add_parser('neutron', help='Use Neutron Backend')
parser_neutron.add_argument('--cidr',
required=True,
help="A CIDR notation of addresses to add "
"(e.g. 192.168.0.11/24 to start at .11 "
"and end at .254)")
parser_neutron.add_argument('--pool',
required=True,
help="Name of the public network")
return ap.parse_args()
if __name__ == '__main__':
args = parse_args()
fa = FloatingAddress(args)
if args.subparser_name == 'nova':
if args.cidr:
fa.nova_add_cidr(args.cidr)
elif args.ip_range:
start, end = args.ip_range.split(',')
fa.nova_add_range(start, end)
elif args.subparser_name == 'neutron':
fa.neutron_add_floating(args.cidr)

13
metadata.rb
View File

@ -4,7 +4,7 @@ maintainer_email 'openstack-dev@lists.openstack.org'
license 'Apache 2.0'
description 'The OpenStack Compute service Nova.'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version '12.0.0'
version '13.0.0'
recipe 'openstack-compute::api-ec2', 'Installs AWS EC2 compatible API'
recipe 'openstack-compute::api-metadata', 'Installs the nova metadata package'
@ -23,15 +23,14 @@ recipe 'openstack-compute::scheduler', 'Installs nova scheduler service'
recipe 'openstack-compute::vncproxy', 'Installs and configures the vncproxy service for console access to VMs'
recipe 'openstack-compute::serialproxy', 'Installs and configures the serialproxy service for serial console access to VMs'
%w(ubuntu fedora redhat centos suse).each do |os|
%w(ubuntu redhat centos).each do |os|
supports os
end
depends 'ceph', '>= 0.8.1'
depends 'openstack-bare-metal', '>= 12.0.0'
depends 'openstack-common', '>= 12.0.0'
depends 'openstack-identity', '>= 12.0.0'
depends 'openstack-image', '>= 12.0.0'
depends 'openstack-network', '>= 12.0.0'
depends 'openstack-common', '>= 13.0.0'
depends 'openstack-identity', '>= 13.0.0'
depends 'openstack-image', '>= 13.0.0'
depends 'openstack-network', '>= 13.0.0'
depends 'selinux', '~> 0.9.0'
depends 'python', '~> 1.4.6'

22
recipes/api-ec2.rb
View File

@ -18,7 +18,7 @@
# limitations under the License.
#
class ::Chef::Recipe # rubocop:disable Documentation
class ::Chef::Recipe
include ::Openstack
end
@ -34,23 +34,23 @@ end
platform_options['api_ec2_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
service 'nova-api-ec2' do
service_name platform_options['api_ec2_service']
supports status: true, restart: true
subscribes :restart, resources('template[/etc/nova/nova.conf]')
action :enable
end
template '/etc/nova/api-paste.ini' do
source 'api-paste.ini.erb'
owner node['openstack']['compute']['user']
group node['openstack']['compute']['group']
mode 00644
notifies :restart, 'service[nova-api-ec2]'
end
service 'nova-api-ec2' do
service_name platform_options['api_ec2_service']
supports status: true, restart: true
action [:enable, :start]
subscribes :restart, [
'template[/etc/nova/nova.conf]',
'template[/etc/nova/api-paste.ini]'
]
end

22
recipes/api-metadata.rb
View File

@ -21,7 +21,7 @@
require 'uri'
class ::Chef::Recipe # rubocop:disable Documentation
class ::Chef::Recipe
include ::Openstack
end
@ -37,23 +37,23 @@ end
platform_options['compute_api_metadata_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
service 'nova-api-metadata' do
service_name platform_options['compute_api_metadata_service']
supports status: true, restart: true
subscribes :restart, resources('template[/etc/nova/nova.conf]')
action [:enable, :start]
end
template '/etc/nova/api-paste.ini' do
source 'api-paste.ini.erb'
owner node['openstack']['compute']['user']
group node['openstack']['compute']['group']
mode 00644
notifies :restart, 'service[nova-api-metadata]'
end
service 'nova-api-metadata' do
service_name platform_options['compute_api_metadata_service']
supports status: true, restart: true
action [:enable, :start]
subscribes :restart, [
'template[/etc/nova/nova.conf]',
'template[/etc/nova/api-paste.ini]'
]
end

24
recipes/api-os-compute.rb
View File

@ -18,7 +18,7 @@
# limitations under the License.
#
class ::Chef::Recipe # rubocop:disable Documentation
class ::Chef::Recipe
include ::Openstack
end
@ -26,7 +26,7 @@ include_recipe 'openstack-compute::nova-common'
platform_options = node['openstack']['compute']['platform']
directory ::File.dirname(node['openstack']['compute']['api']['auth']['cache_dir']) do
directory ::File.dirname(node['openstack']['compute']['conf']['keystone_authtoken']['signing_dir']) do
owner node['openstack']['compute']['user']
group node['openstack']['compute']['group']
mode 00700
@ -40,23 +40,23 @@ end
platform_options['api_os_compute_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
service 'nova-api-os-compute' do
service_name platform_options['api_os_compute_service']
supports status: true, restart: true
subscribes :restart, resources('template[/etc/nova/nova.conf]')
action [:enable, :start]
end
template '/etc/nova/api-paste.ini' do
source 'api-paste.ini.erb'
owner node['openstack']['compute']['user']
group node['openstack']['compute']['group']
mode 00644
notifies :restart, 'service[nova-api-os-compute]'
end
service 'nova-api-os-compute' do
service_name platform_options['api_os_compute_service']
supports status: true, restart: true
action [:enable, :start]
subscribes :restart, [
'template[/etc/nova/nova.conf]',
'template[/etc/nova/api-paste.ini]'
]
end

3
recipes/client.rb
View File

@ -18,7 +18,7 @@
# limitations under the License.
#
class ::Chef::Recipe # rubocop:disable Documentation
class ::Chef::Recipe
include ::Openstack
end
@ -26,7 +26,6 @@ platform_options = node['openstack']['compute']['platform']
platform_options['compute_client_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end

39
recipes/compute.rb
View File

@ -19,7 +19,7 @@
# limitations under the License.
#
class ::Chef::Recipe # rubocop:disable Documentation
class ::Chef::Recipe
include ::Openstack
end
@ -28,41 +28,20 @@ if node['openstack']['compute']['docker']['enable']
end
include_recipe 'openstack-compute::nova-common'
if node['openstack']['compute']['enabled_apis'].include?('metadata')
Chef::Log.warn('Attribute enabled_apis contains metadata, this '\
'could result in a timing issue starting the service. '\
'Please remove this value and include the api-metadata '\
'recipe instead')
end
include_recipe 'openstack-compute::network'
platform_options = node['openstack']['compute']['platform']
platform_options['compute_compute_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
virt_type = node['openstack']['compute']['libvirt']['virt_type']
virt_type = node['openstack']['compute']['conf']['libvirt']['virt_type']
platform_options["#{virt_type}_compute_packages"].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
# Installing nfs client packages because in grizzly, cinder nfs is supported
# Never had to install iscsi packages because nova-compute package depends it
# So volume-attach 'just worked' before - alop
platform_options['nfs_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
@ -71,19 +50,18 @@ end
platform_options['volume_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
# TODO: (jklare) this has to be refactored!!!
cookbook_file '/etc/nova/nova-compute.conf' do
source 'nova-compute.conf'
mode 00644
action :create
end
directory node['openstack']['compute']['instances_path'] do
directory node['openstack']['compute']['conf']['DEFAULT']['instances_path'] do
owner node['openstack']['compute']['user']
group node['openstack']['compute']['group']
mode 00755
@ -93,7 +71,7 @@ end
include_recipe 'openstack-compute::libvirt'
docker_filter_source_path = node['openstack']['compute']['docker']['filter_source_path']
install_directory = "#{Chef::Config['file_cache_path']}/nova-docker"
install_directory = "#{Chef::Config['file_cache_path']}/nova-docker"
docker_group = node['openstack']['compute']['docker']['group']
docker_group_members = node['openstack']['compute']['service_user']
filter_target_path = docker_filter_source_path + '/docker.filters'
@ -118,8 +96,9 @@ end
service 'nova-compute' do
service_name platform_options['compute_compute_service']
supports status: true, restart: true
subscribes :restart, resources('template[/etc/nova/nova.conf]')
subscribes :restart, resources('file[docker.filter]')
action [:enable, :start]
subscribes :restart, [
'template[/etc/nova/nova.conf]',
'file[docker.filter]'
]
end

2
recipes/conductor.rb
View File

@ -33,6 +33,6 @@ end
service 'nova-conductor' do
service_name platform_options['compute_conductor_service']
supports status: true, restart: true
subscribes :restart, resources('template[/etc/nova/nova.conf]')
action [:enable, :start]
subscribes :restart, 'template[/etc/nova/nova.conf]'
end

3
recipes/docker-setup.rb
View File

@ -32,7 +32,6 @@ pip_build_pkgs = node['openstack']['compute']['docker']['pip_build_pkgs']
platform_options['docker_build_pkgs'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
@ -47,7 +46,7 @@ end
# Below code downloads docker driver from configured git repo and branch
github_repository = node['openstack']['compute']['docker']['github']['repository']
github_branch = node['openstack']['compute']['docker']['github']['branch']
git_download_directory = "#{Chef::Config['file_cache_path']}/nova-docker"
git_download_directory = "#{Chef::Config['file_cache_path']}/nova-docker"
git git_download_directory do
repository github_repository

21
recipes/identity_registration.rb
View File

@ -21,27 +21,27 @@
require 'uri'
class ::Chef::Recipe # rubocop:disable Documentation
class ::Chef::Recipe
include ::Openstack
end
identity_admin_endpoint = admin_endpoint 'identity-admin'
identity_admin_endpoint = admin_endpoint 'identity'
bootstrap_token = get_password 'token', 'openstack_identity_bootstrap_token'
auth_uri = ::URI.decode identity_admin_endpoint.to_s
service_pass = get_password 'service', 'openstack-compute'
service_user = node['openstack']['compute']['service_user']
service_user = node['openstack']['compute']['conf']['keystone_authtoken']['username']
service_role = node['openstack']['compute']['service_role']
service_tenant_name = node['openstack']['compute']['service_tenant_name']
service_tenant_name = node['openstack']['compute']['conf']['keystone_authtoken']['tenant_name']
public_nova_api_endpoint = public_endpoint 'compute-api'
admin_nova_api_endpoint = admin_endpoint 'compute-api'
internal_nova_api_endpoint = internal_endpoint 'compute-api'
# TBD, another clean up opportunity. We could use the 'admin', and
# 'internal' endpoints for a single service name. For now, we'll
# leave the old names in place.
ec2_admin_endpoint = admin_endpoint 'compute-ec2-admin'
ec2_admin_endpoint = admin_endpoint 'compute-ec2'
ec2_public_endpoint = public_endpoint 'compute-ec2-api'
ec2_internal_endpoint = internal_endpoint 'compute-ec2-api'
region = node['openstack']['compute']['region']
region = node['openstack']['region']
# Register Service Tenant
openstack_identity_register 'Register Service Tenant' do
@ -49,7 +49,6 @@ openstack_identity_register 'Register Service Tenant' do
bootstrap_token bootstrap_token
tenant_name service_tenant_name
tenant_description 'Service Tenant'
action :create_tenant
end
@ -60,7 +59,6 @@ openstack_identity_register 'Register Service User' do
tenant_name service_tenant_name
user_name service_user
user_pass service_pass
action :create_user
end
@ -71,7 +69,6 @@ openstack_identity_register "Grant 'admin' Role to Service User for Service Tena
tenant_name service_tenant_name
user_name service_user
role_name service_role
action :grant_role
end
@ -82,7 +79,6 @@ openstack_identity_register 'Register Compute Service' do
service_name 'nova'
service_type 'compute'
service_description 'Nova Compute Service'
action :create_service
end
@ -95,11 +91,10 @@ openstack_identity_register 'Register Compute Endpoint' do
endpoint_adminurl ::URI.decode admin_nova_api_endpoint.to_s
endpoint_internalurl ::URI.decode internal_nova_api_endpoint.to_s
endpoint_publicurl ::URI.decode public_nova_api_endpoint.to_s
action :create_endpoint
end
if node['openstack']['compute']['enabled_apis'].include?('ec2')
if node['openstack']['compute']['conf']['DEFAULT']['enabled_apis'].include?('ec2')
# Register EC2 Service
openstack_identity_register 'Register EC2 Service' do
auth_uri auth_uri
@ -107,7 +102,6 @@ if node['openstack']['compute']['enabled_apis'].include?('ec2')
service_name 'ec2'
service_type 'ec2'
service_description 'EC2 Compatibility Layer'
action :create_service
end
@ -120,7 +114,6 @@ if node['openstack']['compute']['enabled_apis'].include?('ec2')
endpoint_adminurl ::URI.decode ec2_admin_endpoint.to_s
endpoint_internalurl ::URI.decode ec2_internal_endpoint.to_s
endpoint_publicurl ::URI.decode ec2_public_endpoint.to_s
action :create_endpoint
end
end

93
recipes/libvirt.rb
View File

@ -30,9 +30,10 @@ platform_options['libvirt_packages'].each do |pkg|
end
end
def update_grub_default_kernel(flavor = 'default') # rubocop:disable MethodLength
# TODO: (jklare) methods do not belong in recipes, this has to be moved!
def update_grub_default_kernel(flavor = 'default')
default_boot = 0
current_default = nil
current_default = nil
# parse menu.lst, to find boot index for selected flavor
File.open('/boot/grub/menu.lst') do |f|
@ -60,19 +61,19 @@ def update_grub_default_kernel(flavor = 'default') # rubocop:disable MethodLengt
end
end
def update_grub2_default_kernel(flavor = 'default')
boot_entry = "'openSUSE GNU/Linux, with Xen hypervisor'"
begin
Mixlib::ShellOut.new("grub2-set-default #{boot_entry}").run_command.error!
::Chef::Log.info("Changed grub2 default to #{boot_entry}")
rescue Mixlib::ShellOut::ShellCommandFailed => e
::Chef::Application.fatal!(
"Unable to change grub2 default to #{boot_entry}
#{e.message}")
end
end
# def update_grub2_default_kernel(flavor = 'default')
# boot_entry = "'openSUSE GNU/Linux, with Xen hypervisor'"
# begin
# Mixlib::ShellOut.new("grub2-set-default #{boot_entry}").run_command.error!
# ::Chef::Log.info("Changed grub2 default to #{boot_entry}")
# rescue Mixlib::ShellOut::ShellCommandFailed => e
# ::Chef::Application.fatal!(
# "Unable to change grub2 default to #{boot_entry}
# #{e.message}")
# end
# end
def update_boot_kernel_and_trigger_reboot(flavor = 'default') # rubocop:disable MethodLength
def update_boot_kernel_and_trigger_reboot(flavor = 'default')
# only default and xen flavor is supported by this helper right now
if File.exist?('/boot/grub/menu.lst')
update_grub_default_kernel(flavor)
@ -90,86 +91,34 @@ def update_boot_kernel_and_trigger_reboot(flavor = 'default') # rubocop:disable
end
end
# on suse nova-compute don't depends on any virtualization mechanism
case node['platform_family']
when 'suse'
case node['openstack']['compute']['libvirt']['virt_type']
when 'kvm'
node['openstack']['compute']['platform']['kvm_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
execute 'loading kvm modules' do
command 'grep -q vmx /proc/cpuinfo && /sbin/modprobe kvm-intel; grep -q svm /proc/cpuinfo && /sbin/modprobe kvm-amd; /sbin/modprobe vhost-net'
end
# NOTE(saschpe): Allow switching from XEN to KVM:
update_boot_kernel_and_trigger_reboot
when 'xen'
node['openstack']['compute']['platform']['xen_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
update_boot_kernel_and_trigger_reboot('xen')
when 'qemu'
node['openstack']['compute']['platform']['kvm_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
when 'lxc'
node['openstack']['compute']['platform']['lxc_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
service 'boot.cgroup' do
action [:enable, :start]
end
end
end
group node['openstack']['compute']['libvirt']['group'] do
append true
members [node['openstack']['compute']['group']]
action :create
only_if { platform_family? %w(suse fedora rhel) }
only_if { platform_family? %w(rhel) }
end
# http://fedoraproject.org/wiki/Getting_started_with_OpenStack_EPEL#Installing_within_a_VM
# ln -s /usr/libexec/qemu-kvm /usr/bin/qemu-system-x86_64
link '/usr/bin/qemu-system-x86_64' do
to '/usr/libexec/qemu-kvm'
only_if { platform_family? %w(fedora rhel) }
only_if { platform_family? %w(rhel) }
end
service 'dbus' do
service_name platform_options['dbus_service']
supports status: true, restart: true
action [:enable, :start]
end
service 'libvirt-bin' do
service_name platform_options['libvirt_service']
supports status: true, restart: true
action [:enable, :start]
end
execute 'Deleting default libvirt network' do
command 'virsh net-destroy default'
only_if 'virsh net-list | grep -q default'
end
@ -183,9 +132,7 @@ template '/etc/libvirt/libvirtd.conf' do
auth_tcp: node['openstack']['compute']['libvirt']['auth_tcp'],
libvirt_group: node['openstack']['compute']['libvirt']['group']
)
notifies :restart, 'service[libvirt-bin]', :immediately
not_if { platform_family? 'suse' }
end
template '/etc/default/libvirt-bin' do
@ -193,9 +140,7 @@ template '/etc/default/libvirt-bin' do
owner 'root'
group 'root'
mode 00644
notifies :restart, 'service[libvirt-bin]', :immediately
only_if { platform_family? 'debian' }
end
@ -204,10 +149,8 @@ template '/etc/sysconfig/libvirtd' do
owner 'root'
group 'root'
mode 00644
notifies :restart, 'service[libvirt-bin]', :immediately
only_if { platform_family? %w(fedora rhel) }
only_if { platform_family? %w(rhel) }
end
volume_backend = node['openstack']['compute']['libvirt']['volume_backend']

10
recipes/libvirt_rbd.rb
View File

@ -18,16 +18,16 @@
# limitations under the License.
#
class ::Chef::Recipe # rubocop:disable Documentation
class ::Chef::Recipe
include ::Openstack
end
include_recipe 'ceph'
ceph_user = node['openstack']['compute']['libvirt']['rbd']['cinder']['user']
ceph_user = node['openstack']['compute']['libvirt']['rbd']['cinder']['user'] # ['conf']['libvirt']['rbd_user']
cinder_pool = node['openstack']['compute']['libvirt']['rbd']['cinder']['pool']
nova_pool = node['openstack']['compute']['libvirt']['rbd']['nova']['pool']
glance_pool = node['openstack']['compute']['libvirt']['rbd']['glance']['pool']
nova_pool = node['openstack']['compute']['conf']['DEFAULT']['images_rbd_pool']
glance_pool = node['openstack']['compute']['libvirt']['rbd']['glance']['pool']
secret_uuid = node['openstack']['compute']['libvirt']['rbd']['cinder']['secret_uuid']
ceph_keyname = "client.#{ceph_user}"
@ -56,7 +56,7 @@ template '/tmp/secret.xml' do
mode '00600'
variables(
uuid: secret_uuid,
client_name: node['openstack']['compute']['libvirt']['rbd']['cinder']['user']
client_name: ceph_user
)
not_if "virsh secret-list | grep #{secret_uuid}"
end

53
recipes/network.rb
View File

@ -1,53 +0,0 @@
# encoding: UTF-8
#
# Cookbook Name:: openstack-compute
# Recipe:: network
#
# Copyright 2012, Rackspace US, Inc.
# Copyright 2013, Craig Tracey <craigtracey@gmail.com>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'openstack-compute::nova-common'
platform_options = node['openstack']['compute']['platform']
# the only type of network we process here is nova, otherwise for
# neutron, the network will be setup by the inclusion of
# openstack-network recipes
if node['openstack']['compute']['network']['service_type'] == 'nova'
platform_options['compute_network_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
service 'nova-network' do
service_name platform_options['compute_network_service']
supports status: true, restart: true
subscribes :restart, resources('template[/etc/nova/nova.conf]')
action :enable
end
else
node['openstack']['compute']['network']['plugins'].each do |plugin|
include_recipe "openstack-network::#{plugin}"
end
end

6
recipes/nova-cert.rb
View File

@ -25,7 +25,6 @@ platform_options = node['openstack']['compute']['platform']
platform_options['compute_cert_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
@ -33,7 +32,6 @@ end
service 'nova-cert' do
service_name platform_options['compute_cert_service']
supports status: true, restart: true
subscribes :restart, resources('template[/etc/nova/nova.conf]')
action :enable
action [:enable, :start]
subscribes :restart, 'template[/etc/nova/nova.conf]'
end

187
recipes/nova-common.rb
View File

@ -18,11 +18,11 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'uri'
class ::Chef::Recipe # rubocop:disable Documentation
# Make Openstack object available in Chef::Recipe
class ::Chef::Recipe
include ::Openstack
end
@ -60,14 +60,14 @@ directory '/etc/nova' do
action :create
end
directory node['openstack']['compute']['state_path'] do
directory node['openstack']['compute']['conf']['DEFAULT']['state_path'] do
owner node['openstack']['compute']['user']
group node['openstack']['compute']['group']
mode 00755
recursive true
end
directory node['openstack']['compute']['lock_path'] do
directory node['openstack']['compute']['conf']['oslo_concurrency']['lock_path'] do
owner node['openstack']['compute']['user']
group node['openstack']['compute']['group']
mode 00755
@ -76,18 +76,23 @@ end
db_user = node['openstack']['db']['compute']['username']
db_pass = get_password 'db', 'nova'
sql_connection = db_uri('compute', db_user, db_pass)
node.default['openstack']['compute']['conf_secrets']
.[]('database')['connection'] =
db_uri('compute', db_user, db_pass)
if node['openstack']['endpoints']['db']['enabled_slave']
slave_connection = db_uri('compute', db_user, db_pass, true)
node.default['openstack']['compute']['conf_secrets']
.[]('database')['slave_connection'] =
db_uri('compute', db_user, db_pass, true)
end
mq_service_type = node['openstack']['mq']['compute']['service_type']
if mq_service_type == 'rabbitmq'
node['openstack']['mq']['compute']['rabbit']['ha'] && (rabbit_hosts = rabbit_servers)
mq_password = get_password 'user', node['openstack']['mq']['compute']['rabbit']['userid']
elsif mq_service_type == 'qpid'
mq_password = get_password 'user', node['openstack']['mq']['compute']['qpid']['username']
if node['openstack']['compute']['conf']['DEFAULT']['rpc_backend'] == 'rabbit'
user = node['openstack']['mq']['compute']['rabbit']['userid']
node.default['openstack']['compute']['conf_secrets']
.[]('oslo_messaging_rabbit')['rabbit_userid'] = user
node.default['openstack']['compute']['conf_secrets']
.[]('oslo_messaging_rabbit')['rabbit_password'] =
get_password 'user', user
end
memcache_servers = memcached_servers.join ','
@ -96,47 +101,100 @@ memcache_servers = memcached_servers.join ','
# Note that the bind and vnc endpoints don't have possible different values for
# internal/admin/public. We'll stick with the general endpoint routine
# for those.
identity_endpoint = internal_endpoint 'identity-internal'
xvpvnc_endpoint = endpoint 'compute-xvpvnc' || {}
xvpvnc_bind = endpoint 'compute-xvpvnc-bind' || {}
novnc_endpoint = endpoint 'compute-novnc' || {}
novnc_bind = endpoint 'compute-novnc-bind' || {}
vnc_bind = endpoint 'compute-vnc-bind' || {}
vnc_proxy_bind = endpoint 'compute-vnc-proxy-bind' || {}
compute_api_bind = endpoint 'compute-api-bind' || {}
compute_api_endpoint = internal_endpoint 'compute-api' || {}
compute_metadata_api_bind = endpoint 'compute-metadata-api-bind' || {}
ec2_api_bind = endpoint 'compute-ec2-api-bind' || {}
ec2_public_endpoint = public_endpoint 'compute-ec2-api' || {}
serial_console_bind = endpoint 'compute-serial-console-bind' || {}
serial_proxy_endpoint = endpoint 'compute-serial-proxy' || {}
network_endpoint = internal_endpoint 'network-api' || {}
image_endpoint = internal_endpoint 'image-api'
ironic_endpoint = internal_endpoint 'bare-metal-api'
ironic_admin_password = get_password 'service', 'openstack-bare-metal'
identity_endpoint = public_endpoint 'identity'
xvpvnc_endpoint = public_endpoint 'compute-xvpvnc'
xvpvnc_bind = public_endpoint 'compute-xvpvnc-bind'
novnc_endpoint = public_endpoint 'compute-novnc'
novnc_bind = public_endpoint 'compute-novnc-bind'
vnc_bind = public_endpoint 'compute-vnc-bind'
vnc_proxy_bind = public_endpoint 'compute-vnc-proxy-bind'
compute_api_bind = public_endpoint 'compute-api-bind'
compute_api_endpoint = internal_endpoint 'compute-api'
compute_metadata_api_bind = public_endpoint 'compute-metadata-api-bind'
ec2_api_bind = public_endpoint 'compute-ec2-api-bind'
ec2_public_endpoint = public_endpoint 'compute-ec2-api'
serial_console_bind = public_endpoint 'compute-serial-console-bind'
serial_proxy_endpoint = public_endpoint 'compute-serial-proxy'
network_endpoint = internal_endpoint 'network'
image_endpoint = internal_endpoint 'image_api'
Chef::Log.debug("openstack-compute::nova-common:identity_endpoint|#{identity_endpoint}")
Chef::Log.debug("openstack-compute::nova-common:identity_public_endpoint|#{identity_endpoint}")
Chef::Log.debug("openstack-compute::nova-common:xvpvnc_endpoint|#{xvpvnc_endpoint}")
Chef::Log.debug("openstack-compute::nova-common:novnc_endpoint|#{novnc_endpoint}")
Chef::Log.debug("openstack-compute::nova-common:compute_api_endpoint|#{::URI.decode compute_api_endpoint.to_s}")
Chef::Log.debug("openstack-compute::nova-common:ec2_public_endpoint|#{ec2_public_endpoint}")
Chef::Log.debug("openstack-compute::nova-common:network_endpoint|#{network_endpoint}")
Chef::Log.debug("openstack-compute::nova-common:image_endpoint|#{image_endpoint}")
Chef::Log.debug("openstack-compute::nova-common:ironic_endpoint|#{ironic_endpoint}")
# Chef::Log.debug("openstack-compute::nova-common:ironic_endpoint|#{ironic_endpoint}")
if node['openstack']['compute']['network']['service_type'] == 'neutron'
neutron_admin_password = get_password 'service', 'openstack-network'
neutron_metadata_proxy_shared_secret = get_password 'token', 'neutron_metadata_secret'
if node['openstack']['compute']['conf']['neutron']['auth_plugin'] == 'v2password'
node.default['openstack']['compute']['conf_secrets']
.[]('neutron')['password'] =
get_password 'service', 'openstack-network'
end
node.default['openstack']['compute']['conf_secrets']
.[]('neutron')['metadata_proxy_shared_secret'] =
get_password 'token', 'neutron_metadata_secret'
if node['openstack']['compute']['driver'].split('.').first == 'vmwareapi'
vmware_host_pass = get_password 'token', node['openstack']['compute']['vmware']['secret_name']
node.default['openstack']['compute']['conf_secrets']
.[]('vmware')['host_password'] =
get_password 'token', 'openstack_vmware_secret_name'
end
identity_admin_endpoint = admin_endpoint 'identity-admin'
auth_uri = auth_uri_transform identity_endpoint.to_s, node['openstack']['compute']['api']['auth']['version']
identity_uri = identity_uri_transform(identity_admin_endpoint)
service_pass = get_password 'service', 'openstack-compute'
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['compute']['api']['auth']['version']
node.default['openstack']['compute']['conf_secrets']
.[]('keystone_authtoken')['password'] =
get_password 'service', 'openstack-compute'
node.default['openstack']['compute']['conf'].tap do |conf|
conf['DEFAULT']['ec2_listen'] = ec2_api_bind.host
conf['DEFAULT']['ec2_listen_port'] = ec2_api_bind.port
conf['DEFAULT']['keystone_ec2_url'] = "#{identity_endpoint.scheme}://#{identity_endpoint.host}:#{identity_endpoint.port}/v2.0/ec2tokens"
conf['DEFAULT']['iscsi_helper'] = platform_options['iscsi_helper']
# conf['DEFAULT']['scheduler_default_filters'] = node['openstack']['compute']['scheduler']['default_filters'].join(',')
if node['openstack']['compute']['conf']['DEFAULT']['enabled_apis'].include?('osapi_compute')
conf['DEFAULT']['osapi_compute_listen'] = compute_api_bind.host
conf['DEFAULT']['osapi_compute_listen_port'] = compute_api_bind.port
end
# if node['openstack']['mq']['compute']['rabbit']['ha']
# conf['DEFAULT']['rabbit_hosts'] = rabbit_hosts
# end
conf['DEFAULT']['metadata_listen'] = compute_metadata_api_bind.host
conf['DEFAULT']['metadata_listen_port'] = compute_metadata_api_bind.port
conf['vnc']['novncproxy_base_url'] = novnc_endpoint.to_s
conf['vnc']['xvpvncproxy_base_url'] = xvpvnc_endpoint.to_s
conf['vnc']['xvpvncproxy_host'] = xvpvnc_bind.host
conf['vnc']['xvpvncproxy_port'] = xvpvnc_bind.port
conf['vnc']['novncproxy_host'] = novnc_bind.host
conf['vnc']['novncproxy_port'] = novnc_bind.port
conf['vnc']['vncserver_listen'] = vnc_bind.host
conf['vnc']['vncserver_proxyclient_address'] = vnc_proxy_bind.host
unless memcache_servers.empty?
conf['DEFAULT']['memcached_servers'] = memcache_servers
end
# [keystone_authtoken] section
conf['keystone_authtoken']['auth_url'] = auth_url
# [glance] section
conf['glance']['api_servers'] =
"#{image_endpoint.scheme}://#{image_endpoint.host}:#{image_endpoint.port}"
# [neutron] section
conf['neutron']['url'] =
"#{network_endpoint.scheme}://#{network_endpoint.host}:#{network_endpoint.port}"
conf['neutron']['auth_url'] = identity_endpoint.to_s
# [serial_console] section
conf['serial_console']['base_url'] = "#{serial_proxy_endpoint.scheme}://#{serial_proxy_endpoint.host}:#{serial_proxy_endpoint.port}"
conf['serial_console']['proxyclient_address'] = serial_console_bind.host
end
# merge all config options and secrets to be used in the nova.conf.erb
nova_conf_options = merge_config_options 'compute'
template '/etc/nova/nova.conf' do
source 'nova.conf.erb'
@ -144,49 +202,20 @@ template '/etc/nova/nova.conf' do
group node['openstack']['compute']['group']
mode 00640
variables(
sql_connection: sql_connection,
slave_connection: slave_connection,
novncproxy_base_url: novnc_endpoint.to_s,
xvpvncproxy_base_url: xvpvnc_endpoint.to_s,
xvpvncproxy_bind_host: xvpvnc_bind.host,
xvpvncproxy_bind_port: xvpvnc_bind.port,
novncproxy_bind_host: novnc_bind.host,
novncproxy_bind_port: novnc_bind.port,
vncserver_listen: vnc_bind.host,
vncserver_proxyclient_address: vnc_proxy_bind.host,
memcache_servers: memcache_servers,
mq_service_type: mq_service_type,
mq_password: mq_password,
rabbit_hosts: rabbit_hosts,
identity_endpoint: identity_endpoint,
# TODO(jaypipes): No support here for >1 image API servers
# with the glance_api_servers configuration option...
glance_api_scheme: image_endpoint.scheme,
glance_api_ipaddress: image_endpoint.host,
glance_api_port: image_endpoint.port,
iscsi_helper: platform_options['iscsi_helper'],
scheduler_default_filters: node['openstack']['compute']['scheduler']['default_filters'].join(','),
network_endpoint: network_endpoint,
neutron_admin_password: neutron_admin_password,
neutron_metadata_proxy_shared_secret: neutron_metadata_proxy_shared_secret,
compute_api_bind_ip: compute_api_bind.host,
compute_api_bind_port: compute_api_bind.port,
compute_metadata_api_bind_ip: compute_metadata_api_bind.host,
compute_metadata_api_bind_port: compute_metadata_api_bind.port,
ec2_api_bind_ip: ec2_api_bind.host,
ec2_api_bind_port: ec2_api_bind.port,
vmware_host_pass: vmware_host_pass,
auth_uri: auth_uri,
identity_uri: identity_uri,
identity_admin_endpoint: identity_admin_endpoint,
ironic_endpoint: ironic_endpoint,
ironic_admin_password: ironic_admin_password,
service_pass: service_pass,
serial_console_base_url: serial_proxy_endpoint.to_s,
serial_console_proxyclient_address: serial_console_bind.host
service_config: nova_conf_options
)
end
# delete all secrets saved in the attribute
# node['openstack']['compute']['conf_secrets'] after creating the neutron.conf
ruby_block "delete all attributes in node['openstack']['compute']['conf_secrets']" do
block do
node.rm(:openstack, :compute, :conf_secrets)
end
end
template '/etc/nova/rootwrap.conf' do
source 'rootwrap.conf.erb'
# Must be root!

102
recipes/nova-setup.rb
View File

@ -18,7 +18,7 @@
# limitations under the License.
#
class ::Chef::Recipe # rubocop:disable Documentation
class ::Chef::Recipe
include ::Openstack
end
@ -34,103 +34,3 @@ execute 'nova-manage db sync' do
command 'nova-manage db sync'
action :run
end
case node['openstack']['compute']['network']['service_type']
when 'nova'
next_vlan = 100
node['openstack']['compute']['networks'].each do |net|
execute "nova-manage network create --label=#{net['label']}" do
user nova_user
group nova_group
# The only two required keys in each network Hash
# are 'label' and 'ipv4_cidr'.
cmd = "nova-manage network create --label=#{net['label']} --fixed_range_v4=#{net['ipv4_cidr']}"
cmd += " --multi_host='#{net['multi_host']}'" if net.key?('multi_host')
%w(num_networks network_size bridge dns1 dns2).each do |v|
cmd += " --#{v}=#{net[v]}" if net.key?(v)
end
# Older attributes have the key as 'bridge_dev' instead
# of 'bridge_interface'...
if net.key?('bridge_interface') || net.key?('bridge_dev')
val = net.key?('bridge_interface') ? net['bridge_interface'] : net['bridge_dev']
cmd += " --bridge_interface=#{val}"
end
if net.key?('vlan')
cmd += " --vlan=#{net['vlan']}"
elsif node['openstack']['compute']['network']['network_manager'] == 'nova.network.manager.VlanManager'
cmd += " --vlan=#{next_vlan}"
next_vlan += 1
end
command cmd
not_if "nova-manage network list | grep #{net['ipv4_cidr']}", user: nova_user, group: nova_group
action :run
end
end
cookbook_file node['openstack']['compute']['floating_cmd'] do
user 'root'
group 'root'
source 'add_floaters.py'
mode 00755
action :create
end
floating = node['openstack']['compute']['network']['floating']
if floating && (floating['ipv4_cidr'] || floating['ipv4_range'])
cmd = ''
if floating['ipv4_cidr']
cmd = "#{node['openstack']['compute']['floating_cmd']} nova --cidr=#{floating['ipv4_cidr']}"
elsif floating['ipv4_range']
cmd = "#{node['openstack']['compute']['floating_cmd']} nova --ip-range=#{floating['ipv4_range']}"
end
execute 'nova-manage floating create' do
user nova_user
group nova_group
command cmd
not_if "nova-manage floating list |grep -E '.*([0-9]{1,3}[\.]){3}[0-9]{1,3}*'", user: nova_user, group: nova_group
action :run
end
end
when 'neutron'
include_recipe 'openstack-common::openrc'
platform_options = node['openstack']['compute']['platform']
platform_options['neutron_python_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
cookbook_file node['openstack']['compute']['floating_cmd'] do
user 'root'
group 'root'
source 'add_floaters.py'
mode 00755
action :create
end
floating = node['openstack']['compute']['network']['floating']
if floating && floating['ipv4_cidr']
cmd = ". /root/openrc && #{node['openstack']['compute']['floating_cmd']} neutron --cidr=#{floating['ipv4_cidr']} --pool=#{floating['public_network_name']}"
execute 'neutron floating create' do
command cmd
not_if ". /root/openrc && neutron floatingip-list |grep -E '.*([0-9]{1,3}[\.]){3}[0-9]{1,3}*'"
only_if { File.exist?('/root/openrc') }
action :run
end
end
end

4
recipes/scheduler.rb
View File

@ -26,7 +26,6 @@ platform_options = node['openstack']['compute']['platform']
platform_options['compute_scheduler_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
@ -34,7 +33,6 @@ end
service 'nova-scheduler' do
service_name platform_options['compute_scheduler_service']
supports status: true, restart: true
subscribes :restart, resources('template[/etc/nova/nova.conf]')
action [:enable, :start]
subscribes :restart, 'template[/etc/nova/nova.conf]'
end

4
recipes/serialproxy.rb
View File

@ -23,7 +23,6 @@ platform_options = node['openstack']['compute']['platform']
platform_options['compute_serialproxy_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
@ -33,7 +32,6 @@ proxy_service = platform_options['compute_serialproxy_service']
service proxy_service do
service_name proxy_service
supports status: true, restart: true
subscribes :restart, resources('template[/etc/nova/nova.conf]')
action [:enable, :start]
subscribes :restart, 'template[/etc/nova/nova.conf]'
end

7
recipes/vncproxy.rb
View File

@ -26,7 +26,6 @@ platform_options = node['openstack']['compute']['platform']
platform_options['compute_vncproxy_packages'].each do |pkg|
package pkg do
options platform_options['package_overrides']
action :upgrade
end
end
@ -43,15 +42,13 @@ proxy_service = platform_options['compute_vncproxy_service']
service proxy_service do
service_name proxy_service
supports status: true, restart: true
subscribes :restart, resources('template[/etc/nova/nova.conf]')
action [:enable, :start]
subscribes :restart, 'template[/etc/nova/nova.conf]'
end
service 'nova-consoleauth' do
service_name platform_options['compute_vncproxy_consoleauth_service']
supports status: true, restart: true
subscribes :restart, resources('template[/etc/nova/nova.conf]')
action [:enable, :start]
subscribes :restart, 'template[/etc/nova/nova.conf]'
end

6
spec/api-ec2-redhat_spec.rb
View File

@ -16,7 +16,11 @@ describe 'openstack-compute::api-ec2' do
it 'upgrades ec2 api packages' do
expect(chef_run).to upgrade_package 'openstack-nova-api'
end
%w(python-keystoneclient).each do |pkg|
it do
expect(chef_run).to upgrade_package pkg
end
end
it 'starts ec2 api on boot' do
expect(chef_run).to enable_service 'openstack-nova-api'
end

7
spec/api-ec2_spec.rb
View File

@ -12,6 +12,7 @@ describe 'openstack-compute::api-ec2' do
include_examples 'expect_runs_nova_common_recipe'
include_examples 'expect_creates_nova_state_dir'
include_examples 'expect_creates_nova_lock_dir'
include_examples 'expect_creates_api_paste_template'
include_examples 'expect_upgrades_python_keystoneclient'
@ -23,6 +24,10 @@ describe 'openstack-compute::api-ec2' do
expect(chef_run).to enable_service 'nova-api-ec2'
end
expect_creates_api_paste 'service[nova-api-ec2]'
it do
template = chef_run.template('/etc/nova/api-paste.ini')
expect(template).to notify('service[nova-api-ec2]').to(:restart)
end
# expect_creates_api_paste 'service[nova-api-ec2]'
end
end

7
spec/api-metadata_spec.rb
View File

@ -13,6 +13,7 @@ describe 'openstack-compute::api-metadata' do
include_examples 'expect_creates_nova_state_dir'
include_examples 'expect_creates_nova_lock_dir'
include_examples 'expect_upgrades_python_keystoneclient'
include_examples 'expect_creates_api_paste_template'
it 'upgrades metadata api packages' do
expect(chef_run).to upgrade_package 'nova-api-metadata'
@ -25,7 +26,11 @@ describe 'openstack-compute::api-metadata' do
it 'starts metadata api now' do
expect(chef_run).to start_service 'nova-api-metadata'
end
it do
template = chef_run.template('/etc/nova/api-paste.ini')
expect(template).to notify('service[nova-api-metadata]').to(:restart)
end
expect_creates_api_paste 'service[nova-api-metadata]'
# expect_creates_api_paste 'service[nova-api-metadata]'
end
end

8
spec/api-os-compute_spec.rb
View File

@ -13,6 +13,7 @@ describe 'openstack-compute::api-os-compute' do
include_examples 'expect_creates_nova_state_dir'
include_examples 'expect_creates_nova_lock_dir'
include_examples 'expect_upgrades_python_keystoneclient'
include_examples 'expect_creates_api_paste_template'
it 'creates the /var/cache/nova directory' do
expect(chef_run).to create_directory('/var/cache/nova').with(
@ -33,7 +34,10 @@ describe 'openstack-compute::api-os-compute' do
it 'starts openstack api now' do
expect(chef_run).to start_service 'nova-api-os-compute'
end
expect_creates_api_paste 'service[nova-api-os-compute]'
it do
template = chef_run.template('/etc/nova/api-paste.ini')
expect(template).to notify('service[nova-api-os-compute]').to(:restart)
end
# expect_creates_api_paste 'service[nova-api-os-compute]'
end
end

5
spec/compute-redhat_spec.rb
View File

@ -31,11 +31,6 @@ describe 'openstack-compute::compute' do
expect(chef_run).to upgrade_package('openstack-nova-compute')
end
it 'upgrades nfs client package' do
expect(chef_run).to upgrade_package('nfs-utils')
expect(chef_run).to upgrade_package('nfs-utils-lib')
end
it 'starts nova compute on boot' do
expected = 'openstack-nova-compute'
expect(chef_run).to enable_service(expected)

20
spec/compute-suse_spec.rb
View File

@ -1,20 +0,0 @@
# encoding: UTF-8
require_relative 'spec_helper'
describe 'openstack-compute::compute' do
describe 'suse' do
let(:runner) { ChefSpec::SoloRunner.new(SUSE_OPTS) }
let(:node) { runner.node }
let(:chef_run) { runner.converge(described_recipe) }
include_context 'compute_stubs'
include_examples 'expect_runs_nova_common_recipe'
include_examples 'expect_volume_packages'
it 'upgrades nfs client packages' do
expect(chef_run).to upgrade_package 'nfs-utils'
expect(chef_run).not_to upgrade_package 'nfs-utils-lib'
end
end
end

18
spec/compute_spec.rb
View File

@ -28,41 +28,33 @@ describe 'openstack-compute::compute' do
expect(chef_run).not_to include_recipe 'openstack-compute::api-metadata'
end
it 'runs network recipe' do
expect(chef_run).to include_recipe 'openstack-compute::network'
end
it 'upgrades nova compute package' do
expect(chef_run).to upgrade_package 'nova-compute'
end
it 'upgrades nfs client package' do
expect(chef_run).to upgrade_package 'nfs-common'
end
it "upgrades kvm when virt_type is 'kvm'" do
node.set['openstack']['compute']['libvirt']['virt_type'] = 'kvm'
node.set['openstack']['compute']['conf']['libvirt']['virt_type'] = 'kvm'
expect(chef_run).to upgrade_package 'nova-compute-kvm'
expect(chef_run).not_to upgrade_package 'nova-compute-qemu'
end
it 'honors the package options platform overrides for kvm' do
node.set['openstack']['compute']['libvirt']['virt_type'] = 'kvm'
node.set['openstack']['compute']['conf']['libvirt']['virt_type'] = 'kvm'
node.set['openstack']['compute']['platform']['package_overrides'] = '-o Dpkg::Options::=\'--force-confold\' -o Dpkg::Options::=\'--force-confdef\' --force-yes'
expect(chef_run).to upgrade_package('nova-compute-kvm').with(options: '-o Dpkg::Options::=\'--force-confold\' -o Dpkg::Options::=\'--force-confdef\' --force-yes')
end
it 'upgrades qemu when virt_type is qemu' do
node.set['openstack']['compute']['libvirt']['virt_type'] = 'qemu'
node.set['openstack']['compute']['conf']['libvirt']['virt_type'] = 'qemu'
expect(chef_run).to upgrade_package 'nova-compute-qemu'
expect(chef_run).not_to upgrade_package 'nova-compute-kvm'
end
it 'honors the package options platform overrides for qemu' do
node.set['openstack']['compute']['libvirt']['virt_type'] = 'qemu'
node.set['openstack']['compute']['conf']['libvirt']['virt_type'] = 'qemu'
node.set['openstack']['compute']['platform']['package_overrides'] = '-o Dpkg::Options::=\'--force-confold\' -o Dpkg::Options::=\'--force-confdef\' --force-yes'
expect(chef_run).to upgrade_package('nova-compute-qemu').with(options: '-o Dpkg::Options::=\'--force-confold\' -o Dpkg::Options::=\'--force-confdef\' --force-yes')
@ -70,7 +62,7 @@ describe 'openstack-compute::compute' do
%w(qemu kvm).each do |virt_type|
it "honors the package name platform overrides for #{virt_type}" do
node.set['openstack']['compute']['libvirt']['virt_type'] = virt_type
node.set['openstack']['compute']['conf']['libvirt']['virt_type'] = virt_type
node.set['openstack']['compute']['platform']["#{virt_type}_compute_packages"] = ["my-nova-#{virt_type}"]
expect(chef_run).to upgrade_package("my-nova-#{virt_type}")

8
spec/docker-setup-redhat_spec.rb
View File

@ -6,10 +6,12 @@ describe 'openstack-compute::docker-setup' do
describe 'redhat' do
let(:runner) { ChefSpec::SoloRunner.new(REDHAT_OPTS) }
let(:node) { runner.node }
let(:chef_run) { runner.converge(described_recipe) }
cached(:chef_run) { runner.converge(described_recipe) }
it 'upgrades python-devel package' do
expect(chef_run).to upgrade_package 'python-devel'
%w(python-devel git gcc).each do |pkg|
it do
expect(chef_run).to upgrade_package pkg
end
end
end
end

2
spec/docker-setup_spec.rb
View File

@ -6,7 +6,7 @@ describe 'openstack-compute::docker-setup' do
describe 'ubuntu' do
let(:runner) { ChefSpec::SoloRunner.new(UBUNTU_OPTS) }
let(:node) { runner.node }
let(:chef_run) { runner.converge(described_recipe) }
cached(:chef_run) { runner.converge(described_recipe) }
it 'runs a run python pip setuptools' do
expect(chef_run).to upgrade_python_pip('setuptools')

155
spec/identity_registration_spec.rb
View File

@ -72,84 +72,17 @@ describe 'openstack-compute::identity_registration' do
)
end
it 'with different admin URL' do
admin_url = 'https://admin.host:123/admin_path'
general_url = 'http://general.host:456/general_path'
# Set the general endpoint
node.set['openstack']['endpoints']['compute-api']['uri'] = general_url
# Set the admin endpoint override
node.set['openstack']['endpoints']['admin']['compute-api']['uri'] = admin_url
expect(chef_run).to create_endpoint_openstack_identity_register(
'Register Compute Endpoint'
).with(
auth_uri: 'http://127.0.0.1:35357/v2.0',
bootstrap_token: 'bootstrap-token',
service_type: 'compute',
endpoint_region: 'RegionOne',
endpoint_adminurl: admin_url,
endpoint_internalurl: general_url,
endpoint_publicurl: general_url
)
end
it 'with different public URL' do
public_url = 'https://public.host:789/public_path'
general_url = 'http://general.host:456/general_path'
# Set the general endpoint
node.set['openstack']['endpoints']['compute-api']['uri'] = general_url
# Set the public endpoint override
node.set['openstack']['endpoints']['public']['compute-api']['uri'] = public_url
expect(chef_run).to create_endpoint_openstack_identity_register(
'Register Compute Endpoint'
).with(
auth_uri: 'http://127.0.0.1:35357/v2.0',
bootstrap_token: 'bootstrap-token',
service_type: 'compute',
endpoint_region: 'RegionOne',
endpoint_adminurl: general_url,
endpoint_internalurl: general_url,
endpoint_publicurl: public_url
)
end
it 'with different internal URL' do
internal_url = 'http://internal.host:456/internal_path'
general_url = 'http://general.host:456/general_path'
# Set the general endpoint
node.set['openstack']['endpoints']['compute-api']['uri'] = general_url
# Set the internal endpoint override
node.set['openstack']['endpoints']['internal']['compute-api']['uri'] = internal_url
expect(chef_run).to create_endpoint_openstack_identity_register(
'Register Compute Endpoint'
).with(
auth_uri: 'http://127.0.0.1:35357/v2.0',
bootstrap_token: 'bootstrap-token',
service_type: 'compute',
endpoint_region: 'RegionOne',
endpoint_adminurl: general_url,
endpoint_internalurl: internal_url,
endpoint_publicurl: general_url
)
end
it 'with different URLs for all endpoints' do
admin_url = 'https://admin.host:123/admin_path'
it 'register endpoint with all different URLs' do
public_url = 'https://public.host:789/public_path'
internal_url = 'http://internal.host:456/internal_path'
admin_url = 'https://admin.host:123/admin_path'
node.set['openstack']['endpoints']['compute-api']['public']['uri'] = public_url
node.set['openstack']['endpoints']['compute-api']['internal']['uri'] = internal_url
node.set['openstack']['endpoints']['compute-api']['admin']['uri'] = admin_url
node.set['openstack']['endpoints']['admin']['compute-api']['uri'] = admin_url
node.set['openstack']['endpoints']['internal']['compute-api']['uri'] = internal_url
node.set['openstack']['endpoints']['public']['compute-api']['uri'] = public_url
expect(chef_run).to create_endpoint_openstack_identity_register(
'Register Compute Endpoint'
).with(
auth_uri: 'http://127.0.0.1:35357/v2.0',
bootstrap_token: 'bootstrap-token',
service_type: 'compute',
endpoint_region: 'RegionOne',
endpoint_adminurl: admin_url,
endpoint_internalurl: internal_url,
endpoint_publicurl: public_url
@ -157,7 +90,7 @@ describe 'openstack-compute::identity_registration' do
end
it 'with custom region override' do
node.set['openstack']['compute']['region'] = 'computeRegion'
node.set['openstack']['region'] = 'computeRegion'
expect(chef_run).to create_endpoint_openstack_identity_register(
'Register Compute Endpoint'
).with(endpoint_region: 'computeRegion')
@ -191,80 +124,14 @@ describe 'openstack-compute::identity_registration' do
)
end
it 'with different admin URL' do
admin_url = 'https://admin.host:123/admin_path'
general_url = 'http://general.host:456/general_path'
# Set the general endpoint
node.set['openstack']['endpoints']['compute-ec2-api']['uri'] = general_url
node.set['openstack']['endpoints']['compute-ec2-admin']['uri'] = general_url
# Set the admin endpoint override
node.set['openstack']['endpoints']['admin']['compute-ec2-admin']['uri'] = admin_url
expect(chef_run).to create_endpoint_openstack_identity_register(
'Register EC2 Endpoint'
).with(
auth_uri: 'http://127.0.0.1:35357/v2.0',
bootstrap_token: 'bootstrap-token',
service_type: 'ec2',
endpoint_region: 'RegionOne',
endpoint_adminurl: admin_url,
endpoint_internalurl: general_url,
endpoint_publicurl: general_url
)
end
it 'with different public URL' do
public_url = 'https://public.host:789/public_path'
general_url = 'http://general.host:456/general_path'
# Set the general endpoint
node.set['openstack']['endpoints']['compute-ec2-api']['uri'] = general_url
node.set['openstack']['endpoints']['compute-ec2-admin']['uri'] = general_url
# Set the public endpoint override
node.set['openstack']['endpoints']['public']['compute-ec2-api']['uri'] = public_url
expect(chef_run).to create_endpoint_openstack_identity_register(
'Register EC2 Endpoint'
).with(
auth_uri: 'http://127.0.0.1:35357/v2.0',
bootstrap_token: 'bootstrap-token',
service_type: 'ec2',
endpoint_region: 'RegionOne',
endpoint_adminurl: general_url,
endpoint_internalurl: general_url,
endpoint_publicurl: public_url
)
end
it 'with different internal URL' do
internal_url = 'http://internal.host:456/internal_path'
general_url = 'http://general.host:456/general_path'
# Set the general endpoint
node.set['openstack']['endpoints']['compute-ec2-api']['uri'] = general_url
node.set['openstack']['endpoints']['compute-ec2-admin']['uri'] = general_url
# Set the internal endpoint override
node.set['openstack']['endpoints']['internal']['compute-ec2-api']['uri'] = internal_url
expect(chef_run).to create_endpoint_openstack_identity_register(
'Register EC2 Endpoint'
).with(
auth_uri: 'http://127.0.0.1:35357/v2.0',
bootstrap_token: 'bootstrap-token',
service_type: 'ec2',
endpoint_region: 'RegionOne',
endpoint_adminurl: general_url,
endpoint_internalurl: internal_url,
endpoint_publicurl: general_url
)
end
it 'with different URLs for all endpoints' do
admin_url = 'https://admin.host:123/admin_path'
public_url = 'https://public.host:789/public_path'
internal_url = 'http://internal.host:456/internal_path'
node.set['openstack']['endpoints']['admin']['compute-ec2-admin']['uri'] = admin_url
node.set['openstack']['endpoints']['internal']['compute-ec2-api']['uri'] = internal_url
node.set['openstack']['endpoints']['public']['compute-ec2-api']['uri'] = public_url
node.set['openstack']['endpoints']['compute-ec2']['admin']['uri'] = admin_url
node.set['openstack']['endpoints']['compute-ec2-api']['internal']['uri'] = internal_url
node.set['openstack']['endpoints']['compute-ec2-api']['public']['uri'] = public_url
expect(chef_run).to create_endpoint_openstack_identity_register(
'Register EC2 Endpoint'
).with(
@ -279,7 +146,7 @@ describe 'openstack-compute::identity_registration' do
end
it 'with customer region override' do
node.set['openstack']['compute']['region'] = 'ec2Region'
node.set['openstack']['region'] = 'ec2Region'
expect(chef_run).to create_endpoint_openstack_identity_register(
'Register EC2 Endpoint'
).with(endpoint_region: 'ec2Region')
@ -288,7 +155,7 @@ describe 'openstack-compute::identity_registration' do
describe "when 'ec2' is not in the list of enabled_apis" do
before do
node.set['openstack']['compute']['enabled_apis'] = 'osapi_compute'
node.set['openstack']['compute']['conf']['DEFAULT']['enabled_apis'] = 'osapi_compute'
end
it 'does not register ec2 service' do

75
spec/libvirt-suse_spec.rb
View File

@ -1,75 +0,0 @@
# encoding: UTF-8
require_relative 'spec_helper'
describe 'openstack-compute::libvirt' do
before do
# This is stubbed b/c systems without '/boot/grub/menul.lst`,
# fail to pass tests. This can be removed if a check verifies
# the files existence prior to File#open.
allow(File).to receive(:open).and_call_original
end
describe 'suse' do
let(:runner) { ChefSpec::SoloRunner.new(SUSE_OPTS) }
let(:node) { runner.node }
let(:chef_run) { runner.converge(described_recipe) }
include_context 'compute_stubs'
it 'upgrade libvirt package' do
expect(chef_run).to upgrade_package 'libvirt'
expect(chef_run).to upgrade_package 'device-mapper'
end
it 'creates libvirtd group and adds nova as a member' do
expect(chef_run).to create_group('libvirt').with(members: ['openstack-nova'])
end
it 'starts libvirt' do
expect(chef_run).to start_service 'libvirtd'
end
it 'starts libvirt on boot' do
expect(chef_run).to enable_service 'libvirtd'
end
it 'does not install /etc/sysconfig/libvirtd' do
expect(chef_run).not_to create_template('/etc/sysconfig/libvirtd')
end
it 'upgrade kvm package' do
expect(chef_run).to upgrade_package 'kvm'
end
it 'upgrade kvm package' do
node.set['openstack']['compute']['libvirt']['virt_type'] = 'qemu'
expect(chef_run).to upgrade_package 'kvm'
end
it 'upgrade xen packages' do
node.set['openstack']['compute']['libvirt']['virt_type'] = 'xen'
['kernel-xen', 'xen', 'xen-tools'].each do |pkg|
expect(chef_run).to upgrade_package pkg
end
end
describe 'lxc' do
before do
node.set['openstack']['compute']['libvirt']['virt_type'] = 'lxc'
end
it 'upgrade lxc package' do
expect(chef_run).to upgrade_package 'lxc'
end
it 'starts boot.cgroupslxc' do
expect(chef_run).to start_service 'boot.cgroup'
end
it 'starts boot.cgroups on boot' do
expect(chef_run).to enable_service 'boot.cgroup'
end
end
end
end

22
spec/network-redhat_spec.rb
View File

@ -1,22 +0,0 @@
# encoding: UTF-8
require_relative 'spec_helper'
describe 'openstack-compute::network' do
describe 'redhat' do
let(:runner) { ChefSpec::SoloRunner.new(REDHAT_OPTS) }
let(:node) { runner.node }
let(:chef_run) { runner.converge(described_recipe) }
include_context 'compute_stubs'
it 'upgrades nova network packages' do
expect(chef_run).to upgrade_package('iptables')
expect(chef_run).to upgrade_package('openstack-nova-network')
end
it 'starts nova network on boot' do
expect(chef_run).to enable_service('openstack-nova-network')
end
end
end

73
spec/network_spec.rb
View File

@ -1,73 +0,0 @@
# encoding: UTF-8
require_relative 'spec_helper'
describe 'openstack-compute::network' do
describe 'ubuntu' do
let(:runner) { ChefSpec::SoloRunner.new(UBUNTU_OPTS) }
let(:node) { runner.node }
let(:chef_run) { runner.converge(described_recipe) }
include_context 'compute_stubs'
include_examples 'expect_runs_nova_common_recipe'
context "when service_type is 'nova'" do
before do
node.set['openstack']['compute']['network']['service_type'] = 'nova'
end
it 'upgrades nova network packages' do
expect(chef_run).to upgrade_package('iptables')
expect(chef_run).to upgrade_package('nova-network')
end
it 'starts nova network on boot' do
expect(chef_run).to enable_service('nova-network')
end
end
context "when service_type is 'neutron'" do
let(:file) { chef_run.template('/etc/nova/nova.conf') }
before do
node.set['openstack']['compute']['network']['service_type'] = 'neutron'
node.set['openstack']['compute']['network']['plugins'] = ['openvswitch']
end
it 'includes openstack-network recipes for neutron when service type is neutron' do
expect(chef_run).to include_recipe('openstack-network::openvswitch')
end
it 'includes neutron section defaults' do
[
%r{^url=http://127.0.0.1:9696$},
/^auth_strategy=keystone$/,
/^admin_tenant_name=service$/,
/^admin_username=neutron$/,
/^admin_password=neutron-pass$/,
%r{^admin_auth_url=http://127.0.0.1:5000/v2.0$},
/^timeout=30$/,
/^region_name=$/,
/^ovs_bridge=br-int$/,
/^extension_sync_interval=600$/,
/^cafile=$/,
/^service_metadata_proxy=true$/,
/^metadata_proxy_shared_secret=metadata-secret$/
].each do |line|
expect(chef_run).to render_config_file(file.name)\
.with_section_content('neutron', line)
end
[
/^network_api_class=nova.network.neutronv2.api.API$/,
/^linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver$/,
/^security_group_api=neutron$/,
/^default_floating_pool=public$/,
/^dns_server=8.8.8.8$/
].each do |line|
expect(chef_run).to render_file(file.name).with_content(line)
end
end
end
end
end

10
spec/nova-common-redhat_spec.rb
View File

@ -23,15 +23,5 @@ describe 'openstack-compute::nova-common' do
it 'upgrades memcache python packages' do
expect(chef_run).to upgrade_package 'python-memcached'
end
describe 'nova.conf' do
let(:file) { chef_run.template('/etc/nova/nova.conf') }
[/^ec2_private_dns_show_ip=True$/, /^force_dhcp_release=false$/].each do |content|
it "has a #{content.source[1...-1]} line" do
expect(chef_run).to render_file(file.name).with_content(content)
end
end
end
end
end

800
spec/nova-common_spec.rb
View File

File diff suppressed because it is too large Load Diff

69
spec/nova-setup_spec.rb
View File

@ -27,74 +27,5 @@ describe 'openstack-compute::nova-setup' do
timeout: 1234
)
end
it 'adds nova network ipv4 addresses' do
cmd = ['nova-manage network create --label=public',
'--fixed_range_v4=192.168.100.0/24',
"--multi_host='T'",
'--num_networks=1',
'--network_size=255',
'--bridge=br100',
'--dns1=8.8.8.8',
'--dns2=8.8.4.4',
'--bridge_interface=eth2'].join(' ')
expect(chef_run).to run_execute(cmd).with(user: 'nova', group: 'nova')
end
it 'adds a private nova network address' do
expect(chef_run).to run_execute('nova-manage network create --label=private')
end
it 'creates add_floaters.py' do
expect(chef_run).to create_cookbook_file('/usr/local/bin/add_floaters.py').with(
user: 'root',
group: 'root',
mode: 00755
)
end
it 'adds cidr range of floating ipv4 addresses' do
node.set['openstack']['compute']['network']['floating']['ipv4_cidr'] = '10.10.10.0/24'
expect(chef_run).to run_execute(
'/usr/local/bin/add_floaters.py nova --cidr=10.10.10.0/24')
end
it 'adds range of floating ipv4 addresses' do
node.set['openstack']['compute']['network'] = {
'floating' => {
'ipv4_range' => '10.10.10.1,10.10.10.5'
}
}
expect(chef_run).to run_execute('/usr/local/bin/add_floaters.py nova --ip-range=10.10.10.1,10.10.10.5')
end
context 'when neutron is used' do
before do
node.set['openstack']['compute']['network']['service_type'] = 'neutron'
node.set['openstack']['compute']['network']['floating']['ipv4_cidr'] = '10.10.10.0/24'
node.set['openstack']['compute']['network']['floating']['public_network_name'] = 'public'
end
it 'upgrades the neutron python packages' do
expect(chef_run).to upgrade_package('python-neutronclient')
expect(chef_run).to upgrade_package('python-pyparsing')
end
it 'include common openrc recipe' do
expect(chef_run).to include_recipe('openstack-common::openrc')
end
it 'adds cidr range of floating ipv4 addresses to neutron' do
# used to stub the only_if { File.exist?('/root/openrc') } in
# execute[neutron floating create]
Chef::Resource::Execute.any_instance.stub(:should_skip?).and_return(false)
expect(chef_run).to run_execute('neutron floating create').with(
command: '. /root/openrc && /usr/local/bin/add_floaters.py neutron --cidr=10.10.10.0/24 --pool=public'
)
end
end
end
end

82
spec/spec_helper.rb
View File

@ -9,11 +9,7 @@ require 'chef/application'
require 'securerandom'
LOG_LEVEL = :fatal
SUSE_OPTS = {
platform: 'suse',
version: '11.3',
log_level: LOG_LEVEL
}
REDHAT_OPTS = {
platform: 'redhat',
version: '7.1',
@ -74,18 +70,15 @@ shared_context 'compute_stubs' do
allow_any_instance_of(Chef::Recipe).to receive(:get_password)
.with('service', 'rbd_block_storage')
.and_return 'cinder-rbd-pass'
allow_any_instance_of(Chef::Recipe).to receive(:get_password)
.with('service', 'openstack-bare-metal')
.and_return 'ironic-pass'
# allow_any_instance_of(Chef::Recipe).to receive(:get_password)
# .with('service', 'openstack-bare-metal')
# .and_return 'ironic-pass'
allow_any_instance_of(Chef::Recipe).to receive(:memcached_servers).and_return []
allow_any_instance_of(Chef::Recipe).to receive(:system)
.with("grub2-set-default 'openSUSE GNU/Linux, with Xen hypervisor'")
.and_return(true)
allow(Chef::Application).to receive(:fatal!)
allow(SecureRandom).to receive(:hex).and_return('ad3313264ea51d8c6a3d1c5b140b9883')
stub_command('nova-manage network list | grep 192.168.100.0/24').and_return(false)
stub_command('nova-manage network list | grep 192.168.200.0/24').and_return(false)
stub_command("nova-manage floating list |grep -E '.*([0-9]{1,3}[.]){3}[0-9]{1,3}*'").and_return(false)
# stub_command('nova-manage network list | grep 192.168.100.0/24').and_return(false)
# stub_command('nova-manage network list | grep 192.168.200.0/24').and_return(false)
# stub_command("nova-manage floating list |grep -E '.*([0-9]{1,3}[.]){3}[0-9]{1,3}*'").and_return(false)
stub_command('virsh net-list | grep -q default').and_return(true)
stub_command('ovs-vsctl br-exists br-int').and_return(true)
stub_command('ovs-vsctl br-exists br-tun').and_return(true)
@ -145,49 +138,44 @@ shared_examples 'expect_creates_nova_instances_dir' do
end
end
def expect_creates_api_paste(service, action = :restart) # rubocop:disable MethodLength
describe '/etc/nova/api-paste.ini' do
let(:file) { chef_run.template('/etc/nova/api-paste.ini') }
it 'creates api-paste.ini' do
expect(chef_run).to create_template(file.name).with(
user: 'nova',
group: 'nova',
mode: 0644
)
end
shared_examples 'expect_creates_api_paste_template' do
let(:file) { chef_run.template('/etc/nova/api-paste.ini') }
it 'creates api-paste.ini' do
expect(chef_run).to create_template('/etc/nova/api-paste.ini').with(
user: 'nova',
group: 'nova',
mode: 0644
)
end
context 'template contents' do
context 'ec2 enabled' do
before do
node.set['openstack']['compute']['enabled_apis'] = %w(ec2)
end
it 'sets the pipeline attribute' do
expect(chef_run).to render_file(file.name)
.with_content(/^pipeline = ec2faultwrap logrequest metaapp$/)
end
it 'sets ec2 attributes' do
expect(chef_run).to render_file(file.name)
.with_content(/^\[composite:ec2\]$/)
end
context 'template contents' do
context 'ec2 enabled' do
before do
node.set['openstack']['compute']['conf']['DEFAULT']['enabled_apis'] =
%w(ec2)
end
it 'sets the pipeline attribute when ec2 api is disabled' do
node.set['openstack']['compute']['enabled_apis'] = []
it 'sets the pipeline attribute' do
expect(chef_run).to render_file(file.name)
.with_content(/^pipeline = faultwrap metaapp$/)
.with_content(/^pipeline = ec2faultwrap logrequest metaapp$/)
end
it 'pastes the misc attributes' do
node.set['openstack']['compute']['misc_paste'] = %w(paste1 paste2)
it 'sets ec2 attributes' do
expect(chef_run).to render_file(file.name)
.with_content(/^paste1$/).with_content(/^paste2$/)
.with_content(/^\[composite:ec2\]$/)
end
end
it 'notifies #{service} #{action}' do
expect(file).to notify(service).to(action)
it 'sets the pipeline attribute when ec2 api is disabled' do
node.set['openstack']['compute']['conf']['DEFAULT']['enabled_apis'] = []
expect(chef_run).to render_file(file.name)
.with_content(/^pipeline = faultwrap metaapp$/)
end
it 'pastes the misc attributes' do
node.set['openstack']['compute']['misc_paste'] = %w(paste1 paste2)
expect(chef_run).to render_file(file.name)
.with_content(/^paste1$/).with_content(/^paste2$/)
end
end
end

4
templates/default/api-paste.ini.erb
View File

@ -8,7 +8,7 @@ use = egg:Paste#urlmap
/: meta
[pipeline:meta]
<% if node["openstack"]["compute"]["enabled_apis"].include?("ec2") %>
<% if node['openstack']['compute']['conf']['DEFAULT']['enabled_apis'].include?("ec2") %>
pipeline = ec2faultwrap logrequest metaapp
<% else -%>
pipeline = faultwrap metaapp
@ -17,7 +17,7 @@ pipeline = faultwrap metaapp
[app:metaapp]
paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory
<% if node["openstack"]["compute"]["enabled_apis"].include?("ec2") %>
<% if node['openstack']['compute']['conf']['DEFAULT']['enabled_apis'].include?("ec2") %>
#######
# EC2 #
#######

980
templates/default/nova.conf.erb
View File

@ -1,972 +1,12 @@
<%= node["openstack"]["compute"]["custom_template_banner"] %>
[DEFAULT]
# LOGS/STATE
debug=<%= node["openstack"]["compute"]["debug"] %>
verbose=<%= node["openstack"]["compute"]["verbose"] %>
auth_strategy=<%= node["openstack"]["compute"]["api"]["auth_strategy"] %>
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
log_dir=<%= node["openstack"]["compute"]["log_dir"] %>
<% if node["openstack"]["compute"]["syslog"]["use"] %>
log_config = /etc/openstack/logging.conf
<% end %>
state_path=<%= node["openstack"]["compute"]["state_path"] %>
instances_path=<%= node["openstack"]["compute"]["instances_path"] %>
instance_name_template=<%= node["openstack"]["compute"]["instance_name_template"] %>
network_allocate_retries=<%= node['openstack']['compute']['network_allocate_retries'] %>
ssl_only=<%= node['openstack']['compute']['ssl_only'] %>
cert=<%= node['openstack']['compute']['cert'] %>
key=<%= node['openstack']['compute']['key'] %>
# Command prefix to use for running commands as root (default: sudo)
rootwrap_config=/etc/nova/rootwrap.conf
# Should unused base images be removed? (default: false)
remove_unused_base_images=<%= node["openstack"]["compute"]["libvirt"]["remove_unused_base_images"] %>
# Unused unresized base images younger than this will not be removed (default: 86400)
remove_unused_original_minimum_age_seconds=<%= node["openstack"]["compute"]["libvirt"]["remove_unused_original_minimum_age_seconds"] %>
# Options defined in nova.openstack.common.rpc
rpc_thread_pool_size=<%= node["openstack"]["compute"]["rpc_thread_pool_size"] %>
rpc_conn_pool_size=<%= node["openstack"]["compute"]["rpc_conn_pool_size"] %>
rpc_response_timeout=<%= node["openstack"]["compute"]["rpc_response_timeout"] %>
rpc_backend=<%= node["openstack"]["compute"]["rpc_backend"] %>
##### SCHEDULER #####
# Flag to decide whether to use baremetal_scheduler_default_filters or not (boolean value).
scheduler_use_baremetal_filters=<%= node["openstack"]["compute"]["scheduler"]["use_baremetal_filters"] %>
# Which filter class names to use for filtering baremetal hosts when not specified in the request.
baremetal_scheduler_default_filters=<%= node["openstack"]["compute"]["scheduler"]["baremetal_default_filters"].join(",") %>
scheduler_manager=<%= node["openstack"]["compute"]["scheduler"]["scheduler_manager"] %>
scheduler_driver=<%= node["openstack"]["compute"]["scheduler"]["scheduler_driver"] %>
scheduler_available_filters=<%= node["openstack"]["compute"]["scheduler"]["available_filters"] %>
# which filter class names to use for filtering hosts when not specified in the request.
scheduler_default_filters=<%= @scheduler_default_filters %>
default_availability_zone=<%= node["openstack"]["compute"]["config"]["availability_zone"] %>
default_schedule_zone=<%= node["openstack"]["compute"]["config"]["default_schedule_zone"] %>
scheduler_host_manager=<%= node["openstack"]["compute"]["scheduler"]["scheduler_host_manager"] %>
##### NETWORK #####
<% case node["openstack"]["compute"]["network"]["service_type"]
when "neutron" -%>
network_api_class=<%= node["openstack"]["compute"]["network"]["neutron"]["network_api_class"] %>
linuxnet_interface_driver=<%= node["openstack"]["compute"]["network"]["neutron"]["linuxnet_interface_driver"] %>
firewall_driver = nova.virt.firewall.NoopFirewallDriver
security_group_api=<%= node["openstack"]["compute"]["network"]["neutron"]["security_group_api"] %>
default_floating_pool=<%= node["openstack"]["compute"]["network"]["neutron"]["public_network_name"] %>
dns_server=<%= node["openstack"]["compute"]["network"]["neutron"]["dns_server"] %>
<% when "nova" -%>
multi_host=<%= node["openstack"]["compute"]["network"]["multi_host"] %>
network_manager=<%= node["openstack"]["compute"]["network"]["network_manager"] %>
public_interface=<%= node["openstack"]["compute"]["network"]["public_interface"] %>
dmz_cidr=<%= node["openstack"]["compute"]["network"]["dmz_cidr"] %>
force_dhcp_release=<%= node["openstack"]["compute"]["network"]["force_dhcp_release"] %>
<% if node["openstack"]["compute"]["dhcp_domain"] -%>
dhcp_domain=<%= node["openstack"]["compute"]["dhcp_domain"] %>
<% end %>
send_arp_for_ha=true
use_single_default_gateway=<%= node["openstack"]["compute"]["network"]["use_single_default_gateway"] %>
vlan_interface=<%= node["openstack"]["compute"]["network"]["vlan_interface"] %>
auto_assign_floating_ip=<%= node["openstack"]["compute"]["network"]["auto_assign_floating_ip"] %>
<% @service_config.each do |section, values| -%>
[<%= section %>]
<% values.each do |key, value| -%>
<% if value.class == Hash -%>
<%= "# #{value['comment']}" -%>
<%= key %> = <%= value['set_to'] %>
<% else -%>
<%= key %> = <%= value %>
<% end -%>
<% end -%>
<% end -%>
use_ipv6=<%= node["openstack"]["compute"]["network"]["use_ipv6"] %>
##### GLANCE #####
image_service=nova.image.glance.GlanceImageService
##### COMPUTE #####
compute_driver=<%= node["openstack"]["compute"]["driver"] %>
<% if node["openstack"]["compute"]["default_ephemeral_format"] %>
default_ephemeral_format=<%= node["openstack"]["compute"]["default_ephemeral_format"] %>
<% end %>
preallocate_images=<%= node["openstack"]["compute"]["preallocate_images"] %>
use_cow_images=<%= node["openstack"]["compute"]["use_cow_images"] %>
vif_plugging_is_fatal=<%= node["openstack"]["compute"]["vif_plugging_is_fatal"] %>
vif_plugging_timeout=<%= node["openstack"]["compute"]["vif_plugging_timeout"] %>
compute_manager=<%= node["openstack"]["compute"]["manager"] %>
connection_type=libvirt
##### NOTIFICATIONS #####
<% if node['openstack']['compute']['config']['notification_drivers'] %>
# Driver or drivers to handle sending notifications (multi valued)
<% node['openstack']['compute']['config']['notification_drivers'].each do |d| %>
notification_driver=<%= d %>
<% end %>
<% end %>
<% if node['openstack']['compute']['config']['notification_topics'] %>
# AMQP topic used for OpenStack notifications. (list value)
# Deprecated group/name - [rpc_notifier2]/topics
notification_topics=<%= node['openstack']['compute']['config']['notification_topics'].join(",") %>
<% end %>
# Generate periodic compute.instance.exists notifications
instance_usage_audit=<%= node['openstack']['compute']['config']['instance_usage_audit'] %>
# Time period to generate instance usages for. Time period
# must be hour, day, month or year (string value)
instance_usage_audit_period=<%= node['openstack']['compute']['config']['instance_usage_audit_period'] %>
<% unless node['openstack']['compute']['config']['notify_on_state_change'].empty? -%>
# If set, send compute.instance.update notifications on
# instance state changes. Valid values are None for no
# notifications, "vm_state" for notifications on VM state
# changes, or "vm_and_task_state" for notifications on VM and
# task state changes. (string value)
notify_on_state_change=<%= node['openstack']['compute']['config']['notify_on_state_change'] %>
<% end %>
<% if node["openstack"]["compute"]["enabled_apis"].include?("osapi_compute") -%>
# The IP address on which the OpenStack API will listen. (string value)
osapi_compute_listen=<%= @compute_api_bind_ip %>
# The port on which the OpenStack API will listen. (integer value)
osapi_compute_listen_port=<%= @compute_api_bind_port %>
<% end -%>
# The IP address on which the metadata will listen. (string value)
metadata_listen=<%= @compute_metadata_api_bind_ip %>
# The port on which the metadata will listen. (integer value)
metadata_listen_port=<%= @compute_metadata_api_bind_port %>
##### VNCPROXY #####
novncproxy_base_url=<%= @novncproxy_base_url %>
xvpvncproxy_base_url=<%= @xvpvncproxy_base_url %>
# This is only required on the server running xvpvncproxy
xvpvncproxy_host=<%= @xvpvncproxy_bind_host %>
xvpvncproxy_port=<%= @xvpvncproxy_bind_port %>
# This is only required on the server running novncproxy
novncproxy_host=<%= @novncproxy_bind_host %>
novncproxy_port=<%= @novncproxy_bind_port %>
vncserver_listen=<%= @vncserver_listen %>
vncserver_proxyclient_address=<%= @vncserver_proxyclient_address %>
# Enable VNC related features (boolean value)
vnc_enabled=<%= node['openstack']['compute']['vnc']['enabled'] %>
vnc_keymap=<%= node['openstack']['compute']['vnc']['keymap'] %>
# store consoleauth tokens in memcached
<% unless @memcache_servers.empty? -%>
memcached_servers=<%= @memcache_servers %>
<% end -%>
##### MISC #####
# force backing images to raw format
force_raw_images=<%= node["openstack"]["compute"]["config"]["force_raw_images"] %>
allow_same_net_traffic=<%= node["openstack"]["compute"]["config"]["allow_same_net_traffic"] %>
osapi_max_limit=<%= node["openstack"]["compute"]["config"]["osapi_max_limit"] %>
# If you terminate SSL with a load balancer, the HTTP_HOST environ
# variable that generates the request_uri in webob.Request will lack
# the HTTPS scheme. Setting this overrides the default and allows
# URIs returned in the various links collections to contain the proper
# HTTPS endpoint.
<% if node["openstack"]["compute"]["config"]["osapi_compute_link_prefix"] %>
osapi_compute_link_prefix=<%= node["openstack"]["compute"]["config"]["osapi_compute_link_prefix"] -%>
<% end -%>
<% if node["openstack"]["compute"]["config"]["osapi_glance_link_prefix"] %>
osapi_glance_link_prefix=<%= node["openstack"]["compute"]["config"]["osapi_glance_link_prefix"] -%>
<% end -%>
start_guests_on_host_boot=<%= node["openstack"]["compute"]["config"]["start_guests_on_host_boot"] %>
resume_guests_state_on_host_boot=<%= node["openstack"]["compute"]["config"]["resume_guests_state_on_host_boot"] %>
allow_resize_to_same_host=<%= node["openstack"]["compute"]["config"]["allow_resize_to_same_host"] %>
resize_confirm_window=<%= node["openstack"]["compute"]["config"]["resize_confirm_window"] %>
# (IntOpt) Number of seconds between instance network information cache updates.
heal_instance_info_cache_interval=<%= node['openstack']['compute']['config']['heal_instance_info_cache_interval'] %>
live_migration_retry_count=<%= node["openstack"]["compute"]["config"]["live_migration_retry_count"] %>
##### QUOTAS #####
# (StrOpt) default driver to use for quota checks (default: nova.quota.DbQuotaDriver)
quota_driver=<%= node["openstack"]["compute"]["config"]["quota_driver"] %>
# number of security groups per project (default: 10)
quota_security_groups=<%= node["openstack"]["compute"]["config"]["quota_security_groups"] %>
# number of security rules per security group (default: 20)
quota_security_group_rules=<%= node["openstack"]["compute"]["config"]["quota_security_group_rules"] %>
# number of instance cores allowed per project (default: 20)
quota_cores=<%= node["openstack"]["compute"]["config"]["quota_cores"] %>
# number of fixed ips allowed per project (this should be at least the number of instances allowed) (default: -1)
quota_fixed_ips=<%= node["openstack"]["compute"]["config"]["quota_fixed_ips"] %>
# number of floating ips allowed per project (default: 10)
quota_floating_ips=<%= node["openstack"]["compute"]["config"]["quota_floating_ips"] %>
# number of bytes allowed per injected file (default: 10240)
quota_injected_file_content_bytes=<%= node["openstack"]["compute"]["config"]["quota_injected_file_content_bytes"] %>
# number of bytes allowed per injected file path (default: 255)
quota_injected_file_path_length=<%= node["openstack"]["compute"]["config"]["quota_injected_file_path_length"] %>
# number of injected files allowed (default: 5)
quota_injected_files=<%= node["openstack"]["compute"]["config"]["quota_injected_files"] %>
# number of instances allowed per project (defailt: 10)
quota_instances=<%= node["openstack"]["compute"]["config"]["quota_instances"] %>
# number of key pairs per user (default: 100)
quota_key_pairs=<%= node["openstack"]["compute"]["config"]["quota_key_pairs"] %>
# number of metadata items allowed per instance (default: 128)
quota_metadata_items=<%= node["openstack"]["compute"]["config"]["quota_metadata_items"] %>
# megabytes of instance ram allowed per project (default: 51200)
quota_ram=<%= node["openstack"]["compute"]["config"]["quota_ram"] %>
<%- if /ComputeFilter/.match(@scheduler_default_filters) %>
# virtual CPU to Physical CPU allocation ratio (default: 16.0)
cpu_allocation_ratio=<%= node["openstack"]["compute"]["config"]["cpu_allocation_ratio"] %>
<%- end %>
<%- if /RamFilter/.match(@scheduler_default_filters) %>
# virtual ram to physical ram allocation ratio (default: 1.5)
ram_allocation_ratio=<%= node["openstack"]["compute"]["config"]["ram_allocation_ratio"] %>
<%- end %>
<%- if /DiskFilter/.match(@scheduler_default_filters) %>
# virtual disk to physical disk allocation ratio (default: 1.0)
disk_allocation_ratio=<%= node["openstack"]["compute"]["config"]["disk_allocation_ratio"] %>
<%- end %>
<% if node["openstack"]["compute"]["config"]["force_config_drive"] %>
force_config_drive=<%= node["openstack"]["compute"]["config"]["force_config_drive"] %>
<% end %>
config_drive_format=<%= node["openstack"]["compute"]["config"]["config_drive_format"] %>
mkisofs_cmd=<%= node["openstack"]["compute"]["config"]["mkisofs_cmd"] %>
injected_network_template=<%= node["openstack"]["compute"]["config"]["injected_network_template"] %>
flat_injected=<%= node["openstack"]["compute"]["config"]["flat_injected"] %>
# Amount of disk in MB to reserve for the host (default: 0)
reserved_host_disk_mb=<%= node["openstack"]["compute"]["config"]["reserved_host_disk_mb"] %>
# Amount of disk in MB to reserve for the host (default: 512)
reserved_host_memory_mb=<%= node["openstack"]["compute"]["config"]["reserved_host_memory_mb"] %>
<% if node["openstack"]["compute"]["enabled_apis"].include?("ec2") %>
# The IP address on which the EC2 API will listen. (string value)
ec2_listen=<%= @ec2_api_bind_ip %>
# The port on which the EC2 API will listen. (integer value)
ec2_listen_port=<%= @ec2_api_bind_port %>
<% if %w(fedora rhel).include? node.platform_family -%>
# Adding support for non-modded euca2ools to display ip address info
# https://bugs.launchpad.net/nova/+bug/901594
ec2_private_dns_show_ip=True
<% end -%>
##### WORKERS ######
<% if node["openstack"]["compute"]["ec2_workers"] %>
ec2_workers=<%= node["openstack"]["compute"]["ec2_workers"] %>
<% end %>
##### KEYSTONE #####
keystone_ec2_url=<%= @identity_endpoint.scheme %>://<%= @identity_endpoint.host %>:<%= @identity_endpoint.port %>/v2.0/ec2tokens
<% end -%>
# a list of APIs to enable by default (list value)
enabled_apis=<%= node["openstack"]["compute"]["enabled_apis"] %>
##### WORKERS ######
<% if node["openstack"]["compute"]["osapi_compute_workers"] %>
osapi_compute_workers=<%= node["openstack"]["compute"]["osapi_compute_workers"] %>
<% end %>
<% if node["openstack"]["compute"]["metadata_workers"] %>
metadata_workers=<%= node["openstack"]["compute"]["metadata_workers"] %>
<% end %>
##### MONITORS ######
<% node['openstack']['compute']['config']['compute_available_monitors'].each do |m| %>
# Monitor classes available to the compute which may be
# specified more than once. (multi valued)
compute_available_monitors=<%= m %>
<% end %>
<% if node["openstack"]["compute"]["config"]["compute_monitors"] %>
# A list of monitors that can be used for getting compute
# metrics. (list value)
compute_monitors=<%= node["openstack"]["compute"]["config"]["compute_monitors"].join(",") %>
<% end %>
##### VOLUMES #####
# iscsi target user-land tool to use
iscsi_helper=<%= @iscsi_helper %>
volume_api_class=<%= node["openstack"]["compute"]["config"]["volume_api_class"] %>
# Override the default dnsmasq settings with this file (String value)
dnsmasq_config_file=<%= node['openstack']['compute']['dnsmasq_config_file'] %>
##### THIRD PARTY ADDITIONS #####
<% if node["openstack"]["compute"]["plugins"] %>
<% node["openstack"]["compute"]["plugins"].each do |p| %>
osapi_compute_extension=<%= p %>
<% end %>
<% end %>
<% if node["openstack"]["compute"]["misc_nova"] %>
<% node["openstack"]["compute"]["misc_nova"].each do |m| %>
<%= m %>
<% end %>
<% end %>
[guestfs]
# Enable guestfs debug
debug=<%= node['openstack']['compute']['guestfs']['debug'] %>
[database]
#
# Options defined in oslo.db
#
# The file name to use with SQLite. (string value)
#sqlite_db=oslo.sqlite
# If True, SQLite uses synchronous mode. (boolean value)
#sqlite_synchronous=true
# The back end to use for the database. (string value)
# Deprecated group/name - [DEFAULT]/db_backend
#backend=sqlalchemy
# The SQLAlchemy connection string to use to connect to the
# database. (string value)
# Deprecated group/name - [DEFAULT]/sql_connection
# Deprecated group/name - [DATABASE]/sql_connection
# Deprecated group/name - [sql]/connection
connection=<%= @sql_connection %>
# The SQLAlchemy connection string to use to connect to the
# slave database. (string value)
#slave_connection=<None>
<% if node['openstack']['endpoints']['db']['enabled_slave'] %>
slave_connection=<%= @slave_connection %>
<% end %>
# The SQL mode to be used for MySQL sessions. This option,
# including the default, overrides any server-set SQL mode. To
# use whatever SQL mode is set by the server configuration,
# set this to no value. Example: mysql_sql_mode= (string
# value)
#mysql_sql_mode=TRADITIONAL
# Timeout before idle SQL connections are reaped. (integer
# value)
# Deprecated group/name - [DEFAULT]/sql_idle_timeout
# Deprecated group/name - [DATABASE]/sql_idle_timeout
# Deprecated group/name - [sql]/idle_timeout
#idle_timeout=3600
# Minimum number of SQL connections to keep open in a pool.
# (integer value)
# Deprecated group/name - [DEFAULT]/sql_min_pool_size
# Deprecated group/name - [DATABASE]/sql_min_pool_size
#min_pool_size=1
# Maximum number of SQL connections to keep open in a pool.
# (integer value)
# Deprecated group/name - [DEFAULT]/sql_max_pool_size
# Deprecated group/name - [DATABASE]/sql_max_pool_size
#max_pool_size=<None>
# Maximum number of database connection retries during
# startup. Set to -1 to specify an infinite retry count.
# (integer value)
# Deprecated group/name - [DEFAULT]/sql_max_retries
# Deprecated group/name - [DATABASE]/sql_max_retries
#max_retries=10
# Interval between retries of opening a SQL connection.
# (integer value)
# Deprecated group/name - [DEFAULT]/sql_retry_interval
# Deprecated group/name - [DATABASE]/reconnect_interval
#retry_interval=10
# If set, use this value for max_overflow with SQLAlchemy.
# (integer value)
# Deprecated group/name - [DEFAULT]/sql_max_overflow
# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow
#max_overflow=<None>
# Verbosity of SQL debugging information: 0=None,
# 100=Everything. (integer value)
# Deprecated group/name - [DEFAULT]/sql_connection_debug
#connection_debug=0
# Add Python stack traces to SQL as comment strings. (boolean
# value)
# Deprecated group/name - [DEFAULT]/sql_connection_trace
#connection_trace=false
# If set, use this value for pool_timeout with SQLAlchemy.
# (integer value)
# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout
#pool_timeout=<None>
# Enable the experimental use of database reconnect on
# connection lost. (boolean value)
#use_db_reconnect=false
# Seconds between database connection retries. (integer value)
#db_retry_interval=1
# If True, increases the interval between database connection
# retries up to db_max_retry_interval. (boolean value)
#db_inc_retry_interval=true
# If db_inc_retry_interval is set, the maximum seconds between
# database connection retries. (integer value)
#db_max_retry_interval=10
# Maximum database connection retries before error is raised.
# Set to -1 to specify an infinite retry count. (integer
# value)
#db_max_retries=20
#
# Options defined in ironic.db.sqlalchemy.models
#
# MySQL engine to use. (string value)
#mysql_engine=InnoDB
[ssl]
# CA certificate file to use to verify connecting clients
ca_file=<%= node['openstack']['compute']['image']['ssl']['ca_file'] %>
# Certificate file to use when starting the server securely
cert_file=<%= node['openstack']['compute']['image']['ssl']['cert_file'] %>
# Private key file to use when starting the server securely
key_file=<%= node['openstack']['compute']['image']['ssl']['key_file'] %>
[conductor]
use_local=<%= node["openstack"]["compute"]["conductor"]["use_local"] %>
<% if node["openstack"]["compute"]["conductor"]["workers"] %>
workers=<%= node["openstack"]["compute"]["conductor"]["workers"] %>
<% end %>
<% if %w(vmwareapi.VMwareESXDriver vmwareapi.VMwareVCDriver).include?(node['openstack']['compute']['driver']) %>
[vmware]
#
# Options defined in nova.virt.vmwareapi.driver
#
# URL for connection to VMware ESX/VC host. (string value)
host_ip = <%= node['openstack']['compute']['vmware']['host_ip'] %>
# Username for connection to VMware ESX/VC host. (string
# value)
host_username = <%= node['openstack']['compute']['vmware']['host_username'] %>
# Password for connection to VMware ESX/VC host. (string
# value)
host_password = <%= @vmware_host_pass %>
<% if node['openstack']['compute']['vmware']['cluster_name'] %>
# Name of a VMware Cluster ComputeResource. Used only if
# compute_driver is vmwareapi.VMwareVCDriver. (multi valued)
<% node['openstack']['compute']['vmware']['cluster_name'].each do |cluster| %>
cluster_name = <%= cluster %>
<% end %>
<% end %>
<% if node['openstack']['compute']['vmware']['datastore_regex'] %>
# Regex to match the name of a datastore. (string value)
datastore_regex = <%= node['openstack']['compute']['vmware']['datastore_regex'] %>
<% end %>
# The interval used for polling of remote tasks. (floating
# point value)
task_poll_interval = <%= node['openstack']['compute']['vmware']['task_poll_interval'] %>
# The number of times we retry on failures, e.g., socket
# error, etc. (integer value)
api_retry_count = <%= node['openstack']['compute']['vmware']['api_retry_count'] %>
# VNC starting port (integer value)
vnc_port = <%= node['openstack']['compute']['vmware']['vnc_port'] %>
# Total number of VNC ports (integer value)
vnc_port_total = <%= node['openstack']['compute']['vmware']['vnc_port_total'] %>
# Whether to use linked clone (boolean value)
use_linked_clone = <%= node['openstack']['compute']['vmware']['use_linked_clone'] %>
#
# Options defined in nova.virt.vmwareapi.vif
#
# Physical ethernet adapter name for vlan networking (string
# value)
vlan_interface = <%= node['openstack']['compute']['vmware']['vlan_interface'] %>
<% if node['openstack']['compute']['vmware']['wsdl_location'] %>
#
# Options defined in nova.virt.vmwareapi.vim
#
# Optional VIM Service WSDL Location e.g
# http://<server>/vimService.wsdl. Optional over-ride to
# default location for bug work-arounds (string value)
wsdl_location = <%= node['openstack']['compute']['vmware']['wsdl_location'] %>
<% end %>
#
# Options defined in nova.virt.vmwareapi.vim_util
#
# The maximum number of ObjectContent data objects that should
# be returned in a single result. A positive value will cause
# the operation to suspend the retrieval when the count of
# objects reaches the specified maximum. The server may still
# limit the count to something less than the configured value.
# Any remaining objects may be retrieved with additional
# requests. (integer value)
maximum_objects = <%= node['openstack']['compute']['vmware']['maximum_objects'] %>
#
# Options defined in nova.virt.vmwareapi.vmops
#
# Name of Integration Bridge (string value)
integration_bridge = <%= node['openstack']['compute']['vmware']['integration_bridge'] %>
<% end %>
[libvirt]
#
# Options defined in nova.virt.libvirt.driver
#
# Rescue ami image (string value)
#rescue_image_id=<None>
# Rescue aki image (string value)
#rescue_kernel_id=<None>
# Rescue ari image (string value)
#rescue_ramdisk_id=<None>
# Libvirt domain type (valid options are: kvm, lxc, qemu, uml,
# xen) (string value)
# Deprecated group/name - [DEFAULT]/libvirt_type
virt_type=<%= node["openstack"]["compute"]["libvirt"]["virt_type"] %>
# Override the default libvirt URI (which is dependent on
# virt_type) (string value)
# Deprecated group/name - [DEFAULT]/libvirt_uri
#connection_uri=
# Inject the admin password at boot time, without an agent.
# (boolean value)
# Deprecated group/name - [DEFAULT]/libvirt_inject_password
inject_password=<%= node["openstack"]["compute"]["libvirt"]["libvirt_inject_password"] %>
# Inject the ssh public key at boot time (boolean value)
# Deprecated group/name - [DEFAULT]/libvirt_inject_key
inject_key=<%= node["openstack"]["compute"]["libvirt"]["libvirt_inject_key"] %>
# The partition to inject to : -2 => disable, -1 => inspect
# (libguestfs only), 0 => not partitioned, >0 => partition
# number (integer value)
# Deprecated group/name - [DEFAULT]/libvirt_inject_partition
inject_partition=<%= node["openstack"]["compute"]["libvirt"]["libvirt_inject_partition"] %>
# Sync virtual and real mouse cursors in Windows VMs (boolean value)
use_usb_tablet=<%= node["openstack"]["compute"]["config"]["use_usb_tablet"] %>
# Migration target URI (any included "%s" is replaced with the
# migration target hostname) (string value)
live_migration_uri=<%= node["openstack"]["compute"]["libvirt"]["live_migration_uri"] %>
# Migration flags to be set for live migration (string value)
live_migration_flag=<%= node["openstack"]["compute"]["libvirt"]["live_migration_flag"] %>
# Migration flags to be set for block migration (string value)
block_migration_flag=<%= node["openstack"]["compute"]["libvirt"]["block_migration_flag"] %>
# Maximum bandwidth to be used during migration, in Mbps
# (integer value)
live_migration_bandwidth=<%= node["openstack"]["compute"]["libvirt"]["live_migration_bandwidth"] %>
# Snapshot image format (valid options are : raw, qcow2, vmdk,
# vdi). Defaults to same as source image (string value)
snapshot_image_format=<%= node["openstack"]["compute"]["config"]["snapshot_image_format"] %>
# The libvirt VIF driver to configure the VIFs. (string value)
# Deprecated group/name - [DEFAULT]/libvirt_vif_driver
vif_driver=<%= node["openstack"]["compute"]["network"]["neutron"]["libvirt_vif_driver"] %>
# Libvirt handlers for remote volumes. (list value)
# Deprecated group/name - [DEFAULT]/libvirt_volume_drivers
#volume_drivers=iscsi=nova.virt.libvirt.volume.LibvirtISCSIVolumeDriver,iser=nova.virt.libvirt.volume.LibvirtISERVolumeDriver,local=nova.virt.libvirt.volume.LibvirtVolumeDriver,fake=nova.virt.libvirt.volume.LibvirtFakeVolumeDriver,rbd=nova.virt.libvirt.volume.LibvirtNetVolumeDriver,sheepdog=nova.virt.libvirt.volume.LibvirtNetVolumeDriver,nfs=nova.virt.libvirt.volume.LibvirtNFSVolumeDriver,aoe=nova.virt.libvirt.volume.LibvirtAOEVolumeDriver,glusterfs=nova.virt.libvirt.volume.LibvirtGlusterfsVolumeDriver,fibre_channel=nova.virt.libvirt.volume.LibvirtFibreChannelVolumeDriver,scality=nova.virt.libvirt.volume.LibvirtScalityVolumeDriver
# Override the default disk prefix for the devices attached to
# a server, which is dependent on virt_type. (valid options
# are: sd, xvd, uvd, vd) (string value)
# Deprecated group/name - [DEFAULT]/libvirt_disk_prefix
#disk_prefix=<None>
# Number of seconds to wait for instance to shut down after
# soft reboot request is made. We fall back to hard reboot if
# instance does not shutdown within this window. (integer
# value)
# Deprecated group/name - [DEFAULT]/libvirt_wait_soft_reboot_seconds
#wait_soft_reboot_seconds=120
# Set to "host-model" to clone the host CPU feature flags; to
# "host-passthrough" to use the host CPU model exactly; to
# "custom" to use a named CPU model; to "none" to not set any
# CPU model. If virt_type="kvm|qemu", it will default to
# "host-model", otherwise it will default to "none" (string
# value)
# Deprecated group/name - [DEFAULT]/libvirt_cpu_mode
<% if node["openstack"]["compute"]["libvirt"]["cpu_mode"] -%>
cpu_mode=<%= node["openstack"]["compute"]["libvirt"]["cpu_mode"] %>
<% elsif node["openstack"]["compute"]["libvirt"]["virt_type"] == "qemu" -%>
cpu_mode=none
<% end -%>
# Set to a named libvirt CPU model (see names listed in
# /usr/share/libvirt/cpu_map.xml). Only has effect if
# cpu_mode="custom" and virt_type="kvm|qemu" (string value)
# Deprecated group/name - [DEFAULT]/libvirt_cpu_model
#cpu_model=<none>
# Location where libvirt driver will store snapshots before
# uploading them to image service (string value)
# Deprecated group/name - [DEFAULT]/libvirt_snapshots_directory
#snapshots_directory=$instances_path/snapshots
# Location where the Xen hvmloader is kept (string value)
#xen_hvmloader_path=/usr/lib/xen/boot/hvmloader
# Specific cachemodes to use for different disk types e.g:
# file=directsync,block=none (list value)
<% if node["openstack"]["compute"]["config"]["disk_cachemodes"] %>
disk_cachemodes=<%= node["openstack"]["compute"]["config"]["disk_cachemodes"] %>
<% end %>
# A path to a device that will be used as source of entropy on
# the host. Permitted options are: /dev/random or /dev/hwrng
# (string value)
<% if node["openstack"]["compute"]["libvirt"]["rng_dev_path"] -%>
rng_dev_path=<%= node["openstack"]["compute"]["libvirt"]["rng_dev_path"] %>
<% end -%>
#
# Options defined in nova.virt.libvirt.imagecache
#
# Unused resized base images younger than this will not be removed (default: 3600)
remove_unused_resized_minimum_age_seconds=<%= node["openstack"]["compute"]["libvirt"]["remove_unused_resized_minimum_age_seconds"] %>
# Write a checksum for files in _base to disk (default: false)
checksum_base_images=<%= node["openstack"]["compute"]["libvirt"]["checksum_base_images"] %>
#
# Options defined in nova.virt.libvirt.vif
#
<% if node["openstack"]["compute"]["libvirt"]["virt_type"] == "qemu" -%>
use_virtio_for_bridges=false
<% else -%>
use_virtio_for_bridges=true
<% end -%>
#
# Options defined in nova.virt.libvirt.imagebackend
#
# VM Images format. Acceptable values are: raw, qcow2, lvm, rbd, default. If default is specified,
# then use_cow_images flag is used instead of this one.
images_type=<%= node['openstack']['compute']['libvirt']['images_type'] %>
<% if node['openstack']['compute']['libvirt']['images_type'] == 'lvm' -%>
images_volume_group=<%= node['openstack']['compute']['libvirt']['volume_group'] %>
sparse_logical_volumes=<%= node['openstack']['compute']['libvirt']['sparse_logical_volumes'] %>
<% elsif node['openstack']['compute']['libvirt']['images_type'] == 'rbd' -%>
images_rbd_pool=<%= node['openstack']['compute']['libvirt']['rbd']['nova']['pool'] %>
images_rbd_ceph_conf=<%= node['openstack']['compute']['libvirt']['rbd']['ceph_conf'] %>
#
# Options defined in nova.virt.libvirt.volume
#
# The RADOS client name for accessing rbd volumes (string value)
# NOTE that if these two options are set here, it will override the rbd_user that cinder provides
# for nova in netdisk_properties:
# https://github.com/openstack/nova/blob/c15dff2e9978fe851c73e92ab7f9b46e27de81ba/nova/virt/libvirt/volume.py#L217-L229
rbd_user=<%= node['openstack']['compute']['libvirt']['rbd']['cinder']['user'] %>
# The libvirt UUID of the secret for the rbd images (string value)
rbd_secret_uuid=<%= node['openstack']['compute']['libvirt']['rbd']['cinder']['secret_uuid'] %>
<% end -%>
[keystone_authtoken]
auth_uri = <%= @auth_uri %>
identity_uri = <%= @identity_uri %>
auth_version = <%= node["openstack"]["compute"]["api"]["auth"]["version"] %>
admin_tenant_name = <%= node["openstack"]["compute"]["service_tenant_name"] %>
admin_user = <%= node["openstack"]["compute"]["service_user"] %>
admin_password = <%= @service_pass %>
signing_dir = <%= node["openstack"]["compute"]["api"]["auth"]["cache_dir"] %>
<% unless node['openstack']['compute']['api']['auth']['cafile'].nil? %>
cafile = <%= node['openstack']['compute']['api']['auth']['cafile'] %>
<% end %>
<% unless node['openstack']['compute']['api']['auth']['memcached_servers'].nil? %>
memcached_servers = <%= node['openstack']['compute']['api']['auth']['memcached_servers'] %>
<% end %>
<% unless node['openstack']['compute']['api']['auth']['memcache_security_strategy'].nil? %>
memcache_security_strategy = <%= node['openstack']['compute']['api']['auth']['memcache_security_strategy'] %>
<% end %>
<% unless node['openstack']['compute']['api']['auth']['memcache_secret_key'].nil? %>
memcache_secret_key = <%= node['openstack']['compute']['api']['auth']['memcache_secret_key'] %>
<% end %>
hash_algorithms = <%= node['openstack']['compute']['api']['auth']['hash_algorithms'] %>
insecure = <%= node['openstack']['compute']['api']['auth']['insecure'] %>
<% if node['openstack']['compute']['network']['service_type'] == 'neutron' %>
[neutron]
# N.B. due to https://bugs.launchpad.net/nova/+bug/1206330
# we override the endpoint scheme below, ignore the port
# and essentially force http
<% if @network_endpoint.port == 443 -%>
url=http://<%= @network_endpoint.host %>:80
<% else -%>
url=<%= @network_endpoint.scheme %>://<%= @network_endpoint.host %>:<%= @network_endpoint.port %>
<% end -%>
insecure=<%= node['openstack']['compute']['network']['neutron']['insecure'] %>
auth_strategy=<%= node["openstack"]["compute"]["network"]["neutron"]["auth_strategy"] %>
admin_tenant_name=<%= node["openstack"]["compute"]["network"]["neutron"]["admin_tenant_name"] %>
admin_username=<%= node["openstack"]["compute"]["network"]["neutron"]["admin_username"] %>
admin_password=<%= @neutron_admin_password %>
admin_auth_url=<%= @identity_endpoint.to_s %>
timeout=<%= node["openstack"]["compute"]["network"]["neutron"]["timeout"] %>
region_name=<%= node["openstack"]["compute"]["network"]["neutron"]["region_name"] %>
ovs_bridge=<%= node["openstack"]["compute"]["network"]["neutron"]["ovs_bridge"] %>
extension_sync_interval=<%= node["openstack"]["compute"]["network"]["neutron"]["extension_sync_interval"] %>
cafile=<%= node["openstack"]["compute"]["network"]["neutron"]["cafile"] %>
service_metadata_proxy=<%= node["openstack"]["compute"]["network"]["neutron"]["service_neutron_metadata_proxy"] %>
metadata_proxy_shared_secret=<%= @neutron_metadata_proxy_shared_secret %>
<% end %>
[glance]
api_servers=<%= @glance_api_scheme %>://<%= @glance_api_ipaddress %>:<%= @glance_api_port %>
insecure=<%= node['openstack']['compute']['image']['glance_insecure'] %>
allowed_direct_url_schemes=<%= node['openstack']['compute']['image']['allowed_direct_url_schemes'].join(',') %>
[cinder]
# Location of ca certificates file to use for cinder client requests
cafile=<%= node['openstack']['compute']['block-storage']['cinder_cafile'] %>
# Allow to perform insecure SSL requests to cinder
insecure=<%= node['openstack']['compute']['block-storage']['cinder_insecure'] %>
# Info to match when looking for cinder in the service catalog
catalog_info=<%= node['openstack']['compute']['block-storage']['cinder_catalog_info'] %>
# Region name of this node (string value)
os_region_name=<%= node['openstack']['region'] %>
[ironic]
#
# Options defined in nova.virt.ironic.driver
#
# URL for Ironic API endpoint. (string value)
api_endpoint=<%= @ironic_endpoint.scheme %>://<%= @ironic_endpoint.host %>:<%= @ironic_endpoint.port %>
# Ironic keystone admin name (string value)
admin_username=<%= node['openstack']['compute']['bare-metal']['admin_username'] %>
# Ironic keystone admin password. (string value)
admin_password=<%= @ironic_admin_password %>
# Keystone public API endpoint. (string value)
admin_url=<%= @identity_endpoint.to_s %>
# Log level override for ironicclient. Set this in order to
# override the global "default_log_levels", "verbose", and
# "debug" settings. (string value)
#client_log_level=<None>
# Ironic keystone tenant name. (string value)
admin_tenant_name=<%= node['openstack']['compute']['bare-metal']['admin_tenant_name'] %>
[keymgr]
#
#Options defined in nova.keymgr
#
#The full class name of the key manager API class (string value)
api_class=<%= node["openstack"]["compute"]["keymgr"]["api_class"] %>
#
# Options defined in nova.keymgr.conf_key_mgr
#
# Fixed key returned by key manager, specified in hex (string value)
<% if node["openstack"]["compute"]["keymgr"]["fixed_key"] -%>
fixed_key=<%= node["openstack"]["compute"]["keymgr"]["fixed_key"] %>
<% end -%>
[oslo_concurrency]
lock_path=<%= node["openstack"]["compute"]["lock_path"] %>
<% if @mq_service_type == "qpid" %>
[oslo_messaging_qpid]
#
# From oslo.messaging
#
# Use durable queues in AMQP. (boolean value)
# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
amqp_durable_queues=<%= node['openstack']['mq']['compute']['durable_queues'] %>
# Auto-delete queues in AMQP. (boolean value)
amqp_auto_delete=<%= node['openstack']['mq']['compute']['auto_delete'] %>
##### QPID #####
qpid_hostname=<%= node["openstack"]["mq"]["compute"]["qpid"]["host"] %>
qpid_port=<%= node["openstack"]["mq"]["compute"]["qpid"]["port"] %>
qpid_password=<%= @mq_password %>
qpid_username=<%= node["openstack"]["mq"]["compute"]["qpid"]["username"] %>
qpid_sasl_mechanisms=<%= node["openstack"]["mq"]["compute"]["qpid"]["sasl_mechanisms"] %>
qpid_reconnect_timeout=<%= node["openstack"]["mq"]["compute"]["qpid"]["reconnect_timeout"] %>
qpid_reconnect_limit=<%= node["openstack"]["mq"]["compute"]["qpid"]["reconnect_limit"] %>
qpid_reconnect_interval_min=<%= node["openstack"]["mq"]["compute"]["qpid"]["reconnect_interval_min"] %>
qpid_reconnect_interval_max=<%= node["openstack"]["mq"]["compute"]["qpid"]["reconnect_interval_max"] %>
qpid_reconnect_interval=<%= node["openstack"]["mq"]["compute"]["qpid"]["reconnect_interval"] %>
qpid_heartbeat=<%= node["openstack"]["mq"]["compute"]["qpid"]["heartbeat"] %>
# qpid protocol. default 'tcp'. set to 'ssl' to enable SSL
qpid_protocol=<%= node["openstack"]["mq"]["compute"]["qpid"]["protocol"] %>
qpid_tcp_nodelay=<%= node["openstack"]["mq"]["compute"]["qpid"]["tcp_nodelay"] %>
qpid_topology_version=<%= node['openstack']['mq']['compute']['qpid']['topology_version'] %>
<% end %>
<% if @mq_service_type == "rabbitmq" %>
[oslo_messaging_rabbit]
#
# From oslo.messaging
#
# Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disable the heartbeat)
heartbeat_timeout_threshold=<%= node['openstack']['mq']['compute']['rabbit']['heartbeat_timeout_threshold'] %>
# How often times during the heartbeat_timeout_threshold we check the heartbeat
heartbeat_rate=<%= node['openstack']['mq']['compute']['rabbit']['heartbeat_rate'] %>
# Use durable queues in AMQP. (boolean value)
# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
amqp_durable_queues=<%= node['openstack']['mq']['compute']['durable_queues'] %>
# Auto-delete queues in AMQP. (boolean value)
amqp_auto_delete=<%= node['openstack']['mq']['compute']['auto_delete'] %>
<% if node['openstack']['mq']['compute']['rabbit']['use_ssl'] -%>
# Connect over SSL for RabbitMQ. (boolean value)
rabbit_use_ssl=true
<% if node['openstack']['mq']['compute']['rabbit']['kombu_ssl_version'] -%>
# SSL version to use (valid only if SSL enabled). valid values
# are TLSv1 and SSLv23. SSLv2 and SSLv3 may be available on
# some distributions. (string value)
kombu_ssl_version=<%= node['openstack']['mq']['compute']['rabbit']['kombu_ssl_version'] %>
<% end -%>
<% if node['openstack']['mq']['compute']['rabbit']['kombu_ssl_keyfile'] -%>
# SSL key file (valid only if SSL enabled)
kombu_ssl_keyfile=<%= node['openstack']['mq']['compute']['rabbit']['kombu_ssl_keyfile'] %>
<% end -%>
<% if node['openstack']['mq']['compute']['rabbit']['kombu_ssl_certfile'] -%>
# SSL cert file (valid only if SSL enabled)
kombu_ssl_certfile=<%= node['openstack']['mq']['compute']['rabbit']['kombu_ssl_certfile'] %>
<% end -%>
<% if node['openstack']['mq']['compute']['rabbit']['kombu_ssl_ca_certs'] -%>
# SSL certification authority file (valid only if SSL enabled)
kombu_ssl_ca_certs=<%= node['openstack']['mq']['compute']['rabbit']['kombu_ssl_ca_certs'] %>
<% end -%>
# How long to wait before reconnecting in response to an AMQP consumer cancel notification
kombu_reconnect_delay=<%= node['openstack']['mq']['compute']['rabbit']['kombu_reconnect_delay'] %>
# How long to wait before considering a reconnect attempt to have failed.
# This value should not be longer than rpc_response_timeout
kombu_reconnect_timeout=<%= node['openstack']['mq']['compute']['rabbit']['kombu_reconnect_timeout'] %>
<% end -%>
##### RABBITMQ #####
rabbit_userid=<%= node["openstack"]["mq"]["compute"]["rabbit"]["userid"] %>
rabbit_password=<%= @mq_password %>
rabbit_virtual_host=<%= node["openstack"]["mq"]["compute"]["rabbit"]["vhost"] %>
# Maximum retries with trying to connect to RabbitMQ
# (the default of 0 implies an infinite retry count)
rabbit_max_retries=<%= node["openstack"]["mq"]["compute"]["rabbit"]["rabbit_max_retries"] %>
# RabbitMQ connection retry interval
rabbit_retry_interval=<%= node["openstack"]["mq"]["compute"]["rabbit"]["rabbit_retry_interval"] %>
<% if node["openstack"]["mq"]["compute"]["rabbit"]["ha"] -%>
rabbit_hosts=<%= @rabbit_hosts %>
rabbit_ha_queues=True
<% else -%>
rabbit_host=<%= node["openstack"]["mq"]["compute"]["rabbit"]["host"] %>
rabbit_port=<%= node["openstack"]["mq"]["compute"]["rabbit"]["port"] %>
<% end -%>
<% end -%>
<% if node['openstack']['compute']['upgrade_levels'] -%>
# Lock the version of RPC messages and allow live upgrading of the services
# without interruption caused by version mismatch.
# Add upgrade_levels for order rpc API, ex. compute = juno
[upgrade_levels]
<% node['openstack']['compute']['upgrade_levels'].each do |key, val| %>
<%= key %> = <%= val %>
<% end -%>
<% end -%>
# Image file url support, add new sections here
<% if node['openstack']['compute']['image']['filesystems'] -%>
[image_file_url]
filesystems=<%= node['openstack']['compute']['image']['filesystems'].keys.join(',') %>
<% node['openstack']['compute']['image']['filesystems'].each do |section, opts| %>
[image_file_url:<%= section %>]
<% opts.each do |key, value| %>
<%= key %>=<%= value %>
<% end %>
<% end %>
<% end %>
[serial_console]
#
# Serial console configuration
#
# Enable serial console related features
enabled=<%= node['openstack']['compute']['serial_console']['enable'] %>
# Location of serial console proxy
base_url=<%= @serial_console_base_url %>
# Range of TCP ports to use for serial ports on compute hosts
port_range=<%= node['openstack']['compute']['serial_console']['port_range'] %>
# The address to which proxy clients (like nova-serialproxy) should connect
proxyclient_address=<%= @serial_console_proxyclient_address %>

10
templates/default/rootwrap.conf.erb
View File

@ -6,24 +6,24 @@
[DEFAULT]
# List of directories to load filter definitions from (separated by ',').
# These directories MUST all be only writeable by root !
filters_path=<%= node['openstack']['compute']['rootwrap']['filters_path'] %>
filters_path = <%= node['openstack']['compute']['rootwrap']['filters_path'] %>
# List of directories to search executables in, in case filters do not
# explicitely specify a full path (separated by ',')
# If not specified, defaults to system PATH environment variable.
# These directories MUST all be only writeable by root !
exec_dirs=<%= node['openstack']['compute']['rootwrap']['exec_dirs'] %>
exec_dirs = <%= node['openstack']['compute']['rootwrap']['exec_dirs'] %>
# Enable logging to syslog
# Default value is False
use_syslog=<%= node['openstack']['compute']['rootwrap']['use_syslog'] %>
use_syslog = <%= node['openstack']['compute']['rootwrap']['use_syslog'] %>
# Which syslog facility to use.
# Valid values include auth, authpriv, syslog, local0, local1...
# Default value is 'syslog'
syslog_log_facility=<%= node['openstack']['compute']['rootwrap']['syslog_log_facility'] %>
syslog_log_facility = <%= node['openstack']['compute']['rootwrap']['syslog_log_facility'] %>
# Which messages to log.
# INFO means log all usage
# ERROR means only log unsuccessful attempts
syslog_log_level=<%= node['openstack']['compute']['rootwrap']['syslog_log_level'] %>
syslog_log_level = <%= node['openstack']['compute']['rootwrap']['syslog_log_level'] %>